Ejemplo n.º 1
0
 function __construct()
 {
     global $GET, $db;
     date_default_timezone_set(\query\main::get_option('timezone'));
     $db->query("SET time_zone='" . date('P') . "'");
     $GLOBALS['siteURL'] = \site\utils::site_url();
     $GLOBALS['me'] = \user\main::is_logged();
     $this->template = \query\main::get_option('theme');
     $this->language = $this->language();
     $this->ap_language = $this->admin_panel_language();
     if (isset($GET['loc'])) {
         $this->page_type = $GET['loc'];
     } else {
         $this->page_type = 'index';
     }
     $this->id = isset($GET['id']) ? $GET['id'] : '';
 }
Ejemplo n.º 2
0
<input type="password" name="forgot_password_form[password1]" value="' . (isset($pd['password1']) ? $pd['password1'] : '') . '" placeholder="' . $LANG['change_pwd_form_new'] . '" required />
<input type="password" name="forgot_password_form[password2]" value="' . (isset($pd['password2']) ? $pd['password2'] : '') . '" placeholder="' . $LANG['change_pwd_form_new2'] . '" required />
<button>' . $LANG['reset_pwd_button'] . '</button>
<input type="hidden" name="forgot_password_form[csrf]" value="' . $csrf . '" />
</form>';
} else {
    if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['forgot_password_form']) && isset($_POST['forgot_password_form']['csrf']) && isset($_SESSION['csrf']['forgot_password']) && $_POST['forgot_password_form']['csrf'] == $_SESSION['csrf']['forgot_password']) {
        $pd = \site\utils::validate_user_data($_POST['forgot_password_form']);
        try {
            \user\main::recovery_password($_POST['forgot_password_form'], '../', 1);
            $form .= '<div class="success">' . $LANG['fp_success'] . '</div>';
        } catch (Exception $e) {
            $form .= '<div class="error">' . $e->getMessage() . '</div>';
        }
    }
    $csrf = $_SESSION['csrf']['forgot_password'] = \site\utils::str_random(12);
    $form .= '<form action="#" method="POST">
<input type="text" name="forgot_password_form[email]" value="' . (isset($pd['email']) ? $pd['email'] : '') . '" placeholder="' . $LANG['form_email'] . '" required />
<button>' . $LANG['recovery'] . '</button>
<input type="hidden" name="forgot_password_form[csrf]" value="' . $csrf . '" />
</form>';
}
echo $form;
?>

<div style="margin: 20px 0 0 0; text-align: center;">
<a href="?">&#8592; <?php 
echo $LANG['login'];
?>
</a>
</div>
Ejemplo n.º 3
0
  ' . (empty($item->coupons) ? $LANG['no_coupons_store'] : '<a href="?route=coupons.php&amp;store=' . $item->ID . '">' . sprintf($LANG['nr_coupons_store'], $item->coupons) . '</a>') . '</div>

  </div>

  <div style="clear:both;"></div>

  <div class="options">';
                if ($ab_edt) {
                    echo '<a href="?route=stores.php&amp;action=edit&amp;id=' . $item->ID . '">' . $LANG['edit'] . '</a>';
                    echo '<a href="' . \site\utils::update_uri('', array('type' => !$item->visible ? 'publish' : 'unpublish', 'id' => $item->ID, 'token' => $csrf)) . '">' . (!$item->visible ? $LANG['publish'] : $LANG['unpublish']) . '</a>';
                }
                if ($ab_add) {
                    echo '<a href="?route=coupons.php&amp;action=add&amp;store=' . $item->ID . '&amp;category=' . $item->catID . '">' . $LANG['coupons_add_button'] . '</a>';
                }
                if ($ab_del) {
                    echo '<a href="' . \site\utils::update_uri('', array('action' => 'delete', 'id' => $item->ID, 'token' => $csrf)) . '" data-delete-msg="' . $LANG['delete_store'] . '">' . $LANG['delete'] . '</a>';
                }
                if ($feed_view && $item->feedID !== 0) {
                    echo '<a href="?route=feed.php&amp;action=coupons&amp;store=' . $item->feedID . '">' . $LANG['feed_coupons_link'] . '</a>';
                }
                echo '</div>
  </li>';
            }
            echo '</ul>

<input type="hidden" name="csrf" value="' . $csrf . '" />

</form>';
            if (isset($p['prev_page']) || isset($p['next_page'])) {
                echo '<div class="pagination">';
                if (isset($p['prev_page'])) {
Ejemplo n.º 4
0
function edit_store_form($id)
{
    global $LANG;
    if ($GLOBALS['me']) {
        if ($GLOBALS['me']->Stores > 0) {
            $store = \query\main::store_infos($id);
            if ($store->userID !== $GLOBALS['me']->ID) {
                return '<div class="info_form">' . $LANG['edit_store_cant'] . '</div>';
            }
            /* */
            $store_image = $store->image;
            $form = '<div class="edit_store_form other_form">';
            if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['edit_store_form']) && \site\utils::check_csrf($_POST['edit_store_form']['csrf'], 'edit_store_csrf')) {
                $pd = \site\utils::validate_user_data($_POST['edit_store_form']);
                try {
                    $post_info = \user\main::edit_store($id, $GLOBALS['me']->ID, $pd);
                    $store_image = $post_info->image;
                    $form .= '<div class="success">' . $LANG['edit_store_success'] . '</div>';
                } catch (Exception $e) {
                    $form .= '<div class="error">' . $e->getMessage() . '</div>';
                }
            }
            $csrf = $_SESSION['edit_store_csrf'] = \site\utils::str_random(12);
            $form .= '<form method="POST" action="#" enctype="multipart/form-data">
  <div class="form_field"><label for="edit_store_form[category]">' . $LANG['form_category'] . '</label>
  <div><select name="edit_store_form[category]" id="edit_store_form[category]">';
            foreach (\query\main::group_categories(array('max' => 0)) as $cat) {
                $wcat = '<optgroup label="' . $cat['infos']->name . '">';
                $wcat .= '<option value="' . $cat['infos']->ID . '"' . (isset($store->catID) && $store->catID == $cat['infos']->ID ? ' selected' : '') . '>' . $cat['infos']->name . '</option>';
                if (isset($cat['subcats'])) {
                    foreach ($cat['subcats'] as $subcat) {
                        $wcat .= '<option value="' . $subcat->ID . '"' . (isset($store->catID) && $store->catID == $subcat->ID ? ' selected' : '') . '>' . $subcat->name . '</option>';
                    }
                }
                $wcat .= '</optgroup>';
                $form .= $wcat;
            }
            $form .= '</select></div>
  </div>
  <div class="form_field"><label for="edit_store_form[name]">' . $LANG['form_name'] . ':</label> <div><input type="text" name="edit_store_form[name]" id="edit_store_form[name]" value="' . (isset($pd['name']) ? $pd['name'] : $store->name) . '" placeholder="' . $LANG['edit_store_name_ph'] . '" required /></div></div>
  <div class="form_field"><label for="edit_store_form[url]">' . $LANG['form_store_url'] . ':</label> <div><input type="text" name="edit_store_form[url]" id="edit_store_form[url]" value="' . (isset($pd['url']) ? $pd['url'] : $store->url) . '" placeholder="http://" required /></div></div>
  <div class="form_field"><label for="edit_store_form[description]">' . $LANG['form_description'] . ':</label> <div><textarea name="edit_store_form[description]" id="edit_store_form[description]" style="height:100px;">' . (isset($pd['description']) ? $pd['description'] : $store->description) . '</textarea></div></div>
  <div class="form_field"><label for="edit_store_form[tags]">' . $LANG['form_tags'] . ':</label> <div><input type="text" name="edit_store_form[tags]" id="edit_store_form[tags]" value="' . (isset($pd['tags']) ? $pd['tags'] : $store->tags) . '" /></div></div>
  <div class="form_field"><label for="edit_store_form_logo">' . $LANG['form_logo'] . ':</label> <div><img src="' . store_avatar($store_image) . '" alt="" style="width:100px; height:50px;" /> <input type="file" name="edit_store_form_logo" id="edit_store_form_logo" />
  <span>Note:* max width: 600px, max height: 400px.</span></div></div>
  <input type="hidden" name="edit_store_form[csrf]" value="' . $csrf . '" />
  <button>' . $LANG['edit_store_button'] . '</button>
  </form>

