function upcoming_eot()
{
global $dbtable_prefix;
$config['days_before'] = 4;
$query_strlen = 20000;
$now = gmdate('Ymd');
$query = "SELECT b.`email`,c.`_user` as `user` FROM `{$dbtable_prefix}payments` a,`" . USER_ACCOUNTS_TABLE . "` b,`{$dbtable_prefix}user_profiles` c WHERE a.`fk_user_id`=b.`" . USER_ACCOUNT_ID . "` AND a.`fk_user_id`=c.`fk_user_id` AND a.`paid_until`='{$now}'-INTERVAL " . $config['days_before'] . " DAY AND a.`is_active`=1 AND a.`is_recurring`=0";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$alerts = array();
while ($rsrow = mysql_fetch_assoc($res)) {
$alerts[$rsrow['email']] = $rsrow;
}
if (!empty($alerts)) {
$skin = get_default_skin_dir();
$tpl = new phemplate(_BASEPATH_ . '/skins_site/' . $skin . '/emails/', 'remove_nonjs');
$tpl->set_file('temp', 'subscr_expire_alert.html');
$tpl->set_var('tplvars', $tplvars);
$subject = sprintf($GLOBALS['_lang'][218], _SITENAME_);
$subject = sanitize_and_format($subject, TYPE_STRING, $GLOBALS['__field2format'][FIELD_TEXTFIELD]);
$insert = "INSERT INTO `{$dbtable_prefix}queue_email` (`to`,`subject`,`message_body`) VALUES ";
$iquery = $insert;
foreach ($alerts as $email => $v) {
$tpl->set_var('output', $v);
$message_body = $tpl->process('', 'temp', TPL_LOOP | TPL_OPTLOOP | TPL_OPTIONAL | TPL_FINISH);
$message_body = sanitize_and_format($message_body, TYPE_STRING, $GLOBALS['__field2format'][FIELD_TEXTAREA]);
if (strlen($iquery) > $query_strlen) {
$iquery = substr($iquery, 0, -1);
if (!($res = @mysql_query($iquery))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$iquery = $insert;
}
$iquery .= "('{$email}','{$subject}','{$message_body}'),";
}
if ($iquery != $insert) {
$iquery = substr($iquery, 0, -1);
if (!($res = @mysql_query($iquery))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
}
}
return true;
}
case FIELD_TEXTFIELD:
$rsrow['field'] = '<input class="input_tf" type="text" name="' . $rsrow['fk_module_code'] . '_' . $rsrow['config_option'] . '" id="' . $rsrow['fk_module_code'] . '_' . $rsrow['config_option'] . '" value="' . $rsrow['config_value'] . '" />';
break;
case FIELD_INT:
$rsrow['field'] = '<input class="number" type="text" name="' . $rsrow['fk_module_code'] . '_' . $rsrow['config_option'] . '" id="' . $rsrow['fk_module_code'] . '_' . $rsrow['config_option'] . '" value="' . $rsrow['config_value'] . '" />';
break;
case FIELD_TEXTAREA:
$rsrow['field'] = '<textarea class="input_ta" name="' . $rsrow['fk_module_code'] . '_' . $rsrow['config_option'] . '" id="' . $rsrow['fk_module_code'] . '_' . $rsrow['config_option'] . '" cols="" rows="">' . $rsrow['config_value'] . '</textarea>';
break;
case FIELD_SELECT:
$rsrow['field'] = '<select name="' . $rsrow['fk_module_code'] . '_' . $rsrow['config_option'] . '" id="' . $rsrow['fk_module_code'] . '_' . $rsrow['config_option'] . '">' . vector2options($rsrow['choices'], $rsrow['config_value']) . '</select>';
break;
case FIELD_FILE:
$rsrow['field'] = '<input class="text" type="file" name="' . $rsrow['fk_module_code'] . '_' . $rsrow['config_option'] . '" id="' . $rsrow['fk_module_code'] . '_' . $rsrow['config_option'] . '" /> <a class="remove_upl_file" href="processors/site_options_del_file.php?cid=' . $rsrow['config_id'] . '"><span>Remove</span></a> <p>' . $rsrow['config_value'] . '</p>';
break;
}
if (isset($rsrow['field'])) {
$site_options[$i]['options'][] = $rsrow;
}
}
//print_r($site_options);
$output['gmtime'] = gmdate('F d, Y, h:i:s A');
$tpl->set_file('content', 'site_options.html');
$tpl->set_loop('site_options', $site_options);
$tpl->set_var('module_code', $active_module_code);
$tpl->set_var('output', $output);
