$_POST['rel']['is_multiple'] = 0; } else { $table = $_POST['rel']['main_table'] . "_" . $_POST['rel']['secondary_table']; $query = "CREATE TABLE IF NOT EXISTS `" . $table . "` (`id` int(250) NOT NULL AUTO_INCREMENT,`" . $_POST['rel']['main_table'] . "_id` int(250) NOT NULL,`" . $_POST['rel']['secondary_table'] . "_id` int(250) NOT NULL, PRIMARY KEY (`id`)) AUTO_INCREMENT=1"; $database->query($query); } $database->insert("fields_mapping", array("main_table" => $_POST['rel']['main_table'], "main_field" => $_POST['rel']['main_field'], "type" => "get_another_data", "secondary_field" => $_POST['rel']['secondary_field'], "secondary_table" => $_POST['rel']['secondary_table'], 'value' => $_POST['rel']['select_field'], 'is_multiple' => $_POST['rel']['is_multiple'])); header("location:" . _admin_url . "/adminarea_settings/success"); } else { header("location:" . _admin_url . "/adminarea_settings/error"); } } /* if(isset($_POST['skipped']) and $_POST['skipped']) { $error = true; if(isset($_POST['skipped']['main_table']) && !empty($_POST['skipped']['main_table'])) { foreach ($_POST['skipped']['main_table'] as $skipped_table) { if($skipped_table){ $database->insert("fields_mapping",array("main_table"=>$skipped_table, "type"=>"skipped_tables")); $error = false; } } header("location:"._admin_url."/adminarea_settings/success");exit; } if($error == true) { header("location:"._admin_url."/adminarea_settings/error"); } } */ //pass all the admin settings echo $tpl->render("themes/adminarea/html/adminarea_settings.php");
$get_records = $database->query($query_search)->fetchAll(); $tpl->page_title = "Search Results For" . ' "' . $keyword . '"'; } else { $errmsg_arr = "You have not entered any keyword. Please enter keyword and try again !."; $tpl->errors = $errmsg_arr; } $tpl->keyword = $keyword; //pr($query_search); // } // catch (Exception $e) { // // CSRF attack detected // $result = $e->getMessage() . ' Form ignored.'; // } } else { // $result = 'No post data yet.'; if (isset($_SESSION['keyword']) && $_SESSION['keyword']) { //When use pagination for search result $keyword_pagination = $_SESSION['keyword']; $query_count = "select * from poems where poem_title like '%{$keyword_pagination}%'"; $get_count_records = $database->query($query_count)->fetchAll(); $query_search = "select * from poems where poem_title like '%{$keyword_pagination}%' LIMIT {$next_number}, {$perpage}"; $get_records = $database->query($query_search)->fetchAll(); $tpl->page_title = "Search Results For" . ' "' . $keyword_pagination . '"'; } $tpl->keyword = $keyword_pagination; } $tpl->search_results = $get_records; $token = NoCSRF::generate('csrf_token'); $tpl->formtoken = $token; echo $tpl->render("themes/site/" . theme_name . "/html/search.php");
$result = 'CSRF check passed. Form parsed.'; $userEmail = clean($_POST['data']['user_email']); $get_user = $database->select("users", "*", array("user_email" => $userEmail)); if ($get_user) { $update = $database->update('users', array('password' => md5($newpass)), array('user_email' => $userEmail)); $to = $userEmail; $subject = 'Forgotten Password Retrieval'; $message = 'Hello ' . $get_user["firstname"] . '<br><br>This email was sent automatically by ' . site_name . ' in response to your request to recover your password. Your new password to access the site is: ' . $newpass . '<br>Thanks<br>' . site_name; $sendmail = sendEmail($to, $subject, $message, $shortcodes = null, $from = null, $mail); if ($sendmail) { header("Location: " . main_url . "/forgotpassword/success"); exit; } } else { $errmsg_arr[] = 'No such User found in Database!'; $errflag = true; } } catch (Exception $e) { // CSRF attack detected $result = $e->getMessage() . ' Form ignored.'; } } else { //$result = 'No post data yet.'; } $token = NoCSRF::generate('csrf_token'); $tpl->formtoken = $token; $tpl->result = $result; $tpl->errors = $errmsg_arr; echo $tpl->render("themes/site/" . theme_name . "/html/forgotpassword.php");
