/**
* Cast Question Votes
* @param $info
* @param int $points
* @todo: move and improvise the voting system
*/
function set_forumVotes($info, $points = 0)
{
global $userdata;
// @todo: extend on user's rank threshold before can vote. - Reputation threshold- Roadmap 9.1
// @todo: allow multiple votes / drop $res - Roadmap 9.1
if (checkgroup($info['forum_vote']) && dbcount("('thread_id')", DB_FORUM_THREADS, "thread_locked='0'")) {
$data = array('forum_id' => $_GET['forum_id'], 'thread_id' => $_GET['thread_id'], 'post_id' => $_GET['post_id'], 'vote_points' => $points, 'vote_user' => $userdata['user_id'], 'vote_datestamp' => time());
$hasVoted = dbcount("('vote_user')", DB_FORUM_VOTES, "vote_user='******'user_id']) . "' AND thread_id='" . intval($_GET['thread_id']) . "'");
if (!$hasVoted) {
$isSelfPost = dbcount("('post_id')", DB_FORUM_POSTS, "post_id='" . intval($_GET['post_id']) . "' AND post_user='******'user_id']) . "");
if (!$isSelfPost) {
$result = dbquery_insert(DB_FORUM_VOTES, $data, 'save', array('noredirect' => 1, 'no_unique' => 1));
if ($result && $info['forum_answer_threshold'] > 0) {
$vote_result = dbquery("SELECT SUM('vote_points'), thread_id FROM " . DB_FORUM_VOTES . " WHERE post_id='" . $data['post_id'] . "'");
$v_data = dbarray($vote_result);
if ($info['forum_answer_threshold'] != 0 && $v_data['vote_points'] >= $info['forum_answer_threshold']) {
$result = dbquery("UPDATE " . DB_FORUM_THREADS . " SET 'thread_locked'='1' WHERE thread_id='" . $v_data['thread_id'] . "'");
}
}
redirect(FORUM . "viewthread.php?thread_id=" . $_GET['thread_id'] . "&post_id=" . $_GET['post_id']);
} else {
redirect(FORUM . "viewthread.php?thread_id=" . $_GET['thread_id'] . "&post_id=" . $_GET['post_id'] . '&error=vote_self');
}
} else {
redirect(FORUM . "viewthread.php?thread_id=" . $_GET['thread_id'] . "&post_id=" . $_GET['post_id'] . '&error=vote');
}
}
}
protected function post_tags()
{
global $aidlink;
if (isset($_POST['save_tag'])) {
$this->data = array('tag_id' => isset($_GET['tag_id']) && isnum($_GET['tag_id']) ? intval($_GET['tag_id']) : 0, 'tag_title' => form_sanitizer($_POST['tag_title'], '', 'tag_title'), 'tag_language' => form_sanitizer($_POST['tag_language'], '', 'tag_language'), 'tag_color' => form_sanitizer($_POST['tag_color'], '', 'tag_color'), 'tag_description' => form_sanitizer($_POST['tag_description'], '', 'tag_description'), 'tag_status' => isset($_POST['tag_status']) && isnum($_POST['tag_status']) ? intval($_POST['tag_status']) : 0);
if (\defender::safe()) {
if (!empty($this->data['tag_id'])) {
/**
* Update
*/
dbquery_insert(DB_FORUM_TAGS, $this->data, "update");
addNotice('success', self::$locale['forum_tag_0105']);
redirect(FUSION_SELF . $aidlink . '§ion=ft');
} else {
/**
* Save New
*/
dbquery_insert(DB_FORUM_TAGS, $this->data, "save");
addNotice('success', self::$locale['forum_tag_0106']);
redirect(FUSION_SELF . $aidlink . '§ion=ft');
}
}
}
if (isset($_GET['delete']) && isnum($_GET['delete'])) {
$result = dbquery("DELETE FROM " . DB_FORUM_TAGS . " WHERE tag_id='" . $_GET['delete'] . "'");
if ($result) {
addNotice("success", self::$locale['forum_tag_0107']);
redirect(FUSION_SELF . $aidlink . '§ion=ft');
}
}
}
protected function post_forum_ranks()
{
global $aidlink;
if (isset($_POST['save_rank'])) {
$this->data = array('rank_id' => isset($_GET['rank_id']) && isnum($_GET['rank_id']) ? intval($_GET['rank_id']) : 0, 'rank_title' => form_sanitizer($_POST['rank_title'], '', 'rank_title'), 'rank_image' => form_sanitizer($_POST['rank_image'], "", "rank_image"), 'rank_language' => form_sanitizer($_POST['rank_language'], "", "rank_language"), 'rank_posts' => isset($_POST['rank_posts']) && isnum($_POST['rank_posts']) ? $_POST['rank_posts'] : 0, 'rank_type' => isset($_POST['rank_type']) && isnum($_POST['rank_type']) ? $_POST['rank_type'] : 0, 'rank_apply_normal' => isset($_POST['rank_apply_normal']) && isnum($_POST['rank_apply_normal']) ? $_POST['rank_apply_normal'] : USER_LEVEL_MEMBER, 'rank_apply_special' => isset($_POST['rank_apply_special']) && isnum($_POST['rank_apply_special']) ? $_POST['rank_apply_special'] : 1);
$this->data += array('rank_apply' => $this->data['rank_type'] == 2 ? $this->data['rank_apply_special'] : $this->data['rank_apply_normal']);
if (\defender::safe()) {
if (!empty($this->data['rank_id']) && !$this->check_duplicate_ranks()) {
/**
* Update
*/
dbquery_insert(DB_FORUM_RANKS, $this->data, "update");
addNotice('info', self::$locale['411']);
redirect(FUSION_SELF . $aidlink . '§ion=fr');
} elseif (!$this->check_duplicate_ranks()) {
/**
* Save New
*/
dbquery_insert(DB_FORUM_RANKS, $this->data, "save");
addNotice('info', self::$locale['410']);
redirect(FUSION_SELF . $aidlink . '§ion=fr');
}
}
}
if (isset($_GET['delete']) && isnum($_GET['delete'])) {
$result = dbquery("DELETE FROM " . DB_FORUM_RANKS . " WHERE rank_id='" . $_GET['delete'] . "'");
if ($result) {
addNotice("success", self::$locale['412']);
redirect(FUSION_SELF . $aidlink . '§ion=fr');
}
}
}
/**
* Post execution of forum mood
*/
protected function post_Mood()
{
$locale = fusion_get_locale('', FORUM_ADMIN_LOCALE);
if (isset($_POST['cancel_mood'])) {
redirect(clean_request('', array('mood_id', 'ref'), FALSE));
}
if (isset($_POST['save_mood'])) {
$this->data = array("mood_id" => form_sanitizer($_POST['mood_id'], 0, 'mood_id'), "mood_name" => form_sanitizer($_POST['mood_name'], '', 'mood_name', TRUE), "mood_description" => form_sanitizer($_POST['mood_description'], '', 'mood_description', TRUE), "mood_icon" => form_sanitizer($_POST['mood_icon'], '', 'mood_icon'), "mood_status" => form_sanitizer($_POST['mood_status'], '', 'mood_status'), "mood_notify" => form_sanitizer($_POST['mood_notify'], '', 'mood_notify'), "mood_access" => form_sanitizer($_POST['mood_access'], '', 'mood_access'));
if (\defender::safe()) {
if (!empty($this->data['mood_id'])) {
dbquery_insert(DB_FORUM_MOODS, $this->data, 'update');
addNotice('success', $locale['forum_notice_16']);
} else {
dbquery_insert(DB_FORUM_MOODS, $this->data, 'save');
addNotice('success', $locale['forum_notice_15']);
}
redirect(clean_request('', array('mood_id', 'ref'), FALSE));
}
}
}
public function post_mood()
{
$response = FALSE;
// this is general single static output
if (isset($_POST['post_mood']) && isnum($_POST['post_mood'])) {
// if is a valid mood
// insert into post notify
$notify_data = array('post_id' => form_sanitizer($_POST['post_id'], 0, 'post_id'), 'notify_mood_id' => intval($_POST['post_mood']), 'notify_datestamp' => time(), 'notify_user' => form_sanitizer($_POST['post_author'], 0, 'post_author'), 'notify_sender' => fusion_get_userdata('user_id'), 'notify_status' => 1);
if (\defender::safe() && dbcount('(mood_id)', DB_FORUM_MOODS, "mood_id='" . $notify_data['notify_mood_id'] . "'") && !$this->mood_exists($notify_data['notify_sender'], $notify_data['notify_mood_id'], $notify_data['post_id'])) {
dbquery_insert(DB_POST_NOTIFY, $notify_data, 'save');
$response = TRUE;
}
} elseif (isset($_POST['unpost_mood']) && isnum($_POST['unpost_mood'])) {
// if is a valid mood
// insert into post notify
$notify_data = array('post_id' => form_sanitizer($_POST['post_id'], 0, 'post_id'), 'notify_mood_id' => intval($_POST['unpost_mood']), 'notify_user' => form_sanitizer($_POST['post_author'], 0, 'post_author'), 'notify_sender' => fusion_get_userdata('user_id'));
if (\defender::safe() && dbcount('(mood_id)', DB_FORUM_MOODS, "mood_id='" . $notify_data['notify_mood_id'] . "'") && $this->mood_exists($notify_data['notify_sender'], $notify_data['notify_mood_id'], $notify_data['post_id'])) {
dbquery("DELETE FROM " . DB_POST_NOTIFY . " WHERE post_id=" . $notify_data['post_id'] . "\n AND notify_mood_id=" . $notify_data['notify_mood_id'] . "\n AND notify_user="******"\n AND notify_sender=" . $notify_data['notify_sender']);
$response = TRUE;
}
}
return (bool) $response;
}
/**
* Display Forum Form
*/
public function display_forum_form()
{
require_once INCLUDES . 'photo_functions_include.php';
require_once INCLUDES . 'infusions_include.php';
$forum_settings = $this->get_forum_settings();
$language_opts = fusion_get_enabled_languages();
add_breadcrumb(array('link' => '', 'title' => self::$locale['forum_001']));
if (!isset($_GET['action']) && $_GET['parent_id']) {
$data['forum_cat'] = $_GET['parent_id'];
}
$type_opts = array('1' => self::$locale['forum_opts_001'], '2' => self::$locale['forum_opts_002'], '3' => self::$locale['forum_opts_003'], '4' => self::$locale['forum_opts_004']);
$forum_image_path = FORUM . "images/";
if (isset($_POST['remove_image']) && isset($_POST['forum_id'])) {
$data['forum_id'] = form_sanitizer($_POST['forum_id'], '', 'forum_id');
if ($data['forum_id']) {
$data = self::get_forum($data['forum_id']);
if (!empty($data)) {
$forum_image = $forum_image_path . $data['forum_image'];
if (!empty($data['forum_image']) && file_exists($forum_image) && !is_dir($forum_image)) {
@unlink($forum_image);
$data['forum_image'] = '';
}
dbquery_insert(DB_FORUMS, $data, 'update');
addNotice('success', self::$locale['forum_notice_8']);
redirect(FUSION_REQUEST);
}
}
}
opentable(self::$locale['forum_001']);
echo openform('inputform', 'post', FUSION_REQUEST, array('enctype' => 1));
echo "<div class='row'>\n<div class='col-xs-12 col-sm-8 col-md-8 col-lg-8'>\n";
echo form_text('forum_name', self::$locale['forum_006'], $this->data['forum_name'], array('required' => 1, 'error_text' => self::$locale['forum_error_1'])) . form_textarea('forum_description', self::$locale['forum_007'], $this->data['forum_description'], array('autosize' => 1, 'type' => 'bbcode', 'form_name' => 'inputform', 'preview' => TRUE)) . form_text('forum_alias', self::$locale['forum_011'], $this->data['forum_alias']);
echo "</div><div class='col-xs-12 col-sm-4 col-md-4 col-lg-4'>\n";
openside('');
$self_id = $this->data['forum_id'] ? $this->data['forum_id'] : '';
echo form_select_tree('forum_cat', self::$locale['forum_008'], $this->data['forum_cat'], array('add_parent_opts' => 1, 'disable_opts' => $self_id, 'hide_disabled' => 1), DB_FORUMS, 'forum_name', 'forum_id', 'forum_cat', $self_id) . form_select('forum_type', self::$locale['forum_009'], $this->data['forum_type'], array("options" => $type_opts)) . form_select('forum_language', self::$locale['forum_010'], $this->data['forum_language'], array("options" => $language_opts)) . form_text('forum_order', self::$locale['forum_043'], $this->data['forum_order'], array('number' => 1)) . form_button('save_forum', $this->data['forum_id'] ? self::$locale['forum_000a'] : self::$locale['forum_000'], self::$locale['forum_000'], array('class' => 'btn btn-sm btn-success'));
closeside();
echo "</div>\n</div>\n";
echo "<div class='row'>\n<div class='col-xs-12 col-sm-8 col-md-8 col-lg-8'>\n";
echo form_select('forum_meta', self::$locale['forum_012'], $this->data['forum_meta'], array('tags' => 1, 'multiple' => 1, 'width' => '100%'));
if ($this->data['forum_image'] && file_exists(FORUM . "images/" . $this->data['forum_image'])) {
openside();
echo "<div class='pull-left m-r-10'>\n";
echo thumbnail(FORUM . "images/" . $this->data['forum_image'], '80px', '80px');
echo "</div>\n<div class='overflow-hide'>\n";
echo "<span class='strong'>" . self::$locale['forum_013'] . "</span><br/>\n";
$image_size = @getimagesize(FORUM . "images/" . $this->data['forum_image']);
echo "<span class='text-smaller'>" . sprintf(self::$locale['forum_027'], $image_size[0], $image_size[1]) . "</span><br/>";
echo form_hidden('forum_image', '', $this->data['forum_image']);
echo form_button('remove_image', self::$locale['forum_028'], self::$locale['forum_028'], array('class' => 'btn-danger btn-sm m-t-10', 'icon' => 'fa fa-trash'));
echo "</div>\n";
closeside();
} else {
$tab_title['title'][] = self::$locale['forum_013'];
$tab_title['id'][] = 'fir';
