<?php $tpl = new bQuickTpl(); $tpl->page_title = "Admin Area Settings"; include getcwd() . "/modules/adminarea/common.php"; if (isset($_POST['required']) and $_POST['required']) { // pr($_POST['required']); if (isset($_POST['required']['fields']) and !empty($_POST['required']['fields'])) { foreach ($_POST['required']['fields'] as $k => $v) { $database->insert("fields_mapping", array("main_table" => $_POST['required']['table'], "main_field" => $v, "type" => "required_fields")); } header("location:" . _admin_url . "/adminarea_settings/success"); } else { header("location:" . _admin_url . "/adminarea_settings/error"); } } if (isset($_POST['ckeditor']) and $_POST['ckeditor']) { // pr($_POST['ckeditor']); if (isset($_POST['ckeditor']['fields']) and !empty($_POST['ckeditor']['fields'])) { foreach ($_POST['ckeditor']['fields'] as $k => $v) { $database->insert("fields_mapping", array("main_table" => $_POST['ckeditor']['table'], "main_field" => $v, "type" => "ckeditor_fields")); } header("location:" . _admin_url . "/adminarea_settings/success"); } else { header("location:" . _admin_url . "/adminarea_settings/error"); } } if (isset($_POST['hidden']) and $_POST['hidden']) { // pr($_POST['hidden']); if (isset($_POST['hidden']['fields']) and !empty($_POST['hidden']['fields'])) { foreach ($_POST['hidden']['fields'] as $k => $v) {
<?php include getcwd() . "/core/nocsrf.php"; $tpl = new bQuickTpl(); include getcwd() . "/modules/site/common.php"; //setting site information // Send SEO Data $tpl->page_title = SEARCH; $tpl->page_description = site_seo_description; $tpl->keywords = site_seo_keywords; $tpl->page_image = main_url . website_logo; // Send SEO Data //pagination if (isset($vars[1]) && $vars[1]) { $page_no_var = $vars[1]; } $perpage = search_poems_per_page; $paginate = paginate($perpage, $page_no_var); $next_number = $paginate['next_number']; if (isset($_POST) && $_POST) { // try { // NoCSRF::check('csrf_token', $_POST, true, 60 * 10, false); // $result = 'CSRF check passed. Form parsed.'; $keyword = clean($_POST['keyword']); if (!$keyword) { header("location:" . main_url . "/index/search_error"); } $_SESSION['keyword'] = $keyword; if ($keyword != "") { $query_count = "select * from poems where poem_title like '%{$keyword}%'"; $get_count_records = $database->query($query_count)->fetchAll();
<?php include getcwd() . "/core/nocsrf.php"; $tpl = new bQuickTpl(); include getcwd() . "/modules/site/common.php"; include getcwd() . "/libs/helper/mail.php"; include getcwd() . "/libs/helper/common.php"; $tpl->loginUrl = $loginUrl; // Send SEO Data $tpl->page_title = FORGOT_PASSWORD; $tpl->page_description = site_seo_description; $tpl->keywords = site_seo_keywords; $tpl->page_image = main_url . website_logo; // Send SEO Data //--for send password--// if (isset($_POST) && $_POST) { try { $result = 'CSRF check passed. Form parsed.'; $userEmail = clean($_POST['data']['user_email']); $get_user = $database->select("users", "*", array("user_email" => $userEmail)); if ($get_user) { $update = $database->update('users', array('password' => md5($newpass)), array('user_email' => $userEmail)); $to = $userEmail; $subject = 'Forgotten Password Retrieval'; $message = 'Hello ' . $get_user["firstname"] . '<br><br>This email was sent automatically by ' . site_name . ' in response to your request to recover your password. Your new password to access the site is: ' . $newpass . '<br>Thanks<br>' . site_name; $sendmail = sendEmail($to, $subject, $message, $shortcodes = null, $from = null, $mail); if ($sendmail) { header("Location: " . main_url . "/forgotpassword/success"); exit; }
