function content()
 {
     $db = new sql();
     $db->connect();
     if (time() < 1098388800) {
         $res = $db->query("select projects.id, name, company, category, sum(IF(grade is null,0, grade))/count(IF(grade is null,0, grade)) as gsum, count(grade) as gcount FROM projects left join votes on projects.id=votes.id group by projects.id, name, company, category order by gsum desc");
     } else {
         $res = $db->query("select projects.id, name, company, category, sum(IF(grade is null,0, grade))/count(IF(grade is null,0, grade)) as gsum, count(grade) as gcount FROM projects left join votes on projects.id=votes.id where grade>0 group by projects.id, name, company, category order by gsum desc");
     }
     $cats = array(1 => "A", "C", "Y");
     $tr = "";
     while ($data = $db->fetch_array($res)) {
         $res1 = $db->query("select * from categories where category_id={$data['category']}");
         $data1 = $db->fetch_array($res1);
         $url = "/projects/" . $cats[$data1["category_id"]] . "/";
         eval('$tr.="' . page::template("modules/resultTR") . '";');
     }
     if (!$tr) {
         $tr = "<p style=\"font-size: 0.85em;\">В настоящее время в данной номинации заявок не подано.</p><p style=\"font-size: 0.85em;\"><a href=\"/request/\">Заявки</a> принимаются до 15 октября 2004 года</p>";
     }
     $resultTr .= $tr;
     if ($resultTr) {
         eval('$projectsMain.="' . page::template("modules/resultMain") . '";');
     }
     $resultTr = "";
     if (time() < 1098388800) {
         $text = "<p>Здесь размещены текущие результаты голосования, обновляющиеся в режиме реального времени.</p><p>Для того, чтобы проголосовать за проект надо перейти на его страницу.</p><p>Вы можете поставить свою оценку каждому из 22 представленных проектов, но можете сделать это только 1 раз за весь период голосования.</p><p>Голосование открыто до 0:00 22 октября 2004 года.</p>";
     } else {
         $text = "<h3>Голование закрыто в&nbsp;0:00 22&nbsp;октября 2004&nbsp;года.</h3><p><i>При анализе хода голосования за&nbsp;проекты в&nbsp;интернете, Оргкомитет конкурса М2.&nbsp;Новый&nbsp;Дом&nbsp;2004. обнаружил многочисленные случаи злоупотребления при выставлении оценки 0&nbsp;баллов. В&nbsp;целях повышения релевантности итогов голосования, Оргкомитет принял решение не&nbsp;учитывать оценки 0&nbsp;баллов, выставленные за&nbsp;весь период голосования в&nbsp;интернете.</i></p>";
     }
     $this->elements["content"] = $text . $projectsMain;
 }
 function defaultAction()
 {
     global $HTTP_SERVER_VARS;
     include "./lib/config.inc.php";
     $db = new sql();
     $db->connect();
     $result = $db->query('SELECT VERSION() AS version');
     if ($result != FALSE && $db->num_rows($result) > 0) {
         $row = $db->fetch_array($result);
         $match = $row['version'];
     } else {
         $result = $db->query('SHOW VARIABLES LIKE \'version\'');
         if ($result != FALSE && $db->num_rows($result) > 0) {
             $row = $db->fetch_array($result);
             $match = $row[1];
         }
     }
     $this->MYSQL_VER = $match;
     $this->PHP_OS = PHP_OS;
     $this->PHP_VERSION = PHP_VERSION;
     $this->CMS = $admin_config["name"] . " " . $admin_config["version"];
     $this->AUTHOR = $admin_config["author"];
     $this->HOME_PAGE = $admin_config["home_page"];
     $content = admin::template("info", $this);
     $this->elements["content"] = $content;
 }
Beispiel #3
0
 function event_CreateRevision(&$data)
 {
     $res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t*\r\n\t\t\t\tFROM \r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_seo\r\n\t\t\t\tWHERE \r\n\t\t\t\t\tID = '" . $data['id'] . "' AND\r\n\t\t\t\t\trevision = '" . $data['from'] . "'\r\n\t\t\t");
     while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
         sql::query("\r\n\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_seo \r\n\t\t\t\t\tSET \r\n\t\t\t\t\t\tID='" . $data['id'] . "', \r\n\t\t\t\t\t\trevision='" . $data['to'] . "',\r\n\t\t\t\t\t\tkeywords='" . addslashes($row['keywords']) . "',\r\n\t\t\t\t\t\tdescription='" . addslashes($row['description']) . "'\r\n\t\t\t\t");
     }
 }
 function language($language, $site, $load = false)
 {
     $res = sql::query("\r\n\t\t    \tSELECT \r\n\t\t\t\t    *\r\n\t\t\t    FROM\r\n    \t\t\t\t" . _TABLE_PREFIX_ . "language\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tid = '" . addslashes($language) . "' AND\r\n\t\t\t\t\tsite = '" . addslashes($site) . "'\r\n\t\t    ");
     if ($row = sql::fetch_array($res)) {
         $this->id = $row['id'];
         $this->name = $row['name'];
         $this->public = !!$row['public'];
     } else {
         $this->id = 'en';
         $this->name = 'English';
         $this->public = false;
     }
     @(include _BASE_LIBRARIES_ . 'resources/iso639to3166.php');
     $this->flag = strtolower($iso639to3166[$this->id]);
     if ($load) {
         // Load english strings first...
