Esempi in PHP per clean_request

Esempio n. 1

File: filter.php Progetto: php-fusion/PHP-Fusion

 public function set_filterInfo()
 {
     $locale = fusion_get_locale("", FORUM_LOCALE);
     $time = isset($_GET['time']) ? $_GET['time'] : '';
     $type = isset($_GET['type']) ? $_GET['type'] : '';
     $sort = isset($_GET['sort']) ? $_GET['sort'] : '';
     $order = isset($_GET['order']) ? $_GET['order'] : '';
     $timeCol = '';
     $typeCol = '';
     if ($time) {
         $time_array = array('today' => strtotime('today'), '2days' => strtotime('-2 days'), '1week' => strtotime('-1 week'), '2week' => strtotime('-2 weeks'), '1month' => strtotime('-2 months'), '2month' => strtotime('-2 months'), '3month' => strtotime('-2 months'), '6month' => strtotime('-6 months'), '1year' => strtotime('-1 year'));
         $time_stop = $time_array['today'];
         foreach ($time_array as $key => $value) {
             if ($time == $key) {
                 $time_stop = prev($time_array);
                 break;
             }
         }
         if ($time !== 'today') {
             $start_time = intval($time_array[$time]);
             $end_time = time();
             $timeCol = "AND ((p1.post_datestamp BETWEEN '{$start_time}' AND '{$end_time}') OR (t.thread_lastpost BETWEEN '{$start_time}' AND '{$end_time}'))";
         } else {
             $timeCol = "AND (p1.post_datestamp >= " . intval($time_array[$time]) . " OR t.thread_lastpost >= " . intval($time_stop) . " )";
         }
     }
     if ($type) {
         $type_array = array('all' => '', 'discussions' => "AND (a1.attach_name IS NULL or a1.attach_name='') AND (a2.attach_name IS NULL or a2.attach_name='') AND (forum_poll_title IS NULL or forum_poll_title='')", 'attachments' => "AND a1.attach_name !='' OR a2.attach_name !='' AND (forum_poll_title IS NULL or forum_poll_title='')", 'poll' => "AND (a1.attach_name IS NULL or a1.attach_name='') AND (a2.attach_name IS NULL or a2.attach_name='') AND forum_poll_title !=''", 'solved' => "AND t.thread_answered = '1'", 'unsolved' => "AND t.thread_answered = '0'");
         $typeCol = $type_array[$type];
     }
     $sortCol = "ORDER BY t.thread_lastpost ";
     $orderCol = 'DESC';
     if ($sort) {
         $sort_array = array('author' => 't.thread_author', 'time' => 't.thread_lastpost', 'subject' => 't.thread_subject', 'reply' => 't.thread_postcount', 'view' => 't.thread_views');
         $sortCol = "ORDER BY " . $sort_array[$sort] . " ";
     }
     if ($order) {
         $order_array = array('ascending' => 'ASC', 'descending' => 'DESC');
         $orderCol = $order_array[$order];
     }
     $this->filter_sql = array('condition' => $timeCol . $typeCol, 'order' => $sortCol . $orderCol);
     // Filter Links
     $timeExt = isset($_GET['time']) ? "&time=" . $time : '';
     $typeExt = isset($_GET['type']) ? "&type=" . $type : '';
     $sortExt = isset($_GET['sort']) ? "&sort=" . $sort : '';
     $orderExt = isset($_GET['order']) ? "&order=" . $order : '';
     $baseLink = clean_request("", array("time", "type", "sort", "order"), FALSE);
     if (isset($_GET['viewforum']) && isset($_GET['forum_id'])) {
         $baseLink = INFUSIONS . 'forum/index.php?viewforum&forum_id=' . $_GET['forum_id'] . '' . (isset($_GET['parent_id']) ? '&parent_id=' . $_GET['parent_id'] . '' : '');
     }
     $timeLink = $baseLink . $typeExt . $sortExt . $orderExt;
     $this->filter_info['time'] = array($locale['forum_3006'] => $baseLink, $locale['forum_3007'] => $timeLink . '&time=today', $locale['forum_3008'] => $timeLink . '&time=2days', $locale['forum_3009'] => $timeLink . '&time=1week', $locale['forum_3010'] => $timeLink . '&time=2week', $locale['forum_3011'] => $timeLink . '&time=1month', $locale['forum_3012'] => $timeLink . '&time=2month', $locale['forum_3013'] => $timeLink . '&time=3month', $locale['forum_3014'] => $timeLink . '&time=6month', $locale['forum_3015'] => $timeLink . '&time=1year');
     $typeLink = $baseLink . $timeExt . $sortExt . $orderExt;
     $this->filter_info['type'] = array($locale['forum_3000'] => $typeLink . '&type=all', $locale['forum_3001'] => $typeLink . '&type=discussions', $locale['forum_3002'] => $typeLink . '&type=attachments', $locale['forum_3003'] => $typeLink . '&type=poll', $locale['forum_3004'] => $typeLink . '&type=solved', $locale['forum_3005'] => $typeLink . '&type=unsolved');
     $sortLink = $baseLink . $timeExt . $typeExt . $orderExt;
     $this->filter_info['sort'] = array($locale['forum_3016'] => $sortLink . '&sort=author', $locale['forum_3017'] => $sortLink . '&sort=time', $locale['forum_3018'] => $sortLink . '&sort=subject', $locale['forum_3019'] => $sortLink . '&sort=reply', $locale['forum_3020'] => $sortLink . '&sort=view');
     $orderLink = $baseLink . $timeExt . $typeExt . $sortExt;
     $this->filter_info['order'] = array($locale['forum_3021'] => $orderLink . '&order=descending', $locale['forum_3022'] => $orderLink . '&order=ascending');
 }

Esempio n. 2

File: view.php Progetto: php-fusion/PHP-Fusion

 public function display_thread()
 {
     $info = $this->thread()->get_threadInfo();
     if (isset($_GET['action'])) {
         $poll = new Poll($info);
         switch ($_GET['action']) {
             case 'editpoll':
                 $poll->render_poll_form(true);
                 break;
             case 'deletepoll':
                 $poll->delete_poll();
                 break;
             case 'newpoll':
                 $poll->render_poll_form();
                 break;
             case 'edit':
                 $this->render_edit_form();
                 break;
             case 'reply':
                 $this->render_reply_form();
                 break;
             default:
                 redirect(clean_request('', array('action'), false));
         }
     } else {
         $response = self::check_download_request();
         if ($response == true) {
             redirect(clean_request("", array("getfile"), false));
         }
         // +1 threadviews
         $this->increment_thread_views($info['thread']['thread_id']);
         // +1 see who is viewing thread
         $this->thread()->set_thread_visitor();
         if ($info['thread']['forum_users'] == true) {
             $info['thread_users'] = $this->get_participated_users($info);
         }
         render_thread($info);
     }
 }

Esempio n. 3

File: news_cat.php Progetto: php-fusion/PHP-Fusion

/**
 * Recursive function to display administration table
 * @param     $data
 * @param int $id
 */
function display_news_category($data, $id = 0)
{
    $locale = fusion_get_locale();
    if (!$id) {
        ?>
        <table class="table table-responsive table-striped">
        <thead>
        <tr>
            <th></th>
            <th class="col-xs-4">Category Name</th>
            <th>Image</th>
            <th>News Status</th>
            <th>Draft</th>
            <th>Sticky</th>
            <th>Visibility</th>
            <th>Language</th>
            <th>Actions</th>
            <th>ID</th>
        </tr>
        </thead>
        <tbody>
    <?php 
    }
    ?>

    <?php 
    if (!empty($data[$id])) {
        ?>

        <?php 
        foreach ($data[$id] as $cat_id => $cdata) {
            $edit_link = clean_request("section=news_category&ref=news_cat_form&action=edit&cat_id=" . $cat_id, array("section", "ref", "action", "cat_id"), FALSE);
            $delete_link = clean_request("section=news_category&ref=news_cat_form&action=delete&cat_id=" . $cat_id, array("section", "ref", "action", "cat_id"), FALSE);
            ?>
            <tr>
                <td><?php 
            echo form_checkbox("news_cat_id[]", "", "", array("value" => $cat_id, "class" => "m-b-0"));
            ?>
</td>
                <td>
                    <a class="text-dark" href="<?php 
            echo $edit_link;
            ?>
">
                        <?php 
            echo $cdata['news_cat_name'];
            ?>
                    </a>
                </td>
                <td>
                    <img style="width:50px" src="<?php 
            echo get_image("nc_" . $cdata['news_cat_name']);
            ?>
"
                         alt="<?php 
            echo $cdata['news_cat_name'];
            ?>
"/>
                </td>
                <td>
                    <span class="badge"><?php 
            echo $cdata['news_published'];
            ?>
 published</span>
                    <span class="label label-default m-r-10"><i
                            class="fa fa-star fa-fw"></i> <?php 
            echo $cdata['news_draft'];
            ?>
 </span>
                    <span class="label label-warning"><i
                            class="fa fa-sticky-note-o fa-fw"></i> <?php 
            echo $cdata['news_sticky'];
            ?>
 </span>
                </td>
                <td><span class="badge"><?php 
            echo $cdata['news_cat_draft'] ? $locale['yes'] : $locale['no'];
            ?>
</span>
                </td>
                <td><span class="badge"><?php 
            echo $cdata['news_cat_sticky'] ? $locale['yes'] : $locale['no'];
            ?>
</span>
                </td>
                <td><span class="badge"><?php 
            echo getgroupname($cdata['news_cat_visibility']);
            ?>
</span></td>
                <td><?php 
            echo $cdata['news_cat_language'];
            ?>
</td>
                <td>
                    <div class="btn-group">
                        <a class="btn btn-xs btn-default" href="<?php 
            echo $edit_link;
            ?>
">
                            <?php 
            echo $locale['edit'];
            ?>
                        </a>
                        <a class="btn btn-xs btn-default"
                           href="<?php 
            echo $delete_link;
            ?>
"
                           onclick="return confirm('<?php 
            echo $locale['news_0350'];
            ?>
')">
                            <?php 
            echo $locale['delete'];
            ?>
                        </a>
                    </div>
                </td>
                <td>
                    <?php 
            echo $cdata['news_cat_id'];
            ?>
                </td>
            </tr>
            <?php 
            if (isset($data[$cdata['news_cat_id']])) {
                display_news_category($data, $cdata['news_cat_id']);
            }
            ?>
        <?php 
        }
        ?>
    <?php 
    } else {
        ?>
        <tr>
            <td colspan="10" class="text-center">
                <?php 
        echo $locale['news_0303'];
        ?>
            </td>
        </tr>
    <?php 
    }
    ?>

    <?php 
    if (!$id) {
        ?>
        </tbody>
        </table>
    <?php 
    }
}

Esempio n. 4

File: maincore.php Progetto: php-fusion/PHP-Fusion

                    } else {
                        if ($mime_types[$extension] != $each['type']) {
                            die('Prevented an unwanted file upload attempt!');
                        }
                    }
                }
                unset($file_info, $extension);
            }
        }
        unset($mime_types);
    }
}
$defender = new defender();
// Set admin login procedures
Authenticate::setAdminLogin();
$defender->debug_notice = FALSE;
// turn this off after beta.
$defender->sniff_token();
$dynamic = new dynamics();
$dynamic->boot();
$fusion_page_head_tags =& \PHPFusion\OutputHandler::$pageHeadTags;
$fusion_page_footer_tags =& \PHPFusion\OutputHandler::$pageFooterTags;
$fusion_jquery_tags =& \PHPFusion\OutputHandler::$jqueryTags;
// Set theme using $_GET as well.
// Set theme
if ($userdata['user_level'] == USER_LEVEL_SUPER_ADMIN && isset($_GET['themes']) && theme_exists($_GET['themes'])) {
    $newUserTheme = array("user_id" => $userdata['user_id'], "user_theme" => stripinput($_GET['themes']));
    dbquery_insert(DB_USERS, $newUserTheme, "update");
    redirect(clean_request("", array("themes"), FALSE));
}
set_theme(empty($userdata['user_theme']) ? fusion_get_settings("theme") : $userdata['user_theme']);

Esempio n. 5

File: article_submissions.php Progetto: php-fusion/PHP-Fusion

                echo form_button('preview', $locale['articles_0240'], $locale['articles_0240'], array('class' => 'btn-default m-r-10'));
                echo form_button('publish', $locale['articles_0242'], $locale['articles_0242'], array('class' => 'btn-primary m-r-10'));
                echo form_button('delete', $locale['articles_0243'], $locale['articles_0243'], array('class' => 'btn-warning m-r-10'));
                echo closeform();
            }
        }
    }
} else {
    $result = dbquery("SELECT\n\t\t\tts.submit_id, ts.submit_datestamp, ts.submit_criteria, tu.user_id, tu.user_name, tu.user_avatar, tu.user_status\n\t\t\tFROM " . DB_SUBMISSIONS . " ts\n\t\t\tLEFT JOIN " . DB_USERS . " tu ON ts.submit_user=tu.user_id\n\t\t\tWHERE submit_type='a' order by submit_datestamp desc\n\t\t\t");
    $rows = dbrows($result);
    if ($rows > 0) {
        echo "<div class='well'>" . sprintf($locale['articles_0044'], format_word($rows, $locale['fmt_submission'])) . "</div>\n";
        echo "<table class='table table-striped'>\n";
        echo "<tr>\n";
        echo "<th>" . $locale['articles_0041'] . "</th>\n<th>" . $locale['articles_0046'] . "</th><th>" . $locale['articles_0047'] . "</th><th>" . $locale['articles_0048'] . "</th>";
        echo "</tr>\n";
        echo "<tbody>\n";
        while ($data = dbarray($result)) {
            $submit_criteria = unserialize($data['submit_criteria']);
            echo "<tr>\n";
            echo "<td><a href='" . clean_request("submit_id=" . $data['submit_id'], array("section", "aid"), TRUE) . "'>" . $submit_criteria['article_subject'] . "</a></td>\n";
            echo "<td>" . profile_link($data['user_id'], $data['user_name'], $data['user_status']) . "</td>\n";
            echo "<td>" . timer($data['submit_datestamp']) . "</td>\n";
            echo "<td>" . $data['submit_id'] . "</td>\n";
            echo "</tr>\n";
        }
        echo "</tbody>\n</table>\n";
    } else {
        echo "<div class='well text-center m-t-20'>" . $locale['articles_0042'] . "</div>\n";
    }
}

