PHP dbquery_insert Examples

Example #1

File: forum_include.php Project: php-fusion/PHP-Fusion

/**
 * Cast Question Votes
 * @param     $info
 * @param int $points
 * @todo: move and improvise the voting system
 */
function set_forumVotes($info, $points = 0)
{
    global $userdata;
    // @todo: extend on user's rank threshold before can vote. - Reputation threshold- Roadmap 9.1
    // @todo: allow multiple votes / drop $res - Roadmap 9.1
    if (checkgroup($info['forum_vote']) && dbcount("('thread_id')", DB_FORUM_THREADS, "thread_locked='0'")) {
        $data = array('forum_id' => $_GET['forum_id'], 'thread_id' => $_GET['thread_id'], 'post_id' => $_GET['post_id'], 'vote_points' => $points, 'vote_user' => $userdata['user_id'], 'vote_datestamp' => time());
        $hasVoted = dbcount("('vote_user')", DB_FORUM_VOTES, "vote_user='******'user_id']) . "' AND thread_id='" . intval($_GET['thread_id']) . "'");
        if (!$hasVoted) {
            $isSelfPost = dbcount("('post_id')", DB_FORUM_POSTS, "post_id='" . intval($_GET['post_id']) . "' AND post_user='******'user_id']) . "");
            if (!$isSelfPost) {
                $result = dbquery_insert(DB_FORUM_VOTES, $data, 'save', array('noredirect' => 1, 'no_unique' => 1));
                if ($result && $info['forum_answer_threshold'] > 0) {
                    $vote_result = dbquery("SELECT SUM('vote_points'), thread_id FROM " . DB_FORUM_VOTES . " WHERE post_id='" . $data['post_id'] . "'");
                    $v_data = dbarray($vote_result);
                    if ($info['forum_answer_threshold'] != 0 && $v_data['vote_points'] >= $info['forum_answer_threshold']) {
                        $result = dbquery("UPDATE " . DB_FORUM_THREADS . " SET 'thread_locked'='1' WHERE thread_id='" . $v_data['thread_id'] . "'");
                    }
                }
                redirect(FORUM . "viewthread.php?thread_id=" . $_GET['thread_id'] . "&post_id=" . $_GET['post_id']);
            } else {
                redirect(FORUM . "viewthread.php?thread_id=" . $_GET['thread_id'] . "&post_id=" . $_GET['post_id'] . '&error=vote_self');
            }
        } else {
            redirect(FORUM . "viewthread.php?thread_id=" . $_GET['thread_id'] . "&post_id=" . $_GET['post_id'] . '&error=vote');
        }
    }
}

Example #2

File: tags.php Project: php-fusion/PHP-Fusion

 protected function post_tags()
 {
     global $aidlink;
     if (isset($_POST['save_tag'])) {
         $this->data = array('tag_id' => isset($_GET['tag_id']) && isnum($_GET['tag_id']) ? intval($_GET['tag_id']) : 0, 'tag_title' => form_sanitizer($_POST['tag_title'], '', 'tag_title'), 'tag_language' => form_sanitizer($_POST['tag_language'], '', 'tag_language'), 'tag_color' => form_sanitizer($_POST['tag_color'], '', 'tag_color'), 'tag_description' => form_sanitizer($_POST['tag_description'], '', 'tag_description'), 'tag_status' => isset($_POST['tag_status']) && isnum($_POST['tag_status']) ? intval($_POST['tag_status']) : 0);
         if (\defender::safe()) {
             if (!empty($this->data['tag_id'])) {
                 /**
                  * Update
                  */
                 dbquery_insert(DB_FORUM_TAGS, $this->data, "update");
                 addNotice('success', self::$locale['forum_tag_0105']);
                 redirect(FUSION_SELF . $aidlink . '&section=ft');
             } else {
                 /**
                  * Save New
                  */
                 dbquery_insert(DB_FORUM_TAGS, $this->data, "save");
                 addNotice('success', self::$locale['forum_tag_0106']);
                 redirect(FUSION_SELF . $aidlink . '&section=ft');
             }
         }
     }
     if (isset($_GET['delete']) && isnum($_GET['delete'])) {
         $result = dbquery("DELETE FROM " . DB_FORUM_TAGS . " WHERE tag_id='" . $_GET['delete'] . "'");
         if ($result) {
             addNotice("success", self::$locale['forum_tag_0107']);
             redirect(FUSION_SELF . $aidlink . '&section=ft');
         }
     }
 }

Example #3

File: ranks.php Project: php-fusion/PHP-Fusion

 protected function post_forum_ranks()
 {
     global $aidlink;
     if (isset($_POST['save_rank'])) {
         $this->data = array('rank_id' => isset($_GET['rank_id']) && isnum($_GET['rank_id']) ? intval($_GET['rank_id']) : 0, 'rank_title' => form_sanitizer($_POST['rank_title'], '', 'rank_title'), 'rank_image' => form_sanitizer($_POST['rank_image'], "", "rank_image"), 'rank_language' => form_sanitizer($_POST['rank_language'], "", "rank_language"), 'rank_posts' => isset($_POST['rank_posts']) && isnum($_POST['rank_posts']) ? $_POST['rank_posts'] : 0, 'rank_type' => isset($_POST['rank_type']) && isnum($_POST['rank_type']) ? $_POST['rank_type'] : 0, 'rank_apply_normal' => isset($_POST['rank_apply_normal']) && isnum($_POST['rank_apply_normal']) ? $_POST['rank_apply_normal'] : USER_LEVEL_MEMBER, 'rank_apply_special' => isset($_POST['rank_apply_special']) && isnum($_POST['rank_apply_special']) ? $_POST['rank_apply_special'] : 1);
         $this->data += array('rank_apply' => $this->data['rank_type'] == 2 ? $this->data['rank_apply_special'] : $this->data['rank_apply_normal']);
         if (\defender::safe()) {
             if (!empty($this->data['rank_id']) && !$this->check_duplicate_ranks()) {
                 /**
                  * Update
                  */
                 dbquery_insert(DB_FORUM_RANKS, $this->data, "update");
                 addNotice('info', self::$locale['411']);
                 redirect(FUSION_SELF . $aidlink . '&section=fr');
             } elseif (!$this->check_duplicate_ranks()) {
                 /**
                  * Save New
                  */
                 dbquery_insert(DB_FORUM_RANKS, $this->data, "save");
                 addNotice('info', self::$locale['410']);
                 redirect(FUSION_SELF . $aidlink . '&section=fr');
             }
         }
     }
     if (isset($_GET['delete']) && isnum($_GET['delete'])) {
         $result = dbquery("DELETE FROM " . DB_FORUM_RANKS . " WHERE rank_id='" . $_GET['delete'] . "'");
         if ($result) {
             addNotice("success", self::$locale['412']);
             redirect(FUSION_SELF . $aidlink . '&section=fr');
         }
     }
 }

Example #4

File: mood.php Project: php-fusion/PHP-Fusion

 /**
  * Post execution of forum mood
  */
 protected function post_Mood()
 {
     $locale = fusion_get_locale('', FORUM_ADMIN_LOCALE);
     if (isset($_POST['cancel_mood'])) {
         redirect(clean_request('', array('mood_id', 'ref'), FALSE));
     }
     if (isset($_POST['save_mood'])) {
         $this->data = array("mood_id" => form_sanitizer($_POST['mood_id'], 0, 'mood_id'), "mood_name" => form_sanitizer($_POST['mood_name'], '', 'mood_name', TRUE), "mood_description" => form_sanitizer($_POST['mood_description'], '', 'mood_description', TRUE), "mood_icon" => form_sanitizer($_POST['mood_icon'], '', 'mood_icon'), "mood_status" => form_sanitizer($_POST['mood_status'], '', 'mood_status'), "mood_notify" => form_sanitizer($_POST['mood_notify'], '', 'mood_notify'), "mood_access" => form_sanitizer($_POST['mood_access'], '', 'mood_access'));
         if (\defender::safe()) {
             if (!empty($this->data['mood_id'])) {
                 dbquery_insert(DB_FORUM_MOODS, $this->data, 'update');
                 addNotice('success', $locale['forum_notice_16']);
             } else {
                 dbquery_insert(DB_FORUM_MOODS, $this->data, 'save');
                 addNotice('success', $locale['forum_notice_15']);
             }
             redirect(clean_request('', array('mood_id', 'ref'), FALSE));
         }
     }
 }

Example #5

File: mood.php Project: php-fusion/PHP-Fusion

 public function post_mood()
 {
     $response = FALSE;
     // this is general single static output
     if (isset($_POST['post_mood']) && isnum($_POST['post_mood'])) {
         // if is a valid mood
         // insert into post notify
         $notify_data = array('post_id' => form_sanitizer($_POST['post_id'], 0, 'post_id'), 'notify_mood_id' => intval($_POST['post_mood']), 'notify_datestamp' => time(), 'notify_user' => form_sanitizer($_POST['post_author'], 0, 'post_author'), 'notify_sender' => fusion_get_userdata('user_id'), 'notify_status' => 1);
         if (\defender::safe() && dbcount('(mood_id)', DB_FORUM_MOODS, "mood_id='" . $notify_data['notify_mood_id'] . "'") && !$this->mood_exists($notify_data['notify_sender'], $notify_data['notify_mood_id'], $notify_data['post_id'])) {
             dbquery_insert(DB_POST_NOTIFY, $notify_data, 'save');
             $response = TRUE;
         }
     } elseif (isset($_POST['unpost_mood']) && isnum($_POST['unpost_mood'])) {
         // if is a valid mood
         // insert into post notify
         $notify_data = array('post_id' => form_sanitizer($_POST['post_id'], 0, 'post_id'), 'notify_mood_id' => intval($_POST['unpost_mood']), 'notify_user' => form_sanitizer($_POST['post_author'], 0, 'post_author'), 'notify_sender' => fusion_get_userdata('user_id'));
         if (\defender::safe() && dbcount('(mood_id)', DB_FORUM_MOODS, "mood_id='" . $notify_data['notify_mood_id'] . "'") && $this->mood_exists($notify_data['notify_sender'], $notify_data['notify_mood_id'], $notify_data['post_id'])) {
             dbquery("DELETE FROM " . DB_POST_NOTIFY . " WHERE post_id=" . $notify_data['post_id'] . "\n                AND notify_mood_id=" . $notify_data['notify_mood_id'] . "\n                AND notify_user="******"\n                AND notify_sender=" . $notify_data['notify_sender']);
             $response = TRUE;
         }
     }
     return (bool) $response;
 }

