Esempi di codice in PHP per mysql_do_query

Esempio n. 1

0

Mostra file

File: cat_tree.php Progetto: kaithar/livepage

function build_cat_tree()
{
    $tree = array();
    $tree['flat'] = array();
    $tree['ids'] = array();
    $ids = mysql_do_query("SELECT * FROM `cms_categories`");
    while ($cat = mysql_fetch_assoc($ids)) {
        $cat['children'] = array();
        $tree['ids'][$cat['cat_id']] = $cat;
    }
    foreach ($tree['ids'] as $catid => $cat) {
        if ($cat['cat_parent'] == 0) {
            $tree['tree'] =& $tree['ids'][$catid];
        } else {
            $tree['ids'][$cat['cat_parent']]['children'][] =& $tree['ids'][$catid];
        }
    }
    recursive_tree_path($tree['flat'], $tree['tree'], "", "/");
    return $tree;
}

Esempio n. 2

0

Mostra file

File: structure.php Progetto: kaithar/livepage

function makePagesDiv($cat)
{
    global $tree;
    $cts = "";
    $scts = "";
    foreach ($tree['flat'] as $tcat) {
        $cts .= "<option value=\"{$tcat['cat_id']}\"" . ($tcat['cat_id'] == $cat['cat_id'] ? " selected=\"selected\"" : "") . ">";
        $cts .= $tcat['path'] . "</option>";
        $foo = strpos($tcat['path'], $cat['path']);
        if ($foo === FALSE || $foo > 1) {
            $scts .= "<option value=\"{$tcat['cat_id']}\"" . ($tcat['cat_id'] == $cat['cat_parent'] ? " selected=\"selected\"" : "") . ">";
            $scts .= $tcat['path'] . "</option>";
        }
    }
    $result = mysql_do_query("SELECT *\r\n\t\t                      FROM `cms_pages` \r\n\t\t\t\t             WHERE `page_category` = '" . mysql_real_escape_string($cat['cat_id']) . "'");
    $c = "<div>[<a href=\"javascript:showAllDetails()\">Expand all</a>] " . "[<a href=\"javascript:hideAllDetails()\">Collapse all</a>] " . "[<a href=\"javascript:showNewFolder()\">New Subfolder</a>] " . "[<a href=\"javascript:showNewPage()\">New Page</a>]<br/>" . "[<a href=\"javascript:showTitleCat()\">Change title</a>] " . ($cat['cat_id'] == 1 ? '' : "[<a href=\"javascript:showMoveCat()\">Move folder</a>] " . "[<a href=\"javascript:showNukeCat()\">Delete folder</a>] ") . "<br/>" . '<div id="newFolder" style="display: none; padding: 10px;">' . '<form action="/lp-admin.structure.newFolder.' . $cat['cat_id'] . '" method="POST" id="newFolderForm">' . "Create folder " . $cat['path'] . " <input type=\"text\" name=\"folder_name\" size=\"35\" value=\"\"/> " . "<input type=\"button\" name=\"submit\" value=\"Submit\" onClick=\"postForm('newFolderForm')\"/></form>" . '</div>' . '<div id="newPage" style="display: none; padding: 10px;">' . '<form action="/lp-admin.structure.newPage.' . $cat['cat_id'] . '" method="POST" id="newPageForm">' . "Create page " . $cat['path'] . " <input type=\"text\" name=\"page_name\" size=\"35\" value=\"\"/> " . "<input type=\"button\" name=\"submit\" value=\"Submit\" onClick=\"postForm('newPageForm')\"/></form>" . '</div>' . '<div