/**
* редактируем выбранный материал
*/
function newAction()
{
if ($_POST) {
// записываем в базу
forms::multy_update_form('order_number', $_POST['id'], 0);
$this->msg = general::messages(1, v::getI18n('backend_after_save'));
// строим запрос
$_sql = "SELECT order_number.*, users.name, users.address, users.phone, users.email, users.city\n\t\t\t\t\tFROM order_number, users \n\t\t\t\t\twhere order_number.id_user=users.id and order_number.id=" . $_POST['id'];
// выбираем данные о заказе
$_sql0 = 'SELECT orders.*, catalog.name, catalog.artikul
FROM orders
Left Outer Join catalog ON orders.id_good=catalog.id
where number_order=' . $_POST['id'] . '
order by catalog.name';
} else {
// строим запрос
$_sql = "SELECT order_number.*, users.name, users.address, users.phone, users.email, users.city \n\t\t\t\t\tFROM order_number, users \n\t\t\t\t\twhere order_number.id_user=users.id and order_number.id=" . $_GET['id'];
// выбираем данные о заказе
$_sql0 = 'SELECT orders.*, catalog.name, catalog.artikul
FROM orders
Left Outer Join catalog ON orders.id_good=catalog.id
where number_order=' . $_GET['id'] . '
order by catalog.name';
}
// выполняем запрос + при необходимости выводим сам запрос
$result = mysql::query_one($_sql, 0);
// выполняем запрос + при необходимости выводим сам запрос
$result0 = mysql::query($_sql0, 0);
// массив типов
global $_status_order;
return system::show_tpl(array('obj' => $result, 'msg' => $this->msg, 'select' => $_status_order, 'result0' => $result0), 'orders/new.php');
}
/**
* редактируем выбранный материал
*/
function sendAction()
{
if ($_POST) {
// проверяем на checkbox
forms::check_box(array('status'));
// строим запрос
$_sql = 'SELECT * FROM ' . $this->tablename;
// выполняем запрос + при необходимости выводим сам запрос
$result = mysql::query($_sql, 0);
$from = $GLOBALS['mailadmin'];
$subject = $_POST['FORM']['zag'];
$message = $_POST['FORM']['text'];
$_to = '';
foreach ($result as $result) {
$to = $result->email;
$_to .= $result->email . '<br>';
sent_email_new($to, $message, "", $subject, $from);
}
// пишем в лог
unset($_POST['FORM']['status']);
$_POST['FORM']['email'] = $_to;
forms::multy_insert_form('subscribe_conf', 0);
$this->msg = general::messages(1, v::getI18n('backend_after_send'));
}
return system::show_tpl(array('msg' => $this->msg, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/send.php');
}
function indexAction()
{
if (isset($_POST['check'])) {
if ($_POST['FORM']['ua'] == 'on') {
$_POST['FORM']['ua'] = 1;
} else {
$_POST['FORM']['ua'] = 0;
}
if ($_POST['FORM']['en'] == 'on') {
$_POST['FORM']['en'] = 1;
} else {
$_POST['FORM']['en'] = 0;
}
if ($_POST['FORM']['fr'] == 'on') {
$_POST['FORM']['fr'] = 1;
} else {
$_POST['FORM']['fr'] = 0;
}
if ($_POST['FORM']['esp'] == 'on') {
$_POST['FORM']['esp'] = 1;
} else {
$_POST['FORM']['esp'] = 0;
}
if ($_POST['FORM']['ger'] == 'on') {
$_POST['FORM']['ger'] = 1;
} else {
$_POST['FORM']['ger'] = 0;
}
forms::multy_update_form($this->tablename, 1, 0);
$this->msg = general::messages(1, v::getI18n('backend_after_save'));
}
$sql = "SELECT * FROM languages";
$res = mysql::query_one($sql, 0);
return system::show_tpl(array('obj' => $res, 'msg' => $this->msg, '_status' => isset($_POST['status']) ? $_POST['status'] : 2, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/index.php');
}
/**
* добавляем новый материал
*/
function addAction()
{
$this->table_name = $_GET['tablename'];
if ($_POST) {
// проверяем на checkbox
forms::check_box(array('status'));
// записываем в базу
forms::multy_insert_form($this->table_name, 0);
$this->msg = general::messages(1, v::getI18n('backend_after_save'));
}
return system::show_tpl(array('msg' => $this->msg, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/add.php');
}
function login_form()
{
tpl_set('page_description', 'Login');
$arg1 = arg(0);
$arg2 = arg(1);
$arg3 = arg(2);
if ($arg1[0] == "register") {
if (!$arg2[0]) {
// Initiate a new form.
$form = new forms(array('name' => 'register_form', 'method' => 'post', 'action' => '', 'class' => 'register_form form-horizontal', 'id' => 'register-form'));
$form->add_field(array('type' => 'text', 'name' => 'name', 'label' => t('Name & Surname')));
$form->add_field(array('type' => 'text', 'name' => 'email', 'label' => t('Email Address')));
$form->add_field(array('type' => 'password', 'name' => 'password', 'label' => t('Password')));
$form->add_field(array('type' => 'password', 'name' => 'password_again', 'label' => t('Password Again')));
// Add a submit button.
$form->add_button(array('type' => 'submit', 'name' => 'register_button', 'value' => 'Register', 'class' => 'btn btn-primary'));
// And now we deal with validations and submissions.
$form->validate('permissions.validate_register_form');
$form->submit('permissions.submit_register_form');
} elseif ($arg2[0] == 2) {
$node = new node($arg3);
tpl_set('node', objectArray($node));
// Initiate a new form.
$form = new forms(array('name' => 'register_form', 'method' => 'post', 'action' => '', 'class' => 'register_form form-horizontal', 'id' => 'register-form'));
$form->add_field(array('type' => 'text', 'name' => 'activation_code', 'label' => t('Activation Code')));
// Add a submit button.
$form->add_button(array('type' => 'submit', 'name' => 'register_button', 'value' => 'Activate', 'class' => 'btn btn-primary'));
// And now we deal with validations and submissions.
$form->validate('permissions.validate_activation_form');
$form->submit('permissions.submit_activation_form');
} elseif ($arg2[0] == 3) {
header('location: ' . base_path());
}
} else {
if ($arg1[0] == 'lostpassword') {
// Initiate a new form.
$form = new forms(array('name' => 'register_form', 'method' => 'post', 'action' => '', 'class' => 'register_form form-horizontal', 'id' => 'register-form'));
// Now we start to add some fields.
$form->add_field(array('type' => 'text', 'name' => 'email', 'label' => t('Email Address')));
// Add a submit button.
$form->add_button(array('type' => 'submit', 'name' => 'register_button', 'value' => 'Retrieve', 'class' => 'btn btn-primary'));
// And now we deal with validations and submissions.
