public function __before() { parent::__before(); if (!Permission::has_permission('auditing')) { $this->redirect(ADMIN_URL); } }
public function index() { $table = new G2_ImprovedDataTable(); if (isset($_GET['s'])) { $where = 'title LIKE \'%' . implode('%', str_split(str_replace(' ', '', $_GET['s']))) . '%\' '; } else { $where = ''; } //$table->add_query('page', $where.' ORDER BY id DESC'); $query = "SELECT DISTINCT page.* FROM page INNER JOIN area ON page.id = area.page_id "; if ($where) { $query .= "WHERE " . $where; } $table->add_exec_query($query); $table->set_fields([['name' => 'title', 'label' => 'Page Title'], ['name' => 'description', 'label' => 'Page description']]); $renderer = new G2_DataTable_Renderer('title'); $renderer->set_function(function ($fieldname, $value, $data) { return "<strong>{$value}</strong><br><a href=\"" . BASE_URL . $data['slug'] . "\" target=\"_blank\">View Page</a> | <a href=\"" . PACKAGE_URL . "page/{$data['id']}\">Edit Page</a>"; }); $table->add_renderer($renderer); if (Permission::has_permission('Delete Pages')) { $table->add_function(PACKAGE_URL . 'delete-page/[id]', 'Delete this page'); } echo '<a href="' . PACKAGE_URL . 'posts" class="btn">View Posts</a>'; echo '<div class="panel"><div class="panel-body"><form action="" method="get"><input name="s" type="text" value="' . $_GET['s'] . '"><button>Search</button></form></div></div>'; echo $table->render(); }
function package($args) { $package_name = array_shift($args); $package = MVC_Router::getInstance()->get_package_for($package_name); if ($package) { if (method_exists($package, 'get_permission') && !Permission::has_permission($package->get_permission())) { $this->redirect(ADMIN_URL); } $controller = $package->get_admin_controller(); define('PACKAGE_URL', $this->get_package_uri(true) . "package/{$package_name}/"); $package->set_control_dir($package->get_admin_control_dir()); $package->set_admin_defaults(); echo $package->auto_route($args); // echo call_user_func_array(array($package, $controller), $args); } }
function jumpmenu($currentboard = 1) { global $pref, $g_user; $P = new Permission($g_user['groupids']); // precache boards $a_board = array(); $r_board = thwb_query("SELECT boardid, boardname, categoryid\n FROM " . $pref . "board\n WHERE boarddisabled = 0\n ORDER BY boardorder ASC"); while ($board = mysql_fetch_array($r_board)) { $P->set_boardid($board['boardid']); if ($P->has_permission(P_VIEW)) { $a_board[$board['categoryid']][] = $board; } } // category $r_category = thwb_query("SELECT categoryid, categoryname FROM\n " . $pref . "category ORDER BY categoryorder ASC"); $JUMP_MENU = '<select class="tbselect" name="board[boardid]" onChange="Submit.click()">'; while ($category = mysql_fetch_array($r_category)) { if (!empty($a_board[$category['categoryid']]) && $a_board[$category['categoryid']]) { $JUMP_MENU .= '<option value="-' . $category['categoryid'] . '">' . $category['categoryname'] . '</option>'; while (list(, $board) = each($a_board[$category['categoryid']])) { $JUMP_MENU .= '<option value="' . $board['boardid'] . '"' . ($board['boardid'] == $currentboard ? ' selected' : '') . '>- ' . $board['boardname'] . '</option>'; } } } $JUMP_MENU .= '</select> <input class="tbbutton" type="submit" name="Submit" value="Jump">'; return $JUMP_MENU; }
