if ($info[0] > $set['user']['avatar_maxdim'] || $info[1] > $set['user']['avatar_maxdim'] || $info[0] == 0 || $info[1] == 0) { $mm->deletefile('user/' . $newfile); message($apx->lang->get('MSG_MAXDIM'), 'javascript:history.back()'); require 'lib/_end.php'; } $db->query("UPDATE " . PRE . "_user SET avatar='" . addslashes($newfile) . "',avatar_title='" . addslashes($_POST['avatar_title']) . "' WHERE userid='" . $user->info['userid'] . "' LIMIT 1"); if ($user->info['avatar']) { $mm->deletefile('user/' . $user->info['avatar']); } message($apx->lang->get('MSG_OK'), mklink('user.php?action=avatar', 'user,avatar.html')); } } } elseif ($_POST['delav']) { require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $mm->deletefile('user/' . $user->info['avatar']); $db->query("UPDATE " . PRE . "_user SET avatar='',avatar_title='' WHERE userid='" . $user->info['userid'] . "' LIMIT 1"); message($apx->lang->get('MSG_OK'), mklink('user.php?action=avatar', 'user,avatar.html')); } else { $db->query("UPDATE " . PRE . "_user SET avatar_title='" . addslashes($_POST['avatar_title']) . "' WHERE userid='" . $user->info['userid'] . "' LIMIT 1"); message($apx->lang->get('MSG_OK'), mklink('user.php?action=avatar', 'user,avatar.html')); } } else { if ($user->info['avatar']) { $apx->tmpl->assign('CURRENT_AVATAR', $user->mkavatar($user->info)); $apx->tmpl->assign('CURRENT_TITLE', $user->mkavtitle($user->info)); } $apx->tmpl->assign('MAX_DIMENSIONS', $set['user']['avatar_maxdim']); $apx->tmpl->assign('MAX_FILESIZE', user_getsize($set['user']['avatar_maxsize'], 0)); $postto = mklink('user.php?action=avatar', 'user,avatar.html'); $apx->tmpl->assign('POSTTO', $postto);
unset($picture, $thumbnail); } $db->query("INSERT INTO " . PRE . "_forum_attachments (hash,postid,file,thumbnail,name,size,mime,time) VALUES ('" . addslashes($_REQUEST['hash']) . "','" . $_REQUEST['postid'] . "','" . addslashes('forum/' . $newname) . "','" . addslashes($thumbnailPath) . "','" . addslashes($file['name']) . "','" . intval($file['size']) . "','" . addslashes($file['type']) . "','" . time() . "')"); if ($message) { $message .= '<br />'; } $message .= $apx->lang->get('MSG_OK', array('FILE' => $file['name'])); } } //Dateien löschen if ($_POST['delete'] && is_array($_POST['delete'])) { reset($_POST['delete']); $delete = (int) key($_POST['delete']); if ($delete) { list($file, $filename) = $db->first("SELECT file,name FROM " . PRE . "_forum_attachments WHERE ( id='" . $delete . "' AND postid='" . $_REQUEST['postid'] . "' AND hash='" . addslashes($_REQUEST['hash']) . "' ) LIMIT 1"); $mm->deletefile($file); $db->query("DELETE FROM " . PRE . "_forum_attachments WHERE ( id='" . $delete . "' AND postid='" . $_REQUEST['postid'] . "' AND hash='" . addslashes($_REQUEST['hash']) . "' ) LIMIT 1"); $message .= $apx->lang->get('MSG_DELETE', array('FILE' => $filename)); } } //Dateien auflisten $attrefresh = ''; $data = $db->fetch("SELECT * FROM " . PRE . "_forum_attachments WHERE ( postid='" . $_REQUEST['postid'] . "' AND hash='" . addslashes($_REQUEST['hash']) . "' ) ORDER BY name ASC"); if (count($data)) { foreach ($data as $res) { ++$i; $ext = strtolower($mm->getext($res['name'])); $attdata[$i]['ID'] = $res['id']; $attdata[$i]['FILENAME'] = $res['name']; $attdata[$i]['ICON'] = $typeinfo[$ext][1]; $attdata[$i]['SIZE'] = forum_getsize($res['size']);
