Beispiel #1
0
UPDATE `users`
SET `active` = %d,
`modified_at` = '%s'
WHERE `id` = %d
SQL;
        $sql = sprintf($sql, (int) $db->escString($active), date('Y-m-d h:i:s'), (int) $db->escString($id));
        if ($db->execute($sql)) {
            Response::Redirect("index.php?done=edit");
        } else {
            $emsg = "Could not edit user. Something went wrong. Please try again.";
        }
    }
}
if (Request::Post('edit_user_password_key') == "1") {
    $password = Request::Post('password');
    $cpassword = Request::Post('cpassword');
    if ($password == "") {
        $errors['password'][] = "Password field cannot be empty";
    }
    if ($cpassword == "") {
        $errors['cpassword'][] = "Confirm Password field cannot be empty";
    }
    if (strlen($password) < 6 || strlen($password) > 30) {
        $errors['password'][] = "Password must be (6-30) characters long.";
    }
    if ($password != $cpassword) {
        $errors['password'][] = "Password didnot matched";
        $errors['cpassword'][] = "Password didnot matched";
    }
    if (empty($errors)) {
        $sql = <<<SQL
Beispiel #2
0
require_once BASE_DIR . 'configs' . DS . 'incs.php';
require_once BASE_DIR . 'helpers' . DS . 'incs.php';
require_once ADMIN_DIR . 'incs' . DS . 'incs.php';
//-------------------------------------------------------
Util::$template_path = ADMIN_DIR . 'templates' . DS;
//-------------------------------------------------------
$db = new Db($db_config);
$sql = "SELECT * FROM `settings`";
$done = Request::Get('done');
$emsg = "";
$smsg = "";
switch (strtolower($done)) {
    case 'edit':
        $smsg = "Settings edited successfully";
        break;
}
if (Request::Post('edit_settings_key') == "1") {
    $site_name = trim(Request::Post('site_name'));
    if ($site_name == "") {
        $emsg = "Site name cannot be empty";
    }
    if ($emsg == "") {
        if ($db->execute(sprintf("UPDATE `settings` SET `site_name` = '%s'", $site_name))) {
            Response::Redirect('index.php?done=edit');
        } else {
            $emsg = "Could not edit settings. Something went wrong. Please try again.";
        }
    }
}
//-------------------------------------------------------
echo Util::Render('master.phtml', array('page_title' => 'Settings', 'content' => Util::Render('settings/index.phtml', array('settings' => $db->row($sql), 'smsg' => $smsg, 'emsg' => $emsg))));
Beispiel #3
0
define('DS', DIRECTORY_SEPARATOR);
define('ADMIN_DIR', dirname(__FILE__) . DS);
define('BASE_DIR', dirname(__FILE__) . DS . '..' . DS);
define('ADMIN_ROOT', '');
define('SITE_ROOT', '../');
require_once BASE_DIR . 'Libs' . DS . 'autoload.php';
require_once BASE_DIR . 'configs' . DS . 'incs.php';
require_once BASE_DIR . 'helpers' . DS . 'incs.php';
require_once ADMIN_DIR . 'incs' . DS . 'incs.php';
//-------------------------------------------------------
Util::$template_path = ADMIN_DIR . 'templates' . DS;
//-------------------------------------------------------
$emsg = "";
if (Request::Post('login_key') == "1") {
    $username = Request::Post('username');
    $password = Request::Post('password');
    if ($username == "" || $password == "") {
        $emsg = "Please enter both username and password.";
    } else {
        $db = new Db($db_config);
        $sql = <<<SQL
SELECT * FROM `users`
WHERE `username` = '%s' AND `password` = '%s' AND `active` = 1
SQL;
        $sql = sprintf($sql, $db->escString($username), $db->escString(md5($password . SALT)));
        if ($db->numRows($sql) > 0) {
            $user = $db->row($sql);
            $db->execute(sprintf("UPDATE `users` SET `logged_at` = '%s' WHERE `id` = %d", date('Y-m-d h:i:s'), (int) $db->escString($user['id'])));
            Session::Set('username', $user['username']);
            Session::Set('id', $user['id']);
            Response::Redirect(ADMIN_ROOT . 'index.php');
Beispiel #4
0
            if ($db->execute($sql)) {
                Response::Redirect('index.php?done=upload_image');
            } else {
                $emsg = "Could not upload image. Please try again.";
            }
        }
    }
}
if (Request::Post('edit_page_key') == "1") {
    $page_title = trim(Request::Post('page_title'));
    $content = trim(Request::Post('content'));
    $slug = trim(Request::Post('slug'));
    $menu_title = trim(Request::Post('menu_title'));
    $is_home = is_null(Request::Post('is_home')) ? 0 : 1;
    $is_menu = is_null(Request::Post('is_menu')) ? 0 : 1;
    $active = is_null(Request::Post('active')) ? 0 : 1;
    if ($page_title == "") {
        $errors['page_title'][] = "Page title field cannot be empty";
    }
    if ($content == "") {
        $errors['content'][] = "Content field cannot be empty";
    }
    if ($slug == "") {
        $errors['slug'][] = "Slug field cannot be empty";
    }
    if ($menu_title == "") {
        $errors['menu_title'][] = "Menu title field cannot be empty";
    }
    if ($db->numRows(sprintf("SELECT `id` FROM `pages` WHERE `slug` = '%s' AND `id` <> %d", $db->escString($slug), (int) $db->escString($id))) > 0) {
        $errors['slug'][] = "Slug " . $slug . " already exists. Please try another";
    }