protected function main() { // Seuls les membres peuvent créer des brouillons if (!is_logged_in()) { redir(Nw::$lang['common']['need_login'], false, 'users-10.html'); } // Si le paramètre ID manque if (empty($_GET['id']) || !is_numeric($_GET['id'])) { header('Location: ./'); } // Le commentaire n'existe pas inc_lib('news/cmt_news_exists'); if (cmt_news_exists($_GET['id']) == false) { redir(Nw::$lang['news']['cmt_not_exist'], false, './'); } inc_lib('news/get_info_cmt_news'); inc_lib('news/add_vote_cmt'); $donnees_cmt = get_info_cmt_news($_GET['id']); $response = add_vote_cmt($_GET['id']); inc_lib('news/get_info_news'); $donnees_news = get_info_news($donnees_cmt['c_id_news']); $rewrite_news = $donnees_news['c_rewrite'] . '/' . rewrite($donnees_news['n_titre']) . '-' . $donnees_news['n_id'] . '/'; // Pour rediriger le visiteur d'où il est venu if (!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url) !== false && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url . $rewrite_news) === false) { $_SESSION['nw_referer_edit'] = $_SERVER['HTTP_REFERER']; } // Vote bien ajouté if ($response) { $text_redir = Nw::$lang['news']['vote_cmt_ok']; } else { $text_redir = Nw::$lang['news']['vote_cmt_pasok']; } $link_redir = !empty($_SESSION['nw_referer_edit']) ? $_SESSION['nw_referer_edit'] : $rewrite_news; redir($text_redir, true, $link_redir); }
protected function main() { inc_lib('news/news_exists'); $count_news_existe = news_exists($_GET['id']); if ($count_news_existe == false && (is_logged_in() && !check_auth('view_histo_all_news'))) { redir(Nw::$lang['news']['news_not_exist'], false, './'); } inc_lib('news/get_info_news'); $donnees_news = get_info_news($_GET['id']); $this->set_title(Nw::$lang['news']['historique_news'] . ' | ' . $donnees_news['n_titre']); $this->set_tpl('news/log_news.html'); $this->add_css('code.css'); // Fil ariane if ($count_news_existe) { $this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), $donnees_news['c_nom'] => array($donnees_news['c_rewrite'] . '/'), $donnees_news['n_titre'] => array($donnees_news['c_rewrite'] . '/' . rewrite($donnees_news['n_titre']) . '-' . $_GET['id'] . '/'), Nw::$lang['news']['historique_news'] => array(''))); } else { $this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), Nw::$lang['news']['historique_news'] => array(''))); } /** * Affichage du logo **/ inc_lib('news/get_news_logs'); $donnees_logs = get_news_logs('l_id_news = ' . intval($_GET['id']), 'l_date DESC'); foreach ($donnees_logs as $donnees) { Nw::$tpl->setBlock('log', array('ACTION' => $donnees['l_action'], 'ACTION_LOG' => isset(Nw::$lang['news']['log_news_' . $donnees['l_action']]) ? Nw::$lang['news']['log_news_' . $donnees['l_action']] : '', 'TEXTE' => nl2br($donnees['l_texte']), 'TITRE' => $donnees['l_titre'], 'DATE' => date_sql($donnees['date'], $donnees['heures_date'], $donnees['jours_date']), 'AUTEUR' => $donnees['u_pseudo'], 'AUTEUR_ID' => $donnees['u_id'], 'AUTEUR_AVATAR' => $donnees['u_avatar'], 'AUTEUR_ALIAS' => $donnees['u_alias'], 'IP' => long2ip($donnees['l_ip']))); } Nw::$tpl->set(array('ID' => $_GET['id'], 'TITRE' => $donnees_news['n_titre'])); }
public function digestCookieData() { global $whmcs; $sortdata = WHMCS_Cookie::get("SD", true); $name = $this->name; if (array_key_exists($name, $sortdata)) { $orderby = $sortdata[$name]['orderby']; if ($orderby) { $this->setOrderBy($orderby); } $orderbysort = $sortdata[$name]['sort']; if ($orderbysort) { $this->setSortDirection($orderbysort); } } if ($orderby = $whmcs->get_req_var("orderby")) { $this->setOrderBy($orderby); $sortdata[$name] = array("orderby" => $this->orderby, "sort" => $this->sort); WHMCS_Cookie::set("SD", $sortdata); redir("filter=1"); } if ($page = $whmcs->get_req_var("page")) { $this->setPage($page); } $this->setRecordLimit($whmcs->get_config("NumRecordstoDisplay")); }
function del($id) { onlyadmin(); $id = protect($id); mysql_query("DELETE FROM shoutbox WHERE `id`='{$id}'"); redir("shoutbox"); }
