function edit() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } //Sektions-Liste if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') { $_POST['secid'] = array('all'); } if ($_POST['send'] == 1) { if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['catid'] || !$_POST['title'] || !$_POST['text']) { infoNotComplete(); } else { $_POST['secid'] = serialize_section($_POST['secid']); $_POST['lastchange'] = time(); $_POST['lastchange_userid'] = $apx->user->info['userid']; //Autor aktualisieren if ($apx->user->has_spright('content.edit') && $_POST['userid']) { if ($_POST['userid'] == 'send') { $_POST['userid'] = 0; } else { $_POST['userid'] = $_POST['userid']; } $addfields .= ',userid'; } $db->dupdate(PRE . '_content', 'secid,catid,title,text,meta_description,lastchange,lastchange_userid,allowcoms,searchable,allowrating' . $addfields, "WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('content.edit'), " AND userid='" . $apx->user->info['userid'] . "'") . " ) LIMIT 1"); logit('CONTENT_EDIT', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('content.show')); } } else { $res = $db->first("SELECT secid,catid,userid,title,text,meta_description,searchable,allowrating,allowcoms FROM " . PRE . "_content WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('content.edit'), " AND userid='" . $apx->user->info['userid'] . "'") . " )"); foreach ($res as $key => $val) { $_POST[$key] = $val; } $_POST['secid'] = unserialize_section($_POST['secid']); mediamanager('content'); $apx->tmpl->assign('CATLIST', $this->get_catlist($_POST['catid'])); $apx->tmpl->assign('SECID', $_POST['secid']); $apx->tmpl->assign('USERID', $_POST['userid']); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description'])); $apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']); $apx->tmpl->assign('ALLOWRATING', (int) $_POST['allowrating']); $apx->tmpl->assign('PUBNOW', (int) $_POST['pubnow']); $apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']); $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->parse('add_edit'); } }
function edit() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } //Sektions-Liste if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') { $_POST['secid'] = array('all'); } if ($_POST['send']) { //Mindestens zwei Felder belegt? for ($i = 1; $i <= 20; $i++) { if ($_POST['a' . $i]) { ++$ac; } if ($ac == 2) { break; } } if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['question'] || !$_POST['days'] || $ac < 2) { infoNotComplete(); } else { for ($i = 1; $i <= 20; $i++) { if ($_POST['a' . $i] && $_POST['color' . $i]) { $qcache[] = array($_POST['a' . $i], $_POST['color' . $i], $_POST['a' . $i . '_c']); } } for ($i = 1; $i <= 20; $i++) { $_POST['a' . $i] = $qcache[$i - 1][0]; $_POST['color' . $i] = $qcache[$i - 1][1]; $_POST['a' . $i . '_c'] = $qcache[$i - 1][2]; } $_POST['secid'] = serialize_section($_POST['secid']); //Veröffentlichung if ($apx->user->has_right('poll.enable') && isset($_POST['t_day_1'])) { $_POST['starttime'] = maketime(1); $_POST['endtime'] = maketime(2); if ($_POST['starttime']) { if (!$_POST['endtime'] || $_POST['endtime'] <= $_POST['starttime']) { $_POST['endtime'] = 3000000000; } $addfields = ',starttime,endtime'; } } $db->dupdate(PRE . '_poll', 'secid,question,meta_description,a1,a2,a3,a4,a5,a6,a7,a8,a9,a10,a11,a12,a13,a14,a15,a16,a17,a18,a19,a20,color1,color2,color3,color4,color5,color6,color7,color8,color9,color10,color11,color12,color13,color14,color15,color16,color17,color18,color19,color20,a1_c,a2_c,a3_c,a4_c,a5_c,a6_c,a7_c,a8_c,a9_c,a10_c,a11_c,a12_c,a13_c,a14_c,a15_c,a16_c,a17_c,a18_c,a19_c,a20_c,days,multiple,searchable,allowcoms' . $addfields, "WHERE ( id='" . $_REQUEST['id'] . "' ) LIMIT 1"); logit('POLL_EDIT', 'ID #' . $_REQUEST['id']); //Tags $db->query("DELETE FROM " . PRE . "_poll_tags WHERE id='" . $_REQUEST['id'] . "'"); $tagids = produceTagIds($_POST['tags']); foreach ($tagids as $tagid) { $db->query("INSERT IGNORE INTO " . PRE . "_poll_tags VALUES('" . $_REQUEST['id'] . "', '" . $tagid . "')"); } printJSRedirect(get_index('poll.show')); } } else { $res = $db->first("SELECT * FROM " . PRE . "_poll WHERE ( id='" . $_REQUEST['id'] . "' ) LIMIT 1"); foreach ($res as $key => $val) { $_POST[$key] = $val; } $_POST['secid'] = unserialize_section($_POST['secid']); //Veröffentlichung if ($res['starttime']) { maketimepost(1, $res['starttime']); if ($res['endtime'] < 2147483647) { maketimepost(2, $res['endtime']); } } //Sektionen auflisten if (is_array($apx->sections) && count($apx->sections)) { $seclist = '<option value="all" style="font-weight:bold;"' . iif(in_array('all', $_POST['secid']), ' selected="selected"') . '>' . $apx->lang->get('ALLSEC') . '</option>'; foreach ($apx->sections as $id => $info) { $seclist .= '<option value="' . $id . '"' . iif(in_array($id, $_POST['secid']), ' selected="selected"') . '>' . replace($info['title']) . '</option>'; } } //Antwortmöglichkeiten for ($i = 1; $i <= 20; $i++) { if ($i > 1 && !$_POST['a' . $i]) { continue; } $answerdata[$i]['TEXT'] = compatible_hsc($_POST['a' . $i]); $answerdata[$i]['VOTES'] = intval($_POST['a' . $i . '_c']); $answerdata[$i]['COLOR'] = iif($_POST['color' . $i], $_POST['color' . $i], $this->colors[0]); $answerdata[$i]['DISPLAY'] = 1; } //Felder auffüllen while (count($answerdata) < 20) { $answerdata[] = array('COLOR' => $this->colors[0]); } //Veröffentlichung if ($apx->user->has_right('poll.enable') && isset($_POST['t_day_1'])) { $apx->tmpl->assign('STARTTIME', choosetime(1, 0, maketime(1))); $apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2))); } //Farben foreach ($this->colors as $color) { $colordata[]['ID'] = $color; } //Tags $tags = array(); $tagdata = $db->fetch("\n\t\t\tSELECT t.tag\n\t\t\tFROM " . PRE . "_poll_tags AS n\n\t\t\tLEFT JOIN " . PRE . "_tags AS t USING(tagid)\n\t\t\tWHERE n.id='" . $_REQUEST['id'] . "'\n\t\t\tORDER BY t.tag ASC\n\t\t"); $tags = get_ids($tagdata, 'tag'); $_POST['tags'] = implode(', ', $tags); $apx->tmpl->assign('COLOR', $colordata); $apx->tmpl->assign('ANSWER', $answerdata); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('SECLIST', $seclist); $apx->tmpl->assign('QUESTION', compatible_hsc($_POST['question'])); $apx->tmpl->assign('DAYS', intval($_POST['days'])); $apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description'])); $apx->tmpl->assign('TAGS', compatible_hsc($_POST['tags'])); $apx->tmpl->assign('MULTIPLE', (int) $_POST['multiple']); $apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']); $apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']); $apx->tmpl->parse('edit'); } }
