function main() { $body .= ' <script><!-- $(document).ready(function(){ $("#visit").datepicker({ firstDay: 1 }); }); --> </script> <fieldset><legend>Add a new visit</legend><form method="post"> <label>Restaurant <select name="restaurant">'; foreach (getRestaurantList() as $id => $name) { $body .= '<option value="' . $id . '">' . $name . '</option>'; } $body .= '</select></label> <label>Date <input type="text" name="date" id="visit" value="' . date("m/d/Y") . '"/></label> <label>Duration (minutes)<input type="text" name="duration"/></label> <button type="submit" name="action" value="new">Save New Visit</button> </form></fieldset>'; $db = new DB(); $db->query("SELECT h.RestaurantID,r.Name,h.Date,h.Duration\n\t\t FROM history h\n\t\t \tJOIN restaurants r ON h.RestaurantID = r.ID\n\t\t ORDER BY h.Date DESC"); if ($db->size() == 0) { return "<span class=\"error\">No history found.</span>"; } $body .= "<h2 style='margin-top:20px;'>Past Visits</h2><table><thead><tr><td>Restaurant Name</td><td>Date of Visit</td><td>Duration</td></tr></thead><tbody>"; while (list($rid, $rName, $date, $duration) = $db->fetchrow()) { $body .= "<tr class=\"" . ($q++ % 2 == 0 ? "even" : "odd") . "\" id=\"hist{$rid}\"><td>{$rName}</td><td>{$date}</td><td>{$duration} minutes</td><td><a href=\"?action=delete&id={$rid}&date={$date}\"><img src=\"delete.png\" alt=\"Delete this entry\" style=\"width:50%\" /></a></td></tr>"; // Undesireable slide animation: //onclick=\"$('#hist$rid').hide('slide',{direction:'up'},'slow');\" } $body .= "</tbody></table>"; return $body; }
function _HCM_linkuser($jmeno = "") { $name = DB::esc(_anchorStr($jmeno, false)); $query = DB::query("SELECT id FROM `" . _mysql_prefix . "-users` WHERE username='******'"); if (DB::size($query) != 0) { $query = DB::row($query); return _linkUser($query['id']); } }
function _HCM_linkroot($id = null, $text = null, $nove_okno = false) { $is_id = is_numeric($id); if ($is_id) { $id = intval($id); } else { $id = DB::val($id); } $query = DB::query("SELECT title,title_seo FROM `" . _mysql_prefix . "-root` WHERE " . ($is_id ? 'id' : 'title_seo') . "=" . $id); if (isset($nove_okno) and _boolean($nove_okno)) { $target = " target='_blank'"; } else { $target = ""; } if (DB::size($query) != 0) { $query = DB::row($query); if (isset($text) and $text != "") { $query['title'] = $text; } return "<a href='" . _linkRoot($id, $query['title_seo']) . "'" . $target . ">" . $query['title'] . "</a>"; } }
case 1: if ($item['var1'] == 1) { $iteminfo .= "<span>" . $_lang['article.comments'] . ":</span> " . DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-posts` WHERE type=1 AND home=" . $item['id']), 0); } break; // kategorie // kategorie case 2: $iteminfo .= "<span>" . $_lang['global.articlesnum'] . ":</span> " . DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-articles` AS art WHERE (home1=" . $item['id'] . " OR home2=" . $item['id'] . " OR home3=" . $item['id'] . ") AND " . _sqlArticleFilter()), 0); break; // kniha // kniha case 3: // nacteni jmena autora posledniho prispevku $lastpost = DB::query("SELECT author,guest FROM `" . _mysql_prefix . "-posts` WHERE home=" . $item['id'] . " ORDER BY id DESC LIMIT 1"); if (DB::size($lastpost) != 0) { $lastpost = DB::row($lastpost); if ($lastpost['author'] != -1) { $lastpost = _linkUser($lastpost['author'], null, true, true); } else { $lastpost = $lastpost['guest']; } } else { $lastpost = "-"; } $iteminfo .= "<span>" . $_lang['global.postsnum'] . ":</span> " . DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-posts` WHERE type=3 AND home=" . $item['id']), 0) . _template_listinfoseparator . "<span>" . $_lang['global.lastpost'] . ":</span> " . $lastpost; break; // galerie // galerie case 5: $iteminfo .= "<span>" . $_lang['global.imgsnum'] . ":</span> " . DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-images` WHERE home=" . $item['id']), 0);
} else { // neplatna cookie - zaznam v ip logu _iplogUpdate(1); } } } // kontroly $continue = false; if (!$persistent_cookie_bad) { $id = intval($_SESSION[_sessionprefix . "user"]); $pass = $_SESSION[_sessionprefix . "password"]; $ip = $_SESSION[_sessionprefix . "ip"]; if (!$persistent_cookie_used) { $uquery = DB::query("SELECT * FROM `" . _mysql_prefix . "-users` WHERE id=" . $id); } if ($persistent_cookie_used or DB::size($uquery) != 0) { if (!$persistent_cookie_used) { $uquery = DB::row($uquery); } $gquery = DB::query_row("SELECT * FROM `" . _mysql_prefix . "-groups` WHERE id=" . $uquery['group']); if ($uquery['password'] == $pass and $uquery['blocked'] == 0 and $gquery['blocked'] == 0 and (!$_SESSION[_sessionprefix . 'ipbound'] or $ip == _userip)) { $continue = true; } // vse ok } } // zabiti neplatne session if ($continue != true) { _userLogout(false); } // definovani konstant
// titulek $title = $query['title']; if (_template_autoheadings && $query['autotitle']) { $content .= "<h1>" . $query['title'] . "</h1>\n"; _extend('call', 'page.gallery.aftertitle', $extend_args); } // obsah _extend('call', 'page.gallery.content.before', $extend_args); if ($query['content'] != "") { $content .= _parseHCM($query['content']) . "\n\n<div class='hr'><hr /></div>\n\n"; } _extend('call', 'page.gallery.content.after', $extend_args); // obrazky $paging = _resultPaging(_indexOutput_url, $query['var2'], "images", "home=" . $id); $images = DB::query("SELECT * FROM `" . _mysql_prefix . "-images` WHERE home=" . $id . " ORDER BY ord " . $paging[1]); $images_number = DB::size($images); if ($images_number != 0) { $usetable = $query['var1'] != -1; if (_pagingmode == 1 or _pagingmode == 2) { $content .= $paging[0]; } if ($usetable) { $content .= "<table class='gallery'>\n"; } else { $content .= "<div class='gallery'>\n"; } // obrazky $counter = 0; $cell_counter = 0; while ($img = DB::row($images)) { if ($usetable and $cell_counter == 0) {
function _HCM_poll($id = null, $sirka = 150) { // nacteni promennych $id = intval($id); if (isset($sirka)) { $sirka = intval($sirka); } else { $sirka = 150; } if ($sirka < 100) { $sirka = 100; } // nacteni dat ankety $vpolldata = DB::query("SELECT * FROM `" . _mysql_prefix . "-polls` WHERE id=" . $id); if (DB::size($vpolldata) != 0) { $vpolldata = DB::row($vpolldata); $rcontinue = true; } else { $rcontinue = false; } // sestaveni kodu if ($rcontinue) { // odpovedi $ranswers = explode("\n", $vpolldata['answers']); $rvotes = explode("-", $vpolldata['votes']); $rvotes_sum = array_sum($rvotes); if (_loginright_pollvote == 1 and $vpolldata['locked'] != 1 and _iplogCheck(4, $id)) { $rallowvote = true; } else { $rallowvote = false; } if ($rallowvote) { $ranswers_code = "<form action='" . _indexroot . "remote/hcm/pvote.php?_return=" . urlencode(_indexOutput_url . "#hcm_poll_" . SL::$hcmUid) . "' method='post'>\n<input type='hidden' name='pid' value='" . $vpolldata['id'] . "' />"; } else { $ranswers_code = ""; } $ranswer_id = 0; foreach ($ranswers as $item) { if ($rvotes_sum != 0 and $rvotes[$ranswer_id] != 0) { $rpercent = $rvotes[$ranswer_id] / $rvotes_sum; $rbarwidth = round($rpercent * ($sirka - _template_votebarwidthreduction)); } else { $rpercent = 0; $rbarwidth = 1; } if ($rallowvote) { $item = "<label><input type='radio' name='option' value='" . $ranswer_id . "' /> " . $item . " [" . $rvotes[$ranswer_id] . "/" . round($rpercent * 100) . "%]</label>"; } else { $item .= " [" . $rvotes[$ranswer_id] . "/" . round($rpercent * 100) . "%]"; } $ranswers_code .= "<div class='poll-answer'>" . $item . "<div style='width:" . $rbarwidth . "px;'></div></div>\n"; $ranswer_id++; } $ranswers_code .= "<div class='poll-answer'>"; if ($rallowvote) { $ranswers_code .= "<input type='submit' value='" . $GLOBALS['_lang']['hcm.poll.vote'] . "' class='votebutton' />"; } $ranswers_code .= $GLOBALS['_lang']['hcm.poll.votes'] . ": " . $rvotes_sum . "</div>"; if ($rallowvote) { $ranswers_code .= _xsrfProtect() . "</form>\n"; } return "\n<div class='anchor'><a name='hcm_poll_" . SL::$hcmUid . "'></a></div>\n<div class='poll' style='width:" . $sirka . "px;'>\n<div class='poll-content'>\n\n<div class='poll-question'>\n" . $vpolldata['question'] . "\n" . ($vpolldata['locked'] == 1 ? "<div>(" . $GLOBALS['_lang']['hcm.poll.locked'] . ")</div>" : '') . "\n</div>\n\n" . $ranswers_code . "\n\n</div>\n</div>\n\n"; } }
