function _HCM_filelist($cesta = "", $velikosti = false)
{
$result = "";
$cesta = _indexroot . $cesta;
$velikosti = _boolean($velikosti);
if (mb_substr($cesta, -1, 1) != "/") {
$cesta .= "/";
}
if (@file_exists($cesta) and @is_dir($cesta)) {
$handle = @opendir($cesta);
while (false !== ($item = @readdir($handle))) {
if (@is_dir($cesta . $item) or $item == "." or $item == "..") {
continue;
}
$items[] = $item;
}
natsort($items);
$result = "<ul>\n";
foreach ($items as $item) {
$result .= "<li>";
$result .= "<a href='" . $cesta . _htmlStr($item) . "' target='_blank'>" . $item . "</a>";
if ($velikosti) {
$result .= " (" . round(@filesize($cesta . $item) / 1024) . "kB)";
}
$result .= "</li>\n";
}
$result .= "</ul>\n";
@closedir($handle);
}
return $result;
}
function _HCM_flash($cesta = "", $sirka = null, $vyska = null)
{
// prednastavene rozmery
$defwidth = "320";
$defheight = "240";
// nacteni parametru
$cesta = _htmlStr($cesta);
if (!_isAbsolutePath($cesta)) {
$cesta = _url . "/" . $cesta;
}
if (!isset($sirka)) {
$sirka = $defwidth;
$sirka_def = true;
} else {
$sirka = intval($sirka);
$sirka_def = false;
}
if (!isset($vyska)) {
if (!$sirka_def) {
$vyska = round(0.75 * $sirka);
} else {
$vyska = $defheight;
}
} else {
$vyska = intval($vyska);
}
// sestaveni kodu
return "\n<!--[if !IE]> -->\n<object type='application/x-shockwave-flash' data='" . $cesta . "' width='" . $sirka . "' height='" . $vyska . "'>\n<!-- <![endif]-->\n\n<!--[if IE]>\n<object classid='clsid:D27CDB6E-AE6D-11cf-96B8-444553540000' codebase='http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0' width='{$sirka}' height='{$vyska}'>\n<param name='movie' value='" . $cesta . "' />\n<!--><!---->\n<param name='loop' value='true' />\n<param name='menu' value='false' />\n<param name='wmode' value='transparent'>\n\n" . $GLOBALS['_lang']['hcm.player.alt'] . "\n</object>\n<!-- <![endif]-->\n";
}
function _HCM_linkart($id = null, $text = null, $nove_okno = false)
{
if (null === $text) {
$query = DB::query_row('SELECT art.title,art.title_seo,cat.title_seo AS cat_title_seo FROM `' . _mysql_prefix . '-articles` AS art JOIN `' . _mysql_prefix . '-root` AS cat ON(cat.id=art.home1) WHERE art.' . (is_numeric($id) ? 'id' : 'title_seo') . '=' . DB::val($id));
if (false === $query) {
return '{' . _htmlStr($id) . '}';
}
$text = $query['title'];
} else {
$query = array('title_seo' => null, 'cat_title_seo' => null);
}
return "<a href='" . _linkArticle($id, $query['title_seo'], $query['cat_title_seo']) . "'" . ($nove_okno ? ' target="_blank"' : '') . ">" . $text . "</a>";
}
function _HCM_ximg($cesta = '', $extrakod = null)
{
// alternativni text
$ralt = basename($cesta);
if (($dotpos = mb_strrpos($ralt, ".")) !== false) {
$ralt = mb_substr($ralt, 0, $dotpos);
}
// kod
if (isset($extrakod)) {
$rpluscode = " " . $extrakod;
} else {
$rpluscode = "";
}
return "<img src='" . _htmlStr($cesta) . "' alt='" . $ralt . "'" . $rpluscode . " />";
}
function _HCM_img($cesta = "", $vyska_nahledu = null, $titulek = null, $lightbox = null)
{
if (isset($vyska_nahledu) and $vyska_nahledu > 0) {
$vyska_nahledu = intval($vyska_nahledu);
} else {
$vyska_nahledu = 96;
}
if (isset($titulek) and $titulek != "") {
$titulek = _htmlStr($titulek);
}
if (!isset($lightbox)) {
$lightbox = SL::$hcmUid;
}
$thumb = _pictureThumb($cesta, array('x' => null, 'y' => $vyska_nahledu));
return "<a href='" . _htmlStr($cesta) . "' target='_blank' class='lightbox' data-fancybox-group='lb_hcm" . $lightbox . "'" . ($titulek != "" ? ' title=\'' . $titulek . '\'' : '') . "><img src='" . $thumb . "' alt='" . ($titulek != "" ? $titulek : 'img') . "' /></a>\n";
}
function _HCM_mailform($adresa = "", $priloha = false, $predmet = null)
{
// priprava
$result = "";
$_SESSION[_sessionprefix . 'hcm_' . SL::$hcmUid . '_mail_receiver'] = @implode(",", _arrayRemoveValue(@explode(";", trim($adresa)), ""));
if (_boolean($priloha)) {
$rfile = array($GLOBALS['_lang']['hcm.mailform.att'], "<input type='file' name='att' />");
$att = true;
} else {
$rfile = array('');
$att = false;
}
if (isset($predmet)) {
$rsubject = " value='" . _htmlStr($predmet) . "'";
} else {
$rsubject = "";
}
$rcaptcha = _captchaInit();
// zprava
$msg = '';
if (isset($_GET['hcm_mr_' . SL::$hcmUid])) {
switch ($_GET['hcm_mr_' . SL::$hcmUid]) {
case 1:
$msg = _formMessage(1, $GLOBALS['_lang']['hcm.mailform.msg.done']);
break;
case 2:
$msg = _formMessage(2, $GLOBALS['_lang']['hcm.mailform.msg.failure']);
break;
case 3:
$msg = _formMessage(3, $GLOBALS['_lang']['hcm.mailform.msg.failure2']);
break;
case 4:
$msg = _formMessage(3, $GLOBALS['_lang']['xsrf.msg']);
break;
}
}
// predvyplneni odesilatele
if (_loginindicator) {
$sender = _loginemail;
} else {
$sender = "@";
}
$result .= "<div class='anchor'><a name='hcm_mform_" . SL::$hcmUid . "'></a></div>\n" . $msg . _formOutput("mform" . SL::$hcmUid, _indexroot . "remote/hcm/mform.php?_return=" . urlencode(_indexOutput_url) . ($att ? "' enctype='multipart/form-data" : ''), array(array($GLOBALS['_lang']['hcm.mailform.sender'], "<input type='text' class='inputsmall' name='sender' value='" . $sender . "' /><input type='hidden' name='fid' value='" . SL::$hcmUid . "' />"), array($GLOBALS['_lang']['posts.subject'], "<input type='text' class='inputsmall' name='subject'" . $rsubject . " />"), $rcaptcha, array($GLOBALS['_lang']['hcm.mailform.text'], "<textarea class='areasmall' name='text' rows='9' cols='33'></textarea>", true), $rfile), array("text", "sender"), $GLOBALS['_lang']['hcm.mailform.send']);
return $result;
}
function _HCM_player($soubor = "", $sirka = null, $vyska = null, $autoplay = false)
{
// prednastavene hodnoty
$extension = pathinfo($soubor);
if (isset($extension['extension'])) {
$extension = $extension['extension'];
}
if ($extension == "mp3") {
$defvyska = "19";
} else {
$defvyska = "240";
}
$defsirka = "320";
// nacteni parametru
$soubor = _htmlStr($soubor);
if (!_isAbsolutePath($soubor)) {
$soubor = _url . "/" . $soubor;
}
if (!isset($sirka)) {
$sirka = $defsirka;
} else {
$sirka = intval($sirka);
}
if (!isset($vyska)) {
$vyska = $defvyska;
} else {
$vyska = intval($vyska);
}
$autoplay = _booleanStr(_boolean($autoplay));
// sestaveni kodu
return '
<div id="player_' . SL::$hcmUid . '"><div class="message2">' . $GLOBALS['_lang']['hcm.player.alt'] . '</div></div>
<script type="text/javascript">
// <![CDATA[
var so = new SWFObject("' . _indexroot . 'remote/hcm/player.swf", "player_embed_' . SL::$hcmUid . '", "' . $sirka . '", "' . $vyska . '", "9", "#000000");
so.addParam("allowfullscreen","true");
so.addVariable("file", "' . $soubor . '");
so.addVariable("link", "' . $soubor . '");
so.addVariable("autostart", "' . $autoplay . '");
so.write("player_' . SL::$hcmUid . '");
// ]]>
</script>
';
}
function _HCM_gallery($cesta = "", $rozmery = null, $strankovani = null, $lightbox = 1)
{
// priprava
$result = "";
$cesta = _indexroot . $cesta;
$cesta_noroot = $cesta;
if (mb_substr($cesta, -1, 1) != "/") {
$cesta .= "/";
}
if (mb_substr($cesta_noroot, -1, 1) != "/") {
$cesta_noroot .= "/";
}
if (isset($strankovani) and $strankovani > 0) {
$strankovat = true;
$strankovani = intval($strankovani);
if ($strankovani <= 0) {
$strankovani = 1;
}
} else {
$strankovat = false;
}
$lightbox = _boolean($lightbox);
if (isset($rozmery)) {
$rozmery = explode('/', $rozmery);
if (sizeof($rozmery) === 2) {
// sirka i vyska
$x = intval($rozmery[0]);
$y = intval($rozmery[1]);
} else {
// pouze vyska
$x = null;
$y = intval($rozmery[0]);
}
} else {
// neuvedeno
$x = null;
$y = 128;
}
if (@file_exists($cesta) and @is_dir($cesta)) {
$handle = @opendir($cesta);
// nacteni polozek
$items = array();
while (false !== ($item = @readdir($handle))) {
$ext = pathinfo($item);
if (isset($ext['extension'])) {
