/**
* In this function, most actions of the module are carried out and the page generation is started, distibuted and rendered.
* @return void
* @see solidbase/lib/Page#run()
*/
function run()
{
global $Templates, $USER, $CONFIG, $Controller, $DB;
if (!$this->may($USER, READ | EDIT)) {
errorPage('401');
return false;
}
/**
* User input types
*/
$_REQUEST->setType('order', 'numeric', true);
$_REQUEST->setType('expand', 'bool');
$_REQUEST->setType('del', 'numeric');
if ($_REQUEST['del']) {
if ($Controller->{$_REQUEST['del']} && $Controller->{$_REQUEST['del']}->delete()) {
Flash::create(__('Newsitem removed'), 'confirmation');
}
}
/**
* Here, the page request and permissions decide what should be shown to the user
*/
$this->setContent('header', __('News'));
$this->setContent('main', $this->mainView());
$Templates->admin->render();
}
function run()
{
global $Templates, $DB, $Controller;
if (!$this->mayI(READ | EDIT)) {
errorPage('401');
return false;
}
$_REQUEST->setType('add', 'string');
$_REQUEST->setType('edit', 'numeric');
$_REQUEST->setType('del', 'numeric');
$_REQUEST->setType('module', 'string');
$_REQUEST->setType('type', 'string');
$_REQUEST->setType('size', 'string');
$_REQUEST->setType('content', 'string');
$_REQUEST->setType('row', 'numeric');
$_REQUEST->setType('place', 'numeric');
//FIXME: Tillsvidare: Id på sidan som editeras
$pID = 8;
if ($_REQUEST['add']) {
$newModule = $Controller->newObj('PageModule');
$newModule->addData($pID, $_REQUEST['add']);
} elseif ($_REQUEST['edit']) {
$module = $Controller->{$_REQUEST['edit']};
if ($_REQUEST['module']) {
$module->module = $_REQUEST['module'];
} elseif ($_REQUEST['size']) {
$module->size = $_REQUEST['size'];
} elseif ($_REQUEST['type']) {
$module->type = $_REQUEST['type'];
} elseif ($_REQUEST['row'] !== false && $_REQUEST['place'] !== false) {
$module->move($_REQUEST['row'], $_REQUEST['place']);
} elseif ($_REQUEST['content']) {
$module->content = $_REQUEST['content'];
}
} elseif ($_REQUEST['del']) {
$Controller->{$_REQUEST['del']}->delete();
}
/* Get numbers of rows on page*/
$rowNum = $DB->pagelayout->getCell(array('pid' => $pID), "MAX(ROW)");
$pagecontent = false;
/* Get modules from each row */
for ($row = 0; $row <= $rowNum; $row++) {
$moduleIDs = $DB->pagelayout->asList(array('pid' => $pID, 'row' => $row), 'id', false, false, 'place');
$rowContent = array();
foreach ($moduleIDs as $mID) {
$moduleObj = $Controller->{$mID};
$rowContent[] = $moduleObj;
}
$pagecontent[$row] = $rowContent;
}
JS::loadjQuery();
JS::lib('pagelayoutedit');
$this->header = __('Page Layout');
$this->setContent('main', '<h1>Page Layout</h1>' . $this->displayEditor($pagecontent));
$Templates->admin->render();
}
function run()
{
global $Templates;
if (!$this->mayI(READ)) {
errorPage(401);
}
$this->saveChanges();
$this->schematicEditor();
$Templates->admin->render();
}
function start()
{
global $conn;
$servername = "173.194.81.188";
$user = "******";
$pass = "******";
$dbname = "BikeShare";
$conn = new mysqli($servername, $user, $pass, $dbname);
if ($conn->connect_error) {
$usernameErr = "Connection failed: " . $conn->connect_error;
errorPage();
exit;
}
}
protected function mapController()
{
if ($this->match !== false) {
$target = $this->match['target'];
$params = $this->match['params'];
$name = $this->match['name'];
$this->middleware = isset($target['middleware']) ? str_replace('/', '', $target['middleware']) : (isset($params['middleware']) ? str_replace('/', '', ucfirst($params['middleware'] . 'Middleware')) : null);
$this->controller = isset($target['controller']) ? str_replace('/', '', $target['controller']) : (isset($params['controller']) ? str_replace('/', '', ucfirst($params['controller'])) . 'Controller' : null);
$this->action = isset($target['action']) ? str_replace('/', '', $target['action']) : (isset($params['action']) ? str_replace('/', '', $params['action']) : 'index');
} else {
errorPage();
}
return $this;
}
/**
* In this function, most actions of the module are carried out and the page generation is started, distibuted and rendered.