function gallery_pics_del() { global $set, $apx, $db, $html; $_REQUEST['userid'] = (int) $_REQUEST['userid']; $_REQUEST['galid'] = (int) $_REQUEST['galid']; if (!$_REQUEST['galid']) { die('missing GALID!'); } $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send']) { if (!checkToken()) { printInvalidToken(); } else { list($galid) = $db->first("SELECT id FROM " . PRE . "_user_gallery WHERE id='" . $_REQUEST['galid'] . "' LIMIT 1"); if (!$galid) { die('access denied!'); } list($picture, $thumbnail) = $db->first("SELECT picture,thumbnail FROM " . PRE . "_user_pictures WHERE id='" . $_REQUEST['id'] . "' AND galid='" . $_REQUEST['galid'] . "' LIMIT 1"); require_once BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); if ($picture && file_exists(BASEDIR . getpath('uploads') . $picture)) { $mm->deletefile($picture); } if ($thumbnail && file_exists(BASEDIR . getpath('uploads') . $thumbnail)) { $mm->deletefile($thumbnail); } $db->query("DELETE FROM " . PRE . "_user_pictures WHERE id='" . $_REQUEST['id'] . "' AND galid='" . $_REQUEST['galid'] . "' LIMIT 1"); logit('USER_GALLERYPIC_DEL', 'ID #' . $_REQUEST['id']); printJSReload(); } } else { $input = array('ID' => $_REQUEST['id'], 'GALID' => $_REQUEST['galid'], 'USERID' => $_REQUEST['userid']); tmessageOverlay('gallerypicdel', $input); } }
function del() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { if (!checkToken()) { infoInvalidToken(); } else { list($image) = $db->first("SELECT image FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $mm->deletefile($image); $db->query("DELETE FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); logit('AFFILIATES_DEL', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('affiliates.show')); } } else { list($title) = $db->first("SELECT title FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($title)))); tmessageOverlay('del', array('ID' => $_REQUEST['id'])); } }
function udel() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { if (!checkToken()) { printInvalidToken(); } else { //Bild löschen list($picture) = $db->first("SELECT picture FROM " . PRE . "_products_units WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); require_once BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $poppic = str_replace('-thumb.', '.', $picture); if ($picture && file_exists(BASEDIR . getpath('uploads') . $picture)) { $mm->deletefile($picture); } if ($poppic && file_exists(BASEDIR . getpath('uploads') . $poppic)) { $mm->deletefile($poppic); } //DB-Eintrag löschen $db->query("DELETE FROM " . PRE . "_products_units WHERE id='" . $_REQUEST['id'] . "'"); logit('PRODUCTS_UNITS_DEL', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('products.ushow')); } } else { list($title) = $db->first("SELECT title FROM " . PRE . "_products_units WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($title)))); tmessageOverlay('deltitle', array('ID' => $_REQUEST['id']), '/'); } }
function misc_mailform() { global $set, $db, $apx, $user; if ($_SERVER['REQUEST_METHOD'] != 'POST') { return; } if (!isset($set['formmailer']['sendto'][$_POST['sendto']])) { die('sendto is not a valid mail-ID!'); } $apx->lang->drop('sendform', 'formmailer'); //Zusätzliche Felder prüfen ob ausgefüllt $addnl_failed = false; foreach ($_POST as $key => $value) { if (in_array($key, array('subject', 'sendto', 'copytome'))) { continue; } if (substr($key, -9) != '_required') { continue; } if (!$value) { $addnl_failed = true; } } //Absenden if ($addnl_failed) { message('back'); } else { //Text erstellen $text = ''; foreach ($_POST as $key => $value) { if (in_array($key, array('subject', 'sendto', 'copytome'))) { continue; } //Bei required-Feldern Namen kürzen if (substr($key, -9) == '_required') { $key = substr($key, 0, strlen($key) - 9); } $text .= $key . ': ' . $value . "\n"; } //Betreff if ($_POST['subject']) { $subject = $_POST['subject']; } else { $subject = 'apexx Formmailer'; } //Mediamanger initialisieren $attachments = array(); require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $temphash = md5(microtime()); //Dateien hochladen if (is_array($_FILES) && count($_FILES)) { foreach ($_FILES as $fileinfo) { if (!