Example #6

File: view.php Project: php-fusion/PHP-Fusion

 /**
  * Display Forum Form
  */
 public function display_forum_form()
 {
     require_once INCLUDES . 'photo_functions_include.php';
     require_once INCLUDES . 'infusions_include.php';
     $forum_settings = $this->get_forum_settings();
     $language_opts = fusion_get_enabled_languages();
     add_breadcrumb(array('link' => '', 'title' => self::$locale['forum_001']));
     if (!isset($_GET['action']) && $_GET['parent_id']) {
         $data['forum_cat'] = $_GET['parent_id'];
     }
     $type_opts = array('1' => self::$locale['forum_opts_001'], '2' => self::$locale['forum_opts_002'], '3' => self::$locale['forum_opts_003'], '4' => self::$locale['forum_opts_004']);
     $forum_image_path = FORUM . "images/";
     if (isset($_POST['remove_image']) && isset($_POST['forum_id'])) {
         $data['forum_id'] = form_sanitizer($_POST['forum_id'], '', 'forum_id');
         if ($data['forum_id']) {
             $data = self::get_forum($data['forum_id']);
             if (!empty($data)) {
                 $forum_image = $forum_image_path . $data['forum_image'];
                 if (!empty($data['forum_image']) && file_exists($forum_image) && !is_dir($forum_image)) {
                     @unlink($forum_image);
                     $data['forum_image'] = '';
                 }
                 dbquery_insert(DB_FORUMS, $data, 'update');
                 addNotice('success', self::$locale['forum_notice_8']);
                 redirect(FUSION_REQUEST);
             }
         }
     }
     opentable(self::$locale['forum_001']);
     echo openform('inputform', 'post', FUSION_REQUEST, array('enctype' => 1));
     echo "<div class='row'>\n<div class='col-xs-12 col-sm-8 col-md-8 col-lg-8'>\n";
     echo form_text('forum_name', self::$locale['forum_006'], $this->data['forum_name'], array('required' => 1, 'error_text' => self::$locale['forum_error_1'])) . form_textarea('forum_description', self::$locale['forum_007'], $this->data['forum_description'], array('autosize' => 1, 'type' => 'bbcode', 'form_name' => 'inputform', 'preview' => TRUE)) . form_text('forum_alias', self::$locale['forum_011'], $this->data['forum_alias']);
     echo "</div><div class='col-xs-12 col-sm-4 col-md-4 col-lg-4'>\n";
     openside('');
     $self_id = $this->data['forum_id'] ? $this->data['forum_id'] : '';
     echo form_select_tree('forum_cat', self::$locale['forum_008'], $this->data['forum_cat'], array('add_parent_opts' => 1, 'disable_opts' => $self_id, 'hide_disabled' => 1), DB_FORUMS, 'forum_name', 'forum_id', 'forum_cat', $self_id) . form_select('forum_type', self::$locale['forum_009'], $this->data['forum_type'], array("options" => $type_opts)) . form_select('forum_language', self::$locale['forum_010'], $this->data['forum_language'], array("options" => $language_opts)) . form_text('forum_order', self::$locale['forum_043'], $this->data['forum_order'], array('number' => 1)) . form_button('save_forum', $this->data['forum_id'] ? self::$locale['forum_000a'] : self::$locale['forum_000'], self::$locale['forum_000'], array('class' => 'btn btn-sm btn-success'));
     closeside();
     echo "</div>\n</div>\n";
     echo "<div class='row'>\n<div class='col-xs-12 col-sm-8 col-md-8 col-lg-8'>\n";
     echo form_select('forum_meta', self::$locale['forum_012'], $this->data['forum_meta'], array('tags' => 1, 'multiple' => 1, 'width' => '100%'));
     if ($this->data['forum_image'] && file_exists(FORUM . "images/" . $this->data['forum_image'])) {
         openside();
         echo "<div class='pull-left m-r-10'>\n";
         echo thumbnail(FORUM . "images/" . $this->data['forum_image'], '80px', '80px');
         echo "</div>\n<div class='overflow-hide'>\n";
         echo "<span class='strong'>" . self::$locale['forum_013'] . "</span><br/>\n";
         $image_size = @getimagesize(FORUM . "images/" . $this->data['forum_image']);
         echo "<span class='text-smaller'>" . sprintf(self::$locale['forum_027'], $image_size[0], $image_size[1]) . "</span><br/>";
         echo form_hidden('forum_image', '', $this->data['forum_image']);
         echo form_button('remove_image', self::$locale['forum_028'], self::$locale['forum_028'], array('class' => 'btn-danger btn-sm m-t-10', 'icon' => 'fa fa-trash'));
         echo "</div>\n";
         closeside();
     } else {
         $tab_title['title'][] = self::$locale['forum_013'];
         $tab_title['id'][] = 'fir';
         $tab_title['icon'][] = '';
         $tab_title['title'][] = self::$locale['forum_014'];
         $tab_title['id'][] = 'ful';
         $tab_title['icon'][] = '';
         $tab_active = tab_active($tab_title, 0);
         echo opentab($tab_title, $tab_active, 'forum-image-tab', FALSE, "m-t-20 m-b-20");
         // Upload Image
         echo opentabbody($tab_title['title'][0], 'fir', $tab_active);
         echo "<span class='display-inline-block m-t-10 m-b-10'>" . sprintf(self::$locale['forum_015'], parsebytesize($forum_settings['forum_attachmax'])) . "</span>\n";
         $fileOptions = array("upload_path" => $forum_image_path, "thumbnail" => TRUE, "thumbnail_folder" => $forum_image_path, "type" => "image", "delete_original" => TRUE, "max_count" => $forum_settings['forum_attachmax']);
         echo form_fileinput('forum_image', "", '', $fileOptions);
         echo closetabbody();
         // Upload image via Web Address
         echo opentabbody($tab_title['title'][1], 'ful', $tab_active);
         echo "<span class='display-inline-block m-t-10 m-b-10'>" . self::$locale['forum_016'] . "</strong></span>\n";
         $header_opts = array('0' => 'Local Server', '1' => 'URL');
         echo form_select('forum_image_header', self::$locale['forum_056'], '', array('inline' => TRUE, 'options' => $header_opts));
         echo form_text('forum_image_url', self::$locale['forum_014'], '', array('placeholder' => 'images/forum/', 'inline' => TRUE));
         echo closetabbody();
         echo closetab();
     }
     echo form_textarea('forum_rules', self::$locale['forum_017'], $this->data['forum_rules'], array('autosize' => 1, 'bbcode' => 1));
     echo "</div><div class='col-xs-12 col-sm-4 col-md-4 col-lg-4'>\n";
     openside('');
     // need to get parent category
     echo form_select_tree('forum_permissions', self::$locale['forum_025'], $this->data['forum_branch'], array('no_root' => 1, 'deactivate' => $this->data['forum_id'] ? TRUE : FALSE), DB_FORUMS, 'forum_name', 'forum_id', 'forum_cat');
     if ($this->data['forum_id']) {
         echo form_button('jp_forum', self::$locale['forum_029'], self::$locale['forum_029'], array('class' => 'btn-sm btn-default m-r-10'));
     }
     closeside();
     openside('');
     echo form_checkbox('forum_lock', self::$locale['forum_026'], $this->data['forum_lock'], array("reverse_label" => TRUE)) . form_checkbox('forum_users', self::$locale['forum_024'], $this->data['forum_users'], array("reverse_label" => TRUE)) . form_checkbox('forum_quick_edit', self::$locale['forum_021'], $this->data['forum_quick_edit'], array("reverse_label" => TRUE)) . form_checkbox('forum_merge', self::$locale['forum_019'], $this->data['forum_merge'], array("reverse_label" => TRUE)) . form_checkbox('forum_allow_attach', self::$locale['forum_020'], $this->data['forum_allow_attach'], array("reverse_label" => TRUE)) . form_checkbox('forum_allow_poll', self::$locale['forum_022'], $this->data['forum_allow_poll'], array("reverse_label" => TRUE)) . form_hidden('forum_id', '', $this->data['forum_id']) . form_hidden('forum_branch', '', $this->data['forum_branch']);
     closeside();
     echo "</div>\n</div>\n";
     echo form_button('save_forum', $this->data['forum_id'] ? self::$locale['forum_000a'] : self::$locale['forum_000'], self::$locale['forum_000'], array('class' => 'btn-sm btn-success'));
     echo closeform();
     closetable();
 }

Example #7

File: gallery_cat.php Project: php-fusion/PHP-Fusion

                $data['album_thumb2'] = form_sanitizer(isset($_POST['album_thumb2']) ? $_POST['album_thumb2'] : "", "", "album_thumb2");
                $data['album_thumb1'] = form_sanitizer(isset($_POST['album_thumb1']) ? $_POST['album_thumb1'] : "", "", "album_thumb1");
            }
        }
    }
    if (defender::safe()) {
        if (dbcount("(album_id)", DB_PHOTO_ALBUMS, "album_id='" . intval($data['album_id']) . "'")) {
            // update album
            $result = dbquery_order(DB_PHOTO_ALBUMS, $data['album_order'], 'album_order', $data['album_id'], 'album_id', FALSE, FALSE, TRUE, 'album_language', 'update');
            dbquery_insert(DB_PHOTO_ALBUMS, $data, "update");
            addNotice('success', $locale['album_0013']);
            redirect(FUSION_SELF . $aidlink);
        } else {
            // create album
            $result = dbquery_order(DB_PHOTO_ALBUMS, $data['album_order'], 'album_order', 0, "album_id", FALSE, FALSE, TRUE, 'album_language', 'save');
            dbquery_insert(DB_PHOTO_ALBUMS, $data, "save");
            addNotice('success', $locale['album_0014']);
            redirect(FUSION_SELF . $aidlink);
        }
    }
}
// callback
if ($album_edit) {
    $result = dbquery("SELECT * FROM " . DB_PHOTO_ALBUMS . " WHERE album_id='" . intval($_GET['cat_id']) . "'");
    if (dbrows($result) > 0) {
        $data = dbarray($result);
    }
}
// edit features - add more in roadmap.
// add features to purge all album photos and it's administration
// add features to move all album photos to another album.

Example #8

File: download_settings.php Project: knapnet/PHP-Fusion

| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once INCLUDES . "mimetypes_include.php";
if (isset($_POST['savesettings'])) {
    // redo this part
    $StoreArray = array("download_max_b" => form_sanitizer($_POST['calc_b'], 1, "calc_b") * form_sanitizer($_POST['calc_c'], 1500000, "calc_c"), "download_types" => form_sanitizer($_POST['download_types'], "", "download_types"), "download_screen_max_w" => form_sanitizer($_POST['download_screen_max_w'], 500, "download_screen_max_w"), "download_screen_max_h" => form_sanitizer($_POST['download_screen_max_h'], 500, "download_screen_max_h"), "download_screen_max_b" => form_sanitizer($_POST['calc_bb'], 1, "calc_bb") * form_sanitizer($_POST['calc_cc'], 1500000, "calc_cc"), "download_thumb_max_h" => form_sanitizer($_POST['download_thumb_max_h'], 500, 'download_thumb_max_h'), "download_thumb_max_w" => form_sanitizer($_POST['download_thumb_max_w'], 500, 'download_thumb_max_w'), "download_screenshot" => form_sanitizer($_POST['download_screenshot'], 0, 'download_screenshot'), "download_pagination" => form_sanitizer($_POST['download_pagination'], 12, 'download_pagination'), "download_allow_submission" => form_sanitizer($_POST['download_allow_submission'], "", "download_allow_submission"), "download_screenshot_required" => isset($_POST['download_screenshot_required']) ? true : false, "download_extended_required" => isset($_POST['download_extended_required']) ? true : false);
    if ($defender->safe()) {
        foreach ($StoreArray as $key => $value) {
            $result = NULL;
            if ($defender->safe()) {
                $Array = array("settings_name" => $key, "settings_value" => $value, "settings_inf" => "downloads");
                dbquery_insert(DB_SETTINGS_INF, $Array, 'update', array("primary_key" => "settings_name"));
            }
        }
        addNotice('success', $locale['900']);
    } else {
        // send message your settings was not safe.
        addNotice('danger', $locale['901']);
        addNotice('danger', $locale['696']);
        addNotice('danger', $locale['900']);
    }
    redirect(FUSION_SELF . $aidlink . "&section=download_settings");
}
/**
 * Options for dropdown field
 */
$calc_opts = array(1 => 'Bytes (bytes)', 1000 => 'KB (Kilobytes)', 1000000 => 'MB (Megabytes)');

