function MG_staticSortMediaSave() { global $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03, $_POST; $startaid = COM_applyFilter($_POST['startaid'], true); $sortfield = COM_applyFilter($_POST['sortfield'], true); $sortorder = COM_applyFilter($_POST['sortorder'], true); $process_subs = COM_applyFilter($_POST['processsub'], true); switch ($sortfield) { case '0': // media_time $sql_sort_by = " ORDER BY m.media_time "; break; case '1': // media_upload_time $sql_sort_by = " ORDER BY m.media_upload_time "; break; case '2': // media title $sql_sort_by = " ORDER BY m.media_title "; break; case '3': // media original filename $sql_sort_by = " ORDER BY m.media_original_filename "; break; default: $sql_sort_by = " ORDER BY m.media_time "; break; } switch ($sortorder) { case '0': // ascending $sql_order = " DESC"; break; case '1': // descending $sql_order = " ASC"; break; } if ($process_subs == 0) { $sql = "SELECT *\n FROM " . $_TABLES['mg_media_albums'] . " as ma LEFT JOIN " . $_TABLES['mg_media'] . " as m ON m.media_id = ma.media_id\n WHERE ma.album_id=" . $startaid . $sql_sort_by . $sql_order; $order = 10; $result = DB_query($sql); $numRows = DB_numRows($result); for ($x = 0; $x < $numRows; $x++) { $row = DB_fetchArray($result); $media_id[$x] = $row['media_id']; $media_order[$x] = $order; $order += 10; } $media_count = $numRows; $i = 0; for ($x = 0; $x < $media_count; $x++) { $sql = "UPDATE " . $_TABLES['mg_media_albums'] . " SET media_order=" . $media_order[$x] . " WHERE media_id='" . $media_id[$x] . "' AND album_id=" . $startaid; $res = DB_query($sql); } } else { MG_staticSortMediaChildren($startaid, $sql_order, $sql_sort_by); } header("Location: " . $_MG_CONF['admin_url'] . 'index.php?msg=1'); }
/** * Toggle status of a feed from enabled to disabled and back * * @param int $fid ID of the feed * @return void * */ function changeFeedStatus($fid_arr) { global $_TABLES; $changes = false; // first disable all DB_query("UPDATE {$_TABLES['syndication']} SET is_enabled = 0"); if (isset($fid_arr)) { foreach ($fid_arr as $fid) { $feed_id = addslashes(COM_applyFilter($fid, true)); if (!empty($fid)) { // now enable those in the array DB_query("UPDATE {$_TABLES['syndication']} SET is_enabled = 1 WHERE fid = '{$fid}'"); $changes = true; } } } if ($changes) { $result = DB_query("SELECT filename FROM {$_TABLES['syndication']} WHERE is_enabled = 0"); $num_feeds_off = DB_numRows($result); for ($i = 0; $i < $num_feeds_off; $i++) { list($feedfile) = DB_fetchArray($result); deleteFeedFile($feedfile); } } }
function MG_usageReport() { global $_TABLES, $_CONF, $_MG_CONF, $LANG_MG02, $LANG_MG01, $LANG30, $_POST; $retval = ''; $T = new Template($_MG_CONF['template_path'] . '/admin'); $T->set_file('admin', 'usage_rpt.thtml'); $T->set_var('site_url', $_CONF['site_url']); $T->set_var('site_admin_url', $_CONF['site_admin_url']); $T->set_var('plugin', 'mediagallery'); $rpt_month = COM_applyFilter($_POST['month'], true); $rpt_day = COM_applyFilter($_POST['day'], true); $rpt_year = COM_applyFilter($_POST['year'], true); $user = COM_applyFilter($_POST['user']); $alldates = COM_applyFilter($_POST['alldates']); if ($alldates == "on" && $user == "") { return MG_errorHandler($LANG_MG02['usage_report_error1']); } if ($alldates == "") { $begin_time = mktime(0, 0, 0, $rpt_month, $rpt_day, $rpt_year); $end_time = mktime(23, 59, 59, $rpt_month, $rpt_day, $rpt_year); $where = " WHERE (time >= {$begin_time} AND time <= {$end_time}) "; } else { $where = ""; } if ($alldates == "" && $user != "") { $where .= "AND "; } if ($user != "") { if ($alldates == "on") { $where .= "WHERE "; } $where .= " user_id='" . $user . "' "; } $sql = "SELECT * FROM {$_TABLES['mg_usage_tracking']} " . $where . " ORDER BY time"; $result = DB_query($sql); $nRows = DB_numRows($result); $i = 0; $T->set_block('admin', 'usagerow', 'urow'); for ($x = 0; $x < $nRows; $x++) { $row = DB_fetchArray($result); if ($alldates == "on") { $view_date = date("d-M-y @ h:i a", $row['time']); } else { $view_date = date("h:i a", $row['time']); } $T->set_var(array('usage_time' => $view_date, 'user_id' => $row['user_name'], 'application' => $row['application'], 'album_title' => stripslashes($row['album_title']), 'media_title' => stripslashes($row['media_title']) == "" ? $row['media_id'] ? $row['media_id'] : "" : $row['media_title'], 'media_link' => $_MG_CONF['site_url'] . '/media_popup.php?mid=' . $row['media_id'] . '&aid=0', 'rowclass' => $i % 2 ? '2' : '1')); $i++; $T->parse('urow', 'usagerow', true); } if ($alldates == "on") { $rpt_date = $LANG_MG01['all_dates']; } else { $rpt_date = $LANG30[12 + $rpt_month] . ' ' . $rpt_day . ', ' . $rpt_year; } $T->set_var(array('report_date' => $rpt_date, 's_form_action' => $_MG_CONF['admin_url'] . 'usage_rpt.php', 'lang_usage_report' => $LANG_MG01['usage_report_header'], 'lang_time' => $LANG_MG01['time'], 'lang_user_id' => $LANG_MG01['user_id'], 'lang_application' => $LANG_MG01['application'], 'lang_album_title' => $LANG_MG01['album_title'], 'lang_media_title' => $LANG_MG01['mod_mediatitle'], 'lang_new_report' => $LANG_MG01['new_report'])); $T->parse('output', 'admin'); $retval .= $T->finish($T->get_var('output')); return $retval; }
function databox_custom_templateSetVars($templatename, &$template) { switch ($templatename) { case 'data': $aaa = COM_applyFilter($_POST['aaa']); $template->set_var('aaa', $aaa); break; } }
function MG_staticSortAlbumsSave() { global $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03, $_POST; $startaid = COM_applyFilter($_POST['startaid'], true); $sortfield = COM_applyFilter($_POST['sortfield'], true); $sortorder = COM_applyFilter($_POST['sortorder'], true); $process_subs = COM_applyFilter($_POST['processsub'], true); switch ($sortby) { case '0': // album title $sql_sort_by = " ORDER BY album_title "; break; case '1': // media_count $sql_sort_by = " ORDER BY media_count "; break; case '2': // last_update $sql_sort_by = " ORDER BY last_update "; break; default: $sql_sort_by = " ORDER BY album_title "; break; } switch ($sortorder) { case '0': // ascending $sql_order = " DESC"; break; case '1': // descending $sql_order = " ASC"; break; } if ($process_subs == 0) { $sql = "SELECT album_id,album_order FROM {$_TABLES['mg_albums']} WHERE album_parent=" . $startaid . " " . $sql_sort_by . $sql_order; $order = 10; $result = DB_query($sql); $numRows = DB_numRows($result); for ($x = 0; $x < $numRows; $x++) { $row = DB_fetchArray($result); $album_id[$x] = $row['album_id']; $album_order[$x] = $order; $order += 10; } $album_count = $numRows; $i = 0; for ($x = 0; $x < $album_count; $x++) { $sql = "UPDATE " . $_TABLES['mg_albums'] . " SET album_order=" . $album_order[$x] . " WHERE album_id=" . $album_id[$x]; $res = DB_query($sql); } } else { MG_staticSortAlbumChildren($startaid, $sql_order, $sql_sort_by); } header("Location: " . $_MG_CONF['admin_url'] . 'index.php?msg=1'); }
function fncComment($id) { global $_CONF; global $_TABLES; // $order = ''; if (isset($_REQUEST['order'])) { $order = COM_applyFilter($_REQUEST['order']); } $mode = ''; if (isset($_REQUEST['mode'])) { $mode = COM_applyFilter($_REQUEST['mode']); } $page = 1; if (isset($_REQUEST['cpage'])) { $page = COM_applyFilter($_REQUEST['cpage']); } // $tbl = $_TABLES['USERBOX_base']; //----- $sql = "SELECT "; $sql .= "commentcode "; $sql .= ",owner_id"; $sql .= ",group_id"; $sql .= ",perm_owner"; $sql .= ",perm_group"; $sql .= ",perm_members"; $sql .= ",perm_anon"; $sql .= " FROM "; $sql .= " {$tbl} AS t "; //base $sql .= " WHERE "; $sql .= " id=" . $id; $sql .= " AND t.draft_flag=0" . LB; //アクセス権のないデータ はのぞく $sql .= COM_getPermSql('AND'); //公開日以前のデータはのぞく $sql .= " AND (released <= NOW())"; //公開終了日を過ぎたデータはのぞく $sql .= " AND (expired=0 OR expired > NOW())"; // $result = DB_query($sql); $numrows = DB_numRows($result); if ($numrows > 0) { $A = DB_fetchArray($result); $A = array_map('stripslashes', $A); if ($A['commentcode'] >= 0) { $delete_option = SEC_hasRights('userbox.edit') && SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 ? true : false; require_once $_CONF['path_system'] . 'lib-comment.php'; $retval .= CMT_userComments($id, $A['topic'], 'userbox', $order, $mode, 0, $page, false, $delete_option, $A['commentcode']); } } return $retval; }
