function do_postchecks()
{
    global $context, $txt, $settings, $boarddir, $smcFunc, $sourcedir;
    // If we have any setting changes add them to this array
    $updateArray = array();
    // which screen do we come frm?
    if (!empty($_POST['tpadmin_form'])) {
        // get it
        $from = $_POST['tpadmin_form'];
        //news
        if ($from == 'news') {
            return 'news';
        } elseif ($from == 'blockoverview') {
            checkSession('post');
            isAllowedTo('tp_blocks');
            $block = array();
            foreach ($_POST as $what => $value) {
                if (substr($what, 5, 7) == 'tpblock') {
                    // get the id
                    $bid = substr($what, 12);
                    if (!isset($block[$bid])) {
                        $block[$bid] = array();
                    }
                    if ($value != 'control' && !in_array($value, $block[$bid])) {
                        $block[$bid][] = $value;
                    }
                }
            }
            foreach ($block as $bl => $blo) {
                $request = $smcFunc['db_query']('', '
					SELECT access FROM {db_prefix}tp_blocks 
					WHERE id = {int:blockid}', array('blockid' => $bl));
                if ($smcFunc['db_num_rows']($request) > 0) {
                    $row = $smcFunc['db_fetch_assoc']($request);
                    $smcFunc['db_free_result']($request);
                    $request = $smcFunc['db_query']('', '
						UPDATE {db_prefix}tp_blocks 
						SET access = {string:access} WHERE id = {int:blockid}', array('access' => implode(',', $blo), 'blockid' => $bl));
                }
            }
            return 'blocks;overview';
        } elseif (in_array($from, array('settings', 'frontpage', 'artsettings', 'panels'))) {
            checkSession('post');
            isAllowedTo('tp_settings');
            $w = array();
            $ssi = array();
            foreach ($_POST as $what => $value) {
                if (substr($what, 0, 3) == 'tp_') {
                    $where = substr($what, 3);
                    $clean = $value;
                    // for frontpage, do some extra
                    if ($from == 'frontpage') {
                        if (substr($what, 0, 20) == 'tp_frontpage_visual_') {
                            $w[] = substr($what, 20);
                            unset($clean);
                        } elseif (substr($what, 0, 21) == 'tp_frontpage_usorting') {
                            $w[] = 'sort_' . $value;
                            unset($clean);
                        } elseif (substr($what, 0, 26) == 'tp_frontpage_sorting_order') {
                            $w[] = 'sortorder_' . $value;
                            unset($clean);
                        } elseif (substr($what, 0, 11) == 'tp_ssiboard') {
                            if ($value != 0) {
                                $ssi[$value] = $value;
                            }
                        }
                    }
                    if ($from == 'settings' && $what == 'tp_frontpage_title') {
                        $updateArray['frontpage_title'] = $clean;
                    } else {
                        if (isset($clean)) {
                            $updateArray[$where] = $clean;
                        }
                    }
                }
            }
            // check the frontpage visual setting..
            if ($from == 'frontpage') {
                $updateArray['frontpage_visual'] = implode(',', $w);
                $updateArray['SSI_board'] = implode(',', $ssi);
            }
            updateTPSettings($updateArray);
            return $from;
        } elseif ($from == 'categories') {
            checkSession('post');
            isAllowedTo('tp_articles');
            foreach ($_POST as $what => $value) {
                if (substr($what, 0, 3) == 'tp_') {
                    // for frontpage, do some extra
                    if ($from == 'categories') {
                        if (substr($what, 0, 19) == 'tp_category_value2_') {
                            $where = tp_sanitize(substr($what, 19));
                            //make sure parent are not its own parent
                            $request = $smcFunc['db_query']('', '
								SELECT value2 FROM {db_prefix}tp_variables 
								WHERE id = {string:varid} LIMIT 1', array('varid' => $value));
                            $row = $smcFunc['db_fetch_assoc']($request);
                            $smcFunc['db_free_result']($request);
                            if ($row['value2'] == $where) {
                                $smcFunc['db_query']('', '
									UPDATE {db_prefix}tp_variables 
									SET value2 = {string:val2}
									WHERE id = {string:varid} LIMIT 1', array('val2' => '0', 'varid' => $value));
                            }
                            $smcFunc['db_query']('', '
								UPDATE {db_prefix}tp_variables 
								SET value2 = {string:val2}
								WHERE id = {string:varid} LIMIT 1', array('val2' => $value, 'varid' => $where));
                        }
                    }
                }
            }
            return $from;
        } elseif ($from == 'articles') {
            checkSession('post');
            isAllowedTo('tp_articles');
            foreach ($_POST as $what => $value) {
                if (substr($what, 0, 14) == 'tp_article_pos') {
                    $where = tp_sanitize(substr($what, 14));
                    $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_articles 
							SET parse = {int:parse} 
							WHERE id = {int:artid} LIMIT 1', array('parse' => $value, 'artid' => $where));
                }
            }
            if (isset($_POST['tpadmin_form_category']) && is_numeric($_POST['tpadmin_form_category'])) {
                return $from . ';cu=' . $_POST['tpadmin_form_category'];
            } else {
                return $from;
            }