<?php $tpl = new bQuickTpl(); include getcwd() . "/modules/adminarea/common.php"; include getcwd() . "/core/nocsrf.php"; if (isset($vars[2]) && $vars[2]) { $table_name = $vars[2]; } if (isset($vars[3]) && $vars[3]) { $page_no_var = $vars[3]; } if (isset($vars[4]) && $vars[4]) { $perpage_param = $vars[4]; } if (isset($vars[5]) && $vars[5]) { $sort_by_param = $vars[5]; } else { $sort_by_param = "sortby:" . $database->getPKID($table_name) . ":DESC"; } // Per Page Content if (isset($perpage_param) && $perpage_param) { $_SESSION['perpage'] = str_replace("perpage:", "", $perpage_param); } if (isset($_SESSION['perpage']) && $_SESSION['perpage']) { $perpage = $_SESSION['perpage']; } else { $perpage = 10; } //Sorting Table Content if (isset($sort_by_param) && $sort_by_param) { $_SESSION['sortby'] = explode(":", $sort_by_param);
<?php include getcwd() . "/core/nocsrf.php"; $tpl = new bQuickTpl(); include getcwd() . "/modules/site/common.php"; include getcwd() . "/includes/common.php"; include getcwd() . "/libs/recaptcha/recaptchalib.php"; // Send SEO Data $tpl->page_title = REGISTER; $tpl->page_description = site_seo_description; $tpl->keywords = site_seo_keywords; $tpl->page_image = main_url . website_logo; // Send SEO Data $rand_num1 = rand(1, 20); $rand_num2 = rand(1, 20); $cap_numbers = array(); $cap_numbers['number1'] = $rand_num1; $cap_numbers['number2'] = $rand_num2; $tpl->cap_numbers = $cap_numbers; if (isset($_SESSION['user_id'])) { header("Location: " . main_url . ""); exit; } $errmsg_arr = array(); $errflag = false; //--user registration--// if (isset($_POST) && $_POST['submit']) { try { NoCSRF::check('csrf_token', $_POST, true, 60 * 10, false); //$result = 'CSRF check passed. Form parsed.'; $first_name = clean($_POST['data']['firstname']);
<?php $tpl = new bQuickTpl(); include getcwd() . "/modules/site/common.php"; //--get poem id--// $poem_id = $vars[1]; //--for poem id not found in poems table--// if (!check_poem($database, $poem_id)) { echo $tpl->render("themes/site/" . theme_name . "/html/404.php"); exit; } foreach ($vars as $var) { if (strpos($var, 'p:') === 0) { $page_no_var = $var; //get the current Page from URL } } //--increment views of poem--// $update_poem = view_increment($database, $poem_id); //--get poem information--// $get_poem = get_poem($database, $poem_id); //--get topic information--// if ($get_poem['topic_id']) { $poem_topics_array = array(); //get topic ids as array $poem_topics = unserialize($get_poem['topic_id']); foreach ($poem_topics as $poem_topic_id) { if (!array_key_exists($poem_topic_id, $poem_topics_array)) { $poem_topic_array[$poem_topic_id] = get_topic($database, $poem_topic_id); } }
<?php $tpl = new bQuickTpl(); include getcwd() . "/modules/site/common.php"; //--get author id--// $author_id = $vars[1]; //--for author id not found in author table--// if (!$database->has("authors", array("id" => $author_id))) { header("Location: " . main_url . "/404"); exit; } foreach ($vars as $var) { if (strpos($var, 'p:') === 0) { $page_no_var = $var; //get the current Page from URL } } //--PAGINATION--// $perpage = poems_by_author_per_page; $paginate = paginate($perpage, $page_no_var); $next_number = $paginate['next_number']; //--get author informations--// $author = get_author($database, $author_id); $tpl->author_info = $author; //--increment of author views--// $update_poet = author_view_increment($database, $author_id); //--get all poems of author--// $page_poems = get_author_poems($database, $author_id, ['LIMIT' => array($next_number, $perpage), 'COUNT' => true]); $tpl->page_poems = $page_poems['data']; $count_records = $page_poems['count']; $total_pages = ceil($count_records / $perpage);
<?php $tpl = new bQuickTpl(); $tpl->page_title = "Admin Panel - Alias Management"; if (!isset($_SESSION['admin_user_id'])) { header("Location: " . _admin_url . "/login"); exit; } include getcwd() . "/modules/adminarea/common.php"; $get_aliases = $database->select('module_alias', '*'); $tpl->aliases = $get_aliases; echo $tpl->render("themes/adminarea/html/alias_management.php");
