public function setting()
{
global $CONFIG, $basedomain;
$id = $this->admin['admin']['id'];
$x = form_validation($_POST);
unset($x['token']);
if (isset($_POST['old_password'])) {
$old_password = sha1($x['old_password'] . $this->admin['admin']['salt']);
if ($old_password == $this->admin['admin']['password']) {
unset($x['old_password']);
unset($x['repassword']);
$x['password'] = sha1($x['password'] . $this->admin['admin']['salt']);
} else {
echo "<script>alert('Denied. Wrong password');window.location.href='" . $CONFIG['admin']['base_url'] . "profile'</script>";
}
} else {
$x['password'] = $this->admin['admin']['password'];
}
$data = $this->models->updSettings($x, $id);
if (_p('token')) {
$getUser = $this->models->updSess($x);
if ($getUser) {
echo "<script>alert('Settings has been saved.');window.location.href='" . $CONFIG['admin']['base_url'] . "profile'</script>";
} else {
redirect($basedomain . $CONFIG['admin']['login']);
}
exit;
}
}
public function videoinp()
{
global $CONFIG;
$redirect = $CONFIG['admin']['base_url'] . 'video';
if (intval($_SERVER['CONTENT_LENGTH']) > 0 && count($_POST) === 0) {
$message = 'Upload file failed. Max size is ' . ini_get('post_max_size');
echo "<script>alert('" . $message . "');window.location.href='" . $redirect . "'</script>";
} else {
if (isset($_POST['n_stats'])) {
if ($_POST['n_stats'] == 'on') {
$_POST['n_stats'] = 1;
}
} else {
$_POST['n_stats'] = 0;
}
if (isset($_POST)) {
// validasi value yang masuk
$x = form_validation($_POST);
try {
if (isset($x) && count($x) != 0) {
//update or insert
$x['action'] = 'insert';
if ($x['id'] != '') {
$x['action'] = 'update';
}
//upload file
if (!empty($_FILES)) {
if ($_FILES['file_video']['name'] != '') {
$path = 'video';
if ($x['action'] == 'update') {
deleteFile($x['video_name'], $path);
}
$image = uploadFile('file_video', $path, 'video_ext');
$x['video_url'] = $CONFIG['admin']['app_url'] . $image['folder_name'] . $image['full_name'];
$x['video_name'] = $image['full_name'];
}
}
$data = $this->models->video_inp($x);
}
} catch (Exception $e) {
}
$message = 'Save video succeed';
echo "<script>alert('" . $message . "');window.location.href='" . $redirect . "'</script>";
}
}
}
public function bannerinp()
{
global $CONFIG;
if (isset($_POST['n_status'])) {
if ($_POST['n_status'] == 'on') {
$_POST['n_status'] = 1;
}
} else {
$_POST['n_status'] = 0;
}
if (isset($_POST)) {
// validasi value yang masuk
$x = form_validation($_POST);
try {
if (isset($x) && count($x) != 0) {
//update or insert
$x['action'] = 'insert';
if ($x['id'] != '') {
$x['action'] = 'update';
}
//upload file
if (!empty($_FILES)) {
if ($_FILES['file_image']['name'] != '') {
$path = 'banner';
if ($x['action'] == 'update') {
deleteFile($x['image'], $path . '/image');
}
if ($x['action'] == 'update') {
deleteFile($x['icon'], $path . '/icon');
}
$image = uploadFile('file_image', $path, 'image');
$x['image_url'] = $CONFIG['admin']['app_url'] . $image['folder_name'] . $image['full_name'];
$x['image'] = $image['full_name'];
}
}
$data = $this->models->banner_inp($x);
}
} catch (Exception $e) {
}
$redirect = $CONFIG['admin']['base_url'] . 'banner';
$message = 'Save data succeed';
echo "<script>alert('" . $message . "');window.location.href='" . $redirect . "'</script>";
}
}
public function inputPage()
{
global $CONFIG;
pr($_FILES);
// pr($_POST);
if (isset($_POST)) {
// validasi value yang masuk
$x = form_validation($_POST);
// pr($x);
try {
if (isset($x) && count($x) != 0) {
//update or insert
//upload file
if (!empty($_FILES)) {
// if($x['gallerytype'] == '9'){
// $path_upload = 'gallery/images';
// }else{
// $path_upload = 'uploadBlog';
// }
// pr($_FILES);
// pr($_FILES);
$image = uploadFile('userfile', $path_upload, 'image');
// pr($image);
// foreach ($_FILES['userfile'] as $filekey => $file){
// pr($image);
// pr($file);
