//
if (count($content["file_list"])) {
foreach ($content["file_list"] as $key => $value) {
if (intval($value)) {
$content["file_list"][$key] = intval($value);
} else {
unset($content["file_list"][$key]);
}
}
if (count($content["file_list"])) {
$content["file_id_list"] = implode(":", $content["file_list"]);
} else {
$content["file_id_list"] = '';
}
}
$content["file_descr"] = explode("\n", slweg($_POST["cfile_descr"], 0, false));
//
// now check if there are more settings for each file - explode by |
//
// [0] = normal file description like before
// [1] = name the file (it's not the file name)
// [2] = title
// [3] = target (where to open a new file -> default is _blank even if empty
// [4] = if it is an image try to show a thumbnail instead of the file icon -> here thumbnail WIDTHxHEIGHT
if (count($content["file_descr"])) {
foreach ($content["file_descr"] as $key => $value) {
$value = explode('|', $value, 5);
$value[0] = trim($value[0], ' ');
$value[1] = empty($value[1]) ? '' : trim($value[1]);
$value[2] = empty($value[2]) ? '' : trim($value[2]);
$value[3] = empty($value[3]) ? '' : trim($value[3]);
**/
// ----------------------------------------------------------------
// obligate check for phpwcms constants
if (!defined('PHPWCMS_ROOT')) {
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
// try
if (isset($_GET['edit'])) {
$glossary['id'] = intval($_GET['edit']);
} else {
$glossary['id'] = 0;
}
// process post form
if (isset($_POST['glossary_title'])) {
$glossary['data'] = array('glossary_id' => intval($_POST['glossary_id']), 'glossary_title' => clean_slweg($_POST['glossary_title']), 'glossary_created' => date('Y-m-d H:i:s'), 'glossary_changed' => date('Y-m-d H:i:s'), 'glossary_tag' => clean_slweg($_POST['glossary_tag']), 'glossary_keyword' => clean_slweg($_POST['glossary_keyword']), 'glossary_text' => slweg($_POST['glossary_text']), 'glossary_object' => array(), 'glossary_status' => empty($_POST['glossary_status']) ? 0 : 1, 'glossary_highlight' => empty($_POST['glossary_highlight']) ? 0 : 1);
if (empty($glossary['data']['glossary_title'])) {
$glossary['error']['glossary_title'] = 1;
}
if (empty($glossary['data']['glossary_keyword'])) {
$glossary['error']['glossary_keyword'] = 1;
} else {
$sql = 'SELECT COUNT(*) FROM ' . DB_PREPEND . "phpwcms_glossary ";
$sql .= "WHERE glossary_keyword LIKE '" . aporeplace($glossary['data']['glossary_keyword']);
$sql .= "' AND glossary_id <> " . $glossary['data']['glossary_id'];
if (_dbQuery($sql, 'COUNT')) {
$glossary['error']['glossary_keyword'] = 1;
}
}
if (!isset($glossary['error'])) {
if ($glossary['data']['glossary_id']) {
} else {
$_temp = '';
}
$plugin['data']['shopprod_size'] = $_temp . implode(LF, $plugin['data']['shopprod_size']);
$plugin['data']['shopprod_color'] = explode(LF, $plugin['data']['shopprod_color']);
if (count($plugin['data']['shopprod_color']) > 3) {
$_temp = array_shift($plugin['data']['shopprod_color']) . LF;
natsort($plugin['data']['shopprod_color']);
} else {
$_temp = '';
}
$plugin['data']['shopprod_color'] = $_temp . implode(LF, $plugin['data']['shopprod_color']);
$plugin['data']['shopprod_netgross'] = empty($_POST['shopprod_netgross']) ? 0 : 1;
//0 = net, 1 = gross
$plugin['data']['shopprod_description0'] = slweg($_POST['shopprod_description0']);
$plugin['data']['shopprod_description1'] = slweg($_POST['shopprod_description1']);
$plugin['data']['shopprod_description2'] = clean_slweg($_POST['shopprod_description2']);
$plugin['data']['shopprod_description3'] = clean_slweg($_POST['shopprod_description3']);
$plugin['data']['shopprod_url'] = clean_slweg($_POST['shopprod_url']);
// Shop product language
$plugin['data']['shopprod_lang'] = empty($_POST['shopprod_lang']) ? '' : strtolower(clean_slweg($_POST['shopprod_lang']));
$plugin['data']['shopprod_status'] = empty($_POST['shopprod_status']) ? 0 : 1;
$plugin['data']['shopprod_listall'] = empty($_POST['shopprod_listall']) ? 0 : 1;
$plugin['data']['shopprod_overwrite_meta'] = empty($_POST['shopprod_overwrite_meta']) ? 0 : 1;
$plugin['data']['shopprod_opengraph'] = empty($_POST['shopprod_opengraph']) ? 0 : 1;
$plugin['data']['shopprod_category'] = isset($_POST['shopprod_category']) && is_array($_POST['shopprod_category']) ? $_POST['shopprod_category'] : array();
if (!$plugin['data']['shopprod_name1']) {
$plugin['error']['shopprod_name1'] = 'No name';
}
if (!$plugin['data']['shopprod_ordernumber']) {
$plugin['error']['shopprod_ordernumber'] = 'No order number';
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
$new_login = genlogname();
$new_password = generic_string(8);
$new_email = '';
$new_name = '';
$set_user_aktiv = 0;
$set_user_admin = 0;
$set_user_fe = 0;
$send_verification = 1;
$user_err = '';
if (isset($_POST["form_aktion"]) && $_POST["form_aktion"] == "create_account") {
//Create Account Daten verarbeiten
$new_login = slweg($_POST["form_newloginname"]);
$new_password = slweg($_POST["form_newpassword"]);
$new_email = clean_slweg($_POST["form_newemail"]);
$new_name = clean_slweg($_POST["form_newrealname"]);
$set_user_aktiv = isset($_POST["form_active"]) ? 1 : 0;
$set_user_admin = isset($_POST["form_admin"]) ? 1 : 0;
$set_user_fe = isset($_POST["form_feuser"]) ? intval($_POST["form_feuser"]) : 0;
if ($set_user_admin) {
$set_user_fe = 2;
}
$send_verification = isset($_POST["verification_email"]) ? 1 : 0;
if (isEmpty($new_login)) {
$user_err = $BL['be_admin_usr_err2'] . "\n";
} else {
$sql = "SELECT COUNT(*) AS anzahl FROM " . DB_PREPEND . "phpwcms_user WHERE usr_login='******'";
if ($result = mysql_query($sql, $db)) {
