function header($header_text = '', $head = false, $menu = false)
 {
     if ($this->head || $head) {
         echoheader('', $header_text);
     }
     if ($menu && $this->menu) {
         return $this->show_return($this->menu);
     }
 }
Beispiel #2
0
function help_invoke_main()
{
    $section = REQ('section');
    $path = SKIN . '/help/sections/';
    $scan = scan_dir($path);
    $result = array();
    foreach ($scan as $id) {
        $id = str_replace('.tpl', '', $id);
        if (!$section || $section && $section == $id) {
            $result[$id] = proc_tpl("help/sections/{$id}");
        }
    }
    cn_assign('help_sections', $result);
    if ($section) {
        echo exec_tpl('window', "style=help/style.css", "title=HELP - {$section}", 'content=' . exec_tpl('help/main'));
    } else {
        echoheader('-@help/style.css', 'Help section');
        echo exec_tpl('help/main');
        echofooter();
    }
}
 public function header($header_text = '', $menu = false, $subhead = '', $css = array(), $script = array())
 {
     if ($this->head) {
         echoheader('', $header_text);
         echo $this->superhead;
         echo $this->style;
         foreach ($css as $cs) {
             echo '<style type="text/css" media="all">@import url(' . $cs . ");</style>\n";
         }
         echo $this->script;
         foreach ($script as $sc) {
             echo '<script type="text/javascript" src="' . $sc . "\"></script>\n";
         }
         echo $this->subhead;
         echo $subhead;
     }
     $this->head = FALSE;
     if ($menu && $this->menu) {
         return $this->show_return($this->menu);
     }
 }
Beispiel #4
0
\t</div>
\t
   </div>
</div>
</form>
HTML;
    echofooter();
} else {
    if ($_REQUEST['action'] == "del" and $id) {
        if ($_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash) {
            die("Hacking attempt! User not found");
        }
        $db->query("DELETE FROM " . PREFIX . "_rss WHERE id = '{$id}'");
        $db->query("INSERT INTO " . USERPREFIX . "_admin_logs (name, date, ip, action, extras) values ('" . $db->safesql($member_id['name']) . "', '{$_TIME}', '{$_IP}', '50', '{$id}')");
    }
    echoheader("<i class=\"icon-rss\"></i>" . $lang['opt_rss'], $lang['header_rs_1']);
    $db->query("SELECT id, url, description FROM " . PREFIX . "_rss ORDER BY id DESC");
    while ($row = $db->get_row()) {
        $row['description'] = stripslashes($row['description']);
        $menu_link = <<<HTML
        <div class="btn-group">
          <button class="btn btn-default dropdown-toggle" data-toggle="dropdown"><i class="icon-cog"></i> {$lang['filter_action']} <span class="caret"></span></button>
          <ul class="dropdown-menu text-left">
            <li><a href="?mod=rss&action=news&id={$row['id']}"><i class="icon-download"></i> {$lang['rss_news']}</a></li>
            <li><a href="?mod=rss&action=edit&id={$row['id']}"><i class="icon-pencil"></i> {$lang['rss_edit']}</a></li>
\t\t\t<li class="divider"></li>
            <li><a href="?mod=rss&action=del&user_hash={$dle_login_hash}&id={$row['id']}"><i class="icon-trash"></i> {$lang['rss_del']}</a></li>
          </ul>
        </div>
HTML;
        $entries .= "\n    <tr>\n    <td><b>{$row['id']}</b></td>\n    <td style=\"word-break: break-all;\">{$row['url']}</td>\n    <td>{$row['description']}</td>\n    <td>{$menu_link}</td>\n     </tr>";
Beispiel #5
0
\t\t  <label class="control-label col-lg-2"></label>
\t\t  <div class="col-lg-10">
\t\t\t<input type="button" onClick="send(); return false;" class="btn btn-green" value="{$lang['btn_send']}">&nbsp;
        <input onClick="preview()" type="button" class="btn btn-gray" value="{$lang['btn_preview']}">
\t\t  </div>
\t\t </div>\t
\t\t
\t</div>
\t
   </div>
</div>\t\t
</form>\t\t
HTML;
    echofooter();
} else {
    echoheader("<i class=\"icon-envelope\"></i>" . $lang['main_newsl'], $lang['header_ne_1']);
    $group_list = get_groups();
    echo <<<HTML
<form method="GET" action="" class="form-horizontal">
<input type="hidden" name="mod" value="newsletter">
<input type="hidden" name="action" value="message">
<div class="box">
  <div class="box-header">
    <div class="title">{$lang['nl_main']}</div>
  </div>
  <div class="box-content">

\t<div class="row box-section">
\t
\t\t<div class="form-group">
\t\t  <label class="control-label col-lg-2">{$lang['nl_type']}</label>
Beispiel #6
0
    if ($row['id'] and $row['id'] != $catid) {
        msg("error", $lang['cat_error'], $lang['cat_eradd'], "javascript:history.go(-1)");
    }
    if (in_array($parentid, get_sub_cats($catid))) {
        msg("error", $lang['cat_error'], $lang['cat_noparentid'], "{$PHP_SELF}?mod=categories");
    }
