if ($continue) {
$output .= "\n<a href='index.php?p=content-editgallery&id=" . $g . "' class='backlink'>< návrat zpět</a>\n<h1>" . $_lang['admin.content.manageimgs.title'] . "</h1>\n<p class='bborder'>" . str_replace("*galtitle*", $galdata['title'], $_lang['admin.content.manageimgs.p']) . "</p>\n\n" . $message . "\n\n<script type='text/javascript'>\n/* <![CDATA[ */\n\$(document).ready(function(){\n \$('.hs_fieldset').each(function(){\n var fieldset = this;\n var link = \$(fieldset).find('legend > a').get(0);\n var form = \$(fieldset).children('form');\n \$(form).hide();\n \$(link).click(function(){\n \$(form).slideToggle('fast');\n\n return false;\n });\n });\n});\n/* ]]> */\n</script>\n\n<fieldset>\n<legend>" . $_lang['admin.content.manageimgs.upload'] . "</legend>\n<form action='index.php?p=content-manageimgs&g=" . $g . "' method='post' enctype='multipart/form-data'>\n <p>" . sprintf($_lang['admin.content.manageimgs.upload.text'], _galuploadresize_w, _galuploadresize_h) . "</p>\n <input type='hidden' name='xaction' value='7' />\n <div id='fmanFiles'><input type='file' name='uf0[]' multiple='multiple' /> <a href='#' onclick='return _sysFmanAddFile();'>" . $_lang['admin.fman.upload.addfile'] . "</a></div>\n <div class='hr'><hr /></div>\n <p>\n <input type='submit' value='" . $_lang['admin.content.manageimgs.upload.submit'] . "' />" . (($uplimit = _getUploadLimit(true)) !== null ? " <small>" . $_lang['global.uploadlimit'] . ": <em>" . _getUploadLimit() . "MB</em>, " . $_lang['global.uploadext'] . ": <em>" . implode(', ', SL::$imageExt) . "</em></small>" : '') . "<br />\n <label><input type='checkbox' value='1' name='moveords' checked='checked' /> " . $_lang['admin.content.manageimgs.moveords'] . "</label>\n </p>\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n<fieldset class='hs_fieldset'>\n<legend><a href='#'>" . $_lang['admin.content.manageimgs.insert'] . "</a> <small>(" . $_lang['admin.content.manageimgs.insert.tip'] . ")</small></legend>\n<form action='index.php?p=content-manageimgs&g=" . $g . "' method='post' name='addform' onsubmit='_sysGalTransferPath(this);'>\n<input type='hidden' name='xaction' value='1' />\n\n<table>\n<tr class='valign-top'>\n\n<td>\n <table>\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n <td><input type='text' name='title' class='inputmedium' maxlength='64' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n <td><input type='text' name='ord' class='inputsmall' disabled='disabled' /> <label><input type='checkbox' name='moveords' value='1' checked='checked' onclick=\"_sysDisableField(this.checked, 'addform', 'ord');\" /> " . $_lang['admin.content.manageimgs.moveords'] . "</label></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.manageimgs.prev'] . "</strong></td>\n <td><input type='text' name='prev' class='inputsmall' disabled='disabled' /> <label><input type='checkbox' name='autoprev' value='1' checked='checked' onclick=\"_sysDisableField(this.checked, 'addform', 'prev');\" /> " . $_lang['admin.content.manageimgs.autoprev'] . "</label></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.manageimgs.full'] . "</strong></td>\n <td><input type='text' name='full' class='inputmedium' /></td>\n </tr>\n\n <tr>\n <td></td>\n <td><input type='submit' value='" . $_lang['global.insert'] . "' /></td>\n </tr>\n\n </table>\n</td>\n\n<td>\n" . (_loginright_adminfman ? "<div id='gallery-browser'>\n " . (!isset($_GET['browserpath']) ? "<a href='#' onclick=\"return _sysGalBrowse('" . urlencode(_upload_dir) . (_loginright_adminfmanlimit ? _loginname . '%2F' : '') . "');\"><img src='images/icons/loupe.png' alt='browse' class='icon' />" . $_lang['admin.content.manageimgs.insert.browser.link'] . "</a>" : "<script type='text/javascript'>_sysGalBrowse('" . _htmlStr($_GET['browserpath']) . "');</script>") . "\n</div>" : '') . "\n</td>\n\n</tr>\n</table>\n\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n";
// strankovani
$paging = _resultPaging("index.php?p=content-manageimgs&g=" . $g, $galdata['var2'], "images", "home=" . $g);
$s = $paging[2];
$output .= "\n<fieldset>\n<legend>" . $_lang['admin.content.manageimgs.current'] . "</legend>\n<form action='index.php?p=content-manageimgs&g=" . $g . "&page=" . $s . "' method='post' name='editform'>\n<input type='hidden' name='xaction' value='4' />\n\n<input type='submit' value='" . $_lang['admin.content.manageimgs.savechanges'] . "' class='gallery-savebutton' />\n" . $paging[0] . "\n<div class='cleaner'></div>";
// vypis obrazku
$images = DB::query("SELECT * FROM `" . _mysql_prefix . "-images` WHERE home=" . $g . " ORDER BY ord " . $paging[1]);
$images_forms = array();
if (DB::size($images) != 0) {