// nejnovejsi odpovedi na tema case 6: $query = DB::query("SELECT subject FROM `" . _mysql_prefix . "-posts` WHERE type=5 AND id=" . $id . " AND (" . _loginindicator . "=1 OR (SELECT public FROM `" . _mysql_prefix . "-root` WHERE id=`" . _mysql_prefix . "-posts`.id)=1)"); $feedtitle = $_lang['rss.recentanswers']; $typelimit = "type=5 AND xhome=" . $id; $homelimit = ""; $pagetitle_column = "subject"; break; // nelegalni typ // nelegalni typ default: exit; break; } // nacteni polozek if ($custom_cond and ($donottestsource or DB::size($query) != 0)) { $feeditems = array(); if (!$donottestsource) { $query = DB::row($query); } $pagetitle = $query[$pagetitle_column]; switch ($type) { // komentare/prispevky/temata case 1: case 2: case 3: case 5: case 6: $items = DB::query("SELECT * FROM `" . _mysql_prefix . "-posts` WHERE " . $homelimit . $typelimit . " ORDER BY id DESC LIMIT " . _rsslimit); $titlebonus = ""; while ($item = DB::row($items)) {
function _HCM_sbox($id = null) { // priprava $result = ""; $id = intval($id); // nacteni dat shoutboxu $sboxdata = DB::query("SELECT * FROM `" . _mysql_prefix . "-sboxes` WHERE id=" . $id); if (DB::size($sboxdata) != 0) { $sboxdata = DB::row($sboxdata); $rcontinue = true; } else { $rcontinue = false; } // sestaveni kodu if ($rcontinue) { $result = "\n <div class='anchor'><a name='hcm_sbox_" . SL::$hcmUid . "'></a></div>\n <div class='sbox'>\n <div class='sbox-content'>\n " . ($sboxdata['title'] != "" ? "<div class='sbox-title'>" . $sboxdata['title'] . "</div>" : '') . "<div class='sbox-item'" . ($sboxdata['title'] == "" ? " style='border-top:none;'" : '') . ">"; // formular na pridani if ($sboxdata['locked'] != 1 and _publicAccess($sboxdata['public'])) { // priprava bunek // $captcha = _captchaInit(); if (!_loginindicator) { $inputs[] = array($GLOBALS['_lang']['posts.guestname'], "<input type='text' name='guest' class='sbox-input' maxlength='22' />"); } $inputs[] = array($GLOBALS['_lang']['posts.text'], "<input type='text' name='text' class='sbox-input' maxlength='255' /><input type='hidden' name='_posttype' value='4' /><input type='hidden' name='_posttarget' value='" . $id . "' />"); if (!_loginindicator) { $inputs[1][2] = true; // $inputs[] = $captcha; } $result .= _formOutput("hcm_sboxform_" . SL::$hcmUid, _indexroot . "remote/post.php?_return=" . urlencode(_indexOutput_url . "#hcm_sbox_" . SL::$hcmUid), $inputs, null, null); } else { if ($sboxdata['locked'] != 1) { $result .= $GLOBALS['_lang']['posts.loginrequired']; } else { $result .= "<img src='" . _templateImage("icons/lock.png") . "' alt='locked' class='icon' /> " . $GLOBALS['_lang']['posts.locked2']; } } $result .= "\n</div>\n<div class='sbox-posts'>"; // vypis prispevku $sposts = DB::query("SELECT id,text,author,guest,time,ip FROM `" . _mysql_prefix . "-posts` WHERE home=" . $id . " AND type=4 ORDER BY id DESC"); if (DB::size($sposts) != 0) { while ($spost = DB::row($sposts)) { // nacteni autora if ($spost['author'] != -1) { $author = _linkUser($spost['author'], "post-author' title='" . _formatTime($spost['time']), false, false, 16, ":"); } else { $author = "<span class='post-author-guest' title='" . _formatTime($spost['time']) . ", ip=" . _showIP($spost['ip']) . "'>" . $spost['guest'] . ":</span>"; } // odkaz na spravu if (_postAccess($spost)) { $alink = " <a href='index.php?m=editpost&id=" . $spost['id'] . "'><img src='" . _templateImage("icons/edit.png") . "' alt='edit' class='icon' /></a>"; } else { $alink = ""; } // kod polozky $result .= "<div class='sbox-item'>" . $author . $alink . " " . _parsePost($spost['text'], true, false, false) . "</div>\n"; } } else { $result .= "\n<div class='sbox-item'>" . $GLOBALS['_lang']['posts.noposts'] . "</div>\n"; } $result .= "\n </div>\n </div>\n </div>\n "; } return $result; }
/** * Import data to the database * @param KZipStream|string $stream KZipStream instance or file path * @return array array(true, skipped_tables) on success, array(false, err_msg) on failure */ public function importData($stream) { // prepare global $_lang; $err = null; $this->_import_tmap = array(); // rather ugly hack to use existing file path as KZipStream if (is_string($stream)) { $file = $stream; $stream = new KZipStream(null, array(KZip::FILE_TOADD, $file, null)); unset($file); } // vars $null = chr(0); $nullv = chr(1); $version = ''; // import process do { // read header $offset = 0; while (true) { ++$offset; $byte = $stream->read(1); if ($byte === $null) { // header read break; } else { $version .= $byte; } if ($offset > 32) { $err = $_lang['dbdump']['dataerror']; break 2; } } // check version if (!_checkVersion('database', $version)) { $err = $_lang['dbdump']['badversion']; break; } // find local tables $tables = array(); $q = DB::query('SHOW TABLES LIKE \'' . _mysql_prefix . '-%\''); while ($r = DB::rown($q)) { $tables[$r[0]] = true; } DB::free($q); unset($r); // determine maximum query size $max_size = DB::query('SHOW VARIABLES LIKE \'max_allowed_packet\''); if (DB::size($max_size) !== 1) { $err = $_lang['dbdump']['maxpacket']; break; } $max_size = DB::result($max_size, 0, 1); $max_size -= 128; $max_size = floor(($max_size - 128) * 0.9); // adjust maximum query size to available memory $memlimit = _phpIniLimit('memory_limit'); if (isset($memlimit)) { $avail_mem = $memlimit - memory_get_usage() - 131072; if ($max_size > $avail_mem) { $max_size = $avail_mem; } unset($avail_mem); } if ($max_size < 32768) { $err = $_lang['dbdump']['memory']; break; } // turn off auto_increment for zero values DB::query('SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO"'); // prepare $reset = true; $skipped_tables = array(); $stream_buffer = ''; $stream_buffer_i = 0; // import data while (true) { // reset? if ($reset) { $phase = 0; $table = ''; $column = ''; $columns = array(); $columns_size = 0; $values = array(); $value = ''; $value_counter = 0; $sql = ''; $sql_len = 0; $sql_buffer = ''; $sql_buffer_len = 0; $skipping_table = false; $reset = false; } // get 1 byte if (!isset($stream_buffer[$stream_buffer_i])) { if ($stream->eof()) { break; } $stream_buffer = $stream->read(); $stream_buffer_i = 0; if ($stream_buffer === '') { break; } } $byte = $stream_buffer[$stream_buffer_i]; ++$stream_buffer_i; // phase switch ($phase) { /* -- reading table name -- */ case 0: // end of table name? if ($byte === $null) { // read column list $phase = 1; if (!isset($tables[_mysql_prefix . '-' . $table])) { $skipping_table = true; $skipped_tables[] = $table; } break; } // znak nazvu tabulky $table .= $byte; break; /* -- reading column list -- */ /* -- reading column list -- */ case 1: // end of column if ($byte === $null) { if ($column === '') { // end of list, process columns if (!$skipping_table) { $columns = '`' . implode('`,`', $columns) . '`'; } // begin to read rows $phase = 2; } else { // end of column if (!$skipping_table) { $columns[] = $column; } ++$columns_size; $column = ''; } break; } // column name char $column .= $byte; break; /* -- reading row data -- */ /* -- reading row data -- */ case 2: // end of value? if ($byte === $null) { if ($value_counter === 0 && $value === '') { // end of all rows, reset $reset = true; // import remaining data if ($sql_buffer !== '' && !$skipping_table) { $import = $this->_db_import($table, $columns, $sql_buffer, $sql_buffer_len); if (isset($import)) { $err = _htmlStr($import); break 3; } } } else { // end of value ++$value_counter; $values[] = $value; $value = ''; // end of one row? if ($value_counter === $columns_size) { if (!$skipping_table) { // build part of the SQL query $sql = '('; for ($i = 0, $lastcol = $columns_size - 1; isset($values[$i]); ++$i) { if ($values[$i] === $nullv) { $sql .= 'NULL'; } else { $sql .= '\'' . $values[$i] . '\''; } if ($i !== $lastcol) { $sql .= ','; } } $sql .= ')'; // execute query or use buffer $sql_len = strlen($sql); if ($sql_buffer_len + $sql_len + 1 >= $max_size) { $this->_db_import($table, $columns, $sql_buffer, $sql_buffer_len); if (isset($import)) { $err = _htmlStr($import); break 3; } } else { // separate if ($sql_buffer !== '') { $sql_buffer .= ','; ++$sql_buffer_len; } // add query to buffer $sql_buffer .= $sql; $sql_buffer_len += $sql_len; } // clean up $sql = ''; $sql_len = 0; } $value_counter = 0; $values = array(); } } break; } // value char $value .= $byte; break; } } // restore sql_mode DB::query('SET SQL_MODE=""'); } while (false); // void truncate map $this->_import_tmap = null; // return if (!isset($err)) { return array(true, $skipped_tables); } return array(false, $err); }