protected function main() { //Si on a bien envoyé un article à éditer if (!empty($_GET['id']) && is_numeric($_GET['id'])) { inc_lib('press/get_info_article'); $dn_article = get_info_article($_GET['id']); if (empty($dn_article)) { redir(Nw::$lang['press']['error_dont_exist'], false, 'press.html'); } //Si on a soumis le formulaire if (isset($_POST['submit'])) { inc_lib('press/edit_article'); edit_article($dn_article['p_id'], $_POST['paper'], $_POST['link'], $_POST['numero'], $_POST['country'], $_POST['contenu'], $_POST['date_pub']); redir(Nw::$lang['press']['redir_article_edited'], true, 'press.html?article=' . $dn_article['p_id']); } $this->set_title($dn_article['p_ressource_name']); $this->set_tpl('press/edit.html'); $this->add_css('code.css'); $this->add_css('forms.css'); // Fil ariane $this->set_filAriane(array(Nw::$lang['press']['mod_title'] => array('press.html'), $dn_article['p_ressource_name'] => array('press.html?article=' . $dn_article['p_id']), Nw::$lang['press']['art_edit'] => array(''))); inc_lib('bbcode/unparse'); Nw::$tpl->set(array('ID' => $dn_article['p_id'], 'RESSOURCE' => $dn_article['p_ressource_name'], 'DATE' => $dn_article['date'], 'LIEN' => $dn_article['p_link'], 'CONTENU' => unparse($dn_article['p_description']), 'PAYS' => $dn_article['p_lang'], 'NUMERO' => $dn_article['p_num'])); } else { redir(Nw::$lang['press']['error_dont_exist'], false, 'press.html'); } }
protected function main() { if (!is_logged_in()) { redir(Nw::$lang['common']['need_login'], false, 'users-10.html'); } // Si le paramètre ID manque if (empty($_GET['id']) || !is_numeric($_GET['id']) || empty($_GET['id2']) || !is_numeric($_GET['id2'])) { header('Location: ./'); } // Cette news existe vraiment ? inc_lib('news/news_exists'); if (news_exists($_GET['id']) == false) { redir(Nw::$lang['news']['news_not_exist'], false, './'); } inc_lib('news/vrs_exists'); if (vrs_exists($_GET['id'], $_GET['id2']) == false) { redir(Nw::$lang['news']['version_not_exist'], false, 'news-16-' . $_GET['id'] . '.html'); } inc_lib('news/get_info_news'); $donnees_news = get_info_news($_GET['id']); // Le membre a le droit de restaurer une version de news if (Nw::$droits['can_change_version_my_news'] && $donnees_news['n_id_auteur'] == Nw::$dn_mbr['u_id'] || Nw::$droits['can_change_version_all_news']) { // La version actuelle n'est pas la même que celle que l'on veut restaurer.. if ($donnees_news['n_last_version'] != $_GET['id2']) { inc_lib('news/restore_vrs'); restore_vrs($_GET['id'], $_GET['id2']); redir(Nw::$lang['news']['vrs_restored'], true, 'news-16-' . $_GET['id'] . '.html'); } else { redir(Nw::$lang['news']['error_already_restored'], false, 'news-16-' . $_GET['id'] . '.html'); } } else { redir(Nw::$lang['news']['error_restore_vrs'], false, 'news-16-' . $_GET['id'] . '.html'); } }
function checkPermission($action, $noredirect = "") { static $AdminRoleID = 0; static $AdminRolePerms = array(); $permid = array_search($action, getAdminPermsArray()); if (isset($_SESSION['adminid'])) { if (!$AdminRoleID) { $result = select_query("tbladmins", "roleid", array("id" => $_SESSION['adminid'])); $data = mysql_fetch_array($result); $roleid = $data['roleid']; $AdminRoleID = $roleid; } if (!count($AdminRolePerms)) { $result = select_query("tbladminperms", "permid", array("roleid" => $AdminRoleID)); while ($data = mysql_fetch_array($result)) { $AdminRolePerms[] = $data[0]; } } } $match = in_array($permid, $AdminRolePerms) ? true : false; if ($noredirect) { if ($match) { return true; } return false; } if (!$match) { redir("permid=" . $permid, "accessdenied.php"); } }
/** * Déconnexion de l'utilisateur * @author Cam * @return void */ protected function main() { // L'ID membre n'est pas renseigné, direction l'index if (empty($_GET['id'])) { header('Location: ./'); } // Pour rediriger le visiteur d'où il est venu if (!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url) !== false && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url . 'membres-10.html') === false) { $_SESSION['nw_referer_deco'] = $_SERVER['HTTP_REFERER']; } $link_redir = !empty($_SESSION['nw_referer_deco']) ? $_SESSION['nw_referer_deco'] : './'; // Le membre est bien connecté if (is_logged_in() && $_GET['id'] == Nw::$dn_mbr['u_id']) { $_SESSION = array(); session_destroy(); // Si les cookies existent, on les supprime if (isset($_COOKIE['nw_ident']) && isset($_COOKIE['nw_pass'])) { setcookie('nw_ident', null, time() - 3600); setcookie('nw_pass', null, time() - 3600); } // On affiche le message de confirmation et le redirige redir(Nw::$lang['users']['disconnect_msg'], true, $link_redir); } else { header('Location: ./'); } }
function page_admin_images($act = "", $id = "") { requires_admin(); use_template("admin"); if ($act == "add") { if (form_file_uploaded("file")) { $fname = $_FILES["file"]['name']; db_query("INSERT INTO images (link) VALUES ('')"); $id = db_last_id(); $fname = $id . "." . fileext($fname); form_file_uploaded_move("file", "img/" . $fname); db_query("UPDATE images SET link='img/{$fname}' WHERE id=%d", $id); redir("admin/images"); } form_start("", "post", " enctype='multipart/form-data' "); form_file("Файл", "file"); form_submit("Загрузить", "submit"); form_end(); $o = form(); return $o; } if ($act == "del") { $im = db_object_get("images", $id); @unlink("../{$im->link}"); } $o = table_edit("images", "admin/images", $act, $id, "", "", "", "image_func"); return $o; }
