/** * MYSQL update and save forum */ private function set_forumDB() { global $aidlink; // Save_permission if (isset($_POST['save_permission'])) { $this->data['forum_id'] = form_sanitizer($_POST['forum_id'], '', 'forum_id'); $this->data = self::get_forum($this->data['forum_id']); if (!empty($this->data)) { $this->data['forum_access'] = form_sanitizer($_POST['forum_access'], USER_LEVEL_PUBLIC, 'forum_access'); $this->data['forum_post'] = form_sanitizer($_POST['forum_post'], USER_LEVEL_MEMBER, 'forum_post'); $this->data['forum_reply'] = form_sanitizer($_POST['forum_reply'], USER_LEVEL_MEMBER, 'forum_reply'); $this->data['forum_post_ratings'] = form_sanitizer($_POST['forum_post_ratings'], USER_LEVEL_MEMBER, 'forum_post_ratings'); $this->data['forum_poll'] = form_sanitizer($_POST['forum_poll'], USER_LEVEL_MEMBER, 'forum_poll'); $this->data['forum_vote'] = form_sanitizer($_POST['forum_vote'], USER_LEVEL_MEMBER, 'forum_vote'); $this->data['forum_answer_threshold'] = form_sanitizer($_POST['forum_answer_threshold'], 0, 'forum_answer_threshold'); $this->data['forum_attach'] = form_sanitizer($_POST['forum_attach'], USER_LEVEL_MEMBER, 'forum_attach'); $this->data['forum_attach_download'] = form_sanitizer($_POST['forum_attach_download'], USER_LEVEL_PUBLIC, 'forum_attach_download'); $this->data['forum_mods'] = isset($_POST['forum_mods']) ? form_sanitizer($_POST['forum_mods'], '', 'forum_mods') : ""; dbquery_insert(DB_FORUMS, $this->data, 'update'); addnotice('success', self::$locale['forum_notice_10']); if (\defender::safe()) { redirect(FUSION_SELF . $aidlink . $this->ext); } } } if (isset($_POST['save_forum'])) { $this->data = array('forum_id' => form_sanitizer($_POST['forum_id'], 0, 'forum_id'), 'forum_name' => form_sanitizer($_POST['forum_name'], '', 'forum_name'), 'forum_description' => form_sanitizer($_POST['forum_description'], '', 'forum_description'), 'forum_cat' => form_sanitizer($_POST['forum_cat'], 0, 'forum_cat'), 'forum_type' => form_sanitizer($_POST['forum_type'], '', 'forum_type'), 'forum_language' => form_sanitizer($_POST['forum_language'], '', 'forum_language'), 'forum_alias' => form_sanitizer($_POST['forum_alias'], '', 'forum_alias'), 'forum_meta' => form_sanitizer($_POST['forum_meta'], '', 'forum_meta'), 'forum_rules' => form_sanitizer($_POST['forum_rules'], '', 'forum_rules'), 'forum_image_enable' => isset($_POST['forum_image_enable']) ? 1 : 0, 'forum_merge' => isset($_POST['forum_merge']) ? 1 : 0, 'forum_allow_attach' => isset($_POST['forum_allow_attach']) ? 1 : 0, 'forum_quick_edit' => isset($_POST['forum_quick_edit']) ? 1 : 0, 'forum_allow_poll' => isset($_POST['forum_allow_poll']) ? 1 : 0, 'forum_poll' => USER_LEVEL_MEMBER, 'forum_users' => isset($_POST['forum_users']) ? 1 : 0, 'forum_lock' => isset($_POST['forum_lock']) ? 1 : 0, 'forum_permissions' => isset($_POST['forum_permissions']) ? form_sanitizer($_POST['forum_permissions'], 0, 'forum_permissions') : 0, 'forum_order' => isset($_POST['forum_order']) ? form_sanitizer($_POST['forum_order']) : '', 'forum_branch' => get_hkey(DB_FORUMS, 'forum_id', 'forum_cat', $this->data['forum_cat']), 'forum_image' => '', 'forum_mods' => ""); $this->data['forum_alias'] = $this->data['forum_alias'] ? str_replace(' ', '-', $this->data['forum_alias']) : ''; // Checks for unique forum alias if ($this->data['forum_alias']) { if ($this->data['forum_id']) { $alias_check = dbcount("('alias_id')", DB_PERMALINK_ALIAS, "alias_url='" . $this->data['forum_alias'] . "' AND alias_item_id !='" . $this->data['forum_id'] . "'"); } else { $alias_check = dbcount("('alias_id')", DB_PERMALINK_ALIAS, "alias_url='" . $this->data['forum_alias'] . "'"); } if ($alias_check) { \defender::stop(); addNotice('warning', self::$locale['forum_error_6']); } } // check forum name unique $this->data['forum_name'] = $this->check_validForumName($this->data['forum_name'], $this->data['forum_id']); // Uploads or copy forum image or use back the forum image existing if (!empty($_FILES) && is_uploaded_file($_FILES['forum_image']['tmp_name'])) { $upload = form_sanitizer($_FILES['forum_image'], '', 'forum_image'); if ($upload['error'] == 0) { if (!empty($upload['thumb1_name'])) { $this->data['forum_image'] = $upload['thumb1_name']; } else { $this->data['forum_image'] = $upload['image_name']; } } } elseif (isset($_POST['forum_image_url']) && $_POST['forum_image_url'] != "") { require_once INCLUDES . "photo_functions_include.php"; // if forum_image_header is not empty $type_opts = array('0' => BASEDIR, '1' => ''); // the url $this->data['forum_image'] = $type_opts[intval($_POST['forum_image_header'])] . form_sanitizer($_POST['forum_image_url'], '', 'forum_image_url'); $upload = copy_file($this->data['forum_image'], FORUM . "images/"); if ($upload['error'] == TRUE) { \defender::stop(); addNotice('danger', self::$locale['forum_error_9']); } else { $this->data['forum_image'] = $upload['name']; } } else { $this->data['forum_image'] = isset($_POST['forum_image']) ? form_sanitizer($_POST['forum_image'], '', 'forum_image') : ""; } if (!$this->data['forum_id']) { $this->data += array('forum_access' => USER_LEVEL_PUBLIC, 'forum_post' => USER_LEVEL_MEMBER, 'forum_reply' => USER_LEVEL_MEMBER, 'forum_post_ratings' => USER_LEVEL_MEMBER, 'forum_poll' => USER_LEVEL_MEMBER, 'forum_vote' => USER_LEVEL_MEMBER, 'forum_mods' => ""); } // Set last order if (!$this->data['forum_order']) { $this->data['forum_order'] = dbresult(dbquery("SELECT MAX(forum_order) FROM " . DB_FORUMS . " " . (multilang_table("FO") ? "WHERE forum_language='" . LANGUAGE . "' AND" : "WHERE") . " forum_cat='" . $this->data['forum_cat'] . "'"), 0) + 1; } if (\defender::safe()) { if ($this->verify_forum($this->data['forum_id'])) { $result = dbquery_order(DB_FORUMS, $this->data['forum_order'], 'forum_order', $this->data['forum_id'], 'forum_id', $this->data['forum_cat'], 'forum_cat', 1, 'forum_language', 'update'); if ($result) { dbquery_insert(DB_FORUMS, $this->data, 'update'); } addNotice('success', self::$locale['forum_notice_9']); redirect(FUSION_SELF . $aidlink . $this->ext); } else { $new_forum_id = 0; $result = dbquery_order(DB_FORUMS, $this->data['forum_order'], 'forum_order', FALSE, FALSE, $this->data['forum_cat'], 'forum_cat', 1, 'forum_language', 'save'); if ($result) { dbquery_insert(DB_FORUMS, $this->data, 'save'); $new_forum_id = dblastid(); } if ($this->data['forum_cat'] == 0) { redirect(FUSION_SELF . $aidlink . "&action=p_edit&forum_id=" . $new_forum_id . "&parent_id=0"); } else { switch ($this->data['forum_type']) { case '1': addNotice('success', self::$locale['forum_notice_1']); break; case '2': addNotice('success', self::$locale['forum_notice_2']); break; case '3': addNotice('success', self::$locale['forum_notice_3']); break; case '4': addNotice('success', self::$locale['forum_notice_4']); break; } redirect(FUSION_SELF . $aidlink . $this->ext); } } } } }
} else { purgeAlbumImage($albumData); dbquery_insert(DB_PHOTO_ALBUMS, $albumData, "delete"); addNotice("success", $locale['album_0030']); redirect(FUSION_SELF . $aidlink); } } } // delete photo if (isset($_GET['action']) && $_GET['action'] == "delete" && isset($_GET['photo_id']) && isnum($_GET['photo_id'])) { if (dbcount("(photo_id)", DB_PHOTOS, "photo_id='" . intval($_GET['photo_id']) . "'")) { $photo_data = dbarray(dbquery("select photo_id, photo_title, photo_filename, photo_thumb1, photo_thumb2 FROM " . DB_PHOTOS . "\n\t\twhere photo_id='" . intval($_GET['photo_id']) . "'\n\t\t")); purgePhotoImage($photo_data); dbquery("delete from " . DB_COMMENTS . " where comment_item_id='" . intval($photo_data['photo_id']) . "' and comment_type='P'"); dbquery("delete from " . DB_RATINGS . " where rating_item_id='" . intval($photo_data['photo_id']) . "' and rating_type='P'"); dbquery_order(DB_PHOTOS, $photo_data['photo_order'], "photo_order", $photo_data['photo_id'], "photo_id", $photo_data['album_id'], "album_id", FALSE, FALSE, "delete"); dbquery_insert(DB_PHOTOS, $photo_data, 'delete'); addNotice("success", $locale['photo_0024']); redirect(clean_request("", array("aid", "album_id"), TRUE)); } } // purge photos if (isset($_GET['action']) && $_GET['action'] == "purge" && isset($_GET['cat_id']) && isnum($_GET['cat_id'])) { $result = dbquery("select * from " . DB_PHOTO_ALBUMS . " where album_id='" . intval($_GET['cat_id']) . "'"); if (dbrows($result) > 0) { // album verified $albumData = dbarray($result); $photoResult = dbquery("select photo_id, photo_filename, photo_thumb1, photo_thumb2\n\t\tfrom " . DB_PHOTOS . " where album_id='" . intval($_GET['cat_id']) . "'"); if (dbrows($photoResult) > 0) { if (!isset($_POST['purge_confirm'])) { echo $locale['photo_0026'] . "<br/><br/>\n";