$ext = mb_strtolower($ext['extension']);
} else {
$ext = "";
}
if (@is_dir($item) or $item == "." or $item == ".." or !in_array($ext, SL::$imageExt)) {
continue;
}
$items[] = $item;
}
@closedir($handle);
natsort($items);
// priprava strankovani
if ($strankovat) {
$count = count($items);
$paging = _resultPaging(_indexOutput_url, $strankovani, $count, "", "#hcm_gal" . SL::$hcmUid, "hcm_gal" . SL::$hcmUid . "p");
}
// vypis
$result = "<div class='anchor'><a name='hcm_gal" . SL::$hcmUid . "'></a></div>\n<div class='gallery'>\n";
$counter = 0;
foreach ($items as $item) {
if ($strankovat and $counter > $paging[6]) {
break;
}
if (!$strankovat or $strankovat and _resultPagingIsItemInRange($paging, $counter)) {
$thumb = _pictureThumb($cesta_noroot . $item, array('x' => $x, 'y' => $y));
$result .= "<a href='" . $cesta . _htmlStr($item) . "' target='_blank'" . ($lightbox ? " class='lightbox' data-fancybox-group='lb_hcm" . SL::$hcmUid . "'" : '') . "><img src='" . $thumb . "' alt='" . $item . "' /></a>\n";
}
$counter++;
}
$result .= "</div>\n";
if ($strankovat) {
$result .= $paging[0];
}
}
return $result;
}
$rights .= "\n <tr>\n <td><strong>" . $_lang['admin.users.groups.' . $item] . "</strong></td>\n <td><input type='checkbox' name='{$item}' value='1'" . _checkboxActivate($query[$item]) . _inputDisable($id != 1) . " /></td>\n <td class='lpad'>" . $_lang['admin.users.groups.' . $item . '.help'] . "</td>\n </tr>\n ";
} else {
$rights .= "</table></fieldset><fieldset><legend>" . mb_substr($item, 1) . "</legend><table>";
}
}
/* --- ulozeni --- */
if (isset($_POST['title'])) {
$newdata = array();
// zakladni atributy
$newdata['title'] = DB::esc(_htmlStr(trim($_POST['title'])));
if ($newdata['title'] == "") {
$newdata['title'] = DB::esc($_lang['global.novalue']);
}
$newdata['descr'] = DB::esc(_htmlStr(trim($_POST['descr'])));
if ($id != 2) {
$newdata['icon'] = DB::esc(_htmlStr(trim($_POST['icon'])));
}
$newdata['color'] = DB::esc(preg_replace('/([^0-9a-zA-Z#])/s', '', trim($_POST['color'])));
if ($id > 2) {
$newdata['blocked'] = _checkboxLoad("blocked");
}
if ($id != 2) {
$newdata['reglist'] = _checkboxLoad("reglist");
}
// uroven, blokovani
if ($id > 2) {
$newdata['level'] = intval($_POST['level']);
if ($newdata['level'] > _loginright_level) {
$newdata['level'] = _loginright_level - 1;
}
if ($newdata['level'] >= 10000) {
/**
* [ADMIN] Backup API - obnovit zalohu (castecnou nebo jen databaze)
* @param string $path cesta k souboru
* @return array|bool true pri uspechu, jinak array(err_msg, fatal 1/0)
*/
function _backupRestore($path)
{
// priprava
global $_lang;
$fatal = false;
$path = realpath($path);
// proces obnovy
do {
/* ----- nacteni a kontroly ----- */
// kontrola souboru
if (($err = _backupCheckFile($path, array(_backup_db, _backup_partial))) !== true) {
break;
}
// nacteni souboru
$kzip = new KZip($path);
if (!empty($kzip->error)) {
$err = str_replace('*errstr*', _htmlStr($kzip->error), $_lang['admin.other.backup.restore.upload.err.load']);
break;
}
$type = $kzip->vars['type'];
// uprava merge pole
if (isset($kzip->vars['merge'])) {
$kzip->vars['merge'] = array_flip($kzip->vars['merge']);
}
// kontrola prava pro zapis
if ($type === _backup_partial) {
$a_files = '/files/';
$dirs = $kzip->listFiles($a_files, true);
$dirs = $dirs[0];
for ($i = 0; isset($dirs[$i]); ++$i) {
if (($err = _emptyDir(realpath(dirname($_SERVER['SCRIPT_FILENAME']) . '/' . _indexroot . $dirs[$i]) . '/')) !== true) {
$err = str_replace('*path*', _htmlStr($err), $_lang['admin.other.backup.restore.err.access']);
break 2;
}
}
}
/* ----- provedeni ----- */
// chyby na teto urovni jsou j*z fatalni
$fatal = true;
// databaze
$dbdump = new DBDump();
// tabulky
$tbl_import = $dbdump->importTables($kzip->getFile('/database/struct'));
if (!$tbl_import[0]) {
$err = $tbl_import[1] . ': <code>' . _htmlStr($tbl_import[2]) . '</code>';
break;
}
// data
$dbstream = $kzip->getFileStream('/database/data');
$data_import = $dbdump->importData($dbstream);
$dbstream->free();
if (!$data_import[0]) {
$err = $data_import[1];
break;
}
// aktualizovat hlavni URL, vynutit kontrolu instalace
if (($url = _getBaseUrl()) !== false) {
DB::query('UPDATE `' . _mysql_prefix . '-settings` SET `val`=' . DB::val(rtrim($url, '/')) . ' WHERE `var`=\'url\'');
}
DB::query('UPDATE `' . _mysql_prefix . '-settings` SET `val`=\'1\' WHERE `var`=\'installcheck\'');
// deaktivovat modrewrite, pokud neexistuje .htaccess
if (!file_exists(_indexroot . '.htaccess')) {
DB::query('UPDATE `' . _mysql_prefix . '-settings` SET `val`=\'0\' WHERE `var`=\'modrewrite\'');
}
// soubory
if ($type === _backup_partial) {
for ($i = 0; isset($dirs[$i]); ++$i) {
echo "\n\n";
$dirpath = realpath(dirname($_SERVER['SCRIPT_FILENAME']) . '/' . _indexroot . $dirs[$i]) . '/';
if (!isset($kzip->vars['merge'], $kzip->vars['merge'][$dirs[$i]])) {
_emptyDir($dirpath, false);
}
$kzip->extractFiles($dirpath, $a_files . $dirs[$i] . '/', false, true, array($kzip->vars['void']));
}
}
// hotovo
$kzip->free();
return true;
} while (false);
// chyba
if (isset($kzip)) {
$kzip->free();
}
return array($err, $fatal);
}
/* --- priprava --- */
if (isset($_GET['c'])) {
$c = _get('c');
$returntolist = true;
} else {
$c = '1';
$returntolist = false;
}
/* --- ulozeni --- */
if (isset($_POST['title'])) {
// nacteni promennych
$title = DB::esc(_htmlStr($_POST['title']));
$column = _post('column');
$ord = floatval($_POST['ord']);
$content = DB::esc(_filtrateHCM($_POST['content']));
$visible = _checkboxLoad('visible');
$public = _checkboxLoad('public');
$class = trim($_POST['class']);
if ($class === '') {
$class = null;
} else {
$class = DB::esc(_htmlStr($class));
}
// vlozeni
DB::query("INSERT INTO `" . _mysql_prefix . "-boxes` (ord,title,content,visible,public,`column`,class) VALUES (" . $ord . ",'" . $title . "','" . $content . "'," . $visible . "," . $public . ",'" . DB::esc($column) . "'," . (isset($class) ? '\'' . $class . '\'' : 'NULL') . ")");
define('_redirect_to', 'index.php?p=content-boxes-edit&c=' . urlencode($column) . '&created');
return;
}
/* --- vystup --- */
$output .= "\n<a href='index.php?p=" . ($returntolist ? "content-boxes-edit&c=" . urlencode($c) : "content-boxes") . "' class='backlink'>< " . $_lang['global.return'] . "</a>\n<h1>" . $_lang['admin.content.boxes.new.title'] . "</h1>\n<p class='bborder'></p>\n\n<form class='cform' action='index.php?p=content-boxes-new&c=" . urlencode($c) . "' method='post'>\n\n<table class='formtable'>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n<td><input type='text' name='title' class='inputmedium' maxlength='96' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.boxes.column'] . "</strong></td>\n<td><input type='text' maxlength='64' name='column' value='" . _htmlStr($c) . "' class='inputmedium' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n<td><input type='text' name='ord' value='1' class='inputmedium' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.class'] . "</strong></td>\n<td><input type='text' name='class' class='inputmedium' maxlength='24' /></td>\n</tr>\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['admin.content.form.content'] . "</strong></td>\n<td><textarea name='content' class='areasmall_100pwidth codemirror' rows='9' cols='33'></textarea></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n<td>\n<label><input type='checkbox' name='visible' value='1' checked='checked' /> " . $_lang['admin.content.form.visible'] . "</label> \n<label><input type='checkbox' name='public' value='1' checked='checked' /> " . $_lang['admin.content.form.public'] . "</label>\n</td>\n</tr>\n\n<tr>\n<td></td>\n<td><input type='submit' value='" . $_lang['global.create'] . "' /></td>\n</tr>\n\n</table>\n\n" . _xsrfProtect() . "</form>\n\n";
/**