if (_mail('', $subject, $text, "Bcc: " . implode(",", $rec_buffer) . "\n" . $headers)) { $done += sizeof($rec_buffer); } $rec_buffer = array(); $rec_buffer_counter = 0; } } // zprava if ($done != 0) { $output .= _formMessage(1, str_replace(array("*done*", "*total*"), array($done, $item_total), $_lang['admin.other.massemail.send'])); } else { $output .= _formMessage(2, $_lang['admin.other.massemail.noreceiversfound']); } } else { // vypis emailu $emails_total = DB::size($query); if ($emails_total != 0) { $emails = ''; $email_counter = 0; while ($item = DB::row($query)) { ++$email_counter; $emails .= $item['email']; if ($email_counter !== $emails_total) { $emails .= ','; } } $output .= _formMessage(1, "<textarea class='areasmallwide' rows='9' cols='33' name='list'>" . $emails . "</textarea>"); } else { $output .= _formMessage(2, $_lang['admin.other.massemail.noreceiversfound']); } }
if ($id == null and $password == "") { $errors[] = $_lang['admin.users.edit.passwordneeded']; } if ($password != "") { $passwordchange = true; $password = _md5Salt($password); } // note $note = DB::esc(_htmlStr(_wsTrim(mb_substr($_POST['note'], 0, 1024)))); // blocked $blocked = _checkboxLoad("blocked"); // group if (isset($_POST['group'])) { $group = intval($_POST['group']); $group_test = DB::query("SELECT level FROM `" . _mysql_prefix . "-groups` WHERE id=" . $group . " AND id!=2 AND level<" . _loginright_level); if (DB::size($group_test) != 0) { $group_test = DB::row($group_test); if ($group_test['level'] > _loginright_level) { $errors[] = $_lang['global.badinput']; } } else { $errors[] = $_lang['global.badinput']; } } else { $group = $query['group']; } // levelshift if (_loginid == 0) { $levelshift = _checkboxLoad("levelshift"); } else { $levelshift = $query['levelshift'];
} else { $message = _formMessage(2, _eventList($errors, 'errors')); } } /* --- modul --- */ if (_template_autoheadings == 1) { $module .= "<h1>" . $_lang['mod.reg'] . "</h1>"; } switch ($phase) { // registracni formular case 0: // priprava vyberu skupiny $groupselect = array(null); if (_registration_grouplist) { $groupselect_items = DB::query("SELECT id,title FROM `" . _mysql_prefix . "-groups` WHERE `blocked`=0 AND reglist=1 ORDER BY title"); if (DB::size($groupselect_items) != 0) { $groupselect_content = ""; while ($groupselect_item = DB::row($groupselect_items)) { $groupselect_content .= "<option value='" . $groupselect_item['id'] . "'" . ($groupselect_item['id'] == _defaultgroup ? " selected='selected'" : '') . ">" . $groupselect_item['title'] . "</option>\n"; } $groupselect = array($_lang['global.group'], "<select name='group'>" . $groupselect_content . "</select>"); } } // priprava podminek if (SL::$settings['rules'] != "") { $rules = array("<div class='hr'><hr /></div><h2>" . $_lang['mod.reg.rules'] . "</h2>" . SL::$settings['rules'] . "<br /><label><input type='checkbox' name='agreement' value='1'" . _checkboxActivate(isset($_POST['agreement'])) . " /> " . $_lang['mod.reg.rules.agreement'] . "</label><div class='hr'><hr /></div><br />", "", true); } else { $rules = array(null); } // formular $captcha = _captchaInit();
/** * Aktualizace logu IP adres * Pro info o argumentech viz {@link _ipLogCheck} * @param int $type typ zaznamu * @param mixed $var promenny argument dle typu */ function _iplogUpdate($type, $var = null) { $querybasic = "SELECT * FROM `" . _mysql_prefix . "-iplog` WHERE ip='" . _userip . "' AND type=" . $type; switch ($type) { // prihlaseni case 1: $query = DB::query($querybasic); if (DB::size($query) != 0) { $query = DB::row($query); DB::query("UPDATE `" . _mysql_prefix . "-iplog` SET var=" . ($query['var'] + 1) . " WHERE id=" . $query['id']); } else { DB::query("INSERT INTO `" . _mysql_prefix . "-iplog` (ip,type,time,var) VALUES ('" . _userip . "',1," . time() . ",1)"); } break; // precteni clanku // precteni clanku case 2: DB::query("INSERT INTO `" . _mysql_prefix . "-iplog` (ip,type,time,var) VALUES ('" . _userip . "',2," . time() . "," . $var . ")"); break; // hodnoceni clanku // hodnoceni clanku case 3: DB::query("INSERT INTO `" . _mysql_prefix . "-iplog` (ip,type,time,var) VALUES ('" . _userip . "',3," . time() . "," . $var . ")"); break; // hlasovani v ankete // hlasovani v ankete case 4: DB::query("INSERT INTO `" . _mysql_prefix . "-iplog` (ip,type,time,var) VALUES ('" . _userip . "',4," . time() . "," . $var . ")"); break; // odeslani komentare, prispevku nebo vzkazu; zadost o obnovu hesla // odeslani komentare, prispevku nebo vzkazu; zadost o obnovu hesla case 5: case 7: DB::query("INSERT INTO `" . _mysql_prefix . "-iplog` (ip,type,time,var) VALUES ('" . _userip . "'," . $type . "," . time() . ",0)"); break; // pokus o aktivaci uctu // pokus o aktivaci uctu case 6: $query = DB::query($querybasic); if (DB::size($query) != 0) { $query = DB::row($query); DB::query("UPDATE `" . _mysql_prefix . "-iplog` SET var=" . ($query['var'] + 1) . " WHERE id=" . $query['id']); } else { DB::query("INSERT INTO `" . _mysql_prefix . "-iplog` (ip,type,time,var) VALUES ('" . _userip . "',6," . time() . ",1)"); } break; } }
break; } } if (!$skip) { $cond .= " AND "; } } // vycisteni podminky if ($cond == "") { $cond = 1; } else { $cond = mb_substr($cond, 0, mb_strlen($cond) - 5); } // vyhledani clanku $query = DB::query("SELECT art.id,art.title,art.title_seo,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE " . $cond); $found = DB::size($query); if ($found != 0) { if (!_checkboxLoad("_process")) { $infopage = true; } else { $boolparams = array("public", "visible", "comments", "rateon", "showinfo"); if (_loginright_adminconfirm) { $boolparams[] = "confirmed"; } while ($item = DB::row($query)) { // smazani komentaru if ($new_delcomments or $new_delete) { DB::query("DELETE FROM `" . _mysql_prefix . "-posts` WHERE type=2 AND home=" . $item['id']); } // smazani clanku if ($new_delete) {
if (_loginright_admingallery and _loginright_admincontent) { $_GET['a'] = "addtogallery"; } break; // pridani vyberu do galerie - ulozeni // pridani vyberu do galerie - ulozeni case "addtogallery": if (_loginright_admingallery and _loginright_admincontent) { // priprava promennych $counter = 0; $galid = intval($_POST['gallery']); // vlozeni obrazku if (DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-root` WHERE id=" . $galid . " AND type=5"), 0) != 0) { // nacteni nejmensiho poradoveho cisla $smallestord = DB::query("SELECT ord FROM `" . _mysql_prefix . "-images` WHERE home=" . $galid . " ORDER BY ord LIMIT 1"); if (DB::size($smallestord) != 0) { $smallestord = DB::row($smallestord); $smallestord = $smallestord['ord']; } else { $smallestord = 1; } // posunuti poradovych cisel DB::query("UPDATE `" . _mysql_prefix . "-images` SET ord=ord+" . (count($_POST) - 2) . " WHERE home=" . $galid); // cyklus $sql = ""; foreach ($_POST as $var => $val) { if ($var == "action" or $var == "param") { continue; } $val = _admin_cparam($val); $ext = pathinfo($val);
