function print_comments_table($fileid){ global $phrases,$member_data,$id,$content,$op_comment,$sec_img,$sec_string,$settings,$admin_path; if($settings['files_comments_enable']){ //-------- send comment command --------- if($op_comment=="send_comment"){ if(check_member_login()){ if($sec_img->verify_string($sec_string)){ $content = htmlspecialchars($content); $memberid = $member_data['id'] ; db_query("insert into mobile_files_comments (memberid,content,fileid,date) values('$memberid','$content','$id',now())"); open_table(); print "<center>$phrases[your_comment_sent_successfully]</center>"; close_table(); $content=""; }else{ open_table(); print "<center>$phrases[err_sec_code_not_valid]</center>"; close_table(); } }else{ open_table(); print "<center> $phrases[please_login_first] </center>"; close_table(); } } $qr = db_query("select * from mobile_files_comments where fileid='$fileid'"); if(db_num($qr)){ open_table("$phrases[the_comments]"); print "<hr size=1 class=separate_line>"; while($data = db_fetch($qr)){ $dx = db_qr_fetch("select ".members_fields_replace('username').",".members_fields_replace('email')." from ".members_table_replace('mobile_members')." where ".members_fields_replace('id')."='$data[memberid]'",MEMBER_SQL); print "<table width=100% border=0><tr><td width=50%><b>$dx[username]</b></td><td align=left>$data[date]</td></tr>"; print "<tr><td colspan=2>$data[content] <a href=\"javascript:report($id,$data[id]);\"><font color='red'>ΚΘανΫ</font></a>"; if(check_login_cookies()){ print " [<a href='".iif($admin_path,$admin_path,"admin")."/index.php?action=comment_del&id=$data[id]&cat=$id'>$phrases[delete]</a>]"; } print "<br><hr size=1 class=separate_line></td></tr></table>"; } close_table(); } } }
"; } //------------------------------- Add Files --------------------------------------------------- if($action =="photos_add"){ if_admin("photos"); if(!$add_limit){ $add_limit = $settings['photos_add_limit'] ; } $cat = intval($cat); if($cat > 0){ $dir_data['cat'] = $cat ; while($dir_data['cat']!=0){ $dir_data = db_qr_fetch("select name,id,cat from photos_cats where id='$dir_data[cat]'"); $dir_content = "<a href='index.php?action=photos_cats&cat=$dir_data[id]'>$dir_data[name]</a> / ". $dir_content ; } } print "<p align=right><img src='images/link.gif'><a href='index.php?action=photos_cats&cat=0'>$phrases[main_page] </a> / $dir_content</p>"; $add_limit = intval($add_limit); print " <center> <form method=\"POST\" action=\"index.php\"> <input type=\"hidden\" name=\"cat\" value='$cat'> <input type=hidden name=action value=photos_add> <table width=30% class=grid>
} // ******************************************************************************************** // display thread if ($action == 'songs') { $id = intval($id); $qr = db_query("select name from songs_singers where id='{$id}'"); if (db_num($qr)) { $data = db_fetch($qr); $title_sub = "{$data['name']}"; } else { $title_sub = ""; } print_header("{$sitename} - {$title_sub}"); if (db_qr_num("select * from songs_singers where id='{$id}'")) { $datasngr = db_qr_fetch("select name,id,cat from songs_singers where id='{$id}'"); $hdr = db_qr_fetch("select * from songs_cats where id='{$datasngr['cat']}'"); print "<div id='navbar'> <a href='index.php'> الرئيسية </a> > <a href='browse-{$hdr['id']}.html'>{$hdr['name']}</a> "; print "</div>"; print "<p class=\"largefont\">عرض النسخة الكاملة : <a href='{$script_url}/songs.php?id={$id}'> {$title_sub} </a></p>\n"; } $qr = db_query("select * from songs_songs where album='{$id}'"); if (db_num($qr)) { while ($data = db_fetch($qr)) { print "<li> <a href='{$script_url}/download.php?id={$data['id']}'>{$data['name']}</a></li>"; } } else { print "<center> لا يوجد محتوى </center>"; } } //***************************** news ********************************** if ($action == "news") {