* Vydumpovat hodnotu
*
* @param mixed $value
* @param int $level
* @return string
*/
protected function dump($value, $level = 0)
{
if (is_object($value)) {
return 'object(' . get_class($value) . ')';
} elseif (is_array($value)) {
if ($level > 9) {
return 'array(' . sizeof($value) . ')';
}
$out = "array(" . sizeof($value) . ") {\n";
$padding = str_repeat(' ', $level + 1);
foreach ($value as $key => $val) {
$out .= $padding . _htmlStr($key) . ' => ' . $this->dump($val, $level + 1) . "\n";
}
$out .= '}';
return $out;
} elseif (is_string($value)) {
return 'string(' . strlen($value) . ') "' . _htmlStr(_cutStr($value, 192)) . """;
} elseif (is_int($value)) {
return 'int(' . $value . ')';
} elseif (is_float($value)) {
return 'float(' . $value . ')';
} elseif (is_bool($value)) {
return 'bool(' . ($value ? 'true' : 'false') . ')';
} else {
return gettype($value);
}
}
$message = _formMessage($done === $total ? 1 : 2, sprintf($_lang['admin.content.manageimgs.upload.msg'], $done, $total));
break;
}
}
/* --- odstraneni obrazku --- */
if (isset($_GET['del']) && _xsrfCheck(true) && $continue) {
$del = intval($_GET['del']);
_tmpGalStorageCleanOnDel('id=' . $del . ' AND home=' . $g);
DB::query("DELETE FROM `" . _mysql_prefix . "-images` WHERE id=" . $del . " AND home=" . $g);
if (DB::affectedRows() === 1) {
$message = _formMessage(1, $_lang['global.done']);
}
}
/* --- vystup --- */
if ($continue) {
$output .= "\n<a href='index.php?p=content-editgallery&id=" . $g . "' class='backlink'>< návrat zpět</a>\n<h1>" . $_lang['admin.content.manageimgs.title'] . "</h1>\n<p class='bborder'>" . str_replace("*galtitle*", $galdata['title'], $_lang['admin.content.manageimgs.p']) . "</p>\n\n" . $message . "\n\n<script type='text/javascript'>\n/* <![CDATA[ */\n\$(document).ready(function(){\n \$('.hs_fieldset').each(function(){\n var fieldset = this;\n var link = \$(fieldset).find('legend > a').get(0);\n var form = \$(fieldset).children('form');\n \$(form).hide();\n \$(link).click(function(){\n \$(form).slideToggle('fast');\n\n return false;\n });\n });\n});\n/* ]]> */\n</script>\n\n<fieldset>\n<legend>" . $_lang['admin.content.manageimgs.upload'] . "</legend>\n<form action='index.php?p=content-manageimgs&g=" . $g . "' method='post' enctype='multipart/form-data'>\n <p>" . sprintf($_lang['admin.content.manageimgs.upload.text'], _galuploadresize_w, _galuploadresize_h) . "</p>\n <input type='hidden' name='xaction' value='7' />\n <div id='fmanFiles'><input type='file' name='uf0[]' multiple='multiple' /> <a href='#' onclick='return _sysFmanAddFile();'>" . $_lang['admin.fman.upload.addfile'] . "</a></div>\n <div class='hr'><hr /></div>\n <p>\n <input type='submit' value='" . $_lang['admin.content.manageimgs.upload.submit'] . "' />" . (($uplimit = _getUploadLimit(true)) !== null ? " <small>" . $_lang['global.uploadlimit'] . ": <em>" . _getUploadLimit() . "MB</em>, " . $_lang['global.uploadext'] . ": <em>" . implode(', ', SL::$imageExt) . "</em></small>" : '') . "<br />\n <label><input type='checkbox' value='1' name='moveords' checked='checked' /> " . $_lang['admin.content.manageimgs.moveords'] . "</label>\n </p>\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n<fieldset class='hs_fieldset'>\n<legend><a href='#'>" . $_lang['admin.content.manageimgs.insert'] . "</a> <small>(" . $_lang['admin.content.manageimgs.insert.tip'] . ")</small></legend>\n<form action='index.php?p=content-manageimgs&g=" . $g . "' method='post' name='addform' onsubmit='_sysGalTransferPath(this);'>\n<input type='hidden' name='xaction' value='1' />\n\n<table>\n<tr class='valign-top'>\n\n<td>\n <table>\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n <td><input type='text' name='title' class='inputmedium' maxlength='64' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n <td><input type='text' name='ord' class='inputsmall' disabled='disabled' /> <label><input type='checkbox' name='moveords' value='1' checked='checked' onclick=\"_sysDisableField(this.checked, 'addform', 'ord');\" /> " . $_lang['admin.content.manageimgs.moveords'] . "</label></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.manageimgs.prev'] . "</strong></td>\n <td><input type='text' name='prev' class='inputsmall' disabled='disabled' /> <label><input type='checkbox' name='autoprev' value='1' checked='checked' onclick=\"_sysDisableField(this.checked, 'addform', 'prev');\" /> " . $_lang['admin.content.manageimgs.autoprev'] . "</label></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.manageimgs.full'] . "</strong></td>\n <td><input type='text' name='full' class='inputmedium' /></td>\n </tr>\n\n <tr>\n <td></td>\n <td><input type='submit' value='" . $_lang['global.insert'] . "' /></td>\n </tr>\n\n </table>\n</td>\n\n<td>\n" . (_loginright_adminfman ? "<div id='gallery-browser'>\n " . (!isset($_GET['browserpath']) ? "<a href='#' onclick=\"return _sysGalBrowse('" . urlencode(_upload_dir) . (_loginright_adminfmanlimit ? _loginname . '%2F' : '') . "');\"><img src='images/icons/loupe.png' alt='browse' class='icon' />" . $_lang['admin.content.manageimgs.insert.browser.link'] . "</a>" : "<script type='text/javascript'>_sysGalBrowse('" . _htmlStr($_GET['browserpath']) . "');</script>") . "\n</div>" : '') . "\n</td>\n\n</tr>\n</table>\n\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n";
// strankovani
$paging = _resultPaging("index.php?p=content-manageimgs&g=" . $g, $galdata['var2'], "images", "home=" . $g);
$s = $paging[2];
$output .= "\n<fieldset>\n<legend>" . $_lang['admin.content.manageimgs.current'] . "</legend>\n<form action='index.php?p=content-manageimgs&g=" . $g . "&page=" . $s . "' method='post' name='editform'>\n<input type='hidden' name='xaction' value='4' />\n\n<input type='submit' value='" . $_lang['admin.content.manageimgs.savechanges'] . "' class='gallery-savebutton' />\n" . $paging[0] . "\n<div class='cleaner'></div>";
// vypis obrazku
$images = DB::query("SELECT * FROM `" . _mysql_prefix . "-images` WHERE home=" . $g . " ORDER BY ord " . $paging[1]);
$images_forms = array();
if (DB::size($images) != 0) {
// sestaveni formularu
while ($image = DB::row($images)) {
// kod nahledu
$preview = _galleryImage($image, "1", $galdata['var4'], $galdata['var3']);
// kod formulare
$images_forms[] .= "\n<table>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_title' class='inputmedium' value='" . $image['title'] . "' maxlength='64' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_ord' class='inputmedium' value='" . $image['ord'] . "' /></td>\n</tr>\n\n" . (!$image['in_storage'] ? "<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.manageimgs.prev'] . "</strong></td>\n<td><input type='hidden' name='i" . $image['id'] . "_prevtrigger' value='1' /><input type='text' name='i" . $image['id'] . "_prev' class='inputsmall' value='" . $image['prev'] . "'" . _inputDisable($image['prev'] != "") . " /> <label><input type='checkbox' name='i" . $image['id'] . "_autoprev' value='1' onclick=\"_sysDisableField(checked, 'editform', 'i" . $image['id'] . "_prev');\"" . _checkboxActivate($image['prev'] == "") . " /> " . $_lang['admin.content.manageimgs.autoprev'] . "</label></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.manageimgs.full'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_full' class='inputmedium' value='" . $image['full'] . "' /></td>\n</tr>" : '') . "\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['global.preview'] . "</strong></td>\n<td>" . $preview . "<br /><br /><a href='" . _xsrfLink("index.php?p=content-manageimgs&g=" . $g . "&page=" . $s . "&del=" . $image['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['admin.content.manageimgs.delete'] . "</a></td>\n</tr>\n\n</table>\n ";
}
}
// radek vystupu
echo "<tr class='valign-top'>";