         $res = @mysql_query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t* \r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "strings\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tlanguage = 'en'\r\n\t\t\t\t");
         while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
             $this->strings[$row['id']] = $row['value'];
         }
         if ($language != 'en') {
             $res = sql::query("\r\n\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t* \r\n\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "strings\r\n\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\tlanguage = '" . addslashes($language) . "'\r\n\t\t\t\t\t");
             while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
                 $this->strings[$row['id']] = $row['value'];
             }
         }
     }
 }
Beispiel #5
0
function get_tree($id = 0, $open_nodes, $level = 0, $url = "")
{
    global $cid;
    $furl = $url;
    $level++;
    $style = $level == 1 ? " style=\"margin-left: 0px; padding-left: 0px;\"" : "";
    $db = new sql();
    $db->connect();
    $res = $db->query(_QUERY . " where pid={$id} order by sortorder");
    if ($db->num_rows($res) > 0) {
        $s .= "<ul{$style}>\n";
        while ($data = $db->fetch_array($res)) {
            $gc = got_child($data["id"]);
            $img = $gc ? $open_nodes[$data["id"]] ? "minus" : "plus" : "dot";
            $img1 = $gc ? $open_nodes[$data["id"]] ? "folderopen" : "folder" : "page";
            $pid = $open_nodes[$data["id"]] ? $data["pid"] : $data["id"];
            $checked = $data["id"] == $cid ? " checked" : "";
            $url .= "/" . $data["url"];
            $a_o = $gc ? "<a href=\"?id={$pid}\" class=\"{$class}\" id=\"tree\">" : "";
            $a_c = $gc ? "</a>" : "";
            $s .= "<li>{$a_o}<img src=\"../i/" . $img . ".gif\" alt=\"\" border=\"0\" align=\"absmiddle\" height=\"20\" width=\"20\" style=\"margin: 3px;\"><input type=\"radio\" name=\"sel\" id =\"sel\" value=\"" . $url . "/\" align=\"middle\" style=\"border-width: 0px\" onClick=\"onSelect()\"{$checked}><img src=\"../i/{$img1}.gif\" alt=\"\" border=\"0\" align=\"absmiddle\" height=\"20\" width=\"20\" style=\"margin: 3px;\"><span id=\"name" . $data["id"] . "\">" . $data["title"] . "</span>{$a_c}</li>\n";
            if ($open_nodes[$data["id"]]) {
                $s .= get_tree($data["id"], $open_nodes, $level, $url);
            } else {
                $url = $furl;
            }
        }
        $s .= "</ul>\n";
        return $s;
    } else {
        return;
    }
}
Beispiel #6
0
 function defaultAction()
 {
     $db = new sql();
     $db->connect();
     $chid = $this->chid;
     include "lib/pagination.class.php";
     include "lib/orderby.class.php";
     $adminConfig = admin::adminConfig();
     for ($i = 1; $i < 4; $i++) {
         $voteTR = "";
         $orderBy = new orderBy("?chid=" . $this->chid . "&", array("id" => "№", "time" => "Дата", "name" => "Заголовок", "company" => "Компания", "gsum" => "Средний бал", "gcount" => "Проголосовало"), array("gsum" => "desc"), $this->field[$i], $this->order[$i], array("field[{$i}]", "order[{$i}]"));
         $pagination = new pagination($orderBy->urlForPage(), $this->page, $adminConfig["recPerPage"], '', "projects", "id");
         $res = $db->query("select projects.id, name, company, category_name, date, sum(IF(grade is null,0, grade))/count(IF(grade is null,0, grade)) as gsum, count(grade) as gcount FROM (projects LEFT JOIN categories ON projects.category = categories.category_id) left join votes on projects.id=votes.id where category={$i} group by projects.id, name, company, category_name, date " . $orderBy->orderByQuery() . " " . $pagination->limit());
         $page = $this->page ? "&page=" . $this->page : "";
         while ($data = $db->fetch_array($res)) {
             $data["date"] = date("d.m.Y", $data["date"]);
             eval('$voteTR.="' . admin::template("voteTR") . '";');
         }
         $pageBar = $pagination->bar();
         $th = $orderBy->bar();
         eval('$content.="' . admin::template("voteMain") . '";');
         $content .= "<br>";
     }
     $this->elements["content"] = $content;