function edit() { global $set, $db, $apx; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['id'] || !$_POST['parent'] || !$_POST['question']) { infoNotComplete(); } else { $update = array('question' => $_POST['question'], 'answer' => $_POST['answer'], 'meta_description' => $_POST['meta_description'], 'searchable' => $_POST['searchable']); //Prüfen, ob der neue Elternknoten deaktiviert ist => falls ja den Knoten deaktivieren if (intval($_POST['parent'])) { list($parentEnabled) = $db->first("SELECT starttime FROM " . PRE . "_faq WHERE id='" . intval($_POST['parent']) . "' LIMIT 1"); if (!$parentEnabled) { $update['starttime'] = 0; } } $this->cat->moveNode($_REQUEST['id'], $_POST['parent'], $update); logit('FAQ_EDIT', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('faq.show')); } } else { $res = $this->cat->getNode($_REQUEST['id'], array('question', 'meta_description', 'answer', 'searchable')); if (!$res['parents']) { $_POST['parent'] = 'root'; } else { $_POST['parent'] = array_pop($res['parents']); } $_POST['question'] = $res['question']; $_POST['answer'] = $res['answer']; $_POST['meta_description'] = $res['meta_description']; $_POST['searchable'] = $res['searchable']; //Baum $catlist = '<option value="root" style="font-weight:bold;"' . iif($_POST['parent'] == 'root', ' selected="selected"') . '>' . $apx->lang->get('ROOT') . '</option>'; $data = $this->cat->getTree(array('question')); if (count($data)) { $catlist .= '<option value=""></option>'; foreach ($data as $res) { if ($jumplevel && $res['level'] > $jumplevel) { continue; } else { $jumplevel = 0; } if ($_REQUEST['id'] == $res['id']) { $jumplevel = $res['level']; continue; } $catlist .= '<option value="' . $res['id'] . '"' . iif($_POST['parent'] === $res['id'], ' selected="selected"') . '>' . str_repeat(' ', $res['level'] - 1) . replace($res['question']) . '</option>'; } } $apx->tmpl->assign('CATLIST', $catlist); $apx->tmpl->assign('QUESTION', compatible_hsc($_POST['question'])); $apx->tmpl->assign('ANSWER', compatible_hsc($_POST['answer'])); $apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description'])); $apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->parse('add_edit'); } }
function edit() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { $emails = explode(',', $_POST['email']); foreach ($emails as $one) { if (!checkmail(trim($one))) { $wrongmail = true; break; } } if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title'] || !$_POST['email']) { infoNotComplete(); } elseif ($wrongmail) { info($apx->lang->get('INFO_NOEMAIL', array('EMAIL' => $one))); } else { $db->dupdate(PRE . '_contact', 'title,email', " WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); logit('CONTACT_EDIT', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('contact.show')); } } else { list($_POST['title'], $_POST['email']) = $db->first("SELECT title,email FROM " . PRE . "_contact WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('EMAIL', compatible_hsc($_POST['email'])); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->parse('add_edit'); } }
function catshow() { global $set, $db, $apx, $html; $_REQUEST['id'] = (int) $_REQUEST['id']; $data = $set['newsletter']['categories']; //Kategorie löschen if ($_REQUEST['do'] == 'del' && isset($data[$_REQUEST['id']])) { if (isset($_POST['id'])) { if (!checkToken()) { printInvalidToken(); } else { unset($data[$_REQUEST['id']]); $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='newsletter' AND varname='categories' LIMIT 1"); logit('NEWSLETTER_CATDEL', $_REQUEST['id']); printJSRedirect('action.php?action=newsletter.catshow'); } } else { tmessageOverlay('catdel', array('ID' => $_REQUEST['id'])); } return; } elseif ($_REQUEST['do'] == 'edit' && isset($data[$_REQUEST['id']])) { if ($_POST['send']) { if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title']) { infoNotComplete(); } else { $data[$_REQUEST['id']] = $_POST['title']; $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='newsletter' AND varname='categories' LIMIT 1"); logit('NEWSLETTER_CATEDIT', $_REQUEST['id']); printJSRedirect('action.php?action=newsletter.catshow'); } } else { $_POST['title'] = $data[$_REQUEST['id']]; $apx->tmpl->assign('TITLE', $_POST['title']); $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->parse('catadd_catedit'); } } elseif ($_REQUEST['do'] == 'add') { if ($_POST['send']) { if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title']) { infoNotComplete(); } else { $data[] = $_POST['title']; $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='newsletter' AND varname='categories' LIMIT 1"); logit('NEWSLETTER_CATADD', array_key_max($data)); printJSRedirect('action.php?action=newsletter.catshow'); } } return; } else { $apx->tmpl->assign('ACTION', 'add'); $apx->tmpl->parse('catadd_catedit'); } ////////// AUFLISTUNG $col[] = array('COL_TITLE', 100, 'class="title"'); asort($data); if (count($data)) { foreach ($data as $id => $name) { ++$i; $tabledata[$i]['COL1'] = replace($name); $tabledata[$i]['OPTIONS'] .= optionHTML('edit.gif', 'newsletter.catshow', 'do=edit&id=' . $id, $apx->lang->get('CORE_EDIT')); $tabledata[$i]['OPTIONS'] .= optionHTMLOverlay('del.gif', 'newsletter.catshow', 'do=del&id=' . $id, $apx->lang->get('CORE_DEL')); } } $apx->tmpl->assign('TABLE', $tabledata); $html->table($col); }
