/** * редактируем выбранный материал */ function newAction() { if ($_POST) { // записываем в базу forms::multy_update_form('order_number', $_POST['id'], 0); $this->msg = general::messages(1, v::getI18n('backend_after_save')); // строим запрос $_sql = "SELECT order_number.*, users.name, users.address, users.phone, users.email, users.city\n\t\t\t\t\tFROM order_number, users \n\t\t\t\t\twhere order_number.id_user=users.id and order_number.id=" . $_POST['id']; // выбираем данные о заказе $_sql0 = 'SELECT orders.*, catalog.name, catalog.artikul FROM orders Left Outer Join catalog ON orders.id_good=catalog.id where number_order=' . $_POST['id'] . ' order by catalog.name'; } else { // строим запрос $_sql = "SELECT order_number.*, users.name, users.address, users.phone, users.email, users.city \n\t\t\t\t\tFROM order_number, users \n\t\t\t\t\twhere order_number.id_user=users.id and order_number.id=" . $_GET['id']; // выбираем данные о заказе $_sql0 = 'SELECT orders.*, catalog.name, catalog.artikul FROM orders Left Outer Join catalog ON orders.id_good=catalog.id where number_order=' . $_GET['id'] . ' order by catalog.name'; } // выполняем запрос + при необходимости выводим сам запрос $result = mysql::query_one($_sql, 0); // выполняем запрос + при необходимости выводим сам запрос $result0 = mysql::query($_sql0, 0); // массив типов global $_status_order; return system::show_tpl(array('obj' => $result, 'msg' => $this->msg, 'select' => $_status_order, 'result0' => $result0), 'orders/new.php'); }
/** * редактируем выбранный материал */ function sendAction() { if ($_POST) { // проверяем на checkbox forms::check_box(array('status')); // строим запрос $_sql = 'SELECT * FROM ' . $this->tablename; // выполняем запрос + при необходимости выводим сам запрос $result = mysql::query($_sql, 0); $from = $GLOBALS['mailadmin']; $subject = $_POST['FORM']['zag']; $message = $_POST['FORM']['text']; $_to = ''; foreach ($result as $result) { $to = $result->email; $_to .= $result->email . '<br>'; sent_email_new($to, $message, "", $subject, $from); } // пишем в лог unset($_POST['FORM']['status']); $_POST['FORM']['email'] = $_to; forms::multy_insert_form('subscribe_conf', 0); $this->msg = general::messages(1, v::getI18n('backend_after_send')); } return system::show_tpl(array('msg' => $this->msg, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/send.php'); }
function indexAction() { if (isset($_POST['check'])) { if ($_POST['FORM']['ua'] == 'on') { $_POST['FORM']['ua'] = 1; } else { $_POST['FORM']['ua'] = 0; } if ($_POST['FORM']['en'] == 'on') { $_POST['FORM']['en'] = 1; } else { $_POST['FORM']['en'] = 0; } if ($_POST['FORM']['fr'] == 'on') { $_POST['FORM']['fr'] = 1; } else { $_POST['FORM']['fr'] = 0; } if ($_POST['FORM']['esp'] == 'on') { $_POST['FORM']['esp'] = 1; } else { $_POST['FORM']['esp'] = 0; } if ($_POST['FORM']['ger'] == 'on') { $_POST['FORM']['ger'] = 1; } else { $_POST['FORM']['ger'] = 0; } forms::multy_update_form($this->tablename, 1, 0); $this->msg = general::messages(1, v::getI18n('backend_after_save')); } $sql = "SELECT * FROM languages"; $res = mysql::query_one($sql, 0); return system::show_tpl(array('obj' => $res, 'msg' => $this->msg, '_status' => isset($_POST['status']) ? $_POST['status'] : 2, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/index.php'); }
/** * добавляем новый материал */ function addAction() { $this->table_name = $_GET['tablename']; if ($_POST) { // проверяем на checkbox forms::check_box(array('status')); // записываем в базу forms::multy_insert_form($this->table_name, 0); $this->msg = general::messages(1, v::getI18n('backend_after_save')); } return system::show_tpl(array('msg' => $this->msg, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/add.php'); }
function login_form() { tpl_set('page_description', 'Login'); $arg1 = arg(0); $arg2 = arg(1); $arg3 = arg(2); if ($arg1[0] == "register") { if (!$arg2[0]) { // Initiate a new form. $form = new forms(array('name' => 'register_form', 'method' => 'post', 'action' => '', 'class' => 'register_form form-horizontal', 'id' => 'register-form')); $form->add_field(array('type' => 'text', 'name' => 'name', 'label' => t('Name & Surname'))); $form->add_field(array('type' => 'text', 'name' => 'email', 'label' => t('Email Address'))); $form->add_field(array('type' => 'password', 'name' => 'password', 'label' => t('Password'))); $form->add_field(array('type' => 'password', 'name' => 'password_again', 'label' => t('Password Again'))); // Add a submit button. $form->add_button(array('type' => 'submit', 'name' => 'register_button', 'value' => 'Register', 'class' => 'btn btn-primary')); // And now we deal with validations and submissions. $form->validate('permissions.validate_register_form'); $form->submit('permissions.submit_register_form'); } elseif ($arg2[0] == 2) { $node = new node($arg3); tpl_set('node', objectArray($node)); // Initiate a new form. $form = new forms(array('name' => 'register_form', 'method' => 'post', 'action' => '', 'class' => 'register_form form-horizontal', 'id' => 'register-form')); $form->add_field(array('type' => 'text', 'name' => 'activation_code', 'label' => t('Activation Code'))); // Add a submit button. $form->add_button(array('type' => 'submit', 'name' => 'register_button', 'value' => 'Activate', 'class' => 'btn btn-primary')); // And now we deal with validations and submissions. $form->validate('permissions.validate_activation_form'); $form->submit('permissions.submit_activation_form'); } elseif ($arg2[0] == 3) { header('location: ' . base_path()); } } else { if ($arg1[0] == 'lostpassword') { // Initiate a new form. $form = new forms(array('name' => 'register_form', 'method' => 'post', 'action' => '', 'class' => 'register_form form-horizontal', 'id' => 'register-form')); // Now we start to add some fields. $form->add_field(array('type' => 'text', 'name' => 'email', 'label' => t('Email Address'))); // Add a submit button. $form->add_button(array('type' => 'submit', 'name' => 'register_button', 