id="titleCat" style="display: none; padding: 10px;">' . '<form action="/lp-admin.structure.titleCat.' . $cat['cat_id'] . '" method="POST" id="titleCatForm">' . "Title: <input type=\"text\" name=\"title\" size=\"35\" value=\"" . $cat['cat_title'] . "\"/> " . "<input type=\"button\" name=\"submit\" value=\"Submit\" onClick=\"postForm('titleCatForm')\"/></form>" . '</div>' . '<div id="moveCat" style="display: none; padding: 0px 0px 0px 50px;">' . '<form action="/lp-admin.structure.moveCat.' . $cat['cat_id'] . '" method="POST" id="mvCatfrm">' . 'Move to: <select name="category">' . $scts . '</select> ' . '<input type="text" name="location" size="35" value="' . $cat['cat_key'] . '"> ' . '<input type="button" name="submit" value="Submit" onClick="postForm(\'mvCatfrm\')"/></form>' . '</div>' . '<div id="nukeCat" style="display: none; padding: 0px 0px 0px 50px;">' . '<form action="/lp-admin.structure.nukeCat.' . $cat['cat_id'] . '" method="POST" id="nukeCatFrm">' . 'Are you sure you want to <b>DELETE</b> this folder? Yes: <input name="sure" type="checkbox" value="1"/> ' . '<input type="button" name="submit" value="Submit" onClick="postForm(\'nukeCatFrm\')"/></form>' . '</div>' . "<br/>" . "Trail: " . $cat['flat_path'] . "<br/>" . "Path: " . $cat['path'] . "<br/><ul>";
    while ($row = mysql_fetch_assoc($result)) {
        $c .= '<li id="pageli' . $row['page_id'] . '"><a class="pagekey" href="javascript:toggleDetails(\'pageli' . $row['page_id'] . '\')">' . $row['page_key'] . '</a>' . '<div class="controls" style="display: none; padding: 0px 0px 0px 50px;">' . 'Title: ' . $row['page_title'] . '<br/>' . '[<a href="' . $cat['path'] . $row['page_key'] . '">Goto</a>] ' . '[<a href="javascript:toggleMove(\'pageli' . $row['page_id'] . '\')">Move</a>] ' . '[<a href="javascript:toggleNuke(\'pageli' . $row['page_id'] . '\')">Delete</a>] ' . '[<a href="' . $cat['path'] . $row['page_key'] . '.pageconfig">Settings</a>]</div>' . '<div class="move" style="display: none; padding: 0px 0px 0px 50px;">' . '<form action="/lp-admin.structure.move.' . $row['page_id'] . '" method="POST" id="mvfrm' . $row['page_id'] . '">' . 'Move to: <select name="category">' . $cts . '</select> ' . '<input type="text" name="location" size="35" value="' . $row['page_key'] . '"> ' . '<input type="button" name="submit" value="Submit" onClick="postForm(\'mvfrm' . $row['page_id'] . '\')"/></form>' . '</div>' . '<div class="nuke" style="display: none; padding: 0px 0px 0px 50px;">' . '<form action="/lp-admin.structure.nuke.' . $row['page_id'] . '" method="POST" id="nkfrm' . $row['page_id'] . '">' . 'Are you sure you want to <b>DELETE</b> this page? Yes: <input name="sure" type="checkbox" value="1"/> ' . '<input type="button" name="submit" value="Submit" onClick="postForm(\'nkfrm' . $row['page_id'] . '\')"/></form>' . '</div>' . '</li>';
    }
    $c .= "</ul></div>";
    return $c;
}