* @return void
* @see solidbase/lib/Page#run()
*/
function run()
{
global $Templates, $USER, $CONFIG, $Controller, $DB;
if (!$this->may($USER, READ | EDIT)) {
errorPage('401');
return false;
}
if ($this->saveChanges()) {
redirect(array('id' => $this->that->ID));
}
global $Templates;
$this->setContent('header', __('Editing') . ': <i>' . $this->that . '</i>');
$this->setContent('main', new Formsection(__('Members'), $this->memberTab()) . new Formsection('Edit', Form::quick(false, null, $this->editTab())));
$Templates->admin->render();
}
/**
* Contains actions and page view handling
* @return void
* @see solidbase/lib/Page#run()
*/
function run()
{
global $Templates, $USER, $DB, $CONFIG;
/**
* User input types
*/
$_REQUEST->setType('conf', 'string', true);
if (!$this->may($USER, ANYTHING)) {
errorPage(401);
}
if ($this->may($USER, EDIT)) {
if ($_REQUEST['conf']) {
$r = $DB->config->get(null, null, null, 'section,property');
while ($c = Database::fetchAssoc($r)) {
$val = @$_REQUEST['conf'][$c['section']][$c['property']];
switch ($c['type']) {
case 'CSV':
$val = @explode(',', $val);
case 'password':
if ($c['type'] == 'password' && $val == '********') {
continue 2;
}
case 'select':
case 'set':
case 'text':
if ($val === false) {
continue;
}
$CONFIG->{$c['section']}->{$c['property']} = $val;
break;
case 'check':
$CONFIG->{$c['section']}->{$c['property']} = (int) isset($val);
break;
}
}
Log::write('Configuration changed', 2);
Flash::create(__('The configuration was updated'), 'confirmation');
}
}
$this->setContent('header', 'Edit configuration');
$this->setContent('main', $this->viewAll());
$Templates->admin->render();
}
function run()
{
global $DB, $Templates;
if (!$this->mayI(READ)) {
errorPage(401);
}
$_REQUEST->setType('delsd', 'string');
$_REQUEST->setType('editsd', 'string');
$_POST->setType('sdname', 'string');
$_POST->setType('sdassoc', 'string');
if ($_POST['sdname']) {
if ($_REQUEST['editsd']) {
if ($DB->subdomains->update(array('subdomain' => $_POST['sdname'], 'assoc' => $_POST['sdassoc']), array('subdomain' => $_REQUEST['editsd']))) {
Flash::create(__('Subdomain updated'), 'confirmation');
} else {
Flash::create(__('Subdomain in use'), 'warning');
}
} else {
if ($DB->subdomains->insert(array('subdomain' => $_POST['sdname'], 'assoc' => $_POST['sdassoc']))) {
Flash::create(__('New subdomain inserted'), 'confirmation');
} else {
Flash::create(__('Subdomain in use'), 'warning');
}
}
} elseif ($_REQUEST['delsd'] && $this->mayI(EDIT)) {
$DB->subdomains->delete(array('subdomain' => $_REQUEST['delsd']));
}
$r = $DB->subdomains->get(false, false, false, 'subdomain');
$tablerows = array();
while (false !== ($subdomain = Database::fetchAssoc($r))) {
$tablerows[] = new Tablerow($subdomain['subdomain'], $subdomain['assoc'], icon('small/delete', __('Delete subdomain'), url(array('delsd' => $subdomain['subdomain']), 'id')) . icon('small/pencil', __('Edit subdomain'), url(array('editsd' => $subdomain['subdomain']), 'id')));
}
if ($_REQUEST['editsd']) {
$sd = $DB->subdomains->getRow(array('subdomain' => $_REQUEST['editsd']));
$form = new Form('editSubdomain');
} else {
$sd = false;
$form = new Form('newSubdomain');
}
$this->setContent('main', (!empty($tablerows) ? new Table(new Tableheader(__('Subdomain'), __('Associated with..'), __('Actions')), $tablerows) : '') . $form->set($_REQUEST['editsd'] ? new Hidden('editsd', $_REQUEST['editsd']) : null, new input(__('Subdomain'), 'sdname', @$sd['subdomain']), new input(__('Associate with'), 'sdassoc', @$sd['assoc'], false, __('ID or alias to associate with the subdomain'))));
$Templates->render();
}
function section_playerinfo()
{
$editAny = isFuncAllowed('edit_any_players');
$se = new FormEdit();
$se->trimAll();
$se->stripAll();
if (!$se->checkRequired(array('id', 'link'))) {
return errorPage('missing argument');
}
echo '<BR>';
$query = "select P.id, P.callsign, P.status, P.comment, \n P.logo, T.name as teamname, T.id teamid, T.leader, r.name as level,\n C.flagname, C.name as countryname, C.numcode as country,\n P.state, S.abbrev as stateabbr, P.logobg,\n P.email, P.emailpub, P.aim, P.altnik1, P.altnik2,\n P.ircnik1, P.emailpub, P.utczone, P.zonename, P.icq, P.city,\n P.yim, P.msm, P.jabber, P.md5password, \n unix_timestamp(P.created) as created, \n unix_timestamp(P.last_login) as last_login,\n r.id as role_id\n from (l_player P, bzl_roles r )\n left join l_team T on P.team = T.id\n left join bzl_countries C on P.country = C.numcode\n left join bzl_states S on P.state = S.id\n where P.id = '{$se->id}'\n and r.id = P.role_id \n ";
$se->setDataRow(mysql_fetch_assoc(sqlQuery($query)));
if ($se->f_cancel_x) {
$se->link = "playerinfo";
}
if ($se->link == 'playeradmin') {
// present edit form
// security check ...
if ($se->id != $_SESSION['playerid'] && !$editAny) {
errorPage('You are not authorized to edit this profile.');
section_playerinfo_displayPlayer($se);
return;
}
if ($se->f_ok_x) {
section_playerinfo_validate($se);
if (!$se->isError()) {
section_playerinfo_doSubmit($se);
$se->setNextState(FESTATE_INITIAL);
$se->setDataRow(mysql_fetch_assoc(sqlQuery($query)));
section_playerinfo_displayPlayer($se);
return;
}
}
$se->setNextState(FESTATE_SUBMIT);
section_playerinfo_presentEditForm($se);
} else {
section_playerinfo_displayPlayer($se);
}
}
function section_register()
{
$se = new FormEdit();
$se->trimAll();
$se->stripAll();
// meno 2007/05/01 ....