    $db->query("UPDATE " . PREFIX . "_category set parentid='{$parentid}', name='{$cat_name}', alt_name='{$alt_cat_name}', icon='{$cat_icon}', skin='{$skin_name}', descr='{$description}', keywords='{$keywords}', news_sort='{$news_sort}', news_msort='{$news_msort}', news_number='{$news_number}', short_tpl='{$short_tpl}', full_tpl='{$full_tpl}', metatitle='{$meta_title}' WHERE id='{$catid}'");
    $db->query("INSERT INTO " . USERPREFIX . "_admin_logs (name, date, ip, action, extras) values ('" . $db->safesql($member_id['name']) . "', '{$_TIME}', '{$_IP}', '14', '{$cat_name}')");
    @unlink(ENGINE_DIR . '/cache/system/category.php');
    clear_cache();
    msg("info", $lang['cat_editok'], $lang['cat_editok_1'], "{$PHP_SELF}?mod=categories");
}
// ********************************************************************************
// List all Categories
// ********************************************************************************
echoheader("options", $lang['cat_head']);
$categorylist = CategoryNewsSelection(0, 0);
$skinlist = SelectSkin('');
echo <<<HTML
<form method="post" action="">
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
    <tr>
        <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
        <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
        <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
    </tr>
    <tr>
        <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
        <td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
Beispiel #7
0
        die("Hacking attempt! User not found");
    }
    $selected_complaint = $_POST['selected_complaint'];
    if (!$selected_complaint) {
        msg("error", $lang['mass_error'], $lang['opt_complaint_6'], "?mod=complaint");
    }
    foreach ($selected_complaint as $complaint) {
        $complaint = intval($complaint);
        $db->query("DELETE FROM " . PREFIX . "_complaint WHERE id = '{$complaint}'");
    }
    $db->query("INSERT INTO " . USERPREFIX . "_admin_logs (name, date, ip, action, extras) values ('" . $db->safesql($member_id['name']) . "', '{$_TIME}', '{$_IP}', '22', '')");
    header("Location: ?mod=complaint");
    die;
}
$found = false;
echoheader("", "");
echo <<<HTML
<script type="text/javascript">
<!-- begin
function popupedit( name ){

\t\tvar rndval = new Date().getTime(); 

\t\t\$('body').append('<div id="modal-overlay" style="position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: #666666; opacity: .40;filter:Alpha(Opacity=40); z-index: 999; display:none;"></div>');
\t\t\$('#modal-overlay').css({'filter' : 'alpha(opacity=40)'}).fadeIn('slow');
\t
\t\t\$("#dleuserpopup").remove();
\t\t\$("body").append("<div id='dleuserpopup' title='{$lang['user_edhead']}' style='display:none'></div>");
\t
\t\t\$('#dleuserpopup').dialog({
\t\t\tautoOpen: true,
Beispiel #8
0
\t\t </div>\t\t 
\t</div>
\t
   </div>
</div>
<input type="hidden" name="user_hash" value="{$dle_login_hash}" />
</form>
<script type="text/javascript">
\t\$(function(){
\t\t  \$(".cat_select").chosen({allow_single_deselect:true, no_results_text: '{$lang['addnews_cat_fault']}'});
\t});
</script>
HTML;
    echofooter();
} else {
    echoheader("<i class=\"icon-bar-chart\"></i>" . $lang['header_votes'], $lang['editvote']);
    echo "\n <script language=\"javascript\">\n <!-- begin\n    function confirmdelete(id){\n\t    DLEconfirm( '{$lang['vote_confirm']}', '{$lang['p_confirm']}', function () {\n\t\t\tdocument.location=\"?mod=editvote&action=delete&user_hash={$dle_login_hash}&id=\"+id;\n\t\t} );\n    }\n    function confirmclear(id){\n\t    DLEconfirm( '{$lang['vote_clear']}', '{$lang['p_confirm']}', function () {\n\t\t\tdocument.location=\"?mod=editvote&action=clear&user_hash={$dle_login_hash}&id=\"+id;\n\t\t} );\n    }\n // end -->\n </script>";
    $db->query("SELECT * FROM " . PREFIX . "_vote ORDER BY id DESC");
    $entries = "";
    while ($row = $db->get_row()) {
        $item_id = $row['id'];
        $item_date = date("d.m.Y", strtotime($row['date']));
        $title = htmlspecialchars(stripslashes($row['title']), ENT_QUOTES, $config['charset']);
        if ($row['start']) {
            $start_date = date("d.m.Y H:i", $row['start']);
        } else {
            $start_date = "--";
        }
        if ($row['end']) {
            $end_date = date("d.m.Y H:i", $row['end']);
        } else {
Beispiel #9
0
    if ($row['votes']) {
        $poll = $db->super_query("SELECT * FROM " . PREFIX . "_poll where news_id = '{$row['id']}'");
        $poll['title'] = $parse->decodeBBCodes($poll['title'], false);
        $poll['frage'] = $parse->decodeBBCodes($poll['frage'], false);
        $poll['body'] = $parse->decodeBBCodes($poll['body'], false);
        $poll['multiple'] = $poll['multiple'] ? "checked" : "";
    }
    $expires = $db->super_query("SELECT * FROM " . PREFIX . "_post_log where news_id = '{$row['id']}'");
    if ($expires['expires']) {
        $expires['expires'] = date("Y-m-d", $expires['expires']);
    }
    $js_array[] = "engine/skins/calendar.js";
