function cmtx_delete_replies($id) { //delete replies of comment global $cmtx_mysql_table_prefix; $query = cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "comments` WHERE `reply_to` = '{$id}'"); while ($comments = cmtx_db_fetch_assoc($query)) { $id = $comments["id"]; cmtx_db_query("DELETE FROM `" . $cmtx_mysql_table_prefix . "comments` WHERE `id` = '{$id}'"); cmtx_db_query("DELETE FROM `" . $cmtx_mysql_table_prefix . "voters` WHERE `comment_id` = '{$id}'"); cmtx_db_query("DELETE FROM `" . $cmtx_mysql_table_prefix . "reporters` WHERE `comment_id` = '{$id}'"); cmtx_delete_replies($id); } }
?> <tr> <td><input type="checkbox" name="bulk[]" value="<?php echo $comment["id"]; ?> " onclick="bulk_check();"/></td> <?php $id = $comment["id"]; ?> <td><?php echo $comment["name"]; ?> </td> <?php $page_id = $comment["page_id"]; $page_reference_query = cmtx_db_query("SELECT `reference` FROM `" . $cmtx_mysql_table_prefix . "pages` WHERE `id` = '{$page_id}'"); $page_reference_result = cmtx_db_fetch_assoc($page_reference_query); ?> <td><?php echo $page_reference_result["reference"]; ?> </td> <?php $comment1 = $comment["comment"]; $comment1 = str_ireplace("<br />", " ", $comment1); $comment1 = str_ireplace("<p></p>", " ", $comment1); $comment1 = strip_tags($comment1); $comment1 = cmtx_decode($comment1); $comment1 = substr($comment1, 0, 75); $comment1 = htmlspecialchars($comment1, ENT_NOQUOTES, 'UTF-8'); ?>
?> </div> <div style="clear: left;"></div> <?php } else { if (isset($_POST['submit'])) { cmtx_check_csrf_form_key(); if (isset($_POST['enabled'])) { $task_enabled_delete_bans = 1; } else { $task_enabled_delete_bans = 0; } $days_to_delete_bans = $_POST['days']; $days_to_delete_bans_san = (int) $days_to_delete_bans; cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$task_enabled_delete_bans}' WHERE `title` = 'task_enabled_delete_bans'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$days_to_delete_bans_san}' WHERE `title` = 'days_to_delete_bans'"); ?> <div class="success"><?php echo CMTX_MSG_SAVED; ?> </div> <div style="clear: left;"></div> <?php } } ?> <p /> <?php echo CMTX_DESC_TASK_DELETE_BANS;
$check_honeypot = 1; } else { $check_honeypot = 0; } if (isset($_POST['check_time'])) { $check_time = 1; } else { $check_time = 0; } $ban_cookie_days = $_POST['ban_cookie_days']; $ban_cookie_days_san = (int) $ban_cookie_days; cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$check_referrer}' WHERE `title` = 'check_referrer'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$check_db_file}' WHERE `title` = 'check_db_file'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$check_honeypot}' WHERE `title` = 'check_honeypot'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$check_time}' WHERE `title` = 'check_time'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$ban_cookie_days_san}' WHERE `title` = 'ban_cookie_days'"); ?> <div class="success"><?php echo CMTX_MSG_SAVED; ?> </div> <div style="clear: left;"></div> <?php } } ?> <p /> <?php echo CMTX_DESC_SETTINGS_SECURITY;
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_reply_to_san}' WHERE `title` = 'admin_email_test_reply_to'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_name_san}' WHERE `title` = 'admin_new_ban_from_name'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_email_san}' WHERE `title` = 'admin_new_ban_from_email'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_reply_to_san}' WHERE `title` = 'admin_new_ban_reply_to'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_name_san}' WHERE `title` = 'admin_new_comment_approve_from_name'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_email_san}' WHERE `title` = 'admin_new_comment_approve_from_email'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_reply_to_san}' WHERE `title` = 'admin_new_comment_approve_reply_to'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_name_san}' WHERE `title` = 