foreach ($fields as $field) {
if (mb_substr_count($item[$field], "\n") == 0) {
$content = _htmlStr($item[$field]);
} else {
$content = "<textarea rows='8' cols='80' readonly='readonly'>" . _htmlStr($item[$field]) . "</textarea>";
}
echo "<td>" . $content . "</td>";
}
echo "</tr>\n";
}
echo "</table>";
} else {
if ($aff_rows == 0) {
echo "\n<p>" . $_lang['admin.other.sqlex.null'] . "</p>\n";
} else {
echo "\n<p><strong>" . $_lang['admin.other.sqlex.affected'] . ":</strong> " . $aff_rows . "</p>\n";
}
}
} else {
echo "<h3>" . $_lang['global.error'] . ":</h3>\n<pre>" . _htmlStr(DB::error()) . "</pre>";
}
}
?>
</div>
</body>
</html>
$handle = opendir($backup_dir);
while (false !== ($item = readdir($handle))) {
if ($item === '.' || $item === '..' || !is_file($backup_dir . $item)) {
continue;
}
$backups[] = $item;
}
// serazeni a vypis
if (!empty($backups)) {
natsort($backups);
$output .= "<table class='list'>\n<thead><tr><td>" . $_lang['admin.other.backup.restore.item'] . "</td><td>" . $_lang['global.type'] . "</td><td>" . $_lang['global.time'] . "</td><td>" . $_lang['global.note'] . "</td><td>" . $_lang['global.size'] . "</td><td>" . $_lang['global.extra'] . "</td></tr></thead>\n<tbody>\n";
foreach ($backups as $file) {
// info o archivu
$file_err = false;
$file_vars = _backupCheckFile($backup_dir . $file, array(_backup_db, _backup_partial), true);
if (!is_array($file_vars)) {
$file_err = true;
}
$file_h = _htmlStr($file);
// polozka
$output .= "<tr>\n<td><label><input type='radio' name='fname' value='" . $file_h . "'" . ($file_err ? " disabled='disabled'" : '') . " /> " . $file_h . "</label></td>\n<td>" . ($file_err ? '-' : $_lang['admin.other.backup.backup.' . ($file_vars['type'] === _backup_db ? 'db' : 'partial')]) . "</td>\n<td>" . ($file_err ? '-' : _formatTime($file_vars['time'])) . "</td>\n<td>" . ($file_err ? "<img src='images/icons/warn.png' alt='err' /> " . $_lang['global.error'] : (empty($file_vars['note']) ? '-' : _htmlStr(_cutStr($file_vars['note'], 48, false)))) . "</td>\n<td>" . number_format(filesize($backup_dir . $file) / 1024, 0, '.', ' ') . "kB</td>\n<td><a href='" . $backup_dir . $file_h . "'>" . $_lang['global.download'] . "</a></td>\n</tr>\n";
}
$output .= "</tbody></table><br />\n\n<p><strong>" . $_lang['global.action'] . ":</strong> \n<select name='sub_action'>\n <option value='-1'>...</option>\n <option value='1'>" . $_lang['admin.other.backup.restore.do'] . "</option>\n <option value='2'>" . $_lang['global.delete'] . "</option>\n</select> \n<input type='submit' value='" . $_lang['global.do'] . "' onclick='return _sysConfirm();' /> \n<a href='index.php?p=fman&dir=" . urlencode('../data/backup/') . "'><img src='images/icons/list.png' class='icon' alt='fman' />" . $_lang['admin.other.backup.restore.fman'] . "</a>\n</p>\n\n" . _admin_smallNote($_lang['admin.other.backup.restore.warning'], true, 'warn');
} else {
$output .= '<p>' . $_lang['admin.other.backup.restore.none'] . '</p>';
}
$output .= "\n</fieldset>\n" . _xsrfProtect() . "</form>\n";
} else {
/* ----- volba akce ----- */
$output .= (_loginright_adminbackup ? "\n<fieldset>\n<legend>" . $_lang['admin.other.backup.backup'] . "</legend>\n<form action='index.php?p=other-backup' method='post'>\n<p>" . $_lang['admin.other.backup.backup.p'] . "</p>\n\n<input type='hidden' name='do_backup' value='1' />\n<p><input type='submit' value='" . $_lang['admin.other.backup.backup.db'] . "' name='type_db' /> <small class='note'>(" . $_lang['admin.other.backup.backup.db.hint'] . ")</small></p>\n<p><input type='submit' value='" . $_lang['admin.other.backup.backup.partial'] . "' name='type_partial' /> <small class='note'>(" . $_lang['admin.other.backup.backup.partial.hint'] . ")</small></p>\n<p><input type='submit' value='" . $_lang['admin.other.backup.backup.full'] . "' name='type_full' /> <small class='note'>(" . $_lang['admin.other.backup.backup.full.hint'] . ")</small></p>\n\n" . _xsrfProtect() . "</form>\n</fieldset>" : '') . (_loginright_adminrestore ? "\n\n<fieldset>\n<legend>" . $_lang['admin.other.backup.restore'] . "</legend>\n<form class='cform' method='post'>\n<p>" . $_lang['admin.other.backup.restore.p'] . "</p>\n<p><input type='submit' name='do_restore' value='" . $_lang['global.continue'] . "' /></p>\n" . _xsrfProtect() . "</form>\n</fieldset>\n" : '');
}
// nacteni prijemcu
$query = DB::query("SELECT email FROM `" . _mysql_prefix . "-users` WHERE massemail=1 AND (" . $groups . ")");
// odeslani nebo zobrazeni adres
if (!$maillist) {
// priprava
$rec_buffer = array();
$rec_buffer_size = 20;
$rec_buffer_counter = 0;
$item_counter = 0;
$item_total = DB::size($query);
// poznamka na konci zpravy
$notice = str_replace('*domain*', _getDomain(), $_lang['admin.other.massemail.emailnotice']);
if ($ctype == 1) {
$notice = "\n\n\n-------------------------------------\n" . $notice;
} else {
$notice = "<br><br><hr><p><small>" . _htmlStr($notice) . "</small></p>";
}
$text .= $notice;
// postupne odesilani po skupinach
$done = 0;
while ($item = DB::row($query)) {
$rec_buffer[] = $item['email'];
++$rec_buffer_counter;
++$item_counter;
if ($rec_buffer_counter === $rec_buffer_size || $item_counter === $item_total) {
// odeslani emailu
if (_mail('', $subject, $text, "Bcc: " . implode(",", $rec_buffer) . "\n" . $headers)) {
$done += sizeof($rec_buffer);
}
$rec_buffer = array();
$rec_buffer_counter = 0;
/* --- vystup --- */
if ($continue) {
$nokit = false;
// zprava
if (isset($_GET['created'])) {
$message = _formMessage(1, $_lang['global.created']);
}
$output .= "<div class='hr'><hr /></div><br />" . $message . "\n<form class='cform' action='index.php?p=content-boxes-edit&c=" . urlencode($c) . "&saved' method='post'>\n<input type='hidden' name='do' value='1' />\n<p><input type='submit' value='" . $_lang['admin.content.boxes.saveboxeschanges'] . "' /> <a href='index.php?p=content-boxes-new&c=" . urlencode($c) . "'><img src='images/icons/new.png' alt='new' class='icon' />" . $_lang['admin.content.boxes.create'] . "</a></p>\n<table id='boxesedit'>\n";
$query = DB::query("SELECT * FROM `" . _mysql_prefix . "-boxes` WHERE `column`='" . DB::esc($c) . "' ORDER BY ord");
if (DB::size($query) != 0) {
$isfirst = true;
while ($item = DB::row($query)) {
if ($isfirst) {
$output .= "\n\n\n\n<tr>\n\n\n\n";
}
$output .= "\n <td class='cell'>\n <div>\n <table class='formtable'>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n <td><input type='text' name='" . $item['id'] . "-title' value='" . $item['title'] . "' class='inputmedium' maxlength='96' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.boxes.column'] . "</strong></td>\n <td><input type='text' maxlength='64' name='" . $item['id'] . "-column' value='" . _htmlStr($item['column']) . "' class='inputmedium' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n <td><input type='text' name='" . $item['id'] . "-ord' value='" . $item['ord'] . "' class='inputmedium' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.class'] . "</strong></td>\n <td><input type='text' name='" . $item['id'] . "-class' value='" . $item['class'] . "' class='inputmedium' maxlength='24' /></td>\n </tr>\n\n <tr class='valign-top'>\n <td class='rpad'><strong>" . $_lang['admin.content.form.content'] . "</strong></td>\n <td><textarea name='" . $item['id'] . "-content' class='areasmall_100pwidth codemirror' rows='9' cols='33'>" . _htmlStr($item['content']) . "</textarea></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n <td>\n <label><input type='checkbox' name='" . $item['id'] . "-visiblenew' value='1'" . _checkboxActivate($item['visible']) . " /> " . $_lang['admin.content.form.visible'] . "</label> \n <label><input type='checkbox' name='" . $item['id'] . "-publicnew' value='1'" . _checkboxActivate($item['public']) . " /> " . $_lang['admin.content.form.public'] . "</label>\n <input type='hidden' name='" . $item['id'] . "-visible' value='1' />\n <input type='hidden' name='" . $item['id'] . "-public' value='1' />\n <a href='" . _xsrfLink("index.php?p=content-boxes-edit&c=" . urlencode($c) . "&del=" . $item['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['admin.content.boxes.delete'] . "</a>\n </td>\n </tr>\n\n </table>\n </div>\n </td>\n ";