    $js_array[] = "engine/skins/tabs.js";
    $js_array[] = "engine/skins/autocomplete.js";
    $js_array[] = "engine/skins/chosen/chosen.js";
    echoheader("editnews", $lang['edit_head']);
    if (!$user_group[$member_id['user_group']]['allow_html']) {
        $config['allow_admin_wysiwyg'] = 0;
    }
    // Доп. поля
    $xfieldsaction = "categoryfilter";
    include ENGINE_DIR . '/inc/xfields.php';
    echo $categoryfilter;
    echo <<<HTML
<script type="text/javascript">
<!-- begin
function popupedit( name ){

\t\tvar rndval = new Date().getTime(); 

\t\t\$('body').append('<div id="modal-overlay" style="position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: #666666; opacity: .40;filter:Alpha(Opacity=40); z-index: 999; display:none;"></div>');
Beispiel #10
0
function msg($type, $title, $text, $back = FALSE)
{
    global $lang;
    if ($back) {
        $back = "<br /><br> <a class=main href=\"{$back}\">{$lang['func_msg']}</a>";
    }
    echoheader($type, $title);
    echo <<<HTML
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
    <tr>
        <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
        <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
        <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
    </tr>
    <tr>
        <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
        <td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
    <tr>
        <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$title}</div></td>
    </tr>
</table>
<div class="unterline"></div>
<table width="100%">
    <tr>
        <td height="100" align="center">{$text} {$back}</td>
    </tr>
</table>
</td>
        <td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
    </tr>
    <tr>
        <td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
        <td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
        <td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
    </tr>
</table>
</div>
HTML;
    echofooter();
    exit;
}
Beispiel #11
0
 http://dle-news.ru/
-----------------------------------------------------
 Copyright (c) 2004,2013 SoftNews Media Group
=====================================================
 Данный код защищен авторскими правами
=====================================================
 Файл: main.php
-----------------------------------------------------
 Назначение: Статистика и автопроверка
=====================================================
*/
if (!defined('DATALIFEENGINE') or !defined('LOGGED_IN')) {
    die("Hacking attempt!");
}
$js_array[] = "engine/skins/tabset.js";
echoheader("home", "");
$config['max_users_day'] = intval($config['max_users_day']);
$maxmemory = @ini_get('memory_limit') != '' ? @ini_get('memory_limit') : $lang['undefined'];
$disabledfunctions = strlen(ini_get('disable_functions')) > 1 ? @ini_get('disable_functions') : $lang['undefined'];
$disabledfunctions = str_replace(",", ", ", $disabledfunctions);
$safemode = @ini_get('safe_mode') == 1 ? $lang['safe_mode_on'] : $lang['safe_mode_off'];
$licence = $lang['licence_full'];
$offline = $config['site_offline'] == "no" ? $lang['safe_mode_on'] : "<font color=\"red\">" . $lang['safe_mode_off'] . "</font>";
if (function_exists('apache_get_modules')) {
    if (array_search('mod_rewrite', apache_get_modules())) {
        $mod_rewrite = $lang['safe_mode_on'];
    } else {
        $mod_rewrite = "<font color=\"red\">" . $lang['safe_mode_off'] . "</font>";
    }
} else {
    $mod_rewrite = $lang['undefined'];
Beispiel #12
0
     $format_file = strtolower(end(explode('.', $file_open)));
     if (is_writable($file_open) && in_array($format_file, $allowed_extensions) && file_exists($file_open)) {
         $file = fopen($file_open, "r+");
         file_put_contents($file_open, '');
         fputs($file, $content);
         fclose($file);
         echo 'Файл шаблона был успешно сохранён!';
     } else {
         echo 'Файл шаблона не найден';
     }
     die;
     break;
     //################### Главная ###################//
 //################### Главная ###################//
 default:
     echoheader(900);
     //Если загружаем другой шаблон
     if (isset($_POST['chahe_skin'])) {
         $config['temp'] = strip_data($_POST['newtemp']);
     }
     echohtmlstart("Управление шаблонами");
     //Чтение всех шаблон в папке "templates"
     $root = ROOT_DIR . '/templates/';
     $root_dir = scandir($root);
     foreach ($root_dir as $templates) {
         if ($templates != '.' && $templates != '..' && $templates != '.htaccess') {
             $for_select .= str_replace('value="' . $config['temp'] . '"', 'value="' . $config['temp'] . '" selected', '<option value="' . $templates . '">' . $templates . '</option>');
         }
     }