if (PRIVATE_LEAGUE != 0) {
return errorPage('Nuh uh, no reg for you');
}
$headers = apache_request_headers();
$fromIP = $_SERVER['REMOTE_ADDR'];
$fd = fopen(PROXY_LOG, 'a');
fwrite($fd, "\n----------------------- " . date('r') . " --------------------\n");
fwrite($fd, "*** FROM IP: {$_SERVER['REMOTE_ADDR']}\n");
foreach ($headers as $n => $v) {
fwrite($fd, "{$n}: {$v}\n");
}
foreach ($headers as $header => $value) {
if (strncmp($fromIP, '172', 3) == 0 || strcasecmp($header, 'X-Forwarded-For') == 0 || strcasecmp($header, 'Via') == 0) {
fwrite($fd, "************************* PROXY DETECT ***********************\n");
fclose($fd);
return errorPage("We're sorry, currently we cannot accept new registrations from AOL users, or users connecting through a proxy.");
}
}
fclose($fd);
if ($_SESSION['callsign']) {
return errorPage('You are already registered with the league system.');
}
if ($se->SUB) {
section_register_validate($se);
if (!$se->isError()) {
section_register_doSubmit($se);
return;
}
}
section_register_presentEditForm($se);
}
}
verbose("convolve = " . print_r($convolve, 1));
$upscale = getDefined(array('no-upscale', 'nu'), false, true);
verbose("upscale = {$upscale}");
$postProcessing = getConfig('postprocessing', array('png_filter' => false, 'png_filter_cmd' => '/usr/local/bin/optipng -q', 'png_deflate' => false, 'png_deflate_cmd' => '/usr/local/bin/pngout -q', 'jpeg_optimize' => false, 'jpeg_optimize_cmd' => '/usr/local/bin/jpegtran -copy none -optimize'));
$alias = get('alias', null);
$aliasPath = getConfig('alias_path', null);
$validAliasname = getConfig('valid_aliasname', '#^[a-z0-9A-Z-_]+$#');
$aliasTarget = null;
if ($alias && $aliasPath && $passwordMatch) {
$aliasTarget = $aliasPath . $alias;
$useCache = false;
is_writable($aliasPath) or errorPage("Directory for alias is not writable.", 403);
preg_match($validAliasname, $alias) or errorPage('Filename for alias contains invalid characters. Do not add extension.', 404);
} elseif ($alias) {
errorPage('Alias is not enabled in the config file or password not matching.', 403);
}
verbose("alias = {$alias}");
$cachePath = getConfig('cache_path', __DIR__ . '/../cache/');
$cacheControl = getConfig('cache_control', null);
if ($cacheControl) {
verbose("cacheControl = {$cacheControl}");
$img->addHTTPHeader("Cache-Control", $cacheControl);
}
$dummyDir = getConfig('dummy_dir', $cachePath . "/" . $dummyFilename);
if ($dummyImage === true) {
is_writable($dummyDir) or verbose("dummy dir not writable = {$dummyDir}");
$img->setSaveFolder($dummyDir)->setSource($dummyFilename, $dummyDir)->setOptions(array('newWidth' => $newWidth, 'newHeight' => $newHeight, 'bgColor' => $bgColor))->setJpegQuality($quality)->setPngCompression($compress)->createDummyImage()->generateFilename(null, false)->save(null, null, false);
$srcImage = $img->getTarget();
$imagePath = null;
verbose("src (updated) = {$srcImage}");
$from = 'threads thr INNER JOIN {pre}_board frm ON thr.board_id = frm.board_id ';
$from .= 'INNER JOIN {pre}_users usr ON thr.users_id = usr.users_id ';
$from .= 'INNER JOIN {pre}_categories cat ON frm.categories_id = cat.categories_id';
$select = 'thr.threads_headline AS threads_headline, frm.board_name AS board_name, cat.categories_name AS categories_name, thr.threads_id AS threads_id, frm.board_id AS board_id, frm.board_threads AS board_threads, cat.categories_id AS categories_id, frm.board_access AS board_access, thr.threads_important AS threads_important, thr.threads_close AS threads_close, thr.threads_time AS threads_time, thr.threads_last_time AS threads_last_time, usr.users_nick AS users_nick, usr.users_id AS users_id';
$where = 'threads_id = ' . (int) $thread_id;
$thread_edit = cs_sql_select(__FILE__, $from, $select, $where);
$thread_mods = cs_sql_select(__FILE__, 'boardmods', 'boardmods_modpanel', "users_id = '" . $account['users_id'] . "'", 0, 0, 1);
$thread_headline = $thread_edit['threads_headline'];
$board_id = $thread_edit['board_id'];
require_once 'mods/board/functions.php';
//Sicherheitsabfrage
if ($account['access_board'] < $thread_edit['board_access']) {
return errorPage('modpanel_q', $cs_lang);
}
if ($account['access_board'] < 5 and empty($thread_mods['boardmods_modpanel'])) {
return errorPage('modpanel_q', $cs_lang);
}
//Sicherheitsabfarge Ende
//Daten Abfragen
if (isset($_POST['close'])) {
$thread_cells = array('threads_close');
$thread_save = array($account['users_id']);
$action_lang = $cs_lang['action_close'];
} elseif (!empty($_POST['open'])) {
$thread_cells = array('threads_close');
$thread_save = array(0);
$action_lang = $cs_lang['action_open'];
} elseif (!empty($_POST['addpin'])) {
$thread_cells = array('threads_important');
$thread_save = array(1);
$action_lang = $cs_lang['action_addpin'];
return errorPage('thread_remove', $cs_lang);
}
if ($account['access_board'] >= $cs_thread['board_access']) {
$where_com = "comments_mod = 'board' AND comments_fid = " . (int) $thread_id;
$sum = cs_sql_count(__FILE__, 'comments', $where_com);
if ($account['access_comments'] >= 5 or !empty($thread_mods['boardmods_del'])) {
$allowed = 1;
} elseif ($cs_thread['users_id'] == $account['users_id'] and empty($sum)) {
$allowed = 1;
} else {
return errorPage('thread_remove', $cs_lang);
}
} elseif (!empty($check_sq)) {
$allowed = 1;
} elseif (empty($allowed) or empty($check_pw)) {
return errorPage('thread_remove', $cs_lang);
}
//Sicherheitsabfrage Ende
if (isset($_POST['agree'])) {
for ($run = 0; $run < $cs_boardfiles_loop; $run++) {
$file = $cs_boardfiles[$run]['boardfiles_name'];
$extension = strlen(strrchr($file, "."));
$name = strlen($file);
$ext = substr($file, $name - $extension + 1, $name);
//$file = cs_secure($cs_boardfiles[$run]['boardfiles_name']);
//echo 'uploads/board/files/' . $cs_boardfiles[$run]['boardfiles_id'] . '.' . $ext . cs_html_br(1);
cs_unlink('board', $cs_boardfiles[$run]['boardfiles_id'] . '.' . $ext, 'files');
}
cs_sql_delete(__FILE__, 'threads', $thread_id);
$query = "DELETE FROM {pre}_comments WHERE comments_mod='board' AND ";
$query .= "comments_fid=" . (int) $thread_id;
$where = "thr.threads_id = '" . $tid . "'";
$cs_thread = cs_sql_select(__FILE__, $from, $select, $where, 0, 0, 1);
//Sicherheitsabfrage Beginn
if (!empty($cs_thread['board_pwd'])) {
$where = 'users_id = ' . (int) $account['users_id'] . ' AND board_id = ' . (int) $cs_thread['board_id'];
$check_pw = cs_sql_count(__FILE__, 'boardpws', $where);
}
if (!empty($cs_thread['squads_id']) and $account['access_board'] < $cs_thread['board_access']) {
$sq_where = "users_id = " . (int) $account['users_id'] . " AND squads_id = " . (int) $cs_thread['squads_id'];
$check_sq = cs_sql_count(__FILE__, 'members', $sq_where);
}
if (empty($tid) || count($cs_thread) == 0) {
return errorPage('report', $cs_lang);
}
if ($account['access_board'] < $cs_thread['board_access'] and empty($check_sq) or empty($check_pw)) {
return errorPage('report', $cs_lang);
}
$report = isset($_POST['report']) ? $_POST['report'] : '';
if (isset($_POST['submit'])) {
$error = 0;
$errormsg = '';
if (empty($report)) {
$error++;
$errormsg .= $cs_lang['no_text'] . cs_html_br(1);
}
$exists = cs_sql_count(__FILE__, 'boardreport', "threads_id = " . (int) $tid . " AND comments_id = " . (int) $cid);
if (!empty($exists)) {
$error++;
$errormsg .= $cs_lang['report_exists'] . cs_html_br(1);
}
}
function clockonandoff() {
include("table_names.inc");
//import global vars
global $contextUser, $year, $month, $day, $task_id, $proj_id, $Location;
global $destination, $clock_on_time_hour, $clock_off_time_hour,
$clock_on_time_min, $clock_off_time_min, $clockonoff;
global $log_message, $log_message_presented;
global $clock_on_radio, $clock_off_radio, $fromPopupWindow;
if ($clock_on_radio == "now" && $clock_off_radio == "now")
errorPage("You cannot clock on and off at with the same clock-on and clock-off time.", $fromPopupWindow);
//get the dates
if ($clock_on_radio == "now") {
$clock_on_time_hour = date("H");
$clock_on_time_min = date("i");
}
if ($clock_off_radio == "now") {
$clock_off_time_hour = date("H");
$clock_off_time_min = date("i");
}
//make sure we're not clocking on after clocking off
if (($clock_on_time_hour == $clock_off_time_hour) && ($clock_on_time_min > $clock_off_time_min))
errorPage("You cannot have your clock on time ($clock_on_time_hour:$clock_on_time_min) ".