} //Get Records if ($perpage == "all") { $get_records = $database->select($table_name, $column_names, array("ORDER" => $sortby_field . " " . $sortby_method)); } else { $get_records = $database->select($table_name, $column_names, array("LIMIT" => array($next_number, $perpage), "ORDER" => $sortby_field . " " . $sortby_method)); } $count_records = $database->count($table_name); //Count Records if ($perpage == "all") { $total_pages = 1; // Total Pages } else { $total_pages = ceil($count_records / $perpage); // Total Pages } $token = NoCSRF::generate('csrf_token'); $tpl->formtoken = $token; $tpl->currentpage = $page_no; $tpl->total_pages = $total_pages; $tpl->total_records = $count_records; $tpl->table = $table_name; $tpl->records = $get_records; $tpl->perpage = $perpage; $tpl->table_headers = $column_names; $tpl->current_order = $sortby_method; $tpl->custom_data = $custom_data; $tpl->tb_primaryid = $database->getPKID($table_name); $tpl->page_title = format_names($table_name); echo $tpl->render("themes/adminarea/html/table.php");
if ($get_user) { //Set session $_SESSION['user_id'] = $get_user[0]['id']; //Put name in session $_SESSION['full_name'] = $get_user[0]['fullname']; $_SESSION['user_email'] = $get_user[0]['user_email']; //$_SESSION['picture'] = $get_user[0]['picture']; //Close session writing session_write_close(); //Redirect to user's page header("Location: " . main_url); exit; } else { $lerrmsg_arr[] = 'No such User found!'; $lerrflag = true; } } if ($lerrflag) { $tpl->lerrors = $lerrmsg_arr; } } catch (Exception $e) { // CSRF attack detected $result = $e->getMessage() . ' Form ignored.'; } } else { //$result = 'No post data yet.'; } $token = NoCSRF::generate('csrf_token'); $tpl->formtoken = $token; echo $tpl->render("themes/site/" . theme_name . "/html/register.php");
<?php $tpl = new bQuickTpl(); include getcwd() . "/modules/site/common.php"; //--get poem id--// $poem_id = $vars[1]; //--for poem id not found in poems table--// if (!check_poem($database, $poem_id)) { echo $tpl->render("themes/site/" . theme_name . "/html/404.php"); exit; } foreach ($vars as $var) { if (strpos($var, 'p:') === 0) { $page_no_var = $var; //get the current Page from URL } } //--increment views of poem--// $update_poem = view_increment($database, $poem_id); //--get poem information--// $get_poem = get_poem($database, $poem_id); //--get topic information--// if ($get_poem['topic_id']) { $poem_topics_array = array(); //get topic ids as array $poem_topics = unserialize($get_poem['topic_id']); foreach ($poem_topics as $poem_topic_id) { if (!array_key_exists($poem_topic_id, $poem_topics_array)) { $poem_topic_array[$poem_topic_id] = get_topic($database, $poem_topic_id); } }
$page_array['total_pages'] = $total_pages; $page_array['total_records'] = $count_records; $page_array['current_count'] = $current_count; $page_array['param_vars'] = $vars; $page_array['page_no_var'] = $page_no_var; $tpl->page_array = $page_array; // Send SEO Data if (!$author['seo_title']) { $tpl->page_title = $author['Author_name']; } else { $tpl->page_title = $author['seo_title']; } if (!$author['seo_description']) { $tpl->page_description = site_seo_description; } else { $tpl->page_description = $author['seo_description']; } if (!$author['seo_keywords']) { $tpl->keywords = site_seo_keywords; } else { $tpl->keywords = $author['seo_keywords']; } if (!$author['photo']) { $tpl->page_image = main_url . website_logo; } else { $tpl->page_image = main_url . $author['photo']; } // $tpl->page_image = main_url.website_logo; // Send SEO Data echo $tpl->render("themes/site/" . theme_name . "/html/poet.php");
