function saveUploadedFile($file, $target, $exttype = '', $imgtype = '', $rename = 0, $maxsize = 0)
{
// imgtype can be all exif_imagetype supported by your PHP install
// see http://www.php.net/exif_imagetype
$file_status = array('status' => false, 'error' => '', 'name' => '', 'tmp_name' => '', 'size' => 0, 'path' => '', 'ext' => '', 'rename' => '', 'maxsize' => intval($maxsize), 'error_num' => 0, 'type' => '');
if (!isset($_FILES[$file]) || !is_uploaded_file($_FILES[$file]['tmp_name'])) {
$file_status['error'] = 'Upload not defined';
return $file_status;
}
$file_status['name'] = sanitize_filename($_FILES[$file]['name']);
$file_status['ext'] = which_ext($file_status['name']);
$file_status['tmp_name'] = $_FILES[$file]['tmp_name'];
$file_status['size'] = $_FILES[$file]['size'];
$file_status['type'] = empty($_FILES[$file]['type']) || !is_mimetype_format($_FILES[$file]['type']) ? get_mimetype_by_extension($file_status['ext']) : $_FILES[$file]['type'];
$file_status['path'] = $target;
$file_status['rename'] = $file_status['name'];
$file_status['maxsize'] = empty($file_status['maxsize']) ? $GLOBALS['phpwcms']['file_maxsize'] : $file_status['maxsize'];
if (intval($file_status['size']) > $file_status['maxsize']) {
$file_status['error'] = 'File is too large';
$file_status['error_num'] = 400;
return $file_status;
}
if (empty($target)) {
$file_status['error'] = 'Target directory not defined';
$file_status['error_num'] = 412;
return $file_status;
}
if (!@_mkdir($target)) {
$file_status['error'] = 'The target directory "' . $target . '" can not be found or generated';
$file_status['error_num'] = 412;
return $file_status;
}
if ($_FILES[$file]['error']) {
$file_status['error'] = $_FILES[$file]['error'];
$file_status['error_num'] = 409;
return $file_status;
}
if ($imgtype) {
$imgtype = convertStringToArray(strtolower($imgtype));
if (count($imgtype)) {
$data = @getimagesize($_FILES[$file]['tmp_name']);
$exif_imagetype = array(1 => 'gif', 2 => 'jpeg', 2 => 'jpg', 3 => 'png', 4 => 'swf', 5 => 'psd', 6 => 'bmp', 7 => 'tif', 8 => 'tiff', 9 => 'jpc', 10 => 'jp2', 11 => 'jpx', 12 => 'jb2', 13 => 'swc', 14 => 'iff', 15 => 'wbmp', 16 => 'xbm');
if (!$data && !$exttype) {
$file_status['error'] = 'Format' . ($file_status['ext'] ? ' *.' . $file_status['ext'] : '') . ' not supported (';
$allowed = array();
foreach ($imgtype as $value) {
$allowed[] = '*.' . $exif_imagetype[$value];
}
$file_status['error'] .= implode(', ', $allowed) . ')';
$file_status['error_num'] = 415;
@unlink($_FILES[$file]['tmp_name']);
return $file_status;
} elseif ($data) {
if (empty($exif_imagetype[$data[2]]) || !in_array($data[2], $imgtype)) {
$file_status['error'] = 'File type ';
$file_status['error'] .= empty($exif_imagetype[$data[2]]) ? $data[2] : $exif_imagetype[$data[2]];
$file_status['error'] .= ' is not supported for this upload (';
foreach ($imgtype as $imgt) {
$file_status['error'] .= empty($exif_imagetype[$imgt]) ? $imgt : $exif_imagetype[$imgt];
$file_status['error'] .= ', ';
}
$file_status['error'] = trim(trim($file_status['error']), ',');
$file_status['error'] .= ' only)';
$file_status['error_num'] = 415;
@unlink($_FILES[$file]['tmp_name']);
return $file_status;
}
$file_status['image'] = $data;
$exttype = '';
}
}
}
if ($exttype) {
$exttype = convertStringToArray(strtolower($exttype));
if (!in_array($file_status['ext'], $exttype)) {
$file_status['error'] = 'File type *.' . $file_status['ext'] . ' is not supported for this upload (*.' . implode(', *.', $exttype) . ' only)';
$file_status['error_num'] = 415;
@unlink($_FILES[$file]['tmp_name']);
return $file_status;
}
}
if (!is_writable($target)) {
$file_status['error'] = 'Target directory <b>' . str_replace(PHPWCMS_ROOT, '', $target) . '</b> is not writable';
$file_status['error_num'] = 412;
@unlink($_FILES[$file]['tmp_name']);
return $file_status;
}
$rename = convertStringToArray($rename);
if (count($rename)) {
$_temp_name = cut_ext($file_status['rename']);
foreach ($rename as $value) {
switch ($value) {
case 1:
$_temp_name = str_replace(array(':', '/', "\\", ' '), array('-', '-', '-', '_'), phpwcms_remove_accents($_temp_name));
$_temp_name = preg_replace('/[^0-9a-z_\\-\\.]/i', '', $_temp_name);
break;
case 2:
$_temp_name = time() . '_' . $_temp_name;
break;
case 3:
$_temp_name = date('Ymd-His') . '_' . $_temp_name;
break;
case 4:
$_temp_name = date('Ymd') . '_' . $_temp_name;
break;
case 5:
$_temp_name = generic_string(6) . '_' . $_temp_name;
break;
case 6:
$_temp_name = md5($_temp_name . ($file_status['ext'] ? '.' . $file_status['ext'] : ''));
break;
case 7:
$_temp_name = shortHash($_temp_name . ($file_status['ext'] ? '.' . $file_status['ext'] : ''));
break;
}
}
$file_status['rename'] = $_temp_name . ($file_status['ext'] ? '.' . $file_status['ext'] : '');
}
@umask(0);
if (!@move_uploaded_file($_FILES[$file]['tmp_name'], $target . $file_status['rename'])) {
if (!copy($_FILES[$file]['tmp_name'], $target . $file_status['rename'])) {
$file_status['error'] = 'Saving uploaded file <b>' . html($file_status['name']) . '</b> to <b>' . html(str_replace(PHPWCMS_ROOT, '', $target . $file_status['rename'])) . '</b> failed';
$file_status['error_num'] = 412;
@unlink($_FILES[$file]['tmp_name']);
return $file_status;
}
}
@chmod($target . $file_status['rename'], 0644);
$file_status['status'] = true;
return $file_status;
}
* @copyright Copyright (c) 2002-2015, Oliver Georgi
* @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2
* @link http://www.phpwcms.de
*
**/
// ----------------------------------------------------------------
// obligate check for phpwcms constants
