function find_by_criteria($id_in_module = null, $type = null, $identifier = null)
{
global $Sql;
$criterias = array();
if ($id_in_module != null) {
$criterias[] = "id_in_module = '" . intval($id_in_module) . "'";
}
if ($type != null) {
$criterias[] = "type = '" . strprotect($type) . "'";
}
if ($identifier != null) {
$criterias[] = "identifier = '" . strprotect($identifier) . "'";
}
if (!empty($criterias)) {
$array_result = array();
$where_clause = "contribution_type = '" . ADMINISTRATOR_ALERT_TYPE . "' AND " . implode($criterias, " AND ");
$result = $Sql->query_while("SELECT id, entitled, fixing_url, current_status, creation_date, identifier, id_in_module, type, priority, description\n\t\t\tFROM " . DB_TABLE_EVENTS . "\n\t\t\tWHERE " . $where_clause, __LINE__, __FILE__);
while ($row = $Sql->fetch_assoc($result)) {
$alert = new AdministratorAlert();
$alert->build($row['id'], $row['entitled'], $row['description'], $row['fixing_url'], $row['current_status'], new Date(DATE_TIMESTAMP, TIMEZONE_SYSTEM, $row['creation_date']), $row['id_in_module'], $row['identifier'], $row['type'], $row['priority']);
$array_result[] = $alert;
}
return $array_result;
} else {
return AdministratorAlertService::get_all_alerts();
}
}
function find_by_criteria($module, $id_in_module = null, $type = null, $identifier = null, $poster_id = null, $fixer_id = null)
{
global $Sql;
$criterias = array();
if (empty($module) || !is_string($module)) {
return array();
}
$criterias[] = "module = '" . strprotect($module) . "'";
if ($id_in_module != null) {
$criterias[] = "id_in_module = '" . intval($id_in_module) . "'";
}
if ($type != null) {
$criterias[] = "type = '" . strprotect($type) . "'";
}
if ($identifier != null) {
$criterias[] = "identifier = '" . strprotect($identifier) . "'";
}
if ($poster_id != null) {
$criterias[] = "poster_id = '" . intval($poster_id) . "'";
}
if ($fixer_id != null) {
$criterias[] = "fixer_id = '" . intval($fixer_id) . "'";
}
$array_result = array();
$where_clause = "contribution_type = '" . CONTRIBUTION_TYPE . "' AND " . implode($criterias, " AND ");
$result = $Sql->query_while("SELECT id, entitled, fixing_url, auth, current_status, module, creation_date, fixing_date, poster_id, fixer_id, poster_member.login poster_login, fixer_member.login fixer_login, identifier, id_in_module, type, description\n\t\tFROM " . DB_TABLE_EVENTS . " c\n\t\tLEFT JOIN " . DB_TABLE_MEMBER . " poster_member ON poster_member.user_id = c.poster_id\n\t\tLEFT JOIN " . DB_TABLE_MEMBER . " fixer_member ON fixer_member.user_id = c.fixer_id\n\t\tWHERE " . $where_clause, __LINE__, __FILE__);
while ($row = $Sql->fetch_assoc($result)) {
$contri = new Contribution();
$contri->build($row['id'], $row['entitled'], $row['description'], $row['fixing_url'], $row['module'], $row['current_status'], new Date(DATE_TIMESTAMP, TIMEZONE_SYSTEM, $row['creation_date']), new Date(DATE_TIMESTAMP, TIMEZONE_SYSTEM, $row['fixing_date']), unserialize($row['auth']), $row['poster_id'], $row['fixer_id'], $row['id_in_module'], $row['identifier'], $row['type'], $row['poster_login'], $row['fixer_login']);
$array_result[] = $contri;
}
return $array_result;
}
function Note($script, $idprov, $script_path, $notation_scale, $module_folder = '', $options = 0)
{
$this->module_folder = !empty($module_folder) ? strprotect($module_folder) : strprotect($script);
$this->options = (int) $options;
list($this->script, $this->idprov, $this->script_path, $this->notation_scale, $this->path) = array(strprotect($script), numeric($idprov), $script_path, $notation_scale, PATH_TO_ROOT . '/' . $this->module_folder . '/');
$this->sql_table = $this->_get_table_module();
}
function parse_search_result(&$result_data)
{
global $Cache, $CONFIG, $LANG, $DOWNLOAD_LANG, $CONFIG_DOWNLOAD;
$Cache->load('download');
load_module_lang('download');
$tpl = new Template('download/download_generic_results.tpl');
import('util/date');
$date = new Date(DATE_TIMESTAMP, TIMEZONE_USER, $result_data['timestamp']);
import('content/note');
$tpl->assign_vars(array('L_ADDED_ON' => sprintf($DOWNLOAD_LANG['add_on_date'], $date->format(DATE_FORMAT_TINY, TIMEZONE_USER)), 'U_LINK' => url(PATH_TO_ROOT . '/download/download.php?id=' . $result_data['id']), 'U_IMG' => $result_data['image'], 'E_TITLE' => strprotect($result_data['title']), 'TITLE' => $result_data['title'], 'SHORT_DESCRIPTION' => second_parse($result_data['short_contents']), 'L_NB_DOWNLOADS' => $DOWNLOAD_LANG['downloaded'] . ' ' . sprintf($DOWNLOAD_LANG['n_times'], $result_data['count']), 'L_NB_COMMENTS' => $result_data['nbr_com'] > 1 ? sprintf($DOWNLOAD_LANG['num_com'], $result_data['nbr_com']) : sprintf($DOWNLOAD_LANG['num_coms'], $result_data['nbr_com']), 'L_MARK' => $result_data['note'] > 0 ? Note::display_img($result_data['note'], $CONFIG_DOWNLOAD['note_max'], 5) : '<em>' . $LANG['no_note'] . '</em>'));
return $tpl->parse(TEMPLATE_STRING_MODE);
}
$selected = $i == $CONFIG['timezone'] ? 'selected="selected"' : '';
$name = !empty($i) ? $i > 0 ? ' + ' . $i : ' - ' . -$i : '';
$select_timezone .= '<option value="' . $i . '" ' . $selected . '> [GMT' . $name . ']</option>';
}
$Template->assign_vars(array('SERVER_NAME' => !empty($CONFIG['server_name']) ? $CONFIG['server_name'] : $server_name, 'SERVER_PATH' => isset($CONFIG['server_path']) ? $CONFIG['server_path'] : $server_path, 'SELECT_TIMEZONE' => $select_timezone, 'CHECKED' => $CONFIG['rewrite'] == '1' ? 'checked="checked"' : '', 'UNCHECKED' => $CONFIG['rewrite'] == '0' ? 'checked="checked"' : '', 'CHECK_REWRITE' => $check_rewrite, 'HTACCESS_MANUAL_CONTENT' => !empty($CONFIG['htaccess_manual_content']) ? $CONFIG['htaccess_manual_content'] : '', 'GZ_DISABLED' => !function_exists('ob_gzhandler') || !@extension_loaded('zlib') ? 'disabled="disabled"' : '', 'GZHANDLER_ENABLED' => $CONFIG['ob_gzhandler'] == 1 && (function_exists('ob_gzhandler') && @extension_loaded('zlib')) ? 'checked="checked"' : '', 'GZHANDLER_DISABLED' => $CONFIG['ob_gzhandler'] == 0 ? 'checked="checked"' : '', 'SITE_COOKIE' => !empty($CONFIG['site_cookie']) ? $CONFIG['site_cookie'] : 'session', 'SITE_SESSION' => !empty($CONFIG['site_session']) ? $CONFIG['site_session'] : '3600', 'SITE_SESSION_VISIT' => !empty($CONFIG['site_session_invit']) ? $CONFIG['site_session_invit'] : '300', 'DEBUG_ENABLED' => DEBUG == 1 ? 