} } // nacteni dat if ($new) { if (!isset($q)) { $q = array(); } $q += array('id' => null, 'old' => '', 'new' => '', 'active' => '1'); } else { $q = DB::query_row('SELECT * FROM `' . _mysql_prefix . '-redir` WHERE id=' . $edit_id); if ($q === false) { break; } } // formular $output .= $message . "\n<form action='' method='post'>\n<table class='formtable'>\n\n<tr>\n <td class='rpad'><strong>" . $_lang['admin.content.redir.old'] . "</strong></td>\n <td><input type='text' name='old' value='" . $q['old'] . "' class='inputmedium' maxlength='255' /></td>\n</tr>\n\n<tr>\n <td class='rpad'><strong>" . $_lang['admin.content.redir.new'] . "</strong></td>\n <td><input type='text' name='new' value='" . $q['new'] . "' class='inputmedium' maxlength='255' /></td>\n</tr>\n\n<tr>\n <td class='rpad'><strong>" . $_lang['admin.content.redir.act'] . "</strong></td>\n <td><input type='checkbox' name='act' value='1'" . _checkboxActivate($q['active']) . " /></td>\n</tr>\n\n<tr>\n <td></td>\n <td><input type='submit' value='" . $_lang['global.' . ($new ? 'create' : 'save')] . "' /></td>\n</tr>\n\n</table>\n" . _xsrfProtect() . "</form>"; } while (false); } elseif (isset($_GET['del']) && _xsrfCheck(true)) { // smazani DB::query('DELETE FROM `' . _mysql_prefix . '-redir` WHERE id=' . intval($_GET['del'])); $output .= _formMessage(1, $_lang['global.done']); } elseif (isset($_GET['wipe'])) { // smazani vsech if (isset($_POST['wipe_confirm'])) { DB::query('TRUNCATE TABLE `' . _mysql_prefix . '-redir`'); $output .= _formMessage(1, $_lang['global.done']); } else { $output .= "\n<form action='' method='post' class='formbox'>\n" . _formMessage(2, $_lang['admin.content.redir.act.wipe.confirm']) . "\n<input type='submit' name='wipe_confirm' value='" . $_lang['admin.content.redir.act.wipe.submit'] . "' />\n" . _xsrfProtect() . "</form>\n"; } } // tabulka
} if (isset($_GET['created'])) { $message = _formMessage(1, $_lang['global.created']); } // wysiwyg editor $output .= _admin_wysiwyg(); // vypocet hodnoceni if (!$new) { if ($query['ratenum'] != 0) { $rate = DB::result(DB::query("SELECT ROUND(ratesum/ratenum) FROM `" . _mysql_prefix . "-articles` WHERE id=" . $query['id']), 0) . "%, " . $query['ratenum'] . "x"; } else { $rate = $_lang['article.rate.nodata']; } } else { $rate = ""; } // seo title input $seo_input = "<input type='text' name='title_seo' value='" . $query['title_seo'] . "' maxlength='255' class='input" . ($author_select != '' ? 'medium' : 'big') . "' />"; // obrazek $picture = ''; if (isset($query['picture_uid'])) { $picture .= "<img src='" . _pictureStorageGet(_indexroot . 'pictures/articles/', null, $query['picture_uid'], 'jpg') . "' alt='article picture' id='is-picture-file' />\n<label id='is-picture-delete'><input type='checkbox' name='picture-delete' value='1' /> <img src='images/icons/delete3.png' class='icon' alt='" . $_lang['global.delete'] . "' /></label>"; } else { $picture .= "<img src='images/art-no-pic.png' alt='no picture' />\n"; } $picture .= "<input type='file' name='picture' id='is-picture-upload' />\n"; // formular $output .= "\n<a href='" . $backlink . "' class='backlink'>< " . $_lang['global.return'] . "</a>\n<h1>" . $_lang['admin.content.articles.edit.title'] . "</h1>\n<p class='bborder'>" . $_lang['admin.content.articles.edit.p'] . "</p>" . $message . "\n\n" . (($new == true and _loginright_adminneedconfirm) ? _admin_smallNote($_lang['admin.content.articles.edit.newconfnote']) : '') . "\n" . ($query['confirmed'] != 1 ? _admin_smallNote($_lang['admin.content.articles.edit.confnote']) : '') . "\n\n" . (!$new && DB::result(DB::query('SELECT COUNT(*) FROM `' . _mysql_prefix . '-articles` WHERE `id`!=' . $query['id'] . ' AND `home1`=' . $query['home1'] . ' AND `title_seo`=\'' . $query['title_seo'] . '\''), 0) != 0 ? _formMessage(2, $_lang['admin.content.form.title_seo.collision']) : '') . "\n\n<form class='cform' action='index.php?p=content-articles-edit" . $actionplus . "' method='post' enctype='multipart/form-data' name='artform'" . _jsCheckForm("artform", array("title")) . ">\n\n<table class='formtable'>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['article.category'] . "</strong></td>\n<td>" . _admin_rootSelect("home1", 2, $query['home1'], false) . " " . _admin_rootSelect("home2", 2, $query['home2'], true) . " " . _admin_rootSelect("home3", 2, $query['home3'], true) . "</td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n<td><input type='text' name='title' value='" . $query['title'] . "' class='inputbig' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title_seo'] . "</strong></td>\n<td>" . ($author_select == '' ? $seo_input : "\n <table class='ae-twoi'><tr>\n <td>" . $seo_input . "</td>\n <td class='rpad'><strong>" . $_lang['article.author'] . "</strong></td>\n <td>" . $author_select . "</td>\n </tr></table>\n") . "</td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.description'] . "</strong></td>\n<td>\n <table class='ae-twoi'><tr>\n <td><input type='text' name='description' value='" . $query['description'] . "' maxlength='128' class='inputmedium' /></td>\n <td class='rpad'><strong>" . $_lang['admin.content.form.keywords'] . "</strong></td>\n <td><input type='text' name='keywords' value='" . $query['keywords'] . "' maxlength='128' class='inputmedium' /></td>\n </tr></table>\n</td>\n</tr>\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['admin.content.form.perex'] . "</strong></td>\n<td><textarea name='perex' rows='9' cols='94' class='areabigperex codemirror'>" . _htmlStr($query['perex']) . "</textarea></td>\n</tr>\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['admin.content.form.content'] . "</strong>" . $artlink . "</td>\n<td>\n\n <table id='ae-table'>\n <tr class='valign-top'>\n <td id='content-cell'>\n <textarea name='content' rows='25' cols='68' class='wysiwyg_editor" . (!_wysiwyg || !_loginwysiwyg ? ' codemirror' : '') . "'>" . _htmlStr($query['content']) . "</textarea>\n </td>\n <td id='is-cell'>\n <div id='is-cell-wrapper'>\n <div id='is-cell-content'>\n\n <h2>" . $_lang['admin.content.form.picture'] . "</h2>\n <div id='is-picture'>" . $picture . "</div>\n\n <h2>" . $_lang['admin.content.form.settings'] . "</h2>\n <p id='is-settings'>\n <label><input type='checkbox' name='public' value='1'" . _checkboxActivate($query['public']) . " /> " . $_lang['admin.content.form.public'] . "</label>\n <label><input type='checkbox' name='visible' value='1'" . _checkboxActivate($query['visible']) . " /> " . $_lang['admin.content.form.visible'] . "</label>\n " . (_loginright_adminconfirm || !_loginright_adminneedconfirm && $query['author'] == _loginid ? "<label><input type='checkbox' name='confirmed' value='1'" . _checkboxActivate($query['confirmed']) . " /> " . $_lang['admin.content.form.confirmed'] . "</label>" : '') . "\n <label><input type='checkbox' name='comments' value='1'" . _checkboxActivate($query['comments']) . " /> " . $_lang['admin.content.form.comments'] . "</label>\n <label><input type='checkbox' name='commentslocked' value='1'" . _checkboxActivate($query['commentslocked']) . " /> " . $_lang['admin.content.form.commentslocked'] . "</label>\n <label><input type='checkbox' name='rateon' value='1'" . _checkboxActivate($query['rateon']) . " /> " . $_lang['admin.content.form.artrate'] . "</label>\n <label><input type='checkbox' name='showinfo' value='1'" . _checkboxActivate($query['showinfo']) . " /> " . $_lang['admin.content.form.showinfo'] . "</label>\n " . (!$new ? "<label><input type='checkbox' name='resetrate' value='1' /> " . $_lang['admin.content.form.resetartrate'] . " <small>(" . $rate . ")</small></label>" : '') . "\n " . (!$new ? "<label><input type='checkbox' name='delcomments' value='1' /> " . $_lang['admin.content.form.delcomments'] . " <small>(" . DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-posts` WHERE home=" . $query['id'] . " AND type=2"), 0) . ")</small></label>" : '') . "\n " . (!$new ? "<label><input type='checkbox' name='resetread' value='1' /> " . $_lang['admin.content.form.resetartread'] . " <small>(" . $readed_counter . ")</small></label>" : '') . "\n </p>\n\n <h2>" . $_lang['admin.content.form.infobox'] . "</h2>\n <div id='infobox-wrapper'>\n <textarea name='infobox' rows='10' cols='20' class='codemirror'>" . _htmlStr($query['infobox']) . "</textarea>\n </div>\n\n </div>\n </div>\n </td>\n </tr>\n </table>\n\n</td>\n</tr>\n\n<tr id='time-cell'>\n<td class='rpad'><strong>" . $_lang['article.posted'] . "</strong></td>\n<td>" . _editTime('time', $query['time'], true, $new) . "</td>\n</tr>\n\n<tr>\n<td></td>\n<td id='ae-lastrow'><br /><input type='submit' value='" . $_lang[$submittext] . "' />\n" . (!$new ? "\n \n<span class='customsettings'><a href='index.php?p=content-articles-delete&id=" . $query['id'] . "&returnid=" . $query['home1'] . "&returnpage=1'><span><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['global.delete'] . "</span></a></span> \n<span class='customsettings'><small>" . $_lang['admin.content.form.thisid'] . " " . $query['id'] . "</small></span>\n" : '') . "\n\n</td>\n</tr>\n\n</table>\n\n" . _xsrfProtect() . "</form>\n\n"; } else { $output .= "<a href='index.php?p=content-articles' class='backlink'>< " . $_lang['global.return'] . "</a>\n<h1>" . $_lang['admin.content.articles.edit.title'] . "</h1>\n" . _formMessage(3, $_lang['global.badinput']); }