<?php $tpl = new bQuickTpl(); include getcwd() . "/modules/adminarea/common.php"; $errmsg_arr = array(); $errflag = false; $success_arr = array(); $successflag = false; if (isset($params[2]) && $params[2] == "error") { $tpl->errors = $_SESSION['ERRMSG_ARR']; } if (isset($params[2]) && $params[2] == "success") { $tpl->success = $_SESSION['SUCCESSMSG_ARR']; } if ($_POST) { $old_password = clean($_POST['data']['old_password']); $new_password = clean($_POST['data']['new_password']); $repeat_password = clean($_POST['data']['repeat_password']); $checkpassword = md5($old_password); //Input Validations if ($old_password == '') { $errmsg_arr[] = 'Old Password Field Value is missing!'; $errflag = true; } else { if ($new_password == '') { $errmsg_arr[] = 'New Password Field Value is missing!'; $errflag = true; } else { if ($repeat_password == '') { $errmsg_arr[] = 'Repeat Password Field Value is missing!'; $errflag = true;
<?php $tpl = new bQuickTpl(); include getcwd() . "/modules/adminarea/common.php"; include getcwd() . "/core/nocsrf.php"; //pr($_SESSION); $tpl->page_title = "Edit Page"; if (isset($vars[2]) && $vars[2]) { $table_name = $vars[2]; } if (isset($vars[3]) && $vars[3]) { $record_id = str_replace("rec:", "", $vars[3]); } if (isset($vars[4]) && $vars[4]) { $status = $vars[4]; if ($status == "saved") { } else { if ($status == "updated") { } else { } } } $allowed_exts = array(); if (isset($file_fields) and !empty($file_fields[$table_name])) { $file_fields_tbl = $file_fields[$table_name]; foreach ($file_fields_tbl as $k => $file_field_info) { $allowed_exts[$file_field_info['field']] = unserialize($file_field_info['allowed_exts']); } } if (isset($_POST) && $_POST) { try {
<?php include getcwd() . "/core/nocsrf.php"; $tpl = new bQuickTpl(); include getcwd() . "/modules/site/common.php"; // Send SEO Data $tpl->page_title = USER_STUFF; $tpl->page_description = site_seo_description; $tpl->keywords = site_seo_keywords; $tpl->page_image = main_url . website_logo; // Send SEO Data if (isset($_SESSION['user_id'])) { //--get user id--// $user_id = $_SESSION['user_id']; //--delete favourite poem--// if ($vars[1] == "del_favourite_poem") { if ($vars[2]) { $module_id = $vars[2]; $module_type = "poems"; delete_favourite_poem($database, $module_id, $module_type, $user_id); header("location: " . get_url($database, "mystuff")); } } //--delete favourite poet--// if ($vars[1] == "del_favourite_poet") { if ($vars[2]) { $module_id = $vars[2]; $module_type = "author"; delete_favourite_poem($database, $module_id, $module_type, $user_id); header("location: " . get_url($database, "mystuff")); }
<?php $tpl = new bQuickTpl(); $tpl->page_title = "Admin Panel"; $status = "none"; $tpl->status = $status; function sortMultiArrayByKey($argArray, $argKey, $argOrder = SORT_DESC) { foreach ($argArray as $key => $row) { $key_arr[$key] = $row[$argKey]; } array_multisort($key_arr, $argOrder, $argArray); return $argArray; } if (!isset($_SESSION['admin_user_id'])) { header("Location: " . _admin_url . "/login"); exit; } //$a = export($database); //Poems $poems = $database->count("poems", array("status" => "1")); $comments = $database->count("comments", array("status" => "1")); $users = $database->count("users", array("status" => "1")); $likes = $database->count("like_dislike", array("liked" => "1")); $dislikes = $database->count("like_dislike", array("dislike" => "1")); //$categories = $database->count("poems_topics",array("status"=>"1"));echo $categories; $total['poems'] = $poems; $total['comments'] = $comments; $total['users'] = $users; $total['likes'] = $likes; $total['dislikes'] = $dislikes;