<?php $tpl = new bQuickTpl(); $tpl->page_title = "Admin Panel - Alias Management"; if (!isset($_SESSION['admin_user_id'])) { header("Location: " . _admin_url . "/login"); exit; } include getcwd() . "/modules/adminarea/common.php"; $get_aliases = $database->select('module_alias', '*'); $tpl->aliases = $get_aliases; echo $tpl->render("themes/adminarea/html/alias_management.php");
if ($updatepassword) { $success_arr[] = 'Password was successfully Changed!'; $successflag = true; } } } else { $errmsg_arr[] = 'Old Password doesnt match with the Database Entry!'; $errflag = true; } } } } } } //If there are input validations, redirect back to the login form if ($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("Location: " . main_url . "/adminarea/changepassword/error"); exit; } if ($successflag) { $_SESSION['SUCCESSMSG_ARR'] = $success_arr; session_write_close(); header("Location: " . main_url . "/adminarea/changepassword/success"); exit; } } $tpl->page_title = "Change Password"; echo $tpl->render("themes/adminarea/html/changepassword.php");
header("Location: " . _admin_url . "/edit/" . $table_name . "/rec:" . $record_id . "/error/" . $result); } } else { $result = 'No post data yet.'; } if (isset($error_message)) { $tpl->error_message = $error_message; } $custom_data = array(); foreach ($get_another_data as $stuff) { if ($stuff['main_table'] == $table_name) { $query_complete = $database->select($stuff['secondary_table'], "*"); $custom_data[$stuff['main_field']]['data'] = $query_complete; $custom_data[$stuff['main_field']]['attributes']['seconday_field'] = $stuff['secondary_field']; $custom_data[$stuff['main_field']]['attributes']['value'] = $stuff['value']; } } $getcolumns = $database->getColumns($table_name); $getcontent = $database->select($table_name, "*", array($database->getPKID($table_name) => $record_id)); $token = NoCSRF::generate('csrf_token'); $tpl->formtoken = $token; $tpl->result = $result; $tpl->table = $table_name; $tpl->tb_primaryid = $database->getPKID($table_name); $tpl->columns = $getcolumns; $tpl->content = $getcontent[0]; $tpl->record_id = $record_id; $tpl->slug_fields = $slug_fields; $tpl->custom_data = $custom_data; echo $tpl->render("themes/adminarea/html/edit.php");
} //--get saved poets--// if (!empty($get_saved_poets)) { foreach ($get_saved_poets as $k => $poet_id) { $get_saved_poets[$k] = get_author($database, $poet_id); } $tpl->saved_poets = $get_saved_poets; } //--get saved users--// if (!empty($get_saved_user)) { foreach ($get_saved_user as $k => $poet_id) { $data = get_user_info($database, $poet_id); $get_saved_user[$k] = $data[0]; } $tpl->saved_users = $get_saved_user; } //--get saved poets--// if (!empty($get_user_added_function)) { foreach ($get_user_added_function as $k => $poet_id) { $get_saved_poets[$k] = get_author($database, $poet_id); } $tpl->saved_poets = $get_saved_poets; } $get_active_function = get_function($database, $user_id); $get_inactive_function = get_inactive_function($database, $user_id); $tpl->my_function = array_merge_recursive($get_active_function, $get_inactive_function); } else { header("location: " . main_url); } echo $tpl->render("themes/site/" . theme_name . "/html/mystuff.php");