/** * Constructor */ function display() { global $_CONF, $_TABLES, $LANG_SX00; $action = ''; if (isset($_GET['action'])) { $action = $_GET['action']; } elseif (isset($_POST['paction'])) { $action = $_POST['paction']; } if ($action == 'delete' && SEC_checkToken()) { $entry = $_GET['entry']; if (!empty($entry)) { $dbentry = addslashes($entry); DB_delete($_TABLES['spamx'], array('name', 'value'), array('HTTPHeader', $dbentry)); } } elseif ($action == $LANG_SX00['addentry'] && SEC_checkToken()) { $entry = ''; $name = COM_applyFilter($_REQUEST['header-name']); $n = explode(':', $name); $name = $n[0]; $value = $_REQUEST['header-value']; if (!empty($name) && !empty($value)) { $entry = $name . ': ' . $value; } $dbentry = addslashes($entry); if (!empty($entry)) { $result = DB_query("INSERT INTO {$_TABLES['spamx']} VALUES ('HTTPHeader','{$dbentry}')"); } } $token = SEC_createToken(); $display = '<hr' . XHTML . '>' . LB . '<p><b>'; $display .= $LANG_SX00['headerblack']; $display .= '</b></p>' . LB . '<ul>' . LB; $result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name='HTTPHeader' ORDER BY value"); $nrows = DB_numRows($result); for ($i = 0; $i < $nrows; $i++) { list($e) = DB_fetchArray($result); $display .= '<li>' . COM_createLink(htmlspecialchars($e), $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditHeader&action=delete&entry=' . urlencode($e) . '&' . CSRF_TOKEN . '=' . $token) . '</li>' . LB; } $display .= '</ul>' . LB . '<p>' . $LANG_SX00['e1'] . '</p>' . LB; $display .= '<p>' . $LANG_SX00['e2'] . '</p>' . LB; $display .= '<form method="post" action="' . $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditHeader">' . LB; $display .= '<table border="0" width="100%">' . LB; $display .= '<tr><td align="right"><b>Header:</b></td>' . LB; $display .= '<td><input type="text" size="40" name="header-name"' . XHTML . '> e.g. <tt>User-Agent</tt></td></tr>' . LB; $display .= '<tr><td align="right"><b>Content:</b></td>' . LB; $display .= '<td><input type="text" size="40" name="header-value"' . XHTML . '> e.g. <tt>Mozilla</tt></td></tr>' . LB; $display .= '</table>' . LB; $display .= '<p><input type="submit" name="paction" value="' . $LANG_SX00['addentry'] . '"' . XHTML . '>'; $display .= '<input type="hidden" name="' . CSRF_TOKEN . "\" value=\"{$token}\"" . XHTML . '></p>' . LB; $display .= '</form>' . LB; return $display; }
function MG_staticSortMediaSave() { global $_TABLES, $_MG_CONF; $startaid = !empty($_POST['startaid']) ? COM_applyFilter($_POST['startaid'], true) : 0; $sortfield = !empty($_POST['sortfield']) ? COM_applyFilter($_POST['sortfield'], true) : 0; $sortorder = !empty($_POST['sortorder']) ? COM_applyFilter($_POST['sortorder'], true) : 0; $process_subs = !empty($_POST['processsub']) ? COM_applyFilter($_POST['processsub'], true) : 0; switch ($sortfield) { case '0': // media_time $sql_sort_by = " ORDER BY m.media_time "; break; case '1': // media_upload_time $sql_sort_by = " ORDER BY m.media_upload_time "; break; case '2': // media title $sql_sort_by = " ORDER BY m.media_title "; break; case '3': // media original filename $sql_sort_by = " ORDER BY m.media_original_filename "; break; default: $sql_sort_by = " ORDER BY m.media_time "; break; } switch ($sortorder) { case '0': // ascending $sql_order = " DESC"; break; case '1': // descending $sql_order = " ASC"; break; } if ($process_subs == 0) { $sql = "SELECT m.media_id FROM {$_TABLES['mg_media_albums']} AS ma " . "LEFT JOIN {$_TABLES['mg_media']} AS m ON m.media_id = ma.media_id " . "WHERE ma.album_id=" . $startaid . $sql_sort_by . $sql_order; $result = DB_query($sql); $order = 10; while ($row = DB_fetchArray($result)) { DB_change($_TABLES['mg_media_albums'], 'media_order', $order, array('media_id', 'album_id'), array($row['media_id'], $startaid)); $order += 10; } } else { MG_staticSortMediaChildren($startaid, $sql_order, $sql_sort_by); } header("Location: " . $_MG_CONF['admin_url'] . 'index.php?msg=1'); }
function MG_saveUser() { global $_CONF, $_MG_CONF, $_TABLES, $_USER, $LANG_MG00, $LANG_MG01, $_POST; $uid = COM_applyFilter($_POST['uid'], true); $quota = COM_applyFilter($_POST['quota'], true) * 1048576; $active = COM_applyFilter($_POST['active'], true); $result = DB_query("SELECT uid FROM {$_TABLES['mg_userprefs']} WHERE uid=" . $uid); $nRows = DB_numRows($result); if ($nRows > 0) { DB_query("UPDATE {$_TABLES['mg_userprefs']} SET quota=" . $quota . ",active=" . $active . " WHERE uid=" . $uid, 1); } else { DB_query("INSERT INTO {$_TABLES['mg_userprefs']} SET uid=" . $uid . ", quota=" . $quota . ",active=" . $active, 1); } echo COM_refresh($_MG_CONF['admin_url'] . 'quotareport.php'); exit; }
function MG_staticSortAlbumsSave() { global $_TABLES, $_MG_CONF; $startaid = !empty($_POST['startaid']) ? COM_applyFilter($_POST['startaid'], true) : 0; $sortfield = !empty($_POST['sortfield']) ? COM_applyFilter($_POST['sortfield'], true) : 0; $sortorder = !empty($_POST['sortorder']) ? COM_applyFilter($_POST['sortorder'], true) : 0; $process_subs = !empty($_POST['processsub']) ? COM_applyFilter($_POST['processsub'], true) : 0; switch ($sortfield) { case '0': // album title $sql_sort_by = " ORDER BY album_title "; break; case '1': // media_count $sql_sort_by = " ORDER BY media_count "; break; case '2': // last_update $sql_sort_by = " ORDER BY last_update "; break; default: $sql_sort_by = " ORDER BY album_title "; break; } switch ($sortorder) { case '0': // ascending $sql_order = " DESC"; break; case '1': // descending $sql_order = " ASC"; break; } if ($process_subs == 0) { $sql = "SELECT album_id FROM {$_TABLES['mg_albums']} " . "WHERE album_parent=" . $startaid . " " . $sql_sort_by . $sql_order; $result = DB_query($sql); $order = 10; while ($row = DB_fetchArray($result)) { DB_change($_TABLES['mg_albums'], 'album_order', $order, 'album_id', $row['album_id']); $order += 10; } } else { MG_staticSortAlbumChildren($startaid, $sql_order, $sql_sort_by); } header("Location: " . $_MG_CONF['admin_url'] . 'index.php?msg=1'); }
function MG_saveRSS() { global $_CONF, $_MG_CONF, $_TABLES, $_USER, $_POST; $rss_full_enabled = isset($_POST['rss_full_enabled']) ? COM_applyFilter($_POST['rss_full_enabled'], true) : 0; $rss_feed_type = COM_applyFilter($_POST['rss_feed_type']); $rss_ignore_empty = isset($_POST['rss_ignore_empty']) ? COM_applyFilter($_POST['rss_ignore_empty'], true) : 0; $rss_anonymous_only = isset($_POST['rss_anonymous_only']) ? COM_applyFilter($_POST['rss_anonymous_only'], true) : 0; $rss_feed_name = COM_applyFilter($_POST['rss_feed_name']); $hide_email = isset($_POST['hide_email']) ? COM_applyFilter($_POST['hide_email'], true) : 0; DB_save($_TABLES['mg_config'], "config_name, config_value", "'rss_full_enabled','{$rss_full_enabled}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'rss_feed_type','{$rss_feed_type}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'rss_ignore_empty','{$rss_ignore_empty}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'rss_anonymous_only','{$rss_anonymous_only}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'rss_feed_name','{$rss_feed_name}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'hide_author_email','{$hide_email}'"); $_MG_CONF['rss_full_enabled'] = $rss_full_enabled; MG_buildFullRSS(); echo COM_refresh($_MG_CONF['admin_url'] . 'index.php?msg=6'); exit; }
/** * Return HTML widget * * @return string */ public function display() { global $LANG_SX00; $action = $this->getAction(); $entry = $this->getEntry(); if ($action === 'delete' && SEC_checkToken()) { $this->deleteEntry($entry); } elseif ($action === $LANG_SX00['addentry'] && SEC_checkToken()) { $entry = ''; $name = COM_applyFilter($_REQUEST['header-name']); $n = explode(':', $name); $name = $n[0]; $value = $_REQUEST['header-value']; if (!empty($name) && !empty($value)) { $entry = $name . ': ' . $value; } $this->addEntry($entry); } return $this->getWidget(); }
function POLLS_saveVote_AJAX($pid, $aid) { global $_CONF, $_PO_CONF, $_TABLES, $LANG_POLLS; $retval = array('html' => '', 'statusMessage' => ''); if (POLLS_ipAlreadyVoted($pid)) { $retval['statusMessage'] = 'You have already voted on this poll'; $retval['html'] = POLLS_pollResults($pid, 400, '', '', 2); } else { setcookie('poll-' . $pid, implode('-', $aid), time() + $_PO_CONF['pollcookietime'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']); DB_change($_TABLES['polltopics'], 'voters', "voters + 1", 'pid', DB_escapeString($pid), '', true); $answers = count($aid); for ($i = 0; $i < $answers; $i++) { DB_change($_TABLES['pollanswers'], 'votes', "votes + 1", array('pid', 'qid', 'aid'), array(DB_escapeString($pid), $i, COM_applyFilter($aid[$i], true)), '', true); } DB_save($_TABLES['pollvoters'], 'ipaddress,date,pid', "'" . DB_escapeString($_SERVER['REMOTE_ADDR']) . "'," . time() . ",'" . DB_escapeString($pid) . "'"); } $eMsg = $LANG_POLLS['savedvotemsg'] . ' "' . DB_getItem($_TABLES['polltopics'], 'topic', "pid = '" . DB_escapeString($pid) . "'") . '"'; $retval['statusMessage'] = $eMsg; $retval['html'] = POLLS_pollResults($pid, 400, '', '', 2); return $retval; }
/** * Constructor */ function display() { global $_CONF, $LANG_SX00; $display = ''; $max_Log_Size = 100000; $action = ''; if (isset($_POST['action'])) { $action = COM_applyFilter($_POST['action']); } $path = $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=LogView'; $log = 'spamx.log'; $display .= "<form method=\"post\" action=\"{$path}\"><div>"; $display .= "<input type=\"submit\" name=\"action\" value=\"{$LANG_SX00['clearlog']}\"" . XHTML . ">"; $display .= "</div></form>"; if ($action == $LANG_SX00['clearlog']) { $timestamp = strftime("%c"); $fd = fopen($_CONF['path_log'] . $log, "w"); fputs($fd, "{$timestamp} {$LANG_SX00['logcleared']} \n"); fclose($fd); } $fsize = filesize($_CONF['path_log'] . $log); if ($fsize > $max_Log_Size) { $fd = fopen($_CONF['path_log'] . $log, "r"); fseek($fd, -$max_Log_Size, SEEK_END); $data = fgets($fd); $data = fread($fd, $max_Log_Size); fclose($fd); $fd = fopen($_CONF['path_log'] . $log, "w"); fputs($fd, "{$timestamp} {$LANG_SX00['logcleared']} \n"); fwrite($fd, $data); fclose($fd); } $display .= "<hr" . XHTML . "><pre>"; $display .= implode('', file($_CONF['path_log'] . $log)); $display .= "</pre>"; return $display; }