$tpl->process('content', 'content', TPL_MULTILOOP);
$tplvars['title'] = 'Site Options';
$tplvars['css'] = 'site_options.css';
$tplvars['page'] = 'site_options';
include 'frame.php';
require_once '../includes/admin_functions.inc.php';
require_once '../includes/tables/loc_countries.inc.php';
allow_dept(DEPT_ADMIN);
$tpl = new phemplate('skin/', 'remove_nonjs');
$countries = $countries_default['defaults'];
if (isset($_SESSION['topass']['input'])) {
$countries = $_SESSION['topass']['input'];
} elseif (!empty($_GET['country_id'])) {
$country_id = (int) $_GET['country_id'];
$query = "SELECT `country_id`,`country`,`iso3166`,`prefered_input` FROM `{$dbtable_prefix}loc_countries` WHERE `country_id`={$country_id}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
$countries = mysql_fetch_assoc($res);
$countries['country'] = sanitize_and_format($countries['country'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]);
}
}
$countries['prefered_input'] = vector2options($country_prefered_input, $countries['prefered_input']);
$tpl->set_file('content', 'loc_countries_addedit.html');
$tpl->set_var('countries', $countries);
if (isset($_GET['o'])) {
$tpl->set_var('o', $_GET['o']);
}
if (isset($_GET['r'])) {
$tpl->set_var('r', $_GET['r']);
}
$tpl->process('content', 'content');
$tplvars['title'] = 'Location Management: Countries';
$tplvars['page'] = 'loc_countries_addedit';
include 'frame.php';
* See the "docs/licenses/etano.txt" file for license. *
******************************************************************************/
require_once '../includes/common.inc.php';
require_once '../includes/admin_functions.inc.php';
require_once '../includes/tables/site_news.inc.php';
allow_dept(DEPT_ADMIN);
$tpl = new phemplate('skin/', 'remove_nonjs');
$output = $site_news_default['defaults'];
if (isset($_SESSION['topass']['input'])) {
$output = $_SESSION['topass']['input'];
} elseif (!empty($_GET['news_id'])) {
$news_id = (int) $_GET['news_id'];
$query = "SELECT * FROM `{$dbtable_prefix}site_news` WHERE `news_id`='{$news_id}'";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
$output = mysql_fetch_assoc($res);
$output['news_title'] = sanitize_and_format($output['news_title'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]);
$output['news_body'] = sanitize_and_format($output['news_body'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]);
}
}
$output['return2'] = sanitize_and_format_gpc($_GET, 'return', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], '');
$output['return'] = rawurlencode($output['return2']);
$tpl->set_file('content', 'site_news_addedit.html');
$tpl->set_var('output', $output);
$tpl->process('content', 'content');
$tplvars['title'] = 'Site News Management';
$tplvars['css'] = 'site_news_addedit.css';
$tplvars['page'] = 'site_news_addedit';
include 'frame.php';
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = 'Error reading the package';
}
} else {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = 'File is not a valid Etano package';
}
}
if (isset($p) && $p->error && !empty($p->manual_actions)) {
$tpl->set_file('content', 'package_install.html');
$tpl->set_loop('manual_actions', $p->manual_actions);
$output['f'] = $file;
$output['finish'] = $install_index;
$output['show_finish'] = $show_finish;
$tpl->set_var('output', $output);
$tpl->process('content', 'content', TPL_LOOP | TPL_OPTIONAL);
$tplvars['title'] = 'Package Manager';
$tplvars['page'] = 'package_install';
$tplvars['css'] = 'package_install.css';
include 'frame.php';
} elseif ($ui_request) {
$tpl->set_file('content', 'package_ui.html');
$tpl->set_var('output', $p->ui);