$x['image_url'] = $CONFIG['admin']['app_url'] . $image[0]['folder_name'] . $image[0]['full_name'];
$x['image'] = $image['full_name'];
$data = $this->pageModel->InpPage($x);
// }
}
}
} catch (Exception $e) {
}
// exit;
$redirect = $CONFIG['admin']['base_url'] . 'page';
echo "<script>alert('Data berhasil di simpan');window.location.href='" . $redirect . "'</script>";
}
}
public function inputBlog()
{
global $CONFIG;
if (isset($_POST)) {
$x = form_validation($_POST);
try {
if (isset($x) && count($x) != 0) {
if (!empty($_FILES)) {
$image = uploadFile('userfile', $path_upload, 'image');
foreach ($_FILES['userfile'] as $filekey => $file) {
$x['image_url'] = $CONFIG['admin']['app_url'] . $image[$filekey]['folder_name'] . $image[$filekey]['full_name'];
$x['image'] = $image['full_name'];
$data = $this->blogModel->InpBlog($x);
}
}
}
} catch (Exception $e) {
}
$redirect = $CONFIG['admin']['base_url'] . 'blog/addBlog';
echo "<script>alert('Data berhasil di simpan');window.location.href='" . $redirect . "'</script>";
}
}
public function profileinp()
{
global $CONFIG;
if (isset($_POST)) {
// validasi value yang masuk
$x = form_validation($_POST);
$action_tentang = 'insert';
$action_sejarah = 'insert';
$action_visi = 'insert';
$action_misi = 'insert';
try {
if (isset($x) && count($x) != 0) {
//update or insert tentang
if ($x['id_tentang'] != '') {
$action_tentang = 'update';
}
$data = $this->models->profile_inp($x['header_tentang'], $x['tentang'], $x['title_tentang'], $x['id_tentang'], $x['tags_tentang'], $action_tentang);
//update or insert sejarah
if ($x['id_sejarah'] != '') {
$action_sejarah = 'update';
}
$data = $this->models->profile_inp($x['header_sejarah'], $x['sejarah'], $x['title_sejarah'], $x['id_sejarah'], $x['tags_sejarah'], $action_sejarah);
//update or insert visi
if ($x['id_visi'] != '') {
$action_visi = 'update';
}
$data = $this->models->profile_inp($x['header_visi'], $x['visi'], $x['title_visi'], $x['id_visi'], $x['tags_visi'], $action_visi);
//update or insert sejarah
if ($x['id_misi'] != '') {
$action_misi = 'update';
}
$data = $this->models->profile_inp($x['header_visi'], $x['misi'], $x['title_visi'], $x['id_misi'], $x['tags_misi'], $action_misi);
}
} catch (Exception $e) {
}
echo "<script>alert('Data berhasil di simpan');window.location.href='" . $CONFIG['admin']['base_url'] . "profile/index'</script>";
}
}
function register_admin()
{
global $CONFIG;
pr($_POST);
exit;
if (!empty($_POST)) {
$x = form_validation($_POST);
try {
if (isset($x) && count($x) != 0) {
pr($_POST);
exit;
$data = $this->models->upd_pass($pass);
}
} catch (Exception $e) {
}
}
echo "<script>window.location.href='" . $CONFIG['admin']['base_url'] . "'</script>";
}
* If form successfully submitted then perform form validation if validator
* checkbox's value is allow. Likewise, perform code injection if its checkbox
* value is allow. Perform user-entered string check here invoking
* check_blacklist sub-routine to determine if user is malicious. After all
* tests, submit the login form
* ---------------------------------------------------------------------------#
*/
if ($_POST['submit']) {
$uname = $_POST['uname'];
$pwd = $_POST['pwd'];
$message = $_POST['message'];
$injection = $_POST['injection'];
$validation = $_POST['validation'];
$success = 0;
if (0 == strcmp($validation, "allow")) {
$success = form_validation($uname, $pwd, $message, $injection);
} else {
if (0 == strcmp($validation, "block")) {
$success = 1;
}
}
if ($success == 1) {
$attack = check_blacklist($uname, $pwd);
$user_details = strict_form_checking($injection, $uname, $pwd, $message);
$uname = $user_details[0];
$pwd = $user_details[1];
submit_form($uname, $pwd, $attack);
}
} else {
echo "<h2>Hmm...I think you reached this page by mistake.</h2>";
}
* # If the form is not submitted then the user got in this program by mistake.