'value' => 'Retrieve', 'class' => 'btn btn-primary')); // And now we deal with validations and submissions. $form->validate('permissions.validate_login_form'); $form->submit('permissions.submit_login_form'); } else { // Initiate a new form. $form = new forms(array('name' => 'login_form', 'method' => 'post', 'action' => '', 'class' => 'login_form form-horizontal', 'id' => 'login-form')); // Now we start to add some fields. $form->add_field(array('type' => 'text', 'name' => 'username', 'label' => t('Username'))); $form->add_field(array('type' => 'password', 'name' => 'password', 'label' => t('Password'))); // Add a submit button. $form->add_button(array('type' => 'submit', 'name' => 'login_button', 'value' => 'Login', 'class' => 'btn btn-primary')); // And now we deal with validations and submissions. $form->validate('permissions.validate_login_form'); $form->submit('permissions.submit_login_form'); } } // form testing $form->render(); }
/** * редактирование настроек */ function editAction() { if ($_POST) { // записываем в базу forms::multy_update_form_all_records($this->tablename, 'zna', 0); $this->msg = general::messages(1, v::getI18n('backend_after_save')); } // строим запрос $_sql = 'SELECT * FROM ' . $this->tablename . ' where status=1 order by sort'; // выполняем запрос + при необходимости выводим сам запрос $result = mysql::query($_sql, 0); return system::show_tpl(array('result' => $result, 'msg' => $this->msg, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/edit.php'); }
public static function formFieldOptions($formID) { $form = forms::get($formID); $output = '<option value="idno">IDNO</option><optgroup label="Form Fields">'; foreach ($form['fields'] as $field) { if (isset($field['choicesType'])) { continue; } $output .= sprintf('<option value="%s">%s</option>', $field['name'], $field['label']); } $output .= "</optgroup>"; return $output; }
function add_contact() { // Initiate a new form. $form = new forms(array('name' => 'create_a_contact', 'method' => 'post', 'action' => '', 'class' => 'create_a_contact_form form-horizontal', 'id' => 'create-a-contact-form')); // Now we start to add some elements. $form->add_field(array('type' => 'text', 'name' => 'title', 'label' => t('Name'), 'placeholder' => t('Enter your contact\'s full name'), 'required' => true)); $form->add_field(array('type' => 'tel', 'name' => 'mobile', 'label' => t('Mobile'), 'placeholder' => t('Enter your contact\'s mobile number'))); $form->add_field(array('type' => 'email', 'name' => 'email', 'label' => t('Email'), 'placeholder' => t('Enter your contact\'s email address'))); // Add a submit button. $form->add_button(array('type' => 'submit', 'name' => 'add_contact', 'value' => 'Add Contact', 'class' => 'btn btn-primary')); // And now we deal with validations and submissions. $form->validate('contacts_add.add_contact_validate'); $form->submit('contacts_add.add_contact_submit'); // form testing $form->render(); }
/** * редактируем материал */ function editAction() { if ($_POST) { // записываем в базу forms::multy_update_form($this->tablename, $_POST['id'], 0); $this->msg = general::messages(1, v::getI18n('backend_after_save')); $_sql = 'SELECT * FROM ' . $this->tablename . ' where id=' . $_POST['id']; } else { $_sql = 'SELECT * FROM ' . $this->tablename . ' where id=' . $_GET['id']; } // выполняем запрос + при необходимости выводим сам запрос $result = mysql::query_one($_sql, 0); return system::show_tpl(array('obj' => $result, 'msg' => $this->msg, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/edit.php'); }
/** * add new podrazdel */ function add_answerAction() { if ($_POST) { // проверяем на checkbox forms::check_box(array('status')); // записываем в базу forms::multy_insert_form($this->tablename, 0); $this->msg = general::messages(1, v::getI18n('backend_after_save')); $_GET['id_parent'] = $_POST['FORM']['id_parent']; } // выбираем разделы у которых могут быть подразделы $_sql = 'SELECT * FROM ' . $this->tablename . ' where id=' . $_GET['id_parent']; $select = mysql::query($_sql, 0); return system::show_tpl(array('select' => $select, 'msg' => $this->msg, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/add_answer.php'); }
/** * добавляем новый материал */ function addAction() { global $_sklad; if ($_POST) { // проверяем на checkbox forms::check_box(array('status')); //for($i=0; $i<50; $i++) { // записываем в базу forms::multy_insert_form($this->tablename, 0); $this->msg = general::messages(1, v::getI18n('backend_after_save')); //} } // строим запрос $_sql = 'SELECT * FROM ' . $this->tablename . ' where id>0 order by sort desc'; // выполняем запрос + при необходимости выводим сам запрос $select = mysql::query($_sql, 0); return system::show_tpl(array('city' => dbh::get_city(), 'msg' => $this->msg, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/add.php'); }
/** * отображаем весь список материалов */ function indexAction() { // только для СуперАдмина if (!general::sadmin()) { return general::messages(0, v::getI18n('backend_orror_access')); } if ($_POST) { // проверяем на checkbox forms::check_box(dbh::menu_get_id()); // записываем в базу forms::multy_update_form_all_records($this->tablename, 'status', 0); $this->msg = general::messages(1, v::getI18n('backend_after_save')); } // строим запрос $_sql = 'SELECT * FROM ' . $this->tablename . ' where id_parent=0 order by zindex'; // выполняем запрос + при необходимости выводим сам запрос $result = mysql::query($_sql, 0); return system::show_tpl(array('result' => $result, 'msg' => $this->msg), $this->tpl_folder . '/index.php'); }