 }
Beispiel #7
0
 function read()
 {
     $res = sql::query('SELECT * FROM ' . _TABLE_PREFIX_ . 'config');
     while ($row = sql::fetch_array($res)) {
         $this->data[$row['name']] = unserialize($row['data']);
     }
 }
Beispiel #8
0
 function _changeLanguage($id, $language)
 {
     $res = sql::query("\r\n\t\t\t\tUPDATE \r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\tSET \r\n\t\t\t\t\tlanguage = '" . addslashes($language) . "'\r\n\t\t\t\tWHERE \r\n\t\t\t\t\tID='" . $id . "'\r\n\t\t\t");
     $res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t*\r\n\t\t\t\tFROM \r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\tWHERE \r\n\t\t\t\t\tparent = '" . $id . "'\r\n\t\t\t");
     while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
         $this->_changeLanguage($row['ID'], $language);
     }
 }
Beispiel #9
0
 function authorize($ticket)
 {
     ticket::cleanup();
     $res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t* \r\n\t\t\t\tFROM\r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "tickets\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tticket = '" . addslashes($ticket) . "'\r\n\t\t\t");
     if ($row = sql::fetch_array($res)) {
         return $row['id'];
     }
 }
Beispiel #10
0
 function rightBar()
 {
     $db = new sql();
     $db->connect();
     $res = $db->query(" select * from news order by time desc limit 0, 3");
     while ($data = $db->fetch_array($res)) {
         $this->elements["rightBar"] .= '<table><tr><th>' . $data["title"] . ':</th></tr><tr><td>' . $data["text"] . '</td></tr></table>';
     }
     $this->elements["rightBar"] = '<td valign="top" style="padding-left: 1em;">' . $this->elements["rightBar"] . '<p align="right"><a href="/news/">¬се новости &rarr;</a></p><br><i>¬ принципе, вы можете зайти и ознакомитьс¤ с <a href="/timeline/" target="_self">хронологией моих работ</a> (благо, их пока не так уж много).</i><p align="right"><a href="/card/" target="_self"> арта сайта &rarr;</a></p></td>';
 }
Beispiel #11
0
 function edit()
 {
     $db = new sql();
     $db->connect();
     $res = $db->query("select * from news where id=" . $this->id);
     $data = $db->fetch_array($res);
     $data["text"] = htmlspecialchars($data["text"]);
     $select = admin::getDateSelectOptions($data["time"]);
     $chid = $this->chid;
     $action = "appendEdit";
     $header = "Редактирование";
     eval("\$content=\"" . admin::template("newsAdd", "FORMPOST", array("fields[title]" => "EXISTS")) . "\";");
     $this->elements["content"] = $content;
 }
 function pagination($curUrl, $curPage, $recPerPage, $totalCount, $tableName = "", $fieldName = "", $where = "")
 {
     $this->url = $curUrl;
     $this->page = $curPage ? $curPage : 1;
     $this->recPerPage = $recPerPage;
     if ($totalCount) {
         $this->totalRecCount = $totlaCount;
     } else {
         $db = new sql();
         $db->connect();
         $db->query("select count({$fieldName}) as rec_count from {$tableName} {$where}");
         $data = $db->fetch_array($db->result);
         $this->totalRecCount = $data["rec_count"];
     }
 }
 function edit()
 {
     $db = new sql();
     $db->connect();
     $res = $db->query("select * from projects where id=" . $this->id);
     $data = $db->fetch_array($res);
     $data["date"] = date("d.m.Y", $data["date"]);
     //$data["end"]=date("d.m.Y", $data["end"]);
     $category_selected[$data["category"]] = " selected";
     $chid = $this->chid;
     $action = "appendEdit";
     $header = "Редактирование";
     eval("\$content=\"" . admin::template("projectsAdd", "FORMPOST", array("fields[url]" => "EXISTS", "fields[title]" => "EXISTS")) . "\";");
     $this->elements["content"] = $content;
 }
Beispiel #14
0
    function edit()
    {
        $db = new sql();
        $db->connect();
        $res = $db->query("select * from users where id=" . $this->id);
        $data = $db->fetch_array($res);
        $data["description"] = htmlspecialchars($data["description"]);
        $chid = $this->chid;
        $action = "appendEdit";
        $id = '<tr>
			<td>№</td>
			<td><input maxlength="14" name="fields[id]" size="14" value="' . $this->id . '" readonly="readonly" style="width: auto;" value="' . $this->id . '"></td>