  </div>';
            return $form;
        } else {
            return '<div class="info_form">' . $LANG['unavailable_form2'] . '</div>';
        }
    } else {
        return '<div class="info_form">' . $LANG['unavailable_form'] . '</div>';
    }
}
Ejemplo n.º 5
0
        $sendy_template_root = substr($_POST['sendy_template_root'], -1) == '/' ? $_POST['sendy_template_root'] : $_POST['sendy_template_root'] . '/';
        $sendy_query_string = isset($_POST['sendy_query_string']) ? $_POST['sendy_query_string'] : '';
        if (actions::set_option(array('sendy_query_string' => $sendy_query_string, 'sendy_brand_id' => $_POST['sendy_brand_id'], 'sendy_list_id' => $_POST['sendy_list_id'], 'sendy_reply_to' => $_POST['sendy_reply_to'], 'sendy_from_email' => $_POST['sendy_from_email'], 'sendy_from_name' => $_POST['sendy_from_name'], 'sendy_api_key' => $_POST['sendy_api_key'], 'sendy_url' => $sendy_url, 'sendy_template_root' => $sendy_template_root))) {
            echo '<div class="a-success">Saved!</div>';
        } else {
            echo '<div class="a-error">Error!</div>';
        }
    } else {
        echo '<div class="a-error">Param Error (' . isset($_POST['sendy_brand_id']) . ',' . isset($_POST['sendy_list_id']) . ',' . isset($_POST['sendy_reply_to']) . ',' . isset($_POST['sendy_from_email']) . ',' . isset($_POST['sendy_from_name']) . ',' . isset($_POST['sendy_api_key']) . ',' . isset($_POST['sendy_url']) . ')</div>';
    }
} else {
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        echo '<div class="a-error">Signature Error</div';
    }
}
$csrf = $_SESSION['slider_csrf'] = \site\utils::str_random(10);
switch ($_GET['action']) {
    default:
        echo '
<div class="title">

<h2>Sendy settings</h2>

<span>Modify Sendy settings</span>

</div>
';
        echo '<form action="#" method="POST">

<div class="form-table">
Ejemplo n.º 6
0
 public static function while_rewards_reqs($category = array())
 {
     global $db;
     $categories = \site\utils::validate_user_data($category);
     $where = $orderby = $limit = array();
     if (isset($categories['max'])) {
         if (!empty($categories['max'])) {
             $limit[] = $categories['max'];
         }
     } else {
         $page = !empty($_GET['page']) ? (int) $_GET['page'] : 1;
         $per_page = isset($categories['per_page']) ? (int) $categories['per_page'] : \query\main::get_option('items_per_page');
         $offset = isset($page) && $page > 1 ? ($page - 1) * $per_page : 0;
         $limit[] = $offset;
         $limit[] = $per_page;
     }
     /*
     WHERE / ORDER BY
     */
     if (!empty($categories['user'])) {
         $where[] = 'user = "******"';
     }
     if (!empty($categories['reward'])) {
         $where[] = 'reward = "' . (int) $categories['reward'] . '"';
     }
     if (!empty($categories['search'])) {
         $search = implode('.*', explode(' ', trim($categories['search'])));
         $where[] = 'fields REGEXP "' . \site\utils::dbp($search) . '"';
     }
     if (isset($categories['show'])) {
         $show = strtolower($categories['show']);
         switch ($show) {
             case 'valid':
                 $where[] = 'claimed = 1';
                 break;
             case 'notvalid':
                 $where[] = 'claimed = 0';
                 break;
         }
     }
     if (isset($categories['orderby'])) {
         $order = array_map('trim', explode(',', strtolower($categories['orderby'])));
         foreach ($order as $v) {
             switch ($v) {
                 case 'rand':
                     $orderby[] = 'RAND()';
                     break;
                 case 'date':
                     $orderby[] = 'date';
                     break;
                 case 'date desc':
                     $orderby[] = 'date DESC';
                     break;
                 case 'points':
                     $orderby[] = 'points';
                     break;
                 case 'points desc':
                     $orderby[] = 'points DESC';
                     break;
             }
         }
     }
     /*
      */
     $stmt = $db->stmt_init();
     $stmt->prepare("SELECT id, name, user, points, reward, (SELECT COUNT(*) FROM " . DB_TABLE_PREFIX . "rewards WHERE id = r.reward), fields, claimed, date FROM " . DB_TABLE_PREFIX . "rewards_reqs r" . (empty($where) ? '' : ' WHERE ' . implode(' AND ', $where)) . (empty($orderby) ? '' : ' ORDER BY ' . implode(', ', array_filter($orderby))) . (empty($limit) ? '' : ' LIMIT ' . implode(',', $limit)));
     $stmt->execute();
     $stmt->bind_result($id, $name, $user, $points, $reward, $reward_exists, $fields, $claimed, $date);
     $data = array();
     while ($stmt->fetch()) {
         $data[] = (object) array('ID' => $id, 'name' => htmlspecialchars($name), 'user' => $user, 'points' => $points, 'reward' => $reward, 'reward_exists' => $reward_exists > 0 ? 1 : 0, 'fields' => @unserialize($fields), 'claimed' => $claimed, 'date' => $date);
     }
     $stmt->close();
     return $data;
 }
Ejemplo n.º 7
0
                        echo '<div class="a-success">' . $LANG['msg_added'] . '</div>';
                    } else {
                        echo '<div class="a-error">' . $LANG['msg_error'] . '</div>';
                    }
                }
            } else {
                if (isset($_GET['delete'])) {
                    if (actions::delete_widget($zone_id, $_GET['id'])) {
                        echo '<div class="a-success">' . $LANG['msg_deleted'] . '</div>';
                    } else {
                        echo '<div class="a-error">' . $LANG['msg_error'] . '</div>';
                    }
                }
            }
        }
        $token = $_SESSION['widgets_csrf'] = \site\utils::str_random(10);
        /* */
        $zone_widgets = \query\main::show_widgets($zone_id, '../');
        /* */
        echo '<div class="form-table">

