}
if (isset($_GET['dropbox_per_page'])) {
$sort_params[] = 'dropbox_per_page=' . intval($_GET['dropbox_per_page']);
}
if (isset($_GET['dropbox_direction'])) {
$sort_params[] = 'dropbox_direction=' . $_GET['dropbox_direction'];
}
$sort_params = Security::remove_XSS(implode('&', $sort_params));
$action = isset($_GET['action']) ? $_GET['action'] : null;
/* ACTIONS: add a dropbox file, add a dropbox category. */
// Display the form for adding a new dropbox item.
if ($action == 'add') {
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed();
}
display_add_form($dropbox_unid, $viewReceivedCategory, $viewSentCategory, $view);
}
if (isset($_POST['submitWork'])) {
$check = Security::check_token();
if ($check) {
$message = store_add_dropbox();
if (!empty($message)) {
Display::display_confirmation_message($message);
}
}
}
// Display the form for adding a category
if ($action == 'addreceivedcategory' or $action == 'addsentcategory') {
if (api_get_session_id() != 0 && !api_is_allowed_to_session_edit(false, true)) {
api_not_allowed();
}
function protect_folder($vars)
{
$func_name = "protect_{$vars[method]}";
$files = array();
$err = $func_name($vars, $files);
if ($err) {
display_add_form($vars, $err);
return;
}
// save folder info now
global $config, $db;
$path = $db->escape($vars['path']);
$url = $db->escape($vars['url']);
$method = $db->escape($vars['method']);
$product_ids = $vars['product_id_all'] ? 'ALL' : join(',', $vars['product_id']);
$files = $db->escape(serialize($files));
$db->query("INSERT INTO {$db->config[prefix]}folders\n (path, url, method, product_ids, files_content)\n VALUES\n ('{$path}', '{$url}', '{$method}', '{$product_ids}', '{$files}')\n ");
if ($GLOBALS['protection_is_instruction']) {
} else {
admin_log("Folder protected ({$path}) - {$method}", "folders", mysql_insert_id());
admin_html_redirect("protect.php?added=ok", "Folder protected", "Folder has been protected successfully");
}
exit;
}
$form = 2;
break;
default:
}
$fav->load($pid);
}
display_super_fav($fav);
switch ($form) {
case 1:
display_edit_form($fav, $editArr);
break;
case 2:
display_add_form($fav, true);
break;
default:
display_add_form($fav, false);
}
unset($fav);
page_footer();
function display_super_fav($fav)
{
?>
<table class="main adj">
<caption>我的百宝箱</caption>
<col class="center"/><col class="center"/><col/><col class="center"/>
<tbody>
<tr><th>位置</th><th>类型</th><th style="width: 20em;">名称</th><th>操作</th></tr>
<?php
if ($fav->currentPid != 0) {
?>
<tr>
<?php
require_once 'fns.php';
//添加问题及选项
check_is_on();
do_html_header('add_topic');
display_add_form();
do_html_URL('index.php', '返回主界面');
do_html_footer();
function add_save()
{
global $db, $t;
global $member_additional_fields;
$errors = array();
$vars = get_input_vars();
if (strlen($vars['generate_login'])) {
$vars['login'] = generate_login($vars);
}
if (strlen($vars['generate_pass'])) {
$vars['pass'] = generate_password($vars);
}
$vars['pass0'] = $vars['pass'];
if (!strlen($vars['login'])) {
$errors[] = "'Login' is a required field";
} elseif ($db->check_uniq_login($vars['login'], $vars['email'], $vars['pass0'], 1) >= 0) {
$errors[] = "User '{$vars['login']} already exists' - please choose another username";
}
if (!strlen($vars['pass0'])) {
$errors[] = "'Password' is a required field";
}
foreach ($member_additional_fields as $f) {
$fname = $f['name'];
if ($f['validate_func']) {
foreach ((array) $f['validate_func'] as $func) {
if (!function_exists($func)) {
fatal_error("Validation function '{$func}' for field: '{$fname}' not defined. Internal error", 0);
}
if ($err = $func($vars[$fname], $f['title'], $f)) {
$errors[] = "{$err}";
}
}
}
}
foreach ($member_additional_fields as $f) {
$fname = $f['name'];
if (isset($vars[$fname])) {
$vars['data'][$fname] = $vars[$fname];
}
}
if ($errors) {
$t->assign('errors', $errors);
return display_add_form($vars);
}
foreach ($member_additional_fields as $f) {
$fname = $f['name'];
$vars[$fname] = $vars['data'][$fname];
unset($vars['data'][$fname]);
}
$member_id = $db->add_pending_user($vars);
if ($config['use_affiliates']) {
$is_affiliate = $vars['is_affiliate'];
} else {
$is_affiliate = '0';
}
$db->subscribe_member($member_id, $is_affiliate);
$db->add_member_threads($member_id, $vars['threads']);
update_cc_info($member_id, $vars);
admin_log("Member added ({$vars['login']})", 'members', $member_id);
$t->assign('member_id', $member_id);
$t->assign('msg', "User added. Click on 'User Payments' link in top to subscribe him.");
$t->assign('link', "users.php?action=payments&member_id={$member_id}");
$t->display("admin/user_saved.html");
}
case 'add':
$field = array();
if ($vars['save']) {
check_demo();
$field = get_field_from_form($vars);
if ($err = validate_add_form($field)) {
$t->assign('error', $err);
} elseif ($err = add_field($field)) {
$t->assign('error', $err);
} else {
admin_log("Additonal Field ({$field['name']}) inserted");
admin_html_redirect("fields.php", "Field info added", "Field info added to config");
break;
}
}
display_add_form($field);
break;
case 'edit':
foreach ($ff as $f) {
if ($f['name'] == $vars['name']) {
$old_field = $f;
}
}
$new_field = $old_field = get_field_from_saved($old_field);
if ($vars['save']) {
check_demo();
$new_field = get_field_from_form($vars);
if ($err = validate_edit_form($new_field, $old_field)) {
$t->assign('error', $err);
} elseif ($err = save_field($new_field, $old_field)) {
$t->assign('error', $err);
