function login2($user, $pass)
{
$con = new db();
$conc = $con->c();
$kcook = intval($_POST["remember"]);
$q = mysqli_query($conc, "SELECT `id`,`user`,`name`,`email`,`img1`,`img2`,`img3`,`bgcolor` FROM `users` WHERE (`user` = '{$user}' OR `email` ='{$user}') AND pass = '******'");
if (mysqli_num_rows($q) == 1) {
$r = mysqli_fetch_array($q);
setcookie("u", $r[1], time() + 52 * 60 * 60 * 24 * 7, "/");
$_SESSION["uid"] = $r[0];
$_SESSION["user"] = $r[1];
$_SESSION["name"] = $r[2];
$_SESSION["email"] = $r[3];
$_SESSION["p"] = $pass;
$_SESSION["color"] = $r[7];
$_SESSION["img1"] = $r[4];
$_SESSION["img2"] = $r[5];
$_SESSION["img3"] = $r[6];
$_SESSION["ula"] = md5("{$r['1']} {$pass} {$r['0']}");
$con->close_db_con($conc);
if (!valid_name($_SESSION["user"])) {
$_SESSION["set_user"] = "******";
header("location: ./?settings");
} else {
if ($kcook == 1) {
setcookie("um", $r[1], time() + 52 * 60 * 60 * 24 * 7, "/");
setcookie("pm", $pass, time() + 52 * 60 * 60 * 24 * 7, "/");
}
return true;
}
} else {
return false;
}
}
function login($user, $pass)
{
$con = new db();
$conc = $con->c();
$kcook = intval($_POST["remember"]);
$q = mysqli_query($conc, "SELECT `id`,`user`,`name`,`email`,`img1`,`img2`,`img3`,`bgcolor` FROM `users` WHERE (`user` = '{$user}' OR `email` ='{$user}') AND pass = '******'");
if (mysqli_num_rows($q) == 1) {
$r = mysqli_fetch_array($q);
setcookie("u", $r[1], time() + 52 * 60 * 60 * 24 * 7);
$_SESSION["uid"] = $r[0];
$_SESSION["user"] = $r[1];
$_SESSION["name"] = $r[2];
$_SESSION["email"] = $r[3];
$_SESSION["p"] = $pass;
$_SESSION["color"] = $r[7];
$_SESSION["img1"] = $r[4];
$_SESSION["img2"] = $r[5];
$_SESSION["img3"] = $r[6];
$_SESSION["ula"] = md5("{$r['1']} {$pass} {$r['0']}");
$con->close_db_con($conc);
if ($kcook == 1) {
setcookie("u", $r[1], time() + 2 * 60 * 60 * 24 * 7);
setcookie("p", $pass, time() + 2 * 60 * 60 * 24 * 7);
}
return true;
} else {
return false;
}
}
function __construct($server, $user, $pw, $db)
{
try {
db::$c = new PDO("mysql:host={$server};dbname={$db}", $user, $pw);
db::$c->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
//echo "connection is perfect ";
} catch (PDOException $e) {
echo $e->getMessage();
}
}
function getVid($id)
{
$con = new db();
$conc = $con->c();
$q = mysqli_query($conc, "SELECT videos.id,videos.user,videos.name,videos.info,videos.pict,videos.vid,videos.dl,videos.date,users.user FROM `videos` INNER JOIN users ON users.id = videos.user WHERE videos.id = {$id} ");
if (mysqli_num_rows($q) == 0) {
echo "({status:false,msg:'Sorry, this video cannot be found'})";
//echo "<div class='m_s_g'>Sorry, this video cannot be found.</div>";
} else {
$n = 0;
$r = mysqli_fetch_array($q);
echo "({status:true,type:3,class:'vid_prev',title:'{$r['3']}',uid:'{$r['1']}',owner:'{$r['8']}',vid:'{$r['0']}',video:'{$r['5']}',prev:'{$r['4']}',vname:'{$r['2']}',vdate:'" . gtime($r[7]) . "'})";
//echo"<table><tr>";
//echo "<a href='#!/video=$r[0]'><div style='background:url(".PTH."/img/load/ml.gif) no-repeat center;' ><div vid='$r[0]' style='background:url(".PTH."/prev/$r[4]) no-repeat center;' class='vid_prev' title='$r[3]' onclick='playvideo(event);$(\"#pwindow\").fadeOut(500);' prev='$r[4]' video='$r[5]' info='$r[3]' vidname='$r[2]' vdate='".gtime($r[7])."' owner='$r[8]' uid='$r[1]'>$r[2]<br/>$r[3]</div></div></a>";
}
$con->close_db_con($conc);
exit;
}
function getVid($uid)
{
$con = new db();
$conc = $con->c();
$q = mysqli_query($conc, "SELECT videos.id,videos.user,videos.name,videos.info,videos.pict,videos.vid,videos.dl,videos.date,users.user FROM `videos` INNER JOIN users ON users.id = videos.user WHERE videos.user = {$uid} ");
