$smarty = new vtigerCRM_Smarty();
$subMode = vtlib_purify($_REQUEST['sub_mode']);
$smarty->assign("MOD", $mod_strings);
$smarty->assign("APP", $app_strings);
$smarty->assign("THEME", $theme);
$smarty->assign("JS_DATEFORMAT", parse_calendardate($app_strings['NTC_DATE_FORMAT']));
if ($subMode == 'updateFieldProperties') {
updateFieldProperties();
} elseif ($subMode == 'deleteCustomField') {
deleteCustomField();
} elseif ($subMode == 'changeOrder') {
changeFieldOrder();
} elseif ($subMode == 'addBlock') {
$duplicate = addblock();
} elseif ($subMode == 'deleteCustomBlock') {
deleteBlock();
} elseif ($subMode == 'addCustomField') {
$duplicate = addCustomField();
} elseif ($subMode == 'movehiddenfields' || $subMode == 'showhiddenfields') {
show_move_hiddenfields($subMode);
} elseif ($subMode == 'changeRelatedInfoOrder') {
changeRelatedListOrder();
}
$module_array = getCustomFieldSupportedModules();
$cfimagecombo = array($image_path . "text.gif", $image_path . "number.gif", $image_path . "percent.gif", $image_path . "currency.gif", $image_path . "date.gif", $image_path . "email.gif", $image_path . "phone.gif", $image_path . "picklist.gif", $image_path . "url.gif", $image_path . "checkbox.gif", $image_path . "text.gif", $image_path . "picklist.gif", $image_path . "time.PNG");
$cftextcombo = array($mod_strings['Text'], $mod_strings['Number'], $mod_strings['Percent'], $mod_strings['Currency'], $mod_strings['Date'], $mod_strings['Email'], $mod_strings['Phone'], $mod_strings['PickList'], $mod_strings['LBL_URL'], $mod_strings['LBL_CHECK_BOX'], $mod_strings['LBL_TEXT_AREA'], $mod_strings['LBL_MULTISELECT_COMBO'], $mod_strings['Time']);
$smarty->assign("MODULES", $module_array);
$smarty->assign("CFTEXTCOMBO", $cftextcombo);
$smarty->assign("CFIMAGECOMBO", $cfimagecombo);
if ($_REQUEST['formodule'] != '') {
$fld_module = vtlib_purify($_REQUEST['formodule']);
$enabledblocks = array();
if (isset($_POST['enabledblocks'])) {
$enabledblocks = $_POST['enabledblocks'];
}
$visibleblocks = array();
if (isset($_POST['visibleblocks'])) {
$visibleblocks = $_POST['visibleblocks'];
}
changeBlockStatus($enabledblocks, $visibleblocks);
}
if ($mode == $LANG_ADMIN['delete'] && !empty($LANG_ADMIN['delete'])) {
if (!isset($bid) || empty($bid) || $bid == 0) {
COM_errorLog('Attempted to delete block, bid empty or null, value =' . $bid);
$display .= COM_refresh($_CONF['site_admin_url'] . '/block.php');
} elseif (SEC_checkToken()) {
$display .= deleteBlock($bid);
} else {
COM_accessLog("User {$_USER['username']} tried to illegally delete block {$bid} and failed CSRF checks.");
echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
}
} elseif ($mode == $LANG_ADMIN['save'] && !empty($LANG_ADMIN['save']) && SEC_checkToken()) {
$name = '';
if (isset($_POST['name'])) {
$name = COM_sanitizeID($_POST['name']);
}
$help = '';
if (isset($_POST['help'])) {
$help = COM_sanitizeUrl($_POST['help'], array('http', 'https'));
}
$blockorder = 0;
if (isset($_POST['blockorder'])) {
