function categoryExists($chid, $game = false)
{
return channelExists($chid, $game);
}
function constructQuery($module)
{
global $smarty;
$query_module = '';
if ($module == 'private' or $module == 'public') {
$query_module = " AND v.type = '" . $module . "'";
}
$query = array();
$query_select = "SELECT v.*,s.username FROM video AS v, signup AS s WHERE v.UID = s.UID" . $query_module;
$query_count = "SELECT count(v.VID) AS total_videos FROM video AS v WHERE v.VID != ''" . $query_module;
$query_add = $query_module != '' ? " AND" : " WHERE";
$query_option = array();
$channel = isset($_GET['CID']) && is_numeric($_GET['CID']) && channelExists($_GET['CID']) ? trim($_GET['CID']) : NULL;
$option_orig = array('username' => '', 'title' => '', 'description' => '', 'keyword' => '', 'channel' => $channel, 'active' => '', 'sort' => 'VID', 'order' => 'DESC', 'display' => 100);
$all = isset($_GET['all']) ? intval($_GET['all']) : 0;
if ($all == 1) {
unset($_SESSION['search_videos_option']);
}
$option = isset($_SESSION['search_videos_option']) ? $_SESSION['search_videos_option'] : $option_orig;
if (isset($_POST['search_videos'])) {
$option['username'] = trim($_POST['username']);
$option['title'] = trim($_POST['title']);
$option['description'] = trim($_POST['description']);
$option['keyword'] = trim($_POST['keyword']);
$option['channel'] = intval(trim($_POST['channel']));
$option['active'] = trim($_POST['active']);
$option['sort'] = trim($_POST['sort']);
$option['order'] = trim($_POST['order']);
$option['display'] = trim($_POST['display']);
if ($option['username'] != '' || isset($_GET['UID'])) {
if ($option['username'] != '') {
$UID = getUserID($option['username']);
} else {
$UID = isset($_GET['UID']) && is_numeric($_GET['UID']) ? $_GET['UID'] : 0;
}
$UID = $UID ? $UID : 0;
$query_option[] = " AND v.UID = '" . mysql_real_escape_string($UID) . "'";
}
if ($option['title'] != '') {
$query_option[] = " AND v.title LIKE '%" . mysql_real_escape_string($option['title']) . "%'";
}
if ($option['description'] != '') {
$query_option[] = " AND v.description LIKE '%" . mysql_real_escape_string($option['description']) . "%'";
}
if ($option['keyword'] != '') {
$query_option[] = " AND v.keyword LIKE '%" . mysql_real_escape_string($option['keyword']) . "%'";
}
if ($option['channel'] != '') {
$query_option[] = " AND v.channel = " . intval($option['channel']);
}
if ($option['active'] == '0' || $option['active'] == '1') {
$query_option[] = " AND v.active = '" . $option['active'] . "'";
}
$_SESSION['search_videos_option'] = $option;
}
$query_option[] = " ORDER BY " . $option['sort'] . " " . $option['order'];
$query['select'] = $query_select . implode(' ', $query_option);
$query['count'] = $query_count . implode(' ', $query_option);
$query['page_items'] = $option['display'];
$smarty->assign('option', $option);
return $query;
}
<?php
defined('_VALID') or die('Restricted Access!');
Auth::checkAdmin();
$chimg = $config['BASE_DIR'] . '/media/categories/game';
if (!file_exists($chimg) or !is_dir($chimg) or !is_writable($chimg)) {
$errors[] = 'Category image directory \'' . $chimg . '\' is not writable!';
}
$channel = array();
$CID = isset($_GET['CID']) && is_numeric($_GET['CID']) ? trim($_GET['CID']) : NULL;
$CID = $CID && channelExists($CID, true) ? $CID : NULL;
if (!$CID) {
$errors[] = 'Category does not exist! Invalid channel id!?';
}
if (isset($_POST['edit_channel']) && !$errors) {
$name = trim($_POST['name']);
