Beispiel #1
0
        $db = new DB("messages");
        $db->setColPrefix("message_");
        $db->sender = USER_ID;
        $db->receiver = $this->uid;
        $db->content = $_POST['msg'];
        $db->added = time();
        $db->insert();
    } catch (Exception $e) {
        echo error(_t($e->getMessage()));
    }
}
if ($this->uid != 0) {
    ?>

    <div class="reply">
        <form method="post">
            <input type="hidden" name="secure_input" value="<?php 
    echo $_SESSION['secure_token_last'];
    ?>
">
            <div style="float:left; width: 460px; padding-left: 120px;">
                <?php 
    echo bbeditor("msg", 5, 52);
    ?>
            </div>
            <input type="submit" name="reply">
        </form>
    </div>

    <?php 
}
Beispiel #2
0
    ?>
" />
            <tr>
                <td><?php 
    echo _t("Subject:");
    ?>
</td>
                <td><input type="text" name="subject" value="<?php 
    echo isset($_POST['subject']) ? $_POST['subject'] : "";
    ?>
" size="50"></td>
            </tr>
            <tr><td></td>
                <td>
                    <?php 
    echo bbeditor("content", 15, 80, isset($_POST['content']) ? $_POST['content'] : "");
    ?>
                </td>
            </tr>
            <tr><td></td><td>
                    <input type="submit" name="create" value="<?php 
    echo _t("Create topic");
    ?>
" /> <input type="submit" name="preview" value="<?php 
    echo _t("Preview");
    ?>
" />
                </td>
            </tr>
        </table>
    </form>
Beispiel #3
0
echo _t("FAQ");
?>
</option><option value="rules"><?php 
echo _t("Rules");
?>
</option></select></td>
            <td width="50px"><?php 
echo _t("Language");
?>
</td>
            <td><select name="lang"><?php 
echo getLanguages();
?>
</select></td>
        </tr>
        <tr>
            <td colspan="6"><?php 
echo bbeditor("content", 25, 110);
?>
            </td>
        </tr>
        <tr>
            <td colspan="5">
                <input type="submit" name="create" value="<?php 
echo _t("Create document");
?>
" />
            </td>
        </tr>
    </table>
</form>
Beispiel #4
0
    echo htmlformat($db->subject);
    ?>
</h4><br />
    <form method="post">
        <input type="hidden" name="secure_input" value="<?php 
    echo $_SESSION['secure_token_last'];
    ?>
">
        <?php 
    echo _t("Subject");
    ?>
: <input type="text" name="subject" size="50" value="<?php 
    echo $db->subject;
    ?>
"><br />
        <?php 
    echo bbeditor("content", 17, 70, $db->content);
    ?>
        <input type="submit" name="save" value="<?php 
    echo _t("Save");
    ?>
" /> <input type="submit" name="preview" value="<?php 
    echo _t("Preview");
    ?>
" />
    </form>

    <?php 
} catch (Exception $e) {
    echo error(_t($e->getMessage()));
}
Beispiel #5
0
        $db = new DB("rules");
        $db->setColPrefix("rule_");
        $db->select("rule_lang = '" . $db->escape($_GET['lang']) . "'");
        if (!$db->numRows()) {
            throw new Exception("Language not found");
        }
        $db->nextRecord();
    }
    if ($this->type == "faq") {
        echo "<h4>" . _t("Editing FAQ") . "</h4>";
    } else {
        if ($this->type == "rules") {
            echo "<h4>" . _t("Editing Rules") . "</h4>";
        }
    }
    ?>

    <form method="post">
        <?php 
    echo bbeditor("content", 25, 110, $db->content);
    ?>
<br />
        <input type="submit" name="save" value="<?php 
    echo _t("Save");
    ?>
" />
    </form>
    <?php 
} catch (Exception $e) {
    echo error(_t($e->getMessage()));
}
Beispiel #6
0
    ?>

    <h4><?php 
    echo _t("Composing news post");
    ?>
</h4><br />
    <form method="post">
        <input type="hidden" name="secure_input" value="<?php 
    echo $_SESSION['secure_token_last'];
    ?>
">
        <?php 
    echo _t("Subject");
    ?>
: <input type="text" name="subject" size="50" value=""><br />
        <?php 
    echo bbeditor("content", 17, 70);
    ?>
        <input type="submit" name="compose" value="<?php 
    echo _t("Publish");
    ?>
" /> <input type="submit" name="preview" value="<?php 
    echo _t("Preview");
    ?>
" />
    </form>