/** * [ADMIN] Sestavit <select> pro vyber uzivatele/skupiny * @param string $name nazev selectu * @param int $selected id zvoleneho uzivatele * @param string $gcond SQL podminka pro zarazeni skupiny * @param string|null $class trida selectu nebo null * @param string|null $extraoption popisek extra volby (-1) nebo null (= deaktivovano) * @param bool $groupmode vybirat pouze cele skupiny 1/0 * @param int|null $multiple povolit vyber vice polozek (size = $multiple) nebo null (= deaktivovano) * @return string */ function _admin_authorSelect($name, $selected, $gcond, $class = null, $extraoption = null, $groupmode = false, $multiple = null) { if ($class != null) { $class = " class='" . $class . "'"; } else { $class = ""; } if ($multiple != null) { $multiple = " multiple='multiple' size='" . $multiple . "'"; $name .= "[]"; } else { $multiple = ""; } $return = "<select name='" . $name . "'" . $class . $multiple . ">"; $query = DB::query("SELECT id,title,level FROM `" . _mysql_prefix . "-groups` WHERE " . $gcond . " AND id!=2 ORDER BY level DESC"); if ($extraoption != null) { $return .= "<option value='-1' class='special'>" . $extraoption . "</option>"; } if (!$groupmode) { while ($item = DB::row($query)) { $users = DB::query("SELECT id,username,publicname FROM `" . _mysql_prefix . "-users` WHERE `group`=" . $item['id'] . " AND (" . $item['level'] . "<" . _loginright_level . " OR id=" . _loginid . ") ORDER BY id"); if (DB::size($users) != 0) { $return .= "<optgroup label='" . $item['title'] . "'>"; while ($user = DB::row($users)) { if ($selected == $user['id']) { $sel = " selected='selected'"; } else { $sel = ""; } $return .= "<option value='" . $user['id'] . "'" . $sel . ">" . $user['' !== $user['publicname'] ? 'publicname' : 'username'] . "</option>\n"; } $return .= "</optgroup>"; } } } else { while ($item = DB::row($query)) { if ($selected == $item['id']) { $sel = " selected='selected'"; } else { $sel = ""; } $return .= "<option value='" . $item['id'] . "'" . $sel . ">" . $item['title'] . " (" . DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-users` WHERE `group`=" . $item['id']), 0) . ")</option>\n"; } } $return .= "</select>"; return $return; }
break; // plugin post // plugin post case 7: _extend('call', 'posts.' . $pluginflag . '.validate', array('home' => $posttarget, 'valid' => &$continue)); break; // blbost // blbost default: die; } /* -- kontrola prispevku pro odpoved -- */ if ($xhome != -1 && $posttype != 6) { $continue2 = false; $tdata = DB::query("SELECT xhome FROM `" . _mysql_prefix . "-posts` WHERE id=" . $xhome . " AND home=" . $posttarget . " AND locked=0"); if (DB::size($tdata) != 0) { $tdata = DB::row($tdata); if ($tdata['xhome'] == -1) { $continue2 = true; } } } else { $continue2 = true; } /* -- ulozeni prispevku -- */ if ($continue and $continue2 and $text != "" and $posttype == 4 || _captchaCheck()) { if (_xsrfCheck()) { if ($posttype == 4 or _loginright_unlimitedpostaccess or _iplogCheck(5)) { if ($guest === '' || DB::result(DB::query('SELECT COUNT(*) FROM `' . _mysql_prefix . '-users` WHERE username=\'' . DB::esc($guest) . '\' OR publicname=\'' . DB::esc($guest) . '\''), 0) == 0) { // zpracovani pluginem $allow = true;
/** * List action * @param array $params * @param array $action * @param AdminBread $bread * @return array */ public static function listAction(array $params, array $action, AdminBread $bread) { /* ----- prepare query ----- */ // format condition if ('1' !== $action['query_cond']) { $cond = $bread->formatSql($action['query_cond'], $action['query_cond_params']); } else { $cond = $action['query_cond']; } // format sql $sql = $bread->formatSql($action['query'], array('columns' => $action['columns'], 'table' => '`' . $bread->formatTable($bread->table) . "`", 'table_alias' => $bread->tableAlias, 'cond' => $cond)); // add order by if (!empty($action['query_orderby'])) { $sql .= " ORDER BY {$action['query_orderby']}"; } /* ----- init paginator ----- */ if ($action['paginator']) { $total = DB::query_row('SELECT COUNT(*) total FROM `' . $bread->formatTable($bread->table) . '` ' . $bread->tableAlias . ' WHERE ' . $cond); $paging = _resultPaging(_htmlStr($params['url']), $action['paginator_size'], intval($total['total'])); $sql .= " {$paging[1]}"; } else { $paging = null; } /* ----- fetch data ----- */ $result = DB::query($sql); if (false === $result) { return array(null, self::ACTION_ERR); } /* ----- render ----- */ $out = $bread->render($action['template'], array('result' => $result, 'count' => DB::size($result), 'paging' => $paging, 'self' => $params['action'])); DB::free($result); // return return array(null, $out); }
exit; } /* --- akce --- */ $sysgroups_array = array(1, 2, 3); $msg = 0; // vytvoreni skupiny if (isset($_POST['type']) and _loginright_admingroups) { $type = intval($_POST['type']); if ($type == -1) { // prazdna skupina DB::query("INSERT INTO `" . _mysql_prefix . "-groups` (title,level,icon) VALUES ('" . $_lang['admin.users.groups.new.empty'] . "',0,'')"); $msg = 1; } else { // kopirovat skupinu $cgroup = DB::query("SELECT * FROM `" . _mysql_prefix . "-groups` WHERE id=" . $type); if (DB::size($cgroup) != 0) { $cgroup = DB::row($cgroup); $ngroup = array(); $skip = false; $columns = ""; $values = ""; // sesbirani dat foreach ($cgroup as $column => $val) { $quotes = ""; switch ($column) { case "id": $val = 'NULL'; break; case "level": if ($val >= 10000) { $val = 9999;
?> </a> <?php echo _xsrfProtect(); ?> </form> <?php if ($process) { echo '<h2>' . $_lang['global.result'] . '</h2><br />'; $query = DB::query($sql, true); if (DB::error() == null) { $fields = array(); $aff_rows = DB::affectedRows(); if ($query) { $num_rows = intval(DB::size($query)); } else { $num_rows = 0; } $heading = false; if ($num_rows != 0) { echo '<p><strong>' . $_lang['admin.other.sqlex.rows'] . ':</strong> ' . $num_rows . '</p> <table class="list">' . "\n"; while ($item = DB::row($query)) { // nacteni sloupcu, vytvoreni hlavicky tabulky if (!$heading) { // sloupce $load = false; foreach ($item as $field => $value) { $fields[] = $field; }
<?php /* --- kontrola jadra --- */ if (!defined('_core')) { exit; } /* --- ulozeni --- */ $message = ""; if (isset($_POST['sourcegroup'])) { $source = intval($_POST['sourcegroup']); $target = intval($_POST['targetgroup']); $source_data = DB::query("SELECT level FROM `" . _mysql_prefix . "-groups` WHERE id=" . $source); $target_data = DB::query("SELECT level FROM `" . _mysql_prefix . "-groups` WHERE id=" . $target); if (DB::size($source_data) != 0 and DB::size($target_data) != 0 and $source != 2 and $target != 2) { if ($source != $target) { $source_data = DB::row($source_data); $target_data = DB::row($target_data); if (_loginright_level > $source_data['level'] and _loginright_level > $target_data['level']) { DB::query("UPDATE `" . _mysql_prefix . "-users` SET `group`=" . $target . " WHERE `group`=" . $source . " AND id!=0"); $message = _formMessage(1, $_lang['global.done']); } else { $message = _formMessage(2, $_lang['admin.users.move.failed']); } } else { $message = _formMessage(2, $_lang['admin.users.move.same']); } } else { $message = _formMessage(3, $_lang['global.badinput']); } } /* --- vystup --- */
DB::query("DELETE FROM `" . _mysql_prefix . "-images` WHERE id=" . $del . " AND home=" . $g); if (DB::affectedRows() === 1) { $message = _formMessage(1, $_lang['global.done']); } } /* --- vystup --- */ if ($continue) { $output .= "\n<a href='index.php?p=content-editgallery&id=" . $g . "' class='backlink'>< návrat zpět</a>\n<h1>" . $_lang['admin.content.manageimgs.title'] . "</h1>\n<p class='bborder'>" . str_replace("*galtitle*", $galdata['title'], $_lang['admin.content.manageimgs.p']) . "</p>\n\n" . $message . "\n\n<script type='text/javascript'>\n/* <![CDATA[ */\n\$(document).ready(function(){\n \$('.hs_fieldset').each(function(){\n var fieldset = this;\n var link = \$(fieldset).find('legend > a').get(0);\n var form = \$(fieldset).children('form');\n \$(form).hide();\n \$(link).click(function(){\n \$(form).slideToggle('fast');\n\n return false;\n });\n });\n});\n/* ]]> */\n</script>\n\n<fieldset>\n<legend>" . $_lang['admin.content.manageimgs.upload'] . "</legend>\n<form action='index.php?p=content-manageimgs&g=" . $g . "' method='post' enctype='multipart/form-data'>\n <p>" . sprintf($_lang['admin.content.manageimgs.upload.text'], _galuploadresize_w, _galuploadresize_h) . "</p>\n <input type='hidden' name='xaction' value='7' />\n <div id='fmanFiles'><input type='file' name='uf0[]' multiple='multiple' /> <a href='#' onclick='return _sysFmanAddFile();'>" . $_lang['admin.fman.upload.addfile'] . "</a></div>\n <div class='hr'><hr /></div>\n <p>\n <input type='submit' value='" . $_lang['admin.content.manageimgs.upload.submit'] . "' />" . (($uplimit = _getUploadLimit(true)) !