function build_cat_tree() { $tree = array(); $tree['flat'] = array(); $tree['ids'] = array(); $ids = mysql_do_query("SELECT * FROM `cms_categories`"); while ($cat = mysql_fetch_assoc($ids)) { $cat['children'] = array(); $tree['ids'][$cat['cat_id']] = $cat; } foreach ($tree['ids'] as $catid => $cat) { if ($cat['cat_parent'] == 0) { $tree['tree'] =& $tree['ids'][$catid]; } else { $tree['ids'][$cat['cat_parent']]['children'][] =& $tree['ids'][$catid]; } } recursive_tree_path($tree['flat'], $tree['tree'], "", "/"); return $tree; }
function makePagesDiv($cat) { global $tree; $cts = ""; $scts = ""; foreach ($tree['flat'] as $tcat) { $cts .= "<option value=\"{$tcat['cat_id']}\"" . ($tcat['cat_id'] == $cat['cat_id'] ? " selected=\"selected\"" : "") . ">"; $cts .= $tcat['path'] . "</option>"; $foo = strpos($tcat['path'], $cat['path']); if ($foo === FALSE || $foo > 1) { $scts .= "<option value=\"{$tcat['cat_id']}\"" . ($tcat['cat_id'] == $cat['cat_parent'] ? " selected=\"selected\"" : "") . ">"; $scts .= $tcat['path'] . "</option>"; } } $result = mysql_do_query("SELECT *\r\n\t\t FROM `cms_pages` \r\n\t\t\t\t WHERE `page_category` = '" . mysql_real_escape_string($cat['cat_id']) . "'"); $c = "<div>[<a href=\"javascript:showAllDetails()\">Expand all</a>] " . "[<a href=\"javascript:hideAllDetails()\">Collapse all</a>] " . "[<a href=\"javascript:showNewFolder()\">New Subfolder</a>] " . "[<a href=\"javascript:showNewPage()\">New Page</a>]<br/>" . "[<a href=\"javascript:showTitleCat()\">Change title</a>] " . ($cat['cat_id'] == 1 ? '' : "[<a href=\"javascript:showMoveCat()\">Move folder</a>] " . "[<a href=\"javascript:showNukeCat()\">Delete folder</a>] ") . "<br/>" . '<div id="newFolder" style="display: none; padding: 10px;">' . '<form action="/lp-admin.structure.newFolder.' . $cat['cat_id'] . '" method="POST" id="newFolderForm">' . "Create folder " . $cat['path'] . " <input type=\"text\" name=\"folder_name\" size=\"35\" value=\"\"/> " . "<input type=\"button\" name=\"submit\" value=\"Submit\" onClick=\"postForm('newFolderForm')\"/></form>" . '</div>' . '<div id="newPage" style="display: none; padding: 10px;">' . '<form action="/lp-admin.structure.newPage.' . $cat['cat_id'] . '" method="POST" id="newPageForm">' . "Create page " . $cat['path'] . " <input type=\"text\" name=\"page_name\" size=\"35\" value=\"\"/> " . "<input type=\"button\" name=\"submit\" value=\"Submit\" onClick=\"postForm('newPageForm')\"/></form>" . '</div>' . '<div id="titleCat" style="display: none; padding: 10px;">' . '<form action="/lp-admin.structure.titleCat.' . $cat['cat_id'] . '" method="POST" id="titleCatForm">' . "Title: <input type=\"text\" name=\"title\" size=\"35\" value=\"" . $cat['cat_title'] . "\"/> " . "<input type=\"button\" name=\"submit\" value=\"Submit\" onClick=\"postForm('titleCatForm')\"/></form>" . '</div>' . '<div id="moveCat" style="display: none; padding: 0px 0px 0px 50px;">' . '<form action="/lp-admin.structure.moveCat.' . $cat['cat_id'] . '" method="POST" id="mvCatfrm">' . 'Move to: <select name="category">' . $scts . '</select> ' . '<input type="text" name="location" size="35" value="' . $cat['cat_key'] . '"> ' . '<input type="button" name="submit" value="Submit" onClick="postForm(\'mvCatfrm\')"/></form>' . '</div>' . '<div id="nukeCat" style="display: none; padding: 0px 0px 0px 50px;">' . '<form action="/lp-admin.structure.nukeCat.' . $cat['cat_id'] . '" method="POST" id="nukeCatFrm">' . 