// sestaveni formularu
while ($image = DB::row($images)) {
// kod nahledu
$preview = _galleryImage($image, "1", $galdata['var4'], $galdata['var3']);
// kod formulare
$images_forms[] .= "\n<table>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_title' class='inputmedium' value='" . $image['title'] . "' maxlength='64' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_ord' class='inputmedium' value='" . $image['ord'] . "' /></td>\n</tr>\n\n" . (!$image['in_storage'] ? "<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.manageimgs.prev'] . "</strong></td>\n<td><input type='hidden' name='i" . $image['id'] . "_prevtrigger' value='1' /><input type='text' name='i" . $image['id'] . "_prev' class='inputsmall' value='" . $image['prev'] . "'" . _inputDisable($image['prev'] != "") . " /> <label><input type='checkbox' name='i" . $image['id'] . "_autoprev' value='1' onclick=\"_sysDisableField(checked, 'editform', 'i" . $image['id'] . "_prev');\"" . _checkboxActivate($image['prev'] == "") . " /> " . $_lang['admin.content.manageimgs.autoprev'] . "</label></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.manageimgs.full'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_full' class='inputmedium' value='" . $image['full'] . "' /></td>\n</tr>" : '') . "\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['global.preview'] . "</strong></td>\n<td>" . $preview . "<br /><br /><a href='" . _xsrfLink("index.php?p=content-manageimgs&g=" . $g . "&page=" . $s . "&del=" . $image['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['admin.content.manageimgs.delete'] . "</a></td>\n</tr>\n\n</table>\n ";
}
// sestaveni tabulky formularu po dvou
$output .= "\n<table id='gallery-edittable'>";
$count = count($images_forms);
for ($i = 0; $i < $count; $i += 2) {
if (isset($images_forms[$i])) {
$output .= "<tr><td" . (0 === $i % 2 && !isset($images_forms[$i + 1]) && 1 !== $count ? ' colspan="2"' : '') . " class='gallery-edittable-td'>\n" . $images_forms[$i] . "\n</td>\n";
if (isset($images_forms[$i + 1])) {
$output .= "<td class='gallery-edittable-td'>\n" . $images_forms[$i + 1] . "\n</td></tr>\n";
} else {
$output .= '</tr>' . _nl;
}
}
}
$output .= '</table>';
$output .= $message . "\n<form action='' method='post'>\n<table class='formtable'>\n\n<tr>\n <td class='rpad'><strong>" . $_lang['admin.content.redir.old'] . "</strong></td>\n <td><input type='text' name='old' value='" . $q['old'] . "' class='inputmedium' maxlength='255' /></td>\n</tr>\n\n<tr>\n <td class='rpad'><strong>" . $_lang['admin.content.redir.new'] . "</strong></td>\n <td><input type='text' name='new' value='" . $q['new'] . "' class='inputmedium' maxlength='255' /></td>\n</tr>\n\n<tr>\n <td class='rpad'><strong>" . $_lang['admin.content.redir.act'] . "</strong></td>\n <td><input type='checkbox' name='act' value='1'" . _checkboxActivate($q['active']) . " /></td>\n</tr>\n\n<tr>\n <td></td>\n <td><input type='submit' value='" . $_lang['global.' . ($new ? 'create' : 'save')] . "' /></td>\n</tr>\n\n</table>\n" . _xsrfProtect() . "</form>";
} while (false);
} elseif (isset($_GET['del']) && _xsrfCheck(true)) {
// smazani
DB::query('DELETE FROM `' . _mysql_prefix . '-redir` WHERE id=' . intval($_GET['del']));
$output .= _formMessage(1, $_lang['global.done']);
} elseif (isset($_GET['wipe'])) {
// smazani vsech
if (isset($_POST['wipe_confirm'])) {
DB::query('TRUNCATE TABLE `' . _mysql_prefix . '-redir`');
$output .= _formMessage(1, $_lang['global.done']);
} else {
$output .= "\n<form action='' method='post' class='formbox'>\n" . _formMessage(2, $_lang['admin.content.redir.act.wipe.confirm']) . "\n<input type='submit' name='wipe_confirm' value='" . $_lang['admin.content.redir.act.wipe.submit'] . "' />\n" . _xsrfProtect() . "</form>\n";
}
}
// tabulka
$output .= "<table class='list'>\n<thead><tr><td>" . $_lang['admin.content.redir.old'] . "</td><td>" . $_lang['admin.content.redir.new'] . "</td><td>" . $_lang['admin.content.redir.act'] . "</td><td>" . $_lang['global.action'] . "</td></tr></thead>\n<tbody>\n";
// vypis
$counter = 0;
$q = DB::query('SELECT * FROM `' . _mysql_prefix . '-redir`');
while ($r = DB::row($q)) {
$output .= "<tr><td><code>" . $r['old'] . "</code></td><td><code>" . $r['new'] . "</code></td><td class='text-" . ($r['active'] ? 'green' : 'red') . "'>" . $_lang['global.' . ($r['active'] ? 'yes' : 'no')] . "</td><td><a href='index.php?p=content-redir&edit=" . $r['id'] . "'><img src='images/icons/edit.png' alt='edit' class='icon' /></a> <a href='" . _xsrfLink("index.php?p=content-redir&del=" . $r['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' /></a></td></tr>";
++$counter;
}
// zadna data?