<ul class="elements-list el-two">

<li class="head">' . $LANG['widgets_available'] . '</li>';
        $available = widgets::available_list();
        foreach ($available as $ID => $widget) {
            echo '<li>
  <div class="info-div">' . htmlspecialchars($widget['name']) . '</div>
  <div class="options">
  <a href="?route=widgets.php&amp;zone=' . $zone_id . '&amp;id=' . $ID . '&amp;add&amp;token=' . $token . '">' . $LANG['add'] . '</a>
  </div>';
Ejemplo n.º 8
0
<?php

if ($_SERVER['REQUEST_METHOD'] && isset($_POST['csrf']) == $_SESSION['csrf']['ajax_register']) {
    $response = array();
    $pd = \site\utils::validate_user_data($_POST['register']);
    try {
        $session = \user\main::register($pd);
        $response['state'] = 'success';
        $response['message'] = $LANG['register_success'];
        $response['session'] = $GLOBALS['siteURL'] . '/setSession.php?session=' . $session;
        unset($_SESSION['csrf']['ajax_register']);
    } catch (Exception $e) {
        $response['state'] = 'error';
        $response['message'] = $e->getMessage();
    }
    echo json_encode($response);
}
Ejemplo n.º 9
0
                $answer = $payment->execute_payment();
                echo '<div class="success">' . $LANG['payments_msg_confirmed'] . '</div>';
                /*
                Action after purchase, add credits or something ...
                */
                // add user credits
                $delivered = \user\update::add_credits($GLOBALS['me']->ID, $plan->credits);
                // update transaction
                // state, userID, paid, delivered, transactionID
                \query\payments::update_payment(array($answer['state'], $GLOBALS['me']->ID, 1, $delivered, $answer['id']));
            } catch (Exception $e) {
                echo '<div class="error">' . $e->getMessage() . '</div>';
            }
        }
    }
    $csrf = $_SESSION['payment_csrf'] = \site\utils::str_random(10);
    echo '<div class="table">';
    echo '<section>

  <h2>' . $LANG['payments_title_infos'] . '</h2>

  <ul class="table2">
  <li><span>' . $LANG['form_price'] . ':</span> <b>' . $plan->price_format . '</b></li>
  <li><span>' . $LANG['form_plan'] . ':</span> <b>' . $plan->name . '</b></li>
  <li><span>' . $LANG['form_credits'] . ':</span> <b>' . $plan->credits . '</b></li>
  <li><span>' . $LANG['form_description'] . ':</span> ' . $plan->description . '</li>
  </ul>

  </section>

  <section>';
Ejemplo n.º 10
0
<?php

$json = array();
foreach (admin_query::while_chat_messages(array('max' => 5, 'orderby' => 'date DESC')) as $item) {
    $json[] = array('id' => $item->ID, 'avatar' => \query\main::user_avatar($item->user_avatar), 'name' => $item->user_name, 'text' => \site\utils::bbcodes($item->text), 'date' => $item->date, 'gfdate' => date('Y.m.d, ' . (\query\main::get_option('hour_format') == 12 ? 'g:i A' : 'G:i'), strtotime($item->date)));
}
echo json_encode($json);
Ejemplo n.º 11
0
<?php

if ($_SERVER['REQUEST_METHOD'] && isset($_POST['csrf']) == $_SESSION['csrf']['ajax_subscribe']) {
    $response = array();
    $pd = \site\utils::validate_user_data($_POST['subscribe']);
    try {
        $id = $GLOBALS['me'] ? $GLOBALS['me']->ID : 0;
        $type = \user\main::subscribe($id, $pd);
        $response['state'] = 'success';
        $response['message'] = $type == 1 ? sprintf($LANG['newsletter_reqconfirm'], $pd['email']) : $LANG['newsletter_success'];
        unset($_SESSION['csrf']['ajax_subscribe']);
    } catch (Exception $e) {
        $response['state'] = 'error';
        $response['message'] = $e->getMessage();
    }
    echo json_encode($response);
}
Ejemplo n.º 12
0
<div style="text-align: right; margin-bottom: 10px;">
  <a href="<?php 
    echo tlink('user/claim-history');
    ?>
" class="btn">Claims History</a>
</div>



<?php 
    if (($pagination = have_rewards(array('show' => 'active'))) && $pagination['results'] > 0) {
        if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['csrf']) && \site\utils::check_csrf($_POST['csrf'], 'claim_reward')) {
            echo create_reward_request();
            // without this function rewards can't be claimed
        }
        $csrf = $_SESSION['claim_reward'] = \site\utils::str_random(12);
        echo '<div>';
        foreach (rewards(array('show' => 'active', 'orderby' => 'points')) as $item) {
            echo '<section class="array_item twopl">

<div class="table">

<div class="left">
<img src="' . reward_avatar($item->image) . '" alt="" style="height: 60px; width: 60px;">
</div>

<div class="right">
<div class="title">' . $item->title . '</div>
<div class="info">Requires: <b style="color: #0086CE; font-weight: 900;">' . $item->points . '</b> Points</div>
<div class="description">' . (!empty($item->description) ? nl2br($item->description) : '-') . '</div>
</div>
Ejemplo n.º 13
0
<div class="wrapper">

<?php 
$form = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login_form']) && isset($_POST['login_form']['csrf']) && isset($_SESSION['csrf']['login']) && $_POST['login_form']['csrf'] == $_SESSION['csrf']['login']) {
    $pd = \site\utils::validate_user_data($_POST['login_form']);
    try {
        $session = \user\main::login($pd, 1);
        $form .= '<div class="success">' . $LANG['login_success'] . '</div>';
        $form .= '<meta http-equiv="refresh" content="1; url=' . $GLOBALS['siteURL'] . '/setSession.php?session=' . $session . '&back=' . rtrim($GLOBALS['siteURL'], '/') . '/' . ADMINDIR . '">';
    } catch (Exception $e) {
        $form .= '<div class="error">' . $e->getMessage() . '</div>';
    }
}
$csrf = $_SESSION['csrf']['login'] = \site\utils::str_random(12);
echo $form;
?>