'admin_new_comment_okay_from_name'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_email_san}' WHERE `title` = 'admin_new_comment_okay_from_email'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_reply_to_san}' WHERE `title` = 'admin_new_comment_okay_reply_to'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_name_san}' WHERE `title` = 'admin_new_flag_from_name'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_email_san}' WHERE `title` = 'admin_new_flag_from_email'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_reply_to_san}' WHERE `title` = 'admin_new_flag_reply_to'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_name_san}' WHERE `title` = 'admin_reset_password_from_name'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_email_san}' WHERE `title` = 'admin_reset_password_from_email'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_reply_to_san}' WHERE `title` = 'admin_reset_password_reply_to'"); ?> <div class="success"><?php echo CMTX_MSG_SAVED; ?> </div> <div style="clear: left;"></div> <?php } } ?> <p /> <?php echo CMTX_DESC_SETTINGS_EMAIL_SENDER;
} $news = cmtx_sanitize($news, true, false); echo nl2br($news); } ?> </div> </div> <div class="dashboard_block"> <div class="dashboard_title"><?php echo CMTX_DASH_QUICK_LINKS; ?> </div> <div class="dashboard_content"> <?php $pages = cmtx_db_query("SELECT `page`, COUNT(*) AS `frequency` FROM `" . $cmtx_mysql_table_prefix . "access` WHERE `page` != 'dashboard' AND `page` != 'spam' AND `page` NOT LIKE 'edit%' GROUP BY `page` ORDER BY `frequency` DESC LIMIT 5"); if (cmtx_db_num_rows($pages) != 5) { echo CMTX_DASH_QUICK_LINKS_NO_DATA; } else { $i = 1; while ($row = cmtx_db_fetch_row($pages)) { echo $i . ". <a href='index.php?page=" . $row[0] . "'>" . $row[0] . "</a>"; if ($i != 5) { echo "<br />"; } $i++; } } ?> </div> </div>
<div class="success"><?php echo CMTX_MSG_SAVED; ?> </div> <div style="clear: left;"></div> <?php } ?> <?php } } ?> <?php $administrator = cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "admins` WHERE `id` = '{$admin_id}'"); $administrator = cmtx_db_fetch_assoc($administrator); $username = $administrator["username"]; $email = $administrator["email"]; $receive_email_new_ban = $administrator["receive_email_new_ban"]; $receive_email_new_comment_approve = $administrator["receive_email_new_comment_approve"]; $receive_email_new_comment_okay = $administrator["receive_email_new_comment_okay"]; $receive_email_new_flag = $administrator["receive_email_new_flag"]; ?> <p /> <?php echo CMTX_DESC_SETTINGS_ADMIN; ?>
$banned_towns_enabled = 0; } $banned_towns_action = $_POST['banned_towns_action']; $link_in_town_action_san = cmtx_sanitize($link_in_town_action); $reserved_towns_action_san = cmtx_sanitize($reserved_towns_action); $dummy_towns_action_san = cmtx_sanitize($dummy_towns_action); $banned_towns_action_san = cmtx_sanitize($banned_towns_action); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$fix_town_enabled}' WHERE `title` = 'fix_town_enabled'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$detect_link_in_town_enabled}' WHERE `title` = 'detect_link_in_town_enabled'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$link_in_town_action_san}' WHERE `title` = 'link_in_town_action'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$reserved_towns_enabled}' WHERE `title` = 'reserved_towns_enabled'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$reserved_towns_action_san}' WHERE `title` = 'reserved_towns_action'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$dummy_towns_enabled}' WHERE `title` = 'dummy_towns_enabled'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$dummy_towns_action_san}' WHERE `title` = 'dummy_towns_action'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$banned_towns_enabled}' WHERE `title` = 'banned_towns_enabled'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$banned_towns_action_san}' WHERE `title` = 'banned_towns_action'"); ?> <div class="success"><?php echo CMTX_MSG_SAVED; ?> </div> <div style="clear: left;"></div> <?php } } ?> <p /> <?php echo CMTX_DESC_SETTINGS_PROCESSING_TOWN;
