function MG_staticSortMediaSave()
{
global $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03, $_POST;
$startaid = COM_applyFilter($_POST['startaid'], true);
$sortfield = COM_applyFilter($_POST['sortfield'], true);
$sortorder = COM_applyFilter($_POST['sortorder'], true);
$process_subs = COM_applyFilter($_POST['processsub'], true);
switch ($sortfield) {
case '0':
// media_time
$sql_sort_by = " ORDER BY m.media_time ";
break;
case '1':
// media_upload_time
$sql_sort_by = " ORDER BY m.media_upload_time ";
break;
case '2':
// media title
$sql_sort_by = " ORDER BY m.media_title ";
break;
case '3':
// media original filename
$sql_sort_by = " ORDER BY m.media_original_filename ";
break;
default:
$sql_sort_by = " ORDER BY m.media_time ";
break;
}
switch ($sortorder) {
case '0':
// ascending
$sql_order = " DESC";
break;
case '1':
// descending
$sql_order = " ASC";
break;
}
if ($process_subs == 0) {
$sql = "SELECT *\n FROM " . $_TABLES['mg_media_albums'] . " as ma LEFT JOIN " . $_TABLES['mg_media'] . " as m ON m.media_id = ma.media_id\n WHERE ma.album_id=" . $startaid . $sql_sort_by . $sql_order;
$order = 10;
$result = DB_query($sql);
$numRows = DB_numRows($result);
for ($x = 0; $x < $numRows; $x++) {
$row = DB_fetchArray($result);
$media_id[$x] = $row['media_id'];
$media_order[$x] = $order;
$order += 10;
}
$media_count = $numRows;
$i = 0;
for ($x = 0; $x < $media_count; $x++) {
$sql = "UPDATE " . $_TABLES['mg_media_albums'] . " SET media_order=" . $media_order[$x] . " WHERE media_id='" . $media_id[$x] . "' AND album_id=" . $startaid;
$res = DB_query($sql);
}
} else {
MG_staticSortMediaChildren($startaid, $sql_order, $sql_sort_by);
}
header("Location: " . $_MG_CONF['admin_url'] . 'index.php?msg=1');
}
/**
* Toggle status of a feed from enabled to disabled and back
*
* @param int $fid ID of the feed
* @return void
*
*/
function changeFeedStatus($fid_arr)
{
global $_TABLES;
$changes = false;
// first disable all
DB_query("UPDATE {$_TABLES['syndication']} SET is_enabled = 0");
if (isset($fid_arr)) {
foreach ($fid_arr as $fid) {
$feed_id = addslashes(COM_applyFilter($fid, true));
if (!empty($fid)) {
// now enable those in the array
DB_query("UPDATE {$_TABLES['syndication']} SET is_enabled = 1 WHERE fid = '{$fid}'");
$changes = true;
}
}
}
if ($changes) {
$result = DB_query("SELECT filename FROM {$_TABLES['syndication']} WHERE is_enabled = 0");
$num_feeds_off = DB_numRows($result);
for ($i = 0; $i < $num_feeds_off; $i++) {
list($feedfile) = DB_fetchArray($result);
deleteFeedFile($feedfile);
}
}
}
function MG_usageReport()
{
global $_TABLES, $_CONF, $_MG_CONF, $LANG_MG02, $LANG_MG01, $LANG30, $_POST;
$retval = '';
$T = new Template($_MG_CONF['template_path'] . '/admin');
$T->set_file('admin', 'usage_rpt.thtml');
$T->set_var('site_url', $_CONF['site_url']);
$T->set_var('site_admin_url', $_CONF['site_admin_url']);
$T->set_var('plugin', 'mediagallery');
$rpt_month = COM_applyFilter($_POST['month'], true);
$rpt_day = COM_applyFilter($_POST['day'], true);
$rpt_year = COM_applyFilter($_POST['year'], true);
$user = COM_applyFilter($_POST['user']);
$alldates = COM_applyFilter($_POST['alldates']);
if ($alldates == "on" && $user == "") {
return MG_errorHandler($LANG_MG02['usage_report_error1']);
}
if ($alldates == "") {
$begin_time = mktime(0, 0, 0, $rpt_month, $rpt_day, $rpt_year);
$end_time = mktime(23, 59, 59, $rpt_month, $rpt_day, $rpt_year);
$where = " WHERE (time >= {$begin_time} AND time <= {$end_time}) ";
} else {
$where = "";
}
if ($alldates == "" && $user != "") {
$where .= "AND ";
}
if ($user != "") {
if ($alldates == "on") {
$where .= "WHERE ";
}
$where .= " user_id='" . $user . "' ";
}
$sql = "SELECT * FROM {$_TABLES['mg_usage_tracking']} " . $where . " ORDER BY time";
$result = DB_query($sql);
$nRows = DB_numRows($result);
$i = 0;
$T->set_block('admin', 'usagerow', 'urow');
for ($x = 0; $x < $nRows; $x++) {
$row = DB_fetchArray($result);
if ($alldates == "on") {
$view_date = date("d-M-y @ h:i a", $row['time']);
} else {
$view_date = date("h:i a", $row['time']);
}
$T->set_var(array('usage_time' => $view_date, 'user_id' => $row['user_name'], 'application' => $row['application'], 'album_title' => stripslashes($row['album_title']), 'media_title' => stripslashes($row['media_title']) == "" ? $row['media_id'] ? $row['media_id'] : "" : $row['media_title'], 'media_link' => $_MG_CONF['site_url'] . '/media_popup.php?mid=' . $row['media_id'] . '&aid=0', 'rowclass' => $i % 2 ? '2' : '1'));
$i++;
$T->parse('urow', 'usagerow', true);
}
if ($alldates == "on") {
$rpt_date = $LANG_MG01['all_dates'];
} else {
$rpt_date = $LANG30[12 + $rpt_month] . ' ' . $rpt_day . ', ' . $rpt_year;
}
$T->set_var(array('report_date' => $rpt_date, 's_form_action' => $_MG_CONF['admin_url'] . 'usage_rpt.php', 'lang_usage_report' => $LANG_MG01['usage_report_header'], 'lang_time' => $LANG_MG01['time'], 'lang_user_id' => $LANG_MG01['user_id'], 'lang_application' => $LANG_MG01['application'], 'lang_album_title' => $LANG_MG01['album_title'], 'lang_media_title' => $LANG_MG01['mod_mediatitle'], 'lang_new_report' => $LANG_MG01['new_report']));
$T->parse('output', 'admin');
$retval .= $T->finish($T->get_var('output'));
return $retval;
}
function databox_custom_templateSetVars($templatename, &$template)
{
switch ($templatename) {
case 'data':
$aaa = COM_applyFilter($_POST['aaa']);
$template->set_var('aaa', $aaa);
break;
}
}
function MG_staticSortAlbumsSave()
{
global $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03, $_POST;
$startaid = COM_applyFilter($_POST['startaid'], true);
$sortfield = COM_applyFilter($_POST['sortfield'], true);
$sortorder = COM_applyFilter($_POST['sortorder'], true);
$process_subs = COM_applyFilter($_POST['processsub'], true);
switch ($sortby) {
case '0':
// album title
$sql_sort_by = " ORDER BY album_title ";
break;
case '1':
// media_count
$sql_sort_by = " ORDER BY media_count ";
break;
case '2':
// last_update
$sql_sort_by = " ORDER BY last_update ";
break;
default:
$sql_sort_by = " ORDER BY album_title ";
break;
}
switch ($sortorder) {
case '0':
// ascending
$sql_order = " DESC";
break;
case '1':
// descending
$sql_order = " ASC";
break;
}
if ($process_subs == 0) {
$sql = "SELECT album_id,album_order FROM {$_TABLES['mg_albums']} WHERE album_parent=" . $startaid . " " . $sql_sort_by . $sql_order;
$order = 10;
$result = DB_query($sql);
$numRows = DB_numRows($result);
for ($x = 0; $x < $numRows; $x++) {
$row = DB_fetchArray($result);
$album_id[$x] = $row['album_id'];
$album_order[$x] = $order;
$order += 10;
}
$album_count = $numRows;
$i = 0;
for ($x = 0; $x < $album_count; $x++) {
$sql = "UPDATE " . $_TABLES['mg_albums'] . " SET album_order=" . $album_order[$x] . " WHERE album_id=" . $album_id[$x];
$res = DB_query($sql);
}
} else {
MG_staticSortAlbumChildren($startaid, $sql_order, $sql_sort_by);
}
header("Location: " . $_MG_CONF['admin_url'] . 'index.php?msg=1');
}
function fncComment($id)
{
global $_CONF;
global $_TABLES;
//
$order = '';
if (isset($_REQUEST['order'])) {
$order = COM_applyFilter($_REQUEST['order']);
}
$mode = '';
if (isset($_REQUEST['mode'])) {
$mode = COM_applyFilter($_REQUEST['mode']);
}
$page = 1;
if (isset($_REQUEST['cpage'])) {
$page = COM_applyFilter($_REQUEST['cpage']);
}
//
$tbl = $_TABLES['USERBOX_base'];
//-----
$sql = "SELECT ";
$sql .= "commentcode ";
$sql .= ",owner_id";
$sql .= ",group_id";
$sql .= ",perm_owner";
$sql .= ",perm_group";
$sql .= ",perm_members";
$sql .= ",perm_anon";
$sql .= " FROM ";
$sql .= " {$tbl} AS t ";
//base
$sql .= " WHERE ";
$sql .= " id=" . $id;
$sql .= " AND t.draft_flag=0" . LB;
//アクセス権のないデータ はのぞく
$sql .= COM_getPermSql('AND');
//公開日以前のデータはのぞく
$sql .= " AND (released <= NOW())";
//公開終了日を過ぎたデータはのぞく
$sql .= " AND (expired=0 OR expired > NOW())";
//
$result = DB_query($sql);
$numrows = DB_numRows($result);
if ($numrows > 0) {
$A = DB_fetchArray($result);
$A = array_map('stripslashes', $A);
if ($A['commentcode'] >= 0) {
$delete_option = SEC_hasRights('userbox.edit') && SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 ? true : false;
require_once $_CONF['path_system'] . 'lib-comment.php';
$retval .= CMT_userComments($id, $A['topic'], 'userbox', $order, $mode, 0, $page, false, $delete_option, $A['commentcode']);
}
}
return $retval;
}
/**
* Constructor
*/
function display()
{
global $_CONF, $_TABLES, $LANG_SX00;
$action = '';
if (isset($_GET['action'])) {
$action = $_GET['action'];
} elseif (isset($_POST['paction'])) {
$action = $_POST['paction'];
}
if ($action == 'delete' && SEC_checkToken()) {