//$get_more_liked1 = sortMultiArrayByKey($get_more_liked, 'liked'); //$tpl->get_more_liked = $get_more_liked; if ($params[2] == 'export_data') { $file = fopen('config/installer/' . $a['file_name'], 'w'); fwrite($file, $a['file_contents']); header('Location: ' . _admin_url . "/index/success"); } //get latest status $get_latest_status = $database->select("poems", "*", array("status" => "1", "ORDER" => "id DESC", "LIMIT" => 5)); $tpl->get_latest_status = $get_latest_status; //pr($get_latest_status); //top rated riddles $get_all_reviews = $database->select("ratings", "module_id"); $b = array_unique($get_all_reviews); foreach ($b as $k => $v) { $get_value = $database->select("ratings", "value", array("module_id" => $v)); $m = array_sum($get_value) / count($get_value); $get_ratings[$v]["id"] = $v; $get_ratings[$v]["ratings"] = $m; } $arr2 = sortMultiArrayByKey($get_ratings, "ratings"); $top_rated = array_slice($arr2, 0, 5); foreach ($top_rated as $ke => $va) { $top_rated_status = $database->get("poems", "poem_title", array("id" => $va['id'])); $top_rated[$ke]['info'] = $top_rated_status; } //pr($top_rated); $tpl->top_rated = $top_rated; include getcwd() . "/modules/adminarea/common.php"; echo $tpl->render("themes/adminarea/html/index.php");
//Put name in session $_SESSION['admin_name'] = $get_user[0]['name']; $_SESSION['admin_username'] = $get_user[0]['username']; //Close session writing session_write_close(); //Redirect to user's page header("Location: " . _admin_url . "/index"); exit; } else { $errmsg_arr[] = 'No such User found in Database!'; $errflag = true; } //If there are input validations, redirect back to the login form if ($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("Location: " . _admin_url . "/login/error"); exit; } } catch (Exception $e) { // CSRF attack detected $result = $e->getMessage() . ' Form ignored.'; } } else { $result = 'No post data yet.'; } $token = NoCSRF::generate('csrf_token'); $tpl->formtoken = $token; $tpl->result = $result; echo $tpl->render("themes/adminarea/html/login.php");
} } if ($j != '1') { $savedata = $database->insert($vars[2], $d); } $j++; /*if($savedata){ echo '<script>$(document).ready(function(){ $.ambiance({message: "The CSV was sucessfully to your", title: "Success!", type: "success"}); });</script>'; }*/ } fclose($handle); } $tpl->update = 1; } else { $error1 = 1; //$tpl->update = 0; //$tpl->errormessage = "It was not possible to save this CSV!"; } } } else { header("Location: " . $main_url . "/adminarea/login"); exit; } echo $tpl->render("themes/adminarea/html/upload_csv.php");
$last = ""; if (isset($last_id[0]) && $last_id[0]) { $last = $last_id[0]; } if (isset($next_id[0]) && $next_id[0]) { $next = $next_id[0]; } $custom_data = array(); //pr($get_another_data);exit; foreach ($get_another_data as $stuff) { if ($stuff['main_table'] == $table_name) { $query_complete = $database->select($stuff['secondary_table'], "*"); $custom_data[$stuff['main_field']]['data'] = $query_complete; $custom_data[$stuff['main_field']]['attributes']['seconday_field'] = $stuff['secondary_field']; $custom_data[$stuff['main_field']]['attributes']['value'] = $stuff['value']; $custom_data[$stuff['main_field']]['attributes']['secondary_table'] = $stuff['secondary_table']; } } $tpl->lowest_id = $getleast_id[0]; $tpl->highest_id = $gethighest_id[0]; $tpl->last_id = $last; $tpl->next_id = $next; $tpl->current_record = $record_id; $tpl->page_title = "Detail Page"; $tpl->tb_primaryid = $primary_key; $tpl->record_info = $getrecord_info[0]; $tpl->table_name = $table_name; $tpl->custom_data = $custom_data; include getcwd() . "/modules/adminarea/common.php"; echo $tpl->render("themes/adminarea/html/detail.php");