Esempio n. 6

File: comments_include.php Progetto: knapnet/PHP-Fusion

/**
 * @param $comment_type - abbr or short ID
 * @param $comment_db - Current Application DB - DB_BLOG for example.
 * @param $comment_col - current sql primary key column - 'blog_id' for example
 * @param $comment_item_id - current sql primary key value '$_GET['blog_id']' for example
 * @param $clink - current page link 'FUSION_SELF' is ok.
 */
function showcomments($comment_type, $comment_db, $comment_col, $comment_item_id, $clink)
{
    global $settings, $locale, $userdata, $aidlink;
    $link = FUSION_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : "");
    $link = preg_replace("^(&|\\?)c_action=(edit|delete)&comment_id=\\d*^", "", $link);
    $_GET['comment'] = isset($_GET['comment']) && isnum($_GET['comment']) ? $_GET['comment'] : 0;
    $cpp = $settings['comments_per_page'];
    if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
        if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) {
            $result = dbquery("DELETE FROM " . DB_COMMENTS . "\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : "\n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "'"));
        }
        redirect($clink . ($settings['comments_sorting'] == "ASC" ? "" : "&c_start=0"));
    }
    if ($settings['comments_enabled'] == "1") {
        if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
            if (!iMEMBER && $settings['guestpost'] == 1) {
                if (!isset($_POST['comment_name'])) {
                    redirect($link);
                }
                if (isnum($_POST['comment_name'])) {
                    $_POST['comment_name'] = '';
                }
                $_CAPTCHA_IS_VALID = FALSE;
                include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_check.php";
                if (!isset($_POST['captcha_code']) || $_CAPTCHA_IS_VALID == FALSE) {
                    redirect($link);
                }
            }
            $comment_data = array('comment_id' => isset($_GET['comment_id']) && isnum($_GET['comment_id']) ? $_GET['comment_id'] : 0, 'comment_name' => iMEMBER ? $userdata['user_id'] : form_sanitizer($_POST['comment_name'], '', 'comment_name'), 'comment_message' => form_sanitizer($_POST['comment_message'], '', 'comment_message'), 'comment_datestamp' => time(), 'comment_item_id' => $comment_item_id, 'comment_type' => $comment_type, 'comment_cat' => 0, 'comment_ip' => USER_IP, 'comment_ip_type' => USER_IP_TYPE, 'comment_hidden' => 0);
            if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && $comment_data['comment_id']) {
                $comment_updated = FALSE;
                if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $comment_data['comment_id'] . "' \n\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tAND comment_type='" . $comment_type . "' \n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "' \n\t\t\t\tAND comment_hidden='0'")) {
                    dbquery_insert(DB_COMMENTS, $comment_data, 'update');
                    if ($comment_data['comment_message']) {
                        $result = dbquery("UPDATE " . DB_COMMENTS . " SET comment_message='" . $comment_data['comment_message'] . "'\n  \t\t\t\t\t\t\t\t\t   WHERE comment_id='" . $_GET['comment_id'] . "' " . (iADMIN ? "" : "AND comment_name='" . $userdata['user_id'] . "'"));
                        if ($result) {
                            $comment_updated = TRUE;
                        }
                    }
                }
                if ($comment_updated) {
                    if ($settings['comments_sorting'] == "ASC") {
                        $c_operator = "<=";
                    } else {
                        $c_operator = ">=";
                    }
                    $c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_id" . $c_operator . "'" . $comment_data['comment_id'] . "'\n\t\t\t\t\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\n\t\t\t\t\t\t\t\tAND comment_type='" . $comment_type . "'");
                    $c_start = (ceil($c_count / $cpp) - 1) * $cpp;
                }
                redirect($clink . "&amp;c_start=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
            } else {
                if (!dbcount("(" . $comment_col . ")", $comment_db, $comment_col . "='" . $comment_item_id . "'")) {
                    redirect(BASEDIR . "index.php");
                }
                $id = 0;
                if ($comment_data['comment_name'] && $comment_data['comment_message']) {
                    require_once INCLUDES . "flood_include.php";
                    if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
                        dbquery_insert(DB_COMMENTS, $comment_data, 'save');
                        $id = dblastid();
                    }
                }
                if ($settings['comments_sorting'] == "ASC") {
                    $c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "'");
                    $c_start = (ceil($c_count / $cpp) - 1) * $cpp;
                } else {
                    $c_start = 0;
                }
                //if (!$settings['site_seo']) {
                redirect($clink . "&amp;c_start=" . $c_start . "#c" . $id);
                //}
            }
        }
        $c_arr = array("c_con" => array(), "c_info" => array("c_makepagenav" => FALSE, "admin_link" => FALSE));
        $c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'");
        if (!isset($_GET['c_start']) && $c_rows > $cpp) {
            $_GET['c_start'] = (ceil($c_rows / $cpp) - 1) * $cpp;
        }
        if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
            $_GET['c_start'] = 0;
        }
        $result = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcm.comment_datestamp,\n\t\t\t\t\ttcu.user_id, tcu.user_name, tcu.user_avatar, tcu.user_status\n\t\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\t\tWHERE comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'\n\t\t\t\t\tORDER BY comment_datestamp " . $settings['comments_sorting'] . " LIMIT " . $_GET['c_start'] . "," . $cpp);
        if (dbrows($result) > 0) {
            $i = $settings['comments_sorting'] == "ASC" ? $_GET['c_start'] + 1 : $c_rows - $_GET['c_start'];
            if ($c_rows > $cpp) {
                $c_arr['c_info']['c_makepagenav'] = makepagenav($_GET['c_start'], $cpp, $c_rows, 3, $clink . "&amp;", "c_start");
            }
            while ($data = dbarray($result)) {
                $c_arr['c_con'][$i]['comment_id'] = $data['comment_id'];
                $c_arr['c_con'][$i]['edit_dell'] = FALSE;
                $c_arr['c_con'][$i]['i'] = $i;
                if ($data['user_name']) {
                    $c_arr['c_con'][$i]['comment_name'] = profile_link($data['comment_name'], $data['user_name'], $data['user_status'], 'strong text-dark');
                } else {
                    $c_arr['c_con'][$i]['comment_name'] = $data['comment_name'];
                }
                $c_arr['c_con'][$i]['user_avatar'] = display_avatar($data, '35px', '', true, 'img-rounded');
                $c_arr['c_con'][$i]['user'] = array('user_id' => $data['user_id'], 'user_name' => $data['user_name'], 'user_avatar' => $avatar = $data['user_avatar'] !== '' && file_exists(IMAGES . 'avatars/' . $data['user_avatar']) ? IMAGES . 'avatars/' . $data['user_avatar'] : IMAGES . "avatars/noavatar50.png", 'user_status' => $data['user_status']);
                $c_arr['c_con'][$i]['comment_datestamp'] = showdate('shortdate', $data['comment_datestamp']);
                $c_arr['c_con'][$i]['comment_time'] = timer($data['comment_datestamp']);
                $c_arr['c_con'][$i]['comment_message'] = "<!--comment_message-->\n" . nl2br(parseubb(parsesmileys($data['comment_message'])));
                if (iADMIN && checkrights("C") || iMEMBER && $data['comment_name'] == $userdata['user_id'] && isset($data['user_name'])) {
                    $edit_link = clean_request('c_action=edit&comment_id=' . $data['comment_id'], array('c_action', 'comment_id'), false) . "#edit_comment";
                    $delete_link = clean_request('c_action=delete&comment_id=' . $data['comment_id'], array('c_action', 'comment_id'), false);
                    $c_arr['c_con'][$i]['edit_link'] = array('link' => $edit_link, 'name' => $locale['c108']);
                    $c_arr['c_con'][$i]['delete_link'] = array('link' => $delete_link, 'name' => $locale['c109']);
                    $c_arr['c_con'][$i]['edit_dell'] = "<!--comment_actions-->\n";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<div class='btn-group'>";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<a class='btn btn-xs btn-default' href='" . $edit_link . "'>";
                    $c_arr['c_con'][$i]['edit_dell'] .= $locale['c108'] . "</a>\n";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<a class='btn btn-xs btn-default' href='" . $delete_link . "' onclick=\"return confirm('" . $locale['c110'] . "');\">";
                    $c_arr['c_con'][$i]['edit_dell'] .= "<i class='fa fa-trash'></i> " . $locale['c109'] . "</a>";
                    $c_arr['c_con'][$i]['edit_dell'] .= "</div>\n";
                }
                $settings['comments_sorting'] == "ASC" ? $i++ : $i--;
            }
            if (iADMIN && checkrights("C")) {
                $c_arr['c_info']['admin_link'] = "<!--comment_admin-->\n";
                $c_arr['c_info']['admin_link'] .= "<a href='" . ADMIN . "comments.php" . $aidlink . "&amp;ctype=" . $comment_type . "&amp;comment_item_id=" . $comment_item_id . "'>" . $locale['c106'] . "</a>";
            }
        }
        opentable($locale['c102']);
        $comment_message = "";
        if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
            $eresult = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcu.user_name\n\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "' AND comment_item_id='" . $comment_item_id . "'\n\t\t\t\tAND comment_type='" . $comment_type . "' AND comment_hidden='0'");
            if (dbrows($eresult) > 0) {
                $edata = dbarray($eresult);
                if (iADMIN && checkrights("C") || iMEMBER && $edata['comment_name'] == $userdata['user_id'] && isset($edata['user_name'])) {
                    $clink .= "&amp;c_action=edit&amp;comment_id=" . $edata['comment_id'];
                    $comment_message = $edata['comment_message'];
                }
            } else {
                $comment_message = "";
            }
        }
        if (iMEMBER || $settings['guestposts'] == "1") {
            require_once INCLUDES . "bbcode_include.php";
            echo "<a id='edit_comment' name='edit_comment'></a>\n";
            echo openform('inputform', 'post', $clink, array('class' => 'm-b-20', 'max_tokens' => 1));
            if (iGUEST) {
                echo form_text('comment_name', $locale['c104'], '', array('max_length' => 30));
            }
            echo form_textarea('comment_message', '', $comment_message, array('required' => 1, 'autosize' => 1, 'form_name' => 'inputform', 'bbcode' => 1));
            if (iGUEST && (!isset($_CAPTCHA_HIDE_INPUT) || isset($_CAPTCHA_HIDE_INPUT) && !$_CAPTCHA_HIDE_INPUT)) {
                $_CAPTCHA_HIDE_INPUT = FALSE;
                echo "<div style='width:360px; margin:10px auto;'>";
                echo $locale['global_150'] . "<br />\n";
                include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_display.php";
                if (!$_CAPTCHA_HIDE_INPUT) {
                    echo "<br />\n<label for='captcha_code'>" . $locale['global_151'] . "</label>";
                    echo "<br />\n<input type='text' id='captcha_code' name='captcha_code' class='textbox' autocomplete='off' style='width:100px' />\n";
                }
                echo "</div>\n";
            }
            echo form_button('post_comment', $comment_message ? $locale['c103'] : $locale['c102'], $comment_message ? $locale['c103'] : $locale['c102'], array('class' => 'btn-success m-t-10'));
            echo closeform();
        } else {
            echo "<div class='well'>\n";
            echo $locale['c105'] . "\n";
            echo "</div>\n";
        }
        closetable();
        echo "<a id='comments' name='comments'></a>";
        render_comments($c_arr['c_con'], $c_arr['c_info']);
    }
}

Esempio n. 7

File: acp_theme.php Progetto: knapnet/PHP-Fusion

function render_admin_panel()
{
    global $locale, $userdata, $defender, $pages, $aidlink, $admin;
    $languages = fusion_get_enabled_languages();
    // Admin panel page
    echo "<div id='admin-panel' class='clearfix in'>\n";
    // Top header section
    echo "<section id='acp-header' class='pull-left affix clearfix' data-offset-top='0' data-offset-bottom='0'>\n";
    // Top left logo
    echo "<div class='brand'>\n";
    echo "<div class='pull-right'>\n";
    echo "</div>\n</div>\n";
    // Top navigation
    echo "<nav>\n";
    // Top side panel toggler
    echo "<ul class='venus-toggler'>\n";
    echo "<li><a id='toggle-canvas' class='pointer' style='border-left:none;'><i class='fa fa-bars fa-lg'></i></a></li>\n";
    echo "</ul>\n";
    echo $admin->horiziontal_admin_nav(true);
    // Top right menu links
    echo "<ul class='top-right-menu pull-right m-r-15'>\n";
    echo "<li class='dropdown'>\n";
    echo "<a class='dropdown-toggle pointer' data-toggle='dropdown'>" . display_avatar($userdata, '25px', '', '', '') . " " . $locale['logged'] . "<strong>" . $userdata['user_name'] . "</strong> <span class='caret'></span>\n</a>\n";
    echo "<ul class='dropdown-menu' role='menu'>\n";
    echo "<li><a class='display-block' href='" . BASEDIR . "edit_profile.php'>" . $locale['edit'] . " " . $locale['profile'] . "</a></li>\n";
    echo "<li><a class='display-block' href='" . BASEDIR . "profile.php?lookup=" . $userdata['user_id'] . "'>" . $locale['view'] . " " . $locale['profile'] . "</a></li>\n";
    echo "<li class='divider'> </li>\n";
    echo "<li><a class='display-block' href='" . FUSION_REQUEST . "&amp;logout'>" . $locale['admin-logout'] . "</a></li>\n";
    echo "<li><a class='display-block' href='" . BASEDIR . "index.php?logout=yes'>" . $locale['logout'] . "</a></li>\n";
    echo "</ul>\n";
    echo "</li>\n";
    echo "<li><a title='" . $locale['settings'] . "' href='" . ADMIN . "settings_main.php" . $aidlink . "'><i class='fa fa-cog fa-lg'></i></a></li>\n";
    echo "<li><a title='" . fusion_get_settings('sitename') . "' href='" . BASEDIR . "index.php'><i class='fa fa-home fa-lg'></i></a>\n</li>\n";
    echo "<li><a title='" . $locale['message'] . "' href='" . BASEDIR . "messages.php'><i class='fa fa-envelope-o fa-lg'></i></a>\n</li>\n";
    if (count($languages) > 1) {
        echo "<li class='dropdown'><a class='dropdown-toggle pointer' data-toggle='dropdown' title='" . $locale['282'] . "'><i class='fa fa-globe fa-lg fa-fw'></i> " . translate_lang_names(LANGUAGE) . "<span class='caret'></span></a>\n";
        echo "<ul class='dropdown-menu'>\n";
        foreach ($languages as $language_folder => $language_name) {
            echo "<li><a class='display-block' href='" . clean_request("lang=" . $language_folder, array("lang"), FALSE) . "'><img class='m-r-5' src='" . BASEDIR . "locale/{$language_folder}/{$language_folder}-s.png'> {$language_name}</a></li>\n";
        }
        echo "</ul>\n";
        echo "</li>\n";
    }
    echo "</ul>\n";
    // .top-right-menu
    echo "</nav>\n";
    echo "</section>\n";
    // Content section
    echo "<div class='content-wrapper display-table pull-left'>\n";
    // Left side panel
    echo "<div id='acp-left' class='pull-left affix' data-offset-top='0' data-offset-bottom='0'>\n";
    // collapse to top menu on sm and xs
    echo "<div class='panel panel-default admin'><div class='panel-body clearfix'>\n";
    echo "<div class='pull-left m-r-10'>\n" . display_avatar($userdata, '50px', '', '', '') . "</div>\n";
    echo "<span class='overflow-hide m-t-10'><h4 class='m-b-0 text-stronger'>\n" . $userdata['user_name'] . "</h4>\n" . getuserlevel($userdata['user_level']) . "</span></div>\n";
    echo "</div>\n";
    echo $admin->vertical_admin_nav();
    echo "</div>\n";
    // #acp-left
    // Control panel content wrapper
    echo "<div id='acp-main' class='clearfix' style='vertical-align:top;'>\n";
    // Main content wrapper
    echo "<div id='acp-content' class='m-t-20 col-xs-12 col-sm-12 col-md-12 col-lg-12'>\n";
    // Render breadcrumbs
    echo render_breadcrumbs();
    // Get and render notices
    $notices = getNotices();
    echo renderNotices($notices);
    // Render the content
    echo CONTENT;
    echo "</div>\n";
    // #acp-content
    // Footer section
    echo "<footer class='m-l-20 display-inline-block m-t-20 m-b-20'>\n";
    // Copyright
    echo "Venus Admin &copy; " . date("Y") . " created by <a href='https://www.php-fusion.co.uk'><strong>PHP-Fusion Inc.</strong></a>\n";
    echo showcopyright();
    // Render time
    if (fusion_get_settings('rendertime_enabled')) {
        echo "<br /><br />";
        // Make showing of queries and memory usage separate settings
        echo showrendertime();
        echo showMemoryUsage();
    }
    echo "</footer>\n";
    echo "</div>\n";
    // .acp-main
    echo "</div>\n";
    // .content-wrapper
    echo "</div>\n";
    // #admin-panel
    add_to_footer("<script src='" . THEMES . "admin_themes/Venus/includes/jquery.slimscroll.min.js'></script>");
    if (!isset($_COOKIE['acp_sidemenu'])) {
        setcookie("acp_sidemenu", 1, 64800);
    }
    add_to_jquery("\n\t// Initialize slimscroll\n\t\$('#adl').slimScroll({\n\t\theight: null\n\t});\n\n\t// Function to toggle side menu\n\tfunction toggleSideMenu(state) {\n\t\tvar panel_state = null;\n\t\tif (state == 'show') {\n\t\t\t\$('#admin-panel').addClass('in');\n\t\t\tvar panel_state = 1;\n\t\t} else if (state == 'hide') {\n\t\t\t\$('#admin-panel').removeClass('in');\n\t\t\tvar panel_state = 0;\n\t\t} else {\n\t\t\t\$('#admin-panel').toggleClass('in');\n\t\t\tvar panel_state = \$('#admin-panel').hasClass('in');\n\t\t}\n\t\tif (panel_state) {\n\t\t\t\$.cookie('" . COOKIE_PREFIX . "acp_sidemenu', '1', {expires: 164800});\n\t\t} else {\n\t\t\t\$.cookie('" . COOKIE_PREFIX . "acp_sidemenu', '0', {expires: 164800});\n\t\t}\n\t}\n\n\t// Adjust side menu height on page load, resize or orientation change\n\t\$(window).on('load resize orientationchange', function(event) {\n\t\tvar init_hgt = \$(window).height();\n\t\tvar small = \$('.brand-text').is(':visible');\n\t\tvar panel_height = (small ? init_hgt-125 : init_hgt-80);\n\t\tvar hgt = \$(this).height();\n\t\t\$('#acp-left').css('height', hgt);\n\t\t\$('.admin-vertical-link').css('height', panel_height);\n\t\t// Hide side menu on orientation change\n\t\t//if (event.type === 'orientationchange') {\n\t\t//\ttoggleSideMenu('show');\n\t\t//}\n\t});\n\t// Side menu toggler\n\t\$('#toggle-canvas').on('click', toggleSideMenu);\n\t");
}

Esempio n. 8

File: faqs.php Progetto: php-fusion/PHP-Fusion

        redirect(FUSION_SELF . $aidlink . "&show_faq=" . $data['faq_cat_id'] . "&faq_start=" . $faq_start);
    }
}
$cat_opts = array();
$result2 = dbquery("SELECT faq_cat_id, faq_cat_name, faq_cat_language\n\tFROM " . DB_FAQ_CATS . " " . (multilang_table("FQ") ? "WHERE faq_cat_language='" . LANGUAGE . "'" : "") . " ORDER BY faq_cat_name");
if (dbrows($result2) != 0) {
    while ($data2 = dbarray($result2)) {
        $cat_opts[$data2['faq_cat_id']] = $data2['faq_cat_name'];
    }
    echo openform('inputform', 'post', FUSION_REQUEST, array("class" => "m-t-20"));
    echo "<div class='row'>\n";
    echo "<div class='col-xs-12 col-sm-8'>\n";
    openside("");
    echo form_hidden("faq_id", "", $data['faq_id']);
    echo form_text('faq_question', $locale['faq_0301'], $data['faq_question'], array('required' => TRUE));
    echo form_textarea('faq_answer', $locale['faq_0302'], $data['faq_answer'], $fusion_mce);
    closeside();
    echo "</div>\n";
    echo "<div class='col-xs-12 col-sm-4'>\n";
    openside("");
    echo form_select("faq_cat_id", $locale['faq_0300'], $data['faq_cat_id'], array('options' => $cat_opts, "width" => "100%"));
    closeside();
    echo "</div>\n";
    echo "</div>\n";
    echo form_button('save_faq', $locale['faq_0303'], $locale['faq_0303'], array('class' => 'btn-primary m-t-10'));
    echo closeform();
} else {
    echo "<div class='well text-center m-t-20'>\n";
    echo str_replace(array("[LINK]", "[/LINK]"), array("<a href='" . clean_request("section=faq-category", array("aid"), TRUE) . "'>", "</a>"), $locale['faq_0304']);
    echo "</div>\n";
}

Esempio n. 9

File: index.php Progetto: showi/prog

            if (!$tin[$id]) {
                array_push($tab, $req);
                $tin[$id] = 1;
            }
        }
    }
    return $tab;
}
if (!$_REQUEST['node_id']) {
    exit(1);
}
$matches = null;
if (!preg_match("/^([\\d]{1,5},?){1,20}\$/", $_REQUEST['node_id'], $matches)) {
    exit(1);
}
$tab = clean_request($_REQUEST['node_id']);
if (!$tab) {
    print "Empty tab<br>";
    exit(1);
}
ShoCKDB_db::$db_backend = 'sqlite';
ShoCKDB_db::$db_path = 'data/feedNodi.sl3';
$db = new ShoCKDB_db();
if (!$db->open()) {
    print "Impossible d'ouvrir la db!<br>";
    exit(1);
}
header('Content-Type: application/json');
$res = new ShoCKDB_response($db);
for ($i = 0; $i < sizeof($tab); $i++) {
    //print "id: " . $tab[$i] . "<br>";

Esempio n. 10

File: core_functions_include.php Progetto: php-fusion/PHP-Fusion

 function breadcrumb_page_arrays($tree_index, $tree_full, $id_col, $title_col, $getname, $id)
 {
     $crumb =& $crumb;
     if (isset($tree_index[get_parent($tree_index, $id)])) {
         $_name = get_parent_array($tree_full, $id);
         $crumb = array('link' => isset($_name[$id_col]) ? clean_request($getname . "=" . $_name[$id_col], array("aid"), TRUE) : "", 'title' => isset($_name[$title_col]) ? \PHPFusion\QuantumFields::parse_label($_name[$title_col]) : "");
         if (get_parent($tree_index, $id) == 0) {
             return $crumb;
         }
         $crumb_1 = breadcrumb_page_arrays($tree_index, $tree_full, $id_col, $title_col, $getname, get_parent($tree_index, $id));
         if (!empty($crumb_1)) {
             $crumb = array_merge_recursive($crumb, $crumb_1);
         }
     }
     return $crumb;
 }

