/**
* Log to db
*
* Default log types: DEBUG|INFO|ERROR|INFO or use specific module name
*/
function log_message($type = 'UNDEFINED', $message = '', $userid = 0)
{
$log = array('log_created' => date('Y-m-d H:i:s', now()), 'log_type' => 'UNDEFINED', 'log_ip' => getRemoteIP(), 'log_user_agent' => '', 'log_user_id' => 0, 'log_user_name' => '', 'log_referrer_id' => 0, 'log_referrer_url' => '', 'log_data1' => '', 'log_data2' => '', 'log_data3' => '', 'log_msg' => '');
if (is_array($type)) {
foreach ($type as $key => $value) {
if (isset($log[$key])) {
$log[$key] = $value;
}
}
} else {
$log['log_type'] = trim($type);
$log['log_user_id'] = intval($userid);
$log['log_msg'] = trim($message);
}
$log['log_type'] = strtoupper($log['log_type']);
if ($log['log_user_agent'] == '') {
$log['log_user_agent'] = empty($_SERVER['HTTP_USER_AGENT']) ? implode(', ', phpwcms_getUserAgent()) : $_SERVER['HTTP_USER_AGENT'];
}
if (empty($log['log_referrer_url']) && isset($_SERVER['HTTP_REFERER'])) {
$log['log_referrer_url'] = $_SERVER['HTTP_REFERER'];
}
_dbInsert('phpwcms_log', $log, 'DELAYED');
}
$cpdata = array('acontent_aid' => $result['INSERT_ID'], 'acontent_uid' => $feedimport_result['cnt_object']['author_id'], 'acontent_created' => date('Y-m-d H:i:s', now()), 'acontent_tstamp' => date('Y-m-d H:i:s', now()), 'acontent_title' => '', 'acontent_subtitle' => '', 'acontent_text' => '', 'acontent_html' => '', 'acontent_sorting' => 100, 'acontent_visible' => 1, 'acontent_before' => '', 'acontent_after' => '', 'acontent_top' => 0, 'acontent_block' => 'CONTENT', 'acontent_anchor' => 0, 'acontent_module' => '', 'acontent_comment' => $article_title, 'acontent_paginate_page' => 0, 'acontent_paginate_title' => '', 'acontent_granted' => 0, 'acontent_tab' => '', 'acontent_image' => '', 'acontent_files' => '', 'acontent_redirect' => '', 'acontent_alink' => '', 'acontent_template' => '', 'acontent_spacer' => '', 'acontent_category' => '', 'acontent_lang' => '', 'acontent_alink' => '', 'acontent_redirect' => '', 'acontent_form' => '', 'acontent_media' => '', 'acontent_newsletter' => '');
// CP WYSIWYG HTML
if (preg_match('/<[^<]+>/', $article_content) || preg_match('/&[A-Za-z]+|#x[\\dA-Fa-f]+|#\\d+;/', $article_content)) {
$cpdata['acontent_type'] = 14;
$cpdata['acontent_html'] = $article_content;
} else {
$cpdata['acontent_type'] = 0;
$cpdata['acontent_text'] = $article_content;
}
// Inset CP Data
$insert = _dbInsert('phpwcms_articlecontent', $cpdata);
if (!isset($insert['INSERT_ID'])) {
dumpVar(mysql_error());
}
}
$feedimport_result['status'][] = date('Y-m-d, H:i:s', $article_begin) . LF . $article_title . LF . $rssvalue->get_permalink() . LF . PHPWCMS_URL . 'phpwcms.php?do=articles&p=2&s=1&id=' . $result['INSERT_ID'];
$data = array('cref_type' => 'feed_to_article_import', 'cref_rid' => $result['INSERT_ID'], 'cref_str' => 'feedimport_' . $article_unique_hash);
_dbInsert('phpwcms_crossreference', $data);
$article_sort_counter = $article_sort_counter + 10;
}
}
// check if status email should be sent
if (!empty($feedimport_result['cnt_object']['import_status_email']) && is_valid_email($feedimport_result['cnt_object']['import_status_email'])) {
$feedimport_result['status'] = implode(LF . LF, $feedimport_result['status']);
sendEmail(array('recipient' => $feedimport_result['cnt_object']['import_status_email'], 'subject' => 'Import Status: ' . $feedimport_result['cnt_name'], 'isHTML' => 0, 'text' => $feedimport_result['status'], 'fromName' => 'Feed Importer'));
}
}
}
// we quit here
exit;
}
function update_404redirect()
{