$fileinfo['tmp_name']) { continue; } if (!is_uploaded_file($fileinfo['tmp_name'])) { continue; } $tempname = 'contact_' . $temphash . '_' . $fileinfo['name'] . '.tmp'; $mm->uploadfile($fileinfo, 'temp', $tempname); $attachments[] = array('filename' => $fileinfo['name'], 'source' => $tempname, 'type' => $fileinfo['type']); } } //Normale eMail senden if (!count($attachments)) { if ($set['main']['mailbotname']) { $from = 'From:' . $set['main']['mailbotname'] . '<' . $set['main']['mailbot'] . '>'; } else { $from = 'From:' . $set['main']['mailbot']; } $sendtomail = $set['formmailer']['sendto'][$_POST['sendto']]; mail($sendtomail, $subject, $text, $from); } else { $boundary = md5(uniqid(time())); if ($set['main']['mailbotname']) { $from = 'From:' . $set['main']['mailbotname'] . '<' . $set['main']['mailbot'] . '>'; } else { $from = 'From:' . $set['main']['mailbot']; } $header = "MIME-Version: 1.0\n"; $header .= $from . "\n"; $header .= "Content-Type: multipart/mixed; boundary=\"" . $boundary . "\"\n"; $body = "--" . $boundary . "\n"; $body .= "Content-Type: text/plain\n"; $body .= "Content-Transfer-Encoding: 7bit\n\n"; $body .= $text . "\n\n"; //Dateianhänge codieren $filedata = ''; foreach ($attachments as $source) { $sourcepath = BASEDIR . getpath('uploads') . 'temp/' . $source['source']; $filedata = fread(fopen($sourcepath, 'r'), filesize($sourcepath)); $body .= "--" . $boundary . "\n"; $body .= "Content-Type: " . $source['type'] . "; name=\"" . $source['filename'] . "\"\n"; $body .= "Content-Transfer-Encoding: base64\n"; $body .= "Content-Disposition: attachment; filename=\"" . $source['filename'] . "\"\n\n"; $body .= chunk_split(base64_encode($filedata)); $body .= "\n"; } $body .= "--{$boundary}--\n"; //eMail abschicken $sendtomail = $set['formmailer']['sendto'][$_POST['sendto']]; mail($sendtomail, $_POST['subject'], $body, $header); //Anhänge vom Server löschen foreach ($attachments as $tempfile) { $mm->deletefile('temp/' . $tempfile['source']); } } message($apx->lang->get('MSG_OK'), mklink('index.php', 'index.html')); } }
function del() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { if (!checkToken()) { printInvalidToken(); } else { $res = $db->first("SELECT newspic FROM " . PRE . "_news WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('news.del'), " AND userid='" . $apx->user->info['userid'] . "'") . " ) LIMIT 1"); $db->query("DELETE FROM " . PRE . "_news WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('news.del'), " AND userid='" . $apx->user->info['userid'] . "'") . " ) LIMIT 1"); if (!$db->affected_rows()) { die('access denied!'); } //Kommentare + Bewertungen löschen (nur wenn ein Eintrag gelöscht wurde -> User hat Recht dazu!) if ($apx->is_module('comments')) { $db->query("DELETE FROM " . PRE . "_comments WHERE ( module='news' AND mid='" . $_REQUEST['id'] . "' )"); } if ($apx->is_module('ratings')) { $db->query("DELETE FROM " . PRE . "_ratings WHERE ( module='news' AND mid='" . $_REQUEST['id'] . "' )"); } //Bilder löschen require_once BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $picture = $res['newspic']; $poppic = str_replace('-thumb.', '.', $newspic); if ($picture && file_exists(BASEDIR . getpath('uploads') . $picture)) { $mm->deletefile($picture); } if ($poppic && file_exists(BASEDIR . getpath('uploads') . $poppic)) { $mm->deletefile($poppic); } //Tags löschen $db->query("DELETE FROM " . PRE . "_news_tags WHERE id='" . $_REQUEST['id'] . "'"); logit('NEWS_DEL', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('news.show')); } } else { list($title, $subtitle) = $db->first("SELECT title, subtitle FROM " . PRE . "_news WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($title . ($subtitle ? ' - ' . $subtitle : ''))))); tmessageOverlay('deltitle', array('ID' => $_REQUEST['id']), '/'); } }
