function setSettings($arrSettings) { global $objDatabase; $status = true; foreach ($arrSettings as $key => $arrSetting) { if ($objDatabase->Execute('UPDATE `' . DBPREFIX . 'access_settings` SET `value` = \'' . contrexx_addslashes($arrSetting['value']) . '\', `status` = ' . intval($arrSetting['status']) . ' WHERE `key` = \'' . contrexx_addslashes($key) . '\'') === false) { $status = false; } } return $status; }
/** * * Selects the username with the id of the user who has loggged on. * @global $objDatabase */ function getUserID($userName) { global $objDatabase; $arrSettings = \User_Setting::getSettings(); $where = array(); $where[] = '`email` = "' . $userName . '"'; if ($arrSettings['use_usernames']['status']) { $where[] = '`username` = "' . $userName . '"'; } $userName = contrexx_addslashes($userName); $selUserID = 'SELECT id FROM ' . DBPREFIX . 'access_users WHERE (' . implode(' OR ', $where) . ') AND active=1'; $objResult = $objDatabase->Execute($selUserID); while (!$objResult->EOF) { $ID = $objResult->fields['id']; $objResult->MoveNext(); } return $ID; }
/** * Update or add new template */ function storeTemplate() { global $objDatabase; if (empty($_POST['mails'])) { return ''; } // Use the posted template ID only if the "store as new" checkbox // hasn't been marked $template_id = empty($_POST['shopMailSaveNew']) && !empty($_POST['tplId']) ? $_POST['tplId'] : 0; if (empty($_POST['langId'])) { return ''; } $lang_id = $_POST['langId']; self::init($lang_id); if ($template_id) { $arrTemplate = self::$arrTemplate[$template_id]; if (!$arrTemplate) { // Template not found. Clear the ID. $template_id = 0; } } // If the template ID is known, update. // Note that the protected flag is not changed. // For newly inserted templates, the protected flag is always 0 (zero). $query = $template_id && isset(self::$arrTemplate[$template_id]) ? "UPDATE " . DBPREFIX . "module_shop" . MODULE_INDEX . "_mail\n SET `tplname`='" . contrexx_addslashes($_POST['shopMailTemplate']) . "'\n WHERE `id`={$template_id}" : "INSERT INTO " . DBPREFIX . "module_shop" . MODULE_INDEX . "_mail (\n `protected`, `tplname`\n ) VALUES (\n 0,\n '" . contrexx_addslashes($_POST['shopMailTemplate']) . "'\n )"; $objResult = $objDatabase->Execute($query); if (!$objResult) { return false; } if (empty($template_id)) { $template_id = $objDatabase->Insert_ID(); } $query = $template_id && self::$arrTemplate[$template_id]['available'] ? "UPDATE " . DBPREFIX . "module_shop" . MODULE_INDEX . "_mail_content\n SET `from_mail`='" . contrexx_addslashes($_POST['shopMailFromAddress']) . "',\n `xsender`='" . contrexx_addslashes($_POST['shopMailFromName']) . "',\n `subject`='" . contrexx_addslashes($_POST['shopMailSubject']) . "',\n `message`='" . contrexx_addslashes($_POST['shopMailBody']) . "'\n WHERE `tpl_id`={$template_id}\n AND `lang_id`={$lang_id}" : "INSERT INTO " . DBPREFIX . "module_shop" . MODULE_INDEX . "_mail_content (\n `tpl_id`, `lang_id`,\n `from_mail`, `xsender`,\n `subject`, `message`\n ) VALUES (\n {$template_id}, {$lang_id},\n '" . contrexx_addslashes($_POST['shopMailFromAddress']) . "',\n '" . contrexx_addslashes($_POST['shopMailFromName']) . "',\n '" . contrexx_addslashes($_POST['shopMailSubject']) . "',\n '" . contrexx_addslashes($_POST['shopMailBody']) . "'\n )"; $objResult = $objDatabase->Execute($query); if (!$objResult) { return false; } return true; }
function delEntry() { global $objDatabase, $_ARRAYLANG, $_CORELANG, $_CONFIG; $this->_objTpl->setTemplate($this->pageContent, true, true); if (!$this->settings['editEntry'] == '1' || !$this->communityModul && $this->settings['addEntry_only_community'] == '1') { \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Market&cmd=detail&id=' . $_POST['id']); exit; } elseif ($this->settings['addEntry_only_community'] == '1') { $objFWUser = \FWUser::getFWUserObject(); if ($objFWUser->objUser->login()) { if (!\Permission::checkAccess(101, 'static', true)) { \Cx\Core\Csrf\Controller\Csrf::header("Location: " . CONTREXX_DIRECTORY_INDEX . "?section=Login&cmd=noaccess"); exit; } } else { $link = base64_encode(CONTREXX_DIRECTORY_INDEX . '?' . $_SERVER['QUERY_STRING']); \Cx\Core\Csrf\Controller\Csrf::header("Location: " . CONTREXX_DIRECTORY_INDEX . "?section=Login&redirect=" . $link); exit; } } else { $objFWUser = \FWUser::getFWUserObject(); } //get search $this->getSearch(); if (isset($_GET['id'])) { $entryId = contrexx_addslashes($_GET['id']); $objResult = $objDatabase->Execute('SELECT id, userid, catid FROM ' . DBPREFIX . 'module_market WHERE id = ' . $entryId . ' LIMIT 1'); if ($objResult !== false) { while (!$objResult->EOF) { if ($objFWUser->objUser->login() && $objFWUser->objUser->getId() == $objResult->fields['userid'] || \Permission::hasAllAccess()) { $this->_objTpl->setVariable(array('MARKET_ENTRY_ID' => $entryId, 'TXT_MARKET_DEL' => $_ARRAYLANG['TXT_MARKET_DELETE_ADVERTISEMENT'], 'TXT_MARKET_ABORT' => $_CORELANG['TXT_CANCEL'], 'TXT_MARKET_CONFIRM_DEL' => $_ARRAYLANG['TXT_MARKET_ADVERTISEMENT_DELETE'])); //get navigatin $this->getNavigation($objResult->fields['catid']); $objResult->MoveNext(); } else { \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Market&cmd=detail&id=' . $_GET['id']); exit; } } } } else { if (isset($_POST['submitEntry'])) { $arrDelete = array(); $arrDelete[0] = $_POST['id']; $this->removeEntry($arrDelete); \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Market'); exit; } else { \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Market'); exit; } } }
/** * handles the upload of a file * * @param string $inputName name of the HTML input element used to upload the file * * @return array $uploadedFileInfo array containing the properties for the uploaded file, * false when upload has failed */ function _handleUpload($inputName) { global $_ARRAYLANG, $sessionObj; $fileName = isset($_POST[$inputName]) ? contrexx_input2raw($_POST[$inputName]) : ''; if (empty($fileName)) { return array('name' => '', 'path' => '', 'size' => 0); } $uploaderId = isset($_POST['forumUploaderId']) ? contrexx_input2raw($_POST['forumUploaderId']) : ''; if (empty($uploaderId)) { \DBG::log('Uploader id is empty'); return false; } //Re-initialize the $sessionObj if it is empty if (empty($sessionObj)) { $sessionObj = \cmsSession::getInstance(); } $tempPath = $sessionObj->getTempPath() . '/' . $uploaderId . '/' . $fileName; if (!\Cx\Lib\FileSystem\FileSystem::exists($tempPath)) { return false; } $cx = \Cx\Core\Core\Controller\Cx::instanciate(); $filePath = $cx->getWebsiteMediaForumUploadPath() . '/'; $pathinfo = pathinfo($fileName); $i = 1; while (\Cx\Lib\FileSystem\FileSystem::exists($filePath . $fileName)) { $fileName = $pathinfo['filename'] . '_' . $i++ . '.' . $pathinfo['extension']; } if (\Cx\Lib\FileSystem\FileSystem::move($tempPath, $filePath . $fileName, true) === false) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', $filePath . $fileName . ': ' . $_ARRAYLANG['TXT_FORUM_UPLOAD_NOT_MOVABLE']); return false; } return array('name' => contrexx_addslashes($fileName), 'path' => $filePath, 'size' => filesize($filePath . $fileName)); }
/** * Add content data for a category * * Add the content data for a category that later will be inserted * @param int $lang * @param string $name */ public function addContent($lang, $name) { $this->insertContent[] = array('lang' => intval($lang), 'name' => contrexx_addslashes($name)); }
/** * Update values for a banner * * @global object $objDatabase * @global array $_ARRAYLANG * @return integer $intReturn: The old group of the changed banner */ function updateBanner() { global $objDatabase, $_ARRAYLANG; $intBannerId = intval($_POST['bannerId']); $strName = htmlspecialchars(addslashes($_POST['bannerName']), ENT_QUOTES, CONTREXX_CHARSET); $intGroupId = intval($_POST['bannerGroupId']); $intStatus = intval($_POST['bannerStatus']); $strCode = contrexx_addslashes($_POST['bannerCode']); if (!empty($strName) && $intGroupId != 0) { $objDatabase->Execute(' UPDATE ' . DBPREFIX . 'module_banner_system SET parent_id=' . $intGroupId . ', name="' . $strName . '", banner_code="' . $strCode . '", status=' . $intStatus . ' WHERE id=' . $intBannerId . ' LIMIT 1 '); $objDatabase->Execute(' DELETE FROM ' . DBPREFIX . 'module_banner_relations WHERE banner_id=' . $intBannerId . ' '); if (is_array($_POST['selectedPages'])) { foreach ($_POST['selectedPages'] as $intPageId) { $objDatabase->Execute(' INSERT INTO ' . DBPREFIX . 'module_banner_relations SET banner_id=' . $intBannerId . ', group_id=' . $intGroupId . ', page_id=' . $intPageId . ', type="content" '); } } if (is_array($_POST['selectedNews'])) { foreach ($_POST['selectedNews'] as $intPageId) { $objDatabase->Execute(' INSERT INTO ' . DBPREFIX . 'module_banner_relations SET banner_id=' . $intBannerId . ', group_id=' . $intGroupId . ', page_id=' . $intPageId . ', type="news" '); } } if (is_array($_POST['selectedTeaser'])) { foreach ($_POST['selectedTeaser'] as $intPageId) { $objDatabase->Execute(' INSERT INTO ' . DBPREFIX . 'module_banner_relations SET banner_id=' . $intBannerId . ', group_id=' . $intGroupId . ', page_id=' . $intPageId . ', type="teaser" '); } } $this->strOkMessage = $_ARRAYLANG['TXT_BANNER_UPDATE_DONE']; } return $intGroupId; }
/** * Loads the event manager configuration * * @param integer $startDate Start date Unix timestamp * @param integer $endDate End date timestamp * @param integer $categoryId Category Id * @param string $searchTerm Search Term * @param boolean $showSeries Show Series * @param boolean $needAuth Need authorization * @param boolean $onlyActive Only active Events * @param integer $startPos Start position * @param integer $numEvents Number of events * @param string $sortDirection Sort direction, possible values ASC, DESC * @param boolean $onlyConfirmed only confirmed Entries * @param string $author author name */ function __construct($startDate = null, $endDate = null, $categoryId = null, $searchTerm = null, $showSeries = true, $needAuth = false, $onlyActive = false, $startPos = 0, $numEvents = 'n', $sortDirection = 'ASC', $onlyConfirmed = true, $author = null, $listType = 'all') { $this->startDate = intval($startDate); $this->endDate = intval($endDate); $this->categoryId = intval($categoryId); $this->showSeries = $showSeries; $this->searchTerm = contrexx_addslashes($searchTerm); $this->needAuth = $needAuth; $this->onlyActive = $onlyActive; $this->startPos = $startPos; $this->numEvents = $numEvents; $this->sortDirection = $sortDirection; $this->onlyConfirmed = $onlyConfirmed; $this->author = $author; $this->listType = $listType; }
function saveLevel($arrData, $intLevelId = null) { global $_ARRAYLANG, $_CORELANG, $objDatabase, $_LANGID; //get data $intId = intval($intLevelId); $intParentId = intval($arrData['levelPosition']); $intShowEntries = intval($arrData['levelShowEntries']); $intShowSublevels = isset($arrData['levelShowSublevels']) ? contrexx_input2int($arrData['levelShowSublevels']) : 0; $intShowCategories = intval($arrData['levelShowCategories']); $intActive = intval($arrData['levelActive']); $strPicture = contrexx_addslashes(contrexx_strip_tags($arrData['levelImage'])); $arrName = $arrData['levelName']; $arrDescription = $arrData['levelDescription']; if (empty($intId)) { //insert new category $objInsertAttributes = $objDatabase->Execute("\n INSERT INTO\n " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_levels\n SET\n `parent_id`='" . $intParentId . "',\n `order`=0,\n `show_entries`='" . $intShowEntries . "',\n `show_sublevels`='" . $intShowSublevels . "',\n `show_categories`='" . $intShowCategories . "',\n `picture`='" . $strPicture . "',\n `active`='" . $intActive . "'\n "); if ($objInsertAttributes !== false) { $intId = $objDatabase->Insert_ID(); foreach ($this->arrFrontendLanguages as $key => $arrLang) { if (empty($arrName[0])) { $arrName[0] = "[[" . $_ARRAYLANG['TXT_MEDIADIR_NEW_LEVEL'] . "]]"; } if (empty($arrDescription[0])) { $arrDescription[0] = isset($arrDescription[$_LANGID]) ? $arrDescription[$_LANGID] : ''; } $strName = $arrName[$arrLang['id']]; $strDescription = $arrDescription[$arrLang['id']]; if (empty($strName)) { $strName = $arrName[0]; } if (empty($strDescription)) { $strDescription = $arrDescription[0]; } $objInsertNames = $objDatabase->Execute("\n INSERT INTO\n " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_level_names\n SET\n `lang_id`='" . intval($arrLang['id']) . "',\n `level_id`='" . intval($intId) . "',\n `level_name`='" . contrexx_raw2db(contrexx_input2raw($strName)) . "',\n `level_description`='" . contrexx_raw2db(contrexx_input2raw($strDescription)) . "'\n "); } if ($objInsertNames !== false) { return true; } else { return false; } } else { return false; } } else { //update category if ($intParentId == $intLevelId) { $parentSql = null; } else { $parentSql = "`parent_id`='" . $intParentId . "',"; } $objUpdateAttributes = $objDatabase->Execute("\n UPDATE\n " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_levels\n SET\n " . $parentSql . "\n `show_entries`='" . $intShowEntries . "',\n `show_sublevels`='" . $intShowSublevels . "',\n `show_categories`='" . $intShowCategories . "',\n `picture`='" . $strPicture . "',\n `active`='" . $intActive . "'\n WHERE\n `id`='" . $intId . "'\n "); if ($objUpdateAttributes !== false) { $objDatabase->Execute("DELETE FROM " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_level_names WHERE level_id='" . $intId . "'"); foreach ($this->arrFrontendLanguages as $key => $arrLang) { if (empty($arrName[0])) { $arrName[0] = "[[" . $_ARRAYLANG['TXT_MEDIADIR_NEW_LEVEL'] . "]]"; } if (empty($arrDescription[0])) { $arrDescription[0] = isset($arrDescription[$_LANGID]) ? $arrDescription[$_LANGID] : ''; } $strName = $arrName[$arrLang['id']]; $strDescription = $arrDescription[$arrLang['id']]; if (empty($strName)) { $strName = $arrName[0]; } if (empty($strDescription)) { $strDescription = $arrDescription[0]; } $objInsertNames = $objDatabase->Execute("\n INSERT INTO\n " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_level_names\n SET\n `lang_id`='" . intval($arrLang['id']) . "',\n `level_id`='" . intval($intId) . "',\n `level_name`='" . contrexx_raw2db(contrexx_input2raw($strName)) . "',\n `level_description`='" . contrexx_raw2db(contrexx_input2raw($strDescription)) . "'\n "); } if ($objInsertNames !== false) { return true; } else { return false; } } else { return false; } } }