if ($check_anzahl = mysql_fetch_array($result)) {
**/
// ----------------------------------------------------------------
// obligate check for phpwcms constants
if (!defined('PHPWCMS_ROOT')) {
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
// try
if (isset($_GET['edit'])) {
$plugin['id'] = intval($_GET['edit']);
} else {
$plugin['id'] = 0;
}
// process post form
if (isset($_POST['adplace_title'])) {
$plugin['data'] = array('adplace_id' => intval($_POST['adplace_id']), 'adplace_title' => clean_slweg($_POST['adplace_title']), 'adplace_created' => date('Y-m-d H:i:s'), 'adplace_changed' => date('Y-m-d H:i:s'), 'adplace_status' => empty($_POST['adplace_status']) ? 0 : 1, 'adplace_format' => intval($_POST['adplace_format']), 'adplace_width' => intval($_POST['adplace_width']), 'adplace_height' => intval($_POST['adplace_height']), 'adplace_prefix' => slweg($_POST['adplace_prefix']), 'adplace_suffix' => slweg($_POST['adplace_suffix']));
if (empty($plugin['data']['adplace_title'])) {
$plugin['error']['adplace_title'] = 1;
}
if (empty($plugin['data']['adplace_format'])) {
$plugin['error']['adplace_format'] = 1;
}
if (!isset($plugin['error'])) {
if ($plugin['data']['adplace_id']) {
// UPDATE
$sql = 'UPDATE ' . DB_PREPEND . 'phpwcms_ads_place SET ';
$sql .= "adplace_changed='" . aporeplace($plugin['data']['adplace_changed']) . "', ";
$sql .= "adplace_status=" . $plugin['data']['adplace_status'] . ", ";
$sql .= "adplace_title='" . aporeplace($plugin['data']['adplace_title']) . "', ";
$sql .= "adplace_format=" . $plugin['data']['adplace_format'] . ", ";
$sql .= "adplace_width=" . $plugin['data']['adplace_width'] . ", ";
// Content Type Reference
$content['reference']["list"] = isset($_POST["cimage_list"]) ? $_POST["cimage_list"] : array();
$content['reference']["width"] = intval($_POST["creference_width"]) ? intval($_POST["creference_width"]) : '';
$content['reference']["height"] = intval($_POST["creference_height"]) ? intval($_POST["creference_height"]) : '';
$content['reference']["blockwidth"] = intval($_POST["creference_blockwidth"]) ? intval($_POST["creference_blockwidth"]) : '';
$content['reference']["blockheight"] = intval($_POST["creference_blockheight"]) ? intval($_POST["creference_blockheight"]) : '';
$temp_width = $content['reference']["width"];
$temp_height = $content['reference']["height"];
$content['reference']["space"] = intval($_POST["creference_space"]);
$content['reference']["pos"] = intval($_POST["creference_pos"]);
$content['reference']["border"] = intval($_POST["creference_border"]);
$content['reference']["listborder"] = intval($_POST["creference_listborder"]);
$content['reference']["basis"] = intval($_POST["creference_basis"]);
$content['reference']["caption"] = clean_slweg($_POST["creference_caption"]);
$content['reference']["zoom"] = isset($_POST["creference_zoom"]) ? intval($_POST["creference_zoom"]) : 0;
$content['reference']["text"] = html_specialchars(slweg($_POST["creference_text"]));
$content['reference']["tmpl"] = clean_slweg($_POST["creference_tmpl"]);
$content['reference']['showlist'] = 0;
if (is_array($content['reference']["list"]) && count($content['reference']["list"])) {
$img_sql = "SELECT * FROM " . DB_PREPEND . "phpwcms_file WHERE (";
$imgx = 0;
foreach ($content['reference']["list"] as $key => $value) {
unset($content['reference']["list"][$key]);
$content['reference']["list"][$key]['img_id'] = intval($value);
if ($imgx) {
$img_sql .= " OR ";
}
$img_sql .= "f_id=" . $content['reference']["list"][$key]['img_id'];
$imgx++;
}
$img_sql .= ");";
CONTENT IMAGELIST</strong></a><br />
4) <a href="upgrade_articleimg.php" target="_blank"><strong>UPGRADE ARTICLE
SUMMARY IMAGE</strong></a></p>
<h1>When upgrading from releases older than 1.2.9:</h1>
<p>5) <a href="upgrade_pagelayout.php" target="_blank"><strong>UPGRADE PAGELAYOUT</strong></a></p>
<h1>When upgrading from releases older than 1.3.1:</h1>
<p>6) <a href="upgrade_multimedia.php" target="_blank"><strong>UPGRADE CONTENT PART MULTIMEDIA</strong></a></p>
<p>7) <a href="upgrade_articlealias.php" target="_blank"><strong>UPDATE ARTICLE ALIAS</strong></a></p>
<h1>Update old default article end date 2010-12-31, 23:59:59:</h1>
<p>8) <a href="upgrade_articledate.php" target="_blank"><strong>SET ARTICLE END 2010-12-31, 23:59:59 plus 20 YEARS</strong></a></p>
<?php
$do = 0;
if (isset($_POST['sqlfile']) && isset($_GET["do"]) && $_GET["do"] == "upgrade") {
$file = str_replace('inc/showsql.php?f=', '', slweg($_POST['sqlfile']));
if (file_exists("update_sql/" . $file)) {
$do = 1;
}
}
if ($do) {
@mysql_query('SET storage_engine=MYISAM', $db);
if ($phpwcms['db_version'] > 40100) {
$value = "SET SQL_MODE='NO_AUTO_VALUE_ON_ZERO'";
@mysql_query($value, $db);
$value = "SET NAMES '" . $phpwcms['db_charset'] . "'" . (empty($phpwcms['db_collation']) ? '' : " COLLATE '" . $phpwcms['db_collation'] . "'");
@mysql_query($value, $db);
}
$sql_data = read_textfile("update_sql/" . $file);
$sql_data = preg_replace("/#.*.\n/", "", $sql_data);
$sql_data = preg_replace("/ `phpwcms/", " `" . DB_PREPEND . "phpwcms", $sql_data);
$new_password = slweg($_POST["form_password"]);
if (strlen($new_password) < 5) {
$err .= str_replace('{VAL}', strlen($new_password), $BL['be_profile_account_err2']) . "\n";
}
}
} else {
$err .= $BL['be_profile_account_err3'] . "\n";
}
$new_email = slweg(trim($_POST["form_useremail"]));
if ($new_email != $_SESSION["wcs_user_email"]) {
if (!is_valid_email($new_email)) {
$err .= str_replace('{VAL}', html($new_email), $BL['be_profile_account_err4']) . "\n";
}
}
if ($_POST["form_lang"]) {
