function main_page($enabled)
{
    $form = new Form('index.php?module=cloudflare-ipv46&action=change', 'post');
    $form_container = new FormContainer("IPv6 Support");
    $form_container->output_row('IPv6 Support', 'Enable IPv6 support and gateway', $form->generate_yes_no_radio('enable_ipv6', $enabled ? "1" : "0"));
    $form_container->end();
    $buttons[] = $form->generate_submit_button('Submit');
    $form->output_submit_wrapper($buttons);
    $form->end();
}
function main_page($current_cache_level, $modified_on)
{
    $form = new Form('index.php?module=cloudflare-cache_lvl&action=change', 'post');
    $form_container = new FormContainer('Modify Cache Level');
    $form_container->output_row('Cache Level', "Cache Level functions based off the setting level. The basic setting will cache most static resources (i.e., css, images, and JavaScript). The simplified setting will ignore the query string when delivering a cached resource. The aggressive setting will cache all static resources, including ones with a query string. ", $form->generate_select_box('cache_level', array('basic' => 'Basic', 'simplified' => 'Simplified', 'aggressive' => 'Aggressive'), $current_cache_level));
    $form_container->end();
    $buttons[] = $form->generate_submit_button('Submit');
    $form->output_submit_wrapper($buttons);
    $form->end();
}
function main_page()
{
    $form = new Form("index.php?module=cloudflare-whitelist&action=run", "post");
    $form_container = new FormContainer("Whitelist an IP");
    $form_container->output_row("IP Address", "The IP address you would like to whitelist", $form->generate_text_box('ip_address'));
    $form_container->output_row("Notes", "Any notes you would like to add", $form->generate_text_box('notes'));
    $form_container->end();
    $buttons[] = $form->generate_submit_button("Submit");
    $form->output_submit_wrapper($buttons);
    $form->end();
}
function main_page()
{
    $form = new Form("index.php?module=cloudflare-blacklist&action=run", "post");
    $form_container = new FormContainer("Blacklist an IP");
    $form_container->output_row("IP Address", "The IP address you would like to blacklist<br /><b>Only a single IP is currently supported!</b>", $form->generate_text_box('ip_address'));
    $form_container->output_row("Notes", "Any notes you would like to add", $form->generate_text_box('notes'));
    $form_container->end();
    $buttons[] = $form->generate_submit_button("Submit");
    $form->output_submit_wrapper($buttons);
    $form->end();
}
function main_page()
{
    $form = new Form("index.php?module=cloudflare-challenge&amp;action=add_ip", "post");
    $form_container = new FormContainer("Challenge an IP");
    $form_container->output_row("IP Address", "The IP address won't be able to access your site until they have completed the captcha successfully or you have removed them from the challenge list.", $form->generate_text_box('ip_address'));
    $form_container->output_row("Notes", "Any notes you would like to add", $form->generate_text_box('notes'));
    $form_container->end();
    $buttons[] = $form->generate_submit_button("Submit");
    $form->output_submit_wrapper($buttons);
    $form->end();
}
function main_page()
{
    $form = new Form('index.php?module=cloudflare-purge_cache&amp;action=purge', 'post');
    $form_container = new FormContainer('Purge Cache');
    $form_container->output_row('Purge Entire Cache', 'Remove ALL files from CloudFlare\'s cache. This will include javascript, stylesheets and images. CloudFlare can take up to 3 hours to recache resources again<br /><b>Note: </b>This may have dramatic affects on your origin server load after performing this action.', $form->generate_yes_no_radio('purge_input', 0));
    $form_container->output_row('Purge by URL', 'Granularly remove one or more files from CloudFlare\'s cache either by specifying the URL<br /><b>Note: </b><u>One</u> URL per line (max: 30)', $form->generate_text_area('urls'));
    $form_container->end();
    $buttons[] = $form->generate_submit_button('Submit');
    $form->output_submit_wrapper($buttons);
    $form->end();
}
function main_page($in_dev_mode, $time_remaining = 0)
{
    global $page;
    if ($in_dev_mode) {
        $page->output_alert("CloudFlare is currently in development mode. This will expire in " . gmdate("H:i:s", $time_remaining));
    }
    $form = new Form('index.php?module=cloudflare-dev_mode&amp;action=change', 'post');
    $form_container = new FormContainer('Change development mode');
    $form_container->output_row('Development Mode', "This will bypass CloudFlare's accelerated cache and slow down your site, but is useful if you are making changes to cacheable content (like images, css, or JavaScript) and would like to see those changes right away.", $form->generate_on_off_radio('dev_mode', $in_dev_mode ? 1 : 0));
    $form_container->end();
    $buttons[] = $form->generate_submit_button('Submit');
    $form->output_submit_wrapper($buttons);
    $form->end();
}
function main_page($current_setting)
{
    global $security_levels;
    $form = new Form('index.php?module=cloudflare-security_lvl&amp;action=change_security_level', 'post');
    $form_container = new FormContainer('Modify Security Level');
    $form_container->output_row('Security Level', 'The Security Level you choose will determine which visitors will be presented with a challenge page<br />
		<ul>
			<li><b>Essentially Off:</b> Challenges only the most grievous offenders</li>
			<li><b>Low:</b> Challenges only the most threatening visitors</li>
			<li><b>Medium:</b> Challenges both moderate threat visitors and the most threatening visitors</li>
			<li><b>High:</b> Challenges all visitors that have exhibited threatening behavior within the last 14 days</li>
			<li><b>I\'m Under Attack!:</b> Should only be used if your website is under a DDoS attack</li>
				<ul><li>Visitors will receive an interstitial page while we analyze their traffic and behavior to make sure they are a legitimate human visitor trying to access your website</li></ul>
			</li>
		</ul>', $form->generate_select_box('sec_level', $security_levels, $current_setting));
    $form_container->end();
    $buttons[] = $form->generate_submit_button('Submit');
    $form->output_submit_wrapper($buttons);
    $form->end();
}
Esempio n. 9
0
function tslink_admin()
{
    global $db, $lang, $mybb, $page, $run_module, $action_file, $plugins, $cache;
    $lang->load('tslink');
    if ($run_module == 'user' && $action_file == 'tslink') {
        $page->add_breadcrumb_item($lang->tslink_plugin_name, 'index.php?module=tslink');
        if ($mybb->input['action'] == 'tslink_changestatus') {
            $mybb_uid = intval($mybb->input['uid']);
            $changeto = intval($mybb->input['changeto']);
            $db->query('UPDATE ' . TABLE_PREFIX . "users SET memberstatus= '" . $changeto . "' WHERE uid='" . $mybb_uid . "'");
            $queryUser = $db->simple_select('users', 'username, lastip', "uid='{$mybb_uid}'");
            $bin_ip_in_db = $db->fetch_field($queryUser, 'lastip');
            $givenip = my_inet_ntop($db->unescape_binary($bin_ip_in_db));
            $forUser = $db->fetch_field($queryUser, 'username');
            // If there's an ip of the user in de database, update the unique id's in the database
            if (!empty($givenip)) {
                tslink_log("=============================================================\n=================== " . date('d-m-Y H:i:s') . " =====================\n=============================================================\n", $forUser);
                tslink_log('Started on AdminCP by ' . $mybb->user['username'] . ' - IP address of user available (' . $givenip . ') - doing tslink_update_uids & tslink_update_groups', $forUser);
                $tslink_update_uids_results = tslink_update_uids($givenip);
                tslink_log($tslink_update_uids_results, $forUser);
                $message = $lang->tslink_status_changed;
            }
            // If there's no lastip of the user in the database - dont try to update the unique id's in the database
            if (empty($givenip)) {
                tslink_log("=============================================================\n=================== " . date('d-m-Y H:i:s') . " =====================\n=============================================================\n", $forUser);
                tslink_log('Started on AdminCP ' . $mybb->user['username'] . ' - IP address of user NOT available - only doing tslink_update_groups to update previously registered TS uids', $forUser);
                $tslink_update_groups_results = tslink_update_groups($mybb_uid);
                tslink_log($tslink_update_groups_results, $forUser);
                $message = $lang->tslink_status_changed;
            }
            admin_redirect('index.php?module=user-tslink');
        }
        if (!$mybb->input['action'] || $mybb->input['action'] == 'conntest') {
            $page->output_header($lang->tslink);
            $sub_tabs['tslink'] = ['title' => $lang->tslink_tab_home, 'link' => 'index.php?module=user-tslink', 'description' => $lang->tslink_admin_tab_home_desc];
            $sub_tabs['tslink-conntest'] = ['title' => $lang->tslink_admin_tsinfo_title, 'link' => 'index.php?module=user-tslink&action=conntest', 'description' => $lang->tslink_admin_tsinfo_desc];
        }
        if ($mybb->input['action'] == 'conntest') {
            require __DIR__ . '/config.php';
            $page->output_nav_tabs($sub_tabs, 'tslink-conntest');
            //build a new ts3admin object
            $ts3 = new ts3admin($ts3_server, $ts3_query_port);
            if ($ts3->getElement('success', $ts3->connect())) {
                //login as serveradmin
                $ts3->login($ts3_username, $ts3_password);
                //select teamspeakserver
                $ts3->selectServer($ts3_server_port);
                // Set displayed name in TS to given
                $ts3->setName($ts3_nickname);
                $form = new Form('index.php?module=user-tslink&action=conntest', 'post');
                $form_container = new FormContainer($lang->tslink_admin_tsinfo_full_title);
                $form_container->output_row($lang->tslink_admin_server_version, $ts3->version()['data']['version']);
                $form_container->output_row($lang->tslink_admin_server_platform, $ts3->version()['data']['platform']);
                $form_container->output_row($lang->tslink_admin_server_online_clients, $ts3->serverInfo()['data']['virtualserver_clientsonline'] . '/' . $ts3->serverInfo()['data']['virtualserver_maxclients']);
                $form_container->end();
                $form->end();
            } else {
                echo 'Connection could not be established.';
            }
            /*
             * This code retuns all errors from the debugLog
             */
            if (count($ts3->getDebugLog()) > 0) {
                foreach ($ts3->getDebugLog() as $logEntry) {
                    echo '<script>alert("' . $logEntry . '");</script>';
                }
            }
            $page->output_footer();
        }
        if (!$mybb->input['action']) {
            $page->output_nav_tabs($sub_tabs, 'tslink');
            $form = new Form('index.php?module=user-tslink', 'post');
            $form_container = new FormContainer($lang->tslink_admin_table_heading_users);
            $form_container->output_row_header($lang->tslink_admin_row_username, ['class' => 'align_left', width => '50%']);
            $form_container->output_row_header($lang->tslink_admin_row_status, ['class' => 'align_center']);
            $form_container->output_row_header($lang->tslink_admin_row_options, ['class' => 'align_center']);
            $form_container->output_row_header($lang->tslink_admin_row_options, ['class' => 'align_center']);
            $query = $db->simple_select('users', 'uid, username, memberstatus', '', ['order_by' => 'username', 'order_dir' => 'ASC']);
            while ($users = $db->fetch_array($query)) {
                $form_container->output_cell("<div style=\"\"><strong>{$users['username']}</strong></div>");
                if ($users['memberstatus'] == '0') {
                    $form_container->output_cell('<div style=""><strong>Member</strong></div>', ['class' => 'align_center']);
                    $form_container->output_cell("<a href=\"index.php?module=user-tslink&amp;action=tslink_changestatus&amp;uid={$users['uid']}&amp;changeto=1\">{$lang->tslink_admin_row_changestatus1}</a>", ['class' => 'align_center']);
                    $form_container->output_cell("<a href=\"index.php?module=user-tslink&amp;action=tslink_changestatus&amp;uid={$users['uid']}&amp;changeto=2\">{$lang->tslink_admin_row_changestatus2}</a>", ['class' => 'align_center']);
                } elseif ($users['memberstatus'] == '1') {
                    $form_container->output_cell('<div style=""><strong>Donating Member</strong></div>', ['class' => 'align_center']);
                    $form_container->output_cell("<a href=\"index.php?module=user-tslink&amp;action=tslink_changestatus&amp;uid={$users['uid']}&amp;changeto=0\">{$lang->tslink_admin_row_changestatus0}</a>", ['class' => 'align_center']);
                    $form_container->output_cell("<a href=\"index.php?module=user-tslink&amp;action=tslink_changestatus&amp;uid={$users['uid']}&amp;changeto=2\">{$lang->tslink_admin_row_changestatus2}</a>", ['class' => 'align_center']);
                } elseif ($users['memberstatus'] == '2') {
                    $form_container->output_cell('<div style=""><strong>VIP Member</strong></div>', ['class' => 'align_center']);
                    $form_container->output_cell("<a href=\"index.php?module=user-tslink&amp;action=tslink_changestatus&amp;uid={$users['uid']}&amp;changeto=0\">{$lang->tslink_admin_row_changestatus0}</a>", ['class' => 'align_center']);
                    $form_container->output_cell("<a href=\"index.php?module=user-tslink&amp;action=tslink_changestatus&amp;uid={$users['uid']}&amp;changeto=1\">{$lang->tslink_admin_row_changestatus1}</a>", ['class' => 'align_center']);
                }
                $form_container->construct_row();
            }
            $form_container->end();
            $form->end();
            $page->output_footer();
        }
    }
}
Esempio n. 10
0
    $form_container->output_row($lang->copy_thread . " <em>*</em>", '', $actions);
    $form_container->output_row($lang->delete_thread . " <em>*</em>", '', $form->generate_yes_no_radio('deletethread', $mybb->input['deletethread']));
    $query = $db->simple_select('threadprefixes', 'pid, prefix');
    if ($db->num_rows($query) > 0) {
        $thread_prefixes = array('-1' => $lang->no_change, '0' => $lang->no_prefix);
        while ($prefix = $db->fetch_array($query)) {
            $thread_prefixes[$prefix['pid']] = $prefix['prefix'];
        }
        $form_container->output_row($lang->apply_thread_prefix . " <em>*</em>", '', $form->generate_select_box('threadprefix', $thread_prefixes, $mybb->input['threadprefix'], array('id' => 'threadprefix')), 'threadprefix');
    }
    $form_container->output_row($lang->new_subject . " <em>*</em>", $lang->new_subject_desc, $form->generate_text_box('newsubject', $mybb->input['newsubject']));
    $form_container->end();
    $form_container = new FormContainer($lang->add_new_reply);
    $form_container->output_row($lang->add_new_reply, $lang->add_new_reply_desc, $form->generate_text_area('newreply', $mybb->input['newreply'], array('id' => 'newreply')), 'newreply');
    $form_container->output_row($lang->reply_subject, $lang->reply_subject_desc, $form->generate_text_box('newreplysubject', $mybb->input['newreplysubject'], array('id' => 'newreplysubject')), 'newreplysubject');
    $form_container->end();
    $buttons[] = $form->generate_submit_button($lang->save_post_tool);
    $form->output_submit_wrapper($buttons);
    $form->end();
    $page->output_footer();
}
if (!$mybb->input['action']) {
    $plugins->run_hooks("admin_config_mod_tools_start");
    $page->output_header($lang->mod_tools . " - " . $lang->thread_tools);
    $sub_tabs['thread_tools'] = array('title' => $lang->thread_tools, 'link' => "index.php?module=config-mod_tools", 'description' => $lang->thread_tools_desc);
    $sub_tabs['add_thread_tool'] = array('title' => $lang->add_new_thread_tool, 'link' => "index.php?module=config-mod_tools&amp;action=add_thread_tool");
    $sub_tabs['post_tools'] = array('title' => $lang->post_tools, 'link' => "index.php?module=config-mod_tools&amp;action=post_tools");
    $sub_tabs['add_post_tool'] = array('title' => $lang->add_new_post_tool, 'link' => "index.php?module=config-mod_tools&amp;action=add_post_tool");
    $page->output_nav_tabs($sub_tabs, 'thread_tools');
    $table = new Table();
    $table->construct_header($lang->title);
Esempio n. 11
0
function user_search_conditions($input = array(), &$form)
{
    global $mybb, $db, $lang;
    if (!$input) {
        $input = $mybb->input;
    }
    if (!is_array($input['conditions'])) {
        $input['conditions'] = unserialize($input['conditions']);
    }
    if (!is_array($input['profile_fields'])) {
        $input['profile_fields'] = unserialize($input['profile_fields']);
    }
    if (!is_array($input['fields'])) {
        $input['fields'] = unserialize($input['fields']);
    }
    $form_container = new FormContainer($lang->find_users_where);
    $form_container->output_row($lang->username_contains, "", $form->generate_text_box('conditions[username]', $input['conditions']['username'], array('id' => 'username')), 'username');
    $form_container->output_row($lang->email_address_contains, "", $form->generate_text_box('conditions[email]', $input['conditions']['email'], array('id' => 'email')), 'email');
    $options = array();
    $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title'));
    while ($usergroup = $db->fetch_array($query)) {
        $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
    }
    $form_container->output_row($lang->is_member_of_groups, $lang->additional_user_groups_desc, $form->generate_select_box('conditions[usergroup][]', $options, $input['conditions']['usergroup'], array('id' => 'usergroups', 'multiple' => true, 'size' => 5)), 'usergroups');
    $form_container->output_row($lang->website_contains, "", $form->generate_text_box('conditions[website]', $input['conditions']['website'], array('id' => 'website')) . " {$lang->or} " . $form->generate_check_box('conditions[website_blank]', 1, $lang->is_not_blank, array('id' => 'website_blank', 'checked' => $input['conditions']['website_blank'])), 'website');
    $form_container->output_row($lang->icq_number_contains, "", $form->generate_text_box('conditions[icq]', $input['conditions']['icq'], array('id' => 'icq')) . " {$lang->or} " . $form->generate_check_box('conditions[icq_blank]', 1, $lang->is_not_blank, array('id' => 'icq_blank', 'checked' => $input['conditions']['icq_blank'])), 'icq');
    $form_container->output_row($lang->aim_handle_contains, "", $form->generate_text_box('conditions[aim]', $input['conditions']['aim'], array('id' => 'aim')) . " {$lang->or} " . $form->generate_check_box('conditions[aim_blank]', 1, $lang->is_not_blank, array('id' => 'aim_blank', 'checked' => $input['conditions']['aim_blank'])), 'aim');
    $form_container->output_row($lang->yahoo_contains, "", $form->generate_text_box('conditions[yahoo]', $input['conditions']['yahoo'], array('id' => 'yahoo')) . " {$lang->or} " . $form->generate_check_box('conditions[yahoo_blank]', 1, $lang->is_not_blank, array('id' => 'yahoo_blank', 'checked' => $input['conditions']['yahoo_blank'])), 'yahoo');
    $form_container->output_row($lang->msn_contains, "", $form->generate_text_box('conditions[msn]', $input['conditions']['msn'], array('id' => 'msn')) . " {$lang->or} " . $form->generate_check_box('conditions[msn_blank]', 1, $lang->is_not_blank, array('id' => 'msn_blank', 'checked' => $input['conditions']['msn_blank'])), 'msn');
    $form_container->output_row($lang->signature_contains, "", $form->generate_text_box('conditions[signature]', $input['conditions']['signature'], array('id' => 'signature')) . " {$lang->or} " . $form->generate_check_box('conditions[signature_blank]', 1, $lang->is_not_blank, array('id' => 'signature_blank', 'checked' => $input['conditions']['signature_blank'])), 'signature');
    $form_container->output_row($lang->user_title_contains, "", $form->generate_text_box('conditions[usertitle]', $input['conditions']['usertitle'], array('id' => 'usertitle')) . " {$lang->or} " . $form->generate_check_box('conditions[usertitle_blank]', 1, $lang->is_not_blank, array('id' => 'usertitle_blank', 'checked' => $input['conditions']['usertitle_blank'])), 'usertitle');
    $greater_options = array("greater_than" => $lang->greater_than, "is_exactly" => $lang->is_exactly, "less_than" => $lang->less_than);
    $form_container->output_row($lang->post_count_is, "", $form->generate_select_box('conditions[postnum_dir]', $greater_options, $input['conditions']['postnum_dir'], array('id' => 'numposts_dir')) . " " . $form->generate_text_box('conditions[postnum]', $input['conditions']['postnum'], array('id' => 'numposts')), 'numposts');
    $form_container->output_row($lang->reg_in_x_days, '', $form->generate_text_box('conditions[regdate]', $input['conditions']['regdate'], array('id' => 'regdate')) . ' ' . $lang->days, 'regdate');
    $form_container->output_row($lang->reg_ip_matches, $lang->wildcard, $form->generate_text_box('conditions[regip]', $input['conditions']['regip'], array('id' => 'regip')), 'regip');
    $form_container->output_row($lang->last_known_ip, $lang->wildcard, $form->generate_text_box('conditions[lastip]', $input['conditions']['lastip'], array('id' => 'lastip')), 'lastip');
    $form_container->output_row($lang->posted_with_ip, $lang->wildcard, $form->generate_text_box('conditions[postip]', $input['conditions']['postip'], array('id' => 'postip')), 'postip');
    $form_container->end();
    // Custom profile fields go here
    $form_container = new FormContainer($lang->custom_profile_fields_match);
    // Fetch custom profile fields
    $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder'));
    while ($profile_field = $db->fetch_array($query)) {
        if ($profile_field['required'] == 1) {
            $profile_fields['required'][] = $profile_field;
        } else {
            $profile_fields['optional'][] = $profile_field;
        }
    }
    output_custom_profile_fields($profile_fields['required'], $input['profile_fields'], $form_container, $form, true);
    output_custom_profile_fields($profile_fields['optional'], $input['profile_fields'], $form_container, $form, true);
    $form_container->end();
    // Autocompletion for usernames
    echo '
	<script type="text/javascript" src="../jscripts/autocomplete.js?ver=140"></script>
	<script type="text/javascript">
	<!--
		new autoComplete("username", "../xmlhttp.php?action=get_users", {valueSpan: "username"});
	// -->
	</script>';
}
/**
 * Builds the "view management" interface allowing administrators to edit their custom designed "views"
 *
 * @param string The base URL to this instance of the view manager
 * @param string The internal type identifier for this view
 * @param array Array of fields this view supports
 * @param array Array of possible sort options this view supports if any
 * @param string Optional callback function which generates list of "conditions" for this view
 */
function view_manager($base_url, $type, $fields, $sort_options = array(), $conditions_callback = "")
{
    global $mybb, $db, $page, $lang;
    $sub_tabs['views'] = array('title' => $lang->views, 'link' => "{$base_url}&amp;action=views", 'description' => $lang->views_desc);
    $sub_tabs['create_view'] = array('title' => $lang->create_new_view, 'link' => "{$base_url}&amp;action=views&amp;do=add", 'description' => $lang->create_new_view_desc);
    $page->add_breadcrumb_item($lang->view_manager, 'index.php?module=user-users&amp;action=views');
    // Lang strings should be in global lang file
    if ($mybb->input['do'] == "set_default") {
        $query = $db->simple_select("adminviews", "vid, uid, visibility", "vid='" . $mybb->get_input('vid', MyBB::INPUT_INT) . "'");
        $admin_view = $db->fetch_array($query);
        if (!$admin_view['vid'] || $admin_view['visibility'] == 1 && $mybb->user['uid'] != $admin_view['uid']) {
            flash_message($lang->error_invalid_admin_view, 'error');
            admin_redirect($base_url . "&action=views");
        }
        set_default_view($type, $admin_view['vid']);
        flash_message($lang->succuss_view_set_as_default, 'success');
        admin_redirect($base_url . "&action=views");
    }
    if ($mybb->input['do'] == "add") {
        if ($mybb->request_method == "post") {
            if (!trim($mybb->input['title'])) {
                $errors[] = $lang->error_missing_view_title;
            }
            if ($mybb->input['fields_js']) {
                $mybb->input['fields'] = explode(",", $mybb->input['fields_js']);
            }
            if (count($mybb->input['fields']) <= 0) {
                $errors[] = $lang->error_no_view_fields;
            }
            if ($mybb->get_input('perpage', MyBB::INPUT_INT) <= 0) {
                $errors[] = $lang->error_invalid_view_perpage;
            }
            if (!in_array($mybb->input['sortby'], array_keys($sort_options))) {
                $errors[] = $lang->error_invalid_view_sortby;
            }
            if ($mybb->input['sortorder'] != "asc" && $mybb->input['sortorder'] != "desc") {
                $errors[] = $lang->error_invalid_view_sortorder;
            }
            if ($mybb->input['visibility'] == 0) {
                $mybb->input['visibility'] = 2;
            }
            if (!$errors) {
                $new_view = array("uid" => $mybb->user['uid'], "title" => $db->escape_string($mybb->input['title']), "type" => $type, "visibility" => $mybb->get_input('visibility', MyBB::INPUT_INT), "fields" => $db->escape_string(my_serialize($mybb->input['fields'])), "conditions" => $db->escape_string(my_serialize($mybb->input['conditions'])), "custom_profile_fields" => $db->escape_string(my_serialize($mybb->input['profile_fields'])), "sortby" => $db->escape_string($mybb->input['sortby']), "sortorder" => $db->escape_string($mybb->input['sortorder']), "perpage" => $mybb->get_input('perpage', MyBB::INPUT_INT), "view_type" => $db->escape_string($mybb->input['view_type']));
                $vid = $db->insert_query("adminviews", $new_view);
                if ($mybb->input['isdefault']) {
                    set_default_view($type, $vid);
                }
                flash_message($lang->success_view_created, "success");
                admin_redirect($base_url . "&vid={$vid}");
            }
        } else {
            $mybb->input = array_merge($mybb->input, array('perpage' => 20));
        }
        // Write in our JS based field selector
        $page->extra_header .= "<script src=\"jscripts/view_manager.js\" type=\"text/javascript\"></script>\n";
        $page->add_breadcrumb_item($lang->create_new_view);
        $page->output_header($lang->create_new_view);
        $form = new Form($base_url . "&amp;action=views&amp;do=add", "post");
        $page->output_nav_tabs($sub_tabs, 'create_view');
        // If we have any error messages, show them
        if ($errors) {
            $page->output_inline_error($errors);
        }
        $form_container = new FormContainer($lang->create_new_view);
        $form_container->output_row($lang->title . " <em>*</em>", "", $form->generate_text_box('title', $mybb->input['title'], array('id' => 'title')), 'title');
        if ($mybb->input['visibility'] == 2) {
            $visibility_public_checked = true;
        } else {
            $visibility_private_checked = true;
        }
        $visibility_options = array($form->generate_radio_button("visibility", "1", "<strong>{$lang->private}</strong> - {$lang->private_desc}", array("checked" => $visibility_private_checked)), $form->generate_radio_button("visibility", "2", "<strong>{$lang->public}</strong> - {$lang->public_desc}", array("checked" => $visibility_public_checked)));
        $form_container->output_row($lang->visibility, "", implode("<br />", $visibility_options));
        $form_container->output_row($lang->set_as_default_view, "", $form->generate_yes_no_radio("isdefault", $mybb->input['isdefault'], array('yes' => 1, 'no' => 0)));
        if (count($sort_options) > 0) {
            $sort_directions = array("asc" => $lang->ascending, "desc" => $lang->descending);
            $form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->input['sortby'], array('id' => 'sortby')) . " {$lang->in} " . $form->generate_select_box('sortorder', $sort_directions, $mybb->input['sortorder'], array('id' => 'sortorder')), 'sortby');
        }
        $form_container->output_row($lang->results_per_page, "", $form->generate_numeric_field('perpage', $mybb->input['perpage'], array('id' => 'perpage', 'min' => 1)), 'perpage');
        if ($type == "user") {
            $form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('view_type', 'table', $lang->table, array('checked' => $mybb->input['view_type'] != "card" ? true : false)) . "<br />" . $form->generate_radio_button('view_type', 'card', $lang->business_card, array('checked' => $mybb->input['view_type'] == "card" ? true : false)));
        }
        $form_container->end();
        $field_select .= "<div class=\"view_fields\">\n";
        $field_select .= "<div class=\"enabled\"><div class=\"fields_title\">{$lang->enabled}</div><ul id=\"fields_enabled\">\n";
        if (is_array($mybb->input['fields'])) {
            foreach ($mybb->input['fields'] as $field) {
                if ($fields[$field]) {
                    $field_select .= "<li id=\"field-{$field}\">&#149; {$fields[$field]['title']}</li>";
                    $active[$field] = 1;
                }
            }
        }
        $field_select .= "</ul></div>\n";
        $field_select .= "<div class=\"disabled\"><div class=\"fields_title\">{$lang->disabled}</div><ul id=\"fields_disabled\">\n";
        foreach ($fields as $key => $field) {
            if ($active[$key]) {
                continue;
            }
            $field_select .= "<li id=\"field-{$key}\">&#149; {$field['title']}</li>";
        }
        $field_select .= "</div></ul>\n";
        $field_select .= $form->generate_hidden_field("fields_js", @implode(",", @array_keys($active)), array('id' => 'fields_js'));
        $field_select = str_replace("'", "\\'", $field_select);
        $field_select = str_replace("\n", "", $field_select);
        $field_select = "<script type=\"text/javascript\">\n//<![CDATA[\ndocument.write('" . str_replace("/", "\\/", $field_select) . "');\n//]]>\n</script>\n";
        foreach ($fields as $key => $field) {
            $field_options[$key] = $field['title'];
        }
        $field_select .= "<noscript>" . $form->generate_select_box('fields[]', $field_options, $mybb->input['fields'], array('id' => 'fields', 'multiple' => true)) . "</noscript>\n";
        $form_container = new FormContainer($lang->fields_to_show);
        $form_container->output_row($lang->fields_to_show_desc, $description, $field_select);
        $form_container->end();
        // Build the search conditions
        if (function_exists($conditions_callback)) {
            $conditions_callback($mybb->input, $form);
        }
        $buttons[] = $form->generate_submit_button($lang->save_view);
        $form->output_submit_wrapper($buttons);
        $form->end();
        $page->output_footer();
    } else {
        if ($mybb->input['do'] == "edit") {
            $query = $db->simple_select("adminviews", "*", "vid='" . $mybb->get_input('vid', MyBB::INPUT_INT) . "'");
            $admin_view = $db->fetch_array($query);
            // Does the view not exist?
            if (!$admin_view['vid'] || $admin_view['visibility'] == 1 && $mybb->user['uid'] != $admin_view['uid']) {
                flash_message($lang->error_invalid_admin_view, 'error');
                admin_redirect($base_url . "&action=views");
            }
            if ($mybb->request_method == "post") {
                if (!trim($mybb->input['title'])) {
                    $errors[] = $lang->error_missing_view_title;
                }
                if ($mybb->input['fields_js']) {
                    $mybb->input['fields'] = explode(",", $mybb->input['fields_js']);
                }
                if (count($mybb->input['fields']) <= 0) {
                    $errors[] = $lang->error_no_view_fields;
                }
                if ($mybb->get_input('perpage', MyBB::INPUT_INT) <= 0) {
                    $errors[] = $lang->error_invalid_view_perpage;
                }
                if (!in_array($mybb->input['sortby'], array_keys($sort_options))) {
                    $errors[] = $lang->error_invalid_view_sortby;
                }
                if ($mybb->input['sortorder'] != "asc" && $mybb->input['sortorder'] != "desc") {
                    $errors[] = $lang->error_invalid_view_sortorder;
                }
                if ($mybb->input['visibility'] == 0) {