== null ? " <small>" . $_lang['global.uploadlimit'] . ": <em>" . _getUploadLimit() . "MB</em>, " . $_lang['global.uploadext'] . ": <em>" . implode(', ', SL::$imageExt) . "</em></small>" : '') . "<br />\n <label><input type='checkbox' value='1' name='moveords' checked='checked' /> " . $_lang['admin.content.manageimgs.moveords'] . "</label>\n </p>\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n<fieldset class='hs_fieldset'>\n<legend><a href='#'>" . $_lang['admin.content.manageimgs.insert'] . "</a> <small>(" . $_lang['admin.content.manageimgs.insert.tip'] . ")</small></legend>\n<form action='index.php?p=content-manageimgs&g=" . $g . "' method='post' name='addform' onsubmit='_sysGalTransferPath(this);'>\n<input type='hidden' name='xaction' value='1' />\n\n<table>\n<tr class='valign-top'>\n\n<td>\n <table>\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n <td><input type='text' name='title' class='inputmedium' maxlength='64' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n <td><input type='text' name='ord' class='inputsmall' disabled='disabled' /> <label><input type='checkbox' name='moveords' value='1' checked='checked' onclick=\"_sysDisableField(this.checked, 'addform', 'ord');\" /> " . $_lang['admin.content.manageimgs.moveords'] . "</label></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.manageimgs.prev'] . "</strong></td>\n <td><input type='text' name='prev' class='inputsmall' disabled='disabled' /> <label><input type='checkbox' name='autoprev' value='1' checked='checked' onclick=\"_sysDisableField(this.checked, 'addform', 'prev');\" /> " . $_lang['admin.content.manageimgs.autoprev'] . "</label></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.manageimgs.full'] . "</strong></td>\n <td><input type='text' name='full' class='inputmedium' /></td>\n </tr>\n\n <tr>\n <td></td>\n <td><input type='submit' value='" . $_lang['global.insert'] . "' /></td>\n </tr>\n\n </table>\n</td>\n\n<td>\n" . (_loginright_adminfman ? "<div id='gallery-browser'>\n " . (!isset($_GET['browserpath']) ? "<a href='#' onclick=\"return _sysGalBrowse('" . urlencode(_upload_dir) . (_loginright_adminfmanlimit ? _loginname . '%2F' : '') . "');\"><img src='images/icons/loupe.png' alt='browse' class='icon' />" . $_lang['admin.content.manageimgs.insert.browser.link'] . "</a>" : "<script type='text/javascript'>_sysGalBrowse('" . _htmlStr($_GET['browserpath']) . "');</script>") . "\n</div>" : '') . "\n</td>\n\n</tr>\n</table>\n\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n"; // strankovani $paging = _resultPaging("index.php?p=content-manageimgs&g=" . $g, $galdata['var2'], "images", "home=" . $g); $s = $paging[2]; $output .= "\n<fieldset>\n<legend>" . $_lang['admin.content.manageimgs.current'] . "</legend>\n<form action='index.php?p=content-manageimgs&g=" . $g . "&page=" . $s . "' method='post' name='editform'>\n<input type='hidden' name='xaction' value='4' />\n\n<input type='submit' value='" . $_lang['admin.content.manageimgs.savechanges'] . "' class='gallery-savebutton' />\n" . $paging[0] . "\n<div class='cleaner'></div>"; // vypis obrazku $images = DB::query("SELECT * FROM `" . _mysql_prefix . "-images` WHERE home=" . $g . " ORDER BY ord " . $paging[1]); $images_forms = array(); if (DB::size($images) != 0) { // sestaveni formularu while ($image = DB::row($images)) { // kod nahledu $preview = _galleryImage($image, "1", $galdata['var4'], $galdata['var3']); // kod formulare $images_forms[] .= "\n<table>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_title' class='inputmedium' value='" . $image['title'] . "' maxlength='64' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_ord' class='inputmedium' value='" . $image['ord'] . "' /></td>\n</tr>\n\n" . (!$image['in_storage'] ? "<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.manageimgs.prev'] . "</strong></td>\n<td><input type='hidden' name='i" . $image['id'] . "_prevtrigger' value='1' /><input type='text' name='i" . $image['id'] . "_prev' class='inputsmall' value='" . $image['prev'] . "'" . _inputDisable($image['prev'] != "") . " /> <label><input type='checkbox' name='i" . $image['id'] . "_autoprev' value='1' onclick=\"_sysDisableField(checked, 'editform', 'i" . $image['id'] . "_prev');\"" . _checkboxActivate($image['prev'] == "") . " /> " . $_lang['admin.content.manageimgs.autoprev'] . "</label></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.manageimgs.full'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_full' class='inputmedium' value='" . $image['full'] . "' /></td>\n</tr>" : '') . "\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['global.preview'] . "</strong></td>\n<td>" . $preview . "<br /><br /><a href='" . _xsrfLink("index.php?p=content-manageimgs&g=" . $g . "&page=" . $s . "&del=" . $image['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['admin.content.manageimgs.delete'] . "</a></td>\n</tr>\n\n</table>\n "; } // sestaveni tabulky formularu po dvou $output .= "\n<table id='gallery-edittable'>"; $count = count($images_forms); for ($i = 0; $i < $count; $i += 2) { if (isset($images_forms[$i])) { $output .= "<tr><td" . (0 === $i % 2 && !isset($images_forms[$i + 1]) && 1 !== $count ? ' colspan="2"' : '') . " class='gallery-edittable-td'>\n" . $images_forms[$i] . "\n</td>\n"; if (isset($images_forms[$i + 1])) { $output .= "<td class='gallery-edittable-td'>\n" . $images_forms[$i + 1] . "\n</td></tr>\n";
/** * Obnovit stav hloubky v cele vetvi * @param int $currentNodeId * @parma bool|null $isRootNode */ protected function doRefreshDepth($currentNodeId, $isRootNode = null) { // zjistit korenovy uzel $rootNodeId = $currentNodeId; if (true !== $isRootNode && null !== $currentNodeId) { $rootNodeId = $this->getRoot($currentNodeId); } // pripravit frontu a depth mapu $queue = array(array($rootNodeId, 0, array())); $depthmap = array(); // traverzovat frontu for ($i = 0; isset($queue[$i]); ++$i) { // vyhledat potomky if (null !== $queue[$i][0]) { $childCondition = $this->parentColumn . '=' . DB::val($queue[$i][0]); } else { $childCondition = $this->parentColumn . ' IS NULL'; } $children = DB::query($s = 'SELECT ' . $this->idColumn . ',' . $this->depthColumn . ' FROM `' . $this->table . '` WHERE ' . $childCondition); if (DB::size($children) > 0) { // uzel ma potomky, pridat do fronty if (null !== $queue[$i][0]) { $childParents = array_merge(array($queue[$i][0]), $queue[$i][2]); } else { $childParents = $queue[$i][2]; } while ($child = DB::row($children)) { $queue[] = array($child[$this->idColumn], $child[$this->depthColumn], $childParents); } } DB::free($children); // aktualizovat urovne nadrazenych uzlu if (null !== $queue[$i][0] && !isset($depthmap[$queue[$i][0]])) { $depthmap[$queue[$i][0]] = 0; } for ($j = 0; isset($queue[$i][2][$j]); ++$j) { $currentDepth = $j + 1; if (!isset($depthmap[$queue[$i][2][$j]]) || $depthmap[$queue[$i][2][$j]] < $currentDepth) { $depthmap[$queue[$i][2][$j]] = $currentDepth; } } unset($queue[$i]); } // aplikovat depth mapu foreach ($depthmap as $nodeId => $newDepth) { DB::update($this->table, $this->idColumn . '=' . DB::val($nodeId), array($this->depthColumn => $newDepth)); } }
case 3: $artorder = "art.title"; break; case 4: $artorder = "art.title DESC"; break; } // titulek kategorie $output .= "<h2>" . $catdata['title'] . " <a href='index.php?p=content-articles-edit&new_cat=" . $cid . "'><img src='images/icons/new.png' alt='new' class='icon' />" . $_lang['admin.content.articles.create'] . "</a></h2>\n"; // vypis clanku // zprava $message = ""; if (isset($_GET['artdeleted'])) { $message = _formMessage(1, $_lang['admin.content.articles.delete.done']); } $cond = "(art.home1=" . $cid . " OR art.home2=" . $cid . " OR art.home3=" . $cid . ")" . _admin_artAccess('art'); $paging = _resultPaging("index.php?p=content-articles-list&cat=" . $cid, $catdata['var2'], "articles:art", $cond); $s = $paging[2]; $output .= $paging[0] . "<div class='hr'><hr /></div>\n" . $message . "\n<table class='list'>\n<thead><tr><td>" . $_lang['global.article'] . "</td><td>" . $_lang['article.author'] . "</td><td>" . $_lang['article.posted'] . "</td><td>" . $_lang['global.action'] . "</td></tr></thead>\n<tbody>"; $arts = DB::query("SELECT art.id,art.title,art.title_seo,art.time,art.author,art.confirmed,art.visible,art.public,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE " . $cond . " ORDER BY " . $artorder . " " . $paging[1]); if (DB::size($arts) != 0) { while ($art = DB::row($arts)) { $output .= "<tr><td>" . _admin_articleEditLink($art) . "</td><td>" . _linkUser($art['author']) . "</td><td>" . _formatTime($art['time']) . "</td><td><a href='index.php?p=content-articles-edit&id=" . $art['id'] . "&returnid=" . $cid . "&returnpage=" . $s . "'><img src='images/icons/edit.png' alt='edit' class='icon' />" . $_lang['global.edit'] . "</a> <a href='index.php?p=content-articles-delete&id=" . $art['id'] . "&returnid=" . $cid . "&returnpage=" . $s . "'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['global.delete'] . "</a></td></tr>\n"; } } else { $output .= "<tr><td colspan='4'>" . $_lang['global.nokit'] . "</td></tr>"; } $output .= "</tbody></table>"; } else { $output .= _formMessage(3, $_lang['global.badinput']); }