// Send SEO Data //--PAGINATION--// foreach ($vars as $var) { if (strpos($var, 'p:') === 0) { $page_no_var = $var; //get the current Page from URL } } $perpage = poets_per_page; $paginate = paginate($perpage, $page_no_var); $next_number = $paginate['next_number']; //--get all authors--// $get_user = get_all_users($database, $next_number, $perpage); $tpl->all_user = $get_user; $count_records = $database->count("users"); $total_pages = ceil($count_records / $perpage); $current_count = count($get_user); $page_array = array(); $page_array['current_page'] = $paginate['page_no']; $page_array['total_pages'] = $total_pages; $page_array['total_records'] = $count_records; $page_array['current_count'] = $current_count; $page_array['param_vars'] = $vars; $page_array['page_no_var'] = $page_no_var; $tpl->page_array = $page_array; //$all_topics = $database->select("authors","*", array('status'=>1)); // //$alphabetically = alphabetically($all_topics,['MAX'=>authors_per_alphabet, 'COUNT'=>true]); //$tpl->alphabetically = $alphabetically; echo $tpl->render("themes/site/" . theme_name . "/html/users.php");
$tpl->keywords = site_seo_keywords; $tpl->page_image = main_url . website_logo; // Send SEO Data //--get category id--// $category_id = $vars[1]; //--pagination--// foreach ($vars as $var) { if (strpos($var, 'p:') === 0) { $page_no_var = $var; //get the current Page from URL } } //$perpage = poems_per_page; //$paginate = paginate($perpage, $page_no_var); //$next_number = $paginate['next_number']; //--get all topics--// $all_topics = all_topics($database); $tpl->topicss = $all_topics; $count_records = $database->count("topics"); //$total_pages = ceil($count_records / $perpage); $current_count = count($all_topics); $page_array = array(); $page_array['current_page'] = $page_no; $page_array['total_pages'] = $total_pages; $page_array['total_records'] = $count_records; $page_array['current_count'] = $current_count; $page_array['param_vars'] = $vars; $page_array['page_no_var'] = $page_no_var; $tpl->page_array = $page_array; echo $tpl->render("themes/site/" . theme_name . "/html/topics.php");
$user_data = array(); $user_data['firstname'] = $firstname; $user_data['lastname'] = $lastname; $user_data['user_email'] = $user_email; $user_data['birthday'] = $birthdate; $user_data['fullname'] = $fullname; $user_data['picture'] = clean($_POST['data']['picture']); if (!$_POST['data']['picture'] == "") { $edit_profile = edit_profile($database, $user_data, $user_id); if ($edit_profile) { header("Location: " . main_url . "/edit_profile/success"); } } else { } //If there are input validations, redirect back to the register form } } catch (Exception $e) { // CSRF attack detected $result = $e->getMessage() . ' Form ignored.'; } } } else { $result = 'No post data yet.'; } } else { header("location: " . main_url); } $token = NoCSRF::generate('csrf_token'); $tpl->formtoken = $token; echo $tpl->render("themes/site/" . theme_name . "/html/edit_profile.php");
<?php $tpl = new bQuickTpl(); $tpl->page_title = "Manage Fields Section"; /* Fetch Tables from Database*/ $gettables = $database->query("SHOW TABLES FROM " . db_name)->fetchAll(); $manage_fields = array(); $database->query("CREATE TABLE IF NOT EXISTS `fields_admin`(`id` int(250) NOT NULL AUTO_INCREMENT,`Table_name` varchar(250) NOT NULL,`Table_Fields` text NOT NULL,PRIMARY KEY (`id`)) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1"); $get_fields_admin = $database->select("fields_admin", "*"); $newarray = array(); foreach ($get_fields_admin as $fields) { $newarray[$fields['Table_name']] = $fields['Table_Fields']; } $i = 0; foreach ($gettables as $tableslist) { $dbfields = $database->getColumns($tableslist[0]); $manage_fields[$tableslist['0']] = $dbfields; $i++; } $tpl->manage_fields = $manage_fields; $tpl->db_fields = $newarray; include getcwd() . "/modules/adminarea/common.php"; echo $tpl->render("themes/adminarea/html/managefields.php");