$entry = $_GET['entry'];
if (!empty($entry)) {
$dbentry = addslashes($entry);
DB_delete($_TABLES['spamx'], array('name', 'value'), array('HTTPHeader', $dbentry));
}
} elseif ($action == $LANG_SX00['addentry'] && SEC_checkToken()) {
$entry = '';
$name = COM_applyFilter($_REQUEST['header-name']);
$n = explode(':', $name);
$name = $n[0];
$value = $_REQUEST['header-value'];
if (!empty($name) && !empty($value)) {
$entry = $name . ': ' . $value;
}
$dbentry = addslashes($entry);
if (!empty($entry)) {
$result = DB_query("INSERT INTO {$_TABLES['spamx']} VALUES ('HTTPHeader','{$dbentry}')");
}
}
$token = SEC_createToken();
$display = '<hr' . XHTML . '>' . LB . '<p><b>';
$display .= $LANG_SX00['headerblack'];
$display .= '</b></p>' . LB . '<ul>' . LB;
$result = DB_query("SELECT value FROM {$_TABLES['spamx']} WHERE name='HTTPHeader' ORDER BY value");
$nrows = DB_numRows($result);
for ($i = 0; $i < $nrows; $i++) {
list($e) = DB_fetchArray($result);
$display .= '<li>' . COM_createLink(htmlspecialchars($e), $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditHeader&action=delete&entry=' . urlencode($e) . '&' . CSRF_TOKEN . '=' . $token) . '</li>' . LB;
}
$display .= '</ul>' . LB . '<p>' . $LANG_SX00['e1'] . '</p>' . LB;
$display .= '<p>' . $LANG_SX00['e2'] . '</p>' . LB;
$display .= '<form method="post" action="' . $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=EditHeader">' . LB;
$display .= '<table border="0" width="100%">' . LB;
$display .= '<tr><td align="right"><b>Header:</b></td>' . LB;
$display .= '<td><input type="text" size="40" name="header-name"' . XHTML . '> e.g. <tt>User-Agent</tt></td></tr>' . LB;
$display .= '<tr><td align="right"><b>Content:</b></td>' . LB;
$display .= '<td><input type="text" size="40" name="header-value"' . XHTML . '> e.g. <tt>Mozilla</tt></td></tr>' . LB;
$display .= '</table>' . LB;
$display .= '<p><input type="submit" name="paction" value="' . $LANG_SX00['addentry'] . '"' . XHTML . '>';
$display .= '<input type="hidden" name="' . CSRF_TOKEN . "\" value=\"{$token}\"" . XHTML . '></p>' . LB;
$display .= '</form>' . LB;
return $display;
}
function MG_staticSortMediaSave()
{
global $_TABLES, $_MG_CONF;
$startaid = !empty($_POST['startaid']) ? COM_applyFilter($_POST['startaid'], true) : 0;
$sortfield = !empty($_POST['sortfield']) ? COM_applyFilter($_POST['sortfield'], true) : 0;
$sortorder = !empty($_POST['sortorder']) ? COM_applyFilter($_POST['sortorder'], true) : 0;
$process_subs = !empty($_POST['processsub']) ? COM_applyFilter($_POST['processsub'], true) : 0;
switch ($sortfield) {
case '0':
// media_time
$sql_sort_by = " ORDER BY m.media_time ";
break;
case '1':
// media_upload_time
$sql_sort_by = " ORDER BY m.media_upload_time ";
break;
case '2':
// media title
$sql_sort_by = " ORDER BY m.media_title ";
break;
case '3':
// media original filename
$sql_sort_by = " ORDER BY m.media_original_filename ";
break;
default:
$sql_sort_by = " ORDER BY m.media_time ";
break;
}
switch ($sortorder) {
case '0':
// ascending
$sql_order = " DESC";
break;
case '1':
// descending
$sql_order = " ASC";
break;
}
if ($process_subs == 0) {
$sql = "SELECT m.media_id FROM {$_TABLES['mg_media_albums']} AS ma " . "LEFT JOIN {$_TABLES['mg_media']} AS m ON m.media_id = ma.media_id " . "WHERE ma.album_id=" . $startaid . $sql_sort_by . $sql_order;
$result = DB_query($sql);
$order = 10;
while ($row = DB_fetchArray($result)) {
DB_change($_TABLES['mg_media_albums'], 'media_order', $order, array('media_id', 'album_id'), array($row['media_id'], $startaid));
$order += 10;
}
} else {
MG_staticSortMediaChildren($startaid, $sql_order, $sql_sort_by);
}
header("Location: " . $_MG_CONF['admin_url'] . 'index.php?msg=1');
}
function MG_saveUser()
{
global $_CONF, $_MG_CONF, $_TABLES, $_USER, $LANG_MG00, $LANG_MG01, $_POST;
$uid = COM_applyFilter($_POST['uid'], true);
$quota = COM_applyFilter($_POST['quota'], true) * 1048576;
$active = COM_applyFilter($_POST['active'], true);
$result = DB_query("SELECT uid FROM {$_TABLES['mg_userprefs']} WHERE uid=" . $uid);
$nRows = DB_numRows($result);
if ($nRows > 0) {
DB_query("UPDATE {$_TABLES['mg_userprefs']} SET quota=" . $quota . ",active=" . $active . " WHERE uid=" . $uid, 1);
} else {
DB_query("INSERT INTO {$_TABLES['mg_userprefs']} SET uid=" . $uid . ", quota=" . $quota . ",active=" . $active, 1);
}
echo COM_refresh($_MG_CONF['admin_url'] . 'quotareport.php');
exit;
}
function MG_staticSortAlbumsSave()
{
global $_TABLES, $_MG_CONF;
$startaid = !empty($_POST['startaid']) ? COM_applyFilter($_POST['startaid'], true) : 0;
$sortfield = !empty($_POST['sortfield']) ? COM_applyFilter($_POST['sortfield'], true) : 0;
$sortorder = !empty($_POST['sortorder']) ? COM_applyFilter($_POST['sortorder'], true) : 0;
$process_subs = !empty($_POST['processsub']) ? COM_applyFilter($_POST['processsub'], true) : 0;
switch ($sortfield) {
case '0':
// album title
$sql_sort_by = " ORDER BY album_title ";
break;
case '1':
// media_count
$sql_sort_by = " ORDER BY media_count ";
break;
case '2':
// last_update
$sql_sort_by = " ORDER BY last_update ";
break;
default:
$sql_sort_by = " ORDER BY album_title ";
break;
}
switch ($sortorder) {
case '0':
// ascending
$sql_order = " DESC";
break;
case '1':
// descending
$sql_order = " ASC";
break;
}
if ($process_subs == 0) {
$sql = "SELECT album_id FROM {$_TABLES['mg_albums']} " . "WHERE album_parent=" . $startaid . " " . $sql_sort_by . $sql_order;
$result = DB_query($sql);
$order = 10;
while ($row = DB_fetchArray($result)) {
DB_change($_TABLES['mg_albums'], 'album_order', $order, 'album_id', $row['album_id']);
$order += 10;
}
} else {
MG_staticSortAlbumChildren($startaid, $sql_order, $sql_sort_by);
}
header("Location: " . $_MG_CONF['admin_url'] . 'index.php?msg=1');
}
function MG_saveRSS()
{
global $_CONF, $_MG_CONF, $_TABLES, $_USER, $_POST;
$rss_full_enabled = isset($_POST['rss_full_enabled']) ? COM_applyFilter($_POST['rss_full_enabled'], true) : 0;
$rss_feed_type = COM_applyFilter($_POST['rss_feed_type']);
$rss_ignore_empty = isset($_POST['rss_ignore_empty']) ? COM_applyFilter($_POST['rss_ignore_empty'], true) : 0;
$rss_anonymous_only = isset($_POST['rss_anonymous_only']) ? COM_applyFilter($_POST['rss_anonymous_only'], true) : 0;
$rss_feed_name = COM_applyFilter($_POST['rss_feed_name']);
$hide_email = isset($_POST['hide_email']) ? COM_applyFilter($_POST['hide_email'], true) : 0;
DB_save($_TABLES['mg_config'], "config_name, config_value", "'rss_full_enabled','{$rss_full_enabled}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'rss_feed_type','{$rss_feed_type}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'rss_ignore_empty','{$rss_ignore_empty}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'rss_anonymous_only','{$rss_anonymous_only}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'rss_feed_name','{$rss_feed_name}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'hide_author_email','{$hide_email}'");
$_MG_CONF['rss_full_enabled'] = $rss_full_enabled;
MG_buildFullRSS();
echo COM_refresh($_MG_CONF['admin_url'] . 'index.php?msg=6');
exit;
}
/**
* Return HTML widget
*
* @return string
*/
public function display()
{
global $LANG_SX00;
$action = $this->getAction();
$entry = $this->getEntry();
if ($action === 'delete' && SEC_checkToken()) {
$this->deleteEntry($entry);
} elseif ($action === $LANG_SX00['addentry'] && SEC_checkToken()) {
$entry = '';
$name = COM_applyFilter($_REQUEST['header-name']);
$n = explode(':', $name);
$name = $n[0];
$value = $_REQUEST['header-value'];
if (!empty($name) && !empty($value)) {
$entry = $name . ': ' . $value;
}
$this->addEntry($entry);
}
return $this->getWidget();
}
function POLLS_saveVote_AJAX($pid, $aid)
{
global $_CONF, $_PO_CONF, $_TABLES, $LANG_POLLS;
$retval = array('html' => '', 'statusMessage' => '');
if (POLLS_ipAlreadyVoted($pid)) {
$retval['statusMessage'] = 'You have already voted on this poll';
$retval['html'] = POLLS_pollResults($pid, 400, '', '', 2);
} else {
setcookie('poll-' . $pid, implode('-', $aid), time() + $_PO_CONF['pollcookietime'], $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
DB_change($_TABLES['polltopics'], 'voters', "voters + 1", 'pid', DB_escapeString($pid), '', true);
$answers = count($aid);
for ($i = 0; $i < $answers; $i++) {
DB_change($_TABLES['pollanswers'], 'votes', "votes + 1", array('pid', 'qid', 'aid'), array(DB_escapeString($pid), $i, COM_applyFilter($aid[$i], true)), '', true);
}
DB_save($_TABLES['pollvoters'], 'ipaddress,date,pid', "'" . DB_escapeString($_SERVER['REMOTE_ADDR']) . "'," . time() . ",'" . DB_escapeString($pid) . "'");