$form->validate('permissions.validate_login_form');
$form->submit('permissions.submit_login_form');
} else {
// Initiate a new form.
$form = new forms(array('name' => 'login_form', 'method' => 'post', 'action' => '', 'class' => 'login_form form-horizontal', 'id' => 'login-form'));
// Now we start to add some fields.
$form->add_field(array('type' => 'text', 'name' => 'username', 'label' => t('Username')));
$form->add_field(array('type' => 'password', 'name' => 'password', 'label' => t('Password')));
// Add a submit button.
$form->add_button(array('type' => 'submit', 'name' => 'login_button', 'value' => 'Login', 'class' => 'btn btn-primary'));
// And now we deal with validations and submissions.
$form->validate('permissions.validate_login_form');
$form->submit('permissions.submit_login_form');
}
}
// form testing
$form->render();
}
/**
* редактирование настроек
*/
function editAction()
{
if ($_POST) {
// записываем в базу
forms::multy_update_form_all_records($this->tablename, 'zna', 0);
$this->msg = general::messages(1, v::getI18n('backend_after_save'));
}
// строим запрос
$_sql = 'SELECT * FROM ' . $this->tablename . ' where status=1 order by sort';
// выполняем запрос + при необходимости выводим сам запрос
$result = mysql::query($_sql, 0);
return system::show_tpl(array('result' => $result, 'msg' => $this->msg, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/edit.php');
}
public static function formFieldOptions($formID)
{
$form = forms::get($formID);
$output = '<option value="idno">IDNO</option><optgroup label="Form Fields">';
foreach ($form['fields'] as $field) {
if (isset($field['choicesType'])) {
continue;
}
$output .= sprintf('<option value="%s">%s</option>', $field['name'], $field['label']);
}
$output .= "</optgroup>";
return $output;
}
function add_contact()
{
// Initiate a new form.
$form = new forms(array('name' => 'create_a_contact', 'method' => 'post', 'action' => '', 'class' => 'create_a_contact_form form-horizontal', 'id' => 'create-a-contact-form'));
// Now we start to add some elements.
$form->add_field(array('type' => 'text', 'name' => 'title', 'label' => t('Name'), 'placeholder' => t('Enter your contact\'s full name'), 'required' => true));
$form->add_field(array('type' => 'tel', 'name' => 'mobile', 'label' => t('Mobile'), 'placeholder' => t('Enter your contact\'s mobile number')));
$form->add_field(array('type' => 'email', 'name' => 'email', 'label' => t('Email'), 'placeholder' => t('Enter your contact\'s email address')));
// Add a submit button.
$form->add_button(array('type' => 'submit', 'name' => 'add_contact', 'value' => 'Add Contact', 'class' => 'btn btn-primary'));
// And now we deal with validations and submissions.
$form->validate('contacts_add.add_contact_validate');
$form->submit('contacts_add.add_contact_submit');
// form testing
$form->render();
}
/**
* редактируем материал
*/
function editAction()
{
if ($_POST) {
// записываем в базу
forms::multy_update_form($this->tablename, $_POST['id'], 0);
$this->msg = general::messages(1, v::getI18n('backend_after_save'));
$_sql = 'SELECT * FROM ' . $this->tablename . ' where id=' . $_POST['id'];
} else {
$_sql = 'SELECT * FROM ' . $this->tablename . ' where id=' . $_GET['id'];
}
// выполняем запрос + при необходимости выводим сам запрос
$result = mysql::query_one($_sql, 0);
return system::show_tpl(array('obj' => $result, 'msg' => $this->msg, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/edit.php');
}
/**
* add new podrazdel
*/
function add_answerAction()
{
if ($_POST) {
// проверяем на checkbox
forms::check_box(array('status'));
// записываем в базу
forms::multy_insert_form($this->tablename, 0);
$this->msg = general::messages(1, v::getI18n('backend_after_save'));
$_GET['id_parent'] = $_POST['FORM']['id_parent'];
}
// выбираем разделы у которых могут быть подразделы
$_sql = 'SELECT * FROM ' . $this->tablename . ' where id=' . $_GET['id_parent'];
$select = mysql::query($_sql, 0);
return system::show_tpl(array('select' => $select, 'msg' => $this->msg, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/add_answer.php');
}
/**
* добавляем новый материал
*/
function addAction()
{
global $_sklad;
if ($_POST) {
// проверяем на checkbox
forms::check_box(array('status'));
//for($i=0; $i<50; $i++) {
// записываем в базу
forms::multy_insert_form($this->tablename, 0);
$this->msg = general::messages(1, v::getI18n('backend_after_save'));
//}
}
// строим запрос
$_sql = 'SELECT * FROM ' . $this->tablename . ' where id>0 order by sort desc';
// выполняем запрос + при необходимости выводим сам запрос
$select = mysql::query($_sql, 0);
return system::show_tpl(array('city' => dbh::get_city(), 'msg' => $this->msg, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/add.php');
}
/**
* отображаем весь список материалов
*/
function indexAction()
{
// только для СуперАдмина
if (!general::sadmin()) {
return general::messages(0, v::getI18n('backend_orror_access'));
}
if ($_POST) {
// проверяем на checkbox
forms::check_box(dbh::menu_get_id());
// записываем в базу
forms::multy_update_form_all_records($this->tablename, 'status', 0);
$this->msg = general::messages(1, v::getI18n('backend_after_save'));
}
// строим запрос
$_sql = 'SELECT * FROM ' . $this->tablename . ' where id_parent=0 order by zindex';
// выполняем запрос + при необходимости выводим сам запрос
$result = mysql::query($_sql, 0);
return system::show_tpl(array('result' => $result, 'msg' => $this->msg), $this->tpl_folder . '/index.php');
}
public static function buildProjectNavigation($formID)
{
if (($form = forms::get($formID)) === FALSE) {
return FALSE;
}
localvars::add("formID", htmlSanitize($formID));
$output = "";
$currentGroup = "";
if (!is_array($form['navigation'])) {
return $output;
}
foreach ($form['navigation'] as $item) {
// deal with field sets
if ($item['grouping'] != $currentGroup) {
if ($currentGroup != "") {
$output .= "</ul></li>";
}
if (!is_empty($item['grouping'])) {
$output .= sprintf('<li><strong>%s</strong><ul>', $item['grouping']);
}
$currentGroup = $item['grouping'];
}
$output .= "<li>";
if ($item['type'] == "logout") {
