<?php session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; $val = new Povalidasi(); $mod = $_POST['mod']; $act = $_POST['act']; $tableroleaccess = new PoTable('user_role'); $currentRoleAccess = $tableroleaccess->findByAnd(id_level, $_SESSION['leveluser'], module, $mod); $currentRoleAccess = $currentRoleAccess->current(); // Hapus Tag if ($mod == 'tag' and $act == 'delete') { if ($currentRoleAccess->delete_access == "Y") { $id = $val->validasi($_POST['id'], 'sql'); $tabledel = new PoTable('tag'); $tabledel->deleteBy('id_tag', $id); header('location:../../admin.php?mod=' . $mod); } else { header('location:../../404.php'); } } elseif ($mod == 'tag' and $act == 'multidelete') { if ($currentRoleAccess->delete_access == "Y") { $totaldata = $val->validasi($_POST['totaldata'], 'xss'); if ($totaldata != "0") { $itemdel = $_POST['item']; $tabledel = new PoTable('tag'); foreach ($itemdel as $item) {
<?php session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; $val = new Povalidasi(); $mod = $_POST['mod']; $act = $_POST['act']; $tableroleaccess = new PoTable('user_role'); $currentRoleAccess = $tableroleaccess->findByAnd(id_level, $_SESSION['leveluser'], module, $mod); $currentRoleAccess = $currentRoleAccess->current(); // Delete siswa if ($mod == 'siswa' and $act == 'delete') { if ($currentRoleAccess->delete_access == "Y") { $id = $val->validasi($_POST['id'], 'sql'); $tabledel = new PoTable('siswa'); $tabledel->deleteBy('id_siswa', $id); header('location:../../admin.php?mod=' . $mod); } else { header('location:../../404.php'); } } elseif ($mod == 'siswa' and $act == 'multidelete') { if ($currentRoleAccess->delete_access == "Y") { $totaldata = $val->validasi($_POST['totaldata'], 'xss'); if ($totaldata != "0") { $itemdel = $_POST['item']; $tabledel = new PoTable('siswa'); foreach ($itemdel as $item) {
<?php session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; $val = new Povalidasi(); $mod = $_POST['mod']; $act = $_POST['act']; $tableroleaccess = new PoTable('user_role'); $currentRoleAccess = $tableroleaccess->findByAnd(id_level, $_SESSION['leveluser'], module, $mod); $currentRoleAccess = $currentRoleAccess->current(); // Delete Contact if ($mod == 'contact' and $act == 'delete') { if ($currentRoleAccess->delete_access == "Y") { $id = $val->validasi($_POST['id'], 'sql'); $tabledel = new PoTable('contact'); $tabledel->deleteBy('id_contact', $id); header('location:../../admin.php?mod=' . $mod); } else { header('location:../../404.php'); } } elseif ($mod == 'contact' and $act == 'multidelete') { if ($currentRoleAccess->delete_access == "Y") { $totaldata = $val->validasi($_POST['totaldata'], 'xss'); if ($totaldata != "0") { $itemdel = $_POST['item']; $tabledel = new PoTable('contact'); foreach ($itemdel as $item) {
<?php session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; $val = new Povalidasi(); $mod = $_POST['mod']; $act = $_POST['act']; $tableroleaccess = new PoTable('user_role'); $currentRoleAccess = $tableroleaccess->findByAnd(id_level, $_SESSION['leveluser'], module, $mod); $currentRoleAccess = $currentRoleAccess->current(); if ($mod == 'setting' and $act == 'website_name') { if ($currentRoleAccess->modify_access == "Y") { $post = $val->validasi($_POST['post'], 'xss'); $data = array('website_name' => $post); $table = new PoTable('setting'); $table->updateBy('id_setting', '1', $data); echo "{$post}"; } else { echo "404 Not Found Access"; } } elseif ($mod == 'setting' and $act == 'website_url') { if ($currentRoleAccess->modify_access == "Y") { $post = $val->validasi($_POST['post'], 'xss'); $data = array('website_url' => $post); $table = new PoTable('setting'); $table->updateBy('id_setting', '1', $data); echo "{$post}";