		</tr>';
        $header = "Редактирование";
        eval("\$content=\"" . admin::template("usersEdit", "FORMPOST", array("fields[login]" => "EXISTS", "fields[name]" => "EXISTS", "confirm" => "EQUAL fields[pass]", "fields[email]" => "EMAIL")) . "\";");
        $this->elements["content"] = $content;
    }
Beispiel #15
0
 function _deleteItem($id)
 {
     global $manager;
     /* Delete pages recursively */
     $res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t*\r\n\t\t\t\tFROM \r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\tWHERE \r\n\t\t\t\t\tparent = '" . $id . "'\r\n\t\t\t");
     while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
         $this->_deleteItem($row['ID']);
     }
     /* Delete the plugin data */
     $delete = array('id' => $id);
     $manager->handleEvent('DeleteItem', $delete);
     /* Delete the revision history */
     revisions::doDeletePage($id);
     /* Delete */
     treeStorage::startTransaction();
     treeStorage::prepareForDelete($id);
     $res = sql::query("\r\n\t\t\t\tDELETE FROM\r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tID='" . $id . "'\r\n\t\t\t");
     treeStorage::stopTransaction();
 }
Beispiel #16
0
 function admin()
 {
     include_once "./lib/config.inc.php";
     session_start();
     if ($_GET["action"] == "logout") {
         session_destroy();
         header("Location: ./");
     }
     if (!$_SESSION["user_id"]) {
         if ($_POST["user"] && $_POST["pass"]) {
             $db = new sql();
             $db->connect();
             $res = $db->query("select id, pass from users where login='******'");
             $data = $db->fetch_array($res);
             if ($data["pass"] == md5($_POST["pass"])) {
                 $_SESSION["user_id"] = $data["id"];
                 header("Location: ./");
             } else {
                 $this->message = "<h3 style=\"color: red;\">Ќеправильный логин или пароль!!!</h3>";
                 $login = $page->template("login", $this);
                 echo $login;
                 exit;
             }
         } else {
             $login = $this->template("login", $this);
             echo $login;
             exit;
         }
     } else {
         $db = new sql();
         $db->connect();
         $res = $db->query("select id, name, admin from users where id=" . $_SESSION["user_id"]);
         $data = $db->fetch_array($res);
         $this->user = $data["name"];
         $this->user_id = $data["id"];
         $this->user_admin = $data["admin"];
     }
     $this->nav = $nav;
     $this->admin_config = $admin_config;
     $this->id = $_GET["chid"] ? $_GET["chid"] : 1;
     $this->action = $_GET["action"];
 }
 function _sel($id = 0, $url = "", $menu = 0)
 {
     $db = new sql();
     $db->connect();
     if ($menu == 1) {
         $where = " and menu=1";
     } else {
         $where = " and menu!=1";
     }
     $res = $db->query("select id, title, url from chapters where (pid={$id} and url<>'searchresult' and url<>'sitemap' and type<>4 and id<>1){$where} order by sortorder");
     if ($db->num_rows($res) > 0) {
         $sel = "<ul>";
         while ($data = $db->fetch_array($res)) {
             $str .= $data["title"];
             $url1 = $url . "/" . $data["url"];
             $sel .= "<li type=\"disc\"><a href=\"{$url1}/\">" . $data["title"] . "</a>\n";
             $sel .= $this->_sel($data["id"], $url1);
             $sel .= "</li>\n";
         }
         $sel .= "</ul>";
         return $sel;
     }
 }
Beispiel #18
0
    function updateBranch($language, $parent = 0, $current = 1)
    {
        $res = sql::query('
			SELECT 
				* 
			FROM 
				' . _TABLE_PREFIX_ . 'contents 
			WHERE 
				language="' . $language . '" AND
				parent="' . $parent . '"
			ORDER BY 
				position
		');
        while ($item = sql::fetch_array($res)) {
            // Set left to current...
            sql::query('
				UPDATE 
					' . _TABLE_PREFIX_ . 'contents 
				SET 
					`left`="' . $current . '"
				WHERE 
					ID="' . $item['ID'] . '" 
			');
            $current = $this->updateBranch($language, $item['ID'], $current + 1);
            // Set left to current...
