Exemple #1
0
 protected function post_forum_ranks()
 {
     global $aidlink;
     if (isset($_POST['save_rank'])) {
         $this->data = array('rank_id' => isset($_GET['rank_id']) && isnum($_GET['rank_id']) ? intval($_GET['rank_id']) : 0, 'rank_title' => form_sanitizer($_POST['rank_title'], '', 'rank_title'), 'rank_image' => form_sanitizer($_POST['rank_image'], "", "rank_image"), 'rank_language' => form_sanitizer($_POST['rank_language'], "", "rank_language"), 'rank_posts' => isset($_POST['rank_posts']) && isnum($_POST['rank_posts']) ? $_POST['rank_posts'] : 0, 'rank_type' => isset($_POST['rank_type']) && isnum($_POST['rank_type']) ? $_POST['rank_type'] : 0, 'rank_apply_normal' => isset($_POST['rank_apply_normal']) && isnum($_POST['rank_apply_normal']) ? $_POST['rank_apply_normal'] : USER_LEVEL_MEMBER, 'rank_apply_special' => isset($_POST['rank_apply_special']) && isnum($_POST['rank_apply_special']) ? $_POST['rank_apply_special'] : 1);
         $this->data += array('rank_apply' => $this->data['rank_type'] == 2 ? $this->data['rank_apply_special'] : $this->data['rank_apply_normal']);
         if (\defender::safe()) {
             if (!empty($this->data['rank_id']) && !$this->check_duplicate_ranks()) {
                 /**
                  * Update
                  */
                 dbquery_insert(DB_FORUM_RANKS, $this->data, "update");
                 addNotice('info', self::$locale['411']);
                 redirect(FUSION_SELF . $aidlink . '&section=fr');
             } elseif (!$this->check_duplicate_ranks()) {
                 /**
                  * Save New
                  */
                 dbquery_insert(DB_FORUM_RANKS, $this->data, "save");
                 addNotice('info', self::$locale['410']);
                 redirect(FUSION_SELF . $aidlink . '&section=fr');
             }
         }
     }
     if (isset($_GET['delete']) && isnum($_GET['delete'])) {
         $result = dbquery("DELETE FROM " . DB_FORUM_RANKS . " WHERE rank_id='" . $_GET['delete'] . "'");
         if ($result) {
             addNotice("success", self::$locale['412']);
             redirect(FUSION_SELF . $aidlink . '&section=fr');
         }
     }
 }
Exemple #2
0
 protected function post_tags()
 {
     global $aidlink;
     if (isset($_POST['save_tag'])) {
         $this->data = array('tag_id' => isset($_GET['tag_id']) && isnum($_GET['tag_id']) ? intval($_GET['tag_id']) : 0, 'tag_title' => form_sanitizer($_POST['tag_title'], '', 'tag_title'), 'tag_language' => form_sanitizer($_POST['tag_language'], '', 'tag_language'), 'tag_color' => form_sanitizer($_POST['tag_color'], '', 'tag_color'), 'tag_description' => form_sanitizer($_POST['tag_description'], '', 'tag_description'), 'tag_status' => isset($_POST['tag_status']) && isnum($_POST['tag_status']) ? intval($_POST['tag_status']) : 0);
         if (\defender::safe()) {
             if (!empty($this->data['tag_id'])) {
                 /**
                  * Update
                  */
                 dbquery_insert(DB_FORUM_TAGS, $this->data, "update");
                 addNotice('success', self::$locale['forum_tag_0105']);
                 redirect(FUSION_SELF . $aidlink . '&section=ft');
             } else {
                 /**
                  * Save New
                  */
                 dbquery_insert(DB_FORUM_TAGS, $this->data, "save");
                 addNotice('success', self::$locale['forum_tag_0106']);
                 redirect(FUSION_SELF . $aidlink . '&section=ft');
             }
         }
     }
     if (isset($_GET['delete']) && isnum($_GET['delete'])) {
         $result = dbquery("DELETE FROM " . DB_FORUM_TAGS . " WHERE tag_id='" . $_GET['delete'] . "'");
         if ($result) {
             addNotice("success", self::$locale['forum_tag_0107']);
             redirect(FUSION_SELF . $aidlink . '&section=ft');
         }
     }
 }
Exemple #3
0
/**
 * Serialization of choices
 * @param $input
 * @return $string
 */
function composeSelection($input)
{
    $inputArray = "";
    if ($input !== "") {
        $inputArray['selected'] = $input;
        foreach (fusion_get_enabled_languages() as $lang) {
            $inputArray['options'][$lang] = isset($_POST[$input . '-' . $lang]) ? form_sanitizer($_POST[$input . '-' . $lang], 0, $input . '-' . $lang) : "";
        }
        return serialize($inputArray);
    }
    return $inputArray;
}
Exemple #4
0
 /**
  * Post execution of forum mood
  */
 protected function post_Mood()
 {
     $locale = fusion_get_locale('', FORUM_ADMIN_LOCALE);
     if (isset($_POST['cancel_mood'])) {
         redirect(clean_request('', array('mood_id', 'ref'), FALSE));
     }
     if (isset($_POST['save_mood'])) {
         $this->data = array("mood_id" => form_sanitizer($_POST['mood_id'], 0, 'mood_id'), "mood_name" => form_sanitizer($_POST['mood_name'], '', 'mood_name', TRUE), "mood_description" => form_sanitizer($_POST['mood_description'], '', 'mood_description', TRUE), "mood_icon" => form_sanitizer($_POST['mood_icon'], '', 'mood_icon'), "mood_status" => form_sanitizer($_POST['mood_status'], '', 'mood_status'), "mood_notify" => form_sanitizer($_POST['mood_notify'], '', 'mood_notify'), "mood_access" => form_sanitizer($_POST['mood_access'], '', 'mood_access'));
         if (\defender::safe()) {
             if (!empty($this->data['mood_id'])) {
                 dbquery_insert(DB_FORUM_MOODS, $this->data, 'update');
                 addNotice('success', $locale['forum_notice_16']);
             } else {
                 dbquery_insert(DB_FORUM_MOODS, $this->data, 'save');
                 addNotice('success', $locale['forum_notice_15']);
             }
             redirect(clean_request('', array('mood_id', 'ref'), FALSE));
         }
     }
 }
Exemple #5
0
 public function post_mood()
 {
     $response = FALSE;
     // this is general single static output
     if (isset($_POST['post_mood']) && isnum($_POST['post_mood'])) {
         // if is a valid mood
         // insert into post notify
         $notify_data = array('post_id' => form_sanitizer($_POST['post_id'], 0, 'post_id'), 'notify_mood_id' => intval($_POST['post_mood']), 'notify_datestamp' => time(), 'notify_user' => form_sanitizer($_POST['post_author'], 0, 'post_author'), 'notify_sender' => fusion_get_userdata('user_id'), 'notify_status' => 1);
         if (\defender::safe() && dbcount('(mood_id)', DB_FORUM_MOODS, "mood_id='" . $notify_data['notify_mood_id'] . "'") && !$this->mood_exists($notify_data['notify_sender'], $notify_data['notify_mood_id'], $notify_data['post_id'])) {
             dbquery_insert(DB_POST_NOTIFY, $notify_data, 'save');
             $response = TRUE;
         }
     } elseif (isset($_POST['unpost_mood']) && isnum($_POST['unpost_mood'])) {
         // if is a valid mood
         // insert into post notify
         $notify_data = array('post_id' => form_sanitizer($_POST['post_id'], 0, 'post_id'), 'notify_mood_id' => intval($_POST['unpost_mood']), 'notify_user' => form_sanitizer($_POST['post_author'], 0, 'post_author'), 'notify_sender' => fusion_get_userdata('user_id'));
         if (\defender::safe() && dbcount('(mood_id)', DB_FORUM_MOODS, "mood_id='" . $notify_data['notify_mood_id'] . "'") && $this->mood_exists($notify_data['notify_sender'], $notify_data['notify_mood_id'], $notify_data['post_id'])) {
             dbquery("DELETE FROM " . DB_POST_NOTIFY . " WHERE post_id=" . $notify_data['post_id'] . "\n                AND notify_mood_id=" . $notify_data['notify_mood_id'] . "\n                AND notify_user="******"\n                AND notify_sender=" . $notify_data['notify_sender']);
             $response = TRUE;
         }
     }
     return (bool) $response;
 }
Exemple #6
0
    if (!empty($result)) {
        addNotice("danger", $locale['blog_0522'] . "-<span class='small'>" . $locale['blog_0523'] . "</span>");
        redirect(FUSION_SELF . $aidlink);
    } else {
        $result = dbquery("DELETE FROM " . DB_BLOG_CATS . " WHERE blog_cat_id='" . intval($_GET['cat_id']) . "'");
        addNotice("success", $locale['blog_0524b']);
        redirect(FUSION_SELF . $aidlink);
    }
    redirect(clean_request("", array("action"), FALSE));
}
$data = array("blog_cat_id" => 0, "blog_cat_name" => "", "blog_cat_hidden" => array(), "blog_cat_parent" => 0, "blog_cat_image" => "", "blog_cat_language" => LANGUAGE);
$formAction = FUSION_REQUEST;
$formTitle = $locale['blog_0409'];
// if edit, override $data
if (isset($_POST['save_cat'])) {
    $inputArray = array("blog_cat_id" => form_sanitizer($_POST['blog_cat_id'], "", "blog_cat_id"), "blog_cat_name" => form_sanitizer($_POST['blog_cat_name'], "", "blog_cat_name"), "blog_cat_parent" => form_sanitizer($_POST['blog_cat_parent'], 0, "blog_cat_parent"), "blog_cat_image" => form_sanitizer($_POST['blog_cat_image'], "", "blog_cat_image"), "blog_cat_language" => form_sanitizer($_POST['blog_cat_language'], LANGUAGE, "blog_cat_language"));
    $categoryNameCheck = array("when_updating" => "blog_cat_name='" . $inputArray['blog_cat_name'] . "' and blog_cat_id !='" . $inputArray['blog_cat_id'] . "' " . (multilang_table("BL") ? "and blog_cat_language = '" . LANGUAGE . "'" : ""), "when_saving" => "blog_cat_name='" . $inputArray['blog_cat_name'] . "' " . (multilang_table("BL") ? "and blog_cat_language = '" . LANGUAGE . "'" : ""));
    if (defender::safe()) {
        // check category name is unique when updating
        if (dbcount("(blog_cat_id)", DB_BLOG_CATS, "blog_cat_id='" . $inputArray['blog_cat_id'] . "'")) {
            if (!dbcount("(blog_cat_id)", DB_BLOG_CATS, $categoryNameCheck['when_updating'])) {
                dbquery_insert(DB_BLOG_CATS, $inputArray, "update");
                addNotice("success", $locale['blog_0521']);
                // FUSION_REQUEST without the "action" gets
                redirect(clean_request("", array("action"), FALSE));
            } else {
                addNotice('danger', $locale['blog_0561']);
            }
        } else {
            // check category name is unique when saving new
            if (!dbcount("(blog_cat_id)", DB_BLOG_CATS, $categoryNameCheck['when_saving'])) {
 $data = dbarray($result);
 $submit_criteria = unserialize($data['submit_criteria']);
 $callback_data = array("article_subject" => $submit_criteria['article_subject'], "article_cat" => $submit_criteria['article_cat'], "article_keywords" => $submit_criteria['article_keywords'], "article_visibility" => 0, "article_language" => $submit_criteria['article_language'], "article_snippet" => parse_textarea($submit_criteria['article_snippet']), "article_article" => parse_textarea($submit_criteria['article_article']), "article_breaks" => !fusion_get_settings("tinyce_enabled") ? TRUE : FALSE, "article_draft" => FALSE, "article_datestamp" => $data['submit_datestamp']);
 add_to_title($locale['global_200'] . $locale['global_201'] . $callback_data['article_subject'] . "?");
 if (isset($_POST['preview'])) {
     $article_snippet = "";
     if ($_POST['article_snippet']) {
         $article_snippet = parse_textarea($_POST['article_snippet']);
         $article_snippet = str_replace("src='" . str_replace("../", "", IMAGES_A), "src='" . IMAGES_A, $article_snippet);
     }
     $article_article = "";
     if ($_POST['article_article']) {
         $article_article = parse_textarea($_POST['article_article']);
         $article_article = str_replace("src='" . str_replace("../", "", IMAGES_A), "src='" . IMAGES_A, $article_article);
     }
     $callback_data = array("article_subject" => form_sanitizer($_POST['article_subject'], '', 'article_subject'), "article_cat" => isnum($_POST['article_cat']) ? $_POST['article_cat'] : 0, "article_language" => form_sanitizer($_POST['article_language'], '', 'article_language'), "article_snippet" => form_sanitizer($article_snippet, "", "article_snippet"), "article_article" => form_sanitizer($article_article, "", "article_article"), "article_keywords" => form_sanitizer($_POST['article_keywords'], '', 'article_keywords'), "article_visibility" => isnum($_POST['article_visibility']) ? $_POST['article_visibility'] : "0", "article_draft" => isset($_POST['article_draft']) ? TRUE : FALSE, "article_datestamp" => $callback_data['article_datestamp']);
     $callback_data['article_breaks'] = "";
     $callback_data['article_snippet'] = parse_textarea($callback_data['article_snippet']);
     $callback_data['article_article'] = parse_textarea($callback_data['article_article']);
     if (isset($_POST['article_breaks'])) {
         $callback_data['article_breaks'] = TRUE;
         $callback_data['article_snippet'] = nl2br($callback_data['article_snippet']);
         if ($callback_data['article_article']) {
             $callback_data['article_article'] = nl2br($callback_data['article_article']);
         }
     }
     if (defender::safe()) {
         echo openmodal('article_preview', $locale['articles_0240']);
         echo "<h3>" . $callback_data['article_snippet'] . "</h3>\n";
         echo $callback_data['article_snippet'];
         echo "<hr/>\n";
/**
 * @param $comment_type - abbr or short ID
 * @param $comment_db - Current Application DB - DB_BLOG for example.