$data = array('error' => array(), 'data' => array('rid' => intval($_POST['rid']), 'alias' => clean_slweg($_POST['alias']), 'id' => trim($_POST['id']) === '' ? '' : intval($_POST['id']), 'aid' => trim($_POST['aid']) === '' || !intval($_POST['aid']) ? '' : intval($_POST['aid']), 'type' => empty($_POST['type']) || !in_array($_POST['type'], array('alias', 'id', 'aid', 'link')) ? '' : clean_slweg($_POST['type']), 'active' => empty($_POST['active']) ? 0 : 1, 'shortcut' => empty($_POST['shortcut']) ? 0 : 1, 'code' => empty($_POST['code']) || !in_array($_POST['code'], array('301', '307', '404', '401', '503')) ? '' : clean_slweg($_POST['code']), 'target' => clean_slweg($_POST['target']), 'changed' => date('Y-m-d H:i:s')));
if (!$data['data']['aid'] && !$data['data']['alias'] && $data['data']['id'] == '' && !isset($_POST['delete_' . md5($data['data']['rid'])])) {
$data['error'][] = $GLOBALS['BL']['be_redirect_error1'];
}
if ($data['data']['type'] && $data['data']['target'] === '') {
$data['error'][] = $GLOBALS['BL']['be_redirect_error2'];
} elseif (($data['data']['type'] == 'id' || $data['data']['type'] == 'aid') && !is_intval($data['data']['target'])) {
$data['error'][] = $GLOBALS['BL']['be_redirect_error3'];
}
if (count($data['error'])) {
$data['data']['active'] = 0;
set_status_message(implode('<br />', $data['error']), 'error');
} else {
$data['error'] = NULL;
$rid = $data['data']['rid'];
unset($data['data']['rid']);
if ($rid) {
// Mark for deletion
if (isset($_POST['delete_' . md5($rid)])) {
$data['data']['active'] = 9;
$result = _dbQuery('DELETE FROM ' . DB_PREPEND . 'phpwcms_redirect WHERE rid=' . $rid, 'DELETE');
} else {
$result = _dbUpdate('phpwcms_redirect', $data['data'], 'rid=' . $rid);
}
} else {
$result = _dbInsert('phpwcms_redirect', $data['data']);
if (isset($result['INSERT_ID'])) {
$rid = $result['INSERT_ID'];
}
}
$data['data']['rid'] = $rid;
if ($result) {
if ($data['data']['active'] == 9) {
set_status_message(str_replace('{ID}', $data['data']['rid'], $GLOBALS['BL']['be_action_deleted']), 'success');
headerRedirect('phpwcms.php?' . get_token_get_string('csrftoken') . '&do=admin&p=14');
} else {
set_status_message($GLOBALS['BL']['be_successfully_saved'], 'success');
}
} else {
set_status_message($GLOBALS['BL']['be_error_while_save'], 'error');
}
}
return $data;
}
headerRedirect($content['404error']['result']['target'], $content['404error']['result']['code']);
break;
case 'aid':
$content['404error']['result']['target'] = abs_url(array(), array(), 'aid=' . $content['404error']['result']['target'], 'rawurlencode');
headerRedirect($content['404error']['result']['target'], $content['404error']['result']['code']);
break;
case 'link':
headerRedirect($content['404error']['result']['target'], $content['404error']['result']['code']);
break;
}
}
}
$content['404error']['result'] = NULL;
} elseif (!empty($phpwcms['log_404error'])) {
// Store failed page access
_dbInsert('phpwcms_redirect', array('id' => $content['404error']['id'], 'aid' => $content['404error']['aid'], 'alias' => $content['404error']['alias'], 'views' => 1));
}
} else {
// Send 200 OK
headerRedirect('', 200, false);
}
}
// define special OUTPUT format/action
$phpwcms['output_action'] = false;
if (!empty($_GET['phpwcms_output_action']) || !empty($_POST['phpwcms_output_action'])) {
// split by function - value: F-function1|function2|function3--S-SECT1|SECT2|SECT3
$phpwcms['output_action'] = explode('--', clean_slweg(empty($_GET['phpwcms_output_action']) ? $_POST['phpwcms_output_action'] : $_GET['phpwcms_output_action']));
unset($_GET['phpwcms_output_action'], $_POST['phpwcms_output_action'], $_getVar['phpwcms_output_action']);
if (is_array($phpwcms['output_action'])) {
$phpwcms['output_function'] = array();
$phpwcms['output_section'] = array();
require_once PHPWCMS_ROOT . '/include/config/conf.template_default.inc.php';
