function admin_cms_edit($id) { global $db; ob_end_clean(); $db->setMode(0); ajax_convert_array($_POST); if (@$_SESSION['rights']['admin']['cms']['edit'] or @$_SESSION['rights']['superadmin']) { $lang = array(); foreach ($_POST as $key => $value) { if (strpos($key, 'cription_')) { $lang[substr($key, strpos($key, '_') + 1)] = $value; } } $head = array(); foreach ($_POST as $key => $value) { if (strpos($key, 'eadline_')) { $head[substr($key, strpos($key, '_') + 1)] = $value; } } if ($db->query(sprintf('UPDATE ' . DB_PRE . 'ecp_cms SET `headline` = \'%s\', `content` = \'%s\', `access` = \'%s\' WHERE cmsID = %d', strsave(json_encode($head)), strsave(json_encode($lang)), strsave(admin_make_rights($_POST['rights'])), $id))) { echo 'ok'; } } else { echo html_ajax_convert(NO_ADMIN_RIGHTS); } die; }
function admin_calendar_add() { global $db; ob_end_clean(); ajax_convert_array($_POST); if (@$_SESSION['rights']['admin']['calendar']['add'] or @$_SESSION['rights']['superadmin']) { $db->setMode(0); $lang = array(); foreach ($_POST as $key => $value) { if (strpos($key, 'cription_')) { $lang[substr($key, strpos($key, '_') + 1)] = $value; } } if ($db->query(sprintf('INSERT INTO ' . DB_PRE . 'ecp_calendar (`eventname`, `inhalt`, `access`, `datum`, `userID`) VALUES (\'%s\', \'%s\', \'%s\', %d, %d)', strsave($_POST['eventname']), strsave(json_encode($lang)), strsave(admin_make_rights($_POST['rights'])), strtotime($_POST['datum']), $_SESSION['userID']))) { echo 'ok'; } } else { echo html_ajax_convert(NO_ADMIN_RIGHTS); } die; }
function admin_downloads_kate_edit($id) { global $db; ob_end_clean(); ajax_convert_array($_POST); if ($_POST['kname'] == '') { echo NOT_NEED_ALL_INPUTS; } else { $lang = array(); foreach ($_POST as $key => $value) { if (strpos($key, 'cription_')) { $lang[substr($key, strpos($key, '_') + 1)] = $value; } } $sql = sprintf('UPDATE ' . DB_PRE . 'ecp_downloads_kate SET `subkID` = %d, `kname` = \'%s\', `beschreibung` = \'%s\', `access` = \'%s\' WHERE kID = %d', (int) $_POST['subID'], strsave($_POST['kname']), strsave(json_encode($lang)), strsave(admin_make_rights($_POST['rights'])), $id); $db->setMode(0); if ($db->query($sql)) { echo 'ok'; } } die; }
function admin_menu_edit($id) { global $db; if (@$_SESSION['rights']['admin']['menu']['edit'] or @$_SESSION['rights']['superadmin']) { if (isset($_POST['submit'])) { if ($_POST['name'] == '' or $_POST['design'] == '') { table(ERROR, NOT_NEED_ALL_INPUTS); $tpl = new smarty(); foreach ($_POST as $key => $value) { $tpl->assign($key, $value); } $tpl->assign('module', get_module($_POST['modul'])); $tpl->assign('designs', get_designs($_POST['design'])); $tpl->assign('access', get_form_rights($_POST['access'])); $tpl->assign('func', 'add'); $lang = get_languages(); in_array('all', $_POST['language']) ? $options = '<option value="all" selected="selected">' . ALL . '</option>' : ($options = '<option value="all">' . ALL . '</option>'); foreach ($lang as $value) { $options .= '<option ' . (in_array($value['lang'], $_POST['language']) ? ' selected="selected"' : '') . 'value="' . $value['lang'] . '">' . $value['name'] . '</option>'; } $tpl->assign('languages', $options); ob_start(); $tpl->display(DESIGN . '/tpl/admin/menu_add_edit.html'); $content = ob_get_contents(); ob_end_clean(); main_content(MENU_ADD, $content, '', 1); } else { if (in_array('all', $_POST['language'])) { $lang = ''; } else { $lang = ',' . implode(',', $_POST['language']) . ','; } $sql = sprintf('UPDATE ' . DB_PRE . 'ecp_menu SET `name` = \'%s\', `headline` = \'%s\', `inhalt` = \'%s\', `hposi` = \'%s\', `usetpl` =%d, `design` = \'%s\', `access` = \'%s\', `lang` = \'%s\', `modul` = \'%s\' WHERE menuID = %d', strsave($_POST['name']), strsave($_POST['headline']), strsave($_POST['inhalt']), strsave($_POST['postion']), (int) @$_POST['usetpl'], strsave($_POST['design']), strsave(admin_make_rights($_POST['access'])), strsave($lang), strsave($_POST['modul']), $id); if ($db->query($sql)) { header1('?section=admin&site=menu'); } } } else { $menu = $db->fetch_assoc('SELECT * FROM ' . DB_PRE . 