<form action="#" method="POST">
<input type="text" name="login_form[username]" value="<?php 
echo isset($pd['username']) ? htmlspecialchars($pd['username']) : '';
?>
" placeholder="<?php 
echo $LANG['form_email'];
?>
" required />
<input type="password" name="login_form[password]" placeholder="<?php 
echo $LANG['form_password'];
?>
" required />
Ejemplo n.º 14
0
<?php

if ($_SERVER['REQUEST_METHOD'] && isset($_POST['csrf']) == $_SESSION['csrf']['ajax_login']) {
    $response = array();
    $pd = \site\utils::validate_user_data($_POST['login']);
    try {
        $session = \user\main::login($pd);
        $response['state'] = 'success';
        $response['message'] = $LANG['login_success'];
        $response['session'] = $GLOBALS['siteURL'] . '/setSession.php?session=' . $session;
        unset($_SESSION['csrf']['ajax_login']);
    } catch (Exception $e) {
        $response['state'] = 'error';
        $response['message'] = $e->getMessage();
    }
    echo json_encode($response);
}
Ejemplo n.º 15
0
    echo '</div>';
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        if (isset($_POST['chat_csrf']) && check_csrf($_POST['chat_csrf'], 'chat_csrf') && isset($_POST['text'])) {
            actions::post_chat_message($_POST['text']);
        }
    }
    $_SESSION['chat_csrf'] = $chat_csrf;
    echo '<ul class="elements-list" id="chat-msgs-list">';
    if ($chatmsgs = admin_query::chat_messages() > 0) {
        foreach (admin_query::while_chat_messages(array('max' => 5, 'orderby' => 'date DESC')) as $item) {
            echo '<li>
  <div style="display: table;">
  <img src="' . \query\main::user_avatar($item->user_avatar) . '" alt="" />
  <div class="info-div"><h2>' . $item->user_name . '
  <span class="fright date">' . date('Y.m.d, ' . (\query\main::get_option('hour_format') == 12 ? 'g:i A' : 'G:i'), strtotime($item->date)) . '</span></h2>
  <div class="info-bar">' . \site\utils::bbcodes($item->text) . '</div>
  </div></div>
  </li>';
        }
    } else {
        echo '<li>' . $LANG['no_chat_yet'] . '</li>';
    }
    echo '</ul>';
    if ($chatmsgs > 0) {
        echo '<div class="links">
  <a href="?route=chat.php">' . $LANG['chat_list'] . '</a>
</div>';
    }
    echo '</div>

</section>';
Ejemplo n.º 16
0
 public static function upload($file, $prefix, $etc = array('name' => '', 'location' => '', 'current' => '', 'path' => '', 'max_size' => '', 'max_height' => '', 'max_width' => ''), $delete_old_file = true)
 {
     if (!isset($etc['path'])) {
         $etc['path'] = '';
     }
     if (!isset($file['tmp_name'])) {
         // check if file is empty, local or external url
         if (empty($file)) {
             return isset($etc['current']) ? $etc['current'] : false;
         } else {
             if (filter_var($file, FILTER_VALIDATE_URL)) {
                 $ufile['tmp_name'] = $etc['path'] . TEMP_LOCATION . '/' . basename($file);
                 $ufile['size'] = @file_put_contents($ufile['tmp_name'], file_get_contents($file));
             } else {
                 $ufile['tmp_name'] = $etc['path'] . TEMP_LOCATION . '/' . basename($file);
                 $ufile['size'] = @file_put_contents($ufile['tmp_name'], file_get_contents($etc['path'] . $file));
             }
         }
         $ufile['name'] = basename($ufile['tmp_name']);
         $file = $ufile;
     }
     if (!empty($etc['location'])) {
         $location = $etc['location'];
     } else {
         $location = UPLOAD_IMAGES_LOC;
     }
     if (isset($file['size']) && (int) $file['size'] === 0) {
         @unlink($file['tmp_name']);
         return isset($etc['current']) ? $etc['current'] : false;
     }
     list($width, $height) = getimagesize($file['tmp_name']);
     if (isset($etc['max_size']) && $etc['max_size'] * 1024 < $file['size'] || isset($etc['max_height']) && $etc['max_height'] < $height || isset($etc['max_width']) && $etc['max_width'] < $width) {
         if (!empty($file['tmp_name'])) {
             // delete the temporary file
             @unlink($file['tmp_name']);
         }
         return !empty($etc['current']) ? $etc['current'] : false;
         // It's not a image in standars, size it's too big or filename it's empty. In this case return the current image, if is not set, then return false.
     }
     if (!\site\utils::file_has_extension($file['name'], '.jpg,.jpeg,.png,.gif')) {
         if (!empty($file['tmp_name'])) {
             // delete the temporary file
             @unlink($file['tmp_name']);
         }
         return !empty($etc['current']) ? $etc['current'] : false;
         // This file has not an allowed extension.
     }
     $new_name = !empty($etc['name']) && strtolower($etc['name']) !== 'auto' ? $etc['name'] : uniqid($prefix) . \site\utils::get_extension($file['name']);
     if (file_exists($etc['path'] . $location . '/' . $new_name) || !copy($file['tmp_name'], $etc['path'] . $location . '/' . $new_name)) {
         // delete the temporary file
         @unlink($file['tmp_name']);
         return !empty($etc['current']) ? $etc['current'] : false;
     }
     if (!empty($etc['current']) && $delete_old_file === true) {
         // delete the temporary file
         @unlink($etc['path'] . $etc['current']);
     }
     // delete the temporary file
     @unlink($file['tmp_name']);
     return $location . '/' . $new_name;
 }
Ejemplo n.º 17
0
 public static function map_of_files_recursive($directory, $allowed_ext = '')
 {
     if (!is_dir($directory)) {
         return false;
     }
     $dir = array();
     foreach (new RecursiveIteratorIterator(new RecursiveDirectoryIterator($directory)) as $filename) {
         if (\site\utils::file_has_extension($filename, $allowed_ext)) {
             $dir[] = str_replace($directory, '', $filename);
         }
     }
     return $dir;
 }
Ejemplo n.º 18
0
 } else {
     if ($coupon_p['couponID'] > 0) {
         echo '<div class="a-alert">Sorry, the coupon is already imported.</div>';
     } else {
         if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['coupon'])) {
             if (isset($_POST['csrf']) && check_csrf($_POST['csrf'], 'cjapi_csrf')) {
                 $data = array('store' => $store_p['storeID'], 'category' => $_POST['coupon']['Category'], 'popular' => isset($_POST['coupon']['Popular']) ? true : false, 'exclusive' => isset($_POST['coupon']['Exclusive']) ? true : false, 'name' => $_POST['coupon']['Title'], 'url' => !isset($_POST['coupon']['Ownlink']) && isset($_POST['coupon']['Link']) && filter_var($_POST['coupon']['Link'], FILTER_VALIDATE_URL) ? $_POST['coupon']['Link'] : '', 'code' => $_POST['coupon']['Code'], 'description' => $_POST['coupon']['Description'], 'tags' => $_POST['coupon']['Tags'], 'start_on' => implode($_POST['coupon']['SD'], ', '), 'end_on' => implode($_POST['coupon']['ED'], ', '), 'publish' => isset($_POST['coupon']['Publish']) ? true : false, 'meta_title' => $_POST['coupon']['MTitle'], 'meta_desc' => $_POST['coupon']['MDesc']);
                 if (\plugin\Popshop\inc\actions::add_item(array(array_merge($coupon_p, $data))) > 0) {
                     echo '<div class="a-success">Added!</div><button class="btn" onclick="window.history.go(-2);">Back</button>';
                     return;
                 } else {
                     echo '<div class="a-error">Error!</div>';
                 }
             }
         }
         $csrf = $_SESSION['cjapi_csrf'] = \site\utils::str_random(10);
         $store = \plugin\Popshop\inc\actions::get_import_store($store_p['storeID']);
         echo '<div class="form-table">
     