require_once PHPWCMS_ROOT . '/include/config/conf.indexpage.inc.php';
require_once PHPWCMS_ROOT . '/include/inc_lib/general.inc.php';
require_once PHPWCMS_ROOT . '/include/inc_front/cnt.lang.inc.php';
require_once PHPWCMS_ROOT . '/include/inc_lib/modules.check.inc.php';
require_once PHPWCMS_ROOT . '/include/inc_lib/article.contenttype.inc.php';
require PHPWCMS_ROOT . '/include/inc_lib/imagick.convert.inc.php';
require PHPWCMS_ROOT . '/include/inc_front/front.func.inc.php';
require PHPWCMS_ROOT . '/include/inc_front/ext.func.inc.php';
require PHPWCMS_ROOT . '/include/inc_front/content.func.inc.php';
// SEO logging
if (!empty($phpwcms['enable_seolog']) && !empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], $_SERVER['SERVER_NAME']) === false) {
$phpwcms['seo_referrer_data'] = seReferrer($_SERVER['HTTP_REFERER']);
if (is_array($phpwcms['seo_referrer_data'])) {
$phpwcms['seo_referrer_data']['hash'] = md5(strtolower($phpwcms['seo_referrer_data']['domain'] . $phpwcms['seo_referrer_data']['query']));
@_dbInsert('phpwcms_log_seo', $phpwcms['seo_referrer_data'], 'DELAYED');
}
}
$phpwcms["templates"] = TEMPLATE_PATH;
$content['page_start'] = sprintf(PHPWCMS_DOCTYPE, $phpwcms['htmlhead_inject_prefix'], str_replace('{DOCTYPE_LANG}', $phpwcms['DOCTYPE_LANG'], PHPWCMS_DOCTYPE_LANG) . ' id="' . str_replace(array('.', '/'), '-', PHPWCMS_HOST) . '"', empty($content['htmltag_inject']) ? '' : ' ' . $content['htmltag_inject'], $phpwcms['htmlhead_inject_suffix'], sprintf(PHPWCMS_HEADER_COMMENT, empty($phpwcms['header_comment']) ? '' : LF . ' ' . trim($phpwcms['header_comment']) . LF), $phpwcms['htmlhead_inject']);
// Compatibility Mode
if (!empty($phpwcms['X-UA-Compatible'])) {
$content['page_start'] .= ' <meta http-equiv="X-UA-Compatible" content="' . $phpwcms['X-UA-Compatible'] . '"' . HTML_TAG_CLOSE . LF;
}
// HTML5 does not like content-style-type
if ($phpwcms['mode_XHTML'] != 3) {
$content['page_start'] .= ' <meta http-equiv="content-type" content="' . $_use_content_type . '; charset=' . PHPWCMS_CHARSET . '"' . HTML_TAG_CLOSE . LF;
$content['page_start'] .= ' <meta http-equiv="content-style-type" content="text/css"' . HTML_TAG_CLOSE . LF;
} else {
$content['page_start'] .= ' <meta charset="' . PHPWCMS_CHARSET . '"' . HTML_TAG_CLOSE . LF;
}
} else {
$sendbutton = $BL['be_admin_fcat_button2'];
//create group
}
if (!empty($_POST["group_aktion"])) {
$group["id"] = intval($_POST["group_id"]);
$group["name"] = clean_slweg($_POST["group_name"], 250);
$group["member"] = isset($_POST["acat_access"]) && is_array($_POST["acat_access"]) ? implode(',', $_POST["acat_access"]) : '';
$group["value"] = clean_slweg($_POST["group_value"]);
$group["trash"] = empty($_POST["group_trash"]) ? 0 : intval($_POST["group_trash"]);
$group["active"] = empty($_POST["group_active"]) ? 0 : 1;
if (empty($group["name"])) {
$group["error"] = 1;
} else {
$data = array('group_name' => $group["name"], 'group_member' => $group["member"], 'group_value' => $group["value"], 'group_trash' => $group["trash"], 'group_active' => $group["active"]);
$result = $group["id"] ? _dbUpdate('phpwcms_usergroup', $data, 'group_id=' . $group["id"]) : _dbInsert('phpwcms_usergroup', $data);
if (isset($result['AFFECTED_ROWS']) || isset($result['INSERT_ID'])) {
headerRedirect(PHPWCMS_URL . 'phpwcms.php?' . get_token_get_string('csrftoken') . '&do=admin&p=1');
} else {
echo mysql_error();
}
}
$group["member"] = convertStringToArray($group["member"]);
}
?>
<form action="phpwcms.php?do=admin&p=1&create_group=1" method="post" name="editsitestructure" id="editsitestructure" onsubmit="selectAllOptions(this.acat_access);selectAllOptions(this.acat_cp);var x = wordcount(this.acat_name.value);if(x<1) {alert('Fill in a category title! \n\n('+x+' words total)');this.acat_name.focus();return false;}">