'checked="checked"' : '', 'DEBUG_DISABLED' => DEBUG == 0 ? 'checked="checked"' : '', 'L_SECONDS' => $LANG['unit_seconds'], 'L_REQUIRE_SERV' => $LANG['require_serv'], 'L_REQUIRE_NAME' => $LANG['require_name'], 'L_REQUIRE_COOKIE_NAME' => $LANG['require_cookie_name'], 'L_REQUIRE_SESSION_TIME' => $LANG['require_session_time'], 'L_REQUIRE_SESSION_INVIT' => $LANG['require_session_invit'], 'L_REQUIRE' => $LANG['require'], 'L_SERV_NAME' => $LANG['serv_name'], 'L_SERV_NAME_EXPLAIN' => $LANG['serv_name_explain'], 'L_SERV_PATH' => $LANG['serv_path'], 'L_SERV_PATH_EXPLAIN' => $LANG['serv_path_explain'], 'L_CONFIG' => $LANG['configuration'], 'L_CONFIG_MAIN' => $LANG['config_main'], 'L_CONFIG_ADVANCED' => $LANG['config_advanced'], 'L_REWRITE' => $LANG['rewrite'], 'L_EXPLAIN_REWRITE' => $LANG['explain_rewrite'], 'L_REWRITE_SERVER' => $LANG['server_rewrite'], 'L_HTACCESS_MANUAL_CONTENT' => $LANG['htaccess_manual_content'], 'L_HTACCESS_MANUAL_CONTENT_EXPLAIN' => $LANG['htaccess_manual_content_explain'], 'L_TIMEZONE_CHOOSE' => $LANG['timezone_choose'], 'L_TIMEZONE_CHOOSE_EXPLAIN' => $LANG['timezone_choose_explain'], 'L_DEBUG' => $LANG['debug_mode'], 'L_DEBUG_EXPLAIN' => $LANG['debug_mode_explain'], 'L_ACTIV' => $LANG['activ'], 'L_UNACTIVE' => $LANG['unactiv'], 'L_USER_CONNEXION' => $LANG['user_connexion'], 'L_COOKIE_NAME' => $LANG['cookie_name'], 'L_SESSION_TIME' => $LANG['session_time'], 'L_SESSION_TIME_EXPLAIN' => $LANG['session_time_explain'], 'L_SESSION_INVIT' => $LANG['session invit'], 'L_SESSION_INVIT_EXPLAIN' => $LANG['session invit_explain'], 'L_MISC' => $LANG['miscellaneous'], 'L_ACTIV_GZHANDLER' => $LANG['activ_gzhandler'], 'L_ACTIV_GZHANDLER_EXPLAIN' => $LANG['activ_gzhandler_explain'], 'L_CONFIRM_UNLOCK_ADMIN' => $LANG['confirm_unlock_admin'], 'L_UNLOCK_ADMIN' => $LANG['unlock_admin'], 'L_UNLOCK_ADMIN_EXPLAIN' => $LANG['unlock_admin_explain'], 'L_UNLOCK_LINK' => $LANG['send_unlock_admin'], 'L_UPDATE' => $LANG['update'], 'L_RESET' => $LANG['reset']));
$Template->pparse('admin_config2');
} elseif (!empty($_POST['advanced'])) {
$CONFIG['rewrite'] = 1;
$CONFIG['server_name'] = trim(strprotect(retrieve(POST, 'server_name', $server_name, TSTRING_AS_RECEIVED), HTML_PROTECT, ADDSLASHES_NONE), '/');
$CONFIG['server_path'] = trim(strprotect(retrieve(POST, 'server_path', $server_path, TSTRING_AS_RECEIVED), HTML_PROTECT, ADDSLASHES_NONE), '/');
if ($CONFIG['server_path'] != '') {
$CONFIG['server_path'] = '/' . $CONFIG['server_path'];
}
$CONFIG['timezone'] = retrieve(POST, 'timezone', 0);
$CONFIG['ob_gzhandler'] = !empty($_POST['ob_gzhandler']) && function_exists('ob_gzhandler') && @extension_loaded('zlib') ? 1 : 0;
$CONFIG['site_cookie'] = strprotect(retrieve(POST, 'site_cookie', 'session', TSTRING_UNCHANGE), HTML_PROTECT, ADDSLASHES_NONE);
$CONFIG['site_session'] = retrieve(POST, 'site_session', 3600);
$CONFIG['site_session_invit'] = retrieve(POST, 'site_session_invit', 300);
$CONFIG['htaccess_manual_content'] = retrieve(POST, 'htaccess_manual_content', '', TSTRING_UNCHANGE);
$CONFIG['debug_mode'] = retrieve(POST, 'debug', 0);
if (!empty($CONFIG['server_name']) && !empty($CONFIG['site_cookie']) && !empty($CONFIG['site_session']) && !empty($CONFIG['site_session_invit'])) {
list($host, $dir) = array($CONFIG['server_name'], $CONFIG['server_path']);
if (empty($_POST['rewrite_engine']) || strpos($_SERVER['SERVER_NAME'], 'free.fr')) {
$CONFIG['rewrite'] = 0;
}
$Sql->query_inject("UPDATE " . DB_TABLE_CONFIGS . " SET value = '" . addslashes(serialize($CONFIG)) . "' WHERE name = 'config'", __LINE__, __FILE__);
###### Régénération du cache $CONFIG #######
$Cache->generate_file('config');
$Cache->generate_file('debug');
$Cache->Generate_file('htaccess');
redirect($host . $dir . '/admin/admin_config.php?adv=1');
$Forumfct->Track_topic($track_mail, FORUM_EMAIL_TRACKING);
echo 1;
} elseif (!empty($untrack_mail) && $User->check_level(MEMBER_LEVEL)) {
include_once '../forum/forum.class.php';
$Forumfct = new Forum();
$Forumfct->Untrack_topic($untrack_mail, FORUM_EMAIL_TRACKING);
echo 2;
} elseif (!empty($msg_d)) {
$Session->csrf_get_protect();
$topic = $Sql->query_array(PREFIX . "forum_topics", "idcat", "user_id", "display_msg", "WHERE id = '" . $msg_d . "'", __LINE__, __FILE__);
if (!empty($topic['user_id']) && $User->get_attribute('user_id') == $topic['user_id'] || $User->check_auth($CAT_FORUM[$topic['idcat']]['auth'], EDIT_CAT_FORUM)) {
$Sql->query_inject("UPDATE " . PREFIX . "forum_topics SET display_msg = 1 - display_msg WHERE id = '" . $msg_d . "'", __LINE__, __FILE__);
echo $topic['display_msg'] ? 2 : 1;
}
} elseif (retrieve(GET, 'warning_moderation_panel', false) || retrieve(GET, 'punish_moderation_panel', false)) {
$login = !empty($_POST['login']) ? strprotect(utf8_decode($_POST['login'])) : '';
$login = str_replace('*', '%', $login);
if (!empty($login)) {
$i = 0;
$result = $Sql->query_while("SELECT user_id, login FROM " . DB_TABLE_MEMBER . " WHERE login LIKE '" . $login . "%'", __LINE__, __FILE__);
while ($row = $Sql->fetch_assoc($result)) {
if (retrieve(GET, 'warning_moderation_panel', false)) {
echo '<a href="moderation_forum.php?action=warning&id=' . $row['user_id'] . '">' . $row['login'] . '</a><br />';
} elseif (retrieve(GET, 'punish_moderation_panel', false)) {
echo '<a href="moderation_forum.php?action=punish&id=' . $row['user_id'] . '">' . $row['login'] . '</a><br />';
}
$i++;
}
if ($i == 0) {
echo $LANG['no_result'];
}
require_once '../admin/admin_begin.php';
load_module_lang('gallery');
define('TITLE', $LANG['administration']);
require_once '../admin/admin_header.php';
if (!empty($_POST['valid'])) {
$Cache->load('gallery');
$config_gallery = array();
$config_gallery['width'] = isset($_POST['width']) ? numeric($_POST['width']) : '150';
$config_gallery['height'] = isset($_POST['height']) ? numeric($_POST['height']) : '150';
$config_gallery['width_max'] = isset($_POST['width_max']) ? numeric($_POST['width_max']) : '640';
$config_gallery['height_max'] = isset($_POST['height_max']) ? numeric($_POST['height_max']) : '640';
$config_gallery['weight_max'] = isset($_POST['weight_max']) ? numeric($_POST['weight_max']) : '1024';
$config_gallery['quality'] = isset($_POST['quality']) ? numeric($_POST['quality']) : '80';
$config_gallery['trans'] = isset($_POST['trans']) ? numeric($_POST['trans']) : '40';