Esempio n. 11

File: Forum.php Progetto: knapnet/PHP-Fusion

 public function set_ForumInfo()
 {
     global $forum_settings, $userdata, $locale;
     if (stristr($_SERVER['PHP_SELF'], 'forum_id')) {
         if ($_GET['section'] == 'latest') {
             redirect(INFUSIONS . 'forum/index.php?section=latest');
         }
         if ($_GET['section'] == 'mypost') {
             redirect(INFUSIONS . 'forum/index.php?section=mypost');
         }
         if ($_GET['section'] == 'tracked') {
             redirect(INFUSIONS . 'forum/index.php?section=tracked');
         }
     }
     // security boot due to insufficient access level
     if (isset($_GET['viewforum']) && !verify_forum($_GET['forum_id'])) {
         redirect(INFUSIONS . 'forum/index.php');
     }
     // Xss sanitization
     $this->forum_info = array('forum_id' => isset($_GET['forum_id']) ? $_GET['forum_id'] : 0, 'parent_id' => isset($_GET['parent_id']) && verify_forum($_GET['parent_id']) ? $_GET['parent_id'] : 0, 'forum_branch' => isset($_GET['forum_branch']) && verify_forum($_GET['forum_branch']) ? $_GET['forum_branch'] : 0, 'new_thread_link' => '', 'lastvisited' => isset($userdata['user_lastvisit']) && isnum($userdata['user_lastvisit']) ? $userdata['user_lastvisit'] : time(), 'posts_per_page' => $forum_settings['posts_per_page'], 'threads_per_page' => $forum_settings['threads_per_page'], 'forum_index' => dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), 'threads' => array(), 'section' => isset($_GET['section']) ? $_GET['section'] : 'thread');
     // Set Max Rows -- XSS
     $this->forum_info['forum_max_rows'] = dbcount("('forum_id')", DB_FORUMS, (multilang_table("FO") ? "forum_language='" . LANGUAGE . "' AND" : '') . "\n\t\tforum_cat='" . $this->forum_info['parent_id'] . "' AND " . groupaccess('forum_access') . "");
     // Sanitize Globals
     $_GET['forum_id'] = $this->forum_info['forum_id'];
     $_GET['rowstart'] = isset($_GET['rowstart']) && $_GET['rowstart'] <= $this->forum_info['forum_max_rows'] ? $_GET['rowstart'] : 0;
     $this->ext = isset($this->forum_info['parent_id']) && isnum($this->forum_info['parent_id']) ? "&amp;parent_id=" . $this->forum_info['parent_id'] : '';
     add_to_title($locale['global_200'] . $locale['forum_0000']);
     add_breadcrumb(array('link' => INFUSIONS . 'forum/index.php', 'title' => $locale['forum_0000']));
     forum_breadcrumbs($this->forum_info['forum_index']);
     // Set Meta data
     if ($this->forum_info['forum_id'] > 0) {
         $meta_result = dbquery("SELECT forum_meta, forum_description FROM " . DB_FORUMS . " WHERE forum_id='" . intval($this->forum_info['forum_id']) . "'");
         if (dbrows($meta_result) > 0) {
             $meta_data = dbarray($meta_result);
             if ($meta_data['forum_description'] !== '') {
                 set_meta('description', $meta_data['forum_description']);
             }
             if ($meta_data['forum_meta'] !== '') {
                 set_meta('keywords', $meta_data['forum_meta']);
             }
         }
     }
     // Additional Sections in Index View
     if (isset($_GET['section'])) {
         switch ($_GET['section']) {
             case 'participated':
                 include INFUSIONS . "forum/sections/participated.php";
                 add_to_title($locale['global_201'] . $locale['global_024']);
                 add_breadcrumb(array('link' => INFUSIONS . "forum/index.php?section=participated", 'title' => $locale['global_024']));
                 set_meta("description", $locale['global_024']);
                 break;
             case 'latest':
                 include INFUSIONS . "forum/sections/latest.php";
                 add_to_title($locale['global_201'] . $locale['global_021']);
                 add_breadcrumb(array('link' => INFUSIONS . "forum/index.php?section=latest", 'title' => $locale['global_021']));
                 set_meta("description", $locale['global_021']);
                 break;
             case 'tracked':
                 include INFUSIONS . "forum/sections/tracked.php";
                 add_to_title($locale['global_201'] . $locale['global_056']);
                 add_breadcrumb(array('link' => INFUSIONS . "forum/index.php?section=tracked", 'title' => $locale['global_056']));
                 set_meta("description", $locale['global_056']);
                 break;
             case "unanswered":
                 include INFUSIONS . "forum/sections/unanswered.php";
                 add_to_title($locale['global_201'] . $locale['global_027']);
                 add_breadcrumb(array('link' => INFUSIONS . "forum/index.php?section=unanswered", 'title' => $locale['global_027']));
                 set_meta("description", $locale['global_027']);
                 break;
             case "unsolved":
                 include INFUSIONS . "forum/sections/unsolved.php";
                 add_to_title($locale['global_201'] . $locale['global_028']);
                 add_breadcrumb(array('link' => INFUSIONS . "forum/index.php?section=unsolved", 'title' => $locale['global_028']));
                 set_meta("description", $locale['global_028']);
                 break;
             default:
                 redirect(FUSION_SELF);
         }
     } else {
         // Switch between view forum or forum index -- required: $_GET['viewforum']
         if ($this->forum_info['forum_id'] && isset($this->forum_info['parent_id']) && isset($_GET['viewforum'])) {
             /**
              * View Forum Additional Views - add Filter Initialization
              */
             $time = isset($_GET['time']) ? $_GET['time'] : '';
             $type = isset($_GET['type']) ? $_GET['type'] : '';
             $sort = isset($_GET['sort']) ? $_GET['sort'] : '';
             $order = isset($_GET['order']) ? $_GET['order'] : '';
             $timeCol = '';
             $typeCol = '';
             if ($time) {
                 $time_array = array('today' => strtotime('today'), '2days' => strtotime('-2 day'), '1week' => strtotime('-1 week'), '2week' => strtotime('-2 week'), '1month' => strtotime('-2 month'), '2month' => strtotime('-2 month'), '3month' => strtotime('-2 month'), '6month' => strtotime('-6 month'), '1year' => strtotime('-1 year'));
                 $time_stop = '';
                 foreach ($time_array as $key => $value) {
                     if ($time == $key) {
                         $time_stop = prev($time_array);
                         break;
                     }
                 }
                 if ($time !== 'today') {
                     $timeCol = "AND ((post_datestamp >= '" . $time_array[$time] . "' OR t.thread_lastpost >= '" . $time_array[$time] . "') AND (post_datestamp <= '" . $time_stop . "' OR t.thread_lastpost <= '" . $time_stop . "')) ";
                 } else {
                     $timeCol = "AND (post_datestamp >= '" . $time_array[$time] . "' OR t.thread_lastpost >= '" . $time_array[$time] . "') ";
                 }
             }
             if ($type) {
                 $type_array = array('all' => '', 'discussions' => "AND (a1.attach_name IS NULL or a1.attach_name='') AND (a2.attach_name IS NULL or a2.attach_name='') AND (forum_poll_title IS NULL or forum_poll_title='')", 'attachments' => "AND a1.attach_name !='' OR a2.attach_name !='' AND (forum_poll_title IS NULL or forum_poll_title='')", 'poll' => "AND (a1.attach_name IS NULL or a1.attach_name='') AND (a2.attach_name IS NULL or a2.attach_name='') AND forum_poll_title !=''", 'solved' => "AND t.thread_answered = '1'", 'unsolved' => "AND t.thread_answered = '0'");
                 $typeCol = $type_array[$type];
             }
             $sortCol = "ORDER BY t.thread_lastpost ";
             $orderCol = 'ASC';
             if ($sort) {
                 $sort_array = array('author' => 't.thread_author', 'time' => 't.thread_lastpost', 'subject' => 't.thread_subject', 'reply' => 't.thread_postcount', 'view' => 't.thread_views');
                 $sortCol = "ORDER BY " . $sort_array[$sort] . " ";
             }
             if ($order) {
                 $order_array = array('ascending' => 'ASC', 'descending' => 'DESC');
                 $orderCol = $order_array[$order];
             }
             $sql_condition = $timeCol . $typeCol;
             $sql_order = $sortCol . $orderCol;
             // Filter Links
             $timeExt = isset($_GET['time']) ? "&amp;time=" . $_GET['time'] : '';
             $typeExt = isset($_GET['type']) ? "&amp;type=" . $_GET['type'] : '';
             $sortExt = isset($_GET['sort']) ? "&amp;sort=" . $_GET['sort'] : '';
             $orderExt = isset($_GET['order']) ? "&amp;order=" . $_GET['order'] : '';
             $baseLink = INFUSIONS . 'forum/index.php?viewforum&amp;forum_id=' . $_GET['forum_id'] . '' . (isset($_GET['parent_id']) ? '&amp;parent_id=' . $_GET['parent_id'] . '' : '');
             $timeLink = $baseLink . $typeExt . $sortExt . $orderExt;
             $this->forum_info['filter']['time'] = array($locale['forum_3006'] => INFUSIONS . 'forum/index.php?viewforum&amp;forum_id=' . $_GET['forum_id'] . '' . (isset($_GET['parent_id']) ? '&amp;parent_id=' . $_GET['parent_id'] . '' : ''), $locale['forum_3007'] => $timeLink . '&amp;time=today', $locale['forum_3008'] => $timeLink . '&amp;time=2days', $locale['forum_3009'] => $timeLink . '&amp;time=1week', $locale['forum_3010'] => $timeLink . '&amp;time=2week', $locale['forum_3011'] => $timeLink . '&amp;time=1month', $locale['forum_3012'] => $timeLink . '&amp;time=2month', $locale['forum_3013'] => $timeLink . '&amp;time=3month', $locale['forum_3014'] => $timeLink . '&amp;time=6month', $locale['forum_3015'] => $timeLink . '&amp;time=1year');
             $typeLink = $baseLink . $timeExt . $sortExt . $orderExt;
             $this->forum_info['filter']['type'] = array($locale['forum_3000'] => $typeLink . '&amp;type=all', $locale['forum_3001'] => $typeLink . '&amp;type=discussions', $locale['forum_3002'] => $typeLink . '&amp;type=attachments', $locale['forum_3003'] => $typeLink . '&amp;type=poll', $locale['forum_3004'] => $typeLink . '&amp;type=solved', $locale['forum_3005'] => $typeLink . '&amp;type=unsolved');
             $sortLink = $baseLink . $timeExt . $typeExt . $orderExt;
             $this->forum_info['filter']['sort'] = array($locale['forum_3016'] => $sortLink . '&amp;sort=author', $locale['forum_3017'] => $sortLink . '&amp;sort=time', $locale['forum_3018'] => $sortLink . '&amp;sort=subject', $locale['forum_3019'] => $sortLink . '&amp;sort=reply', $locale['forum_3020'] => $sortLink . '&amp;sort=view');
             $orderLink = $baseLink . $timeExt . $typeExt . $sortExt;
             $this->forum_info['filter']['order'] = array($locale['forum_3021'] => $orderLink . '&amp;order=descending', $locale['forum_3022'] => $orderLink . '&amp;order=ascending');
             // Forum SQL
             $result = dbquery("SELECT f.*, f2.forum_name AS forum_cat_name,\n\t\t\t\tt.thread_id, t.thread_lastpost, t.thread_lastpostid, t.thread_subject,\n\t\t\t\tcount(t.thread_id) as forum_threadcount, p.post_message,\n\t\t\t\tu.user_id, u.user_name, u.user_status, u.user_avatar\n\t\t\t\tFROM " . DB_FORUMS . " f\n\t\t\t\tLEFT JOIN " . DB_FORUMS . " f2 ON f.forum_cat = f2.forum_id\n\t\t\t\tLEFT JOIN " . DB_FORUM_THREADS . " t ON t.forum_id = f.forum_id\n\t\t\t\tLEFT JOIN " . DB_FORUM_POSTS . " p on p.thread_id = t.thread_id and p.post_id = t.thread_lastpostid\n\t\t\t\tLEFT JOIN " . DB_USERS . " u ON f.forum_lastuser=u.user_id  ## -- redo this part -- ##\n\t\t\t\t" . (multilang_table("FO") ? "WHERE f.forum_language='" . LANGUAGE . "' AND" : "WHERE") . " " . groupaccess('f.forum_access') . "\n\t\t\t\tAND f.forum_id='" . intval($this->forum_info['forum_id']) . "' OR f.forum_cat='" . intval($this->forum_info['forum_id']) . "' OR f.forum_branch='" . intval($this->forum_info['forum_branch']) . "'\n\t\t\t\tgroup by f.forum_id ORDER BY forum_cat ASC\n\t\t\t\t");
             $refs = array();
             if (dbrows($result) > 0) {
                 while ($row = dbarray($result) and checkgroup($row['forum_access'])) {
                     // Calculate Forum New Status
                     $newStatus = "";
                     $forum_match = "\\|" . $row['forum_lastpost'] . "\\|" . $row['forum_id'];
                     $last_visited = isset($userdata['user_lastvisit']) && isnum($userdata['user_lastvisit']) ? $userdata['user_lastvisit'] : time();
                     if ($row['forum_lastpost'] > $last_visited) {
                         if (iMEMBER && ($row['forum_lastuser'] !== $userdata['user_id'] || !preg_match("({$forum_match}\\.|{$forum_match}\$)", $userdata['user_threads']))) {
                             $newStatus = "<span class='forum-new-icon'><i title='" . $locale['forum_0260'] . "' class='" . Functions::get_forumIcons('new') . "'></i></span>";
                         }
                     }
                     // Calculate lastpost information
                     $lastPostInfo = array();
                     if ($row['forum_lastpostid']) {
                         $last_post = array('avatar' => '', 'avatar_src' => $row['user_avatar'] && file_exists(IMAGES . 'avatars/' . $row['user_avatar']) && !is_dir(IMAGES . 'avatars/' . $row['user_avatar']) ? IMAGES . 'avatars/' . $row['user_avatar'] : '', 'message' => fusion_first_words(parseubb(parsesmileys($row['post_message'])), 10), 'profile_link' => profile_link($row['forum_lastuser'], $row['user_name'], $row['user_status']), 'time' => timer($row['forum_lastpost']), 'date' => showdate("forumdate", $row['forum_lastpost']), 'thread_link' => INFUSIONS . "forum/viewthread.php?forum_id=" . $row['forum_id'] . "&amp;thread_id=" . $row['thread_id'], 'post_link' => INFUSIONS . "forum/viewthread.php?forum_id=" . $row['forum_id'] . "&amp;thread_id=" . $row['thread_id'] . "&amp;pid=" . $row['thread_lastpostid'] . "#post_" . $row['thread_lastpostid']);
                         if ($forum_settings['forum_last_post_avatar']) {
                             $last_post['avatar'] = display_avatar($row, '30px', '', '', 'img-rounded');
                         }
                         $lastPostInfo = $last_post;
                     }
                     /**
                      * Default system icons - why do i need this? Why not let themers decide?
                      */
                     switch ($row['forum_type']) {
                         case '1':
                             $forum_icon = "<i class='" . Functions::get_forumIcons('forum') . " fa-fw m-r-10'></i>";
                             $forum_icon_lg = "<i class='" . Functions::get_forumIcons('forum') . " fa-3x fa-fw m-r-10'></i>";
                             break;
                         case '2':
                             $forum_icon = "<i class='" . Functions::get_forumIcons('thread') . " fa-fw m-r-10'></i>";
                             $forum_icon_lg = "<i class='" . Functions::get_forumIcons('thread') . " fa-3x fa-fw m-r-10'></i>";
                             break;
                         case '3':
                             $forum_icon = "<i class='" . Functions::get_forumIcons('link') . " fa-fw m-r-10'></i>";
                             $forum_icon_lg = "<i class='" . Functions::get_forumIcons('link') . " fa-3x fa-fw m-r-10'></i>";
                             break;
                         case '4':
                             $forum_icon = "<i class='" . Functions::get_forumIcons('question') . " fa-fw m-r-10'></i>";
                             $forum_icon_lg = "<i class='" . Functions::get_forumIcons('question') . " fa-3x fa-fw m-r-10'></i>";
                             break;
                         default:
                             $forum_icon = "";
                             $forum_icon_lg = "";
                     }
                     $row += array("forum_moderators" => Functions::parse_forumMods($row['forum_mods']), "forum_new_status" => $newStatus, "forum_link" => array("link" => INFUSIONS . "forum/index.php?viewforum&amp;forum_id=" . $row['forum_id'] . "&amp;parent_id=" . $row['forum_cat'], "title" => $row['forum_name']), "forum_description" => nl2br(parseubb($row['forum_description'])), "forum_postcount_word" => format_word($row['forum_postcount'], $locale['fmt_post']), "forum_threadcount_word" => format_word($row['forum_threadcount'], $locale['fmt_thread']), "last_post" => $lastPostInfo, "forum_icon" => $forum_icon, "forum_icon_lg" => $forum_icon_lg, "forum_image" => $row['forum_image'] && file_exists(FORUM . "images/" . $row['forum_image']) ? $row['forum_image'] : "");
                     $this->forum_info['forum_moderators'] = $row['forum_moderators'];
                     // child hierarchy data.
                     $thisref =& $refs[$row['forum_id']];
                     $thisref = $row;
                     if ($row['forum_cat'] == $this->forum_info['parent_id']) {
                         $this->forum_info['item'][$row['forum_id']] =& $thisref;
                         // will push main item out.
                     } else {
                         $refs[$row['forum_cat']]['child'][$row['forum_id']] =& $thisref;
                     }
                     /**
                      * The current forum
                      */
                     if ($row['forum_id'] == $this->forum_info['forum_id']) {
                         require_once INCLUDES . "mimetypes_include.php";
                         define_forum_mods($row);
                         // do the full string of checks for forums access
                         $this->setForumPermission($row);
                         // Generate Links
                         if ($this->getForumPermission("can_post")) {
                             $this->forum_info['new_thread_link'] = INFUSIONS . "forum/newthread.php?forum_id=" . $row['forum_id'];
                         }
                         /**
                          * Get threads with filter conditions
                          */
                         //xss
                         $count = dbarray(dbquery("SELECT\n\t\t\t\t\t\t\t\tcount(t.thread_id) 'thread_max_rows',\n\t\t\t\t\t\t\t\tcount(a1.attach_id) 'attach_image',\n\t\t\t\t\t\t\t\tcount(a2.attach_id) 'attach_files'\n\n\t\t\t\t\t\t\t\tFROM " . DB_FORUM_THREADS . " t\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUMS . " tf ON tf.forum_id = t.forum_id\n\t\t\t\t\t\t\t\tINNER JOIN " . DB_USERS . " tu1 ON t.thread_author = tu1.user_id\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_USERS . " tu2 ON t.thread_lastuser = tu2.user_id #issue 323\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_POSTS . " p1 ON p1.thread_id = t.thread_id and p1.post_id = t.thread_lastpostid\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_POLLS . " p ON p.thread_id = t.thread_id\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_VOTES . " v ON v.thread_id = t.thread_id AND p1.post_id = v.post_id\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_ATTACHMENTS . " a1 on a1.thread_id = t.thread_id AND a1.attach_mime IN ('" . implode(",", img_mimeTypes()) . "')\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_ATTACHMENTS . " a2 on a2.thread_id = t.thread_id AND a2.attach_mime NOT IN ('" . implode(",", img_mimeTypes()) . "')\n\t\t\t\t\t\t\t\tWHERE t.forum_id='" . $this->forum_info['forum_id'] . "' AND t.thread_hidden='0' AND " . groupaccess('tf.forum_access') . " {$sql_condition}\n\t\t\t\t\t\t\t\t##GROUP BY t.thread_id {$sql_order}\n\t\t\t\t\t\t"));
                         $this->forum_info['thread_max_rows'] = $count['thread_max_rows'];
                         if ($this->forum_info['thread_max_rows'] > 0) {
                             $this->forum_info['threads']['pagenav'] = "";
                             $this->forum_info['threads']['pagenav2'] = "";
                             // anti-XSS filtered rowstart
                             $_GET['thread_rowstart'] = isset($_GET['thread_rowstart']) && isnum($_GET['thread_rowstart']) && $_GET['thread_rowstart'] <= $this->forum_info['thread_max_rows'] ? $_GET['thread_rowstart'] : 0;
                             $t_result = dbquery("\n                                SELECT t.*, tu1.user_name AS author_name, tu1.user_status AS author_status, tu1.user_avatar as author_avatar,\n\t\t\t\t\t\t\t\ttu2.user_name AS last_user_name, tu2.user_status AS last_user_status, tu2.user_avatar AS last_user_avatar,\n\t\t\t\t\t\t\t\tp1.post_datestamp, p1.post_message,\n\t\t\t\t\t\t\t\tp.forum_poll_title,\n\t\t\t\t\t\t\t\tcount(v.post_id) AS vote_count,\n\t\t\t\t\t\t\t\ta1.attach_name, a1.attach_id,\n\t\t\t\t\t\t\t\ta2.attach_name, a2.attach_id,\n\t\t\t\t\t\t\t\tcount(a1.attach_mime) 'attach_image',\n\t\t\t\t\t\t\t\tcount(a2.attach_mime) 'attach_files'\n\t\t\t\t\t\t\t\tFROM " . DB_FORUM_THREADS . " t\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUMS . " tf ON tf.forum_id = t.forum_id\n\t\t\t\t\t\t\t\tINNER JOIN " . DB_USERS . " tu1 ON t.thread_author = tu1.user_id\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_USERS . " tu2 ON t.thread_lastuser = tu2.user_id #issue 323\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_POSTS . " p1 ON p1.thread_id = t.thread_id and p1.post_id = t.thread_lastpostid\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_POLLS . " p ON p.thread_id = t.thread_id\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_VOTES . " v ON v.thread_id = t.thread_id AND p1.post_id = v.post_id\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_ATTACHMENTS . " a1 on a1.thread_id = t.thread_id AND a1.attach_mime IN ('" . implode(",", img_mimeTypes()) . "')\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_ATTACHMENTS . " a2 on a2.thread_id = t.thread_id AND a2.attach_mime NOT IN ('" . implode(",", img_mimeTypes()) . "')\n\t\t\t\t\t\t\t\tWHERE t.forum_id='" . $this->forum_info['forum_id'] . "' AND t.thread_hidden='0' AND " . groupaccess('tf.forum_access') . " {$sql_condition}\n\t\t\t\t\t\t\t\tGROUP BY t.thread_id {$sql_order} LIMIT " . intval($_GET['thread_rowstart']) . ", " . $this->forum_info['threads_per_page']);
                             $thread_rows = dbrows($t_result);
                             if ($thread_rows > 0) {
                                 while ($threads = dbarray($t_result)) {
                                     $icon = "";
                                     $match_regex = $threads['thread_id'] . "\\|" . $threads['thread_lastpost'] . "\\|" . $threads['forum_id'];
                                     if ($threads['thread_lastpost'] > $this->forum_info['lastvisited']) {
                                         if (iMEMBER && ($threads['thread_lastuser'] == $userdata['user_id'] || preg_match("(^\\.{$match_regex}\$|\\.{$match_regex}\\.|\\.{$match_regex}\$)", $userdata['user_threads']))) {
                                             $icon = "<i class='" . get_forumIcons('thread') . "' title='" . $locale['forum_0261'] . "'></i>";
                                         } else {
                                             $icon = "<i class='" . get_forumIcons('new') . "' title='" . $locale['forum_0260'] . "'></i>";
                                         }
                                     }
                                     $author = array('user_id' => $threads['thread_author'], 'user_name' => $threads['author_name'], 'user_status' => $threads['author_status'], 'user_avatar' => $threads['author_avatar']);
                                     $lastuser = array('user_id' => $threads['thread_lastuser'], 'user_name' => $threads['last_user_name'], 'user_status' => $threads['last_user_status'], 'user_avatar' => $threads['last_user_avatar']);
                                     $threads += array("thread_link" => array("link" => INFUSIONS . "forum/viewthread.php?thread_id=" . $threads['thread_id'], "title" => $threads['thread_subject']), "forum_type" => $row['forum_type'], "thread_pages" => makepagenav(0, $forum_settings['posts_per_page'], $threads['thread_postcount'], 3, FORUM . "viewthread.php?thread_id=" . $threads['thread_id'] . "&amp;"), "thread_icons" => array('lock' => $threads['thread_locked'] ? "<i class='" . get_forumIcons('lock') . "' title='" . $locale['forum_0263'] . "'></i>" : '', 'sticky' => $threads['thread_sticky'] ? "<i class='" . get_forumIcons('sticky') . "' title='" . $locale['forum_0103'] . "'></i>" : '', 'poll' => $threads['thread_poll'] ? "<i class='" . get_forumIcons('poll') . "' title='" . $locale['forum_0314'] . "'></i>" : '', 'hot' => $threads['thread_postcount'] >= 20 ? "<i class='" . get_forumIcons('hot') . "' title='" . $locale['forum_0311'] . "'></i>" : '', 'reads' => $threads['thread_views'] >= 20 ? "<i class='" . get_forumIcons('reads') . "' title='" . $locale['forum_0311'] . "'></i>" : '', 'image' => $threads['attach_image'] > 0 ? "<i class='" . get_forumIcons('image') . "' title='" . $locale['forum_0313'] . "'></i>" : '', 'file' => $threads['attach_files'] > 0 ? "<i class='" . get_forumIcons('file') . "' title='" . $locale['forum_0312'] . "'></i>" : '', 'icon' => $icon), "thread_starter" => $locale['forum_0006'] . timer($threads['post_datestamp']) . " " . $locale['by'] . " " . profile_link($author['user_id'], $author['user_name'], $author['user_status']) . "</span>", "thread_author" => $author, "thread_last" => array('avatar' => display_avatar($lastuser, '30px', '', '', ''), 'profile_link' => profile_link($lastuser['user_id'], $lastuser['user_name'], $lastuser['user_status']), 'time' => $threads['post_datestamp'], 'post_message' => parseubb(parsesmileys($threads['post_message'])), "formatted" => "<div class='pull-left'>" . display_avatar($lastuser, '30px', '', '', '') . "</div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class='overflow-hide'>" . $locale['forum_0373'] . " <span class='forum_profile_link'>" . profile_link($lastuser['user_id'], $lastuser['user_name'], $lastuser['user_status']) . "</span><br/>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . timer($threads['post_datestamp']) . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t</div>"));
                                     //if ($threads['thread_status']['reads']) $threads['thread_status']['icon'] = $threads['thread_status']['reads'];
                                     //if ($threads['thread_status']['hot']) $threads['thread_status']['icon'] = $threads['thread_status']['hot'];
                                     //if ($threads['thread_status']['sticky']) $threads['thread_status']['icon'] = $threads['thread_status']['sticky'];
                                     //if ($threads['thread_status']['lock']) $threads['thread_status']['icon'] = $threads['thread_status']['lock'];
                                     // Threads Customized Output
                                     /*
                                     										$attach_image = 0;
                                     										$attach_file = 0;
                                     										$a_result = dbquery("SELECT attach_id, attach_mime FROM ".DB_FORUM_ATTACHMENTS." WHERE thread_id ='".$threads['thread_id']."'");
                                     										if (dbrows($a_result) > 0) {
                                     											require_once INCLUDES."mimetypes_include.php";
                                     											while ($adata = dbarray($a_result)) {
                                     												if (in_array($adata['attach_mime'], img_mimeTypes())) {
                                     													$attach_image = $attach_image+1;
                                     												} else {
                                     													$attach_file = $attach_file+1;
                                     												}
                                     											}
                                     										}*/
                                     if ($threads['thread_sticky']) {
                                         $this->forum_info['threads']['sticky'][$threads['thread_id']] = $threads;
                                     } else {
                                         $this->forum_info['threads']['item'][$threads['thread_id']] = $threads;
                                     }
                                 }
                             }
                             if ($this->forum_info['thread_max_rows'] > $this->forum_info['threads_per_page']) {
                                 $this->forum_info['threads']['pagenav'] = makepagenav($_GET['thread_rowstart'], $this->forum_info['threads_per_page'], $this->forum_info['thread_max_rows'], 3, clean_request("", array("thread_rowstart"), FALSE) . "&amp;", "thread_rowstart");
                                 $this->forum_info['threads']['pagenav2'] = makepagenav($_GET['thread_rowstart'], $this->forum_info['threads_per_page'], $this->forum_info['thread_max_rows'], 3, clean_request("", array("thread_rowstart"), FALSE) . "&amp;", "thread_rowstart", TRUE);
                             }
                         }
                     }
                 }
             } else {
                 redirect(INFUSIONS . 'forum/index.php');
             }
         } else {
             $this->forum_info['forums'] = Functions::get_forum();
         }
     }
 }

