public function add($c)
{
if (isset($_POST["add_language_data"], $_POST["variable"], $_POST["text"])) {
$conn = $this->conn($c);
$variable = $_POST["variable"];
$text = $_POST["text"];
$variable_strip = new variable_strip();
$variable = $variable_strip->rstr($variable);
$model_admin_selectLanguage = new model_admin_selectLanguage();
$lang_query = $model_admin_selectLanguage->select_languages($c);
$sqlm = 'SELECT MAX(`idx`)+1 AS maxidx FROM `studio404_language`';
$preparem = $conn->prepare($sqlm);
$preparem->execute();
$fetchm = $preparem->fetch(PDO::FETCH_ASSOC);
$maxidx = $fetchm["maxidx"] ? $fetchm["maxidx"] : 1;
foreach ($lang_query as $lang_row) {
$sql = 'INSERT INTO `studio404_language` SET `idx`=:maxidx, `variable`=:variable, `text`=:textx, `languagenames`=:zero, `lang_img`=:false, `insert_admin`=:insert_admin, `langs`=:langs, `status`=:zero';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":maxidx" => $maxidx, ":variable" => $variable, ":textx" => $text, ":zero" => 0, ":false" => "false", ":insert_admin" => $_SESSION["user404_id"], ":langs" => $lang_row["id"]));
}
$this->outMessage = 1;
unset($_SESSION["variables"]);
return $this->outMessage;
}
}
public function add($c)
{
$conn = $this->conn($c);
//select max idx
$sqlm = 'SELECT MAX(`idx`)+1 AS maxid FROM `studio404_catalog_info`';
$querym = $conn->query($sqlm);
$rowm = $querym->fetch(PDO::FETCH_ASSOC);
$maxidm = $rowm['maxid'] ? $rowm['maxid'] : 1;
// select languages
$model_admin_selectLanguage = new model_admin_selectLanguage();
$lang_query = $model_admin_selectLanguage->select_languages($c);
foreach ($lang_query as $lang_row) {
$sql = 'INSERT INTO `studio404_catalog_info` SET `idx`=:idx, `name`=:name, `module_item_id`=:module_item_id, `type`=:type, `insert_admin`=:insert_admin, `lang`=:lang';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":idx" => $maxidm, ":name" => $_POST['name'], ":module_item_id" => $_POST['module_item_id'], ":type" => "catalogpage", ":insert_admin" => $_SESSION['user404_id'], ":lang" => $lang_row['id']));
}
$this->outMessage = 1;
return $this->outMessage;
}
public function add($c)
{
$conn = $this->conn($c);
$token_get = $_GET["token"];
$token_session = $_SESSION["token"];
if ($this->noEmpty($_POST['title']) && $token_get == $token_session) {
//select max idx
try {
$sql_max = 'SELECT MAX(`idx`)+1 AS maxid FROM `studio404_pages`';
$query = $conn->query($sql_max);
$u_row = $query->fetch(PDO::FETCH_ASSOC);
} catch (Exception $e) {
$maxid = false;
}
$maxid = $u_row['maxid'] ? $u_row['maxid'] : 1;
$model_admin_selectLanguage = new model_admin_selectLanguage();
$lang_query = $model_admin_selectLanguage->select_languages($c);
foreach ($lang_query as $lang_row) {
$sql = 'INSERT INTO `studio404_pages` SET
`idx`=:idx,
`cid`=:cid,
`date`=:datex,
`menu_type`=:menu_type,
`page_type`=:page_type,
`title`=:title,
`text`=:textx,
`slug`=:slug,
`lang`=:lang,
`itemperpage`=:itemperpage,
`insert_admin`=:insert_admin,
`visibility`=:visibility,
`position`=:position,
`status`=:status';
$insert = $conn->prepare($sql);
$insert->execute(array(":idx" => $maxid, ":cid" => "0", ":datex" => time(), ":menu_type" => "super", ":page_type" => "false", ":title" => $_POST['title'], ":textx" => "false", ":slug" => "false", ":lang" => $lang_row['id'], ":itemperpage" => $_POST['itemperpage'], ":insert_admin" => $_SESSION["user404_id"], ":visibility" => 1, ":position" => 1, ":status" => 0));
}
$this->outMessage = 1;
} else {
$this->outMessage = 2;
}
return $this->outMessage;
}
public function add($c)
{
$conn = $this->conn($c);
//select max idx
$sqlm = 'SELECT MAX(`idx`)+1 AS maxid FROM `studio404_components_inside`';
$querym = $conn->query($sqlm);
$rowm = $querym->fetch(PDO::FETCH_ASSOC);
$maxidm = $rowm['maxid'] ? $rowm['maxid'] : 1;
$cid = $_GET['id'];
//select max position
$sqlp = 'SELECT MAX(`position`)+1 AS maxpos FROM `studio404_components_inside` WHERE `cid`=:cid AND `status`!=:status';
$preparep = $conn->prepare($sqlp);
$preparep->execute(array(":cid" => $cid, ":status" => 1));
$fetchp = $preparep->fetch(PDO::FETCH_ASSOC);
$maxpos = $fetchp['maxpos'] ? $fetchp['maxpos'] : 1;
$background = '';
if (isset($_POST['background'])) {
$expl = explode("/", $_POST['background']);
if (isset($expl[1])) {
$from = DIR . $expl[1] . "/" . end($expl);
$To = DIR . 'files/background/' . end($expl);
if (file_exists($from)) {
if (@copy($from, $To)) {
@unlink($from);
$background = explode(DIR, $To);
$background = "/" . $background[1];
}
}
}
}
$documentsx = "";
if (isset($_FILES["docs"]["name"])) {
$target_dir = "files/document/";
$target_ext = explode(".", $_FILES["docs"]["name"]);
$target_ext = strtolower(end($target_ext));
$filename = md5(sha1(time())) . $lang_row['id'] . "." . $target_ext;
$target_file = $target_dir . $filename;
$allow = array("doc", "docx", "xls", "xlsx", "pdf", "zip", "rar");
if (in_array($target_ext, $allow)) {
if (move_uploaded_file($_FILES["docs"]["tmp_name"], $target_file)) {
$documentsx = $target_file;
}
}
}
// select languages
$model_admin_selectLanguage = new model_admin_selectLanguage();
$lang_query = $model_admin_selectLanguage->select_languages($c);
$datex = isset($_POST['date']) ? strtotime($_POST['date']) : time();
foreach ($lang_query as $lang_row) {
if (LANG_ID != $lang_row['id']) {
$background = "";
$documentsx = "";
}
