$params['tag_keywords'] = prepare_input($_POST['tag_keywords']);
}
if (isset($_POST['tag_description'])) {
$params['tag_description'] = prepare_input($_POST['tag_description']);
}
if (isset($_POST['page_title'])) {
$params['page_title'] = prepare_input($_POST['page_title']);
}
if (isset($_POST['page_text'])) {
$params['page_text'] = prepare_input($_POST['page_text'], false, 'low');
}
if (isset($_POST['menu_link'])) {
$params['menu_link'] = prepare_input($_POST['menu_link']);
}
$params['menu_id'] = isset($_POST['menu_id']) ? prepare_input($_POST['menu_id']) : '0';
$params['page_key'] = create_seo_url(prepare_input($_POST['page_title']));
$params['language_id'] = isset($_POST['language_id']) ? prepare_input($_POST['language_id']) : '';
$params['finish_publishing'] = isset($_POST['finish_publishing']) && check_date($_POST['finish_publishing']) ? prepare_input($_POST['finish_publishing']) : '0000-00-00';
if ($objPage->PageCreate($params, $copy_to_other_langs)) {
$msg = draw_success_message(_PAGE_CREATED, false);
$objSession->SetMessage('notice', $msg);
header('location: index.php?admin=pages' . (Application::Get('type') != '' ? '&type=' . Application::Get('type') : '') . '&mg_language_id=' . $params['language_id']);
exit;
} else {
$msg = draw_important_message($objPage->error, false);
}
}
if ($msg == '') {
$msg = draw_message(_ALERT_REQUIRED_FILEDS, false);
}
}
/**
* @project ApPHP Business Directory
* @copyright (c) 2011 ApPHP
* @author ApPHP <*****@*****.**>
* @license http://www.gnu.org/licenses/
*/
// *** Make sure the file isn't accessed directly
defined('APPHP_EXEC') or die('Restricted Access');
//--------------------------------------------------------------------------
$curr_page_id = Application::Get('system_page') == '' ? Application::Get('page_id') : Application::Get('system_page');
$field_name = Application::Get('system_page') == '' ? 'id' : 'system_page';
$mg_language_id = isset($_REQUEST['mg_language_id']) ? prepare_input($_REQUEST['mg_language_id']) : Application::Get('lang');
$new_page_id = Pages::GetPageId($curr_page_id, $mg_language_id, $field_name);
$field_from = Application::Get('system_page') == '' ? 'pid=' . $curr_page_id : 'system_page=' . $curr_page_id;
$field_to = Application::Get('system_page') == '' ? 'pid=' . $new_page_id : 'system_page=' . $new_page_id;
$seo_field_from = Application::Get('system_page') == '' ? '/' . $curr_page_id . '/' : '/' . $curr_page_id . '.';
$seo_field_to = Application::Get('system_page') == '' ? '/' . $new_page_id . '/' : '/' . $new_page_id . '.';
if (!empty($new_page_id) && $curr_page_id != $new_page_id) {
$url = get_page_url(false);
if ($objSettings->GetParameter('seo_urls') == '1') {
$url = str_replace($seo_field_from, $seo_field_to, $url);
} else {
$url = str_replace($field_from, $field_to, $url);
}
header('location: ' . $url);
exit;
} else {
if (empty($new_page_id)) {
$objSession->SetMessage('notice', draw_important_message(_PAGE_UNKNOWN, false));
}
}
<?php /** * @project ApPHP Business Directory * @copyright (c) 2012 ApPHP * @author ApPHP <*****@*****.**> * @license http://www.gnu.org/licenses/ */ // draw title bar draw_title_bar(_PAGES); draw_content_start(); draw_important_message(_PAGE_NOT_EXISTS); draw_content_end();
} else {
if ($submition_type == 'site_info') {
$params_ranks = array();
$params_ranks['alexa_rank'] = number_format((double) $objSettings->CheckAlexaRank($http_host));
$params_ranks['google_rank'] = (int) $objSettings->CheckGoogleRank($http_host);
if ($objSettings->UpdateFields($params_ranks) == true) {
$msg = draw_success_message(_CHANGES_WERE_SAVED, false);
} else {
$msg = draw_important_message($objSettings->error, false);
}
} else {
if ($submition_type == 'cron_settings') {
if ($objSettings->UpdateFields($params_cron) == true) {
$msg = draw_success_message(_CHANGES_WERE_SAVED, false);
} else {
$msg = draw_important_message($objSettings->error, false);
}
}
}
}
}
}
}
}
}
}
}
$template = $objSettings->GetTemplate();
if (strtolower(SITE_MODE) != 'demo' && $submition_type == 'general' || $submition_type == 'visual_settings' || $submition_type == 'meta_tags') {
$objSiteDescription->LoadData();
RSSFeed::UpdateFeeds();
exit;
} else {
//echo mysql_error();
$msg = draw_important_message(_TRY_LATER, false);
}
}
}
}
}
}
}
}
}
}
} else {
$msg = draw_important_message(str_replace('_COUNT_', $maximum_inquiries, _MAXIMUM_ALLOWED_INQUIRIES_PER_SESSION), false);
}
} else {
if ($act == 'location_reload') {
// currently do nothing
} else {
if ($act == 'inquiry_sent') {
$msg = draw_success_message(_INQUIRY_SENT_SUCCESS_MSG, false);
}
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
* @license http://www.gnu.org/licenses/
*/
// *** Make sure the file isn't accessed directly
defined('APPHP_EXEC') or die('Restricted Access');
//--------------------------------------------------------------------------
$task = isset($_POST['task']) ? prepare_input($_POST['task']) : '';
$keyword = isset($_POST['keyword']) ? strip_tags(prepare_input($_POST['keyword'])) : '';
if ($keyword == _SEARCH_KEYWORDS . '...') {
$keyword = '';
}
$p = isset($_POST['p']) ? (int) $_POST['p'] : '';
$objSearch = new Search();
$search_result = '';
$title_bar = _LOOK_IN . ':
<select class="look_in" name="search_in" onchange="javascript:document.getElementById(\'search_in\').value=this.value;appQuickSearch();">
<option value="listings" ' . (Application::Get('search_in') == 'listings' ? 'selected="selected"' : '') . '>' . _LISTINGS . '</option>
<option value="pages" ' . (Application::Get('search_in') == 'pages' ? 'selected="selected"' : '') . '>' . _PAGES . '</option>
<option value="news" ' . (Application::Get('search_in') == 'news' ? 'selected="selected"' : '') . '>' . _NEWS . '</option>
</select>';
// Check if there is a page
if ($keyword != '') {
draw_title_bar(_SEARCH_RESULT_FOR . ': ' . $keyword . '', $title_bar);
if ($task == 'quick_search') {
$search_result = $objSearch->SearchBy($keyword, $p, Application::Get('search_in'));
}
$objSearch->DrawPopularSearches();
$objSearch->DrawSearchResult($search_result, $p, $keyword);
} else {
draw_title_bar(_SEARCH_RESULT_FOR . ': ' . $keyword);
draw_important_message(_NO_RECORDS_FOUND);
}
if ($objLogin->IsLoggedInAsAdmin()) {
$objPage = new Pages(Application::Get('page_id'), false, $mg_language_id);
} else {
$objPage = new Pages(Application::Get('system_page') != '' ? Application::Get('system_page') : Application::Get('page_id'), true, $mg_language_id);
}
$button_text = '';
// check if there is a page
if ($objSession->IsMessage('notice')) {
draw_title_bar(_PAGE);
echo $objSession->GetMessage('notice');
} else {
if ($objPage->CheckAccessRights($objLogin->IsLoggedIn())) {
// check if there is a page
if ($objPage->GetId() != '') {
if ($objLogin->IsLoggedInAsAdmin() && Application::Get('preview') != 'yes') {
$button_text = prepare_permanent_link('index.php?admin=pages' . (Application::Get('type') == 'system' ? '&type=system' : '') . '&mg_language_id=' . $mg_language_id, _BUTTON_BACK);
}
$objPage->DrawTitle($button_text);
if (Modules::IsModuleInstalled('adsense') && (ModulesSettings::Get('adsense', 'adsense_code_activation') == 'All' || ModulesSettings::Get('adsense', 'adsense_code_activation') == 'Horizontal')) {
//echo '<div class="adsense-horizontal">'.Adsense::GetHorizontalBanerCode().'</div>';
}
$objPage->DrawText();
} else {
draw_title_bar(_PAGES);
draw_important_message(_PAGE_UNKNOWN);
}
} else {
draw_title_bar(_PAGE);
draw_important_message(_MUST_BE_LOGGED);
}
}
/**
* Draws vocabulary
* @param $key
*/
public function DrawVocabulary($key)
{
$align_left = Application::Get('lang_dir') == 'ltr' ? 'left' : 'right';
$align_right = Application::Get('lang_dir') == 'ltr' ? 'right' : 'left';
$this->GetVocabulary($this->whereClause);
echo '<a name="top"></a>';
echo '<table width="100%" align="center" border="0" cellspacing="0" cellpadding="2" class="main_text">
<tr>
<td>' . _FILTER_BY . ': ';