     echo "<form method=\"POST\" action=\"\"><div class=\"fllogall\" style=\"width:240px\">Выбранный шаблон для редактирования:</div>\r\n\t\t<select name=\"newtemp\" class=\"inpu fl_l\">{$for_select}</select>\r\n\t\t<div class=\"button_div fl_l\" style=\"margin-left:10px;margin-top:-10px;margin-bottom:5px\"><button name=\"chahe_skin\" class=\"inp\" >Выполнить</button></div>\r\n\t\t<div class=\"mgcler\"></div></form>";
     htmlclear();
Beispiel #13
0
        $regemail = sane_post_var($regemail);
        $regpassword = sane_post_var($regpassword);
        $all_users = file("./data/users.db.php");
        foreach ($all_users as $user_line) {
            $user_arr = explode("|", $user_line);
            if ($user_arr[2] == $regusername) {
                msg("error", "Username Conflict", "This username is already taken");
            }
        }
        $add_time = time() + $config_date_adjust * 60;
        $regpassword = md5(md5($regpassword));
        $old_users_file = file("./data/users.db.php");
        $new_users_file = fopen("./data/users.db.php", "a");
        fwrite($new_users_file, "{$add_time}|{$config_users_deflevel}|{$regusername}|{$regpassword}|{$regnickname}|{$regemail}|0|0||||||||\n");
        fclose($new_users_file);
        msg("user", "Commenter Added", "You were successfully added to our database.<br />You may now <a href=\"index.php\">login</a>.");
    } else {
        echoheader("user", "Please Login");
        echo "<div style=\"float: left;\">\n     <form  id=\"login\" action=\"{$PHP_SELF}\" method=\"post\">\n       \t<p>\n       \t<label for=\"username\">Username</label><br />\n       \t<input tabindex=\"1\" size=\"28\" id=\"username\" type=\"text\" name=\"username\" value=\"{$lastusername}\" />\n       \t</p>\n       \t<p>\n       \t<label for=\"password\">Password</label><br />\n       \t<input tabindex=\"2\" size=\"28\" id=\"password\" type=\"password\" name=\"password\" />\n       \t</p>\n       \t<p>\n\t\t<input tabindex=\"3\" accesskey=\"s\" type=\"submit\" value=\"      Login...      \" />\n\t\t</p>\n\t\t<p>\n\t\t{$result}\n\t\t<input type=\"hidden\" name=\"action\" value=\"dologin\" />\n\t\t</p>\n     </form>\n\t";
        if ($config_users_selfregister == "allow") {
            echo "<form id=\"newreg\" action=\"{$PHP_SELF}\" method=\"post\">\n\t\t\t<p>\n\t\t\t\t<input type=\"hidden\" name=\"action\" value=\"registerform\" />\n\t\t\t\t<input type=\"submit\" accesskey=\"n\" size=\"28\" tabindex=\"4\" value=\"New user\" />\n\t\t\t</p>\n\t\t\t</form>";
        }
        echo "\n\t</div>";
    }
    echo "\n<div id=\"main_boxcontent\">\n\t<div class=\"boxcontent_box\">\n\t<h3>About AJ-Fork</h3>\n<p>\nAj-Fork is a branch of the CuteNews script by <a href=\"http://www.cutephp.com\">CutePHP / Flexer</a>. It focuses on adding\nuseful hacks, security updates, a plugin architecture and general code updates in the absence of periodical official CuteNews releases.</p>\n<p>AJ-Fork is Licensed under the GNU GPL license (inherited from CuteNews - read the accompanying LICENSE file).</p>\n<p>Copyright 2004 <a href=\"http://appelsinjuice.org/\">Øivind Hoel</a>\n</p>\n\t</div>\n</div>\n";
    echofooter();
} elseif ($is_loged_in == TRUE) {
    //----------------------------------
    // Check Referer
    //----------------------------------
    if ($config_check_referer == TRUE) {
Beispiel #14
0
            $category_list[] = $value;
        } else {
            $category_list[] = intval($value);
        }
    }
    $category = $db->safesql(implode(',', $category_list));
    $title = $db->safesql($parse->BB_Parse($parse->process($_POST['title']), false));
    $body = $db->safesql($parse->BB_Parse($parse->process($_POST['body']), false));
    $id = intval($_REQUEST['id']);
    $db->query("UPDATE " . PREFIX . "_vote set category='{$category}', title='{$title}', body='{$body}', start='{$start_date}', end='{$end_date}' where id={$id}");
    @unlink(ENGINE_DIR . '/cache/system/vote.php');
    $db->query("INSERT INTO " . USERPREFIX . "_admin_logs (name, date, ip, action, extras) values ('" . $db->safesql($member_id['name']) . "', '{$_TIME}', '{$_IP}', '3', '{$title}')");
    msg("info", $lang['vote_str_4'], $lang['vote_str_4'], "?mod=editvote");
} elseif (!$stop) {
    $js_array[] = "engine/skins/calendar.js";
    echoheader("vote", $lang[addvote]);
    $canedit = false;
    $start_date = "";
    $stop_date = "";
    // ********************************************************************************
    // Add Form
    // ********************************************************************************
    if ($_GET['action'] == "edit" && $id != '') {
        $canedit = true;
        $row = $db->super_query("SELECT * FROM " . PREFIX . "_vote WHERE id='{$id}' LIMIT 0,1");
        $title = $parse->decodeBBCodes($row['title'], false);
        $body = $parse->decodeBBCodes($row['body'], false);
        $icategory = explode(',', $row['category']);
        if ($row['category'] == "all") {