public static function buildProjectNavigation($formID) { if (($form = forms::get($formID)) === FALSE) { return FALSE; } localvars::add("formID", htmlSanitize($formID)); $output = ""; $currentGroup = ""; if (!is_array($form['navigation'])) { return $output; } foreach ($form['navigation'] as $item) { // deal with field sets if ($item['grouping'] != $currentGroup) { if ($currentGroup != "") { $output .= "</ul></li>"; } if (!is_empty($item['grouping'])) { $output .= sprintf('<li><strong>%s</strong><ul>', $item['grouping']); } $currentGroup = $item['grouping']; } $output .= "<li>"; if ($item['type'] == "logout") { $output .= sprintf('<a href="%s">%s</a>', htmlSanitize($item['url']), htmlSanitize($item['label'])); } else { if ($item['type'] == "link") { $item['url'] = preg_replace("/{siteRoot}/", mfcs::config("siteRoot"), $item['url']); $output .= sprintf('<a href="%s">%s</a>', htmlSanitize($item['url']), htmlSanitize($item['label'])); } else { if ($item['type'] == "objectForm" || $item['type'] == "metadataForm") { $form = forms::get($item['formID']); $output .= sprintf('<a href="" data-formID="%s" data-header="%s" data-toggle="modal" class="metadataObjectEditor">%s</a>', htmlSanitize($item['formID']), htmlSanitize($item['label']), htmlSanitize(!empty($form['displayTitle']) ? $form['displayTitle'] : (!empty($form['title']) ? $form['title'] : '[No form title]'))); } else { $output .= sprintf('%s', htmlSanitize($item['label'])); } } } $output .= "</li>"; } return $output; }
/** * добавляем новый материал */ function addAction() { if ($_POST) { // загружаем файл if ($_FILES) { //$_arr=explode('.',$_FILES[file1][name]); //$_file_name=v::toSlug($_arr[0]).'.'.$_arr[1]; preg_match('/(\\S+)\\.(\\S+)$/', $_FILES[file1][name], $_arr); $_file_name = v::toSlug($_arr[1]) . '.' . $_arr[2]; //echo "<pre>".print_r($_FILES,1)."</pre>"; move_uploaded_file($_FILES[file1]['tmp_name'], HOST . PRICE_LIST_PATH . '/' . $_file_name); $_POST['FORM']['pole'] = $_file_name; } // записываем в базу forms::multy_insert_form($this->tablename, 0); $this->msg = general::messages(1, v::getI18n('backend_after_save')); header('Location: /backend/' . $this->tpl_folder . '/index'); } return system::show_tpl(array('msg' => $this->msg, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/add.php'); }
function update_user($user_id) { global $conn, $config, $lang; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); require_once $config['basepath'] . '/include/forms.inc.php'; $forms = new forms(); $display = ''; $do_update = true; if ($_POST['edit_user_pass'] != $_POST['edit_user_pass2']) { $display .= '<p>' . $lang['user_manager_password_identical'] . '</p>'; $do_update = false; } elseif ($_POST['edit_user_pass'] == '') { $do_update = true; } // end elseif if ($_POST['user_email'] == '' || $_POST['user_first_name'] == '' || $_POST['user_last_name'] == '') { $display .= "<p class=\"redtext\">{$lang['required_fields_not_filled']}</p>"; $do_update = false; } // Get Current User type $sql = 'SELECT userdb_is_agent, userdb_is_admin, userdb_active FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $user_id; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $is_agent = $misc->make_db_unsafe($recordSet->fields['userdb_is_agent']); $is_admin = $misc->make_db_unsafe($recordSet->fields['userdb_is_admin']); $is_active = $misc->make_db_unsafe($recordSet->fields['userdb_active']); $sql_user_email = $misc->make_db_safe($_POST['user_email']); $sql_user_first_name = $misc->make_db_safe($_POST['user_first_name']); $sql_user_last_name = $misc->make_db_safe($_POST['user_last_name']); //Make sure no other user has this email address. $sql = 'SELECT userdb_id FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_emailaddress = ' . $sql_user_email; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { if ($recordSet->fields['userdb_id'] != $user_id) { $display .= "<p class=\"redtext\">{$lang['email_address_already_used']}</p>"; $do_update = false; } $recordSet->MoveNext(); } if ($do_update) { global $pass_the_form; if ($is_agent == 'yes' || $is_admin == 'yes') { $db_to_validate = 'agentformelements'; } else { $db_to_validate = 'memberformelements'; } $pass_the_form = $forms->validateForm($db_to_validate); if (is_array($pass_the_form)) { // if we're not going to pass it, tell that they forgot to fill in one of the fields foreach ($pass_the_form as $k => $v) { if ($v == 'REQUIRED') { $display .= "<p class=\"redtext\">{$k}: {$lang['required_fields_not_filled']}</p>"; } if ($v == 'TYPE') { $display .= "<p class=\"redtext\">{$k}: {$lang['field_type_does_not_match']}</p>"; } } } else { $_POST['user_email'] = $misc->make_db_safe($_POST['user_email']); if ($_POST['edit_user_pass'] == '') { $sql = 'UPDATE ' . $config['table_prefix'] . 'userdb SET userdb_emailaddress = ' . $_POST['user_email'] . ', userdb_last_modified = ' . $conn->DBTimeStamp(time()) . ' WHERE userdb_id = ' . $user_id; } else { $md5_user_pass = md5($_POST['edit_user_pass']); $md5_user_pass = $misc->make_db_safe($md5_user_pass); $sql = 'UPDATE ' . $config['table_prefix'] . 'userdb SET userdb_emailaddress = ' . $_POST['user_email'] . ', userdb_user_password = '******', userdb_last_modified = ' . $conn->DBTimeStamp(time()) . ' WHERE userdb_id = ' . $user_id; } $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } if ($_SESSION['admin_privs'] == 'yes' && $is_admin == 'yes') { $sql_edit_limitListings = $misc->make_db_safe($_POST['edit_limitListings']); $sql_edit_limitFeaturedListings = $misc->make_db_safe($_POST['edit_limitFeaturedListings']); $sql_edit_userRank = $misc->make_db_safe($_POST['edit_userRank']); $sql = 'UPDATE ' . $config['table_prefix'] . 