$new_language = slweg(trim($_POST["form_lang"]));
} else {
$new_language = $phpwcms["default_lang"];
}
$new_wysiwyg = empty($_POST['form_wysiwyg']) ? 0 : intval($_POST['form_wysiwyg']);
$user_var['template'] = empty($_POST['form_wysiwyg_template']) ? '' : clean_slweg($_POST['form_wysiwyg_template']);
if (isset($_POST['profile_cp_total'])) {
$profile_cp_total = intval($_POST['profile_cp_total']);
$profile_account_cp_total = isset($_POST['profile_account_cp']) && is_array($_POST['profile_account_cp']) ? count($_POST['profile_account_cp']) : 0;
if (!$profile_account_cp_total || $profile_account_cp_total === $profile_cp_total) {
$user_var['selected_cp'] = array();
} else {
$user_var['selected_cp'] = array();
foreach ($_POST['profile_account_cp'] as $cp) {
$cp = intval($cp);
$user_var['selected_cp'][$cp] = $cp;
}
$phpwcms['SMTP_HOST'] = clean_slweg($_POST["smtp_host"]);
if (!$phpwcms['SMTP_HOST']) {
$phpwcms['SMTP_HOST'] = 'localhost';
}
$phpwcms['SMTP_PORT'] = intval($_POST["smtp_port"]);
if (!$phpwcms['SMTP_PORT']) {
$phpwcms['SMTP_PORT'] = 25;
}
$phpwcms['SMTP_MAILER'] = clean_slweg($_POST["smtp_mailer"]);
if (!$phpwcms['SMTP_MAILER']) {
$phpwcms['SMTP_MAILER'] = 'mail';
}
$phpwcms['SMTP_AUTH'] = empty($_POST["smtp_auth"]) ? 0 : 1;
$phpwcms['SMTP_USER'] = slweg($_POST["smtp_user"]);
$phpwcms['SMTP_PASS'] = slweg($_POST["smtp_pass"]);
$phpwcms['SMTP_SECURE'] = clean_slweg($_POST["smtp_secure"]);
write_conf_file($phpwcms);
if (!empty($_POST["admin_create"])) {
$db = mysql_connect($phpwcms["db_host"], $phpwcms["db_user"], $phpwcms["db_pass"]);
mysql_select_db($phpwcms["db_table"], $db);
mysql_query("SET NAMES '" . $phpwcms["charset"] . "'", $db);
$phpwcms["db_prepend"] = $phpwcms["db_prepend"] ? $phpwcms["db_prepend"] . "_" : "";
$sql = "INSERT INTO " . $phpwcms["db_prepend"] . "phpwcms_user (usr_login, usr_pass, usr_email, " . "usr_admin, usr_aktiv, usr_name, usr_fe, usr_wysiwyg ) VALUES ('" . aporeplace($phpwcms["admin_user"]) . "', '" . aporeplace(md5($phpwcms["admin_pass"])) . "', '" . aporeplace($phpwcms["admin_email"]) . "', 1, 1, '" . aporeplace($phpwcms['SMTP_FROM_NAME']) . "', 2, 2);";
mysql_query($sql, $db) or $err = 1;
}
if (!$err) {
header("Location: setup.php?step=3");
exit;
}
}
<?php
/**
* phpwcms content management system
*
* @author Oliver Georgi <*****@*****.**>
* @copyright Copyright (c) 2002-2015, Oliver Georgi
* @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2
* @link http://www.phpwcms.de
*
**/
// ----------------------------------------------------------------
// obligate check for phpwcms constants
if (!defined('PHPWCMS_ROOT')) {
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
// Content Type Code
$content["code"] = slweg($_POST["ccode"], 0, false);
// do not trim
$content["template"] = clean_slweg($_POST['template']);
define('FELOGIN_ERROR_WRONG_PASS', empty($FELOGIN['FELOGIN_ERROR_WRONG_PASS']) ? 'Wrong password' : $FELOGIN['FELOGIN_ERROR_WRONG_PASS']);
}
}
// check if we are in right section
if (defined('FELOGIN_LEVEL_DEPTH') && isset($LEVEL_ID[FELOGIN_LEVEL_DEPTH]) && $LEVEL_ID[FELOGIN_LEVEL_DEPTH] == FELOGIN_LEVEL_ID) {
if (isset($_GET['logout']) && $_GET['logout'] == FELOGIN_LOGOUT_GET_VALUE) {
unset($_SESSION['FELOGIN_IS_LOGGED'], $_SESSION['FELOGIN_USER_NAME']);
headerRedirect(PHPWCMS_URL . 'index.php' . (isset($LEVEL_ID[FELOGIN_CHILD_LEVEL]) ? '?id=' . $LEVEL_ID[FELOGIN_CHILD_LEVEL] : ''), 401);
}
$FELOGIN_ERROR = array();
if (isset($LEVEL_ID[FELOGIN_CHILD_LEVEL]) && isset($FELOGIN[$LEVEL_ID[FELOGIN_CHILD_LEVEL]])) {
$FELOGIN = $FELOGIN[$LEVEL_ID[FELOGIN_CHILD_LEVEL]];
// OK, user is trying to login
if (isset($_POST['feSubmit'])) {
$FELOGIN_USER_NAME = empty($_POST['feLogin']) ? '' : slweg($_POST['feLogin']);
$FELOGIN_USER_PASS = empty($_POST['fePassword']) ? '' : slweg($_POST['fePassword']);
if (empty($FELOGIN_USER_NAME)) {
$FELOGIN_ERROR[] = FELOGIN_ERROR_EMPTY_USER;
unset($_SESSION['FELOGIN_IS_LOGGED'], $_SESSION['FELOGIN_USER_NAME']);
} elseif (!isset($FELOGIN[$FELOGIN_USER_NAME])) {
$FELOGIN_ERROR[] = FELOGIN_ERROR_UNKNOWN_USER;
unset($_SESSION['FELOGIN_IS_LOGGED'], $_SESSION['FELOGIN_USER_NAME']);
} else {
$_SESSION['FELOGIN_USER_NAME'] = $FELOGIN_USER_NAME;
if (empty($FELOGIN_USER_PASS)) {
$FELOGIN_ERROR[] = FELOGIN_ERROR_EMPTY_PASS;
unset($_SESSION['FELOGIN_IS_LOGGED']);
} elseif ($FELOGIN[$FELOGIN_USER_NAME] !== $FELOGIN_USER_PASS) {
$FELOGIN_ERROR[] = FELOGIN_ERROR_WRONG_PASS;
unset($_SESSION['FELOGIN_IS_LOGGED']);
} else {
* @author Oliver Georgi <*****@*****.**>
* @copyright Copyright (c) 2002-2015, Oliver Georgi
* @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2
* @link http://www.phpwcms.de
*
**/
// ----------------------------------------------------------------
// obligate check for phpwcms constants
if (!defined('PHPWCMS_ROOT')) {
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
$plugin['id'] = isset($_GET['edit']) ? intval($_GET['edit']) : 0;
// process post form
if (isset($_POST['calendar_title'])) {
