_aenter($_da, 1);
@extract($btags);
extract($_da, EXTR_OVERWRITE);
tpl_refresh($tplname);
@(include M_ROOT . "template/{$templatedir}/pcache/{$tplname}.php");
$_content = ob_get_contents();
ob_clean();
mexit($_content);
}
} else {
load_cache('mlfields');
include_once M_ROOT . "./include/fields.cls.php";
include_once M_ROOT . "./include/upload.cls.php";
include_once M_ROOT . "./include/cheader.inc.php";
include_once M_ROOT . "./include/mcuedit.cls.php";
$inajax ? aheader() : _header();
if (!empty($mcommu['setting']['norepeat']) && ($cid = $db->result_one("SELECT cid FROM {$tblprefix}mflinks WHERE mid='{$mid}' AND fromid='{$memberid}' ORDER BY cid"))) {
mcmessage('dorepeataddflink', axaction(2, M_REFERER));
}
$db->query("INSERT INTO {$tblprefix}mflinks SET\n\t\t\tmid='{$mid}',\n\t\t\tmname='" . $actuser->info['mname'] . "',\n\t\t\tfromid='{$memberid}',\n\t\t\tfromname='" . $curuser->info['mname'] . "',\n\t\t\tcreatedate='{$timestamp}'\n\t\t\t");
if ($cid = $db->insert_id()) {
$uedit = new cls_mcuedit();
$uedit->read($cid, 'flink');
foreach (array('fields') as $var) {
${$var} =& $uedit->{$var};
}
$c_upload = new cls_upload();
$fields = fields_order($fields);
$a_field = new cls_field();
foreach ($fields as $k => $v) {
if (!$v['isfunc'] && !$v['isadmin']) {
<?php
(!defined('M_COM') || !defined('M_ADMIN')) && exit('No Permission');
aheader();
if (!backallow('lang')) {
amessage('no_apermission');
}
load_cache('alangs');
if (empty($action)) {
$action = 'alangsedit';
}
$url_type = 'langs';
include 'urlsarr.inc.php';
url_nav(lang('lanpackmanage'), $urlsarr, 'alang');
if ($action == 'alangsedit') {
$page = !empty($page) ? max(1, intval($page)) : 1;
submitcheck('bfilter') && ($page = 1);
$keyword = empty($keyword) ? '' : $keyword;
$wheresql = '';
$fromsql = "FROM {$tblprefix}alangs";
$keyword && ($wheresql = "WHERE ename LIKE '%" . str_replace(array(' ', '*'), '%', addcslashes($keyword, '%_')) . "%' OR content LIKE '%" . str_replace(array(' ', '*'), '%', addcslashes($keyword, '%_')) . "%'");
$filterstr = '';
foreach (array('keyword') as $k) {
$filterstr .= "&{$k}=" . rawurlencode(stripslashes(${$k}));
}
if (!submitcheck('balangsedit')) {
echo form_str($actionid . 'arcsedit', "?entry=alangs&action=alangsedit&page={$page}");
tabheader_e();
echo "<tr><td class=\"txt txtleft\">";
echo lang('search_keyword') . " <input class=\"text\" name=\"keyword\" type=\"text\" value=\"{$keyword}\" size=\"10\"> ";
echo strbutton('bfilter', 'filter0');
<?php
include_once dirname(dirname(__FILE__)) . '/include/general.inc.php';
include_once M_ROOT . 'include/cheader.inc.php';
$inajax ? aheader() : _header(lang('membergetpwd'), 'curbox');
$forward = empty($forward) ? M_REFERER : $forward;
$forwardstr = 'forward=' . rawurlencode($forward);
empty($action) && ($action = '');
if ($action == 'getpwd' && !empty($mid) && !empty($id)) {
$cmember = $db->fetch_one("SELECT m.mid,m.mname,m.email,s.confirmstr FROM {$tblprefix}members m,{$tblprefix}members_sub s WHERE m.mid='{$mid}' AND s.mid=m.mid");
if (!$cmember || !$cmember['confirmstr']) {
mcmessage('invalidoperate');
}
list($dateline, $deal, $confirmid) = explode("\t", $cmember['confirmstr']);