if (!$isfirst) {
$output .= "\n\n\n\n</tr>\n\n\n\n";
}
$isfirst = !$isfirst;
}
// dodatecne uzavreni radku tabulky (pri lichem poctu boxu)
if (!$isfirst) {
$output .= "\n\n\n\n</tr>\n\n\n\n";
}
} else {
$nokit = true;
$output .= '<tr><td>' . $_lang['global.nokit'] . '</td></tr>';
}
$output .= "</table>\n" . ($nokit ? '' : "<p><input type='submit' value='" . $_lang['admin.content.boxes.saveboxeschanges'] . "' /></p>") . "\n" . _xsrfProtect() . "</form>";
} else {
/**
* List action
* @param array $params
* @param array $action
* @param AdminBread $bread
* @return array
*/
public static function listAction(array $params, array $action, AdminBread $bread)
{
/* ----- prepare query ----- */
// format condition
if ('1' !== $action['query_cond']) {
$cond = $bread->formatSql($action['query_cond'], $action['query_cond_params']);
} else {
$cond = $action['query_cond'];
}
// format sql
$sql = $bread->formatSql($action['query'], array('columns' => $action['columns'], 'table' => '`' . $bread->formatTable($bread->table) . "`", 'table_alias' => $bread->tableAlias, 'cond' => $cond));
// add order by
if (!empty($action['query_orderby'])) {
$sql .= " ORDER BY {$action['query_orderby']}";
}
/* ----- init paginator ----- */
if ($action['paginator']) {
$total = DB::query_row('SELECT COUNT(*) total FROM `' . $bread->formatTable($bread->table) . '` ' . $bread->tableAlias . ' WHERE ' . $cond);
$paging = _resultPaging(_htmlStr($params['url']), $action['paginator_size'], intval($total['total']));
$sql .= " {$paging[1]}";
} else {
$paging = null;
}
/* ----- fetch data ----- */
$result = DB::query($sql);
if (false === $result) {
return array(null, self::ACTION_ERR);
}
/* ----- render ----- */
$out = $bread->render($action['template'], array('result' => $result, 'count' => DB::size($result), 'paging' => $paging, 'self' => $params['action']));
DB::free($result);
// return
return array(null, $out);
}
}
/* --- modul --- */
$list = false;
$mod_title = 'mod.messages';
// obsah
switch ($a) {
/* --- nova zprava --- */
case 'new':
// titulek
$mod_title = 'mod.messages.new';
// odeslani
if (isset($_POST['receiver'])) {
// nacteni dat
$receiver = _post('receiver');
$subject = _htmlStr(_wsTrim(_cutStr(_post('subject'), 22, false)));
$text = _htmlStr(_wsTrim(_cutStr(_post('text'), 16384, false)));
// kontrola a odeslani
do {
/* --- kontrola --- */
// text
if ($text === '') {
$message = _formMessage(2, $_lang['mod.messages.error.notext']);
break;
}
// predmet
if ($subject === '') {
$message = _formMessage(2, $_lang['mod.messages.error.nosubject']);
break;
}
// prijemce
if ($receiver !== '') {
<?php
/* --- incializace jadra --- */
require './require/load.php';
SL::init('./');
/* --- zpracovani --- */
_checkKeys('_POST', array('content'));
echo _parsePost(_htmlStr(strval($_POST['content'])));
$root = isset($_GET['root']) ? '1' : '0';
$art = isset($_GET['art']) ? '1' : '0';
$post = isset($_GET['post']) ? '1' : '0';
$image = isset($_GET['img']) ? '1' : '0';
} else {
$search_query = '';
$root = 1;
$art = 1;
$post = 1;
$image = 0;
}
/* --- modul --- */
if (_template_autoheadings == 1) {
$module .= "<h1>" . $_lang['mod.search'] . "</h1>";
}
$module .= "\n<p class='bborder'>" . $_lang['mod.search.p'] . "</p>\n\n<form action='index.php' method='get'>\n<input type='hidden' name='m' value='search' />\n" . _xsrfProtect() . "\n<input type='text' name='q' class='inputmedium' value='" . _htmlStr($search_query) . "' /> <input type='submit' value='" . $_lang['mod.search.submit'] . "' /><br />\n" . $_lang['mod.search.where'] . ": \n<label><input type='checkbox' name='root' value='1'" . _checkboxActivate($root) . " /> " . $_lang['mod.search.where.root'] . "</label> \n<label><input type='checkbox' name='art' value='1'" . _checkboxActivate($art) . " /> " . $_lang['mod.search.where.articles'] . "</label> \n<label><input type='checkbox' name='post' value='1'" . _checkboxActivate($post) . " /> " . $_lang['mod.search.where.posts'] . "</label> \n<label><input type='checkbox' name='img' value='1'" . _checkboxActivate($image) . " /> " . $_lang['mod.search.where.images'] . "</label>\n</form>\n\n";
/* --- vyhledavani --- */
if ($search_query != '' && _xsrfCheck(true)) {
if (mb_strlen($search_query) >= 3) {
// priprava
$search_query_sql = DB::esc('%' . $search_query . '%');
$results = array();
// polozka: array(link, titulek, perex)
$public = !_loginindicator;
// funkce na skladani vyhledavaciho dotazu
function _tmpSearchQuery($alias, $cols)
{
$output = '(';
for ($i = 0, $last = sizeof($cols) - 1; isset($cols[$i]); ++$i) {
$output .= $alias . '.' . $cols[$i] . ' LIKE \'' . $GLOBALS['search_query_sql'] . '\'';
if ($i !== $last) {
if ($newpassword == $newpassword_confirm) {
if ($newpassword != "") {
$passwordchange = true;
$newpassword = _md5Salt($newpassword);
} else {
$errors[] = $_lang['mod.settings.error.badnewpass'];
}
} else {
$errors[] = $_lang['mod.settings.error.newpassnosame'];
}
} else {
$errors[] = $_lang['mod.settings.error.badcurrentpass'];
}
}
// note
$note = DB::esc(_htmlStr(_wsTrim(mb_substr($_POST['note'], 0, 1024))));
// language
if (_language_allowcustom) {
$language = DB::esc(_anchorStr($_POST['language'], false));
if (!@file_exists(_indexroot . "plugins/languages/" . $language . ".php")) {
$language = "";
}
}
// extend
$extra = array();
_extend('call', 'mod.settings.submit', array('query' => &$extra, 'current_query' => $query, 'errors' => &$errors));
/* -- ulozeni nebo seznam chyb -- */
if (count($errors) == 0) {
// extra polozky
if (_loginright_administration) {
$extra['wysiwyg'] = $wysiwyg;
echo $_lang['admin.other.php.html'];
?>
</label>
<?php
echo _xsrfProtect();
?>
</form>
<?php
if ($process) {
$html = isset($_POST['html']);
echo '<h2>' . $_lang['global.result'] . '</h2>';
if (!$html) {
echo '<br /><pre>';
ob_start();
} else {
echo '<br />';
}
eval($code);
if (!$html) {
$data = _htmlStr(ob_get_contents());
ob_end_clean();
echo $data . '</pre>';
}
}
?>
</div>
</body>
</html>
/* --- priprava, kontrola pristupovych prav --- */
$message = "";
if (!(_loginright_adminsection or _loginright_admincategory or _loginright_adminbook or _loginright_adminseparator or _loginright_admingallery or _loginright_adminintersection or _loginright_adminpluginpage)) {
$continue = false;
$output .= _formMessage(3, $_lang['global.accessdenied']);
} else {
$continue = true;
}
/* --- akce --- */
if ($continue && isset($_POST['do'])) {
foreach ($_POST as $id => $title) {
if ($id == "do") {
continue;
}
$id = intval($id);
$title = DB::esc(_htmlStr(trim($title)));
if ($title == "") {
$title = $_lang['global.novalue'];
}
DB::query("UPDATE `" . _mysql_prefix . "-root` SET title='" . $title . "' WHERE id=" . $id);
}
$message = _formMessage(1, $_lang['global.saved']);
}
/* --- vystup --- */
if ($continue) {
$output .= "<p class='bborder'>" . $_lang['admin.content.titles.p'] . "</p>" . $message . "\n\n<form action='index.php?p=content-titles' method='post'>\n<input type='hidden' name='do' value='1' />\n\n<table>\n<tr><td><strong>" . $_lang['global.item'] . "</strong></td><td class='lpad'><strong>" . $_lang['global.type'] . "</strong></td></tr>\n";
// funkce
function _admin_titleListItem($item, $ipad = false)
{
global $_lang;
$type_array = _admin_getTypeArray();
$new = true;
$actionbonus = "";