'userdb SET userdb_rank = ' . $sql_edit_userRank . ', userdb_featuredlistinglimit = ' . $sql_edit_limitFeaturedListings . ', userdb_limit_listings = ' . $sql_edit_limitListings . ' WHERE userdb_id = ' . $user_id; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } } // If Admin is upadting and agent set other fields if ($_SESSION['admin_privs'] == 'yes' && $is_agent == 'yes') { $edit_is_active = $misc->make_db_safe($_POST['edit_active']); $edit_first_name = $misc->make_db_safe($_POST['user_first_name']); $edit_last_name = $misc->make_db_safe($_POST['user_last_name']); $edit_canEditSiteConfig = $misc->make_db_safe($_POST['edit_canEditSiteConfig']); $edit_canEditMemberTemplate = $misc->make_db_safe($_POST['edit_canEditMemberTemplate']); $edit_canEditAgentTemplate = $misc->make_db_safe($_POST['edit_canEditAgentTemplate']); $edit_canEditListingTemplate = $misc->make_db_safe($_POST['edit_canEditListingTemplate']); $edit_canEditAllListings = $misc->make_db_safe($_POST['edit_canEditAllListings']); $edit_canEditAllUsers = $misc->make_db_safe($_POST['edit_canEditAllUsers']); $edit_can_view_logs = $misc->make_db_safe($_POST['edit_canViewLogs']); $edit_can_moderate = $misc->make_db_safe($_POST['edit_canModerate']); $edit_can_feature_listings = $misc->make_db_safe($_POST['edit_canFeatureListings']); $edit_can_edit_pages = $misc->make_db_safe($_POST['edit_canPages']); $edit_can_have_vtours = $misc->make_db_safe($_POST['edit_canVtour']); $edit_can_have_files = $misc->make_db_safe($_POST['edit_canFiles']); $edit_can_have_user_files = $misc->make_db_safe($_POST['edit_canUserFiles']); $edit_limitListings = $misc->make_db_safe($_POST['edit_limitListings']); $sql_edit_canExportListings = $misc->make_db_safe($_POST['edit_canExportListings']); $sql_edit_canEditListingExpiration = $misc->make_db_safe($_POST['edit_canEditListingExpiration']); $sql_edit_canEditPropertyClasses = $misc->make_db_safe($_POST['edit_canEditPropertyClasses']); $sql_userdb_blog_user_type = $misc->make_db_safe($_POST['edit_BlogPrivileges']); $sql_edit_limitFeaturedListings = $misc->make_db_safe($_POST['edit_limitFeaturedListings']); $sql_edit_userRank = $misc->make_db_safe($_POST['edit_userRank']); $sql_edit_canManageAddons = $misc->make_db_safe($_POST['edit_canManageAddons']); $sql = 'UPDATE ' . $config['table_prefix'] . 'userdb SET userdb_active = ' . $edit_is_active . ', userdb_user_first_name = ' . $edit_first_name . ', userdb_user_last_name = ' . $edit_last_name . ', userdb_can_edit_site_config = ' . $edit_canEditSiteConfig . ', userdb_can_edit_member_template = ' . $edit_canEditMemberTemplate . ', userdb_can_edit_agent_template = ' . $edit_canEditAgentTemplate . ', userdb_can_edit_listing_template = ' . $edit_canEditListingTemplate . ', userdb_can_view_logs = ' . $edit_can_view_logs . ', userdb_can_moderate = ' . $edit_can_moderate . ', userdb_can_feature_listings = ' . $edit_can_feature_listings . ', userdb_can_edit_pages = ' . $edit_can_edit_pages . ', userdb_can_have_vtours = ' . $edit_can_have_vtours . ', userdb_can_have_files = ' . $edit_can_have_files . ', userdb_can_have_user_files = ' . $edit_can_have_user_files . ', userdb_limit_listings = ' . $edit_limitListings . ', userdb_can_edit_expiration = ' . $sql_edit_canEditListingExpiration . ', userdb_can_export_listings = ' . $sql_edit_canExportListings . ', userdb_can_edit_all_users = ' . $edit_canEditAllUsers . ', userdb_can_edit_all_listings = ' . $edit_canEditAllListings . ', userdb_can_edit_property_classes = ' . $sql_edit_canEditPropertyClasses . ', userdb_can_manage_addons = ' . $sql_edit_canManageAddons . ', userdb_rank = ' . $sql_edit_userRank . ', userdb_featuredlistinglimit = ' . $sql_edit_limitFeaturedListings . ', userdb_blog_user_type = ' . $sql_userdb_blog_user_type . ' WHERE userdb_id = ' . $user_id; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } } else { if (isset($_POST['edit_active'])) { $edit_is_active = $misc->make_db_safe($_POST['edit_active']); } else { $edit_is_active = $misc->make_db_safe('yes'); } $edit_first_name = $misc->make_db_safe($_POST['user_first_name']); $edit_last_name = $misc->make_db_safe($_POST['user_last_name']); $sql = 'UPDATE ' . $config['table_prefix'] . 'userdb SET userdb_active = ' . $edit_is_active . ', userdb_user_first_name = ' . $edit_first_name . ', userdb_user_last_name =' . $edit_last_name . ' WHERE userdb_id = ' . $user_id; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } } if ($is_active == 'no' && $_POST['edit_active'] == 'yes') { if ($config['moderate_agents'] == 1 && $is_agent == 'yes' || $config['moderate_members'] == 1 && $is_agent == 'no') { $message = $_POST['user_first_name'] . ' ' . $_POST['user_last_name'] . ",\r\n" . $lang['user_activated_message'] . "\r\n\r\n"; if ($is_agent == 'yes') { $link = $config['baseurl'] . '/admin/index.php'; } else { $link = $config['baseurl'] . '/index.php?action=member_login'; } $message .= $link; $email = str_replace('\'', '', $_POST['user_email']); $send = $misc->send_email($config['company_name'], $config['admin_email'], $email, $message, $lang['user_activated_subject']); } } $message = user_managment::updateUserData($user_id); if ($message == 'success') { // one has to ensure that the cookie containing the pass is reset // otherwise, one would have to log out and in again everytime // an account was updated if ($_POST['edit_user_pass'] != "" && $_SESSION['userID'] == $user_id) { $_SESSION['userpassword'] = md5($_POST['edit_user_pass']); } $display .= '<p>' . $lang['user_editor_account_updated'] . ', ' . $_SESSION['username'] . '</p>'; } else { $display .= '<p>' . $lang['alert_site_admin'] . '</p>'; } // end else } // end if $pass_the_form == "Yes" } // end else $misc->log_action($lang['log_updated_user'] . ': ' . $user_id); return $display; }
<?php session_save_path('/tmp'); ini_set('memory_limit', -1); set_time_limit(0); require "../header.php"; if (!isCLI()) { print "Must be run from the command line."; exit; } // Turn off EngineAPI template engine $engine->obCallback = FALSE; $forms = forms::getForms(NULL); $dupeConfirm = array(TRUE => 0, FALSE => 0); foreach ($forms as $form) { print "Form: " . $form['title'] . "\n"; $objects = objects::getAllObjectsForForm($form['ID']); foreach ($objects as $object) { unset(mfcs::$engine->cleanPost['MYSQL']); $return = duplicates::updateDupeTable($form['ID'], $object['ID'], $object['data']); $dupeConfirm[$return]++; } } print "\n\n"; var_dump($dupeConfirm); print "Done.\n\n";