if ($counter === 0) {
$output .= "<tr><td colspan='4'>" . $_lang['global.nokit'] . "</td></tr>\n";
}
// konec tabulky
$output .= "</tbody>\n</table>\n";
}
</td>
</tr>
</table>
';
// tabulka
// priprava strankovani
if (!$search) {
$paging = _resultPaging("index.php?p=users-list&group=" . $group, 50, "users", $grouplimit2);
$output .= $paging[0];
}
// tabulka
$output .= "<br />\n <table class='list'>\n <thead><tr><td>ID</td><td>" . $_lang['login.username'] . "</td><td>" . $_lang['global.email'] . "</td><td>" . $_lang['mod.settings.publicname'] . "</td><td colspan='2'>" . $_lang['global.group'] . "</td></tr></thead>\n <tbody>\n ";
// dotaz na db
if (!$search) {
$query = DB::query("SELECT `" . _mysql_prefix . "-users`.id, `" . _mysql_prefix . "-users`.username, `" . _mysql_prefix . "-users`.publicname, `" . _mysql_prefix . "-users`.levelshift, `" . _mysql_prefix . "-users`.email, `" . _mysql_prefix . "-groups`.title, `" . _mysql_prefix . "-groups`.icon, `" . _mysql_prefix . "-users`.id FROM `" . _mysql_prefix . "-users`, `" . _mysql_prefix . "-groups` WHERE `" . _mysql_prefix . "-users`.`group`=`" . _mysql_prefix . "-groups`.id" . $grouplimit . " ORDER BY `" . _mysql_prefix . "-groups`.level DESC,`" . _mysql_prefix . "-users`.id " . $paging[1]);
} else {
$query = DB::query("SELECT `" . _mysql_prefix . "-users`.username, `" . _mysql_prefix . "-users`.publicname, `" . _mysql_prefix . "-users`.levelshift, `" . _mysql_prefix . "-users`.email, `" . _mysql_prefix . "-groups`.title, `" . _mysql_prefix . "-groups`.icon, `" . _mysql_prefix . "-users`.id FROM `" . _mysql_prefix . "-users`, `" . _mysql_prefix . "-groups` WHERE `" . _mysql_prefix . "-users`.`group`=`" . _mysql_prefix . "-groups`.id AND (`" . _mysql_prefix . "-users`.username LIKE '%" . $searchword . "%' OR `" . _mysql_prefix . "-users`.publicname LIKE '%" . $searchword . "%' OR `" . _mysql_prefix . "-users`.email LIKE '%" . $searchword . "%' OR `" . _mysql_prefix . "-users`.ip LIKE '%" . $searchword . "%')" . $grouplimit . " ORDER BY `" . _mysql_prefix . "-groups`.level DESC,`" . _mysql_prefix . "-users`.id LIMIT 100");
}
// vypis
if (DB::size($query) != 0) {
while ($item = DB::row($query)) {
$output .= "<tr><td>" . $item['id'] . "</td><td>" . ($item['icon'] != "" ? "<img src='" . _indexroot . "pictures/groupicons/" . $item['icon'] . "' alt='icon' class='groupicon' /> " : '') . "<a href='index.php?p=users-edit&id=" . $item['username'] . "'>" . ($item['levelshift'] == 1 ? "<strong>" : '') . $item['username'] . ($item['levelshift'] == 1 ? "</strong>" : '') . "</a></td><td>" . $item['email'] . "</td><td>" . ($item['publicname'] != "" ? $item['publicname'] : "-") . "</td><td>" . $item['title'] . "</td><td><a href='" . _xsrfLink("index.php?p=users-delete&id=" . $item['username']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['global.delete'] . "</a></td></tr>\n";
}
} else {
$output .= "<tr><td colspan='5'>" . $_lang['global.nokit'] . "</td></tr>\n";
}
$output .= "</tbody></table>";
// pocet uzivatelu
$totalusers = DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-users`"), 0);
$output .= "\n<br />" . $_lang['admin.users.list.totalusers'] . ": " . $totalusers;
$author_filter_id = intval($_GET['author']);
$author_filter = "author=" . intval($_GET['author']);
} else {
$pasep = false;
$author_filter = "";
$author_filter_id = -1;
}
$output .= "\n<p class='bborder'>" . $_lang['admin.content.polls.p'] . "</p>\n<p><img src='images/icons/new.png' class='icon' alt='new' /><a href='index.php?p=content-polls-edit'>" . $_lang['admin.content.polls.new'] . "</a></p>\n";
// filtr
if (_loginright_adminpollall) {
$output .= "\n <form class='cform' action='index.php' method='get'>\n <input type='hidden' name='p' value='content-polls' />\n <strong>" . $_lang['admin.content.polls.filter'] . ":</strong> " . _admin_authorSelect("author", $author_filter_id, "adminpoll=1", null, $_lang['global.all2']) . " <input type='submit' value='" . $_lang['global.apply'] . "' />\n </form>\n ";
}
// strankovani
$paging = _resultPaging("index.php?p=content-polls", 25, "polls", $author_filter . _admin_pollAccess($pasep), "&filter=" . $author_filter_id);
$output .= $paging[0] . "<br />";
$output .= $message . "\n<table class='list'>\n<thead><tr><td>" . $_lang['admin.content.form.question'] . "</td>" . (_loginright_adminpollall ? "<td>" . $_lang['article.author'] . "</td>" : '') . "<td>" . $_lang['global.id'] . "</td><td>" . $_lang['global.action'] . "</td></tr></thead>\n<tbody>\n";
// vypis anket
$query = DB::query("SELECT question,id,author,locked FROM `" . _mysql_prefix . "-polls` WHERE " . $author_filter . _admin_pollAccess($pasep) . " ORDER BY id DESC " . $paging[1]);
if (DB::size($query) != 0) {
while ($item = DB::row($query)) {
if (_loginright_adminpollall) {
$username = "******" . _linkUser($item['author']) . "</td>";
} else {
$username = "";
}
$output .= "<tr><td><a href='index.php?p=content-polls-edit&id=" . $item['id'] . "' class='block'>" . _cutStr($item['question'], 64) . "</a>" . ($item['locked'] == 1 ? " (" . $_lang['admin.content.form.locked'] . ")" : '') . "</td>" . $username . "<td>" . $item['id'] . "</td><td><a href='" . _xsrfLink("index.php?p=content-polls&author=" . $author_filter_id . "&page=" . $paging[2] . "&del=" . $item['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' class='icon' alt='del' /> " . $_lang['global.delete'] . "</a></td></tr>\n";