<?php session_start(); include_once 'po-library/po-database.php'; include_once 'po-library/po-function.php'; $val = new Povalidasi(); /*if (!$_SESSION['submit']){ header("location:404.php"); }else{ require_once('po-library/recaptchalib.php'); $secret = "6LckEgETAAAAAHqx4VFD4zNL96P9UEikD8BHfT28"; $reCaptcha = new ReCaptcha($secret); if($_POST["g-recaptcha-response"]){ $resp = $reCaptcha->verifyResponse( $_SERVER["REMOTE_ADDR"], $_POST["g-recaptcha-response"] ); } if ($resp != null && $resp->success) {*/ if (empty($_POST['name']) || empty($_POST['email']) || empty($_POST['url']) || empty($_POST['comment'])) { header("location:404.php"); } else { $id = $val->validasi($_POST['id'], 'sql'); $seotitle = $val->validasi($_POST['seotitle'], 'xss'); $name = $val->validasi($_POST['name'], 'xss'); $email = $val->validasi($_POST['email'], 'xss'); $url = $val->validasi($_POST['url'], 'xss'); $comment = $val->validasi($_POST['comment'], 'xss'); $split_text = explode(" ", $comment); $split_count = count($split_text); $max = 57;
// CoGen a.k.a Component Generator // ======================================================================= // Creator : Dwira Survivor // Version : 1.0.0 // About : // CoGen is tool for PopojiCMS for generate some component without // coding, so user can create new component in PopojiCMS with easy steps. // ======================================================================= // Don't delete this comments session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; $val = new Povalidasi(); $mod = $_POST['mod']; $act = $_POST['act']; // Add Field Form if ($mod == 'cogen' and $act == 'compogenaddfield') { $id = $val->validasi($_POST['id'], 'sql'); ?> <div class="col-md-12" style="margin-top:10px;"> <label>Field <?php echo $id; ?> <span class="text-danger">*</span></label> <div class="row"> <div class="col-md-3"> <div class="form-group"> <label for="compo_field_name_<?php
<?php session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; $val = new Povalidasi(); $mod = $_POST['mod']; $act = $_POST['act']; // Delete Event if ($mod == 'event' and $act == 'delete') { $id = $val->validasi($_POST['id'], 'sql'); $tabledel = new PoTable('event'); $tabledel->deleteBy('id_event', $id); header('location:../../admin.php?mod=' . $mod); } elseif ($mod == 'event' and $act == 'input') { $title = $val->validasi($_POST['title'], 'xss'); $seotitle = seo_title($title); $start = $val->validasi($_POST['start'], 'xss'); $end = $val->validasi($_POST['end'], 'xss'); $allday = $val->validasi($_POST['allday'], 'xss'); $data = $_POST['content']; $data = stripslashes($data); $eutf = htmlspecialchars($data, ENT_QUOTES); $color = $val->validasi($_POST['color'], 'xss'); $table = new PoTable('event'); $table->save(array('title' => $title, 'startevt' => $start, 'endevt' => $end, 'allday' => $allday, 'content' => $eutf, 'seotitle' => $seotitle, 'color' => $color)); header('location:../../admin.php?mod=' . $mod); } elseif ($mod == 'event' and $act == 'update') {
<?php session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; $val = new Povalidasi(); $mod = $_POST['mod']; $act = $_POST['act']; $tableroleaccess = new PoTable('user_role'); $currentRoleAccess = $tableroleaccess->findByAnd(id_level, $_SESSION['leveluser'], module, $mod); $currentRoleAccess = $currentRoleAccess->current(); // Input absen if ($mod == 'absen' and $act == 'view_data') { if ($currentRoleAccess->write_access == "Y") { $_SESSION['idk'] = $_POST['idk']; $_SESSION['jam'] = $_POST['jam']; header('location:../../admin.php?mod=' . $mod . '&act=addnew'); } else { header('location:../../404.php'); } } // Input absen if ($mod == 'absen' and $act == 'input') { if ($currentRoleAccess->write_access == "Y") { $absen = $val->validasi($_POST['absen'], 'xss'); $table = new PoTable('absen'); $id_siswa = $_POST['id_siswa']; $kelas = $_POST['kelas'];