$config_gallery['logo'] = strprotect(retrieve(POST, 'logo', ''), HTML_PROTECT, ADDSLASHES_NONE);
$config_gallery['activ_logo'] = isset($_POST['activ_logo']) ? numeric($_POST['activ_logo']) : '0';
$config_gallery['d_width'] = isset($_POST['d_width']) ? numeric($_POST['d_width']) : '5';
$config_gallery['d_height'] = isset($_POST['d_height']) ? numeric($_POST['d_height']) : '5';
$config_gallery['nbr_column'] = isset($_POST['nbr_column']) ? numeric($_POST['nbr_column']) : '4';
$config_gallery['nbr_pics_max'] = isset($_POST['nbr_pics_max']) ? numeric($_POST['nbr_pics_max']) : '16';
$config_gallery['note_max'] = isset($_POST['note_max']) ? max(1, numeric($_POST['note_max'])) : '5';
$config_gallery['activ_title'] = isset($_POST['activ_title']) ? numeric($_POST['activ_title']) : '0';
$config_gallery['activ_com'] = isset($_POST['activ_com']) ? numeric($_POST['activ_com']) : '0';
$config_gallery['activ_note'] = isset($_POST['activ_note']) ? numeric($_POST['activ_note']) : '0';
$config_gallery['display_nbrnote'] = isset($_POST['display_nbrnote']) ? numeric($_POST['display_nbrnote']) : '0';
$config_gallery['activ_view'] = isset($_POST['activ_view']) ? numeric($_POST['activ_view']) : '0';
$config_gallery['activ_user'] = isset($_POST['activ_user']) ? numeric($_POST['activ_user']) : '0';
$config_gallery['limit_member'] = !empty($_POST['limit_member']) ? numeric($_POST['limit_member']) : '0';
$config_gallery['limit_modo'] = !empty($_POST['limit_modo']) ? numeric($_POST['limit_modo']) : '0';
$config_gallery['display_pics'] = !empty($_POST['display_pics']) ? numeric($_POST['display_pics']) : '0';
function get_search_request($args)
{
global $CONFIG, $CAT_FORUM, $User, $Cache, $Sql;
$weight = isset($args['weight']) && is_numeric($args['weight']) ? $args['weight'] : 1;
$Cache->load('forum');
$search = $args['search'];
$idcat = !empty($args['ForumIdcat']) ? numeric($args['ForumIdcat']) : -1;
$time = !empty($args['ForumTime']) ? numeric($args['ForumTime']) : 0;
$where = !empty($args['ForumWhere']) ? strprotect($args['ForumWhere']) : 'title';
$colorate_result = !empty($args['ForumColorate_result']) ? true : false;
require_once PATH_TO_ROOT . '/forum/forum_defines.php';
$auth_cats = '';
if (is_array($CAT_FORUM)) {
foreach ($CAT_FORUM as $id => $key) {
if (!$User->check_auth($CAT_FORUM[$id]['auth'], READ_CAT_FORUM)) {
$auth_cats .= $id . ',';
}
}
}
$auth_cats = !empty($auth_cats) ? " AND c.id NOT IN (" . trim($auth_cats, ',') . ")" : '';
if ($where == 'all') {
return "SELECT " . $args['id_search'] . " AS `id_search`,\n MIN(msg.id) AS `id_content`,\n t.title AS `title`,\n MAX(( 2 * MATCH(t.title) AGAINST('" . $search . "') + MATCH(msg.contents) AGAINST('" . $search . "') ) / 3) * " . $weight . " AS `relevance`,\n " . $Sql->concat("'" . PATH_TO_ROOT . "'", "'/forum/topic.php?id='", 't.id', "'#m'", 'msg.id') . " AS `link`\n FROM " . PREFIX . "forum_msg msg\n JOIN " . PREFIX . "forum_topics t ON t.id = msg.idtopic\n JOIN " . PREFIX . "forum_cats c ON c.level != 0 AND c.aprob = 1 AND c.id = t.idcat\n WHERE ( MATCH(t.title) AGAINST('" . $search . "') OR MATCH(msg.contents) AGAINST('" . $search . "') )\n " . ($idcat != -1 ? " AND c.id_left BETWEEN '" . $CAT_FORUM[$idcat]['id_left'] . "' AND '" . $CAT_FORUM[$idcat]['id_right'] . "'" : '') . " " . $auth_cats . "\n GROUP BY t.id\n ORDER BY relevance DESC" . $Sql->limit(0, FORUM_MAX_SEARCH_RESULTS);
}
if ($where == 'contents') {
return "SELECT " . $args['id_search'] . " AS `id_search`,\n MIN(msg.id) AS `id_content`,\n t.title AS `title`,\n MAX(MATCH(msg.contents) AGAINST('" . $search . "')) * " . $weight . " AS `relevance`,\n " . $Sql->concat("'" . PATH_TO_ROOT . "'", "'/forum/topic.php?id='", 't.id', "'#m'", 'msg.id') . " AS `link`\n FROM " . PREFIX . "forum_msg msg\n JOIN " . PREFIX . "forum_topics t ON t.id = msg.idtopic\n JOIN " . PREFIX . "forum_cats c ON c.level != 0 AND c.aprob = 1 AND c.id = t.idcat\n WHERE MATCH(msg.contents) AGAINST('" . $search . "')\n " . ($idcat != -1 ? " AND c.id_left BETWEEN '" . $CAT_FORUM[$idcat]['id_left'] . "' AND '" . $CAT_FORUM[$idcat]['id_right'] . "'" : '') . " " . $auth_cats . "\n GROUP BY t.id\n ORDER BY relevance DESC" . $Sql->limit(0, FORUM_MAX_SEARCH_RESULTS);
} else {
return "SELECT " . $args['id_search'] . " AS `id_search`,\n msg.id AS `id_content`,\n t.title AS `title`,\n MATCH(t.title) AGAINST('" . $search . "') * " . $weight . " AS `relevance`,\n " . $Sql->concat("'" . PATH_TO_ROOT . "'", "'/forum/topic.php?id='", 't.id', "'#m'", 'msg.id') . " AS `link`\n FROM " . PREFIX . "forum_msg msg\n JOIN " . PREFIX . "forum_topics t ON t.id = msg.idtopic\n JOIN " . PREFIX . "forum_cats c ON c.level != 0 AND c.aprob = 1 AND c.id = t.idcat\n WHERE MATCH(t.title) AGAINST('" . $search . "')\n " . ($idcat != -1 ? " AND c.id_left BETWEEN '" . $CAT_FORUM[$idcat]['id_left'] . "' AND '" . $CAT_FORUM[$idcat]['id_right'] . "'" : '') . " " . $auth_cats . "\n GROUP BY t.id\n ORDER BY relevance DESC" . $Sql->limit(0, FORUM_MAX_SEARCH_RESULTS);
}
}
} elseif ($remove_favorite > 0) {
$Session->csrf_get_protect();
$article_infos = $Sql->query_array(PREFIX . "wiki_articles", "encoded_title", "WHERE id = '" . $remove_favorite . "'", __LINE__, __FILE__);
if (empty($article_infos['encoded_title'])) {
redirect(HOST . DIR . '/wiki/' . url('wiki.php', '', '&'));
}
$is_favorite = $Sql->query("SELECT COUNT(*) FROM " . PREFIX . "wiki_favorites WHERE user_id = '" . $User->get_attribute('user_id') . "' AND id_article = '" . $remove_favorite . "'", __LINE__, __FILE__);
if ($is_favorite > 0) {
$Sql->query_inject("DELETE FROM " . PREFIX . "wiki_favorites WHERE id_article = '" . $remove_favorite . "' AND user_id = '" . $User->get_attribute('user_id') . "'", __LINE__, __FILE__);
redirect(HOST . DIR . '/wiki/' . url('wiki.php?title=' . $article_infos['encoded_title'], $article_infos['encoded_title'], '&'));
} else {
redirect(HOST . DIR . '/wiki/' . url('favorites.php?error=e_no_favorite', '', '&') . '#errorh');
}
} else {
$Template->set_filenames(array('wiki_favorites' => 'wiki/favorites.tpl'));
$error = !empty($_GET['error']) ? strprotect($_GET['error']) : '';
if ($error == 'e_no_favorite') {
$errstr = $LANG['wiki_article_is_not_a_favorite'];
} elseif ($error == 'e_already_favorite') {
$errstr = $LANG['wiki_already_favorite'];
} else {
$errstr = '';
}
if (!empty($errstr)) {
