if (empty($discount)) {
$discount = 'null';
}
if (empty($shipping)) {
$shipping = 'null';
}
if (empty($shipping_mode)) {
$shipping_mode = 'null';
}
if (empty($total_weight)) {
$total_weight = 'null';
}
if (empty($memo)) {
$memo = 'null';
} else {
$memo = mynl2br($memo);
}
$tab = array();
$tab = file($filename);
for ($i = 0; $i < sizeof($tab); $i++) {
@(list($id1, $id_item, $category, $subcategory, $title1, $filename1, $digital, $folder, $currency, $weight, $price, $quantity, $option1, $option2, $tax1, $ship, $discount1, $discount2, $ip_name, $id_cart) = explode('|', $tab[$i]));
$_SESSION['digital'] = $digital;
@($cat = $subcategory == 'none' ? $category : $subcategory);
$ItemFile = 'categories/' . $cat . '/' . $id_item . '.dat';
$it = readItem($ItemFile);
if ($it[5] >= $quantity) {
$qty = $it[5] - $quantity;
} else {
$qty = 0;
}
$dtqty = $it[0] . '||' . $it[1] . '||' . $it[2] . '||' . $it[3] . '||' . $it[4] . '||' . $qty . '||' . $it[6] . '||' . $it[7] . '||' . $it[8] . '||' . $it[9] . '||' . $it[10] . '||' . $it[11] . '||' . $it[12] . '||' . $it[13] . '||' . $it[14] . '||' . $it[15] . '||' . $it[16] . '||' . $it[17] . '||' . $it[18] . '||' . $it[19] . '||' . $it[20];
<?php
include "../include_variables.php";
include "include_header.php";
include "../include_functions.php";
?>
<script>
var localajaxinit = function(){
My_JsLibrary.selectMainTab('index.php');
};
</script>
<?php
$query = mysql_query("select commentID, comment from devents_navrosh.COMMENTS");
while ($row = @mysql_fetch_array($query)) {
extract($row);
// $commentID, $comment
$newcomment = mynl2br($comment);
$result = mysql_query("update devents_navrosh.COMMENTS set comment='" . $newcomment . "' where commentID='{$commentID}' ");
}
include "include_footer.php";
if (!empty($_POST['multiple'])) {
if (is_array($_POST['multiple'])) {
foreach ($_POST['multiple'] as $value) {
if (!empty($value)) {
$data_rp .= $value . "\n";
}
}
}
$fp = fopen("../db/rp/{$item_id}.dat", "w");
fwrite($fp, $data_rp);
fclose($fp);
} elseif (file_exists("../db/rp/{$item_id}.dat") && empty($_POST['multiple'])) {
unlink("../db/rp/{$item_id}.dat");
}
$sd = preg_replace("/<[^>]*>/", "", $description);
$sd = mynl2br($sd, " ");
$sd = preg_replace('/\\s\\s+/', ' ', $sd);
$sd = substr($sd, 0, 3069) . '...';
$di = $id . '|' . $item_id . '|' . $title . '|' . $price . '|' . $discount . '|' . $category . '|' . $subcategory . '|' . $sp_offer . '|' . $sd . '|';
if (!empty($_POST['multiple'])) {
$rp = $_POST['multiple'];
} else {
$rp = '';
}
if ($_POST['update'] == 'update') {
replaceLine('../db/' . $ItemsData . '.dat', $item_id, $di);
$dir = 'ok';
} else {
$fp = fopen("../db/{$ItemsData}.dat", "a");
fwrite($fp, $di . "\n");
fclose($fp);
if (@$cu[6] == 'no') {
$checked = 'checked';
}
@($textarea = str_replace("<br>", "\n", $cu[8]));
if (isset($_POST['update'])) {
$dd = time();
$name = $_POST['name'];
$rate = $_POST['score'];
$comments = $_POST['comments'];
$approve = $_POST['activate'];
if (empty($_POST['activate'])) {
$approve = 'yes';
}
$comments = preg_replace("/<[^>]*>/", "", $comments);