/** * Mot de passe oublié (partie 1) * @author Cam * @return tpl */ protected function main() { // Si le membre est déjà connecté if (is_logged_in()) { redir(Nw::$lang['common']['already_connected'], false, './'); } $this->set_title(Nw::$lang['users']['title_lost_pwd']); $this->set_tpl('membres/oubli_mdp.html'); $this->add_css('forms.css'); // Fil ariane $this->set_filAriane(Nw::$lang['users']['title_lost_pwd']); //Si le formulaire a été validé if (isset($_POST['submit'])) { // Cette adresse email existe bien sur le site inc_lib('users/email_exists'); if (email_exists($_POST['mail'])) { //On récupère les infos du membre inc_lib('users/get_info_mbr'); $membre_mail = get_info_mbr($_POST['mail'], 'mail'); $lien_password = Nw::$site_url . 'users-13.html?idm=' . $membre_mail['u_id'] . '&ca=' . $membre_mail['u_code_act']; //On prépare le texte de l'email $txt_mail = sprintf(Nw::$lang['users']['mail_oubli_pwd'], $membre_mail['u_pseudo'], $lien_password, $lien_password, $lien_password); @envoi_mail(trim($_POST['mail']), sprintf(Nw::$lang['users']['title_mail_lost_pwd'], Nw::$site_name), $txt_mail); redir(Nw::$lang['users']['send_mail_lost'], true, './'); } else { redir(Nw::$lang['users']['email_aucun_mbr'], false, 'users-12.html'); } } }
/** * Activation du compte. * @author Cam * @return tpl */ protected function main() { if (empty($_GET['mid']) || empty($_GET['ca'])) { header('Location: ./'); } if (is_logged_in()) { redir(Nw::$lang['common']['already_connected'], false, './'); } $return_valid = false; inc_lib('users/mbr_act_exists'); if (mbr_act_exists($_GET['mid'], $_GET['ca'])) { inc_lib('users/get_info_mbr'); $donnees_compte = get_info_mbr($_GET['mid']); if ($donnees_compte['u_active'] == 0) { inc_lib('users/valid_account'); inc_lib('admin/gen_cachefile_nb_members'); valid_account($_GET['mid']); gen_cachefile_nb_members(); generate_members_sitemap(); redir(Nw::$lang['users']['compte_valide'], true, './'); $return_valid = true; } } if (!$return_valid) { redir(Nw::$lang['users']['compte_valid_error'], false, './'); } }
protected function main() { $this->set_title(Nw::$site_slogan); $this->set_tpl('mobile/users/login.html'); $this->load_lang_file('users'); // Si le membre est déjà connecté if (is_logged_in()) { redir(Nw::$lang['common']['already_connected'], false, 'mobile-2.html'); } //Si on a soumis le formulaire if (!multi_empty(trim($_POST['nw_nickname']), trim($_POST['nw_password']))) { $array_post = array('pseudo' => $_POST['nw_nickname'], 'remember' => isset($_POST['nw_remember'])); //On vérifie que la paire pseudo/mot de passe existe inc_lib('users/get_info_account'); if ($dn_info_account = get_info_account($_POST['nw_nickname'], $_POST['nw_password'])) { //Si le compte est actif if ($dn_info_account['u_active'] == 1) { $link_redir = 'mobile-2.html'; $connex_auto = 1; inc_lib('users/connect_auto_user'); connect_auto_user($dn_info_account['u_id'], $_POST['nw_password'], $connex_auto); // On redirige le membre redir(sprintf(Nw::$lang['users']['welcome_user'], $_POST['nw_nickname']), true, $link_redir); } else { display_form($array_post, Nw::$lang['users']['not_active']); } return; } else { display_form($array_post, Nw::$lang['users']['account_no_exist']); } return; } display_form(array('pseudo' => '', 'remember' => true)); Nw::$tpl->set('INC_HEAD', empty($_SERVER['HTTP_AJAX'])); }
protected function main() { if (!is_logged_in()) { header('Location: mobile.html'); } $this->set_tpl('mobile/categories/list_news.html'); $this->load_lang_file('news'); // On compte le nbr de news en rédaction inc_lib('news/count_news'); $nombre_news = count_news('n_etat = 1'); // Pagination $page = (!empty($_GET['page']) and is_numeric($_GET['page']) and $_GET['page'] > 0) ? (int) $_GET['page'] : 1; $nombreDePages = ceil($nombre_news / Nw::$pref['nb_news_redac']); // On vérifie bien que la page existe if ($nombreDePages > 0 && $page > $nombreDePages) { redir(Nw::$lang['common']['pg_not_exist'], false, './mobile.html'); } // On recherche toutes les news en rédaction inc_lib('news/get_list_news'); $list_dn_news = get_list_news('n_etat = 1', 'n_date DESC', $page, Nw::$pref['nb_news_redac']); // On affiche toutes les news en rédaction foreach ($list_dn_news as $donnees_news) { Nw::$tpl->setBlock('news', array('ID' => $donnees_news['n_id'], 'CAT_ID' => $donnees_news['c_id'], 'CAT_TITRE' => $donnees_news['c_nom'], 'IMAGE_ID' => $donnees_news['i_id'], 'IMAGE_NOM' => $donnees_news['i_nom'], 'TITRE' => $donnees_news['n_titre'], 'RESUME' => $donnees_news['n_resume'], 'REWRITE' => rewrite($donnees_news['n_titre']), 