$Errorh->handler($errstr, E_USER_WARNING);
}
$result = $Sql->query_while("SELECT f.id, a.id, a.title, a.encoded_title\n\tFROM " . PREFIX . "wiki_favorites f\n\tLEFT JOIN " . PREFIX . "wiki_articles a ON a.id = f.id_article\n\tWHERE user_id = '" . $User->get_attribute('user_id') . "'", __LINE__, __FILE__);
$num_rows = $Sql->num_rows($result, "SELECT COUNT(*) FROM " . PREFIX . "wiki_articles WHERE user_id = '" . $User->get_attribute('user_id') . "'", __LINE__, __FILE__);
if ($num_rows == 0) {
$Template->assign_block_vars('no_favorite', array('L_NO_FAVORITE' => $LANG['wiki_no_favorite']));
}
require_once '../admin/admin_header.php';
$update = !empty($_GET['update']) ? true : false;
if ($update) {
$module_name = retrieve(GET, 'update', '');
if (empty($module_name)) {
foreach ($_POST as $key => $value) {
if ($value == $LANG['update_module']) {
$module_name = $key;
}
}
$activ_module = retrieve(POST, $module_name . 'activ', 0);
}
$ckeck_module = $Sql->query("SELECT COUNT(*) FROM " . DB_TABLE_MODULES . " WHERE name = '" . strprotect($module_name) . "'", __LINE__, __FILE__);
if (!empty($ckeck_module)) {
$info_module = load_ini_file('../' . $module_name . '/lang/', get_ulang());
$previous_version = $Sql->query("SELECT version FROM " . DB_TABLE_MODULES . " WHERE name = '" . strprotect($module_name) . "'", __LINE__, __FILE__);
$dir_db_module = get_ulang();
$dir = '../' . $module_name . '/db';
import('io/filesystem/folder');
$folder_path = new Folder($dir . '/' . $dir_db_module);
foreach ($folder_path->get_folders('`^[a-z0-9_ -]+$`i') as $dir) {
$dir_db_module = $dir->get_name();
break;
}
$filesupdate = array();
$dir_db = '../' . urldecode($module_name) . '/db/' . $dir_db_module . '/';
$folder_path = new Folder($dir_db);
foreach ($folder_path->get_files('`.*\\.(php|sql)$`i') as $files) {
$file = $files->get_name();
if (strpos($file, DBTYPE) !== false) {
$array_info = explode('_', $file);
foreach ($array_field as $value) {
$field .= strprotect($value) . '|';
}
} elseif ($row['field'] == 6) {
$field = '';
$i = 0;
$array_possible_values = explode('|', $row['possible_values']);
foreach ($array_possible_values as $value) {
$field .= !empty($_POST[$row['field_name'] . '_' . $i]) ? addslashes($_POST[$row['field_name'] . '_' . $i]) . '|' : '';
$i++;
}
if ($row['required'] && empty($field)) {
redirect(HOST . DIR . '/member/register' . url('.php?error=incomplete') . '#errorh');
}
} else {
$field = strprotect($field);
}
if (!empty($field)) {
if ($valid_field) {
$req_update .= $row['field_name'] . ' = \'' . trim($field, '|') . '\', ';
$req_field .= $row['field_name'] . ', ';
$req_insert .= '\'' . trim($field, '|') . '\', ';
}
}
}
$Sql->query_close($result);
$check_member = $Sql->query("SELECT COUNT(*) FROM " . DB_TABLE_MEMBER_EXTEND . " WHERE user_id = '" . $last_mbr_id . "'", __LINE__, __FILE__);
if ($check_member && !empty($req_update)) {
$Sql->query_inject("UPDATE " . DB_TABLE_MEMBER_EXTEND . " SET " . trim($req_update, ', ') . " WHERE user_id = '" . $last_mbr_id . "'", __LINE__, __FILE__);
} else {
if (!empty($req_insert)) {
} else {
if (!empty($req_insert)) {
$Sql->query_inject("INSERT INTO " . DB_TABLE_MEMBER_EXTEND . " (user_id, " . trim($req_field, ', ') . ") VALUES ('" . $id_post . "', " . trim($req_insert, ', ') . ")", __LINE__, __FILE__);
}
}
}
redirect(HOST . SCRIPT);
} else {
redirect(HOST . DIR . '/admin/admin_members' . url('.php?id=' . $id_post . '&error=incomplete') . '#errorh');
}
}
} else {
redirect(HOST . DIR . '/admin/admin_members' . url('.php?id=' . $id_post . '&error=incomplete') . '#errorh');
}
} elseif ($add && !empty($_POST['add'])) {
$login = !empty($_POST['login2']) ? strprotect(substr($_POST['login2'], 0, 25)) : '';
$password = retrieve(POST, 'password2', '', TSTRING_UNCHANGE);
$password_bis = retrieve(POST, 'password2_bis', '', TSTRING_UNCHANGE);
$password_hash = !empty($password) ? strhash($password) : '';
$level = retrieve(POST, 'level2', 0);
$mail = strtolower(retrieve(POST, 'mail2', ''));
if (check_mail($mail)) {
$check_user = $Sql->query("SELECT COUNT(*) as compt FROM " . DB_TABLE_MEMBER . " WHERE login = '******'", __LINE__, __FILE__);
$check_mail = $Sql->query("SELECT COUNT(*) as compt FROM " . DB_TABLE_MEMBER . " WHERE user_mail = '" . $mail . "'", __LINE__, __FILE__);
if ($check_user >= 1) {
redirect(HOST . DIR . '/admin/admin_members' . url('.php?error=pseudo_auth&add=1') . '#errorh');
} elseif ($check_mail >= 1) {
redirect(HOST . DIR . '/admin/admin_members' . url('.php?error=auth_mail&add=1') . '#errorh');
} else {
if (strlen($password) >= 6 && strlen($password_bis) >= 6) {
if (!empty($login)) {
if ($User->get_attribute('user_id') != $user_id) {
if ($User->check_level(ADMIN_LEVEL)) {
echo $Uploads->Rename_folder($id_folder, $name, $previous_name, $user_id, ADMIN_NO_CHECK);
} else {
echo $Uploads->Rename_folder($id_folder, $name, $previous_name, $User->get_attribute('user_id'), ADMIN_NO_CHECK);
}
} else {
echo $Uploads->Rename_folder($id_folder, $name, $previous_name, $User->get_attribute('user_id'));
}
} else {
echo 0;
}
} elseif (!empty($_GET['rename_file'])) {
$id_file = !empty($_POST['id_file']) ? numeric($_POST['id_file']) : '0';
$user_id = !empty($_POST['user_id']) ? numeric($_POST['user_id']) : $User->get_attribute('user_id');
$name = !empty($_POST['name']) ? strprotect(utf8_decode($_POST['name'])) : '';
$previous_name = !empty($_POST['previous_name']) ? strprotect(utf8_decode($_POST['previous_name'])) : '';
if (!empty($id_file) && !empty($name)) {
if ($User->get_attribute('user_id') != $user_id) {
if ($User->check_level(ADMIN_LEVEL)) {
echo $Uploads->Rename_file($id_file, $name, $previous_name, $user_id, ADMIN_NO_CHECK);
} else {
echo $Uploads->Rename_file($id_file, $name, $previous_name, $User->get_attribute('user_id'), ADMIN_NO_CHECK);
}
} else {
echo $Uploads->Rename_file($id_file, $name, $previous_name, $User->get_attribute('user_id'));
}
} else {
echo 0;
}
}
$del = !empty($_GET['del']) ? numeric($_GET['del']) : 0;
$move = !empty($_GET['move']) ? trim($_GET['move']) : 0;
$root = !empty($_GET['root']) ? numeric($_GET['root']) : 0;
define('READ_CAT_GALLERY', 0x1);
define('WRITE_CAT_GALLERY', 0x2);
define('EDIT_CAT_GALLERY', 0x4);
if (!empty($_POST['valid']) && !empty($id)) {
$Cache->load('gallery');
$to = !empty($_POST['category']) ? numeric($_POST['category']) : 0;