'Are you sure you want to <b>DELETE</b> this folder? Yes: <input name="sure" type="checkbox" value="1"/> ' . '<input type="button" name="submit" value="Submit" onClick="postForm(\'nukeCatFrm\')"/></form>' . '</div>' . "<br/>" . "Trail: " . $cat['flat_path'] . "<br/>" . "Path: " . $cat['path'] . "<br/><ul>"; while ($row = mysql_fetch_assoc($result)) { $c .= '<li id="pageli' . $row['page_id'] . '"><a class="pagekey" href="javascript:toggleDetails(\'pageli' . $row['page_id'] . '\')">' . $row['page_key'] . '</a>' . '<div class="controls" style="display: none; padding: 0px 0px 0px 50px;">' . 'Title: ' . $row['page_title'] . '<br/>' . '[<a href="' . $cat['path'] . $row['page_key'] . '">Goto</a>] ' . '[<a href="javascript:toggleMove(\'pageli' . $row['page_id'] . '\')">Move</a>] ' . '[<a href="javascript:toggleNuke(\'pageli' . $row['page_id'] . '\')">Delete</a>] ' . '[<a href="' . $cat['path'] . $row['page_key'] . '.pageconfig">Settings</a>]</div>' . '<div class="move" style="display: none; padding: 0px 0px 0px 50px;">' . '<form action="/lp-admin.structure.move.' . $row['page_id'] . '" method="POST" id="mvfrm' . $row['page_id'] . '">' . 'Move to: <select name="category">' . $cts . '</select> ' . '<input type="text" name="location" size="35" value="' . $row['page_key'] . '"> ' . '<input type="button" name="submit" value="Submit" onClick="postForm(\'mvfrm' . $row['page_id'] . '\')"/></form>' . '</div>' . '<div class="nuke" style="display: none; padding: 0px 0px 0px 50px;">' . '<form action="/lp-admin.structure.nuke.' . $row['page_id'] . '" method="POST" id="nkfrm' . $row['page_id'] . '">' . 'Are you sure you want to <b>DELETE</b> this page? Yes: <input name="sure" type="checkbox" value="1"/> ' . '<input type="button" name="submit" value="Submit" onClick="postForm(\'nkfrm' . $row['page_id'] . '\')"/></form>' . '</div>' . '</li>'; } $c .= "</ul></div>"; return $c; }
<?php require_once "templates/" . $site_config['template'] . "/template_config.php"; if (isset($_POST['submit']) && $_POST['submit'] == "Submit") { $template_data = template_global_config_post($_POST); if (is_array($template_data)) { $content .= $template_data['error']; } else { if ($template_data != $site_config['template_data']) { if ($template_data == "") { mysql_do_query("DELETE FROM `cms_template_config` \r\n WHERE `template_name` = '" . mysql_real_escape_string($site_config['template']) . "'"); } else { mysql_do_query("UPDATE `cms_template_config` \r\n SET `template_data`='" . mysql_real_escape_string($template_data) . "'\r\n WHERE `template_name` = '" . mysql_real_escape_string($site_config['template']) . "'"); if (mysql_affected_rows() == 0) { mysql_do_query("INSERT INTO `cms_template_config` \r\n SET `template_data`='" . mysql_real_escape_string($template_data) . "',\r\n `template_name` = '" . mysql_real_escape_string($site_config['template']) . "'"); } } } #<link rel="stylesheet" href="/style.css" type="text/css"/> die('$("link[rel*=\'style\'][href^=\'/style.css\']").replaceWith(\'<link rel="stylesheet" href="/style.css?fr=' . time() . '" type="text/css"/>\');'); } } $c = '<form action="/lp-admin.template" method="POST" id="config">'; $c .= template_global_config_form(); $c .= "<input type=\"button\" name=\"submit\" value=\"Submit\" onClick=\"postForm('config')\"></form>"; $content .= section("Global Template Config", $c);