Esempio n. 3

0

Mostra file

File: template_config.php Progetto: kaithar/livepage

<?php

require_once "templates/" . $site_config['template'] . "/template_config.php";
if (isset($_POST['submit']) && $_POST['submit'] == "Submit") {
    $template_data = template_global_config_post($_POST);
    if (is_array($template_data)) {
        $content .= $template_data['error'];
    } else {
        if ($template_data != $site_config['template_data']) {
            if ($template_data == "") {
                mysql_do_query("DELETE FROM `cms_template_config` \r\n                              WHERE `template_name` = '" . mysql_real_escape_string($site_config['template']) . "'");
            } else {
                mysql_do_query("UPDATE `cms_template_config` \r\n                           SET `template_data`='" . mysql_real_escape_string($template_data) . "'\r\n                         WHERE `template_name` = '" . mysql_real_escape_string($site_config['template']) . "'");
                if (mysql_affected_rows() == 0) {
                    mysql_do_query("INSERT INTO `cms_template_config` \r\n                             SET `template_data`='" . mysql_real_escape_string($template_data) . "',\r\n                                 `template_name` = '" . mysql_real_escape_string($site_config['template']) . "'");
                }
            }
        }
        #<link rel="stylesheet" href="/style.css" type="text/css"/>
        die('$("link[rel*=\'style\'][href^=\'/style.css\']").replaceWith(\'<link rel="stylesheet" href="/style.css?fr=' . time() . '" type="text/css"/>\');');
    }
}
$c = '<form action="/lp-admin.template" method="POST" id="config">';
$c .= template_global_config_form();
$c .= "<input type=\"button\" name=\"submit\" value=\"Submit\" onClick=\"postForm('config')\"></form>";
$content .= section("Global Template Config", $c);

Esempio n. 4

0

Mostra file

File: createsection.php Progetto: kaithar/livepage

<?php

if ($page['found']) {
    if (isset($_POST['Submit'])) {
        $page_id = mysql_real_escape_string($page['page_id']);
        $title = mysql_real_escape_string($_POST['title']);
        $content = mysql_real_escape_string($_POST['content']);
        $order = mysql_do_query("SELECT count(*) as `c` FROM `cms_sections` WHERE `page_id` = '{$page_id}'");
        $order = mysql_fetch_assoc($order);
        $order = mysql_real_escape_string($order['c']);
        mysql_do_query("INSERT INTO `cms_sections`\n                            SET `page_id`='{$page_id}', \n                                `order`='{$order}', \n                                `section_title`='{$title}',\n                                `section_text`='{$content}'");
        header("location: " . $page['parent_path'] . $page['page_key']);
        die;
    }
    $c = "<form action=\"{$page['parent_path']}{$page['page_key']}.createsection\" method=\"POST\">";
    $c .= "Section title:<br><input type=\"text\" name=\"title\" size=\"95\"><br><br>";
    $c .= "Content:<br><textarea name=\"content\" cols=\"80\" rows=\"10\"></textarea><br>";
    $c .= "<input type=\"Submit\" name=\"Submit\" value=\"Submit\"></form>";
    $content .= section("Create section...", $c);
}

Esempio n. 5

0

Mostra file

File: swap.php Progetto: kaithar/livepage

<?php

$showpage = 1;
$page_id = mysql_real_escape_string($page['page_id']);
$sections = mysql_do_query("SELECT * FROM `cms_sections` WHERE `page_id` = '{$page_id}'");
$last = mysql_num_rows($sections);
$lower = min($vfile[2], $vfile[3]);
$upper = max($vfile[2], $vfile[3]);
if ($lower < 0 || $upper > $last || $lower + 1 != $upper) {
    $content .= "Sorry, that isn't valid. {$lower} {$upper} {$last}";
} else {
    mysql_do_query("UPDATE `cms_sections`\n                     SET `order`= -1 \n                   WHERE `page_id` = '{$page_id}'\n                     AND `order`='" . mysql_real_escape_string($lower) . "'");
    mysql_do_query("UPDATE `cms_sections`\n                     SET `order`= '" . mysql_real_escape_string($lower) . "'\n                   WHERE `page_id` = '{$page_id}'\n                     AND `order`='" . mysql_real_escape_string($upper) . "'");
    mysql_do_query("UPDATE `cms_sections`\n                     SET `order`= '" . mysql_real_escape_string($upper) . "'\n                   WHERE `page_id` = '{$page_id}'\n                     AND `order`='-1'");
}
// End If ($lower & $upper == good) {} Else