$tab_title['icon'][] = '';
$tab_title['title'][] = self::$locale['forum_014'];
$tab_title['id'][] = 'ful';
$tab_title['icon'][] = '';
$tab_active = tab_active($tab_title, 0);
echo opentab($tab_title, $tab_active, 'forum-image-tab', FALSE, "m-t-20 m-b-20");
// Upload Image
echo opentabbody($tab_title['title'][0], 'fir', $tab_active);
echo "<span class='display-inline-block m-t-10 m-b-10'>" . sprintf(self::$locale['forum_015'], parsebytesize($forum_settings['forum_attachmax'])) . "</span>\n";
$fileOptions = array("upload_path" => $forum_image_path, "thumbnail" => TRUE, "thumbnail_folder" => $forum_image_path, "type" => "image", "delete_original" => TRUE, "max_count" => $forum_settings['forum_attachmax']);
echo form_fileinput('forum_image', "", '', $fileOptions);
echo closetabbody();
// Upload image via Web Address
echo opentabbody($tab_title['title'][1], 'ful', $tab_active);
echo "<span class='display-inline-block m-t-10 m-b-10'>" . self::$locale['forum_016'] . "</strong></span>\n";
$header_opts = array('0' => 'Local Server', '1' => 'URL');
echo form_select('forum_image_header', self::$locale['forum_056'], '', array('inline' => TRUE, 'options' => $header_opts));
echo form_text('forum_image_url', self::$locale['forum_014'], '', array('placeholder' => 'images/forum/', 'inline' => TRUE));
echo closetabbody();
echo closetab();
}
echo form_textarea('forum_rules', self::$locale['forum_017'], $this->data['forum_rules'], array('autosize' => 1, 'bbcode' => 1));
echo "</div><div class='col-xs-12 col-sm-4 col-md-4 col-lg-4'>\n";
openside('');
// need to get parent category
echo form_select_tree('forum_permissions', self::$locale['forum_025'], $this->data['forum_branch'], array('no_root' => 1, 'deactivate' => $this->data['forum_id'] ? TRUE : FALSE), DB_FORUMS, 'forum_name', 'forum_id', 'forum_cat');
if ($this->data['forum_id']) {
echo form_button('jp_forum', self::$locale['forum_029'], self::$locale['forum_029'], array('class' => 'btn-sm btn-default m-r-10'));
}
closeside();
openside('');
echo form_checkbox('forum_lock', self::$locale['forum_026'], $this->data['forum_lock'], array("reverse_label" => TRUE)) . form_checkbox('forum_users', self::$locale['forum_024'], $this->data['forum_users'], array("reverse_label" => TRUE)) . form_checkbox('forum_quick_edit', self::$locale['forum_021'], $this->data['forum_quick_edit'], array("reverse_label" => TRUE)) . form_checkbox('forum_merge', self::$locale['forum_019'], $this->data['forum_merge'], array("reverse_label" => TRUE)) . form_checkbox('forum_allow_attach', self::$locale['forum_020'], $this->data['forum_allow_attach'], array("reverse_label" => TRUE)) . form_checkbox('forum_allow_poll', self::$locale['forum_022'], $this->data['forum_allow_poll'], array("reverse_label" => TRUE)) . form_hidden('forum_id', '', $this->data['forum_id']) . form_hidden('forum_branch', '', $this->data['forum_branch']);
closeside();
echo "</div>\n</div>\n";
echo form_button('save_forum', $this->data['forum_id'] ? self::$locale['forum_000a'] : self::$locale['forum_000'], self::$locale['forum_000'], array('class' => 'btn-sm btn-success'));
echo closeform();
closetable();
}
$data['album_thumb2'] = form_sanitizer(isset($_POST['album_thumb2']) ? $_POST['album_thumb2'] : "", "", "album_thumb2");
$data['album_thumb1'] = form_sanitizer(isset($_POST['album_thumb1']) ? $_POST['album_thumb1'] : "", "", "album_thumb1");
}
}
}
if (defender::safe()) {
if (dbcount("(album_id)", DB_PHOTO_ALBUMS, "album_id='" . intval($data['album_id']) . "'")) {
// update album
$result = dbquery_order(DB_PHOTO_ALBUMS, $data['album_order'], 'album_order', $data['album_id'], 'album_id', FALSE, FALSE, TRUE, 'album_language', 'update');
dbquery_insert(DB_PHOTO_ALBUMS, $data, "update");
addNotice('success', $locale['album_0013']);
redirect(FUSION_SELF . $aidlink);
} else {
// create album
$result = dbquery_order(DB_PHOTO_ALBUMS, $data['album_order'], 'album_order', 0, "album_id", FALSE, FALSE, TRUE, 'album_language', 'save');
dbquery_insert(DB_PHOTO_ALBUMS, $data, "save");
addNotice('success', $locale['album_0014']);
redirect(FUSION_SELF . $aidlink);
}
}
}
// callback
if ($album_edit) {
$result = dbquery("SELECT * FROM " . DB_PHOTO_ALBUMS . " WHERE album_id='" . intval($_GET['cat_id']) . "'");
if (dbrows($result) > 0) {
$data = dbarray($result);
}
}
// edit features - add more in roadmap.
// add features to purge all album photos and it's administration
// add features to move all album photos to another album.
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once INCLUDES . "mimetypes_include.php";
if (isset($_POST['savesettings'])) {
// redo this part
$StoreArray = array("download_max_b" => form_sanitizer($_POST['calc_b'], 1, "calc_b") * form_sanitizer($_POST['calc_c'], 1500000, "calc_c"), "download_types" => form_sanitizer($_POST['download_types'], "", "download_types"), "download_screen_max_w" => form_sanitizer($_POST['download_screen_max_w'], 500, "download_screen_max_w"), "download_screen_max_h" => form_sanitizer($_POST['download_screen_max_h'], 500, "download_screen_max_h"), "download_screen_max_b" => form_sanitizer($_POST['calc_bb'], 1, "calc_bb") * form_sanitizer($_POST['calc_cc'], 1500000, "calc_cc"), "download_thumb_max_h" => form_sanitizer($_POST['download_thumb_max_h'], 500, 'download_thumb_max_h'), "download_thumb_max_w" => form_sanitizer($_POST['download_thumb_max_w'], 500, 'download_thumb_max_w'), "download_screenshot" => form_sanitizer($_POST['download_screenshot'], 0, 'download_screenshot'), "download_pagination" => form_sanitizer($_POST['download_pagination'], 12, 'download_pagination'), "download_allow_submission" => form_sanitizer($_POST['download_allow_submission'], "", "download_allow_submission"), "download_screenshot_required" => isset($_POST['download_screenshot_required']) ? true : false, "download_extended_required" => isset($_POST['download_extended_required']) ? true : false);
if ($defender->safe()) {
foreach ($StoreArray as $key => $value) {
$result = NULL;
if ($defender->safe()) {
$Array = array("settings_name" => $key, "settings_value" => $value, "settings_inf" => "downloads");
dbquery_insert(DB_SETTINGS_INF, $Array, 'update', array("primary_key" => "settings_name"));
}
}
addNotice('success', $locale['900']);
} else {
// send message your settings was not safe.
addNotice('danger', $locale['901']);
addNotice('danger', $locale['696']);
addNotice('danger', $locale['900']);
}
redirect(FUSION_SELF . $aidlink . "&section=download_settings");
}
/**
* Options for dropdown field
*/
$calc_opts = array(1 => 'Bytes (bytes)', 1000 => 'KB (Kilobytes)', 1000000 => 'MB (Megabytes)');
function debonair_theme_widget()
{
global $locale;
require_once "functions.php";
$settings = get_theme_settings("debonair");
/**
* data parsing
*/
$ubanner_col_1_data = uncomposeSelection($settings['ubanner_col_1']);
$ubanner_col_2_data = uncomposeSelection($settings['ubanner_col_2']);
$ubanner_col_3_data = uncomposeSelection($settings['ubanner_col_3']);
$settings = array("main_banner_url" => $settings['main_banner_url'], "ubanner_col_1" => !empty($ubanner_col_1_data['selected']) ? $ubanner_col_1_data['selected'] : 0, "ubanner_col_2" => !empty($ubanner_col_2_data['selected']) ? $ubanner_col_2_data['selected'] : 0, "ubanner_col_3" => !empty($ubanner_col_3_data['selected']) ? $ubanner_col_3_data['selected'] : 0, "lbanner_col_1" => $settings['lbanner_col_1'], "lbanner_col_2" => $settings['lbanner_col_2'], "lbanner_col_3" => $settings['lbanner_col_3'], "lbanner_col_4" => $settings['lbanner_col_4'], "facebook_url" => $settings['facebook_url'], "twitter_url" => $settings['twitter_url']);
if (isset($_POST['save_settings'])) {
$inputArray = array("main_banner_url" => form_sanitizer($_POST['main_banner_url'], "", "main_banner_url"), "ubanner_col_1" => composeSelection(form_sanitizer($_POST['ubanner_col_1'], "", "ubanner_col_1")), "ubanner_col_2" => composeSelection(form_sanitizer($_POST['ubanner_col_2'], "", "ubanner_col_2")), "ubanner_col_3" => composeSelection(form_sanitizer($_POST['ubanner_col_3'], "", "ubanner_col_3")), "lbanner_col_1" => form_sanitizer($_POST['lbanner_col_1'], "", "lbanner_col_1"), "lbanner_col_2" => form_sanitizer($_POST['lbanner_col_2'], "", "lbanner_col_2"), "lbanner_col_3" => form_sanitizer($_POST['lbanner_col_3'], "", "lbanner_col_3"), "lbanner_col_4" => form_sanitizer($_POST['lbanner_col_4'], "", "lbanner_col_4"), "facebook_url" => form_sanitizer($_POST['facebook_url'], "", "facebook_url"), "twitter_url" => form_sanitizer($_POST['twitter_url'], "", "twitter_url"));
foreach ($inputArray as $settings_name => $settings_value) {
$sqlArray = array("settings_name" => $settings_name, "settings_value" => $settings_value, "settings_theme" => "debonair");
dbquery_insert(DB_SETTINGS_THEME, $sqlArray, "update", array("primary_key" => "settings_name"));
}
if (defender::safe()) {
redirect(FUSION_REQUEST);
}
}
echo openform("debonair_theme_settings", "post", FUSION_REQUEST);
$exclude_list = ".|..|.htaccess|.DS_Store|config.php|config.temp.php|.gitignore|LICENSE|README.md|robots.txt|reactivate.php|rewrite.php|maintenance.php|maincore.php|lostpassword.php|index.php|error.php";
$list = array();
$file_list = makefilelist(BASEDIR, $exclude_list);
foreach ($file_list as $files) {
$list[] = $files;
}
$include_list = array();
$file_list = makefilelist(THEMES . "/debonair/include/", $exclude_list);
foreach ($file_list as $files) {
$include_list[$files] = str_replace(".php", "", str_replace("_", " ", ucwords($files)));
}
openside("");
echo form_select("main_banner_url", $locale['debonair_0300'], $settings['main_banner_url'], array("options" => $list, "tags" => true, "multiple" => true, "width" => "100%", "inline" => false));
echo "<p>" . $locale['debonair_0301'] . "</p>";
closeside();
openside("");
echo form_text("facebook_url", $locale['debonair_0321'], $settings['facebook_url'], array("type" => "url", "inline" => true, "placeholder" => "http://www.facebook.com/your-page-id"));
echo form_text("twitter_url", $locale['debonair_0322'], $settings['twitter_url'], array("type" => "url", "inline" => true, "placeholder" => "http://www.twitter.com/your-page-id"));
closeside();
$templateOpts[0] = $locale['debonair_0302'];
/**
* Article Selector
*/
$articleOpts = array();
if (db_exists(DB_ARTICLES)) {
$article_result = dbquery("select article_id, article_subject, article_cat_language FROM " . DB_ARTICLES . " a\n\t \t\t\t\tleft join " . DB_ARTICLE_CATS . " ac on a.article_cat = ac.article_cat_id\n\t \t\t\t\torder by article_datestamp DESC\n\t \t\t\t\t");
if (dbrows($article_result) > 0) {
while ($data = dbarray($article_result)) {
$articleOpts[$data['article_cat_language']][$data['article_id']] = $data['article_subject'];
}
}
if (!empty($articleOpts)) {
$templateOpts['articles'] = $locale['debonair_0303'];
}
}
/**
* News Selector
*/
$newsOpts = array();
if (db_exists(DB_NEWS)) {
$news_result = dbquery("select news_id, news_subject, news_language FROM " . DB_NEWS . " order by news_datestamp DESC");
if (dbrows($news_result) > 0) {
while ($data = dbarray($news_result)) {
$newsOpts[$data['news_language']][$data['news_id']] = $data['news_subject'];
}
}
if (!empty($newsOpts)) {
$templateOpts['news'] = $locale['debonair_0304'];
}
}
/**
* Blog Selector
*/
$blogOpts = array();
if (db_exists(DB_BLOG)) {
$blog_result = dbquery("select blog_id, blog_subject, blog_language FROM " . DB_BLOG . "\n\t \t\t\t\torder by blog_datestamp DESC\n\t \t\t\t\t");
if (dbrows($blog_result) > 0) {
while ($data = dbarray($blog_result)) {
$blogOpts[$data['blog_language']][$data['blog_id']] = $data['blog_subject'];
}
}
if (!empty($blogOpts)) {
$templateOpts['blog'] = $locale['debonair_0305'];
}
}
/**
* Custom Page Selector
* Note: custom page has a different multilanguage setup.