        } elseif ($from == 'modules') {
            checkSession('post');
            isAllowedTo('tp_settings');
            foreach ($_POST as $what => $value) {
                if ($what == 'tp_show_download') {
                    $updateArray['show_download'] = $value;
                } elseif (substr($what, 0, 14) == 'tpmodule_state') {
                    $smcFunc['db_query']('', '
						UPDATE {db_prefix}tp_modules 
						SET active = {int:active} 
						WHERE id = {int:modid}', array('active' => $value, 'modid' => substr($what, 14)));
                }
            }
            updateTPSettings($updateArray);
            return $from;
        } elseif ($from == 'menuitems') {
            checkSession('post');
            isAllowedTo('tp_blocks');
            $all = explode(',', $context['TPortal']['sitemap_items']);
            foreach ($_POST as $what => $value) {
                if (substr($what, 0, 8) == 'menu_pos') {
                    $smcFunc['db_query']('', '
						UPDATE {db_prefix}tp_variables 
						SET subtype = {string:subtype} 
						WHERE id = {int:varid}', array('subtype' => tp_sanitize($value), 'varid' => substr($what, 8)));
                } elseif (substr($what, 0, 8) == 'menu_sub') {
                    $smcFunc['db_query']('', '
						UPDATE {db_prefix}tp_variables 
						SET value4 = {string:val4} 
						WHERE id = {int:varid}', array('val4' => tp_sanitize($value), 'varid' => substr($what, 8)));
                } elseif (substr($what, 0, 15) == 'tp_menu_sitemap') {
                    $new = substr($what, 15);
                    if ($value == 0 && in_array($new, $all)) {
                        foreach ($all as $key => $value) {
                            if ($all[$key] == $new) {
                                unset($all[$key]);
                            }
                        }
                    } elseif ($value == 1 && !in_array($new, $all)) {
                        $all[] = $new;
                    }
                    $updateArray['sitemap_items'] = implode(',', $all);
                }
            }
            updateTPSettings($updateArray);
            redirectexit('action=tpadmin;sa=menubox;mid=' . $_POST['tp_menuid']);
        } elseif ($from == 'menus') {
            checkSession('post');
            isAllowedTo('tp_blocks');
            foreach ($_POST as $what => $value) {
                if (substr($what, 0, 12) == 'tp_menu_name') {
                    $smcFunc['db_query']('', '
						UPDATE {db_prefix}tp_variables 
						SET value1 = {string:val1} 
						WHERE id = {int:varid}', array('val1' => tp_sanitize($value), 'varid' => substr($what, 12)));
                }
            }
            redirectexit('action=tpadmin;sa=menubox');
        } elseif ($from == 'singlemenuedit') {
            checkSession('post');
            isAllowedTo('tp_blocks');
            $where = isset($_POST['tpadmin_form_id']) ? $_POST['tpadmin_form_id'] : 0;
            foreach ($_POST as $what => $value) {
                if ($what == 'tp_menu_name') {
                    // make sure special charachters can't be done
                    $value = preg_replace('~&#\\d+$~', '', $value);
                    $smcFunc['db_query']('', '
						UPDATE {db_prefix}tp_variables 
						SET value1 = {string:val1} 
						WHERE id = {int:varid}', array('val1' => $value, 'varid' => $where));
                } elseif ($what == 'tp_menu_newlink') {
                    $smcFunc['db_query']('', '
						UPDATE {db_prefix}tp_variables 
						SET value2 = {string:var2} 
						WHERE id = {int:varid}', array('var2' => $value, 'varid' => $where));
                } elseif ($what == 'tp_menu_menuid') {
                    $smcFunc['db_query']('', '
						UPDATE {db_prefix}tp_variables 
						SET subtype2 = {int:subtype2} 
						WHERE id = {int:varid}', array('subtype2' => $value, 'varid' => $where));
                } elseif ($what == 'tp_menu_type') {
                    if ($value == 'cats') {
                        $idtype = 'cats' . $_POST['tp_menu_category'];
                    } elseif ($value == 'arti') {
                        $idtype = 'arti' . $_POST['tp_menu_article'];
                    } elseif ($value == 'link') {
                        $idtype = $_POST['tp_menu_link'];
                    } elseif ($value == 'head') {
                        $idtype = 'head';
                    } elseif ($value == 'spac') {
                        $idtype = 'spac';
                    }
                    $smcFunc['db_query']('', '
						UPDATE {db_prefix}tp_variables 
						SET value3 = {string:val3} 
						WHERE id = {int:varid}', array('val3' => $idtype, 'varid' => $where));
                } elseif ($what == 'tp_menu_sub') {
                    $smcFunc['db_query']('', '
						UPDATE {db_prefix}tp_variables
						SET value4 = {string:val4}
						WHERE id = {int:varid}', array('val4' => $value, 'varid' => $where));
                } elseif (substr($what, 0, 15) == 'tp_menu_newlink') {
                    $smcFunc['db_query']('', '
						UPDATE {db_prefix}tp_variables 
						SET value2 =  
						WHERE id = {int:varid}', array('val2' => $value, 'varid' => $where));
                }
            }
            redirectexit('action=tpadmin;linkedit=' . $where . ';' . $context['session_var'] . '=' . $context['session_id']);
        } elseif ($from == 'addcategory') {
            checkSession('post');
            isAllowedTo('tp_articles');
            $name = !empty($_POST['tp_cat_name']) ? $_POST['tp_cat_name'] : $txt['tp-noname'];
            $parent = !empty($_POST['tp_cat_parent']) ? $_POST['tp_cat_parent'] : '0';
            $smcFunc['db_insert']('INSERT', '{db_prefix}tp_variables', array('value1' => 'string', 'value2' => 'string', 'value3' => 'string', 'type' => 'string', 'value4' => 'string', 'value5' => 'int', 'subtype' => 'string', 'value7' => 'string', 'value8' => 'string', 'subtype2' => 'int'), array(strip_tags($name), $parent, '', 'category', '', 0, '', 'catlayout=1|layout=1', 0, 0), array('id'));
