function setSettings($arrSettings)
{
global $objDatabase;
$status = true;
foreach ($arrSettings as $key => $arrSetting) {
if ($objDatabase->Execute('UPDATE `' . DBPREFIX . 'access_settings` SET `value` = \'' . contrexx_addslashes($arrSetting['value']) . '\', `status` = ' . intval($arrSetting['status']) . ' WHERE `key` = \'' . contrexx_addslashes($key) . '\'') === false) {
$status = false;
}
}
return $status;
}
/**
*
* Selects the username with the id of the user who has loggged on.
* @global $objDatabase
*/
function getUserID($userName)
{
global $objDatabase;
$arrSettings = \User_Setting::getSettings();
$where = array();
$where[] = '`email` = "' . $userName . '"';
if ($arrSettings['use_usernames']['status']) {
$where[] = '`username` = "' . $userName . '"';
}
$userName = contrexx_addslashes($userName);
$selUserID = 'SELECT id FROM ' . DBPREFIX . 'access_users
WHERE (' . implode(' OR ', $where) . ') AND
active=1';
$objResult = $objDatabase->Execute($selUserID);
while (!$objResult->EOF) {
$ID = $objResult->fields['id'];
$objResult->MoveNext();
}
return $ID;
}
/**
* Update or add new template
*/
function storeTemplate()
{
global $objDatabase;
if (empty($_POST['mails'])) {
return '';
}
// Use the posted template ID only if the "store as new" checkbox
// hasn't been marked
$template_id = empty($_POST['shopMailSaveNew']) && !empty($_POST['tplId']) ? $_POST['tplId'] : 0;
if (empty($_POST['langId'])) {
return '';
}
$lang_id = $_POST['langId'];
self::init($lang_id);
if ($template_id) {
$arrTemplate = self::$arrTemplate[$template_id];
if (!$arrTemplate) {
// Template not found. Clear the ID.
$template_id = 0;
}
}
// If the template ID is known, update.
// Note that the protected flag is not changed.
// For newly inserted templates, the protected flag is always 0 (zero).
$query = $template_id && isset(self::$arrTemplate[$template_id]) ? "UPDATE " . DBPREFIX . "module_shop" . MODULE_INDEX . "_mail\n SET `tplname`='" . contrexx_addslashes($_POST['shopMailTemplate']) . "'\n WHERE `id`={$template_id}" : "INSERT INTO " . DBPREFIX . "module_shop" . MODULE_INDEX . "_mail (\n `protected`, `tplname`\n ) VALUES (\n 0,\n '" . contrexx_addslashes($_POST['shopMailTemplate']) . "'\n )";
$objResult = $objDatabase->Execute($query);
if (!$objResult) {
return false;
}
if (empty($template_id)) {
$template_id = $objDatabase->Insert_ID();
}
$query = $template_id && self::$arrTemplate[$template_id]['available'] ? "UPDATE " . DBPREFIX . "module_shop" . MODULE_INDEX . "_mail_content\n SET `from_mail`='" . contrexx_addslashes($_POST['shopMailFromAddress']) . "',\n `xsender`='" . contrexx_addslashes($_POST['shopMailFromName']) . "',\n `subject`='" . contrexx_addslashes($_POST['shopMailSubject']) . "',\n `message`='" . contrexx_addslashes($_POST['shopMailBody']) . "'\n WHERE `tpl_id`={$template_id}\n AND `lang_id`={$lang_id}" : "INSERT INTO " . DBPREFIX . "module_shop" . MODULE_INDEX . "_mail_content (\n `tpl_id`, `lang_id`,\n `from_mail`, `xsender`,\n `subject`, `message`\n ) VALUES (\n {$template_id}, {$lang_id},\n '" . contrexx_addslashes($_POST['shopMailFromAddress']) . "',\n '" . contrexx_addslashes($_POST['shopMailFromName']) . "',\n '" . contrexx_addslashes($_POST['shopMailSubject']) . "',\n '" . contrexx_addslashes($_POST['shopMailBody']) . "'\n )";
$objResult = $objDatabase->Execute($query);
if (!$objResult) {
return false;
}
return true;
}
function delEntry()
{
global $objDatabase, $_ARRAYLANG, $_CORELANG, $_CONFIG;
$this->_objTpl->setTemplate($this->pageContent, true, true);
if (!$this->settings['editEntry'] == '1' || !$this->communityModul && $this->settings['addEntry_only_community'] == '1') {
\Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Market&cmd=detail&id=' . $_POST['id']);
exit;
} elseif ($this->settings['addEntry_only_community'] == '1') {
$objFWUser = \FWUser::getFWUserObject();
if ($objFWUser->objUser->login()) {
if (!\Permission::checkAccess(101, 'static', true)) {
\Cx\Core\Csrf\Controller\Csrf::header("Location: " . CONTREXX_DIRECTORY_INDEX . "?section=Login&cmd=noaccess");
exit;
}
} else {
$link = base64_encode(CONTREXX_DIRECTORY_INDEX . '?' . $_SERVER['QUERY_STRING']);
\Cx\Core\Csrf\Controller\Csrf::header("Location: " . CONTREXX_DIRECTORY_INDEX . "?section=Login&redirect=" . $link);
exit;
}
} else {
$objFWUser = \FWUser::getFWUserObject();
}
//get search
$this->getSearch();
if (isset($_GET['id'])) {
$entryId = contrexx_addslashes($_GET['id']);
$objResult = $objDatabase->Execute('SELECT id, userid, catid FROM ' . DBPREFIX . 'module_market WHERE id = ' . $entryId . ' LIMIT 1');
if ($objResult !== false) {
while (!$objResult->EOF) {
if ($objFWUser->objUser->login() && $objFWUser->objUser->getId() == $objResult->fields['userid'] || \Permission::hasAllAccess()) {
$this->_objTpl->setVariable(array('MARKET_ENTRY_ID' => $entryId, 'TXT_MARKET_DEL' => $_ARRAYLANG['TXT_MARKET_DELETE_ADVERTISEMENT'], 'TXT_MARKET_ABORT' => $_CORELANG['TXT_CANCEL'], 'TXT_MARKET_CONFIRM_DEL' => $_ARRAYLANG['TXT_MARKET_ADVERTISEMENT_DELETE']));
//get navigatin
$this->getNavigation($objResult->fields['catid']);
$objResult->MoveNext();
} else {
\Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Market&cmd=detail&id=' . $_GET['id']);
exit;
}
}
}
} else {
if (isset($_POST['submitEntry'])) {
$arrDelete = array();
$arrDelete[0] = $_POST['id'];
$this->removeEntry($arrDelete);
\Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Market');
exit;
} else {
\Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Market');
exit;
}
}
}
/**
* handles the upload of a file
*
* @param string $inputName name of the HTML input element used to upload the file
*
* @return array $uploadedFileInfo array containing the properties for the uploaded file,
* false when upload has failed
*/
function _handleUpload($inputName)
{
global $_ARRAYLANG, $sessionObj;
$fileName = isset($_POST[$inputName]) ? contrexx_input2raw($_POST[$inputName]) : '';
if (empty($fileName)) {
return array('name' => '', 'path' => '', 'size' => 0);
}
$uploaderId = isset($_POST['forumUploaderId']) ? contrexx_input2raw($_POST['forumUploaderId']) : '';
if (empty($uploaderId)) {
\DBG::log('Uploader id is empty');
return false;
}
//Re-initialize the $sessionObj if it is empty
if (empty($sessionObj)) {
$sessionObj = \cmsSession::getInstance();
}
$tempPath = $sessionObj->getTempPath() . '/' . $uploaderId . '/' . $fileName;
if (!\Cx\Lib\FileSystem\FileSystem::exists($tempPath)) {
return false;
}
$cx = \Cx\Core\Core\Controller\Cx::instanciate();
$filePath = $cx->getWebsiteMediaForumUploadPath() . '/';
$pathinfo = pathinfo($fileName);
$i = 1;
while (\Cx\Lib\FileSystem\FileSystem::exists($filePath . $fileName)) {
$fileName = $pathinfo['filename'] . '_' . $i++ . '.' . $pathinfo['extension'];
}
if (\Cx\Lib\FileSystem\FileSystem::move($tempPath, $filePath . $fileName, true) === false) {
$this->_objTpl->setVariable('TXT_FORUM_ERROR', $filePath . $fileName . ': ' . $_ARRAYLANG['TXT_FORUM_UPLOAD_NOT_MOVABLE']);
return false;
}
return array('name' => contrexx_addslashes($fileName), 'path' => $filePath, 'size' => filesize($filePath . $fileName));
}
/**
* Add content data for a category
*
* Add the content data for a category that later will be inserted
* @param int $lang
* @param string $name
*/
public function addContent($lang, $name)
{
$this->insertContent[] = array('lang' => intval($lang), 'name' => contrexx_addslashes($name));
}
/**
* Update values for a banner
*
* @global object $objDatabase
* @global array $_ARRAYLANG
* @return integer $intReturn: The old group of the changed banner
*/
function updateBanner()
{
global $objDatabase, $_ARRAYLANG;
$intBannerId = intval($_POST['bannerId']);
$strName = htmlspecialchars(addslashes($_POST['bannerName']), ENT_QUOTES, CONTREXX_CHARSET);
$intGroupId = intval($_POST['bannerGroupId']);
$intStatus = intval($_POST['bannerStatus']);
$strCode = contrexx_addslashes($_POST['bannerCode']);
if (!empty($strName) && $intGroupId != 0) {
$objDatabase->Execute(' UPDATE ' . DBPREFIX . 'module_banner_system
SET parent_id=' . $intGroupId . ',
name="' . $strName . '",
banner_code="' . $strCode . '",
status=' . $intStatus . '
WHERE id=' . $intBannerId . '
LIMIT 1
');
$objDatabase->Execute(' DELETE
FROM ' . DBPREFIX . 'module_banner_relations
WHERE banner_id=' . $intBannerId . '
');
if (is_array($_POST['selectedPages'])) {
foreach ($_POST['selectedPages'] as $intPageId) {
$objDatabase->Execute(' INSERT
INTO ' . DBPREFIX . 'module_banner_relations
SET banner_id=' . $intBannerId . ',
group_id=' . $intGroupId . ',
page_id=' . $intPageId . ',
type="content"
');
}
}
if (is_array($_POST['selectedNews'])) {
foreach ($_POST['selectedNews'] as $intPageId) {
$objDatabase->Execute(' INSERT
INTO ' . DBPREFIX . 'module_banner_relations
SET banner_id=' . $intBannerId . ',
group_id=' . $intGroupId . ',
page_id=' . $intPageId . ',
type="news"
');
}
}
if (is_array($_POST['selectedTeaser'])) {
foreach ($_POST['selectedTeaser'] as $intPageId) {
$objDatabase->Execute(' INSERT
INTO ' . DBPREFIX . 'module_banner_relations
SET banner_id=' . $intBannerId . ',
group_id=' . $intGroupId . ',
page_id=' . $intPageId . ',
type="teaser"
');
}
}
$this->strOkMessage = $_ARRAYLANG['TXT_BANNER_UPDATE_DONE'];
}
return $intGroupId;
}
/**
* Loads the event manager configuration
*
* @param integer $startDate Start date Unix timestamp
* @param integer $endDate End date timestamp
* @param integer $categoryId Category Id
* @param string $searchTerm Search Term
* @param boolean $showSeries Show Series
* @param boolean $needAuth Need authorization
* @param boolean $onlyActive Only active Events
* @param integer $startPos Start position
* @param integer $numEvents Number of events
* @param string $sortDirection Sort direction, possible values ASC, DESC
* @param boolean $onlyConfirmed only confirmed Entries
* @param string $author author name
*/
function __construct($startDate = null, $endDate = null, $categoryId = null, $searchTerm = null, $showSeries = true, $needAuth = false, $onlyActive = false, $startPos = 0, $numEvents = 'n', $sortDirection = 'ASC', $onlyConfirmed = true, $author = null, $listType = 'all')
{
$this->startDate = intval($startDate);
$this->endDate = intval($endDate);
$this->categoryId = intval($categoryId);
$this->showSeries = $showSeries;
$this->searchTerm = contrexx_addslashes($searchTerm);
$this->needAuth = $needAuth;
$this->onlyActive = $onlyActive;
$this->startPos = $startPos;
$this->numEvents = $numEvents;
$this->sortDirection = $sortDirection;
$this->onlyConfirmed = $onlyConfirmed;
$this->author = $author;
$this->listType = $listType;
}
function saveLevel($arrData, $intLevelId = null)
{
global $_ARRAYLANG, $_CORELANG, $objDatabase, $_LANGID;
//get data
$intId = intval($intLevelId);
$intParentId = intval($arrData['levelPosition']);
$intShowEntries = intval($arrData['levelShowEntries']);
$intShowSublevels = isset($arrData['levelShowSublevels']) ? contrexx_input2int($arrData['levelShowSublevels']) : 0;
$intShowCategories = intval($arrData['levelShowCategories']);
$intActive = intval($arrData['levelActive']);
$strPicture = contrexx_addslashes(contrexx_strip_tags($arrData['levelImage']));
$arrName = $arrData['levelName'];
$arrDescription = $arrData['levelDescription'];
if (empty($intId)) {
//insert new category
$objInsertAttributes = $objDatabase->Execute("\n INSERT INTO\n " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_levels\n SET\n `parent_id`='" . $intParentId . "',\n `order`=0,\n `show_entries`='" . $intShowEntries . "',\n `show_sublevels`='" . $intShowSublevels . "',\n `show_categories`='" . $intShowCategories . "',\n `picture`='" . $strPicture . "',\n `active`='" . $intActive . "'\n ");
if ($objInsertAttributes !== false) {
$intId = $objDatabase->Insert_ID();
foreach ($this->arrFrontendLanguages as $key => $arrLang) {
if (empty($arrName[0])) {
$arrName[0] = "[[" . $_ARRAYLANG['TXT_MEDIADIR_NEW_LEVEL'] . "]]";
}
if (empty($arrDescription[0])) {
$arrDescription[0] = isset($arrDescription[$_LANGID]) ? $arrDescription[$_LANGID] : '';
}
$strName = $arrName[$arrLang['id']];
$strDescription = $arrDescription[$arrLang['id']];
if (empty($strName)) {
$strName = $arrName[0];
}
if (empty($strDescription)) {
$strDescription = $arrDescription[0];
}
$objInsertNames = $objDatabase->Execute("\n INSERT INTO\n " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_level_names\n SET\n `lang_id`='" . intval($arrLang['id']) . "',\n `level_id`='" . intval($intId) . "',\n `level_name`='" . contrexx_raw2db(contrexx_input2raw($strName)) . "',\n `level_description`='" . contrexx_raw2db(contrexx_input2raw($strDescription)) . "'\n ");
}
if ($objInsertNames !== false) {
return true;
} else {
return false;
}
} else {
return false;
}
} else {
//update category
if ($intParentId == $intLevelId) {
$parentSql = null;
} else {
$parentSql = "`parent_id`='" . $intParentId . "',";
}
$objUpdateAttributes = $objDatabase->Execute("\n UPDATE\n " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_levels\n SET\n " . $parentSql . "\n `show_entries`='" . $intShowEntries . "',\n `show_sublevels`='" . $intShowSublevels . "',\n `show_categories`='" . $intShowCategories . "',\n `picture`='" . $strPicture . "',\n `active`='" . $intActive . "'\n WHERE\n `id`='" . $intId . "'\n ");
if ($objUpdateAttributes !== false) {
$objDatabase->Execute("DELETE FROM " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_level_names WHERE level_id='" . $intId . "'");
foreach ($this->arrFrontendLanguages as $key => $arrLang) {
if (empty($arrName[0])) {
$arrName[0] = "[[" . $_ARRAYLANG['TXT_MEDIADIR_NEW_LEVEL'] . "]]";
}
if (empty($arrDescription[0])) {
$arrDescription[0] = isset($arrDescription[$_LANGID]) ? $arrDescription[$_LANGID] : '';
}
$strName = $arrName[$arrLang['id']];
$strDescription = $arrDescription[$arrLang['id']];
if (empty($strName)) {
$strName = $arrName[0];
}
if (empty($strDescription)) {
$strDescription = $arrDescription[0];
}
$objInsertNames = $objDatabase->Execute("\n INSERT INTO\n " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_level_names\n SET\n `lang_id`='" . intval($arrLang['id']) . "',\n `level_id`='" . intval($intId) . "',\n `level_name`='" . contrexx_raw2db(contrexx_input2raw($strName)) . "',\n `level_description`='" . contrexx_raw2db(contrexx_input2raw($strDescription)) . "'\n ");
}
if ($objInsertNames !== false) {
return true;
} else {
return false;
}
} else {
return false;
}
}
}
/**
* Memberlist
*
* @access private
* @global ADONewConnection
* @global array
* @global array
*/
function _memberList()
{
global $objDatabase, $_ARRAYLANG, $_CONFIG;
$this->setDirs(0, true);
$this->_objTpl->setTemplate($this->pageContent, true, true);
$dirid = intval($_GET['id']);
$this->_objTpl->setGlobalVariable(array("TXT_OVERVIEW" => $_ARRAYLANG['TXT_OVERVIEW']));
$treeid = $dirid;
$tree = array();
while ($treeid > 0) {
$temp = array('id' => $treeid, 'name' => $this->directories[$treeid]['name']);
$tree[] = $temp;
$treeid = $this->directories[$treeid]['parentdir'];
}
$tree = array_reverse($tree);
