function formProcess_links($option) { $errorText = ''; if (!check_csrf_token()) { zamgerlog("csrf token nije dobar", 3); zamgerlog2("csrf token nije dobar"); return "Poslani podaci nisu ispravni. Vratite se nazad, ponovo popunite formu i kliknite na dugme Pošalji"; } if (!in_array($option, array('add', 'edit'))) { $errorText = 'Doslo je do greske prilikom spasavanja podataka. Molimo kontaktirajte administratora.'; return $errorText; } $id = intval($_REQUEST['id']); if ($option == 'edit' && $id <= 0) { $errorText = 'Doslo je do greske prilikom spasavanja podataka. Molimo kontaktirajte administratora.'; zamgerlog("pokusao urediti nepostojeci link {$id}, projekat {$projekat} (pp{$predmet})", 3); zamgerlog2("pokusao urediti nepostojeci link", $id, $projekat); return $errorText; } //get variables $naziv = $_REQUEST['naziv']; $url = $_REQUEST['url']; $opis = $_REQUEST['opis']; $projekat = intval($_REQUEST['projekat']); $predmet = intval($_REQUEST['predmet']); global $userid; if (empty($naziv) || empty($url)) { $errorText = 'Unesite sva obavezna polja.'; return $errorText; } $naziv = trim($naziv); $url = trim($url); $opis = trim($opis); $data = array('naziv' => $naziv, 'url' => $url, 'opis' => $opis, 'osoba' => $userid, 'projekat' => $projekat); if ($option == 'add') { if (!insertLink($data)) { $errorText = 'Doslo je do greske prilikom spasavanja podataka. Molimo kontaktirajte administratora.'; return $errorText; } } else { if (!updateLink($data, $id)) { $errorText = 'Doslo je do greske prilikom spasavanja podataka. Molimo kontaktirajte administratora.'; return $errorText; } } //option == edit return $errorText; }
<?php /// Copyright (c) 2004-2015, Needlworks / Tatter Network Foundation /// All rights reserved. Licensed under the GPL. /// See the GNU General Public License for more details. (/documents/LICENSE, /documents/COPYRIGHT) $IV = array('POST' => array('id' => array('int', 'min' => 0), 'name' => array('string', 'min' => 0, 'max' => 255), 'rss' => array('string', 'min' => 0, 'max' => 255, 'mandatory' => false), 'url' => array('string', 'min' => 0, 'max' => 255), 'category' => array('int', 'mandatory' => false), 'newCategory' => array('string', 'mandatory' => false))); require ROOT . '/library/preprocessor.php'; importlib("model.blog.link"); requireStrictRoute(); Respond::ResultPage(updateLink($blogid, $_POST));
$filename = explode('.', basename($file)); $filename = '.' . $filename[count($filename) - 1]; echo "<div id='MDEditor_attachment_" . $j . "' class='MDEditor_attachment_placeholder tipN' onclick='mdeditorInsert(\"" . $j . "\");' data-insertType='link' data-marked='false' data-number='" . $j . "' data-filename='" . basename($file) . "' data-file='" . updateLink($_GET['path'], $_GET['attachmentDir'] . basename($file)) . "' title='" . $lang['tooltip']['sethyperlink'] . "<br /><i class=\"fa fa-archive\"></i> <b>" . basename($file) . "</b>'><p><i class='fa fa-file-zip-o'></i></p><p>" . $filename . "</p></div>"; } } $i = 0; foreach ($files as $file) { if (!is_dir('../../' . $attachmentDir . $file) && substr($file, -4, 4) != '.jpg' && substr($file, -4, 4) != '.png' && substr($file, -4, 4) != '.gif' && substr($file, -4, 4) != '.mp3' && substr($file, -4, 4) != '.wma' && substr($file, -4, 4) != '.wav' && substr($file, -4, 4) != '.mp4' && substr($file, -4, 4) != '.avi' && substr($file, -4, 4) != '.3gp' && substr($file, -4, 4) != '.mov' && substr($file, -4, 4) != '.doc' && substr($file, -5, 5) != '.docx' && substr($file, -4, 4) != '.rtf' && substr($file, -4, 4) != '.txt' && substr($file, -4, 4) != '.xls' && substr($file, -5, 5) != '.xlsx' && substr($file, -4, 4) != '.ppt' && substr($file, -5, 5) != '.pptx' && substr($file, -4, 4) != '.pdf' && substr($file, -4, 4) != '.zip' && substr($file, -4, 4) != '.tar' && substr($file, -4, 4) != '.rar' && substr($file, -4, 4) != '.iso' && substr($file, -3, 3) != '.gz' && substr($file, -3, 3) != '.as' && substr($file, -4, 4) != '.bat' && substr($file, -2, 2) != '.c' && substr($file, -2, 2) != '.h' && substr($file, -3, 3) != '.cs' && substr($file, -4, 4) != '.cpp' && substr($file, -3, 3) != '.cc' && substr($file, -4, 4) != '.cxx' && substr($file, -4, 4) != '.c++' && substr($file, -4, 4) != '.hpp' && substr($file, -4, 4) != '.h++' && substr($file, -4, 4) != '.inl' && substr($file, -4, 4) != '.ipp' && substr($file, -3, 3) != '.cp' && substr($file, -2, 2) != '.C' && substr($file, -3, 3) != '.hh' && substr($file, -4, 4) != '.css' && substr($file, -5, 5) != '.html' && substr($file, -4, 4) != '.htm' && substr($file, -6, 6) != '.xhtml' && substr($file, -4, 4) != '.inc' && substr($file, -4, 4) != '.tpl' && substr($file, -5, 5) != '.tmpl' && substr($file, -3, 3) != '.hs' && substr($file, -5, 5) != '.json' && substr($file, -3, 3) != '.js' && substr($file, -5, 5) != '.java' && substr($file, -3, 3) != '.md' && substr($file, -2, 2) != '.m' && substr($file, -4, 4) != '.php' && substr($file, -3, 3) != '.pl' && substr($file, -3, 3) != '.py' && substr($file, -3, 3) != '.rb' && substr($file, -5, 5) != '.rxml' && substr($file, -4, 4) != '.sql' && substr($file, -4, 4) != '.xml') { $i++; $j++; if ($i == 1) { echo "<p><i data-element='MDEditor_%ELEMENTNAME%_source_attachment_content_other'></i><i>:</i></p>"; } $filename = explode('.', basename($file)); $filename = '.' . $filename[count($filename) - 1]; echo "<div id='MDEditor_attachment_" . $j . "' class='MDEditor_attachment_placeholder tipN' onclick='mdeditorInsert(\"" . $j . "\");' data-insertType='link' data-marked='false' data-number='" . $j . "' data-filename='" . basename($file) . "' data-file='" . updateLink($_GET['path'], $_GET['attachmentDir'] . basename($file)) . "' title='" . $lang['tooltip']['sethyperlink'] . "<br /><i class=\"fa fa-file\"></i> <b>" . basename($file) . "</b>'><p><i class='fa fa-file-o'></i></p><p>" . $filename . "</p></div>"; } } } else { echo "<i data-element='MDEditor_%ELEMENTNAME%_source_attachment_content_empty'></i>"; } ?> </div> <script type='text/javascript' language='javascript'> $("[data-element]").each(function () { $(this).mdeditorCreateElementID(); }); var elementName; var language; elementName = mdeditor.elementName;