            $go = $smcFunc['db_insert_id']('{db_prefix}tp_variables', 'id');
            redirectexit('action=tpadmin;sa=categories;cu=' . $go);
        } elseif ($from == 'clist') {
            checkSession('post');
            isAllowedTo('tp_articles');
            $cats = array();
            foreach ($_POST as $what => $value) {
                if (substr($what, 0, 8) == 'tp_clist') {
                    $cats[] = $value;
                }
            }
            if (sizeof($cats) > 0) {
                $catnames = implode(',', $cats);
            } else {
                $catnames = '';
            }
            $updateArray['cat_list'] = $catnames;
            updateTPSettings($updateArray);
            return $from;
        } elseif ($from == 'editcategory') {
            checkSession('post');
            isAllowedTo('tp_articles');
            $options = array();
            $groups = array();
            $where = $_POST['tpadmin_form_id'];
            foreach ($_POST as $what => $value) {
                if (substr($what, 0, 3) == 'tp_') {
                    $clean = tp_sanitize($value);
                    $param = substr($what, 12);
                    if (in_array($param, array('value5', 'value6', 'value8'))) {
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_variables 
							SET ' . $param . ' = {string:val} 
							WHERE id = {int:varid} LIMIT 1', array('val' => $value, 'varid' => $where));
                    } elseif ($param == 'value2') {
                        //make sure parent are not its own parent
                        $request = $smcFunc['db_query']('', '
							SELECT value2 FROM {db_prefix}tp_variables 
							WHERE id = {int:varid} LIMIT 1', array('varid' => $value));
                        $row = $smcFunc['db_fetch_assoc']($request);
                        $smcFunc['db_free_result']($request);
                        if ($row['value2'] == $where) {
                            $smcFunc['db_query']('', '
								UPDATE {db_prefix}tp_variables 
								SET value2 = {string:val2} 
								WHERE id = {int:varid} LIMIT 1', array('val2' => '0', 'varid' => $value));
                        }
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_variables 
							SET value2 = {string:val2} 
							WHERE id = {int:varid} LIMIT 1', array('val2' => $value, 'varid' => $where));
                    } elseif ($param == 'value1') {
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_variables 
							SET value1 = {string:val1} 
							WHERE id = {int:varid} LIMIT 1', array('val1' => strip_tags($value), 'varid' => $where));
                    } elseif ($param == 'value4') {
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_variables 
							SET value4 = {string:val4} 
							WHERE id = {int:varid} LIMIT 1', array('val4' => $value, 'varid' => $where));
                    } elseif ($param == 'value9') {
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_variables 
							SET value9 = {string:val9} 
							WHERE id = {int:varid} LIMIT 1', array('val9' => $value, 'varid' => $where));
                    } elseif (substr($param, 0, 6) == 'group_') {
                        $groups[] = substr($param, 6);
                    } else {
                        $options[] = $param . '=' . $value;
                    }
                }
            }
            $smcFunc['db_query']('', '
				UPDATE {db_prefix}tp_variables 
				SET value3 = {string:val3}, value7 = {string:val7} 
				WHERE id = {int:varid} LIMIT 1', array('val3' => implode(',', $groups), 'val7' => implode('|', $options), 'varid' => $where));
            $from = 'categories;cu=' . $where;
            return $from;
        } elseif ($from == 'strays') {
            checkSession('post');
            isAllowedTo('tp_articles');
            $ccats = array();
            // check if we have some values
            foreach ($_POST as $what => $value) {
                if (substr($what, 0, 16) == 'tp_article_stray') {
                    $ccats[] = substr($what, 16);
                } elseif ($what == 'tp_article_cat') {
                    $straycat = $value;
                } elseif ($what == 'tp_article_new') {
                    $straynewcat = $value;
                }
            }
            // update
            if (isset($straycat) && sizeof($ccats) > 0) {
                $category = $straycat;
                if ($category == 0 && !empty($straynewcat)) {
                    $request = $smcFunc['db_insert']('INSERT', '{db_prefix}tp_variables', array('value1' => 'string', 'value2' => 'string', 'type' => 'string'), array(strip_tags($straynewcat), '0', 'category'), array('id'));
                    $newcategory = $smcFunc['db_insert_id']('{db_prefix}tp_variables', 'id');
                    $smcFunc['db_free_result']($request);
                }
                $smcFunc['db_query']('', '
					UPDATE {db_prefix}tp_articles 
					SET category = {int:cat} 
					WHERE id IN ({array_int:artid})', array('cat' => !empty($newcategory) ? $newcategory : $category, 'artid' => $ccats));
            }
            return $from;
        } elseif ($from == 'articons') {
            checkSession('post');
            isAllowedTo('tp_articles');
            // any icons sent?
            if (file_exists($_FILES['tp_article_newicon']['tmp_name'])) {
                TPuploadpicture('tp_article_newicon', '', '300', 'jpg,gif,png', 'tp-files/tp-articles/icons');
            }
            if (file_exists($_FILES['tp_article_newillustration']['tmp_name'])) {
                $name = TPuploadpicture('tp_article_newillustration', '', '500', 'jpg,gif,png', 'tp-files/tp-articles/illustrations');
                tp_createthumb('tp-files/tp-articles/illustrations/' . $name, 128, 128, 'tp-files/tp-articles/illustrations/s_' . $name);
                unlink('tp-files/tp-articles/illustrations/' . $name);
            }
            // how about deleted?
