Exemple #1
function set_export_method($method, $data)
    global $db, $board_config;
    $data['method'] = $method;
    $str = xs_sql(serialize($data));
    $sql = isset($board_config['xs_export_data']) ? "UPDATE " . CONFIG_TABLE . " SET config_value='{$str}' WHERE config_name='xs_export_data'" : "INSERT INTO " . CONFIG_TABLE . " (config_name, config_value) VALUES ('xs_export_data', '{$str}')";
         $shownav += $num;
 if ($shownav !== $board_config['xs_shownav']) {
     $template->assign_block_vars('left_refresh', array('ACTION' => append_sid('index.' . $phpEx . '?pane=left')));
 $HTTP_POST_VARS['xs_shownav'] = $shownav;
 // checking submitted data
 $update_time = false;
 foreach ($vars as $var) {
     $new[$var] = stripslashes(trim($HTTP_POST_VARS[$var]));
     if ($var == 'xs_auto_recompile' && !$new['xs_auto_compile']) {
         $new[$var] = 0;
     if ($board_config[$var] !== $new[$var]) {
         if ($sql = set_config($var, xs_sql($new[$var]))) {
             xs_error(str_replace('{VAR}', $var, $lang['xs_config_sql_error']) . '<br /><br />' . $lang['xs_config_back'], __LINE__, __FILE__);
         if ($var === 'xs_check_switches') {
             $update_time = true;
 if ($update_time) {
     $board_config['xs_template_time'] = time() + 10;
     // set time 10 seconds in future in case if some tpl file would be compiled right now with current settings
     $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '" . $board_config['xs_template_time'] . "' WHERE config_name = 'xs_template_time'";
     if (!$db->sql_query($sql)) {
         xs_error(str_replace('{VAR}', 'xs_template_time', $lang['xs_config_sql_error']) . '<br /><br />' . $lang['xs_config_back'], __LINE__, __FILE__);
        if (!($row = $db->sql_fetchrow($result))) {
            if (defined('XS_CLONING')) {
            xs_error($lang['xs_import_notinstall4'] . '<br /><br />' . $lang['xs_import_back']);
        $installed = $row['total'] + 1;
        $style_data['themes_id'] = $installed;
        $sql1 = $sql2 = '';
        foreach ($style_data as $var => $value) {
            if ($sql1) {
                $sql1 .= ', ';
                $sql2 .= ', ';
            $sql1 .= xs_sql($var);
            $sql2 .= "'" . str_replace("\\'", "''", $value) . "'";
        $sql = "INSERT INTO " . THEMES_TABLE . " (" . $sql1 . ") VALUES (" . $sql2 . ")";
    if (!($result = $db->sql_query($sql))) {
        if (defined('XS_CLONING')) {
        xs_error($lang['xs_import_notinstall5'] . '<br /><br />' . $lang['xs_import_back']);
    if ($default_name === $style_name) {
        set_config('default_style', $installed);
if (defined('XS_CLONING')) {
Exemple #4
         $shownav += $num;
 if ($shownav !== $board_config['xs_shownav']) {
     $template->assign_block_vars('left_refresh', array('ACTION' => append_sid('index.' . $phpEx . '?pane=left')));
 $HTTP_POST_VARS['xs_shownav'] = $shownav;
 // checking submitted data
 $update_time = false;
 foreach ($vars as $var) {
     $new[$var] = stripslashes(trim($HTTP_POST_VARS[$var]));
     if ($var == 'xs_auto_recompile' && !$new['xs_auto_compile']) {
         $new[$var] = 0;
     if ($board_config[$var] !== $new[$var]) {
         $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '" . xs_sql($new[$var]) . "' WHERE config_name = '{$var}'";
         if (!$db->sql_query($sql)) {
             xs_error(str_replace('{VAR}', $var, $lang['xs_config_sql_error']) . '<br /><br />' . $lang['xs_config_back'], __LINE__, __FILE__);
         $board_config[$var] = $new[$var];
         if ($var === 'xs_check_switches') {
             $update_time = true;
 if ($update_time) {
     $board_config['xs_template_time'] = time() + 10;
     // set time 10 seconds in future in case if some tpl file would be compiled right now with current settings
     $sql = "UPDATE " . CONFIG_TABLE . " SET config_value = '" . $board_config['xs_template_time'] . "' WHERE config_name = 'xs_template_time'";