$output .= sprintf('<a href="%s">%s</a>', htmlSanitize($item['url']), htmlSanitize($item['label']));
} else {
if ($item['type'] == "link") {
$item['url'] = preg_replace("/{siteRoot}/", mfcs::config("siteRoot"), $item['url']);
$output .= sprintf('<a href="%s">%s</a>', htmlSanitize($item['url']), htmlSanitize($item['label']));
} else {
if ($item['type'] == "objectForm" || $item['type'] == "metadataForm") {
$form = forms::get($item['formID']);
$output .= sprintf('<a href="" data-formID="%s" data-header="%s" data-toggle="modal" class="metadataObjectEditor">%s</a>', htmlSanitize($item['formID']), htmlSanitize($item['label']), htmlSanitize(!empty($form['displayTitle']) ? $form['displayTitle'] : (!empty($form['title']) ? $form['title'] : '[No form title]')));
} else {
$output .= sprintf('%s', htmlSanitize($item['label']));
}
}
}
$output .= "</li>";
}
return $output;
}
/**
* добавляем новый материал
*/
function addAction()
{
if ($_POST) {
// загружаем файл
if ($_FILES) {
//$_arr=explode('.',$_FILES[file1][name]);
//$_file_name=v::toSlug($_arr[0]).'.'.$_arr[1];
preg_match('/(\\S+)\\.(\\S+)$/', $_FILES[file1][name], $_arr);
$_file_name = v::toSlug($_arr[1]) . '.' . $_arr[2];
//echo "<pre>".print_r($_FILES,1)."</pre>";
move_uploaded_file($_FILES[file1]['tmp_name'], HOST . PRICE_LIST_PATH . '/' . $_file_name);
$_POST['FORM']['pole'] = $_file_name;
}
// записываем в базу
forms::multy_insert_form($this->tablename, 0);
$this->msg = general::messages(1, v::getI18n('backend_after_save'));
header('Location: /backend/' . $this->tpl_folder . '/index');
}
return system::show_tpl(array('msg' => $this->msg, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/add.php');
}
function update_user($user_id)
{
global $conn, $config, $lang;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
require_once $config['basepath'] . '/include/forms.inc.php';
$forms = new forms();
$display = '';
$do_update = true;
if ($_POST['edit_user_pass'] != $_POST['edit_user_pass2']) {
$display .= '<p>' . $lang['user_manager_password_identical'] . '</p>';
$do_update = false;
} elseif ($_POST['edit_user_pass'] == '') {
$do_update = true;
}
// end elseif
if ($_POST['user_email'] == '' || $_POST['user_first_name'] == '' || $_POST['user_last_name'] == '') {
$display .= "<p class=\"redtext\">{$lang['required_fields_not_filled']}</p>";
$do_update = false;
}
// Get Current User type
$sql = 'SELECT userdb_is_agent, userdb_is_admin, userdb_active FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $user_id;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$is_agent = $misc->make_db_unsafe($recordSet->fields['userdb_is_agent']);
$is_admin = $misc->make_db_unsafe($recordSet->fields['userdb_is_admin']);
$is_active = $misc->make_db_unsafe($recordSet->fields['userdb_active']);
$sql_user_email = $misc->make_db_safe($_POST['user_email']);
$sql_user_first_name = $misc->make_db_safe($_POST['user_first_name']);
$sql_user_last_name = $misc->make_db_safe($_POST['user_last_name']);
//Make sure no other user has this email address.
$sql = 'SELECT userdb_id FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_emailaddress = ' . $sql_user_email;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
if ($recordSet->fields['userdb_id'] != $user_id) {
$display .= "<p class=\"redtext\">{$lang['email_address_already_used']}</p>";
$do_update = false;
}
$recordSet->MoveNext();
}
if ($do_update) {
global $pass_the_form;
if ($is_agent == 'yes' || $is_admin == 'yes') {
$db_to_validate = 'agentformelements';
} else {
$db_to_validate = 'memberformelements';
}
$pass_the_form = $forms->validateForm($db_to_validate);
if (is_array($pass_the_form)) {
// if we're not going to pass it, tell that they forgot to fill in one of the fields
foreach ($pass_the_form as $k => $v) {
if ($v == 'REQUIRED') {
$display .= "<p class=\"redtext\">{$k}: {$lang['required_fields_not_filled']}</p>";
}
if ($v == 'TYPE') {
$display .= "<p class=\"redtext\">{$k}: {$lang['field_type_does_not_match']}</p>";
}
}
} else {
$_POST['user_email'] = $misc->make_db_safe($_POST['user_email']);
if ($_POST['edit_user_pass'] == '') {
$sql = 'UPDATE ' . $config['table_prefix'] . 'userdb SET userdb_emailaddress = ' . $_POST['user_email'] . ', userdb_last_modified = ' . $conn->DBTimeStamp(time()) . ' WHERE userdb_id = ' . $user_id;
} else {
$md5_user_pass = md5($_POST['edit_user_pass']);
$md5_user_pass = $misc->make_db_safe($md5_user_pass);
$sql = 'UPDATE ' . $config['table_prefix'] . 'userdb SET userdb_emailaddress = ' . $_POST['user_email'] . ', userdb_user_password = '******', userdb_last_modified = ' . $conn->DBTimeStamp(time()) . ' WHERE userdb_id = ' . $user_id;
}
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
if ($_SESSION['admin_privs'] == 'yes' && $is_admin == 'yes') {
$sql_edit_limitListings = $misc->make_db_safe($_POST['edit_limitListings']);
$sql_edit_limitFeaturedListings = $misc->make_db_safe($_POST['edit_limitFeaturedListings']);
$sql_edit_userRank = $misc->make_db_safe($_POST['edit_userRank']);
$sql = 'UPDATE ' . $config['table_prefix'] . 'userdb SET userdb_rank = ' . $sql_edit_userRank . ', userdb_featuredlistinglimit = ' . $sql_edit_limitFeaturedListings . ', userdb_limit_listings = ' . $sql_edit_limitListings . ' WHERE userdb_id = ' . $user_id;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
}
// If Admin is upadting and agent set other fields
if ($_SESSION['admin_privs'] == 'yes' && $is_agent == 'yes') {
$edit_is_active = $misc->make_db_safe($_POST['edit_active']);
$edit_first_name = $misc->make_db_safe($_POST['user_first_name']);
$edit_last_name = $misc->make_db_safe($_POST['user_last_name']);
$edit_canEditSiteConfig = $misc->make_db_safe($_POST['edit_canEditSiteConfig']);
$edit_canEditMemberTemplate = $misc->make_db_safe($_POST['edit_canEditMemberTemplate']);
$edit_canEditAgentTemplate = $misc->make_db_safe($_POST['edit_canEditAgentTemplate']);
$edit_canEditListingTemplate = $misc->make_db_safe($_POST['edit_canEditListingTemplate']);
$edit_canEditAllListings = $misc->make_db_safe($_POST['edit_canEditAllListings']);
$edit_canEditAllUsers = $misc->make_db_safe($_POST['edit_canEditAllUsers']);