    <?php 
} catch (Exception $e) {
    echo error(_t($e->getMessage()));
}
Beispiel #7
0
$this->setSidebar(true);
?>

<h4><?php 
echo _t("Open new support ticket");
?>
</h4>
<form method="post">
    <table>
        <tr>
            <td>Subject:</td>
            <td><input type="text" name="subject" size="40" /></td>
        </tr>
        <tr>
            <td colspan="2"><?php 
echo bbeditor("message", 12, 70);
?>
</td>
        </tr>
        <tr>
            <td colspan="2"><input type="submit" name="open" value="<?php 
echo _t("Open ticket");
?>
"></td>
        </tr>
    </table>
</form>

<?php 
if (isset($_POST['open'])) {
    try {
Beispiel #8
0
 public function actionPost()
 {
     $userId = $this->userId;
     $i = 0;
     $action = '';
     foreach ($_GET as $var => $val) {
         if ($i == 1) {
             $action .= "&" . $var . "=" . $val;
         }
         if ($val == 'post') {
             $action .= "+" . $val;
             $i = 1;
         }
     }
     $table_name = "forum_threads";
     $table1_name = "forum_posts";
     $table2_name = "forum_module";
     if (isset($_GET['subaction'])) {
         $subaction = escape($_GET['subaction']);
     }
     global $urlRequestRoot, $moduleFolder, $cmsFolder, $templateFolder, $sourceFolder;
     $temp = $urlRequestRoot . "/" . $cmsFolder . "/" . $moduleFolder . "/forum/images";
     require_once "{$sourceFolder}/{$moduleFolder}/forum/bbeditor.php";
     require_once "{$sourceFolder}/{$moduleFolder}/forum/bbparser.php";
     $q = "SELECT * FROM `{$table2_name}` WHERE `page_modulecomponentid`='{$this->moduleComponentId}' LIMIT 1";
     $res = mysql_query($q);
     $rows = mysql_fetch_array($res);
     $access_level = $rows['forum_moderated'];
     if ($access_level) {
         $approve = 0;
         $access = "moderated";
     } else {
         $approve = 1;
         $access = "public";
     }
     $moderator = getPermissions($this->userId, getPageIdFromModuleComponentId("forum", $this->moduleComponentId), "moderate");
     if ($moderator) {
         $approve = 1;
     }
     if (isset($_POST['post'])) {
         if ($subaction == "create_thread" || $subaction == "") {
             if (!$_POST['subject'] || !$_POST['message']) {
                 $editor = bbeditor();
                 return "You did not fill all the fields!" . $editor;
             } else {
                 $datetime = date("Y-m-d H:i:s");
                 $message = $_POST['message'];
                 $subject = addslashes(htmlspecialchars($_POST['subject']));
                 $message = addslashes(htmlspecialchars(parsenewline(nl2br($message))));
                 if (isset($_POST['sticky']) && $moderator) {
                     $category = "sticky";
                 } else {
                     $category = "general";
                 }
                 $query = "SELECT MAX(`forum_thread_id`) AS MAX FROM `forum_threads`";
                 $result = mysql_query($query);
                 $row1 = mysql_fetch_assoc($result);
                 $threadid = $row1['MAX'] + 1;
                 $sql = "INSERT INTO `{$table_name}`(`forum_thread_id` ,`page_modulecomponentid` ,`forum_thread_category` ,`forum_access_status` ," . "`forum_thread_topic` ,`forum_detail` ,`forum_thread_user_id` ,`forum_thread_datetime` ,`forum_post_approve` ," . "`forum_thread_viewcount` ,`forum_thread_last_post_userid` ,`forum_thread_lastpost_date`)" . " VALUES('{$threadid}', '{$this->moduleComponentId}', '{$category}', '{$access}', '{$subject}', '{$message}'," . " '{$userId}', '{$datetime}', '{$approve}', '1','{$userId}', '{$datetime}')";
                 $result = mysql_query($sql) or displayerror(mysql_error() . "Create New Thread failed L:550");
                 if ($result) {
                     $sql1 = "SELECT * FROM `{$table2_name}` WHERE `page_modulecomponentid`='{$this->moduleComponentId}' LIMIT 1";
                     $result1 = mysql_query($sql1);
                     $rows1 = mysql_fetch_array($result1);
                     $total_thread_count = $rows['total_thread_count'];
                     // count more value
                     $net_thread_count = $total_thread_count + 1;
                     $sql2 = "UPDATE `{$table2_name}` SET `total_thread_count`='{$net_thread_count}', `last_post_userid`='{$userId}'," . " `last_post_datetime`='{$datetime}' WHERE `page_modulecomponentid`='{$this->moduleComponentId}' LIMIT 1";
                     $result2 = mysql_query($sql2);
                     if ($access == "moderated" && !$moderator) {
                         displayinfo("You have successfully created a new thread.It will be published after getting the moderator's approval." . "<br />");
                     } else {
                         displayinfo("You have successfully created a new thread.<br />");
                     }
                 } else {
                     displayerror("Sorry! Your thread could not be created now. Please try again later!");
                 }
                 return $this->actionView();
             }
         } else {
             if ($subaction == "post_reply") {
                 if (!$_POST['subject'] || !$_POST['message']) {
                     $editor = bbeditor();
                     return "You did not fill all the fields!" . $editor;
                 } else {
                     $forum_id = escape($_GET['thread_id']);
                     $datetime = date("Y-m-d H:i:s");
                     $message = $_POST['message'];
                     $subject = addslashes(htmlspecialchars($_POST['subject']));
                     $message = addslashes(htmlspecialchars(parsenewline(nl2br($message))));
                     $sql7 = "SELECT MAX(`forum_post_id`) AS Maxpost_id FROM `{$table1_name}` WHERE `forum_thread_id` = '{$forum_id}'";
                     $res = mysql_query($sql7);
                     $rows = mysql_fetch_array($res);
                     // add + 1 to highest answer number and keep it in variable name "$Max_id". if there no answer yet set it = 1
                     if ($rows) {
                         $Max_id = $rows['Maxpost_id'] + 1;
                     } else {
                         $Max_id = 1;
                     }
                     $sql = "INSERT INTO `{$table1_name}`( `page_modulecomponentid` , `forum_thread_id` , `forum_post_id` , `forum_post_user_id` , `forum_post_title` , " . "`forum_post_content` , `forum_post_datetime` , `forum_post_approve` ) VALUES( '{$this->moduleComponentId}','{$forum_id}', '{$Max_id}'," . " '{$userId}', '{$subject}', '{$message}', '{$datetime}', '{$approve}')";
                     $result = mysql_query($sql) or displayerror(mysql_error() . "Post failed L:594");
                     if ($result) {
                         $sql1 = "SELECT * FROM `{$table_name}` WHERE `page_modulecomponentid`='{$this->moduleComponentId}' AND `forum_thread_id`={$forum_id}" . " LIMIT 1";
