if (!$epsclass->db->num_rows($result)) { alert($eps_lang['Bad_request']); return; } $students = array(); while ($cur_std = $epsclass->db->fetch_assoc($result)) { $tmp = array('id' => $cur_std['id'], 's_id' => $cur_std['s_id'], 'name' => $cur_std['name']); foreach ($eps_subjects as $k => $v) { $tmp[$k] = $cur_std[$k]; } $students[] = $tmp; } $epsclass->db->free_result($result); $smarty->assign('tpl_jump', gen_course_jump_tpl('index.php?eps=mark&action=postmark', $course)); $smarty->assign('error_show', !empty($errors) ? gen_alert($errors) : ''); $smarty->assign('form_tag', auto_gen_form('index.php?eps=mark&action=' . $action . '&list=' . $course, 'mark', true)); $smarty->assign('subjects', $eps_subjects); $smarty->assign('students', $students); $smarty->display('module/mark.tpl'); } else { $result = $epsclass->db->query("SELECT * FROM " . TBL_K48MARK . " WHERE s_id='" . $epsclass->db->escape($eps_user['s_id']) . "'") or error('Unable to fetch user mark', __FILE__, __LINE__, $epsclass->db->error()); if ($epsclass->db->num_rows($result) != 1) { return; } $marks = array_slice($epsclass->db->fetch_assoc($result), 2); $epsclass->db->free_result($result); $mark_sum = $sum = null; foreach ($marks as $k => $v) { if ($v != null) { $mark_sum += $v * $eps_subjects[$k]; $sum += $eps_subjects[$k];
$errors = $epsclass->validate->errors; $epsclass->validate->data_reset(); } } } // For Select Box $news['type'] = isset($type) ? $type : $news['type']; $news['no_smiley'] = isset($no_smiley) ? $no_smiley : $news['no_smiley']; if ($action == 'edit') { $page_title = $eps_lang['Page_post_edit']; } else { if ($action == 'delete') { $page_title = $eps_lang['Page_post_delete']; } else { $page_title = $eps_lang['Page_post']; } } $req_fields = array('title' => $eps_lang['Title'], 'content' => $eps_lang['Content']); $smarty->assign('js_lang', gen_jslang($req_fields)); $smarty->assign('emoticons', $epsclass->bbcode->emoticons); $smarty->assign('action', $action); $smarty->assign('page_title', $page_title); $smarty->assign('error_show', !empty($errors) ? gen_alert($errors) : ''); $smarty->assign('form_tag', auto_gen_form('index.php?eps=post&action=' . $action . (($action == 'edit' || $action == 'delete') && $nid >= 1 ? '&nid=' . $nid : ''), 'postnews', true)); $smarty->assign('title', html_clean(isset($title) ? $title : $news['title'])); $smarty->assign('content', html_clean(isset($content) ? $content : $news['content'])); $smarty->assign('imgurl', html_clean(isset($imgurl) ? $imgurl : $news['imgurl'])); $smarty->assign('type', isset($type) ? $type : $news['type']); $smarty->assign('no_smiley', isset($no_smiley) ? $no_smiley : $news['no_smiley']); unset($nid, $action, $news, $errors, $title, $content, $imgurl, $type, $no_smiley, $page_title, $req_fields); $smarty->display('module/post.tpl');
$smarty->assign('num_poll', $num_poll); $smarty->assign('vote_result', $poll_ans); $smarty->assign('polled', !$show); } if (!$show_result || IS_ADMIN) { if (isset($_POST['form_sent']) && $_POST['form_sent'] == 'poll') { if (isset($_POST['eps_poll'])) { $poll_ans[$_POST['eps_poll']]['vote']++; $poll_content = $poll_ques . "\n"; foreach ($poll_ans as $v) { $poll_content .= $v['ans'] . ' | ' . $v['vote'] . "\n"; } $polled_ips[] = $eps_user['ip_address']; if (!$eps_user['is_guest']) { $polled_ids[] = $eps_user['id']; } create_file($poll_content, FILE_POLL_DATA, true); create_file(implode("\n", $polled_ids), FILE_POLL_ID, true); create_file(implode("\n", $polled_ips), FILE_POLL_IP, true); redirect('index.php' . (isset($_GET['eps']) ? '?eps=' . $_GET['eps'] : ''), $eps_lang['Redirect_poll']); } } $smarty->assign('form_tag', auto_gen_form('index.php?eps=poll', 'poll', true)); $smarty->assign('poll_radios', $poll_radios); $smarty->assign('show_result_link', auto_gen_link('index.php?eps=poll&result=poll', $eps_lang['Show_result'], '', true)); } $smarty->assign('show_result', $show_result); $smarty->assign('is_admin', IS_ADMIN); $smarty->assign('poll_ques', $poll_ques); unset($show, $max_pixel, $poll_ques, $poll_ans, $poll_radios, $num_poll, $polled_ips, $polled_ids, $poll_content); $smarty->display('module/poll.tpl');