                    $mybb->input['visibility'] = 2;
                }
                if (!$errors) {
                    $updated_view = array("title" => $db->escape_string($mybb->input['title']), "type" => $type, "visibility" => $mybb->get_input('visibility', MyBB::INPUT_INT), "fields" => $db->escape_string(my_serialize($mybb->input['fields'])), "conditions" => $db->escape_string(my_serialize($mybb->input['conditions'])), "custom_profile_fields" => $db->escape_string(my_serialize($mybb->input['profile_fields'])), "sortby" => $db->escape_string($mybb->input['sortby']), "sortorder" => $db->escape_string($mybb->input['sortorder']), "perpage" => $mybb->get_input('perpage', MyBB::INPUT_INT), "view_type" => $db->escape_string($mybb->input['view_type']));
                    $db->update_query("adminviews", $updated_view, "vid='{$admin_view['vid']}'");
                    if ($mybb->input['isdefault']) {
                        set_default_view($type, $admin_view['vid']);
                    }
                    flash_message($lang->success_view_updated, "success");
                    admin_redirect($base_url . "&vid={$admin_view['vid']}");
                }
            }
            // Write in our JS based field selector
            $page->extra_header .= "<script src=\"jscripts/view_manager.js\" type=\"text/javascript\"></script>\n";
            $page->add_breadcrumb_item($lang->edit_view);
            $page->output_header($lang->edit_view);
            $form = new Form($base_url . "&amp;action=views&amp;do=edit&amp;vid={$admin_view['vid']}", "post");
            $sub_tabs = array();
            $sub_tabs['edit_view'] = array('title' => $lang->edit_view, 'link' => $base_url . "&amp;action=views&amp;do=edit&amp;vid={$admin_view['vid']}", 'description' => $lang->edit_view_desc);
            $page->output_nav_tabs($sub_tabs, 'edit_view');
            // If we have any error messages, show them
            if ($errors) {
                $page->output_inline_error($errors);
            } else {
                $admin_view['conditions'] = my_unserialize($admin_view['conditions']);
                $admin_view['fields'] = my_unserialize($admin_view['fields']);
                $admin_view['profile_fields'] = my_unserialize($admin_view['custom_profile_fields']);
                $mybb->input = array_merge($mybb->input, $admin_view);
                $mybb->input['isdefault'] = 0;
                $default_view = fetch_default_view($type);
                if ($default_view == $admin_view['vid']) {
                    $mybb->input['isdefault'] = 1;
                }
            }
            $form_container = new FormContainer($lang->edit_view);
            $form_container->output_row($lang->view . " <em>*</em>", "", $form->generate_text_box('title', $mybb->input['title'], array('id' => 'title')), 'title');
            if ($mybb->input['visibility'] == 2) {
                $visibility_public_checked = true;
            } else {
                $visibility_private_checked = true;
            }
            $visibility_options = array($form->generate_radio_button("visibility", "1", "<strong>{$lang->private}</strong> - {$lang->private_desc}", array("checked" => $visibility_private_checked)), $form->generate_radio_button("visibility", "2", "<strong>{$lang->public}</strong> - {$lang->public_desc}", array("checked" => $visibility_public_checked)));
            $form_container->output_row($lang->visibility, "", implode("<br />", $visibility_options));
            $form_container->output_row($lang->set_as_default_view, "", $form->generate_yes_no_radio("isdefault", $mybb->input['isdefault'], array('yes' => 1, 'no' => 0)));
            if (count($sort_options) > 0) {
                $sort_directions = array("asc" => $lang->ascending, "desc" => $lang->descending);
                $form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->input['sortby'], array('id' => 'sortby')) . " {$lang->in} " . $form->generate_select_box('sortorder', $sort_directions, $mybb->input['sortorder'], array('id' => 'sortorder')), 'sortby');
            }
            $form_container->output_row($lang->results_per_page, "", $form->generate_numeric_field('perpage', $mybb->input['perpage'], array('id' => 'perpage', 'min' => 1)), 'perpage');
            if ($type == "user") {
                $form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('view_type', 'table', $lang->table, array('checked' => $mybb->input['view_type'] != "card" ? true : false)) . "<br />" . $form->generate_radio_button('view_type', 'card', $lang->business_card, array('checked' => $mybb->input['view_type'] == "card" ? true : false)));
            }
            $form_container->end();
            $field_select .= "<div class=\"view_fields\">\n";
            $field_select .= "<div class=\"enabled\"><div class=\"fields_title\">{$lang->enabled}</div><ul id=\"fields_enabled\">\n";
            if (is_array($mybb->input['fields'])) {
                foreach ($mybb->input['fields'] as $field) {
                    if ($fields[$field]) {
                        $field_select .= "<li id=\"field-{$field}\">&#149; {$fields[$field]['title']}</li>";
                        $active[$field] = 1;
                    }
                }
            }
            $field_select .= "</ul></div>\n";
            $field_select .= "<div class=\"disabled\"><div class=\"fields_title\">{$lang->disabled}</div><ul id=\"fields_disabled\">\n";
            if (is_array($fields)) {
                foreach ($fields as $key => $field) {
                    if ($active[$key]) {
                        continue;
                    }
                    $field_select .= "<li id=\"field-{$key}\">&#149; {$field['title']}</li>";
                }
            }
            $field_select .= "</div></ul>\n";
            $field_select .= $form->generate_hidden_field("fields_js", @implode(",", @array_keys($active)), array('id' => 'fields_js'));
            $field_select = str_replace("'", "\\'", $field_select);
            $field_select = str_replace("\n", "", $field_select);
            $field_select = "<script type=\"text/javascript\">\n//<![CDATA[\ndocument.write('" . str_replace("/", "\\/", $field_select) . "');\n//]]></script>\n";
            foreach ($fields as $key => $field) {
                $field_options[$key] = $field['title'];
            }
            $field_select .= "<noscript>" . $form->generate_select_box('fields[]', $field_options, $mybb->input['fields'], array('id' => 'fields', 'multiple' => true)) . "</noscript>\n";
            $form_container = new FormContainer($lang->fields_to_show);
            $form_container->output_row($lang->fields_to_show_desc, $description, $field_select);
            $form_container->end();
            // Build the search conditions
            if (function_exists($conditions_callback)) {
                $conditions_callback($mybb->input, $form);
            }
            $buttons[] = $form->generate_submit_button($lang->save_view);
            $form->output_submit_wrapper($buttons);
            $form->end();
            $page->output_footer();
        } else {
            if ($mybb->input['do'] == "delete") {
                if ($mybb->input['no']) {
                    admin_redirect($base_url . "&action=views");
                }
                $query = $db->simple_select("adminviews", "COUNT(vid) as views");
                $views = $db->fetch_field($query, "views");
                if ($views == 0) {
                    flash_message($lang->error_cannot_delete_view, 'error');
                    admin_redirect($base_url . "&action=views");
                }
                $vid = $mybb->get_input('vid', MyBB::INPUT_INT);
                $query = $db->simple_select("adminviews", "vid, uid, visibility", "vid = '{$vid}'");
                $admin_view = $db->fetch_array($query);
                if ($vid == 1 || !$admin_view['vid'] || $admin_view['visibility'] == 1 && $mybb->user['uid'] != $admin_view['uid']) {
                    flash_message($lang->error_invalid_view_delete, 'error');
                    admin_redirect($base_url . "&action=views");
                }
                if ($mybb->request_method == "post") {
                    $db->delete_query("adminviews", "vid='{$admin_view['vid']}'");
                    flash_message($lang->success_view_deleted, 'success');
                    admin_redirect($base_url . "&action=views");
                } else {
                    $page->output_confirm_action($base_url . "&amp;action=views&amp;do=delete&amp;vid={$admin_view['vid']}", $lang->confirm_view_deletion);
                }
            } else {
                if ($mybb->input['do'] == "export") {
                    $xml = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?" . ">\n";
                    $xml = "<adminviews version=\"" . $mybb->version_code . "\" exported=\"" . TIME_NOW . "\">\n";
                    if ($mybb->input['type']) {
                        $type_where = "type='" . $db->escape_string($mybb->input['type']) . "'";
                    }
                    $query = $db->simple_select("adminviews", "*", $type_where);
                    while ($admin_view = $db->fetch_array($query)) {
                        $fields = my_unserialize($admin_view['fields']);
                        $conditions = my_unserialize($admin_view['conditions']);
                        $admin_view['title'] = str_replace(']]>', ']]]]><![CDATA[>', $admin_view['title']);
                        $admin_view['sortby'] = str_replace(']]>', ']]]]><![CDATA[>', $admin_view['sortby']);
                        $admin_view['sortorder'] = str_replace(']]>', ']]]]><![CDATA[>', $admin_view['sortorder']);
                        $admin_view['view_type'] = str_replace(']]>', ']]]]><![CDATA[>', $admin_view['view_type']);
                        $xml .= "\t<view vid=\"{$admin_view['vid']}\" uid=\"{$admin_view['uid']}\" type=\"{$admin_view['type']}\" visibility=\"{$admin_view['visibility']}\">\n";
                        $xml .= "\t\t<title><![CDATA[{$admin_view['title']}]]></title>\n";
                        $xml .= "\t\t<fields>\n";
                        foreach ($fields as $field) {
                            $xml .= "\t\t\t<field name=\"{$field}\" />\n";
                        }
                        $xml .= "\t\t</fields>\n";
                        $xml .= "\t\t<conditions>\n";
                        foreach ($conditions as $name => $condition) {
                            if (!$conditions) {
                                continue;
                            }
                            if (is_array($condition)) {
                                $condition = my_serialize($condition);
                                $is_serialized = " is_serialized=\"1\"";
                            }
                            $condition = str_replace(']]>', ']]]]><![CDATA[>', $condition);
                            $xml .= "\t\t\t<condition name=\"{$name}\"{$is_serialized}><![CDATA[{$condition}]]></condition>\n";
                        }
                        $xml .= "\t\t</conditions>\n";
                        $xml .= "\t\t<sortby><![CDATA[{$admin_view['sortby']}]]></sortby>\n";
                        $xml .= "\t\t<sortorder><![CDATA[{$admin_view['sortorder']}]]></sortorder>\n";
                        $xml .= "\t\t<perpage><![CDATA[{$admin_view['perpage']}]]></perpage>\n";
                        $xml .= "\t\t<view_type><![CDATA[{$admin_view['view_type']}]]></view_type>\n";
                        $xml .= "\t</view>\n";
                    }
                    $xml .= "</adminviews>\n";
                    $mybb->settings['bbname'] = urlencode($mybb->settings['bbname']);
                    header("Content-disposition: filename=" . $mybb->settings['bbname'] . "-views.xml");
                    header("Content-Length: " . my_strlen($xml));
                    header("Content-type: unknown/unknown");
                    header("Pragma: no-cache");
                    header("Expires: 0");
                    echo $xml;
                    exit;
                } else {
                    $page->output_header($lang->view_manager);
                    $page->output_nav_tabs($sub_tabs, 'views');
                    $table = new Table();
                    $table->construct_header($lang->view);
                    $table->construct_header($lang->controls, array("class" => "align_center", "width" => 150));
                    $default_view = fetch_default_view($type);
                    $query = $db->simple_select("adminviews", "COUNT(vid) as views");
                    $views = $db->fetch_field($query, "views");
                    $query = $db->query("\n\t\t\tSELECT v.*, u.username\n\t\t\tFROM " . TABLE_PREFIX . "adminviews v\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=v.uid)\n\t\t\tWHERE v.visibility='2' OR (v.visibility='1' AND v.uid='{$mybb->user['uid']}')\n\t\t\tORDER BY title\n\t\t");
                    while ($view = $db->fetch_array($query)) {
                        $created = "";
                        if ($view['uid'] == 0) {
                            $view_type = "default";
                            $default_class = "grey";
                        } else {
                            if ($view['visibility'] == 2) {
                                $view_type = "group";
                                if ($view['username']) {
                                    $created = "<br /><small>{$lang->created_by} {$view['username']}</small>";
                                }
                            } else {
                                $view_type = "user";
                            }
                        }
                        $default_add = '';
                        if ($default_view == $view['vid']) {
                            $default_add = " ({$lang->default})";
                        }
                        $title_string = "view_title_{$view['vid']}";
                        if ($lang->{$title_string}) {
                            $view['title'] = $lang->{$title_string};
                        }
                        $table->construct_cell("<div class=\"float_right\"><img src=\"styles/{$page->style}/images/icons/{$view_type}.png\" title=\"" . $lang->sprintf($lang->this_is_a_view, $view_type) . "\" alt=\"{$view_type}\" /></div><div class=\"{$default_class}\"><strong><a href=\"{$base_url}&amp;action=views&amp;do=edit&amp;vid={$view['vid']}\" >{$view['title']}</a></strong>{$default_add}{$created}</div>");
                        $popup = new PopupMenu("view_{$view['vid']}", $lang->options);
                        $popup->add_item($lang->edit_view, "{$base_url}&amp;action=views&amp;do=edit&amp;vid={$view['vid']}");
                        if ($view['vid'] != $default_view) {
                            $popup->add_item($lang->set_as_default, "{$base_url}&amp;action=views&amp;do=set_default&amp;vid={$view['vid']}");
                        }
                        if ($views > 1 && $view['vid'] != 1) {
                            $popup->add_item($lang->delete_view, "{$base_url}&amp;action=views&amp;do=delete&amp;vid={$view['vid']}&amp;my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, '{$lang->confirm_view_deletion}')");
                        }
                        $controls = $popup->fetch();
                        $table->construct_cell($controls, array("class" => "align_center"));
                        $table->construct_row();
                    }
                    $table->output($lang->view);
                    echo <<<LEGEND
<br />
<fieldset>
<legend>{$lang->legend}</legend>
<img src="styles/{$page->style}/images/icons/default.png" alt="{$lang->default}" style="vertical-align: middle;" /> {$lang->default_view_desc}<br />
<img src="styles/{$page->style}/images/icons/group.png" alt="{$lang->public}" style="vertical-align: middle;" /> {$lang->public_view_desc}<br />
<img src="styles/{$page->style}/images/icons/user.png" alt="{$lang->private}" style="vertical-align: middle;" /> {$lang->private_view_desc}</fieldset>
LEGEND;
                    $page->output_footer();
                }
            }
        }
    }
}
Esempio n. 13
0
function newpoints_shop_admin()
{
    global $db, $lang, $mybb, $page, $run_module, $action_file, $mybbadmin, $plugins;
    newpoints_lang_load('newpoints_shop');
    if ($run_module == 'newpoints' && $action_file == 'newpoints_shop') {
        if ($mybb->request_method == "post") {
            switch ($mybb->input['action']) {
                case 'do_addcat':
                    if ($mybb->input['name'] == '') {
                        newpoints_shop_messageredirect($lang->newpoints_shop_missing_field, 1);
                    }
                    $name = $db->escape_string($mybb->input['name']);
                    $description = $db->escape_string($mybb->input['description']);
                    // get visible to user groups options
                    if (is_array($mybb->input['usergroups'])) {
                        foreach ($mybb->input['usergroups'] as $gid) {
                            if ($gid == $mybb->input['usergroups']) {
                                unset($mybb->input['usergroups'][$gid]);
                            }
                        }
                        $usergroups = implode(",", $mybb->input['usergroups']);
                    } else {
                        $usergroups = '';
                    }
                    $usergroups = $db->escape_string($usergroups);
                    $visible = intval($mybb->input['visible']);
                    $icon = $db->escape_string($mybb->input['icon']);
                    $disporder = intval($mybb->input['disporder']);
                    $expanded = intval($mybb->input['expanded']);
                    $insert_query = array('name' => $name, 'description' => $description, 'usergroups' => $usergroups, 'visible' => $visible, 'disporder' => $disporder, 'icon' => $icon, 'expanded' => $expanded);
                    $db->insert_query('newpoints_shop_categories', $insert_query);
                    newpoints_shop_messageredirect($lang->newpoints_shop_cat_added);
                    break;
                case 'do_editcat':
                    $cid = intval($mybb->input['cid']);
                    if ($cid <= 0 || !($cat = $db->fetch_array($db->simple_select('newpoints_shop_categories', '*', "cid = {$cid}")))) {
                        newpoints_shop_messageredirect($lang->newpoints_shop_invalid_cat, 1);
                    }
                    if ($mybb->input['name'] == '') {
                        newpoints_shop_messageredirect($lang->newpoints_shop_missing_field, 1);
                    }
                    $name = $db->escape_string($mybb->input['name']);
                    $description = $db->escape_string($mybb->input['description']);
                    // get visible to user groups options
                    if (is_array($mybb->input['usergroups'])) {
                        foreach ($mybb->input['usergroups'] as $gid) {
                            if ($gid == $mybb->input['usergroups']) {
                                unset($mybb->input['usergroups'][$gid]);
                            }
                        }
                        $usergroups = implode(",", $mybb->input['usergroups']);
                    } else {
                        $usergroups = '';
                    }
                    $usergroups = $db->escape_string($usergroups);
                    $visible = intval($mybb->input['visible']);
                    $icon = $db->escape_string($mybb->input['icon']);
                    $disporder = intval($mybb->input['disporder']);
                    $expanded = intval($mybb->input['expanded']);
                    $update_query = array('name' => $name, 'description' => $description, 'usergroups' => $usergroups, 'visible' => $visible, 'disporder' => $disporder, 'icon' => $icon, 'expanded' => $expanded);
                    $db->update_query('newpoints_shop_categories', $update_query, 'cid=\'' . $cid . '\'');
                    newpoints_shop_messageredirect($lang->newpoints_shop_cat_edited);
                    break;
                case 'do_additem':
                    if ($mybb->input['name'] == '' || $mybb->input['cid'] == '') {
                        newpoints_shop_messageredirect($lang->newpoints_shop_missing_field, 1);
                    }
                    $name = $db->escape_string($mybb->input['name']);
                    $description = $db->escape_string($mybb->input['description']);
                    $icon = $db->escape_string($mybb->input['icon']);
                    $pm = $db->escape_string($mybb->input['pm']);
                    $price = floatval($mybb->input['price']);
                    $infinite = intval($mybb->input['infinite']);
                    if ($infinite == 1) {
                        $stock = 0;
                    } else {
                        $stock = intval($mybb->input['stock']);
                    }
                    $limit = intval($mybb->input['limit']);
                    $visible = intval($mybb->input['visible']);
                    $disporder = intval($mybb->input['disporder']);
                    $sendable = intval($mybb->input['sendable']);
                    $sellable = intval($mybb->input['sellable']);
                    $cid = intval($mybb->input['cid']);
                    if ($cid <= 0 || !($cat = $db->fetch_array($db->simple_select('newpoints_shop_categories', '*', "cid = {$cid}")))) {
                        newpoints_shop_messageredirect($lang->newpoints_shop_invalid_cat, 1);
                    }
                    $insert_array = array('name' => $name, 'description' => $description, 'icon' => $icon, 'visible' => $visible, 'disporder' => $disporder, 'price' => $price, 'infinite' => $infinite, 'stock' => $stock, 'limit' => $limit, 'sendable' => $sendable, 'sellable' => $sellable, 'cid' => $cid, 'pm' => $pm);
                    $plugins->run_hooks("newpoints_shop_commit", $insert_array);
                    $db->insert_query('newpoints_shop_items', $insert_array);
                    $db->write_query('UPDATE ' . TABLE_PREFIX . 'newpoints_shop_categories SET items = items+1 WHERE cid=\'' . $cid . '\'');
                    newpoints_shop_messageredirect($lang->newpoints_shop_item_added, 0, "items&amp;cid=" . $cid);
                    break;
                case 'do_edititem':
                    $iid = intval($mybb->input['iid']);
                    if ($iid <= 0 || !($item = $db->fetch_array($db->simple_select('newpoints_shop_items', '*', "iid = {$iid}")))) {
                        newpoints_shop_messageredirect($lang->newpoints_shop_invalid_item, 1, 'items');
                    }
                    if ($mybb->input['name'] == '' || $mybb->input['cid'] == '') {
                        newpoints_shop_messageredirect($lang->newpoints_shop_missing_field, 1);
                    }
                    $name = $db->escape_string($mybb->input['name']);
                    $description = $db->escape_string($mybb->input['description']);
                    $icon = $db->escape_string($mybb->input['icon']);
                    $price = floatval($mybb->input['price']);
                    $pm = $db->escape_string($mybb->input['pm']);
                    $infinite = intval($mybb->input['infinite']);
                    if ($infinite == 1) {
                        $stock = 0;
                    } else {
                        $stock = intval($mybb->input['stock']);
                    }
                    $limit = intval($mybb->input['limit']);
                    $visible = intval($mybb->input['visible']);
                    $disporder = intval($mybb->input['disporder']);
                    $sendable = intval($mybb->input['sendable']);
                    $sellable = intval($mybb->input['sellable']);
                    $cid = intval($mybb->input['cid']);
                    if ($cid <= 0 || !($cat = $db->fetch_array($db->simple_select('newpoints_shop_categories', '*', "cid = {$cid}")))) {
                        newpoints_shop_messageredirect($lang->newpoints_shop_invalid_cat, 1);
                    }
                    $update_array = array('name' => $name, 'description' => $description, 'icon' => $icon, 'visible' => $visible, 'disporder' => $disporder, 'price' => $price, 'infinite' => $infinite, 'stock' => $stock, 'limit' => $limit, 'sendable' => $sendable, 'sellable' => $sellable, 'cid' => $cid, 'pm' => $pm);
                    $plugins->run_hooks("newpoints_shop_commit", $update_array);
                    $db->update_query('newpoints_shop_items', $update_array, 'iid=\'' . $iid . '\'');
                    if ($cid != $item['cid']) {
                        $db->write_query('UPDATE ' . TABLE_PREFIX . 'newpoints_shop_categories SET items = items-1 WHERE cid=\'' . $item['cid'] . '\'');
                        $db->write_query('UPDATE ' . TABLE_PREFIX . 'newpoints_shop_categories SET items = items+1 WHERE cid=\'' . $cid . '\'');
                    }
                    newpoints_shop_messageredirect($lang->newpoints_shop_item_edited, 0, "items&amp;cid=" . $cid);
                    break;
            }
        }
        if ($mybb->input['action'] == 'do_deletecat') {
            $page->add_breadcrumb_item($lang->newpoints_shop, 'index.php?module=newpoints-shop');
            $page->output_header($lang->newpoints_shop);
            $cid = intval($mybb->input['cid']);
            if ($mybb->input['no']) {
                admin_redirect("index.php?module=newpoints-shop");
            }
            if ($mybb->request_method == "post") {
                if ($cid <= 0 || !($cat = $db->fetch_array($db->simple_select('newpoints_shop_categories', 'cid', "cid = {$cid}")))) {
                    newpoints_shop_messageredirect($lang->newpoints_shop_invalid_cat, 1);
                }
                $db->delete_query('newpoints_shop_categories', "cid = {$cid}");
                // unassign items from this category
                $db->update_query('newpoints_shop_items', array('cid' => 0), "cid = {$cid}");
                newpoints_shop_messageredirect($lang->newpoints_shop_cat_deleted);
            } else {
                $mybb->input['cid'] = intval($mybb->input['cid']);
                $form = new Form("index.php?module=newpoints-shop&amp;action=do_deletecat&amp;cid={$mybb->input['cid']}&amp;my_post_key={$mybb->post_code}", 'post');
                echo "<div class=\"confirm_action\">\n";
                echo "<p>{$lang->newpoints_shop_confirm_deletecat}</p>\n";
                echo "<br />\n";
                echo "<p class=\"buttons\">\n";
                echo $form->generate_submit_button($lang->yes, array('class' => 'button_yes'));
                echo $form->generate_submit_button($lang->no, array("name" => "no", 'class' => 'button_no'));
                echo "</p>\n";
                echo "</div>\n";
                $form->end();
            }
        } elseif ($mybb->input['action'] == 'do_deleteitem') {
            $page->add_breadcrumb_item($lang->newpoints_shop, 'index.php?module=newpoints-shop');
            $page->output_header($lang->newpoints_shop);
            $iid = intval($mybb->input['iid']);
            if ($mybb->input['no']) {
                admin_redirect("index.php?module=newpoints-shop", 0, "items&amp;cid=" . $cid);
            }
            if ($mybb->request_method == "post") {
                if ($iid <= 0 || !($item = $db->fetch_array($db->simple_select('newpoints_shop_items', 'cid', "iid = {$iid}")))) {
                    newpoints_shop_messageredirect($lang->newpoints_shop_invalid_item, 1, "items&amp;cid=" . $cid);
                }
                $db->delete_query('newpoints_shop_items', "iid = {$iid}");
                // remove one from the items count
                $db->write_query('UPDATE ' . TABLE_PREFIX . 'newpoints_shop_categories SET items = items-1 WHERE cid=\'' . $item['cid'] . '\'');
                newpoints_shop_messageredirect($lang->newpoints_shop_item_deleted, 0, "items&amp;cid=" . $cid);
            } else {
                $mybb->input['iid'] = intval($mybb->input['iid']);
                $form = new Form("index.php?module=newpoints-shop&amp;action=do_deleteitem&amp;iid={$mybb->input['iid']}&amp;my_post_key={$mybb->post_code}", 'post');
                echo "<div class=\"confirm_action\">\n";
                echo "<p>{$lang->newpoints_shop_confirm_deleteitem}</p>\n";
                echo "<br />\n";
                echo "<p class=\"buttons\">\n";
                echo $form->generate_submit_button($lang->yes, array('class' => 'button_yes'));
                echo $form->generate_submit_button($lang->no, array("name" => "no", 'class' => 'button_no'));
                echo "</p>\n";
                echo "</div>\n";
                $form->end();
            }
        } elseif ($mybb->input['action'] == 'remove') {
            $page->add_breadcrumb_item($lang->newpoints_shop, 'index.php?module=newpoints-shop');
            $page->output_header($lang->newpoints_shop);
            $iid = intval($mybb->input['iid']);
            $mybb->input['uid'] = intval($mybb->input['uid']);
            if ($mybb->input['no']) {
                admin_redirect("index.php?module=newpoints-shop", 0, "items&amp;cid=" . $cid);
            }
            if ($mybb->request_method == "post") {
                if ($iid <= 0 || !($item = $db->fetch_array($db->simple_select('newpoints_shop_items', '*', "iid = {$iid}")))) {
                    newpoints_shop_messageredirect($lang->newpoints_shop_invalid_item, 1, "items&amp;cid=" . $cid);
                }
                $uid = (int) $mybb->input['uid'];
                if ($uid <= 0) {
                    newpoints_shop_messageredirect($lang->newpoints_shop_invalid_user, 1);
                }
                $user = get_user($uid);
                // we're viewing someone else's inventory
                if (empty($user)) {
                    newpoints_shop_messageredirect($lang->newpoints_shop_invalid_user, 1);
                }
                $inventory = @unserialize($user['newpoints_items']);
                if (!$inventory) {
                    newpoints_shop_messageredirect($lang->newpoints_shop_inventory_empty, 1);
                }
                // make sure we own the item
                $key = array_search($item['iid'], $inventory);
                if ($key === false) {
                    newpoints_shop_messageredirect($lang->newpoints_shop_selected_item_not_owned, 1);
                }
                // remove item from our inventory
                unset($inventory[$key]);
                sort($inventory);
                $db->update_query('users', array('newpoints_items' => serialize($inventory)), 'uid=\'' . $uid . '\'');
                // update stock
                if ($item['infinite'] != 1) {
                    $db->update_query('newpoints_shop_items', array('stock' => $item['stock'] + 1), 'iid=\'' . $item['iid'] . '\'');
                }
                newpoints_addpoints($uid, floatval($item['price']) * $mybb->settings['newpoints_shop_percent']);
                newpoints_shop_messageredirect($lang->newpoints_shop_item_removed, 0, "inventory&amp;uid=" . $uid);
            } else {
                $form = new Form("index.php?module=newpoints-shop&amp;action=remove&amp;iid={$mybb->input['iid']}&amp;uid={$mybb->input['uid']}&amp;my_post_key={$mybb->post_code}", 'post');
                echo "<div class=\"confirm_action\">\n";
                echo "<p>{$lang->newpoints_shop_confirm_removeitem}</p>\n";
                echo "<br />\n";
                echo "<p class=\"buttons\">\n";
                echo $form->generate_submit_button($lang->yes, array('class' => 'button_yes'));
                echo $form->generate_submit_button($lang->no, array("name" => "no", 'class' => 'button_no'));
                echo "</p>\n";
                echo "</div>\n";
                $form->end();
            }
        }
        if (!$mybb->input['action'] || $mybb->input['action'] == 'categories' || $mybb->input['action'] == 'inventory' || $mybb->input['action'] == 'addcat' || $mybb->input['action'] == 'editcat') {
            $page->add_breadcrumb_item($lang->newpoints_shop, 'index.php?module=newpoints-shop');
            $page->output_header($lang->newpoints_shop);
            $sub_tabs['newpoints_shop_categories'] = array('title' => $lang->newpoints_shop_categories, 'link' => 'index.php?module=newpoints-shop', 'description' => $lang->newpoints_shop_categories_desc);
            if (!$mybb->input['action'] || $mybb->input['action'] == 'categories' || $mybb->input['action'] == 'addcat' || $mybb->input['action'] == 'editcat') {
                $sub_tabs['newpoints_shop_categories_add'] = array('title' => $lang->newpoints_shop_addcat, 'link' => 'index.php?module=newpoints-shop&amp;action=addcat', 'description' => $lang->newpoints_shop_addcat_desc);
                $sub_tabs['newpoints_shop_categories_edit'] = array('title' => $lang->newpoints_shop_editcat, 'link' => 'index.php?module=newpoints-shop&amp;action=editcat', 'description' => $lang->newpoints_shop_editcat_desc);