function pictures() { global $set, $db, $apx; //Notwendig weil 1.7.0 beim Kopieren ein Bild mit ID 0 erzeugt hatte :/ if (isset($_REQUEST['delpic'])) { $_REQUEST['delpic'] = (int) $_REQUEST['delpic']; } else { $_REQUEST['delpic'] = null; } //Bilder auslesen list($pictures, $nextid) = $db->first("SELECT pictures,pictures_nextid FROM " . PRE . "_articles WHERE id='" . $_REQUEST['id'] . "'"); $pictures = unserialize($pictures); if (!is_array($pictures)) { $pictures = array(); } //Bild löschen if (isset($_REQUEST['delpic']) && isset($pictures[$_REQUEST['delpic']])) { if ($_POST['delpic']) { if (!checkToken()) { printInvalidToken(); } else { $picinfo = $pictures[$_REQUEST['delpic']]; require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); if ($picinfo['thumbnail'] && file_exists(BASEDIR . getpath('uploads') . $picinfo['thumbnail'])) { $mm->deletefile($picinfo['thumbnail']); } if ($picinfo['picture'] && file_exists(BASEDIR . getpath('uploads') . $picinfo['picture'])) { $mm->deletefile($picinfo['picture']); } unset($pictures[$_REQUEST['delpic']]); $db->query("UPDATE " . PRE . "_articles SET pictures='" . addslashes(serialize($pictures)) . "' WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); printJSRedirect('action.php?action=' . $_REQUEST['action'] . '&id=' . $_REQUEST['id'] . '&pubnow=' . $_REQUEST['pubnow'] . '&pageid=pics'); } } else { tmessageOverlay('picdel', array('ID' => $_REQUEST['id'], 'DELPIC' => $_REQUEST['delpic'])); } } elseif ($_POST['send']) { require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); require_once BASEDIR . 'lib/class.image.php'; $img = new image(); //Bilder abarbeiten for ($i = 1; $i <= 5; $i++) { if (!$_FILES['upload' . $i]['tmp_name']) { continue; } $ext = strtolower($mm->getext($_FILES['upload' . $i]['name'])); if ($ext == 'gif') { $ext = 'jpg'; } $newname = 'pic' . '-' . $_POST['id'] . '-' . $nextid . '.' . $ext; $newfile = 'articles/gallery/' . $newname; $thumbname = 'pic' . '-' . $_POST['id'] . '-' . $nextid . '-thumb.' . $ext; $thumbfile = 'articles/gallery/' . $thumbname; //Erfolgreichen Upload prüfen if (!$mm->uploadfile($_FILES['upload' . $i], 'articles/gallery', $newname)) { continue; } //Bild einlesen list($picture, $picturetype) = $img->getimage($newfile); //////// THUMBNAIL $thumbnail = $img->resize($picture, $set['articles']['thumbwidth'], $set['articles']['thumbheight'], $set['articles']['artpic_quality']); $img->saveimage($thumbnail, $picturetype, $thumbfile); //////// BILD //Bild skalieren if ($picture !== false && !$_POST['noresize' . $i] && $set['articles']['picwidth'] && $set['articles']['picheight']) { $scaled = $img->resize($picture, $set['articles']['picwidth'], $set['articles']['picheight'], $set['articles']['artpic_quality'], 0); if ($scaled != $picture) { imagedestroy($picture); } $picture = $scaled; } //Wasserzeichen einfügen if ($picture !== false && $set['articles']['watermark'] && $_POST['watermark' . $i]) { $watermarked = $img->watermark($picture, $set['articles']['watermark'], $set['articles']['watermark_position'], $set['articles']['watermark_transp']); if ($watermarked != $picture) { imagedestroy($picture); } $picture = $watermarked; } //Bild erstellen $img->saveimage($picture, $picturetype, $newfile); //Cleanup imagedestroy($picture); imagedestroy($thumbnail); unset($picture, $thumbnail); $pictures[$nextid] = array('picture' => $newfile, 'thumbnail' => $thumbfile); ++$nextid; } //Bilder eintragen $db->query("UPDATE " . PRE . "_articles SET pictures='" . addslashes(serialize($pictures)) . "',pictures_nextid='" . intval($nextid) . "' WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); //Artikel beenden if ($_POST['submit_finish']) { $this->finish_article(); return; } else { printJSRedirect('action.php?action=' . $_REQUEST['action'] . '&id=' . $_REQUEST['id'] . '&pubnow=' . $_REQUEST['pubnow'] . '&pageid=pics'); } } else { echo '<h2>' . $apx->lang->get(iif($this->type == 'normal', 'ARTICLE', strtoupper($this->type))) . ': ' . $this->title . '</h2>'; //Bilderserie auflisten foreach ($pictures as $id => $res) { ++$i; $picdata[$i]['ID'] = $id; $picdata[$i]['IMAGE'] = HTTPDIR . getpath('uploads') . $res['thumbnail']; $picdata[$i]['LINK'] = HTTPDIR . getpath('uploads') . $res['picture']; $picdata[$i]['OPTIONS'] .