}
} else {
$output .= "<tr><td colspan='" . (_loginright_adminpollall ? "4" : "3") . "'>" . $_lang['global.nokit'] . "</td></tr>";
}
$output .= "\n</tbody>\n</table>\n\n<br />\n<form class='cform' action='index.php' method='get'>\n<input type='hidden' name='p' value='content-polls-edit' />\n" . $_lang['admin.content.polls.openid'] . ": <input type='text' name='id' class='inputmini' /> <input type='submit' value='" . $_lang['global.open'] . "' />\n</form>\n";
/* --- vystup --- */
if ($continue) {
$nokit = false;
// zprava
if (isset($_GET['created'])) {
$message = _formMessage(1, $_lang['global.created']);
}
$output .= "<div class='hr'><hr /></div><br />" . $message . "\n<form class='cform' action='index.php?p=content-boxes-edit&c=" . urlencode($c) . "&saved' method='post'>\n<input type='hidden' name='do' value='1' />\n<p><input type='submit' value='" . $_lang['admin.content.boxes.saveboxeschanges'] . "' /> <a href='index.php?p=content-boxes-new&c=" . urlencode($c) . "'><img src='images/icons/new.png' alt='new' class='icon' />" . $_lang['admin.content.boxes.create'] . "</a></p>\n<table id='boxesedit'>\n";
$query = DB::query("SELECT * FROM `" . _mysql_prefix . "-boxes` WHERE `column`='" . DB::esc($c) . "' ORDER BY ord");
if (DB::size($query) != 0) {
$isfirst = true;
while ($item = DB::row($query)) {
if ($isfirst) {
$output .= "\n\n\n\n<tr>\n\n\n\n";
}
$output .= "\n <td class='cell'>\n <div>\n <table class='formtable'>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n <td><input type='text' name='" . $item['id'] . "-title' value='" . $item['title'] . "' class='inputmedium' maxlength='96' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.boxes.column'] . "</strong></td>\n <td><input type='text' maxlength='64' name='" . $item['id'] . "-column' value='" . _htmlStr($item['column']) . "' class='inputmedium' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n <td><input type='text' name='" . $item['id'] . "-ord' value='" . $item['ord'] . "' class='inputmedium' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.class'] . "</strong></td>\n <td><input type='text' name='" . $item['id'] . "-class' value='" . $item['class'] . "' class='inputmedium' maxlength='24' /></td>\n </tr>\n\n <tr class='valign-top'>\n <td class='rpad'><strong>" . $_lang['admin.content.form.content'] . "</strong></td>\n <td><textarea name='" . $item['id'] . "-content' class='areasmall_100pwidth codemirror' rows='9' cols='33'>" . _htmlStr($item['content']) . "</textarea></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n <td>\n <label><input type='checkbox' name='" . $item['id'] . "-visiblenew' value='1'" . _checkboxActivate($item['visible']) . " /> " . $_lang['admin.content.form.visible'] . "</label> \n <label><input type='checkbox' name='" . $item['id'] . "-publicnew' value='1'" . _checkboxActivate($item['public']) . " /> " . $_lang['admin.content.form.public'] . "</label>\n <input type='hidden' name='" . $item['id'] . "-visible' value='1' />\n <input type='hidden' name='" . $item['id'] . "-public' value='1' />\n <a href='" . _xsrfLink("index.php?p=content-boxes-edit&c=" . urlencode($c) . "&del=" . $item['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['admin.content.boxes.delete'] . "</a>\n </td>\n </tr>\n\n </table>\n </div>\n </td>\n ";
if (!$isfirst) {
$output .= "\n\n\n\n</tr>\n\n\n\n";
}
$isfirst = !$isfirst;
}
// dodatecne uzavreni radku tabulky (pri lichem poctu boxu)
if (!$isfirst) {
$output .= "\n\n\n\n</tr>\n\n\n\n";
}
} else {
$nokit = true;
$output .= '<tr><td>' . $_lang['global.nokit'] . '</td></tr>';
}
$output .= "</table>\n" . ($nokit ? '' : "<p><input type='submit' value='" . $_lang['admin.content.boxes.saveboxeschanges'] . "' /></p>") . "\n" . _xsrfProtect() . "</form>";
} else {
/**
* Vypis kodu uzivatelskeho menu
* @param bool $return navratit namisto vypsani 1/0
*/
function _templateUserMenu($return = false)
{
global $_lang;
$output = "";
if (_template_usermenu_parent != "") {
$output .= "<" . _template_usermenu_parent . ">\n";
}
$extend_args = _extendArgs($output);
_extend('call', 'tpl.usermenu.first', $extend_args);
if (!_loginindicator) {
/*prihlaseni*/
$output .= _template_usermenu_item_start . "<a href='" . _indexroot . "index.php?m=login&login_form_return=" . urlencode($_SERVER['REQUEST_URI']) . "' class='usermenu-item-login'>" . $_lang['usermenu.login'] . "</a>" . _template_usermenu_item_end . "\n";
if (_registration) {
/*registrace*/
$output .= _template_usermenu_item_start . "<a href='" . _indexroot . "index.php?m=reg' class='usermenu-item-reg'>" . $_lang['usermenu.registration'] . "</a>" . _template_usermenu_item_end . "\n";
}
} else {
/*vzkazy*/
if (_messages) {
$messages_count = DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-pm` WHERE (receiver=" . _loginid . " AND receiver_deleted=0 AND receiver_readtime<update_time) OR (sender=" . _loginid . " AND sender_deleted=0 AND sender_readtime<update_time)"), 0);