$sql = 'INSERT INTO `studio404_components_inside` SET `date`=:datex, `document`=:document, `idx`=:idx, `cid`=:cid, `title`=:title, `desc`=:description, `image`=:image, `url`=:url, `insert_admin`=:insert_admin, `lang`=:lang, `position`=:position';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":datex" => $datex, ":idx" => $maxidm, ":cid" => $cid, ":title" => $_POST['title'], ":description" => $_POST['shortdesc'], ":image" => $background, ":document" => $documentsx, ":url" => $_POST['url'], ":insert_admin" => $_SESSION["user404_id"], ":lang" => $lang_row['id'], ":position" => $maxpos));
}
$this->outMessage = 1;
}
public function add($c)
{
if (isset($_POST["startdate"], $_POST["enddate"], $_POST["userid"], $_POST["service"], $_POST["description"], $_POST["price"], $_POST["currency"], $_POST["paystatus"], $_POST["discount"])) {
$conn = $this->conn($c);
$startdate = strtotime($_POST["startdate"]);
$enddate = strtotime($_POST["enddate"]);
$userid = explode(":", $_POST["userid"]);
$userid = end($userid);
$service = $_POST["service"];
$description = $_POST["description"];
$discount = $_POST["discount"];
$wholePrice = $_POST["price"] . " " . $_POST["currency"];
$paystatus = $_POST["paystatus"];
$model_admin_selectLanguage = new model_admin_selectLanguage();
$lang_query = $model_admin_selectLanguage->select_languages($c);
$uid = new uid();
$generate_uid = $uid->generate(6);
try {
foreach ($lang_query as $lang_row) {
$sql = 'INSERT INTO `studio404_invoices` SET
`uid`=:uid,
`start_date`=:start_date,
`end_date`=:end_date,
`user_id`=:user_id,
`service`=:service,
`description`=:description,
`price`=:price,
`discount`=:discount,
`paystatus`=:paystatus,
`insert_admin`=:insert_admin,
`lang`=:lang
';
$insert = $conn->prepare($sql);
$insert->execute(array(":uid" => $generate_uid, ":start_date" => $startdate, ":end_date" => $enddate, ":user_id" => $userid, ":service" => $service, ":description" => $description, ":price" => $wholePrice, ":discount" => $discount, ":paystatus" => $paystatus, ":insert_admin" => $_SESSION["user404_id"], ":lang" => $lang_row['id']));
}
} catch (PDOException $e) {
echo $e;
}
$this->outMessage = 1;
return $this->outMessage;
}
}
public function add($c)
{
$conn = $this->conn($c);
$slug_generation = new slug_generation();
if ($_POST['slug']) {
$slug = $_POST['slug'] . "/" . $slug_generation->generate($_POST['friendlyurl']);
} else {
$slug = $slug_generation->generate($_POST['friendlyurl']);
}
if (isset($_POST['date']) && isset($_POST['expiredate']) && isset($_POST['title']) && isset($_POST['shorttitle']) && isset($_POST['friendlyurl']) && isset($_POST['page_type']) && isset($_POST['description']) && isset($_POST['pagecontent']) && isset($_POST['redirectLink']) && isset($_POST['keywords']) && isset($_POST['videourl']) && isset($_POST['visibility']) && $this->check_friendly_url($c, $slug)) {
// check if super exists
$check_super = new check_super();
$super = $check_super->super($c);
if ($this->noEmpty($_POST['date']) && $this->noEmpty($_POST['expiredate']) && $this->noEmpty($_POST['title']) && $this->noEmpty($_POST['friendlyurl']) && $this->noEmpty($_POST['page_type']) && $this->noEmpty($_POST['visibility']) && $super) {
//select max idx
$sql_max = 'SELECT MAX(`idx`)+1 AS maxid FROM `studio404_pages`';
$query = $conn->query($sql_max);
$u_row = $query->fetch(PDO::FETCH_ASSOC);
$maxid = $u_row['maxid'] ? $u_row['maxid'] : 1;
$sql_max_pos = 'SELECT MAX(`position`)+1 AS maxpos FROM `studio404_pages` WHERE `cid`=:cid AND `status`!=:status';
$prepare = $conn->prepare($sql_max_pos);
$subid = isset($_GET['sub']) && is_numeric($_GET['sub']) ? $_GET['sub'] : '0';
if (!isset($_GET['sub'])) {
$subid = $_GET['super'];
}
$prepare->execute(array(":cid" => $subid, ":status" => 1));
$u_row2 = $prepare->fetch(PDO::FETCH_ASSOC);
$maxpos = $u_row2['maxpos'] ? $u_row2['maxpos'] : 1;
$visibility = $_POST['visibility'] == "true" ? "2" : "1";
$model_admin_selectLanguage = new model_admin_selectLanguage();
$lang_query = $model_admin_selectLanguage->select_languages($c);
$cid = isset($_GET['sub']) ? $_GET['sub'] : $_GET['super'];
if (!$cid) {
$cid = 0;
}
if (isset($_POST['date'])) {
$datex = strtotime($_POST['date']);
} else {
$datex = time();
}
if (isset($_POST['expiredate'])) {
$expiredate = strtotime($_POST['expiredate']);
} else {
$expiredate = time();
}
$background = '';
if (isset($_POST['background'])) {
$expl = explode("/", $_POST['background']);
if (count($expl) > 1) {
$from = DIR . $expl[1] . "/" . end($expl);
$To = DIR . 'files/background/' . end($expl);
if (file_exists($from)) {
if (@copy($from, $To)) {
@unlink($from);
$background = explode(DIR, $To);
$background = $background[1];
}
}
}
}
/*
** media maxidx and max position
*/
//select max idx
$sqlm = 'SELECT MAX(`idx`)+1 AS maxid FROM `studio404_gallery`';
$querym = $conn->query($sqlm);
$rowm = $querym->fetch(PDO::FETCH_ASSOC);
$maxidm = $rowm['maxid'] ? $rowm['maxid'] : 1;
$sql_max_posm = 'SELECT MAX(`position`)+1 AS maxpos FROM `studio404_gallery` WHERE `status`!=:status';
$preparem = $conn->prepare($sql_max_posm);
$preparem->execute(array(":status" => 1));
$row2m = $preparem->fetch(PDO::FETCH_ASSOC);
$maxposm = $row2m['maxpos'] ? $row2m['maxpos'] : 1;
foreach ($lang_query as $lang_row) {
$redirectlink = $_POST['redirectLink'] ? $_POST['redirectLink'] : "false";
$sql = 'INSERT INTO `studio404_pages` SET
`idx`=:idx,
`cid`=:cid,
`subid`=:subid,
`date`=:datex,
`expiredate`=:expiredate,
`menu_type`=:menu_type,
`page_type`=:page_type,
`title`=:title,
`shorttitle`=:shorttitle,
`description`=:description,
`text`=:textx,
`redirectlink`=:redirectlink,
`keywords`=:keywords,
`background`=:background,
`videourl`=:videourl,
`slug`=:slug,
`insert_admin`=:insert_admin,