Esempio n. 6

0

Mostra file

File: db.php Progetto: kaithar/livepage

mysql_select_db($config['db_name']) or die("Could not select database");
function mysql_do_query($sql, $comment = "")
{
    $result = mysql_query($sql) or die("Sql Error!<br><br>{$sql}<br><br>" . mysql_error());
    return $result;
}
function dbclose()
{
    mysql_close();
}
if (!defined("INSTALLER")) {
    $cuser = isset($_COOKIE["cuser"]) ? $_COOKIE["cuser"] : array("user_id" => 0, "sid" => "");
    $sql = "SELECT *\n            FROM cms_sessions\n            WHERE user_id='" . mysql_real_escape_string($cuser['user_id']) . "'\n              AND session_id='" . mysql_real_escape_string($cuser['sid']) . "'\n            LIMIT 1";
    $result = mysql_do_query($sql);
    if (mysql_num_rows($result) == 1) {
        $result = $session = mysql_fetch_assoc($result);
        $sql = "SELECT `user_id`,`uname`,`displayname`,`editcontent`\n              FROM `cms_users` WHERE user_id='" . mysql_real_escape_string($result['user_id']) . "'";
        $result = mysql_do_query($sql);
        $user = mysql_fetch_assoc($result);
        mysql_do_query("UPDATE cms_sessions\n                 SET lastview='" . time() . "'\n                 WHERE user_id='" . mysql_real_escape_string($cuser['user_id']) . "'\n                   AND session_id='" . mysql_real_escape_string($cuser['sid']) . "'");
    } else {
        $user = array("editcontent" => 0);
        $session = array();
    }
    $sql = mysql_do_query("SELECT * FROM `cms_config`");
    $site_config = mysql_fetch_assoc($sql);
    if ($site_config['lock_message']) {
        die($site_config['lock_message']);
    }
    require_once "includes/db_revision_test.php";
}

Esempio n. 7

0

Mostra file

File: index.php Progetto: kaithar/livepage

        }
    }
}
/*****************************************************************************************************
 * Call out for special includes
 * TODO: This represents a potential security hole and should be removed.
 */
if ($showpage && $page["page_include"]) {
    $showpage = 0;
    include $page["page_include"];
}
/*****************************************************************************************************
 * Render the page if required.
 */
if ($showpage) {
    $mysections = mysql_do_query("SELECT *\n                                  FROM `cms_sections`\n                             LEFT JOIN `cms_template_section_config` ON `template_section_id` = `section_id`\n                                 WHERE `page_id`='" . mysql_real_escape_string($page['page_id']) . "'\n                                   AND ( `template_name` IS NULL\n                                      OR `template_name` = '" . mysql_real_escape_string($site_config['template']) . "'\n                                       )\n                              ORDER BY `order` ASC");
    if (mysql_num_rows($mysections) == 0) {
        $content .= "This page appears to be empty...";
    } else {
        // $links = "&nbsp;&nbsp;&nbsp;Content list:<br><br>";
        $links = "";
        $body = "";
        $last = mysql_num_rows($mysections) - 1;
        while ($section = mysql_fetch_assoc($mysections)) {
            // $links .= '<a class="contentmenuitem" href="#s'.$section['order'].'">'.($section['order']+1).'. '.$section['section_title'].'</a>';
            $body .= section('<a name="s' . $section['order'] . '"/>' . $section['section_title'] . ($user['editcontent'] == 1 ? '<div style="float:right;position:relative;top:-' . ($section['section_title'] ? '1.2' : '0.5') . 'em;">(Move ' . ($section['order'] > 0 ? '<a href="' . $page['path'] . '.swap.' . ($section['order'] - 1) . '.' . $section['order'] . '">Up</a>' : 'Up') . ' or ' . ($section['order'] != $last ? '<a href="' . $page['path'] . '.swap.' . $section['order'] . '.' . ($section['order'] + 1) . '">Down</a>' : 'Down') . ', <a href="' . $page['path'] . '.edit.' . $section['section_id'] . '">Edit</a>' . ', <a href="' . $page['path'] . '.del.' . $section['section_id'] . '">Del</a>)</div>' : ''), nl2br($section['section_text']), $section['template_data']);
        }
        $content .= $links . $body;
    }
}
/*****************************************************************************************************