$data['album_image'] = form_sanitizer(isset($_POST['album_image']) ? $_POST['album_image'] : "", "", "album_image"); $data['album_thumb2'] = form_sanitizer(isset($_POST['album_thumb2']) ? $_POST['album_thumb2'] : "", "", "album_thumb2"); $data['album_thumb1'] = form_sanitizer(isset($_POST['album_thumb1']) ? $_POST['album_thumb1'] : "", "", "album_thumb1"); } } } if (defender::safe()) { if (dbcount("(album_id)", DB_PHOTO_ALBUMS, "album_id='" . intval($data['album_id']) . "'")) { // update album $result = dbquery_order(DB_PHOTO_ALBUMS, $data['album_order'], 'album_order', $data['album_id'], 'album_id', FALSE, FALSE, TRUE, 'album_language', 'update'); dbquery_insert(DB_PHOTO_ALBUMS, $data, "update"); addNotice('success', $locale['album_0013']); redirect(FUSION_SELF . $aidlink); } else { // create album $result = dbquery_order(DB_PHOTO_ALBUMS, $data['album_order'], 'album_order', 0, "album_id", FALSE, FALSE, TRUE, 'album_language', 'save'); dbquery_insert(DB_PHOTO_ALBUMS, $data, "save"); addNotice('success', $locale['album_0014']); redirect(FUSION_SELF . $aidlink); } } } // callback if ($album_edit) { $result = dbquery("SELECT * FROM " . DB_PHOTO_ALBUMS . " WHERE album_id='" . intval($_GET['cat_id']) . "'"); if (dbrows($result) > 0) { $data = dbarray($result); } } // edit features - add more in roadmap. // add features to purge all album photos and it's administration
/** * Site Links Form */ private function display_sitelinks_form() { $locale = fusion_get_locale(); fusion_confirm_exit(); if (isset($_POST['savelink'])) { $this->data = array("link_id" => form_sanitizer($_POST['link_id'], 0, 'link_id'), "link_cat" => form_sanitizer($_POST['link_cat'], 0, 'link_cat'), "link_name" => form_sanitizer($_POST['link_name'], '', 'link_name'), "link_url" => form_sanitizer($_POST['link_url'], '', 'link_url'), "link_icon" => form_sanitizer($_POST['link_icon'], '', 'link_icon'), "link_language" => form_sanitizer($_POST['link_language'], '', 'link_language'), "link_visibility" => form_sanitizer($_POST['link_visibility'], '', 'link_visibility'), "link_position" => form_sanitizer($_POST['link_position'], '', 'link_position'), "link_order" => form_sanitizer($_POST['link_order'], '', 'link_order'), "link_window" => form_sanitizer(isset($_POST['link_window']) && $_POST['link_window'] == 1 ? 1 : 0, 0, 'link_window')); if ($this->data['link_position'] > 3) { $this->data['link_position'] = form_sanitizer($_POST['link_position_id'], 3, 'link_position_id'); } if (empty($this->data['link_order'])) { $max_order_query = "SELECT MAX(link_order) 'link_order' FROM " . DB_SITE_LINKS . "\n " . (multilang_table("SL") ? "WHERE link_language='" . LANGUAGE . "' AND" : "WHERE") . "\n link_cat='" . $this->data['link_cat'] . "'"; $this->data['link_order'] = dbresult(dbquery($max_order_query), 0) + 1; } if (\defender::safe()) { if (!empty($this->data['link_id'])) { dbquery_order(DB_SITE_LINKS, $this->data['link_order'], "link_order", $this->data['link_id'], "link_id", $this->data['link_cat'], "link_cat", multilang_table("SL"), "link_language", "update"); dbquery_insert(DB_SITE_LINKS, $this->data, 'update'); addNotice("success", $locale['SL_0016']); } else { dbquery_order(DB_SITE_LINKS, $this->data['link_order'], "link_order", $this->data['link_id'], "link_id", $this->data['link_cat'], "link_cat", multilang_table("SL"), "link_language", "save"); dbquery_insert(DB_SITE_LINKS, $this->data, 'save'); addNotice("success", $locale['SL_0015']); } redirect(clean_request("link_cat=" . $this->data['link_cat'], array('ref'), FALSE)); } } echo "<div class='m-t-20'>\n"; echo openform('link_administration_frm', 'post', FUSION_REQUEST); echo "<div class='row'>\n"; echo "<div class='col-xs-12 col-sm-12 col-md-8 col-lg-8'>\n"; echo form_hidden('link_id', '', $this->data['link_id']); echo form_textarea('link_name', $locale['SL_0020'], $this->data['link_name'], array('max_length' => 100, 'required' => TRUE, 'error_text' => $locale['SL_0085'], 'form_name' => 'linkform', 'type' => 'bbcode', 'inline' => TRUE)); echo form_text('link_icon', 'Link Icon', $this->data['link_icon'], array('max_length' => 100, 'inline' => TRUE)); echo form_text('link_url', $locale['SL_0021'], $this->data['link_url'], array('required' => TRUE, 