            foreach ($_POST as $what => $value) {
                if (substr($what, 0, 7) == 'articon') {
                    unlink($boarddir . '/tp-files/tp-articles/icons/' . $value);
                } elseif (substr($what, 0, 15) == 'artillustration') {
                    unlink($boarddir . '/tp-files/tp-articles/illustrations/' . $value);
                }
            }
            return $from;
        } elseif ($from == 'menuadd') {
            checkSession('post');
            isAllowedTo('tp_blocks');
            if (!empty($_POST['tp_menu_title'])) {
                $mtitle = strip_tags($_POST['tp_menu_title']);
                $smcFunc['db_insert']('INSERT', '{db_prefix}tp_variables', array('value1' => 'string', 'type' => 'string'), array($mtitle, 'menus'), array('id'));
                redirectexit('action=tpadmin;sa=menubox');
            }
        } elseif ($from == 'menuaddsingle') {
            checkSession('post');
            isAllowedTo('tp_blocks');
            $mid = $_POST['tp_menu_menuid'];
            $mtitle = strip_tags($_POST['tp_menu_title']);
            if ($mtitle == '') {
                $mtitle = $txt['tp-no_title'];
            }
            $mtype = $_POST['tp_menu_type'];
            $mcat = isset($_POST['tp_menu_category']) ? $_POST['tp_menu_category'] : '';
            $mart = isset($_POST['tp_menu_article']) ? $_POST['tp_menu_article'] : '';
            $mlink = isset($_POST['tp_menu_link']) ? $_POST['tp_menu_link'] : '';
            $mhead = isset($_POST['tp_menu_head']) ? $_POST['tp_menu_head'] : '';
            $mnewlink = isset($_POST['tp_menu_newlink']) ? $_POST['tp_menu_newlink'] : '0';
            if ($mtype == 'cats') {
                $mtype = 'cats' . $mcat;
            } elseif ($mtype == 'arti') {
                $mtype = 'arti' . $mart;
            } elseif ($mtype == 'head') {
                $mtype = 'head' . $mhead;
            } elseif ($mtype == 'spac') {
                $mtype = 'spac';
            } else {
                $mtype = $mlink;
            }
            $msub = $_POST['tp_menu_sub'];
            $smcFunc['db_insert']('INSERT', '{db_prefix}tp_variables', array('value1' => 'string', 'value2' => 'string', 'value3' => 'string', 'type' => 'string', 'value4' => 'string', 'value5' => 'int', 'subtype2' => 'int'), array($mtitle, $mnewlink, $mtype, 'menubox', $msub, -1, $mid), array('id'));
            redirectexit('action=tpadmin;sa=menubox;mid=' . $mid);
        } elseif ($from == 'submission') {
            checkSession('post');
            isAllowedTo('tp_articles');
            $ccats = array();
            // check if we have some values
            foreach ($_POST as $what => $value) {
                if (substr($what, 0, 21) == 'tp_article_submission') {
                    $ccats[] = substr($what, 21);
                } elseif ($what == 'tp_article_cat') {
                    $straycat = $value;
                } elseif ($what == 'tp_article_new') {
                    $straynewcat = $value;
                }
            }
            // update
            if (isset($straycat) && sizeof($ccats) > 0) {
                $category = $straycat;
                if ($category == 0 && !empty($straynewcat)) {
                    $request = $smcFunc['db_insert']('INSERT', '{db_prefix}tp_variables', array('value1' => 'string', 'value2' => 'string', 'type' => 'string'), array($straynewcat, '0', 'category'), array('id'));
                    $newcategory = $smcFunc['db_insert_id']('{db_prefix}tp_variables', 'id');
                    $smcFunc['db_free_result']($request);
                }
                $smcFunc['db_query']('', '
					UPDATE {db_prefix}tp_articles 
					SET approved = {int:approved}, category = {int:cat} 
					WHERE id IN ({array_int:artid})', array('approved' => 1, 'cat' => !empty($newcategory) ? $newcategory : $category, 'artid' => $ccats));
                $smcFunc['db_query']('', '
					DELETE FROM {db_prefix}tp_variables 
					WHERE type = {string:type} 
					AND value5 IN ({array_int:val5})', array('type' => 'art_not_approved', 'val5' => $ccats));
            }
            return $from;
        } elseif ($from == 'blocks') {
            checkSession('post');
            isAllowedTo('tp_blocks');
            foreach ($_POST as $what => $value) {
                if (substr($what, 0, 3) == 'pos') {
                    $where = substr($what, 3);
                    if (is_numeric($where)) {
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_blocks 
							SET pos = {int:pos} 
							WHERE id = {int:blockid}', array('pos' => $value, 'blockid' => $where));
                    }
                } elseif (substr($what, 0, 6) == 'addpos') {
                    $where = substr($what, 6);
                    if (is_numeric($where)) {
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_blocks 
							SET pos = (pos + 11) 
							WHERE id = {int:blockid}', array('blockid' => $where));
                    }
                } elseif (substr($what, 0, 6) == 'subpos') {
                    $where = substr($what, 6);