/** * Vytvoreni vypisu prispevku * * Type Popis Vars * 1 komentare sekce zamknute komentare 1/0 * 2 komentare článku zamknute komentare 1/0 * 3 prispevky v knize [polozek na stranu, povoleno prispivani 1/0, zamknuto 1/0] * 5 temata ve foru [polozek na stranu, povoleno prispivani 1/0, zamknuto 1/0] * 6 odpovedi na tema [polozek na stranu, povoleno prispivani 1/0, zamknuto 1/0, id tematu] * 7 vypis vzkazu [zamknuto 1/0] * 8 vypis pluginpostu [polozek na stranu, povoleno prispivani 1/0, zamknuto 1/0, plugin flag, radit sestupne 1/0, [titulek / null]] * * @param int $type typ prispevku * @param int $home id polozky asociovane s komentari * @param mixed $vars promenna nastaveni podle typu * @param bool $force_locked vynutit zamknuty stav * @param string|null $url vlastni url nebo null (= automaticky) * @return string */ function _postsOutput($type, $home, $vars, $force_locked = false, $url = null) { global $_lang; /* --- typ --- */ // vychozi hodnoty $desc = "DESC "; $ordercol = 'id'; $countcond = "type=" . $type . " AND xhome=-1 AND home=" . $home; $locked_textid = ''; $autolast = false; $postlink = false; $pluginflag = null; // url if (!isset($url)) { $url = _indexOutput_url; } $url_html = _htmlStr($url); switch ($type) { // komentare v sekci case 1: $posttype = 1; $xhome = -1; $subclass = "comments"; $title = $_lang['posts.comments']; $addlink = $_lang['posts.addcomment']; $nopostsmessage = $_lang['posts.nocomments']; $postsperpage = _commentsperpage; $canpost = _loginright_postcomments; $locked = _boolean($vars); $replynote = true; break; // komentare u clanku // komentare u clanku case 2: $posttype = 2; $xhome = -1; $subclass = "comments"; $title = $_lang['posts.comments']; $addlink = $_lang['posts.addcomment']; $nopostsmessage = $_lang['posts.nocomments']; $postsperpage = _commentsperpage; $canpost = _loginright_postcomments; $locked = _boolean($vars); $replynote = true; break; // prispevky v knize // prispevky v knize case 3: $posttype = 3; $xhome = -1; $subclass = "book"; $title = null; $addlink = $_lang['posts.addpost']; $nopostsmessage = $_lang['posts.noposts']; $postsperpage = $vars[0]; $canpost = $vars[1]; $locked = _boolean($vars[2]); $replynote = true; break; // temata ve foru // temata ve foru case 5: $posttype = 5; $xhome = -1; $subclass = "book"; $title = null; $addlink = $_lang['posts.addtopic']; $nopostsmessage = $_lang['posts.notopics']; $postsperpage = $vars[0]; $canpost = $vars[1]; $locked = _boolean($vars[2]); $replynote = true; $ordercol = 'bumptime'; $locked_textid = '3'; break; // odpovedi v tematu // odpovedi v tematu case 6: $posttype = 5; $xhome = $vars[3]; $subclass = "book"; $title = null; $addlink = $_lang['posts.addanswer']; $nopostsmessage = $_lang['posts.noanswers']; $postsperpage = $vars[0]; $canpost = $vars[1]; $locked = _boolean($vars[2]); $replynote = false; $desc = ""; $countcond = "type=5 AND xhome=" . $xhome . " AND home=" . $home; $autolast = isset($_GET['autolast']); $postlink = true; break; // odpovedi v konverzaci // odpovedi v konverzaci case 7: $posttype = 6; $xhome = null; $subclass = "book"; $title = null; $addlink = $_lang['posts.addanswer']; $nopostsmessage = $_lang['posts.noanswers']; $postsperpage = _messagesperpage; $canpost = true; $locked = _boolean($vars[0]); $replynote = false; $desc = ""; $countcond = "type=6 AND home=" . $home; $locked_textid = '4'; $autolast = true; break; // plugin posty // plugin posty case 8: $posttype = 7; $xhome = -1; $subclass = "book"; $title = isset($vars[5]) ? $vars[5] : null; $addlink = $_lang['posts.addpost']; $nopostsmessage = $_lang['posts.noposts']; $postsperpage = $vars[0]; $canpost = $vars[1]; $locked = _boolean($vars[2]); $replynote = true; $pluginflag = $vars[3]; $countcond .= " AND flag=" . $pluginflag; if (!$vars[4]) { $desc = ''; } break; } // vynutit uzamceni parametrem if ($force_locked) { $locked = true; } // extend $callback = null; _extend('call', 'posts.output', array('type' => $type, 'home' => $home, 'xhome' => $xhome, 'vars' => $vars, 'post_type' => $posttype, 'plugin_flag' => $pluginflag, 'canpost' => &$canpost, 'locked' => &$locked, 'autolast' => &$autolast, 'post_link' => &$postlink, 'posts_per_page' => &$postsperpage, 'sql_desc' => &$desc, 'sql_ordercol' => &$ordercol, 'sql_countcond' => &$countcond, 'callback' => &$callback)); /* --- vystup --- */ $output = "\n <div class='anchor'><a name='posts'></a></div>\n <div class='posts-" . $subclass . "'>\n "; if ($title != null) { $output .= "<h2>" . $title . _linkRss($home, $posttype) . "</h2>\n"; } $output .= "<div class='posts-form' id='post-form'>\n"; /* --- priprava strankovani --- */ $paging = _resultPaging($url_html, $postsperpage, "posts", $countcond, "#posts", null, $autolast); /* --- zprava --- */ if (isset($_GET['r'])) { switch ($_GET['r']) { case 0: $output .= _formMessage(2, $_lang['posts.failed']); break; case 1: $output .= _formMessage(1, $_lang[$type != 5 ? 'posts.added' : 'posts.topicadded']); break; case 2: $output .= _formMessage(2, str_replace("*postsendexpire*", _postsendexpire, $_lang['misc.requestlimit'])); break; case 3: $output .= _formMessage(2, $_lang['posts.guestnamedenied']); break; case 4: $output .= _formMessage(2, $_lang['xsrf.msg']); break; } } /* --- formular nebo odkaz na pridani --- */ if (!$locked and (isset($_GET['addpost']) or isset($_GET['replyto']))) { // nacteni cisla prispevku pro odpoved if ($xhome == -1) { if (isset($_GET['replyto']) and $_GET['replyto'] != -1) { $reply = intval($_GET['replyto']); if ($replynote) { $output .= "<p>" . $_lang['posts.replynote'] . " (<a href='" . $url_html . "#posts'>" . $_lang['global.cancel'] . "</a>).</p>"; } } else { $reply = -1; } } else { $reply = $xhome; } // formular nebo prihlaseni if ($canpost) { $form = _uniForm("postform", array('posttype' => $type, 'pluginflag' => $pluginflag, 'posttarget' => $home, 'xhome' => $reply, 'url' => $url)); $output .= $form[0]; } else { $loginform = _uniForm("login", array(), true); $output .= "<p>" . $_lang['posts.loginrequired'] . "</p>" . $loginform[0]; } } else { if (!$locked) { $output .= "<a href='" . _addGetToLink($url_html, "addpost&page=" . $paging[2]) . "#posts'><strong>" . $addlink . " ></strong></a>"; } else { $output .= "<img src='" . _templateImage("icons/lock.png") . "' alt='stop' class='icon' /> <strong>" . $_lang['posts.locked' . $locked_textid] . "</strong>"; } } $output .= "</div>\n<div class='hr'><hr /></div>\n\n"; /* --- vypis --- */ if (_pagingmode == 1 or _pagingmode == 2) { $output .= $paging[0]; } // zaklad query if ($type == 5) { $sql = "SELECT id,author,guest,subject,time,ip,locked,bumptime,sticky,(SELECT COUNT(id) FROM `" . _mysql_prefix . "-posts` WHERE type=5 AND xhome=post.id) AS answer_count"; } else { $sql = "SELECT id,xhome,subject,text,author,guest,time,ip" . _extend('buffer', 'posts.columns'); } $sql .= " FROM `" . _mysql_prefix . "-posts` AS post"; // podminky a razeni $sql .= " WHERE post.type=" . $posttype . (isset($xhome) ? " AND post.xhome=" . $xhome : '') . " AND post.home=" . $home . (isset($pluginflag) ? " AND post.flag=" . $pluginflag : ''); $sql .= " ORDER BY " . ($type == 5 ? 