function delete_test($file) { if (isset($_POST['daconfirm']) and isset($_SESSION["ticket_tiki-tests"])) { key_check('tiki-tests'); // Clean the filename $file = basename($file); if (file_exists("tiki_tests/tests/{$file}")) { return unlink("tiki_tests/tests/{$file}"); } return FALSE; } else { key_get('tiki-tests', tra("You are about to delete a TikiTest file, do you want to continue ?")); } return TRUE; }
} if ($_REQUEST["pollId"]) { $info = $polllib->get_poll($_REQUEST["pollId"]); } else { $info = array(); $info["title"] = ''; $info["active"] = 'y'; $info["publishDate"] = $tikilib->now; } $smarty->assign('title', $info["title"]); $smarty->assign('active', $info["active"]); $smarty->assign('publishDate', $info["publishDate"]); if (isset($_REQUEST["remove"])) { $area = 'delpoll'; if ($prefs['feature_ticketlib2'] != 'y' or isset($_POST['daconfirm']) and isset($_SESSION["ticket_{$area}"])) { key_check($area); $polllib->remove_poll($_REQUEST["remove"]); } else { key_get($area); } } if (isset($_REQUEST["save"])) { check_ticket('admin-polls'); $publishDate = mktime($_REQUEST["Time_Hour"], $_REQUEST["Time_Minute"], 0, $_REQUEST["Date_Month"], $_REQUEST["Date_Day"], $_REQUEST["Date_Year"]); $pid = $polllib->replace_poll($_REQUEST["pollId"], $_REQUEST["title"], $_REQUEST["active"], $publishDate); $cat_type = 'poll'; $cat_objid = $pid; $cat_desc = substr($_REQUEST["title"], 0, 200); $cat_name = $_REQUEST["title"]; $cat_href = "tiki-poll_results.php?pollId=" . $cat_objid; include_once "categorize.php";
/** * Checks whether the request was willingly submitted by the user, instead of being triggered by Cross-Site Request Forgery. * This uses random tokens. The first call brings to a request confirmation screen with * a new token in the form. The second call, in the second request, verifies the submitted token matches. * Typical usage: $access->check_authenticity(); * Warning: this mechanism does not allow passing uploaded files ($_FILES). For that, see check_ticket(). * @param string $confirmation_text Text on the confirmation screen. Default: 'Click here to confirm your action' * @access public * @return void */ function check_authenticity($confirmation_text = '') { global $prefs; if ($prefs['feature_ticketlib2'] == 'y') { if (isset($_REQUEST['daconfirm'])) { key_check(); } else { key_get(null, $confirmation_text); } } }
/** * Checks whether the request was willingly submitted by the user, instead of being triggered by Cross-Site Request Forgery. * This uses random tokens. The first call brings to a request confirmation screen with * a new token in the form. The second call, in the second request, verifies the submitted token matches. * Typical usage: $access->check_authenticity(); * Warning: this mechanism does not allow passing uploaded files ($_FILES). For that, see check_ticket(). * @param string $confirmation_text Text on the confirmation screen. Default: 'Click here to confirm your action' * @access public * @return array */ function check_authenticity($confirmation_text = '', $returnHtml = true) { global $prefs, $jitRequest; if (isset($_REQUEST['daconfirm'])) { $daconfirm = $_REQUEST['daconfirm']; } elseif (isset($jitRequest['daconfirm'])) { $daconfirm = $jitRequest->daconfirm->alpha(); } if ($prefs['feature_ticketlib2'] == 'y' || $returnHtml === false) { if (isset($daconfirm)) { if ($returnHtml) { key_check(); } else { $ret = key_check(null, false); } } else { if ($returnHtml) { key_get(null, $confirmation_text); } else { $ret = key_get(null, null, null, false); } } if (!$returnHtml) { return $ret; } } }
$utilities = new TikiAddons_Utilities(); if (file_exists("admin/include_{$adminPage}.php")) { include_once "admin/include_{$adminPage}.php"; } elseif ($filepath = $utilities->getAddonFilePath("admin/include_{$adminPage}.php")) { include_once $filepath; } $url = 'tiki-admin.php' . '?page=' . $adminPage; if (isset($admin_icons[$adminPage])) { $admin_icon = $admin_icons[$adminPage]; $admintitle = $admin_icon['title']; $description = isset($admin_icon['description']) ? $admin_icon['description'] : ''; $helpUrl = isset($admin_icon['help']) ? $admin_icon['help'] : ''; } $helpDescription = tr("Help on %0 Config", $admintitle); $smarty->assign('include', $adminPage); if (!empty($changes) && key_check(null, false)) { $access->redirect($_SERVER['REQUEST_URI'], '', 200); } } else { $smarty->assign('include', 'list_sections'); $smarty->assign('admintitle', 'Control Panels'); $smarty->assign('description', 'Home Page for Administrators'); $smarty->assign('headtitle', breadcrumb_buildHeadTitle($crumbs)); $smarty->assign('description', $crumbs[0]->description); } $headerlib->add_cssfile('themes/base_files/feature_css/admin.css'); if (isset($admintitle) && isset($description)) { $crumbs[] = new Breadcrumb($admintitle, $description, $url, $helpUrl, $helpDescription); $smarty->assign_by_ref('admintitle', $admintitle); $headtitle = breadcrumb_buildHeadTitle($crumbs); $smarty->assign_by_ref('headtitle', $headtitle);
} $crumbs[] = new Breadcrumb(tra('Control Panels'), tra('Sections'), 'tiki-admin.php', 'Admin+Home', tra('Help on Configuration Sections', '', true)); // Default values for AdminHome $admintitle = tra('Control Panels'); $helpUrl = 'Admin+Home'; $helpDescription = $description = ''; $url = 'tiki-admin.php'; $adminPage = ''; $prefslib = TikiLib::lib('prefs'); if (isset($_REQUEST['pref_filters'])) { $prefslib->setFilters($_REQUEST['pref_filters']); } $temp_filters = isset($_REQUEST['filters']) ? explode(' ', $_REQUEST['filters']) : null; $smarty->assign('pref_filters', $prefslib->getFilters($temp_filters)); if (isset($_REQUEST['lm_preference'])) { $check = key_check(null, false); if ($check === true) { $changes = $prefslib->applyChanges((array) $_REQUEST['lm_preference'], $_REQUEST); foreach ($changes as $pref => $val) { if ($val['type'] == 'reset') { add_feedback($pref, tr('%0 reset', $pref), 4); $logslib->add_action('feature', $pref, 'system', 'reset'); } else { $value = $val['new']; if ($value == 'y') { add_feedback($pref, tr('%0 enabled', $pref), 1, 1); $logslib->add_action('feature', $pref, 'system', 'enabled'); } elseif ($value == 'n') { add_feedback($pref, tr('%0 disabled', $pref), 0, 1); $logslib->add_action('feature', $pref, 'system', 'disabled'); } else {