<?php if ($page['found']) { if (isset($_POST['Submit'])) { $page_id = mysql_real_escape_string($page['page_id']); $title = mysql_real_escape_string($_POST['title']); $content = mysql_real_escape_string($_POST['content']); $order = mysql_do_query("SELECT count(*) as `c` FROM `cms_sections` WHERE `page_id` = '{$page_id}'"); $order = mysql_fetch_assoc($order); $order = mysql_real_escape_string($order['c']); mysql_do_query("INSERT INTO `cms_sections`\n SET `page_id`='{$page_id}', \n `order`='{$order}', \n `section_title`='{$title}',\n `section_text`='{$content}'"); header("location: " . $page['parent_path'] . $page['page_key']); die; } $c = "<form action=\"{$page['parent_path']}{$page['page_key']}.createsection\" method=\"POST\">"; $c .= "Section title:<br><input type=\"text\" name=\"title\" size=\"95\"><br><br>"; $c .= "Content:<br><textarea name=\"content\" cols=\"80\" rows=\"10\"></textarea><br>"; $c .= "<input type=\"Submit\" name=\"Submit\" value=\"Submit\"></form>"; $content .= section("Create section...", $c); }
<?php $showpage = 1; $page_id = mysql_real_escape_string($page['page_id']); $sections = mysql_do_query("SELECT * FROM `cms_sections` WHERE `page_id` = '{$page_id}'"); $last = mysql_num_rows($sections); $lower = min($vfile[2], $vfile[3]); $upper = max($vfile[2], $vfile[3]); if ($lower < 0 || $upper > $last || $lower + 1 != $upper) { $content .= "Sorry, that isn't valid. {$lower} {$upper} {$last}"; } else { mysql_do_query("UPDATE `cms_sections`\n SET `order`= -1 \n WHERE `page_id` = '{$page_id}'\n AND `order`='" . mysql_real_escape_string($lower) . "'"); mysql_do_query("UPDATE `cms_sections`\n SET `order`= '" . mysql_real_escape_string($lower) . "'\n WHERE `page_id` = '{$page_id}'\n AND `order`='" . mysql_real_escape_string($upper) . "'"); mysql_do_query("UPDATE `cms_sections`\n SET `order`= '" . mysql_real_escape_string($upper) . "'\n WHERE `page_id` = '{$page_id}'\n AND `order`='-1'"); } // End If ($lower & $upper == good) {} Else
mysql_select_db($config['db_name']) or die("Could not select database"); function mysql_do_query($sql, $comment = "") { $result = mysql_query($sql) or die("Sql Error!<br><br>{$sql}<br><br>" . mysql_error()); return $result; } function dbclose() { mysql_close(); } if (!defined("INSTALLER")) { $cuser = isset($_COOKIE["cuser"]) ? $_COOKIE["cuser"] : array("user_id" => 0, "sid" => ""); $sql = "SELECT *\n FROM cms_sessions\n WHERE user_id='" . mysql_real_escape_string($cuser['user_id']) . "'\n AND session_id='" . mysql_real_escape_string($cuser['sid']) . "'\n LIMIT 1"; $result = mysql_do_query($sql); if (mysql_num_rows($result) == 1) { $result = $session = mysql_fetch_assoc($result); $sql = "SELECT `user_id`,`uname`,`displayname`,`editcontent`\n FROM `cms_users` WHERE user_id='" . mysql_real_escape_string($result['user_id']) . "'"; $result = mysql_do_query($sql); $user = mysql_fetch_assoc($result); mysql_do_query("UPDATE cms_sessions\n SET lastview='" . time() . "'\n WHERE user_id='" . mysql_real_escape_string($cuser['user_id']) . "'\n AND session_id='" . mysql_real_escape_string($cuser['sid']) . "'"); } else { $user = array("editcontent" => 0); $session = array(); } $sql = mysql_do_query("SELECT * FROM `cms_config`"); $site_config = mysql_fetch_assoc($sql); if ($site_config['lock_message']) { die($site_config['lock_message']); } require_once "includes/db_revision_test.php"; }