     if (!$db->sql_query($sql)) {
         xs_error(str_replace('{VAR}', 'xs_template_time', $lang['xs_config_sql_error']) . '<br /><br />' . $lang['xs_config_back'], __LINE__, __FILE__);
        if (!($row = $db->sql_fetchrow($result))) {
            if (defined('XS_CLONING')) {
            xs_error($lang['xs_import_notinstall4'] . '<br /><br />' . $lang['xs_import_back']);
        $installed = $row['total'] + 1;
        $style_data['themes_id'] = $installed;
        $sql1 = $sql2 = '';
        foreach ($style_data as $var => $value) {
            if ($sql1) {
                $sql1 .= ', ';
                $sql2 .= ', ';
            $sql1 .= xs_sql($var);
            $sql2 .= "'" . xs_sql($value) . "'";
        $sql = "INSERT INTO " . THEMES_TABLE . " (" . $sql1 . ") VALUES (" . $sql2 . ")";
    if (!($result = $db->sql_query($sql))) {
        if (defined('XS_CLONING')) {
        xs_error($lang['xs_import_notinstall5'] . '<br /><br />' . $lang['xs_import_back']);
    if ($default_name === $style_name) {
        $sql = "UPDATE " . CONFIG_TABLE . " SET config_value='{$installed}' WHERE config_name='default_style'";
        $board_config['default_style'] = $installed;
Exemple #6
        if (!empty($config)) {
if (!empty($HTTP_POST_VARS['add_url']) && !defined('DEMO_MODE')) {
    $id = $board_config['xs_downloads_count'];
    $update = array();
    $update['xs_downloads_' . $id] = stripslashes($HTTP_POST_VARS['add_url']);
    $update['xs_downloads_title_' . $id] = stripslashes($HTTP_POST_VARS['add_title']);
    $update['xs_downloads_count'] = $board_config['xs_downloads_count'] + 1;
    foreach ($update as $var => $value) {
        if (isset($board_config[$var])) {
            $sql = "UPDATE " . CONFIG_TABLE . " SET config_value='" . xs_sql($value) . "' WHERE config_name='" . $var . "'";
        } else {
            $sql = "INSERT INTO " . CONFIG_TABLE . " (config_name, config_value) VALUES ('" . $var . "', '" . xs_sql($value) . "')";
        $board_config[$var] = $value;
    // update config cache
    if (defined('XS_MODS_CATEGORY_HIERARCHY210') && !empty($config)) {
for ($i = 0; $i < $board_config['xs_downloads_count']; $i++) {
    $row_class = $xs_row_class[$i % 2];
    $template->assign_block_vars('url', array('ROW_CLASS' => $row_class, 'NUM' => $i, 'NUM1' => $i + 1, 'URL' => htmlspecialchars($board_config['xs_downloads_' . $i]), 'TITLE' => htmlspecialchars($board_config['xs_downloads_title_' . $i]), 'U_DOWNLOAD' => append_sid('xs_download.' . $phpEx . '?url=' . $i), 'U_EDIT' => append_sid('xs_download.' . $phpEx . '?edit=' . $i)));
$template->assign_vars(array('U_POST' => append_sid('xs_download.' . $phpEx)));
$template->set_filenames(array('body' => XS_TPL_PATH . 'downloads.tpl'));
Exemple #7
 $data_name_insert_vars = array('themes_id');
 $data_name_insert_values = array($id);
 $data_name_update = array();
 foreach ($HTTP_POST_VARS as $var => $value) {
     if (substr($var, 0, 5) === 'edit_') {
         $var = substr($var, 5);
         $value = stripslashes($value);
         $data_item[$var] = $value;
         $data_item_update[] = $var . "='" . xs_sql($value) . "'";
     } elseif (substr($var, 0, 5) === 'name_') {
         $var = substr($var, 5) . '_name';
         $value = stripslashes($value);
         $data_name[$var] = $value;
         $data_name_update[] = $var . "='" . xs_sql($value) . "'";
         $data_name_insert_vars[] = $var;
         $data_name_insert_values[] = xs_sql($value);
 // update item
 $sql = "UPDATE " . THEMES_TABLE . " SET " . implode(',', $data_item_update) . " WHERE themes_id='{$id}'";
 if (!($result = $db->sql_query($sql))) {
     xs_error($lang['xs_edittpl_error_updating'] . '<br /><br />' . $lang['xs_edittpl_back_edit'] . '<br /><br />' . $lang['xs_edittpl_back_list'], __LINE__, __FILE__);
 // check if there is name
 $sql = "SELECT themes_id FROM " . THEMES_NAME_TABLE . " WHERE themes_id='{$id}'";
