protected function post_forum_ranks()
{
global $aidlink;
if (isset($_POST['save_rank'])) {
$this->data = array('rank_id' => isset($_GET['rank_id']) && isnum($_GET['rank_id']) ? intval($_GET['rank_id']) : 0, 'rank_title' => form_sanitizer($_POST['rank_title'], '', 'rank_title'), 'rank_image' => form_sanitizer($_POST['rank_image'], "", "rank_image"), 'rank_language' => form_sanitizer($_POST['rank_language'], "", "rank_language"), 'rank_posts' => isset($_POST['rank_posts']) && isnum($_POST['rank_posts']) ? $_POST['rank_posts'] : 0, 'rank_type' => isset($_POST['rank_type']) && isnum($_POST['rank_type']) ? $_POST['rank_type'] : 0, 'rank_apply_normal' => isset($_POST['rank_apply_normal']) && isnum($_POST['rank_apply_normal']) ? $_POST['rank_apply_normal'] : USER_LEVEL_MEMBER, 'rank_apply_special' => isset($_POST['rank_apply_special']) && isnum($_POST['rank_apply_special']) ? $_POST['rank_apply_special'] : 1);
$this->data += array('rank_apply' => $this->data['rank_type'] == 2 ? $this->data['rank_apply_special'] : $this->data['rank_apply_normal']);
if (\defender::safe()) {
if (!empty($this->data['rank_id']) && !$this->check_duplicate_ranks()) {
/**
* Update
*/
dbquery_insert(DB_FORUM_RANKS, $this->data, "update");
addNotice('info', self::$locale['411']);
redirect(FUSION_SELF . $aidlink . '§ion=fr');
} elseif (!$this->check_duplicate_ranks()) {
/**
* Save New
*/
dbquery_insert(DB_FORUM_RANKS, $this->data, "save");
addNotice('info', self::$locale['410']);
redirect(FUSION_SELF . $aidlink . '§ion=fr');
}
}
}
if (isset($_GET['delete']) && isnum($_GET['delete'])) {
$result = dbquery("DELETE FROM " . DB_FORUM_RANKS . " WHERE rank_id='" . $_GET['delete'] . "'");
if ($result) {
addNotice("success", self::$locale['412']);
redirect(FUSION_SELF . $aidlink . '§ion=fr');
}
}
}
protected function post_tags()
{
global $aidlink;
if (isset($_POST['save_tag'])) {
$this->data = array('tag_id' => isset($_GET['tag_id']) && isnum($_GET['tag_id']) ? intval($_GET['tag_id']) : 0, 'tag_title' => form_sanitizer($_POST['tag_title'], '', 'tag_title'), 'tag_language' => form_sanitizer($_POST['tag_language'], '', 'tag_language'), 'tag_color' => form_sanitizer($_POST['tag_color'], '', 'tag_color'), 'tag_description' => form_sanitizer($_POST['tag_description'], '', 'tag_description'), 'tag_status' => isset($_POST['tag_status']) && isnum($_POST['tag_status']) ? intval($_POST['tag_status']) : 0);
if (\defender::safe()) {
if (!empty($this->data['tag_id'])) {
/**
* Update
*/
dbquery_insert(DB_FORUM_TAGS, $this->data, "update");
addNotice('success', self::$locale['forum_tag_0105']);
redirect(FUSION_SELF . $aidlink . '§ion=ft');
} else {
/**
* Save New
*/
dbquery_insert(DB_FORUM_TAGS, $this->data, "save");
addNotice('success', self::$locale['forum_tag_0106']);
redirect(FUSION_SELF . $aidlink . '§ion=ft');
}
}
}
if (isset($_GET['delete']) && isnum($_GET['delete'])) {
$result = dbquery("DELETE FROM " . DB_FORUM_TAGS . " WHERE tag_id='" . $_GET['delete'] . "'");
if ($result) {
addNotice("success", self::$locale['forum_tag_0107']);
redirect(FUSION_SELF . $aidlink . '§ion=ft');
}
}
}
/**
* Serialization of choices
* @param $input
* @return $string
*/
function composeSelection($input)
{
$inputArray = "";
if ($input !== "") {
$inputArray['selected'] = $input;
foreach (fusion_get_enabled_languages() as $lang) {
$inputArray['options'][$lang] = isset($_POST[$input . '-' . $lang]) ? form_sanitizer($_POST[$input . '-' . $lang], 0, $input . '-' . $lang) : "";
}
return serialize($inputArray);
}
return $inputArray;
}
/**
* Post execution of forum mood
*/
protected function post_Mood()
{
$locale = fusion_get_locale('', FORUM_ADMIN_LOCALE);
if (isset($_POST['cancel_mood'])) {
redirect(clean_request('', array('mood_id', 'ref'), FALSE));
}
if (isset($_POST['save_mood'])) {
$this->data = array("mood_id" => form_sanitizer($_POST['mood_id'], 0, 'mood_id'), "mood_name" => form_sanitizer($_POST['mood_name'], '', 'mood_name', TRUE), "mood_description" => form_sanitizer($_POST['mood_description'], '', 'mood_description', TRUE), "mood_icon" => form_sanitizer($_POST['mood_icon'], '', 'mood_icon'), "mood_status" => form_sanitizer($_POST['mood_status'], '', 'mood_status'), "mood_notify" => form_sanitizer($_POST['mood_notify'], '', 'mood_notify'), "mood_access" => form_sanitizer($_POST['mood_access'], '', 'mood_access'));
if (\defender::safe()) {
if (!empty($this->data['mood_id'])) {
dbquery_insert(DB_FORUM_MOODS, $this->data, 'update');
addNotice('success', $locale['forum_notice_16']);
} else {
dbquery_insert(DB_FORUM_MOODS, $this->data, 'save');
addNotice('success', $locale['forum_notice_15']);
}
redirect(clean_request('', array('mood_id', 'ref'), FALSE));
}
}
}
public function post_mood()
{
$response = FALSE;
// this is general single static output
if (isset($_POST['post_mood']) && isnum($_POST['post_mood'])) {
// if is a valid mood
// insert into post notify
$notify_data = array('post_id' => form_sanitizer($_POST['post_id'], 0, 'post_id'), 'notify_mood_id' => intval($_POST['post_mood']), 'notify_datestamp' => time(), 'notify_user' => form_sanitizer($_POST['post_author'], 0, 'post_author'), 'notify_sender' => fusion_get_userdata('user_id'), 'notify_status' => 1);
if (\defender::safe() && dbcount('(mood_id)', DB_FORUM_MOODS, "mood_id='" . $notify_data['notify_mood_id'] . "'") && !$this->mood_exists($notify_data['notify_sender'], $notify_data['notify_mood_id'], $notify_data['post_id'])) {
dbquery_insert(DB_POST_NOTIFY, $notify_data, 'save');
$response = TRUE;
}
} elseif (isset($_POST['unpost_mood']) && isnum($_POST['unpost_mood'])) {
// if is a valid mood
// insert into post notify
$notify_data = array('post_id' => form_sanitizer($_POST['post_id'], 0, 'post_id'), 'notify_mood_id' => intval($_POST['unpost_mood']), 'notify_user' => form_sanitizer($_POST['post_author'], 0, 'post_author'), 'notify_sender' => fusion_get_userdata('user_id'));
if (\defender::safe() && dbcount('(mood_id)', DB_FORUM_MOODS, "mood_id='" . $notify_data['notify_mood_id'] . "'") && $this->mood_exists($notify_data['notify_sender'], $notify_data['notify_mood_id'], $notify_data['post_id'])) {
dbquery("DELETE FROM " . DB_POST_NOTIFY . " WHERE post_id=" . $notify_data['post_id'] . "\n AND notify_mood_id=" . $notify_data['notify_mood_id'] . "\n AND notify_user="******"\n AND notify_sender=" . $notify_data['notify_sender']);
$response = TRUE;
}
}
return (bool) $response;
}
if (!empty($result)) {
addNotice("danger", $locale['blog_0522'] . "-<span class='small'>" . $locale['blog_0523'] . "</span>");
redirect(FUSION_SELF . $aidlink);
} else {
$result = dbquery("DELETE FROM " . DB_BLOG_CATS . " WHERE blog_cat_id='" . intval($_GET['cat_id']) . "'");
addNotice("success", $locale['blog_0524b']);
redirect(FUSION_SELF . $aidlink);
}
redirect(clean_request("", array("action"), FALSE));
}
$data = array("blog_cat_id" => 0, "blog_cat_name" => "", "blog_cat_hidden" => array(), "blog_cat_parent" => 0, "blog_cat_image" => "", "blog_cat_language" => LANGUAGE);
$formAction = FUSION_REQUEST;
$formTitle = $locale['blog_0409'];
// if edit, override $data
if (isset($_POST['save_cat'])) {
$inputArray = array("blog_cat_id" => form_sanitizer($_POST['blog_cat_id'], "", "blog_cat_id"), "blog_cat_name" => form_sanitizer($_POST['blog_cat_name'], "", "blog_cat_name"), "blog_cat_parent" => form_sanitizer($_POST['blog_cat_parent'], 0, "blog_cat_parent"), "blog_cat_image" => form_sanitizer($_POST['blog_cat_image'], "", "blog_cat_image"), "blog_cat_language" => form_sanitizer($_POST['blog_cat_language'], LANGUAGE, "blog_cat_language"));
$categoryNameCheck = array("when_updating" => "blog_cat_name='" . $inputArray['blog_cat_name'] . "' and blog_cat_id !='" . $inputArray['blog_cat_id'] . "' " . (multilang_table("BL") ? "and blog_cat_language = '" . LANGUAGE . "'" : ""), "when_saving" => "blog_cat_name='" . $inputArray['blog_cat_name'] . "' " . (multilang_table("BL") ? "and blog_cat_language = '" . LANGUAGE . "'" : ""));
if (defender::safe()) {
// check category name is unique when updating
if (dbcount("(blog_cat_id)", DB_BLOG_CATS, "blog_cat_id='" . $inputArray['blog_cat_id'] . "'")) {
if (!dbcount("(blog_cat_id)", DB_BLOG_CATS, $categoryNameCheck['when_updating'])) {
dbquery_insert(DB_BLOG_CATS, $inputArray, "update");
addNotice("success", $locale['blog_0521']);
// FUSION_REQUEST without the "action" gets
redirect(clean_request("", array("action"), FALSE));
} else {
addNotice('danger', $locale['blog_0561']);
}
} else {
// check category name is unique when saving new
if (!dbcount("(blog_cat_id)", DB_BLOG_CATS, $categoryNameCheck['when_saving'])) {
$data = dbarray($result);
$submit_criteria = unserialize($data['submit_criteria']);
$callback_data = array("article_subject" => $submit_criteria['article_subject'], "article_cat" => $submit_criteria['article_cat'], "article_keywords" => $submit_criteria['article_keywords'], "article_visibility" => 0, "article_language" => $submit_criteria['article_language'], "article_snippet" => parse_textarea($submit_criteria['article_snippet']), "article_article" => parse_textarea($submit_criteria['article_article']), "article_breaks" => !fusion_get_settings("tinyce_enabled") ? TRUE : FALSE, "article_draft" => FALSE, "article_datestamp" => $data['submit_datestamp']);
add_to_title($locale['global_200'] . $locale['global_201'] . $callback_data['article_subject'] . "?");
if (isset($_POST['preview'])) {
$article_snippet = "";
if ($_POST['article_snippet']) {
$article_snippet = parse_textarea($_POST['article_snippet']);
$article_snippet = str_replace("src='" . str_replace("../", "", IMAGES_A), "src='" . IMAGES_A, $article_snippet);
}
$article_article = "";
if ($_POST['article_article']) {
$article_article = parse_textarea($_POST['article_article']);
$article_article = str_replace("src='" . str_replace("../", "", IMAGES_A), "src='" . IMAGES_A, $article_article);
}
$callback_data = array("article_subject" => form_sanitizer($_POST['article_subject'], '', 'article_subject'), "article_cat" => isnum($_POST['article_cat']) ? $_POST['article_cat'] : 0, "article_language" => form_sanitizer($_POST['article_language'], '', 'article_language'), "article_snippet" => form_sanitizer($article_snippet, "", "article_snippet"), "article_article" => form_sanitizer($article_article, "", "article_article"), "article_keywords" => form_sanitizer($_POST['article_keywords'], '', 'article_keywords'), "article_visibility" => isnum($_POST['article_visibility']) ? $_POST['article_visibility'] : "0", "article_draft" => isset($_POST['article_draft']) ? TRUE : FALSE, "article_datestamp" => $callback_data['article_datestamp']);
$callback_data['article_breaks'] = "";
$callback_data['article_snippet'] = parse_textarea($callback_data['article_snippet']);
$callback_data['article_article'] = parse_textarea($callback_data['article_article']);
if (isset($_POST['article_breaks'])) {
$callback_data['article_breaks'] = TRUE;
$callback_data['article_snippet'] = nl2br($callback_data['article_snippet']);
if ($callback_data['article_article']) {
$callback_data['article_article'] = nl2br($callback_data['article_article']);
}
}
if (defender::safe()) {
echo openmodal('article_preview', $locale['articles_0240']);
echo "<h3>" . $callback_data['article_snippet'] . "</h3>\n";
echo $callback_data['article_snippet'];
echo "<hr/>\n";
/**
* @param $comment_type - abbr or short ID
* @param $comment_db - Current Application DB - DB_BLOG for example.
