function fncSave($edt_flg, $navbarMenu, $menuno) { $pi_name = "userbox"; global $_CONF; global $_TABLES; global $_USER; global $_USERBOX_CONF; global $LANG_USERBOX_ADMIN; global $_FILES; $addition_def = DATABOX_getadditiondef($pi_name); $retval = ''; // clean 'em up $id = COM_applyFilter($_POST['id'], true); $fieldset_id = COM_applyFilter($_POST['fieldset'], true); //@@@@@ username fullname $username = COM_applyFilter($_POST['username']); $username = addslashes(COM_checkHTML(COM_checkWords($username))); $fullname = COM_applyFilter($_POST['fullname']); $fullname = addslashes(COM_checkHTML(COM_checkWords($fullname))); $page_title = COM_applyFilter($_POST['page_title']); $page_title = addslashes(COM_checkHTML(COM_checkWords($page_title))); $description = $_POST['description']; //COM_applyFilter($_POST['description']); $description = addslashes(COM_checkHTML(COM_checkWords($description))); $defaulttemplatesdirectory = COM_applyFilter($_POST['defaulttemplatesdirectory']); $defaulttemplatesdirectory = addslashes(COM_checkHTML(COM_checkWords($defaulttemplatesdirectory))); $draft_flag = COM_applyFilter($_POST['draft_flag'], true); // $hits =0; // $comments=0; $comment_expire_flag = COM_applyFilter($_POST['comment_expire_flag'], true); if ($comment_expire_flag) { $comment_expire_month = COM_applyFilter($_POST['comment_expire_month'], true); $comment_expire_day = COM_applyFilter($_POST['comment_expire_day'], true); $comment_expire_year = COM_applyFilter($_POST['comment_expire_year'], true); $comment_expire_hour = COM_applyFilter($_POST['comment_expire_hour'], true); $comment_expire_minute = COM_applyFilter($_POST['comment_expire_minute'], true); if ($comment_expire_ampm == 'pm') { if ($comment_expire_hour < 12) { $comment_expire_hour = $comment_expire_hour + 12; } } if ($comment_expire_ampm == 'am' and $comment_expire_hour == 12) { $comment_expire_hour = '00'; } } else { $comment_expire_month = 0; $comment_expire_day = 0; $comment_expire_year = 0; $comment_expire_hour = 0; $comment_expire_minute = 0; } $commentcode = COM_applyFilter($_POST['commentcode'], true); $trackbackcode = COM_applyFilter($_POST['trackbackcode'], true); $cache_time = COM_applyFilter($_POST['cache_time'], true); $meta_description = $_POST['meta_description']; $meta_description = addslashes(COM_checkHTML(COM_checkWords($meta_description))); $meta_keywords = $_POST['meta_keywords']; $meta_keywords = addslashes(COM_checkHTML(COM_checkWords($meta_keywords))); $language_id = COM_applyFilter($_POST['language_id']); $language_id = addslashes(COM_checkHTML(COM_checkWords($language_id))); $category = $_POST['category']; //@@@@@ $additionfields = $_POST['afield']; $additionfields_old = $_POST['afield']; $additionfields_fnm = $_POST['afield_fnm']; $additionfields_del = $_POST['afield_del']; $additionfields_alt = $_POST['afield_alt']; $additionfields_date = array(); $dummy = DATABOX_cleanaddtiondatas($additionfields, $addition_def, $additionfields_fnm, $additionfields_del, $additionfields_date, $additionfields_alt); // $owner_id = COM_applyFilter($_POST['owner_id'], true); $group_id = COM_applyFilter($_POST['group_id'], true); // $array['perm_owner'] = $_POST['perm_owner']; $array['perm_group'] = $_POST['perm_group']; $array['perm_members'] = $_POST['perm_members']; $array['perm_anon'] = $_POST['perm_anon']; if (is_array($array['perm_owner']) || is_array($array['perm_group']) || is_array($array['perm_members']) || is_array($array['perm_anon'])) { list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($array['perm_owner'], $array['perm_group'], $array['perm_members'], $array['perm_anon']); } else { $perm_owner = COM_applyBasicFilter($array['perm_owner'], true); $perm_group = COM_applyBasicFilter($array['perm_group'], true); $perm_members = COM_applyBasicFilter($array['perm_members'], true); $perm_anon = COM_applyBasicFilter($array['perm_anon'], true); } //編集日付 $modified_autoupdate = COM_applyFilter($_POST['modified_autoupdate'], true); if ($modified_autoupdate == 1) { //$udate = date('Ymd'); $modified_month = date('m'); $modified_day = date('d'); $modified_year = date('Y'); $modified_hour = date('H'); $modified_minute = date('i'); } else { $modified_month = COM_applyFilter($_POST['modified_month'], true); $modified_day = COM_applyFilter($_POST['modified_day'], true); $modified_year = COM_applyFilter($_POST['modified_year'], true); $modified_hour = COM_applyFilter($_POST['modified_hour'], true); $modified_minute = COM_applyFilter($_POST['modified_minute'], true); $modified_ampm = COM_applyFilter($_POST['modified_ampm']); if ($modified_ampm == 'pm') { if ($modified_hour < 12) { $modified_hour = $modified_hour + 12; } } if ($modified_ampm == 'am' and $modified_hour == 12) { $modified_hour = '00'; } } //公開日 $released_month = COM_applyFilter($_POST['released_month'], true); $released_day = COM_applyFilter($_POST['released_day'], true); $released_year = COM_applyFilter($_POST['released_year'], true); $released_hour = COM_applyFilter($_POST['released_hour'], true); $released_minute = COM_applyFilter($_POST['released_minute'], true); if ($released_ampm == 'pm') { if ($released_hour < 12) { $released_hour = $released_hour + 12; } } if ($released_ampm == 'am' and $released_hour == 12) { $released_hour = '00'; } //公開終了日 $expired_flag = COM_applyFilter($_POST['expired_flag'], true); if ($expired_flag) { $expired_month = COM_applyFilter($_POST['expired_month'], true); $expired_day = COM_applyFilter($_POST['expired_day'], true); $expired_year = COM_applyFilter($_POST['expired_year'], true); $expired_hour = COM_applyFilter($_POST['expired_hour'], true); $expired_minute = COM_applyFilter($_POST['expired_minute'], true); if ($expired_ampm == 'pm') { if ($expired_hour < 12) { $expired_hour = $expired_hour + 12; } } if ($expired_ampm == 'am' and $expired_hour == 12) { $expired_hour = '00'; } } else { $expired_month = 0; $expired_day = 0; $expired_year = 0; $expired_hour = 0; $expired_minute = 0; } $created = COM_applyFilter($_POST['created_un']); $orderno = mb_convert_kana($_POST['orderno'], "a"); //全角英数字を半角英数字に変換する $orderno = COM_applyFilter($orderno, true); //$name = mb_convert_kana($name,"AKV"); //A:半角英数字を全角英数字に変換する //K:半角カタカナを全角カタカナに変換する //V:濁点つきの文字を1文字に変換する (K、H と共に利用する) //$name = str_replace ("'", "’",$name); //$code = mb_convert_kana($code,"a");//全角英数字を半角英数字に変換する //----- $type = 1; $uuid = $_USER['uid']; // CHECK はじめ $err = ""; //id if ($id == 0) { //$err.=$LANG_USERBOX_ADMIN['err_uid']."<br {XHTML}>".LB; } else { if (!is_numeric($id)) { $err .= $LANG_USERBOX_ADMIN['err_id'] . "<br {XHTML}>" . LB; } } //文字数制限チェック if (mb_strlen($description, 'UTF-8') > $_USERBOX_CONF['maxlength_description']) { $err .= $LANG_USERBOX_ADMIN['description'] . $_USERBOX_CONF['maxlength_description'] . $LANG_USERBOX_ADMIN['err_maxlength'] . "<br/>" . LB; } if (mb_strlen($meta_description, 'UTF-8') > $_USERBOX_CONF['maxlength_meta_description']) { $err .= $LANG_USERBOX_ADMIN['meta_description'] . $_USERBOX_CONF['maxlength_meta_description'] . $LANG_USERBOX_ADMIN['err_maxlength'] . "<br/>" . LB; } if (mb_strlen($meta_keywords, 'UTF-8') > $_USERBOX_CONF['maxlength_meta_keywords']) { $err .= $LANG_USERBOX_ADMIN['meta_keywords'] . $_USERBOX_CONF['maxlength_meta_keywords'] . $LANG_USERBOX_ADMIN['err_maxlength'] . "<br/>" . LB; } //----追加項目チェック $err .= DATABOX_checkaddtiondatas($additionfields, $addition_def, $pi_name, $additionfields_fnm, $additionfields_del, $additionfields_alt); //編集日付 $modified = $modified_year . "-" . $modified_month . "-" . $modified_day; if (checkdate($modified_month, $modified_day, $modified_year) == false) { $err .= $LANG_USERBOX_ADMIN['err_modified'] . "<br {XHTML}>" . LB; } $modified = COM_convertDate2Timestamp($modified_year . "-" . $modified_month . "-" . $modified_day, $modified_hour . ":" . $modified_minute . "::00"); //公開日 $released = $released_year . "-" . $released_month . "-" . $released_day; if (checkdate($released_month, $released_day, $released_year) == false) { $err .= $LANG_USERBOX_ADMIN['err_released'] . "<br {XHTML}>" . LB; } $released = COM_convertDate2Timestamp($released_year . "-" . $released_month . "-" . $released_day, $released_hour . ":" . $released_minute . "::00"); //コメント受付終了日時 if ($comment_expire_flag) { if (checkdate($comment_expire_month, $comment_expire_day, $comment_expire_year) == false) { $err .= $LANG_USERBOX_ADMIN['err_comment_expire'] . "<br {XHTML}>" . LB; } $comment_expire = COM_convertDate2Timestamp($comment_expire_year . "-" . $comment_expire_month . "-" . $comment_expire_day, $comment_expire_hour . ":" . $comment_expire_minute . "::00"); } else { $comment_expire = '0000-00-00 00:00:00'; //$comment_expire=""; } //公開終了日 if ($expired_flag) { if (checkdate($expired_month, $expired_day, $expired_year) == false) { $err .= $LANG_USERBOX_ADMIN['err_expired'] . "<br {XHTML}>" . LB; } $expired = COM_convertDate2Timestamp($expired_year . "-" . $expired_month . "-" . $expired_day, $expired_hour . ":" . $expired_minute . "::00"); if ($expired < $released) { $err .= $LANG_USERBOX_ADMIN['err_expired'] . "<br {XHTML}>" . LB; } } else { $expired = '0000-00-00 00:00:00'; //$expired=""; } //errorのあるとき if ($err != "") { $retval['title'] = $LANG_USERBOX_ADMIN['piname'] . $LANG_USERBOX_ADMIN['edit']; $retval['display'] = fncEdit($id, $edt_flg, 3, $err); return $retval; } // CHECK おわり if ($id == 0) { $w = DB_getItem($_TABLES['USERBOX_base'], "max(id)", "1=1"); if ($w == "") { $w = 0; } $id = $w + 1; $created_month = date('m'); $created_day = date('d'); $created_year = date('Y'); $created_hour = date('H'); $created_minute = date('i'); $created = COM_convertDate2Timestamp($created_year . "-" . $created_month . "-" . $created_day, $created_hour . ":" . $created_minute . "::00"); } $hits = 0; $comments = 0; $fields = "id"; $values = "{$id}"; $fields .= ",page_title"; // $values .