if (isset($_REQUEST["m"])) { $xsf = $xsf . "m"; } if (isset($_REQUEST["i"])) { $xsf = $xsf . "i"; } if (!isset($_REQUEST["ns"])) { $xsf = $xsf . "s"; } $r = $_REQUEST["regexp"]; $t = $_REQUEST["text"]; $t1 = replaceSpecial($t); $t1 = preg_replace("/" . replaceSpecial($r) . $xsf, "<span style=\"background:#ffffcd\">\$0</span>", $t1); echo $t1 . "<hr />\n"; preg_match_all("/" . $r . $xsf, $t, $m); echo "<table class=\"table table-bordered\">\n"; echo "<tbody>\n"; for ($i = 0; $i < count($i, 0); $i++) { echo "<tr>\n<td>\n" . $i . "\n</td>\n"; foreach ($m[$i] as $m1) { $m1 = replaceSpecial($m1); echo "<td>" . $m1 . "</td>"; } echo "</tr>\n"; } echo "</tbody>\n"; } ?> </div> </div> </div>
exit; } else { /*****************************************/ $val = "name = '" . str_db($_POST['name']) . "',"; $val .= "min_answer = '" . str_db($_POST['min_answer']) . "',"; $val .= "type = '" . str_db($_POST['type']) . "',"; $val .= "random_question = '" . $randomize . "',"; $val .= "random_num = '" . str_db($_POST['number_random']) . "',"; $val .= "steppize = '" . $steppize . "',"; $val .= "min_answer_option = '" . $active_min_answer . "',"; $val .= "email_quiz = '" . $send_mail . "',"; $val .= "email_subject = '" . str_db($_POST['admin_email_subject']) . "',"; $val .= "email_receiver = '" . str_db($_POST['admin_email']) . "',"; $val .= "email_content = '" . replaceSpecial($_POST['result_message']) . "',"; $val .= "content = '" . replaceSpecial($_POST['quiz_content']) . "',"; $val .= "error_content = '" . replaceSpecial($_POST['cont_error']) . "',"; $val .= "title_visible = '" . $visible . "',"; $val .= "status = '" . $status . "'"; $sql = "update quizzes set " . $val . " where id = '" . $_POST['id'] . "'"; execute($sql); /*******************************************/ $sql = "delete from questions where id_quiz = " . $_POST['id']; execute($sql); $sql = "delete from answers where id_quiz = " . $_POST['id']; execute($sql); /*******************************************/ foreach ($_POST as $key => $val) { if (substr($key, 0, 9) == 'question_') { $record = 'id_quiz,questions'; $valu = "'" . str_db($_POST['id']) . "',"; $valu .= "'" . str_db($val) . "'";
$record .= 'min_answer_option,email_quiz,email_subject,email_receiver,email_content,'; $record .= 'creation_date,content,error_content,title_visible,min_answer,status'; $val = "'" . str_db($_POST['name']) . "',"; $val .= "'" . str_db($rand_cod) . "',"; $val .= "'" . str_db($_POST['type']) . "',"; $val .= "'" . $randomize . "',"; $val .= "'" . str_db($_POST['number_random']) . "',"; $val .= "'" . $steppize . "',"; $val .= "'" . $active_min_answer . "',"; $val .= "'" . $send_mail . "',"; $val .= "'" . str_db($_POST['admin_email_subject']) . "',"; $val .= "'" . str_db($_POST['admin_email']) . "',"; $val .= "'" . replaceSpecial($_POST['result_message']) . "',"; $val .= "'" . date('Y-m-d') . "',"; $val .= "'" . replaceSpecial($_POST['quiz_content']) . "',"; $val .= "'" . replaceSpecial($_POST['cont_error']) . "',"; $val .= "'" . $visible . "',"; $val .= "'" . str_db($_POST['min_answer']) . "',"; $val .= "'" . $status . "'"; $sql = " insert into quizzes ("; $sql .= $record; $sql .= ") VALUES ("; $sql .= $val; $sql .= ")"; execute($sql); $last_id = mysql_insert_id(); Mkdir(path_stored_quizzes . '/' . $last_id, 0755, true); copy(path_rel_sfw . '/get_code.php', path_stored_quizzes . '/' . $last_id . '/' . $rand_cod . '.php'); replace_line_in_file(path_stored_quizzes . '/' . $last_id . '/' . $rand_cod . '.php', "{include}", "require_once('" . path_rel_sfw . "/include/inc_db.php');"); replace_line_in_file(path_stored_quizzes . '/' . $last_id . '/' . $rand_cod . '.php', "{sql_replace}", "\$" . "sqli = 'select * from quizzes where code = \"" . $rand_cod . "\"';"); /*******************************************************************/
function str_db($string) { $string = replaceSpecial($string); return utf8_decode(str_replace('"', '"', $string)); }