<?php session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; include_once '../../../po-library/po-pclzip.lib.php'; $val = new Povalidasi(); $mod = $_POST['mod']; $act = $_POST['act']; $tableroleaccess = new PoTable('user_role'); $currentRoleAccess = $tableroleaccess->findByAnd(id_level, $_SESSION['leveluser'], module, $mod); $currentRoleAccess = $currentRoleAccess->current(); // Hapus Theme if ($mod == 'theme' and $act == 'delete') { if ($currentRoleAccess->delete_access == "Y") { $id = $val->validasi($_POST['id'], 'sql'); $tabledel = new PoTable('theme'); $currentSearch = $tabledel->findBy(id_theme, $id); $currentSearch = $currentSearch->current(); $folder = $currentSearch->folder; $dirPath = "../../../po-content/{$folder}"; $deletef = deleteDir($dirPath); if ($deletef) { $tabledel->deleteBy('id_theme', $id); header('location:../../admin.php?mod=' . $mod); } else { header('location:../../404.php'); }
<?php session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; $val = new Povalidasi(); $mod = $_POST['mod']; $act = $_POST['act']; $tableroleaccess = new PoTable('user_role'); $currentRoleAccess = $tableroleaccess->findByAnd(id_level, $_SESSION['leveluser'], module, $mod); $currentRoleAccess = $currentRoleAccess->current(); // Delete Post if ($mod == 'post' and $act == 'delete') { if ($currentRoleAccess->delete_access == "Y") { $id = $val->validasi($_POST['id'], 'sql'); $tabledel = new PoTable('post'); $currentPosts = $tabledel->findByAnd(id_post, $id, editor, $_SESSION['iduser']); $currentPosts = $currentPosts->current(); if ($currentPosts == '0') { header('location:../../admin.php?mod=' . $mod); } else { $tabledel->deleteBy('id_post', $id); } header('location:../../admin.php?mod=' . $mod); } else { header('location:../../404.php'); } } elseif ($mod == 'post' and $act == 'multidelete') {
<?php session_start(); include_once 'po-library/po-database.php'; include_once 'po-library/po-function.php'; $val = new Povalidasi(); if (!$_SESSION['submit']) { header("location:404.php"); } else { if (empty($_POST['email_address'])) { header("location:404.php"); } else { $tablecari = new PoTable('subscribe'); $currentCari = $tablecari->numRowBy(email, $_POST['email_address']); if ($currentCari > 0) { header("location:404.php"); } else { $email = $val->validasi($_POST['email_address'], 'xss'); $table = new PoTable('subscribe'); $table->save(array('email' => $email)); unset($_POST); echo "<script language='javascript'>\r\n window.alert('Succesfully Email Subscribe')\r\n window.location.href='./';\r\n </script>"; } } }
<?php session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; $val = new Povalidasi(); $mod = $_POST['mod']; $act = $_POST['act']; $tableroleaccess = new PoTable('user_role'); $currentRoleAccess = $tableroleaccess->findByAnd(id_level, $_SESSION['leveluser'], module, $mod); $currentRoleAccess = $currentRoleAccess->current(); // Hapus absen if ($mod == 'absen' and $act == 'delete') { if ($currentRoleAccess->delete_access == "Y") { $id = $val->validasi($_POST['id'], 'sql'); $tabledel = new PoTable('absen'); $tabledel->deleteBy('id_absen', $id); header('location:../../admin.php?mod=' . $mod); } else { header('location:../../404.php'); } } elseif ($mod == 'absen' and $act == 'multidelete') { if ($currentRoleAccess->delete_access == "Y") { $totaldata = $val->validasi($_POST['totaldata'], 'xss'); if ($totaldata != "0") { $itemdel = $_POST['item']; $tabledel = new PoTable('absen'); foreach ($itemdel as $item) {
<?php session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; include_once '../../../po-library/po-pclzip.lib.php'; $val = new Povalidasi(); $mod = $_POST['mod']; $act = $_POST['act']; $tableroleaccess = new PoTable('user_role'); $currentRoleAccess = $tableroleaccess->findByAnd(id_level, $_SESSION['leveluser'], module, $mod); $currentRoleAccess = $currentRoleAccess->current(); // Hapus Component if ($mod == 'component' and $act == 'delete') { if ($currentRoleAccess->delete_access == "Y") { $id = $val->validasi($_POST['id'], 'sql'); $tabledel = new PoTable('component'); $currentSearch = $tabledel->findBy(id_component, $id); $currentSearch = $currentSearch->current(); $component = $currentSearch->component; $table_name = $currentSearch->table_name; $dbhostsql = DATABASE_HOST; $dbusersql = DATABASE_USER; $dbpasswordsql = DATABASE_PASS; $dbnamesql = DATABASE_NAME; $connection = mysql_connect($dbhostsql, $dbusersql, $dbpasswordsql) or die(mysql_error()); mysql_select_db($dbnamesql, $connection) or die(mysql_error()); $dirPath = "../../po-component/{$component}";