* # User goes back to signup.php. If form successfully submitted then perform
* # form validation. After all tests succeed, submit the signup form
* #---------------------------------------------------------------------------#
*
*/
if ($_POST['submit']) {
$uname = $_POST['uname'];
$pwd = $_POST['pwd'];
$email = $_POST['email'];
$dob = $_POST['dob'];
$sex = $_POST['sex'];
$state = $_POST['state'];
$city = $_POST['city'];
$news = $_POST['news'];
$success = form_validation($uname, $pwd, $email, $dob, $sex, $state, $city, $news);
if ($success == 1) {
submit_form($uname, $pwd, $email, $dob, $sex, $state, $city, $news);
}
}
/*
* ---------------------------------------------------------------------------#
* Perform form validation and print errors, if any. User goes back to
* signup page, if any errors persist, for refilling form correctly this time.
* ---------------------------------------------------------------------------#
*
*/
function form_validation($uname, $pwd, $email, $dob, $sex, $state, $city, $news)
{
$error_message = "";
$error_message = validate_username($uname, $error_message);
public function do_addEvent()
{
global $CONFIG;
if (isset($_POST['n_status'])) {
if ($_POST['n_status'] == 'on') {
$_POST['n_status'] = 1;
}
} else {
$_POST['n_status'] = 0;
}
if (isset($_POST)) {
// validasi value yang masuk
$x = form_validation($_POST);
try {
if (isset($x) && count($x) != 0) {
//update or insert
$x['action'] = 'insert';
if ($x['id'] != '') {
$x['action'] = 'update';
}
//pr($x);exit;
$data = $this->mdigirepo->eventInp('digirepo_events', $x);
}
} catch (Exception $e) {
}
$redirect = $CONFIG['admin']['base_url'] . 'digirepo/events';
echo "<script>alert('Data successfully saved');window.location.href='" . $redirect . "'</script>";
}
}
public function viewmaterial()
{
$id = form_validation($_GET);
$id_course = $id['id'];
// pr($id);
// echo "id course".$id_course;
$this->view->assign('data', $id_course);
//select header
$select_header_material = $this->mcourse->select_data_header_material($id_course);
// pr($select_header_material);
$this->view->assign('data_header_material', $select_header_material);
//select data upload
$select_list_data_material = $this->mcourse->select_data_list_material($id_course);
$this->view->assign('data_list_material', $select_list_data_material);
return $this->loadView('course/material');
}
public function editvideowebex()
{
global $CONFIG;
$id_video = $_GET['id_video'];
//kondisi apabila tidak melakukan perubahan
if ($_POST == null) {
$data = $this->models->selectvideowebex($id_video);
if ($data) {
$this->view->assign('data', $data);
}
return $this->loadView('webex/editvideowebex');
} else {
if (isset($_POST)) {
$x = form_validation($_POST);
try {
if (isset($x) && count($x) != 0) {
//update or insert
$x['title'] = $_POST['title'];
$x['jenisfile'] = $_POST['jenisfile'];
$x['id_video'] = $_GET['id_video'];
if (!empty($_FILES['file_video']['name'])) {
if ($_FILES['file_video']['name'] != '') {
deleteFile($x['file_hidden']);
$video = uploadFile('file_video', null, 'video');
$x['post_video'] = $video['full_name'];
}
} else {
if (empty($_FILES['file_video']['name']) && $x['file_video'] != "") {
//get first url
$split_first = explode('watch', $x['file_video']);
$hit = count($split_first);
if ($hit != 1) {
$split_second = explode('=', $x['file_video']);
$x['post_video'] = $split_first[0] . 'embed/' . $split_second[1];
} else {
$x['post_video'] = $x['file_video'];
}
} else {
$x['post_video'] = $x['file_hidden'];
}
}
$data = $this->models->updatevideowebex($x);
}
} catch (Exception $e) {
}
echo "<script>alert('Video Successfully Edit');window.location.href='" . $CONFIG['admin']['base_url'] . "webex/listvideowebex'</script>";