if (!defined('PHPWCMS_ROOT')) {
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
//email form
$CNT_TMP .= headline($crow["acontent_title"], $crow["acontent_subtitle"], $template_default["article"]);
$cform = explode("#:#", $crow["acontent_form"]);
if (trim($cform[0])) {
$form_name = "form_" . generic_string(6);
$cform_fields = explode("\n", base64_decode($cform[0]));
$form_hidden_field = '';
$CNT_TMP .= "<form action=\"include/inc_act/act_formmailer.php\" method=\"post\" name=\"";
$CNT_TMP .= $form_name . "\" target=\"_self\" id=\"" . $form_name;
$CNT_TMP .= "\" style=\"margin:0px 0px 0px 0px; padding: 0px 0px 0px 0px;\">";
$CNT_TMP .= "<table border=\"0\" cellspacing=\"2\" cellpadding=\"0\"";
$CNT_TMP .= $template_default["article"]["form_align"] ? ' align="' . $template_default["article"]["form_align"] . '"' : '';
$CNT_TMP .= ">\n";
foreach ($cform_fields as $key => $value) {
$cfield = explode("|", $value);
list($cfield_length, $cfield_max_height) = explode(",", $cfield[4]);
$cfield_length = intval($cfield_length);
$cfield_max_height = intval($cfield_max_height);
$cfield[6] = intval($cfield[6]);
if ($cfield[2]) {
* phpwcms content management system
*
* @author Oliver Georgi <*****@*****.**>
* @copyright Copyright (c) 2002-2015, Oliver Georgi
* @license http://opensource.org/licenses/GPL-2.0 GNU GPL-2
* @link http://www.phpwcms.de
*
**/
// ----------------------------------------------------------------
// obligate check for phpwcms constants
if (!defined('PHPWCMS_ROOT')) {
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
$new_login = genlogname();
$new_password = generic_string(8);
$new_email = '';
$new_name = '';
$set_user_aktiv = 0;
$set_user_admin = 0;
$set_user_fe = 0;
$send_verification = 1;
$user_err = '';
if (isset($_POST["form_aktion"]) && $_POST["form_aktion"] == "create_account") {
//Create Account Daten verarbeiten
$new_login = slweg($_POST["form_newloginname"]);
$new_password = slweg($_POST["form_newpassword"]);
$new_email = clean_slweg($_POST["form_newemail"]);
$new_name = clean_slweg($_POST["form_newrealname"]);
$set_user_aktiv = isset($_POST["form_active"]) ? 1 : 0;
$set_user_admin = isset($_POST["form_admin"]) ? 1 : 0;
$image['tmpl_footer'] = get_tmpl_section('IMAGES_FOOTER', $image['template']);
$image['tmpl_entry'] = get_tmpl_section('IMAGES_ENTRY', $image['template']);
$image['tmpl_entry_space'] = get_tmpl_section('IMAGES_ENTRY_SPACER', $image['template']);
$image['tmpl_row_space'] = get_tmpl_section('IMAGES_ROW_SPACER', $image['template']);
$image['tmpl_thumb_width_max'] = 0;
$image['tmpl_thumb_height_max'] = 0;
$image['tmpl_images'] = array();
$image['template'] = $image['tmpl_header'];
$image['tmpl_data'] = array();
if (is_array($image['images']) && ($image['count'] = count($image['images']))) {
// Start lightbox
if (empty($image['lightbox'])) {
$image['lightbox'] = false;
} else {
initSlimbox();
$image['lightbox'] = generic_string(5);
}
switch ($image['center']) {
case 1:
// center hor/vert
if (!$image['width'] && !$image['height']) {
$image['center'] = 0;
} elseif (!$image['width']) {
$image['center'] = 3;
} elseif (!$image['height']) {
$image['center'] = 2;
}
break;
case 2:
// center hor
if (!$image['width']) {
require_once PHPWCMS_ROOT . '/include/inc_lib/general.inc.php';
checkLogin();
validate_csrf_tokens();
require_once PHPWCMS_ROOT . '/include/inc_lib/backend.functions.inc.php';
if ($_SESSION["wcs_user_admin"] == 1) {
//Wenn Benutzer Admin-Rechte hat
//Löschen eines Benutzers
if (isset($_GET["del"])) {
$ui = explode(":", clean_slweg($_GET["del"]));
$user_id = intval($ui[0]);
$user_email = '';
if (isset($ui[1])) {
$user_email = $ui[1];
}
if ($user_id != $_SESSION["wcs_user_id"]) {
$sql = "UPDATE " . DB_PREPEND . "phpwcms_user SET " . "usr_login='******', " . "usr_pass='******', " . "usr_email='', " . "usr_admin=0, " . "usr_aktiv=9 " . "WHERE usr_id=" . $user_id . " AND " . "usr_email=" . _dbEscape($user_email);
if ($result = mysql_query($sql, $db)) {
if (is_valid_email($user_email)) {
@mail($user_email, "your account", "YOUR PHPWCMS ACCOUNT WAS DELETED\n \ncontact the admin if you have any question.\n\nSee you at " . $phpwcms["site"], "From: " . $phpwcms["admin_email"] . "\nReply-To: " . $phpwcms["admin_email"] . "\n");
}
}
}
}
if (isset($_GET["aktiv"])) {
$ui = explode(":", clean_slweg($_GET["aktiv"]));
$user_id = intval($ui[0]);
$user_aktiv = !empty($ui[1]) ? 1 : 0;
if ($user_id != $_SESSION["wcs_user_id"]) {
$sql = "UPDATE " . DB_PREPEND . "phpwcms_user SET usr_aktiv=" . $user_aktiv . " WHERE usr_id=" . $user_id . ";";
mysql_query($sql, $db) or die("error");
}
function imagelisttable($imagelist, $rand = "0:0:0:0", $align = 0, $type = 0)
{
// build imagelist or ecard chooser table
// image: type = 0
// ecard: type = 1
$template_type = $type ? 'ecard' : 'imagelist';
$usetable = !isset($imagelist['usetable']) || $imagelist['usetable'] ? true : false;
if (empty($GLOBALS['cnt_image_lightbox'])) {
$lightbox = 0;
} else {
$lightbox = generic_string(5);
}
$caption_on = empty($imagelist['nocaption']) ? true : false;
$crop = empty($imagelist['crop']) ? 0 : 1;
$image_border = ' border="' . (empty($GLOBALS["template_default"]["article"][$template_type . "_border"]) ? '0' : $GLOBALS["template_default"]["article"][$template_type . "_border"]) . '"';
if ($usetable) {
$table_class = $GLOBALS["template_default"]["article"][$template_type . "_table_class"];
if (empty($align)) {
$align = '';
} else {
$table_class .= ' ' . $GLOBALS['template_default']['classes']['image-list-table'] . $align;
$align = ' align="' . $align . '"';