<?php /* --- kontrola jadra --- */ if (!defined('_core')) { exit; } /* --- nastaveni a vlozeni skriptu pro upravu stranky --- */ $type = 2; require 'require/sub/content-editscript-init.php'; if ($continue) { // vyber zpusobu razeni clanku $artorder_select = ""; for ($x = 1; $x <= 4; $x++) { if ($x == $query['var1']) { $selected = " selected='selected'"; } else { $selected = ""; } $artorder_select .= "<option value='" . $x . "'" . $selected . ">" . $_lang['admin.content.form.artorder.' . $x] . "</option>"; } $custom_settings = $_lang['admin.content.form.artorder'] . " <select name='var1'>" . $artorder_select . "</select> " . $_lang['admin.content.form.artsperpage'] . " <input type='text' name='var2' value='" . $query['var2'] . "' class='inputmini' /></span>\n </span> <span class='customsettings'>\n <label><input type='checkbox' name='var3' value='1'" . _checkboxActivate($query['var3']) . " /> " . $_lang['admin.content.form.showinfo'] . "</label>\n <label><input type='checkbox' name='var4' value='1'" . _checkboxActivate($query['var4']) . " /> " . $_lang['admin.content.form.showpics'] . "</label>\n "; $custom_array = array(array("var1", false, 2, false), array("var2", false, 2, false), array("var3", true, 0, false), array("var4", true, 0, false)); } require 'require/sub/content-editscript.php';
<?php /* --- kontrola jadra --- */ if (!defined('_core')) { exit; } /* --- nastaveni a vlozeni skriptu pro upravu stranky --- */ $type = 1; require 'require/sub/content-editscript-init.php'; if ($continue) { $custom_array = array(array("var1", true, 0, false), array("var2", true, 0, false), array("var3", true, 0, false), array("delcomments", true, 0, false)); $custom_settings = "\n <label><input type='checkbox' name='var1' value='1'" . _checkboxActivate($query['var1']) . " /> " . $_lang['admin.content.form.comments'] . "</label> \n <label><input type='checkbox' name='var3' value='1'" . _checkboxActivate($query['var3']) . " /> " . $_lang['admin.content.form.commentslocked'] . "</label>\n "; if (!$new) { $custom_settings .= " <label><input type='checkbox' name='delcomments' value='1' /> " . $_lang['admin.content.form.delcomments'] . "</label> <small>(" . DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-posts` WHERE home=" . $id . " AND type=1"), 0) . ")</small>"; } } require 'require/sub/content-editscript.php';
// zprava if ($done != 0) { $output .= _formMessage(1, str_replace(array("*done*", "*total*"), array($done, $item_total), $_lang['admin.other.massemail.send'])); } else { $output .= _formMessage(2, $_lang['admin.other.massemail.noreceiversfound']); } } else { // vypis emailu $emails_total = DB::size($query); if ($emails_total != 0) { $emails = ''; $email_counter = 0; while ($item = DB::row($query)) { ++$email_counter; $emails .= $item['email']; if ($email_counter !== $emails_total) { $emails .= ','; } } $output .= _formMessage(1, "<textarea class='areasmallwide' rows='9' cols='33' name='list'>" . $emails . "</textarea>"); } else { $output .= _formMessage(2, $_lang['admin.other.massemail.noreceiversfound']); } } } else { $output .= _formMessage(2, _eventList($errors, 'errors')); } } /* --- vystup --- */ $output .= "\n<br />\n<form class='cform' action='index.php?p=other-massemail' method='post'>\n<table class='formtable'>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.other.massemail.sender'] . "</strong></td>\n<td><input type='text' name='sender'" . _restorePostValue("sender", _sysmail) . " class='inputbig' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['posts.subject'] . "</strong></td>\n<td><input type='text' name='subject' class='inputbig'" . _restorePostValue("subject") . " /></td>\n</tr>\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['admin.other.massemail.receivers'] . "</strong></td>\n<td>" . _admin_authorSelect("receivers", -1, "1", "selectbig", null, true, 4) . "</td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.other.massemail.ctype'] . "</strong></td>\n<td>\n <select name='ctype' class='selectbig'>\n <option value='1'>" . $_lang['admin.other.massemail.ctype.1'] . "</option>\n <option value='2'" . ((isset($_POST['ctype']) and $_POST['ctype'] == 2) ? " selected='selected'" : '') . ">" . $_lang['admin.other.massemail.ctype.2'] . "</option>\n </select>\n</td>\n</tr>\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['admin.other.massemail.text'] . "</strong></td>\n<td><textarea name='text' class='areabig' rows='9' cols='94'>" . _restorePostValue("text", null, true) . "</textarea></td>\n</tr>\n\n<tr><td></td>\n<td><input type='submit' value='" . $_lang['global.send'] . "' /> <label><input type='checkbox' name='maillist' value='1'" . _checkboxActivate(_checkboxLoad("maillist")) . " /> " . $_lang['admin.other.massemail.maillist'] . "</label></td>\n</tr>\n\n</table>\n" . _xsrfProtect() . "</form>\n";
if ($continue) { $output .= "\n<a href='index.php?p=content-editgallery&id=" . $g . "' class='backlink'>< návrat zpět</a>\n<h1>" . $_lang['admin.content.manageimgs.title'] . "</h1>\n<p class='bborder'>" . str_replace("*galtitle*", $galdata['title'], $_lang['admin.content.manageimgs.p']) . "</p>\n\n" . $message . "\n\n<script type='text/javascript'>\n/* <![CDATA[ */\n\$(document).ready(function(){\n \$('.hs_fieldset').each(function(){\n var fieldset = this;\n var link = \$(fieldset).find('legend > a').get(0);\n var form = \$(fieldset).children('form');\n \$(form).hide();\n \$(link).click(function(){\n \$(form).slideToggle('fast');\n\n return false;\n });\n });\n});\n/* ]]> */\n</script>\n\n<fieldset>\n<legend>" . $_lang['admin.content.manageimgs.upload'] . "</legend>\n<form action='index.php?p=content-manageimgs&g=" . $g . "' method='post' enctype='multipart/form-data'>\n <p>" . sprintf($_lang['admin.content.manageimgs.upload.text'], _galuploadresize_w, _galuploadresize_h) . "</p>\n <input type='hidden' name='xaction' value='7' />\n <div id='fmanFiles'><input type='file' name='uf0[]' multiple='multiple' /> <a href='#' onclick='return _sysFmanAddFile();'>" . $_lang['admin.fman.upload.addfile'] . "</a></div>\n <div class='hr'><hr /></div>\n <p>\n <input type='submit' value='" . $_lang['admin.content.manageimgs.upload.submit'] . "' />" . (($uplimit = _getUploadLimit(true)) !== null ? " <small>" . $_lang['global.uploadlimit'] . ": <em>" . _getUploadLimit() . "MB</em>, " . $_lang['global.uploadext'] . ": <em>" . implode(', ', SL::$imageExt) . "</em></small>" : '') . "<br />\n <label><input type='checkbox' value='1' name='moveords' checked='checked' /> " . $_lang['admin.content.manageimgs.moveords'] . "</label>\n </p>\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n<fieldset class='hs_fieldset'>\n<legend><a href='#'>" . $_lang['admin.content.manageimgs.insert'] . "</a> <small>(" . $_lang['admin.content.manageimgs.insert.tip'] . ")</small></legend>\n<form action='index.php?p=content-manageimgs&g=" . $g . "' method='post' name='addform' onsubmit='_sysGalTransferPath(this);'>\n<input type='hidden' name='xaction' value='1' />\n\n<table>\n<tr class='valign-top'>\n\n<td>\n <table>\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n <td><input type='text' name='title' class='inputmedium' maxlength='64' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n <td><input type='text' name='ord' class='inputsmall' disabled='disabled' /> <label><input type='checkbox' name='moveords' value='1' checked='checked' onclick=\"_sysDisableField(this.checked, 'addform', 'ord');\" /> " . $_lang['admin.content.manageimgs.moveords'] . "</label></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.manageimgs.prev'] . "</strong></td>\n <td><input type='text' name='prev' class='inputsmall' disabled='disabled' /> <label><input type='checkbox' name='autoprev' value='1' checked='checked' onclick=\"_sysDisableField(this.checked, 'addform', 'prev');\" /> " . $_lang['admin.content.manageimgs.autoprev'] . "</label></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.manageimgs.full'] . "</strong></td>\n <td><input type='text' name='full' class='inputmedium' /></td>\n </tr>\n\n <tr>\n <td></td>\n <td><input type='submit' value='" . $_lang['global.insert'] . "' /></td>\n </tr>\n\n </table>\n</td>\n\n<td>\n" . (_loginright_adminfman ? "<div id='gallery-browser'>\n " . (!isset($_GET['browserpath']) ? "<a href='#' onclick=\"return _sysGalBrowse('" . urlencode(_upload_dir) . (_loginright_adminfmanlimit ? _loginname . '%2F' : '') . "');\"><img src='images/icons/loupe.png' alt='browse' class='icon' />" . $_lang['admin.content.manageimgs.insert.browser.link'] . "</a>" : "<script type='text/javascript'>_sysGalBrowse('" . _htmlStr($_GET['browserpath']) . "');</script>") . "\n</div>" : '') . "\n</td>\n\n</tr>\n</table>\n\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n"; // strankovani $paging = _resultPaging("index.php?p=content-manageimgs&g=" . $g, $galdata['var2'], "images", "home=" . $g); $s = $paging[2]; $output .= "\n<fieldset>\n<legend>" . $_lang['admin.content.manageimgs.current'] . "</legend>\n<form action='index.php?p=content-manageimgs&g=" . $g . "&page=" . $s . "' method='post' name='editform'>\n<input type='hidden' name='xaction' value='4' />\n\n<input type='submit' value='" . $_lang['admin.content.manageimgs.savechanges'] . "' class='gallery-savebutton' />\n" . $paging[0] . "\n<div class='cleaner'></div>"; // vypis obrazku $images = DB::query("SELECT * FROM `" . _mysql_prefix . "-images` WHERE home=" . $g . " ORDER BY ord " . $paging[1]); $images_forms = array(); if (DB::size($images) != 0) { // sestaveni formularu while ($image = DB::row($images)) { // kod nahledu $preview = _galleryImage($image, "1", $galdata['var4'], $galdata['var3']); // kod formulare $images_forms[] .