 * @param $comment_col - current sql primary key column - 'blog_id' for example
 * @param $comment_item_id - current sql primary key value '$_GET['blog_id']' for example
 * @param $clink - current page link 'FUSION_SELF' is ok.
 */
function showcomments($comment_type, $comment_db, $comment_col, $comment_item_id, $clink)
{
    global $settings, $locale, $userdata, $aidlink;
    $link = FUSION_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : "");
    $link = preg_replace("^(&amp;|\\?)c_action=(edit|delete)&amp;comment_id=\\d*^", "", $link);
    $_GET['comment'] = isset($_GET['comment']) && isnum($_GET['comment']) ? $_GET['comment'] : 0;
    $cpp = $settings['comments_per_page'];
    if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
        if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) {
            $result = dbquery("DELETE FROM " . DB_COMMENTS . "\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : "\n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "'"));
        }
        redirect($clink . ($settings['comments_sorting'] == "ASC" ? "" : "&amp;c_start=0"));
    }
    if ($settings['comments_enabled'] == "1") {
        if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
            if (!iMEMBER && $settings['guestpost'] == 1) {
                if (!isset($_POST['comment_name'])) {
                    redirect($link);
                }
                if (isnum($_POST['comment_name'])) {
                    $_POST['comment_name'] = '';
                }
                $_CAPTCHA_IS_VALID = FALSE;
                include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_check.php";
                if (!isset($_POST['captcha_code']) || $_CAPTCHA_IS_VALID == FALSE) {
                    redirect($link);
                }
            }
            $comment_data = array('comment_id' => isset($_GET['comment_id']) && isnum($_GET['comment_id']) ? $_GET['comment_id'] : 0, 'comment_name' => iMEMBER ? $userdata['user_id'] : form_sanitizer($_POST['comment_name'], '', 'comment_name'), 'comment_message' => form_sanitizer($_POST['comment_message'], '', 'comment_message'), 'comment_datestamp' => time(), 'comment_item_id' => $comment_item_id, 'comment_type' => $comment_type, 'comment_cat' => 0, 'comment_ip' => USER_IP, 'comment_ip_type' => USER_IP_TYPE, 'comment_hidden' => 0);
            if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && $comment_data['comment_id']) {
                $comment_updated = FALSE;
                if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $comment_data['comment_id'] . "' \n\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tAND comment_type='" . $comment_type . "' \n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "' \n\t\t\t\tAND comment_hidden='0'")) {
                    dbquery_insert(DB_COMMENTS, $comment_data, 'update');
                    if ($comment_data['comment_message']) {
                        $result = dbquery("UPDATE " . DB_COMMENTS . " SET comment_message='" . $comment_data['comment_message'] . "'\n  \t\t\t\t\t\t\t\t\t   WHERE comment_id='" . $_GET['comment_id'] . "' " . (iADMIN ? "" : "AND comment_name='" . $userdata['user_id'] . "'"));
                        if ($result) {
                            $comment_updated = TRUE;
                        }
                    }
                }
                if ($comment_updated) {
                    if ($settings['comments_sorting'] == "ASC") {
                        $c_operator = "<=";
                    } else {
                        $c_operator = ">=";
                    }
                    $c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_id" . $c_operator . "'" . $comment_data['comment_id'] . "'\n\t\t\t\t\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\n\t\t\t\t\t\t\t\tAND comment_type='" . $comment_type . "'");
                    $c_start = (ceil($c_count / $cpp) - 1) * $cpp;
                }
                redirect($clink . "&amp;c_start=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
            } else {
                if (!dbcount("(" . $comment_col . ")", $comment_db, $comment_col . "='" . $comment_item_id . "'")) {
                    redirect(BASEDIR . "index.php");
                }
                $id = 0;
                if ($comment_data['comment_name'] && $comment_data['comment_message']) {
                    require_once INCLUDES . "flood_include.php";
                    if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
                        dbquery_insert(DB_COMMENTS, $comment_data, 'save');
                        $id = dblastid();
                    }
                }
                if ($settings['comments_sorting'] == "ASC") {
                    $c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "'");
                    $c_start = (ceil($c_count / $cpp) - 1) * $cpp;
                } else {
                    $c_start = 0;
                }
                //if (!$settings['site_seo']) {
                redirect($clink . "&amp;c_start=" . $c_start . "#c" . $id);
                //}
            }
        }
        $c_arr = array("c_con" => array(), "c_info" => array("c_makepagenav" => FALSE, "admin_link" => FALSE));
        $c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'");
        if (!isset($_GET['c_start']) && $c_rows > $cpp) {
            $_GET['c_start'] = (ceil($c_rows / $cpp) - 1) * $cpp;
        }
        if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
            $_GET['c_start'] = 0;
        }
        $result = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcm.comment_datestamp,\n\t\t\t\t\ttcu.user_id, tcu.user_name, tcu.user_avatar, tcu.user_status\n\t\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\t\tWHERE comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'\n\t\t\t\t\tORDER BY comment_datestamp " . $settings['comments_sorting'] . " LIMIT " . $_GET['c_start'] . "," . $cpp);
        if (dbrows($result) > 0) {
            $i = $settings['comments_sorting'] == "ASC" ? $_GET['c_start'] + 1 : $c_rows - $_GET['c_start'];
            if ($c_rows > $cpp) {
                $c_arr['c_info']['c_makepagenav'] = makepagenav($_GET['c_start'], $cpp, $c_rows, 3, $clink . "&amp;", "c_start");
            }
            while ($data = dbarray($result)) {
                $c_arr['c_con'][$i]['comment_id'] = $data['comment_id'];
                $c_arr['c_con'][$i]['edit_dell'] = FALSE;
                $c_arr['c_con'][$i]['i'] = $i;
                if ($data['user_name']) {
                    $c_arr['c_con'][$i]['comment_name'] = profile_link($data['comment_name'], $data['user_name'], $data['user_status'], 'strong text-dark');
                } else {
                    $c_arr['c_con'][$i]['comment_name'] = $data['comment_name'];
                }
                $c_arr['c_con'][$i]['user_avatar'] = display_avatar($data, '35px', '', true, 'img-rounded');
                $c_arr['c_con'][$i]['user'] = array('user_id' => $data['user_id'], 'user_name' => $data['user_name'], 'user_avatar' => $avatar = $data['user_avatar'] !== '' && file_exists(IMAGES . 'avatars/' . $data['user_avatar']) ? IMAGES . 'avatars/' . $data['user_avatar'] : IMAGES . "avatars/noavatar50.png", 'user_status' => $data['user_status']);
                $c_arr['c_con'][$i]['comment_datestamp'] = showdate('shortdate', $data['comment_datestamp']);
                $c_arr['c_con'][$i]['comment_time'] = timer($data['comment_datestamp']);
                $c_arr['c_con'][$i]['comment_message'] = "<!--comment_message-->\n" . nl2br(parseubb(parsesmileys($data['comment_message'])));
                if (iADMIN && checkrights("C") || iMEMBER && $data['comment_name'] == $userdata['user_id'] && isset($data['user_name'])) {
                    $edit_link = clean_request('c_action=edit&comment_id=' . $data['comment_id'], array('c_action', 'comment_id'), false) . "#edit_comment";
                    $delete_link = clean_request('c_action=delete&comment_id=' . $data['comment_id'], array('c_action', 'comment_id'), false);
                    $c_arr['c_con'][$i]['edit_link'] = array('link' => $edit_link, 'name' => $locale['c108']);
                    $c_arr['c_con'][$i]['delete_link'] = array('link' => $delete_link, 'name' => $locale['c109']);
                    $c_arr['c_con'][$i]['edit_dell'] = "<!--comment_actions-->\n";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<div class='btn-group'>";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<a class='btn btn-xs btn-default' href='" . $edit_link . "'>";
                    $c_arr['c_con'][$i]['edit_dell'] .= $locale['c108'] . "</a>\n";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<a class='btn btn-xs btn-default' href='" . $delete_link . "' onclick=\"return confirm('" . $locale['c110'] . "');\">";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<i class='fa fa-trash'></i> " . $locale['c109'] . "</a>";
                    $c_arr['c_con'][$i]['edit_dell'] .= "</div>\n";
                }
                $settings['comments_sorting'] == "ASC" ? $i++ : $i--;
            }
            if (iADMIN && checkrights("C")) {
                $c_arr['c_info']['admin_link'] = "<!--comment_admin-->\n";
                $c_arr['c_info']['admin_link'] .= "<a href='" . ADMIN . "comments.php" . $aidlink . "&amp;ctype=" . $comment_type . "&amp;comment_item_id=" . $comment_item_id . "'>" . $locale['c106'] . "</a>";
            }
        }
        opentable($locale['c102']);
        $comment_message = "";
        if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
            $eresult = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcu.user_name\n\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "' AND comment_item_id='" . $comment_item_id . "'\n\t\t\t\tAND comment_type='" . $comment_type . "' AND comment_hidden='0'");
            if (dbrows($eresult) > 0) {
                $edata = dbarray($eresult);
                if (iADMIN && checkrights("C") || iMEMBER && $edata['comment_name'] == $userdata['user_id'] && isset($edata['user_name'])) {
                    $clink .= "&amp;c_action=edit&amp;comment_id=" . $edata['comment_id'];
                    $comment_message = $edata['comment_message'];
                }
            } else {
                $comment_message = "";
            }
        }
        if (iMEMBER || $settings['guestposts'] == "1") {
            require_once INCLUDES . "bbcode_include.php";
            echo "<a id='edit_comment' name='edit_comment'></a>\n";
            echo openform('inputform', 'post', $clink, array('class' => 'm-b-20', 'max_tokens' => 1));
            if (iGUEST) {
                echo form_text('comment_name', $locale['c104'], '', array('max_length' => 30));
            }
            echo form_textarea('comment_message', '', $comment_message, array('required' => 1, 'autosize' => 1, 'form_name' => 'inputform', 'bbcode' => 1));
            if (iGUEST && (!isset($_CAPTCHA_HIDE_INPUT) || isset($_CAPTCHA_HIDE_INPUT) && !$_CAPTCHA_HIDE_INPUT)) {
                $_CAPTCHA_HIDE_INPUT = FALSE;
                echo "<div style='width:360px; margin:10px auto;'>";
                echo $locale['global_150'] . "<br />\n";
                include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_display.php";
                if (!$_CAPTCHA_HIDE_INPUT) {
                    echo "<br />\n<label for='captcha_code'>" . $locale['global_151'] . "</label>";
                    echo "<br />\n<input type='text' id='captcha_code' name='captcha_code' class='textbox' autocomplete='off' style='width:100px' />\n";
                }
                echo "</div>\n";
            }
            echo form_button('post_comment', $comment_message ? $locale['c103'] : $locale['c102'], $comment_message ? $locale['c103'] : $locale['c102'], array('class' => 'btn-success m-t-10'));
            echo closeform();
        } else {
            echo "<div class='well'>\n";
            echo $locale['c105'] . "\n";
            echo "</div>\n";
        }
        closetable();
        echo "<a id='comments' name='comments'></a>";
        render_comments($c_arr['c_con'], $c_arr['c_info']);
    }
}
Exemple #9
0
        $result = dbquery("DELETE FROM " . DB_FAQ_CATS . " WHERE faq_cat_id='" . intval($_GET['cat_id']) . "'");
        addNotice("success", $locale['faq_0206']);
        redirect(FUSION_SELF . $aidlink);