$comments = trim($comments);
$comments = mynl2br($comments, '<br>');
$comments = substr($comments, 0, 510);
$data = $sku . '|' . $item_id . '|' . $dd . '|' . $email . '|' . $name . '|' . $rate . '|' . $approve . '|spare|' . $comments . '|';
$data = $cu[0] . '|' . $cu[1] . '|' . $dd . '|' . $cu[3] . '|' . $name . '|' . $rate . '|' . $approve . '|spare|' . $comments . '|';
replaceLine($ReviewFile, $cu[2], $data);
header('location: reviews.php?msg=ok');
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<script type="text/javascript" src="js/BarMenu.js"></script>
<meta http-equiv="Content-Type" content="text/html; charset=<?php
echo $charset;
?>
">
<span class='bluebuttonSmall cancelspan' fieldname="briefDesc">cancel</span>
</div>
</TD>
</TR>
<TR><TD class='oddrow' valign='top'>Notes:</TD>
<TD class='oddrow' colspan=3>
<?php
if ($taskDetails["work_addedBy"] == $USERNAME) {
?>
<span class='editspan' fieldname='Notes'><PRE> <?php
echo stripslashes($taskDetails["work_Notes"]);
?>
</PRE></span>
<?php
} else {
echo ' ' . stripslashes(mynl2br($taskDetails["work_Notes"])) . '</PRE>';
}
?>
<div style="display:none;" class="editdiv" fieldname="Notes">
<textarea id='editinput_Notes' rows=2 cols=40><?php
echo stripslashes($taskDetails["work_Notes"]);
?>
</textarea>
<BR>
<span class='bluebuttonSmall updatespan' fieldname="Notes">update</span>
<span class='bluebuttonSmall cancelspan' fieldname="Notes">cancel</span>
</div>
</TD>
</TR>
if (empty($_POST['title'])) {
$link = 'null';
}
if (empty($_POST['display'])) {
$display = 'null';
}
if (empty($_POST['meta_keywords'])) {
$meta_keywords = 'null';
}
if (empty($_POST['meta_description'])) {
$meta_description = 'null';
}
$meta_keywords = strip_tags($meta_keywords);
$meta_description = strip_tags($meta_description);
$meta_keywords = mynl2br($meta_keywords, ',');
$meta_description = mynl2br($meta_description, ',');
$description = !get_magic_quotes_gpc() ? $description : stripslashes($description);
$description = trim($description);
$description = str_replace("|", " ", $description);
$title = !get_magic_quotes_gpc() ? $title : stripslashes($title);
$title = str_replace("|", " ", $title);
$page_id = $_POST['update'];
$link = 'null';
$target = 'null';
$registered = 'null';
switch ($page_id) {
case "home":
$url = "index.php";
break;
case "terms":
$url = "terms.php";
$meta_keywords = mynl2br($meta_keywords, ',');
$meta_description = mynl2br($meta_description, ',');
$meta_description = !get_magic_quotes_gpc() ? $meta_description : stripslashes($meta_description);
$meta_keywords = !get_magic_quotes_gpc() ? $meta_keywords : stripslashes($meta_keywords);
$description = !get_magic_quotes_gpc() ? $description : stripslashes($description);
$description = trim($description);
$description = str_replace("|", " ", $description);
$title = !get_magic_quotes_gpc() ? $title : stripslashes($title);
$title = str_replace("|", " ", $title);
$data = $page_id . '|' . $title . '|' . $pageorder . '|' . $link . '|' . $url . '|' . $urlrewriting . '|' . $target . '|' . $meta_keywords . '|' . $meta_description . '|' . $registered . '|' . $description;