$submitcaption = $_lang['global.create'];
$continue = true;
}
/* --- ulozeni / vytvoreni --- */
if (isset($_POST['question'])) {
// nacteni promennych
$question = _htmlStr(trim($_POST['question']));
$query['question'] = $question;
$question = DB::esc($question);
// odpovedi
$answers = @explode("\n", $_POST['answers']);
$answers_new = array();
foreach ($answers as $answer) {
$answers_new[] = _htmlStr(trim($answer));
}
$answers = _arrayRemoveValue($answers_new, "");
$answers_count = count($answers);
$answers = @implode("\n", $answers);
$query['answers'] = $answers;
if (_loginright_adminpollall) {
$author = intval($_POST['author']);
} else {
$author = _loginid;
}
$locked = _checkboxLoad("locked");
$reset = _checkboxLoad("reset");
// kontrola promennych
$errors = array();
if ($question == "") {
}
if (isset($_GET['created'])) {
$message = _formMessage(1, $_lang['global.created']);
}
// wysiwyg editor
$output .= _admin_wysiwyg();
// vypocet hodnoceni
if (!$new) {
if ($query['ratenum'] != 0) {
$rate = DB::result(DB::query("SELECT ROUND(ratesum/ratenum) FROM `" . _mysql_prefix . "-articles` WHERE id=" . $query['id']), 0) . "%, " . $query['ratenum'] . "x";
} else {
$rate = $_lang['article.rate.nodata'];
}
} else {
$rate = "";
}
// seo title input
$seo_input = "<input type='text' name='title_seo' value='" . $query['title_seo'] . "' maxlength='255' class='input" . ($author_select != '' ? 'medium' : 'big') . "' />";
// obrazek
$picture = '';
if (isset($query['picture_uid'])) {
$picture .= "<img src='" . _pictureStorageGet(_indexroot . 'pictures/articles/', null, $query['picture_uid'], 'jpg') . "' alt='article picture' id='is-picture-file' />\n<label id='is-picture-delete'><input type='checkbox' name='picture-delete' value='1' /> <img src='images/icons/delete3.png' class='icon' alt='" . $_lang['global.delete'] . "' /></label>";
} else {
$picture .= "<img src='images/art-no-pic.png' alt='no picture' />\n";
}
$picture .= "<input type='file' name='picture' id='is-picture-upload' />\n";
// formular
$output .= "\n<a href='" . $backlink . "' class='backlink'>< " . $_lang['global.return'] . "</a>\n<h1>" . $_lang['admin.content.articles.edit.title'] . "</h1>\n<p class='bborder'>" . $_lang['admin.content.articles.edit.p'] . "</p>" . $message . "\n\n" . (($new == true and _loginright_adminneedconfirm) ? _admin_smallNote($_lang['admin.content.articles.edit.newconfnote']) : '') . "\n" . ($query['confirmed'] != 1 ? _admin_smallNote($_lang['admin.content.articles.edit.confnote']) : '') . "\n\n" . (!$new && DB::result(DB::query('SELECT COUNT(*) FROM `' . _mysql_prefix . '-articles` WHERE `id`!=' . $query['id'] . ' AND `home1`=' . $query['home1'] . ' AND `title_seo`=\'' . $query['title_seo'] . '\''), 0) != 0 ? _formMessage(2, $_lang['admin.content.form.title_seo.collision']) : '') . "\n\n<form class='cform' action='index.php?p=content-articles-edit" . $actionplus . "' method='post' enctype='multipart/form-data' name='artform'" . _jsCheckForm("artform", array("title")) . ">\n\n<table class='formtable'>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['article.category'] . "</strong></td>\n<td>" . _admin_rootSelect("home1", 2, $query['home1'], false) . " " . _admin_rootSelect("home2", 2, $query['home2'], true) . " " . _admin_rootSelect("home3", 2, $query['home3'], true) . "</td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n<td><input type='text' name='title' value='" . $query['title'] . "' class='inputbig' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title_seo'] . "</strong></td>\n<td>" . ($author_select == '' ? $seo_input : "\n <table class='ae-twoi'><tr>\n <td>" . $seo_input . "</td>\n <td class='rpad'><strong>" . $_lang['article.author'] . "</strong></td>\n <td>" . $author_select . "</td>\n </tr></table>\n") . "</td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.description'] . "</strong></td>\n<td>\n <table class='ae-twoi'><tr>\n <td><input type='text' name='description' value='" . $query['description'] . "' maxlength='128' class='inputmedium' /></td>\n <td class='rpad'><strong>" . $_lang['admin.content.form.keywords'] . "</strong></td>\n <td><input type='text' name='keywords' value='" . $query['keywords'] . "' maxlength='128' class='inputmedium' /></td>\n </tr></table>\n</td>\n</tr>\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['admin.content.form.perex'] . "</strong></td>\n<td><textarea name='perex' rows='9' cols='94' class='areabigperex codemirror'>" . _htmlStr($query['perex']) . "</textarea></td>\n</tr>\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['admin.content.form.content'] . "</strong>" . $artlink . "</td>\n<td>\n\n <table id='ae-table'>\n <tr class='valign-top'>\n <td id='content-cell'>\n <textarea name='content' rows='25' cols='68' class='wysiwyg_editor" . (!_wysiwyg || !_loginwysiwyg ? ' codemirror' : '') . "'>" . _htmlStr($query['content']) . "</textarea>\n </td>\n <td id='is-cell'>\n <div id='is-cell-wrapper'>\n <div id='is-cell-content'>\n\n <h2>" . $_lang['admin.content.form.picture'] . "</h2>\n <div id='is-picture'>" . $picture . "</div>\n\n <h2>" . $_lang['admin.content.form.settings'] . "</h2>\n <p id='is-settings'>\n <label><input type='checkbox' name='public' value='1'" . _checkboxActivate($query['public']) . " /> " . $_lang['admin.content.form.public'] . "</label>\n <label><input type='checkbox' name='visible' value='1'" . _checkboxActivate($query['visible']) . " /> " . $_lang['admin.content.form.visible'] . "</label>\n " . (_loginright_adminconfirm || !_loginright_adminneedconfirm && $query['author'] == _loginid ? "<label><input type='checkbox' name='confirmed' value='1'" . _checkboxActivate($query['confirmed']) . " /> " . $_lang['admin.content.form.confirmed'] . "</label>" : '') . "\n <label><input type='checkbox' name='comments' value='1'" . _checkboxActivate($query['comments']) . " /> " . $_lang['admin.content.form.comments'] . "</label>\n <label><input type='checkbox' name='commentslocked' value='1'" . _checkboxActivate($query['commentslocked']) . " /> " . $_lang['admin.content.form.commentslocked'] . "</label>\n <label><input type='checkbox' name='rateon' value='1'" . _checkboxActivate($query['rateon']) . " /> " . $_lang['admin.content.form.artrate'] . "</label>\n <label><input type='checkbox' name='showinfo' value='1'" . _checkboxActivate($query['showinfo']) . " /> " . $_lang['admin.content.form.showinfo'] . "</label>\n " . (!$new ? "<label><input type='checkbox' name='resetrate' value='1' /> " . $_lang['admin.content.form.resetartrate'] . " <small>(" . $rate . ")</small></label>" : '') . "\n " . (!$new ? "<label><input type='checkbox' name='delcomments' value='1' /> " . $_lang['admin.content.form.delcomments'] . " <small>(" . DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-posts` WHERE home=" . $query['id'] . " AND type=2"), 0) . ")</small></label>" : '') . "\n " . (!$new ? "<label><input type='checkbox' name='resetread' value='1' /> " . $_lang['admin.content.form.resetartread'] . " <small>(" . $readed_counter . ")</small></label>" : '') . "\n </p>\n\n <h2>" . $_lang['admin.content.form.infobox'] . "</h2>\n <div id='infobox-wrapper'>\n <textarea name='infobox' rows='10' cols='20' class='codemirror'>" . _htmlStr($query['infobox']) . "</textarea>\n </div>\n\n </div>\n </div>\n </td>\n </tr>\n </table>\n\n</td>\n</tr>\n\n<tr id='time-cell'>\n<td class='rpad'><strong>" . $_lang['article.posted'] . "</strong></td>\n<td>" . _editTime('time', $query['time'], true, $new) . "</td>\n</tr>\n\n<tr>\n<td></td>\n<td id='ae-lastrow'><br /><input type='submit' value='" . $_lang[$submittext] . "' />\n" . (!$new ? "\n \n<span class='customsettings'><a href='index.php?p=content-articles-delete&id=" . $query['id'] . "&returnid=" . $query['home1'] . "&returnpage=1'><span><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['global.delete'] . "</span></a></span> \n<span class='customsettings'><small>" . $_lang['admin.content.form.thisid'] . " " . $query['id'] . "</small></span>\n" : '') . "\n\n</td>\n</tr>\n\n</table>\n\n" . _xsrfProtect() . "</form>\n\n";