* @param $comment_col - current sql primary key column - 'blog_id' for example
* @param $comment_item_id - current sql primary key value '$_GET['blog_id']' for example
* @param $clink - current page link 'FUSION_SELF' is ok.
*/
function showcomments($comment_type, $comment_db, $comment_col, $comment_item_id, $clink)
{
global $settings, $locale, $userdata, $aidlink;
$link = FUSION_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : "");
$link = preg_replace("^(&|\\?)c_action=(edit|delete)&comment_id=\\d*^", "", $link);
$_GET['comment'] = isset($_GET['comment']) && isnum($_GET['comment']) ? $_GET['comment'] : 0;
$cpp = $settings['comments_per_page'];
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) {
$result = dbquery("DELETE FROM " . DB_COMMENTS . "\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : "\n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "'"));
}
redirect($clink . ($settings['comments_sorting'] == "ASC" ? "" : "&c_start=0"));
}
if ($settings['comments_enabled'] == "1") {
if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
if (!iMEMBER && $settings['guestpost'] == 1) {
if (!isset($_POST['comment_name'])) {
redirect($link);
}
if (isnum($_POST['comment_name'])) {
$_POST['comment_name'] = '';
}
$_CAPTCHA_IS_VALID = FALSE;
include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_check.php";
if (!isset($_POST['captcha_code']) || $_CAPTCHA_IS_VALID == FALSE) {
redirect($link);
}
}
$comment_data = array('comment_id' => isset($_GET['comment_id']) && isnum($_GET['comment_id']) ? $_GET['comment_id'] : 0, 'comment_name' => iMEMBER ? $userdata['user_id'] : form_sanitizer($_POST['comment_name'], '', 'comment_name'), 'comment_message' => form_sanitizer($_POST['comment_message'], '', 'comment_message'), 'comment_datestamp' => time(), 'comment_item_id' => $comment_item_id, 'comment_type' => $comment_type, 'comment_cat' => 0, 'comment_ip' => USER_IP, 'comment_ip_type' => USER_IP_TYPE, 'comment_hidden' => 0);
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && $comment_data['comment_id']) {
$comment_updated = FALSE;
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $comment_data['comment_id'] . "' \n\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tAND comment_type='" . $comment_type . "' \n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "' \n\t\t\t\tAND comment_hidden='0'")) {
dbquery_insert(DB_COMMENTS, $comment_data, 'update');
if ($comment_data['comment_message']) {
$result = dbquery("UPDATE " . DB_COMMENTS . " SET comment_message='" . $comment_data['comment_message'] . "'\n \t\t\t\t\t\t\t\t\t WHERE comment_id='" . $_GET['comment_id'] . "' " . (iADMIN ? "" : "AND comment_name='" . $userdata['user_id'] . "'"));
if ($result) {
$comment_updated = TRUE;
}
}
}
if ($comment_updated) {
if ($settings['comments_sorting'] == "ASC") {
$c_operator = "<=";
} else {
$c_operator = ">=";
}
$c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_id" . $c_operator . "'" . $comment_data['comment_id'] . "'\n\t\t\t\t\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\n\t\t\t\t\t\t\t\tAND comment_type='" . $comment_type . "'");
$c_start = (ceil($c_count / $cpp) - 1) * $cpp;
}
redirect($clink . "&c_start=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
} else {
if (!dbcount("(" . $comment_col . ")", $comment_db, $comment_col . "='" . $comment_item_id . "'")) {
redirect(BASEDIR . "index.php");
}
$id = 0;
if ($comment_data['comment_name'] && $comment_data['comment_message']) {
require_once INCLUDES . "flood_include.php";
if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
dbquery_insert(DB_COMMENTS, $comment_data, 'save');
$id = dblastid();
}
}
if ($settings['comments_sorting'] == "ASC") {
$c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "'");
$c_start = (ceil($c_count / $cpp) - 1) * $cpp;
} else {
$c_start = 0;
}
//if (!$settings['site_seo']) {
redirect($clink . "&c_start=" . $c_start . "#c" . $id);
//}
}
}
$c_arr = array("c_con" => array(), "c_info" => array("c_makepagenav" => FALSE, "admin_link" => FALSE));
$c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'");
if (!isset($_GET['c_start']) && $c_rows > $cpp) {
$_GET['c_start'] = (ceil($c_rows / $cpp) - 1) * $cpp;
}
if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
$_GET['c_start'] = 0;
}
$result = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcm.comment_datestamp,\n\t\t\t\t\ttcu.user_id, tcu.user_name, tcu.user_avatar, tcu.user_status\n\t\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\t\tWHERE comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'\n\t\t\t\t\tORDER BY comment_datestamp " . $settings['comments_sorting'] . " LIMIT " . $_GET['c_start'] . "," . $cpp);
if (dbrows($result) > 0) {
$i = $settings['comments_sorting'] == "ASC" ? $_GET['c_start'] + 1 : $c_rows - $_GET['c_start'];
if ($c_rows > $cpp) {
$c_arr['c_info']['c_makepagenav'] = makepagenav($_GET['c_start'], $cpp, $c_rows, 3, $clink . "&", "c_start");
}
while ($data = dbarray($result)) {
$c_arr['c_con'][$i]['comment_id'] = $data['comment_id'];
$c_arr['c_con'][$i]['edit_dell'] = FALSE;
$c_arr['c_con'][$i]['i'] = $i;
if ($data['user_name']) {
$c_arr['c_con'][$i]['comment_name'] = profile_link($data['comment_name'], $data['user_name'], $data['user_status'], 'strong text-dark');
} else {
$c_arr['c_con'][$i]['comment_name'] = $data['comment_name'];
}
$c_arr['c_con'][$i]['user_avatar'] = display_avatar($data, '35px', '', true, 'img-rounded');
$c_arr['c_con'][$i]['user'] = array('user_id' => $data['user_id'], 'user_name' => $data['user_name'], 'user_avatar' => $avatar = $data['user_avatar'] !== '' && file_exists(IMAGES . 'avatars/' . $data['user_avatar']) ? IMAGES . 'avatars/' . $data['user_avatar'] : IMAGES . "avatars/noavatar50.png", 'user_status' => $data['user_status']);
$c_arr['c_con'][$i]['comment_datestamp'] = showdate('shortdate', $data['comment_datestamp']);
$c_arr['c_con'][$i]['comment_time'] = timer($data['comment_datestamp']);
$c_arr['c_con'][$i]['comment_message'] = "<!--comment_message-->\n" . nl2br(parseubb(parsesmileys($data['comment_message'])));
if (iADMIN && checkrights("C") || iMEMBER && $data['comment_name'] == $userdata['user_id'] && isset($data['user_name'])) {
$edit_link = clean_request('c_action=edit&comment_id=' . $data['comment_id'], array('c_action', 'comment_id'), false) . "#edit_comment";
$delete_link = clean_request('c_action=delete&comment_id=' . $data['comment_id'], array('c_action', 'comment_id'), false);
$c_arr['c_con'][$i]['edit_link'] = array('link' => $edit_link, 'name' => $locale['c108']);
$c_arr['c_con'][$i]['delete_link'] = array('link' => $delete_link, 'name' => $locale['c109']);
$c_arr['c_con'][$i]['edit_dell'] = "<!--comment_actions-->\n";
$c_arr['c_con'][$i]['edit_dell'] .= "<div class='btn-group'>";
$c_arr['c_con'][$i]['edit_dell'] .= "<a class='btn btn-xs btn-default' href='" . $edit_link . "'>";
$c_arr['c_con'][$i]['edit_dell'] .= $locale['c108'] . "</a>\n";
$c_arr['c_con'][$i]['edit_dell'] .= "<a class='btn btn-xs btn-default' href='" . $delete_link . "' onclick=\"return confirm('" . $locale['c110'] . "');\">";
$c_arr['c_con'][$i]['edit_dell'] .= "<i class='fa fa-trash'></i> " . $locale['c109'] . "</a>";
$c_arr['c_con'][$i]['edit_dell'] .= "</div>\n";
}
$settings['comments_sorting'] == "ASC" ? $i++ : $i--;
}
if (iADMIN && checkrights("C")) {
$c_arr['c_info']['admin_link'] = "<!--comment_admin-->\n";
$c_arr['c_info']['admin_link'] .= "<a href='" . ADMIN . "comments.php" . $aidlink . "&ctype=" . $comment_type . "&comment_item_id=" . $comment_item_id . "'>" . $locale['c106'] . "</a>";
}
}
opentable($locale['c102']);
$comment_message = "";
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
$eresult = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcu.user_name\n\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "' AND comment_item_id='" . $comment_item_id . "'\n\t\t\t\tAND comment_type='" . $comment_type . "' AND comment_hidden='0'");
if (dbrows($eresult) > 0) {
$edata = dbarray($eresult);
if (iADMIN && checkrights("C") || iMEMBER && $edata['comment_name'] == $userdata['user_id'] && isset($edata['user_name'])) {
$clink .= "&c_action=edit&comment_id=" . $edata['comment_id'];
$comment_message = $edata['comment_message'];
}
} else {
$comment_message = "";
}
}
if (iMEMBER || $settings['guestposts'] == "1") {
require_once INCLUDES . "bbcode_include.php";
echo "<a id='edit_comment' name='edit_comment'></a>\n";
echo openform('inputform', 'post', $clink, array('class' => 'm-b-20', 'max_tokens' => 1));
if (iGUEST) {
echo form_text('comment_name', $locale['c104'], '', array('max_length' => 30));
}
echo form_textarea('comment_message', '', $comment_message, array('required' => 1, 'autosize' => 1, 'form_name' => 'inputform', 'bbcode' => 1));
if (iGUEST && (!isset($_CAPTCHA_HIDE_INPUT) || isset($_CAPTCHA_HIDE_INPUT) && !$_CAPTCHA_HIDE_INPUT)) {
$_CAPTCHA_HIDE_INPUT = FALSE;
echo "<div style='width:360px; margin:10px auto;'>";
echo $locale['global_150'] . "<br />\n";
include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_display.php";
if (!$_CAPTCHA_HIDE_INPUT) {
echo "<br />\n<label for='captcha_code'>" . $locale['global_151'] . "</label>";
echo "<br />\n<input type='text' id='captcha_code' name='captcha_code' class='textbox' autocomplete='off' style='width:100px' />\n";
}
echo "</div>\n";
}
echo form_button('post_comment', $comment_message ? $locale['c103'] : $locale['c102'], $comment_message ? $locale['c103'] : $locale['c102'], array('class' => 'btn-success m-t-10'));
echo closeform();
} else {
echo "<div class='well'>\n";
echo $locale['c105'] . "\n";
echo "</div>\n";
}
closetable();
echo "<a id='comments' name='comments'></a>";
render_comments($c_arr['c_con'], $c_arr['c_info']);
}
}
$result = dbquery("DELETE FROM " . DB_FAQ_CATS . " WHERE faq_cat_id='" . intval($_GET['cat_id']) . "'");
addNotice("success", $locale['faq_0206']);
redirect(FUSION_SELF . $aidlink);
}
}
$data = array("faq_cat_id" => 0, "faq_cat_name" => "", "faq_cat_description" => "", "faq_cat_language" => LANGUAGE);
if ($faqCat_edit) {
$result = dbquery("select * from " . DB_FAQ_CATS . " WHERE faq_cat_id='" . intval($_GET['cat_id']) . "'");
if (dbrows($result) > 0) {
$data = dbarray($result);
} else {
redirect(FUSION_SELF . $aidlink);
}
}
if (isset($_POST['save_cat'])) {
$data = array("faq_cat_id" => form_sanitizer($_POST['faq_cat_id'], 0, "faq_cat_id"), "faq_cat_name" => form_sanitizer($_POST['faq_cat_name'], "", "faq_cat_name"), "faq_cat_description" => form_sanitizer($_POST['faq_cat_description'], "", "faq_cat_description"), "faq_cat_language" => form_sanitizer($_POST['faq_cat_language'], "", "faq_cat_language"));