echo prepare_permanent_link('index.php?admin=vocabulary' . $this->langIdByUrl, _ALL) . ' - ';
for ($i = 65; $i < 91; $i++) {
if ($this->filterBy == chr($i)) {
$chr_i = '<b><u>' . chr($i) . '</u></b>';
} else {
$chr_i = chr($i);
}
echo prepare_permanent_link('index.php?admin=vocabulary&filter_by=' . chr($i) . $this->langIdByUrl, $chr_i) . ' ';
}
echo ' - ';
for ($i = 1; $i <= 5; $i++) {
if ($this->filterBy == $i) {
$chr_i = '<b><u>' . $i . '</u></b>';
} else {
$chr_i = $i;
}
echo prepare_permanent_link('index.php?admin=vocabulary&filter_by=' . $i . $this->langIdByUrl, $chr_i) . ' ';
}
echo '</td>
<td width="7%" align="center" nowrap="nowrap">
' . _TOTAL . ': ' . count($this->keys) . '
</td>
</tr>';
echo '<tr align="center"><td colspan="2">' . draw_line('line_no_margin', IMAGE_DIRECTORY, false) . '</td></tr>';
echo '</table>';
if (!empty($this->keys)) {
echo '<table width="100%" align="center" border="0" cellspacing="0" cellpadding="3" class="main_text">';
echo '<tr>
<th width="1%">#</th>
<th width="25%" align="' . $align_left . '">' . _KEY . '</th>
<th width="65%" align="' . $align_left . '">' . _VALUE . '</th>
<th width="9%"></th>';
for ($i = 0; $i < $this->vocabularySize; $i++) {
// Prepare key_text for displaying
$decoded_text = strip_tags(decode_text($this->keys[$i]['key_text']));
if (strlen($decoded_text) > 90) {
$key_text = '<span style="cursor:help;" title="' . $decoded_text . '">' . substr_by_word($decoded_text, 95, true) . '</span>';
} else {
$key_text = $decoded_text;
}
// Display vocabulary row
if ($this->keys[$i]['key_value'] == $this->currentKey) {
echo '<tr>';
echo '<td align="' . $align_right . '" class="voc_row_edit_' . $align_left . '" nowrap="nowrap">' . ($i + 1) . '.</td>';
echo '<td align="' . $align_left . '" class="voc_row_edit_middle" nowrap="nowrap">' . $this->keys[$i]['key_value'] . '</td>';
echo '<td align="' . $align_left . '" class="voc_row_edit_middle">' . $key_text . '</td>
<td align="center" class="voc_row_edit_' . $align_right . '">' . prepare_permanent_link('index.php?admin=vocabulary&key=' . $this->keys[$i]['id'] . '&act=edit' . $this->filterByUrl . $this->langIdByUrl, '[ ' . _EDIT_WORD . ' ]') . '</td>
</tr>';
} else {
if ($this->keys[$i]['id'] == (int) $key) {
echo '<tr>';
echo '<td align="' . $align_right . '" class="voc_row_update_' . $align_left . '" nowrap="nowrap">' . ($i + 1) . '.</td>';
echo '<td align="' . $align_left . '" class="voc_row_update_middle" nowrap="nowrap">' . $this->keys[$i]['key_value'] . '</td>';
echo '<td align="' . $align_left . '" class="voc_row_update_middle">' . $key_text . '</td>
<td align="center" class="voc_row_update_' . $align_right . '">' . prepare_permanent_link('index.php?admin=vocabulary&key=' . $this->keys[$i]['id'] . '&act=edit' . $this->filterByUrl . $this->langIdByUrl, '[ ' . _EDIT_WORD . ' ]') . '</td>
</tr>';
} else {
echo '<tr ' . highlight(0) . ' onmouseover="oldColor=this.style.backgroundColor;this.style.backgroundColor=\'#ededed\';" onmouseout="this.style.backgroundColor=oldColor">';
echo '<td align="' . $align_right . '" nowrap="nowrap">' . ($i + 1) . '.</td>';
echo '<td align="' . $align_left . '" nowrap="nowrap">' . $this->keys[$i]['key_value'] . '</td>';
echo '<td align="' . $align_left . '">' . $key_text . '</td>
<td align="center">' . prepare_permanent_link('index.php?admin=vocabulary&key=' . $this->keys[$i]['id'] . '&act=edit' . $this->filterByUrl . $this->langIdByUrl, '[ ' . _EDIT_WORD . ' ]') . '</td>
</tr>';
}
}
}
echo '<tr><td colspan="4" nowrap="nowrap" height="10px"></td></tr>';
if ($this->vocabularySize > 15) {
echo '<tr valign="bottom"><td colspan="3"></td><td align="center">' . prepare_permanent_link('index.php?admin=vocabulary' . $this->filterByUrl . $this->langIdByUrl . '#top', _TOP . ' ^') . '</td></tr>';
}
echo '</table>';
} else {
draw_important_message(_VOC_NOT_FOUND);
}
}
if ($action == 'add') {
$mode = 'view';
} else {
if ($action == 'create') {
$mode = 'view';
} else {
if ($action == 'edit') {
$mode = 'edit';
} else {
if ($action == 'update') {
if ($objModules->UpdateRecord($rid)) {
$mst_text = $objModules->error != '' ? $objModules->error : _UPDATING_OPERATION_COMPLETED;
$msg = draw_success_message($mst_text, false);
$mode = 'view';
} else {
$msg = draw_important_message($objModules->error, false);
$mode = 'edit';
}
} else {
if ($action == 'delete') {
$mode = 'view';
} else {
if ($action == 'details') {
$mode = 'view';
} else {
if ($action == 'cancel_add') {
$mode = 'view';
} else {
if ($action == 'cancel_edit') {
$mode = 'view';
}
} else {
if ($reg_confirmation == 'by admin') {
$email_template = 'new_account_created_confirm_by_admin';
} else {
$email_template = 'new_account_created';
}
}
send_email($email, $objSettings->GetParameter('admin_email'), $email_template, array('{FIRST NAME}' => $first_name, '{LAST NAME}' => $last_name, '{USER NAME}' => $user_name, '{USER PASSWORD}' => $user_password1, '{WEB SITE}' => $_SERVER['SERVER_NAME'], '{REGISTRATION CODE}' => $registration_code, '{BASE URL}' => APPHP_BASE, '{YEAR}' => date('Y')));
if ($admin_alert_new_registration == 'yes') {
send_email($objSettings->GetParameter('admin_email'), $objSettings->GetParameter('admin_email'), 'new_account_created_notify_admin', array('{FIRST NAME}' => $first_name, '{LAST NAME}' => $last_name, '{USER NAME}' => $user_name, '{USER EMAIL}' => $email, '{WEB SITE}' => $_SERVER['SERVER_NAME'], '{BASE URL}' => APPHP_BASE, '{YEAR}' => date('Y')));
}
////////////////////////////////////////////////////////////
if ($reg_confirmation == 'by email') {
$msg = draw_success_message(_ACCOUNT_CREATED_CONF_BY_EMAIL_MSG, false);
$msg .= '<br />' . draw_message(_ACCOUT_CREATED_CONF_LINK, false);
} else {
if ($reg_confirmation == 'by admin') {
$msg = draw_success_message(_ACCOUNT_CREATED_CONF_BY_ADMIN_MSG, false);
$msg .= '<br />' . draw_message(_ACCOUT_CREATED_CONF_LINK, false);
} else {
$msg = draw_success_message(_ACCOUNT_CREATED_NON_CONFIRM_MSG, false);
$msg .= '<br />' . draw_message(_ACCOUNT_CREATED_NON_CONFIRM_LINK, false);
}
}
$account_created = true;
} else {
$msg = draw_important_message(_CREATING_ACCOUNT_ERROR, false);
}
}
}
}
/**
* Draws registration form
* @param $news_id
* @param $event_title
* @param $draw
*/
public function DrawRegistrationForm($news_id = '0', $event_title = '', $draw = true)
{
if (!$news_id) {
return '';
}
global $objSettings, $objLogin;
$lang = Application::Get('lang');
$focus_element = 'first_name';
// post fields
$task = isset($_POST['task']) ? prepare_input($_POST['task']) : '';
$event_id = isset($_POST['event_id']) ? (int) $_POST['event_id'] : '0';
$first_name = isset($_POST['first_name']) ? prepare_input($_POST['first_name']) : '';
$last_name = isset($_POST['last_name']) ? prepare_input($_POST['last_name']) : '';
$email = isset($_POST['email']) ? prepare_input($_POST['email']) : '';
$phone = isset($_POST['phone']) ? prepare_input($_POST['phone']) : '';
$message = isset($_POST['message']) ? substr(prepare_input($_POST['message']), 0, 2048) : '';
$captcha_code = isset($_POST['captcha_code']) ? prepare_input($_POST['captcha_code']) : '';
$admin_email = $objSettings->GetParameter('admin_email');
$msg = '';
if ($task == 'register_to_event') {
include_once 'modules/captcha/securimage.php';
$objImg = new Securimage();
if ($first_name == '') {
$msg = draw_important_message(_FIRST_NAME_EMPTY_ALERT, false);
$focus_element = 'first_name';
} else {
if ($last_name == '') {
$msg = draw_important_message(_LAST_NAME_EMPTY_ALERT, false);
$focus_element = 'last_name';
} else {
if ($email == '') {
$msg = draw_important_message(_EMAIL_EMPTY_ALERT, false);
$focus_element = 'email';
} else {
if ($email != '' && !check_email_address($email)) {
$msg = draw_important_message(_EMAIL_VALID_ALERT, false);
$focus_element = 'email';
} else {
if ($phone == '') {
$msg = draw_important_message(str_replace('_FIELD_', _PHONE, _FIELD_CANNOT_BE_EMPTY), false);
$focus_element = 'phone';
} else {
if (!$objImg->check($captcha_code)) {