            $all_cats = "selected";
        } else {
Beispiel #15
0
        user_addban($add_ip);
    }
    // from editcomments
    if ($action == "quickadd") {
        die_stat(false, str_replace('%1', $add_ip, lang('The IP %1 is now banned from commenting')));
    }
} elseif ($action == "remove") {
    if (empty($remove_ip)) {
        msg("error", lang('Error!'), lang("The IP or nick cannot be blank"), '#GOBACK');
    }
    user_remove_ban($remove_ip);
}
// ********************************************************************************
// List all IP
// ********************************************************************************
echoheader("options", lang("Blocking IP / Nickname"), make_breadcrumbs('main/options=options/Block IP or nickname'));
$c = 0;
$iplist = array();
// read all lines
$ips = fopen(SERVDIR . '/cdata/ipban.db.php', 'r');
while (!feof($ips)) {
    $dip = explode('|', fgets($ips));
    if (empty($dip[0])) {
        continue;
    }
    if (substr($dip[0], 0, 2) == '<' . '?') {
        continue;
    }
    $e = $dip[2] ? format_date($dip[2], 'since-short') : 'never';
    $iplist[] = array('ip' => $dip[0], 'bg' => $c++ % 2 ? 'bgcolor="#F7F8FF"' : '', 'times' => $dip[1], 'expire' => $e);
}
Beispiel #16
0
        item_category = document.all["category"];
      } else if (document.layers) {
        item_type = document.layers["type"];
        item_category = document.layers["category"];
      }
      if (item_type) {
        onTypeChange(item_type.value);
        onCategoryChange(item_category.value);
      }
    // -->
    </script>
<?php 
                echofooter();
                break;
            default:
                echoheader("options", "");
                ?>
<form action="<?php 
                echo $_SERVER["PHP_SELF"];
                ?>
" method="get" name="xfieldsform">
<input type="hidden" name="mod" value="xfields">
<input type="hidden" name="xfieldsaction" value="configure">
<input type="hidden" name="xfieldssubactionadd" value="">
<input type="hidden" name="user_hash" value="<?php 
                echo $dle_login_hash;
                ?>
">
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
    <tr>
Beispiel #17
0
}
if (file_exists(ROOT_DIR . '/language/' . $selected_language . '/adminlogs.lng')) {
    require_once ROOT_DIR . '/language/' . $selected_language . '/adminlogs.lng';
}
$start_from = intval($_REQUEST['start_from']);
$config['adminlog_maxdays'] = intval($config['adminlog_maxdays']);
$news_per_page = 50;
if ($start_from < 0) {
    $start_from = 0;
}
if ($config['adminlog_maxdays'] < 30) {
    $config['adminlog_maxdays'] = 30;
}
$thisdate = $_TIME - $config['adminlog_maxdays'] * 3600 * 24;
$db->query("DELETE FROM " . USERPREFIX . "_admin_logs WHERE date < '{$thisdate}'");
echoheader("<i class=\"icon-globe\"></i>" . $lang['opt_logs'], $lang['header_log_1']);
if ($action == "auth") {
    $lang['opt_logsc'] = $lang['admin_logs_auth'];
}
echo <<<HTML
<script language="javascript" type="text/javascript">
<!--
function popupedit( name ){

\t\tvar rndval = new Date().getTime(); 

\t\t\$('body').append('<div id="modal-overlay" style="position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: #666666; opacity: .40;filter:Alpha(Opacity=40); z-index: 999; display:none;"></div>');
\t\t\$('#modal-overlay').css({'filter' : 'alpha(opacity=40)'}).fadeIn('slow');
\t
\t\t\$("#dleuserpopup").remove();
\t\t\$("body").append("<div id='dleuserpopup' title='{$lang['user_edhead']}' style='display:none'></div>");
Beispiel #18
0
 Назначение: настройка пользователей
=====================================================
*/
if (!defined('DATALIFEENGINE') or !defined('LOGGED_IN')) {
    die("Hacking attempt!");
}
if (!$user_group[$member_id['user_group']]['admin_editusers']) {
    msg("error", $lang['index_denied'], $lang['index_denied']);
}
$id = intval($_REQUEST['id']);
// ********************************************************************************
// Список пользователей
// ********************************************************************************
if ($action == "list") {
    $js_array[] = "engine/skins/calendar.js";
    echoheader("users", $lang['user_head']);
    echo <<<HTML
<script type="text/javascript">
<!-- begin
function popupedit( id ){

\t\tvar rndval = new Date().getTime(); 

\t\t\$('body').append('<div id="modal-overlay" style="position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: #666666; opacity: .40;filter:Alpha(Opacity=40); z-index: 999; display:none;"></div>');
\t\t\$('#modal-overlay').css({'filter' : 'alpha(opacity=40)'}).fadeIn('slow');
\t
\t\t\$("#dleuserpopup").remove();
\t\t\$("body").append("<div id='dleuserpopup' title='{$lang['user_edhead']}' style='display:none'></div>");
\t
\t\t\$('#dleuserpopup').dialog({
\t\t\tautoOpen: true,
function msg($type, $title, $text, $back = FALSE)
{