= ",'{$page_title}'"; $fields .= ",description"; // $values .= ",'{$description}'"; $fields .= ",defaulttemplatesdirectory"; // $values .= ",'{$defaulttemplatesdirectory}'"; //$fields.=",hits";// //$values.=",$hits"; $fields .= ",comments"; // $values .= ",{$comments}"; $fields .= ",meta_description"; // $values .= ",'{$meta_description}'"; $fields .= ",meta_keywords"; // $values .= ",'{$meta_keywords}'"; $fields .= ",commentcode"; // $values .= ",{$commentcode}"; $fields .= ",trackbackcode"; // $values .= ",{$trackbackcode}"; $fields .= ",cache_time"; // $values .= ",{$cache_time}"; $fields .= ",comment_expire"; // if ($comment_expire == '0000-00-00 00:00:00') { $values .= ",'{$comment_expire}'"; } else { $values .= ",FROM_UNIXTIME('{$comment_expire}')"; } $fields .= ",language_id"; // $values .= ",'{$language_id}'"; $fields .= ",owner_id"; $values .= ",{$owner_id}"; $fields .= ",group_id"; $values .= ",{$group_id}"; $fields .= ",perm_owner"; $values .= ",{$perm_owner}"; $fields .= ",perm_group"; $values .= ",{$perm_group}"; $fields .= ",perm_members"; $values .= ",{$perm_members}"; $fields .= ",perm_anon"; $values .= ",{$perm_anon}"; $fields .= ",modified"; $values .= ",FROM_UNIXTIME('{$modified}')"; if ($created != "") { $fields .= ",created"; $values .= ",FROM_UNIXTIME('{$created}')"; } $fields .= ",expired"; if ($expired == '0000-00-00 00:00:00') { $values .= ",'{$expired}'"; } else { $values .= ",FROM_UNIXTIME('{$expired}')"; } $fields .= ",released"; $values .= ",FROM_UNIXTIME('{$released}')"; $fields .= ",orderno"; // $values .= ",{$orderno}"; $fields .= ",fieldset_id"; // $values .= ",{$fieldset_id}"; $fields .= ",uuid"; $values .= ",{$uuid}"; $fields .= ",draft_flag"; $values .= ",{$draft_flag}"; DB_save($_TABLES['USERBOX_base'], $fields, $values); //カテゴリ $rt = DATABOX_savecategorydatas($id, $category, $pi_name); //追加項目 DATABOX_uploadaddtiondatas($additionfields, $addition_def, $pi_name, $id, $additionfields_fnm, $additionfields_del, $additionfields_old, $additionfields_alt); $rt = DATABOX_saveaddtiondatas($id, $additionfields, $addition_def, $pi_name); //user (コアのテーブル) //kokoka $sql = "UPDATE " . $_TABLES['users'] . " SET "; $sql .= " fullname ='" . $fullname . "'"; $sql .= " WHERE uid=" . $id; DB_query($sql); $rt = fncsendmail('data', $id); $cacheInstance = 'userbox__' . $id . '__'; CACHE_remove_instance($cacheInstance); //exit;// debug 用 // if ($edt_flg){ // $return_page=$_CONF['site_url'] . "/".THIS_SCRIPT; // $return_page.="?id=".$id; // }else{ // $return_page=$_CONF['site_admin_url'] . '/plugins/'.THIS_SCRIPT.'?msg=1'; // } // return COM_refresh ($return_page); if ($_USERBOX_CONF['aftersave_admin'] === 'no') { $retval['title'] = $LANG_USERBOX_ADMIN['piname'] . $LANG_USERBOX_ADMIN['edit']; $retval['display'] .= fncEdit($id, $edt_flg, 1, ""); return $retval; } else { if ($_USERBOX_CONF['aftersave_admin'] === 'list') { $url = $_CONF['site_admin_url'] . "/plugins/{$pi_name}/profile.php"; $item_url = COM_buildURL($url); $target = 'item'; } else { $url = $_CONF['site_url'] . "/userbox/profile.php"; $url .= "?"; //コード使用の時 if ($_USERBOX_CONF['datacode']) { $url .= "code=" . $username; $url .= "&m=code"; } else { $url .= "id=" . $id; $url .= "&m=id"; } $item_url = COM_buildUrl($url); $target = $_USERBOX_CONF['aftersave_admin']; } } $return_page = PLG_afterSaveSwitch($target, $item_url, 'userbox', 1); echo $return_page; exit; }
function fncdatetime() { global $_TABLES; global $LANG_PROFILE_ADMIN; $datetime_year = COM_applyFilter($_POST['datetime_year'], true); $datetime_month = COM_applyFilter($_POST['datetime_month'], true); $datetime_day = COM_applyFilter($_POST['datetime_day'], true); $datetime_hour = COM_applyFilter($_POST['datetime_hour'], true); $datetime_minute = COM_applyFilter($_POST['datetime_minute'], true); $w = COM_convertDate2Timestamp($datetime_year . "-" . $datetime_month . "-" . $datetime_day, $datetime_hour . ":" . $datetime_minute . "::00"); DB_query("UPDATE {$_TABLES['vars']} SET value = '{$w}' WHERE name = 'last_scheduled_run'"); return; }
function fncEdit($id, $edt_flg, $msg = '', $errmsg = "", $mode = "edit") { $pi_name = "userbox"; global $_CONF; global $_TABLES; global $LANG_ADMIN; global $MESSAGE; global $LANG_ACCESS; global $_USER; global $LANG28; global $_SCRIPTS; global $_USERBOX_CONF; global $LANG_USERBOX_ADMIN; $retval = ''; $delflg = false; $addition_def = DATABOX_getadditiondef($pi_name); //メッセージ表示 if (!empty($msg)) { $retval .= COM_showMessage($msg, $pi_name); $retval .