Example #9

File: widget.php Project: knapnet/PHP-Fusion

function debonair_theme_widget()
{
    global $locale;
    require_once "functions.php";
    $settings = get_theme_settings("debonair");
    /**
     * data parsing
     */
    $ubanner_col_1_data = uncomposeSelection($settings['ubanner_col_1']);
    $ubanner_col_2_data = uncomposeSelection($settings['ubanner_col_2']);
    $ubanner_col_3_data = uncomposeSelection($settings['ubanner_col_3']);
    $settings = array("main_banner_url" => $settings['main_banner_url'], "ubanner_col_1" => !empty($ubanner_col_1_data['selected']) ? $ubanner_col_1_data['selected'] : 0, "ubanner_col_2" => !empty($ubanner_col_2_data['selected']) ? $ubanner_col_2_data['selected'] : 0, "ubanner_col_3" => !empty($ubanner_col_3_data['selected']) ? $ubanner_col_3_data['selected'] : 0, "lbanner_col_1" => $settings['lbanner_col_1'], "lbanner_col_2" => $settings['lbanner_col_2'], "lbanner_col_3" => $settings['lbanner_col_3'], "lbanner_col_4" => $settings['lbanner_col_4'], "facebook_url" => $settings['facebook_url'], "twitter_url" => $settings['twitter_url']);
    if (isset($_POST['save_settings'])) {
        $inputArray = array("main_banner_url" => form_sanitizer($_POST['main_banner_url'], "", "main_banner_url"), "ubanner_col_1" => composeSelection(form_sanitizer($_POST['ubanner_col_1'], "", "ubanner_col_1")), "ubanner_col_2" => composeSelection(form_sanitizer($_POST['ubanner_col_2'], "", "ubanner_col_2")), "ubanner_col_3" => composeSelection(form_sanitizer($_POST['ubanner_col_3'], "", "ubanner_col_3")), "lbanner_col_1" => form_sanitizer($_POST['lbanner_col_1'], "", "lbanner_col_1"), "lbanner_col_2" => form_sanitizer($_POST['lbanner_col_2'], "", "lbanner_col_2"), "lbanner_col_3" => form_sanitizer($_POST['lbanner_col_3'], "", "lbanner_col_3"), "lbanner_col_4" => form_sanitizer($_POST['lbanner_col_4'], "", "lbanner_col_4"), "facebook_url" => form_sanitizer($_POST['facebook_url'], "", "facebook_url"), "twitter_url" => form_sanitizer($_POST['twitter_url'], "", "twitter_url"));
        foreach ($inputArray as $settings_name => $settings_value) {
            $sqlArray = array("settings_name" => $settings_name, "settings_value" => $settings_value, "settings_theme" => "debonair");
            dbquery_insert(DB_SETTINGS_THEME, $sqlArray, "update", array("primary_key" => "settings_name"));
        }
        if (defender::safe()) {
            redirect(FUSION_REQUEST);
        }
    }
    echo openform("debonair_theme_settings", "post", FUSION_REQUEST);
    $exclude_list = ".|..|.htaccess|.DS_Store|config.php|config.temp.php|.gitignore|LICENSE|README.md|robots.txt|reactivate.php|rewrite.php|maintenance.php|maincore.php|lostpassword.php|index.php|error.php";
    $list = array();
    $file_list = makefilelist(BASEDIR, $exclude_list);
    foreach ($file_list as $files) {
        $list[] = $files;
    }
    $include_list = array();
    $file_list = makefilelist(THEMES . "/debonair/include/", $exclude_list);
    foreach ($file_list as $files) {
        $include_list[$files] = str_replace(".php", "", str_replace("_", " ", ucwords($files)));
    }
    openside("");
    echo form_select("main_banner_url", $locale['debonair_0300'], $settings['main_banner_url'], array("options" => $list, "tags" => true, "multiple" => true, "width" => "100%", "inline" => false));
    echo "<p>" . $locale['debonair_0301'] . "</p>";
    closeside();
    openside("");
    echo form_text("facebook_url", $locale['debonair_0321'], $settings['facebook_url'], array("type" => "url", "inline" => true, "placeholder" => "http://www.facebook.com/your-page-id"));
    echo form_text("twitter_url", $locale['debonair_0322'], $settings['twitter_url'], array("type" => "url", "inline" => true, "placeholder" => "http://www.twitter.com/your-page-id"));
    closeside();
    $templateOpts[0] = $locale['debonair_0302'];
    /**
     * Article Selector
     */
    $articleOpts = array();
    if (db_exists(DB_ARTICLES)) {
        $article_result = dbquery("select article_id, article_subject, article_cat_language FROM " . DB_ARTICLES . " a\n\t \t\t\t\tleft join " . DB_ARTICLE_CATS . " ac on a.article_cat = ac.article_cat_id\n\t \t\t\t\torder by article_datestamp DESC\n\t \t\t\t\t");
        if (dbrows($article_result) > 0) {
            while ($data = dbarray($article_result)) {
                $articleOpts[$data['article_cat_language']][$data['article_id']] = $data['article_subject'];
            }
        }
        if (!empty($articleOpts)) {
            $templateOpts['articles'] = $locale['debonair_0303'];
        }
    }
    /**
     * News Selector
     */
    $newsOpts = array();
    if (db_exists(DB_NEWS)) {
        $news_result = dbquery("select news_id, news_subject, news_language FROM " . DB_NEWS . " order by news_datestamp DESC");
        if (dbrows($news_result) > 0) {
            while ($data = dbarray($news_result)) {
                $newsOpts[$data['news_language']][$data['news_id']] = $data['news_subject'];
            }
        }
        if (!empty($newsOpts)) {
            $templateOpts['news'] = $locale['debonair_0304'];
        }
    }
    /**
     * Blog Selector
     */
    $blogOpts = array();
    if (db_exists(DB_BLOG)) {
        $blog_result = dbquery("select blog_id, blog_subject, blog_language FROM " . DB_BLOG . "\n\t \t\t\t\torder by blog_datestamp DESC\n\t \t\t\t\t");
        if (dbrows($blog_result) > 0) {
            while ($data = dbarray($blog_result)) {
                $blogOpts[$data['blog_language']][$data['blog_id']] = $data['blog_subject'];
            }
        }
        if (!empty($blogOpts)) {
            $templateOpts['blog'] = $locale['debonair_0305'];
        }
    }
    /**
     * Custom Page Selector
     * Note: custom page has a different multilanguage setup.
     */
    $cpOpts = array();
    if (db_exists(DB_CUSTOM_PAGES)) {
        $cp_result = dbquery("select page_id, page_title, page_language FROM " . DB_CUSTOM_PAGES . " order by page_id ASC");
        if (dbrows($cp_result) > 0) {
            while ($data = dbarray($cp_result)) {
                $acceptedLang = stristr($data['page_language'], ".") ? explode(".", $data['page_language']) : array(0 => $data['page_language']);
                foreach (fusion_get_enabled_languages() as $lang) {
                    if (in_array($lang, $acceptedLang)) {
                        $cpOpts[$lang][$data['page_id']] = $data['page_title'];
                    }
                }
            }
        }
        if (!empty($cpOpts)) {
            $templateOpts['cp'] = $locale['debonair_0306'];
        }
    }
    openside("");
    echo "<div class='row'>\n";
    echo "<div class='col-xs-12 col-sm-4'>\n";
    echo form_select("ubanner_col_1", $locale['debonair_0307'], $settings['ubanner_col_1'], array("options" => $templateOpts, "inline" => false));
    if (!empty($articleOpts)) {
        echo "<div id='ubanner_col_1-articles-choices' class='choices1' " . ($settings['ubanner_col_1'] === "articles" ? "" : "style='display:none;'") . "'>\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_1'] === "articles" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
            echo form_select("articles-" . $lang, sprintf($locale['debonair_0310'], $lang), $callback_value, array("options" => isset($articleOpts[$lang]) ? $articleOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($newsOpts)) {
        echo "<div id='ubanner_col_1-news-choices' class='choices1' " . ($settings['ubanner_col_1'] === "news" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_1'] === "news" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
            echo form_select("news-" . $lang, sprintf($locale['debonair_0311'], $lang), $callback_value, array("options" => isset($newsOpts[$lang]) ? $newsOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($blogOpts)) {
        echo "<div id='ubanner_col_1-blog-choices' class='choices1' " . ($settings['ubanner_col_1'] === "blog" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_1'] === "blog" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
            echo form_select("blog-" . $lang, sprintf($locale['debonair_0312'], $lang), $callback_value, array("options" => isset($blogOpts[$lang]) ? $blogOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($cpOpts)) {
        echo "<div id='ubanner_col_1-cp-choices' class='choices1' " . ($settings['ubanner_col_1'] === "cp" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_1'] === "cp" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
            echo form_select("cp-" . $lang, sprintf($locale['debonair_0313'], $lang), $callback_value, array("options" => isset($cpOpts[$lang]) ? $cpOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    echo "</div><div class='col-xs-12 col-sm-4'>\n";
    echo form_select("ubanner_col_2", $locale['debonair_0308'], $settings['ubanner_col_2'], array("options" => $templateOpts, "inline" => false));
    if (!empty($articleOpts)) {
        echo "<div id='ubanner_col_2-articles-choices' class='choices2' " . ($settings['ubanner_col_2'] === "articles" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_2'] === "articles" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
            echo form_select("articles2-" . $lang, sprintf($locale['debonair_0310'], $lang), $callback_value, array("options" => isset($articleOpts[$lang]) ? $articleOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($newsOpts)) {
        echo "<div id='ubanner_col_2-news-choices' class='choices2' " . ($settings['ubanner_col_2'] === "news" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_2'] === "news" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
            echo form_select("news2-" . $lang, sprintf($locale['debonair_0311'], $lang), $callback_value, array("options" => isset($newsOpts[$lang]) ? $newsOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($blogOpts)) {
        echo "<div id='ubanner_col_2-blog-choices' class='choices2' " . ($settings['ubanner_col_2'] === "blog" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_2'] === "blog" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
            echo form_select("blog2-" . $lang, sprintf($locale['debonair_0312'], $lang), $callback_value, array("options" => isset($blogOpts[$lang]) ? $blogOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($cpOpts)) {
        echo "<div id='ubanner_col_2-cp-choices' class='choices2' " . ($settings['ubanner_col_2'] === "cp" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_2'] === "cp" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
            echo form_select("cp2-" . $lang, sprintf($locale['debonair_0313'], $lang), $callback_value, array("options" => isset($cpOpts[$lang]) ? $cpOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    echo "</div><div class='col-xs-12 col-sm-4'>\n";
    // 3rd
    echo form_select("ubanner_col_3", $locale['debonair_0309'], $settings['ubanner_col_3'], array("options" => $templateOpts, "inline" => false));
    if (!empty($articleOpts)) {
        echo "<div id='ubanner_col_3-articles-choices' class='choices3' " . ($settings['ubanner_col_3'] == "articles" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_3'] === "articles" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
            echo form_select("articles3-" . $lang, sprintf($locale['debonair_0310'], $lang), $callback_value, array("options" => isset($articleOpts[$lang]) ? $articleOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($newsOpts)) {
        echo "<div id='ubanner_col_3-news-choices' class='choices3' " . ($settings['ubanner_col_3'] === "news" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_3'] === "news" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
            echo form_select("news3-" . $lang, sprintf($locale['debonair_0311'], $lang), $callback_value, array("options" => isset($newsOpts[$lang]) ? $newsOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($blogOpts)) {
        echo "<div id='ubanner_col_3-blog-choices' class='choices3' " . ($settings['ubanner_col_3'] === "blog" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_3'] === "blog" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
            echo form_select("blog3-" . $lang, sprintf($locale['debonair_0312'], $lang), $callback_value, array("options" => isset($blogOpts[$lang]) ? $blogOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($cpOpts)) {
        echo "<div id='ubanner_col_3-cp-choices' class='choices3' " . ($settings['ubanner_col_3'] === "cp" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_3'] === "cp" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
            echo form_select("cp3-" . $lang, sprintf($locale['debonair_0313'], $lang), $callback_value, array("options" => isset($cpOpts[$lang]) ? $cpOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    echo "</div>\n</div>\n";
    echo $locale['debonair_0315'];
    closeside();
    openside("");
    echo form_select("lbanner_col_1", $locale['debonair_0317'], $settings['lbanner_col_1'], array("options" => $include_list, "inline" => true));
    echo form_select("lbanner_col_2", $locale['debonair_0318'], $settings['lbanner_col_2'], array("options" => $include_list, "inline" => true));
    echo form_select("lbanner_col_3", $locale['debonair_0319'], $settings['lbanner_col_3'], array("options" => $include_list, "inline" => true));
    echo form_select("lbanner_col_4", $locale['debonair_0320'], $settings['lbanner_col_4'], array("options" => $include_list, "inline" => true));
    echo $locale['debonair_0316'];
    closeside();
    echo form_button("save_settings", $locale['save_changes'], "save", array("class" => "btn-success"));
    echo closeform();
    // Now use Jquery to chain the selectors - add_to_jquery combines, include into a single min. document ready script
    add_to_jquery("\n\tfunction switchSelection(selector, value) {\n\t\t\$('.choices'+selector).hide();\n\t\tif (value == '0') {\n\t\t\t\$('.choices'+selector).hide();\n\t\t} else {\n\t\t\t\$('#ubanner_col_'+selector+'-'+value+'-choices').show();\n\t\t}\n\t}\n\t\$('#ubanner_col_1').bind('change', function() { switchSelection(1, \$(this).val()); });\n\t\$('#ubanner_col_2').bind('change', function() { switchSelection(2, \$(this).val()); });\n\t\$('#ubanner_col_3').bind('change', function() { switchSelection(3, \$(this).val()); });\n\t");
}