    echoheader($type, $title);
    global $lang;
    echo "{$text}";
    if ($back) {
        echo "<br /><br /> <a href=\"{$back}\">go back</a>";
    }
    echofooter();
    exit;
}
Beispiel #20
0
    flock($new_db, LOCK_UN);
    fclose($new_db);
    if (count($selected_news) == $moved_articles) {
        msg("info", lang("News Moved"), str_replace('%1', $moved_articles, lang("All articles that you selected (%1) were moved to the specified category")));
    } else {
        msg("error", lang("News Moved (with errors)"), str_replace(array('%1', '%2'), array($moved_articles, count($selected_news)), lang("%1 of %2 articles that you selected were moved to the specified category")));
    }
} elseif ($action == "mass_archive") {
    if (!$selected_news) {
        msg("error", lang('Error!'), lang("You have not specified any articles"), "#GOBACK");
    }
    if ($source != "") {
        msg("error", lang('Error!'), lang("These news are already archived or are in postpone queue"), "#GOBACK");
    }
    $CSRF = CSRFMake();
    echoheader("options", lang("Send News To Archive"));
    echo "<form method=post action=\"{$PHP_SELF}\">\n    <table border=0 cellpadding=0 cellspacing=0 width=100% height=100%><tr><td >" . lang('Are you sure you want to send all selected news to the archive') . " (<b>" . count($selected_news) . "</b>)?<br><br>\n    <input type=button value=\" No \" onclick=\"javascript:document.location='{$PHP_SELF}?mod=editnews&action=list&source={$source}'\"> &nbsp; <input type=submit value=\"   " . lang('Yes') . "   \">\n    <input type=hidden name=action value=\"do_mass_archive\">\n    <input type=hidden name=csrf_code value=\"{$CSRF}\">\n    <input type=hidden name=mod value=\"massactions\">";
    foreach ($selected_news as $newsid) {
        echo "<input type=hidden name=selected_news[] value=\"{$newsid}\">\n";
    }
    echo "</td></tr></table></form>";
    echofooter();
} elseif ($action == "do_mass_archive") {
    CSRFCheck();
    if ($member_db[UDB_ACL] != ACL_LEVEL_ADMIN) {
        msg("error", lang("Access Denied"), lang("You can not perform this action if you are not admin"), "#GOBACK");
    }
    if (!$selected_news) {
        msg("error", lang('Error!'), lang("You have not specified any articles"), "#GOBACK");
    }
    if (!is_writable(SERVDIR . "/cdata/archives/")) {
Beispiel #21
0
            msg("error", $lang['index_denied'], $lang['static_not_allowed']);
        }
        $row['template'] = htmlspecialchars(stripslashes($row['template']));
    } else {
        if ($row['allow_br'] != '1' or $config['allow_static_wysiwyg'] == "yes") {
            $row['template'] = $parse->decodeBBCodes($row['template'], true, $config['allow_static_wysiwyg']);
        } else {
            $row['template'] = $parse->decodeBBCodes($row['template'], false);
        }
    }
    $skinlist = SelectSkin($row['template_folder']);
    $row['descr'] = stripslashes($row['descr']);
    $row['metatitle'] = stripslashes($row['metatitle']);
    $itemdate = @date("Y-m-d H:i", $row['date']);
    $js_array[] = "engine/skins/calendar.js";
    echoheader("static", "static");
    echo <<<HTML
<!-- calendar stylesheet -->
<link rel="stylesheet" type="text/css" media="all" href="engine/skins/calendar-blue.css" title="win2k-cold-1" />
<script language="javascript">

function CheckStatus(Form){
\tif(Form.allow_date.checked) {
\t\tForm.allow_now.disabled = true;
\t\tForm.allow_now.checked = false;
\t} else {
\t\tForm.allow_now.disabled = false;
\t}
}

function confirmdelete(id) {
Beispiel #22
0
<div class="mgcler"></div>

<div class="fllogall" style="width:140px">&nbsp;</div>
 <input type="submit" value="Сохранить" class="inp" name="save" style="margin-top:0px" />
 <input type="submit" value="Назад" class="inp" style="margin-top:0px" onClick="history.go(-1); return false" />

</form>
HTML;
            echohtmlend();
        }
    } else {
        msgbox('Ошибка', 'Сообщество не найдено', '?mod=groups');
    }
    die;
}
echoheader();
$se_uid = intval($_GET['se_uid']);
if (!$se_uid) {
    $se_uid = '';
}
$se_user_id = intval($_GET['se_user_id']);
if (!$se_user_id) {
    $se_user_id = '';
}
$sort = intval($_GET['sort']);
$se_name = textFilter($_GET['se_name'], false, true);
if ($se_uid or $sort or $se_name or $se_user_id or $_GET['ban'] or $_GET['delet']) {
    if ($se_uid) {
        $where_sql .= "AND id = '" . $se_uid . "' ";
    }
    if ($se_user_id) {
Beispiel #23
0
 }
 function makeDropDown($options, $name, $selected)
 {
     $output = "<select size=1 name=\"{$name}\">\r\n";
     foreach ($options as $value => $description) {
         $output .= "<option value=\"{$value}\"";
         if ($selected == $value) {
             $output .= " selected ";
         }
         $output .= ">{$description}</option>\n";
     }
     $output .= "</select>";
     return $output;
 }
 // ---------- show options