$plugin['data'] = array('calendar_id' => intval($_POST['calendar_id']), 'calendar_title' => clean_slweg($_POST['calendar_title']), 'calendar_created' => date('Y-m-d H:i:s'), 'calendar_changed' => date('Y-m-d H:i:s'), 'calendar_tag' => clean_slweg($_POST['calendar_tag']), 'calendar_lang' => isset($_POST['calendar_lang']) ? preg_replace('/[^a-z\\-]/', '', strtolower($_POST['calendar_lang'])) : '', 'calendar_teaser' => clean_slweg($_POST['calendar_teaser']), 'calendar_text' => slweg($_POST['calendar_text']), 'calendar_object' => array(), 'calendar_status' => empty($_POST['calendar_status']) ? 0 : 1, 'calendar_start_date' => clean_slweg($_POST['calendar_start_date']), 'calendar_start_time' => clean_slweg($_POST['calendar_start_time']), 'calendar_end_date' => clean_slweg($_POST['calendar_end_date']), 'calendar_end_time' => clean_slweg($_POST['calendar_end_time']), 'calendar_allday' => empty($_POST['calendar_allday']) ? 0 : 1, 'calendar_range' => intval($_POST['calendar_range']), 'calendar_where' => clean_slweg($_POST['calendar_where']), 'calendar_refid' => clean_slweg($_POST['calendar_refid']), 'calendar_duplicate' => empty($_POST['calendar_duplicate']) ? 0 : 1, 'calendar_rangestart' => clean_slweg($_POST['calendar_range_start']), 'calendar_rangeend' => clean_slweg($_POST['calendar_range_end']), 'calendar_image' => array('id' => intval($_POST['cnt_image_id']), 'name' => clean_slweg($_POST['cnt_image_name']), 'zoom' => empty($_POST['cnt_image_zoom']) ? 0 : 1, 'lightbox' => empty($_POST['cnt_image_lightbox']) ? 0 : 1, 'caption' => clean_slweg($_POST['cnt_image_caption']), 'link' => clean_slweg($_POST['cnt_image_link'])));
if ($plugin['data']['calendar_range'] > 7) {
$plugin['data']['calendar_range'] = 0;
}
if (!$plugin['data']['calendar_range']) {
$plugin['data']['calendar_rangestart'] = $plugin['data']['calendar_start_date'];
$plugin['data']['calendar_rangeend'] = $plugin['data']['calendar_end_date'];
}
// clean up date/time
include_once $phpwcms['modules'][$module]['path'] . 'inc/processing.datetime.inc.php';
if (empty($plugin['data']['calendar_title'])) {
$plugin['error']['calendar_title'] = 1;
}
if (!isset($glossary['error'])) {
if ($plugin['data']['calendar_duplicate']) {
$plugin['data']['calendar_id'] = 0;
* @author Oliver Georgi <*****@*****.**>
* @copyright Copyright (c) 2002-2015, Oliver Georgi
* @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2
* @link http://www.phpwcms.de
*
**/
// ----------------------------------------------------------------
// obligate check for phpwcms constants
if (!defined('PHPWCMS_ROOT')) {
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
// recipe
$content['recipe'] = array();
$content['recipe']['preparation'] = slweg($_POST['recipe_preparation']);
$content['recipe']['calorificvalue'] = intval($_POST['recipe_calorificvalue']);
$content['recipe']['calorificvalue_add'] = slweg($_POST['recipe_calorificvalue_add']);
$content['recipe']['ingredients'] = clean_slweg($_POST['recipe_ingredients']);
$content['recipe']['time'] = intval($_POST['recipe_time']);
$content['recipe']['time_add'] = slweg($_POST['recipe_time_add']);
$content['recipe']['category'] = clean_slweg($_POST['recipe_category']);
$content['recipe']['severity'] = intval($_POST['recipe_severity']);
$content['recipe']['template'] = clean_slweg($_POST['recipe_template']);
if ($content['recipe']['severity'] < 1) {
$content['recipe']['severity'] = 1;
} elseif ($content['recipe']['severity'] > 5) {
$content['recipe']['severity'] = 5;
}
$content['recipe']['category'] = convertStringToArray($content['recipe']['category']);
$content['recipe']['category'] = implode(', ', $content['recipe']['category']);
$content['recipe_search'] = optimizeForSearch($content['recipe']['preparation'], $content['recipe']['ingredients'], $content['recipe']['calorificvalue_add'], $content['recipe']['time_add'], $content['recipe']['category']);
}
}
}
}
//Get signature value of user
if ($result = mysql_query("SELECT detail_signature FROM " . DB_PREPEND . "phpwcms_userdetail WHERE detail_pid=" . $_SESSION["wcs_user_id"] . " LIMIT 1;")) {
if ($row = mysql_fetch_row($result)) {
if (trim($row[0])) {
$msg_message = "\n\n\t\n" . $row[0] . $msg_message;
}
}
}
if (isset($_POST['msg_send_aktion']) && intval($_POST['msg_send_aktion'])) {
$msg_subject = strip_tags(slweg(trim($_POST["msg_send_subject"])));
$msg_message = strip_tags(slweg($_POST["msg_send_msg"]));
$msg_to = slweg(trim($_POST["msg_send_receiver"]));
$msg_pid = intval($_POST['msg_send_pid']);
if (str_empty($msg_to)) {
$msg_err .= "- " . $BL['be_msg_err1'] . "\n";
}
if (str_empty($msg_subject)) {
$msg_err .= "- " . $BL['be_msg_err2'] . "\n";
}
if (str_empty($msg_message)) {
$msg_err .= "- " . $BL['be_msg_err3'] . "\n";
}
if (str_empty($msg_err)) {
//send message routine
$msg_receivers = explode(":", $msg_to);
foreach ($msg_receivers as $value) {
$sql = "INSERT INTO " . DB_PREPEND . "phpwcms_message (" . "msg_pid, msg_uid, msg_subject, msg_text, msg_to, msg_from) VALUES (" . $msg_pid . "," . intval($value) . ",'" . aporeplace($msg_subject) . "','" . aporeplace($msg_message) . "','" . aporeplace($msg_to) . "'," . $_SESSION["wcs_user_id"] . ");";
<?php
/**
* phpwcms content management system
*
* @author Oliver Georgi <*****@*****.**>
* @copyright Copyright (c) 2002-2015, Oliver Georgi
* @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2
* @link http://www.phpwcms.de
*
**/
// ----------------------------------------------------------------
// obligate check for phpwcms constants
if (!defined('PHPWCMS_ROOT')) {
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
// Content Type WYSIWYG HTML
$content["html"] = slweg($_POST["chtml"]);
$content["template"] = clean_slweg($_POST['template']);
* phpwcms content management system
*
* @author Oliver Georgi <*****@*****.**>
* @copyright Copyright (c) 2002-2015, Oliver Georgi
* @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2
* @link http://www.phpwcms.de
*
**/
// ----------------------------------------------------------------
// obligate check for phpwcms constants
if (!defined('PHPWCMS_ROOT')) {
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
// Content Type Form Email