$msg = draw_important_message(_WRONG_CODE_ALERT, false);
$focus_element = 'captcha_code';
} else {
$sql = 'SELECT * FROM ' . TABLE_EVENTS_REGISTERED . ' WHERE event_id = \'' . (int) $event_id . '\' AND email = \'' . $email . '\'';
if (database_query($sql, ROWS_ONLY, FIRST_ROW_ONLY) > 0) {
$msg = draw_important_message(_EVENT_USER_ALREADY_REGISTERED, false);
}
}
}
}
}
}
}
// deny all operations in demo version
if (strtolower(SITE_MODE) == 'demo') {
$msg = draw_important_message(_OPERATION_BLOCKED, false);
}
if ($msg == '') {
if ($objLogin->IpAddressBlocked(get_current_ip())) {
$msg = draw_important_message(_IP_ADDRESS_BLOCKED, false);
} else {
if ($objLogin->EmailBlocked($email)) {
$msg = draw_important_message(_EMAIL_BLOCKED, false);
} else {
$sql = 'INSERT INTO ' . TABLE_EVENTS_REGISTERED . ' (id, event_id, first_name, last_name, email, phone, message, date_registered)
VALUES (NULL, ' . (int) $event_id . ', \'' . encode_text($first_name) . '\', \'' . encode_text($last_name) . '\', \'' . encode_text($email) . '\', \'' . encode_text($phone) . '\', \'' . encode_text($message) . '\', \'' . @date('Y-m-d H:i:s') . '\')';
if (database_void_query($sql)) {
$msg = draw_success_message(_EVENT_REGISTRATION_COMPLETED, false);
////////////////////////////////////////////////////////////
send_email($email, $admin_email, 'events_new_registration', array('{FIRST NAME}' => $first_name, '{LAST NAME}' => $last_name, '{EVENT}' => '<b>' . $event_title . '</b>'), '', $admin_email, 'Events - new user was registered (admin copy)');
////////////////////////////////////////////////////////////
$first_name = $last_name = $email = $phone = $message = '';
} else {
///echo mysql_error();
$msg = draw_important_message(_TRY_LATER, false);
}
}
}
}
}
$output = '
' . ($msg != '' ? $msg : '') . '<br />
<fieldset style="border:1px solid #cccccc;padding-left:10px;margin:0px 12px 12px 12px;">
<legend><b>' . _REGISTRATION_FORM . '</b></legend>
<form method="post" name="frmEventRegistration" id="frmEventRegistration">
' . draw_hidden_field('task', 'register_to_event', false) . '
' . draw_hidden_field('event_id', $news_id, false) . '
' . draw_token_field(false);
$output .= '
<table cellspacing="1" cellpadding="2" border="0" width="100%">
<tbody>
<tr>
<td width="25%" align="' . Application::Get('defined_right') . '">' . _FIRST_NAME . ':</td>
<td><span class="mandatory_star">*</span></td>
<td nowrap="nowrap" align="' . Application::Get('defined_left') . '"><input type="text" id="first_name" name="first_name" size="34" maxlength="32" value="' . decode_text($first_name) . '" autocomplete="off" /></td>
</tr>
<tr>
<td align="' . Application::Get('defined_right') . '">' . _LAST_NAME . ':</td>
<td><span class="mandatory_star">*</span></td>
<td nowrap="nowrap" align="' . Application::Get('defined_left') . '"><input type="text" id="last_name" name="last_name" size="34" maxlength="32" value="' . decode_text($last_name) . '" autocomplete="off" /></td>
</tr>
<tr>
<td align="' . Application::Get('defined_right') . '">' . _EMAIL_ADDRESS . ':</td>
<td><span class="mandatory_star">*</span></td>
<td nowrap="nowrap" align="' . Application::Get('defined_left') . '"><input type="text" id="email" name="email" size="34" maxlength="70" value="' . decode_text($email) . '" autocomplete="off" /></td>
</tr>
<tr>
<td align="' . Application::Get('defined_right') . '">' . _PHONE . ':</td>
<td><span class="mandatory_star">*</span></td>
<td nowrap="nowrap" align="' . Application::Get('defined_left') . '"><input type="text" id="phone" name="phone" size="22" maxlength="32" value="' . decode_text($phone) . '" autocomplete="off" /></td>
</tr>
<tr valign="top">
<td align="' . Application::Get('defined_right') . '">' . _MESSAGE . ':</td>
<td></td>
<td nowrap="nowrap" align="' . Application::Get('defined_left') . '">
<textarea id="message" name="message" style="width:390px;" rows="4" maxlength="2048">' . $message . '</textarea>
</td>
</tr>
<tr>
<td colspan="2"></td>
<td colspan="2">';
$output .= '<table border="0" cellspacing="2" cellpadding="2">
<tr>
<td>
<img id="captcha_image" src="modules/captcha/securimage_show.php?sid=' . md5(uniqid(time())) . '" />
</td>
<td>
<img style="cursor:pointer; padding:0px; margin:0px;" id="captcha_image_reload" src="modules/captcha/images/refresh.gif" style="cursor:pointer;" onclick="document.getElementById(\'captcha_image\').src = \'modules/captcha/securimage_show.php?sid=\' + Math.random(); appSetFocus(\'captcha_code\'); return false" title="' . _REFRESH . '" alt="' . _REFRESH . '" /><br />
<a href="modules/captcha/securimage_play.php"><img border="0" style="padding:0px; margin:0px;" id="captcha_image_play" src="modules/captcha/images/audio_icon.gif" title="' . _PLAY . '" alt="' . _PLAY . '" /></a>
</td>
<td>
' . _TYPE_CHARS . '<br />
<input type="text" name="captcha_code" id="captcha_code" style="width:175px;margin-top:5px;" value="" maxlength="20" autocomplete="off" />
</td>
</tr>
</table>';
$output .= '</td>
</tr>
<tr><td height="20" colspan="3"> </td></tr>
<tr>
<td colspan="3" align="center">
<input type="submit" class="form_button" name="btnSubmitPD" id="btnSubmitPD" value=" ' . _SEND . ' ">
</td>
</tr>
<tr><td colspan="3"> </td></tr>
</table>
</form>
</form>
</fieldset>';
if ($focus_element != '') {
$output .= '<script type="text/javascript">appSetFocus(\'' . $focus_element . '\');</script>';
}
if ($draw) {
echo $output;
} else {
return $output;
}
}
/**
* Draw page text
*/
public function DrawText()
{
global $objLogin;
$objGallery = new GalleryAlbums();
$objContactUs = ContactUs::Instance();
$replace_needles = 1;
$module_page = false;
if (!count($this->page)) {
return false;
}
// dont show this page if it was expired
if (!$objLogin->IsLoggedInAsAdmin() && $this->page['finish_publishing'] != '0000-00-00' && date('Y-m-d') > $this->page['finish_publishing']) {
draw_important_message(_PAGE_EXPIRED);
return false;
}
if ($this->page['content_type'] == 'article' && isset($this->page['page_text'])) {
$page_text = decode_text($this->page['page_text'], false);
echo '<div class="pages_contents">';
if (preg_match('/{module:gallery}/i', $page_text)) {
$module_page = true;
$page_text = @preg_replace('/{module:gallery}/i', $objGallery->DrawGallery(false), $page_text, 1);
}
if (preg_match_all('/{module:album=(.*?)}/i', $page_text, $matches)) {
$module_page = true;
if (is_array($matches[1])) {
foreach ($matches[1] as $key => $val) {
if (strtolower($val) != 'code') {
$val = @preg_replace('/[^A-Za-z0-9:]/i', '', $val);
$page_text = @preg_replace('/{module:album=' . $val . '}/i', $objGallery->DrawAlbum($val, false), $page_text, 1);
}
}
}
}
if (self::$PROJECT == 'MedicalAppointment') {
if (preg_match('/{module:about_us}/i', $page_text)) {
$module_page = true;
$page_text = @preg_replace('/{module:about_us}/i', Clinic::DrawAboutUs(false), $page_text, 1);
}
}
if (self::$PROJECT == 'HotelSite') {
if (preg_match('/{module:about_us}/i', $page_text)) {
$module_page = true;
$page_text = @preg_replace('/{module:about_us}/i', Hotels::DrawAboutUs(false), $page_text, 1);
}
if (preg_match('/{module:rooms}/i', $page_text)) {
$module_page = true;
$page_text = @preg_replace('/{module:rooms}/i', Rooms::DrawRoomsInfo(false), $page_text, 1);
}
if (preg_match('/{module:testimonials}/i', $page_text)) {
$module_page = true;
$page_text = @preg_replace('/{module:testimonials}/i', Testimonials::DrawTestimonails(false), $page_text, 1);
}
}
if (preg_match('/{module:contact_us}/i', $page_text)) {
$module_page = true;
$page_text = @preg_replace('/{module:contact_us}/i', $objContactUs->DrawContactUsForm(false), $page_text, 1);
}
if (preg_match('/{module:faq}/i', $page_text)) {
$module_page = true;
$page_text = @preg_replace('/{module:faq}/i', FaqCategories::DrawFaqList(false), $page_text, 1);
}
if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
$page_text = stripslashes($page_text);
}
if ($this->page['is_home']) {
if (self::$PROJECT == 'HotelSite') {