= "\n<table>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_title' class='inputmedium' value='" . $image['title'] . "' maxlength='64' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_ord' class='inputmedium' value='" . $image['ord'] . "' /></td>\n</tr>\n\n" . (!$image['in_storage'] ? "<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.manageimgs.prev'] . "</strong></td>\n<td><input type='hidden' name='i" . $image['id'] . "_prevtrigger' value='1' /><input type='text' name='i" . $image['id'] . "_prev' class='inputsmall' value='" . $image['prev'] . "'" . _inputDisable($image['prev'] != "") . " /> <label><input type='checkbox' name='i" . $image['id'] . "_autoprev' value='1' onclick=\"_sysDisableField(checked, 'editform', 'i" . $image['id'] . "_prev');\"" . _checkboxActivate($image['prev'] == "") . " /> " . $_lang['admin.content.manageimgs.autoprev'] . "</label></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.manageimgs.full'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_full' class='inputmedium' value='" . $image['full'] . "' /></td>\n</tr>" : '') . "\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['global.preview'] . "</strong></td>\n<td>" . $preview . "<br /><br /><a href='" . _xsrfLink("index.php?p=content-manageimgs&g=" . $g . "&page=" . $s . "&del=" . $image['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['admin.content.manageimgs.delete'] . "</a></td>\n</tr>\n\n</table>\n "; } // sestaveni tabulky formularu po dvou $output .= "\n<table id='gallery-edittable'>"; $count = count($images_forms); for ($i = 0; $i < $count; $i += 2) { if (isset($images_forms[$i])) { $output .= "<tr><td" . (0 === $i % 2 && !isset($images_forms[$i + 1]) && 1 !== $count ? ' colspan="2"' : '') . " class='gallery-edittable-td'>\n" . $images_forms[$i] . "\n</td>\n"; if (isset($images_forms[$i + 1])) { $output .= "<td class='gallery-edittable-td'>\n" . $images_forms[$i + 1] . "\n</td></tr>\n"; } else { $output .= '</tr>' . _nl; } } } $output .= '</table>';
define('_redirect_to', 'index.php?p=content-polls-edit&id=' . $id . '&saved'); return; } else { DB::query("INSERT INTO `" . _mysql_prefix . "-polls` (author,question,answers,locked,votes) VALUES (" . $author . ",'" . $question . "','" . $answers . "'," . $locked . ",'" . trim(str_repeat("0-", $answers_count), "-") . "')"); $newid = DB::insertID(); define('_redirect_to', 'index.php?p=content-polls-edit&id=' . $newid . '&created'); return; } } else { $message = _formMessage(2, _eventList($errors, 'errors')); } } /* --- vystup --- */ if ($continue) { // vyber autora if (_loginright_adminpollall) { $author_select = "\n <tr>\n <td class='rpad'><strong>" . $_lang['article.author'] . "</strong></td>\n <td>" . _admin_authorSelect("author", $query['author'], "adminpoll=1", "selectmedium") . "</td></tr>\n "; } else { $author_select = ""; } // zprava if (isset($_GET['saved'])) { $message = _formMessage(1, $_lang['global.saved']); } if (isset($_GET['created'])) { $message = _formMessage(1, $_lang['global.created']); } $output .= "\n <p class='bborder'>" . $_lang['admin.content.polls.edit.p'] . "</p>\n " . $message . "\n <form action='index.php?p=content-polls-edit" . $actionbonus . "' method='post'>\n <table class='formtable'>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.question'] . "</strong></td>\n <td><input type='text' name='question' class='inputmedium' value='" . $query['question'] . "' maxlength='64' /></td>\n </tr>\n\n " . $author_select . "\n\n <tr class='valign-top'>\n <td class='rpad'><strong>" . $_lang['admin.content.form.answers'] . "</strong></td>\n <td><textarea name='answers' rows='25' cols='94' class='areamedium'>" . $query['answers'] . "</textarea></td>\n </tr>\n\n " . (!$new ? "<tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.hcm'] . "</strong></td>\n <td><input type='text' name='hcm' value='[hcm]poll," . $id . ",150[/hcm]' readonly='readonly' onclick='this.select();' class='inputmedium' /></td>\n </tr>" : '') . "\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n <td>\n <label><input type='checkbox' name='locked' value='1'" . _checkboxActivate($query['locked']) . " /> " . $_lang['admin.content.form.locked'] . "</label> \n " . (!$new ? "<label><input type='checkbox' name='reset' value='1' /> " . $_lang['admin.content.polls.reset'] . "</label>" : '') . "\n </td>\n </tr>\n\n <tr><td></td>\n <td><input type='submit' value='" . $submitcaption . "' />" . (!$new ? " <small>" . $_lang['admin.content.form.thisid'] . " " . $id . "</small> <span class='customsettings'><a href='index.php?p=content-polls&del=" . $id . "' onclick='return _sysConfirm();'><span><img src='images/icons/delete.png' class='icon' alt='del' /> " . $_lang['global.delete'] . "</span></a>" : '') . "</span></td>\n </tr>\n\n </table>\n " . _xsrfProtect() . "</form>\n "; } else { $output .= _formMessage(3, $_lang['global.badinput']); }
function _tmp_installer_install() { global $_lang, $self, $is_clean; // krok static $steps = 3; if (isset($_POST['step'])) { $step = intval($_POST['step']); if ($step < 1 || $step > $steps) { $step = 1; } } else { $step = 1; } $fname = basename(__FILE__); if (!empty($_POST)) { echo '<a href="./' . $fname . '" id="cancelink">' . $_lang['global.cancel'] . '</a>'; } ?> <h2><?php echo str_replace(array('*step*', '*steps*', '*name*'), array($step, $steps, $_lang['step.' . $step]), $_lang['install']); ?> </h2> <form action="./<?php echo $fname; ?> " method="post" name="instform" autocomplete="off"> <?php switch ($step) { // kontrola case 1: if (isset($_POST['check'])) { // nacteni a kontrola existence souboru $a_files = $self->listFilesOnPath('/files/'); $conflicts = array(); $counter = 0; $err_limit = 10; for ($i = 0; isset($a_files[$i]); ++$i) { $path = './' . substr($a_files[$i], 7); if (file_exists($path)) { ++$counter; if ($counter <= $err_limit) { $conflicts[] = str_replace('*path*', $path, $_lang['step.1.err.file']); } } } if ($counter > $err_limit) { $conflicts[] = str_replace('*n*', $counter - $err_limit, $_lang['step.1.err.file.etc']); } // zprava nebo pokracovani if (empty($conflicts)) { // vse je ok $step = 2; echo '<p class="green center">' . $_lang['step.1.ok'] . '</p>'; echo '<p class="center"><input type="submit" value="' . $_lang['global.continue'] . '"></p>'; break; } else { // jsou chyby echo '<p class="red">' . $_lang['step.1.err'] . ':</p>'; echo "<ul>\n"; for ($i = 0; isset($conflicts[$i]); ++$i) { echo "<li>" . $conflicts[$i] . "</li>\n"; } echo "</ul>"; } } echo '<p class="center"><input type="submit" name="check" value="' . $_lang['step.1.submit'] . '"></p>'; break; // konfigurace & instalace // konfigurace & instalace case 2: case 3: // navrat z kroku 3 if (isset($_POST['return_to_cfg'])) { $step = 2; unset($_POST['return_to_cfg']); } // instalace $install = $step == 3; if (isset($_POST['sys_url'])) { // zpracovat url $_POST['sys_url'] = _removeSlashesFromEnd($_POST['sys_url']); // kontroly $err = null; do { // prefix $prefix = trim($_POST['db_prefix']); if ($prefix === '') { $err = str_replace('*input*', $_lang['step.2.db.prefix'], $_lang['step.2.err.empty']); break; } // ucet administratora $_POST['admin_name'] = _anchorStr(trim($_POST['admin_name']), false); $_POST['admin_email'] = trim($_POST['admin_email']); // pouze pro cistou instalaci if ($is_clean) { // vynutit ucet administratora if ($_POST['admin_name'] === '') { $err = str_replace('*input*', $_lang['step.2.admin.name'], $_lang['step.2.err.empty']); break; } if ($_POST['admin_pwd'] === '') { $err = str_replace('*input*', $_lang['step.2.admin.pwd'], $_lang['step.2.err.empty']); break; } if ($_POST['admin_email'] === '' || $_POST['admin_email'] === '@') { $err = str_replace('*input*', $_lang['step.2.admin.email'], $_lang['step.2.err.empty']); break; } // titulek stranek $_POST['sys_title'] = trim($_POST['sys_title']); if ($_POST['sys_title'] === '') { $err = str_replace('*input*', $_lang['step.2.sys.title'], $_lang['step.2.err.empty']); break; } // popis, klicova slova $_POST['sys_descr'] = trim($_POST['sys_descr']); $_POST['sys_kwrds'] = trim($_POST['sys_kwrds']); } // email administratora if ($_POST['admin_email'] !== '' && $_POST['admin_email'] !== '@' && !_validateEmail($_POST['admin_email'])) { $err = $_lang['step.2.err.admin.email']; break; } // heslo administratora if ($_POST['admin_pwd'] !== '' && $_POST['admin_pwd'] !== $_POST['admin_pwd2']) { $err = $_lang['step.2.err.admin.pwd']; break; } // DB port $server = $_POST['db_server']; if (false !