Esempio n. 8

0

Mostra file

File: delpage.php Progetto: kaithar/livepage

<?php

die("Depreciated");
if (isset($page['params'][1]) && $page['params'][1] == "CONFIRM") {
    $page_id = mysql_real_escape_string($page['page_id']);
    mysql_do_query("DELETE FROM `cms_sections` WHERE `page_id`='{$page_id}'");
    mysql_do_query("DELETE FROM `cms_pages` WHERE `page_id`='{$page_id}'");
    header("location: {$page['parent_path']}");
    die;
}
$content .= section("Delete PAGE...", "Are you sure you want to delete this PAGE? <a href=\"{$page['path']}.delpage.CONFIRM\">YES</a> / <a href=\"{$page['path']}\">NO</a>");
?>

Esempio n. 9

0

Mostra file

File: config.php Progetto: kaithar/livepage

<?php

if (isset($_POST['submit']) && $_POST['submit'] == "Submit") {
    $site_name = mysql_real_escape_string($_POST['site_name']);
    $footer = mysql_real_escape_string($_POST['footer']);
    mysql_do_query("UPDATE `cms_config` \n                     SET `site_name`='{$site_name}',\n                         `footer` = '{$footer}'");
    die('setHTML("footerDiv","' . $footer . '");window.top.document.title = "' . $site_name . ' - Admin Interface";');
}
$c = '<form action="/lp-admin.config" method="POST" id="config">';
$c .= "Site name: <input type=\"text\" name=\"site_name\" size=\"95\" value=\"{$site_config['site_name']}\"><br/><br/>";
$c .= "Site footer: <input type=\"text\" name=\"footer\" size=\"95\" value=\"{$site_config['footer']}\"><br/><br/>";
$c .= "<input type=\"button\" name=\"submit\" value=\"Submit\" onClick=\"postForm('config')\"></form>";
$content .= section("General Config", $c);

Esempio n. 10

0

Mostra file

File: del.php Progetto: kaithar/livepage

<?php

if (isset($page['params'][1]) && isset($page['params'][2]) && $page['params'][2] == "CONFIRM") {
    $page_id = mysql_real_escape_string($page['page_id']);
    $section = mysql_do_query("SELECT * FROM `cms_sections`\n                              WHERE `page_id` = '{$page_id}'\n                                AND `section_id` = '" . mysql_real_escape_string($page['params'][1]) . "'");
    if (mysql_num_rows($section) == 0) {
        header("location: " . $page['path']);
        die;
    }
    $section = mysql_fetch_assoc($section);
    mysql_do_query("DELETE FROM `cms_sections` \n                        WHERE `section_id`='" . mysql_real_escape_string($page['params'][1]) . "'\n                        LIMIT 1");
    mysql_do_query("UPDATE `cms_sections`\n                     SET `order` = `order` - 1\n                   WHERE `page_id`='{$page_id}'\n                     AND `order`>='" . mysql_real_escape_string($section['order']) . "'");
    header("location: " . $page['path']);
    die;
}
$content .= section("Delete section...", "Are you sure you want to delete this section? <a href=\"{$page['path']}.del.{$page['params'][1]}.CONFIRM\">YES</a> / <a href=\"{$page['path']}\">NO</a>");
?>