if (isset($_POST['form_sent']) && $_POST['form_sent'] == 'eps_config') { foreach ($_POST as $k => $v) { $field = preg_replace('#^req_#i', '', $k); eval('$updates["' . $field . '"] = eps_linebreak(trim($_POST["' . $k . '"]));'); } while (list($key, $input) = @each($updates)) { // Only update values that have changed if (array_key_exists($key, $eps_config) && $eps_config[$key] != $input) { if ($input != '' || is_int($input)) { $changes = array('value' => $input); } else { $changes = array('value' => NULL); } $epsclass->db->vupdate(TBL_CONFIG, $changes, $key, 'name'); } } create_config_file(); redirect('index.php?eps=admin', $eps_lang['Redirect_admin']); return; } $smarty->assign('page_title', $eps_lang['Page_admin']); $smarty->assign('error_show', !empty($errors) ? gen_alert($errors) : ''); $smarty->assign('form_tag', auto_gen_form('index.php?eps=admin', 'admin', true)); $smarty->assign('styles', get_stuff('style')); $smarty->assign('languages', get_stuff('language')); $smarty->assign('yesno_radios', array(1 => $eps_lang['Yes'], 0 => $eps_lang['No'])); foreach ($eps_config as $k => $v) { eval('$smarty->assign("' . $k . '", (isset($updates["' . $k . '"])) ? $updates["' . $k . '"] : $eps_config["' . $k . '"]);'); } unset($updates); $smarty->display('admin/admin.tpl');
$message = str_replace('<password>', $password1, $message); $message = str_replace('<login_url>', $eps_config['base_url'] . 'index.php?eps=login', $message); $message = str_replace('<mailer>', $eps_config['title'] . ' - ' . $eps_config['desc'], $message); $epsclass->emailer->mail_send($email, $subject, $message); redirect('index.php', $eps_lang['Redirect_' . $_GET['eps']]); return; } else { $errors = $epsclass->validate->errors; $epsclass->validate->data_reset(); } } else { $errors[] = $eps_lang['Validate_not_agree']; } } $_SESSION['visual'] = eps_random(9); $req_fields = array('username' => $eps_lang['Username'], 'password1' => $eps_lang['Password'], 'password2' => $eps_lang['Password_confirm'], 'email1' => $eps_lang['Email'], 'email2' => $eps_lang['Email_confirm'], 's_id' => $eps_lang['StudentID'], 'confirmcode' => $eps_lang['Visual_confirm'], 'agree' => $eps_lang['Rule_agreement']); $smarty->assign('js_lang', gen_jslang($req_fields)); $smarty->assign('error_show', !empty($errors) ? gen_alert($errors) : ''); $smarty->assign('form_tag', auto_gen_form('index.php?eps=register', 'register', true)); $smarty->assign('username', !empty($username) ? htmlspecialchars($username) : ''); $smarty->assign('email1', !empty($email1) ? htmlspecialchars($email1) : ''); $smarty->assign('email2', !empty($email2) ? htmlspecialchars($email2) : ''); $smarty->assign('s_id', !empty($s_id) ? htmlspecialchars($s_id) : ''); $smarty->assign('visual', gen_visual($_SESSION['visual'], 6)); $smarty->assign('rule', htmlspecialchars($eps_config['rule'])); $smarty->assign('req_agree', isset($_POST['req_agree']) ? true : false); unset($req_fields, $username, $email1, $email2, $password1, $password2, $s_id, $confirm_code, $code, $errors); $smarty->display('module/register.tpl'); ?>