function MG_getItems(&$album_data) { global $_TABLES, $_MG_CONF; $retval = ''; if (!isset($album_data['album_id']) || $album_data['access'] < 1) { return ''; } $aid = $album_data['album_id']; $src = isset($_REQUEST['src']) ? COM_applyFilter($_REQUEST['src']) : 'orig'; if ($src != 'disp' && $src != 'orig') { $src = 'orig'; } $sql = MG_buildMediaSql(array('album_id' => $aid, 'fields' => array('media_type', 'media_filename', 'remote_url', 'media_id', 'media_title', 'media_desc'))); $result = DB_query($sql); while ($A = DB_fetchArray($result)) { if ($A['media_type'] != 0) { continue; } $PhotoPath = MG_getFilePath($src, $A['media_filename']); $ext = pathinfo($PhotoPath, PATHINFO_EXTENSION); $RelativePath = $_MG_CONF['mediaobjects_url'] . "/{$src}/"; $RelativeTNPath = $_MG_CONF['mediaobjects_url'] . '/tn/'; $RelativePath .= $A['media_filename'][0] . '/' . $A['media_filename'] . '.' . $ext; $RelativeTNPath .= $A['media_filename'][0] . '/' . $A['media_filename'] . '_150x150.' . $ext; $imgsize = @getimagesize($PhotoPath); if ($imgsize == false) { continue; } $title = '<p><b><font color="#ffffff" size="20">' . strip_tags($A['media_title']) . '</font></b></p>'; $desc = '<p>' . strip_tags($A['media_desc']) . '</p>'; $retval .= '<image ' . 'imageURL="' . $RelativePath . '" ' . 'thumbURL="' . $RelativeTNPath . '" ' . 'linkURL="' . $RelativePath . '" linkTarget="" >' . LB; $retval .= '<caption><![CDATA[' . $title . $desc . ']]></caption>' . LB; $retval .= '</image>' . LB; } return $retval; }
function upload_file() { global $CONF_FE, $_TABLES, $GLOBALS, $_CONF; //upload the file $field_name = COM_applyFilter($_POST['current_upload_file']); $result_id = COM_applyFilter($_POST['res_id'], true); $form_id = COM_applyFilter($_POST['form_id'], true); $uploadfile = $_FILES[$field_name]; $fieldID = COM_applyFilter($_REQUEST['field_id'], true); if ($result_id == 0) { //form has not been saved yet $result_id = nexform_dbsave($form_id, 0, false); } if (($rec = nexform_check4files($result_id, $field_name)) != 0) { $retval = ''; $retval .= " <a href=\"{$CONF_FE['public_url']}/download.php?id={$rec}\" target=\"_new\">"; $retval .= "<img src=\"{$CONF_FE['image_url']}/document_sm.gif\" border=\"0\">{$uploadfile['name'][0]}</a> "; $edit_group = DB_getItem($_TABLES['nxform_definitions'], 'perms_edit', "id='{$form_id}'"); if (SEC_inGroup($edit_group)) { $retval .= "<a href=\"#\" onClick='ajaxDeleteFile({$fieldID},{$rec},\"{$field_name}\"); return false;'>"; $retval .= "<img src=\"{$CONF_FE['image_url']}/delete.gif\" border=\"0\"></a> "; } $iserror = 'false'; } else { //COM_fileLog("upload error:" . $GLOBALS['fe_errmsg']); $errmsg = $GLOBALS['fe_errmsg']; $err_fieldname = 'error_' . ppRandomFilename(); $retval = ''; if ($errmsg == '') { $errmsg = 'Your file could not be uploaded.'; } $retval .= "<table id=\"tbl_{$err_fieldname}\"><tr id=\"{$err_fieldname}\"><td><img src=\"{$_CONF['layout_url']}/nexform/images/error.gif\"></td><td>{$errmsg}<br><center><font size=\"1\"><a href=\"#\" onClick=\"ajaxClearErrorMessage('{$err_fieldname}'); return false;\">[ Clear Message ]</a></font></center></td></tr></table>"; $iserror = 'true'; } return array($retval, $fieldID, $field_name, $form_id, $result_id, $iserror); }
} else { $sql = "select tid,sid,title,date,comments from {$_TABLES['stories']} where tid='" . DB_escapeString($curtopic) . "'"; $countsql = DB_query("SELECT COUNT(*) FROM {$_TABLES['stories']} where tid='" . DB_escapeString($curtopic) . "'"); } } else { $curtopic = ''; $sql = "select tid,sid,title,date,comments from {$_TABLES['stories']}"; $countsql = DB_query("SELECT COUNT(*) FROM {$_TABLES['stories']}"); } list($maxrows) = DB_fetchArray($countsql); $numpages = ceil($maxrows / $show); $offset = ($page - 1) * $show; $sql .= " ORDER BY sid DESC LIMIT {$offset}, {$show}"; $result = DB_query($sql); $numrows = DB_numRows($result); $selectedForum = isset($_POST['selforum']) ? COM_applyFilter($_POST['selforum']) : ''; $p->set_var('action_url', $_CONF['site_admin_url'] . '/plugins/forum/migrate.php'); $p->set_var('filter_topic_selection', _ff_migrate_topicsList($curtopic)); $p->set_var('select_filter_options', COM_optionList($_TABLES['ff_forums'], "forum_id,forum_name", $selectedForum)); $p->set_var('LANG_migrate', $LANG_GF01['MIGRATE_NOW']); $p->set_var('LANG_filterlist', $LANG_GF01['FILTERLIST']); $p->set_var('LANG_selectforum', $LANG_GF01['SELECTFORUM']); $p->set_var('LANG_deleteafter', $LANG_GF01['DELETEAFTER']); $p->set_var('LANG_all', $LANG_GF01['ALL']); $p->set_var('LANG_topic', $LANG_GF01['TOPIC']); $p->set_var('LANG_title', $LANG_GF01['TITLE']); $p->set_var('LANG_date', $LANG_GF01['DATE']); $p->set_var('LANG_comments', $LANG_GF01['COMMENTS']); if ($numrows > 0) { $base_url = $_CONF['site_admin_url'] . '/plugins/forum/migrate.php?seltopic=' . $curtopic; for ($i = 0; $i < $numrows; $i++) {
// +--------------------------------------------------------------------------+ require_once '../../../lib-common.php'; require_once $_CONF['path'] . '/plugins/calendar/autoinstall.php'; USES_lib_install(); if (!SEC_inGroup('Root')) { // Someone is trying to illegally access this page COM_errorLog("Someone has tried to illegally access the Calendar install/uninstall page. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1); $display = COM_siteHeader('menu', $LANG_ACCESS['accessdenied']) . COM_startBlock($LANG_ACCESS['accessdenied']) . $LANG_ACCESS['plugin_access_denied_msg'] . COM_endBlock() . COM_siteFooter(); echo $display; exit; } /** * Main Function */ if (SEC_checkToken()) { $action = COM_applyFilter($_GET['action']); if ($action == 'install') { if (plugin_install_calendar()) { // Redirects to the plugin editor echo COM_refresh($_CONF['site_admin_url'] . '/plugins.php?msg=44'); exit; } else { echo COM_refresh($_CONF['site_admin_url'] . '/plugins.php?msg=72'); exit; } } else { if ($action == 'uninstall') { if (plugin_uninstall_calendar('installed')) { /** * Redirects to the plugin editor */
$sql .= "ifValue='{$ifArgumentValue}', "; $sql .= "nf_handlerID='0' "; $sql .= "where id='{$editid}'"; // echo $sql; $result = DB_Query($sql); break; default: // not an if task $nextSteps = str_replace(" ", "", $_POST['nextTasks']); if (strlen($nextSteps) > 0) { $nextSteps = split(",", $nextSteps); $numberSteps = count($nextSteps); $sql = "DELETE FROM {$_TABLES['nf_templatedatanextstep']} WHERE nf_templateDataFrom='{$editid}'"; $result = DB_Query($sql); for ($cntr = 0; $cntr < $numberSteps; $cntr++) { $templateNextStep = lidtonfid(COM_applyFilter($nextSteps[$cntr], true), $templateID); $sql = "INSERT INTO {$_TABLES['nf_templatedatanextstep']} (nf_templateDataFrom,nf_templateDataTo ) "; $sql .= "VALUES ('{$editid}','{$templateNextStep}')"; $result = DB_Query($sql); } } else { // trying to remove the next steps then as there are none listed! $sql = "DELETE FROM {$_TABLES['nf_templatedatanextstep']} WHERE nf_templateDataFrom='{$editid}'"; $result = DB_Query($sql); } break; } //end switch // continue on merrily saving the task. $sql = "UPDATE {$_TABLES['nf_templatedata']} SET nf_stepType='{$stepID}'"; if (($stepID == 1 or $stepID == 4) and $handlerID > 0) {
/** * Kicks off the appropriate search(es) * * Initiates the search engine and returns HTML formatted * results. It also provides support to plugins using a * search API. Backwards compatibility has been incorporated * in this function to allow legacy support to plugins using * the old API calls defined versions prior to Geeklog 1.5.1 * * @return string HTML output for search results * */ public function doSearch() { global $_CONF, $LANG01, $LANG09, $LANG31; // Verify current user can perform requested search if (!$this->_isSearchAllowed()) { return SEC_loginRequiredForm(); } // When full text searches are enabled, make sure the min. query length // is 3 characters. Otherwise, make sure at least one of query string, // author, or topic is not empty. if (empty($this->_query) && empty($this->_author) && empty($this->_topic) || $_CONF['search_use_fulltext'] && strlen($this->_query) < 3) { $retval = '<p>' . $LANG09[41] . '</p>' . LB; $retval .= $this->showForm(); return $retval; } // Build the URL strings $this->_searchURL = $_CONF['site_url'] . '/search.php?query=' . urlencode($this->_query) . (!empty($this->_keyType) ? '&keyType=' . $this->_keyType : '') . (!empty($this->_dateStart) ? '&datestart=' . $this->_dateStart : '') . (!empty($this->_dateEnd) ? '&dateend=' . $this->_dateEnd : '') . (!empty($this->_topic) ? '&topic=' . $this->_topic : '') . (!empty($this->_author) ? '&author=' . $this->_author : '') . ($this->_titlesOnly ? '&title=true' : ''); $url = "{$this->_searchURL}&type={$this->_type}&mode="; $obj = new ListFactory($url . 'search', $_CONF['search_limits'], $_CONF['num_search_results']); $obj->setField('ID', 'id', false); $obj->setField('URL', 'url', false); $show_num = $_CONF['search_show_num']; $show_type = $_CONF['search_show_type']; $show_user = $_CONF['contributedbyline']; $show_hits = !$_CONF['hideviewscount']; $style = isset($_CONF['search_style']) ? $_CONF['search_style'] : 'google'; if ($style == 'table') { $obj->setStyle('table'); // Title Name Display Sort Format $obj->setField($LANG09[62], LF_ROW_NUMBER, $show_num, false, '<b>%d.