if (defender::safe()) {
if (dbcount("(faq_cat_id)", DB_FAQ_CATS, "faq_cat_id='" . $data['faq_cat_id'] . "'")) {
dbquery_insert(DB_FAQ_CATS, $data, "update");
addNotice("success", $locale['faq_0205']);
} else {
dbquery_insert(DB_FAQ_CATS, $data, "save");
addNotice("success", $locale['faq_0204']);
}
redirect(FUSION_SELF . $aidlink);
}
}
echo openform('faqCat_form', 'post', FUSION_REQUEST, array("class" => "m-t-20"));
echo form_hidden('faq_cat_id', "", $data['faq_cat_id']);
echo form_text('faq_cat_name', $locale['faq_0200'], $data['faq_cat_name'], array('error_text' => $locale['faq_0201'], 'required' => 1));
echo form_text('faq_cat_description', $locale['faq_0202'], $data['faq_cat_description']);
$message = $locale['402'];
} elseif ($_GET['status'] == "remall") {
$message = $locale['403'];
} elseif ($_GET['status'] == "addsel") {
$message = $locale['404'];
} elseif ($_GET['status'] == "deln") {
$message = $locale['405'] . "<br />\n<span class='small'>" . $locale['406'] . "</span>";
} elseif ($_GET['status'] == "dely") {
$message = $locale['407'];
}
if ($message) {
echo "<div id='close-message'><div class='admin-message alert alert-info m-t-10'>" . $message . "</div></div>\n";
}
}
if (isset($_POST['save_group'])) {
$group_name = form_sanitizer($_POST['group_name'], '', 'group_name');
$group_description = stripinput($_POST['group_description']);
if (!defined('FUSION_NULL')) {
if (isset($_GET['group_id']) && isnum($_GET['group_id'])) {
$result = dbquery("UPDATE " . DB_USER_GROUPS . " SET group_name='{$group_name}', group_description='{$group_description}' WHERE group_id='" . $_GET['group_id'] . "'");
redirect(FUSION_SELF . $aidlink . "&status=su");
} else {
$result = dbquery("INSERT INTO " . DB_USER_GROUPS . " (group_name, group_description) VALUES ('{$group_name}', '{$group_description}')");
redirect(FUSION_SELF . $aidlink . "&status=sn");
}
}
} elseif (isset($_POST['add_sel']) && isnum($_GET['group_id'])) {
$user_ids = "";
$check_count = 0;
if (isset($_POST['add_check_mark'])) {
if (is_array($_POST['add_check_mark']) && count($_POST['add_check_mark']) > 1) {
die("Access Denied");
}
pageAccess("W");
if (fusion_get_settings("tinymce_enabled")) {
echo "<script language='javascript' type='text/javascript'>advanced();</script>\n";
}
$result = dbcount("(weblink_cat_id)", DB_WEBLINK_CATS);
if (!empty($result)) {
$data = array("weblink_id" => 0, "weblink_name" => "", "weblink_cat" => 0, "weblink_description" => "", "weblink_visibility" => iGUEST, "weblink_url" => "", "weblink_datestamp" => time());
if (isset($_GET['action']) && $_GET['action'] == "delete" && (isset($_GET['weblink_id']) && isnum($_GET['weblink_id']))) {
$result = dbquery("DELETE FROM " . DB_WEBLINKS . " WHERE weblink_id='" . $_GET['weblink_id'] . "'");
addNotice("success", $locale['wl_0302']);
redirect(FUSION_SELF . $aidlink);
}
if (isset($_POST['save_link'])) {
$data = array("weblink_id" => form_sanitizer($_POST['weblink_id'], 0, 'weblink_id'), "weblink_cat" => form_sanitizer($_POST['weblink_cat'], 0, 'weblink_cat'), "weblink_name" => form_sanitizer($_POST['weblink_name'], '', 'weblink_name'), "weblink_description" => form_sanitizer($_POST['weblink_description'], '', 'weblink_description'), "weblink_visibility" => form_sanitizer($_POST['weblink_visibility'], '0', 'weblink_visibility'), "weblink_url" => form_sanitizer($_POST['weblink_url'], '', 'weblink_url'), "weblink_datestamp" => form_sanitizer($_POST['weblink_datestamp'], '', 'weblink_datestamp'));
if (defender::safe()) {
if (dbcount("(weblink_id)", DB_WEBLINKS, "weblink_id='" . intval($data['weblink_id']) . "'")) {
$data['weblink_datestamp'] = isset($_POST['update_datestamp']) ? time() : $data['weblink_datestamp'];
dbquery_insert(DB_WEBLINKS, $data, "update");
addNotice("success", $locale['wl_0301']);
redirect(FUSION_SELF . $aidlink);
} else {
dbquery_insert(DB_WEBLINKS, $data, "save");
addNotice("success", $locale['wl_0300']);
redirect(FUSION_SELF . $aidlink);
}
}
}
if ($weblink_edit) {
$result = dbquery("SELECT * FROM " . DB_WEBLINKS . " WHERE weblink_id='" . intval($_GET['weblink_id']) . "'");
echo "<div class='well text-center'><p><strong>" . $locale['news_0701'] . "</strong></p>";
echo "<p><a href='submit.php?stype=n'>" . $locale['news_0702'] . "</a></p>";
echo "<p><a href='index.php'>" . str_replace("[SITENAME]", fusion_get_settings("sitename"), $locale['news_0704']) . "</a></p>\n";
echo "</div>\n";
} else {
// Preview
if (isset($_POST['preview_news'])) {
$news_snippet = "";
if ($_POST['news_news']) {
$news_snippet = parse_textarea($_POST['news_news']);
}
$news_body = "";
if ($_POST['news_body']) {
$news_body = parse_textarea($_POST['news_body']);
}
$criteriaArray = array("news_subject" => form_sanitizer($_POST['news_subject'], "", "news_subject"), "news_language" => form_sanitizer($_POST['news_language'], "", "news_language"), "news_ialign" => form_sanitizer($_POST['news_ialign'], "", "news_ialign"), "news_keywords" => form_sanitizer($_POST['news_keywords'], "", "news_keywords"), "news_cat" => form_sanitizer($_POST['news_cat'], 0, "news_cat"), "news_snippet" => form_sanitizer($_POST['news_news'], "", "news_news"), "news_body" => form_sanitizer($_POST['news_body'], "", "news_body"));
opentable($criteriaArray['news_subject']);
echo $locale['news_0203'] . " " . nl2br(parseubb($news_snippet)) . "<br /><br />";
echo $locale['news_0204'] . " " . nl2br(parseubb($news_body));
closetable();
}
add_to_title($locale['global_200'] . $locale['news_0400']);
echo "<div class='panel panel-default tbl-border'>\n<div class='panel-body'>\n";
echo "<div class='alert alert-info m-b-20 submission-guidelines'>" . str_replace("[SITENAME]", fusion_get_settings("sitename"), $locale['news_0703']) . "</div>\n";
echo openform('submit_form', 'post', BASEDIR . "submit.php?stype=n", array("enctype" => $news_settings['news_allow_submission_files'] ? TRUE : FALSE));
echo form_text('news_subject', $locale['news_0200'], $criteriaArray['news_subject'], array("required" => TRUE, "inline" => TRUE));
if (multilang_table("NS")) {
echo form_select('news_language', $locale['global_ML100'], $criteriaArray['news_language'], array("options" => fusion_get_enabled_languages(), "placeholder" => $locale['choose'], "width" => "250px", "inline" => TRUE));
} else {
echo form_hidden('news_language', '', $criteriaArray['news_language']);
}
echo "<p><a href='index.php'>" . str_replace("[SITENAME]", fusion_get_settings("sitename"), $locale['articles_0064']) . "</a></p>\n";
echo "</div>\n";
} else {
// Preview
if (isset($_POST['preview_article'])) {
$article_snippet = "";
if ($_POST['article_snippet']) {
$article_snippet = str_replace("src='" . str_replace("../", "", IMAGES_A), "src='" . IMAGES_A, parseubb(stripslashes($_POST['article_snippet'])));
$article_snippet = parse_textarea($article_snippet);
}
$article_article = "";
if ($_POST['article_article']) {
$article_article = str_replace("src='" . str_replace("../", "", IMAGES_A), "src='" . IMAGES_A, parseubb(stripslashes($_POST['article_article'])));
$article_article = parse_textarea($article_article);
}
$criteriaArray = array("article_subject" => form_sanitizer($_POST['article_subject'], "", "article_subject"), "article_cat" => form_sanitizer($_POST['article_cat'], 0, "article_cat"), "article_snippet" => form_sanitizer($article_snippet, "", "article_snippet"), "article_article" => form_sanitizer($article_article, "", "article_article"), "article_keywords" => form_sanitizer($_POST['article_keywords'], "", "article_keywords"), "article_language" => form_sanitizer($_POST['article_language'], "", "article_language"));
$criteriaArray['article_snippet'] = parse_textarea($article_snippet);
$criteriaArray['article_article'] = parse_textarea($article_article);
opentable($criteriaArray['article_subject']);
echo "<p class='text-bigger'>" . $criteriaArray['article_snippet'] . "</p>";
echo $criteriaArray['article_article'];
closetable();
}
add_to_title($locale['global_200'] . $locale['articles_0060']);
echo "<div class='panel panel-default tbl-border'>\n<div class='panel-body'>\n";
echo "<div class='alert alert-info m-b-20 submission-guidelines'>" . str_replace("[SITENAME]", fusion_get_settings("sitename"), $locale['articles_0063']) . "</div>\n";
echo openform('submit_form', 'post', BASEDIR . "submit.php?stype=a");
echo form_text('article_subject', $locale['articles_0304'], $criteriaArray['article_subject'], array("required" => TRUE, "inline" => TRUE));
if (multilang_table("AR")) {
echo form_select('article_language', $locale['global_ML100'], $criteriaArray['article_language'], array("options" => fusion_get_enabled_languages(), "placeholder" => $locale['choose'], "width" => "250px", "inline" => TRUE));
} else {
+--------------------------------------------------------+
| Filename: admin/blog_settings.php
| Author: Frederick MC Chan (Chan)
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
pageAccess("S8");
if (isset($_POST['savesettings'])) {
$error = 0;
$inputArray = array("article_pagination" => form_sanitizer($_POST['article_pagination'], 0, "article_pagination"), "article_allow_submission" => form_sanitizer($_POST['article_allow_submission'], 0, "article_allow_submission"), "article_extended_required" => isset($_POST['article_extended_required']) ? 1 : 0);
if (defender::safe()) {
foreach ($inputArray as $settings_name => $settings_value) {
$inputSettings = array("settings_name" => $settings_name, "settings_value" => $settings_value, "settings_inf" => "article");
dbquery_insert(DB_SETTINGS_INF, $inputSettings, "update", array("primary_key" => "settings_name"));
}
addNotice("success", $locale['900']);
redirect(FUSION_REQUEST);
} else {
addNotice('danger', $locale['901']);
}
}
echo "<div class='well'>" . $locale['articles_0031'] . "</div>";
echo openform('settingsform', 'post', FUSION_REQUEST);
openside('');
echo form_text("article_pagination", $locale['articles_0032'], $article_settings['article_pagination'], array("inline" => TRUE, "max_length" => 4, "width" => "150px", "type" => "number"));
$input = array('mailname' => '', 'email' => '', 'subject' => '', 'message' => '', 'captcha_code' => '');
if (isset($_POST['sendmessage'])) {
foreach ($input as $key => $value) {
if (isset($_POST[$key])) {
// Subject needs 'special' treatment
if ($key == 'subject') {
$input['subject'] = substr(str_replace(array("\r", "\n", "@"), "", descript(stripslash(trim($_POST['subject'])))), 0, 128);
// most unique in the entire CMS. keep.