function edit_book($info) { global $set, $db, $apx; $thistype = 'book'; //Aktualisieren if ($_POST['send'] == 2) { if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title'] || !$_POST['text']) { infoNotComplete(); } elseif (!$this->update_pic()) { /*DO NOTHING*/ } elseif (!$this->update_teaserpic()) { /*DO NOTHING*/ } else { //Website-URLs clean if (substr($_POST['website'], 0, 4) == 'www.') { $_POST['website'] = 'http://' . $_POST['website']; } $_POST['picture'] = $this->picpath; $_POST['teaserpic'] = $this->teaserpicpath; $_POST['media'] = dash_serialize(array_map('intval', $_POST['media'])); $db->dupdate(PRE . '_products', 'prodid,title,text,meta_description,picture,teaserpic,website,manufacturer,publisher,isbn,genre,media,custom1,custom2,custom3,custom4,custom5,custom6,custom7,custom8,custom9,custom10,buylink,price,recprice,guarantee,allowcoms,allowrating,restricted,top,searchable', "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); logit('PRODUCTS_EDIT', 'ID #' . $_REQUEST['id']); //Release eintragen $db->query("DELETE FROM " . PRE . "_products_releases WHERE prodid='" . $_REQUEST['id'] . "'"); for ($i = 1; $i <= 10; $i++) { if (!isset($_POST['release'][$i])) { continue; } $element = $_POST['release'][$i]; if ($element['year']) { list($reldata, $relstamp, $relsystem) = $this->generate_release($element); $db->query("INSERT INTO " . PRE . "_products_releases (prodid,system,data,stamp) VALUES ('" . $_REQUEST['id'] . "','" . $relsystem . "','" . addslashes(serialize($reldata)) . "','" . $relstamp . "')"); } } //Tags $db->query("DELETE FROM " . PRE . "_products_tags WHERE id='" . $_REQUEST['id'] . "'"); $tagids = produceTagIds($_POST['tags']); foreach ($tagids as $tagid) { $db->query("INSERT IGNORE INTO " . PRE . "_products_tags VALUES('" . $_REQUEST['id'] . "', '" . $tagid . "')"); } printJSRedirect(get_index('products.show')); } } else { //Variablen freigeben foreach ($info as $key => $value) { $_POST[$key] = $value; } //Media $_POST['media'] = dash_unserialize($info['media']); if (!is_array($_POST['media'])) { $_POST['media'] = array(); } //Releases auslesen $_POST['release'] = array(); $data = $db->fetch("SELECT system,data FROM " . PRE . "_products_releases WHERE prodid='" . $_REQUEST['id'] . "' ORDER BY ord ASC"); if (count($data)) { $ri = 1; foreach ($data as $res) { $res['data'] = unserialize($res['data']); if (is_array($res['data'])) { $_POST['release'][$ri] = $res['data']; $_POST['release'][$ri]['system'] = $res['system']; ++$ri; } } } //Benutzerdefinierte Felder for ($i = 1; $i <= 10; $i++) { $fieldname = $set['products']['custom_' . $thistype][$i - 1]; $apx->tmpl->assign('CUSFIELD' . $i . '_NAME', replace($fieldname)); $apx->tmpl->assign('CUSTOM' . $i, compatible_hsc($_POST['custom' . $i])); } //Bild $picture = ''; if ($info['picture']) { $picturepath = $info['picture']; $poppicpath = str_replace('-thumb.', '.', $picturepath); if (file_exists(BASEDIR . getpath('uploads') . $poppicpath)) { $picture = '../' . getpath('uploads') . $poppicpath; } else { $picture = '../' . getpath('uploads') . $picturepath; } } //Bild $teaserpic = ''; if ($info['teaserpic']) { $teaserpicpath = $info['teaserpic']; $poppicpath = str_replace('-thumb.', '.', $teaserpicpath); if (file_exists(BASEDIR . getpath('uploads') . $poppicpath)) { $teaserpic = '../' . getpath('uploads') . $poppicpath; } else { $teaserpic = '../' . getpath('uploads') . $teaserpicpath; } } //Tags $tags = array(); $tagdata = $db->fetch("\n\t\t\tSELECT t.tag\n\t\t\tFROM " . PRE . "_products_tags AS n\n\t\t\tLEFT JOIN " . PRE . "_tags AS t USING(tagid)\n\t\t\tWHERE n.id='" . $_REQUEST['id'] . "'\n\t\t\tORDER BY t.tag ASC\n\t\t"); $tags = get_ids($tagdata, 'tag'); $_POST['tags'] = implode(', ', $tags); $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('PRODID', intval($_POST['prodid'])); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description'])); $apx->tmpl->assign('PICTURE', $picture); $apx->tmpl->assign('TEASERPIC', $teaserpic); $apx->tmpl->assign('PIC_COPY', compatible_hsc($_POST['pic_copy'])); $apx->tmpl->assign('TEASERPIC_COPY', compatible_hsc($_POST['teaserpic_copy'])); $apx->tmpl->assign('WEBSITE', compatible_hsc($_POST['website'])); $apx->tmpl->assign('TAGS', compatible_hsc($_POST['tags'])); $apx->tmpl->assign('MANUFACTURER', $this->get_units($_POST['manufacturer'], iif($set['products']['filtermanu'], 'person'))); $apx->tmpl->assign('PUBLISHER', $this->get_units($_POST['publisher'], iif($set['products']['filtermanu'], 'company'))); $apx->tmpl->assign('ISBN', compatible_hsc($_POST['isbn'])); $apx->tmpl->assign('GENRELIST', $this->get_genre($thistype, $_POST['genre'])); $apx->tmpl->assign('MEDIALIST', $this->get_media($thistype, $_POST['media'])); $apx->tmpl->assign('RELEASE', $this->get_release($thistype)); $apx->tmpl->assign('BUYLINK', compatible_hsc($_POST['buylink'])); $apx->tmpl->assign('PRICE', compatible_hsc($_POST['price'])); $apx->tmpl->assign('RECPRICE', compatible_hsc($_POST['recprice'])); $apx->tmpl->assign('GUARANTEE', compatible_hsc($_POST['guarantee'])); $apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']); $apx->tmpl->assign('ALLOWRATING', (int) $_POST['allowrating']); $apx->tmpl->assign('RESTRICTED', (int) $_POST['restricted']); $apx->tmpl->assign('TOP', (int) $_POST['top']); $apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']); $apx->tmpl->parse('add_edit_' . $thistype); } }
function search() { global $set, $apx, $db; if ($_POST['send'] == 1) { if (!$_REQUEST['item']) { infoNotComplete(); } else { if (preg_match("/^[A-Za-z0-9\\.\\*_-]+\$/", $_REQUEST['item'])) { $searchstring = $_REQUEST['item']; $searchstring = strtr($searchstring, array('.' => '\\.', '*' => '(.*)')); $found = $this->searchtree($searchstring, $_REQUEST['dir']); } if (is_array($found) && count($found)) { $ftype = $this->getftype(); foreach ($found as $path => $files) { foreach ($files as $file) { ++$obj; $extension = $this->mm->getext($file); $filepath = iif($path, $path . '/', $path) . $file; $filedata[$obj]['NAME'] = $file; $filedata[$obj]['PATH'] = replace($path); if ($apx->user->has_right('mediamanager.details')) { $filedata[$obj]['NAME'] = '<a href="action.php?action=mediamanager.details&file=' . $filepath . '&module=' . $this->module . '">' . $file . '</a>'; } if (array_key_exists($extension, $ftype)) { $filedata[$obj]['IMG'] = $ftype[$extension]['img']; } else { $filedata[$obj]['IMG'] = $ftype['#UNKNOWN#']['img']; } //Optionen if ($apx->user->has_right('mediamanager.copy')) { $filedata[$obj]['OPTIONS'] .