$cfig = @parse_ini_file('../cfig/config.ini'); include '../../../cfig/conexao.php'; require_once '../libs/NWD.class.php'; require_once '../libs/Strings.class.php'; require_once '../libs/UpdatePos.class.php'; foreach ($_POST as $postField => $postValue) { ${$postField} = addslashes($postValue); } $start = @$calls * $cfig['query list limit']; $limit = $cfig['query list limit']; //--------------------------------------------------------------------------------------------------------- // LISTAR //--------------------------------------------------------------------------------------------------------- if ($act == 'Listar') { $result = array(); $path = NWD::getFullPath(-3); $sql = mysql_query("SELECT * FROM categorias WHERE parent = '{$parent}' ORDER BY pos ASC LIMIT {$start}, {$limit} "); $i = 0; while ($r = mysql_fetch_assoc($sql)) { $id = $r['id']; $pos = $r['pos']; $i++; $titulo = $r['titulo'] ? $r['titulo'] : 'Categoria ' . ($i < 10 ? '0' . $i : $i); $imgurl = 'images/categorias/' . $r['imagem']; $thumburl = 'images/categorias/thumbs/' . $r['imagem']; $thumb = is_file('../../../' . $thumburl) ? $path . '/' . $thumburl : (is_file('../../../' . $imgurl) ? $path . '/' . $imgurl : $path . '/adm/v3/images/no-image.png'); $item = '<li id="item' . $id . '" class="item ' . ($r['ativo'] == 0 ? 'disabled' : 'enabled') . '" style="display:none">'; $item .= '<div class="title-holder" onmouseenter="titleMouseEnter(\'' . $id . '\')" onmouseleave="titleMouseLeave(\'' . $id . '\')">'; $item .= '<img src="' . $thumb . '" class="thumb"/>'; $item .= '<span class="title">' . $pos . ' - ' . $titulo . '</span>'; $item .= '<span class="editBtn" onclick="openPopAddItem(\'' . $id . '\')" style="display:none"></span>';
} $required = required(); if ($required) { $res['result'] = false; $res['message'] = $required; } else { $r = mysql_fetch_assoc($query = mysql_query("SELECT lembrete FROM usuarios WHERE email = '{$email}' {$nivelfilter} {$blockfilter} LIMIT 1")); $res['result'] = true; $res['message'] = '<span class="success">Lembrete de senha: <b>' . $r['lembrete'] . '</b></span>'; if (isset($_SESSION["err_login"]) && $_SESSION["err_login"] > $limit_err - 5) { $_SESSION["err_login"] = $limit_err - 5; } } echo json_encode($res); } //----------------------------------------------------------------------------------------------------------------------------------------------- // ENVIAR SENHA POR EMAIL //----------------------------------------------------------------------------------------------------------------------------------------------- if ($act == 'Nao Lembrei') { $user = mysql_fetch_assoc(mysql_query("SELECT user, senha, email FROM usuarios WHERE email = '{$email}' {$nivelfilter} {$blockfilter} LIMIT 1")); $assunto = 'Sua Senha !'; $msgin = array('[usuario]', '[senha]', '[email]', '[url]'); $msgout = array($user['user'], $user['senha'], $user['email'], NWD::getFullPath(-2)); $mensagem = str_replace($msgin, $msgout, file_get_contents('../emails/login_lembrar_senha.html')); $sendmail = NWD::sendEmail($user['email'], $mensagem, $assunto); if (@$sendmail) { echo true; } else { echo '<span class="error">Encontramos seu cadastro<br/>mas não foi possível enviá-lo para seu email.</span>'; } }