if (mysqli_num_rows($q) == 0) {
echo "<div class='m_s_g'>No content has been added yet</div>";
}
$n = 0;
echo "<table><tr>";
while ($r = mysqli_fetch_array($q)) {
$n++;
echo "<td ><a href='./video-{$r['0']}' onclick='return setURI(\"video\",{$r['0']})' ><div style='background:url(" . PTH . "/img/load/ml.gif) no-repeat center;height:120px;width:120px;padding:10px;'><div style='background:url(" . PTH . "/prev/{$r['4']}) left;' class='vid_prev' title='{$r['3']}' onclick='playvideo(event)' prev='{$r['4']}' vid='{$r['0']}' video='{$r['5']}' info='{$r['3']}' owner='{$r['8']}' uid='{$uid}' vidname='{$r['2']}' vdate='" . gtime($r[7]) . "'>{$r['2']}<br/>{$r['3']}</div></div></a><br/></td>";
echo $n % 4 == 0 ? "</tr><tr>" : "";
}
echo "</tr></table>";
$con->close_db_con($conc);
exit;
}
function post($id, $uid, $userid, $user, $name, $img, $date, $post, $var, $rid, $type, $client)
{
$rp = "";
if ($type == 1) {
$con = new db();
$conc = $con->c();
$q = mysqli_query($conc, "SELECT `post`.`id`,`users`.`user` FROM `post` INNER JOIN `users` ON (`users`.`id` = `post`.`user`) WHERE `post`.`id` = {$rid} ");
$r = mysqli_fetch_array($q);
$pid = $r[1];
$rp = "<a href='#' class='del' onclick='return _op({$rid},{$type})' >in reply to {$pid}</a>";
$con->close_db_con($conc);
} else {
if ($type == 2) {
$con = new db();
$conc = $con->c();
$q = mysqli_query($conc, "SELECT `post`.`id`,`users`.`user` FROM `post` INNER JOIN `users` ON (`users`.`id` = `post`.`user`) WHERE `post`.`id` = {$rid} ");
$r = mysqli_fetch_array($q);
$pid = $r[1];
$con->close_db_con($conc);
$rp = "<a href='#pwindow' class='del' name='modal' onclick='return _op({$rid},{$type})' >rePosted From {$pid} </a>";
}
}
$del = $uid == $userid ? "·<a href='#' onclick='return _del(event,\"{$id}\")'><span class='del'>delete</span></a>" : "";
if ($_SESSION["uid"] != 0) {
$reply = "·<a href='#' class='del' onclick='return _reply(event)' rid='{$id}' u='{$user}'> reply</a>";
$repost = "·<a href='#' class='del' onclick='return _repost(event)' rid='{$id}' u='{$user}'> repost</a>";
}
return "<div class='post' id='post{$id}'>\n\t\t\t\t\t<table><tr><td><a href='../home?i={$userid}' onclick='return _o(event,{$userid})' ><div class='smpdiv' style='background:url({$img}) center no-repeat'></div></a></td>\n\t\t\t\t\t<td>\n\t\t\t\t\t<table><tr><td><a href='../home?i={$userid}' onclick='return _o(event,{$userid})' onmouseover='_pop(event,{$userid});' >{$user}</a> <i style='_pn'>{$name}</i><br/><span class='_post'>{$post}</span><br/>{$rp} <a href='#' target='_blank' class='del'>via {$client}</a> <a class='del' href='#?post={$id}' onclick='return _op({$id},0);'>" . gtime($date) . "</a><Br/>{$del} {$reply} {$repost}</td></tr></table>\n\t\t\t\t\t</td></tr></table>\n\t\t\t\t\t </div> {$var}";
}
session_start();
if ($_SESSION['login'] != true) {
header("Location: index.php?message=Log in.");
} else {
require 'inc/loader.php';
include "inc/funkcije.php";
require 'inc/views/template_head_start.php';
require 'inc/views/template_head_end.php';
require 'inc/views/base_head.php';
?>
<?php
//Treba mi id stranice koja se menja, BIO = 1, GALLERY = 2, CONTACT = 3
$id_page = 1;
$DB = new db();
$SQL = "SELECT * FROM pages WHERE id_page='" . $DB->c($id_page) . "'";
$DB->query($SQL);
$row = $DB->fetch_assoc();
$content = $row['content'];
$DB->close();
?>
<!-- Page Header -->
<div class="content bg-gray-lighter">
<div class="row items-push">
<div class="col-sm-7">
<h1 class="page-heading">
Content <small>change BIO text.</small>
