//$pass = array_flip(array('pageindex', 'orderby', 'orderdi')); //to pass to next page
$param2 = http_build_query(array_diff_key($_GET, $ignore));
//$param2 = http_build_query(array_intersect_key($_GET, $pass));
if (!empty($param2)) {
$param2 = '?' . $param2 . '&';
} else {
$param2 = '?';
}
$au_id = (int) getgpcvar("au_id", "G");
$my_user_id = (int) @$_SESSION["cusa_admin_usr_id"];
if ($my_user_id <= 0) {
exit;
}
/////////////////////////////////////////////////////////////////
if (isset($_POST['first_name'])) {
$au_id = (int) getgpcvar("au_id", "P");
#/ Check Attempts
include_once '../../includes/check_attempts.php';
#/*
if (check_attempts(5, 'CUSA_ADMIN_MSG_GLOBAL') == false) {
update_attempt_counts();
redirect_me("{$consts['DOC_ROOT_ADMIN']}logout", true);
}
#*/
##/ Validate Fields
include_once '../../includes/form_validator.php';
$form_v = new Valitron\Validator($_POST);
if ($au_id <= 0 || array_key_exists('update_acc_info', $_POST) && $_POST['update_acc_info'] == '1') {
$rules = ['required' => [['first_name'], ['last_name'], ['email_add'], ['new_pass']], 'lengthMax' => [['first_name', 60], ['last_name', 60], ['email_add', 100], ['new_pass', 20]], 'lengthMin' => [['new_pass', 7]], 'email' => [['email_add']]];
} else {
$rules = ['required' => [['first_name'], ['last_name'], ['email_add']], 'lengthMax' => [['first_name', 60], ['last_name', 60], ['email_add', 100]], 'email' => [['email_add']]];
$_POST = format_str($_POST);
$_GET = format_str($_GET);
$ignore = array_flip(array('conf_id'));
//for move within OPERATION page
$param2 = http_build_query(array_diff_key($_GET, $ignore));
if (!empty($param2)) {
$param2 = '?' . $param2 . '&';
} else {
$param2 = '?';
}
$conf_id = (int) getgpcvar("conf_id", "G");
$back_page = "system_config.php";
$cur_page = cur_page();
/////////////////////////////////////////////////////////////////
if (isset($_POST['title'])) {
$conf_id = (int) getgpcvar("conf_id", "P");
##/ Validate Fields
include_once '../../includes/form_validator.php';
$form_v = new Valitron\Validator($_POST);
$rules = ['required' => [['title'], ['c_value']], 'lengthMax' => [['title', 100], ['c_value', 50]]];
$form_v->labels(array('title' => 'Title', 'c_value' => 'Value'));
$form_v->rules($rules);
$form_v->validate();
$fv_errors = $form_v->errors();
//var_dump("<pre>", $_POST, $fv_errors); die();
#-
if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) {
if ($conf_id > 0) {
###/ Updating Database
#/ system_config
$sql_tb1 = "UPDATE system_config SET title='{$_POST['title']}', c_value='{$_POST['c_value']}'\n WHERE id='{$conf_id}'";
$_POST = format_str($_POST);
$_GET = format_str($_GET);
$ignore = array_flip(array('misc_id'));
//for move within OPERATION page
$param2 = http_build_query(array_diff_key($_GET, $ignore));
if (!empty($param2)) {
$param2 = '?' . $param2 . '&';
} else {
$param2 = '?';
}
$misc_id = (int) getgpcvar("misc_id", "G");
$back_page = "site_misc_data.php";
$cur_page = cur_page();
/////////////////////////////////////////////////////////////////
if (isset($_POST['title'])) {
$misc_id = (int) getgpcvar("misc_id", "P");
//die('x');
##/ Validate Fields
include_once '../../includes/form_validator.php';
$form_v = new Valitron\Validator($_POST);
$rules = ['required' => [['title'], ['m_value'], ['m_cat']], 'lengthMax' => [['title', 250], ['m_cat', 70]]];
$form_v->labels(array('title' => 'Name / Title', 'm_value' => 'Value', 'm_cat' => 'Category'));
$form_v->rules($rules);
$form_v->validate();
$fv_errors = $form_v->errors();
//var_dump("<pre>", $_POST, $fv_errors); die();
#-
if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) {
$content_type = @$_POST['content_type'];
if ($content_type == 'html') {
$m_value = rem_risky_tags($_POST_ori['m_value']);