foreach ($tree as $branch) {
$this->_objTpl->setVariable(array("MEMBERDIR_DIRID" => $branch['id'], "MEMBERDIR_DIRNAME" => $branch['name']));
$this->_objTpl->parse("tree-element");
}
$this->_objTpl->parse("tree");
if ($this->directories[$dirid]['displaymode'] == 0 || $this->directories[$dirid]['displaymode'] == 1) {
$lastlevel = 0;
if ($this->directories[$dirid]['has_children']) {
$this->_objTpl->setVariable(array("TXT_CATEGORY_TREE_DESC" => "<div style=\"margin-bottom: 5px;\">" . $_ARRAYLANG['TXT_SUBDIRECTORIES'] . "</div>", 'TXT_MEMBERDIR_EXPORT_CONTACT_AS_VCARD' => $_ARRAYLANG['TXT_MEMBERDIR_EXPORT_CONTACT_AS_VCARD']));
}
foreach ($this->directories as $dirkey => $directory) {
// check language
if ($directory['lang'] != 0 && $directory['lang'] != $this->langId) {
continue;
}
if ($directory['active'] && $directory['parentdir'] == $dirid && $dirkey != 0) {
$this->_objTpl->setVariable(array("MEMBERDIR_DIR_ID" => $dirkey, "MEMBERDIR_DIR_NAME" => $directory['name'], "MEMBERDIR_IMAGE_SRC" => "pixel.gif"));
$this->_objTpl->parse("category");
}
}
$this->_objTpl->parse("category_list");
$this->_objTpl->hideBlock("category_show");
}
if ($this->directories[$dirid]['displaymode'] == 0 || $this->directories[$dirid]['displaymode'] == 2) {
if (empty($_GET['sort'])) {
$_GET['sort'] = "";
}
if (empty($_GET['search'])) {
$_GET['search'] = "";
}
$keyword = isset($_GET['keyword']) ? contrexx_addslashes($_GET['keyword']) : "";
$sort = contrexx_addslashes($_GET['sort']);
$this->_objTpl->setGlobalVariable(array("MEMBERDIR_DIRID" => $dirid, "MEMBERDIR_CHAR_LIST" => $this->_getCharList(CONTREXX_DIRECTORY_INDEX . "?section=MemberDir&cmd=" . htmlentities($_GET['cmd'], ENT_QUOTES, CONTREXX_CHARSET) . "&id=" . $dirid . "&sort={$sort}"), "MEMBERDIR_DESCRIPTION" => nl2br($this->directories[$dirid]['description'])));
$sortField = $this->directories[$dirid]['sort'];
if ($sort == "sc") {
/* Special Chars */
$query = "SELECT *\n FROM " . DBPREFIX . "module_memberdir_values\n WHERE `1` REGEXP '^[^a-zA-Z]' AND\n `dirid` = '{$dirid}'";
} elseif (preg_match("%^[a-z]\$%i", $sort)) {
/* Sort by char */
$query = "SELECT *\n FROM " . DBPREFIX . "module_memberdir_values\n WHERE `1` REGEXP '^" . $sort . "' AND\n `dirid` = '{$dirid}'";
} elseif ($_GET['search'] == "search") {
/* Search */
$query = "SELECT *\n FROM " . DBPREFIX . "module_memberdir_values\n WHERE (\n `1` LIKE '%{$keyword}%' OR\n `2` LIKE '%{$keyword}%' OR\n `3` LIKE '%{$keyword}%' OR\n `4` LIKE '%{$keyword}%' OR\n `5` LIKE '%{$keyword}%' OR\n `6` LIKE '%{$keyword}%' OR\n `7` LIKE '%{$keyword}%' OR\n `8` LIKE '%{$keyword}%' OR\n `9` LIKE '%{$keyword}%' OR\n `10` LIKE '%{$keyword}%' OR\n `11` LIKE '%{$keyword}%' OR\n `12` LIKE '%{$keyword}%' OR\n `13` LIKE '%{$keyword}%' OR\n `14` LIKE '%{$keyword}%' OR\n `15` LIKE '%{$keyword}%' OR\n `16` LIKE '%{$keyword}%' OR\n `17` LIKE '%{$keyword}%' OR\n `18` LIKE '%{$keyword}%'\n ) ";
if ($dirid != 0) {
$query .= " AND `dirid` = '{$dirid}'";
}
$objResult = $objDatabase->Execute($query);
} elseif ($sort == "all") {
/* All */
$query = "SELECT *\n FROM " . DBPREFIX . "module_memberdir_values\n WHERE `dirid` = '{$dirid}'";
} else {
if ($this->options['default_listing']) {
$query = "SELECT *\n FROM " . DBPREFIX . "module_memberdir_values\n WHERE `dirid` = '{$dirid}'";
}
}
if ($this->options['default_listing']) {
$query .= " ORDER BY `" . $sortField . "` ASC";
$pos = isset($_GET['pos']) ? intval($_GET['pos']) : 0;
$objResult = $objDatabase->Execute($query);
}
if ($objResult) {
$count = $objResult->RecordCount();
$paging = getPaging($count, $pos, "&section=MemberDir&cmd=" . htmlentities($_GET['cmd'], ENT_QUOTES, CONTREXX_CHARSET) . "&id={$dirid}&sort={$sort}&search=" . htmlentities(contrexx_stripslashes($_GET['search']), ENT_QUOTES, CONTREXX_CHARSET) . "&keyword={$keyword}", "<b>" . $_ARRAYLANG['TXT_MEMBERDIR_ENTRIES'] . "</b>", true, $_CONFIG['corePagingLimit']);
$this->_objTpl->setVariable("MEMBERDIR_PAGING", $paging);
$objResult = $objDatabase->SelectLimit($query, $_CONFIG['corePagingLimit'], $pos);
if ($objResult) {
$rowid = 1;
while (!$objResult->EOF) {
$fieldnames = $this->getFieldData($dirid);
for ($i = 1; $i < 17; $i++) {
$placeholder = $this->getPlaceholderName($fieldnames[$i]['name']);
$replace[$placeholder] = $objResult->fields["{$i}"];
}
if ($dirid == 0) {
$replace["FIELD_CATEGORY"] = $_ARRAYLANG['TXT_DIRECTORY'] . ": <strong>" . $this->directories[$objResult->fields['dirid']]['name'] . "</strong><br />";
}
if ($this->directories[$objResult->fields['dirid']] && $objResult->fields['pic1'] != "none") {
$src = $objResult->fields['pic1'];
$size = getimagesize(ASCMS_PATH . $src);
$width = $this->options['max_width'] < $size[0] ? $this->options['max_width'] : $size[0];
$height = $this->options['max_height'] < $size[1] ? $this->options['max_height'] : $size[1];
$this->_objTpl->setVariable(array("FIELD_PIC1" => "<img src=\"{$src}\" alt=\"\" style=\"width: " . $width . "px; height: " . $height . "px;\" /><br />"));
}
if ($this->directories[$objResult->fields['dirid']] && $objResult->fields['pic2'] != "none") {
$src = $objResult->fields['pic2'];
$size = getimagesize(ASCMS_PATH . $src);
$width = $this->options['max_width'] < $size[0] ? $this->options['max_width'] : $size[0];
$height = $this->options['max_height'] < $size[1] ? $this->options['max_height'] : $size[1];
$this->_objTpl->setVariable(array("FIELD_PIC2" => "<img src=\"{$src}\" alt=\"\" style=\"width: " . $width . "px; height: " . $height . "px;\" /><br />"));
}
$name = $key <= 12 ? strtoupper($field['name']) : $key;
$this->_objTpl->setVariable(array("MEMBERDIR_FIELD_" . $name => $key > 12 ? nl2br($objResult->fields[$key]) : $this->checkStr($objResult->fields[$key])));
$this->_objTpl->setVariable($replace);
$this->_objTpl->setVariable(array("MEMBERDIR_ROW" => $rowid, "MEMBERDIR_ID" => $objResult->fields['id'], "FIELD_DIRECTORY" => $this->directories[$dirid]['name']));
$this->_objTpl->parse("memberdir_row");
$rowid = $rowid == 2 ? 1 : 2;
$objResult->MoveNext();
}
}
}
$this->_objTpl->touchBlock("category_show");
$this->_objTpl->parse("category_show");
}
}
function interfaces()
{
global $_ARRAYLANG, $_CORELANG;
\Permission::checkAccess(MediaDirectoryAccessIDs::Interfaces, 'static');
$this->_objTpl->loadTemplateFile('module_' . $this->moduleNameLC . '_interfaces.html', true, true);
$this->pageTitle = $_ARRAYLANG['TXT_MEDIADIR_INTERFACES'];
$objInterfaces = new MediaDirectoryInterfaces($this->moduleName);
$tpl = isset($_GET['tpl']) ? $_GET['tpl'] : '';
$step = isset($_GET['step']) ? $_GET['step'] : '';
if (isset($_POST['submitInterfacesForm'])) {
$strStatus = null;
switch ($tpl) {
case 'import':
$objImport = new MediaDirectoryImport($this->moduleName);
switch ($step) {
case 'insertSQL':
$strStatus = $objImport->importSQL(contrexx_addslashes($_POST['interfacesImportSqlTable']), contrexx_addslashes($_POST['pairs_left_keys']), contrexx_addslashes($_POST['pairs_right_keys']), intval($_POST['interfacesImportSqlType']), intval($_POST['interfacesImportSqlForm']), intval($_POST['interfacesImportSqlCategory']), intval($_POST['interfacesImportSqlLevel']));
break;
case 'insertCSV':
$strStatus = $objImport->importCSV();
break;
}
break;
case 'export':
$objExport = new MediaDirectoryExport($this->moduleName);
switch ($_POST['step']) {
case 'exportCSV':
$strStatus = $objExport->exportCSV(intval($_POST['interfacesExportForm']), $_POST['interfacesExportSelectedCategories'], $_POST['interfacesExportSelectedLevels'], intval($_POST['interfacesExportMask']));
break;
}
}
if ($strStatus === true) {
$this->strOkMessage = "Ok";
} else {
if ($strStatus === false) {
$this->strErrMessage = "Not Ok";
}
}
}
$this->_objTpl->setGlobalVariable(array('TXT_' . $this->moduleLangVar . '_IMPORT' => $_ARRAYLANG['TXT_MEDIADIR_IMPORT'], 'TXT_' . $this->moduleLangVar . '_EXPORT' => $_ARRAYLANG['TXT_MEDIADIR_EXPORT'], 'TXT_' . $this->moduleLangVar . '_SUBMIT' => $_ARRAYLANG['TXT_' . $this->moduleLangVar . '_SUBMIT'], 'TXT_' . $this->moduleLangVar . '_DO_IMPORT' => $_ARRAYLANG['TXT_MEDIADIR_DO_IMPORT'], 'TXT_' . $this->moduleLangVar . '_DO_EXPORT' => $_ARRAYLANG['TXT_MEDIADIR_DO_EXPORT'], 'TXT_' . $this->moduleLangVar . '_SELECT_TABLE' => $_ARRAYLANG['TXT_MEDIADIR_SELECT_TABLE'], 'TXT_' . $this->moduleLangVar . '_DELETE' => $_CORELANG['TXT_DELETE'], 'TXT_' . $this->moduleLangVar . '_ACTIVATE' => $_ARRAYLANG['TXT_MEDIADIR_ACTIVATE'], 'TXT_' . $this->moduleLangVar . '_DEACTIVATE' => $_ARRAYLANG['TXT_MEDIADIR_DEAVTIVATE']));
switch ($tpl) {
case 'import':
$objInterfaces->showImport($step, $this->_objTpl);
break;
case 'export':
default:
$objInterfaces->showExport($step, $this->_objTpl);
break;
}
}
/**
* Update form inputfields
*
* Before calling this method Remove the existing form inputfield entries from db
* for avoiding the duplicate entries in db.
*
* @param integer $intFieldId Form InputField id
* @param array $arrFieldNames Form inputField Names array, the key is refered as the language id
* @param array $arrFieldDefaultValues Form inputField Default values array, the key is refered as the language id
* @param array $arrFieldInfos Form inputField Information values array the key is refered as the language id
*
* @return boolean true | false
*/
public function updateInputFields($intFieldId, $arrFieldNames, $arrFieldDefaultValues, $arrFieldInfos)
{
global $_LANGID, $objDatabase;
foreach ($this->arrFrontendLanguages as $key => $arrLang) {
if (empty($arrFieldNames[0])) {
$arrFieldNames[0] = '';
}
$strFieldName = $arrFieldNames[$arrLang['id']];
$strFieldDefaultValue = $arrFieldDefaultValues[$arrLang['id']];
$strFieldInfo = $arrFieldInfos[$arrLang['id']];
if ($arrLang['id'] == $_LANGID) {
if ($this->arrInputfields[$intFieldId]['name'][0] == $arrFieldNames[0] && $this->arrInputfields[$intFieldId]['name'][$arrLang['id']] != $arrFieldNames[$arrLang['id']]) {
$strFieldName = $arrFieldNames[$_LANGID];
}
if ($this->arrInputfields[$intFieldId]['default_value'][0] == $strFieldDefaultValue && $this->arrInputfields[$intFieldId]['default_value'][$arrLang['id']] != $arrFieldDefaultValues[$arrLang['id']]) {
$strFieldDefaultValue = $arrFieldDefaultValues[$_LANGID];
}
if ($this->arrInputfields[$intFieldId]['info'][0] == $arrFieldInfos[0] && $this->arrInputfields[$intFieldId]['info'][$arrLang['id']] != $arrFieldInfos[$arrLang['id']]) {
$strFieldInfo = $arrFieldInfos[$_LANGID];
}
if ($this->arrInputfields[$intFieldId]['name'][0] != $arrFieldNames[0] && $this->arrInputfields[$intFieldId]['name'][$arrLang['id']] == $arrFieldNames[$arrLang['id']] || $this->arrInputfields[$intFieldId]['name'][0] != $arrFieldNames[0] && $this->arrInputfields[$intFieldId]['name'][$arrLang['id']] != $arrFieldNames[$arrLang['id']] || $this->arrInputfields[$intFieldId]['name'][0] == $arrFieldNames[0] && $this->arrInputfields[$intFieldId]['name'][$arrLang['id']] == $arrFieldNames[$arrLang['id']]) {
$strFieldName = $arrFieldNames[0];
}
if ($this->arrInputfields[$intFieldId]['default_value'][0] != $arrFieldDefaultValues[0] && $this->arrInputfields[$intFieldId]['default_value'][$arrLang['id']] == $arrFieldDefaultValues[$arrLang['id']] || $this->arrInputfields[$intFieldId]['default_value'][0] != $arrFieldDefaultValues[0] && $this->arrInputfields[$intFieldId]['default_value'][$arrLang['id']] != $arrFieldDefaultValues[$arrLang['id']] || $this->arrInputfields[$intFieldId]['default_value'][0] == $arrFieldDefaultValues[0] && $this->arrInputfields[$intFieldId]['default_value'][$arrLang['id']] == $arrFieldDefaultValues[$arrLang['id']]) {
$strFieldDefaultValue = $arrFieldDefaultValues[0];
}
if ($this->arrInputfields[$intFieldId]['info'][0] != $arrFieldInfos[0] && $this->arrInputfields[$intFieldId]['info'][$arrLang['id']] == $arrFieldInfos[$arrLang['id']] || $this->arrInputfields[$intFieldId]['info'][0] != $arrFieldInfos[0] && $this->arrInputfields[$intFieldId]['info'][$arrLang['id']] != $arrFieldInfos[$arrLang['id']] || $this->arrInputfields[$intFieldId]['info'][0] == $arrFieldInfos[0] && $this->arrInputfields[$intFieldId]['info'][$arrLang['id']] == $arrFieldInfos[$arrLang['id']]) {
$strFieldInfo = $arrFieldInfos[0];
}
}
if (empty($strFieldName)) {
$strFieldName = $arrFieldNames[0];
}
if (empty($strFieldDefaultValue)) {
$strFieldDefaultValue = $arrFieldDefaultValues[0];
}
if (empty($strFieldInfo)) {
$strFieldInfo = $arrFieldInfos[0];
}
$objSaveInputfieldName = $objDatabase->Execute('
INSERT INTO
' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_inputfield_names
SET
`lang_id` = "' . contrexx_raw2db($arrLang['id']) . '",
`form_id` = "' . contrexx_raw2db($this->intFormId) . '",
`field_id` = "' . contrexx_raw2db($intFieldId) . '",
`field_name` = "' . contrexx_raw2db($strFieldName) . '",
`field_default_value` = "' . contrexx_raw2db($strFieldDefaultValue) . '",
`field_info` = "' . contrexx_addslashes(htmlentities($strFieldInfo, ENT_QUOTES, CONTREXX_CHARSET)) . '"
');
if (!$objSaveInputfieldName) {
return false;
}
}
return true;
}
function _modifyMedium()
{
global $_ARRAYLANG, $_CONFIG;
if (!isset($_REQUEST['section'])) {
$_REQUEST['section'] = '';
}
$mediumId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
$mediumTitle = '';
$mediumYoutubeID = '';
$mediumAuthor = '';
$mediumDescription = '';
$mediumSource = '';
$mediumThumbnail = '';
$mediumTemplate = '';
$mediumWidth = 0;
$mediumHeight = 0;
$mediumPlaylength = 0;
$mediumSize = 0;
$mediumStatus = 1;
$mediumCategories = array();
$saveStatus = true;
if ($_REQUEST['section'] != 'Podcast') {
//load backend template
$this->_objTpl->loadTemplatefile('module_podcast_modify_medium.html');
} else {
//load frontend content as template
$pageRepo = \Env::get('em')->getRepository('Cx\\Core\\ContentManager\\Model\\Entity\\Page');
$pages = $pageRepo->findBy(array('module' => 'Podcast', 'type' => \Cx\Core\ContentManager\Model\Entity\Page::TYPE_APPLICATION, 'cmd' => 'modifyMedium'));
if (count($pages)) {
//overwrite template, since _modifyMedium is called in the same request as the _selectMediumSource
$this->_objTpl->setTemplate(current($pages)->getContent());
}
}
$this->_pageTitle = $mediumId > 0 ? $_ARRAYLANG['TXT_PODCAST_MODIFY_MEDIUM'] : $_ARRAYLANG['TXT_PODCAST_ADD_MEDIUM'];
$this->_objTpl->setVariable(array('TXT_PODCAST_TITLE' => $_ARRAYLANG['TXT_PODCAST_TITLE'], 'TXT_PODCAST_DESCRIPTION' => $_ARRAYLANG['TXT_PODCAST_DESCRIPTION'], 'TXT_PODCAST_SOURCE' => $_ARRAYLANG['TXT_PODCAST_SOURCE'], 'TXT_PODCAST_TEMPLATE' => $_ARRAYLANG['TXT_PODCAST_TEMPLATE'], 'TXT_PODCAST_DIMENSIONS' => $_ARRAYLANG['TXT_PODCAST_DIMENSIONS'], 'TXT_PODCAST_PIXEL_WIDTH' => $_ARRAYLANG['TXT_PODCAST_PIXEL_WIDTH'], 'TXT_PODCAST_PIXEL_HEIGHT' => $_ARRAYLANG['TXT_PODCAST_PIXEL_HEIGHT'], 'TXT_PODCAST_CATEGORIES' => $_ARRAYLANG['TXT_PODCAST_CATEGORIES'], 'TXT_PODCAST_STATUS' => $_ARRAYLANG['TXT_PODCAST_STATUS'], 'TXT_PODCAST_ACTIVE' => $_ARRAYLANG['TXT_PODCAST_ACTIVE'], 'TXT_PODCAST_SAVE' => $_ARRAYLANG['TXT_PODCAST_SAVE'], 'TXT_PODCAST_PLAYLENGHT' => $_ARRAYLANG['TXT_PODCAST_PLAYLENGHT'], 'TXT_PODCAST_PLAYLENGTH' => $_ARRAYLANG['TXT_PODCAST_PLAYLENGTH'], 'TXT_PODCAST_PLAYLENGHT_FORMAT' => $_ARRAYLANG['TXT_PODCAST_PLAYLENGHT_FORMAT'], 'TXT_PODCAST_PLAYLENGTH_FORMAT' => $_ARRAYLANG['TXT_PODCAST_PLAYLENGTH_FORMAT'], 'TXT_PODCAST_FILESIZE' => $_ARRAYLANG['TXT_PODCAST_FILESIZE'], 'TXT_PODCAST_BYTES' => $_ARRAYLANG['TXT_PODCAST_BYTES'], 'TXT_PODCAST_AUTHOR' => $_ARRAYLANG['TXT_PODCAST_AUTHOR'], 'TXT_PODCAST_EDIT_OR_ADD_IMAGE' => $_ARRAYLANG['TXT_PODCAST_EDIT_OR_ADD_IMAGE'], 'TXT_PODCAST_THUMBNAIL' => $_ARRAYLANG['TXT_PODCAST_THUMBNAIL'], 'TXT_PODCAST_SHOW_FILE' => $_ARRAYLANG['TXT_PODCAST_SHOW_FILE']));