if ($dateline < $timestamp - 86400 * 3 || $deal != 1 || $confirmid != $id) {
mcmessage('invalidoperate');
}
if (!submitcheck('bgetpwd')) {
tabheader(lang('memberpwdsetting'), 'getpwd', "?action=getpwd&mid={$mid}&id={$id}", 2, 0, 1);
trbasic(lang('membercname'), '', $cmember['mname'], '');
trbasic(lang('inputnewpwd'), 'npassword', '', 'password');
trbasic(lang('renewpwd'), 'npassword2', '', 'password');
$submitstr = '';
$submitstr .= makesubmitstr('npassword', 1, 0, 3, 15);
$submitstr .= makesubmitstr('npassword2', 1, 0, 3, 15);
$submitstr .= tr_regcode('register');
tabfooter('bgetpwd');
check_submit_func($submitstr);
} else {
if (!regcode_pass('register', empty($regcode) ? '' : trim($regcode))) {
mcmessage('safecodeerr');
redirect('index.php?go=admins', true, true);
} else {
aerror('خطأ');
$SQL->close();
exit;
}
} else {
aheader('المدراء');
echo "<ul>";
$result = $SQL->build(array('SELECT' => '*', 'FROM' => "{$dbprefix}admins"));
while ($row = $SQL->fetch_array($result)) {
echo '<li>' . $row['username'] . ' - <a href="index.php?go=admins&delete=' . $row['id'] . '">حذف</a></li>';
}
echo "</ul><hr />";
$SQL->freeresult($result);
echo "<h1>اضف مدير جديد </h1>";
echo '<form method="POST" action="index.php?go=admins">';
echo 'حساب المدير الجديد: <input name="username" value="" type="text" /><br />
كلمة المرور : <input name="userpassword" value="" type="password" /><br />';
echo '<input name="submit" type="submit" value="حفظ" /></form>';
//echo '';
afooter();
}
}
break;
default:
aheader('البداية');
echo '';
afooter();
break;
}
function ainfo($msg = '')
{
aheader('info');
echo '<div style="color:green;"><strong>' . $msg . '</storng></div>';
afooter();
}
function login_msg($message, $url_forward = '', $msgtype = 'message')
{
global $memberid, $curuser, $entry, $lan_title, $cms_regcode, $cms_abs, $mcharset, $param_suffix, $inajax, $infloat, $handlekey, $ajaxtarget;
$url_forward .= $url_forward ? $param_suffix : '';
$entry = mhtmlspecialchars($entry);
$target = $infloat ? ' onclick="floatwin(\'close_' . $handlekey . '\');return floatwin(\'open_login\',this)"' : '';
if ($msgtype == 'message') {
$message = '<tr><td align="center" colspan="2"><br><br>' . $message;
if ($infloat) {
$message .= '<script reload="1">setTimeout("floatwin(\'close_' . $handlekey . '\')", 1250);floatwin(\'closeparent_' . $handlekey . '\')</script><br><br><br></tr>';
} elseif ($url_forward) {
if (preg_match('/[?&]entry=logout\\b/i', $url_forward)) {
$url_forward = '?entry=home';
}
$message .= "<br><br><a href=\"{$url_forward}\">" . lang('clickhere') . "</a>";
$message .= "<script reload=\"1\">setTimeout(\"redirect('{$url_forward}');\", 1250);</script><br><br></td></tr>";
} else {
$message .= '<br><br><br></tr>';
}
} elseif ($msgtype == 'error') {
#$message = '<tr><td align="center" colspan="2"><br>'.lang('cur_member').' '.$curuser->info['mname'].'<br><br>'.$message.
# $message = '<tr><td align="center" colspan="2"><br>'.$message.
#'<br><br>'.($memberid ? '<a href="login.php?action=logout">>>'.lang('logout_member').'</a>' : '<a href="login.php?action=login"'.$target.'>>>'.lang('login_member').'</a>').