Esempio n. 12

File: tags.php Progetto: php-fusion/PHP-Fusion

 protected function displayTagForm()
 {
     global $aidlink;
     if (isset($_POST['cancel_tag'])) {
         redirect(clean_request("", array("tag_id", "ref"), FALSE));
     }
     $this->data['rank_language'] = LANGUAGE;
     // Special Select
     $groups_arr = getusergroups();
     $groups_except = array(USER_LEVEL_PUBLIC, USER_LEVEL_MEMBER, USER_LEVEL_ADMIN, USER_LEVEL_SUPER_ADMIN);
     $group_opts = array();
     foreach ($groups_arr as $group) {
         if (!in_array($group[0], $groups_except)) {
             $group_opts[$group[0]] = $group[1];
         }
     }
     $language_opts = fusion_get_enabled_languages();
     $this->post_tags();
     $form_action = FUSION_SELF . $aidlink . '&section=ft&ref=tag_form';
     if (isset($_GET['tag_id']) && isnum($_GET['tag_id'])) {
         $result = dbquery("SELECT * FROM " . DB_FORUM_TAGS . " WHERE tag_id='" . intval($_GET['tag_id']) . "'");
         if (dbrows($result) > 0) {
             $this->data = dbarray($result);
             $form_action = FUSION_SELF . $aidlink . "&section=ft&ref=tag_form&tag_id=" . $_GET['tag_id'];
         } else {
             redirect(clean_request("", array("rank_id", "ref"), FALSE));
         }
     }
     $button_locale = $this->data['tag_id'] ? self::$locale['forum_tag_0208'] : self::$locale['forum_tag_0207'];
     $html = openform('tag_form', 'post', $form_action, array('class' => 'm-t-20')) . form_text('tag_title', self::$locale['forum_tag_0200'], $this->data['tag_title'], array('required' => 1, 'error_text' => self::$locale['414'], "inline" => TRUE)) . form_textarea('tag_description', self::$locale['forum_tag_0201'], $this->data['tag_description'], array('inline' => TRUE, 'type' => 'bbcode', 'autosize' => TRUE, 'preview' => TRUE)) . form_colorpicker('tag_color', self::$locale['forum_tag_0202'], $this->data['tag_color'], array('inline' => TRUE, 'required' => TRUE));
     if (multilang_table("FR")) {
         $html .= form_select('tag_language', self::$locale['forum_tag_0203'], $this->data['tag_language'], array('options' => $language_opts, 'placeholder' => self::$locale['choose'], "inline" => TRUE));
     } else {
         $html .= form_hidden('tag_language', '', $this->data['tag_language']);
     }
     $html .= form_checkbox('tag_status', self::$locale['forum_tag_0204'], $this->data['tag_status'], array("options" => array(1 => self::$locale['forum_tag_0205'], 0 => self::$locale['forum_tag_0206']), "type" => "radio", "inline" => TRUE)) . form_button('save_tag', $button_locale, $button_locale, array('class' => 'btn-primary m-r-10')) . form_button('cancel_tag', self::$locale['cancel'], self::$locale['cancel'], array('class' => 'btn-default')) . closeform();
     return $html;
 }

Esempio n. 13

File: Admin.php Progetto: php-fusion/PHP-Fusion

 /** The Theme Editor - Manage UI */
 public static function display_theme_editor($theme_name)
 {
     global $aidlink, $locale;
     // sanitize theme exist
     $theme_name = self::verify_theme($theme_name) ? $theme_name : "";
     if (!$theme_name) {
         redirect(clean_request("", array("aid"), TRUE));
     }
     add_breadcrumb(array('link' => '', 'title' => $locale['theme_1018']));
     // go with tabs
     $tab['title'] = array($locale['theme_1022'], $locale['theme_1023'], $locale['theme_1024']);
     $tab['id'] = array("dashboard", "widgets", "css");
     $tab['icon'] = array("fa fa-edit fa-fw", "fa fa-cube fa-fw", "fa fa-css3 fa-fw");
     if (isset($_GET['action'])) {
         $tab['title'][] = $locale['theme_1029'];
         $tab['id'][] = "close";
         $tab['icon'][] = "fa fa-close fa-fw";
     }
     if (isset($_POST['close_theme'])) {
         redirect(FUSION_SELF . $aidlink);
     }
     $_GET['section'] = isset($_GET['section']) && in_array($_GET['section'], $tab['id']) ? $_GET['section'] : "dashboard";
     $tab_active = $_GET['section'];
     $atom = new \PHPFusion\Atom\Atom();
     $atom->target_folder = $theme_name;
     $atom->theme_name = $theme_name;
     echo opentab($tab, $tab_active, "theme_admin", TRUE);
     // now include the thing as necessary
     switch ($_GET['section']) {
         case "dashboard":
             /**
              * Delete preset
              */
             if (isset($_GET['delete_preset']) && isnum($_GET['delete_preset'])) {
                 if (empty($_GET['theme'])) {
                     redirect(FUSION_SELF . $aidlink);
                 }
                 $theme_name = stripinput($_GET['theme']);
                 $file = dbarray(dbquery("SELECT theme_file FROM " . DB_THEME . " WHERE theme_name='" . $theme_name . "'\n\t\t\t\t\tand theme_id='" . intval($_GET['delete_preset']) . "'"));
                 if (file_exists(THEMES . $theme_name . "/" . $file['theme_file'])) {
                     unlink(THEMES . $theme_name . "/" . $file['theme_file']);
                 }
                 dbquery("DELETE FROM " . DB_THEME . " WHERE theme_id='" . intval($_GET['delete_preset']) . "'");
                 addNotice('success', $locale['theme_success_002']);
                 redirect(clean_request("", array("section", "aid", "action", "theme"), TRUE));
             }
             /**
              * Set active presets
              */
             if (isset($_POST['load_preset']) && isnum($_POST['load_preset'])) {
                 $result = dbquery("select theme_id FROM " . DB_THEME . " WHERE theme_active='1'");
                 if (dbrows($result) > 0) {
                     $data = dbarray($result);
                     $data = array("theme_id" => $data['theme_id'], "theme_active" => 0);
                     dbquery_insert(DB_THEME, $data, "update");
                 }
                 $data = array("theme_id" => $_POST['load_preset'], "theme_active" => 1);
                 dbquery_insert(DB_THEME, $data, "update");
                 redirect(clean_request("", array("section", "aid", "action", "theme"), TRUE));
             }
             $atom->display_theme_overview();
             break;
         case "widgets":
             $atom->display_theme_widgets();
             break;
         case "css":
             $atom->theme_editor();
             break;
         case "close":
             redirect(FUSION_SELF . $aidlink);
             break;
         default:
             break;
     }
     echo closetab();
 }