Esempio n. 11

0

Mostra file

File: logo.php Progetto: kaithar/livepage

        die('<script type="text/javascript">alert("Image too big");</script>');
    }
    $newFile = "files/" . $config['domain'] . "/images/";
    if (!file_exists($newFile)) {
        if (mkdir($newFile, 0755, true)) {
            die('<script type="text/javascript">alert("Not permissive enough");</script>');
        }
    }
    $newFile .= urlencode($_FILES['userfile']['name']);
    move_uploaded_file($_FILES['userfile']['tmp_name'], $newFile);
    $newLogo = "/files/images/" . urlencode($_FILES['userfile']['name']);
    if ($site_config['logo'] != "/images/logo.png" && $site_config['logo'] != $newLogo) {
        $tempLogo = str_replace("/files", "files/" . $config['domain'], $site_config['logo']);
        $type = @exif_imagetype($tempLogo);
        if ($type == IMAGETYPE_GIF || $type == IMAGETYPE_JPEG || $type == IMAGETYPE_PNG) {
            unlink($tempLogo);
        }
    }
    $newLogo = mysql_real_escape_string($newLogo);
    mysql_do_query("UPDATE `cms_config` \r\n                     SET `logo`='" . $newLogo . "'");
    die('<script type="text/javascript">var i = window.top.document.getElementById("logo"); i.src = "' . $newLogo . '";</script>');
}
$c = '<form enctype="multipart/form-data" action="/lp-admin.logo" method="POST" target="upload_frame">';
$c .= "<!-- MAX_FILE_SIZE must precede the file input field -->";
$c .= "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"102400\">";
$c .= "<!-- Name of input element determines name in {$_FILES} array -->";
$c .= "Upload logo: <input name=\"userfile\" type=\"file\" size=50/><br/><br/>";
$c .= "<input type=\"submit\" name=\"logo\" value=\"Upload\"/>";
$c .= "</form><br/>";
$c .= '<iframe id="upload_frame" name="upload_frame" src="about:blank" style="width:0px; height:0px; border: 0px;"/>';
$content .= section("Upload Logo", $c);

Esempio n. 12

0

Mostra file

File: login.php Progetto: kaithar/livepage

        $errors[] = "Missing username";
    }
    if (!$pass) {
        $errors[] = "Missing password";
    }
    if (count($errors) == 0) {
        $sql = "SELECT *\n              FROM cms_users\n              WHERE `uname` = '" . mysql_real_escape_string($username) . "'\n                AND `password` = '" . mysql_real_escape_string(md5($pass)) . "'\n                AND `fails` <=3\n                AND `lastfail` <= " . (time() + 15 * 60) . "\n              LIMIT 1";
        $result = mysql_do_query($sql);
        if (mysql_num_rows($result) != 1) {
            $errors[] = "Sorry, bad username/password";
            mysql_do_query("UPDATE cms_users\n                        SET `lastfail`='" . mysql_real_escape_string(time()) . "',\n                          `fails`=fails+1\n                        WHERE\n                          `uname`='" . mysql_real_escape_string($username) . "'");
        } else {
            $user = mysql_fetch_assoc($result);
            mysql_do_query("UPDATE cms_users\n                        SET `lastfail`='0', `fails`='0' \n                        WHERE `user_id`= '" . mysql_real_escape_string($user['user_id']) . "'");
            $sid = md5(uniqid(rand(), true));
            $sql = "INSERT INTO cms_sessions (`user_id`,`session_id`,`lastview`)\n                VALUES ('" . mysql_real_escape_string($user['user_id']) . "',\n                        '" . mysql_real_escape_string($sid) . "',\n                        UNIX_TIMESTAMP())";
            mysql_do_query($sql);
            setcookie("cuser[sid]", $sid, time() + 60 * 60 * 24 * 365 * 10, "/", $_SERVER["HTTP_HOST"], 0);
            setcookie("cuser[user_id]", $user['user_id'], time() + 60 * 60 * 24 * 365 * 10, "/", $_SERVER["HTTP_HOST"], 0);
            dbclose();
            header("location: /");
            die;
        }
    }
}
$content .= section("Login...", '<form method="POST" action="/login">
					<table border="0" cellpadding="3">
						<tr><td>Username:</td><td><input type="text" name="uname"/></td></tr>
						<tr><td>Password:</td><td><input type="password" name="pass"/></td></tr>
						<tr><td colspan=2><input type="submit" name="Login" value="Login"/></td></tr>
					</table></form>');