}
$eMsg = $LANG_POLLS['savedvotemsg'] . ' "' . DB_getItem($_TABLES['polltopics'], 'topic', "pid = '" . DB_escapeString($pid) . "'") . '"';
$retval['statusMessage'] = $eMsg;
$retval['html'] = POLLS_pollResults($pid, 400, '', '', 2);
return $retval;
}
/**
* Constructor
*/
function display()
{
global $_CONF, $LANG_SX00;
$display = '';
$max_Log_Size = 100000;
$action = '';
if (isset($_POST['action'])) {
$action = COM_applyFilter($_POST['action']);
}
$path = $_CONF['site_admin_url'] . '/plugins/spamx/index.php?command=LogView';
$log = 'spamx.log';
$display .= "<form method=\"post\" action=\"{$path}\"><div>";
$display .= "<input type=\"submit\" name=\"action\" value=\"{$LANG_SX00['clearlog']}\"" . XHTML . ">";
$display .= "</div></form>";
if ($action == $LANG_SX00['clearlog']) {
$timestamp = strftime("%c");
$fd = fopen($_CONF['path_log'] . $log, "w");
fputs($fd, "{$timestamp} {$LANG_SX00['logcleared']} \n");
fclose($fd);
}
$fsize = filesize($_CONF['path_log'] . $log);
if ($fsize > $max_Log_Size) {
$fd = fopen($_CONF['path_log'] . $log, "r");
fseek($fd, -$max_Log_Size, SEEK_END);
$data = fgets($fd);
$data = fread($fd, $max_Log_Size);
fclose($fd);
$fd = fopen($_CONF['path_log'] . $log, "w");
fputs($fd, "{$timestamp} {$LANG_SX00['logcleared']} \n");
fwrite($fd, $data);
fclose($fd);
}
$display .= "<hr" . XHTML . "><pre>";
$display .= implode('', file($_CONF['path_log'] . $log));
$display .= "</pre>";
return $display;
}
function MG_getItems(&$album_data)
{
global $_TABLES, $_MG_CONF;
$retval = '';
if (!isset($album_data['album_id']) || $album_data['access'] < 1) {
return '';
}
$aid = $album_data['album_id'];
$src = isset($_REQUEST['src']) ? COM_applyFilter($_REQUEST['src']) : 'orig';
if ($src != 'disp' && $src != 'orig') {
$src = 'orig';
}
$sql = MG_buildMediaSql(array('album_id' => $aid, 'fields' => array('media_type', 'media_filename', 'remote_url', 'media_id', 'media_title', 'media_desc')));
$result = DB_query($sql);
while ($A = DB_fetchArray($result)) {
if ($A['media_type'] != 0) {
continue;
}
$PhotoPath = MG_getFilePath($src, $A['media_filename']);
$ext = pathinfo($PhotoPath, PATHINFO_EXTENSION);
$RelativePath = $_MG_CONF['mediaobjects_url'] . "/{$src}/";
$RelativeTNPath = $_MG_CONF['mediaobjects_url'] . '/tn/';
$RelativePath .= $A['media_filename'][0] . '/' . $A['media_filename'] . '.' . $ext;
$RelativeTNPath .= $A['media_filename'][0] . '/' . $A['media_filename'] . '_150x150.' . $ext;
$imgsize = @getimagesize($PhotoPath);
if ($imgsize == false) {
continue;
}
$title = '<p><b><font color="#ffffff" size="20">' . strip_tags($A['media_title']) . '</font></b></p>';
$desc = '<p>' . strip_tags($A['media_desc']) . '</p>';
$retval .= '<image ' . 'imageURL="' . $RelativePath . '" ' . 'thumbURL="' . $RelativeTNPath . '" ' . 'linkURL="' . $RelativePath . '" linkTarget="" >' . LB;
$retval .= '<caption><![CDATA[' . $title . $desc . ']]></caption>' . LB;
$retval .= '</image>' . LB;
}
return $retval;
}
function upload_file()
{
global $CONF_FE, $_TABLES, $GLOBALS, $_CONF;
//upload the file
$field_name = COM_applyFilter($_POST['current_upload_file']);
$result_id = COM_applyFilter($_POST['res_id'], true);
$form_id = COM_applyFilter($_POST['form_id'], true);
$uploadfile = $_FILES[$field_name];
$fieldID = COM_applyFilter($_REQUEST['field_id'], true);
if ($result_id == 0) {
//form has not been saved yet
$result_id = nexform_dbsave($form_id, 0, false);
}
if (($rec = nexform_check4files($result_id, $field_name)) != 0) {
$retval = '';
$retval .= " <a href=\"{$CONF_FE['public_url']}/download.php?id={$rec}\" target=\"_new\">";
$retval .= "<img src=\"{$CONF_FE['image_url']}/document_sm.gif\" border=\"0\">{$uploadfile['name'][0]}</a> ";
$edit_group = DB_getItem($_TABLES['nxform_definitions'], 'perms_edit', "id='{$form_id}'");
if (SEC_inGroup($edit_group)) {
$retval .= "<a href=\"#\" onClick='ajaxDeleteFile({$fieldID},{$rec},\"{$field_name}\"); return false;'>";
$retval .= "<img src=\"{$CONF_FE['image_url']}/delete.gif\" border=\"0\"></a> ";
}
$iserror = 'false';
} else {
//COM_fileLog("upload error:" . $GLOBALS['fe_errmsg']);
$errmsg = $GLOBALS['fe_errmsg'];
$err_fieldname = 'error_' . ppRandomFilename();
$retval = '';
if ($errmsg == '') {
$errmsg = 'Your file could not be uploaded.';
}
$retval .= "<table id=\"tbl_{$err_fieldname}\"><tr id=\"{$err_fieldname}\"><td><img src=\"{$_CONF['layout_url']}/nexform/images/error.gif\"></td><td>{$errmsg}<br><center><font size=\"1\"><a href=\"#\" onClick=\"ajaxClearErrorMessage('{$err_fieldname}'); return false;\">[ Clear Message ]</a></font></center></td></tr></table>";
$iserror = 'true';
}
return array($retval, $fieldID, $field_name, $form_id, $result_id, $iserror);
}
} else {
$sql = "select tid,sid,title,date,comments from {$_TABLES['stories']} where tid='" . DB_escapeString($curtopic) . "'";
$countsql = DB_query("SELECT COUNT(*) FROM {$_TABLES['stories']} where tid='" . DB_escapeString($curtopic) . "'");
}
} else {
$curtopic = '';
$sql = "select tid,sid,title,date,comments from {$_TABLES['stories']}";
$countsql = DB_query("SELECT COUNT(*) FROM {$_TABLES['stories']}");
}
list($maxrows) = DB_fetchArray($countsql);
$numpages = ceil($maxrows / $show);
$offset = ($page - 1) * $show;
$sql .= " ORDER BY sid DESC LIMIT {$offset}, {$show}";
$result = DB_query($sql);
$numrows = DB_numRows($result);
$selectedForum = isset($_POST['selforum']) ? COM_applyFilter($_POST['selforum']) : '';
$p->set_var('action_url', $_CONF['site_admin_url'] . '/plugins/forum/migrate.php');
$p->set_var('filter_topic_selection', _ff_migrate_topicsList($curtopic));
$p->set_var('select_filter_options', COM_optionList($_TABLES['ff_forums'], "forum_id,forum_name", $selectedForum));
$p->set_var('LANG_migrate', $LANG_GF01['MIGRATE_NOW']);
$p->set_var('LANG_filterlist', $LANG_GF01['FILTERLIST']);
$p->set_var('LANG_selectforum', $LANG_GF01['SELECTFORUM']);
$p->set_var('LANG_deleteafter', $LANG_GF01['DELETEAFTER']);
$p->set_var('LANG_all', $LANG_GF01['ALL']);
$p->set_var('LANG_topic', $LANG_GF01['TOPIC']);
$p->set_var('LANG_title', $LANG_GF01['TITLE']);
$p->set_var('LANG_date', $LANG_GF01['DATE']);
$p->set_var('LANG_comments', $LANG_GF01['COMMENTS']);
if ($numrows > 0) {
$base_url = $_CONF['site_admin_url'] . '/plugins/forum/migrate.php?seltopic=' . $curtopic;
for ($i = 0; $i < $numrows; $i++) {
// +--------------------------------------------------------------------------+
require_once '../../../lib-common.php';
require_once $_CONF['path'] . '/plugins/calendar/autoinstall.php';
USES_lib_install();
if (!SEC_inGroup('Root')) {
// Someone is trying to illegally access this page
COM_errorLog("Someone has tried to illegally access the Calendar install/uninstall page. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1);
$display = COM_siteHeader('menu', $LANG_ACCESS['accessdenied']) . COM_startBlock($LANG_ACCESS['accessdenied']) . $LANG_ACCESS['plugin_access_denied_msg'] . COM_endBlock() . COM_siteFooter();
echo $display;
exit;
}
/**
* Main Function
*/
if (SEC_checkToken()) {
$action = COM_applyFilter($_GET['action']);
if ($action == 'install') {
if (plugin_install_calendar()) {
// Redirects to the plugin editor
echo COM_refresh($_CONF['site_admin_url'] . '/plugins.php?msg=44');
exit;
} else {
echo COM_refresh($_CONF['site_admin_url'] . '/plugins.php?msg=72');
exit;
}
} else {
if ($action == 'uninstall') {
if (plugin_uninstall_calendar('installed')) {
/**
* Redirects to the plugin editor
*/
$sql .= "ifValue='{$ifArgumentValue}', ";
$sql .= "nf_handlerID='0' ";
$sql .= "where id='{$editid}'";
// echo $sql;
$result = DB_Query($sql);
break;
default:
// not an if task
$nextSteps = str_replace(" ", "", $_POST['nextTasks']);
if (strlen($nextSteps) > 0) {
$nextSteps = split(",", $nextSteps);
$numberSteps = count($nextSteps);
$sql = "DELETE FROM {$_TABLES['nf_templatedatanextstep']} WHERE nf_templateDataFrom='{$editid}'";
$result = DB_Query($sql);
for ($cntr = 0; $cntr < $numberSteps; $cntr++) {
$templateNextStep = lidtonfid(COM_applyFilter($nextSteps[$cntr], true), $templateID);
$sql = "INSERT INTO {$_TABLES['nf_templatedatanextstep']} (nf_templateDataFrom,nf_templateDataTo ) ";
$sql .= "VALUES ('{$editid}','{$templateNextStep}')";
$result = DB_Query($sql);
}
} else {
// trying to remove the next steps then as there are none listed!
$sql = "DELETE FROM {$_TABLES['nf_templatedatanextstep']} WHERE nf_templateDataFrom='{$editid}'";
$result = DB_Query($sql);
}
break;
}
//end switch
// continue on merrily saving the task.