Example #10

File: news.php Project: php-fusion/PHP-Fusion

/**
 * Displays News Form
 */
function display_news_form()
{
    global $aidlink;
    if (isset($_POST['cancel'])) {
        redirect(FUSION_SELF . $aidlink);
    }
    $formaction = FUSION_REQUEST;
    $locale = fusion_get_locale();
    $userdata = fusion_get_userdata();
    $news_settings = fusion_get_settings("news");
    $edit = isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['news_id']) && isnum($_GET['news_id']) ? TRUE : FALSE;
    add_breadcrumb(array('link' => '', 'title' => $edit ? $locale['news_0003'] : $locale['news_0002']));
    $data = array('news_id' => 0, 'news_draft' => 0, 'news_sticky' => 0, 'news_news' => '', 'news_datestamp' => time(), 'news_extended' => '', 'news_keywords' => '', 'news_breaks' => 'n', 'news_allow_comments' => 1, 'news_allow_ratings' => 1, 'news_language' => LANGUAGE, 'news_visibility' => 0, 'news_subject' => '', 'news_start' => '', 'news_end' => '', 'news_cat' => 0, 'news_image' => '', 'news_ialign' => 'pull-left');
    if (fusion_get_settings("tinymce_enabled")) {
        $data['news_breaks'] = 'n';
    } else {
        $data['news_breaks'] = 'y';
    }
    if (isset($_POST['save']) or isset($_POST['save_and_close'])) {
        $news_news = "";
        if ($_POST['news_news']) {
            $news_news = str_replace("src='" . str_replace("../", "", IMAGES_N), "src='" . IMAGES_N, fusion_get_settings('allow_php_exe') ? htmlspecialchars($_POST['news_news']) : stripslashes($_POST['news_news']));
            $news_news = parse_textarea($news_news);
        }
        $news_extended = "";
        if ($_POST['news_extended']) {
            $news_extended = str_replace("src='" . str_replace("../", "", IMAGES_N), "src='" . IMAGES_N, fusion_get_settings('allow_php_exe') ? htmlspecialchars($_POST['news_extended']) : stripslashes($_POST['news_extended']));
            $news_extended = parse_textarea($news_extended);
        }
        $data = array('news_id' => form_sanitizer($_POST['news_id'], 0, 'news_id'), 'news_subject' => form_sanitizer($_POST['news_subject'], '', 'news_subject'), 'news_cat' => form_sanitizer($_POST['news_cat'], 0, 'news_cat'), 'news_news' => form_sanitizer($news_news, "", "news_news"), 'news_extended' => form_sanitizer($news_extended, "", "news_extended"), 'news_keywords' => form_sanitizer($_POST['news_keywords'], '', 'news_keywords'), 'news_datestamp' => form_sanitizer($_POST['news_datestamp'], '', 'news_datestamp'), 'news_start' => form_sanitizer($_POST['news_start'], 0, 'news_start'), 'news_end' => form_sanitizer($_POST['news_end'], 0, 'news_end'), 'news_visibility' => form_sanitizer($_POST['news_visibility'], 0, 'news_visibility'), 'news_draft' => isset($_POST['news_draft']) ? "1" : "0", 'news_sticky' => isset($_POST['news_sticky']) ? "1" : "0", 'news_allow_comments' => isset($_POST['news_allow_comments']) ? "1" : "0", 'news_allow_ratings' => isset($_POST['news_allow_ratings']) ? "1" : "0", 'news_language' => form_sanitizer($_POST['news_language'], '', 'news_language'), 'news_image' => "", 'news_ialign' => "", 'news_image_t1' => "", 'news_image_t2' => "");
        if (isset($_FILES['news_image'])) {
            // when files is uploaded.
            $upload = form_sanitizer($_FILES['news_image'], '', 'news_image');
            if (!empty($upload) && !$upload['error']) {
                $data['news_image'] = $upload['image_name'];
                $data['news_image_t1'] = $upload['thumb1_name'];
                $data['news_image_t2'] = $upload['thumb2_name'];
                $data['news_ialign'] = isset($_POST['news_ialign']) ? form_sanitizer($_POST['news_ialign'], "pull-left", "news_ialign") : "pull-left";
            }
        } else {
            // when files not uploaded. but there should be exist check.
            $data['news_image'] = isset($_POST['news_image']) ? $_POST['news_image'] : "";
            $data['news_image_t1'] = isset($_POST['news_image_t1']) ? $_POST['news_image_t1'] : "";
            $data['news_image_t2'] = isset($_POST['news_image_t2']) ? $_POST['news_image_t2'] : "";
            $data['news_ialign'] = isset($_POST['news_ialign']) ? form_sanitizer($_POST['news_ialign'], "pull-left", "news_ialign") : "pull-left";
        }
        if (fusion_get_settings('tinymce_enabled') != 1) {
            $data['news_breaks'] = isset($_POST['line_breaks']) ? "y" : "n";
        } else {
            $data['news_breaks'] = "n";
        }
        if ($data['news_sticky'] == "1") {
            $result = dbquery("UPDATE " . DB_NEWS . " SET news_sticky='0' WHERE news_sticky='1'");
        }
        // reset other sticky
        // delete image
        if (isset($_POST['del_image'])) {
            if (!empty($data['news_image']) && file_exists(IMAGES_N . $data['news_image'])) {
                unlink(IMAGES_N . $data['news_image']);
            }
            if (!empty($data['news_image_t1']) && file_exists(IMAGES_N_T . $data['news_image_t1'])) {
                unlink(IMAGES_N_T . $data['news_image_t1']);
            }
            if (!empty($data['news_image_t2']) && file_exists(IMAGES_N_T . $data['news_image_t2'])) {
                unlink(IMAGES_N_T . $data['news_image_t2']);
            }
            $data['news_image'] = "";
            $data['news_image_t1'] = "";
            $data['news_image_t2'] = "";
        }
        if (defender::safe()) {
            if (dbcount("('news_id')", DB_NEWS, "news_id='" . $data['news_id'] . "'")) {
                dbquery_insert(DB_NEWS, $data, 'update');
                addNotice('success', $locale['news_0101']);
            } else {
                $data['news_name'] = $userdata['user_id'];
                dbquery_insert(DB_NEWS, $data, 'save');
                addNotice('success', $locale['news_0100']);
            }
            if (isset($_POST['save_and_close'])) {
                redirect(clean_request("", array("ref"), FALSE));
            } else {
                redirect(FUSION_REQUEST);
            }
        }
    } elseif (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_POST['news_id']) && isnum($_POST['news_id'])) || isset($_GET['news_id']) && isnum($_GET['news_id'])) {
        $result = dbquery("SELECT * FROM " . DB_NEWS . " WHERE news_id='" . (isset($_POST['news_id']) ? $_POST['news_id'] : $_GET['news_id']) . "'");
        if (dbrows($result)) {
            $data = dbarray($result);
        } else {
            redirect(FUSION_SELF . $aidlink);
        }
    }
    $result = dbquery("SELECT news_cat_id, news_cat_name FROM " . DB_NEWS_CATS . " " . (multilang_table("NS") ? "WHERE news_cat_language='" . LANGUAGE . "'" : "") . " ORDER BY news_cat_name");
    $news_cat_opts = array();
    $news_cat_opts['0'] = $locale['news_0202'];
    if (dbrows($result)) {
        while ($odata = dbarray($result)) {
            $news_cat_opts[$odata['news_cat_id']] = $odata['news_cat_name'];
        }
    }
    echo "<div class='m-t-20'>\n";
    $news_settings = get_settings("news");
    echo openform('news_form', 'post', $formaction, array('enctype' => 1));
    echo "<div class='row'>\n";
    echo "<div class='col-xs-12 col-sm-12 col-md-7 col-lg-8'>\n";
    echo form_hidden('news_id', "", $data['news_id']);
    echo form_text('news_subject', $locale['news_0200'], $data['news_subject'], array('required' => 1, 'max_length' => 200, 'error_text' => $locale['news_0250']));
    echo form_select('news_keywords', $locale['news_0205'], $data['news_keywords'], array("max_length" => 320, "placeholder" => $locale['news_0205a'], "width" => "100%", "error_text" => $locale['news_0255'], "tags" => TRUE, "multiple" => TRUE));
    echo "<div class='pull-left m-r-10 display-inline-block'>\n";
    echo form_datepicker('news_start', $locale['news_0206'], $data['news_start'], array('placeholder' => $locale['news_0208'], "join_to_id" => "news_end"));
    echo "</div>\n<div class='pull-left m-r-10 display-inline-block'>\n";
    echo form_datepicker('news_end', $locale['news_0207'], $data['news_end'], array('placeholder' => $locale['news_0208'], "join_from_id" => "news_start"));
    echo "</div>\n";
    echo "</div>\n<div class='col-xs-12 col-sm-12 col-md-5 col-lg-4'>\n";
    openside('');
    echo form_select_tree("news_cat", $locale['news_0201'], $data['news_cat'], array("width" => "100%", "inline" => TRUE, "parent_value" => $locale['news_0202'], "query" => multilang_table("NS") ? "WHERE news_cat_language='" . LANGUAGE . "'" : ""), DB_NEWS_CATS, "news_cat_name", "news_cat_id", "news_cat_parent");
    echo form_select('news_visibility', $locale['news_0209'], $data['news_visibility'], array('options' => fusion_get_groups(), 'placeholder' => $locale['choose'], 'width' => '100%', "inline" => TRUE));
    if (multilang_table("NS")) {
        echo form_select('news_language', $locale['global_ML100'], $data['news_language'], array('options' => fusion_get_enabled_languages(), 'placeholder' => $locale['choose'], 'width' => '100%', "inline" => TRUE));
    } else {
        echo form_hidden('news_language', '', $data['news_language']);
    }
    echo form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default m-r-10'));
    echo form_button('save', $locale['news_0241'], $locale['news_0241'], array('class' => 'btn-success'));
    echo form_button("save_and_close", "Save and Close", "save_and_close", array("class" => "btn-primary m-l-10"));
    closeside();
    echo "</div>\n</div>\n";
    $snippetSettings = array("required" => TRUE, "preview" => TRUE, "html" => TRUE, "autosize" => TRUE, "placeholder" => $locale['news_0203a'], "form_name" => "news_form");
    if (fusion_get_settings("tinymce_enabled")) {
        $snippetSettings = array("required" => TRUE, "type" => "tinymce", "tinymce" => "advanced");
    }
    echo form_textarea('news_news', $locale['news_0203'], $data['news_news'], $snippetSettings);
    if (!fusion_get_settings("tinymce_enabled")) {
        $extendedSettings = array("preview" => TRUE, "html" => TRUE, "autosize" => TRUE, "placeholder" => $locale['news_0203b'], "form_name" => "news_form");
    } else {
        $extendedSettings = array("type" => "tinymce", "tinymce" => "advanced");
    }
    echo form_textarea('news_extended', $locale['news_0204'], $data['news_extended'], $extendedSettings);
    // second row
    echo "<div class='row'>\n";
    echo "<div class='col-xs-12 col-sm-12 col-md-7 col-lg-8'>\n";
    openside('');
    if ($data['news_image'] != "" && $data['news_image_t1'] != "") {
        $image_thumb = get_news_image_path($data['news_image'], $data['news_image_t1'], $data['news_image_t2']);
        if (!$image_thumb) {
            $image_thumb = IMAGES . "imagenotfound70.jpg";
        }
        echo "<div class='row'>\n";
        echo "<div class='col-xs-12 col-sm-6'>\n";
        echo "<label><img class='img-responsive img-thumbnail' src='" . $image_thumb . "' alt='" . $locale['news_0216'] . "' /><br />\n";
        echo "<input type='checkbox' name='del_image' value='y' /> " . $locale['delete'] . "</label>\n";
        echo "</div>\n";
        echo "<div class='col-xs-12 col-sm-6'>\n";
        $alignOptions = array('pull-left' => $locale['left'], 'news-img-center' => $locale['center'], 'pull-right' => $locale['right']);
        echo form_select('news_ialign', $locale['news_0218'], $data['news_ialign'], array("options" => $alignOptions, "inline" => FALSE));
        echo "</div>\n</div>\n";
        echo "<input type='hidden' name='news_image' value='" . $data['news_image'] . "' />\n";
        echo "<input type='hidden' name='news_image_t1' value='" . $data['news_image_t1'] . "' />\n";
        echo "<input type='hidden' name='news_image_t2' value='" . $data['news_image_t2'] . "' />\n";
    } else {
        $file_input_options = array('upload_path' => IMAGES_N, 'max_width' => $news_settings['news_photo_max_w'], 'max_height' => $news_settings['news_photo_max_h'], 'max_byte' => $news_settings['news_photo_max_b'], 'thumbnail' => 1, 'thumbnail_w' => $news_settings['news_thumb_w'], 'thumbnail_h' => $news_settings['news_thumb_h'], 'thumbnail_folder' => 'thumbs', 'delete_original' => 0, 'thumbnail2' => 1, 'thumbnail2_w' => $news_settings['news_photo_w'], 'thumbnail2_h' => $news_settings['news_photo_h'], 'type' => 'image');
        echo form_fileinput("news_image", $locale['news_0216'], "", $file_input_options);
        echo "<div class='small m-b-10'>" . sprintf($locale['news_0217'], parsebytesize($news_settings['news_photo_max_b'])) . "</div>\n";
        $alignOptions = array('pull-left' => $locale['left'], 'news-img-center' => $locale['center'], 'pull-right' => $locale['right']);
        echo form_select('news_ialign', $locale['news_0218'], $data['news_ialign'], array("options" => $alignOptions));
    }
    closeside();
    openside('');
    echo "<label><input type='checkbox' name='news_draft' value='yes'" . ($data['news_draft'] ? "checked='checked'" : "") . " /> " . $locale['news_0210'] . "</label><br />\n";
    echo "<label><input type='checkbox' name='news_sticky' value='yes'" . ($data['news_sticky'] ? "checked='checked'" : "") . "  /> " . $locale['news_0211'] . "</label><br />\n";
    echo form_hidden('news_datestamp', '', $data['news_datestamp']);
    if (fusion_get_settings("tinymce_enabled") != 1) {
        echo "<label><input type='checkbox' name='line_breaks' value='yes'" . ($data['news_breaks'] ? "checked='checked'" : "") . " /> " . $locale['news_0212'] . "</label><br />\n";
    }
    closeside();
    echo "</div>\n<div class='col-xs-12 col-sm-12 col-md-5 col-lg-4'>\n";
    openside("");
    if (!fusion_get_settings("comments_enabled") || !fusion_get_settings("ratings_enabled")) {
        $sys = "";
        if (!fusion_get_settings("comments_enabled") && !fusion_get_settings("ratings_enabled")) {
            $sys = $locale['comments_ratings'];
        } elseif (!fusion_get_settings("comments_enabled")) {
            $sys = $locale['comments'];
        } else {
            $sys = $locale['ratings'];
        }
        echo "<div class='alert alert-warning'>" . sprintf($locale['news_0253'], $sys) . "</div>\n";
    }
    echo "<label><input type='checkbox' name='news_allow_comments' value='yes' onclick='SetRatings();'" . ($data['news_allow_comments'] ? "checked='checked'" : "") . " /> " . $locale['news_0213'] . "</label><br/>";
    echo "<label><input type='checkbox' name='news_allow_ratings' value='yes'" . ($data['news_allow_ratings'] ? "checked='checked'" : "") . " /> " . $locale['news_0214'] . "</label>";
    closeside();
    echo "</div>\n</div>\n";
    echo form_button('preview', $locale['news_0240'], $locale['news_0240'], array('class' => 'btn-default m-r-10'));
    echo form_button('save', $locale['news_0241'], $locale['news_0241'], array('class' => 'btn-success'));
    echo form_button("save_and_close", "Save and Close", "save_and_close", array("class" => "btn-primary m-l-10"));
    echo closeform();
    echo "</div>\n";
}

Example #11

File: Viewthread.php Project: knapnet/PHP-Fusion

 public function render_poll_form($edit = 0)
 {
     global $locale, $defender;
     $poll_field = '';
     // Build Polls Info.
     $thread_data = $this->thread_info['thread'];
     if ($edit ? $this->getThreadPermission("can_edit_poll") : $this->getThreadPermission("can_create_poll")) {
         // if permitted to create new poll.
         $data = array('thread_id' => $thread_data['thread_id'], 'forum_poll_title' => isset($_POST['forum_poll_title']) ? form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title') : '', 'forum_poll_start' => time(), 'forum_poll_length' => 2, 'forum_poll_votes' => 0);
         // counter of lengths
         $option_data[1] = "";
         $option_data[2] = "";
         // calculate poll lengths
         if (isset($_POST['poll_options'])) {
             // callback on post.
             foreach ($_POST['poll_options'] as $i => $value) {
                 $option_data[$i] = form_sanitizer($value, '', "poll_options[{$i}]");
             }
             // reindex the whole array with blank values.
             if ($defender->safe()) {
                 $option_data = array_values(array_filter($option_data));
                 array_unshift($option_data, NULL);
                 unset($option_data[0]);
                 $data['forum_poll_length'] = count($option_data);
             }
         }
         // add a Blank Poll option
         if (isset($_POST['add_poll_option']) && $defender->safe()) {
             array_push($option_data, '');
         }
         if ($edit) {
             $result = dbquery("SELECT * FROM " . DB_FORUM_POLLS . " WHERE thread_id='" . $thread_data['thread_id'] . "'");
             if (dbrows($result) > 0) {
                 if (isset($_POST['update_poll']) || isset($_POST['add_poll_option'])) {
                     $load = FALSE;
                     $data += dbarray($result);
                     // append if not available.
                 } else {
                     $load = TRUE;
                     $data = dbarray($result);
                     // call
                 }
                 if (isset($_POST['update_poll'])) {
                     $data = array('thread_id' => $thread_data['thread_id'], 'forum_poll_title' => form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title'), 'forum_poll_start' => $data['forum_poll_start'], 'forum_poll_length' => $data['forum_poll_length']);
                     dbquery_insert(DB_FORUM_POLLS, $data, 'update', array('primary_key' => 'thread_id', 'no_unique' => TRUE));
                     $i = 1;
                     // populate data for matches
                     $poll_result = dbquery("SELECT forum_poll_option_id FROM " . DB_FORUM_POLL_OPTIONS . " WHERE thread_id='" . $thread_data['thread_id'] . "'");
                     while ($_data = dbarray($poll_result)) {
                         $_poll[$_data['forum_poll_option_id']] = $_data;
                         // Prune the emptied fields AND field is not required.
                         if (empty($option_data[$_data['forum_poll_option_id']]) && $defender->safe()) {
                             dbquery("DELETE FROM " . DB_FORUM_POLL_OPTIONS . " WHERE thread_id='" . $thread_data['thread_id'] . "' AND forum_poll_option_id='" . $_data['forum_poll_option_id'] . "'");
                         }
                     }
                     foreach ($option_data as $option_text) {
                         if ($option_text) {
                             if ($defender->safe()) {
                                 if (isset($_poll[$i])) {
                                     // has record
                                     dbquery("UPDATE " . DB_FORUM_POLL_OPTIONS . " SET forum_poll_option_text='" . $option_text . "' WHERE thread_id='" . $thread_data['thread_id'] . "' AND forum_poll_option_id='" . $i . "'");
                                 } else {
                                     // no record - create
                                     $array = array('thread_id' => $thread_data['thread_id'], 'forum_poll_option_id' => $i, 'forum_poll_option_text' => $option_text, 'forum_poll_option_votes' => 0);
                                     dbquery_insert(DB_FORUM_POLL_OPTIONS, $array, 'save');
                                 }
                             }
                             $i++;
                         }
                     }
                     if ($defender->safe()) {
                         redirect(INFUSIONS . "forum/postify.php?post=editpoll&error=0&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id']);
                     }
                 }
                 // how to make sure values containing options votes
                 $poll_field['openform'] = openform('pollform', 'post', INFUSIONS . 'forum/viewthread.php?action=editpoll&forum_id=' . $_GET['forum_id'] . '&thread_id=' . $_GET['thread_id']);
                 $poll_field['openform'] .= "<div class='text-info m-b-20 m-t-10'>" . $locale['forum_0613'] . "</div>\n";
                 $poll_field['poll_field'] = form_text('forum_poll_title', $locale['forum_0604'], $data['forum_poll_title'], array('max_length' => 255, 'placeholder' => $locale['forum_0604a'], 'inline' => TRUE, 'required' => TRUE));
                 if ($load == FALSE) {
                     for ($i = 1; $i <= count($option_data); $i++) {
                         $poll_field['poll_field'] .= form_text("poll_options[{$i}]", sprintf($locale['forum_0606'], $i), $option_data[$i], array('max_length' => 255, 'placeholder' => $locale['forum_0605'], 'inline' => 1, 'required' => $i <= 2 ? TRUE : FALSE));
                     }
                 } else {
                     $result = dbquery("SELECT forum_poll_option_text, forum_poll_option_votes FROM " . DB_FORUM_POLL_OPTIONS . " WHERE thread_id='" . $_GET['thread_id'] . "' ORDER BY forum_poll_option_id ASC");
                     $i = 1;
                     while ($_pdata = dbarray($result)) {
                         $poll_field['poll_field'] .= form_text("poll_options[{$i}]", $locale['forum_0605'] . ' ' . $i, $_pdata['forum_poll_option_text'], array('max_length' => 255, 'placeholder' => 'Poll Options', 'inline' => 1, 'required' => $i <= 2 or $_pdata['forum_poll_option_votes'] ? TRUE : FALSE));
                         $i++;
                     }
                 }
                 $poll_field['poll_field'] .= "<div class='col-xs-12 col-sm-offset-3'>\n";
                 $poll_field['poll_field'] .= form_button('add_poll_option', $locale['forum_0608'], $locale['forum_0608'], array('class' => 'btn-primary btn-sm'));
                 $poll_field['poll_field'] .= "</div>\n";
                 $poll_field['poll_button'] = form_button('update_poll', $locale['forum_2013'], $locale['forum_2013'], array('class' => 'btn-default'));
                 $poll_field['closeform'] = closeform();
             } else {
                 redirect(INFUSIONS . 'forum/index.php');
                 // redirect because the poll id is not available.
             }
         } else {
             // Save New Poll
             if (isset($_POST['add_poll'])) {
                 dbquery_insert(DB_FORUM_POLLS, $data, 'save');
                 $data['forum_poll_id'] = dblastid();
                 $i = 1;
                 foreach ($option_data as $option_text) {
                     if ($option_text) {
                         $data['forum_poll_option_id'] = $i;
                         $data['forum_poll_option_text'] = $option_text;
                         $data['forum_poll_option_votes'] = 0;
                         dbquery_insert(DB_FORUM_POLL_OPTIONS, $data, 'save');
                         $i++;
                     }
                 }
                 if ($defender->safe()) {
                     dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_poll='1' WHERE thread_id='" . $thread_data['thread_id'] . "'");
                     redirect(INFUSIONS . "forum/postify.php?post=newpoll&error=0&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id']);
                 }
             }
             // blank poll - no poll on edit or new thread
             $poll_field['openform'] = openform('pollform', 'post', INFUSIONS . 'forum/viewthread.php?action=newpoll&forum_id=' . $_GET['forum_id'] . '&thread_id=' . $_GET['thread_id'], array('max_tokens' => 1));
             $poll_field['poll_field'] = form_text('forum_poll_title', $locale['forum_0604'], $data['forum_poll_title'], array('max_length' => 255, 'placeholder' => $locale['forum_0604a'], 'inline' => TRUE, 'required' => TRUE));
             for ($i = 1; $i <= count($option_data); $i++) {
                 $poll_field['poll_field'] .= form_text("poll_options[{$i}]", sprintf($locale['forum_0606'], $i), $option_data[$i], array('max_length' => 255, 'placeholder' => $locale['forum_0605'], 'inline' => 1, 'required' => $i <= 2 ? TRUE : FALSE));
             }
             $poll_field['poll_field'] .= "<div class='col-xs-12 col-sm-offset-3'>\n";
             $poll_field['poll_field'] .= form_button('add_poll_option', $locale['forum_0608'], $locale['forum_0608'], array('class' => 'btn-primary btn-sm'));
             $poll_field['poll_field'] .= "</div>\n";
             $poll_field['poll_button'] = form_button('add_poll', $locale['forum_2011'], $locale['forum_2011'], array('class' => 'btn-success btn-md'));
             $poll_field['closeform'] = closeform();
         }
         $info = array('title' => $locale['forum_0366'], 'description' => $locale['forum_2000'] . $thread_data['thread_subject'], 'field' => $poll_field);
         pollform($info);
     } else {
         redirect(FORUM . "index.php");
     }
 }

