} if (isset($_GET['dropbox_per_page'])) { $sort_params[] = 'dropbox_per_page=' . intval($_GET['dropbox_per_page']); } if (isset($_GET['dropbox_direction'])) { $sort_params[] = 'dropbox_direction=' . $_GET['dropbox_direction']; } $sort_params = Security::remove_XSS(implode('&', $sort_params)); $action = isset($_GET['action']) ? $_GET['action'] : null; /* ACTIONS: add a dropbox file, add a dropbox category. */ // Display the form for adding a new dropbox item. if ($action == 'add') { if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) { api_not_allowed(); } display_add_form($dropbox_unid, $viewReceivedCategory, $viewSentCategory, $view); } if (isset($_POST['submitWork'])) { $check = Security::check_token(); if ($check) { $message = store_add_dropbox(); if (!empty($message)) { Display::display_confirmation_message($message); } } } // Display the form for adding a category if ($action == 'addreceivedcategory' or $action == 'addsentcategory') { if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) { api_not_allowed(); }
function protect_folder($vars) { $func_name = "protect_{$vars[method]}"; $files = array(); $err = $func_name($vars, $files); if ($err) { display_add_form($vars, $err); return; } // save folder info now global $config, $db; $path = $db->escape($vars['path']); $url = $db->escape($vars['url']); $method = $db->escape($vars['method']); $product_ids = $vars['product_id_all'] ? 'ALL' : join(',', $vars['product_id']); $files = $db->escape(serialize($files)); $db->query("INSERT INTO {$db->config[prefix]}folders\n (path, url, method, product_ids, files_content)\n VALUES\n ('{$path}', '{$url}', '{$method}', '{$product_ids}', '{$files}')\n "); if ($GLOBALS['protection_is_instruction']) { } else { admin_log("Folder protected ({$path}) - {$method}", "folders", mysql_insert_id()); admin_html_redirect("protect.php?added=ok", "Folder protected", "Folder has been protected successfully"); } exit; }
$form = 2; break; default: } $fav->load($pid); } display_super_fav($fav); switch ($form) { case 1: display_edit_form($fav, $editArr); break; case 2: display_add_form($fav, true); break; default: display_add_form($fav, false); } unset($fav); page_footer(); function display_super_fav($fav) { ?> <table class="main adj"> <caption>我的百宝箱</caption> <col class="center"/><col class="center"/><col/><col class="center"/> <tbody> <tr><th>位置</th><th>类型</th><th style="width: 20em;">名称</th><th>操作</th></tr> <?php if ($fav->currentPid != 0) { ?> <tr>
<?php require_once 'fns.php'; //添加问题及选项 check_is_on(); do_html_header('add_topic'); display_add_form(); do_html_URL('index.php', '返回主界面'); do_html_footer();
function add_save() { global $db, $t; global $member_additional_fields; $errors = array(); $vars = get_input_vars(); if (strlen($vars['generate_login'])) { $vars['login'] = generate_login($vars); } if (strlen($vars['generate_pass'])) { $vars['pass'] = generate_password($vars); } $vars['pass0'] = $vars['pass']; if (!strlen($vars['login'])) { $errors[] = "'Login' is a required field"; } elseif ($db->check_uniq_login($vars['login'], $vars['email'], $vars['pass0'], 1) >= 0) { $errors[] = "User '{$vars['login']} already exists' - please choose another username"; } if (!strlen($vars['pass0'])) { $errors[] = "'Password' is a required field"; } foreach ($member_additional_fields as $f) { $fname = $f['name']; if ($f['validate_func']) { foreach ((array) $f['validate_func'] as $func) { if (!function_exists($func)) { fatal_error("Validation function '{$func}' for field: '{$fname}' not defined. Internal error", 0); } if ($err = $func($vars[$fname], $f['title'], $f)) { $errors[] = "{$err}"; } } } } foreach ($member_additional_fields as $f) { $fname = $f['name']; if (isset($vars[$fname])) { $vars['data'][$fname] = $vars[$fname]; } } if ($errors) { $t->assign('errors', $errors); return display_add_form($vars); } foreach ($member_additional_fields as $f) { $fname = $f['name']; $vars[$fname] = $vars['data'][$fname]; unset($vars['data'][$fname]); } $member_id = $db->add_pending_user($vars); if ($config['use_affiliates']) { $is_affiliate = $vars['is_affiliate']; } else { $is_affiliate = '0'; } $db->subscribe_member($member_id, $is_affiliate); $db->add_member_threads($member_id, $vars['threads']); update_cc_info($member_id, $vars); admin_log("Member added ({$vars['login']})", 'members', $member_id); $t->assign('member_id', $member_id); $t->assign('msg', "User added. Click on 'User Payments' link in top to subscribe him."); $t->assign('link', "users.php?action=payments&member_id={$member_id}"); $t->display("admin/user_saved.html"); }
case 'add': $field = array(); if ($vars['save']) { check_demo(); $field = get_field_from_form($vars); if ($err = validate_add_form($field)) { $t->assign('error', $err); } elseif ($err = add_field($field)) { $t->assign('error', $err); } else { admin_log("Additonal Field ({$field['name']}) inserted"); admin_html_redirect("fields.php", "Field info added", "Field info added to config"); break; } } display_add_form($field); break; case 'edit': foreach ($ff as $f) { if ($f['name'] == $vars['name']) { $old_field = $f; } } $new_field = $old_field = get_field_from_saved($old_field); if ($vars['save']) { check_demo(); $new_field = get_field_from_form($vars); if ($err = validate_edit_form($new_field, $old_field)) { $t->assign('error', $err); } elseif ($err = save_field($new_field, $old_field)) { $t->assign('error', $err);