 if (!($result = $db->sql_query($sql))) {
     $sql = "INSERT INTO " . THEMES_NAME_TABLE . " (" . implode(',', $data_name_insert_vars) . ") VALUES ('" . implode("', '", $data_name_insert_values) . "')";
 $item = $db->sql_fetchrow($result);
 if (!is_array($item)) {
     $sql = "INSERT INTO " . THEMES_NAME_TABLE . " (" . implode(',', $data_name_insert_vars) . ") VALUES ('" . implode("', '", $data_name_insert_values) . "')";
Exemple #8
    // prepare import variables
    $total = $count;
    $HTTP_POST_VARS['total'] = $count;
    $list_only = false;
    $get_file = '';
    define('XS_CLONING', true);
    $lang['xs_import_back'] = $lang['xs_clone_back'];
    include 'xs_include_import.' . $phpEx;
    include 'xs_include_import2.' . $phpEx;
// clone style menu
if (!empty($HTTP_GET_VARS['clone'])) {
    $style = stripslashes($HTTP_GET_VARS['clone']);
    $sql = "SELECT themes_id, style_name FROM " . THEMES_TABLE . " WHERE template_name = '" . xs_sql($style) . "' ORDER BY style_name ASC";
    if (!($result = $db->sql_query($sql))) {
        xs_error($lang['xs_no_theme_data'] . '<br /><br />' . $lang['xs_clone_back'], __LINE__, __FILE__);
    $theme_rowset = $db->sql_fetchrowset($result);
    if (count($theme_rowset) == 0) {
        xs_error($lang['xs_no_themes'] . '<br /><br />' . $lang['xs_clone_back']);
    $template->set_filenames(array('body' => XS_TPL_PATH . 'clone2.tpl'));
    // clone template
    $template->assign_vars(array('FORM_ACTION' => append_sid('xs_clone.' . $phpEx), 'CLONE_TEMPLATE' => htmlspecialchars($style), 'STYLE_ID' => $theme_rowset[0]['themes_id'], 'STYLE_NAME' => htmlspecialchars($theme_rowset[0]['style_name']), 'TOTAL' => count($theme_rowset), 'L_CLONE_STYLE3' => str_replace('{STYLE}', htmlspecialchars($style), $lang['xs_clone_style3'])));
    // clone styles
    for ($i = 0; $i < count($theme_rowset); $i++) {
        $template->assign_block_vars('styles', array('ID' => $theme_rowset[$i]['themes_id'], 'TPL' => htmlspecialchars($theme_rowset[$i]['template_name']), 'STYLE' => htmlspecialchars($theme_rowset[$i]['style_name']), 'L_CLONE' => str_replace('{STYLE}', htmlspecialchars($theme_rowset[$i]['style_name']), $lang['xs_clone_style2'])));
    if (count($theme_rowset) == 1) {
            $update['xs_downloads_' . $i] = $update['xs_downloads_' . ($i + 1)];
            $update['xs_downloads_title_' . $i] = $update['xs_downloads_title_' . ($i + 1)];
        $update['xs_downloads_' . ($total - 1)] = '';
        $update['xs_downloads_title_' . ($total - 1)] = '';
    } else {
        $update['xs_downloads_' . $id] = stripslashes($HTTP_POST_VARS['edit_url']);
        $update['xs_downloads_title_' . $id] = stripslashes($HTTP_POST_VARS['edit_title']);
    foreach ($update as $var => $value) {
        set_config($var, xs_sql($value));
if (!empty($HTTP_POST_VARS['add_url']) && !defined('DEMO_MODE')) {
    $id = $board_config['xs_downloads_count'];
    $update = array();
    $update['xs_downloads_' . $id] = stripslashes($HTTP_POST_VARS['add_url']);
    $update['xs_downloads_title_' . $id] = stripslashes($HTTP_POST_VARS['add_title']);
    $update['xs_downloads_count'] = $board_config['xs_downloads_count'] + 1;
    foreach ($update as $var => $value) {
        set_config($var, xs_sql($value));
for ($i = 0; $i < $board_config['xs_downloads_count']; $i++) {
    $row_class = $xs_row_class[$i % 2];
    $template->assign_block_vars('url', array('ROW_CLASS' => $row_class, 'NUM' => $i, 'NUM1' => $i + 1, 'URL' => htmlspecialchars($board_config['xs_downloads_' . $i]), 'TITLE' => htmlspecialchars($board_config['xs_downloads_title_' . $i]), 'U_DOWNLOAD' => append_sid('xs_download.' . $phpEx . '?url=' . $i), 'U_EDIT' => append_sid('xs_download.' . $phpEx . '?edit=' . $i)));
$template->assign_vars(array('U_POST' => append_sid('xs_download.' . $phpEx)));
$template->set_filenames(array('body' => 'downloads.tpl'));