 echoheader("options", lang("System Configuration"), make_breadcrumbs($bc));
 echo proc_tpl('options/syscon.top', array('add_fields' => hook('field_options_buttons')));
 if (!($handle = opendir(SERVDIR . "/skins"))) {
     die_stat(false, "Can not open directory ./skins ");
 }
 while (false !== ($file = readdir($handle))) {
     $file_arr = explode(".", $file);
     if ($file_arr[1] == "skin") {
         $sys_con_skins_arr[$file_arr[0]] = $file_arr[0];
     } elseif ($file_arr[1] == "lang") {
         $sys_con_langs_arr[$file_arr[0]] = $file_arr[0];
     }
 }
 closedir($handle);
 // News
 if (is_dir(SERVDIR . '/core/ckeditor')) {
function msgbox($title, $text, $link = false)
{
    echoheader();
    echohtmlstart($title);
    echo '<center>' . $text . '<br /><a href="' . $link . '">Вернуться назад</a></center>';
    echohtmlend();
}
Beispiel #25
0
    function header()
    {
        echoheader($this->lang['title'] . " v." . $this->config['version'], $this->lang['desc']);
        echo "<link href=\"engine/modules/billing/theme/styles.css\" media=\"screen\" rel=\"stylesheet\" type=\"text/css\" />";
        echo '<script src="engine/modules/billing/theme/highcharts.js"></script>
				  <script src="engine/modules/billing/theme/exporting.js"></script>';
        echo '<script type="text/javascript">
					function checkAll(obj) {
					  var items = obj.form.getElementsByTagName("input"), 
						  len, i;
					  for (i = 0, len = items.length; i < len; i += 1) {
						if (items.item(i).type && items.item(i).type === "checkbox") {          
						  if (obj.checked) {
							items.item(i).checked = true;
						  } else {
							items.item(i).checked = false;
						  }       
						}
					  }
					}

					function selectText(){
					  var oTextBox = document.getElementById("someTextField");
					  oTextBox.focus();
					  oTextBox.select();
					}
					</script>';
        return "";
    }
Beispiel #26
0
    echofooter();
} elseif ($action == "dosaverss") {
    if (strpos($rss_news_include_url, 'http://') === false) {
        msg("error", lang('Error!'), lang("The URL where you include your news must start with <b>http://</b>"));
    }
    $handler = fopen(SERVDIR . "/cdata/rss_config.php", "w") or msg("error", lang('Error!'), "Can not open file ./cdata/rss_config.php");
    fwrite($handler, "<?PHP \n\n//RSS Configurations (Auto Generated file)\n\n");
    fwrite($handler, "\$rss_news_include_url = \"" . htmlspecialchars($rss_news_include_url) . "\";\n\n");
    fwrite($handler, "\$rss_title = \"" . htmlspecialchars($rss_title) . "\";\n\n");
    fwrite($handler, "\$rss_encoding = \"" . htmlspecialchars($rss_encoding) . "\";\n\n");
    fwrite($handler, "\$rss_language = \"" . htmlspecialchars($rss_language) . "\";\n\n");
    fwrite($handler, "?>");
    fclose($handler);
    msg("wizard", lang("RSS Configuration Saved"), lang("The configurations were saved successfully") . ".<br><br><input onClick=\"document.location='{$PHP_SELF}?mod=wizards&action=customizerss';\" type=button value='Proceed With RSS Customization >>'>");
} elseif ($action == "customizerss") {
    echoheader("wizard", lang("RSS Customization"), make_breadcrumbs('main/options=options/wizards=Choose Wizards/wizards:rss=Rss Setup/wizards:rss_step2=Configuration/Complete'));
    // Detect the categories (if any)
    $cat_lines = file(SERVDIR . "/cdata/category.db.php");
    if (count($cat_lines) > 0) {
        $cat_options .= '<select style="" id=categories multiple size=5>' . "\n";
        foreach ($cat_lines as $single_line) {
            $cat_arr = explode("|", $single_line);
            $cat_options .= "<option value=\"{$cat_arr['0']}\">(ID:{$cat_arr['0']}) {$cat_arr['1']}</option>\n";
        }
        $cat_options .= "</select><br><label for=allcategories><input onclick=\"if(this.checked){getElementById('categories').style.display='none';}else{getElementById('categories').style.display='';}\" type=checkbox id=allcategories value=yes>" . lang('Or show from all Categories') . "</label>";
    } else {
        $cat_options = lang("You do not have any categories") . ". <input type=hidden id=categories><input type=hidden id=allcategories>";
    }
    // Show the HTML
    echo proc_tpl('wizard/customizerss', array('config_http_script_dir' => $config_http_script_dir, 'cat_options' => $cat_options));
    echofooter();
Beispiel #27
0
        if (stripos($image, ".htaccess") !== false) {
            die("Hacking attempt!");
        }
        $img_name_arr = explode(".", $image);
        $type = totranslit(end($img_name_arr));
        if (!in_array($type, $allowed_extensions)) {
            die("Hacking attempt!");
        }
        @unlink($config_path_image_upload . $image);
        @unlink($config_path_image_upload . "thumbs/" . $image);
        @unlink($config_path_image_upload . "medium/" . $image);