$fp = fopen("../pages/{$page_id}.dat", "w");
fwrite($fp, $data . "\n");
fclose($fp);
$SearchDescription = preg_replace("/<[^>]*>/", "", $description);
$SearchDescription = preg_replace('/\\s\\s+/', ' ', $SearchDescription);
$SearchDescription = mynl2br($SearchDescription, ' ');
$SearchDescription = substr($SearchDescription, 0, 1024) . '...';
$DataPage = $pageorder . '|' . $page_id . '|' . $title . '|' . $link . '|' . $url . '|' . $urlrewriting . '|' . $target . '|' . $registered . '|' . trim($SearchDescription) . '|';
if ($_POST['update'] == 'update') {
replaceLine('../db/' . $PagesData . '.dat', $page_id, $DataPage);
$dir = 'ok';
} else {
$fp = fopen("../db/{$PagesData}.dat", "a");
fwrite($fp, $DataPage . "\n");
fclose($fp);
$dir = 'new';
}
header("location: pages.php?msg={$dir}");
exit;
}
?>
if (isset($_POST['contact'])) {
@($title = htmlentities($_POST['title']));
@($display = $_POST['display']);
@($header = htmlentities($_POST['header']));
@($footer = htmlentities($_POST['footer']));
if (empty($_POST['header'])) {
$header = 'null';
}
if (empty($_POST['footer'])) {
$footer = 'null';
}
if (empty($_POST['title'])) {
$link = 'null';
}
$header = mynl2br($header, '<br>');
$footer = mynl2br($footer, '<br>');
$data = $title . '|spare|' . $header . '|' . $footer . '|';
$fp = fopen("db/contact/contact.dat", "w");
fwrite($fp, $data);
fclose($fp);
header('location: pages.php?msg');
}
if (file_exists("db/contact/contact.dat")) {
$fp = fopen("db/contact/contact.dat", "r");
$dt = fgets($fp, 1024);
fclose($fp);
$data = explode('|', $dt);
$hd = str_replace("<br>", "\n", $data[2]);
$ft = str_replace("<br>", "\n", $data[3]);
if ($hd == 'null') {
$hd = '';
// sem spracovanie/osetrenie prislich premennych
// smazani obsahu nevyplnenych promennych
$_SESSION['step_pp_10'] = array();
foreach ($_POST as $key => $value) {
$_SESSION['step_pp_10']["{$key}"] = changeVar($value);
}
// kontrola, zda je zadan nazev firmy, ktery je povinny (tj. zda obsahuje alespon tri znaky)
$r = "/^[a-zA-Z0-9]{1}.{2}.*\$/";
if (strlen($_SESSION['step_pp_10']['firmname_data']) == 0 || !preg_match($r, $_SESSION['step_pp_10']['firmname_data'])) {
$next_step = $_GET['step'];
$next_type = $_GET['type'];
header("Location: ./index.php?step={$next_step}&type={$next_type}");
exit;
}
// osetreni mezer v textarea
$_SESSION['step_pp_10']['add_data'] = mynl2br($_SESSION['step_pp_10']['add_data']);
}
$nextInput = array('firm_ic', 'firm_direction', 'firm_workload', 'firm_position', 'firm_address', 'firm_www', 'firm_add');
$isAllFalse = true;
foreach ($nextInput as $key => $val) {
if (isset($_SESSION['step_pp_5']["{$val}"])) {
$isAllFalse = false;
}
}
array_unshift($nextInput, 'firm_firmname');
foreach ($nextInput as $key => $val) {
if (isset($_SESSION['step_pp_5']["{$val}"]) || $isAllFalse) {
if ($val == 'firm_direction' || $val == 'firm_workload') {
$a[] = '.' . $val;
} else {
$a[] = $val;
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
OTHER DEALINGS IN THE SOFTWARE.