$edit_can_view_logs = $misc->make_db_safe($_POST['edit_canViewLogs']);
$edit_can_moderate = $misc->make_db_safe($_POST['edit_canModerate']);
$edit_can_feature_listings = $misc->make_db_safe($_POST['edit_canFeatureListings']);
$edit_can_edit_pages = $misc->make_db_safe($_POST['edit_canPages']);
$edit_can_have_vtours = $misc->make_db_safe($_POST['edit_canVtour']);
$edit_can_have_files = $misc->make_db_safe($_POST['edit_canFiles']);
$edit_can_have_user_files = $misc->make_db_safe($_POST['edit_canUserFiles']);
$edit_limitListings = $misc->make_db_safe($_POST['edit_limitListings']);
$sql_edit_canExportListings = $misc->make_db_safe($_POST['edit_canExportListings']);
$sql_edit_canEditListingExpiration = $misc->make_db_safe($_POST['edit_canEditListingExpiration']);
$sql_edit_canEditPropertyClasses = $misc->make_db_safe($_POST['edit_canEditPropertyClasses']);
$sql_userdb_blog_user_type = $misc->make_db_safe($_POST['edit_BlogPrivileges']);
$sql_edit_limitFeaturedListings = $misc->make_db_safe($_POST['edit_limitFeaturedListings']);
$sql_edit_userRank = $misc->make_db_safe($_POST['edit_userRank']);
$sql_edit_canManageAddons = $misc->make_db_safe($_POST['edit_canManageAddons']);
$sql = 'UPDATE ' . $config['table_prefix'] . 'userdb SET
userdb_active = ' . $edit_is_active . ',
userdb_user_first_name = ' . $edit_first_name . ',
userdb_user_last_name = ' . $edit_last_name . ',
userdb_can_edit_site_config = ' . $edit_canEditSiteConfig . ',
userdb_can_edit_member_template = ' . $edit_canEditMemberTemplate . ',
userdb_can_edit_agent_template = ' . $edit_canEditAgentTemplate . ',
userdb_can_edit_listing_template = ' . $edit_canEditListingTemplate . ',
userdb_can_view_logs = ' . $edit_can_view_logs . ',
userdb_can_moderate = ' . $edit_can_moderate . ',
userdb_can_feature_listings = ' . $edit_can_feature_listings . ',
userdb_can_edit_pages = ' . $edit_can_edit_pages . ',
userdb_can_have_vtours = ' . $edit_can_have_vtours . ',
userdb_can_have_files = ' . $edit_can_have_files . ',
userdb_can_have_user_files = ' . $edit_can_have_user_files . ',
userdb_limit_listings = ' . $edit_limitListings . ',
userdb_can_edit_expiration = ' . $sql_edit_canEditListingExpiration . ',
userdb_can_export_listings = ' . $sql_edit_canExportListings . ',
userdb_can_edit_all_users = ' . $edit_canEditAllUsers . ',
userdb_can_edit_all_listings = ' . $edit_canEditAllListings . ',
userdb_can_edit_property_classes = ' . $sql_edit_canEditPropertyClasses . ',
userdb_can_manage_addons = ' . $sql_edit_canManageAddons . ',
userdb_rank = ' . $sql_edit_userRank . ',
userdb_featuredlistinglimit = ' . $sql_edit_limitFeaturedListings . ',
userdb_blog_user_type = ' . $sql_userdb_blog_user_type . '
WHERE userdb_id = ' . $user_id;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
} else {
if (isset($_POST['edit_active'])) {
$edit_is_active = $misc->make_db_safe($_POST['edit_active']);
} else {
$edit_is_active = $misc->make_db_safe('yes');
}
$edit_first_name = $misc->make_db_safe($_POST['user_first_name']);
$edit_last_name = $misc->make_db_safe($_POST['user_last_name']);
$sql = 'UPDATE ' . $config['table_prefix'] . 'userdb SET userdb_active = ' . $edit_is_active . ', userdb_user_first_name = ' . $edit_first_name . ', userdb_user_last_name =' . $edit_last_name . ' WHERE userdb_id = ' . $user_id;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
}
if ($is_active == 'no' && $_POST['edit_active'] == 'yes') {
if ($config['moderate_agents'] == 1 && $is_agent == 'yes' || $config['moderate_members'] == 1 && $is_agent == 'no') {
$message = $_POST['user_first_name'] . ' ' . $_POST['user_last_name'] . ",\r\n" . $lang['user_activated_message'] . "\r\n\r\n";
if ($is_agent == 'yes') {
$link = $config['baseurl'] . '/admin/index.php';
} else {
$link = $config['baseurl'] . '/index.php?action=member_login';
}
$message .= $link;
$email = str_replace('\'', '', $_POST['user_email']);
$send = $misc->send_email($config['company_name'], $config['admin_email'], $email, $message, $lang['user_activated_subject']);
}
}
$message = user_managment::updateUserData($user_id);
if ($message == 'success') {
// one has to ensure that the cookie containing the pass is reset
// otherwise, one would have to log out and in again everytime
// an account was updated
if ($_POST['edit_user_pass'] != "" && $_SESSION['userID'] == $user_id) {
$_SESSION['userpassword'] = md5($_POST['edit_user_pass']);
}
$display .= '<p>' . $lang['user_editor_account_updated'] . ', ' . $_SESSION['username'] . '</p>';
} else {
$display .= '<p>' . $lang['alert_site_admin'] . '</p>';
}
// end else
}
// end if $pass_the_form == "Yes"
}
// end else
$misc->log_action($lang['log_updated_user'] . ': ' . $user_id);
return $display;
}
<?php
session_save_path('/tmp');
ini_set('memory_limit', -1);
set_time_limit(0);
require "../header.php";
if (!isCLI()) {
print "Must be run from the command line.";
exit;
}
// Turn off EngineAPI template engine
$engine->obCallback = FALSE;
$forms = forms::getForms(NULL);
$dupeConfirm = array(TRUE => 0, FALSE => 0);
foreach ($forms as $form) {
print "Form: " . $form['title'] . "\n";
$objects = objects::getAllObjectsForForm($form['ID']);
foreach ($objects as $object) {
unset(mfcs::$engine->cleanPost['MYSQL']);
$return = duplicates::updateDupeTable($form['ID'], $object['ID'], $object['data']);
$dupeConfirm[$return]++;
}
}
print "\n\n";
var_dump($dupeConfirm);
print "Done.\n\n";
<?php
##########################################################################################################################################
## start insert new user
##########################################################################################################################################
if (isset($_POST['userInsert'])) {
# import class to form validation
$this->vLoadClass($this->vconf['path'], "/vActions.phar/class.forms.php");
# start new class
$v = new forms();
$v->classeErro = 'formPointer';
$falha[1] = $v->validatorField('userPath', "Diretorio não definido");
### proced to register
$falhas = implode("", $falha);
if (strlen($falhas) > 0) {