        $db->query("INSERT INTO " . USERPREFIX . "_admin_logs (name, date, ip, action, extras) values ('" . $db->safesql($member_id['name']) . "', '{$_TIME}', '{$_IP}', '37', '{$image}')");
    }
}
$js_array[] = "engine/classes/uploads/html5/fileuploader.js";
echoheader("<i class=\"icon-file-alt\"></i>" . $lang['header_f_1'], $lang['header_f_2']);
$folder_list = "<select class=\"uniform\" onchange=\"window.open(this.options[this.selectedIndex].value,'_top')\"><option value=\"?mod=files\">--</option>";
$current_dir = opendir(ROOT_DIR . "/uploads");
while ($entryname = readdir($current_dir)) {
    if (is_dir(ROOT_DIR . "/uploads/{$entryname}") and ($entryname != "." and $entryname != ".." and $entryname != "files")) {
        if ($userdir == $entryname . "/") {
            $sel_dir = "selected";
        } else {
            $sel_dir = "";
        }
        if ($entryname == "fotos") {
            $listname = $lang['images_foto'];
        } elseif ($entryname == "thumbs") {
            $listname = $lang['images_thumb'];
        } elseif ($entryname == "posts") {
            $listname = $lang['images_news'];
Beispiel #28
0
        $symbol_count++;
        if ($symbol_count == $word_count) {
            $result .= ' ';
            $symbol_count = 0;
            $new_word = true;
        }
    }
    return $result;
}
if ($action == 'update') {
    $need_update = false;
    $last_version_file = fopen("http://cutephp.com/cutenews/latest_version.php", "r");
    ob_start();
    fpassthru($last_version_file);
    list($last_version, $last_version_name) = explode('|', ob_get_clean());
    if ($last_version > $config_version_id) {
        $need_update = true;
    }
    if ($need_update) {
        $update_key = base64_encode(create_random_string(50, 7));
        $update_temp = fopen(SERVDIR . '/cdata/update_temp.php', "w");
        fwrite($update_temp, "<?php\n\$update_key='" . $update_key . "';\n?>");
        fclose($update_temp);
        setcookie('update', $update_key, time() + 60 * 60, '/');
        echoheader('info', lang("Update status"), make_breadcrumbs('main/options=options/Update Status'));
        echo proc_tpl('update/status');
        echofooter();
    } else {
        msg('info', lang('Update status'), lang('No update: your revision is the latest one'));
    }
}
Beispiel #29
0
    </tr>
    <tr>
        <td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
        <td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
        <td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
    </tr>
</table>
</div></form>
HTML;
    echofooter();
    exit;
} elseif ($action == "mass_edit_author") {
    if ($member_id['user_group'] != 1) {
        msg("error", $lang['index_denied'], $lang['index_denied'], $_SESSION['admin_referrer']);
    }
    echoheader("options", $lang['mass_cat']);
    $count = count($selected_news);
    echo <<<HTML
<form action="{$PHP_SELF}" method="post">
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
    <tr>
        <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
        <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
        <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
    </tr>
    <tr>
        <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
        <td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
    <tr>
Beispiel #30
0
        if (!$row['users_id']) {
            $db->query("INSERT INTO " . USERPREFIX . "_banned (users_id, descr, date, days) values ('{$id}', '{$banned_descr}', '{$this_time}', '{$banned_date}')");
        } else {
            if ($row['days'] != $banned_date) {
                $db->query("UPDATE " . USERPREFIX . "_banned SET descr='{$banned_descr}', days='{$banned_date}', date='{$this_time}' WHERE users_id = '{$id}'");
            } else {
                $db->query("UPDATE " . USERPREFIX . "_banned set descr='{$banned_descr}' WHERE users_id = '{$id}'");
            }
        }
        @unlink(ENGINE_DIR . '/cache/system/banned.php');
        $db->query("UPDATE " . USERPREFIX . "_users SET banned='yes' WHERE user_id ='{$id}'");
    }
    clear_cache();
    msg("info", $lang['massusers_head_3'], $lang['massusers_banok'], "?mod=editusers&amp;action=list");
} elseif ($_POST['action'] == "mass_delete_pm") {
    echoheader("options", $lang['mass_head']);
    echo <<<HTML
<form action="{$PHP_SELF}" method="post">
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
    <tr>
        <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
        <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
        <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
    </tr>
    <tr>
        <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
        <td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
    <tr>
        <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['massusers_head_4']}</div></td>