'error_text' => $locale['SL_0086'], 'inline' => TRUE)); echo form_text('link_order', $locale['SL_0023'], $this->data['link_order'], array('class' => 'pull-left', 'inline' => TRUE, 'width' => '250px', 'type' => 'number')); // There will be a trick to manipulate the situation here if ($this->data['link_position'] > 3) { $this->data['link_position_id'] = $this->data['link_position']; $this->data['link_position'] = 4; } echo form_select('link_position', $locale['SL_0024'], $this->data['link_position'], array('options' => $this->position_opts, 'inline' => TRUE, 'stacked' => form_text('link_position_id', '', $this->data['link_position_id'], array('required' => true, 'placeholder' => 'ID', 'type' => 'number', 'type' => 'number', 'width' => '150px')))); add_to_jquery("\n checkLinkPosition( " . $this->data['link_position'] . " );\n \$('#link_position').bind('change', function(e) {\n checkLinkPosition( \$(this).val() );\n });\n "); echo "</div>\n"; echo "<div class='col-xs-12 col-sm-12 col-md-4 col-lg-4'>\n"; echo form_select_tree("link_cat", $locale['SL_0029'], $this->data['link_cat'], array('input_id' => 'link_categorys', "parent_value" => $locale['parent'], 'width' => '100%', 'query' => multilang_table("SL") ? "WHERE link_language='" . LANGUAGE . "'" : '', 'disable_opts' => $this->data['link_id'], 'hide_disabled' => 1), DB_SITE_LINKS, "link_name", "link_id", "link_cat"); echo form_select('link_language', $locale['global_ML100'], $this->data['link_language'], array('options' => $this->language_opts, 'placeholder' => $locale['choose'], 'width' => '100%')); echo form_select('link_visibility', $locale['SL_0022'], $this->data['link_visibility'], array('options' => self::get_LinkVisibility(), 'placeholder' => $locale['choose'], 'width' => '100%')); echo form_checkbox('link_window', $locale['SL_0028'], $this->data['link_window']); echo "</div>\n"; echo "</div>\n"; echo form_button('savelink', $locale['SL_0040'], $locale['SL_0040'], array('class' => 'btn-primary m-r-10', 'input_id' => 'savelink_2')); echo form_button("cancel", $locale['cancel'], "cancel", array('input_id' => 'cancel2')); echo closeform(); echo "</div>\n"; }
public function quantum_category_form() { global $aidlink; $this->locale = fusion_get_locale(); $this->debug = FALSE; add_to_jquery("\n\t\t\$('#field_parent').val() == '0' ? \$('#page_settings').show() : \$('#page_settings').hide()\n\t\t\$('#field_parent').bind('change', function() {\n\t\t\$(this).val() == '0' ? \$('#page_settings').show() : \$('#page_settings').hide()\n\t\t});\n\t\t"); if (isset($_GET['action']) && $_GET['action'] == 'cat_edit' && isset($_GET['cat_id']) && self::validate_fieldCat($_GET['cat_id'])) { $result = dbquery("SELECT * FROM " . $this->category_db . " WHERE field_cat_id='" . $_GET['cat_id'] . "'"); if (dbrows($result) > 0) { $this->field_cat_data = dbarray($result); } else { if (!$this->debug) { addNotice('warning', $this->locale['field_0206']); redirect(FUSION_SELF . $aidlink); } } } if (isset($_POST['save_cat'])) { $this->field_cat_data = array('field_cat_id' => form_sanitizer($_POST['field_cat_id'], '', 'field_cat_id'), 'field_cat_name' => self::fusion_getlocale($this->field_cat_data, 'field_cat_name'), 'field_parent' => form_sanitizer($_POST['field_parent'], '', 'field_parent'), 'field_cat_order' => form_sanitizer($_POST['field_cat_order'], '', 'field_cat_order')); // only if root then need to sanitize $old_data = array("field_cat_db" => "users"); $result = dbquery("SELECT * FROM " . $this->category_db . " WHERE field_cat_id='" . $this->field_cat_data['field_cat_id'] . "'"); if (dbrows($result) > 0) { $old_data = dbarray($result); } if ($this->field_cat_data['field_parent'] == 0) { $this->field_cat_data['field_cat_db'] = form_sanitizer($_POST['field_cat_db'], 'users', 'field_cat_db'); $this->field_cat_data['field_cat_index'] = form_sanitizer($_POST['field_cat_index'], '', 'field_cat_index'); $this->field_cat_data['field_cat_class'] = form_sanitizer($_POST['field_cat_class'], '', 'field_cat_class'); } if ($this->field_cat_data['field_cat_order'] == 0) { $this->field_cat_data['field_cat_order'] = dbresult(dbquery("SELECT MAX(field_cat_order)\n FROM " . $this->category_db . "\n WHERE field_parent='" . $this->field_cat_data['field_parent'] . "'"), 0) + 1; } // shuffle between save and update if (self::validate_fieldCat($this->field_cat_data['field_cat_id'])) { dbquery_order($this->category_db, $this->field_cat_data['field_cat_order'], 'field_cat_order', $this->field_cat_data['field_cat_id'], 'field_cat_id', $this->field_cat_data['field_parent'], 'field_parent', FALSE, FALSE, 'update'); if (!