} print "<p align=center class=title> гск ЪфЪйб ЧсуцЧноЩ </p>"; $qr=db_query("select * from store_products_data where active=0 and userid !=0 order by id"); if(db_num($qr)){ print "<table width=100% class=grid>"; while($data=db_fetch($qr)){ $data_client = db_qr_fetch("select ".members_fields_replace('username')." from ".members_table_replace('store_clients')." where id='$data[userid]'",MEMBER_SQL); print "<tr><td><a href='index.php?action=client_edit&id=$data[userid]'>$data_client[username]</a></td> <td>$data[name]</td> <td>"; unset($dir_content); $dir_data['cat'] = $data['cat'] ; while($dir_data['cat']!=0){ $dir_data = db_qr_fetch("select name,id,cat from store_products_cats where id='$dir_data[cat]'"); $dir_content = "$dir_data[name] / ". $dir_content ; } print "$dir_content</td> <td> <a href='index.php?action=clients_items_activate&id=$data[id]'> Ънкэс </a> - <a href='index.php?action=product_edit&id=$data[id]&cat=$data[cat]'>удЧхЯЩ / ЪкЯэс </a> - <a href='index.php?action=products_del&id=$data[id]&cat=$data[cat]' onClick=\"return confirm('$phrases[are_you_sure]');\">Эан</a> </td></tr>"; } print "</table>"; }else{ print_admin_table("<center> сЧ ЪцЬЯ гск </center>"); }
if($action=="events_add_ok"){ db_query("insert into events_data (name,content,day,month,year,typeid) values('$name','$content','$day','$month','$year','$typeid')"); } if($action=="events_edit_ok"){ db_query("update events_data set name='$name',content='$content',day='$day',month='$month',year='$year',typeid='$typeid' where id='$id'"); } if($action=="events_del"){ db_query("delete from events_data where id='$id'"); } //------------- show events ------------------------ print "<center> [ <a href='index.php?action=events_add'> $phrases[add_event] </a> ] </center><br>"; $qr = db_query("select * from events_data order by day,month,year DESC"); if(db_num($qr)){ print "<center><table width=98% class=grid>"; while($data = db_fetch($qr)){ $datax = db_qr_fetch("select * from events_types where id='$data[typeid]'"); print "<tr><td width=5 bgcolor='$datax[color]'> </td> <td><span dir=ltr>$data[day]/$data[month]/$data[year]</span></td> <td width=50%>$data[name]</td> <td>$datax[name]</td> <td> <a href='index.php?action=events_edit&id=$data[id]'> $phrases[edit] </a> - <a href='index.php?action=events_del&id=$data[id]' onClick=\"return confirm('Are you sure you want to delete ?');\"> $phrases[delete] </a></td></tr>"; } print "</table></center>";
<td><a href='index.php?action=guestbook_edit&id=$data[id]'>�����</a></td> <td><a href='index.php?action=guestbook_del&id=$data[id]' onclick=\"confirm('�� ��� ����� �')\">���</a></td></tr>"; } print "</table></center>"; }else{ print_admin_table("<center> �� ���� ����� </center>"); } } if($action=="guestbook_edit"){ if_admin("guestbook"); $id=intval($id); $data = db_qr_fetch("select * from guestbook_data where id='$id'"); print "<form action=index.php method=post> <input type=hidden name=action value='guestbook_edit_ok'> <input type=hidden name=id value='$id'> <input type=hidden name=redirect value='".intval($redirect)."'> <table width=100% class=grid> <tr><td colspan=2>$data[date]</td></tr> <tr><td width=20%><b>�����:</b></td><td> <input type=text name=name size=20 value='$data[name]'></td></tr> <tr><td width=20%><b>������ ���������� :</b></td><td><input type=text name=email size=20 dir=ltr value='$data[email]'></td></tr> <tr><td width=20%><b>������� :</b></td><td> <textarea cols=30 rows=5 name=msg>$data[msg]</textarea></td></tr> <tr><td colspan=2 align=center><input type=submit value=' ����� '></td></tr> </table></form>"; }