*/
$cpOpts = array();
if (db_exists(DB_CUSTOM_PAGES)) {
$cp_result = dbquery("select page_id, page_title, page_language FROM " . DB_CUSTOM_PAGES . " order by page_id ASC");
if (dbrows($cp_result) > 0) {
while ($data = dbarray($cp_result)) {
$acceptedLang = stristr($data['page_language'], ".") ? explode(".", $data['page_language']) : array(0 => $data['page_language']);
foreach (fusion_get_enabled_languages() as $lang) {
if (in_array($lang, $acceptedLang)) {
$cpOpts[$lang][$data['page_id']] = $data['page_title'];
}
}
}
}
if (!empty($cpOpts)) {
$templateOpts['cp'] = $locale['debonair_0306'];
}
}
openside("");
echo "<div class='row'>\n";
echo "<div class='col-xs-12 col-sm-4'>\n";
echo form_select("ubanner_col_1", $locale['debonair_0307'], $settings['ubanner_col_1'], array("options" => $templateOpts, "inline" => false));
if (!empty($articleOpts)) {
echo "<div id='ubanner_col_1-articles-choices' class='choices1' " . ($settings['ubanner_col_1'] === "articles" ? "" : "style='display:none;'") . "'>\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_1'] === "articles" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
echo form_select("articles-" . $lang, sprintf($locale['debonair_0310'], $lang), $callback_value, array("options" => isset($articleOpts[$lang]) ? $articleOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($newsOpts)) {
echo "<div id='ubanner_col_1-news-choices' class='choices1' " . ($settings['ubanner_col_1'] === "news" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_1'] === "news" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
echo form_select("news-" . $lang, sprintf($locale['debonair_0311'], $lang), $callback_value, array("options" => isset($newsOpts[$lang]) ? $newsOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($blogOpts)) {
echo "<div id='ubanner_col_1-blog-choices' class='choices1' " . ($settings['ubanner_col_1'] === "blog" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_1'] === "blog" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
echo form_select("blog-" . $lang, sprintf($locale['debonair_0312'], $lang), $callback_value, array("options" => isset($blogOpts[$lang]) ? $blogOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($cpOpts)) {
echo "<div id='ubanner_col_1-cp-choices' class='choices1' " . ($settings['ubanner_col_1'] === "cp" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_1'] === "cp" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
echo form_select("cp-" . $lang, sprintf($locale['debonair_0313'], $lang), $callback_value, array("options" => isset($cpOpts[$lang]) ? $cpOpts[$lang] : array()));
}
echo "</div>\n";
}
echo "</div><div class='col-xs-12 col-sm-4'>\n";
echo form_select("ubanner_col_2", $locale['debonair_0308'], $settings['ubanner_col_2'], array("options" => $templateOpts, "inline" => false));
if (!empty($articleOpts)) {
echo "<div id='ubanner_col_2-articles-choices' class='choices2' " . ($settings['ubanner_col_2'] === "articles" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_2'] === "articles" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
echo form_select("articles2-" . $lang, sprintf($locale['debonair_0310'], $lang), $callback_value, array("options" => isset($articleOpts[$lang]) ? $articleOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($newsOpts)) {
echo "<div id='ubanner_col_2-news-choices' class='choices2' " . ($settings['ubanner_col_2'] === "news" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_2'] === "news" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
echo form_select("news2-" . $lang, sprintf($locale['debonair_0311'], $lang), $callback_value, array("options" => isset($newsOpts[$lang]) ? $newsOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($blogOpts)) {
echo "<div id='ubanner_col_2-blog-choices' class='choices2' " . ($settings['ubanner_col_2'] === "blog" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_2'] === "blog" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
echo form_select("blog2-" . $lang, sprintf($locale['debonair_0312'], $lang), $callback_value, array("options" => isset($blogOpts[$lang]) ? $blogOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($cpOpts)) {
echo "<div id='ubanner_col_2-cp-choices' class='choices2' " . ($settings['ubanner_col_2'] === "cp" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_2'] === "cp" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
echo form_select("cp2-" . $lang, sprintf($locale['debonair_0313'], $lang), $callback_value, array("options" => isset($cpOpts[$lang]) ? $cpOpts[$lang] : array()));
}
echo "</div>\n";
}
echo "</div><div class='col-xs-12 col-sm-4'>\n";
// 3rd
echo form_select("ubanner_col_3", $locale['debonair_0309'], $settings['ubanner_col_3'], array("options" => $templateOpts, "inline" => false));
if (!empty($articleOpts)) {
echo "<div id='ubanner_col_3-articles-choices' class='choices3' " . ($settings['ubanner_col_3'] == "articles" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_3'] === "articles" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
echo form_select("articles3-" . $lang, sprintf($locale['debonair_0310'], $lang), $callback_value, array("options" => isset($articleOpts[$lang]) ? $articleOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($newsOpts)) {
echo "<div id='ubanner_col_3-news-choices' class='choices3' " . ($settings['ubanner_col_3'] === "news" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_3'] === "news" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
echo form_select("news3-" . $lang, sprintf($locale['debonair_0311'], $lang), $callback_value, array("options" => isset($newsOpts[$lang]) ? $newsOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($blogOpts)) {
echo "<div id='ubanner_col_3-blog-choices' class='choices3' " . ($settings['ubanner_col_3'] === "blog" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_3'] === "blog" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
echo form_select("blog3-" . $lang, sprintf($locale['debonair_0312'], $lang), $callback_value, array("options" => isset($blogOpts[$lang]) ? $blogOpts[$lang] : array()));
}
echo "</div>\n";
}
if (!empty($cpOpts)) {
echo "<div id='ubanner_col_3-cp-choices' class='choices3' " . ($settings['ubanner_col_3'] === "cp" ? "" : "style='display:none;'") . ">\n";
foreach (fusion_get_enabled_languages() as $lang) {
$callback_value = $settings['ubanner_col_3'] === "cp" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
echo form_select("cp3-" . $lang, sprintf($locale['debonair_0313'], $lang), $callback_value, array("options" => isset($cpOpts[$lang]) ? $cpOpts[$lang] : array()));
}
echo "</div>\n";
}
echo "</div>\n</div>\n";
echo $locale['debonair_0315'];
closeside();
openside("");
echo form_select("lbanner_col_1", $locale['debonair_0317'], $settings['lbanner_col_1'], array("options" => $include_list, "inline" => true));
echo form_select("lbanner_col_2", $locale['debonair_0318'], $settings['lbanner_col_2'], array("options" => $include_list, "inline" => true));
echo form_select("lbanner_col_3", $locale['debonair_0319'], $settings['lbanner_col_3'], array("options" => $include_list, "inline" => true));
echo form_select("lbanner_col_4", $locale['debonair_0320'], $settings['lbanner_col_4'], array("options" => $include_list, "inline" => true));
echo $locale['debonair_0316'];
closeside();
echo form_button("save_settings", $locale['save_changes'], "save", array("class" => "btn-success"));
echo closeform();
// Now use Jquery to chain the selectors - add_to_jquery combines, include into a single min. document ready script
add_to_jquery("\n\tfunction switchSelection(selector, value) {\n\t\t\$('.choices'+selector).hide();\n\t\tif (value == '0') {\n\t\t\t\$('.choices'+selector).hide();\n\t\t} else {\n\t\t\t\$('#ubanner_col_'+selector+'-'+value+'-choices').show();\n\t\t}\n\t}\n\t\$('#ubanner_col_1').bind('change', function() { switchSelection(1, \$(this).val()); });\n\t\$('#ubanner_col_2').bind('change', function() { switchSelection(2, \$(this).val()); });\n\t\$('#ubanner_col_3').bind('change', function() { switchSelection(3, \$(this).val()); });\n\t");
}
/**
* Displays News Form
*/
function display_news_form()
{
global $aidlink;
if (isset($_POST['cancel'])) {
redirect(FUSION_SELF . $aidlink);
}
$formaction = FUSION_REQUEST;
$locale = fusion_get_locale();
$userdata = fusion_get_userdata();
$news_settings = fusion_get_settings("news");
$edit = isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['news_id']) && isnum($_GET['news_id']) ? TRUE : FALSE;
add_breadcrumb(array('link' => '', 'title' => $edit ? $locale['news_0003'] : $locale['news_0002']));
$data = array('news_id' => 0, 'news_draft' => 0, 'news_sticky' => 0, 'news_news' => '', 'news_datestamp' => time(), 'news_extended' => '', 'news_keywords' => '', 'news_breaks' => 'n', 'news_allow_comments' => 1, 'news_allow_ratings' => 1, 'news_language' => LANGUAGE, 'news_visibility' => 0, 'news_subject' => '', 'news_start' => '', 'news_end' => '', 'news_cat' => 0, 'news_image' => '', 'news_ialign' => 'pull-left');
if (fusion_get_settings("tinymce_enabled")) {
$data['news_breaks'] = 'n';
} else {
$data['news_breaks'] = 'y';
}
if (isset($_POST['save']) or isset($_POST['save_and_close'])) {
$news_news = "";
if ($_POST['news_news']) {
$news_news = str_replace("src='" . str_replace("../", "", IMAGES_N), "src='" . IMAGES_N, fusion_get_settings('allow_php_exe') ? htmlspecialchars($_POST['news_news']) : stripslashes($_POST['news_news']));
$news_news = parse_textarea($news_news);
}
$news_extended = "";
if ($_POST['news_extended']) {
$news_extended = str_replace("src='" . str_replace("../", "", IMAGES_N), "src='" . IMAGES_N, fusion_get_settings('allow_php_exe') ? htmlspecialchars($_POST['news_extended']) : stripslashes($_POST['news_extended']));
$news_extended = parse_textarea($news_extended);
}
$data = array('news_id' => form_sanitizer($_POST['news_id'], 0, 'news_id'), 'news_subject' => form_sanitizer($_POST['news_subject'], '', 'news_subject'), 'news_cat' => form_sanitizer($_POST['news_cat'], 0, 'news_cat'), 'news_news' => form_sanitizer($news_news, "", "news_news"), 'news_extended' => form_sanitizer($news_extended, "", "news_extended"), 'news_keywords' => form_sanitizer($_POST['news_keywords'], '', 'news_keywords'), 'news_datestamp' => form_sanitizer($_POST['news_datestamp'], '', 'news_datestamp'), 'news_start' => form_sanitizer($_POST['news_start'], 0, 'news_start'), 'news_end' => form_sanitizer($_POST['news_end'], 0, 'news_end'), 'news_visibility' => form_sanitizer($_POST['news_visibility'], 0, 'news_visibility'), 'news_draft' => isset($_POST['news_draft']) ? "1" : "0", 'news_sticky' => isset($_POST['news_sticky']) ? "1" : "0", 'news_allow_comments' => isset($_POST['news_allow_comments']) ? "1" : "0", 'news_allow_ratings' => isset($_POST['news_allow_ratings']) ? "1" : "0", 'news_language' => form_sanitizer($_POST['news_language'], '', 'news_language'), 'news_image' => "", 'news_ialign' => "", 'news_image_t1' => "", 'news_image_t2' => "");
if (isset($_FILES['news_image'])) {
// when files is uploaded.
$upload = form_sanitizer($_FILES['news_image'], '', 'news_image');
if (!empty($upload) && !$upload['error']) {
$data['news_image'] = $upload['image_name'];
$data['news_image_t1'] = $upload['thumb1_name'];
$data['news_image_t2'] = $upload['thumb2_name'];
$data['news_ialign'] = isset($_POST['news_ialign']) ? form_sanitizer($_POST['news_ialign'], "pull-left", "news_ialign") : "pull-left";
}
} else {
// when files not uploaded. but there should be exist check.