<?php include getcwd() . "/core/nocsrf.php"; $tpl = new bQuickTpl(); $tpl->page_title = "Admin Panel"; //pr($_SESSION); if (isset($_SESSION['admin_user_id'])) { header("Location: " . _admin_url . "/index"); } $errmsg_arr = array(); $errflag = false; //Defaults $database->query("CREATE TABLE IF NOT EXISTS `admin_user`(`id` int(250) NOT NULL AUTO_INCREMENT,`username` varchar(250) NOT NULL,`password` varchar(250) NOT NULL,`name` varchar(250) NOT NULL,PRIMARY KEY (`id`)) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1"); $num = $database->count('admin_user'); if ($num == 0) { //default username=admin,password=admin $database->insert('admin_user', array('username' => 'admin', 'password' => '21232f297a57a5a743894a0e4a801fc3', 'name' => 'Administrator')); header("Location: " . _admin_url); } if (isset($params[2]) && $params[2] == "error") { $tpl->errors = $_SESSION['ERRMSG_ARR']; } if ($_POST) { try { // Run CSRF check, on POST data, in exception mode, for 10 minutes, in one-time mode. NoCSRF::check('csrf_token', $_POST, true, 60 * 10, false); // form parsing, DB inserts, etc. // ... $result = 'CSRF check passed. Form parsed.'; //Clean the input data $username = clean($_POST['data']['username']);
<?php $tpl = new bQuickTpl(); $tpl->page_title = "Upload CSV"; include getcwd() . "/modules/adminarea/common.php"; $tpl->update = 3; if (isset($_SESSION['admin_user_id'])) { if (isset($_POST) && $_POST) { $error1 = 0; $csv = $_FILES['csv_file']['name']; if (empty($csv)) { $error1 = 1; $tpl->update = 0; $tpl->errormessage = "Please Select a CSV file"; } if (!empty($csv)) { $allowedExts = array("csv"); $extension = end(explode(".", $_FILES["csv_file"]["name"])); if (!in_array($extension, $allowedExts)) { $error1 = 1; $tpl->update = 0; $tpl->errormessage = "File format not supported except .csv"; } } if ($error1 != '1') { if (($handle = fopen($_FILES['csv_file']['tmp_name'], "r")) !== FALSE) { $j = 1; while (($data = fgetcsv($handle, 1000, ",")) !== FALSE) { $d = array(); $getcolumns_title = $database->getColumns($vars[2]); if (count($getcolumns_title) > 0) {
<?php $tpl = new bQuickTpl(); include getcwd() . "/modules/adminarea/common.php"; $table_name = $vars[2]; $record_id = $vars[3]; $record_id = str_replace("rec:", "", $record_id); $primary_key = $database->getPKID($table_name); $getrecord_info = $database->select($table_name, "*", array($primary_key => $record_id)); $getleast_id = $database->select($table_name, $primary_key, array("ORDER" => $primary_key . " ASC", "LIMIT" => 1)); $gethighest_id = $database->select($table_name, $primary_key, array("ORDER" => $primary_key . " DESC", "LIMIT" => 1)); $last_id = $database->select($table_name, $primary_key, array($primary_key . "[<]" => $record_id, "ORDER" => $primary_key . " DESC", "LIMIT" => 1)); $next_id = $database->select($table_name, $primary_key, array($primary_key . "[>]" => $record_id, "ORDER" => $primary_key . " ASC", "LIMIT" => 1)); $next = ""; $last = ""; if (isset($last_id[0]) && $last_id[0]) { $last = $last_id[0]; } if (isset($next_id[0]) && $next_id[0]) { $next = $next_id[0]; } $custom_data = array(); //pr($get_another_data);exit; foreach ($get_another_data as $stuff) { if ($stuff['main_table'] == $table_name) { $query_complete = $database->select($stuff['secondary_table'], "*"); $custom_data[$stuff['main_field']]['data'] = $query_complete; $custom_data[$stuff['main_field']]['attributes']['seconday_field'] = $stuff['secondary_field']; $custom_data[$stuff['main_field']]['attributes']['value'] = $stuff['value']; $custom_data[$stuff['main_field']]['attributes']['secondary_table'] = $stuff['secondary_table']; }