$content["mailform"] = explode("\n", slweg($_POST["cmailform"]));
$content["mailform"] = array_diff($content["mailform"], array(''));
$content["mailsubject"] = clean_slweg($_POST["cmailsubject"]);
if (isEmpty($content["mailsubject"])) {
$content["mailsubject"] = "online webform email message";
}
$content["mailrecipient"] = clean_slweg($_POST["cmailrecipient"]);
if (!is_valid_email($content["mailrecipient"])) {
$content["error"]["mailrecipient"] = "proof recipient - email format error";
}
$content["mailbutton"] = clean_slweg($_POST["cmailbutton"]);
if (isEmpty($content["mailbutton"])) {
$content["mailbutton"] = "send";
}
$content["mailhtml"] = isset($_POST["cmailhtml"]) ? intval($_POST["cmailhtml"]) : 0;
if (is_array($content["mailform"]) && count($content["mailform"])) {
<?php
/**
* phpwcms content management system
*
* @author Oliver Georgi <*****@*****.**>
* @copyright Copyright (c) 2002-2015, Oliver Georgi
* @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2
* @link http://www.phpwcms.de
*
**/
session_start();
$phpwcms = array();
require_once '../../include/config/conf.inc.php';
require_once '../inc_lib/default.inc.php';
require_once PHPWCMS_ROOT . '/include/inc_lib/helper.session.php';
require_once PHPWCMS_ROOT . '/include/inc_lib/dbcon.inc.php';
require_once PHPWCMS_ROOT . '/include/inc_lib/general.inc.php';
checkLogin();
validate_csrf_tokens();
require_once PHPWCMS_ROOT . '/include/inc_lib/backend.functions.inc.php';
if ($_SESSION["wcs_user_admin"] == 1) {
//if user has admin rights
write_textfile(PHPWCMS_TEMPLATE . "inc_css/frontend.css", slweg($_POST["frontend_css"]));
}
$ref = empty($_SESSION['REFERER_URL']) ? PHPWCMS_URL . 'phpwcms.php?' . get_token_get_string('csrftoken') : $_SESSION['REFERER_URL'];
headerRedirect($ref);
if ($article["article_end"] == false) {
$article["article_end"] = date("Y-m-d H:i:s", time() + 3600 * 24 * 365 * 10);
$set_end = 1;
$article_err[] = $BL['be_article_err4'];
} else {
$article["article_end"] = date("Y-m-d H:i:s", $article["article_end"]);
$set_end = 1;
}
} else {
$article["article_end"] = date("Y-m-d H:i:s", time() + 3600 * 24 * 365 * 10);
$set_end = 0;
}
//Ende Check Date
$article['image'] = array();
$article['image']['tmpllist'] = slweg($_POST["article_tmpllist"]);
$article['image']['tmplfull'] = slweg($_POST["article_tmplfull"]);
// get summary image info for article detail
$article['image']['name'] = clean_slweg($_POST["cimage_name"]);
$article['image']['id'] = intval($_POST["cimage_id"]);
$article['image']['width'] = intval($_POST["cimage_width"]) ? intval($_POST["cimage_width"]) : '';
$article['image']['height'] = intval($_POST["cimage_height"]) ? intval($_POST["cimage_height"]) : '';
$article['image']['caption'] = clean_slweg($_POST["cimage_caption"]);
$article['image']['zoom'] = empty($_POST["cimage_zoom"]) ? 0 : 1;
$article['image']['lightbox'] = empty($_POST["cimage_lightbox"]) ? 0 : 1;
if (!RESPONSIVE_MODE && $article['image']['width'] > $phpwcms["content_width"] || $article['image']['width'] == '') {
$article['image']['width'] = $phpwcms["content_width"];
}
if ($article['image']['id']) {
// check for image information and get alle infos from file
$img_sql = "SELECT * FROM " . DB_PREPEND . "phpwcms_file WHERE f_id=";
$img_sql .= $article['image']['id'] . " LIMIT 1";
// Content Type Tabs
$content["tabs_template"] = clean_slweg($_POST['template']);
$content["tabs"] = array();
$content['search'] = '';
$content['html'] = array();
$content['tabwysiwygoff'] = empty($_POST['tabwysiwygoff']) ? 0 : 1;
// get all tabs
if (isset($_POST['tabtitle']) && is_array($_POST['tabtitle']) && count($_POST['tabtitle'])) {
$x = 0;
foreach ($_POST['tabtitle'] as $key => $value) {
$content["tabs"][$x]['tabtitle'] = clean_slweg($value);
if ($content["tabs"][$x]['tabtitle'] == '') {
$content["tabs"][$x]['tabtitle'] = $BL['be_tab_name'] . ' #' . ($x + 1);
}
$content["tabs"][$x]['tabheadline'] = empty($_POST['tabheadline'][$key]) ? '' : clean_slweg($_POST['tabheadline'][$key]);
$content["tabs"][$x]['tabtext'] = empty($_POST['tabtext'][$key]) ? '' : slweg($_POST['tabtext'][$key]);
$content["tabs"][$x]['tablink'] = empty($_POST['tablink'][$key]) ? '' : clean_slweg($_POST['tablink'][$key]);
$content['search'] .= strip_tags(trim($content["tabs"][$x]['tabtitle'] . ' ' . $content["tabs"][$x]['tabheadline'] . ' ' . $content["tabs"][$x]['tabtext'])) . ' ';
$content['html'][] = ' <dt>' . html_specialchars($content["tabs"][$x]['tabtitle']) . '</dt>';
$content['html'][] = ' <dd>';
if ($content["tabs"][$x]['tabheadline']) {
$content['html'][] = ' <h3>' . html_specialchars($content["tabs"][$x]['tabheadline']) . '</h3>';
}
if (!$content['tabwysiwygoff'] && strpos($content["tabs"][$x]['tabtext'], '<') === false) {
$content["tabs"][$x]['tabtext'] = plaintext_htmlencode($content["tabs"][$x]['tabtext']);
$content['html'][] = ' ' . $content["tabs"][$x]['tabtext'];
}
$content['html'][] = ' </dd>';
$x++;
}
}
}
if (isset($content['form']["fields"][$field_counter]['value']['calc'])) {
$mathspam['calc'] = $content['form']["fields"][$field_counter]['value']['calc'];
}
$content['form']["fields"][$field_counter]['value'] = $mathspam;
unset($mathspam);
break;
case 'recaptcha':
/*
* reCAPTCHA
*/
$content['form']["fields"][$field_counter]['name'] = 'recaptcha';
$content['form']["fields"][$field_counter]['size'] = '';
$content['form']["fields"][$field_counter]['max'] = '';
$content['form']["fields"][$field_counter]['required'] = 1;
$content['form']["fields"][$field_counter]['value'] = parse_ini_str(slweg($_POST['cform_field_value'][$key]), false);