} } } /***************************************************************************************************** * Call out for special includes * TODO: This represents a potential security hole and should be removed. */ if ($showpage && $page["page_include"]) { $showpage = 0; include $page["page_include"]; } /***************************************************************************************************** * Render the page if required. */ if ($showpage) { $mysections = mysql_do_query("SELECT *\n FROM `cms_sections`\n LEFT JOIN `cms_template_section_config` ON `template_section_id` = `section_id`\n WHERE `page_id`='" . mysql_real_escape_string($page['page_id']) . "'\n AND ( `template_name` IS NULL\n OR `template_name` = '" . mysql_real_escape_string($site_config['template']) . "'\n )\n ORDER BY `order` ASC"); if (mysql_num_rows($mysections) == 0) { $content .= "This page appears to be empty..."; } else { // $links = " Content list:<br><br>"; $links = ""; $body = ""; $last = mysql_num_rows($mysections) - 1; while ($section = mysql_fetch_assoc($mysections)) { // $links .= '<a class="contentmenuitem" href="#s'.$section['order'].'">'.($section['order']+1).'. '.$section['section_title'].'</a>'; $body .= section('<a name="s' . $section['order'] . '"/>' . $section['section_title'] . ($user['editcontent'] == 1 ? '<div style="float:right;position:relative;top:-' . ($section['section_title'] ? '1.2' : '0.5') . 'em;">(Move ' . ($section['order'] > 0 ? '<a href="' . $page['path'] . '.swap.' . ($section['order'] - 1) . '.' . $section['order'] . '">Up</a>' : 'Up') . ' or ' . ($section['order'] != $last ? '<a href="' . $page['path'] . '.swap.' . $section['order'] . '.' . ($section['order'] + 1) . '">Down</a>' : 'Down') . ', <a href="' . $page['path'] . '.edit.' . $section['section_id'] . '">Edit</a>' . ', <a href="' . $page['path'] . '.del.' . $section['section_id'] . '">Del</a>)</div>' : ''), nl2br($section['section_text']), $section['template_data']); } $content .= $links . $body; } } /*****************************************************************************************************
<?php die("Depreciated"); if (isset($page['params'][1]) && $page['params'][1] == "CONFIRM") { $page_id = mysql_real_escape_string($page['page_id']); mysql_do_query("DELETE FROM `cms_sections` WHERE `page_id`='{$page_id}'"); mysql_do_query("DELETE FROM `cms_pages` WHERE `page_id`='{$page_id}'"); header("location: {$page['parent_path']}"); die; } $content .= section("Delete PAGE...", "Are you sure you want to delete this PAGE? <a href=\"{$page['path']}.delpage.CONFIRM\">YES</a> / <a href=\"{$page['path']}\">NO</a>"); ?>
<?php if (isset($_POST['submit']) && $_POST['submit'] == "Submit") { $site_name = mysql_real_escape_string($_POST['site_name']); $footer = mysql_real_escape_string($_POST['footer']); mysql_do_query("UPDATE `cms_config` \n SET `site_name`='{$site_name}',\n `footer` = '{$footer}'"); die('setHTML("footerDiv","' . $footer . '");window.top.document.title = "' . $site_name . ' - Admin Interface";'); } $c = '<form action="/lp-admin.config" method="POST" id="config">'; $c .= "Site name: <input type=\"text\" name=\"site_name\" size=\"95\" value=\"{$site_config['site_name']}\"><br/><br/>"; $c .= "Site footer: <input type=\"text\" name=\"footer\" size=\"95\" value=\"{$site_config['footer']}\"><br/><br/>"; $c .= "<input type=\"button\" name=\"submit\" value=\"Submit\" onClick=\"postForm('config')\"></form>"; $content .= section("General Config", $c);
