} if (!$group_title) { $errors = $main_smarty->get_config_vars('PLIGG_Visual_Group_Empty_Title'); } else { $exists = $db->get_var("select COUNT(*) from " . table_groups . " WHERE group_name='{$group_name}' AND group_id != '{$requestID}'"); if ($exists) { $errors = $main_smarty->get_config_vars('PLIGG_Visual_Group_Title_Exists'); } } if (!$errors && $db->query("update " . table_groups . " set group_name = '" . $group_title . "', group_safename='{$group_safename}', group_description = '" . $group_description . "', group_privacy = '" . $group_privacy . "', group_vote_to_publish = '" . $group_vote_to_publish . "', group_notify_email={$group_notify_email} where group_id = '" . $requestID . "'")) { $errors = $main_smarty->get_config_vars('PLIGG_Visual_Group_Saved_Changes'); } $main_smarty->assign("errors", $errors); } else { $CSRF->show_invalid_error(1); exit; } } $CSRF->create('edit_group', true, true); //displaying group as story if (isset($requestID)) { group_display($requestID); } $main_smarty->assign('tpl_center', $the_template . '/edit_group_center'); $main_smarty->display($the_template . '/pligg.tpl'); function cleanit($value) { $value = strip_tags($value); $value = trim($value); return $value; }
$mail->From = $site_mail; $mail->FromName = $main_smarty->get_config_vars('PLIGG_PassEmail_Name'); $mail->AddAddress($to); $mail->AddReplyTo($site_mail); $mail->IsHTML(true); $mail->Subject = $subject; $mail->Body = $message; $mail->CharSet = 'utf-8'; $mail->Send(); } } } if ($result) { //redirect $redirect = ''; $redirect = getmyurl("group_story", $in_id); header("Location: {$redirect}"); die; } } } $CSRF->create('submit_group', true, true); //echo $sql; } // pagename define('pagename', 'submit_groups'); $main_smarty->assign('error', $errors); $main_smarty->assign('pagename', pagename); // show the template $main_smarty->assign('tpl_center', $the_template . '/submit_groups'); $main_smarty->display($the_template . '/pligg.tpl');
include_once 'Smarty.class.php'; $main_smarty = new Smarty(); include 'config.php'; include mnminclude . 'html1.php'; include mnminclude . 'link.php'; include mnminclude . 'group.php'; include mnminclude . 'user.php'; include mnminclude . 'friend.php'; include mnminclude . 'smartyvariables.php'; include mnminclude . 'csrf.php'; $offset = (get_current_page() - 1) * $page_size; $main_smarty = do_sidebar($main_smarty); define('pagename', 'user'); $main_smarty->assign('pagename', pagename); $CSRF = new csrf(); $CSRF->create('user_settings', true, true); // if not logged in, redirect to the index page $login = isset($_GET['login']) ? sanitize($_GET['login'], 3) : ''; $truelogin = isset($_COOKIE['mnm_user']) ? sanitize($_COOKIE['mnm_user'], 3) : ''; if ($login === '') { if ($current_user->user_id > 0) { $login = $current_user->user_login; } else { header('Location: ' . $my_base_url . $my_pligg_base); die; } } // setup the breadcrumbs $navwhere['text1'] = $main_smarty->get_config_vars('PLIGG_Visual_Breadcrumb_Profile'); $navwhere['link1'] = getmyurl('topusers'); $navwhere['text2'] = $login;
die; } else { die('You cannot move a category into it\'s own subcategory. Click <a href = "admin_categories.php">here</a> to reload.'); } } else { $sql = "Select * from " . table_categories . " where category__auto_id=" . $move_id . ";"; $results = $db->get_row($sql); $move_sort = $results->category_order; $sql = "update " . table_categories . " set category_parent = " . $results->category_parent . ", category_order = " . ($move_sort + 1) . " where category__auto_id=" . $id . ";"; $db->query($sql); rebuild_the_tree(); header("Location: admin_categories.php"); die; } } elseif ($action == "view") { $CSRF->create('category_manager', true, true); $array = tree_to_array(0, table_categories, true); #print_r($array);exit; $main_smarty->assign('cat_count', count($array)); $main_smarty->assign('cat_array', $array); $main_smarty->assign('tpl_center', '/admin/categories'); $main_smarty->display($template_dir . '/admin/admin.tpl'); } } function makeCategoryFriendly($output) { // this was moved out of utils.php because it's only needed when changing // category information if (function_exists('utils_makeUrlFriendly')) { $output = utils_makeUrlFriendly($output); }
$main_smarty->assign(password_error, $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_FiveCharPass')); } else { $db->query("INSERT IGNORE INTO " . table_users . " (user_login, user_level, user_email, user_pass, user_date) VALUES ('{$username}', '{$level}', '{$email}', '{$saltedpass}', now())"); header("Location: " . my_pligg_base . "/admin/admin_users.php"); die; } } else { $CSRF->show_invalid_error(1); exit; } } if (isset($_GET["mode"])) { // Create User Page if ($_GET["mode"] == "create") { // create user $CSRF->create('admin_users_create', true, true); // breadcrumbs and page titles $navwhere['text1'] = $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'); $navwhere['link1'] = getmyurl('admin', ''); $navwhere['text2'] = $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel_1'); $navwhere['link2'] = my_pligg_base . "/admin/admin_users.php"; $navwhere['text3'] = $main_smarty->get_config_vars('PLIGG_Visual_Breadcrumb_User_Killspam'); $main_smarty->assign('navbar_where', $navwhere); $main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel')); // misc smarty $main_smarty->assign('pagename', pagename); // pagename define('pagename', 'admin_users'); $main_smarty->assign('pagename', pagename); // show the template $main_smarty->assign('tpl_center', '/admin/user_create');
// It's licensed under the AFFERO GENERAL PUBLIC LICENSE unless stated otherwise. // You can get copies of the licenses here: // http://www.affero.org/oagpl.html // AFFERO GENERAL PUBLIC LICENSE is also included in the file called "COPYING". include_once 'Smarty.class.php'; $main_smarty = new Smarty(); include 'config.php'; include mnminclude . 'html1.php'; include mnminclude . 'link.php'; include mnminclude . 'smartyvariables.php'; include mnminclude . 'csrf.php'; check_referrer(); $CSRF = new csrf(); if (!isset($_POST['email_to_submit'])) { // we're not submitting the form $CSRF->create('recommend', true, true); if ($_POST['draw'] == "small") { // small form -- the form's html is in recommend_small.tpl $htmlid = isset($_POST['htmlid']) && is_numeric($_POST['htmlid']) ? $_POST['htmlid'] : 0; $linkid = isset($_POST['linkid']) && is_numeric($_POST['linkid']) ? $_POST['linkid'] : 0; $main_smarty->assign('ts_random', rand(10000000, 99999999)); $main_smarty->assign('Default_Message', Default_Message); $main_smarty->assign('link_shakebox_index', $htmlid); $main_smarty->assign('link_id', $linkid); $main_smarty->assign('instpath', my_base_url . my_pligg_base . "/"); $main_smarty->display($the_template . '/recommend_small.tpl'); } } else { // we're submitting the form and sending the emails global $current_user, $db; if (!$current_user->authenticated) {
