} clearCache(); if (defined('ajax')) { ajaxSuccess($conf['l']['admin:msg:ChangeSaved']); } else { header("Location: {$conf['siteURL']}/{$conf['linkPrefixAdmin']}/extensions/{$conf['linkConj']}CSRFCode=" . $admin->getCSRFCode('navibar')); exit; } } } elseif ($canonical->currentArgs['subAction'] == 'widget') { $admin->checkCSRFCode('newext'); if (!isset($_REQUEST['wgtID']) || empty($_REQUEST['wgtID'])) { stopError($conf['l']['admin:msg:NoData']); } else { $extOrder = floor($_REQUEST['extOrder']); $extList = bw::getAllWidgets(); $extID = htmlspecialchars($_REQUEST['wgtID'], ENT_QUOTES, 'UTF-8'); $patternWidgetHooks = array('wghtmlhead' => 'value', 'wgheader' => 'text,url,title,target', 'wgsidebar' => 'title,value', 'wgfooter' => 'value'); $extHooks = $_REQUEST['extHooks']; if (!array_key_exists($extHooks, $patternWidgetHooks)) { stopError($conf['l']['admin:msg:NoContent']); } $extStorage = array(); foreach (@explode(',', $patternWidgetHooks[$extHooks]) as $wgtCol) { $extStorage[$wgtCol] = $wgtCol == 'value' ? $_REQUEST['wgt' . $wgtCol] : htmlspecialchars($_REQUEST['wgt' . $wgtCol], ENT_QUOTES, 'UTF-8'); } if ($extOrder == -1) { if (array_key_exists($extID, $extList)) { stopError($conf['l']['admin:msg:Existed']); } bw::$db->dbExec('INSERT INTO extensions (extID, extDesc, extHooks, extActivate, extOrder, isWidget, extStorage) VALUES (?, "", ?, 1, ?, 1, ?)', array($extID, $extHooks, count($extList) + 1, json_encode($extStorage)));