if ($messages_count != 0) {
$messages_count = " [" . $messages_count . "]";
} else {
$messages_count = "";
}
$output .= _template_usermenu_item_start . "<a href='" . _indexroot . "index.php?m=messages' class='usermenu-item-messages'>" . $_lang['usermenu.messages'] . $messages_count . "</a>" . _template_usermenu_item_end . "\n";
}
/*nastaveni*/
$output .= _template_usermenu_item_start . "<a href='" . _indexroot . "index.php?m=settings' class='usermenu-item-settings'>" . $_lang['usermenu.settings'] . "</a>" . _template_usermenu_item_end . "\n";
_extend('call', 'tpl.usermenu.beforelogout', $extend_args);
/*odhlaseni*/
$output .= _template_usermenu_item_start . "<a href='" . _xsrfLink(_indexroot . "remote/logout.php?_return=" . urlencode($_SERVER['REQUEST_URI'])) . "' class='usermenu-item-logout'>" . $_lang['usermenu.logout'] . (_template_usermenu_showusername ? " [" . _loginname . "]" : '') . "</a>" . _template_usermenu_item_end . "\n";
}
if (_ulist and (!_notpublicsite or _loginindicator)) {
/*uziv. menu*/
$output .= _template_usermenu_item_start . "<a href='" . _indexroot . "index.php?m=ulist' class='usermenu-item-ulist'>" . $_lang['usermenu.ulist'] . "</a>" . _template_usermenu_item_end . "\n";
}
_extend('call', 'tpl.usermenu.last', $extend_args);
if (_template_usermenu_parent != "") {
$output .= "</" . _template_usermenu_parent . ">\n";
}
if (_template_usermenu_trim == 1) {
$output = trim($output);
$output = trim($output, _template_usermenu_item_start);
$output = trim($output, _template_usermenu_item_end);
}
// vratit nebo vypsat
if ($return) {
return $output;
}
echo $output;
}
if (_loginindicator and _loginright_administration) {
$avatar = _getAvatar(_loginid, true, true);
if (isset($avatar)) {
$usermenu .= '<a id="header-avatar" href="' . _indexroot . 'index.php?m=profile&id=' . _loginname . '"><img src="' . $avatar . '" alt="' . _loginname . '" /></a>';
}
$usermenu .= _loginpublicname . ' [';
if (_messages) {
$messages_count = DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-pm` WHERE (receiver=" . _loginid . " AND receiver_deleted=0 AND receiver_readtime<update_time) OR (sender=" . _loginid . " AND sender_deleted=0 AND sender_readtime<update_time)"), 0);
if ($messages_count != 0) {
$messages_count = " <span class='highlight'>(" . $messages_count . ")</span>";
} else {
$messages_count = "";
}
$usermenu .= "<a href='" . _indexroot . "index.php?m=messages'>" . $_lang['usermenu.messages'] . $messages_count . "</a>, ";
}
$usermenu .= '<a href="' . _indexroot . 'index.php?m=settings">' . $_lang['usermenu.settings'] . '</a>, <a href="' . _xsrfLink(_indexroot . 'remote/logout.php?_return=admin/') . '">' . $_lang['usermenu.logout'] . '</a>]';
$usermenu .= '<a href="' . _url . '/" target="_blank" class="usermenu-web-link" title="' . $_lang['admin.link.site'] . '"><img class="icon" src="images/icons/guide.png" alt="' . $_lang['admin.link.site'] . '" /></a>';
} else {
$usermenu .= '<a href="./">' . $_lang['usermenu.guest'] . '</a>';
}
$usermenu .= '</span>';
// systemove moduly (jmeno, 0-titulek, 1-prava ke vstupu, 2-nadrazeny modul, 3-podrazene moduly, [4-vlastni titulek a zpetny odkaz?], [5-je to plugin?])
$modules = array("index" => array($_lang['admin.menu.index'], true, null, array('index-edit'), true), "index-edit" => array($_lang['admin.menu.index.edit.title'], _loginright_group == 1, 'index', array(), false), "content" => array($_lang['admin.menu.content'], _loginright_admincontent, null, array("content-move", "content-titles", "content-redir", "content-articles", "content-confirm", "content-movearts", "content-polls", "content-polls-edit", "content-boxes", "content-editsection", "content-editcategory", "content-delete", "content-editintersection", "content-articles-list", "content-articles-edit", "content-articles-delete", "content-boxes-edit", "content-boxes-new", "content-editbook", "content-editseparator", "content-editlink", "content-editpluginpage", "content-editgallery", "content-manageimgs", "content-artfilter"), false), "content-setindex" => array($_lang['admin.content.setindex.title'], _loginright_admincontent, "content", array()), "content-move" => array($_lang['admin.content.move.title'], _loginright_admincontent, "content", array()), "content-titles" => array($_lang['admin.content.titles.title'], _loginright_admincontent, "content", array()), "content-redir" => array($_lang['admin.content.redir.title'], _loginright_admincontent, "content", array()), "content-articles" => array($_lang['admin.content.articles.title'], _loginright_adminart, "content", array()), "content-articles-list" => array($_lang['admin.content.articles.list.title'], _loginright_adminart, "content-articles", array()), "content-articles-edit" => array($_lang['admin.content.articles.edit.title'], _loginright_adminart, "content-articles", array(), true), "content-articles-delete" => array($_lang['admin.content.articles.delete.title'], _loginright_adminart, "content-articles", array(), true), "content-confirm" => array($_lang['admin.content.confirm.title'], _loginright_adminconfirm, "content", array()), "content-movearts" => array($_lang['admin.content.movearts.title'], _loginright_admincategory, "content", array()), "content-artfilter" => array($_lang['admin.content.artfilter.title'], _loginright_admincategory, "content", array()), "content-polls" => array($_lang['admin.content.polls.title'], _loginright_adminpoll, "content", array()), "content-polls-edit" => array($_lang['admin.content.polls.edit.title'], _loginright_adminpoll, "content-polls", array()), "content-sboxes" => array($_lang['admin.content.sboxes.title'], _loginright_adminsbox, "content", array()), "content-boxes" => array($_lang['admin.content.boxes.title'], _loginright_adminbox, "content", array()), "content-boxes-edit" => array($_lang['admin.content.boxes.edit.title'], _loginright_adminbox, "content-boxes", array()), "content-boxes-new" => array($_lang['admin.content.boxes.new.title'], _loginright_adminbox, "content-boxes", array(), true), "content-delete" => array($_lang['admin.content.delete.title'], true, "content", array()), "content-editsection" => array($_lang['admin.content.editsection.title'], _loginright_adminsection, "content", array(), false), "content-editcategory" => array($_lang['admin.content.editcategory.title'], _loginright_admincategory, "content", array(), false), "content-editintersection" => array($_lang['admin.content.editintersection.title'], _loginright_adminintersection, "content", array(), false), "content-editbook" => array($_lang['admin.content.editbook.title'], _loginright_adminbook, "content", array(), false), "content-editseparator" => array($_lang['admin.content.editseparator.title'], _loginright_adminseparator, "content", array(), false), "content-editlink" => array($_lang['admin.content.editlink.title'], _loginright_adminlink, "content", array(), false), "content-editgallery" => array($_lang['admin.content.editgallery.title'], _loginright_admingallery, "content", array(), false), "content-editforum" => array($_lang['admin.content.editforum.title'], _loginright_adminforum, "content", array(), false), "content-editpluginpage" => array($_lang['admin.content.editpluginpage.title'], _loginright_adminpluginpage, "content", array(), false), "content-manageimgs" => array($_lang['admin.content.manageimgs.title'], _loginright_admingallery, "content", array(), true), "users" => array($_lang['admin.menu.users'], _loginright_adminusers or _loginright_admingroups, null, array("users-editgroup", "users-delgroup", "users-edit", "users-delete", "users-list", "users-move")), "users-editgroup" => array($_lang['admin.users.groups.edittitle'], _loginright_admingroups, "users", array(), false), "users-delgroup" => array($_lang['admin.users.groups.deltitle'], _loginright_admingroups, "users", array()), "users-edit" => array($_lang['admin.users.edit.title'], _loginright_adminusers, "users", array()), "users-delete" => array($_lang['admin.users.deleteuser'], _loginright_adminusers, "users", array()), "users-list" => array($_lang['admin.users.list'], _loginright_adminusers, "users", array()), "users-move" => array($_lang['admin.users.move'], _loginright_adminusers, "users", array()), "fman" => array($_lang['admin.menu.fman'], _loginright_adminfman, null, array()), "settings" => array($_lang['admin.menu.settings'], _loginright_adminsettings, null, array("settings-plugins")), "settings-plugins" => array($_lang['admin.settings.plugins.title'], _loginright_adminsettings, "settings", array(), true), "other" => array($_lang['admin.menu.other'], _loginright_adminbackup or _loginright_adminrestore or _loginright_adminmassemail or _loginright_adminbans, null, array("other-backup", "other-massemail", "other-bans", "other-cleanup", "other-transm")), "other-backup" => array($_lang['admin.other.backup.title'], _loginright_adminbackup or _loginright_adminrestore, "other", array()), "other-cleanup" => array($_lang['admin.other.cleanup.title'], _loginright_level == 10001, "other", array()), "other-massemail" => array($_lang['admin.other.massemail.title'], _loginright_adminmassemail, "other", array()), "other-bans" => array($_lang['admin.other.bans.title'], _loginright_adminbans, "other", array()), "other-transm" => array($_lang['admin.other.transm.title'], _loginid == 0, "other", array()));
// priprava menu, pluginu
$menu = "<div id='menu'>\n";
// extend
_extend('call', 'admin.start');
// vystup dle stavu prihlaseni
if (_loginindicator and _loginright_administration) {
// titulek adminu
if (isset($modules[$getp][0])) {
<?php
/* --- kontrola jadra --- */
if (!defined('_core')) {
exit;
}
/* --- priprava, odstraneni sloupce --- */
$message = "";
if (isset($_GET['delcolumn']) && _xsrfCheck(true)) {
DB::query("DELETE FROM `" . _mysql_prefix . "-boxes` WHERE `column`='" . DB::esc($_GET['delcolumn']) . "'");
$message = _formMessage(1, $_lang['global.done']);
}
/* --- vystup --- */
$output .= "<p class='bborder'>" . $_lang['admin.content.boxes.p'] . "</p>\n<p><a href='index.php?p=content-boxes-new'><img src='images/icons/new.png' alt='new' class='icon' />" . $_lang['admin.content.boxes.create'] . "</a></p>" . $message . "\n\n<table class='listable'>\n<thead><tr><td>" . $_lang['admin.content.boxes.column'] . "</td><td>" . $_lang['admin.content.boxes.totalboxes'] . "</td><td>" . $_lang['global.action'] . "</td></tr></thead>\n<tbody>";