/** * Memberlist * * @access private * @global ADONewConnection * @global array * @global array */ function _memberList() { global $objDatabase, $_ARRAYLANG, $_CONFIG; $this->setDirs(0, true); $this->_objTpl->setTemplate($this->pageContent, true, true); $dirid = intval($_GET['id']); $this->_objTpl->setGlobalVariable(array("TXT_OVERVIEW" => $_ARRAYLANG['TXT_OVERVIEW'])); $treeid = $dirid; $tree = array(); while ($treeid > 0) { $temp = array('id' => $treeid, 'name' => $this->directories[$treeid]['name']); $tree[] = $temp; $treeid = $this->directories[$treeid]['parentdir']; } $tree = array_reverse($tree); foreach ($tree as $branch) { $this->_objTpl->setVariable(array("MEMBERDIR_DIRID" => $branch['id'], "MEMBERDIR_DIRNAME" => $branch['name'])); $this->_objTpl->parse("tree-element"); } $this->_objTpl->parse("tree"); if ($this->directories[$dirid]['displaymode'] == 0 || $this->directories[$dirid]['displaymode'] == 1) { $lastlevel = 0; if ($this->directories[$dirid]['has_children']) { $this->_objTpl->setVariable(array("TXT_CATEGORY_TREE_DESC" => "<div style=\"margin-bottom: 5px;\">" . $_ARRAYLANG['TXT_SUBDIRECTORIES'] . "</div>", 'TXT_MEMBERDIR_EXPORT_CONTACT_AS_VCARD' => $_ARRAYLANG['TXT_MEMBERDIR_EXPORT_CONTACT_AS_VCARD'])); } foreach ($this->directories as $dirkey => $directory) { // check language if ($directory['lang'] != 0 && $directory['lang'] != $this->langId) { continue; } if ($directory['active'] && $directory['parentdir'] == $dirid && $dirkey != 0) { $this->_objTpl->setVariable(array("MEMBERDIR_DIR_ID" => $dirkey, "MEMBERDIR_DIR_NAME" => $directory['name'], "MEMBERDIR_IMAGE_SRC" => "pixel.gif")); $this->_objTpl->parse("category"); } } $this->_objTpl->parse("category_list"); $this->_objTpl->hideBlock("category_show"); } if ($this->directories[$dirid]['displaymode'] == 0 || $this->directories[$dirid]['displaymode'] == 2) { if (empty($_GET['sort'])) { $_GET['sort'] = ""; } if (empty($_GET['search'])) { $_GET['search'] = ""; } $keyword = isset($_GET['keyword']) ? contrexx_addslashes($_GET['keyword']) : ""; $sort = contrexx_addslashes($_GET['sort']); $this->_objTpl->setGlobalVariable(array("MEMBERDIR_DIRID" => $dirid, "MEMBERDIR_CHAR_LIST" => $this->_getCharList(CONTREXX_DIRECTORY_INDEX . "?section=MemberDir&cmd=" . htmlentities($_GET['cmd'], ENT_QUOTES, CONTREXX_CHARSET) . "&id=" . $dirid . "&sort={$sort}"), "MEMBERDIR_DESCRIPTION" => nl2br($this->directories[$dirid]['description']))); $sortField = $this->directories[$dirid]['sort']; if ($sort == "sc") { /* Special Chars */ $query = "SELECT *\n FROM " . DBPREFIX . "module_memberdir_values\n WHERE `1` REGEXP '^[^a-zA-Z]' AND\n `dirid` = '{$dirid}'"; } elseif (preg_match("%^[a-z]\$%i", $sort)) { /* Sort by char */ $query = "SELECT *\n FROM " . DBPREFIX . "module_memberdir_values\n WHERE `1` REGEXP '^" . $sort . "' AND\n `dirid` = '{$dirid}'"; } elseif ($_GET['search'] == "search") { /* Search */ $query = "SELECT *\n FROM " . DBPREFIX . "module_memberdir_values\n WHERE (\n `1` LIKE '%{$keyword}%' OR\n `2` LIKE '%{$keyword}%' OR\n `3` LIKE '%{$keyword}%' OR\n `4` LIKE '%{$keyword}%' OR\n `5` LIKE '%{$keyword}%' OR\n `6` LIKE '%{$keyword}%' OR\n `7` LIKE '%{$keyword}%' OR\n `8` LIKE '%{$keyword}%' OR\n `9` LIKE '%{$keyword}%' OR\n `10` LIKE '%{$keyword}%' OR\n `11` LIKE '%{$keyword}%' OR\n `12` LIKE '%{$keyword}%' OR\n `13` LIKE '%{$keyword}%' OR\n `14` LIKE '%{$keyword}%' OR\n `15` LIKE '%{$keyword}%' OR\n `16` LIKE '%{$keyword}%' OR\n `17` LIKE '%{$keyword}%' OR\n `18` LIKE '%{$keyword}%'\n ) "; if ($dirid != 0) { $query .= " AND `dirid` = '{$dirid}'"; } $objResult = $objDatabase->Execute($query); } elseif ($sort == "all") { /* All */ $query = "SELECT *\n FROM " . DBPREFIX . "module_memberdir_values\n WHERE `dirid` = '{$dirid}'"; } else { if ($this->options['default_listing']) { $query = "SELECT *\n FROM " . DBPREFIX . "module_memberdir_values\n WHERE `dirid` = '{$dirid}'"; } } if ($this->options['default_listing']) { $query .= " ORDER BY `" . $sortField . "` ASC"; $pos = isset($_GET['pos']) ? intval($_GET['pos']) : 0; $objResult = $objDatabase->Execute($query); } if ($objResult) { $count = $objResult->RecordCount(); $paging = getPaging($count, $pos, "&section=MemberDir&cmd=" . htmlentities($_GET['cmd'], ENT_QUOTES, CONTREXX_CHARSET) . "&id={$dirid}&sort={$sort}&search=" . htmlentities(contrexx_stripslashes($_GET['search']), ENT_QUOTES, CONTREXX_CHARSET) . "&keyword={$keyword}", "<b>" . $_ARRAYLANG['TXT_MEMBERDIR_ENTRIES'] . "</b>", true, $_CONFIG['corePagingLimit']); $this->_objTpl->setVariable("MEMBERDIR_PAGING", $paging); $objResult = $objDatabase->SelectLimit($query, $_CONFIG['corePagingLimit'], $pos); if ($objResult) { $rowid = 1; while (!$objResult->EOF) { $fieldnames = $this->getFieldData($dirid); for ($i = 1; $i < 17; $i++) { $placeholder = $this->getPlaceholderName($fieldnames[$i]['name']); $replace[$placeholder] = $objResult->fields["{$i}"]; } if ($dirid == 0) { $replace["FIELD_CATEGORY"] = $_ARRAYLANG['TXT_DIRECTORY'] . ": <strong>" . $this->directories[$objResult->fields['dirid']]['name'] . "</strong><br />"; } if ($this->directories[$objResult->fields['dirid']] && $objResult->fields['pic1'] != "none") { $src = $objResult->fields['pic1']; $size = getimagesize(ASCMS_PATH . $src); $width = $this->options['max_width'] < $size[0] ? $this->options['max_width'] : $size[0]; $height = $this->options['max_height'] < $size[1] ? $this->options['max_height'] : $size[1]; $this->_objTpl->setVariable(array("FIELD_PIC1" => "<img src=\"{$src}\" alt=\"\" style=\"width: " . $width . "px; height: " . $height . "px;\" /><br />")); } if ($this->directories[$objResult->fields['dirid']] && $objResult->fields['pic2'] != "none") { $src = $objResult->fields['pic2']; $size = getimagesize(ASCMS_PATH . $src); $width = $this->options['max_width'] < $size[0] ? $this->options['max_width'] : $size[0]; $height = $this->options['max_height'] < $size[1] ? $this->options['max_height'] : $size[1]; $this->_objTpl->setVariable(array("FIELD_PIC2" => "<img src=\"{$src}\" alt=\"\" style=\"width: " . $width . "px; height: " . $height . "px;\" /><br />")); } $name = $key <= 12 ? strtoupper($field['name']) : $key; $this->_objTpl->setVariable(array("MEMBERDIR_FIELD_" . $name => $key > 12 ? nl2br($objResult->fields[$key]) : $this->checkStr($objResult->fields[$key]))); $this->_objTpl->setVariable($replace); $this->_objTpl->setVariable(array("MEMBERDIR_ROW" => $rowid, "MEMBERDIR_ID" => $objResult->fields['id'], "FIELD_DIRECTORY" => $this->directories[$dirid]['name'])); $this->_objTpl->parse("memberdir_row"); $rowid = $rowid == 2 ? 1 : 2; $objResult->MoveNext(); } } } $this->_objTpl->touchBlock("category_show"); $this->_objTpl->parse("category_show"); } }
function interfaces() { global $_ARRAYLANG, $_CORELANG; \Permission::checkAccess(MediaDirectoryAccessIDs::Interfaces, 'static'); $this->_objTpl->loadTemplateFile('module_' . $this->moduleNameLC . '_interfaces.html', true, true); $this->pageTitle = $_ARRAYLANG['TXT_MEDIADIR_INTERFACES']; $objInterfaces = new MediaDirectoryInterfaces($this->moduleName); $tpl = isset($_GET['tpl']) ? $_GET['tpl'] : ''; $step = isset($_GET['step']) ? $_GET['step'] : ''; if (isset($_POST['submitInterfacesForm'])) { $strStatus = null; switch ($tpl) { case 'import': $objImport = new MediaDirectoryImport($this->moduleName); switch ($step) { case 'insertSQL': $strStatus = $objImport->importSQL(contrexx_addslashes($_POST['interfacesImportSqlTable']), contrexx_addslashes($_POST['pairs_left_keys']), contrexx_addslashes($_POST['pairs_right_keys']), intval($_POST['interfacesImportSqlType']), intval($_POST['interfacesImportSqlForm']), intval($_POST['interfacesImportSqlCategory']), intval($_POST['interfacesImportSqlLevel'])); break; case 'insertCSV': $strStatus = $objImport->importCSV(); break; } break; case 'export': $objExport = new MediaDirectoryExport($this->moduleName); switch ($_POST['step']) { case 'exportCSV': $strStatus = $objExport->exportCSV(intval($_POST['interfacesExportForm']), $_POST['interfacesExportSelectedCategories'], $_POST['interfacesExportSelectedLevels'], intval($_POST['interfacesExportMask'])); break; } } if ($strStatus === true) { $this->strOkMessage = "Ok"; } else { if ($strStatus === false) { $this->strErrMessage = "Not Ok"; } } } $this->_objTpl->setGlobalVariable(array('TXT_' . $this->moduleLangVar . '_IMPORT' => $_ARRAYLANG['TXT_MEDIADIR_IMPORT'], 'TXT_' . $this->moduleLangVar . '_EXPORT' => $_ARRAYLANG['TXT_MEDIADIR_EXPORT'], 'TXT_' . $this->moduleLangVar . '_SUBMIT' => $_ARRAYLANG['TXT_' . $this->moduleLangVar . '_SUBMIT'], 'TXT_' . $this->moduleLangVar . '_DO_IMPORT' => $_ARRAYLANG['TXT_MEDIADIR_DO_IMPORT'], 'TXT_' . $this->moduleLangVar . '_DO_EXPORT' => $_ARRAYLANG['TXT_MEDIADIR_DO_EXPORT'], 'TXT_' . $this->moduleLangVar . '_SELECT_TABLE' => $_ARRAYLANG['TXT_MEDIADIR_SELECT_TABLE'], 'TXT_' . $this->moduleLangVar . '_DELETE' => $_CORELANG['TXT_DELETE'], 'TXT_' . $this->moduleLangVar . '_ACTIVATE' => $_ARRAYLANG['TXT_MEDIADIR_ACTIVATE'], 'TXT_' . $this->moduleLangVar . '_DEACTIVATE' => $_ARRAYLANG['TXT_MEDIADIR_DEAVTIVATE'])); switch ($tpl) { case 'import': $objInterfaces->showImport($step, $this->_objTpl); break; case 'export': default: $objInterfaces->showExport($step, $this->_objTpl); break; } }
/** * Update form inputfields * * Before calling this method Remove the existing form inputfield entries from db * for avoiding the duplicate entries in db. * * @param integer $intFieldId Form InputField id * @param array $arrFieldNames Form inputField Names array, the key is refered as the language id * @param array $arrFieldDefaultValues Form inputField Default values array, the key is refered as the language id * @param array $arrFieldInfos Form inputField Information values array the key is refered as the language id * * @return boolean true | false */ public function updateInputFields($intFieldId, $arrFieldNames, $arrFieldDefaultValues, $arrFieldInfos) { global $_LANGID, $objDatabase; foreach ($this->arrFrontendLanguages as $key => $arrLang) { if (empty($arrFieldNames[0])) { $arrFieldNames[0] = ''; } $strFieldName = $arrFieldNames[$arrLang['id']]; $strFieldDefaultValue = $arrFieldDefaultValues[$arrLang['id']]; $strFieldInfo = $arrFieldInfos[$arrLang['id']]; if ($arrLang['id'] == $_LANGID) { if ($this->arrInputfields[$intFieldId]['name'][0] == $arrFieldNames[0] && $this->arrInputfields[$intFieldId]['name'][$arrLang['id']] != $arrFieldNames[$arrLang['id']]) { $strFieldName = $arrFieldNames[$_LANGID]; } if ($this->arrInputfields[$intFieldId]['default_value'][0] == $strFieldDefaultValue && $this->arrInputfields[$intFieldId]['default_value'][$arrLang['id']] != $arrFieldDefaultValues[$arrLang['id']]) { $strFieldDefaultValue = $arrFieldDefaultValues[$_LANGID]; } if ($this->arrInputfields[$intFieldId]['info'][0] == $arrFieldInfos[0] && $this->arrInputfields[$intFieldId]['info'][$arrLang['id']] != $arrFieldInfos[$arrLang['id']]) { $strFieldInfo = $arrFieldInfos[$_LANGID]; } if ($this->arrInputfields[$intFieldId]['name'][0] != $arrFieldNames[0] && $this->arrInputfields[$intFieldId]['name'][$arrLang['id']] == $arrFieldNames[$arrLang['id']] || $this->arrInputfields[$intFieldId]['name'][0] != $arrFieldNames[0] && $this->arrInputfields[$intFieldId]['name'][$arrLang['id']] != $arrFieldNames[$arrLang['id']] || $this->arrInputfields[$intFieldId]['name'][0] == $arrFieldNames[0] && $this->arrInputfields[$intFieldId]['name'][$arrLang['id']] == $arrFieldNames[$arrLang['id']]) { $strFieldName = $arrFieldNames[0]; } if ($this->arrInputfields[$intFieldId]['default_value'][0] != $arrFieldDefaultValues[0] && $this->arrInputfields[$intFieldId]['default_value'][$arrLang['id']] == $arrFieldDefaultValues[$arrLang['id']] || $this->arrInputfields[$intFieldId]['default_value'][0] != $arrFieldDefaultValues[0] && $this->arrInputfields[$intFieldId]['default_value'][$arrLang['id']] != $arrFieldDefaultValues[$arrLang['id']] || $this->arrInputfields[$intFieldId]['default_value'][0] == $arrFieldDefaultValues[0] && $this->arrInputfields[$intFieldId]['default_value'][$arrLang['id']] == $arrFieldDefaultValues[$arrLang['id']]) { $strFieldDefaultValue = $arrFieldDefaultValues[0]; } if ($this->arrInputfields[$intFieldId]['info'][0] != $arrFieldInfos[0] && $this->arrInputfields[$intFieldId]['info'][$arrLang['id']] == $arrFieldInfos[$arrLang['id']] || $this->arrInputfields[$intFieldId]['info'][0] != $arrFieldInfos[0] && $this->arrInputfields[$intFieldId]['info'][$arrLang['id']] != $arrFieldInfos[$arrLang['id']] || $this->arrInputfields[$intFieldId]['info'][0] == $arrFieldInfos[0] && $this->arrInputfields[$intFieldId]['info'][$arrLang['id']] == $arrFieldInfos[$arrLang['id']]) { $strFieldInfo = $arrFieldInfos[0]; } } if (empty($strFieldName)) { $strFieldName = $arrFieldNames[0]; } if (empty($strFieldDefaultValue)) { $strFieldDefaultValue = $arrFieldDefaultValues[0]; } if (empty($strFieldInfo)) { $strFieldInfo = $arrFieldInfos[0]; } $objSaveInputfieldName = $objDatabase->Execute(' INSERT INTO ' . DBPREFIX . 'module_' . $this->moduleTablePrefix . '_inputfield_names SET `lang_id` = "' . contrexx_raw2db($arrLang['id']) . '", `form_id` = "' . contrexx_raw2db($this->intFormId) . '", `field_id` = "' . contrexx_raw2db($intFieldId) . '", `field_name` = "' . contrexx_raw2db($strFieldName) . '", `field_default_value` = "' . contrexx_raw2db($strFieldDefaultValue) . '", `field_info` = "' . contrexx_addslashes(htmlentities($strFieldInfo, ENT_QUOTES, CONTREXX_CHARSET)) . '" '); if (!$objSaveInputfieldName) { return false; } } return true; }
function _modifyMedium() { global $_ARRAYLANG, $_CONFIG; if (!isset($_REQUEST['section'])) { $_REQUEST['section'] = ''; } $mediumId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0; $mediumTitle = ''; $mediumYoutubeID = ''; $mediumAuthor = ''; $mediumDescription = ''; $mediumSource = ''; $mediumThumbnail = ''; $mediumTemplate = ''; $mediumWidth = 0; $mediumHeight = 0; $mediumPlaylength = 0; $mediumSize = 0; $mediumStatus = 1; $mediumCategories = array(); $saveStatus = true; if ($_REQUEST['section'] != 'Podcast') { //load backend template $this->_objTpl->loadTemplatefile('module_podcast_modify_medium.html'); } else { //load frontend content as template $pageRepo = \Env::get('em')->getRepository('Cx\\Core\\ContentManager\\Model\\Entity\\Page'); $pages = $pageRepo->findBy(array('module' => 'Podcast', 'type' => \Cx\Core\ContentManager\Model\Entity\Page::TYPE_APPLICATION, 'cmd' => 'modifyMedium')); if (count($pages)) { //overwrite template, since _modifyMedium is called in the same request as the _selectMediumSource $this->_objTpl->setTemplate(current($pages)->getContent()); } } $this->_pageTitle = $mediumId > 0 ? $_ARRAYLANG['TXT_PODCAST_MODIFY_MEDIUM'] : $_ARRAYLANG['TXT_PODCAST_ADD_MEDIUM']; $this->_objTpl->setVariable(array('TXT_PODCAST_TITLE' => $_ARRAYLANG['TXT_PODCAST_TITLE'], 'TXT_PODCAST_DESCRIPTION' => $_ARRAYLANG['TXT_PODCAST_DESCRIPTION'], 'TXT_PODCAST_SOURCE' => $_ARRAYLANG['TXT_PODCAST_SOURCE'], 'TXT_PODCAST_TEMPLATE' => $_ARRAYLANG['TXT_PODCAST_TEMPLATE'], 'TXT_PODCAST_DIMENSIONS' => $_ARRAYLANG['TXT_PODCAST_DIMENSIONS'], 'TXT_PODCAST_PIXEL_WIDTH' => $_ARRAYLANG['TXT_PODCAST_PIXEL_WIDTH'], 'TXT_PODCAST_PIXEL_HEIGHT' => $_ARRAYLANG['TXT_PODCAST_PIXEL_HEIGHT'], 'TXT_PODCAST_CATEGORIES' => $_ARRAYLANG['TXT_PODCAST_CATEGORIES'], 'TXT_PODCAST_STATUS' => $_ARRAYLANG['TXT_PODCAST_STATUS'], 'TXT_PODCAST_ACTIVE' => $_ARRAYLANG['TXT_PODCAST_ACTIVE'], 'TXT_PODCAST_SAVE' => $_ARRAYLANG['TXT_PODCAST_SAVE'], 'TXT_PODCAST_PLAYLENGHT' => $_ARRAYLANG['TXT_PODCAST_PLAYLENGHT'], 'TXT_PODCAST_PLAYLENGTH' => $_ARRAYLANG['TXT_PODCAST_PLAYLENGTH'], 'TXT_PODCAST_PLAYLENGHT_FORMAT' => $_ARRAYLANG['TXT_PODCAST_PLAYLENGHT_FORMAT'], 'TXT_PODCAST_PLAYLENGTH_FORMAT' => $_ARRAYLANG['TXT_PODCAST_PLAYLENGTH_FORMAT'], 'TXT_PODCAST_FILESIZE' => $_ARRAYLANG['TXT_PODCAST_FILESIZE'], 'TXT_PODCAST_BYTES' => $_ARRAYLANG['TXT_PODCAST_BYTES'], 'TXT_PODCAST_AUTHOR' => $_ARRAYLANG['TXT_PODCAST_AUTHOR'], 'TXT_PODCAST_EDIT_OR_ADD_IMAGE' => $_ARRAYLANG['TXT_PODCAST_EDIT_OR_ADD_IMAGE'], 'TXT_PODCAST_THUMBNAIL' => $_ARRAYLANG['TXT_PODCAST_THUMBNAIL'], 'TXT_PODCAST_SHOW_FILE' => $_ARRAYLANG['TXT_PODCAST_SHOW_FILE'])); if (isset($_POST['podcast_medium_save'])) { if (isset($_POST['podcast_medium_title'])) { $mediumTitle = trim($_POST['podcast_medium_title']); } if (isset($_POST['podcast_medium_author'])) { $mediumAuthor = trim($_POST['podcast_medium_author']); } if (isset($_POST['podcast_medium_description'])) { $mediumDescription = trim($_POST['podcast_medium_description']); } if (isset($_POST['podcast_medium_template'])) { $mediumTemplate = intval($_POST['podcast_medium_template']); } $mediumWidth = isset($_POST['podcast_medium_width']) ? intval($_POST['podcast_medium_width']) : 0; $mediumHeight = isset($_POST['podcast_medium_height']) ? intval($_POST['podcast_medium_height']) : 0; $mediumSize = isset($_POST['podcast_medium_filesize']) ? intval($_POST['podcast_medium_filesize']) : 0; if (!empty($_POST['podcast_medium_playlength'])) { $arrPlaylength = array(); if (preg_match('/^(([0-9]*):)?