}
$table_class = ' class="' . trim($table_class) . '"';
$table_bgcolor = empty($GLOBALS["template_default"]["article"][$template_type . "_table_bgcolor"]) ? '' : ' bgcolor="' . $GLOBALS["template_default"]["article"][$template_type . "_table_bgcolor"] . '"';
$image_align = empty($GLOBALS["template_default"]["article"][$template_type . "_align"]) ? '' : ' align="' . $GLOBALS["template_default"]["article"][$template_type . "_align"] . '"';
$image_valign = empty($GLOBALS["template_default"]["article"][$template_type . "_valign"]) ? '' : ' valign="' . $GLOBALS["template_default"]["article"][$template_type . "_valign"] . '"';
$image_class = empty($GLOBALS["template_default"]["article"][$template_type . "_class"]) ? '' : ' class="' . $GLOBALS["template_default"]["article"][$template_type . "_class"] . '"';
$image_bgcolor = empty($GLOBALS["template_default"]["article"][$template_type . "_bgcolor"]) ? '' : ' bgcolor="' . $GLOBALS["template_default"]["article"][$template_type . "_bgcolor"] . '"';
$caption_class = empty($GLOBALS["template_default"]["article"][$template_type . "_caption_class"]) ? '' : ' class="' . $GLOBALS["template_default"]["article"][$template_type . "_caption_class"] . '"';
$caption_bgcolor = empty($GLOBALS["template_default"]["article"][$template_type . "_caption_bgcolor"]) ? '' : ' bgcolor="' . $GLOBALS["template_default"]["article"][$template_type . "_caption_bgcolor"] . '"';
$caption_valign = empty($GLOBALS["template_default"]["article"][$template_type . "_caption_valign"]) ? '' : ' valign="' . $GLOBALS["template_default"]["article"][$template_type . "_caption_valign"] . '"';
$caption_align = empty($GLOBALS["template_default"]["article"][$template_type . "_caption_align"]) ? '' : ' align="' . $GLOBALS["template_default"]["article"][$template_type . "_caption_align"] . '"';
$image_imgclass = empty($GLOBALS["template_default"]["article"][$template_type . "_imgclass"]) ? '' : ' class="' . $GLOBALS["template_default"]["article"][$template_type . "_imgclass"] . '"';
$capt_before = $GLOBALS["template_default"]["article"][$template_type . "_caption_before"];
$capt_after = $GLOBALS["template_default"]["article"][$template_type . "_caption_after"];
} else {
$image_imgclass = ' class="' . $imagelist['class_image_thumb'] . '"';
}
$rand = explode(":", $rand);
if (count($rand)) {
foreach ($rand as $key => $value) {
$rand[$key] = intval($value);
}
} else {
$rand = array(0, 0, 0, 0);
}
$col_rand = $rand[2] && $rand[3] ? 2 : ($rand[2] || $rand[3] ? 1 : 0);
if ($count_images = count($imagelist['images'])) {
// randomize image
if (!empty($imagelist['random'])) {
shuffle($imagelist['images']);
}
if (empty($imagelist['limit'])) {
$imagelist['limit'] = 0;
}
//Tabelle starten
$table = LF;
if ($usetable) {
$table .= ' <table border="0" cellspacing="0" cellpadding="0"' . $align . $table_bgcolor . $table_class . ' summary="">' . LF;
} else {
$table .= ' <div class="';
if (empty($imagelist['class'])) {
$table .= 'image-table';
} else {
$table .= $imagelist['class'];
}
$table .= '">' . LF;
}
$x = 0;
$y = 0;
$z = 0;
foreach ($imagelist['images'] as $key => $value) {
if (isset($imagelist['width'])) {
$imagelist['images'][$key][4] = $imagelist['width'];
$imagelist['images'][$key][5] = $imagelist['height'];
}
$y++;
if ($usetable && $z && $x == 1) {
if ($col_space) {
$table .= LF . '<tr>' . LF . ' <td';
$table .= $col_total > 1 ? " colspan=\"" . $col_total . "\"" : "";
if (!empty($GLOBALS["template_default"]['article']['imagelist_spacerrow_class'])) {
$table .= ' class="' . $GLOBALS["template_default"]['article']['imagelist_spacerrow_class'] . '">';
$table .= spacer(1, 1) . '</td>' . LF . '</tr>' . LF;
} else {
$table .= '>' . spacer(1, $col_space) . '</td>' . LF . '</tr>' . LF;
}
}
}
if ($usetable && !$x) {
//Some default values
$col_space = $imagelist['space'];
//Space between images
$col_count = $imagelist['col'];
//columns
$col_total = $col_count + ($col_space ? $col_count - 1 : 0) + $col_rand;
//Wenn oberer Rand definiert
if ($rand[0]) {
$table .= '<tr>' . LF . ' <td' . ($col_total > 1 ? ' colspan="' . $col_total . '"' : '') . '>' . spacer(1, $rand[0]) . '</td>' . LF . '</tr>' . LF;
}
$x = 1;
}
if ($usetable && $x == 1) {
// if left border
$table_tmp = $rand[2] ? ' <td width="' . $rand[2] . '">' . spacer($rand[2], 1) . '</td>' . LF : '';
//Neue Tabellenzeile
$capt_tmp = '';
$capt_row = '<tr>' . LF . $table_tmp;
if ($caption_on) {
$table .= $capt_row;
} else {
$table .= '<tr>' . LF;
}
}
//Aktuelle Bildspalte ausgeben
if ($usetable) {
$table .= ' <td' . $image_align . $image_valign . $image_bgcolor . $image_class . '>';
} else {
if (!$x) {
$x = 1;
}
$table .= ' <div class="' . $imagelist['class_image_wrapper'];
if ($x === 1) {
$table .= ' first';
}
$table .= ' row-' . ($z + 1);
$table .= '">' . LF . ' ';
}
$thumb_image = get_cached_image(array("target_ext" => $imagelist['images'][$key][3], "image_name" => $imagelist['images'][$key][2] . '.' . $imagelist['images'][$key][3], "max_width" => $imagelist['images'][$key][4], "max_height" => $imagelist['images'][$key][5], "thumb_name" => md5($imagelist['images'][$key][2] . $imagelist['images'][$key][4] . $imagelist['images'][$key][5] . $GLOBALS['phpwcms']["sharpen_level"] . $crop . $GLOBALS['phpwcms']['colorspace']), 'crop_image' => $crop));
if ($thumb_image && $imagelist['zoom']) {