<?php ########################################################################################################################################## ## start insert new user ########################################################################################################################################## if (isset($_POST['userInsert'])) { # import class to form validation $this->vLoadClass($this->vconf['path'], "/vActions.phar/class.forms.php"); # start new class $v = new forms(); $v->classeErro = 'formPointer'; $falha[1] = $v->validatorField('userPath', "Diretorio não definido"); ### proced to register $falhas = implode("", $falha); if (strlen($falhas) > 0) { exit($this->vForceStop("0|" . nl2br($v->errorForm) . "|{$falhas}")); } else { $enterID1 = $this->clearNumeric($_SESSION['vtxUser']); $enterID2 = $this->clearNumeric($_SESSION['vtxGrupo']); $file = md5("/vortex-menu,100,1,{$_POST['userPath']},request.htm"); $path = "{$this->vconf['private']}/corecache/{$_POST['userPath']}/usrgroup/{$enterID2}/{$file}.htm"; $uppd = is_file($path) ? unlink($path) : ""; exit($this->vForceStop("1|Atualizado com sucesso")); } } ############################################################################################################## ## get user data ############################################################################################################## $enterID = $this->clearNumeric($_SESSION['vtxUser']); $inQuery = "SELECT t1.nome,t1.grupo AS grp, t2.grupo "; $inQuery .= "FROM vtx_system_access AS t1 ";
/** * удаляем загруженный файл */ function deletefileAction() { // сообщение $this->msg = general::messages(1, v::getI18n('backend_after_delete_file')); // определяем имя удаляего файла $_sql = 'SELECT * FROM `files` where id=' . $_GET['id_photo']; $result = mysql::query_one($_sql, 0); // имя файла на удаление $_name = array($_GET['id_photo'] . '.' . end(explode(".", $result->name))); // удаляем файл forms::delete_photo(HOST . FILES_PATH, $_name, 0); // удаляем запись из базы $_sql = 'DELETE FROM `files` WHERE (`id`="' . $_GET['id_photo'] . '")'; $result = mysql::just_query($_sql, 0); // выводим новость return self::newAction(); }
public function BuildPages(array $page_types) { foreach ($page_types as $pg) { switch ($pg['id']) { case "0": $forms = new forms(); include ABSOLUTH_PATH_PAGE . "landing.php"; break; case "1": $_GET['page_name'] = $pg['page_name']; include ABSOLUTH_PATH_PAGE . "profile.php"; break; case "2": include ABSOLUTH_PATH_PAGE . "home.php"; break; case "3": include ABSOLUTH_PATH_PAGE . "roster.php"; break; case "4": include ABSOLUTH_PATH_PAGE . "add-drop.php"; break; case "5": include ABSOLUTH_PATH_PAGE . "trades.php"; break; case "6": include ABSOLUTH_PATH_PAGE . "matchup.php"; break; case "7": include ABSOLUTH_PATH_PAGE . "draft.php"; break; case "8": echo "Settings"; break; case "9": $forms = new forms(); echo $forms->EditProfileForm($pg); break; case "10": unset($_SESSION['isLoggedin']); header("Location:loader.php?cmd="); break; case "11": include ABSOLUTH_PATH_PAGE . "help.php"; break; case "12": include ABSOLUTH_PATH_PAGE . "faq.php"; break; case "13": $forms = new forms(); include ABSOLUTH_PATH_PAGE . "teaminfo.php"; break; case '304': $ajax = new forms(); echo $ajax->LoginProcess($pg['login']); break; case '305': $ajax = new forms(); echo $ajax->SignUpProcess($pg['signup']); break; case '306': $ajax = new forms(); echo $ajax->CreateLeagueProcess($pg['create_league']); break; case '307': $ajax = new forms(); echo $ajax->MoreFieldsCall($pg['add_more_fields']); break; case '308': $ajax = new forms(); echo $ajax->InviteMembersProcess($pg['send_invite_now']); //var_dump($pg['send_invite_now']); break; case '309': $ajax = new forms(); echo $ajax->ScoreNavBar($pg['create_nav']); break; case '310': $ajax = new forms(); echo $ajax->JoinLeagueProcess($pg['join_league']); break; case '311': $ajax = new forms(); echo $ajax->AddDropProcess($pg['add_drop']); break; case '312': $ajax = new forms(); echo $ajax->CheckTurn($pg['checkTurn']); break; case '313': $ajax = new forms(); echo $ajax->CheckRefresh($pg['refresh']); break; case '314': $ajax = new forms(); echo $ajax->StartDraft($pg['startDraft']); break; case '315': $ajax = new forms(); echo $ajax->TradeProcess($pg['completeTrade']); break; case '316': $ajax = new forms(); echo $ajax->ApproveTradeProcess($pg['approveTrade']); break; case '317': $ajax = new forms(); echo $ajax->CancelTradeProcess($pg['cancelTrade']); break; case '318': $ajax = new forms(); echo $ajax->RenameLeagueProcess($pg['renameLeague']); break; case '319': $ajax = new forms(); echo $ajax->DeleteLeagueProcess($pg['deleteLeague']); break; case '320': $ajax = new forms(); echo $ajax->DeleteLeagueUserProcess($pg['deleteLeagueUser']); break; case '321': $ajax = new forms(); echo $ajax->ReadyDraftProcess($pg['readyDraft']); break; case '322': $ajax = new forms(); echo $ajax->CheckDraftStatusProcess($pg['checkDraftStatus']); break; case '323': $ajax = new forms(); echo $ajax->SelectRandomTeamProcess($pg['selectRandomTeam']); break; case '55': $forms = new forms(); $functions = new functions(); include ABSOLUTH_PATH_PAGE . "invited_signup.php"; break; case "404": include ABSOLUTH_PATH_PAGE . "404.php"; break; default: $forms = new forms(); echo '<section id="' . $pg["div_name"] . '">'; echo $forms->SignUpForm(); echo $forms->LoginForm(); echo '</div>'; echo '</section>'; break; } } }
<?php include "../header.php"; try { $formID = isset($engine->cleanGet['MYSQL']['formID']) ? $engine->cleanGet['MYSQL']['formID'] : NULL; $fieldName = isset($engine->cleanGet['MYSQL']['fieldName']) ? $engine->cleanGet['MYSQL']['fieldName'] : NULL; $output = array('options' => array(), 'pageSize' => 0, 'total' => 0); if (isnull($formID) || isnull($fieldName)) { throw new Exception(); } $search = isset($engine->cleanGet['MYSQL']['q']) ? $engine->cleanGet['MYSQL']['q'] : NULL; $page = isset($engine->cleanGet['MYSQL']['page']) ? $engine->cleanGet['MYSQL']['page'] : NULL; $pageSize = isset($engine->cleanGet['MYSQL']['pageSize']) ? $engine->cleanGet['MYSQL']['pageSize'] : NULL; $options = array(); // limit by search and re-order by value foreach (forms::retrieveData($formID, $fieldName) as $option) { // If a search term was entered if (!is_empty($search)) { $search = strtolower($search); // Check if search string exists in value if (FALSE === strpos(strtolower($option['value']), $search)) { // Try again by removing diacritics $value = str_replace(array("ä", "ö", "ü", "ß"), array("ae", "oe", "ue", "ss"), $option['value']); $value = iconv('UTF-8', 'US-ASCII//TRANSLIT', $value); // Still no match found, skip if (FALSE === strpos(strtolower($value), $search)) { continue; } } } $options[] = array('text' => $option['value'], 'id' => $option['objectID']);