*/
$_page_title = $step_desc[$language] . " " . (array_search($_GET['step'], $_SESSION['steps']) + 1) . " - " . $webgen_cv_title[$language];
// spracovanie formulara
if (count($_POST)) {
// sem spracovanie/osetrenie prislich premennych
// smazani obsahu nevyplnenych promennych
$_SESSION['step_pp_14'] = array();
foreach ($_POST as $key => $value) {
$_SESSION['step_pp_14']["{$key}"] = changeVar($value);
}
// nahrazeni odradkovani v textareach
$_SESSION['step_pp_14']["it_detail_cv_data"] = mynl2br($_SESSION['step_pp_14']["it_detail_cv_data"]);
$_SESSION['step_pp_14']["otherskill_cv_data"] = mynl2br($_SESSION['step_pp_14']["otherskill_cv_data"]);
$_SESSION['step_pp_14']["other_cv_data"] = mynl2br($_SESSION['step_pp_14']["other_cv_data"]);
}
$nextInput = array('cv_nationality', 'cv_family', 'cv_school', 'cv_work', 'cv_knowledge', 'cv_other');
$isAllFalse = true;
foreach ($nextInput as $key => $val) {
if (isset($_SESSION['step_pp_5']["{$val}"])) {
$isAllFalse = false;
}
}
array_unshift($nextInput, 'cv_cellular');
foreach ($nextInput as $key => $val) {
if (isset($_SESSION['step_pp_5']["{$val}"]) || $isAllFalse) {
if ($val == 'cv_school' || $val == 'cv_work') {
$a[] = '.' . $val;
} else {
$a[] = $val;
@($show_per_page1 = $_POST['show']);
@($price1 = str_replace(",", ".", $price1));
@($lang1 = $_POST['lang']);
@($langfront1 = $_POST['lang_front']);
@($currency1 = $_POST['currency']);
@($wysiwyg1 = $_POST['wysiwyg']);
@($rewriting1 = $_POST['rewriting']);
@($stock1 = $_POST['stock']);
@($popup1 = $_POST['popup']);
@($catalog1 = $_POST['catalog']);
@($description1 = $_POST['description']);
@($keywords1 = $_POST['keywords']);
$description1 = preg_replace("/<[^>]*>/", "", $description1);
$keywords1 = preg_replace("/<[^>]*>/", "", $keywords1);
$keywords1 = mynl2br($keywords1, ',');
$description1 = mynl2br($description1, ',');
$description1 = !get_magic_quotes_gpc() ? addslashes($description1) : $description1;
$keywords1 = !get_magic_quotes_gpc() ? addslashes($keywords1) : $keywords1;
$title1 = !get_magic_quotes_gpc() ? addslashes($title1) : $title1;
$slogan1 = !get_magic_quotes_gpc() ? addslashes($slogan1) : $slogan1;
$pass1 = !get_magic_quotes_gpc() ? addslashes($pass1) : $pass1;
$special_offer1 = !get_magic_quotes_gpc() ? addslashes($special_offer1) : $special_offer1;
$design = empty($template) ? 'hanging' : $template;
if (empty($_POST['rewriting'])) {
$rewriting1 = 0;
}
if (empty($_POST['stock'])) {
$stock1 = 0;
}
if (empty($_POST['popup'])) {
$popup1 = 'no';
WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
OTHER DEALINGS IN THE SOFTWARE.