</h1>
</div>
<div class="col-sm-5 text-right hidden-xs">
<ol class="breadcrumb push-10-t">
<?php
session_start();
include "../scripts/db.php";
$style = "style='font:20px verdana;text-align:center;color:#777;'";
$user = $_SESSION["uid"];
if (!isset($_SESSION["user"], $_SESSION["p"]) && $user != 0) {
exit("<div class='m_s_g'>Invalid Authentication<div>");
}
$con = new db();
$conc = $con->c();
if (isset($_POST["del"])) {
list($id, $vid, $img) = explode("____", $_POST["vars"]);
$q = mysqli_query($conc, "DELETE FROM videos WHERE id = {$id} AND user = {$user}");
$qq = mysqli_query($conc, "DELETE FROM comment WHERE cid = {$id} AND type = 3");
if ($q) {
@unlink("../video/" . $vid);
if (!strstr($img, DEF_VID_IMG)) {
@unlink("../prev/" . $img);
}
$con->close_db_con($conc);
exit("<div {$style}>Successfully Deleted.</div>");
} else {
$con->close_db_con($conc);
exit("<div {$style}>Error deleting video.</div>");
}
}
if (isset($_POST["upd"])) {
$id = intval($_POST["id"]);
$name = strclean($_POST["name"]);
$info = strclean($_POST["info"]);
}
if (file_exists($temp_file)) {
unlink($temp_file);
}
// -------------- End Resizing i Croping funkcije za sliku -----------------
// Prikazujemo rezultate da bi smo mogli videti i testirati sta se desilo
//echo "The file named <strong>$fileName</strong> uploaded successfuly.<br /><br />";
//echo "It is <strong>$fileSize</strong> bytes in size.<br /><br />";
//echo "It is an <strong>$fileType</strong> type of file.<br /><br />";
//echo "The file extension is <strong>$fileExt</strong><br /><br />";
//echo "The Error Message output for this upload is: $fileErrorMsg";
} else {
$photo = 'none';
}
// Kraj obrade u uploada slike
// Unosimo novu kategoriju u bazu
$DB = new db();
$SQL = "INSERT INTO gallery (\n\t\t\t\t ph_name,\n\t\t\t\t ph_info,\n\t\t\t\t\tphoto,\n\t\t\t\t\tph_show,\n\t\t\t\t\tph_datum,\n\t\t\t\t\tph_type\n\t\t\t\t) VALUES( \n\t\t\t\t '" . $DB->c($ph_name) . "', \n\t\t\t\t '" . $DB->c($ph_info) . "', \n\t\t\t\t '" . $DB->c($photo) . "', \n\t\t\t\t '" . $DB->c($ph_show) . "', \n\t\t\t\t '" . $DB->c($ph_date) . "', \n\t\t\t\t '" . $DB->c($ph_type) . "'\n\t\t\t\t)";
$result = $DB->query($SQL);
$DB->close();
$result = true;
if ($result) {
$poruka = "image uploaded successfully!";
} else {
$poruka = "Error, Image is not uploaded, please try again";
}
} else {
$poruka = "Unauthorized direct access to the page!";
}
header("Location: gallery2.php?message={$poruka}");
}
<?php
session_start();
include "../scripts/db.php";
if (!isset($_SESSION["uid"], $_SESSION["user"])) {
exit("<div class='m_s_g'>Invalid Authentication<div>");
}
$uid = intval($_SESSION["uid"]);
if ($uid != 0 && isset($uid)) {
$con = new db();
$conc = $con->c();
$num = 0;
$subjres = mysqli_query($conc, "SELECT `id` FROM `msg_subj` WHERE `u1` = {$uid} OR `u2` = {$uid}");
if ($subjres) {
while ($sb = mysqli_fetch_array($subjres)) {
$msg = mysqli_query($conc, "SELECT `new`,`uid` FROM `msg` WHERE `new` = 1 AND `cid` = " . $sb[0] . " ORDER BY `id` DESC");
if ($msg) {
$ltv = mysqli_fetch_array($msg);
$numr = mysqli_num_rows($msg);
if ($numr > 0 && $ltv[1] != $uid) {
$num = $num + $numr;
}
}
}
}
$num = $num > 0 ? $num : "";
$subjres = NULL;
$sb = NULL;
echo $num;
$_SESSION["msg_num"] = $num;
}
<?php
include "../scripts/db.php";
$con = new db();
$conc = $con->c();
header("Content-Type: text/xml");
$user = md5($_POST["user"]);
echo "<?xml version='1.0' encoding='utf-8' ?><bubble uid='{$user}'>";
$action = $_POST["action"];
$p = sha1($_POST["p"]);
$id = $_POST["id"];
$time = $_POST["time"];