$name = !empty($_POST['name']) ? strprotect($_POST['name']) : '';
$contents = !empty($_POST['desc']) ? strprotect($_POST['desc']) : '';
$status = isset($_POST['status']) ? numeric($_POST['status']) : 1;
$aprob = isset($_POST['aprob']) ? numeric($_POST['aprob']) : 1;
$array_auth_all = Authorizations::build_auth_array_from_form(READ_CAT_GALLERY, WRITE_CAT_GALLERY, EDIT_CAT_GALLERY);
if (!empty($name)) {
$Sql->query_inject("UPDATE " . PREFIX . "gallery_cats SET name = '" . $name . "', contents = '" . $contents . "', aprob = '" . $aprob . "', status = '" . $status . "', auth = '" . strprotect(serialize($array_auth_all), HTML_NO_PROTECT) . "' WHERE id = '" . $id . "'", __LINE__, __FILE__);
$to = $Sql->query("SELECT id FROM " . PREFIX . "gallery_cats WHERE id = '" . $to . "' AND id_left NOT BETWEEN '" . $CAT_GALLERY[$id]['id_left'] . "' AND '" . $CAT_GALLERY[$id]['id_right'] . "'", __LINE__, __FILE__);
$change_cat = !empty($to) ? !($CAT_GALLERY[$to]['id_left'] < $CAT_GALLERY[$id]['id_left'] && $CAT_GALLERY[$to]['id_right'] > $CAT_GALLERY[$id]['id_right'] && $CAT_GALLERY[$id]['level'] - 1 == $CAT_GALLERY[$to]['level']) : $CAT_GALLERY[$id]['level'] > 0;
if ($change_cat) {
$nbr_cat = ($CAT_GALLERY[$id]['id_right'] - $CAT_GALLERY[$id]['id_left'] - 1) / 2 + 1;
$list_cats = '';
$result = $Sql->query_while("SELECT id\n\t\t\tFROM " . PREFIX . "gallery_cats \n\t\t\tWHERE id_left BETWEEN '" . $CAT_GALLERY[$id]['id_left'] . "' AND '" . $CAT_GALLERY[$id]['id_right'] . "'\n\t\t\tORDER BY id_left", __LINE__, __FILE__);
while ($row = $Sql->fetch_assoc($result)) {
$list_cats .= $row['id'] . ', ';
}
$Sql->query_close($result);
$list_cats = trim($list_cats, ', ');
$list_parent_cats = '';
$result = $Sql->query_while("SELECT id \n\t\t\tFROM " . PREFIX . "gallery_cats \n\t\t\tWHERE id_left < '" . $CAT_GALLERY[$id]['id_left'] . "' AND id_right > '" . $CAT_GALLERY[$id]['id_right'] . "'", __LINE__, __FILE__);
while ($row = $Sql->fetch_assoc($result)) {
$list_parent_cats .= $row['id'] . ', ';
function ModuleMiniMenu($module, $filename)
{
parent::Menu($module);
$this->filename = strprotect($filename);
}
}
if ($CONFIG_GALLERY['display_pics'] == 3) {
$display_link = HOST . DIR . '/gallery/show_pics' . url('.php?id=' . $row['id'] . '&cat=' . $row['idcat']) . '" rel="lightbox[1]" onmousedown="increment_view(' . $row['id'] . ');" title="' . str_replace('"', '', stripslashes($row['name']));
$display_name = HOST . DIR . '/gallery/show_pics' . url('.php?id=' . $row['id'] . '&cat=' . $row['idcat']) . '" rel="lightbox[2]" onmousedown="increment_view(' . $row['id'] . ');" title="' . str_replace('"', '', stripslashes($row['name']));
} elseif ($CONFIG_GALLERY['display_pics'] == 2) {
$display_name = $display_link = 'javascript:increment_view(' . $row['id'] . ');display_pics_popup(\'' . HOST . DIR . '/gallery/show_pics' . url('.php?id=' . $row['id'] . '&cat=' . $row['idcat']) . '\', \'' . $row['width'] . '\', \'' . $row['height'] . '\')';
} elseif ($CONFIG_GALLERY['display_pics'] == 1) {
$display_name = $display_link = 'javascript:increment_view(' . $row['id'] . ');display_pics(' . $row['id'] . ', \'' . HOST . DIR . '/gallery/show_pics' . url('.php?id=' . $row['id'] . '&cat=' . $row['idcat']) . '\')';
} else {
$display_name = $display_link = url('gallery.php?cat=' . $row['idcat'] . '&id=' . $row['id'], 'gallery-' . $row['idcat'] . '-' . $row['id'] . '.php') . '#pics_max';
}
$cat_list = '';
foreach ($array_cat_list as $key_cat => $option_value) {
$cat_list .= $key_cat == $row['idcat'] ? sprintf($option_value, 'selected="selected"') : sprintf($option_value, '');
}
$activ_note = $CONFIG_GALLERY['activ_note'] == 1 && $is_connected;
if ($activ_note) {
$Note = new Note('gallery', $row['id'], url('.php?cat=' . $row['idcat'] . '&id=' . $row['id'], '-' . $row['idcat'] . '-' . $row['id'] . '.php'), $CONFIG_GALLERY['note_max'], '', NOTE_NODISPLAY_NBRNOTES | NOTE_DISPLAY_BLOCK);
}
$html_protected_name = strprotect($row['name'], HTML_PROTECT, ADDSLASHES_FORCE);
$Template->assign_block_vars('pics_list', array('ID' => $row['id'], 'APROB' => $row['aprob'], 'IMG' => '<img src="pics/thumbnails/' . $row['path'] . '" alt="' . str_replace('"', '', stripslashes($row['name'])) . '" class="gallery_image" />', 'PATH' => $row['path'], 'NAME' => $CONFIG_GALLERY['activ_title'] == 1 ? '<a class="small_link" href="' . $display_name . '"><span id="fi_' . $row['id'] . '">' . wordwrap_html(stripslashes($row['name']), 22, ' ') . '</span></a> <span id="fi' . $row['id'] . '"></span>' : '<span id="fi_' . $row['id'] . '"></span></a> <span id="fi' . $row['id'] . '"></span>', 'POSTOR' => $CONFIG_GALLERY['activ_user'] == 1 ? '<br />' . $LANG['by'] . (!empty($row['login']) ? ' <a class="small_link" href="../member/member' . url('.php?id=' . $row['user_id'], '-' . $row['user_id'] . '.php') . '">' . $row['login'] . '</a>' : ' ' . $LANG['guest']) : '', 'VIEWS' => $CONFIG_GALLERY['activ_view'] == 1 ? '<br /><span id="gv' . $row['id'] . '">' . $row['views'] . '</span> <span id="gvl' . $row['id'] . '">' . ($row['views'] > 1 ? $LANG['views'] : $LANG['view']) . '</span>' : '', 'COM' => $CONFIG_GALLERY['activ_com'] == 1 ? '<br />' . Comments::com_display_link($row['nbr_com'], '../gallery/gallery' . url('.php?cat=' . $row['idcat'] . '&id=' . $row['id'] . '&com=0', '-' . $row['idcat'] . '-' . $row['id'] . '.php?com=0'), $row['id'], 'gallery') : '', 'KERNEL_NOTATION' => $activ_note ? $Note->display_form() : '', 'CAT' => $cat_list, 'RENAME' => $html_protected_name, 'RENAME_CUT' => $html_protected_name, 'IMG_APROB' => get_ulang() . '/' . ($row['aprob'] == 1 ? 'unvisible.png' : 'visible.png'), 'OPEN_TR' => is_int($j++ / $nbr_column_pics) ? '<tr>' : '', 'CLOSE_TR' => is_int($j / $nbr_column_pics) ? '</tr>' : '', 'L_APROB_IMG' => $row['aprob'] == 1 ? $LANG['unaprob'] : $LANG['aprob'], 'U_DEL' => url('.php?del=' . $row['id'] . '&token=' . $Session->get_token() . '&cat=' . $g_idcat, '-' . $g_idcat . '.php?token=' . $Session->get_token() . '&del=' . $row['id']), 'U_MOVE' => url('.php?id=' . $row['id'] . '&token=' . $Session->get_token() . '&move=\' + this.options[this.selectedIndex].value', '-0-' . $row['id'] . '.php?token=' . $Session->get_token() . '&move=\' + this.options[this.selectedIndex].value'), 'U_DISPLAY' => $display_link));
}
$Sql->query_close($result);