$query = DB::query("SELECT DISTINCT `column` FROM `" . _mysql_prefix . "-boxes` ORDER BY `column`");
while ($item = DB::row($query)) {
$output .= "<tr><td><a href='index.php?p=content-boxes-edit&c=" . urlencode($item['column']) . "' class='block'><img src='images/icons/dir.png' alt='col' class='icon' /><strong>" . _htmlStr($item['column']) . "</strong></a></td><td>" . DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-boxes` WHERE `column`='" . DB::esc($item['column']) . "'"), 0) . "</td><td><a href='" . _xsrfLink("index.php?p=content-boxes&delcolumn=" . urlencode($item['column'])) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['global.delete'] . "</a></td></tr>\n";
}
$output .= "</tbody></table>";
/**
* Sestavit kod systemoveho formulare
*
* $id Popis $vars
*
* login prihlasovaci formular -
* notpublic prihlasovaci formular (neverejny obsah) [wholesite 1/0]
* postform formular pro zaslani prispevku/komentare [posttype => viz fce _postsOutput, posttarget => id_home, xhome => id_xhome, [pluginflag(pouze pro typ 7)] => xx)]
*
* @param string $id identifikator formulare
* @param array $vars promenne dle typu
* @param bool $notitle nevkladat titulek do formulare 1/0
* @param bool $extend volat extend udalosti 1/0
* @return array array(content, title)
*/
function _uniForm($id, $vars = array(), $notitle = false, $extend = true)
{
// priprava
global $_lang;
$content = "";
$title = "";
// extend
if ($extend) {
_extend('call', 'sys.form', array('id' => $id, 'vars' => $vars, 'notitle' => &$notitle, 'content' => &$content));
}
// typ
if ('' === $content) {
switch ($id) {
/* --- prihlaseni --- */
case "login":
// titulek
$title = $_lang['login.title'];
// zpravy
if (isset($_GET['_mlr'])) {
switch ($_GET['_mlr']) {
case 0:
$content .= _formMessage(2, $_lang['login.failure']);
break;
case 1:
if (_loginindicator and !_administration) {
$content .= _formMessage(1, $_lang['login.success']);
}
break;
case 2:
if (!_loginindicator) {
$content .= _formMessage(2, $_lang['login.blocked.message']);
}
break;
case 3:
if (!_loginindicator) {
$content .= _formMessage(3, $_lang['login.securitylogout']);
}
break;
case 4:
if (!_loginindicator) {
$content .= _formMessage(1, $_lang['login.selfremove']);
}
break;
case 5:
if (!_loginindicator) {
$content .= _formMessage(2, str_replace(array("*1*", "*2*"), array(_maxloginattempts, _maxloginexpire / 60), $_lang['login.attemptlimit']));
}
break;
case 6:
$content .= _formMessage(3, $_lang['xsrf.msg']);
break;
}
}
// obsah
if (!_loginindicator) {
// adresa pro navrat
if (isset($_GET['login_form_return'])) {
$return = $_GET['login_form_return'];
} else {
$return = $_SERVER['REQUEST_URI'];
}
// adresa formulare
$form_url = parse_url($_SERVER['REQUEST_URI']);
if (isset($form_url['query'])) {
parse_str($form_url['query'], $form_url['query']);
unset($form_url['query']['_formData'], $form_url['query']['_mlr']);
$form_url = _buildURL($form_url);
} else {
$form_url = $_SERVER['REQUEST_URI'];
}
// kod formulare
$callArgs = array("login_form", _indexroot . "remote/login.php?_return=" . urlencode($return), array(array($_lang['login.username'], "<input type='text' name='username' class='inputmedium'" . _restoreGetFdValue("username") . " maxlength='24' />"), array($_lang['login.password'], "<input type='password' name='password' class='inputmedium' />")), null, $_lang['global.login'], " <label><input type='checkbox' name='persistent' value='1' /> " . $_lang['login.persistent'] . "</label><input type='hidden' name='form_url' value='" . _htmlStr($form_url) . "' />\n <label><input type='checkbox' name='ipbound' value='1' checked='checked' /> " . (isset($_lang['login.ipbound']) ? $_lang['login.ipbound'] : 'zabezpečené') . "</label>");
if ($extend) {
_extend('call', 'sys.form.login', array('call' => &$callArgs));
}
$content .= call_user_func_array('_formOutput', $callArgs);
// odkazy
if (_registration or _lostpass) {
$content .= "\n\n<p>\n" . ((_registration and !_administration) ? "<a href='" . _indexroot . "index.php?m=reg'>" . $_lang['mod.reg'] . " ></a>\n" : '') . (_lostpass ? ((_registration and !_administration) ? "<br />" : '') . "<a href='" . _indexroot . "index.php?m=lostpass'>" . $_lang['mod.lostpass'] . " ></a>\n" : '') . "</p>";
}
} else {
$content .= "<p>" . $_lang['login.ininfo'] . " <em>" . _loginname . "</em> - <a href='" . _xsrfLink(_indexroot . "remote/logout.php") . "'>" . $_lang['usermenu.logout'] . "</a>.</p>";
}
break;
/* --- zprava o neverejnosti obsahu (0-notpublicsite) --- */
/* --- zprava o neverejnosti obsahu (0-notpublicsite) --- */
case "notpublic":
$form = _uniForm("login", array(), true);
if (!isset($vars[0])) {
$vars[0] = false;
}
$content = "<p>" . $_lang['notpublic.p' . ($vars[0] == true ? '2' : '')] . "</p>" . $form[0];
$title = $_lang['notpublic.title'];
break;
/* --- formular pro zaslani prispevku / komentare (posttype,posttarget,xhome,url) --- */
/* --- formular pro zaslani prispevku / komentare (posttype,posttarget,xhome,url) --- */
case "postform":
$title = "";
$notitle = true;
// pole
$inputs = array();