    }
}
$data = array("faq_cat_id" => 0, "faq_cat_name" => "", "faq_cat_description" => "", "faq_cat_language" => LANGUAGE);
if ($faqCat_edit) {
    $result = dbquery("select * from " . DB_FAQ_CATS . " WHERE faq_cat_id='" . intval($_GET['cat_id']) . "'");
    if (dbrows($result) > 0) {
        $data = dbarray($result);
    } else {
        redirect(FUSION_SELF . $aidlink);
    }
}
if (isset($_POST['save_cat'])) {
    $data = array("faq_cat_id" => form_sanitizer($_POST['faq_cat_id'], 0, "faq_cat_id"), "faq_cat_name" => form_sanitizer($_POST['faq_cat_name'], "", "faq_cat_name"), "faq_cat_description" => form_sanitizer($_POST['faq_cat_description'], "", "faq_cat_description"), "faq_cat_language" => form_sanitizer($_POST['faq_cat_language'], "", "faq_cat_language"));
    if (defender::safe()) {
        if (dbcount("(faq_cat_id)", DB_FAQ_CATS, "faq_cat_id='" . $data['faq_cat_id'] . "'")) {
            dbquery_insert(DB_FAQ_CATS, $data, "update");
            addNotice("success", $locale['faq_0205']);
        } else {
            dbquery_insert(DB_FAQ_CATS, $data, "save");
            addNotice("success", $locale['faq_0204']);
        }
        redirect(FUSION_SELF . $aidlink);
    }
}
echo openform('faqCat_form', 'post', FUSION_REQUEST, array("class" => "m-t-20"));
echo form_hidden('faq_cat_id', "", $data['faq_cat_id']);
echo form_text('faq_cat_name', $locale['faq_0200'], $data['faq_cat_name'], array('error_text' => $locale['faq_0201'], 'required' => 1));
echo form_text('faq_cat_description', $locale['faq_0202'], $data['faq_cat_description']);
Exemple #10
0
        $message = $locale['402'];
    } elseif ($_GET['status'] == "remall") {
        $message = $locale['403'];
    } elseif ($_GET['status'] == "addsel") {
        $message = $locale['404'];
    } elseif ($_GET['status'] == "deln") {
        $message = $locale['405'] . "<br />\n<span class='small'>" . $locale['406'] . "</span>";
    } elseif ($_GET['status'] == "dely") {
        $message = $locale['407'];
    }
    if ($message) {
        echo "<div id='close-message'><div class='admin-message alert alert-info m-t-10'>" . $message . "</div></div>\n";
    }
}
if (isset($_POST['save_group'])) {
    $group_name = form_sanitizer($_POST['group_name'], '', 'group_name');
    $group_description = stripinput($_POST['group_description']);
    if (!defined('FUSION_NULL')) {
        if (isset($_GET['group_id']) && isnum($_GET['group_id'])) {
            $result = dbquery("UPDATE " . DB_USER_GROUPS . " SET group_name='{$group_name}', group_description='{$group_description}' WHERE group_id='" . $_GET['group_id'] . "'");
            redirect(FUSION_SELF . $aidlink . "&status=su");
        } else {
            $result = dbquery("INSERT INTO " . DB_USER_GROUPS . " (group_name, group_description) VALUES ('{$group_name}', '{$group_description}')");
            redirect(FUSION_SELF . $aidlink . "&status=sn");
        }
    }
} elseif (isset($_POST['add_sel']) && isnum($_GET['group_id'])) {
    $user_ids = "";
    $check_count = 0;
    if (isset($_POST['add_check_mark'])) {
        if (is_array($_POST['add_check_mark']) && count($_POST['add_check_mark']) > 1) {
Exemple #11
0
    die("Access Denied");
}
pageAccess("W");
if (fusion_get_settings("tinymce_enabled")) {
    echo "<script language='javascript' type='text/javascript'>advanced();</script>\n";
}
$result = dbcount("(weblink_cat_id)", DB_WEBLINK_CATS);
if (!empty($result)) {
    $data = array("weblink_id" => 0, "weblink_name" => "", "weblink_cat" => 0, "weblink_description" => "", "weblink_visibility" => iGUEST, "weblink_url" => "", "weblink_datestamp" => time());
    if (isset($_GET['action']) && $_GET['action'] == "delete" && (isset($_GET['weblink_id']) && isnum($_GET['weblink_id']))) {
        $result = dbquery("DELETE FROM " . DB_WEBLINKS . " WHERE weblink_id='" . $_GET['weblink_id'] . "'");
        addNotice("success", $locale['wl_0302']);
        redirect(FUSION_SELF . $aidlink);
    }
    if (isset($_POST['save_link'])) {
        $data = array("weblink_id" => form_sanitizer($_POST['weblink_id'], 0, 'weblink_id'), "weblink_cat" => form_sanitizer($_POST['weblink_cat'], 0, 'weblink_cat'), "weblink_name" => form_sanitizer($_POST['weblink_name'], '', 'weblink_name'), "weblink_description" => form_sanitizer($_POST['weblink_description'], '', 'weblink_description'), "weblink_visibility" => form_sanitizer($_POST['weblink_visibility'], '0', 'weblink_visibility'), "weblink_url" => form_sanitizer($_POST['weblink_url'], '', 'weblink_url'), "weblink_datestamp" => form_sanitizer($_POST['weblink_datestamp'], '', 'weblink_datestamp'));
        if (defender::safe()) {
            if (dbcount("(weblink_id)", DB_WEBLINKS, "weblink_id='" . intval($data['weblink_id']) . "'")) {
                $data['weblink_datestamp'] = isset($_POST['update_datestamp']) ? time() : $data['weblink_datestamp'];
                dbquery_insert(DB_WEBLINKS, $data, "update");
                addNotice("success", $locale['wl_0301']);
                redirect(FUSION_SELF . $aidlink);
            } else {
                dbquery_insert(DB_WEBLINKS, $data, "save");
                addNotice("success", $locale['wl_0300']);
                redirect(FUSION_SELF . $aidlink);
            }
        }
    }
    if ($weblink_edit) {
        $result = dbquery("SELECT * FROM " . DB_WEBLINKS . " WHERE weblink_id='" . intval($_GET['weblink_id']) . "'");
Exemple #12
0
     echo "<div class='well text-center'><p><strong>" . $locale['news_0701'] . "</strong></p>";
     echo "<p><a href='submit.php?stype=n'>" . $locale['news_0702'] . "</a></p>";
     echo "<p><a href='index.php'>" . str_replace("[SITENAME]", fusion_get_settings("sitename"), $locale['news_0704']) . "</a></p>\n";
     echo "</div>\n";
 } else {
     // Preview
     if (isset($_POST['preview_news'])) {
         $news_snippet = "";
         if ($_POST['news_news']) {
             $news_snippet = parse_textarea($_POST['news_news']);
         }
         $news_body = "";
         if ($_POST['news_body']) {
             $news_body = parse_textarea($_POST['news_body']);
         }
         $criteriaArray = array("news_subject" => form_sanitizer($_POST['news_subject'], "", "news_subject"), "news_language" => form_sanitizer($_POST['news_language'], "", "news_language"), "news_ialign" => form_sanitizer($_POST['news_ialign'], "", "news_ialign"), "news_keywords" => form_sanitizer($_POST['news_keywords'], "", "news_keywords"), "news_cat" => form_sanitizer($_POST['news_cat'], 0, "news_cat"), "news_snippet" => form_sanitizer($_POST['news_news'], "", "news_news"), "news_body" => form_sanitizer($_POST['news_body'], "", "news_body"));
         opentable($criteriaArray['news_subject']);
         echo $locale['news_0203'] . " " . nl2br(parseubb($news_snippet)) . "<br /><br />";
         echo $locale['news_0204'] . " " . nl2br(parseubb($news_body));
         closetable();
     }
     add_to_title($locale['global_200'] . $locale['news_0400']);
     echo "<div class='panel panel-default tbl-border'>\n<div class='panel-body'>\n";
     echo "<div class='alert alert-info m-b-20 submission-guidelines'>" . str_replace("[SITENAME]", fusion_get_settings("sitename"), $locale['news_0703']) . "</div>\n";
     echo openform('submit_form', 'post', BASEDIR . "submit.php?stype=n", array("enctype" => $news_settings['news_allow_submission_files'] ? TRUE : FALSE));
     echo form_text('news_subject', $locale['news_0200'], $criteriaArray['news_subject'], array("required" => TRUE, "inline" => TRUE));
     if (multilang_table("NS")) {
         echo form_select('news_language', $locale['global_ML100'], $criteriaArray['news_language'], array("options" => fusion_get_enabled_languages(), "placeholder" => $locale['choose'], "width" => "250px", "inline" => TRUE));
     } else {
         echo form_hidden('news_language', '', $criteriaArray['news_language']);
     }
     echo "<p><a href='index.php'>" . str_replace("[SITENAME]", fusion_get_settings("sitename"), $locale['articles_0064']) . "</a></p>\n";
     echo "</div>\n";
 } else {
     // Preview
     if (isset($_POST['preview_article'])) {
         $article_snippet = "";
         if ($_POST['article_snippet']) {
             $article_snippet = str_replace("src='" . str_replace("../", "", IMAGES_A), "src='" . IMAGES_A, parseubb(stripslashes($_POST['article_snippet'])));
             $article_snippet = parse_textarea($article_snippet);
         }
         $article_article = "";
         if ($_POST['article_article']) {
             $article_article = str_replace("src='" . str_replace("../", "", IMAGES_A), "src='" . IMAGES_A, parseubb(stripslashes($_POST['article_article'])));
             $article_article = parse_textarea($article_article);
         }
         $criteriaArray = array("article_subject" => form_sanitizer($_POST['article_subject'], "", "article_subject"), "article_cat" => form_sanitizer($_POST['article_cat'], 0, "article_cat"), "article_snippet" => form_sanitizer($article_snippet, "", "article_snippet"), "article_article" => form_sanitizer($article_article, "", "article_article"), "article_keywords" => form_sanitizer($_POST['article_keywords'], "", "article_keywords"), "article_language" => form_sanitizer($_POST['article_language'], "", "article_language"));
         $criteriaArray['article_snippet'] = parse_textarea($article_snippet);
         $criteriaArray['article_article'] = parse_textarea($article_article);
         opentable($criteriaArray['article_subject']);
         echo "<p class='text-bigger'>" . $criteriaArray['article_snippet'] . "</p>";
         echo $criteriaArray['article_article'];
         closetable();
     }
     add_to_title($locale['global_200'] . $locale['articles_0060']);
     echo "<div class='panel panel-default tbl-border'>\n<div class='panel-body'>\n";
     echo "<div class='alert alert-info m-b-20 submission-guidelines'>" . str_replace("[SITENAME]", fusion_get_settings("sitename"), $locale['articles_0063']) . "</div>\n";
     echo openform('submit_form', 'post', BASEDIR . "submit.php?stype=a");
     echo form_text('article_subject', $locale['articles_0304'], $criteriaArray['article_subject'], array("required" => TRUE, "inline" => TRUE));
     if (multilang_table("AR")) {
         echo form_select('article_language', $locale['global_ML100'], $criteriaArray['article_language'], array("options" => fusion_get_enabled_languages(), "placeholder" => $locale['choose'], "width" => "250px", "inline" => TRUE));
     } else {
+--------------------------------------------------------+
| Filename: admin/blog_settings.php
| Author: Frederick MC Chan (Chan)
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
pageAccess("S8");
if (isset($_POST['savesettings'])) {
    $error = 0;
    $inputArray = array("article_pagination" => form_sanitizer($_POST['article_pagination'], 0, "article_pagination"), "article_allow_submission" => form_sanitizer($_POST['article_allow_submission'], 0, "article_allow_submission"), "article_extended_required" => isset($_POST['article_extended_required']) ? 1 : 0);
    if (defender::safe()) {
        foreach ($inputArray as $settings_name => $settings_value) {
            $inputSettings = array("settings_name" => $settings_name, "settings_value" => $settings_value, "settings_inf" => "article");
            dbquery_insert(DB_SETTINGS_INF, $inputSettings, "update", array("primary_key" => "settings_name"));
        }
        addNotice("success", $locale['900']);
        redirect(FUSION_REQUEST);
    } else {
        addNotice('danger', $locale['901']);
    }
}
echo "<div class='well'>" . $locale['articles_0031'] . "</div>";
echo openform('settingsform', 'post', FUSION_REQUEST);
openside('');
echo form_text("article_pagination", $locale['articles_0032'], $article_settings['article_pagination'], array("inline" => TRUE, "max_length" => 4, "width" => "150px", "type" => "number"));
Exemple #15
0
$input = array('mailname' => '', 'email' => '', 'subject' => '', 'message' => '', 'captcha_code' => '');
if (isset($_POST['sendmessage'])) {
    foreach ($input as $key => $value) {
        if (isset($_POST[$key])) {
            // Subject needs 'special' treatment
            if ($key == 'subject') {
                $input['subject'] = substr(str_replace(array("\r", "\n", "@"), "", descript(stripslash(trim($_POST['subject'])))), 0, 128);
                // most unique in the entire CMS. keep.