} else { $captcha_type = 'securimage'; } $recaptcha_public_key = $_POST['recaptcha_public_key']; $recaptcha_private_key = $_POST['recaptcha_private_key']; $recaptcha_theme = $_POST['recaptcha_themes']; $recaptcha_language = $_POST['recaptcha_languages']; $recaptcha_public_key_san = cmtx_sanitize($recaptcha_public_key); $recaptcha_private_key_san = cmtx_sanitize($recaptcha_private_key); $recaptcha_theme_san = cmtx_sanitize($recaptcha_theme); $recaptcha_language_san = cmtx_sanitize($recaptcha_language); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$captcha_type}' WHERE `title` = 'captcha_type'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$recaptcha_public_key_san}' WHERE `title` = 'recaptcha_public_key'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$recaptcha_private_key_san}' WHERE `title` = 'recaptcha_private_key'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$recaptcha_theme_san}' WHERE `title` = 'recaptcha_theme'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$recaptcha_language_san}' WHERE `title` = 'recaptcha_language'"); ?> <div class="success"><?php echo CMTX_MSG_SAVED; ?> </div> <div style="clear: left;"></div> <?php } } ?> <p /> <?php echo CMTX_DESC_LAYOUT_FORM_RECAPTCHA;
$field_maximum_question = $_POST['field_maximum_question']; $field_maximum_captcha = $_POST['field_maximum_captcha']; $field_maximum_name_san = (int) $field_maximum_name; $field_maximum_email_san = (int) $field_maximum_email; $field_maximum_website_san = (int) $field_maximum_website; $field_maximum_town_san = (int) $field_maximum_town; $comment_maximum_characters_san = (int) $comment_maximum_characters; $field_maximum_question_san = (int) $field_maximum_question; $field_maximum_captcha_san = (int) $field_maximum_captcha; cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$field_maximum_name_san}' WHERE `title` = 'field_maximum_name'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$field_maximum_email_san}' WHERE `title` = 'field_maximum_email'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$field_maximum_website_san}' WHERE `title` = 'field_maximum_website'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$field_maximum_town_san}' WHERE `title` = 'field_maximum_town'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$comment_maximum_characters_san}' WHERE `title` = 'comment_maximum_characters'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$field_maximum_question_san}' WHERE `title` = 'field_maximum_question'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$field_maximum_captcha_san}' WHERE `title` = 'field_maximum_captcha'"); ?> <div class="success"><?php echo CMTX_MSG_SAVED; ?> </div> <div style="clear: left;"></div> <?php } } ?> <p /> <?php echo CMTX_DESC_LAYOUT_FORM_MAXIMUMS;
?> </th> <th><?php echo CMTX_TABLE_ANSWER; ?> </th> <th><?php echo CMTX_TABLE_ACTION; ?> </th> </tr> </thead> <tbody> <?php $questions = cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "questions`"); while ($question = cmtx_db_fetch_assoc($questions)) { ?> <tr> <td><input type="checkbox" name="bulk[]" value="<?php echo $question["id"]; ?> " onclick="bulk_check();"/></td> <td><?php echo $question["question"]; ?> </td> <td><?php echo $question["answer"]; ?> </td>