                         $result1 = mysql_query($sql1);
                         $rows1 = mysql_fetch_array($result1);
                         $sql2 = "UPDATE `{$table_name}` SET  `forum_thread_last_post_userid`='{$userId}', " . "`forum_thread_lastpost_date`='{$datetime}' " . "WHERE `page_modulecomponentid`='{$this->moduleComponentId}' AND `forum_thread_id`='{$forum_id}' LIMIT 1";
                         $result2 = mysql_query($sql2);
                         $sql3 = "SELECT * FROM `{$table2_name}` WHERE `page_modulecomponentid`='{$this->moduleComponentId}' LIMIT 1";
                         $result3 = mysql_query($sql3);
                         $rows3 = mysql_fetch_array($result3);
                         $sql4 = "UPDATE `{$table2_name}` SET  `last_post_userid`='{$userId}', " . "`last_post_datetime`='{$datetime}' WHERE `page_modulecomponentid`='{$this->moduleComponentId}' LIMIT 1";
                         $result4 = mysql_query($sql4);
                         if ($rows1['forum_access_status'] == "moderated" && !$moderator) {
                             displayinfo("You have successfully posted your reply.It will be published after getting the moderator's approval." . "<br />");
                         } else {
                             displayinfo("You have successfully posted your reply!");
                         }
                     } else {
                         displayerror("Sorry! Your reply could not be posted now. Please try again later!");
                     }
                     $forumHtml = '';
                     $thread_id = $forum_id;
                     $sql = "SELECT * FROM `{$table_name}` WHERE `forum_thread_id`='{$thread_id}' AND `page_modulecomponentid`='{$this->moduleComponentId}' LIMIT 1";
                     $result1 = mysql_query($sql);
                     $rows = mysql_fetch_array($result1);
                     $threadUserId = $rows['forum_thread_user_id'];
                     $forum_topic = parseubb(parsesmileys($rows['forum_thread_topic']));
                     $forum_detail = parseubb(parsesmileys($rows['forum_detail']));
                     $name = getUserName($rows['forum_thread_user_id']);
                     $posts = $this->getTotalPosts($rows['forum_thread_user_id']);
                     $reg_date = $this->getRegDateFromUserID($rows['forum_thread_user_id']);
                     $forumHtml = $this->forumHtml($rows, 'threadHead');
                     if ($rows['forum_post_approve'] == 1) {
                         $forumHtml .= $this->forumHtml($rows, 'threadMain');
                     }
                     $sql2 = "SELECT * FROM `{$table1_name}` WHERE `forum_thread_id`='{$thread_id}' AND `forum_post_approve` = 1 AND `page_modulecomponentid`='{$this->moduleComponentId}' ORDER BY `forum_post_id` ASC";
                     $result2 = mysql_query($sql2);
                     while ($rows = mysql_fetch_array($result2)) {
                         $forumHtml .= $this->forumHtml($rows, 'threadMain', 1);
                     }
                     $sql3 = "SELECT `forum_thread_viewcount` FROM `{$table_name}` WHERE `forum_thread_id`='{$thread_id}' AND `page_modulecomponentid`='{$this->moduleComponentId}'";
                     $result3 = mysql_query($sql3);
                     $rows = mysql_fetch_array($result3);
                     $view = $rows['forum_thread_viewcount'];
                     // count more value
                     $addview = $view + 1;
                     $sql5 = "UPDATE `{$table_name}` SET `forum_thread_viewcount`='{$addview}' WHERE forum_thread_id='{$thread_id}' AND `page_modulecomponentid`='{$this->moduleComponentId}' LIMIT 1";
                     $result5 = mysql_query($sql5);
                     $forumHtml .= '</table> ';
                     return $forumHtml;
                 }
             }
         }
     } else {
         if (isset($_POST['preview'])) {
             $message = escape($_POST['message']);
             $subject = addslashes(htmlspecialchars($_POST['subject']));
             $text = $message;
             $message = nl2br($message);
             $message = parseubb(parsesmileys(addslashes(htmlspecialchars(parsenewline($message)))));
             $editor = bbeditor($action, $subject, $text);
             return "<b>Subject :</b> " . $subject . "<br><b>Message :</b><br> " . $message . $editor;
         } else {
             if (isset($_GET['thread_id'])) {
                 $editor = bbeditor($action);
                 return $editor;
             } else {
                 $editor = bbeditor($action);
                 return $editor;
             }
         }
     }
 }
Beispiel #9
0
    ?>
</option>
            <option value='1' <?php 
    echo $db->status == 1 ? "SELECTED" : "";
    ?>
><?php 
    echo _t("Solved");
    ?>
</option>
        </select><br />
        <input type="hidden" name="secure_input" value="<?php 
    echo $_SESSION['secure_token_last'];
    ?>
">
        <?php 
    echo bbeditor("message", 7, 70);
    ?>
<br />
        <input type="submit" name="reply" value="<?php 
    echo _t("Reply");
    ?>
">
    </form>
    <div id="conv">
        <?php 
    if (isset($_POST['reply'])) {
        try {
            if ($_POST['secure_input'] != $_SESSION['secure_token']) {
                throw new Exception("Wrong secured token");
            }
            if (!empty($_POST['message'])) {
Beispiel #10
0
            </tbody>
        </table>
    </td>
    </table>
    <br />
    <h4><?php 
    echo _t("Comments");
    ?>
</h4>
    <form method="post">
        <input type="hidden" name="secure_input" value="<?php 
    echo $_SESSION['secure_token_last'];
    ?>
">
        <?php 
    echo bbeditor("content");
    ?>
        <input type="submit" name="comment" value="<?php 
    echo _t("Comment");
    ?>
" />
    </form>
    <div id="conv">
        <?php 
    if (isset($_POST['comment'])) {
        try {
            if ($_POST['secure_input'] != $_SESSION['secure_token']) {
                throw new Exception("Wrong secured token");
            }
            if (empty($_POST['content'])) {
                throw new Exception("cannot post a comment without a content");
Beispiel #11
0
    }
    if ($acl->Access("x")) {
        $allowed = true;
    }
    if (!$allowed) {
        throw new Exception("Not owner, access denied");
    }
    ?>
    <form method="post">
        <input type="hidden" name="secure_input" value="<?php 
    echo $_SESSION['secure_token_last'];
    ?>
">
        <input type="hidden" name="topic_id" value="<?php 
    echo $db->post_topic;
    ?>
" />
        <?php 
    echo bbeditor("content", 15, 80, $db->post_content);
    ?>
        <br />
        <input type="submit" name="reply" value="<?php 
    echo _t("Save");
    ?>
" />
    </form>