Esempio n. 14

File: gallery_admin.php Progetto: php-fusion/PHP-Fusion

/**
 * Gallery Photo Listing UI
 */
function gallery_photo_listing()
{
    global $locale, $gll_settings, $aidlink;
    // xss
    $photoRows = dbcount("(photo_id)", DB_PHOTOS, "album_id='" . intval($_GET['album_id']) . "'");
    $_GET['rowstart'] = isset($_GET['rowstart']) && isnum($_GET['rowstart']) && $_GET['rowstart'] <= $photoRows ? $_GET['rowstart'] : 0;
    if (!empty($photoRows)) {
        $result = dbquery("\n\t\tselect photos.*,\n\t\talbum.*,\n\t\tphotos.photo_user as user_id, u.user_name, u.user_status, u.user_avatar,\n\t\tcount(comment_id) as comment_count,\n\t\tsum(rating_vote) as total_votes,\n\t\tcount(rating_id) as rating_count\n\t\tFROM " . DB_PHOTOS . " photos\n\t\tINNER JOIN " . DB_PHOTO_ALBUMS . " album on photos.album_id = album.album_id\n\t\tINNER JOIN " . DB_USERS . " u on u.user_id = photos.photo_user\n\t\tLEFT JOIN " . DB_COMMENTS . " comment on comment.comment_item_id= photos.photo_id AND comment_type = 'PH'\n\t\tLEFT JOIN " . DB_RATINGS . " rating on rating.rating_item_id = photos.photo_id AND rating_type = 'PH'\n\t\tWHERE " . groupaccess('album.album_access') . " and photos.album_id = '" . intval($_GET['album_id']) . "'\n\t\tGROUP BY photo_id\n\t\tORDER BY photos.photo_order ASC, photos.photo_datestamp DESC LIMIT " . intval($_GET['rowstart']) . ", " . intval($gll_settings['gallery_pagination']) . "\n\t\t");
        $rows = dbrows($result);
        // Photo Album header
        echo "<aside class='text-left' style='border-bottom:1px solid #ddd; padding-bottom:15px;'>\n";
        $album_data = dbarray(dbquery("select album_id, album_title, album_description, album_datestamp, album_access from " . DB_PHOTO_ALBUMS . " WHERE album_id='" . intval($_GET['album_id']) . "'"));
        add_breadcrumb(array('link' => clean_request("album_id=" . $album_data['album_id'], array("aid"), FALSE), "title" => $album_data['album_title']));
        echo "<h2><strong>\n" . $album_data['album_title'] . "</strong></h2>\n";
        echo $locale['album_0003'] . " " . $album_data['album_description'];
        echo "<div class='clearfix m-t-10'>\n";
        echo "<div class='pull-right text-right col-xs-6 col-sm-6'>" . sprintf($locale['gallery_0019'], $rows, $photoRows) . "</div>\n";
        echo "<span class='m-r-15'>" . $locale['gallery_0020'] . " " . timer($album_data['album_datestamp']) . "</span>\n";
        echo "<span class='m-r-15'>" . $locale['gallery_0021'] . " " . getgroupname($album_data['album_access']) . "</span>\n";
        if ($photoRows > $rows) {
            echo "<div class='display-inline-block m-b-10'>\n";
            echo makepagenav($_GET['rowstart'], $gll_settings['gallery_pagination'], $photoRows, 3, FUSION_SELF . $aidlink . "&amp;album_id=" . $_GET['album_id'] . "&amp;");
            echo "</div>\n";
        }
        echo "</div>\n";
        echo "</aside>\n";
        if ($rows > 0) {
            echo "<a class='m-t-10 btn btn-danger' href='" . FUSION_SELF . $aidlink . "&amp;section=actions&amp;action=purge&amp;cat_id=" . $_GET['album_id'] . "'>" . $locale['photo_0025'] . "</a>\n";
            echo "<div class='row m-t-20'>\n";
            $i = 1;
            while ($data = dbarray($result)) {
                echo "<div style='width:" . ($gll_settings['thumb_w'] + 15) . "px; float:left; padding-left:10px; padding-right:10px;'>\n";
                echo "<div class='panel panel-default'>\n";
                echo "<div class='overflow-hide' style='background: #ccc; height: " . ($gll_settings['thumb_h'] - 15) . "px'>\n";
                echo displayPhotoImage($data['photo_filename'], $data['photo_thumb1'], $data['photo_thumb2'], IMAGES_G . $data['photo_filename']);
                echo "</div>\n";
                echo "<div class='panel-body'>\n";
                echo "<div class='dropdown'>\n";
                echo "<button data-toggle='dropdown' class='btn btn-default dropdown-toggle btn-block' type='button'> " . $locale['gallery_0013'] . " <span class='caret'></span></button>\n";
                echo "<ul class='dropdown-menu'>\n";
                echo "<li><a href='" . FUSION_SELF . $aidlink . "&amp;section=photo_form&amp;action=edit&amp;photo_id=" . $data['photo_id'] . "'><i class='fa fa-edit fa-fw'></i> " . $locale['gallery_0016'] . "</a></li>\n";
                echo $i > 1 ? "<li><a href='" . FUSION_SELF . $aidlink . "&amp;section=actions&amp;action=pu&amp;photo_id=" . $data['photo_id'] . "&amp;album_id=" . $data['album_id'] . "&amp;order=" . ($data['photo_order'] - 1) . "'><i class='fa fa-arrow-left fa-fw'></i> " . $locale['gallery_0014'] . "</a></li>\n" : "";
                echo $i !== $rows ? "<li><a href='" . FUSION_SELF . $aidlink . "&amp;section=actions&amp;action=pd&amp;photo_id=" . $data['photo_id'] . "&amp;album_id=" . $data['album_id'] . "&amp;order=" . ($data['photo_order'] + 1) . "'><i class='fa fa-arrow-right fa-fw'></i> " . $locale['gallery_0015'] . "</a></li>\n" : "";
                echo "<li class='divider'></li>\n";
                echo "<li><a href='" . FUSION_SELF . $aidlink . "&amp;section=actions&amp;action=delete&amp;photo_id=" . $data['photo_id'] . "'><i class='fa fa-trash fa-fw'></i> " . $locale['gallery_0017'] . "</a></li>\n";
                echo "</ul>\n";
                echo "</div>\n";
                echo "</div>\n";
                echo "<div class='panel-footer'>\n";
                echo "<span class='m-r-10'>\n<i class='fa fa-comments-o' title='" . $locale['comments'] . "'></i> " . $data['comment_count'] . "</span>\n";
                echo "<span class='m-r-5'>\n<i class='fa fa-star' title='" . $locale['ratings'] . "'></i> " . ($data['rating_count'] > 0 ? $data['total_votes'] / $data['rating_count'] * 10 : 0) . " /10</span>\n";
                echo "</div>\n</div>\n";
                echo "</div>\n";
                $i++;
            }
            echo "</div>\n";
        } else {
            redirect(FUSION_SELF . $aidlink);
        }
    } else {
        redirect(FUSION_SELF . $aidlink);
    }
}

Esempio n. 15

File: weblinks_cats.php Progetto: knapnet/PHP-Fusion

     $categoryNameCheck = array("when_updating" => "weblink_cat_name='" . $data['weblink_cat_name'] . "' and weblink_cat_id !='" . $data['weblink_cat_id'] . "'", "when_saving" => "weblink_cat_name='" . $data['weblink_cat_name'] . "'");
     if (defender::safe()) {
         if ($weblinkCat_edit && dbcount("(weblink_cat_id)", DB_WEBLINK_CATS, "weblink_cat_id='" . intval($data['weblink_cat_id']) . "'")) {
             if (!dbcount("(weblink_cat_id)", DB_WEBLINK_CATS, $categoryNameCheck['when_updating'])) {
                 dbquery_insert(DB_WEBLINK_CATS, $data, "update");
                 addNotice("success", $locale['wl_0305']);
                 redirect(clean_request("", array("section", "aid"), TRUE));
             } else {
                 $defender->stop();
                 addNotice("danger", $locale['wl_0309']);
             }
         } else {
             if (!dbcount("(weblink_cat_id)", DB_WEBLINK_CATS, $categoryNameCheck['when_saving'])) {
                 dbquery_insert(DB_WEBLINK_CATS, $data, "save");
                 addNotice("success", $locale['wl_0304']);
                 redirect(clean_request("", array("section", "aid"), TRUE));
             } else {
                 $defender->stop();
                 addNotice("danger", $locale['wl_0309']);
             }
         }
     }
 }
 if ($weblinkCat_edit) {
     $result = dbquery("SELECT * FROM " . DB_WEBLINK_CATS . " " . (multilang_table("WL") ? "WHERE weblink_cat_language='" . LANGUAGE . "' AND" : "WHERE") . " weblink_cat_id='" . intval($_GET['cat_id']) . "'");
     if (dbrows($result)) {
         $data = dbarray($result);
         $cat_hidden = array($data['weblink_cat_id']);
         $cat_sorting = explode(" ", $data['weblink_cat_sorting']);
         if ($cat_sorting[0] == "weblink_id") {
             $data['cat_sort_by'] = "1";

Esempio n. 16

File: article_cat.php Progetto: php-fusion/PHP-Fusion

function showcatlist($parent = 0, $level = 0)
{
    global $locale, $aidlink;
    $result = dbquery("\n\tSELECT article_cat_id, article_cat_name, article_cat_description\n\tFROM " . DB_ARTICLE_CATS . "\n\tWHERE article_cat_parent='" . $parent . "'" . (multilang_table("AR") ? " AND article_cat_language='" . LANGUAGE . "'" : "") . "\n\tORDER BY article_cat_name");
    $rows = dbrows($result);
    if ($rows > 0) {
        while ($data = dbarray($result)) {
            $description = strip_tags(parse_textarea($data['article_cat_description']));
            echo "<tr>\n";
            echo "<td><strong>" . str_repeat("&mdash;", $level) . $data['article_cat_name'] . "</strong>\n";
            if ($data['article_cat_description']) {
                echo "<br />" . str_repeat("&mdash;", $level) . "<span class='small'>" . trimlink($description, 45) . "</span></td>\n";
            }
            echo "<td align='center' width='1%' style='white-space:nowrap'>\n\n\t\t\t<a href='" . clean_request("action=edit&cat_id=" . $data['article_cat_id'], array("section", "aid"), true) . "'>" . $locale['edit'] . "</a> -\n";
            echo "<a href='" . clean_request("action=delete&cat_id=" . $data['article_cat_id'], array("section", "aid"), true) . "' onclick=\"return confirm('" . $locale['articles_0350'] . "');\">" . $locale['delete'] . "</a></td>\n";
            echo "</tr>\n";
            showcatlist($data['article_cat_id'], $level + 1);
        }
    }
}

Esempio n. 17

File: ranks.php Progetto: php-fusion/PHP-Fusion

 protected function displayRanksForm()
 {
     global $aidlink;
     if (isset($_POST['cancel_rank'])) {
         redirect(clean_request("", array("rank_id", "ref"), FALSE));
     }
     add_to_footer("<script src='" . FORUM . "admin/admin_rank.js'></script>");
     $this->data['rank_language'] = LANGUAGE;
     $array_apply_normal_opts = array(USER_LEVEL_MEMBER => self::$locale['424'], '104' => self::$locale['425'], USER_LEVEL_ADMIN => self::$locale['426'], USER_LEVEL_SUPER_ADMIN => self::$locale['427']);
     // Special Select
     $groups_arr = getusergroups();
     $groups_except = array(USER_LEVEL_PUBLIC, USER_LEVEL_MEMBER, USER_LEVEL_ADMIN, USER_LEVEL_SUPER_ADMIN);
     $group_opts = array();
     foreach ($groups_arr as $group) {
         if (!in_array($group[0], $groups_except)) {
             $group_opts[$group[0]] = $group[1];
         }
     }
     $language_opts = fusion_get_enabled_languages();
     $this->post_forum_ranks();
     $form_action = FUSION_SELF . $aidlink . '&section=fr';
     if (isset($_GET['rank_id']) && isnum($_GET['rank_id'])) {
         $result = dbquery("SELECT * FROM " . DB_FORUM_RANKS . " WHERE rank_id='" . intval($_GET['rank_id']) . "'");
         if (dbrows($result) > 0) {
             $this->data = dbarray($result);
             $form_action = FUSION_SELF . $aidlink . "&section=fr&rank_id=" . $_GET['rank_id'];
         } else {
             redirect(clean_request("", array("rank_id", "ref"), FALSE));
         }
     }
     $html = openform('rank_form', 'post', $form_action, array('class' => 'm-t-20')) . form_text('rank_title', self::$locale['420'], $this->data['rank_title'], array('required' => 1, 'error_text' => self::$locale['414'], "inline" => TRUE)) . form_select('rank_image', self::$locale['421'], $this->data['rank_image'], array('options' => $this->get_rank_images(), 'placeholder' => self::$locale['choose'], "inline" => TRUE));
     if (multilang_table("FR")) {
         $html .= form_select('rank_language', self::$locale['global_ML100'], $this->data['rank_language'], array('options' => $language_opts, 'placeholder' => self::$locale['choose'], "inline" => TRUE));
     } else {
         $html .= form_hidden('rank_language', '', $this->data['rank_language']);
     }
     $html .= form_checkbox('rank_type', self::$locale['429'], $this->data['rank_type'], array("options" => array(2 => self::$locale['429a'], 1 => self::$locale['429b'], 0 => self::$locale['429c']), "type" => "radio", "inline" => TRUE)) . form_text('rank_posts', self::$locale['422'], $this->data['rank_posts'], array('inline' => TRUE, 'type' => 'number', 'width' => '10%', 'disabled' => $this->data['rank_type'] != 0)) . "<span id='select_normal' " . ($this->data['rank_type'] == 2 ? "class='display-none'" : "") . " >" . form_select('rank_apply_normal', self::$locale['423'], $this->data['rank_apply'], array('options' => $array_apply_normal_opts, 'placeholder' => self::$locale['choose'], "inline" => TRUE)) . "</span>\n<span id='select_special'" . ($this->data['rank_type'] != 2 ? " class='display-none'" : "") . ">" . form_select('rank_apply_special', self::$locale['423'], $this->data['rank_apply'], array('options' => $group_opts, 'placeholder' => self::$locale['choose'], "inline" => TRUE)) . "</span>\n" . form_button('save_rank', self::$locale['428'], self::$locale['428'], array('class' => 'btn-primary m-r-10')) . form_button('cancel_rank', self::$locale['cancel'], self::$locale['cancel'], array('class' => 'btn-default')) . closeform();
     return $html;
     /* echo "<td class='tbl'><strong>".self::$locale['429']."</strong></td>\n";
        echo "<td class='tbl'>\n";
        echo "<label><input type='radio' name='rank_type' value='2'".($rank_type == 2 ? " checked='checked'" : "")." /> ".self::$locale['429a']."</label>\n";
        echo "<label><input type='radio' name='rank_type' value='1'".($rank_type == 1 ? " checked='checked'" : "")." /> ".self::$locale['429b']."</label>\n";
        echo "<label><input type='radio' name='rank_type' value='0'".($rank_type == 0 ? " checked='checked'" : "")." /> ".self::$locale['429c']."</label>\n";
        echo "</td>\n";
        echo "</tr>\n<tr>\n";
        */
 }

Esempio n. 18

File: include.php Progetto: sukma279/GIS

function get_columns_and_values($request, $prefix, $db)
{
    $columns = array();
    $values = array();
    $pl = strlen($prefix);
    foreach ($request as $key => $val) {
        if (substr($key, 0, $pl) != $prefix) {
            continue;
        }
        $val = clean_request($val);
        // Removes magic quotes, if any.
        if (substr($key, $pl + 1, 1) == 'c') {
            // This database field should be quoted.
            $val = $db->quoteSmart($val);
        } elseif ($val == '') {
            $val = $db->quoteSmart(NULL);
        } elseif (!is_numeric($val)) {
            $val = $db->quoteSmart($val);
        }
        $key = substr($key, $pl + 3);
        array_push($columns, $key);
        array_push($values, $val);
    }
    return array($columns, $values);
}

Esempio n. 19

File: download_submissions.php Progetto: knapnet/PHP-Fusion

                // end row.
                echo form_button('publish', $locale['download_0061'], $locale['download_0061'], array('class' => 'btn-primary m-r-10'));
                echo form_button('delete', $locale['download_0060'], $locale['download_0060'], array('class' => 'btn-warning m-r-10'));
                echo closeform();
            }
        }
    }
} else {
    $result = dbquery("SELECT\n\t\t\tts.submit_id, ts.submit_datestamp, ts.submit_criteria, tu.user_id, tu.user_name, tu.user_avatar, tu.user_status\n\t\t\tFROM " . DB_SUBMISSIONS . " ts\n\t\t\tLEFT JOIN " . DB_USERS . " tu ON ts.submit_user=tu.user_id\n\t\t\tWHERE submit_type='d' order by submit_datestamp desc\n\t\t\t");
    $rows = dbrows($result);
    if ($rows > 0) {
        echo "<div class='well'>" . sprintf($locale['download_0051'], format_word($rows, $locale['fmt_submission'])) . "</div>\n";
        echo "<table class='table table-striped'>\n";
        echo "<tr>\n";
        echo "<th>" . $locale['download_0052'] . "</th>\n<th>" . $locale['download_0053'] . "</th>\n\t\t<th>" . $locale['download_0054'] . "</th><th>" . $locale['download_0055'] . "</th>";
        echo "</tr>\n";
        echo "<tbody>\n";
        while ($callback_data = dbarray($result)) {
            $submit_criteria = unserialize($callback_data['submit_criteria']);
            echo "<tr>\n";
            echo "<td><a href='" . clean_request("submit_id=" . $callback_data['submit_id'], array("section", "aid"), TRUE) . "'>" . $submit_criteria['download_title'] . "</a></td>\n";
            echo "<td>" . profile_link($callback_data['user_id'], $callback_data['user_name'], $callback_data['user_status']) . "</td>\n";
            echo "<td>" . timer($callback_data['submit_datestamp']) . "</td>\n";
            echo "<td>" . $callback_data['submit_id'] . "</td>\n";
            echo "</tr>\n";
        }
        echo "</tbody>\n</table>\n";
    } else {
        echo "<div class='well text-center m-t-20'>" . $locale['download_0050'] . "</div>\n";
    }
}