== ($serverColonPos = strpos($server, ':'))) { $port = (int) substr($server, $serverColonPos + 1); $server = substr($server, 0, $serverColonPos); } else { $port = ini_get('mysqli.default_port'); } // pripojeni $con = @mysqli_connect($server, $_POST['db_user'], $_POST['db_pwd'], $_POST['db_name'], $port); if (!is_object($con)) { $err = $_lang['step.2.err.con'] . '<br><code>' . _htmlStr(mysqli_connect_error()) . '</code>'; break; } // kodovani a konstanty DB::$con = $con; DB::$con->set_charset('utf8'); DB::query('SET sql_mode=\'\''); define('_mysql_prefix', $prefix); // existence tabulek $prefix = DB::esc($prefix); $q = DB::query('SHOW TABLES LIKE \'' . $prefix . '-%\''); $tables = array(); while ($r = DB::rown($q)) { $tables[] = $r[0]; } if (!empty($tables) && !isset($_POST['db_overwrite'])) { $err = $_lang['step.2.err.tables'] . ':<br><br>• ' . implode("<br>\n• ", $tables); break; } // vse ok if ($install) { if (!isset($_POST['do_install'])) { // potvrzeni echo _getPostdata(false, null, array('step')); echo '<p class="green center">' . $_lang['step.3.text'] . '</p>'; echo '<p class="center"> <input type="submit" name="do_install" value="' . $_lang['step.3.submit'] . '" onclick="if (window.sl_install_process) return false; else {window.sl_install_process = true; this.value=\'' . $_lang['step.3.wait'] . '\'}"> <input type="submit" name="return_to_cfg" value="' . $_lang['step.3.return'] . '"> </p>'; } else { // provedeni $err = null; try { // rozbalit soubory $self->extractFiles('./', '/files/', false, true, array($self->vars['void'])); // vytvorit konfiguracni soubor global $cfg_locale, $cfg_timezone; file_put_contents('./config.php', str_replace(array('/* @@@server@@@ */', '/* @@@user@@@ */', '/* @@@password@@@ */', '/* @@@database@@@ */', '/* @@@prefix@@@ */', '/* @@@locale@@@ */', '/* @@@timezone@@@ */'), array(var_export($_POST['db_server'], true), var_export($_POST['db_user'], true), var_export($_POST['db_pwd'], true), var_export($_POST['db_name'], true), var_export($prefix, true), var_export($cfg_locale, true), var_export($cfg_timezone, true)), $self->getFile('/files/data/installer/config.php.tpl'))); // smazat tabulky z databaze? if (!empty($tables)) { for ($i = 0; isset($tables[$i]); ++$i) { DB::query('DROP TABLE `' . $tables[$i] . '`', true); if (($sql_err = DB::error()) !== '') { throw new _InstallException($_lang['step.3.err.drop'] . '<br><code>' . $sql_err . '</code>'); } } } // deaktivovat kontrolu verze function _checkVersion() { return true; } // vytvorit strukturu databaze $dbdump = new DBDump(); $dbdump->importTables($self->getFile('/database/struct')); // nacist data $data_stream = $self->getFileStream('/database/data'); $dbdump->importData($data_stream); $data_stream->free(); // aktualizovat url DB::query('UPDATE `' . $prefix . '-settings` SET `val`=' . DB::val($_POST['sys_url']) . ' WHERE `var`=\'url\''); // vypnout mod rewrite pokud neexistuje .htaccess if (!file_exists(_indexroot . '.htaccess')) { DB::query('UPDATE `' . $prefix . '-settings` SET `val`=0 WHERE `var`=\'modrewrite\''); } // upravit ucet administratora $admin_upd = array(); if ($_POST['admin_name'] !== '') { $admin_upd['username'] = $_POST['admin_name']; if (!$is_clean) { $admin_upd['publicname'] = ''; } } if ($_POST['admin_email'] !== '' && $_POST['admin_email'] !== '@') { $admin_upd['email'] = $_POST['admin_email']; } if ($_POST['admin_pwd'] !== '') { $admin_pwd = _md5Salt($_POST['admin_pwd']); $admin_upd['password'] = $admin_pwd[0]; $admin_upd['salt'] = $admin_pwd[1]; } if ($is_clean) { $admin_upd['registertime'] = time(); $admin_upd['activitytime'] = time(); } if (!empty($admin_upd)) { $admin_upd_sql = ''; $counter = 0; foreach ($admin_upd as $col => $val) { if ($counter !== 0) { $admin_upd_sql .= ','; } $admin_upd_sql .= '`' . $col . '`=' . DB::val($val); ++$counter; } DB::query('UPDATE `' . $prefix . '-users` SET ' . $admin_upd_sql . ' WHERE id=0'); } // aktualizovat titulek, klic. slova a popis if ($is_clean) { DB::query('UPDATE `' . $prefix . '-settings` SET `val`=' . DB::val(_htmlStr($_POST['sys_title'])) . ' WHERE `var`=\'title\''); DB::query('UPDATE `' . $prefix . '-settings` SET `val`=' . DB::val(_htmlStr($_POST['sys_kwrds'])) . ' WHERE `var`=\'keywords\''); DB::query('UPDATE `' . $prefix . '-settings` SET `val`=' . DB::val(_htmlStr($_POST['sys_descr'])) . ' WHERE `var`=\'description\''); } // vypnout mod_rewrite DB::query('UPDATE `' . $prefix . '-settings` SET `val`=\'0\' WHERE `var`=\'mod_rewrite\''); // vynutit kontrolu instalace DB::query('UPDATE `' . $prefix . '-settings` SET `val`=\'1\' WHERE `var`=\'install_check\''); } catch (_InstallException $e) { $err = $e->getMessage(); } catch (Exception $e) { $err = _htmlStr($e->getMessage()); } // uspech ci chyba if (isset($err)) { echo '<p class="red">' . $err . '</p>'; echo '<p class="red">' . $_lang['step.3.err.warning'] . '</p>'; } else { echo '<p class="green center">' . str_replace('*fname*', $fname, $_lang['step.3.fin']) . '</p>'; } } break 2; } else { $step = 3; echo '<p class="green center">' . $_lang['step.2.ok'] . '</p>'; } } while (false); // chyba if (isset($err)) { echo '<p class="red">' . $err . '</p>'; } } ?> <table> <thead><th colspan="2"><?php echo $_lang['step.2.sys']; ?> </th></thead> <tbody> <tr> <th><?php echo $_lang['step.2.sys.url']; ?> </th> <td><input type="text" name="sys_url"<?php echo _restorePostValue('sys_url'); ?> ></td> </tr> <?php if ($is_clean) { ?> <tr> <th><?php echo $_lang['step.2.sys.title']; ?> </th> <td><input type="text" name="sys_title"<?php echo _restorePostValue('sys_title'); ?> ></td> </tr> <tr> <th><?php echo $_lang['step.2.sys.descr']; ?> </th> <td><input type="text" name="sys_descr"<?php echo _restorePostValue('sys_descr'); ?> ></td> </tr> <tr> <th><?php echo $_lang['step.2.sys.kwrds']; ?> </th> <td><input type="text" name="sys_kwrds"<?php echo _restorePostValue('sys_kwrds'); ?> ></td> </tr> <?php } ?> </tbody> </table> <script type="text/javascript"> // predvyplneni adresy if (document.instform.sys_url.value === '') { var loc = new String(document.location); var slash; var slash_last = 0; var limit = 0; while (true) { slash = loc.indexOf('/', slash_last); if (slash === -1) break; slash_last = slash + 1; } loc = loc.substr(0, slash_last); document.instform.sys_url.value = loc; } </script> <table> <thead> <tr><th colspan="2"><?php echo $_lang['step.2.admin']; ?> </th></tr> <?php if (!$is_clean) { ?> <tr><th colspan="2"><small><?php echo $_lang['step.2.admin.notice']; ?> </small></th></tr><?php } ?> </thead> <tbody> <tr> <th><?php echo $_lang['step.2.admin.name']; ?> </th> <td><input type="text" maxlength="24" name="admin_name"<?php echo _restorePostValue('admin_name'); ?> ></td> </tr> <tr> <th><?php echo $_lang['step.2.admin.email']; ?> </th> <td><input type="text" maxlength="100" name="admin_email"<?php echo _restorePostValue('admin_email', $is_clean ? '@' : null); ?> ></td> </tr> <tr> <th><?php echo $_lang['step.2.admin.pwd']; ?> </th> <td><input type="password" name="admin_pwd"<?php echo _restorePostValue('admin_pwd'); ?> ></td> </tr> <tr> <th><?php echo $_lang['step.2.admin.pwd2']; ?> </th> <td><input type="password" name="admin_pwd2"<?php echo _restorePostValue('admin_pwd2'); ?> ></td> </tr> </tbody> </table> <table> <thead><tr><th colspan="2"><?php echo $_lang['step.2.db']; ?> </th></tr></thead> <tbody> <tr> <th><?php echo $_lang['step.2.db.server']; ?> </th> <td><input type="text" name="db_server"<?php echo _restorePostValue('db_server', 'localhost'); ?> ></td> </tr> <tr> <th><?php echo $_lang['step.2.db.name']; ?> </th> <td><input type="text" name="db_name"<?php echo _restorePostValue('db_name'); ?> ></td> </tr> <tr> <th><?php echo $_lang['step.2.db.user']; ?> </th> <td><input type="text" name="db_user"<?php echo _restorePostValue('db_user'); ?> ></td> </tr> <tr> <th><?php echo $_lang['step.2.db.pwd']; ?> </th> <td><input type="password" name="db_pwd"<?php echo _restorePostValue('db_pwd'); ?> ></td> </tr> <tr> <th><?php echo $_lang['step.2.db.prefix']; ?> </th> <td><input type="text" maxlength="24" name="db_prefix"<?php echo _restorePostValue('db_prefix', 'sunlight'); ?> ></td> </tr> <tr> <th><?php echo $_lang['step.2.db.tables']; ?> </th> <td><label><input type="checkbox" name="db_overwrite"<?php echo _checkboxActivate(isset($_POST['db_overwrite'])); ?> value="1" onchange="if (this.checked && !confirm('<?php echo $_lang['step.2.db.tables.overwrite.confirm']; ?> ')) this.checked = false"> <?php echo $_lang['step.2.db.tables.overwrite']; ?> </label></td> </tr> </tbody> </table> <p class="center"><input type="submit" value="<?php echo $_lang[$step != 3 ? 'step.2.submit' : 'global.continue']; ?> "></p> <?php //<p class="warning"><?php echo $_lang['step.2.warning']</p> break; } ?> <input type="hidden" name="step" value="<?php echo $step; ?> "> </form> <?php }
<?php /* --- kontrola jadra --- */ if (!defined('_core')) { exit; } /* --- nastaveni a vlozeni skriptu pro upravu stranky --- */ $type = 7; require 'require/sub/content-editscript-init.php'; if ($continue) { $custom_settings = "\n <label><input type='checkbox' name='var1' value='1'" . _checkboxActivate($query['var1']) . " /> " . $_lang['admin.content.form.showinfo'] . "</label> \n <label><input type='checkbox' name='var2' value='1'" . _checkboxActivate($query['var2']) . " /> " . $_lang['admin.content.form.dropdown'] . "</label>\n "; $custom_array = array(array("var1", true, 0, false), array("var2", true, 0, false)); } require 'require/sub/content-editscript.php';
</tr> </table> </fieldset> <!-- *************** CRON *************** --> <fieldset id="settings_cron"> <legend>' . $_lang['admin.settings.cron'] . '</legend> <table> <tr> <td class="rpad"><strong>' . $_lang['admin.settings.cron.auto'] . '</strong></td> <td><input type="checkbox" name="cron_auto" class="inputsmaller" value="1"' . _checkboxActivate(_cron_auto) . ' /></td> <td class="lpad">' . $_lang['admin.settings.cron.auto.help'] . '</td> </tr> <tr> <td class="rpad"><strong>' . $_lang['admin.settings.cron.auth'] . '</strong></td> <td><input type="text" name="cron_auth" class="inputsmall" value="' . _htmlStr(SL::$settings['cron_auth']) . '" /></td> <td class="lpad">' . $_lang['admin.settings.cron.auth.help'] . '</td> </tr> <tr> <td class="rpad"><strong>' . $_lang['admin.settings.cron.maintenance_interval'] . '</strong></td> <td><input type="text" name="maintenance_interval" class="inputsmaller" value="' . _maintenance_interval . '" /></td> <td class="lpad">' . $_lang['admin.settings.cron.maintenance_interval.help'] . '</td> </tr>