(([0-9]*):)?([0-9]*)$/', $_POST['podcast_medium_playlength'], $arrPlaylength)) { $minutes = empty($arrPlaylength[3]) ? $arrPlaylength[2] : $arrPlaylength[4]; $hours = empty($arrPlaylength[3]) ? $arrPlaylength[4] : $arrPlaylength[2]; $mediumPlaylength = $hours * 3600 + $minutes * 60 + $arrPlaylength[5]; } } if (isset($_POST['podcast_medium_source'])) { $mediumSource = trim($_POST['podcast_medium_source']); } if (isset($_POST['podcast_medium_thumbnail'])) { $mediumThumbnail = trim($_POST['podcast_medium_thumbnail']); } if (!empty($_POST['podcast_youtubeID'])) { $mediumYoutubeID = trim($_POST['podcast_youtubeID']); $mediumSize = 0; $mediumTemplate = $this->_getYoutubeTemplate(); } $mediumStatus = $_REQUEST['section'] != 'podcast' ? isset($_POST['podcast_medium_status']) ? intval($_POST['podcast_medium_status']) : 0 : ($this->_arrSettings['auto_validate'] ? 1 : 0); if (isset($_POST['podcast_medium_associated_category'])) { foreach ($_POST['podcast_medium_associated_category'] as $categoryId => $status) { if (intval($status) == 1) { array_push($mediumCategories, intval($categoryId)); } } } if (empty($mediumTitle)) { $saveStatus = false; $this->_strErrMessage .= $_ARRAYLANG['TXT_PODCAST_EMPTY_MEDIUM_TITLE_MSG'] . "<br />\n"; } /*elseif (!$this->_isUniqueMediumTitle($mediumTitle, $mediumId)) { $saveStatus = false; $this->_strErrMessage .= $_ARRAYLANG['TXT_PODCAST_DUPLICATE_MEDIUM_TITLE_MSG']."<br />\n"; }*/ if (empty($mediumTemplate)) { $saveStatus = false; $this->_strErrMessage .= $_ARRAYLANG['TXT_PODCAST_EMPTY_MEDIUM_TEMPLATE_MSG'] . "<br />\n"; } if ($saveStatus) { if ($mediumId > 0 && $_REQUEST['section'] != 'podcast') { if ($this->_updateMedium($mediumId, $mediumTitle, $mediumYoutubeID, $mediumAuthor, $mediumDescription, $mediumThumbnail, $mediumTemplate, $mediumWidth, $mediumHeight, $mediumPlaylength, $mediumSize, $mediumCategories, $mediumStatus)) { $this->_strOkMessage = $_ARRAYLANG['TXT_PODCAST_MEDIUM_ADDED_SUCCESSFULL']; // Class in /core_modules/index.class.php is named Cache // Class in /core_modules/admin.class.php is named CacheManager $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId(); $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager(); $cacheManager->deleteSingleFile($pageId); $this->_createRSS(); return $this->_media(); } else { $this->_strErrMessage = $_ARRAYLANG['TXT_PODCAST_MEDIUM_ADDED_FAILED']; } } else { if ($this->_addMedium($mediumTitle, $mediumYoutubeID, $mediumAuthor, $mediumDescription, $mediumSource, $mediumThumbnail, $mediumTemplate, $mediumWidth, $mediumHeight, $mediumPlaylength, $mediumSize, $mediumCategories, $mediumStatus)) { // Class in /core_modules/index.class.php is named Cache // Class in /core_modules/admin.class.php is named CacheManager $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId(); $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager(); $cacheManager->deleteSingleFile($pageId); $this->_createRSS(); if ($_REQUEST['section'] != 'Podcast') { $this->_strOkMessage = $_ARRAYLANG['TXT_PODCAST_MEDIUM_UPDATED_SUCCESSFULL']; return $this->_media(); } else { if ($this->_objTpl->blockExists('podcastThanks')) { $this->_objTpl->touchBlock('podcastThanks'); } if ($this->_objTpl->blockExists('podcastForm')) { $this->_objTpl->hideBlock('podcastForm'); } return true; } } else { $this->_strErrMessage = $_ARRAYLANG['TXT_PODCAST_MEDIUM_UPDATED_FAILED']; } } } } elseif ($mediumId > 0 && ($arrMedium =& $this->_getMedium($mediumId)) !== false && $_REQUEST['section'] != 'Podcast') { $mediumTitle = $arrMedium['title']; $mediumAuthor = $arrMedium['author']; $mediumDescription = $arrMedium['description']; $mediumYoutubeID = $arrMedium['youtube_id']; $mediumSource = $arrMedium['source']; $mediumThumbnail = $arrMedium['thumbnail']; $mediumTemplate = $arrMedium['template_id']; $mediumWidth = $arrMedium['width']; $mediumHeight = $arrMedium['height']; $mediumStatus = $arrMedium['status']; $mediumCategories = $arrMedium['category']; $mediumPlaylength = $arrMedium['playlength']; $mediumSize = $arrMedium['size']; } elseif ($mediumId == 0) { $mediumSource = ''; if (isset($_POST['podcast_medium_source_type']) && in_array($_POST['podcast_medium_source_type'], array('local', 'remote', 'youtube'))) { if ($_POST['podcast_medium_source_type'] == 'local') { if (isset($_POST['podcast_medium_local_source'])) { if (strpos($_POST['podcast_medium_local_source'], ASCMS_PATH_OFFSET) === 0) { $mediumSource = ASCMS_PROTOCOL . '://%domain%%offset%' . substr($_POST['podcast_medium_local_source'], strlen(ASCMS_PATH_OFFSET)); } else { $mediumSource = ASCMS_PROTOCOL . '://%domain%%offset%' . $_POST['podcast_medium_local_source']; } } } elseif ($_POST['podcast_medium_source_type'] == 'youtube') { $mediumYoutubeID = contrexx_addslashes(trim($_POST['youtubeID'])); $mediumSource = 'http://youtube.com/v/' . $mediumYoutubeID; } elseif (isset($_POST['podcast_medium_remote_source'])) { $mediumSource = $_POST['podcast_medium_remote_source']; } } if (empty($mediumSource)) { return $this->_selectMediumSource(); } if (!empty($mediumYoutubeID)) { $mediumTitle = $this->_getYoutubeTitle($mediumYoutubeID); $mediumThumbnail = ASCMS_PATH_OFFSET . $this->_saveYoutubeThumbnail($mediumYoutubeID); $mediumTemplate =& $this->_getYoutubeTemplate(); $mediumDescription =& $this->_getYoutubeDescription($mediumYoutubeID); $mediumWidth = $this->_youTubeDefaultWidth; $mediumSize = 0; $mediumHeight = $this->_youTubeDefaultHeight; } else { $mediumTitle = ($lastSlash = strrpos($mediumSource, '/')) !== false ? substr($mediumSource, $lastSlash + 1) : $mediumSource; $mediumTemplate =& $this->_getSuitableTemplate($mediumSource); $dimensions = isset($_POST['podcast_medium_local_source']) && \Cx\Core_Modules\Media\Controller\MediaLibrary::_isImage(ASCMS_PATH . $_POST['podcast_medium_local_source']) ? @getimagesize(ASCMS_PATH . $_POST['podcast_medium_local_source']) : false; if ($dimensions) { $mediumWidth = $dimensions[0]; $mediumHeight = $dimensions[1]; } else { $mediumWidth = $this->_arrSettings['default_width']; $mediumHeight = $this->_arrSettings['default_height']; } $mediumSize = isset($_POST['podcast_medium_local_source']) ? filesize(ASCMS_PATH . $_POST['podcast_medium_local_source']) : 0; $mediumSource = htmlentities(str_replace(array('%domain%', '%offset%'), array($_CONFIG['domainUrl'], ASCMS_PATH_OFFSET), $mediumSource), ENT_QUOTES, CONTREXX_CHARSET); } } $this->_objTpl->setVariable(array('PODCAST_MODIFY_TITLE' => $mediumId > 0 ? $_ARRAYLANG['TXT_PODCAST_MODIFY_MEDIUM'] : $_ARRAYLANG['TXT_PODCAST_ADD_MEDIUM'] . ' (' . $_ARRAYLANG['TXT_PODCAST_STEP'] . ' 2: ' . $_ARRAYLANG['TXT_PODCAST_CONFIG_MEDIUM'] . ')', 'PODCAST_MEDIUM_ID' => $mediumId, 'PODCAST_MEDIUM_TITLE' => htmlentities($mediumTitle, ENT_QUOTES, CONTREXX_CHARSET), 'PODCAST_MEDIUM_AUTHOR' => htmlentities($mediumAuthor, ENT_QUOTES, CONTREXX_CHARSET), 'PODCAST_MEDIUM_DESCRIPTION' => htmlentities($mediumDescription, ENT_QUOTES, CONTREXX_CHARSET), 'PODCAST_MEDIUM_SOURCE' => $mediumSource, 'PODCAST_MEDIUM_SOURCE_URL' => htmlentities($mediumSource, ENT_QUOTES, CONTREXX_CHARSET), 'PODCAST_MEDIUM_TEMPLATE_MENU' => $this->_getTemplateMenu($mediumTemplate, 'name="podcast_medium_template" style="width:450px;"'), 'PODCAST_MEDIUM_WIDTH' => $mediumWidth, 'PODCAST_MEDIUM_HEIGHT' => $mediumHeight, 'PODCAST_MEDIUM_PLAYLENGHT' => $this->_getShortPlaylengthFormatOfTimestamp($mediumPlaylength), 'PODCAST_MEDIUM_PLAYLENGTH' => $this->_getShortPlaylengthFormatOfTimestamp($mediumPlaylength), 'PODCAST_MEDIUM_FILESIZE' => $mediumSize, 'PODCAST_MEDIUM_THUMBNAIL_SRC' => !empty($mediumThumbnail) ? $mediumThumbnail : $this->_noThumbnail, 'PODCAST_MEDIUM_STATUS' => $mediumStatus == 1 ? 'checked="checked"' : '', 'PODCAST_MEDIUM_YOUTUBE_DISABLED' => !empty($mediumYoutubeID) ? 'disabled="disabled"' : '', 'PODCAST_MEDIUM_YOUTUBE_ID' => !empty($mediumYoutubeID) ? $mediumYoutubeID : '', 'PODCAST_THUMB_BROWSE' => self::getMediaBrowserButton('', array('data-cx-mb-views' => 'filebrowser', 'type' => 'button', 'style' => 'display:none', 'id' => 'podcast_thumbnail_browser'), 'mediaBrowserCallback'))); $arrCategories =& $this->_getCategories(); $categoryNr = 0; $arrLanguages = \FWLanguage::getLanguageArray(); foreach ($arrCategories as $categoryId => $arrCategory) { if ($_REQUEST['section'] == 'Podcast') { if (!in_array($categoryId, $this->_communityCategories) && !empty($this->_communityCategories)) { continue; } } $column = $categoryNr % 3; $arrCatLangIds =& $this->_getLangIdsOfCategory($categoryId); array_walk($arrCatLangIds, create_function('&$cat, $k, $arrLanguages', '$cat = $arrLanguages[$cat]["lang"];'), $arrLanguages); $arrCategory['title'] .= ' (' . implode(', ', $arrCatLangIds) . ')'; $this->_objTpl->setVariable(array('PODCAST_CATEGORY_ID' => $categoryId, 'PODCAST_CATEGORY_ASSOCIATED' => in_array($categoryId, $mediumCategories) ? 'checked="checked"' : '', 'PODCAST_SHOW_MEDIA_OF_CATEGORY_TXT' => sprintf($_ARRAYLANG['TXT_PODCAST_SHOW_MEDIA_OF_CATEGORY'], $arrCategory['title']), 'PODCAST_CATEGORY_NAME' => $arrCategory['title'])); $this->_objTpl->parse('podcast_medium_associated_category_' . $column); $categoryNr++; } }
/** * Add content that is to be inserted * * @param int $lang * @param string $question * @param string $answer */ public function addContent($lang, $question, $answer) { $this->insertContent[] = array('lang' => intval($lang), 'question' => contrexx_addslashes($question), 'answer' => contrexx_addslashes($answer)); }
/** * votes for feeds * @access public */ function voteFeed() { global $objDatabase, $_ARRAYLANG; $this->_objTpl->setTemplate($this->pageContent, true, true); $client = ""; //client/proxy info $this->arrClient['useragent'] = htmlspecialchars($_SERVER['HTTP_USER_AGENT'], ENT_QUOTES, CONTREXX_CHARSET); if (stristr($this->arrClient['useragent'], "phpinfo")) { $this->arrClient['useragent'] = "<b>p_h_p_i_n_f_o() Possible Hacking Attack</b>"; } $this->arrClient['language'] = htmlspecialchars($_SERVER['HTTP_ACCEPT_LANGUAGE'], ENT_QUOTES, CONTREXX_CHARSET); $this->_getProxyInformations(); $client = md5($this->arrClient['ip'] . $this->arrClient['useragent'] . $this->arrClient['language'] . $this->arrProxy['ip'] . $this->arrProxy['host']); $time = time(); $voteNEW = intval($_GET['vote']); $id = intval($_GET['id']); $cid = intval($_GET['cid']); $lid = intval($_GET['lid']); //get clients $objResult = $objDatabase->SelectLimit("\n SELECT client, vote, count\n FROM " . DBPREFIX . "module_directory_vote\n WHERE feed_id='{$id}'\n ", 1); if ($objResult) { while (!$objResult->EOF) { $clientOLD = $objResult->fields['client']; $voteOLD = $objResult->fields['vote']; $countOLD = $objResult->fields['count']; $objResult->MoveNext(); } } $feedTitle = ''; if (!checkForSpider() && isset($id) && isset($voteNEW) && $client != $clientOLD) { if ($voteNEW > 10) { $voteNEW = 10; } elseif ($voteNEW < 1) { $voteNEW = 1; } if (id !== "") { //insert votes if ($objResult->RecordCount() != 0) { $vote = $voteNEW + $voteOLD; $count = $countOLD + 1; $objResult = $objDatabase->Execute("\n UPDATE " . DBPREFIX . "module_directory_vote\n SET vote='" . contrexx_addslashes($vote) . "',\n count='" . contrexx_addslashes($count) . "',\n client='" . contrexx_addslashes($client) . "',\n time='" . contrexx_addslashes($time) . "'\n WHERE feed_id='" . contrexx_addslashes($id) . "'\n "); } else { $objResult = $objDatabase->Execute("\n INSERT INTO " . DBPREFIX . "module_directory_vote\n SET feed_id=" . contrexx_addslashes($id) . ",\n count='1',\n vote='" . contrexx_addslashes($voteNEW) . "',\n client='" . contrexx_addslashes($client) . "',\n time='" . contrexx_addslashes($time) . "'\n "); } } $title = $_ARRAYLANG['TXT_DIRECTORY_VOTING_SUCCESFULL']; // TODO: $feedTitle is not defined! No idea on what to place there. $link = '<a href="' . CONTREXX_SCRIPT_PATH . '?section=Directory&cmd=detail&id=' . $id . '" target="_blank">' . $feedTitle . '</a>'; // $link = '<a href="'.CONTREXX_SCRIPT_PATH.'?section=Directory&cmd=detail&id='.$id.'" target="_blank">???</a>'; $text = str_replace('%LINK%', $link, $_ARRAYLANG['TXT_DIRECTORY_VOTING_SUCCESFULL_TEXT']); $text = str_replace('%VOTE%', $voteNEW, $text); } else { $title = $_ARRAYLANG['TXT_DIRECTORY_VOTING_FAILED']; $text = $_ARRAYLANG['TXT_DIRECTORY_VOTING_FAILED_TEXT']; } //get navtree $this->getNavtree($lid, $cid); //get search $this->getSearch(); // set variables $this->_objTpl->setVariable(array('DIRECTORY_CATEGORY_NAVI' => $this->navtree, 'DIRECTORY_VOTE_TITLE' => $title, 'DIRECTORY_VOTE_TEXT' => $text, 'DIRECTORY_BACK' => '<a href="javascript:history.go(-1);">' . $_ARRAYLANG['TXT_DIRECTORY_BACK'] . '</a>', 'TXT_DIRECTORY_DIR' => $_ARRAYLANG['TXT_DIR_DIRECTORY'])); }
/** * Check if there already exist a form with this name * * @author Stefan Heinemann <*****@*****.**> * @param string $name * @param int $id * @param int $lang * @return boolean */ function isUniqueFormName($name, $lang, $id = 0) { global $objDatabase; $name = contrexx_addslashes($name); $query = "\n SELECT\n `f`.`id`\n FROM\n `" . DBPREFIX . "module_contact_form` AS `f`\n LEFT JOIN\n `" . DBPREFIX . "module_contact_form_lang` AS `l`\n ON\n `f`.`id` = `l`.`formID`\n AND\n `l`.`langID` = " . intval($lang) . "\n WHERE\n `l`.`name` = '" . $name . "'\n "; $res = $objDatabase->Execute($query); if ($id == 0) { return $res->RecordCount() == 0; } else { return $res->RecordCount() == 0 || $res->fields[$id] == $id; } // this is crap. Why does it always read all of the forms? // ok, admittedly, t's also crap to query the db for each language // ... but i don't f*****g care right now. /* if (is_array($this->arrForms)) { foreach ($this->arrForms as $formId => $arrForm) { if ($formId != $id && $arrForm['name'] == $name) { return false; } } } return true; */ }
/** * Set a value * * If the value doesn't exist yet, create it * @param string $what * @param string $value * @global $objDatabase * @throws DatabaseError */ public function set($what, $value) { global $objDatabase; $what = contrexx_addslashes($what); $value = contrexx_addslashes($value); if (!isset($this->settings[$what])) { $query = " INSERT INTO " . DBPREFIX . $this->table . "\n (name, value)\n VALUES\n ('" . $what . "', '" . $value . "')"; } else { $query = " UPDATE " . DBPREFIX . $this->table . "\n SET value = '" . $value . "'\n WHERE name = '" . $what . "'"; } if ($objDatabase->Execute($query) === false) { throw new DatabaseError(""); } }