if ($name == '') {
$errors[] = 'Category name field cannot be blank!';
}
if (!$errors) {
$sql = "UPDATE game_categories SET category_name = '" . mysql_real_escape_string($name) . "' WHERE category_id = '" . mysql_real_escape_string($CID) . "' LIMIT 1";
$conn->execute($sql);
if ($_FILES['picture']['tmp_name'] != '') {
require $config['BASE_DIR'] . '/classes/image.class.php';
$image = new VImageConv();
$image->process($_FILES['picture']['tmp_name'], $chimg . '/' . $CID . '.jpg', 'MAX_WIDTH', 384, 216);
$image->canvas(384, 216, '000000', true);
}
}
if (!$errors) {
$messages[] = 'Category updated successfuly!';
<?php
defined('_VALID') or die('Restricted Access!');
Auth::checkAdmin();
$channel = array();
$CID = isset($_GET['CID']) && is_numeric($_GET['CID']) ? trim($_GET['CID']) : NULL;
$CID = $CID && channelExists($CID) ? $CID : NULL;
if ($CID) {
$sql = "SELECT * FROM channel WHERE CHID = '" . mysql_real_escape_string($CID) . "' LIMIT 1";
$rs = $conn->execute($sql);
$channel = $rs->getrows();
} else {
$err = 'Channel does not exist! Invalid channel id!?';
session_write_close();
header('Location: channels.php?err=' . $err);
die;
}
$smarty->assign('channel', $channel);
function constructQuery($module)
{
global $smarty;
$query_module = '';
if ($module == 'private' or $module == 'public') {
$query_module = " AND g.type = '" . $module . "'";
}
$query = array();
$query_select = "SELECT g.*,s.username FROM game AS g, signup AS s WHERE g.UID = s.UID" . $query_module;
$query_count = "SELECT count(g.GID) AS total_games FROM game AS g WHERE g.GID != ''" . $query_module;
$query_add = $query_module != '' ? " AND" : " WHERE";
$query_option = array();
$channel = isset($_GET['CID']) && is_numeric($_GET['CID']) && channelExists($_GET['CID']) ? trim($_GET['CID']) : NULL;
$option = array('username' => '', 'title' => '', 'keyword' => '', 'channel' => $channel, 'status' => '', 'sort' => 'g.GID', 'order' => 'DESC', 'display' => 10);
if (isset($_POST['search_games'])) {
$option['username'] = trim($_POST['username']);
$option['title'] = trim($_POST['title']);
$option['keyword'] = trim($_POST['keyword']);
$option['channel'] = trim($_POST['channel']);
$option['status'] = trim($_POST['status']);
$option['sort'] = trim($_POST['sort']);
$option['order'] = trim($_POST['order']);
$option['display'] = trim($_POST['display']);
}
if ($option['username'] != '' || isset($_GET['UID'])) {
if ($option['username'] != '') {
$UID = getUserID($option['username']);
} else {
$UID = isset($_GET['UID']) && is_numeric($_GET['UID']) ? $_GET['UID'] : 0;
}
$UID = $UID ? $UID : 0;
$query_option[] = " AND g.UID = '" . mysql_real_escape_string($UID) . "'";
}
if ($option['title'] != '') {
$query_option[] = " AND g.title LIKE '%" . mysql_real_escape_string($option['title']) . "%'";
}
if ($option['keyword'] != '') {
$query_option[] = " AND g.tags LIKE '%" . mysql_real_escape_string($option['keyword']) . "%'";
}
if ($option['channel'] != '') {
$query_option[] = " AND g.category = " . intval($option['channel']);
}
if ($option['status'] === 0 || $option['status'] === 1) {
$query_option[] = " AND g.status = " . intval($option['status']);
}
$query_option[] = " ORDER BY " . $option['sort'] . " " . $option['order'];
$query['select'] = $query_select . implode(' ', $query_option);
$query['count'] = $query_count . implode(' ', $query_option);
$query['page_items'] = $option['display'];
$smarty->assign('option', $option);
return $query;
}