*/
$_page_title = $step_desc[$language] . " " . (array_search($_GET['step'], $_SESSION['steps']) + 1) . " - " . $webgen_tf_title[$language];
// spracovanie formulara
if (count($_POST)) {
// sem spracovanie/osetrenie prislich premennych
// smazani obsahu nevyplnenych promennych
$_SESSION['step_pp_15'] = array();
foreach ($_POST as $key => $value) {
$_SESSION['step_pp_15']["{$key}"] = changeVar($value);
}
// nahrazeni odrazkovani v textareach
foreach ($_SESSION['step_pp_15']["tf_text"] as $key => $value) {
$_SESSION['step_pp_15']["tf_text"]["{$key}"] = mynl2br($value);
}
if (!empty($_FILES)) {
$_SESSION['step_pp_15']['photo_file_upload'] = $_FILES;
}
$pom = 0;
while ($_SESSION['step_pp_15']['tf_photo_alt_data'][$pom]) {
if ($_SESSION['step_pp_15']['tf_photo_que'][$pom] == 'b') {
$dirname = "./tmp/" . $_SESSION['step_all_2']['user_name'] . "/" . $_SESSION['step_all_4']['presentation_name'];
umask(00);
if (!file_exists("./tmp/" . $_SESSION['step_all_2']['user_name'])) {
mkdir("./tmp/" . $_SESSION['step_all_2']['user_name'], 0777);
}
if (!file_exists($dirname)) {
mkdir($dirname, 0777);
}
@($Account1 = $_POST['Account']);
@($PaypalEmail1 = $_POST['PaypalEmail']);
@($PaypalSandbox1 = $_POST['PaypalSandbox']);
if (empty($_POST['Check'])) {
$Check1 = "null";
}
if (empty($_POST['Transfer'])) {
$Transfer1 = "null";
}
if (empty($_POST['PayPal'])) {
$PayPal1 = "null";
}
$CheckAddress1 = preg_replace("/<[^>]*>/", "", $CheckAddress1);
$Account1 = preg_replace("/<[^>]*>/", "", $Account1);
$CheckAddress1 = mynl2br($CheckAddress1, '');
$Account1 = mynl2br($Account1, '');
$CheckAddress1 = addslashes(stripslashes($CheckAddress1));
$Account1 = addslashes(stripslashes($Account1));
if (isset($_POST['update'])) {
if ($PayPal1 != 'null') {
if (empty($_POST['PaypalEmail'])) {
$msg[] = $lang["gateways_alert_paypalemail"];
}
if (checkEmail($_POST['PaypalEmail']) && !empty($_POST['PaypalEmail'])) {
$msg[] = $lang["gateways_alert_valid_email"];
}
}
}
if (isset($_POST['update']) && empty($msg)) {
$fp = fopen("../gateways/gateways.php", "w");
fwrite($fp, '<?php' . "\n");
public function get_workComments($workID, $foriPhone = false)
{
$result = mysql_query("select comment_date, comment_by, comment from COMMENTS where workID='{$workID}' ORDER BY comment_date DESC");
$lastCommentPerson = '';
if ($foriPhone) {
echo "<div id='taskcomments_" . $workID . "' class='divViewComments'>";
while ($row = mysql_fetch_assoc($result)) {
if ($lastCommentPerson != $row['comment_by']) {
echo '<div class="commentBy">' . $row['comment_by'] . ' said:</div>';
}
echo '<div class="commentBdesc">' . format_makeLinks(mynl2br($row['comment'])) . '</div>';
echo '<div class="commentDate">' . caldateTS_to_humanWithTS($row['comment_date']) . '</div>';
$lastCommentPerson = $row['comment_by'];
}
echo "</div>";
return;
}
echo "<table align=center width='97%' cellpadding=2 cellspacing=2 border=0 style='font-size: 95%; margin-top:15px;'>";
while ($row = mysql_fetch_assoc($result)) {
?>
<tr><td valign='top' align='right' width='125'>
<span style='font-weight:bold; color: #65869E;'>
<?php
if ($lastCommentPerson != $row['comment_by']) {
echo $row['comment_by'];
}
?>
</span>
</td>
<td><div class='rcs1'>
<div class='ncd1'><?php
echo format_makeLinks(mynl2br($row['comment']));
?>
</div>
<div class='nct1'><?php
echo caldateTS_to_humanWithTS($row['comment_date']);
?>
</div>
</div>
</td>
</tr>
<?php
$lastCommentPerson = $row['comment_by'];
}
echo "</table>";
}
$title = utf8_decode($title);
}
$title = strtolower($title);