/** * update selected file * @access public * @global array * @global ADONewConnection * @global array */ function updateFile($addedby) { global $_CONFIG, $objDatabase, $_ARRAYLANG; //get post data if (isset($_POST['edit_submit'])) { $dirId = intval($_POST['edit_id']); $query = "UPDATE " . DBPREFIX . "module_directory_dir SET "; foreach ($_POST["inputValue"] as $inputName => $inputValue) { switch ($inputName) { case 'lat': case 'lat_fraction': case 'lon': case 'lon_fraction': case 'zoom': continue 2; } //check links if ($inputName == "relatedlinks" || $inputName == "homepage" || $inputName == "link") { if (substr($inputValue, 0, 7) != "http://" && $inputValue != "") { $inputValue = "http://" . $inputValue; } } //check rss if ($inputName == "rss_link") { $objResultRSS = $objDatabase->SelectLimit("SELECT rss_link, rss_file FROM " . DBPREFIX . "module_directory_dir WHERE id = '" . $dirId . "'", 1); $oldRssLink = $objResultRSS->fields['rss_link']; $oldRssFile = $objResultRSS->fields['rss_file']; if ($inputValue != $oldRssLink) { $obj_file = new \File(); $obj_file->delFile($this->mediaPath, $this->mediaWebPath, "ext_feeds/" . $oldRssFile); //create rss $link = $inputValue; $rss_file = $this->createXML($link); if (substr($inputValue, 0, 7) != "http://" && $inputValue != "") { $inputValue = "http://" . $inputValue; } if ($rss_file == "error") { $inputValue = ""; $rss_file = ""; } } else { $inputValue = $oldRssLink; $rss_file = $oldRssLink; } } //get author id if ($inputName == "addedby") { if ($addedby != '') { $inputValue = $addedby; } else { $inputValue = $this->getAuthorID($inputValue); } } //check pics if ($inputName == "logo" || $inputName == "lokal" || $inputName == "map" || $inputName == "spez_field_11" || $inputName == "spez_field_12" || $inputName == "spez_field_13" || $inputName == "spez_field_14" || $inputName == "spez_field_15" || $inputName == "spez_field_16" || $inputName == "spez_field_17" || $inputName == "spez_field_18" || $inputName == "spez_field_19" || $inputName == "spez_field_20") { if (!empty($_FILES[$inputName]['name']) || $_POST["deleteMedia"][$inputName] == 1) { $obj_file = new \File(); //thumb if (file_exists($this->mediaPath . "thumbs/" . $_POST["inputValue"][$inputName])) { $obj_file->delFile($this->mediaPath, $this->mediaWebPath, "thumbs/" . $_POST["inputValue"][$inputName]); } //picture if (file_exists($this->mediaPath . "images/" . $_POST["inputValue"][$inputName]) && $_POST["inputValue"][$inputName] != 'no_picture.gif') { $obj_file->delFile($this->mediaPath, $this->mediaWebPath, "images/" . $_POST["inputValue"][$inputName]); } if ($_POST["deleteMedia"][$inputName] != 1) { $inputValue = $this->uploadMedia($inputName, "images/"); if ($inputValue == "error") { $inputValue = ""; } } else { $inputValue = ""; } } } //check uploads $arrSpezialUploadFields = array('attachment', 'spez_field_25', 'spez_field_26', 'spez_field_27', 'spez_field_28', 'spez_field_29'); if (in_array($inputName, $arrSpezialUploadFields)) { if (!empty($_FILES[$inputName]['name']) || $_POST["deleteMedia"][$inputName] == 1) { $obj_file = new \File(); //upload if (file_exists($this->mediaPath . "uploads/" . $_POST["inputValue"][$inputName])) { $obj_file->delFile($this->mediaPath, $this->mediaWebPath, "uploads/" . $_POST["inputValue"][$inputName]); } if ($_POST["deleteMedia"][$inputName] != 1) { $inputValue = $this->uploadMedia($inputName, "uploads/"); if ($inputValue == "error") { $inputValue = ""; } } else { $inputValue = ""; } } else { $inputValue = ""; } } /* * spezial upload fields must be updated only when new file is uploaded or old one is deleted * other input types must be updated unconditionally. */ if (!in_array($inputName, $arrSpezialUploadFields)) { $query .= contrexx_addslashes($inputName) . " ='" . contrexx_strip_tags(contrexx_addslashes($inputValue)) . "', "; } else { if (in_array($inputName, $arrSpezialUploadFields) && (!empty($_FILES[$inputName]['name']) || $_POST["deleteMedia"][$inputName] == 1)) { $query .= contrexx_addslashes($inputName) . " ='" . contrexx_strip_tags(contrexx_addslashes($inputValue)) . "', "; } } } //get status settings $objResult = $objDatabase->Execute("SELECT setvalue FROM " . DBPREFIX . "module_directory_settings WHERE setname = 'editFeed_status' LIMIT 1"); if ($objResult !== false) { while (!$objResult->EOF) { $entryStatus = $objResult->fields['setvalue']; $objResult->MoveNext(); } } //numbers could be too big for intavl(), use contrexx_addslashes() instead... $query .= " premium='" . $_POST["premium"] . "', status='" . intval($entryStatus) . "', validatedate='" . mktime("now") . "', longitude='" . contrexx_addslashes($_REQUEST['inputValue']['lon']) . '.' . contrexx_addslashes($_POST['inputValue']['lon_fraction']) . "', latitude='" . contrexx_addslashes($_REQUEST['inputValue']['lat']) . '.' . contrexx_addslashes($_REQUEST['inputValue']['lat_fraction']) . "', zoom='" . intval($_REQUEST['inputValue']['zoom']) . "' WHERE id='" . $dirId . "'"; //edit entry $objResult = $objDatabase->Execute($query); if ($objResult !== false) { $objResult = $objDatabase->Execute("DELETE FROM " . DBPREFIX . "module_directory_rel_dir_cat WHERE dir_id='" . $dirId . "'"); $objResult = $objDatabase->Execute("DELETE FROM " . DBPREFIX . "module_directory_rel_dir_level WHERE dir_id='" . $dirId . "'"); foreach ($_POST["selectedCat"] as $inputName => $inputValue) { $query = "INSERT INTO " . DBPREFIX . "module_directory_rel_dir_cat SET dir_id='" . $dirId . "', cat_id='" . $inputValue . "'"; $objDatabase->query($query); } foreach ($_POST["selectedLevel"] as $inputName => $inputValue) { $query = "INSERT INTO " . DBPREFIX . "module_directory_rel_dir_level SET dir_id='" . $dirId . "', level_id='" . $inputValue . "'"; $objDatabase->query($query); } if ($entryStatus == 1) { // TODO: $id is never set! $this->confirmEntry_step2($id); } $this->strOkMessage = $_ARRAYLANG['TXT_FEED_SUCCESSFULL_ADDED']; $status = $dirId; $this->createRSS(); } //update xml $this->createRSS(); return $status; } return false; }
function _editMail($copy = false) { global $objDatabase, $_ARRAYLANG, $_CONFIG; $mailId = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0; $arrAttachment = array(); $attachmentNr = 0; $arrAssociatedLists = array(); $arrAssociatedGroups = array(); $status = true; $mailSubject = isset($_POST['newsletter_mail_subject']) ? contrexx_stripslashes($_POST['newsletter_mail_subject']) : ''; $objMailSentDate = $objDatabase->Execute("SELECT `date_sent` FROM " . DBPREFIX . "module_newsletter WHERE id=" . $mailId); $mailSendDate = $objMailSentDate ? $objMailSentDate->fields['date_sent'] : 0; $arrTemplates = $this->_getTemplates(); $mailTemplate = isset($_POST['newsletter_mail_template']) ? intval($_POST['newsletter_mail_template']) : key($arrTemplates); if (isset($_POST['newsletter_import_template'])) { $importTemplate = intval($_POST['newsletter_import_template']); } if (isset($_POST['newsletter_mail_html_content'])) { $mailHtmlContent = $this->_getBodyContent(contrexx_input2raw($_POST['newsletter_mail_html_content'])); } elseif (isset($_POST['selected'])) { $selectedNews = contrexx_input2db($_POST['selected']); $HTML_TemplateSource_Import = $this->_getBodyContent($this->_prepareNewsPreview($this->GetTemplateSource($importTemplate, 'html'))); $_REQUEST['standalone'] = true; $this->_impTpl = new \Cx\Core\Html\Sigma(); \Cx\Core\Csrf\Controller\Csrf::add_placeholder($this->_impTpl); $this->_impTpl->setTemplate($HTML_TemplateSource_Import); $query = ' SELECT n.id AS newsid, n.userid AS newsuid, n.date AS newsdate, n.teaser_image_path, n.teaser_image_thumbnail_path, n.redirect, n.publisher, n.publisher_id, n.author, n.author_id, n.catid, nl.title AS newstitle, nl.text AS newscontent, nl.teaser_text, nc.name AS name FROM ' . DBPREFIX . 'module_news AS n INNER JOIN ' . DBPREFIX . 'module_news_locale AS nl ON nl.news_id = n.id INNER JOIN ' . DBPREFIX . 'module_news_categories_locale AS nc ON nc.category_id=n.catid WHERE status = 1 AND nl.is_active=1 AND nl.lang_id=' . FRONTEND_LANG_ID . ' AND nc.lang_id=' . FRONTEND_LANG_ID . ' AND n.id IN (' . $selectedNews . ') ORDER BY nc.name ASC, n.date DESC'; $objFWUser = \FWUser::getFWUserObject(); $objNews = $objDatabase->Execute($query); $current_category = ''; if ($this->_impTpl->blockExists('news_list')) { if ($objNews !== false) { while (!$objNews->EOF) { $this->_impTpl->setVariable(array('NEWS_CATEGORY_NAME' => $objNews->fields['name'])); if ($current_category == $objNews->fields['catid']) { $this->_impTpl->hideBlock("news_category"); } $current_category = $objNews->fields['catid']; $newsid = $objNews->fields['newsid']; $newstitle = $objNews->fields['newstitle']; $newsUrl = empty($objNews->fields['redirect']) ? empty($objNews->fields['newscontent']) ? '' : 'index.php?section=News&cmd=details&newsid=' . $newsid : $objNews->fields['redirect']; $newstext = ltrim(strip_tags($objNews->fields['newscontent'])); $newsteasertext = ltrim(strip_tags($objNews->fields['teaser_text'])); $newslink = "[[" . \Cx\Core\ContentManager\Model\Entity\Page::PLACEHOLDER_PREFIX . "NEWS_DETAILS]]?newsid=" . $newsid; if ($objNews->fields['newsuid'] && ($objUser = $objFWUser->objUser->getUser($objNews->fields['newsuid']))) { $author = htmlentities($objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET); } else { $author = $_ARRAYLANG['TXT_ANONYMOUS']; } list($image, $htmlLinkImage, $imageSource) = \Cx\Core_Modules\News\Controller\NewsLibrary::parseImageThumbnail($objNews->fields['teaser_image_path'], $objNews->fields['teaser_image_thumbnail_path'], $newstitle, $newsUrl); $this->_impTpl->setVariable(array('NEWS_CATEGORY_NAME' => $objNews->fields['name'], 'NEWS_DATE' => date(ASCMS_DATE_FORMAT_DATE, $objNews->fields['newsdate']), 'NEWS_LONG_DATE' => date(ASCMS_DATE_FORMAT_DATETIME, $objNews->fields['newsdate']), 'NEWS_TITLE' => contrexx_raw2xhtml($newstitle), 'NEWS_URL' => $newslink, 'NEWS_TEASER_TEXT' => $newsteasertext, 'NEWS_TEXT' => $newstext, 'NEWS_AUTHOR' => $author)); $imageTemplateBlock = "news_image"; if (!empty($image)) { $this->_impTpl->setVariable(array('NEWS_IMAGE' => $image, 'NEWS_IMAGE_SRC' => contrexx_raw2xhtml($imageSource), 'NEWS_IMAGE_ALT' => contrexx_raw2xhtml($newstitle), 'NEWS_IMAGE_LINK' => $htmlLinkImage)); if ($this->_impTpl->blockExists($imageTemplateBlock)) { $this->_impTpl->parse($imageTemplateBlock); } } else { if ($this->_impTpl->blockExists($imageTemplateBlock)) { $this->_impTpl->hideBlock($imageTemplateBlock); } } $this->_impTpl->parse("news_list"); $objNews->MoveNext(); } } $mailHtmlContent = $this->_impTpl->get(); } else { if ($objNews !== false) { $mailHtmlContent = ''; while (!$objNews->EOF) { $content = $this->_getBodyContent($this->GetTemplateSource($importTemplate, 'html')); $newstext = ltrim(strip_tags($objNews->fields['newscontent'])); $newsteasertext = ltrim(strip_tags($objNews->fields['teaser_text'])); $newslink = \Cx\Core\Routing\Url::fromModuleAndCmd('News', 'details', '', array('newsid' => $objNews->fields['newsid'])); if ($objNews->fields['newsuid'] && ($objUser = $objFWUser->objUser->getUser($objNews->fields['newsuid']))) { $author = htmlentities($objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET); } else { $author = $_ARRAYLANG['TXT_ANONYMOUS']; } $search = array('[[NEWS_DATE]]', '[[NEWS_LONG_DATE]]', '[[NEWS_TITLE]]', '[[NEWS_URL]]', '[[NEWS_IMAGE_PATH]]', '[[NEWS_TEASER_TEXT]]', '[[NEWS_TEXT]]', '[[NEWS_AUTHOR]]', '[[NEWS_TYPE_NAME]]', '[[NEWS_CATEGORY_NAME]]'); $replace = array(date(ASCMS_DATE_FORMAT_DATE, $objNews->fields['newsdate']), date(ASCMS_DATE_FORMAT_DATETIME, $objNews->fields['newsdate']), $objNews->fields['newstitle'], $newslink, htmlentities($objNews->fields['teaser_image_thumbnail_path'], ENT_QUOTES, CONTREXX_CHARSET), $newsteasertext, $newstext, $author, $objNews->fields['typename'], $objNews->fields['name']); $content = str_replace($search, $replace, $content); if ($mailHtmlContent != '') { $mailHtmlContent .= "<br/>" . $content; } else { $mailHtmlContent = $content; } $objNews->MoveNext(); } } } unset($_REQUEST['standalone']); } else { $mailHtmlContent = ''; } if (isset($_POST['newsletter_mail_attachment']) && is_array($_POST['newsletter_mail_attachment'])) { foreach ($_POST['newsletter_mail_attachment'] as $attachment) { array_push($arrAttachment, contrexx_addslashes($attachment)); } } if (isset($_POST['newsletter_mail_priority'])) { $mailPriority = intval($_POST['newsletter_mail_priority']); if ($mailPriority < 1 || $mailPriority > 5) { $mailPriority = $this->_stdMailPriority; } } else { $mailPriority = $this->_stdMailPriority; } if (isset($_POST['newsletter_mail_associated_list'])) { foreach ($_POST['newsletter_mail_associated_list'] as $listId => $status) { if (intval($status) == 1) { array_push($arrAssociatedLists, intval($listId)); } } } // get the associated groups from the post variables in case the form was already sent if (isset($_POST['newsletter_mail_associated_group'])) { foreach ($_POST['newsletter_mail_associated_group'] as $groupID => $status) { if ($status) { $arrAssociatedGroups[] = intval($groupID); } } } $arrSettings = $this->_getSettings(); $mailSenderMail = isset($_POST['newsletter_mail_sender_mail']) ? contrexx_stripslashes($_POST['newsletter_mail_sender_mail']) : $arrSettings['sender_mail']['setvalue']; $mailSenderName = isset($_POST['newsletter_mail_sender_name']) ? contrexx_stripslashes($_POST['newsletter_mail_sender_name']) : $arrSettings['sender_name']['setvalue']; $mailReply = isset($_POST['newsletter_mail_sender_reply']) ? contrexx_stripslashes($_POST['newsletter_mail_sender_reply']) : $arrSettings['reply_mail']['setvalue']; $mailSmtpServer = isset($_POST['newsletter_mail_smtp_account']) ? intval($_POST['newsletter_mail_smtp_account']) : $_CONFIG['coreSmtpServer']; $this->_objTpl->loadTemplateFile('module_newsletter_mail_edit.html'); $this->_pageTitle = $mailId > 0 ? $copy ? $_ARRAYLANG['TXT_NEWSLETTER_COPY_EMAIL'] : $_ARRAYLANG['TXT_NEWSLETTER_MODIFY_EMAIL'] : $_ARRAYLANG['TXT_NEWSLETTER_CREATE_NEW_EMAIL']; $this->_objTpl->setVariable(array('NEWSLETTER_MAIL_EDIT_TITLE' => $mailId > 0 ? $copy ? $_ARRAYLANG['TXT_NEWSLETTER_COPY_EMAIL'] : $_ARRAYLANG['TXT_NEWSLETTER_MODIFY_EMAIL'] : $_ARRAYLANG['TXT_NEWSLETTER_CREATE_NEW_EMAIL'])); $cx = \Cx\Core\Core\Controller\Cx::instanciate(); if (isset($_POST['newsletter_mail_save'])) { $objAttachment = $objDatabase->Execute("SELECT file_name FROM " . DBPREFIX . "module_newsletter_attachment WHERE newsletter=" . $mailId); if ($objAttachment !== false) { $arrCurrentAttachments = array(); while (!$objAttachment->EOF) { array_push($arrCurrentAttachments, $cx->getWebsiteImagesAttachWebPath() . '/' . $objAttachment->fields['file_name']); $objAttachment->MoveNext(); } $arrNewAttachments = array_diff($arrAttachment, $arrCurrentAttachments); $arrRemovedAttachments = array_diff($arrCurrentAttachments, $arrAttachment); } $mailHtmlContentReplaced = preg_replace('/\\[\\[([A-Z0-9_]*?)\\]\\]/', '{\\1}', $mailHtmlContent); $mailHtmlContentReplaced = $this->_getBodyContent($mailHtmlContentReplaced); if ($mailId > 0) { $status = $this->_updateMail($mailId, $mailSubject, $mailTemplate, $mailSenderMail, $mailSenderName, $mailReply, $mailSmtpServer, $mailPriority, $arrAttachment, $mailHtmlContentReplaced); } else { $mailId = $this->_addMail($mailSubject, $mailTemplate, $mailSenderMail, $mailSenderName, $mailReply, $mailSmtpServer, $mailPriority, $arrAttachment, $mailHtmlContentReplaced); if ($mailId === false) { $status = false; } } if ($status) { // prepare every link of HTML body for tracking function $this->_prepareNewsletterLinksForStore($mailId); $this->_setMailLists($mailId, $arrAssociatedLists, $mailSendDate); $this->setMailGroups($mailId, $arrAssociatedGroups, $mailSendDate); foreach ($arrNewAttachments as $attachment) { $this->_addMailAttachment($attachment, $mailId); } foreach ($arrRemovedAttachments as $attachment) { $this->_removeMailAttachment($attachment, $mailId); } self::$strOkMessage .