Campaigns::DrawCampaignBanner('standard');
Campaigns::DrawCampaignBanner('global');
}
}
//echo $page_text;
//echo "<hr>";
// draw all needed blocks for Home page
if ($this->page['is_home']) {
if (self::$PROJECT == 'BusinessDirectory') {
if (ModulesSettings::Get('listings', 'show_categories_home_block') == 'yes') {
Categories::DrawHomePageBlock();
}
} else {
if (self::$PROJECT == 'ShoppingCart') {
if (ModulesSettings::Get('products_catalog', 'is_active') == 'yes') {
Campaigns::DrawCampaignBanner();
if (ModulesSettings::Get('products_catalog', 'show_featured_block') == 'home page') {
Products::DrawFeaturedBlock('home');
}
if (ModulesSettings::Get('products_catalog', 'show_new_products_block') == 'home page') {
Products::DrawNewProductsBlock();
}
Categories::DrawHomePageBlock();
}
}
}
}
// draw comments form
if (!$this->page['is_home'] && !$module_page) {
if (Modules::IsModuleInstalled('comments')) {
if (ModulesSettings::Get('comments', 'comments_allow') == 'yes' && $this->page['comments_allowed']) {
$objComments = new Comments();
$objComments->DrawArticleComments($this->page['id']);
}
}
}
echo '</div>';
} else {
if ($this->page['content_type'] == 'link' && isset($this->page['link_url'])) {
$link_url = decode_text($this->page['link_url']);
echo '<div class="pages_contents">';
echo '<a href="' . $link_url . '">' . $link_url . '</a>';
echo '</div>';
}
}
}
// *** Make sure the file isn't accessed directly
defined('APPHP_EXEC') or die('Restricted Access');
//--------------------------------------------------------------------------
$objNews = News::Instance();
$news = $objNews->GetNews(Application::Get('news_id'));
// Draw title bar
if ($objSession->IsMessage('notice')) {
draw_title_bar(_NEWS);
echo $objSession->GetMessage('notice');
} else {
if ($news[1] == 1) {
$news_type = isset($news[0]['type']) ? $news[0]['type'] : 'news';
$header_text = isset($news[0]['header_text']) ? str_replace("\\'", "'", $news[0]['header_text']) : '';
$body_text = isset($news[0]['body_text']) ? str_replace("\\'", "'", $news[0]['body_text']) : '';
$date_created = isset($news[0]['mod_date_created']) ? $news[0]['mod_date_created'] : '';
if ($news_type == 'events') {
draw_title_bar(prepare_breadcrumbs(array(_EVENTS => '', $header_text => '')));
} else {
draw_title_bar(prepare_breadcrumbs(array(_NEWS => '', $header_text => '')));
}
echo '<div class="center_box_heading_news">' . $header_text . '</div>';
echo '<div class="center_box_contents_news">' . $body_text . '</div>';
echo '<div class="center_box_bottom_news"><i><b>' . _POSTED_ON . ':</b> ' . $date_created . '</i></div>';
if ($news_type == 'events') {
$objNews->DrawRegistrationForm(Application::Get('news_id'), $header_text);
}
} else {
draw_title_bar(_NEWS);
draw_important_message(_WRONG_PARAMETER_PASSED);
}
}
/**
* Draws search result
* @param $search_result - search result
* @param $page
* @param $keyword
* @param $type
*/
public function DrawSearchResult($search_result, $page = 1, $keyword = '', $type = 'quick')
{
$total_pages = (int) ($this->totalSearchRecords / $this->pageSize);
if (!is_numeric($total_pages) || (int) $total_pages <= 0) {
$total_pages = 1;
}
if ($search_result != '' && $search_result[1] > 0) {
echo '<div class="pages_contents">';
for ($i = 0; $i < $search_result[1]; $i++) {
if ($search_result[0][$i]['content_type'] == 'article') {
echo $i + 1 . '. ' . prepare_permanent_link('index.php?' . $search_result[0][$i]['url'], decode_text($search_result[0][$i]['title'])) . '<br />';
if (isset($search_result[0][$i]['image_file_thumb'])) {
echo '<img src="images/listings/' . $search_result[0][$i]['image_file_thumb'] . '" style="width:42px;height:42px;margin:4px;" align="' . Application::Get('defined_left') . '" alt="" />';
}
$page_text = $search_result[0][$i]['text'];
$page_text = str_replace(array('\\r', '\\n'), '', $page_text);
$page_text = preg_replace('/{module:(.*?)}/i', '', $page_text);
$page_text = strip_tags($page_text);
$page_text = decode_text($page_text);
if (!empty($keyword)) {
$page_text = $this->HighLight($page_text, array($keyword));
}
echo substr_by_word($page_text, 512) . '...<br />';
} else {
echo $i + 1 . '. <a href="' . $search_result[0][$i]['link_url'] . '">' . decode_text($search_result[0][$i]['title']) . '</a> <img src="images/external_link.gif" alt="" /><br />';
}
echo '<br />';
draw_line();
echo '<br />';
}
echo '<b>' . _PAGES . ':</b> ';
for ($i = 1; $i <= $total_pages; $i++) {
echo '<a class="paging_link" href="javascript:void(0);" onclick="javascript:appPerformSearch(' . $i . ', \'' . ($type == 'advanced' ? 'frmAdvSearch' : 'frmQuickSearch') . '\');">' . ($i == $page ? '<b>[' . $i . ']</b>' : $i) . '</a> ';
}
echo '</div>';
} else {
draw_important_message(_NO_RECORDS_FOUND);
}
}
/**
* Draw single listing
* @param $draw
*/
public function DrawListing($draw = true)
{
$output = '';
$nl = "\n";
if (isset($this->listing_info[1]) && $this->listing_info[1] > 0) {
// get info about some fields that depends on advertise plan
$advertise_plan_info = AdvertisePlans::GetPlanInfo($this->GetField('advertise_plan_id'));
$bpf_business_name = $advertise_plan_info[0]['business_name'];
$bpf_business_description = $advertise_plan_info[0]['business_description'];
$bpf_address = $advertise_plan_info[0]['address'];
$bpf_logo = $advertise_plan_info[0]['logo'];
$bpf_images_count = $advertise_plan_info[0]['images_count'];
$bpf_phone = $advertise_plan_info[0]['phone'];
$bpf_map = $advertise_plan_info[0]['map'];
$bpf_video_link = $advertise_plan_info[0]['video_link'];
$bpf_inquiry_button = $advertise_plan_info[0]['inquiry_button'];
$bpf_rating_button = $advertise_plan_info[0]['rating_button'];
$nl = "\n";
if ($bpf_logo && $bpf_images_count && !Application::Get('js_included', 'lytebox')) {
$output .= '<!-- LyteBox v3.22 Author: Markus F. Hay Website: http://www.dolem.com/lytebox -->' . $nl;
$output .= '<link rel="stylesheet" href="modules/lytebox/css/lytebox.css" type="text/css" media="screen" />' . $nl;
$output .= '<script type="text/javascript" language="javascript" src="modules/lytebox/js/lytebox.js"></script>' . $nl;
}
if (Modules::IsModuleInstalled('ratings') == 'yes' && $bpf_rating_button) {
$output .= '<link href="modules/ratings/css/ratings.css" rel="stylesheet" type="text/css" />';
if (Application::Get('lang_dir') == 'rtl') {
$output .= '<link href="modules/ratings/css/ratings-rtl.css" rel="stylesheet" type="text/css" />';
}
$ratings_lang = file_exists('modules/ratings/langs/' . Application::Get('lang') . '.js') ? Application::Get('lang') : 'en';
$output .= '<script src="modules/ratings/langs/' . $ratings_lang . '.js" type="text/javascript"></script>';
$output .= '<script src="modules/ratings/js/ratings.js" type="text/javascript"></script>';
}
$output .= '<div class="listing_description">';
$output .= '<div class="wide_block">' . $nl;
if ($bpf_rating_button) {
$output .= '<div class="ratings_stars" id="rt_listing_' . $this->GetField('id') . '"></div>' . $nl;
}
if ($bpf_business_name) {
$output .= '<h2>' . $this->GetField('business_name') . '</h2><br />' . $nl;
}
$output .= '<ul class="l_items">' . $nl;
if ($bpf_address && $this->GetField('business_address') != '') {
$output .= '<li><span class="l_item">' . _ADDRESS . ':</span> <span class="l_description">' . $this->GetField('business_address') . '</span></li>' . $nl;
}
if ($bpf_phone && $this->GetField('business_phone') != '') {
$output .= '<li><span class="l_item">' . _PHONE . ':</span> <span class="l_description">' . $this->GetField('business_phone') . '</span></li>' . $nl;
}
if ($bpf_phone && $this->GetField('business_fax') != '') {
$output .= '<li><span class="l_item">' . _FAX . ':</span> <span class="l_description">' . $this->GetField('business_fax') . '</span></li>' . $nl;
}
if ($this->GetField('website_url') != '') {
$output .= '<li><span class="l_item">' . _WEB_SITE . ':</span> <span class="l_description"><a href="' . $this->GetField('website_url') . '" target="_blank">' . $this->GetField('website_url') . '</a> <img src="images/external_link.gif" alt="" /></span></li>' . $nl;