                $input['subject'] = form_sanitizer($input['subject'], $input[$key], $key);
                // Others don't
            } else {
                $input[$key] = form_sanitizer($_POST[$key], $input[$key], $key);
            }
            // Input not posted, fallback to the default
        } else {
            $input[$key] = form_sanitizer($input[$key], $input[$key], $key);
        }
    }
    $_CAPTCHA_IS_VALID = FALSE;
    include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_check.php";
    // Dynamics need to develop Captcha. Before that, use method 2.
    if ($_CAPTCHA_IS_VALID == FALSE) {
        $defender->stop();
        addNotice('warning', $locale['424']);
    }
    if (!defined('FUSION_NULL')) {
        require_once INCLUDES . "sendmail_include.php";
        $template_result = dbquery("\n\t\t\tSELECT template_key, template_active, template_sender_name, template_sender_email\n\t\t\tFROM " . DB_EMAIL_TEMPLATES . "\n\t\t\tWHERE template_key='CONTACT'\n\t\t\tLIMIT 1");
        if (dbrows($template_result)) {
            $template_data = dbarray($template_result);
            if ($template_data['template_active'] == "1") {
Exemple #16
0
                     unlink(IMAGES_G . $pData['album_image']);
                 }
                 if ($pData['album_thumb1'] && file_exists(IMAGES_G . $pData['album_thumb1'])) {
                     unlink(IMAGES_G_T . $pData['album_thumb1']);
                 }
                 if ($pData['album_thumb2'] && file_exists(IMAGES_G . $pData['album_thumb2'])) {
                     unlink(IMAGES_G_T . $pData['album_thumb2']);
                 }
                 $data['album_image'] = "";
                 $data['album_thumb1'] = "";
                 $data['album_thumb2'] = "";
             }
         } else {
             $data['album_image'] = form_sanitizer(isset($_POST['album_image']) ? $_POST['album_image'] : "", "", "album_image");
             $data['album_thumb2'] = form_sanitizer(isset($_POST['album_thumb2']) ? $_POST['album_thumb2'] : "", "", "album_thumb2");
             $data['album_thumb1'] = form_sanitizer(isset($_POST['album_thumb1']) ? $_POST['album_thumb1'] : "", "", "album_thumb1");
         }
     }
 }
 if (defender::safe()) {
     if (dbcount("(album_id)", DB_PHOTO_ALBUMS, "album_id='" . intval($data['album_id']) . "'")) {
         // update album
         $result = dbquery_order(DB_PHOTO_ALBUMS, $data['album_order'], 'album_order', $data['album_id'], 'album_id', FALSE, FALSE, TRUE, 'album_language', 'update');
         dbquery_insert(DB_PHOTO_ALBUMS, $data, "update");
         addNotice('success', $locale['album_0013']);
         redirect(FUSION_SELF . $aidlink);
     } else {
         // create album
         $result = dbquery_order(DB_PHOTO_ALBUMS, $data['album_order'], 'album_order', 0, "album_id", FALSE, FALSE, TRUE, 'album_language', 'save');
         dbquery_insert(DB_PHOTO_ALBUMS, $data, "save");
         addNotice('success', $locale['album_0014']);
Exemple #17
0
} else {
    $image_count = 0;
}
if (isset($_GET['del']) && in_array($_GET['del'], $image_list)) {
    unlink($afolder . stripinput($_GET['del']));
    if ($settings['tinymce_enabled'] == 1) {
        include INCLUDES . "buildlist.php";
    }
    addNotice('warning', $locale['400']);
    redirect(FUSION_SELF . $aidlink . "&amp;ifolder=" . $_GET['ifolder']);
} elseif (isset($_POST['uploadimage'])) {
    $data = array('myfile' => '');
    if (defender::safe()) {
        if (!empty($_FILES['myfile'])) {
            // when files is uploaded.
            $upload = form_sanitizer($_FILES['myfile'], '', 'myfile');
            if (!empty($upload) && $upload['error'] == 0) {
                $data['myfile'] = $upload['image_name'];
                if ($settings['tinymce_enabled'] == 1) {
                    include INCLUDES . "buildlist.php";
                }
                if (defender::safe()) {
                    addNotice('success', $locale['420']);
                    redirect(FUSION_SELF . $aidlink . "&amp;ifolder=" . $_GET['ifolder'] . "&img=" . $data['myfile']);
                }
            }
            redirect(FUSION_SELF . $aidlink . "&amp;ifolder=" . $_GET['ifolder']);
        }
    }
} else {
    opentable($locale['420']);
Exemple #18
0
function debonair_theme_widget()
{
    global $locale;
    require_once "functions.php";
    $settings = get_theme_settings("debonair");
    /**
     * data parsing
     */
    $ubanner_col_1_data = uncomposeSelection($settings['ubanner_col_1']);
    $ubanner_col_2_data = uncomposeSelection($settings['ubanner_col_2']);
    $ubanner_col_3_data = uncomposeSelection($settings['ubanner_col_3']);
    $settings = array("main_banner_url" => $settings['main_banner_url'], "ubanner_col_1" => !empty($ubanner_col_1_data['selected']) ? $ubanner_col_1_data['selected'] : 0, "ubanner_col_2" => !empty($ubanner_col_2_data['selected']) ? $ubanner_col_2_data['selected'] : 0, "ubanner_col_3" => !empty($ubanner_col_3_data['selected']) ? $ubanner_col_3_data['selected'] : 0, "lbanner_col_1" => $settings['lbanner_col_1'], "lbanner_col_2" => $settings['lbanner_col_2'], "lbanner_col_3" => $settings['lbanner_col_3'], "lbanner_col_4" => $settings['lbanner_col_4'], "facebook_url" => $settings['facebook_url'], "twitter_url" => $settings['twitter_url']);
    if (isset($_POST['save_settings'])) {
        $inputArray = array("main_banner_url" => form_sanitizer($_POST['main_banner_url'], "", "main_banner_url"), "ubanner_col_1" => composeSelection(form_sanitizer($_POST['ubanner_col_1'], "", "ubanner_col_1")), "ubanner_col_2" => composeSelection(form_sanitizer($_POST['ubanner_col_2'], "", "ubanner_col_2")), "ubanner_col_3" => composeSelection(form_sanitizer($_POST['ubanner_col_3'], "", "ubanner_col_3")), "lbanner_col_1" => form_sanitizer($_POST['lbanner_col_1'], "", "lbanner_col_1"), "lbanner_col_2" => form_sanitizer($_POST['lbanner_col_2'], "", "lbanner_col_2"), "lbanner_col_3" => form_sanitizer($_POST['lbanner_col_3'], "", "lbanner_col_3"), "lbanner_col_4" => form_sanitizer($_POST['lbanner_col_4'], "", "lbanner_col_4"), "facebook_url" => form_sanitizer($_POST['facebook_url'], "", "facebook_url"), "twitter_url" => form_sanitizer($_POST['twitter_url'], "", "twitter_url"));
        foreach ($inputArray as $settings_name => $settings_value) {
            $sqlArray = array("settings_name" => $settings_name, "settings_value" => $settings_value, "settings_theme" => "debonair");
            dbquery_insert(DB_SETTINGS_THEME, $sqlArray, "update", array("primary_key" => "settings_name"));
        }
        if (defender::safe()) {
            redirect(FUSION_REQUEST);
        }
    }
    echo openform("debonair_theme_settings", "post", FUSION_REQUEST);
    $exclude_list = ".|..|.htaccess|.DS_Store|config.php|config.temp.php|.gitignore|LICENSE|README.md|robots.txt|reactivate.php|rewrite.php|maintenance.php|maincore.php|lostpassword.php|index.php|error.php";
    $list = array();
    $file_list = makefilelist(BASEDIR, $exclude_list);
    foreach ($file_list as $files) {
        $list[] = $files;
    }
    $include_list = array();
    $file_list = makefilelist(THEMES . "/debonair/include/", $exclude_list);
    foreach ($file_list as $files) {
        $include_list[$files] = str_replace(".php", "", str_replace("_", " ", ucwords($files)));
    }
    openside("");
    echo form_select("main_banner_url", $locale['debonair_0300'], $settings['main_banner_url'], array("options" => $list, "tags" => true, "multiple" => true, "width" => "100%", "inline" => false));
    echo "<p>" . $locale['debonair_0301'] . "</p>";
    closeside();
    openside("");
    echo form_text("facebook_url", $locale['debonair_0321'], $settings['facebook_url'], array("type" => "url", "inline" => true, "placeholder" => "http://www.facebook.com/your-page-id"));
    echo form_text("twitter_url", $locale['debonair_0322'], $settings['twitter_url'], array("type" => "url", "inline" => true, "placeholder" => "http://www.twitter.com/your-page-id"));
    closeside();
    $templateOpts[0] = $locale['debonair_0302'];
    /**
     * Article Selector
     */
    $articleOpts = array();
    if (db_exists(DB_ARTICLES)) {
        $article_result = dbquery("select article_id, article_subject, article_cat_language FROM " . DB_ARTICLES . " a\n\t \t\t\t\tleft join " . DB_ARTICLE_CATS . " ac on a.article_cat = ac.article_cat_id\n\t \t\t\t\torder by article_datestamp DESC\n\t \t\t\t\t");
        if (dbrows($article_result) > 0) {
            while ($data = dbarray($article_result)) {
                $articleOpts[$data['article_cat_language']][$data['article_id']] = $data['article_subject'];
            }
        }
        if (!empty($articleOpts)) {
            $templateOpts['articles'] = $locale['debonair_0303'];
        }
    }
    /**
     * News Selector
     */
    $newsOpts = array();
    if (db_exists(DB_NEWS)) {
        $news_result = dbquery("select news_id, news_subject, news_language FROM " . DB_NEWS . " order by news_datestamp DESC");
        if (dbrows($news_result) > 0) {
            while ($data = dbarray($news_result)) {
                $newsOpts[$data['news_language']][$data['news_id']] = $data['news_subject'];
            }
        }
        if (!empty($newsOpts)) {
            $templateOpts['news'] = $locale['debonair_0304'];
        }
    }
    /**
     * Blog Selector
     */
    $blogOpts = array();
    if (db_exists(DB_BLOG)) {
        $blog_result = dbquery("select blog_id, blog_subject, blog_language FROM " . DB_BLOG . "\n\t \t\t\t\torder by blog_datestamp DESC\n\t \t\t\t\t");
        if (dbrows($blog_result) > 0) {
            while ($data = dbarray($blog_result)) {
                $blogOpts[$data['blog_language']][$data['blog_id']] = $data['blog_subject'];
            }
        }
        if (!empty($blogOpts)) {
            $templateOpts['blog'] = $locale['debonair_0305'];
        }
    }
    /**
     * Custom Page Selector
     * Note: custom page has a different multilanguage setup.