while (!is_int($j / $nbr_column_pics)) {
$Template->assign_block_vars('end_table', array('TD_END' => '<td style="margin:15px 0px;width:' . $column_width_pics . '%"> </td>', 'TR_END' => is_int(++$j / $nbr_column_pics) ? '</tr>' : ''));
}
}
}
$Template->pparse('gallery');
}
require_once '../kernel/footer.php';
function set_title($title)
{
$this->title = strprotect($title, HTML_PROTECT, ADDSLASHES_NONE);
}
function retrieve($var_type, $var_name, $default_value, $force_type = NULL, $flags = 0)
{
$var = null;
switch ($var_type) {
case GET:
if (isset($_GET[$var_name])) {
$var = $_GET[$var_name];
}
break;
case POST:
if (isset($_POST[$var_name])) {
$var = $_POST[$var_name];
}
break;
case REQUEST:
if (isset($_REQUEST[$var_name])) {
$var = $_REQUEST[$var_name];
}
break;
case COOKIE:
if (isset($_COOKIE[$var_name])) {
$var = $_COOKIE[$var_name];
}
break;
case FILES:
if (isset($_FILES[$var_name])) {
$var = $_FILES[$var_name];
}
break;
default:
break;
}
if ($var === null || $flags & USE_DEFAULT_IF_EMPTY != 0 && empty($var)) {
return $default_value;
}
$force_type = !isset($force_type) ? gettype($default_value) : $force_type;
switch ($force_type) {
case TINTEGER:
return (int) $var;
case TSTRING:
return strprotect($var);
case TSTRING_UNCHANGE:
if (MAGIC_QUOTES) {
$var = trim(stripslashes($var));
} else {
$var = trim($var);
}
return (string) $var;
case TSTRING_PARSE:
return strparse($var);
case TBOOL:
return (bool) $var;
case TUNSIGNED_INT:
$var = (int) $var;
return $var > 0 ? $var : max(0, $default_value);
case TUNSIGNED_DOUBLE:
$var = (double) $var;
return $var > 0.0 ? $var : max(0.0, $default_value);
case TSTRING_HTML:
return strprotect($var, HTML_NO_PROTECT);
case TSTRING_AS_RECEIVED:
return (string) $var;
case TARRAY:
return (array) $var;
case TDOUBLE:
return (double) $var;
case TNONE:
return $var;
default:
return $default_value;
}
}
function send_text($mail_object, $message, $email_test = '')
{
global $_NEWSLETTER_CONFIG, $LANG, $Sql;
$error_mailing_list = array();
$header = 'From: ' . $_NEWSLETTER_CONFIG['newsletter_name'] . ' <' . $_NEWSLETTER_CONFIG['sender_mail'] . '>' . "\r\n";
$header .= 'Reply-To: ' . $_NEWSLETTER_CONFIG['sender_mail'] . "\r\n";
if ($email_test == '') {
$nbr = $Sql->count_table('newsletter', __LINE__, __FILE__);
$Sql->query_inject("INSERT INTO " . PREFIX . "newsletter_arch (title,message,timestamp,type,nbr) VALUES('" . strprotect($mail_object, HTML_NO_PROTECT, ADDSLASHES_FORCE) . "', '" . strprotect($message, HTML_NO_PROTECT, ADDSLASHES_FORCE) . "', '" . time() . "', 'text', '" . $nbr . "')", __LINE__, __FILE__);
$mailing_list = array();
$result = $Sql->query_while("SELECT id, mail \n\t\t\tFROM " . PREFIX . "newsletter \n\t\t\tORDER BY id", __LINE__, __FILE__);
while ($row = $Sql->fetch_assoc($result)) {
$mailing_list[] = array($row['id'], $row['mail']);
}
$Sql->query_close($result);
$mail_sender = new Mail();
$mail_sender->set_sender($_NEWSLETTER_CONFIG['sender_mail']);
$mail_sender->set_mime(MIME_FORMAT_TEXT);
$mail_sender->set_object($mail_object);
foreach ($mailing_list as $array_mail) {
$mail_sender->set_recipients($array_mail[1]);
$mail_sender->set_content($message . "\n\n" . $LANG['newsletter_unscubscribe_text'] . HOST . DIR . '/newsletter/newsletter.php?id=' . $array_mail[0]);
if (!$mail_sender->send()) {
$error_mailing_list[] = $array_mail[1];
}
}
return $error_mailing_list;
} else {
$mail_sender = new Mail();
$mail_sender->set_sender($_NEWSLETTER_CONFIG['sender_mail']);
$mail_sender->set_mime(MIME_FORMAT_HTML);
$mail_sender->set_recipients($email_test);
$mail_sender->set_content($message);
$mail_sender->set_object($mail_object);
$mail_sender->send();
return true;
}
}
function _get_info_module()
{
global $Sql, $CONFIG;
$info_module = load_ini_file(PATH_TO_ROOT . '/' . $this->module_folder . '/lang/', get_ulang());
$check_script = false;
if (isset($info_module['com'])) {
if ($info_module['com'] == $this->script) {
$info_sql_module = $Sql->query_array(PREFIX . strprotect($info_module['com']), "id", "nbr_com", "lock_com", "WHERE id = '" . $this->idprov . "'", __LINE__, __FILE__);
if ($info_sql_module['id'] == $this->idprov) {
$check_script = true;
}
}
}
return $check_script ? array(strprotect($info_module['com']), $info_sql_module['nbr_com'], (bool) $info_sql_module['lock_com']) : array('', 0, 0);
}
} elseif ($password != $password_repeat) {
return $LANG['admin_passwords_error'];
} elseif (!Mail::check_validity($user_mail)) {
return $LANG['admin_email_error'];
} else {
return '';
}
}
$error = check_admin_account($login, $password, $password_repeat, $user_mail);
if (empty($error)) {
require_once 'functions.php';
load_db_connection();
import('core/cache');
$Cache = new Cache();
$Cache->load('config');
$Sql->query_inject("UPDATE " . DB_TABLE_MEMBER . " SET login = '******', password = '******', level = '2', user_lang = '" . $CONFIG['lang'] . "', user_theme = '" . $CONFIG['theme'] . "', user_mail = '" . $user_mail . "', user_show_mail = '1', timestamp = '" . time() . "', user_aprob = '1', user_timezone = '" . $CONFIG['timezone'] . "' WHERE user_id = '1'", __LINE__, __FILE__);
$unlock_admin = substr(strhash(uniqid(mt_rand(), true)), 0, 12);
$CONFIG['unlock_admin'] = strhash($unlock_admin);
$CONFIG['mail_exp'] = $user_mail;
$CONFIG['mail'] = $user_mail;
$Sql->query_inject("UPDATE " . DB_TABLE_CONFIGS . " SET value = '" . addslashes(serialize($CONFIG)) . "' WHERE name = 'config'", __LINE__, __FILE__);
$Cache->Generate_file('config');
$Cache->load('member');
$CONFIG_USER['activ_register'] = (int) DISTRIBUTION_ENABLE_USER;
$CONFIG_USER['msg_mbr'] = $LANG['site_config_msg_mbr'];
$CONFIG_USER['msg_register'] = $LANG['site_config_msg_register'];
$Sql->query_inject("UPDATE " . DB_TABLE_CONFIGS . " SET value = '" . addslashes(serialize($CONFIG_USER)) . "' WHERE name = 'member'", __LINE__, __FILE__);
$Cache->generate_file('member');
$LANG['admin'] = '';
import('io/mail');
$mail = new Mail();
function forum_history_collector($type, $user_id_action = '', $url_action = '')
{
global $Sql, $User;
$Sql->query_inject("INSERT INTO " . PREFIX . "forum_history (action, user_id, user_id_action, url, timestamp) VALUES('" . strprotect($type) . "', '" . $User->get_attribute('user_id') . "', '" . numeric($user_id_action) . "', '" . strprotect($url_action) . "', '" . time() . "')", __LINE__, __FILE__);