}
return $this->loadView('editvideowebex');
}
}
public function articleinp()
{
global $CONFIG;
if (isset($_POST['n_status'])) {
if ($_POST['n_status'] == 'on') {
$_POST['n_status'] = 1;
}
} else {
$_POST['n_status'] = 0;
}
if (isset($_POST['articletype'])) {
if ($_POST['articletype'] == 'on') {
if ($_POST['articleid_old'] != 0) {
$_POST['articletype'] = $_POST['articleid_old'];
} else {
$_POST['articletype'] = 1;
}
}
} else {
$_POST['articletype'] = 0;
}
if (isset($_POST)) {
// validasi value yang masuk
$x = form_validation($_POST);
try {
if (isset($x) && count($x) != 0) {
//update or insert
$x['action'] = 'insert';
if ($x['id'] != '') {
$x['action'] = 'update';
}
//pr($x);exit;
//upload file
if (!empty($_FILES)) {
if ($_FILES['file_image']['name'] != '') {
if ($x['categoryid'] == '9') {
$path_upload = 'gallery/images';
} else {
$path_upload = 'news';
}
if ($x['action'] == 'update') {
deleteFile($x['image'], $path_upload);
}
//if($x['action'] == 'update') deleteFile($x['image']);
$image = uploadFile('file_image', $path_upload, 'image');
$x['image_url'] = $CONFIG['admin']['app_url'] . $image['folder_name'] . $image['full_name'];
$x['image'] = $image['full_name'];
}
}
$data = $this->models->article_inp($x);
}
} catch (Exception $e) {
}
$redirect = $CONFIG['admin']['base_url'] . 'home';
if (isset($x['categoryid'])) {
if ($x['categoryid'] == '1') {
$redirect = $CONFIG['admin']['base_url'] . 'home';
} elseif ($x['categoryid'] == '2') {
$redirect = $CONFIG['admin']['base_url'] . 'site/content/?cat=2&&type=' . $_POST["articletype"];
} elseif ($x['categoryid'] == '3') {
$redirect = $CONFIG['admin']['base_url'] . 'site/content/?cat=3&&type=' . $_POST["articletype"];
} elseif ($x['categoryid'] == '4') {
if ($x['articletype'] == '1') {
$redirect = $CONFIG['admin']['base_url'] . 'about/profile';
} elseif ($x['articletype'] == '2') {
$redirect = $CONFIG['admin']['base_url'] . 'about/struktur';
}
} elseif ($x['categoryid'] == '9') {
if ($x['articletype'] == '1') {
$redirect = $CONFIG['admin']['base_url'] . 'gallery';
} elseif ($x['articletype'] == '2') {
$redirect = $CONFIG['admin']['base_url'] . 'gallery';
}
} elseif ($x['categoryid'] == '8') {
$redirect = $CONFIG['admin']['base_url'] . 'direktori/listCategory';
}
}
echo "<script>alert('Data berhasil di simpan');window.location.href='" . $redirect . "'</script>";
}
}
public function inpGallery()
{
global $CONFIG;
if (isset($_POST)) {
// validasi value yang masuk
$x = form_validation($_POST);
try {
if (isset($x) && count($x) != 0) {
//update or insert
$x['action'] = 'insert';
if ($x['id'] != '') {
$x['action'] = 'update';
}
//upload file
if (!empty($_FILES)) {
if ($x['gallerytype'] == '9') {
$path_upload = 'gallery/images';
} else {
$path_upload = '';
}
$image = uploadFileMultiple('file_image', $path_upload, 'image');
foreach ($_FILES['file_image']['name'] as $filekey => $file) {
$x['image_url'] = $CONFIG['admin']['app_url'] . $image[$filekey]['folder_name'] . $image[$filekey]['full_name'];
$x['image'] = $image[$filekey]['full_name'];
$data = $this->gallery->gallery_inp($x);
}
}
}
} catch (Exception $e) {
}
$redirect = $CONFIG['admin']['base_url'] . 'home';
if (isset($x['gallerytype'])) {
if ($x['gallerytype'] == '9') {
$redirect = $CONFIG['admin']['base_url'] . 'gallery/album/?album=' . $x['otherid'];
}
}
echo "<script>alert('Photo successfully uploaded');window.location.href='" . $redirect . "'</script>";
}
}
public function insert_upload()
{
global $CONFIG;
if (isset($_POST)) {
$x = form_validation($_POST);
try {
if (isset($x) && count($x) != 0) {
//update or insert
$x['action'] = 'insert';
if ($x['id'] != '') {
$x['action'] = 'update';
}