$data['news_image'] = isset($_POST['news_image']) ? $_POST['news_image'] : "";
$data['news_image_t1'] = isset($_POST['news_image_t1']) ? $_POST['news_image_t1'] : "";
$data['news_image_t2'] = isset($_POST['news_image_t2']) ? $_POST['news_image_t2'] : "";
$data['news_ialign'] = isset($_POST['news_ialign']) ? form_sanitizer($_POST['news_ialign'], "pull-left", "news_ialign") : "pull-left";
}
if (fusion_get_settings('tinymce_enabled') != 1) {
$data['news_breaks'] = isset($_POST['line_breaks']) ? "y" : "n";
} else {
$data['news_breaks'] = "n";
}
if ($data['news_sticky'] == "1") {
$result = dbquery("UPDATE " . DB_NEWS . " SET news_sticky='0' WHERE news_sticky='1'");
}
// reset other sticky
// delete image
if (isset($_POST['del_image'])) {
if (!empty($data['news_image']) && file_exists(IMAGES_N . $data['news_image'])) {
unlink(IMAGES_N . $data['news_image']);
}
if (!empty($data['news_image_t1']) && file_exists(IMAGES_N_T . $data['news_image_t1'])) {
unlink(IMAGES_N_T . $data['news_image_t1']);
}
if (!empty($data['news_image_t2']) && file_exists(IMAGES_N_T . $data['news_image_t2'])) {
unlink(IMAGES_N_T . $data['news_image_t2']);
}
$data['news_image'] = "";
$data['news_image_t1'] = "";
$data['news_image_t2'] = "";
}
if (defender::safe()) {
if (dbcount("('news_id')", DB_NEWS, "news_id='" . $data['news_id'] . "'")) {
dbquery_insert(DB_NEWS, $data, 'update');
addNotice('success', $locale['news_0101']);
} else {
$data['news_name'] = $userdata['user_id'];
dbquery_insert(DB_NEWS, $data, 'save');
addNotice('success', $locale['news_0100']);
}
if (isset($_POST['save_and_close'])) {
redirect(clean_request("", array("ref"), FALSE));
} else {
redirect(FUSION_REQUEST);
}
}
} elseif (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_POST['news_id']) && isnum($_POST['news_id'])) || isset($_GET['news_id']) && isnum($_GET['news_id'])) {
$result = dbquery("SELECT * FROM " . DB_NEWS . " WHERE news_id='" . (isset($_POST['news_id']) ? $_POST['news_id'] : $_GET['news_id']) . "'");
if (dbrows($result)) {
$data = dbarray($result);
} else {
redirect(FUSION_SELF . $aidlink);
}
}
$result = dbquery("SELECT news_cat_id, news_cat_name FROM " . DB_NEWS_CATS . " " . (multilang_table("NS") ? "WHERE news_cat_language='" . LANGUAGE . "'" : "") . " ORDER BY news_cat_name");
$news_cat_opts = array();
$news_cat_opts['0'] = $locale['news_0202'];
if (dbrows($result)) {
while ($odata = dbarray($result)) {
$news_cat_opts[$odata['news_cat_id']] = $odata['news_cat_name'];
}
}
echo "<div class='m-t-20'>\n";
$news_settings = get_settings("news");
echo openform('news_form', 'post', $formaction, array('enctype' => 1));
echo "<div class='row'>\n";
echo "<div class='col-xs-12 col-sm-12 col-md-7 col-lg-8'>\n";
echo form_hidden('news_id', "", $data['news_id']);
echo form_text('news_subject', $locale['news_0200'], $data['news_subject'], array('required' => 1, 'max_length' => 200, 'error_text' => $locale['news_0250']));
echo form_select('news_keywords', $locale['news_0205'], $data['news_keywords'], array("max_length" => 320, "placeholder" => $locale['news_0205a'], "width" => "100%", "error_text" => $locale['news_0255'], "tags" => TRUE, "multiple" => TRUE));
echo "<div class='pull-left m-r-10 display-inline-block'>\n";
echo form_datepicker('news_start', $locale['news_0206'], $data['news_start'], array('placeholder' => $locale['news_0208'], "join_to_id" => "news_end"));
echo "</div>\n<div class='pull-left m-r-10 display-inline-block'>\n";
echo form_datepicker('news_end', $locale['news_0207'], $data['news_end'], array('placeholder' => $locale['news_0208'], "join_from_id" => "news_start"));
echo "</div>\n";
echo "</div>\n<div class='col-xs-12 col-sm-12 col-md-5 col-lg-4'>\n";
openside('');
echo form_select_tree("news_cat", $locale['news_0201'], $data['news_cat'], array("width" => "100%", "inline" => TRUE, "parent_value" => $locale['news_0202'], "query" => multilang_table("NS") ? "WHERE news_cat_language='" . LANGUAGE . "'" : ""), DB_NEWS_CATS, "news_cat_name", "news_cat_id", "news_cat_parent");
echo form_select('news_visibility', $locale['news_0209'], $data['news_visibility'], array('options' => fusion_get_groups(), 'placeholder' => $locale['choose'], 'width' => '100%', "inline" => TRUE));
if (multilang_table("NS")) {
echo form_select('news_language', $locale['global_ML100'], $data['news_language'], array('options' => fusion_get_enabled_languages(), 'placeholder' => $locale['choose'], 'width' => '100%', "inline" => TRUE));
} else {
echo form_hidden('news_language', '', $data['news_language']);
}
echo form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default m-r-10'));
echo form_button('save', $locale['news_0241'], $locale['news_0241'], array('class' => 'btn-success'));
echo form_button("save_and_close", "Save and Close", "save_and_close", array("class" => "btn-primary m-l-10"));
closeside();
echo "</div>\n</div>\n";
$snippetSettings = array("required" => TRUE, "preview" => TRUE, "html" => TRUE, "autosize" => TRUE, "placeholder" => $locale['news_0203a'], "form_name" => "news_form");
if (fusion_get_settings("tinymce_enabled")) {
$snippetSettings = array("required" => TRUE, "type" => "tinymce", "tinymce" => "advanced");
}
echo form_textarea('news_news', $locale['news_0203'], $data['news_news'], $snippetSettings);
if (!fusion_get_settings("tinymce_enabled")) {
$extendedSettings = array("preview" => TRUE, "html" => TRUE, "autosize" => TRUE, "placeholder" => $locale['news_0203b'], "form_name" => "news_form");
} else {
$extendedSettings = array("type" => "tinymce", "tinymce" => "advanced");
}
echo form_textarea('news_extended', $locale['news_0204'], $data['news_extended'], $extendedSettings);
// second row
echo "<div class='row'>\n";
echo "<div class='col-xs-12 col-sm-12 col-md-7 col-lg-8'>\n";
openside('');
if ($data['news_image'] != "" && $data['news_image_t1'] != "") {
$image_thumb = get_news_image_path($data['news_image'], $data['news_image_t1'], $data['news_image_t2']);
if (!$image_thumb) {
$image_thumb = IMAGES . "imagenotfound70.jpg";
}
echo "<div class='row'>\n";
echo "<div class='col-xs-12 col-sm-6'>\n";
echo "<label><img class='img-responsive img-thumbnail' src='" . $image_thumb . "' alt='" . $locale['news_0216'] . "' /><br />\n";
echo "<input type='checkbox' name='del_image' value='y' /> " . $locale['delete'] . "</label>\n";
echo "</div>\n";
echo "<div class='col-xs-12 col-sm-6'>\n";
$alignOptions = array('pull-left' => $locale['left'], 'news-img-center' => $locale['center'], 'pull-right' => $locale['right']);
echo form_select('news_ialign', $locale['news_0218'], $data['news_ialign'], array("options" => $alignOptions, "inline" => FALSE));
echo "</div>\n</div>\n";
echo "<input type='hidden' name='news_image' value='" . $data['news_image'] . "' />\n";
echo "<input type='hidden' name='news_image_t1' value='" . $data['news_image_t1'] . "' />\n";
echo "<input type='hidden' name='news_image_t2' value='" . $data['news_image_t2'] . "' />\n";
} else {
$file_input_options = array('upload_path' => IMAGES_N, 'max_width' => $news_settings['news_photo_max_w'], 'max_height' => $news_settings['news_photo_max_h'], 'max_byte' => $news_settings['news_photo_max_b'], 'thumbnail' => 1, 'thumbnail_w' => $news_settings['news_thumb_w'], 'thumbnail_h' => $news_settings['news_thumb_h'], 'thumbnail_folder' => 'thumbs', 'delete_original' => 0, 'thumbnail2' => 1, 'thumbnail2_w' => $news_settings['news_photo_w'], 'thumbnail2_h' => $news_settings['news_photo_h'], 'type' => 'image');
echo form_fileinput("news_image", $locale['news_0216'], "", $file_input_options);
echo "<div class='small m-b-10'>" . sprintf($locale['news_0217'], parsebytesize($news_settings['news_photo_max_b'])) . "</div>\n";
$alignOptions = array('pull-left' => $locale['left'], 'news-img-center' => $locale['center'], 'pull-right' => $locale['right']);
echo form_select('news_ialign', $locale['news_0218'], $data['news_ialign'], array("options" => $alignOptions));
}
closeside();
openside('');
echo "<label><input type='checkbox' name='news_draft' value='yes'" . ($data['news_draft'] ? "checked='checked'" : "") . " /> " . $locale['news_0210'] . "</label><br />\n";
echo "<label><input type='checkbox' name='news_sticky' value='yes'" . ($data['news_sticky'] ? "checked='checked'" : "") . " /> " . $locale['news_0211'] . "</label><br />\n";
echo form_hidden('news_datestamp', '', $data['news_datestamp']);
if (fusion_get_settings("tinymce_enabled") != 1) {
echo "<label><input type='checkbox' name='line_breaks' value='yes'" . ($data['news_breaks'] ? "checked='checked'" : "") . " /> " . $locale['news_0212'] . "</label><br />\n";
}
closeside();
echo "</div>\n<div class='col-xs-12 col-sm-12 col-md-5 col-lg-4'>\n";
openside("");
if (!fusion_get_settings("comments_enabled") || !fusion_get_settings("ratings_enabled")) {
$sys = "";
if (!fusion_get_settings("comments_enabled") && !fusion_get_settings("ratings_enabled")) {
$sys = $locale['comments_ratings'];
} elseif (!fusion_get_settings("comments_enabled")) {
$sys = $locale['comments'];
} else {
$sys = $locale['ratings'];
}
echo "<div class='alert alert-warning'>" . sprintf($locale['news_0253'], $sys) . "</div>\n";
}
echo "<label><input type='checkbox' name='news_allow_comments' value='yes' onclick='SetRatings();'" . ($data['news_allow_comments'] ? "checked='checked'" : "") . " /> " . $locale['news_0213'] . "</label><br/>";
echo "<label><input type='checkbox' name='news_allow_ratings' value='yes'" . ($data['news_allow_ratings'] ? "checked='checked'" : "") . " /> " . $locale['news_0214'] . "</label>";
closeside();
echo "</div>\n</div>\n";
echo form_button('preview', $locale['news_0240'], $locale['news_0240'], array('class' => 'btn-default m-r-10'));
echo form_button('save', $locale['news_0241'], $locale['news_0241'], array('class' => 'btn-success'));
echo form_button("save_and_close", "Save and Close", "save_and_close", array("class" => "btn-primary m-l-10"));
echo closeform();
echo "</div>\n";
}
public function render_poll_form($edit = 0)
{
global $locale, $defender;
$poll_field = '';
// Build Polls Info.
$thread_data = $this->thread_info['thread'];
if ($edit ? $this->getThreadPermission("can_edit_poll") : $this->getThreadPermission("can_create_poll")) {
// if permitted to create new poll.
$data = array('thread_id' => $thread_data['thread_id'], 'forum_poll_title' => isset($_POST['forum_poll_title']) ? form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title') : '', 'forum_poll_start' => time(), 'forum_poll_length' => 2, 'forum_poll_votes' => 0);
// counter of lengths
$option_data[1] = "";
$option_data[2] = "";
// calculate poll lengths
if (isset($_POST['poll_options'])) {
// callback on post.
foreach ($_POST['poll_options'] as $i => $value) {
$option_data[$i] = form_sanitizer($value, '', "poll_options[{$i}]");
}
// reindex the whole array with blank values.
if ($defender->safe()) {
$option_data = array_values(array_filter($option_data));
array_unshift($option_data, NULL);
unset($option_data[0]);
$data['forum_poll_length'] = count($option_data);
}
}
// add a Blank Poll option
if (isset($_POST['add_poll_option']) && $defender->safe()) {
array_push($option_data, '');
}
if ($edit) {
$result = dbquery("SELECT * FROM " . DB_FORUM_POLLS . " WHERE thread_id='" . $thread_data['thread_id'] . "'");
if (dbrows($result) > 0) {
if (isset($_POST['update_poll']) || isset($_POST['add_poll_option'])) {
$load = FALSE;
$data += dbarray($result);
// append if not available.
} else {
$load = TRUE;
$data = dbarray($result);
// call
}
if (isset($_POST['update_poll'])) {
$data = array('thread_id' => $thread_data['thread_id'], 'forum_poll_title' => form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title'), 'forum_poll_start' => $data['forum_poll_start'], 'forum_poll_length' => $data['forum_poll_length']);
dbquery_insert(DB_FORUM_POLLS, $data, 'update', array('primary_key' => 'thread_id', 'no_unique' => TRUE));
$i = 1;
// populate data for matches
$poll_result = dbquery("SELECT forum_poll_option_id FROM " . DB_FORUM_POLL_OPTIONS . " WHERE thread_id='" . $thread_data['thread_id'] . "'");
while ($_data = dbarray($poll_result)) {
$_poll[$_data['forum_poll_option_id']] = $_data;
// Prune the emptied fields AND field is not required.
if (empty($option_data[$_data['forum_poll_option_id']]) && $defender->safe()) {
dbquery("DELETE FROM " . DB_FORUM_POLL_OPTIONS . " WHERE thread_id='" . $thread_data['thread_id'] . "' AND forum_poll_option_id='" . $_data['forum_poll_option_id'] . "'");
}
}
foreach ($option_data as $option_text) {
if ($option_text) {
if ($defender->safe()) {
if (isset($_poll[$i])) {
// has record
dbquery("UPDATE " . DB_FORUM_POLL_OPTIONS . " SET forum_poll_option_text='" . $option_text . "' WHERE thread_id='" . $thread_data['thread_id'] . "' AND forum_poll_option_id='" . $i . "'");
} else {
// no record - create
$array = array('thread_id' => $thread_data['thread_id'], 'forum_poll_option_id' => $i, 'forum_poll_option_text' => $option_text, 'forum_poll_option_votes' => 0);
dbquery_insert(DB_FORUM_POLL_OPTIONS, $array, 'save');
}
}
$i++;
}
}
if ($defender->safe()) {
redirect(INFUSIONS . "forum/postify.php?post=editpoll&error=0&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id']);
}
}
// how to make sure values containing options votes
$poll_field['openform'] = openform('pollform', 'post', INFUSIONS . 'forum/viewthread.php?action=editpoll&forum_id=' . $_GET['forum_id'] . '&thread_id=' . $_GET['thread_id']);
$poll_field['openform'] .= "<div class='text-info m-b-20 m-t-10'>" . $locale['forum_0613'] . "</div>\n";
$poll_field['poll_field'] = form_text('forum_poll_title', $locale['forum_0604'], $data['forum_poll_title'], array('max_length' => 255, 'placeholder' => $locale['forum_0604a'], 'inline' => TRUE, 'required' => TRUE));
if ($load == FALSE) {
for ($i = 1; $i <= count($option_data); $i++) {
$poll_field['poll_field'] .= form_text("poll_options[{$i}]", sprintf($locale['forum_0606'], $i), $option_data[$i], array('max_length' => 255, 'placeholder' => $locale['forum_0605'], 'inline' => 1, 'required' => $i <= 2 ? TRUE : FALSE));
}
} else {
$result = dbquery("SELECT forum_poll_option_text, forum_poll_option_votes FROM " . DB_FORUM_POLL_OPTIONS . " WHERE thread_id='" . $_GET['thread_id'] . "' ORDER BY forum_poll_option_id ASC");
$i = 1;
while ($_pdata = dbarray($result)) {
$poll_field['poll_field'] .= form_text("poll_options[{$i}]", $locale['forum_0605'] . ' ' . $i, $_pdata['forum_poll_option_text'], array('max_length' => 255, 'placeholder' => 'Poll Options', 'inline' => 1, 'required' => $i <= 2 or $_pdata['forum_poll_option_votes'] ? TRUE : FALSE));
$i++;
}
}
$poll_field['poll_field'] .= "<div class='col-xs-12 col-sm-offset-3'>\n";
$poll_field['poll_field'] .= form_button('add_poll_option', $locale['forum_0608'], $locale['forum_0608'], array('class' => 'btn-primary btn-sm'));
$poll_field['poll_field'] .= "</div>\n";
$poll_field['poll_button'] = form_button('update_poll', $locale['forum_2013'], $locale['forum_2013'], array('class' => 'btn-default'));
$poll_field['closeform'] = closeform();
} else {
redirect(INFUSIONS . 'forum/index.php');
// redirect because the poll id is not available.