"later than your clock off time ($clock_off_time_hour:$clock_off_time_min)", $fromPopupWindow);
else if ($clock_on_time_hour > $clock_off_time_hour)
errorPage("You cannot have your clock on time ($clock_on_time_hour:$clock_on_time_min) ".
"later than your clock off time ($clock_off_time_hour:$clock_off_time_min)", $fromPopupWindow);
else if (($clock_on_time_hour == $clock_off_time_hour) && ($clock_on_time_min == $clock_off_time_min))
errorPage("You cannot clock on and off with the same clock on and clock off time. on_hour=$clock_on_time_hour on_min=$clock_on_time_min off_hour=$clock_off_time_hour off_min=$clock_off_time_min", $fromPopupWindow);
if ($log_message_presented == false)
getLogMessage();
$log_message = addslashes($log_message);
$queryString = "INSERT INTO $TIMES_TABLE (uid, start_time, end_time, proj_id, task_id, log_message) ".
"VALUES ('$contextUser','$year-$month-$day $clock_on_time_hour:$clock_on_time_min:00', ".
"'$year-$month-$day $clock_off_time_hour:$clock_off_time_min:00', ".
"$proj_id, $task_id, '$log_message')";
list($qh,$num) = dbQuery($queryString);
Header("Location: $Location");
exit;
}
//Sicherheitsabfrage Beginn
$thread_mods = cs_sql_select(__FILE__, 'boardmods', 'boardmods_del', "users_id = '" . $account['users_id'] . "'", 0, 0, 1);
$allowed = 0;
if (empty($comments_id) || count($cs_comments) == 0) {
return errorPage('com_remove', $cs_lang);
}
if ($account['access_board'] >= $cs_thread['board_access']) {
$allowed = 0;
if ($account['access_comments'] >= 5 or !empty($thread_mods['boardmods_del'])) {
$allowed = 1;
} else {
return errorPage('com_remove', $cs_lang);
}
} else {
if (empty($allowed)) {
return errorPage('com_remove', $cs_lang);
}
}
//Sicherheitsabfrage Ende
if (isset($_POST['agree'])) {
for ($run = 0; $run < $cs_com_files_loop; $run++) {
$file = $cs_com_files[$run]['boardfiles_name'];
$extension = strlen(strrchr($file, "."));
$name = strlen($file);
$ext = substr($file, $name - $extension + 1, $name);
//$file = cs_secure($cs_boardfiles[$run]['boardfiles_name']);
//echo 'uploads/board/files/' . $cs_com_files[$run]['boardfiles_id'] . '.' . $ext . cs_html_br(1);
cs_unlink('board', $cs_com_files[$run]['boardfiles_id'] . '.' . $ext, 'files');
$query = "DELETE FROM {pre}_boardfiles WHERE boardfiles_id = '" . $cs_com_files[$run]['boardfiles_id'] . "'";
cs_sql_query(__FILE__, $query);
}
require "class.CommandMenu.php";
if (!$authenticationManager->isLoggedIn()) {
Header("Location: login.php?redirect={$_SERVER['PHP_SELF']}");
exit;
}
// Connect to database.
$dbh = dbConnect();
$contextUser = strtolower($_SESSION['contextUser']);
$loggedInUser = strtolower($_SESSION['loggedInUser']);
$passwd1 = "";
$passwd2 = "";
$old_pass = "";
//load local vars from superglobals
if (isset($_POST["action"])) {
if (!isset($_POST["passwd1"]) || !isset($_POST["passwd2"]) || !isset($_POST["old_pass"])) {
errorPage("Please fill out all fields.");
}
$passwd1 = $_POST['passwd1'];
$passwd2 = $_POST['passwd2'];
$old_pass = $_POST['old_pass'];
}
//get todays values
$today = time();
$today_year = date("Y", $today);
$today_month = date("n", $today);
$today_day = date("j", $today);
//define the command menu
include "timesheet_menu.inc";
//check for guest user
if ($loggedInUser == 'guest') {
$errormsg = "Guest may not change password.";
/**
* Execute action when called for explicitly by the user
*
* This function also contains the actions available in the interface provided, including file
* uploading, compressed file extraction and the creation of folders.