    <?php 
} catch (Exception $e) {
    echo error($e->getMessage());
}
Beispiel #12
0
        <input type="hidden" name="id" value="<?php 
    echo $db->id;
    ?>
">
        <table>
            <tr>
                <td width="120px">Title</td>
                <td><input type="text" name="title" value="<?php 
    echo $db->title;
    ?>
" size="30"></td>
            </tr>
            <tr>
                <td width="120px">Description</td>
                <td><?php 
    echo bbeditor("description", 10, 85, $db->description);
    ?>
</td>
            </tr>
            <tr>
                <td width="120px">Type</td>
                <td>
                    <select name="type">
                        <?php 
    foreach ($types as $id => $title) {
        echo "<option value='{$id}' " . ($db->type == $id ? "SELECTED" : "") . ">" . _t($title) . "</option>";
    }
    ?>
                    </select>
                </td>
            </tr>
Beispiel #13
0
        default:
            $msg = "<font color='red'>" . _t("unsolved") . "</font>";
            break;
        case 1:
            $msg = "<font color='green'>" . _t("solved") . "</font>";
            break;
    }
    ?>
    <h4><?php echo $db->subject; ?>: <?php echo $msg; ?></h4>
    <form method="post">
        <select name="status">
            <option value='0' <?php echo ($db->status == 0 ? "SELECTED" : "") ?>><?php echo _t("Unsolved") ?></option>
            <option value='1' <?php echo ($db->status == 1 ? "SELECTED" : "") ?>><?php echo _t("Solved") ?></option>
        </select><br />
        <input type="hidden" name="secure_input" value="<?php echo $_SESSION['secure_token_last'] ?>">
        <?php echo bbeditor("message", 7, 70) ?><br />
        <input type="submit" name="reply" value="<?php echo _t("Reply") ?>">
    </form>
    <div id="conv">
        <?php
        if (isset($_POST['reply'])) {
            try {