$result = array(); if (isset($engine->cleanPost['MYSQL']['action'])) { switch ($engine->cleanPost['MYSQL']['action']) { case 'updateUserProjects': $result = users::updateUserProjects(); break; default: break; } } else { if (isset($engine->cleanGet['MYSQL']['action'])) { switch ($engine->cleanGet['MYSQL']['action']) { case 'selectChoices': $field = forms::getField($engine->cleanGet["MYSQL"]['formID'], $engine->cleanGet["MYSQL"]['fieldName']); $fieldChoices = forms::getFieldChoices($field); $result = forms::drawFieldChoices($field, $fieldChoices); die($result); break; case 'searchFormFields': die(mfcsSearch::formFieldOptions($engine->cleanGet["MYSQL"]['formID'])); break; case 'paginationPerPage': $result = users::setField('pagination', $engine->cleanGet["MYSQL"]['perPage']); die(json_encode($result ? "TRUE" : "FALSE")); break; case 'paginationJumpToIDNO': $objects = objects::getAllObjectsForForm($engine->cleanGet['MYSQL']['formID'], "idno"); for ($I = 0; $I < count($objects); $I++) { if (strtolower($objects[$I]['idno']) == strtolower($engine->cleanGet['MYSQL']['idno'])) { header('Location: ' . localvars::get("siteroot") . "dataView/list.php?listType=form&formID=" . $engine->cleanGet['MYSQL']['formID'] . "&page=" . ceil($I / 25)); }
if ($builtForm === FALSE) { throw new Exception("Error building edit table."); } localvars::add("form", $builtForm); localvars::add("metadataEditTable", $builtEditTable); localvars::add("formID", $form['ID']); // localvars::add("leftnav",buildProjectNavigation($engine->cleanGet['MYSQL']['id'])); } catch (Exception $e) { log::insert("Data Entry: Metadata: Error", 0, 0, $e->getMessage()); errorHandle::errorMsg($e->getMessage()); } log::insert("Data Entry: Metadata: View Page"); localVars::add("results", displayMessages()); if (!$ajax) { // Display warning if form is not part of current project forms::checkFormInCurrentProjects($engine->cleanGet['MYSQL']['formID']); $engine->eTemplate("include", "header"); } ?> {local var="projectWarning"} <section> <header class="page-header"> <h1>{local var="formName"}</h1> </header> <?php if (!$ajax) { ?> <nav id="breadcrumbs">
/** * добавляем новый материал */ function addAction() { if ($_POST) { $this->_width = mysql::query_findpole('select zna from config where id=42', 'zna'); $this->_height = mysql::query_findpole('select zna from config where id=43', 'zna'); $this->_width_b = mysql::query_findpole('select zna from config where id=44', 'zna'); $this->_height_b = mysql::query_findpole('select zna from config where id=45', 'zna'); // проверяем на checkbox forms::check_box(array('status')); // записываем в базу forms::multy_insert_form($this->tablename, 0); $this->msg = general::messages(1, v::getI18n('backend_after_save')); // загружаем фото forms::multy_update_photo(HOST . IMG_BRAND_PATH, 1, mysql_insert_id(), $this->_width, $this->_height, $this->_width_b, $this->_height_b); header('Location: /backend/' . $this->tpl_folder . '/index'); } return system::show_tpl(array('msg' => $this->msg, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/add.php'); }
case 'form': // $time_start = microtime(true); $list = listGenerator::createFormObjectList($engine->cleanGet['MYSQL']['formID']); $form = forms::get($engine->cleanGet['MYSQL']['formID']); localvars::add('subTitle', ' - ' . $form['title']); $breadCrumbs[] = sprintf('<a href="%sdataView/list.php?listType=selectForm">Select Form</a>', $siteRoot); $breadCrumbs[] = sprintf('<a href="%sdataView/list.php?listType=form&formID=%s">%s</a>', $siteRoot, $form['ID'], $form['title']); // $time_end = microtime(true); // $time = $time_end - $time_start; // print "<pre>"; // var_dump($time); // print "</pre>"; break; case 'formShelfList': $list = listGenerator::createFormShelfList($engine->cleanGet['MYSQL']['formID']); $form = forms::get($engine->cleanGet['MYSQL']['formID']); localvars::add('subTitle', ' - ' . $form['title']); $breadCrumbs[] = sprintf('<a href="%sdataView/list.php?listType=selectForm">Select Form</a>', $siteRoot); $breadCrumbs[] = sprintf('<a href="%sdataView/list.php?listType=form&formID=%s">%s</a>', $siteRoot, $form['ID'], $form['title']); break; case 'project': $list = listGenerator::createProjectObjectList($engine->cleanGet['MYSQL']['projectID']); $project = projects::get($engine->cleanGet['MYSQL']['projectID']); localvars::add('subTitle', ' - ' . $project['projectName']); $breadCrumbs[] = sprintf('<a href="%sdataView/list.php?listType=selectProject">Select Project</a>', $siteRoot); $breadCrumbs[] = sprintf('<a href="%sdataView/list.php?listType=project&projectID=%s">%s</a>', $siteRoot, $project['ID'], $project['projectName']); break; case 'all': $list = listGenerator::createAllObjectList(); localvars::add('subTitle', ' - All Objects'); $breadCrumbs[] = sprintf('<a href="%sdataView/list.php?listType=all">All Objects</a>', $siteRoot);
<?php include "../../header.php"; $foo = forms::checkFormInProject("1", "21"); print "<pre>"; var_dump($foo); print "</pre>"; $foo = forms::checkFormInProject("2", "21"); print "<pre>"; var_dump($foo); print "</pre>";