$tpl->process('content', 'content');
$tplvars['title'] = 'Package Manager';
$tplvars['page'] = 'package_install';
$tplvars['css'] = 'package_install.css';
include 'frame.php';
} else {
if (!$error) {
===============================================================================
File: admin/error_log_view.php
$Revision$
Software by: DateMill (http://www.datemill.com)
Copyright by: DateMill (http://www.datemill.com)
Support at: http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license. *
******************************************************************************/
require_once '../includes/common.inc.php';
require_once '../includes/admin_functions.inc.php';
allow_dept(DEPT_ADMIN);
$tpl = new phemplate('skin/', 'remove_nonjs');
if (!empty($_GET['log_id'])) {
$log_id = (int) $_GET['log_id'];
$query = "SELECT `error` FROM `{$dbtable_prefix}error_log` WHERE `log_id`={$log_id}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
$output = mysql_fetch_assoc($res);
}
}
if (empty($output['return'])) {
$output['return2'] = sanitize_and_format_gpc($_GET, 'return', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], '');
$output['return'] = rawurlencode($output['return2']);
}
$tpl->set_file('content', 'error_log_view.html');
$tpl->set_var('output', $output);
$tpl->set_var('tplvars', $tplvars);
print $tpl->process('content', 'content', TPL_FINISH);
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$output['m_name'] = mysql_result($res, 0, 0);
$output['paid_until'] = $GLOBALS['_lang'][123];
}
$my_stats = get_user_stats($_SESSION[_LICENSE_KEY_]['user']['user_id'], array('total_photos', 'pviews', 'num_friends'));
$query = "SELECT count(*) FROM `{$dbtable_prefix}user_inbox` WHERE `fk_user_id`='" . $_SESSION[_LICENSE_KEY_]['user']['user_id'] . "' AND `del`=0";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$my_stats['total_messages'] = mysql_result($res, 0, 0);
$query = "SELECT count(*) FROM `{$dbtable_prefix}user_inbox` WHERE `is_read`=0 AND `fk_user_id`='" . $_SESSION[_LICENSE_KEY_]['user']['user_id'] . "' AND `del`=0";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$my_stats['new_messages'] = mysql_result($res, 0, 0);
$tpl->set_file('content', 'home.html');
$tpl->set_var('output', $output);
$tpl->set_var('my_stats', $my_stats);
$tpl->process('content', 'content');
$tplvars['title'] = $GLOBALS['_lang'][124];
$tplvars['page_title'] = $GLOBALS['_lang'][124];
$tplvars['page'] = 'home';
$tplvars['css'] = 'home.css';
if (is_file('home_left.php')) {
include 'home_left.php';
}
unset($page_last_modified_time);
// we want everything fresh on this page.
include 'frame.php';
$Revision$
Software by: DateMill (http://www.datemill.com)
Copyright by: DateMill (http://www.datemill.com)
Support at: http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license. *
******************************************************************************/
require_once '../includes/common.inc.php';
require_once '../includes/admin_functions.inc.php';
allow_dept(DEPT_ADMIN | DEPT_MODERATOR);
$output['uid'] = sanitize_and_format_gpc($_GET, 'uid', TYPE_INT, 0, 0);
$output['return'] = sanitize_and_format_gpc($_GET, 'return', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], '');
$tpl = new phemplate('skin/', 'remove_nonjs');
if (isset($_GET['top'])) {
$content_file = 'user_login_top.html';
$tpl->set_var('user', $_SESSION[_LICENSE_KEY_]['user']);
} else {
$content_file = 'user_login.html';
if (strpos($output['return'], '?') === false) {
$qs_sep = '?';
} else {
$qs_sep = '&';
}
$output['return'] .= $qs_sep . 'clean_user_session=1';
$output['return'] = rawurlencode($output['return']);