} else { if (isset($_POST['submit'])) { cmtx_check_csrf_form_key(); $admin_email_test_subject = $_POST['admin_email_test_subject']; $admin_email_test_from_name = $_POST['admin_email_test_from_name']; $admin_email_test_from_email = $_POST['admin_email_test_from_email']; $admin_email_test_reply_to = $_POST['admin_email_test_reply_to']; $email_content = $_POST['email_content']; $admin_email_test_subject_san = cmtx_sanitize($admin_email_test_subject); $admin_email_test_from_name_san = cmtx_sanitize($admin_email_test_from_name); $admin_email_test_from_email_san = cmtx_sanitize($admin_email_test_from_email); $admin_email_test_reply_to_san = cmtx_sanitize($admin_email_test_reply_to); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_email_test_subject_san}' WHERE `title` = 'admin_email_test_subject'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_email_test_from_name_san}' WHERE `title` = 'admin_email_test_from_name'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_email_test_from_email_san}' WHERE `title` = 'admin_email_test_from_email'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_email_test_reply_to_san}' WHERE `title` = 'admin_email_test_reply_to'"); $file = '../includes/emails/' . cmtx_setting('language_frontend') . '/admin/custom/email_test.txt'; $handle = fopen($file, 'w'); fputs($handle, $email_content); fclose($handle); ?> <div class="success"><?php echo CMTX_MSG_SAVED; ?> </div> <div style="clear: left;"></div> <?php } } ?>
$_SESSION['cmtx_captcha'] = ''; //reset session } if ($cmtx_rating != 0) { cmtx_delete_rating(); //delete guest rating if rated } } else { //if comment is a success (no approval required) if (!cmtx_page_exists()) { //if page does not exist cmtx_create_page(); //create it now } //insert user's comment into 'comments' database table cmtx_db_query("INSERT INTO `" . $cmtx_mysql_table_prefix . "comments` (`name`, `email`, `website`, `town`, `country`, `rating`, `reply_to`, `comment`, `reply`, `ip_address`, `page_id`, `is_approved`, `approval_reasoning`, `is_admin`, `is_sent`, `sent_to`, `likes`, `dislikes`, `is_sticky`, `is_locked`, `is_verified`, `dated`) VALUES ('{$cmtx_name}', '{$cmtx_email}', '{$cmtx_website}', '{$cmtx_town}', '{$cmtx_country}', '{$cmtx_rating}', '{$cmtx_reply_to}', '{$cmtx_comment}', '', '{$cmtx_ip_address}', '{$cmtx_page_id}', 1, '', '{$cmtx_is_admin}', 0, 0, 0, 0, 0, 0, 0, NOW())"); $cmtx_comment_id = cmtx_db_insert_id(); //get the ID of the comment //build the success box $cmtx_box = "<div class='cmtx_success_box'>"; $cmtx_box .= "<div class='cmtx_success_message_line_1'>"; $cmtx_box .= CMTX_SUCCESS_OPENING; $cmtx_box .= "</div>"; $cmtx_box .= "<div class='cmtx_success_message_line_2'>"; $cmtx_box .= CMTX_SUCCESS_TEXT; $cmtx_box .= "</div>"; $cmtx_box .= "</div>"; $cmtx_box .= "<div style='clear: left;'></div>"; //add new subscriber if (cmtx_setting('enabled_notify') && isset($_POST['cmtx_notify']) && cmtx_setting('enabled_email') && !empty($cmtx_email) && !cmtx_subscriber_exists($cmtx_email, $cmtx_page_id) && !cmtx_subscriber_email_attempts($cmtx_email) && !cmtx_subscriber_ip_attempts() && !$cmtx_is_admin) { cmtx_add_subscriber($cmtx_name, $cmtx_email, $cmtx_page_id);
//build path to reset password email file } $body = file_get_contents($reset_password_email_file); //get the file's contents $admin_link = cmtx_url_encode_spaces(cmtx_setting('commentics_url') . cmtx_setting('admin_folder')) . '/'; //build admin panel link //convert email variables with actual variables $body = str_ireplace('[username]', $username, $body); $body = str_ireplace('[password]', $password, $body); $body = str_ireplace('[admin link]', $admin_link, $body); $body = str_ireplace('[signature]', cmtx_setting('signature'), $body); //send email cmtx_email($email, null, cmtx_setting('admin_reset_password_subject'), $body, cmtx_setting('admin_reset_password_from_email'), cmtx_setting('admin_reset_password_from_name'), cmtx_setting('admin_reset_password_reply_to')); $password = md5($password); $password = cmtx_sanitize($password); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "admins` SET `password` = '{$password}' WHERE `email` = '{$email}'"); echo '<span class="positive">' . CMTX_RESET_SENT . '</span>'; } } else { echo '<span class="negative">' . CMTX_RESET_ADDR . '</span>'; } } } ?> </div> <div style="text-align:center; margin-top:10px;"> <span class="login_link"><a href="index.php" title="<?php echo CMTX_RESET_LOGIN; ?> "><?php echo CMTX_RESET_LOGIN;