} else {
$output .= "<a href='index.php?p=content-articles' class='backlink'>< " . $_lang['global.return'] . "</a>\n<h1>" . $_lang['admin.content.articles.edit.title'] . "</h1>\n" . _formMessage(3, $_lang['global.badinput']);
}
$iteminfo = pathinfo($item);
$image = false;
if (!isset($iteminfo['extension'])) {
$iteminfo['extension'] = "";
}
$ext = mb_strtolower($iteminfo['extension']);
if (in_array($ext, array("rar", "zip", "tar", "gz", "tgz", "7z", "cab", "xar", "xla", "777", "alz", "arc", "arj", "bz", "bz2", "bza", "bzip2", "dz", "gza", "gzip", "lzma", "lzs", "lzo", "s7z", "taz", "tbz", "tz", "tzip"))) {
$icon = "archive";
} elseif (in_array($ext, array("jpg", "jpeg", "png", "gif", "bmp", "jp2", "tga", "pcx", "tif", "ppf", "pct", "pic", "ai", "ico"))) {
$icon = "image";
$image = true;
} elseif (in_array($ext, array("sql", "php", "php3", "php4", "php5", "phtml", "py", "asp", "cgi", "shtml", "htaccess", "txt", "nfo", "rtf", "html", "htm", "xhtml", "css", "js", "ini", "bat", "inf", "me", "inc", "xml"))) {
$icon = "editable";
} elseif (in_array($ext, array("wav", "mp3", "mid", "rmi", "wma", "mpeg", "mpg", "wmv", "3gp", "mp4", "m4a", "xac", "aif", "au", "avi", "voc", "snd", "vox", "ogg", "flac", "mov", "aac", "vob", "amr", "asf", "rm", "ra", "ac3", "swf", "flv"))) {
$icon = "media";
} elseif (in_array($ext, array("exe", "com", "bat", "dll"))) {
$icon = "executable";
} elseif (in_array($ext, array("sld"))) {
$icon = "sl";
} else {
$icon = "other";
}
if ($highlight) {
$hl_class = " class='hl'";
} else {
$hl_class = "";
}
print "\n<tr" . $hl_class . ">\n<td" . (!$image ? ' class="noimage" colspan="2"' : '') . "><a" . ($image ? ' href="../' . _htmlStr(mb_substr($dir . $item, mb_strlen(_indexroot))) . '" class="lightbox" data-fancybox-group="galbr" title="' . round(@filesize($dir . $item) / 1024) . 'kB" target="_blank"' : '') . "><img src='images/icons/fman/" . $icon . ".png' alt='file' class='icon' />" . _htmlStr(_cutStr($item, 32, false)) . "</a></td>\n" . ($image ? '<td><a href="#" onclick="return _sysGalSelect(\'' . _htmlStr(mb_substr($dir . $item, mb_strlen(_indexroot))) . '\')">' . $_lang['admin.content.manageimgs.insert.browser.use'] . '</a></td>' : '') . "\n</tr>\n";
$highlight = !$highlight;
}
print '</table>';
/**
* Inicializovat system
*
* @param string $root relativni cesta do korenoveho adresare
* @param string|null $configFile cesta ke konfiguracnimu skriptu nebo null(= vychozi)
* @param bool $envChanges provest zmeny v prostredi (error reporting, locale, header, ...) 1/0
* @param bool $lightMode odlehceny mod (pouze pripojeni k db, bez session, nastaveni, lokalizace, atd) 1/0
* @param bool $databaseEnabled inicializovat pripojeni k databazi 1/0
* @param bool $runCron automaticky spustit cron, je-li aktivovan 1/0
*/
public static function init($root, $configFile = null, $envChanges = true, $lightMode = false, $databaseEnabled = true, $runCron = true)
{
if (self::$initialized) {
throw new BadMethodCallException();
}
$initialized = true;
self::$start = microtime(true);
/* ---- konfigurace ---- */
if (null === $configFile) {
self::$configFile = $root . 'config.php';
} else {
self::$configFile = $configFile;
}
self::$envChanges = $envChanges;
self::$lightMode = $lightMode;
self::$databaseEnabled = $databaseEnabled;
self::$imageError = $root . 'remote/image_error.png';
// soubor s nastavenim
require self::$configFile;
// doplneni konfigurace (kvuli kompatibilite)
if (!isset($locale)) {
$locale = array('czech', 'utf8', 'cz_CZ');
}
if (!isset($timezone)) {
$timezone = 'Europe/Prague';
}
if (!isset($geo)) {
$geo = array(50.5, 14.26, 90.583333);
}
if (!isset($port)) {
// pokud neni uveden $port, muze byt definovan jako soucast $server (server:port)
if (false !== ($serverColonPos = strpos($server, ':'))) {
$port = (int) substr($server, $serverColonPos + 1);
$server = substr($server, 0, $serverColonPos);
} else {
$port = ini_get('mysqli.default_port');
}
}
// systemove konstanty
define('_indexroot', $root);
define('_core', '1');
define('_nl', "\n");
define('_sessionprefix', md5($server . $database . $user . $prefix) . '-');
if (!defined('_administration')) {
define('_administration', 0);
}
define('_dev', isset($dev) ? $dev : true);
// vyvojovy mod 1/0
define('_systemstate', 0);
// 0 = beta, 1 = rc, 2 = stable
define('_systemstate_revision', 0);
// revize systemu
define('_systemversion', '7.5.5');
// verze systemu
define('_mysql_prefix', $prefix);
define('_mysql_db', $database);
define('_upload_dir', _indexroot . 'upload/');
define('_plugin_dir', _indexroot . 'plugins/common/');
define('_tmp_dir', _indexroot . 'data/tmp/');
define('_void_file', _indexroot . 'data/void.nodelete');
define('_geo_latitude', $geo[0]);
define('_geo_longitude', $geo[1]);
define('_geo_zenith', $geo[2]);
/* ---- autoloader ---- */
require _indexroot . 'require/class/class_loader.php';
self::$classLoader = new ClassLoader();
self::$classLoader->setDebug(_dev)->registerClassMap(array('AdminBread' => _indexroot . 'require/class/admin_bread.php', 'Color' => _indexroot . 'require/class/color.php', 'DBDump' => _indexroot . 'require/class/dbdump.php', 'KZip' => _indexroot . 'require/class/kzip.php', 'KZipStream' => _indexroot . 'require/class/kzip.php', 'TreeManager' => _indexroot . 'require/class/tree_manager.php', 'TreeReader' => _indexroot . 'require/class/tree_reader.php', 'LangPack' => _indexroot . 'require/class/lang_pack.php', 'FileCache' => _indexroot . 'require/class/file_cache.php'))->register();
/* ---- upravy PHP prostredi ---- */
if ($envChanges) {
// kontrola verze PHP a pritomnosti rozsireni
if (version_compare(PHP_VERSION, '5.1.0', '<')) {
_systemFailure('Je vyžadováno PHP 5.1.0 nebo novější.');
}
if (!extension_loaded('mbstring')) {
_systemFailure('Chybí PHP rozšíření <code>mbstring</code> (Multibyte String Functions).');
}
if (!extension_loaded('mysqli')) {
_systemFailure('Chybí PHP rozšíření <code>mysqli</code>, které je potřebné pro práci s databází.');
}
// kontrola a nastaveni $_SERVER['REQUEST_URI']
if (!isset($_SERVER['REQUEST_URI'])) {
if (isset($_SERVER['HTTP_X_REWRITE_URL'])) {
$_SERVER['REQUEST_URI'] = $_SERVER['HTTP_X_REWRITE_URL'];
} elseif (isset($_SERVER['HTTP_REQUEST_URI'])) {
$_SERVER['REQUEST_URI'] = $_SERVER['HTTP_REQUEST_URI'];
} else {
if (isset($_SERVER['SCRIPT_NAME'])) {
$_SERVER['HTTP_REQUEST_URI'] = $_SERVER['SCRIPT_NAME'];
} else {
$_SERVER['HTTP_REQUEST_URI'] = $_SERVER['PHP_SELF'];
}
if (!empty($_SERVER['QUERY_STRING'])) {
$_SERVER['HTTP_REQUEST_URI'] .= '?' . $_SERVER['QUERY_STRING'];
}
$_SERVER['REQUEST_URI'] = $_SERVER['HTTP_REQUEST_URI'];
}
}
// vyruseni register_globals
if (ini_get('register_globals') != '') {
foreach (array_keys($_REQUEST) as $key) {
unset($GLOBALS[$key]);
}
}
// vypnuti magic_quotes
if (get_magic_quotes_gpc()) {
$search = array(&$_GET, &$_POST, &$_COOKIE);
for ($i = 0; isset($search[$i]); ++$i) {
foreach ($search[$i] as &$value) {
if (is_array($value)) {
$search[] =& $value;
} else {
$value = stripslashes($value);
}
}
unset($search[$i]);
}
if (function_exists('set_magic_quotes_runtime')) {
@set_magic_quotes_runtime(0);
}
unset($search, $i, $value);
}
// hlaseni chyb
$err_rep = E_ALL;
if (_dev) {
$disable = array();
} else {
$disable = array('E_NOTICE ', 'E_USER_NOTICE', 'E_DEPRECATED', 'E_STRICT');
}
for ($i = 0; isset($disable[$i]); ++$i) {
if (defined($disable[$i])) {
$err_rep &= ~constant($disable[$i]);
}
}
error_reporting($err_rep);
// casove pasmo