'AUTEUR' => $donnees_news['u_pseudo'], 'AUTEUR_ID' => $donnees_news['u_id'], 'AUTEUR_ALIAS' => $donnees_news['u_alias'], 'AUTEUR_AVATAR' => $donnees_news['u_avatar'], 'DATE' => date_sql($donnees_news['date_news'], $donnees_news['heures_date_news'], $donnees_news['jours_date_news']), 'NBR_COMS' => sprintf(Nw::$lang['news']['nbr_comments_news'], $donnees_news['n_nbr_coms'], $donnees_news['n_nbr_coms'] > 1 ? Nw::$lang['news']['add_s_comments'] : ''), 'VOTES' => $donnees_news['n_nb_votes'], 'VOTES_NEG' => $donnees_news['n_nb_votes_neg'], 'HAS_VOTED' => is_logged_in() ? $donnees_news['v_id_membre'] : 0)); } Nw::$tpl->set(array('LIST_PG' => list_pg($nombreDePages, $page, 'mobile-2%s.html'), 'NB_NEWS' => $nombre_news, 'TITLE' => Nw::$lang['news']['en_attente_title'], 'TITLE_REWRITE' => 'news_en_attente', 'INC_HEAD' => empty($_SERVER['HTTP_AJAX']))); }
protected function main() { // Seuls les membres peuvent créer des brouillons if (!is_logged_in()) { redir(Nw::$lang['common']['need_login'], false, 'users-10.html'); } // Si le paramètre ID manque if (empty($_GET['id']) || !is_numeric($_GET['id'])) { header('Location: ./'); } // Cette news existe vraiment ? inc_lib('news/news_exists'); if (news_exists($_GET['id']) == false) { redir(Nw::$lang['news']['news_not_exist'], false, './'); } // Pour rediriger le visiteur d'où il est venu if (!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url) !== false && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url . 'news-25-' . $_GET['id'] . '.html') === false) { $_SESSION['nw_referer_edit'] = $_SERVER['HTTP_REFERER']; } $link_redir = !empty($_SESSION['nw_referer_edit']) ? $_SESSION['nw_referer_edit'] : 'news-10-' . intval($_GET['id']) . '.html'; inc_lib('news/get_info_news'); inc_lib('news/manage_fav'); $donnees_news = get_info_news($_GET['id']); $response = manage_fav($_GET['id']); // Nouveau favoris if ($response == 1) { $text_redir = Nw::$lang['news']['news_favorite_ok']; } elseif ($response == 2) { $text_redir = Nw::$lang['news']['news_defavorite_ok']; } redir($text_redir, true, $link_redir); }
protected function main() { // Si le paramètre ID manque if (empty($_GET['id']) || !is_numeric($_GET['id'])) { header('Location: news-70.html'); } inc_lib('news/news_exists'); if (news_exists($_GET['id']) == false) { redir(Nw::$lang['news']['news_not_exist'], false, 'news-70.html'); } inc_lib('news/get_info_news'); $info_news = get_info_news($_GET['id']); if (!is_logged_in()) { redir(Nw::$lang['news']['error_cant_alert'], false, './'); } //Si on a envoyé des erreurs if (!empty($_POST['contenu'])) { inc_lib('news/add_alert_news'); add_alert_news(Nw::$dn_mbr['u_id'], $_GET['id'], $_POST['contenu'], $_POST['motif']); redir(Nw::$lang['news']['confirm_alert'], true, $info_news['c_rewrite'] . '/' . rewrite($info_news['n_titre']) . '-' . $_GET['id'] . '/'); } $this->set_title($info_news['n_titre'] . ' | ' . $info_news['c_nom']); $this->set_tpl('news/alert.html'); $this->add_css('forms.css'); $this->add_css('code.css'); $this->add_js('write.js'); $this->add_js('forms.js'); $this->add_form('contenu'); Nw::$tpl->set('ID', $info_news['n_id']); inc_lib('bbcode/clearer'); Nw::$tpl->set(array('ID' => $_GET['id'], 'BAL_CHAMP' => 'contenu', 'NEWS' => $info_news['n_titre'], 'RESUME' => CoupeChar(clearer($info_news['v_texte'])), 'CAT_REWRITE' => $info_news['c_rewrite'], 'REWRITE' => rewrite($info_news['n_titre']))); // Fil ariane $this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), $info_news['c_nom'] => array($info_news['c_rewrite'] . '/'), $info_news['n_titre'] => array($info_news['c_rewrite'] . '/' . rewrite($info_news['n_titre']) . '-' . $_GET['id'] . '/'), Nw::$lang['news']['alert'] => array(''))); }
protected function main() { $this->set_title(Nw::$lang['contact']['contact']); $this->add_css('forms.css'); $this->set_filAriane(array(Nw::$lang['contact']['contact'] => array(''))); $this->set_tpl('contact/contact.html'); $this->load_lang_file('users'); $this->add_form('contenu'); //Si on veut envoyer le mail if (isset($_POST['submit'])) { if (empty($_POST['pseudo'])) { $msg_error = sprintf(Nw::$lang['contact']['error_empty'], Nw::$lang['contact']['_pseudo']); } elseif (empty($_POST['mail'])) { $msg_error = sprintf(Nw::$lang['contact']['error_empty'], Nw::$lang['contact']['_mail']); } elseif (empty($_POST['sujet'])) { $msg_error = sprintf(Nw::$lang['contact']['error_empty'], Nw::$lang['contact']['_sujet']); } elseif (empty($_POST['contenu'])) { $msg_error = sprintf(Nw::$lang['contact']['error_empty'], Nw::$lang['contact']['_contenu']); } elseif ($_POST['code_cap'] != $_SESSION['cap_nw']) { $msg_error = Nw::$lang['users']['wrong_antispam']; } if (!empty($msg_error)) { display_form(array('pseudo' => $_POST['pseudo'], 'mail' => $_POST['mail'], 'sujet' => $_POST['sujet'], 'contenu' => $_POST['contenu'], 'captcha' => $_POST['captcha'], 'nom' => $_POST['nom'], 'code_cap' => ''), $msg_error); } else { inc_lib('mail/email_contact'); if (email_contact($_POST['mail'], $_POST['pseudo'], $_POST['nom'], '[Contact] ' . $_POST['sujet'], $_POST['contenu'], get_ip())) { redir(Nw::$lang['contact']['redir_ok'], true, 'contact.html'); } } } else { display_form(array('pseudo' => is_logged_in() ? Nw::$dn_mbr['u_pseudo'] : '', 'mail' => is_logged_in() ? Nw::$dn_mbr['u_email'] : '', 'sujet' => '', 'contenu' => '', 'captcha' => '', 'nom' => '', 'code_cap' => '')); } }
protected function main() { if (!is_logged_in()) { redir(Nw::$lang['common']['need_login'], false, 'users-10.html'); } // Si le paramètre ID manque if (empty($_GET['id']) || !is_numeric($_GET['id'])) { header('Location: news-70.html'); } // Cette news existe vraiment ? inc_lib('news/news_exists'); if (news_exists($_GET['id']) == false) { redir(Nw::$lang['news']['news_not_exist'], false, 'news-70.html'); } inc_lib('news/get_info_news'); $donnees_news = get_info_news($_GET['id']); // Ce n'est pas l'auteur de la news, il ne peut la proposer if ($donnees_news['n_id_auteur'] != Nw::$dn_mbr['u_id']) { redir(Nw::$lang['news']['dont_propose_news'], false, 'news-70.html'); } // La news a déjà été proposée if ($donnees_news['n_etat'] == 2) { redir(Nw::$lang['news']['news_already_attente'], false, 'news-80.html'); } // Proposition de la news inc_lib('news/propose_news_votes'); propose_news_votes($_GET['id']); redir(Nw::$lang['news']['msg_news_attente'], true, 'news-80.html'); }
protected function main() { //Si on a posté un article à voir if (!empty($_GET['article']) && is_numeric($_GET['article'])) { inc_lib('press/get_info_article'); $dn_article = get_info_article($_GET['article']); if (empty($dn_article)) { redir(Nw::$lang['press']['error_dont_exist'], false, 'press.html'); } $this->set_title($dn_article['p_ressource_name']); // Fil ariane $this->set_filAriane(array(Nw::$lang['press']['mod_title'] => array('press.html'), $dn_article['p_ressource_name'] => array('press.html?article=' . $dn_article['p_id']), Nw::$lang['press']['art_details'] => array(''))); Nw::$tpl->set(array('DISPLAY_ARTICLE' => true, 'ID' => $dn_article['p_id'], 'TITRE' => sprintf(Nw::$lang['press']['apparition_in'], $dn_article['p_ressource_name']), 'RESSOURCE' => $dn_article['p_ressource_name'], 'DATE' => $dn_article['date'], 'LIEN' => $dn_article['p_link'], 'CONTENU' => $dn_article['p_description'], 'PAYS' => Nw::$lang['common']['countries'][$dn_article['p_lang']], 'NUMERO' => $dn_article['p_num'], 'ID_ADMIN' => $dn_article['u_id'], 'PSEUDO_ADMIN' => $dn_article['u_pseudo'])); } else { $this->set_title(Nw::$lang['press']['mod_title']); // Fil ariane $this->set_filAriane(array(Nw::$lang['press']['mod_title'] => array('press.html'), Nw::$lang['press']['art_list'] => array(''))); Nw::$tpl->set('DISPLAY_ARTICLE', false); } $this->set_tpl('press/list.html'); $this->add_css('code.css'); //Récupération de la liste des articles inc_lib('press/get_list_articles'); $list_articles = get_list_articles(); foreach ($list_articles as $art) { Nw::$tpl->setBlock('art', array('ID' => $art['p_id'], 'TITRE' => $art['p_ressource_name'] . ' (' . $art['date'] . ')')); } }
protected function main() { // Il y a bien tous les paramètres nécessaires à l'éxécution du script if (!is_logged_in() && !empty($_GET['idm']) && is_numeric($_GET['idm']) && !empty($_GET['ca'])) { // Fil ariane $this->set_filAriane(Nw::$lang['users']['title_redef_pass']); $this->set_title(Nw::$lang['users']['title_redef_pass']); $this->set_tpl('membres/redefine_mdp.html'); $this->add_css('forms.css'); // Ce code existe bien avec ce code d'activation inc_lib('users/mbr_act_exists'); if (!mbr_act_exists($_GET['idm'], $_GET['ca'])) { redir(Nw::$lang['users']['redef_mdp_echoue'], false, './'); } //Si on redéfinit if (isset($_POST['submit']) && !multi_empty(trim($_POST['nw_pass1']), trim($_POST['nw_pass2']))) { if ($_POST['nw_pass1'] == $_POST['nw_pass2']) { inc_lib('users/chg_password'); chg_password($_POST['nw_pass1'], $_GET['idm'], $_GET['ca']); redir(Nw::$lang['users']['new_redef_pwd'], true, './'); } else { redir(Nw::$lang['users']['sames_password'], false, $_SERVER['REQUEST_URI']); } } } else { header('Location: ./'); } }