= '<a href="action.php?action=mediamanager.copy&file=' . $filepath . '&module=' . $this->module . '"><img src="design/copy.gif" title="' . $apx->lang->get('COPY') . '" alt="' . $apx->lang->get('COPY') . '" style="vertical-align:middle;" /></a>'; } else { $filedata[$obj]['OPTIONS'] .= '<img src="design/ispace.gif" alt="" />'; } if ($apx->user->has_right('mediamanager.move') && $ftype[$extension]['special'] != "undel") { $filedata[$obj]['OPTIONS'] .= '<a href="action.php?action=mediamanager.move&file=' . $filepath . '&module=' . $this->module . '"><img src="design/move.gif" title="' . $apx->lang->get('MOVE') . '" alt="' . $apx->lang->get('MOVE') . '" style="vertical-align:middle;" /></a>'; } else { $filedata[$obj]['OPTIONS'] .= '<img src="design/ispace.gif" alt="" />'; } if ($apx->user->has_right('mediamanager.rename') && $ftype[$extension]['special'] != "undel") { $filedata[$obj]['OPTIONS'] .= '<a href="action.php?action=mediamanager.rename&file=' . $filepath . '&module=' . $this->module . '"><img src="design/rename.gif" title="' . $apx->lang->get('RENAME') . '" alt="' . $apx->lang->get('RENAME') . '" style="vertical-align:middle;" /></a>'; } else { $filedata[$obj]['OPTIONS'] .= '<img src="design/ispace.gif" alt="" />'; } if ($apx->user->has_right('mediamanager.del') && $ftype[$extension]['special'] != "undel") { $filedata[$obj]['OPTIONS'] .= '<a href="action.php?action=mediamanager.del&file=' . $filepath . '&module=' . $this->module . '"><img src="design/del.gif" title="' . $apx->lang->get('CORE_DEL') . '" alt="' . $apx->lang->get('CORE_DEL') . '" style="vertical-align:middle;" /></a>'; } else { $filedata[$obj]['OPTIONS'] .= '<img src="design/ispace.gif" alt="" />'; } $filedata[$obj]['OPTIONS'] .= ' '; if ($apx->user->has_right('mediamanager.thumb') && in_array($extension, array('GIF', 'JPG', 'JPEG', 'JPE', 'PNG'))) { $filedata[$obj]['OPTIONS'] .= '<a href="action.php?action=mediamanager.thumb&file=' . $filepath . '&module=' . $this->module . '"><img src="design/pic.gif" title="' . $apx->lang->get('THUMB') . '" alt="' . $apx->lang->get('THUMB') . '" style="vertical-align:middle;" /></a>'; } else { $filedata[$obj]['OPTIONS'] .= '<img src="design/ispace.gif" alt="" />'; } } } } } } $dirlist = '<option value=""' . iif($_REQUEST['dir'] == '', ' selected="selected"') . '>' . $apx->lang->get('ROOT') . '</option>'; $dirlist .= $this->listtree(); $apx->tmpl->assign('ITEM', compatible_hsc($_REQUEST['item'])); $apx->tmpl->assign('DIRLIST', $dirlist); $apx->tmpl->assign('FILE', $filedata); $apx->tmpl->parse('search'); save_index($_SERVER['REQUEST_URI']); }
function sendpm() { global $set, $db, $apx; //Senden durchführen if ($_REQUEST['doit']) { $this->sendpm_exec(); return; } //Gruppen selected if (!is_array($_POST['groupid']) || $_POST['groupid'][0] == 'all') { $_POST['groupid'] = array('all'); } //Daten speichern if ($_POST['send']) { if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['subject'] || !$_POST['text'] || !count($_POST['groupid'])) { infoNotComplete(); } else { $groups = array(); if ($_POST['groupid'][0] != 'all') { $groups = array_map('intval', $_POST['groupid']); } $data = array('subject' => $_POST['subject'], 'text' => $_POST['text'], 'groups' => $groups); $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='user' AND varname='sendpm_data' LIMIT 1"); //die('action.php?action=user.sendpm&doit=1'); printJSRedirect('action.php?action=user.sendpm&doit=1§oken=' . $apx->session->get('sectoken')); } } else { //Sektionen auflisten $grouplist = '<option value="all"' . iif($_POST['groupid'][0] == 'all', 'selected="selected"') . ' style="font-weight:bold;">' . $apx->lang->get('ALL') . '</option>'; $data = $db->fetch("SELECT groupid,name FROM " . PRE . "_user_groups ORDER BY name ASC"); if (count($data)) { foreach ($data as $res) { $grouplist .= '<option value="' . $res['groupid'] . '"' . iif(in_array($res['groupid'], $_POST['groupid']), ' selected="selected"') . '>' . replace($res['name']) . '</option>'; } } $apx->tmpl->assign('GROUP', $grouplist); $apx->tmpl->assign('SUBJECT', compatible_hsc($_POST['subject'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->parse('sendpm'); } }
function edit() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } //Sektions-Liste if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') { $_POST['secid'] = array('all'); } $info = $db->first("SELECT secid,`group`,title,text,image,link,starttime,endtime FROM " . PRE . "_teaser WHERE id='" . intval($_REQUEST['id']) . "' LIMIT 1"); if ($_POST['send'] == 1) { require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $ext = $mm->getext($_FILES['image']['name']); if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title'] || !$_POST['link']) { infoNotComplete(); } elseif ($_FILES['image']['tmp_name'] && !in_array($ext, array('GIF', 'JPG', 'JPE', 'JPEG', 'PNG'))) { info($apx->lang->get('INFO_NOIMAGE')); } else { //Bild aktualisieren if ($_FILES['image']['tmp_name']) { list($oldpic) = $db->first("SELECT image FROM " . PRE . "_teaser WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); if ($oldpic) { $mm->deletefile($oldpic); } $newfile = 'teaser-' . intval($_REQUEST['id']) . '.' . strtolower($ext); $mm->uploadfile($_FILES['image'], 'teaser', $newfile); $_POST['image'] = 'teaser/' . $newfile; } elseif ($_POST['delimage']) { list($oldpic) = $db->first("SELECT image FROM " . PRE . "_teaser WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $mm->deletefile($oldpic); $_POST['image'] = ''; } $_POST['secid'] = serialize_section($_POST['secid']); //Veröffentlichung $addfields = ''; if ($apx->user->has_right('teaser.enable') && isset($_POST['t_day_1'])) { $_POST['starttime'] = maketime(1); $_POST['endtime'] = maketime(2); if ($_POST['starttime']) { if (!