<?php if (isset($page['params'][1]) && isset($page['params'][2]) && $page['params'][2] == "CONFIRM") { $page_id = mysql_real_escape_string($page['page_id']); $section = mysql_do_query("SELECT * FROM `cms_sections`\n WHERE `page_id` = '{$page_id}'\n AND `section_id` = '" . mysql_real_escape_string($page['params'][1]) . "'"); if (mysql_num_rows($section) == 0) { header("location: " . $page['path']); die; } $section = mysql_fetch_assoc($section); mysql_do_query("DELETE FROM `cms_sections` \n WHERE `section_id`='" . mysql_real_escape_string($page['params'][1]) . "'\n LIMIT 1"); mysql_do_query("UPDATE `cms_sections`\n SET `order` = `order` - 1\n WHERE `page_id`='{$page_id}'\n AND `order`>='" . mysql_real_escape_string($section['order']) . "'"); header("location: " . $page['path']); die; } $content .= section("Delete section...", "Are you sure you want to delete this section? <a href=\"{$page['path']}.del.{$page['params'][1]}.CONFIRM\">YES</a> / <a href=\"{$page['path']}\">NO</a>"); ?>
die('<script type="text/javascript">alert("Image too big");</script>'); } $newFile = "files/" . $config['domain'] . "/images/"; if (!file_exists($newFile)) { if (mkdir($newFile, 0755, true)) { die('<script type="text/javascript">alert("Not permissive enough");</script>'); } } $newFile .= urlencode($_FILES['userfile']['name']); move_uploaded_file($_FILES['userfile']['tmp_name'], $newFile); $newLogo = "/files/images/" . urlencode($_FILES['userfile']['name']); if ($site_config['logo'] != "/images/logo.png" && $site_config['logo'] != $newLogo) { $tempLogo = str_replace("/files", "files/" . $config['domain'], $site_config['logo']); $type = @exif_imagetype($tempLogo); if ($type == IMAGETYPE_GIF || $type == IMAGETYPE_JPEG || $type == IMAGETYPE_PNG) { unlink($tempLogo); } } $newLogo = mysql_real_escape_string($newLogo); mysql_do_query("UPDATE `cms_config` \r\n SET `logo`='" . $newLogo . "'"); die('<script type="text/javascript">var i = window.top.document.getElementById("logo"); i.src = "' . $newLogo . '";</script>'); } $c = '<form enctype="multipart/form-data" action="/lp-admin.logo" method="POST" target="upload_frame">'; $c .= "<!-- MAX_FILE_SIZE must precede the file input field -->"; $c .= "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"102400\">"; $c .= "<!-- Name of input element determines name in {$_FILES} array -->"; $c .= "Upload logo: <input name=\"userfile\" type=\"file\" size=50/><br/><br/>"; $c .= "<input type=\"submit\" name=\"logo\" value=\"Upload\"/>"; $c .= "</form><br/>"; $c .= '<iframe id="upload_frame" name="upload_frame" src="about:blank" style="width:0px; height:0px; border: 0px;"/>'; $content .= section("Upload Logo", $c);
$errors[] = "Missing username"; } if (!