= $_ARRAYLANG['TXT_DATA_RECORD_STORED_SUCCESSFUL']; if (isset($_GET['sendMail']) && $_GET['sendMail'] == '1') { return $this->_sendMailPage(); } else { return $this->_mails(); } } } elseif ((!isset($_GET['setFormat']) || $_GET['setFormat'] != '1') && $mailId > 0) { $objResult = $objDatabase->SelectLimit("SELECT\n subject,\n template,\n content,\n attachment,\n priority,\n sender_email,\n sender_name,\n return_path,\n smtp_server\n FROM " . DBPREFIX . "module_newsletter\n WHERE id=" . $mailId, 1); if ($objResult !== false) { if ($objResult->RecordCount() == 1) { $mailSubject = $objResult->fields['subject']; $mailTemplate = $objResult->fields['template']; $mailHtmlContent = preg_replace('/\\{([A-Z0-9_-]+)\\}/', '[[\\1]]', $objResult->fields['content']); $mailPriority = $objResult->fields['priority']; $mailSenderMail = $objResult->fields['sender_email']; $mailSenderName = $objResult->fields['sender_name']; $mailReply = $objResult->fields['return_path']; $mailSmtpServer = $objResult->fields['smtp_server']; $objList = $objDatabase->Execute("SELECT category FROM " . DBPREFIX . "module_newsletter_rel_cat_news WHERE newsletter=" . $mailId); if ($objList !== false) { while (!$objList->EOF) { array_push($arrAssociatedLists, $objList->fields['category']); $objList->MoveNext(); } } $arrAssociatedGroups = $this->emailEditGetAssociatedGroups($mailId); if ($objResult->fields['attachment'] == '1') { $objAttachment = $objDatabase->Execute("SELECT file_name FROM " . DBPREFIX . "module_newsletter_attachment WHERE newsletter=" . $mailId); if ($objAttachment !== false) { while (!$objAttachment->EOF) { array_push($arrAttachment, $cx->getWebsiteImagesAttachWebPath() . '/' . $objAttachment->fields['file_name']); $objAttachment->MoveNext(); } } } } else { return $this->_mails(); } } } else { $arrSettings = $this->_getSettings(); $mailSenderMail = $arrSettings['sender_mail']['setvalue']; $mailSenderName = $arrSettings['sender_name']['setvalue']; $mailReply = $arrSettings['reply_mail']['setvalue']; $mailSmtpServer = $_CONFIG['coreSmtpServer']; if (!empty($_POST['textfield'])) { $mailHtmlContent = nl2br($_POST['textfield']); } } $act = $copy ? 'copyMail' : 'editMail'; // remove newsletter_link_N value from rel attribute of the links if ($copy) { $mailHtmlContent = $this->_prepareNewsletterLinksForCopy($mailHtmlContent); } $this->_objTpl->setVariable(array('NEWSLETTER_MAIL_ID' => $copy ? 0 : $mailId, 'NEWSLETTER_MAIL_SUBJECT' => htmlentities($mailSubject, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_MAIL_HTML_CONTENT' => new \Cx\Core\Wysiwyg\Wysiwyg('newsletter_mail_html_content', contrexx_raw2xhtml($mailHtmlContent), 'fullpage'), 'NEWSLETTER_MAIL_PRIORITY_MENU' => $this->_getMailPriorityMenu($mailPriority, 'name="newsletter_mail_priority" style="width:300px;"'), 'NEWSLETTER_MAIL_TEMPLATE_MENU' => $this->_getTemplateMenu($mailTemplate, 'name="newsletter_mail_template" style="width:300px;" onchange="document.getElementById(\'newsletter_mail_form\').action=\'index.php?cmd=Newsletter&act=' . $act . '&id=' . $mailId . '&setFormat=1\';document.getElementById(\'newsletter_mail_form\').submit()"'), 'NEWSLETTER_MAIL_SENDER_MAIL' => htmlentities($mailSenderMail, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_MAIL_SENDER_NAME' => htmlentities($mailSenderName, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_MAIL_REPLY' => htmlentities($mailReply, ENT_QUOTES, CONTREXX_CHARSET), 'NEWSLETTER_MAIL_SMTP_SERVER' => \SmtpSettings::getSmtpAccountMenu($mailSmtpServer, 'name="newsletter_mail_smtp_account" style="width:300px;"'), 'NEWSLETTER_MAIL_SEND' => $_GET['act'] == 'sendMail' ? 1 : 0)); $this->_objTpl->setVariable('TXT_NEWSLETTER_HTML_UC', $_ARRAYLANG['TXT_NEWSLETTER_HTML_UC']); $this->_objTpl->touchBlock('newsletter_mail_html_content'); $this->emailEditParseLists($arrAssociatedLists); $this->emailEditParseGroups($arrAssociatedGroups); if (count($arrAttachment) > 0) { foreach ($arrAttachment as $attachment) { $this->_objTpl->setVariable(array('NEWSLETTER_MAIL_ATTACHMENT_NR' => $attachmentNr, 'NEWSLETTER_MAIL_ATTACHMENT_NAME' => substr($attachment, strrpos($attachment, '/') + 1), 'NEWSLETTER_MAIL_ATTACHMENT_URL' => $attachment)); $this->_objTpl->parse('newsletter_mail_attachment_list'); $attachmentNr++; } } else { $this->_objTpl->hideBlock('newsletter_mail_attachment_list'); } $this->_objTpl->setVariable(array('NEWSLETTER_MAIL_ATTACHMENT_NR' => $attachmentNr, 'NEWSLETTER_MAIL_ATTACHMENT_BOX' => $attachmentNr > 0 ? 'block' : 'none')); if (!$copy && $mailId > 0 && $mailSendDate > 0) { $this->_objTpl->touchBlock('associatedListToolTip'); $this->_objTpl->touchBlock('associatedGroupToolTipAfterSent'); $this->_objTpl->hideBlock('associatedGroupToolTipBeforeSend'); $this->_objTpl->setVariable(array('TXT_NEWSLETTER_INFO_ABOUT_ASSOCIATED_LISTS' => $_ARRAYLANG['TXT_NEWSLETTER_INFO_ABOUT_ASSOCIATED_LISTS'], 'NEWSLETTER_LIST_DISABLED' => 'disabled="disabled"')); } else { $this->_objTpl->setVariable(array('TXT_NEWSLETTER_INFO_ABOUT_ASSOCIATED_LISTS_SEND' => $_ARRAYLANG['TXT_NEWSLETTER_INFO_ABOUT_ASSOCIATED_LISTS_SEND'])); $this->_objTpl->hideBlock('associatedListToolTip'); $this->_objTpl->hideBlock('associatedGroupToolTipAfterSent'); $this->_objTpl->touchBlock('associatedGroupToolTipBeforeSend'); } // Mediabrowser $mediaBrowser = new \Cx\Core_Modules\MediaBrowser\Model\Entity\MediaBrowser(); $mediaBrowser->setOptions(array('data-cx-mb-views' => 'filebrowser', 'type' => 'button')); $mediaBrowser->setCallback('mediaBrowserCallback'); $this->_objTpl->setVariable(array('NEWSLETTER_ATTACH_FILE' => $mediaBrowser->getXHtml($_ARRAYLANG['TXT_NEWSLETTER_ATTACH_FILE']))); $this->_objTpl->setVariable(array('TXT_NEWSLETTER_EMAIL_ACCOUNT' => $_ARRAYLANG['TXT_NEWSLETTER_EMAIL_ACCOUNT'], 'TXT_NEWSLETTER_SUBJECT' => $_ARRAYLANG['TXT_NEWSLETTER_SUBJECT'], 'TXT_NEWSLETTER_SEND_AS' => $_ARRAYLANG['TXT_NEWSLETTER_SEND_AS'], 'TXT_NEWSLETTER_TEMPLATE' => $_ARRAYLANG['TXT_NEWSLETTER_TEMPLATE'], 'TXT_NEWSLETTER_SENDER' => $_ARRAYLANG['TXT_NEWSLETTER_SENDER'], 'TXT_NEWSLETTER_EMAIL' => $_ARRAYLANG['TXT_NEWSLETTER_EMAIL'], 'TXT_NEWSLETTER_URI' => $_ARRAYLANG['TXT_NEWSLETTER_URI'], 'TXT_NEWSLETTER_NAME' => $_ARRAYLANG['TXT_NEWSLETTER_NAME'], 'TXT_NEWSLETTER_REPLY_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_REPLY_ADDRESS'], 'TXT_NEWSLETTER_PRIORITY' => $_ARRAYLANG['TXT_NEWSLETTER_PRIORITY'], 'TXT_NEWSLETTER_PRIORITY' => $_ARRAYLANG['TXT_NEWSLETTER_PRIORITY'], 'TXT_NEWSLETTER_ATTACH' => $_ARRAYLANG['TXT_NEWSLETTER_ATTACH'], 'TXT_NEWSLETTER_DISPLAY_FILE' => $_ARRAYLANG['TXT_NEWSLETTER_DISPLAY_FILE'], 'TXT_NEWSLETTER_REMOVE_FILE' => $_ARRAYLANG['TXT_NEWSLETTER_REMOVE_FILE'], 'TXT_NEWSLETTER_HTML_CONTENT' => $_ARRAYLANG['TXT_NEWSLETTER_HTML_CONTENT'], 'TXT_NEWSLETTER_PLACEHOLDER_DIRECTORY' => $_ARRAYLANG['TXT_NEWSLETTER_PLACEHOLDER_DIRECTORY'], 'TXT_NEWSLETTER_USER_DATA' => $_ARRAYLANG['TXT_NEWSLETTER_USER_DATA'], 'TXT_NEWSLETTER_EMAIL_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_EMAIL_ADDRESS'], 'TXT_NEWSLETTER_SEX' => $_ARRAYLANG['TXT_NEWSLETTER_SEX'], 'TXT_NEWSLETTER_SALUTATION' => $_ARRAYLANG['TXT_NEWSLETTER_SALUTATION'], 'TXT_NEWSLETTER_TITLE' => $_ARRAYLANG['TXT_NEWSLETTER_TITLE'], 'TXT_NEWSLETTER_POSITION' => $_ARRAYLANG['TXT_NEWSLETTER_POSITION'], 'TXT_NEWSLETTER_COMPANY' => $_ARRAYLANG['TXT_NEWSLETTER_COMPANY'], 'TXT_NEWSLETTER_INDUSTRY_SECTOR' => $_ARRAYLANG['TXT_NEWSLETTER_INDUSTRY_SECTOR'], 'TXT_NEWSLETTER_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_ADDRESS'], 'TXT_NEWSLETTER_PHONE_PRIVATE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_PRIVATE'], 'TXT_NEWSLETTER_PHONE_MOBILE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE_MOBILE'], 'TXT_NEWSLETTER_FAX' => $_ARRAYLANG['TXT_NEWSLETTER_FAX'], 'TXT_NEWSLETTER_WEBSITE' => $_ARRAYLANG['TXT_NEWSLETTER_WEBSITE'], 'TXT_NEWSLETTER_LASTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_LASTNAME'], 'TXT_NEWSLETTER_FIRSTNAME' => $_ARRAYLANG['TXT_NEWSLETTER_FIRSTNAME'], 'TXT_NEWSLETTER_ADDRESS' => $_ARRAYLANG['TXT_NEWSLETTER_ADDRESS'], 'TXT_NEWSLETTER_ZIP' => $_ARRAYLANG['TXT_NEWSLETTER_ZIP'], 'TXT_NEWSLETTER_CITY' => $_ARRAYLANG['TXT_NEWSLETTER_CITY'], 'TXT_NEWSLETTER_COUNTRY' => $_ARRAYLANG['TXT_NEWSLETTER_COUNTRY'], 'TXT_NEWSLETTER_PHONE' => $_ARRAYLANG['TXT_NEWSLETTER_PHONE'], 'TXT_NEWSLETTER_BIRTHDAY' => $_ARRAYLANG['TXT_NEWSLETTER_BIRTHDAY'], 'TXT_NEWSLETTER_GENERAL' => $_ARRAYLANG['TXT_NEWSLETTER_GENERAL'], 'TXT_NEWSLETTER_MODIFY_PROFILE' => $_ARRAYLANG['TXT_NEWSLETTER_MODIFY_PROFILE'], 'TXT_NEWSLETTER_UNSUBSCRIBE' => $_ARRAYLANG['TXT_NEWSLETTER_UNSUBSCRIBE'], 'TXT_NEWSLETTER_PLACEHOLDER_NOT_ON_BROWSER_VIEW' => $_ARRAYLANG['TXT_NEWSLETTER_PLACEHOLDER_NOT_ON_BROWSER_VIEW'], 'TXT_NEWSLETTER_DATE' => $_ARRAYLANG['TXT_NEWSLETTER_DATE'], 'TXT_NEWSLETTER_DISPLAY_IN_BROWSER_LINK' => $_ARRAYLANG['TXT_NEWSLETTER_DISPLAY_IN_BROWSER_LINK'], 'TXT_NEWSLETTER_SUBJECT' => $_ARRAYLANG['TXT_NEWSLETTER_SUBJECT'], 'TXT_NEWSLETTER_SAVE' => $_ARRAYLANG['TXT_NEWSLETTER_SAVE'], 'TXT_NEWSLETTER_BACK' => $_ARRAYLANG['TXT_NEWSLETTER_BACK'], 'TXT_NEWSLETTER_CONFIRM_EMPTY_TEXT' => $_ARRAYLANG['TXT_NEWSLETTER_CONFIRM_EMPTY_TEXT'])); return true; }
/** * show thread * * @param integer $intThreadId * @return bool */ function showThread($intThreadId) { global $objDatabase, $_ARRAYLANG; $objFWUser = \FWUser::getFWUserObject(); $this->_communityLogin(); $intThreadId = intval($intThreadId); if (!empty($_REQUEST['notification_update']) && $_REQUEST['notification_update'] == $_ARRAYLANG['TXT_FORUM_UPDATE_NOTIFICATION']) { $this->_updateNotification($intThreadId); } $intCatId = !empty($_REQUEST['category_id']) ? intval($_REQUEST['category_id']) : '0'; if ($intCatId == 0) { $intCatId = $this->_getCategoryIdFromThread($intThreadId); } if (empty($intCatId)) { \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum'); die; } if ($objFWUser->objUser->login()) { $this->_objTpl->touchBlock('notificationRow'); } else { $this->_objTpl->hideBlock('notificationRow'); } $intPostId = !empty($_REQUEST['postid']) ? intval($_REQUEST['postid']) : 0; $intPostId = $intPostId == 0 && !empty($_REQUEST['post_id']) ? intval($_REQUEST['post_id']) : $intPostId; $this->_objTpl->setVariable('FORUM_EDIT_POST_ID', $intPostId); $_REQUEST['act'] = !empty($_REQUEST['act']) ? $_REQUEST['act'] : ''; if ($_REQUEST['act'] == 'delete') { if ($this->_checkAuth($intCatId, 'delete')) { if ($this->_deletePost($intCatId, $intThreadId, $_REQUEST['postid'])) { $this->_objTpl->setVariable('TXT_FORUM_SUCCESS', '<br />' . $_ARRAYLANG['TXT_FORUM_DELETED_SUCCESSFULLY']); } else { $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_DELETE_FAILED']); } } else { $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); } } $pos = !empty($_REQUEST['pos']) ? intval($_REQUEST['pos']) : 0; $this->_objTpl->setVariable(array('FORUM_PAGING_POS' => $pos)); if (!empty($_REQUEST['preview_new'])) { $pos = $this->_getLastPos($intPostId, $intThreadId); } if (!empty($_REQUEST['postid'])) { if ($_REQUEST['act'] == 'quote') { $pos = $this->_getLastPos($intPostId, $intThreadId); } if ($_REQUEST['act'] == 'edit') { $pos = $this->_getEditPos($intPostId, $intThreadId); } } if (!empty($_REQUEST['l']) && $_REQUEST['l'] == 1) { $pos = $this->_getEditPos($intPostId, $intThreadId); } $arrPosts = $this->createPostArray($intThreadId, $pos); if (!empty($_REQUEST['preview_edit']) && $_REQUEST['post_id'] != 0 && $_REQUEST['act'] != 'quote') { $intPostId = intval($intPostId); $pos = $this->_getEditPos($intPostId, $intThreadId); $arrPosts = $this->createPostArray($intThreadId, $pos); $arrPosts[$intPostId]['subject'] = !empty($_REQUEST['subject']) ? contrexx_strip_tags($_REQUEST['subject']) : $_ARRAYLANG['TXT_FORUM_NO_SUBJECT']; $arrPosts[$intPostId]['content'] = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput(contrexx_input2raw($_REQUEST['message'])); } $userId = $objFWUser->objUser->login() ? $objFWUser->objUser->getId() : 0; $icon = !empty($_REQUEST['icons']) ? intval($_REQUEST['icons']) : 1; if ($_REQUEST['act'] == 'edit') { //submit is an edit $arrEditedPost = $this->_getPostingData($intPostId); $subject = addcslashes(htmlentities($arrEditedPost['subject'], ENT_QUOTES, CONTREXX_CHARSET), '\\'); $content = $arrEditedPost['content']; $keywords = addcslashes(htmlentities($arrEditedPost['keywords'], ENT_QUOTES, CONTREXX_CHARSET), '\\'); $attachment = $arrEditedPost['attachment']; $this->_objTpl->setVariable('FORUM_POST_EDIT_USERID', $arrPosts[$intPostId]['user_id']); if (!empty($attachment)) { $this->_objTpl->setVariable('TXT_FORUM_DELETE_ATTACHMENT', sprintf($_ARRAYLANG['TXT_FORUM_DELETE_ATTACHMENT'], $attachment)); } $this->_objTpl->touchBlock('updatePost'); $this->_objTpl->hideBlock('createPost'); $this->_objTpl->hideBlock('previewNewPost'); $this->_objTpl->touchBlock('previewEditPost'); } else { //new post if ($this->_objTpl->blockExists('delAttachment')) { $this->_objTpl->hideBlock('delAttachment'); } $subject = !empty($_REQUEST['subject']) ? contrexx_strip_tags($_REQUEST['subject']) : ''; $content = !empty($_REQUEST['message']) ? contrexx_input2raw(strip_tags($_REQUEST['message'])) : ''; $keywords = !empty($_REQUEST['keywords']) ? contrexx_strip_tags($_REQUEST['keywords']) : ''; $attachment = !empty($_REQUEST['attachment']) ? contrexx_strip_tags($_REQUEST['attachment']) : ''; $this->_objTpl->touchBlock('createPost'); $this->_objTpl->hideBlock('updatePost'); $this->_objTpl->touchBlock('previewNewPost'); $this->_objTpl->hideBlock('previewEditPost'); } if ($_REQUEST['act'] == 'quote') { $quoteContent = $this->_getPostingData($intPostId); $subject = 'RE: ' . addcslashes(htmlentities($quoteContent['subject'], ENT_QUOTES, CONTREXX_CHARSET), '\\'); $content = '[quote=' . $arrPosts[$intPostId]['user_name'] . ']' . strip_tags($quoteContent['content']) . '[/quote]'; } $firstPost = current($arrPosts); if ($this->_arrSettings['wysiwyg_editor'] == 1) { //IF WYSIWIG enabled.. $strMessageInputHTML = new \Cx\Core\Wysiwyg\Wysiwyg('message', $content, 'bbcode'); } else { //plain textarea $strMessageInputHTML = '<textarea style="width: 400px; height: 150px;" rows="5" cols="10" name="message">' . contrexx_raw2xhtml($content) . '</textarea>'; } $this->_objTpl->setGlobalVariable(array('FORUM_JAVASCRIPT_GOTO' => $this->getJavascript('goto'), 'FORUM_JAVASCRIPT_DELETE' => $this->getJavascript('deletePost'), 'FORUM_JAVASCRIPT_SCROLLTO' => $this->getJavascript('scrollto'), 'FORUM_SCROLLPOS' => !empty($_REQUEST['scrollpos']) ? intval($_REQUEST['scrollpos']) : '0', 'FORUM_JAVASCRIPT_INSERT_TEXT' => $this->getJavascript('insertText', array($intCatId, $intThreadId, $firstPost)), 'FORUM_NAME' => $this->_shortenString($firstPost['subject'], $this->_maxStringlength), 'FORUM_TREE' => $this->_createNavTree($intCatId) . '<a title="' . $this->_arrTranslations[$intCatId][$this->_intLangId]['name'] . '" href="index.php?section=Forum&cmd=board&id=' . $intCatId . '">' . $this->_shortenString($this->_arrTranslations[$intCatId][$this->_intLangId]['name'], $this->_maxStringlength) . '</a> > ', 'FORUM_DROPDOWN' => $this->createForumDD('forum_quickaccess', $intCatId, 'onchange="gotoForum(this);"', ''), 'TXT_FORUM_COMMA_SEPARATED_KEYWORDS' => $_ARRAYLANG['TXT_FORUM_COMMA_SEPARATED_KEYWORDS'], 'TXT_FORUM_KEYWORDS' => $_ARRAYLANG['TXT_FORUM_KEYWORDS'], 'TXT_FORUM_FILE_ATTACHMENT' => $_ARRAYLANG['TXT_FORUM_FILE_ATTACHMENT'], 'TXT_FORUM_RATING' => $_ARRAYLANG['TXT_FORUM_RATING'], 'TXT_FORUM_ADD_POST' => $_ARRAYLANG['TXT_FORUM_ADD_POST'], 'TXT_FORUM_SUBJECT' => $_ARRAYLANG['TXT_FORUM_SUBJECT'], 'TXT_FORUM_MESSAGE' => $_ARRAYLANG['TXT_FORUM_MESSAGE'], 'TXT_FORUM_RESET' => $_ARRAYLANG['TXT_FORUM_RESET'], 'TXT_FORUM_CREATE_POST' => $_ARRAYLANG['TXT_FORUM_CREATE_POST'], 'TXT_FORUM_ICON' => $_ARRAYLANG['TXT_FORUM_ICON'], 'TXT_FORUM_QUOTE' => $_ARRAYLANG['TXT_FORUM_QUOTE'], 'TXT_FORUM_EDIT' => $_ARRAYLANG['TXT_FORUM_EDIT'], 'TXT_FORUM_DELETE' => $_ARRAYLANG['TXT_FORUM_DELETE'], 'TXT_FORUM_PREVIEW' => $_ARRAYLANG['TXT_FORUM_PREVIEW'], 'TXT_FORUM_UPDATE_POST' => $_ARRAYLANG['TXT_FORUM_UPDATE_POST'], 'TXT_FORUM_NOTIFY_NEW_POSTS' => $_ARRAYLANG['TXT_FORUM_NOTIFY_NEW_POSTS'], 'TXT_FORUM_QUICKACCESS' => $_ARRAYLANG['TXT_FORUM_QUICKACCESS'], 'TXT_FORUM_UPDATE_NOTIFICATION' => $_ARRAYLANG['TXT_FORUM_UPDATE_NOTIFICATION'], 'TXT_FORUM_THREAD_ACTION_DESC' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_DESC'], 'TXT_FORUM_THREAD_ACTION_MOVE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE'], 'TXT_FORUM_THREAD_ACTION_CLOSE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_CLOSE_' . $firstPost['is_locked']], 'TXT_FORUM_THREAD_ACTION_STICKY' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_STICKY_' . $firstPost['is_sticky']], 'TXT_FORUM_THREAD_ACTION_DELETE' => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_DELETE'], 'TXT_FORUM_CHOOSE_FILE' => $_ARRAYLANG['TXT_FORUM_CHOOSE_FILE'], 'FORUM_NOTIFICATION_CHECKBOX_CHECKED' => $this->_hasNotification($intThreadId) ? 