'ecp_menu WHERE menuID = ' . $id); $tpl = new smarty(); $menu['headline'] = htmlentities($menu['headline']); foreach ($menu as $key => $value) { $tpl->assign($key, $value); } $tpl->assign('func', 'edit&id=' . $id); $tpl->assign('module', get_module($menu['modul'])); $tpl->assign('designs', get_designs($menu['design'])); $tpl->assign('access', get_form_rights(explode(',', $menu['access']))); $lang = get_languages(); $langs = explode(',', $menu['lang']); $options = '<option value="all" ' . (count($langs) < 3 ? 'selected="selected"' : '') . '>' . ALL . '</option>'; foreach ($lang as $value) { $options .= '<option ' . (in_array($value['lang'], $langs) ? ' selected="selected"' : '') . 'value="' . $value['lang'] . '">' . $value['name'] . '</option>'; } $tpl->assign('languages', $options); ob_start(); $tpl->display(DESIGN . '/tpl/admin/menu_add_edit.html'); $content = ob_get_contents(); ob_end_clean(); main_content(MENU_EDIT, $content, '', 1); } } else { table(ERROR, NO_ADMIN_RIGHTS); } }
function admin_forum_edit($id) { global $db; if (@$_SESSION['rights']['admin']['forum']['edit'] or @$_SESSION['rights']['superadmin']) { if (isset($_POST['submit'])) { if ($_POST['name'] == '') { table(ERROR, NOT_NEED_ALL_INPUTS); } else { $sql = sprintf('UPDATE ' . DB_PRE . 'ecp_forum_boards SET `boardparentID` = %d, `name` = \'%s\', `beschreibung` = \'%s\', `closed` = %d, `attachments` = %d, `attachmaxsize` = %d, `rightsread` = \'%s\', `threadopen` = \'%s\', `postcom` = \'%s\', `editcom` = \'%s\', `startsurvey` = \'%s\', `votesurvey` = \'%s\', `attachfiles` = \'%s\', `downloadattch` = \'%s\', `threadclose` = \'%s\', `threaddel` = \'%s\', `threadmove` = \'%s\', `threadpin` = \'%s\', `editmocom` = \'%s\', `delcom` = \'%s\', `commentsperpost` = %d, `moneyperpost` = %f WHERE boardID = %d', $_POST['boardparentID'], strsave($_POST['name']), strsave($_POST['beschreibung']), $_POST['closed'], $_POST['attachments'], $_POST['attachmaxsize'] * $_POST['modifkator'], admin_make_rights($_POST['rightsread']), admin_make_rights($_POST['threadopen']), admin_make_rights($_POST['postcom']), admin_make_rights($_POST['editcom']), admin_make_rights($_POST['startsurvey']), admin_make_rights($_POST['votesurvey']), admin_make_rights($_POST['attachfiles']), admin_make_rights($_POST['downloadattch']), admin_make_rights($_POST['threadclose']), admin_make_rights($_POST['threaddel']), admin_make_rights($_POST['threadmove']), admin_make_rights($_POST['threadpin']), admin_make_rights($_POST['editmocom']), admin_make_rights($_POST['delcom']), $_POST['commentsperpost'], str_replace(',', '.', $_POST['moneyperpost']), $id); if ($db->query($sql)) { header1('?section=admin&site=forum'); } } } else { $tpl = new smarty(); $boardinfos = $db->fetch_assoc('SELECT `boardparentID`, `beschreibung`, `name`, `isforum`, `closed`, `commentsperpost`, `moneyperpost`, `attachments`, `attachmaxsize`, `rightsread`, `threadopen`, `postcom`, `editcom`, `startsurvey`, `votesurvey`, `attachfiles`, `downloadattch`, `threadclose`, `threaddel`, `threadmove`, `threadpin`, `editmocom`, `delcom` FROM ' . DB_PRE . 'ecp_forum_boards WHERE boardID = ' . $id); $tpl->assign('beschreibung', $boardinfos['beschreibung']); $tpl->assign('isforum', $boardinfos['isforum']); $tpl->assign('closed', $boardinfos['closed']); $tpl->assign('commentsperpost', $boardinfos['commentsperpost']); $tpl->assign('moneyperpost', $boardinfos['moneyperpost']); $tpl->assign('attachments', $boardinfos['attachments']); $tpl->assign('attachmaxsize', $boardinfos['attachmaxsize']); $tpl->assign('name', $boardinfos['name']); $db->query('SELECT groupID, name FROM ' . DB_PRE . 