<?php $tpl = new bQuickTpl(); include getcwd() . "/modules/site/common.php"; // Send SEO Data $tpl->page_title = POETS; $tpl->page_description = site_seo_description; $tpl->keywords = site_seo_keywords; $tpl->page_image = main_url . website_logo; // Send SEO Data //--PAGINATION--// foreach ($vars as $var) { if (strpos($var, 'p:') === 0) { $page_no_var = $var; //get the current Page from URL } } $perpage = poets_per_page; $paginate = paginate($perpage, $page_no_var); $next_number = $paginate['next_number']; //--get all authors--// $get_user = get_all_users($database, $next_number, $perpage); $tpl->all_user = $get_user; $count_records = $database->count("users"); $total_pages = ceil($count_records / $perpage); $current_count = count($get_user); $page_array = array(); $page_array['current_page'] = $paginate['page_no']; $page_array['total_pages'] = $total_pages; $page_array['total_records'] = $count_records; $page_array['current_count'] = $current_count;
<?php $tpl = new bQuickTpl(); include getcwd() . "/modules/site/common.php"; // Send SEO Data $tpl->page_title = TOPICS; $tpl->page_description = site_seo_description; $tpl->keywords = site_seo_keywords; $tpl->page_image = main_url . website_logo; // Send SEO Data //--get category id--// $category_id = $vars[1]; //--pagination--// foreach ($vars as $var) { if (strpos($var, 'p:') === 0) { $page_no_var = $var; //get the current Page from URL } } //$perpage = poems_per_page; //$paginate = paginate($perpage, $page_no_var); //$next_number = $paginate['next_number']; //--get all topics--// $all_topics = all_topics($database); $tpl->topicss = $all_topics; $count_records = $database->count("topics"); //$total_pages = ceil($count_records / $perpage); $current_count = count($all_topics); $page_array = array(); $page_array['current_page'] = $page_no; $page_array['total_pages'] = $total_pages;
<?php include getcwd() . "/core/nocsrf.php"; $tpl = new bQuickTpl(); include getcwd() . "/modules/site/common.php"; // Send SEO Data $tpl->page_title = EDIT_PROFILE; $tpl->page_description = site_seo_description; $tpl->keywords = site_seo_keywords; $tpl->page_image = main_url . website_logo; // Send SEO Data //--checking session id--// if (isset($_SESSION['user_id'])) { if (isset($_SESSION['user_id'])) { if (isset($_SESSION['user_id'])) { $user = $database->select("users", "*", array("id" => $_SESSION['user_id'])); } elseif (isset($_SESSION['fbid'])) { $user = $database->select("users", "*", array("id" => $_SESSION['uid'])); } $tpl->user_data = $user; //pr($user); //--explode fullname--// $fullname = explode(" ", $user[0]['fullname']); $tpl->firstname = $fullname[0]; $tpl->lastname = $fullname[1]; //pr($fullname); $errmsg_arr = array(); $errflag = false; //--edit profile for user--// if (isset($_POST) && $_POST) { try {
<?php $tpl = new bQuickTpl(); $tpl->page_title = "Manage Fields Section"; /* Fetch Tables from Database*/ $gettables = $database->query("SHOW TABLES FROM " . db_name)->fetchAll(); $manage_fields = array(); $database->query("CREATE TABLE IF NOT EXISTS `fields_admin`(`id` int(250) NOT NULL AUTO_INCREMENT,`Table_name` varchar(250) NOT NULL,`Table_Fields` text NOT NULL,PRIMARY KEY (`id`)) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1"); $get_fields_admin = $database->select("fields_admin", "*"); $newarray = array(); foreach ($get_fields_admin as $fields) { $newarray[$fields['Table_name']] = $fields['Table_Fields']; } $i = 0; foreach ($gettables as $tableslist) { $dbfields = $database->getColumns($tableslist[0]); $manage_fields[$tableslist['0']] = $dbfields; $i++; } $tpl->manage_fields = $manage_fields; $tpl->db_fields = $newarray; include getcwd() . "/modules/adminarea/common.php"; echo $tpl->render("themes/adminarea/html/managefields.php");