'checked="checked"' : '', 'FORUM_SUBJECT' => stripslashes($subject), 'FORUM_KEYWORDS' => stripslashes($keywords), 'FORUM_ATTACHMENT_OLDNAME' => $attachment, 'FORUM_MESSAGE_INPUT' => $strMessageInputHTML, 'FORUM_CAPTCHA_CODE' => \Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->getCode(), 'FORUM_THREAD_ID' => $intThreadId, 'FORUM_CATEGORY_ID' => $intCatId, 'FORUM_POSTS_PAGING' => getPaging($this->_postCount, $pos, '§ion=Forum&cmd=thread&id=' . $intThreadId, $_ARRAYLANG['TXT_FORUM_OVERVIEW_POSTINGS'], true, $this->_arrSettings['posting_paging']))); if ($objFWUser->objUser->login()) { $this->_objTpl->hideBlock('captcha'); } else { $this->_objTpl->touchBlock('captcha'); } $this->_setIcons($this->_getIcons()); if (!$this->_checkAuth($intCatId, 'read')) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); return false; } $intCounter = 0; foreach ($arrPosts as $postId => $arrValues) { $strRating = '<span id="forum_current_rating_' . $postId . '" class="rating_%s">%s</span>'; if ($arrValues['rating'] == 0) { $class = 'none'; } elseif ($arrValues['rating'] > 0) { $class = 'pos'; } else { $class = 'neg'; } $strRating = sprintf($strRating, $class, $arrValues['rating']); $strUserProfileLink = $arrValues['user_id'] > 0 ? '<a title="' . $arrValues['user_name'] . '" href="index.php?section=Access&cmd=user&id=' . $arrValues['user_id'] . '">' . $arrValues['user_name'] . '</a>' : $this->_anonymousName; $arrAttachment = $this->_getAttachment($arrValues['attachment']); $this->_objTpl->setGlobalVariable(array('FORUM_POST_ROWCLASS' => $intCounter++ % 2 + 1)); $quoteLink = "id=" . $intThreadId . "&act=quote&postid=" . $postId; $quoteLinkLoggedIn = "location.href='" . \Cx\Core\Csrf\Controller\Csrf::enhanceURI("index.php?section=Forum") . "&cmd=thread&" . htmlentities($quoteLink) . "';"; $quoteLinkNotLoggedIn = "location.href='" . \Cx\Core\Csrf\Controller\Csrf::enhanceURI("index.php?section=Login") . "&redirect=" . base64_encode("index.php?section=Forum&cmd=thread&" . $quoteLink) . "';"; $this->_objTpl->setVariable(array('FORUM_POST_DATE' => $arrValues['time_created'], 'FORUM_POST_LAST_EDITED' => $arrValues['time_edited'] != date(ASCMS_DATE_FORMAT, 0) ? $_ARRAYLANG['TXT_FORUM_LAST_EDITED'] . $arrValues['time_edited'] : '', 'FORUM_USER_ID' => $arrValues['user_id'], 'FORUM_USER_NAME' => $strUserProfileLink, 'FORUM_USER_IMAGE' => !empty($arrValues['user_image']) ? '<img border="0" width="60" height="60" src="' . $arrValues['user_image'] . '" title="' . $arrValues['user_name'] . '\'s avatar" alt="' . $arrValues['user_name'] . '\'s avatar" />' : '', 'FORUM_USER_GROUP' => '', 'FORUM_USER_RANK' => '', 'FORUM_USER_REGISTERED_SINCE' => '', 'FORUM_USER_POSTING_COUNT' => '', 'FORUM_USER_CONTACTS' => '', 'FORUM_POST_NUMBER' => '#' . $arrValues['post_number'], 'FORUM_POST_ICON' => $arrValues['post_icon'], 'FORUM_POST_SUBJECT' => $arrValues['subject'], 'FORUM_POST_MESSAGE' => $arrValues['content'], 'FORUM_POST_RATING' => $strRating, 'FORUM_POST_ATTACHMENT_LINK' => $arrAttachment['webpath'], 'FORUM_POST_ATTACHMENT_FILENAME' => $arrAttachment['name'], 'FORUM_POST_ATTACHMENT_ICON' => $arrAttachment['icon'], 'FORUM_POST_ATTACHMENT_FILESIZE' => $arrAttachment['size'], 'FORUM_QUOTE_ONCLICK' => $this->_checkAuth($intCatId, 'write') ? $quoteLinkLoggedIn : $quoteLinkNotLoggedIn)); if (!$objFWUser->objUser->login() && !$this->_checkAuth($intCatId, 'write')) { $button = '<input type="button" value="' . $_ARRAYLANG['TXT_FORUM_CREATE_POST'] . '" onclick="location.href=\'' . \Cx\Core\Csrf\Controller\Csrf::enhanceURI('index.php?section=Login') . '&redirect=' . base64_encode($_SERVER['REQUEST_URI']) . '\';" />'; $this->_objTpl->setVariable(array('FORUM_POST_REPLY_REDIRECT' => $button)); } $this->_objTpl->setVariable(array('FORUM_POST_ID' => $postId, 'FORUM_RATING_POST_ID' => $postId)); if ($firstPost['is_locked'] != 1 && ($this->_checkAuth($intCatId, 'edit') || $objFWUser->objUser->login() && $arrValues['user_id'] == $objFWUser->objUser->getId())) { $this->_objTpl->touchBlock('postEdit'); } else { $this->_objTpl->hideBlock('postEdit'); } if ($firstPost['is_locked'] != 1 && ($this->_checkAuth($intCatId, 'write') || !$firstPost['is_locked'])) { $this->_objTpl->touchBlock('postQuote'); } else { $this->_objTpl->hideBlock('postQuote'); } if ($this->_checkAuth($intCatId, 'delete') && $arrValues['post_number'] != 1) { $this->_objTpl->setVariable(array('FORUM_POST_ID' => $postId)); $this->_objTpl->touchBlock('postDelete'); } else { $this->_objTpl->hideBlock('postDelete'); } if ($this->_objTpl->blockExists('rating')) { if ($objFWUser->objUser->login() && !$this->_hasRated($postId)) { $this->_objTpl->parse('rating'); } else { $this->_objTpl->hideBlock('rating'); } } if ($this->_objTpl->blockExists('attachment')) { if (!empty($arrValues['attachment'])) { $this->_objTpl->parse('attachment'); } else { $this->_objTpl->hideBlock('attachment'); } } $this->_objTpl->parse('forumPosts'); } if (!$this->_checkAuth($intCatId, 'write') || $firstPost['is_locked'] == 1) { $this->_objTpl->hideBlock('addPost'); $this->_objTpl->hideBlock('addPostAnchor'); } else { $this->_objTpl->touchBlock('addPostAnchor'); } // initialize the uploader $this->initForumUploader(); //addpost code if (!empty($_REQUEST['create']) && $_REQUEST['create'] == $_ARRAYLANG['TXT_FORUM_CREATE_POST']) { if (!$this->_checkAuth($intCatId, 'write') && $firstPost['is_locked'] != 1) { //auth check $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); $this->_objTpl->hideBlock('addPost'); return false; } if (!$objFWUser->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) { //captcha check return false; } if (strlen(trim($content)) < $this->_minPostlength) { //content check $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength)); return false; } if (false !== ($match = $this->_hasBadWords($content))) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1])); return false; } $fileInfo = $this->_handleUpload('forum_attachment'); if ($fileInfo === false) { //an error occured, the file wasn't properly transferred. exit function to display error set in _handleUpload() return false; } $lastPostIdQuery = ' SELECT max( id ) as last_post_id FROM ' . DBPREFIX . 'module_forum_postings WHERE category_id = ' . $intCatId . ' AND thread_id = ' . $intThreadId; if (($objRSmaxId = $objDatabase->SelectLimit($lastPostIdQuery, 1)) !== false) { $intPrevPostId = $objRSmaxId->fields['last_post_id']; } else { die('Database error: ' . $objDatabase->ErrorMsg()); } $insertQuery = 'INSERT INTO ' . DBPREFIX . 'module_forum_postings ( id, category_id, thread_id, prev_post_id, user_id, time_created, time_edited, is_locked, is_sticky, rating, views, icon, keywords, subject, content, attachment ) VALUES ( NULL, ' . $intCatId . ', ' . $intThreadId . ', ' . $intPrevPostId . ', ' . $userId . ', ' . time() . ', 0, 0, 0, 0, 0, ' . $icon . ",\n '{$keywords}' ,'" . $subject . "', '" . contrexx_raw2db($content) . "', '" . $fileInfo['name'] . "'\n )"; if ($objDatabase->Execute($insertQuery) !== false) { $lastInsertId = $objDatabase->Insert_ID(); $this->updateViewsNewItem($intCatId, $lastInsertId, true); $this->_updateNotification($intThreadId); $this->_sendNotifications($intThreadId, $subject, $content); $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId(); $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager(); $cacheManager->deleteSingleFile($pageId); } \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&pos=' . $this->_getLastPos($postId, $intThreadId)); die; } if (!empty($_REQUEST['preview_new'])) { $content = \Cx\Core\Wysiwyg\Wysiwyg::prepareBBCodeForOutput($content); if (false !== ($match = $this->_hasBadWords($content))) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1])); return false; } if (strlen(trim($content)) < $this->_minPostlength) { //content check $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength)); return false; } $this->_objTpl->setVariable(array('FORUM_POST_ROWCLASS' => $intCounter++ % 2 + 1, 'FORUM_POST_DATE' => date(ASCMS_DATE_FORMAT, time()), 'FORUM_USER_ID' => $userId, 'FORUM_USER_NAME' => $objFWUser->objUser->login() ? '<a href="index.php?section=Access&cmd=user&id=' . $userId . '" title="' . htmlentities($objFWUser->objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET) . '">' . htmlentities($objFWUser->objUser->getUsername(), ENT_QUOTES, CONTREXX_CHARSET) . '</a>' : $this->_anonymousName, 'FORUM_USER_IMAGE' => !empty($arrValues['user_image']) ? '<img border="0" width="60" height="60" src="' . $arrValues['user_image'] . '" title="' . $arrValues['user_name'] . '\'s avatar" alt="' . $arrValues['user_name'] . '\'s avatar" />' : '', 'FORUM_USER_GROUP' => '', 'FORUM_USER_RANK' => '', 'FORUM_USER_REGISTERED_SINCE' => '', 'FORUM_USER_POSTING_COUNT' => '', 'FORUM_USER_CONTACTS' => '', 'FORUM_POST_NUMBER' => '#' . ($this->_postCount + 1), 'FORUM_POST_ICON' => $this->getThreadIcon($icon), 'FORUM_POST_SUBJECT' => stripslashes($subject), 'FORUM_POST_MESSAGE' => $content, 'FORUM_POST_RATING' => '0')); $this->_objTpl->touchBlock('createPost'); $this->_objTpl->hideBlock('updatePost'); if ($this->_objTpl->blockExists('attachment')) { $this->_objTpl->hideBlock('attachment'); } $this->_objTpl->hideBlock('postEdit'); $this->_objTpl->hideBlock('postQuote'); $this->_objTpl->touchBlock('previewNewPost'); $this->_objTpl->hideBlock('previewEditPost'); $this->_objTpl->parse('forumPosts'); } if (!empty($_REQUEST['update']) && $_REQUEST['update'] == $_ARRAYLANG['TXT_FORUM_UPDATE_POST']) { if (strlen(trim($content)) < $this->_minPostlength) { //content size check $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_POST_EMPTY'], $this->_minPostlength)); return false; } if (!$this->_checkAuth($intCatId, 'edit') && (!$objFWUser->objUser->login() || $arrValues['user_id'] != $objFWUser->objUser->getId())) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', '<br />' . $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); $this->_objTpl->hideBlock('postEdit'); return false; } if (!$objFWUser->objUser->login() && !\Cx\Core_Modules\Captcha\Controller\Captcha::getInstance()->check()) { $this->_objTpl->touchBlock('updatePost'); $this->_objTpl->hideBlock('createPost'); return false; } if (false !== ($match = $this->_hasBadWords($content))) { $this->_objTpl->setVariable('TXT_FORUM_ERROR', sprintf('<br />' . $_ARRAYLANG['TXT_FORUM_BANNED_WORD'], $match[1])); return false; } $fileInfo = $this->_handleUpload('forum_attachment'); if ($fileInfo === false) { //an error occured, the file wasn't properly transferred. exit function to display error set in _handleUpload() return false; } if (empty($_POST['forum_delete_attachment']) && empty($fileInfo['name']) && !empty($_REQUEST['forum_attachment_oldname'])) { $fileInfo['name'] = contrexx_addslashes($_REQUEST['forum_attachment_oldname']); } elseif (!empty($_POST['forum_delete_attachment']) && $_POST['forum_delete_attachment'] == 1 || !empty($_REQUEST['forum_attachment_oldname']) && $fileInfo['name'] != $_REQUEST['forum_attachment_oldname']) { unlink(\Cx\Core\Core\Controller\Cx::instanciate()->getWebsiteMediaForumUploadPath() . '/' . str_replace(array('./', '.\\'), '', $_REQUEST['forum_attachment_oldname'])); } $updateQuery = 'UPDATE ' . DBPREFIX . 'module_forum_postings SET time_edited = ' . mktime() . ', icon = ' . $icon . ', subject = \'' . $subject . '\', keywords = \'' . $keywords . '\', content = \'' . contrexx_raw2db($content) . '\', attachment = \'' . $fileInfo['name'] . '\' WHERE id = ' . $intPostId; if ($objDatabase->Execute($updateQuery) !== false) { $this->updateViews($intThreadId, $intPostId); $pageId = \Cx\Core\Core\Controller\Cx::instanciate()->getPage()->getId(); $cacheManager = new \Cx\Core_Modules\Cache\Controller\CacheManager(); $cacheManager->deleteSingleFile($pageId); } \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&pos=' . $this->_getLastPos($postId, $intThreadId)); die; } if (!empty($_REQUEST['preview_edit'])) { $this->_objTpl->touchBlock('updatePost'); $this->_objTpl->hideBlock('createPost'); $this->_objTpl->hideBlock('previewNewPost'); $this->_objTpl->touchBlock('previewEditPost'); } $hasAccess = false; foreach (array('STICKY', 'MOVE', 'CLOSE', 'DELETE') as $action) { if (!$this->_checkAuth($intCatId, strtolower($action))) { $this->_objTpl->setVariable('FORUM_THREAD_ACTIONS_DISABLED_' . $action, 'disabled="disabled"'); } else { $hasAccess = true; } } if ($this->_objTpl->blockExists('threadActionsSelect')) { if ($userId < 1 || !$hasAccess) { $this->_objTpl->hideBlock('threadActionsSelect'); } else { $this->_objTpl->touchBlock('threadActionsSelect'); } } if (!empty($_REQUEST['action']) && $_REQUEST['action'] == 'move' && !empty($_REQUEST['id'])) { $thread = intval($_REQUEST['id']); $newCat = intval($_REQUEST['moveToThread']); $oldCat = $this->_getCategoryIdFromThread($thread); $query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `category_id` = {$newCat} WHERE `thread_id` = " . $thread; if ($objDatabase->Execute($query)) { $intMovedPosts = $objDatabase->Affected_Rows(); $query = "SELECT max( `id` ) as `lastid` FROM `" . DBPREFIX . "module_forum_postings` WHERE `thread_id` = {$thread}"; $objRS = $objDatabase->SelectLimit($query, 1); $intMovedPostLastId = $objRS->fields['lastid']; $query = "SELECT max( `id` ) as `lastid` FROM `" . DBPREFIX . "module_forum_postings` WHERE `category_id` = {$oldCat}"; $objRS = $objDatabase->SelectLimit($query, 1); $query = "UPDATE `" . DBPREFIX . "module_forum_statistics` SET `thread_count` = `thread_count` - 1, `post_count` = `post_count` - {$intMovedPosts}, `last_post_id` = " . (intval($objRS->fields['lastid']) > 0 ? intval($objRS->fields['lastid']) : 0) . " WHERE `category_id` = {$oldCat}"; $objDatabase->Execute($query); $query = "SELECT `id` FROM `" . DBPREFIX . "module_forum_postings` WHERE `category_id` = {$newCat} GROUP BY `time_created` DESC"; $objRS = $objDatabase->Execute($query); $query = "UPDATE `" . DBPREFIX . "module_forum_statistics` SET `thread_count` = `thread_count` + 1, `post_count` = `post_count` + {$intMovedPosts}, `last_post_id` = " . $objRS->fields['id'] . " WHERE `category_id` = {$newCat}"; $objDatabase->Execute($query); $this->_objTpl->hideBlock('moveForm'); $this->_objTpl->setVariable(array('TXT_THREAD_ACTION_' . ($success ? 