exit($this->vForceStop("0|" . nl2br($v->errorForm) . "|{$falhas}"));
} else {
$enterID1 = $this->clearNumeric($_SESSION['vtxUser']);
$enterID2 = $this->clearNumeric($_SESSION['vtxGrupo']);
$file = md5("/vortex-menu,100,1,{$_POST['userPath']},request.htm");
$path = "{$this->vconf['private']}/corecache/{$_POST['userPath']}/usrgroup/{$enterID2}/{$file}.htm";
$uppd = is_file($path) ? unlink($path) : "";
exit($this->vForceStop("1|Atualizado com sucesso"));
}
}
##############################################################################################################
## get user data
##############################################################################################################
$enterID = $this->clearNumeric($_SESSION['vtxUser']);
$inQuery = "SELECT t1.nome,t1.grupo AS grp, t2.grupo ";
$inQuery .= "FROM vtx_system_access AS t1 ";
/**
* удаляем загруженный файл
*/
function deletefileAction()
{
// сообщение
$this->msg = general::messages(1, v::getI18n('backend_after_delete_file'));
// определяем имя удаляего файла
$_sql = 'SELECT * FROM `files` where id=' . $_GET['id_photo'];
$result = mysql::query_one($_sql, 0);
// имя файла на удаление
$_name = array($_GET['id_photo'] . '.' . end(explode(".", $result->name)));
// удаляем файл
forms::delete_photo(HOST . FILES_PATH, $_name, 0);
// удаляем запись из базы
$_sql = 'DELETE FROM `files` WHERE (`id`="' . $_GET['id_photo'] . '")';
$result = mysql::just_query($_sql, 0);
// выводим новость
return self::newAction();
}
public function BuildPages(array $page_types)
{
foreach ($page_types as $pg) {
switch ($pg['id']) {
case "0":
$forms = new forms();
include ABSOLUTH_PATH_PAGE . "landing.php";
break;
case "1":
$_GET['page_name'] = $pg['page_name'];
include ABSOLUTH_PATH_PAGE . "profile.php";
break;
case "2":
include ABSOLUTH_PATH_PAGE . "home.php";
break;
case "3":
include ABSOLUTH_PATH_PAGE . "roster.php";
break;
case "4":
include ABSOLUTH_PATH_PAGE . "add-drop.php";
break;
case "5":
include ABSOLUTH_PATH_PAGE . "trades.php";
break;
case "6":
include ABSOLUTH_PATH_PAGE . "matchup.php";
break;
case "7":
include ABSOLUTH_PATH_PAGE . "draft.php";
break;
case "8":
echo "Settings";
break;
case "9":
$forms = new forms();
echo $forms->EditProfileForm($pg);
break;
case "10":
unset($_SESSION['isLoggedin']);
header("Location:loader.php?cmd=");
break;
case "11":
include ABSOLUTH_PATH_PAGE . "help.php";
break;
case "12":
include ABSOLUTH_PATH_PAGE . "faq.php";
break;
case "13":
$forms = new forms();
include ABSOLUTH_PATH_PAGE . "teaminfo.php";
break;
case '304':
$ajax = new forms();
echo $ajax->LoginProcess($pg['login']);
break;
case '305':
$ajax = new forms();
echo $ajax->SignUpProcess($pg['signup']);
break;
case '306':
$ajax = new forms();
echo $ajax->CreateLeagueProcess($pg['create_league']);
break;
case '307':
$ajax = new forms();
echo $ajax->MoreFieldsCall($pg['add_more_fields']);
break;
case '308':
$ajax = new forms();
echo $ajax->InviteMembersProcess($pg['send_invite_now']);
//var_dump($pg['send_invite_now']);
break;
case '309':
$ajax = new forms();
echo $ajax->ScoreNavBar($pg['create_nav']);
break;
case '310':
$ajax = new forms();
echo $ajax->JoinLeagueProcess($pg['join_league']);
break;
case '311':
$ajax = new forms();
echo $ajax->AddDropProcess($pg['add_drop']);
break;
case '312':
$ajax = new forms();
echo $ajax->CheckTurn($pg['checkTurn']);
break;
case '313':
$ajax = new forms();
echo $ajax->CheckRefresh($pg['refresh']);
break;
case '314':
$ajax = new forms();
echo $ajax->StartDraft($pg['startDraft']);
break;
case '315':
$ajax = new forms();
echo $ajax->TradeProcess($pg['completeTrade']);
break;
case '316':
$ajax = new forms();
echo $ajax->ApproveTradeProcess($pg['approveTrade']);
break;
case '317':
$ajax = new forms();
echo $ajax->CancelTradeProcess($pg['cancelTrade']);
break;
case '318':
$ajax = new forms();
echo $ajax->RenameLeagueProcess($pg['renameLeague']);
break;
case '319':
$ajax = new forms();
echo $ajax->DeleteLeagueProcess($pg['deleteLeague']);
break;
case '320':
$ajax = new forms();
echo $ajax->DeleteLeagueUserProcess($pg['deleteLeagueUser']);
break;
case '321':
$ajax = new forms();
echo $ajax->ReadyDraftProcess($pg['readyDraft']);
break;
case '322':
$ajax = new forms();
echo $ajax->CheckDraftStatusProcess($pg['checkDraftStatus']);
break;
case '323':
$ajax = new forms();
echo $ajax->SelectRandomTeamProcess($pg['selectRandomTeam']);
break;
case '55':
$forms = new forms();
$functions = new functions();
include ABSOLUTH_PATH_PAGE . "invited_signup.php";
break;
case "404":
include ABSOLUTH_PATH_PAGE . "404.php";
break;
default:
$forms = new forms();
echo '<section id="' . $pg["div_name"] . '">';
echo $forms->SignUpForm();
echo $forms->LoginForm();
echo '</div>';
echo '</section>';
break;
}
}
}
<?php
include "../header.php";
try {
$formID = isset($engine->cleanGet['MYSQL']['formID']) ? $engine->cleanGet['MYSQL']['formID'] : NULL;
$fieldName = isset($engine->cleanGet['MYSQL']['fieldName']) ? $engine->cleanGet['MYSQL']['fieldName'] : NULL;
$output = array('options' => array(), 'pageSize' => 0, 'total' => 0);
if (isnull($formID) || isnull($fieldName)) {
throw new Exception();
}
$search = isset($engine->cleanGet['MYSQL']['q']) ? $engine->cleanGet['MYSQL']['q'] : NULL;
$page = isset($engine->cleanGet['MYSQL']['page']) ? $engine->cleanGet['MYSQL']['page'] : NULL;
$pageSize = isset($engine->cleanGet['MYSQL']['pageSize']) ? $engine->cleanGet['MYSQL']['pageSize'] : NULL;
$options = array();
// limit by search and re-order by value
foreach (forms::retrieveData($formID, $fieldName) as $option) {
// If a search term was entered
if (!is_empty($search)) {
$search = strtolower($search);
// Check if search string exists in value
if (FALSE === strpos(strtolower($option['value']), $search)) {
// Try again by removing diacritics
$value = str_replace(array("ä", "ö", "ü", "ß"), array("ae", "oe", "ue", "ss"), $option['value']);
$value = iconv('UTF-8', 'US-ASCII//TRANSLIT', $value);
// Still no match found, skip
if (FALSE === strpos(strtolower($value), $search)) {
continue;
}
}
}
$options[] = array('text' => $option['value'], 'id' => $option['objectID']);
$result = array();