}
if ($this->GetField('business_email') != '') {
$output .= '<li><span class="l_item">' . _EMAIL_ADDRESS . ':</span> <span class="l_description"><a href="mailto:' . $this->GetField('business_email') . '" target="_blank">' . $this->GetField('business_email') . '</a></span></li>' . $nl;
}
if ($bpf_video_link && $this->GetField('video_url') != '') {
$output .= '<li><span class="l_item">' . _VIDEO . ':</span> <span class="l_description"><a href="' . $this->GetField('video_url') . '" target="_blank">' . $this->GetField('video_url') . '</a> <img src="images/external_link.gif" alt="" /></span></li>' . $nl;
}
$output .= '<li><span class="l_item">' . _LOCATION . ':</span> <span class="l_description">' . $this->GetField('listing_location') . '</span></li>' . $nl;
$output .= '<li><span class="l_item">' . _SUB_LOCATION . ':</span> <span class="l_description">' . $this->GetField('listing_sub_location') . '</span></li>' . $nl;
if ($this->GetField('date_published') != '0000-00-00 00:00:00') {
$output .= '<li><span class="l_item">' . _PUBLISHED . ':</span> <span class="l_description">' . format_datetime($this->GetField('date_published'), get_datetime_format(false), _UNKNOWN) . '</span></li>' . $nl;
}
if ($bpf_business_description) {
$output .= '<li><span class="l_item">' . _DESCRIPTION . ':</span> <br>' . $this->GetField('business_description') . '</li>' . $nl;
}
$added_categories = ListingsCategories::GetCategoriesForListing($this->GetField('id'));
$arr_added_categories = array();
$output .= '<li><span class="l_item">' . _CATEGORIES . ':</span><br>';
$categories = '';
foreach ($added_categories[0] as $key => $val) {
$categories .= !empty($categories) ? ', ' : '';
$categories .= prepare_link('category', 'cid', $val['category_id'], '', $val['name'], '', '');
}
$output .= $categories;
$output .= '</li>';
$output .= '</ul>';
$output .= '</div>';
$output .= '<div class="narrow_block">';
$output .= '<div class="listing_images_wrapper">';
if ($bpf_logo) {
$image_file = $this->GetField('image_file') != '' ? $this->GetField('image_file') : '';
$image_file_thumb = $this->GetField('image_file_thumb') != '' ? $this->GetField('image_file_thumb') : 'no_image.png';
if (!empty($image_file)) {
$output .= '<a href="images/listings/' . $image_file . '" rel="lyteshow' . $this->GetField('id') . '">';
}
$output .= '<img class="listing_image' . ($image_file == '' ? ' no_hover' : '') . '" src="images/listings/' . $image_file_thumb . '" alt="" />';
if (!empty($image_file)) {
$output .= '</a>';
}
$output .= '<br />';
}
$additional_images = array();
for ($i = 1; $i <= $bpf_images_count; $i++) {
$additional_image = $this->GetField('image_' . $i) != '' ? $this->GetField('image_' . $i) : '';
$additional_image_thumb = $this->GetField('image_' . $i . '_thumb') != '' ? $this->GetField('image_' . $i . '_thumb') : '';
if ($additional_image != '') {
$output .= '<a href="images/listings/' . $additional_image . '" rel="lyteshow' . $this->GetField('id') . '">';
$output .= '<img class="listing_icon" src="images/listings/' . $additional_image_thumb . '" alt="" />';
$output .= '</a>';
}
}
$output .= '</div>';
$map_code = $this->GetField('map_code', false);
if ($bpf_map && $map_code != '') {
$map_code = preg_replace('/width="(.*?)"/', 'width="240px"', $map_code);
$map_code = preg_replace('/height="(.*?)"/', 'height="200px"', $map_code);
$output .= '<div class="map">' . $map_code . '</div><br /><br />';
}
if (Modules::IsModuleInstalled('inquiries') == 'yes' && $bpf_inquiry_button) {
$output .= '<form name="frmDirectInquiry" action="index.php?page=inquiry_form" method="post">';
$output .= draw_token_field(false);
$output .= draw_hidden_field('listing_id', $this->listing_info[0]['id'], false);
$output .= draw_hidden_field('visitor_locations', $this->listing_info[0]['listing_location_id'], false);
$output .= draw_hidden_field('visitor_sub_locations', $this->listing_info[0]['listing_sub_location_id'], false);
$output .= draw_hidden_field('business_name', $this->GetField('business_name'), false);
$output .= draw_hidden_field('inquiry_type', '1', false);
$output .= '<center><input type="submit" class="form_button" value="' . _SUBMIT_INQUIRY . '"></center>';
$output .= '</form><br /><br />';
}
$output .= '</div>';
$output .= '<div style="clear:both;"></div>';
$output .= '</div>';
} else {
$output .= draw_important_message(_NO_LISTINGS_TO_DISPLAY, false);
}
if ($draw) {
echo $output;
} else {
return $output;
}
}
//--------------------------------------------------------------------------
if (!$objLogin->IsLoggedIn() && ModulesSettings::Get('customers', 'allow_registration') == 'yes') {
$code = isset($_REQUEST['c']) ? prepare_input($_REQUEST['c']) : '';
$task = isset($_POST['task']) ? prepare_input($_POST['task']) : '';
$msg = '';
$confirmed = false;
if ($code != '') {
$sql = 'SELECT * FROM ' . TABLE_CUSTOMERS . ' WHERE registration_code = \'' . encode_text($code) . '\' AND is_active = 0';
$result = database_query($sql, DATA_AND_ROWS, FIRST_ROW_ONLY);
if ($result[1] > 0) {
$sql = 'UPDATE ' . TABLE_CUSTOMERS . '
SET is_active = 1, registration_code = \'\'
WHERE registration_code = \'' . encode_text($code) . '\' AND is_active = 0';
database_void_query($sql);
$msg = draw_success_message(_CONFIRMED_SUCCESS_MSG, false);
$confirmed = true;
$msg .= '<script type="text/javascript">setTimeout(\'appGoTo("customer=login")\', 15000);</script>';
} else {
if (strlen($code) == 20) {
$confirmed = true;
$msg = draw_message(_CONFIRMED_ALREADY_MSG, false);
} else {
$msg = draw_important_message(_WRONG_CONFIRMATION_CODE, false);
}
}
} else {
if ($task == 'post_submission') {
$msg = draw_important_message(str_replace('_FIELD_', _CONFIRMATION_CODE, _FIELD_CANNOT_BE_EMPTY), false);
}
}
}
/**
* Draws article comments
* @param $article_id
* @param $draw
*/
public function DrawArticleComments($article_id = '', $draw = true)
{
if (!$article_id) {
return '';
}
global $objLogin;
$delete_pending_time = ModulesSettings::Get('comments', 'delete_pending_time');
$user_type = ModulesSettings::Get('comments', 'user_type');
$comment_length = ModulesSettings::Get('comments', 'comment_length');
$image_verification = ModulesSettings::Get('comments', 'image_verification_allow');
$comments_on_page = ModulesSettings::Get('comments', 'page_size');
$is_published = ModulesSettings::Get('comments', 'pre_moderation_allow') == 'yes' ? '0' : '1';
if ($image_verification == 'yes') {
include_once 'modules/captcha/securimage.php';
$objImg = new Securimage();
}
//echo '<pre>';
//print_r($_SERVER);
//echo '</pre>';
$task = isset($_POST['task']) ? prepare_input($_POST['task']) : '';
$comment_id = isset($_POST['comment_id']) ? (int) $_POST['comment_id'] : '';
$init_state = 'closed';
$user_id = isset($_POST['user_id']) ? (int) $_POST['user_id'] : '';
$user_name = isset($_POST['comment_user_name']) ? prepare_input($_POST['comment_user_name']) : '';
$user_email = isset($_POST['comment_user_email']) ? prepare_input($_POST['comment_user_email']) : '';
$comment_text = isset($_POST['comment_text']) ? prepare_input($_POST['comment_text']) : '';
$captcha_code = isset($_POST['captcha_code']) ? prepare_input($_POST['captcha_code']) : '';
$msg = '';
$task_completed = false;
$focus_field = '';
$current_page = isset($_GET['p']) ? abs((int) $_GET['p']) : '1';
if ($task == 'publish_comment') {
$init_state = 'opened';
if ($user_name == '') {
$msg = draw_important_message(_USERNAME_EMPTY_ALERT, false);
$focus_field = 'comment_user_name';
} else {
if (!check_email_address($user_email) && !$objLogin->IsLoggedInAs($this->user_type_name)) {
$msg = draw_important_message(_EMAIL_IS_WRONG, false);
$focus_field = 'comment_user_email';
} else {
if ($comment_text == '') {
$msg = draw_important_message(_MESSAGE_EMPTY_ALERT, false);
$focus_field = 'comment_text';
} else {
if ($comment_text != '' && strlen($comment_text) > $comment_length) {