$message = trim(preg_replace('#\\<subject\\>.*?\\</subject\\>#is', '', $mail_tpl)); $message = str_replace('<username>', $username, $message); $message = str_replace('<base_url>', $eps_config['base_url'], $message); $message = str_replace('<activation_url>', $eps_config['base_url'] . 'index.php?eps=profile&action=changepass&uid=' . $user_id . '&key=' . $security, $message); $message = str_replace('<mailer>', $eps_config['title'] . ' - ' . $eps_config['desc'], $message); // Send if ($epsclass->emailer->mail_send($email, $subject, $message)) { echo '<div class="text">' . $eps_lang['Redirect_' . $action] . '</div>' . "\n"; return; } else { alert($eps_lang['Mail_not_send']); return; } } else { $errors[] = $eps_lang['Validate_no_email']; } } else { $errors = $epsclass->validate->errors; $epsclass->validate->data_reset(); } } $_SESSION['visual'] = eps_random(9); $req_fields = array('email' => $eps_lang['Email'], 'confirmcode' => $eps_lang['Visual_confirm']); $smarty->assign('js_lang', gen_jslang($req_fields)); $smarty->assign('error_show', !empty($errors) ? gen_alert($errors) : ''); $smarty->assign('form_tag', auto_gen_form('index.php?eps=login&action=fgpass', 'fgpass', true)); $smarty->assign('visual', gen_visual($_SESSION['visual'], 6)); unset($email, $confirm_code, $errors); $smarty->display('module/forgotpass.tpl'); } }
// Parse $user['reg_time'] = format_time($user['reg_time']); $user['name'] = html_clean($user['name']); $user['birth'] = html_clean($user['birth']); $user['course'] = !empty($eps_lang[$user['course']]) ? $eps_lang[$user['course']] : html_clean($user['course']); $user['phone'] = html_clean(isset($phone) ? $phone : $user['phone']); $user['yahoo'] = html_clean(isset($yahoo) ? $yahoo : $user['yahoo']); $smarty->assign('yesno_radios', array(1 => $eps_lang['Yes'], 0 => $eps_lang['No'])); $smarty->assign('is_admin', IS_ADMIN); $smarty->assign('is_modadmin', IS_MODADMIN); $smarty->assign('user', $user); $smarty->assign('js_lang', gen_jslang($req_fields)); $smarty->assign('error_show', !empty($errors) ? gen_alert($errors) : ''); $smarty->assign('form_tag1', auto_gen_form('index.php?eps=profile&uid=' . $uid, 'profile', true)); $smarty->assign('username', html_clean(isset($username) ? $username : $user['username'])); $smarty->assign('changepass_link', auto_gen_link('index.php?eps=profile&action=changepass&uid=' . $uid, $eps_lang['Change_password'])); $smarty->assign('email', html_clean(isset($email) ? $email : $user['email'])); $smarty->assign('s_id', html_clean(isset($s_id) ? $s_id : $user['s_id'])); $smarty->assign('groups', $groups); $smarty->assign('use_ajax', isset($_POST['use_ajax']) || $user['ajax'] ? true : false); $smarty->assign('styles', get_stuff('style')); $smarty->assign('languages', get_stuff('language')); $smarty->assign('form_tag2', auto_gen_form('index.php?eps=profile&uid=' . $uid, 'another', true)); $smarty->assign('native', html_clean(isset($native) ? $native : $user['native'])); $smarty->assign('address', html_clean(isset($address) ? $address : $user['address'])); $smarty->assign('phone', html_clean(isset($phone) ? $phone : $user['phone'])); $smarty->assign('yahoo', html_clean(isset($yahoo) ? $yahoo : $user['yahoo'])); $smarty->display('module/profile.tpl'); } } unset($errors, $need_old_pass, $action, $uid, $secr_key, $old_password, $new_password1, $new_password2, $req_fields, $user, $groups, $allow_group_id, $username, $email, $s_id);
redirect('index.php?eps=data_edit&data=' . $data . (!empty($var) ? '&var=' . $var : ''), $eps_lang['Redirect_data_edit']); } if (empty($var)) { $data_content = html_clean(file_get_contents($data_file)); } else { // Class created here to prevents variable hack class temp_data_class { var $d_content; function tmp_data($d_file, $var) { require $d_file; $d_content = ''; if (!isset(${$var})) { return ''; } eval('foreach ($' . $var . ' as $k => $v) $d_content .= $k." | ".$v."\\n";'); $this->d_content = html_clean($d_content); } function get() { return $this->d_content; } } $tmp_data = new temp_data_class($data_file, $var); $data_content = $tmp_data->get(); } $smarty->assign('form_tag', auto_gen_form('index.php?eps=data_edit&data=' . $data . (!empty($var) ? '&var=' . $var : ''), 'data_edit', true)); $smarty->assign('content', $data_content); unset($data_file, $data_file_allows, $data_content); $smarty->display('admin/data_edit.tpl');