<tr align="center" bgcolor="#F0F2F4"><td colspan="2"><table border="0" cellpadding="0" cellspacing="0" summary="">
<?php
function _dbSaveCategories($categories = array(), $type = '', $pid = 0, $seperator = ',')
{
$pid = intval($pid);
$type = trim($type);
if (is_string($categories)) {
$categories = convertStringToArray($categories, $seperator);
}
// delete all related categories first
if ($type && $pid) {
$sql = 'DELETE FROM ' . DB_PREPEND . 'phpwcms_categories WHERE cat_pid=' . $pid . " AND cat_type=" . _dbEscape($type);
_dbQuery($sql, 'DELETE');
}
if (is_array($categories) && count($categories) && $type && $pid) {
$data = array('cat_type' => $type, 'cat_pid' => $pid, 'cat_status' => 1, 'cat_createdate' => date('Y-m-d H:i:s'), 'cat_changedate' => date('Y-m-d H:i:s'), 'cat_name' => '', 'cat_info' => '');
foreach ($categories as $value) {
$value = trim($value);
if ($value != '') {
$data['cat_name'] = $value;
_dbInsert('phpwcms_categories', $data);
}
}
}
}
$mail_neworder = str_replace('{SHIPPING_DISTANCE_LABEL}', $subtotal['shipping_distance_details']['label'], $mail_neworder);
} else {
$mail_customer = render_cnt_template($mail_customer, 'SHIPPING_DISTANCE', '');
$mail_neworder = render_cnt_template($mail_neworder, 'SHIPPING_DISTANCE', '');
}
$payment_options = get_payment_options();
foreach ($payment_options as $item_key => $row) {
$mail_customer = render_cnt_template($mail_customer, 'PAYBY_' . strtoupper($item_key), '');
$mail_neworder = render_cnt_template($mail_neworder, 'PAYBY_' . strtoupper($item_key), '');
}
$mail_customer = str_replace(array('{CURRENCY_SYMBOL}', '{$}'), $_shopPref['shop_pref_currency'], $mail_customer);
$mail_neworder = str_replace(array('{CURRENCY_SYMBOL}', '{$}'), $_shopPref['shop_pref_currency'], $mail_neworder);
// store order in database
$order_data = array('order_number' => $order_num, 'order_date' => gmdate('Y-m-d H:i'), 'order_name' => $_SESSION[CART_KEY]['step1']['INV_NAME'], 'order_firstname' => $_SESSION[CART_KEY]['step1']['INV_FIRSTNAME'], 'order_email' => $_SESSION[CART_KEY]['step1']['EMAIL'], 'order_net' => $subtotal['float_total_net'], 'order_gross' => $subtotal['float_total_gross'], 'order_payment' => $payment, 'order_data' => @serialize(array('cart' => $cart_data, 'address' => $_SESSION[CART_KEY]['step1'], 'mail_customer' => $mail_customer, 'mail_self' => $mail_neworder, 'subtotal' => array('subtotal_net' => $subtotal['float_net'], 'subtotal_gross' => $subtotal['float_gross']), 'shipping' => array('shipping_net' => $subtotal['float_shipping_net'], 'shipping_gross' => $subtotal['float_shipping_gross'], 'shipping_distance' => $subtotal['shipping_distance'] === false ? 0 : $subtotal['shipping_distance']), 'discount' => array('discount_net' => $subtotal['float_discount_net'], 'discount_gross' => $subtotal['float_discount_gross']), 'loworder' => array('loworder_net' => $subtotal['float_loworder_net'], 'loworder_gross' => $subtotal['float_loworder_gross']), 'weight' => $subtotal['float_weight'], 'lang' => $phpwcms['default_lang'], 'distance' => $subtotal['shipping_distance'] === false ? null : $subtotal['shipping_distance_details'])), 'order_status' => 'NEW-ORDER');
// receive order db ID
$order_data = _dbInsert('phpwcms_shop_orders', $order_data);
// send mail to customer
$email_from = _getConfig('shop_pref_email_from', '_shopPref');
if (!is_valid_email($email_from)) {
$email_from = $phpwcms['SMTP_FROM_EMAIL'];
}
