function admin_cms_edit($id)
{
global $db;
ob_end_clean();
$db->setMode(0);
ajax_convert_array($_POST);
if (@$_SESSION['rights']['admin']['cms']['edit'] or @$_SESSION['rights']['superadmin']) {
$lang = array();
foreach ($_POST as $key => $value) {
if (strpos($key, 'cription_')) {
$lang[substr($key, strpos($key, '_') + 1)] = $value;
}
}
$head = array();
foreach ($_POST as $key => $value) {
if (strpos($key, 'eadline_')) {
$head[substr($key, strpos($key, '_') + 1)] = $value;
}
}
if ($db->query(sprintf('UPDATE ' . DB_PRE . 'ecp_cms SET `headline` = \'%s\', `content` = \'%s\', `access` = \'%s\' WHERE cmsID = %d', strsave(json_encode($head)), strsave(json_encode($lang)), strsave(admin_make_rights($_POST['rights'])), $id))) {
echo 'ok';
}
} else {
echo html_ajax_convert(NO_ADMIN_RIGHTS);
}
die;
}
function admin_calendar_add()
{
global $db;
ob_end_clean();
ajax_convert_array($_POST);
if (@$_SESSION['rights']['admin']['calendar']['add'] or @$_SESSION['rights']['superadmin']) {
$db->setMode(0);
$lang = array();
foreach ($_POST as $key => $value) {
if (strpos($key, 'cription_')) {
$lang[substr($key, strpos($key, '_') + 1)] = $value;
}
}
if ($db->query(sprintf('INSERT INTO ' . DB_PRE . 'ecp_calendar (`eventname`, `inhalt`, `access`, `datum`, `userID`)
VALUES (\'%s\', \'%s\', \'%s\', %d, %d)', strsave($_POST['eventname']), strsave(json_encode($lang)), strsave(admin_make_rights($_POST['rights'])), strtotime($_POST['datum']), $_SESSION['userID']))) {
echo 'ok';
}
} else {
echo html_ajax_convert(NO_ADMIN_RIGHTS);
}
die;
}
function admin_downloads_kate_edit($id)
{
global $db;
ob_end_clean();
ajax_convert_array($_POST);
if ($_POST['kname'] == '') {
echo NOT_NEED_ALL_INPUTS;
} else {
$lang = array();
foreach ($_POST as $key => $value) {
if (strpos($key, 'cription_')) {
$lang[substr($key, strpos($key, '_') + 1)] = $value;
}
}
$sql = sprintf('UPDATE ' . DB_PRE . 'ecp_downloads_kate SET
`subkID` = %d,
`kname` = \'%s\',
`beschreibung` = \'%s\',
`access` = \'%s\'
WHERE kID = %d', (int) $_POST['subID'], strsave($_POST['kname']), strsave(json_encode($lang)), strsave(admin_make_rights($_POST['rights'])), $id);
$db->setMode(0);
if ($db->query($sql)) {
echo 'ok';
}
}
die;
}
function admin_menu_edit($id)
{
global $db;
if (@$_SESSION['rights']['admin']['menu']['edit'] or @$_SESSION['rights']['superadmin']) {
if (isset($_POST['submit'])) {
if ($_POST['name'] == '' or $_POST['design'] == '') {
table(ERROR, NOT_NEED_ALL_INPUTS);
$tpl = new smarty();
foreach ($_POST as $key => $value) {
$tpl->assign($key, $value);
}
$tpl->assign('module', get_module($_POST['modul']));
$tpl->assign('designs', get_designs($_POST['design']));
$tpl->assign('access', get_form_rights($_POST['access']));
$tpl->assign('func', 'add');
$lang = get_languages();
in_array('all', $_POST['language']) ? $options = '<option value="all" selected="selected">' . ALL . '</option>' : ($options = '<option value="all">' . ALL . '</option>');
foreach ($lang as $value) {
$options .= '<option ' . (in_array($value['lang'], $_POST['language']) ? ' selected="selected"' : '') . 'value="' . $value['lang'] . '">' . $value['name'] . '</option>';
}
$tpl->assign('languages', $options);
ob_start();
$tpl->display(DESIGN . '/tpl/admin/menu_add_edit.html');
$content = ob_get_contents();
ob_end_clean();
main_content(MENU_ADD, $content, '', 1);
} else {
if (in_array('all', $_POST['language'])) {
$lang = '';
} else {
$lang = ',' . implode(',', $_POST['language']) . ',';
}
$sql = sprintf('UPDATE ' . DB_PRE . 'ecp_menu SET `name` = \'%s\', `headline` = \'%s\', `inhalt` = \'%s\', `hposi` = \'%s\', `usetpl` =%d, `design` = \'%s\', `access` = \'%s\', `lang` = \'%s\', `modul` = \'%s\' WHERE menuID = %d', strsave($_POST['name']), strsave($_POST['headline']), strsave($_POST['inhalt']), strsave($_POST['postion']), (int) @$_POST['usetpl'], strsave($_POST['design']), strsave(admin_make_rights($_POST['access'])), strsave($lang), strsave($_POST['modul']), $id);