}
function update_user_lang($user_lang)
{
global $Sql;
if ($this->user_data['level'] > -1) {
$Sql->query_inject("UPDATE " . DB_TABLE_MEMBER . " SET user_lang = '" . strprotect($user_lang) . "' WHERE user_id = '" . $this->user_data['user_id'] . "'", __LINE__, __FILE__);
} else {
$Sql->query_inject("UPDATE " . DB_TABLE_SESSIONS . " SET user_lang = '" . strprotect($user_lang) . "' WHERE level = -1 AND session_id = '" . $this->user_data['session_id'] . "'", __LINE__, __FILE__);
}
}
<?php
require_once '../admin/admin_begin.php';
load_module_lang('wiki');
define('TITLE', $LANG['administration'] . ' : ' . $LANG['wiki']);
require_once '../admin/admin_header.php';
include_once '../wiki/wiki_functions.php';
$Cache->load('wiki');
$wiki_name = strprotect(retrieve(POST, 'wiki_name', $LANG['wiki'], TSTRING_AS_RECEIVED), HTML_PROTECT, ADDSLASHES_NONE);
$index_text = stripslashes(wiki_parse(retrieve(POST, 'contents', '', TSTRING_AS_RECEIVED)));
$last_articles = retrieve(POST, 'last_articles', 0);
$display_cats = !empty($_POST['display_cats']) ? 1 : 0;
$count_hits = !empty($_POST['count_hits']) ? 1 : 0;
if (!empty($_POST['update'])) {
$_WIKI_CONFIG['wiki_name'] = $wiki_name;
$_WIKI_CONFIG['last_articles'] = $last_articles;
$_WIKI_CONFIG['display_cats'] = $display_cats;
$_WIKI_CONFIG['index_text'] = $index_text;
$_WIKI_CONFIG['count_hits'] = $count_hits;
$_WIKI_CONFIG['auth'] = serialize($_WIKI_CONFIG['auth']);
$Sql->query_inject("UPDATE " . DB_TABLE_CONFIGS . " SET value = '" . addslashes(serialize($_WIKI_CONFIG)) . "' WHERE name = 'wiki'", __LINE__, __FILE__);
$Cache->Generate_module_file('wiki');
}
$Cache->load('wiki');
$Template->set_filenames(array('wiki_config' => 'wiki/admin_wiki.tpl'));
$content_editor = new ContentFormattingFactory(BBCODE_LANGUAGE);
$editor = $content_editor->get_editor();
$editor->set_identifier('contents');
$Template->assign_vars(array('KERNEL_EDITOR' => $editor->display(), 'HITS_SELECTED' => $_WIKI_CONFIG['count_hits'] > 0 ? 'checked="checked"' : '', 'WIKI_NAME' => $_WIKI_CONFIG['wiki_name'], 'NOT_DISPLAY_CATS' => $_WIKI_CONFIG['display_cats'] == 0 ? 'checked="checked"' : '', 'DISPLAY_CATS' => $_WIKI_CONFIG['display_cats'] != 0 ? 'checked="checked"' : '', 'LAST_ARTICLES' => $_WIKI_CONFIG['last_articles'], 'DESCRIPTION' => wiki_unparse($_WIKI_CONFIG['index_text']), 'L_UPDATE' => $LANG['update'], 'L_RESET' => $LANG['reset'], 'L_WIKI_MANAGEMENT' => $LANG['wiki_management'], 'L_WIKI_GROUPS' => $LANG['wiki_groups_config'], 'L_CONFIG_WIKI' => $LANG['wiki_config'], 'L_WHOLE_WIKI' => $LANG['wiki_config_whole'], 'L_INDEX_WIKI' => $LANG['wiki_index'], 'L_COUNT_HITS' => $LANG['wiki_count_hits'], 'L_WIKI_NAME' => $LANG['wiki_name'], 'L_DISPLAY_CATS' => $LANG['wiki_display_cats'], 'L_NOT_DISPLAY' => $LANG['wiki_no_display'], 'L_DISPLAY' => $LANG['wiki_display'], 'L_LAST_ARTICLES' => $LANG['wiki_last_articles'], 'L_LAST_ARTICLES_EXPLAIN' => $LANG['wiki_last_articles_explain'], 'L_DESCRIPTION' => $LANG['wiki_desc']));
$Template->pparse('wiki_config');
require_once '../admin/admin_footer.php';
$Cache->load('themes', RELOAD_CACHE);
$Cache->Generate_file('css');
redirect(HOST . SCRIPT);
} else {
redirect(HOST . DIR . '/admin/admin_themes_add.php?error=e_theme_already_exist#errorh');
}
} elseif (!empty($_FILES['upload_theme']['name'])) {
@clearstatcache();
$dir = '../templates/';
if (!is_writable($dir)) {
$is_writable = @chmod($dir, 0777) ? true : false;
}
@clearstatcache();
$error = '';
if (is_writable($dir)) {
$check_theme = $Sql->query("SELECT COUNT(*) FROM " . DB_TABLE_THEMES . " WHERE theme = '" . strprotect($_FILES['upload_theme']['name']) . "'", __LINE__, __FILE__);
if (empty($check_theme) && !is_dir('../templates/' . $_FILES['upload_theme']['name'])) {
import('io/upload');
$Upload = new Upload($dir);
if ($Upload->file('upload_theme', '`([a-z0-9()_-])+\\.(gzip|zip)+$`i')) {
$archive_path = '../templates/' . $Upload->filename['upload_theme'];
if ($Upload->extension['upload_theme'] == 'gzip') {
import('lib/pcl/pcltar', LIB_IMPORT);
if (!($zip_files = PclTarExtract($Upload->filename['upload_theme'], '../templates/'))) {
$error = $Upload->error;
}
} elseif ($Upload->extension['upload_theme'] == 'zip') {
import('lib/pcl/pclzip', LIB_IMPORT);
$Zip = new PclZip($archive_path);
if (!($zip_files = $Zip->extract(PCLZIP_OPT_PATH, '../templates/', PCLZIP_OPT_SET_CHMOD, 0666))) {
$error = $Upload->error;
function delete_mini_module($module)
{
global $Sql;
$query = "SELECT id, object, enabled, block, position FROM " . DB_TABLE_MENUS . " WHERE\n class='" . strtolower(MODULE_MINI_MENU__CLASS) . "' AND\n title LIKE '" . strtolower(strprotect($module)) . "/%';";
$result = $Sql->query_while($query, __LINE__, __FILE__);
while ($row = $Sql->fetch_assoc($result)) {
MenuService::delete(MenuService::_load($row));
}
}
$Session->csrf_get_protect();
$Template->assign_vars(array('C_QUERY_RESULT' => true));
$lower_query = strtolower($query);
if (strtolower(substr($query, 0, 6)) == 'select') {
$result = $Sql->query_while(str_replace('phpboost_', PREFIX, $query), __LINE__, __FILE__);
$i = 1;
while ($row = $Sql->fetch_assoc($result)) {
$Template->assign_block_vars('line', array());
if ($i == 1) {
foreach ($row as $field_name => $field_value) {
$Template->assign_block_vars('line.field', array('FIELD' => '<strong>' . $field_name . '</strong>', 'CLASS' => 'row3'));
}
$Template->assign_block_vars('line', array());
}
foreach ($row as $field_name => $field_value) {
$Template->assign_block_vars('line.field', array('FIELD' => strprotect($field_value), 'CLASS' => 'row1', 'STYLE' => is_numeric($field_value) ? 'text-align:right;' : ''));
}
$i++;
}
} elseif (substr($lower_query, 0, 11) == 'insert into' || substr($lower_query, 0, 6) == 'update' || substr($lower_query, 0, 11) == 'delete from' || substr($lower_query, 0, 11) == 'alter table' || substr($lower_query, 0, 8) == 'truncate' || substr($lower_query, 0, 10) == 'drop table') {
$result = $Sql->query_inject($query, __LINE__, __FILE__);
$affected_rows = @$Sql->affected_rows($result, "");
}
} elseif (!empty($table)) {
$query = "SELECT * FROM " . $table . " WHERE 1";
}