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "bans` SET `reason` = '{$reason_san}' WHERE `id` = '{$id_san}'"); ?> <div class="success"><?php echo CMTX_MSG_BAN_UPDATED; ?> </div> <div style="clear: left;"></div> <?php } } ?> <?php $id = $_GET['id']; $id_san = cmtx_sanitize($id); $ban_query = cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "bans` WHERE `id` = '{$id_san}'"); $ban_result = cmtx_db_fetch_assoc($ban_query); $ip_address = $ban_result["ip_address"]; $reason = $ban_result["reason"]; $time = cmtx_format_date(date(CMTX_TIME_FORMAT, strtotime($ban_result["dated"]))); $date = cmtx_format_date(date(CMTX_DATE_FORMAT, strtotime($ban_result["dated"]))); ?> <p /> <form name="edit_ban" id="edit_ban" action="index.php?page=edit_ban&id=<?php echo $id; ?> " method="post"> <label class='edit_ban'><?php echo CMTX_FIELD_LABEL_IP_ADDRESS;
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_town}' WHERE `title` = 'show_town'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_country}' WHERE `title` = 'show_country'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_rating}' WHERE `title` = 'show_rating'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_date}' WHERE `title` = 'show_date'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_like}' WHERE `title` = 'show_like'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_dislike}' WHERE `title` = 'show_dislike'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_flag}' WHERE `title` = 'show_flag'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_permalink}' WHERE `title` = 'show_permalink'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_reply}' WHERE `title` = 'show_reply'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_gravatar}' WHERE `title` = 'show_gravatar'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_sort_by}' WHERE `title` = 'show_sort_by'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_topic}' WHERE `title` = 'show_topic'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_average_rating}' WHERE `title` = 'show_average_rating'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_social}' WHERE `title` = 'show_social'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_rss}' WHERE `title` = 'show_rss'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_page_number}' WHERE `title` = 'show_page_number'"); ?> <div class="success"><?php echo CMTX_MSG_SAVED; ?> </div> <div style="clear: left;"></div> <?php } } ?> <p /> <?php echo CMTX_DESC_LAYOUT_COMMENTS_ENABLED;
$show_social_linkedin = 1; } else { $show_social_linkedin = 0; } cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_social}' WHERE `title` = 'show_social'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$social_new_window}' WHERE `title` = 'social_new_window'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_social_facebook}' WHERE `title` = 'show_social_facebook'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_social_delicious}' WHERE `title` = 'show_social_delicious'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_social_stumbleupon}' WHERE `title` = 'show_social_stumbleupon'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_social_digg}' WHERE `title` = 'show_social_digg'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_social_technorati}' WHERE `title` = 'show_social_technorati'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_social_google}' WHERE `title` = 'show_social_google'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_social_reddit}' WHERE `title` = 'show_social_reddit'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_social_myspace}' WHERE `title` = 'show_social_myspace'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_social_twitter}' WHERE `title` = 'show_social_twitter'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_social_linkedin}' WHERE `title` = 'show_social_linkedin'"); ?> <div class="success"><?php echo CMTX_MSG_SAVED; ?> </div> <div style="clear: left;"></div> <?php } } ?> <p /> <form name="layout_comments_social" id="layout_comments_social" action="index.php?page=layout_comments_social" method="post">