`lang`=:lang,
`itemperpage`=:itemperpage,
`visibility`=:visibility,
`position`=:position,
`status`=:status
';
$insert = $conn->prepare($sql);
$insert->execute(array(":idx" => $maxid, ":cid" => $cid, ":subid" => $subid, ":datex" => $datex, ":expiredate" => $expiredate, ":menu_type" => "sub", ":page_type" => $_POST['page_type'], ":title" => $_POST['title'], ":shorttitle" => $_POST['shorttitle'], ":description" => $_POST['description'], ":textx" => $_POST['pagecontent'], ":redirectlink" => $redirectlink, ":keywords" => $_POST['keywords'], ":background" => $background, ":videourl" => $_POST['videourl'], ":slug" => $slug, ":insert_admin" => $_SESSION["user404_id"], ":lang" => $lang_row['id'], ":itemperpage" => 0, ":visibility" => $visibility, ":position" => $maxpos, ":status" => 0));
//insert media
$this->insertmedia($c, $maxid, $lang_row['id'], $maxidm, $maxposm);
if ($_POST['page_type'] == "newspage" || $_POST['page_type'] == "catalogpage" || $_POST['page_type'] == "eventpage" || $_POST["page_type"] == "publicationpage" || $_POST["page_type"] == "teampage") {
$this->insertmodule($c, $maxid, $lang_row['id'], $_POST['page_type']);
}
if ($_POST['page_type'] == "photogallerypage" || $_POST['page_type'] == "videogallerypage") {
$this->insertmediamodule($c, $maxid, $lang_row['id'], $_POST['page_type']);
}
if ($_POST['page_type'] == "custompage") {
$s = @explode("/", $slug);
$s = @end($s);
$this->create_custom_page($c, $s);
}
}
$this->outMessage = 1;
}
}
return $this->outMessage;
}
public function template($c, $page)
{
$conn = $this->conn($c);
// connection
$cache = new cache();
$welcomepage_categories = $cache->index($c, "welcomepage_categories");
$data["welcomepage_categories"] = json_decode($welcomepage_categories, true);
/* language variables */
$language_data = $cache->index($c, "language_data");
$language_data = json_decode($language_data);
$model_template_makevars = new model_template_makevars();
$data["language_data"] = $model_template_makevars->vars($language_data);
$sql = 'SELECT `namelname`,`picture` FROM `studio404_users` WHERE `id`=:id';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":id" => $_SESSION["batumi_id"]));
if ($prepare->rowCount() > 0) {
$fetch = $prepare->fetch(PDO::FETCH_ASSOC);
$data["userdata"] = $fetch;
} else {
redirect::url(WEBSITE);
}
$form = $cache->index($c, "form");
$data["form"] = json_decode($form, true);
if (Input::method("POST", "file")) {
$model_admin_selectLanguage = new model_admin_selectLanguage();
$lang_query = $model_admin_selectLanguage->select_languages($c);
for ($input_file_count = 0; $input_file_count < count($_FILES["file"]["name"]); $input_file_count++) {
foreach ($_FILES["file"]["name"][$input_file_count] as $key => $value) {
if ($value != "") {
$gallery_idx = Input::method("POST", "gallery_idx_post");
$insert_admin = $_SESSION["batumi_id"];
$filenumber = $_POST['filenumber'];
$filenumber = $filenumber[$input_file_count];
$inputname = Input::method("POST", "form-name-" . $filenumber);
$attach = Input::method("POST", "form-attach-" . $filenumber);
$important = Input::method("POST", "form-important-" . $filenumber);
$multiple = Input::method("POST", "form-multiple-" . $filenumber);
$format = explode(",", Input::method("POST", "form-format-" . $filenumber));
//$format = end($format);
$filename = $_FILES["file"]["name"][$input_file_count][$key];
$filesize = $_FILES["file"]["size"][$input_file_count][$key];
$filetype_arr = explode(".", $filename);
$filetype = end($filetype_arr);
if (in_array($filetype, $format)) {
$sqlm = 'SELECT MAX(`idx`)+1 AS maxid FROM `studio404_gallery_file`';
$querym = $conn->query($sqlm);
$rowm = $querym->fetch(PDO::FETCH_ASSOC);
$max_idx = $rowm['maxid'] ? $rowm['maxid'] : 1;
$sql_max_posm = 'SELECT MAX(`position`)+1 AS maxpos FROM `studio404_gallery_file` WHERE `status`!=:status';
$preparem = $conn->prepare($sql_max_posm);
$preparem->execute(array(":status" => 1));
$row2m = $preparem->fetch(PDO::FETCH_ASSOC);
$max_pos = $row2m['maxpos'] ? $row2m['maxpos'] : 1;
$filename_new = $filetype_arr[0] . md5(sha1(time())) . "." . $filetype;
$target_file = DIR . "files/document/" . $filename_new;
if (move_uploaded_file($_FILES["file"]["tmp_name"][$input_file_count][$key], $target_file)) {
foreach ($lang_query as $lang_row) {
$insert_into_gallery = 'INSERT INTO `studio404_gallery_file` SET
`idx`=:idx,
`date`=:date,
`gallery_idx`=:gallery_idx,
`file`=:file,
`fileinputname`=:fileinputname,
`media_type`=:media_type,
`title`=:title,
`description`=:description,
`filesize`=:filesize,
`insert_admin`=:insert_admin,
`position`=:position,
`lang`=:lang';
$prepare_insert = $conn->prepare($insert_into_gallery);
$prepare_insert->execute(array(":idx" => $max_idx, ":date" => time(), ":gallery_idx" => $gallery_idx, ":file" => $filename_new, ":fileinputname" => $inputname, ":media_type" => $filetype, ":title" => "Not Defined", ":description" => "Not Defined", ":filesize" => $filesize, ":insert_admin" => $insert_admin, ":position" => $max_pos, ":lang" => $lang_row["id"]));
}
}
}
}
}
}
}
if (Input::method("POST", "close_after_add")) {
$parent = Input::method("GET", "parent");
$back = Input::method("GET", "back");
redirect::url(WEBSITE . LANG . "/" . $back . "?idx=" . $parent);
}
$include = WEB_DIR . "/monacemisdamateba.php";
if (file_exists($include)) {
@(include $include);
} else {
$controller = new error_page();
}
}
public function add($c)
{
$conn = $this->conn($c);