* @return void
*/
function run()
{
global $Templates, $USER, $Controller, $ID, $CONFIG;
/**
* User input types
*/
$_REQUEST->setType('action', 'string');
$_REQUEST->setType('popup', 'string');
$_REQUEST->setType('filter', 'string');
if (!$this->may($USER, READ)) {
errorPage(401);
} else {
if (!in_array($CMPRExtension = $CONFIG->files->compression_format, array('tar', 'gz', 'tgz', 'tbz', 'zip', 'ar', 'deb'))) {
$CONFIG->files->compression_format = $CMPRExtension = 'zip';
}
$render = true;
switch ($_REQUEST['action']) {
// All users
case 'download':
global $PREVENT_CSIZE_HEADER;
$PREVENT_CSIZE_HEADER = true;
while (ob_get_level()) {
echo ob_get_clean();
}
require_once "File/Archive.php";
File_Archive::extract($this->path, File_Archive::toArchive($this->filename . '.' . $CMPRExtension, File_Archive::toOutput()));
die;
default:
$this->setContent("main", $this->genHTML());
break;
}
if ($render) {
$t = 'admin';
if ($_REQUEST['popup']) {
$t = 'popup';
}
$Templates->{$t}->render();
}
}
}
function signin()
{
// user already logged in
if (isLogged()) {
header('Location: ' . Path::admin());
exit;
}
global $tpl;
global $_CONFIG;
if (!canLogin()) {
global $tpl;
$tpl->assign('page_title', 'Error');
$tpl->assign('menu_links', Path::menu('error'));
$tpl->assign('error_title', 'You’re in jail');
$tpl->assign('error_content', 'You have been banned after too many bad attemps. <div class="espace-top">Please try later.</div>');
$tpl->draw('error');
exit;
}
if (!empty($_POST['login']) && !empty($_POST['password'])) {
if (!empty($_POST['token']) && acceptToken($_POST['token'])) {
if (check_auth(htmlspecialchars($_POST['login']), $_POST['password'])) {
loginSucceeded();
$cookiedir = '';
if (dirname($_SERVER['SCRIPT_NAME']) != '/') {
$cookiedir = dirname($_SERVER["SCRIPT_NAME"]) . '/';
}
session_set_cookie_params(0, $cookiedir, $_SERVER['HTTP_HOST']);
session_regenerate_id(TRUE);
// check if we need to redirect the user
$target = isset($_GET['target']) && targetIsAllowed($_GET['target']) ? Path::$_GET['target']() : './';
header('Location: ' . $target);
exit;
}
loginFailed();
errorPage('The given username or password was wrong. <br />If you do not remberer your login informations, just delete the file <code>' . basename($_CONFIG['settings']) . '</code>.', 'Invalid username or password');
}
loginFailed();
errorPage('The received token was empty or invalid.', 'Invalid security token');
}
$tpl->assign('page_title', 'Sign in');
$tpl->assign('menu_links', Path::menu('signin'));
$tpl->assign('target', isset($_GET['target']) && targetIsAllowed($_GET['target']) ? htmlspecialchars($_GET['target']) : NULL);
$tpl->assign('token', getToken());
$tpl->draw('form.signin');
exit;
}
$sq_where = "users_id = " . (int) $account['users_id'] . " AND squads_id = " . (int) $cs_thread['squads_id'];
$check_sq = cs_sql_count(__FILE__, 'members', $sq_where);
}
if (empty($fid) || count($cs_thread) == 0) {
return errorPage('com_edit', $cs_lang);
}
if ($account['access_board'] >= $cs_thread['board_access'] or !empty($check_sq)) {
$allowed = 0;
if (($cs_thread['users_id'] == $account['users_id'] or $account['access_comments'] >= 4 or !empty($thread_mods['boardmods_edit'])) and !empty($check_pw)) {
$allowed = 1;
} else {
return errorPage('com_edit', $cs_lang);
}
} else {
if (empty($allowed)) {
return errorPage('com_edit', $cs_lang);
}
}
//Sicherheitsabfrage Ende
// Boardfiles Berechnung Start
$run_loop_files = '0';
$check = cs_sql_count(__FILE__, 'boardfiles', 'threads_id =' . $cs_thread['threads_id'] . ' AND comments_id=' . $comments_id);
if (!empty($check) and empty($_POST)) {
$from = 'boardfiles';
$select = 'boardfiles_id, threads_id, users_id, boardfiles_name';
$where = 'threads_id=' . $cs_thread['threads_id'] . ' AND comments_id=' . $comments_id;
$cs_boardfiles = cs_sql_select(__FILE__, $from, $select, $where, '', '', '');
$run_loop_files = count($cs_boardfiles);
$files = '1';
} else {
$files = isset($_POST['files']) ? $_POST['files'] : 0;
<?php
// ============================================================================
// PREPRINTS/DELETE_PREPRINT.PHP
// ============================================================================
require_once "config.manage.php";
core_declare_input("rowId");
if (!$authClass->isAdmin()) {
errorPage("Preprints may only be deleted by administrative staff");
}
$deleteRes = $dbClass->query("SELECT * FROM publications WHERE RowId='" . $rowId . "'");
$row = $dbClass->next_record($deleteRes);
$q = $dbClass->query("UPDATE publications SET " . "Status='free', Field='', Location='', Authors='', " . "Title='', PublIn='' WHERE RowId='" . $rowId . "'");
mail2secretary("Deleted");
logIt("delete", pp_preprintID($row["Year"], $row["Report"]), uid2gecos($row["Id"]));
if (file_exists($row["Location"])) {
unlink($row["Location"]);
}
require "show_preprints.php";
$description = isset($_POST['description']) ? $_POST['description'] : "";
$address1 = isset($_POST['address1']) ? $_POST['address1'] : "";
$address2 = isset($_POST['address2']) ? $_POST['address2'] : "";
$city = isset($_POST['city']) ? $_POST['city'] : "";
$country = isset($_POST['country']) ? $_POST['country'] : "";
$postal_code = isset($_POST['postal_code']) ? $_POST['postal_code'] : "";
$contact_first_name = isset($_POST['contact_first_name']) ? $_POST['contact_first_name'] : "";
$contact_last_name = isset($_POST['contact_last_name']) ? $_POST['contact_last_name'] : "";
$client_username = isset($_POST['client_username']) ? $_POST['client_username'] : "";