'sticky DESC,' : '') . $ordercol . ' ' . $desc . $paging[1]; // dotaz $query = DB::query($sql); unset($sql); // nacteni prispevku do pole $items = array(); if ($type == 5) { $item_ids_with_answers = array(); } while ($item = DB::row($query)) { $items[$item['id']] = $item; if ($type == 5 && $item['answer_count'] != 0) { $item_ids_with_answers[] = $item['id']; } } // uvolneni dotazu DB::free($query); if ($type == 5) { // posledni prispevek (pro vypis temat) if (!empty($item_ids_with_answers)) { $topicextra = DB::query("SELECT * FROM (SELECT id,xhome,author,guest FROM `" . _mysql_prefix . "-posts` AS reply WHERE type=5 AND home=" . $home . " AND xhome IN(" . implode(',', $item_ids_with_answers) . ") ORDER BY reply.id DESC) AS replies GROUP BY xhome"); while ($item = DB::row($topicextra)) { if (!isset($items[$item['xhome']])) { if (_dev) { trigger_error('Nenalezen domovsky prispevek pro odpoved #' . $item['id'], E_USER_WARNING); } continue; } $items[$item['xhome']]['_lastpost'] = $item; } } } elseif (!empty($items)) { // odpovedi (pro komentare) $answers = DB::query("SELECT id,xhome,text,author,guest,time,ip FROM `" . _mysql_prefix . "-posts` WHERE type=" . $posttype . " AND home=" . $home . (isset($pluginflag) ? " AND flag=" . $pluginflag : '') . " AND xhome IN(" . implode(',', array_keys($items)) . ") ORDER BY id"); while ($item = DB::row($answers)) { if (!isset($items[$item['xhome']])) { if (_dev) { trigger_error('Nenalezen domovsky prispevek pro odpoved #' . $item['id'], E_USER_WARNING); } continue; } if (!isset($items[$item['xhome']]['_answers'])) { $items[$item['xhome']]['_answers'] = array(); } $items[$item['xhome']]['_answers'][] = $item; } DB::free($answers); } // vypis if (!empty($items)) { // vypis prispevku nebo temat if ($type != 5) { $hl = true; foreach ($items as $item) { // nacteni autora if ($item['guest'] == "") { $author = _linkUser($item['author'], "post-author"); } else { $author = "<span class='post-author-guest' title='" . _showIP($item['ip']) . "'>" . $item['guest'] . "</span>"; } // odkazy pro spravu $post_access = _postAccess($item); if ($type < 6 or $type > 7 or $post_access) { $actlinks = " <span class='post-actions'>"; if (($type < 6 or $type > 7) && !$locked) { $actlinks .= "<a href='" . _addGetToLink($url_html, "replyto=" . $item['id']) . "#posts'>" . $_lang['posts.reply'] . "</a>"; } if ($post_access) { $actlinks .= (($type < 6 or $type > 7) ? " " : '') . "<a href='index.php?m=editpost&id=" . $item['id'] . "'>" . $_lang['global.edit'] . "</a>"; } $actlinks .= "</span>"; } else { $actlinks = ""; } // avatar if (_show_avatars) { $avatar = _getAvatar($item['author']); } else { $avatar = null; } // prispevek $hl = !$hl; _extend('call', 'posts.post', array('item' => &$item, 'avatar' => &$avatar, 'type' => $type)); if (null === $callback) { $output .= "<div id='post-" . $item['id'] . "' class='post" . ($hl ? ' post-hl' : '') . (isset($avatar) ? ' post-withavatar' : '') . "'><div class='post-head'>" . $author; if ($type < 6 || $type > 7) { $output .= ", <span class='post-subject'>" . $item['subject'] . "</span> "; } $output .= "<span class='post-info'>(" . _formatTime($item['time']) . ")</span>" . $actlinks . ($postlink ? "<a class='post-postlink' href='" . _addGetToLink($url_html, 'page=' . $paging[2]) . "#post-" . $item['id'] . "'><span>#" . str_pad($item['id'], 6, '0', STR_PAD_LEFT) . "</span></a>" : '') . "</div><div class='post-body" . (isset($avatar) ? ' post-body-withavatar' : '') . "'>" . $avatar . '<div class="post-body-text">' . _parsePost($item['text']) . "</div></div></div>\n"; } else { $output .= call_user_func($callback, array('item' => $item, 'avatar' => $avatar, 'author' => $author, 'actlinks' => $actlinks, 'page' => $paging[2], 'postlink' => $postlink)); } // odpovedi if (($type < 6 || $type > 7) && isset($item['_answers'])) { foreach ($item['_answers'] as $answer) { // jmeno autora if ($answer['guest'] == "") { $author = _linkUser($answer['author'], "post-author"); } else { $author = "<span class='post-author-guest' title='" . _showIP($answer['ip']) . "'>" . $answer['guest'] . "</span>"; } // odkazy pro spravu if (_postAccess($answer)) { $actlinks = " <span class='post-actions'><a href='index.php?m=editpost&id=" . $answer['id'] . "'>" . $_lang['global.edit'] . "</a></span>"; } else { $actlinks = ""; } // avatar if (_show_avatars) { $avatar = _getAvatar($answer['author']); } else { $avatar = null; } _extend('call', 'posts.post', array('item' => &$answer, 'avatar' => &$avatar, 'type' => $type)); if (null === $callback) { $output .= "<div id='post-" . $answer['id'] . "' class='post-answer" . (isset($avatar) ? ' post-answer-withavatar' : '') . "'><div class='post-head'>" . $author . " " . $_lang['posts.replied'] . " <span class='post-info'>(" . _formatTime($answer['time']) . ")</span>" . $actlinks . "</div><div class='post-body" . (isset($avatar) ? ' post-body-withavatar' : '') . "'>" . $avatar . '<div class="post-body-text">' . _parsePost($answer['text']) . "</div></div></div>\n"; } else { $output .= call_user_func($callback, array('item' => $answer, 'avatar' => $avatar, 'author' => $author, 'actlinks' => $actlinks, 'page' => $paging[2], 'postlink' => $postlink)); } } } } if (_pagingmode == 2 or _pagingmode == 3) { $output .= "<br />" . $paging[0]; } } else { // tabulka s tematy $hl = false; $output .= "\n<table class='topic-table'>\n<thead><tr><td colspan='2'><strong>" . $_lang['posts.topic'] . "</strong></td><td><strong>" . $_lang['global.answersnum'] . "</strong></td><td><strong>" . $_lang['global.lastanswer'] . "</strong></td></tr></thead>\n<tbody>\n"; foreach ($items as $item) { // nacteni autora if ($item['guest'] == "") { $author = _linkUser($item['author'], "post-author", false, false, 16); } else { $author = "<span class='post-author-guest' title='" . _showIP($item['ip']) . "'>" . _cutStr($item['guest'], 16) . "</span>"; } // nacteni jmena autora posledniho prispevku if (isset($item['_lastpost'])) { if ($item['_lastpost']['author'] != -1) { $lastpost = _linkUser($item['_lastpost']['author'], "post-author", false, false, 16); } else { $lastpost = "<span class='post-author-guest'>" . _cutStr($item['_lastpost']['guest'], 16) . "</span>"; } } else { $lastpost = "-"; } // vyber ikony if ($item['sticky']) { $icon = 'sticky'; } elseif ($item['locked']) { $icon = 'locked'; } elseif ($item['answer_count'] == 0) { $icon = 'new'; } elseif ($item['answer_count'] < _topic_hot_ratio) { $icon = 'normal'; } else { $icon = 'hot'; } // mini strankovani $tpages = ''; $tpages_num = ceil($item['answer_count'] / _commentsperpage); if ($tpages_num == 0) { $tpages_num = 1; } if ($tpages_num > 1) { $tpages .= '<span class=\'topic-pages\'>'; for ($i = 1; $i <= 3 && $i <= $tpages_num; ++$i) { $tpages .= "<a href='index.php?m=topic&id=" . $item['id'] . "&page=" . $i . "#posts'>" . $i . '</a>'; } if ($tpages_num > 3) { $tpages .= "<a href='index.php?m=topic&id=" . $item['id'] . "&page=" . $tpages_num . "'>" . $tpages_num . ' →</a>'; } $tpages .= '</span>'; } // vystup radku $output .= "<tr class='topic-" . $icon . ($hl ? ' topic-hl' : '') . "'><td class='topic-icon-cell'><a href='index.php?m=topic&id=" . $item['id'] . "'><img src='" . _templateImage('icons/topic-' . $icon . '.png') . "' alt='" . $_lang['posts.topic.' . $icon] . "' /></a></td><td class='topic-main-cell'><a href='index.php?m=topic&id=" . $item['id'] . "'>" . $item['subject'] . "</a>" . $tpages . "<br />" . $author . " <small class='post-info'>(" . _formatTime($item['time']) . ")</small></td><td>" . $item['answer_count'] . "</td><td>" . $lastpost . ($item['answer_count'] != 0 ? "<br /><small class='post-info'>(" . _formatTime($item['bumptime']) . ")</small>" : '') . "</td></tr>\n"; $hl = !$hl; } $output .= "</tbody></table><br />\n\n"; if (_pagingmode == 2 or _pagingmode == 3) { $output .= $paging[0] . "<br />"; } // posledni odpovedi $output .= "\n<div class='hr'><hr /></div><br />\n<h3>" . $_lang['posts.forum.lastact'] . "</h3>\n"; $query = DB::query("SELECT topic.id AS topic_id,topic.subject AS topic_subject,answer.author,answer.guest,answer.time FROM `" . _mysql_prefix . "-posts` AS answer JOIN `" . _mysql_prefix . "-posts` AS topic ON(topic.type=5 AND topic.id=answer.xhome) WHERE answer.type=5 AND answer.home=" . $home . " AND answer.xhome!=-1 ORDER BY answer.id DESC LIMIT " . _extratopicslimit); if (DB::size($query) != 0) { $output .= "<ul>\n"; while ($item = DB::row($query)) { if ($item['guest'] == "") { $author = _linkUser($item['author']); } else { $author = "<span class='post-author-guest'>" . $item['guest'] . "</span>"; } $output .= "<li><a href='index.php?m=topic&id=" . $item['topic_id'] . "'>" . $item['topic_subject'] . "</a> <small>(" . $_lang['global.postauthor'] . " " . $author . " " . _formatTime($item['time']) . ")</small></li>\n"; } $output .= "</ul>\n\n"; } else { $output .= "<p>" . $_lang['global.nokit'] . "</p>"; } } } else { $output .= "<p>" . $nopostsmessage . "</p>"; } $output .= "</div>"; return $output; }