$_POST = format_str($_POST);
$_GET = format_str($_GET);
$ignore = array_flip(array('pc_id'));
//for back to LIST
$param2 = http_build_query(array_diff_key($_GET, $ignore));
if (!empty($param2)) {
$param2 = '?' . $param2 . '&';
} else {
$param2 = '?';
}
$pc_id = (int) getgpcvar("pc_id", "G");
$back_page = "pages_categories.php";
$cur_page = cur_page();
/////////////////////////////////////////////////////////////////
if (isset($_POST['title'])) {
$pc_id = (int) getgpcvar("pc_id", "P");
##/ Validate Fields
include_once '../../includes/form_validator.php';
$form_v = new Valitron\Validator($_POST);
$rules = ['required' => [['title']], 'lengthMax' => [['title', 60]]];
$form_v->rules($rules);
$form_v->validate();
$fv_errors = $form_v->errors();
//var_dump("<pre>", $_POST, $fv_errors); die();
#-
if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) {
$is_active = (int) @$_POST['is_active'];
if ($pc_id > 0) {
###/ Updating Database
#/ page_categories
$sql_page_categories = "UPDATE page_categories SET title='{$_POST['title']}',\n is_active='{$is_active}' WHERE id='{$pc_id}'";
break;
case '4':
$orderby = 'sp.is_active';
break;
case '5':
$orderby = 'popup_only';
break;
case '6':
$orderby = 'sp.id';
break;
}
$orderdi = getgpcvar("orderdi", "G");
if (in_array($orderdi, array("ASC", "DESC")) == false) {
$orderdi = "DESC";
}
$pageindex = (int) getgpcvar("pageindex", "G");
if ($pageindex < 0) {
$pageindex = 0;
}
$pagesize = 30;
$query = sprintf("SELECT sp.*, sp.id as sp_id, st.seo_tag, pc.title as cat_title\n\n FROM site_pages sp\n LEFT JOIN seo_tags st ON st.id = sp.seo_tag_id\n LEFT JOIN page_categories pc ON sp.cat_id=pc.id\n\n WHERE 1 = 1 %s\n\tORDER BY %s %s\n LIMIT %d, %d\n\t", $where, $orderby, $orderdi, $pageindex * $pagesize, $pagesize);
//echo '<pre>'.$query; die();
#### ---
$token = mysql_query($query) or die(mysql_error());
$recrd = mysql_fetch_assoc($token);
switch ($orderby) {
case 'sp.title':
$orderby = '1';
break;
case 'st.seo_tag':
$orderby = '2';
//for move within OPERATION page
$param2 = http_build_query(array_diff_key($_GET, $ignore));
if (!empty($param2)) {
$param2 = '?' . $param2 . '&';
} else {
$param2 = '?';
}
$u_id = (int) getgpcvar("u_id", "G");
$read_only = (int) getgpcvar("ro", "G");
//$read_only = 1; //testing
$back_page = "users.php";
$cur_page = cur_page();
/////////////////////////////////////////////////////////////////
if ($read_only <= 0) {
if (isset($_POST['first_name'])) {
$u_id = (int) getgpcvar("u_id", "P");
##/ Validate Fields
include_once '../../includes/form_validator.php';
$form_v = new Valitron\Validator($_POST);
$rules = ['required' => [['package_id'], ['email_add'], ['first_name'], ['last_name'], ['screen_name']], 'lengthMin' => [['screen_name', 5]], 'lengthMax' => [['email_add', 120], ['first_name', 50], ['middle_name', 20], ['last_name', 50], ['company_name', 100], ['screen_name', 50], ['address_ln_1', 200], ['city', 180], ['country_code', 2], ['state', 50], ['zip', 20]], 'email' => [['email_add']], 'slug' => [['screen_name']]];
$form_v->labels(array('package_id' => 'Membership Package', 'email_add' => 'Email Address', 'country_code' => 'Country'));
$form_v->rules($rules);
$form_v->validate();
$fv_errors = $form_v->errors();
//var_dump("<pre>", $_POST, $fv_errors); die();
#-
#/ Check if Email Add exists
if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) {
$chk_user = mysql_exec("SELECT email_add FROM users WHERE email_add='{$_POST['email_add']}' and id!='{$u_id}'", 'single');
if (!empty($chk_user)) {
$fv_errors[] = array('This Email Address is already used, please try a different one!');
$_POST = format_str($_POST);
$_GET = format_str($_GET);
$ignore = array_flip(array('sp_id'));
//for move within OPERATION page
$param2 = http_build_query(array_diff_key($_GET, $ignore));