$sql = "UPDATE {$_TABLES['nf_templatedata']} SET nf_stepType='{$stepID}'";
if (($stepID == 1 or $stepID == 4) and $handlerID > 0) {
/**
* Kicks off the appropriate search(es)
*
* Initiates the search engine and returns HTML formatted
* results. It also provides support to plugins using a
* search API. Backwards compatibility has been incorporated
* in this function to allow legacy support to plugins using
* the old API calls defined versions prior to Geeklog 1.5.1
*
* @return string HTML output for search results
*
*/
public function doSearch()
{
global $_CONF, $LANG01, $LANG09, $LANG31;
// Verify current user can perform requested search
if (!$this->_isSearchAllowed()) {
return SEC_loginRequiredForm();
}
// When full text searches are enabled, make sure the min. query length
// is 3 characters. Otherwise, make sure at least one of query string,
// author, or topic is not empty.
if (empty($this->_query) && empty($this->_author) && empty($this->_topic) || $_CONF['search_use_fulltext'] && strlen($this->_query) < 3) {
$retval = '<p>' . $LANG09[41] . '</p>' . LB;
$retval .= $this->showForm();
return $retval;
}
// Build the URL strings
$this->_searchURL = $_CONF['site_url'] . '/search.php?query=' . urlencode($this->_query) . (!empty($this->_keyType) ? '&keyType=' . $this->_keyType : '') . (!empty($this->_dateStart) ? '&datestart=' . $this->_dateStart : '') . (!empty($this->_dateEnd) ? '&dateend=' . $this->_dateEnd : '') . (!empty($this->_topic) ? '&topic=' . $this->_topic : '') . (!empty($this->_author) ? '&author=' . $this->_author : '') . ($this->_titlesOnly ? '&title=true' : '');
$url = "{$this->_searchURL}&type={$this->_type}&mode=";
$obj = new ListFactory($url . 'search', $_CONF['search_limits'], $_CONF['num_search_results']);
$obj->setField('ID', 'id', false);
$obj->setField('URL', 'url', false);
$show_num = $_CONF['search_show_num'];
$show_type = $_CONF['search_show_type'];
$show_user = $_CONF['contributedbyline'];
$show_hits = !$_CONF['hideviewscount'];
$style = isset($_CONF['search_style']) ? $_CONF['search_style'] : 'google';
if ($style == 'table') {
$obj->setStyle('table');
// Title Name Display Sort Format
$obj->setField($LANG09[62], LF_ROW_NUMBER, $show_num, false, '<b>%d.</b>');
$obj->setField($LANG09[5], LF_SOURCE_TITLE, $show_type, true, '<b>%s</b>');
$obj->setField($LANG09[16], 'title', true, true);
$obj->setField($LANG09[63], 'description', true, false);
$obj->setField($LANG09[17], 'date', true, true);
$obj->setField($LANG09[18], 'uid', $show_user, true);
$obj->setField($LANG09[50], 'hits', $show_hits, true);
$this->_wordlength = 7;
} else {
if ($style == 'google') {
$sort_uid = $this->_author == '' ? true : false;
$sort_date = empty($this->_dateStart) || empty($this->_dateEnd) || $this->_dateStart != $this->_dateEnd ? true : false;
$sort_type = $this->_type == 'all' ? true : false;
$obj->setStyle('inline');
$obj->setField('', LF_ROW_NUMBER, $show_num, false, '<b>%d.</b>');
$obj->setField($LANG09[16], 'title', true, true, '%s<br' . XHTML . '>');
$obj->setField('', 'description', true, false, '%s<br' . XHTML . '>');
$obj->setField('', '_html', true, false, '<span class="searchresult-byline">');
$obj->setField($LANG09[18], 'uid', $show_user, $sort_uid, $LANG01[104] . ' %s ');
$obj->setField($LANG09[17], 'date', true, $sort_date, $LANG01[36] . ' %s');
$obj->setField($LANG09[5], LF_SOURCE_TITLE, $show_type, $sort_type, ' - %s');
$obj->setField($LANG09[50], 'hits', $show_hits, true, ' - %s ' . $LANG09[50]);
$obj->setField('', '_html', true, false, '</span>');
$this->_wordlength = 50;
}
}
// get default sort order
$default_sort = explode('|', $_CONF['search_def_sort']);
$obj->setDefaultSort($default_sort[0], $default_sort[1]);
// set this only now, for compatibility with PHP 4
$obj->setRowFunction(array($this, 'searchFormatCallback'));
// Start search timer
$searchtimer = new timerobject();
$searchtimer->setPrecision(4);
$searchtimer->startTimer();
// Have plugins do their searches
$page = isset($_GET['page']) ? COM_applyFilter($_GET['page'], true) : 1;
$result_plugins = PLG_doSearch($this->_query, $this->_dateStart, $this->_dateEnd, $this->_topic, $this->_type, $this->_author, $this->_keyType, $page, 5);
// Add core searches
$result_plugins = array_merge($result_plugins, $this->_searchStories());
// Loop through all plugins separating the new API from the old
$new_api = 0;
$old_api = 0;
$num_results = 0;
foreach ($result_plugins as $result) {
if (is_a($result, 'SearchCriteria')) {
$debug_info = $result->getName() . ' using APIv2';
if ($this->_type != 'all' && $this->_type != $result->getName()) {
if ($this->_verbose) {
$new_api++;
COM_errorLog($debug_info . '. Skipped as type is not ' . $this->_type);
}
continue;
}
$api_results = $result->getResults();
if (!empty($api_results)) {
$obj->addResultArray($api_results);
}
$api_callback_func = $result->getCallback();
if (!empty($api_callback_func)) {
$debug_info .= ' with Callback Function.';
$obj->setCallback($result->getLabel(), $result->getName(), $api_callback_func, $result->getRank(), $result->getTotal());
} else {
if ($result->getSQL() != '' || $result->getFTSQL() != '') {
if ($_CONF['search_use_fulltext'] == true && $result->getFTSQL() != '') {
$sql = $result->getFTSQL();
} else {
$sql = $result->getSQL();
}
$sql = $this->_convertsql($sql);
$debug_info .= ' with SQL = ' . print_r($sql, 1);
$obj->setQuery($result->getLabel(), $result->getName(), $sql, $result->getRank());
}
}
$this->_url_rewrite[$result->getName()] = $result->UrlRewriteEnable();
$this->_append_query[$result->getName()] = $result->AppendQueryEnable();
if ($this->_verbose) {
$new_api++;
COM_errorLog($debug_info);
}
} else {
if (is_a($result, 'Plugin') && $result->num_searchresults != 0) {
// Some backwards compatibility
if ($this->_verbose) {
$old_api++;
$debug_info = $result->plugin_name . ' using APIv1 with backwards compatibility.';
$debug_info .= ' Count: ' . $result->num_searchresults;
$debug_info .= ' Headings: ' . implode(',', $result->searchheading);
COM_errorLog($debug_info);
}
// Find the column heading names that closely match what we are looking for
// There may be issues here on different languages, but this _should_ capture most of the data
$col_title = $this->_findColumn($result->searchheading, array($LANG09[16], $LANG31[4], 'Question', 'Site Page'));
//Title,Subject
$col_desc = $this->_findColumn($result->searchheading, array($LANG09[63], 'Answer'));
$col_date = $this->_findColumn($result->searchheading, array($LANG09[17]));
//'Date','Date Added','Last Updated','Date & Time'
$col_user = $this->_findColumn($result->searchheading, array($LANG09[18], 'Submited by'));
$col_hits = $this->_findColumn($result->searchheading, array($LANG09[50], $LANG09[23], 'Downloads', 'Clicks'));
//'Hits','Views'
$label = str_replace($LANG09[59], '', $result->searchlabel);
$num_results += $result->num_itemssearched;
// Extract the results
for ($i = 0; $i < 5; $i++) {
// If the plugin does not repect the $perpage perameter force it here.