                    if (is_numeric($where)) {
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_blocks SET pos = (pos - 11) 
							WHERE id = {int:blockid}', array('blockid' => $where));
                    }
                } elseif (substr($what, 0, 4) == 'type') {
                    $where = substr($what, 4);
                    $smcFunc['db_query']('', '
						UPDATE {db_prefix}tp_blocks 
						SET type = {int:type} 
						WHERE id = {int:blockid}', array('type' => $value, 'blockid' => $where));
                } elseif (substr($what, 0, 5) == 'title') {
                    $where = strip_tags(substr($what, 5));
                    $smcFunc['db_query']('', '
						UPDATE {db_prefix}tp_blocks 
						SET title = {string:title} 
						WHERE id = {int:blockid}', array('title' => $value, 'blockid' => $where));
                } elseif (substr($what, 0, 9) == 'blockbody') {
                    $where = tp_sanitize(substr($what, 9));
                    $smcFunc['db_query']('', '
						UPDATE {db_prefix}tp_blocks 
						SET body = {string:body} 
						WHERE id = {int:blockid}', array('body' => $value, 'blockid' => $where));
                }
            }
            redirectexit('action=tpadmin;sa=blocks');
        } elseif ($from == 'addblock') {
            checkSession('post');
            isAllowedTo('tp_blocks');
            $title = empty($_POST['tp_addblocktitle']) ? '-no title-' : $_POST['tp_addblocktitle'];
            $panel = $_POST['tp_addblockpanel'];
            $type = $_POST['tp_addblock'];
            if (!is_numeric($type)) {
                if (substr($type, 0, 3) == 'mb_') {
                    $request = $smcFunc['db_query']('', '
						SELECT * FROM {db_prefix}tp_blocks 
						WHERE id = {int:blockid}', array('blockid' => substr($type, 3)));
                    if ($smcFunc['db_num_rows']($request) > 0) {
                        $cp = $smcFunc['db_fetch_assoc']($request);
                        $smcFunc['db_free_result']($request);
                    }
                } else {
                    $od = TPparseModfile(file_get_contents($boarddir . '/tp-files/tp-blockcodes/' . $type . '.blockcode'), array('code'));
                }
            }
            if (isset($od['code'])) {
                $body = tp_convertphp($od['code']);
                $type = 10;
            } else {
                $body = '';
            }
            if (isset($cp)) {
                $smcFunc['db_insert']('INSERT', '{db_prefix}tp_blocks', array('type' => 'int', 'frame' => 'string', 'title' => 'string', 'body' => 'string', 'access' => 'string', 'bar' => 'int', 'pos' => 'int', 'off' => 'int', 'visible' => 'string', 'var1' => 'int', 'var2' => 'int', 'lang' => 'string', 'access2' => 'string', 'editgroups' => 'string'), array($cp['type'], $cp['frame'], $title, $cp['body'], $cp['access'], $panel, 0, 1, 1, $cp['var1'], $cp['var2'], $cp['lang'], $cp['access2'], $cp['editgroups']), array('id'));
            } else {
                $smcFunc['db_insert']('INSERT', '{db_prefix}tp_blocks', array('type' => 'int', 'frame' => 'string', 'title' => 'string', 'body' => 'string', 'access' => 'string', 'bar' => 'int', 'pos' => 'int', 'off' => 'int', 'visible' => 'string', 'var1' => 'int', 'var2' => 'int', 'lang' => 'string', 'access2' => 'string', 'editgroups' => 'string'), array($type, 'theme', $title, $body, '-1,0,1', $panel, 0, 1, 1, 0, 0, '', 'actio=allpages', ''), array('id'));
            }
            $where = $smcFunc['db_insert_id']('{db_prefix}tp_blocks', 'id');
            if (!empty($where)) {
                redirectexit('action=tpadmin;blockedit=' . $where . ';sesc=' . $context['session_id']);
            } else {
                redirectexit('action=tpadmin;sa=blocks');
            }
        } elseif ($from == 'blockedit') {
            checkSession('post');
            isAllowedTo('tp_blocks');
            $where = is_numeric($_POST['tpadmin_form_id']) ? $_POST['tpadmin_form_id'] : 0;
            $tpgroups = array();
            $editgroups = array();
            $access = array();
            $lang = array();
            foreach ($_POST as $what => $value) {
                if (substr($what, 0, 9) == 'tp_block_') {
                    $setting = substr($what, 9);
                    if ($setting == 'body') {
                        // If we came from WYSIWYG then turn it back into BBC regardless.
                        if (!empty($_REQUEST['tp_block_body_mode']) && isset($_REQUEST['tp_block_body'])) {
                            require_once $sourcedir . '/Subs-Editor.php';
                            $_REQUEST['tp_block_body'] = html_to_bbc($_REQUEST['tp_block_body']);
                            // We need to unhtml it now as it gets done shortly.
                            $_REQUEST['tp_block_body'] = un_htmlspecialchars($_REQUEST['tp_block_body']);
                            // We need this for everything else.
                            $value = $_POST['tp_block_body'] = $_REQUEST['tp_block_body'];
                        }
                        // PHP block?