/** * добавляем новый материал */ function addAction() { if ($_POST) { $_sql_files = 'SELECT * FROM splash WHERE status=0 order by id'; $_files = mysql::query($_sql_files, 0); foreach ($_files as $_files) { // поля if (isset($_POST['FORM1']['status_' . $_files->id])) { $_POST['FORM']['status'] = 1; } else { $_POST['FORM']['status'] = 0; } $_POST['FORM']['url'] = $_POST['FORM1']['url_' . $_files->id]; $_POST['FORM']['name'] = $_POST['FORM1']['name_' . $_files->id]; // записываем в базу forms::multy_update_form($this->tablename, $_files->id, 0); } $this->msg = general::messages(1, v::getI18n('backend_after_save')); } $_sql_files = 'SELECT * FROM splash where status=0 order by sort'; $_files = mysql::query($_sql_files, 0); return system::show_tpl(array('msg' => $this->msg, 'tpl_folder' => $this->tpl_folder, '_files' => $_files), $this->tpl_folder . '/add.php'); }
/** * удаляем материал */ function deleteAction() { // удаляем из таблицы NEWS $_sql = 'DELETE FROM `' . $this->tablename . '` WHERE (`id`="' . $_GET['id'] . '")'; $result = mysql::just_query($_sql, 0); if (file_exists(HOST . AUDIO_PATH . '/' . $_GET['id'] . '.mp3')) { $_name = array($_GET['id'] . '.mp3'); forms::delete_photo(HOST . AUDIO_PATH, $_name, 0); } else { $_name = array($_GET['id'] . '.ogg'); forms::delete_photo(HOST . AUDIO_PATH, $_name, 0); } // сообщение $this->msg = general::messages(1, v::getI18n('backend_after_delete')); return self::indexAction(); }
function update_listing($verify_user = true) { global $conn, $lang, $config; require_once $config['basepath'] . '/include/misc.inc.php'; $misc = new misc(); require_once $config['basepath'] . '/include/forms.inc.php'; $forms = new forms(); require_once $config['basepath'] . '/include/listing.inc.php'; $listing_pages = new listing_pages(); $display = ''; // update the listing if ($verify_user) { $sql_edit = intval($_POST['edit']); $listing_ownerID = $listing_pages->getListingAgentID($sql_edit); if (intval($_SESSION['userID']) != $listing_ownerID) { $display = $lang['listing_editor_permission_denied'] . '<br />'; return $display; } } if ($_POST['title'] == "") { // if the title is blank $display .= "{$lang['admin_new_listing_enter_a_title']}<br />"; } else { $pass_the_form = $forms->validateForm('listingsformelements', $_POST['pclass']); if ($pass_the_form !== "Yes") { // if we're not going to pass it, tell that they forgot to fill in one of the fields foreach ($pass_the_form as $k => $v) { if ($v == 'REQUIRED') { $display .= "<p class=\"redtext\">{$k}: {$lang['required_fields_not_filled']}</p>"; } if ($v == 'TYPE') { $display .= "<p class=\"redtext\">{$k}: {$lang['field_type_does_not_match']}</p>"; } } // $display .= "<p>$lang[required_fields_not_filled]</p>"; } if ($pass_the_form == "Yes") { $sql_title = $misc->make_db_safe($_POST['title']); $sql_notes = $misc->make_db_safe($_POST['notes']); $sql_edit = $misc->make_db_safe($_POST['edit']); if (!isset($_POST['mlsexport'])) { $_POST['mlsexport'] = "no"; } $sql_mlsexport = $misc->make_db_safe($_POST['mlsexport']); $sql = "UPDATE " . $config['table_prefix'] . "listingsdb SET "; if (!$verify_user) { $sql_or_owner = $misc->make_db_safe($_POST['or_owner']); // update the listing data $sql .= "userdb_ID = {$sql_or_owner}, "; } $sql .= "listingsdb_title = {$sql_title}, "; if ($_SESSION['admin_privs'] == "yes" || $_SESSION['featureListings'] == "yes") { // Check Number of Featured Listings User has if (isset($_POST['or_owner'])) { $or_owner = $misc->make_db_safe($_POST['or_owner']); $featuredsql = 'SELECT count(listingsdb_id) as listing_count FROM ' . $config['table_prefix'] . 'listingsdb WHERE listingsdb_featured = \'yes\' AND userdb_id = ' . $or_owner; } else { $featuredsql = 'SELECT count(listingsdb_id) as listing_count FROM ' . $config['table_prefix'] . 'listingsdb WHERE listingsdb_featured = \'yes\' AND userdb_id = ' . $_SESSION['userID']; } $recordSet = $conn->Execute($featuredsql); if ($recordSet === false) { $misc->log_error($featuredsql); } $featuredlisting_count = $recordSet->fields['listing_count']; // Get User Featured Listing Limit if (isset($_POST['or_owner'])) { $or_owner = $misc->make_db_safe($_POST['or_owner']); $featuredsql = 'SELECT userdb_featuredlistinglimit FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $or_owner; } else { $featuredsql = 'SELECT userdb_featuredlistinglimit FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $_SESSION['userID']; } $recordSet = $conn->Execute($featuredsql); if ($recordSet === false) { $misc->log_error($featuredsql); } $featuredlisting_limit = $recordSet->fields['userdb_featuredlistinglimit']; $featuredLimitError = FALSE; if ($_POST['featured'] == 'yes') { if ($featuredlisting_limit > $featuredlisting_count || $featuredlisting_limit == '-1') { // if the user can feature properties $sql_featured = $misc->make_db_safe($_POST['featured']); $sql .= "listingsdb_featured = {$sql_featured}, "; } else { //See if we are already featured.. $featuredcheckSql = 'SELECT listingsdb_featured FROM ' . $config['table_prefix'] . 'listingsdb WHERE listingsdb_id = ' . $sql_edit; $recordSetFeatured = $conn->Execute($featuredcheckSql); if ($recordSetFeatured === false) { $misc->log_error($featuredcheckSql); } $current_status = $recordSetFeatured->fields['listingsdb_featured']; if ($current_status == 'yes') { $sql_featured = $misc->make_db_safe($_POST['featured']); $sql .= "listingsdb_featured = {$sql_featured}, "; } else { $featuredLimitError = TRUE; } } } else { //Not Feautred Save no matter what $sql_featured = $misc->make_db_safe($_POST['featured']); $sql .= "listingsdb_featured = {$sql_featured}, "; } } // end if ($featureListings == "yes") if ($_SESSION['admin_privs'] == "yes" || $_SESSION['moderator'] == "yes") { // if the user is an administrtor $sql_active = $misc->make_db_safe($_POST['edit_active']); $sql .= "listingsdb_active = {$sql_active}, "; } // end if ($admin_privs == "yes") if (($_SESSION['admin_privs'] == "yes" || $_SESSION['edit_expiration'] == "yes") && $config['use_expiration'] == "1") { $expiration_date = $misc->or_date_format($_POST['edit_expiration']); $sql .= "listingsdb_expiration = " . $expiration_date . ","; } if ($verify_user) { $sql .= "listingsdb_notes = {$sql_notes}, listingsdb_mlsexport = {$sql_mlsexport}, listingsdb_last_modified = " . $conn->DBTimeStamp(time()) . " WHERE ((listingsdb_id = {$sql_edit}) AND (userdb_id = {$_SESSION['userID']}))"; } else { $sql .