     <form action="#" method="POST" autocomplete="off">
     <div class="row"><span>Category:</span>
     <div><select name="coupon[Category]">';
         foreach (\query\main::group_categories(array('max' => 0)) as $cat) {
             echo '<optgroup label="' . $cat['infos']->name . '">';
             echo '<option value="' . $cat['infos']->ID . '"' . ($store['category'] == $cat['infos']->ID ? ' selected' : '') . '>' . $cat['infos']->name . '</option>';
             if (isset($cat['subcats'])) {
                 foreach ($cat['subcats'] as $subcat) {
                     echo '<option value="' . $subcat->ID . '"' . ($store['category'] == $subcat->ID ? ' selected' : '') . '>' . $subcat->name . '</option>';
                 }
             }
             echo '</optgroup>';
Ejemplo n.º 19
0
  <img src="' . (empty($item->image) ? '../' . DEFAULT_IMAGES_LOC . '/plugin_ico.png' : '../' . $item->image) . '" alt="" style="width: 70px;" />
  <div class="info-div"><h2>' . ($item->visible !== 1 ? '<span class="msg-error">' . $LANG['notpublished'] . '</span> ' : '') . $item->name . '
  <span class="fright date">' . date('Y.m.d, ' . (\query\main::get_option('hour_format') == 12 ? 'g:i A' : 'G:i'), strtotime($item->date)) . '</span></h2>
  v ' . sprintf('%0.2f', $item->version) . '
  </div>

  </div>

  <div style="clear:both;"></div>

  <div class="options">';
                if (empty($item->scope)) {
                    echo '<a href="?plugin=' . $item->main_file . '">' . $LANG['open'] . '</a>';
                }
                echo '<a href="?route=plugins.php&amp;action=edit&amp;id=' . $item->ID . '">' . $LANG['edit'] . '</a>';
                echo '<a href="' . \site\utils::update_uri('', array('type' => !$item->visible ? 'publish' : 'unpublish', 'id' => $item->ID, 'token' => $csrf)) . '">' . (!$item->visible ? $LANG['publish'] : $LANG['unpublish']) . '</a>';
                if (!empty($item->options_file)) {
                    echo '<a href="?plugin=' . $item->options_file . '">' . $LANG['options'] . '</a>';
                }
                echo '<a href="?route=plugins.php&amp;action=uninstall&amp;id=' . $item->ID . '">' . $LANG['plugins_uninstall'] . '</a>';
                if (!empty($item->description)) {
                    echo '<a href="javascript:void(0)" onclick="$(this).show_next( { after_action: \'\', element: \'div\' } ); return false;">' . $LANG['description'] . '</a>';
                    echo '<div style="display: none; margin: 10px 0; font-size: 12px;">' . nltobr($item->description) . '</div>';
                }
                echo '</div>
  </li>';
            }
            echo '</ul>