</b>'); $obj->setField($LANG09[5], LF_SOURCE_TITLE, $show_type, true, '<b>%s</b>'); $obj->setField($LANG09[16], 'title', true, true); $obj->setField($LANG09[63], 'description', true, false); $obj->setField($LANG09[17], 'date', true, true); $obj->setField($LANG09[18], 'uid', $show_user, true); $obj->setField($LANG09[50], 'hits', $show_hits, true); $this->_wordlength = 7; } else { if ($style == 'google') { $sort_uid = $this->_author == '' ? true : false; $sort_date = empty($this->_dateStart) || empty($this->_dateEnd) || $this->_dateStart != $this->_dateEnd ? true : false; $sort_type = $this->_type == 'all' ? true : false; $obj->setStyle('inline'); $obj->setField('', LF_ROW_NUMBER, $show_num, false, '<b>%d.</b>'); $obj->setField($LANG09[16], 'title', true, true, '%s<br' . XHTML . '>'); $obj->setField('', 'description', true, false, '%s<br' . XHTML . '>'); $obj->setField('', '_html', true, false, '<span class="searchresult-byline">'); $obj->setField($LANG09[18], 'uid', $show_user, $sort_uid, $LANG01[104] . ' %s '); $obj->setField($LANG09[17], 'date', true, $sort_date, $LANG01[36] . ' %s'); $obj->setField($LANG09[5], LF_SOURCE_TITLE, $show_type, $sort_type, ' - %s'); $obj->setField($LANG09[50], 'hits', $show_hits, true, ' - %s ' . $LANG09[50]); $obj->setField('', '_html', true, false, '</span>'); $this->_wordlength = 50; } } // get default sort order $default_sort = explode('|', $_CONF['search_def_sort']); $obj->setDefaultSort($default_sort[0], $default_sort[1]); // set this only now, for compatibility with PHP 4 $obj->setRowFunction(array($this, 'searchFormatCallback')); // Start search timer $searchtimer = new timerobject(); $searchtimer->setPrecision(4); $searchtimer->startTimer(); // Have plugins do their searches $page = isset($_GET['page']) ? COM_applyFilter($_GET['page'], true) : 1; $result_plugins = PLG_doSearch($this->_query, $this->_dateStart, $this->_dateEnd, $this->_topic, $this->_type, $this->_author, $this->_keyType, $page, 5); // Add core searches $result_plugins = array_merge($result_plugins, $this->_searchStories()); // Loop through all plugins separating the new API from the old $new_api = 0; $old_api = 0; $num_results = 0; foreach ($result_plugins as $result) { if (is_a($result, 'SearchCriteria')) { $debug_info = $result->getName() . ' using APIv2'; if ($this->_type != 'all' && $this->_type != $result->getName()) { if ($this->_verbose) { $new_api++; COM_errorLog($debug_info . '. Skipped as type is not ' . $this->_type); } continue; } $api_results = $result->getResults(); if (!empty($api_results)) { $obj->addResultArray($api_results); } $api_callback_func = $result->getCallback(); if (!empty($api_callback_func)) { $debug_info .= ' with Callback Function.'; $obj->setCallback($result->getLabel(), $result->getName(), $api_callback_func, $result->getRank(), $result->getTotal()); } else { if ($result->getSQL() != '' || $result->getFTSQL() != '') { if ($_CONF['search_use_fulltext'] == true && $result->getFTSQL() != '') { $sql = $result->getFTSQL(); } else { $sql = $result->getSQL(); } $sql = $this->_convertsql($sql); $debug_info .= ' with SQL = ' . print_r($sql, 1); $obj->setQuery($result->getLabel(), $result->getName(), $sql, $result->getRank()); } } $this->_url_rewrite[$result->getName()] = $result->UrlRewriteEnable(); $this->_append_query[$result->getName()] = $result->AppendQueryEnable(); if ($this->_verbose) { $new_api++; COM_errorLog($debug_info); } } else { if (is_a($result, 'Plugin') && $result->num_searchresults != 0) { // Some backwards compatibility if ($this->_verbose) { $old_api++; $debug_info = $result->plugin_name . ' using APIv1 with backwards compatibility.'; $debug_info .= ' Count: ' . $result->num_searchresults; $debug_info .= ' Headings: ' . implode(',', $result->searchheading); COM_errorLog($debug_info); } // Find the column heading names that closely match what we are looking for // There may be issues here on different languages, but this _should_ capture most of the data $col_title = $this->_findColumn($result->searchheading, array($LANG09[16], $LANG31[4], 'Question', 'Site Page')); //Title,Subject $col_desc = $this->_findColumn($result->searchheading, array($LANG09[63], 'Answer')); $col_date = $this->_findColumn($result->searchheading, array($LANG09[17])); //'Date','Date Added','Last Updated','Date & Time' $col_user = $this->_findColumn($result->searchheading, array($LANG09[18], 'Submited by')); $col_hits = $this->_findColumn($result->searchheading, array($LANG09[50], $LANG09[23], 'Downloads', 'Clicks')); //'Hits','Views' $label = str_replace($LANG09[59], '', $result->searchlabel); $num_results += $result->num_itemssearched; // Extract the results for ($i = 0; $i < 5; $i++) { // If the plugin does not repect the $perpage perameter force it here. $j = $i + $page * 5 - 5; if ($j >= count($result->searchresults)) { break; } $old_row = $result->searchresults[$j]; if ($col_date != -1) { // Convert the date back to a timestamp $date = $old_row[$col_date]; $date = substr($date, 0, strpos($date, '@')); $date = $date == '' ? $old_row[$col_date] : strtotime($date); } $api_results = array(LF_SOURCE_NAME => $result->plugin_name, LF_SOURCE_TITLE => $label, 'title' => $col_title == -1 ? '<i>' . $LANG09[70] . '</i>' : $old_row[$col_title], 'description' => $col_desc == -1 ? '<i>' . $LANG09[70] . '</i>' : $old_row[$col_desc], 'date' => $col_date == -1 ? ' ' : $date, 'uid' => $col_user == -1 ? ' ' : $old_row[$col_user], 'hits' => $col_hits == -1 ? '0' : str_replace(',', '', $old_row[$col_hits])); preg_match('/href="([^"]+)"/i', $api_results['title'], $links); $api_results['url'] = empty($links) ? '#' : $links[1]; $obj->addResult($api_results); } } } } // Find out how many plugins are on the old/new system if ($this->_verbose) { COM_errorLog('Search Plugins using APIv1: ' . $old_api . ' APIv2: ' . $new_api); } // Execute the queries $results = $obj->ExecuteQueries(); // Searches are done, stop timer $searchtime = $searchtimer->stopTimer(); $escquery = htmlspecialchars($this->_query); $escquery = str_replace(array('{', '}'), array('{', '}'), $escquery); if ($this->_keyType == 'any') { $searchQuery = str_replace(' ', "</b>' " . $LANG09[57] . " '<b>", $escquery); $searchQuery = "<b>'{$searchQuery}'</b>"; } else { if ($this->_keyType == 'all') { $searchQuery = str_replace(' ', "</b>' " . $LANG09[56] . " '<b>", $escquery); $searchQuery = "<b>'{$searchQuery}'</b>"; } else { $searchQuery = $LANG09[55] . " '<b>{$escquery}</b>'"; } } // Clean the query string so that sprintf works as expected $searchQuery = str_replace('%', '%%', $searchQuery); $retval = "{$LANG09[25]} {$searchQuery}. "; if (count($results) == 0) { $retval .= sprintf($LANG09[24], 0); $retval = '<p>' . $retval . '</p>' . LB; $retval .= '<p>' . $LANG09[13] . '</p>' . LB; $retval .= $this->showForm(); } else { $retval .= $LANG09[64] . " ({$searchtime} {$LANG09[27]}). "; $retval .= str_replace('%', '%%', COM_createLink($LANG09[61], $url . 'refine')); $retval = '<p>' . $retval . '</p>' . LB; $retval = $obj->getFormattedOutput($results, $LANG09[11], $retval, '', $_CONF['search_show_sort'], $_CONF['search_show_limit']); } return $retval; }
$_DB->setDisplayError(TRUE); require_once $_CONF['path'] . 'plugins/gus/sql/gus.php'; // build tables foreach ($_SQL as $sql) { DB_query($sql); } // insert data foreach ($_DATA as $data) { DB_query($data); } } /* * Main Function */ $display = COM_siteHeader() . COM_startBlock($LANG_GUS00['install_header']); $action = isset($_GET['action']) ? COM_applyFilter($_GET['action']) : ''; if ($action === 'install') { if (plugin_install_gus()) { $img_url = $_CONF['site_url'] . '/gus/images/' . $_GUS_IMG_name; $blockManager = $_CONF['site_admin_url'] . '/block.php'; $admin_url = $_CONF['site_admin_url'] . '/plugins/gus/index.php'; $import_url = $_CONF['site_admin_url'] . '/plugins/gus/import.php'; $readme_url = $_CONF['site_admin_url'] . '/plugins/gus/readme.html'; $display .= "<img align=left src=\"{$img_url}\" alt='GUS Icon' width=48 height=48>" . '<p>I have created all the necessary tables and activated the Who\'s Online block. ' . "If you do not want to use it, then you may disable it by changing the GUS config.php file located in the plugins/gus directory. " . "<p>To configure GUS, go to the <a href=\"{$admin_url}\">admin page</a>.\n\t\t\tInformation about the various configuration options\tmay be found in the \n\t\t\t<a href=\"{$readme_url}#config\">README file</a>." . "<p>If you would like to support development of this plugin, there are some suggestions in the \n\t\t\t<a href=\"{$readme_url}#you\">README file</a>."; // check for old stats to see if we should add an import link if ($_ST_plugin_name != '') { $stats_version = DB_getItem($_TABLES['plugins'], 'pi_version', "pi_name = '{$_ST_plugin_name}'"); $display .= "<hr>I notice you have the stats plugin version {$stats_version} installed as '{$_ST_plugin_name}'. "; if ($stats_version !== '1.3') { $display .= "<p>If you had version 1.3 installed, I could import its data. \n\t\t\t\t\tIf you update this in the future, you can import its data from \n\t\t\t\t\tthe <a href=\"{$admin_url}\">admin page</a>."; } else {