                        if ($_POST['tp_block_type'] == 10) {
                            $value = tp_convertphp($value);
                        }
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_blocks 
							SET ' . $setting . ' = {string:value} 
							WHERE id = {int:blockid}', array('value' => $value, 'blockid' => $where));
                    } elseif ($setting == 'title') {
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_blocks 
							SET title = {string:title} 
							WHERE id = {int:blockid}', array('title' => $value, 'blockid' => $where));
                    } elseif ($setting == 'body_mode' || $setting == 'body_choice' || $setting == 'body_pure') {
                        $go = '';
                    } elseif ($setting == 'frame') {
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_blocks 
							SET frame = {string:val}
							WHERE id = {int:blockid}', array('val' => $value, 'blockid' => $where));
                    } else {
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_blocks 
							SET ' . $setting . ' = {raw:val}
							WHERE id = {int:blockid}', array('val' => $value, 'blockid' => $where));
                    }
                } elseif (substr($what, 0, 8) == 'tp_group') {
                    $tpgroups[] = substr($what, 8);
                } elseif (substr($what, 0, 12) == 'tp_editgroup') {
                    $editgroups[] = substr($what, 12);
                } elseif (substr($what, 0, 10) == 'actiontype') {
                    $access[] = 'actio=' . $value;
                } elseif (substr($what, 0, 9) == 'boardtype') {
                    $access[] = 'board=' . $value;
                } elseif (substr($what, 0, 11) == 'articletype') {
                    $access[] = 'tpage=' . $value;
                } elseif (substr($what, 0, 12) == 'categorytype') {
                    $access[] = 'tpcat=' . $value;
                } elseif (substr($what, 0, 8) == 'langtype') {
                    $access[] = 'tlang=' . $value;
                } elseif (substr($what, 0, 9) == 'dlcattype') {
                    $access[] = 'dlcat=' . $value;
                } elseif (substr($what, 0, 9) == 'tpmodtype') {
                    $access[] = 'tpmod=' . $value;
                } elseif (substr($what, 0, 9) == 'custotype' && !empty($value)) {
                    $items = explode(',', $value);
                    foreach ($items as $iti => $it) {
                        $access[] = 'actio=' . $it;
                    }
                } elseif (substr($what, 0, 8) == 'tp_lang_') {
                    if (substr($what, 8) != '') {
                        $lang[] = substr($what, 8) . '|' . $value;
                    }
                } elseif (substr($what, 0, 18) == 'tp_userbox_options') {
                    if (!isset($userbox)) {
                        $userbox = array();
                    }
                    $userbox[] = $value;
                } elseif (substr($what, 0, 8) == 'tp_theme') {
                    $theme = substr($what, 8);
                    if (!isset($themebox)) {
                        $themebox = array();
                    }
                    // get the path too
                    if (isset($_POST['tp_path' . $theme])) {
                        $tpath = $_POST['tp_path' . $theme];
                    } else {
                        $tpath = '';
                    }
                    $themebox[] = $theme . '|' . $value . '|' . $tpath;
                }
            }
            // construct the access++
            $smcFunc['db_query']('', '
				UPDATE {db_prefix}tp_blocks 
				SET	access2 = {string:acc2},
					access = {string:acc},
					lang = {string:lang},
					editgroups = {string:editgrp}
				WHERE id = {int:blockid}', array('acc2' => implode(',', $access), 'acc' => implode(',', $tpgroups), 'lang' => implode('|', $lang), 'editgrp' => implode(',', $editgroups), 'blockid' => $where));
            if (isset($userbox)) {
                $updateArray['userbox_options'] = implode(',', $userbox);
            }
            if (isset($themebox)) {
                $smcFunc['db_query']('', '
					UPDATE {db_prefix}tp_blocks 
					SET body = {string:body}
					WHERE id = {int:blockid}', array('body' => implode(',', $themebox), 'blockid' => $where));
            }
            // anything from PHP block?
            if (isset($_POST['blockcode_overwrite'])) {
                // get the blockcode
                $newval = TPparseModfile(file_get_contents($boarddir . '/tp-files/tp-blockcodes/' . $_POST['tp_blockcode'] . '.blockcode'), array('code'));
                $smcFunc['db_query']('', '
					UPDATE {db_prefix}tp_blocks 
					SET body = {string:body}
					WHERE id = {int:blockid}', array('body' => $newval['code'], 'blockid' => $where));
            }
            // check if uploadad picture
            if (isset($_FILES['qup_blockbody']) && file_exists($_FILES['qup_blockbody']['tmp_name'])) {
                $name = TPuploadpicture('qup_blockbody', $context['user']['id'] . 'uid');
                tp_createthumb('tp-images/' . $name, 50, 50, 'tp-images/thumbs/thumb_' . $name);
            }
            updateTPSettings($updateArray);
            redirectexit('action=tpadmin;blockedit=' . $where . ';' . $context['session_var'] . '=' . $context['session_id']);
        } elseif (substr($from, 0, 11) == 'editarticle') {
            checkSession('post');
            isAllowedTo('tp_articles');
            $new = false;
            $where = substr($from, 11);
            if (empty($where)) {
                // we need to create one first
                $smcFunc['db_insert']('INSERT', '{db_prefix}tp_articles', array('date' => 'int'), array(time()), array('id'));
                $where = $smcFunc['db_insert_id']('{db_prefix}tp_articles', 'id');
                $new = true;
                $from = 'editarticle' . $where;
            }
            // check if uploads are there
            if (file_exists($_FILES['tp_article_illupload']['tmp_name'])) {