$input['subject'] = form_sanitizer($input['subject'], $input[$key], $key);
// Others don't
} else {
$input[$key] = form_sanitizer($_POST[$key], $input[$key], $key);
}
// Input not posted, fallback to the default
} else {
$input[$key] = form_sanitizer($input[$key], $input[$key], $key);
}
}
$_CAPTCHA_IS_VALID = FALSE;
include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_check.php";
// Dynamics need to develop Captcha. Before that, use method 2.
if ($_CAPTCHA_IS_VALID == FALSE) {
$defender->stop();
addNotice('warning', $locale['424']);
}
if (!defined('FUSION_NULL')) {
require_once INCLUDES . "sendmail_include.php";
$template_result = dbquery("\n\t\t\tSELECT template_key, template_active, template_sender_name, template_sender_email\n\t\t\tFROM " . DB_EMAIL_TEMPLATES . "\n\t\t\tWHERE template_key='CONTACT'\n\t\t\tLIMIT 1");
if (dbrows($template_result)) {
$template_data = dbarray($template_result);
if ($template_data['template_active'] == "1") {
unlink(IMAGES_G . $pData['album_image']);
}
if ($pData['album_thumb1'] && file_exists(IMAGES_G . $pData['album_thumb1'])) {
unlink(IMAGES_G_T . $pData['album_thumb1']);
}
if ($pData['album_thumb2'] && file_exists(IMAGES_G . $pData['album_thumb2'])) {
unlink(IMAGES_G_T . $pData['album_thumb2']);
}
$data['album_image'] = "";
$data['album_thumb1'] = "";
$data['album_thumb2'] = "";
}
} else {
$data['album_image'] = form_sanitizer(isset($_POST['album_image']) ? $_POST['album_image'] : "", "", "album_image");
$data['album_thumb2'] = form_sanitizer(isset($_POST['album_thumb2']) ? $_POST['album_thumb2'] : "", "", "album_thumb2");
$data['album_thumb1'] = form_sanitizer(isset($_POST['album_thumb1']) ? $_POST['album_thumb1'] : "", "", "album_thumb1");
}
}
}
if (defender::safe()) {
if (dbcount("(album_id)", DB_PHOTO_ALBUMS, "album_id='" . intval($data['album_id']) . "'")) {
// update album
$result = dbquery_order(DB_PHOTO_ALBUMS, $data['album_order'], 'album_order', $data['album_id'], 'album_id', FALSE, FALSE, TRUE, 'album_language', 'update');
dbquery_insert(DB_PHOTO_ALBUMS, $data, "update");
addNotice('success', $locale['album_0013']);
redirect(FUSION_SELF . $aidlink);
} else {
// create album
$result = dbquery_order(DB_PHOTO_ALBUMS, $data['album_order'], 'album_order', 0, "album_id", FALSE, FALSE, TRUE, 'album_language', 'save');
dbquery_insert(DB_PHOTO_ALBUMS, $data, "save");
addNotice('success', $locale['album_0014']);
} else {
$image_count = 0;
}
if (isset($_GET['del']) && in_array($_GET['del'], $image_list)) {
unlink($afolder . stripinput($_GET['del']));
if ($settings['tinymce_enabled'] == 1) {
include INCLUDES . "buildlist.php";
}
addNotice('warning', $locale['400']);
redirect(FUSION_SELF . $aidlink . "&ifolder=" . $_GET['ifolder']);
} elseif (isset($_POST['uploadimage'])) {
$data = array('myfile' => '');
if (defender::safe()) {
if (!empty($_FILES['myfile'])) {
// when files is uploaded.
$upload = form_sanitizer($_FILES['myfile'], '', 'myfile');
if (!empty($upload) && $upload['error'] == 0) {
$data['myfile'] = $upload['image_name'];
if ($settings['tinymce_enabled'] == 1) {
include INCLUDES . "buildlist.php";
}
if (defender::safe()) {
addNotice('success', $locale['420']);
redirect(FUSION_SELF . $aidlink . "&ifolder=" . $_GET['ifolder'] . "&img=" . $data['myfile']);
}
}
redirect(FUSION_SELF . $aidlink . "&ifolder=" . $_GET['ifolder']);
}
}
} else {
opentable($locale['420']);
function debonair_theme_widget()
{
global $locale;
require_once "functions.php";
$settings = get_theme_settings("debonair");
/**
* data parsing
*/
$ubanner_col_1_data = uncomposeSelection($settings['ubanner_col_1']);
$ubanner_col_2_data = uncomposeSelection($settings['ubanner_col_2']);
$ubanner_col_3_data = uncomposeSelection($settings['ubanner_col_3']);
$settings = array("main_banner_url" => $settings['main_banner_url'], "ubanner_col_1" => !empty($ubanner_col_1_data['selected']) ? $ubanner_col_1_data['selected'] : 0, "ubanner_col_2" => !empty($ubanner_col_2_data['selected']) ? $ubanner_col_2_data['selected'] : 0, "ubanner_col_3" => !empty($ubanner_col_3_data['selected']) ? $ubanner_col_3_data['selected'] : 0, "lbanner_col_1" => $settings['lbanner_col_1'], "lbanner_col_2" => $settings['lbanner_col_2'], "lbanner_col_3" => $settings['lbanner_col_3'], "lbanner_col_4" => $settings['lbanner_col_4'], "facebook_url" => $settings['facebook_url'], "twitter_url" => $settings['twitter_url']);
if (isset($_POST['save_settings'])) {
$inputArray = array("main_banner_url" => form_sanitizer($_POST['main_banner_url'], "", "main_banner_url"), "ubanner_col_1" => composeSelection(form_sanitizer($_POST['ubanner_col_1'], "", "ubanner_col_1")), "ubanner_col_2" => composeSelection(form_sanitizer($_POST['ubanner_col_2'], "", "ubanner_col_2")), "ubanner_col_3" => composeSelection(form_sanitizer($_POST['ubanner_col_3'], "", "ubanner_col_3")), "lbanner_col_1" => form_sanitizer($_POST['lbanner_col_1'], "", "lbanner_col_1"), "lbanner_col_2" => form_sanitizer($_POST['lbanner_col_2'], "", "lbanner_col_2"), "lbanner_col_3" => form_sanitizer($_POST['lbanner_col_3'], "", "lbanner_col_3"), "lbanner_col_4" => form_sanitizer($_POST['lbanner_col_4'], "", "lbanner_col_4"), "facebook_url" => form_sanitizer($_POST['facebook_url'], "", "facebook_url"), "twitter_url" => form_sanitizer($_POST['twitter_url'], "", "twitter_url"));
foreach ($inputArray as $settings_name => $settings_value) {
$sqlArray = array("settings_name" => $settings_name, "settings_value" => $settings_value, "settings_theme" => "debonair");
dbquery_insert(DB_SETTINGS_THEME, $sqlArray, "update", array("primary_key" => "settings_name"));
}
if (defender::safe()) {
redirect(FUSION_REQUEST);
}
}
echo openform("debonair_theme_settings", "post", FUSION_REQUEST);
$exclude_list = ".|..|.htaccess|.DS_Store|config.php|config.temp.php|.gitignore|LICENSE|README.md|robots.txt|reactivate.php|rewrite.php|maintenance.php|maincore.php|lostpassword.php|index.php|error.php";
$list = array();
$file_list = makefilelist(BASEDIR, $exclude_list);
foreach ($file_list as $files) {
$list[] = $files;
}
$include_list = array();
$file_list = makefilelist(THEMES . "/debonair/include/", $exclude_list);
foreach ($file_list as $files) {
$include_list[$files] = str_replace(".php", "", str_replace("_", " ", ucwords($files)));
}
openside("");
echo form_select("main_banner_url", $locale['debonair_0300'], $settings['main_banner_url'], array("options" => $list, "tags" => true, "multiple" => true, "width" => "100%", "inline" => false));
echo "<p>" . $locale['debonair_0301'] . "</p>";
closeside();
openside("");
echo form_text("facebook_url", $locale['debonair_0321'], $settings['facebook_url'], array("type" => "url", "inline" => true, "placeholder" => "http://www.facebook.com/your-page-id"));
echo form_text("twitter_url", $locale['debonair_0322'], $settings['twitter_url'], array("type" => "url", "inline" => true, "placeholder" => "http://www.twitter.com/your-page-id"));
closeside();
$templateOpts[0] = $locale['debonair_0302'];
/**
* Article Selector
*/
$articleOpts = array();
if (db_exists(DB_ARTICLES)) {
$article_result = dbquery("select article_id, article_subject, article_cat_language FROM " . DB_ARTICLES . " a\n\t \t\t\t\tleft join " . DB_ARTICLE_CATS . " ac on a.article_cat = ac.article_cat_id\n\t \t\t\t\torder by article_datestamp DESC\n\t \t\t\t\t");
if (dbrows($article_result) > 0) {
while ($data = dbarray($article_result)) {
$articleOpts[$data['article_cat_language']][$data['article_id']] = $data['article_subject'];
}
}
if (!empty($articleOpts)) {
$templateOpts['articles'] = $locale['debonair_0303'];
}
}
/**
* News Selector
*/
$newsOpts = array();
if (db_exists(DB_NEWS)) {
$news_result = dbquery("select news_id, news_subject, news_language FROM " . DB_NEWS . " order by news_datestamp DESC");
if (dbrows($news_result) > 0) {
while ($data = dbarray($news_result)) {
$newsOpts[$data['news_language']][$data['news_id']] = $data['news_subject'];
}
}
if (!empty($newsOpts)) {
$templateOpts['news'] = $locale['debonair_0304'];
}
}
/**
* Blog Selector
*/
$blogOpts = array();
if (db_exists(DB_BLOG)) {
$blog_result = dbquery("select blog_id, blog_subject, blog_language FROM " . DB_BLOG . "\n\t \t\t\t\torder by blog_datestamp DESC\n\t \t\t\t\t");
if (dbrows($blog_result) > 0) {
while ($data = dbarray($blog_result)) {
$blogOpts[$data['blog_language']][$data['blog_id']] = $data['blog_subject'];
}
}
if (!empty($blogOpts)) {
$templateOpts['blog'] = $locale['debonair_0305'];
}
}
/**
* Custom Page Selector
* Note: custom page has a different multilanguage setup.