'SUCCESS' : 'ERROR') => $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE' . (!$success ? 'UN' : '') . 'SUCCESSFUL'], 'FORUM_CATEGORY_ID' => $intCatId, 'FORUM_THREAD_ID' => $intThreadId)); \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $thread); } } if (!empty($_GET['a'])) { $this->_objTpl->setVariable(array('TXT_FORUM_' . ($_GET['r'] == 1 ? 'SUCCESS' : 'ERROR') => '<br />' . $_ARRAYLANG['TXT_FORUM_THREAD_ACTION_' . strtoupper($_GET['a']) . '_' . (!$_GET['r'] ? 'UN' : '') . 'SUCCESSFUL' . $_GET['s']])); } $success = false; if (!empty($_REQUEST['thread_actions'])) { $action = contrexx_addslashes($_REQUEST['thread_actions']); if ($this->_checkAuth($intCatId, $action)) { switch ($action) { case 'move': $arrForums = $this->createForumArray($this->_intLangId); foreach ($arrForums as $intCatID => $arrThread) { $strOptions .= '<option value="' . $intCatID . '" ' . ($arrThread['level'] == 0 ? 'disabled="disabled"' : '') . '>' . str_repeat(' ', $arrThread['level'] * 2) . $arrThread['name'] . '</option>'; } $this->_objTpl->setVariable(array('FORUM_THREADS' => $strOptions)); $success = true; $suffix = ''; \Env::get('cx')->getPage()->setTitle($_ARRAYLANG['TXT_FORUM_THREAD_ACTION_MOVE']); break; case 'close': $query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `is_locked` = IF(`is_locked` = '0' OR `is_locked` = '', '1', '0') WHERE thread_id = " . intval($_REQUEST['id']); if ($objDatabase->Execute($query) !== false) { $success = true; } $suffix = '_' . $firstPost['is_locked']; break; case 'sticky': $query = "UPDATE `" . DBPREFIX . "module_forum_postings` SET `is_sticky` = IF(`is_sticky` = '0' OR `is_sticky` = '', '1', '0') WHERE thread_id = " . intval($_REQUEST['id']); if ($objDatabase->Execute($query) !== false) { $success = true; } $suffix = '_' . $firstPost['is_sticky']; break; default: break; } if ($action != 'move') { \Cx\Core\Csrf\Controller\Csrf::header('Location: index.php?section=Forum&cmd=thread&id=' . $intThreadId . '&a=' . $action . '&r=' . $success . '&s=' . $suffix); } } else { $this->_objTpl->setVariable('TXT_THREAD_ACTION_ERROR', $_ARRAYLANG['TXT_FORUM_NO_ACCESS']); } $this->_objTpl->parse('threadActions'); $this->_objTpl->touchBlock('threadActions'); $this->_objTpl->hideBlock('threadDisplay'); } else { $this->updateViews($intThreadId, $intPostId); $this->_objTpl->hideBlock('threadActions'); } return true; }
/** * update settings * @access public * @global array * @global ADONewConnection * @global array * @global array */ function updateSettings() { global $objDatabase, $_CORELANG, $_ARRAYLANG; if (isset($_POST['set_sys_submit'])) { //get post data foreach ($_POST['setvalue'] as $id => $value) { //update settings // check for description field to be required if ($id == 13 && $value == 1) { $objDatabase->Execute("UPDATE `" . DBPREFIX . "module_directory_inputfields` SET active='1', is_required='1', active_backend='1' WHERE name='description'"); } if (ini_get('allow_url_fopen') == false && $id == 19) { $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings SET setvalue='0' WHERE setid=" . intval($id)); } else { $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings SET setvalue='" . contrexx_addslashes($value) . "' WHERE setid=" . intval($id)); } } $this->strOkMessage = $_ARRAYLANG['TXT_DIR_SETTINGS_SUCCESFULL_SAVE']; } if (isset($_POST['set_google_submit'])) { //get post data foreach ($_POST['setvalue'] as $id => $value) { //update settings $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings_google SET setvalue='" . contrexx_addslashes($value) . "' WHERE setid=" . intval($id)); } $this->strOkMessage = $_ARRAYLANG['TXT_DIR_SETTINGS_SUCCESFULL_SAVE']; } if (isset($_POST['set_homecontent_submit'])) { //update settings \Cx\Core\Setting\Controller\Setting::init('Config', 'component', 'Yaml'); if (isset($_POST['setHomeContent'])) { if (!\Cx\Core\Setting\Controller\Setting::isDefined('directoryHomeContent')) { \Cx\Core\Setting\Controller\Setting::add('directoryHomeContent', contrexx_addslashes($_POST['setHomeContent']), 1, \Cx\Core\Setting\Controller\Setting::TYPE_RADIO, '1:TXT_ACTIVATED,0:TXT_DEACTIVATED', 'component'); } else { \Cx\Core\Setting\Controller\Setting::set('directoryHomeContent', contrexx_addslashes($_POST['setHomeContent'])); \Cx\Core\Setting\Controller\Setting::update('directoryHomeContent'); } } \Cx\Core\Csrf\Controller\Csrf::header('Location: ?cmd=Directory&act=settings&tpl=homecontent'); exit; $this->strOkMessage = $_ARRAYLANG['TXT_DIR_SETTINGS_SUCCESFULL_SAVE']; } if (isset($_POST['set_mail_submit'])) { //update settings $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_mail SET title='" . contrexx_addslashes($_POST['mailConfirmTitle']) . "', content='" . $_POST['mailConfirmContent'] . "' WHERE id='1'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_mail SET title='" . contrexx_addslashes($_POST['mailRememberTitle']) . "', content='" . $_POST['mailRememberContent'] . "' WHERE id='2'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings SET setvalue='" . contrexx_addslashes($_POST['mailRememberAdress']) . "' WHERE setid='30'"); $this->strOkMessage = $_ARRAYLANG['TXT_DIR_SETTINGS_SUCCESFULL_SAVE']; } if (isset($_POST['set_inputs_submit'])) { //update settings // title field should stay active, required and available for search $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='0' Where id !='1'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET is_search='0' Where id !='1'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET is_required='0' Where id !='1'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='0' Where id !='1'"); //get post data if ($_POST['setStatus'] != "") { $addressElements = 0; $googleMapIsEnabled = false; foreach ($_POST['setStatus'] as $id => $value) { //update settings $objResult = $objDatabase->Execute("SELECT `name` FROM " . DBPREFIX . "module_directory_inputfields WHERE id=" . intval($id)); $name = $objResult->fields['name']; switch ($name) { case 'country': case 'zip': case 'street': case 'city': $addressElements++; break; case 'googlemap': $googleMapIsEnabled = true; break; default: } $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='" . contrexx_addslashes($value) . "' WHERE id=" . intval($id)); } if ($googleMapIsEnabled && $addressElements < 4) { $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1' WHERE name='country'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1' WHERE name='zip'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1' WHERE name='street'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1' WHERE name='city'"); $this->strOkMessage = $_ARRAYLANG['TXT_DIRECTORY_GOOGLEMAP_REQUIRED_FIELDS_MISSING']; } } //get post data if ($_POST['setStatusBackend'] != "") { $addressElements = 0; $googleMapIsEnabled = false; foreach ($_POST['setStatusBackend'] as $id => $value) { //update settings $objResult = $objDatabase->Execute("SELECT `name` FROM " . DBPREFIX . "module_directory_inputfields WHERE id=" . intval($id)); $name = $objResult->fields['name']; switch ($name) { case 'country': case 'zip': case 'street': case 'city': $addressElements++; break; case 'googlemap': $googleMapIsEnabled = true; break; default: } $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='" . contrexx_addslashes($value) . "' WHERE id=" . intval($id)); } if ($googleMapIsEnabled && $addressElements < 4) { $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='1' WHERE name='country'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='1' WHERE name='zip'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='1' WHERE name='street'"); $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active_backend='1' WHERE name='city'"); $this->strOkMessage = $_ARRAYLANG['TXT_DIRECTORY_GOOGLEMAP_REQUIRED_FIELDS_MISSING']; } } //get post data if ($_POST['setSort'] != "") { foreach ($_POST['setSort'] as $id => $sort) { $sort = $sort; //update settings $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET sort=" . intval($sort) . " WHERE id=" . intval($id)); } } //get post data if ($_POST['setSearch'] != "") { foreach ($_POST['setSearch'] as $id => $search) { //update settings $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET is_search=" . $search . " WHERE id=" . intval($id)); } } //get post data if ($_POST['setRequired'] != "") { foreach ($_POST['setRequired'] as $id => $required) { //update settings $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET is_required=" . $required . " WHERE id=" . intval($id)); } } //get post data if ($_POST['setSpezFields'] != "") { foreach ($_POST['setSpezFields'] as $id => $value) { //update settings $objReult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET title='" . contrexx_addslashes($value) . "' WHERE id=" . intval($id)); } } //get dropdown data foreach ($_POST['setDropdown'] as $id => $value) { //update settings $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings SET setvalue='" . contrexx_addslashes($value) . "' WHERE setid=" . intval($id)); } //update settings $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1' WHERE name='title'"); if ($this->descriptionFieldRequired()) { $objResult = $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_inputfields SET active='1', is_required='1', active_backend='1' WHERE name='description'"); } $this->strOkMessage = $_ARRAYLANG['TXT_DIR_SETTINGS_SUCCESFULL_SAVE']; } if ($_POST['inputValue']['zoom'] != "") { $googleStartPoint = intval($_POST['inputValue']['lat']); $googleStartPoint .= '.' . intval($_POST['inputValue']['lat_fraction']); $googleStartPoint .= ':' . intval($_POST['inputValue']['lon']); $googleStartPoint .= '.' . intval($_POST['inputValue']['lon_fraction']); $googleStartPoint .= ':' . intval($_POST['inputValue']['zoom']); $objDatabase->Execute("UPDATE " . DBPREFIX . "module_directory_settings SET setvalue='" . $googleStartPoint . "' WHERE setname='googlemap_start_location'"); } }
/** * Validate and save settings from $_POST into the database. * * @global ADONewConnection * @global array $_ARRAYLANG */ function _saveSettings() { global $objDatabase, $_ARRAYLANG; $this->_arrSettings = $this->createSettingsArray(); for ($i = 0; $i <= 4; $i++) { $oldMediaSetting = $this->_arrSettings['media' . $i . '_frontend_changable']; $newMediaSetting = ''; if (isset($_POST['mediaSettings_Media' . $i . 'FrontendChangable'])) { $newMediaSetting = $_POST['mediaSettings_Media' . $i . 'FrontendChangable']; } if (!is_numeric($newMediaSetting)) { if (is_numeric($oldMediaSetting)) { // remove AccessId \Permission::removeAccess($oldMediaSetting, 'dynamic'); } // save new setting $objDatabase->Execute(' UPDATE ' . DBPREFIX . 'module_media_settings SET `value` = "' . contrexx_addslashes($newMediaSetting) . '" WHERE `name` = "media' . $i . '_frontend_changable" '); } else { $accessGroups = ''; if (isset($_POST['media' . $i . '_access_associated_groups'])) { $accessGroups = $_POST['media' . $i . '_access_associated_groups']; } // get groups \Permission::removeAccess($oldMediaSetting, 'dynamic'); if (isset($_POST['media' . $i . '_access_associated_groups'])) { $accessGroups = $_POST['media' . $i . '_access_associated_groups']; } // add AccessID $newMediaSetting = \Permission::createNewDynamicAccessId(); // save AccessID if (count($accessGroups)) { \Permission::setAccess($newMediaSetting, 'dynamic', $accessGroups); } $query = 'UPDATE ' . DBPREFIX . 'module_media_settings SET `value` = "' . intval($newMediaSetting) . '" WHERE `name` = "media' . $i . '_frontend_changable"'; $objDatabase->Execute($query); } $oldManageSetting = $this->_arrSettings['media' . $i . '_frontend_managable']; $newManageSetting = ''; if (isset($_POST['mediaSettings_Media' . $i . 'FrontendManagable'])) { $newManageSetting = $_POST['mediaSettings_Media' . $i . 'FrontendManagable']; } if (!is_numeric($newManageSetting)) { if (is_numeric($oldManageSetting)) { // remove AccessId \Permission::removeAccess($oldManageSetting, 'dynamic'); } // save new setting $objDatabase->Execute(' UPDATE ' . DBPREFIX . 'module_media_settings SET `value` = "' . contrexx_addslashes($newManageSetting) . '" WHERE `name` = "media' . $i . '_frontend_managable" '); } else { $accessGroups = ''; if (isset($_POST['media' . $i . '_manage_associated_groups'])) { $accessGroups = $_POST['media' . $i . '_manage_associated_groups']; } // get groups \Permission::removeAccess($oldManageSetting, 'dynamic'); if (isset($_POST['media' . $i . '_manage_associated_groups'])) { $accessGroups = $_POST['media' . $i . '_manage_associated_groups']; } // add AccessID $newManageSetting = \Permission::createNewDynamicAccessId(); // save AccessID if (count($accessGroups)) { \Permission::setAccess($newManageSetting, 'dynamic', $accessGroups); } $objDatabase->Execute(' UPDATE ' . DBPREFIX . 'module_media_settings SET `value` = "' . intval($newManageSetting) . '" WHERE `name` = "media' . $i . '_frontend_managable" '); } } $this->_arrSettings = $this->createSettingsArray(); $this->_strOkMessage = $_ARRAYLANG['TXT_MEDIA_SETTINGS_SAVE_SUCCESSFULL']; }
/** * get search * @access public * @param string $id */ function getSearch() { global $objDatabase, $_ARRAYLANG, $template; $arrDropdown['language'] = $this->getLanguages(contrexx_addslashes($_REQUEST['language'])); $arrDropdown['platform'] = $this->getPlatforms(contrexx_addslashes($_REQUEST['platform'])); $arrDropdown['canton'] = $this->getCantons(contrexx_addslashes($_REQUEST['canton'])); $arrDropdown['spez_field_21'] = $this->getSpezDropdown(contrexx_addslashes($_REQUEST['spez_field_21']), 'spez_field_21'); $arrDropdown['spez_field_22'] = $this->getSpezDropdown(contrexx_addslashes($_REQUEST['spez_field_22']), 'spez_field_22'); $arrDropdown['spez_field_23'] = $this->getSpezVotes(contrexx_addslashes($_REQUEST['spez_field_23']), 'spez_field_23'); $arrDropdown['spez_field_24'] = $this->getSpezVotes(contrexx_addslashes($_REQUEST['spez_field_24']), 'spez_field_24'); $expSearch = ''; $javascript = ' <script type="text/javascript"> <!-- function toggle(target) { obj = document.getElementById(target); obj.style.display = (obj.style.display==\'none\') ? \'inline\' : \'none\'; if (obj.style.display==\'none\' && target == \'hiddenSearch\'){ document.getElementById(\'searchCheck\').value = \'norm\'; }else if(obj.style.display==\'inline\' && target == \'hiddenSearch\'){ document.getElementById(\'searchCheck\').value = \'exp\'; } } --> </script> '; //get levels if ($this->settings['levels']['value'] == 1) { $lid = intval($_REQUEST['lid']); $options = $this->getSearchLevels($lid); $name = $_ARRAYLANG['TXT_LEVEL']; $field = '<select name="lid" style="width:194px;"><option value=""></option>' . $options . '</select>'; // set variables $expSearch .= ' <tr> <td width="100" height="20" style="border: 0px solid #ff0000;">' . $name . '</td> <td style="border: 0px solid #ff0000;">' . $field . '</td> </tr> '; } //get categories $cid = intval($_REQUEST['cid']); $options = $this->getSearchCategories($cid); $name = $_ARRAYLANG['TXT_DIR_F_CATEGORIE']; $field = '<select name="cid" style="width:194px;"><option value=""></option>' . $options . '</select>'; // set variables $expSearch .= ' <tr> <td width="100" height="20" style="border: 0px solid #ff0000;">' . $name . '</td> <td style="border: 0px solid #ff0000;">' . $field . '</td> </tr> '; //get exp search fields $objResult = $objDatabase->Execute("SELECT id, name, title, typ FROM " . DBPREFIX . "module_directory_inputfields WHERE exp_search='1' AND is_search='1' ORDER BY sort"); if ($objResult !== false) { while (!$objResult->EOF) { if ($objResult->fields['typ'] == 5 || $objResult->fields['typ'] == 6) { $name = $objResult->fields['title']; } else { if (!empty($_ARRAYLANG[$objResult->fields['title']])) { $name = $_ARRAYLANG[$objResult->fields['title']]; } else { $name = $objResult->fields['title']; } } if ($objResult->fields['typ'] == 1 || $objResult->fields['typ'] == 2 || $objResult->fields['typ'] == 5 || $objResult->fields['typ'] == 6) { $field = '<input maxlength="100" size="30" name="' . $objResult->fields['name'] . '" value="' . contrexx_addslashes($_REQUEST[$objResult->fields['name']]) . '" />'; } else { $field = '<select name="' . $objResult->fields['name'] . '" style="width:194px;">' . $arrDropdown[$objResult->fields['name']] . '</select>'; } // set variables $expSearch .= ' <tr> <td width="100" height="20">' . $name . '</td> <td>' . $field . '</td> </tr> '; $objResult->MoveNext(); } } $html = ' <div class="directorySearch"> <form action="index.php?" method="get" name="directorySearch" id="directorySearch"> <input name="term" value="' . (!empty($_GET['term']) ? htmlentities($_GET['term'], ENT_QUOTES, CONTREXX_CHARSET) : '') . '" size="25" maxlength="100" /> <input id="searchCheck" type="hidden" name="check" value="norm" size="10" /> <input type="hidden" name="section" value="Directory" size="10" /> <input type="hidden" name="cmd" value="search" size="10" /> <input type="submit" value="' . $_ARRAYLANG['TXT_DIR_F_SEARCH'] . '" name="search" /> » <a onclick="javascript:toggle(\'hiddenSearch\')" href="javascript:{}">' . $_ARRAYLANG['TXT_DIRECTORY_EXP_SEARCH'] . '</a><br /> <div style="display: none;" id="hiddenSearch"> <br /> <table width="100%" cellspacing="0" cellpadding="0" border="0"> ' . $expSearch . ' </table> </div> </form> </div>'; // set variables $this->_objTemplate->setVariable(array('DIRECTORY_SEARCH' => $javascript . $html)); }