$_POST['endtime'] || $_POST['endtime'] <= $_POST['starttime']) { $_POST['endtime'] = 3000000000; } $addfields = ',starttime,endtime'; } } $db->dupdate(PRE . '_teaser', 'secid,group,title,text,link' . iif(isset($_POST['image']), ',image') . $addfields, "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); logit('TEASER_EDIT', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('teaser.show')); } } else { $_POST['group'] = $info['group']; $_POST['title'] = $info['title']; $_POST['text'] = $info['text']; $_POST['link'] = $info['link']; $_POST['starttime'] = $info['starttime']; $_POST['endtime'] = $info['endtime']; $_POST['secid'] = unserialize_section($info['secid']); $imageWidth = ''; if ($info['image']) { $size = @getimagesize(BASEDIR . getpath('uploads') . $info['image']); if ($size[0] && $size[0] > 300) { $imageWidth = 300; } } //Bannergruppen auflisten $grouplist = ''; foreach ($set['teaser']['groups'] as $id => $title) { $grouplist .= '<option value="' . $id . '"' . iif($id == $_POST['group'], ' selected="selected"') . '>' . replace($title) . '</option>'; } //Veröffentlichung if ($_POST['starttime']) { maketimepost(1, $_POST['starttime']); if ($_POST['endtime'] < 2147483647) { maketimepost(2, $_POST['endtime']); } } //Veröffentlichung if ($apx->user->has_right('teaser.enable') && isset($_POST['t_day_1'])) { $apx->tmpl->assign('STARTTIME', choosetime(1, 0, maketime(1))); $apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2))); } $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('SECID', $_POST['secid']); $apx->tmpl->assign('GROUPS', $grouplist); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('LINK', compatible_hsc($_POST['link'])); $apx->tmpl->assign('IMAGE', iif($info['image'], getpath('uploads') . $info['image'])); $apx->tmpl->assign('IMAGE_WIDTH', $imageWidth); $apx->tmpl->assign('DELIMAGE', (int) $_POST['delimage']); $apx->tmpl->parse('edit'); } }
function sedit() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title'] || !$_POST['link']) { infoNotComplete(); } else { $db->dupdate(PRE . '_news_sources', 'title,link', "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); logit('NEWS_SEDIT', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('news.sshow')); } } else { list($_POST['title'], $_POST['link']) = $db->first("SELECT title,link FROM " . PRE . "_news_sources WHERE id='" . intval($_REQUEST['id']) . "' LIMIT 1"); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('LINK', compatible_hsc($_POST['link'])); $apx->tmpl->assign('ACTION', 'sedit'); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->parse('sadd_sedit'); } }
function catedit() { global $set, $apx, $db; if (!$_REQUEST['id']) { die('missing ID!'); } //ABSENDEN if ($_POST['send'] == 1) { if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['id'] || !$_POST['title']) { infoNotComplete(); } else { $db->dupdate(PRE . '_glossar_cat', 'title,icon,text', "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); logit('GLOSSAR_CATEDIT', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('glossar.catshow')); } } else { list($_POST['title'], $_POST['icon'], $_POST['text']) = $db->first("SELECT title,icon,text FROM " . PRE . "_glossar_cat WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('ICON', compatible_hsc($_POST['icon'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->parse('catadd_catedit'); } }
function catedit() { global $set, $apx, $tmpl, $db, $user; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { list($links) = $db->first("SELECT count(id) FROM " . PRE . "_links WHERE catid='" . $_REQUEST['id'] . "'"); if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['id'] || !$_POST['parent'] || !$_POST['title']) { infoNotComplete(); } elseif (!$_POST['open'] && $links) { info($apx->lang->get('INFO_CONTAINSLINKS')); } else { $this->cat->moveNode($_REQUEST['id'], intval($_POST['parent']), array('title' => $_POST['title'], 'text' => $_POST['text'], 'icon' => $_POST['icon'], 'open' => $_POST['open'])); logit('LINKS_CATEDIT', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('links.catshow')); } } else { $res = $this->cat->getNode($_REQUEST['id'], array('title', 'text', 'icon', 'open')); $_POST['title'] = $res['title']; $_POST['text'] = $res['text']; $_POST['icon'] = $res['icon']; $_POST['open'] = $res['open']; if (!$res['parents']) { $_POST['parent'] = 'root'; } else { $_POST['parent'] = array_pop($res['parents']); } //Baum $catlist = '<option value="root" style="font-weight:bold;">' . $apx->lang->get('ROOT') . '</option>'; $data = $this->cat->getTree(array('title')); if (count($data)) { $catlist .= '<option value=""></option>'; foreach ($data as $res) { if ($jumplevel && $res['level'] > $jumplevel) { continue; } else { $jumplevel = 0; } if ($_REQUEST['id'] == $res['id']) { $jumplevel = $res['level']; continue; } $catlist .= '<option value="' . $res['id'] . '"' . iif($_POST['parent'] === $res['id'], ' selected="selected"') . '>' . str_repeat(' ', $res['level'] - 1) . replace($res['title']) . '</option>'; } } $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('ICON', compatible_hsc($_POST['icon'])); $apx->tmpl->assign('OPEN', (int) $_POST['open']); $apx->tmpl->assign('CATLIST', $catlist); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->parse('catadd_catedit'); } }
function edit() { global $set, $apx, $db; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['parent'] || !$_POST['text'] || $_POST['display'] == 'link' && !$_POST['link'] || $_POST['display'] == 'code' && !$_POST['code']) { infoNotComplete(); } else { //Was soll gespeichert werden? if ($_POST['display'] == 'code') { unset($_POST['link'], $_POST['link_popup']); } elseif ($_POST['display'] == 'link') { unset($_POST['code']); } else { unset($_POST['code'], $_POST['link'], $_POST['link_popup']); } $this->cat->moveNode($_REQUEST['id'], $_POST['parent'], array('text' => $_POST['text'], 'link' => $_POST['link'], 'link_popup' => $_POST['link_popup'], 'code' => $_POST['code'], 'staticsub' => $_POST['staticsub'])); logit('NAVI_EDIT', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('navi.show')); } } else { $res = $this->cat->getNode($_REQUEST['id'], array('nid', 'text', 'link', 'link_popup', 'code', 'staticsub')); $_POST['text'] = $res['text']; $_POST['link'] = $res['link']; $_POST['link_popup'] = $res['link_popup']; $_POST['code'] = $res['code']; $_POST['staticsub'] = $res['staticsub']; if (!