*/
$cpOpts = array();
if (db_exists(DB_CUSTOM_PAGES)) {
$cp_result = dbquery("select page_id, page_title, page_language FROM " . DB_CUSTOM_PAGES . " order by page_id ASC");
if (dbrows($cp_result) > 0) {
while ($data = dbarray($cp_result)) {
$acceptedLang = stristr($data['page_language'], ".") ? explode(".", $data['page_language']) : array(0 => $data['page_language']);
foreach (fusion_get_enabled_languages() as $lang) {
if (in_array($lang, $acceptedLang)) {
$cpOpts[$lang][$data['page_id']] = $data['page_title'];
}
}
}
}
if (!empty($cpOpts)) {
$templateOpts['cp'] = $locale['debonair_0306'];
}
}
openside("");
echo "<div class='row'>\n";
echo "<div class='col-xs-12 col-sm-4'>\n";
echo form_select("ubanner_col_1", $locale['debonair_0307'], $settings['ubanner_col_1'], array("options" => $templateOpts, "inline" => false));
if (!empty($articleOpts)) {
echo "<div id='ubanner_col_1-articles-choices' class='choices1' " . ($settings['ubanner_col_1'] === "articles" ? "" : "style='display:none;'") . "'>\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_1'] === "articles" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
echo form_select("articles-" . $lang, sprintf($locale['debonair_0310'], $lang), $callback_value, array("options" => isset($articleOpts[$lang]) ? $articleOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($newsOpts)) {
echo "<div id='ubanner_col_1-news-choices' class='choices1' " . ($settings['ubanner_col_1'] === "news" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_1'] === "news" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
echo form_select("news-" . $lang, sprintf($locale['debonair_0311'], $lang), $callback_value, array("options" => isset($newsOpts[$lang]) ? $newsOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($blogOpts)) {
echo "<div id='ubanner_col_1-blog-choices' class='choices1' " . ($settings['ubanner_col_1'] === "blog" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_1'] === "blog" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
echo form_select("blog-" . $lang, sprintf($locale['debonair_0312'], $lang), $callback_value, array("options" => isset($blogOpts[$lang]) ? $blogOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($cpOpts)) {
echo "<div id='ubanner_col_1-cp-choices' class='choices1' " . ($settings['ubanner_col_1'] === "cp" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_1'] === "cp" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
echo form_select("cp-" . $lang, sprintf($locale['debonair_0313'], $lang), $callback_value, array("options" => isset($cpOpts[$lang]) ? $cpOpts[$lang] : array()));
}
echo "</div>\n";
}
echo "</div><div class='col-xs-12 col-sm-4'>\n";
echo form_select("ubanner_col_2", $locale['debonair_0308'], $settings['ubanner_col_2'], array("options" => $templateOpts, "inline" => false));
if (!empty($articleOpts)) {
echo "<div id='ubanner_col_2-articles-choices' class='choices2' " . ($settings['ubanner_col_2'] === "articles" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_2'] === "articles" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
echo form_select("articles2-" . $lang, sprintf($locale['debonair_0310'], $lang), $callback_value, array("options" => isset($articleOpts[$lang]) ? $articleOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($newsOpts)) {
echo "<div id='ubanner_col_2-news-choices' class='choices2' " . ($settings['ubanner_col_2'] === "news" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_2'] === "news" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
echo form_select("news2-" . $lang, sprintf($locale['debonair_0311'], $lang), $callback_value, array("options" => isset($newsOpts[$lang]) ? $newsOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($blogOpts)) {
echo "<div id='ubanner_col_2-blog-choices' class='choices2' " . ($settings['ubanner_col_2'] === "blog" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_2'] === "blog" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
echo form_select("blog2-" . $lang, sprintf($locale['debonair_0312'], $lang), $callback_value, array("options" => isset($blogOpts[$lang]) ? $blogOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($cpOpts)) {
echo "<div id='ubanner_col_2-cp-choices' class='choices2' " . ($settings['ubanner_col_2'] === "cp" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_2'] === "cp" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
echo form_select("cp2-" . $lang, sprintf($locale['debonair_0313'], $lang), $callback_value, array("options" => isset($cpOpts[$lang]) ? $cpOpts[$lang] : array()));
}
echo "</div>\n";
}
echo "</div><div class='col-xs-12 col-sm-4'>\n";
// 3rd
echo form_select("ubanner_col_3", $locale['debonair_0309'], $settings['ubanner_col_3'], array("options" => $templateOpts, "inline" => false));
if (!empty($articleOpts)) {
echo "<div id='ubanner_col_3-articles-choices' class='choices3' " . ($settings['ubanner_col_3'] == "articles" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_3'] === "articles" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
echo form_select("articles3-" . $lang, sprintf($locale['debonair_0310'], $lang), $callback_value, array("options" => isset($articleOpts[$lang]) ? $articleOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($newsOpts)) {
echo "<div id='ubanner_col_3-news-choices' class='choices3' " . ($settings['ubanner_col_3'] === "news" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_3'] === "news" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
echo form_select("news3-" . $lang, sprintf($locale['debonair_0311'], $lang), $callback_value, array("options" => isset($newsOpts[$lang]) ? $newsOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($blogOpts)) {
echo "<div id='ubanner_col_3-blog-choices' class='choices3' " . ($settings['ubanner_col_3'] === "blog" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_3'] === "blog" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
echo form_select("blog3-" . $lang, sprintf($locale['debonair_0312'], $lang), $callback_value, array("options" => isset($blogOpts[$lang]) ? $blogOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($cpOpts)) {
echo "<div id='ubanner_col_3-cp-choices' class='choices3' " . ($settings['ubanner_col_3'] === "cp" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_3'] === "cp" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
echo form_select("cp3-" . $lang, sprintf($locale['debonair_0313'], $lang), $callback_value, array("options" => isset($cpOpts[$lang]) ? $cpOpts[$lang] : array()));
}
echo "</div>\n";
}
echo "</div>\n</div>\n";
echo $locale['debonair_0315'];
closeside();
openside("");
echo form_select("lbanner_col_1", $locale['debonair_0317'], $settings['lbanner_col_1'], array("options" => $include_list, "inline" => true));
echo form_select("lbanner_col_2", $locale['debonair_0318'], $settings['lbanner_col_2'], array("options" => $include_list, "inline" => true));
echo form_select("lbanner_col_3", $locale['debonair_0319'], $settings['lbanner_col_3'], array("options" => $include_list, "inline" => true));
echo form_select("lbanner_col_4", $locale['debonair_0320'], $settings['lbanner_col_4'], array("options" => $include_list, "inline" => true));
echo $locale['debonair_0316'];
closeside();
echo form_button("save_settings", $locale['save_changes'], "save", array("class" => "btn-success"));
echo closeform();
// Now use Jquery to chain the selectors - add_to_jquery combines, include into a single min. document ready script
add_to_jquery("\n\tfunction switchSelection(selector, value) {\n\t\t\$('.choices'+selector).hide();\n\t\tif (value == '0') {\n\t\t\t\$('.choices'+selector).hide();\n\t\t} else {\n\t\t\t\$('#ubanner_col_'+selector+'-'+value+'-choices').show();\n\t\t}\n\t}\n\t\$('#ubanner_col_1').bind('change', function() { switchSelection(1, \$(this).val()); });\n\t\$('#ubanner_col_2').bind('change', function() { switchSelection(2, \$(this).val()); });\n\t\$('#ubanner_col_3').bind('change', function() { switchSelection(3, \$(this).val()); });\n\t");
}
$total_faqs = dbcount("(faq_id)", DB_FAQS, "faq_cat_id='" . $_GET['faq_cat_id'] . "'");
$faq_start = $total_faqs > $show_faqs ? floor($total_faqs / $show_faqs) * $show_faqs : 0;
redirect(FUSION_SELF . $aidlink . "&show_faq=" . $_GET['faq_cat_id'] . "&faq_start=" . $faq_start);
}
}
$data = array("faq_id" => 0, "faq_cat_id" => 0, "faq_question" => "", "faq_answer" => "");
if ($faq_edit) {
$result = dbquery("select * from " . DB_FAQS . " where faq_id='" . intval($_GET['faq_id']) . "'");
if (dbrows($result) > 0) {
$data = dbarray($result);
} else {
redirect(FUSION_SELF . $aidlink);
}
}
if (isset($_POST['save_faq'])) {
$data = array("faq_id" => form_sanitizer($_POST['faq_id'], 0, "faq_id"), "faq_cat_id" => form_sanitizer($_POST['faq_cat_id'], 0, "faq_cat_id"), "faq_question" => form_sanitizer($_POST['faq_question'], "", "faq_question"), "faq_answer" => form_sanitizer($_POST['faq_answer'], "", "faq_answer"));
if (defender::safe()) {
if (dbcount("(faq_id)", DB_FAQS, "faq_id='" . $data['faq_id'] . "'")) {
dbquery_insert(DB_FAQS, $data, "update");
addNotice("success", $locale['faq_0306']);
} else {
dbquery_insert(DB_FAQS, $data, "save");
addNotice("success", $locale['faq_0305']);
}
// it's 15 limiter in show_faq function
// 5, 10, 15.
// 17/5 = 3.4*5 = 15
$total_faqs = dbcount("(faq_id)", DB_FAQS, "faq_cat_id='" . $data['faq_cat_id'] . "'");
$faq_start = $total_faqs > $show_faqs ? floor($total_faqs / $show_faqs) * $show_faqs : 0;
redirect(FUSION_SELF . $aidlink . "&show_faq=" . $data['faq_cat_id'] . "&faq_start=" . $faq_start);
}
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
if (fusion_get_settings("tinymce_enabled")) {
echo "<script language='javascript' type='text/javascript'>advanced();</script>\n";
}
if (isset($_GET['submit_id']) && isnum($_GET['submit_id'])) {
if (isset($_POST['publish']) && (isset($_GET['submit_id']) && isnum($_GET['submit_id']))) {
$result = dbquery("SELECT ts.*, tu.user_id, tu.user_name FROM " . DB_SUBMISSIONS . " ts\n\t\t\tLEFT JOIN " . DB_USERS . " tu ON ts.submit_user=tu.user_id\n\t\t\tWHERE submit_id='" . $_GET['submit_id'] . "'");
if (dbrows($result)) {
$callback_data = dbarray($result);
$callback_data = array("download_id" => 0, "download_user" => $callback_data['submit_user'], "download_title" => form_sanitizer($_POST['download_title'], '', 'download_title'), "download_description" => form_sanitizer($_POST['download_description'], '', 'download_description'), "download_description_short" => form_sanitizer($_POST['download_description_short'], '', 'download_description_short'), "download_cat" => form_sanitizer($_POST['download_cat'], 0, 'download_cat'), "download_homepage" => form_sanitizer($_POST['download_homepage'], '', 'download_homepage'), "download_license" => form_sanitizer($_POST['download_license'], '', 'download_license'), "download_copyright" => form_sanitizer($_POST['download_copyright'], '', 'download_copyright'), "download_os" => form_sanitizer($_POST['download_os'], '', 'download_os'), "download_version" => form_sanitizer($_POST['download_version'], '', 'download_version'), "download_file" => form_sanitizer($_POST['download_file'], '', 'download_file'), "download_url" => form_sanitizer($_POST['download_url'], '', 'download_url'), "download_filesize" => form_sanitizer($_POST['download_filesize'], '', 'download_filesize'), "download_image" => form_sanitizer($_POST['download_image'], '', 'download_image'), "download_image_thumb" => form_sanitizer($_POST['download_image_thumb'], '', 'download_image_thumb'), "download_allow_comments" => isset($_POST['download_allow_comments']) ? TRUE : FALSE, "download_allow_ratings" => isset($_POST['download_allow_ratings']) ? TRUE : FALSE, "download_visibility" => form_sanitizer($_POST['download_visibility'], '', 'download_visibility'), "download_keywords" => form_sanitizer($_POST['download_keywords'], '', 'download_keywords'), "download_datestamp" => $callback_data['submit_datestamp']);
if (defender::safe()) {
// move files
if (!empty($callback_data['download_file']) && file_exists(DOWNLOADS . "/submissions/" . $callback_data['download_file'])) {
$dest = DOWNLOADS . "files/";
$temp_file = $callback_data['download_file'];
$callback_data['download_file'] = filename_exists($dest, $callback_data['download_file']);
copy(DOWNLOADS . "submissions/" . $temp_file, $dest . $callback_data['download_file']);
chmod($dest . $callback_data['download_file'], 0644);
unlink(DOWNLOADS . "submissions/" . $temp_file);
}
// move images
if (!empty($callback_data['download_image']) && file_exists(DOWNLOADS . "/submissions/images/" . $callback_data['download_image'])) {
$dest = DOWNLOADS . "images/";
$temp_file = $callback_data['download_image'];
$callback_data['download_image'] = filename_exists($dest, $callback_data['download_image']);
@rename(BASEDIR . ".htaccess", BASEDIR . "_htaccess");
}
}
}
$result = !defined('FUSION_NULL') ? dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . stripinput($_POST['default_search']) . "' WHERE settings_name='default_search'") : '';
$exclude_left = form_sanitizer($_POST['exclude_left'], '', 'exclude_left');
$result = !defined('FUSION_NULL') ? dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='{$exclude_left}' WHERE settings_name='exclude_left'") : '';
$exclude_upper = form_sanitizer($_POST['exclude_upper'], '', 'exclude_upper');
$result = !defined('FUSION_NULL') ? dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='{$exclude_upper}' WHERE settings_name='exclude_upper'") : '';
$exclude_aupper = form_sanitizer($_POST['exclude_aupper'], '', 'exclude_aupper');
$result = !defined('FUSION_NULL') ? dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='{$exclude_aupper}' WHERE settings_name='exclude_aupper'") : '';
$exclude_lower = form_sanitizer($_POST['exclude_lower'], '', 'exclude_lower');
$result = !defined('FUSION_NULL') ? dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='{$exclude_lower}' WHERE settings_name='exclude_lower'") : '';
$exclude_blower = form_sanitizer($_POST['exclude_blower'], '', 'exclude_blower');
$result = !defined('FUSION_NULL') ? dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='{$exclude_blower}' WHERE settings_name='exclude_blower'") : '';
$exclude_right = form_sanitizer($_POST['exclude_right'], '', 'exclude_right');
$result = !defined('FUSION_NULL') ? dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='{$exclude_right}' WHERE settings_name='exclude_right'") : '';
}
$settings2 = array();
$result = dbquery("SELECT * FROM " . DB_SETTINGS);
while ($data = dbarray($result)) {
$settings2[$data['settings_name']] = $data['settings_value'];
}
$theme_files = makefilelist(THEMES, ".|..|templates", TRUE, "folders");
opentable($locale['400']);
echo openform('settingsform', 'settingsform', 'post', FUSION_SELF . $aidlink, array('downtime' => 0));
echo "<table class='table table-responsive center'>\n<tbody>\n<tr>\n";
echo "<td width='35%' class='tbl'><label for='sitename'>" . $locale['402'] . "</label> <span class='required'>*</span></td>\n";
echo "<td width='65%' class='tbl'>\n";
echo form_text('', 'sitename', 'sitename', $settings2['sitename'], array('max_length' => 255, 'required' => 1, 'error_text' => $locale['error_value']));
echo "</td>\n</tr>\n<tr>\n";
$message = $locale['SB_shout_updated'];
} elseif ($_GET['status'] == "del") {
$message = $locale['SB_shout_deleted'];
}
if ($message) {
echo "<div id='close-message'><div class='admin-message alert alert-info m-t-10'>" . $message . "</div></div>\n";
}
} elseif (isset($_GET['action']) && $_GET['action'] == "delete" && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
$result = dbquery("DELETE FROM " . DB_SHOUTBOX . " WHERE shout_id='" . $_GET['shout_id'] . "'");
redirect(FUSION_SELF . $aidlink . "&status=del");
} else {
if (isset($_POST['saveshout']) && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
$shout_message = str_replace("\n", " ", $_POST['shout_message']);
$shout_message = preg_replace("/^(.{255}).*\$/", "\$1", $shout_message);
$shout_message = preg_replace("/([^\\s]{25})/", "\$1\n", $shout_message);
$shout_message = form_sanitizer($shout_message, '', 'shout_message');
$shout_message = str_replace("\n", "<br />", $shout_message);
if (!defined('FUSION_NULL')) {
$result = dbquery("UPDATE " . DB_SHOUTBOX . " SET shout_message='{$shout_message}' WHERE shout_id='" . $_GET['shout_id'] . "'");
redirect(FUSION_SELF . $aidlink . "&status=su");
}
}
if (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_GET['shout_id']) && isnum($_GET['shout_id']))) {
$result = dbquery("SELECT shout_id, shout_message FROM " . DB_SHOUTBOX . " WHERE shout_id='" . $_GET['shout_id'] . "'");
if (dbrows($result)) {
$data = dbarray($result);
opentable($locale['SB_edit_shout']);
echo openform('input_form', 'input_form', 'post', FUSION_SELF . $aidlink . "&shout_id=" . $data['shout_id'] . "", array('downtime' => 0, 'notice' => 0));
echo form_textarea($locale['SB_message'], 'shout_message', 'shout_message', $data['shout_message'], array('required' => 1, 'bbcode' => 1));
echo form_button($locale['SB_save_shout'], 'saveshout', 'saveshout', $locale['SB_save_shout'], array('class' => 'btn-primary'));
echo closeform();
public function render_poll_form($edit = 0)
{
global $locale, $defender;
$poll_field = '';
// Build Polls Info.