$order_mail_customer = array('recipient' => $_SESSION[CART_KEY]['step1']['EMAIL'], 'toName' => $_SESSION[CART_KEY]['step1']['INV_FIRSTNAME'] . ' ' . $_SESSION[CART_KEY]['step1']['INV_NAME'], 'subject' => str_replace('{ORDER}', $order_num, $_tmpl['config']['mail_customer_subject']), 'text' => $mail_customer, 'from' => $email_from, 'sender' => $email_from);
$order_data_mail_customer = sendEmail($order_mail_customer);
// send mail to shop
$send_order_to = convertStringToArray(_getConfig('shop_pref_email_to', '_shopPref'), ';');
if (empty($send_order_to[0]) || !is_valid_email($send_order_to[0])) {
$email_to = $phpwcms['SMTP_FROM_EMAIL'];
} else {
$email_to = $send_order_to[0];
unset($send_order_to[0]);
}
$img_sql .= $article['image']['list_id'] . " LIMIT 1";
if ($img_result = mysql_query($img_sql, $db) or die("error while getting content image info")) {
if ($img_row = mysql_fetch_assoc($img_result)) {
$article['image']['list_id'] = $img_row['f_id'];
$article['image']['list_name'] = $img_row['f_name'];
$article['image']['list_hash'] = $img_row['f_hash'];
$article['image']['list_ext'] = $img_row['f_ext'];
}
mysql_free_result($img_result);
}
}
if (count($article_err) == 0) {
if ($article["article_id"] == 0) {
// Insert (create) new article
$data = array('article_created' => time(), "article_cid" => $article["article_catid"], "article_title" => $article["article_title"], "article_alias" => $article["article_alias"], "article_keyword" => $article["article_keyword"], "article_aktiv" => $article["article_aktiv"], "article_begin" => $article["article_begin"], "article_end" => $article["article_end"], "article_subtitle" => $article["article_subtitle"], "article_summary" => $article["article_summary"], "article_redirect" => $article["article_redirect"], "article_sort" => $article["article_sort"], "article_username" => $article["article_username"], "article_notitle" => $article["article_notitle"], "article_hidesummary" => $article["article_hidesummary"], "article_image" => serialize($article['image']), "article_cache" => $article["article_timeout"], "article_nosearch" => $article['article_nosearch'], "article_nositemap" => $article['article_nositemap'], "article_aliasid" => $article['article_aliasid'], "article_headerdata" => $article['article_headerdata'], "article_morelink" => $article['article_morelink'], "article_noteaser" => $article['article_noteaser'], "article_pagetitle" => $article['article_pagetitle'], "article_paginate" => $article['article_paginate'], "article_priorize" => $article['article_priorize'], "article_norss" => $article['article_norss'], "article_uid" => $article["article_uid"], "article_archive_status" => $article["article_archive_status"], "article_menutitle" => $article["article_menutitle"], 'article_description' => $article["article_description"], 'article_serialized' => '', 'article_lang' => $article["article_lang"], 'article_lang_type' => $article["article_lang_type"], 'article_lang_id' => $article["article_lang_id"], 'article_opengraph' => $article["article_opengraph"], 'article_canonical' => $article["article_canonical"]);
$result = _dbInsert('phpwcms_article', $data);
if (isset($result['INSERT_ID'])) {
$article["article_id"] = $result['INSERT_ID'];
} else {
$result = false;
}
} else {
// Update article summary data
$sql = "UPDATE " . DB_PREPEND . "phpwcms_article SET " . "article_cid=" . $article["article_catid"] . "," . "article_title=" . _dbEscape($article["article_title"]) . ", " . "article_alias=" . _dbEscape($article["article_alias"]) . ", " . "article_keyword=" . _dbEscape($article["article_keyword"]) . ", " . "article_aktiv=" . $article["article_aktiv"] . ", " . "article_begin=" . _dbEscape($article["article_begin"]) . ", " . "article_end=" . _dbEscape($article["article_end"]) . ", " . "article_subtitle=" . _dbEscape($article["article_subtitle"]) . ", " . "article_summary=" . _dbEscape($article["article_summary"]) . ", " . "article_redirect=" . _dbEscape($article["article_redirect"]) . ", " . "article_sort=" . _dbEscape($article["article_sort"]) . ", " . "article_username="******"article_username"]) . ", " . "article_notitle=" . $article["article_notitle"] . ", " . "article_hidesummary=" . $article["article_hidesummary"] . ", " . "article_image=" . _dbEscape(serialize($article['image'])) . ", " . "article_cache=" . _dbEscape($article["article_timeout"]) . ", " . "article_nosearch=" . _dbEscape($article['article_nosearch']) . ", " . "article_nositemap=" . $article['article_nositemap'] . ", " . "article_aliasid=" . $article['article_aliasid'] . ", " . "article_headerdata=" . $article['article_headerdata'] . ", " . "article_morelink=" . $article['article_morelink'] . ", " . "article_noteaser=" . $article['article_noteaser'] . ", " . "article_pagetitle=" . _dbEscape($article['article_pagetitle']) . ", " . "article_paginate=" . $article['article_paginate'] . ", " . "article_priorize=" . $article['article_priorize'] . ", " . "article_norss=" . $article['article_norss'] . ", " . "article_archive_status=" . $article['article_archive_status'] . ", " . "article_menutitle=" . _dbEscape($article["article_menutitle"]) . "," . "article_description=" . _dbEscape($article["article_description"]) . ", " . "article_lang=" . _dbEscape($article["article_lang"]) . ", " . "article_lang_type=" . _dbEscape($article["article_lang_type"]) . ", " . "article_lang_id=" . _dbEscape($article["article_lang_id"]) . ", " . "article_opengraph=" . $article["article_opengraph"] . ', ' . "article_canonical=" . _dbEscape($article["article_canonical"]);
if ($_SESSION["wcs_user_admin"]) {
$sql .= ", article_uid=" . $article["article_uid"];
}
$sql .= " WHERE article_id=" . $article["article_id"];
$result = _dbQuery($sql, 'UPDATE');
}
if ($result) {
/**
* put the geocode lat/lon points into cache for given address
*
* @param string $address
* @param string $lon the map latitude (horizontal)
* @param string $lat the map latitude (vertical)
* @return bool Status of put cache request
*/
function putCache($address, $lon, $lat)
{
if (strlen($address) == 0 || strlen($lon) == 0 || strlen($lat) == 0) {
return false;
}
_dbInsert($this->_db_cache_table, array('address' => $address, 'lon' => $lon, 'lat' => $lat), 'LOW_PRIORITY');
return true;
}
}
$uploader = new qqFileUploader($phpwcms['allowed_upload_ext'], min($post_max_size, $upload_max_filesize, $phpwcms['file_maxsize']));
$uploadDir = PHPWCMS_ROOT . $phpwcms["ftp_path"];
// Call handleUpload() with the name of the folder, relative to PHP's getcwd()
$result = $uploader->handleUpload($uploadDir, NULL, TRUE, FALSE);
$result['filename'] = $uploader->getUploadName();
if (!empty($result['success']) && !empty($_GET['file_public'])) {
require_once PHPWCMS_ROOT . '/include/inc_lib/dbcon.inc.php';
$data = array('f_pid' => intval($_GET['file_dir']), 'f_uid' => intval($_SESSION["wcs_user_id"]), 'f_kid' => 1, 'f_aktiv' => 1, 'f_public' => 1, 'f_name' => $result['filename'], 'f_created' => now(), 'f_size' => $uploader->getFileSize(), 'f_type' => $uploader->getFileType(), 'f_ext' => strtolower($uploader->getFileExtension()), 'f_longinfo' => slweg($_GET['file_longinfo']), 'f_hash' => md5($result['filename'] . microtime()), 'f_copyright' => slweg($_GET['file_copyright']), 'f_tags' => clean_slweg($_GET['file_tags']));
if (PHPWCMS_CHARSET != 'utf-8') {
$data['f_name'] = makeCharsetConversion($data['f_name'], 'utf-8', PHPWCMS_CHARSET);
$data['f_longinfo'] = makeCharsetConversion($data['f_longinfo'], 'utf-8', PHPWCMS_CHARSET);
$data['f_copyright'] = makeCharsetConversion($data['f_copyright'], 'utf-8', PHPWCMS_CHARSET);