$msg = _hstr_(strclean($_POST["msg"]), false);
switch ($action) {
case 1:
$q = mysqli_query($conc, "SELECT * FROM `users` WHERE `em` = '{$user}' AND `pass` = '{$p}' ");
$r = mysqli_fetch_assoc($q);
if (mysqli_num_rows($q) == 1) {
echo "<name>" . $r["fname"] . " " . $r["lname"] . "</name>";
echo "<img>" . str_replace("../", "http://localhost/bubble/", $r["img_m"]) . "</img>";
} else {
echo "<error>Invalid Credentials</error>";
}
break;
case 2:
$q = mysqli_query($conc, "SELECT `email`,`femail`,`id` FROM `pals` WHERE `email` = '{$user}' OR `femail` = '{$user}' ");
$q2 = mysqli_query($conc, "UPDATE `chat_online` SET `time` = " . date("U") . " WHERE `email` = '{$user}'");
while ($r = mysqli_fetch_array($q)) {
$em = $r[0] == $user ? $r[1] : $r[0];
$tm = date("U") - 60 * 10;
$q2 = mysqli_query($conc, "SELECT `email` FROM `chat_online` WHERE `email` = '{$em}' AND `time` > {$tm}");
<table cellpadding="5"><tr>
<?php
include "../scripts/db.php";
$limit = intval($_POST["limit"]);
if (isset($limit)) {
$con = new db();
$conc = $con->c();
$i = 0;
$q = mysqli_query($conc, "SELECT * FROM users ORDER BY id DESC");
while ($r = mysqli_fetch_array($q)) {
$i++;
$img = substr($r[7], 1, strlen($r[7]));
echo "<td><a target='_blank' href='" . PTH . "/{$r['0']}' title='{$r['3']}' style='color:#fff;text-shadow:2px #444;'><div style='background:#000 url(" . PTH . "{$img}) no-repeat center;' class='smpdiv' ></div></a></td>";
if ($i % 15 == 0) {
//echo "<tr></tr>";
}
if ($i == 30) {
break;
}
}
mysqli_close($con->c());
}
?>
</tr></table>
function work_list($folder)
{
?>
<!-- Page Header -->
<div class="content bg-gray-lighter">
<div class="row items-push">
<div class="col-sm-7">
<h1 class="page-heading">
Radovi <small>Spisak ilustracija, dizajna, fotografija.</small>
</h1>
</div>
<div class="col-sm-5 text-right hidden-xs">
<ol class="breadcrumb push-10-t">
<li>Radovi</li>
<li><a class="link-effect" href="works.php">Lista</a></li>
</ol>
</div>
</div>
</div>
<!-- END Page Header -->
<!-- Page Content -->
<div class="content content-boxed">
<!-- <h2 class="content-heading">Your content</h2> -->
<!-- Table Sections (.js-table-sections class is initialized in App() -> uiHelperTableToolsSections()) -->
<div class="block">
<div class="block-header">
<div class="block-content">
<!--
Separate your table content with multiple tbody sections. Add one row and add the class .js-table-sections-header to a
tbody section to make it clickable. It will then toggle the next tbody section which can have multiple rows. Eg:
<tbody class="js-table-sections-header">One row</tbody>
<tbody>Multiple rows</tbody>
<tbody class="js-table-sections-header">One row</tbody>
<tbody>Multiple rows</tbody>
<tbody class="js-table-sections-header">One row</tbody>
<tbody>Multiple rows</tbody>
You can also add the class .open in your tbody.js-table-sections-header to make the next tbody section visible by default
-->
<table class="js-table-sections table table-hover table-vcenter">
<thead>
<tr>
<th style="width: 30px;"></th>
<th class="text-center" style="width: 100px;"><i class="si si-grid"></i></th>
<th>Naslov</th>
<th style="width: 15%;" class="hidden-xs text-center">Kategorija/boja</th>
<th class="hidden-xs" style="width: 15%;">Datum</th>
<th class="text-center" style="width: 100px;">Akcija</th>
</tr>
</thead>
<?php
$DB = new db();