                $name = TPuploadpicture('tp_article_illupload', '', '180', 'jpg,gif,png', 'tp-files/tp-articles/illustrations');
                tp_createthumb('tp-files/tp-articles/illustrations/' . $name, 128, 128, 'tp-files/tp-articles/illustrations/s_' . $name);
                $smcFunc['db_query']('', '
					UPDATE {db_prefix}tp_articles 
					SET illustration = {string:ill} 
					WHERE id = {int:artid} LIMIT 1', array('ill' => 's_' . $name, 'artid' => $where));
            }
            // check if uploadad picture
            if (isset($_FILES['qup_tp_article_body']) && file_exists($_FILES['qup_tp_article_body']['tmp_name'])) {
                $name = TPuploadpicture('qup_tp_article_body', $context['user']['id'] . 'uid');
                tp_createthumb('tp-images/' . $name, 50, 50, 'tp-images/thumbs/thumb_' . $name);
            }
            $options = array();
            foreach ($_POST as $what => $value) {
                if (substr($what, 0, 11) == 'tp_article_' && !empty($where)) {
                    $setting = substr($what, 11);
                    if ($setting == 'authorid') {
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_articles 
							SET author_id = {int:auth} 
							WHERE id = {int:artid} LIMIT 1', array('auth' => $value, 'artid' => $where));
                    } elseif ($setting == 'idtheme') {
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_articles 
							SET id_theme = {int:id_theme} 
							WHERE id = {int:artid} LIMIT 1', array('id_theme' => $value, 'artid' => $where));
                    } elseif ($setting == 'subject') {
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_articles 
							SET subject = {string:subject} 
							WHERE id = {int:artid} LIMIT 1', array('subject' => $value, 'artid' => $where));
                    } elseif ($setting == 'shortname') {
                        $value = htmlspecialchars(str_replace(' ', '-', $value), ENT_QUOTES);
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_articles 
							SET shortname = {string:shortname} 
							WHERE id = {int:artid} LIMIT 1', array('shortname' => $value, 'artid' => $where));
                    } elseif ($setting == 'category') {
                        // for the event, get the allowed
                        $request = $smcFunc['db_query']('', '
							SELECT value3 FROM {db_prefix}tp_variables 
							WHERE id = {int:varid} LIMIT 1', array('varid' => $value));
                        if ($smcFunc['db_num_rows']($request) > 0) {
                            $row = $smcFunc['db_fetch_assoc']($request);
                            $allowed = $row['value3'];
                            $smcFunc['db_free_result']($request);
                        }
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_articles 
							SET category = {int:cat} 
							WHERE id = {int:artid} LIMIT 1', array('cat' => $value, 'artid' => $where));
                    } elseif (in_array($setting, array('body', 'intro'))) {
                        // If we came from WYSIWYG then turn it back into BBC regardless.
                        if (!empty($_REQUEST['tp_article_body_mode']) && isset($_REQUEST['tp_article_body'])) {
                            require_once $sourcedir . '/Subs-Editor.php';
                            $_REQUEST['tp_article_body'] = html_to_bbc($_REQUEST['tp_article_body']);
                            // We need to unhtml it now as it gets done shortly.
                            $_REQUEST['tp_article_body'] = un_htmlspecialchars($_REQUEST['tp_article_body']);
                            // We need this for everything else.
                            if ($setting == 'body') {
                                $value = $_POST['tp_article_body'] = $_REQUEST['tp_article_body'];
                            } elseif ($settings == 'intro') {
                                $value = $_POST['tp_article_intro'] = $_REQUEST['tp_article_intro'];
                            }
                        }
                        // in case of HTML article we need to check it
                        if (isset($_POST['tp_article_body_pure']) && isset($_POST['tp_article_body_choice'])) {
                            if ($_POST['tp_article_body_choice'] == 0) {
                                if ($setting == 'body') {
                                    $value = $_POST['tp_article_body_pure'];
                                } elseif ($setting == 'intro') {
                                    $value = $_POST['tp_article_intro'];
                                }
                            }
                            // save the choice too
                            $request = $smcFunc['db_query']('', '
								SELECT id FROM {db_prefix}tp_variables 
								WHERE subtype2 = {int:sub2}  
								AND type = {string:type} LIMIT 1', array('sub2' => $where, 'type' => 'editorchoice'));
                            if ($smcFunc['db_num_rows']($request) > 0) {
                                $row = $smcFunc['db_fetch_assoc']($request);
                                $smcFunc['db_free_result']($request);
                                $smcFunc['db_query']('', '
									UPDATE {db_prefix}tp_variables 
									SET value1 = {string:val1}
									WHERE subtype2 = {int:sub2} 
									AND type = {string:type}', array('val1' => $_POST['tp_article_body_choice'], 'sub2' => $where, 'type' => 'editorchoice'));
                            } else {
                                $smcFunc['db_insert']('INSERT', '{db_prefix}tp_variables', array('value1' => 'string', 'type' => 'string', 'subtype2' => 'int'), array($_POST['tp_article_body_choice'], 'editorchoice', $where), array('id'));
                            }
                        }
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_articles 
							SET ' . $setting . ' = {string:val} 
							WHERE id = {int:artid} LIMIT 1', array('val' => $value, 'artid' => $where));
                    } elseif (in_array($setting, array('day', 'month', 'year', 'minute', 'hour', 'timestamp'))) {