'ecp_groups ORDER by name ASC'); $gruppen = array(); while ($row = $db->fetch_assoc()) { $gruppen[] = $row; } $db->query('SELECT boardID, name FROM ' . DB_PRE . 'ecp_forum_boards WHERE isforum = 0 ORDER BY name ASC'); $boards = ''; while ($row = $db->fetch_assoc()) { $boards .= '<option ' . ($boardinfos['boardparentID'] == $row['boardID'] ? 'selected="selected" ' : '') . 'value="' . $row['boardID'] . '">' . $row['name'] . '</option>'; } $tpl->assign('boards', $boards); $tpl->assign('rightsread', forum_make_rights($gruppen, explode(',', substr($boardinfos['rightsread'], 1, strlen($boardinfos['rightsread']) - 2)))); $tpl->assign('threadopen', forum_make_rights($gruppen, explode(',', substr($boardinfos['threadopen'], 1, strlen($boardinfos['threadopen']) - 2)))); $tpl->assign('postcom', forum_make_rights($gruppen, explode(',', substr($boardinfos['postcom'], 1, strlen($boardinfos['postcom']) - 2)))); $tpl->assign('editcom', forum_make_rights($gruppen, explode(',', substr($boardinfos['editcom'], 1, strlen($boardinfos['editcom']) - 2)))); $tpl->assign('startsurvey', forum_make_rights($gruppen, explode(',', substr($boardinfos['startsurvey'], 1, strlen($boardinfos['startsurvey']) - 2)))); $tpl->assign('votesurvey', forum_make_rights($gruppen, explode(',', substr($boardinfos['votesurvey'], 1, strlen($boardinfos['votesurvey']) - 2)))); $tpl->assign('attachfiles', forum_make_rights($gruppen, explode(',', substr($boardinfos['attachfiles'], 1, strlen($boardinfos['attachfiles']) - 2)))); $tpl->assign('downloadattch', forum_make_rights($gruppen, explode(',', substr($boardinfos['downloadattch'], 1, strlen($boardinfos['downloadattch']) - 2)))); $tpl->assign('threadclose', forum_make_rights($gruppen, explode(',', substr($boardinfos['threadclose'], 1, strlen($boardinfos['threadclose']) - 2)))); $tpl->assign('threaddel', forum_make_rights($gruppen, explode(',', substr($boardinfos['threaddel'], 1, strlen($boardinfos['threaddel']) - 2)))); $tpl->assign('threadmove', forum_make_rights($gruppen, explode(',', substr($boardinfos['threadmove'], 1, strlen($boardinfos['threadmove']) - 2)))); $tpl->assign('threadpin', forum_make_rights($gruppen, explode(',', substr($boardinfos['threadpin'], 1, strlen($boardinfos['threadpin']) - 2)))); $tpl->assign('editmocom', forum_make_rights($gruppen, explode(',', substr($boardinfos['editmocom'], 1, strlen($boardinfos['editmocom']) - 2)))); $tpl->assign('delcom', forum_make_rights($gruppen, explode(',', substr($boardinfos['delcom'], 1, strlen($boardinfos['delcom']) - 2)))); $tpl->assign('url', 'edit&id=' . $id); ob_start(); $tpl->display(DESIGN . '/tpl/admin/forum_add_edit.html'); $content = ob_get_contents(); ob_end_clean(); main_content(FORUM_ADD, $content, '', 1); } } else { table(ERROR, NO_ADMIN_RIGHTS); } }
function admin_gallery_edit($id) { global $db; $db->setMode(0); ob_end_clean(); ajax_convert_array($_POST); if (!isset($_SESSION['rights']['admin']['gallery']['edit']) and !isset($_SESSION['rights']['superadmin'])) { table(ERROR, NO_ADMIN_RIGHTS); } else { if ($_POST['name'] == '' or !$_POST['folder'] or !$_POST['cID']) { echo NOT_NEED_ALL_INPUTS; } else { $old = $db->result(DB_PRE . 'ecp_gallery', 'cID', 'galleryID = ' . $id); $sql = sprintf('UPDATE ' . DB_PRE . 'ecp_gallery SET `name` = \'%s\', `folder` = \'%s\', `cID` = %d, `access` = \'%s\' WHERE galleryID = %d', strsave($_POST['name']), strsave($_POST['folder']), (int) $_POST['cID'], strsave(admin_make_rights($_POST['access'])), $id); if ($db->query($sql)) { echo 'ok'; if ($_POST['cID'] != $old) { $db->query('UPDATE ' . DB_PRE . 'ecp_gallery_kate SET galleries = galleries +1 WHERE kateID =' . (int) $_POST['cID']); $db->query('UPDATE ' . DB_PRE . 'ecp_gallery_kate SET galleries = galleries -1 WHERE kateID =' . $old); } } } } die; }