$content['form']['recaptcha'] = array('site_key' => '', 'secret_key' => '', 'lang' => $phpwcms['default_lang'], 'theme' => 'light', 'type' => 'image');
if (isset($content['form']["fields"][$field_counter]['value']['site_key'])) {
$content['form']['recaptcha']['site_key'] = trim($content['form']["fields"][$field_counter]['value']['site_key']);
} elseif (isset($content['form']["fields"][$field_counter]['value']['public_key'])) {
$content['form']['recaptcha']['site_key'] = trim($content['form']["fields"][$field_counter]['value']['public_key']);
}
if (isset($content['form']["fields"][$field_counter]['value']['secret_key'])) {
$content['form']['recaptcha']['secret_key'] = trim($content['form']["fields"][$field_counter]['value']['secret_key']);
} elseif (isset($content['form']["fields"][$field_counter]['value']['private_key'])) {
$content['form']['recaptcha']['secret_key'] = trim($content['form']["fields"][$field_counter]['value']['private_key']);
}
if (!empty($content['form']["fields"][$field_counter]['value']['lang'])) {
$content['form']['recaptcha']['lang'] = strtolower($content['form']["fields"][$field_counter]['value']['lang']);
}
if (isset($content['form']["fields"][$field_counter]['value']['theme']) && in_array($content['form']["fields"][$field_counter]['value']['theme'], array('light', 'dark'))) {
<?php
/**
* phpwcms content management system
*
* @author Oliver Georgi <*****@*****.**>
* @copyright Copyright (c) 2002-2015, Oliver Georgi
* @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2
* @link http://www.phpwcms.de
*
**/
// ----------------------------------------------------------------
// obligate check for phpwcms constants
if (!defined('PHPWCMS_ROOT')) {
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
// PHP variables
$content["var"] = slweg($_POST["cvar"]);
$template["footertext"] = slweg($_POST["template_block_footer"]);
$template["lefttext"] = slweg($_POST["template_block_left"]);
$template["righttext"] = slweg($_POST["template_block_right"]);
$template["errortext"] = slweg($_POST["template_block_error"]);
$template["feloginurl"] = slweg($_POST["template_felogin_url"]);
$template["overwrite"] = clean_slweg($_POST["template_overwrite"]);
$template['jslib'] = clean_slweg($_POST["template_jslib"]);
$template['jslibload'] = empty($_POST["template_jslibload"]) ? 0 : 1;
$template['frontendjs'] = empty($_POST["template_frontendjs"]) ? 0 : 1;
$template['googleapi'] = empty($_POST["template_googleapi"]) ? 0 : 1;
// now browse custom blocks if available
if (!empty($_POST['customblock'])) {
$template['customblock'] = clean_slweg($_POST["customblock"]);
$temp_customblock = explode(',', $template['customblock']);
foreach ($temp_customblock as $value) {
$template['customblock_' . $value] = slweg($_POST['template_customblock_' . $value]);
}
}
if ($template["id"] && empty($createcopy)) {
// if ID <> 0 then get template info from database
$sql = "UPDATE " . DB_PREPEND . "phpwcms_template SET " . "template_name='" . aporeplace($template["name"]) . "', " . "template_default=" . $template["default"] . ", " . "template_var='" . aporeplace(serialize($template)) . "' " . "WHERE template_id=" . $template["id"];
} else {
// if ID = 0 then show create new template form
$sql = "INSERT INTO " . DB_PREPEND . "phpwcms_template (" . "template_name, template_default, template_var) VALUES ('" . aporeplace($template["name"]) . "', " . $template["default"] . ", '" . aporeplace(serialize($template)) . "')";
}
// update or insert data entry
@mysql_query($sql, $db) or die("error while updating or inserting template datas");
if (empty($template["id"]) || $createcopy == 1) {
$template["id"] = mysql_insert_id($db);
}
//now proof for default template definition
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
// Content Type Article List Menu
$content["alist"]["cat"] = isset($_POST['calist_cat']) ? intval($_POST['calist_cat']) : 0;
$content["alist"]["catid"] = intval($_POST['calist_catid']);
$content["alist"]["headertext"] = isset($_POST['calist_headertext']) ? 1 : 0;
$content["alist"]["ul"] = isset($_POST['calist_ul']) ? intval($_POST['calist_ul']) : 0;
$content["alist"]["class"] = clean_slweg($_POST['calist_class']);
$content["alist"]["maxchar"] = intval($_POST['calist_maxchar']);
$content["alist"]["morelink"] = slweg($_POST['calist_morelink']);
$content["alist"]["titlewrap"] = clean_slweg($_POST['calist_titlewrap']);
$content["alist"]["hideactive"] = empty($_POST['calist_hideactive']) ? 0 : 1;
$content["alist"]["titleasnumber"] = empty($_POST['calist_titleasnumber']) ? 0 : 1;
$content["alist"]["break"] = slweg($_POST['calist_break'], 0, false);
$content["alist"]["label"] = slweg($_POST['calist_label']);
switch ($content["alist"]["ul"]) {
case 4:
break;
// SPAN
// SPAN
case 3:
break;
// DL
// DL
case 2:
break;
// DIV
// DIV
case 1:
break;
$content["map"]["template"] = clean_slweg($_POST["cmap_template"]);
$content["map"]["text"] = clean_slweg($_POST["cmap_text"]);
$content["map"]['image'] = isset($_POST["cmap_image"]) ? clean_slweg($_POST["cmap_image"]) : '';
if (isset($_POST['cmap_location_x']) && $content['id']) {
//if(isset($_POST['cmap_location_x']) && isset($_POST['cmap_location_edited']) && intval($_POST['cmap_location_edited']) && $content['id']) {
//if location should be updated or ceated
// cmap_location_x, cmap_location_y, cmap_location_title,
// cmap_location_zip, cmap_location_city, cmap_location_entry
$content["location"] = array();
$content["location"]['id'] = intval($_POST["cmap_location_id"]);
$content["location"]['x'] = intval($_POST["cmap_location_x"]);