<?php session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; $val = new Povalidasi(); $mod = $_POST['mod']; $act = $_POST['act']; $tableroleaccess = new PoTable('user_role'); $currentRoleAccess = $tableroleaccess->findByAnd(id_level, $_SESSION['leveluser'], module, $mod); $currentRoleAccess = $currentRoleAccess->current(); // Delete guru if ($mod == 'guru' and $act == 'delete') { if ($currentRoleAccess->delete_access == "Y") { $id = $val->validasi($_POST['id'], 'sql'); $tabledel = new PoTable('guru'); $tabledel->deleteBy('id_guru', $id); header('location:../../admin.php?mod=' . $mod); } else { header('location:../../404.php'); } } elseif ($mod == 'guru' and $act == 'multidelete') { if ($currentRoleAccess->delete_access == "Y") { $totaldata = $val->validasi($_POST['totaldata'], 'xss'); if ($totaldata != "0") { $itemdel = $_POST['item']; $tabledel = new PoTable('guru'); foreach ($itemdel as $item) {
<?php session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; $val = new Povalidasi(); $mod = $_POST['mod']; $act = $_POST['act']; $tableroleaccess = new PoTable('user_role'); $currentRoleAccess = $tableroleaccess->findByAnd(id_level, $_SESSION['leveluser'], module, $mod); $currentRoleAccess = $currentRoleAccess->current(); // Delete User Level if ($mod == 'user' and $act == 'deleteuser') { if ($currentRoleAccess->delete_access == "Y") { $id = $val->validasi($_POST['id'], 'sql'); $tabledel = new PoTable('users'); $tabledel->deleteBy('id_user', $id); header('location:../../admin.php?mod=' . $mod); } else { header('location:../../404.php'); } } elseif ($mod == 'user' and $act == 'deleteuserlevel') { if ($currentRoleAccess->delete_access == "Y") { $id = $val->validasi($_POST['id'], 'sql'); $tabledel = new PoTable('user_level'); $tabledel->deleteBy('id_level', $id); header('location:../../admin.php?mod=' . $mod . '&act=userlevel'); } else {
<?php session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; $val = new Povalidasi(); $mod = $_POST['mod']; $act = $_POST['act']; $tableroleaccess = new PoTable('user_role'); $currentRoleAccess = $tableroleaccess->findByAnd(id_level, $_SESSION['leveluser'], module, $mod); $currentRoleAccess = $currentRoleAccess->current(); // Delete kelas if ($mod == 'kelas' and $act == 'delete') { if ($currentRoleAccess->delete_access == "Y") { $id = $val->validasi($_POST['id'], 'sql'); $tabledel = new PoTable('kelas'); $tabledel->deleteBy('id_kelas', $id); header('location:../../admin.php?mod=' . $mod); } else { header('location:../../404.php'); } } elseif ($mod == 'kelas' and $act == 'multidelete') { if ($currentRoleAccess->delete_access == "Y") { $totaldata = $val->validasi($_POST['totaldata'], 'xss'); if ($totaldata != "0") { $itemdel = $_POST['item']; $tabledel = new PoTable('kelas'); foreach ($itemdel as $item) {
<?php session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; require_once '../../po-component/po-oauth/twitter/twitteroauth/twitteroauth.php'; $val = new Povalidasi(); $tableoauthtw = new PoTable('oauth'); $currentOauthtw = $tableoauthtw->findBy(id_oauth, '2'); $currentOauthtw = $currentOauthtw->current(); $conkeyOauthtw = $currentOauthtw->oauth_key; $consecretOauthtw = $currentOauthtw->oauth_secret; $idOauthtw = $currentOauthtw->oauth_id; $tokenOauthtw = $currentOauthtw->oauth_token1; $tokensecretOauthtw = $currentOauthtw->oauth_token2; $tablesetting = new PoTable('setting'); $currentSetting = $tablesetting->findBy(id_setting, '1'); $currentSetting = $currentSetting->current(); $urlwebsite = $currentSetting->website_url; $urlwebsitename = $currentSetting->website_name; define('CONSUMER_KEY', '' . $conkeyOauthtw . ''); define('CONSUMER_SECRET', '' . $consecretOauthtw . ''); define('OAUTH_CALLBACK', '' . $urlwebsite . '/po-adminboard/admin.php?mod=post'); $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $tokenOauthtw, $tokensecretOauthtw); $valid = $val->validasi($_GET['id'], 'sql'); $table = new PoTable('post'); $currentPosts = $table->findBy(id_post, $valid); $currentPosts = $currentPosts->current();