$Template->assign_vars(array('QUERY' => Sql::indent_query($query), 'QUERY_HIGHLIGHT' => Sql::highlight_query($query), 'L_REQUIRE' => $LANG['require'], 'L_EXPLAIN_QUERY' => $LANG['db_query_explain'], 'L_CONFIRM_QUERY' => $LANG['db_confirm_query'], 'L_EXECUTE' => $LANG['db_submit_query'], 'L_RESULT' => $LANG['db_query_result'], 'L_EXECUTED_QUERY' => $LANG['db_executed_query']));
} elseif (!empty($table)) {
$table_structure = $backup->extract_table_structure(array($table));
if (!isset($backup->tables[$table])) {
redirect(HOST . DIR . '/database/admin_database.php');
function Rename_pics($id_pics, $name, $previous_name)
{
global $Sql;
$Sql->query_inject("UPDATE " . PREFIX . "gallery SET name = '" . strprotect($name, HTML_PROTECT, ADDSLASHES_FORCE) . "' WHERE id = '" . $id_pics . "'", __LINE__, __FILE__);
return stripslashes(strlen(html_entity_decode($name, ENT_COMPAT, 'ISO-8859-1')) > 22 ? htmlentities(substr(html_entity_decode($name, ENT_COMPAT, 'ISO-8859-1'), 0, 22), ENT_COMPAT, 'ISO-8859-1') . PATH_TO_ROOT . '.' : $name);
}
$idpic = $Gallery->Add_pics($idcat_post, $name, $Upload->filename['gallery'], $User->get_attribute('user_id'));
if (!empty($Gallery->error)) {
redirect(HOST . DIR . '/gallery/admin_gallery_add.php?error=' . $Gallery->error . '#errorh');
}
$Cache->Generate_module_file('gallery');
}
}
}
}
redirect(HOST . DIR . '/gallery/admin_gallery_add.php?add=' . $idpic);
} elseif (!empty($_POST['valid']) && !empty($nbr_pics_post)) {
for ($i = 1; $i <= $nbr_pics_post; $i++) {
$activ = !empty($_POST[$i . 'activ']) ? trim($_POST[$i . 'activ']) : '';
$uniq = !empty($_POST[$i . 'uniq']) ? strprotect($_POST[$i . 'uniq']) : '';
if ($activ && !empty($uniq)) {
$name = !empty($_POST[$i . 'name']) ? strprotect($_POST[$i . 'name']) : 0;
$cat = !empty($_POST[$i . 'cat']) ? numeric($_POST[$i . 'cat']) : 0;
$del = !empty($_POST[$i . 'del']) ? numeric($_POST[$i . 'del']) : 0;
if ($del) {
delete_file('pics/' . $uniq);
} else {
$Gallery->Add_pics($cat, $name, $uniq, $User->get_attribute('user_id'));
}
}
}
$Cache->Generate_module_file('gallery');
redirect(HOST . DIR . '/gallery/admin_gallery_add.php');
} else {
$Template->set_filenames(array('admin_gallery_add' => 'gallery/admin_gallery_add.tpl'));
$get_error = !empty($_GET['error']) ? trim($_GET['error']) : '';
$array_error = array('e_upload_invalid_format', 'e_upload_max_weight', 'e_upload_max_dimension', 'e_upload_error', 'e_upload_failed_unwritable', 'e_upload_already_exist', 'e_unlink_disabled', 'e_unsupported_format', 'e_unabled_create_pics', 'e_error_resize', 'e_no_graphic_support', 'e_unabled_incrust_logo', 'delete_thumbnails');
function gallery_mini($position, $block)
{
global $Cache, $User, $CAT_GALLERY, $CONFIG_GALLERY, $LANG, $_array_random_pics, $Sql;
$tpl = new Template('gallery/gallery_mini.tpl');
import('core/menu_service');
MenuService::assign_positions_conditions($tpl, $block);
load_module_lang('gallery');
$Cache->load('gallery');
$i = 0;
$array_pics_mini = 'var array_pics_mini = new Array();' . "\n";
list($nbr_pics, $sum_height, $sum_width, $scoll_mode, $height_max, $width_max) = array(0, 0, 0, 0, 142, 142);
if (isset($_array_random_pics) && $_array_random_pics !== array()) {
if (!defined('READ_CAT_GALLERY')) {
define('READ_CAT_GALLERY', 0x1);
}
$gallery_mini = array();
shuffle($_array_random_pics);
$CAT_GALLERY[0]['auth'] = $CONFIG_GALLERY['auth_root'];
$break = 0;
foreach ($_array_random_pics as $array_pics_info) {
if ($User->check_auth($CAT_GALLERY[$array_pics_info['idcat']]['auth'], READ_CAT_GALLERY)) {
$gallery_mini[] = $array_pics_info;
$break++;
}
if ($break == $CONFIG_GALLERY['nbr_pics_mini']) {
break;
}
}
if (count($gallery_mini) == 0) {
$_array_random_pics = array();
$result = $Sql->query_while("SELECT g.id, g.name, g.path, g.width, g.height, g.idcat, gc.auth\n \t\tFROM " . PREFIX . "gallery g\n \t\tLEFT JOIN " . PREFIX . "gallery_cats gc on gc.id = g.idcat\n \t\tWHERE g.aprob = 1 AND gc.aprob = 1\n \t\tORDER BY RAND()\n \t\t" . $Sql->limit(0, $CONFIG_GALLERY['nbr_pics_mini']), __LINE__, __FILE__);
while ($row = $Sql->fetch_assoc($result)) {
$_array_random_pics[] = $row;
}
$break = 0;
foreach ($_array_random_pics as $key => $array_pics_info) {
if ($User->check_auth($CAT_GALLERY[$array_pics_info['idcat']]['auth'], READ_CAT_GALLERY)) {
$gallery_mini[] = $array_pics_info;
$break++;
}
if ($break == $CONFIG_GALLERY['nbr_pics_mini']) {
break;
}
}
}
switch ($CONFIG_GALLERY['scroll_type']) {
case 0:
$tpl->assign_vars(array('C_FADE' => true));
break;
case 1:
$tpl->assign_vars(array('C_VERTICAL_SCROLL' => true));
break;
case 2:
$tpl->assign_vars(array('C_HORIZONTAL_SCROLL' => true));
break;
case 3:
$tpl->assign_vars(array('C_STATIC' => true));
break;
}
include_once PATH_TO_ROOT . '/gallery/gallery.class.php';
$Gallery = new Gallery();
foreach ($gallery_mini as $key => $row) {
if (!is_file(PATH_TO_ROOT . '/gallery/pics/thumbnails/' . $row['path'])) {
$Gallery->Resize_pics(PATH_TO_ROOT . '/gallery/pics/' . $row['path']);
}
if ($row['width'] == 0 || $row['height'] == 0) {
list($row['width'], $row['height']) = @getimagesize(PATH_TO_ROOT . '/gallery/pics/thumbnails/' . $row['path']);
}
if ($row['width'] == 0 || $row['height'] == 0) {
list($row['width'], $row['height']) = array(142, 142);
}
$tpl->assign_block_vars('pics_mini', array('ID' => $i, 'PICS' => TPL_PATH_TO_ROOT . '/gallery/pics/thumbnails/' . $row['path'], 'NAME' => strprotect($row['name'], HTML_PROTECT, ADDSLASHES_FORCE), 'HEIGHT' => $row['height'], 'WIDTH' => $row['width'], 'U_PICS' => TPL_PATH_TO_ROOT . '/gallery/gallery' . url('.php?cat=' . $row['idcat'] . '&id=' . $row['id'], '-' . $row['idcat'] . '-' . $row['id'] . '.php')));
$sum_height += $row['height'] + 5;
$sum_width += $row['width'] + 5;
$i++;
if ($CONFIG_GALLERY['scroll_type'] == 3) {
break;
}
}
}
$tpl->assign_vars(array('SID' => SID, 'MODULE_DATA_PATH' => $tpl->get_module_data_path('gallery'), 'ARRAY_PICS' => $array_pics_mini, 'HEIGHT_DIV' => $CONFIG_GALLERY['height'], 'SUM_HEIGHT' => $sum_height + 10, 'HIDDEN_HEIGHT' => $CONFIG_GALLERY['height'] + 10, 'WIDTH_DIV' => $CONFIG_GALLERY['width'], 'SUM_WIDTH' => $sum_width + 30, 'HIDDEN_WIDTH' => $CONFIG_GALLERY['width'] * 3 + 30, 'SCROLL_DELAY' => 0.2 * (11 - $CONFIG_GALLERY['speed_mini_pics']), 'L_RANDOM_PICS' => $LANG['random_img'], 'L_NO_RANDOM_PICS' => $i == 0 ? '<br /><span class="text_small"><em>' . $LANG['no_random_img'] . '</em></span><br />' : '', 'L_GALLERY' => $LANG['gallery']));
return $tpl->parse(TEMPLATE_STRING_MODE);
}