$content["location"]['y'] = intval($_POST["cmap_location_y"]);
$content["location"]['title'] = clean_slweg($_POST["cmap_location_title"]);
$content["location"]['zip'] = clean_slweg($_POST["cmap_location_zip"]);
$content["location"]['city'] = clean_slweg($_POST["cmap_location_city"]);
$content["location"]['entry'] = slweg($_POST["cmap_location_entry"]);
if (!$_SESSION["WYSIWYG_EDITOR"]) {
$content["location"]['entry'] = nl2br($content["location"]['entry']);
} else {
$content["location"]['entry'] = str_replace("\r\n", '', $content["location"]['entry']);
$content["location"]['entry'] = str_replace("\n", '', $content["location"]['entry']);
}
if (!$content["location"]['title']) {
$content["error"][] = $BL['be_cmap_location_error_notitle'];
} else {
$content["location"]['sql'] = "map_cid='" . $content['id'] . "', ";
$content["location"]['sql'] .= "map_x='" . $content["location"]['x'] . "', ";
$content["location"]['sql'] .= "map_y='" . $content["location"]['y'] . "', ";
$content["location"]['sql'] .= "map_title=" . _dbEscape($content["location"]['title']) . ", ";
$content["location"]['sql'] .= "map_zip=" . _dbEscape($content["location"]['zip']) . ", ";
$content["location"]['sql'] .= "map_city=" . _dbEscape($content["location"]['city']) . ", ";
function getpostvar($formvar, $string_laenge = 0)
{
//combines trim, stripslashes und apostrophe replace
return _dbEscape(slweg($formvar, $string_laenge), false);
}
*
* @author Oliver Georgi <*****@*****.**>
* @copyright Copyright (c) 2002-2015, Oliver Georgi
* @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2
* @link http://www.phpwcms.de
*
**/
// ----------------------------------------------------------------
// obligate check for phpwcms constants
if (!defined('PHPWCMS_ROOT')) {
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
// Content Type Link Articles
$content['alink']['alink_template'] = clean_slweg($_POST["calink_template"]);
$content['alink']['alink_allowedtags'] = slweg($_POST["calink_allowedtags"]);
$content['alink']['alink_id'] = isset($_POST["calink"]) && is_array($_POST["calink"]) ? $_POST["calink"] : array();
$content['alink']['alink_level'] = isset($_POST["calink_level"]) && is_array($_POST["calink_level"]) ? $_POST["calink_level"] : array();
// article select type
$content['alink']['alink_type'] = abs(intval($_POST['calink_type']));
if ($content['alink']['alink_type'] > 23) {
$content['alink']['alink_type'] = 0;
}
// summary wordlimit
$content['alink']['alink_wordlimit'] = intval($_POST['calink_wordlimit']);
$content['alink']['alink_hidesummary'] = empty($_POST['calink_hidesummary']) ? 0 : 1;
// handle teaser for columns
$content['alink']['alink_columns'] = empty($_POST['calink_columns']) ? 0 : intval($_POST['calink_columns']);
// link against structure level link for single articles
$content['alink']['alink_categoryalias'] = empty($_POST['calink_categoryalias']) ? 0 : 1;
// max auto article
$file_longinfo = slweg(trim($_POST["file_longinfo"]));
$file_copyright = clean_slweg($_POST["file_copyright"]);
$file_tags = trim(clean_slweg($_POST["file_tags"]), ',');
$file_granted = empty($_POST["file_granted"]) ? 0 : 1;
$file_gallerydownload = empty($_POST["file_gallerydownload"]) ? 0 : 1;
$file_keys = '';
$file_sort = intval($_POST["file_sort"]);
if (count($phpwcms['allowed_lang']) > 1) {
$file_vars = array();
foreach ($phpwcms['allowed_lang'] as $lang) {
$lang = strtolower($lang);
if (isset($_POST['file_longinfo_' . $lang])) {
$file_vars[$lang]['longinfo'] = slweg($_POST['file_longinfo_' . $lang]);
}
if (isset($_POST['file_copyright_' . $lang])) {
$file_vars[$lang]['copyright'] = slweg($_POST['file_copyright_' . $lang]);
}
}
}
$file_keywords = empty($_POST["file_keywords"]) ? array() : $_POST["file_keywords"];
if (count($file_keywords)) {
foreach ($file_keywords as $key => $value) {
unset($file_keywords[$key]);
$key = intval($key);
if ($value != "0_1") {
$file_keys .= ($file_keys ? ":" : "") . $key . "_" . intval($value);
$file_keywords[$key] = intval($value);
} else {
$file_error["keywords"][$key] = 1;
}
}
$content["search"]["wordlimit"] = is_intval($content["search"]["wordlimit"]) ? intval($content["search"]["wordlimit"]) : '';
$content["search"]["newwin"] = isset($_POST["csearch_newwin"]) ? 1 : 0;
$content["search"]["highlight_result"] = isset($_POST["csearch_highlight"]) ? 1 : 0;
$content["search"]["label_input"] = html_specialchars(clean_slweg($_POST["csearch_label_input"]));
$content["search"]["style_input"] = html_specialchars(clean_slweg($_POST["csearch_style_input"]));
$content["search"]["label_button"] = html_specialchars(clean_slweg($_POST["csearch_label_button"]));
$content["search"]["style_button"] = html_specialchars(clean_slweg($_POST["csearch_style_button"]));
$content["search"]["label_result"] = slweg($_POST["csearch_label_result"]);
$content["search"]["style_result"] = html_specialchars(clean_slweg($_POST["csearch_style_result"]));
$content["search"]["align"] = isset($_POST["csearch_align"]) ? intval($_POST["csearch_align"]) : 0;
$content["search"]["text_intro"] = slweg($_POST["csearch_text_intro"], 65500);
$content["search"]["text_result"] = slweg($_POST["csearch_text_result"], 65500);
$content["search"]["text_noresult"] = slweg($_POST["csearch_text_noresult"], 65500);
$content["search"]["template"] = isset($_POST["csearch_template"]) ? slweg($_POST["csearch_template"]) : '';
$content['search']["text_html"] = empty($_POST['csearch_text_html']) ? 0 : (intval($_POST['csearch_text_html']) ? 1 : 0);
$content["search"]["label_pages"] = slweg($_POST['csearch_label_pages']);