                $sub_tabs['newpoints_shop_categories_delete'] = array('title' => $lang->newpoints_shop_deletecat, 'link' => 'index.php?module=newpoints-shop&amp;action=do_deletecat', 'description' => $lang->newpoints_shop_deletecat_desc);
            }
        }
        if ($mybb->input['action'] == 'inventory') {
            $sub_tabs['newpoints_shop_inventory'] = array('title' => $lang->newpoints_shop_inventory, 'link' => 'index.php?module=newpoints-shop&amp;action=inventory&amp;uid=' . intval($mybb->input['uid']), 'description' => $lang->newpoints_shop_inventory_desc);
        }
        if ($mybb->input['action'] == 'items' || $mybb->input['action'] == 'additem' || $mybb->input['action'] == 'edititem') {
            $page->add_breadcrumb_item($lang->newpoints_shop, 'index.php?module=newpoints-shop');
            $page->output_header($lang->newpoints_shop);
            $sub_tabs['newpoints_shop_categories'] = array('title' => $lang->newpoints_shop_categories, 'link' => 'index.php?module=newpoints-shop', 'description' => $lang->newpoints_shop_categories_desc);
            $sub_tabs['newpoints_shop_items'] = array('title' => $lang->newpoints_shop_items, 'link' => 'index.php?module=newpoints-shop&amp;action=items&amp;cid=' . intval($mybb->input['cid']), 'description' => $lang->newpoints_shop_items_desc);
            if ($mybb->input['action'] == 'items' || $mybb->input['action'] == 'additem' || $mybb->input['action'] == 'edititem') {
                $sub_tabs['newpoints_shop_items_add'] = array('title' => $lang->newpoints_shop_additem, 'link' => 'index.php?module=newpoints-shop&amp;action=additem&amp;cid=' . intval($mybb->input['cid']), 'description' => $lang->newpoints_shop_additem_desc);
                $sub_tabs['newpoints_shop_items_edit'] = array('title' => $lang->newpoints_shop_edititem, 'link' => 'index.php?module=newpoints-shop&amp;action=edititem', 'description' => $lang->newpoints_shop_edititem_desc);
                $sub_tabs['newpoints_shop_items_delete'] = array('title' => $lang->newpoints_shop_deleteitem, 'link' => 'index.php?module=newpoints-shop&amp;action=do_deleteitem', 'description' => $lang->newpoints_shop_deleteitem_desc);
            }
        }
        if (!$mybb->input['action'] || $mybb->input['action'] == 'categories') {
            $page->output_nav_tabs($sub_tabs, 'newpoints_shop_categories');
            // table
            $table = new Table();
            $table->construct_header($lang->newpoints_shop_cat_name, array('width' => '30%'));
            $table->construct_header($lang->newpoints_shop_cat_description, array('width' => '35%'));
            $table->construct_header($lang->newpoints_shop_cat_items, array('width' => '10%', 'class' => 'align_center'));
            $table->construct_header($lang->newpoints_shop_cat_disporder, array('width' => '10%', 'class' => 'align_center'));
            $table->construct_header($lang->newpoints_shop_cat_action, array('width' => '25%', 'class' => 'align_center'));
            $query = $db->simple_select('newpoints_shop_categories', '*', '', array('order_by' => 'disporder', 'order_dir' => 'ASC'));
            while ($cat = $db->fetch_array($query)) {
                $table->construct_cell("<a href=\"index.php?module=newpoints-shop&amp;action=items&amp;cid={$cat['cid']}\">" . htmlspecialchars_uni($cat['name']) . "</a>");
                $table->construct_cell(htmlspecialchars_uni($cat['description']));
                $table->construct_cell(intval($cat['items']), array('class' => 'align_center'));
                $table->construct_cell(intval($cat['disporder']), array('class' => 'align_center'));
                // actions column
                $table->construct_cell("<a href=\"index.php?module=newpoints-shop&amp;action=editcat&amp;cid=" . intval($cat['cid']) . "\">" . $lang->newpoints_shop_edit . "</a> - <a href=\"index.php?module=newpoints-shop&amp;action=do_deletecat&amp;cid=" . intval($cat['cid']) . "\">" . $lang->newpoints_shop_delete . "</a>", array('class' => 'align_center'));
                $table->construct_row();
            }
            if ($table->num_rows() == 0) {
                $table->construct_cell($lang->newpoints_shop_no_cats, array('colspan' => 5));
                $table->construct_row();
            }
            $table->output($lang->newpoints_shop_categories);
        } elseif ($mybb->input['action'] == 'addcat') {
            $page->output_nav_tabs($sub_tabs, 'newpoints_shop_categories_add');
            $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title'));
            while ($usergroup = $db->fetch_array($query)) {
                $options[$usergroup['gid']] = $usergroup['title'];
            }
            $form = new Form("index.php?module=newpoints-shop&amp;action=do_addcat", "post", "newpoints_shop");
            $form_container = new FormContainer($lang->newpoints_shop_addcat);
            $form_container->output_row($lang->newpoints_shop_addedit_cat_name . "<em>*</em>", $lang->newpoints_shop_addedit_cat_name_desc, $form->generate_text_box('name', '', array('id' => 'name')), 'name');
            $form_container->output_row($lang->newpoints_shop_addedit_cat_description, $lang->newpoints_shop_addedit_cat_description_desc, $form->generate_text_box('description', '', array('id' => 'description')), 'description');
            $form_container->output_row($lang->newpoints_shop_addedit_cat_visible, $lang->newpoints_shop_addedit_cat_visible_desc, $form->generate_yes_no_radio('visible', 1), 'visible');
            $form_container->output_row($lang->newpoints_shop_addedit_cat_icon, $lang->newpoints_shop_addedit_cat_icon_desc, $form->generate_text_box('icon', '', array('id' => 'icon')), 'icon');
            $form_container->output_row($lang->newpoints_shop_addedit_cat_usergroups, $lang->newpoints_shop_addedit_cat_usergroups_desc, $form->generate_select_box('usergroups[]', $options, '', array('id' => 'usergroups', 'multiple' => true, 'size' => 5)), 'groups');
            $form_container->output_row($lang->newpoints_shop_addedit_cat_disporder, $lang->newpoints_shop_addedit_cat_disporder_desc, $form->generate_text_box('disporder', '0', array('id' => 'disporder')), 'disporder');
            $form_container->output_row($lang->newpoints_shop_addedit_cat_expanded, $lang->newpoints_shop_addedit_cat_expanded_desc, $form->generate_yes_no_radio('expanded', 1), 'expanded');
            $form_container->end();
            $buttons = "";
            $buttons[] = $form->generate_submit_button($lang->newpoints_shop_submit);
            $buttons[] = $form->generate_reset_button($lang->newpoints_shop_reset);
            $form->output_submit_wrapper($buttons);
            $form->end();
        } elseif ($mybb->input['action'] == 'editcat') {
            $page->output_nav_tabs($sub_tabs, 'newpoints_shop_categories_edit');
            $cid = intval($mybb->input['cid']);
            if ($cid <= 0 || !($cat = $db->fetch_array($db->simple_select('newpoints_shop_categories', '*', "cid = {$cid}")))) {
                newpoints_shop_messageredirect($lang->newpoints_shop_invalid_cat, 1);
            }
            $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title'));
            while ($usergroup = $db->fetch_array($query)) {
                $options[$usergroup['gid']] = $usergroup['title'];
            }
            $form = new Form("index.php?module=newpoints-shop&amp;action=do_editcat", "post", "newpoints_shop");
            echo $form->generate_hidden_field('cid', $cat['cid']);
            $form_container = new FormContainer($lang->newpoints_shop_addcat);
            $form_container->output_row($lang->newpoints_shop_addedit_cat_name . "<em>*</em>", $lang->newpoints_shop_addedit_cat_name_desc, $form->generate_text_box('name', htmlspecialchars_uni($cat['name']), array('id' => 'name')), 'name');
            $form_container->output_row($lang->newpoints_shop_addedit_cat_description, $lang->newpoints_shop_addedit_cat_description_desc, $form->generate_text_box('description', htmlspecialchars_uni($cat['description']), array('id' => 'description')), 'description');
            $form_container->output_row($lang->newpoints_shop_addedit_cat_visible, $lang->newpoints_shop_addedit_cat_visible_desc, $form->generate_yes_no_radio('visible', intval($cat['visible'])), 'visible');
            $form_container->output_row($lang->newpoints_shop_addedit_cat_icon, $lang->newpoints_shop_addedit_cat_icon_desc, $form->generate_text_box('icon', htmlspecialchars_uni($cat['icon']), array('id' => 'icon')), 'icon');
            $form_container->output_row($lang->newpoints_shop_addedit_cat_usergroups, $lang->newpoints_shop_addedit_cat_usergroups_desc, $form->generate_select_box('usergroups[]', $options, explode(',', $cat['usergroups']), array('id' => 'usergroups', 'multiple' => true, 'size' => 5)), 'groups');
            $form_container->output_row($lang->newpoints_shop_addedit_cat_disporder, $lang->newpoints_shop_addedit_cat_disporder_desc, $form->generate_text_box('disporder', intval($cat['disporder']), array('id' => 'disporder')), 'disporder');
            $form_container->output_row($lang->newpoints_shop_addedit_cat_expanded, $lang->newpoints_shop_addedit_cat_expanded_desc, $form->generate_yes_no_radio('expanded', intval($cat['expanded'])), 'expanded');
            $form_container->end();
            $buttons = "";
            $buttons[] = $form->generate_submit_button($lang->newpoints_shop_submit);
            $buttons[] = $form->generate_reset_button($lang->newpoints_shop_reset);
            $form->output_submit_wrapper($buttons);
            $form->end();
        } else {
            if ($mybb->input['action'] == 'items') {
                $page->output_nav_tabs($sub_tabs, 'newpoints_shop_items');
                $cid = intval($mybb->input['cid']);
                if ($cid <= 0 || !($cat = $db->fetch_array($db->simple_select('newpoints_shop_categories', '*', "cid = {$cid}")))) {
                    newpoints_shop_messageredirect($lang->newpoints_shop_invalid_cat, 1);
                }
                // table
                $table = new Table();
                $table->construct_header($lang->newpoints_shop_item_icon, array('width' => '10%', 'class' => 'align_center'));
                $table->construct_header($lang->newpoints_shop_item_name, array('width' => '30%'));
                $table->construct_header($lang->newpoints_shop_item_price, array('width' => '15%', 'class' => 'align_center'));
                $table->construct_header($lang->newpoints_shop_item_disporder, array('width' => '15%', 'class' => 'align_center'));
                $table->construct_header($lang->newpoints_shop_item_action, array('width' => '20%', 'class' => 'align_center'));
                $query = $db->simple_select('newpoints_shop_items', '*', 'cid=\'' . $cid . '\'', array('order_by' => 'disporder', 'order_dir' => 'ASC'));
                while ($item = $db->fetch_array($query)) {
                    if ($item['infinite'] == 1) {
                        $item['stock'] = $lang->newpoints_shop_infinite;
                    }
                    if ($item['visible'] == 0) {
                        $visible_info = ' (<span style="color: #FF0000;">hidden</span>)';
                    } else {
                        $visible_info = '';
                    }
                    $table->construct_cell(htmlspecialchars_uni($item['icon']) ? '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">' : '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">', array('class' => 'align_center'));
                    $table->construct_cell(htmlspecialchars_uni($item['name']) . " (" . (intval($item['infinite']) ? $lang->newpoints_shop_infinite : intval($item['stock'])) . ")" . $visible_info . "<br /><small>" . htmlspecialchars_uni($item['description']) . "</small>");
                    $table->construct_cell(newpoints_format_points($item['price']), array('class' => 'align_center'));
                    $table->construct_cell(intval($item['disporder']), array('class' => 'align_center'));
                    // actions column
                    $table->construct_cell("<a href=\"index.php?module=newpoints-shop&amp;action=edititem&amp;iid=" . intval($item['iid']) . "\">" . $lang->newpoints_shop_edit . "</a> - <a href=\"index.php?module=newpoints-shop&amp;action=do_deleteitem&amp;iid=" . intval($item['iid']) . "\">" . $lang->newpoints_shop_delete . "</a>", array('class' => 'align_center'));
                    $table->construct_row();
                }
                if ($table->num_rows() == 0) {
                    $table->construct_cell($lang->newpoints_shop_no_items, array('colspan' => 6));
                    $table->construct_row();
                }
                $table->output($lang->newpoints_shop_items);
            } elseif ($mybb->input['action'] == 'additem') {
                $page->output_nav_tabs($sub_tabs, 'newpoints_shop_items_add');
                $cid = intval($mybb->input['cid']);
                if ($cid > 0) {
                    if ($cid <= 0 || !($cat = $db->fetch_array($db->simple_select('newpoints_shop_categories', '*', "cid = {$cid}")))) {
                        newpoints_shop_messageredirect($lang->newpoints_shop_invalid_cat, 1);
                    }
                } else {
                    $cid = 0;
                }
                $categories[0] = $lang->newpoints_shop_select_cat;
                $query = $db->simple_select('newpoints_shop_categories', '*');
                while ($cat = $db->fetch_array($query)) {
                    $categories[$cat['cid']] = $cat['name'];
                }
                $form = new Form("index.php?module=newpoints-shop&amp;action=do_additem", "post", "newpoints_shop");
                $form_container = new FormContainer($lang->newpoints_shop_additem);
                $form_container->output_row($lang->newpoints_shop_addedit_item_name . "<em>*</em>", $lang->newpoints_shop_addedit_item_name_desc, $form->generate_text_box('name', '', array('id' => 'name')), 'name');
                $form_container->output_row($lang->newpoints_shop_addedit_item_description, $lang->newpoints_shop_addedit_item_description_desc, $form->generate_text_box('description', '', array('id' => 'description')), 'description');
                $form_container->output_row($lang->newpoints_shop_addedit_item_price, $lang->newpoints_shop_addedit_item_price_desc, $form->generate_text_box('price', '0', array('id' => 'price')), 'price');
                $form_container->output_row($lang->newpoints_shop_addedit_item_icon, $lang->newpoints_shop_addedit_item_icon_desc, $form->generate_text_box('icon', '', array('id' => 'icon')), 'icon');
                $form_container->output_row($lang->newpoints_shop_addedit_item_disporder, $lang->newpoints_shop_addedit_item_disporder_desc, $form->generate_text_box('disporder', '0', array('id' => 'disporder')), 'disporder');
                $form_container->output_row($lang->newpoints_shop_addedit_item_stock, $lang->newpoints_shop_addedit_item_stock_desc, $form->generate_text_box('stock', '0', array('id' => 'stock')), 'stock');
                $form_container->output_row($lang->newpoints_shop_addedit_item_infinite, $lang->newpoints_shop_addedit_item_infinite_desc, $form->generate_yes_no_radio('infinite', 1), 'infinite');
                $form_container->output_row($lang->newpoints_shop_addedit_item_limit, $lang->newpoints_shop_addedit_item_limit_desc, $form->generate_text_box('limit', '0', array('id' => 'limit')), 'limit');
                $form_container->output_row($lang->newpoints_shop_addedit_item_visible, $lang->newpoints_shop_addedit_item_visible_desc, $form->generate_yes_no_radio('visible', 1), 'visible');
                $form_container->output_row($lang->newpoints_shop_addedit_item_sendable, $lang->newpoints_shop_addedit_item_sendable_desc, $form->generate_yes_no_radio('sendable', 1), 'sendable');
                $form_container->output_row($lang->newpoints_shop_addedit_item_sellable, $lang->newpoints_shop_addedit_item_sellable_desc, $form->generate_yes_no_radio('sellable', 1), 'sellable');
                $form_container->output_row($lang->newpoints_shop_addedit_item_pm, $lang->newpoints_shop_addedit_item_pm_desc, $form->generate_text_area('pm', '', array('id' => 'pm_text')), 'pm');
                $form_container->output_row($lang->newpoints_shop_addedit_item_category . "<em>*</em>", $lang->newpoints_shop_addedit_item_category_desc, $form->generate_select_box('cid', $categories, $cid, array('id' => 'cid')), 'cid');
                $args = array($form_container, $form, array());
                $plugins->run_hooks("newpoints_shop_row", $args);
                $form_container->end();
                $buttons = "";
                $buttons[] = $form->generate_submit_button($lang->newpoints_shop_submit);
                $buttons[] = $form->generate_reset_button($lang->newpoints_shop_reset);
                $form->output_submit_wrapper($buttons);
                $form->end();
            } elseif ($mybb->input['action'] == 'edititem') {
                $page->output_nav_tabs($sub_tabs, 'newpoints_shop_items_edit');
                $iid = intval($mybb->input['iid']);
                if ($iid <= 0 || !($item = $db->fetch_array($db->simple_select('newpoints_shop_items', '*', "iid = {$iid}")))) {
                    newpoints_shop_messageredirect($lang->newpoints_shop_invalid_item, 1, 'items');
                }
                $categories[0] = $lang->newpoints_shop_select_cat;
                $query = $db->simple_select('newpoints_shop_categories', '*');
                while ($cat = $db->fetch_array($query)) {
                    $categories[$cat['cid']] = $cat['name'];
                }
                $form = new Form("index.php?module=newpoints-shop&amp;action=do_edititem", "post", "newpoints_shop");
                echo $form->generate_hidden_field('iid', $iid);
                $form_container = new FormContainer($lang->newpoints_shop_additem);
                $form_container->output_row($lang->newpoints_shop_addedit_item_name . "<em>*</em>", $lang->newpoints_shop_addedit_item_name_desc, $form->generate_text_box('name', htmlspecialchars_uni($item['name']), array('id' => 'name')), 'name');
                $form_container->output_row($lang->newpoints_shop_addedit_item_description, $lang->newpoints_shop_addedit_item_description_desc, $form->generate_text_box('description', htmlspecialchars_uni($item['description']), array('id' => 'description')), 'description');
                $form_container->output_row($lang->newpoints_shop_addedit_item_price, $lang->newpoints_shop_addedit_item_price_desc, $form->generate_text_box('price', floatval($item['price']), array('id' => 'price')), 'price');
                $form_container->output_row($lang->newpoints_shop_addedit_item_icon, $lang->newpoints_shop_addedit_item_icon_desc, $form->generate_text_box('icon', htmlspecialchars_uni($item['icon']), array('id' => 'icon')), 'icon');
                $form_container->output_row($lang->newpoints_shop_addedit_item_disporder, $lang->newpoints_shop_addedit_item_disporder_desc, $form->generate_text_box('disporder', intval($item['disporder']), array('id' => 'disporder')), 'disporder');
                $form_container->output_row($lang->newpoints_shop_addedit_item_stock, $lang->newpoints_shop_addedit_item_stock_desc, $form->generate_text_box('stock', intval($item['stock']), array('id' => 'stock')), 'stock');
                $form_container->output_row($lang->newpoints_shop_addedit_item_infinite, $lang->newpoints_shop_addedit_item_infinite_desc, $form->generate_yes_no_radio('infinite', intval($item['infinite'])), 'infinite');
                $form_container->output_row($lang->newpoints_shop_addedit_item_limit, $lang->newpoints_shop_addedit_item_limit_desc, $form->generate_text_box('limit', intval($item['limit']), array('id' => 'limit')), 'limit');
                $form_container->output_row($lang->newpoints_shop_addedit_item_visible, $lang->newpoints_shop_addedit_item_visible_desc, $form->generate_yes_no_radio('visible', intval($item['visible'])), 'visible');
                $form_container->output_row($lang->newpoints_shop_addedit_item_sendable, $lang->newpoints_shop_addedit_item_sendable_desc, $form->generate_yes_no_radio('sendable', intval($item['sendable'])), 'sendable');
                $form_container->output_row($lang->newpoints_shop_addedit_item_sellable, $lang->newpoints_shop_addedit_item_sellable_desc, $form->generate_yes_no_radio('sellable', intval($item['sellable'])), 'sellable');
                $form_container->output_row($lang->newpoints_shop_addedit_item_pm, $lang->newpoints_shop_addedit_item_pm_desc, $form->generate_text_area('pm', htmlspecialchars_uni($item['pm']), array('id' => 'pm_text')), 'pm');
                $form_container->output_row($lang->newpoints_shop_addedit_item_category . "<em>*</em>", $lang->newpoints_shop_addedit_item_category_desc, $form->generate_select_box('cid', $categories, intval($item['cid']), array('id' => 'cid')), 'cid');
                $args = array($form_container, $form, $item);
                $plugins->run_hooks("newpoints_shop_row", $args);
                $form_container->end();
                $buttons = "";
                $buttons[] = $form->generate_submit_button($lang->newpoints_shop_submit);
                $buttons[] = $form->generate_reset_button($lang->newpoints_shop_reset);
                $form->output_submit_wrapper($buttons);
                $form->end();
            } else {
                if ($mybb->input['action'] == 'inventory') {
                    $page->output_nav_tabs($sub_tabs, 'newpoints_shop_inventory');
                    $uid = (int) $mybb->input['uid'];
                    if ($uid <= 0) {
                        newpoints_shop_messageredirect($lang->newpoints_shop_invalid_user, 1);
                    }
                    $user = get_user($uid);
                    // we're viewing someone else's inventory
                    if (empty($user)) {
                        newpoints_shop_messageredirect($lang->newpoints_shop_invalid_user, 1);
                    }
                    $inventory = @unserialize($user['newpoints_items']);
                    if (!$inventory) {
                        $inventory = array(0);
                    }
                    // Item id is 0 because it doesn't exist, this when we use it in the query we won't show anything
                    // table
                    $table = new Table();
                    $table->construct_header($lang->newpoints_shop_item_icon, array('width' => '10%', 'class' => 'align_center'));
                    $table->construct_header($lang->newpoints_shop_item_name, array('width' => '30%'));
                    $table->construct_header($lang->newpoints_shop_item_price, array('width' => '15%', 'class' => 'align_center'));
                    $table->construct_header($lang->newpoints_shop_item_disporder, array('width' => '15%', 'class' => 'align_center'));
                    $table->construct_header($lang->newpoints_shop_item_action, array('width' => '20%', 'class' => 'align_center'));
                    $query = $db->simple_select('newpoints_shop_items', '*', 'iid IN (' . implode(',', array_unique($inventory)) . ')', array('order_by' => 'disporder', 'order_dir' => 'ASC'));
                    while ($item = $db->fetch_array($query)) {
                        if ($item['infinite'] == 1) {
                            $item['stock'] = $lang->newpoints_shop_infinite;
                        }
                        if ($item['visible'] == 0) {
                            $visible_info = ' (<span style="color: #FF0000;">hidden</span>)';
                        } else {
                            $visible_info = '';
                        }
                        $table->construct_cell(htmlspecialchars_uni($item['icon']) ? '<img src="' . $mybb->settings['bburl'] . '/' . $item['icon'] . '">' : '<img src="' . $mybb->settings['bburl'] . '/images/newpoints/default.png">', array('class' => 'align_center'));
                        $table->construct_cell(htmlspecialchars_uni($item['name']) . " (" . count(array_keys($inventory, $item['iid'])) . ")" . $visible_info . "<br /><small>" . htmlspecialchars_uni($item['description']) . "</small>");
                        $table->construct_cell(newpoints_format_points($item['price']), array('class' => 'align_center'));
                        $table->construct_cell(intval($item['disporder']), array('class' => 'align_center'));
                        // actions column
                        $table->construct_cell("<a href=\"index.php?module=newpoints-shop&amp;action=remove&amp;iid=" . intval($item['iid']) . "&amp;uid=" . (int) $user['uid'] . "\">" . $lang->newpoints_shop_remove . "</a>", array('class' => 'align_center'));
                        $table->construct_row();
                    }
                    if ($table->num_rows() == 0) {
                        $table->construct_cell($lang->newpoints_shop_no_items, array('colspan' => 5));
                        $table->construct_row();
                    }
                    $table->output($lang->newpoints_shop_inventory_of . " " . htmlspecialchars_uni($user['username']));
                }
            }
        }
        $page->output_footer();
        exit;
    }
}
Esempio n. 14
0
/**
 * @param array $input
 * @param DefaultForm $form
 */
function user_search_conditions($input = array(), &$form)
{
    global $mybb, $db, $lang;
    if (!$input) {
        $input = $mybb->input;
    }
    if (!is_array($input['conditions'])) {
        $input['conditions'] = my_unserialize($input['conditions']);
    }
    if (!is_array($input['profile_fields'])) {
        $input['profile_fields'] = my_unserialize($input['profile_fields']);
    }
    if (!is_array($input['fields'])) {
        $input['fields'] = my_unserialize($input['fields']);
    }
    $form_container = new FormContainer($lang->find_users_where);
    $form_container->output_row($lang->username_contains, "", $form->generate_text_box('conditions[username]', $input['conditions']['username'], array('id' => 'username')), 'username');
    $form_container->output_row($lang->email_address_contains, "", $form->generate_text_box('conditions[email]', $input['conditions']['email'], array('id' => 'email')), 'email');
    $options = array();
    $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title'));
    while ($usergroup = $db->fetch_array($query)) {
        $options[$usergroup['gid']] = htmlspecialchars_uni($usergroup['title']);
    }
    $form_container->output_row($lang->is_member_of_groups, $lang->additional_user_groups_desc, $form->generate_select_box('conditions[usergroup][]', $options, $input['conditions']['usergroup'], array('id' => 'usergroups', 'multiple' => true, 'size' => 5)), 'usergroups');
    $form_container->output_row($lang->website_contains, "", $form->generate_text_box('conditions[website]', $input['conditions']['website'], array('id' => 'website')) . " {$lang->or} " . $form->generate_check_box('conditions[website_blank]', 1, $lang->is_not_blank, array('id' => 'website_blank', 'checked' => $input['conditions']['website_blank'])), 'website');
    $form_container->output_row($lang->icq_number_contains, "", $form->generate_text_box('conditions[icq]', $input['conditions']['icq'], array('id' => 'icq')) . " {$lang->or} " . $form->generate_check_box('conditions[icq_blank]', 1, $lang->is_not_blank, array('id' => 'icq_blank', 'checked' => $input['conditions']['icq_blank'])), 'icq');
    $form_container->output_row($lang->aim_handle_contains, "", $form->generate_text_box('conditions[aim]', $input['conditions']['aim'], array('id' => 'aim')) . " {$lang->or} " . $form->generate_check_box('conditions[aim_blank]', 1, $lang->is_not_blank, array('id' => 'aim_blank', 'checked' => $input['conditions']['aim_blank'])), 'aim');
    $form_container->output_row($lang->yahoo_contains, "", $form->generate_text_box('conditions[yahoo]', $input['conditions']['yahoo'], array('id' => 'yahoo')) . " {$lang->or} " . $form->generate_check_box('conditions[yahoo_blank]', 1, $lang->is_not_blank, array('id' => 'yahoo_blank', 'checked' => $input['conditions']['yahoo_blank'])), 'yahoo');
    $form_container->output_row($lang->skype_contains, "", $form->generate_text_box('conditions[skype]', $input['conditions']['skype'], array('id' => 'skype')) . " {$lang->or} " . $form->generate_check_box('conditions[skype_blank]', 1, $lang->is_not_blank, array('id' => 'skype_blank', 'checked' => $input['conditions']['skype_blank'])), 'skype');
    $form_container->output_row($lang->google_contains, "", $form->generate_text_box('conditions[google]', $input['conditions']['google'], array('id' => 'google')) . " {$lang->or} " . $form->generate_check_box('conditions[google_blank]', 1, $lang->is_not_blank, array('id' => 'google_blank', 'checked' => $input['conditions']['google_blank'])), 'google');
    $form_container->output_row($lang->signature_contains, "", $form->generate_text_box('conditions[signature]', $input['conditions']['signature'], array('id' => 'signature')) . " {$lang->or} " . $form->generate_check_box('conditions[signature_blank]', 1, $lang->is_not_blank, array('id' => 'signature_blank', 'checked' => $input['conditions']['signature_blank'])), 'signature');
    $form_container->output_row($lang->user_title_contains, "", $form->generate_text_box('conditions[usertitle]', $input['conditions']['usertitle'], array('id' => 'usertitle')) . " {$lang->or} " . $form->generate_check_box('conditions[usertitle_blank]', 1, $lang->is_not_blank, array('id' => 'usertitle_blank', 'checked' => $input['conditions']['usertitle_blank'])), 'usertitle');
    $greater_options = array("greater_than" => $lang->greater_than, "is_exactly" => $lang->is_exactly, "less_than" => $lang->less_than);
    $form_container->output_row($lang->post_count_is, "", $form->generate_select_box('conditions[postnum_dir]', $greater_options, $input['conditions']['postnum_dir'], array('id' => 'numposts_dir')) . " " . $form->generate_text_box('conditions[postnum]', $input['conditions']['postnum'], array('id' => 'numposts')), 'numposts');
    $form_container->output_row($lang->thread_count_is, "", $form->generate_select_box('conditions[threadnum_dir]', $greater_options, $input['conditions']['threadnum_dir'], array('id' => 'numthreads_dir')) . " " . $form->generate_text_box('conditions[threadnum]', $input['conditions']['threadnum'], array('id' => 'numthreads')), 'numthreads');
    $form_container->output_row($lang->reg_in_x_days, '', $form->generate_text_box('conditions[regdate]', $input['conditions']['regdate'], array('id' => 'regdate')) . ' ' . $lang->days, 'regdate');
    $form_container->output_row($lang->reg_ip_matches, $lang->wildcard, $form->generate_text_box('conditions[regip]', $input['conditions']['regip'], array('id' => 'regip')), 'regip');
    $form_container->output_row($lang->last_known_ip, $lang->wildcard, $form->generate_text_box('conditions[lastip]', $input['conditions']['lastip'], array('id' => 'lastip')), 'lastip');
    $form_container->output_row($lang->posted_with_ip, $lang->wildcard, $form->generate_text_box('conditions[postip]', $input['conditions']['postip'], array('id' => 'postip')), 'postip');
    $form_container->end();
    // Custom profile fields go here
    $form_container = new FormContainer($lang->custom_profile_fields_match);
    // Fetch custom profile fields
    $query = $db->simple_select("profilefields", "*", "", array('order_by' => 'disporder'));
    $profile_fields = array();
    while ($profile_field = $db->fetch_array($query)) {
        if ($profile_field['required'] == 1) {
            $profile_fields['required'][] = $profile_field;
        } else {
            $profile_fields['optional'][] = $profile_field;
        }
    }
    output_custom_profile_fields($profile_fields['required'], $input['profile_fields'], $form_container, $form, true);
    output_custom_profile_fields($profile_fields['optional'], $input['profile_fields'], $form_container, $form, true);
    $form_container->end();
    // Autocompletion for usernames
    echo '
<link rel="stylesheet" href="../jscripts/select2/select2.css">
<script type="text/javascript" src="../jscripts/select2/select2.min.js?ver=1804"></script>
<script type="text/javascript">
<!--
$("#username").select2({
	placeholder: "' . $lang->search_for_a_user . '",
	minimumInputLength: 3,
	maximumSelectionSize: 3,
	multiple: false,
	ajax: { // instead of writing the function to execute the request we use Select2\'s convenient helper
		url: "../xmlhttp.php?action=get_users",
		dataType: \'json\',
		data: function (term, page) {
			return {
				query: term // search term
			};
		},
		results: function (data, page) { // parse the results into the format expected by Select2.
			// since we are using custom formatting functions we do not need to alter remote JSON data
			return {results: data};
		}
	},
	initSelection: function(element, callback) {
		var query = $(element).val();
		if (query !== "") {
			$.ajax("../xmlhttp.php?action=get_users&getone=1", {
				data: {
					query: query
				},
				dataType: "json"