if (isset($_POST['podcast_medium_save'])) {
if (isset($_POST['podcast_medium_title'])) {
$mediumTitle = trim($_POST['podcast_medium_title']);
}
if (isset($_POST['podcast_medium_author'])) {
$mediumAuthor = trim($_POST['podcast_medium_author']);
}
if (isset($_POST['podcast_medium_description'])) {
$mediumDescription = trim($_POST['podcast_medium_description']);
}
if (isset($_POST['podcast_medium_template'])) {
$mediumTemplate = intval($_POST['podcast_medium_template']);
}
$mediumWidth = isset($_POST['podcast_medium_width']) ? intval($_POST['podcast_medium_width']) : 0;
$mediumHeight = isset($_POST['podcast_medium_height']) ? intval($_POST['podcast_medium_height']) : 0;
$mediumSize = isset($_POST['podcast_medium_filesize']) ? intval($_POST['podcast_medium_filesize']) : 0;
if (!empty($_POST['podcast_medium_playlength'])) {
$arrPlaylength = array();
if (preg_match('/^(([0-9]*):)?(([0-9]*):)?([0-9]*)$/', $_POST['podcast_medium_playlength'], $arrPlaylength)) {
$minutes = empty($arrPlaylength[3]) ? $arrPlaylength[2] : $arrPlaylength[4];
$hours = empty($arrPlaylength[3]) ? $arrPlaylength[4] : $arrPlaylength[2];
$mediumPlaylength = $hours * 3600 + $minutes * 60 + $arrPlaylength[5];
}
}
if (isset($_POST['podcast_medium_source'])) {
$mediumSource = trim($_POST['podcast_medium_source']);
}
if (isset($_POST['podcast_medium_thumbnail'])) {
$mediumThumbnail = trim($_POST['podcast_medium_thumbnail']);
}
if (!empty($_POST['podcast_youtubeID'])) {
$mediumYoutubeID = trim($_POST['podcast_youtubeID']);
$mediumSize = 0;
$mediumTemplate = $this->_getYoutubeTemplate();
}
$mediumStatus = $_REQUEST['section'] != 'podcast' ? isset($_POST['podcast_medium_status']) ? intval($_POST['podcast_medium_status']) : 0 : ($this->_arrSettings['auto_validate'] ? 1 : 0);
if (isset($_POST['podcast_medium_associated_category'])) {
foreach ($_POST['podcast_medium_associated_category'] as $categoryId => $status) {
if (intval($status) == 1) {
array_push($mediumCategories, intval($categoryId));
}
}
}
if (empty($mediumTitle)) {
$saveStatus = false;
$this->_strErrMessage .= $_ARRAYLANG['TXT_PODCAST_EMPTY_MEDIUM_TITLE_MSG'] . "<br />\n";
}
/*elseif (!$this->_isUniqueMediumTitle($mediumTitle, $mediumId)) {
$saveStatus = false;
$this->_strErrMessage .= $_ARRAYLANG['TXT_PODCAST_DUPLICATE_MEDIUM_TITLE_MSG']."<br />\n";
}*/
if (empty($mediumTemplate)) {
$saveStatus = false;
$this->_strErrMessage .= $_ARRAYLANG['TXT_PODCAST_EMPTY_MEDIUM_TEMPLATE_MSG'] . "<br />\n";
}
if ($saveStatus) {
if ($mediumId > 0 && $_REQUEST['section'] != 'podcast') {
if ($this->_updateMedium($mediumId, $mediumTitle, $mediumYoutubeID, $mediumAuthor, $mediumDescription, $mediumThumbnail, $mediumTemplate, $mediumWidth, $mediumHeight, $mediumPlaylength, $mediumSize, $mediumCategories, $mediumStatus)) {
$this->_strOkMessage = $_ARRAYLANG['TXT_PODCAST_MEDIUM_ADDED_SUCCESSFULL'];
// Class in /core_modules/index.class.php is named Cache
// Class in /core_modules/admin.class.php is named CacheManager
$pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId();
$cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager();
$cacheManager->deleteSingleFile($pageId);
$this->_createRSS();
return $this->_media();
} else {
$this->_strErrMessage = $_ARRAYLANG['TXT_PODCAST_MEDIUM_ADDED_FAILED'];
}
} else {
if ($this->_addMedium($mediumTitle, $mediumYoutubeID, $mediumAuthor, $mediumDescription, $mediumSource, $mediumThumbnail, $mediumTemplate, $mediumWidth, $mediumHeight, $mediumPlaylength, $mediumSize, $mediumCategories, $mediumStatus)) {
// Class in /core_modules/index.class.php is named Cache
// Class in /core_modules/admin.class.php is named CacheManager
$pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId();
$cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager();
$cacheManager->deleteSingleFile($pageId);
$this->_createRSS();
if ($_REQUEST['section'] != 'Podcast') {
$this->_strOkMessage = $_ARRAYLANG['TXT_PODCAST_MEDIUM_UPDATED_SUCCESSFULL'];
return $this->_media();
} else {
if ($this->_objTpl->blockExists('podcastThanks')) {
$this->_objTpl->touchBlock('podcastThanks');
}
if ($this->_objTpl->blockExists('podcastForm')) {
$this->_objTpl->hideBlock('podcastForm');
}
return true;
}
} else {
$this->_strErrMessage = $_ARRAYLANG['TXT_PODCAST_MEDIUM_UPDATED_FAILED'];
}
}
}
} elseif ($mediumId > 0 && ($arrMedium =& $this->_getMedium($mediumId)) !== false && $_REQUEST['section'] != 'Podcast') {
$mediumTitle = $arrMedium['title'];
$mediumAuthor = $arrMedium['author'];
$mediumDescription = $arrMedium['description'];
$mediumYoutubeID = $arrMedium['youtube_id'];
$mediumSource = $arrMedium['source'];
$mediumThumbnail = $arrMedium['thumbnail'];
$mediumTemplate = $arrMedium['template_id'];
$mediumWidth = $arrMedium['width'];
$mediumHeight = $arrMedium['height'];
$mediumStatus = $arrMedium['status'];
$mediumCategories = $arrMedium['category'];
$mediumPlaylength = $arrMedium['playlength'];
$mediumSize = $arrMedium['size'];
} elseif ($mediumId == 0) {
$mediumSource = '';
if (isset($_POST['podcast_medium_source_type']) && in_array($_POST['podcast_medium_source_type'], array('local', 'remote', 'youtube'))) {
if ($_POST['podcast_medium_source_type'] == 'local') {
if (isset($_POST['podcast_medium_local_source'])) {
if (strpos($_POST['podcast_medium_local_source'], ASCMS_PATH_OFFSET) === 0) {
$mediumSource = ASCMS_PROTOCOL . '://%domain%%offset%' . substr($_POST['podcast_medium_local_source'], strlen(ASCMS_PATH_OFFSET));
} else {
$mediumSource = ASCMS_PROTOCOL . '://%domain%%offset%' . $_POST['podcast_medium_local_source'];
}
}
} elseif ($_POST['podcast_medium_source_type'] == 'youtube') {
$mediumYoutubeID = contrexx_addslashes(trim($_POST['youtubeID']));
$mediumSource = 'http://youtube.com/v/' . $mediumYoutubeID;
} elseif (isset($_POST['podcast_medium_remote_source'])) {
$mediumSource = $_POST['podcast_medium_remote_source'];
}
}
if (empty($mediumSource)) {
return $this->_selectMediumSource();
}
if (!empty($mediumYoutubeID)) {
$mediumTitle = $this->_getYoutubeTitle($mediumYoutubeID);
$mediumThumbnail = ASCMS_PATH_OFFSET . $this->_saveYoutubeThumbnail($mediumYoutubeID);
$mediumTemplate =& $this->_getYoutubeTemplate();
$mediumDescription =& $this->_getYoutubeDescription($mediumYoutubeID);
$mediumWidth = $this->_youTubeDefaultWidth;
$mediumSize = 0;
$mediumHeight = $this->_youTubeDefaultHeight;
} else {
$mediumTitle = ($lastSlash = strrpos($mediumSource, '/')) !== false ? substr($mediumSource, $lastSlash + 1) : $mediumSource;
$mediumTemplate =& $this->_getSuitableTemplate($mediumSource);
$dimensions = isset($_POST['podcast_medium_local_source']) && \Cx\Core_Modules\Media\Controller\MediaLibrary::_isImage(ASCMS_PATH . $_POST['podcast_medium_local_source']) ? @getimagesize(ASCMS_PATH . $_POST['podcast_medium_local_source']) : false;
if ($dimensions) {
$mediumWidth = $dimensions[0];
$mediumHeight = $dimensions[1];
} else {
$mediumWidth = $this->_arrSettings['default_width'];
$mediumHeight = $this->_arrSettings['default_height'];
}
$mediumSize = isset($_POST['podcast_medium_local_source']) ? filesize(ASCMS_PATH . $_POST['podcast_medium_local_source']) : 0;
$mediumSource = htmlentities(str_replace(array('%domain%', '%offset%'), array($_CONFIG['domainUrl'], ASCMS_PATH_OFFSET), $mediumSource), ENT_QUOTES, CONTREXX_CHARSET);
}
}
$this->_objTpl->setVariable(array('PODCAST_MODIFY_TITLE' => $mediumId > 0 ? $_ARRAYLANG['TXT_PODCAST_MODIFY_MEDIUM'] : $_ARRAYLANG['TXT_PODCAST_ADD_MEDIUM'] . ' (' . $_ARRAYLANG['TXT_PODCAST_STEP'] . ' 2: ' . $_ARRAYLANG['TXT_PODCAST_CONFIG_MEDIUM'] . ')', 'PODCAST_MEDIUM_ID' => $mediumId, 'PODCAST_MEDIUM_TITLE' => htmlentities($mediumTitle, ENT_QUOTES, CONTREXX_CHARSET), 'PODCAST_MEDIUM_AUTHOR' => htmlentities($mediumAuthor, ENT_QUOTES, CONTREXX_CHARSET), 'PODCAST_MEDIUM_DESCRIPTION' => htmlentities($mediumDescription, ENT_QUOTES, CONTREXX_CHARSET), 'PODCAST_MEDIUM_SOURCE' => $mediumSource, 'PODCAST_MEDIUM_SOURCE_URL' => htmlentities($mediumSource, ENT_QUOTES, CONTREXX_CHARSET), 'PODCAST_MEDIUM_TEMPLATE_MENU' => $this->_getTemplateMenu($mediumTemplate, 'name="podcast_medium_template" style="width:450px;"'), 'PODCAST_MEDIUM_WIDTH' => $mediumWidth, 'PODCAST_MEDIUM_HEIGHT' => $mediumHeight, 'PODCAST_MEDIUM_PLAYLENGHT' => $this->_getShortPlaylengthFormatOfTimestamp($mediumPlaylength), 'PODCAST_MEDIUM_PLAYLENGTH' => $this->_getShortPlaylengthFormatOfTimestamp($mediumPlaylength), 'PODCAST_MEDIUM_FILESIZE' => $mediumSize, 'PODCAST_MEDIUM_THUMBNAIL_SRC' => !empty($mediumThumbnail) ? $mediumThumbnail : $this->_noThumbnail, 'PODCAST_MEDIUM_STATUS' => $mediumStatus == 1 ? 'checked="checked"' : '', 'PODCAST_MEDIUM_YOUTUBE_DISABLED' => !empty($mediumYoutubeID) ? 'disabled="disabled"' : '', 'PODCAST_MEDIUM_YOUTUBE_ID' => !empty($mediumYoutubeID) ? $mediumYoutubeID : '', 'PODCAST_THUMB_BROWSE' => self::getMediaBrowserButton('', array('data-cx-mb-views' => 'filebrowser', 'type' => 'button', 'style' => 'display:none', 'id' => 'podcast_thumbnail_browser'), 'mediaBrowserCallback')));
$arrCategories =& $this->_getCategories();
$categoryNr = 0;
$arrLanguages = \FWLanguage::getLanguageArray();
foreach ($arrCategories as $categoryId => $arrCategory) {
if ($_REQUEST['section'] == 'Podcast') {
if (!in_array($categoryId, $this->_communityCategories) && !empty($this->_communityCategories)) {
continue;
}
}
$column = $categoryNr % 3;
$arrCatLangIds =& $this->_getLangIdsOfCategory($categoryId);
array_walk($arrCatLangIds, create_function('&$cat, $k, $arrLanguages', '$cat = $arrLanguages[$cat]["lang"];'), $arrLanguages);
$arrCategory['title'] .= ' (' . implode(', ', $arrCatLangIds) . ')';
$this->_objTpl->setVariable(array('PODCAST_CATEGORY_ID' => $categoryId, 'PODCAST_CATEGORY_ASSOCIATED' => in_array($categoryId, $mediumCategories) ? 'checked="checked"' : '', 'PODCAST_SHOW_MEDIA_OF_CATEGORY_TXT' => sprintf($_ARRAYLANG['TXT_PODCAST_SHOW_MEDIA_OF_CATEGORY'], $arrCategory['title']), 'PODCAST_CATEGORY_NAME' => $arrCategory['title']));
$this->_objTpl->parse('podcast_medium_associated_category_' . $column);
$categoryNr++;
}
}
/**
* Add content that is to be inserted
*
* @param int $lang
* @param string $question
* @param string $answer
*/
public function addContent($lang, $question, $answer)
{
$this->insertContent[] = array('lang' => intval($lang), 'question' => contrexx_addslashes($question), 'answer' => contrexx_addslashes($answer));
}
/**
* votes for feeds
* @access public
*/
function voteFeed()
{
global $objDatabase, $_ARRAYLANG;
$this->_objTpl->setTemplate($this->pageContent, true, true);
$client = "";
//client/proxy info
$this->arrClient['useragent'] = htmlspecialchars($_SERVER['HTTP_USER_AGENT'], ENT_QUOTES, CONTREXX_CHARSET);
if (stristr($this->arrClient['useragent'], "phpinfo")) {
$this->arrClient['useragent'] = "<b>p_h_p_i_n_f_o() Possible Hacking Attack</b>";
}
$this->arrClient['language'] = htmlspecialchars($_SERVER['HTTP_ACCEPT_LANGUAGE'], ENT_QUOTES, CONTREXX_CHARSET);
$this->_getProxyInformations();
$client = md5($this->arrClient['ip'] . $this->arrClient['useragent'] . $this->arrClient['language'] . $this->arrProxy['ip'] . $this->arrProxy['host']);
$time = time();
$voteNEW = intval($_GET['vote']);
$id = intval($_GET['id']);
$cid = intval($_GET['cid']);
$lid = intval($_GET['lid']);
//get clients
$objResult = $objDatabase->SelectLimit("\n SELECT client, vote, count\n FROM " . DBPREFIX . "module_directory_vote\n WHERE feed_id='{$id}'\n ", 1);
if ($objResult) {
while (!$objResult->EOF) {
$clientOLD = $objResult->fields['client'];
$voteOLD = $objResult->fields['vote'];
$countOLD = $objResult->fields['count'];
$objResult->MoveNext();
}
}
$feedTitle = '';
if (!checkForSpider() && isset($id) && isset($voteNEW) && $client != $clientOLD) {
if ($voteNEW > 10) {
$voteNEW = 10;
} elseif ($voteNEW < 1) {
$voteNEW = 1;
}
if (id !== "") {
//insert votes
if ($objResult->RecordCount() != 0) {
$vote = $voteNEW + $voteOLD;
$count = $countOLD + 1;
$objResult = $objDatabase->Execute("\n UPDATE " . DBPREFIX . "module_directory_vote\n SET vote='" . contrexx_addslashes($vote) . "',\n count='" . contrexx_addslashes($count) . "',\n client='" . contrexx_addslashes($client) . "',\n time='" . contrexx_addslashes($time) . "'\n WHERE feed_id='" . contrexx_addslashes($id) . "'\n ");
} else {
$objResult = $objDatabase->Execute("\n INSERT INTO " . DBPREFIX . "module_directory_vote\n SET feed_id=" . contrexx_addslashes($id) . ",\n count='1',\n vote='" . contrexx_addslashes($voteNEW) . "',\n client='" . contrexx_addslashes($client) . "',\n time='" . contrexx_addslashes($time) . "'\n ");
}
}
$title = $_ARRAYLANG['TXT_DIRECTORY_VOTING_SUCCESFULL'];
// TODO: $feedTitle is not defined! No idea on what to place there.
$link = '<a href="' . CONTREXX_SCRIPT_PATH . '?section=Directory&cmd=detail&id=' . $id . '" target="_blank">' . $feedTitle . '</a>';
// $link = '<a href="'.CONTREXX_SCRIPT_PATH.'?section=Directory&cmd=detail&id='.$id.'" target="_blank">???</a>';
$text = str_replace('%LINK%', $link, $_ARRAYLANG['TXT_DIRECTORY_VOTING_SUCCESFULL_TEXT']);
$text = str_replace('%VOTE%', $voteNEW, $text);
} else {
$title = $_ARRAYLANG['TXT_DIRECTORY_VOTING_FAILED'];
$text = $_ARRAYLANG['TXT_DIRECTORY_VOTING_FAILED_TEXT'];
}
//get navtree
$this->getNavtree($lid, $cid);
//get search
$this->getSearch();
// set variables
$this->_objTpl->setVariable(array('DIRECTORY_CATEGORY_NAVI' => $this->navtree, 'DIRECTORY_VOTE_TITLE' => $title, 'DIRECTORY_VOTE_TEXT' => $text, 'DIRECTORY_BACK' => '<a href="javascript:history.go(-1);">' . $_ARRAYLANG['TXT_DIRECTORY_BACK'] . '</a>', 'TXT_DIRECTORY_DIR' => $_ARRAYLANG['TXT_DIR_DIRECTORY']));
}
/**
* Check if there already exist a form with this name
*
* @author Stefan Heinemann <*****@*****.**>
* @param string $name
* @param int $id
* @param int $lang
* @return boolean
*/
function isUniqueFormName($name, $lang, $id = 0)
{
global $objDatabase;
$name = contrexx_addslashes($name);
$query = "\n SELECT\n `f`.`id`\n FROM\n `" . DBPREFIX . "module_contact_form` AS `f`\n LEFT JOIN\n `" . DBPREFIX . "module_contact_form_lang` AS `l`\n ON\n `f`.`id` = `l`.`formID`\n AND\n `l`.`langID` = " . intval($lang) . "\n WHERE\n `l`.`name` = '" . $name . "'\n ";
$res = $objDatabase->Execute($query);
if ($id == 0) {
return $res->RecordCount() == 0;
} else {
return $res->RecordCount() == 0 || $res->fields[$id] == $id;
}
// this is crap. Why does it always read all of the forms?
// ok, admittedly, t's also crap to query the db for each language
// ... but i don't f*****g care right now.