$j = $i + $page * 5 - 5;
if ($j >= count($result->searchresults)) {
break;
}
$old_row = $result->searchresults[$j];
if ($col_date != -1) {
// Convert the date back to a timestamp
$date = $old_row[$col_date];
$date = substr($date, 0, strpos($date, '@'));
$date = $date == '' ? $old_row[$col_date] : strtotime($date);
}
$api_results = array(LF_SOURCE_NAME => $result->plugin_name, LF_SOURCE_TITLE => $label, 'title' => $col_title == -1 ? '<i>' . $LANG09[70] . '</i>' : $old_row[$col_title], 'description' => $col_desc == -1 ? '<i>' . $LANG09[70] . '</i>' : $old_row[$col_desc], 'date' => $col_date == -1 ? ' ' : $date, 'uid' => $col_user == -1 ? ' ' : $old_row[$col_user], 'hits' => $col_hits == -1 ? '0' : str_replace(',', '', $old_row[$col_hits]));
preg_match('/href="([^"]+)"/i', $api_results['title'], $links);
$api_results['url'] = empty($links) ? '#' : $links[1];
$obj->addResult($api_results);
}
}
}
}
// Find out how many plugins are on the old/new system
if ($this->_verbose) {
COM_errorLog('Search Plugins using APIv1: ' . $old_api . ' APIv2: ' . $new_api);
}
// Execute the queries
$results = $obj->ExecuteQueries();
// Searches are done, stop timer
$searchtime = $searchtimer->stopTimer();
$escquery = htmlspecialchars($this->_query);
$escquery = str_replace(array('{', '}'), array('{', '}'), $escquery);
if ($this->_keyType == 'any') {
$searchQuery = str_replace(' ', "</b>' " . $LANG09[57] . " '<b>", $escquery);
$searchQuery = "<b>'{$searchQuery}'</b>";
} else {
if ($this->_keyType == 'all') {
$searchQuery = str_replace(' ', "</b>' " . $LANG09[56] . " '<b>", $escquery);
$searchQuery = "<b>'{$searchQuery}'</b>";
} else {
$searchQuery = $LANG09[55] . " '<b>{$escquery}</b>'";
}
}
// Clean the query string so that sprintf works as expected
$searchQuery = str_replace('%', '%%', $searchQuery);
$retval = "{$LANG09[25]} {$searchQuery}. ";
if (count($results) == 0) {
$retval .= sprintf($LANG09[24], 0);
$retval = '<p>' . $retval . '</p>' . LB;
$retval .= '<p>' . $LANG09[13] . '</p>' . LB;
$retval .= $this->showForm();
} else {
$retval .= $LANG09[64] . " ({$searchtime} {$LANG09[27]}). ";
$retval .= str_replace('%', '%%', COM_createLink($LANG09[61], $url . 'refine'));
$retval = '<p>' . $retval . '</p>' . LB;
$retval = $obj->getFormattedOutput($results, $LANG09[11], $retval, '', $_CONF['search_show_sort'], $_CONF['search_show_limit']);
}
return $retval;
}
$_DB->setDisplayError(TRUE);
require_once $_CONF['path'] . 'plugins/gus/sql/gus.php';
// build tables
foreach ($_SQL as $sql) {
DB_query($sql);
}
// insert data
foreach ($_DATA as $data) {
DB_query($data);
}
}
/*
* Main Function
*/
$display = COM_siteHeader() . COM_startBlock($LANG_GUS00['install_header']);
$action = isset($_GET['action']) ? COM_applyFilter($_GET['action']) : '';
if ($action === 'install') {
if (plugin_install_gus()) {
$img_url = $_CONF['site_url'] . '/gus/images/' . $_GUS_IMG_name;
$blockManager = $_CONF['site_admin_url'] . '/block.php';
$admin_url = $_CONF['site_admin_url'] . '/plugins/gus/index.php';
$import_url = $_CONF['site_admin_url'] . '/plugins/gus/import.php';
$readme_url = $_CONF['site_admin_url'] . '/plugins/gus/readme.html';
$display .= "<img align=left src=\"{$img_url}\" alt='GUS Icon' width=48 height=48>" . '<p>I have created all the necessary tables and activated the Who\'s Online block. ' . "If you do not want to use it, then you may disable it by changing the GUS config.php file located in the plugins/gus directory. " . "<p>To configure GUS, go to the <a href=\"{$admin_url}\">admin page</a>.\n\t\t\tInformation about the various configuration options\tmay be found in the \n\t\t\t<a href=\"{$readme_url}#config\">README file</a>." . "<p>If you would like to support development of this plugin, there are some suggestions in the \n\t\t\t<a href=\"{$readme_url}#you\">README file</a>.";
// check for old stats to see if we should add an import link
if ($_ST_plugin_name != '') {
$stats_version = DB_getItem($_TABLES['plugins'], 'pi_version', "pi_name = '{$_ST_plugin_name}'");
$display .= "<hr>I notice you have the stats plugin version {$stats_version} installed as '{$_ST_plugin_name}'. ";
if ($stats_version !== '1.3') {
$display .= "<p>If you had version 1.3 installed, I could import its data. \n\t\t\t\t\tIf you update this in the future, you can import its data from \n\t\t\t\t\tthe <a href=\"{$admin_url}\">admin page</a>.";
} else {
if (empty($_POST['to']) || empty($_POST['from']) || empty($_POST['shortmsg'])) {
$display .= COM_siteHeader('menu', $LANG08[17]) . COM_showMessageText($LANG08[22]) . mailstoryform($sid, COM_applyFilter($_POST['to']), COM_applyFilter($_POST['toemail']), COM_applyFilter($_POST['from']), COM_applyFilter($_POST['fromemail']), $_POST['shortmsg']) . COM_siteFooter();
} else {
$msg = PLG_itemPreSave('emailstory', $_POST['shortmsg']);
if (!empty($msg)) {
$display .= COM_siteHeader('menu', $LANG08[17]) . COM_errorLog($msg, 2) . mailstoryform($sid, COM_applyFilter($_POST['to']), COM_applyFilter($_POST['toemail']), COM_applyFilter($_POST['from']), COM_applyFilter($_POST['fromemail']), $_POST['shortmsg']) . COM_siteFooter();
} else {
$display .= mailstory($sid, $_POST['to'], $_POST['toemail'], $_POST['from'], $_POST['fromemail'], $_POST['shortmsg']);
}
}
}
}
break;
default:
if (isset($_GET['uid'])) {
$uid = COM_applyFilter($_GET['uid'], true);
} else {
$uid = 0;
}
if ($uid > 1) {
$subject = '';
if (isset($_GET['subject'])) {
$subject = strip_tags($_GET['subject']);
$subject = substr($subject, 0, strcspn($subject, "\r\n"));
$subject = htmlspecialchars(trim($subject), ENT_QUOTES);
}
$display .= COM_siteHeader('menu', $LANG04[81]) . contactform($uid, $subject) . COM_siteFooter();
} else {
$display .= COM_refresh($_CONF['site_url'] . '/index.php');
}
break;
/**
* Kicks off the appropriate search(es)
*
* Initiates the search engine and returns HTML formatted
* results. It also provides support to plugins using a
* search API.
*
* @author Sami Barakat <s.m.barakat AT gmail DOT com>
* @access public
* @return string HTML output for search results
*
*/
function doSearch()
{
global $_CONF, $LANG01, $LANG09, $LANG31, $_TABLES, $_USER;
$debug_info = '';
$retval = '';
$list_top = '';
// Verify current user can perform requested search
if (!$this->_isSearchAllowed()) {
return $this->_getAccessDeniedMessage();
}
// Make sure there is a query string
// Full text searches have a minimum word length of 3 by default
if (empty($this->_query)) {
if ((empty($this->_author) || $this->_author == 0) && (empty($this->_type) || $this->_type == 'all') && (empty($this->_topic) || $this->_topic == 'all') && (empty($this->_dateStart) || empty($this->_dateEnd))) {
$retval = $this->showForm();
$retval .= '<div style="margin-bottom:5px;border-bottom:1px solid #ccc;"></div><p>' . $LANG09[41] . '</p>' . LB;
return $retval;
}
} elseif (strlen($this->_query) < 3) {
$retval = $this->showForm();
$retval .= '<div style="margin-bottom:5px;border-bottom:1px solid #ccc;"></div><p>' . $LANG09[41] . '</p>' . LB;
return $retval;
}
// Build the URL strings
$this->_searchURL = $_CONF['site_url'] . '/search.php?query=' . urlencode($this->_query) . (!empty($this->_keyType) ? '&keyType=' . urlencode($this->_keyType) : '') . (!empty($this->_dateStart) ? '&datestart=' . urlencode($this->_dateStart) : '') . (!empty($this->_dateEnd) ? '&dateend=' . urlencode($this->_dateEnd) : '') . (!empty($this->_topic) ? '&topic=' . urlencode($this->_topic) : '') . (!empty($this->_author) ? '&author=' . urlencode($this->_author) : '') . (!empty($this->_searchDays) ? '&st=' . urlencode($this->_searchDays) : '');
$url = "{$this->_searchURL}&type={$this->_type}&mode=";
$obj = new ListFactory($url . 'search', $_CONF['search_limits'], $_CONF['num_search_results']);
$obj->setField('ID', 'id', false);
$obj->setField('URL', 'url', false);
$show_num = $_CONF['search_show_num'];
$show_type = $_CONF['search_show_type'];
$show_user = $_CONF['search_show_user'];
$show_hits = $_CONF['search_show_hits'];
$style = isset($_CONF['search_style']) ? $_CONF['search_style'] : 'google';
if (!COM_isAnonUser()) {
$userStyle = DB_getItem($_TABLES['userprefs'], 'search_result_format', 'uid=' . (int) $_USER['uid']);
if ($userStyle != '') {
$style = $userStyle;
}
}
if ($style == 'table') {
$obj->setStyle('table');
// Title Name Display Sort Format
$obj->setField($LANG09[62], ROW_NUMBER, $show_num, false, '<b>%d.</b>');
$obj->setField($LANG09[5], SQL_TITLE, $show_type, true, '<b>%s</b>');
$obj->setField($LANG09[16], 'title', true, true);
$obj->setField($LANG09[63], 'description', true, false);
$obj->setField($LANG09[17], 'date', true, true);
$obj->setField($LANG09[18], 'uid', $show_user, true);
$obj->setField($LANG09[50], 'hits', $show_hits, true);
$this->_wordlength = 7;
} else {
if ($style == 'google') {
$obj->setStyle('inline');
$obj->setField('', ROW_NUMBER, $show_num, false, '<span style="font-size:larger; font-weight:bold;">%d.</span>');
$obj->setField($LANG09[16], 'title', true, true, '<span style="font-size:larger; font-weight:bold;">%s</span><br/>');
$obj->setField('', 'description', true, false, '%s<br/>');
$obj->setField('', '_html', true, false, '<span style="color:green;">');
$obj->setField($LANG09[18], 'uid', $show_user, true, $LANG01[104] . ' %s ');
$obj->setField($LANG09[17], 'date', true, true, $LANG01[36] . ' %s');
$obj->setField($LANG09[5], SQL_TITLE, $show_type, true, ' - %s');
$obj->setField($LANG09[50], 'hits', $show_hits, true, ' - %s ' . $LANG09[50]);
$obj->setField('', '_html', true, false, '</span>');
$this->_wordlength = 50;
}
}
$obj->setDefaultSort('date');
$obj->setRowFunction(array($this, 'searchFormatCallBack'));
// Start search timer
$searchtimer = new timerobject();
$searchtimer->setPercision(4);
$searchtimer->startTimer();
// Have plugins do their searches
$page = isset($_REQUEST['page']) ? COM_applyFilter($_REQUEST['page'], true) : 1;
$result_plugins = PLG_doSearch($this->_query, $this->_dateStart, $this->_dateEnd, $this->_topic, $this->_type, $this->_author, $this->_keyType, $page, 5);
$result_plugins_comment = PLG_doSearchComment($this->_query, $this->_dateStart, $this->_dateEnd, $this->_topic, $this->_type, $this->_author, $this->_keyType, $page, 5);
$result_plugins = array_merge($result_plugins, $result_plugins_comment);
// Add core searches
if ($this->_type == 'all' || $this->_type == 'stories') {
$result_plugins[] = $this->_searchStories();
}
if ($this->_type == 'all' || $this->_type == 'comments') {
$result_plugins[] = $this->_searchComments();
}
// Loop through all plugins separating the new API from the old
$new_api = 0;
$old_api = 0;
$num_results = 0;
if (!isset($_CONF['search_use_fulltext'])) {
$_CONF['search_use_fulltext'] = false;
}
foreach ($result_plugins as $result) {
if (is_a($result, 'SearchCriteria')) {
$debug_info .= $result->getName() . " using APIv2, ";
$type = $result->getType();
if ($type == 'sql') {
if ($_CONF['search_use_fulltext'] == true && $result->getFTSQL() != '') {
$debug_info .= "search using FULLTEXT\n";
$sql = $result->getFTSQL();
} else {
$debug_info .= "search using LIKE\n";
$sql = $result->getSQL();
}
$sql = $this->_convertsql($sql);
$obj->setQuery($result->getLabel(), $result->getName(), $sql, $result->getRank());