$pass) { $errors[] = "Missing password"; } if (count($errors) == 0) { $sql = "SELECT *\n FROM cms_users\n WHERE `uname` = '" . mysql_real_escape_string($username) . "'\n AND `password` = '" . mysql_real_escape_string(md5($pass)) . "'\n AND `fails` <=3\n AND `lastfail` <= " . (time() + 15 * 60) . "\n LIMIT 1"; $result = mysql_do_query($sql); if (mysql_num_rows($result) != 1) { $errors[] = "Sorry, bad username/password"; mysql_do_query("UPDATE cms_users\n SET `lastfail`='" . mysql_real_escape_string(time()) . "',\n `fails`=fails+1\n WHERE\n `uname`='" . mysql_real_escape_string($username) . "'"); } else { $user = mysql_fetch_assoc($result); mysql_do_query("UPDATE cms_users\n SET `lastfail`='0', `fails`='0' \n WHERE `user_id`= '" . mysql_real_escape_string($user['user_id']) . "'"); $sid = md5(uniqid(rand(), true)); $sql = "INSERT INTO cms_sessions (`user_id`,`session_id`,`lastview`)\n VALUES ('" . mysql_real_escape_string($user['user_id']) . "',\n '" . mysql_real_escape_string($sid) . "',\n UNIX_TIMESTAMP())"; mysql_do_query($sql); setcookie("cuser[sid]", $sid, time() + 60 * 60 * 24 * 365 * 10, "/", $_SERVER["HTTP_HOST"], 0); setcookie("cuser[user_id]", $user['user_id'], time() + 60 * 60 * 24 * 365 * 10, "/", $_SERVER["HTTP_HOST"], 0); dbclose(); header("location: /"); die; } } } $content .= section("Login...", '<form method="POST" action="/login"> <table border="0" cellpadding="3"> <tr><td>Username:</td><td><input type="text" name="uname"/></td></tr> <tr><td>Password:</td><td><input type="password" name="pass"/></td></tr> <tr><td colspan=2><input type="submit" name="Login" value="Login"/></td></tr> </table></form>');
<?php die("Depreciated page!"); if ($page['found'] == false) { $parent_id = 0; foreach ($path as $cat) { if ($cat['found'] == false) { $key = mysql_real_escape_string($cat['cat_key']); mysql_do_query("INSERT INTO `cms_categories`\n SET `cat_parent` = '" . mysql_real_escape_string($parent_id) . "',\n `cat_key` = '{$key}',\n `cat_title` = '{$key}'"); // Note: this relies on there being no other queries after the insert. // It'll probably break if there is. $parent_id = mysql_insert_id(); } else { $parent_id = $cat['cat_id']; } } mysql_do_query("INSERT INTO `cms_pages`\n SET `page_key` = '" . mysql_real_escape_string($page['page_key']) . "',\n `page_category` = '" . mysql_real_escape_string($parent_id) . "',\n `page_title` = 'Under Construction'"); header("location: " . $page['parent_path'] . $page['page_key']); die; } $showpage = 1;
$page_id = mysql_real_escape_string($page['page_id']); $key = mysql_real_escape_string(preg_replace("/\\s+/", "_", $_POST['location'])); $cat = mysql_real_escape_string($_POST['category']); if (!preg_match("/^[a-zA-Z0-9_\\!()\\^]+\$/", $key)) { $content .= "Please use only letters (a to z), numbers (0-9), '_', '!', '(', ')' and '^' in key names.<br/>"; $content .= "If you feel that this range is insufficent, please file a bug.<br/><br/>"; } else { $keytest = mysql_do_query("SELECT * FROM `cms_pages` WHERE `page_key`='{$key}' AND `page_category`='{$cat}'"); if (mysql_num_rows($keytest) > 0) { $content .= "Sorry, that page is in use</br></br>"; } else { $results = mysql_do_query("SELECT * FROM `cms_categories`\n\t\t\tWHERE `cat_key` = '" . $key . "'\n\t\t\t AND `cat_parent` = '" . $cat . "'"); if (mysql_num_rows($results) != 0) { die("alert('Sub Folder exists');"); } mysql_do_query("UPDATE `cms_pages` SET `page_key`='{$key}', `page_category`='{$cat}'\n WHERE `page_id`='" . mysql_real_escape_string($page_id) . "'"); header("location: " . $tree['ids'][$cat]['path'] . "/" . $key); die; } } } $c = "<form action=\"{$page['path']}.move\" method=\"POST\">"; $c .= "Move to:<br/><select name=\"category\">"; foreach ($tree['flat'] as $tcat) { $c .= "<option value=\"{$tcat['cat_id']}\"" . ($tcat['cat_id'] == $page['page_category'] ? " selected=\"selected\"" : "") . ">"; $c .= $tcat['flat_path'] . "</option>"; } $c .= "</select> "; $c .= "<input type=\"text\" name=\"location\" size=\"95\" value=\"{$page['page_key']}\"><br>"; $c .= "<input type=\"Submit\" name=\"Submit\" value=\"Submit\"></form>"; $content .= section("Move page...", $c);