$contact_email = isset($_POST['contact_email']) ? $_POST['contact_email'] : "";
$phone_number = isset($_POST['phone_number']) ? $_POST['phone_number'] : "";
$fax_number = isset($_POST['fax_number']) ? $_POST['fax_number'] : "";
$gsm_number = isset($_POST['gsm_number']) ? $_POST['gsm_number'] : "";
$http_url = isset($_POST['http_url']) ? $_POST['http_url'] : "";
if ($_REQUEST['action'] == "add") {
dbquery("INSERT INTO {$CLIENT_TABLE} VALUES ('{$client_id}','{$organisation}','{$description}','{$address1}','{$city}'," . "'L','{$country}','{$postal_code}','{$contact_first_name}','{$contact_last_name}','{$client_username}'," . "'{$contact_email}','{$phone_number}','{$fax_number}','{$gsm_number}','{$http_url}','{$address2}')");
} elseif ($action == "edit") {
//create the query
$query = "UPDATE {$CLIENT_TABLE} SET organisation='{$organisation}'," . "description='{$description}',address1='{$address1}',city='{$city}'," . "country='{$country}',postal_code='{$postal_code}'," . "contact_first_name='{$contact_first_name}'," . "contact_last_name='{$contact_last_name}',username='******'," . "contact_email='{$contact_email}',phone_number='{$phone_number}'," . "fax_number='{$fax_number}',gsm_number='{$gsm_number}'," . "http_url='{$http_url}',address2='{$address2}' " . "WHERE client_id={$client_id} ";
//run the query
list($qh, $num) = dbquery($query);
} elseif ($action == "delete") {
//find out if this client is in use
list($qh, $num) = dbQuery("select * from {$PROJECT_TABLE} where client_id='{$client_id}'");
if ($num > 0) {
errorPage("You cannot delete a client for which there are projects. Please delete the projects first.");
} else {
dbquery("DELETE from {$CLIENT_TABLE} WHERE client_id='{$client_id}'");
}
}
Header("Location: client_maint.php");
$check_pw = cs_sql_count(__FILE__, 'boardpws', $where);
}
if (!empty($cs_thread['squads_id'])) {
$where = "squads_id = " . (int) $cs_thread['squads_id'] . " AND users_id = " . (int) $account['users_id'];
$check_sq = cs_sql_count(__FILE__, 'members', $where);
}
//Sicherheitsabfrage Beginn
$errorpage = 0;
if (empty($board_id) || count($cs_thread) == 0) {
$errorpage++;
}
if ($account['access_board'] < $cs_thread['board_access'] or empty($check_pw)) {
$errorpage = empty($check_sq) ? 1 : 0;
}
if (!empty($errorpage)) {
return errorPage('thread_add', $cs_lang);
}
//Sicherheitsabfrage Ende
#check mod
$acc_mod = 0;
$check_mod = cs_sql_select(__FILE__, 'boardmods', 'boardmods_modpanel', 'users_id = ' . (int) $account['users_id'], 0, 0, 1);
if (!empty($check['boardmods_modpanel']) or $account['access_board'] == 5) {
$acc_mod = 1;
}
$head = cs_link($cs_lang['board'], 'board', 'list', 'normalb') . ' -> ';
$head .= cs_link($cs_thread['categories_name'], 'board', 'list', 'where=' . $cs_thread['categories_id'], 'normalb') . ' -> ';
$head .= cs_link($cs_thread['board_name'], 'board', 'listcat', 'where=' . $cs_thread['board_id'], 'normalb');
$data['head']['boardlinks'] = $head;
$bv['boardvotes_question'] = '';
$cs_board_opt = cs_sql_option(__FILE__, 'board');
$max_size = $cs_board_opt['file_size'];
core_declare_input("field");
core_declare_input("authors", "");
core_declare_input("title", "");
startPage("Reserve Preprint Number");
if (!$title) {
errorPage("Preprint title is missing", "Submit Preprint", "Error");
}
if (!$authors) {
errorPage("Authors list is missing", "Submit Preprint", "Error");
}
if (!($account = core_getpwuid($res_UID, $dbClass))) {
bugPage("no account found for UID='{$res_UID}'");
}
$res_login = $account["name"];
if (!$authClass->isAdmin() && $res_login != $AUTH_login) {
errorPage("Reserving of preprint nbrs for others is only " . "permitted for administrative staff.");
}
$res_gecos = $account["gecos"];
$res_ppn = pp_reserveNumber($nor_pp_year, $res_UID, $field, $authors, $title);
// reread back the record
$q = $dbClass->query("SELECT * FROM publications WHERE Year={$nor_pp_year} AND Report={$res_ppn} AND Field='{$field}'");
$row = $dbClass->next_record($q);
$_POST["rowId"] = $row["RowId"];
require "update_preprint.inc.php";
mail2secretary("Reserved");
mail_PPsubmitter("Reserved");
logIt("submit", pp_preprintID($nor_pp_year, $res_ppn), $res_gecos);
echo x("p", x("i", "Preprint number <b>{$res_ppn}</b> has been reserved for {$res_gecos}<br>Please quote:"));
show_preprint($_POST["rowId"], "index.php", $showcancelButton = False);
endPage();
// ==========================================================================
$conn->close();
$error = "Username not found";
errorPage();
exit;
}
if ($result->num_rows != 1) {
$conn->close();
$error = "Could not sign in";
errorPage();
exit;
}
$row = $result->fetch_assoc();
if ($row["password"] != $password) {
$conn->close();
$error = "Incorrect Password";
errorPage();
exit;
}
session_start();
$_SESSION["username"] = $username;
$_SESSION["id"] = $row["id"];
$conn->close();
/* Redirect to a different page in the current directory that was requested */
$host = $_SERVER['HTTP_HOST'];
$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
$extra = 'deals.php';
header("Location: http://{$host}{$uri}/{$extra}");
exit;
}
}
function test_input($data)
function nor_pp_require_row_owner($rowId, $user)
{
global $authClass, $dbClass;
if ($authClass->isAdmin()) {
return;
}
$res = $dbClass->query("SELECT Id FROM publications WHERE RowId='" . $rowId . "'");
$row = $dbClass->next_record($res);
$account = core_getpw($row["Id"], $dbClass);
if (!$account or $user != $account["name"]) {
errorPage("Only the submitting author may edit a preprint", "Access Denied", "Unauthorized access", ".");