if (isset($engine->cleanPost['MYSQL']['action'])) {
switch ($engine->cleanPost['MYSQL']['action']) {
case 'updateUserProjects':
$result = users::updateUserProjects();
break;
default:
break;
}
} else {
if (isset($engine->cleanGet['MYSQL']['action'])) {
switch ($engine->cleanGet['MYSQL']['action']) {
case 'selectChoices':
$field = forms::getField($engine->cleanGet["MYSQL"]['formID'], $engine->cleanGet["MYSQL"]['fieldName']);
$fieldChoices = forms::getFieldChoices($field);
$result = forms::drawFieldChoices($field, $fieldChoices);
die($result);
break;
case 'searchFormFields':
die(mfcsSearch::formFieldOptions($engine->cleanGet["MYSQL"]['formID']));
break;
case 'paginationPerPage':
$result = users::setField('pagination', $engine->cleanGet["MYSQL"]['perPage']);
die(json_encode($result ? "TRUE" : "FALSE"));
break;
case 'paginationJumpToIDNO':
$objects = objects::getAllObjectsForForm($engine->cleanGet['MYSQL']['formID'], "idno");
for ($I = 0; $I < count($objects); $I++) {
if (strtolower($objects[$I]['idno']) == strtolower($engine->cleanGet['MYSQL']['idno'])) {
header('Location: ' . localvars::get("siteroot") . "dataView/list.php?listType=form&formID=" . $engine->cleanGet['MYSQL']['formID'] . "&page=" . ceil($I / 25));
}
if ($builtForm === FALSE) {
throw new Exception("Error building edit table.");
}
localvars::add("form", $builtForm);
localvars::add("metadataEditTable", $builtEditTable);
localvars::add("formID", $form['ID']);
// localvars::add("leftnav",buildProjectNavigation($engine->cleanGet['MYSQL']['id']));
} catch (Exception $e) {
log::insert("Data Entry: Metadata: Error", 0, 0, $e->getMessage());
errorHandle::errorMsg($e->getMessage());
}
log::insert("Data Entry: Metadata: View Page");
localVars::add("results", displayMessages());
if (!$ajax) {
// Display warning if form is not part of current project
forms::checkFormInCurrentProjects($engine->cleanGet['MYSQL']['formID']);
$engine->eTemplate("include", "header");
}
?>
{local var="projectWarning"}
<section>
<header class="page-header">
<h1>{local var="formName"}</h1>
</header>
<?php
if (!$ajax) {
?>
<nav id="breadcrumbs">
/**
* добавляем новый материал
*/
function addAction()
{
if ($_POST) {
$this->_width = mysql::query_findpole('select zna from config where id=42', 'zna');
$this->_height = mysql::query_findpole('select zna from config where id=43', 'zna');
$this->_width_b = mysql::query_findpole('select zna from config where id=44', 'zna');
$this->_height_b = mysql::query_findpole('select zna from config where id=45', 'zna');
// проверяем на checkbox
forms::check_box(array('status'));
// записываем в базу
forms::multy_insert_form($this->tablename, 0);
$this->msg = general::messages(1, v::getI18n('backend_after_save'));
// загружаем фото
forms::multy_update_photo(HOST . IMG_BRAND_PATH, 1, mysql_insert_id(), $this->_width, $this->_height, $this->_width_b, $this->_height_b);
header('Location: /backend/' . $this->tpl_folder . '/index');
}
return system::show_tpl(array('msg' => $this->msg, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/add.php');
}
case 'form':
// $time_start = microtime(true);
$list = listGenerator::createFormObjectList($engine->cleanGet['MYSQL']['formID']);
$form = forms::get($engine->cleanGet['MYSQL']['formID']);
localvars::add('subTitle', ' - ' . $form['title']);
$breadCrumbs[] = sprintf('<a href="%sdataView/list.php?listType=selectForm">Select Form</a>', $siteRoot);
$breadCrumbs[] = sprintf('<a href="%sdataView/list.php?listType=form&formID=%s">%s</a>', $siteRoot, $form['ID'], $form['title']);
// $time_end = microtime(true);
// $time = $time_end - $time_start;
// print "<pre>";
// var_dump($time);
// print "</pre>";
break;
case 'formShelfList':
$list = listGenerator::createFormShelfList($engine->cleanGet['MYSQL']['formID']);
$form = forms::get($engine->cleanGet['MYSQL']['formID']);
localvars::add('subTitle', ' - ' . $form['title']);
$breadCrumbs[] = sprintf('<a href="%sdataView/list.php?listType=selectForm">Select Form</a>', $siteRoot);
$breadCrumbs[] = sprintf('<a href="%sdataView/list.php?listType=form&formID=%s">%s</a>', $siteRoot, $form['ID'], $form['title']);
break;
case 'project':
$list = listGenerator::createProjectObjectList($engine->cleanGet['MYSQL']['projectID']);
$project = projects::get($engine->cleanGet['MYSQL']['projectID']);
localvars::add('subTitle', ' - ' . $project['projectName']);
$breadCrumbs[] = sprintf('<a href="%sdataView/list.php?listType=selectProject">Select Project</a>', $siteRoot);
$breadCrumbs[] = sprintf('<a href="%sdataView/list.php?listType=project&projectID=%s">%s</a>', $siteRoot, $project['ID'], $project['projectName']);
break;
case 'all':
$list = listGenerator::createAllObjectList();
localvars::add('subTitle', ' - All Objects');
$breadCrumbs[] = sprintf('<a href="%sdataView/list.php?listType=all">All Objects</a>', $siteRoot);
<?php
include "../../header.php";
$foo = forms::checkFormInProject("1", "21");
print "<pre>";
var_dump($foo);
print "</pre>";
$foo = forms::checkFormInProject("2", "21");
print "<pre>";
var_dump($foo);
print "</pre>";
/**
* добавляем новый материал
*/
function addAction()
{
if ($_POST) {
$_sql_files = 'SELECT * FROM splash WHERE status=0 order by id';
$_files = mysql::query($_sql_files, 0);
foreach ($_files as $_files) {
// поля
if (isset($_POST['FORM1']['status_' . $_files->id])) {
$_POST['FORM']['status'] = 1;
} else {
$_POST['FORM']['status'] = 0;
}
$_POST['FORM']['url'] = $_POST['FORM1']['url_' . $_files->id];
$_POST['FORM']['name'] = $_POST['FORM1']['name_' . $_files->id];
// записываем в базу
forms::multy_update_form($this->tablename, $_files->id, 0);
}
$this->msg = general::messages(1, v::getI18n('backend_after_save'));
}
$_sql_files = 'SELECT * FROM splash where status=0 order by sort';
$_files = mysql::query($_sql_files, 0);
return system::show_tpl(array('msg' => $this->msg, 'tpl_folder' => $this->tpl_folder, '_files' => $_files), $this->tpl_folder . '/add.php');
}
/**
* удаляем материал
*/
function deleteAction()
{
// удаляем из таблицы NEWS
$_sql = 'DELETE FROM `' . $this->tablename . '` WHERE (`id`="' . $_GET['id'] . '")';