			}).done(function(data) { callback(data); });
		}
	}
});
// -->
</script>';
}
function restfulapi_admin_load()
{
    global $mybb, $db, $page, $lang, $cache;
    if ($page->active_action == RESTFULAPI_URL) {
        $page->add_breadcrumb_item($lang->restfulapi_title);
        $page->output_header($lang->restfulapi_title);
        $result = $db->simple_select("apisettings");
        $action = "config";
        if (isset($mybb->input["action"]) && in_array($mybb->input["action"], array("manage-keys", "add-key"))) {
            $action = $mybb->input["action"];
        }
        $navs = array("config" => array("link" => "index.php?module=config-" . RESTFULAPI_URL, "title" => $lang->restfulapi_config, "description" => $lang->restfulapi_config_description), "manage-keys" => array("link" => "index.php?module=config-" . RESTFULAPI_URL . "&amp;action=manage-keys", "title" => $lang->restfulapi_manage_api_keys, "description" => $lang->restfulapi_manage_api_keys_description), "add-key" => array("link" => "index.php?module=config-" . RESTFULAPI_URL . "&amp;action=add-key", "title" => $lang->restfulapi_add_api_key, "description" => $lang->restfulapi_add_api_key_description));
        $page->output_nav_tabs($navs, $action);
        switch ($action) {
            case "manage-keys":
                if (isset($mybb->input["do"]) && in_array($mybb->input["do"], array("regenerate", "edit", "delete"))) {
                    $do = $mybb->input["do"];
                    if ($do == "edit" && isset($mybb->input["key_id"]) && is_string($mybb->input["key_id"])) {
                        $key_id = (int) $db->escape_string($mybb->input["key_id"]);
                        $result = $db->simple_select("apikeys", "*", "id='{$key_id}'");
                        if ($result->num_rows != 1) {
                            flash_message($lang->restfulapi_key_not_found, "error");
                            admin_redirect("index.php?module=config-restfulapi&amp;action=manage-keys");
                            exit;
                        }
                        if ($mybb->request_method == "post" && isset($mybb->input["apicustomer"]) && is_string($mybb->input["apicustomer"]) && isset($mybb->input["apicomment"]) && is_string($mybb->input["apicomment"]) && isset($mybb->input["maxreq"]) && is_numeric($mybb->input["maxreq"]) && isset($mybb->input["maxreqrate"]) && in_array($mybb->input["maxreqrate"], array("m", "w", "d", "h"))) {
                            $update = array("apicustomer" => $db->escape_string(htmlspecialchars_uni($mybb->input["apicustomer"])), "apicomment" => $db->escape_string(htmlspecialchars_uni($mybb->input["apicomment"])), "maxreq" => (int) $mybb->input["maxreq"], "maxreqrate" => $db->escape_string(htmlspecialchars_uni($mybb->input["maxreqrate"])));
                            $db->update_query("apikeys", $update, "id='{$key_id}'");
                            $db->delete_query("apipermissions", "apikey='{$key_id}'");
                            if (isset($mybb->input["apinames"]) && is_array($mybb->input["apinames"])) {
                                $insert_allowed = array();
                                foreach ($mybb->input["apinames"] as $apiname) {
                                    $insert_allowed[] = array("apikey" => $key_id, "apiname" => $db->escape_string($apiname));
                                }
                                $db->insert_query_multiple("apipermissions", $insert_allowed);
                            }
                            restfulapi_cache_rebuild();
                            flash_message($lang->restfulapi_key_edited_successfully, "success");
                            admin_redirect("index.php?module=config-restfulapi&amp;action=manage-keys");
                        } else {
                            $keyset = $result->fetch_array();
                            $form = new Form("index.php?module=config-" . RESTFULAPI_URL . "&amp;action=manage-keys&amp;do=edit&amp;key_id={$key_id}", "post", "edit");
                            $form_container = new FormContainer($lang->restfulapi_edit_api_key);
                            $form_container->output_row($lang->restfulapi_customer_name . " <em>*</em>", $lang->restfulapi_customer_name_description, $form->generate_text_box('apicustomer', htmlspecialchars_uni($keyset["apicustomer"]), array('id' => 'apicustomer')), 'apicustomer');
                            $rate_types = array("h" => $lang->restfulapi_per_hour, "d" => $lang->restfulapi_per_day, "w" => $lang->restfulapi_per_week, "m" => $lang->restfulapi_per_month);
                            $form_container->output_row($lang->restfulapi_max_requests . " <em>*</em>", $lang->restfulapi_max_requests_description, $form->generate_text_box('maxreq', htmlspecialchars_uni($keyset["maxreq"]), array('id' => 'maxreq')) . " " . $form->generate_select_box('maxreqrate', $rate_types, htmlspecialchars_uni($keyset["maxreqrate"]), array('id' => 'maxreqrate')), 'maxreq');
                            $form_container->output_row($lang->restfulapi_comment, $lang->restfulapi_comment_description, $form->generate_text_area('apicomment', htmlspecialchars_uni($keyset["apicomment"]), array('id' => 'apicomment')), 'apicomment');
                            $apis = glob(RESTFULAPI_PATH . "api/*api.class.php");
                            $presentable_apis = array();
                            foreach ($apis as $key => $value) {
                                $value = htmlspecialchars_uni(str_replace(array(RESTFULAPI_PATH . "api/", "api.class.php"), "", $value));
                                $presentable_apis[$value] = $value;
                            }
                            $selected = array();
                            // reminder, $key_id has already been escaped!
                            $result = $db->simple_select("apipermissions", "*", "apikey='{$key_id}'");
                            while ($apipermission = $db->fetch_array($result)) {
                                $selected[] = $apipermission["apiname"];
                            }
                            $form_container->output_row($lang->restfulapi_select_allowed_apis, $lang->restfulapi_select_allowed_apis_description, $form->generate_select_box('apinames[]', $presentable_apis, $selected, array('id' => 'apinames', 'multiple' => true, 'size' => 10)), 'apinames');
                            $form_container->end();
                            $buttons[] = $form->generate_submit_button($lang->restfulapi_edit_api_key);
                            $form->output_submit_wrapper($buttons);
                            $form->end();
                        }
                    } elseif ($do == "delete" && isset($mybb->input["key_id"]) && isset($mybb->input["my_post_key"]) && verify_post_check($mybb->input["my_post_key"])) {
                        $key_id = $db->escape_string($mybb->input["key_id"]);
                        if ($db->simple_select("apikeys", "*", "id='{$key_id}'")->num_rows == 1) {
                            $db->delete_query("apipermissions", "apikey='{$key_id}'");
                            $db->delete_query("apikeys", "id='{$key_id}'");
                            restfulapi_cache_rebuild();
                            flash_message($lang->restfulapi_key_deleted_successfully, "success");
                        } else {
                            flash_message($lang->restfulapi_key_not_found, "error");
                        }
                        admin_redirect("index.php?module=config-restfulapi&amp;action=manage-keys");
                    } elseif ($do == "regenerate" && isset($mybb->input["key_id"]) && isset($mybb->input["my_post_key"]) && verify_post_check($mybb->input["my_post_key"])) {
                        $key_id = $db->escape_string($mybb->input["key_id"]);
                        if ($db->simple_select("apikeys", "*", "id='{$key_id}'")->num_rows == 1) {
                            $apikey = restfulapi_generate_key();
                            /* can't figure out a better way to generate a random yet never-generated-before API key than this one */
                            while ($db->simple_select("apikeys", "*", "apikey='{$apikey}'")->num_rows != 0) {
                                $apikey = restfulapi_generate_key();
                            }
                            $update = array("apikey" => $db->escape_string(htmlspecialchars_uni($apikey)));
                            $db->update_query("apikeys", $update, "id='{$key_id}'");
                            restfulapi_cache_rebuild();
                            flash_message($lang->restfulapi_key_regenerated_successfully, "success");
                        } else {
                            flash_message($lang->restfulapi_key_not_found, "error");
                        }
                        admin_redirect("index.php?module=config-restfulapi&amp;action=manage-keys");
                    }
                } else {
                    $restfulapi_cache = $cache->read("restfulapi");
                    $apikeysets = $restfulapi_cache["keys"];
                    $table = new Table();
                    $table->construct_header($lang->restfulapi_customer, array("width" => "15%"));
                    $table->construct_header($lang->restfulapi_api_key, array("class" => "align_center", "width" => "29%"));
                    $table->construct_header($lang->restfulapi_comment, array("class" => "align_center", "width" => "30%"));
                    $table->construct_header($lang->restfulapi_usage, array("class" => "align_center", "width" => "5%"));
                    $table->construct_header($lang->restfulapi_controls, array("class" => "align_center", "width" => "21%", "colspan" => 3));
                    if (count($apikeysets) == 0) {
                        $table->construct_cell($lang->sprintf($lang->restfulapi_no_api_key, '<a href="index.php?module=config-restfulapi&action=add-key">', '</a>'), array("class" => "first", "colspan" => 5));
                        $table->construct_row();
                    } else {
                        // TODO : pagination maybe ?
                        foreach ($apikeysets as $key => $keyset) {
                            $table->construct_cell("<b>" . htmlspecialchars_uni($keyset['apicustomer']) . "</b>");
                            $table->construct_cell(htmlspecialchars_uni($keyset['apikey']));
                            $table->construct_cell(htmlspecialchars_uni($keyset['apicomment']));
                            $table->construct_cell(htmlspecialchars_uni($keyset['access']), array("class" => "align_center"));
                            $table->construct_cell("<a href=\"index.php?module=config-restfulapi&amp;action=manage-keys&amp;do=regenerate&amp;key_id={$keyset['id']}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->restfulapi_regenerate_api_key_confirmation}')\">{$lang->restfulapi_regenerate_api_key}</a>", array("class" => "align_center", "width" => "9%"));
                            $table->construct_cell("<a href=\"index.php?module=config-restfulapi&amp;action=manage-keys&amp;do=edit&amp;key_id={$keyset['id']}\">{$lang->restfulapi_edit}</a>", array("class" => "align_center", "width" => "6%"));
                            $table->construct_cell("<a href=\"index.php?module=config-restfulapi&amp;action=manage-keys&amp;do=delete&amp;key_id={$keyset['id']}&my_post_key={$mybb->post_code}\" onclick=\"return AdminCP.deleteConfirmation(this, '{$lang->restfulapi_delete_confirm}')\">{$lang->restfulapi_delete}</a>", array("class" => "align_center", "width" => "6%"));
                            $table->construct_row();
                        }
                    }
                    $table->output($lang->restfulapi_manage_api_keys);
                }
                break;
            case "add-key":
                if ($mybb->request_method == "post" && isset($mybb->input["apicustomer"]) && is_string($mybb->input["apicustomer"]) && isset($mybb->input["apicomment"]) && is_string($mybb->input["apicomment"]) && isset($mybb->input["maxreq"]) && is_numeric($mybb->input["maxreq"]) && isset($mybb->input["maxreqrate"]) && in_array($mybb->input["maxreqrate"], array("m", "w", "d", "h"))) {
                    $apikey = restfulapi_generate_key();
                    /* can't figure out a better way to generate a random yet never-generated-before API key than this one */
                    while ($db->simple_select("apikeys", "*", "apikey='{$db->escape_string($apikey)}'")->num_rows != 0) {
                        $apikey = restfulapi_generate_key();
                    }
                    $insert = array("apicustomer" => $db->escape_string(htmlspecialchars_uni($mybb->input["apicustomer"])), "apicomment" => $db->escape_string(htmlspecialchars_uni($mybb->input["apicomment"])), "access" => 0, "maxreq" => (int) $mybb->input["maxreq"], "maxreqrate" => $db->escape_string(htmlspecialchars_uni($mybb->input["maxreqrate"])), "apikey" => $db->escape_string(htmlspecialchars_uni($apikey)));
                    $apikeyid = $db->insert_query("apikeys", $insert);
                    if (isset($mybb->input["apinames"]) && is_array($mybb->input["apinames"])) {
                        $insert_allowed = array();
                        foreach ($mybb->input["apinames"] as $apiname) {
                            $insert_allowed[] = array("apikey" => $db->escape_string($apikeyid), "apiname" => $db->escape_string($apiname));
                        }
                        $db->insert_query_multiple("apipermissions", $insert_allowed);
                    }
                    restfulapi_cache_rebuild();
                    flash_message($lang->sprintf($lang->restfulapi_generated_successfully, $apikey, $mybb->input["apicustomer"]), 'success');
                    admin_redirect("index.php?module=config-restfulapi&amp;action=manage-keys");
                } else {
                    $form = new Form("index.php?module=config-" . RESTFULAPI_URL . "&amp;action=add-key", "post", "add");
                    $form_container = new FormContainer($lang->restfulapi_add_api_key);
                    $form_container->output_row($lang->restfulapi_customer_name . " <em>*</em>", $lang->restfulapi_customer_name_description, $form->generate_text_box('apicustomer', '', array('id' => 'apicustomer')), 'apicustomer');
                    $rate_types = array("h" => $lang->restfulapi_per_hour, "d" => $lang->restfulapi_per_day, "w" => $lang->restfulapi_per_week, "m" => $lang->restfulapi_per_month);
                    $form_container->output_row($lang->restfulapi_max_requests . " <em>*</em>", $lang->restfulapi_max_requests_description, $form->generate_text_box('maxreq', '0', array('id' => 'maxreq')) . " " . $form->generate_select_box('maxreqrate', $rate_types, "m", array('id' => 'maxreqrate')), 'maxreq');
                    $form_container->output_row($lang->restfulapi_comment, $lang->restfulapi_comment_description, $form->generate_text_area('apicomment', '', array('id' => 'apicomment')), 'apicomment');
                    $apis = glob(RESTFULAPI_PATH . "api/*api.class.php");
                    $presentable_apis = array();
                    foreach ($apis as $key => $value) {
                        $value = htmlspecialchars_uni(str_replace(array(RESTFULAPI_PATH . "api/", "api.class.php"), "", $value));
                        $presentable_apis[$value] = $value;
                    }
                    $form_container->output_row($lang->restfulapi_select_allowed_apis . " <em>*</em>", $lang->restfulapi_select_allowed_apis_description, $form->generate_select_box('apinames[]', $presentable_apis, array_keys($presentable_apis), array('id' => 'apinames', 'multiple' => true, 'size' => 10)), 'apinames');
                    $form_container->end();
                    $buttons[] = $form->generate_submit_button($lang->restfulapi_generate_api_key);
                    $form->output_submit_wrapper($buttons);
                    $form->end();
                }
                break;
            default:
                $apilist = $cache->read("restfulapilist");
                // routine to install newly detected APIs, and activate them if needed
                restfulapi_apilist_activate();
                if ($mybb->request_method == "post") {
                    // we delete all the previously-deactivated options
                    $db->delete_query("apisettings", "apiaction='deactivate'");
                    $inserts = array();
                    foreach ($mybb->input as $key => $input) {
                        if (substr($key, 0, 7) == "option_" && $input == "1") {
                            // replace first occurrence of 'option_' with '' in case the option name is 'option_', so that 'option_option_' won't be all replaced into an empty string
                            // yeah I know, probably would never happen but we never know
                            $option = preg_replace('/option\\_/', '', $key, 1);
                            restfulapi_api_activate($option);
                        } elseif (substr($key, 0, 7) == "option_" && $input == "0") {
                            $option = preg_replace('/option\\_/', '', $key, 1);
                            restfulapi_api_deactivate($option);
                        }
                    }
                    flash_message($lang->restfulapi_saved_config, "success");
                    admin_redirect("index.php?module=config-restfulapi");
                } else {
                    $result = $db->simple_select("apisettings", "*", "apiaction='deactivate'");
                    $deactivatedapis = array();
                    while ($apiarray = $db->fetch_array($result)) {
                        $deactivatedapis[] = $apiarray["apivalue"];
                    }
                    if (count($apilist) == 0) {
                        echo '<div class="notice">' . $lang->sprintf($lang->restfulapi_no_api, '<a href="index.php?module=config-restfulapi&action=add-key">', '</a>') . '</div>';
                    } else {
                        $form = new Form("index.php?module=config-" . RESTFULAPI_URL, "post", "config");
                        $form_container = new FormContainer($lang->restfulapi_config);
                        $table = new Table();
                        foreach ($apilist as $api => $info_array) {
                            require_once RESTFULAPI_PATH . "api/" . $api . "api.class.php";
                            $api = htmlspecialchars_uni($api);
                            $apiclass = $api . "api";
                            $api_instance = new $apiclass();
                            $info_array = $api_instance->info();
                            $name = isset($info_array["name"]) && is_string($info_array["name"]) ? htmlspecialchars_uni($info_array["name"]) . " : " . $api : $api;
                            $description = isset($info_array["description"]) && is_string($info_array["description"]) ? htmlspecialchars_uni($info_array["description"]) : $lang->restfulapi_config_on_off_description;
                            $setting_code = $form->generate_on_off_radio("option_" . $api, in_array($api, $deactivatedapis) ? 0 : 1, true, array('id' => $api . '_yes'), array('id' => $api . '_no'));
                            $form_container->output_row($name, $description, $setting_code, '', array(), array('id' => 'row_' . $api));
                        }
                        $form_container->end();
                        $buttons[] = $form->generate_submit_button($lang->restfulapi_save_config);
                        $form->output_submit_wrapper($buttons);
                        $form->end();
                    }
                }
                break;
        }
        $page->output_footer();
    }
}
Esempio n. 16
0
function user_search_conditions($input = array(), &$form)
{
    global $mybb, $db, $lang;
    if (!$input) {
        $input = $mybb->input;
    }
    if (!is_array($input['conditions'])) {
        $input['conditions'] = unserialize($input['conditions']);
    }
    if (!is_array($input['fields'])) {
        $input['fields'] = unserialize($input['fields']);
    }
    $form_container = new FormContainer($lang->find_users_where);
    $form_container->output_row($lang->username_contains, "", $form->generate_text_box('conditions[username]', $input['conditions']['username'], array('id' => 'username')), 'username');
    $form_container->output_row($lang->email_address_contains, "", $form->generate_text_box('conditions[email]', $input['conditions']['email'], array('id' => 'email')), 'email');
    $query = $db->simple_select("usergroups", "gid, title", "gid != '1'", array('order_by' => 'title'));
    while ($usergroup = $db->fetch_array($query)) {
        $options[$usergroup['gid']] = $usergroup['title'];
    }
    $form_container->output_row($lang->is_member_of_groups, $lang->additional_user_groups_desc, $form->generate_select_box('conditions[usergroup][]', $options, $input['conditions']['usergroup'], array('id' => 'usergroups', 'multiple' => true, 'size' => 5)), 'usergroups');
    $form_container->output_row($lang->website_contains, "", $form->generate_text_box('conditions[website]', $input['conditions']['website'], array('id' => 'website')), 'website');
    $form_container->output_row($lang->icq_number_contains, "", $form->generate_text_box('conditions[icq]', $input['conditions']['icq'], array('id' => 'icq')), 'icq');
    $form_container->output_row($lang->aim_handle_contains, "", $form->generate_text_box('conditions[aim]', $input['conditions']['aim'], array('id' => 'aim')), 'aim');
    $form_container->output_row($lang->yahoo_contains, "", $form->generate_text_box('conditions[yahoo]', $input['conditions']['yahoo'], array('id' => 'yahoo')), 'yahoo');
    $form_container->output_row($lang->msn_contains, "", $form->generate_text_box('conditions[msn]', $input['conditions']['msn'], array('id' => 'msn')), 'msn');
    $form_container->output_row($lang->signature_contains, "", $form->generate_text_box('conditions[signature]', $input['conditions']['signature'], array('id' => 'signature')), 'signature');
    $form_container->output_row($lang->user_title_contains, "", $form->generate_text_box('conditions[usertitle]', $input['conditions']['usertitle'], array('id' => 'usertitle')), 'usertitle');
    $greater_options = array("greater_than" => $lang->greater_than, "is_exactly" => $lang->is_exactly, "less_than" => $lang->less_than);
    $form_container->output_row($lang->post_count_is, "", $form->generate_select_box('conditions[postnum_dir]', $greater_options, $input['conditions']['postnum_dir'], array('id' => 'numposts_dir')) . " " . $form->generate_text_box('conditions[postnum]', $input['conditions']['postnum'], array('id' => 'numposts')), 'numposts');
    $form_container->output_row($lang->reg_ip_matches, $lang->wildcard, $form->generate_text_box('conditions[regip]', $input['conditions']['regip'], array('id' => 'regip')), 'regip');
    $form_container->output_row($lang->last_known_ip, $lang->wildcard, $form->generate_text_box('conditions[lastip]', $input['conditions']['lastip'], array('id' => 'lastip')), 'lastip');
    $form_container->output_row($lang->posted_with_ip, $lang->wildcard, $form->generate_text_box('conditions[postip]', $input['conditions']['postip'], array('id' => 'postip')), 'postip');
    $form_container->end();
    // Custom profile fields go here
}
Esempio n. 17
0
    if ($count == 0) {
        $table->output_cell($lang->bam_manage_null);
        // no announcements found
        $table->output_cell("");
        $table->output_cell("");
        $table->output_row("");
    } else {
        $i = 0;
        while ($i <= $count) {
            if (isset($data[$i]['PID']) && $data[$i]['PID'] != null) {
                $table->output_cell($data[$i]['announcement']);
                $table->output_cell($data[$i]['class']);
                $table->output_cell("<center><input type='text' name=\"disporder[" . $data[$i]['PID'] . "]\" value='" . $data[$i]['disporder'] . "' /></center>");
                $table->output_cell("<center><a href='index.php?module=config-bam&action=edit&id=" . $data[$i]['PID'] . "'>" . $lang->bam_manage_edit . "</a></center>");
                $table->output_cell("<center><a href='index.php?module=config-bam&action=delete&id=" . $data[$i]['PID'] . "&my_post_key=" . $mybb->post_code . "' onclick=' return confirm(\"" . $lang->bam_manage_delete_confirm . "\");'>" . $lang->bam_manage_delete . "</a></center>");
                if ($data[$i]['pinned'] == 1) {
                    $table->output_cell("<center><a href='index.php?module=config-bam&action=unpin&id=" . $data[$i]['PID'] . "&my_post_key=" . $mybb->post_code . "'>" . $lang->bam_manage_unpin . "</a></center>");
                } else {
                    $table->output_cell("<center><a href='index.php?module=config-bam&action=pin&id=" . $data[$i]['PID'] . "&my_post_key=" . $mybb->post_code . "'>" . $lang->bam_manage_pin . "</a></center>");
                }
                $table->construct_row();
            }
            $i++;
        }
    }
    $table->end();
    $buttons = array();
    $buttons[] = $form_t->generate_submit_button($lang->bam_manage_order_submit);
    $form_t->output_submit_wrapper($buttons);
    $page->output_footer($lang->bam_title_acronym);
}
Esempio n. 18
0
    function xthreads_admin_forumedit_run()
    {
        global $lang, $form, $forum_data, $form_container;
        if (!$lang->xthreads_tplprefix) {
            $lang->load('xthreads');
        }
        $form_container = new FormContainer($lang->xthreads_opts);
        if (isset($forum_data['xthreads_tplprefix'])) {
            // editing (or adding with submitted errors)
            $data =& $forum_data;
            /*
            // additional filter enable needs to be split up
            if(!isset($data['xthreads_afe_uid']) && isset($data['xthreads_addfiltenable'])) {
            	foreach(explode(',', $data['xthreads_addfiltenable']) as $afe)
            		$data['xthreads_afe_'.$afe] = 1;
            }
            */
        } else {
            // adding
            $data = array('xthreads_tplprefix' => '', 'xthreads_langprefix' => '', 'xthreads_grouping' => 0, 'xthreads_firstpostattop' => 0, 'xthreads_inlinesearch' => 0, 'xthreads_fdcolspan_offset' => 0, 'xthreads_settingoverrides' => '', 'xthreads_postsperpage' => 0, 'xthreads_hideforum' => 0, 'xthreads_hidebreadcrumb' => 0, 'xthreads_defaultfilter' => '', 'xthreads_allow_blankmsg' => 0, 'xthreads_nostatcount' => 0, 'xthreads_wol_announcements' => '', 'xthreads_wol_forumdisplay' => '', 'xthreads_wol_newthread' => '', 'xthreads_wol_attachment' => '', 'xthreads_wol_newreply' => '', 'xthreads_wol_showthread' => '');
        }
        $inputs = array('tplprefix' => 'text_area_2', 'langprefix' => 'text_area_2', 'grouping' => 'text_box', 'firstpostattop' => 'yes_no_radio', 'inlinesearch' => 'yes_no_radio', 'fdcolspan_offset' => 'text_box', 'settingoverrides' => 'text_area', 'postsperpage' => 'text_box', 'hideforum' => 'yes_no_radio', 'hidebreadcrumb' => 'yes_no_radio', 'allow_blankmsg' => 'yes_no_radio', 'nostatcount' => 'yes_no_radio', 'defaultfilter' => 'text_area');
        foreach ($inputs as $name => $type) {
            $name = 'xthreads_' . $name;
            $description = xthreads_admin_forumedit_get_description($name);
            //$formfunc = 'generate_'.$type;
            if (is_array($type)) {
                foreach ($type as &$t) {
                    $ln = $name . '_' . $t;
                    $t = $lang->{$ln};
                }
                $html = $form->generate_select_box($name, $type, $data[$name], array('id' => $name));
            } elseif ($type == 'text_box') {
                $html = $form->generate_text_box($name, $data[$name], array('id' => $name));
            } elseif ($type == 'text_area_2') {
                // do a 2 row textarea
                $html = $form->generate_text_area($name, $data[$name], array('id' => $name, 'rows' => 2, 'style' => 'font-family: monospace'));
            } elseif ($type == 'text_area') {
                $html = $form->generate_text_area($name, $data[$name], array('id' => $name, 'style' => 'font-family: monospace'));
            } elseif ($type == 'yes_no_radio') {
                $html = $form->generate_yes_no_radio($name, $data[$name] ? '1' : '0', true);
            }
            //elseif($type == 'check_box')
            //	$html = $form->generate_check_box($name, 1, $);
            $form_container->output_row($lang->{$name}, $description, $html, $name);
        }
        /*
        $afefields = array(
        	'uid',
        	'lastposteruid',
        	'prefix',
        	'icon',
        );
        $afehtml = '';
        foreach($afefields as &$field) {
        	if(!$GLOBALS['db']->field_exists($field, 'threads')) continue;
        	$afe = 'xthreads_afe_'.$field;
        	$afehtml .= '<tr><td width="15%" style="border: 0; padding: 1px; vertical-align: top; white-space: nowrap;">'.$form->generate_check_box($afe, 1, $field, array('checked' => $data[$afe])).'</td><td style="border: 0; padding: 1px; vertical-align: top;">&nbsp;('.$lang->$afe.')</td></tr>';
        }
        $form_container->output_row($lang->xthreads_addfiltenable, xthreads_admin_forumedit_get_description('xthreads_addfiltenable'), '<table style="border: 0; margin-left: 2em;" cellspacing="0" cellpadding="0">'.$afehtml.'</table>');
        */
        $wolfields = array(array('xthreads_wol_announcements', 'xthreads_wol_attachment'), array('xthreads_wol_forumdisplay', 'xthreads_wol_newthread'), array('xthreads_wol_showthread', 'xthreads_wol_newreply'));
        $wolhtml = '';
        foreach ($wolfields as &$r) {
            $wolhtml .= '<tr>';
            foreach ($r as &$w) {
                $wolhtml .= '<td width="15%" style="border: 0; padding: 1px 5px 1px 15px;"><label for="' . $w . '" style="white-space: nowrap;">' . $lang->{$w} . ':</label></td><td style="border: 0; padding: 1px;">' . $form->generate_text_box($w, $data[$w], array('id' => $w, 'style' => 'margin-top: 0; width: 250px;')) . '</td>';
            }
            $wolhtml .= '</tr>';
        }
        $form_container->output_row($lang->xthreads_cust_wolstr, xthreads_admin_forumedit_get_description('xthreads_cust_wolstr'), '<table style="border: 0;" cellspacing="0" cellpadding="0">' . $wolhtml . '</table>', '', array('id' => 'xthreads_wol" style="margin: 10px 15px 10px 0px'));
        $form_container->end();
        xthreads_admin_common_ofe('xthreads_defaultfilter');
        ?>
<script type="text/javascript">
<!--
var ofEditorSO = new xtOFEditor();
ofEditorSO.src = document.getElementById('xthreads_settingoverrides');
ofEditorSO.loadFunc = function(s) {
	var a = s.replace(/\r/g, "").replace(/\{\n\}/g, "\r").split("\n");
	var data = [];
	for(var i=0; i<a.length; i++) {
		a[i] = a[i].replace(/\r/g, "\n");
		var p = a[i].indexOf("=");
		if(p < 0) continue;
		data.push([ a[i].substring(0, p), a[i].substring(p+1) ]);
	}
	return data;
};
ofEditorSO.saveFunc = function(a) {
	var ret = "";
	for(var i=0; i<a.length; i++) {
		if(a[i][0]) ret += a[i].join("=").replace(/\n/g, "{\n}") + "\n";
	}
	return ret;
};
ofEditorSO.fields = [
	{title: "<?php 
        echo $lang->xthreads_js_settingoverrides_setting;
        ?>
", width: '45%', elemFunc: function(c) {
		var o = appendNewChild(c, "select");
		o.size = 1;
		o.style.width = '100%';
		o.innerHTML = '<option value=""></option><?php 
        global $db;
        // cache settings
        $qorder = array('order_by' => 'disporder', 'order_dir' => 'asc');
        $query = $db->simple_select('settings', 'name,title,gid', '', $qorder);
        $setting_cache = array();
        while ($stng = $db->fetch_array($query)) {
            $setting_cache[$stng['gid']][$stng['name']] = $stng['title'];
        }
        $db->free_result($query);
        $query = $db->simple_select('settinggroups', 'gid,name,title', '', $qorder);
        while ($settinggroup = $db->fetch_array($query)) {
            $stngs =& $setting_cache[$settinggroup['gid']];
            if (!empty($stngs)) {
                $lang_group = 'setting_group_' . $settinggroup['name'];
                if ($lang->{$lang_group}) {
                    $settinggroup['title'] = $lang->{$lang_group};
                }
                echo '<optgroup label="' . strtr(htmlspecialchars_uni($settinggroup['title']), array('\\' => '\\\\', '\'' => '\\\'')) . '">';
                foreach ($stngs as $name => &$title) {
                    $lang_setting = 'setting_' . $name;
                    if ($lang->{$lang_setting}) {
                        $title = $lang->{$lang_setting};
                    }
                    echo '<option value="' . htmlspecialchars_uni($name) . '">' . strtr(htmlspecialchars_uni($title), array('\\' => '\\\\', '\'' => '\\\'')) . '</option>';
                }
                echo '</optgroup>';
            }
        }
        $db->free_result($query);
        unset($setting_cache);
        ?>
';
		return o;
	}},
	{title: "<?php 
        echo $lang->xthreads_js_settingoverrides_value;
        ?>
", width: '55%', elemFunc: ofEditorSO.textAreaFunc}
];