Example #12

File: comments_include.php Project: knapnet/PHP-Fusion

/**
 * @param $comment_type - abbr or short ID
 * @param $comment_db - Current Application DB - DB_BLOG for example.
 * @param $comment_col - current sql primary key column - 'blog_id' for example
 * @param $comment_item_id - current sql primary key value '$_GET['blog_id']' for example
 * @param $clink - current page link 'FUSION_SELF' is ok.
 */
function showcomments($comment_type, $comment_db, $comment_col, $comment_item_id, $clink)
{
    global $settings, $locale, $userdata, $aidlink;
    $link = FUSION_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : "");
    $link = preg_replace("^(&|\\?)c_action=(edit|delete)&comment_id=\\d*^", "", $link);
    $_GET['comment'] = isset($_GET['comment']) && isnum($_GET['comment']) ? $_GET['comment'] : 0;
    $cpp = $settings['comments_per_page'];
    if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
        if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) {
            $result = dbquery("DELETE FROM " . DB_COMMENTS . "\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : "\n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "'"));
        }
        redirect($clink . ($settings['comments_sorting'] == "ASC" ? "" : "&c_start=0"));
    }
    if ($settings['comments_enabled'] == "1") {
        if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
            if (!iMEMBER && $settings['guestpost'] == 1) {
                if (!isset($_POST['comment_name'])) {
                    redirect($link);
                }
                if (isnum($_POST['comment_name'])) {
                    $_POST['comment_name'] = '';
                }
                $_CAPTCHA_IS_VALID = FALSE;
                include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_check.php";
                if (!isset($_POST['captcha_code']) || $_CAPTCHA_IS_VALID == FALSE) {
                    redirect($link);
                }
            }
            $comment_data = array('comment_id' => isset($_GET['comment_id']) && isnum($_GET['comment_id']) ? $_GET['comment_id'] : 0, 'comment_name' => iMEMBER ? $userdata['user_id'] : form_sanitizer($_POST['comment_name'], '', 'comment_name'), 'comment_message' => form_sanitizer($_POST['comment_message'], '', 'comment_message'), 'comment_datestamp' => time(), 'comment_item_id' => $comment_item_id, 'comment_type' => $comment_type, 'comment_cat' => 0, 'comment_ip' => USER_IP, 'comment_ip_type' => USER_IP_TYPE, 'comment_hidden' => 0);
            if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && $comment_data['comment_id']) {
                $comment_updated = FALSE;
                if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $comment_data['comment_id'] . "' \n\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tAND comment_type='" . $comment_type . "' \n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "' \n\t\t\t\tAND comment_hidden='0'")) {
                    dbquery_insert(DB_COMMENTS, $comment_data, 'update');
                    if ($comment_data['comment_message']) {
                        $result = dbquery("UPDATE " . DB_COMMENTS . " SET comment_message='" . $comment_data['comment_message'] . "'\n  \t\t\t\t\t\t\t\t\t   WHERE comment_id='" . $_GET['comment_id'] . "' " . (iADMIN ? "" : "AND comment_name='" . $userdata['user_id'] . "'"));
                        if ($result) {
                            $comment_updated = TRUE;
                        }
                    }
                }
                if ($comment_updated) {
                    if ($settings['comments_sorting'] == "ASC") {
                        $c_operator = "<=";
                    } else {
                        $c_operator = ">=";
                    }
                    $c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_id" . $c_operator . "'" . $comment_data['comment_id'] . "'\n\t\t\t\t\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\n\t\t\t\t\t\t\t\tAND comment_type='" . $comment_type . "'");
                    $c_start = (ceil($c_count / $cpp) - 1) * $cpp;
                }
                redirect($clink . "&amp;c_start=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
            } else {
                if (!dbcount("(" . $comment_col . ")", $comment_db, $comment_col . "='" . $comment_item_id . "'")) {
                    redirect(BASEDIR . "index.php");
                }
                $id = 0;
                if ($comment_data['comment_name'] && $comment_data['comment_message']) {
                    require_once INCLUDES . "flood_include.php";
                    if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
                        dbquery_insert(DB_COMMENTS, $comment_data, 'save');
                        $id = dblastid();
                    }
                }
                if ($settings['comments_sorting'] == "ASC") {
                    $c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "'");
                    $c_start = (ceil($c_count / $cpp) - 1) * $cpp;
                } else {
                    $c_start = 0;
                }
                //if (!$settings['site_seo']) {
                redirect($clink . "&amp;c_start=" . $c_start . "#c" . $id);
                //}
            }
        }
        $c_arr = array("c_con" => array(), "c_info" => array("c_makepagenav" => FALSE, "admin_link" => FALSE));
        $c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'");
        if (!isset($_GET['c_start']) && $c_rows > $cpp) {
            $_GET['c_start'] = (ceil($c_rows / $cpp) - 1) * $cpp;
        }
        if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
            $_GET['c_start'] = 0;
        }
        $result = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcm.comment_datestamp,\n\t\t\t\t\ttcu.user_id, tcu.user_name, tcu.user_avatar, tcu.user_status\n\t\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\t\tWHERE comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'\n\t\t\t\t\tORDER BY comment_datestamp " . $settings['comments_sorting'] . " LIMIT " . $_GET['c_start'] . "," . $cpp);
        if (dbrows($result) > 0) {
            $i = $settings['comments_sorting'] == "ASC" ? $_GET['c_start'] + 1 : $c_rows - $_GET['c_start'];
            if ($c_rows > $cpp) {
                $c_arr['c_info']['c_makepagenav'] = makepagenav($_GET['c_start'], $cpp, $c_rows, 3, $clink . "&amp;", "c_start");
            }
            while ($data = dbarray($result)) {
                $c_arr['c_con'][$i]['comment_id'] = $data['comment_id'];
                $c_arr['c_con'][$i]['edit_dell'] = FALSE;
                $c_arr['c_con'][$i]['i'] = $i;
                if ($data['user_name']) {
                    $c_arr['c_con'][$i]['comment_name'] = profile_link($data['comment_name'], $data['user_name'], $data['user_status'], 'strong text-dark');
                } else {
                    $c_arr['c_con'][$i]['comment_name'] = $data['comment_name'];
                }
                $c_arr['c_con'][$i]['user_avatar'] = display_avatar($data, '35px', '', true, 'img-rounded');
                $c_arr['c_con'][$i]['user'] = array('user_id' => $data['user_id'], 'user_name' => $data['user_name'], 'user_avatar' => $avatar = $data['user_avatar'] !== '' && file_exists(IMAGES . 'avatars/' . $data['user_avatar']) ? IMAGES . 'avatars/' . $data['user_avatar'] : IMAGES . "avatars/noavatar50.png", 'user_status' => $data['user_status']);
                $c_arr['c_con'][$i]['comment_datestamp'] = showdate('shortdate', $data['comment_datestamp']);
                $c_arr['c_con'][$i]['comment_time'] = timer($data['comment_datestamp']);
                $c_arr['c_con'][$i]['comment_message'] = "<!--comment_message-->\n" . nl2br(parseubb(parsesmileys($data['comment_message'])));
                if (iADMIN && checkrights("C") || iMEMBER && $data['comment_name'] == $userdata['user_id'] && isset($data['user_name'])) {
                    $edit_link = clean_request('c_action=edit&comment_id=' . $data['comment_id'], array('c_action', 'comment_id'), false) . "#edit_comment";
                    $delete_link = clean_request('c_action=delete&comment_id=' . $data['comment_id'], array('c_action', 'comment_id'), false);
                    $c_arr['c_con'][$i]['edit_link'] = array('link' => $edit_link, 'name' => $locale['c108']);
                    $c_arr['c_con'][$i]['delete_link'] = array('link' => $delete_link, 'name' => $locale['c109']);
                    $c_arr['c_con'][$i]['edit_dell'] = "<!--comment_actions-->\n";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<div class='btn-group'>";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<a class='btn btn-xs btn-default' href='" . $edit_link . "'>";
                    $c_arr['c_con'][$i]['edit_dell'] .= $locale['c108'] . "</a>\n";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<a class='btn btn-xs btn-default' href='" . $delete_link . "' onclick=\"return confirm('" . $locale['c110'] . "');\">";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<i class='fa fa-trash'></i> " . $locale['c109'] . "</a>";
                    $c_arr['c_con'][$i]['edit_dell'] .= "</div>\n";
                }
                $settings['comments_sorting'] == "ASC" ? $i++ : $i--;
            }
            if (iADMIN && checkrights("C")) {
                $c_arr['c_info']['admin_link'] = "<!--comment_admin-->\n";
                $c_arr['c_info']['admin_link'] .= "<a href='" . ADMIN . "comments.php" . $aidlink . "&amp;ctype=" . $comment_type . "&amp;comment_item_id=" . $comment_item_id . "'>" . $locale['c106'] . "</a>";
            }
        }
        opentable($locale['c102']);
        $comment_message = "";
        if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
            $eresult = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcu.user_name\n\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "' AND comment_item_id='" . $comment_item_id . "'\n\t\t\t\tAND comment_type='" . $comment_type . "' AND comment_hidden='0'");
            if (dbrows($eresult) > 0) {
                $edata = dbarray($eresult);
                if (iADMIN && checkrights("C") || iMEMBER && $edata['comment_name'] == $userdata['user_id'] && isset($edata['user_name'])) {
                    $clink .= "&amp;c_action=edit&amp;comment_id=" . $edata['comment_id'];
                    $comment_message = $edata['comment_message'];
                }
            } else {
                $comment_message = "";
            }
        }
        if (iMEMBER || $settings['guestposts'] == "1") {
            require_once INCLUDES . "bbcode_include.php";
            echo "<a id='edit_comment' name='edit_comment'></a>\n";
            echo openform('inputform', 'post', $clink, array('class' => 'm-b-20', 'max_tokens' => 1));
            if (iGUEST) {
                echo form_text('comment_name', $locale['c104'], '', array('max_length' => 30));
            }
            echo form_textarea('comment_message', '', $comment_message, array('required' => 1, 'autosize' => 1, 'form_name' => 'inputform', 'bbcode' => 1));
            if (iGUEST && (!isset($_CAPTCHA_HIDE_INPUT) || isset($_CAPTCHA_HIDE_INPUT) && !$_CAPTCHA_HIDE_INPUT)) {
                $_CAPTCHA_HIDE_INPUT = FALSE;
                echo "<div style='width:360px; margin:10px auto;'>";
                echo $locale['global_150'] . "<br />\n";
                include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_display.php";
                if (!$_CAPTCHA_HIDE_INPUT) {
                    echo "<br />\n<label for='captcha_code'>" . $locale['global_151'] . "</label>";
                    echo "<br />\n<input type='text' id='captcha_code' name='captcha_code' class='textbox' autocomplete='off' style='width:100px' />\n";
                }
                echo "</div>\n";
            }
            echo form_button('post_comment', $comment_message ? $locale['c103'] : $locale['c102'], $comment_message ? $locale['c103'] : $locale['c102'], array('class' => 'btn-success m-t-10'));
            echo closeform();
        } else {
            echo "<div class='well'>\n";
            echo $locale['c105'] . "\n";
            echo "</div>\n";
        }
        closetable();
        echo "<a id='comments' name='comments'></a>";
        render_comments($c_arr['c_con'], $c_arr['c_info']);
    }
}