$this->debug) { if (\defender::safe()) { if (empty($old_data['field_cat_db']) or $old_data['field_cat_db'] !== "users") { if (!empty($old_data['field_cat_db']) && !empty($old_data['field_cat_index'])) { // CONDITION: HAVE A PREVIOUS TABLE SET if ($this->field_cat_data['field_cat_db']) { // new demands a table insertion, checks if same or not.. if different. if ($this->field_cat_data['field_cat_db'] !== $old_data['field_cat_db']) { // But the current table is different than the previous one // - build the new one, move the column, drop the old one. self::build_table($this->field_cat_data['field_cat_db'], $this->field_cat_data['field_cat_index']); self::transfer_table($old_data['field_cat_db'], $this->field_cat_data['field_cat_db']); self::drop_table($old_data['field_cat_db']); } else { if ($old_data['field_cat_index'] !== $this->field_cat_data['field_cat_index']) { self::rename_column($this->field_cat_data['field_cat_db'], $old_data['field_cat_index'], $this->field_cat_data['field_cat_index'], "MEDIUMINT(8) NOT NULL DEFAULT '0'"); } } } elseif (empty($this->field_cat_data['field_cat_db'])) { self::drop_table($this->field_cat_data['field_cat_db']); } } elseif (!empty($this->field_cat_data['field_cat_index']) && !empty($this->field_cat_data['field_cat_db'])) { self::build_table($this->field_cat_data['field_cat_db'], $this->field_cat_data['field_cat_index']); } dbquery_insert($this->category_db, $this->field_cat_data, 'update'); addNotice('success', $this->locale['field_0207']); } redirect(FUSION_SELF . $aidlink); } } else { print_p('Update Mode'); print_p($this->field_cat_data); } } else { dbquery_order($this->category_db, $this->field_cat_data['field_cat_order'], 'field_cat_order', $this->field_cat_data['field_cat_id'], 'field_cat_id', $this->field_cat_data['field_parent'], 'field_parent', TRUE, 'field_cat_name', 'save'); if (!$this->debug && \defender::safe()) { if (!empty($this->field_cat_data['field_cat_index']) && !empty($this->field_cat_data['field_cat_db']) && $this->field_cat_data['field_cat_db'] !== 'users') { self::build_table($this->field_cat_data['field_cat_db'], $this->field_cat_data['field_cat_index']); } dbquery_insert($this->category_db, $this->field_cat_data, 'save'); addNotice('success', $this->locale['field_0208']); redirect(FUSION_SELF . $aidlink); } else { if ($this->debug) { print_p('Save Mode'); print_p($this->field_cat_data); } } } } // exclusion list - unselectable $cat_list = array(); if (!empty($this->cat_list)) { foreach ($this->cat_list as $id => $value) { $cat_list[] = $id; } } $html = openform('cat_form', 'post', FUSION_SELF . $aidlink, array('max_tokens' => 1)); $html .= form_button('save_cat', $this->locale['fields_0318'], 'save_cat', array('input_id' => 'save_cat2', 'class' => 'm-b-20 btn-primary')); $html .= self::quantum_multilocale_fields('field_cat_name', $this->locale['fields_0430'], $this->field_cat_data['field_cat_name'], array('required' => 1)); $html .= form_select_tree('field_parent', $this->locale['fields_0431'], $this->field_cat_data['field_parent'], array('parent_value' => $this->locale['fields_0432'], 'disable_opts' => $cat_list), $this->category_db, 'field_cat_name', 'field_cat_id', 'field_parent'); $html .= form_text('field_cat_order', $this->locale['fields_0433'], $this->field_cat_data['field_cat_order'], array('number' => 1)); $html .= form_hidden('field_cat_id', '', $this->field_cat_data['field_cat_id'], array('number' => 1)); $html .= form_hidden('add_cat', '', 'add_cat'); // root settings $html .= "<div id='page_settings' class='list-group-item m-t-20'>\n"; $html .= "<div class='text-smaller m-b-10'>" . $this->locale['fields_0111'] . "</div>\n"; $html .= form_text('field_cat_db', sprintf($this->locale['fields_0434'], " db_prefix_ "), $this->field_cat_data['field_cat_db'], array('placeholder' => 'Table Name', "required" => TRUE, "inline" => FALSE, "deactivate" => $this->field_cat_data['field_cat_db'] ? TRUE : FALSE)); $html .