<input type="hidden" name="csrf" value="' . $csrf . '" />
Ejemplo n.º 20
0
      <section class="msg">';
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        if (isset($_POST['token']) && isset($_POST['email']) && \site\utils::check_csrf($_POST['token'], 'sendunsubscr_csrf')) {
            try {
                $type = \user\main::unsubscribe(array('email' => $_POST['email']));
                if ($type == 1) {
                    echo '<div class="success">' . sprintf($LANG['uunsubscr_reqsent'], $_POST['email']) . '</div>';
                } else {
                    echo '<div class="success">' . $LANG['uunsubscr_ok'] . '</div>';
                }
            } catch (Exception $e) {
                echo '<div class="error">' . $e->getMessage() . '</div>';
            }
        }
    }
    $csrf = $_SESSION['sendunsubscr_csrf'] = \site\utils::str_random(10);
    echo '<h2 style="color: #000;">' . $LANG['uunsubscr_title'] . '</h2>
      ' . sprintf($LANG['uunsubscr_body'], '<span id="seconds">5</span>') . ' <br /><br />
      <form method="POST" action="#" autocomplete="off">
      <input type="email" name="email" value="' . (isset($_GET['email']) ? htmlspecialchars($_GET['email']) : '') . '" required />
      <input type="hidden" name="token" value="' . $csrf . '" />
      <button>Unsubscribe me</button>
      </form> <br /><br />
      <a href="index.php">' . $LANG['cancel'] . '</a>
      </section>
  </body>
  </html>';
    die;
} else {
    if (isset($_GET['action']) && isset($_GET['email']) && isset($_GET['token']) && $_GET['action'] == 'unsubscribe2' && \user\mail_sessions::check('unsubscription', array('email' => $_GET['email'], 'session' => $_GET['token']))) {
        $stmt = $db->stmt_init();
Ejemplo n.º 21
0
 public static function while_invoices($category = array())
 {
     global $db;
     $categories = \site\utils::validate_user_data($category);
     $where = $orderby = $limit = array();
     if (isset($categories['max'])) {
         if (!empty($categories['max'])) {
             $limit[] = $categories['max'];
         }
     } else {
         $page = !empty($_GET['page']) ? (int) $_GET['page'] : 1;
         $per_page = isset($categories['per_page']) ? (int) $categories['per_page'] : \query\main::get_option('items_per_page');
         $offset = isset($page) && $page > 1 ? ($page - 1) * $per_page : 0;
         $limit[] = $offset;
         $limit[] = $per_page;
     }
     /*
     WHERE / ORDER BY
     */
     if (!empty($categories['search'])) {
         $search = implode('.*', explode(' ', trim($categories['search'])));
         $where[] = 'CONCAT(t.gateway, t.transaction_id, t.details) REGEXP "' . \site\utils::dbp($search) . '"';
     }
     if (isset($categories['show'])) {
         switch ($categories['show']) {
             case 'paid':
                 $where[] = 'paid > 0';
                 break;
             case 'unpaid':
                 $where[] = 'paid = 0';
                 break;
             case 'delivered':
                 $where[] = 'delivered > 0';
                 break;
             case 'undelivered':
                 $where[] = 'delivered = 0';
                 break;
             case 'undeliveredpayments':
                 $where[] = 'paid > 0 AND delivered = 0';
         }
     }
     if (!empty($categories['date'])) {
         $date = array_map('trim', explode(',', $categories['date']));
         $where[] = 't.date >= FROM_UNIXTIME(' . \site\utils::dbp($date[0]) . ')';
         if (isset($date[1])) {
             $where[] = 't.date <= FROM_UNIXTIME(' . \site\utils::dbp($date[1]) . ')';
         }
     }
     if (isset($categories['orderby'])) {
         $order = array_map('trim', explode(',', strtolower($categories['orderby'])));
         foreach ($order as $v) {
             switch ($v) {
                 case 'rand':
                     $orderby[] = 'RAND()';
                     break;
                 case 'date':
                     $orderby[] = 't.date';
                     break;
                 case 'date desc':
                     $orderby[] = 't.date DESC';
                     break;
                 case 'price':
                     $orderby[] = 't.price';
                     break;
                 case 'price desc':
                     $orderby[] = 't.price DESC';
                     break;
             }
         }
     }
     /*
      */
     $stmt = $db->stmt_init();
     $stmt->prepare("SELECT t.id, t.user, u.name, u.avatar, t.gateway, t.price, t.transaction_id, t.state, t.details, t.lastupdate, t.paid, t.delivered, t.date FROM " . DB_TABLE_PREFIX . "p_transactions t LEFT JOIN " . DB_TABLE_PREFIX . "users u ON (u.id = t.user)" . (empty($where) ? '' : ' WHERE ' . implode(' AND ', $where)) . (empty($orderby) ? '' : ' ORDER BY ' . implode(', ', array_filter($orderby))) . (empty($limit) ? '' : ' LIMIT ' . implode(',', $limit)));
     $stmt->execute();
     $stmt->bind_result($id, $user, $user_name, $user_avatar, $gateway, $price, $transaction_id, $state, $details, $last_update, $paid, $delivered, $date);
     $data = array();
     while ($stmt->fetch()) {
         $data[] = (object) array('ID' => $id, 'user' => $user, 'user_name' => $user_name, 'user_avatar' => $user_avatar, 'gateway' => htmlspecialchars($gateway), 'price' => $price, 'price_format' => sprintf(PRICE_FORMAT, \site\utils::money_format($price)), 'transaction_id' => htmlspecialchars($transaction_id), 'state' => htmlspecialchars($state), 'details' => htmlspecialchars($details), 'last_update' => $last_update, 'paid' => $paid, 'delivered' => $delivered, 'date' => $date);
     }
     $stmt->close();
     return $data;
 }
Ejemplo n.º 22
0
                }
            }
        } else {
            if (isset($_GET['action']) && isset($_GET['token']) && check_csrf($_GET['token'], 'news_csrf')) {
                if ($_GET['action'] == 'delete') {
                    if (isset($_GET['id'])) {
                        if (actions::delete_news($_GET['id'])) {
                            echo '<div class="a-success">' . $LANG['msg_deleted'] . '</div>';
                        } else {
                            echo '<div class="a-error">' . $LANG['msg_error'] . '</div>';
                        }
                    }
                }
            }
        }
        $csrf = $_SESSION['news_csrf'] = \site\utils::str_random(10);
        echo '<div class="page-toolbar">

<form action="#" method="GET" autocomplete="off">
<input type="hidden" name="route" value="news.php" />
<input type="hidden" name="action" value="list" />

' . $LANG['order_by'] . ':
<select name="orderby">';
        foreach (array('date' => $LANG['order_date'], 'date desc' => $LANG['order_date_desc']) as $k => $v) {
            echo '<option value="' . $k . '"' . (isset($_GET['orderby']) && urldecode($_GET['orderby']) == $k || !isset($_GET['orderby']) && $k == 'date desc' ? ' selected' : '') . '>' . $v . '</option>';
        }
        echo '</select>';
        if (isset($_GET['search'])) {
            echo '<input type="hidden" name="search" value="' . htmlspecialchars($_GET['search']) . '" />';
        }
Ejemplo n.º 23
0
                     } else {
                         $cuerr++;
                     }
                 }
                 usleep(500000);
                 // let's put a break after every page, 500 000 microseconds. that means a half of a second
             }
         }
     } catch (Exception $e) {
     }
 }
 /*
 IMPORT COUPONS
 */
 try {
     $coupons = $feed->coupons($options = array('store' => implode(',', array_values($ids)), 'view' => !isset($_GET['import_expired']) || $_GET['import_expired'] !== 'yes' ? 'active' : '', 'date' => \site\utils::timeconvert(date('Y-m-d, H:i:s', $last_check), $feed->timezone)));
     if (!empty($coupons['Count'])) {
         for ($cp = 1; $cp <= ceil($coupons['Count'] / 10); $cp++) {
             if ($cp != 1) {
                 $coupons = $feed->coupons(array_merge(array('page' => $cp), $options));
             }
             foreach ($coupons['List'] as $coupon) {
                 if (!admin_query::coupon_imported($coupon->ID) && ($store = admin_query::store_imported($coupon->Store_ID)) && actions::add_item(array('feedID' => $coupon->ID, 'store' => $store->ID, 'category' => $store->catID, 'popular' => 0, 'exclusive' => 0, 'name' => $coupon->Title, 'link' => $coupon->URL, 'code' => $coupon->Code, 'description' => $coupon->Description, 'tags' => $coupon->Tags, 'cashback' => 0, 'start' => $coupon->Start_Date, 'end' => $coupon->End_Date, 'publish' => 1, 'meta_title' => '', 'meta_desc' => ''))) {
                     $csuc++;
                 } else {
                     $cerr++;
                 }
             }
             usleep(500000);
             // let's put a break after every page, 500 000 microseconds. that means a half of a second
         }
Ejemplo n.º 24
0
                }
            }
        } else {
            if (isset($_GET['action']) && isset($_GET['token']) && check_csrf($_GET['token'], 'banned_csrf')) {
                if ($_GET['action'] == 'delete') {
                    if (isset($_GET['id'])) {
                        if (actions::delete_banned($_GET['id'])) {
                            echo '<div class="a-success">' . $LANG['msg_deleted'] . '</div>';
                        } else {
                            echo '<div class="a-error">' . $LANG['msg_error'] . '</div>';
                        }
                    }
                }
            }
        }
        $csrf = $_SESSION['banned_csrf'] = \site\utils::str_random(10);
        echo '<div class="page-toolbar">