protected function main() { $this->set_tpl('mobile/news/une.html'); $this->load_lang_file('news'); // On compte le nbr de news publiées inc_lib('news/count_news'); $nombre_news = count_news('n_etat = 3'); $ids_all_news = array(); // Pagination $page = !empty($_GET['page']) ? (int) $_GET['page'] : 1; $nombreDePages = ceil($nombre_news / Nw::$pref['nb_news_homepage']); // On vérifie que la page existe bien if ($nombreDePages > 0 && $page > $nombreDePages) { redir(Nw::$lang['common']['pg_not_exist'], false, './'); } // On recherche toutes les news publiées inc_lib('news/get_list_news'); $list_dn_news = get_list_news('n_etat = 3', 'n_date DESC', $page, Nw::$pref['nb_news_homepage']); $cours_news = 0; foreach ($list_dn_news as $donnees_news) { Nw::$tpl->setBlock('news', array('ID' => $donnees_news['n_id'], 'CAT_ID' => $donnees_news['c_id'], 'CAT_TITRE' => $donnees_news['c_nom'], 'CAT_REWRITE' => rewrite($donnees_news['c_nom']), 'IMAGE_ID' => $donnees_news['i_id'], 'IMAGE_NOM' => $donnees_news['i_nom'], 'TITRE' => $donnees_news['n_titre'], 'RESUME' => $donnees_news['n_resume'], 'REWRITE' => rewrite($donnees_news['n_titre']), 'AUTEUR' => $donnees_news['u_pseudo'], 'AUTEUR_ID' => $donnees_news['u_id'], 'AUTEUR_ALIAS' => $donnees_news['u_alias'], 'AUTEUR_AVATAR' => $donnees_news['u_avatar'], 'DATE' => date_sql($donnees_news['date_news'], $donnees_news['heures_date_news'], $donnees_news['jours_date_news']), 'NBR_VOTES' => $donnees_news['n_nb_votes'], 'NBR_COMS' => sprintf(Nw::$lang['news']['nbr_comments_news'], $donnees_news['n_nbr_coms'], $donnees_news['n_nbr_coms'] > 1 ? Nw::$lang['news']['add_s_comments'] : ''))); ++$cours_news; } Nw::$tpl->set(array('LIST_PG' => list_pg($nombreDePages, $page, 'mobile-2%s.html'), 'NB_NEWS' => $cours_news, 'INC_HEAD' => empty($_SERVER['HTTP_AJAX']))); }
protected function main() { //Si on a bien envoyé un article à supprimer if (!empty($_GET['id']) && is_numeric($_GET['id'])) { inc_lib('press/get_info_article'); $dn_article = get_info_article($_GET['id']); if (empty($dn_article)) { redir(Nw::$lang['press']['error_dont_exist'], false, 'press.html'); } //Si on a soumis le formulaire if (isset($_POST['submit'])) { inc_lib('press/delete_article'); delete_article($dn_article['p_id']); redir(Nw::$lang['press']['redir_article_deleted'], true, 'press.html'); } elseif (isset($_POST['cancel'])) { header('Location: press.html?article=' . $dn_article['p_id']); } $this->set_title($dn_article['p_ressource_name']); $this->set_tpl('press/delete.html'); $this->add_css('forms.css'); // Fil ariane $this->set_filAriane(array(Nw::$lang['press']['mod_title'] => array('press.html'), $dn_article['p_ressource_name'] => array('press.html?article=' . $dn_article['p_id']), Nw::$lang['press']['art_delete'] => array(''))); Nw::$tpl->set(array('ID' => $dn_article['p_id'], 'RESSOURCE' => $dn_article['p_ressource_name'], 'TEXT_CONFIRM' => sprintf(Nw::$lang['press']['confirm_delete'], $dn_article['p_id'], $dn_article['p_ressource_name']))); } else { redir(Nw::$lang['press']['error_dont_exist'], false, 'press.html'); } }
protected function main() { if (!is_logged_in() && !check_auth('view_histo_all_news')) { header('Location: ./'); } $this->set_title(Nw::$lang['news']['historiques_news']); $this->set_tpl('news/log_admin.html'); $this->add_css('code.css'); $this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), Nw::$lang['news']['historiques_news'] => array(''))); $get_param = ''; $param_tpl = ''; if (!empty($_GET['t'])) { $get_param = 'l_titre LIKE "%' . insertBD(urldecode($_GET['t'])) . '%" OR l_texte LIKE "%' . insertBD(urldecode($_GET['t'])) . '%"'; $param_tpl = htmlspecialchars($_GET['t']); } inc_lib('news/count_news_logs'); $nombre_logs = count_news_logs($get_param); // Pagination $page = isset($_GET['page']) ? intval($_GET['page']) : 1; $nombreDePages = ceil($nombre_logs / Nw::$pref['nb_logs_admin']); // On vérifie que la page existe bien if ($nombreDePages > 0 && $page > $nombreDePages) { redir(Nw::$lang['common']['pg_not_exist'], false, 'news-21.html?t=' . $param_tpl); } /** * Affichage du logo **/ inc_lib('news/get_news_logs'); $donnees_logs = get_news_logs($get_param, 'l_date DESC', $page, Nw::$pref['nb_logs_admin']); foreach ($donnees_logs as $donnees) { Nw::$tpl->setBlock('log', array('ACTION' => $donnees['l_action'], 'ACTION_LOG' => isset(Nw::$lang['news']['log_news_' . $donnees['l_action']]) ? Nw::$lang['news']['log_news_' . $donnees['l_action']] : '', 'TEXTE' => nl2br($donnees['l_texte']), 'DATE' => date_sql($donnees['date'], $donnees['heures_date'], $donnees['jours_date']), 'AUTEUR' => $donnees['u_pseudo'], 'AUTEUR_ID' => $donnees['u_id'], 'AUTEUR_AVATAR' => $donnees['u_avatar'], 'AUTEUR_ALIAS' => $donnees['u_alias'], 'NEWS_ID' => $donnees['l_id_news'], 'NEWS_TITRE' => $donnees['n_titre'], 'TITRE_ACTU' => $donnees['l_titre'], 'IP' => long2ip($donnees['l_ip']))); } Nw::$tpl->set(array('TITRE' => urldecode($param_tpl), 'LIST_PG' => list_pg($nombreDePages, $page, 'news-21%s.html?t=' . $param_tpl))); }