= $errmsg; // clean 'em up $code = COM_applyFilter($_POST['code']); $title = COM_applyFilter($_POST['title']); $username = COM_applyFilter($_POST['username']); //@@@@@ $fullname = COM_applyFilter($_POST['fullname']); //@@@@@ $page_title = COM_applyFilter($_POST['page_title']); $description = $_POST['description']; //COM_applyFilter($_POST['description']); $draft_flag = COM_applyFilter($_POST['draft_flag'], true); $language_id = COM_applyFilter($_POST['language_id']); $category = $_POST['category']; $additionfields = $_POST['afield']; $additionfields_fnm = $_POST['afield_fnm']; //@@@@@ $additionfields_del = $_POST['afield_del']; $additionfields_date = array(); $additionfields_alt = $_POST['afield_alt']; $additionfields = DATABOX_cleanaddtiondatas($additionfields, $addition_def, $additionfields_fnm, $additionfields_del, $additionfields_date, $additionfields_alt, false); //作成日付 $created_month = COM_applyFilter($_POST['created_month'], true); $created_day = COM_applyFilter($_POST['created_day'], true); $created_year = COM_applyFilter($_POST['created_year'], true); $created_hour = COM_applyFilter($_POST['created_hour'], true); $created_minute = COM_applyFilter($_POST['created_minute'], true); $created = COM_applyFilter($_POST['created']); $orderno = COM_applyFilter($_POST['orderno']); $uuid = $_USER['uid']; $udatetime = COM_applyFilter($_POST['udatetime']); //""; $fieldset_id = COM_applyFilter($_POST['fieldset'], true); //""; $fieldset_name = COM_applyFilter($_POST['fieldset_name']); //""; } else { $sql = "SELECT "; $sql .= " t.*"; $sql .= " ,t2.name AS fieldset_name" . LB; $sql .= " ,UNIX_TIMESTAMP(t.modified) AS modified_un" . LB; $sql .= " ,UNIX_TIMESTAMP(t.released) AS released_un" . LB; $sql .= " ,UNIX_TIMESTAMP(t.comment_expire) AS comment_expire_un" . LB; $sql .= " ,UNIX_TIMESTAMP(t.expired) AS expired_un" . LB; $sql .= " ,UNIX_TIMESTAMP(t.udatetime) AS udatetime_un" . LB; $sql .= " ,UNIX_TIMESTAMP(t.created) AS created_un" . LB; $sql .= " ,t1.username"; $sql .= " ,t1.fullname"; $sql .= " ,unix_timestamp(modified) AS modified_u "; $sql .= " FROM "; $sql .= $_TABLES['USERBOX_base'] . " AS t"; $sql .= "," . $_TABLES['users'] . " AS t1"; $sql .= "," . $_TABLES['USERBOX_def_fieldset'] . " AS t2 " . LB; $sql .= " WHERE "; $sql .= " t.id = {$id}"; $sql .= " AND t.id = t1.uid"; $sql .= " AND t.fieldset_id = t2.fieldset_id" . LB; $result = DB_query($sql); $A = DB_fetchArray($result); $fieldset_id = COM_stripslashes($A['fieldset_id']); $fieldset_name = COM_stripslashes($A['fieldset_name']); $code = COM_stripslashes($A['code']); $title = COM_stripslashes($A['title']); $username = COM_stripslashes($A['username']); //@@@@@ $fullname = COM_stripslashes($A['fullname']); //@@@@@ $page_title = COM_stripslashes($A['page_title']); $description = COM_stripslashes($A['description']); $language_id = COM_stripslashes($A['language_id']); $owner_id = COM_stripslashes($A['owner_id']); $group_id = COM_stripslashes($A['group_id']); $perm_owner = COM_stripslashes($A['perm_owner']); $perm_group = COM_stripslashes($A['perm_group']); $perm_members = COM_stripslashes($A['perm_members']); $perm_anon = COM_stripslashes($A['perm_anon']); $category = DATABOX_getdatas("category_id", $_TABLES['USERBOX_category'], "id = {$id}"); //追加項目 $additionfields = DATABOX_getadditiondatas($id, $pi_name); $additionfields_fnm = array(); //@@@@@ $additionfields_del = array(); $additionfields_date = ""; $draft_flag = COM_stripslashes($A['draft_flag']); //編集日 $wary = COM_getUserDateTimeFormat(COM_stripslashes($A['modified_un'])); $modified = $wary[1]; $modified_month = date('m', $modified); $modified_day = date('d', $modified); $modified_year = date('Y', $modified); $modified_hour = date('H', $modified); $modified_minute = date('i', $modified); //公開日 $wary = COM_getUserDateTimeFormat(COM_stripslashes($A['released_un'])); $released = $wary[1]; $released_month = date('m', $released); $released_day = date('d', $released); $released_year = date('Y', $released); $released_hour = date('H', $released); $released_minute = date('i', $released); //公開終了日 $expired = COM_stripslashes($A['expired']); if ($expired === "0000-00-00 00:00:00") { $expired_flag = 0; $w = mktime(0, 0, 0, date('m'), date('d') + $_CONF['article_comment_close_days'], date('Y')); $expired_year = date('Y', $w); $expired_month = date('m', $w); $expired_day = date('d', $w); $expired_hour = 0; $expired_minute = 0; } else { $expired_flag = 1; $wary = COM_getUserDateTimeFormat(COM_stripslashes($A['expired_un'])); $expired = $wary[1]; $expired_year = date('Y', $expired); $expired_month = date('m', $expired); $expired_day = date('d', $expired); $expired_hour = date('H', $expired); $expired_minute = date('i', $expired); } //作成日付 $wary = COM_getUserDateTimeFormat(COM_stripslashes($A['created_un'])); $created = $wary[0]; $created_un = $wary[1]; $orderno = COM_stripslashes($A['orderno']); $uuid = COM_stripslashes($A['uuid']); $wary = COM_getUserDateTimeFormat(COM_stripslashes($A['udatetime_un'])); $udatetime = $wary[0]; $defaulttemplatesdirectory = $A['defaulttemplatesdirectory']; if ($_CONF['allow_account_delete']) { if ($edt_flg == FALSE) { $delflg = true; } } } $chk_user = DATABOX_chkuser($group_id, $owner_id, "userbox.admin"); //----- $retval .