                if ($_POST['secure_input'] != $_SESSION['secure_token'])
                    throw new Exception("Wrong secured token");

                if (!empty($_POST['message'])) {
                    $db = new DB("support_messages");
                    $db->setColPrefix("message_");
                    $db->user = USER_ID;
                    $db->added = time();
Beispiel #14
0
                    </a>
                </td></tr>
        </tbody>
    </table>
    <br />
    <h4><?php 
    echo _t("Comments");
    ?>
</h4>
    <form method="post">
        <input type="hidden" name="secure_input" value="<?php 
    echo $_SESSION['secure_token_last'];
    ?>
">
        <?php 
    echo bbeditor("content", 5, 52);
    ?>
        <input type="submit" name="comment" value="<?php 
    echo _t("Comment");
    ?>
" />
    </form>
    <div id="conv">
        <?php 
    if (isset($_POST['comment'])) {
        try {
            if ($_POST['secure_input'] != $_SESSION['secure_token']) {
                throw new Exception("Wrong secured token");
            }
            if (empty($_POST['content'])) {
                throw new Exception("cannot post a comment without a content");
Beispiel #15
0
            header("location: " . page("admin", "bonus"));
        } catch (Exception $e) {
            echo error(_t($e->getMessage()));
        }
    }
    ?>
    <form method="post">
        <table>
            <tr>
                <td width="120px">Title</td>
                <td><input type="text" name="title" size="30"></td>
            </tr>
            <tr>
                <td width="120px">Description</td>
                <td><?php 
    echo bbeditor("description", 10, 85);
    ?>
</td>
            </tr>
            <tr>
                <td width="120px">Type</td>
                <td>
                    <select name="type">
                        <?php 
    foreach ($types as $id => $title) {
        echo "<option value='{$id}'>" . _t($title) . "</option>";
    }
    ?>
                    </select>
                </td>
            </tr>