/** * * @param Smarty $smarty */ static function process() { $smarty = SSmarty::returnSmarty(); $content = array(); if (isset($_GET["sub"])) { $smarty->assign("sub", $_GET["sub"]); //lawl XDD XSS KURWO if (isset($_GET["id"])) { switch ($_GET["sub"]) { case "spots": $content = self::processSpots(); break; case "menus": case "subscriptions": break; } } else { switch ($_GET["sub"]) { case "spots": case "menus": case "subscriptions": self::update(); self::delete(); $content = self::listit($smarty); break; } } } $smarty->assign("items", $content); $smarty->display("console.tpl"); }
/** * * @param Item $item */ function display() { $smarty = SSmarty::returnSmarty(); $smarty->assign("lat", $this->main->lat); $smarty->assign("lng", $this->main->lng); $smarty->assign("address", $this->main->address); $smarty->assign("map_icon", $this->main->map_icon); return $smarty->fetch("ModuleMap.tpl"); }
static function process_register() { if (user::checkLogin()) { header("Location: /console"); die; } $smarty = SSmarty::returnSmarty(); if (isset($_POST["register"]) && isset($_POST["user"]) && isset($_POST["pass"]) && isset($_POST["email"])) { try { if (self::createUser() && self::login()) { header("Location: /console"); die; } else { $smarty->assign("error", "Tworzenie uzytkownika nie powiodło się"); } } catch (Exception $ex) { $smarty->assign("error", "Błąd bazy danych"); } } $smarty->display("register.tpl"); }
/** * * @param Item $item */ function display() { $smarty = SSmarty::returnSmarty(); $smarty->assign("map_icon", $this->main->map_icon); return $smarty->fetch("ModuleIcon.tpl"); }
/** * * @param Item $item */ function display() { $smarty = SSmarty::returnSmarty(); $smarty->assign("map_banner", $this->main->map_banner); return $smarty->fetch("ModuleBanner.tpl"); }
/** * * @param Item $item */ function display() { $smarty = SSmarty::returnSmarty(); $smarty->assign("title", $this->main->title); return $smarty->fetch("ModuleTitle.tpl"); }
<?php require "smarty.php"; $sma = SSmarty::returnSmarty(); $sma->display("templates/" . $_GET["what"] . ".tpl");