Esempio n. 20

File: news.php Progetto: php-fusion/PHP-Fusion

/**
 * Displays News Form
 */
function display_news_form()
{
    global $aidlink;
    if (isset($_POST['cancel'])) {
        redirect(FUSION_SELF . $aidlink);
    }
    $formaction = FUSION_REQUEST;
    $locale = fusion_get_locale();
    $userdata = fusion_get_userdata();
    $news_settings = fusion_get_settings("news");
    $edit = isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['news_id']) && isnum($_GET['news_id']) ? TRUE : FALSE;
    add_breadcrumb(array('link' => '', 'title' => $edit ? $locale['news_0003'] : $locale['news_0002']));
    $data = array('news_id' => 0, 'news_draft' => 0, 'news_sticky' => 0, 'news_news' => '', 'news_datestamp' => time(), 'news_extended' => '', 'news_keywords' => '', 'news_breaks' => 'n', 'news_allow_comments' => 1, 'news_allow_ratings' => 1, 'news_language' => LANGUAGE, 'news_visibility' => 0, 'news_subject' => '', 'news_start' => '', 'news_end' => '', 'news_cat' => 0, 'news_image' => '', 'news_ialign' => 'pull-left');
    if (fusion_get_settings("tinymce_enabled")) {
        $data['news_breaks'] = 'n';
    } else {
        $data['news_breaks'] = 'y';
    }
    if (isset($_POST['save']) or isset($_POST['save_and_close'])) {
        $news_news = "";
        if ($_POST['news_news']) {
            $news_news = str_replace("src='" . str_replace("../", "", IMAGES_N), "src='" . IMAGES_N, fusion_get_settings('allow_php_exe') ? htmlspecialchars($_POST['news_news']) : stripslashes($_POST['news_news']));
            $news_news = parse_textarea($news_news);
        }
        $news_extended = "";
        if ($_POST['news_extended']) {
            $news_extended = str_replace("src='" . str_replace("../", "", IMAGES_N), "src='" . IMAGES_N, fusion_get_settings('allow_php_exe') ? htmlspecialchars($_POST['news_extended']) : stripslashes($_POST['news_extended']));
            $news_extended = parse_textarea($news_extended);
        }
        $data = array('news_id' => form_sanitizer($_POST['news_id'], 0, 'news_id'), 'news_subject' => form_sanitizer($_POST['news_subject'], '', 'news_subject'), 'news_cat' => form_sanitizer($_POST['news_cat'], 0, 'news_cat'), 'news_news' => form_sanitizer($news_news, "", "news_news"), 'news_extended' => form_sanitizer($news_extended, "", "news_extended"), 'news_keywords' => form_sanitizer($_POST['news_keywords'], '', 'news_keywords'), 'news_datestamp' => form_sanitizer($_POST['news_datestamp'], '', 'news_datestamp'), 'news_start' => form_sanitizer($_POST['news_start'], 0, 'news_start'), 'news_end' => form_sanitizer($_POST['news_end'], 0, 'news_end'), 'news_visibility' => form_sanitizer($_POST['news_visibility'], 0, 'news_visibility'), 'news_draft' => isset($_POST['news_draft']) ? "1" : "0", 'news_sticky' => isset($_POST['news_sticky']) ? "1" : "0", 'news_allow_comments' => isset($_POST['news_allow_comments']) ? "1" : "0", 'news_allow_ratings' => isset($_POST['news_allow_ratings']) ? "1" : "0", 'news_language' => form_sanitizer($_POST['news_language'], '', 'news_language'), 'news_image' => "", 'news_ialign' => "", 'news_image_t1' => "", 'news_image_t2' => "");
        if (isset($_FILES['news_image'])) {
            // when files is uploaded.
            $upload = form_sanitizer($_FILES['news_image'], '', 'news_image');
            if (!empty($upload) && !$upload['error']) {
                $data['news_image'] = $upload['image_name'];
                $data['news_image_t1'] = $upload['thumb1_name'];
                $data['news_image_t2'] = $upload['thumb2_name'];
                $data['news_ialign'] = isset($_POST['news_ialign']) ? form_sanitizer($_POST['news_ialign'], "pull-left", "news_ialign") : "pull-left";
            }
        } else {
            // when files not uploaded. but there should be exist check.
            $data['news_image'] = isset($_POST['news_image']) ? $_POST['news_image'] : "";
            $data['news_image_t1'] = isset($_POST['news_image_t1']) ? $_POST['news_image_t1'] : "";
            $data['news_image_t2'] = isset($_POST['news_image_t2']) ? $_POST['news_image_t2'] : "";
            $data['news_ialign'] = isset($_POST['news_ialign']) ? form_sanitizer($_POST['news_ialign'], "pull-left", "news_ialign") : "pull-left";
        }
        if (fusion_get_settings('tinymce_enabled') != 1) {
            $data['news_breaks'] = isset($_POST['line_breaks']) ? "y" : "n";
        } else {
            $data['news_breaks'] = "n";
        }
        if ($data['news_sticky'] == "1") {
            $result = dbquery("UPDATE " . DB_NEWS . " SET news_sticky='0' WHERE news_sticky='1'");
        }
        // reset other sticky
        // delete image
        if (isset($_POST['del_image'])) {
            if (!empty($data['news_image']) && file_exists(IMAGES_N . $data['news_image'])) {
                unlink(IMAGES_N . $data['news_image']);
            }
            if (!empty($data['news_image_t1']) && file_exists(IMAGES_N_T . $data['news_image_t1'])) {
                unlink(IMAGES_N_T . $data['news_image_t1']);
            }
            if (!empty($data['news_image_t2']) && file_exists(IMAGES_N_T . $data['news_image_t2'])) {
                unlink(IMAGES_N_T . $data['news_image_t2']);
            }
            $data['news_image'] = "";
            $data['news_image_t1'] = "";
            $data['news_image_t2'] = "";
        }
        if (defender::safe()) {
            if (dbcount("('news_id')", DB_NEWS, "news_id='" . $data['news_id'] . "'")) {
                dbquery_insert(DB_NEWS, $data, 'update');
                addNotice('success', $locale['news_0101']);
            } else {
                $data['news_name'] = $userdata['user_id'];
                dbquery_insert(DB_NEWS, $data, 'save');
                addNotice('success', $locale['news_0100']);
            }
            if (isset($_POST['save_and_close'])) {
                redirect(clean_request("", array("ref"), FALSE));
            } else {
                redirect(FUSION_REQUEST);
            }
        }
    } elseif (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_POST['news_id']) && isnum($_POST['news_id'])) || isset($_GET['news_id']) && isnum($_GET['news_id'])) {
        $result = dbquery("SELECT * FROM " . DB_NEWS . " WHERE news_id='" . (isset($_POST['news_id']) ? $_POST['news_id'] : $_GET['news_id']) . "'");
        if (dbrows($result)) {
            $data = dbarray($result);
        } else {
            redirect(FUSION_SELF . $aidlink);
        }
    }
    $result = dbquery("SELECT news_cat_id, news_cat_name FROM " . DB_NEWS_CATS . " " . (multilang_table("NS") ? "WHERE news_cat_language='" . LANGUAGE . "'" : "") . " ORDER BY news_cat_name");
    $news_cat_opts = array();
    $news_cat_opts['0'] = $locale['news_0202'];
    if (dbrows($result)) {
        while ($odata = dbarray($result)) {
            $news_cat_opts[$odata['news_cat_id']] = $odata['news_cat_name'];
        }
    }
    echo "<div class='m-t-20'>\n";
    $news_settings = get_settings("news");
    echo openform('news_form', 'post', $formaction, array('enctype' => 1));
    echo "<div class='row'>\n";
    echo "<div class='col-xs-12 col-sm-12 col-md-7 col-lg-8'>\n";
    echo form_hidden('news_id', "", $data['news_id']);
    echo form_text('news_subject', $locale['news_0200'], $data['news_subject'], array('required' => 1, 'max_length' => 200, 'error_text' => $locale['news_0250']));
    echo form_select('news_keywords', $locale['news_0205'], $data['news_keywords'], array("max_length" => 320, "placeholder" => $locale['news_0205a'], "width" => "100%", "error_text" => $locale['news_0255'], "tags" => TRUE, "multiple" => TRUE));
    echo "<div class='pull-left m-r-10 display-inline-block'>\n";
    echo form_datepicker('news_start', $locale['news_0206'], $data['news_start'], array('placeholder' => $locale['news_0208'], "join_to_id" => "news_end"));
    echo "</div>\n<div class='pull-left m-r-10 display-inline-block'>\n";
    echo form_datepicker('news_end', $locale['news_0207'], $data['news_end'], array('placeholder' => $locale['news_0208'], "join_from_id" => "news_start"));
    echo "</div>\n";
    echo "</div>\n<div class='col-xs-12 col-sm-12 col-md-5 col-lg-4'>\n";
    openside('');
    echo form_select_tree("news_cat", $locale['news_0201'], $data['news_cat'], array("width" => "100%", "inline" => TRUE, "parent_value" => $locale['news_0202'], "query" => multilang_table("NS") ? "WHERE news_cat_language='" . LANGUAGE . "'" : ""), DB_NEWS_CATS, "news_cat_name", "news_cat_id", "news_cat_parent");
    echo form_select('news_visibility', $locale['news_0209'], $data['news_visibility'], array('options' => fusion_get_groups(), 'placeholder' => $locale['choose'], 'width' => '100%', "inline" => TRUE));
    if (multilang_table("NS")) {
        echo form_select('news_language', $locale['global_ML100'], $data['news_language'], array('options' => fusion_get_enabled_languages(), 'placeholder' => $locale['choose'], 'width' => '100%', "inline" => TRUE));
    } else {
        echo form_hidden('news_language', '', $data['news_language']);
    }
    echo form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default m-r-10'));
    echo form_button('save', $locale['news_0241'], $locale['news_0241'], array('class' => 'btn-success'));
    echo form_button("save_and_close", "Save and Close", "save_and_close", array("class" => "btn-primary m-l-10"));
    closeside();
    echo "</div>\n</div>\n";
    $snippetSettings = array("required" => TRUE, "preview" => TRUE, "html" => TRUE, "autosize" => TRUE, "placeholder" => $locale['news_0203a'], "form_name" => "news_form");
    if (fusion_get_settings("tinymce_enabled")) {
        $snippetSettings = array("required" => TRUE, "type" => "tinymce", "tinymce" => "advanced");
    }
    echo form_textarea('news_news', $locale['news_0203'], $data['news_news'], $snippetSettings);
    if (!fusion_get_settings("tinymce_enabled")) {
        $extendedSettings = array("preview" => TRUE, "html" => TRUE, "autosize" => TRUE, "placeholder" => $locale['news_0203b'], "form_name" => "news_form");
    } else {
        $extendedSettings = array("type" => "tinymce", "tinymce" => "advanced");
    }
    echo form_textarea('news_extended', $locale['news_0204'], $data['news_extended'], $extendedSettings);
    // second row
    echo "<div class='row'>\n";
    echo "<div class='col-xs-12 col-sm-12 col-md-7 col-lg-8'>\n";
    openside('');
    if ($data['news_image'] != "" && $data['news_image_t1'] != "") {
        $image_thumb = get_news_image_path($data['news_image'], $data['news_image_t1'], $data['news_image_t2']);
        if (!$image_thumb) {
            $image_thumb = IMAGES . "imagenotfound70.jpg";
        }
        echo "<div class='row'>\n";
        echo "<div class='col-xs-12 col-sm-6'>\n";
        echo "<label><img class='img-responsive img-thumbnail' src='" . $image_thumb . "' alt='" . $locale['news_0216'] . "' /><br />\n";
        echo "<input type='checkbox' name='del_image' value='y' /> " . $locale['delete'] . "</label>\n";
        echo "</div>\n";
        echo "<div class='col-xs-12 col-sm-6'>\n";
        $alignOptions = array('pull-left' => $locale['left'], 'news-img-center' => $locale['center'], 'pull-right' => $locale['right']);
        echo form_select('news_ialign', $locale['news_0218'], $data['news_ialign'], array("options" => $alignOptions, "inline" => FALSE));
        echo "</div>\n</div>\n";
        echo "<input type='hidden' name='news_image' value='" . $data['news_image'] . "' />\n";
        echo "<input type='hidden' name='news_image_t1' value='" . $data['news_image_t1'] . "' />\n";
        echo "<input type='hidden' name='news_image_t2' value='" . $data['news_image_t2'] . "' />\n";
    } else {
        $file_input_options = array('upload_path' => IMAGES_N, 'max_width' => $news_settings['news_photo_max_w'], 'max_height' => $news_settings['news_photo_max_h'], 'max_byte' => $news_settings['news_photo_max_b'], 'thumbnail' => 1, 'thumbnail_w' => $news_settings['news_thumb_w'], 'thumbnail_h' => $news_settings['news_thumb_h'], 'thumbnail_folder' => 'thumbs', 'delete_original' => 0, 'thumbnail2' => 1, 'thumbnail2_w' => $news_settings['news_photo_w'], 'thumbnail2_h' => $news_settings['news_photo_h'], 'type' => 'image');
        echo form_fileinput("news_image", $locale['news_0216'], "", $file_input_options);
        echo "<div class='small m-b-10'>" . sprintf($locale['news_0217'], parsebytesize($news_settings['news_photo_max_b'])) . "</div>\n";
        $alignOptions = array('pull-left' => $locale['left'], 'news-img-center' => $locale['center'], 'pull-right' => $locale['right']);
        echo form_select('news_ialign', $locale['news_0218'], $data['news_ialign'], array("options" => $alignOptions));
    }
    closeside();
    openside('');
    echo "<label><input type='checkbox' name='news_draft' value='yes'" . ($data['news_draft'] ? "checked='checked'" : "") . " /> " . $locale['news_0210'] . "</label><br />\n";
    echo "<label><input type='checkbox' name='news_sticky' value='yes'" . ($data['news_sticky'] ? "checked='checked'" : "") . "  /> " . $locale['news_0211'] . "</label><br />\n";
    echo form_hidden('news_datestamp', '', $data['news_datestamp']);
    if (fusion_get_settings("tinymce_enabled") != 1) {
        echo "<label><input type='checkbox' name='line_breaks' value='yes'" . ($data['news_breaks'] ? "checked='checked'" : "") . " /> " . $locale['news_0212'] . "</label><br />\n";
    }
    closeside();
    echo "</div>\n<div class='col-xs-12 col-sm-12 col-md-5 col-lg-4'>\n";
    openside("");
    if (!fusion_get_settings("comments_enabled") || !fusion_get_settings("ratings_enabled")) {
        $sys = "";
        if (!fusion_get_settings("comments_enabled") && !fusion_get_settings("ratings_enabled")) {
            $sys = $locale['comments_ratings'];
        } elseif (!fusion_get_settings("comments_enabled")) {
            $sys = $locale['comments'];
        } else {
            $sys = $locale['ratings'];
        }
        echo "<div class='alert alert-warning'>" . sprintf($locale['news_0253'], $sys) . "</div>\n";
    }
    echo "<label><input type='checkbox' name='news_allow_comments' value='yes' onclick='SetRatings();'" . ($data['news_allow_comments'] ? "checked='checked'" : "") . " /> " . $locale['news_0213'] . "</label><br/>";
    echo "<label><input type='checkbox' name='news_allow_ratings' value='yes'" . ($data['news_allow_ratings'] ? "checked='checked'" : "") . " /> " . $locale['news_0214'] . "</label>";
    closeside();
    echo "</div>\n</div>\n";
    echo form_button('preview', $locale['news_0240'], $locale['news_0240'], array('class' => 'btn-default m-r-10'));
    echo form_button('save', $locale['news_0241'], $locale['news_0241'], array('class' => 'btn-success'));
    echo form_button("save_and_close", "Save and Close", "save_and_close", array("class" => "btn-primary m-l-10"));
    echo closeform();
    echo "</div>\n";
}

Esempio n. 21

File: widget.php Progetto: knapnet/PHP-Fusion

function debonair_banner_widget()
{
    global $locale;
    $acceptedMode = array("edit", "new", "del");
    echo "<a class='btn btn-default m-t-10 m-b-20' href='" . clean_request("slides=new", array(), false) . "'>" . $locale['debonair_0203'] . "</a>\n";
    echo "<div class='alert alert-info'>" . $locale['debonair_0700'] . "</div>\n";
    if (isset($_GET['slides']) && in_array($_GET['slides'], $acceptedMode)) {
        $_GET['id'] = isset($_GET['id']) && isnum($_GET['id']) ? $_GET['id'] : 0;
        $data = array();
        $db_keys = fieldgenerator(DB_DEBONAIR);
        foreach ($db_keys as $keys) {
            $value = "";
            if ($keys == "banner_id") {
                $value = 0;
            }
            if ($keys == "banner_language") {
                $value = LANGUAGE;
            }
            if ($keys == "banner_visibility") {
                $value = iGUEST;
            }
            if ($keys == "banner_datestamp") {
                $value = time();
            }
            if ($keys == "banner_order") {
                $value = dbcount("(banner_id)", DB_DEBONAIR, "banner_language='" . LANGUAGE . "'") + 1;
            }
            $data[$keys] = $value;
        }
        if ($_GET['slides'] == "edit" || $_GET['slides'] == "del") {
            $data = dbarray(dbquery("select * from " . DB_DEBONAIR . " WHERE banner_id='" . intval($_GET['id']) . "'"));
            if ($_GET['slides'] == "del" && !empty($data)) {
                // process deletion
                if ($data['banner_image']) {
                    unlink(THEME . "upload/" . $data['banner_image']);
                    unlink(THEME . "upload/" . $data['banner_thumb']);
                }
                dbquery_insert(DB_DEBONAIR, $data, "delete");
                addNotice("success", $locale['debonair_0217']);
                redirect(clean_request("", array("slides"), false));
            }
        }
        if (isset($_POST['save_slide'])) {
            $data = array("banner_id" => form_sanitizer($_POST['banner_id'], 0, "banner_id"), "banner_subject" => form_sanitizer($_POST['banner_subject'], "", "banner_subject"), "banner_description" => form_sanitizer($_POST['banner_description'], "", "banner_description"), "banner_link" => form_sanitizer($_POST['banner_link'], "", "banner_link"), "banner_language" => form_sanitizer($_POST['banner_language'], LANGUAGE, "banner_language"), "banner_visibility" => form_sanitizer($_POST['banner_visibility'], iGUEST, "banner_visibility"), "banner_datestamp" => time());
            if (defender::safe()) {
                $upload = form_sanitizer($_FILES['banner_image'], "", "banner_image");
                if (isset($upload['error']) && !$upload['error']) {
                    $data['banner_image'] = $upload['image_name'];
                    $data['banner_thumb'] = $upload['thumb1'];
                }
                if ($data['banner_id'] > 0 && dbcount("(banner_id)", DB_DEBONAIR, "banner_id='" . $data['banner_id'] . "'")) {
                    // get old data. do ordering
                    $old_data = dbquery("select banner_image, banner_thumb, banner_order from " . DB_DEBONAIR . " where banner_id='" . $data['banner_id'] . "'");
                    if ($old_data['banner_image']) {
                        unlink(THEME . "upload/" . $old_data['banner_image']);
                        unlink(THEME . "upload/" . $old_data['banner_thumb']);
                    }
                    dbquery_insert(DB_DEBONAIR, $data, "update");
                } else {
                    dbquery_insert(DB_DEBONAIR, $data, "save");
                }
                addNotice("success", $locale['debonair_0212']);
                redirect(clean_request("", array("slides"), false));
            }
        }
        echo "<h3>" . $locale['debonair_0203'] . "</h3>\n";
        echo openform("debonair_banner", "post", FUSION_REQUEST, array("enctype" => true));
        echo "<div class='row'>\n";
        echo "<div class='col-xs-12 col-sm-8'>\n";
        openside("");
        echo form_hidden("banner_id", "", $data['banner_id']);
        echo form_text("banner_subject", $locale['debonair_0205'], $data['banner_subject'], array("required" => true, "inline" => true, "placeholder" => $locale['debonair_0206']));
        echo form_textarea("banner_description", $locale['debonair_0207'], $data['banner_subject'], array("required" => true, "inline" => true, "placeholder" => $locale['debonair_0208'], "bbcode" => true));
        echo form_text("banner_link", $locale['debonair_0209'], $data['banner_subject'], array("required" => true, "inline" => true, "placeholder" => "ie. news.php?readmore=1"));
        closeside();
        openside("");
        echo form_fileinput("banner_image", $locale['debonair_0210'], $data['banner_image'] ? THEME . "upload/" . $data['banner_image'] : "", array("upload_path" => THEME . "upload/", "inline" => true, "placeholder" => $locale['debonair_0210'], "template" => "modern"));
        closeside();
        echo "</div>\n<div class='col-xs-12 col-sm-4'>\n";
        openside("");
        echo form_select("banner_language", $locale['debonair_0214'], $data['banner_language'], array("options" => fusion_get_enabled_languages(), "inline" => true, "placeholder" => $locale['debonair_0206']));
        echo form_select("banner_visibility", $locale['debonair_0215'], $data['banner_visibility'], array("options" => fusion_get_groups(), "inline" => true, "placeholder" => $locale['debonair_0206']));
        closeside();
        echo form_button("save_slide", $locale['save_changes'], "save_slide", array("class" => "btn-primary"));
        echo "<a class='btn btn-default m-l-10' href='" . clean_request("", array("slides"), false) . "'>" . $locale['cancel'] . "</a>\n";
        echo "</div>\n</div>\n";
        echo closeform();
    } else {
        if (isset($_GET['move']) && isset($_GET['id']) && isnum($_GET['id'])) {
            $data = dbarray(dbquery("select banner_id, banner_order FROM " . DB_DEBONAIR . " where banner_id='" . intval($_GET['id']) . "' AND banner_language='" . LANGUAGE . "'"));
            if ($_GET['move'] == "md") {
                dbquery("UPDATE " . DB_DEBONAIR . " SET banner_order=banner_order-1 WHERE banner_order= '" . ($data['banner_order'] + 1) . "' AND banner_language='" . LANGUAGE . "'");
                dbquery("UPDATE " . DB_DEBONAIR . " SET banner_order=banner_order+1 WHERE banner_id='" . $data['banner_id'] . "' AND banner_language='" . LANGUAGE . "'");
            }
            if ($_GET['move'] == "mup") {
                dbquery("UPDATE " . DB_DEBONAIR . " SET banner_order=banner_order+1 WHERE banner_order= '" . ($data['banner_order'] - 1) . "' AND banner_language='" . LANGUAGE . "'");
                dbquery("UPDATE " . DB_DEBONAIR . " SET banner_order=banner_order-1 WHERE banner_id='" . $data['banner_id'] . "' AND banner_language='" . LANGUAGE . "'");
            }
            addNotice("success", $locale['debonair_0220']);
            redirect(clean_request("", array("move", "id"), false));
        }
        $result = dbquery("SELECT * FROM " . DB_DEBONAIR . " WHERE banner_language='" . LANGUAGE . "' order by banner_order ASC");
        if (dbrows($result) > 0) {
            echo "<table class='table table-striped'>\n";
            echo "<tr>\n\n\t\t<th>" . $locale['debonair_0205'] . "</th>\n\t\t<th>" . $locale['debonair_0210'] . "</th>\n\t\t<th>" . $locale['debonair_0214'] . "</th>\n<th>" . $locale['debonair_0215'] . "</th>\n\t\t<th>" . $locale['debonair_0211'] . "</th>\n\t\t<th>" . $locale['debonair_0216'] . "</th></tr>";
            while ($data = dbarray($result)) {
                echo "\n\t\t\t<tr>\n\n\t\t\t<td><a href='" . clean_request("slides=edit&id=" . $data['banner_id'], array(), false) . "'>" . $data['banner_subject'] . "</a></td>\n\n\t\t\t<td>" . ($data['banner_image'] ? $locale['yes'] : $locale['no']) . "</td>\n\n\t\t\t<td>" . $data['banner_language'] . "</td>\n\n\t\t\t<td>" . getgroupname($data['banner_visibility']) . "</td>\n";
                echo "<td>\n";
                if ($data['banner_order'] == 1) {
                    echo "<a href='" . clean_request("move=md&id=" . $data['banner_id'], array(), false) . "'>" . $locale['debonair_0219'] . "</a>";
                } elseif ($data['banner_order'] == dbrows($result)) {
                    echo "<a href='" . clean_request("move=mup&id=" . $data['banner_id'], array(), false) . "'>" . $locale['debonair_0218'] . "</a>";
                } else {
                    echo "<a href='" . clean_request("move=mup&id=" . $data['banner_id'], array(), false) . "'>" . $locale['debonair_0218'] . "</a> - ";
                    echo "<a href='" . clean_request("move=md&id=" . $data['banner_id'], array(), false) . "'>" . $locale['debonair_0219'] . "</a>";
                }
                echo "</td>\n\n\t\t\t<td>\n\t\t\t<a href='" . clean_request("slides=edit&id=" . $data['banner_id'], array(), false) . "'>" . $locale['edit'] . "</a>\n\t\t\t- <a href='" . clean_request("slides=del&id=" . $data['banner_id'], array(), false) . "'>" . $locale['delete'] . "</a>\n\t\t\t</td>\n\t\t\t</tr>\n\n\t\t\t";
            }
            echo "</table>\n";
        } else {
            echo "<div class='well text-center'>" . $locale['debonair_0213'] . "</div>\n";
        }
    }
}