}
}
function run()
{
global $Templates, $USER, $Controller, $DB, $CONFIG;
if (!$this->may($USER, ANYTHING)) {
errorPage('401');
}
/**
* Company input types
*/
$_REQUEST->setType('edit', array('numeric', '#^new$#'));
$_REQUEST->setType('newCompanySubm', 'any');
$_REQUEST->setType('updCompanySubm', 'any');
$_REQUEST->setType('delCompany', 'numeric');
$_REQUEST->setType('compid', 'numeric');
$_REQUEST->setType('name', 'string');
$_REQUEST->setType('logo', 'string');
$_REQUEST->setType('url', 'string');
$_REQUEST->setType('redirect', 'any');
$_REQUEST->setType('weight', 'numeric');
$_REQUEST->setType('type', '#^(main|sub)$#');
$_REQUEST->setType('madd', 'numeric');
/**
* Add a new company
*/
if ($this->may($USER, EDIT) && $_REQUEST['newCompanySubm']) {
if (!$DB->companies->exists(array('name' => $_REQUEST['name'])) && $_REQUEST->nonempty('name')) {
$comp = $Controller->newObj('Company');
$DB->companies->insert(array('id' => $comp->ID));
$comp->Name = $_REQUEST['name'];
$comp->logo = $_REQUEST['logo'];
$comp->URL = $_REQUEST['url'];
if (isset($_REQUEST['redirect'])) {
$comp->redirect = 1;
} else {
$comp->redirect = 0;
}
$comp->weight = $_REQUEST['weight'];
$comp->type = $_REQUEST['type'];
Flash::create(__('New company was registered'), 'confirmation');
/* Log::write('New company created'); */
} else {
Flash::create(__('A Company with that name already exists'), 'warning');
}
} elseif ($this->may($USER, EDIT) && $_REQUEST['updCompanySubm'] && $Controller->{$_REQUEST['compid']}('Company') !== false) {
$comp = $Controller->{$_REQUEST['compid']}(OVERRIDE);
if ($_REQUEST->valid('name')) {
$comp->Name = $_REQUEST['name'];
if ($_REQUEST->valid('logo')) {
$comp->logo = $_REQUEST['logo'];
if ($_REQUEST->valid('url')) {
$comp->URL = $_REQUEST['url'];
if ($_REQUEST->valid('weight')) {
$comp->weight = $_REQUEST['weight'];
if ($_REQUEST->valid('type')) {
$comp->type = $_REQUEST['type'];
if (isset($_REQUEST['redirect'])) {
$comp->redirect = 1;
} else {
$comp->redirect = 0;
}
/* Log::write('Company('.$comp->name.') was updated'); */
Flash::create(__('Company was updated'), 'confirmation');
} else {
Flash::create(__('Company type invalid'), 'warning');
}
} else {
Flash::create(__('Company weight must not be empty'), 'warning');
}
} else {
Flash::create(__('Company URL must not be empty'), 'warning');
}
} else {
Flash::create(__('Company logo must not be empty'), 'warning');
}
} else {
Flash::create(__('Company name must not be empty'), 'warning');
}
} elseif ($_REQUEST['madd']) {
if ($Controller->menuEditor->mayI(EDIT) && ($obj = $Controller->{$_REQUEST['madd']}('Company'))) {
$obj->move('last');
redirect(url(array('id' => 'menuEditor', 'status' => 'ok'), false, false));
}
} elseif ($_REQUEST->numeric('delCompany')) {
if ($Controller->{$_REQUEST['delCompany']}(DELETE) && $Controller->{$_REQUEST['delCompany']}->delete()) {
/* Log::write('Company was deleted'); */
Flash::create(__('Company was deleted'));
}
}
/**
* Display page
*/
if ($_REQUEST->valid('edit')) {
$this->content = array('header' => $_REQUEST['edit'] == 'new' ? __('New company') : __('Edit company'), 'main' => $this->companyForm($_REQUEST['edit']));
} else {
$this->content = array('header' => $this->Name, 'main' => $this->displayCompanies());
}
$Templates->admin->render();
}
function section_banplayer()
{
require_once 'lib/common.php';
$playerid = $_GET['playerid'];
$teamid = $_GET['teamid'];
$f_okban_x = $_GET['f_okban_x'];
$f_ok_x = $_GET['f_ok_x'];
$callsign = $_GET['callsign'];
$name = $_GET['name'];
$link = $_GET['link'];
$player = mysql_fetch_object(mysql_query("select callsign from l_player where id=" . $playerid));
$team = mysql_fetch_object(mysql_query("select name from l_team where id=" . $teamid));
// FIXME: Ok, for now I ignore that players with teampassword can ban other
// players. This is just a quick fix, before there was NO checks WHATSOEVER
// if the operation was allowed
// Check permission
$allowed = 0;
$obj = mysql_fetch_object(mysql_query("select name, comment, leader, logo, password, status, adminclosed from l_team where id=" . $teamid));
$res = mysql_fetch_object(mysql_query("select count(*) num from l_player where team=" . $teamid));
$numplayer = $res->num;
if (isFuncAllowed('teamadmin::edit_any_team') || $_SESSION['playerid'] == $obj->leader) {
// Admin or team leader, allowed
$allowed = 1;
} else {
// FIXME: This wont work, as the link does not contain the teampassword.
/*
// Check password
$cypher = substr (crypt($f_password, substr($obj->password, 0, 2)), 0, 13);
if($cypher == $obj->password) {
// Good password, allowed
$allowed = 1;
}
*/
errorPage("Permission denied.");
return;
}
if ($f_okban_x) {
// Ban confirmed
// Open team is not administratively closed, or if num players<3
$pl = mysql_fetch_object(mysql_query("select count(*) num from l_player where team=" . $teamid));
if ($pl->num == 3) {
mysql_query("update l_team set status='opened' where id=" . $teamid);
} else {
mysql_query("update l_team set status='opened' where adminclosed='no' and id=" . $teamid);
}
mysql_query("update l_player set team=0 where id=" . $playerid);
echo '<center>Well <a href="index.php?link=playerinfo&id=' . $_SESSION['playerid'] . '">' . $_SESSION['callsign'] . '</a>,
<a href="index.php?link=playerinfo&id=' . $playerid . '">' . $callsign . '</a>
is no longer a member of the team
<a href="index.php?link=teaminfo&id=' . $teamid . '">' . $name . '</a>';
//TODO: reload of page sends multiple messages ... ?