/*
if (is_array($this->arrForms)) {
foreach ($this->arrForms as $formId => $arrForm) {
if ($formId != $id && $arrForm['name'] == $name) {
return false;
}
}
}
return true;
*/
}
/**
* Set a value
*
* If the value doesn't exist yet, create it
* @param string $what
* @param string $value
* @global $objDatabase
* @throws DatabaseError
*/
public function set($what, $value)
{
global $objDatabase;
$what = contrexx_addslashes($what);
$value = contrexx_addslashes($value);
if (!isset($this->settings[$what])) {
$query = " INSERT INTO " . DBPREFIX . $this->table . "\n (name, value)\n VALUES\n ('" . $what . "', '" . $value . "')";
} else {
$query = " UPDATE " . DBPREFIX . $this->table . "\n SET value = '" . $value . "'\n WHERE name = '" . $what . "'";
}
if ($objDatabase->Execute($query) === false) {
throw new DatabaseError("");
}
}
/**
* update selected file
* @access public
* @global array
* @global ADONewConnection
* @global array
*/
function updateFile($addedby)
{
global $_CONFIG, $objDatabase, $_ARRAYLANG;
//get post data
if (isset($_POST['edit_submit'])) {
$dirId = intval($_POST['edit_id']);
$query = "UPDATE " . DBPREFIX . "module_directory_dir SET ";
foreach ($_POST["inputValue"] as $inputName => $inputValue) {
switch ($inputName) {
case 'lat':
case 'lat_fraction':
case 'lon':
case 'lon_fraction':
case 'zoom':
continue 2;
}
//check links
if ($inputName == "relatedlinks" || $inputName == "homepage" || $inputName == "link") {
if (substr($inputValue, 0, 7) != "http://" && $inputValue != "") {
$inputValue = "http://" . $inputValue;
}
}
//check rss
if ($inputName == "rss_link") {
$objResultRSS = $objDatabase->SelectLimit("SELECT rss_link, rss_file FROM " . DBPREFIX . "module_directory_dir WHERE id = '" . $dirId . "'", 1);
$oldRssLink = $objResultRSS->fields['rss_link'];
$oldRssFile = $objResultRSS->fields['rss_file'];
if ($inputValue != $oldRssLink) {
$obj_file = new \File();
$obj_file->delFile($this->mediaPath, $this->mediaWebPath, "ext_feeds/" . $oldRssFile);
//create rss
$link = $inputValue;
$rss_file = $this->createXML($link);
if (substr($inputValue, 0, 7) != "http://" && $inputValue != "") {
$inputValue = "http://" . $inputValue;
}
if ($rss_file == "error") {
$inputValue = "";
$rss_file = "";
}
} else {
$inputValue = $oldRssLink;
$rss_file = $oldRssLink;
}
}
//get author id
if ($inputName == "addedby") {
if ($addedby != '') {
$inputValue = $addedby;
} else {
$inputValue = $this->getAuthorID($inputValue);
}
}
//check pics
if ($inputName == "logo" || $inputName == "lokal" || $inputName == "map" || $inputName == "spez_field_11" || $inputName == "spez_field_12" || $inputName == "spez_field_13" || $inputName == "spez_field_14" || $inputName == "spez_field_15" || $inputName == "spez_field_16" || $inputName == "spez_field_17" || $inputName == "spez_field_18" || $inputName == "spez_field_19" || $inputName == "spez_field_20") {
if (!empty($_FILES[$inputName]['name']) || $_POST["deleteMedia"][$inputName] == 1) {
$obj_file = new \File();
//thumb
if (file_exists($this->mediaPath . "thumbs/" . $_POST["inputValue"][$inputName])) {
$obj_file->delFile($this->mediaPath, $this->mediaWebPath, "thumbs/" . $_POST["inputValue"][$inputName]);
}
//picture
if (file_exists($this->mediaPath . "images/" . $_POST["inputValue"][$inputName]) && $_POST["inputValue"][$inputName] != 'no_picture.gif') {
$obj_file->delFile($this->mediaPath, $this->mediaWebPath, "images/" . $_POST["inputValue"][$inputName]);
}
if ($_POST["deleteMedia"][$inputName] != 1) {
$inputValue = $this->uploadMedia($inputName, "images/");
if ($inputValue == "error") {
$inputValue = "";
}
} else {
$inputValue = "";
}
}
}
//check uploads
$arrSpezialUploadFields = array('attachment', 'spez_field_25', 'spez_field_26', 'spez_field_27', 'spez_field_28', 'spez_field_29');
if (in_array($inputName, $arrSpezialUploadFields)) {
if (!empty($_FILES[$inputName]['name']) || $_POST["deleteMedia"][$inputName] == 1) {
$obj_file = new \File();
//upload
if (file_exists($this->mediaPath . "uploads/" . $_POST["inputValue"][$inputName])) {
$obj_file->delFile($this->mediaPath, $this->mediaWebPath, "uploads/" . $_POST["inputValue"][$inputName]);
}
if ($_POST["deleteMedia"][$inputName] != 1) {
$inputValue = $this->uploadMedia($inputName, "uploads/");
if ($inputValue == "error") {
$inputValue = "";
}
} else {
$inputValue = "";
}
} else {
$inputValue = "";
}
}
/*
* spezial upload fields must be updated only when new file is uploaded or old one is deleted
* other input types must be updated unconditionally.
*/
if (!in_array($inputName, $arrSpezialUploadFields)) {
$query .= contrexx_addslashes($inputName) . " ='" . contrexx_strip_tags(contrexx_addslashes($inputValue)) . "', ";
} else {
if (in_array($inputName, $arrSpezialUploadFields) && (!empty($_FILES[$inputName]['name']) || $_POST["deleteMedia"][$inputName] == 1)) {
$query .= contrexx_addslashes($inputName) . " ='" . contrexx_strip_tags(contrexx_addslashes($inputValue)) . "', ";
}
}
}
//get status settings
$objResult = $objDatabase->Execute("SELECT setvalue FROM " . DBPREFIX . "module_directory_settings WHERE setname = 'editFeed_status' LIMIT 1");
if ($objResult !== false) {
while (!$objResult->EOF) {
$entryStatus = $objResult->fields['setvalue'];
$objResult->MoveNext();
}
}
//numbers could be too big for intavl(), use contrexx_addslashes() instead...
$query .= " premium='" . $_POST["premium"] . "', status='" . intval($entryStatus) . "', validatedate='" . mktime("now") . "', longitude='" . contrexx_addslashes($_REQUEST['inputValue']['lon']) . '.' . contrexx_addslashes($_POST['inputValue']['lon_fraction']) . "', latitude='" . contrexx_addslashes($_REQUEST['inputValue']['lat']) . '.' . contrexx_addslashes($_REQUEST['inputValue']['lat_fraction']) . "', zoom='" . intval($_REQUEST['inputValue']['zoom']) . "' WHERE id='" . $dirId . "'";
//edit entry
$objResult = $objDatabase->Execute($query);
if ($objResult !== false) {
$objResult = $objDatabase->Execute("DELETE FROM " . DBPREFIX . "module_directory_rel_dir_cat WHERE dir_id='" . $dirId . "'");
$objResult = $objDatabase->Execute("DELETE FROM " . DBPREFIX . "module_directory_rel_dir_level WHERE dir_id='" . $dirId . "'");
foreach ($_POST["selectedCat"] as $inputName => $inputValue) {
$query = "INSERT INTO " . DBPREFIX . "module_directory_rel_dir_cat SET dir_id='" . $dirId . "', cat_id='" . $inputValue . "'";
$objDatabase->query($query);
}
foreach ($_POST["selectedLevel"] as $inputName => $inputValue) {
$query = "INSERT INTO " . DBPREFIX . "module_directory_rel_dir_level SET dir_id='" . $dirId . "', level_id='" . $inputValue . "'";
$objDatabase->query($query);
}
if ($entryStatus == 1) {
// TODO: $id is never set!
$this->confirmEntry_step2($id);
}
$this->strOkMessage = $_ARRAYLANG['TXT_FEED_SUCCESSFULL_ADDED'];
$status = $dirId;
$this->createRSS();
}
//update xml
$this->createRSS();
return $status;
}
return false;
}
function _editMail($copy = false)
{
global $objDatabase, $_ARRAYLANG, $_CONFIG;
$mailId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
$arrAttachment = array();
$attachmentNr = 0;
$arrAssociatedLists = array();
$arrAssociatedGroups = array();
$status = true;
$mailSubject = isset($_POST['newsletter_mail_subject']) ? contrexx_stripslashes($_POST['newsletter_mail_subject']) : '';
$objMailSentDate = $objDatabase->Execute("SELECT `date_sent` FROM " . DBPREFIX . "module_newsletter WHERE id=" . $mailId);
$mailSendDate = $objMailSentDate ? $objMailSentDate->fields['date_sent'] : 0;
$arrTemplates = $this->_getTemplates();
$mailTemplate = isset($_POST['newsletter_mail_template']) ? intval($_POST['newsletter_mail_template']) : key($arrTemplates);
if (isset($_POST['newsletter_import_template'])) {
$importTemplate = intval($_POST['newsletter_import_template']);
}
if (isset($_POST['newsletter_mail_html_content'])) {
$mailHtmlContent = $this->_getBodyContent(contrexx_input2raw($_POST['newsletter_mail_html_content']));
} elseif (isset($_POST['selected'])) {
$selectedNews = contrexx_input2db($_POST['selected']);
$HTML_TemplateSource_Import = $this->_getBodyContent($this->_prepareNewsPreview($this->GetTemplateSource($importTemplate, 'html')));
$_REQUEST['standalone'] = true;
$this->_impTpl = new \Cx\Core\Html\Sigma();
\Cx\Core\Csrf\Controller\Csrf::add_placeholder($this->_impTpl);
$this->_impTpl->setTemplate($HTML_TemplateSource_Import);
$query = ' SELECT n.id AS newsid,
n.userid AS newsuid,
n.date AS newsdate,
n.teaser_image_path,
n.teaser_image_thumbnail_path,
n.redirect,
n.publisher,
n.publisher_id,
n.author,
n.author_id,
n.catid,
nl.title AS newstitle,
nl.text AS newscontent,
nl.teaser_text,
nc.name AS name
FROM ' . DBPREFIX . 'module_news AS n
INNER JOIN ' . DBPREFIX . 'module_news_locale AS nl ON nl.news_id = n.id
INNER JOIN ' . DBPREFIX . 'module_news_categories_locale AS nc ON nc.category_id=n.catid
WHERE status = 1
AND nl.is_active=1
AND nl.lang_id=' . FRONTEND_LANG_ID . '
AND nc.lang_id=' . FRONTEND_LANG_ID . '
AND n.id IN (' . $selectedNews . ')
ORDER BY nc.name ASC, n.date DESC';
$objFWUser = \FWUser::getFWUserObject();
$objNews = $objDatabase->Execute($query);
$current_category = '';
if ($this->_impTpl->blockExists('news_list')) {
if ($objNews !== false) {
while (!$objNews->EOF) {
$this->_impTpl->setVariable(array('NEWS_CATEGORY_NAME' => $objNews->fields['name']));
if ($current_category == $objNews->fields['catid']) {
$this->_impTpl->hideBlock("news_category");
}
$current_category = $objNews->fields['catid'];
$newsid = $objNews->fields['newsid'];
$newstitle = $objNews->fields['newstitle'];
$newsUrl = empty($objNews->fields['redirect']) ? empty($objNews->fields['newscontent']) ? '' : 'index.php?section=News&cmd=details&newsid=' . $newsid : $objNews->fields['redirect'];
$newstext = ltrim(strip_tags($objNews->fields['newscontent']));
$newsteasertext = ltrim(strip_tags($objNews->fields['teaser_text']));
$newslink = "[[" . \Cx\Core\ContentManager\Model\Entity\Page::PLACEHOLDER_PREFIX . "NEWS_DETAILS]]?newsid=" . $newsid;
if ($objNews->fields['newsuid'] && ($objUser = $objFWUser->objUser->getUser($objNews->fields['newsuid']))) {
$author = htmlentities($objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET);
} else {
$author = $_ARRAYLANG['TXT_ANONYMOUS'];
}
list($image, $htmlLinkImage, $imageSource) = \Cx\Core_Modules\News\Controller\NewsLibrary::parseImageThumbnail($objNews->fields['teaser_image_path'], $objNews->fields['teaser_image_thumbnail_path'], $newstitle, $newsUrl);
$this->_impTpl->setVariable(array('NEWS_CATEGORY_NAME' => $objNews->fields['name'], 'NEWS_DATE' => date(ASCMS_DATE_FORMAT_DATE, $objNews->fields['newsdate']), 'NEWS_LONG_DATE' => date(ASCMS_DATE_FORMAT_DATETIME, $objNews->fields['newsdate']), 'NEWS_TITLE' => contrexx_raw2xhtml($newstitle), 'NEWS_URL' => $newslink, 'NEWS_TEASER_TEXT' => $newsteasertext, 'NEWS_TEXT' => $newstext, 'NEWS_AUTHOR' => $author));
$imageTemplateBlock = "news_image";
if (!empty($image)) {
$this->_impTpl->setVariable(array('NEWS_IMAGE' => $image, 'NEWS_IMAGE_SRC' => contrexx_raw2xhtml($imageSource), 'NEWS_IMAGE_ALT' => contrexx_raw2xhtml($newstitle), 'NEWS_IMAGE_LINK' => $htmlLinkImage));
if ($this->_impTpl->blockExists($imageTemplateBlock)) {
$this->_impTpl->parse($imageTemplateBlock);
}
} else {
if ($this->_impTpl->blockExists($imageTemplateBlock)) {
$this->_impTpl->hideBlock($imageTemplateBlock);
}
}
$this->_impTpl->parse("news_list");
$objNews->MoveNext();
}
}
$mailHtmlContent = $this->_impTpl->get();
} else {
if ($objNews !== false) {
$mailHtmlContent = '';
while (!$objNews->EOF) {
$content = $this->_getBodyContent($this->GetTemplateSource($importTemplate, 'html'));
$newstext = ltrim(strip_tags($objNews->fields['newscontent']));
$newsteasertext = ltrim(strip_tags($objNews->fields['teaser_text']));
$newslink = \Cx\Core\Routing\Url::fromModuleAndCmd('News', 'details', '', array('newsid' => $objNews->fields['newsid']));
if ($objNews->fields['newsuid'] && ($objUser = $objFWUser->objUser->getUser($objNews->fields['newsuid']))) {
$author = htmlentities($objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET);
} else {
$author = $_ARRAYLANG['TXT_ANONYMOUS'];
}
$search = array('[[NEWS_DATE]]', '[[NEWS_LONG_DATE]]', '[[NEWS_TITLE]]', '[[NEWS_URL]]', '[[NEWS_IMAGE_PATH]]', '[[NEWS_TEASER_TEXT]]', '[[NEWS_TEXT]]', '[[NEWS_AUTHOR]]', '[[NEWS_TYPE_NAME]]', '[[NEWS_CATEGORY_NAME]]');
$replace = array(date(ASCMS_DATE_FORMAT_DATE, $objNews->fields['newsdate']), date(ASCMS_DATE_FORMAT_DATETIME, $objNews->fields['newsdate']), $objNews->fields['newstitle'], $newslink, htmlentities($objNews->fields['teaser_image_thumbnail_path'], ENT_QUOTES, CONTREXX_CHARSET), $newsteasertext, $newstext, $author, $objNews->fields['typename'], $objNews->fields['name']);
$content = str_replace($search, $replace, $content);
if ($mailHtmlContent != '') {
$mailHtmlContent .= "<br/>" . $content;
} else {
$mailHtmlContent = $content;
}
$objNews->MoveNext();
}
}
}
unset($_REQUEST['standalone']);
} else {
$mailHtmlContent = '';
}
if (isset($_POST['newsletter_mail_attachment']) && is_array($_POST['newsletter_mail_attachment'])) {
foreach ($_POST['newsletter_mail_attachment'] as $attachment) {
array_push($arrAttachment, contrexx_addslashes($attachment));
}
}
if (isset($_POST['newsletter_mail_priority'])) {
$mailPriority = intval($_POST['newsletter_mail_priority']);
if ($mailPriority < 1 || $mailPriority > 5) {
$mailPriority = $this->_stdMailPriority;
}
} else {
$mailPriority = $this->_stdMailPriority;
}
if (isset($_POST['newsletter_mail_associated_list'])) {
foreach ($_POST['newsletter_mail_associated_list'] as $listId => $status) {
if (intval($status) == 1) {
array_push($arrAssociatedLists, intval($listId));
}
}
}
// get the associated groups from the post variables in case the form was already sent
if (isset($_POST['newsletter_mail_associated_group'])) {
foreach ($_POST['newsletter_mail_associated_group'] as $groupID => $status) {
if ($status) {
$arrAssociatedGroups[] = intval($groupID);
}
}
}
$arrSettings = $this->_getSettings();
$mailSenderMail = isset($_POST['newsletter_mail_sender_mail']) ? contrexx_stripslashes($_POST['newsletter_mail_sender_mail']) : $arrSettings['sender_mail']['setvalue'];
$mailSenderName = isset($_POST['newsletter_mail_sender_name']) ? contrexx_stripslashes($_POST['newsletter_mail_sender_name']) : $arrSettings['sender_name']['setvalue'];
$mailReply = isset($_POST['newsletter_mail_sender_reply']) ? contrexx_stripslashes($_POST['newsletter_mail_sender_reply']) : $arrSettings['reply_mail']['setvalue'];
$mailSmtpServer = isset($_POST['newsletter_mail_smtp_account']) ? intval($_POST['newsletter_mail_smtp_account']) : $_CONFIG['coreSmtpServer'];
$this->_objTpl->loadTemplateFile('module_newsletter_mail_edit.html');
$this->_pageTitle = $mailId > 0 ? $copy ? $_ARRAYLANG['TXT_NEWSLETTER_COPY_EMAIL'] : $_ARRAYLANG['TXT_NEWSLETTER_MODIFY_EMAIL'] : $_ARRAYLANG['TXT_NEWSLETTER_CREATE_NEW_EMAIL'];
$this->_objTpl->setVariable(array('NEWSLETTER_MAIL_EDIT_TITLE' => $mailId > 0 ? $copy ? $_ARRAYLANG['TXT_NEWSLETTER_COPY_EMAIL'] : $_ARRAYLANG['TXT_NEWSLETTER_MODIFY_EMAIL'] : $_ARRAYLANG['TXT_NEWSLETTER_CREATE_NEW_EMAIL']));
$cx = \Cx\Core\Core\Controller\Cx::instanciate();
if (isset($_POST['newsletter_mail_save'])) {
$objAttachment = $objDatabase->Execute("SELECT file_name FROM " . DBPREFIX . "module_newsletter_attachment WHERE newsletter=" . $mailId);
if ($objAttachment !== false) {
$arrCurrentAttachments = array();