$result = mysql::just_query($_sql, 0);
if (file_exists(HOST . AUDIO_PATH . '/' . $_GET['id'] . '.mp3')) {
$_name = array($_GET['id'] . '.mp3');
forms::delete_photo(HOST . AUDIO_PATH, $_name, 0);
} else {
$_name = array($_GET['id'] . '.ogg');
forms::delete_photo(HOST . AUDIO_PATH, $_name, 0);
}
// сообщение
$this->msg = general::messages(1, v::getI18n('backend_after_delete'));
return self::indexAction();
}
function update_listing($verify_user = true)
{
global $conn, $lang, $config;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
require_once $config['basepath'] . '/include/forms.inc.php';
$forms = new forms();
require_once $config['basepath'] . '/include/listing.inc.php';
$listing_pages = new listing_pages();
$display = '';
// update the listing
if ($verify_user) {
$sql_edit = intval($_POST['edit']);
$listing_ownerID = $listing_pages->getListingAgentID($sql_edit);
if (intval($_SESSION['userID']) != $listing_ownerID) {
$display = $lang['listing_editor_permission_denied'] . '<br />';
return $display;
}
}
if ($_POST['title'] == "") {
// if the title is blank
$display .= "{$lang['admin_new_listing_enter_a_title']}<br />";
} else {
$pass_the_form = $forms->validateForm('listingsformelements', $_POST['pclass']);
if ($pass_the_form !== "Yes") {
// if we're not going to pass it, tell that they forgot to fill in one of the fields
foreach ($pass_the_form as $k => $v) {
if ($v == 'REQUIRED') {
$display .= "<p class=\"redtext\">{$k}: {$lang['required_fields_not_filled']}</p>";
}
if ($v == 'TYPE') {
$display .= "<p class=\"redtext\">{$k}: {$lang['field_type_does_not_match']}</p>";
}
}
// $display .= "<p>$lang[required_fields_not_filled]</p>";
}
if ($pass_the_form == "Yes") {
$sql_title = $misc->make_db_safe($_POST['title']);
$sql_notes = $misc->make_db_safe($_POST['notes']);
$sql_edit = $misc->make_db_safe($_POST['edit']);
if (!isset($_POST['mlsexport'])) {
$_POST['mlsexport'] = "no";
}
$sql_mlsexport = $misc->make_db_safe($_POST['mlsexport']);
$sql = "UPDATE " . $config['table_prefix'] . "listingsdb SET ";
if (!$verify_user) {
$sql_or_owner = $misc->make_db_safe($_POST['or_owner']);
// update the listing data
$sql .= "userdb_ID = {$sql_or_owner}, ";
}
$sql .= "listingsdb_title = {$sql_title}, ";
if ($_SESSION['admin_privs'] == "yes" || $_SESSION['featureListings'] == "yes") {
// Check Number of Featured Listings User has
if (isset($_POST['or_owner'])) {
$or_owner = $misc->make_db_safe($_POST['or_owner']);
$featuredsql = 'SELECT count(listingsdb_id) as listing_count FROM ' . $config['table_prefix'] . 'listingsdb WHERE listingsdb_featured = \'yes\' AND userdb_id = ' . $or_owner;
} else {
$featuredsql = 'SELECT count(listingsdb_id) as listing_count FROM ' . $config['table_prefix'] . 'listingsdb WHERE listingsdb_featured = \'yes\' AND userdb_id = ' . $_SESSION['userID'];
}
$recordSet = $conn->Execute($featuredsql);
if ($recordSet === false) {
$misc->log_error($featuredsql);
}
$featuredlisting_count = $recordSet->fields['listing_count'];
// Get User Featured Listing Limit
if (isset($_POST['or_owner'])) {
$or_owner = $misc->make_db_safe($_POST['or_owner']);
$featuredsql = 'SELECT userdb_featuredlistinglimit FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $or_owner;
} else {
$featuredsql = 'SELECT userdb_featuredlistinglimit FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $_SESSION['userID'];
}
$recordSet = $conn->Execute($featuredsql);
if ($recordSet === false) {
$misc->log_error($featuredsql);
}
$featuredlisting_limit = $recordSet->fields['userdb_featuredlistinglimit'];
$featuredLimitError = FALSE;
if ($_POST['featured'] == 'yes') {
if ($featuredlisting_limit > $featuredlisting_count || $featuredlisting_limit == '-1') {
// if the user can feature properties
$sql_featured = $misc->make_db_safe($_POST['featured']);
$sql .= "listingsdb_featured = {$sql_featured}, ";
} else {
//See if we are already featured..
$featuredcheckSql = 'SELECT listingsdb_featured FROM ' . $config['table_prefix'] . 'listingsdb WHERE listingsdb_id = ' . $sql_edit;
$recordSetFeatured = $conn->Execute($featuredcheckSql);
if ($recordSetFeatured === false) {
$misc->log_error($featuredcheckSql);
}
$current_status = $recordSetFeatured->fields['listingsdb_featured'];
if ($current_status == 'yes') {
$sql_featured = $misc->make_db_safe($_POST['featured']);
$sql .= "listingsdb_featured = {$sql_featured}, ";
} else {
$featuredLimitError = TRUE;
}
}
} else {
//Not Feautred Save no matter what
$sql_featured = $misc->make_db_safe($_POST['featured']);
$sql .= "listingsdb_featured = {$sql_featured}, ";
}
}
// end if ($featureListings == "yes")
if ($_SESSION['admin_privs'] == "yes" || $_SESSION['moderator'] == "yes") {
// if the user is an administrtor
$sql_active = $misc->make_db_safe($_POST['edit_active']);
$sql .= "listingsdb_active = {$sql_active}, ";
}
// end if ($admin_privs == "yes")
if (($_SESSION['admin_privs'] == "yes" || $_SESSION['edit_expiration'] == "yes") && $config['use_expiration'] == "1") {
$expiration_date = $misc->or_date_format($_POST['edit_expiration']);
$sql .= "listingsdb_expiration = " . $expiration_date . ",";
}
if ($verify_user) {
$sql .= "listingsdb_notes = {$sql_notes}, listingsdb_mlsexport = {$sql_mlsexport}, listingsdb_last_modified = " . $conn->DBTimeStamp(time()) . " WHERE ((listingsdb_id = {$sql_edit}) AND (userdb_id = {$_SESSION['userID']}))";
} else {
$sql .= "listingsdb_notes = {$sql_notes}, listingsdb_mlsexport = {$sql_mlsexport}, listingsdb_last_modified = " . $conn->DBTimeStamp(time()) . " WHERE listingsdb_id = {$sql_edit}";
}
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
if ($verify_user) {
$message = listing_editor::updateListingsData($_POST['edit'], $_SESSION['userID']);
} else {
// update the image data (in case the or_owner has changed)
$sql = "UPDATE " . $config['table_prefix'] . "listingsimages SET userdb_id = {$sql_or_owner} WHERE listingsdb_id = {$sql_edit}";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$message = listing_editor::updateListingsData($_POST['edit'], $_POST['or_owner']);
}
// Ok Now Handle Any property class changes that all the data is saved.