// deinstalace case 2: $pass = $_POST['pass']; $confirm = _checkboxLoad("confirm"); if ($confirm) { $right_pass = DB::query_row("SELECT password,salt FROM `" . _mysql_prefix . "-users` WHERE id=0"); if (_md5Salt($pass, $right_pass['salt']) == $right_pass['password']) { // ziskani tabulek $tables = array(); $q = DB::query('SHOW TABLES LIKE \'' . _mysql_prefix . '-%\''); while ($r = DB::rown($q)) { $tables[] = $r[0]; } // odstraneni tabulek foreach ($tables as $table) { DB::query("DROP TABLE `" . $table . "`"); } // zprava _userLogout(); echo "<h1>" . $_lang['global.done'] . "</h1>\n<p>" . $_lang['admin.other.cleanup.uninstall.done'] . "</p>"; exit; } else { $message = _formMessage(2, $_lang['admin.other.cleanup.uninstall.badpass']); } } break; } } /* --- vystup --- */ $output .= $message . "\n<br />\n<fieldset>\n<legend>" . $_lang['admin.other.cleanup.cleanup'] . "</legend>\n<form class='cform' action='index.php?p=other-cleanup' method='post'>\n<input type='hidden' name='action' value='1' />\n<p>" . $_lang['admin.other.cleanup.cleanup.p'] . "</p>\n\n<table>\n<tr class='valign-top'>\n\n<td rowspan='2'>\n <fieldset>\n <legend>" . $_lang['mod.messages'] . "</legend>\n <label><input type='radio' name='messages' value='0'" . _checkboxActivate(!isset($_POST['messages']) || $_POST['messages'] == 0) . " /> " . $_lang['global.noaction'] . "</label><br />\n <label><input type='radio' name='messages' value='1'" . _checkboxActivate(isset($_POST['messages']) && $_POST['messages'] == 1) . " /> " . $_lang['admin.other.cleanup.messages.1'] . "</label> " . _tmp_selectTime("messages-time") . "<br />\n <label><input type='radio' name='messages' value='2'" . _checkboxActivate(isset($_POST['messages']) && $_POST['messages'] == 2) . " /> " . $_lang['admin.other.cleanup.messages.2'] . "</label>\n </fieldset>\n\n <fieldset>\n <legend>" . $_lang['admin.users.users'] . "</legend>\n <p class='bborder'><label><input type='checkbox' name='users' value='1'" . _checkboxActivate(isset($_POST['users'])) . " /> " . $_lang['admin.other.cleanup.users'] . "</label></p>\n <table>\n\n <tr>\n <td><strong>" . $_lang['admin.other.cleanup.users.time'] . "</strong></td>\n <td>" . _tmp_selectTime("users-time") . "</td>\n </tr>\n\n <tr>\n <td><strong>" . $_lang['admin.other.cleanup.users.group'] . "</strong></td>\n <td>" . _admin_authorSelect("users-group", isset($_POST['users-group']) ? intval($_POST['users-group']) : -1, "1", null, $_lang['global.all'], true) . "</td>\n </tr>\n\n </table>\n </fieldset>\n</td>\n\n<td>\n <fieldset>\n <legend>" . $_lang['global.other'] . "</legend>\n <label><input type='checkbox' name='maintenance' value='1' checked='checked' /> " . $_lang['admin.other.cleanup.other.maintenance'] . "</label><br />\n <label><input type='checkbox' name='optimize' value='1' checked='checked' /> " . $_lang['admin.other.cleanup.other.optimize'] . "</label><br />\n <label><input type='checkbox' name='comments' value='1'" . _checkboxActivate(isset($_POST['comments'])) . " /> " . $_lang['admin.other.cleanup.other.comments'] . "</label><br />\n <label><input type='checkbox' name='posts' value='1'" . _checkboxActivate(isset($_POST['posts'])) . " /> " . $_lang['admin.other.cleanup.other.posts'] . "</label><br />\n <label><input type='checkbox' name='iplog' value='1'" . _checkboxActivate(isset($_POST['iplog'])) . " /> " . $_lang['admin.other.cleanup.other.iplog'] . "</label>\n </fieldset>\n</td>\n\n</tr>\n\n<tr class='valign-top'>\n\n<td align='center'><p>\n<input type='submit' value='" . $_lang['admin.other.cleanup.prev'] . "' /><br /><br />\n<input type='submit' name='do_cleanup' value='" . $_lang['admin.other.cleanup.do'] . "' onclick='return _sysConfirm();' />\n</p></td>\n\n</tr>\n\n</table>\n\n" . _xsrfProtect() . "</form>\n</fieldset>\n<br />\n\n<fieldset>\n<legend>" . $_lang['admin.other.cleanup.uninstall'] . "</legend>\n<form class='cform' action='index.php?p=other-cleanup' method='post'>\n<input type='hidden' name='action' value='2' />\n<p class='bborder'>" . $_lang['admin.other.cleanup.uninstall.p'] . "</p>\n" . _admin_smallNote(str_replace('*prefix*', _mysql_prefix, $_lang['admin.other.cleanup.uninstall.note']), true) . "\n<p><label><input type='checkbox' name='confirm' value='1' /> " . str_replace('*dbname*', _mysql_db, $_lang['admin.other.cleanup.uninstall.confirm']) . "</label></p>\n<p><strong>" . $_lang['admin.other.cleanup.uninstall.pass'] . ":</strong> <input type='password' class='inputsmall' name='pass' autocomplete='off' /></p>\n<input type='submit' value='" . $_lang['global.do'] . "' onclick='return _sysConfirm();' />\n" . _xsrfProtect() . "</form>\n</fieldset>\n";
<?php /* --- kontrola jadra --- */ if (!defined('_core')) { exit; } /* --- nastaveni a vlozeni skriptu pro upravu stranky --- */ $type = 8; require 'require/sub/content-editscript-init.php'; if ($continue) { $custom_settings = "\n <label><input type='checkbox' name='var2' value='1'" . _checkboxActivate($query['var2']) . " /> " . $_lang['admin.content.form.locked3'] . "</label> \n <label><input type='checkbox' name='var3' value='1'" . _checkboxActivate($query['var3']) . " /> " . $_lang['admin.content.form.unregpost'] . "</label> \n "; if (!$new) { $custom_settings .= " <label><input type='checkbox' name='delposts' value='1' /> " . $_lang['admin.content.form.deltopics'] . "</label> <small>(" . DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-posts` WHERE home=" . $id . " AND type=5 AND xhome=-1"), 0) . ")</small>"; } $custom_settings .= " <input type='text' name='var1' value='" . $query['var1'] . "' class='inputmini' /> " . $_lang['admin.content.form.topicssperpage']; $custom_array = array(array("var1", false, 2, false), array("var2", true, 0, false), array("var3", true, 0, false), array("delposts", true, 0, false)); } require 'require/sub/content-editscript.php';
/* --- vystup --- */ if ($continue != true) { $output .= _formMessage(3, $_lang['global.badinput']); } else { // vyber rozcestniku if ($type != 7) { $intersection_select = "<select name='intersection' class='selectmedium'><option value='-1' class='special'>" . $_lang['admin.content.form.intersection.none'] . "</option>"; $isquery = DB::query("SELECT id,title FROM `" . _mysql_prefix . "-root` WHERE type=7 ORDER BY ord"); while ($item = DB::row($isquery)) { if ($item['id'] == $query['intersection']) { $selected = " selected='selected'"; } else { $selected = ""; } $intersection_select .= "<option value='" . $item['id'] . "'" . $selected . ">" . _cutStr($item['title'], 22) . "</option>"; } $intersection_select .= "</select>"; $intersection_row = "<td class='rpad'><strong>" . $_lang['admin.content.form.intersection'] . "</strong></td><td>" . $intersection_select . "</td>"; } else { $intersection_select = ""; $intersection_row = ""; } // wysiwyg editor $output .= _admin_wysiwyg(); // stylove oddeleni individualniho nastaveni if ($custom_settings != "") { $custom_settings = "<span class='customsettings'>" . $custom_settings . "</span>"; } // formular $output .= "<div class='hr'><hr /></div><br />" . (isset($_GET['saved']) ? _formMessage(1, $_lang['global.saved'] . " <small>(" . _formatTime(time()) . ")</small>") : '') . "\n\n" . (!$new && $type != 4 && DB::result(DB::query('SELECT COUNT(*) FROM `' . _mysql_prefix . '-root` WHERE `id`!=' . $query['id'] . ' AND `title_seo`=\'' . $query['title_seo'] . '\''), 0) != 0 ? _formMessage(2, $_lang['admin.content.form.title_seo.collision']) : '') . "\n" . (!$new && $id == _index_page_id ? _admin_smallNote($_lang['admin.content.form.indexnote']) : '') . "\n<form" . ($type != 4 ? " class='cform'" : '') . " action='index.php?p=content-edit" . $type_array[$type] . (!$new ? "&id=" . $id : '') . ($type == 9 && $new ? '&idt=' . $type_idt : '') . "' method='post'>\n\n\n" . $editscript_extra . "\n" . (!$new && $type == 5 ? "<p><a href='index.php?p=content-manageimgs&g=" . $id . "'><img src='images/icons/edit.png' alt='edit' class='icon' /><big>" . $_lang['admin.content.form.manageimgs'] . " ></big></a></p>" : '') . "\n\n<table class='formtable'>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n<td><input type='text' name='title' value='" . $query['title'] . "' class='inputmedium' maxlength='96' /></td>\n\n" . ($type != 4 ? "<td class='rpad'><strong>" . $_lang['admin.content.form.title_seo'] . "</strong></td>\n<td><input type='text' name='title_seo' value='" . $query['title_seo'] . "' maxlength='255' class='inputmedium' /></td>" : $intersection_row) . "\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n<td><input type='text' name='ord' value='" . $query['ord'] . "' class='inputmedium' /></td>\n\n" . ($type != 4 ? $intersection_row : '') . "\n</tr>\n\n" . ($type != 4 ? "\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.description'] . "</strong></td>\n<td><input type='text' name='description' value='" . $query['description'] . "' maxlength='128' class='inputmedium' /></td>\n\n<td class='rpad'><strong>" . $_lang['admin.content.form.keywords'] . "</strong></td>\n<td><input type='text' name='keywords' value='" . $query['keywords'] . "' maxlength='128' class='inputmedium' /></td>\n</tr>\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['admin.content.form.intersectionperex'] . "</strong></td>\n<td colspan='3'><textarea name='intersectionperex' rows='2' cols='94' class='arealine codemirror'>" . _htmlStr($query['intersectionperex']) . "</textarea></td>\n</tr>\n\n" . ($editscript_enable_content ? "\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['admin.content.form.' . ($type != 6 ? 