Esempio n. 22

File: acp_theme.php Progetto: php-fusion/PHP-Fusion

function render_admin_panel()
{
    global $locale, $userdata, $defender, $pages, $aidlink, $admin;
    $languages = fusion_get_enabled_languages();
    // Admin panel page
    echo "<div id='admin-panel' class='clearfix in'>\n";
    // Top header section
    echo "<section id='acp-header' class='pull-left affix clearfix' data-offset-top='0' data-offset-bottom='0'>\n";
    // Top content sections navigation
    echo "<nav>\n";
    echo "<ul class='top-left-menu pull-left m-l-15'>\n";
    echo "<li><a title='" . $locale['ac00'] . "' href='" . ADMIN . "index.php" . $aidlink . "&amp;pagenum=0'>" . $locale['ac00'] . "</a></li>\n";
    echo "<li><a title='" . $locale['ac01'] . "' href='" . ADMIN . "index.php" . $aidlink . "&amp;pagenum=1'>" . $locale['ac01'] . "</a></li>\n";
    echo "<li><a title='" . $locale['ac02'] . "' href='" . ADMIN . "index.php" . $aidlink . "&amp;pagenum=2'>" . $locale['ac02'] . "</a></li>\n";
    echo "<li><a title='" . $locale['ac03'] . "' href='" . ADMIN . "index.php" . $aidlink . "&amp;pagenum=3'>" . $locale['ac03'] . "</a></li>\n";
    echo "<li><a title='" . $locale['ac04'] . "' href='" . ADMIN . "index.php" . $aidlink . "&amp;pagenum=4'>" . $locale['ac04'] . "</a></li>\n";
    echo "<li><a title='" . $locale['ac05'] . "' href='" . ADMIN . "index.php" . $aidlink . "&amp;pagenum=5'>" . $locale['ac05'] . "</a></li>\n";
    echo "</ul>\n";
    echo "</nav>\n";
    // Top navigation
    echo "<nav>\n";
    // Top right menu links
    echo "<ul class='top-right-menu pull-right m-r-15'>\n";
    echo "<li class='dropdown'>\n";
    echo "<a class='dropdown-toggle pointer' data-toggle='dropdown'>" . display_avatar($userdata, '25px', '', '', '') . " " . $locale['logged'] . "<strong>" . $userdata['user_name'] . "</strong> <span class='caret'></span>\n</a>\n";
    echo "<ul class='dropdown-menu' role='menu'>\n";
    echo "<li><a class='display-block' href='" . BASEDIR . "edit_profile.php'>" . $locale['edit'] . " " . $locale['profile'] . "</a></li>\n";
    echo "<li><a class='display-block' href='" . BASEDIR . "profile.php?lookup=" . $userdata['user_id'] . "'>" . $locale['view'] . " " . $locale['profile'] . "</a></li>\n";
    echo "<li class='divider'> </li>\n";
    echo "<li><a class='display-block' href='" . FUSION_REQUEST . "&amp;logout'>" . $locale['admin-logout'] . "</a></li>\n";
    echo "<li><a class='display-block' href='" . BASEDIR . "index.php?logout=yes'>" . $locale['logout'] . "</a></li>\n";
    echo "</ul>\n";
    echo "</li>\n";
    if (count($languages) > 1) {
        echo "<li class='dropdown'><a class='dropdown-toggle pointer' data-toggle='dropdown' title='" . $locale['282'] . "'><i class='fa fa-globe fa-lg fa-fw'></i> " . translate_lang_names(LANGUAGE) . "<span class='caret'></span></a>\n";
        echo "<ul class='dropdown-menu'>\n";
        foreach ($languages as $language_folder => $language_name) {
            echo "<li><a class='display-block' href='" . clean_request("lang=" . $language_folder, array("lang"), FALSE) . "'><img class='m-r-5' src='" . BASEDIR . "locale/{$language_folder}/{$language_folder}-s.png'> {$language_name}</a></li>\n";
        }
        echo "</ul>\n";
        echo "</li>\n";
    }
    echo "</ul>\n";
    // .top-right-menu
    echo "</nav>\n";
    echo "</section>\n";
    // Content section
    echo "<div class='content-wrapper display-table pull-left'>\n";
    // Main content wrapper
    echo "<div id='acp-content' class='m-t-20 col-xs-12 col-sm-12 col-md-12 col-lg-12'>\n";
    // Render breadcrumbs
    echo render_breadcrumbs();
    // Get and render notices
    $notices = getNotices();
    echo renderNotices($notices);
    // Render the content
    echo CONTENT;
    echo "</div>\n";
    // #acp-content
    // Footer section
    echo "<footer class='m-l-20 display-inline-block m-t-20 m-b-20'>\n";
    // Copyright
    echo "Old_School Admin &copy; " . date("Y") . " created by <a href='https://www.php-fusion.co.uk'><strong>PHP-Fusion Inc.</strong></a>\n";
    echo showcopyright();
    // Render time
    if (fusion_get_settings('rendertime_enabled')) {
        echo "<br /><br />";
        // Make showing of queries and memory usage separate settings
        echo showrendertime();
        echo showMemoryUsage();
    }
    echo "<hr />\n";
    echo showFooterErrors();
    echo "</footer>\n";
    echo "</div>\n";
    // .acp-main
    echo "</div>\n";
    // #admin-panel
    // Wrappers
    echo "</div></div></div></div>\n";
    add_to_footer("<script src='" . THEMES . "admin_themes/Old_School/includes/jquery.slimscroll.min.js'></script>");
    add_to_jquery("\n// Initialize slimscroll\n\$('#adl').slimScroll({\n\theight: null\n});\n");
}

Esempio n. 23

File: gallery_actions.php Progetto: knapnet/PHP-Fusion

        dbquery_order(DB_PHOTOS, $photo_data['photo_order'], "photo_order", $photo_data['photo_id'], "photo_id", $photo_data['album_id'], "album_id", FALSE, FALSE, "delete");
        dbquery_insert(DB_PHOTOS, $photo_data, 'delete');
        addNotice("success", $locale['photo_0024']);
        redirect(clean_request("", array("aid", "album_id"), TRUE));
    }
}
// purge photos
if (isset($_GET['action']) && $_GET['action'] == "purge" && isset($_GET['cat_id']) && isnum($_GET['cat_id'])) {
    $result = dbquery("select * from " . DB_PHOTO_ALBUMS . " where album_id='" . intval($_GET['cat_id']) . "'");
    if (dbrows($result) > 0) {
        // album verified
        $albumData = dbarray($result);
        $photoResult = dbquery("select photo_id, photo_filename, photo_thumb1, photo_thumb2\n\t\tfrom " . DB_PHOTOS . " where album_id='" . intval($_GET['cat_id']) . "'");
        if (dbrows($photoResult) > 0) {
            if (!isset($_POST['purge_confirm'])) {
                echo $locale['photo_0026'] . "<br/><br/>\n";
                echo openform("purgephotos", "post", FUSION_REQUEST);
                echo form_button("purge_confirm", $locale['photo_0027'], $locale['photo_0027'], array("class" => "btn-danger m-r-10"));
                echo form_button("cancel", $locale['photo_0028'], $locale['photo_0028'], array("class" => "btn-default m-r-10"));
                echo closeform();
            } else {
                while ($pData = dbarray($photoResult)) {
                    purgePhotoImage($pData);
                    // purging everything, order is not relevant
                    dbquery_insert(DB_PHOTOS, $pData, "delete");
                }
                redirect(clean_request("album_id=" . $_GET['cat_id'], array("aid")), TRUE);
            }
        }
    }
}

Esempio n. 24

File: blog_admin.php Progetto: knapnet/PHP-Fusion

/**
 * Blog Listing HTML
 */
function blog_listing()
{
    global $aidlink, $locale;
    // Remodel display results into straight view instead category container sorting.
    // consistently monitor sql results rendertime. -- Do not Surpass 0.15
    // all blog are uncategorized by default unless specified.
    $limit = 15;
    $total_rows = dbcount("(blog_id)", DB_BLOG, multilang_table("BL") ? "blog_language='" . LANGUAGE . "'" : "");
    $rowstart = isset($_GET['rowstart']) && $_GET['rowstart'] <= $total_rows ? $_GET['rowstart'] : 0;
    // add a filter browser
    $catOpts = array("all" => $locale['blog_0460'], "0" => $locale['blog_0424']);
    $categories = dbquery("select blog_cat_id, blog_cat_name\n\t\t\t\tfrom " . DB_BLOG_CATS . " " . (multilang_table("BL") ? "where blog_cat_language='" . LANGUAGE . "'" : "") . "");
    if (dbrows($categories) > 0) {
        while ($cat_data = dbarray($categories)) {
            $catOpts[$cat_data['blog_cat_id']] = $cat_data['blog_cat_name'];
        }
    }
    // prevent xss
    $catFilter = "";
    if (isset($_GET['filter_cid']) && isnum($_GET['filter_cid']) && isset($catOpts[$_GET['filter_cid']])) {
        if ($_GET['filter_cid'] > 0) {
            $catFilter = "and " . in_group("blog_cat", intval($_GET['filter_cid']));
        }
    }
    $langFilter = multilang_table("BL") ? "blog_language='" . LANGUAGE . "'" : "";
    if ($catFilter && $langFilter) {
        $filter = $catFilter . " AND " . $langFilter;
    } else {
        $filter = $catFilter . $langFilter;
    }
    $result = dbquery("\n\tSELECT blog_id, blog_cat, blog_subject, blog_image, blog_image_t1, blog_image_t2, blog_blog, blog_draft\n\tFROM " . DB_BLOG . "\n\t" . ($filter ? "WHERE " . $filter : "") . "\n\tORDER BY blog_draft DESC, blog_sticky DESC, blog_datestamp DESC LIMIT {$rowstart}, {$limit}\n\t");
    $rows = dbrows($result);
    echo "<div class='clearfix'>\n";
    echo "<span class='pull-right m-t-10'>" . sprintf($locale['blog_0408'], $rows, $total_rows) . "</span>\n";
    if (!empty($catOpts) > 0 && $total_rows > 0) {
        echo "<div class='pull-left m-t-5 m-r-10'>" . $locale['blog_0458'] . "</div>\n";
        echo "<div class='dropdown pull-left m-r-10' style='position:relative'>\n";
        echo "<a class='dropdown-toggle btn btn-default btn-sm' style='width: 200px;' data-toggle='dropdown'>\n<strong>\n";
        if (isset($_GET['filter_cid']) && isset($catOpts[$_GET['filter_cid']])) {
            echo $catOpts[$_GET['filter_cid']];
        } else {
            echo $locale['blog_0459'];
        }
        echo " <span class='caret'></span></strong>\n</a>\n";
        echo "<ul class='dropdown-menu' style='max-height:180px; width:200px; overflow-y: scroll'>\n";
        foreach ($catOpts as $catID => $catName) {
            $active = isset($_GET['filter_cid']) && $_GET['filter_cid'] == $catID ? true : false;
            echo "<li" . ($active ? " class='active'" : "") . ">\n<a class='text-smaller' href='" . clean_request("filter_cid=" . $catID, array("section", "rowstart", "aid"), true) . "'>\n";
            echo $catName;
            echo "</a>\n</li>\n";
        }
        echo "</ul>\n";
        echo "</div>\n";
    }
    if ($total_rows > $rows) {
        echo makepagenav($rowstart, $limit, $total_rows, $limit, clean_request("", array("aid", "section"), true) . "&amp;");
    }
    echo "</div>\n";
    echo "<ul class='list-group m-10'>\n";
    if ($rows > 0) {
        while ($data2 = dbarray($result)) {
            echo "<li class='list-group-item'>\n";
            echo "<div class='pull-left m-r-10'>\n";
            $image_thumb = get_blog_image_path($data2['blog_image'], $data2['blog_image_t1'], $data2['blog_image_t2']);
            if (!$image_thumb) {
                $image_thumb = IMAGES . "imagenotfound70.jpg";
            }
            echo thumbnail($image_thumb, '70px');
            echo "</div>\n";
            echo "<div class='overflow-hide'>\n";
            echo "<div><span class='strong text-dark'>" . $data2['blog_subject'] . "</span><br/>\n";
            if (!empty($data2['blog_cat'])) {
                $blog_cat = str_replace(".", ",", $data2['blog_cat']);
                $result2 = dbquery("SELECT blog_cat_id, blog_cat_name\n                            from " . DB_BLOG_CATS . " WHERE blog_cat_id in ({$blog_cat})\n                            ");
                $rows2 = dbrows($result2);
                if ($rows2 > 0) {
                    echo "<div class='m-b-10'><strong>" . $locale['blog_0407'] . ": </strong>\n";
                    $i = 1;
                    while ($cdata = dbarray($result2)) {
                        echo "<a href='" . FUSION_SELF . $aidlink . "&amp;action=edit&amp;cat_id=" . $cdata['blog_cat_id'] . "&amp;section=blog_category'>";
                        echo $cdata['blog_cat_name'];
                        echo "</a>";
                        echo $i == $rows2 ? "" : ", ";
                        $i++;
                    }
                    echo "</div>\n";
                }
                echo "</div>\n";
            }
            $blogText = strip_tags(parse_textarea($data2['blog_blog']));
            echo fusion_first_words($blogText, '50');
            echo "<div class='block m-t-10'><a href='" . FUSION_SELF . $aidlink . "&amp;action=edit&amp;section=blog_form&amp;blog_id=" . $data2['blog_id'] . "'>" . $locale['blog_0420'] . "</a> -\n";
            echo "<a href='" . FUSION_SELF . $aidlink . "&amp;action=delete&amp;section=blog_form&amp;blog_id=" . $data2['blog_id'] . "' onclick=\"return confirm('" . $locale['blog_0451'] . "');\">" . $locale['blog_0421'] . "</a>\n";
            echo "</div>\n</div>\n";
            echo "</li>\n";
        }
    } else {
        echo "<div class='panel-body text-center'>\n";
        echo $locale['blog_0456'];
        echo "</div>\n";
    }
    echo "</ul>\n";
    if ($total_rows > $rows) {
        echo makepagenav($rowstart, $limit, $total_rows, $limit, clean_request("", array("aid", "section"), true) . "&amp;");
    }
}

Esempio n. 25

File: blog_cat.php Progetto: php-fusion/PHP-Fusion

$result = dbquery("SELECT blog_cat_id, blog_cat_name FROM " . DB_BLOG_CATS . " " . (multilang_table("BL") ? "WHERE blog_cat_language='" . LANGUAGE . "'" : "") . " ORDER BY blog_cat_name");
$rows = dbrows($result);
if ($rows != 0) {
    $counter = 0;
    $columns = 4;
    echo "<div class='row'>\n";
    while ($data = dbarray($result)) {
        if ($counter != 0 && $counter % $columns == 0) {
            echo "</div>\n<div class='row'>\n";
        }
        echo "<div class='col-xs-12 col-sm-3 col-md-3 col-lg-3 m-b-10 text-left'>\n";
        echo "<strong>" . getblogCatPath($data['blog_cat_id']) . "</strong>\n<br/>\n";
        echo "<img src='" . get_image("bl_" . $data['blog_cat_name']) . "' alt='" . $data['blog_cat_name'] . "' class='blog-category img-thumbnail m-r-20' />\n";
        echo "<div class='display-block m-t-5'>\n";
        echo "<span class='small'><a href='" . clean_request("action=edit&cat_id=" . $data['blog_cat_id'], array("aid", "section"), TRUE) . "'><i class='fa fa-edit'></i> " . $locale['edit'] . "</a> -\n";
        echo "<a href='" . clean_request("action=delete&cat_id=" . $data['blog_cat_id'], array("aid", "section"), TRUE) . "' onclick=\"return confirm('" . $locale['blog_0550'] . "');\"><i class='fa fa-trash'></i> " . $locale['delete'] . "</a></span></div>\n";
        echo "</div>\n";
        $counter++;
    }
    echo "</div>\n";
} else {
    echo "<div class='well text-center'>" . $locale['blog_0461'] . "</div>\n";
}
echo "<div class='text-center'><a class='btn btn-primary' href='" . ADMIN . "images.php" . $aidlink . "&amp;ifolder=imagesbc'>" . $locale['blog_0536'] . "</a><br /><br />\n</div>\n";
closeside();
closetable();
function getblogCatPath($item_id)
{
    $full_path = "";
    while ($item_id > 0) {
        $result = dbquery("SELECT blog_cat_id, blog_cat_name, blog_cat_parent FROM " . DB_BLOG_CATS . " WHERE blog_cat_id='{$item_id}'" . (multilang_table("BL") ? " AND blog_cat_language='" . LANGUAGE . "'" : ""));