if (isset($_POST['date'], $_POST['expiredate'], $_POST['title'], $_POST['slug'], $_POST['friendlyurl'], $_POST['short_description'], $_POST['long_description'], $_POST['tags'])) {
if ($this->noEmpty($_POST['date']) && $this->noEmpty($_POST['expiredate']) && $this->noEmpty($_POST['title']) && $this->noEmpty($_POST['slug']) && $this->noEmpty($_POST['friendlyurl'])) {
$event_desc = isset($_POST['event_venue']) ? $_POST["event_venue"] : '';
$event_when = isset($_POST['event_when']) ? $_POST["event_when"] : '';
$event_fee = isset($_POST['event_fee']) ? $_POST["event_fee"] : '';
$event_website = isset($_POST['event_website']) ? $_POST["event_website"] : '';
//select max idx
$sqlm = 'SELECT MAX(`idx`)+1 AS maxid FROM `studio404_module_item`';
$querym = $conn->query($sqlm);
$rowm = $querym->fetch(PDO::FETCH_ASSOC);
$maxidm = $rowm['maxid'] ? $rowm['maxid'] : 1;
$datex = strtotime($_POST['date']);
$expiredate = strtotime($_POST['expiredate']);
// get page type
$get_page_type = new get_page_type();
$page_type = $get_page_type->type($_SESSION["C"], $_GET['newsidx']);
try {
// select connect id
$sqlc = 'SELECT
`studio404_module`.`idx` AS sm_idx
FROM
`studio404_module_attachment`, `studio404_module`
WHERE
`studio404_module_attachment`.`connect_idx`=:connect_idx AND
(`studio404_module_attachment`.`page_type`=:page_type_news || `studio404_module_attachment`.`page_type`=:page_type_events) AND
`studio404_module_attachment`.`lang`=:lang AND
`studio404_module_attachment`.`status`!=:status AND
`studio404_module_attachment`.`idx`=`studio404_module`.`idx` AND
`studio404_module`.`lang`=:lang AND
`studio404_module`.`status`!=:status
';
$preparec = $conn->prepare($sqlc);
$preparec->execute(array(":connect_idx" => $_GET['newsidx'], ":page_type_news" => $page_type, ":page_type_events" => 'eventpage', ":lang" => LANG_ID, ":status" => 1));
if ($preparec->rowCount() > 0) {
$fetchc = $preparec->fetch(PDO::FETCH_ASSOC);
$sm_idx = $fetchc['sm_idx'];
} else {
$sm_idx = 1;
}
} catch (Exeption $e) {
}
$slug_generation = new slug_generation();
if ($_POST['slug']) {
$slug = $_POST['slug'] . "/" . $slug_generation->generate($_POST['friendlyurl']);
} else {
$slug = $slug_generation->generate($_POST['friendlyurl']);
}
// select languages
$model_admin_selectLanguage = new model_admin_selectLanguage();
$lang_query = $model_admin_selectLanguage->select_languages($c);
foreach ($lang_query as $lang_row) {
$sql = 'INSERT INTO `studio404_module_item` SET
`idx`=:idx,
`date`=:datex,
`expiredate`=:expiredate,
`module_idx`=:module_idx,
`title`=:title,
`event_desc`=:smi_event_desc,
`event_when`=:smi_event_when,
`event_fee`=:smi_event_fee,
`event_website`=:smi_event_website,
`videourl`=:videourl,
`short_description`=:short_description,
`long_description`=:long_description,
`tags`=:tags,
`slug`=:slug,
`insert_admin`=:insert_admin,
`lang`=:lang,
`visibility`=:visibility,
`status`=:status';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":idx" => $maxidm, ":datex" => $datex, ":expiredate" => $expiredate, ":module_idx" => $sm_idx, ":title" => $_POST['title'], ":smi_event_desc" => $event_desc, ":smi_event_when" => $event_when, ":smi_event_fee" => $event_fee, ":smi_event_website" => $event_website, ":videourl" => '', ":short_description" => $_POST['short_description'], ":long_description" => $_POST['long_description'], ":tags" => $_POST['tags'], ":slug" => $slug, ":insert_admin" => $_SESSION['user404_id'], ":lang" => $lang_row['id'], ":visibility" => 1, ":status" => 0));
//insert media
$this->insertmedia($c, $maxidm, $lang_row['id']);
}
$this->outMessage = 1;
} else {
$this->outMessage = 2;
}
}
return $this->outMessage;
}
public function add($c)
{
$conn = $this->conn($c);
if (isset($_POST['date'], $_POST['expiredate'], $_POST['title'], $_POST['slug'], $_POST['friendlyurl'], $_POST['short_description'], $_POST['long_description'], $_POST['tags'])) {
if ($this->noEmpty($_POST['date']) && $this->noEmpty($_POST['expiredate']) && $this->noEmpty($_POST['title']) && $this->noEmpty($_POST['friendlyurl'])) {
//select max idx
$sqlm = 'SELECT MAX(`idx`)+1 AS maxid FROM `studio404_module_item`';
$querym = $conn->query($sqlm);
$rowm = $querym->fetch(PDO::FETCH_ASSOC);
$maxidm = $rowm['maxid'] ? $rowm['maxid'] : 1;
//select max catalog position
try {
$sqlp = 'SELECT
`studio404_module_item`.`idx` AS smi_idx,
`studio404_module_item`.`position` AS smi_position
FROM
`studio404_module_attachment`,`studio404_module`,`studio404_module_item`
WHERE
`studio404_module_attachment`.`connect_idx`=:connect_idx AND
`studio404_module_attachment`.`lang`=:lang AND
`studio404_module_attachment`.`status`!=:status AND
`studio404_module_attachment`.`idx`=`studio404_module`.`idx` AND
`studio404_module`.`lang`=:lang AND
`studio404_module`.`status`!=:status AND
`studio404_module`.`idx`=`studio404_module_item`.`module_idx` AND
`studio404_module_item`.`lang`=:lang AND
`studio404_module_item`.`status`!=:status
ORDER BY
`studio404_module_item`.`position` ASC
';
$preparep = $conn->prepare($sqlp);
$preparep->execute(array(":connect_idx" => $_GET['catalogidx'], ":lang" => LANG_ID, ":status" => 1));
while ($fetchp = $preparep->fetch()) {
$position = $fetchp['smi_position'] + 1;
$idx = $fetchp['smi_idx'];
$sqlu = 'UPDATE
`studio404_module_item`
SET
`position`=:position
WHERE
`idx`=:idx AND
`status`!=:status';
$prepareu = $conn->prepare($sqlu);
$prepareu->execute(array(":position" => $position, ":idx" => $idx, ":status" => 1));
}
} catch (PDOException $e) {
echo $e;
exit;
}
$smi_maxposition = $fetchp['smi_maxposition'] ? $fetchp['smi_maxposition'] : 1;
// get page type