while (!$objAttachment->EOF) {
array_push($arrCurrentAttachments, $cx->getWebsiteImagesAttachWebPath() . '/' . $objAttachment->fields['file_name']);
$objAttachment->MoveNext();
}
$arrNewAttachments = array_diff($arrAttachment, $arrCurrentAttachments);
$arrRemovedAttachments = array_diff($arrCurrentAttachments, $arrAttachment);
}
$mailHtmlContentReplaced = preg_replace('/\\[\\[([A-Z0-9_]*?)\\]\\]/', '{\\1}', $mailHtmlContent);
$mailHtmlContentReplaced = $this->_getBodyContent($mailHtmlContentReplaced);
if ($mailId > 0) {
$status = $this->_updateMail($mailId, $mailSubject, $mailTemplate, $mailSenderMail, $mailSenderName, $mailReply, $mailSmtpServer, $mailPriority, $arrAttachment, $mailHtmlContentReplaced);
} else {
$mailId = $this->_addMail($mailSubject, $mailTemplate, $mailSenderMail, $mailSenderName, $mailReply, $mailSmtpServer, $mailPriority, $arrAttachment, $mailHtmlContentReplaced);
if ($mailId === false) {
$status = false;
}
}
if ($status) {
// prepare every link of HTML body for tracking function
$this->_prepareNewsletterLinksForStore($mailId);
$this->_setMailLists($mailId, $arrAssociatedLists, $mailSendDate);
$this->setMailGroups($mailId, $arrAssociatedGroups, $mailSendDate);
foreach ($arrNewAttachments as $attachment) {
$this->_addMailAttachment($attachment, $mailId);
}
foreach ($arrRemovedAttachments as $attachment) {
$this->_removeMailAttachment($attachment, $mailId);
}
self::$strOkMessage .= $_ARRAYLANG['TXT_DATA_RECORD_STORED_SUCCESSFUL'];
if (isset($_GET['sendMail']) && $_GET['sendMail'] == '1') {
return $this->_sendMailPage();
} else {
return $this->_mails();
}
}
} elseif ((!isset($_GET['setFormat']) || $_GET['setFormat'] != '1') && $mailId > 0) {
$objResult = $objDatabase->SelectLimit("SELECT\n subject,\n template,\n content,\n attachment,\n priority,\n sender_email,\n sender_name,\n return_path,\n smtp_server\n FROM " . DBPREFIX . "module_newsletter\n WHERE id=" . $mailId, 1);
if ($objResult !== false) {
if ($objResult->RecordCount() == 1) {
$mailSubject = $objResult->fields['subject'];
$mailTemplate = $objResult->fields['template'];
$mailHtmlContent = preg_replace('/\\{([A-Z0-9_-]+)\\}/', '[[\\1]]', $objResult->fields['content']);
$mailPriority = $objResult->fields['priority'];
$mailSenderMail = $objResult->fields['sender_email'];
$mailSenderName = $objResult->fields['sender_name'];
$mailReply = $objResult->fields['return_path'];
$mailSmtpServer = $objResult->fields['smtp_server'];
$objList = $objDatabase->Execute("SELECT category FROM " . DBPREFIX . "module_newsletter_rel_cat_news WHERE newsletter=" . $mailId);
if ($objList !== false) {
while (!$objList->EOF) {
array_push($arrAssociatedLists, $objList->fields['category']);
$objList->MoveNext();
}
}
$arrAssociatedGroups = $this->emailEditGetAssociatedGroups($mailId);
if ($objResult->fields['attachment'] == '1') {
$objAttachment = $objDatabase->Execute("SELECT file_name FROM " . DBPREFIX . "module_newsletter_attachment WHERE newsletter=" . $mailId);
if ($objAttachment !== false) {
while (!$objAttachment->EOF) {
array_push($arrAttachment, $cx->getWebsiteImagesAttachWebPath() . '/' . $objAttachment->fields['file_name']);
$objAttachment->MoveNext();
}
}
}
} else {
return $this->_mails();
}
}
} else {
$arrSettings = $this->_getSettings();
$mailSenderMail = $arrSettings['sender_mail']['setvalue'];
$mailSenderName = $arrSettings['sender_name']['setvalue'];
$mailReply = $arrSettings['reply_mail']['setvalue'];
$mailSmtpServer = $_CONFIG['coreSmtpServer'];
if (!empty($_POST['textfield'])) {
$mailHtmlContent = nl2br($_POST['textfield']);
}
}
$act = $copy ? 'copyMail' : 'editMail';
// remove newsletter_link_N value from rel attribute of the links
if ($copy) {
$mailHtmlContent = $this->_prepareNewsletterLinksForCopy($mailHtmlContent);
}
$this->_objTpl->setVariable(array('NEWSLETTER_MAIL_ID' => $copy ? 0 : $mailId, 'NEWSLETTER_MAIL_SUBJECT' => htmlentities($mailSubject, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_MAIL_HTML_CONTENT' => new \Cx\Core\Wysiwyg\Wysiwyg('newsletter_mail_html_content', contrexx_raw2xhtml($mailHtmlContent), 'fullpage'), 'NEWSLETTER_MAIL_PRIORITY_MENU' => $this->_getMailPriorityMenu($mailPriority, 'name="newsletter_mail_priority" style="width:300px;"'), 'NEWSLETTER_MAIL_TEMPLATE_MENU' => $this->_getTemplateMenu($mailTemplate, 'name="newsletter_mail_template" style="width:300px;" onchange="document.getElementById(\'newsletter_mail_form\').action=\'index.php?cmd=Newsletter&act=' . $act . '&id=' . $mailId . '&setFormat=1\';document.getElementById(\'newsletter_mail_form\').submit()"'), 'NEWSLETTER_MAIL_SENDER_MAIL' => htmlentities($mailSenderMail, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_MAIL_SENDER_NAME' => htmlentities($mailSenderName, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_MAIL_REPLY' => htmlentities($mailReply, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_MAIL_SMTP_SERVER' => \SmtpSettings::getSmtpAccountMenu($mailSmtpServer, 'name="newsletter_mail_smtp_account" style="width:300px;"'), 'NEWSLETTER_MAIL_SEND' => $_GET['act'] == 'sendMail' ? 1 : 0));
$this->_objTpl->setVariable('TXT_NEWSLETTER_HTML_UC', $_ARRAYLANG['TXT_NEWSLETTER_HTML_UC']);
$this->_objTpl->touchBlock('newsletter_mail_html_content');
$this->emailEditParseLists($arrAssociatedLists);
$this->emailEditParseGroups($arrAssociatedGroups);
if (count($arrAttachment) > 0) {
foreach ($arrAttachment as $attachment) {
$this->_objTpl->setVariable(array('NEWSLETTER_MAIL_ATTACHMENT_NR' => $attachmentNr, 'NEWSLETTER_MAIL_ATTACHMENT_NAME' => substr($attachment, strrpos($attachment, '/') + 1), 'NEWSLETTER_MAIL_ATTACHMENT_URL' => $attachment));
$this->_objTpl->parse('newsletter_mail_attachment_list');
$attachmentNr++;
}
} else {
$this->_objTpl->hideBlock('newsletter_mail_attachment_list');
}
$this->_objTpl->setVariable(array('NEWSLETTER_MAIL_ATTACHMENT_NR' => $attachmentNr, 'NEWSLETTER_MAIL_ATTACHMENT_BOX' => $attachmentNr > 0 ? 'block' : 'none'));
if (!$copy && $mailId > 0 && $mailSendDate > 0) {
$this->_objTpl->touchBlock('associatedListToolTip');
$this->_objTpl->touchBlock('associatedGroupToolTipAfterSent');
$this->_objTpl->hideBlock('associatedGroupToolTipBeforeSend');
$this->_objTpl->setVariable(array('TXT_NEWSLETTER_INFO_ABOUT_ASSOCIATED_LISTS' => $_ARRAYLANG['TXT_NEWSLETTER_INFO_ABOUT_ASSOCIATED_LISTS'], 'NEWSLETTER_LIST_DISABLED' => 'disabled="disabled"'));
} else {
$this->_objTpl->setVariable(array('TXT_NEWSLETTER_INFO_ABOUT_ASSOCIATED_LISTS_SEND' => $_ARRAYLANG['TXT_NEWSLETTER_INFO_ABOUT_ASSOCIATED_LISTS_SEND']));
$this->_objTpl->hideBlock('associatedListToolTip');
$this->_objTpl->hideBlock('associatedGroupToolTipAfterSent');
$this->_objTpl->touchBlock('associatedGroupToolTipBeforeSend');
}
// Mediabrowser
$mediaBrowser = new \Cx\Core_Modules\MediaBrowser\Model\Entity\MediaBrowser();
$mediaBrowser->setOptions(array('data-cx-mb-views' => 'filebrowser', 'type' => 'button'));
$mediaBrowser->setCallback('mediaBrowserCallback');
$this->_objTpl->setVariable(array('NEWSLETTER_ATTACH_FILE' => $mediaBrowser->getXHtml($_ARRAYLANG['TXT_NEWSLETTER_ATTACH_FILE'])));
$this->_objTpl->setVariable(array('TXT_NEWSLETTER_EMAIL_ACCOUNT' => $_ARRAYLANG['TXT_NEWSLETTER_EMAIL_ACCOUNT'], 'TXT_NEWSLETTER_SUBJECT' => $_ARRAYLANG['TXT_NEWSLETTER_SUBJECT'], 'TXT_NEWSLETTER_SEND_AS' => $_ARRAYLANG['TXT_NEWSLETTER_SEND_AS'], 'TXT_NEWSLETTER_TEMPLATE' => $_ARRAYLANG['TXT_NEWSLETTER_TEMPLATE'], 'TXT_NEWSLETTER_SENDER' => $_ARRAYLANG['TXT_NEWSLETTER_SENDER'], 'TXT_NEWSLETTER_EMAIL' => $_ARRAYLANG['TXT_NEWSLETTER_EMAIL'], 'TXT_NEWSLETTER_URI' => $_ARRAYLANG['TXT_NEWSLETTER_URI'], 'TXT_NEWSLETTER_NAME' => $_ARRAYLANG['TXT_NEWSLETTER_NAME'], 'TXT_NEWSLETTER_REPLY_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_REPLY_ADDRESS'], 'TXT_NEWSLETTER_PRIORITY' => $_ARRAYLANG['TXT_NEWSLETTER_PRIORITY'], 'TXT_NEWSLETTER_PRIORITY' => $_ARRAYLANG['TXT_NEWSLETTER_PRIORITY'], 'TXT_NEWSLETTER_ATTACH' => $_ARRAYLANG['TXT_NEWSLETTER_ATTACH'], 'TXT_NEWSLETTER_DISPLAY_FILE' => $_ARRAYLANG['TXT_NEWSLETTER_DISPLAY_FILE'], 'TXT_NEWSLETTER_REMOVE_FILE' => $_ARRAYLANG['TXT_NEWSLETTER_REMOVE_FILE'], 'TXT_NEWSLETTER_HTML_CONTENT' => $_ARRAYLANG['TXT_NEWSLETTER_HTML_CONTENT'], 'TXT_NEWSLETTER_PLACEHOLDER_DIRECTORY' => $_ARRAYLANG['TXT_NEWSLETTER_PLACEHOLDER_DIRECTORY'], 'TXT_NEWSLETTER_USER_DATA' => $_ARRAYLANG['TXT_NEWSLETTER_USER_DATA'], 'TXT_NEWSLETTER_EMAIL_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_EMAIL_ADDRESS'], 'TXT_NEWSLETTER_SEX' => $_ARRAYLANG['TXT_NEWSLETTER_SEX'], 'TXT_NEWSLETTER_SALUTATION' => $_ARRAYLANG['TXT_NEWSLETTER_SALUTATION'], 'TXT_NEWSLETTER_TITLE' => $_ARRAYLANG['TXT_NEWSLETTER_TITLE'], 'TXT_NEWSLETTER_POSITION' => $_ARRAYLANG['TXT_NEWSLETTER_POSITION'], 'TXT_NEWSLETTER_COMPANY' => $_ARRAYLANG['TXT_NEWSLETTER_COMPANY'], 'TXT_NEWSLETTER_INDUSTRY_SECTOR' => $_ARRAYLANG['TXT_NEWSLETTER_INDUSTRY_SECTOR'], 'TXT_NEWSLETTER_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_ADDRESS'], 'TXT_NEWSLETTER_PHONE_PRIVATE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_PRIVATE'], 'TXT_NEWSLETTER_PHONE_MOBILE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_MOBILE'], 'TXT_NEWSLETTER_FAX' => $_ARRAYLANG['TXT_NEWSLETTER_FAX'], 'TXT_NEWSLETTER_WEBSITE' => $_ARRAYLANG['TXT_NEWSLETTER_WEBSITE'], 'TXT_NEWSLETTER_LASTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_LASTNAME'], 'TXT_NEWSLETTER_FIRSTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_FIRSTNAME'], 'TXT_NEWSLETTER_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_ADDRESS'], 'TXT_NEWSLETTER_ZIP' => $_ARRAYLANG['TXT_NEWSLETTER_ZIP'], 'TXT_NEWSLETTER_CITY' => $_ARRAYLANG['TXT_NEWSLETTER_CITY'], 'TXT_NEWSLETTER_COUNTRY' => $_ARRAYLANG['TXT_NEWSLETTER_COUNTRY'], 'TXT_NEWSLETTER_PHONE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE'], 'TXT_NEWSLETTER_BIRTHDAY' => $_ARRAYLANG['TXT_NEWSLETTER_BIRTHDAY'], 'TXT_NEWSLETTER_GENERAL' => $_ARRAYLANG['TXT_NEWSLETTER_GENERAL'], 'TXT_NEWSLETTER_MODIFY_PROFILE' => $_ARRAYLANG['TXT_NEWSLETTER_MODIFY_PROFILE'], 'TXT_NEWSLETTER_UNSUBSCRIBE' => $_ARRAYLANG['TXT_NEWSLETTER_UNSUBSCRIBE'], 'TXT_NEWSLETTER_PLACEHOLDER_NOT_ON_BROWSER_VIEW' => $_ARRAYLANG['TXT_NEWSLETTER_PLACEHOLDER_NOT_ON_BROWSER_VIEW'], 'TXT_NEWSLETTER_DATE' => $_ARRAYLANG['TXT_NEWSLETTER_DATE'], 'TXT_NEWSLETTER_DISPLAY_IN_BROWSER_LINK' => $_ARRAYLANG['TXT_NEWSLETTER_DISPLAY_IN_BROWSER_LINK'], 'TXT_NEWSLETTER_SUBJECT' => $_ARRAYLANG['TXT_NEWSLETTER_SUBJECT'], 'TXT_NEWSLETTER_SAVE' => $_ARRAYLANG['TXT_NEWSLETTER_SAVE'], 'TXT_NEWSLETTER_BACK' => $_ARRAYLANG['TXT_NEWSLETTER_BACK'], 'TXT_NEWSLETTER_CONFIRM_EMPTY_TEXT' => $_ARRAYLANG['TXT_NEWSLETTER_CONFIRM_EMPTY_TEXT']));
return true;
}
/**
* show thread
*
* @param integer $intThreadId
* @return bool
*/
function showThread($intThreadId)
{
global $objDatabase, $_ARRAYLANG;
$objFWUser = \FWUser::getFWUserObject();
$this->_communityLogin();
$intThreadId = intval($intThreadId);
if (!empty($_REQUEST['notification_update']) && $_REQUEST['notification_update'] == $_ARRAYLANG['TXT_FORUM_UPDATE_NOTIFICATION']) {
$this->_updateNotification($intThreadId);
}
$intCatId = !empty($_REQUEST['category_id']) ? intval($_REQUEST['category_id']) : '0';
if ($intCatId == 0) {
$intCatId = $this->_getCategoryIdFromThread($intThreadId);
}
if (empty($intCatId)) {
\Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum');
die;
}
if ($objFWUser->objUser->login()) {
$this->_objTpl->touchBlock('notificationRow');
} else {
$this->_objTpl->hideBlock('notificationRow');
}
$intPostId = !empty($_REQUEST['postid']) ? intval($_REQUEST['postid']) : 0;
$intPostId = $intPostId == 0 && !empty($_REQUEST['post_id']) ? intval($_REQUEST['post_id']) : $intPostId;
$this->_objTpl->setVariable('FORUM_EDIT_POST_ID', $intPostId);
$_REQUEST['act'] = !empty($_REQUEST['act']) ? $_REQUEST['act'] : '';
if ($_REQUEST['act'] == 'delete') {
if ($this->_checkAuth($intCatId, 'delete')) {
if ($this->_deletePost($intCatId, $intThreadId, $_REQUEST['postid'])) {
$this->_objTpl->setVariable('TXT_FORUM_SUCCESS', '<br />' . $_ARRAYLANG['TXT_FORUM_DELETED_SUCCESSFULLY']);
} else {
$this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_DELETE_FAILED']);
}
} else {
$this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']);
}
}
$pos = !empty($_REQUEST['pos']) ? intval($_REQUEST['pos']) : 0;
$this->_objTpl->setVariable(array('FORUM_PAGING_POS' => $pos));
if (!empty($_REQUEST['preview_new'])) {
$pos = $this->_getLastPos($intPostId, $intThreadId);
}
if (!empty($_REQUEST['postid'])) {
if ($_REQUEST['act'] == 'quote') {
$pos = $this->_getLastPos($intPostId, $intThreadId);
}
if ($_REQUEST['act'] == 'edit') {
$pos = $this->_getEditPos($intPostId, $intThreadId);
}
}
if (!empty($_REQUEST['l']) && $_REQUEST['l'] == 1) {
$pos = $this->_getEditPos($intPostId, $intThreadId);
}
$arrPosts = $this->createPostArray($intThreadId, $pos);
if (!empty($_REQUEST['preview_edit']) && $_REQUEST['post_id'] != 0 && $_REQUEST['act'] != 'quote') {
$intPostId = intval($intPostId);
$pos = $this->_getEditPos($intPostId, $intThreadId);
$arrPosts = $this->createPostArray($intThreadId, $pos);
$arrPosts[$intPostId]['subject'] = !empty($_REQUEST['subject']) ? contrexx_strip_tags($_REQUEST['subject']) : $_ARRAYLANG['TXT_FORUM_NO_SUBJECT'];
$arrPosts[$intPostId]['content'] = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput(contrexx_input2raw($_REQUEST['message']));
}
$userId = $objFWUser->objUser->login() ? $objFWUser->objUser->getId() : 0;
$icon = !empty($_REQUEST['icons']) ? intval($_REQUEST['icons']) : 1;
if ($_REQUEST['act'] == 'edit') {
//submit is an edit
$arrEditedPost = $this->_getPostingData($intPostId);
$subject = addcslashes(htmlentities($arrEditedPost['subject'], ENT_QUOTES, CONTREXX_CHARSET), '\\');
$content = $arrEditedPost['content'];
$keywords = addcslashes(htmlentities($arrEditedPost['keywords'], ENT_QUOTES, CONTREXX_CHARSET), '\\');
$attachment = $arrEditedPost['attachment'];
$this->_objTpl->setVariable('FORUM_POST_EDIT_USERID', $arrPosts[$intPostId]['user_id']);
if (!empty($attachment)) {
$this->_objTpl->setVariable('TXT_FORUM_DELETE_ATTACHMENT', sprintf($_ARRAYLANG['TXT_FORUM_DELETE_ATTACHMENT'], $attachment));
}
$this->_objTpl->touchBlock('updatePost');
$this->_objTpl->hideBlock('createPost');
$this->_objTpl->hideBlock('previewNewPost');
$this->_objTpl->touchBlock('previewEditPost');
} else {
//new post
if ($this->_objTpl->blockExists('delAttachment')) {
$this->_objTpl->hideBlock('delAttachment');
}
$subject = !empty($_REQUEST['subject']) ? contrexx_strip_tags($_REQUEST['subject']) : '';
$content = !empty($_REQUEST['message']) ? contrexx_input2raw(strip_tags($_REQUEST['message'])) : '';
$keywords = !empty($_REQUEST['keywords']) ? contrexx_strip_tags($_REQUEST['keywords']) : '';
$attachment = !empty($_REQUEST['attachment']) ? contrexx_strip_tags($_REQUEST['attachment']) : '';
$this->_objTpl->touchBlock('createPost');
$this->_objTpl->hideBlock('updatePost');
$this->_objTpl->touchBlock('previewNewPost');
$this->_objTpl->hideBlock('previewEditPost');
}
if ($_REQUEST['act'] == 'quote') {
$quoteContent = $this->_getPostingData($intPostId);
$subject = 'RE: ' . addcslashes(htmlentities($quoteContent['subject'], ENT_QUOTES, CONTREXX_CHARSET), '\\');
$content = '[quote=' . $arrPosts[$intPostId]['user_name'] . ']' . strip_tags($quoteContent['content']) . '[/quote]';
}
$firstPost = current($arrPosts);
if ($this->_arrSettings['wysiwyg_editor'] == 1) {
//IF WYSIWIG enabled..