protected function main() { if (!is_logged_in()) { redir(Nw::$lang['common']['need_login'], false, 'users-10.html'); } $this->set_title(Nw::$lang['users']['item_mdp']); $this->set_tpl('membres/options_pass.html'); $this->add_css('forms.css'); $this->set_filAriane(array(Nw::$lang['users']['mes_options_title'] => array('users-60.html'), Nw::$lang['users']['item_mdp'] => array(''))); if (isset($_POST['submit']) && !multi_empty(trim($_POST['old']), trim($_POST['nw_pass1']), trim($_POST['nw_pass2']))) { $bf_token = 'jJ_=éZAç1l'; $ft_token = 'ù%*àè1ç0°dezf'; $pass_membre = insertBD(sha1($bf_token . trim($_POST['old']) . $ft_token)); if ($_POST['nw_pass1'] == $_POST['nw_pass2']) { if (Nw::$dn_mbr['u_password'] == $pass_membre) { inc_lib('users/chg_password'); chg_password($_POST['nw_pass1'], Nw::$dn_mbr['u_id']); if (!empty($_COOKIE['nw_pass'])) { $time_expire = time() + 10 * 365 * 24 * 3600; setcookie('nw_ident', Nw::$dn_mbr['u_id'], $time_expire); setcookie('nw_pass', $pass_membre, $time_expire); } redir(Nw::$lang['users']['mdp_change'], true, 'users-60.html'); } else { redir(Nw::$lang['users']['not_root_password'], false, 'users-63.html'); } } else { redir(Nw::$lang['users']['sames_password'], false, 'users-63.html'); } } }
protected function main() { // Si le paramètre ID manque if (empty($_GET['id']) || !is_numeric($_GET['id'])) { header('Location: news-70.html'); } inc_lib('news/news_exists'); if (news_exists($_GET['id']) == false) { redir(Nw::$lang['news']['news_not_exist'], false, 'news-70.html'); } inc_lib('news/get_info_news'); $donnees_news = get_info_news($_GET['id']); // Ce membre a le droit d'éditer la news ? if ($donnees_news['n_etat'] != 3 && !is_logged_in()) { redir(Nw::$lang['news']['not_view_news_perm'], false, './'); } $this->set_tpl('mobile/news/view_news.html'); $this->load_lang_file('news'); inc_lib('news/has_voted_news'); Nw::$tpl->set(array('ID' => $_GET['id'], 'ETAT' => $donnees_news['n_etat'], 'CAT_ID' => $donnees_news['c_id'], 'CAT_TITRE' => $donnees_news['c_nom'], 'AUTEUR' => $donnees_news['u_pseudo'], 'AUTEUR_ALIAS' => $donnees_news['u_alias'], 'AUTEUR_AVATAR' => $donnees_news['u_avatar'], 'DATE' => date_sql($donnees_news['date_news'], $donnees_news['heures_date_news'], $donnees_news['jours_date_news']), 'NBR_COMS' => sprintf(Nw::$lang['news']['nbr_comments_news'], $donnees_news['n_nbr_coms'], $donnees_news['n_nbr_coms'] > 1 ? Nw::$lang['news']['add_s_comments'] : ''), 'COMS' => $donnees_news['n_nbr_coms'], 'NB_VOT_VALID' => Nw::$pref['nb_votes_valid_news'], 'VOTES' => $donnees_news['n_nb_votes'], 'VOTES_NEG' => $donnees_news['n_nb_votes_neg'], 'IMAGE_ID' => $donnees_news['i_id'], 'IMAGE_NOM' => $donnees_news['i_nom'], 'SOURCE' => !empty($donnees_news['n_src_url']) ? $donnees_news['n_src_url'] : '', 'SOURCE_NOM' => !empty($donnees_news['n_src_nom']) ? $donnees_news['n_src_nom'] : '', 'TITRE' => $donnees_news['n_titre'], 'REWRITE' => rewrite($donnees_news['n_titre']), 'CONTENU' => $donnees_news['v_texte'], 'HAS_VOTED' => is_logged_in() ? $donnees_news['v_id_membre'] : 0)); // Màj du nombre de visualisations inc_lib('news/update_pg_vues'); update_pg_vues($_GET['id']); Nw::$tpl->set('INC_HEAD', empty($_SERVER['HTTP_AJAX'])); }
protected function main() { // Si le paramètre ID manque if (empty($_GET['id'])) { header('Location: ./'); } inc_lib('users/mbr_exists'); if (mbr_exists($_GET['id']) == false) { redir(Nw::$lang['users']['mbr_dont_exist'], false, 'users.html'); } inc_lib('users/get_info_mbr'); $donnees_profile = get_info_mbr($_GET['id']); $this->load_lang_file('users'); $this->load_lang_file('news'); $this->add_wid_in_content('view_profile.' . $donnees_profile['u_id']); $this->set_tpl('profile/list_comments.html'); $this->set_title(sprintf(Nw::$lang['profile']['profile_title'], $donnees_profile['u_pseudo'])); $this->add_css('code.css'); $this->add_js('profil.js'); $this->set_filAriane(array(Nw::$lang['users']['members_section'] => array('users.html'), $donnees_profile['u_pseudo'] => array('./profile/' . $donnees_profile['u_alias'] . '/'), Nw::$lang['profile']['title_cmts_author'] => array(''))); $params_contrib = array(); $params_contrib[] = 'c_id_membre = ' . intval($_GET['id']); if (!is_logged_in()) { $params_contrib[] = 'n_etat = 3'; } inc_lib('profile/count_comments_mbr'); $nombre_cmts = count_comments_mbr(implode(' AND ', $params_contrib)); // Pagination $page = isset($_GET['page']) ? intval($_GET['page']) : 1; $nombreDePages = ceil($nombre_cmts / Nw::$pref['ppl_nb_comments']); // On vérifie bien que la page existe if ($nombreDePages > 0 && $page > $nombreDePages) { redir(Nw::$lang['common']['pg_not_exist'], false, './'); } inc_lib('profile/get_comments_mbr'); $com_cours = 0; $list_cmts = get_comments_mbr(implode(' AND ', $params_contrib), 'c_date DESC', $page, Nw::$pref['ppl_nb_comments']); foreach ($list_cmts as $donnees_cmts) { ++$com_cours; $droit_edit = false; $droit_delete = false; if (is_logged_in()) { $droit_edit = (bool) (Nw::$droits['can_edit_my_comments'] && $donnees_cmts['u_id'] == Nw::$dn_mbr['u_id']) || Nw::$droits['can_edit_all_comments']; $droit_delete = (bool) (Nw::$droits['can_del_my_comments'] && $donnees_cmts['u_id'] == Nw::$dn_mbr['u_id']) || Nw::$droits['can_del_all_comments']; } $date_cmt = date_sql($donnees_cmts['date'], $donnees_cmts['heures_date'], $donnees_cmts['jours_date']); $masque_motif = ''; if ($donnees_cmts['c_masque']) { $date_cmt = sprintf(Nw::$lang['news']['del_cmt_with_reason'], strtolower(date_sql($donnees_cmts['date'], $donnees_cmts['heures_date'], $donnees_cmts['jours_date']))); if (!empty($donnees_cmts['c_masque_raison'])) { $masque_motif = ' (' . sprintf(Nw::$lang['news']['motif_delete_cmt'], $donnees_cmts['c_masque_raison']) . ')'; } } Nw::$tpl->setBlock('cmt', array('ID' => $donnees_cmts['c_id'], 'ID_NEWS' => $donnees_cmts['c_id_news'], 'REWRITE' => rewrite($donnees_cmts['n_titre']), 'CAT_REWRITE' => $donnees_cmts['c_rewrite'], 'NUM' => ($page - 1) * Nw::$pref['nb_cmts_page'] + $com_cours, 'DATE' => $date_cmt, 'AVATAR' => $donnees_cmts['u_avatar'], 'LANG_AVATAR' => sprintf(Nw::$lang['news']['lang_avatar'], $donnees_cmts['u_pseudo']), 'AUTEUR' => $donnees_cmts['u_pseudo'], 'AUTEUR_ID' => $donnees_cmts['u_id'], 'AUTEUR_ALIAS' => $donnees_cmts['u_alias'], 'TEXTE' => $donnees_cmts['c_texte'], 'PLUSSOIE' => $donnees_cmts['c_plussoie'], 'GRP_TITRE' => $donnees_cmts['g_titre'], 'GRP_ICON' => $donnees_cmts['g_icone'], 'IP' => long2ip($donnees_cmts['c_ip']), 'MASQUE' => $donnees_cmts['c_masque'], 'MASQUE_MOTIF' => $masque_motif, 'EDIT' => $droit_edit, 'DELETE' => $droit_delete)); } Nw::$tpl->set(array('NOMBRE_CMTS' => $nombre_cmts, 'LIST_PG' => list_pg($nombreDePages, $page, 'profile-135-' . $_GET['id'] . '%s.html'))); inc_lib('profile/assign_required_vars_profile'); assign_required_vars_profile($donnees_profile); }
public function requireLogin() { global $whmcs; if ($this->isLoggedIn()) { if (WHMCS_Session::get("2fabackupcodenew")) { $this->setTemplate("logintwofa"); $twofa = new WHMCS_2FA(); if ($twofa->setClientID($this->getUserID())) { $backupcode = $twofa->generateNewBackupCode(); $this->assign("newbackupcode", $backupcode); WHMCS_Session::delete("2fabackupcodenew"); } else { $this->assign("newbackupcodeerror", true); } $this->output(); exit; } return true; } $_SESSION['loginurlredirect'] = html_entity_decode($_SERVER['REQUEST_URI']); if (WHMCS_Session::get("2faverifyc")) { $this->setTemplate("logintwofa"); if (WHMCS_Session::get("2fabackupcodenew")) { $this->assign("newbackupcode", true); } else { if ($whmcs->get_req_var("incorrect")) { $this->assign("incorrect", true); } } $twofa = new WHMCS_2FA(); if ($twofa->setClientID(WHMCS_Session::get("2faclientid"))) { if (!$twofa->isActiveClients() || !$twofa->isEnabled()) { WHMCS_Session::destroy(); redir(); } if ($whmcs->get_req_var("backupcode")) { $this->assign("backupcode", true); } else { $challenge = $twofa->moduleCall("challenge"); if ($challenge) { $this->assign("challenge", $challenge); } else { $this->assign("error", "Bad 2 Factor Auth Module. Please contact support."); } } } else { $this->assign("error", "An error occurred. Please try again."); } } else { $this->setTemplate("login"); $this->assign("loginpage", true); $this->assign("formaction", "dologin.php"); if ($whmcs->get_req_var("incorrect")) { $this->assign("incorrect", true); } } $this->output(); exit; }
function user_redir() { global $session; if ($session->level != 'anonymous') { // it's already logged in, it's not logging out... so what the hell redir(); } }
function requireLogin($type = 'login') { global $email; global $url; if ($email == 'guest') { die(redir('/index.php?error=' . $type . '&ref=' . urlencode($_SERVER['REQUEST_URI']))); } }
function page_admin_menu_page_attach($id) { $page_title = menu_page_title($id); db_query("INSERT INTO pages (short) VALUES ('%s')", $page_title); $page_id = db_last_id(); db_query("UPDATE menu SET page_id=%d WHERE id=%d", $page_id, $id); redir("admin/edit/pages/content/{$page_id}&back=" . form_post("back")); }
function index() { if (is_logged()) { redir("dashboard"); } else { redir("account/login"); } }