if (empty($_POST['to']) || empty($_POST['from']) || empty($_POST['shortmsg'])) { $display .= COM_siteHeader('menu', $LANG08[17]) . COM_showMessageText($LANG08[22]) . mailstoryform($sid, COM_applyFilter($_POST['to']), COM_applyFilter($_POST['toemail']), COM_applyFilter($_POST['from']), COM_applyFilter($_POST['fromemail']), $_POST['shortmsg']) . COM_siteFooter(); } else { $msg = PLG_itemPreSave('emailstory', $_POST['shortmsg']); if (!empty($msg)) { $display .= COM_siteHeader('menu', $LANG08[17]) . COM_errorLog($msg, 2) . mailstoryform($sid, COM_applyFilter($_POST['to']), COM_applyFilter($_POST['toemail']), COM_applyFilter($_POST['from']), COM_applyFilter($_POST['fromemail']), $_POST['shortmsg']) . COM_siteFooter(); } else { $display .= mailstory($sid, $_POST['to'], $_POST['toemail'], $_POST['from'], $_POST['fromemail'], $_POST['shortmsg']); } } } } break; default: if (isset($_GET['uid'])) { $uid = COM_applyFilter($_GET['uid'], true); } else { $uid = 0; } if ($uid > 1) { $subject = ''; if (isset($_GET['subject'])) { $subject = strip_tags($_GET['subject']); $subject = substr($subject, 0, strcspn($subject, "\r\n")); $subject = htmlspecialchars(trim($subject), ENT_QUOTES); } $display .= COM_siteHeader('menu', $LANG04[81]) . contactform($uid, $subject) . COM_siteFooter(); } else { $display .= COM_refresh($_CONF['site_url'] . '/index.php'); } break;
/** * Kicks off the appropriate search(es) * * Initiates the search engine and returns HTML formatted * results. It also provides support to plugins using a * search API. * * @author Sami Barakat <s.m.barakat AT gmail DOT com> * @access public * @return string HTML output for search results * */ function doSearch() { global $_CONF, $LANG01, $LANG09, $LANG31, $_TABLES, $_USER; $debug_info = ''; $retval = ''; $list_top = ''; // Verify current user can perform requested search if (!$this->_isSearchAllowed()) { return $this->_getAccessDeniedMessage(); } // Make sure there is a query string // Full text searches have a minimum word length of 3 by default if (empty($this->_query)) { if ((empty($this->_author) || $this->_author == 0) && (empty($this->_type) || $this->_type == 'all') && (empty($this->_topic) || $this->_topic == 'all') && (empty($this->_dateStart) || empty($this->_dateEnd))) { $retval = $this->showForm(); $retval .= '<div style="margin-bottom:5px;border-bottom:1px solid #ccc;"></div><p>' . $LANG09[41] . '</p>' . LB; return $retval; } } elseif (strlen($this->_query) < 3) { $retval = $this->showForm(); $retval .= '<div style="margin-bottom:5px;border-bottom:1px solid #ccc;"></div><p>' . $LANG09[41] . '</p>' . LB; return $retval; } // Build the URL strings $this->_searchURL = $_CONF['site_url'] . '/search.php?query=' . urlencode($this->_query) . (!empty($this->_keyType) ? '&keyType=' . urlencode($this->_keyType) : '') . (!empty($this->_dateStart) ? '&datestart=' . urlencode($this->_dateStart) : '') . (!empty($this->_dateEnd) ? '&dateend=' . urlencode($this->_dateEnd) : '') . (!empty($this->_topic) ? '&topic=' . urlencode($this->_topic) : '') . (!empty($this->_author) ? '&author=' . urlencode($this->_author) : '') . (!empty($this->_searchDays) ? '&st=' . urlencode($this->_searchDays) : ''); $url = "{$this->_searchURL}&type={$this->_type}&mode="; $obj = new ListFactory($url . 'search', $_CONF['search_limits'], $_CONF['num_search_results']); $obj->setField('ID', 'id', false); $obj->setField('URL', 'url', false); $show_num = $_CONF['search_show_num']; $show_type = $_CONF['search_show_type']; $show_user = $_CONF['search_show_user']; $show_hits = $_CONF['search_show_hits']; $style = isset($_CONF['search_style']) ? $_CONF['search_style'] : 'google'; if (!COM_isAnonUser()) { $userStyle = DB_getItem($_TABLES['userprefs'], 'search_result_format', 'uid=' . (int) $_USER['uid']); if ($userStyle != '') { $style = $userStyle; } } if ($style == 'table') { $obj->setStyle('table'); // Title Name Display Sort Format $obj->setField($LANG09[62], ROW_NUMBER, $show_num, false, '<b>%d.</b>'); $obj->setField($LANG09[5], SQL_TITLE, $show_type, true, '<b>%s</b>'); $obj->setField($LANG09[16], 'title', true, true); $obj->setField($LANG09[63], 'description', true, false); $obj->setField($LANG09[17], 'date', true, true); $obj->setField($LANG09[18], 'uid', $show_user, true); $obj->setField($LANG09[50], 'hits', $show_hits, true); $this->_wordlength = 7; } else { if ($style == 'google') { $obj->setStyle('inline'); $obj->setField('', ROW_NUMBER, $show_num, false, '<span style="font-size:larger; font-weight:bold;">%d.</span>'); $obj->setField($LANG09[16], 'title', true, true, '<span style="font-size:larger; font-weight:bold;">%s</span><br/>'); $obj->setField('', 'description', true, false, '%s<br/>'); $obj->setField('', '_html', true, false, '<span style="color:green;">'); $obj->setField($LANG09[18], 'uid', $show_user, true, $LANG01[104] . ' %s '); $obj->setField($LANG09[17], 'date', true, true, $LANG01[36] . ' %s'); $obj->setField($LANG09[5], SQL_TITLE, $show_type, true, ' - %s'); $obj->setField($LANG09[50], 'hits', $show_hits, true, ' - %s ' . $LANG09[50]); $obj->setField('', '_html', true, false, '</span>'); $this->_wordlength = 50; } } $obj->setDefaultSort('date'); $obj->setRowFunction(array($this, 'searchFormatCallBack')); // Start search timer $searchtimer = new timerobject(); $searchtimer->setPercision(4); $searchtimer->startTimer(); // Have plugins do their searches $page = isset($_REQUEST['page']) ? COM_applyFilter($_REQUEST['page'], true) : 1; $result_plugins = PLG_doSearch($this->_query, $this->_dateStart, $this->_dateEnd, $this->_topic, $this->_type, $this->_author, $this->_keyType, $page, 5); $result_plugins_comment = PLG_doSearchComment($this->_query, $this->_dateStart, $this->_dateEnd, $this->_topic, $this->_type, $this->_author, $this->_keyType, $page, 5); $result_plugins = array_merge($result_plugins, $result_plugins_comment); // Add core searches if ($this->_type == 'all' || $this->_type == 'stories') { $result_plugins[] = $this->_searchStories(); } if ($this->_type == 'all' || $this->_type == 'comments') { $result_plugins[] = $this->_searchComments(); } // Loop through all plugins separating the new API from the old $new_api = 0; $old_api = 0; $num_results = 0; if (!isset($_CONF['search_use_fulltext'])) { $_CONF['search_use_fulltext'] = false; } foreach ($result_plugins as $result) { if (is_a($result, 'SearchCriteria')) { $debug_info .= $result->getName() . " using APIv2, "; $type = $result->getType(); if ($type == 'sql') { if ($_CONF['search_use_fulltext'] == true && $result->getFTSQL() != '') { $debug_info .= "search using FULLTEXT\n"; $sql = $result->getFTSQL(); } else { $debug_info .= "search using LIKE\n"; $sql = $result->getSQL(); } $sql = $this->_convertsql($sql); $obj->setQuery($result->getLabel(), $result->getName(), $sql, $result->getRank()); $this->_url_rewrite[$result->getName()] = $result->UrlRewriteEnable() ? true : false; } else { if ($type == 'text') { $obj->setQueryText($result->getLabel(), $result->getName(), $this->_query, $result->getNumResults(), $result->getRank()); } } $new_api++; } else { if (is_a($result, 'Plugin') && $result->num_searchresults != 0) { // Some backwards compatibility $debug_info .= $result->plugin_name . " using APIv1, search using backwards compatibility\n"; // Find the column heading names that closely match what we are looking for // There may be issues here on different languages, but this _should_ capture most of the data $col_title = $this->_findColumn($result->searchheading, array($LANG09[16], $LANG31[4], 'Question')); //Title,Subject $col_desc = $this->_findColumn($result->searchheading, array($LANG09[63], 'Answer')); $col_date = $this->_findColumn($result->searchheading, array($LANG09[17])); //'Date','Date Added','Last Updated','Date & Time' $col_user = $this->_findColumn($result->searchheading, array($LANG09[18], 'Submited by')); $col_hits = $this->_findColumn($result->searchheading, array($LANG09[50], $LANG09[23], 'Downloads', 'Clicks')); //'Hits','Views' $col_url = $this->_findColumn($result->searchheading, array('URL')); //'Hits','Views' $label = str_replace($LANG09[59], '', $result->searchlabel); if ($result->num_itemssearched > 0) { $_page = isset($_REQUEST['page']) ? COM_applyFilter($_REQUEST['page'], true) : 1; if (isset($_REQUEST['results'])) { $_per_page = COM_applyFilter($_REQUEST['results'], true); } else { $_per_page = $obj->getPerPage(); } $obj->addTotalRank(3); $pp = round(3 / $obj->getTotalRank() * $_per_page); $offset = ($_page - 1) * $pp; $limit = $pp; $obj->addToTotalFound($result->num_itemssearched); $counter = 0; // Extract the results foreach ($result->searchresults as $old_row) { if ($counter >= $offset && $counter <= $offset + $limit) { if ($col_date != -1) { // Convert the date back to a timestamp $date = $old_row[$col_date]; $date = substr($date, 0, strpos($date, '@')); if ($date == '') { $date = $old_row[$col_date]; } else { $date = strtotime($date); } } $api_results = array(SQL_NAME => $result->plugin_name, SQL_TITLE => $label, 'title' => $col_title == -1 ? $_CONF['search_no_data'] : $old_row[$col_title], 'description' => $col_desc == -1 ? $_CONF['search_no_data'] : $old_row[$col_desc], 'date' => $col_date == -1 ? ' ' : $date, 'uid' => $col_user == -1 ? '' : $old_row[$col_user], 'hits' => $col_hits == -1 ? '0' : str_replace(',', '', $old_row[$col_hits]), 'url' => $old_row[$col_url]); $obj->addResult($api_results); } $counter++; } } $old_api++; } } } // Find out how many plugins are on the old/new system $debug_info .= "\nAPIv1: {$old_api}\nAPIv2: {$new_api}"; // Execute the queries $results = $obj->ExecuteQueries(); // Searches are done, stop timer $searchtime = $searchtimer->stopTimer(); $escquery = htmlspecialchars($this->_query); if ($this->_keyType == 'any') { $searchQuery = str_replace(' ', "</b>' " . $LANG09[57] . " '<b>", $escquery); $searchQuery = "<b>'{$searchQuery}'</b>"; } else { if ($this->_keyType == 'all') { $searchQuery = str_replace(' ', "</b>' " . $LANG09[56] . " '<b>", $escquery); $searchQuery = "<b>'{$searchQuery}'</b>"; } else { $searchQuery = $LANG09[55] . " '<b>{$escquery}</b>'"; } } // Clean the query string so that sprintf works as expected $searchQuery = str_replace("%", "%%", $searchQuery); $searchText = "{$LANG09[25]} {$searchQuery}. "; $retval .= $this->showForm(); if (count($results) == 0) { $retval .= '<div style="margin-bottom:5px;border-bottom:1px solid #ccc;"></div>'; $retval .= $LANG09[74]; } else { $retval .= $obj->getFormattedOutput($results, $LANG09[11], $list_top, ''); } return $retval; }