     */
    $cpOpts = array();
    if (db_exists(DB_CUSTOM_PAGES)) {
        $cp_result = dbquery("select page_id, page_title, page_language FROM " . DB_CUSTOM_PAGES . " order by page_id ASC");
        if (dbrows($cp_result) > 0) {
            while ($data = dbarray($cp_result)) {
                $acceptedLang = stristr($data['page_language'], ".") ? explode(".", $data['page_language']) : array(0 => $data['page_language']);
                foreach (fusion_get_enabled_languages() as $lang) {
                    if (in_array($lang, $acceptedLang)) {
                        $cpOpts[$lang][$data['page_id']] = $data['page_title'];
                    }
                }
            }
        }
        if (!empty($cpOpts)) {
            $templateOpts['cp'] = $locale['debonair_0306'];
        }
    }
    openside("");
    echo "<div class='row'>\n";
    echo "<div class='col-xs-12 col-sm-4'>\n";
    echo form_select("ubanner_col_1", $locale['debonair_0307'], $settings['ubanner_col_1'], array("options" => $templateOpts, "inline" => false));
    if (!empty($articleOpts)) {
        echo "<div id='ubanner_col_1-articles-choices' class='choices1' " . ($settings['ubanner_col_1'] === "articles" ? "" : "style='display:none;'") . "'>\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_1'] === "articles" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
            echo form_select("articles-" . $lang, sprintf($locale['debonair_0310'], $lang), $callback_value, array("options" => isset($articleOpts[$lang]) ? $articleOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($newsOpts)) {
        echo "<div id='ubanner_col_1-news-choices' class='choices1' " . ($settings['ubanner_col_1'] === "news" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_1'] === "news" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
            echo form_select("news-" . $lang, sprintf($locale['debonair_0311'], $lang), $callback_value, array("options" => isset($newsOpts[$lang]) ? $newsOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($blogOpts)) {
        echo "<div id='ubanner_col_1-blog-choices' class='choices1' " . ($settings['ubanner_col_1'] === "blog" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_1'] === "blog" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
            echo form_select("blog-" . $lang, sprintf($locale['debonair_0312'], $lang), $callback_value, array("options" => isset($blogOpts[$lang]) ? $blogOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($cpOpts)) {
        echo "<div id='ubanner_col_1-cp-choices' class='choices1' " . ($settings['ubanner_col_1'] === "cp" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_1'] === "cp" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
            echo form_select("cp-" . $lang, sprintf($locale['debonair_0313'], $lang), $callback_value, array("options" => isset($cpOpts[$lang]) ? $cpOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    echo "</div><div class='col-xs-12 col-sm-4'>\n";
    echo form_select("ubanner_col_2", $locale['debonair_0308'], $settings['ubanner_col_2'], array("options" => $templateOpts, "inline" => false));
    if (!empty($articleOpts)) {
        echo "<div id='ubanner_col_2-articles-choices' class='choices2' " . ($settings['ubanner_col_2'] === "articles" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_2'] === "articles" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
            echo form_select("articles2-" . $lang, sprintf($locale['debonair_0310'], $lang), $callback_value, array("options" => isset($articleOpts[$lang]) ? $articleOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($newsOpts)) {
        echo "<div id='ubanner_col_2-news-choices' class='choices2' " . ($settings['ubanner_col_2'] === "news" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_2'] === "news" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
            echo form_select("news2-" . $lang, sprintf($locale['debonair_0311'], $lang), $callback_value, array("options" => isset($newsOpts[$lang]) ? $newsOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($blogOpts)) {
        echo "<div id='ubanner_col_2-blog-choices' class='choices2' " . ($settings['ubanner_col_2'] === "blog" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_2'] === "blog" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
            echo form_select("blog2-" . $lang, sprintf($locale['debonair_0312'], $lang), $callback_value, array("options" => isset($blogOpts[$lang]) ? $blogOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($cpOpts)) {
        echo "<div id='ubanner_col_2-cp-choices' class='choices2' " . ($settings['ubanner_col_2'] === "cp" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_2'] === "cp" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
            echo form_select("cp2-" . $lang, sprintf($locale['debonair_0313'], $lang), $callback_value, array("options" => isset($cpOpts[$lang]) ? $cpOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    echo "</div><div class='col-xs-12 col-sm-4'>\n";
    // 3rd
    echo form_select("ubanner_col_3", $locale['debonair_0309'], $settings['ubanner_col_3'], array("options" => $templateOpts, "inline" => false));
    if (!empty($articleOpts)) {
        echo "<div id='ubanner_col_3-articles-choices' class='choices3' " . ($settings['ubanner_col_3'] == "articles" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_3'] === "articles" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
            echo form_select("articles3-" . $lang, sprintf($locale['debonair_0310'], $lang), $callback_value, array("options" => isset($articleOpts[$lang]) ? $articleOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($newsOpts)) {
        echo "<div id='ubanner_col_3-news-choices' class='choices3' " . ($settings['ubanner_col_3'] === "news" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_3'] === "news" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
            echo form_select("news3-" . $lang, sprintf($locale['debonair_0311'], $lang), $callback_value, array("options" => isset($newsOpts[$lang]) ? $newsOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($blogOpts)) {
        echo "<div id='ubanner_col_3-blog-choices' class='choices3' " . ($settings['ubanner_col_3'] === "blog" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_3'] === "blog" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
            echo form_select("blog3-" . $lang, sprintf($locale['debonair_0312'], $lang), $callback_value, array("options" => isset($blogOpts[$lang]) ? $blogOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($cpOpts)) {
        echo "<div id='ubanner_col_3-cp-choices' class='choices3' " . ($settings['ubanner_col_3'] === "cp" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_3'] === "cp" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
            echo form_select("cp3-" . $lang, sprintf($locale['debonair_0313'], $lang), $callback_value, array("options" => isset($cpOpts[$lang]) ? $cpOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    echo "</div>\n</div>\n";
    echo $locale['debonair_0315'];
    closeside();
    openside("");
    echo form_select("lbanner_col_1", $locale['debonair_0317'], $settings['lbanner_col_1'], array("options" => $include_list, "inline" => true));
    echo form_select("lbanner_col_2", $locale['debonair_0318'], $settings['lbanner_col_2'], array("options" => $include_list, "inline" => true));
    echo form_select("lbanner_col_3", $locale['debonair_0319'], $settings['lbanner_col_3'], array("options" => $include_list, "inline" => true));
    echo form_select("lbanner_col_4", $locale['debonair_0320'], $settings['lbanner_col_4'], array("options" => $include_list, "inline" => true));
    echo $locale['debonair_0316'];
    closeside();
    echo form_button("save_settings", $locale['save_changes'], "save", array("class" => "btn-success"));
    echo closeform();
    // Now use Jquery to chain the selectors - add_to_jquery combines, include into a single min. document ready script
    add_to_jquery("\n\tfunction switchSelection(selector, value) {\n\t\t\$('.choices'+selector).hide();\n\t\tif (value == '0') {\n\t\t\t\$('.choices'+selector).hide();\n\t\t} else {\n\t\t\t\$('#ubanner_col_'+selector+'-'+value+'-choices').show();\n\t\t}\n\t}\n\t\$('#ubanner_col_1').bind('change', function() { switchSelection(1, \$(this).val()); });\n\t\$('#ubanner_col_2').bind('change', function() { switchSelection(2, \$(this).val()); });\n\t\$('#ubanner_col_3').bind('change', function() { switchSelection(3, \$(this).val()); });\n\t");
}
Exemple #19
0
        $total_faqs = dbcount("(faq_id)", DB_FAQS, "faq_cat_id='" . $_GET['faq_cat_id'] . "'");
        $faq_start = $total_faqs > $show_faqs ? floor($total_faqs / $show_faqs) * $show_faqs : 0;
        redirect(FUSION_SELF . $aidlink . "&amp;show_faq=" . $_GET['faq_cat_id'] . "&amp;faq_start=" . $faq_start);
    }
}
$data = array("faq_id" => 0, "faq_cat_id" => 0, "faq_question" => "", "faq_answer" => "");
if ($faq_edit) {
    $result = dbquery("select * from " . DB_FAQS . " where faq_id='" . intval($_GET['faq_id']) . "'");
    if (dbrows($result) > 0) {
        $data = dbarray($result);
    } else {
        redirect(FUSION_SELF . $aidlink);
    }
}
if (isset($_POST['save_faq'])) {
    $data = array("faq_id" => form_sanitizer($_POST['faq_id'], 0, "faq_id"), "faq_cat_id" => form_sanitizer($_POST['faq_cat_id'], 0, "faq_cat_id"), "faq_question" => form_sanitizer($_POST['faq_question'], "", "faq_question"), "faq_answer" => form_sanitizer($_POST['faq_answer'], "", "faq_answer"));
    if (defender::safe()) {
        if (dbcount("(faq_id)", DB_FAQS, "faq_id='" . $data['faq_id'] . "'")) {
            dbquery_insert(DB_FAQS, $data, "update");
            addNotice("success", $locale['faq_0306']);
        } else {
            dbquery_insert(DB_FAQS, $data, "save");
            addNotice("success", $locale['faq_0305']);
        }
        // it's 15 limiter in show_faq function
        // 5, 10, 15.
        // 17/5 = 3.4*5 = 15
        $total_faqs = dbcount("(faq_id)", DB_FAQS, "faq_cat_id='" . $data['faq_cat_id'] . "'");
        $faq_start = $total_faqs > $show_faqs ? floor($total_faqs / $show_faqs) * $show_faqs : 0;
        redirect(FUSION_SELF . $aidlink . "&amp;show_faq=" . $data['faq_cat_id'] . "&amp;faq_start=" . $faq_start);
    }
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
if (fusion_get_settings("tinymce_enabled")) {
    echo "<script language='javascript' type='text/javascript'>advanced();</script>\n";
}
if (isset($_GET['submit_id']) && isnum($_GET['submit_id'])) {
    if (isset($_POST['publish']) && (isset($_GET['submit_id']) && isnum($_GET['submit_id']))) {
        $result = dbquery("SELECT ts.*, tu.user_id, tu.user_name FROM " . DB_SUBMISSIONS . " ts\n\t\t\tLEFT JOIN " . DB_USERS . " tu ON ts.submit_user=tu.user_id\n\t\t\tWHERE submit_id='" . $_GET['submit_id'] . "'");
        if (dbrows($result)) {
            $callback_data = dbarray($result);
            $callback_data = array("download_id" => 0, "download_user" => $callback_data['submit_user'], "download_title" => form_sanitizer($_POST['download_title'], '', 'download_title'), "download_description" => form_sanitizer($_POST['download_description'], '', 'download_description'), "download_description_short" => form_sanitizer($_POST['download_description_short'], '', 'download_description_short'), "download_cat" => form_sanitizer($_POST['download_cat'], 0, 'download_cat'), "download_homepage" => form_sanitizer($_POST['download_homepage'], '', 'download_homepage'), "download_license" => form_sanitizer($_POST['download_license'], '', 'download_license'), "download_copyright" => form_sanitizer($_POST['download_copyright'], '', 'download_copyright'), "download_os" => form_sanitizer($_POST['download_os'], '', 'download_os'), "download_version" => form_sanitizer($_POST['download_version'], '', 'download_version'), "download_file" => form_sanitizer($_POST['download_file'], '', 'download_file'), "download_url" => form_sanitizer($_POST['download_url'], '', 'download_url'), "download_filesize" => form_sanitizer($_POST['download_filesize'], '', 'download_filesize'), "download_image" => form_sanitizer($_POST['download_image'], '', 'download_image'), "download_image_thumb" => form_sanitizer($_POST['download_image_thumb'], '', 'download_image_thumb'), "download_allow_comments" => isset($_POST['download_allow_comments']) ? TRUE : FALSE, "download_allow_ratings" => isset($_POST['download_allow_ratings']) ? TRUE : FALSE, "download_visibility" => form_sanitizer($_POST['download_visibility'], '', 'download_visibility'), "download_keywords" => form_sanitizer($_POST['download_keywords'], '', 'download_keywords'), "download_datestamp" => $callback_data['submit_datestamp']);
            if (defender::safe()) {
                // move files
                if (!empty($callback_data['download_file']) && file_exists(DOWNLOADS . "/submissions/" . $callback_data['download_file'])) {
                    $dest = DOWNLOADS . "files/";
                    $temp_file = $callback_data['download_file'];
                    $callback_data['download_file'] = filename_exists($dest, $callback_data['download_file']);
                    copy(DOWNLOADS . "submissions/" . $temp_file, $dest . $callback_data['download_file']);
                    chmod($dest . $callback_data['download_file'], 0644);
                    unlink(DOWNLOADS . "submissions/" . $temp_file);
                }
                // move images
                if (!empty($callback_data['download_image']) && file_exists(DOWNLOADS . "/submissions/images/" . $callback_data['download_image'])) {
                    $dest = DOWNLOADS . "images/";
                    $temp_file = $callback_data['download_image'];
                    $callback_data['download_image'] = filename_exists($dest, $callback_data['download_image']);
Exemple #21
0
                @rename(BASEDIR . ".htaccess", BASEDIR . "_htaccess");
            }
        }
    }
    $result = !defined('FUSION_NULL') ? dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . stripinput($_POST['default_search']) . "' WHERE settings_name='default_search'") : '';
    $exclude_left = form_sanitizer($_POST['exclude_left'], '', 'exclude_left');
    $result = !defined('FUSION_NULL') ? dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='{$exclude_left}' WHERE settings_name='exclude_left'") : '';
    $exclude_upper = form_sanitizer($_POST['exclude_upper'], '', 'exclude_upper');
    $result = !defined('FUSION_NULL') ? dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='{$exclude_upper}' WHERE settings_name='exclude_upper'") : '';
    $exclude_aupper = form_sanitizer($_POST['exclude_aupper'], '', 'exclude_aupper');
    $result = !defined('FUSION_NULL') ? dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='{$exclude_aupper}' WHERE settings_name='exclude_aupper'") : '';
    $exclude_lower = form_sanitizer($_POST['exclude_lower'], '', 'exclude_lower');
    $result = !defined('FUSION_NULL') ? dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='{$exclude_lower}' WHERE settings_name='exclude_lower'") : '';
    $exclude_blower = form_sanitizer($_POST['exclude_blower'], '', 'exclude_blower');
    $result = !defined('FUSION_NULL') ? dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='{$exclude_blower}' WHERE settings_name='exclude_blower'") : '';
    $exclude_right = form_sanitizer($_POST['exclude_right'], '', 'exclude_right');
    $result = !defined('FUSION_NULL') ? dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='{$exclude_right}' WHERE settings_name='exclude_right'") : '';
}
$settings2 = array();
$result = dbquery("SELECT * FROM " . DB_SETTINGS);
while ($data = dbarray($result)) {
    $settings2[$data['settings_name']] = $data['settings_value'];
}
$theme_files = makefilelist(THEMES, ".|..|templates", TRUE, "folders");
opentable($locale['400']);
echo openform('settingsform', 'settingsform', 'post', FUSION_SELF . $aidlink, array('downtime' => 0));
echo "<table class='table table-responsive center'>\n<tbody>\n<tr>\n";
echo "<td width='35%' class='tbl'><label for='sitename'>" . $locale['402'] . "</label> <span class='required'>*</span></td>\n";
echo "<td width='65%' class='tbl'>\n";
echo form_text('', 'sitename', 'sitename', $settings2['sitename'], array('max_length' => 255, 'required' => 1, 'error_text' => $locale['error_value']));
echo "</td>\n</tr>\n<tr>\n";
Exemple #22
0
         $message = $locale['SB_shout_updated'];
     } elseif ($_GET['status'] == "del") {
         $message = $locale['SB_shout_deleted'];
     }
     if ($message) {
         echo "<div id='close-message'><div class='admin-message alert alert-info m-t-10'>" . $message . "</div></div>\n";
     }
 } elseif (isset($_GET['action']) && $_GET['action'] == "delete" && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
     $result = dbquery("DELETE FROM " . DB_SHOUTBOX . " WHERE shout_id='" . $_GET['shout_id'] . "'");
     redirect(FUSION_SELF . $aidlink . "&status=del");
 } else {
     if (isset($_POST['saveshout']) && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
         $shout_message = str_replace("\n", " ", $_POST['shout_message']);
         $shout_message = preg_replace("/^(.{255}).*\$/", "\$1", $shout_message);
         $shout_message = preg_replace("/([^\\s]{25})/", "\$1\n", $shout_message);
         $shout_message = form_sanitizer($shout_message, '', 'shout_message');
         $shout_message = str_replace("\n", "<br />", $shout_message);
         if (!defined('FUSION_NULL')) {
             $result = dbquery("UPDATE " . DB_SHOUTBOX . " SET shout_message='{$shout_message}' WHERE shout_id='" . $_GET['shout_id'] . "'");
             redirect(FUSION_SELF . $aidlink . "&status=su");
         }
     }
     if (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
         $result = dbquery("SELECT shout_id, shout_message FROM " . DB_SHOUTBOX . " WHERE shout_id='" . $_GET['shout_id'] . "'");
         if (dbrows($result)) {
             $data = dbarray($result);
             opentable($locale['SB_edit_shout']);
             echo openform('input_form', 'input_form', 'post', FUSION_SELF . $aidlink . "&amp;shout_id=" . $data['shout_id'] . "", array('downtime' => 0, 'notice' => 0));
             echo form_textarea($locale['SB_message'], 'shout_message', 'shout_message', $data['shout_message'], array('required' => 1, 'bbcode' => 1));
             echo form_button($locale['SB_save_shout'], 'saveshout', 'saveshout', $locale['SB_save_shout'], array('class' => 'btn-primary'));
             echo closeform();
Exemple #23
0
 public function render_poll_form($edit = 0)
 {
     global $locale, $defender;
     $poll_field = '';
     // Build Polls Info.
