<!DOCTYPE html>
<?php
require "functions/admincheck.php";
require "functions/cmum.php";
if (isset($_POST["value"]) && $_POST["value"] == "baddprf") {
$status = addprofile($_POST["name"], $_POST["cspvalue"], $_POST["comment"]);
if ($status == "0") {
$counters = explode(";", counter());
$notice = "toastr.success('Profile successfully created');";
} elseif ($status == "1") {
$notice = "toastr.error('You must enter a profile name'); \$('#modalNewProfile').modal({ show: true });";
} elseif ($status == "2") {
$notice = "toastr.error('Profile already exists'); \$('#modalNewProfile').modal({ show: true });";
}
}
if (isset($_GET["action"]) && stripslashes($_GET["action"]) == "edit" && isset($_GET["pid"]) && $_GET["pid"] != "") {
$mysqli = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
if (mysqli_connect_errno()) {
errorpage("MYSQL DATABASE ERROR", mysqli_connect_error(), $charset, CMUM_TITLE, $_SERVER["REQUEST_URI"], CMUM_VERSION, CMUM_BUILD, CMUM_MOD);
exit;
}
$sql = $mysqli->query("SELECT id,name,cspvalue,comment FROM profiles WHERE id='" . $mysqli->real_escape_string($_GET["pid"]) . "'");
$ep_res = $sql->fetch_array();
$ep_id = $ep_res["id"];
$ep_name = $ep_res["name"];
$ep_cspvalue = $ep_res["cspvalue"];
$ep_comment = $ep_res["comment"];
mysqli_close($mysqli);
$notice = "\$('#modalEditProfile').modal({ show: true });";
}
if (isset($_POST["value"]) && $_POST["value"] == "beditprf") {
function impcspprofiles($pvalue, $pname)
{
if (file_exists("config.php")) {
require "config.php";
} else {
require "../config.php";
}
$p = 0;
$e = 0;
$impprofiles = "";
$impexists = "";
$mysqli = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
foreach ($pvalue as $x => $value) {
if (isset($pvalue[$x]) && $pvalue[$x] != "") {
$pcsql = $mysqli->query("SELECT id FROM profiles WHERE cspvalue='" . $pvalue[$x] . "'");
$prowcheck = $pcsql->num_rows;
if ($prowcheck == 0) {
if (isset($pname[$x]) && $pname[$x] != "") {
$pncsql = $mysqli->query("SELECT id FROM profiles WHERE name='" . $pname[$x] . "'");
$pnrowcheck = $pncsql->num_rows;
if ($pnrowcheck == 0) {
addprofile($pname[$x], $pvalue[$x], "Imported profile");
$impprofiles = $impprofiles . $pname[$x] . " (" . $pvalue[$x] . ")<br>";
$p++;
} else {
$impexists = $impexists . $pname[$x] . " (" . $pvalue[$x] . ")<br>";
$e++;
}
}
} else {
$impexists = $impexists . $pname[$x] . " (" . $pvalue[$x] . ")<br>";
$e++;
}
}
}
mysqli_close($mysqli);
$status["profimp"] = $p;
$status["profexi"] = $e;
$status["proflist"] = $impprofiles;
$status["exilist"] = $impexists;
return $status;
}