Esempio n. 13

0

Mostra file

File: create.php Progetto: kaithar/livepage

<?php

die("Depreciated page!");
if ($page['found'] == false) {
    $parent_id = 0;
    foreach ($path as $cat) {
        if ($cat['found'] == false) {
            $key = mysql_real_escape_string($cat['cat_key']);
            mysql_do_query("INSERT INTO `cms_categories`\n                              SET `cat_parent` = '" . mysql_real_escape_string($parent_id) . "',\n                                  `cat_key` = '{$key}',\n                                  `cat_title` = '{$key}'");
            // Note: this relies on there being no other queries after the insert.
            // It'll probably break if there is.
            $parent_id = mysql_insert_id();
        } else {
            $parent_id = $cat['cat_id'];
        }
    }
    mysql_do_query("INSERT INTO `cms_pages`\n                          SET `page_key` = '" . mysql_real_escape_string($page['page_key']) . "',\n                              `page_category` = '" . mysql_real_escape_string($parent_id) . "',\n                              `page_title` = 'Under Construction'");
    header("location: " . $page['parent_path'] . $page['page_key']);
    die;
}
$showpage = 1;

Esempio n. 14

0

Mostra file

File: move.php Progetto: kaithar/livepage

    $page_id = mysql_real_escape_string($page['page_id']);
    $key = mysql_real_escape_string(preg_replace("/\\s+/", "_", $_POST['location']));
    $cat = mysql_real_escape_string($_POST['category']);
    if (!preg_match("/^[a-zA-Z0-9_\\!()\\^]+\$/", $key)) {
        $content .= "Please use only letters (a to z), numbers (0-9), '_', '!', '(', ')' and '^' in key names.<br/>";
        $content .= "If you feel that this range is insufficent, please file a bug.<br/><br/>";
    } else {
        $keytest = mysql_do_query("SELECT * FROM `cms_pages` WHERE `page_key`='{$key}' AND `page_category`='{$cat}'");
        if (mysql_num_rows($keytest) > 0) {
            $content .= "Sorry, that page is in use</br></br>";
        } else {
            $results = mysql_do_query("SELECT * FROM `cms_categories`\n\t\t\tWHERE `cat_key` = '" . $key . "'\n\t\t\t  AND `cat_parent` = '" . $cat . "'");
            if (mysql_num_rows($results) != 0) {
                die("alert('Sub Folder exists');");
            }
            mysql_do_query("UPDATE `cms_pages` SET `page_key`='{$key}', `page_category`='{$cat}'\n                       WHERE `page_id`='" . mysql_real_escape_string($page_id) . "'");
            header("location: " . $tree['ids'][$cat]['path'] . "/" . $key);
            die;
        }
    }
}
$c = "<form action=\"{$page['path']}.move\" method=\"POST\">";
$c .= "Move to:<br/><select name=\"category\">";
foreach ($tree['flat'] as $tcat) {
    $c .= "<option value=\"{$tcat['cat_id']}\"" . ($tcat['cat_id'] == $page['page_category'] ? " selected=\"selected\"" : "") . ">";
    $c .= $tcat['flat_path'] . "</option>";
}
$c .= "</select> ";
$c .= "<input type=\"text\" name=\"location\" size=\"95\" value=\"{$page['page_key']}\"><br>";
$c .= "<input type=\"Submit\" name=\"Submit\" value=\"Submit\"></form>";
$content .= section("Move page...", $c);