$zoominfo = get_cached_image(array("target_ext" => $imagelist['images'][$key][3], "image_name" => $imagelist['images'][$key][2] . '.' . $imagelist['images'][$key][3], "max_width" => $GLOBALS['phpwcms']["img_prev_width"], "max_height" => $GLOBALS['phpwcms']["img_prev_height"], "thumb_name" => md5($imagelist['images'][$key][2] . $GLOBALS['phpwcms']["img_prev_width"] . $GLOBALS['phpwcms']["img_prev_height"] . $GLOBALS['phpwcms']["sharpen_level"] . $GLOBALS['phpwcms']['colorspace'])));
}
// now try to build caption and if neccessary add alt to image or set external link for image
$caption = getImageCaption($imagelist['images'][$key][6]);
// set caption and ALT Image Text for imagelist
$capt_cur = !$type ? html_specialchars($caption[0]) : $caption[0];
$caption[3] = empty($caption[3]) ? '' : ' title="' . html_specialchars($caption[3]) . '"';
//title
$caption[1] = empty($caption[1]) ? html_specialchars($imagelist['images'][$key][1]) : html_specialchars($caption[1]);
$list_img_temp = '<img src="' . PHPWCMS_IMAGES . $thumb_image[0] . '" ' . $thumb_image[3] . $image_border . $image_imgclass;
$list_img_temp .= ' data-image-id="' . $imagelist['images'][$key][0] . '" data-image-hash="' . $imagelist['images'][$key][2] . '"';
$list_img_temp .= ' data-image-ext="' . $imagelist['images'][$key][3] . '"';
$list_img_temp .= ' alt="' . $caption[1] . '"' . $caption[3] . ' />';
if ($imagelist['zoom'] && isset($zoominfo) && $zoominfo != false) {
// if click enlarge the image
$open_popup_link = 'image_zoom.php?' . getClickZoomImageParameter($zoominfo[0] . '?' . $zoominfo[3]);
if ($caption[2][0]) {
$open_link = $caption[2][0];
$return_false = '';
} else {
$open_link = $open_popup_link;
$return_false = 'return false;';
}
if (!$lightbox || $caption[2][0]) {
$table .= "<a href=\"" . $open_link . "\" onclick=\"checkClickZoom();clickZoom('" . $open_popup_link . "','previewpic','width=";
$table .= $zoominfo[1] . ",height=" . $zoominfo[2] . "');" . $return_false . '"' . $caption[2][1] . ' class="' . $imagelist['class_image_zoom'] . '">';
} else {
// lightbox
$table .= '<a href="' . PHPWCMS_IMAGES . $zoominfo[0] . '" rel="lightbox[' . $lightbox . ']"';
if ($capt_cur) {
$table .= ' title="' . parseLightboxCaption($capt_cur) . '"';
}
$table .= ' class="' . $imagelist['class_image_lightbox'] . '">';
}
$table .= $list_img_temp . "</a>";
} else {
// if not click enlarge
if ($caption[2][0]) {
$table .= '<a href="' . $caption[2][0] . '"' . $caption[2][1] . ' class="' . $imagelist['class_image_link'] . '">' . $list_img_temp . '</a>';
} else {
$table .= $list_img_temp;
}
}
if ($usetable) {
$table .= '</td>' . LF;
if ($caption_on && $capt_cur) {
$capt_tmp .= $capt_cur;
$capt_cur = '<span style="width:' . $thumb_image[1] . 'px">' . $capt_cur . '</span>';
} else {
$capt_cur = ' ';
}
$capt_row .= ' <td' . $caption_valign . $caption_align . $caption_bgcolor . $caption_class . '>' . $capt_before . $capt_cur . $capt_after . '</td>' . LF;
} else {
if ($caption_on && $capt_cur) {
$caption_class = empty($GLOBALS["template_default"]["article"]["image_caption_class"]) ? 'caption' : $GLOBALS["template_default"]["article"]["image_caption_class"];
$table .= LF . ' <p style="width:' . $thumb_image[1] . 'px" class="' . $caption_class . '">' . $GLOBALS["template_default"]["article"]["image_caption_before"];
$table .= $capt_cur;
if ($caption[4] !== '') {
$table .= ' <span class="' . $GLOBALS['template_default']['classes']['copyright'] . '">' . html_specialchars($caption[4]) . '</span>';
}
$table .= $GLOBALS["template_default"]["article"]["image_caption_after"] . "</p>";
}
$table .= LF . ' </div>' . LF;
}
//Gegenchecken wieviele Tabellenspalten als Rest bleiben und ergänzen
if ($usetable) {
if ($y == $count_images && $col_count > 1) {
//wenn eigentlich alle Bilder durchlaufen sind
if ($col_space && $x < $col_count) {
$xct = ' <td>' . spacer($col_space, 1) . '</td>' . LF;
$table .= $xct;
$capt_row .= $xct;
}
$rest_image = ceil($count_images / $col_count) * $col_count - $count_images;
for ($i = 1; $i <= $rest_image; $i++) {
$table .= ' <td> </td>';
$capt_row .= ' <td> </td>';
if ($i < $rest_image) {
if ($col_space) {
$xct = ' <td width="' . $col_space . '">' . spacer($col_space, 1) . '</td>' . LF;
$table .= $xct;
$capt_row .= $xct;
}
}
$x++;
}
}
if ($x == $col_count) {
//Wenn maximale Anzahl Bildspalten erreicht
$xct = $rand[3] ? '<td width="' . $rand[3] . '">' . spacer($rand[3], 1) . '</td>' . LF : '';
$table .= $xct;
$capt_row .= $xct;
$table .= "</tr>" . LF;
$capt_row .= "</tr>" . LF;
if ($capt_tmp) {
if ($caption_on) {
$table .= $capt_row;
}
$capt_row = '';
$capt_tmp = '';
}
$x = 1;
$z++;
} else {
$xct = $col_space ? ' <td width="' . $col_space . '">' . spacer($col_space, 1) . '</td>' . LF : '';
$table .= $xct;
$capt_row .= $xct;
$x++;
}
} else {
if ($x == $imagelist['col']) {
$x = 0;
$z++;
} else {
$x++;
}
}
// end if max image count
if ($imagelist['limit'] == $y) {
break;
}
}
if ($usetable) {
if ($rand[1]) {
$table .= '<tr>' . LF . ' <td' . ($col_total > 1 ? " colspan=\"" . $col_total . "\"" : "") . ">" . spacer(1, $rand[1]) . '</td>' . LF . '</tr>' . LF;
}
$table .= ' </table>' . LF;
} else {
$table .= ' </div>' . LF;
}
}
return $table;
}
$order_process = render_cnt_template($order_process, 'PAYMENT', html($_tmpl['config']['label_payby_' . $_SESSION[CART_KEY]['payby']]));
} else {
$order_process = render_cnt_template($order_process, 'PAYMENT', '');
}
$cart_mode = 'terms';
include $phpwcms['modules']['shop']['path'] . 'inc/cart.items.inc.php';
$order_process = str_replace('{ITEMS}', implode($_tmpl['term_space'], $cart_items), $order_process);
$terms_text = _getConfig('shop_pref_terms', '_shopPref');
$terms_format = _getConfig('shop_pref_terms_format', '_shopPref');
$order_process = str_replace('{TERMS}', $terms_format ? $terms_text : nl2br(html($terms_text)), $order_process);