$query = "SELECT a.`" . USER_ACCOUNT_ID . "` as `user_id`,b.`_user` as `user`,a.`status`,a.`membership`,UNIX_TIMESTAMP(a.`last_activity`) as `last_activity`,a.`email`,b.`status` as `pstat` FROM `" . USER_ACCOUNTS_TABLE . "` a LEFT JOIN `{$dbtable_prefix}user_profiles` b ON a.`" . USER_ACCOUNT_ID . "`=b.`fk_user_id` WHERE a.`" . USER_ACCOUNT_ID . "`=" . $output['uid'];
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
$user = mysql_fetch_assoc($res);
$Revision$
Software by: DateMill (http://www.datemill.com)
Copyright by: DateMill (http://www.datemill.com)
Support at: http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license. *
******************************************************************************/
require_once '../includes/common.inc.php';
require_once '../includes/admin_functions.inc.php';
allow_dept(DEPT_ADMIN);
$tpl = new phemplate('skin/', 'remove_nonjs');
$main = sanitize_and_format_gpc($_GET, 'main', TYPE_INT, 0, 0);
$photo_id = sanitize_and_format_gpc($_GET, 'photo_id', TYPE_INT, 0, 0);
$user_id = sanitize_and_format_gpc($_GET, 'uid', TYPE_INT, 0, 0);
$photo = array();
$query = '';
if (!empty($photo_id)) {
$query = "SELECT `photo_id`,`photo`,`fk_user_id`,`_user` as `user` FROM `{$dbtable_prefix}user_photos` WHERE `photo_id`={$photo_id}";
} elseif (!empty($main) && !empty($user_id)) {
$query = "SELECT `photo_id`,`photo`,`fk_user_id`,`_user` as `user` FROM `{$dbtable_prefix}user_photos` WHERE `fk_user_id`={$user_id} AND `is_main`=1";
}
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
$photo = mysql_fetch_assoc($res);
}
$tpl->set_file('content', 'popup_photo_view.html');
$tpl->set_var('photo', $photo);
$tpl->set_var('tplvars', $tplvars);
echo $tpl->process('', 'content', TPL_FINISH);
if ($o >= $totalrows) {
$o = $totalrows - $r;
$o = $o >= 0 ? $o : 0;
}
$query = "SELECT `city_id`,`city`,`latitude`,`longitude` FROM {$from} WHERE {$where} ORDER BY `city` ASC LIMIT {$o},{$r}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$i = 0;
while ($rsrow = mysql_fetch_assoc($res)) {
$rsrow['city'] = sanitize_and_format($rsrow['city'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
$rsrow['myclass'] = $i % 2 ? 'odd_item' : 'even_item';
$cities[] = $rsrow;
++$i;
}
$tpl->set_var('pager1', pager($totalrows, $o, $r));
$tpl->set_var('pager2', pager($totalrows, $o, $r));
}
}
$tpl->set_file('content', 'loc_cities.html');
$tpl->set_loop('cities', $cities);
$tpl->set_var('state_id', $state_id);
$tpl->set_var('state', $state);
$tpl->set_var('country_id', $country_id);
$tpl->set_var('country', $country);
$tpl->set_var('o', $o);
$tpl->set_var('r', $r);
$tpl->set_var('so', $so);
$tpl->set_var('sr', $sr);
$tpl->set_var('co', $co);
$tpl->set_var('cr', $cr);
<?php
/******************************************************************************
Etano
===============================================================================
File: admin/file_browser.php
$Revision$
Software by: DateMill (http://www.datemill.com)
Copyright by: DateMill (http://www.datemill.com)
Support at: http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license. *
******************************************************************************/
require_once '../includes/common.inc.php';
require_once '../includes/admin_functions.inc.php';
allow_dept(DEPT_ADMIN);
$tpl = new phemplate('skin/', 'remove_nonjs');
$path = str_replace('..', '', preg_replace('~[^a-zA-Z0-9\\._/-]~', '', sanitize_and_format_gpc($_GET, 'path', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], '')));
if (!empty($path)) {
$path = preg_replace("/^(\\.|\\/)+/", '', $path);