$data['f_tags'] = makeCharsetConversion($data['f_tags'], 'utf-8', PHPWCMS_CHARSET);
}
$insert = _dbInsert('phpwcms_file', $data);
// move uploaded file
if (!empty($insert['INSERT_ID'])) {
$userftppath = PHPWCMS_ROOT . $phpwcms["ftp_path"];
$useruploadpath = PHPWCMS_ROOT . $phpwcms["file_path"];
$usernewfile = $useruploadpath . $data['f_hash'];
if ($data['f_ext']) {
$usernewfile .= '.' . $data['f_ext'];
}
$oldmask = umask(0);
if ($dir = @opendir($useruploadpath) && @copy($userftppath . $result['filename'], $usernewfile)) {
@unlink($userftppath . $result['filename']);
} else {
require PHPWCMS_ROOT . '/include/inc_lang/backend/en/lang.inc.php';
$cust_lang = PHPWCMS_ROOT . '/include/inc_lang/backend/' . strtolower(substr($_SESSION["wcs_user_lang"], 0, 2)) . '/lang.inc.php';
if (is_file($cust_lang)) {
if (is_array($data[$key[0]]) || is_object($data[$key[0]])) {
$data_serialize[$key[0]] = $key[0];
}
}
if (count($data_serialize)) {
foreach ($data_serialize as $value) {
$data[$value] = serialize($data[$value]);
}
}
if ($plugin['data']['id']) {
// UPDATE
$result = _dbUpdate('phpwcms_content', $data, 'cnt_id=' . $plugin['data']['id'] . ' AND cnt_module=' . _dbEscape(MODULE_KEY));
} else {
// INSERT
$data['cnt_created'] = now();
$result = _dbInsert('phpwcms_content', $data);
}
// Back to module listing
if (isset($_POST['save'])) {
headerRedirect(MODULE_HREF_DECODE);
}
// set ID
if (!empty($result['INSERT_ID'])) {
$plugin['data']['id'] = $result['INSERT_ID'];
$plugin['id'] = $result['INSERT_ID'];
}
} else {
set_status_message(implode(LF, $plugin['error']), 'warning');
}
}
// try to read entry from database
function edit()
{
$this->newsId = intval($_GET['cntid']);
$this->data = array();
if (isset($_GET['status'])) {
$status = intval($_GET['status']);
switch ($status) {
case 0:
case 1:
case 9:
_dbUpdate('phpwcms_content', array('cnt_status' => $status), 'cnt_id=' . $this->newsId);
set_status_message($status == 9 ? $this->BL['be_action_deleted'] : $this->BL['be_action_status'], 'success', array('ID' => $this->newsId));
break;
default:
set_status_message($this->BL['be_action_notvalid'], 'warning');
}
headerRedirect($this->base_url_decoded);
}
$start_date = 0;
$end_date = 0;
$this->data = array('cnt_id' => 0, 'cnt_pid' => 0, 'cnt_status' => intval($this->phpwcms['set_news_active']), 'cnt_livedate' => '0000-00-00 00:00:00', 'cnt_killdate' => '0000-00-00 00:00:00', 'cnt_archive_status' => 1, 'cnt_alias' => '', 'cnt_name' => '', 'cnt_title' => '', 'cnt_subtitle' => '', 'cnt_editor' => '', 'cnt_place' => '', 'cnt_teasertext' => '', 'cnt_text' => '', 'cnt_duplicate' => 0, 'cnt_lang' => '', 'cnt_prio' => 0, 'cnt_readmore' => 1, 'cnt_image' => array('id' => 0, 'name' => '', 'zoom' => 0, 'lightbox' => 0, 'caption' => '', 'link' => ''), 'cnt_files' => array('id' => array(), 'caption' => '', 'gallery' => 0, 'gallery_download' => 0), 'cnt_link' => '', 'cnt_linktext' => '', 'cnt_category' => '', 'cnt_livedate' => '', 'cnt_killdate' => '', 'cnt_sort' => 0, 'cnt_opengraph' => empty($this->phpwcms['set_sociallink']['news']) ? 0 : 1, 'cnt_textformat' => 'plain', 'cnt_searchoff' => 0);
// check form post
if (isset($_POST['cnt_name'])) {
$post = $this->getPostData();
$post_error = false;
if (!empty($_POST['cnt_duplicate'])) {
$this->newsId = 0;
$duplicate = 1;
$post['cnt_created'] = now();
} else {
$duplicate = 0;
}
// 1st check if we have a name because it's mandatory
if ($post['cnt_name'] == '') {
$post_error = true;
set_status_message($this->BL['be_news_name_mandatory'], 'warning');
$post['cnt_duplicate'] = $duplicate;
}
// do db work
if ($post_error === false) {
$values = $post;
$values['cnt_object'] = serialize($values['cnt_object']);