$msg = draw_important_message(str_replace('_LENGTH_', $comment_length, _COMMENT_LENGTH_ALERT), false);
$focus_field = 'comment_text';
} else {
if ($image_verification == 'yes' && !$objImg->check($captcha_code)) {
$msg = draw_important_message(_WRONG_CODE_ALERT, false);
$focus_field = 'captcha_code';
} else {
// Block operation in demo mode
if (strtolower(SITE_MODE) == 'demo') {
$msg = draw_important_message(_OPERATION_BLOCKED, false);
} else {
if ($objLogin->IpAddressBlocked(get_current_ip())) {
$msg = draw_important_message(_IP_ADDRESS_BLOCKED, false);
} else {
if ($objLogin->EmailBlocked($user_email)) {
$msg = draw_important_message(_EMAIL_BLOCKED, false);
} else {
$sql = 'INSERT INTO ' . TABLE_COMMENTS . '(
id,
article_id,
user_id,
user_name,
user_email,
comment_text,
date_created,
date_published,
is_published
)VALUES(
NULL,
' . (int) $article_id . ',
' . (int) $user_id . ',
\'' . encode_text($user_name) . '\',
\'' . encode_text($user_email) . '\',
\'' . encode_text(strip_tags($comment_text, '<b><i><u><br>')) . '\',
\'' . date('Y-m-d H:i:s') . '\',
\'' . ($is_published == '1' ? date('Y-m-d H:i:s') : '0000-00-00 00:00:00') . '\',
\'' . $is_published . '\'
)';
if (database_void_query($sql)) {
if ($is_published == '1') {
$msg = draw_success_message(_COMMENT_POSTED_SUCCESS, false);
} else {
$msg = draw_success_message(_COMMENT_SUBMITTED_SUCCESS, false);
}
$task_completed = true;
} else {
$msg = draw_important_message(_TRY_LATER, false);
}
}
}
}
}
}
}
}
}
} else {
if ($task == 'delete_comment') {
$init_state = 'opened';
$sql = 'DELETE FROM ' . $this->tableName . '
WHERE TIMESTAMPDIFF(MINUTE, date_published, \'' . date('Y-m-d H:i:s') . '\') < ' . $delete_pending_time . ' AND
id = ' . (int) $comment_id;
if (database_void_query($sql)) {
$msg = draw_success_message(_COMMENT_DELETED_SUCCESS, false);
} else {
$msg = draw_important_message(_TRY_LATER, false);
}
}
}
// -------- pagination
$total_comments = 0;
$page_size = $comments_on_page;
$sql = 'SELECT COUNT(*) as cnt FROM ' . TABLE_COMMENTS . ' WHERE is_published = 1 AND article_id = ' . (int) $article_id;
$comments_result = database_query($sql, DATA_ONLY, FIRST_ROW_ONLY);
$total_comments = $comments_result['cnt'];
$total_pages = (int) ($total_comments / $page_size);
if ($current_page > $total_pages + 1) {
$current_page = 1;
}
if ($total_comments % $page_size != 0) {
$total_pages++;
}
if ($task_completed) {
$current_page = $total_pages;
}
if (!is_numeric($current_page) || (int) $current_page <= 0) {
$current_page = 1;
}
$start_row = ($current_page - 1) * $page_size;
if (isset($_GET['p'])) {
$init_state = 'opened';
}
// --------
$sql = 'SELECT *
FROM ' . TABLE_COMMENTS . '
WHERE article_id = ' . (int) $article_id . ' AND is_published = 1
ORDER BY date_published ASC
LIMIT ' . $start_row . ', ' . $page_size;
$result = database_query($sql, DATA_AND_ROWS);
$output = '<script type="text/javascript">function deleteComment(cid) {
if(confirm(\'' . _PERFORM_OPERATION_COMMON_ALERT . '\')){
jQuery(\'#comment_task\').val(\'delete_comment\');
jQuery(\'#comment_id\').val(cid);
jQuery(\'#frmComments\').submit();
return true;
}
return false;
} </script>';
$output .= '<div id="commentsLink"><a href="javascript:void(0);" onclick="javascript:jQuery(\'#commentsWrapper\').slideToggle(\'fast\');">' . str_replace('_COUNT_', $total_comments, _COMMENTS_LINK) . '</a><br /><br /></div>';
$output .= '<div id="commentsWrapper" style="display:' . ($init_state == 'opened' ? '' : 'none') . ';">';
$output .= '<div id="commentsPublished">';
if ($result[1] > 0) {
for ($i = 0; $i < $result[1]; $i++) {
$output .= '<div class="comment">';
$output .= '<div class="comment_user_name"><b>' . $result[0][$i]['user_name'] . '</b> ' . _SAID . '...</div>';
$output .= '<div class="comment_test">' . $result[0][$i]['comment_text'] . '</div>';
$output .= '<div class="comment_date">';
if ($result[0][$i]['user_id'] == $objLogin->GetLoggedID() && floor(time_diff(date('Y-m-d H:i:s'), $result[0][$i]['date_published']) / 60) < $delete_pending_time) {
$output .= '<img src="images/published_x.gif" alt="" style="cursor:pointer;margin-bottom:-3px;margin-right:3px;" onclick="deleteComment(\'' . $result[0][$i]['id'] . '\');">';
}
$output .= '<i>' . _PUBLISHED . ': ' . format_datetime($result[0][$i]['date_published']) . '</i></div>';
$output .= '</div>';
}
// draw pagination links
if ($total_pages > 1) {
$output .= '<div class="paging">';
for ($page_ind = 1; $page_ind <= $total_pages; $page_ind++) {
$output .= prepare_permanent_link('index.php?page=' . Application::Get('page') . '&pid=' . Application::Get('page_id') . '&p=' . $page_ind, $page_ind == $current_page ? '<b>[' . $page_ind . ']</b>' : $page_ind, '', 'paging_link') . ' ';
}
$output .= '</div>';
}
} else {
$output .= '<div class="comment">';
$output .= '<b>' . _NO_COMMENTS_YET . '</b><br /><br />';
$output .= '</div>';
}
$output .= '</div>';
$output .= $msg != '' ? $msg . '<br />' : '';
if ($user_type == 'registered' && !$objLogin->IsLoggedInAs($this->user_type_name)) {
$output .= draw_message(_POST_COM_REGISTERED_ALERT, false);
} else {
$output .= $this->DrawCommentsForm($article_id, $image_verification, $focus_field, $task_completed, false);
}
$output .= '</div>';
if ($draw) {
echo $output;
} else {
return $output;
}
}
*/
// *** Make sure the file isn't accessed directly
defined('APPHP_EXEC') or die('Restricted Access');
//--------------------------------------------------------------------------
if ($objLogin->IsLoggedInAsAdmin() && $objLogin->HasPrivileges('add_menus')) {
$act = isset($_POST['act']) ? prepare_input($_POST['act']) : '';
$mid = isset($_POST['mid']) ? prepare_input($_POST['mid']) : '';
$language_id = isset($_POST['language_id']) ? prepare_input($_POST['language_id']) : Languages::GetDefaultLang();
$menu = new Menu($mid);
$msg = '';
// add new menu catagory
if ($act == 'add') {
$params = array();
$params['name'] = isset($_POST['name']) ? prepare_input($_POST['name']) : '';
$params['menu_placement'] = isset($_POST['menu_placement']) ? prepare_input($_POST['menu_placement']) : '';
$params['order'] = isset($_POST['order']) ? prepare_input($_POST['order']) : '';
$params['language_id'] = isset($_POST['language_id']) ? prepare_input($_POST['language_id']) : '';
$params['access_level'] = isset($_POST['access_level']) ? prepare_input($_POST['access_level']) : '';
if ($menu->MenuCreate($params)) {
$msg = draw_success_message(_MENU_CREATED, false);
$objSession->SetMessage('notice', $msg);
header('location: index.php?admin=menus');
exit;
} else {
$msg = draw_important_message($menu->error, false);
}
}
if ($msg == '') {
$msg = draw_message(_ALERT_REQUIRED_FILEDS, false);
}
}
/**
* @project ApPHP Business Directory
* @copyright (c) 2011 ApPHP
* @author ApPHP <*****@*****.**>
* @license http://www.gnu.org/licenses/
*/
// *** Make sure the file isn't accessed directly
defined('APPHP_EXEC') or die('Restricted Access');
//--------------------------------------------------------------------------
$listing_type = Application::Get('type');
$listing_type_title = '';
if ($listing_type == 'featured') {
$listing_type_title = _FEATURED_LISTINGS;
} else {
if ($listing_type == 'recent') {
$listing_type_title = _RECENT_LISTINGS;
}
}
draw_title_bar(prepare_breadcrumbs(array(_LISTINGS => '', $listing_type_title => '')));
if (!empty($listing_type_title)) {
if ($listing_type == 'featured') {
Listings::DrawFeaturedAll();
} else {
if ($listing_type == 'recent') {
Listings::DrawRecentAll();
}
}
} else {
draw_important_message(_PAGE_UNKNOWN);
}
/**
* Place order
* @param $order_number
* @param $cc_params
*/
public static function PlaceOrder($order_number, $cc_params = array())
{
global $objLogin;
if (SITE_MODE == 'demo') {
self::$message = draw_important_message(_OPERATION_BLOCKED, false);
return false;
}
$sql = 'SELECT id, order_number
FROM ' . TABLE_ORDERS . '
WHERE
order_number = \'' . $order_number . '\' AND