$captcha = _captchaInit();
$content = _jsLimitLength(16384, "postform", "text");
if (_loginindicator == 0) {
$inputs[] = array($_lang['posts.guestname'], "<input type='text' name='guest' maxlength='24' class='inputsmall'" . _restoreGetFdValue("guest") . " />");
}
if ($vars['xhome'] == -1) {
$inputs[] = array($_lang[$vars['posttype'] != 5 ? 'posts.subject' : 'posts.topic'], "<input type='text' name='subject' class='input" . ($vars['posttype'] != 5 ? 'small' : 'medium') . "' maxlength='" . ($vars['posttype'] != 5 ? 22 : 48) . "'" . _restoreGetFdValue("subject") . " />");
}
$inputs[] = $captcha;
$inputs[] = array($_lang['posts.text'], "<textarea name='text' class='areamedium' rows='5' cols='33'>" . _restoreGetFdValue("text", null, true) . "</textarea><input type='hidden' name='_posttype' value='" . $vars['posttype'] . "' /><input type='hidden' name='_posttarget' value='" . $vars['posttarget'] . "' /><input type='hidden' name='_xhome' value='" . $vars['xhome'] . "' />" . (isset($vars['pluginflag']) ? "<input type='hidden' name='_pluginflag' value='" . $vars['pluginflag'] . "' />" : ''), true);
// formular
$callArgs = array('postform', _addGetToLink(_indexroot . "remote/post.php", "_return=" . urlencode($vars['url']), false), $inputs, array("text"), null, _getPostformControls("postform", "text"));
if ($extend) {
_extend('call', 'sys.form.postform', array('call' => &$callArgs, 'vars' => $vars));
}
$content .= call_user_func_array('_formOutput', $callArgs);
break;
}
}
// return
if ((_template_autoheadings == 1 or _administration == 1) and $notitle == false) {
$content = "<h1>{$title}</h1>\n" . $content;
}
return array($content, $title);
}
}
}
}
// ulozeni posledniho nebo jedineho shoutboxu
if ($sql != "") {
$sql = trim($sql, ",");
DB::query("UPDATE `" . _mysql_prefix . "-sboxes` SET " . $sql . " WHERE id=" . $id);
}
$message = _formMessage(1, $_lang['global.saved']);
break;
}
}
/* --- odstraneni shoutboxu --- */
if (isset($_GET['del']) && _xsrfCheck(true)) {
$del = intval($_GET['del']);
DB::query("DELETE FROM `" . _mysql_prefix . "-sboxes` WHERE id=" . $del);
DB::query("DELETE FROM `" . _mysql_prefix . "-posts` WHERE home=" . $del . " AND type=4");
$message = _formMessage(1, $_lang['global.done']);
}
/* --- vystup --- */
$output .= "\n<p class='bborder'>" . $_lang['admin.content.sboxes.p'] . "</p>\n\n" . $message . "\n\n<fieldset>\n<legend>" . $_lang['admin.content.sboxes.create'] . "</legend>\n<form class='cform' action='index.php?p=content-sboxes' method='post'>\n<input type='hidden' name='action' value='1' />\n\n<table>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n<td><input type='text' name='title' class='inputbig' maxlength='64' /></td>\n</tr>\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n<td>\n<label><input type='checkbox' name='public' value='1' checked='checked' /> " . $_lang['admin.content.form.unregpost'] . "</label><br />\n<label><input type='checkbox' name='locked' value='1' /> " . $_lang['admin.content.form.locked2'] . "</label>\n</td>\n</tr>\n\n<tr>\n<td></td>\n<td><input type='submit' value='" . $_lang['global.create'] . "' /></td>\n</tr>\n\n</table>\n\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n\n<fieldset>\n<legend>" . $_lang['admin.content.sboxes.manage'] . "</legend>\n<form class='cform' action='index.php?p=content-sboxes' method='post'>\n<input type='hidden' name='action' value='2' />\n\n<input type='submit' value='" . $_lang['admin.content.sboxes.savechanges'] . "' />\n<div class='hr'><hr /></div>\n";
// vypis shoutboxu
$shoutboxes = DB::query("SELECT * FROM `" . _mysql_prefix . "-sboxes` ORDER BY id DESC");
if (DB::size($shoutboxes) != 0) {
while ($shoutbox = DB::row($shoutboxes)) {
$output .= "\n <br />\n <table>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n <td><input type='text' name='s" . $shoutbox['id'] . "_title' class='inputmedium' value='" . $shoutbox['title'] . "' /></td>\n </tr>\n\n <tr>\n <td><strong>" . $_lang['global.id'] . "</strong></td>\n <td>" . $shoutbox['id'] . "</td>\n </tr>\n\n <tr class='valign-top'>\n <td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n <td>\n <input type='hidden' name='s" . $shoutbox['id'] . "_publictrigger' value='1' /><input type='hidden' name='s" . $shoutbox['id'] . "_lockedtrigger' value='1' />\n <label><input type='checkbox' name='s" . $shoutbox['id'] . "_public' value='1'" . _checkboxActivate($shoutbox['public']) . " /> " . $_lang['admin.content.form.unregpost'] . "</label><br />\n <label><input type='checkbox' name='s" . $shoutbox['id'] . "_locked' value='1'" . _checkboxActivate($shoutbox['locked']) . " /> " . $_lang['admin.content.form.locked2'] . "</label><br />\n <label><input type='checkbox' name='s" . $shoutbox['id'] . "_delposts' value='1' /> " . $_lang['admin.content.form.delposts'] . "</label><br /><br />\n <a href='" . _xsrfLink("index.php?p=content-sboxes&del=" . $shoutbox['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['global.delete'] . "</a>\n </td>\n </tr>\n\n </table>\n <br /><div class='hr'><hr /></div>\n ";
}
} else {
$output .= $_lang['global.nokit'];
}
$output .= "\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n";