</td></tr> "; print "<td><b> $phrases[the_cat] : </b> </td><td><select id=cat name=cat ".iif($type=="audio","onChange=\"get_send_file_form(\$('type').value,\$('cat').value,0);\"")."> <option value=''> -- اختر القسم --</option>"; if($type=="" || $type=="audio"){ $qr=db_query("select * from songs_cats where active=1 order by id asc"); while($data = db_fetch($qr)){ print "<option value='$data[id]'".iif($data['id']==$cat," selected").">".iif($data_cat['name'],"$data_cat[name] -> ")."$data[name]</option>"; } }else{ $qr=db_query("select * from songs_videos_cats where active=1 order by cat asc"); while($data = db_fetch($qr)){ $data_cat = db_qr_fetch("select name from songs_videos_cats where id='$data[cat]'"); print "<option value='$data[id]'".iif($data['id']==$cat," selected").">".iif($data_cat['name'],"$data_cat[name] -> ")."$data[name]</option>"; } } print "</select></td></tr>"; if($type=="audio" && $cat){ print "<tr><td><b> $phrases[singer] : </b> </td><td><select id='singer' name=singer ".iif($type=="audio","onChange=\"get_send_file_form(\$('type').value,\$('cat').value,this.value);\"").">"; $qr=db_query("select * from songs_singers where active=1 and cat='$cat' order by id asc"); while($data = db_fetch($qr)){ if(!$singer){$singer=$data['id'];} print "<option value='$data[id]'".iif($data['id']==$singer," selected").">$data[name]</option>"; }
print " <form action=index.php method=post> <input type=hidden name=id value='$id'> <input type=hidden name=action value='members_files_accept'> <input type=hidden name=userid value='$userid'> <table width=100% class=grid> <tr><td colspan=2 align=center><img src=\"../".get_image($data['img'])."\"></td></tr> <tr> <td><b> Чгу Чсусн : </b> </td><td><input type=text name='name' value=\"$data[name]\" size=30></td></tr> <td><b> бЧШи Чсусн : </b> </td><td><input type=text name=url value=\"$data[url]\" size=40 dir=ltr></td></tr> <td><b> ецбЩ Чсусн : </b> </td><td><input type=text name=img value=\"$data[img]\" size=40 dir=ltr></td></tr> <td><b> цен Чсусн : </b> </td><td><textarea cols=40 rows=5 name=details>$data[details]</textarea></td></tr> <td><b> Чсогу : </b> </td><td><select name=cat>"; $qr=db_query("select * from mobile_cats order by cat asc"); while($data = db_fetch($qr)){ $data_cat = db_qr_fetch("select name from mobile_cats where id='$data[cat]'"); print "<option value='$data[id]'".iif($data['id']==$data['cat']," selected").">".iif($data_cat['name'],"$data_cat[name] -> ")."$data[name]</option>"; } print "</select></td></tr> <tr><td colspan=2 align=center><input type=submit value=' оШцс Чсусн '></td></tr> <tr><td colspan=2 align=left><a href='index.php?action=members_files_del&id=$data[id]' onClick=\"return confirm('are you sure ?');\">Эан Чсусн</a></td></tr> </table> </form>"; }else{ print_admin_table("<center>wrong url</center>"); } }
$dedi_msg_max = 200 ; //if($action=="send" && (strlen($msg) >= $dedi_msg_min) && (strlen($msg) <= $dedi_msg_max)){ //setcookie('songs_dedi_added', "1" , time() + $dedi_timeout,"/"); //setcookie('songs_dedi_name', "$name" , (time() + 60*60*24*30),"/"); //} print "<html dir=rtl> <meta http-equiv=\"Content-Type\" content=\"text/html; charset=$settings[site_pages_encoding]\" /> <LINK href=\"css.php\" type=\"text/css\" rel=\"stylesheet\"> <title>الإهداءات</title>\n"; open_table(); if(check_member_login()){ $data_prev = db_qr_fetch("select date from songs_dedications where `user` like '".db_escape($member_data['username'])."' order by date desc limit 1"); if($data_prev['date'] && (strtotime($data_prev['date'])+$dedi_timeout) > time()){ print "<center> عفوا , يمكنك ارسال اهداء كل ".intval(($dedi_timeout/60)) ." دقيقة </center>"; }else{ if($action=="send"){ $msg = trim($msg); // $msg = htmlspecialchars($msg); // if (!$_COOKIE['songs_dedi_added']){ if((strlen($msg) >= $dedi_msg_min) && (strlen($msg) <= $dedi_msg_max)){ db_query("insert into songs_dedications(user,msg,date,active)values('".db_escape($member_data['username'])."','".db_escape($msg)."',now(),'".iif($dedications_admin_review,0,1)."')"); print "<center> تم ارسال اهدائك </center>"; print "<script>