}
$tpl->set_file('content', 'file_browser.html');
$tpl->set_var('path', $path);
$tpl->process('content', 'content');
$tplvars['title'] = 'Browse your files';
$tplvars['css'] = 'file_browser.css';
$tplvars['page'] = 'file_browser';
include 'frame.php';
File: popup_save_search.php
$Revision$
Software by: DateMill (http://www.datemill.com)
Copyright by: DateMill (http://www.datemill.com)
Support at: http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license. *
******************************************************************************/
require 'includes/common.inc.php';
require _BASEPATH_ . '/includes/user_functions.inc.php';
check_login_member('save_searches');
$search = array();
if (isset($_SESSION['topass']['input'])) {
$search = $_SESSION['topass']['input'];
} elseif (!empty($_GET['search'])) {
$search['search'] = $_GET['search'];
}
$tpl = new phemplate(_BASEPATH_ . '/skins_site/' . get_my_skin() . '/', 'remove_nonjs');
$tpl->set_file('content', 'popup_save_search.html');
$tpl->set_var('tplvars', $tplvars);
$tpl->set_var('search', $search);
$message = isset($message) ? $message : (isset($topass['message']) ? $topass['message'] : (isset($_SESSION['topass']['message']) ? $_SESSION['topass']['message'] : array()));
if (!empty($message)) {
$message['type'] = !isset($message['type']) || $message['type'] == MESSAGE_ERROR ? 'message_error' : 'message_info';
if (is_array($message['text'])) {
$message['text'] = join('<br>', $message['text']);
}
$message['text'] = '<div id="message_wrapper" class="' . $message['type'] . '">' . $message['text'] . '</div>';
$tpl->set_var('message', $message['text']);
}
echo $tpl->process('', 'content', TPL_FINISH);
$zipcode['country'] = sanitize_and_format($zipcode['country'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
}
} elseif (!empty($_GET['city_id']) && !empty($_GET['state_id']) && !empty($_GET['country_id'])) {
$zipcode['fk_city_id'] = (int) $_GET['city_id'];
$zipcode['fk_state_id'] = (int) $_GET['state_id'];
$zipcode['fk_country_id'] = (int) $_GET['country_id'];
$query = "SELECT a.`city`,b.`state`,c.`country` FROM `{$dbtable_prefix}loc_cities` a,`{$dbtable_prefix}loc_states` b,`{$dbtable_prefix}loc_countries` c WHERE a.`city_id`=" . $zipcode['fk_city_id'] . " AND a.`fk_state_id`=b.`state_id` AND a.`fk_country_id`=c.`country_id`";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$zipcode['city'] = sanitize_and_format(mysql_result($res, 0, 0), TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
$zipcode['state'] = sanitize_and_format(mysql_result($res, 0, 1), TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
$zipcode['country'] = sanitize_and_format(mysql_result($res, 0, 2), TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
}
$tpl->set_file('content', 'loc_zipcodes_addedit.html');
$tpl->set_var('zipcode', $zipcode);
if (isset($_GET['o'])) {
$tpl->set_var('o', $_GET['o']);
}
if (isset($_GET['r'])) {
$tpl->set_var('r', $_GET['r']);
}
if (isset($_GET['cio'])) {
$tpl->set_var('cio', $_GET['cio']);
}
if (isset($_GET['cir'])) {
$tpl->set_var('cir', $_GET['cir']);
}
if (isset($_GET['so'])) {
$tpl->set_var('so', $_GET['so']);
}
} elseif (!empty($_GET['subscr_id'])) {
$subscr_id = (int) $_GET['subscr_id'];
$query = "SELECT * FROM `{$dbtable_prefix}subscriptions` WHERE `subscr_id`={$subscr_id}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
$subscriptions = mysql_fetch_assoc($res);
$subscriptions = sanitize_and_format($subscriptions, TYPE_STRING, $__field2format[TEXT_DB2EDIT]);
}
}
// we preffer to do this query here rather than dbtable2options to save one dbtable2options query.