$content["search"]["minchar"] = intval($_POST['csearch_minchar']);
if (!$content["search"]["minchar"]) {
$content["search"]["minchar"] = 3;
}
$content["search"]["start_at"] = isset($_POST['csearch_start_at']) && is_array($_POST['csearch_start_at']) ? $_POST['csearch_start_at'] : array();
$content["search"]["show_always"] = empty($_POST['csearch_show_always']) ? 0 : 1;
$content["search"]["show_top"] = empty($_POST['csearch_show_top']) ? 0 : 1;
$content["search"]["show_bottom"] = empty($_POST['csearch_show_bottom']) ? 0 : 1;
$content["search"]["show_next"] = empty($_POST['csearch_show_next']) ? 0 : 1;
$content["search"]["show_prev"] = empty($_POST['csearch_show_prev']) ? 0 : 1;
$content["search"]["module"] = array();
if (isset($_POST['csearch_module']) && is_array($_POST['csearch_module']) && count($_POST['csearch_module'])) {
foreach ($_POST['csearch_module'] as $key => $value) {
$value = strtolower(trim($key));
if ($value) {
**/
// ----------------------------------------------------------------
// obligate check for phpwcms constants
if (!defined('PHPWCMS_ROOT')) {
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
// try
if (isset($_GET['edit'])) {
$plugin['id'] = intval($_GET['edit']);
} else {
$plugin['id'] = 0;
}
// process post form
if (isset($_POST['adcampaign_title'])) {
$plugin['data'] = array('adcampaign_id' => intval($_POST['adcampaign_id']), 'adcampaign_title' => clean_slweg($_POST['adcampaign_title']), 'adcampaign_created' => date('Y-m-d H:i:s'), 'adcampaign_changed' => date('Y-m-d H:i:s'), 'adcampaign_comment' => clean_slweg($_POST['adcampaign_comment']), 'adcampaign_data' => array('width' => intval($_POST['adcampaign_width']), 'height' => intval($_POST['adcampaign_height']), 'unique' => empty($_POST['adcampaign_unique']) ? 0 : 1, 'url' => clean_slweg($_POST['adcampaign_url']), 'target' => clean_slweg($_POST['adcampaign_target']), 'image' => isset($_POST['adcampaign_image']) ? clean_slweg($_POST['adcampaign_image']) : '', 'flash' => isset($_POST['adcampaign_flash']) ? clean_slweg($_POST['adcampaign_flash']) : '', 'html' => slweg($_POST['adcampaign_html']), 'alt_text' => clean_slweg($_POST['adcampaign_alt_text']), 'title_text' => clean_slweg($_POST['adcampaign_title_text']), 'css' => isset($_POST['adcampaign_css']) ? clean_slweg($_POST['adcampaign_css']) : '', 'bgcolor' => clean_slweg($_POST['adcampaign_bgcolor']), 'bordercolor' => clean_slweg($_POST['adcampaign_bordercolor']), 'flashversion' => clean_slweg($_POST['adcampaign_flashversion'])), 'adcampaign_status' => empty($_POST['adcampaign_status']) ? 0 : 1, 'adcampaign_date_start' => clean_slweg($_POST['adcampaign_date_start']), 'adcampaign_date_end' => clean_slweg($_POST['adcampaign_date_end']), 'adcampaign_time_start' => clean_slweg($_POST['adcampaign_time_start']), 'adcampaign_time_end' => clean_slweg($_POST['adcampaign_time_end']), 'adcampaign_type' => empty($_POST['adcampaign_type']) ? 0 : intval($_POST['adcampaign_type']), 'adcampaign_place' => intval($_POST['adcampaign_place']), 'adcampaign_maxview' => intval($_POST['adcampaign_max_views']), 'adcampaign_maxclick' => intval($_POST['adcampaign_max_click']), 'adcampaign_maxviewuser' => intval($_POST['adcampaign_max_viewuser']), 'adcampaign_duplicate' => empty($_POST['adcampaign_duplicate']) ? 0 : 1);
if (empty($plugin['data']['adcampaign_data']['flashversion'])) {
$plugin['data']['adcampaign_data']['flashversion'] = '7';
}
if ($plugin['data']['adcampaign_type'] > 4) {
$plugin['data']['adcampaign_type'] = 0;
}
// clean up date/time
include_once $phpwcms['modules'][$module]['path'] . 'inc/processing.datetime.inc.php';
if (empty($plugin['data']['adcampaign_title'])) {
$plugin['error']['adcampaign_title'] = 1;
}
// handle media upload
if ($plugin['data']['adcampaign_id'] && !empty($_FILES['adcampaign_upload_image']['name'])) {
// image upload
$plugin['data']['upload'] = saveUploadedFile('adcampaign_upload_image', PHPWCMS_CONTENT . 'ads/' . $plugin['data']['adcampaign_id'] . '/', '', '1,2,3', '1,4');
*
* @author Oliver Georgi <*****@*****.**>
* @copyright Copyright (c) 2002-2015, Oliver Georgi
* @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2
* @link http://www.phpwcms.de
*
**/
// ----------------------------------------------------------------
// obligate check for phpwcms constants
if (!defined('PHPWCMS_ROOT')) {
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
// Content Type Text with Image
$content["image_info"] = '';
$content["text"] = slweg($_POST["ctext"]);
$content["image_id"] = intval($_POST["cimage_id"]);
$content["image_pos"] = intval($_POST["cimage_pos"]);
$content["image_caption"] = clean_slweg($_POST["cimage_caption"]);
$content["image_zoom"] = empty($_POST["cimage_zoom"]) ? 0 : 1;
$content['cimage'] = array();
$content['cimage']['cimage_lightbox'] = empty($_POST["cimage_lightbox"]) ? 0 : 1;
$content['cimage']['cimage_nocaption'] = empty($_POST["cimage_nocaption"]) ? 0 : 1;
$content['cimage']['cimage_crop'] = empty($_POST["cimage_crop"]) ? 0 : 1;
$content["image_width"] = intval($_POST["cimage_width"]) ? intval($_POST["cimage_width"]) : "";
$content["image_height"] = intval($_POST["cimage_height"]) ? intval($_POST["cimage_height"]) : "";
$temp_img_maxwidth = $content["image_pos"] == 6 || $content["image_pos"] == 7 ? intval($phpwcms["content_width"] / 1.75) : $phpwcms["content_width"];
if (!RESPONSIVE_MODE && $content["image_width"] > $temp_img_maxwidth || $content["image_width"] == "") {
$content["image_width"] = $temp_img_maxwidth;
}
// check for image information and get alle infos from file