$res['parents']) { $_POST['parent'] = 'root'; } else { $_POST['parent'] = array_pop($res['parents']); } if ($_POST['code']) { $_POST['display'] = 'code'; } elseif ($_POST['link']) { $_POST['display'] = 'link'; } //Baum $catlist = '<option value="root" style="font-weight:bold;"' . iif($_POST['parent'] == 'root', ' selected="selected"') . '>' . $apx->lang->get('ROOT') . '</option>'; $data = $this->cat->getTree(array('text'), null, "nid='" . $res['nid'] . "'"); if (count($data)) { $catlist .= '<option value=""></option>'; foreach ($data as $res) { if ($jumplevel && $res['level'] > $jumplevel) { continue; } else { $jumplevel = 0; } if ($_REQUEST['id'] == $res['id']) { $jumplevel = $res['level']; continue; } $catlist .= '<option value="' . $res['id'] . '"' . iif($_POST['parent'] === $res['id'], ' selected="selected"') . '>' . str_repeat(' ', $res['level'] - 1) . replace($res['text']) . '</option>'; } } //Link oder Code if ($_POST['display'] == 'code') { $apx->tmpl->assign('CODE', compatible_hsc($_POST['code'])); } elseif ($_POST['display'] == 'link') { $apx->tmpl->assign('LINK', compatible_hsc($_POST['link'])); $apx->tmpl->assign('LINK_POPUP', (int) $_POST['link_popup']); } $apx->tmpl->assign('DISPLAY', $_POST['display']); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('STATICSUB', (int) $_POST['staticsub']); $apx->tmpl->assign('CATLIST', $catlist); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('NID', $_REQUEST['nid']); $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->parse('add_edit'); } }
function group() { global $set, $db, $apx, $html; $_REQUEST['id'] = (int) $_REQUEST['id']; $data = $set['banner']['groups']; //Kategorie löschen if ($_REQUEST['do'] == 'del' && isset($data[$_REQUEST['id']])) { list($count) = $db->first("SELECT count(*) FROM " . PRE . "_banner WHERE " . PRE . "_banner.group='" . $id . "'"); if (!$count) { if (isset($_POST['id'])) { if (!checkToken()) { infoInvalidToken(); } else { unset($data[$_REQUEST['id']]); $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='banner' AND varname='groups' LIMIT 1"); logit('BANNER_CATDEL', $_REQUEST['id']); printJSReload(); } } else { $apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($data[$_REQUEST['id']])))); tmessageOverlay('catdel', array('ID' => $_REQUEST['id'])); } return; } } elseif ($_REQUEST['do'] == 'edit' && isset($data[$_REQUEST['id']])) { if (isset($_POST['title'])) { if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title']) { infoNotComplete(); } else { $data[$_REQUEST['id']] = $_POST['title']; $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='banner' AND varname='groups' LIMIT 1"); logit('BANNER_CATEDIT', $_REQUEST['id']); printJSRedirect('action.php?action=banner.group'); return; } } else { $_POST['title'] = $data[$_REQUEST['id']]; $apx->tmpl->assign('TITLE', $_POST['title']); $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->parse('catadd_catedit'); } } elseif ($_REQUEST['do'] == 'add') { if ($_POST['send']) { if (!checkToken()) { printInvalidToken(); } elseif (!$_POST['title']) { infoNotComplete(); } else { if (!count($data)) { $data[1] = $_POST['title']; } else { $data[] = $_POST['title']; } $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($data)) . "' WHERE module='banner' AND varname='groups' LIMIT 1"); logit('BANNER_CATADD', array_key_max($data)); printJSRedirect('action.php?action=banner.group'); return; } } } else { $apx->tmpl->assign('ACTION', 'add'); $apx->tmpl->parse('catadd_catedit'); } $col[] = array('ID', 1, 'align="center"'); $col[] = array('COL_TITLE', 80, 'class="title"'); $col[] = array('COL_BANNERS', 20, 'align="center"'); //AUSGABE asort($data); foreach ($data as $id => $res) { ++$i; list($count) = $db->first("SELECT count(*) FROM " . PRE . "_banner WHERE " . PRE . "_banner.group='" . $id . "'"); $tabledata[$i]['COL1'] = $id; $tabledata[$i]['COL2'] = $res; $tabledata[$i]['COL3'] = $count; $tabledata[$i]['OPTIONS'] .= optionHTML('edit.gif', 'banner.group', 'do=edit&id=' . $id, $apx->lang->get('CORE_EDIT')); if (!$count) { $tabledata[$i]['OPTIONS'] .= optionHTMLOverlay('del.gif', 'banner.group', 'do=del&id=' . $id, $apx->lang->get('CORE_DEL')); } else { $tabledata[$i]['OPTIONS'] .= '<img src="design/ispace.gif" alt="" />'; } } $apx->tmpl->assign('TABLE', $tabledata); $html->table($col); }
function catedit() { global $set, $apx, $tmpl, $db, $user; if (!$_REQUEST['id']) { die('missing ID!'); } if (!count($_POST['groupid']) || $_POST['groupid'][0] == 'all') { $_POST['groupid'] = array('all'); } if ($_POST['send'] == 1) { list($videos) = $db->first("SELECT count(id) FROM " . PRE . "_videos WHERE catid='" . $_REQUEST['id'] . "'"); if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['id'] || !$_POST['parent'] || !$_POST['title']) { infoNotComplete(); } elseif (!$_POST['open'] && $videos) { info($apx->lang->get('INFO_CONTAINSVIDEOS')); } else { if ($_POST['groupid'][0] == 'all') { $_POST['forgroup'] = 'all'; } else { $_POST['forgroup'] = serialize($_POST['groupid']); } $this->cat->moveNode($_REQUEST['id'], intval($_POST['parent']), array('title' => $_POST['title'], 'text' => $_POST['text'], 'icon' => $_POST['icon'], 'open' => $_POST['open'], 'forgroup' => $_POST['forgroup'])); logit('VIDEOS_CATEDIT', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('videos.catshow')); } } else { $res = $this->cat->getNode($_REQUEST['id'], array('title', 'text', 'icon', 'open', 'forgroup')); $_POST['title'] = $res['title']; $_POST['text'] = $res['text']; $_POST['icon'] = $res['icon']; $_POST['open'] = $res['open']; if ($res['forgroup'] == 'all') { $_POST['groupid'][0] = 'all'; } else { $_POST['groupid'] = unserialize($res['forgroup']); } if (!$res['parents']) { $_POST['parent'] = 'root'; } else { $_POST['parent'] = array_pop($res['parents']); } //Baum $catlist = '<option value="root" style="font-weight:bold;">' . $apx->lang->get('ROOT') . '</option>'; $data = $this->cat->getTree(array('title')); if (count($data)) { $catlist .