$query = "SELECT `m_value`,`m_name` FROM `{$dbtable_prefix}memberships` WHERE `m_value`>1";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$memberships = array();
while ($rsrow = mysql_fetch_row($res)) {
$memberships[$rsrow[0]] = $rsrow[1];
}
$subscriptions['currency'] = vector2options($accepted_currencies, $subscriptions['currency']);
$subscriptions['m_value_to'] = vector2options($memberships, $subscriptions['m_value_to'], array(2));
$subscriptions['is_recurent'] = $subscriptions['is_recurent'] == 1 ? 'checked="checked"' : '';
$subscriptions['is_visible'] = $subscriptions['is_visible'] == 1 ? 'checked="checked"' : '';
$tpl->set_file('content', 'subscriptions_addedit.html');
$tpl->set_var('subscriptions', $subscriptions);
$tpl->process('content', 'content');
$tplvars['title'] = 'Subscriptions Management';
$tplvars['css'] = 'subscriptions_addedit.css';
$tplvars['page'] = 'subscriptions_addedit';
include 'frame.php';
$tpl = new phemplate('skin/', 'remove_nonjs');
$tpl->set_file('content', 'finish.html');
$output['notify'] = 'http://www.datemill.com/remote/install_notify.php?lk=' . md5(_LICENSE_KEY_) . '&v=' . _INTERNAL_VERSION_ . '&bu=' . rawurlencode(base64_encode(_BASEURL_));
if (!empty($_SESSION['install']['phpbin'])) {
$output['phpbin'] = $_SESSION['install']['phpbin'];
} else {
$output['nophpbin'] = true;
$output['phpbin'] = '/path/to/php';
}
$output['basepath'] = _BASEPATH_;
$output['baseurl'] = _BASEURL_;
$tplvars = array();
$tplvars['page_title'] = 'Etano Install Process';
$tplvars['css'] = 'finish.css';
$tplvars['page'] = 'finish';
$tpl->set_var('output', $output);
$tpl->set_var('tplvars', $tplvars);
$tpl->process('content', 'content', TPL_OPTIONAL);
$tpl->set_file('frame', 'frame.html');
$message = isset($message) ? $message : (isset($topass['message']) ? $topass['message'] : (isset($_SESSION['topass']['message']) ? $_SESSION['topass']['message'] : array()));
if (!empty($message)) {
$message['type'] = !isset($message['type']) || $message['type'] == MESSAGE_ERROR ? 'message_error' : 'message_info';
if (is_array($message['text'])) {
$message['text'] = join('<br>', $message['text']);
}
$tpl->set_var('message', $message);
}
$tpl->set_var('tplvars', $tplvars);
$fileop = new fileop();
$fileop->delete(_BASEPATH_ . '/install');
echo $tpl->process('frame', 'frame', TPL_FINISH | TPL_OPTIONAL | TPL_INCLUDE);
}
if ($rsrow['refunded'] != 0) {
$rsrow['refunded'] = '(<span class="alert">-$' . $rsrow['refunded'] . '</span>)';
} else {
unset($rsrow['refunded']);
}
if (!empty($rsrow['is_suspect'])) {
$rsrow['suspect_reason'] = sanitize_and_format($rsrow['suspect_reason'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
} else {
unset($rsrow['is_suspect']);
}
$loop[] = $rsrow;
}
$output['total'] = number_format($output['total'], 2);
}
//$loop=sanitize_and_format($loop,TYPE_STRING,$__field2format[TEXT_DB2DISPLAY]);
$output['return2me'] = 'user_payment_history.php';
if (!empty($_SERVER['QUERY_STRING'])) {
$output['return2me'] .= '?' . $_SERVER['QUERY_STRING'];
}
$output['return2me'] = rawurlencode($output['return2me']);
$tpl->set_file('content', 'user_payment_history.html');
$tpl->set_var('output', $output);
$tpl->set_loop('loop', $loop);
$message = isset($message) ? $message : (isset($topass['message']) ? $topass['message'] : (isset($_SESSION['topass']['message']) ? $_SESSION['topass']['message'] : array()));
if (!empty($message)) {
$tpl->set_var('message', $message['text']);