include $phpwcms['modules']['shop']['path'] . 'inc/cart.parse.inc.php';
include $phpwcms['modules']['shop']['path'] . 'inc/shipping.parse.inc.php';
} elseif (isset($_POST['shop_order_submit']) && !isset($_SESSION[CART_KEY]['error']['step2'])) {
// OK agreed - now send order
if ($_tmpl['config']['order_number_style'] == 'RANDOM') {
$order_num = generic_string(8, 2);
} else {
// count all current orders
$order_num = _dbCount('SELECT COUNT(*) FROM ' . DB_PREPEND . 'phpwcms_shop_orders') + 1;
if (strpos($_tmpl['config']['order_number_style'], '%') !== FALSE) {
$order_num = sprintf($_tmpl['config']['order_number_style'], $order_num);
}
}
// prepare customer mail
$order_process = $_tmpl['mail_customer'];
foreach ($_SESSION[CART_KEY]['step1'] as $item_key => $row) {
$order_process = render_cnt_template($order_process, $item_key, html($row));
}
$cart_mode = 'mail1';
include $phpwcms['modules']['shop']['path'] . 'inc/cart.items.inc.php';
$order_process = str_replace('{ITEMS}', implode(LF . LF, $cart_items), $order_process);
function build_levels($struct, $level, $temp_tree, $act_cat_id, $nav_table_struct, $count, $div, $link_to)
{
// this returns the level structure based on given arrays
// it is special for browsing from root levels
$nav_table_struct["linkimage_over_js"] = $nav_table_struct['array_struct'][$count]["linkimage_over_js"];
$nav_table_struct["linkimage_norm"] = $nav_table_struct['array_struct'][$count]["linkimage_norm"];
$nav_table_struct["linkimage_over"] = $nav_table_struct['array_struct'][$count]["linkimage_over"];
$nav_table_struct["linkimage_active"] = $nav_table_struct['array_struct'][$count]["linkimage_active"];
$nav_table_struct["row_norm_bgcolor"] = $nav_table_struct['array_struct'][$count]["row_norm_bgcolor"];
$nav_table_struct["row_norm_class"] = $nav_table_struct['array_struct'][$count]["row_norm_class"];
$nav_table_struct["row_over_bgcolor"] = $nav_table_struct['array_struct'][$count]["row_over_bgcolor"];
$nav_table_struct["row_active_bgcolor"] = $nav_table_struct['array_struct'][$count]["row_active_bgcolor"];
$nav_table_struct["row_active_class"] = $nav_table_struct['array_struct'][$count]["row_active_class"];
$nav_table_struct["space_celltop"] = $nav_table_struct['array_struct'][$count]["space_celltop"];
$nav_table_struct["space_cellbottom"] = $nav_table_struct['array_struct'][$count]["space_cellbottom"];
$nav_table_struct["cell_height"] = $nav_table_struct['array_struct'][$count]["cell_height"];
$nav_table_struct["cell_class"] = $nav_table_struct['array_struct'][$count]["cell_class"];
$nav_table_struct["cell_active_height"] = $nav_table_struct['array_struct'][$count]["cell_active_height"];
$nav_table_struct["cell_active_class"] = $nav_table_struct['array_struct'][$count]["cell_active_class"];
$nav_table_struct["link_before"] = $nav_table_struct['array_struct'][$count]["link_before"];
$nav_table_struct["link_after"] = $nav_table_struct['array_struct'][$count]["link_after"];
$nav_table_struct["link_active_before"] = $nav_table_struct['array_struct'][$count]["link_active_before"];
$nav_table_struct["link_active_after"] = $nav_table_struct['array_struct'][$count]["link_active_after"];
$temp_menu = '';
$js = '';
$depth = count($temp_tree) - $div;
$current_level = $count;
$count++;
$depth2 = $depth - $count + 2;
$right_cell = '';
$left_cell = '';
$cell_top = '';
$cell_bottom = '';
$space_right = '';
$space_cell = '';
$space_row = '';
$cell_height = $nav_table_struct["cell_height"] ? $nav_table_struct["cell_height"] : 1;
if ($nav_table_struct["space_right"]) {
$right_cell = "<td width=\"" . $nav_table_struct["space_left"] . "\">";
$right_cell .= spacer($nav_table_struct["space_right"], $cell_height) . "</td>\n";
$space_right = "<td>" . spacer(1, 1) . "</td>";
}
if ($nav_table_struct["space_left"]) {
$colspan = $count > 1 ? " colspan=\"" . $count . "\"" : "";
$left_cell = "<td width=\"" . $nav_table_struct["space_left"] . "\"" . $colspan . ">";
$left_cell .= spacer($nav_table_struct["space_left"], $cell_height) . "</td>\n";
$space_cell = "<td" . $colspan . ">" . spacer(1, 1) . "</td><td>" . spacer(1, 1) . "</td>";
} else {
if ($count > 1) {
$colspan = $count > 2 ? " colspan=\"" . ($count - 1) . "\"" : "";
$left_cell = "<td " . $colspan . ">" . spacer(1, 1) . "</td>\n";
$space_cell = "<td" . $colspan . ">" . spacer(1, 1) . "</td><td>" . spacer(1, 1) . "</td>";
}
}
if ($nav_table_struct["space_celltop"]) {
$cell_top = spacer(1, $nav_table_struct["space_celltop"]) . "<br />";
}
if ($nav_table_struct["space_cellbottom"]) {
$cell_bottom = "<br />" . spacer(1, $nav_table_struct["space_cellbottom"]);
}
$colspan = $depth2 > 1 ? ' colspan="' . $depth2 . '"' : '';
foreach ($struct as $key => $value) {
if (_getStructureLevelDisplayStatus($key, $level)) {
$link_image_id = "linkid" . generic_string(6);
$link_name_id = ' name="' . $link_image_id . '" id="' . $link_image_id . '"';
if (!$struct[$key]["acat_redirect"]) {
$link = 'index.php?';
if ($struct[$key]["acat_alias"]) {
$link .= html_specialchars($struct[$key]["acat_alias"]);
} else {
$link .= 'id=' . $key;
//',0,0,1,0,0';
}
$redirect['target'] = '';
} else {
$redirect = get_redirect_link($struct[$key]["acat_redirect"], ' ', '');
$link = $redirect['link'];
}
$js = ' style="cursor:pointer;cursor:hand;"';
//display:block;
$js_act = $js;
if ($nav_table_struct["js_over_effects"]) {
if ($redirect['target'] != ' target="_blank"') {
$js .= " onclick=\"location.href='" . js_singlequote($link) . "';return false;\"";
} else {
$js .= " onclick=\"window.open('" . js_singlequote($link) . "', 'phpwcmnewwin');return false;\"";