<?php include getcwd() . "/core/nocsrf.php"; $tpl = new bQuickTpl(); include getcwd() . "/modules/site/common.php"; include getcwd() . "/includes/common.php"; // Send SEO Data $tpl->page_title = CHANGE_PASSWORD; $tpl->page_description = site_seo_description; $tpl->keywords = site_seo_keywords; $tpl->page_image = main_url . website_logo; // Send SEO Data $errmsg_arr = array(); $errflag = false; if (isset($params[2]) && $params[2] == "error") { $tpl->errors = $_SESSION['ERRMSG_ARR']; } if (isset($_SESSION['user_id'])) { if (isset($_POST) && $_POST['change_password']) { try { NoCSRF::check('csrf_token', $_POST, true, 60 * 10, false); $old_password = clean($_POST['data']['old_password']); $new_password = clean($_POST['data']['new_password']); $repeat_password = clean($_POST['data']['r_password']); $checkpassword = clean(md5($old_password)); //Input Validations if ($old_password == '') { $errmsg_arr[] = 'Old Password Field Value is missing!'; $errflag = true; } if ($new_password == '') {
<?php $tpl = new bQuickTpl(); include getcwd() . "/modules/adminarea/common.php"; include getcwd() . "/core/nocsrf.php"; if (isset($_POST['q']) && $_POST['q']) { $q = $_POST['q']; $_SESSION['query'] = $q; } if (isset($vars[2]) && $vars[2]) { $table_name = $vars[2]; } if (isset($vars[3]) && $vars[3]) { $page_no_var = $vars[3]; } if (isset($vars[4]) && $vars[4]) { $perpage_param = $vars[4]; } if (isset($vars[5]) && $vars[5]) { $sort_by_param = $vars[5]; } else { $sort_by_param = "sortby:" . $database->getPKID($table_name) . ":DESC"; } // Per Page Content if (isset($perpage_param) && $perpage_param) { $_SESSION['perpage'] = str_replace("perpage:", "", $perpage_param); } if (isset($_SESSION['perpage']) && $_SESSION['perpage']) { $perpage = $_SESSION['perpage']; } else { $perpage = 10;
<?php $tpl = new bQuickTpl(); $tpl->page_title = "Admin Panel - Backup & Restore"; if (!isset($_SESSION['admin_user_id'])) { header("Location: " . _admin_url . "/login"); exit; } //get contents of backup folder $backup_files = directory_contents(getcwd() . "/config/backup_restore", "sql"); //pr($params); if (isset($params[2]) && $params[2] == 'backup') { $backup = backup_db($database); if ($backup) { header("Location: " . _admin_url . "/backup_restore/success/backup"); } else { header("Location: " . _admin_url . "/backup_restore/error/backup"); } } if (isset($params[2]) && $params[2] == 'restore') { $restore = restore_db($database); if ($restore) { header("Location: " . _admin_url . "/backup_restore/success/restore"); } else { header("Location: " . _admin_url . "/backup_restore/error/restore"); } } $tpl->backup_files = $backup_files; include getcwd() . "/modules/adminarea/common.php"; echo $tpl->render("themes/adminarea/html/backup_restore.php");
<?php include getcwd() . "/core/nocsrf.php"; $tpl = new bQuickTpl(); include getcwd() . "/modules/site/common.php"; // Send SEO Data $tpl->page_title = SUBMISSION; $tpl->page_description = site_seo_description; $tpl->keywords = site_seo_keywords; $tpl->page_image = main_url . website_logo; // Send SEO Data //--fetch all topics--// $fetch_all_topics = all_topics($database); $tpl->all_topics = $fetch_all_topics; //--fetch all authors--// $fetch_all_authors = all_authors($database); $tpl->all_authors = $fetch_all_authors; foreach ($vars as $var) { if (strpos($var, 'p:') === 0) { $page_no_var = $var; //get the current Page from URL } } if (isset($_SESSION['user_id'])) { $user_id = $_SESSION['user_id']; $errmsg_arr = array(); $errflag = false; if (isset($_POST) && $_POST) { try { NoCSRF::check('csrf_token', $_POST, true, 60 * 10, false); $title = clean($_POST['data']['poem_title']);
<?php $tpl = new bQuickTpl(); include getcwd() . "/modules/adminarea/common.php"; echo $tpl->render("themes/adminarea/html/elements/header.php"); echo $tpl->render("themes/adminarea/html/404.php"); echo $tpl->render("themes/adminarea/html/elements/footer.php");