Esempio n. 1
0
 public function __before()
 {
     parent::__before();
     if (!Permission::has_permission('auditing')) {
         $this->redirect(ADMIN_URL);
     }
 }
Esempio n. 2
0
 public function index()
 {
     $table = new G2_ImprovedDataTable();
     if (isset($_GET['s'])) {
         $where = 'title LIKE \'%' . implode('%', str_split(str_replace(' ', '', $_GET['s']))) . '%\' ';
     } else {
         $where = '';
     }
     //$table->add_query('page', $where.' ORDER BY id DESC');
     $query = "SELECT DISTINCT page.* FROM page INNER JOIN area ON page.id = area.page_id ";
     if ($where) {
         $query .= "WHERE " . $where;
     }
     $table->add_exec_query($query);
     $table->set_fields([['name' => 'title', 'label' => 'Page Title'], ['name' => 'description', 'label' => 'Page description']]);
     $renderer = new G2_DataTable_Renderer('title');
     $renderer->set_function(function ($fieldname, $value, $data) {
         return "<strong>{$value}</strong><br><a href=\"" . BASE_URL . $data['slug'] . "\" target=\"_blank\">View Page</a> | <a href=\"" . PACKAGE_URL . "page/{$data['id']}\">Edit Page</a>";
     });
     $table->add_renderer($renderer);
     if (Permission::has_permission('Delete Pages')) {
         $table->add_function(PACKAGE_URL . 'delete-page/[id]', 'Delete this page');
     }
     echo '<a href="' . PACKAGE_URL . 'posts" class="btn">View Posts</a>';
     echo '<div class="panel"><div class="panel-body"><form action="" method="get"><input name="s" type="text" value="' . $_GET['s'] . '"><button>Search</button></form></div></div>';
     echo $table->render();
 }
Esempio n. 3
0
 function package($args)
 {
     $package_name = array_shift($args);
     $package = MVC_Router::getInstance()->get_package_for($package_name);
     if ($package) {
         if (method_exists($package, 'get_permission') && !Permission::has_permission($package->get_permission())) {
             $this->redirect(ADMIN_URL);
         }
         $controller = $package->get_admin_controller();
         define('PACKAGE_URL', $this->get_package_uri(true) . "package/{$package_name}/");
         $package->set_control_dir($package->get_admin_control_dir());
         $package->set_admin_defaults();
         echo $package->auto_route($args);
         //			echo call_user_func_array(array($package, $controller), $args);
     }
 }
Esempio n. 4
0
function jumpmenu($currentboard = 1)
{
    global $pref, $g_user;
    $P = new Permission($g_user['groupids']);
    // precache boards
    $a_board = array();
    $r_board = thwb_query("SELECT boardid, boardname, categoryid\n        FROM " . $pref . "board\n        WHERE boarddisabled = 0\n        ORDER BY boardorder ASC");
    while ($board = mysql_fetch_array($r_board)) {
        $P->set_boardid($board['boardid']);
        if ($P->has_permission(P_VIEW)) {
            $a_board[$board['categoryid']][] = $board;
        }
    }
    // category
    $r_category = thwb_query("SELECT categoryid, categoryname FROM\n    " . $pref . "category ORDER BY categoryorder ASC");
    $JUMP_MENU = '<select class="tbselect" name="board[boardid]" onChange="Submit.click()">';
    while ($category = mysql_fetch_array($r_category)) {
        if (!empty($a_board[$category['categoryid']]) && $a_board[$category['categoryid']]) {
            $JUMP_MENU .= '<option value="-' . $category['categoryid'] . '">' . $category['categoryname'] . '</option>';
            while (list(, $board) = each($a_board[$category['categoryid']])) {
                $JUMP_MENU .= '<option value="' . $board['boardid'] . '"' . ($board['boardid'] == $currentboard ? ' selected' : '') . '>- ' . $board['boardname'] . '</option>';
            }
        }
    }
    $JUMP_MENU .= '</select> <input class="tbbutton" type="submit" name="Submit" value="Jump">';
    return $JUMP_MENU;
}
Esempio n. 5
0
     $navpath .= "Private Messages";
     message("Fehler", "Es sind leider folgende Fehler aufgetreten:<br><br><font color='{$style['color_err']}'>{$errmsg}</font>");
 }
 if (!isset($pm['pmsaveinoutbox'])) {
     $pm['pmsaveinoutbox'] = 0;
 }
 $r_frompm = thwb_query("SELECT count(pmid) FROM " . $pref . "pm WHERE pmtoid={$g_user['userid']}");
 list($frompmcount) = mysql_fetch_row($r_frompm);
 if ($pm['pmmethod'] == 'pm') {
     // flood check
     prevent_pm_flood();
     // full inbox?