= "<div class='text-smaller m-b-10'>" . $this->locale['fields_0112'] . "</div>\n"; $html .= form_text('field_cat_index', $this->locale['fields_0435'], $this->field_cat_data['field_cat_index'], array('placeholder' => 'user_id', "required" => TRUE, "inline" => FALSE)); $html .= "<div class='text-smaller m-b-10'>" . $this->locale['fields_0113'] . "</div>\n"; $html .= form_text('field_cat_class', $this->locale['fields_0436'], $this->field_cat_data['field_cat_class'], array('placeholder' => 'icon for tabs', "inline" => FALSE)); $html .= form_hidden('add_cat', '', 'add_cat'); $html .= "</div>\n"; $html .= form_button('save_cat', $this->locale['fields_0318'], 'save_cat', array('class' => 'm-t-20 btn-primary')); $html .= closeform(); return $html; }
function photo_form() { global $locale, $aidlink, $userdata, $gll_settings, $defender, $photo_edit; $albumRows = dbcount("(album_id)", DB_PHOTO_ALBUMS, multilang_table("PG") ? "album_language='" . LANGUAGE . "'" : ""); if ($albumRows) { $data = array("photo_id" => 0, "photo_title" => "", "album_id" => 0, "photo_description" => "", "photo_keywords" => "", "photo_filename" => "", "photo_thumb1" => "", "photo_thumb2" => "", "photo_datestamp" => time(), "photo_user" => $userdata['user_id'], "photo_views" => 0, "photo_order" => 0, "photo_allow_comments" => TRUE, "photo_allow_ratings" => TRUE); if (isset($_POST['save_photo'])) { $data = array("photo_id" => form_sanitizer($_POST['photo_id'], "", "photo_id"), "photo_title" => form_sanitizer($_POST['photo_title'], "", "photo_title"), "album_id" => form_sanitizer($_POST['album_id'], "", "album_id"), "photo_description" => form_sanitizer($_POST['photo_description'], "", "photo_description"), "photo_keywords" => form_sanitizer($_POST['photo_keywords'], "", "photo_keywords"), "photo_order" => form_sanitizer($_POST['photo_order'], "", "photo_order"), "photo_datestamp" => form_sanitizer($_POST['photo_datestamp'], "", "photo_datestamp"), "photo_user" => form_sanitizer($_POST['photo_user'], "", "photo_user"), "photo_allow_comments" => isset($_POST['photo_allow_comments']) ? TRUE : FALSE, "photo_allow_ratings" => isset($_POST['photo_allow_ratings']) ? TRUE : FALSE, "photo_views" => 0, "photo_filename" => "", "photo_thumb1" => "", "photo_thumb2" => ""); if (empty($data['photo_order'])) { $data['photo_order'] = dbresult(dbquery("SELECT MAX(photo_order) FROM " . DB_PHOTOS . "\n\t\t\t\twhere album_id='" . $data['album_id'] . "'"), 0) + 1; } if (defender::safe()) { if (!empty($_FILES['photo_image']) && is_uploaded_file($_FILES['photo_image']['tmp_name'])) { $upload = form_sanitizer($_FILES['photo_image'], "", "photo_image"); if (empty($upload['error'])) { $data['photo_filename'] = $upload['image_name']; $data['photo_thumb1'] = $upload['thumb1_name']; $data['photo_thumb2'] = $upload['thumb2_name']; } } elseif ($data['photo_id'] > 0) { // during edit, photo_id is not 0. // delete image if (isset($_POST['del_image'])) { // album_id $result = dbquery("select photo_filename, photo_thumb1, photo_thumb2 FROM " . DB_PHOTOS . " WHERE photo_id='" . $data['photo_id'] . "'"); if (dbrows($result) > 0) { $pData = dbarray($result); if ($pData['photo_filename'] && file_exists(IMAGES_G . $pData['photo_filename'])) { unlink(IMAGES_G . $pData['photo_filename']); } if ($pData['photo_thumb1'] && file_exists(IMAGES_G . $pData['photo_thumb1'])) { unlink(IMAGES_G_T . $pData['photo_thumb1']); } if ($pData['photo_thumb2'] && file_exists(IMAGES_G . $pData['photo_thumb2'])) { unlink(IMAGES_G_T . $pData['photo_thumb2']); } $data['photo_filename'] = ""; $data['photo_thumb1'] = ""; $data['photo_thumb2'] = ""; } } else { $data['photo_filename'] = form_sanitizer($_POST['photo_filename'], "", "photo_filename"); $data['photo_thumb2'] = form_sanitizer($_POST['photo_thumb2'], "", "photo_thumb2"); $data['photo_thumb1'] = form_sanitizer($_POST['photo_thumb1'], "", "photo_thumb1"); } } else { // because we require the photo image must be uploaded. $defender->stop(); $defender->setInputError("photo_image"); addNotice("danger", $locale['photo_0014']); } } if (defender::safe()) { if (dbcount("(photo_id)", DB_PHOTOS, "photo_id='" . intval($data['photo_id']) . "'")) { // update album $result = dbquery_order(DB_PHOTOS, $data['photo_order'], 'photo_order', $data['photo_id'], 'photo_id', FALSE, FALSE, FALSE, '', 