<form action="#" method="GET" autocomplete="off">
<input type="hidden" name="route" value="banned.php" />
<input type="hidden" name="action" value="list" />

Order by:
<select name="orderby">';
        foreach (array('date' => $LANG['order_date'], 'date desc' => $LANG['order_date_desc']) as $k => $v) {
            echo '<option value="' . $k . '"' . (isset($_GET['orderby']) && urldecode($_GET['orderby']) == $k ? ' selected' : '') . '>' . $v . '</option>';
        }
        echo '</select>';
        if (isset($_GET['search'])) {
            echo '<input type="hidden" name="search" value="' . htmlspecialchars($_GET['search']) . '" />';
        }
Ejemplo n.º 25
0
        echo '<div class="title">

<h2>' . $LANG['settings_general_title'] . '</h2>';
        if (!empty($LANG['settings_general_subtitle'])) {
            echo '<span>' . $LANG['settings_general_subtitle'] . '</span>';
        }
        echo '</div>';
        if (isset($_SESSION['js_settings'])) {
            if (isset($_GET['success']) && $_GET['success'] == 'true') {
                echo '<div class="a-success">' . $LANG['msg_saved'] . '</div>';
            } else {
                echo '<div class="a-error">' . $LANG['settings_save_error'] . '</div>';
            }
            unset($_SESSION['js_settings']);
        }
        $csrf = $_SESSION['settings_csrf'] = \site\utils::str_random(10);
        echo '<div class="form-table">

<form action="?route=post-actions.php&amp;action=general-settings" method="POST">

<div class="row"><span>' . $LANG['settings_form_sitename'] . ':</span><div><input type="text" name="sitename" value="' . htmlspecialchars(\query\main::get_option('sitename')) . '" /></div></div>
<div class="row"><span>' . $LANG['settings_form_siteurl'] . ':</span><div><input type="text" name="siteurl" value="' . htmlspecialchars(\query\main::get_option('siteurl')) . '" /></div></div>
<div class="row"><span>' . $LANG['settings_form_sitedesc'] . ':</span><div><textarea name="description">' . \query\main::get_option('sitedescription') . '</textarea></div></div>
<div class="row"><span>' . $LANG['settings_form_itemspp'] . ':</span><div><input type="number" name="ipp" value="' . (int) \query\main::get_option('items_per_page') . '" /></div></div>
<div class="row"><span>' . $LANG['settings_form_userregs'] . ':</span>

<div>
<select name="registrations"><option value="opened">' . $LANG['settings_select_opened'] . '</option><option value="closed"' . (\query\main::get_option('registrations') != 'opened' ? ' selected' : '') . '>' . $LANG['settings_select_closed'] . '</option></select>
</div></div>

<div class="row"><span>' . $LANG['settings_form_accpip'] . ':</span>
Ejemplo n.º 26
0
function check_csrf($post, $session)
{
    return \site\utils::check_csrf($post, $session);
}
Ejemplo n.º 27
0
function contact_form($loc = '')
{
    global $LANG;
    $form = '<div class="contact_form other_form">';
    if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['contact_form' . $loc]) && \site\utils::check_csrf($_POST['contact_form' . $loc]['csrf'], 'contact_form' . $loc . '_csrf')) {
        $pd = \site\utils::validate_user_data($_POST['contact_form' . $loc]);
        try {
            $id = $GLOBALS['me'] ? $GLOBALS['me']->ID : 0;
            \user\main::send_contact($pd);
            $form .= '<div class="success">' . $LANG['sendcontact_success'] . '</div>';
            unset($pd);
        } catch (Exception $e) {
            $form .= '<div class="error">' . $e->getMessage() . '</div>';
        }
    }
    $csrf = $_SESSION['contact_form' . $loc . '_csrf'] = \site\utils::str_random(12);
    $form .= '<form method="POST" action="#widget_contact">
  <div class="form_field"><label for="contact_form' . $loc . '[name]">' . $LANG['form_name'] . ':</label> <div><input type="text" name="contact_form' . $loc . '[name]" id="contact_form' . $loc . '[name]" value="' . (isset($pd['name']) ? $pd['name'] : '') . '" required /></div></div>
  <div class="form_field"><label for="contact_form' . $loc . '[email]">' . $LANG['form_email'] . ':</label> <div><input type="email" name="contact_form' . $loc . '[email]" id="contact_form' . $loc . '[email]" value="' . (isset($pd['email']) ? $pd['email'] : '') . '" required /></div></div>
  <div class="form_field"><label for="contact_form' . $loc . '[message]">' . $LANG['form_message'] . ':</label> <div><textarea name="contact_form' . $loc . '[message]" id="contact_form' . $loc . '[message]">' . (isset($pd['message']) ? $pd['message'] : '') . '</textarea></div></div>
  <input type="hidden" name="contact_form' . $loc . '[csrf]" value="' . $csrf . '" />
  <button>' . $LANG['send'] . '</button>
  </form>