$rss_most_recent_amount = $_POST['rss_most_recent_amount']; $rss_title_san = cmtx_sanitize($rss_title); $rss_link_san = cmtx_sanitize($rss_link); $rss_image_url_san = cmtx_sanitize($rss_image_url); $rss_image_width_san = (int) $rss_image_width; $rss_image_height_san = (int) $rss_image_height; $rss_most_recent_amount_san = (int) $rss_most_recent_amount; cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_rss}' WHERE `title` = 'show_rss'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rss_title_san}' WHERE `title` = 'rss_title'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rss_link_san}' WHERE `title` = 'rss_link'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rss_image_enabled}' WHERE `title` = 'rss_image_enabled'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rss_image_url_san}' WHERE `title` = 'rss_image_url'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rss_image_width_san}' WHERE `title` = 'rss_image_width'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rss_image_height_san}' WHERE `title` = 'rss_image_height'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rss_most_recent_enabled}' WHERE `title` = 'rss_most_recent_enabled'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rss_most_recent_amount_san}' WHERE `title` = 'rss_most_recent_amount'"); ?> <div class="success"><?php echo CMTX_MSG_SAVED; ?> </div> <div style="clear: left;"></div> <?php } } ?> <p /> <?php echo CMTX_DESC_SETTINGS_RSS;
<label class='edit_comment'><?php echo CMTX_FIELD_LABEL_REPLY_TO; ?> </label> <select name="reply_to"> <option value="0"<?php if (!$reply_to) { echo " selected='selected'"; } ?> ><?php echo CMTX_FIELD_VALUE_NOBODY; ?> </option> <?php $comments = cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "comments` WHERE `page_id` = '{$page_id_san}' AND `id` != '{$id_san}' ORDER BY `dated` DESC"); while ($comment = cmtx_db_fetch_assoc($comments)) { echo "<option value='" . $comment['id'] . "'"; if ($reply_to == $comment['id']) { echo " selected='selected'"; } echo ">" . $comment['name'] . " - " . date("jS M Y", strtotime($comment["dated"])) . " - " . date("g:ia", strtotime($comment["dated"])) . "</option>"; } ?> </select> <p /> <hr class="separator"/><br /> <label class='edit_comment'><?php
<?php /* Copyright © 2009-2014 Commentics Development Team [commentics.org] License: GNU General Public License v3.0 http://www.commentics.org/license/ This file is part of Commentics. Commentics is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. Commentics is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with Commentics. If not, see <http://www.gnu.org/licenses/>. Text to help preserve UTF-8 file encoding: 汉语漢語. */ if (!isset($cmtx_path)) { die('Access Denied.'); } //delete voters older than the configured time period cmtx_db_query("DELETE FROM `" . $cmtx_mysql_table_prefix . "voters` WHERE `dated` < DATE_SUB(NOW(), INTERVAL " . cmtx_setting('days_to_delete_voters') . " DAY)");
} else { if (isset($_POST['submit'])) { cmtx_check_csrf_form_key(); $subscriber_confirmation_subject = $_POST['subscriber_confirmation_subject']; $subscriber_confirmation_from_name = $_POST['subscriber_confirmation_from_name']; $subscriber_confirmation_from_email = $_POST['subscriber_confirmation_from_email']; $subscriber_confirmation_reply_to = $_POST['subscriber_confirmation_reply_to']; $email_content = $_POST['email_content']; $subscriber_confirmation_subject_san = cmtx_sanitize($subscriber_confirmation_subject); $subscriber_confirmation_from_name_san = cmtx_sanitize($subscriber_confirmation_from_name); $subscriber_confirmation_from_email_san = cmtx_sanitize($subscriber_confirmation_from_email); $subscriber_confirmation_reply_to_san = cmtx_sanitize($subscriber_confirmation_reply_to); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$subscriber_confirmation_subject_san}' WHERE `title` = 'subscriber_confirmation_subject'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$subscriber_confirmation_from_name_san}' WHERE `title` = 'subscriber_confirmation_from_name'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$subscriber_confirmation_from_email_san}' WHERE `title` = 'subscriber_confirmation_from_email'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$subscriber_confirmation_reply_to_san}' WHERE `title` = 'subscriber_confirmation_reply_to'"); $file = '../includes/emails/' . cmtx_setting('language_frontend') . '/user/custom/subscriber_confirmation.txt'; $handle = fopen($file, 'w'); fputs($handle, $email_content); fclose($handle); ?> <div class="success"><?php echo CMTX_MSG_SAVED; ?> </div> <div style="clear: left;"></div> <?php } } ?>
?> </div> <div style="clear: left;"></div> <?php } else { if (isset($_POST['submit'])) { cmtx_check_csrf_form_key(); if (isset($_POST['rich_snippets'])) { $rich_snippets = 1; } else { $rich_snippets = 0; } $rich_snippets_markup = $_POST['rich_snippets_markups']; $rich_snippets_markup_san = cmtx_sanitize($rich_snippets_markup); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rich_snippets}' WHERE `title` = 'rich_snippets'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rich_snippets_markup_san}' WHERE `title` = 'rich_snippets_markup'"); ?> <div class="success"><?php echo CMTX_MSG_SAVED; ?> </div> <div style="clear: left;"></div> <?php } } ?> <p /> <?php echo CMTX_DESC_SETTINGS_RICH_SNIPPETS_1;
function cmtx_get_question() { //get captcha question and answer global $cmtx_mysql_table_prefix; //globalise variables $query = cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "questions` ORDER BY Rand() LIMIT 1"); $result = cmtx_db_fetch_assoc($query); $question = array($result['question'], $result['answer']); return $question; }
} else { $viewers_enabled = 0; } $viewers_timeout = $_POST['viewers_timeout']; if (isset($_POST['viewers_refresh_enabled'])) { $viewers_refresh_enabled = 1; } else { $viewers_refresh_enabled = 0; } $viewers_refresh_time = $_POST['viewers_refresh_time']; $viewers_timeout_san = (int) $viewers_timeout; $viewers_refresh_time_san = (int) $viewers_refresh_time; cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$viewers_enabled}' WHERE `title` = 'viewers_enabled'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$viewers_timeout_san}' WHERE `title` = 'viewers_timeout'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$viewers_refresh_enabled}' WHERE `title` = 'viewers_refresh_enabled'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$viewers_refresh_time_san}' WHERE `title` = 'viewers_refresh_time'"); ?> <div class="success"><?php echo CMTX_MSG_SAVED; ?> </div> <div style="clear: left;"></div> <?php } } ?> <p /> <?php echo CMTX_DESC_SETTINGS_VIEWERS;
?> </div> <div style="clear: left;"></div> <?php } else { if (isset($_POST['submit'])) { cmtx_check_csrf_form_key(); if (isset($_POST['enabled'])) { $akismet_enabled = 1; } else { $akismet_enabled = 0; } $akismet_key = $_POST['akismet_key']; $akismet_key_san = cmtx_sanitize($akismet_key); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$akismet_enabled}' WHERE `title` = 'akismet_enabled'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$akismet_key_san}' WHERE `title` = 'akismet_key'"); ?> <div class="success"><?php echo CMTX_MSG_SAVED; ?> </div> <div style="clear: left;"></div> <?php } } ?> <p /> <?php echo CMTX_DESC_SETTINGS_AKISMET;
?> </th> <th><?php echo CMTX_TABLE_DATE_TIME; ?> </th> <th><?php echo CMTX_TABLE_ACTION; ?> </th> </tr> </thead> <tbody> <?php $pages = cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "pages` ORDER BY `id` ASC"); while ($page = cmtx_db_fetch_assoc($pages)) { ?> <tr> <td><input type="checkbox" name="bulk[]" value="<?php echo $page["id"]; ?> " onclick="bulk_check();"/></td> <td><?php echo $page["identifier"]; ?> </td> <td><?php echo $page["reference"]; ?> </td>