$get_page_type = new get_page_type();
$page_type = $get_page_type->type($_SESSION["C"], $_GET['catalogidx']);
echo $page_type . " " . $_GET['catalogidx'];
$datex = strtotime($_POST['date']);
$expiredate = strtotime($_POST['expiredate']);
try {
// select connect id
$sqlc = 'SELECT
`studio404_module`.`idx` AS sm_idx
FROM
`studio404_module_attachment`, `studio404_module`
WHERE
`studio404_module_attachment`.`connect_idx`=:connect_idx AND
`studio404_module_attachment`.`page_type`=:page_type AND
`studio404_module_attachment`.`lang`=:lang AND
`studio404_module_attachment`.`status`!=:status AND
`studio404_module_attachment`.`idx`=`studio404_module`.`idx` AND
`studio404_module`.`lang`=:lang AND
`studio404_module`.`status`!=:status
';
$preparec = $conn->prepare($sqlc);
$preparec->execute(array(":connect_idx" => $_GET['catalogidx'], ":page_type" => $page_type, ":lang" => LANG_ID, ":status" => 1));
$fetchc = $preparec->fetch(PDO::FETCH_ASSOC);
} catch (Exeption $e) {
}
$slug_generation = new slug_generation();
$uid = new uid();
$u = $uid->generate();
$slug = PRE_VIEW . "/" . $u . "/" . $slug_generation->generate($_POST['friendlyurl']);
// select languages
$model_admin_selectLanguage = new model_admin_selectLanguage();
$lang_query = $model_admin_selectLanguage->select_languages($c);
foreach ($lang_query as $lang_row) {
$sql = 'INSERT INTO `studio404_module_item` SET
`idx`=:idx,
`uid`=:uid,
`date`=:datex,
`expiredate`=:expiredate,
`module_idx`=:module_idx,
`title`=:title,
`videourl`=:videourl,
`short_description`=:short_description,
`long_description`=:long_description,
`tags`=:tags,
`slug`=:slug,
`insert_admin`=:insert_admin,
`position`=:position,
`lang`=:lang,
`visibility`=:visibility,
`status`=:status';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":idx" => $maxidm, ":uid" => $u, ":datex" => $datex, ":expiredate" => $expiredate, ":module_idx" => $fetchc['sm_idx'], ":title" => $_POST['title'], ":videourl" => $_POST['videourl'], ":short_description" => $_POST['short_description'], ":long_description" => $_POST['long_description'], ":tags" => $_POST['tags'], ":slug" => $slug, ":insert_admin" => $_SESSION["user404_id"], ":position" => $smi_maxposition, ":lang" => $lang_row['id'], ":visibility" => 1, ":status" => 0));
//insert media
$this->insertmedia($c, $maxidm, $lang_row['id']);
}
$this->outMessage = 1;
} else {
$this->outMessage = 2;
}
}
return $this->outMessage;
}
public function add($c)
{
$conn = $this->conn($c);
//select max idx
$sqlm = 'SELECT MAX(`idx`)+1 AS maxid FROM `studio404_components_inside`';
$querym = $conn->query($sqlm);
$rowm = $querym->fetch(PDO::FETCH_ASSOC);
$maxidm = $rowm['maxid'] ? $rowm['maxid'] : 1;
$cid = $_GET['id'];
//select max position
$sqlp = 'SELECT MAX(`position`)+1 AS maxpos FROM `studio404_components_inside` WHERE `cid`=:cid AND `status`!=:status';
$preparep = $conn->prepare($sqlp);
$preparep->execute(array(":cid" => $cid, ":status" => 1));
$fetchp = $preparep->fetch(PDO::FETCH_ASSOC);
$maxpos = $fetchp['maxpos'] ? $fetchp['maxpos'] : 1;
$background = '';
if (isset($_POST['background'])) {
$expl = explode("/", $_POST['background']);
$from = DIR . $expl[1] . "/" . end($expl);
$To = DIR . 'files/background/' . end($expl);
if (file_exists($from)) {
if (@copy($from, $To)) {
@unlink($from);
$background = explode(DIR, $To);
$background = "/" . $background[1];
}
}
}
// select languages
$model_admin_selectLanguage = new model_admin_selectLanguage();
$lang_query = $model_admin_selectLanguage->select_languages($c);
$datex = isset($_POST['date']) ? strtotime($_POST['date']) : time();
foreach ($lang_query as $lang_row) {
$sql = 'INSERT INTO `studio404_components_inside` SET `date`=:datex, `idx`=:idx, `cid`=:cid, `title`=:title, `desc`=:description, `image`=:image, `url`=:url, `insert_admin`=:insert_admin, `lang`=:lang, `position`=:position';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":datex" => $datex, ":idx" => $maxidm, ":cid" => $cid, ":title" => $_POST['title'], ":description" => $_POST['shortdesc'], ":image" => $background, ":url" => $_POST['url'], ":insert_admin" => $_SESSION["user404_id"], ":lang" => $lang_row['id'], ":position" => $maxpos));
}
$this->outMessage = 1;
}
function __construct()
{
set_time_limit($_SESSION["C"]["time.limit"]);
$conn = $this->conn($_SESSION["C"]);
$allowfiletypes = array("doc", "docx", "xls", "xlsx", "zip", "rar", "pdf");
$allowfiletypes2 = array("jpg", "jpeg", "gif", "png", "mp4", "avi");
if ((isset($_POST) or isset($_GET)) && (count($_POST) > 0 or count($_GET) > 0)) {
$files = glob(DIR . '_cache/*');
// get all file names
foreach ($files as $file) {
// iterate files
if (is_file($file)) {
@unlink($file);
}
// delete file
}
}
if (!isset($_GET['extention']) && !isset($_GET['filename']) && !isset($_GET['removefile']) && !isset($_GET['idxes']) && !isset($_GET['idxes2']) && !isset($_GET['idxes3']) && !isset($_GET['idxes_photos']) && !isset($_POST['youtubeLink'])) {
$str = file_get_contents("php://input");
$filename = md5(time()) . ".jpg";
$path = 'files_pre/' . $filename;
file_put_contents($path, $str);
echo $path;
} else {
if (isset($_GET['pageidx'], $_GET['extention'], $_GET['token']) && in_array($_GET['extention'], $allowfiletypes)) {
$pageidx = isset($_GET['newsidx']) && $_GET['newsidx'] != "false" ? $_GET['newsidx'] : $_GET['pageidx'];
// get page type
$get_page_type = new get_page_type();
$page_type = $get_page_type->type($_SESSION["C"], $_GET['pageidx']);
$str = file_get_contents("php://input");
$timegenerate = md5(time());