if (!empty($param2)) {
$param2 = '?' . $param2 . '&';
} else {
$param2 = '?';
}
$sp_id = (int) getgpcvar("sp_id", "G");
$back_page = "site_pages.php";
$cur_page = cur_page();
/////////////////////////////////////////////////////////////////
if (isset($_POST['seo_tag'])) {
$sp_id = (int) getgpcvar("sp_id", "P");
$seo_tag_id = (int) @$_POST['seo_tag_id'];
$content_type = @$_POST['content_type'];
$self_managed = (int) @$_POST['self_managed'];
##/ Validate Fields
include_once '../../includes/form_validator.php';
$form_v = new Valitron\Validator($_POST);
if ($content_type == 'pdf') {
$rules = ['required' => [['title'], ['seo_tag']], 'lengthMax' => [['title', 60], ['seo_tag', 30]], 'slug' => [['seo_tag']]];
} else {
if ($content_type == 'html') {
if ($self_managed == '1') {
$rules = ['required' => [['title'], ['seo_tag'], ['page_heading']], 'lengthMax' => [['title', 60], ['seo_tag', 30], ['page_heading', 150]], 'slug' => [['seo_tag']]];
} else {
$rules = ['required' => [['title'], ['seo_tag'], ['page_heading'], ['pg_content']], 'lengthMax' => [['title', 60], ['seo_tag', 30], ['page_heading', 150]], 'slug' => [['seo_tag']]];
}
$_POST = format_str($_POST);
$_GET = format_str($_GET);
$ignore = array_flip(array('med_id'));
//for move within OPERATION page
$param2 = http_build_query(array_diff_key($_GET, $ignore));
if (!empty($param2)) {
$param2 = '?' . $param2 . '&';
} else {
$param2 = '?';
}
$med_id = (int) getgpcvar("med_id", "G");
$back_page = "site_media.php";
$cur_page = cur_page();
/////////////////////////////////////////////////////////////////
if (isset($_POST['m_cat'])) {
$med_id = (int) getgpcvar("med_id", "P");
##/ Validate Fields
include_once '../../includes/form_validator.php';
$form_v = new Valitron\Validator($_POST);
$rules = ['required' => [['m_cat']], 'lengthMax' => [['m_cat', 25], ['alt_text', 100]]];
$form_v->rules($rules);
$form_v->validate();
$fv_errors = $form_v->errors();
//var_dump("<pre>", $_POST, $fv_errors); die();
#-
if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) {
###/ Image processing & savings
include_once '../../includes/resize_images.php';
$up_path = "../assets/images_2/media/";
//if(!is_dir($up_path)){mkdir($up_path, 0705, true);}
#/ Determine $m_type
/////////////////////////////////////////////////////////////////////
include_once '../../includes/format_str.php';
include_once '../../includes/func_1.php';
include_once '../../includes/db_lib.php';
include_once "../../includes/admin/functions.php";
$_POST = format_str($_POST);
$_GET = format_str($_GET);
$ignore = array_flip(array('vc_id'));
//for move within OPERATION page
$param2 = http_build_query(array_diff_key($_GET, $ignore));
if (!empty($param2)) {
$param2 = '?' . $param2 . '&';
} else {
$param2 = '?';
}
$vc_id = (int) getgpcvar("vc_id", "G");
$cur_page = cur_page();
/////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////
#### Get record if EDIT Mode
$empt = $empt_2 = $total = array();
$vote_list = '';
if ($vc_id && empty($empt)) {
$query = sprintf("SELECT vv.*, uv.question_text, u.email_add\n FROM user_voices uv\n RIGHT JOIN voices_votes vv ON vv.voice_id=uv.id\n LEFT JOIN users u ON u.id=vv.user_id\n WHERE voice_id='%d'\n ORDER BY voted_on DESC", $vc_id);
/*$token = mysql_query($query, $cn1); //or die(mysql_error($cn1));
$empt = @mysql_fetch_assoc($token);
$empt2 = $empt;*/
$empt = mysql_exec($query);
if ($empt == false || empty($empt)) {
die("Record Not Found !");
}
}
$read_only = (int) getgpcvar("ro", "G");
//$read_only = 1; //test
$btr = (int) getgpcvar("btr", "G");
$bkr = (string) getgpcvar("bkr", "G");
if ($user_select <= 0) {
$back_page = "user_payments.php";
} else {
$back_page = urldecode($bkr);
$param2 = '';
}
$cur_page = cur_page();
