Esempio n. 1
0
$smarty = new vtigerCRM_Smarty();
$subMode = vtlib_purify($_REQUEST['sub_mode']);
$smarty->assign("MOD", $mod_strings);
$smarty->assign("APP", $app_strings);
$smarty->assign("THEME", $theme);
$smarty->assign("JS_DATEFORMAT", parse_calendardate($app_strings['NTC_DATE_FORMAT']));
if ($subMode == 'updateFieldProperties') {
    updateFieldProperties();
} elseif ($subMode == 'deleteCustomField') {
    deleteCustomField();
} elseif ($subMode == 'changeOrder') {
    changeFieldOrder();
} elseif ($subMode == 'addBlock') {
    $duplicate = addblock();
} elseif ($subMode == 'deleteCustomBlock') {
    deleteBlock();
} elseif ($subMode == 'addCustomField') {
    $duplicate = addCustomField();
} elseif ($subMode == 'movehiddenfields' || $subMode == 'showhiddenfields') {
    show_move_hiddenfields($subMode);
} elseif ($subMode == 'changeRelatedInfoOrder') {
    changeRelatedListOrder();
}
$module_array = getCustomFieldSupportedModules();
$cfimagecombo = array($image_path . "text.gif", $image_path . "number.gif", $image_path . "percent.gif", $image_path . "currency.gif", $image_path . "date.gif", $image_path . "email.gif", $image_path . "phone.gif", $image_path . "picklist.gif", $image_path . "url.gif", $image_path . "checkbox.gif", $image_path . "text.gif", $image_path . "picklist.gif", $image_path . "time.PNG");
$cftextcombo = array($mod_strings['Text'], $mod_strings['Number'], $mod_strings['Percent'], $mod_strings['Currency'], $mod_strings['Date'], $mod_strings['Email'], $mod_strings['Phone'], $mod_strings['PickList'], $mod_strings['LBL_URL'], $mod_strings['LBL_CHECK_BOX'], $mod_strings['LBL_TEXT_AREA'], $mod_strings['LBL_MULTISELECT_COMBO'], $mod_strings['Time']);
$smarty->assign("MODULES", $module_array);
$smarty->assign("CFTEXTCOMBO", $cftextcombo);
$smarty->assign("CFIMAGECOMBO", $cfimagecombo);
if ($_REQUEST['formodule'] != '') {
    $fld_module = vtlib_purify($_REQUEST['formodule']);
Esempio n. 2
0
    $enabledblocks = array();
    if (isset($_POST['enabledblocks'])) {
        $enabledblocks = $_POST['enabledblocks'];
    }
    $visibleblocks = array();
    if (isset($_POST['visibleblocks'])) {
        $visibleblocks = $_POST['visibleblocks'];
    }
    changeBlockStatus($enabledblocks, $visibleblocks);
}
if ($mode == $LANG_ADMIN['delete'] && !empty($LANG_ADMIN['delete'])) {
    if (!isset($bid) || empty($bid) || $bid == 0) {
        COM_errorLog('Attempted to delete block, bid empty or null, value =' . $bid);
        $display .= COM_refresh($_CONF['site_admin_url'] . '/block.php');
    } elseif (SEC_checkToken()) {
        $display .= deleteBlock($bid);
    } else {
        COM_accessLog("User {$_USER['username']} tried to illegally delete block {$bid} and failed CSRF checks.");
        echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
    }
} elseif ($mode == $LANG_ADMIN['save'] && !empty($LANG_ADMIN['save']) && SEC_checkToken()) {
    $name = '';
    if (isset($_POST['name'])) {
        $name = COM_sanitizeID($_POST['name']);
    }
    $help = '';
    if (isset($_POST['help'])) {
        $help = COM_sanitizeUrl($_POST['help'], array('http', 'https'));
    }
    $blockorder = 0;
    if (isset($_POST['blockorder'])) {