}
} else {
// Save New Poll
if (isset($_POST['add_poll'])) {
dbquery_insert(DB_FORUM_POLLS, $data, 'save');
$data['forum_poll_id'] = dblastid();
$i = 1;
foreach ($option_data as $option_text) {
if ($option_text) {
$data['forum_poll_option_id'] = $i;
$data['forum_poll_option_text'] = $option_text;
$data['forum_poll_option_votes'] = 0;
dbquery_insert(DB_FORUM_POLL_OPTIONS, $data, 'save');
$i++;
}
}
if ($defender->safe()) {
dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_poll='1' WHERE thread_id='" . $thread_data['thread_id'] . "'");
redirect(INFUSIONS . "forum/postify.php?post=newpoll&error=0&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id']);
}
}
// blank poll - no poll on edit or new thread
$poll_field['openform'] = openform('pollform', 'post', INFUSIONS . 'forum/viewthread.php?action=newpoll&forum_id=' . $_GET['forum_id'] . '&thread_id=' . $_GET['thread_id'], array('max_tokens' => 1));
$poll_field['poll_field'] = form_text('forum_poll_title', $locale['forum_0604'], $data['forum_poll_title'], array('max_length' => 255, 'placeholder' => $locale['forum_0604a'], 'inline' => TRUE, 'required' => TRUE));
for ($i = 1; $i <= count($option_data); $i++) {
$poll_field['poll_field'] .= form_text("poll_options[{$i}]", sprintf($locale['forum_0606'], $i), $option_data[$i], array('max_length' => 255, 'placeholder' => $locale['forum_0605'], 'inline' => 1, 'required' => $i <= 2 ? TRUE : FALSE));
}
$poll_field['poll_field'] .= "<div class='col-xs-12 col-sm-offset-3'>\n";
$poll_field['poll_field'] .= form_button('add_poll_option', $locale['forum_0608'], $locale['forum_0608'], array('class' => 'btn-primary btn-sm'));
$poll_field['poll_field'] .= "</div>\n";
$poll_field['poll_button'] = form_button('add_poll', $locale['forum_2011'], $locale['forum_2011'], array('class' => 'btn-success btn-md'));
$poll_field['closeform'] = closeform();
}
$info = array('title' => $locale['forum_0366'], 'description' => $locale['forum_2000'] . $thread_data['thread_subject'], 'field' => $poll_field);
pollform($info);
} else {
redirect(FORUM . "index.php");
}
}
/**
* @param $comment_type - abbr or short ID
* @param $comment_db - Current Application DB - DB_BLOG for example.
* @param $comment_col - current sql primary key column - 'blog_id' for example
* @param $comment_item_id - current sql primary key value '$_GET['blog_id']' for example
* @param $clink - current page link 'FUSION_SELF' is ok.
*/
function showcomments($comment_type, $comment_db, $comment_col, $comment_item_id, $clink)
{
global $settings, $locale, $userdata, $aidlink;
$link = FUSION_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : "");
$link = preg_replace("^(&|\\?)c_action=(edit|delete)&comment_id=\\d*^", "", $link);
$_GET['comment'] = isset($_GET['comment']) && isnum($_GET['comment']) ? $_GET['comment'] : 0;
$cpp = $settings['comments_per_page'];
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) {
$result = dbquery("DELETE FROM " . DB_COMMENTS . "\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : "\n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "'"));
}
redirect($clink . ($settings['comments_sorting'] == "ASC" ? "" : "&c_start=0"));
}
if ($settings['comments_enabled'] == "1") {
if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) {
if (!iMEMBER && $settings['guestpost'] == 1) {
if (!isset($_POST['comment_name'])) {
redirect($link);
}
if (isnum($_POST['comment_name'])) {
$_POST['comment_name'] = '';
}
$_CAPTCHA_IS_VALID = FALSE;
include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_check.php";
if (!isset($_POST['captcha_code']) || $_CAPTCHA_IS_VALID == FALSE) {
redirect($link);
}
}
$comment_data = array('comment_id' => isset($_GET['comment_id']) && isnum($_GET['comment_id']) ? $_GET['comment_id'] : 0, 'comment_name' => iMEMBER ? $userdata['user_id'] : form_sanitizer($_POST['comment_name'], '', 'comment_name'), 'comment_message' => form_sanitizer($_POST['comment_message'], '', 'comment_message'), 'comment_datestamp' => time(), 'comment_item_id' => $comment_item_id, 'comment_type' => $comment_type, 'comment_cat' => 0, 'comment_ip' => USER_IP, 'comment_ip_type' => USER_IP_TYPE, 'comment_hidden' => 0);
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && $comment_data['comment_id']) {
$comment_updated = FALSE;
if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $comment_data['comment_id'] . "' \n\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tAND comment_type='" . $comment_type . "' \n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "' \n\t\t\t\tAND comment_hidden='0'")) {
dbquery_insert(DB_COMMENTS, $comment_data, 'update');
if ($comment_data['comment_message']) {
$result = dbquery("UPDATE " . DB_COMMENTS . " SET comment_message='" . $comment_data['comment_message'] . "'\n \t\t\t\t\t\t\t\t\t WHERE comment_id='" . $_GET['comment_id'] . "' " . (iADMIN ? "" : "AND comment_name='" . $userdata['user_id'] . "'"));
if ($result) {
$comment_updated = TRUE;
}
}
}
if ($comment_updated) {
if ($settings['comments_sorting'] == "ASC") {
$c_operator = "<=";
} else {
$c_operator = ">=";
}
$c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_id" . $c_operator . "'" . $comment_data['comment_id'] . "'\n\t\t\t\t\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\n\t\t\t\t\t\t\t\tAND comment_type='" . $comment_type . "'");
$c_start = (ceil($c_count / $cpp) - 1) * $cpp;
}
redirect($clink . "&c_start=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
} else {
if (!dbcount("(" . $comment_col . ")", $comment_db, $comment_col . "='" . $comment_item_id . "'")) {
redirect(BASEDIR . "index.php");
}
$id = 0;
if ($comment_data['comment_name'] && $comment_data['comment_message']) {
require_once INCLUDES . "flood_include.php";
if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
dbquery_insert(DB_COMMENTS, $comment_data, 'save');
$id = dblastid();
}
}
if ($settings['comments_sorting'] == "ASC") {
$c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "'");
$c_start = (ceil($c_count / $cpp) - 1) * $cpp;
} else {
$c_start = 0;
}
//if (!$settings['site_seo']) {
redirect($clink . "&c_start=" . $c_start . "#c" . $id);
//}
}
}
$c_arr = array("c_con" => array(), "c_info" => array("c_makepagenav" => FALSE, "admin_link" => FALSE));
$c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'");
if (!isset($_GET['c_start']) && $c_rows > $cpp) {
$_GET['c_start'] = (ceil($c_rows / $cpp) - 1) * $cpp;
}
if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
$_GET['c_start'] = 0;
}
$result = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcm.comment_datestamp,\n\t\t\t\t\ttcu.user_id, tcu.user_name, tcu.user_avatar, tcu.user_status\n\t\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\t\tWHERE comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'\n\t\t\t\t\tORDER BY comment_datestamp " . $settings['comments_sorting'] . " LIMIT " . $_GET['c_start'] . "," . $cpp);
if (dbrows($result) > 0) {
$i = $settings['comments_sorting'] == "ASC" ? $_GET['c_start'] + 1 : $c_rows - $_GET['c_start'];
if ($c_rows > $cpp) {
$c_arr['c_info']['c_makepagenav'] = makepagenav($_GET['c_start'], $cpp, $c_rows, 3, $clink . "&", "c_start");
}
while ($data = dbarray($result)) {
$c_arr['c_con'][$i]['comment_id'] = $data['comment_id'];
$c_arr['c_con'][$i]['edit_dell'] = FALSE;
$c_arr['c_con'][$i]['i'] = $i;
if ($data['user_name']) {
$c_arr['c_con'][$i]['comment_name'] = profile_link($data['comment_name'], $data['user_name'], $data['user_status'], 'strong text-dark');
} else {
$c_arr['c_con'][$i]['comment_name'] = $data['comment_name'];
}
$c_arr['c_con'][$i]['user_avatar'] = display_avatar($data, '35px', '', true, 'img-rounded');
$c_arr['c_con'][$i]['user'] = array('user_id' => $data['user_id'], 'user_name' => $data['user_name'], 'user_avatar' => $avatar = $data['user_avatar'] !== '' && file_exists(IMAGES . 'avatars/' . $data['user_avatar']) ? IMAGES . 'avatars/' . $data['user_avatar'] : IMAGES . "avatars/noavatar50.png", 'user_status' => $data['user_status']);
$c_arr['c_con'][$i]['comment_datestamp'] = showdate('shortdate', $data['comment_datestamp']);
$c_arr['c_con'][$i]['comment_time'] = timer($data['comment_datestamp']);
$c_arr['c_con'][$i]['comment_message'] = "<!--comment_message-->\n" . nl2br(parseubb(parsesmileys($data['comment_message'])));
if (iADMIN && checkrights("C") || iMEMBER && $data['comment_name'] == $userdata['user_id'] && isset($data['user_name'])) {
$edit_link = clean_request('c_action=edit&comment_id=' . $data['comment_id'], array('c_action', 'comment_id'), false) . "#edit_comment";
$delete_link = clean_request('c_action=delete&comment_id=' . $data['comment_id'], array('c_action', 'comment_id'), false);
$c_arr['c_con'][$i]['edit_link'] = array('link' => $edit_link, 'name' => $locale['c108']);
$c_arr['c_con'][$i]['delete_link'] = array('link' => $delete_link, 'name' => $locale['c109']);
$c_arr['c_con'][$i]['edit_dell'] = "<!--comment_actions-->\n";
$c_arr['c_con'][$i]['edit_dell'] .= "<div class='btn-group'>";
$c_arr['c_con'][$i]['edit_dell'] .= "<a class='btn btn-xs btn-default' href='" . $edit_link . "'>";
$c_arr['c_con'][$i]['edit_dell'] .= $locale['c108'] . "</a>\n";
$c_arr['c_con'][$i]['edit_dell'] .= "<a class='btn btn-xs btn-default' href='" . $delete_link . "' onclick=\"return confirm('" . $locale['c110'] . "');\">";
$c_arr['c_con'][$i]['edit_dell'] .= "<i class='fa fa-trash'></i> " . $locale['c109'] . "</a>";
$c_arr['c_con'][$i]['edit_dell'] .= "</div>\n";
}
$settings['comments_sorting'] == "ASC" ? $i++ : $i--;
}
if (iADMIN && checkrights("C")) {
$c_arr['c_info']['admin_link'] = "<!--comment_admin-->\n";
$c_arr['c_info']['admin_link'] .= "<a href='" . ADMIN . "comments.php" . $aidlink . "&ctype=" . $comment_type . "&comment_item_id=" . $comment_item_id . "'>" . $locale['c106'] . "</a>";
}
}
opentable($locale['c102']);
$comment_message = "";
if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
$eresult = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcu.user_name\n\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "' AND comment_item_id='" . $comment_item_id . "'\n\t\t\t\tAND comment_type='" . $comment_type . "' AND comment_hidden='0'");
if (dbrows($eresult) > 0) {
$edata = dbarray($eresult);
if (iADMIN && checkrights("C") || iMEMBER && $edata['comment_name'] == $userdata['user_id'] && isset($edata['user_name'])) {
$clink .= "&c_action=edit&comment_id=" . $edata['comment_id'];
$comment_message = $edata['comment_message'];
}
} else {
$comment_message = "";
}
}
if (iMEMBER || $settings['guestposts'] == "1") {
require_once INCLUDES . "bbcode_include.php";
echo "<a id='edit_comment' name='edit_comment'></a>\n";
echo openform('inputform', 'post', $clink, array('class' => 'm-b-20', 'max_tokens' => 1));
if (iGUEST) {
echo form_text('comment_name', $locale['c104'], '', array('max_length' => 30));
}
echo form_textarea('comment_message', '', $comment_message, array('required' => 1, 'autosize' => 1, 'form_name' => 'inputform', 'bbcode' => 1));
if (iGUEST && (!isset($_CAPTCHA_HIDE_INPUT) || isset($_CAPTCHA_HIDE_INPUT) && !$_CAPTCHA_HIDE_INPUT)) {
$_CAPTCHA_HIDE_INPUT = FALSE;
echo "<div style='width:360px; margin:10px auto;'>";
echo $locale['global_150'] . "<br />\n";
include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_display.php";
if (!$_CAPTCHA_HIDE_INPUT) {
echo "<br />\n<label for='captcha_code'>" . $locale['global_151'] . "</label>";