= optionHTMLOverlay('del.gif', $_REQUEST['action'], 'id=' . $_REQUEST['id'] . '&pageid=pics&delpic=' . $id . '&pubnow=' . $_REQUEST['pubnow'], $apx->lang->get('CORE_DEL')); } $apx->tmpl->assign('SET_WATERMARK', iif($set['articles']['watermark'], 1, 0)); $apx->tmpl->assign('SET_NORESIZE', iif($set['articles']['picwidth'] && $set['articles']['picheight'], 1, 0)); $apx->tmpl->assign('PIC', $picdata); $apx->tmpl->assign('PUBNOW', (int) $_REQUEST['pubnow']); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('ACTION', iif($_REQUEST['action'] == 'articles.add', 'add', 'edit')); $apx->tmpl->parse('pictures'); } }
foreach ($attachments as $source) { $sourcepath = BASEDIR . getpath('uploads') . 'temp/' . $source['source']; $filedata = fread(fopen($sourcepath, 'r'), filesize($sourcepath)); $body .= "--" . $boundary . "\n"; $body .= "Content-Type: " . $source['type'] . "; name=\"" . $source['filename'] . "\"\n"; $body .= "Content-Transfer-Encoding: base64\n"; $body .= "Content-Disposition: attachment; filename=\"" . $source['filename'] . "\"\n\n"; $body .= chunk_split(base64_encode($filedata)); $body .= "\n"; } $body .= "--{$boundary}--\n"; //eMail abschicken mail($sendtomail, $_POST['subject'], $body, $header); //Anhänge vom Server löschen foreach ($attachments as $tempfile) { $mm->deletefile('temp/' . $tempfile['source']); } } //Kopie an mich if ($_POST['copytome']) { $copytext = ''; if ($apx->lang->get('COPY_INTRO')) { $copytext .= $apx->lang->get('COPY_INTRO') . "\r\n\r\n-----\r\n\r\n"; } $copytext .= $text; if ($set['main']['mailbotname']) { $from = 'From:' . $set['main']['mailbotname'] . '<' . $set['main']['mailbot'] . '>'; } else { $from = 'From:' . $set['main']['mailbot']; } if (count($attachments)) {
if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send']) { $db->query("DELETE FROM " . PRE . "_user_gallery WHERE id='" . $_REQUEST['id'] . "' AND owner='" . $user->info['userid'] . "' LIMIT 1"); if ($db->affected_rows()) { $data = $db->fetch("SELECT picture,thumbnail FROM " . PRE . "_user_pictures WHERE galid='" . $_REQUEST['id'] . "'"); $db->query("DELETE FROM " . PRE . "_user_pictures WHERE galid='" . $_REQUEST['id'] . "'"); require_once BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); if (count($data)) { foreach ($data as $res) { $picture = $res['picture']; $thumbnail = $res['thumbnail']; if ($picture && file_exists(BASEDIR . getpath('uploads') . $picture)) { $mm->deletefile($picture); } if ($thumbnail && file_exists(BASEDIR . getpath('uploads') . $thumbnail)) { $mm->deletefile($thumbnail); } } } $mm->deletedir('user/gallery-' . $_REQUEST['id']); } message($apx->lang->get('MSG_DEL_OK'), mklink('user.php?action=mygallery', 'user,mygallery.html')); } else { tmessage('delgallery', array('ID' => $_REQUEST['id'])); } require 'lib/_end.php'; } //GALERIEN AUFLISTEN