     $thread_data = $this->thread_info['thread'];
     if ($edit ? $this->getThreadPermission("can_edit_poll") : $this->getThreadPermission("can_create_poll")) {
         // if permitted to create new poll.
         $data = array('thread_id' => $thread_data['thread_id'], 'forum_poll_title' => isset($_POST['forum_poll_title']) ? form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title') : '', 'forum_poll_start' => time(), 'forum_poll_length' => 2, 'forum_poll_votes' => 0);
         // counter of lengths
         $option_data[1] = "";
         $option_data[2] = "";
         // calculate poll lengths
         if (isset($_POST['poll_options'])) {
             // callback on post.
             foreach ($_POST['poll_options'] as $i => $value) {
                 $option_data[$i] = form_sanitizer($value, '', "poll_options[{$i}]");
             }
             // reindex the whole array with blank values.
             if ($defender->safe()) {
                 $option_data = array_values(array_filter($option_data));
                 array_unshift($option_data, NULL);
                 unset($option_data[0]);
                 $data['forum_poll_length'] = count($option_data);
             }
         }
         // add a Blank Poll option
         if (isset($_POST['add_poll_option']) && $defender->safe()) {
             array_push($option_data, '');
         }
         if ($edit) {
             $result = dbquery("SELECT * FROM " . DB_FORUM_POLLS . " WHERE thread_id='" . $thread_data['thread_id'] . "'");
             if (dbrows($result) > 0) {
                 if (isset($_POST['update_poll']) || isset($_POST['add_poll_option'])) {
                     $load = FALSE;
                     $data += dbarray($result);
                     // append if not available.
                 } else {
                     $load = TRUE;
                     $data = dbarray($result);
                     // call
                 }
                 if (isset($_POST['update_poll'])) {
                     $data = array('thread_id' => $thread_data['thread_id'], 'forum_poll_title' => form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title'), 'forum_poll_start' => $data['forum_poll_start'], 'forum_poll_length' => $data['forum_poll_length']);
                     dbquery_insert(DB_FORUM_POLLS, $data, 'update', array('primary_key' => 'thread_id', 'no_unique' => TRUE));
                     $i = 1;
                     // populate data for matches
                     $poll_result = dbquery("SELECT forum_poll_option_id FROM " . DB_FORUM_POLL_OPTIONS . " WHERE thread_id='" . $thread_data['thread_id'] . "'");
                     while ($_data = dbarray($poll_result)) {
                         $_poll[$_data['forum_poll_option_id']] = $_data;
                         // Prune the emptied fields AND field is not required.
                         if (empty($option_data[$_data['forum_poll_option_id']]) && $defender->safe()) {
                             dbquery("DELETE FROM " . DB_FORUM_POLL_OPTIONS . " WHERE thread_id='" . $thread_data['thread_id'] . "' AND forum_poll_option_id='" . $_data['forum_poll_option_id'] . "'");
                         }
                     }
                     foreach ($option_data as $option_text) {
                         if ($option_text) {
                             if ($defender->safe()) {
                                 if (isset($_poll[$i])) {
                                     // has record
                                     dbquery("UPDATE " . DB_FORUM_POLL_OPTIONS . " SET forum_poll_option_text='" . $option_text . "' WHERE thread_id='" . $thread_data['thread_id'] . "' AND forum_poll_option_id='" . $i . "'");
                                 } else {
                                     // no record - create
                                     $array = array('thread_id' => $thread_data['thread_id'], 'forum_poll_option_id' => $i, 'forum_poll_option_text' => $option_text, 'forum_poll_option_votes' => 0);
                                     dbquery_insert(DB_FORUM_POLL_OPTIONS, $array, 'save');
                                 }
                             }
                             $i++;
                         }
                     }
                     if ($defender->safe()) {
                         redirect(INFUSIONS . "forum/postify.php?post=editpoll&error=0&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id']);
                     }
                 }
                 // how to make sure values containing options votes
                 $poll_field['openform'] = openform('pollform', 'post', INFUSIONS . 'forum/viewthread.php?action=editpoll&forum_id=' . $_GET['forum_id'] . '&thread_id=' . $_GET['thread_id']);
                 $poll_field['openform'] .= "<div class='text-info m-b-20 m-t-10'>" . $locale['forum_0613'] . "</div>\n";
                 $poll_field['poll_field'] = form_text('forum_poll_title', $locale['forum_0604'], $data['forum_poll_title'], array('max_length' => 255, 'placeholder' => $locale['forum_0604a'], 'inline' => TRUE, 'required' => TRUE));
                 if ($load == FALSE) {
                     for ($i = 1; $i <= count($option_data); $i++) {
                         $poll_field['poll_field'] .= form_text("poll_options[{$i}]", sprintf($locale['forum_0606'], $i), $option_data[$i], array('max_length' => 255, 'placeholder' => $locale['forum_0605'], 'inline' => 1, 'required' => $i <= 2 ? TRUE : FALSE));
                     }
                 } else {
                     $result = dbquery("SELECT forum_poll_option_text, forum_poll_option_votes FROM " . DB_FORUM_POLL_OPTIONS . " WHERE thread_id='" . $_GET['thread_id'] . "' ORDER BY forum_poll_option_id ASC");
                     $i = 1;
                     while ($_pdata = dbarray($result)) {
                         $poll_field['poll_field'] .= form_text("poll_options[{$i}]", $locale['forum_0605'] . ' ' . $i, $_pdata['forum_poll_option_text'], array('max_length' => 255, 'placeholder' => 'Poll Options', 'inline' => 1, 'required' => $i <= 2 or $_pdata['forum_poll_option_votes'] ? TRUE : FALSE));
                         $i++;
                     }
                 }
                 $poll_field['poll_field'] .= "<div class='col-xs-12 col-sm-offset-3'>\n";
                 $poll_field['poll_field'] .= form_button('add_poll_option', $locale['forum_0608'], $locale['forum_0608'], array('class' => 'btn-primary btn-sm'));
                 $poll_field['poll_field'] .= "</div>\n";
                 $poll_field['poll_button'] = form_button('update_poll', $locale['forum_2013'], $locale['forum_2013'], array('class' => 'btn-default'));
                 $poll_field['closeform'] = closeform();
             } else {
                 redirect(INFUSIONS . 'forum/index.php');
                 // redirect because the poll id is not available.
             }
         } else {
             // Save New Poll
             if (isset($_POST['add_poll'])) {
                 dbquery_insert(DB_FORUM_POLLS, $data, 'save');
                 $data['forum_poll_id'] = dblastid();
                 $i = 1;
                 foreach ($option_data as $option_text) {
                     if ($option_text) {
                         $data['forum_poll_option_id'] = $i;
                         $data['forum_poll_option_text'] = $option_text;
                         $data['forum_poll_option_votes'] = 0;
                         dbquery_insert(DB_FORUM_POLL_OPTIONS, $data, 'save');
                         $i++;
                     }
                 }
                 if ($defender->safe()) {
                     dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_poll='1' WHERE thread_id='" . $thread_data['thread_id'] . "'");
                     redirect(INFUSIONS . "forum/postify.php?post=newpoll&error=0&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id']);
                 }
             }
             // blank poll - no poll on edit or new thread
             $poll_field['openform'] = openform('pollform', 'post', INFUSIONS . 'forum/viewthread.php?action=newpoll&forum_id=' . $_GET['forum_id'] . '&thread_id=' . $_GET['thread_id'], array('max_tokens' => 1));
             $poll_field['poll_field'] = form_text('forum_poll_title', $locale['forum_0604'], $data['forum_poll_title'], array('max_length' => 255, 'placeholder' => $locale['forum_0604a'], 'inline' => TRUE, 'required' => TRUE));
             for ($i = 1; $i <= count($option_data); $i++) {
                 $poll_field['poll_field'] .= form_text("poll_options[{$i}]", sprintf($locale['forum_0606'], $i), $option_data[$i], array('max_length' => 255, 'placeholder' => $locale['forum_0605'], 'inline' => 1, 'required' => $i <= 2 ? TRUE : FALSE));
             }
             $poll_field['poll_field'] .= "<div class='col-xs-12 col-sm-offset-3'>\n";
             $poll_field['poll_field'] .= form_button('add_poll_option', $locale['forum_0608'], $locale['forum_0608'], array('class' => 'btn-primary btn-sm'));
             $poll_field['poll_field'] .= "</div>\n";
             $poll_field['poll_button'] = form_button('add_poll', $locale['forum_2011'], $locale['forum_2011'], array('class' => 'btn-success btn-md'));
             $poll_field['closeform'] = closeform();
         }
         $info = array('title' => $locale['forum_0366'], 'description' => $locale['forum_2000'] . $thread_data['thread_subject'], 'field' => $poll_field);
         pollform($info);
     } else {
         redirect(FORUM . "index.php");
     }
 }
Exemple #24
0
 /**
  * Display Forum Form
  */
 public function display_forum_form()
 {
     require_once INCLUDES . 'photo_functions_include.php';
     require_once INCLUDES . 'infusions_include.php';
     $forum_settings = $this->get_forum_settings();
     $language_opts = fusion_get_enabled_languages();
     add_breadcrumb(array('link' => '', 'title' => self::$locale['forum_001']));
     if (!isset($_GET['action']) && $_GET['parent_id']) {
         $data['forum_cat'] = $_GET['parent_id'];
     }
     $type_opts = array('1' => self::$locale['forum_opts_001'], '2' => self::$locale['forum_opts_002'], '3' => self::$locale['forum_opts_003'], '4' => self::$locale['forum_opts_004']);
     $forum_image_path = FORUM . "images/";
     if (isset($_POST['remove_image']) && isset($_POST['forum_id'])) {
         $data['forum_id'] = form_sanitizer($_POST['forum_id'], '', 'forum_id');
         if ($data['forum_id']) {
             $data = self::get_forum($data['forum_id']);
             if (!empty($data)) {
                 $forum_image = $forum_image_path . $data['forum_image'];
                 if (!empty($data['forum_image']) && file_exists($forum_image) && !is_dir($forum_image)) {
                     @unlink($forum_image);
                     $data['forum_image'] = '';
                 }
                 dbquery_insert(DB_FORUMS, $data, 'update');
                 addNotice('success', self::$locale['forum_notice_8']);
                 redirect(FUSION_REQUEST);
             }
         }
     }
     opentable(self::$locale['forum_001']);
     echo openform('inputform', 'post', FUSION_REQUEST, array('enctype' => 1));
     echo "<div class='row'>\n<div class='col-xs-12 col-sm-8 col-md-8 col-lg-8'>\n";
     echo form_text('forum_name', self::$locale['forum_006'], $this->data['forum_name'], array('required' => 1, 'error_text' => self::$locale['forum_error_1'])) . form_textarea('forum_description', self::$locale['forum_007'], $this->data['forum_description'], array('autosize' => 1, 'type' => 'bbcode', 'form_name' => 'inputform', 'preview' => TRUE)) . form_text('forum_alias', self::$locale['forum_011'], $this->data['forum_alias']);
     echo "</div><div class='col-xs-12 col-sm-4 col-md-4 col-lg-4'>\n";
     openside('');
     $self_id = $this->data['forum_id'] ? $this->data['forum_id'] : '';
     echo form_select_tree('forum_cat', self::$locale['forum_008'], $this->data['forum_cat'], array('add_parent_opts' => 1, 'disable_opts' => $self_id, 'hide_disabled' => 1), DB_FORUMS, 'forum_name', 'forum_id', 'forum_cat', $self_id) . form_select('forum_type', self::$locale['forum_009'], $this->data['forum_type'], array("options" => $type_opts)) . form_select('forum_language', self::$locale['forum_010'], $this->data['forum_language'], array("options" => $language_opts)) . form_text('forum_order', self::$locale['forum_043'], $this->data['forum_order'], array('number' => 1)) . form_button('save_forum', $this->data['forum_id'] ? self::$locale['forum_000a'] : self::$locale['forum_000'], self::$locale['forum_000'], array('class' => 'btn btn-sm btn-success'));
     closeside();
     echo "</div>\n</div>\n";
     echo "<div class='row'>\n<div class='col-xs-12 col-sm-8 col-md-8 col-lg-8'>\n";
     echo form_select('forum_meta', self::$locale['forum_012'], $this->data['forum_meta'], array('tags' => 1, 'multiple' => 1, 'width' => '100%'));
     if ($this->data['forum_image'] && file_exists(FORUM . "images/" . $this->data['forum_image'])) {
         openside();
         echo "<div class='pull-left m-r-10'>\n";
         echo thumbnail(FORUM . "images/" . $this->data['forum_image'], '80px', '80px');
         echo "</div>\n<div class='overflow-hide'>\n";
         echo "<span class='strong'>" . self::$locale['forum_013'] . "</span><br/>\n";
         $image_size = @getimagesize(FORUM . "images/" . $this->data['forum_image']);
         echo "<span class='text-smaller'>" . sprintf(self::$locale['forum_027'], $image_size[0], $image_size[1]) . "</span><br/>";