/////////////////////////////////////////////////////////////////
if ($user_select > 0) {
if (isset($_POST['user_select'])) {
$user_select = (int) getgpcvar("user_select", "P");
##/ Validate Fields
include_once '../../includes/form_validator.php';
$form_v = new Valitron\Validator($_POST);
$rules = ['required' => [['invoice'], ['amount'], ['paid_on'], ['payment_status'], ['gateway_name']], 'lengthMax' => [['invoice', 30], ['transaction_id', 150], ['gateway_name', 50], ['gateway_payer_id', 100], ['gateway_msg', 500], ['payment_status', 30]], 'numeric' => [['amount']]];
$form_v->labels(array('paid_on' => 'Payment Date', 'gateway_name' => 'Payment Gateway'));
$form_v->rules($rules);
$form_v->validate();
$fv_errors = $form_v->errors();
//var_dump("<pre>", $_POST, $fv_errors); //die();
#-
#/ Check if Email Add exists
if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) {
$chk_user = mysql_exec("SELECT invoice FROM user_payments WHERE invoice='{$_POST['invoice']}'", 'single');
if (!empty($chk_user)) {
$fv_errors[] = array('This Invoice is already used, please try a different one!');
if (!empty($param2)) {
$param2 = '?' . $param2 . '&';
} else {
$param2 = '?';
}
$vc_id = (int) getgpcvar("vc_id", "G");
$back_page = "voices.php";
$cur_page = cur_page();
if ($vc_id <= 0) {
redirect_me("{$consts['DOC_ROOT_ADMIN']}{$back_page}{$param2}", true);
//prevent add
}
/////////////////////////////////////////////////////////////////
if (isset($_POST['question_text'])) {
$vc_id = (int) getgpcvar("vc_id", "P");
$user_id = (int) getgpcvar("user_id", "P");
##/ Validate Fields
include_once '../../includes/form_validator.php';
$form_v = new Valitron\Validator($_POST);
$rules = ['required' => [['question_text'], ['voice_cat_id'], ['user_id']], 'lengthMax' => [['question_text', 170]]];
$form_v->labels(array('question_text' => 'Voice Question', 'voice_cat_id' => 'Voice Category', 'user_id' => 'User Info'));
$form_v->rules($rules);
$form_v->validate();
$fv_errors = $form_v->errors();
//var_dump("<pre>", $_POST, $fv_errors); die();
#-
if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) {
$voice_details = rem_risky_tags($_POST_ori['voice_details']);
$_POST['is_blocked'] = (int) @$_POST['is_blocked'];
##/ Set Voice Tags
$voice_tag_ids = '';
$_POST = format_str($_POST);
$_GET = format_str($_GET);
$ignore = array_flip(array('pkg_id'));
//for move within OPERATION page
$param2 = http_build_query(array_diff_key($_GET, $ignore));
if (!empty($param2)) {
$param2 = '?' . $param2 . '&';
} else {
$param2 = '?';
}
$pkg_id = (int) getgpcvar("pkg_id", "G");
$back_page = "packages.php";
$cur_page = cur_page();
/////////////////////////////////////////////////////////////////
if (isset($_POST['title'])) {
$pkg_id = (int) getgpcvar("pkg_id", "P");
##/ Validate Fields
include_once '../../includes/form_validator.php';
$form_v = new Valitron\Validator($_POST);
$_POST['is_recursive'] = (int) @$_POST['is_recursive'];
$rules = ['required' => [['title'], ['cost'], ['display_order']], 'lengthMax' => [['title', 100]], 'integer' => [['display_order']], 'numeric' => [['cost'], ['recursive_cost']]];
if ($_POST['is_recursive'] == 1) {
$rules['min'] = [['recursive_cost', 1]];
}
$form_v->labels(array('recursive_cost' => 'Dues Amount'));
$form_v->rules($rules);
$form_v->validate();
$fv_errors = $form_v->errors();
//var_dump("<pre>", $_POST, $fv_errors); die();
#-
if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) {
$fv_msg_ar = array();
foreach ($fv_errors as $fv_k => $fv_v) {
$fv_msg_ar = array_merge($fv_msg_ar, $fv_v);
}
$fv_msg .= @implode('<br />- ', $fv_msg_ar);
//var_dump($fv_msg); die();
$_SESSION["CUSA_ADMIN_MSG_GLOBAL"] = array(false, $fv_msg);
update_attempt_counts();
}
}
////end if post.................................