     $r_topm = thwb_query("SELECT count(pmid) FROM " . $pref . "pm WHERE pmtoid={$user['userid']}");
     list($topmcount) = mysql_fetch_row($r_topm);
     $toP = new Permission($user['groupids']);
     if ($topmcount >= $config['max_privmsg'] && !($P->has_permission(P_FORCEPM) || $toP->has_permission(P_NOPMLIMIT))) {
         $navpath .= "Private Messages";
         message('Fehler', 'Die Nachricht konnte nicht versendet werden: Die Private Message Box des Empf&auml;ngers ist voll.');
     } else {
         // send msg!
         thwb_query("INSERT INTO " . $pref . "pm (pmfromid, pmtoid, pmtopic, pmtext, pmtime, pmflags, pmfolder)\n                    VALUES ({$g_user['userid']}, {$user['userid']},'" . addslashes($pm['pmtopic']) . "','" . addslashes($pm['pmtext']) . "'," . time() . ", 1, 0);");
         if (($frompmcount < $config['max_privmsg'] || $P->has_permission(P_NOPMLIMIT)) && $pm['pmsaveinoutbox'] == 1) {
             thwb_query("INSERT INTO " . $pref . "pm (pmtoid, pmfromid, pmtopic, pmtext, pmtime, pmflags, pmfolder)\n                    VALUES ({$g_user['userid']}, {$user['userid']},'" . addslashes($pm['pmtopic']) . "','" . addslashes($pm['pmtext']) . "'," . time() . ",0 , 1);");
         }
         $navpath .= "Private Messages";
         message("Message verschickt", "Ihre Private Message wurde verschickt!<br><a href=\"" . build_link('pm.php') . "\">Private Message Center</a>");
     }
 } elseif ($pm['pmmethod'] == 'email') {
     // SEND PM as E-Mail
     $Pmmail = new Template("templates/mail/pmsg.mail");
     possible_flood(FLOOD_MAIL, $g_user['userid']);
Esempio n. 6
0
         $value[$i] = 'n/a';
     }
     mysql_free_result($r_posters);
     eval($TRow->GetTemplate("stats_top10_row"));
     $stats_top10_row .= "<br>";
 }
 /** top 10 boards **/
 $data['title'] = 'Top 10 Boards (nach Posts)';
 $name = array();
 $value = array();
 $a_boards = array();
 $i = 0;
 $r_boards = thwb_query("SELECT b.boardid, b.boardname, b.boardposts, c.categoryname FROM {$pref}" . "board AS b LEFT OUTER JOIN {$pref}" . "category AS c ON c.categoryid = b.categoryid ORDER BY boardposts DESC LIMIT 10");
 while ($a_boards = mysql_fetch_array($r_boards)) {
     $P->set_boardid($a_boards['boardid']);
     if (!$P->has_permission(P_VIEW)) {
         continue;
     }
     $name[$i] = '<a href="' . build_link('board.php?boardid=' . $a_boards['boardid']) . '">' . $a_boards['boardname'] . '</a>' . ' (Kategorie: ' . $a_boards['categoryname'] . ')';
     $value[$i] = $a_boards['boardposts'];
     $i++;
 }
 for (; $i <= 9; $i++) {
     $name[$i] = 'n/a';
     $value[$i] = 'n/a';
 }
 mysql_free_result($r_boards);
 eval($TRow->GetTemplate("stats_top10_row"));
 $stats_top10_row .= "<br>";
 /** top 10 threads (by posts) **/
 $data['title'] = 'Top 10 Threads (nach Posts)';
Esempio n. 7
0
$a_boardids = array();
if (defined(THWB_NEWS_INCLUDED)) {
    $a_boardids[] = CFG_INCLUDE_BOARD;
} else {
    if (!empty($_GET['limit'])) {
        $a_boardids = explode(',', $_GET['limit']);
    }
}
$r_boards = thwb_query("SELECT boardid FROM {$pref}board " . "WHERE boarddisabled = 0" . (count($a_boardids) ? " AND boardid IN (" . join(',', $a_boardids) . ")" : ''));
$a_boards = array();
while ($a_board = mysql_fetch_assoc($r_boards)) {
    if (count($a_boardids) && !in_array($a_board['boardid'], $a_boardids)) {
        continue;
    }
    $P->set_boardid($a_board['boardid']);
    if (!$P->has_permission(0)) {
        continue;
    }
    $a_boards[] = $a_board['boardid'];
}
if (!count($a_boards) && !defined('THWB_NEWS_INCLUDED')) {
    print '<pre><strong>Fehler</strong>
          Keine Boards gefunden.</pre>';
    exit;
}
/**
 * determine the order
 **/
$orderby = 'threadcreationtime';
if (!empty($_GET['lastchanged'])) {
    $orderby = 'threadtime';