            sql::query('
				UPDATE 
					' . _TABLE_PREFIX_ . 'contents 
				SET 
					`right`="' . $current . '"
				WHERE 
					ID="' . $item['ID'] . '" 
			');
            $current++;
        }
        return $current;
    }
Beispiel #19
0
 function prepareForDelete($id)
 {
     $res = sql::query("\n\t\t\tSELECT \n\t\t\t\t`right`, \n\t\t\t\t`language` \n\t\t\tFROM \n\t\t\t\t" . _TABLE_PREFIX_ . "contents \n\t\t\tWHERE \n\t\t\t\t`ID` = " . $id . "\n\t\t");
     $ref = sql::fetch_array($res, MYSQL_ASSOC);
     $right = intval($ref['right']);
     $language = $ref['language'];
     treeStorage::_removeSpace($language, $right, 2);
 }
Beispiel #20
0
 function retrieve($id)
 {
     $res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t* \r\n\t\t\t\tFROM \r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "users \r\n\t\t\t\tWHERE \r\n\t\t\t\t\tID='" . $id . "'\r\n\t\t\t");
     if ($details = sql::fetch_array($res, MYSQL_ASSOC)) {
         return $details;
     }
 }
Beispiel #21
0
 function event_CreateRevision(&$data)
 {
     $res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t*\r\n\t\t\t\tFROM \r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\tWHERE \r\n\t\t\t\t\tID = '" . $data['id'] . "' AND\r\n\t\t\t\t\trevision = '" . $data['from'] . "'\r\n\t\t\t");
     while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
         $directory = _BASE_MEDIA_ . 'movies/';
         $filename = files::getUniqueName($row['type'], $directory);
         copy($directory . $row['filename'], $directory . $filename);
         sql::query("\r\n\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie \r\n\t\t\t\t\tSET \r\n\t\t\t\t\t\tID='" . $data['id'] . "', \r\n\t\t\t\t\t\trevision='" . $data['to'] . "',\r\n\t\t\t\t\t\tfilename='" . addslashes($filename) . "',\r\n\t\t\t\t\t\tname='" . addslashes($row['name']) . "',\r\n\t\t\t\t\t\ttype='" . addslashes($row['type']) . "',\r\n\t\t\t\t\t\tsize='" . $row['size'] . "', \r\n\t\t\t\t\t\twidth='" . $row['width'] . "', \r\n\t\t\t\t\t\theight='" . $row['height'] . "', \r\n\t\t\t\t\t\tautostart='" . $row['autostart'] . "'\r\n\t\t\t\t");
     }
 }
Beispiel #22
0
 function _deleteItem($id)
 {
     global $manager, $tree, $lang;
     /* Delete pages recursively */
     $res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t*\r\n\t\t\t\tFROM \r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\tWHERE \r\n\t\t\t\t\tparent = '" . $id . "'\r\n\t\t\t");
     while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
         $this->_deleteItem($row['ID']);
     }
     // Notify other plugins
     $delete = array('id' => $id);
     $manager->handleEvent('DeleteItem', $delete);
     $res = sql::query("\r\n\t\t\t\tDELETE FROM\r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tID='" . $id . "'\r\n\t\t\t");
 }
Beispiel #23
0
 function event_CreateRevision(&$data)
 {
     $res = sql::query("\n\t\t\t\tSELECT \n\t\t\t\t\t*\n\t\t\t\tFROM \n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_story \n\t\t\t\tWHERE \n\t\t\t\t\tID = '" . $data['id'] . "' AND\n\t\t\t\t\trevision = '" . $data['from'] . "'\n\t\t\t");
     while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
         sql::query("\n\t\t\t\t\tINSERT INTO \n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_story \n\t\t\t\t\tSET \n\t\t\t\t\t\tID='" . $data['id'] . "', \n\t\t\t\t\t\trevision=" . $data['to'] . ",\n\t\t\t\t\t\ttext='" . addslashes($row['text']) . "'\n\t\t\t\t");
     }
 }
Beispiel #24
0
 function _files_list($id, $revision)
 {
     $files = array();
     $res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t*, \r\n\t\t\t\t\tUNIX_TIMESTAMP(modified) AS modified \r\n\t\t\t\tFROM \r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\tWHERE \r\n\t\t\t\t\tID='" . $id . "' AND \r\n\t\t\t\t\trevision='" . $revision . "' AND\r\n\t\t\t\t\tattachment = 0 \r\n\t\t\t\tORDER BY \r\n\t\t\t\t\tposition\r\n\t\t\t");
     while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
         $files[] = $row;
     }
     return $files;
 }
Beispiel #25
0
 function admin_types(&$data)
 {
     global $manager, $tree, $user, $lang, $config;
     if ($_SERVER['REQUEST_METHOD'] == 'POST') {
         $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : 'modify';
         switch ($action) {
             case 'modify':
                 $id = $_REQUEST['id'];
                 if (isset($_POST['children_allowed']) && $_POST['children_allowed'][0] == '*') {
                     $childrenAllowed = '*';
                 } else {