$thread_data = $this->thread_info['thread'];
if ($edit ? $this->getThreadPermission("can_edit_poll") : $this->getThreadPermission("can_create_poll")) {
// if permitted to create new poll.
$data = array('thread_id' => $thread_data['thread_id'], 'forum_poll_title' => isset($_POST['forum_poll_title']) ? form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title') : '', 'forum_poll_start' => time(), 'forum_poll_length' => 2, 'forum_poll_votes' => 0);
// counter of lengths
$option_data[1] = "";
$option_data[2] = "";
// calculate poll lengths
if (isset($_POST['poll_options'])) {
// callback on post.
foreach ($_POST['poll_options'] as $i => $value) {
$option_data[$i] = form_sanitizer($value, '', "poll_options[{$i}]");
}
// reindex the whole array with blank values.
if ($defender->safe()) {
$option_data = array_values(array_filter($option_data));
array_unshift($option_data, NULL);
unset($option_data[0]);
$data['forum_poll_length'] = count($option_data);
}
}
// add a Blank Poll option
if (isset($_POST['add_poll_option']) && $defender->safe()) {
array_push($option_data, '');
}
if ($edit) {
$result = dbquery("SELECT * FROM " . DB_FORUM_POLLS . " WHERE thread_id='" . $thread_data['thread_id'] . "'");
if (dbrows($result) > 0) {
if (isset($_POST['update_poll']) || isset($_POST['add_poll_option'])) {
$load = FALSE;
$data += dbarray($result);
// append if not available.
} else {
$load = TRUE;
$data = dbarray($result);
// call
}
if (isset($_POST['update_poll'])) {
$data = array('thread_id' => $thread_data['thread_id'], 'forum_poll_title' => form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title'), 'forum_poll_start' => $data['forum_poll_start'], 'forum_poll_length' => $data['forum_poll_length']);
dbquery_insert(DB_FORUM_POLLS, $data, 'update', array('primary_key' => 'thread_id', 'no_unique' => TRUE));
$i = 1;
// populate data for matches
$poll_result = dbquery("SELECT forum_poll_option_id FROM " . DB_FORUM_POLL_OPTIONS . " WHERE thread_id='" . $thread_data['thread_id'] . "'");
while ($_data = dbarray($poll_result)) {
$_poll[$_data['forum_poll_option_id']] = $_data;
// Prune the emptied fields AND field is not required.
if (empty($option_data[$_data['forum_poll_option_id']]) && $defender->safe()) {
dbquery("DELETE FROM " . DB_FORUM_POLL_OPTIONS . " WHERE thread_id='" . $thread_data['thread_id'] . "' AND forum_poll_option_id='" . $_data['forum_poll_option_id'] . "'");
}
}
foreach ($option_data as $option_text) {
if ($option_text) {
if ($defender->safe()) {
if (isset($_poll[$i])) {
// has record
dbquery("UPDATE " . DB_FORUM_POLL_OPTIONS . " SET forum_poll_option_text='" . $option_text . "' WHERE thread_id='" . $thread_data['thread_id'] . "' AND forum_poll_option_id='" . $i . "'");
} else {
// no record - create
$array = array('thread_id' => $thread_data['thread_id'], 'forum_poll_option_id' => $i, 'forum_poll_option_text' => $option_text, 'forum_poll_option_votes' => 0);
dbquery_insert(DB_FORUM_POLL_OPTIONS, $array, 'save');
}
}
$i++;
}
}
if ($defender->safe()) {
redirect(INFUSIONS . "forum/postify.php?post=editpoll&error=0&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id']);
}
}
// how to make sure values containing options votes
$poll_field['openform'] = openform('pollform', 'post', INFUSIONS . 'forum/viewthread.php?action=editpoll&forum_id=' . $_GET['forum_id'] . '&thread_id=' . $_GET['thread_id']);
$poll_field['openform'] .= "<div class='text-info m-b-20 m-t-10'>" . $locale['forum_0613'] . "</div>\n";
$poll_field['poll_field'] = form_text('forum_poll_title', $locale['forum_0604'], $data['forum_poll_title'], array('max_length' => 255, 'placeholder' => $locale['forum_0604a'], 'inline' => TRUE, 'required' => TRUE));
if ($load == FALSE) {
for ($i = 1; $i <= count($option_data); $i++) {
$poll_field['poll_field'] .= form_text("poll_options[{$i}]", sprintf($locale['forum_0606'], $i), $option_data[$i], array('max_length' => 255, 'placeholder' => $locale['forum_0605'], 'inline' => 1, 'required' => $i <= 2 ? TRUE : FALSE));
}
} else {
$result = dbquery("SELECT forum_poll_option_text, forum_poll_option_votes FROM " . DB_FORUM_POLL_OPTIONS . " WHERE thread_id='" . $_GET['thread_id'] . "' ORDER BY forum_poll_option_id ASC");
$i = 1;
while ($_pdata = dbarray($result)) {
$poll_field['poll_field'] .= form_text("poll_options[{$i}]", $locale['forum_0605'] . ' ' . $i, $_pdata['forum_poll_option_text'], array('max_length' => 255, 'placeholder' => 'Poll Options', 'inline' => 1, 'required' => $i <= 2 or $_pdata['forum_poll_option_votes'] ? TRUE : FALSE));
$i++;
}
}
$poll_field['poll_field'] .= "<div class='col-xs-12 col-sm-offset-3'>\n";
$poll_field['poll_field'] .= form_button('add_poll_option', $locale['forum_0608'], $locale['forum_0608'], array('class' => 'btn-primary btn-sm'));
$poll_field['poll_field'] .= "</div>\n";
$poll_field['poll_button'] = form_button('update_poll', $locale['forum_2013'], $locale['forum_2013'], array('class' => 'btn-default'));
$poll_field['closeform'] = closeform();
} else {
redirect(INFUSIONS . 'forum/index.php');
// redirect because the poll id is not available.
}
} else {
// Save New Poll
if (isset($_POST['add_poll'])) {
dbquery_insert(DB_FORUM_POLLS, $data, 'save');
$data['forum_poll_id'] = dblastid();
$i = 1;
foreach ($option_data as $option_text) {
if ($option_text) {
$data['forum_poll_option_id'] = $i;
$data['forum_poll_option_text'] = $option_text;
$data['forum_poll_option_votes'] = 0;
dbquery_insert(DB_FORUM_POLL_OPTIONS, $data, 'save');
$i++;
}
}
if ($defender->safe()) {
dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_poll='1' WHERE thread_id='" . $thread_data['thread_id'] . "'");
redirect(INFUSIONS . "forum/postify.php?post=newpoll&error=0&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id']);
}
}
// blank poll - no poll on edit or new thread
$poll_field['openform'] = openform('pollform', 'post', INFUSIONS . 'forum/viewthread.php?action=newpoll&forum_id=' . $_GET['forum_id'] . '&thread_id=' . $_GET['thread_id'], array('max_tokens' => 1));
$poll_field['poll_field'] = form_text('forum_poll_title', $locale['forum_0604'], $data['forum_poll_title'], array('max_length' => 255, 'placeholder' => $locale['forum_0604a'], 'inline' => TRUE, 'required' => TRUE));
for ($i = 1; $i <= count($option_data); $i++) {
$poll_field['poll_field'] .= form_text("poll_options[{$i}]", sprintf($locale['forum_0606'], $i), $option_data[$i], array('max_length' => 255, 'placeholder' => $locale['forum_0605'], 'inline' => 1, 'required' => $i <= 2 ? TRUE : FALSE));
}
$poll_field['poll_field'] .= "<div class='col-xs-12 col-sm-offset-3'>\n";
$poll_field['poll_field'] .= form_button('add_poll_option', $locale['forum_0608'], $locale['forum_0608'], array('class' => 'btn-primary btn-sm'));
$poll_field['poll_field'] .= "</div>\n";
$poll_field['poll_button'] = form_button('add_poll', $locale['forum_2011'], $locale['forum_2011'], array('class' => 'btn-success btn-md'));
$poll_field['closeform'] = closeform();
}
$info = array('title' => $locale['forum_0366'], 'description' => $locale['forum_2000'] . $thread_data['thread_subject'], 'field' => $poll_field);
pollform($info);
} else {
redirect(FORUM . "index.php");
}
}
/**
* Display Forum Form
*/
public function display_forum_form()
{
require_once INCLUDES . 'photo_functions_include.php';
require_once INCLUDES . 'infusions_include.php';
$forum_settings = $this->get_forum_settings();
$language_opts = fusion_get_enabled_languages();
add_breadcrumb(array('link' => '', 'title' => self::$locale['forum_001']));
if (!isset($_GET['action']) && $_GET['parent_id']) {
$data['forum_cat'] = $_GET['parent_id'];
}
$type_opts = array('1' => self::$locale['forum_opts_001'], '2' => self::$locale['forum_opts_002'], '3' => self::$locale['forum_opts_003'], '4' => self::$locale['forum_opts_004']);
$forum_image_path = FORUM . "images/";
if (isset($_POST['remove_image']) && isset($_POST['forum_id'])) {
$data['forum_id'] = form_sanitizer($_POST['forum_id'], '', 'forum_id');
if ($data['forum_id']) {
$data = self::get_forum($data['forum_id']);
if (!empty($data)) {
$forum_image = $forum_image_path . $data['forum_image'];
if (!empty($data['forum_image']) && file_exists($forum_image) && !is_dir($forum_image)) {
@unlink($forum_image);
$data['forum_image'] = '';
}
dbquery_insert(DB_FORUMS, $data, 'update');
addNotice('success', self::$locale['forum_notice_8']);
redirect(FUSION_REQUEST);
}
}
}
opentable(self::$locale['forum_001']);
echo openform('inputform', 'post', FUSION_REQUEST, array('enctype' => 1));
echo "<div class='row'>\n<div class='col-xs-12 col-sm-8 col-md-8 col-lg-8'>\n";
echo form_text('forum_name', self::$locale['forum_006'], $this->data['forum_name'], array('required' => 1, 'error_text' => self::$locale['forum_error_1'])) . form_textarea('forum_description', self::$locale['forum_007'], $this->data['forum_description'], array('autosize' => 1, 'type' => 'bbcode', 'form_name' => 'inputform', 'preview' => TRUE)) . form_text('forum_alias', self::$locale['forum_011'], $this->data['forum_alias']);
echo "</div><div class='col-xs-12 col-sm-4 col-md-4 col-lg-4'>\n";
openside('');
$self_id = $this->data['forum_id'] ? $this->data['forum_id'] : '';
echo form_select_tree('forum_cat', self::$locale['forum_008'], $this->data['forum_cat'], array('add_parent_opts' => 1, 'disable_opts' => $self_id, 'hide_disabled' => 1), DB_FORUMS, 'forum_name', 'forum_id', 'forum_cat', $self_id) . form_select('forum_type', self::$locale['forum_009'], $this->data['forum_type'], array("options" => $type_opts)) . form_select('forum_language', self::$locale['forum_010'], $this->data['forum_language'], array("options" => $language_opts)) . form_text('forum_order', self::$locale['forum_043'], $this->data['forum_order'], array('number' => 1)) . form_button('save_forum', $this->data['forum_id'] ? self::$locale['forum_000a'] : self::$locale['forum_000'], self::$locale['forum_000'], array('class' => 'btn btn-sm btn-success'));
closeside();
echo "</div>\n</div>\n";
echo "<div class='row'>\n<div class='col-xs-12 col-sm-8 col-md-8 col-lg-8'>\n";
echo form_select('forum_meta', self::$locale['forum_012'], $this->data['forum_meta'], array('tags' => 1, 'multiple' => 1, 'width' => '100%'));
if ($this->data['forum_image'] && file_exists(FORUM . "images/" . $this->data['forum_image'])) {
openside();
echo "<div class='pull-left m-r-10'>\n";
echo thumbnail(FORUM . "images/" . $this->data['forum_image'], '80px', '80px');
echo "</div>\n<div class='overflow-hide'>\n";
echo "<span class='strong'>" . self::$locale['forum_013'] . "</span><br/>\n";
$image_size = @getimagesize(FORUM . "images/" . $this->data['forum_image']);
echo "<span class='text-smaller'>" . sprintf(self::$locale['forum_027'], $image_size[0], $image_size[1]) . "</span><br/>";
echo form_hidden('forum_image', '', $this->data['forum_image']);
echo form_button('remove_image', self::$locale['forum_028'], self::$locale['forum_028'], array('class' => 'btn-danger btn-sm m-t-10', 'icon' => 'fa fa-trash'));
echo "</div>\n";
closeside();
} else {
$tab_title['title'][] = self::$locale['forum_013'];
$tab_title['id'][] = 'fir';
$tab_title['icon'][] = '';
$tab_title['title'][] = self::$locale['forum_014'];
$tab_title['id'][] = 'ful';
$tab_title['icon'][] = '';
$tab_active = tab_active($tab_title, 0);
echo opentab($tab_title, $tab_active, 'forum-image-tab', FALSE, "m-t-20 m-b-20");
// Upload Image
