mainpage(); } else { login(); } } else { $action = htmlspecialchars($_REQUEST['action']); } /* Do the action that is set in $action variable */ if ($action == 'login') { checkpassword(); $_SESSION['logged'] = 'Y'; pj_session_regenerate_id(); mainpage(); } elseif ($action == 'save') { checklogin(); savelink(); } elseif ($action == 'edit') { checklogin(); editlink(); } elseif ($action == 'backup') { checklogin(); sendbackup(); } elseif ($action == 'remove') { checklogin(); removelink(); } elseif ($action == 'reset') { checklogin(); resetlink(); } elseif ($action == 'add') { checklogin(); add();
} elseif (SEC_checkToken()) { $type = ''; if (isset($_POST['type'])) { $type = COM_applyFilter($_POST['type']); } $display .= deleteLink($lid, $type); } else { COM_accessLog("User {$_USER['username']} tried to illegally delete link {$lid} and failed CSRF checks."); echo COM_refresh($_CONF['site_admin_url'] . '/index.php'); } } elseif ($mode == $LANG_ADMIN['save'] && !empty($LANG_ADMIN['save']) && SEC_checkToken()) { $cid = ''; if (isset($_POST['cid'])) { $cid = $_POST['cid']; } $display .= savelink(COM_applyFilter($_POST['lid']), COM_applyFilter($_POST['old_lid']), $cid, $_POST['categorydd'], $_POST['url'], $_POST['description'], $_POST['title'], COM_applyFilter($_POST['hits'], true), COM_applyFilter($_POST['owner_id'], true), COM_applyFilter($_POST['group_id'], true), $_POST['perm_owner'], $_POST['perm_group'], $_POST['perm_members'], $_POST['perm_anon']); } else { if ($mode == 'editsubmission') { $display .= editlink($mode, COM_applyFilter($_GET['id'])); $display = COM_createHTMLDocument($display, array('pagetitle' => $LANG_LINKS_ADMIN[1])); } else { if ($mode == 'edit') { if (empty($_GET['lid'])) { $display .= editlink($mode); } else { $display .= editlink($mode, COM_applyFilter($_GET['lid'])); } $display = COM_createHTMLDocument($display, array('pagetitle' => $LANG_LINKS_ADMIN[1])); } else { // 'cancel' or no mode at all if (isset($_GET['msg'])) {
function prev_next_link($prevnext, $option) { $database =& JFactory::getDBO(); $jdate = JFactory::getDate(); $act = JRequest::getCmd('act', '', 'post'); $link_id = JRequest::getInt('link_id', '', 'post'); $post = JRequest::get('post'); $database->setQuery('SELECT link_id FROM #__mt_links WHERE link_approved <= 0 ORDER BY link_created ASC, link_modified DESC'); $links = $database->loadResultArray(); if (array_key_exists(array_search($link_id, $links) + 1, $links)) { $next_link_id = $links[array_search($link_id, $links) + 1]; } else { $next_link_id = 0; } if (array_key_exists(array_search($link_id, $links) - 1, $links)) { $prev_link_id = $links[array_search($link_id, $links) - 1]; } else { $prev_link_id = 0; } if ($prevnext == "next") { if ($next_link_id > 0) { $post['returntask'] = "editlink&link_id=" . $next_link_id; } else { $post['returntask'] = "listpending_links"; } } elseif ($prevnext == "prev") { if ($prev_link_id > 0) { $post['returntask'] = "editlink&link_id=" . $prev_link_id; } else { $post['returntask'] = "listpending_links"; } } switch ($act) { case "ignore": savelink($option, $post); break; case "discard": removeLinks(array($link_id), $option, $post); break; case "approve": $post['publishing']['link_approved'] = 1; $post['publishing']['link_published'] = 1; $post['publishing']['link_created'] = $jdate->toMySQL(); savelink($option, $post); break; } }