                     $childrenAllowed = isset($_POST['children_allowed']) ? implode(',', $_POST['children_allowed']) : '';
                 }
                 if (isset($_POST['parents_allowed']) && $_POST['parents_allowed'][0] == '*') {
                     $parentsAllowed = '*';
                 } else {
                     $parentsAllowed = isset($_POST['parents_allowed']) ? implode(',', $_POST['parents_allowed']) : '';
                 }
                 $res = sql::query("\r\n\t\t\t\t\t\t\tUPDATE \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "types \r\n\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t`name`='" . addslashes($_POST['name']) . "',\r\n\t\t\t\t\t\t\t\t`children_allowed`='" . addslashes($childrenAllowed) . "',\r\n\t\t\t\t\t\t\t\t`parents_allowed`='" . addslashes($parentsAllowed) . "',\r\n\t\t\t\t\t\t\t\t`root_allowed`=" . (isset($_POST['root_allowed']) ? 1 : 0) . ",\r\n\t\t\t\t\t\t\t\t`visible`=" . (isset($_POST['visible']) ? 1 : 0) . ",\r\n\t\t\t\t\t\t\t\t`sort`=" . (isset($_POST['reverse']) ? 0 - $_POST['sort'] : $_POST['sort']) . "\r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t`ID`='" . $id . "'\r\n\t\t\t\t\t\t");
                 $res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "types_groups\r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t`type`='" . $id . "'\r\n\t\t\t\t\t\t");
                 if (isset($_POST['group']) && is_array($_POST['group'])) {
                     while (list($group, $content) = each($_POST['group'])) {
                         $res = sql::query("\r\n\t\t\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "types_groups\r\n\t\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t\t`type`='" . $id . "',\r\n\t\t\t\t\t\t\t\t\t\t`group`='" . addslashes($group) . "',\r\n\t\t\t\t\t\t\t\t\t\t`content`='" . addslashes($content) . "'\r\n\t\t\t\t\t\t\t\t");
                     }
                 }
                 break;
             case 'delete':
                 $id = $_REQUEST['id'];
                 $res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "types \r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t`ID`='" . $id . "'\r\n\t\t\t\t\t\t");
                 $res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "types_groups\r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t`type`='" . $id . "'\r\n\t\t\t\t\t\t");
                 unset($id);
                 break;
             case 'create':
                 $res = sql::query("\r\n\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "types \r\n\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t`name`='" . addslashes($user->lang->s('untitled')) . "',\r\n\t\t\t\t\t\t\t\t`children_allowed`='*',\r\n\t\t\t\t\t\t\t\t`parents_allowed`='*',\r\n\t\t\t\t\t\t\t\t`root_allowed`=1,\r\n\t\t\t\t\t\t\t\t`visible`=1\r\n\t\t\t\t\t\t");
                 $id = sql::insert_id();
                 break;
         }
         if (isset($id)) {
             header("Location: " . url::action('settings') . "/types?id=" . $id);
         } else {
             header("Location: " . url::action('settings') . "/types");
         }
         exit;
     }
     if (isset($_REQUEST['id'])) {
         $id = $_REQUEST['id'];
     }
     $types = array();
     $res = sql::query('SELECT * FROM ' . _TABLE_PREFIX_ . 'types ORDER BY name');
     while ($row = sql::fetch_array($res)) {
         if (!isset($id)) {
             $id = $row['ID'];
         }
         $types[$row['ID']] = $row;
     }
     $all = $types;
     $res = sql::query('SELECT * FROM ' . _TABLE_PREFIX_ . 'plugins_types');
     while ($row = sql::fetch_array($res)) {
         $row['name'] = $user->lang->s($row['ID']);
         $all[$row['ID']] = $row;
     }
     $content = array();
     $res = sql::query('SELECT * FROM ' . _TABLE_PREFIX_ . 'plugins_content ORDER BY name');
     while ($row = sql::fetch_array($res)) {
         $content[] = $row['name'];
     }
     $groups = array();
     for ($i = 0; $i < intval($config->get('contentGroups')); $i++) {
         $groups[$i] = array('name' => $config->get('contentGroup' . $i), 'value' => array());
     }
     $remaining = array_flip($content);
     $res = sql::query('SELECT * FROM ' . _TABLE_PREFIX_ . 'types_groups WHERE `type`="' . $types[$id]['ID'] . '"');
     while ($row = sql::fetch_array($res)) {
         $row['content'] = explode(',', $row['content']);
         while (list(, $c) = each($row['content'])) {
             if (isset($remaining[$c])) {
                 unset($remaining[$c]);
                 $groups[intval($row['group'])]['value'][] = $c;
             }