$title = "Separator"; } $content .= section("Edit menu item: " . $title, $c); } else { if ($page['params'][1] == "delete" && isset($page['params'][2])) { /* * Remove an item from the menu. */ $menuitem = mysql_do_query("SELECT * FROM `cms_menu`\n WHERE `item_id` = '" . mysql_real_escape_string($page['params'][2]) . "'"); if (mysql_num_rows($menuitem) == 0) { header("location: " . $page['path'] . ".sidebar"); die; } $menuitem = mysql_fetch_assoc($menuitem); mysql_do_query("DELETE FROM `cms_menu` \n WHERE `item_id`='" . mysql_real_escape_string($page['params'][2]) . "'\n LIMIT 1"); mysql_do_query("UPDATE `cms_menu`\n SET `item_order` = `item_order` - 1\n WHERE `item_order`>='" . mysql_real_escape_string($menuitem['item_order']) . "'"); header("location: " . $page['path'] . ".sidebar"); die; } } } } } else { /* * Render the sidebar overview page. */ $c = "<table border=\"1\" cellpadding=\"5\">"; $c .= "<tr><th>Category</th><th>Menu Text</th><th>Target url</th><th>Actions</th></tr>"; while ($item = mysql_fetch_assoc($menu)) { $c .= "<tr><td>{$tree['ids'][$item['item_category']]['flat_path']}</td>"; if ($item['item_separator'] == 1) {
<?php define("INSTALLER", true); /* This could be interesting... * First thing we need to do is see if we can actually find a database config... */ print "<b>Attempting to load config data...</b><br/>"; require_once "includes/env_init.php"; /* Is it empty? */ print "<b>Looking for existing tables...</b><br/>"; $extables = array("cms_categories", "cms_config", "cms_menu", "cms_pages", "cms_sections", "cms_sessions", "cms_users"); $tablesql = mysql_do_query("SHOW TABLES"); $tables = array(); while ($table = mysql_fetch_array($tablesql)) { $tables[$table[0]] = true; } foreach ($extables as $v) { if (isset($tables[$v])) { die("Existing tables found!"); } } /* Appropriate file storage? */ print "<b>Checking file stores...</b><br/>"; if (!file_exists("files/")) { die("files/ doesn't exist."); } if (!file_exists("files/" . $config['domain'] . "/")) { if (!is_writable("files/")) { die("files/ isn't writable and the file store for this domain doesn't exist."); } mkdir("files/" . $config['domain']);
<?php $settings = array("title_bg" => "", "menu_bg" => ""); if ($page['template_data'] != "") { $s = explode(";", $page['template_data']); foreach ($s as $ss) { $ss = explode(":", $ss); $settings[$ss[0]] = $ss[1]; } } $menu_links = array(); $menu_css = ""; $mylinks = mysql_do_query("SELECT * \n FROM `cms_menu`\n LEFT JOIN `cms_template_menu_config` ON `template_menu_id` = `item_id`\n WHERE `template_name` IS NULL\n OR `template_name` = '" . mysql_real_escape_string($site_config['template']) . "'\n ORDER BY `item_order` ASC"); while ($item = mysql_fetch_assoc($mylinks)) { if (isset($visible_categories[$item['item_category']])) { /* * Per menu item css */ $menu_item_css = ""; if ($item['template_data'] != "") { $s = explode(";", $item['template_data']); foreach ($s as $ss) { $ss = explode(":", $ss); switch ($ss[0]) { case "bg": $menu_item_css .= "background: " . $ss[1] . ";"; break; } } } if ($menu_item_css != "") {