                        $timestamp = mktime($_POST['tp_article_hour'], $_POST['tp_article_minute'], 0, $_POST['tp_article_month'], $_POST['tp_article_day'], $_POST['tp_article_year']);
                        if (!isset($savedtime)) {
                            $smcFunc['db_query']('', '
								UPDATE {db_prefix}tp_articles 
								SET date = {int:date} 
								WHERE id = {int:artid} LIMIT 1', array('date' => $timestamp, 'artid' => $where));
                        }
                        $savedtime = 1;
                    } elseif (in_array($setting, array('pubstartday', 'pubstartmonth', 'pubstartyear', 'pubstartminute', 'pubstarthour', 'pub_start'))) {
                        // are all zero? then skip
                        if (empty($_POST['tp_article_pubstarthour']) && empty($_POST['tp_article_pubstartminute']) && empty($_POST['tp_article_pubstartmonth']) && empty($_POST['tp_article_pubstartday']) && empty($_POST['tp_article_pubstartyear'])) {
                            $smcFunc['db_query']('', '
									UPDATE {db_prefix}tp_articles 
									SET pub_start = {int:start}
									WHERE id = {int:artid} LIMIT 1', array('start' => 0, 'artid' => $where));
                        } else {
                            $timestamp = mktime($_POST['tp_article_pubstarthour'], $_POST['tp_article_pubstartminute'], 0, $_POST['tp_article_pubstartmonth'], $_POST['tp_article_pubstartday'], $_POST['tp_article_pubstartyear']);
                        }
                        if (!isset($pubstart)) {
                            $smcFunc['db_query']('', '
									UPDATE {db_prefix}tp_articles 
									SET pub_start = {int:start} 
									WHERE id = {int:artid} LIMIT 1', array('start' => $timestamp, 'artid' => $where));
                        }
                        $pubstart = 1;
                    } elseif (in_array($setting, array('pubendday', 'pubendmonth', 'pubendyear', 'pubendminute', 'pubendhour', 'pub_start'))) {
                        // are all zero? then skip
                        if (empty($_POST['tp_article_pubendhour']) && empty($_POST['tp_article_pubendminute']) && empty($_POST['tp_article_pubendmonth']) && empty($_POST['tp_article_pubendday']) && empty($_POST['tp_article_pubendyear'])) {
                            $smcFunc['db_query']('', '
									UPDATE {db_prefix}tp_articles 
									SET pub_end = {int:end}
									WHERE id = {int:artid} LIMIT 1', array('end' => 0, 'artid' => $where));
                        } else {
                            $timestamp = mktime($_POST['tp_article_pubendhour'], $_POST['tp_article_pubendminute'], 0, $_POST['tp_article_pubendmonth'], $_POST['tp_article_pubendday'], $_POST['tp_article_pubendyear']);
                        }
                        if (!isset($pubend)) {
                            $smcFunc['db_query']('', '
									UPDATE {db_prefix}tp_articles 
									SET pub_end = {int:end}
									WHERE id = {int:artid} LIMIT 1', array('end' => $timestamp, 'artid' => $where));
                        }
                        $pubend = 1;
                    } elseif (substr($setting, 0, 8) == 'options_') {
                        if (substr($setting, 0, 19) == 'options_lblockwidth' || substr($setting, 0, 19) == 'options_rblockwidth') {
                            $options[] = substr($setting, 8) . $value;
                        } else {
                            $options[] = substr($setting, 8);
                        }
                    } elseif (in_array($setting, array('body_mode', 'intro_mode', 'illupload', 'body_pure', 'body_choice'))) {
                        // ignore it
                        continue;
                    } elseif ($setting == 'approved') {
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_articles 
							SET approved = {int:approved} 
							WHERE id = {int:artid} LIMIT 1', array('approved' => $value, 'artid' => $where));
                        if ($value == 1) {
                            $smcFunc['db_query']('', '
								DELETE FROM {db_prefix}tp_variables 
								WHERE type = {string:type} 
								AND value5 = {int:val5}', array('type' => 'art_not_approved', 'val5' => $where));
                        } elseif ($new) {
                            $smcFunc['db_insert']('replace', '{db_prefix}tp_variables', array('type' => 'string', 'value5' => 'int'), array('art_not_approved', $where), array('id'));
                        }
                    } else {
                        $smcFunc['db_query']('', '
							UPDATE {db_prefix}tp_articles 
							SET ' . $setting . ' = {string:val}
							WHERE id = {int:artid} LIMIT 1', array('val' => $value, 'artid' => $where));
                    }
                }
            }
            // if this was a new article
            if ($_POST['tp_article_approved'] == 1 && $_POST['tp_article_off'] == 0) {
                tp_recordevent($timestamp, $_POST['tp_article_authorid'], 'tp-createdarticle', 'page=' . $where, 'Creation of new article.', isset($allowed) ? $allowed : 0, $where);
            }
            $smcFunc['db_query']('', '
				UPDATE {db_prefix}tp_articles 
				SET options = {string:opt} 
				WHERE id = {int:artid} LIMIT 1', array('opt' => implode(',', $options), 'artid' => $where));
        }
    } else {
        return;
    }
}
Example #2
0
function TPcollectSnippets()
{
    global $boarddir;
    // fetch any blockcodes in blockcodes folder
    $codefiles = array();
    if ($handle = opendir($boarddir . '/tp-files/tp-blockcodes')) {
        while (false !== ($file = readdir($handle))) {
            if ($file != '.' && $file != '..' && $file != '.htaccess' && substr($file, strlen($file) - 10, 10) == '.blockcode') {
                $snippet = TPparseModfile(file_get_contents($boarddir . '/tp-files/tp-blockcodes/' . $file), array('name', 'author', 'version', 'date', 'description'));
                $codefiles[] = array('file' => substr($file, 0, strlen($file) - 10), 'name' => $snippet['name'], 'author' => $snippet['author'], 'text' => $snippet['description']);
            }
        }
        closedir($handle);
    }
    return $codefiles;
}