$action = COM_applyFilter($_REQUEST['action'], false); } if (isset($_REQUEST['mode'])) { $mode = COM_applyFilter($_REQUEST['mode'], false); } $msg = ''; if (isset($_REQUEST['msg'])) { $msg = COM_applyFilter($_REQUEST['msg'], true); } $id = ''; if (isset($_REQUEST['id'])) { $id = COM_applyFilter($_REQUEST['id'], true); } $old_mode = ""; if (isset($_REQUEST['old_mode'])) { $old_mode = COM_applyFilter($_REQUEST['old_mode'], false); if ($mode == $LANG_ADMIN['cancel']) { $mode = $old_mode; } } if ($mode == $LANG_ADMIN['save'] && !empty($LANG_ADMIN['save'])) { // save $mode = "save"; } else { if ($mode == $LANG_ADMIN['delete'] && !empty($LANG_ADMIN['delete'])) { $mode = "delete"; } } if ($action == $LANG_ADMIN['cancel']) { // cancel $mode = "";
function LIB_delete($pi_name) { global $_CONF; global $_TABLES; $lang_box_admin = "LANG_" . strtoupper($pi_name) . "_ADMIN"; global ${$lang_box_admin}; $lang_box_admin = ${$lang_box_admin}; $table = $_TABLES[strtoupper($pi_name) . '_def_group']; $id = COM_applyFilter($_POST['id'], true); // CHECK $err = ""; //category addtionfield check!!! if ($err != "") { $pagetitle = $lang_box_admin['err']; $retval .= DATABOX_siteHeader($pi_name, '_admin', $page_title); $retval .= COM_startBlock($lang_box_admin['err'], '', COM_getBlockTemplate('_msg_block', 'header')); $retval .= $err; $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); $retval .= DATABOX_siteFooter($pi_name, '_admin'); return $retval; } // DB_delete($table, 'group_id', $id); return COM_refresh($_CONF['site_admin_url'] . '/plugins/' . THIS_SCRIPT . '?msg=2'); }
/** * Save topic to the database * * @param string $tid Topic ID * @param string $topic Name of topic (what the user sees) * @param int $inherit whether to inherit * @param int $hidden whether to hide * @param string $parent_id Parent ID * @param string $imageUrl (partial) URL to topic image * @param string $meta_description Topic meta description * @param string $meta_keywords Topic meta keywords * @param int $sortNum number for sort order in "Topics" block * @param int $limitNews number of stories per page for this topic * @param int $owner_id ID of owner * @param int $group_id ID of group topic belongs to * @param int $perm_owner Permissions the owner has * @param int $perm_group Permissions the group has * @param int $perm_members Permissions members have * @param int $perm_anon Permissions anonymous users have * @param string $is_default 'on' if this is the default topic * @param string $is_archive 'on' if this is the archive topic * @return string HTML redirect or error message */ function savetopic($tid, $topic, $inherit, $hidden, $parent_id, $imageUrl, $meta_description, $meta_keywords, $sortNum, $limitNews, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon, $is_default, $is_archive) { global $_CONF, $_TABLES, $_USER, $LANG27, $MESSAGE; $retval = ''; // Convert array values to numeric permission values list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon); $tid = COM_sanitizeID($tid); // Check if tid is a restricted name $restricted_tid = false; if (!strcasecmp($tid, TOPIC_ALL_OPTION) || !strcasecmp($tid, TOPIC_NONE_OPTION) || !strcasecmp($tid, TOPIC_HOMEONLY_OPTION) || !strcasecmp($tid, TOPIC_SELECTED_OPTION) || !strcasecmp($tid, TOPIC_ROOT)) { $restricted_tid = true; } // Check if tid is used by another topic $duplicate_tid = false; $old_tid = ''; if (isset($_POST['old_tid'])) { $old_tid = COM_applyFilter($_POST['old_tid']); if (!empty($old_tid)) { $old_tid = COM_sanitizeID($old_tid); // See if new topic id if (strcasecmp($tid, $old_tid)) { if (!strcasecmp($tid, DB_getItem($_TABLES['topics'], 'tid', "tid = '{$tid}'"))) { $duplicate_tid = true; } } } else { if (!strcasecmp($tid, DB_getItem($_TABLES['topics'], 'tid', "tid = '{$tid}'"))) { $duplicate_tid = true; } } } // Make sure parent id exists $parent_id_found = false; if ($parent_id == DB_getItem($_TABLES['topics'], 'tid', "tid = '{$parent_id}'") || $parent_id == TOPIC_ROOT) { $parent_id_found = true; } // Check if parent archive topic, if so bail $archive_parent = false; $archive_tid = DB_getItem($_TABLES['topics'], 'tid', 'archive_flag = 1'); if ($parent_id == $archive_tid) { $archive_parent = true; } // If archive topic, make sure no child topics else bail $archive_child = false; $is_archive = $is_archive == 'on' ? 1 : 0; if ($is_archive) { if ($tid == DB_getItem($_TABLES['topics'], 'parent_id', "parent_id = '{$tid}'")) { $archive_child = true; } } if (DB_count($_TABLES['topics'], 'tid', $tid) > 0) { $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['topics']} WHERE tid = '{$tid}'"); $A = DB_fetchArray($result); $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); } else { $access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon); } if ($access < 3 || !SEC_inGroup($group_id)) { $retval .= COM_showMessageText($MESSAGE[29], $MESSAGE[30]); $retval = COM_createHTMLDocument($retval, array('pagetitle' => $MESSAGE[30])); COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}."); } else { // Now check access to parent topic if ($parent_id != TOPIC_ROOT) { if (DB_count($_TABLES['topics'], 'tid', $parent_id) > 0) { $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['topics']} WHERE tid = '{$parent_id}'"); $A = DB_fetchArray($result); $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); } $in_Group = SEC_inGroup($A['group_id']); } else { $access = 3; $in_Group = true; } if ($access < 3 || !$in_Group) { $retval .= COM_showMessageText($MESSAGE[29], $MESSAGE[30]); $retval = COM_createHTMLDocument($retval, array('pagetitle' => $MESSAGE[30])); COM_accessLog("User {$_USER['username']} tried to illegally assign topic {$tid} to {$parent_id}."); } elseif (!empty($tid) && !empty($topic) && !$restricted_tid && !$duplicate_tid && !$archive_parent && !$archive_child && $parent_id_found) { if ($imageUrl === '/images/topics/') { $imageUrl = ''; } $topic = GLText::remove4byteUtf8Chars(strip_tags($topic)); $topic = DB_escapeString($topic); $meta_description = GLText::remove4byteUtf8Chars(strip_tags($meta_description)); $meta_description = DB_escapeString($meta_description); $meta_keywords = GLText::remove4byteUtf8Chars(strip_tags($meta_keywords)); $meta_keywords = DB_escapeString($meta_keywords); if ($is_default == 'on') { $is_default = 1; DB_query("UPDATE {$_TABLES['topics']} SET is_default = 0 WHERE is_default = 1"); } else { $is_default = 0; } if ($is_archive) { // $tid is the archive topic // - if it wasn't already, mark all its stories "archived" now if ($archive_tid != $tid) { $sql = "UPDATE {$_TABLES['stories']} s, {$_TABLES['topic_assignments']} ta\n SET s.featured = 0, s.frontpage = 0, s.statuscode = " . STORY_ARCHIVE_ON_EXPIRE . "\n WHERE ta.type = 'article' AND ta.tid = '{$tid}' AND ta.id = s.sid"; DB_query($sql); $sql = "UPDATE {$_TABLES['topics']} SET archive_flag = 0 WHERE archive_flag = 1"; DB_query($sql); } // Set hidden and inherit to false since archive topic now $inherit = ''; $hidden = ''; } else { // $tid is not the archive topic // - if it was until now, reset the "archived" status of its stories if ($archive_tid == $tid) { $sql = "UPDATE {$_TABLES['stories']} s, {$_TABLES['topic_assignments']} ta\n SET s.statuscode = 0\n WHERE ta.type = 'article' AND ta.tid = '{$tid}' AND ta.id = s.sid"; DB_query($sql); $sql = "UPDATE {$_TABLES['topics']} SET archive_flag = 0 WHERE archive_flag = 1"; DB_query($sql); } } $inherit = $inherit == 'on' ? 1 : 0; $hidden = $hidden == 'on' ? 1 : 0; // Cannot hide root topics so switch if needed if ($parent_id == TOPIC_ROOT && $hidden == 1) { $hidden = 0; } // If not a new topic and id change then... if (!empty($old_tid)) { if ($tid != $old_tid) { changetopicid($tid, $old_tid); $old_tid = DB_escapeString($old_tid); DB_delete($_TABLES['topics'], 'tid', $old_tid); } } DB_save($_TABLES['topics'], 'tid, topic, inherit, hidden, parent_id, imageurl, meta_description, meta_keywords, sortnum, limitnews, is_default, archive_flag, owner_id, group_id, perm_owner, perm_group, perm_members, perm_anon', "'{$tid}', '{$topic}', {$inherit}, {$hidden}, '{$parent_id}', '{$imageUrl}', '{$meta_description}', '{$meta_keywords}','{$sortNum}','{$limitNews}',{$is_default},'{$is_archive}',{$owner_id},{$group_id},{$perm_owner},{$perm_group},{$perm_members},{$perm_anon}"); if ($old_tid != $tid) { PLG_itemSaved($tid, 'topic', $old_tid); } else { PLG_itemSaved($tid, 'topic'); } // Reorder Topics, Delete topic cache and reload topic tree reorderTopics(); // update feed(s) COM_rdfUpToDateCheck('article', $tid); COM_redirect($_CONF['site_admin_url'] . '/topic.php?msg=13'); } elseif ($restricted_tid) { $retval .= COM_errorLog($LANG27[31], 2); $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1])); } elseif ($duplicate_tid) { $retval .= COM_errorLog($LANG27[49], 2); $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1])); } elseif ($archive_parent) { $retval .= COM_errorLog($LANG27[46], 2); $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1])); } elseif ($archive_child) { $retval .= COM_errorLog($LANG27[47], 2); $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1])); } elseif (!$parent_id_found) { $retval .= COM_errorLog($LANG27[48], 2); $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1])); } else { $retval .= COM_errorLog($LANG27[7], 2); $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1])); } } return $retval; }