$filename = $timegenerate . "." . $_GET['extention'];
$path = 'files_pre/' . $filename;
$color_array = array("pdf" => "#e74c3c", "doc" => "#2ecc71", "docx" => "#27ae60", "xls" => "#1abc9c", "xlsx" => "#16a085", "zip" => "#4aa3df", "rar" => "#2980b9");
file_put_contents($path, $str);
// check if exists attachment
$sql = 'SELECT
`studio404_gallery`.`idx` AS `sg_idx`
FROM
`studio404_gallery_attachment`,`studio404_gallery`
WHERE
`studio404_gallery_attachment`.`connect_idx`=:connect_idx AND
`studio404_gallery_attachment`.`status`!=:status AND
`studio404_gallery_attachment`.`pagetype`=:page_type AND
`studio404_gallery_attachment`.`idx`=`studio404_gallery`.`idx` AND
`studio404_gallery`.`status`!=:status
';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":connect_idx" => $pageidx, ":page_type" => $page_type, ":status" => 1));
$fetch = $prepare->fetch(PDO::FETCH_ASSOC);
if ($fetch['sg_idx']) {
// select max idx gallery photo
try {
$sql2 = 'SELECT `id`, MAX(`idx`) as maxid FROM `studio404_gallery_file` WHERE `lang`=:lang AND `status`!=:status';
$prepare2 = $conn->prepare($sql2);
$prepare2->execute(array("lang" => LANG_ID, ":status" => 1));
$fetch2 = $prepare2->fetch(PDO::FETCH_ASSOC);
$maxid = $fetch2['maxid'] ? $fetch2['maxid'] + 1 : 1;
$fileid = $fetch2['id'];
} catch (Exeption $e) {
$maxid = 1;
}
// select max position of gallery photo
try {
$sql3 = 'SELECT MAX(`position`) as maxpos FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `lang`=:lang AND `gallery_idx`=:gallery_idx AND `status`!=:status';
$prepare3 = $conn->prepare($sql3);
$prepare3->execute(array(":media_type" => 'document', ":lang" => LANG_ID, ":gallery_idx" => $fetch['sg_idx'], ":status" => 1));
$fetch3 = $prepare3->fetch(PDO::FETCH_ASSOC);
$maxpos = $fetch3['maxpos'] ? $fetch3['maxpos'] + 1 : 1;
} catch (Exeption $e) {
$maxpos = 1;
}
$model_admin_selectLanguage = new model_admin_selectLanguage();
$languages = $model_admin_selectLanguage->select_languages($_SESSION["C"]);
// move file to file folder
$path_new = "files/document/" . $timegenerate . "." . $_GET["extention"];
if (@copy($path, $path_new)) {
@unlink($path);
}
$filesize = @filesize($path_new);
foreach ($languages as $lang) {
//insert gallery photo
$sql4 = 'INSERT INTO `studio404_gallery_file` SET
`idx`=:idx,
`date`=:datex,
`gallery_idx`=:gallery_idx,
`file`=:file,
`media_type`=:media_type,
`title`=:title,
`description`=:description,
`filesize`=:filesize,
`insert_admin`=:insert_admin,
`position`=:position,
`lang`=:lang,
`status`=:status
';
$prepare4 = $conn->prepare($sql4);
$prepare4->execute(array(":idx" => $maxid, ":datex" => time(), ":gallery_idx" => $fetch['sg_idx'], ":file" => $path_new, ":media_type" => "document", ":title" => "Not defined", ":description" => "Not defined", ":filesize" => $filesize, ":insert_admin" => $_SESSION["user404_id"], ":position" => $maxpos, ":lang" => $lang['id'], ":status" => 0));
}
//get inserted file id with current language
$sql5 = 'SELECT `id`,`position` FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `idx`=:idx AND `lang`=:lang AND `status`!=:status';
$prepare5 = $conn->prepare($sql5);
$prepare5->execute(array(":media_type" => 'document', ":idx" => $maxid, ":lang" => LANG_ID, ":status" => 1));
$fetch5 = $prepare5->fetch(PDO::FETCH_ASSOC);
$out = '<div class="filebox" style="background-color:' . $color_array[$_GET['extention']] . '" id="flexbox-' . $maxid . '">';
$out .= '<div class="action_panel">';
$out .= '<a href="/' . $path . '" target="_blank"><i class="fa fa-eye"></i></a>';
$out .= '<a href="javascript:;" onclick="openPromt(\'' . $maxid . '\')"><i class="fa fa-pencil-square-o"></i></a>';
$out .= '<a href="javascript:;" onclick="removeFile(\'' . $maxid . '\')"><i class="fa fa-times"></i></a>';
$out .= '</div>';
$out .= '<div class="extention">' . $_GET['extention'] . '</div>';
$out .= '<div class="filename n-' . $maxid . '" id="fid-' . $fetch5['id'] . '">Not defined</div>';
$out .= '</div>';
echo $out;
}
} else {
if (isset($_GET['id'], $_GET['filename'])) {
$sql = 'UPDATE `studio404_gallery_file` SET `title`=:title WHERE `id`=:id';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":title" => $_GET['filename'], ":id" => $_GET['id']));
} else {
if (isset($_GET['idx'], $_GET['idxes2'])) {
$sql = 'UPDATE `studio404_gallery_file` SET `status`=:status WHERE `idx`=:idx';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":status" => 1, ":idx" => $_GET['idx']));
$position = 1;
foreach ($_GET['idxes2'] as $idx) {
$sql2 = 'UPDATE `studio404_gallery_file` SET `position`=:position WHERE `media_type`=:media_type AND `idx`=:idx AND `status`!=:status';
$prepare2 = $conn->prepare($sql2);
$prepare2->execute(array(":media_type" => "document", ":position" => $position, ":idx" => $idx, ":status" => 1));
$position++;
}
} else {
if (isset($_GET['idx'], $_GET['idxes3'])) {
$media_type = isset($_GET["media_type"]) && $_GET["media_type"] == "video" ? "video" : "photo";
$sql = 'UPDATE `studio404_gallery_file` SET `status`=:status WHERE `idx`=:idx';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":status" => 1, ":idx" => $_GET['idx']));
$position = 1;
if ($_GET["idxes3"] != "empty") {
foreach ($_GET['idxes3'] as $idx) {
$sql2 = 'UPDATE `studio404_gallery_file` SET `position`=:position WHERE `media_type`=:media_type AND `idx`=:idx AND `status`!=:status';
$prepare2 = $conn->prepare($sql2);
$prepare2->execute(array(":media_type" => $media_type, ":position" => $position, ":idx" => $idx, ":status" => 1));
$position++;
}
}
} else {
if (isset($_GET['idxes'])) {