= '<option value=""></option>'; foreach ($data as $res) { if ($jumplevel && $res['level'] > $jumplevel) { continue; } else { $jumplevel = 0; } if ($_REQUEST['id'] == $res['id']) { $jumplevel = $res['level']; continue; } $catlist .= '<option value="' . $res['id'] . '"' . iif($_POST['parent'] === $res['id'], ' selected="selected"') . '>' . str_repeat(' ', $res['level'] - 1) . replace($res['title']) . '</option>'; } } //Benutzergruppen $data = $db->fetch("SELECT groupid,name FROM " . PRE . "_user_groups WHERE ( gtype='admin' OR gtype='indiv' ) ORDER BY name ASC"); $grouplist .= '<option value="all"' . iif(!isset($_POST['groupid']) || $_POST['groupid'][0] == 'all', ' selected="selected"') . ' style="font-weight:bold;">' . $apx->lang->get('ALL') . '</option>'; if (count($data)) { foreach ($data as $res) { $grouplist .= '<option value="' . $res['groupid'] . '"' . iif(isset($_POST['groupid']) && in_array($res['groupid'], $_POST['groupid']), ' selected="selected"') . '>' . replace($res['name']) . '</option>'; } } $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('ICON', compatible_hsc($_POST['icon'])); $apx->tmpl->assign('OPEN', (int) $_POST['open']); $apx->tmpl->assign('CATLIST', $catlist); $apx->tmpl->assign('USERGROUPS', $grouplist); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->parse('catadd_catedit'); } }
function filetypes_edit() { global $set, $apx, $db; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send']) { $exists = false; if ($_POST['ext'] != $_REQUEST['id']) { list($exists) = $db->first("SELECT ext FROM " . PRE . "_forum_filetypes WHERE ext='" . addslashes(strtolower($_POST['ext'])) . "' LIMIT 1"); } if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['ext'] || !$_POST['icon'] || !$_POST['size']) { infoNotComplete(); } elseif ($exists) { info($apx->lang->get('MSG_EXISTS')); } else { $_POST['ext'] = strtolower($_POST['ext']); $db->dupdate(PRE . '_forum_filetypes', 'ext,icon,size', "WHERE ext='" . addslashes(strtolower($_REQUEST['id'])) . "' LIMIT 1"); logit('FORUM_FILETYPEDEL', $_POST['ext']); printJSRedirect('action.php?action=forum.filetypes'); } } else { $res = $db->first("SELECT * FROM " . PRE . "_forum_filetypes WHERE ext='" . addslashes(strtolower($_REQUEST['id'])) . "' LIMIT 1"); $apx->tmpl->assign('ID', compatible_hsc($_REQUEST['id'])); $apx->tmpl->assign('EXT', compatible_hsc($res['ext'])); $apx->tmpl->assign('ICON', compatible_hsc($res['icon'])); $apx->tmpl->assign('SIZE', compatible_hsc($res['size'])); $apx->tmpl->parse('addfiletypes'); } }
function edit() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } $info = $db->first("SELECT title,image,link FROM " . PRE . "_affiliates WHERE id='" . intval($_REQUEST['id']) . "' LIMIT 1"); if ($_POST['send'] == 1) { require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $ext = $mm->getext($_FILES['image']['name']); if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title'] || !$_POST['link']) { infoNotComplete(); } elseif ($_FILES['image']['tmp_name'] && !in_array($ext, array('GIF', 'JPG', 'JPE', 'JPEG', 'PNG'))) { info($apx->lang->get('INFO_NOIMAGE')); } else { //Bild aktualisieren if ($_FILES['image']['tmp_name']) { list($oldpic) = $db->first("SELECT image FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); if ($oldpic) { $mm->deletefile($oldpic); } $newfile = 'affiliate-' . intval($_REQUEST['id']) . '.' . strtolower($ext); $mm->uploadfile($_FILES['image'], 'affiliates', $newfile); $_POST['image'] = 'affiliates/' . $newfile; } elseif ($_POST['delimage']) { list($oldpic) = $db->first("SELECT image FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $mm->deletefile($oldpic); $_POST['image'] = ''; } $db->dupdate(PRE . '_affiliates', 'title,link' . iif(isset($_POST['image']), ',image'), "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); logit('AFFILIATES_EDIT', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('affiliates.show')); } } else { $_POST['title'] = $info['title']; $_POST['link'] = $info['link']; $imageWidth = ''; if ($info['image']) { $size = @getimagesize(BASEDIR . getpath('uploads') . $info['image']); if ($size[0] && $size[0] > 300) { $imageWidth = 300; } } $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('LINK', compatible_hsc($_POST['link'])); $apx->tmpl->assign('IMAGE', iif($info['image'], getpath('uploads') . $info['image'])); $apx->tmpl->assign('IMAGE_WIDTH', $imageWidth); $apx->tmpl->assign('DELIMAGE', (int) $_POST['delimage']); $apx->tmpl->parse('edit'); } }
function blockcontent() { global $set, $db, $apx, $html; $_REQUEST['key'] = (int) $_REQUEST['key']; //IP löschen if ($_REQUEST['do'] == 'del') { if ($_POST['send']) { if (!checkToken()) { printInvalidToken(); } else { unset($set['guestbook']['blockstring'][$_REQUEST['id']]); $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($set['guestbook']['blockstring'])) . "' WHERE module='guestbook' AND varname='blockstring' LIMIT 1"); printJSRedirect('action.php?action=guestbook.blockcontent'); } } else { $apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_DEL', array('TITLE' => compatible_hsc($set['guestbook']['blockstring'][$_REQUEST['id']])))); tmessageOverlay('contentdel', array('ID' => $_REQUEST['id'])); } return; } elseif ($_REQUEST['do'] == 'add') { if (!checkToken()) { printInvalidToken(); } elseif (!$_POST['string']) { infoNotComplete(); } else { $set['guestbook']['blockstring'][] = $_POST['string']; $db->query("UPDATE " . PRE . "_config SET value='" . addslashes(serialize($set['guestbook']['blockstring'])) . "' WHERE module='guestbook' AND varname='blockstring' LIMIT 1"); printJSRedirect('action.php?action=guestbook.blockcontent'); } return; } quicklink_index('guestbook.show'); quicklink_out(); //AUFLISTUNG BEGINNT $strings = $set['guestbook']['blockstring']; if (!is_array($strings)) { $strings = array(); } $strings = array_sort($strings, 0, 'asc'); $col[] = array('TITLE_GUESTBOOK_BLOCKCONTENT', 100, 'class="title"'); foreach ($strings as $i => $res) { $tabledata[$i]['COL1'] = $res; $tabledata[$i]['OPTIONS'] = optionHTMLOverlay('del.gif', 'guestbook.blockcontent', 'do=del&id=' . $i, $apx->lang->get('CORE_DEL')); } $apx->tmpl->assign('TABLE', $tabledata); $html->table($col); $apx->tmpl->parse('blockcontent'); }