echo "<br />\n<input type='text' id='captcha_code' name='captcha_code' class='textbox' autocomplete='off' style='width:100px' />\n";
}
echo "</div>\n";
}
echo form_button('post_comment', $comment_message ? $locale['c103'] : $locale['c102'], $comment_message ? $locale['c103'] : $locale['c102'], array('class' => 'btn-success m-t-10'));
echo closeform();
} else {
echo "<div class='well'>\n";
echo $locale['c105'] . "\n";
echo "</div>\n";
}
closetable();
echo "<a id='comments' name='comments'></a>";
render_comments($c_arr['c_con'], $c_arr['c_info']);
}
}
$categoryNameCheck = array("when_updating" => "blog_cat_name='" . $inputArray['blog_cat_name'] . "' and blog_cat_id !='" . $inputArray['blog_cat_id'] . "' " . (multilang_table("BL") ? "and blog_cat_language = '" . LANGUAGE . "'" : ""), "when_saving" => "blog_cat_name='" . $inputArray['blog_cat_name'] . "' " . (multilang_table("BL") ? "and blog_cat_language = '" . LANGUAGE . "'" : ""));
if (defender::safe()) {
// check category name is unique when updating
if (dbcount("(blog_cat_id)", DB_BLOG_CATS, "blog_cat_id='" . $inputArray['blog_cat_id'] . "'")) {
if (!dbcount("(blog_cat_id)", DB_BLOG_CATS, $categoryNameCheck['when_updating'])) {
dbquery_insert(DB_BLOG_CATS, $inputArray, "update");
addNotice("success", $locale['blog_0521']);
// FUSION_REQUEST without the "action" gets
redirect(clean_request("", array("action"), FALSE));
} else {
addNotice('danger', $locale['blog_0561']);
}
} else {
// check category name is unique when saving new
if (!dbcount("(blog_cat_id)", DB_BLOG_CATS, $categoryNameCheck['when_saving'])) {
dbquery_insert(DB_BLOG_CATS, $inputArray, "save");
addNotice("success", $locale['blog_0520']);
redirect(FUSION_REQUEST);
} else {
addNotice('danger', $locale['blog_0561']);
}
}
}
} elseif (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_GET['cat_id']) && isnum($_GET['cat_id']))) {
$result = dbquery("SELECT blog_cat_id, blog_cat_name, blog_cat_parent, blog_cat_image, blog_cat_language FROM " . DB_BLOG_CATS . " " . (multilang_table("BL") ? "WHERE blog_cat_language='" . LANGUAGE . "' AND" : "WHERE") . " blog_cat_id='" . intval($_GET['cat_id']) . "'");
if (dbrows($result)) {
$data = dbarray($result);
$data['blog_cat_hidden'] = array($data['blog_cat_id']);
$formTitle = $locale['blog_0402'];
} else {
// FUSION_REQUEST without the "action" gets
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "../maincore.php";
pageAccess('S6');
require_once THEMES . "templates/admin_header.php";
include LOCALE . LOCALESET . "admin/settings.php";
add_breadcrumb(array('link' => ADMIN . "settings_misc.php" . $aidlink, 'title' => $locale['misc_settings']));
if (isset($_POST['savesettings'])) {
$inputData = array("tinymce_enabled" => form_sanitizer($_POST['tinymce_enabled'], 0, "tinymce_enabled"), "smtp_host" => form_sanitizer($_POST['smtp_host'], "", "smtp_host"), "smtp_port" => form_sanitizer($_POST['smtp_port'], "", "smtp_port"), "smtp_auth" => isset($_POST['smtp_auth']) && !empty($_POST['smtp_username']) && !empty($_POST['smtp_password']) ? TRUE : FALSE, "smtp_username" => form_sanitizer($_POST['smtp_username'], "", "smtp_username"), "login_method" => form_sanitizer($_POST['login_method'], 0, "login_method"), "thumb_compression" => form_sanitizer($_POST['thumb_compression'], 0, "thumb_compression"), "mime_check" => form_sanitizer($_POST['mime_check'], 0, "mime_check"), "guestposts" => form_sanitizer($_POST['guestposts'], 0, "guestposts"), "comments_enabled" => form_sanitizer($_POST['comments_enabled'], 0, "comments_enabled"), "comments_per_page" => form_sanitizer($_POST['comments_per_page'], 10, "comments_per_page"), "ratings_enabled" => form_sanitizer($_POST['ratings_enabled'], 0, "ratings_enabled"), "visitorcounter_enabled" => form_sanitizer($_POST['visitorcounter_enabled'], 0, "visitorcounter_enabled"), "rendertime_enabled" => form_sanitizer($_POST['rendertime_enabled'], 0, "rendertime_enabled"), "comments_sorting" => form_sanitizer($_POST['comments_sorting'], "DESC", "comments_sorting"), "index_url_bbcode" => form_sanitizer($_POST['index_url_bbcode'], 0, "index_url_bbcode"), "index_url_userweb" => form_sanitizer($_POST['index_url_userweb'], 0, "index_url_userweb"));
if (defender::safe()) {
foreach ($inputData as $settings_name => $settings_value) {
$data = array("settings_name" => $settings_name, "settings_value" => $settings_value);
dbquery_insert(DB_SETTINGS, $data, "update", array("primary_key" => "settings_name"));
}
addNotice('success', $locale['900']);
redirect(FUSION_SELF . $aidlink);
} else {
addNotice('danger', $locale['901']);
}
}
opentable($locale['misc_settings']);
echo "<div class='well'>" . $locale['misc_description'] . "</div>";
echo openform('settingsform', 'post', FUSION_SELF . $aidlink, array('max_tokens' => 1));
echo "<div class='row'>\n";
echo "<div class='col-xs-12 col-sm-12 col-md-8'>\n";
openside('');
echo "<div class='pull-right m-b-10'><span class='small2'>" . $locale['663'] . "</span></div>\n";
$choice_arr = array('1' => $locale['yes'], '0' => $locale['no']);
}
}
$inputArray = array("article_cat_id" => $cat_id, "article_cat_name" => $cat_name, "article_cat_parent" => $cat_parent, "article_cat_description" => $cat_description, "article_cat_language" => $cat_language, "article_cat_sorting" => $cat_sorting);
$categoryNameCheck = array("when_updating" => "article_cat_name='" . $inputArray['article_cat_name'] . "' and article_cat_id !='" . $inputArray['article_cat_id'] . "' " . (multilang_table("AR") ? "and article_cat_language = '" . LANGUAGE . "'" : ""), "when_saving" => "article_cat_name='" . $inputArray['article_cat_name'] . "' " . (multilang_table("AR") ? "AND article_cat_language = '" . LANGUAGE . "'" : ""));
if (defender::safe()) {
if (dbcount("(article_cat_id)", DB_ARTICLE_CATS, "article_cat_id='" . $inputArray['article_cat_id'] . "'")) {
if (!dbcount("(article_cat_id)", DB_ARTICLE_CATS, $categoryNameCheck['when_updating'])) {
dbquery_insert(DB_ARTICLE_CATS, $inputArray, "update");
addNotice("success", $locale['articles_0151']);
redirect(clean_request("cat_view=1", array("section", "aid"), true));
} else {
addNotice("danger", $locale['articles_0352']);
}
} else {
if (!dbcount("(article_cat_id)", DB_ARTICLE_CATS, $categoryNameCheck['when_saving'])) {
dbquery_insert(DB_ARTICLE_CATS, $inputArray, "save");
addNotice("success", $locale['articles_0150']);
redirect(clean_request("cat_view=1", array("section", "aid"), true));
} else {
addNotice("danger", $locale['articles_0352']);
}
}
}
}
// UI dual tab
$articleCatTab['title'][] = $locale['articles_0020'];
$articleCatTab['id'][] = "b";
$articleCatTab['title'][] = $locale['articles_0027'];
$articleCatTab['id'][] = "a";
$tab_active = tab_active($articleCatTab, isset($_GET['action']) or !defender::safe() ? 1 : 0);
echo opentab($articleCatTab, $tab_active, "artCTab", FALSE, "m-t-20");
if (isset($_POST['del_image'])) {
if (!empty($data['blog_image']) && file_exists(IMAGES_B . $data['blog_image'])) {
unlink(IMAGES_B . $data['blog_image']);
}
if (!empty($data['blog_image_t1']) && file_exists(IMAGES_B_T . $data['blog_image_t1'])) {
unlink(IMAGES_B_T . $data['blog_image_t1']);
}
if (!empty($data['blog_image_t2']) && file_exists(IMAGES_B_T . $data['blog_image_t2'])) {
unlink(IMAGES_B_T . $data['blog_image_t2']);
}
$data['blog_image'] = "";
$data['blog_image_t1'] = "";
$data['blog_image_t2'] = "";
}
if (defender::safe()) {
dbquery_insert(DB_BLOG, $data, "save");
$result = dbquery("DELETE FROM " . DB_SUBMISSIONS . " WHERE submit_id='" . $_GET['submit_id'] . "'");
if ($data['blog_draft']) {
addNotice("success", $locale['blog_0147']);
} else {
addNotice("success", $locale['blog_0146']);
}
redirect(clean_request("", array("submit_id"), FALSE));
}
} else {
redirect(clean_request("", array("submit_id"), FALSE));
}
} elseif (isset($_POST['delete']) && (isset($_GET['submit_id']) && isnum($_GET['submit_id']))) {
$result = dbquery("\n\t\t\tSELECT\n\t\t\tts.submit_datestamp, ts.submit_criteria\n\t\t\tFROM " . DB_SUBMISSIONS . " ts\n\t\t\tWHERE submit_type='b' and submit_id='" . intval($_GET['submit_id']) . "'\n\t\t");
if (dbrows($result) > 0) {
$data = dbarray($result);
$result = dbquery("SELECT blog_image, blog_image_t1, blog_image_t2 FROM " . DB_BLOG . " WHERE blog_id='" . $del_data['blog_id'] . "'");
if (dbrows($result)) {
$data = dbarray($result);
if (!empty($data['blog_image']) && file_exists(IMAGES_B . $data['blog_image'])) {
unlink(IMAGES_B . $data['blog_image']);
}
if (!empty($data['blog_image_t1']) && file_exists(IMAGES_B_T . $data['blog_image_t1'])) {
unlink(IMAGES_B_T . $data['blog_image_t1']);
}
if (!empty($data['blog_image_t2']) && file_exists(IMAGES_B_T . $data['blog_image_t2'])) {
unlink(IMAGES_B_T . $data['blog_image_t2']);
}
$result = dbquery("DELETE FROM " . DB_BLOG . " WHERE blog_id='" . $del_data['blog_id'] . "'");
$result = dbquery("DELETE FROM " . DB_COMMENTS . " WHERE comment_item_id='" . $del_data['blog_id'] . "' and comment_type='B'");
$result = dbquery("DELETE FROM " . DB_RATINGS . " WHERE rating_item_id='" . $del_data['blog_id'] . "' and rating_type='B'");
dbquery_insert(DB_BLOG, $del_data, 'delete');
addNotice('warning', $locale['blog_0412']);
redirect(FUSION_SELF . $aidlink);
} else {
redirect(FUSION_SELF . $aidlink);
}
}
$allowed_pages = array("blog", "blog_category", "blog_form", "submissions", "settings");
$_GET['section'] = isset($_GET['section']) && in_array($_GET['section'], $allowed_pages) ? $_GET['section'] : "blog";
$edit = isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['blog_id']) && isnum($_GET['blog_id']) ? TRUE : FALSE;
$master_title['title'][] = $locale['blog_0400'];
$master_title['id'][] = 'blog';
$master_title['icon'] = '';
$master_title['title'][] = $edit ? $locale['blog_0402'] : $locale['blog_0401'];
$master_title['id'][] = 'blog_form';
$master_title['icon'] = '';
/**
* MYSQL save/update panels
*/
private function set_paneldb()
{
global $aidlink, $locale, $defender;
if (isset($_POST['panel_save'])) {
$this->data['panel_id'] = isset($_POST['panel_id']) ? form_sanitizer($_POST['panel_id'], '0', 'panel_id') : 0;
$this->data['panel_name'] = isset($_POST['panel_name']) ? form_sanitizer($_POST['panel_name'], '', 'panel_name') : '';
$this->data['panel_side'] = isset($_POST['panel_side']) ? form_sanitizer($_POST['panel_side'], 1, 'panel_side') : 1;
$this->data['panel_access'] = isset($_POST['panel_access']) ? form_sanitizer($_POST['panel_access'], '0', 'panel_access') : 0;
// panel name is unique
$result = dbcount("(panel_id)", DB_PANELS, "panel_name='" . $this->data['panel_name'] . "' AND panel_id !='" . $this->data['panel_id'] . "'");
if ($result) {
$defender->stop();
addNotice('danger', $locale['471']);
}
$this->data['panel_filename'] = isset($_POST['panel_filename']) ? form_sanitizer($_POST['panel_filename'], '', 'panel_filename') : '';
// panel content formatting
if ($this->data['panel_filename'] == 'none') {
$this->data['panel_type'] = "php";
$this->data['panel_content'] = isset($_POST['panel_content']) ? addslashes($_POST['panel_content']) : '';
if (!$this->data['panel_content']) {
$this->data['panel_content'] = "opentable(\"name\");\n" . "echo \"Content\";\n" . "closetable();";
if ($this->data['panel_side'] == 1 || $this->data['panel_side'] == 4) {
$this->data['panel_content'] = "openside(\"name\");\n" . "echo \"Content\";\n" . "closeside();";
}
}
} else {
$this->data['panel_content'] = '';
$this->data['panel_type'] = "file";
}
// need to add fourth option. only show in front page.