<? if(!defined("CUR_FILENAME")){ die("You can't access file directly ... "); } //--------------------------- Video Browse --------------------------------------- if($action=="videos"){ if($cat){ $qr = db_query("select * from videos_data where cat='$cat' order by id DESC"); $data_title = db_qr_fetch("select name from videos_cats where id='$cat'"); open_table($data_title['name']); if(db_num($qr)){ print "<center><table width=100%>" ; $c=0; while($data = db_fetch($qr)){ if ($c==$settings['news_cells']) { print " </tr><TR>" ; $c = 0 ; } ++$c ; print " <td><center><a href='index.php?action=video_preview&id=$data[id]'> <img border=0 alt='$phrases[the_name] : $data[name] \n$phrases[add_date] : ".substr($data['date'],0,10)."' src='".get_image($data['img'])."'>
<? require("global.php"); $data = db_qr_fetch("select url from members_files where id='".$id."'"); $url = $data['url']; run_template('song_listen');
}else{ print "<SCRIPT>window.location=\"index.php?action=comments\";</script>"; } } if ($action == "comment_activate"){ $id = intval( $id ); db_query( "update comments_data set active=1 where id='".$id."'" ); } $qr = db_query( "select * from comments_data where active=0 order by id desc" ); print "<p align=center class=title> ÊÚáíÞÇÊ ÊäÊÙÑ ÇáãæÇÝÞÉ </p>"; if (db_num($qr)){ print "<center><table width=100% class=grid>"; while($data = db_fetch($qr)){ $data_news = db_qr_fetch("select title from news_news where id='$data[news_id]'"); print "<tr><td><a href='$scripturl/index.php?action=news&id=$data[news_id]' target=_blank>$data_news[title]</a></td> <td>$data[name]</td><td>$data[email]</td><td>$data[content]</td><td>$data[date]</td><td><a href='index.php?action=comment_activate&id=$data[id]'> ÊÝÚíá </a> - <a href='index.php?action=comment_edit&id=$data[id]'>ÊÚÏíá</a> - <a href='index.php?action=comment_del&id=$data[id]' onClick=\"return confirm('Are You Sure ?');\">ÍÐÝ</a></td></tr>"; } print "</table></center>"; }else{ print "<center> áÇ ÊæÌÏ ÊÚáÞíÇÊ </center>"; } } //--------- comments del ---- if ($action == "comment_del"){ if_admin( "comments" );
}else{ print "<tr><td align=center> áÇÊæÌÏ ßáíÈÇÊ </td></tr>"; } print "</table>"; } } //----------------------------------------------------------------------------- if($action == "video_edit"){ $id = intval($id); $data=db_qr_fetch("select * from videos_data where id=$id"); print "<center>" ; print "<form name=sender action=index.php method=post> <input type=hidden name=action value='video_edit_ok'> <input type=hidden name=cat value='$cat'> <input type=hidden name=id value='$id'> <table class=grid width=40% > <tr><td> ÇáÇÓã : </td><td><input type=text name=name size=30 value=\"$data[name]\"></td></tr> <tr><td> ÑÇÈØ ÇáÊÍãíá : </td><td><input type=text name=url size=30 value='$data[url]'></td></tr> <tr><td> ÇáÕæÑÉ :</td> <td> <table><tr><td><input type=text dir=ltr size=30 name=img value=\"$data[img]\"></td><td><a href=\"javascript:uploader('videos','img');\"><img src='images/file_up.gif' border=0 alt='ÑÝÚ ÕæÑÉ ãä ÇáÌåÇÒ'></a></td></tr></table> </td></tr>
<? if($action=="download"){ $id= (int) $id; $cat = (int) $cat; if(!$cat){$cat=1;} $data = db_qr_fetch("select songs_songs.name,songs_songs.album_id, songs_singers.name as singer_name,songs_cats.name as cat_name from songs_songs,songs_singers,songs_cats where songs_singers.id=songs_songs.album and songs_cats.id = songs_singers.cat and songs_songs.id='$id'"); open_table("$data[singer_name] - $data[name]"); print "<center><a href='song_download_".$id."_".$cat."'><h3>تحميل الاغنية</h3></a></center>"; close_table(); }