echo opentabbody($tab_title['title'][0], 'fir', $tab_active);
echo "<span class='display-inline-block m-t-10 m-b-10'>" . sprintf(self::$locale['forum_015'], parsebytesize($forum_settings['forum_attachmax'])) . "</span>\n";
$fileOptions = array("upload_path" => $forum_image_path, "thumbnail" => TRUE, "thumbnail_folder" => $forum_image_path, "type" => "image", "delete_original" => TRUE, "max_count" => $forum_settings['forum_attachmax']);
echo form_fileinput('forum_image', "", '', $fileOptions);
echo closetabbody();
// Upload image via Web Address
echo opentabbody($tab_title['title'][1], 'ful', $tab_active);
echo "<span class='display-inline-block m-t-10 m-b-10'>" . self::$locale['forum_016'] . "</strong></span>\n";
$header_opts = array('0' => 'Local Server', '1' => 'URL');
echo form_select('forum_image_header', self::$locale['forum_056'], '', array('inline' => TRUE, 'options' => $header_opts));
echo form_text('forum_image_url', self::$locale['forum_014'], '', array('placeholder' => 'images/forum/', 'inline' => TRUE));
echo closetabbody();
echo closetab();
}
echo form_textarea('forum_rules', self::$locale['forum_017'], $this->data['forum_rules'], array('autosize' => 1, 'bbcode' => 1));
echo "</div><div class='col-xs-12 col-sm-4 col-md-4 col-lg-4'>\n";
openside('');
// need to get parent category
echo form_select_tree('forum_permissions', self::$locale['forum_025'], $this->data['forum_branch'], array('no_root' => 1, 'deactivate' => $this->data['forum_id'] ? TRUE : FALSE), DB_FORUMS, 'forum_name', 'forum_id', 'forum_cat');
if ($this->data['forum_id']) {
echo form_button('jp_forum', self::$locale['forum_029'], self::$locale['forum_029'], array('class' => 'btn-sm btn-default m-r-10'));
}
closeside();
openside('');
echo form_checkbox('forum_lock', self::$locale['forum_026'], $this->data['forum_lock'], array("reverse_label" => TRUE)) . form_checkbox('forum_users', self::$locale['forum_024'], $this->data['forum_users'], array("reverse_label" => TRUE)) . form_checkbox('forum_quick_edit', self::$locale['forum_021'], $this->data['forum_quick_edit'], array("reverse_label" => TRUE)) . form_checkbox('forum_merge', self::$locale['forum_019'], $this->data['forum_merge'], array("reverse_label" => TRUE)) . form_checkbox('forum_allow_attach', self::$locale['forum_020'], $this->data['forum_allow_attach'], array("reverse_label" => TRUE)) . form_checkbox('forum_allow_poll', self::$locale['forum_022'], $this->data['forum_allow_poll'], array("reverse_label" => TRUE)) . form_hidden('forum_id', '', $this->data['forum_id']) . form_hidden('forum_branch', '', $this->data['forum_branch']);
closeside();
echo "</div>\n</div>\n";
echo form_button('save_forum', $this->data['forum_id'] ? self::$locale['forum_000a'] : self::$locale['forum_000'], self::$locale['forum_000'], array('class' => 'btn-sm btn-success'));
echo closeform();
closetable();
}
$mod_rewrite = FALSE;
if (function_exists('apache_get_modules') && in_array('mod_rewrite', apache_get_modules())) {
$mod_rewrite = TRUE;
} elseif (isset($_SERVER['IIS_UrlRewriteModule'])) {
$mod_rewrite = TRUE;
} elseif (isset($_SERVER['MOD_REWRITE'])) {
$mod_rewrite = TRUE;
}
define('MOD_REWRITE', $mod_rewrite);
if (!MOD_REWRITE) {
addNotice('danger', "<i class='fa fa-lg fa-warning m-r-10'></i>" . $locale['rewrite_disabled']);
}
$settings_seo = array('site_seo' => fusion_get_settings('site_seo'), 'normalize_seo' => fusion_get_settings('normalize_seo'), 'debug_seo' => fusion_get_settings('debug_seo'));
if (isset($_POST['savesettings'])) {
foreach ($settings_seo as $key => $value) {
$settings_seo[$key] = form_sanitizer($_POST[$key], 0, $key);
if ($defender->safe()) {
dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . $settings_seo[$key] . "' WHERE settings_name='" . $key . "'");
}
}
$htc = "# Force utf-8 charset" . PHP_EOL;
$htc .= "AddDefaultCharset utf-8" . PHP_EOL . PHP_EOL;
$htc .= "# Security" . PHP_EOL;
$htc .= "ServerSignature Off" . PHP_EOL . PHP_EOL;
$htc .= "# Secure htaccess file" . PHP_EOL;
$htc .= "<Files .htaccess>" . PHP_EOL;
$htc .= "order allow,deny" . PHP_EOL;
$htc .= "deny from all" . PHP_EOL;
$htc .= "</Files>" . PHP_EOL . PHP_EOL;
$htc .= "# Protect config.php" . PHP_EOL;
$htc .= "<Files config.php>" . PHP_EOL;
if (isset($_GET['action']) && $_GET['action'] == "delete" && isset($_GET['cat_id']) && isnum($_GET['cat_id'])) {
$result = dbquery("select * from " . DB_PHOTO_ALBUMS . " where album_id='" . intval($_GET['cat_id']) . "'");
if (dbrows($result) > 0) {
// album verified
$albumData = dbarray($result);
// photo existed
if (dbcount("('photo_id')", DB_PHOTOS, "album_id = '" . intval($_GET['cat_id']) . "'")) {
$list = get_albumOpts();
$albumArray[0] = $locale['album_0028'];
foreach ($list as $album_id => $album_title) {
$albumArray[$album_id] = sprintf($locale['album_0029'], $album_title);
}
// unset own album
unset($albumArray[$_GET['cat_id']]);
if (isset($_POST['confirm_delete'])) {
$targetAlbum = form_sanitizer($_POST['target_album'], '0', 'target_album');
// Purge or move photos
$photosResult = dbquery("SELECT * FROM " . DB_PHOTOS . " WHERE album_id = '" . intval($_GET['cat_id']) . "'");
if (dbrows($photosResult) > 0) {
if ($targetAlbum > 0) {
// move picture to $move_album
$target_max_order = dbresult(dbquery("SELECT MAX(photo_order) FROM " . DB_PHOTOS . " WHERE album_id='" . intval($targetAlbum) . "'"), 0) + 1;
while ($photo_data = dbarray($result)) {
$photo_data['photo_order'] = $target_max_order;
dbquery("UPDATE " . DB_PHOTO_ALBUMS . " SET album_id='" . intval($targetAlbum) . "' WHERE photo_id='" . $photo_data['photo_id'] . "'");
$target_max_order++;
}
addNotice("success", sprintf($locale['album_0031'], $albumArray[$targetAlbum]));
} else {
// delete all
$photoRows = 0;
if (!$result) {
$error = 1;
}
$result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['deactivation_response']) ? $_POST['deactivation_response'] : "14") . "' WHERE settings_name='deactivation_response'");
if (!$result) {
$error = 1;
}
$result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['deactivation_action']) ? $_POST['deactivation_action'] : "0") . "' WHERE settings_name='deactivation_action'");
if (!$result) {
$error = 1;
}
$result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['hide_userprofiles']) ? $_POST['hide_userprofiles'] : "0") . "' WHERE settings_name='hide_userprofiles'");
if (!$result) {
$error = 1;
}
$avatar_filesize = form_sanitizer($_POST['calc_b'], '15', 'calc_b') * form_sanitizer($_POST['calc_c'], '100000', 'calc_c');
$result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='{$avatar_filesize}' WHERE settings_name='avatar_filesize'");
if (!$result) {
$error = 1;
}
$result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['avatar_width']) ? $_POST['avatar_width'] : "100") . "' WHERE settings_name='avatar_width'");
if (!$result) {
$error = 1;
}
$result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['avatar_height']) ? $_POST['avatar_height'] : "100") . "' WHERE settings_name='avatar_height'");
if (!$result) {
$error = 1;
}
$result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['avatar_ratio']) ? $_POST['avatar_ratio'] : "0") . "' WHERE settings_name='avatar_ratio'");
if (!$result) {
$error = 1;
}
if ($message) {
echo "<div id='close-message'><div class='admin-message alert alert-info m-t-10'>" . $message . "</div></div>\n";
}
}
if (isset($_GET['action']) && $_GET['action'] == "delete" && (isset($_GET['cat_id']) && isnum($_GET['cat_id']))) {
$result = dbcount("(weblink_cat)", DB_WEBLINKS, "weblink_cat='" . $_GET['cat_id'] . "'");
if (!empty($result)) {
redirect(FUSION_SELF . $aidlink . "&status=deln");
} else {
$result = dbquery("DELETE FROM " . DB_WEBLINK_CATS . " WHERE weblink_cat_id='" . $_GET['cat_id'] . "'");
redirect(FUSION_SELF . $aidlink . "&status=dely");
}
} else {
if (isset($_POST['save_cat'])) {
$cat_name = form_sanitizer($_POST['cat_name'], '', 'cat_name');
// stripinput($_POST['cat_name']);
$cat_description = stripinput($_POST['cat_description']);
$cat_language = stripinput($_POST['cat_language']);
$cat_access = isnum($_POST['cat_access']) ? $_POST['cat_access'] : "0";
if (isnum($_POST['cat_sort_by']) && $_POST['cat_sort_by'] == "1") {
$cat_sorting = "weblink_id " . ($_POST['cat_sort_order'] == "ASC" ? "ASC" : "DESC");
} else {
if (isnum($_POST['cat_sort_by']) && $_POST['cat_sort_by'] == "2") {
$cat_sorting = "weblink_name " . ($_POST['cat_sort_order'] == "ASC" ? "ASC" : "DESC");
} else {
if (isnum($_POST['cat_sort_by']) && $_POST['cat_sort_by'] == "3") {
$cat_sorting = "weblink_datestamp " . ($_POST['cat_sort_order'] == "ASC" ? "ASC" : "DESC");
} else {
$cat_sorting = "weblink_name ASC";
}
public function viewSettingsAdmin()
{
global $aidlink;
pageAccess('F');
$forum_settings = $this->get_forum_settings();
add_breadcrumb(array('link' => ADMIN . 'settings_forum.php' . $aidlink, 'title' => self::$locale['forum_settings']));
if (isset($_POST['recount_user_post'])) {
$result = dbquery("SELECT post_author, COUNT(post_id) as num_posts FROM " . DB_FORUM_POSTS . " GROUP BY post_author");
if (dbrows($result)) {
while ($data = dbarray($result)) {
$result2 = dbquery("UPDATE " . DB_USERS . " SET user_posts='" . $data['num_posts'] . "' WHERE user_id='" . $data['post_author'] . "'");
}
addNotice('success', self::$locale['forum_061']);
}
}
if (isset($_POST['savesettings'])) {
$numofthreads = form_sanitizer($_POST['numofthreads'], 20, 'numofthreads');
$threads_num = form_sanitizer($_POST['threads_per_page'], 20, 'threads_per_page');
$posts_num = form_sanitizer($_POST['posts_per_page'], 20, 'posts_per_page');
$forum_ips = form_sanitizer($_POST['forum_ips'], -103, 'forum_ips');
$attachmax = form_sanitizer($_POST['calc_b'], 1, 'calc_b') * form_sanitizer($_POST['calc_c'], 1000000, 'calc_c');
$attachmax_count = form_sanitizer($_POST['forum_attachmax_count'], 5, 'forum_attachmax_count');
$attachtypes = form_sanitizer($_POST['forum_attachtypes'], '.pdf,.gif,.jpg,.png,.zip,.rar,.tar,.bz2,.7z', 'forum_attachtypes');
$thread_notify = form_sanitizer($_POST['thread_notify'], '0', 'thread_notify');
$forum_ranks = form_sanitizer($_POST['forum_ranks'], '0', 'forum_ranks');
$forum_rank_style = form_sanitizer($_POST['forum_rank_style'], '0', 'forum_rank_style');
$forum_edit_lock = form_sanitizer($_POST['forum_edit_lock'], '0', 'forum_edit_lock');
$forum_edit_timelimit = form_sanitizer($_POST['forum_edit_timelimit'], '0', 'forum_edit_timelimit');
$popular_threads_timeframe = form_sanitizer($_POST['popular_threads_timeframe'], '604800', 'popular_threads_timeframe');
$forum_last_posts_reply = form_sanitizer($_POST['forum_last_posts_reply'], '0', 'forum_last_posts_reply');
$forum_last_post_avatar = form_sanitizer($_POST['forum_last_post_avatar'], '0', 'forum_last_post_avatar');
$forum_editpost_to_lastpost = form_sanitizer($_POST['forum_editpost_to_lastpost'], '0', 'forum_editpost_to_lastpost');
if (\defender::safe()) {
dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$numofthreads}' WHERE settings_name='numofthreads' AND settings_inf='forum'");
dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$threads_num}' WHERE settings_name='threads_per_page' AND settings_inf='forum'");
dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$posts_num}' WHERE settings_name='posts_per_page' AND settings_inf='forum'");
//".(isnum($_POST['forum_ips']) ? $_POST['forum_ips'] : "103")."
dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_ips}' WHERE settings_name='forum_ips' AND settings_inf='forum'");
dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$attachmax}' WHERE settings_name='forum_attachmax' AND settings_inf='forum'");
dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$attachmax_count}' WHERE settings_name='forum_attachmax_count' AND settings_inf='forum'");
dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$attachtypes}' WHERE settings_name='forum_attachtypes' AND settings_inf='forum'");
dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$thread_notify}' WHERE settings_name='thread_notify' AND settings_inf='forum'");
dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_ranks}' WHERE settings_name='forum_ranks' AND settings_inf='forum'");
dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_rank_style}' WHERE settings_name='forum_rank_style' AND settings_inf='forum'");
dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_edit_lock}' WHERE settings_name='forum_edit_lock' AND settings_inf='forum'");
dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_edit_timelimit}' WHERE settings_name='forum_edit_timelimit' AND settings_inf='forum'");
dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$popular_threads_timeframe}' WHERE settings_name='popular_threads_timeframe' AND settings_inf='forum'");
dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_last_posts_reply}' WHERE settings_name='forum_last_posts_reply' AND settings_inf='forum'");
dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_last_post_avatar}' WHERE settings_name='forum_last_post_avatar' AND settings_inf='forum'");
dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_editpost_to_lastpost}' WHERE settings_name='forum_editpost_to_lastpost' AND settings_inf='forum'");
addNotice('success', self::$locale['900']);
redirect(FUSION_SELF . $aidlink . '§ion=fs');
}
}
$yes_no_array = array('1' => self::$locale['yes'], '0' => self::$locale['no']);
echo "<div class='well'>" . self::$locale['forum_description'] . "</div>";
echo openform('forum_settings_form', 'post', FUSION_REQUEST, array('class' => 'm-t-20'));
echo "<div class='row'>\n";
echo "<div class='col-xs-12 col-sm-8'>\n";
openside('');
echo "<span class='small pull-right'>* " . self::$locale['506'] . "</span><br/>\n";
echo form_text('numofthreads', self::$locale['505'], $forum_settings['numofthreads'], array('error_text' => self::$locale['error_value'], 'inline' => 1, 'width' => '150px', 'type' => 'number'));
closeside();
openside('');
echo form_text('threads_per_page', self::$locale['forum_080'], $forum_settings['threads_per_page'], array('error_text' => self::$locale['error_value'], 'inline' => 1, 'width' => '150px', 'type' => 'number'));
echo form_text('posts_per_page', self::$locale['forum_081'], $forum_settings['posts_per_page'], array('error_text' => self::$locale['error_value'], 'inline' => 1, 'width' => '150px', 'type' => 'number'));
closeside();
openside('');
echo form_select('thread_notify', self::$locale['512'], $forum_settings['thread_notify'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
closeside();
openside('');
echo "<span class='pull-right position-absolute small' style='right:30px;'>" . self::$locale['537'] . "</span>\n";
echo form_select('forum_edit_timelimit', self::$locale['536'], $forum_settings['forum_edit_timelimit'], array('options' => array('0', '10', '30', '45', '60'), 'max_length' => 2, 'width' => '100px', 'required' => 1, 'error_text' => self::$locale['error_value'], 'inline' => 1));
echo form_select('forum_ips', self::$locale['507'], $forum_settings['forum_ips'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
echo form_select('forum_ranks', self::$locale['520'], $forum_settings['forum_ranks'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
echo form_select('forum_rank_style', self::$locale['forum_064'], $forum_settings['forum_rank_style'], array('options' => array(self::$locale['forum_063'], self::$locale['forum_062']), 'error_text' => self::$locale['error_value'], 'inline' => 1));
echo form_select('forum_last_post_avatar', self::$locale['539'], $forum_settings['forum_last_post_avatar'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
echo form_select('forum_edit_lock', self::$locale['521'], $forum_settings['forum_edit_lock'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
echo form_select('forum_editpost_to_lastpost', self::$locale['538'], $forum_settings['forum_editpost_to_lastpost'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
closeside();
echo "</div>\n";
echo "<div class='col-xs-12 col-sm-4'>\n";
openside('');
$calc_opts = array(1 => 'Bytes (bytes)', 1000 => 'KB (Kilobytes)', 1000000 => 'MB (Megabytes)');
$calc_c = self::calculate_byte($forum_settings['forum_attachmax']);
$calc_b = $forum_settings['forum_attachmax'] / $calc_c;
require_once INCLUDES . "mimetypes_include.php";
$mime = mimeTypes();
$mime_opts = array();
foreach ($mime as $m => $Mime) {
$ext = ".{$m}";
$mime_opts[$ext] = $ext;
}
sort($mime_opts);
echo "<div class='clearfix'>\n";
echo "<span class='pull-right small'>" . self::$locale['509'] . "</span>";
echo "<label for='calc_c'>" . self::$locale['508'] . "</label><br />\n";
echo form_text('calc_b', '', $calc_b, array('required' => 1, 'number' => 1, 'error_text' => self::$locale['error_rate'], 'width' => '100px', 'max_length' => '3', 'class' => 'm-r-10 pull-left'));
echo form_select('calc_c', '', $calc_c, array('options' => $calc_opts, 'placeholder' => self::$locale['choose'], 'class' => 'pull-left', 'width' => '100%'));
echo "</div>\n";
echo "<div class='clearfix'>\n";
echo "<span class='small pull-right'>" . self::$locale['535'] . "</span>\n";
echo "<label for='attachmax_count'>" . self::$locale['534'] . "</label>\n";
echo form_select('forum_attachmax_count', '', $forum_settings['forum_attachmax_count'], array('options' => range(1, 10), 'error_text' => self::$locale['error_value'], 'width' => '100%'));
echo "</div>\n";
echo "<div class='clearfix'>\n";
echo "<span class='small pull-right'>" . self::$locale['511'] . "</span>\n";
echo form_select('forum_attachtypes', self::$locale['510'], $forum_settings['forum_attachtypes'], array('options' => $mime_opts, 'width' => '100%', 'error_text' => self::$locale['error_type'], 'tags' => 1, 'multiple' => 1, 'placeholder' => self::$locale['choose']));
echo "</div>\n";
closeside();
openside('');
$timeframe_opts = array('604800' => self::$locale['527'], '2419200' => self::$locale['528'], '31557600' => self::$locale['529'], '0' => self::$locale['530']);
$lastpost_opts = array('0' => self::$locale['519'], '1' => self::$locale['533']);
for ($i = 2; $i <= 20; $i++) {
$array_opts[$i] = sprintf(self::$locale['532'], $i);
}
if (isset($_GET['action']) && $_GET['action'] == "count_posts") {
echo alert(self::$locale['524'], '', array('class' => 'warning'));
}
echo "<div class='clearfix'>\n";
echo form_select('popular_threads_timeframe', self::$locale['525'], $forum_settings['popular_threads_timeframe'], array('options' => $timeframe_opts, 'error_text' => self::$locale['error_value'], 'width' => '100%'));
echo "</div>\n";
echo "<div class='clearfix'>\n";
echo form_select('forum_last_posts_reply', self::$locale['531'], $forum_settings['forum_last_posts_reply'], array('options' => $lastpost_opts, 'error_text' => self::$locale['error_value'], 'width' => '100%'));
echo "</div>\n";
echo form_button('recount_user_post', self::$locale['523'], '1', array('class' => 'btn-primary btn-block'));
closeside();
echo "</div>\n";
echo "</div>\n";
echo form_button('savesettings', self::$locale['750'], self::$locale['750'], array('class' => 'btn-success'));
echo closeform();
}
} else {
redirect(FUSION_SELF . $aidlink);
}
}
if (isset($_POST['preview'])) {
$blog_blog = "";
if ($_POST['blog_blog']) {
$blog_blog = str_replace("src='" . str_replace("../", "", IMAGES_B), "src='" . IMAGES_B, stripslashes($_POST['blog_blog']));
$blog_blog = parse_textarea($blog_blog);
}
$blog_extended = "";
if ($_POST['blog_extended']) {
$blog_extended = str_replace("src='" . str_replace("../", "", IMAGES_B), "src='" . IMAGES_B, stripslashes($_POST['blog_extended']));
$blog_extended = parse_textarea($blog_extended);
}
$data = array("blog_id" => form_sanitizer($_POST['blog_id'], 0, "blog_id"), "blog_subject" => form_sanitizer($_POST['blog_subject'], '', 'blog_subject'), "blog_cat" => isset($_POST['blog_cat']) && isnum($_POST['blog_cat']) ? $_POST['blog_cat'] : 0, "blog_language" => form_sanitizer($_POST['blog_language'], '', 'blog_language'), "blog_blog" => form_sanitizer($blog_blog, "", "blog_blog"), "blog_extended" => form_sanitizer($blog_extended, "", "blog_extended"), "blog_keywords" => form_sanitizer($_POST['blog_keywords'], '', 'blog_keywords'), "blog_start" => isset($_POST['blog_start']) && $_POST['blog_start'] ? $_POST['blog_start'] : '', "blog_end" => isset($_POST['blog_end']) && $_POST['blog_end'] ? $_POST['blog_end'] : '', "blog_image" => isset($_POST['blog_image']) ? $_POST['blog_image'] : '', "blog_image_t1" => isset($_POST['blog_image_t1']) ? $_POST['blog_image_t1'] : "", "blog_image_t2" => isset($_POST['blog_image_t2']) ? $_POST['blog_image_t2'] : "", "blog_ialign" => isset($_POST['blog_ialign']) ? $_POST['blog_ialign'] : "pull-left", "blog_visibility" => isnum($_POST['blog_visibility']) ? $_POST['blog_visibility'] : "0", "blog_draft" => isset($_POST['blog_draft']) ? TRUE : FALSE, "blog_sticky" => isset($_POST['blog_sticky']) ? TRUE : FALSE, "blog_breaks" => isset($_POST['line_breaks']) ? TRUE : FALSE, "blog_allow_comments" => isset($_POST['blog_allow_comments']) ? TRUE : FALSE, "blog_allow_ratings" => isset($_POST['blog_allow_ratings']) ? TRUE : FALSE, "blog_datestamp" => isset($_POST['blog_datestamp']) ? $_POST['blog_datestamp'] : "");
$data['blog_breaks'] = "";
if (isset($_POST['line_breaks'])) {
$data['blog_breaks'] = TRUE;
$data['blog_blog'] = nl2br(parse_textarea($data['blog_blog']));
if ($data['blog_extended']) {
$data['blog_extended'] = nl2br(parse_textarea($data['blog_extended']));
}
}
if (defender::safe()) {
echo openmodal('blog_preview', $locale['blog_0141']);
echo "<h4>" . $data['blog_subject'] . "</h4>\n";
echo "<p class='text-bigger'>" . parse_textarea($data['blog_blog']) . "</p>\n";
if (isset($data['blog_extended'])) {
echo parse_textarea($data['blog_extended']);
}