         echo form_hidden('forum_image', '', $this->data['forum_image']);
         echo form_button('remove_image', self::$locale['forum_028'], self::$locale['forum_028'], array('class' => 'btn-danger btn-sm m-t-10', 'icon' => 'fa fa-trash'));
         echo "</div>\n";
         closeside();
     } else {
         $tab_title['title'][] = self::$locale['forum_013'];
         $tab_title['id'][] = 'fir';
         $tab_title['icon'][] = '';
         $tab_title['title'][] = self::$locale['forum_014'];
         $tab_title['id'][] = 'ful';
         $tab_title['icon'][] = '';
         $tab_active = tab_active($tab_title, 0);
         echo opentab($tab_title, $tab_active, 'forum-image-tab', FALSE, "m-t-20 m-b-20");
         // Upload Image
         echo opentabbody($tab_title['title'][0], 'fir', $tab_active);
         echo "<span class='display-inline-block m-t-10 m-b-10'>" . sprintf(self::$locale['forum_015'], parsebytesize($forum_settings['forum_attachmax'])) . "</span>\n";
         $fileOptions = array("upload_path" => $forum_image_path, "thumbnail" => TRUE, "thumbnail_folder" => $forum_image_path, "type" => "image", "delete_original" => TRUE, "max_count" => $forum_settings['forum_attachmax']);
         echo form_fileinput('forum_image', "", '', $fileOptions);
         echo closetabbody();
         // Upload image via Web Address
         echo opentabbody($tab_title['title'][1], 'ful', $tab_active);
         echo "<span class='display-inline-block m-t-10 m-b-10'>" . self::$locale['forum_016'] . "</strong></span>\n";
         $header_opts = array('0' => 'Local Server', '1' => 'URL');
         echo form_select('forum_image_header', self::$locale['forum_056'], '', array('inline' => TRUE, 'options' => $header_opts));
         echo form_text('forum_image_url', self::$locale['forum_014'], '', array('placeholder' => 'images/forum/', 'inline' => TRUE));
         echo closetabbody();
         echo closetab();
     }
     echo form_textarea('forum_rules', self::$locale['forum_017'], $this->data['forum_rules'], array('autosize' => 1, 'bbcode' => 1));
     echo "</div><div class='col-xs-12 col-sm-4 col-md-4 col-lg-4'>\n";
     openside('');
     // need to get parent category
     echo form_select_tree('forum_permissions', self::$locale['forum_025'], $this->data['forum_branch'], array('no_root' => 1, 'deactivate' => $this->data['forum_id'] ? TRUE : FALSE), DB_FORUMS, 'forum_name', 'forum_id', 'forum_cat');
     if ($this->data['forum_id']) {
         echo form_button('jp_forum', self::$locale['forum_029'], self::$locale['forum_029'], array('class' => 'btn-sm btn-default m-r-10'));
     }
     closeside();
     openside('');
     echo form_checkbox('forum_lock', self::$locale['forum_026'], $this->data['forum_lock'], array("reverse_label" => TRUE)) . form_checkbox('forum_users', self::$locale['forum_024'], $this->data['forum_users'], array("reverse_label" => TRUE)) . form_checkbox('forum_quick_edit', self::$locale['forum_021'], $this->data['forum_quick_edit'], array("reverse_label" => TRUE)) . form_checkbox('forum_merge', self::$locale['forum_019'], $this->data['forum_merge'], array("reverse_label" => TRUE)) . form_checkbox('forum_allow_attach', self::$locale['forum_020'], $this->data['forum_allow_attach'], array("reverse_label" => TRUE)) . form_checkbox('forum_allow_poll', self::$locale['forum_022'], $this->data['forum_allow_poll'], array("reverse_label" => TRUE)) . form_hidden('forum_id', '', $this->data['forum_id']) . form_hidden('forum_branch', '', $this->data['forum_branch']);
     closeside();
     echo "</div>\n</div>\n";
     echo form_button('save_forum', $this->data['forum_id'] ? self::$locale['forum_000a'] : self::$locale['forum_000'], self::$locale['forum_000'], array('class' => 'btn-sm btn-success'));
     echo closeform();
     closetable();
 }
Exemple #25
0
$mod_rewrite = FALSE;
if (function_exists('apache_get_modules') && in_array('mod_rewrite', apache_get_modules())) {
    $mod_rewrite = TRUE;
} elseif (isset($_SERVER['IIS_UrlRewriteModule'])) {
    $mod_rewrite = TRUE;
} elseif (isset($_SERVER['MOD_REWRITE'])) {
    $mod_rewrite = TRUE;
}
define('MOD_REWRITE', $mod_rewrite);
if (!MOD_REWRITE) {
    addNotice('danger', "<i class='fa fa-lg fa-warning m-r-10'></i>" . $locale['rewrite_disabled']);
}
$settings_seo = array('site_seo' => fusion_get_settings('site_seo'), 'normalize_seo' => fusion_get_settings('normalize_seo'), 'debug_seo' => fusion_get_settings('debug_seo'));
if (isset($_POST['savesettings'])) {
    foreach ($settings_seo as $key => $value) {
        $settings_seo[$key] = form_sanitizer($_POST[$key], 0, $key);
        if ($defender->safe()) {
            dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . $settings_seo[$key] . "' WHERE settings_name='" . $key . "'");
        }
    }
    $htc = "# Force utf-8 charset" . PHP_EOL;
    $htc .= "AddDefaultCharset utf-8" . PHP_EOL . PHP_EOL;
    $htc .= "# Security" . PHP_EOL;
    $htc .= "ServerSignature Off" . PHP_EOL . PHP_EOL;
    $htc .= "# Secure htaccess file" . PHP_EOL;
    $htc .= "<Files .htaccess>" . PHP_EOL;
    $htc .= "order allow,deny" . PHP_EOL;
    $htc .= "deny from all" . PHP_EOL;
    $htc .= "</Files>" . PHP_EOL . PHP_EOL;
    $htc .= "# Protect config.php" . PHP_EOL;
    $htc .= "<Files config.php>" . PHP_EOL;
if (isset($_GET['action']) && $_GET['action'] == "delete" && isset($_GET['cat_id']) && isnum($_GET['cat_id'])) {
    $result = dbquery("select * from " . DB_PHOTO_ALBUMS . " where album_id='" . intval($_GET['cat_id']) . "'");
    if (dbrows($result) > 0) {
        // album verified
        $albumData = dbarray($result);
        // photo existed
        if (dbcount("('photo_id')", DB_PHOTOS, "album_id = '" . intval($_GET['cat_id']) . "'")) {
            $list = get_albumOpts();
            $albumArray[0] = $locale['album_0028'];
            foreach ($list as $album_id => $album_title) {
                $albumArray[$album_id] = sprintf($locale['album_0029'], $album_title);
            }
            // unset own album
            unset($albumArray[$_GET['cat_id']]);
            if (isset($_POST['confirm_delete'])) {
                $targetAlbum = form_sanitizer($_POST['target_album'], '0', 'target_album');
                // Purge or move photos
                $photosResult = dbquery("SELECT * FROM " . DB_PHOTOS . " WHERE album_id = '" . intval($_GET['cat_id']) . "'");
                if (dbrows($photosResult) > 0) {
                    if ($targetAlbum > 0) {
                        // move picture to $move_album
                        $target_max_order = dbresult(dbquery("SELECT MAX(photo_order) FROM " . DB_PHOTOS . " WHERE album_id='" . intval($targetAlbum) . "'"), 0) + 1;
                        while ($photo_data = dbarray($result)) {
                            $photo_data['photo_order'] = $target_max_order;
                            dbquery("UPDATE " . DB_PHOTO_ALBUMS . " SET album_id='" . intval($targetAlbum) . "' WHERE photo_id='" . $photo_data['photo_id'] . "'");
                            $target_max_order++;
                        }
                        addNotice("success", sprintf($locale['album_0031'], $albumArray[$targetAlbum]));
                    } else {
                        // delete all
                        $photoRows = 0;
Exemple #27
0
 if (!$result) {
     $error = 1;
 }
 $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['deactivation_response']) ? $_POST['deactivation_response'] : "14") . "' WHERE settings_name='deactivation_response'");
 if (!$result) {
     $error = 1;
 }
 $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['deactivation_action']) ? $_POST['deactivation_action'] : "0") . "' WHERE settings_name='deactivation_action'");
 if (!$result) {
     $error = 1;
 }
 $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['hide_userprofiles']) ? $_POST['hide_userprofiles'] : "0") . "' WHERE settings_name='hide_userprofiles'");
 if (!$result) {
     $error = 1;
 }
 $avatar_filesize = form_sanitizer($_POST['calc_b'], '15', 'calc_b') * form_sanitizer($_POST['calc_c'], '100000', 'calc_c');
 $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='{$avatar_filesize}' WHERE settings_name='avatar_filesize'");
 if (!$result) {
     $error = 1;
 }
 $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['avatar_width']) ? $_POST['avatar_width'] : "100") . "' WHERE settings_name='avatar_width'");
 if (!$result) {
     $error = 1;
 }
 $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['avatar_height']) ? $_POST['avatar_height'] : "100") . "' WHERE settings_name='avatar_height'");
 if (!$result) {
     $error = 1;
 }
 $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['avatar_ratio']) ? $_POST['avatar_ratio'] : "0") . "' WHERE settings_name='avatar_ratio'");
 if (!$result) {
     $error = 1;
Exemple #28
0
    }
    if ($message) {
        echo "<div id='close-message'><div class='admin-message alert alert-info m-t-10'>" . $message . "</div></div>\n";
    }
}
if (isset($_GET['action']) && $_GET['action'] == "delete" && (isset($_GET['cat_id']) && isnum($_GET['cat_id']))) {
    $result = dbcount("(weblink_cat)", DB_WEBLINKS, "weblink_cat='" . $_GET['cat_id'] . "'");
    if (!empty($result)) {
        redirect(FUSION_SELF . $aidlink . "&status=deln");
    } else {
        $result = dbquery("DELETE FROM " . DB_WEBLINK_CATS . " WHERE weblink_cat_id='" . $_GET['cat_id'] . "'");
        redirect(FUSION_SELF . $aidlink . "&status=dely");
    }
} else {
    if (isset($_POST['save_cat'])) {
        $cat_name = form_sanitizer($_POST['cat_name'], '', 'cat_name');
        // stripinput($_POST['cat_name']);
        $cat_description = stripinput($_POST['cat_description']);
        $cat_language = stripinput($_POST['cat_language']);
        $cat_access = isnum($_POST['cat_access']) ? $_POST['cat_access'] : "0";
        if (isnum($_POST['cat_sort_by']) && $_POST['cat_sort_by'] == "1") {
            $cat_sorting = "weblink_id " . ($_POST['cat_sort_order'] == "ASC" ? "ASC" : "DESC");
        } else {
            if (isnum($_POST['cat_sort_by']) && $_POST['cat_sort_by'] == "2") {
                $cat_sorting = "weblink_name " . ($_POST['cat_sort_order'] == "ASC" ? "ASC" : "DESC");
            } else {
                if (isnum($_POST['cat_sort_by']) && $_POST['cat_sort_by'] == "3") {
                    $cat_sorting = "weblink_datestamp " . ($_POST['cat_sort_order'] == "ASC" ? "ASC" : "DESC");
                } else {
                    $cat_sorting = "weblink_name ASC";
                }
Exemple #29
0
 public function viewSettingsAdmin()
 {
     global $aidlink;
     pageAccess('F');
     $forum_settings = $this->get_forum_settings();
     add_breadcrumb(array('link' => ADMIN . 'settings_forum.php' . $aidlink, 'title' => self::$locale['forum_settings']));
     if (isset($_POST['recount_user_post'])) {
         $result = dbquery("SELECT post_author, COUNT(post_id) as num_posts FROM " . DB_FORUM_POSTS . " GROUP BY post_author");
         if (dbrows($result)) {
             while ($data = dbarray($result)) {
                 $result2 = dbquery("UPDATE " . DB_USERS . " SET user_posts='" . $data['num_posts'] . "' WHERE user_id='" . $data['post_author'] . "'");
             }
             addNotice('success', self::$locale['forum_061']);
         }
     }
     if (isset($_POST['savesettings'])) {
         $numofthreads = form_sanitizer($_POST['numofthreads'], 20, 'numofthreads');
         $threads_num = form_sanitizer($_POST['threads_per_page'], 20, 'threads_per_page');
         $posts_num = form_sanitizer($_POST['posts_per_page'], 20, 'posts_per_page');
         $forum_ips = form_sanitizer($_POST['forum_ips'], -103, 'forum_ips');
         $attachmax = form_sanitizer($_POST['calc_b'], 1, 'calc_b') * form_sanitizer($_POST['calc_c'], 1000000, 'calc_c');
         $attachmax_count = form_sanitizer($_POST['forum_attachmax_count'], 5, 'forum_attachmax_count');
         $attachtypes = form_sanitizer($_POST['forum_attachtypes'], '.pdf,.gif,.jpg,.png,.zip,.rar,.tar,.bz2,.7z', 'forum_attachtypes');
         $thread_notify = form_sanitizer($_POST['thread_notify'], '0', 'thread_notify');
         $forum_ranks = form_sanitizer($_POST['forum_ranks'], '0', 'forum_ranks');
         $forum_rank_style = form_sanitizer($_POST['forum_rank_style'], '0', 'forum_rank_style');
         $forum_edit_lock = form_sanitizer($_POST['forum_edit_lock'], '0', 'forum_edit_lock');
         $forum_edit_timelimit = form_sanitizer($_POST['forum_edit_timelimit'], '0', 'forum_edit_timelimit');
         $popular_threads_timeframe = form_sanitizer($_POST['popular_threads_timeframe'], '604800', 'popular_threads_timeframe');
         $forum_last_posts_reply = form_sanitizer($_POST['forum_last_posts_reply'], '0', 'forum_last_posts_reply');
         $forum_last_post_avatar = form_sanitizer($_POST['forum_last_post_avatar'], '0', 'forum_last_post_avatar');
         $forum_editpost_to_lastpost = form_sanitizer($_POST['forum_editpost_to_lastpost'], '0', 'forum_editpost_to_lastpost');
         if (\defender::safe()) {
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$numofthreads}' WHERE settings_name='numofthreads' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$threads_num}' WHERE settings_name='threads_per_page' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$posts_num}' WHERE settings_name='posts_per_page'  AND settings_inf='forum'");
             //".(isnum($_POST['forum_ips']) ? $_POST['forum_ips'] : "103")."