$strMessageInputHTML = new \Cx\Core\Wysiwyg\Wysiwyg('message', $content, 'bbcode');
} else {
//plain textarea
$strMessageInputHTML = '<textarea style="width: 400px; height: 150px;" rows="5" cols="10" name="message">' . contrexx_raw2xhtml($content) . '</textarea>';
}
$this->_objTpl->setGlobalVariable(array('FORUM_JAVASCRIPT_GOTO' => $this->getJavascript('goto'), 'FORUM_JAVASCRIPT_DELETE' => $this->getJavascript('deletePost'), 'FORUM_JAVASCRIPT_SCROLLTO' => $this->getJavascript('scrollto'), 'FORUM_SCROLLPOS' => !empty($_REQUEST['scrollpos']) ? intval($_REQUEST['scrollpos']) : '0', 'FORUM_JAVASCRIPT_INSERT_TEXT' => $this->getJavascript('insertText', array($intCatId, $intThreadId, $firstPost)), 'FORUM_NAME' => $this->_shortenString($firstPost['subject'], $this->_maxStringlength), 'FORUM_TREE' => $this->_createNavTree($intCatId) . '<a title="' . $this->_arrTranslations[$intCatId][$this->_intLangId]['name'] . '" href="index.php?section=Forum&cmd=board&id=' . $intCatId . '">' . $this->_shortenString($this->_arrTranslations[$intCatId][$this->_intLangId]['name'], $this->_maxStringlength) . '</a> > ', 'FORUM_DROPDOWN' => $this->createForumDD('forum_quickaccess', $intCatId, 'onchange="gotoForum(this);"', ''), 'TXT_FORUM_COMMA_SEPARATED_KEYWORDS' => $_ARRAYLANG['TXT_FORUM_COMMA_SEPARATED_KEYWORDS'], 'TXT_FORUM_KEYWORDS' => $_ARRAYLANG['TXT_FORUM_KEYWORDS'], 'TXT_FORUM_FILE_ATTACHMENT' => $_ARRAYLANG['TXT_FORUM_FILE_ATTACHMENT'], 'TXT_FORUM_RATING' => $_ARRAYLANG['TXT_FORUM_RATING'], 'TXT_FORUM_ADD_POST' => $_ARRAYLANG['TXT_FORUM_ADD_POST'], 'TXT_FORUM_SUBJECT' => $_ARRAYLANG['TXT_FORUM_SUBJECT'], 'TXT_FORUM_MESSAGE' => $_ARRAYLANG['TXT_FORUM_MESSAGE'], 'TXT_FORUM_RESET' => $_ARRAYLANG['TXT_FORUM_RESET'], 'TXT_FORUM_CREATE_POST' => $_ARRAYLANG['TXT_FORUM_CREATE_POST'], 'TXT_FORUM_ICON' => $_ARRAYLANG['TXT_FORUM_ICON'], 'TXT_FORUM_QUOTE' => $_ARRAYLANG['TXT_FORUM_QUOTE'], 'TXT_FORUM_EDIT' => $_ARRAYLANG['TXT_FORUM_EDIT'], 'TXT_FORUM_DELETE' => $_ARRAYLANG['TXT_FORUM_DELETE'], 'TXT_FORUM_PREVIEW' => $_ARRAYLANG['TXT_FORUM_PREVIEW'], 'TXT_FORUM_UPDATE_POST' => $_ARRAYLANG['TXT_FORUM_UPDATE_POST'], 'TXT_FORUM_NOTIFY_NEW_POSTS' => $_ARRAYLANG['TXT_FORUM_NOTIFY_NEW_POSTS'], 'TXT_FORUM_QUICKACCESS' => $_ARRAYLANG['TXT_FORUM_QUICKACCESS'], 'TXT_FORUM_UPDATE_NOTIFICATION' => $_ARRAYLANG['TXT_FORUM_UPDATE_NOTIFICATION'], 'TXT_FORUM_THREAD_ACTION_DESC' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_DESC'], 'TXT_FORUM_THREAD_ACTION_MOVE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE'], 'TXT_FORUM_THREAD_ACTION_CLOSE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_CLOSE_' . $firstPost['is_locked']], 'TXT_FORUM_THREAD_ACTION_STICKY' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_STICKY_' . $firstPost['is_sticky']], 'TXT_FORUM_THREAD_ACTION_DELETE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_DELETE'], 'TXT_FORUM_CHOOSE_FILE' => $_ARRAYLANG['TXT_FORUM_CHOOSE_FILE'], 'FORUM_NOTIFICATION_CHECKBOX_CHECKED' => $this->_hasNotification($intThreadId) ? 'checked="checked"' : '', 'FORUM_SUBJECT' => stripslashes($subject), 'FORUM_KEYWORDS' => stripslashes($keywords), 'FORUM_ATTACHMENT_OLDNAME' => $attachment, 'FORUM_MESSAGE_INPUT' => $strMessageInputHTML, 'FORUM_CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode(), 'FORUM_THREAD_ID' => $intThreadId, 'FORUM_CATEGORY_ID' => $intCatId, 'FORUM_POSTS_PAGING' => getPaging($this->_postCount, $pos, '§ion=Forum&cmd=thread&id=' . $intThreadId, $_ARRAYLANG['TXT_FORUM_OVERVIEW_POSTINGS'], true, $this->_arrSettings['posting_paging'])));
if ($objFWUser->objUser->login()) {
$this->_objTpl->hideBlock('captcha');
} else {
$this->_objTpl->touchBlock('captcha');
}
$this->_setIcons($this->_getIcons());
if (!$this->_checkAuth($intCatId, 'read')) {
$this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']);
return false;
}
$intCounter = 0;
foreach ($arrPosts as $postId => $arrValues) {
$strRating = '<span id="forum_current_rating_' . $postId . '" class="rating_%s">%s</span>';
if ($arrValues['rating'] == 0) {
$class = 'none';
} elseif ($arrValues['rating'] > 0) {
$class = 'pos';
} else {
$class = 'neg';
}
$strRating = sprintf($strRating, $class, $arrValues['rating']);
$strUserProfileLink = $arrValues['user_id'] > 0 ? '<a title="' . $arrValues['user_name'] . '" href="index.php?section=Access&cmd=user&id=' . $arrValues['user_id'] . '">' . $arrValues['user_name'] . '</a>' : $this->_anonymousName;
$arrAttachment = $this->_getAttachment($arrValues['attachment']);
$this->_objTpl->setGlobalVariable(array('FORUM_POST_ROWCLASS' => $intCounter++ % 2 + 1));
$quoteLink = "id=" . $intThreadId . "&act=quote&postid=" . $postId;
$quoteLinkLoggedIn = "location.href='" . \Cx\Core\Csrf\Controller\Csrf::enhanceURI("index.php?section=Forum") . "&cmd=thread&" . htmlentities($quoteLink) . "';";
$quoteLinkNotLoggedIn = "location.href='" . \Cx\Core\Csrf\Controller\Csrf::enhanceURI("index.php?section=Login") . "&redirect=" . base64_encode("index.php?section=Forum&cmd=thread&" . $quoteLink) . "';";
$this->_objTpl->setVariable(array('FORUM_POST_DATE' => $arrValues['time_created'], 'FORUM_POST_LAST_EDITED' => $arrValues['time_edited'] != date(ASCMS_DATE_FORMAT, 0) ? $_ARRAYLANG['TXT_FORUM_LAST_EDITED'] . $arrValues['time_edited'] : '', 'FORUM_USER_ID' => $arrValues['user_id'], 'FORUM_USER_NAME' => $strUserProfileLink, 'FORUM_USER_IMAGE' => !empty($arrValues['user_image']) ? '<img border="0" width="60" height="60" src="' . $arrValues['user_image'] . '" title="' . $arrValues['user_name'] . '\'s avatar" alt="' . $arrValues['user_name'] . '\'s avatar" />' : '', 'FORUM_USER_GROUP' => '', 'FORUM_USER_RANK' => '', 'FORUM_USER_REGISTERED_SINCE' => '', 'FORUM_USER_POSTING_COUNT' => '', 'FORUM_USER_CONTACTS' => '', 'FORUM_POST_NUMBER' => '#' . $arrValues['post_number'], 'FORUM_POST_ICON' => $arrValues['post_icon'], 'FORUM_POST_SUBJECT' => $arrValues['subject'], 'FORUM_POST_MESSAGE' => $arrValues['content'], 'FORUM_POST_RATING' => $strRating, 'FORUM_POST_ATTACHMENT_LINK' => $arrAttachment['webpath'], 'FORUM_POST_ATTACHMENT_FILENAME' => $arrAttachment['name'], 'FORUM_POST_ATTACHMENT_ICON' => $arrAttachment['icon'], 'FORUM_POST_ATTACHMENT_FILESIZE' => $arrAttachment['size'], 'FORUM_QUOTE_ONCLICK' => $this->_checkAuth($intCatId, 'write') ? $quoteLinkLoggedIn : $quoteLinkNotLoggedIn));
if (!$objFWUser->objUser->login() && !$this->_checkAuth($intCatId, 'write')) {
$button = '<input type="button" value="' . $_ARRAYLANG['TXT_FORUM_CREATE_POST'] . '" onclick="location.href=\'' . \Cx\Core\Csrf\Controller\Csrf::enhanceURI('index.php?section=Login') . '&redirect=' . base64_encode($_SERVER['REQUEST_URI']) . '\';" />';
$this->_objTpl->setVariable(array('FORUM_POST_REPLY_REDIRECT' => $button));
}
$this->_objTpl->setVariable(array('FORUM_POST_ID' => $postId, 'FORUM_RATING_POST_ID' => $postId));
if ($firstPost['is_locked'] != 1 && ($this->_checkAuth($intCatId, 'edit') || $objFWUser->objUser->login() && $arrValues['user_id'] == $objFWUser->objUser->getId())) {
$this->_objTpl->touchBlock('postEdit');
} else {
$this->_objTpl->hideBlock('postEdit');
}
if ($firstPost['is_locked'] != 1 && ($this->_checkAuth($intCatId, 'write') || !$firstPost['is_locked'])) {
$this->_objTpl->touchBlock('postQuote');
} else {
$this->_objTpl->hideBlock('postQuote');
}
if ($this->_checkAuth($intCatId, 'delete') && $arrValues['post_number'] != 1) {
$this->_objTpl->setVariable(array('FORUM_POST_ID' => $postId));
$this->_objTpl->touchBlock('postDelete');
} else {
$this->_objTpl->hideBlock('postDelete');
}
if ($this->_objTpl->blockExists('rating')) {
if ($objFWUser->objUser->login() && !$this->_hasRated($postId)) {
$this->_objTpl->parse('rating');
} else {
$this->_objTpl->hideBlock('rating');
}
}
if ($this->_objTpl->blockExists('attachment')) {
if (!empty($arrValues['attachment'])) {
$this->_objTpl->parse('attachment');
} else {
$this->_objTpl->hideBlock('attachment');
}
}
$this->_objTpl->parse('forumPosts');
}
if (!$this->_checkAuth($intCatId, 'write') || $firstPost['is_locked'] == 1) {
$this->_objTpl->hideBlock('addPost');
$this->_objTpl->hideBlock('addPostAnchor');
} else {
$this->_objTpl->touchBlock('addPostAnchor');
}
// initialize the uploader
$this->initForumUploader();
//addpost code
if (!empty($_REQUEST['create']) && $_REQUEST['create'] == $_ARRAYLANG['TXT_FORUM_CREATE_POST']) {
if (!$this->_checkAuth($intCatId, 'write') && $firstPost['is_locked'] != 1) {
//auth check
$this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']);
$this->_objTpl->hideBlock('addPost');
return false;
}
if (!$objFWUser->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
//captcha check
return false;
}
if (strlen(trim($content)) < $this->_minPostlength) {
//content check
$this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength));
return false;
}
if (false !== ($match = $this->_hasBadWords($content))) {
$this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1]));
return false;
}
$fileInfo = $this->_handleUpload('forum_attachment');
if ($fileInfo === false) {
//an error occured, the file wasn't properly transferred. exit function to display error set in _handleUpload()
return false;
}
$lastPostIdQuery = ' SELECT max( id ) as last_post_id
FROM ' . DBPREFIX . 'module_forum_postings
WHERE category_id = ' . $intCatId . '
AND thread_id = ' . $intThreadId;
if (($objRSmaxId = $objDatabase->SelectLimit($lastPostIdQuery, 1)) !== false) {
$intPrevPostId = $objRSmaxId->fields['last_post_id'];
} else {
die('Database error: ' . $objDatabase->ErrorMsg());
}
$insertQuery = 'INSERT INTO ' . DBPREFIX . 'module_forum_postings (
id, category_id, thread_id, prev_post_id,
user_id, time_created, time_edited, is_locked,
is_sticky, rating, views, icon,
keywords, subject, content, attachment
) VALUES (
NULL, ' . $intCatId . ', ' . $intThreadId . ', ' . $intPrevPostId . ',
' . $userId . ', ' . time() . ', 0, 0,
0, 0, 0, ' . $icon . ",\n '{$keywords}' ,'" . $subject . "', '" . contrexx_raw2db($content) . "', '" . $fileInfo['name'] . "'\n )";
if ($objDatabase->Execute($insertQuery) !== false) {
$lastInsertId = $objDatabase->Insert_ID();
$this->updateViewsNewItem($intCatId, $lastInsertId, true);
$this->_updateNotification($intThreadId);
$this->_sendNotifications($intThreadId, $subject, $content);
$pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId();
$cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager();
$cacheManager->deleteSingleFile($pageId);
}
\Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&pos=' . $this->_getLastPos($postId, $intThreadId));
die;
}
if (!empty($_REQUEST['preview_new'])) {
$content = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput($content);
if (false !== ($match = $this->_hasBadWords($content))) {
$this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1]));
return false;
}
if (strlen(trim($content)) < $this->_minPostlength) {
//content check
$this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength));
return false;
}
$this->_objTpl->setVariable(array('FORUM_POST_ROWCLASS' => $intCounter++ % 2 + 1, 'FORUM_POST_DATE' => date(ASCMS_DATE_FORMAT, time()), 'FORUM_USER_ID' => $userId, 'FORUM_USER_NAME' => $objFWUser->objUser->login() ? '<a href="index.php?section=Access&cmd=user&id=' . $userId . '" title="' . htmlentities($objFWUser->objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET) . '">' . htmlentities($objFWUser->objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET) . '</a>' : $this->_anonymousName, 'FORUM_USER_IMAGE' => !empty($arrValues['user_image']) ? '<img border="0" width="60" height="60" src="' . $arrValues['user_image'] . '" title="' . $arrValues['user_name'] . '\'s avatar" alt="' . $arrValues['user_name'] . '\'s avatar" />' : '', 'FORUM_USER_GROUP' => '', 'FORUM_USER_RANK' => '', 'FORUM_USER_REGISTERED_SINCE' => '', 'FORUM_USER_POSTING_COUNT' => '', 'FORUM_USER_CONTACTS' => '', 'FORUM_POST_NUMBER' => '#' . ($this->_postCount + 1), 'FORUM_POST_ICON' => $this->getThreadIcon($icon), 'FORUM_POST_SUBJECT' => stripslashes($subject), 'FORUM_POST_MESSAGE' => $content, 'FORUM_POST_RATING' => '0'));
$this->_objTpl->touchBlock('createPost');
$this->_objTpl->hideBlock('updatePost');
if ($this->_objTpl->blockExists('attachment')) {
$this->_objTpl->hideBlock('attachment');
}
$this->_objTpl->hideBlock('postEdit');
$this->_objTpl->hideBlock('postQuote');
$this->_objTpl->touchBlock('previewNewPost');
$this->_objTpl->hideBlock('previewEditPost');
$this->_objTpl->parse('forumPosts');
}
if (!empty($_REQUEST['update']) && $_REQUEST['update'] == $_ARRAYLANG['TXT_FORUM_UPDATE_POST']) {
if (strlen(trim($content)) < $this->_minPostlength) {
//content size check
$this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength));
return false;
}
if (!$this->_checkAuth($intCatId, 'edit') && (!$objFWUser->objUser->login() || $arrValues['user_id'] != $objFWUser->objUser->getId())) {
$this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']);
$this->_objTpl->hideBlock('postEdit');
return false;
}
if (!$objFWUser->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) {
$this->_objTpl->touchBlock('updatePost');
$this->_objTpl->hideBlock('createPost');
return false;
}
if (false !== ($match = $this->_hasBadWords($content))) {
$this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1]));
return false;
}
$fileInfo = $this->_handleUpload('forum_attachment');
if ($fileInfo === false) {
//an error occured, the file wasn't properly transferred. exit function to display error set in _handleUpload()
return false;
}
if (empty($_POST['forum_delete_attachment']) && empty($fileInfo['name']) && !empty($_REQUEST['forum_attachment_oldname'])) {
$fileInfo['name'] = contrexx_addslashes($_REQUEST['forum_attachment_oldname']);
} elseif (!empty($_POST['forum_delete_attachment']) && $_POST['forum_delete_attachment'] == 1 || !empty($_REQUEST['forum_attachment_oldname']) && $fileInfo['name'] != $_REQUEST['forum_attachment_oldname']) {
unlink(\Cx\Core\Core\Controller\Cx::instanciate()->getWebsiteMediaForumUploadPath() . '/' . str_replace(array('./', '.\\'), '', $_REQUEST['forum_attachment_oldname']));
}
$updateQuery = 'UPDATE ' . DBPREFIX . 'module_forum_postings SET
time_edited = ' . mktime() . ',
icon = ' . $icon . ',
subject = \'' . $subject . '\',
keywords = \'' . $keywords . '\',
content = \'' . contrexx_raw2db($content) . '\',
attachment = \'' . $fileInfo['name'] . '\'
WHERE id = ' . $intPostId;
if ($objDatabase->Execute($updateQuery) !== false) {
$this->updateViews($intThreadId, $intPostId);
$pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId();
$cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager();
$cacheManager->deleteSingleFile($pageId);
}
\Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&pos=' . $this->_getLastPos($postId, $intThreadId));
die;
}
if (!empty($_REQUEST['preview_edit'])) {
$this->_objTpl->touchBlock('updatePost');
$this->_objTpl->hideBlock('createPost');
$this->_objTpl->hideBlock('previewNewPost');
$this->_objTpl->touchBlock('previewEditPost');
}
$hasAccess = false;
foreach (array('STICKY', 'MOVE', 'CLOSE', 'DELETE') as $action) {
if (!$this->_checkAuth($intCatId, strtolower($action))) {
$this->_objTpl->setVariable('FORUM_THREAD_ACTIONS_DISABLED_' . $action, 'disabled="disabled"');
} else {
$hasAccess = true;
}
}
if ($this->_objTpl->blockExists('threadActionsSelect')) {
if ($userId < 1 || !$hasAccess) {
$this->_objTpl->hideBlock('threadActionsSelect');
} else {
$this->_objTpl->touchBlock('threadActionsSelect');
}
}
if (!empty($_REQUEST['action']) && $_REQUEST['action'] == 'move' && !empty($_REQUEST['id'])) {
$thread = intval($_REQUEST['id']);
$newCat = intval($_REQUEST['moveToThread']);
$oldCat = $this->_getCategoryIdFromThread($thread);
$query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `category_id` = {$newCat} WHERE `thread_id` = " . $thread;
if ($objDatabase->Execute($query)) {
$intMovedPosts = $objDatabase->Affected_Rows();