$smtp_password = $_POST['smtp_password']; $sendmail_path = $_POST['sendmail_path']; $transport_method_san = cmtx_sanitize($transport_method); $smtp_host_san = cmtx_sanitize($smtp_host); $smtp_port_san = (int) $smtp_port; $smtp_encrypt_san = cmtx_sanitize($smtp_encrypt); $smtp_username_san = cmtx_sanitize($smtp_username); $smtp_password_san = cmtx_sanitize($smtp_password); $sendmail_path_san = cmtx_sanitize($sendmail_path); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$transport_method_san}' WHERE `title` = 'transport_method'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$smtp_host_san}' WHERE `title` = 'smtp_host'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$smtp_port_san}' WHERE `title` = 'smtp_port'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$smtp_encrypt_san}' WHERE `title` = 'smtp_encrypt'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$smtp_username_san}' WHERE `title` = 'smtp_username'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$smtp_password_san}' WHERE `title` = 'smtp_password'"); cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$sendmail_path_san}' WHERE `title` = 'sendmail_path'"); ?> <div class="success"><?php echo CMTX_MSG_SAVED; ?> </div> <div style="clear: left;"></div> <?php } } ?> <p /> <?php echo CMTX_DESC_SETTINGS_EMAIL_METHOD;
} ?> <p /> <?php echo CMTX_DESC_LAYOUT_FORM_BB_CODE; ?> <p /> <?php if (!cmtx_setting('enabled_bb_code_bold') && !cmtx_setting('enabled_bb_code_italic') && !cmtx_setting('enabled_bb_code_underline') && !cmtx_setting('enabled_bb_code_strike') && !cmtx_setting('enabled_bb_code_superscript') && !cmtx_setting('enabled_bb_code_subscript') && !cmtx_setting('enabled_bb_code_code') && !cmtx_setting('enabled_bb_code_php') && !cmtx_setting('enabled_bb_code_quote') && !cmtx_setting('enabled_bb_code_line') && !cmtx_setting('enabled_bb_code_bullet') && !cmtx_setting('enabled_bb_code_numeric') && !cmtx_setting('enabled_bb_code_link') && !cmtx_setting('enabled_bb_code_email') && !cmtx_setting('enabled_bb_code_image') && !cmtx_setting('enabled_bb_code_video')) { cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '0' WHERE `title` = 'enabled_bb_code'"); } else { cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '1' WHERE `title` = 'enabled_bb_code'"); } ?> <form name="layout_form_bb_code" id="layout_form_bb_code" action="index.php?page=layout_form_bb_code" method="post"> <label class='layout_form_bb_code'><img src="../images/bb_code/bold.png" title="Bold" alt="Bold"/></label> <?php if (cmtx_setting('enabled_bb_code_bold')) { ?> <input type="checkbox" checked="checked" name="enabled_bb_code_bold"/> <?php } else { ?> <input type="checkbox" name="enabled_bb_code_bold"/> <?php } ?> <p /> <label class='layout_form_bb_code'><img src="../images/bb_code/italic.png" title="Italic" alt="Italic"/></label> <?php
?> </th> <th><?php echo CMTX_TABLE_DATE_TIME; ?> </th> <th><?php echo CMTX_TABLE_ACTION; ?> </th> </tr> </thead> <tbody> <?php $administrators = cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "admins` ORDER BY `id` ASC"); while ($administrator = cmtx_db_fetch_assoc($administrators)) { ?> <tr> <td><input type="checkbox" name="bulk[]" value="<?php echo $administrator["id"]; ?> " onclick="bulk_check();"/></td> <td><?php echo $administrator["username"]; ?> </td> <td><?php echo $administrator["email"]; ?> </td>
?> </th> <th><?php echo CMTX_TABLE_TYPE; ?> </th> <th><?php echo CMTX_TABLE_DATE_TIME; ?> </th> </tr> </thead> <tbody> <?php $versions = cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "version` ORDER BY `dated` DESC"); while ($version = cmtx_db_fetch_assoc($versions)) { ?> <tr> <td><?php echo $version["version"]; ?> </td> <td><?php echo $version["type"]; ?> </td> <td><span style="display:none;"><?php echo date("YmdHis", strtotime($version["dated"])); ?> </span><?php