$this->_url_rewrite[$result->getName()] = $result->UrlRewriteEnable() ? true : false;
} else {
if ($type == 'text') {
$obj->setQueryText($result->getLabel(), $result->getName(), $this->_query, $result->getNumResults(), $result->getRank());
}
}
$new_api++;
} else {
if (is_a($result, 'Plugin') && $result->num_searchresults != 0) {
// Some backwards compatibility
$debug_info .= $result->plugin_name . " using APIv1, search using backwards compatibility\n";
// Find the column heading names that closely match what we are looking for
// There may be issues here on different languages, but this _should_ capture most of the data
$col_title = $this->_findColumn($result->searchheading, array($LANG09[16], $LANG31[4], 'Question'));
//Title,Subject
$col_desc = $this->_findColumn($result->searchheading, array($LANG09[63], 'Answer'));
$col_date = $this->_findColumn($result->searchheading, array($LANG09[17]));
//'Date','Date Added','Last Updated','Date & Time'
$col_user = $this->_findColumn($result->searchheading, array($LANG09[18], 'Submited by'));
$col_hits = $this->_findColumn($result->searchheading, array($LANG09[50], $LANG09[23], 'Downloads', 'Clicks'));
//'Hits','Views'
$col_url = $this->_findColumn($result->searchheading, array('URL'));
//'Hits','Views'
$label = str_replace($LANG09[59], '', $result->searchlabel);
if ($result->num_itemssearched > 0) {
$_page = isset($_REQUEST['page']) ? COM_applyFilter($_REQUEST['page'], true) : 1;
if (isset($_REQUEST['results'])) {
$_per_page = COM_applyFilter($_REQUEST['results'], true);
} else {
$_per_page = $obj->getPerPage();
}
$obj->addTotalRank(3);
$pp = round(3 / $obj->getTotalRank() * $_per_page);
$offset = ($_page - 1) * $pp;
$limit = $pp;
$obj->addToTotalFound($result->num_itemssearched);
$counter = 0;
// Extract the results
foreach ($result->searchresults as $old_row) {
if ($counter >= $offset && $counter <= $offset + $limit) {
if ($col_date != -1) {
// Convert the date back to a timestamp
$date = $old_row[$col_date];
$date = substr($date, 0, strpos($date, '@'));
if ($date == '') {
$date = $old_row[$col_date];
} else {
$date = strtotime($date);
}
}
$api_results = array(SQL_NAME => $result->plugin_name, SQL_TITLE => $label, 'title' => $col_title == -1 ? $_CONF['search_no_data'] : $old_row[$col_title], 'description' => $col_desc == -1 ? $_CONF['search_no_data'] : $old_row[$col_desc], 'date' => $col_date == -1 ? ' ' : $date, 'uid' => $col_user == -1 ? '' : $old_row[$col_user], 'hits' => $col_hits == -1 ? '0' : str_replace(',', '', $old_row[$col_hits]), 'url' => $old_row[$col_url]);
$obj->addResult($api_results);
}
$counter++;
}
}
$old_api++;
}
}
}
// Find out how many plugins are on the old/new system
$debug_info .= "\nAPIv1: {$old_api}\nAPIv2: {$new_api}";
// Execute the queries
$results = $obj->ExecuteQueries();
// Searches are done, stop timer
$searchtime = $searchtimer->stopTimer();
$escquery = htmlspecialchars($this->_query);
if ($this->_keyType == 'any') {
$searchQuery = str_replace(' ', "</b>' " . $LANG09[57] . " '<b>", $escquery);
$searchQuery = "<b>'{$searchQuery}'</b>";
} else {
if ($this->_keyType == 'all') {
$searchQuery = str_replace(' ', "</b>' " . $LANG09[56] . " '<b>", $escquery);
$searchQuery = "<b>'{$searchQuery}'</b>";
} else {
$searchQuery = $LANG09[55] . " '<b>{$escquery}</b>'";
}
}
// Clean the query string so that sprintf works as expected
$searchQuery = str_replace("%", "%%", $searchQuery);
$searchText = "{$LANG09[25]} {$searchQuery}. ";
$retval .= $this->showForm();
if (count($results) == 0) {
$retval .= '<div style="margin-bottom:5px;border-bottom:1px solid #ccc;"></div>';
$retval .= $LANG09[74];
} else {
$retval .= $obj->getFormattedOutput($results, $LANG09[11], $list_top, '');
}
return $retval;
}
$action = COM_applyFilter($_REQUEST['action'], false);
}
if (isset($_REQUEST['mode'])) {
$mode = COM_applyFilter($_REQUEST['mode'], false);
}
$msg = '';
if (isset($_REQUEST['msg'])) {
$msg = COM_applyFilter($_REQUEST['msg'], true);
}
$id = '';
if (isset($_REQUEST['id'])) {
$id = COM_applyFilter($_REQUEST['id'], true);
}
$old_mode = "";
if (isset($_REQUEST['old_mode'])) {
$old_mode = COM_applyFilter($_REQUEST['old_mode'], false);
if ($mode == $LANG_ADMIN['cancel']) {
$mode = $old_mode;
}
}
if ($mode == $LANG_ADMIN['save'] && !empty($LANG_ADMIN['save'])) {
// save
$mode = "save";
} else {
if ($mode == $LANG_ADMIN['delete'] && !empty($LANG_ADMIN['delete'])) {
$mode = "delete";
}
}
if ($action == $LANG_ADMIN['cancel']) {
// cancel
$mode = "";
function LIB_delete($pi_name)
{
global $_CONF;
global $_TABLES;
$lang_box_admin = "LANG_" . strtoupper($pi_name) . "_ADMIN";
global ${$lang_box_admin};
$lang_box_admin = ${$lang_box_admin};
$table = $_TABLES[strtoupper($pi_name) . '_def_group'];
$id = COM_applyFilter($_POST['id'], true);
// CHECK
$err = "";
//category addtionfield check!!!
if ($err != "") {
$pagetitle = $lang_box_admin['err'];
$retval .= DATABOX_siteHeader($pi_name, '_admin', $page_title);
$retval .= COM_startBlock($lang_box_admin['err'], '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $err;
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$retval .= DATABOX_siteFooter($pi_name, '_admin');
return $retval;
}
//
DB_delete($table, 'group_id', $id);
return COM_refresh($_CONF['site_admin_url'] . '/plugins/' . THIS_SCRIPT . '?msg=2');
}
/**
* Save topic to the database
*
* @param string $tid Topic ID
* @param string $topic Name of topic (what the user sees)
* @param int $inherit whether to inherit
* @param int $hidden whether to hide
* @param string $parent_id Parent ID
* @param string $imageUrl (partial) URL to topic image
* @param string $meta_description Topic meta description
* @param string $meta_keywords Topic meta keywords
* @param int $sortNum number for sort order in "Topics" block
* @param int $limitNews number of stories per page for this topic
* @param int $owner_id ID of owner
* @param int $group_id ID of group topic belongs to
* @param int $perm_owner Permissions the owner has
* @param int $perm_group Permissions the group has
* @param int $perm_members Permissions members have
* @param int $perm_anon Permissions anonymous users have
* @param string $is_default 'on' if this is the default topic
* @param string $is_archive 'on' if this is the archive topic
* @return string HTML redirect or error message
*/
function savetopic($tid, $topic, $inherit, $hidden, $parent_id, $imageUrl, $meta_description, $meta_keywords, $sortNum, $limitNews, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon, $is_default, $is_archive)
{
global $_CONF, $_TABLES, $_USER, $LANG27, $MESSAGE;
$retval = '';
// Convert array values to numeric permission values
list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
$tid = COM_sanitizeID($tid);
// Check if tid is a restricted name
$restricted_tid = false;
if (!strcasecmp($tid, TOPIC_ALL_OPTION) || !strcasecmp($tid, TOPIC_NONE_OPTION) || !strcasecmp($tid, TOPIC_HOMEONLY_OPTION) || !strcasecmp($tid, TOPIC_SELECTED_OPTION) || !strcasecmp($tid, TOPIC_ROOT)) {
$restricted_tid = true;
}
// Check if tid is used by another topic
$duplicate_tid = false;
$old_tid = '';
if (isset($_POST['old_tid'])) {
$old_tid = COM_applyFilter($_POST['old_tid']);
if (!empty($old_tid)) {
$old_tid = COM_sanitizeID($old_tid);
// See if new topic id
if (strcasecmp($tid, $old_tid)) {
if (!strcasecmp($tid, DB_getItem($_TABLES['topics'], 'tid', "tid = '{$tid}'"))) {
$duplicate_tid = true;
}
}
} else {
if (!strcasecmp($tid, DB_getItem($_TABLES['topics'], 'tid', "tid = '{$tid}'"))) {
$duplicate_tid = true;
}
}
}
// Make sure parent id exists
$parent_id_found = false;
if ($parent_id == DB_getItem($_TABLES['topics'], 'tid', "tid = '{$parent_id}'") || $parent_id == TOPIC_ROOT) {
$parent_id_found = true;
}
// Check if parent archive topic, if so bail
$archive_parent = false;
$archive_tid = DB_getItem($_TABLES['topics'], 'tid', 'archive_flag = 1');
if ($parent_id == $archive_tid) {
$archive_parent = true;
}
// If archive topic, make sure no child topics else bail
$archive_child = false;
$is_archive = $is_archive == 'on' ? 1 : 0;
if ($is_archive) {
if ($tid == DB_getItem($_TABLES['topics'], 'parent_id', "parent_id = '{$tid}'")) {
$archive_child = true;
}
}
if (DB_count($_TABLES['topics'], 'tid', $tid) > 0) {
$result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['topics']} WHERE tid = '{$tid}'");
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
} else {
$access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon);
}
if ($access < 3 || !SEC_inGroup($group_id)) {
$retval .= COM_showMessageText($MESSAGE[29], $MESSAGE[30]);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $MESSAGE[30]));
COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}.");
} else {
// Now check access to parent topic
if ($parent_id != TOPIC_ROOT) {
if (DB_count($_TABLES['topics'], 'tid', $parent_id) > 0) {
$result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['topics']} WHERE tid = '{$parent_id}'");
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
}
$in_Group = SEC_inGroup($A['group_id']);
} else {
$access = 3;
$in_Group = true;
}
if ($access < 3 || !$in_Group) {
$retval .= COM_showMessageText($MESSAGE[29], $MESSAGE[30]);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $MESSAGE[30]));
COM_accessLog("User {$_USER['username']} tried to illegally assign topic {$tid} to {$parent_id}.");
} elseif (!empty($tid) && !empty($topic) && !$restricted_tid && !$duplicate_tid && !$archive_parent && !$archive_child && $parent_id_found) {
if ($imageUrl === '/images/topics/') {
$imageUrl = '';
}
$topic = GLText::remove4byteUtf8Chars(strip_tags($topic));
$topic = DB_escapeString($topic);
$meta_description = GLText::remove4byteUtf8Chars(strip_tags($meta_description));
$meta_description = DB_escapeString($meta_description);
$meta_keywords = GLText::remove4byteUtf8Chars(strip_tags($meta_keywords));
$meta_keywords = DB_escapeString($meta_keywords);
if ($is_default == 'on') {
$is_default = 1;
DB_query("UPDATE {$_TABLES['topics']} SET is_default = 0 WHERE is_default = 1");
} else {
$is_default = 0;
}
if ($is_archive) {
// $tid is the archive topic
// - if it wasn't already, mark all its stories "archived" now
if ($archive_tid != $tid) {
$sql = "UPDATE {$_TABLES['stories']} s, {$_TABLES['topic_assignments']} ta\n SET s.featured = 0, s.frontpage = 0, s.statuscode = " . STORY_ARCHIVE_ON_EXPIRE . "\n WHERE ta.type = 'article' AND ta.tid = '{$tid}' AND ta.id = s.sid";
DB_query($sql);
$sql = "UPDATE {$_TABLES['topics']} SET archive_flag = 0 WHERE archive_flag = 1";
DB_query($sql);
}
// Set hidden and inherit to false since archive topic now
$inherit = '';
$hidden = '';
} else {
// $tid is not the archive topic
// - if it was until now, reset the "archived" status of its stories
if ($archive_tid == $tid) {
$sql = "UPDATE {$_TABLES['stories']} s, {$_TABLES['topic_assignments']} ta\n SET s.statuscode = 0\n WHERE ta.type = 'article' AND ta.tid = '{$tid}' AND ta.id = s.sid";
DB_query($sql);
$sql = "UPDATE {$_TABLES['topics']} SET archive_flag = 0 WHERE archive_flag = 1";
DB_query($sql);
}
}
$inherit = $inherit == 'on' ? 1 : 0;
$hidden = $hidden == 'on' ? 1 : 0;
// Cannot hide root topics so switch if needed
if ($parent_id == TOPIC_ROOT && $hidden == 1) {
$hidden = 0;
}
// If not a new topic and id change then...