ofEditorSO.copyStyles=true;
ofEditorSO.init();
//-->
</script>
<?php 
    }
Esempio n. 19
0
function threadfields_add_edit_handler(&$tf, $update)
{
    global $mybb, $page, $lang, $db, $plugins, $sub_tabs;
    global $form;
    if ($update) {
        $title = $lang->edit_threadfield;
    } else {
        $title = $lang->add_threadfield;
    }
    $props = xthreads_threadfields_props();
    if ($mybb->request_method == 'post') {
        foreach ($props as $field => &$prop) {
            if ($field == 'field') {
                $field = 'newfield';
            }
            // cause you can't "continue" in a switch statement, lol...
            if ($field == 'forums' || $field == 'editable_gids' || $field == 'viewable_gids' || $field == 'filemaxsize' || $field == 'multival') {
                continue;
            }
            if ($prop['datatype'] == 'string') {
                $mybb->input[$field] = trim($mybb->input[$field]);
            } else {
                $mybb->input[$field] = (int) $mybb->input[$field];
            }
        }
        $mybb->input['textmask'] = str_replace("", '', $mybb->input['textmask']);
        $mybb->input['filemaxsize'] = xthreads_size_to_bytes($mybb->input['filemaxsize']);
        $mybb->input['fileimage_mindim'] = strtolower(trim($mybb->input['fileimage_mindim']));
        $mybb->input['fileimage_maxdim'] = strtolower(trim($mybb->input['fileimage_maxdim']));
        if (!xthreads_empty($mybb->input['formatmap'])) {
            $fm = array();
            $fms = str_replace("{\n}", "\r", str_replace("\r", '', $mybb->input['formatmap']));
            foreach (explode("\n", $fms) as $map) {
                $map = str_replace("\r", "\n", $map);
                $p = strpos($map, '{|}');
                if (!$p) {
                    continue;
                }
                // can't be zero index either - blank display format used for that
                $fmkey = substr($map, 0, $p);
                if (isset($fm[$fmkey])) {
                    $errors[] = $lang->sprintf($lang->error_dup_formatmap, htmlspecialchars_uni($fmkey));
                    unset($fm);
                    break;
                }
                $fm[$fmkey] = substr($map, $p + 3);
            }
            if (isset($fm)) {
                $mybb->input['formatmap'] = serialize($fm);
            }
        }
        if (is_array($mybb->input['forums'])) {
            $mybb->input['forums'] = implode(',', array_unique(array_map('intval', array_map('trim', $mybb->input['forums']))));
            if (empty($mybb->input['forums'])) {
                $mybb->input['forums'] = '';
            }
        } else {
            $mybb->input['forums'] = trim($mybb->input['forums']);
            if ($mybb->input['forums']) {
                $mybb->input['forums'] = implode(',', array_unique(array_map('intval', array_map('trim', explode(',', $mybb->input['forums'])))));
            }
            if (!$mybb->input['forums']) {
                $mybb->input['forums'] = '';
            }
        }
        if ($mybb->input['editable'] == '99') {
            if (is_array($mybb->input['editable_gids'])) {
                $mybb->input['editable_gids'] = implode(',', array_unique(array_map('intval', array_map('trim', $mybb->input['editable_gids']))));
                if (empty($mybb->input['editable_gids'])) {
                    $mybb->input['editable_gids'] = '';
                }
            } else {
                $mybb->input['editable_gids'] = trim($mybb->input['editable_gids']);
                if ($mybb->input['editable_gids']) {
                    $mybb->input['editable_gids'] = implode(',', array_unique(array_map('intval', array_map('trim', explode(',', $mybb->input['editable_gids'])))));
                }
                if (!$mybb->input['editable_gids']) {
                    $mybb->input['editable_gids'] = '';
                }
            }
            if ($mybb->input['editable_gids']) {
                $mybb->input['editable'] = 0;
            } else {
                $mybb->input['editable'] = XTHREADS_EDITABLE_NONE;
            }
            // no group ids selected
        } else {
            $mybb->input['editable'] = min_max((int) $mybb->input['editable'], XTHREADS_EDITABLE_ALL, XTHREADS_EDITABLE_NONE);
            $mybb->input['editable_gids'] = '';
        }
        $mybb->input['hidefield'] = 0;
        foreach (array('input' => XTHREADS_HIDE_INPUT, 'thread' => XTHREADS_HIDE_THREAD) as $k => $v) {
            if ($mybb->input['hidefield_' . $k]) {
                $mybb->input['hidefield'] |= $v;
            }
        }
        if (!xthreads_empty($mybb->input['editable_values'])) {
            $ev = array();
            $evs = str_replace("{\n}", "\r", str_replace("\r", '', $mybb->input['editable_values']));
            foreach (explode("\n", $evs) as $editable_value) {
                $editable_value = str_replace("\r", "\n", $editable_value);
                $p = strpos($editable_value, '{|}');
                if ($p === false) {
                    continue;
                }
                $evkey = substr($editable_value, 0, $p);
                if (isset($ev[$evkey])) {
                    $errors[] = $lang->sprintf($lang->error_dup_editable_value, htmlspecialchars_uni($evkey));
                    unset($ev);
                    break;
                }
                $ev[$evkey] = array_unique(array_map('intval', explode(',', substr($editable_value, $p + 3))));
                // remove '0' element
                if (($zerorm = array_search(0, $ev[$evkey])) !== false) {
                    unset($ev[$evkey][$zerorm]);
                }
            }
            if (isset($ev)) {
                $mybb->input['editable_values'] = serialize($ev);
            }
        }
        if (is_array($mybb->input['viewable_gids'])) {
            $mybb->input['viewable_gids'] = implode(',', array_unique(array_map('intval', array_map('trim', $mybb->input['viewable_gids']))));
            if (empty($mybb->input['viewable_gids'])) {
                $mybb->input['viewable_gids'] = '';
            }
        } else {
            $mybb->input['viewable_gids'] = trim($mybb->input['viewable_gids']);
            if ($mybb->input['viewable_gids']) {
                $mybb->input['viewable_gids'] = implode(',', array_unique(array_map('intval', array_map('trim', explode(',', $mybb->input['viewable_gids'])))));
            }
            if (!$mybb->input['viewable_gids']) {
                $mybb->input['viewable_gids'] = '';
            }
        }
        $mybb->input['sanitize'] = min_max((int) $mybb->input['sanitize'], XTHREADS_SANITIZE_HTML, XTHREADS_SANITIZE_NONE);
        //if($mybb->input['sanitize'] == XTHREADS_SANITIZE_PARSER) {
        $parser_opts = array('parser_nl2br' => XTHREADS_SANITIZE_PARSER_NL2BR, 'parser_nobadw' => XTHREADS_SANITIZE_PARSER_NOBADW, 'parser_html' => XTHREADS_SANITIZE_PARSER_HTML, 'parser_mycode' => XTHREADS_SANITIZE_PARSER_MYCODE, 'parser_mycodeimg' => XTHREADS_SANITIZE_PARSER_MYCODEIMG, 'parser_mycodevid' => XTHREADS_SANITIZE_PARSER_VIDEOCODE, 'parser_smilies' => XTHREADS_SANITIZE_PARSER_SMILIES);
        foreach ($parser_opts as $opt => $n) {
            if ($mybb->input[$opt]) {
                $mybb->input['sanitize'] |= $n;
            }
        }
        //}
        $mybb->input['inputtype'] = min_max((int) $mybb->input['inputtype'], XTHREADS_INPUT_TEXT, XTHREADS_INPUT_FILE_URL);
        if (xthreads_empty($mybb->input['title'])) {
            $errors[] = $lang->error_missing_title;
        }
        if (xthreads_empty($mybb->input['newfield'])) {
            $errors[] = $lang->error_missing_field;
        }
        if (!xthreads_empty($mybb->input['textmask'])) {
            // test for bad regex
            xthreads_catch_errorhandler();
            @preg_match('~' . str_replace('~', '\\~', $mybb->input['textmask']) . '~si', 'testvalue');
            restore_error_handler();
            if (!empty($GLOBALS['_previous_error'])) {
                $errmsg =& $GLOBALS['_previous_error'][1];
                if (substr($errmsg, 0, 12) == 'preg_match()') {
                    $p = strpos($errmsg, ':', 12);
                    if ($p) {
                        $errmsg = trim(substr($errmsg, $p + 1));
                    } else {
                        $errmsg = trim(substr($errmsg, 12));
                    }
                    $errors[] = $lang->sprintf($lang->error_bad_textmask, $errmsg);
                }
            }
        }
        switch ($mybb->input['inputtype']) {
            case XTHREADS_INPUT_SELECT:
            case XTHREADS_INPUT_RADIO:
            case XTHREADS_INPUT_CHECKBOX:
                $mybb->input['sanitize'] = $mybb->input['inputtype'] == XTHREADS_INPUT_SELECT ? XTHREADS_SANITIZE_HTML : XTHREADS_SANITIZE_NONE;
                $mybb->input['textmask'] = '';
                // must have value defined
                if (xthreads_empty($mybb->input['vallist'])) {
                    $errors[] = $lang->error_require_valllist;
                }
                break;
            case XTHREADS_INPUT_TEXTAREA:
            case XTHREADS_INPUT_FILE:
            case XTHREADS_INPUT_FILE_URL:
                $mybb->input['allowfilter'] = 0;
                $mybb->input['vallist'] = '';
                break;
            case XTHREADS_INPUT_TEXT:
                $mybb->input['vallist'] = '';
        }
        if ($mybb->input['multival_enable'] || $mybb->input['inputtype'] == XTHREADS_INPUT_CHECKBOX) {
            if (xthreads_empty($mybb->input['multival'])) {
                $errors[] = $lang->error_require_multival_delimiter;
            }
            // force textual datatype
            if ($mybb->input['datatype'] !== XTHREADS_DATATYPE_TEXT) {
                $mybb->input['datatype'] = XTHREADS_DATATYPE_TEXT;
            }
        } else {
            $mybb->input['multival'] = '';
        }
        if ($mybb->input['use_formhtml']) {
            if (xthreads_empty($mybb->input['formhtml'])) {
                $errors[] = $lang->error_require_formhtml;
            }
        } else {
            $mybb->input['formhtml'] = '';
        }
        if ($mybb->input['datatype'] !== XTHREADS_DATATYPE_TEXT) {
            // verify value list if applicable
            /* if($mybb->input['inputtype'] == XTHREADS_INPUT_SELECT || $mybb->input['inputtype'] == XTHREADS_INPUT_RADIO) {
            				// maybe we won't do this...
            			} */
            $mybb->input['datatype'] = min_max($mybb->input['datatype'], XTHREADS_DATATYPE_TEXT, XTHREADS_DATATYPE_FLOAT);
        }
        $mybb->input['fileimage'] = '';
        if ($mybb->input['filereqimg']) {
            if ($mybb->input['fileimage_mindim'] && !preg_match('~^[0-9]+x[0-9]+$~', $mybb->input['fileimage_mindim'])) {
                $errors[] = $lang->error_invalid_min_dims;
            }
            if ($mybb->input['fileimage_maxdim'] && !preg_match('~^[0-9]+x[0-9]+$~', $mybb->input['fileimage_maxdim'])) {
                $errors[] = $lang->error_invalid_max_dims;
            }
            if ($mybb->input['fileimage_mindim']) {
                $mybb->input['fileimage'] = $mybb->input['fileimage_mindim'];
            } else {
                $mybb->input['fileimage'] = '0x0';
            }
            if ($mybb->input['fileimage_maxdim']) {
                $mybb->input['fileimage'] .= '|' . $mybb->input['fileimage_maxdim'];
            }
        }
        //if($mybb->input['fileimgthumbs']) {
        // TODO: verify format
        //if(!preg_match('~^[0-9]+x[0-9]+(\\|[0-9]+x[0-9]+)*$~', $mybb->input['fileimgthumbs']))
        //	$errors[] = $lang->error_invalid_thumb_dims;
        //}
        if ($update) {
            // check that sent field name is valid
            // and whilst we're here, check for bad conversions (eg file -> textbox)
            $oldfield = $db->fetch_array($db->simple_select('threadfields', '*', 'field="' . $db->escape_string($mybb->input['field']) . '"'));
            if (empty($oldfield)) {
                $errors[] = $lang->error_bad_old_field;
            } else {
                switch ($oldfield['inputtype']) {
                    case XTHREADS_INPUT_FILE:
                    case XTHREADS_INPUT_FILE_URL:
                        if ($oldfield['inputtype'] != $mybb->input['inputtype']) {
                            $errors['error_invalid_inputtype'] = $lang->error_invalid_inputtype;
                        }
                        break;
                    default:
                        if ($mybb->input['inputtype'] == XTHREADS_INPUT_FILE || $mybb->input['inputtype'] == XTHREADS_INPUT_FILE_URL) {
                            $errors['error_invalid_inputtype'] = $lang->error_invalid_inputtype;
                        }
                }
            }
        }
        if (!xthreads_empty($mybb->input['newfield'])) {
            if ($mybb->input['newfield'] == 'tid') {
                $errors[] = $lang->error_field_name_tid;
            } elseif (strlen($mybb->input['newfield']) > 50) {
                $errors[] = $lang->error_field_name_too_long;
            } elseif (!preg_match('~^[a-zA-Z0-9_]+$~', $mybb->input['newfield'])) {
                $errors[] = $lang->error_field_name_invalid;
            } elseif (isset($mybb->input['newfield'][2]) && $mybb->input['newfield'][0] == '_' && $mybb->input['newfield'][1] == '_') {
                // don't allow fields starting with "__" (reserved for special use)
                // in hindsight, special uses (eg filters) really should've used something like '~' so we don't need to do this, but it's too late now
                $errors[] = $lang->error_field_name_reserved;
            } elseif (!$update || $mybb->input['field'] != $mybb->input['newfield']) {
                $ftest = $db->fetch_field($db->simple_select('threadfields', 'field', 'field="' . $db->escape_string($mybb->input['newfield']) . '"'), 'field');
                if (!xthreads_empty($ftest)) {
                    $errors[] = $lang->error_field_name_in_use;
                }
            }
        }
        // check for syntax errors in conditionals
        // this is a bit tricky because we need the cache function to build the conditional for checking
        if ($update) {
            $test_tf = array_merge($oldfield, $mybb->input);
        } else {
            $test_tf = $mybb->input;
        }
        xthreads_buildtfcache_parseitem($test_tf);
        // test for bad conditional syntax
        foreach (array('defaultval', 'blankval', 'inputformat', 'inputvalidate', 'dispformat', 'dispitemformat', 'unviewableval', 'formhtml', 'formhtml_item') as $condcheck) {
            if ($test_tf[$condcheck] && !xthreads_check_evalstr($test_tf[$condcheck])) {
                if ($condcheck == 'formhtml_item') {
                    $condcheck = 'formhtml';
                }
                $tflangkey = 'threadfields_' . $condcheck;
                $errors[] = $lang->sprintf($lang->error_bad_conditional, $lang->{$tflangkey});
            }
        }
        if (!xthreads_empty($test_tf['formatmap'])) {
            foreach ($test_tf['formatmap'] as &$fm) {
                if ($fm && !xthreads_check_evalstr($fm)) {
                    $errors[] = $lang->sprintf($lang->error_bad_conditional, $lang->threadfields_formatmap);
                    break;
                }
            }
        }
        if (!xthreads_empty($test_tf['fileimgthumbs'])) {
            foreach ($test_tf['fileimgthumbs'] as $thumb => $chain) {
                if ($chain) {
                    if (!xthreads_check_evalstr('".$img->' . $chain . '."')) {
                        $errors[] = $lang->sprintf($lang->error_bad_conditional, $lang->threadfields_fileimgthumbs);
                        break;
                    }
                }
            }
        }
        if (!$errors) {
            $new_tf = array();
            foreach (array_keys($props) as $field) {
                if ($field == 'field') {
                    $new_tf[$field] = $db->escape_string($mybb->input['newfield']);
                } else {
                    $new_tf[$field] = $db->escape_string($mybb->input[$field]);
                }
            }
            if ($mybb->input['inputtype'] == XTHREADS_INPUT_FILE) {
                if (xthreads_empty($mybb->input['multival'])) {
                    $fieldtype = xthreads_db_fielddef('int', null, true) . ' not null default 0';
                } else {
                    $fieldtype = 'varchar(255) not null default ""';
                }
                // we'll stick a hard limit of 25 files
            } elseif ($mybb->input['inputtype'] == XTHREADS_INPUT_FILE_URL) {
                $fieldtype = 'varchar(255) not null default ""';
            } else {
                switch ($new_tf['datatype']) {
                    case XTHREADS_DATATYPE_INT:
                    case XTHREADS_DATATYPE_UINT:
                        $fieldtype = xthreads_db_fielddef('int', null, $new_tf['datatype'] == XTHREADS_DATATYPE_UINT) . ' default null';
                        break;
                    case XTHREADS_DATATYPE_BIGINT:
                    case XTHREADS_DATATYPE_BIGUINT:
                        $fieldtype = xthreads_db_fielddef('bigint', null, $new_tf['datatype'] == XTHREADS_DATATYPE_BIGUINT) . ' default null';
                        break;
                    case XTHREADS_DATATYPE_FLOAT:
                        $fieldtype = 'double default null';
                        break;
                    default:
                        switch ($mybb->input['inputtype']) {
                            case XTHREADS_INPUT_TEXTAREA:
                                $fieldtype = 'text not null';
                                break;
                            case XTHREADS_INPUT_SELECT:
                            case XTHREADS_INPUT_RADIO:
                                if ($new_tf['multival'] === '' || $mybb->input['inputtype'] == XTHREADS_INPUT_RADIO) {
                                    $fieldtype = 'varchar(255) not null default ""';
                                    $using_long_varchar = false;
                                    break;
                                }
                            default:
                                if ($new_tf['allowfilter']) {
                                    // initially, try 1024 chars
                                    $fieldtype = 'varchar(1024) not null default ""';
                                    $using_long_varchar = true;
                                } else {
                                    $fieldtype = 'text not null';
                                }
                        }
                }
            }
            if ($update) {
                $plugins->run_hooks('admin_config_threadfields_edit_commit');
                $db->update_query('threadfields', $new_tf, 'field="' . $db->escape_string($mybb->input['field']) . '"');
                $alterations = array();
                // TODO: perhaps only run this query if necessary
                //if($mybb->input['field'] != $mybb->input['newfield'])
                $alterfield_base = 'CHANGE `' . $db->escape_string($mybb->input['field']) . '` `' . $new_tf['field'] . '` ';
                $alterations['field'] = $alterfield_base . $fieldtype;
                if ((bool) $new_tf['allowfilter'] != (bool) $oldfield['allowfilter']) {
                    if ($new_tf['allowfilter']) {
                        $alterations['addkey'] = 'ADD KEY `' . $new_tf['field'] . '` (`' . $new_tf['field'] . '`)';
                    } else {
                        $alterations['dropkey'] = 'DROP KEY `' . $db->escape_string($mybb->input['field']) . '`';
                    }
                } elseif ($new_tf['allowfilter'] && $mybb->input['field'] != $mybb->input['newfield']) {
                    // change key name - only way to do this in MySQL appears to be recreating the key...
                    $alterations['dropkey'] = 'DROP KEY `' . $db->escape_string($mybb->input['field']) . '`';
                    $alterations['addkey'] = 'ADD KEY `' . $new_tf['field'] . '` (`' . $new_tf['field'] . '`)';
                }
                if (!empty($alterations)) {
                    $qry_base = 'ALTER TABLE `' . $db->table_prefix . 'threadfields_data` ';
                    if ($using_long_varchar) {
                        if (!$db->write_query($qry_base . implode(', ', $alterations), true)) {
                            $alterations['field'] = $alterfield_base . str_replace('varchar(1024)', 'varchar(255)', $fieldtype);
                            $db->write_query($qry_base . implode(', ', $alterations));
                        }
                    } else {
                        $db->write_query($qry_base . implode(', ', $alterations));
                    }
                    if ($mybb->input['field'] != $mybb->input['newfield'] && ($new_tf['inputtype'] == XTHREADS_INPUT_FILE || $new_tf['inputtype'] == XTHREADS_INPUT_FILE_URL)) {
                        // need to update xtattachments table too!
                        $db->update_query('xtattachments', array('field' => $new_tf['field']), 'field="' . $db->escape_string($mybb->input['field']) . '"');
                    }
                }
            } else {
                $plugins->run_hooks('admin_config_threadfields_add_commit');
                $db->insert_query('threadfields', $new_tf);
                $addkey = '';
                if ($new_tf['allowfilter']) {
                    $addkey .= ', ADD KEY (`' . $new_tf['field'] . '`)';
                }
                $qry_base = 'ALTER TABLE `' . $db->table_prefix . 'threadfields_data` ADD COLUMN `' . $new_tf['field'] . '` ';
                if ($using_long_varchar) {
                    if (!$db->write_query($qry_base . $fieldtype . $addkey, true)) {
                        $db->write_query($qry_base . str_replace('varchar(1024)', 'varchar(255)', $fieldtype) . $addkey);
                    }
                } else {
                    $db->write_query($qry_base . $fieldtype . $addkey);
                }
            }
            // Log admin action
            log_admin_action($new_tf['field'], htmlspecialchars_uni($mybb->input['title']));
            xthreads_buildtfcache();
            if ($update) {
                flash_message($lang->success_updated_threadfield, 'success');
            } else {
                flash_message($lang->success_added_threadfield, 'success');
            }
            admin_redirect(xthreads_admin_url('config', 'threadfields'));
        }
    }
    $page->add_breadcrumb_item($title);
    $page->output_header($lang->custom_threadfields . ' - ' . $title);
    echo '<noscript>';
    $page->output_alert($lang->threadfields_enable_js);
    echo '</noscript>';
    if (!$update) {
        $page->output_nav_tabs($sub_tabs, 'threadfields_add');
    }
    if ($update) {
        $form = new Form(xthreads_admin_url('config', 'threadfields') . '&amp;action=edit&amp;field=' . urlencode($tf['field']), 'post');
    } else {
        $form = new Form(xthreads_admin_url('config', 'threadfields&amp;action=add'), 'post');
    }
    if ($errors) {
        $page->output_inline_error($errors);
        $GLOBALS['data'] =& $mybb->input;
    } else {
        $GLOBALS['data'] =& $tf;
    }
    global $data;
    global $form_container;
    $form_container = new FormContainer($title);
    $form_container->output_row($lang->threadfields_title . ' <em>*</em>', $lang->threadfields_title_desc, $form->generate_text_box('title', $data['title'], array('id' => 'title')), 'title');
    if (isset($data['newfield'])) {
        $key =& $data['newfield'];
    } else {
        $key =& $data['field'];
    }
    $form_container->output_row($lang->threadfields_name . ' <em>*</em>', $lang->threadfields_name_desc, $form->generate_text_box('newfield', $key, array('id' => 'newfield')), 'newfield');
    if ($data['forums'] && !is_array($data['forums'])) {
        $data['forums'] = array_map('intval', array_map('trim', explode(',', $data['forums'])));
    }
    $form_container->output_row($lang->threadfields_forums, $lang->threadfields_forums_desc, $form->generate_forum_select('forums[]', $data['forums'], array('multiple' => true, 'size' => 5)), 'forums');
    $hidefield_boxes = '';
    foreach (array('input' => XTHREADS_HIDE_INPUT, 'thread' => XTHREADS_HIDE_THREAD) as $k => $v) {
        $l = 'threadfields_hidefield_' . $k;
        $ld = 'threadfields_hidefield_' . $k . '_desc';
        $hidefield_boxes .= $form->generate_check_box('hidefield_' . $k, '1', $lang->{$l}, array('checked' => (bool) ($data['hidefield'] & $v))) . '<div style="margin-left: 2.25em;" class="description">' . $lang->{$ld} . '</div>';
    }
    $form_container->output_row($lang->threadfields_hidefield, $lang->threadfields_hidefield_desc, $hidefield_boxes, 'hidefield');
    $inputtypes = array(XTHREADS_INPUT_TEXT => $lang->threadfields_inputtype_text, XTHREADS_INPUT_TEXTAREA => $lang->threadfields_inputtype_textarea, XTHREADS_INPUT_SELECT => $lang->threadfields_inputtype_select, XTHREADS_INPUT_RADIO => $lang->threadfields_inputtype_radio, XTHREADS_INPUT_CHECKBOX => $lang->threadfields_inputtype_checkbox, XTHREADS_INPUT_FILE => $lang->threadfields_inputtype_file);
    if ($update) {
        // disable some conversions as they are not possible
        if (isset($errors['error_invalid_inputtype'])) {
            // but if invalid type is supplied, don't lock the user in either
            $inputtype = $oldfield['inputtype'];
        } else {
            $inputtype = $data['inputtype'];
        }
        if ($inputtype == XTHREADS_INPUT_FILE || $inputtype == XTHREADS_INPUT_FILE_URL) {
            foreach ($inputtypes as $k => &$v) {
                if ($k != $inputtype) {
                    unset($inputtypes[$k]);
                }
            }
        } else {
            unset($inputtypes[XTHREADS_INPUT_FILE], $inputtypes[XTHREADS_INPUT_FILE_URL]);
        }
    }
    // TODO: weird issue where inputtype isn't being set...
    if (!ini_get('file_uploads')) {
        $lang->threadfields_file_name_info .= '<div style="color: red; font-style: italic;">' . $lang->threadfields_file_upload_disabled_warning . '</div>';
    }
    make_form_row('inputtype', 'select_box', $inputtypes, '<div id="inputtype_file_explain" style="font-size: 0.95em; margin-top: 1em;">' . $lang->threadfields_file_name_info . '</div>');
    make_form_row('disporder', 'text_box');
    $form_container->end();
    unset($GLOBALS['form_container']);
    global $form_container;
    $form_container = new FormContainer($lang->threadfields_cat_input);
    if ($data['editable_gids'] && !is_array($data['editable_gids'])) {
        $data['editable_gids'] = array_map('intval', array_map('trim', explode(',', $data['editable_gids'])));
    }
    if (!empty($data['editable_gids'])) {
        $data['editable'] = 99;
    }
    make_form_row('editable', 'select_box', array(XTHREADS_EDITABLE_ALL => $lang->threadfields_editable_everyone, XTHREADS_EDITABLE_REQ => $lang->threadfields_editable_requied, XTHREADS_EDITABLE_MOD => $lang->threadfields_editable_mod, XTHREADS_EDITABLE_ADMIN => $lang->threadfields_editable_admin, XTHREADS_EDITABLE_NONE => $lang->threadfields_editable_none, 99 => $lang->threadfields_editable_bygroup));
    $form_container->output_row($lang->threadfields_editable_gids, $lang->threadfields_editable_gids_desc, xt_generate_group_select('editable_gids[]', $data['editable_gids'], array('multiple' => true, 'size' => 5)), 'editable_gids', array(), array('id' => 'row_editable_gids'));
    make_form_row('maxlen', 'text_box');
    make_form_row('vallist', 'text_area');
    make_form_row('fileexts', 'text_box');
    if (!is_int(2147483648)) {
        // detect 32-bit PHP
        $lang->threadfields_filemaxsize_desc .= $lang->threadfields_filemaxsize_desc_2gbwarn;
    }
    // PHP upload limits
    $upload_max_filesize = @ini_get('upload_max_filesize');
    $post_max_size = @ini_get('post_max_size');
    // TODO: maybe also pull in [ file_uploads, max_file_uploads, max_input_time ] ?
    if ($upload_max_filesize || $post_max_size) {
        $lang->threadfields_filemaxsize_desc .= '<br /><br />' . $lang->threadfields_filemaxsize_desc_phplimit;
        if (!$lang->limit_upload_max_filesize) {
            $lang->load('config_attachment_types');
        }
        if ($upload_max_filesize) {
            $lang->threadfields_filemaxsize_desc .= '<br />' . $lang->sprintf($lang->limit_upload_max_filesize, $upload_max_filesize);
        }
        if ($post_max_size) {
            $lang->threadfields_filemaxsize_desc .= '<br />' . $lang->sprintf($lang->limit_post_max_size, $post_max_size);
        }
    }
    make_form_row('filemaxsize', 'text_box');
    make_form_row('filemagic', 'text_box');
    $data['filereqimg'] = $data['fileimage'] ? 1 : 0;
    if (!function_exists('imagecreate')) {
        $lang->threadfields_filereqimg_desc .= $lang->threadfields_filereqimg_desc_nogd;
    }
    make_form_row('filereqimg', 'yes_no_radio');
    unset($data['filereqimg']);
    $data['fileimage_mindim'] = $data['fileimage_maxdim'] = '';
    if ($data['fileimage']) {
        list($min, $max) = explode('|', $data['fileimage']);
        if ($min === '0x0') {
            $min = '';
        }
        $data['fileimage_mindim'] = $min;
        $data['fileimage_maxdim'] = $max;
    }
    make_form_row('fileimage_mindim', 'text_box');
    make_form_row('fileimage_maxdim', 'text_box');
    unset($data['fileimage_mindim'], $data['fileimage_maxdim']);
    make_form_row('fileimgthumbs', 'text_box');
    $data['multival_enable'] = $data['multival'] !== '' ? 1 : 0;
    make_form_row('multival_enable', 'yes_no_radio');
    unset($data['multival_enable']);
    make_form_row('multival_limit', 'text_box');
    make_form_row('textmask', 'text_box');
    make_form_row('inputformat', 'text_area', array('style' => 'font-family: monospace'));
    make_form_row('inputvalidate', 'text_area', array('style' => 'font-family: monospace'));
    if (!is_array($data['editable_values'])) {
        $ev = @unserialize($data['editable_values']);
        if (is_array($ev)) {
            $data['editable_values'] =& $ev;
        }
    }
    if (is_array($data['editable_values'])) {
        $evtxt = '';
        foreach ($data['editable_values'] as $k => &$v) {
            // don't need to htmlspecialchar - it'll be done for us
            $evtxt .= str_replace("\n", "{\n}", $k) . '{|}' . implode(',', $v) . "\n";
        }
        $data['editable_values'] =& $evtxt;
    }
    make_form_row('editable_values', 'text_area', array('style' => 'font-family: monospace'));
    $form_container->end();
    unset($GLOBALS['form_container']);
    global $form_container;
    $form_container = new FormContainer($lang->threadfields_cat_inputfield);
    make_form_row('desc', 'text_box');
    make_form_row('defaultval', 'text_area', array('style' => 'font-family: monospace'));
    make_form_row('fieldwidth', 'text_box');
    make_form_row('fieldheight', 'text_box');
    make_form_row('tabstop', 'yes_no_radio');
    $data['use_formhtml'] = $data['formhtml'] !== '' ? 1 : 0;
    make_form_row('use_formhtml', 'yes_no_radio');
    unset($data['use_formhtml']);
    $lang->threadfields_formhtml .= ' <em>*</em>';
    make_form_row('formhtml', 'text_area', array('style' => 'font-family: monospace'));
    $form_container->end();
    unset($GLOBALS['form_container']);
    global $form_container;
    $form_container = new FormContainer($lang->threadfields_cat_output);
    $sanitize = $data['sanitize'];
    $data['sanitize'] &= XTHREADS_SANITIZE_MASK;
    make_form_row('sanitize', 'select_box', array(XTHREADS_SANITIZE_HTML => $lang->threadfields_sanitize_plain, XTHREADS_SANITIZE_HTML_NL => $lang->threadfields_sanitize_plain_nl, XTHREADS_SANITIZE_PARSER => $lang->threadfields_sanitize_mycode, XTHREADS_SANITIZE_NONE => $lang->threadfields_sanitize_none));
    $parser_opts = array('parser_nl2br' => $sanitize & XTHREADS_SANITIZE_PARSER_NL2BR, 'parser_nobadw' => $sanitize & XTHREADS_SANITIZE_PARSER_NOBADW, 'parser_html' => $sanitize & XTHREADS_SANITIZE_PARSER_HTML, 'parser_mycode' => $sanitize & XTHREADS_SANITIZE_PARSER_MYCODE, 'parser_mycodeimg' => $sanitize & XTHREADS_SANITIZE_PARSER_MYCODEIMG, 'parser_mycodevid' => $sanitize & XTHREADS_SANITIZE_PARSER_VIDEOCODE, 'parser_smilies' => $sanitize & XTHREADS_SANITIZE_PARSER_SMILIES);
    if ($mybb->version_code < 1600) {
        unset($parser_opts['parser_mycodevid']);
    }
    $parser_opts_str = '';
    foreach ($parser_opts as $opt => $checked) {
        $langstr = 'threadfields_sanitize_' . $opt;
        $parser_opts_str .= '<div style="display: block;">' . $form->generate_check_box($opt, 1, $lang->{$langstr}, array('checked' => $checked ? 1 : 0)) . '</div>';
    }
    $form_container->output_row($lang->threadfields_sanitize_parser, $lang->threadfields_sanitize_parser_desc, $parser_opts_str, 'sanitize_parser', array(), array('id' => 'parser_opts'));
    make_form_row('blankval', 'text_area', array('style' => 'font-family: monospace'));
    make_form_row('dispformat', 'text_area', array('style' => 'font-family: monospace'));
    $lang->threadfields_multival .= ' <em>*</em>';
    make_form_row('multival', 'text_box');
    $lang->threadfields_multival = substr($lang->threadfields_multival, 0, -11);
    make_form_row('dispitemformat', 'text_area', array('style' => 'font-family: monospace'));
    if (!is_array($data['formatmap'])) {
        $fm = @unserialize($data['formatmap']);
        if (is_array($fm)) {
            $data['formatmap'] =& $fm;
        }
    }
    if (is_array($data['formatmap'])) {
        $fmtxt = '';
        foreach ($data['formatmap'] as $k => &$v) {
            // don't need to htmlspecialchar - it'll be done for us
            $fmtxt .= str_replace("\n", "{\n}", $k . '{|}' . $v) . "\n";
        }
        $data['formatmap'] =& $fmtxt;
    }
    make_form_row('formatmap', 'text_area', array('style' => 'font-family: monospace'));
    if ($data['viewable_gids'] && !is_array($data['viewable_gids'])) {
        $data['viewable_gids'] = array_map('intval', array_map('trim', explode(',', $data['viewable_gids'])));
    }
    $form_container->output_row($lang->threadfields_viewable_gids, $lang->threadfields_viewable_gids_desc, xt_generate_group_select('viewable_gids[]', $data['viewable_gids'], array('multiple' => true, 'size' => 5, 'id' => 'viewable_gids')), 'viewable_gids', array(), array('id' => 'row_viewable_gids'));
    make_form_row('unviewableval', 'text_area', array('style' => 'font-family: monospace'));
    $form_container->end();
    unset($GLOBALS['form_container']);
    // this will currently be empty if a file input is chosen...
    global $form_container;
    $form_container = new FormContainer($lang->threadfields_cat_misc);
    make_form_row('allowfilter', 'select_box', array(XTHREADS_FILTER_NONE => $lang->threadfields_filter_none, XTHREADS_FILTER_EXACT => $lang->threadfields_filter_exact, XTHREADS_FILTER_PREFIX => $lang->threadfields_filter_prefix, XTHREADS_FILTER_ANYWHERE => $lang->threadfields_filter_anywhere, XTHREADS_FILTER_WILDCARD => $lang->threadfields_filter_wildcard));
    make_form_row('datatype', 'select_box', array(XTHREADS_DATATYPE_TEXT => $lang->threadfields_datatype_text, XTHREADS_DATATYPE_INT => $lang->threadfields_datatype_int, XTHREADS_DATATYPE_UINT => $lang->threadfields_datatype_uint, XTHREADS_DATATYPE_BIGINT => $lang->threadfields_datatype_bigint, XTHREADS_DATATYPE_BIGUINT => $lang->threadfields_datatype_biguint, XTHREADS_DATATYPE_FLOAT => $lang->threadfields_datatype_float));
    $form_container->end();
    unset($GLOBALS['form_container']);
    if ($update) {
        $buttons[] = $form->generate_submit_button($lang->update_threadfield);
    } else {
        $buttons[] = $form->generate_submit_button($lang->add_threadfield);
    }
    $form->output_submit_wrapper($buttons);
    $form->end();
    ?>
<script type="text/javascript">
<!--
	var xt_inited = false;
	function xt_visi(o,v) {
		document.getElementById(o).style.display = (v ? '':'none');
	}
	document.getElementById('sanitize').onchange = function() {
		xt_visi('parser_opts', this.options[this.selectedIndex].value == "<?php 
    echo XTHREADS_SANITIZE_PARSER;
    ?>
" && document.getElementById('row_sanitize').style.display != 'none');
	};
	