//////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////
#### Get record if EDIT Mode
$empt = array();
$id = (int) getgpcvar("id", "G");
if ($id) {
$query = sprintf("SELECT * FROM admin_users WHERE id='%d'", $id);
$token = mysql_query($query, $cn1);
// or die(mysql_error($cn1));
$empt = @mysql_fetch_assoc($token);
if ($empt == false) {
$_SESSION["CUSA_ADMIN_MSG_GLOBAL"] = array(false, "Record Not Found !");
redirect_me("{$consts['DOC_ROOT_ADMIN']}home", true);
}
}
if (isset($_POST['first_name'])) {
$empt = $_POST;
}
///////////////////////////////////////////////////////////////////
$pg_title = "Admin Settings";
$section_id = 8;
include_once 'includes/check_permission.php';
/////////////////////////////////////////////////////////////////////
include_once '../../includes/format_str.php';
include_once '../../includes/func_1.php';
include_once '../../includes/db_lib.php';
include_once "../../includes/admin/functions.php";
$_POST = format_str($_POST);
$_GET = format_str($_GET);
$my_user_id = (int) @$_SESSION["cusa_admin_usr_id"];
if ($my_user_id <= 0) {
exit;
}
/////////////////////////////////////////////////////////////////////////
$search_it = (int) @getgpcvar("search_it", "G");
$sr_tag = @getgpcvar("term", "G");
if (empty($sr_tag) || $search_it <= 0) {
exit;
}
/////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////////////////
$recrd = false;
#### Build SQL
$where = "";
##### Search String
if ($search_it) {
include_once "../../includes/srch_lib.php";
$src = new srch_h();
$get_where = '';
if (!empty($sr_tag)) {
$get_where .= $src->where_it($sr_tag, 'tag', 'tag');
$_POST = format_str($_POST);
$_GET = format_str($_GET);
$ignore = array_flip(array('vt_id'));
//for move within OPERATION page
$param2 = http_build_query(array_diff_key($_GET, $ignore));
if (!empty($param2)) {
$param2 = '?' . $param2 . '&';
} else {
$param2 = '?';
}
$vt_id = (int) getgpcvar("vt_id", "G");
$back_page = "voice_tags.php";
$cur_page = cur_page();
/////////////////////////////////////////////////////////////////
if (isset($_POST['tag'])) {
$vt_id = (int) getgpcvar("vt_id", "P");
##/ Validate Fields
include_once '../../includes/form_validator.php';
$form_v = new Valitron\Validator($_POST);
$rules = ['required' => [['tag']], 'lengthMin' => [['tag', 5]], 'lengthMax' => [['tag', 100]], 'slug' => [['tag']]];
$form_v->labels(array('tag' => 'Voice Tag'));
$form_v->rules($rules);
$form_v->validate();
$fv_errors = $form_v->errors();
//var_dump("<pre>", $_POST, $fv_errors); die();
#-
#/ Check if Email Add exists
if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) {
$chk_user = mysql_exec("SELECT tag FROM voice_tags WHERE tag='{$_POST['tag']}' and id!='{$vt_id}'", 'single');
if (!empty($chk_user)) {
$fv_errors[] = array('This Voice Tag is already used, please try a different one!');
