function votesys_edit_vote_site_form() { echo "<h1>Balsavimo svetaines redagavimas</h1>"; if (isset($_POST['save_edit']) && isset($_POST['site_id'])) { edit_site(); echo "Balsavimo svetaine <b>" . $_POST['site_name'] . "</b> sekmingai atnaujinta!<br><br>"; echo "<form action='" . get_admin_url() . "admin.php?page=edit_vote_site' id='option_form' method='POST'>"; echo "<input type='hidden' name='site_id' value='" . $_POST['site_id'] . "'>"; echo "<input type='submit' value='GRYZTI I REDAGAVIMA'></form>"; echo "<form action='" . get_admin_url() . "admin.php?page=manage_sites' id='option_form' method='POST'>"; echo "<input type='submit' value='GRYZTI I SVETAINIU VALDYMA'></form>"; } else { if (isset($_POST['site_id']) && isset($_POST['delete_site'])) { delete_site(); echo "<b>Svetaine sekmingai istrinta!</b>"; echo "<form action='" . get_admin_url() . "admin.php?page=manage_sites' id='option_form' method='POST'>"; echo "<input type='submit' value='GRYZTI I SVETAINIU VALDYMA'></form>"; } else { if (isset($_POST['site_id'])) { generate_edit_form(); } else { echo "<b>Prasome pasirinkti svetaine redagavimui!</b><br><br>"; generate_site_table(); } } } }
function process_request($tpl, $arg) { global $user; if (!count($arg)) { return; } dump($arg); $args = ''; if (isset($arg['gid']) && is_numeric($arg['gid'])) { $gid = $arg['gid']; if ($gid < 0 || $gid > 31) { err_not_found("GID out of range"); } } if (isset($gid)) { $sqls = array(); $sargs = array(); $name = $user->name; if (isset($arg['submit']) && $arg['submit'] == "Update Slot {$gid}") { global $subject_tags; $subject = stripcrap($arg['subject'], $subject_tags); $url = stripcrapurl($arg['url']); $sqls[] = "update f_global_messages set " . "subject = ?, url = ?, " . "name = ?, date = NOW() " . "where gid = ?"; $sargs[] = array($subject, $url, $name, $gid); /* resend edit so we get the form back */ $args = "?gid={$gid}&edit"; } if (isset($arg['add'])) { $sqls[] = "insert into f_global_messages " . "(gid, name, date) values " . "(?, ?, NOW())"; $sargs[] = array($gid, $name); } if (isset($arg['take'])) { $sqls[] = "update f_global_messages set " . "name = ?, date = NOW() " . "where gid = ?"; $sargs[] = array($name, $gid); } if (isset($arg['touch'])) { $sqls[] = "update f_global_messages set " . "date = NOW() " . "where gid = ?"; $sargs[] = array($gid); } if (isset($arg['unhide'])) { $sqls[] = "update u_users set " . "gmsgfilter = gmsgfilter & ~(1<<{$gid}) where gmsgfilter & (1<<{$gid})"; $sargs[] = array(); } if (count($sqls)) { /* don't allow any sql updates unless we have a valid token */ if (!$user->is_valid_token($arg['token'])) { err_not_found("invalid token"); } for ($i = 0; $i < count($sqls); $i++) { $sql = $sqls[$i]; $sarg = $sargs[$i]; debug($sql . "\narray(" . implode(",", $sarg) . ")\n"); db_exec($sql, $sarg); } } if (isset($arg['edit'])) { /* on edit and add, we will send Location: but with "edit" again, stripping add and the token */ if (isset($arg['add'])) { $args = "?gid={$gid}&edit"; } else { generate_edit_form($tpl, $gid); } } if (count($sqls)) { header("Location: /admin/gmessage.phtml{$args}"); } } }