* -- save blockS
*
*
* add
* - new
*
*
*/
if (isset($_GET['action'])) {
if ($_GET['action'] == 'add') {
if (isset($_POST['mode']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) {
$page_title = $_POST['page_title'];
//title
$page_url = $_POST['page_url'];
$page_html = $_POST['page_html'];
$array = array('title' => $page_title, 'url' => CODOF\Filter::URL_safe($page_url), 'content' => $page_html);
if ($_POST['mode'] == 'add') {
$id = DB::table(PREFIX . "codo_pages")->insertGetId($array);
} else {
if ($_POST['mode'] == 'edit') {
$id = (int) $_POST['pid'];
DB::table(PREFIX . "codo_pages")->where('id', $id)->update($array);
}
}
DB::table(PREFIX . "codo_page_roles")->where('pid', '=', $id)->delete();
$roles = array();
$i = 0;
if (isset($_POST['roles'])) {
foreach ($_POST['roles'] as $role) {
$roles[$i]['pid'] = $id;
$roles[$i]['rid'] = $role;
require_once SYSPATH . "Ext/hybridauth/Hybrid/Auth.php";
try {
// hybridauth EP
$hybridauth = new Hybrid_Auth($config);
// automatically try to login with Twitter
$adapter = $hybridauth->authenticate($name);
// get the user profile
$user_profile = $adapter->getUserProfile();
// var_dump($user_profile);
//oauth identifier
$oauth_id = md5($name . $user_profile->identifier);
$db = \DB::getPDO();
$qry = 'SELECT id, username, avatar FROM ' . PREFIX . 'codo_users WHERE oauth_id=:oauth_id';
$stmt = $db->prepare($qry);
$stmt->execute(array(":oauth_id" => $oauth_id));
$username = CODOF\Filter::clean_username($user_profile->displayName);
$profile = $stmt->fetch();
if (!empty($profile)) {
if ($username != $profile['username'] || $user_profile->photoURL != $profile['avatar']) {
//profile has been updated remotely
$qry = 'UPDATE ' . PREFIX . 'codo_users SET username=:name,avatar=:avatar WHERE oauth_id=:id';
$stmt = $db->prepare($qry);
$stmt->execute(array(":name" => $username, ":avatar" => $user_profile->photoURL, ":id" => $oauth_id));
}
CODOF\User\User::login($profile['id']);
} else {
//no local copy of this profile yet
$mail = $user_profile->email;
$create_account = true;
if ($mail == null) {
$mail = '';
$i++;
if (isset($ray->children)) {
linearize($ray->children, $buff, $i, $ray->id);
}
}
}
$smarty = \CODOF\Smarty\Single::get_instance();
$smarty->assign('msg', '');
$smarty->assign('err', 0);
if (isset($_POST['mode'])) {
if ($_POST['mode'] == 'new' && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) {
$qry = 'INSERT INTO ' . PREFIX . 'codo_categories' . '(cat_pid,cat_name,cat_alias,cat_description,cat_img,no_topics,no_posts,cat_order)' . 'VALUES(:cat_pid,:cat_name,:cat_alias,:cat_description,:cat_img,:no_topics,:no_posts,:cat_order)';
$stmt = $db->prepare($qry);
$arr[":cat_pid"] = 0;
$arr[":cat_name"] = $_POST['cat_name'];
$arr[":cat_alias"] = CODOF\Filter::URL_safe($_POST['cat_name']);
//
$arr[":cat_img"] = 1;
//$_POST['cat_img']; //
$arr[":cat_description"] = $_POST['cat_description'];
$arr[":no_topics"] = 0;
$arr[":no_posts"] = 0;
$arr[":cat_order"] = 0;
//$stmt->execute($arr);
$image = $_FILES['cat_img'];
if (!\CODOF\File\Upload::valid($image) or !\CODOF\File\Upload::not_empty($image) or !\CODOF\File\Upload::type($image, array('jpg', 'jpeg', 'png', 'gif', 'pjpeg', 'bmp', 'svg'))) {
$smarty->assign('err', 1);
$smarty->assign('msg', "Error While uploading the image.");
} else {
\CODOF\File\Upload::$width = 425;
\CODOF\File\Upload::$height = 425;