echo '<br>A message has just been sent to the user.</center>';
sendBzMail(0, $playerid, 'You have been released!', 'Sorry, but ' . $_SESSION['callsign'] . ' released you from the ' . $team->name . ' team<br>');
} else {
if (!$f_ok_x) {
// Someone is playing with the headers
echo "<center>Hey! Please stop playing with your browser!</center>";
} else {
echo '<center>Please confirm that you want to ban <a href="index.php?link=playerinfo&id=' . $playerid . '&' . SID . '">' . $player->callsign . '</a>
from the team <a href="index.php?link=teaminfo&id=' . $teamid . '&' . SID . '">' . $team->name . '</a>.</center>';
echo '<center><BR><form method=GET>' . SID_FORM . '
<input type=hidden name=link value=' . $link . '>
<input type=hidden name=playerid value=' . $playerid . '>
<input type=hidden name=teamid value=' . $teamid . '>
<input type=hidden name=callsign value="' . $player->callsign . '">
<input type=hidden name=name value="' . $team->name . '">' . '<table border=0><TR><TD>' . htmlFormButton(' BAN ', 'f_okban_x') . ' </td><TD> ' . htmlURLbutton('Cancel', 'teaminfo', "id={$teamid}", CLRBUT) . '
</td></tr></table>
</form></center>';
}
}
}
/**
* Most actions of the module are here, along with the pageview logic
* and template rendering
*/
function run()
{
global $Controller, $USER, $DB;
/**
* User input types
*/
$_REQUEST->setType('LinkEditorForm', 'any');
$_REQUEST->setType('save', 'any');
$_REQUEST->setType('status', 'string');
$_REQUEST->setType('target', 'string');
$_REQUEST->setType('title', 'string');
$_REQUEST->setType('desc', 'string');
$_REQUEST->setType('alias', 'string');
$_REQUEST->addType('lnedit', array('numeric', '#^new$#'));
$_REQUEST->setType('parent', 'numeric');
if ($this->may($USER, READ)) {
if (!$_REQUEST->valid('lnedit')) {
$this->content = array('header' => __('An error has occurred'), 'main' => __('An error has occurred'));
} else {
if ($_REQUEST['lnedit'] !== 'new') {
$link = $Controller->{$_REQUEST['lnedit']}(EDIT);
if (get_class($link) !== 'Link') {
return false;
}
}
if ($_REQUEST['lnedit'] == 'new' && $Controller->menuEditor->mayI(EDIT) || $link->may($USER, EDIT)) {
/**
* Save changes
*/
if ($_REQUEST['save'] && $_REQUEST['LinkEditorForm']) {
if ($_REQUEST->nonempty('title')) {
if ($_REQUEST['lnedit'] === 'new') {
$link = $Controller->newObj('Link');
}
$link->Name = $_REQUEST['title'];
$link->link = $_REQUEST['target'];
$link->description = $_REQUEST['desc'];
$link->resetAlias(array_map('trim', explode(',', $_REQUEST['alias'])));
if ($_REQUEST['lnedit'] == 'new' || $_REQUEST['parent'] && $_REQUEST['place']) {
$link->move($_REQUEST['place'] ? $_REQUEST['place'] : 'last', $_REQUEST['parent']);
}
Flash::create(__('Your changes have been saved'), 'confirmation');
if ($_REQUEST['lnedit'] == 'new') {
redirect(url(array('id' => 'menuEditor', 'status' => 'ok', 'section' => $_REQUEST['parent'])));
}
} else {
Flash::create(__('Title must not be empty'), 'warning');
}
}
/**
* Pageview logic
*/
if ($_REQUEST['lnedit'] == 'new') {
$this->content = array('header' => __('New link'), 'main' => $this->editor('new'));
} else {
$this->content = array('header' => __('Editing link') . ": " . $link, 'main' => $this->editor($link));
}
} else {
errorPage('401');
}
}
global $Templates;
$Templates->admin->render();
}
}
function editView($id, $language)
{
global $Controller, $DB;
$obj = new FlowItem($id, $language);
if (!$obj) {
return false;
}
if (!$obj->mayI(EDIT)) {
errorPage(401);
}
$this->setContent('header', __('Editing') . ' <i>"' . $obj . '"</i>');
if ($_REQUEST['view'] == 'content') {
$form = new Form('editN');
$translate = array();
if (!@$obj->content['Text'] && !$_POST['etxt']) {
$translate[] = 'Text';
}
$trFrom = $trSect = $trText = array();
if (!empty($translate)) {
$newest = $DB->asArray("SELECT t1.section, t1.* FROM content AS t1\n LEFT JOIN content t2 ON t1.section = t2.section\n AND t1.language = t2.language\n AND t1.revision < t2.revision\n WHERE t2.section IS NULL\n AND t1.id='" . Database::escape($id) . "'\n AND (t1.section='" . implode("' OR t1.section='", Database::escape($translate, true)) . "')\n ORDER BY t1.revision DESC", true);
foreach ($newest as $s => $translation) {
$trFrom[] = $translation['language'];
$trText[] = $translation['content'];
$trSect[] = $s;
}
}
if (!$obj->Name && !$_POST['etitle']) {
if ($info = $DB->metadata->getRow(array('id' => $obj->ID, 'field' => 'Name'), 'value, metameta')) {
$trFrom[] = $info['metameta'];
$trText[] = $info['value'];
$trSect[] = 'Name';
}
}
$translation = array();
if (!empty($trText)) {
$translation = @array_combine($trSect, google::translate($trText, $trFrom, $language));
}
$cal = false;
if ($obj->Cal) {
$cal = Calendar::getEvent($obj->Cal);
}
$calendarSettings = new Accordion(__('Calendar settings'), new Set(new Checkbox(__('Insert into calendar'), 'einscal', $_POST['einscal'] ? true : $cal), Short::datetime(__('Starts'), 'cstart', @$cal->start), Short::datetime(__('Ends'), 'cend', @$cal->end)));
$calendarSettings->params = 'collapsible:true' . ($cal || $_POST['einscal'] ? '' : ',active:false');
$active = $obj->getActive();
$this->setContent('main', '<div class="nav"><a href="' . url(null, array('id', 'edit')) . '">' . icon('small/arrow_left') . __('Back') . '</a></div>' . $form->collection($calendarSettings, new Hidden('esave', 1), new Hidden('edit', $id), new Set(new Hidden('lang', $language), new FormText(__('Language'), google::languages($language)), empty($translation) ? null : '<span class="warning">' . __('Warning - Some of the text has been automatically translated') . '</span>', new Input(__('Title'), 'etitle', $_POST['etitle'] ? $_POST['etitle'] : ($obj->Name ? $obj->Name : @$translation['Name'])), new Li(Short::datetime(__('Publish'), 'estart', $active['start']), $obj->mayI(PUBLISH) ? new Minicheck(__('Activate post'), 'activated', $obj->Activated || $obj->Activated === '' || isset($_POST['activated'])) : null), Short::datetime(__('Hide'), 'eend', $active['stop']), new TagInput(__('Flow'), 'flows', Flow::flows(), $_POST['flows'] ? $_POST['flows'] : $obj->Flows, true, false, 'required'), new ImagePicker(__('Image'), 'eimg', $_POST['eimg'] ? $_POST['eimg'] : $obj->Image), new htmlfield(_('Text'), 'etxt', $_POST['etxt'] ? $_POST['etxt'] : (@$obj->content['Text'] ? @$obj->content['Text'] : @$translation['Text'])), new Checkbox(__('Avoid updating time'), 'eupdate'))));
} else {
PageEditor::saveChanges($obj);
$this->setContent('main', PageEditor::editor($id, null, $this->ID));
}
}