customer_id = ' . (int) $objLogin->GetLoggedID() . ' AND
status = 0
ORDER BY id DESC';
$result = database_query($sql, DATA_AND_ROWS, FIRST_ROW_ONLY);
if ($result[1] > 0) {
$sql = 'UPDATE ' . TABLE_ORDERS . '
SET
created_date = \'' . date('Y-m-d H:i:s') . '\',
status_changed = \'' . date('Y-m-d H:i:s') . '\',
cc_type = \'' . $cc_params['cc_type'] . '\',
cc_holder_name = \'' . $cc_params['cc_holder_name'] . '\',
cc_number = AES_ENCRYPT(\'' . $cc_params['cc_number'] . '\', \'' . PASSWORDS_ENCRYPT_KEY . '\'),
cc_expires_month = \'' . $cc_params['cc_expires_month'] . '\',
cc_expires_year = \'' . $cc_params['cc_expires_year'] . '\',
cc_cvv_code = \'' . $cc_params['cc_cvv_code'] . '\',
status = \'1\'
WHERE order_number = \'' . $order_number . '\'';
database_void_query($sql);
if (Orders::SendOrderEmail($order_number, 'accepted', $objLogin->GetLoggedID())) {
// OK
} else {
//$this->message = draw_success_message(_ORDER_SEND_MAIL_ERROR, false);
}
return true;
} else {
self::$message = _ORDER_ERROR;
return false;
}
}
/**
* Sends mass mail
*/
public function SendMassMail()
{
global $objSettings;
$template_name = isset($_POST['template_name']) ? prepare_input($_POST['template_name']) : '';
$email_from = isset($_POST['email_from']) ? prepare_input($_POST['email_from']) : '';
$email_to_req = isset($_POST['email_to']) ? prepare_input($_POST['email_to']) : '';
$subject = isset($_POST['subject']) ? prepare_input($_POST['subject']) : '';
$message = isset($_POST['message']) ? prepare_input($_POST['message']) : '';
$package_size = isset($_POST['package_size']) ? prepare_input($_POST['package_size']) : '';
$duration = isset($_POST['duration']) ? (int) $_POST['duration'] : '5';
$send_copy_to_admin = isset($_POST['send_copy_to_admin']) ? prepare_input($_POST['send_copy_to_admin']) : '';
$admin_email = $objSettings->GetParameter('admin_email');
$email_session_code = Session::Get('email_random_code');
$email_post_code = isset($_POST['email_random_code']) ? prepare_input($_POST['email_random_code']) : '';
$msg = '';
$emails_total = '0';
$emails_sent = '0';
if (strtolower(SITE_MODE) == 'demo') {
draw_important_message(_OPERATION_BLOCKED);
return false;
}
if ($email_post_code != '' && $email_session_code == $email_post_code) {
$this->error = true;
draw_message(_OPERATION_WAS_ALREADY_COMPLETED);
return false;
}
// handle emails sending
if ($subject != '' && $message != '') {
$message = str_ireplace('{YEAR}', date('Y'), $message);
$message = str_ireplace('{WEB SITE}', $_SERVER['SERVER_NAME'], $message);
$message = str_ireplace('{BASE URL}', APPHP_BASE, $message);
$email_to_parts = explode('|', $email_to_req);
$email_to = isset($email_to_parts[0]) ? $email_to_parts[0] : '';
$email_to_subtype = isset($email_to_parts[1]) ? $email_to_parts[1] : '';
if ($email_to_subtype == 'all') {
$member_where_clause = '';
} else {
if ($email_to_subtype == 'uncategorized') {
$member_where_clause = 'group_id=0 AND';
} else {
if ($email_to_subtype != '') {
$member_where_clause = 'group_id=' . $email_to_subtype . ' AND';
} else {
$member_where_clause = '';
}
}
}
if ($email_to == 'test') {
$emails_total = '1';
if (send_email_wo_template($admin_email, $admin_email, $subject, $message)) {
$emails_sent = '1';
}
} else {
$result = database_query('SELECT COUNT(*) as cnt FROM ' . $this->TABLE_NAME . ' WHERE is_active = 1 AND ' . $member_where_clause . ' email_notifications = 1 AND email != \'\'', DATA_ONLY, FIRST_ROW_ONLY);
$members_emails_total = $result['cnt'];
$result = database_query('SELECT COUNT(*) as cnt FROM ' . TABLE_ACCOUNTS . ' WHERE is_active = 1 AND email != \'\'', DATA_ONLY, FIRST_ROW_ONLY);
$admins_emails_total = $result['cnt'];
$result = database_query('SELECT COUNT(*) as cnt FROM ' . TABLE_NEWS_SUBSCRIBED . ' WHERE email != \'\'', DATA_ONLY, FIRST_ROW_ONLY);
$newsletter_email_total = $result['cnt'];
if ($email_to == 'members') {
$emails_total = $members_emails_total;
} else {
if ($email_to == 'admins') {
$emails_total = $admins_emails_total;
} else {
if ($email_to == 'all') {
$emails_total = $members_emails_total + $admins_emails_total;
} else {
if ($email_to == 'newsletter_subscribers') {
$emails_total = $newsletter_email_total;
}
}
}
}
if ($email_to == 'members' || $email_to == 'all') {
$sql = 'SELECT id, first_name, last_name, email, user_name
FROM ' . $this->TABLE_NAME . '
WHERE is_active = 1 AND ' . $member_where_clause . ' email_notifications = 1 AND email != \'\'
ORDER BY id ASC';
$result = database_query($sql, DATA_AND_ROWS, ALL_ROWS);
for ($i = 0; $i < $result[1]; $i++) {
$body_middle = str_ireplace('{FIRST NAME}', $result[0][$i]['first_name'], $message);
$body_middle = str_ireplace('{LAST NAME}', $result[0][$i]['last_name'], $body_middle);
$body_middle = str_ireplace('{USER NAME}', $result[0][$i]['user_name'], $body_middle);
$body_middle = str_ireplace('{USER EMAIL}', $result[0][$i]['email'], $body_middle);
if (send_email_wo_template($result[0][$i]['email'], $admin_email, $subject, $body_middle)) {
$emails_sent++;
}
}
}
if ($email_to == 'admins' || $email_to == 'all') {
$sql = 'SELECT id, first_name, last_name, email, user_name
FROM ' . TABLE_ACCOUNTS . '
WHERE is_active = 1 AND email != \'\'
ORDER BY id ASC';
$result = database_query($sql, DATA_AND_ROWS, ALL_ROWS);
for ($i = 0; $i < $result[1]; $i++) {
$body_middle = str_ireplace('{FIRST NAME}', $result[0][$i]['first_name'], $message);
$body_middle = str_ireplace('{LAST NAME}', $result[0][$i]['last_name'], $body_middle);
$body_middle = str_ireplace('{USER NAME}', $result[0][$i]['user_name'], $body_middle);
$body_middle = str_ireplace('{USER EMAIL}', $result[0][$i]['email'], $body_middle);
if (send_email_wo_template($result[0][$i]['email'], $admin_email, $subject, $body_middle)) {
$emails_sent++;
}
}
}
if ($email_to == 'newsletter_subscribers') {
$sql = 'SELECT email FROM ' . TABLE_NEWS_SUBSCRIBED . ' WHERE email != \'\' ORDER BY id ASC';
$result = database_query($sql, DATA_AND_ROWS, ALL_ROWS);
for ($i = 0; $i < $result[1]; $i++) {
$body_middle = $message;
if (send_email_wo_template($result[0][$i]['email'], $admin_email, $subject, $body_middle)) {
$emails_sent++;
}
}
}
if ($send_copy_to_admin == '1') {
send_email_wo_template($admin_email, $admin_email, $subject . ' (admin copy)', $message);
}
}
if ($emails_sent) {
Session::Set('email_random_code', $email_post_code);
$msg = str_replace('_SENT_', $emails_sent, _EMAILS_SUCCESSFULLY_SENT);
$msg = str_replace('_TOTAL_', $emails_total, $msg);
$this->error = false;
draw_success_message($msg);
} else {
$this->error = true;
draw_important_message(_EMAILS_SENT_ERROR);
}
} else {
draw_important_message(_EMAIL_FIELDS_EMPTY_ALERT);
}
}
/**
* Change Parameter
* @param $param_val
*/
public function ChangeLang($param_val)
{
// deny all operations in demo version
if (strtolower(SITE_MODE) == 'demo') {
return draw_important_message(_OPERATION_BLOCKED, false);
}
global $objLogin;
if (!empty($param_val)) {
$sql = 'UPDATE ' . TABLE_ACCOUNTS . ' SET preferred_language = ' . quote_text(encode_text($param_val)) . ' WHERE id = ' . (int) $this->account_id;
if (database_void_query($sql)) {
$this->preferred_language = $param_val;
$objLogin->SetPreferredLang($param_val);
return draw_success_message(_SETTINGS_SAVED, false);
} else {
return draw_important_message(_TRY_LATER, false);
}
} else {
return draw_important_message(str_replace('_FIELD_', _PREFERRED_LANGUAGE, _FIELD_CANNOT_BE_EMPTY), false);
}
}
}
}
}
}
}
// Start main content
draw_title_bar(prepare_breadcrumbs(array(_MODULES => '', _GALLERY => '', _GALLERY_SETTINGS => '', ucfirst($action) => '')));
echo '<br />';
//if($objSession->IsMessage('notice')) echo $objSession->GetMessage('notice');
echo $msg;
draw_content_start();
if ($mode == 'view') {
$objGallery->DrawViewMode();
} else {
if ($mode == 'add') {
$objGallery->DrawAddMode();
} else {
if ($mode == 'edit') {
$objGallery->DrawEditMode($rid);
} else {
if ($mode == 'details') {
$objGallery->DrawDetailsMode($rid);
}
}
}
}
draw_content_end();
} else {