$navpath .= "Private Messages"; message("Fehler", "Es sind leider folgende Fehler aufgetreten:<br><br><font color='{$style['color_err']}'>{$errmsg}</font>"); } if (!isset($pm['pmsaveinoutbox'])) { $pm['pmsaveinoutbox'] = 0; } $r_frompm = thwb_query("SELECT count(pmid) FROM " . $pref . "pm WHERE pmtoid={$g_user['userid']}"); list($frompmcount) = mysql_fetch_row($r_frompm); if ($pm['pmmethod'] == 'pm') { // flood check prevent_pm_flood(); // full inbox? $r_topm = thwb_query("SELECT count(pmid) FROM " . $pref . "pm WHERE pmtoid={$user['userid']}"); list($topmcount) = mysql_fetch_row($r_topm); $toP = new Permission($user['groupids']); if ($topmcount >= $config['max_privmsg'] && !($P->has_permission(P_FORCEPM) || $toP->has_permission(P_NOPMLIMIT))) { $navpath .= "Private Messages"; message('Fehler', 'Die Nachricht konnte nicht versendet werden: Die Private Message Box des Empfängers ist voll.'); } else { // send msg! thwb_query("INSERT INTO " . $pref . "pm (pmfromid, pmtoid, pmtopic, pmtext, pmtime, pmflags, pmfolder)\n VALUES ({$g_user['userid']}, {$user['userid']},'" . addslashes($pm['pmtopic']) . "','" . addslashes($pm['pmtext']) . "'," . time() . ", 1, 0);"); if (($frompmcount < $config['max_privmsg'] || $P->has_permission(P_NOPMLIMIT)) && $pm['pmsaveinoutbox'] == 1) { thwb_query("INSERT INTO " . $pref . "pm (pmtoid, pmfromid, pmtopic, pmtext, pmtime, pmflags, pmfolder)\n VALUES ({$g_user['userid']}, {$user['userid']},'" . addslashes($pm['pmtopic']) . "','" . addslashes($pm['pmtext']) . "'," . time() . ",0 , 1);"); } $navpath .= "Private Messages"; message("Message verschickt", "Ihre Private Message wurde verschickt!<br><a href=\"" . build_link('pm.php') . "\">Private Message Center</a>"); } } elseif ($pm['pmmethod'] == 'email') { // SEND PM as E-Mail $Pmmail = new Template("templates/mail/pmsg.mail"); possible_flood(FLOOD_MAIL, $g_user['userid']);
$value[$i] = 'n/a'; } mysql_free_result($r_posters); eval($TRow->GetTemplate("stats_top10_row")); $stats_top10_row .= "<br>"; } /** top 10 boards **/ $data['title'] = 'Top 10 Boards (nach Posts)'; $name = array(); $value = array(); $a_boards = array(); $i = 0; $r_boards = thwb_query("SELECT b.boardid, b.boardname, b.boardposts, c.categoryname FROM {$pref}" . "board AS b LEFT OUTER JOIN {$pref}" . "category AS c ON c.categoryid = b.categoryid ORDER BY boardposts DESC LIMIT 10"); while ($a_boards = mysql_fetch_array($r_boards)) { $P->set_boardid($a_boards['boardid']); if (!$P->has_permission(P_VIEW)) { continue; } $name[$i] = '<a href="' . build_link('board.php?boardid=' . $a_boards['boardid']) . '">' . $a_boards['boardname'] . '</a>' . ' (Kategorie: ' . $a_boards['categoryname'] . ')'; $value[$i] = $a_boards['boardposts']; $i++; } for (; $i <= 9; $i++) { $name[$i] = 'n/a'; $value[$i] = 'n/a'; } mysql_free_result($r_boards); eval($TRow->GetTemplate("stats_top10_row")); $stats_top10_row .= "<br>"; /** top 10 threads (by posts) **/ $data['title'] = 'Top 10 Threads (nach Posts)';
$a_boardids = array(); if (defined(THWB_NEWS_INCLUDED)) { $a_boardids[] = CFG_INCLUDE_BOARD; } else { if (!empty($_GET['limit'])) { $a_boardids = explode(',', $_GET['limit']); } } $r_boards = thwb_query("SELECT boardid FROM {$pref}board " . "WHERE boarddisabled = 0" . (count($a_boardids) ? " AND boardid IN (" . join(',', $a_boardids) . ")" : '')); $a_boards = array(); while ($a_board = mysql_fetch_assoc($r_boards)) { if (count($a_boardids) && !in_array($a_board['boardid'], $a_boardids)) { continue; } $P->set_boardid($a_board['boardid']); if (!$P->has_permission(0)) { continue; } $a_boards[] = $a_board['boardid']; } if (!count($a_boards) && !defined('THWB_NEWS_INCLUDED')) { print '<pre><strong>Fehler</strong> Keine Boards gefunden.</pre>'; exit; } /** * determine the order **/ $orderby = 'threadcreationtime'; if (!empty($_GET['lastchanged'])) { $orderby = 'threadtime';