$tpl->errors = $errmsg_arr; } else { $user_email = clean($_SESSION['user_email']); $get_user = select_password($database, $user_email, $checkpassword); if ($get_user) { $newpass = clean(md5($new_password)); $updatepassword = update_password($database, $newpass, $user_email); if ($updatepassword) { header("Location: " . main_url . "/changepassword/success"); } } else { $errmsg_arr[] = 'Old Password is Wrong!'; $errflag = true; $tpl->errors = $errmsg_arr; } } //If there are input validations, redirect back to the login form } catch (Exception $e) { // CSRF attack detected $result = $e->getMessage() . ' Form ignored.'; } } else { //$result = 'No post data yet.'; } } else { header("location: " . main_url); } $token = NoCSRF::generate('csrf_token'); $tpl->formtoken = $token; echo $tpl->render("themes/site/" . theme_name . "/html/changepassword.php");
if ($perpage == "all") { $total_pages = 1; // Total Pages } else { $total_pages = ceil($count_records / $perpage); // Total Pages } $custom_data = array(); foreach ($get_another_data as $stuff) { if ($stuff['main_table'] == $table_name) { $query_complete = $database->select($stuff['secondary_table'], "*"); $custom_data[$stuff['main_field']]['data'] = $query_complete; $custom_data[$stuff['main_field']]['attributes']['seconday_field'] = $stuff['secondary_field']; $custom_data[$stuff['main_field']]['attributes']['value'] = $stuff['value']; $custom_data[$stuff['main_field']]['attributes']['secondary_table'] = $stuff['secondary_table']; } } $tpl->currentpage = $page_no; $tpl->total_pages = $total_pages; $tpl->total_records = $count_records; $tpl->table = $table_name; $tpl->records = $get_records; $tpl->perpage = $perpage; $tpl->table_headers = $column_names; $tpl->current_order = $sortby_method; $tpl->custom_data = $custom_data; $tpl->query = $_SESSION['query']; $tpl->tb_primaryid = $database->getPKID($table_name); $tpl->page_title = format_names($table_name); echo $tpl->render("themes/adminarea/html/search.php");
<?php $tpl = new bQuickTpl(); $tpl->page_title = "Admin Panel - Backup & Restore"; if (!isset($_SESSION['admin_user_id'])) { header("Location: " . _admin_url . "/login"); exit; } //get contents of backup folder $backup_files = directory_contents(getcwd() . "/config/backup_restore", "sql"); //pr($params); if (isset($params[2]) && $params[2] == 'backup') { $backup = backup_db($database); if ($backup) { header("Location: " . _admin_url . "/backup_restore/success/backup"); } else { header("Location: " . _admin_url . "/backup_restore/error/backup"); } } if (isset($params[2]) && $params[2] == 'restore') { $restore = restore_db($database); if ($restore) { header("Location: " . _admin_url . "/backup_restore/success/restore"); } else { header("Location: " . _admin_url . "/backup_restore/error/restore"); } } $tpl->backup_files = $backup_files; include getcwd() . "/modules/adminarea/common.php"; echo $tpl->render("themes/adminarea/html/backup_restore.php");
if (!$_POST['data']['poem']) { $errmsg_arr[] = 'Please enter Poem!'; $errflag = true; } if ($errflag) { $tpl->errors = $errmsg_arr; } else { $data_insert = array(); $data_insert['user_id'] = clean($user_id); $data_insert['author_id'] = $author; $data_insert['topic_id'] = $topic; $data_insert['poem_title'] = $title; $data_insert['poem'] = $poem; //$data_insert['picture'] = clean($_POST['data']['picture']); $userdata = insert_submission($database, $data_insert); if ($userdata) { header("Location: " . main_url . "/submission/success"); } } } catch (Exception $e) { // CSRF attack detected $result = $e->getMessage() . ' Form ignored.'; } } } else { header("location: " . main_url); } $token = NoCSRF::generate('csrf_token'); $tpl->formtoken = $token; echo $tpl->render("themes/site/" . theme_name . "/html/submission.php");
<?php $tpl = new bQuickTpl(); include getcwd() . "/modules/adminarea/common.php"; echo $tpl->render("themes/adminarea/html/elements/header.php"); echo $tpl->render("themes/adminarea/html/404.php"); echo $tpl->render("themes/adminarea/html/elements/footer.php");