} break; //---------------------------------------------------------------------------------------------------------------------- // LISTAR //---------------------------------------------------------------------------------------------------------------------- //---------------------------------------------------------------------------------------------------------------------- // LISTAR //---------------------------------------------------------------------------------------------------------------------- case 'Listar': $sql = mysql_query("SELECT * FROM arquivos WHERE categ = '{$catid}' ORDER BY pos ASC"); while ($row = mysql_fetch_object($sql)) { $extensao = strtolower(str_replace('.', '', strrchr($row->arquivo, '.'))); if ($extensao == 'jpg' || $extensao == 'jpeg' || $extensao == 'png' || $extensao == 'gif' || $extensao == 'bmp') { $thumb = _fullpath . '/' . $pastaDestino . $row->arquivo; } else { $thumb = NWD::getFullPath(-1) . '/images/' . $extensao . '.png'; } $enabled = $row->ativo == 1 ? 'enabled' : 'disabled'; echo '<div id="item-' . $row->id . '" class="data-item ' . $enabled . '" data-cod="' . $row->id . '" >'; echo '<div class="actions">'; echo '<div class="statusButton" onclick="publicarArq(\'' . $row->id . '\')"> </div>'; echo '<div class="editButton" onclick="openPopArqEdit(\'' . $row->id . '\')" > </div>'; echo '<div class="closeButton" onclick="excluiArqImage(\'' . $row->id . '\')" > </div>'; echo '</div>'; echo '<div class="info-item">'; echo '<div class="arquivo"><img src="' . $thumb . '" alt="' . $row->id . '"/></div>'; echo '<div class="legenda">' . $row->titulo . '</div>'; echo '</div>'; echo '</div>'; } break;
<?php define('_fullpath', NWD::getFullPath()); define('_absolutepath', NWD::getAbsolutePath()); $urlvars = array(); $urlvalues = explode('/', @$_GET['params']); foreach ($urlvalues as $value) { $urlvars[] = trim(addslashes(strip_tags(urldecode($value)))); } $urlvars['GET'] = NWD::defineGET(); $pag = @$urlvars[1] ? $urlvars[1] : 'intro';
<link type="text/css" href="<?php echo _fullpath; ?> /modules/<?php echo $module_name; ?> /css/menu.css" rel="stylesheet" /> <?php $uniqid = @$params['uniqid']; $sql = mysql_query("SELECT * FROM admin_menu WHERE nivel >= '" . $_SESSION['usernivel'] . "' AND published = '1' ORDER BY pos ASC"); echo '<ul id="menu' . $uniqid . '" class="menu">'; $parentUrl = NWD::getFullPath(-1); $thisUrl = NWD::getFullPath(); while ($r = mysql_fetch_assoc($sql)) { $url = $r['url']; $active = $r['id'] == $urlvars[0] ? 'active' : ''; $link = $r['vs'] == 'v2' ? $parentUrl . '/' . $url : $thisUrl . '/' . $r['id'] . '/' . $url; echo '<li class="' . $active . '">'; echo '<a href="' . $link . '" ><span>' . $r['title'] . '</span></a>'; echo '</li>'; } echo '</ul>';
<?php require_once '../libs/Login.class.php'; Login::secSessionStart(); Login::proteger(); $cfig = @parse_ini_file('../cfig/config.ini'); include '../../../cfig/conexao.php'; require_once '../libs/NWD.class.php'; require_once '../libs/Strings.class.php'; foreach ($_POST as $postField => $postValue) { ${$postField} = trim(strip_tags(addslashes($postValue))); } $_sitepath = NWD::getFullPath(-3); $meuid = $_SESSION['userid']; switch ($act) { //--------------------------------------------------------------------------------------------------------------------------------------- // // CARREGAR PARA EDIÇÃO // //--------------------------------------------------------------------------------------------------------------------------------------- case 'Load to Edit': $result = array(); $r = mysql_fetch_assoc(mysql_query("SELECT * FROM usuarios WHERE id = '{$meuid}' LIMIT 1")); $imgurl = 'images/usuarios/thumbs/' . $r['imagem']; $imagem = is_file('../../../' . $imgurl) ? $_sitepath . '/' . $imgurl : $_sitepath . '/images/no-image.png'; $result['nome'] = $r['nome']; $result['email'] = $r['email']; $result['usuario'] = $r['user']; $result['senha'] = $r['senha']; $result['telefone'] = $r['telefone']; $result['profissao'] = $r['profissao'];
public static function insertAdmModule($module_name, $params = array()) { global $cfig; global $urlvars; $modulePath = 'modules/' . $module_name; $moduleUrl = NWD::getFullPath() . '/' . $modulePath; $insert = @(include $modulePath . '/default.php'); if (!$insert) { echo '<p class="module-error">O módulo <b>' . $module_name . '</b> não foi encontrado.</p>'; } }