draw_title_bar(_ADMIN);
draw_important_message(_NOT_AUTHORIZED);
}
/**
* Draws Contact Us form
* @param $draw
*/
public function DrawContactUsForm($draw = true)
{
global $objSettings, $objSiteDescription, $objLogin;
$align_left = Application::Get('defined_left');
$align_right = Application::Get('defined_right');
if (!Modules::IsModuleInstalled('contact_us')) {
return '';
}
$output = '';
$from_email = $objSettings->GetParameter('admin_email');
$admin_email = ModulesSettings::Get('contact_us', 'email');
$delay_length = ModulesSettings::Get('contact_us', 'delay_length');
$is_send_delay = ModulesSettings::Get('contact_us', 'is_send_delay');
$image_verification = ModulesSettings::Get('contact_us', 'image_verification_allow');
$focus_element = '';
// post fields
$task = isset($_POST['task']) ? prepare_input($_POST['task']) : '';
$first_name = isset($_POST['first_name']) ? prepare_input($_POST['first_name']) : '';
$last_name = isset($_POST['last_name']) ? prepare_input($_POST['last_name']) : '';
$email = isset($_POST['email']) ? prepare_input($_POST['email']) : '';
$phone = isset($_POST['phone']) ? prepare_input($_POST['phone']) : '';
$subject = isset($_POST['subject']) ? prepare_input($_POST['subject']) : '';
$message = isset($_POST['message']) ? prepare_input($_POST['message']) : '';
$captcha_code = isset($_POST['captcha_code']) ? prepare_input($_POST['captcha_code']) : '';
$msg = '';
$contact_mail_sent = (bool) Session::Get('contact_mail_sent');
$contact_mail_sent_time = Session::Get('contact_mail_sent_time');
if ($image_verification == 'yes') {
include_once 'modules/captcha/securimage.php';
$objImg = new Securimage();
}
if ($task == 'contact') {
$time_elapsed = time_diff(date('Y-m-d H:i:s'), $contact_mail_sent_time);
if ($contact_mail_sent && $is_send_delay == 'yes' && $time_elapsed < $delay_length) {
$msg = draw_message(str_replace('_WAIT_', $delay_length - $time_elapsed, _CONTACT_US_ALREADY_SENT), false);
} else {
if ($first_name == '') {
$msg = draw_important_message(_FIRST_NAME_EMPTY_ALERT, false);
$focus_element = 'first_name';
} else {
if ($last_name == '') {
$msg = draw_important_message(_LAST_NAME_EMPTY_ALERT, false);
$focus_element = 'last_name';
} else {
if ($email == '') {
$msg = draw_important_message(_EMAIL_EMPTY_ALERT, false);
$focus_element = 'email';
} else {
if ($email != '' && !check_email_address($email)) {
$msg = draw_important_message(_EMAIL_VALID_ALERT, false);
$focus_element = 'email';
} else {
if ($subject == '') {
$msg = draw_important_message(_SUBJECT_EMPTY_ALERT, false);
$focus_element = 'subject';
#}else if($phone == ''){
# $msg = draw_important_message(str_replace('_FIELD_', _PHONE, _FIELD_CANNOT_BE_EMPTY), false);
# $focus_element = 'phone';
} else {
if ($message == '') {
$msg = draw_important_message(_MESSAGE_EMPTY_ALERT, false);
$focus_element = 'message';
} else {
if (strlen($message) > 1024) {
$msg = draw_important_message(str_replace(array('_FIELD_', '_LENGTH_'), array('<b>' . _MESSAGE . '</b>', 1024), _FIELD_LENGTH_EXCEEDED), false);
$focus_element = 'message';
} else {
if ($image_verification == 'yes' && !$objImg->check($captcha_code)) {
$msg = draw_important_message(_WRONG_CODE_ALERT, false);
$focus_element = 'captcha_code';
}
}
}
}
}
}
}
}
// deny all operations in demo version
if (strtolower(SITE_MODE) == 'demo') {
$msg = draw_important_message(_OPERATION_BLOCKED, false);
}
if ($msg == '') {
////////////////////////////////////////////////////////////
send_email_wo_template($admin_email, $from_email, 'Question from visitor (via Contact Us - ' . $objSiteDescription->GetParameter('header_text') . ')', _FIRST_NAME . ': ' . str_replace('\\', '', $first_name) . '<br />' . _LAST_NAME . ': ' . str_replace('\\', '', $last_name) . '<br />' . _EMAIL_ADDRESS . ': ' . str_replace('\\', '', $email) . '<br />' . _PHONE . ': ' . str_replace('\\', '', $phone) . '<br />' . _SUBJECT . ': ' . str_replace('\\', '', $subject) . '<br />' . _MESSAGE . ': ' . str_replace('\\', '', $message));
////////////////////////////////////////////////////////////
$msg = draw_success_message(_CONTACT_US_EMAIL_SENT, false);
Session::Set('contact_mail_sent', true);
Session::Set('contact_mail_sent_time', date('Y-m-d H:i:s'));
$first_name = $last_name = $email = $phone = $subject = $message = '';
}
}
}
$output .= ($msg != '' ? $msg . '<br />' : '') . '
<form method="post" name="frmContactUs" id="frmContactUs">
' . draw_hidden_field('task', 'contact', false) . '
' . draw_token_field(false) . '
<table class="tblContactUs" border="0" width="99%">
<tbody>
<tr>
<td width="25%" align="' . $align_right . '">' . _FIRST_NAME . ':</td>
<td><span class="mandatory_star">*</span></td>
<td nowrap="nowrap" align="' . $align_left . '"><input type="text" id="first_name" name="first_name" size="34" maxlength="40" value="' . decode_text($first_name) . '" autocomplete="off" /></td>
</tr>
<tr>
<td align="' . $align_right . '">' . _LAST_NAME . ':</td>
<td><span class="mandatory_star">*</span></td>
<td nowrap="nowrap" align="' . $align_left . '"><input type="text" id="last_name" name="last_name" size="34" maxlength="40" value="' . decode_text($last_name) . '" autocomplete="off" /></td>
</tr>
<tr>
<td align="' . $align_right . '">' . _EMAIL_ADDRESS . ':</td>
<td><span class="mandatory_star">*</span></td>
<td nowrap="nowrap" align="' . $align_left . '"><input type="text" id="email" name="email" size="34" maxlength="70" value="' . decode_text($email) . '" autocomplete="off" /></td>
</tr>
<tr>
<td align="' . $align_right . '">' . _PHONE . ':</td>
<td></td>
<td nowrap="nowrap" align="' . $align_left . '"><input type="text" id="phone" name="phone" size="22" maxlength="40" value="' . decode_text($phone) . '" autocomplete="off" /></td>
</tr>
<tr>
<td align="' . $align_right . '">' . _SUBJECT . ':</td>
<td><span class="mandatory_star">*</span></td>
<td nowrap="nowrap" align="' . $align_left . '"><input type="text" id="subject" name="subject" style="width:385px;" maxlength="128" value="' . decode_text($subject) . '" autocomplete="off" /></td>
</tr>
<tr valign="top">
<td align="' . $align_right . '">' . _MESSAGE . ':</td>
<td><span class="mandatory_star">*</span></td>
<td nowrap="nowrap" align="' . $align_left . '">
<textarea id="message" name="message" style="width:385px;" maxlength="1024" rows="8">' . $message . '</textarea>
</td>
</tr>
<tr>
<td colspan="2"></td>
<td>';
if ($image_verification == 'yes') {
$output .= '<table border="0">
<tr>
<td>
<img id="captcha_image" src="' . APPHP_BASE . 'modules/captcha/securimage_show.php?sid=' . md5(uniqid(time())) . '" />
</td>
<td width="30px" align="center">
<img style="cursor:pointer; padding:0px; margin:0px;" id="captcha_image_reload"
src="modules/captcha/images/refresh.gif" style="cursor:pointer;"
onclick="document.getElementById(\'captcha_image\').src = \'modules/captcha/securimage_show.php?sid=\' + Math.random(); appSetFocus(\'captcha_code\'); return false;" title="' . _REFRESH . '" alt="' . _REFRESH . '" /><br />
<a href="modules/captcha/securimage_play.php"><img border="0" style="padding:0px; margin:0px;" id="captcha_image_play" src="modules/captcha/images/audio_icon.gif" title="' . _PLAY . '" alt="' . _PLAY . '" /></a>
</td>
<td align="left">
' . _TYPE_CHARS . '<br />
<input type="text" name="captcha_code" id="captcha_code" style="width:175px;margin-top:5px;" value="" maxlength="20" autocomplete="off" />
</td>
</tr>
</table>';
}
$output .= '</td>
</tr>
<tr><td height="25" nowrap colspan="3"></td></tr>
<tr>
<td colspan="3" align="center">
<input type="submit" ' . ($objLogin->IsLoggedInAsAdmin() ? 'disabled' : '') . ' class="form_button" name="btnSubmitPD" id="btnSubmitPD" value="' . _SEND . '" />
</td>
</tr>
<tr><td height="25" nowrap colspan="3"></td></tr>
</table>
</form>';
if ($focus_element != '') {
$output .= '<script type="text/javascript">appSetFocus(\'' . $focus_element . '\');</script>';
}
if ($draw) {
echo $output;
} else {
return $output;
}
}