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_ips}' WHERE settings_name='forum_ips' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$attachmax}' WHERE settings_name='forum_attachmax' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$attachmax_count}' WHERE settings_name='forum_attachmax_count' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$attachtypes}' WHERE settings_name='forum_attachtypes' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$thread_notify}' WHERE settings_name='thread_notify' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_ranks}' WHERE settings_name='forum_ranks' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_rank_style}' WHERE settings_name='forum_rank_style' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_edit_lock}' WHERE settings_name='forum_edit_lock' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_edit_timelimit}' WHERE settings_name='forum_edit_timelimit' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$popular_threads_timeframe}' WHERE settings_name='popular_threads_timeframe' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_last_posts_reply}' WHERE settings_name='forum_last_posts_reply' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_last_post_avatar}' WHERE settings_name='forum_last_post_avatar' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_editpost_to_lastpost}' WHERE settings_name='forum_editpost_to_lastpost' AND settings_inf='forum'");
             addNotice('success', self::$locale['900']);
             redirect(FUSION_SELF . $aidlink . '&section=fs');
         }
     }
     $yes_no_array = array('1' => self::$locale['yes'], '0' => self::$locale['no']);
     echo "<div class='well'>" . self::$locale['forum_description'] . "</div>";
     echo openform('forum_settings_form', 'post', FUSION_REQUEST, array('class' => 'm-t-20'));
     echo "<div class='row'>\n";
     echo "<div class='col-xs-12 col-sm-8'>\n";
     openside('');
     echo "<span class='small pull-right'>* " . self::$locale['506'] . "</span><br/>\n";
     echo form_text('numofthreads', self::$locale['505'], $forum_settings['numofthreads'], array('error_text' => self::$locale['error_value'], 'inline' => 1, 'width' => '150px', 'type' => 'number'));
     closeside();
     openside('');
     echo form_text('threads_per_page', self::$locale['forum_080'], $forum_settings['threads_per_page'], array('error_text' => self::$locale['error_value'], 'inline' => 1, 'width' => '150px', 'type' => 'number'));
     echo form_text('posts_per_page', self::$locale['forum_081'], $forum_settings['posts_per_page'], array('error_text' => self::$locale['error_value'], 'inline' => 1, 'width' => '150px', 'type' => 'number'));
     closeside();
     openside('');
     echo form_select('thread_notify', self::$locale['512'], $forum_settings['thread_notify'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
     closeside();
     openside('');
     echo "<span class='pull-right position-absolute small' style='right:30px;'>" . self::$locale['537'] . "</span>\n";
     echo form_select('forum_edit_timelimit', self::$locale['536'], $forum_settings['forum_edit_timelimit'], array('options' => array('0', '10', '30', '45', '60'), 'max_length' => 2, 'width' => '100px', 'required' => 1, 'error_text' => self::$locale['error_value'], 'inline' => 1));
     echo form_select('forum_ips', self::$locale['507'], $forum_settings['forum_ips'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
     echo form_select('forum_ranks', self::$locale['520'], $forum_settings['forum_ranks'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
     echo form_select('forum_rank_style', self::$locale['forum_064'], $forum_settings['forum_rank_style'], array('options' => array(self::$locale['forum_063'], self::$locale['forum_062']), 'error_text' => self::$locale['error_value'], 'inline' => 1));
     echo form_select('forum_last_post_avatar', self::$locale['539'], $forum_settings['forum_last_post_avatar'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
     echo form_select('forum_edit_lock', self::$locale['521'], $forum_settings['forum_edit_lock'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
     echo form_select('forum_editpost_to_lastpost', self::$locale['538'], $forum_settings['forum_editpost_to_lastpost'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
     closeside();
     echo "</div>\n";
     echo "<div class='col-xs-12 col-sm-4'>\n";
     openside('');
     $calc_opts = array(1 => 'Bytes (bytes)', 1000 => 'KB (Kilobytes)', 1000000 => 'MB (Megabytes)');
     $calc_c = self::calculate_byte($forum_settings['forum_attachmax']);
     $calc_b = $forum_settings['forum_attachmax'] / $calc_c;
     require_once INCLUDES . "mimetypes_include.php";
     $mime = mimeTypes();
     $mime_opts = array();
     foreach ($mime as $m => $Mime) {
         $ext = ".{$m}";
         $mime_opts[$ext] = $ext;
     }
     sort($mime_opts);
     echo "<div class='clearfix'>\n";
     echo "<span class='pull-right small'>" . self::$locale['509'] . "</span>";
     echo "<label for='calc_c'>" . self::$locale['508'] . "</label><br />\n";
     echo form_text('calc_b', '', $calc_b, array('required' => 1, 'number' => 1, 'error_text' => self::$locale['error_rate'], 'width' => '100px', 'max_length' => '3', 'class' => 'm-r-10 pull-left'));
     echo form_select('calc_c', '', $calc_c, array('options' => $calc_opts, 'placeholder' => self::$locale['choose'], 'class' => 'pull-left', 'width' => '100%'));
     echo "</div>\n";
     echo "<div class='clearfix'>\n";
     echo "<span class='small pull-right'>" . self::$locale['535'] . "</span>\n";
     echo "<label for='attachmax_count'>" . self::$locale['534'] . "</label>\n";
     echo form_select('forum_attachmax_count', '', $forum_settings['forum_attachmax_count'], array('options' => range(1, 10), 'error_text' => self::$locale['error_value'], 'width' => '100%'));
     echo "</div>\n";
     echo "<div class='clearfix'>\n";
     echo "<span class='small pull-right'>" . self::$locale['511'] . "</span>\n";
     echo form_select('forum_attachtypes', self::$locale['510'], $forum_settings['forum_attachtypes'], array('options' => $mime_opts, 'width' => '100%', 'error_text' => self::$locale['error_type'], 'tags' => 1, 'multiple' => 1, 'placeholder' => self::$locale['choose']));
     echo "</div>\n";
     closeside();
     openside('');
     $timeframe_opts = array('604800' => self::$locale['527'], '2419200' => self::$locale['528'], '31557600' => self::$locale['529'], '0' => self::$locale['530']);
     $lastpost_opts = array('0' => self::$locale['519'], '1' => self::$locale['533']);
     for ($i = 2; $i <= 20; $i++) {
         $array_opts[$i] = sprintf(self::$locale['532'], $i);
     }
     if (isset($_GET['action']) && $_GET['action'] == "count_posts") {
         echo alert(self::$locale['524'], '', array('class' => 'warning'));
     }
     echo "<div class='clearfix'>\n";
     echo form_select('popular_threads_timeframe', self::$locale['525'], $forum_settings['popular_threads_timeframe'], array('options' => $timeframe_opts, 'error_text' => self::$locale['error_value'], 'width' => '100%'));
     echo "</div>\n";
     echo "<div class='clearfix'>\n";
     echo form_select('forum_last_posts_reply', self::$locale['531'], $forum_settings['forum_last_posts_reply'], array('options' => $lastpost_opts, 'error_text' => self::$locale['error_value'], 'width' => '100%'));
     echo "</div>\n";
     echo form_button('recount_user_post', self::$locale['523'], '1', array('class' => 'btn-primary btn-block'));
     closeside();
     echo "</div>\n";
     echo "</div>\n";
     echo form_button('savesettings', self::$locale['750'], self::$locale['750'], array('class' => 'btn-success'));
     echo closeform();
 }
Exemple #30
0
    } else {
        redirect(FUSION_SELF . $aidlink);
    }
}
if (isset($_POST['preview'])) {
    $blog_blog = "";
    if ($_POST['blog_blog']) {
        $blog_blog = str_replace("src='" . str_replace("../", "", IMAGES_B), "src='" . IMAGES_B, stripslashes($_POST['blog_blog']));
        $blog_blog = parse_textarea($blog_blog);
    }
    $blog_extended = "";
    if ($_POST['blog_extended']) {
        $blog_extended = str_replace("src='" . str_replace("../", "", IMAGES_B), "src='" . IMAGES_B, stripslashes($_POST['blog_extended']));
        $blog_extended = parse_textarea($blog_extended);
    }
    $data = array("blog_id" => form_sanitizer($_POST['blog_id'], 0, "blog_id"), "blog_subject" => form_sanitizer($_POST['blog_subject'], '', 'blog_subject'), "blog_cat" => isset($_POST['blog_cat']) && isnum($_POST['blog_cat']) ? $_POST['blog_cat'] : 0, "blog_language" => form_sanitizer($_POST['blog_language'], '', 'blog_language'), "blog_blog" => form_sanitizer($blog_blog, "", "blog_blog"), "blog_extended" => form_sanitizer($blog_extended, "", "blog_extended"), "blog_keywords" => form_sanitizer($_POST['blog_keywords'], '', 'blog_keywords'), "blog_start" => isset($_POST['blog_start']) && $_POST['blog_start'] ? $_POST['blog_start'] : '', "blog_end" => isset($_POST['blog_end']) && $_POST['blog_end'] ? $_POST['blog_end'] : '', "blog_image" => isset($_POST['blog_image']) ? $_POST['blog_image'] : '', "blog_image_t1" => isset($_POST['blog_image_t1']) ? $_POST['blog_image_t1'] : "", "blog_image_t2" => isset($_POST['blog_image_t2']) ? $_POST['blog_image_t2'] : "", "blog_ialign" => isset($_POST['blog_ialign']) ? $_POST['blog_ialign'] : "pull-left", "blog_visibility" => isnum($_POST['blog_visibility']) ? $_POST['blog_visibility'] : "0", "blog_draft" => isset($_POST['blog_draft']) ? TRUE : FALSE, "blog_sticky" => isset($_POST['blog_sticky']) ? TRUE : FALSE, "blog_breaks" => isset($_POST['line_breaks']) ? TRUE : FALSE, "blog_allow_comments" => isset($_POST['blog_allow_comments']) ? TRUE : FALSE, "blog_allow_ratings" => isset($_POST['blog_allow_ratings']) ? TRUE : FALSE, "blog_datestamp" => isset($_POST['blog_datestamp']) ? $_POST['blog_datestamp'] : "");
    $data['blog_breaks'] = "";
    if (isset($_POST['line_breaks'])) {
        $data['blog_breaks'] = TRUE;
        $data['blog_blog'] = nl2br(parse_textarea($data['blog_blog']));
        if ($data['blog_extended']) {
            $data['blog_extended'] = nl2br(parse_textarea($data['blog_extended']));
        }
    }
    if (defender::safe()) {
        echo openmodal('blog_preview', $locale['blog_0141']);
        echo "<h4>" . $data['blog_subject'] . "</h4>\n";
        echo "<p class='text-bigger'>" . parse_textarea($data['blog_blog']) . "</p>\n";
        if (isset($data['blog_extended'])) {
            echo parse_textarea($data['blog_extended']);
        }