Esempio n. 26

File: tags.php Progetto: php-fusion/PHP-Fusion

 /**
  * Get thread structure when given specific tag id
  * @param string     $tag_id
  * @param bool|FALSE $filter
  * @return array
  */
 public static function get_tag_thread($tag_id = '0', $filter = FALSE)
 {
     $info = array();
     $locale = fusion_get_locale("", FORUM_LOCALE);
     $forum_settings = ForumServer::get_forum_settings();
     $userdata = fusion_get_userdata();
     $userdata['user_id'] = !empty($userdata['user_id']) ? (int) intval($userdata['user_id']) : 0;
     $lastVisited = isset($userdata['user_lastvisit']) && isnum($userdata['user_lastvisit']) ? $userdata['user_lastvisit'] : time();
     /**
      * Get threads with filter conditions (XSS prevention)
      */
     $thread_query = "\n        SELECT\n        count(t.thread_id) 'thread_max_rows',\n        count(a1.attach_id) 'attach_image',\n        count(a2.attach_id) 'attach_files'\n        FROM " . DB_FORUM_THREADS . " t\n        LEFT JOIN " . DB_FORUMS . " tf ON tf.forum_id = t.forum_id\n        INNER JOIN " . DB_USERS . " tu1 ON t.thread_author = tu1.user_id\n        #LEFT JOIN " . DB_USERS . " tu2 ON t.thread_lastuser = tu2.user_id\n        LEFT JOIN " . DB_FORUM_POSTS . " p1 ON p1.thread_id = t.thread_id and p1.post_id = t.thread_lastpostid\n        LEFT JOIN " . DB_FORUM_POLLS . " p ON p.thread_id = t.thread_id\n        #LEFT JOIN " . DB_FORUM_VOTES . " v ON v.thread_id = t.thread_id AND p1.post_id = v.post_id\n        LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a1 on a1.thread_id = t.thread_id AND a1.attach_mime IN ('" . implode(",", img_mimeTypes()) . "')\n        LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a2 on a2.thread_id = t.thread_id AND a2.attach_mime NOT IN ('" . implode(",", img_mimeTypes()) . "')\n        WHERE " . in_group('t.thread_tags', intval($tag_id), '.') . " AND t.thread_hidden='0' AND " . groupaccess('tf.forum_access') . "\n        " . (isset($filter['condition']) ? $filter['condition'] : '') . "\n        GROUP BY tf.forum_id\n        ";
     $thread_result = dbquery($thread_query);
     $thread_rows = dbrows($thread_result);
     $count = array("thread_max_rows" => 0, "attach_image" => 0, "attach_files" => 0);
     $info['item'][$tag_id]['forum_threadcount'] = 0;
     $info['item'][$tag_id]['forum_threadcount_word'] = format_word($count['thread_max_rows'], $locale['fmt_thread']);
     if ($thread_rows > 0) {
         $count = dbarray($thread_result);
         $info['item'][$tag_id]['forum_threadcount'] = 0;
         $info['item'][$tag_id]['forum_threadcount_word'] = format_word($count['thread_max_rows'], $locale['fmt_thread']);
     }
     $info['thread_max_rows'] = $count['thread_max_rows'];
     if ($info['thread_max_rows'] > 0) {
         $info['threads']['pagenav'] = "";
         $info['threads']['pagenav2'] = "";
         // anti-XSS filtered rowstart
         $_GET['thread_rowstart'] = isset($_GET['thread_rowstart']) && isnum($_GET['thread_rowstart']) && $_GET['thread_rowstart'] <= $count['thread_max_rows'] ? $_GET['thread_rowstart'] : 0;
         $thread_query = "\n            SELECT t.*, tf.forum_type, tf.forum_name, tf.forum_cat,\n            tu1.user_name ' author_name', tu1.user_status 'author_status', tu1.user_avatar 'author_avatar',\n            tu2.user_name 'last_user_name', tu2.user_status 'last_user_status', tu2.user_avatar 'last_user_avatar',\n            p1.post_datestamp, p1.post_message,\n            IF (n.thread_id > 0, 1 , 0) 'user_tracked',\n            count(v.vote_user) 'thread_rated',\n            count(pv.forum_vote_user_id) 'poll_voted',\n            p.forum_poll_title,\n            count(v.post_id) AS vote_count,\n            a1.attach_name, a1.attach_id,\n            a2.attach_name, a2.attach_id,\n            count(a1.attach_mime) 'attach_image',\n            count(a2.attach_mime) 'attach_files',\n            min(p2.post_datestamp) 'first_post_datestamp'\n            FROM " . DB_FORUM_THREADS . " t\n            LEFT JOIN " . DB_FORUMS . " tf ON tf.forum_id = t.forum_id\n            INNER JOIN " . DB_USERS . " tu1 ON t.thread_author = tu1.user_id\n            LEFT JOIN " . DB_USERS . " tu2 ON t.thread_lastuser = tu2.user_id\n            LEFT JOIN " . DB_FORUM_POSTS . " p1 ON p1.thread_id = t.thread_id and p1.post_id = t.thread_lastpostid\n            LEFT JOIN " . DB_FORUM_POSTS . " p2 ON p2.thread_id = t.thread_id\n            LEFT JOIN " . DB_FORUM_POLLS . " p ON p.thread_id = t.thread_id\n            #LEFT JOIN " . DB_FORUM_VOTES . " v ON v.thread_id = t.thread_id AND p1.post_id = v.post_id\n            LEFT JOIN " . DB_FORUM_VOTES . " v on v.thread_id = t.thread_id AND v.vote_user='******'user_id'] . "' AND v.forum_id = t.forum_id AND tf.forum_type='4'\n            LEFT JOIN " . DB_FORUM_POLL_VOTERS . " pv on pv.thread_id = t.thread_id AND pv.forum_vote_user_id='" . $userdata['user_id'] . "' AND t.thread_poll=1\n            LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a1 on a1.thread_id = t.thread_id AND a1.attach_mime IN ('" . implode(",", img_mimeTypes()) . "')\n            LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a2 on a2.thread_id = t.thread_id AND a2.attach_mime NOT IN ('" . implode(",", img_mimeTypes()) . "')\n            LEFT JOIN " . DB_FORUM_THREAD_NOTIFY . " n on n.thread_id = t.thread_id and n.notify_user = '******'user_id'] . "'\n            WHERE " . in_group('t.thread_tags', intval($tag_id), '.') . " AND t.thread_hidden='0' AND " . groupaccess('tf.forum_access') . "\n            " . (isset($filter['condition']) ? $filter['condition'] : '') . "\n            " . (multilang_table("FO") ? "AND tf.forum_language='" . LANGUAGE . "'" : '') . "\n            GROUP BY t.thread_id\n            " . (isset($filter['order']) ? $filter['order'] : '') . "\n            LIMIT " . intval($_GET['thread_rowstart']) . ", " . $forum_settings['threads_per_page'];
         $cthread_result = dbquery($thread_query);
         if (dbrows($cthread_result) > 0) {
             while ($threads = dbarray($cthread_result)) {
                 $icon = "";
                 $match_regex = $threads['thread_id'] . "\\|" . $threads['thread_lastpost'] . "\\|" . $threads['forum_id'];
                 if ($threads['thread_lastpost'] > $lastVisited) {
                     if (iMEMBER && ($threads['thread_lastuser'] == $userdata['user_id'] || preg_match("(^\\.{$match_regex}\$|\\.{$match_regex}\\.|\\.{$match_regex}\$)", $userdata['user_threads']))) {
                         $icon = "<i class='" . get_forumIcons('thread') . "' title='" . $locale['forum_0261'] . "'></i>";
                     } else {
                         $icon = "<i class='" . get_forumIcons('new') . "' title='" . $locale['forum_0260'] . "'></i>";
                     }
                 }
                 $author = array('user_id' => $threads['thread_author'], 'user_name' => $threads['author_name'], 'user_status' => $threads['author_status'], 'user_avatar' => $threads['author_avatar']);
                 $lastuser = array('user_id' => $threads['thread_lastuser'], 'user_name' => $threads['last_user_name'], 'user_status' => $threads['last_user_status'], 'user_avatar' => $threads['last_user_avatar']);
                 $threads += array("thread_link" => array("link" => FORUM . "viewthread.php?thread_id=" . $threads['thread_id'], "title" => $threads['thread_subject']), "forum_type" => $threads['forum_type'], "thread_pages" => makepagenav(0, $forum_settings['posts_per_page'], $threads['thread_postcount'], 3, FORUM . "viewthread.php?thread_id=" . $threads['thread_id'] . "&amp;"), "thread_icons" => array('lock' => $threads['thread_locked'] ? "<i class='" . self::get_forumIcons('lock') . "' title='" . $locale['forum_0263'] . "'></i>" : '', 'sticky' => $threads['thread_sticky'] ? "<i class='" . self::get_forumIcons('sticky') . "' title='" . $locale['forum_0103'] . "'></i>" : '', 'poll' => $threads['thread_poll'] ? "<i class='" . self::get_forumIcons('poll') . "' title='" . $locale['forum_0314'] . "'></i>" : '', 'hot' => $threads['thread_postcount'] >= 20 ? "<i class='" . self::get_forumIcons('hot') . "' title='" . $locale['forum_0311'] . "'></i>" : '', 'reads' => $threads['thread_views'] >= 20 ? "<i class='" . self::get_forumIcons('reads') . "' title='" . $locale['forum_0311'] . "'></i>" : '', 'image' => $threads['attach_image'] > 0 ? "<i class='" . self::get_forumIcons('image') . "' title='" . $locale['forum_0313'] . "'></i>" : '', 'file' => $threads['attach_files'] > 0 ? "<i class='" . self::get_forumIcons('file') . "' title='" . $locale['forum_0312'] . "'></i>" : '', 'icon' => $icon), "thread_starter" => $locale['forum_0006'] . timer($threads['first_post_datestamp']) . " " . $locale['by'] . " " . profile_link($author['user_id'], $author['user_name'], $author['user_status']) . "</span>", "thread_author" => $author, "thread_last" => array('avatar' => display_avatar($lastuser, '30px', '', '', ''), 'profile_link' => profile_link($lastuser['user_id'], $lastuser['user_name'], $lastuser['user_status']), 'time' => $threads['post_datestamp'], 'post_message' => parseubb(parsesmileys($threads['post_message'])), "formatted" => "<div class='pull-left'>" . display_avatar($lastuser, '30px', '', '', '') . "</div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class='overflow-hide'>" . $locale['forum_0373'] . " <span class='forum_profile_link'>" . profile_link($lastuser['user_id'], $lastuser['user_name'], $lastuser['user_status']) . "</span><br/>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . timer($threads['post_datestamp']) . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t</div>"));
                 if ($threads['thread_sticky']) {
                     $info['threads']['sticky'][$threads['thread_id']] = $threads;
                 } else {
                     $info['threads']['item'][$threads['thread_id']] = $threads;
                 }
             }
         }
         if ($info['thread_max_rows'] > $forum_settings['threads_per_page']) {
             $info['threads']['pagenav'] = makepagenav($_GET['thread_rowstart'], $forum_settings['threads_per_page'], $info['thread_max_rows'], 3, clean_request("", array("thread_rowstart"), FALSE) . "&amp;", "thread_rowstart");
             $info['threads']['pagenav2'] = makepagenav($_GET['thread_rowstart'], $forum_settings['threads_per_page'], $info['thread_max_rows'], 3, clean_request("", array("thread_rowstart"), FALSE) . "&amp;", "thread_rowstart", TRUE);
         }
     }
     return (array) $info;
 }

Esempio n. 27

File: jqueryFileTree.php Progetto: ngpitt/phpvirtualbox

error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_WARNING);
session_init();
if (!$_SESSION['valid']) {
    return;
}
/*
 * Get Settings
 */
$settings = new phpVBoxConfigClass();
$vbox = new vboxconnector();
$vbox->connect();
/*
 * Clean request
 */
global $request;
$request = clean_request();
/*
 * Determine directory separator
 */
$localbrowser = @$settings->browserLocal;
if ($localbrowser) {
    define('DSEP', DIRECTORY_SEPARATOR);
} else {
    define('DSEP', $vbox->getDsep());
}
/*
 * Compose allowed file types list
 */
$allowed_exts = $settings->browserRestrictFiles;
if (is_array($allowed_exts) && count($allowed_exts) > 0) {
    $allowed_exts = array_combine($allowed_exts, $allowed_exts);

Esempio n. 28

File: UserFields.php Progetto: php-fusion/PHP-Fusion

 private function renderPageLink()
 {
     global $aidlink;
     $section = array();
     $result = dbquery("SELECT * FROM " . DB_USER_FIELD_CATS . " WHERE field_parent='0' ORDER BY field_cat_order");
     if (dbrows($result) > 0) {
         $aid = isset($_GET['aid']) ? $aidlink . '&' : '';
         $i = 0;
         while ($data = dbarray($result)) {
             $section[$data['field_cat_id']] = array("id" => $data['field_cat_id'], 'active' => isset($_GET['section']) && $_GET['section'] == $data['field_cat_id'] ? 1 : (!isset($_GET['section']) && $i == 0 ? 1 : 0), 'link' => clean_request($aid . 'section=' . $data['field_cat_id'] . '&lookup=' . $this->userData['user_id'], array('section'), FALSE), 'name' => ucwords(self::parse_label($data['field_cat_name'])));
             $i++;
         }
     }
     return $section;
 }

Esempio n. 29

File: article_submit.php Progetto: php-fusion/PHP-Fusion

    include INFUSIONS . "articles/locale/" . LOCALESET . "articles_admin.php";
} else {
    include INFUSIONS . "articles/locale/English/articles_admin.php";
}
opentable("<i class='fa fa-commenting-o fa-lg m-r-10'></i>" . $locale['articles_0060']);
if (iMEMBER && $article_settings['article_allow_submission'] && ($cat_exist = dbcount("(article_cat_id)", DB_ARTICLE_CATS, multilang_table("AR") ? "article_cat_language='" . LANGUAGE . "'" : ""))) {
    $criteriaArray = array("article_subject" => "", "article_cat" => 0, "article_snippet" => "", "article_article" => "", "article_language" => LANGUAGE, "article_keywords" => "");
    if (isset($_POST['submit_article'])) {
        $submit_info['article_snippet'] = nl2br(parseubb(stripinput($_POST['article_snippet'])));
        $submit_info['article_article'] = nl2br(parseubb(stripinput($_POST['article_article'])));
        $criteriaArray = array("article_subject" => form_sanitizer($_POST['article_subject'], "", "article_subject"), "article_cat" => form_sanitizer($_POST['article_cat'], "", "article_cat"), "article_snippet" => form_sanitizer($submit_info['article_snippet'], "", "article_snippet"), "article_article" => form_sanitizer($submit_info['article_article'], "", "article_article"), "article_language" => form_sanitizer($_POST['article_language'], "", "article_language"), "article_keywords" => form_sanitizer($_POST['article_keywords'], "", "article_keywords"));
        if (defender::safe()) {
            $inputArray = array("submit_type" => "a", "submit_user" => $userdata['user_id'], "submit_datestamp" => time(), "submit_criteria" => addslashes(serialize($criteriaArray)));
            dbquery_insert(DB_SUBMISSIONS, $inputArray, "save");
            addNotice("success", $locale['articles_0061']);
            redirect(clean_request("submitted=a", array("stype"), TRUE));
        }
    }
    if (isset($_GET['submitted']) && $_GET['submitted'] == "a") {
        add_to_title($locale['global_200'] . $locale['articles_0040']);
        echo "<div class='well text-center'><p><strong>" . $locale['articles_0061'] . "</strong></p>";
        echo "<p><a href='submit.php?stype=a'>" . $locale['articles_0062'] . "</a></p>";
        echo "<p><a href='index.php'>" . str_replace("[SITENAME]", fusion_get_settings("sitename"), $locale['articles_0064']) . "</a></p>\n";
        echo "</div>\n";
    } else {
        // Preview
        if (isset($_POST['preview_article'])) {
            $article_snippet = "";
            if ($_POST['article_snippet']) {
                $article_snippet = str_replace("src='" . str_replace("../", "", IMAGES_A), "src='" . IMAGES_A, parseubb(stripslashes($_POST['article_snippet'])));
                $article_snippet = parse_textarea($article_snippet);

Esempio n. 30

File: index.php Progetto: php-fusion/PHP-Fusion

| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "maincore.php";
$settings = fusion_get_settings();
if ($settings['site_seo'] == "1" && !isset($_GET['aid'])) {
    define("IN_PERMALINK", TRUE);
    $router = new PHPFusion\Rewrite\Router();
    $router->rewritePage();
    $filepath = $router->getFilePath();
    if (empty($filepath) && filter_var(PERMALINK_CURRENT_PATH, FILTER_VALIDATE_URL, FILTER_FLAG_SCHEME_REQUIRED)) {
        redirect(PERMALINK_CURRENT_PATH);
    } else {
        if (isset($_GET['lang']) && valid_language($_GET['lang'])) {
            $lang = stripinput($_GET['lang']);
            set_language($lang);
            $redirectPath = clean_request("", array("lang"), FALSE);
            redirect($redirectPath);
        } else {
            if (isset($_GET['logout']) && $_GET['logout'] == "yes") {
                $userdata = Authenticate::logOut();
                redirect(BASEDIR . "index.php");
            } else {
                if (!empty($filepath)) {
                    if ($filepath == "index.php") {
                        redirect($settings['opening_page']);
                    } else {
                        require_once $filepath;
                    }
                } else {
                    if ($_SERVER['REQUEST_URI'] == $settings['site_path'] . $settings['opening_page'] or $_SERVER['REQUEST_URI'] == $settings['site_path'] . "index.php" or $_SERVER['REQUEST_URI'] == $settings['site_path']) {
                        redirect($settings['opening_page']);