= "listingsdb_notes = {$sql_notes}, listingsdb_mlsexport = {$sql_mlsexport}, listingsdb_last_modified = " . $conn->DBTimeStamp(time()) . " WHERE listingsdb_id = {$sql_edit}"; } $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } if ($verify_user) { $message = listing_editor::updateListingsData($_POST['edit'], $_SESSION['userID']); } else { // update the image data (in case the or_owner has changed) $sql = "UPDATE " . $config['table_prefix'] . "listingsimages SET userdb_id = {$sql_or_owner} WHERE listingsdb_id = {$sql_edit}"; $recordSet = $conn->Execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $message = listing_editor::updateListingsData($_POST['edit'], $_POST['or_owner']); } // Ok Now Handle Any property class changes that all the data is saved. // First Get a list of all the currently assing property classes. $sql2 = 'SELECT class_id FROM ' . $config['table_prefix_no_lang'] . 'classlistingsdb WHERE listingsdb_id =' . $sql_edit; $recordSet2 = $conn->execute($sql2); if ($recordSet2 === false) { $misc->log_error($sql2); } $current_class_id = array(); while (!$recordSet2->EOF) { $current_class_id[] = $recordSet2->fields['class_id']; $recordSet2->MoveNext(); } // Get List of edited pclasses $new_class_assigned_sql = implode(',', $_POST['pclass']); // Now if teh property class is no longer assigned remove this listin from the class and remove any listing fields tha belogn only to this class foreach ($current_class_id as $c_class_id) { if (!in_array($c_class_id, $_POST['pclass'])) { // Delete listing from class $sql = 'DELETE FROM ' . $config['table_prefix_no_lang'] . 'classlistingsdb WHERE class_id = ' . $c_class_id . ' AND listingsdb_id = ' . $sql_edit; $recordSet = $conn->execute($sql); if ($recordSet === false) { $misc->log_error($sql); } // Get a list of form element ids for the new selected property classes $sql = 'SELECT listingsformelements_id FROM ' . $config['table_prefix_no_lang'] . 'classformelements WHERE class_id IN (' . $new_class_assigned_sql . ')'; $recordSet = $conn->execute($sql); if ($recordSet === false) { $misc->log_error($sql); } $formelement_ids = array(); while (!$recordSet->EOF) { $formelement_ids[] = $recordSet->fields['listingsformelements_id']; $recordSet->Movenext(); } $new_listingsformelements_id_sql = implode(',', $formelement_ids); $sql = 'SELECT DISTINCT(listingsformelements_field_name) FROM ' . $config['table_prefix_no_lang'] . 'classformelements as c,' . $config['table_prefix'] . 'listingsformelements as f WHERE class_id = ' . $c_class_id . ' AND c.listingsformelements_id NOT IN (' . $new_listingsformelements_id_sql . ') AND c.listingsformelements_id = f.listingsformelements_id'; if ($recordSet === false) { $misc->log_error($sql); } while (!$recordSet->EOF) { $sql2 = 'DELETE FROM ' . $config['table_prefix'] . 'listingsdbelements WHERE listingsdbelements_field_name = ' . $recordSet->fields['listingsformelements_field_name'] . ' AND listingsdb_id = ' . $sql_edit; $recordSet2 = $conn->execute($sql2); if ($recordSet2 === false) { $misc->log_error($sql2); } } } } // If this is a new class add the listing to the class foreach ($_POST['pclass'] as $class_id) { if (!in_array($class_id, $current_class_id)) { $sql2 = 'INSERT INTO ' . $config['table_prefix_no_lang'] . 'classlistingsdb (class_id,listingsdb_id) VALUES (' . $class_id . ',' . $sql_edit . ')'; $recordSet2 = $conn->execute($sql2); if ($recordSet2 === false) { $misc->log_error($sql2); } } } if ($message == "success") { $display .= "<p>{$lang['admin_listings_editor_listing_number']} {$_POST['edit']} {$lang['has_been_updated']} </p>"; if ($featuredLimitError == TRUE) { $display .= "<p style=\"error\">{$lang['admin_listings_editor_featuredlistingerror']} </p>"; } $misc->log_action("{$lang['log_updated_listing']} {$_POST['edit']}"); } else { $display .= "<p>{$lang['alert_site_admin']}</p>"; } // end else } // end if $pass_the_form == "Yes" } // end else return $display; }
<a href="/dataView/allfiles.php?objectID={local var="objectID"}">Download All Files (Zip)</a><br /> <!-- <a href="/dataView/allfiles.php?id=$engine->cleanGet['MYSQL']['objectID']&type=tar">Download All Files (tar)</a> --> <br /><br /> {local var="filesViewer"} </div> <div class="tab-pane" id="project"> <h2>Change Project Membership</h2> <form action="{phpself query="true"}" method="post"> {local var="projectOptions"} {engine name="csrf"} <input type="submit" class="btn btn-primary" name="projectForm"> </form> </div> <?php if (forms::isContainer($engine->cleanGet['MYSQL']['formID'])) { ?> <div class="tab-pane" id="children"> <div class="accordion" id="accordion2"> <div class="accordion-group"> <div class="accordion-heading"> <a class="accordion-toggle" data-toggle="collapse" data-parent="#accordion2" href="#collapseOne"> Add a Child Object </a> </div> <div id="collapseOne" class="accordion-body collapse"> <div class="accordion-inner"> Select a Form: {local var="formList"}
/** * мультиредактирование */ function authorizeAction() { //echo "<pre>".print_r($_POST['kt_where'] ,1)."</pre>"; foreach ($_POST['kt_where'] as $key => $value) { //echo '<div style="width:200px; border: solid 0px red; color:#000000; background: yellow; padding: 2px; margin-left: 15px;"><b>'.$key.'</b> - '.$value.'</div>'; if ($_POST['st'] == 1) { // авторизовуем $_sql = "UPDATE `" . $this->tablename . "` SET `status`='1' WHERE (`id`='" . $value . "')"; $result = mysql::just_query($_sql, 0); } else { if ($_POST['st'] == 2) { // авторизовуем $_sql = "DELETE FROM `" . $this->tablename . "` WHERE (`id`='" . $value . "')"; $result = mysql::just_query($_sql, 0); // Удаляем фото (добавлено) // Amber (25-05-2011) $_name = array('_' . $value . '.jpg', $value . '.jpg'); forms::delete_photo(HOST . IMG_GALLERY_PATH, $_name, 0); } } } // сообщение $this->msg = general::messages(1, v::getI18n('backend_after_save')); return self::indexAction(); // редирект //header('Location: /backend/gb/index'); ?????????????? }