$SQL = "SELECT \n\t\t\t\tworks.id_work AS id_work,\n\t\t\t\tworks.id_cat AS id_cat,\n\t\t\t\tworks.work_name AS work_name,\n\t\t\t\tworks.work_desc AS work_desc,\n\t\t\t\tworks.work_color AS work_color,\n\t\t\t\tworks.work_date AS work_date,\n\t\t\t\tworks.work_mpic AS work_mpic,\n\t\t\t\tworks.work_show AS work_show,\n\t\t\t\tcategories.cat_name AS cat_name\n\t\t\tFROM works\n\t\t\tLEFT JOIN categories ON(works.id_cat=categories.id_cat)\n\t\t\tORDER BY works.id_work DESC";
$DB->query($SQL);
while ($row = $DB->fetch_assoc()) {
$id_work = $row['id_work'];
$id_cat = $row['id_cat'];
$work_name = $row['work_name'];
$work_desc = $row['work_desc'];
if ($work_desc != "") {
$work_desc = '<span class="label label-success">Da</span>';
} else {
$work_desc = '<span class="label label-danger">Ne</span>';
}
$work_color = $row['work_color'];
$work_date = $row['work_date'];
$work_mpic = '../images/work/thumb_' . $row['work_mpic'];
// Proveravam dal slika postoji ili ne , ako nepostoji ucitavamo onu noimage i menjamo boju reda.
if (file_exists($work_mpic)) {
$work_mpic = $work_mpic;
} else {
$work_mpic = $folder . '/img/avatars/avatar3.jpg';
}
$work_ipic = $row['work_ipic'];
$work_show = $row['work_show'];
$cat_name = $row['cat_name'];
$DB2 = new db();
$SQL = "SELECT count(*) AS koliko FROM segments WHERE id_work ='" . $DB2->c($id_work) . "' GROUP BY id_work";
$DB2->query($SQL);
$koliko = 0;
while ($row2 = $DB2->fetch_assoc()) {
$koliko = $row2['koliko'];
}
$DB2->close();
?>
<tbody class="js-table-sections-header">
<tr>
<td class="text-center">
<i class="fa fa-angle-right"></i>
</td>
<td class="text-center"><img class="img-avatar img-avatar48" src="<?php
echo $work_mpic;
?>
" alt=""></td>
<td class="font-w600"><?php
echo $work_name;
?>
</td>
<td class="hidden-xs text-center">
<?php
echo $cat_name;
?>
<span style="background:<?php
echo $work_color;
?>
; color:<?php
echo $work_color;
?>
;">00</span>
</td>
<td class="hidden-xs">
<em class="text-muted"><?php
echo $work_date;
?>
</em>
</td>
<td>
<div class="btn-group">
<button class="btn btn-xs btn-default" type="button" data-toggle="tooltip" title="Izmeni rad" onclick="location.href='works.php?loc=1&work=<?php
echo $id_work;
?>
';"><i class="fa fa-pencil"></i></button>
<?php
if ($koliko == 0) {
?>
<button class="btn btn-xs btn-default" type="button" data-toggle="tooltip" title="Ukloni rad" onclick="sure(<?php
echo $id_work;
?>
)"><i class="fa fa-times"></i></button>
<?php
}
?>
</div>
</td>
</tr>
</tbody>
<tbody>
<tr>
<td class="text-center"></td>
<td class="font-w600">Podnaslov</td>
<td>
<?php
echo $work_desc;
?>
</td>
<td class="hidden-xs">
</td>
<td class="hidden-xs">
</td>
<td>
</td>
</tr>
<tr>
<td class="text-center"></td>
<td class="font-w600">Broj segmenata</td>
<td>
<span class="badge badge-info"><?php
echo $koliko;
?>
</span>
<div class="btn-group">
<button class="btn btn-xs btn-default" type="button" data-toggle="tooltip" title="Dodaj segment" onclick="location.href='works.php?loc=3&work=<?php
echo $id_work;
?>
';"><i class="fa fa-plus-circle"></i></button>
<button class="btn btn-xs btn-default" type="button" data-toggle="tooltip" title="Vidi segmente" onclick="location.href='works.php?loc=2&work=<?php
echo $id_work;
?>
';"><i class="fa fa-eye"></i></button>
</div>
</td>
<td class="hidden-xs">
</td>
<td class="hidden-xs">
</td>
<td>
</td>
</tr>
</tbody>
<?php
}
$DB->close();
?>
</table>
</div>
</div>
</div>
<!-- END Table Sections -->
</div>
<!-- END Page Content -->
<script>
function sure(id)
{
var agree=confirm("Attention!\nDa li si siguran da želiš da ukloniš ovaj rad?\n (sa komplernim sadržajem)");
if (agree)
window.location.href = "works_del.php?id_work="+id;
else
return false ;
}
</script>
<?php
}
function post($id, $uid, $userid, $user, $name, $img, $date, $post, $var, $rid, $type, $client)