function del() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { if (!checkToken()) { printInvalidToken(); } else { $res = $db->first("SELECT picture FROM " . PRE . "_calendar_events WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $db->query("DELETE FROM " . PRE . "_calendar_events WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); //Kommentare löschen if ($apx->is_module('comments')) { $db->query("DELETE FROM " . PRE . "_comments WHERE ( module='anzeigenmarkt' AND mid='" . $_REQUEST['id'] . "' )"); } //Bilder löschen require_once BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $picture = $res['picture']; $poppic = str_replace('-thumb.', '.', $picture); if ($picture && file_exists(BASEDIR . getpath('uploads') . $picture)) { $mm->deletefile($picture); } if ($poppic && file_exists(BASEDIR . getpath('uploads') . $poppic)) { $mm->deletefile($poppic); } //Tags löschen $db->query("DELETE FROM " . PRE . "_calendar_tags WHERE id='" . $_REQUEST['id'] . "'"); logit('CALENDAR_DEL', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('calendar.show')); } } else { list($title) = $db->first("SELECT title FROM " . PRE . "_calendar_events WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($title)))); tmessageOverlay('deltitle', array('ID' => $_REQUEST['id']), '/'); } }
function pdel() { global $set, $db, $apx; //Mehrere if (is_array($_REQUEST['multiid'])) { if (!checkToken()) { printInvalidToken(); } else { $cache = array_map('intval', $_REQUEST['multiid']); if (!count($cache)) { header("HTTP/1.1 301 Moved Permanently"); header('Location: ' . get_index('gallery.pshow')); return; } if (count($cache)) { $data = $db->fetch("SELECT galid,thumbnail,picture FROM " . PRE . "_gallery_pics WHERE ( id IN ( " . implode(',', $cache) . ") )"); $db->query("DELETE FROM " . PRE . "_gallery_pics WHERE ( id IN ( " . implode(',', $cache) . ") )"); require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $galid = null; //Bilder löschen if (count($data)) { foreach ($data as $res) { $galid = $res['galid']; $mm->deletefile($res['thumbnail']); $mm->deletefile($res['picture']); } } //Kommentare und Bewertungen löschen if ($apx->is_module('comments')) { $db->query("DELETE FROM " . PRE . "_comments WHERE ( module='gallery' AND mid IN ( " . implode(',', $cache) . " ) )"); } if ($apx->is_module('ratings')) { $db->query("DELETE FROM " . PRE . "_ratings WHERE ( module='gallery' AND mid IN ( " . implode(',', $cache) . " ) )"); } foreach ($cache as $id) { logit('GALLERY_PDEL', 'ID #' . $id); } //Galerie-Updatetime if ($galid) { $this->setGalleryUpdatetime($galid); } } header("HTTP/1.1 301 Moved Permanently"); header('Location: ' . get_index('gallery.pshow')); } } else { $_REQUEST['id'] = (int) $_REQUEST['id']; $_REQUEST['gid'] = (int) $_REQUEST['gid']; if (!$_REQUEST['id']) { die('missing ID!'); } if (!$_REQUEST['gid']) { die('missing gallery ID!'); } if ($_POST['send'] == 1) { if (!checkToken()) { printInvalidToken(); } else { $res = $db->first("SELECT galid,thumbnail,picture FROM " . PRE . "_gallery_pics WHERE ( id='" . $_REQUEST['id'] . "' AND galid='" . $_REQUEST['gid'] . "' ) LIMIT 1"); $db->query("DELETE FROM " . PRE . "_gallery_pics WHERE ( id='" . $_REQUEST['id'] . "' AND galid='" . $_REQUEST['gid'] . "' ) LIMIT 1"); //Nur löschen, wenn der Muttereintrag wirklich gelöscht wurde! if ($db->affected_rows()) { //Bilder löschen require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $mm->deletefile($res['thumbnail']); $mm->deletefile($res['picture']); //Kommentare und Bewertungen löschen if ($apx->is_module('comments')) { $db->query("DELETE FROM " . PRE . "_comments WHERE ( module='gallery' AND mid='" . $_REQUEST['id'] . "' )"); } if ($apx->is_module('ratings')) { $db->query("DELETE FROM " . PRE . "_ratings WHERE ( module='gallery' AND mid='" . $_REQUEST['id'] . "' )"); } //Preview-Bild-Zuweisung löschen (falls vorhanden) $db->query("UPDATE " . PRE . "_gallery SET preview='' WHERE preview='" . addslashes($res['thumbnail']) . "'"); //Galerie-Updatetime $this->setGalleryUpdatetime($_REQUEST['gid']); } logit('GALLERY_PDEL', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('gallery.pshow')); } } else { $input['ID'] = $_REQUEST['id']; $input['GID'] = $_REQUEST['gid']; tmessageOverlay('pdel', $input); } } }