Esempio n. 15

0

Mostra file

File: sidebar.php Progetto: kaithar/livepage

                    $title = "Separator";
                }
                $content .= section("Edit menu item: " . $title, $c);
            } else {
                if ($page['params'][1] == "delete" && isset($page['params'][2])) {
                    /*
                     * Remove an item from the menu.
                     */
                    $menuitem = mysql_do_query("SELECT * FROM `cms_menu`\n        WHERE `item_id` = '" . mysql_real_escape_string($page['params'][2]) . "'");
                    if (mysql_num_rows($menuitem) == 0) {
                        header("location: " . $page['path'] . ".sidebar");
                        die;
                    }
                    $menuitem = mysql_fetch_assoc($menuitem);
                    mysql_do_query("DELETE FROM `cms_menu` \n        WHERE `item_id`='" . mysql_real_escape_string($page['params'][2]) . "'\n        LIMIT 1");
                    mysql_do_query("UPDATE `cms_menu`\n        SET `item_order` = `item_order` - 1\n        WHERE `item_order`>='" . mysql_real_escape_string($menuitem['item_order']) . "'");
                    header("location: " . $page['path'] . ".sidebar");
                    die;
                }
            }
        }
    }
} else {
    /*
     * Render the sidebar overview page.
     */
    $c = "<table border=\"1\" cellpadding=\"5\">";
    $c .= "<tr><th>Category</th><th>Menu Text</th><th>Target url</th><th>Actions</th></tr>";
    while ($item = mysql_fetch_assoc($menu)) {
        $c .= "<tr><td>{$tree['ids'][$item['item_category']]['flat_path']}</td>";
        if ($item['item_separator'] == 1) {

Esempio n. 16

0

Mostra file

File: install.php Progetto: kaithar/livepage

<?php

define("INSTALLER", true);
/* This could be interesting...
 * First thing we need to do is see if we can actually find a database config...
 */
print "<b>Attempting to load config data...</b><br/>";
require_once "includes/env_init.php";
/* Is it empty? */
print "<b>Looking for existing tables...</b><br/>";
$extables = array("cms_categories", "cms_config", "cms_menu", "cms_pages", "cms_sections", "cms_sessions", "cms_users");
$tablesql = mysql_do_query("SHOW TABLES");
$tables = array();
while ($table = mysql_fetch_array($tablesql)) {
    $tables[$table[0]] = true;
}
foreach ($extables as $v) {
    if (isset($tables[$v])) {
        die("Existing tables found!");
    }
}
/* Appropriate file storage? */
print "<b>Checking file stores...</b><br/>";
if (!file_exists("files/")) {
    die("files/ doesn't exist.");
}
if (!file_exists("files/" . $config['domain'] . "/")) {
    if (!is_writable("files/")) {
        die("files/ isn't writable and the file store for this domain doesn't exist.");
    }
    mkdir("files/" . $config['domain']);

Esempio n. 17

0

Mostra file

File: header.php Progetto: kaithar/livepage

<?php

$settings = array("title_bg" => "", "menu_bg" => "");
if ($page['template_data'] != "") {
    $s = explode(";", $page['template_data']);
    foreach ($s as $ss) {
        $ss = explode(":", $ss);
        $settings[$ss[0]] = $ss[1];
    }
}
$menu_links = array();
$menu_css = "";
$mylinks = mysql_do_query("SELECT * \n       FROM `cms_menu`\n  LEFT JOIN `cms_template_menu_config` ON `template_menu_id` = `item_id`\n      WHERE `template_name` IS NULL\n         OR `template_name` = '" . mysql_real_escape_string($site_config['template']) . "'\n   ORDER BY `item_order` ASC");
while ($item = mysql_fetch_assoc($mylinks)) {
    if (isset($visible_categories[$item['item_category']])) {
        /*
         * Per menu item css
         */
        $menu_item_css = "";
        if ($item['template_data'] != "") {
            $s = explode(";", $item['template_data']);
            foreach ($s as $ss) {
                $ss = explode(":", $ss);
                switch ($ss[0]) {
                    case "bg":
                        $menu_item_css .= "background: " . $ss[1] . ";";
                        break;
                }
            }
        }
        if ($menu_item_css != "") {

Esempi in PHP per mysql_do_query