/*$exp = explode("_",$x['file_hidden']);
$encode_name_files = $exp[0];
$real_name_files = $exp[1];*/
//upload file
if (!empty($_FILES['file_image']['name'])) {
// echo "masuk files";
if ($_FILES['file_image']['name'] != '') {
if ($x['action'] == 'update') {
deleteFile($x['file_hidden']);
}
$image = uploadFile('file_image', null, 'image');
// pr($image);
// $x['post_image'] = $image['full_name']."_".$image['real_name'];
$x['post_image'] = $image['full_name'];
}
} else {
// echo "sini kan";
$x['post_image'] = $x['file_hidden'];
}
// pr($x);
$data = $this->mcourse->upload_insert($x);
}
} catch (Exception $e) {
}
if ($x['id'] == '') {
echo "<script>alert('Upload Ebook & Video Successfully Created');window.location.href='" . $CONFIG['admin']['base_url'] . "course/uploadfile'</script>";
} else {
echo "<script>alert('Upload Ebook & Video Successfully Update');window.location.href='" . $CONFIG['admin']['base_url'] . "course/uploadfile'</script>";
}
}
return $this->loadView('insert_upload');
}
$getURI = null;
if ($baseURI) {
$explURI = explode('/', $baseURI);
if ($explURI) {
foreach ($explURI as $key => $URI) {
if ($URI != "") {
$getURI[] = $URI;
}
}
} else {
// URI tidak didefinisi
show_error_page('URI not defined');
exit;
}
}
$vPage = form_validation($getURI);
// pr($vPage);exit;
if ($vPage) {
$validation['pid'] = @$vPage[0];
$validation['act'] = @$vPage[1];
$validation['det'] = @$vPage['det'];
}
// pr($validation);exit;
if (isset($validation)) {
if (isset($validation['pid'])) {
if ($validation['pid'] == '') {
$setPage = $CONFIG['admin']['default_view'];
} else {
$setPage = $validation['pid'];
}
} else {
public function articleinp()
{
global $CONFIG;
if (isset($_POST['n_status'])) {
if ($_POST['n_status'] == 'on') {
$_POST['n_status'] = 1;
}
} else {
$_POST['n_status'] = 0;
}
if (isset($_POST['articletype'])) {
if ($_POST['articletype'] == 'on') {
if ($_POST['articleid_old'] != 0) {
$_POST['articletype'] = $_POST['articleid_old'];
} else {
$_POST['articletype'] = 1;
}
}
} else {
$_POST['articletype'] = 0;
}
if (isset($_POST['highlight'])) {
if ($_POST['highlight'] == 'on') {
$_POST['highlight'] = 1;
}
} else {
$_POST['highlight'] = 0;
}
//pr($_POST);
if (isset($_POST)) {
// validasi value yang masuk
$x = form_validation($_POST);
try {
if (isset($x) && count($x) != 0) {
//update or insert
$x['action'] = 'insert';
if ($x['id'] != '') {
$x['action'] = 'update';
}
//pr($x);exit;
//upload file
if (!empty($_FILES)) {
if ($_FILES['file_image']['name'] != '') {
if ($x['categoryid'] == '9') {
$path_upload = 'gallery/images';
} elseif ($x['categoryid'] == '4') {
$path_upload = 'digirepo/linksIcon';
} else {
$path_upload = 'news';
}
if ($x['action'] == 'update') {
deleteFile($x['image'], $path_upload);
}
//if($x['action'] == 'update') deleteFile($x['image']);
$image = uploadFile('file_image', $path_upload, 'image');
logFile(serialize($image));
$x['image_url'] = $CONFIG['admin']['app_url'] . $image['folder_name'] . $image['full_name'];
$x['image'] = $image['full_name'];
}
}
$data = $this->models->article_inp($x);
}
} catch (Exception $e) {
}
$redirect = $CONFIG['admin']['base_url'] . 'home';
if (isset($x['categoryid'])) {
if ($x['categoryid'] == '1') {
$redirect = $CONFIG['admin']['base_url'] . 'home';
} elseif ($x['categoryid'] == '4') {
$redirect = $CONFIG['admin']['base_url'] . 'digirepo/links';
} elseif ($x['categoryid'] == '9') {
if ($x['articletype'] == '1') {
$redirect = $CONFIG['admin']['base_url'] . 'gallery';
} elseif ($x['articletype'] == '2') {
$redirect = $CONFIG['admin']['base_url'] . 'gallery';
}
}
}
//echo $redirect;
echo "<script>alert('Data successfully saved');window.location.href='" . $redirect . "'</script>";
}
}