  </div>';
    return $form;
}
Ejemplo n.º 28
0
         $coupons = array();
         while ($stmt->fetch()) {
             $coupon_link = $seo_link ? \site\utils::make_seo_link($seo_link_coupon, $c_title, $c_id) : $GLOBALS['siteURL'] . '?id=' . $c_id;
             $store_link = $seo_link ? \site\utils::make_seo_link($seo_link_store, $s_name, $s_id) : $GLOBALS['siteURL'] . '?store=' . $s_id;
             $c_expiration = str_replace(' 00:00:00', '', $c_expiration);
             //build coupon html
             $coupons['c_' . $c_id] = str_replace(array('{_BANNER_URL_}', '{_BANNER_IMAGE_}', '{_STORE_URL_}', '{_STORE_NAME_}', '{_ITEM_URL_}', '{_ITEM_NAME_}', '{_EXPIRE_TEXT_}'), array($coupon_link, $s_image, $store_link, $s_name, $coupon_link, $c_title, 'Expires on ' . $c_expiration), $template_favitem);
         }
         //list product
         $search_products = "SELECT p.id, p.title, p.link, p.description, p.tags, p.image, p.currency, p.price, p.old_price, s.name, s.link, s.id, p.expiration FROM " . DB_TABLE_PREFIX . "products p LEFT JOIN " . DB_TABLE_PREFIX . "stores s ON (s.id = p.store) WHERE p.visible > 0 AND s.visible > 0 AND p.expiration > '" . $now . "' and p.store = " . $store;
         $stmt->prepare($search_products);
         $stmt->execute();
         $stmt->bind_result($p_id, $p_title, $p_link, $p_description, $p_tags, $p_image, $p_currency, $p_price, $p_old_price, $s_name, $s_link, $s_id, $p_expiration);
         while ($stmt->fetch()) {
             $product_link = $seo_link ? \site\utils::make_seo_link($seo_link_product, $p_title, $p_id) : $GLOBALS['siteURL'] . '?product=' . $p_id;
             $store_link = $seo_link ? \site\utils::make_seo_link($seo_link_store, $s_name, $s_id) : $GLOBALS['siteURL'] . '?store=' . $s_id;
             $p_expiration = str_replace(' 00:00:00', '', $p_expiration);
             //build coupon html
             $coupons['p_' . $p_id] = str_replace(array('{_BANNER_URL_}', '{_BANNER_IMAGE_}', '{_STORE_URL_}', '{_STORE_NAME_}', '{_ITEM_URL_}', '{_ITEM_NAME_}', '{_EXPIRE_TEXT_}', '{_NOW_PRICE_}', '{_OLD_PRICE_}'), array($product_link, $p_image, $store_link, $s_name, $product_link, $p_title, 'Expires on ' . $p_expiration, $p_currency . $p_price, $p_currency . $p_old_price), $template_favsale);
         }
         $coupondata[$store] = $coupons;
     }
     foreach ($coupondata[$store] as $coupon_content) {
         $strfav .= $coupon_content;
     }
 }
 if ($strfav == '') {
     $strnofav = $template_nofav;
 } else {
     $strfav = str_replace($fav_anchor, $strfav, $template_fav);
 }
Ejemplo n.º 29
0
 public static function while_plugins($category = array())
 {
     global $db;
     $categories = \site\utils::validate_user_data($category);
     $where = $orderby = $limit = array();
     if (isset($categories['max'])) {
         if (!empty($categories['max'])) {
             $limit[] = $categories['max'];
         }
     } else {
         $page = !empty($_GET['page']) ? (int) $_GET['page'] : 1;
         $per_page = isset($categories['per_page']) ? (int) $categories['per_page'] : \query\main::get_option('items_per_page');
         $offset = isset($page) && $page > 1 ? ($page - 1) * $per_page : 0;
         $limit[] = $offset;
         $limit[] = $per_page;
     }
     /*
     WHERE / ORDER BY
     */
     if (!empty($categories['search'])) {
         $search = implode('.*', explode(' ', trim($categories['search'])));
         $where[] = 'CONCAT(name, description) REGEXP "' . \site\utils::dbp($search) . '"';
     }
     if (isset($categories['show'])) {
         $show = array_map('trim', explode(',', strtolower($categories['show'])));
         foreach ($show as $v) {
             switch ($v) {
                 case 'languages':
                     $where[] = 'scope = "language"';
                     break;
                 case 'payment_gateways':
                     $where[] = 'scope = "pay_gateway"';
                     break;
                 case 'feed_servers':
                     $where[] = 'scope = "feed_server"';
                     break;
                 case 'applications':
                     $where[] = 'scope = ""';
                     break;
             }
         }
     }
     if (isset($categories['orderby'])) {
         $order = array_map('trim', explode(',', strtolower($categories['orderby'])));
         foreach ($order as $v) {
             switch ($v) {
                 case 'name':
                     $orderby[] = 'name';
                     break;
                 case 'name desc':
                     $orderby[] = 'name DESC';
                     break;
                 case 'date':
                     $orderby[] = 'date';
                     break;
                 case 'date desc':
                     $orderby[] = 'date DESC';
                     break;
             }
         }
     }
     /*
      */
     $stmt = $db->stmt_init();
     $stmt->prepare("SELECT id, user, name, image, scope, main, options, menu, menu_ready, menu_icon, extend_vars, description, version, update_checker, uninstall, visible, date FROM " . DB_TABLE_PREFIX . "plugins" . (empty($where) ? '' : ' WHERE ' . implode(' AND ', $where)) . (empty($orderby) ? '' : ' ORDER BY ' . implode(', ', array_filter($orderby))) . (empty($limit) ? '' : ' LIMIT ' . implode(',', $limit)));
     $stmt->execute();
     $stmt->bind_result($id, $user, $name, $image, $scope, $main_file, $options_file, $menu, $menu_ready, $menu_icon, $vars, $description, $version, $update_checker, $uninstall, $visible, $date);
     $data = array();
     while ($info = $stmt->fetch()) {
         $data[] = (object) array('ID' => $id, 'user' => $user, 'name' => htmlspecialchars($name), 'image' => htmlspecialchars($image), 'scope' => htmlspecialchars($scope), 'main_file' => htmlspecialchars($main_file), 'options_file' => htmlspecialchars($options_file), 'menu' => $menu, 'menu_ready' => $menu_ready, 'menu_icon' => $menu_icon, 'vars' => @unserialize($vars), 'description' => htmlspecialchars($description), 'update_checker' => htmlspecialchars($update_checker), 'version' => $version, 'uninstall_preview' => @unserialize($uninstall), 'visible' => $visible, 'date' => $date);
     }
     $stmt->close();
     return $data;
 }
Ejemplo n.º 30
0
                        echo '</div>

      </li>';
                    }
                    echo '</ul>

    </form>';
                    if (($pages = ceil($stores['Count'] / 10)) > 1) {
                        $page = isset($_GET['page']) && (int) $_GET['page'] > 0 ? (int) $_GET['page'] : 1;
                        $page = $page > $pages ? $pages : $page;
                        echo '<div class="pagination">';
                        if ($page > 1) {
                            echo '<a href="' . \site\utils::update_uri('', array('page' => $page - 1)) . '" class="btn">' . $LANG['prev_page'] . '</a>';
                        }
                        if ($page < $pages) {
                            echo '<a href="' . \site\utils::update_uri('', array('page' => $page + 1)) . '" class="btn">' . $LANG['next_page'] . '</a>';
                        }
                        if ($pages > 1) {
                            echo '<div class="pag_goto">' . sprintf($LANG['pageofpages'], $page, $pages) . '
    <form action="#" method="GET">';
                            foreach ($_GET as $gk => $gv) {
                                if ($gk !== 'page') {
                                    echo '<input type="hidden" name="' . htmlspecialchars($gk) . '" value="' . htmlspecialchars($gv) . '" />';
                                }
                            }
                            echo '<input type="number" name="page" min="1" max="' . $pages . '" size="5" value="' . $page . '" />
    <button class="btn">' . $LANG['go'] . '</button>
    </form>
    </div>';
                        }
                        echo '</div>';