	function xt_multival_enable() {
		var si = parseInt(document.getElementById('inputtype').options[document.getElementById('inputtype').selectedIndex].value);
		var checkboxIn = (si == <?php 
    echo XTHREADS_INPUT_CHECKBOX;
    ?>
);
		var pureFileIn = (si == <?php 
    echo XTHREADS_INPUT_FILE;
    ?>
);
		var fileIn = (pureFileIn || si == <?php 
    echo XTHREADS_INPUT_FILE_URL;
    ?>
);
		e = checkboxIn; // forced
		
		var datatypeText = (document.getElementById('datatype').options[document.getElementById('datatype').selectedIndex].value == "<?php 
    echo XTHREADS_DATATYPE_TEXT;
    ?>
");
		xt_visi('row_multival_enable', checkboxIn || ((
			si != <?php 
    echo XTHREADS_INPUT_RADIO;
    ?>
 && (datatypeText || pureFileIn)
		)));
		
		if(!e) e = (document.getElementById('multival_enable_yes').checked && document.getElementById('row_multival_enable').style.display != 'none');
		xt_visi('row_multival', e);
		xt_visi('row_multival_limit', e);
		xt_visi('row_dispitemformat', e);
		datatypeVisible = (!e && !checkboxIn && !fileIn);
		xt_visi('row_datatype', datatypeVisible);
		