if ($db->query($sql)) {
header1('?section=admin&site=menu');
}
}
} else {
$menu = $db->fetch_assoc('SELECT * FROM ' . DB_PRE . 'ecp_menu WHERE menuID = ' . $id);
$tpl = new smarty();
$menu['headline'] = htmlentities($menu['headline']);
foreach ($menu as $key => $value) {
$tpl->assign($key, $value);
}
$tpl->assign('func', 'edit&id=' . $id);
$tpl->assign('module', get_module($menu['modul']));
$tpl->assign('designs', get_designs($menu['design']));
$tpl->assign('access', get_form_rights(explode(',', $menu['access'])));
$lang = get_languages();
$langs = explode(',', $menu['lang']);
$options = '<option value="all" ' . (count($langs) < 3 ? 'selected="selected"' : '') . '>' . ALL . '</option>';
foreach ($lang as $value) {
$options .= '<option ' . (in_array($value['lang'], $langs) ? ' selected="selected"' : '') . 'value="' . $value['lang'] . '">' . $value['name'] . '</option>';
}
$tpl->assign('languages', $options);
ob_start();
$tpl->display(DESIGN . '/tpl/admin/menu_add_edit.html');
$content = ob_get_contents();
ob_end_clean();
main_content(MENU_EDIT, $content, '', 1);
}
} else {
table(ERROR, NO_ADMIN_RIGHTS);
}
}
function admin_forum_edit($id)
{
global $db;
if (@$_SESSION['rights']['admin']['forum']['edit'] or @$_SESSION['rights']['superadmin']) {
if (isset($_POST['submit'])) {
if ($_POST['name'] == '') {
table(ERROR, NOT_NEED_ALL_INPUTS);
} else {
$sql = sprintf('UPDATE ' . DB_PRE . 'ecp_forum_boards SET
`boardparentID` = %d,
`name` = \'%s\',
`beschreibung` = \'%s\',
`closed` = %d,
`attachments` = %d,
`attachmaxsize` = %d,
`rightsread` = \'%s\',
`threadopen` = \'%s\',
`postcom` = \'%s\',
`editcom` = \'%s\',
`startsurvey` = \'%s\',
`votesurvey` = \'%s\',
`attachfiles` = \'%s\',
`downloadattch` = \'%s\',
`threadclose` = \'%s\',
`threaddel` = \'%s\',
`threadmove` = \'%s\',
`threadpin` = \'%s\',
`editmocom` = \'%s\',
`delcom` = \'%s\',
`commentsperpost` = %d,
`moneyperpost` = %f
WHERE boardID = %d', $_POST['boardparentID'], strsave($_POST['name']), strsave($_POST['beschreibung']), $_POST['closed'], $_POST['attachments'], $_POST['attachmaxsize'] * $_POST['modifkator'], admin_make_rights($_POST['rightsread']), admin_make_rights($_POST['threadopen']), admin_make_rights($_POST['postcom']), admin_make_rights($_POST['editcom']), admin_make_rights($_POST['startsurvey']), admin_make_rights($_POST['votesurvey']), admin_make_rights($_POST['attachfiles']), admin_make_rights($_POST['downloadattch']), admin_make_rights($_POST['threadclose']), admin_make_rights($_POST['threaddel']), admin_make_rights($_POST['threadmove']), admin_make_rights($_POST['threadpin']), admin_make_rights($_POST['editmocom']), admin_make_rights($_POST['delcom']), $_POST['commentsperpost'], str_replace(',', '.', $_POST['moneyperpost']), $id);
if ($db->query($sql)) {
header1('?section=admin&site=forum');
}
}
} else {
$tpl = new smarty();
$boardinfos = $db->fetch_assoc('SELECT `boardparentID`, `beschreibung`, `name`, `isforum`, `closed`, `commentsperpost`, `moneyperpost`, `attachments`, `attachmaxsize`, `rightsread`, `threadopen`, `postcom`, `editcom`, `startsurvey`, `votesurvey`, `attachfiles`, `downloadattch`, `threadclose`, `threaddel`, `threadmove`, `threadpin`, `editmocom`, `delcom` FROM ' . DB_PRE . 'ecp_forum_boards WHERE boardID = ' . $id);
$tpl->assign('beschreibung', $boardinfos['beschreibung']);
$tpl->assign('isforum', $boardinfos['isforum']);
$tpl->assign('closed', $boardinfos['closed']);
$tpl->assign('commentsperpost', $boardinfos['commentsperpost']);
$tpl->assign('moneyperpost', $boardinfos['moneyperpost']);
$tpl->assign('attachments', $boardinfos['attachments']);
$tpl->assign('attachmaxsize', $boardinfos['attachmaxsize']);
$tpl->assign('name', $boardinfos['name']);
