function content() { global $pagenum, $selected, $message, $menu, $set, $langmessage, $LNEversion, $out, $prefix; if ($message != "") { $out .= "<div class=\"LNE_message\">" . $message . "</div>\n"; } if ($_SESSION['adminlevel'] > 3) { $out .= adminmenu(); } switch ($_GET['do']) { case "search": $out .= "<h2 class=\"LNE_title\">{$langmessage['66']}</h2>\n"; $out .= search(); break; case "register": if ($set['gzip']) { $out .= register(); } break; case "addons": $out .= addons(); break; case "create": $out .= create_page(); break; case "database": $out .= query(); break; case "delete": delete_page(); break; case "edit": print $out; $out = ""; editpage(); break; case "editextra": print $out; $out = ""; extras(); break; case "editmenu": $out .= editmenu(); break; case "login": $out .= loginform(); break; case "plugins": $out .= plugins(); break; case "profile": if ($_SESSION[$set['password']] == "1") { $out .= profile(); } break; case "query": $out .= query(); break; case "settings": $out .= settings(); break; case "setup": $out .= setup(); break; case "sitemap": $out .= showsitemap($langmessage, 0); break; case "users": $out .= users(); break; default: $addons = fetch_all(dbquery("SELECT * FROM " . $prefix . "addons WHERE active=1")); $found = false; foreach ($addons as $addon) { if ($_GET['do'] == $addon['name'] && $_SESSION['adminlevel'] >= $addon['adminlevel']) { require_once "addons/" . $addon['name'] . "/admin.php"; $out .= $addon['aname'](); $found = true; break; } } if (!$found) { $result = dbquery("SELECT * FROM " . $prefix . "paginas WHERE page=\"" . $pagenum . "\""); if ($row = fetch_array($result)) { if ($row['restricted'] != 0 && $row['restricted'] > $_SESSION['adminlevel']) { $out .= restrictedpage($row['restricted']); } else { $contnt = html_entity_decode(stripslashes($row['content'])); showcontent($contnt); } } else { $result = dbquery("SELECT * FROM " . $prefix . "paginas WHERE page=\"index\""); if ($row = fetch_array($result)) { $contnt = html_entity_decode(stripslashes($row['content'])); showcontent($contnt); } else { $out .= "<h2>{$langmessage['116']}</h2>\n"; } } foreach ($addons as $addon) { if (strpos($contnt, "%!\$" . $addon['name']) && $addon['header'] == 1) { require_once "addons/" . $addon['name'] . "/header.php"; } } } } }
<?php include 'admin_logic.php'; if ($_GET['val'] == "add_bed") { add_bed($_POST['p_id'], $_POST['p_name'], $_POST['p_img'], $_POST['p_img2'], $_POST['p_img3'], $_POST['p_img4'], $_POST['p_img5'], $_POST['p_img6'], $_POST['p_price'], $_POST['p_desc'], $_POST['p_stock'], $_POST['p_h'], $_POST['p_w'], $_POST['p_color'], $_POST['p_warranty'], $_POST['p_d'], $_POST['p_assembly'], $_POST['p_material'], $_POST['p_storage'], $_POST['p_type']); } else { if ($_GET['val'] == "disp_bed") { disp_beds(); } else { if ($_GET['val'] == "update") { update($_POST['U_ID'], $_POST['U_NAME'], $_POST['U_CNCT'], $_POST['U_DOB'], $_POST['U_GENDER'], $_POST['U_ADD'], $_POST['U_DATEOC'], $_POST['U_DIS'], $_POST['U_MED'], $_POST['U_CFEES'], $_POST['U_TFEES']); } else { if ($_GET['val'] == "delete") { delete($_GET['id']); } else { if ($_GET['val'] == "menu") { menu(); } else { if ($_GET['val'] == "display") { editmenu(); } else { if ($_GET['val'] == "logout") { logout(); } } } } } } }