#' <a href="'.$cms_abs.'">>>'.lang('goback_index').'</a><br><br></td></tr>';
$extra = isset($entry) && empty($isframe) && $entry != 'logout' ? '?isframe=1&' . $_SERVER['QUERY_STRING'] : (in_array($entry, array('header', 'menu', 'logout')) ? '' : '?' . $_SERVER['QUERY_STRING']);
$message = '<tr><td><form method="post" name="login" action="' . $extra . '"' . ($infloat ? " onsubmit=\"return ajaxform(this)\"" : '') . '>' . '<input type="hidden" name="isframe" value="1">' . '<input type="hidden" name="url_forward" value="' . $url_forward . '">' . '<table width="100%" border="0" cellpadding="0" cellspacing="0">' . '<tr class="txt"><td class="txtC w80">' . lang('admin_account') . '</td>' . '<td class="txt txtL"><input type="text" name="admin_mname" size="25"></td></tr>' . '<tr class="txt"><td class="txtC w80">' . lang('login_pwd') . '</td>' . '<td class="txt txtL"><input type="password" name="admin_password" size="25"></td></tr>';
if ($cms_regcode && in_array('admin', explode(',', $cms_regcode))) {
$message .= '<tr class="txt"><td class="txtC w80">' . lang('regcode') . '</td>' . '<td class="txt txtL"><input type="text" name="regcode" id="regcode" size="4" maxlength="4"> ' . '<img src="tools/regcode.php" style="vertical-align: middle;cursor:pointer;" onClick="this.src=\'tools/regcode.php\'"></td></tr>';
}
$message .= '<tr class="txtcenter"><td colspan="2"><input type="submit" class="btn" value="' . lang('submit') . '" /></td></tr></table></form></td></tr>';
} elseif ($msgtype == 'login') {
if (substr($handlekey, 0, 8) == 'new_new_') {
$message = '<script reload="1">setTimeout("floatwin(\'close_' . $handlekey . '\')", 1250)</script>' . '<td class="txt txtC">' . lang('passerror') . '</td></tr>';
} else {
$extra = isset($entry) && empty($isframe) && $entry != 'logout' ? '?isframe=1&' . $_SERVER['QUERY_STRING'] : (in_array($entry, array('header', 'menu', 'logout')) ? '' : '?' . $_SERVER['QUERY_STRING']);
$message = '<tr><td><form method="post" name="login" action="' . $extra . '"' . ($infloat ? " onsubmit=\"return ajaxform(this)\"" : '') . '>' . '<input type="hidden" name="isframe" value="1">' . '<input type="hidden" name="url_forward" value="' . $url_forward . '">' . '<table width="100%" border="0" cellpadding="0" cellspacing="0">' . '<tr class="txt"><td class="txtC w80">' . lang('admin_account') . '</td>' . '<td class="txt txtL"><input type="text" name="admin_mname" size="25"></td></tr>' . '<tr class="txt"><td class="txtC w80">' . lang('login_pwd') . '</td>' . '<td class="txt txtL"><input type="password" name="admin_password" size="25"></td></tr>';
if ($cms_regcode && in_array('admin', explode(',', $cms_regcode))) {
$message .= '<tr class="txt"><td class="txtC w80">' . lang('regcode') . '</td>' . '<td class="txt txtL"><input type="text" name="regcode" id="regcode" size="4" maxlength="4"> ' . '<img src="tools/regcode.php" style="vertical-align: middle;cursor:pointer;" onClick="this.src=\'tools/regcode.php\'"></td></tr>';
}
$message .= '<tr class="txtcenter"><td colspan="2"><input type="submit" class="btn" value="' . lang('submit') . '" /></td></tr></table></form></td></tr>';
}
} else {
if (substr($handlekey, 0, 8) == 'new_new_') {
$message = '<script reload="1">setTimeout("floatwin(\'close_' . $handlekey . '\')", 1250)</script>' . '<td class="txt txtC">' . lang('passerror') . '</td></tr>';
} else {