$position = 1;
foreach ($_GET['idxes'] as $idx) {
$sql = 'UPDATE `studio404_gallery_file` SET `position`=:position WHERE `media_type`=:media_type AND `idx`=:idx AND `status`!=:status';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":media_type" => "document", ":position" => $position, ":idx" => $idx, ":status" => 1));
$position++;
}
} else {
if (isset($_GET['idxes_photos'])) {
$position = 1;
$media_type = isset($_GET["type"]) && $_GET["type"] == "videogallerypage" ? "video" : "photo";
foreach ($_GET['idxes_photos'] as $idx) {
$sql = 'UPDATE `studio404_gallery_file` SET `position`=:position WHERE `media_type`=:media_type AND `idx`=:idx AND `status`!=:status';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":media_type" => $media_type, ":position" => $position, ":idx" => $idx, ":status" => 1));
$position++;
}
} else {
if (isset($_GET['pageidx'], $_GET['extention'], $_GET['token']) && in_array($_GET['extention'], $allowfiletypes2)) {
$pageidx = isset($_GET['newsidx']) && $_GET['newsidx'] != "false" ? $_GET['newsidx'] : $_GET['pageidx'];
$media_type = isset($_GET["media"]) && $_GET["media"] == "false" ? "video" : "photo";
// get page type
$get_page_type = new get_page_type();
$page_type = $get_page_type->type($_SESSION["C"], $_GET['pageidx']);
// photo upload
$str = file_get_contents("php://input");
$timegenerate = md5(time());
$filename = $timegenerate . "." . $_GET['extention'];
$path = 'files_pre/' . $filename;
file_put_contents($path, $str);
// check if exists attachment
$sql = 'SELECT
`studio404_gallery`.`idx` AS `sg_idx`
FROM
`studio404_gallery_attachment`,`studio404_gallery`
WHERE
`studio404_gallery_attachment`.`connect_idx`=:connect_idx AND
`studio404_gallery_attachment`.`pagetype`=:pagetype AND
`studio404_gallery_attachment`.`status`!=:status AND
`studio404_gallery_attachment`.`idx`=`studio404_gallery`.`idx` AND
`studio404_gallery`.`status`!=:status
';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":connect_idx" => $pageidx, ":pagetype" => $page_type, ":status" => 1));
$fetch = $prepare->fetch(PDO::FETCH_ASSOC);
if ($fetch['sg_idx']) {
// select max idx gallery photo
$sql2 = 'SELECT `id`, MAX(`idx`) AS maxid FROM `studio404_gallery_file`';
$prepare2 = $conn->prepare($sql2);
$prepare2->execute();
$fetch2 = $prepare2->fetch(PDO::FETCH_ASSOC);
$maxid = $fetch2['maxid'] ? $fetch2['maxid'] + 1 : 1;
$fileid = $fetch2['id'];
// select max position of gallery photo
try {
$sql3 = 'SELECT MAX(`position`) as maxpos FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `lang`=:lang AND `gallery_idx`=:gallery_idx AND `status`!=:status';
$prepare3 = $conn->prepare($sql3);
$prepare3->execute(array(":media_type" => $media_type, ":lang" => LANG_ID, ":gallery_idx" => $fetch['sg_idx'], ":status" => 1));
$fetch3 = $prepare3->fetch(PDO::FETCH_ASSOC);
$maxpos = $fetch3['maxpos'] ? $fetch3['maxpos'] + 1 : 1;
} catch (Exeption $e) {
$maxpos = 1;
}
$model_admin_selectLanguage = new model_admin_selectLanguage();
$languages = $model_admin_selectLanguage->select_languages($_SESSION["C"]);
// move file to file folder
$path_new = "files/" . $media_type . "/" . $timegenerate . "." . $_GET["extention"];
if (@copy($path, $path_new)) {
@unlink($path);
}
$filesize = @filesize($path_new);
foreach ($languages as $lang) {
//insert gallery photo
$sql4 = 'INSERT INTO `studio404_gallery_file` SET
`idx`=:idx,
`date`=:datex,
`gallery_idx`=:gallery_idx,
`file`=:file,
`media_type`=:media_type,
`title`=:title,
`description`=:description,
`filesize`=:filesize,
`insert_admin`=:insert_admin,
`position`=:position,
`lang`=:lang,
`status`=:status
';
$prepare4 = $conn->prepare($sql4);
$prepare4->execute(array(":idx" => $maxid, ":datex" => time(), ":gallery_idx" => $fetch['sg_idx'], ":file" => $path_new, ":media_type" => $media_type, ":title" => "Not defined", ":description" => "Not defined", ":filesize" => $filesize, ":insert_admin" => $_SESSION["user404_id"], ":position" => $maxpos, ":lang" => $lang['id'], ":status" => 0));
}
//get inserted file id with current language
$sql5 = 'SELECT `id`,`position` FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `idx`=:idx AND `lang`=:lang AND `status`!=:status';
$prepare5 = $conn->prepare($sql5);
$prepare5->execute(array(":media_type" => $media_type, ":idx" => $maxid, ":lang" => LANG_ID, ":status" => 1));
$fetch5 = $prepare5->fetch(PDO::FETCH_ASSOC);
$out = '<div class="filebox2" id="flexbox2-' . $maxid . '">';
$out .= '<div class="action_panel2">';
$out .= '<a href="/' . $path_new . '" class="fancybox"><i class="fa fa-eye"></i></a>';
$out .= '<a href="javascript:;" onclick="openPromt2(\'' . $maxid . '\')"><i class="fa fa-pencil-square-o"></i></a>';
$out .= '<a href="javascript:;" onclick="removeFile2(\'' . $maxid . '\')"><i class="fa fa-times"></i></a>';
$out .= '</div>';
if ($media_type == "video") {
$out .= '<div class="extention2"><img src="/images/video_icon.png" width="100%" /></div>';
} else {
$out .= '<div class="extention2"><img src="/' . $path_new . '" width="100%" /></div>';
}
$out .= '<div class="filename2 n2-' . $maxid . '" id="fid2-' . $fetch5['id'] . '">Not defined</div>';
$out .= '</div>';
echo $out;
}
} else {
if (isset($_POST['youtubeLink'])) {
///////////////////////////////////////////////////////////////////////
$pageidx = isset($_POST['yt_mid']) ? $_POST['yt_mid'] : 0;
$media_type = "video";
$page_type = "videogallerypage";
$sql = 'SELECT
`studio404_gallery`.`idx` AS `sg_idx`
FROM
`studio404_gallery_attachment`,`studio404_gallery`
WHERE