}
$js_act = $js;
$js .= ' onmouseover="';
if ($nav_table_struct["linkimage_over_js"]) {
$js .= "MM_swapImage('" . $link_image_id . "','','" . $nav_table_struct["linkimage_over_js"] . "',1);";
}
if ($nav_table_struct["row_over_bgcolor"]) {
$js .= "this.bgColor='" . $nav_table_struct["row_over_bgcolor"] . "';";
}
$js .= '" onmouseout="';
if ($nav_table_struct["linkimage_over_js"]) {
$js .= "MM_swapImgRestore();";
}
if ($nav_table_struct["row_norm_bgcolor"]) {
$js .= "this.bgColor='" . $nav_table_struct["row_norm_bgcolor"] . "';";
}
$js .= '"';
} else {
$js = '';
}
// add structure level based classes
if (!empty($struct[$key]["acat_class"])) {
$nav_table_struct_temp = $nav_table_struct;
$nav_table_struct["row_norm_class"] = trim($nav_table_struct["row_norm_class"] . ' ' . $struct[$key]["acat_class"]);
$nav_table_struct["row_active_class"] = trim($nav_table_struct["row_active_class"] . ' ' . $struct[$key]["acat_class"]);
$nav_table_struct["row_space_class"] = 'row_space ' . $struct[$key]["acat_class"];
} else {
$nav_table_struct_temp = NULL;
}
//spacer row
if ($nav_table_struct["row_space"]) {
$space_row = "<tr" . table_attributes($nav_table_struct, "row_space", 0, true) . ">\n" . $space_cell;
$space_row .= "<td" . $colspan . ">" . spacer(1, $nav_table_struct["row_space"]) . "</td>";
$space_row .= $space_right . "\n</tr>\n";
$temp_menu .= $space_row;
}
if (!empty($temp_tree[$key])) {
//if($act_cat_id == $key) {
//check if inside active tree structure
if ($act_cat_id == $key || !empty($nav_table_struct["all_nodes_active"]) && isset($GLOBALS['LEVEL_KEY'][$key])) {
$temp_menu .= "<tr" . table_attributes($nav_table_struct, "row_active", 0, true) . $js_act . ">\n" . $left_cell;
$temp_menu .= "<td valign=\"top\">" . str_replace('#', $link_name_id, $nav_table_struct["linkimage_active"]) . "</td>\n";
$temp_menu .= "<td" . table_attributes($nav_table_struct, "cell_active", 1, true) . $colspan . ">" . $cell_top;
$temp_menu .= '<a href="' . $link . '"' . $redirect['target'] . '>';
$temp_menu .= $nav_table_struct["link_active_before"];
$temp_menu .= html_specialchars($struct[$key]["acat_name"]);
$temp_menu .= $nav_table_struct["link_active_after"] . '</a>';
} else {
$temp_menu .= "<tr" . table_attributes($nav_table_struct, "row_norm", 0, true) . $js . ">\n" . $left_cell;
$temp_menu .= "<td valign=\"top\">" . str_replace('#', $link_name_id, $nav_table_struct["linkimage_norm"]) . "</td>\n";
$temp_menu .= "<td" . table_attributes($nav_table_struct, "cell", 1, true) . $colspan . ">" . $cell_top;
$temp_menu .= '<a href="' . $link . '"' . $redirect['target'] . '>';
$temp_menu .= $nav_table_struct["link_before"];
$temp_menu .= html_specialchars($struct[$key]["acat_name"]);
$temp_menu .= $nav_table_struct["link_after"] . '</a>';
}
$temp_menu .= $cell_bottom . "</td>\n" . $right_cell . "</tr>\n";
$temp_menu .= build_levels($struct, $key, $temp_tree, $act_cat_id, $nav_table_struct, $count, $div, $link_to);
} else {
$temp_menu .= "<tr" . table_attributes($nav_table_struct, "row_norm", 0, true) . $js . ">\n" . $left_cell;
$temp_menu .= "<td valign=\"top\">" . str_replace('#', $link_name_id, $nav_table_struct["linkimage_norm"]) . "</td>\n";
$temp_menu .= "<td" . table_attributes($nav_table_struct, "cell", 1, true) . $colspan . ">" . $cell_top;
$temp_menu .= '<a href="' . $link . '"' . $redirect['target'] . '>';
$temp_menu .= $nav_table_struct["link_before"];
$temp_menu .= html_specialchars($struct[$key]["acat_name"]);
$temp_menu .= $nav_table_struct["link_after"] . '</a>';
$temp_menu .= $cell_bottom . "</td>\n" . $right_cell . "</tr>\n";
}
// reset table structure attributes
if ($nav_table_struct_temp !== NULL) {
$nav_table_struct = $nav_table_struct_temp;
}
}
}
if ($nav_table_struct["row_space"] && $count == 1) {
$temp_menu .= $space_row;
}
return $temp_menu;
}
</tr>
<tr bgcolor="#E6EAED"><td colspan="2"><img src="img/leer.gif" alt="" width="1" height="8" /></td>
</tr>
<tr bgcolor="#E6EAED">
<td align="right" class="chatlist"><?php
echo $BL['be_admin_tmpl_name'];
?>
: </td>
<td><table border="0" cellpadding="0" cellspacing="0" summary="">
<tr>
<td><?php
// ERICH COPY TEMPLATE 08.06.2005
if (empty($createcopy)) {
echo '<input name="template_name" type="text" class="f11b width350" id="template_name" value="' . html($template["name"]) . '" size="50" maxlength="150">';
} else {
echo '<img src="img/symbole/achtung.gif" width="13" height="11" alt="" border="0" style="margin-right:2px;" /><input name="template_name" type="text" class="f11b width350" id="template_name" style="color:FF3300" value="' . html($template["name"]) . '_' . generic_string(2) . '" size="50" maxlength="150">';
}
?>
</td>
<td> </td>
<td><input name="template_setdefault" id="template_setdefault" type="checkbox" value="1" <?php
is_checked(empty($createcopy) ? $template["default"] : 0, 1);
?>
/></td>
<td class="v10"><label for="template_setdefault"><?php
echo $BL['be_admin_tmpl_default'];
?>
</label></td>
</tr>
</table></td>
</tr>
function createOptionTransferSelectList($id = '', $leftData, $rightData, $option = array())
{
// used to create
global $BL;
$id_left = $id . '_left';
$id_right = $id . '_right';
$id_left_box = $id_left . 'list';
$id_right_box = $id_right . 'list';
$option_object = generic_string(4, 4);
$table = '';
$option['rows'] = empty($option['rows']) || !intval($option['rows']) ? 5 : $option['rows'];
$option['delimeter'] = empty($option['delimeter']) ? ',' : $option['delimeter'];
$option['encode'] = isset($option['encode']) && $option['encode'] === false ? false : true;
