public static function GetSafe($name)
{
if (isset($_REQUEST[$name])) {
return String::HtmlSpecialChars($_REQUEST[$name]);
}
return null;
}
<div class="centerer">
<span class="centerer" style="width: 90%;">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>
<div class="header">Select Template</div>
</td>
<td style="padding-left: 10px;">
<div class="header" id="code-header" style="display: none;">Template Code For <span id="loaded-template"></span></div>
</td>
</tr>
<tr>
<td valign="top" style="width: 20em; min-width: 20em;">
<?php
$templates = String::HtmlSpecialChars(Dir::ReadFiles(TEMPLATES_DIR, '~^email~'));
asort($templates);
?>
<div class="explorer">
<?php
foreach ($templates as $template) {
?>
<div class="explorer-template"><span><?php
echo $template;
?>
</span></div>
<?php
}
?>
</div>
</td>
Allow embedding
</div>
</span>
</div>
</div>
<?php
if (isset($editing)) {
?>
<div class="fieldset">
<div class="legend">Clips</div>
<?php
foreach ($clips as $clip) {
String::HtmlSpecialChars($clip);
?>
<?php
if ($clip['type'] == 'Embed') {
?>
<div class="field">
<label>Embed Code:</label>
<span class="field-container">
<textarea name="clips[<?php
echo $clip['clip_id'];
?>
][clip]" rows="6" style="width: 600px;" wrap="off"><?php
echo $clip['clip'];
?>
</textarea>
</span>
}
?>
</div>
</div>
<div id="tabs-2">
<div>
<?php
$DB = GetDB();
$result = $DB->Query('SELECT * FROM `tbx_user` ORDER BY `date_created` DESC LIMIT 5');
if ($DB->NumRows($result) < 1) {
?>
<div class="message-warning text-center">No users have signed up yet!</div>
<?php
}
while ($user = $DB->NextRow($result)) {
$user = String::HtmlSpecialChars($user);
$user['date_created'] = date(DATETIME_FRIENDLY, strtotime($user['date_created']));
$stats = $DB->Row('SELECT * FROM `tbx_user_stat` WHERE `username`=?', array($user['username']));
$avatar_src = '../images/avatar-150x120.png';
if (!empty($user['avatar_id'])) {
$avatar = $DB->Row('SELECT * FROM `tbx_upload` WHERE `upload_id`=?', array($user['avatar_id']));
$avatar_src = $avatar['uri'];
}
?>
<div style="margin: 8px 0;">
<span class="index-avatar-container">
<img src="<?php
echo $avatar_src;
?>
" />
</span>
function SearchItemHtml($type, $original)
{
$DB = GetDB();
$schema = GetDBSchema();
$xtable = $schema->el('//table[naming/type="' . $type . '"]');
$primary_key = $xtable->columns->primaryKey->val();
$global_item_include_file = File::Sanitize('cp-' . $type . '-search-item-global.php', 'php');
$item_include_file = File::Sanitize('cp-' . $type . '-search-item.php', 'php');
// Get custom and merge tables
$custom_table = $xtable->custom->val();
$merge_tables = empty($custom_table) ? array() : array($custom_table);
foreach ($xtable->xpath('./merge') as $xmerge) {
$merge_tables[] = $xmerge->val();
}
foreach ($merge_tables as $merge_table) {
$row = $DB->Row('SELECT * FROM # WHERE #=?', array($merge_table, $primary_key, $original[$primary_key]));
if (is_array($row)) {
$original = array_merge($row, $original);
}
}
ob_start();
if (is_file("includes/{$global_item_include_file}")) {
include $global_item_include_file;
}
$item = String::HtmlSpecialChars($original);
include $item_include_file;
return ob_get_clean();
}
" /></span>
</div>
<?php
if (isset($editing) && Request::Get('image_id')) {
$image = $DB->Row('SELECT * FROM `tbx_upload` WHERE `upload_id`=?', array(Request::Get('image_id')));
?>
<div class="field">
<label>Existing Image:</label>
<span class="field-container">
<div class="checkbox" style="display: block; margin-bottom: 5px;">
<input type="hidden" name="remove_image" value="0" />
Remove Image
</div>
<img src="<?php
echo String::HtmlSpecialChars($image['uri']);
?>
" class="avatar" />
</span>
</div>
<?php
}
?>
<div class="field">
<label>Upload Image:</label>
<span class="field-container">
<input type="file" size="50" name="image_file" /><br />
<span class="small">JPG, GIF, or PNG image</span>
</span>
</div>
<div class="centerer">
<span class="centerer" style="width: 90%;">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>
<div class="header">Select Template</div>
</td>
<td style="padding-left: 10px;">
<div class="header" id="code-header" style="display: none;">Template Code For <span id="loaded-template"></span></div>
</td>
</tr>
<tr>
<td valign="top" style="width: 20em;">
<?php
$templates = String::HtmlSpecialChars(Dir::ReadFiles(TEMPLATES_DIR, '~^(?!email).*?(\\.tpl$|\\.css$)~'));
asort($templates);
?>
<div class="explorer">
<?php
foreach ($templates as $template) {
?>
<div class="explorer-template"><span><?php
echo $template;
?>
</span></div>
<?php
}
?>
</div>
</td>
</span>
</div>
<?php
if (isset($editing) && Request::Get('avatar_id')) {
$avatar = $DB->Row('SELECT * FROM `tbx_upload` WHERE `upload_id`=?', array(Request::Get('avatar_id')));
?>
<div class="field">
<label>Existing Avatar:</label>
<span class="field-container">
<div class="checkbox" style="display: block; margin-bottom: 5px;">
<input type="hidden" name="remove_avatar" value="0" />
Remove Avatar
</div>
<img src="<?php
echo String::HtmlSpecialChars($avatar['uri']);
?>
" class="avatar" />
</span>
</div>
<?php
}
?>
<div class="field">
<label>Upload Avatar:</label>
<span class="field-container">
<input type="file" size="50" name="avatar_file" /><br />
<span class="small">JPG, GIF, or PNG image</span>
</span>
</div>
<?php
$item['date_commented'] = date(DATETIME_FRIENDLY, strtotime($item['date_commented']));
$video = $DB->Row('SELECT * FROM `tbx_video` WHERE `video_id`=?', array($item['video_id']));
$video = String::HtmlSpecialChars($video);
?>
<tr class="search-hilite search-result" id="<?php
echo $item['comment_id'];
?>
">
<td class="selectable" style="width: 40px;" title="Select">
</td>
<td valign="top">
<div style="margin-bottom: 5px;">
<b style="display: inline-block; width: 6em; text-align: right;">Username:</b>
<a href="index.php?r=tbxGenericShowSearch(user)&pds=user&username=<?php
echo urlencode($original['username']);
?>
"><?php
echo $item['username'];
?>
</a>
</div>
<div style="margin-bottom: 5px;">
<b style="display: inline-block; width: 6em; text-align: right;">Date:</b>
<?php
echo $item['date_commented'];
?>
</div>
<div style="margin-bottom: 5px;">
<b style="display: inline-block; width: 6em; text-align: right;">Status:</b>
<?php