/* --- inicializace jadra --- */ require '../require/load.php'; SL::init('../'); if (_ratemode == 0) { exit; } /* --- hodnoceni --- */ // nacteni promennych _checkKeys('_POST', array('id')); $id = intval($_POST['id']); $article_exists = false; // kontrola promennych a pristupu $continue = false; $query = DB::query("SELECT art.id,art.title_seo,art.time,art.confirmed,art.public,art.home1,art.home2,art.home3,art.rateon,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE art.id=" . $id); if (DB::size($query) != 0) { $article_exists = true; $query = DB::row($query); if (isset($_POST['r'])) { $r = round($_POST['r'] / 10) * 10; if (_iplogCheck(3, $id) and _xsrfCheck() and $query['rateon'] == 1 and _articleAccess($query) == 1 and $r <= 100 and $r >= 0) { $continue = true; } } } // zapocteni hodnoceni if ($continue) { DB::query("UPDATE `" . _mysql_prefix . "-articles` SET ratenum=ratenum+1,ratesum=ratesum+" . $r . " WHERE id=" . $id); _iplogUpdate(3, $id); } // presmerovani
} // vyhledavaci pole // odkaz zpet na profil if ($list) { $module .= "\n<a href='index.php?m=profile&id=" . $id . "' class='backlink'>< " . $_lang['global.return'] . "</a>\n"; } $module .= "\n <form action='index.php' method='get'>\n <input type='hidden' name='m' value='profile-posts' />\n <input type='text' name='id'" . ($id != null ? " value='" . $id . "'" : '') . " class='inputmedium' /> <input type='submit' value='" . $_lang['global.open'] . "' />\n </form><br />\n " . $message; // tabulka if ($list == true) { $cond = "author=" . $query['id'] . " AND `type`!=4 AND `type`!=6 AND `type`!=7"; $paging = _resultPaging("index.php?m=profile-posts&id=" . $id, 15, "posts", $cond); if (_pagingmode == 1 or _pagingmode == 2) { $module .= $paging[0]; } $posts = DB::query("SELECT id,type,home,xhome,subject,text,author,time FROM `" . _mysql_prefix . "-posts` WHERE " . $cond . " ORDER BY time DESC " . $paging[1]); if (DB::size($posts) != 0) { while ($post = DB::row($posts)) { switch ($post['type']) { case 1: case 3: $hometitle = DB::query_row("SELECT title,title_seo FROM `" . _mysql_prefix . "-root` WHERE id=" . $post['home']); $homelink = _linkRoot($post['home'], $hometitle['title_seo']); $hometitle = $hometitle['title']; break; case 2: $hometitle = DB::query_row("SELECT art.title,art.title_seo,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE art.id=" . $post['home']); $homelink = _linkArticle($post['home'], $hometitle['title_seo']); $hometitle = $hometitle['title']; break; case 5: $homelink = 'index.php?m=topic&id=' . $post[$post['xhome'] == '-1' ? 'id' : 'xhome'];
$module .= _formMessage(2, str_replace(array("*1*", "*2*"), array(_maxloginattempts, _maxloginexpire / 60), $_lang['login.attemptlimit'])); } break; default: $module .= "<p class='bborder'>" . $_lang['mod.lostpass.p'] . "</p>"; // kontrola promennych, odeslani emailu $sent = false; if (isset($_POST['username'])) { if (_iplogCheck(7)) { // nacteni promennych $username = _anchorStr($_POST['username'], false); $email = DB::esc($_POST['email']); // kontrola promennych if (_captchaCheck()) { $userdata = DB::query("SELECT email,password,salt,username FROM `" . _mysql_prefix . "-users` WHERE username='******' AND email='" . $email . "'"); if (DB::size($userdata) != 0) { // odeslani emailu $userdata = DB::row($userdata); $link = _url . "/index.php?m=lostpass&link&user="******"&hash=" . md5($userdata['email'] . $userdata['salt'] . $userdata['password']); $text_tags = array("*domain*", "*username*", "*link*", "*date*", "*ip*"); $text_contents = array(_getDomain(), $userdata['username'], $link, _formatTime(time()), _userip); if (_mail($userdata['email'], str_replace('*domain*', _getDomain(), $_lang['mod.lostpass.mail.subject']), str_replace($text_tags, $text_contents, $_lang['mod.lostpass.mail.text']), "Content-Type: text/plain; charset=UTF-8\n" . _sysMailHeader())) { $module .= _formMessage(1, $_lang['mod.lostpass.cmailsent']); _iplogUpdate(7); $sent = true; } else { $module .= _formMessage(3, $_lang['hcm.mailform.msg.failure2']); } } else { $module .= _formMessage(2, $_lang['mod.lostpass.notfound']); }
} } } // ulozeni posledniho nebo jedineho shoutboxu if ($sql != "") { $sql = trim($sql, ","); DB::query("UPDATE `" . _mysql_prefix . "-sboxes` SET " . $sql . " WHERE id=" . $id); } $message = _formMessage(1, $_lang['global.saved']); break; } } /* --- odstraneni shoutboxu --- */ if (isset($_GET['del']) && _xsrfCheck(true)) { $del = intval($_GET['del']); DB::query("DELETE FROM `" . _mysql_prefix . "-sboxes` WHERE id=" . $del); DB::query("DELETE FROM `" . _mysql_prefix . "-posts` WHERE home=" . $del . " AND type=4"); $message = _formMessage(1, $_lang['global.done']); } /* --- vystup --- */ $output .= "\n<p class='bborder'>" . $_lang['admin.content.sboxes.p'] . "</p>\n\n" . $message . "\n\n<fieldset>\n<legend>" . $_lang['admin.content.sboxes.create'] . "</legend>\n<form class='cform' action='index.php?p=content-sboxes' method='post'>\n<input type='hidden' name='action' value='1' />\n\n<table>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n<td><input type='text' name='title' class='inputbig' maxlength='64' /></td>\n</tr>\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n<td>\n<label><input type='checkbox' name='public' value='1' checked='checked' /> " . $_lang['admin.content.form.unregpost'] . "</label><br />\n<label><input type='checkbox' name='locked' value='1' /> " . $_lang['admin.content.form.locked2'] . "</label>\n</td>\n</tr>\n\n<tr>\n<td></td>\n<td><input type='submit' value='" . $_lang['global.create'] . "' /></td>\n</tr>\n\n</table>\n\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n\n<fieldset>\n<legend>" . $_lang['admin.content.sboxes.manage'] . "</legend>\n<form class='cform' action='index.php?p=content-sboxes' method='post'>\n<input type='hidden' name='action' value='2' />\n\n<input type='submit' value='" . $_lang['admin.content.sboxes.savechanges'] . "' />\n<div class='hr'><hr /></div>\n"; // vypis shoutboxu $shoutboxes = DB::query("SELECT * FROM `" . _mysql_prefix . "-sboxes` ORDER BY id DESC"); if (DB::size($shoutboxes) != 0) { while ($shoutbox = DB::row($shoutboxes)) { $output .= "\n <br />\n <table>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n <td><input type='text' name='s" . $shoutbox['id'] . "_title' class='inputmedium' value='" . $shoutbox['title'] . "' /></td>\n </tr>\n\n <tr>\n <td><strong>" . $_lang['global.id'] . "</strong></td>\n <td>" . $shoutbox['id'] . "</td>\n </tr>\n\n <tr class='valign-top'>\n <td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n <td>\n <input type='hidden' name='s" . $shoutbox['id'] . "_publictrigger' value='1' /><input type='hidden' name='s" . $shoutbox['id'] . "_lockedtrigger' value='1' />\n <label><input type='checkbox' name='s" . $shoutbox['id'] . "_public' value='1'" . _checkboxActivate($shoutbox['public']) . " /> " . $_lang['admin.content.form.unregpost'] . "</label><br />\n <label><input type='checkbox' name='s" . $shoutbox['id'] . "_locked' value='1'" . _checkboxActivate($shoutbox['locked']) . " /> " . $_lang['admin.content.form.locked2'] . "</label><br />\n <label><input type='checkbox' name='s" . $shoutbox['id'] . "_delposts' value='1' /> " . $_lang['admin.content.form.delposts'] . "</label><br /><br />\n <a href='" . _xsrfLink("index.php?p=content-sboxes&del=" . $shoutbox['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['global.delete'] . "</a>\n </td>\n </tr>\n\n </table>\n <br /><div class='hr'><hr /></div>\n "; } } else { $output .= $_lang['global.nokit']; } $output .= "\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n";