/** * Update Settings * * Updates a Settings row * @param $key Name of the setting * @param $val Value of the setting */ function _updateSetting($key, $val) { global $objDatabase; $query = "SELECT `setvalue` FROM " . DBPREFIX . "module_immo_settings\n WHERE `setname` = '" . $key . "'"; $objRs = $objDatabase->Execute($query); if ($objRs->RecordCount() == 0) { $val = contrexx_addslashes($val); $query = " INSERT INTO " . DBPREFIX . "module_immo_settings\n (`setname`, `setvalue`)\n VALUES\n ('" . $key . "', '" . $val . "')\n "; if (!$objDatabase->Execute($query)) { return false; } } else { $val = contrexx_addslashes($val); if ($this->arrSettings[$key] != $val) { $query = " UPDATE " . DBPREFIX . "module_immo_settings\n SET `setvalue` = '" . $val . "'\n WHERE `setname` = '" . $key . "'"; if (!$objDatabase->Execute($query)) { return false; } } } return true; }
/** * Return event place url and its source link * * @return array place url and its source link */ function loadPlaceLinkFromMediadir($intMediaDirId = 0, $type = 'place') { global $_LANGID, $_CONFIG; $placeUrl = ''; $placeUrlSource = ''; if (!empty($intMediaDirId)) { $objMediadirEntry = new \Cx\Modules\MediaDir\Controller\MediaDirectoryEntry('MediaDir'); $objMediadirEntry->getEntries(intval($intMediaDirId)); $pageRepo = \Env::get('em')->getRepository('Cx\\Core\\ContentManager\\Model\\Entity\\Page'); $pages = $pageRepo->findBy(array('cmd' => contrexx_addslashes('detail' . intval($objMediadirEntry->arrEntries[$intMediaDirId]['entryFormId'])), 'lang' => $_LANGID, 'type' => \Cx\Core\ContentManager\Model\Entity\Page::TYPE_APPLICATION, 'module' => 'MediaDir')); if (count($pages)) { $strDetailCmd = 'detail' . intval($objMediadirEntry->arrEntries[$intMediaDirId]['entryFormId']); } else { $strDetailCmd = 'detail'; } $pages = \Env::get('em')->getRepository('Cx\\Core\\ContentManager\\Model\\Entity\\Page')->getFromModuleCmdByLang('MediaDir', $strDetailCmd); $arrActiveFrontendLanguages = \FWLanguage::getActiveFrontendLanguages(); if (isset($arrActiveFrontendLanguages[FRONTEND_LANG_ID]) && isset($pages[FRONTEND_LANG_ID])) { $langId = FRONTEND_LANG_ID; } else { if (isset($arrActiveFrontendLanguages[BACKEND_LANG_ID]) && isset($pages[BACKEND_LANG_ID])) { $langId = BACKEND_LANG_ID; } else { foreach ($arrActiveFrontendLanguages as $lang) { if (isset($pages[$lang['id']])) { $langId = $lang['id']; break; } } } } $url = $pages[$langId]->getUrl(ASCMS_PROTOCOL . "://" . $_CONFIG['domainUrl'] . ASCMS_PATH_OFFSET, "?eid={$intMediaDirId}"); $place = ($type = 'place') ? $this->place : $this->org_name; $placeUrl = "<a href='" . $url . "' target='_blank' >" . (!empty($place) ? $place : $url) . "</a>"; $placeUrlSource = $url; } return array($placeUrl, $placeUrlSource); }
/** * Set the language variable default page * * @global array * @global ADONewConnection * @global \Cx\Core\Html\Sigma * @return void */ function listVariables() { global $_ARRAYLANG, $objDatabase; //init variables $q_lang = ""; $q_module = ""; $q_status = ""; $q_zone = ""; $i = 0; $zoneMenu = ""; $selected1 = ""; $selected2 = ""; $selected3 = ""; $this->template->loadTemplateFile('language_list.html'); $this->pageTitle = $_ARRAYLANG['TXT_VARIABLE_LIST']; if (!isset($_SESSION['lang'])) { $_SESSION['lang'] = array(); } if (!isset($_SESSION['lang']['term'])) { $_SESSION['lang']['term'] = ""; } if (!isset($_SESSION['lang']['langId'])) { $_SESSION['lang']['langId'] = ""; } if (!isset($_SESSION['lang']['status'])) { $_SESSION['lang']['status'] = ""; } if (!isset($_SESSION['lang']['zone'])) { $_SESSION['lang']['zone'] = "both"; } if (!isset($_SESSION['lang']['moduleId'])) { $_SESSION['lang']['moduleId'] = ""; } if (isset($_POST['term'])) { $_SESSION['lang']['term'] = contrexx_addslashes($_POST['term']); } if (isset($_POST['lang'])) { $_SESSION['lang']['langId'] = intval($_POST['lang']); } if (isset($_POST['status'])) { $_SESSION['lang']['status'] = intval($_POST['status']); } if (isset($_POST['zone'])) { $_SESSION['lang']['zone'] = contrexx_addslashes($_POST['zone']); } if (isset($_POST['module'])) { $_SESSION['lang']['moduleId'] = intval($_POST['module']); } $term = $_SESSION['lang']['term']; $lang = $_SESSION['lang']['langId']; $status = $_SESSION['lang']['status']; $zone = $_SESSION['lang']['zone']; $module = $_SESSION['lang']['moduleId']; if ($zone == "frontend") { $selected1 = "selected"; } elseif ($zone == "backend") { $selected2 = "selected"; } elseif ($zone == "both" || $zone == "") { $zone = "both"; $selected3 = "selected"; } $zoneMenu .= "<option value='both' " . $selected3 . ">" . $_ARRAYLANG['TXT_SECTION'] . "</option>\n"; $zoneMenu .= "<option value='frontend' " . $selected1 . ">" . $_ARRAYLANG['TXT_WEB_PAGES'] . "</option>\n"; $zoneMenu .= "<option value='backend' " . $selected2 . ">" . $_ARRAYLANG['TXT_ADMINISTRATION_PAGES'] . "</option>\n"; $this->template->setVariable("LANGUAGE_ZONE_MENU", $zoneMenu); //Begin language varibales $this->template->setVariable(array('TXT_CONFIRM_DELETE_DATA' => $_ARRAYLANG['TXT_CONFIRM_DELETE_DATA'], 'TXT_ACTION_IS_IRREVERSIBLE' => $_ARRAYLANG['TXT_ACTION_IS_IRREVERSIBLE'], 'TXT_ATTENTION_SYSTEM_FUNCTIONALITY_AT_RISK' => $_ARRAYLANG['TXT_ATTENTION_SYSTEM_FUNCTIONALITY_AT_RISK'], 'TXT_MODULE' => $_ARRAYLANG['TXT_MODULE'], 'TXT_LANGUAGE' => $_ARRAYLANG['TXT_LANGUAGE'], 'TXT_STATUS' => $_ARRAYLANG['TXT_STATUS'], 'TXT_CONTROLLED' => $_ARRAYLANG['TXT_CONTROLLED'], 'TXT_OPEN_ISSUE' => $_ARRAYLANG['TXT_OPEN_ISSUE'], 'TXT_LANGUAGE_DEPENDANT_SYSTEM_VARIABLES' => $_ARRAYLANG['TXT_LANGUAGE_DEPENDANT_SYSTEM_VARIABLES'], 'TXT_FOUND' => $_ARRAYLANG['TXT_FOUND'], 'TXT_NAME' => $_ARRAYLANG['TXT_NAME'], 'TXT_VALUE' => $_ARRAYLANG['TXT_VALUE'], 'TXT_DISPLAY' => $_ARRAYLANG['TXT_DISPLAY'], 'TXT_ADMIN' => $_ARRAYLANG['TXT_ADMINISTRATION_PAGES'], 'TXT_PUBLIC' => $_ARRAYLANG['TXT_WEB_PAGES'])); //End language variables if (isset($_POST['Submit'])) { if (empty($lang)) { $objResult = $objDatabase->Execute("SELECT id FROM " . DBPREFIX . "languages WHERE is_default='true'"); if ($objResult !== false) { while (!$objResult->EOF) { $q_lang = "AND con.lang_id=" . intval($objResult->fields['id']) . " "; $objResult->MoveNext(); } } } else { $q_lang = "AND con.lang_id=" . intval($lang) . " "; } if ($zone != "both") { $q_zone = "AND nam.{$zone}=1 "; } if ($module != 0) { $q_module = "AND nam.module_id = " . $module . " "; } if ($status == "0" || $status == "1") { $q_status = "AND con.status=" . intval($status) . " "; } $q = "SELECT con.content AS content,\n con.status AS status,\n con.lang_id AS lang,\n nam.name AS name,\n nam.id AS varid,\n modu.name AS module,\n nam.backend AS backend,\n nam.frontend AS frontend\n FROM " . DBPREFIX . "language_variable_content AS con,\n " . DBPREFIX . "language_variable_names AS nam,\n " . DBPREFIX . "modules AS modu\n WHERE modu.id=nam.module_id\n AND con.varid=nam.id\n AND (nam.name LIKE '%" . $term . "%' OR con.content LIKE '%" . $term . "%') " . $q_zone . $q_lang . $q_module . $q_status . "\n ORDER BY nam.id"; $objResult = $objDatabase->Execute($q); if ($objResult !== false && $objResult->RecordCount() > 0) { $numRows = $objResult->RecordCount(); while (!$objResult->EOF) { if ($i % 2 == 0) { $class = "row1"; } else { $class = "row2"; } if (intval($objResult->fields['backend']) == 1) { $this->template->setVariable("LANGUAGE_ADMIN", "<img alt='' src='../core/Core/View/Media/icons/check.gif' />"); } if (intval($objResult->fields['frontend']) == 1) { $this->template->setVariable("LANGUAGE_WEBSITE", "<img alt='' src='../core/Core/View/Media/icons/check.gif' />"); } $this->template->setVariable(array('LANGUAGE_ROWCLASS' => $class, 'LANGUAGE_ID' => $objResult->fields['varid'], 'LANGUAGE_VARIABLENAME' => $objResult->fields['name'], 'LANGUAGE_CONTENT' => htmlspecialchars($objResult->fields['content'], ENT_QUOTES, CONTREXX_CHARSET), 'LANGUAGE_MODULE' => $objResult->fields['module'], 'LANGUAGE_LANG' => $this->arrLang[$objResult->fields['lang']])); // not carefully checked variable if (intval($objResult->fields['status'] == 1)) { $langStatus = "<img alt='' src=\"../core/Core/View/Media/icons/led_green.gif\" />"; } else { $langStatus = "<img alt='' src=\"../core/Core/View/Media/icons/led_red.gif\" />"; } $this->template->setVariable("LANGUAGE_STATUS", $langStatus); $this->template->parse('languageRow'); $i++; $objResult->MoveNext(); } } else { $this->template->hideBlock('languageSearchTable'); } } else { $this->template->hideBlock('languageSearchTable'); } $this->template->setVariable(array('LANGUAGE_STATS' => $numRows, 'LANGUAGE_MODULES_MENU' => $this->getSearchOptionMenu("modules", $module), 'LANGUAGE_LANG_MENU' => $this->getSearchOptionMenu("languages", $lang), 'LANGUAGE_SEARCHTERM' => $term)); }
/** * Global save function for saving the settings into database * * @return null */ function _saveSettings() { global $_ARRAYLANG, $objDatabase; foreach ($_POST['settings'] as $name => $value) { if (is_array($value)) { $value = implode(',', $value); } $query = "UPDATE " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_settings\n SET value = '" . contrexx_addslashes($value) . "'\n WHERE name = '" . contrexx_addslashes($name) . "'"; $objResult = $objDatabase->Execute($query); } if (isset($_POST['settings']['headlinesStatus'])) { \Cx\Core\Setting\Controller\Setting::init('Config', 'component', 'Yaml'); $headLinesStatusIntval = intval($_POST['settings']['headlinesStatus']); if (!\Cx\Core\Setting\Controller\Setting::isDefined('calendarheadlines')) { \Cx\Core\Setting\Controller\Setting::add('calendarheadlines', $headLinesStatusIntval, 1, \Cx\Core\Setting\Controller\Setting::TYPE_RADIO, '1:TXT_ACTIVATED,0:TXT_DEACTIVATED', 'component'); } else { \Cx\Core\Setting\Controller\Setting::set('calendarheadlines', $headLinesStatusIntval); \Cx\Core\Setting\Controller\Setting::update('calendarheadlines'); } } if ($objResult !== false) { $this->okMessage = $_ARRAYLANG['TXT_CALENDAR_SETTINGS_SUCCESSFULLY_EDITED']; } else { $this->errMessage = $_ARRAYLANG['TXT_CALENDAR_SETTINGS_CORRUPT_EDITED']; } }
/** * Update guestbook * * @global ADONewConnection * @global array */ function _update() { global $objDatabase, $_ARRAYLANG; $guestbookId = intval($_GET['id']); $error = ""; if (!empty($guestbookId)) { $forename = contrexx_addslashes(strip_tags($_POST['forename'])); $name = contrexx_addslashes(strip_tags($_POST['name'])); $gender = contrexx_addslashes(strip_tags($_POST['malefemale'])); $mail = isset($_POST['email']) ? contrexx_addslashes(strip_tags($_POST['email'])) : ''; $url = isset($_POST['url']) && strlen($_POST['url']) > 7 ? contrexx_addslashes(strip_tags($_POST['url'])) : ""; $comment = contrexx_addslashes(strip_tags($_POST['comment'])); $location = contrexx_addslashes(strip_tags($_POST['location'])); $ip = contrexx_addslashes(strip_tags($_POST['ip'])); $date = contrexx_addslashes(strip_tags($_POST['datetime'])); $objValidator = new \FWValidator(); if (!empty($url)) { if (!$this->isUrl($url)) { $error .= $_ARRAYLANG['TXT_INVALID_INTERNET_ADDRESS'] . "<br />"; } } if (!$objValidator->isEmail($mail)) { $error .= $_ARRAYLANG['TXT_INVALID_EMAIL_ADDRESS'] . "<br />"; } if (!empty($forename) && !empty($name)) { $query = "UPDATE " . DBPREFIX . "module_guestbook\n SET forename='{$forename}',\n name='{$name}',\n gender='{$gender}',\n email='{$mail}',\n url='{$url}',\n comment='{$comment}',\n location='{$location}',\n ip='{$ip}',\n datetime='{$date}',\n lang_id='{$this->langId}'\n WHERE id={$guestbookId}"; $objDatabase->Execute($query); } } if (empty($error)) { $this->strOkMessage = $_ARRAYLANG['TXT_DATA_RECORD_UPDATED_SUCCESSFUL']; } else { $this->strErrMessage = $error; } }
function updateHits($intEntryId) { global $_ARRAYLANG, $_CORELANG, $objDatabase; $intHits = intval($this->arrEntries[intval($intEntryId)]['entryHits']); $intPopularHits = intval($this->arrEntries[intval($intEntryId)]['entryPopularHits']); $strPopularDate = $this->arrEntries[intval($intEntryId)]['entryPopularDate']; $intPopularDays = intval($this->arrSettings['settingsPopularNumRestore']); $strLastIp = $this->arrEntries[intval($intEntryId)]['entryLastIp']; $strNewIp = contrexx_addslashes($_SERVER['REMOTE_ADDR']); $strToday = mktime(0, 0, 0, date("m"), date("d"), date("Y")); $tempDays = date("d", $strPopularDate); $tempMonth = date("m", $strPopularDate); $tempYear = date("Y", $strPopularDate); $strPopularEndDate = mktime(0, 0, 0, $tempMonth, $tempDays + $intPopularDays, $tempYear); if ($strLastIp != $strNewIp) { if ($strToday >= $strPopularEndDate) { $strNewPopularDate = $strToday; $intPopularHits = 1; } else { $strNewPopularDate = $strPopularDate; $intPopularHits++; } $intHits++; $objResult = $objDatabase->Execute("UPDATE\n " . DBPREFIX . "module_" . $this->moduleTablePrefix . "_entries\n SET\n hits='" . $intHits . "',\n popular_hits='" . $intPopularHits . "',\n popular_date='" . $strNewPopularDate . "',\n last_ip='" . $strNewIp . "'\n WHERE\n id='" . intval($intEntryId) . "'\n "); } }
function checkPageCmd($strPageCmd) { global $_LANGID; $pageRepo = \Env::get('em')->getRepository('Cx\\Core\\ContentManager\\Model\\Entity\\Page'); $pages = $pageRepo->findBy(array('cmd' => contrexx_addslashes($strPageCmd), 'lang' => $_LANGID, 'type' => \Cx\Core\ContentManager\Model\Entity\Page::TYPE_APPLICATION, 'module' => $this->moduleName)); return count($pages) > 0; }