         }
     }
     $remaining = array_keys($remaining);
     $delete = true;
     $res = sql::query('SELECT * FROM ' . _TABLE_PREFIX_ . 'contents WHERE `type`="' . $types[$id]['ID'] . '" LIMIT 1');
     if ($row = sql::fetch_array($res)) {
         $delete = false;
     }
     $tpl = new Template($this->getTemplate('settings.template'));
     $tpl->set("url", url::action('settings') . '/types');
     $tpl->set('all', $all);
     $tpl->set('types', $types);
     $tpl->set('groups', $groups);
     $tpl->set('remaining', $remaining);
     $tpl->set('delete', $delete);
     $tpl->set('id', $id);
     $data['template']->set('content', $tpl->fetch());
     // Make sure the following assets are included
     $data['page']->assets->registerCSS($this->localAsset('editor.css'));
 }
Beispiel #26
0
 function registered()
 {
     $registered = array();
     $res = sql::query('SELECT * FROM ' . _TABLE_PREFIX_ . 'plugins ORDER BY `name`');
     while ($row = sql::fetch_array($res)) {
         $registered[] = $row['name'];
     }
     return $registered;
 }
Beispiel #27
0
    function event_ExecuteEditor(&$data)
    {
        global $tree, $lang, $user, $config, $manager;
        if ($data['sheet'] == 'navigation') {
            $item =& $data['item'];
            $allow = false;
            $allow = $allow || $tree->_hasRights('admin', $item['rights']);
            if ($item['parent'] != '' && $item['parent'] != '0') {
                $parent =& $tree->getItemById($item['parent']);
                $allow = $allow || $tree->_hasRights('admin', $parent['rights']);
            }
            $errors = array();
            $tpl = new Template($this->getTemplate('editor.template'));
            if ($_SERVER['REQUEST_METHOD'] == 'POST') {
                $hidden = isset($_POST['hidden']) && $_POST['hidden'] == 'yes' ? 0 : 1;
                $set = isset($_POST['set']) ? intval($_POST['set']) : 0;
                $res = sql::query("\r\n\t\t\t\t\t\tUPDATE \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents \r\n\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t`set` = '" . addslashes($set) . "', \r\n\t\t\t\t\t\t\t`visible` = '" . $hidden . "' \r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t`ID` = '" . $item['id'] . "'\r\n\t\t\t\t\t");
                if ($allow && isset($_POST['position'])) {
                    for ($i = 0; $i < intval($config->get('navigationSets')); $i++) {
                        $position = explode(',', $_POST['position'][$i]);
                        if ($set != $i) {
                            while (list($p, $id) = each($position)) {
                                if ($id == $item['id']) {
                                    unset($position[$p]);
                                }
                            }
                            reset($position);
                        }
                        /* Also include all disabled siblings, but at the bottom... */
                        $res = sql::query('
								SELECT 
									`ID`
								FROM 
									' . _TABLE_PREFIX_ . 'contents 
								WHERE 
									`parent` = ' . $item['parent'] . ' AND
									`set` = ' . $set . ' AND 
									`status` = 2 
								ORDER BY 
									`position`
							');
                        while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
                            $position[] = $row['ID'];
                        }
                        /* Sort */
                        while (list($p, $id) = each($position)) {
                            treeStorage::startTransaction();
                            treeStorage::prepareForMove($id, $item['parent'], $item['meta']['language']);
                            $res = sql::query("\r\n\t\t\t\t\t\t\t\t\tUPDATE \r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents \r\n\t\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t\t`position`='" . addslashes($p + 100 * $set) . "'\r\n\t\t\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t\t\t`ID` = '" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t\t");
                            treeStorage::stopTransaction();
                        }
                    }
                    header("Location: " . url::item($data['params']['id'], 'edit') . "/navigation");
                    exit;
                }
            }
            if ($data['item']['parent'] != '' && $data['item']['parent'] != '0') {
                $tpl->set('pages', $parent['children']);
            } else {
                // Make a copy that we can edit...