$extra = isset($entry) && empty($isframe) && $entry != 'logout' ? '?isframe=1&' . $_SERVER['QUERY_STRING'] : (in_array($entry, array('header', 'menu', 'logout')) ? '' : '?' . $_SERVER['QUERY_STRING']);
$message = '<tr><td><form method="post" name="login" action="' . $extra . '"' . ($infloat ? " onsubmit=\"return ajaxform(this)\"" : '') . '>' . '<input type="hidden" name="isframe" value="1">' . '<input type="hidden" name="url_forward" value="' . $url_forward . '">' . '<table width="100%" border="0" cellpadding="0" cellspacing="0">' . '<tr class="txt"><td class="txtC w80">' . lang('admin_account') . '</td>' . '<td class="txt txtL">' . $curuser->info['mname'] . ' >><a href=\'login.php?action=logout\'>' . lang('exit') . '</a></td></tr>' . '<tr class="txt"><td class="txtC w80">' . lang('login_pwd') . '</td>' . '<td class="txt txtL"><input type="password" name="admin_password" size="15"></td></tr>';
if ($cms_regcode && in_array('admin', explode(',', $cms_regcode))) {
$message .= '<tr class="txt"><td class="txtC w80">' . lang('regcode') . '</td>' . '<td class="txt txtL"><input type="text" name="regcode" id="regcode" size="4" maxlength="4"> ' . '<img src="tools/regcode.php" style="vertical-align: middle;cursor:pointer;" onClick="this.src=\'tools/regcode.php\'"></td></tr>';
}
$message .= '<tr class="txtcenter"><td colspan="2"><input type="submit" class="btn" value="' . lang('submit') . '" /></td></tr></table></form></td></tr>';
}
}
if ($infloat) {
aheader();
} else {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title><?php
echo $lan_title;
?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=<?php
echo $mcharset;
?>
">
<link rel="stylesheet" rev="stylesheet" href="./images/admina/contentsAdmin.css" type="text/css" media="all">
<script type="text/javascript">function redirect(url){top.location.replace(url)}</script>
</head>
<body>
<?php
}
?>
<div style="margin:0 auto;margin-top:<?php
echo $inajax ? 0 : 200;
?>
px;">
<table width="100%" border="0" cellpadding="0" cellspacing="0" class="tb"><tr><td align="center">
<table width="400" border="0" cellpadding="8" cellspacing="0"<?php
echo $inajax ? '' : ' class="tabmain"';
?>
>
<tr style="text-align:center; text-indent:0;"><td colspan="2"><div class="conlist1 bdbot fB"><?php
echo $lan_title;
?>
</div></td></tr>
<?php
echo $message;
?>
</table>
</td></tr></table>
</div>
<?php
if ($infloat) {
afooter();
} else {
?>
</body>
</html>
<?php
}
mexit();
}
/**
# Project: PHPDISK File Storage Solution
# This is NOT a freeware, use is subject to license terms.
#
# Site: http://www.google.com
#
# $Id: comment.php 121 2014-03-04 12:38:05Z along $
#
# Copyright (C) 2008-2014 PHPDisk Team. All Rights Reserved.
#
*/
include "includes/commons.inc.php";
$in_front = true;
$file_id = (int) gpc('file_id', 'GP', 0);
if (!$file_id) {
aheader("Location: ./");
}
$rs = $db->fetch_one_array("select file_name,file_extension from {$tpf}files where file_id='{$file_id}' limit 1");
if ($rs) {
$tmp_ext = $rs['file_extension'] ? '.' . $rs['file_extension'] : "";
$file_name = $rs['file_name'] . $tmp_ext;
}
unset($rs);
$a_viewfile = urr("viewfile", "file_id={$file_id}&file_key={$file_key}");
$title = __('comment') . ': ' . $file_name . ' - ' . $settings['site_title'];
$perpage = 20;
$rs = $db->fetch_one_array("select count(*) as total_num from {$tpf}comments where file_id='{$file_id}' and is_checked=1");
$total_num = $rs['total_num'];
$start_num = ($pg - 1) * $perpage;
function show_comment($file_id)
{