$query = "SELECT max( `id` ) as `lastid` FROM `" . DBPREFIX . "module_forum_postings` WHERE `thread_id` = {$thread}";
$objRS = $objDatabase->SelectLimit($query, 1);
$intMovedPostLastId = $objRS->fields['lastid'];
$query = "SELECT max( `id` ) as `lastid` FROM `" . DBPREFIX . "module_forum_postings` WHERE `category_id` = {$oldCat}";
$objRS = $objDatabase->SelectLimit($query, 1);
$query = "UPDATE `" . DBPREFIX . "module_forum_statistics` SET `thread_count` = `thread_count` - 1, `post_count` = `post_count` - {$intMovedPosts}, `last_post_id` = " . (intval($objRS->fields['lastid']) > 0 ? intval($objRS->fields['lastid']) : 0) . " WHERE `category_id` = {$oldCat}";
$objDatabase->Execute($query);
$query = "SELECT `id` FROM `" . DBPREFIX . "module_forum_postings` WHERE `category_id` = {$newCat} GROUP BY `time_created` DESC";
$objRS = $objDatabase->Execute($query);
$query = "UPDATE `" . DBPREFIX . "module_forum_statistics` SET `thread_count` = `thread_count` + 1, `post_count` = `post_count` + {$intMovedPosts}, `last_post_id` = " . $objRS->fields['id'] . " WHERE `category_id` = {$newCat}";
$objDatabase->Execute($query);
$this->_objTpl->hideBlock('moveForm');
$this->_objTpl->setVariable(array('TXT_THREAD_ACTION_' . ($success ? 'SUCCESS' : 'ERROR') => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE' . (!$success ? 'UN' : '') . 'SUCCESSFUL'], 'FORUM_CATEGORY_ID' => $intCatId, 'FORUM_THREAD_ID' => $intThreadId));
\Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $thread);
}
}
if (!empty($_GET['a'])) {
$this->_objTpl->setVariable(array('TXT_FORUM_' . ($_GET['r'] == 1 ? 'SUCCESS' : 'ERROR') => '<br />' . $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_' . strtoupper($_GET['a']) . '_' . (!$_GET['r'] ? 'UN' : '') . 'SUCCESSFUL' . $_GET['s']]));
}
$success = false;
if (!empty($_REQUEST['thread_actions'])) {
$action = contrexx_addslashes($_REQUEST['thread_actions']);
if ($this->_checkAuth($intCatId, $action)) {
switch ($action) {
case 'move':
$arrForums = $this->createForumArray($this->_intLangId);
foreach ($arrForums as $intCatID => $arrThread) {
$strOptions .= '<option value="' . $intCatID . '" ' . ($arrThread['level'] == 0 ? 'disabled="disabled"' : '') . '>' . str_repeat(' ', $arrThread['level'] * 2) . $arrThread['name'] . '</option>';
}
$this->_objTpl->setVariable(array('FORUM_THREADS' => $strOptions));
$success = true;
$suffix = '';
\Env::get('cx')->getPage()->setTitle($_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE']);
break;
case 'close':
$query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `is_locked` = IF(`is_locked` = '0' OR `is_locked` = '', '1', '0') WHERE thread_id = " . intval($_REQUEST['id']);
if ($objDatabase->Execute($query) !== false) {
$success = true;
}
$suffix = '_' . $firstPost['is_locked'];
break;
case 'sticky':
$query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `is_sticky` = IF(`is_sticky` = '0' OR `is_sticky` = '', '1', '0') WHERE thread_id = " . intval($_REQUEST['id']);
if ($objDatabase->Execute($query) !== false) {
$success = true;
}
$suffix = '_' . $firstPost['is_sticky'];
break;
default:
break;
}
if ($action != 'move') {
\Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&a=' . $action . '&r=' . $success . '&s=' . $suffix);
}
} else {
$this->_objTpl->setVariable('TXT_THREAD_ACTION_ERROR', $_ARRAYLANG['TXT_FORUM_NO_ACCESS']);
}
$this->_objTpl->parse('threadActions');
$this->_objTpl->touchBlock('threadActions');
$this->_objTpl->hideBlock('threadDisplay');
} else {
$this->updateViews($intThreadId, $intPostId);
$this->_objTpl->hideBlock('threadActions');
}
return true;
}
/**
* update settings
* @access public
* @global array
* @global ADONewConnection
* @global array
* @global array
*/
function updateSettings()
{
global $objDatabase, $_CORELANG, $_ARRAYLANG;
if (isset($_POST['set_sys_submit'])) {
//get post data
foreach ($_POST['setvalue'] as $id => $value) {
//update settings
// check for description field to be required
if ($id == 13 && $value == 1) {
$objDatabase->Execute("UPDATE `" . DBPREFIX . "module_directory_inputfields` SET active='1', is_required='1', active_backend='1' WHERE name='description'");
}
if (ini_get('allow_url_fopen') == false && $id == 19) {
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings SET setvalue='0' WHERE setid=" . intval($id));
} else {
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings SET setvalue='" . contrexx_addslashes($value) . "' WHERE setid=" . intval($id));
}
}
$this->strOkMessage = $_ARRAYLANG['TXT_DIR_SETTINGS_SUCCESFULL_SAVE'];
}
if (isset($_POST['set_google_submit'])) {
//get post data
foreach ($_POST['setvalue'] as $id => $value) {
//update settings
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings_google SET setvalue='" . contrexx_addslashes($value) . "' WHERE setid=" . intval($id));
}
$this->strOkMessage = $_ARRAYLANG['TXT_DIR_SETTINGS_SUCCESFULL_SAVE'];
}
if (isset($_POST['set_homecontent_submit'])) {
//update settings
\Cx\Core\Setting\Controller\Setting::init('Config', 'component', 'Yaml');
if (isset($_POST['setHomeContent'])) {
if (!\Cx\Core\Setting\Controller\Setting::isDefined('directoryHomeContent')) {
\Cx\Core\Setting\Controller\Setting::add('directoryHomeContent', contrexx_addslashes($_POST['setHomeContent']), 1, \Cx\Core\Setting\Controller\Setting::TYPE_RADIO, '1:TXT_ACTIVATED,0:TXT_DEACTIVATED', 'component');
} else {
\Cx\Core\Setting\Controller\Setting::set('directoryHomeContent', contrexx_addslashes($_POST['setHomeContent']));
\Cx\Core\Setting\Controller\Setting::update('directoryHomeContent');
}
}
\Cx\Core\Csrf\Controller\Csrf::header('Location: ?cmd=Directory&act=settings&tpl=homecontent');
exit;
$this->strOkMessage = $_ARRAYLANG['TXT_DIR_SETTINGS_SUCCESFULL_SAVE'];
}
if (isset($_POST['set_mail_submit'])) {
//update settings
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_mail SET title='" . contrexx_addslashes($_POST['mailConfirmTitle']) . "', content='" . $_POST['mailConfirmContent'] . "' WHERE id='1'");
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_mail SET title='" . contrexx_addslashes($_POST['mailRememberTitle']) . "', content='" . $_POST['mailRememberContent'] . "' WHERE id='2'");
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings SET setvalue='" . contrexx_addslashes($_POST['mailRememberAdress']) . "' WHERE setid='30'");
$this->strOkMessage = $_ARRAYLANG['TXT_DIR_SETTINGS_SUCCESFULL_SAVE'];
}
if (isset($_POST['set_inputs_submit'])) {
//update settings
// title field should stay active, required and available for search
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='0' Where id !='1'");
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET is_search='0' Where id !='1'");
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET is_required='0' Where id !='1'");
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='0' Where id !='1'");
//get post data
if ($_POST['setStatus'] != "") {
$addressElements = 0;
$googleMapIsEnabled = false;
foreach ($_POST['setStatus'] as $id => $value) {
//update settings
$objResult = $objDatabase->Execute("SELECT `name` FROM " . DBPREFIX . "module_directory_inputfields WHERE id=" . intval($id));
$name = $objResult->fields['name'];
switch ($name) {
case 'country':
case 'zip':
case 'street':
case 'city':
$addressElements++;
break;
case 'googlemap':
$googleMapIsEnabled = true;
break;
default:
}
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='" . contrexx_addslashes($value) . "' WHERE id=" . intval($id));
}
if ($googleMapIsEnabled && $addressElements < 4) {
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1' WHERE name='country'");
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1' WHERE name='zip'");
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1' WHERE name='street'");
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1' WHERE name='city'");
$this->strOkMessage = $_ARRAYLANG['TXT_DIRECTORY_GOOGLEMAP_REQUIRED_FIELDS_MISSING'];
}
}
//get post data
if ($_POST['setStatusBackend'] != "") {
$addressElements = 0;
$googleMapIsEnabled = false;
foreach ($_POST['setStatusBackend'] as $id => $value) {
//update settings
$objResult = $objDatabase->Execute("SELECT `name` FROM " . DBPREFIX . "module_directory_inputfields WHERE id=" . intval($id));
$name = $objResult->fields['name'];
switch ($name) {
case 'country':
case 'zip':
case 'street':
case 'city':
$addressElements++;
break;
case 'googlemap':
$googleMapIsEnabled = true;
break;
default:
}
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='" . contrexx_addslashes($value) . "' WHERE id=" . intval($id));
}
if ($googleMapIsEnabled && $addressElements < 4) {
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='1' WHERE name='country'");
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='1' WHERE name='zip'");
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='1' WHERE name='street'");
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='1' WHERE name='city'");
$this->strOkMessage = $_ARRAYLANG['TXT_DIRECTORY_GOOGLEMAP_REQUIRED_FIELDS_MISSING'];
}
}
//get post data
if ($_POST['setSort'] != "") {
foreach ($_POST['setSort'] as $id => $sort) {
$sort = $sort;
//update settings
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET sort=" . intval($sort) . " WHERE id=" . intval($id));
}
}
//get post data
if ($_POST['setSearch'] != "") {
foreach ($_POST['setSearch'] as $id => $search) {
//update settings
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET is_search=" . $search . " WHERE id=" . intval($id));
}
}
//get post data
if ($_POST['setRequired'] != "") {
foreach ($_POST['setRequired'] as $id => $required) {
//update settings
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET is_required=" . $required . " WHERE id=" . intval($id));
}
}
//get post data
if ($_POST['setSpezFields'] != "") {
foreach ($_POST['setSpezFields'] as $id => $value) {
//update settings
$objReult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET title='" . contrexx_addslashes($value) . "' WHERE id=" . intval($id));
}
}
//get dropdown data
foreach ($_POST['setDropdown'] as $id => $value) {
//update settings
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings SET setvalue='" . contrexx_addslashes($value) . "' WHERE setid=" . intval($id));
}
//update settings
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1' WHERE name='title'");
if ($this->descriptionFieldRequired()) {
$objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1', is_required='1', active_backend='1' WHERE name='description'");
}
$this->strOkMessage = $_ARRAYLANG['TXT_DIR_SETTINGS_SUCCESFULL_SAVE'];
}
if ($_POST['inputValue']['zoom'] != "") {
$googleStartPoint = intval($_POST['inputValue']['lat']);
$googleStartPoint .= '.' . intval($_POST['inputValue']['lat_fraction']);
$googleStartPoint .= ':' . intval($_POST['inputValue']['lon']);
$googleStartPoint .= '.' . intval($_POST['inputValue']['lon_fraction']);
$googleStartPoint .= ':' . intval($_POST['inputValue']['zoom']);
$objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings SET setvalue='" . $googleStartPoint . "' WHERE setname='googlemap_start_location'");
}
}
/**
* Validate and save settings from $_POST into the database.
*
* @global ADONewConnection
* @global array $_ARRAYLANG
*/
function _saveSettings()
{
global $objDatabase, $_ARRAYLANG;
$this->_arrSettings = $this->createSettingsArray();
for ($i = 0; $i <= 4; $i++) {
$oldMediaSetting = $this->_arrSettings['media' . $i . '_frontend_changable'];
$newMediaSetting = '';
if (isset($_POST['mediaSettings_Media' . $i . 'FrontendChangable'])) {
$newMediaSetting = $_POST['mediaSettings_Media' . $i . 'FrontendChangable'];
}
if (!is_numeric($newMediaSetting)) {
if (is_numeric($oldMediaSetting)) {
// remove AccessId
\Permission::removeAccess($oldMediaSetting, 'dynamic');
}
// save new setting
$objDatabase->Execute(' UPDATE ' . DBPREFIX . 'module_media_settings
SET `value` = "' . contrexx_addslashes($newMediaSetting) . '"
WHERE `name` = "media' . $i . '_frontend_changable"
');
} else {
$accessGroups = '';
if (isset($_POST['media' . $i . '_access_associated_groups'])) {
$accessGroups = $_POST['media' . $i . '_access_associated_groups'];
}
// get groups
\Permission::removeAccess($oldMediaSetting, 'dynamic');
if (isset($_POST['media' . $i . '_access_associated_groups'])) {
$accessGroups = $_POST['media' . $i . '_access_associated_groups'];
}
// add AccessID
$newMediaSetting = \Permission::createNewDynamicAccessId();
// save AccessID
if (count($accessGroups)) {
\Permission::setAccess($newMediaSetting, 'dynamic', $accessGroups);
}
$query = 'UPDATE ' . DBPREFIX . 'module_media_settings
SET `value` = "' . intval($newMediaSetting) . '"
WHERE `name` = "media' . $i . '_frontend_changable"';
$objDatabase->Execute($query);
}
$oldManageSetting = $this->_arrSettings['media' . $i . '_frontend_managable'];
$newManageSetting = '';
if (isset($_POST['mediaSettings_Media' . $i . 'FrontendManagable'])) {
$newManageSetting = $_POST['mediaSettings_Media' . $i . 'FrontendManagable'];
}
if (!is_numeric($newManageSetting)) {
if (is_numeric($oldManageSetting)) {
// remove AccessId
\Permission::removeAccess($oldManageSetting, 'dynamic');
}
// save new setting
$objDatabase->Execute(' UPDATE ' . DBPREFIX . 'module_media_settings
SET `value` = "' . contrexx_addslashes($newManageSetting) . '"
WHERE `name` = "media' . $i . '_frontend_managable"
');
} else {
$accessGroups = '';
if (isset($_POST['media' . $i . '_manage_associated_groups'])) {
$accessGroups = $_POST['media' . $i . '_manage_associated_groups'];
}
// get groups
\Permission::removeAccess($oldManageSetting, 'dynamic');
if (isset($_POST['media' . $i . '_manage_associated_groups'])) {
$accessGroups = $_POST['media' . $i . '_manage_associated_groups'];
}
// add AccessID
$newManageSetting = \Permission::createNewDynamicAccessId();
// save AccessID
if (count($accessGroups)) {
\Permission::setAccess($newManageSetting, 'dynamic', $accessGroups);
}
$objDatabase->Execute(' UPDATE ' . DBPREFIX . 'module_media_settings
SET `value` = "' . intval($newManageSetting) . '"
WHERE `name` = "media' . $i . '_frontend_managable"
');
}
}
$this->_arrSettings = $this->createSettingsArray();
$this->_strOkMessage = $_ARRAYLANG['TXT_MEDIA_SETTINGS_SAVE_SUCCESSFULL'];
}
/**
* get search
* @access public
* @param string $id
*/
function getSearch()
{
global $objDatabase, $_ARRAYLANG, $template;
$arrDropdown['language'] = $this->getLanguages(contrexx_addslashes($_REQUEST['language']));
$arrDropdown['platform'] = $this->getPlatforms(contrexx_addslashes($_REQUEST['platform']));
$arrDropdown['canton'] = $this->getCantons(contrexx_addslashes($_REQUEST['canton']));
$arrDropdown['spez_field_21'] = $this->getSpezDropdown(contrexx_addslashes($_REQUEST['spez_field_21']), 'spez_field_21');
$arrDropdown['spez_field_22'] = $this->getSpezDropdown(contrexx_addslashes($_REQUEST['spez_field_22']), 'spez_field_22');
$arrDropdown['spez_field_23'] = $this->getSpezVotes(contrexx_addslashes($_REQUEST['spez_field_23']), 'spez_field_23');
$arrDropdown['spez_field_24'] = $this->getSpezVotes(contrexx_addslashes($_REQUEST['spez_field_24']), 'spez_field_24');
$expSearch = '';
$javascript = '
<script type="text/javascript">
<!--
function toggle(target)
{
obj = document.getElementById(target);
obj.style.display = (obj.style.display==\'none\') ? \'inline\' : \'none\';
if (obj.style.display==\'none\' && target == \'hiddenSearch\'){
document.getElementById(\'searchCheck\').value = \'norm\';
}else if(obj.style.display==\'inline\' && target == \'hiddenSearch\'){
document.getElementById(\'searchCheck\').value = \'exp\';
}
}
-->
</script>
';
//get levels
if ($this->settings['levels']['value'] == 1) {
$lid = intval($_REQUEST['lid']);
$options = $this->getSearchLevels($lid);
$name = $_ARRAYLANG['TXT_LEVEL'];
$field = '<select name="lid" style="width:194px;"><option value=""></option>' . $options . '</select>';
// set variables
$expSearch .= '
<tr>
<td width="100" height="20" style="border: 0px solid #ff0000;">' . $name . '</td>