`studio404_gallery_attachment`.`connect_idx`=:connect_idx AND
`studio404_gallery_attachment`.`pagetype`=:pagetype AND
`studio404_gallery_attachment`.`status`!=:status AND
`studio404_gallery_attachment`.`idx`=`studio404_gallery`.`idx` AND
`studio404_gallery`.`status`!=:status
';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":connect_idx" => $pageidx, ":pagetype" => $page_type, ":status" => 1));
$fetch = $prepare->fetch(PDO::FETCH_ASSOC);
if ($fetch['sg_idx']) {
// select max idx gallery photo
try {
$sql2 = 'SELECT `id`, MAX(`idx`) as maxid FROM `studio404_gallery_file` WHERE `lang`=:lang AND `status`!=:status';
$prepare2 = $conn->prepare($sql2);
$prepare2->execute(array("lang" => LANG_ID, ":status" => 1));
$fetch2 = $prepare2->fetch(PDO::FETCH_ASSOC);
$maxid = $fetch2['maxid'] ? $fetch2['maxid'] + 1 : 1;
$fileid = $fetch2['id'];
} catch (Exeption $e) {
$maxid = 1;
}
// select max position of gallery photo
try {
$sql3 = 'SELECT MAX(`position`) as maxpos FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `lang`=:lang AND `gallery_idx`=:gallery_idx AND `status`!=:status';
$prepare3 = $conn->prepare($sql3);
$prepare3->execute(array(":media_type" => $media_type, ":lang" => LANG_ID, ":gallery_idx" => $fetch['sg_idx'], ":status" => 1));
$fetch3 = $prepare3->fetch(PDO::FETCH_ASSOC);
$maxpos = $fetch3['maxpos'] ? $fetch3['maxpos'] + 1 : 1;
} catch (Exeption $e) {
$maxpos = 1;
}
$model_admin_selectLanguage = new model_admin_selectLanguage();
$languages = $model_admin_selectLanguage->select_languages($_SESSION["C"]);
foreach ($languages as $lang) {
//insert gallery photo
$sql4 = 'INSERT INTO `studio404_gallery_file` SET
`idx`=:idx,
`date`=:datex,
`gallery_idx`=:gallery_idx,
`file`=:file,
`media_type`=:media_type,
`title`=:title,
`description`=:description,
`filesize`=:filesize,
`insert_admin`=:insert_admin,
`position`=:position,
`lang`=:lang,
`status`=:status
';
$prepare4 = $conn->prepare($sql4);
$prepare4->execute(array(":idx" => $maxid, ":datex" => time(), ":gallery_idx" => $fetch['sg_idx'], ":file" => $_POST['youtubeLink'], ":media_type" => $media_type, ":title" => "Not defined", ":description" => "Not defined", ":filesize" => "0", ":insert_admin" => $_SESSION["user404_id"], ":position" => $maxpos, ":lang" => $lang['id'], ":status" => 0));
}
//get inserted file id with current language
$sql5 = 'SELECT `id`,`position` FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `idx`=:idx AND `lang`=:lang AND `status`!=:status';
$prepare5 = $conn->prepare($sql5);
$prepare5->execute(array(":media_type" => $media_type, ":idx" => $maxid, ":lang" => LANG_ID, ":status" => 1));
$fetch5 = $prepare5->fetch(PDO::FETCH_ASSOC);
$out = '<div class="filebox2" id="flexbox2-' . $maxid . '">';
$out .= '<div class="action_panel2">';
$out .= '<a href="' . $_POST['youtubeLink'] . '" target="_blank"><i class="fa fa-eye"></i></a>';
$out .= '<a href="javascript:;" onclick="openPromt2(\'' . $maxid . '\')"><i class="fa fa-pencil-square-o"></i></a>';
$out .= '<a href="javascript:;" onclick="upload_filev(\'' . $maxid . '\')"><i class="fa fa-camera"></i></a>';
$out .= '<a href="javascript:;" onclick="removeFile2(\'' . $maxid . '\')"><i class="fa fa-times"></i></a>';
$out .= '</div>';
$out .= '<div class="extention2"><img src="/images/video_icon.png" width="100%" /></div>';
$out .= '<div class="filename2 n2-' . $maxid . '" id="fid2-' . $fetch5['id'] . '">Not defined</div>';
$out .= '</div>';
echo $out;
}
/////////////////////////////////////////////////////////////////
} else {
if (isset($_GET['videoimage']) && is_numeric($_GET['videoimage'])) {
$str = file_get_contents("php://input");
$filename = md5(time()) . "." . $_GET['extention'];
$path = 'files/photo/' . $filename;
file_put_contents($path, $str);
$sql = 'UPDATE `studio404_gallery_file` SET `filev`=:filev WHERE `idx`=:idx AND `status`!=:status';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":filev" => $path, ":idx" => $_GET['videoimage'], ":status" => 1));
echo $path;
} else {
echo "error";
exit;
}
}
}
}
}
}
}
}
}
}
}
public function add($c)
{
$conn = $this->conn($c);
if (isset($_POST['date'], $_POST['namelname'], $_POST['comment']) && $this->noEmpty($_POST['date']) && $this->noEmpty($_POST['namelname']) && $this->noEmpty($_POST['comment'])) {
$date = strtotime($_POST['date']);
$background = 'false';
if (isset($_POST['background']) && !empty($_POST['background'])) {
$expl = explode("/", $_POST['background']);
$from = DIR . $expl[1] . "/" . end($expl);
$To = DIR . 'files/' . end($expl);
if (file_exists($from)) {
if (@copy($from, $To)) {
@unlink($from);
$background = explode(DIR, $To);
$background = $background[1];
}
}
}
// select languages
$model_admin_selectLanguage = new model_admin_selectLanguage();
$lang_query = $model_admin_selectLanguage->select_languages($c);
$sqlm = 'SELECT MAX(`idx`)+1 AS maxid FROM `studio404_comments`';
$querym = $conn->query($sqlm);
$rowm = $querym->fetch(PDO::FETCH_ASSOC);
$maxidx = $rowm['maxid'] ? $rowm['maxid'] : 1;
foreach ($lang_query as $lang_row) {
$lang_id = $lang_row['id'];
$sql = 'INSERT INTO `studio404_comments` SET
`idx`=:maxidx,
`connect_idx`=:connect_idx,
`date`=:datex,
`namelname`=:namelname,
`comment`=:comment,
`file`=:file,
`page_type`=:page_type,
`lang`=:lang
';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":maxidx" => $maxidx, ":datex" => $date, ":namelname" => $_POST['namelname'], ":comment" => $_POST['comment'], ":lang" => $lang_id, ":connect_idx" => $_GET['cidx'], ":page_type" => $_GET['type'], ":file" => $background));
}
return 1;
}
}