$title = ucfirst($title);
if ($charset == 'utf-8') {
$title = utf8_encode($title);
}
$ct = $data[10];
$ct = preg_replace("/<[^>]*>/", "", $ct);
$ct = preg_replace("#{(.*?)}#si", "", $ct);
if ($rewriting == 1 && $data[3] != 1) {
$Url = $data[5];
} else {
$Url = $data[4];
}
$ct = mynl2br($ct, '');
$ct = str_replace(' ', ' ', $ct);
$ct = str_replace(' ', ' ', $ct);
}
if (!isset($ct)) {
$ct = '';
}
if (preg_match('|\\b' . preg_quote($search) . '\\b|i', $ct)) {
$position = strpos($ct, $search);
$start_position = intval($position - 50);
if ($start_position < 0) {
$start_position = 0;
}
$EndingPosition = intval($lengh + 100);
$result = '...' . substr($ct, $start_position, $EndingPosition) . '...';
$result = str_replace($search, "<strong>{$search2}</strong>", $result);
if (empty($_POST['vat'])) {
$vat = 'null';
}
if (empty($_POST['comments'])) {
$comments = 'null';
}
if (empty($_POST['footer'])) {
$footer = 'null';
}
if (empty($_POST['invoiceprefixe'])) {
$invoiceprefixe = 'null';
}
if (empty($_POST['customerprefixe'])) {
$customerprefixe = 'null';
}
$address = mynl2br($address);
if (empty($msg)) {
$data = $compagny . '|' . $address . '|' . $vat . '|' . $comments . '|' . $footer . '|' . $invoiceprefixe . '|' . $customerprefixe . '|';
$fp = fopen("../pdf/{$InvoiceSetupData}.dat", "w");
fwrite($fp, $data);
fclose($fp);
header('location: index.php?msg=ok');
}
}
if (file_exists("../pdf/{$InvoiceSetupData}.dat")) {
$fp = fopen("../pdf/{$InvoiceSetupData}.dat", "r");
$datasetup = fgets($fp, 255);
fclose($fp);
$setup = explode('|', $datasetup);
if ($setup[2] == 'null') {
$setup[2] = "";
*/
$_page_title = $step_desc[$language] . " " . (array_search($_GET['step'], $_SESSION['steps']) + 1) . " - " . $webgen_blog_article_title[$language];
// spracovanie formulara
if (count($_POST)) {
// sem spracovanie/osetrenie prislich premennych
// smazani obsahu nevyplnenych promennych
$_SESSION['step_blog_6'] = array();
foreach ($_POST as $key => $value) {
$_SESSION['step_blog_6']["{$key}"] = changeVar($value);
}
// kontrola, zda je zadano vsechno - nazev, jmeno, text
$pom = 0;
$error = false;
// nahrazeni odrazkovani v textareach
foreach ($_SESSION['step_blog_6']["article_text_data"] as $key => $value) {
$_SESSION['step_blog_6']["article_text_data"]["{$key}"] = mynl2br($value);
}
while (isset($_SESSION['step_blog_6']['article_author_data'][$pom])) {
if ((strlen($_SESSION['step_blog_6']['article_author_data'][$pom]) == 0 || strlen($_SESSION['step_blog_6']['article_name_data'][$pom]) == 0 || strlen($_SESSION['step_blog_6']['article_text_data'][$pom]) == 0) && (strlen($_SESSION['step_blog_6']['article_author_data'][$pom]) != 0 || strlen($_SESSION['step_blog_6']['article_name_data'][$pom]) != 0 || strlen($_SESSION['step_blog_6']['article_text_data'][$pom]) != 0)) {
$next_step = $_GET['step'];
$next_type = $_GET['type'];
header("Location: ./index.php?step={$next_step}&type={$next_type}");
exit;
}
$pom++;
}
}
echo "<h1>" . $webgen_blog_article_title[$language] . "</h1>";
$pom = 0;
while (isset($_SESSION['step_blog_6']['article_author_data'][$pom])) {
if ((strlen($_SESSION['step_blog_6']['article_author_data'][$pom]) == 0 || strlen($_SESSION['step_blog_6']['article_name_data'][$pom]) == 0 || strlen($_SESSION['step_blog_6']['article_text_data'][$pom]) == 0) && (strlen($_SESSION['step_blog_6']['article_author_data'][$pom]) != 0 || strlen($_SESSION['step_blog_6']['article_name_data'][$pom]) != 0 || strlen($_SESSION['step_blog_6']['article_text_data'][$pom]) != 0)) {
