} switch ($_GET['action']) { /** EDIT WIDGET */ case 'edit': echo '<div class="title"> <h2>' . $LANG['widgets_edit_title'] . '</h2> <div style="float:right; margin: 0 2px 0 0;"> <a href="?route=widgets.php&action=list" class="btn">' . $LANG['widgets_view'] . '</a> </div>'; if (!empty($LANG['widgets_edit_subtitle'])) { echo '<span>' . $LANG['widgets_edit_subtitle'] . '</span>'; } echo '</div>'; if (isset($_GET['id']) && \query\main::widget_exists($_GET['id'])) { $info = \query\main::widget_infos($_GET['id']); if ($widget = widgets::widget_from_id($info->widget_id)) { if ($_SERVER['REQUEST_METHOD'] == 'POST' && check_csrf($_POST['csrf'], 'widgets2_csrf')) { if (isset($_POST['title']) && isset($_POST['position'])) { if (actions::edit_widget($_GET['id'], array('title' => $_POST['title'], 'position' => $_POST['position'], 'text' => isset($_POST['text']) ? $_POST['text'] : '', 'type' => isset($_POST['type']) ? $_POST['type'] : '', 'order' => isset($_POST['orderby']) ? $_POST['orderby'] : '', 'limit' => isset($_POST['limit']) ? $_POST['limit'] : '', 'allow_html' => !empty($widget->allow_html) && isset($_POST['html']) ? 1 : 0, 'mobi_view' => isset($_POST['mobi_view']) ? 1 : 0))) { $info = \query\main::widget_infos($_GET['id']); echo '<div class="a-success">' . $LANG['msg_saved'] . '</div>'; } else { echo '<div class="a-error">' . $LANG['msg_error'] . '</div>'; } } } $csrf = $_SESSION['widgets2_csrf'] = \site\utils::str_random(10); echo '<div class="form-table">