$this->data['panel_restriction'] = isset($_POST['panel_restriction']) ? form_sanitizer($_POST['panel_restriction'], '', 'panel_restriction') : 0;
// 3, show on all, 2 = show on home page. 1 = exclude , 0 = include
// post 0 to include all , 1 to exclude all, show all.
if ($this->data['panel_restriction'] == '3') {
// show on all
$this->data['panel_display'] = $this->data['panel_side'] !== 1 && $this->data['panel_side'] !== 4 ? 1 : 0;
$this->data['panel_url_list'] = '';
} elseif ($this->data['panel_restriction'] == '2') {
// show on homepage only
$this->data['panel_display'] = 0;
$this->data['panel_url_list'] = '';
if ($this->data['panel_side'] == 1 || $this->data['panel_side'] == 4) {
$this->data['panel_url_list'] = fusion_get_settings('opening_page');
// because 1 and 4 directly overide panel_display.
}
} else {
// require panel_url_list in this case
$this->data['panel_url_list'] = isset($_POST['panel_url_list']) ? form_sanitizer($_POST['panel_url_list'], '', 'panel_url_list') : '';
if ($this->data['panel_url_list']) {
$this->data['panel_url_list'] = str_replace(",", "\r\n", $this->data['panel_url_list']);
if ($this->data['panel_restriction'] == 1) {
// exclude mode
$this->data['panel_display'] = $this->data['panel_side'] !== 1 && $this->data['panel_side'] !== 4 ? 1 : 0;
} else {
// include mode
$this->data['panel_display'] = $this->data['panel_side'] !== 1 && $this->data['panel_side'] !== 4 ? 1 : 0;
}
} else {
$defender->stop();
addNotice('danger', $locale['475']);
}
}
$panel_languages = isset($_POST['panel_languages']) ? \defender::sanitize_array($_POST['panel_languages']) : array();
if (!empty($panel_languages)) {
$this->data['panel_languages'] = implode('.', $panel_languages);
}
// panel order .. add to last or sort - no need since we already have drag and drop... but if they dont have jquery this would be a good idea.
if ($this->data['panel_id'] && self::verify_panel($this->data['panel_id'])) {
dbquery_insert(DB_PANELS, $this->data, 'update');
addNotice('info', $locale['482']);
if (!defined('FUSION_NULL')) {
redirect(FUSION_SELF . $aidlink . "&section=listpanel&status=su");
}
} else {
// add panel order automatically
$result = dbquery("SELECT panel_order FROM " . DB_PANELS . " WHERE panel_side='" . intval($this->data['panel_side']) . "' ORDER BY panel_order DESC LIMIT 1");
if (dbrows($result) != 0) {
$data = dbarray($result);
$this->data['panel_order'] = $data['panel_order'] + 1;
} else {
$this->data['panel_order'] = 1;
}
dbquery_insert(DB_PANELS, $this->data, 'save');
addNotice('success', $locale['485']);
if (!defined('FUSION_NULL')) {
redirect(FUSION_SELF . $aidlink . "&section=listpanel&status=sn");
}
}
}
}
dbquery_order(DB_PHOTOS, $photo_data['photo_order'], "photo_order", $photo_data['photo_id'], "photo_id", $photo_data['album_id'], "album_id", FALSE, FALSE, "delete");
dbquery_insert(DB_PHOTOS, $photo_data, 'delete');
addNotice("success", $locale['photo_0024']);
redirect(clean_request("", array("aid", "album_id"), TRUE));
}
}
// purge photos
if (isset($_GET['action']) && $_GET['action'] == "purge" && isset($_GET['cat_id']) && isnum($_GET['cat_id'])) {
$result = dbquery("select * from " . DB_PHOTO_ALBUMS . " where album_id='" . intval($_GET['cat_id']) . "'");
if (dbrows($result) > 0) {
// album verified
$albumData = dbarray($result);
$photoResult = dbquery("select photo_id, photo_filename, photo_thumb1, photo_thumb2\n\t\tfrom " . DB_PHOTOS . " where album_id='" . intval($_GET['cat_id']) . "'");
if (dbrows($photoResult) > 0) {
if (!isset($_POST['purge_confirm'])) {
echo $locale['photo_0026'] . "<br/><br/>\n";
echo openform("purgephotos", "post", FUSION_REQUEST);
echo form_button("purge_confirm", $locale['photo_0027'], $locale['photo_0027'], array("class" => "btn-danger m-r-10"));
echo form_button("cancel", $locale['photo_0028'], $locale['photo_0028'], array("class" => "btn-default m-r-10"));
echo closeform();
} else {
while ($pData = dbarray($photoResult)) {
purgePhotoImage($pData);
// purging everything, order is not relevant
dbquery_insert(DB_PHOTOS, $pData, "delete");
}
redirect(clean_request("album_id=" . $_GET['cat_id'], array("aid")), TRUE);
}
}
}
}
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
pageAccess("S8");
if (isset($_POST['savesettings'])) {
$error = 0;
$inputArray = array("article_pagination" => form_sanitizer($_POST['article_pagination'], 0, "article_pagination"), "article_allow_submission" => form_sanitizer($_POST['article_allow_submission'], 0, "article_allow_submission"), "article_extended_required" => isset($_POST['article_extended_required']) ? 1 : 0);
if (defender::safe()) {
foreach ($inputArray as $settings_name => $settings_value) {
$inputSettings = array("settings_name" => $settings_name, "settings_value" => $settings_value, "settings_inf" => "article");
dbquery_insert(DB_SETTINGS_INF, $inputSettings, "update", array("primary_key" => "settings_name"));
}
addNotice("success", $locale['900']);
redirect(FUSION_REQUEST);
} else {
addNotice('danger', $locale['901']);
}
}
echo "<div class='well'>" . $locale['articles_0031'] . "</div>";
echo openform('settingsform', 'post', FUSION_REQUEST);
openside('');
echo form_text("article_pagination", $locale['articles_0032'], $article_settings['article_pagination'], array("inline" => TRUE, "max_length" => 4, "width" => "150px", "type" => "number"));
echo form_select("article_allow_submission", $locale['articles_0033'], $article_settings['article_allow_submission'], array("inline" => TRUE, "options" => array($locale['disable'], $locale['enable'])));
echo form_checkbox("article_extended_required", $locale['articles_0034'], $article_settings['article_extended_required'], array("inline" => TRUE));
closeside();
echo form_button('savesettings', $locale['750'], $locale['750'], array('class' => 'btn-primary'));
}
if (!empty($data['blog_image_t2']) && file_exists(IMAGES_B_T . $data['blog_image_t2'])) {
unlink(IMAGES_B_T . $data['blog_image_t2']);
}
$data['blog_image'] = "";
$data['blog_image_t1'] = "";
$data['blog_image_t2'] = "";
}
if (defender::safe()) {
if (dbcount("('blog_id')", DB_BLOG, "blog_id='" . $data['blog_id'] . "'")) {
dbquery_insert(DB_BLOG, $data, 'update');
addNotice('success', $locale['blog_0411']);
redirect(FUSION_SELF . $aidlink);
} else {
$data['blog_name'] = $userdata['user_id'];
dbquery_insert(DB_BLOG, $data, 'save');
addNotice('success', $locale['blog_0410']);
redirect(FUSION_SELF . $aidlink);
}
}
} elseif (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_POST['blog_id']) && isnum($_POST['blog_id'])) || isset($_GET['blog_id']) && isnum($_GET['blog_id'])) {
$result = dbquery("SELECT * FROM " . DB_BLOG . " WHERE blog_id='" . (isset($_POST['blog_id']) ? $_POST['blog_id'] : $_GET['blog_id']) . "'");
if (dbrows($result)) {
$data = dbarray($result);
} else {
redirect(FUSION_SELF . $aidlink);
}
}
if (isset($_POST['preview'])) {
$blog_blog = "";
if ($_POST['blog_blog']) {
if (isset($_POST['del_image'])) {
if (!empty($data['news_image']) && file_exists(IMAGES_N . $data['news_image'])) {
unlink(IMAGES_N . $data['news_image']);
}
if (!empty($data['news_image_t1']) && file_exists(IMAGES_N_T . $data['news_image_t1'])) {
unlink(IMAGES_N_T . $data['news_image_t1']);
}
if (!empty($data['news_image_t2']) && file_exists(IMAGES_N_T . $data['news_image_t2'])) {
unlink(IMAGES_N_T . $data['news_image_t2']);
}
$data['news_image'] = "";
$data['news_image_t1'] = "";
$data['news_image_t2'] = "";
}
if (defender::safe()) {
dbquery_insert(DB_NEWS, $data, "save");
$result = dbquery("DELETE FROM " . DB_SUBMISSIONS . " WHERE submit_id='" . $_GET['submit_id'] . "'");
if ($data['news_draft']) {
addNotice("success", $locale['news_0147']);
} else {
addNotice("success", $locale['news_0146']);
}
redirect(clean_request("", array("submit_id"), FALSE));
}
} else {
redirect(clean_request("", array("submit_id"), FALSE));
}
} else {
if (isset($_POST['delete']) && (isset($_GET['submit_id']) && isnum($_GET['submit_id']))) {
$result = dbquery("\n\t\t\tSELECT\n\t\t\tts.submit_datestamp, ts.submit_criteria\n\t\t\tFROM " . DB_SUBMISSIONS . " ts\n\t\t\tWHERE submit_type='n' and submit_id='" . intval($_GET['submit_id']) . "'\n\t\t");
if (dbrows($result) > 0) {
if ($faqCat_edit) {
$result = dbquery("select * from " . DB_FAQ_CATS . " WHERE faq_cat_id='" . intval($_GET['cat_id']) . "'");
if (dbrows($result) > 0) {
$data = dbarray($result);
} else {
redirect(FUSION_SELF . $aidlink);
}
}
if (isset($_POST['save_cat'])) {
$data = array("faq_cat_id" => form_sanitizer($_POST['faq_cat_id'], 0, "faq_cat_id"), "faq_cat_name" => form_sanitizer($_POST['faq_cat_name'], "", "faq_cat_name"), "faq_cat_description" => form_sanitizer($_POST['faq_cat_description'], "", "faq_cat_description"), "faq_cat_language" => form_sanitizer($_POST['faq_cat_language'], "", "faq_cat_language"));
if (defender::safe()) {
if (dbcount("(faq_cat_id)", DB_FAQ_CATS, "faq_cat_id='" . $data['faq_cat_id'] . "'")) {
dbquery_insert(DB_FAQ_CATS, $data, "update");
addNotice("success", $locale['faq_0205']);
} else {
dbquery_insert(DB_FAQ_CATS, $data, "save");
addNotice("success", $locale['faq_0204']);
}
redirect(FUSION_SELF . $aidlink);
}
}
echo openform('faqCat_form', 'post', FUSION_REQUEST, array("class" => "m-t-20"));
echo form_hidden('faq_cat_id', "", $data['faq_cat_id']);
echo form_text('faq_cat_name', $locale['faq_0200'], $data['faq_cat_name'], array('error_text' => $locale['faq_0201'], 'required' => 1));
echo form_text('faq_cat_description', $locale['faq_0202'], $data['faq_cat_description']);
if (multilang_table("FQ")) {
echo form_select("faq_cat_language", $locale['global_ML100'], $data['faq_cat_language'], array('options' => fusion_get_enabled_languages()));
} else {
echo form_hidden("faq_cat_language", '', LANGUAGE);
}
echo form_button('save_cat', $locale['faq_0203'], $locale['faq_0203'], array('class' => 'btn-primary m-t-10'));
redirect("index.php");
}
$errors = array();
if (isset($_GET['email']) && isset($_GET['code'])) {
if (!preg_check("/^[-0-9A-Z_\\.]{1,50}@([-0-9A-Z_\\.]+\\.){1,50}([0-9A-Z]){2,4}\$/i", $_GET['email'])) {
redirect("register.php?error=activate");
}
if (!preg_check("/^[0-9a-z]{40}\$/", $_GET['code'])) {
redirect("register.php?error=activate");
}
$result = dbquery("SELECT user_info FROM " . DB_NEW_USERS . " WHERE user_code='" . $_GET['code'] . "' AND user_email='" . $_GET['email'] . "'");
if (dbrows($result) > 0) {
add_to_title($locale['global_200'] . $locale['u155']);
$data = dbarray($result);
$user_info = unserialize(base64_decode($data['user_info']));
dbquery_insert(DB_USERS, $user_info, 'save');
$result = dbquery("DELETE FROM " . DB_NEW_USERS . " WHERE user_code='" . $_GET['code'] . "' LIMIT 1");
if (fusion_get_settings('admin_activation') == 1) {
addNotice("success", $locale['u171'] . " - " . $locale['u162'], 'all');
} else {
addNotice("success", $locale['u171'] . " - " . $locale['u161'], 'all');
}
redirect(fusion_get_settings('opening_page'));
} else {
redirect(fusion_get_settings('opening_page'));
}
} elseif (isset($_POST['register'])) {
$userInput = new PHPFusion\UserFieldsInput();
$userInput->validation = $settings['display_validation'];
//$settings['display_validation'];
$userInput->emailVerification = $settings['email_verification'];
if (fusion_get_settings("tinymce_enabled")) {
echo "<script language='javascript' type='text/javascript'>advanced();</script>\n";
}
if (isset($_GET['submit_id']) && isnum($_GET['submit_id'])) {
if (isset($_POST['publish']) && (isset($_GET['submit_id']) && isnum($_GET['submit_id']))) {
$result = dbquery("SELECT ts.*, tu.user_id, tu.user_name FROM " . DB_SUBMISSIONS . " ts\n\t\t\tLEFT JOIN " . DB_USERS . " tu ON ts.submit_user=tu.user_id\n\t\t\tWHERE submit_id='" . $_GET['submit_id'] . "'");
if (dbrows($result)) {