'update'); dbquery_insert(DB_PHOTOS, $data, "update"); addNotice('success', $locale['photo_0015']); redirect(FUSION_SELF . $aidlink . "&album_id=" . $data['album_id']); } else { // create album $result = dbquery_order(DB_PHOTOS, $data['photo_order'], 'photo_order', 0, "photo_id", FALSE, FALSE, FALSE, '', 'save'); dbquery_insert(DB_PHOTOS, $data, "save"); addNotice('success', $locale['photo_0016']); redirect(FUSION_SELF . $aidlink . "&album_id=" . $data['album_id']); } } } if ($photo_edit) { $result = dbquery("select * from " . DB_PHOTOS . " WHERE photo_id='" . intval($_GET['photo_id']) . "'"); if (dbrows($result) > 0) { $data = dbarray($result); } else { redirect(FUSION_SELF . $aidlink); } } echo openform('photoform', 'post', FUSION_REQUEST, array('enctype' => TRUE, 'class' => 'm-t-20')); echo "<div class='row'>\n<div class='col-xs-12 col-sm-8'>\n"; echo form_hidden("photo_id", "", $data['photo_id']); echo form_hidden("photo_datestamp", "", $data['photo_datestamp']); echo form_hidden("photo_user", "", $data['photo_user']); echo form_text("photo_title", $locale['photo_0001'], $data['photo_title'], array("required" => TRUE, "placeholder" => $locale['photo_0002'], "inline" => TRUE)); echo form_select('photo_keywords', $locale['photo_0006'], $data['photo_keywords'], array('placeholder' => $locale['photo_0007'], 'inline' => TRUE, 'multiple' => TRUE, "tags" => TRUE, 'width' => '100%')); echo form_text('photo_order', $locale['photo_0013'], $data['photo_order'], array("type" => "number", "inline" => TRUE, "width" => "100px")); if ($data['photo_filename'] || $data['photo_thumb1']) { echo "<div class='well col-sm-offset-3'>\n"; $image = ''; if ($data['photo_filename'] && file_exists(IMAGES_G . $data['photo_filename'])) { $image = thumbnail(IMAGES_G . $data['photo_filename'], $gll_settings['thumb_w']); echo form_hidden("photo_filename", "", $data['photo_filename']); } if ($data['photo_thumb2'] && file_exists(IMAGES_G_T . $data['photo_thumb2'])) { $image = thumbnail(IMAGES_G_T . $data['photo_thumb2'], $gll_settings['thumb_w']); echo form_hidden("photo_thumb2", "", $data['photo_thumb2']); } if ($data['photo_thumb1'] && file_exists(IMAGES_G_T . $data['photo_thumb2'])) { $image = thumbnail(IMAGES_G_T . $data['photo_thumb1'], $gll_settings['thumb_w']); echo form_hidden("photo_thumb1", "", $data['photo_thumb1']); } echo "<label for='del_image'>\n"; echo $image; echo "</label>\n"; echo form_checkbox("del_image", $locale['photo_0018'], ""); echo "</div>\n"; } else { $upload_settings = array("upload_path" => IMAGES_G, "required" => TRUE, 'thumbnail_folder' => 'thumbs', 'thumbnail' => TRUE, 'thumbnail_w' => $gll_settings['thumb_w'], 'thumbnail_h' => $gll_settings['thumb_h'], 'thumbnail_suffix' => '_t1', 'thumbnail2' => TRUE, 'thumbnail2_w' => $gll_settings['photo_w'], 'thumbnail2_h' => $gll_settings['photo_h'], 'thumbnail2_suffix' => '_t2', 'max_width' => $gll_settings['photo_max_w'], 'max_height' => $gll_settings['photo_max_h'], 'max_byte' => $gll_settings['photo_max_b'], 'multiple' => FALSE, 'delete_original' => FALSE, "template" => "modern", "inline" => TRUE, "error_text" => $locale['photo_0014']); echo form_fileinput('photo_image', $locale['photo_0004'], "", $upload_settings); echo "<div class='m-b-10 col-xs-12 col-sm-offset-3'>" . sprintf($locale['photo_0017'], parsebytesize($gll_settings['photo_max_b']), str_replace(',', ' ', ".jpg,.gif,.png"), $gll_settings['photo_max_w'], $gll_settings['photo_max_h']) . "</div>\n"; } $snippetSettings = array("required" => FALSE, "preview" => TRUE, "html" => TRUE, "autosize" => TRUE, "form_name" => "inputform", "inline" => TRUE, 'placeholder' => $locale['photo_0009']); if (fusion_get_settings("tinymce_enabled")) { $snippetSettings = array("form_name" => "inputform", "required" => FALSE, "inline" => TRUE, 'placeholder' => $locale['photo_0009']); } echo form_textarea('photo_description', $locale['photo_0008'], $data['photo_description'], $snippetSettings); echo "</div>\n"; echo "<div class='col-xs-12 col-sm-4'>\n"; echo form_select('album_id', $locale['photo_0003'], $data['album_id'], array("options" => get_albumOpts(), "width" => "100%")); echo form_checkbox('photo_allow_comments', $locale['photo_0010'], $data['photo_allow_comments']); echo form_checkbox('photo_allow_ratings', $locale['photo_0011'], $data['photo_allow_ratings']); echo "</div>\n</div>\n"; echo form_button('save_photo', $locale['photo_0012'], $locale['photo_0012'], array('class' => 'btn-success btn-sm m-r-10')); echo closeform(); } else { echo "<div class='well m-t-20 text-center'>\n"; echo sprintf($locale['gallery_0012'], FUSION_SELF . $aidlink . "&section=album_form"); echo "</div>\n"; } }