$comment->id = $key; $comment->read(); $link = new Link(); $link->id = $comment->link; $link->read(); $link->recalc_comments(); $link->store(); $link = ''; } header("Location: " . my_pligg_base . "/admin/admin_comments.php?page=" . sanitize($_GET['page'], 3)); die; } else { $CSRF->show_invalid_error(1); exit; } } else { $CSRF->create('admin_comments_edit', true, true); } // pagename define('pagename', 'admin_comments'); $main_smarty->assign('pagename', pagename); // read the mysql database to get the pligg version $sql = "SELECT data FROM " . table_misc_data . " WHERE name = 'pligg_version'"; $pligg_version = $db->get_var($sql); $main_smarty->assign('version_number', $pligg_version); // show the template $main_smarty->assign('tpl_center', '/admin/admin_comments_center'); $main_smarty->display($template_dir . '/admin/admin.tpl'); } else { echo 'not for you! go away!'; }
} } } } } totals_regenerate(); //header("Location: ".my_pligg_base."/admin/admin_links.php?page=".sanitize($_GET['page'],3)); $redirect_url = $_SERVER['HTTP_REFERER']; header("Location:" . $redirect_url); exit; } else { $CSRF->show_invalid_error(1); exit; } } else { $CSRF->create('admin_links_edit', true, true); } // pagename define('pagename', 'admin_links'); $main_smarty->assign('pagename', pagename); // read the mysql database to get the pligg version $sql = "SELECT data FROM " . table_misc_data . " WHERE name = 'pligg_version'"; $pligg_version = $db->get_var($sql); $main_smarty->assign('version_number', $pligg_version); // show the template $main_smarty->assign('tpl_center', '/admin/submissions'); if ($is_moderator == '1') { $main_smarty->display($template_dir . '/admin/moderator.tpl'); } else { $main_smarty->display($template_dir . '/admin/admin.tpl'); }
$canIhaveAccess = $canIhaveAccess + checklevel('admin'); $main_smarty->assign('canIhaveAccess', $canIhaveAccess); if (Enable_Tags) { $main_smarty->assign('tags', $linkres->tags); if (!empty($linkres->tags)) { $word_array = explode(",", $linkres->tags); foreach ($word_array as $word) { $tag_array[] = trim($word); } $tags_words = implode(", ", $tag_array); $tags_url = urlencode($linkres->tags); $main_smarty->assign('tags_words', $tags_words); $main_smarty->assign('tags_url', $tags_url); } } $CSRF->create('edit_link', true, true); // pagename define('pagename', 'editlink'); $main_smarty->assign('pagename', pagename); // sidebar $main_smarty = do_sidebar($main_smarty); // show the template $main_smarty->assign('storylen', utf8_strlen(str_replace("<br />", "\n", $link_content))); $main_smarty->assign('tpl_extra_fields', $the_template . '/submit_extra_fields'); $main_smarty->assign('tpl_center', $the_template . '/editlink_edit_center'); $main_smarty->display($the_template . '/pligg.tpl'); } } else { echo "<br /><br />" . $main_smarty->get_config_vars('PLIGG_Visual_EditLink_NotYours') . "<br/ ><br /><a href=" . my_base_url . my_pligg_base . ">" . $main_smarty->get_config_vars('PLIGG_Visual_Name') . " home</a>"; } } else {
} elseif ($admin_acction == "spam" && !$killspammed[$user_id]) { $user_id = $db->get_var("SELECT comment_user_id FROM `" . table_comments . "` WHERE `comment_id` = " . $key . ";"); # $db->query($sql='UPDATE `' . table_comments . '` SET `comment_status` = "spam" WHERE `comment_id` = "'.$key.'"'); killspam($user_id); $killspammed[$user_id] = 1; } } } header("Location: " . my_pligg_base . "/admin/admin_comments.php?page=" . sanitize($_GET['page'], 3)); die; } else { $CSRF->show_invalid_error(1); exit; } } else { $CSRF->create('comments_edit', true, true); } // pagename define('pagename', 'admin_comments'); $main_smarty->assign('pagename', pagename); // read the mysql database to get the pligg version $sql = "SELECT data FROM " . table_misc_data . " WHERE name = 'pligg_version'"; $pligg_version = $db->get_var($sql); $main_smarty->assign('version_number', $pligg_version); // show the template $main_smarty->assign('tpl_center', '/admin/comments'); if ($is_moderator == '1') { $main_smarty->display($template_dir . '/admin/moderator.tpl'); } else { $main_smarty->display($template_dir . '/admin/admin.tpl'); }