{
$client_apps_array = array("", "web", "mobile", "");
$client_apps_url = array("", "./?force_web=2", "./?force_mobile=2", "");
$rp = "";
$client1 = $client_apps_array[$client];
$clienturl = $client_apps_url[$client];
$client = "<a href='{$clienturl}' class='small' target='_blank'>via {$client1}</a>";
if ($type == 1) {
$con = new db();
$conc = $con->c();
$q = mysqli_query($conc, "SELECT `post`.`id`,`users`.`user` FROM `post` INNER JOIN `users` ON (`users`.`id` = `post`.`user`) WHERE `post`.`id` = {$rid} ");
$r = mysqli_fetch_array($q);
$pid = $r[1];
$rp = "<a href='" . PTH . "/?view={$rid}&t={$type}' class='del' onclick='return _op({$rid},{$type})' title='in reply to {$pid}'><table><tr><td><div class='preply'></div></td><td>to {$pid}</td></tr></table></a>";
$con->close_db_con($conc);
} else {
if ($type == 2) {
$con = new db();
$conc = $con->c();
$q = mysqli_query($conc, "SELECT `post`.`id`,`users`.`user` FROM `post` INNER JOIN `users` ON (`users`.`id` = `post`.`user`) WHERE `post`.`id` = {$rid} ");
$r = mysqli_fetch_array($q);
$pid = $r[1];
$con->close_db_con($conc);
$rp = "<a href='" . PTH . "/?view={$rid}&t={$type}' class='del' onclick='return _op({$rid},{$type})' title='refed from {$pid}'><table><tr><td><div class='prefeed'></div></td><td>from {$pid}</td></tr></table></a>";
}
}
$bb = ".";
$imgclass = "smpdiv";
$post_style = "";
$url = "./{$user}";
if ($_SESSION["mobile"] == 2) {
// $bb = "..";
// $url = "./?i=$user";
$imgclass = "ssmpdiv";
}
if ($var == "pop") {
$style = "style='width:400px;'";
$var = "";
$imgclass = "ssmpdiv";
$post_style = "style='font-size:10px;'";
}
if ($_SESSION["uid"] != 0) {
$con = new db();
$conc = $con->c();
$del = $uid == $userid ? "<a onclick='return _del(event,\"{$id}\")'><div title='delete' class='delete'></div></a>" : "";
$nl = numlikes($conc, $id);
$like = _like($conc, $id, $uid) ? " style='background-image:url(" . PTH . "/img/like.png);' class='like' title='unlike {$nl}'" : " title='like {$nl}' style='background:url(" . PTH . "/img/like_2.png) center no-repeat;' class='like'";
$con->close_db_con($conc);
$llike = " <div {$like} onclick='_like(event,{$id},{$userid})' class='like' onmouseover='_textgrow(event)' align='center'>" . $nl . "</div>";
$reply = "<a href='" . PTH . "/?rep={$id}&u={$user}&t=1' class='del' onclick='return _reply(event)' rid='{$id}' u='{$user}'><div class='preply' title='reply {$name}'></div></a>";
$repost = "<a href='" . PTH . "/?rep={$id}&u={$user}&t=2' class='del' onclick='return _repost(event)' rid='{$id}' u='{$user}'><div title='refeed' class='prefeed' ></div></a>";
}
$style = stripos($post, "@" . $_SESSION["user"]) !== false ? "style='border-left:2px solid #444;'" : "";
// $style = $userid == $uid?"style='border-right:1px solid #444;'":$style;
// $style = "";
//_pop(event,$userid)
return "<div class='post' id='post{$id}' {$style} onmouseover='_postOver(event)' >\n\t\t\t\t<table width='100%'><tr><td width='10%'><a href='{$url}' onclick='return _pop(event,\"{$user}\")' ><div class='{$imgclass}' style='background-image:url(" . PTH . "{$img});'></div></a></td>\n\t\t\t\t<td width='90%'>\n\t\t\t\t<table width='100%'><tr><td width='100%'><a href='{$url}' onclick='return _pop(event,\"{$userid}\")' onmouseover='' >{$user}</a> <i style='_pn'>{$name}</i><br/><span class='_post' id='post_span_" . $id . "' {$post_style}>{$post}</span><br/></td></tr></table>\n\t\t\t\t<table style='float:right;'><tr><td valign='middle'><a class='del' style='display:none;' udate='" . date("U", $date) . "' title='" . date("r", $date) . "' href='" . PTH . "/?view={$id}&t=0' onclick='return _op({$id},0);'>" . gtime($date) . "</a></td><td valign='middle'>{$rp}</td><td valign='middle'>{$client}</td><td>{$llike}</td><td>{$reply}</td><td>{$repost}</td><td>{$del}</td><td valign='middle'>{$var}</td></tr></table></td></tr></table>\n\t\t\t\t</div> ";