		// hide some sanitise options (if browser supports it)
		var sanitizeOptShow = ((datatypeVisible && !datatypeText) ? 'none' : '');
		for(i in document.getElementById('sanitize').options) {
			var optItem = document.getElementById('sanitize').options[i];
			if(!optItem) continue; // fix IE6 bug
			if(optItem.value == "<?php 
    echo XTHREADS_SANITIZE_HTML_NL;
    ?>
" || optItem.value == "<?php 
    echo XTHREADS_SANITIZE_NONE;
    ?>
") {
				// our target
				if(sanitizeOptShow == 'none' && document.getElementById('sanitize').selectedIndex == i)
					document.getElementById('sanitize').selectedIndex = 0;
				optItem.style.display = sanitizeOptShow;
			}
		}
		
		dispfmt_obj = document.getElementById('dispformat');
		fileVal = "<a href=\"{URL}\">{FILENAME}</a>";
		nonFileVal = "{VALUE}";
		if(pureFileIn) {
			if(e) {
				if(document.getElementById('dispitemformat').value == nonFileVal) {
					if(dispfmt_obj.value == nonFileVal)
						document.getElementById('dispitemformat').value = fileVal;
					else {
						// swap dispformat <-> dispitemformat
						document.getElementById('dispitemformat').value = dispfmt_obj.value;
						dispfmt_obj.value = nonFileVal;
					}
				}
				if(dispfmt_obj.value == fileVal)
					dispfmt_obj.value = nonFileVal;
			} else {
				if(dispfmt_obj.value == nonFileVal) {
					dispfmt_obj.value = fileVal;
					if(document.getElementById('dispitemformat').value != nonFileVal) {
						// maybe swap?
						var DIFval = document.getElementById('dispitemformat').value.toUpperCase();
						if((function(s){
							for(i in s)
								if(DIFval.indexOf("{"+s[i]+"}") > -1)
									return true;
							return false;
						})(
							["DOWNLOADS","DOWNLOADS_FRIENDLY","FILENAME","UPLOADMIME","URL","FILESIZE","FILESIZE_FRIENDLY","MD5HASH","UPLOADTIME","UPLOAD_TIME","UPLOAD_DATE","UPDATETIME","UPDATE_TIME","UPDATE_DATE","THUMBS","DIMS","MODIFIED"]
						)) {
							dispfmt_obj.value = document.getElementById('dispitemformat').value;
							document.getElementById('dispitemformat').value = nonFileVal;
						}
					}
				}
				if(document.getElementById('dispitemformat').value == fileVal)
					document.getElementById('dispitemformat').value = nonFileVal;
			}
		} else {
			if(document.getElementById('dispitemformat').value == fileVal)
				document.getElementById('dispitemformat').value = nonFileVal;
			if(dispfmt_obj.value == fileVal)
				dispfmt_obj.value = nonFileVal;
		}
	}
	document.getElementById('multival_enable_yes').onclick = xt_multival_enable;
	document.getElementById('multival_enable_no').onclick = xt_multival_enable;
	
	(document.getElementById('use_formhtml_yes').onclick = document.getElementById('use_formhtml_no').onclick = xt_use_formhtml = function() {
		xt_visi('row_formhtml', document.getElementById('use_formhtml_yes').checked);
		xt_visi('formhtml_desc_js', true);
	})();
	
	function xt_filereqimg() {
		var e = (document.getElementById('filereqimg_yes').checked && document.getElementById('row_filereqimg').style.display != 'none');
		xt_visi('row_fileimage_mindim', e);
		xt_visi('row_fileimage_maxdim', e);
		xt_visi('row_fileimgthumbs', e);
	}
	document.getElementById('filereqimg_yes').onclick = xt_filereqimg;
	document.getElementById('filereqimg_no').onclick = xt_filereqimg;
	
	
	(document.getElementById('inputtype').onchange = function() {
		var si = parseInt(this.options[this.selectedIndex].value);
		
		var pureFileIn = (si == <?php 
    echo XTHREADS_INPUT_FILE;
    ?>
);
		var fileIn = (pureFileIn || si == <?php 
    echo XTHREADS_INPUT_FILE_URL;
    ?>
);
		var radioIn = (si == <?php 
    echo XTHREADS_INPUT_RADIO;
    ?>
);
		var checkboxIn = (si == <?php 
    echo XTHREADS_INPUT_CHECKBOX;
    ?>
);
		var selectBoxIn = (si == <?php 
    echo XTHREADS_INPUT_SELECT;
    ?>
);
		var selectIn = (selectBoxIn || radioIn || checkboxIn);
		var textAreaIn = (si == <?php 
    echo XTHREADS_INPUT_TEXTAREA;
    ?>
);
		var textIn = (textAreaIn || si == <?php 
    echo XTHREADS_INPUT_TEXT;
    ?>
);
		xt_visi('row_sanitize', !fileIn && !selectIn);
		document.getElementById('sanitize').onchange();
		
		xt_visi('inputtype_file_explain', pureFileIn);
		
		xt_visi('row_allowfilter', !fileIn && !textAreaIn);
		xt_visi('row_formatmap', !fileIn);
		xt_visi('row_editable_values', !fileIn);
		xt_visi('row_defaultval', !pureFileIn);
		
		xt_visi('row_textmask', textIn);
		xt_visi('row_inputformat', !fileIn);
		xt_visi('row_maxlen', textIn);
		xt_visi('row_fieldwidth', textIn || fileIn || selectBoxIn);
		xt_visi('row_fieldheight', textAreaIn || selectBoxIn);
		
		xt_visi('row_vallist', selectIn);
		
		//xt_visi('row_datatype', !checkboxIn && !fileIn);
		//xt_visi('row_multival_enable', !checkboxIn && !radioIn && !fileIn);
		xt_multival_enable();
		
		xt_visi('row_filemagic', pureFileIn);
		xt_visi('row_fileexts', pureFileIn);
		xt_visi('row_filemaxsize', pureFileIn);
		xt_visi('row_filereqimg', pureFileIn);
		xt_filereqimg();
		
		if(textAreaIn) {
			if(document.getElementById('sanitize').options[document.getElementById('sanitize').selectedIndex].value == "<?php 
    echo XTHREADS_SANITIZE_HTML;
    ?>
")
				document.getElementById('sanitize').selectedIndex++;
		} else if(textIn) {
			if(document.getElementById('sanitize').options[document.getElementById('sanitize').selectedIndex].value == "<?php 
    echo XTHREADS_SANITIZE_HTML_NL;
    ?>
")
				document.getElementById('sanitize').selectedIndex--;
		}
		
		var setFormhtml = true;
		if(document.getElementById('use_formhtml_yes').checked) {
			if(!xt_inited)
				setFormhtml = (document.getElementById("formhtml").value == "");
			else
				setFormhtml = confirm("<?php 
    echo xt_js_str_escape($lang->threadfields_formhtml_js_reset_warning);
    ?>
");
			if(setFormhtml) {
				document.getElementById('use_formhtml_no').checked = true;
			}
			xt_use_formhtml();
		}
		switch(si) {
			<?php 
    foreach (array(XTHREADS_INPUT_TEXTAREA, XTHREADS_INPUT_SELECT, XTHREADS_INPUT_CHECKBOX, XTHREADS_INPUT_RADIO, XTHREADS_INPUT_FILE, XTHREADS_INPUT_TEXT) as $inputtype) {
        $formhtml_info = xthreads_default_threadfields_formhtml($inputtype);
        $formhtml_desc = '';
        foreach ($formhtml_info[1] as $fhvar) {
            $langvar = 'threadfields_formhtml_desc_' . strtolower($fhvar);
            $formhtml_desc .= '<li><code>{' . $fhvar . '}</code>: ' . $lang->{$langvar} . '</li>';
        }
        echo '
				case ' . $inputtype . ':
					if(setFormhtml) document.getElementById("formhtml").value = "' . xt_js_str_escape($formhtml_info[0]) . '";
					document.getElementById("formhtml_desc_ul_js").innerHTML = "' . xt_js_str_escape($formhtml_desc) . '";
					break;';
    }
    ?>
		}
	}).apply(document.getElementById('inputtype'));
	
	(document.getElementById('datatype').onchange = function() {
		//var isText = this.options[this.selectedIndex].value == "<?php 
    echo XTHREADS_DATATYPE_TEXT;
    ?>
";
		//xt_visi('row_multival_enable', isText);
		xt_multival_enable();
	}).apply(document.getElementById('datatype'));
	
	(document.getElementById('editable').onchange = function() {
		xt_visi('row_editable_gids', this.options[this.selectedIndex].value == "99");
	}).apply(document.getElementById('editable'));
	
	(document.getElementById('viewable_gids').onchange = function() {
		var e=false;
		var o=document.getElementById('viewable_gids').options;
		for(i=0; i<o.length; i++)
			if(e = o[i].selected) // no, I do mean =, not ==
				break;
		xt_visi('row_unviewableval', e);
	}).apply(document.getElementById('viewable_gids'));
	