@setlocale(LC_TIME, $locale);
if (function_exists('date_default_timezone_set')) {
date_default_timezone_set($timezone);
}
// interni kodovani
mb_internal_encoding('UTF-8');
// vychozi hlavicky
if (!defined('_header')) {
header('Content-Type: text/html; charset=UTF-8');
header('Expires: ' . gmdate('D, d M Y H:i:s', time() - 604800) . ' GMT');
} elseif (_header) {
header(_header);
}
}
/* ---- nacteni funkci ---- */
require _indexroot . 'require/functions.php';
if (isset($_GET['___identify'])) {
echo 'SunLight CMS ', _systemversion, ' ', self::$states[_systemstate], _systemstate_revision;
exit;
}
/* ---- pripojeni k mysql ---- */
if ($databaseEnabled) {
$con = @mysqli_connect($server, $user, $password, $database, $port);
if (!is_object($con)) {
_systemFailure('Připojení k databázi se nezdařilo. Důvodem je pravděpodobně výpadek serveru nebo chybné přístupové údaje.</p><hr /><pre>' . _htmlStr(mysqli_connect_error()) . '</pre><hr /><p>Zkontrolujte přístupové údaje v souboru <em>config.php</em>.');
}
$con->set_charset('utf8');
DB::$con = $con;
DB::query('SET sql_mode=\'\'');
}
/* ---- konstanty nastaveni, jazykovy soubor, motiv, session ---- */
if (!$lightMode) {
// definovani konstant nastaveni
$query = DB::query('SELECT * FROM `' . _mysql_prefix . '-settings`', true);
$directive = array('banned' => '');
if (DB::error() != false) {
_systemFailure('Připojení k databázi proběhlo úspěšně, ale dotaz na databázi selhal.</p><hr /><pre>' . _htmlStr(DB::error()) . '</pre><hr /><p>Zkontrolujte, zda je databáze správně nainstalovaná.');
}
while ($item = DB::row($query)) {
if (isset($directive[$item['var']])) {
// direktiva
$directive[$item['var']] = $item['val'];
} elseif ($item['var'][0] === '.') {
// nastaveni zacinajici teckou
self::$settings[substr($item['var'], 1)] = $item['val'];
} else {
// konstanta
define('_' . $item['var'], $item['val']);
}
}
DB::free($query);
// nastavit interval pro maintenance
self::$cronIntervals['maintenance'] = _maintenance_interval;
// ip adresa klienta
if (empty($_SERVER['REMOTE_ADDR'])) {
$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
}
if (_proxy_mode && isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
define('_userip', trim(($addr_comma = strrpos($ip, ',')) === false ? $ip : substr($ip, $addr_comma + 1)));
// poinstalacni kontrola
if (_install_check) {
require _indexroot . 'require/installcheck.php';
}
// kontrola verze databaze
if (!defined('_dbversion') or !_checkVersion('database', _dbversion)) {
_systemFailure('Verze nainstalované databáze není kompatibilní s verzí systému. Pokud byl právě aplikován patch pro přechod na novější verzi, pravděpodobně jste zapoměl(a) spustit skript pro aktualizaci databáze.');
}
// inicializace session
require _indexroot . 'require/session.php';
// inicializace jazykoveho souboru
if (_loginindicator and _language_allowcustom and _loginlanguage != "") {
$language = _loginlanguage;
} else {
$language = _language;
}
$langfile = _indexroot . 'plugins/languages/' . $language . '.php';
$langfile_default = _indexroot . 'plugins/languages/default.php';
if (file_exists($langfile)) {
$GLOBALS['_lang'] = (require $langfile);
define('_active_language', $language);
} else {
if (file_exists($langfile_default)) {
$GLOBALS['_lang'] = (require $langfile_default);
define('_active_language', 'default');
} else {
_systemFailure('Zvolený ani přednastavený jazykový soubor nebyl nalezen.');
}
}
// kontrola verze jazykoveho souboru
if (!_checkVersion('language_file', $GLOBALS['_lang']['main.version'])) {
DB::query('UPDATE `' . _mysql_prefix . '-settings` SET val="default" WHERE var="language"');
_systemFailure('Zvolený jazykový soubor není kompatibilní s verzí systému.');
}
// kontrola blokace IP
if ($directive['banned'] !== '' && !_administration) {
$directive['banned'] = explode("\n", $directive['banned']);
for ($i = 0; isset($directive['banned'][$i]); ++$i) {
if (0 === strncmp($directive['banned'][$i], _userip, strlen($directive['banned'][$i]))) {
header('HTTP/1.0 403 Forbidden');
if (defined('_header')) {
die('Your IP address is banned');
}
require _indexroot . 'require/ipban.php';
die;
}
}
}
// motiv
$template = _indexroot . 'plugins/templates/' . _template . '/template.php';
$template_config = _indexroot . 'plugins/templates/' . _template . '/config.php';
if (!file_exists($template) or !file_exists($template_config)) {
DB::query('UPDATE `' . _mysql_prefix . '-settings` SET val=\'default\' WHERE var=\'template\'');
_systemFailure('Zvolený motiv ' . _template . ' nebyl nalezen. Přepnuto na výchozí motiv.');
}
require $template_config;
// kontrola verze motivu
if (!_checkVersion('template', _template_version) and !_administration) {
_systemFailure('Zvolený motiv není kompatibilní s verzí systému.');
}
// nacist rozsireni
_extendLoad();
// udalost inicializace systemu
_extend('call', 'sys.init');
// systemove callbacky
_extend('reg', 'sys.cron.maintenance', array(__CLASS__, 'doMaintenance'));
// cron
if (_cron_auto && $runCron) {
self::runCron();
}
}
}
DB::query("UPDATE `" . _mysql_prefix . "-users` SET password='******', salt='" . $newpass[1] . "' WHERE id=" . $userdata['id']);
$module .= _formMessage(1, $_lang['mod.lostpass.generated']);
} else {
$module .= _formMessage(3, $_lang['hcm.mailform.msg.failure2']);
}
$done = true;
} else {
$module .= _formMessage(2, _eventList($errors, "errors"));
if ($badlink) {
_iplogUpdate(1);
}
}
}
// formular
if (!$done and count($errors) == 0) {
$module .= _formOutput("lostpassform", "index.php?m=lostpass&link&user="******"&hash=" . _htmlStr($hash), array(), array(), $_lang['mod.lostpass.generate'], "<input type='hidden' name='action' value='1' />");
}
}
} else {
$module .= _formMessage(2, str_replace(array("*1*", "*2*"), array(_maxloginattempts, _maxloginexpire / 60), $_lang['login.attemptlimit']));
}
break;
default:
$module .= "<p class='bborder'>" . $_lang['mod.lostpass.p'] . "</p>";
// kontrola promennych, odeslani emailu
$sent = false;
if (isset($_POST['username'])) {
if (_iplogCheck(7)) {
// nacteni promennych
$username = _anchorStr($_POST['username'], false);
$email = DB::esc($_POST['email']);
function _HCM_randomfile($cesta = "", $typ = 1, $pocet = 1, $vyska_nahledu = null)
{
$result = "";
$cesta = _indexroot . $cesta;
$cesta_noroot = $cesta;
if (mb_substr($cesta, -1, 1) != "/") {
$cesta .= "/";
}
if (mb_substr($cesta_noroot, -1, 1) != "/") {
$cesta_noroot .= "/";
}
$pocet = intval($pocet);
if (@file_exists($cesta) and @is_dir($cesta)) {
$handle = @opendir($cesta);
switch ($typ) {
case 2:
$allowed_extensions = SL::$imageExt;
if (isset($vyska_nahledu)) {
$vyska_nahledu = intval($vyska_nahledu);
} else {
$vyska_nahledu = 96;
}
break;
default:
$allowed_extensions = array("txt", "htm", "html");
break;
}
$items = array();
while (false !== ($item = @readdir($handle))) {
$ext = pathinfo($item);
if (isset($ext['extension'])) {
$ext = mb_strtolower($ext['extension']);
} else {
$ext = "";
}
if (@is_dir($cesta . $item) or $item == "." or $item == ".." or !in_array($ext, $allowed_extensions)) {
continue;
}
$items[] = $item;
}
if (count($items) != 0) {
if ($pocet > count($items)) {
$pocet = count($items);
}
$randitems = array_rand($items, $pocet);
if (!is_array($randitems)) {
$randitems = array($randitems);
}
foreach ($randitems as $item) {
$item = $items[$item];
switch ($typ) {
case 2:
$thumb = _pictureThumb($cesta_noroot . $item, array('x' => null, 'y' => $vyska_nahledu));
$result .= "<a href='" . $cesta . _htmlStr($item) . "' target='_blank' class='lightbox' data-fancybox-group='lb_hcm" . SL::$hcmUid . "'><img src='" . $thumb . "' alt='" . $item . "' /></a>\n";
break;
default:
$result .= @file_get_contents(_indexroot . $cesta . $item);
break;
}
}
}
@closedir($handle);
}
return $result;
}