function get_client_name($id){ $id =(int) $id; $product_client = db_qr_fetch("select username from store_clients where id='".$id."'"); return $product_client['username']; }
//------------------ Guest Book -------------------------- if($action=="guestbook"){ print "<img src='images/arrw.gif'> <a href='index.php?action=guestbook_add'> ����� ��� ����� </a><br><br>"; $start = intval($start); if(!$limit){$limit=30;} $limit=intval($limit); $qr = db_query("select * from guestbook_data where active=1 order by id DESC limit $start,$limit"); if(db_num($qr)){ $page_result = db_qr_fetch("select count(*) as count from guestbook_data where active=1"); $numrows=$page_result['count']; $previous_page=$start - $m_perpage; $next_page=$start + $m_perpage; $m_perpage = $limit ; $page_string = "index.php?action=guestbook"; while($data = db_fetch($qr)){ open_table(); print "<table > <tr><td colspan=2>$data[date]</td></tr>
<? if(!check_admin_login()){die("<center> $phrases[access_denied] </center>");} //-------------- main --------------- if(!$action){ if($dedications_admin_review){ $count = db_qr_fetch("select count(*) as count from songs_dedications where active=0"); print "<br>"; print_admin_table("<b>اهدائات تنتظر الموافقة : </b> <a href='index.php?action=dedications'>".intval($count['count'])." </a>"); } } //-------------------------- Dedications --------------------- if($action=="dedications" || $action=="dedications_del" || $action=="dedications_edit_ok" || $action=="dedications_enable" || $action=="dedications_disable"){ if_admin("dedications"); print "<p align=center class=title> الإهدائات </p>" ; //-------------- del -------------------- if($action=="dedications_del"){ if(!is_array($d_id)){$d_id=array($id);} foreach($d_id as $del_id){ db_query("delete from songs_dedications where id='$del_id'"); } } //---------- edit ------------------- if($action=="dedications_edit_ok"){
<META http-equiv=Content-Type content=\"text/html; charset=$settings[site_pages_encoding]\"> <LINK href='css.php' type=text/css rel=StyleSheet>"; print "<title> ΚΘανΫ </title>"; open_table(); if(!$HTTP_COOKIE_VARS[$cookie_name]){ if($id && $cid){ $cid = (int) $cid; $id = (int) $id; $data=db_qr_fetch("select * from mobile_files_comments where id='$cid'"); $msg = "Ηαγαέ : <a href=\"$scripturl/details_".$id.".html\">$scripturl/details_".$id.".html</a>"; $msg .= "<br><br>-----------------------<br>"; $msg .= "<br> $data[content] <br>"; $msg .= "<br>-----------------------<br>"; $mailResult = send_email($sitename,$mailing_email,$admin_email,"ΚΘανΫ",$msg,$settings['mailing_default_use_html'],$settings['mailing_default_encoding']); print "<center> Κγ ΚΘανΫ ΗαΗΟΗΡΙ , ΤίΡΗ αί </center>"; }else{ print "<center> ΡΗΘΨ ΞΗΨνΑ </center>"; } }else{
print "<center> н—ћм ”ћнб «бѕќжб «жб« </center>"; close_table(); } } //-------------- Comments -------------------- $qr = db_query("select * from store_products_comments where cat ='$id' and active=1"); if(db_num($qr)){ $is_admin = check_login_cookies() && if_admin("products_comments",1) ; open_table("«б Џбнё« "); print "<hr size=1 class=separate_line>"; while($data = db_fetch($qr)){ $dx = db_qr_fetch("select * from ".members_table_replace('store_clients')." where ".members_fields_replace('id')."='$data[userid]'",MEMBER_SQL); print "<table width=100% border=0><tr><td width=50%><b>$dx[username]</b><td align=left>$data[date]</td></tr>"; print "<tr><td colspan=2>$data[content]"; if($is_admin){ print " [<a href='".iif($admin_folder,$admin_folder,"admin")."/index.php?action=products_comment_del&id=$data[id]&cat=$id'>Ќ–Ё</a>]"; } print "<br><hr size=1 class=separate_line></td></tr></table>"; } close_table(); } //------------ send comment --------------- open_table("«—”«б Џбнё");