// First Get a list of all the currently assing property classes.
$sql2 = 'SELECT class_id FROM ' . $config['table_prefix_no_lang'] . 'classlistingsdb WHERE listingsdb_id =' . $sql_edit;
$recordSet2 = $conn->execute($sql2);
if ($recordSet2 === false) {
$misc->log_error($sql2);
}
$current_class_id = array();
while (!$recordSet2->EOF) {
$current_class_id[] = $recordSet2->fields['class_id'];
$recordSet2->MoveNext();
}
// Get List of edited pclasses
$new_class_assigned_sql = implode(',', $_POST['pclass']);
// Now if teh property class is no longer assigned remove this listin from the class and remove any listing fields tha belogn only to this class
foreach ($current_class_id as $c_class_id) {
if (!in_array($c_class_id, $_POST['pclass'])) {
// Delete listing from class
$sql = 'DELETE FROM ' . $config['table_prefix_no_lang'] . 'classlistingsdb WHERE class_id = ' . $c_class_id . ' AND listingsdb_id = ' . $sql_edit;
$recordSet = $conn->execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
// Get a list of form element ids for the new selected property classes
$sql = 'SELECT listingsformelements_id FROM ' . $config['table_prefix_no_lang'] . 'classformelements WHERE class_id IN (' . $new_class_assigned_sql . ')';
$recordSet = $conn->execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$formelement_ids = array();
while (!$recordSet->EOF) {
$formelement_ids[] = $recordSet->fields['listingsformelements_id'];
$recordSet->Movenext();
}
$new_listingsformelements_id_sql = implode(',', $formelement_ids);
$sql = 'SELECT DISTINCT(listingsformelements_field_name) FROM ' . $config['table_prefix_no_lang'] . 'classformelements as c,' . $config['table_prefix'] . 'listingsformelements as f WHERE class_id = ' . $c_class_id . ' AND c.listingsformelements_id NOT IN (' . $new_listingsformelements_id_sql . ') AND c.listingsformelements_id = f.listingsformelements_id';
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$sql2 = 'DELETE FROM ' . $config['table_prefix'] . 'listingsdbelements WHERE listingsdbelements_field_name = ' . $recordSet->fields['listingsformelements_field_name'] . ' AND listingsdb_id = ' . $sql_edit;
$recordSet2 = $conn->execute($sql2);
if ($recordSet2 === false) {
$misc->log_error($sql2);
}
}
}
}
// If this is a new class add the listing to the class
foreach ($_POST['pclass'] as $class_id) {
if (!in_array($class_id, $current_class_id)) {
$sql2 = 'INSERT INTO ' . $config['table_prefix_no_lang'] . 'classlistingsdb (class_id,listingsdb_id) VALUES (' . $class_id . ',' . $sql_edit . ')';
$recordSet2 = $conn->execute($sql2);
if ($recordSet2 === false) {
$misc->log_error($sql2);
}
}
}
if ($message == "success") {
$display .= "<p>{$lang['admin_listings_editor_listing_number']} {$_POST['edit']} {$lang['has_been_updated']} </p>";
if ($featuredLimitError == TRUE) {
$display .= "<p style=\"error\">{$lang['admin_listings_editor_featuredlistingerror']} </p>";
}
$misc->log_action("{$lang['log_updated_listing']} {$_POST['edit']}");
} else {
$display .= "<p>{$lang['alert_site_admin']}</p>";
}
// end else
}
// end if $pass_the_form == "Yes"
}
// end else
return $display;
}
<a href="/dataView/allfiles.php?objectID={local var="objectID"}">Download All Files (Zip)</a><br />
<!-- <a href="/dataView/allfiles.php?id=$engine->cleanGet['MYSQL']['objectID']&type=tar">Download All Files (tar)</a> -->
<br /><br />
{local var="filesViewer"}
</div>
<div class="tab-pane" id="project">
<h2>Change Project Membership</h2>
<form action="{phpself query="true"}" method="post">
{local var="projectOptions"}
{engine name="csrf"}
<input type="submit" class="btn btn-primary" name="projectForm">
</form>
</div>
<?php
if (forms::isContainer($engine->cleanGet['MYSQL']['formID'])) {
?>
<div class="tab-pane" id="children">
<div class="accordion" id="accordion2">
<div class="accordion-group">
<div class="accordion-heading">
<a class="accordion-toggle" data-toggle="collapse" data-parent="#accordion2" href="#collapseOne">
Add a Child Object
</a>
</div>
<div id="collapseOne" class="accordion-body collapse">
<div class="accordion-inner">
Select a Form:
{local var="formList"}
/**
* мультиредактирование
*/
function authorizeAction()
{
//echo "<pre>".print_r($_POST['kt_where'] ,1)."</pre>";
foreach ($_POST['kt_where'] as $key => $value) {
//echo '<div style="width:200px; border: solid 0px red; color:#000000; background: yellow; padding: 2px; margin-left: 15px;"><b>'.$key.'</b> - '.$value.'</div>';
if ($_POST['st'] == 1) {
// авторизовуем
$_sql = "UPDATE `" . $this->tablename . "` SET `status`='1' WHERE (`id`='" . $value . "')";
$result = mysql::just_query($_sql, 0);
} else {
if ($_POST['st'] == 2) {
// авторизовуем
$_sql = "DELETE FROM `" . $this->tablename . "` WHERE (`id`='" . $value . "')";
$result = mysql::just_query($_sql, 0);
// Удаляем фото (добавлено)
// Amber (25-05-2011)
$_name = array('_' . $value . '.jpg', $value . '.jpg');
forms::delete_photo(HOST . IMG_GALLERY_PATH, $_name, 0);
}
}
}
// сообщение
$this->msg = general::messages(1, v::getI18n('backend_after_save'));
return self::indexAction();
// редирект
//header('Location: /backend/gb/index'); ??????????????
}