'content' : 'url')] . "</strong>" . (!$new ? " <a href='" . _indexroot . _linkRoot($query['id'], $query['title_seo']) . "' target='_blank'><img src='images/icons/loupe.png' alt='prev' /></a>" : '') . "</td>\n<td colspan='3'>\n" . ($type != 6 ? "<textarea name='content' rows='25' cols='94' class='areabig wysiwyg_editor" . (!_wysiwyg || !_loginwysiwyg ? ' codemirror' : '') . "'>" . _htmlStr($query['content']) . "</textarea>" : "<input type='text' name='content' value='" . _htmlStr($query['content']) . "' class='inputbig' />") . "\n</td>\n</tr>\n" : '') . "\n\n" . $editscript_extra_row . "\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n<td colspan='3'>\n<label><input type='checkbox' name='visible' value='1'" . _checkboxActivate($query['visible']) . " /> " . $_lang['admin.content.form.visible'] . "</label> \n" . ($type != 6 ? "<label><input type='checkbox' name='autotitle' value='1'" . _checkboxActivate($query['autotitle']) . " /> " . $_lang['admin.content.form.autotitle'] . "</label> " : '') . "\n" . $custom_settings . "\n</td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['global.access'] . "</strong></td>\n<td>\n<label><input type='checkbox' name='public' value='1'" . _checkboxActivate($query['public']) . " /> " . $_lang['admin.content.form.public'] . "</label> \n<input type='text' name='level' value='" . $query['level'] . "' class='inputsmaller' maxlength='5' /> " . $_lang['admin.content.form.level'] . "\n</td>\n\n" . ($type != 4 ? "<td class='rpad'><strong>" . $_lang['admin.content.form.events'] . "</strong></td>\n<td><input type='text' name='events' value='" . (isset($query['events']) ? _htmlStr($query['events']) : '') . "' class='inputmedium' maxlength='255' /></td>" : '') . "\n</tr>\n\n" : '') . "\n\n\n<tr><td></td><td colspan='3'><br />\n<input type='submit' value='" . ($new ? $_lang['global.create'] : $_lang['global.savechanges']) . "' />" . (!$new ? " <small>" . $_lang['admin.content.form.thisid'] . " " . $query['id'] . "</small>" : '') . "\n</td></tr>\n\n</table>\n" . _xsrfProtect() . "</form>\n"; }
// zpravy $messages_code = ""; if (isset($_GET['r'])) { switch ($_GET['r']) { case 1: $messages_code .= _formMessage(1, $_lang['global.saved']); break; case 2: $messages_code .= _formMessage(1, $_lang['global.created']); break; } } if ($message != "") { $messages_code .= _formMessage(2, $message); } $output .= "\n<p class='bborder'>" . $_lang['admin.users.edit.p'] . "</p>\n" . $messages_code . "\n<form autocomplete='off' action='index.php?p=users-edit" . ($id != null ? "&id=" . $id : '') . "' method='post' name='userform'" . _jsCheckForm("userform", $id != null ? array("username", "email") : array("username", "email", "password")) . ">\n<table class='formtable'>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['login.username'] . "</strong></td>\n<td><input type='text' name='username' class='inputsmall'" . _restorePostValue('username', $query['username']) . " maxlength='24' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['mod.settings.publicname'] . "</strong></td>\n<td><input type='text' name='publicname' class='inputsmall'" . _restorePostValue('publicname', $query['publicname'], false, true, false) . " maxlength='24' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang[$id == null ? 'login.password' : 'mod.settings.password.new'] . "</strong></td>\n<td><input type='password' name='password' class='inputsmall' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['global.group'] . "</strong></td>\n<td>" . $group_select . "</td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['login.blocked'] . "</strong></td>\n<td><input type='checkbox' name='blocked' value='1'" . _checkboxActivate($query['blocked'] || isset($_POST['blocked'])) . " /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['global.levelshift'] . "</strong></td>\n<td><input type='checkbox' name='levelshift' value='1'" . _checkboxActivate($query['levelshift'] || isset($_POST['levelshift'])) . _inputDisable(_loginid == 0) . " /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['global.email'] . "</strong></td>\n<td><input type='text' name='email' class='inputsmall'" . _restorePostValue('email', $query['email']) . " /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['global.icq'] . "</strong></td>\n<td><input type='text' name='icq' class='inputsmall' value='" . (($val = _restorePostValue('icq', $query['icq'], true)) != 0 ? $val : '') . "' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['global.skype'] . "</strong></td>\n<td><input type='text' name='skype' class='inputsmall'" . _restorePostValue('skype', $query['skype']) . " /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['global.msn'] . "</strong></td>\n<td><input type='text' name='msn' class='inputsmall'" . _restorePostValue('msn', $query['msn']) . " /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['global.jabber'] . "</strong></td>\n<td><input type='text' name='jabber' class='inputsmall' value='" . $query['jabber'] . "' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['global.web'] . "</strong></td>\n<td><input type='text' name='web' class='inputsmall'" . _restorePostValue('web', $query['web'], false, true, false) . " /> <small>" . $_lang['mod.settings.web.hint'] . "</small></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['global.avatar'] . "</strong></td>\n<td><label><input type='checkbox' name='removeavatar' value='1' /> " . $_lang['mod.settings.avatar.remove'] . "</label></td>\n</tr>\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['global.note'] . "</strong></td>\n<td><textarea name='note' class='areasmall' rows='9' cols='33'>" . _restorePostValue('note', $query['note'], true, true, false) . "</textarea></td>\n</tr>\n\n<tr><td></td>\n<td><input type='submit' value='" . $_lang[isset($_GET['id']) ? 'global.save' : 'global.create'] . "' />" . ($id != null ? " <small>" . $_lang['admin.content.form.thisid'] . " " . $query['id'] . "</small>" : '') . "</td>\n</tr>\n\n</table>\n" . _xsrfProtect() . "</form>\n"; // odkaz na profil a zjisteni ip if ($id != null) { $output .= "\n <p>\n <a href='" . _indexroot . "index.php?m=profile&id=" . $query['username'] . "' target='_blank'>" . $_lang['mod.settings.profilelink'] . " ></a>\n " . (_loginright_adminbans ? "<br /><a href='index.php?p=other-bans&getip=" . $query['username'] . "'>" . $_lang['admin.other.bans.getuserip'] . " ></a>" : '') . "\n </p>\n "; } } else { switch ($errno) { case 1: $output .= _formMessage(2, $_lang['global.baduser']); break; case 2: $output .= _formMessage(2, $_lang['global.rootnote']); break; default: $output .= _formMessage(3, $_lang['global.disallowed']); break;
if ($id == 2 and !in_array($item, $unregistered_useable) or _userHasNotRight($item)) { continue; } $newdata[$item] = _checkboxLoad($item); } } // ulozeni $sql = ''; $last = sizeof($newdata) - 1; $counter = 0; foreach ($newdata as $col => $val) { $sql .= '`' . $col . '`=\'' . $val . '\''; if ($counter !== $last) { $sql .= ','; } ++$counter; } DB::query('UPDATE `' . _mysql_prefix . '-groups` SET ' . $sql . ' WHERE id=' . $id); // reload stranky define('_redirect_to', 'index.php?p=users-editgroup&id=' . $id . '&saved'); return; } /* --- vystup --- */ $output .= "\n <p class='bborder'>" . $_lang['admin.users.groups.editp'] . "</p>\n " . (isset($_GET['saved']) ? _formMessage(1, $_lang['global.saved']) : '') . "\n " . ($systemitem ? _admin_smallNote($_lang['admin.users.groups.specialgroup.editnotice']) : '') . "\n <form action='index.php?p=users-editgroup&id=" . $id . "' method='post'>\n <table>\n\n <tr>\n <td><strong>" . $_lang['global.name'] . "</strong></td>\n <td><input type='text' name='title' class='inputmedium' value='" . $query['title'] . "' maxlength='32' /></td>\n </tr>\n\n <tr>\n <td><strong>" . $_lang['global.descr'] . "</strong></td>\n <td><input type='text' name='descr' class='inputmedium' value='" . $query['descr'] . "' maxlength='128' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.users.groups.level'] . "</strong></td>\n <td><input type='text' name='level' class='inputmedium' value='" . $query['level'] . "'" . _inputDisable(!$systemitem) . " /></td>\n </tr>\n\n " . ($id != 2 ? "\n <tr><td><strong>" . $_lang['admin.users.groups.icon'] . "</strong></td><td><input type='text' name='icon' class='inputsmall' value='" . $query['icon'] . "' maxlength='16' /></td></tr>\n <tr><td><strong>" . $_lang['admin.users.groups.color'] . "</strong></td><td><input type='text' name='color' class='inputsmall' value='" . $query['color'] . "' maxlength='16' /></td></tr>\n <tr><td class='rpad'><strong>" . $_lang['admin.users.groups.reglist'] . "</strong></td><td><input type='checkbox' name='reglist' value='1'" . _checkboxActivate($query['reglist']) . " /></td></tr>\n " : '') . "\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.users.groups.blocked'] . "</strong></td>\n <td><input type='checkbox' name='blocked' value='1'" . _checkboxActivate($query['blocked']) . _inputDisable($id != 1 and $id != 2) . " /></td>\n </tr>\n\n </table><br />\n\n <fieldset>\n <legend>" . $_lang['admin.users.groups.commonrights'] . "</legend>\n <table>\n\n " . $rights . "\n\n\n </table></fieldset><br />\n\n\n <br />\n <input type='submit' value='" . $_lang['global.save'] . "' /> <small>" . $_lang['admin.content.form.thisid'] . " " . $id . "</small>\n\n " . _xsrfProtect() . "</form>\n "; } else { if ($levelconflict == false) { $output .= _formMessage(3, $_lang['global.badinput']); } else { $output .= _formMessage(3, $_lang['global.disallowed']); } }