$option['style'] = empty($option['style']) ? '' : ' style="' . $option['style'] . '"';
$option['class'] = empty($option['class']) ? ' class="#SIDE#"' : ' class="#SIDE# ' . $option['class'] . '"';
$option['formname'] = empty($option['formname']) ? 'document.forms[0]' : 'document.getElementById(\'' . $option['formname'] . '\')';
$GLOBALS['BE']['HEADER']['optionselect.js'] = getJavaScriptSourceLink('include/inc_js/optionselect.js');
$table .= '<table border="0" cellspacing="0" cellpadding="0">' . LF . '<tr>' . LF;
// left select list
$table .= '<td valign><select name="' . $id_left_box . '" id="' . $id_left_box . '" size="' . $option['rows'] . '" multiple="multiple"';
$table .= $option['style'] . str_replace('#SIDE#', 'leftSide', $option['class']) . ' ondblclick="' . $option_object . '.transferRight()">' . LF;
if (!empty($leftData) && is_array($leftData)) {
foreach ($leftData as $key => $value) {
$table .= ' <option value="' . $key . '">' . $value . '</option>' . LF;
}
}
$table .= '</select></td>' . LF;
// left <-> right buttons
$table .= '<td' . $option['style'] . $option['class'] . '>';
$table .= '<img src="img/leer.gif" alt="" width="1" height="1" />' . LF;
$table .= '</td>' . LF;
// right select list
$table .= '<td><select name="' . $id_right_box . '" id="' . $id_right_box . '" size="' . $option['rows'] . '" multiple="multiple"';
$table .= $option['style'] . str_replace('#SIDE#', 'rightSide', $option['class']) . ' ondblclick="' . $option_object . '.transferLeft()">' . LF;
if (!empty($rightData) && is_array($rightData)) {
foreach ($rightData as $key => $value) {
$table .= ' <option value="' . $key . '">' . $value . '</option>' . LF;
}
}
$table .= '</select></td>' . LF;
$table .= '</tr>' . LF;
$table .= '<tr>' . LF . '<td>';
$table .= '<img src="img/button/list_pos_up.gif" alt="" border="0" onclick="moveOptionUp(' . $option['formname'] . '.' . $id_left_box . ');' . $option_object . '.update();">';
$table .= '<img src="img/leer.gif" width="2" height="2" alt="" />';
$table .= '<img src="img/button/list_pos_down.gif" alt="" border="0" onclick="moveOptionDown(' . $option['formname'] . '.' . $id_left_box . ');' . $option_object . '.update();">';
$table .= '<img src="img/leer.gif" width="4" height="4" alt="" />';
$table .= '<img src="img/button/put_right_a.gif" alt="Move selected to right" border="0" onclick="' . $option_object . '.transferRight();" />';
$table .= '<img src="img/leer.gif" width="2" height="2" alt="" />';
$table .= '<img src="img/button/put_right.gif" alt="Move all to right" border="0" onclick="' . $option_object . '.transferAllRight();"/>';
$table .= '</td>' . LF;
$table .= '<td><img src="img/leer.gif" alt="" width="1" height="1" /></td>' . LF;
$table .= '<td>';
$table .= '<img src="img/button/put_left_a.gif" alt="Move selected to left" border="0" onclick="' . $option_object . '.transferLeft();" />';
$table .= '<img src="img/leer.gif" width="2" height="2" alt="" />';
$table .= '<img src="img/button/put_left.gif" alt="Move all to left" border="0" onclick="' . $option_object . '.transferAllLeft();" />';
$table .= '</td>' . LF;
$table .= '</tr>' . LF . '</table>' . LF;
$table .= '<input type="hidden" name="' . $id_left . '" id="' . $id_left . '" value="" />';
$table .= '<input type="hidden" name="' . $id_right . '" id="' . $id_right . '" value="" />';
$table .= '<script>' . LF;
$table .= SCRIPT_CDATA_START . LF;
$table .= ' var ' . $option_object . ' = new OptionTransfer("' . $id_left_box . '","' . $id_right_box . '");' . LF;
$table .= ' ' . $option_object . '.setAutoSort(false);' . LF;
$table .= ' ' . $option_object . '.setDelimiter("' . $option['delimeter'] . '");' . LF;
$table .= ' ' . $option_object . '.saveNewLeftOptions("' . $id_left . '");' . LF;
$table .= ' ' . $option_object . '.saveNewRightOptions("' . $id_right . '");' . LF;
$table .= ' ' . $option_object . '.init(' . $option['formname'] . ');' . LF;
$table .= LF . SCRIPT_CDATA_END . LF;
$table .= '</script>' . LF;
return $table;
}
if (!is_valid_email($content["mailrecipient"])) {
$content["error"]["mailrecipient"] = "proof recipient - email format error";
}
$content["mailbutton"] = clean_slweg($_POST["cmailbutton"]);
if (isEmpty($content["mailbutton"])) {
$content["mailbutton"] = "send";
}
$content["mailhtml"] = isset($_POST["cmailhtml"]) ? intval($_POST["cmailhtml"]) : 0;
if (is_array($content["mailform"]) && count($content["mailform"])) {
foreach ($content["mailform"] as $key => $value) {
$content["mailform"][$key] = explode("|", chop($value));
// Field-Code
$content["mailform"][$key][0] = strtoupper(trim($content["mailform"][$key][0]));
if ($content["mailform"][$key][0] == "IT" || $content["mailform"][$key][0] == "IP" || $content["mailform"][$key][0] == "IH" || $content["mailform"][$key][0] == "TA" || $content["mailform"][$key][0] == "SM" || $content["mailform"][$key][0] == "SL" || $content["mailform"][$key][0] == "IC" || $content["mailform"][$key][0] == "IR" || $content["mailform"][$key][0] == "SC" || $content["mailform"][$key][0] == "IN" || $content["mailform"][$key][0] == "CA") {
$content["mailform"][$key][1] = isset($content["mailform"][$key][1]) ? trim($content["mailform"][$key][1]) : '';
$content["mailform"][$key][1] = $content["mailform"][$key][1] ? $content["mailform"][$key][1] : "field_" . generic_string(3);
$content["mailform"][$key][2] = isset($content["mailform"][$key][2]) ? intval($content["mailform"][$key][2]) : 0;
$content["mailform"][$key][3] = isset($content["mailform"][$key][3]) ? trim($content["mailform"][$key][3]) : '';
if (isset($content["mailform"][$key][4])) {