Example #13

File: blog_cat.php Project: php-fusion/PHP-Fusion

    $categoryNameCheck = array("when_updating" => "blog_cat_name='" . $inputArray['blog_cat_name'] . "' and blog_cat_id !='" . $inputArray['blog_cat_id'] . "' " . (multilang_table("BL") ? "and blog_cat_language = '" . LANGUAGE . "'" : ""), "when_saving" => "blog_cat_name='" . $inputArray['blog_cat_name'] . "' " . (multilang_table("BL") ? "and blog_cat_language = '" . LANGUAGE . "'" : ""));
    if (defender::safe()) {
        // check category name is unique when updating
        if (dbcount("(blog_cat_id)", DB_BLOG_CATS, "blog_cat_id='" . $inputArray['blog_cat_id'] . "'")) {
            if (!dbcount("(blog_cat_id)", DB_BLOG_CATS, $categoryNameCheck['when_updating'])) {
                dbquery_insert(DB_BLOG_CATS, $inputArray, "update");
                addNotice("success", $locale['blog_0521']);
                // FUSION_REQUEST without the "action" gets
                redirect(clean_request("", array("action"), FALSE));
            } else {
                addNotice('danger', $locale['blog_0561']);
            }
        } else {
            // check category name is unique when saving new
            if (!dbcount("(blog_cat_id)", DB_BLOG_CATS, $categoryNameCheck['when_saving'])) {
                dbquery_insert(DB_BLOG_CATS, $inputArray, "save");
                addNotice("success", $locale['blog_0520']);
                redirect(FUSION_REQUEST);
            } else {
                addNotice('danger', $locale['blog_0561']);
            }
        }
    }
} elseif (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_GET['cat_id']) && isnum($_GET['cat_id']))) {
    $result = dbquery("SELECT blog_cat_id, blog_cat_name, blog_cat_parent, blog_cat_image, blog_cat_language FROM " . DB_BLOG_CATS . " " . (multilang_table("BL") ? "WHERE blog_cat_language='" . LANGUAGE . "' AND" : "WHERE") . " blog_cat_id='" . intval($_GET['cat_id']) . "'");
    if (dbrows($result)) {
        $data = dbarray($result);
        $data['blog_cat_hidden'] = array($data['blog_cat_id']);
        $formTitle = $locale['blog_0402'];
    } else {
        // FUSION_REQUEST without the "action" gets

Example #14

File: settings_misc.php Project: knapnet/PHP-Fusion

| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "../maincore.php";
pageAccess('S6');
require_once THEMES . "templates/admin_header.php";
include LOCALE . LOCALESET . "admin/settings.php";
add_breadcrumb(array('link' => ADMIN . "settings_misc.php" . $aidlink, 'title' => $locale['misc_settings']));
if (isset($_POST['savesettings'])) {
    $inputData = array("tinymce_enabled" => form_sanitizer($_POST['tinymce_enabled'], 0, "tinymce_enabled"), "smtp_host" => form_sanitizer($_POST['smtp_host'], "", "smtp_host"), "smtp_port" => form_sanitizer($_POST['smtp_port'], "", "smtp_port"), "smtp_auth" => isset($_POST['smtp_auth']) && !empty($_POST['smtp_username']) && !empty($_POST['smtp_password']) ? TRUE : FALSE, "smtp_username" => form_sanitizer($_POST['smtp_username'], "", "smtp_username"), "login_method" => form_sanitizer($_POST['login_method'], 0, "login_method"), "thumb_compression" => form_sanitizer($_POST['thumb_compression'], 0, "thumb_compression"), "mime_check" => form_sanitizer($_POST['mime_check'], 0, "mime_check"), "guestposts" => form_sanitizer($_POST['guestposts'], 0, "guestposts"), "comments_enabled" => form_sanitizer($_POST['comments_enabled'], 0, "comments_enabled"), "comments_per_page" => form_sanitizer($_POST['comments_per_page'], 10, "comments_per_page"), "ratings_enabled" => form_sanitizer($_POST['ratings_enabled'], 0, "ratings_enabled"), "visitorcounter_enabled" => form_sanitizer($_POST['visitorcounter_enabled'], 0, "visitorcounter_enabled"), "rendertime_enabled" => form_sanitizer($_POST['rendertime_enabled'], 0, "rendertime_enabled"), "comments_sorting" => form_sanitizer($_POST['comments_sorting'], "DESC", "comments_sorting"), "index_url_bbcode" => form_sanitizer($_POST['index_url_bbcode'], 0, "index_url_bbcode"), "index_url_userweb" => form_sanitizer($_POST['index_url_userweb'], 0, "index_url_userweb"));
    if (defender::safe()) {
        foreach ($inputData as $settings_name => $settings_value) {
            $data = array("settings_name" => $settings_name, "settings_value" => $settings_value);
            dbquery_insert(DB_SETTINGS, $data, "update", array("primary_key" => "settings_name"));
        }
        addNotice('success', $locale['900']);
        redirect(FUSION_SELF . $aidlink);
    } else {
        addNotice('danger', $locale['901']);
    }
}
opentable($locale['misc_settings']);
echo "<div class='well'>" . $locale['misc_description'] . "</div>";
echo openform('settingsform', 'post', FUSION_SELF . $aidlink, array('max_tokens' => 1));
echo "<div class='row'>\n";
echo "<div class='col-xs-12 col-sm-12 col-md-8'>\n";
openside('');
echo "<div class='pull-right m-b-10'><span class='small2'>" . $locale['663'] . "</span></div>\n";
$choice_arr = array('1' => $locale['yes'], '0' => $locale['no']);

Example #15

File: article_cat.php Project: php-fusion/PHP-Fusion

         }
     }
     $inputArray = array("article_cat_id" => $cat_id, "article_cat_name" => $cat_name, "article_cat_parent" => $cat_parent, "article_cat_description" => $cat_description, "article_cat_language" => $cat_language, "article_cat_sorting" => $cat_sorting);
     $categoryNameCheck = array("when_updating" => "article_cat_name='" . $inputArray['article_cat_name'] . "' and article_cat_id !='" . $inputArray['article_cat_id'] . "' " . (multilang_table("AR") ? "and article_cat_language = '" . LANGUAGE . "'" : ""), "when_saving" => "article_cat_name='" . $inputArray['article_cat_name'] . "' " . (multilang_table("AR") ? "AND article_cat_language = '" . LANGUAGE . "'" : ""));
     if (defender::safe()) {
         if (dbcount("(article_cat_id)", DB_ARTICLE_CATS, "article_cat_id='" . $inputArray['article_cat_id'] . "'")) {
             if (!dbcount("(article_cat_id)", DB_ARTICLE_CATS, $categoryNameCheck['when_updating'])) {
                 dbquery_insert(DB_ARTICLE_CATS, $inputArray, "update");
                 addNotice("success", $locale['articles_0151']);
                 redirect(clean_request("cat_view=1", array("section", "aid"), true));
             } else {
                 addNotice("danger", $locale['articles_0352']);
             }
         } else {
             if (!dbcount("(article_cat_id)", DB_ARTICLE_CATS, $categoryNameCheck['when_saving'])) {
                 dbquery_insert(DB_ARTICLE_CATS, $inputArray, "save");
                 addNotice("success", $locale['articles_0150']);
                 redirect(clean_request("cat_view=1", array("section", "aid"), true));
             } else {
                 addNotice("danger", $locale['articles_0352']);
             }
         }
     }
 }
 // UI dual tab
 $articleCatTab['title'][] = $locale['articles_0020'];
 $articleCatTab['id'][] = "b";
 $articleCatTab['title'][] = $locale['articles_0027'];
 $articleCatTab['id'][] = "a";
 $tab_active = tab_active($articleCatTab, isset($_GET['action']) or !defender::safe() ? 1 : 0);
 echo opentab($articleCatTab, $tab_active, "artCTab", FALSE, "m-t-20");

Example #16

File: blog_submissions.php Project: knapnet/PHP-Fusion

         if (isset($_POST['del_image'])) {
             if (!empty($data['blog_image']) && file_exists(IMAGES_B . $data['blog_image'])) {
                 unlink(IMAGES_B . $data['blog_image']);
             }
             if (!empty($data['blog_image_t1']) && file_exists(IMAGES_B_T . $data['blog_image_t1'])) {
                 unlink(IMAGES_B_T . $data['blog_image_t1']);
             }
             if (!empty($data['blog_image_t2']) && file_exists(IMAGES_B_T . $data['blog_image_t2'])) {
                 unlink(IMAGES_B_T . $data['blog_image_t2']);
             }
             $data['blog_image'] = "";
             $data['blog_image_t1'] = "";
             $data['blog_image_t2'] = "";
         }
         if (defender::safe()) {
             dbquery_insert(DB_BLOG, $data, "save");
             $result = dbquery("DELETE FROM " . DB_SUBMISSIONS . " WHERE submit_id='" . $_GET['submit_id'] . "'");
             if ($data['blog_draft']) {
                 addNotice("success", $locale['blog_0147']);
             } else {
                 addNotice("success", $locale['blog_0146']);
             }
             redirect(clean_request("", array("submit_id"), FALSE));
         }
     } else {
         redirect(clean_request("", array("submit_id"), FALSE));
     }
 } elseif (isset($_POST['delete']) && (isset($_GET['submit_id']) && isnum($_GET['submit_id']))) {
     $result = dbquery("\n\t\t\tSELECT\n\t\t\tts.submit_datestamp, ts.submit_criteria\n\t\t\tFROM " . DB_SUBMISSIONS . " ts\n\t\t\tWHERE submit_type='b' and submit_id='" . intval($_GET['submit_id']) . "'\n\t\t");
     if (dbrows($result) > 0) {
         $data = dbarray($result);

Example #17

File: blog_admin.php Project: knapnet/PHP-Fusion

    $result = dbquery("SELECT blog_image, blog_image_t1, blog_image_t2 FROM " . DB_BLOG . " WHERE blog_id='" . $del_data['blog_id'] . "'");
    if (dbrows($result)) {
        $data = dbarray($result);
        if (!empty($data['blog_image']) && file_exists(IMAGES_B . $data['blog_image'])) {
            unlink(IMAGES_B . $data['blog_image']);
        }
        if (!empty($data['blog_image_t1']) && file_exists(IMAGES_B_T . $data['blog_image_t1'])) {
            unlink(IMAGES_B_T . $data['blog_image_t1']);
        }
        if (!empty($data['blog_image_t2']) && file_exists(IMAGES_B_T . $data['blog_image_t2'])) {
            unlink(IMAGES_B_T . $data['blog_image_t2']);
        }
        $result = dbquery("DELETE FROM " . DB_BLOG . " WHERE blog_id='" . $del_data['blog_id'] . "'");
        $result = dbquery("DELETE FROM " . DB_COMMENTS . "  WHERE comment_item_id='" . $del_data['blog_id'] . "' and comment_type='B'");
        $result = dbquery("DELETE FROM " . DB_RATINGS . " WHERE rating_item_id='" . $del_data['blog_id'] . "' and rating_type='B'");
        dbquery_insert(DB_BLOG, $del_data, 'delete');
        addNotice('warning', $locale['blog_0412']);
        redirect(FUSION_SELF . $aidlink);
    } else {
        redirect(FUSION_SELF . $aidlink);
    }
}
$allowed_pages = array("blog", "blog_category", "blog_form", "submissions", "settings");
$_GET['section'] = isset($_GET['section']) && in_array($_GET['section'], $allowed_pages) ? $_GET['section'] : "blog";
$edit = isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['blog_id']) && isnum($_GET['blog_id']) ? TRUE : FALSE;
$master_title['title'][] = $locale['blog_0400'];
$master_title['id'][] = 'blog';
$master_title['icon'] = '';
$master_title['title'][] = $edit ? $locale['blog_0402'] : $locale['blog_0401'];
$master_title['id'][] = 'blog_form';
$master_title['icon'] = '';