<?php session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; $val = new Povalidasi(); $mod = $_POST['mod']; $act = $_POST['act']; $tableroleaccess = new PoTable('user_role'); $currentRoleAccess = $tableroleaccess->findByAnd(id_level, $_SESSION['leveluser'], module, $mod); $currentRoleAccess = $currentRoleAccess->current(); // Delete Comment if ($mod == 'comment' and $act == 'delete') { if ($currentRoleAccess->delete_access == "Y") { $id = $val->validasi($_POST['id'], 'sql'); $tabledel = new PoTable('comment'); $tabledel->deleteBy('id_comment', $id); header('location:../../admin.php?mod=' . $mod); } else { header('location:../../404.php'); } } elseif ($mod == 'comment' and $act == 'multidelete') { if ($currentRoleAccess->delete_access == "Y") { $totaldata = $val->validasi($_POST['totaldata'], 'xss'); if ($totaldata != "0") { $itemdel = $_POST['item']; $tabledel = new PoTable('comment'); foreach ($itemdel as $item) {
<?php session_start(); if (empty($_SESSION['namauser']) and empty($_SESSION['passuser'])) { header('location:../../404.php'); } else { include_once '../../../po-library/po-database.php'; include_once '../../../po-library/po-function.php'; $val = new Povalidasi(); $mod = $_POST['mod']; $act = $_POST['act']; $tableroleaccess = new PoTable('user_role'); $currentRoleAccess = $tableroleaccess->findByAnd(id_level, $_SESSION['leveluser'], module, $mod); $currentRoleAccess = $currentRoleAccess->current(); // Delete Gallery if ($mod == 'gallery' and $act == 'deletegallery') { if ($currentRoleAccess->delete_access == "Y") { $id = $val->validasi($_POST['id'], 'sql'); $tabledel = new PoTable('gallery'); $tabledel->deleteBy('id_gallery', $id); header('location:../../admin.php?mod=' . $mod); } else { header('location:../../404.php'); } } elseif ($mod == 'gallery' and $act == 'multidelete') { if ($currentRoleAccess->delete_access == "Y") { $totaldata = $val->validasi($_POST['totaldata'], 'xss'); if ($totaldata != "0") { $itemdel = $_POST['item']; $tabledel = new PoTable('gallery'); foreach ($itemdel as $item) {
<?php session_start(); include_once 'po-library/po-database.php'; include_once 'po-library/po-function.php'; $val = new Povalidasi(); if (!$_SESSION['submit']) { header("location:404.php"); } else { if (empty($_POST['name_contact']) || empty($_POST['email_contact']) || empty($_POST['subject_contact']) || empty($_POST['message_contact'])) { header("location:404.php"); } else { $name_contact = $val->validasi($_POST['name_contact'], 'xss'); $email_contact = $val->validasi($_POST['email_contact'], 'xss'); $subject_contact = $val->validasi($_POST['subject_contact'], 'xss'); $message_contact = $val->validasi($_POST['message_contact'], 'xss'); $message = "<html>\r\n\t\t\t<body>\r\n\t\t\t\tName : {$name_contact}<br />\r\n\t\t\t\tEmail : {$email_contact}<br />\r\n\t\t\t\tMessage : {$message_contact}<br /><br />\r\n\t\t\t\tSend Date : {$hari_ini}, {$tgl_skrg}-{$bln_sekarang}-{$thn_sekarang} ({$jam_sekarang} WIB)\r\n\t\t\t</body>\r\n\t\t\t</html>"; $table = new PoTable('contact'); $table->save(array('name_contact' => $name_contact, 'email_contact' => $email_contact, 'subjek_contact' => $subject_contact, 'message_contact' => $message)); unset($_POST); echo "<script language='javascript'>\r\n window.alert('Succesfully Send Message')\r\n window.location.href='contact';\r\n </script>"; } }