/** * Site Links Form */ public function menu_form() { global $locale, $aidlink; fusion_confirm_exit(); $this->AdminInstance(); if (isset($_POST['savelink'])) { $data = array("link_id" => form_sanitizer($_POST['link_id'], 0, 'link_id'), "link_cat" => form_sanitizer($_POST['link_cat'], 0, 'link_cat'), "link_name" => form_sanitizer($_POST['link_name'], '', 'link_name'), "link_url" => form_sanitizer($_POST['link_url'], '', 'link_url'), "link_icon" => form_sanitizer($_POST['link_icon'], '', 'link_icon'), "link_language" => form_sanitizer($_POST['link_language'], '', 'link_language'), "link_visibility" => form_sanitizer($_POST['link_visibility'], '', 'link_visibility'), "link_position" => form_sanitizer($_POST['link_position'], '', 'link_position'), "link_order" => form_sanitizer($_POST['link_order'], '', 'link_order')); if (!$data['link_order']) { $data['link_order'] = dbresult(dbquery("SELECT MAX(link_order) FROM " . DB_SITE_LINKS . " " . (multilang_table("SL") ? "WHERE link_language='" . LANGUAGE . "' AND" : "WHERE") . " link_cat='" . $data['link_cat'] . "'"), 0) + 1; } if (\defender::safe()) { if (self::verify_edit($data['link_id'])) { dbquery_order(DB_SITE_LINKS, $data['link_order'], "link_order", $data['link_id'], "link_id", $data['link_cat'], "link_cat", multilang_table("SL"), "link_language", "update"); dbquery_insert(DB_SITE_LINKS, $data, 'update'); addNotice("success", $locale['SL_0016']); redirect(FUSION_SELF . $aidlink . "&link_cat=" . $data['link_cat']); } else { dbquery_order(DB_SITE_LINKS, $data['link_order'], "link_order", $data['link_id'], "link_id", $data['link_cat'], "link_cat", multilang_table("SL"), "link_language", "save"); dbquery_insert(DB_SITE_LINKS, $data, 'save'); addNotice("success", $locale['SL_0015']); redirect(FUSION_SELF . $aidlink . "&link_cat=" . $data['link_cat']); } } } echo "<div class='m-t-20'>\n"; echo openform('linkform', 'post', $this->form_action, array('max_tokens' => 1)); echo "<div class='row'>\n"; echo "<div class='col-xs-12 col-sm-12 col-md-8 col-lg-8'>\n"; echo form_hidden('link_id', '', $this->data['link_id']); echo form_text('link_name', $locale['SL_0020'], $this->data['link_name'], array('max_length' => 100, 'required' => TRUE, 'error_text' => $locale['SL_0085'], 'inline' => TRUE)); echo form_text('link_icon', 'Link Icon', $this->data['link_icon'], array('max_length' => 100, 'inline' => TRUE)); echo form_text('link_url', $locale['SL_0021'], $this->data['link_url'], array('required' => TRUE, 'error_text' => $locale['SL_0086'], 'inline' => TRUE)); echo form_text('link_order', $locale['SL_0023'], $this->data['link_order'], array('number' => TRUE, 'class' => 'pull-left', 'inline' => TRUE)); echo form_select('link_position', $locale['SL_0024'], $this->data['link_position'], array('options' => $this->position_opts, 'inline' => TRUE)); echo "</div>\n"; echo "<div class='col-xs-12 col-sm-12 col-md-4 col-lg-4'>\n"; openside(''); echo form_select_tree("link_cat", $locale['SL_0029'], $this->data['link_cat'], array('input_id' => 'link_categorys', "parent_value" => $locale['parent'], 'width' => '100%', 'query' => multilang_table("SL") ? "WHERE link_language='" . LANGUAGE . "'" : '', 'disable_opts' => $this->data['link_id'], 'hide_disabled' => 1), DB_SITE_LINKS, "link_name", "link_id", "link_cat"); echo form_select('link_language', $locale['global_ML100'], $this->data['link_language'], array('options' => $this->language_opts, 'placeholder' => $locale['choose'], 'width' => '100%')); echo form_select('link_visibility', $locale['SL_0022'], $this->data['link_visibility'], array('options' => self::getVisibility(), 'placeholder' => $locale['choose'], 'width' => '100%')); echo form_checkbox('link_window', $locale['SL_0028'], $this->data['link_window']); closeside(); echo "</div>\n"; echo "</div>\n"; echo form_button('savelink', $locale['SL_0040'], $locale['SL_0040'], array('class' => 'btn-primary')); echo closeform(); echo "</div>\n"; }