$contE = $mysqli->real_escape_string($_POST['Content']);
}
$javasc = $mysqli->real_escape_string(strip_tags($_POST['javascript']));
$style = $mysqli->real_escape_string(strip_tags($_POST['css']));
$prE = $_POST['Privacy'];
$thumb = $_POST['thumbnail'];
$update = "UPDATE {$blogl} SET title = '{$nameE}', message = '{$contE}', javascript = '{$javasc}', css = '{$style}', privacy = {$prE}, cat_id = {$cat}, thumbnail = '{$thumb}', isDraft = 0 WHERE id=" . $aid;
$result = $mysqli->query($update);
echo "<h2>{$loc_edt_post}</h2>";
echo "{$loc_done}. <a href='{$protocol}://" . $_SERVER['HTTP_HOST'] . "/system.php?mode=admin&man=posts'>{$loc_return}</a>.</div>";
echo "<meta http-equiv='refresh' content='0; {$protocol}://" . $_SERVER['HTTP_HOST'] . "/system.php?mode=admin&man=posts' />";
} else {
if ($_POST['Save']) {
$nameE = $mysqli->real_escape_string($_POST['Name']);
$cat = $_POST['Category'];
if (cbx('breakline') == 0) {
$contE = $mysqli->real_escape_string(nl2br($_POST['Content']));
} else {
$contE = $mysqli->real_escape_string($_POST['Content']);
}
$javasc = $mysqli->real_escape_string(strip_tags($_POST['javascript']));
$style = $mysqli->real_escape_string(strip_tags($_POST['css']));
$prE = $_POST['Privacy'];
$thumb = $_POST['thumbnail'];
$date = mktime();
$update = "UPDATE {$blogl} SET title = '{$nameE}', message = '{$contE}', javascript = '{$javasc}', css = '{$style}', privacy = {$prE}, post_date = {$date}, cat_id = {$cat}, thumbnail = '{$thumb}', isDraft = 1 WHERE id=" . $aid;
$result = $mysqli->query($update);
echo "<h2>{$loc_edt_post}</h2>";
echo "{$loc_done}. <a href='{$protocol}://" . $_SERVER['HTTP_HOST'] . "/system.php?mode=admin&man=posts'>{$loc_return}</a>.</div>";
echo "<meta http-equiv='refresh' content='0; {$protocol}://" . $_SERVER['HTTP_HOST'] . "/system.php?mode=admin&man=posts' />";
} else {
ob_start();
if ($powza <= 0) {
echo $loc_no_access;
exit;
}
ob_end_clean();
echo "<h1>{$loc_plugins}</h1>";
$mysqli = new mysqli($hosty, $uname, $paswd, $dbnme);
echo "<a href='index.php'>{$loc_return}</a><br /><br />";
if ($_POST['Submit']) {
$loadplugs = $mysqli->prepare("SELECT id, name, description, isOn FROM blg_plugins");
$loadplugs->execute();
$loadplugs->bind_result($plugid, $plugname, $plugdesc, $plugon);
$loadplugs->store_result();
while ($loadplugs->fetch()) {
$ison = cbx($plugid);
$result = $mysqli->query("UPDATE blg_plugins SET isOn = {$ison} WHERE id = {$plugid}");
}
echo "{$loc_done}. <a href='?mode=plugins'>{$loc_return}</a>.";
} else {
$loadplugs = $mysqli->prepare("SELECT id, name, description, isOn FROM blg_plugins");
$loadplugs->execute();
$loadplugs->bind_result($plugid, $plugname, $plugdesc, $plugon);
$loadplugs->store_result();
echo "<table border=1><form action='?mode=plugins' method='post'>";
while ($loadplugs->fetch()) {
echo "<tr>\n\t\t\t\t<td><input type='checkbox' name='{$plugid}' ";
if ($plugon == 1) {
echo "checked";
}
echo "></td>\n\t\t\t\t<td width=20%>{$plugname}</td>\n\t\t\t\t<td width=90%>{$plugdesc}</td>\n\t\t\t</tr>";
die("Please fill in your administrator details.");
}
if (empty($_POST['sitename']) || empty($_POST['sitedecro']) || empty($_POST['sitetags'])) {
die("Please fill in your site information.");
}
// Edit the Config File.