                $pages = $tree->tree;
                reset($pages);
                while (list($k, ) = each($pages)) {
                    if ($pages[$k]['id'] == 'admin') {
                        unset($pages[$k]);
                        continue;
                    }
                    if ($pages[$k]['status'] > 1) {
                        unset($pages[$k]);
                        continue;
                    }
                    /*
                    if ($data['item']['parent'] == 0 && $pages[$k]['set'] != $data['item']['set']) {
                    	unset($pages[$k]);
                    	continue;
                    }
                    */
                }
                $tpl->set('pages', $pages);
            }
            // Determine if we must sort this item manually
            $sort = 0;
            $hidden = true;
            if ($item['parent'] > 0) {
                $parent =& $tree->getItemById($item['parent']);
                if (isset($manager->types[$parent['type']])) {
                    $sort = $manager->types[$parent['type']]['sort'];
                    $hidden = $manager->types[$parent['type']]['visible'] == 0;
                }
            }
            $tpl->set('item', $data['item']);
            $tpl->set('id', $data['params']['id']);
            $tpl->set('allow', $allow);
            $tpl->set('hidden', $hidden);
            $tpl->set('sort', $sort);
            $tpl->set('sets', intval($config->get('navigationSets')));
            $data['template']->append('content', $tpl->fetch());
        }
    }
 function showAuthorSelectJS()
 {
     $db = new sql();
     $db->connect();
     $res = $db->query("select id, firstname, secondname, lastname from authors order by lastname, firstname, secondname");
     while ($data = $db->fetch_array($res)) {
         $i++;
         $chid = $this->chid;
         $data["fio"] = $data["lastname"] . ($data["firstname"] ? " " . $data["firstname"] : "") . ($data["secondname"] ? " " . $data["secondname"] : "");
         eval('$authorsJSline.="' . admin::template("authorsJSline") . '";');
     }
     eval('$content="' . admin::template("authorsJS") . '";');
     echo $content;
 }
Beispiel #29
0
 function _get_tree($id = 0, $open_nodes, $level = 0, $counter = false)
 {
     global $cid, $lid, $lang;
     $level++;
     $db = new sql();
     $db->connect();
     $res = $db->query("select id, pid, title, LENGTH(text) as bl, url, type, state from chapters where pid={$id} order by sortorder");
     if ($db->num_rows($res) > 0) {
         $s .= "\n";
         while ($data = $db->fetch_array($res)) {
             $bl = $data["bl"] ? number_format($data["bl"] / 1024, 2, ',', ' ') . "&nbsp;КБ" : "";
             $gc = $this->_got_child($data["id"]);
             $img = $gc ? $open_nodes[$data["id"]] ? "minus" : "plus" : "dot";
             $l = $data["type"] ? "_" : "";
             $img1 = $open_nodes[$data["id"]] ? "folderopen" . $l : "folder" . $l;
             $pid = $open_nodes[$data["id"]] ? $data["pid"] : $data["id"];
             $a_o = $gc ? "<a href=\"?chid=" . $this->chid . "&id={$pid}\" style=\"color: black;\" id=\"tree\">" : "";
             $a_c = $gc ? "</a>" : "";
             $lid = $this->id;
             $del = $gc || $data["id"] == "1" ? "&nbsp;<img src=\"i/dot.gif\" alt=\"\" width=\"16\" height=\"16\" border=\"0\">" : "&nbsp;<a href=\"?chid=" . $this->chid . "&action=delete&id=" . $data["id"] . "&lid={$lid}\" class=\"buttons\"><img src=\"i/del.gif\" alt=\"Удалить\" width=\"16\" height=\"16\" border=\"0\" onClick=\"return submit_delete(" . $data["id"] . ")\"></a>";
             $s .= "<tr><td><img src=\"i/dot.gif\" alt=\"\" width=\"" . ($level - 1) * 20 . "\" height=\"1\" border=\"0\">{$a_o}<img src=\"i/" . $img . ".gif\" alt=\"\" border=\"0\" align=\"absmiddle\" height=\"16\" width=\"16\"><img id=\"icon" . $data["id"] . "\" src=\"i/{$img1}.gif\" alt=\"\" border=\"0\" align=\"absmiddle\" height=\"16\" width=\"16\" hspace=\"5\" class=\"dragme\">" . $data["title"] . "{$a_c}</span></td><td style=\"color: gray;\" align=\"right\">{$bl}</td><td align=\"center\"><img src=\"i/" . ($data["state"] ? "dot" : "hidden") . ".gif\" alt=\"" . ($data["state"] ? "" : "скрыто") . "\" width=\"32\" height=\"16\" border=\"0\"></td><td style=\"white-space: nowrap;\">&nbsp;&nbsp;<a href=\"?chid=" . $this->chid . "&action=edit&id=" . $data["id"] . "&lid={$lid}\" class=\"buttons\"><img src=\"i/edit.gif\" alt=\"Редактировать\" width=\"16\" height=\"16\" border=\"0\"></a>{$del}&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href=\"?chid=" . $this->chid . "&action=add&pid=" . $data["id"] . "&level=" . ($level + 1) . "&lid={$lid}\" class=\"buttons\"><img src=\"i/add.gif\" alt=\"Добавить\" width=\"16\" height=\"16\" border=\"0\"></a>&nbsp;&nbsp;</td></tr>\n";
             if ($open_nodes[$data["id"]]) {
                 $s .= $this->_get_tree($data["id"], $open_nodes, $level, &$counter);
             }
         }
         $s .= "\n";
         return $s;
     }
 }
Beispiel #30
0
 function _getUserList($group = null)
 {
     $users = array();
     $res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t* \r\n\t\t\t\tFROM\r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "users\r\n\t\t\t\tORDER BY\r\n\t\t\t\t\tID\r\n\t\t\t");
     while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
         $users[$row['ID']] = $row;
     }
     if ($group != null) {
         $res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t* \r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "users_groups\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t`group` = " . $group . "\r\n\t\t\t\t");
         while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
             $users[$row['user']]['selected'] = true;
         }
     }
     return $users;
 }