<?php global $boxes; $breadcrumbs->addElement($lang->get('boxes'), makeURL($mod, array('mode' => 'boxes'))); $b = $boxes->getAll(); if (isset($_POST['save'])) { foreach ($b as $i) { if (@$_POST['remove_' . $i['boxid']] == '1') { $boxes->remove($i['boxid']); } else { $boxes->move($i['boxid'], $_POST['position_' . $i['boxid']], $_POST['order_' . $i['boxid']]); $boxes->edit($i['boxid'], $_POST['title_' . $i['boxid']], @$_POST['visible_' . $i['boxid']], @$_POST['requires_login_' . $i['boxid']], @$_POST['domainid_' . $i['boxid']]); } } if (trim($_POST['file_new']) != '') { $boxes->add($_POST['title_new'], $_POST['file_new'], $_POST['position_new'], $_POST['order_new'], @$_POST['visible_new'], @$_POST['requires_login_new'], @$_POST['domainid_new']); } $b = $boxes->getAll(); } $smarty->assign('availableList', $boxes->listAvailable()); $smarty->assign('dlist', getDomainList()); $smarty->assign('boxes', $b); $smarty->assign('path', $template_dir . "/boxes.tpl");
$mode = @$_GET['mode']; @($movieid = (int) $_GET['movieid']); global $current_language, $lng; $lng = secureMySQL($current_language); $breadcrumbs->addElement($lang->get('movies'), makeURL($mod)); switch ($mode) { case 'delete': if ($isAllowed) { $db->delete('movies', '`movieid` = ' . $movieid); redirect(makeURL($mod, array('mode' => 'manage'))); break; } case 'edit': case 'add': if ($isAllowed) { $smarty->assign('domains', getDomainList()); $smarty->assign('languages', array_merge(array('' => ''), $lang->listLanguages())); $breadcrumbs->addElement($lang->get('manage_movies'), makeURL($mod, array('mode' => 'manage'))); if ($mode == 'add') { $breadcrumbs->addElement($lang->get('add'), makeURL($mod, array('mode' => 'add'))); } else { $breadcrumbs->addElement($lang->get('edit'), makeURL($mod, array('mode' => 'edit', 'movieid' => $movieid))); } if (isset($_POST['save'])) { if ($movieid == 0) { $db->insert('movies', array('title', 'description', 'urlid', 'order', 'thumbnail', 'language', 'hidden', 'domainid'), array("'" . $_POST['title'] . "'", "'" . $_POST['description'] . "'", "'" . $_POST['urlid'] . "'", (int) $_POST['order'], (int) $_POST['thumbnail'], "'" . $_POST['language'] . "'", @(int) $_POST['hidden'], @(int) $_POST['domainid'])); redirect(makeURL($mod, array('mode' => 'manage'))); } else { $db->update('movies', "`title`='" . secureMySQL($_POST['title']) . "',\r\n\t\t\t\t\t\t\t`description`='" . secureMySQL($_POST['description']) . "',\r\n\t\t\t\t\t\t\t`urlid`='" . secureMySQL($_POST['urlid']) . "',\r\n\t\t\t\t\t\t\t`order`=" . (int) $_POST['order'] . ",\r\n\t\t\t\t\t\t\t`thumbnail`=" . (int) $_POST['thumbnail'] . ",\r\n\t\t\t\t\t\t\t`language`='" . secureMySQL($_POST['language']) . "',\r\n\t\t\t\t\t\t\t`hidden`=" . @(int) $_POST['hidden'] . ",\r\n\t\t\t\t\t\t\t`domainid`=" . @(int) $_POST['domainid'], "`movieid`=" . $movieid); } }