}
</ol>
</div>
</div>
</div>
<!-- END Page Header -->
<!-- Page Content -->
<div class="content">
<!-- <h2 class="content-heading">Your content</h2> -->
<div class="col-sm-6 col-sm-offset-3">
<div class="block block-themed">
<?php
$workdata = $request->post;
$DB = new db();
foreach ($workdata as $name => $value) {
$workdata[$name] = $DB->c($value);
}
$old_pass = md5($workdata['old_pass']);
$new_pass = md5($workdata['new_pass']);
$cnew_pass = md5($workdata['cnew_pass']);
if ($new_pass == $cnew_pass) {
// Upisujemo novu sifru na mesto gde je bila stara ako je dobro uneta stara sifra
$SQL = "UPDATE korisnik SET pass='******' WHERE (idko='" . $_SESSION['sidko'] . "' AND pass='******')";
$DB = new db();
$DB->query($SQL);
// Proveravamo dal je nova sifra upisana , ako jeste onda je stara bila ok.
$SQL = "SELECT * FROM korisnik WHERE (idko='" . $_SESSION['sidko'] . "' AND pass='******')";
$DB->query($SQL);
$num = $DB->num_rows();
$DB->close();
if ($num != 1) {
<link rel="stylesheet" href="<?php
echo $one->assets_folder;
?>
/js/plugins/bootstrap-datepicker/bootstrap-datepicker3.min.css">
<?php
require 'inc/views/template_head_end.php';
require 'inc/views/base_head.php';
?>
<?php
//ako je $_GET['id_show'] setovan, onda je potrebno izvrsiti izmenu nastupa
if (isset($_GET['id_show'])) {
$id_show = $request->get['id_show'];
$DB = new db();
$SQL = "SELECT * FROM shows WHERE id_show='" . $DB->c($id_show) . "'";
$DB->query($SQL);
$row = $DB->fetch_assoc();
$place_name = $row['place'];
$show_time = $row['show_time'];
$start_date = date('d-m-Y', strtotime($show_time));
$start_hour = date('H', strtotime($show_time));
$start_minute = date('i', strtotime($show_time));
$place_loc = $row['gps_loc'];
$DB->close();
?>
<!-- Page Header -->
<div class="content bg-gray-lighter">
<div class="row items-push">
<div class="col-sm-7">
<h1 class="page-heading">
<?php
session_start();
if ($_SESSION['login'] != true) {
header("Location: index.php?message=Log in.");
} else {
include "inc/loader.php";
include "inc/funkcije.php";
//Ucitavamo mysql klasu
if ($_GET['id_show'] != "") {
$id_show = $request->get['id_show'];
$DB = new db();
$SQL = "DELETE FROM shows WHERE id_show='" . $DB->c($id_show) . "' LIMIT 1";
$result = $DB->query($SQL);
$DB->close();
if ($result) {
$poruka = "Deleted!";
} else {
$poruka = "Error, not deleted!";
}
} else {
$poruka = "Unauthorized direct access to the page!";
}
header("Location: shows.php?message={$poruka}");
}
if ($_POST['id_show'] != "" && $_POST['place_name'] != "" && $_POST['show_date'] != "") {
//$naslov = mysql_real_escape_string($_POST['naziv']);
$id_show = $request->post['id_show'];
$place_name = $request->post['place_name'];
$place_loc = $request->post['place_loc'];
$show_date = $request->post['show_date'];
$show_hour = $request->post['show_hour'];
$show_mins = $request->post['show_mins'];
// Pretvaramo datum iz forme i vreme u format koji nam odgovara za upis u bazu
$datum = explode("-", $show_date);
"dd-mm-yyyy";
$sDate = $datum[2] . "-" . $datum[1] . "-" . $datum[0];
$s_datetime = $sDate . " " . $show_hour . ":" . $show_mins . ":00";
$idko = $_SESSION['sidko'];
$vremec = time();
// Unosimo novu kategoriju u bazu
$DB = new db();