$db->query('SELECT groupID, name FROM ' . DB_PRE . 'ecp_groups ORDER by name ASC');
$gruppen = array();
while ($row = $db->fetch_assoc()) {
$gruppen[] = $row;
}
$db->query('SELECT boardID, name FROM ' . DB_PRE . 'ecp_forum_boards WHERE isforum = 0 ORDER BY name ASC');
$boards = '';
while ($row = $db->fetch_assoc()) {
$boards .= '<option ' . ($boardinfos['boardparentID'] == $row['boardID'] ? 'selected="selected" ' : '') . 'value="' . $row['boardID'] . '">' . $row['name'] . '</option>';
}
$tpl->assign('boards', $boards);
$tpl->assign('rightsread', forum_make_rights($gruppen, explode(',', substr($boardinfos['rightsread'], 1, strlen($boardinfos['rightsread']) - 2))));
$tpl->assign('threadopen', forum_make_rights($gruppen, explode(',', substr($boardinfos['threadopen'], 1, strlen($boardinfos['threadopen']) - 2))));
$tpl->assign('postcom', forum_make_rights($gruppen, explode(',', substr($boardinfos['postcom'], 1, strlen($boardinfos['postcom']) - 2))));
$tpl->assign('editcom', forum_make_rights($gruppen, explode(',', substr($boardinfos['editcom'], 1, strlen($boardinfos['editcom']) - 2))));
$tpl->assign('startsurvey', forum_make_rights($gruppen, explode(',', substr($boardinfos['startsurvey'], 1, strlen($boardinfos['startsurvey']) - 2))));
$tpl->assign('votesurvey', forum_make_rights($gruppen, explode(',', substr($boardinfos['votesurvey'], 1, strlen($boardinfos['votesurvey']) - 2))));
$tpl->assign('attachfiles', forum_make_rights($gruppen, explode(',', substr($boardinfos['attachfiles'], 1, strlen($boardinfos['attachfiles']) - 2))));
$tpl->assign('downloadattch', forum_make_rights($gruppen, explode(',', substr($boardinfos['downloadattch'], 1, strlen($boardinfos['downloadattch']) - 2))));
$tpl->assign('threadclose', forum_make_rights($gruppen, explode(',', substr($boardinfos['threadclose'], 1, strlen($boardinfos['threadclose']) - 2))));
$tpl->assign('threaddel', forum_make_rights($gruppen, explode(',', substr($boardinfos['threaddel'], 1, strlen($boardinfos['threaddel']) - 2))));
$tpl->assign('threadmove', forum_make_rights($gruppen, explode(',', substr($boardinfos['threadmove'], 1, strlen($boardinfos['threadmove']) - 2))));
$tpl->assign('threadpin', forum_make_rights($gruppen, explode(',', substr($boardinfos['threadpin'], 1, strlen($boardinfos['threadpin']) - 2))));
$tpl->assign('editmocom', forum_make_rights($gruppen, explode(',', substr($boardinfos['editmocom'], 1, strlen($boardinfos['editmocom']) - 2))));
$tpl->assign('delcom', forum_make_rights($gruppen, explode(',', substr($boardinfos['delcom'], 1, strlen($boardinfos['delcom']) - 2))));
$tpl->assign('url', 'edit&id=' . $id);
ob_start();
$tpl->display(DESIGN . '/tpl/admin/forum_add_edit.html');
$content = ob_get_contents();
ob_end_clean();
main_content(FORUM_ADD, $content, '', 1);
}
} else {
table(ERROR, NO_ADMIN_RIGHTS);
}
}
function admin_gallery_edit($id)
{
global $db;
$db->setMode(0);
ob_end_clean();
ajax_convert_array($_POST);
if (!isset($_SESSION['rights']['admin']['gallery']['edit']) and !isset($_SESSION['rights']['superadmin'])) {
table(ERROR, NO_ADMIN_RIGHTS);
} else {
if ($_POST['name'] == '' or !$_POST['folder'] or !$_POST['cID']) {
echo NOT_NEED_ALL_INPUTS;
} else {
$old = $db->result(DB_PRE . 'ecp_gallery', 'cID', 'galleryID = ' . $id);
$sql = sprintf('UPDATE ' . DB_PRE . 'ecp_gallery SET `name` = \'%s\', `folder` = \'%s\', `cID` = %d, `access` = \'%s\' WHERE galleryID = %d', strsave($_POST['name']), strsave($_POST['folder']), (int) $_POST['cID'], strsave(admin_make_rights($_POST['access'])), $id);
if ($db->query($sql)) {
echo 'ok';
if ($_POST['cID'] != $old) {
$db->query('UPDATE ' . DB_PRE . 'ecp_gallery_kate SET galleries = galleries +1 WHERE kateID =' . (int) $_POST['cID']);
$db->query('UPDATE ' . DB_PRE . 'ecp_gallery_kate SET galleries = galleries -1 WHERE kateID =' . $old);
}
}
}
}
die;
}