if (isset($_GET['mode'])) { $mode = COM_applyFilter($_GET['mode']); } } $T = new Template($_MG_CONF['template_path']); $T->set_file('admin', 'administration.thtml'); $T->set_var(array('site_admin_url' => $_CONF['site_admin_url'], 'site_url' => $_MG_CONF['site_url'], 'lang_admin' => $LANG_MG00['admin'], 'xhtml' => XHTML)); if ($mode == $LANG_MG01['save'] && !empty($LANG_MG01['save'])) { MG_createUsers(); exit; } elseif ($mode == $LANG_MG01['cancel']) { echo COM_refresh($_MG_CONF['admin_url'] . 'index.php'); exit; } else { if (isset($_REQUEST['page'])) { $page = COM_applyFilter($_REQUEST['page'], true) - 1; if ($page < 0) { $page = 0; } } else { $page = 0; } $T->set_var(array('admin_body' => MG_selectUsers($page), 'title' => $LANG_MG01['batch_create_members'], 'lang_help' => '<img src="' . MG_getImageFile('button_help.png') . '" style="border:none;" alt="?"' . XHTML . '>', 'help_url' => $_MG_CONF['site_url'] . '/docs/usage.html#Batch_Create_Member_Albums')); } $T->parse('output', 'admin'); $display = COM_startBlock($LANG_MG00['admin'], '', COM_getBlockTemplate('_admin_block', 'header')); $display .= MG_showAdminMenu('member_albums'); $display .= $T->finish($T->get_var('output')); $display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')); $display = COM_createHTMLDocument($display); COM_output($display);
/** * Copies and installs new style plugins * * Copies all files the proper place and runs the automated installer * or upgrade. * * @return string Formatted HTML containing the page body * */ function post_uploadProcess() { global $_CONF, $_PLUGINS, $_TABLES, $autotagData, $LANG32, $_DB_dbms, $_DB_table_prefix; $retval = ''; $upgrade = false; $masterErrorCount = 0; $masterErrorMsg = ''; $autotagData = array(); $autotagData['id'] = COM_applyFilter($_POST['pi_name']); $autotagData['name'] = $autotagData['id']; $autotagData['version'] = COM_applyFilter($_POST['pi_version']); $autotagData['glfusionversion'] = COM_applyFilter($_POST['pi_gl_version']); $tdir = COM_applyFilter($_POST['temp_dir']); $tdir = preg_replace('/[^a-zA-Z0-9\\-_\\.]/', '', $tdir); $tdir = str_replace('..', '', $tdir); $tmp = $_CONF['path_data'] . $tdir; $autotagData = array(); $rc = _at_parseXML($tmp); if ($rc == -1) { // no xml file found return _at_errorBox($LANG32[74]); } clearstatcache(); $permError = 0; $permErrorList = ''; // copy to proper directories if (defined('DEMO_MODE')) { _pi_deleteDir($tmp); echo COM_refresh($_CONF['site_admin_url'] . '/autotag.php?msg=503'); exit; } if (function_exists('set_time_limit')) { @set_time_limit(30); } $autotagData['id'] = preg_replace('/[^a-zA-Z0-9\\-_\\.]/', '', $autotagData['id']); $rc = _pi_file_copy($tmp . '/' . $autotagData['id'] . '.class.php', $_CONF['path_system'] . 'autotags/'); if ($rc === false) { $errorMessage = '<h2>' . $LANG32[42] . '</h2>' . $LANG32[43] . $permErrorList . '<br />' . $LANG32[44]; _pi_deleteDir($tmp); return _at_errorBox($errorMessage); } // copy template files, if any if (isset($autotagData['template']) && is_array($autotagData['template'])) { foreach ($autotagData['template'] as $filename) { $rc = _pi_file_copy($tmp . '/' . $filename, $_CONF['path_system'] . 'autotags/'); if ($rc === false) { @unlink($_CONF['path_system'] . $autotagData['id'] . '.class.php'); $errorMessage = '<h2>' . $LANG32[42] . '</h2>' . $LANG32[43] . $permErrorList . '<br />' . $LANG32[44]; _pi_deleteDir($tmp); return _at_errorBox($errorMessage); } } } $tag = DB_escapeString($autotagData['id']); $desc = DB_escapeString($autotagData['description']); $is_enabled = 1; $is_function = 1; $replacement = ''; DB_query("REPLACE INTO {$_TABLES['autotags']} (tag,description,is_enabled,is_function,replacement) VALUES ('" . $tag . "','" . $desc . "'," . $is_enabled . "," . $is_function . ",'')"); _pi_deleteDir($tmp); CTL_clearCache(); // show status (success or fail) return $retval; }
// | but WITHOUT ANY WARRANTY; without even the implied warranty of | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | // | GNU General Public License for more details. | // | | // | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to the Free Software Foundation, | // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | // | | // +---------------------------------------------------------------------------+ // include_once 'gf_functions.php'; require_once $_CONF['path'] . 'plugins/forum/debug.php'; // Common Debug Code $ip = COM_applyFilter($_REQUEST['ip']); $forum = COM_applyFilter($_REQUEST['forum'], true); $op = COM_applyFilter($_REQUEST['op']); echo COM_siteHeader(); echo COM_startBlock($LANG_GF96['gfipman']); echo ppNavbar($navbarMenu, $LANG_GF06['7']); if ($op == 'banip' && $ip != '') { if ($_POST['sure'] == 'yes') { DB_query("INSERT INTO {$_TABLES['gf_banned_ip']} (host_ip) VALUES ('{$ip}')"); forum_statusMessage($LANG_GF96['ipbanned'], $_CONF['site_admin_url'] . '/plugins/forum/ips.php', $LANG_GF96['ipbanned']); echo COM_endBlock(); echo adminfooter(); echo COM_siteFooter(); exit; } if ($_POST['sure'] != 'yes') { $ips_unban = new Template($_CONF['path_layout'] . 'forum/layout/admin'); $ips_unban->set_file(array('ips_unban' => 'ips_unban.thtml'));
function MG_saveConfig() { global $display, $_CONF, $_MG_CONF, $_TABLES, $_USER, $LANG_MG09; $gallery_only = COM_applyFilter($_POST['gallery_only'], true); $index_all = COM_applyFilter($_POST['index_all'], true); $album_display_columns = COM_applyFilter($_POST['albumdisplaycolumns'], true); $album_display_rows = COM_applyFilter($_POST['albumdisplayrows'], true); $loginrequired = COM_applyFilter($_POST['loginrequired'], true); $anonymous_uploads = isset($_POST['anonymousuploads']) ? COM_applyFilter($_POST['anonymousuploads'], true) : 0; $zip_path = COM_applyFilter($_POST['zip_path']); $ffmpeg_path = COM_applyFilter($_POST['ffmpeg_path']); $tmp_path = COM_applyFilter($_POST['tmp_path']); $ftp_path = COM_applyFilter($_POST['ftp_path']); $displayblocks = COM_applyFilter($_POST['displayblocks']); $usage_tracking = COM_applyFilter($_POST['usagetracking']); $dfid = COM_applyFilter($_POST['dfid'], true); // $htmlallowed = COM_applyFilter($_POST['htmlallowed'],true); $whatsnew = COM_applyFilter($_POST['whatsnew'], true); $orig_jpg_quality = COM_applyFilter($_POST['orig_jpg_quality'], true); $jpg_quality = COM_applyFilter($_POST['jpg_quality'], true); $tn_jpg_quality = COM_applyFilter($_POST['tn_jpg_quality'], true); $truncate_breadcrumb = COM_applyFilter($_POST['truncate_breadcrumb'], true); $seperator = COM_applyFilter($_POST['seperator']); $whatsnew_time = COM_applyFilter($_POST['whatsnew_time'], true); $gallery_tn_size = COM_applyFilter($_POST['gallery_tn_size'], true); $gallery_tn_height = COM_applyFilter($_POST['tnheight'], true); $gallery_tn_width = COM_applyFilter($_POST['tnwidth'], true); $flv_player = COM_applyFilter($_POST['use_flowplayer'], true); $preserve_filename = COM_applyFilter($_POST['preserve_filename'], true); $discard_originals = COM_applyFilter($_POST['discard_originals'], true); $verbose = COM_applyFilter($_POST['verbose'], true); $dwnc = COM_applyFilter($_POST['dwnc'], true); $emid = COM_applyFilter($_POST['emid'], true); $fip = COM_applyFilter($_POST['fip'], true); $cmtbar = COM_applyFilter($_POST['cmtbar'], true); $wn_length = COM_applyFilter($_POST['wn_length'], true); $custom_image_height = COM_applyFilter($_POST['custom_image_height'], true); $custom_image_width = COM_applyFilter($_POST['custom_image_width'], true); $random_width = COM_applyFilter($_POST['random_width'], true); $time_limit = COM_applyFilter($_POST['time_limit'], true); $item_limit = COM_applyFilter($_POST['item_limit'], true); $refresh_rate = COM_applyFilter($_POST['refresh_rate'], true); $postcard_retention = COM_applyFilter($_POST['postcard_retention'], true); $profile_hook = COM_applyFilter($_POST['profile_hook'], true); $index_album_skin = COM_applyFilter($_POST['skin']); $random_skin = COM_applyFilter($_POST['rskin']); $subalbum_select = COM_applyFilter($_POST['subalbum_select'], true); $at_border = COM_applyFilter($_POST['at_border'], true); $at_align = COM_applyFilter($_POST['at_align']); $at_width = COM_applyFilter($_POST['at_width'], true); $at_height = COM_applyFilter($_POST['at_height'], true); $at_src = COM_applyFilter($_POST['at_src']); $at_autoplay = COM_applyFilter($_POST['at_autoplay'], true); $at_enable_link = COM_applyFilter($_POST['at_enable_link'], true); $at_delay = COM_applyFilter($_POST['at_delay'], true); $at_showtitle = COM_applyFilter($_POST['at_showtitle'], true); $search_columns = COM_applyFilter($_POST['search_columns'], true); $search_rows = COM_applyFilter($_POST['search_rows'], true); $search_enable_rating = COM_applyFilter($_POST['search_enable_rating'], true); $search_playback_type = COM_applyFilter($_POST['search_playback_type'], true); $search_enable_views = COM_applyFilter($_POST['search_enable_views'], true); $popup_from_album = isset($_POST['popupfromalbum']) ? COM_applyFilter($_POST['popupfromalbum'], true) : 0; $autotag_caption = isset($_POST['autotag_caption']) ? COM_applyFilter($_POST['autotag_caption'], true) : 0; $indextheme = COM_applyFilter($_POST['theme']); if (isset($_POST['up_display_rows_enabled'])) { $up_display_rows_enabled = 1; } else { $up_display_rows_enabled = 0; } if (isset($_POST['up_display_columns_enabled'])) { $up_display_columns_enabled = 1; } else { $up_display_columns_enabled = 0; } if (isset($_POST['up_mp3_player_enabled'])) { $up_mp3_player_enabled = 1; } else { $up_mp3_player_enabled = 0; } if (isset($_POST['up_av_playback_enabled'])) { $up_av_playback_enabled = 1; } else { $up_av_playback_enabled = 0; } if (isset($_POST['up_thumbnail_size_enabled'])) { $up_thumbnail_size_enabled = 1; } else { $up_thumbnail_size_enabled = 0; } if (isset($_POST['enable_jhead'])) { $enable_jhead = 1; } else { $enable_jhead = 0; } if (isset($_POST['enable_jpegtran'])) { $enable_jpegtran = 1; } else { $enable_jpegtran = 0; } if (isset($_POST['enable_zip'])) { $enable_zip = 1; } else { $enable_zip = 0; } if (isset($_POST['enable_ffmpeg'])) { $enable_ffmpeg = 1; } else { $enable_ffmpeg = 0; } if (!preg_match('/^.*\\/$/', $tmp_path)) { $tmp_path .= '/'; } // sanity check on values... if ($album_display_columns < 1 || $album_display_columns > 5) { $album_display_columns = 2; } if ($loginrequired < 0 || $loginrequired > 1) { $loginrequired = 1; } if ($displayblocks < 0 || $displayblocks > 3) { $displayblocks = 0; } if ($usage_tracking < 0 || $usage_tracking > 1) { $usage_tracking = 0; } if ($whatsnew < 0 || $whatsnew > 1) { $whatsnew = 0; } if ($orig_jpg_quality < 25 || $orig_jpg_quality > 100) { $orig_jpg_quality = 75; } if ($jpg_quality < 25 || $jpg_quality > 100) { $jpg_quality = 75; } if ($tn_jpg_quality < 25 || $tn_jpg_quality > 100) { $tn_jpg_quality = 75; } if ($truncate_breadcrumb == '') { $truncate_breadcrumb = 0; } if ($seperator == '') { $seperator = '/'; } // check the batch options... if ($time_limit < 30) { $time_limit = 30; } if ($item_limit < 5) { $item_limit = 5; } if ($refresh_rate < 5) { $refresh_rate = 5; } DB_save($_TABLES['mg_config'], "config_name, config_value", "'loginrequired', '{$loginrequired}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'anonymous_uploads', '{$anonymous_uploads}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'album_display_columns', '{$album_display_columns}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'album_display_rows', '{$album_display_rows}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'displayblocks', '{$displayblocks}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'usage_tracking', '{$usage_tracking}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'dfid', '{$dfid}'"); // DB_save($_TABLES['mg_config'],"config_name, config_value","'htmlallowed', '$htmlallowed'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'whatsnew', '{$whatsnew}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'jpg_orig_quality', '{$orig_jpg_quality}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'jpg_quality', '{$jpg_quality}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'tn_jpg_quality', '{$tn_jpg_quality}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'truncate_breadcrumb', '{$truncate_breadcrumb}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'whatsnew_time', '{$whatsnew_time}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'gallery_tn_size', '{$gallery_tn_size}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'gallery_tn_height', '{$gallery_tn_height}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'gallery_tn_width', '{$gallery_tn_width}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'use_flowplayer', '{$flv_player}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'seperator', '{$seperator}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'up_display_rows_enabled', '{$up_display_rows_enabled}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'up_display_columns_enabled','{$up_display_columns_enabled}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'up_mp3_player_enabled', '{$up_mp3_player_enabled}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'up_av_playback_enabled', '{$up_av_playback_enabled}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'up_thumbnail_size_enabled', '{$up_thumbnail_size_enabled}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'zip_enabled', '{$enable_zip}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'zip_path', '{$zip_path}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'tmp_path', '{$tmp_path}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'ftp_path', '{$ftp_path}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'ffmpeg_enabled', '{$enable_ffmpeg}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'ffmpeg_path', '{$ffmpeg_path}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'preserve_filename',' {$preserve_filename}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'discard_original','{$discard_originals}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'verbose','{$verbose}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'disable_whatsnew_comments','{$dwnc}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'enable_media_id','{$emid}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'full_in_popup','{$fip}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'commentbar','{$cmtbar}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'title_length','{$wn_length}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'custom_image_height','{$custom_image_height}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'custom_image_width','{$custom_image_width}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'random_width','{$random_width}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'def_refresh_rate','{$refresh_rate}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'def_time_limit','{$time_limit}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'def_item_limit','{$item_limit}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'postcard_retention','{$postcard_retention}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'profile_hook','{$profile_hook}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'indexskin','{$index_album_skin}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'random_skin','{$random_skin}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'subalbum_select','{$subalbum_select}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'popup_from_album','{$popup_from_album}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'autotag_caption','{$autotag_caption}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'indextheme','{$indextheme}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_border','{$at_border}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_align','{$at_align}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_width','{$at_width}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_height','{$at_height}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_src','{$at_src}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_autoplay','{$at_autoplay}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_enable_link','{$at_enable_link}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_delay','{$at_delay}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_showtitle','{$at_showtitle}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'search_columns','{$search_columns}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'search_rows','{$search_rows}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'search_playback_type','{$search_playback_type}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'search_enable_views','{$search_enable_views}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'search_enable_rating','{$search_enable_rating}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'gallery_only','{$gallery_only}'"); DB_save($_TABLES['mg_config'], "config_name, config_value", "'index_all','{$index_all}'"); // now reset anything in the prefs that need to be reset... if ($up_display_rows_enabled == 0) { DB_query("UPDATE {$_TABLES['mg_userprefs']} SET display_rows=0"); } if ($up_display_columns_enabled == 0) { DB_query("UPDATE {$_TABLES['mg_userprefs']} SET display_columns=0"); } if ($up_mp3_player_enabled == 0) { DB_query("UPDATE {$_TABLES['mg_userprefs']} SET mp3_player=-1"); } if ($up_av_playback_enabled == 0) { DB_query("UPDATE {$_TABLES['mg_userprefs']} SET playback_mode=-1"); } if ($up_thumbnail_size_enabled == 0) { DB_query("UPDATE {$_TABLES['mg_userprefs']} SET tn_size=-1"); } $result = DB_query("SELECT * FROM " . $_TABLES['mg_config'], 1); $nRows = DB_numRows($result); for ($x = 0; $x < $nRows; $x++) { $row = DB_fetchArray($result); $_MG_CONF[$row['config_name']] = $row['config_value']; } return MG_editConfig($LANG_MG09[2]); }