$configFile = fopen("../config.php", "w") or die("Unable to Open File!");
$config = "<?php\n\$hosty = \"" . $_POST['hostname'] . "\";\n\$uname = \"" . $_POST['username2'] . "\";\n\$paswd = \"" . $_POST['password2'] . "\";\n\$dbnme = \"" . $_POST['dbname'] . "\";\n\n\$defaultlang = \"" . $_POST['slang'] . "\";\n\n\$locale = \"\";\n\$blogl = \"blg_blogs_\"; // Blog Posts\n\$blogc = \"blg_comments_\"; // Blog Comments\n\$blogp = \"blg_pages_\"; // Blog Pages\n\$blogt = \"blg_categories_\"; // Blog Categories\n\n\$lc = \$_GET[\"lang\"];\n\n\$dateF = \"d-m-Y\";\n\$timeF = \"G:i T\";\n\n\$captchaSiteKey = \"" . $_POST['captchaSit'] . "\";\n\$captchaSecretKey = \"" . $_POST['captchaSec'] . "\";\n\n\$tz_time = date_default_timezone_set(\"Europe/Amsterdam\");\n\nif (empty(\$lc)) {\n if (empty(\$_COOKIE[\"lang_cookie\"])) {\n \$locale = \$defaultlang;\n }\n\telse {\n \t\$locale = \$_COOKIE[\"lang_cookie\"];\n }\n}\nelse {\n \t\$locale = \$lc;\n}\n\n\$blogl = \$blogl.\$locale;\n\$blogc = \$blogc.\$locale;\n\$blogp = \$blogp.\$locale;\n\$blogt = \$blogt.\$locale;\n?>";
fwrite($configFile, $config);
fclose($configFile);
echo "Config File successfully made.<br /><br />";
include "../config.php";
include "../module/postfunctions.php";
$mysqli = new mysqli($hosty, $uname, $paswd, $dbnme);
$slang = $_POST['slang'];
if (cbx('koto') == 1) {
$mysqli->query("CREATE TABLE IF NOT EXISTS `blg_blogs_{$slang}` (\n `id` int(10) NOT NULL AUTO_INCREMENT,\n `title` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,\n `slug` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,\n `message` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,\n `javascript` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,\n `css` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,\n `user_id` int(10) NOT NULL,\n `post_date` int(10) NOT NULL,\n `privacy` int(1) NOT NULL,\n `cat_id` int(10) NOT NULL,\n `thumbnail` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,\n `isDraft` int(1) NOT NULL,\n PRIMARY KEY (`id`)\n) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=0;");
echo "Table 'blg_blogs_{$slang}' successfully created.<br />";
$mysqli->query("INSERT INTO `blg_blogs_{$slang}` (`id`, `title`, `slug`, `message`, `javascript`, `css`, `user_id`, `post_date`, `privacy`, `cat_id`, `thumbnail`) VALUES\n(1, 'Hello World!', 'hello-world', 'Hello there, welcome to [b]KotoPasta[/b]! :awsum:<br />\r\nAs you can see, installation was a success! Yay!<br />\r\nEnjoy it all you can!', '', '', 1, 0, 0, 1, '');");
echo "Table 'blg_blogs_{$slang}' successfully inserted.<br />";
$mysqli->query("CREATE TABLE IF NOT EXISTS `blg_categories_{$slang}` (\n `id` int(10) NOT NULL AUTO_INCREMENT,\n `title` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,\n PRIMARY KEY (`id`)\n) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=0;");
echo "Table 'blg_categories_{$slang}' successfully created.<br />";
$mysqli->query("INSERT INTO `blg_categories_{$slang}` (`id`, `title`) VALUES\n(1, 'Default');");
echo "Table 'blg_categories_{$slang}' successfully inserted.<br />";
$mysqli->query("CREATE TABLE IF NOT EXISTS `blg_comments_{$slang}` (\n `id` int(10) NOT NULL AUTO_INCREMENT,\n `post_id` int(10) NOT NULL,\n `message` text NOT NULL,\n `user_id` int(10) NOT NULL,\n `post_date` int(10) NOT NULL,\n `delete` int(1) NOT NULL DEFAULT '0',\n `last_edit` int(10) NOT NULL,\n `ip_address` varchar(15) NOT NULL DEFAULT '0.0.0.0',\n PRIMARY KEY (`id`)\n) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=0;");
echo "Table 'blg_comments_{$slang}' successfully created.<br />";
$mysqli->query("INSERT INTO `blg_comments_{$slang}` (`id`, `post_id`, `message`, `user_id`, `post_date`, `delete`, `last_edit`, `ip_address`) VALUES\n(1, 1, 'Test Comment.', 1, 0, 0, 0, '0.0.0.0');");
echo "Table 'blg_comments_{$slang}' successfully inserted.<br />";
$mysqli->query("CREATE TABLE IF NOT EXISTS `blg_jokes` (\n `id` int(10) NOT NULL AUTO_INCREMENT,\n `joke` text CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,\n PRIMARY KEY (`id`)\n) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=0;");
echo "Table 'blg_jokes' successfully created.<br />";
$mysqli->query("INSERT INTO `blg_jokes` (`id`, `joke`) VALUES\n(1, 'Jokes need to be added through PHPMyAdmin.');");
exit;
}
if ($aid == $cookuid) {
echo "You can't send PMs to yourself...";
exit;
}
$top = "SELECT id, username, `group`, gender, display_name, name_colour FROM usr_users WHERE id = " . $aid;
$stmt1 = $mysqli->prepare($top);
$stmt1->execute();
$stmt1->bind_result($uid, $uusername, $ugroup, $ugender, $udis, $unamecol);
$stmt1->store_result();
while ($stmt1->fetch()) {
$title = $mysqli->real_escape_string(nl2br($_POST['title']));
$ldate = mktime();
$message = $mysqli->real_escape_string(nl2br($_POST['message']));
$nolayout = cbx('nolayout');
if ($_POST['submit']) {
if (empty($_POST['message'])) {
echo "<h1>{$loc_reply_stuff_missing}</h1>";
} else {
$stmt = $mysqli->prepare("SELECT MAX(id) FROM usr_pms");
$stmt->execute();
$stmt->bind_result($maxid);
$mid = 0;
while ($stmt->fetch()) {
$mid = $maxid;
}
$stmt->close();
$res = "INSERT INTO usr_pms (id, `title`, `from`, `to`, replies, last_date, last_uid, `lock`) VALUES (NULL, '{$title}', {$cookuid}, {$aid}, 0, {$ldate}, {$cookuid}, 0);";
$res .= "INSERT INTO usr_private_messages (id, mes_id, user_id, post_date, message, lastedit, nolayout, is_start) VALUES (NULL, {$mid}+1, {$cookuid}, {$ldate}, '{$message}', 0, {$nolayout}, 1)";
//echo $res;