= COM_startBlock($LANG_USERBOX_ADMIN['edit'], '', COM_getBlockTemplate('_admin_block', 'header')); //template フォルダ if (is_null($template) or $template === "") { $set_defaulttemplatesdirectory = DB_getItem($_TABLES['USERBOX_def_fieldset'], "defaulttemplatesdirectory", "fieldset_id=" . $fieldset_id); if ($defaulttemplatesdirectory != "") { $template = $defaulttemplatesdirectory; } elseif ($set_defaulttemplatesdirectory != "") { $template = $set_defaulttemplatesdirectory; } else { $template = "default"; } } $tmplfld = DATABOX_templatePath('myprofile', 'default', $pi_name); $templates = new Template($tmplfld); $templates->set_file(array('editor' => 'profile_editor.thtml', 'row' => 'row.thtml', 'col' => "profile_col_detail.thtml")); // Loads jQuery UI datepicker geeklog >=2.1.0 $_SCRIPTS->setJavaScriptLibrary('jquery.ui.datepicker'); $_SCRIPTS->setJavaScriptLibrary('jquery-ui-i18n'); $_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon'); $_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon-i18n'); $_SCRIPTS->setJavaScriptFile('datepicker', '/javascript/datepicker.js'); $_SCRIPTS->setJavaScriptFile('datetimepicker', '/javascript/datetimepicker.js'); $langCode = COM_getLangIso639Code(); $toolTip = $MESSAGE[118]; $imgUrl = $_CONF['site_url'] . '/images/calendar.png'; //-- if ($_CONF['meta_tags'] > 0 && $_USERBOX_CONF['meta_tags'] > 0) { $templates->set_var('hide_meta', ''); } else { $templates->set_var('hide_meta', ' style="display:none;"'); } $templates->set_var('maxlength_description', $_USERBOX_CONF['maxlength_description']); $templates->set_var('about_thispage', $LANG_USERBOX_ADMIN['about_myprofile_profile']); $templates->set_var('lang_must', $LANG_USERBOX_ADMIN['must']); $templates->set_var('site_url', $_CONF['site_url']); $templates->set_var('site_admin_url', $_CONF['site_admin_url']); $templates->set_var('lang_view', $LANG_USERBOX_ADMIN['view']); $token = SEC_createToken(); $retval .= SEC_getTokenExpiryNotice($token); $templates->set_var('gltoken_name', CSRF_TOKEN); $templates->set_var('gltoken', $token); $templates->set_var('xhtml', XHTML); $templates->set_var('script', THIS_SCRIPT); $templates->set_var('dateformat', $_USERBOX_CONF['dateformat']); // $templates->set_var('lang_link_admin', $LANG_USERBOX_ADMIN['link_admin']); $templates->set_var('lang_link_admin_top', $LANG_USERBOX_ADMIN['link_admin_top']); $templates->set_var('lang_link_public', $LANG_USERBOX_ADMIN['link_public']); $templates->set_var('lang_link_list', $LANG_USERBOX_ADMIN['link_list']); $templates->set_var('lang_link_detail', $LANG_USERBOX_ADMIN['link_detail']); //fieldset_id $templates->set_var('lang_fieldset', $LANG_USERBOX_ADMIN['fieldset']); $templates->set_var('fieldset_id', $fieldset_id); $templates->set_var('fieldset_name', $fieldset_name); //id $templates->set_var('lang_id', $LANG_USERBOX_ADMIN['id']); //@@@@@ $templates->set_var('help_id', $LANG_USERBOX_ADMIN['help']); $templates->set_var('id', $id); //$LANG28 = array( // 2 => 'ユーザID', // 3 => 'ユーザ名', username // 4 => '氏名', fullname $templates->set_var('lang_uid', $LANG28['2']); $templates->set_var('lang_username', $LANG28['3']); $templates->set_var('username', $username); $templates->set_var('lang_fullname', $LANG28['4']); $templates->set_var('fullname', $fullname); //下書 $templates->set_var('lang_draft', $LANG_USERBOX_ADMIN['draft']); if ($draft_flag == 1) { $templates->set_var('draft_flag', "checked=checked"); $templates->set_var('draft_msg', $LANG_USERBOX_ADMIN['draft_msg']); } else { $templates->set_var('draft_flag', ""); $templates->set_var('draft_msg', ""); } // $templates->set_var('lang_field', $LANG_USERBOX_ADMIN['field']); $templates->set_var('lang_fields', $LANG_USERBOX_ADMIN['fields']); $templates->set_var('lang_content', $LANG_USERBOX_ADMIN['content']); $templates->set_var('lang_templatesetvar', $LANG_USERBOX_ADMIN['templatesetvar']); //基本項目 $templates->set_var('lang_basicfields', $LANG_USERBOX_ADMIN['basicfields']); //コード&タイトル&説明&テンプレートセット値 $templates->set_var('lang_code', $LANG_USERBOX_ADMIN['code']); if ($_USERBOX_CONF['datacode']) { $templates->set_var('lang_must_code', $LANG_USERBOX_ADMIN['must']); } else { $templates->set_var('lang_must_code', ""); } $templates->set_var('code', $code); $templates->set_var('lang_title', $LANG_USERBOX_ADMIN['title']); $templates->set_var('title', $title); $templates->set_var('lang_page_title', $LANG_USERBOX_ADMIN['page_title']); $templates->set_var('page_title', $page_title); $templates->set_var('lang_description', $LANG_USERBOX_ADMIN['description']); $templates->set_var('description', $description); //language_id if (is_array($_CONF['languages'])) { $templates->set_var('hide_language_id', ''); $select_language_id = DATABOX_getoptionlist("language_id", $language_id, 0, $pi_name, "", 0); } else { $templates->set_var('hide_language_id', ' style="display:none;"'); $select_language_id = ""; } $templates->set_var('lang_language_id', $LANG_USERBOX_ADMIN['language_id']); $templates->set_var('language_id', $language_id); $templates->set_var('select_language_id', $select_language_id); //@@@@@ //編集日 $templates->set_var('lang_modified_autoupdate', $LANG_USERBOX_ADMIN['modified_autoupdate']); $templates->set_var('lang_modified', $LANG_USERBOX_ADMIN['modified']); $w = COM_convertDate2Timestamp($modified_year . "-" . $modified_month . "-" . $modified_day, $modified_hour . ":" . $modified_minute . "::00"); $datetime_modified = DATABOX_datetimeedit($w, "LANG_DATABOX_ADMIN", "modified"); $templates->set_var('datetime_modified', $datetime_modified); //カテゴリ $templates->set_var('lang_category', $LANG_USERBOX_ADMIN['category']); $checklist_category = DATABOX_getcategoriesinp($category, $fieldset_id, $pi_name); $templates->set_var('checklist_category', $checklist_category); //追加項目 $templates->set_var('lang_additionfields', $LANG_USERBOX_ADMIN['additionfields']); $rt = DATABOX_getaddtionfieldsEdit($additionfields, $addition_def, $templates, $chk_user, $pi_name, $additionfields_fnm, $additionfields_del, $fieldset_id, $additionfields_date); //保存日時 $templates->set_var('lang_udatetime', $LANG_USERBOX_ADMIN['udatetime']); $templates->set_var('udatetime', $udatetime); $templates->set_var('lang_uuid', $LANG_USERBOX_ADMIN['uuid']); $templates->set_var('uuid', $uuid); //作成日付 $templates->set_var('lang_created', $LANG_USERBOX_ADMIN['created']); $templates->set_var('created', $created); // SAVE、CANCEL ボタン $templates->set_var('lang_save', $LANG_ADMIN['save']); $templates->set_var('lang_cancel', $LANG_ADMIN['cancel']); $templates->set_var('lang_preview', $LANG_ADMIN['preview']); //delete_option if ($delflg) { $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s>'; $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; $templates->set_var('delete_option', sprintf($delbutton, $jsconfirm)); } // $templates->parse('output', 'editor'); $retval .= $templates->finish($templates->get_var('output')); $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')); return $retval; }
function fncSave($edt_flg, $navbarMenu, $menuno, $template) { $pi_name = "databox"; global $_CONF; global $LANG_DATABOX_ADMIN; global $_TABLES; global $_USER; global $_DATABOX_CONF; global $LANG_DATABOX_user_menu; $addition_def = DATABOX_getadditiondef(); $retval = ''; // clean 'em up $id = COM_applyFilter($_POST['id'], true); if ($id == 0) { $new_flg = true; } else { $new_flg = false; } $fieldset_id = COM_applyFilter($_POST['fieldset'], true); $code = COM_applyFilter($_POST['code']); $code = addslashes(COM_checkHTML(COM_checkWords($code))); $title = COM_stripslashes($_POST['title']); $title = addslashes(COM_checkHTML(COM_checkWords($title))); $page_title = COM_applyFilter($_POST['page_title']); $page_title = addslashes(COM_checkHTML(COM_checkWords($page_title))); $description = $_POST['description']; //COM_applyFilter($_POST['description']); $description = addslashes(COM_checkHTML(COM_checkWords($description))); $language_id = COM_applyFilter($_POST['language_id']); $language_id = addslashes(COM_checkHTML(COM_checkWords($language_id))); $category = $_POST['category']; //@@@@@ $additionfields = $_POST['afield']; $additionfields_old = $_POST['afield']; $additionfields_fnm = $_POST['afield_fnm']; $additionfields_del = $_POST['afield_del']; $additionfields_alt = $_POST['afield_alt']; $additionfields_date = array(); $additionfields = DATABOX_cleanaddtiondatas($additionfields, $addition_def, $additionfields_fnm, $additionfields_del, $additionfields_date, $additionfields_alt); // $hits =0; // $comments=0; $old_mode = COM_applyFilter($_POST['old_mode']); $old_mode = addslashes(COM_checkHTML(COM_checkWords($old_mode))); //----- $type = 1; $uuid = $_USER['uid']; // CHECK はじめ $err = ""; //id if ($id == 0) { //$err.=$LANG_DATABOX_ADMIN['err_uid']."<br/>".LB; } else { if (!is_numeric($id)) { $err .= $LANG_DATABOX_ADMIN['err_id'] . "<br/>" . LB; } } //タイトル必須 if (empty($title)) { $err .= $LANG_DATABOX_ADMIN['err_title'] . "<br/>" . LB; } //文字数制限チェック if (mb_strlen($description, 'UTF-8') > $_DATABOX_CONF['maxlength_description']) { $err .= $LANG_DATABOX_ADMIN['description'] . $_DATABOX_CONF['maxlength_description'] . $LANG_DATABOX_ADMIN['err_maxlength'] . "<br/>" . LB; } //----追加項目チェック $err .= DATABOX_checkaddtiondatas($additionfields, $addition_def, $pi_name, $additionfields_fnm, $additionfields_del, $additionfields_alt); //errorのあるとき if ($err != "") { $retval['title'] = $LANG_DATABOX_ADMIN['piname'] . $LANG_DATABOX_ADMIN['edit']; $retval['display'] = fncEdit($id, $edt_flg, 3, $err, "edit", $fieldset_id, $template, $old_mode); return $retval; } // CHECK おわり //----- // 新規登録時 if ($new_flg) { $w = DB_getItem($_TABLES['DATABOX_base'], "max(id)", "1=1"); if ($w == "") { $w = 0; } $id = $w + 1; } $fields = LB . "id"; $values = LB . "{$id}"; if ($new_flg) { if ($_DATABOX_CONF['datacode']) { $code = "000000" . date(Ymdhis); } $created = COM_convertDate2Timestamp(date("Y-m-d"), date("H:i::00")); $modified = $created; $released = $created; $commentcode = $_DATABOX_CONF['commentcode']; $trackbackcode = $_CONF[trackback_code]; $comment_expire = '0000-00-00 00:00:00'; $expired = '0000-00-00 00:00:00'; // $defaulttemplatesdirectory = null; $draft_flag = $_DATABOX_CONF['user_draft_default']; $draft_flag = $_DATABOX_CONF['user_draft_default']; //--- $meta_description = ""; $meta_keywords = ""; $owner_id = $_USER['uid']; $group_id = SEC_getFeatureGroup('databox.admin', $_USER['uid']); $array = array(); SEC_setDefaultPermissions($array, $_DATABOX_CONF['default_permissions']); $perm_owner = $array['perm_owner']; $perm_group = $array['perm_group']; $perm_anon = $array['perm_anon']; $perm_members = $array['perm_members']; $draft_flag = $_DATABOX_CONF['user_draft_default']; $cache_time = $_DATABOX_CONF['default_cache_time']; //----- $fields .= ",defaulttemplatesdirectory"; // $values .= ",'{$defaulttemplatesdirectory}'"; $fields .= ",draft_flag"; $values .= ",{$draft_flag}"; $fields .= ",cache_time"; $values .= ",{$cache_time}"; $fields .= ",meta_description"; // $values .= ",'{$meta_description}'"; $fields .= ",meta_keywords"; // $values .= ",'{$meta_keywords}'"; $fields .= ",commentcode"; // $values .= ",{$commentcode}"; $fields .= ",trackbackcode"; // $values .= ",{$trackbackcode}"; $fields .= ",comment_expire"; // if ($comment_expire == '0000-00-00 00:00:00') { $values .= ",'{$comment_expire}'"; } else { $values .= ",FROM_UNIXTIME('{$comment_expire}')"; } $fields .= ",language_id"; // $values .= ",'{$language_id}'"; $fields .= ",owner_id"; $values .= ",{$owner_id}"; $fields .= ",group_id"; $values .= ",{$group_id}"; $fields .= ",perm_owner"; $values .= ",{$perm_owner}"; $fields .= ",perm_group"; $values .= ",{$perm_group}"; $fields .= ",perm_members"; $values .= ",{$perm_members}"; $fields .= ",perm_anon"; $values .= ",{$perm_anon}"; $fields .= ",modified"; $values .= ",FROM_UNIXTIME('{$modified}')"; $fields .= ",created"; $values .= ",FROM_UNIXTIME('{$created}')"; $fields .= ",expired"; if ($expired == '0000-00-00 00:00:00') { $values .= ",'{$expired}'"; } else { $values .= ",FROM_UNIXTIME('{$expired}')"; } $fields .= ",released"; $values .= ",FROM_UNIXTIME('{$released}')"; $hits = 0; $comments = 0; $fields .= ",code"; $values .= ",'{$code}'"; $fields .= ",title"; // $values .= ",'{$title}'"; $fields .= ",page_title"; // $values .= ",'{$page_title}'"; $fields .= ",description"; // $values .= ",'{$description}'"; // $fields.=",hits";// // $values.=",$hits"; $fields .= ",comments"; // $values .= ",{$comments}"; $fields .= ",fieldset_id"; // $values .= ",{$fieldset_id}"; $fields .= ",uuid"; $values .= ",{$uuid}"; if ($edt_flg) { $return_page = $_CONF['site_url'] . "/" . THIS_SCRIPT; $return_page .= "?id=" . $id; } else { $return_page = $_CONF['site_url'] . '/' . THIS_SCRIPT . '?msg=1'; } DB_save($_TABLES['DATABOX_base'], $fields, $values); } else { $sql = "UPDATE {$_TABLES['DATABOX_base']} set "; $sql .= " title = '{$title}'"; $sql .= " ,page_title = '{$page_title}'"; $sql .= " ,description = '{$description}'"; $sql .= " ,language_id = '{$language_id}'"; $sql .= " ,modified = FROM_UNIXTIME('{$modified}')"; $sql .= ",uuid='{$uuid}' WHERE id={$id}"; DB_query($sql); } //カテゴリ //$rt=DATABOX_savedatas("category_id",$_TABLES['DATABOX_category'],$id,$category); $rt = DATABOX_savecategorydatas($id, $category); //追加項目 if ($old_mode == "copy") { DATABOX_uploadaddtiondatas_cpy($additionfields, $addition_def, $pi_name, $id, $additionfields_fnm, $additionfields_del, $additionfields_old, $additionfields_alt); } else { DATABOX_uploadaddtiondatas($additionfields, $addition_def, $pi_name, $id, $additionfields_fnm, $additionfields_del, $additionfields_old, $additionfields_alt); } if ($new_flg) { $rt = DATABOX_saveaddtiondatas($id, $additionfields, $addition_def, $pi_name); } else { $rt = DATABOX_saveaddtiondatas_update($id, $additionfields, $addition_def, $pi_name); } $rt = fncsendmail('data', $id); $cacheInstance = 'databox__' . $id . '__'; CACHE_remove_instance($cacheInstance); //exit;//@@@@@debug 用 if ($_DATABOX_CONF['aftersave'] === 'no') { $retval['title'] = $LANG_DATABOX_ADMIN['piname'] . $LANG_DATABOX_ADMIN['edit']; $retval['display'] .= fncEdit($id, $edt_flg, 1, $err, "edit", $fieldset_id, $template); return $retval; } else { if ($_DATABOX_CONF['aftersave'] === 'list' or $_DATABOX_CONF['aftersave'] === 'admin') { $url = $_CONF['site_url'] . "/databox/mydata/data.php"; $item_url = COM_buildURL($url); $target = 'item'; } else { $url = $_CONF['site_url'] . "/databox/data.php"; $url .= "?"; //コード使用の時 if ($_DATABOX_CONF['datacode']) { $url .= "code=" . $code; $url .= "&m=code"; } else { $url .= "id=" . $id; $url .= "&m=id"; } $item_url = COM_buildUrl($url); $target = $_DATABOX_CONF['aftersave_admin']; } } $return_page = PLG_afterSaveSwitch($target, $item_url, $pi_name, 1); echo $return_page; exit; }