$field_length = explode(",", $content["mailform"][$key][4]);
$field_max_height = isset($field_length[1]) ? intval($field_length[1]) : 0;
$field_length = intval($field_length[0]);
} else {
$field_length = 0;
$field_max_height = 0;
}
$field_length = $field_length ? $field_length : 10;
switch ($content["mailform"][$key][0]) {
case "TA":
$field_max_height = $field_max_height ? $field_max_height : 3;
break;
$sql = 'UPDATE ' . DB_PREPEND . 'phpwcms_ads_campaign SET ';
$sql .= "adcampaign_status=" . (intval($_GET['verify']) ? 1 : 0) . " ";
$sql .= "WHERE adcampaign_id=" . intval($_GET['editid']);
@_dbQuery($sql, 'UPDATE');
headerRedirect(decode_entities(MODULE_HREF) . '&listcampaign=1');
} elseif (isset($_GET['delete'])) {
$adcampaign_id = intval($_GET['delete']);
// delete
$sql = 'UPDATE ' . DB_PREPEND . 'phpwcms_ads_campaign SET ';
$sql .= "adcampaign_status=9 WHERE adcampaign_id=" . $adcampaign_id;
@_dbQuery($sql, 'UPDATE');
//rename deleted campaign
@rename(PHPWCMS_CONTENT . 'ads/' . $adcampaign_id, PHPWCMS_CONTENT . 'ads/_deleted_' . time() . '_' . $adcampaign_id);
headerRedirect(decode_entities(MODULE_HREF) . '&listcampaign=1');
} elseif (isset($_GET['duplicate'])) {
@_dbDuplicateRow('phpwcms_ads_campaign', 'adcampaign_id', intval($_GET['duplicate']), array('adcampaign_title' => '--SELF-- (' . generic_string(3) . ')', 'adcampaign_created' => 'SQL:NOW()', 'adcampaign_changed' => 'SQL:NOW()', 'adcampaign_curview' => '0', 'adcampaign_curclick' => '0', 'adcampaign_curviewuser' => '0'));
headerRedirect(decode_entities(MODULE_HREF) . '&listcampaign=1');
}
// edit ad place
} elseif (!empty($_GET['adplace'])) {
if (isset($_GET['edit'])) {
// handle posts and read data
include_once $phpwcms['modules'][$module]['path'] . 'inc/processing.adplace.inc.php';
// edit campaign form
include_once $phpwcms['modules'][$module]['path'] . 'backend.form.adplace.php';
} elseif (isset($_GET['verify'])) {
// active/inactive
$sql = 'UPDATE ' . DB_PREPEND . 'phpwcms_ads_place SET ';
$sql .= "adplace_status=" . (intval($_GET['verify']) ? 1 : 0) . " ";
$sql .= "WHERE adplace_id=" . intval($_GET['editid']);
@_dbQuery($sql, 'UPDATE');
* @link http://www.phpwcms.de
*
**/
// ----------------------------------------------------------------
// obligate check for phpwcms constants
if (!defined('PHPWCMS_ROOT')) {
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
$subscription["id"] = intval($_GET["s"]);
if (isset($_POST["subscription_id"])) {
// read the create or edit subscription form data
$subscription["id"] = intval($_POST["subscription_id"]);
$subscription["name"] = clean_slweg($_POST["subscription_name"]);
if (!$subscription["name"]) {
$subscription["name"] = "subscription_" . generic_string(3);
}
$subscription["info"] = clean_slweg($_POST["subscription_info"]);
if ($subscription["id"]) {
$sql = "UPDATE " . DB_PREPEND . "phpwcms_subscription SET " . "subscription_name='" . aporeplace($subscription["name"]) . "', " . "subscription_info='" . aporeplace($subscription["info"]) . "' " . "WHERE subscription_id=" . $subscription["id"];
} else {
$sql = "INSERT INTO " . DB_PREPEND . "phpwcms_subscription (" . "subscription_name, subscription_info) VALUES ('" . aporeplace($subscription["name"]) . "', '" . aporeplace($subscription["info"]) . "')";
}
// update or insert data entry
mysql_query($sql, $db) or die("error while updating or inserting subscription datas");
if (!$subscription["id"]) {
$subscription["id"] = mysql_insert_id($db);
}
headerRedirect(PHPWCMS_URL . 'phpwcms.php?' . get_token_get_string('csrftoken') . '&do=messages&p=2&s=' . $subscription["id"]);
}
if ($subscription["id"]) {
$sql = 'SELECT detail_id, detail_login AS LOGIN, detail_email AS EMAIL FROM ' . DB_PREPEND . "phpwcms_userdetail WHERE ";
$sql .= "detail_login="******" LIMIT 1";
$result = _dbQuery($sql);
if (isset($result[0])) {
$result[0]['PASSWORD'] = generic_string(8);
_dbUpdate('phpwcms_userdetail', array('detail_password' => md5($result[0]['PASSWORD'])), 'WHERE detail_id=' . $result[0]['detail_id']);
$_loginData['remind_password'] = $result[0];
}
}
// hm, seems no user found - OK test against cms users
if ($_loginData['validate_db']['backenduser'] && !isset($result[0])) {
$sql = 'SELECT usr_id, usr_login AS LOGIN, usr_email AS EMAIL FROM ' . DB_PREPEND . 'phpwcms_user WHERE ';
$sql .= "usr_login="******" LIMIT 1";
$result = _dbQuery($sql);
if (isset($result[0])) {
$result[0]['PASSWORD'] = generic_string(8);
_dbUpdate('phpwcms_user', array('usr_pass' => md5($result[0]['PASSWORD'])), 'WHERE usr_id=' . $result[0]['usr_id']);
$_loginData['remind_password'] = $result[0];
}
}
}
if (isset($_loginData['remind_password']) || isset($_loginData['remind_login'])) {
$_loginData['reminder'] = $_loginData['reminder_success'];
$_loginData['LOGIN_URL'] = rel_url(array(), array('profile_manage', 'profile_register', 'profile_reminder'));
$_loginData['reminder_email'] = str_replace('{LOGIN_URL}', PHPWCMS_URL . $_loginData['LOGIN_URL'], $_loginData['reminder_email']);
if (isset($_loginData['remind_password'])) {
$_loginData['reminder_email'] = str_replace('{LOGIN}', $_loginData['remind_password']['LOGIN'], $_loginData['reminder_email']);
$_loginData['reminder_email'] = str_replace('{PASSWORD}', $_loginData['remind_password']['PASSWORD'], $_loginData['reminder_email']);
$_loginData['reminder_to'] = $_loginData['remind_password']['EMAIL'];
$_loginData['reminder_email_body'] = returnTagContent($_loginData['reminder_email'], 'PASSWORD_EMAIL');
$_loginData['reminder_email_body'] = $_loginData['reminder_email_body']['tag'];