	<?php 
    $textmask_types = array('anything' => '^.*$', 'digit' => '^\\d+$', 'alphadigit' => '^[a-z0-9]+$', 'number' => '^(-?)([0-9]*)(?:\\.(\\d*))?(?:e([+-]?\\d*))?$', 'date' => '^(0?[1-9]|[12]\\d|3[01])/(0?[1-9]|1[012])/((?:19|20)\\d\\d)$', 'date_us' => '^(0?[1-9]|1[012])/(0?[1-9]|[12]\\d|3[01])/((?:19|20)\\d\\d)$', 'uri' => '^([^:/?#]+)\\:((//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?)$', 'url' => '^([a-z0-9]+)\\://([^/?#]+)(/([^\\r\\n"<>#?]*)(\\?([^\\r\\n"<>#]*))?(#([^\\r\\n"<>]*))?)?$', 'httpurl' => '^(https?)\\://([^/?#]+)(/([^\\r\\n"<>#?]*)(\\?([^\\r\\n"<>#]*))?(#([^\\r\\n"<>]*))?)?$', 'email' => '^(.+)@([a-z0-9_.\\-]+)$', 'emailr' => '^([^ "(),:;<>@\\[\\\\\\]]+)@([a-z0-9_.\\-]+)$', 'css' => '^[a-z0-9_\\- ]+$', 'color' => '^[a-z\\-]+|#?[0-9a-f]{6}$');
    ?>
	document.getElementById('textmask').parentNode.innerHTML =
			'<select name="textmask_select" id="textmask_select">' +
<?php 
    foreach ($textmask_types as $type => &$mask) {
        $langvar = 'threadfields_textmask_' . $type;
        echo '			\'<option value="', $type, '">', $lang->{$langvar}, '</option>\' +
';
    }
    ?>
			'<option value="custom">'+<?php 
    echo "'", $lang->threadfields_textmask_custom, "'";
    ?>
+'</option>' +
			'</select> ' + document.getElementById('textmask').parentNode.innerHTML + '<div id="textmask_select_descriptions" style="font-size: smaller; padding-top: 0.5em;">' +
<?php 
    foreach ($textmask_types as $type => &$mask) {
        $langvar = 'threadfields_textmask_' . $type . '_desc';
        if (property_exists($lang, $langvar)) {
            echo '			\'<div id="textmask_selector_desc_', $type, '" style="display: none;">', xt_js_str_escape($lang->{$langvar}), '</div>\' +
';
        }
    }
    ?>
			'</div>';
	var textmaskMapping = {
<?php 
    $comma = '';
    foreach ($textmask_types as $type => &$mask) {
        echo $comma, '		', $type, ': "', xt_js_str_escape($mask), '"';
        if (!$comma) {
            $comma = ',
';
        }
    }
    ?>

	};
	// determine which option to be selected by default
	(function() {
		// we can only index by number, and as we're a little lazy, create a name -> index map
		var textmaskSelectOpts = document.getElementById('textmask_select').options;
		var textmaskSelectMap = {};
		for(i=0; i<textmaskSelectOpts.length; i++) {
			textmaskSelectMap[textmaskSelectOpts[i].value] = i;
		}
		
		var mask = document.getElementById('textmask').value;
		for(var maskName in textmaskMapping) {
			if(mask == textmaskMapping[maskName]) {
				document.getElementById('textmask_select').selectedIndex = textmaskSelectMap[maskName];
				textmaskSelectUpdated();
				return;
			}
		}
		document.getElementById('textmask_select').selectedIndex = textmaskSelectMap["custom"];
	})();
	document.getElementById('textmask_select').onchange = function() {
		var maskName = this.options[this.selectedIndex].value;
		if(textmaskMapping[maskName])
			document.getElementById('textmask').value = textmaskMapping[maskName];
		textmaskSelectUpdated();
	};
	document.getElementById('textmask_select').onkeypress = document.getElementById('textmask_select').onkeydown = document.getElementById('textmask_select').onkeyup = function(e) {
		document.getElementById('textmask_select').onchange();
		return true;
	};
	function textmaskSelectUpdated() {
		var maskName = document.getElementById('textmask_select').options[document.getElementById('textmask_select').selectedIndex].value;
		var d = (maskName != "custom");
		document.getElementById('textmask').readOnly = d;
		document.getElementById('textmask').tabIndex = (d?'-1':''); // note, this is non-standard
		document.getElementById('textmask').style.background = (d ? "#F0F0F0":"");
		document.getElementById('textmask').style.color = (d ? "#808080":"");
		
		var o = document.getElementById('textmask_select_descriptions').childNodes;
		for(i=0; i<o.length; i++) {
			if(o[i].id == "textmask_selector_desc_"+maskName)
				o[i].style.display = "";
			else
				o[i].style.display = "none";
		}
	}
	document.getElementById('textmask').onfocus = function() {
		if(this.readOnly)
			document.getElementById('textmask_select').focus();
	};
	xt_inited = true;
//-->
</script>
<script type="text/javascript" src="jscripts/xtofedit.js?xtver=<?php 
    echo XTHREADS_VERSION;
    ?>
"></script>
<script type="text/javascript">
<!--
xtOFEditorLang.confirmFormSubmit = "<?php 
    echo $lang->xthreads_js_confirm_form_submit;
    ?>
";
xtOFEditorLang.windowTitle = "<?php 
    echo $lang->xthreads_js_edit_value;
    ?>
";
xtOFEditorLang.saveButton = "<?php 
    echo $lang->xthreads_js_save_changes;
    ?>
";
xtOFEditorLang.closeSaveChanges = "<?php 
    echo $lang->xthreads_js_close_save_changes;
    ?>
";

var fmtMapEditor = new xtOFEditor();
fmtMapEditor.src = document.getElementById('formatmap');
fmtMapEditor.loadFunc = function(s) {
	var a = s.replace(/\r/g, "").replace(/\{\n\}/g, "\r").split("\n");
	var data = [];
	for(var i=0; i<a.length; i++) {
		a[i] = a[i].replace(/\r/g, "\n");
		var p = a[i].indexOf("{|}");
		if(p < 0) continue;
		data.push([ a[i].substring(0, p), a[i].substring(p+3) ]);
	}
	return data;
};
fmtMapEditor.saveFunc = function(a) {
	var ret = "";
	for(var i=0; i<a.length; i++) {
		ret += a[i].join("{|}").replace(/\n/g, "{\n}") + "\n";
	}
	return ret;
};
fmtMapEditor.fields = [
	{title: "<?php 
    echo $lang->xthreads_js_formatmap_from;
    ?>
", width: '45%', elemFunc: fmtMapEditor.textAreaFunc},
	{title: "<?php 
    echo $lang->xthreads_js_formatmap_to;
    ?>
", width: '55%', elemFunc: fmtMapEditor.textAreaFunc}
];

fmtMapEditor.copyStyles=true;
fmtMapEditor.init();

var editValEditor = new xtOFEditor();
editValEditor.src = document.getElementById('editable_values');
editValEditor.loadFunc = function(s) {
	var a = s.replace(/\r/g, "").replace(/\{\n\}/g, "\r").split("\n");
	var data = [];
	for(var i=0; i<a.length; i++) {
		a[i] = a[i].replace(/\r/g, "\n");
		var p = a[i].indexOf("{|}");
		if(p < 0) continue;
		data.push([ a[i].substring(0, p), a[i].substring(p+3).split(",") ]);
	}
	return data;
};
editValEditor.saveFunc = function(a) {
	var ret = "";
	for(var i=0; i<a.length; i++) {
		ret += a[i][0].replace(/\n/g, "{\n}") + "{|}" + a[i][1].join(",") + "\n";
	}
	return ret;
};
editValEditor.fields = [
	{title: "<?php 
    echo $lang->xthreads_js_formatmap_from;
    ?>
", width: '50%', elemFunc: editValEditor.textAreaFunc},
	{title: "<?php 
    echo $lang->xthreads_js_editable_values_groups;
    ?>
", width: '50%', elemFunc: function(c) {
		var o = appendNewChild(c, "select");
		o.multiple = true;
		o.size = 3;
		o.style.width = '100%';
		o.innerHTML = '<?php 
    foreach ($GLOBALS['cache']->read('usergroups') as $group) {
        echo '<option value="' . $group['gid'] . '">' . xt_js_str_escape(htmlspecialchars_uni(strip_tags($group['title']))) . '</option>';
    }
    ?>
';
		return o;
	}}
];

editValEditor.copyStyles=true;
editValEditor.init();

//-->
</script><?php 
    $page->output_footer();
}
Esempio n. 20
0
function asb_admin_manage_scripts()
{
    global $mybb, $db, $page, $lang, $html, $min;
    require_once MYBB_ROOT . 'inc/plugins/asb/classes/script_info.php';
    $page->add_breadcrumb_item($lang->asb, $html->url());
    if ($mybb->request_method == 'post') {
        if ($mybb->input['mode'] == 'edit') {
            $mybb->input['action'] = $mybb->input['script_action'];
            $script_info = new ScriptInfo($mybb->input);
            if (!$script_info->save()) {
                flash_message($lang->asb_script_save_fail, 'error');
                admin_redirect($html->url(array("action" => 'manage_scripts')));
            }
            flash_message($lang->asb_script_save_success, 'success');
            asb_cache_has_changed();
            admin_redirect($html->url(array("action" => 'manage_scripts')));
        } elseif ($mybb->input['mode'] == 'import') {
            if (!$_FILES['file'] || $_FILES['file']['error'] == 4) {
                flash_message($lang->asb_custom_import_no_file, 'error');
                admin_redirect($html->url(array("action" => 'manage_scripts')));
            }
            if ($_FILES['file']['error']) {
                flash_message($lang->sprintf($lang->asb_custom_import_file_error, $_FILES['file']['error']), 'error');
                admin_redirect($html->url(array("action" => 'manage_scripts')));
            }
            if (!is_uploaded_file($_FILES['file']['tmp_name'])) {
                flash_message($lang->asb_custom_import_file_upload_error, 'error');
                admin_redirect($html->url(array("action" => 'manage_scripts')));
            }
            $contents = @file_get_contents($_FILES['file']['tmp_name']);
            @unlink($_FILES['file']['tmp_name']);
            if (strlen(trim($contents)) == 0) {
                flash_message($lang->asb_custom_import_file_empty, 'error');
                admin_redirect($html->url(array("action" => 'manage_scripts')));
            }
            $this_script = new ScriptInfo();
            if (!$this_script->import($contents)) {
                flash_message($lang->asb_script_import_fail, 'error');
                admin_redirect($html->url(array("action" => 'manage_scripts')));
            }
            if (!$this_script->save()) {
                flash_message($lang->asb_script_import_fail, 'error');
            }
            flash_message($lang->asb_script_import_success, 'success');
            asb_cache_has_changed();
            admin_redirect($html->url(array("action" => 'manage_scripts')));
        }
    }
    if ($mybb->input['mode'] == 'delete' && $mybb->input['id']) {
        $this_script = new ScriptInfo((int) $mybb->input['id']);
        if (!$this_script->remove()) {
            flash_message($lang->asb_script_delete_fail, 'error');
        } else {
            flash_message($lang->asb_script_delete_success, 'success');
            asb_cache_has_changed();
        }
    } elseif ($mybb->input['mode'] == 'export' && $mybb->input['id']) {
        $this_script = new ScriptInfo((int) $mybb->input['id']);
        if (!$this_script->export()) {
            flash_message($lang->asb_script_export_fail, 'error');
            admin_redirect($html->url(array("action" => 'manage_scripts')));
        }
        exit;
    } elseif (($mybb->input['mode'] == 'activate' || $mybb->input['mode'] == 'deactivate') && $mybb->input['id']) {
        $this_script = new ScriptInfo((int) $mybb->input['id']);
        $this_script->set('active', $mybb->input['mode'] == 'activate');
        if (!$this_script->save()) {
            $action = $mybb->input['mode'] == 'activate' ? $lang->asb_script_activate_fail : $lang->asb_script_deactivate_fail;
            flash_message($action, 'error');
        } else {
            $action = $mybb->input['mode'] == 'activate' ? $lang->asb_script_activate_success : $lang->asb_script_deactivate_success;
            flash_message($action, 'success');
            asb_cache_has_changed();
        }
        admin_redirect($html->url(array("action" => 'manage_scripts')));
    }
    $data = array("active" => 'false', "find_top" => '{$header}', "find_bottom" => '{$footer}', "replace_all" => 0, "eval" => 0, "width_left" => 160, "width_right" => 160);
    if ($mybb->input['mode'] == 'edit') {
        $this_script = new ScriptInfo((int) $mybb->input['id']);
        $detected_show = ' style="display: none;"';
        $button_text = $lang->asb_add;
        $filename = '';
        $action = $lang->asb_edit_script;
        if ($this_script->is_valid()) {
            $data = $this_script->get('data');
            $detected_info = asb_detect_script_info($data['filename']);
            $detected_show = '';
            $button_text = $lang->asb_update;
            $filename = $data['filename'];
            $action = "{$lang->asb_edit} {$data['title']}";
        }
        $lang->asb_edit_script = $action;
        $queryadmin = $db->simple_select('adminoptions', '*', "uid='{$mybb->user['uid']}'");
        $admin_options = $db->fetch_array($queryadmin);
        if ($admin_options['codepress'] != 0) {
            $page->extra_header .= <<<EOF
\t<link type="text/css" href="./jscripts/codepress/languages/codepress-mybb.css" rel="stylesheet" id="cp-lang-style"/>
\t<script type="text/javascript" src="./jscripts/codepress/codepress.js"></script>
\t<script type="text/javascript">
\t<!--
\t\tCodePress.language = 'mybb';
\t// -->
\t</script>'
EOF;
        }
        $page->extra_header .= <<<EOF
\t<script type="text/javascript" src="./jscripts/peeker.js"></script>
\t<script type="text/javascript" src="jscripts/asb/asb_scripts{$min}.js"></script>
\t<script type="text/javascript">
\t<!--
\t\tASB.scripts.setCurrent('{$filename}');
\t// -->
\t</script>
\t<link rel="stylesheet" type="text/css" href="styles/asb_acp.css" media="screen" />
\t<script src="jscripts/asb/asb{$min}.js" type="text/javascript"></script>

EOF;
        $page->add_breadcrumb_item($lang->asb_manage_scripts, $html->url(array("action" => 'manage_scripts')));
        $page->add_breadcrumb_item($lang->asb_edit_script);
        $page->output_header("{$lang->asb} - {$lang->asb_manage_scripts} - {$lang->asb_edit_script}");
        asb_output_tabs('asb_edit_script');
        $spinner = <<<EOF
<div class="ajax_spinners" style="display: none;">
\t<img src="../images/spinner.gif" alt="{$lang->asb_detecting} . . ."/><br /><br />
</div>
EOF;
        $form = new Form($html->url(array("action" => 'manage_scripts', "mode" => 'edit')), 'post', 'edit_script');
        $form_container = new FormContainer($lang->asb_edit_script);
        $form_container->output_row("{$lang->asb_title}:", $lang->asb_title_desc, $form->generate_text_box('title', $data['title']));
        $form_container->output_row("{$lang->asb_filename}:", $lang->asb_filename_desc, $form->generate_text_box('filename', $data['filename'], array("id" => 'filename')));
        $form_container->output_row("{$lang->asb_action}:", $lang->sprintf($lang->asb_scriptvar_generic_desc, strtolower($lang->asb_action)), "{$spinner}<div id=\"action_list\"{$detected_show}>{$detected_info['actions']}</div>" . $form->generate_text_box('script_action', $data['action'], array("id" => 'action')));
        $form_container->output_row($lang->asb_page, $lang->sprintf($lang->asb_scriptvar_generic_desc, strtolower($lang->asb_page)), $form->generate_text_box('page', $data['page']));
        $form_container->output_row($lang->asb_width_left, $lang->asb_width_left_desc, $form->generate_text_box('width_left', $data['width_left']));
        $form_container->output_row($lang->asb_width_right, $lang->asb_width_right_desc, $form->generate_text_box('width_right', $data['width_right']));
        $form_container->output_row("{$lang->asb_output_to_vars}?", $lang->sprintf($lang->asb_output_to_vars_desc, '<span style="font-family: courier; font-weight: bold; font-size: 1.2em;">$asb_left</span> and <span style="font-family: courier; font-weight: bold; font-size: 1.2em;";>$asb_right</span>'), $form->generate_yes_no_radio('eval', $data['eval'], true, array("id" => 'eval_yes', "class" => 'eval'), array("id" => 'eval_no', "class" => 'eval')), '', '', array("id" => 'var_output'));
        $form_container->output_row("{$lang->asb_template}:", $lang->asb_template_desc, "{$spinner}<div id=\"template_list\"{$detected_show}>{$detected_info['templates']}</div>" . $form->generate_text_box('template_name', $data['template_name'], array("id" => 'template_name')), '', '', array("id" => 'template_row'));
        $form_container->output_row("{$lang->asb_hook}:", $lang->asb_hook_desc, "{$spinner}<div id=\"hook_list\"{$detected_show}>{$detected_info['hooks']}</div>" . $form->generate_text_box('hook', $data['hook'], array("id" => 'hook')), '', '', array("id" => 'hook_row'));
        $form_container->output_row($lang->asb_header_search_text, $lang->asb_header_search_text_desc, $form->generate_text_area('find_top', $data['find_top'], array("id" => 'find_top', 'class' => 'codepress mybb', 'style' => 'width: 100%; height: 100px;')), '', '', array("id" => 'header_search'));
        $form_container->output_row($lang->asb_footer_search_text, $lang->asb_footer_search_text_desc, $form->generate_text_area('find_bottom', $data['find_bottom'], array("id" => 'find_bottom', 'class' => 'codepress mybb', 'style' => 'width: 100%; height: 100px;')) . $form->generate_hidden_field('id', $data['id']) . $form->generate_hidden_field('active', $data['active']) . $form->generate_hidden_field('action', 'manage_scripts') . $form->generate_hidden_field('mode', 'edit'), '', '', array("id" => 'footer_search'));
        $form_container->output_row($lang->asb_replace_template, $lang->asb_replace_template_desc, $form->generate_yes_no_radio('replace_all', $data['replace_all'], true, array("id" => 'replace_all_yes', "class" => 'replace_all'), array("id" => 'replace_all_no', "class" => 'replace_all')), '', '', array("id" => 'replace_all'));
        $form_container->output_row($lang->asb_replacement_content, $lang->asb_replacement_content_desc, $form->generate_text_area('replacement', $data['replacement'], array("id" => 'replacement', 'class' => 'codepress mybb', 'style' => 'width: 100%; height: 240px;')), '', '', array("id" => 'replace_content'));
        $form_container->end();
        $buttons = array($form->generate_submit_button($button_text, array('name' => 'add')));
        $form->output_submit_wrapper($buttons);
        $form->end();
        // output CodePress scripts if necessary
        if ($admin_options['codepress'] != 0) {
            echo <<<EOF
\t\t<script type="text/javascript">
\t\t<!--
\t\t\tEvent.observe('edit_script', 'submit', function() {
\t\t\t\tif (\$('find_top_cp')) {
\t\t\t\t\tvar area = \$('find_top_cp');
\t\t\t\t\tarea.id = 'find_top';
\t\t\t\t\tarea.value = find_top.getCode();
\t\t\t\t\tarea.disabled = false;
\t\t\t\t}

\t\t\t\tif (\$('find_bottom_cp')) {
\t\t\t\t\tvar area = \$('find_bottom_cp');
\t\t\t\t\tarea.id = 'find_bottom';
\t\t\t\t\tarea.value = find_bottom.getCode();
\t\t\t\t\tarea.disabled = false;
\t\t\t\t}

\t\t\t\tif (\$('replacement_cp')) {
\t\t\t\t\tvar area = \$('replacement_cp');
\t\t\t\t\tarea.id = 'replacement';
\t\t\t\t\tarea.value = replacement.getCode();
\t\t\t\t\tarea.disabled = false;
\t\t\t\t}
\t\t\t});
\t\t// -->
\t\t</script>
EOF;
        }
        // output the link menu and MyBB footer
        asb_output_footer('edit_scripts');
    } else {
        $page->extra_header .= <<<EOF
\t<link rel="stylesheet" type="text/css" href="styles/asb_acp.css" media="screen" />
\t<script src="jscripts/asb/asb{$min}.js" type="text/javascript"></script>

EOF;
        $page->add_breadcrumb_item($lang->asb_manage_scripts);
        $page->output_header("{$lang->asb} - {$lang->asb_manage_scripts}");
        asb_output_tabs('asb_scripts');
        $new_script_url = $html->url(array("action" => 'manage_scripts', "mode" => 'edit'));
        $new_script_link = $html->link($new_script_url, $lang->asb_add_new_script, array("style" => 'font-weight: bold;', "title" => $lang->asb_add_new_script, "icon" => "{$mybb->settings['bburl']}/inc/plugins/asb/images/add.png"), array("alt" => '+', "title" => $lang->asb_add_new_script, "style" => 'margin-bottom: -3px;'));
        echo $new_script_link . '<br /><br />';
        $table = new Table();
        $table->construct_header($lang->asb_title, array("width" => '16%'));
        $table->construct_header($lang->asb_filename, array("width" => '16%'));
        $table->construct_header($lang->asb_action, array("width" => '7%'));
        $table->construct_header($lang->asb_page, array("width" => '7%'));
        $table->construct_header($lang->asb_template, array("width" => '18%'));
        $table->construct_header($lang->asb_hook, array("width" => '20%'));
        $table->construct_header($lang->asb_status, array("width" => '7%'));
        $table->construct_header($lang->asb_controls, array("width" => '8%'));
        $query = $db->simple_select('asb_script_info', '*', '', array("order_by" => 'title', "order_dir" => 'ASC'));
        if ($db->num_rows($query) > 0) {
            while ($data = $db->fetch_array($query)) {
                $edit_url = $html->url(array("action" => 'manage_scripts', "mode" => 'edit', "id" => $data['id']));
                $activate_url = $html->url(array("action" => 'manage_scripts', "mode" => 'activate', "id" => $data['id']));
                $deactivate_url = $html->url(array("action" => 'manage_scripts', "mode" => 'deactivate', "id" => $data['id']));
                $activate_link = $html->link($activate_url, $lang->asb_inactive, array("style" => 'font-weight: bold; color: red;', "title" => $lang->asb_inactive_desc));
                $deactivate_link = $html->link($deactivate_url, $lang->asb_active, array("style" => 'font-weight: bold; color: green', "title" => $lang->asb_active_desc));
                $none = <<<EOF
<span style="color: gray;"><em>{$lang->asb_none}</em></span>
EOF;
                $table->construct_cell($html->link($edit_url, $data['title'], array("style" => 'font-weight: bold;')));
                $table->construct_cell($data['filename']);
                $table->construct_cell($data['action'] ? $data['action'] : $none);
                $table->construct_cell($data['page'] ? $data['page'] : $none);
                $table->construct_cell($data['template_name'] ? $data['template_name'] : $none);
                $table->construct_cell($data['hook'] ? $data['hook'] : $none);
                $table->construct_cell($data['active'] ? $deactivate_link : $activate_link);
                // options popup
                $popup = new PopupMenu("script_{$data['id']}", $lang->asb_options);
                // edit
                $popup->add_item($lang->asb_edit, $edit_url);
                // export
                $popup->add_item($lang->asb_custom_export, $html->url(array("action" => 'manage_scripts', "mode" => 'export', "id" => $data['id'])));
                // delete
                $popup->add_item($lang->asb_delete, $html->url(array("action" => 'manage_scripts', "mode" => 'delete', "id" => $data['id'])), "return confirm('{$lang->asb_script_del_warning}');");
                // popup cell
                $table->construct_cell($popup->fetch());
                $table->construct_row();
            }
        } else {
            $table->construct_cell("<span style=\"color: gray;\"><em>{$lang->asb_no_scripts}</em></span>", array("colspan" => 8));
            $table->construct_row();
        }
        $table->output($lang->asb_script_info);
        $form = new Form($html->url(array("action" => 'manage_scripts', "mode" => 'import')), 'post', '', 1);
        $form_container = new FormContainer($lang->asb_custom_import);
        $form_container->output_row($lang->asb_custom_import_select_file, '', $form->generate_file_upload_box('file'));
        $form_container->end();
        $import_buttons[] = $form->generate_submit_button($lang->asb_custom_import, array('name' => 'import'));
        $form->output_submit_wrapper($import_buttons);
        $form->end();
        // output the link menu and MyBB footer
        asb_output_footer('manage_scripts');
    }
}