case 0: // priprava vyberu skupiny $groupselect = array(null); if (_registration_grouplist) { $groupselect_items = DB::query("SELECT id,title FROM `" . _mysql_prefix . "-groups` WHERE `blocked`=0 AND reglist=1 ORDER BY title"); if (DB::size($groupselect_items) != 0) { $groupselect_content = ""; while ($groupselect_item = DB::row($groupselect_items)) { $groupselect_content .= "<option value='" . $groupselect_item['id'] . "'" . ($groupselect_item['id'] == _defaultgroup ? " selected='selected'" : '') . ">" . $groupselect_item['title'] . "</option>\n"; } $groupselect = array($_lang['global.group'], "<select name='group'>" . $groupselect_content . "</select>"); } } // priprava podminek if (SL::$settings['rules'] != "") { $rules = array("<div class='hr'><hr /></div><h2>" . $_lang['mod.reg.rules'] . "</h2>" . SL::$settings['rules'] . "<br /><label><input type='checkbox' name='agreement' value='1'" . _checkboxActivate(isset($_POST['agreement'])) . " /> " . $_lang['mod.reg.rules.agreement'] . "</label><div class='hr'><hr /></div><br />", "", true); } else { $rules = array(null); } // formular $captcha = _captchaInit(); $module .= "<p class='bborder'>" . $_lang['mod.reg.p'] . (_registration_confirm ? ' ' . $_lang['mod.reg.confirm.extratext'] : '') . "</p>"; $module .= $message . _formOutput("regform", "index.php?m=reg", array(array($_lang['login.username'], "<input type='text' name='username' class='inputsmall' maxlength='24'" . _restorePostValue('username') . " />"), array($_lang['login.password'], "<input type='password' name='password' class='inputsmall' />"), array($_lang['login.password'] . " (" . $_lang['global.check'] . ")", "<input type='password' name='password2' class='inputsmall' />"), array($_lang['global.email'], "<input type='text' name='email' class='inputsmall' " . _restorePostValue('email', '@') . " />"), array($_lang['mod.settings.massemail'], "<input type='checkbox' name='massemail' value='1' checked='checked' /> " . $_lang['mod.settings.massemail.label']), $groupselect, $captcha, $rules), array("username", "email", "password", "password2"), $_lang['mod.reg.submit' . (_registration_confirm ? '2' : '')]); break; // uspesna registrace // uspesna registrace case 1: $module .= "<p>" . str_replace("*username*", $username, $_lang['mod.reg.done']) . "</p>"; break; // odeslano potvrzeni // odeslano potvrzeni
$root = isset($_GET['root']) ? '1' : '0'; $art = isset($_GET['art']) ? '1' : '0'; $post = isset($_GET['post']) ? '1' : '0'; $image = isset($_GET['img']) ? '1' : '0'; } else { $search_query = ''; $root = 1; $art = 1; $post = 1; $image = 0; } /* --- modul --- */ if (_template_autoheadings == 1) { $module .= "<h1>" . $_lang['mod.search'] . "</h1>"; } $module .= "\n<p class='bborder'>" . $_lang['mod.search.p'] . "</p>\n\n<form action='index.php' method='get'>\n<input type='hidden' name='m' value='search' />\n" . _xsrfProtect() . "\n<input type='text' name='q' class='inputmedium' value='" . _htmlStr($search_query) . "' /> <input type='submit' value='" . $_lang['mod.search.submit'] . "' /><br />\n" . $_lang['mod.search.where'] . ": \n<label><input type='checkbox' name='root' value='1'" . _checkboxActivate($root) . " /> " . $_lang['mod.search.where.root'] . "</label> \n<label><input type='checkbox' name='art' value='1'" . _checkboxActivate($art) . " /> " . $_lang['mod.search.where.articles'] . "</label> \n<label><input type='checkbox' name='post' value='1'" . _checkboxActivate($post) . " /> " . $_lang['mod.search.where.posts'] . "</label> \n<label><input type='checkbox' name='img' value='1'" . _checkboxActivate($image) . " /> " . $_lang['mod.search.where.images'] . "</label>\n</form>\n\n"; /* --- vyhledavani --- */ if ($search_query != '' && _xsrfCheck(true)) { if (mb_strlen($search_query) >= 3) { // priprava $search_query_sql = DB::esc('%' . $search_query . '%'); $results = array(); // polozka: array(link, titulek, perex) $public = !_loginindicator; // funkce na skladani vyhledavaciho dotazu function _tmpSearchQuery($alias, $cols) { $output = '('; for ($i = 0, $last = sizeof($cols) - 1; isset($cols[$i]); ++$i) { $output .= $alias . '.' . $cols[$i] . ' LIKE \'' . $GLOBALS['search_query_sql'] . '\''; if ($i !== $last) {
$item = pathinfo($item); if (!isset($item['extension']) or $item['extension'] != "php") { continue; } $item = mb_substr($item['basename'], 0, mb_strrpos($item['basename'], ".")); if ($item == _loginlanguage) { $selected = ' selected="selected"'; } else { $selected = ""; } $language_select .= '<option value="' . $item . '"' . $selected . '>' . $item . '</option>'; } closedir($handle); $language_select .= '</select></td></tr>'; } else { $language_select = ""; } // wysiwyg if (_loginright_administration) { $admin = "\n\n\n\n <tr>\n <td><strong>" . $_lang['mod.settings.wysiwyg'] . "</strong></td>\n <td><label><input type='checkbox' name='wysiwyg' value='1'" . _checkboxActivate($query['wysiwyg']) . " /> " . $_lang['mod.settings.wysiwyg.label'] . "</label></td>\n </tr>\n\n "; } else { $admin = ""; } $module .= "\n<p><a href='index.php?m=profile&id=" . _loginname . "'>" . $_lang['mod.settings.profilelink'] . " ></a></p>\n<p>" . $_lang['mod.settings.p'] . "</p>" . $message . "\n<form action='index.php?m=settings' method='post' name='setform' enctype='multipart/form-data'>\n\n" . _jsLimitLength(1024, "setform", "note") . "\n\n <fieldset>\n <legend>" . $_lang['mod.settings.userdata'] . "</legend>\n <table class='profiletable'>\n\n <tr>\n <td><strong>" . $_lang['login.username'] . "</strong> <span class='important'>*</span></td>\n <td><input type='text' name='username'" . _restorePostValue('username', _loginname) . " class='inputsmall' maxlength='24' />" . (!_loginright_changeusername ? "<span class='hint'>(" . $_lang['mod.settings.namechangenote'] . ")</span>" : '') . "</td>\n </tr>\n\n <tr>\n <td><strong>" . $_lang['mod.settings.publicname'] . "</strong></td>\n <td><input type='text' name='publicname'" . _restorePostValue('publicname', $query['publicname']) . " class='inputsmall' maxlength='24' /></td>\n </tr>\n\n <tr class='valign-top'>\n <td><strong>" . $_lang['global.email'] . "</strong> <span class='important'>*</span></td>\n <td><input type='text' name='email'" . _restorePostValue('email', $query['email']) . " class='inputsmall'/></td>\n </tr>\n\n " . $language_select . "\n\n <tr>\n <td><strong>" . $_lang['mod.settings.massemail'] . "</strong></td>\n <td><label><input type='checkbox' name='massemail' value='1'" . _checkboxActivate($query['massemail']) . " /> " . $_lang['mod.settings.massemail.label'] . "</label></td>\n </tr>\n\n " . $admin . "\n </table>\n </fieldset>\n\n\n <fieldset>\n <legend>" . $_lang['mod.settings.password'] . "</legend>\n <p class='minip'>" . $_lang['mod.settings.password.hint'] . "</p>\n <table class='profiletable'>\n\n <tr>\n <td><strong>" . $_lang['mod.settings.password.current'] . "</strong></td>\n <td><input type='password' name='currentpassword' class='inputsmall' autocomplete='off' /></td>\n </tr>\n\n <tr>\n <td><strong>" . $_lang['mod.settings.password.new'] . "</strong></td>\n <td><input type='password' name='newpassword' class='inputsmall' autocomplete='off' /></td>\n </tr>\n\n <tr>\n <td><strong>" . $_lang['mod.settings.password.new'] . " (" . $_lang['global.check'] . ")</strong></td>\n <td><input type='password' name='newpassword-confirm' class='inputsmall' autocomplete='off' /></td>\n </tr>\n\n </table>\n </fieldset>\n\n " . _extend('buffer', 'mod.settings.form') . "\n\n\n <fieldset>\n <legend>" . $_lang['mod.settings.info'] . "</legend>\n\n <table class='profiletable'>\n\n <tr>\n <td><strong>" . $_lang['global.icq'] . "</strong></td>\n <td><input type='text' name='icq'" . _restorePostValue('icq', $query['icq']) . " class='inputsmall' /></td>\n </tr>\n\n <tr>\n <td><strong>" . $_lang['global.skype'] . "</strong></td>\n <td><input type='text' name='skype'" . _restorePostValue('skype', $query['skype']) . " class='inputsmall' /></td>\n </tr>\n\n <tr>\n <td><strong>" . $_lang['global.msn'] . "</strong></td>\n <td><input type='text' name='msn'" . _restorePostValue('msn', $query['msn']) . " class='inputsmall' /></td>\n </tr>\n\n <tr>\n <td><strong>" . $_lang['global.jabber'] . "</strong></td>\n <td><input type='text' name='jabber'" . _restorePostValue('jabber', $query['jabber']) . " class='inputsmall' /></td>\n </tr>\n\n <tr>\n <td><strong>" . $_lang['global.web'] . "</strong></td>\n <td><input type='text' name='web' value='" . $query['web'] . "' class='inputsmall' /><span class='hint'>" . $_lang['mod.settings.web.hint'] . "</span></td>\n </tr>\n\n <tr class='valign-top'>\n <td><strong>" . $_lang['global.note'] . "</strong></td>\n <td><textarea name='note' class='areasmall' rows='9' cols='33'>" . _restorePostValue('note', $query['note'], true) . "</textarea></td>\n </tr>\n\n <tr><td></td>\n <td>" . _getPostFormControls("setform", "note") . "</td>\n </tr>\n\n </table>\n\n </fieldset>\n"; if (_uploadavatar) { $module .