$success = false;
// store new dataset
if ($this->newsId == 0) {
$result = _dbInsert('phpwcms_content', $values);
if (isset($result['INSERT_ID'])) {
$this->newsId = $result['INSERT_ID'];
$success = true;
set_status_message($this->BL['be_successfully_saved'] . LF . $post['cnt_name'], 'success');
}
// update existing dataset
} else {
$result = _dbUpdate('phpwcms_content', $values, 'cnt_id=' . $this->newsId);
if ($result != false) {
$success = true;
set_status_message($this->BL['be_successfully_updated'] . LF . $post['cnt_name'], 'success');
}
}
// if success
if ($success) {
// save categories
if ($this->newsId) {
_dbSaveCategories($post['cnt_object']['cnt_category'], 'news', $this->newsId, ',');
}
// redirect to form again
if ($this->newsId && isset($_POST['submit'])) {
headerRedirect($this->base_url_decoded . '&cntid=' . $this->newsId . '&action=edit');
// back to listing
} else {
headerRedirect($this->base_url_decoded);
}
// error while storing data
} else {
set_status_message($BL['be_error_while_save'] . trim(html(' ' . mysql_errno() . ': ' . mysql_error())), 'warning');
}
}
$this->data = array_merge($this->data, $post);
} elseif ($this->newsId > 0) {
$result = _dbGet('phpwcms_content', '*', 'cnt_status!=9 AND cnt_id=' . $this->newsId, '', '', '1');
if (isset($result[0])) {
$result[0]['cnt_object'] = @unserialize($result[0]['cnt_object']);
if (is_array($result[0]['cnt_object']['cnt_image'])) {
$result[0]['cnt_image'] = array_merge($this->data['cnt_image'], $result[0]['cnt_object']['cnt_image']);
}
if (is_array($result[0]['cnt_object']['cnt_files'])) {
$result[0]['cnt_files'] = array_merge($this->data['cnt_files'], $result[0]['cnt_object']['cnt_files']);
}
if (isset($result[0]['cnt_object']['cnt_link'])) {
$result[0]['cnt_link'] = $result[0]['cnt_object']['cnt_link'];
}
if (isset($result[0]['cnt_object']['cnt_linktext'])) {
$result[0]['cnt_linktext'] = $result[0]['cnt_object']['cnt_linktext'];
}
if (isset($result[0]['cnt_object']['cnt_category'])) {
$result[0]['cnt_category'] = $result[0]['cnt_object']['cnt_category'];
}
if (isset($result[0]['cnt_object']['cnt_readmore'])) {
$result[0]['cnt_readmore'] = $result[0]['cnt_object']['cnt_readmore'];
}
if (isset($result[0]['cnt_object']['cnt_textformat'])) {
$result[0]['cnt_textformat'] = $result[0]['cnt_object']['cnt_textformat'];
}
if (isset($result[0]['cnt_object']['cnt_searchoff'])) {
$result[0]['cnt_searchoff'] = $result[0]['cnt_object']['cnt_searchoff'];
}
$this->data = array_merge($this->data, $result[0]);
} else {
set_status_message($this->BL['be_data_select_failed'], 'warning');
headerRedirect($this->base_url_decoded);
}
}
$start_date = strtotime($this->data['cnt_livedate']);
$end_date = strtotime($this->data['cnt_killdate']);
$sort_date = intval($this->data['cnt_sort']);
if ($start_date <= 0) {
$this->data['cnt_livedate'] = '0000-00-00 00:00:00';
$this->data['cnt_date_start'] = '';
$this->data['cnt_time_start'] = '';
} else {
$this->data['cnt_date_start'] = date($this->BL['default_date'], $start_date);
$this->data['cnt_time_start'] = date($this->BL['default_time'], $start_date);
}
if ($end_date <= 0) {
$this->data['cnt_killdate'] = '0000-00-00 00:00:00';
$this->data['cnt_date_end'] = '';
$this->data['cnt_time_end'] = '';
} else {
$this->data['cnt_date_end'] = date($this->BL['default_date'], $end_date);
$this->data['cnt_time_end'] = date($this->BL['default_time'], $end_date);
}
// sort date
if ($sort_date <= 0) {
$this->data['cnt_sort'] = 0;
$this->data['cnt_sort_date'] = '';
$this->data['cnt_sort_time'] = '';
} else {
$this->data['cnt_sort_date'] = date($this->BL['default_date'], $sort_date);
$this->data['cnt_sort_time'] = date($this->BL['default_time'], $sort_date);
}
}