function fncSave($mode) { global $_CONF; global $LANG_ASSIST_ADMIN; global $_TABLES; $retval = ''; //------------------ $fary = array(); $fary[] = array('name' => 'fromname', 'reserv' => 'fn'); //@@ $fary[] = array('name' => 'replyto', 'reserv' => 'rt'); $fary[] = array('name' => 'sprefix', 'reserv' => 'sp'); $fary[] = array('name' => 'sid', 'reserv' => 'si'); $fary[] = array('name' => 'testto'); $fary[] = array('name' => 'uidfrom', 'reserv' => 'uf'); $fary[] = array('name' => 'uidto', 'reserv' => 'ut'); ///@@@@@ 20111220 delete $fary[]=array('name' =>'last_schedule' ); $fary[] = array('name' => 'introbody', 'reserv' => 'ib'); //@@ $fary[] = array('name' => 'overstyr', 'reserv' => 'os'); //@@ $fary[] = array('name' => 'toenv', 'reserv' => 'te'); //@@ $fary[] = array('name' => 'selectgroup', 'reserv' => 'sg'); //@@ $fary[] = array('name' => 'bulkmm', 'reserv' => 'bm'); //@@ $fary[] = array('name' => 'bulkcnt', 'reserv' => 'bc'); //@@ //------------------ // clean 'em up $fromname = COM_applyFilter($_POST['fromname']); $fromname = addslashes(COM_checkHTML(COM_checkWords($fromname))); $replyto = COM_applyFilter($_POST['replyto']); $replyto = addslashes(COM_checkHTML(COM_checkWords($replyto))); //-- $sprefix = COM_applyFilter($_POST['sprefix']); $sprefix = addslashes(COM_checkHTML(COM_checkWords($sprefix))); $sid = COM_applyFilter($_POST['sid']); $sid = addslashes(COM_checkHTML(COM_checkWords($sid))); $testto = COM_applyFilter($_POST['testto']); $testto = addslashes(COM_checkHTML(COM_checkWords($testto))); $uidfrom = COM_applyFilter($_POST['uidfrom'], true); $uidfrom = addslashes(COM_checkHTML(COM_checkWords($uidfrom))); $uidto = COM_applyFilter($_POST['uidto'], true); $uidto = addslashes(COM_checkHTML(COM_checkWords($uidto))); // hiroron start 2010/07/13 $dt_year = COM_applyFilter($_POST['datetime_year'], true); $dt_month = COM_applyFilter($_POST['datetime_month'], true); $dt_day = COM_applyFilter($_POST['datetime_day'], true); $dt_hour = COM_applyFilter($_POST['datetime_hour'], true); $dt_minute = COM_applyFilter($_POST['datetime_minute'], true); // hiroron end 2010/07/13 $dt = COM_convertDate2Timestamp($dt_year . '-' . $dt_month . '-' . $dt_day, $dt_hour . ':' . $dt_minute . ':00'); $uidto = COM_applyFilter($_POST['uidto'], true); $uidto = addslashes(COM_checkHTML(COM_checkWords($uidto))); // 冒頭文 本文 introbody $introbody = COM_applyFilter($_POST['introbody'], true); $introbody = addslashes(COM_checkHTML(COM_checkWords($introbody))); // ユーザの受信許可設定を無視して送る $overstyr = COM_applyFilter($_POST['overstyr'], true); $overstyr = addslashes(COM_checkHTML(COM_checkWords($overstyr))); //送信先環境 $toenv = COM_applyFilter($_POST['toenv'], true); $toenv = addslashes(COM_checkHTML(COM_checkWords($toenv))); //送信先グループ $selectgroup = COM_applyFilter($_POST['selectgroup'], true); $selectgroup = addslashes(COM_checkHTML(COM_checkWords($selectgroup))); //一括予約 $bulkmm = COM_applyFilter($_POST['bulkmm'], true); $bulkmm = addslashes(COM_checkHTML(COM_checkWords($bulkmm))); $bulkcnt = COM_applyFilter($_POST['bulkcnt'], true); $bulkcnt = addslashes(COM_checkHTML(COM_checkWords($bulkcnt))); // CHECK はじめ $err = ""; //差出人必須 if (empty($fromname)) { $err .= $LANG_ASSIST_ADMIN['err_fromname'] . "<br/>" . LB; } if (COM_isEmail($replyto) == false) { $err .= $LANG_ASSIST_ADMIN['err_replyto'] . "<br/>" . LB; } //差出人必須 // hiroron start 2010/07/13 // if ($mode==="test" OR $mode==="send"){ if ($mode === "test" or $mode === "send" or $mode === "reserv") { // hiroron end 2010/07/13 if ($sid == "") { $err .= $LANG_ASSIST_ADMIN['err_sid'] . "<br/>" . LB; } } //test 送信先 if ($mode === "test") { if ($test === "") { $err .= $LANG_ASSIST_ADMIN['err_testto'] . "<br/>" . LB; } } if ($testto != "") { if (COM_isEmail($testto) == false) { $err .= $LANG_ASSIST_ADMIN['err_testto'] . "<br/>" . LB; } } // hiroron start 2010/07/13 // 予約送信 if ($mode === 'reserv') { if ($dt_year === "" or $dt_month === "" or $dt_day === "" or $dt_hour === "" or $dt_minute === "") { $err .= $LANG_ASSIST_ADMIN['err_reserv'] . "<br/>" . LB; } } // hiroron end 2010/07/13 //errorのあるとき if ($err != "") { return $err; } // CHECK おわり $fields = "name"; $fields .= ",value"; // for ($i = 0; $i < count($fary); $i++) { $fname = $fary[$i]['name']; $values = "'assist_{$fname}'"; $values .= ",'{${$fname}}'"; DB_save($_TABLES['vars'], $fields, $values); } //assist_re_datetime $values = "'assist_re_datetime'"; $values .= ",'{$dt}'"; DB_save($_TABLES['vars'], $fields, $values); // hiroron start 2010/07/13 if ($mode === "reserv") { $ts = $dt; //assist_fn_1234567890 for ($i = 0; $i < count($fary); $i++) { $reserv = $fary[$i]['reserv']; if ($reserv != "") { $fname = $fary[$i]['name']; $values = "'assist_{$reserv}_{$ts}'"; $values .= ",'{${$fname}}'"; DB_save($_TABLES['vars'], $fields, $values); } } $values = "'assist_li_{$ts}'"; $values .= ",'0'"; DB_save($_TABLES['vars'], $fields, $values); touch($_CONF['path_data'] . "assist_reserv_{$ts}"); } // hiroron end 2010/07/13 $rt = $LANG_ASSIST_ADMIN['mail_save_ok']; return $rt; }