$data = dbarray($result);
$data = array('article_id' => 0, 'article_subject' => form_sanitizer($_POST['article_subject'], '', 'article_subject'), 'article_cat' => form_sanitizer($_POST['article_cat'], 0, 'article_cat'), 'article_name' => $data['user_id'], 'article_snippet' => addslash(preg_replace("(^<p>\\s</p>\$)", "", $_POST['article_snippet'])), 'article_article' => addslash(preg_replace("(^<p>\\s</p>\$)", "", $_POST['article_article'])), 'article_keywords' => form_sanitizer($_POST['article_keywords'], '', 'article_keywords'), 'article_datestamp' => form_sanitizer($_POST['article_datestamp'], time(), 'article_datestamp'), 'article_visibility' => form_sanitizer($_POST['article_visibility'], 0, 'article_visibility'), 'article_draft' => isset($_POST['article_draft']) ? "1" : "0", 'article_allow_comments' => 0, 'article_allow_ratings' => 0, 'article_language' => form_sanitizer($_POST['article_language'], '', 'article_language'));
if (fusion_get_settings('tinymce_enabled') != 1) {
$data['article_breaks'] = isset($_POST['line_breaks']) ? "y" : "n";
} else {
$data['article_breaks'] = "n";
}
if (defender::safe()) {
dbquery_insert(DB_ARTICLES, $data, "save");
$result = dbquery("DELETE FROM " . DB_SUBMISSIONS . " WHERE submit_id='" . $_GET['submit_id'] . "'");
if ($data['article_draft']) {
addNotice("success", $locale['articles_0051']);
} else {
addNotice("success", $locale['articles_0050']);
}
redirect(clean_request("", array("submit_id"), FALSE));
}
} else {
redirect(clean_request("", array("submit_id"), FALSE));
}
} else {
if (isset($_POST['delete']) && (isset($_GET['submit_id']) && isnum($_GET['submit_id']))) {
$result = dbquery("\n\t\t\tSELECT\n\t\t\tts.submit_id, ts.submit_datestamp, ts.submit_criteria\n\t\t\tFROM " . DB_SUBMISSIONS . " ts\n\t\t\tWHERE submit_type='a' and submit_id='" . intval($_GET['submit_id']) . "'\n\t\t");
if (dbrows($result) > 0) {
/**
* Update User Fields
* @return bool
*/
public function saveUpdate()
{
$locale = fusion_get_locale();
$settings = fusion_get_settings();
$this->_method = "validate_update";
//$this->data = $this->userData; // Turn off for Next
$this->_settUserName();
$this->_setPassword();
if (!defined('ADMIN_PANEL')) {
$this->_setAdminPassword();
}
$this->_setUserEmail();
if ($this->validation == 1) {
$this->_setValidationError();
}
$this->_setUserAvatar();
$quantum = new QuantumFields();
$quantum->setCategoryDb(DB_USER_FIELD_CATS);
$quantum->setFieldDb(DB_USER_FIELDS);
$quantum->setPluginFolder(INCLUDES . "user_fields/");
$quantum->setPluginLocaleFolder(LOCALE . LOCALESET . "user_fields/");
$quantum->load_fields();
$quantum->load_field_cats();
$quantum->setCallbackData($this->data);
$_input = $quantum->return_fields_input(DB_USERS, 'user_id');
if (!empty($_input)) {
foreach ($_input as $input) {
$this->data += $input;
}
}
if (\defender::safe()) {
if ($this->_userName != $this->userData['user_name']) {
save_user_log($this->userData['user_id'], "user_name", $this->_userName, $this->userData['user_name']);
}
if ($this->_userEmail != $this->userData['user_email']) {
save_user_log($this->userData['user_id'], "user_email", $this->_userEmail, $this->userData['user_email']);
}
$quantum->log_user_action(DB_USERS, "user_id");
dbquery_insert(DB_USERS, $this->data, 'update');
$this->_completeMessage = $locale['u163'];
if ($this->isAdminPanel && $this->_isValidCurrentPassword && $this->_newUserPassword && $this->_newUserPassword2) {
// inform user that password has changed. and tell him your new password
include INCLUDES . "sendmail_include.php";
addNotice("success", str_replace("USER_NAME", $this->userData['user_name'], $locale['global_458']));
$input = array("mailname" => $this->userData['user_name'], "email" => $this->userData['user_email'], "subject" => str_replace("[SITENAME]", $settings['sitename'], $locale['global_456']), "message" => str_replace(array("[SITENAME]", "[SITEUSERNAME]", "USER_NAME", "[PASSWORD]"), array($settings['sitename'], $settings['siteusername'], $this->userData['user_name'], $this->_newUserPassword), $locale['global_457']));
if (!sendemail($input['mailname'], $input['email'], $settings['siteusername'], $settings['siteemail'], $input['subject'], $input['message'])) {
addNotice('warning', str_replace("USER_NAME", $this->userData['user_name'], $locale['global_459']));
}
}
if (\defender::safe()) {
addNotice('success', $locale['u169']);
}
return true;
}
return false;
}
} else {
if ($mime_types[$extension] != $each['type']) {
die('Prevented an unwanted file upload attempt!');
}
}
}
unset($file_info, $extension);
}
}
unset($mime_types);
}
}
$defender = new defender();
// Set admin login procedures
Authenticate::setAdminLogin();
$defender->debug_notice = FALSE;
// turn this off after beta.
$defender->sniff_token();
$dynamic = new dynamics();
$dynamic->boot();
$fusion_page_head_tags =& \PHPFusion\OutputHandler::$pageHeadTags;
$fusion_page_footer_tags =& \PHPFusion\OutputHandler::$pageFooterTags;
$fusion_jquery_tags =& \PHPFusion\OutputHandler::$jqueryTags;
// Set theme using $_GET as well.
// Set theme
if ($userdata['user_level'] == USER_LEVEL_SUPER_ADMIN && isset($_GET['themes']) && theme_exists($_GET['themes'])) {
$newUserTheme = array("user_id" => $userdata['user_id'], "user_theme" => stripinput($_GET['themes']));
dbquery_insert(DB_USERS, $newUserTheme, "update");
redirect(clean_request("", array("themes"), FALSE));
}
set_theme(empty($userdata['user_theme']) ? fusion_get_settings("theme") : $userdata['user_theme']);
$data = array("weblink_id" => 0, "weblink_name" => "", "weblink_cat" => 0, "weblink_description" => "", "weblink_visibility" => iGUEST, "weblink_url" => "", "weblink_datestamp" => time());
if (isset($_GET['action']) && $_GET['action'] == "delete" && (isset($_GET['weblink_id']) && isnum($_GET['weblink_id']))) {
$result = dbquery("DELETE FROM " . DB_WEBLINKS . " WHERE weblink_id='" . $_GET['weblink_id'] . "'");
addNotice("success", $locale['wl_0302']);
redirect(FUSION_SELF . $aidlink);
}
if (isset($_POST['save_link'])) {
$data = array("weblink_id" => form_sanitizer($_POST['weblink_id'], 0, 'weblink_id'), "weblink_cat" => form_sanitizer($_POST['weblink_cat'], 0, 'weblink_cat'), "weblink_name" => form_sanitizer($_POST['weblink_name'], '', 'weblink_name'), "weblink_description" => form_sanitizer($_POST['weblink_description'], '', 'weblink_description'), "weblink_visibility" => form_sanitizer($_POST['weblink_visibility'], '0', 'weblink_visibility'), "weblink_url" => form_sanitizer($_POST['weblink_url'], '', 'weblink_url'), "weblink_datestamp" => form_sanitizer($_POST['weblink_datestamp'], '', 'weblink_datestamp'));
if (defender::safe()) {
if (dbcount("(weblink_id)", DB_WEBLINKS, "weblink_id='" . intval($data['weblink_id']) . "'")) {
$data['weblink_datestamp'] = isset($_POST['update_datestamp']) ? time() : $data['weblink_datestamp'];
dbquery_insert(DB_WEBLINKS, $data, "update");
addNotice("success", $locale['wl_0301']);
redirect(FUSION_SELF . $aidlink);
} else {
dbquery_insert(DB_WEBLINKS, $data, "save");
addNotice("success", $locale['wl_0300']);
redirect(FUSION_SELF . $aidlink);
}
}
}
if ($weblink_edit) {
$result = dbquery("SELECT * FROM " . DB_WEBLINKS . " WHERE weblink_id='" . intval($_GET['weblink_id']) . "'");
if (dbrows($result)) {
$data = dbarray($result);
} else {
redirect(FUSION_SELF . $aidlink);
}
}
echo openform('inputform', 'post', FUSION_REQUEST, array("class" => "m-t-20"));
echo "<div class='row'>\n";
$article_settings = get_settings("article");
if (file_exists(INFUSIONS . "articles/locale/" . LOCALESET . "articles_admin.php")) {
include INFUSIONS . "articles/locale/" . LOCALESET . "articles_admin.php";
} else {
include INFUSIONS . "articles/locale/English/articles_admin.php";
}
opentable("<i class='fa fa-commenting-o fa-lg m-r-10'></i>" . $locale['articles_0060']);
if (iMEMBER && $article_settings['article_allow_submission'] && ($cat_exist = dbcount("(article_cat_id)", DB_ARTICLE_CATS, multilang_table("AR") ? "article_cat_language='" . LANGUAGE . "'" : ""))) {
$criteriaArray = array("article_subject" => "", "article_cat" => 0, "article_snippet" => "", "article_article" => "", "article_language" => LANGUAGE, "article_keywords" => "");
if (isset($_POST['submit_article'])) {
$submit_info['article_snippet'] = nl2br(parseubb(stripinput($_POST['article_snippet'])));
$submit_info['article_article'] = nl2br(parseubb(stripinput($_POST['article_article'])));
$criteriaArray = array("article_subject" => form_sanitizer($_POST['article_subject'], "", "article_subject"), "article_cat" => form_sanitizer($_POST['article_cat'], "", "article_cat"), "article_snippet" => form_sanitizer($submit_info['article_snippet'], "", "article_snippet"), "article_article" => form_sanitizer($submit_info['article_article'], "", "article_article"), "article_language" => form_sanitizer($_POST['article_language'], "", "article_language"), "article_keywords" => form_sanitizer($_POST['article_keywords'], "", "article_keywords"));
if (defender::safe()) {
$inputArray = array("submit_type" => "a", "submit_user" => $userdata['user_id'], "submit_datestamp" => time(), "submit_criteria" => addslashes(serialize($criteriaArray)));
dbquery_insert(DB_SUBMISSIONS, $inputArray, "save");
addNotice("success", $locale['articles_0061']);
redirect(clean_request("submitted=a", array("stype"), TRUE));
}
}
if (isset($_GET['submitted']) && $_GET['submitted'] == "a") {
add_to_title($locale['global_200'] . $locale['articles_0040']);
echo "<div class='well text-center'><p><strong>" . $locale['articles_0061'] . "</strong></p>";
echo "<p><a href='submit.php?stype=a'>" . $locale['articles_0062'] . "</a></p>";
echo "<p><a href='index.php'>" . str_replace("[SITENAME]", fusion_get_settings("sitename"), $locale['articles_0064']) . "</a></p>\n";
echo "</div>\n";
} else {
// Preview
if (isset($_POST['preview_article'])) {
$article_snippet = "";
if ($_POST['article_snippet']) {
$temp_file = $callback_data['download_image'];
$callback_data['download_image'] = filename_exists($dest, $callback_data['download_image']);
copy(DOWNLOADS . "submissions/images/" . $temp_file, $dest . $callback_data['download_image']);
chmod($dest . $callback_data['download_image'], 0644);
unlink(DOWNLOADS . "submissions/images/" . $temp_file);
}
// move thumbnail
if (!empty($callback_data['download_image_thumb']) && file_exists(DOWNLOADS . "/submissions/images/" . $callback_data['download_image_thumb'])) {
$dest = DOWNLOADS . "images/";
$temp_file = $callback_data['download_image_thumb'];
$callback_data['download_image_thumb'] = filename_exists($dest, $callback_data['download_image_thumb']);
copy(DOWNLOADS . "submissions/images/" . $temp_file, $dest . $callback_data['download_image_thumb']);
chmod($dest . $callback_data['download_image_thumb'], 0644);
unlink(DOWNLOADS . "submissions/images/" . $temp_file);
}
dbquery_insert(DB_DOWNLOADS, $callback_data, "save");
dbquery("DELETE FROM " . DB_SUBMISSIONS . " WHERE submit_id='" . intval($_GET['submit_id']) . "'");
addNotice("success", $locale['download_0063']);
redirect(clean_request("", array("submit_id"), FALSE));
}
} else {
redirect(clean_request("", array("submit_id"), FALSE));
}
} else {
if (isset($_POST['delete']) && (isset($_GET['submit_id']) && isnum($_GET['submit_id']))) {
$result = dbquery("\n\t\t\tSELECT ts.submit_id, ts.submit_datestamp, ts.submit_criteria\n\t\t\tFROM " . DB_SUBMISSIONS . " ts\n\t\t\tWHERE submit_type='d' and submit_id='" . intval($_GET['submit_id']) . "'\n\t\t");
if (dbrows($result) > 0) {
$callback_data = dbarray($result);
// delete all the relevant files
$delCriteria = unserialize($callback_data['submit_criteria']);
if (!empty($delCriteria['download_image']) && file_exists(INFUSIONS . "downloads/submisisons/images/" . $delCriteria['download_image'])) {