if (!empty($old_tid)) {
if ($tid != $old_tid) {
changetopicid($tid, $old_tid);
$old_tid = DB_escapeString($old_tid);
DB_delete($_TABLES['topics'], 'tid', $old_tid);
}
}
DB_save($_TABLES['topics'], 'tid, topic, inherit, hidden, parent_id, imageurl, meta_description, meta_keywords, sortnum, limitnews, is_default, archive_flag, owner_id, group_id, perm_owner, perm_group, perm_members, perm_anon', "'{$tid}', '{$topic}', {$inherit}, {$hidden}, '{$parent_id}', '{$imageUrl}', '{$meta_description}', '{$meta_keywords}','{$sortNum}','{$limitNews}',{$is_default},'{$is_archive}',{$owner_id},{$group_id},{$perm_owner},{$perm_group},{$perm_members},{$perm_anon}");
if ($old_tid != $tid) {
PLG_itemSaved($tid, 'topic', $old_tid);
} else {
PLG_itemSaved($tid, 'topic');
}
// Reorder Topics, Delete topic cache and reload topic tree
reorderTopics();
// update feed(s)
COM_rdfUpToDateCheck('article', $tid);
COM_redirect($_CONF['site_admin_url'] . '/topic.php?msg=13');
} elseif ($restricted_tid) {
$retval .= COM_errorLog($LANG27[31], 2);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
} elseif ($duplicate_tid) {
$retval .= COM_errorLog($LANG27[49], 2);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
} elseif ($archive_parent) {
$retval .= COM_errorLog($LANG27[46], 2);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
} elseif ($archive_child) {
$retval .= COM_errorLog($LANG27[47], 2);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
} elseif (!$parent_id_found) {
$retval .= COM_errorLog($LANG27[48], 2);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
} else {
$retval .= COM_errorLog($LANG27[7], 2);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG27[1]));
}
}
return $retval;
}
if (isset($_GET['mode'])) {
$mode = COM_applyFilter($_GET['mode']);
}
}
$T = new Template($_MG_CONF['template_path']);
$T->set_file('admin', 'administration.thtml');
$T->set_var(array('site_admin_url' => $_CONF['site_admin_url'], 'site_url' => $_MG_CONF['site_url'], 'lang_admin' => $LANG_MG00['admin'], 'xhtml' => XHTML));
if ($mode == $LANG_MG01['save'] && !empty($LANG_MG01['save'])) {
MG_createUsers();
exit;
} elseif ($mode == $LANG_MG01['cancel']) {
echo COM_refresh($_MG_CONF['admin_url'] . 'index.php');
exit;
} else {
if (isset($_REQUEST['page'])) {
$page = COM_applyFilter($_REQUEST['page'], true) - 1;
if ($page < 0) {
$page = 0;
}
} else {
$page = 0;
}
$T->set_var(array('admin_body' => MG_selectUsers($page), 'title' => $LANG_MG01['batch_create_members'], 'lang_help' => '<img src="' . MG_getImageFile('button_help.png') . '" style="border:none;" alt="?"' . XHTML . '>', 'help_url' => $_MG_CONF['site_url'] . '/docs/usage.html#Batch_Create_Member_Albums'));
}
$T->parse('output', 'admin');
$display = COM_startBlock($LANG_MG00['admin'], '', COM_getBlockTemplate('_admin_block', 'header'));
$display .= MG_showAdminMenu('member_albums');
$display .= $T->finish($T->get_var('output'));
$display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
$display = COM_createHTMLDocument($display);
COM_output($display);
/**
* Copies and installs new style plugins
*
* Copies all files the proper place and runs the automated installer
* or upgrade.
*
* @return string Formatted HTML containing the page body
*
*/
function post_uploadProcess()
{
global $_CONF, $_PLUGINS, $_TABLES, $autotagData, $LANG32, $_DB_dbms, $_DB_table_prefix;
$retval = '';
$upgrade = false;
$masterErrorCount = 0;
$masterErrorMsg = '';
$autotagData = array();
$autotagData['id'] = COM_applyFilter($_POST['pi_name']);
$autotagData['name'] = $autotagData['id'];
$autotagData['version'] = COM_applyFilter($_POST['pi_version']);
$autotagData['glfusionversion'] = COM_applyFilter($_POST['pi_gl_version']);
$tdir = COM_applyFilter($_POST['temp_dir']);
$tdir = preg_replace('/[^a-zA-Z0-9\\-_\\.]/', '', $tdir);
$tdir = str_replace('..', '', $tdir);
$tmp = $_CONF['path_data'] . $tdir;
$autotagData = array();
$rc = _at_parseXML($tmp);
if ($rc == -1) {
// no xml file found
return _at_errorBox($LANG32[74]);
}
clearstatcache();
$permError = 0;
$permErrorList = '';
// copy to proper directories
if (defined('DEMO_MODE')) {
_pi_deleteDir($tmp);
echo COM_refresh($_CONF['site_admin_url'] . '/autotag.php?msg=503');
exit;
}
if (function_exists('set_time_limit')) {
@set_time_limit(30);
}
$autotagData['id'] = preg_replace('/[^a-zA-Z0-9\\-_\\.]/', '', $autotagData['id']);
$rc = _pi_file_copy($tmp . '/' . $autotagData['id'] . '.class.php', $_CONF['path_system'] . 'autotags/');
if ($rc === false) {
$errorMessage = '<h2>' . $LANG32[42] . '</h2>' . $LANG32[43] . $permErrorList . '<br />' . $LANG32[44];
_pi_deleteDir($tmp);
return _at_errorBox($errorMessage);
}
// copy template files, if any
if (isset($autotagData['template']) && is_array($autotagData['template'])) {
foreach ($autotagData['template'] as $filename) {
$rc = _pi_file_copy($tmp . '/' . $filename, $_CONF['path_system'] . 'autotags/');
if ($rc === false) {
@unlink($_CONF['path_system'] . $autotagData['id'] . '.class.php');
$errorMessage = '<h2>' . $LANG32[42] . '</h2>' . $LANG32[43] . $permErrorList . '<br />' . $LANG32[44];
_pi_deleteDir($tmp);
return _at_errorBox($errorMessage);
}
}
}
$tag = DB_escapeString($autotagData['id']);
$desc = DB_escapeString($autotagData['description']);
$is_enabled = 1;
$is_function = 1;
$replacement = '';
DB_query("REPLACE INTO {$_TABLES['autotags']} (tag,description,is_enabled,is_function,replacement) VALUES ('" . $tag . "','" . $desc . "'," . $is_enabled . "," . $is_function . ",'')");
_pi_deleteDir($tmp);
CTL_clearCache();
// show status (success or fail)
return $retval;
}
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software Foundation, |
// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
// | |
// +---------------------------------------------------------------------------+
//
include_once 'gf_functions.php';
require_once $_CONF['path'] . 'plugins/forum/debug.php';
// Common Debug Code
$ip = COM_applyFilter($_REQUEST['ip']);
$forum = COM_applyFilter($_REQUEST['forum'], true);
$op = COM_applyFilter($_REQUEST['op']);
echo COM_siteHeader();
echo COM_startBlock($LANG_GF96['gfipman']);
echo ppNavbar($navbarMenu, $LANG_GF06['7']);
if ($op == 'banip' && $ip != '') {
if ($_POST['sure'] == 'yes') {
DB_query("INSERT INTO {$_TABLES['gf_banned_ip']} (host_ip) VALUES ('{$ip}')");
forum_statusMessage($LANG_GF96['ipbanned'], $_CONF['site_admin_url'] . '/plugins/forum/ips.php', $LANG_GF96['ipbanned']);
echo COM_endBlock();
echo adminfooter();
echo COM_siteFooter();
exit;
}
if ($_POST['sure'] != 'yes') {
$ips_unban = new Template($_CONF['path_layout'] . 'forum/layout/admin');
$ips_unban->set_file(array('ips_unban' => 'ips_unban.thtml'));
function MG_saveConfig()
{
global $display, $_CONF, $_MG_CONF, $_TABLES, $_USER, $LANG_MG09;
$gallery_only = COM_applyFilter($_POST['gallery_only'], true);
$index_all = COM_applyFilter($_POST['index_all'], true);
$album_display_columns = COM_applyFilter($_POST['albumdisplaycolumns'], true);
$album_display_rows = COM_applyFilter($_POST['albumdisplayrows'], true);
$loginrequired = COM_applyFilter($_POST['loginrequired'], true);
$anonymous_uploads = isset($_POST['anonymousuploads']) ? COM_applyFilter($_POST['anonymousuploads'], true) : 0;
$zip_path = COM_applyFilter($_POST['zip_path']);
$ffmpeg_path = COM_applyFilter($_POST['ffmpeg_path']);
$tmp_path = COM_applyFilter($_POST['tmp_path']);
$ftp_path = COM_applyFilter($_POST['ftp_path']);
$displayblocks = COM_applyFilter($_POST['displayblocks']);
$usage_tracking = COM_applyFilter($_POST['usagetracking']);
$dfid = COM_applyFilter($_POST['dfid'], true);
// $htmlallowed = COM_applyFilter($_POST['htmlallowed'],true);
$whatsnew = COM_applyFilter($_POST['whatsnew'], true);
$orig_jpg_quality = COM_applyFilter($_POST['orig_jpg_quality'], true);
$jpg_quality = COM_applyFilter($_POST['jpg_quality'], true);
$tn_jpg_quality = COM_applyFilter($_POST['tn_jpg_quality'], true);
$truncate_breadcrumb = COM_applyFilter($_POST['truncate_breadcrumb'], true);
$seperator = COM_applyFilter($_POST['seperator']);
$whatsnew_time = COM_applyFilter($_POST['whatsnew_time'], true);
$gallery_tn_size = COM_applyFilter($_POST['gallery_tn_size'], true);
$gallery_tn_height = COM_applyFilter($_POST['tnheight'], true);
$gallery_tn_width = COM_applyFilter($_POST['tnwidth'], true);
$flv_player = COM_applyFilter($_POST['use_flowplayer'], true);
$preserve_filename = COM_applyFilter($_POST['preserve_filename'], true);
$discard_originals = COM_applyFilter($_POST['discard_originals'], true);
$verbose = COM_applyFilter($_POST['verbose'], true);
$dwnc = COM_applyFilter($_POST['dwnc'], true);
$emid = COM_applyFilter($_POST['emid'], true);
$fip = COM_applyFilter($_POST['fip'], true);
$cmtbar = COM_applyFilter($_POST['cmtbar'], true);
$wn_length = COM_applyFilter($_POST['wn_length'], true);
$custom_image_height = COM_applyFilter($_POST['custom_image_height'], true);
$custom_image_width = COM_applyFilter($_POST['custom_image_width'], true);
$random_width = COM_applyFilter($_POST['random_width'], true);
$time_limit = COM_applyFilter($_POST['time_limit'], true);
$item_limit = COM_applyFilter($_POST['item_limit'], true);
$refresh_rate = COM_applyFilter($_POST['refresh_rate'], true);
$postcard_retention = COM_applyFilter($_POST['postcard_retention'], true);
$profile_hook = COM_applyFilter($_POST['profile_hook'], true);
$index_album_skin = COM_applyFilter($_POST['skin']);
$random_skin = COM_applyFilter($_POST['rskin']);
$subalbum_select = COM_applyFilter($_POST['subalbum_select'], true);
$at_border = COM_applyFilter($_POST['at_border'], true);
$at_align = COM_applyFilter($_POST['at_align']);
$at_width = COM_applyFilter($_POST['at_width'], true);