Example #18

File: panels.php Project: knapnet/PHP-Fusion

 /**
  * MYSQL save/update panels
  */
 private function set_paneldb()
 {
     global $aidlink, $locale, $defender;
     if (isset($_POST['panel_save'])) {
         $this->data['panel_id'] = isset($_POST['panel_id']) ? form_sanitizer($_POST['panel_id'], '0', 'panel_id') : 0;
         $this->data['panel_name'] = isset($_POST['panel_name']) ? form_sanitizer($_POST['panel_name'], '', 'panel_name') : '';
         $this->data['panel_side'] = isset($_POST['panel_side']) ? form_sanitizer($_POST['panel_side'], 1, 'panel_side') : 1;
         $this->data['panel_access'] = isset($_POST['panel_access']) ? form_sanitizer($_POST['panel_access'], '0', 'panel_access') : 0;
         // panel name is unique
         $result = dbcount("(panel_id)", DB_PANELS, "panel_name='" . $this->data['panel_name'] . "' AND panel_id !='" . $this->data['panel_id'] . "'");
         if ($result) {
             $defender->stop();
             addNotice('danger', $locale['471']);
         }
         $this->data['panel_filename'] = isset($_POST['panel_filename']) ? form_sanitizer($_POST['panel_filename'], '', 'panel_filename') : '';
         // panel content formatting
         if ($this->data['panel_filename'] == 'none') {
             $this->data['panel_type'] = "php";
             $this->data['panel_content'] = isset($_POST['panel_content']) ? addslashes($_POST['panel_content']) : '';
             if (!$this->data['panel_content']) {
                 $this->data['panel_content'] = "opentable(\"name\");\n" . "echo \"Content\";\n" . "closetable();";
                 if ($this->data['panel_side'] == 1 || $this->data['panel_side'] == 4) {
                     $this->data['panel_content'] = "openside(\"name\");\n" . "echo \"Content\";\n" . "closeside();";
                 }
             }
         } else {
             $this->data['panel_content'] = '';
             $this->data['panel_type'] = "file";
         }
         // need to add fourth option. only show in front page.
         $this->data['panel_restriction'] = isset($_POST['panel_restriction']) ? form_sanitizer($_POST['panel_restriction'], '', 'panel_restriction') : 0;
         // 3, show on all, 2 = show on home page. 1 = exclude , 0 = include
         //  post 0 to include all , 1 to exclude all, show all.
         if ($this->data['panel_restriction'] == '3') {
             // show on all
             $this->data['panel_display'] = $this->data['panel_side'] !== 1 && $this->data['panel_side'] !== 4 ? 1 : 0;
             $this->data['panel_url_list'] = '';
         } elseif ($this->data['panel_restriction'] == '2') {
             // show on homepage only
             $this->data['panel_display'] = 0;
             $this->data['panel_url_list'] = '';
             if ($this->data['panel_side'] == 1 || $this->data['panel_side'] == 4) {
                 $this->data['panel_url_list'] = fusion_get_settings('opening_page');
                 // because 1 and 4 directly overide panel_display.
             }
         } else {
             // require panel_url_list in this case
             $this->data['panel_url_list'] = isset($_POST['panel_url_list']) ? form_sanitizer($_POST['panel_url_list'], '', 'panel_url_list') : '';
             if ($this->data['panel_url_list']) {
                 $this->data['panel_url_list'] = str_replace(",", "\r\n", $this->data['panel_url_list']);
                 if ($this->data['panel_restriction'] == 1) {
                     // exclude mode
                     $this->data['panel_display'] = $this->data['panel_side'] !== 1 && $this->data['panel_side'] !== 4 ? 1 : 0;
                 } else {
                     // include mode
                     $this->data['panel_display'] = $this->data['panel_side'] !== 1 && $this->data['panel_side'] !== 4 ? 1 : 0;
                 }
             } else {
                 $defender->stop();
                 addNotice('danger', $locale['475']);
             }
         }
         $panel_languages = isset($_POST['panel_languages']) ? \defender::sanitize_array($_POST['panel_languages']) : array();
         if (!empty($panel_languages)) {
             $this->data['panel_languages'] = implode('.', $panel_languages);
         }
         // panel order .. add to last or sort - no need since we already have drag and drop... but if they dont have jquery this would be a good idea.
         if ($this->data['panel_id'] && self::verify_panel($this->data['panel_id'])) {
             dbquery_insert(DB_PANELS, $this->data, 'update');
             addNotice('info', $locale['482']);
             if (!defined('FUSION_NULL')) {
                 redirect(FUSION_SELF . $aidlink . "&section=listpanel&status=su");
             }
         } else {
             // add panel order automatically
             $result = dbquery("SELECT panel_order FROM " . DB_PANELS . " WHERE panel_side='" . intval($this->data['panel_side']) . "' ORDER BY panel_order DESC LIMIT 1");
             if (dbrows($result) != 0) {
                 $data = dbarray($result);
                 $this->data['panel_order'] = $data['panel_order'] + 1;
             } else {
                 $this->data['panel_order'] = 1;
             }
             dbquery_insert(DB_PANELS, $this->data, 'save');
             addNotice('success', $locale['485']);
             if (!defined('FUSION_NULL')) {
                 redirect(FUSION_SELF . $aidlink . "&section=listpanel&status=sn");
             }
         }
     }
 }

Example #19

File: gallery_actions.php Project: knapnet/PHP-Fusion

        dbquery_order(DB_PHOTOS, $photo_data['photo_order'], "photo_order", $photo_data['photo_id'], "photo_id", $photo_data['album_id'], "album_id", FALSE, FALSE, "delete");
        dbquery_insert(DB_PHOTOS, $photo_data, 'delete');
        addNotice("success", $locale['photo_0024']);
        redirect(clean_request("", array("aid", "album_id"), TRUE));
    }
}
// purge photos
if (isset($_GET['action']) && $_GET['action'] == "purge" && isset($_GET['cat_id']) && isnum($_GET['cat_id'])) {
    $result = dbquery("select * from " . DB_PHOTO_ALBUMS . " where album_id='" . intval($_GET['cat_id']) . "'");
    if (dbrows($result) > 0) {
        // album verified
        $albumData = dbarray($result);
        $photoResult = dbquery("select photo_id, photo_filename, photo_thumb1, photo_thumb2\n\t\tfrom " . DB_PHOTOS . " where album_id='" . intval($_GET['cat_id']) . "'");
        if (dbrows($photoResult) > 0) {
            if (!isset($_POST['purge_confirm'])) {
                echo $locale['photo_0026'] . "<br/><br/>\n";
                echo openform("purgephotos", "post", FUSION_REQUEST);
                echo form_button("purge_confirm", $locale['photo_0027'], $locale['photo_0027'], array("class" => "btn-danger m-r-10"));
                echo form_button("cancel", $locale['photo_0028'], $locale['photo_0028'], array("class" => "btn-default m-r-10"));
                echo closeform();
            } else {
                while ($pData = dbarray($photoResult)) {
                    purgePhotoImage($pData);
                    // purging everything, order is not relevant
                    dbquery_insert(DB_PHOTOS, $pData, "delete");
                }
                redirect(clean_request("album_id=" . $_GET['cat_id'], array("aid")), TRUE);
            }
        }
    }
}

Example #20

File: article_settings.php Project: php-fusion/PHP-Fusion

| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
pageAccess("S8");
if (isset($_POST['savesettings'])) {
    $error = 0;
    $inputArray = array("article_pagination" => form_sanitizer($_POST['article_pagination'], 0, "article_pagination"), "article_allow_submission" => form_sanitizer($_POST['article_allow_submission'], 0, "article_allow_submission"), "article_extended_required" => isset($_POST['article_extended_required']) ? 1 : 0);
    if (defender::safe()) {
        foreach ($inputArray as $settings_name => $settings_value) {
            $inputSettings = array("settings_name" => $settings_name, "settings_value" => $settings_value, "settings_inf" => "article");
            dbquery_insert(DB_SETTINGS_INF, $inputSettings, "update", array("primary_key" => "settings_name"));
        }
        addNotice("success", $locale['900']);
        redirect(FUSION_REQUEST);
    } else {
        addNotice('danger', $locale['901']);
    }
}
echo "<div class='well'>" . $locale['articles_0031'] . "</div>";
echo openform('settingsform', 'post', FUSION_REQUEST);
openside('');
echo form_text("article_pagination", $locale['articles_0032'], $article_settings['article_pagination'], array("inline" => TRUE, "max_length" => 4, "width" => "150px", "type" => "number"));
echo form_select("article_allow_submission", $locale['articles_0033'], $article_settings['article_allow_submission'], array("inline" => TRUE, "options" => array($locale['disable'], $locale['enable'])));
echo form_checkbox("article_extended_required", $locale['articles_0034'], $article_settings['article_extended_required'], array("inline" => TRUE));
closeside();
echo form_button('savesettings', $locale['750'], $locale['750'], array('class' => 'btn-primary'));

Example #21

File: blog.php Project: php-fusion/PHP-Fusion

        }
        if (!empty($data['blog_image_t2']) && file_exists(IMAGES_B_T . $data['blog_image_t2'])) {
            unlink(IMAGES_B_T . $data['blog_image_t2']);
        }
        $data['blog_image'] = "";
        $data['blog_image_t1'] = "";
        $data['blog_image_t2'] = "";
    }
    if (defender::safe()) {
        if (dbcount("('blog_id')", DB_BLOG, "blog_id='" . $data['blog_id'] . "'")) {
            dbquery_insert(DB_BLOG, $data, 'update');
            addNotice('success', $locale['blog_0411']);
            redirect(FUSION_SELF . $aidlink);
        } else {
            $data['blog_name'] = $userdata['user_id'];
            dbquery_insert(DB_BLOG, $data, 'save');
            addNotice('success', $locale['blog_0410']);
            redirect(FUSION_SELF . $aidlink);
        }
    }
} elseif (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_POST['blog_id']) && isnum($_POST['blog_id'])) || isset($_GET['blog_id']) && isnum($_GET['blog_id'])) {
    $result = dbquery("SELECT * FROM " . DB_BLOG . " WHERE blog_id='" . (isset($_POST['blog_id']) ? $_POST['blog_id'] : $_GET['blog_id']) . "'");
    if (dbrows($result)) {
        $data = dbarray($result);
    } else {
        redirect(FUSION_SELF . $aidlink);
    }
}
if (isset($_POST['preview'])) {
    $blog_blog = "";
    if ($_POST['blog_blog']) {

Example #22

File: news_submissions.php Project: knapnet/PHP-Fusion

         if (isset($_POST['del_image'])) {
             if (!empty($data['news_image']) && file_exists(IMAGES_N . $data['news_image'])) {
                 unlink(IMAGES_N . $data['news_image']);
             }
             if (!empty($data['news_image_t1']) && file_exists(IMAGES_N_T . $data['news_image_t1'])) {
                 unlink(IMAGES_N_T . $data['news_image_t1']);
             }
             if (!empty($data['news_image_t2']) && file_exists(IMAGES_N_T . $data['news_image_t2'])) {
                 unlink(IMAGES_N_T . $data['news_image_t2']);
             }
             $data['news_image'] = "";
             $data['news_image_t1'] = "";
             $data['news_image_t2'] = "";
         }
         if (defender::safe()) {
             dbquery_insert(DB_NEWS, $data, "save");
             $result = dbquery("DELETE FROM " . DB_SUBMISSIONS . " WHERE submit_id='" . $_GET['submit_id'] . "'");
             if ($data['news_draft']) {
                 addNotice("success", $locale['news_0147']);
             } else {
                 addNotice("success", $locale['news_0146']);
             }
             redirect(clean_request("", array("submit_id"), FALSE));
         }
     } else {
         redirect(clean_request("", array("submit_id"), FALSE));
     }
 } else {
     if (isset($_POST['delete']) && (isset($_GET['submit_id']) && isnum($_GET['submit_id']))) {
         $result = dbquery("\n\t\t\tSELECT\n\t\t\tts.submit_datestamp, ts.submit_criteria\n\t\t\tFROM " . DB_SUBMISSIONS . " ts\n\t\t\tWHERE submit_type='n' and submit_id='" . intval($_GET['submit_id']) . "'\n\t\t");
         if (dbrows($result) > 0) {

Example #23

File: faq_cats.php Project: knapnet/PHP-Fusion

if ($faqCat_edit) {
    $result = dbquery("select * from " . DB_FAQ_CATS . " WHERE faq_cat_id='" . intval($_GET['cat_id']) . "'");
    if (dbrows($result) > 0) {
        $data = dbarray($result);
    } else {
        redirect(FUSION_SELF . $aidlink);
    }
}
if (isset($_POST['save_cat'])) {
    $data = array("faq_cat_id" => form_sanitizer($_POST['faq_cat_id'], 0, "faq_cat_id"), "faq_cat_name" => form_sanitizer($_POST['faq_cat_name'], "", "faq_cat_name"), "faq_cat_description" => form_sanitizer($_POST['faq_cat_description'], "", "faq_cat_description"), "faq_cat_language" => form_sanitizer($_POST['faq_cat_language'], "", "faq_cat_language"));
    if (defender::safe()) {
        if (dbcount("(faq_cat_id)", DB_FAQ_CATS, "faq_cat_id='" . $data['faq_cat_id'] . "'")) {
            dbquery_insert(DB_FAQ_CATS, $data, "update");
            addNotice("success", $locale['faq_0205']);
        } else {
            dbquery_insert(DB_FAQ_CATS, $data, "save");
            addNotice("success", $locale['faq_0204']);
        }
        redirect(FUSION_SELF . $aidlink);
    }
}
echo openform('faqCat_form', 'post', FUSION_REQUEST, array("class" => "m-t-20"));
echo form_hidden('faq_cat_id', "", $data['faq_cat_id']);
echo form_text('faq_cat_name', $locale['faq_0200'], $data['faq_cat_name'], array('error_text' => $locale['faq_0201'], 'required' => 1));
echo form_text('faq_cat_description', $locale['faq_0202'], $data['faq_cat_description']);
if (multilang_table("FQ")) {
    echo form_select("faq_cat_language", $locale['global_ML100'], $data['faq_cat_language'], array('options' => fusion_get_enabled_languages()));
} else {
    echo form_hidden("faq_cat_language", '', LANGUAGE);
}
echo form_button('save_cat', $locale['faq_0203'], $locale['faq_0203'], array('class' => 'btn-primary m-t-10'));

Example #24

File: register.php Project: php-fusion/PHP-Fusion

    redirect("index.php");
}
$errors = array();
if (isset($_GET['email']) && isset($_GET['code'])) {
    if (!preg_check("/^[-0-9A-Z_\\.]{1,50}@([-0-9A-Z_\\.]+\\.){1,50}([0-9A-Z]){2,4}\$/i", $_GET['email'])) {
        redirect("register.php?error=activate");
    }
    if (!preg_check("/^[0-9a-z]{40}\$/", $_GET['code'])) {
        redirect("register.php?error=activate");
    }
    $result = dbquery("SELECT user_info FROM " . DB_NEW_USERS . " WHERE user_code='" . $_GET['code'] . "' AND user_email='" . $_GET['email'] . "'");
    if (dbrows($result) > 0) {
        add_to_title($locale['global_200'] . $locale['u155']);
        $data = dbarray($result);
        $user_info = unserialize(base64_decode($data['user_info']));
        dbquery_insert(DB_USERS, $user_info, 'save');
        $result = dbquery("DELETE FROM " . DB_NEW_USERS . " WHERE user_code='" . $_GET['code'] . "' LIMIT 1");
        if (fusion_get_settings('admin_activation') == 1) {
            addNotice("success", $locale['u171'] . " - " . $locale['u162'], 'all');
        } else {
            addNotice("success", $locale['u171'] . " - " . $locale['u161'], 'all');
        }
        redirect(fusion_get_settings('opening_page'));
    } else {
        redirect(fusion_get_settings('opening_page'));
    }
} elseif (isset($_POST['register'])) {
    $userInput = new PHPFusion\UserFieldsInput();
    $userInput->validation = $settings['display_validation'];
    //$settings['display_validation'];
    $userInput->emailVerification = $settings['email_verification'];