function edit() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } //Sektions-Liste if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') { $_POST['secid'] = array('all'); } if ($_POST['send'] == 1) { if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title']) { infoNotComplete(); } else { $update = array('prodid' => $_POST['prodid'], 'title' => $_POST['title'], 'description' => $_POST['description'], 'meta_description' => $_POST['meta_description'], 'searchable' => $_POST['searchable'], 'restricted' => $_POST['restricted'], 'allowcoms' => $_POST['allowcoms']); //Veröffentlichung if ($apx->user->has_right('gallery.enable') && isset($_POST['t_day_1'])) { $update['starttime'] = maketime(1); $update['endtime'] = maketime(2); if ($update['starttime']) { if (!$update['endtime'] || $update['endtime'] <= $_POST['starttime']) { $update['endtime'] = 3000000000; } } } //Prüfen, ob der neue Elternknoten deaktiviert ist => falls ja den Knoten deaktivieren if (intval($_POST['parent'])) { list($parentEnabled) = $db->first("SELECT starttime FROM " . PRE . "_gallery WHERE id='" . intval($_POST['parent']) . "' LIMIT 1"); if (!$parentEnabled) { $update['starttime'] = 0; $update['endtime'] = 0; } } //Unter-Galerien werden verwendet if ($set['gallery']['subgals']) { $nodeInfo = $this->cat->getNode($_REQUEST['id']); $currentParentId = array_pop($nodeInfo['parents']); //Dieser Knoten wird ein Unter-Knoten //Übernehme secid vom neuen Parent, password löschen if (intval($_POST['parent'])) { $_POST['parent'] = intval($_POST['parent']); //Parent hat sich geändert => Daten übernehmen if ($currentParentId != $_POST['parent']) { $rootNode = $this->cat->getNode($_POST['parent'], array('secid', 'password', 'restricted')); $update['secid'] = $rootNode['secid']; $update['password'] = ''; $update['restricted'] = ''; //Unter-Galerien des Knotens anpassen $childrenIds = $nodeInfo['children']; if ($childrenIds) { $db->query("\n\t\t\t\t\t\t\t\tUPDATE " . PRE . "_gallery\n\t\t\t\t\t\t\t\tSET secid='" . addslashes($update['secid']) . "', password = '', restricted=0\n\t\t\t\t\t\t\t\tWHERE id IN (" . implode(',', $childrenIds) . ")\n\t\t\t\t\t\t\t"); } } } else { $update['secid'] = serialize_section($_POST['secid']); $update['password'] = $_POST['password']; $update['restricted'] = $_POST['restricted']; //Unter-Galerien des Knotens anpassen $childrenIds = $nodeInfo['children']; if ($childrenIds) { $db->query("\n\t\t\t\t\t\t\tUPDATE " . PRE . "_gallery\n\t\t\t\t\t\t\tSET secid='" . addslashes($update['secid']) . "', password = '', restricted=0\n\t\t\t\t\t\t\tWHERE id IN (" . implode(',', $childrenIds) . ")\n\t\t\t\t\t\t"); } } } else { $update['secid'] = serialize_section($_POST['secid']); $update['password'] = $_POST['password']; $update['restricted'] = $_POST['restricted']; } $this->cat->moveNode($_REQUEST['id'], intval($_POST['parent']), $update); logit('GALLERY_EDIT', 'ID #' . $_REQUEST['id']); //Tags $db->query("DELETE FROM " . PRE . "_gallery_tags WHERE id='" . $_REQUEST['id'] . "'"); $tagids = produceTagIds($_POST['tags']); foreach ($tagids as $tagid) { $db->query("INSERT IGNORE INTO " . PRE . "_gallery_tags VALUES('" . $_REQUEST['id'] . "', '" . $tagid . "')"); } printJSRedirect(get_index('gallery.show')); } } else { $res = $this->cat->getNode($_REQUEST['id'], array('secid', 'prodid', 'title', 'description', 'meta_description', 'password', 'starttime', 'endtime', 'searchable', 'restricted', 'allowcoms')); $_POST['secid'] = unserialize_section($res['secid']); $_POST['prodid'] = $res['prodid']; $_POST['title'] = $res['title']; $_POST['description'] = $res['description']; $_POST['meta_description'] = $res['meta_description']; $_POST['password'] = $res['password']; $_POST['searchable'] = $res['searchable']; $_POST['restricted'] = $res['restricted']; $_POST['allowcoms'] = $res['allowcoms']; if (!$res['parents']) { $_POST['parent'] = 'root'; } else { $_POST['parent'] = array_pop($res['parents']); } //Veröffentlichung if ($res['starttime']) { maketimepost(1, $res['starttime']); if ($res['endtime'] < 2147483647) { maketimepost(2, $res['endtime']); } } //Baum if ($set['gallery']['subgals']) { $gallist = '<option value="root" style="font-weight:bold;"' . iif($_POST['parent'] == 'root', ' selected="selected"') . '>' . $apx->lang->get('ROOT') . '</option>'; $data = $this->cat->getTree(array('title')); if (count($data)) { $gallist .= '<option value=""></option>'; foreach ($data as $res) { if ($jumplevel && $res['level'] > $jumplevel) { continue; } else { $jumplevel = 0; } if ($_REQUEST['id'] == $res['id']) { $jumplevel = $res['level']; continue; } $gallist .= '<option value="' . $res['id'] . '"' . iif($_POST['parent'] === $res['id'], ' selected="selected"') . '>' . str_repeat(' ', $res['level'] - 1) . replace($res['title']) . '</option>'; } } } //Veröffentlichung if ($apx->user->has_right('gallery.enable') && isset($_POST['t_day_1'])) { $apx->tmpl->assign('STARTTIME', choosetime(1, 0, maketime(1))); $apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2))); } //Tags $tags = array(); $tagdata = $db->fetch("\n\t\t\tSELECT t.tag\n\t\t\tFROM " . PRE . "_gallery_tags AS n\n\t\t\tLEFT JOIN " . PRE . "_tags AS t USING(tagid)\n\t\t\tWHERE n.id='" . $_REQUEST['id'] . "'\n\t\t\tORDER BY t.tag ASC\n\t\t"); $tags = get_ids($tagdata, 'tag'); $_POST['tags'] = implode(', ', $tags); $apx->tmpl->assign('PARENT', $gallist); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('SECID', $_POST['secid']); $apx->tmpl->assign('PRODID', $_POST['prodid']); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('DESCRIPTION', compatible_hsc($_POST['description'])); $apx->tmpl->assign('PASSWORD', compatible_hsc($_POST['password'])); $apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description'])); $apx->tmpl->assign('TAGS', compatible_hsc($_POST['tags'])); $apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']); $apx->tmpl->assign('RESTRICTED', (int) $_POST['restricted']); $apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']); $apx->tmpl->parse('edit'); } }