$at_height = COM_applyFilter($_POST['at_height'], true);
$at_src = COM_applyFilter($_POST['at_src']);
$at_autoplay = COM_applyFilter($_POST['at_autoplay'], true);
$at_enable_link = COM_applyFilter($_POST['at_enable_link'], true);
$at_delay = COM_applyFilter($_POST['at_delay'], true);
$at_showtitle = COM_applyFilter($_POST['at_showtitle'], true);
$search_columns = COM_applyFilter($_POST['search_columns'], true);
$search_rows = COM_applyFilter($_POST['search_rows'], true);
$search_enable_rating = COM_applyFilter($_POST['search_enable_rating'], true);
$search_playback_type = COM_applyFilter($_POST['search_playback_type'], true);
$search_enable_views = COM_applyFilter($_POST['search_enable_views'], true);
$popup_from_album = isset($_POST['popupfromalbum']) ? COM_applyFilter($_POST['popupfromalbum'], true) : 0;
$autotag_caption = isset($_POST['autotag_caption']) ? COM_applyFilter($_POST['autotag_caption'], true) : 0;
$indextheme = COM_applyFilter($_POST['theme']);
if (isset($_POST['up_display_rows_enabled'])) {
$up_display_rows_enabled = 1;
} else {
$up_display_rows_enabled = 0;
}
if (isset($_POST['up_display_columns_enabled'])) {
$up_display_columns_enabled = 1;
} else {
$up_display_columns_enabled = 0;
}
if (isset($_POST['up_mp3_player_enabled'])) {
$up_mp3_player_enabled = 1;
} else {
$up_mp3_player_enabled = 0;
}
if (isset($_POST['up_av_playback_enabled'])) {
$up_av_playback_enabled = 1;
} else {
$up_av_playback_enabled = 0;
}
if (isset($_POST['up_thumbnail_size_enabled'])) {
$up_thumbnail_size_enabled = 1;
} else {
$up_thumbnail_size_enabled = 0;
}
if (isset($_POST['enable_jhead'])) {
$enable_jhead = 1;
} else {
$enable_jhead = 0;
}
if (isset($_POST['enable_jpegtran'])) {
$enable_jpegtran = 1;
} else {
$enable_jpegtran = 0;
}
if (isset($_POST['enable_zip'])) {
$enable_zip = 1;
} else {
$enable_zip = 0;
}
if (isset($_POST['enable_ffmpeg'])) {
$enable_ffmpeg = 1;
} else {
$enable_ffmpeg = 0;
}
if (!preg_match('/^.*\\/$/', $tmp_path)) {
$tmp_path .= '/';
}
// sanity check on values...
if ($album_display_columns < 1 || $album_display_columns > 5) {
$album_display_columns = 2;
}
if ($loginrequired < 0 || $loginrequired > 1) {
$loginrequired = 1;
}
if ($displayblocks < 0 || $displayblocks > 3) {
$displayblocks = 0;
}
if ($usage_tracking < 0 || $usage_tracking > 1) {
$usage_tracking = 0;
}
if ($whatsnew < 0 || $whatsnew > 1) {
$whatsnew = 0;
}
if ($orig_jpg_quality < 25 || $orig_jpg_quality > 100) {
$orig_jpg_quality = 75;
}
if ($jpg_quality < 25 || $jpg_quality > 100) {
$jpg_quality = 75;
}
if ($tn_jpg_quality < 25 || $tn_jpg_quality > 100) {
$tn_jpg_quality = 75;
}
if ($truncate_breadcrumb == '') {
$truncate_breadcrumb = 0;
}
if ($seperator == '') {
$seperator = '/';
}
// check the batch options...
if ($time_limit < 30) {
$time_limit = 30;
}
if ($item_limit < 5) {
$item_limit = 5;
}
if ($refresh_rate < 5) {
$refresh_rate = 5;
}
DB_save($_TABLES['mg_config'], "config_name, config_value", "'loginrequired', '{$loginrequired}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'anonymous_uploads', '{$anonymous_uploads}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'album_display_columns', '{$album_display_columns}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'album_display_rows', '{$album_display_rows}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'displayblocks', '{$displayblocks}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'usage_tracking', '{$usage_tracking}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'dfid', '{$dfid}'");
// DB_save($_TABLES['mg_config'],"config_name, config_value","'htmlallowed', '$htmlallowed'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'whatsnew', '{$whatsnew}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'jpg_orig_quality', '{$orig_jpg_quality}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'jpg_quality', '{$jpg_quality}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'tn_jpg_quality', '{$tn_jpg_quality}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'truncate_breadcrumb', '{$truncate_breadcrumb}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'whatsnew_time', '{$whatsnew_time}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'gallery_tn_size', '{$gallery_tn_size}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'gallery_tn_height', '{$gallery_tn_height}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'gallery_tn_width', '{$gallery_tn_width}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'use_flowplayer', '{$flv_player}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'seperator', '{$seperator}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'up_display_rows_enabled', '{$up_display_rows_enabled}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'up_display_columns_enabled','{$up_display_columns_enabled}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'up_mp3_player_enabled', '{$up_mp3_player_enabled}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'up_av_playback_enabled', '{$up_av_playback_enabled}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'up_thumbnail_size_enabled', '{$up_thumbnail_size_enabled}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'zip_enabled', '{$enable_zip}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'zip_path', '{$zip_path}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'tmp_path', '{$tmp_path}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'ftp_path', '{$ftp_path}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'ffmpeg_enabled', '{$enable_ffmpeg}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'ffmpeg_path', '{$ffmpeg_path}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'preserve_filename',' {$preserve_filename}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'discard_original','{$discard_originals}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'verbose','{$verbose}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'disable_whatsnew_comments','{$dwnc}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'enable_media_id','{$emid}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'full_in_popup','{$fip}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'commentbar','{$cmtbar}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'title_length','{$wn_length}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'custom_image_height','{$custom_image_height}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'custom_image_width','{$custom_image_width}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'random_width','{$random_width}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'def_refresh_rate','{$refresh_rate}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'def_time_limit','{$time_limit}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'def_item_limit','{$item_limit}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'postcard_retention','{$postcard_retention}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'profile_hook','{$profile_hook}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'indexskin','{$index_album_skin}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'random_skin','{$random_skin}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'subalbum_select','{$subalbum_select}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'popup_from_album','{$popup_from_album}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'autotag_caption','{$autotag_caption}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'indextheme','{$indextheme}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_border','{$at_border}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_align','{$at_align}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_width','{$at_width}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_height','{$at_height}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_src','{$at_src}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_autoplay','{$at_autoplay}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_enable_link','{$at_enable_link}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_delay','{$at_delay}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'at_showtitle','{$at_showtitle}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'search_columns','{$search_columns}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'search_rows','{$search_rows}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'search_playback_type','{$search_playback_type}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'search_enable_views','{$search_enable_views}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'search_enable_rating','{$search_enable_rating}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'gallery_only','{$gallery_only}'");
DB_save($_TABLES['mg_config'], "config_name, config_value", "'index_all','{$index_all}'");
// now reset anything in the prefs that need to be reset...
if ($up_display_rows_enabled == 0) {
DB_query("UPDATE {$_TABLES['mg_userprefs']} SET display_rows=0");
}
if ($up_display_columns_enabled == 0) {
DB_query("UPDATE {$_TABLES['mg_userprefs']} SET display_columns=0");
}
if ($up_mp3_player_enabled == 0) {
DB_query("UPDATE {$_TABLES['mg_userprefs']} SET mp3_player=-1");
}
if ($up_av_playback_enabled == 0) {
DB_query("UPDATE {$_TABLES['mg_userprefs']} SET playback_mode=-1");
}
if ($up_thumbnail_size_enabled == 0) {
DB_query("UPDATE {$_TABLES['mg_userprefs']} SET tn_size=-1");
}
$result = DB_query("SELECT * FROM " . $_TABLES['mg_config'], 1);
$nRows = DB_numRows($result);
for ($x = 0; $x < $nRows; $x++) {
$row = DB_fetchArray($result);
$_MG_CONF[$row['config_name']] = $row['config_value'];
}
return MG_editConfig($LANG_MG09[2]);
}