Example #25

File: article_submissions.php Project: php-fusion/PHP-Fusion

if (fusion_get_settings("tinymce_enabled")) {
    echo "<script language='javascript' type='text/javascript'>advanced();</script>\n";
}
if (isset($_GET['submit_id']) && isnum($_GET['submit_id'])) {
    if (isset($_POST['publish']) && (isset($_GET['submit_id']) && isnum($_GET['submit_id']))) {
        $result = dbquery("SELECT ts.*, tu.user_id, tu.user_name FROM " . DB_SUBMISSIONS . " ts\n\t\t\tLEFT JOIN " . DB_USERS . " tu ON ts.submit_user=tu.user_id\n\t\t\tWHERE submit_id='" . $_GET['submit_id'] . "'");
        if (dbrows($result)) {
            $data = dbarray($result);
            $data = array('article_id' => 0, 'article_subject' => form_sanitizer($_POST['article_subject'], '', 'article_subject'), 'article_cat' => form_sanitizer($_POST['article_cat'], 0, 'article_cat'), 'article_name' => $data['user_id'], 'article_snippet' => addslash(preg_replace("(^<p>\\s</p>\$)", "", $_POST['article_snippet'])), 'article_article' => addslash(preg_replace("(^<p>\\s</p>\$)", "", $_POST['article_article'])), 'article_keywords' => form_sanitizer($_POST['article_keywords'], '', 'article_keywords'), 'article_datestamp' => form_sanitizer($_POST['article_datestamp'], time(), 'article_datestamp'), 'article_visibility' => form_sanitizer($_POST['article_visibility'], 0, 'article_visibility'), 'article_draft' => isset($_POST['article_draft']) ? "1" : "0", 'article_allow_comments' => 0, 'article_allow_ratings' => 0, 'article_language' => form_sanitizer($_POST['article_language'], '', 'article_language'));
            if (fusion_get_settings('tinymce_enabled') != 1) {
                $data['article_breaks'] = isset($_POST['line_breaks']) ? "y" : "n";
            } else {
                $data['article_breaks'] = "n";
            }
            if (defender::safe()) {
                dbquery_insert(DB_ARTICLES, $data, "save");
                $result = dbquery("DELETE FROM " . DB_SUBMISSIONS . " WHERE submit_id='" . $_GET['submit_id'] . "'");
                if ($data['article_draft']) {
                    addNotice("success", $locale['articles_0051']);
                } else {
                    addNotice("success", $locale['articles_0050']);
                }
                redirect(clean_request("", array("submit_id"), FALSE));
            }
        } else {
            redirect(clean_request("", array("submit_id"), FALSE));
        }
    } else {
        if (isset($_POST['delete']) && (isset($_GET['submit_id']) && isnum($_GET['submit_id']))) {
            $result = dbquery("\n\t\t\tSELECT\n\t\t\tts.submit_id, ts.submit_datestamp, ts.submit_criteria\n\t\t\tFROM " . DB_SUBMISSIONS . " ts\n\t\t\tWHERE submit_type='a' and submit_id='" . intval($_GET['submit_id']) . "'\n\t\t");
            if (dbrows($result) > 0) {

Example #26

File: UserFieldsInput.php Project: php-fusion/PHP-Fusion

 /**
  * Update User Fields
  * @return bool
  */
 public function saveUpdate()
 {
     $locale = fusion_get_locale();
     $settings = fusion_get_settings();
     $this->_method = "validate_update";
     //$this->data = $this->userData; // Turn off for Next
     $this->_settUserName();
     $this->_setPassword();
     if (!defined('ADMIN_PANEL')) {
         $this->_setAdminPassword();
     }
     $this->_setUserEmail();
     if ($this->validation == 1) {
         $this->_setValidationError();
     }
     $this->_setUserAvatar();
     $quantum = new QuantumFields();
     $quantum->setCategoryDb(DB_USER_FIELD_CATS);
     $quantum->setFieldDb(DB_USER_FIELDS);
     $quantum->setPluginFolder(INCLUDES . "user_fields/");
     $quantum->setPluginLocaleFolder(LOCALE . LOCALESET . "user_fields/");
     $quantum->load_fields();
     $quantum->load_field_cats();
     $quantum->setCallbackData($this->data);
     $_input = $quantum->return_fields_input(DB_USERS, 'user_id');
     if (!empty($_input)) {
         foreach ($_input as $input) {
             $this->data += $input;
         }
     }
     if (\defender::safe()) {
         if ($this->_userName != $this->userData['user_name']) {
             save_user_log($this->userData['user_id'], "user_name", $this->_userName, $this->userData['user_name']);
         }
         if ($this->_userEmail != $this->userData['user_email']) {
             save_user_log($this->userData['user_id'], "user_email", $this->_userEmail, $this->userData['user_email']);
         }
         $quantum->log_user_action(DB_USERS, "user_id");
         dbquery_insert(DB_USERS, $this->data, 'update');
         $this->_completeMessage = $locale['u163'];
         if ($this->isAdminPanel && $this->_isValidCurrentPassword && $this->_newUserPassword && $this->_newUserPassword2) {
             // inform user that password has changed. and tell him your new password
             include INCLUDES . "sendmail_include.php";
             addNotice("success", str_replace("USER_NAME", $this->userData['user_name'], $locale['global_458']));
             $input = array("mailname" => $this->userData['user_name'], "email" => $this->userData['user_email'], "subject" => str_replace("[SITENAME]", $settings['sitename'], $locale['global_456']), "message" => str_replace(array("[SITENAME]", "[SITEUSERNAME]", "USER_NAME", "[PASSWORD]"), array($settings['sitename'], $settings['siteusername'], $this->userData['user_name'], $this->_newUserPassword), $locale['global_457']));
             if (!sendemail($input['mailname'], $input['email'], $settings['siteusername'], $settings['siteemail'], $input['subject'], $input['message'])) {
                 addNotice('warning', str_replace("USER_NAME", $this->userData['user_name'], $locale['global_459']));
             }
         }
         if (\defender::safe()) {
             addNotice('success', $locale['u169']);
         }
         return true;
     }
     return false;
 }

Example #27

File: maincore.php Project: php-fusion/PHP-Fusion

                    } else {
                        if ($mime_types[$extension] != $each['type']) {
                            die('Prevented an unwanted file upload attempt!');
                        }
                    }
                }
                unset($file_info, $extension);
            }
        }
        unset($mime_types);
    }
}
$defender = new defender();
// Set admin login procedures
Authenticate::setAdminLogin();
$defender->debug_notice = FALSE;
// turn this off after beta.
$defender->sniff_token();
$dynamic = new dynamics();
$dynamic->boot();
$fusion_page_head_tags =& \PHPFusion\OutputHandler::$pageHeadTags;
$fusion_page_footer_tags =& \PHPFusion\OutputHandler::$pageFooterTags;
$fusion_jquery_tags =& \PHPFusion\OutputHandler::$jqueryTags;
// Set theme using $_GET as well.
// Set theme
if ($userdata['user_level'] == USER_LEVEL_SUPER_ADMIN && isset($_GET['themes']) && theme_exists($_GET['themes'])) {
    $newUserTheme = array("user_id" => $userdata['user_id'], "user_theme" => stripinput($_GET['themes']));
    dbquery_insert(DB_USERS, $newUserTheme, "update");
    redirect(clean_request("", array("themes"), FALSE));
}
set_theme(empty($userdata['user_theme']) ? fusion_get_settings("theme") : $userdata['user_theme']);

Example #28

File: weblinks.php Project: knapnet/PHP-Fusion

 $data = array("weblink_id" => 0, "weblink_name" => "", "weblink_cat" => 0, "weblink_description" => "", "weblink_visibility" => iGUEST, "weblink_url" => "", "weblink_datestamp" => time());
 if (isset($_GET['action']) && $_GET['action'] == "delete" && (isset($_GET['weblink_id']) && isnum($_GET['weblink_id']))) {
     $result = dbquery("DELETE FROM " . DB_WEBLINKS . " WHERE weblink_id='" . $_GET['weblink_id'] . "'");
     addNotice("success", $locale['wl_0302']);
     redirect(FUSION_SELF . $aidlink);
 }
 if (isset($_POST['save_link'])) {
     $data = array("weblink_id" => form_sanitizer($_POST['weblink_id'], 0, 'weblink_id'), "weblink_cat" => form_sanitizer($_POST['weblink_cat'], 0, 'weblink_cat'), "weblink_name" => form_sanitizer($_POST['weblink_name'], '', 'weblink_name'), "weblink_description" => form_sanitizer($_POST['weblink_description'], '', 'weblink_description'), "weblink_visibility" => form_sanitizer($_POST['weblink_visibility'], '0', 'weblink_visibility'), "weblink_url" => form_sanitizer($_POST['weblink_url'], '', 'weblink_url'), "weblink_datestamp" => form_sanitizer($_POST['weblink_datestamp'], '', 'weblink_datestamp'));
     if (defender::safe()) {
         if (dbcount("(weblink_id)", DB_WEBLINKS, "weblink_id='" . intval($data['weblink_id']) . "'")) {
             $data['weblink_datestamp'] = isset($_POST['update_datestamp']) ? time() : $data['weblink_datestamp'];
             dbquery_insert(DB_WEBLINKS, $data, "update");
             addNotice("success", $locale['wl_0301']);
             redirect(FUSION_SELF . $aidlink);
         } else {
             dbquery_insert(DB_WEBLINKS, $data, "save");
             addNotice("success", $locale['wl_0300']);
             redirect(FUSION_SELF . $aidlink);
         }
     }
 }
 if ($weblink_edit) {
     $result = dbquery("SELECT * FROM " . DB_WEBLINKS . " WHERE weblink_id='" . intval($_GET['weblink_id']) . "'");
     if (dbrows($result)) {
         $data = dbarray($result);
     } else {
         redirect(FUSION_SELF . $aidlink);
     }
 }
 echo openform('inputform', 'post', FUSION_REQUEST, array("class" => "m-t-20"));
 echo "<div class='row'>\n";

Example #29

File: article_submit.php Project: php-fusion/PHP-Fusion

$article_settings = get_settings("article");
if (file_exists(INFUSIONS . "articles/locale/" . LOCALESET . "articles_admin.php")) {
    include INFUSIONS . "articles/locale/" . LOCALESET . "articles_admin.php";
} else {
    include INFUSIONS . "articles/locale/English/articles_admin.php";
}
opentable("<i class='fa fa-commenting-o fa-lg m-r-10'></i>" . $locale['articles_0060']);
if (iMEMBER && $article_settings['article_allow_submission'] && ($cat_exist = dbcount("(article_cat_id)", DB_ARTICLE_CATS, multilang_table("AR") ? "article_cat_language='" . LANGUAGE . "'" : ""))) {
    $criteriaArray = array("article_subject" => "", "article_cat" => 0, "article_snippet" => "", "article_article" => "", "article_language" => LANGUAGE, "article_keywords" => "");
    if (isset($_POST['submit_article'])) {
        $submit_info['article_snippet'] = nl2br(parseubb(stripinput($_POST['article_snippet'])));
        $submit_info['article_article'] = nl2br(parseubb(stripinput($_POST['article_article'])));
        $criteriaArray = array("article_subject" => form_sanitizer($_POST['article_subject'], "", "article_subject"), "article_cat" => form_sanitizer($_POST['article_cat'], "", "article_cat"), "article_snippet" => form_sanitizer($submit_info['article_snippet'], "", "article_snippet"), "article_article" => form_sanitizer($submit_info['article_article'], "", "article_article"), "article_language" => form_sanitizer($_POST['article_language'], "", "article_language"), "article_keywords" => form_sanitizer($_POST['article_keywords'], "", "article_keywords"));
        if (defender::safe()) {
            $inputArray = array("submit_type" => "a", "submit_user" => $userdata['user_id'], "submit_datestamp" => time(), "submit_criteria" => addslashes(serialize($criteriaArray)));
            dbquery_insert(DB_SUBMISSIONS, $inputArray, "save");
            addNotice("success", $locale['articles_0061']);
            redirect(clean_request("submitted=a", array("stype"), TRUE));
        }
    }
    if (isset($_GET['submitted']) && $_GET['submitted'] == "a") {
        add_to_title($locale['global_200'] . $locale['articles_0040']);
        echo "<div class='well text-center'><p><strong>" . $locale['articles_0061'] . "</strong></p>";
        echo "<p><a href='submit.php?stype=a'>" . $locale['articles_0062'] . "</a></p>";
        echo "<p><a href='index.php'>" . str_replace("[SITENAME]", fusion_get_settings("sitename"), $locale['articles_0064']) . "</a></p>\n";
        echo "</div>\n";
    } else {
        // Preview
        if (isset($_POST['preview_article'])) {
            $article_snippet = "";
            if ($_POST['article_snippet']) {

Example #30

File: download_submissions.php Project: knapnet/PHP-Fusion

                 $temp_file = $callback_data['download_image'];
                 $callback_data['download_image'] = filename_exists($dest, $callback_data['download_image']);
                 copy(DOWNLOADS . "submissions/images/" . $temp_file, $dest . $callback_data['download_image']);
                 chmod($dest . $callback_data['download_image'], 0644);
                 unlink(DOWNLOADS . "submissions/images/" . $temp_file);
             }
             // move thumbnail
             if (!empty($callback_data['download_image_thumb']) && file_exists(DOWNLOADS . "/submissions/images/" . $callback_data['download_image_thumb'])) {
                 $dest = DOWNLOADS . "images/";
                 $temp_file = $callback_data['download_image_thumb'];
                 $callback_data['download_image_thumb'] = filename_exists($dest, $callback_data['download_image_thumb']);
                 copy(DOWNLOADS . "submissions/images/" . $temp_file, $dest . $callback_data['download_image_thumb']);
                 chmod($dest . $callback_data['download_image_thumb'], 0644);
                 unlink(DOWNLOADS . "submissions/images/" . $temp_file);
             }
             dbquery_insert(DB_DOWNLOADS, $callback_data, "save");
             dbquery("DELETE FROM " . DB_SUBMISSIONS . " WHERE submit_id='" . intval($_GET['submit_id']) . "'");
             addNotice("success", $locale['download_0063']);
             redirect(clean_request("", array("submit_id"), FALSE));
         }
     } else {
         redirect(clean_request("", array("submit_id"), FALSE));
     }
 } else {
     if (isset($_POST['delete']) && (isset($_GET['submit_id']) && isnum($_GET['submit_id']))) {
         $result = dbquery("\n\t\t\tSELECT ts.submit_id, ts.submit_datestamp, ts.submit_criteria\n\t\t\tFROM " . DB_SUBMISSIONS . " ts\n\t\t\tWHERE submit_type='d' and submit_id='" . intval($_GET['submit_id']) . "'\n\t\t");
         if (dbrows($result) > 0) {
             $callback_data = dbarray($result);
             // delete all the relevant files
             $delCriteria = unserialize($callback_data['submit_criteria']);
             if (!empty($delCriteria['download_image']) && file_exists(INFUSIONS . "downloads/submisisons/images/" . $delCriteria['download_image'])) {