$SQL = "UPDATE \n\t\t\t\t\t\t\tshows \n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\tplace = '" . $DB->c($place_name) . "', \n\t\t\t\t\t\t\tgps_loc = '" . $DB->c($place_loc) . "', \n\t\t\t\t\t\t\tshow_time = '" . $DB->c($s_datetime) . "'\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\tid_show = '" . $DB->c($id_show) . "' ";
$result = $DB->query($SQL);
$DB->close();
$result = true;
if ($result) {
$poruka = "Place and time successfully update!";
} else {
$poruka = "Error, Place and time is not update";
}
} else {
$poruka = "Unauthorized direct access to the page!";
}
header("Location: shows.php?message={$poruka}");
}
<?php
session_start();
if ($_SESSION['login'] != true) {
header("Location: index.php?message=Log in.");
} else {
include "inc/loader.php";
include "inc/funkcije.php";
//Ucitavamo mysql klasu
if ($_GET['id_ph'] != "") {
$id_ph = $request->get['id_ph'];
$DB = new db();
$SQL = "SELECT photo FROM gallery WHERE id_ph='" . $DB->c($id_ph) . "' LIMIT 1";
$DB->query($SQL);
$row = $DB->fetch_assoc();
$photo = $row['photo'];
// Brisanje fajla koji se veze za ponudu
$filename = "../img/gallery/{$photo}";
if (file_exists($filename)) {
unlink($filename);
}
$filename = "../img/gallery/thumb_{$photo}";
if (file_exists($filename)) {
unlink($filename);
}
$SQL = "DELETE FROM gallery WHERE id_ph='" . $DB->c($id_ph) . "' LIMIT 1";
$result = $DB->query($SQL);
$DB->close();
if ($result) {
$poruka = "image deleted!";
} else {
} elseif ($id_page == 2) {
$page = 'gallery';
} elseif ($id_page == 3) {
$page = 'contact';
}
$cms_text = $request->post['cms_text'];
$idko = $_SESSION['sidko'];
$vremec = time();
if ($_POST['seg_date'] != "") {
$middle_d = strtotime($seg_date);
$seg_date = date('Y-m-d', $middle_d);
} else {
$seg_date = date('Y-m-d', $vremec);
}
$vreme = date('d-m-y-H-i-s', $vremec);
//Ispravke u bazi
$DB = new db();
$SQL = "UPDATE\n\t\t\t\t\t\t\tpages \n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\tcontent = '" . $DB->c($cms_text) . "'\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\tid_page = '" . $DB->c($id_page) . "' ";
$result = $DB->query($SQL);
$DB->close();
$result = true;
if ($result) {
$poruka = "Content changed!";
} else {
$poruka = "Error, Content is not changed";
}
} else {
$poruka = "Unauthorized direct access to the page!";
}
header("Location: cms_" . $page . ".php?message=" . $poruka . "");
}
//Ucitavamo mysql klasu
if ($_POST['place_name'] != "" && $_POST['show_date'] != "") {
//$naslov = mysql_real_escape_string($_POST['naziv']);
$place_name = $request->post['place_name'];
$place_loc = $request->post['place_loc'];
$show_date = $request->post['show_date'];
$show_hour = $request->post['show_hour'];
$show_mins = $request->post['show_mins'];
// Pretvaramo datum iz forme i vreme u format koji nam odgovara za upis u bazu
$datum = explode("-", $show_date);
"dd-mm-yyyy";
$sDate = $datum[2] . "-" . $datum[1] . "-" . $datum[0];
$s_datetime = $sDate . " " . $show_hour . ":" . $show_mins . ":00";
$idko = $_SESSION['sidko'];
$vremec = time();
// Unosimo novu kategoriju u bazu
$DB = new db();
$SQL = "INSERT INTO shows (\n\t\t\t\tplace,\n\t\t\t\tgps_loc,\n\t\t\t\tshow_time\n\t\t\t) VALUES( \n\t\t\t\t'" . $DB->c($place_name) . "', \n\t\t\t\t'" . $DB->c($place_loc) . "', \n\t\t\t\t'" . $DB->c($s_datetime) . "'\n\t\t\t)";
$result = $DB->query($SQL);
$DB->close();
$result = true;
if ($result) {
$poruka = "Place and time successfully set!";
} else {
$poruka = "Error, Place and time is not set";
}
} else {
$poruka = "Unauthorized direct access to the page!";
}
header("Location: shows.php?message={$poruka}");
}