= "\n <fieldset>\n <legend>" . $_lang['mod.settings.avatar'] . "</legend>\n " . _extend('buffer', 'mod.settings.avatar', array('extra' => array('query' => $query))) . "\n <p><strong>" . $_lang['mod.settings.avatar.upload'] . ":</strong> <input type='file' name='avatar' /></p>\n <table>\n <tr class='valign-top'>\n <td width='106'><div class='avatar'><img src='" . $avatar_path . "' alt='avatar' /></div></td>\n <td><p class='minip'>" . $_lang['mod.settings.avatar.hint'] . "</p><p><label><input type='checkbox' name='removeavatar' value='1' /> " . $_lang['mod.settings.avatar.remove'] . "</label></p></td>\n </tr>\n </table>\n </fieldset>\n"; } if (_loginright_selfdestruction and _loginid != 0) { $module .= "\n\n <fieldset>\n <legend>" . $_lang['mod.settings.selfremove'] . "</legend>\n <label><input type='checkbox' name='selfremove' value='1' onclick='if (this.checked==true) {return _sysConfirm();}' /> " . $_lang['mod.settings.selfremove.box'] . "</label><br /><br />\n <div class='lpad'><strong>" . $_lang['mod.settings.selfremove.confirm'] . ":</strong> <input type='password' name='selfremove-confirm' class='inputsmall' /></div>\n </fieldset>\n\n"; } $module .= "\n<br />\n<input type='submit' value='" . $_lang['mod.settings.submit'] . "' />\n<input type='reset' value='" . $_lang['global.reset'] . "' onclick='return _sysConfirm();' />\n\n" . _xsrfProtect() . "</form>\n";
echo $_lang['admin.other.php.title']; ?> </h1> <form action="php.php" method="post"> <textarea name="code" rows="25" cols="94" class="areabig"><?php if (isset($code)) { echo _htmlStr($code); } ?> </textarea><br /> <input type="submit" value="<?php echo $_lang['global.do']; ?> " /> <label><input type="checkbox" name="html" value="1"<?php echo _checkboxActivate(isset($_POST['html']) ? 1 : 0); ?> /> <?php echo $_lang['admin.other.php.html']; ?> </label> <?php echo _xsrfProtect(); ?> </form> <?php if ($process) { $html = isset($_POST['html']); echo '<h2>' . $_lang['global.result'] . '</h2>'; if (!$html) {
/* --- vystup --- */ if ($continue) { $nokit = false; // zprava if (isset($_GET['created'])) { $message = _formMessage(1, $_lang['global.created']); } $output .= "<div class='hr'><hr /></div><br />" . $message . "\n<form class='cform' action='index.php?p=content-boxes-edit&c=" . urlencode($c) . "&saved' method='post'>\n<input type='hidden' name='do' value='1' />\n<p><input type='submit' value='" . $_lang['admin.content.boxes.saveboxeschanges'] . "' /> <a href='index.php?p=content-boxes-new&c=" . urlencode($c) . "'><img src='images/icons/new.png' alt='new' class='icon' />" . $_lang['admin.content.boxes.create'] . "</a></p>\n<table id='boxesedit'>\n"; $query = DB::query("SELECT * FROM `" . _mysql_prefix . "-boxes` WHERE `column`='" . DB::esc($c) . "' ORDER BY ord"); if (DB::size($query) != 0) { $isfirst = true; while ($item = DB::row($query)) { if ($isfirst) { $output .= "\n\n\n\n<tr>\n\n\n\n"; } $output .= "\n <td class='cell'>\n <div>\n <table class='formtable'>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n <td><input type='text' name='" . $item['id'] . "-title' value='" . $item['title'] . "' class='inputmedium' maxlength='96' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.boxes.column'] . "</strong></td>\n <td><input type='text' maxlength='64' name='" . $item['id'] . "-column' value='" . _htmlStr($item['column']) . "' class='inputmedium' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n <td><input type='text' name='" . $item['id'] . "-ord' value='" . $item['ord'] . "' class='inputmedium' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.class'] . "</strong></td>\n <td><input type='text' name='" . $item['id'] . "-class' value='" . $item['class'] . "' class='inputmedium' maxlength='24' /></td>\n </tr>\n\n <tr class='valign-top'>\n <td class='rpad'><strong>" . $_lang['admin.content.form.content'] . "</strong></td>\n <td><textarea name='" . $item['id'] . "-content' class='areasmall_100pwidth codemirror' rows='9' cols='33'>" . _htmlStr($item['content']) . "</textarea></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n <td>\n <label><input type='checkbox' name='" . $item['id'] . "-visiblenew' value='1'" . _checkboxActivate($item['visible']) . " /> " . $_lang['admin.content.form.visible'] . "</label> \n <label><input type='checkbox' name='" . $item['id'] . "-publicnew' value='1'" . _checkboxActivate($item['public']) . " /> " . $_lang['admin.content.form.public'] . "</label>\n <input type='hidden' name='" . $item['id'] . "-visible' value='1' />\n <input type='hidden' name='" . $item['id'] . "-public' value='1' />\n <a href='" . _xsrfLink("index.php?p=content-boxes-edit&c=" . urlencode($c) . "&del=" . $item['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['admin.content.boxes.delete'] . "</a>\n </td>\n </tr>\n\n </table>\n </div>\n </td>\n "; if (!$isfirst) { $output .= "\n\n\n\n</tr>\n\n\n\n"; } $isfirst = !$isfirst; } // dodatecne uzavreni radku tabulky (pri lichem poctu boxu) if (!$isfirst) { $output .= "\n\n\n\n</tr>\n\n\n\n"; } } else { $nokit = true; $output .= '<tr><td>' . $_lang['global.nokit'] . '</td></tr>'; } $output .= "</table>\n" . ($nokit ? '' : "<p><input type='submit' value='" . $_lang['admin.content.boxes.saveboxeschanges'] . "' /></p>") . "\n" . _xsrfProtect() . "</form>"; } else {
<?php /* --- kontrola jadra --- */ if (!defined('_core')) { exit; } /* --- nastaveni a vlozeni skriptu pro upravu stranky --- */ $type = 6; require 'require/sub/content-editscript-init.php'; if ($continue) { $custom_settings = "<label><input type='checkbox' name='var1' value='1'" . _checkboxActivate($query['var1']) . " /> " . $_lang['admin.content.form.newwindow'] . "</label>"; $custom_array = array(array("var1", true, 0, false)); } require 'require/sub/content-editscript.php';
} } } // ulozeni posledniho nebo jedineho shoutboxu if ($sql != "") { $sql = trim($sql, ","); DB::query("UPDATE `" . _mysql_prefix . "-sboxes` SET " . $sql . " WHERE id=" . $id); } $message = _formMessage(1, $_lang['global.saved']); break; } } /* --- odstraneni shoutboxu --- */ if (isset($_GET['del']) && _xsrfCheck(true)) { $del = intval($_GET['del']); DB::query("DELETE FROM `" . _mysql_prefix . "-sboxes` WHERE id=" . $del); DB::query("DELETE FROM `" . _mysql_prefix . "-posts` WHERE home=" . $del . " AND type=4"); $message = _formMessage(1, $_lang['global.done']); } /* --- vystup --- */ $output .= "\n<p class='bborder'>" . $_lang['admin.content.sboxes.p'] . "</p>\n\n" . $message . "\n\n<fieldset>\n<legend>" . $_lang['admin.content.sboxes.create'] . "</legend>\n<form class='cform' action='index.php?p=content-sboxes' method='post'>\n<input type='hidden' name='action' value='1' />\n\n<table>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n<td><input type='text' name='title' class='inputbig' maxlength='64' /></td>\n</tr>\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n<td>\n<label><input type='checkbox' name='public' value='1' checked='checked' /> " . $_lang['admin.content.form.unregpost'] . "</label><br />\n<label><input type='checkbox' name='locked' value='1' /> " . $_lang['admin.content.form.locked2'] . "</label>\n</td>\n</tr>\n\n<tr>\n<td></td>\n<td><input type='submit' value='" . $_lang['global.create'] . "' /></td>\n</tr>\n\n</table>\n\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n\n<fieldset>\n<legend>" . $_lang['admin.content.sboxes.manage'] . "</legend>\n<form class='cform' action='index.php?p=content-sboxes' method='post'>\n<input type='hidden' name='action' value='2' />\n\n<input type='submit' value='" . $_lang['admin.content.sboxes.savechanges'] . "' />\n<div class='hr'><hr /></div>\n"; // vypis shoutboxu $shoutboxes = DB::query("SELECT * FROM `" . _mysql_prefix . "-sboxes` ORDER BY id DESC"); if (DB::size($shoutboxes) != 0) { while ($shoutbox = DB::row($shoutboxes)) { $output .= "\n <br />\n <table>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n <td><input type='text' name='s" . $shoutbox['id'] . "_title' class='inputmedium' value='" . $shoutbox['title'] . "' /></td>\n </tr>\n\n <tr>\n <td><strong>" . $_lang['global.id'] . "</strong></td>\n <td>" . $shoutbox['id'] . "</td>\n </tr>\n\n <tr class='valign-top'>\n <td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n <td>\n <input type='hidden' name='s" . $shoutbox['id'] . "_publictrigger' value='1' /><input type='hidden' name='s" . $shoutbox['id'] . "_lockedtrigger' value='1' />\n <label><input type='checkbox' name='s" . $shoutbox['id'] . "_public' value='1'" . _checkboxActivate($shoutbox['public']) . " /> " . $_lang['admin.content.form.unregpost'] . "</label><br />\n <label><input type='checkbox' name='s" . $shoutbox['id'] . "_locked' value='1'" . _checkboxActivate($shoutbox['locked']) . " /> " . $_lang['admin.content.form.locked2'] . "</label><br />\n <label><input type='checkbox' name='s" . $shoutbox['id'] . "_delposts' value='1' /> " . $_lang['admin.content.form.delposts'] . "</label><br /><br />\n <a href='" . _xsrfLink("index.php?p=content-sboxes&del=" . $shoutbox['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['global.delete'] . "</a>\n </td>\n </tr>\n\n </table>\n <br /><div class='hr'><hr /></div>\n "; } } else { $output .= $_lang['global.nokit']; } $output .= "\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n";