<td style="border: 0px solid #ff0000;">' . $field . '</td>
</tr>
';
}
//get categories
$cid = intval($_REQUEST['cid']);
$options = $this->getSearchCategories($cid);
$name = $_ARRAYLANG['TXT_DIR_F_CATEGORIE'];
$field = '<select name="cid" style="width:194px;"><option value=""></option>' . $options . '</select>';
// set variables
$expSearch .= '
<tr>
<td width="100" height="20" style="border: 0px solid #ff0000;">' . $name . '</td>
<td style="border: 0px solid #ff0000;">' . $field . '</td>
</tr>
';
//get exp search fields
$objResult = $objDatabase->Execute("SELECT id, name, title, typ FROM " . DBPREFIX . "module_directory_inputfields WHERE exp_search='1' AND is_search='1' ORDER BY sort");
if ($objResult !== false) {
while (!$objResult->EOF) {
if ($objResult->fields['typ'] == 5 || $objResult->fields['typ'] == 6) {
$name = $objResult->fields['title'];
} else {
if (!empty($_ARRAYLANG[$objResult->fields['title']])) {
$name = $_ARRAYLANG[$objResult->fields['title']];
} else {
$name = $objResult->fields['title'];
}
}
if ($objResult->fields['typ'] == 1 || $objResult->fields['typ'] == 2 || $objResult->fields['typ'] == 5 || $objResult->fields['typ'] == 6) {
$field = '<input maxlength="100" size="30" name="' . $objResult->fields['name'] . '" value="' . contrexx_addslashes($_REQUEST[$objResult->fields['name']]) . '" />';
} else {
$field = '<select name="' . $objResult->fields['name'] . '" style="width:194px;">' . $arrDropdown[$objResult->fields['name']] . '</select>';
}
// set variables
$expSearch .= '
<tr>
<td width="100" height="20">' . $name . '</td>
<td>' . $field . '</td>
</tr>
';
$objResult->MoveNext();
}
}
$html = '
<div class="directorySearch">
<form action="index.php?" method="get" name="directorySearch" id="directorySearch">
<input name="term" value="' . (!empty($_GET['term']) ? htmlentities($_GET['term'], ENT_QUOTES, CONTREXX_CHARSET) : '') . '" size="25" maxlength="100" />
<input id="searchCheck" type="hidden" name="check" value="norm" size="10" />
<input type="hidden" name="section" value="Directory" size="10" />
<input type="hidden" name="cmd" value="search" size="10" />
<input type="submit" value="' . $_ARRAYLANG['TXT_DIR_F_SEARCH'] . '" name="search" />
» <a onclick="javascript:toggle(\'hiddenSearch\')" href="javascript:{}">' . $_ARRAYLANG['TXT_DIRECTORY_EXP_SEARCH'] . '</a><br />
<div style="display: none;" id="hiddenSearch">
<br />
<table width="100%" cellspacing="0" cellpadding="0" border="0">
' . $expSearch . '
</table>
</div>
</form>
</div>';
// set variables
$this->_objTemplate->setVariable(array('DIRECTORY_SEARCH' => $javascript . $html));
}
/**
* Update Settings
*
* Updates a Settings row
* @param $key Name of the setting
* @param $val Value of the setting
*/
function _updateSetting($key, $val)
{
global $objDatabase;
$query = "SELECT `setvalue` FROM " . DBPREFIX . "module_immo_settings\n WHERE `setname` = '" . $key . "'";
$objRs = $objDatabase->Execute($query);
if ($objRs->RecordCount() == 0) {
$val = contrexx_addslashes($val);
$query = " INSERT INTO " . DBPREFIX . "module_immo_settings\n (`setname`, `setvalue`)\n VALUES\n ('" . $key . "', '" . $val . "')\n ";
if (!$objDatabase->Execute($query)) {
return false;
}
} else {
$val = contrexx_addslashes($val);
if ($this->arrSettings[$key] != $val) {
$query = " UPDATE " . DBPREFIX . "module_immo_settings\n SET `setvalue` = '" . $val . "'\n WHERE `setname` = '" . $key . "'";
if (!$objDatabase->Execute($query)) {
return false;
}
}
}
return true;
}
/**
* Return event place url and its source link
*
* @return array place url and its source link
*/
function loadPlaceLinkFromMediadir($intMediaDirId = 0, $type = 'place')
{
global $_LANGID, $_CONFIG;
$placeUrl = '';
$placeUrlSource = '';
if (!empty($intMediaDirId)) {
$objMediadirEntry = new \Cx\Modules\MediaDir\Controller\MediaDirectoryEntry('MediaDir');
$objMediadirEntry->getEntries(intval($intMediaDirId));
$pageRepo = \Env::get('em')->getRepository('Cx\\Core\\ContentManager\\Model\\Entity\\Page');
$pages = $pageRepo->findBy(array('cmd' => contrexx_addslashes('detail' . intval($objMediadirEntry->arrEntries[$intMediaDirId]['entryFormId'])), 'lang' => $_LANGID, 'type' => \Cx\Core\ContentManager\Model\Entity\Page::TYPE_APPLICATION, 'module' => 'MediaDir'));
if (count($pages)) {
$strDetailCmd = 'detail' . intval($objMediadirEntry->arrEntries[$intMediaDirId]['entryFormId']);
} else {
$strDetailCmd = 'detail';
}
$pages = \Env::get('em')->getRepository('Cx\\Core\\ContentManager\\Model\\Entity\\Page')->getFromModuleCmdByLang('MediaDir', $strDetailCmd);
$arrActiveFrontendLanguages = \FWLanguage::getActiveFrontendLanguages();
if (isset($arrActiveFrontendLanguages[FRONTEND_LANG_ID]) && isset($pages[FRONTEND_LANG_ID])) {
$langId = FRONTEND_LANG_ID;
} else {
if (isset($arrActiveFrontendLanguages[BACKEND_LANG_ID]) && isset($pages[BACKEND_LANG_ID])) {
$langId = BACKEND_LANG_ID;
} else {
foreach ($arrActiveFrontendLanguages as $lang) {
if (isset($pages[$lang['id']])) {
$langId = $lang['id'];
break;
}
}
}
}
$url = $pages[$langId]->getUrl(ASCMS_PROTOCOL . "://" . $_CONFIG['domainUrl'] . ASCMS_PATH_OFFSET, "?eid={$intMediaDirId}");
$place = ($type = 'place') ? $this->place : $this->org_name;
$placeUrl = "<a href='" . $url . "' target='_blank' >" . (!empty($place) ? $place : $url) . "</a>";
$placeUrlSource = $url;
}
return array($placeUrl, $placeUrlSource);
}
/**
* Set the language variable default page
*
* @global array
* @global ADONewConnection
* @global \Cx\Core\Html\Sigma
* @return void
*/
function listVariables()
{
global $_ARRAYLANG, $objDatabase;
//init variables
$q_lang = "";
$q_module = "";
$q_status = "";
$q_zone = "";
$i = 0;
$zoneMenu = "";
$selected1 = "";
$selected2 = "";
$selected3 = "";
$this->template->loadTemplateFile('language_list.html');
$this->pageTitle = $_ARRAYLANG['TXT_VARIABLE_LIST'];
if (!isset($_SESSION['lang'])) {
$_SESSION['lang'] = array();
}
if (!isset($_SESSION['lang']['term'])) {
$_SESSION['lang']['term'] = "";
}
if (!isset($_SESSION['lang']['langId'])) {
$_SESSION['lang']['langId'] = "";
}
if (!isset($_SESSION['lang']['status'])) {
$_SESSION['lang']['status'] = "";
}
if (!isset($_SESSION['lang']['zone'])) {
$_SESSION['lang']['zone'] = "both";
}
if (!isset($_SESSION['lang']['moduleId'])) {
$_SESSION['lang']['moduleId'] = "";
}
if (isset($_POST['term'])) {
$_SESSION['lang']['term'] = contrexx_addslashes($_POST['term']);
}
if (isset($_POST['lang'])) {
$_SESSION['lang']['langId'] = intval($_POST['lang']);
}
if (isset($_POST['status'])) {
$_SESSION['lang']['status'] = intval($_POST['status']);
}
if (isset($_POST['zone'])) {
$_SESSION['lang']['zone'] = contrexx_addslashes($_POST['zone']);
}
if (isset($_POST['module'])) {
$_SESSION['lang']['moduleId'] = intval($_POST['module']);
}
$term = $_SESSION['lang']['term'];
$lang = $_SESSION['lang']['langId'];
$status = $_SESSION['lang']['status'];
$zone = $_SESSION['lang']['zone'];
$module = $_SESSION['lang']['moduleId'];
if ($zone == "frontend") {
$selected1 = "selected";
} elseif ($zone == "backend") {
$selected2 = "selected";
} elseif ($zone == "both" || $zone == "") {
$zone = "both";
$selected3 = "selected";
}
$zoneMenu .= "<option value='both' " . $selected3 . ">" . $_ARRAYLANG['TXT_SECTION'] . "</option>\n";
$zoneMenu .= "<option value='frontend' " . $selected1 . ">" . $_ARRAYLANG['TXT_WEB_PAGES'] . "</option>\n";
$zoneMenu .= "<option value='backend' " . $selected2 . ">" . $_ARRAYLANG['TXT_ADMINISTRATION_PAGES'] . "</option>\n";
$this->template->setVariable("LANGUAGE_ZONE_MENU", $zoneMenu);
//Begin language varibales
$this->template->setVariable(array('TXT_CONFIRM_DELETE_DATA' => $_ARRAYLANG['TXT_CONFIRM_DELETE_DATA'], 'TXT_ACTION_IS_IRREVERSIBLE' => $_ARRAYLANG['TXT_ACTION_IS_IRREVERSIBLE'], 'TXT_ATTENTION_SYSTEM_FUNCTIONALITY_AT_RISK' => $_ARRAYLANG['TXT_ATTENTION_SYSTEM_FUNCTIONALITY_AT_RISK'], 'TXT_MODULE' => $_ARRAYLANG['TXT_MODULE'], 'TXT_LANGUAGE' => $_ARRAYLANG['TXT_LANGUAGE'], 'TXT_STATUS' => $_ARRAYLANG['TXT_STATUS'], 'TXT_CONTROLLED' => $_ARRAYLANG['TXT_CONTROLLED'], 'TXT_OPEN_ISSUE' => $_ARRAYLANG['TXT_OPEN_ISSUE'], 'TXT_LANGUAGE_DEPENDANT_SYSTEM_VARIABLES' => $_ARRAYLANG['TXT_LANGUAGE_DEPENDANT_SYSTEM_VARIABLES'], 'TXT_FOUND' => $_ARRAYLANG['TXT_FOUND'], 'TXT_NAME' => $_ARRAYLANG['TXT_NAME'], 'TXT_VALUE' => $_ARRAYLANG['TXT_VALUE'], 'TXT_DISPLAY' => $_ARRAYLANG['TXT_DISPLAY'], 'TXT_ADMIN' => $_ARRAYLANG['TXT_ADMINISTRATION_PAGES'], 'TXT_PUBLIC' => $_ARRAYLANG['TXT_WEB_PAGES']));
//End language variables
if (isset($_POST['Submit'])) {
if (empty($lang)) {
$objResult = $objDatabase->Execute("SELECT id FROM " . DBPREFIX . "languages WHERE is_default='true'");
if ($objResult !== false) {
while (!$objResult->EOF) {
$q_lang = "AND con.lang_id=" . intval($objResult->fields['id']) . " ";
$objResult->MoveNext();
}
}
} else {
$q_lang = "AND con.lang_id=" . intval($lang) . " ";
}
if ($zone != "both") {
$q_zone = "AND nam.{$zone}=1 ";
}
if ($module != 0) {
$q_module = "AND nam.module_id = " . $module . " ";
}
if ($status == "0" || $status == "1") {
$q_status = "AND con.status=" . intval($status) . " ";
}
$q = "SELECT con.content AS content,\n con.status AS status,\n con.lang_id AS lang,\n nam.name AS name,\n nam.id AS varid,\n modu.name AS module,\n nam.backend AS backend,\n nam.frontend AS frontend\n FROM " . DBPREFIX . "language_variable_content AS con,\n " . DBPREFIX . "language_variable_names AS nam,\n " . DBPREFIX . "modules AS modu\n WHERE modu.id=nam.module_id\n AND con.varid=nam.id\n AND (nam.name LIKE '%" . $term . "%' OR con.content LIKE '%" . $term . "%') " . $q_zone . $q_lang . $q_module . $q_status . "\n ORDER BY nam.id";
$objResult = $objDatabase->Execute($q);
if ($objResult !== false && $objResult->RecordCount() > 0) {
$numRows = $objResult->RecordCount();
while (!$objResult->EOF) {
if ($i % 2 == 0) {
$class = "row1";
} else {
$class = "row2";
}
if (intval($objResult->fields['backend']) == 1) {
$this->template->setVariable("LANGUAGE_ADMIN", "<img alt='' src='../core/Core/View/Media/icons/check.gif' />");
}
if (intval($objResult->fields['frontend']) == 1) {
$this->template->setVariable("LANGUAGE_WEBSITE", "<img alt='' src='../core/Core/View/Media/icons/check.gif' />");
}
$this->template->setVariable(array('LANGUAGE_ROWCLASS' => $class, 'LANGUAGE_ID' => $objResult->fields['varid'], 'LANGUAGE_VARIABLENAME' => $objResult->fields['name'], 'LANGUAGE_CONTENT' => htmlspecialchars($objResult->fields['content'], ENT_QUOTES, CONTREXX_CHARSET), 'LANGUAGE_MODULE' => $objResult->fields['module'], 'LANGUAGE_LANG' => $this->arrLang[$objResult->fields['lang']]));
// not carefully checked variable
if (intval($objResult->fields['status'] == 1)) {
$langStatus = "<img alt='' src=\"../core/Core/View/Media/icons/led_green.gif\" />";
} else {
$langStatus = "<img alt='' src=\"../core/Core/View/Media/icons/led_red.gif\" />";
}
$this->template->setVariable("LANGUAGE_STATUS", $langStatus);
$this->template->parse('languageRow');
$i++;
$objResult->MoveNext();
}
} else {
$this->template->hideBlock('languageSearchTable');
}
} else {
$this->template->hideBlock('languageSearchTable');
}
$this->template->setVariable(array('LANGUAGE_STATS' => $numRows, 'LANGUAGE_MODULES_MENU' => $this->getSearchOptionMenu("modules", $module), 'LANGUAGE_LANG_MENU' => $this->getSearchOptionMenu("languages", $lang), 'LANGUAGE_SEARCHTERM' => $term));
}
/**
* Global save function for saving the settings into database
*
* @return null
*/
function _saveSettings()
{
global $_ARRAYLANG, $objDatabase;
foreach ($_POST['settings'] as $name => $value) {
if (is_array($value)) {
$value = implode(',', $value);
}
$query = "UPDATE " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_settings\n SET value = '" . contrexx_addslashes($value) . "'\n WHERE name = '" . contrexx_addslashes($name) . "'";
$objResult = $objDatabase->Execute($query);
}
if (isset($_POST['settings']['headlinesStatus'])) {
\Cx\Core\Setting\Controller\Setting::init('Config', 'component', 'Yaml');
$headLinesStatusIntval = intval($_POST['settings']['headlinesStatus']);
if (!\Cx\Core\Setting\Controller\Setting::isDefined('calendarheadlines')) {
\Cx\Core\Setting\Controller\Setting::add('calendarheadlines', $headLinesStatusIntval, 1, \Cx\Core\Setting\Controller\Setting::TYPE_RADIO, '1:TXT_ACTIVATED,0:TXT_DEACTIVATED', 'component');
} else {
\Cx\Core\Setting\Controller\Setting::set('calendarheadlines', $headLinesStatusIntval);
\Cx\Core\Setting\Controller\Setting::update('calendarheadlines');
}
}
if ($objResult !== false) {
$this->okMessage = $_ARRAYLANG['TXT_CALENDAR_SETTINGS_SUCCESSFULLY_EDITED'];
} else {
$this->errMessage = $_ARRAYLANG['TXT_CALENDAR_SETTINGS_CORRUPT_EDITED'];
}
}
/**
* Update guestbook
*
* @global ADONewConnection
* @global array
*/
function _update()
{
global $objDatabase, $_ARRAYLANG;
$guestbookId = intval($_GET['id']);
$error = "";
if (!empty($guestbookId)) {
$forename = contrexx_addslashes(strip_tags($_POST['forename']));
$name = contrexx_addslashes(strip_tags($_POST['name']));
$gender = contrexx_addslashes(strip_tags($_POST['malefemale']));
$mail = isset($_POST['email']) ? contrexx_addslashes(strip_tags($_POST['email'])) : '';
$url = isset($_POST['url']) && strlen($_POST['url']) > 7 ? contrexx_addslashes(strip_tags($_POST['url'])) : "";
$comment = contrexx_addslashes(strip_tags($_POST['comment']));
$location = contrexx_addslashes(strip_tags($_POST['location']));
$ip = contrexx_addslashes(strip_tags($_POST['ip']));
$date = contrexx_addslashes(strip_tags($_POST['datetime']));
$objValidator = new \FWValidator();
if (!empty($url)) {
if (!$this->isUrl($url)) {
$error .= $_ARRAYLANG['TXT_INVALID_INTERNET_ADDRESS'] . "<br />";
}
}
if (!$objValidator->isEmail($mail)) {
$error .= $_ARRAYLANG['TXT_INVALID_EMAIL_ADDRESS'] . "<br />";
}
if (!empty($forename) && !empty($name)) {
$query = "UPDATE " . DBPREFIX . "module_guestbook\n SET forename='{$forename}',\n name='{$name}',\n gender='{$gender}',\n email='{$mail}',\n url='{$url}',\n comment='{$comment}',\n location='{$location}',\n ip='{$ip}',\n datetime='{$date}',\n lang_id='{$this->langId}'\n WHERE id={$guestbookId}";
$objDatabase->Execute($query);
}
}
if (empty($error)) {
$this->strOkMessage = $_ARRAYLANG['TXT_DATA_RECORD_UPDATED_SUCCESSFUL'];
} else {
$this->strErrMessage = $error;
}
}
function updateHits($intEntryId)
{
global $_ARRAYLANG, $_CORELANG, $objDatabase;
$intHits = intval($this->arrEntries[intval($intEntryId)]['entryHits']);
$intPopularHits = intval($this->arrEntries[intval($intEntryId)]['entryPopularHits']);
$strPopularDate = $this->arrEntries[intval($intEntryId)]['entryPopularDate'];
$intPopularDays = intval($this->arrSettings['settingsPopularNumRestore']);
$strLastIp = $this->arrEntries[intval($intEntryId)]['entryLastIp'];
$strNewIp = contrexx_addslashes($_SERVER['REMOTE_ADDR']);
$strToday = mktime(0, 0, 0, date("m"), date("d"), date("Y"));
$tempDays = date("d", $strPopularDate);
$tempMonth = date("m", $strPopularDate);
$tempYear = date("Y", $strPopularDate);
$strPopularEndDate = mktime(0, 0, 0, $tempMonth, $tempDays + $intPopularDays, $tempYear);
if ($strLastIp != $strNewIp) {
if ($strToday >= $strPopularEndDate) {
$strNewPopularDate = $strToday;
$intPopularHits = 1;
} else {
$strNewPopularDate = $strPopularDate;
$intPopularHits++;
}
$intHits++;
$objResult = $objDatabase->Execute("UPDATE\n " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_entries\n SET\n hits='" . $intHits . "',\n popular_hits='" . $intPopularHits . "',\n popular_date='" . $strNewPopularDate . "',\n last_ip='" . $strNewIp . "'\n WHERE\n id='" . intval($intEntryId) . "'\n ");
}
}
function checkPageCmd($strPageCmd)
{
global $_LANGID;
$pageRepo = \Env::get('em')->getRepository('Cx\\Core\\ContentManager\\Model\\Entity\\Page');
$pages = $pageRepo->findBy(array('cmd' => contrexx_addslashes($strPageCmd), 'lang' => $_LANGID, 'type' => \Cx\Core\ContentManager\Model\Entity\Page::TYPE_APPLICATION, 'module' => $this->moduleName));
return count($pages) > 0;
}