$tpl->set_var('message_class', $message['type'] == MESSAGE_ERROR ? 'message_error_small' : ($message['type'] == MESSAGE_INFO ? 'message_info_small' : 'message_info_small'));
}
echo $tpl->process('', 'content', TPL_FINISH | TPL_OPTIONAL | TPL_LOOP | TPL_OPTLOOP);
unset($_SESSION['topass']);
echo "<br>checkpoint[ini]: " . round(getmicrotime() - $pradedam, 2);
}
if (empty($lang) || $lang != 'lt' && $lang != 'en') {
$lang = $g_ini->read_var('site', 'Language');
}
$lang = clean_name($lang);
include_once $RELPATH . $LANGPATH . $lang . '.inc.php';
if (isset($GLOBALS['bench'])) {
echo "<br>checkpoint[lang]: " . round(getmicrotime() - $pradedam, 2);
}
$g_db = new avDb();
if (isset($GLOBALS['bench'])) {
echo "<br>checkpoint[db]: " . round(getmicrotime() - $pradedam, 2);
}
$g_sess = new avSession();
if (isset($GLOBALS['bench'])) {
echo "<br>checkpoint[session]: " . round(getmicrotime() - $pradedam, 2);
}
$g_tpl = new phemplate($RELPATH, 'keep');
$g_tpl->set_error_handler(&$g_error);
$g_tpl->set_var('RELPATH', $RELPATH);
//$g_tpl->set_var('G_PHP_SELF', $PHP_SELF);
$g_tpl->set_var('G_PHP_SELF', $_SERVER["PHP_SELF"]);
$g_tpl->set_var('lang', $g_lang);
$avms_version = '2.1';
$g_tpl->set_var('avms_version', $avms_version);
$g_tpl->set_var('users_online', $g_sess->users_online("registered"));
if (empty($g_user_id) || !$g_sess->userID) {
$g_user_id = false;
}
$g_usr = new avUser($g_user_id);
if (!empty($admin_accounts['change_pass'])) {
$admin_accounts['change_pass'] = '******';
}
} elseif (!empty($_GET['admin_id'])) {
$admin_id = (int) $_GET['admin_id'];
$query = "SELECT `admin_id`,`user`,`name`,`status`,`dept_id`,`email` FROM `{$dbtable_prefix}admin_accounts` WHERE `admin_id`={$admin_id}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($res)) {
$admin_accounts = mysql_fetch_assoc($res);
$admin_accounts['name'] = sanitize_and_format($admin_accounts['name'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]);
}
}
$admin_accounts['dept_id'] = vector2options($accepted_admin_depts, $admin_accounts['dept_id']);
$admin_accounts['status'] = vector2options($accepted_astats, $admin_accounts['status'], array(ASTAT_UNVERIFIED));
if (empty($admin_accounts['admin_id'])) {
$admin_accounts['change_pass'] = '******';
}
$tpl->set_file('content', 'admin_accounts_addedit.html');
$tpl->set_var('admin_accounts', $admin_accounts);
if (isset($_GET['o'])) {
$tpl->set_var('o', $_GET['o']);
}
if (isset($_GET['r'])) {
$tpl->set_var('r', $_GET['r']);
}
$tpl->process('content', 'content');
$tplvars['title'] = 'Admin Accounts';
$tplvars['page'] = 'admin_accounts_addedit';
include 'frame.php';
$totalrows = mysql_result($res, 0, 0);
$countries = array();
if (!empty($totalrows)) {
if ($o >= $totalrows) {
$o = $totalrows - $r;
$o = $o >= 0 ? $o : 0;
}
$query = "SELECT * FROM {$from} WHERE {$where} ORDER BY `country` ASC LIMIT {$o},{$r}";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$i = 0;
while ($rsrow = mysql_fetch_assoc($res)) {
$rsrow['country'] = sanitize_and_format($rsrow['country'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
$rsrow['prefered_input'] = $country_prefered_input[$rsrow['prefered_input']];
$rsrow['myclass'] = $i % 2 ? 'odd_item' : 'even_item';
$countries[] = $rsrow;
++$i;
}
$tpl->set_var('pager1', pager($totalrows, $o, $r));
$tpl->set_var('pager2', pager($totalrows, $o, $r));
}
$tpl->set_file('content', 'loc_countries.html');
$tpl->set_loop('countries', $countries);
$tpl->set_var('o', $o);
$tpl->set_var('r', $r);
$tpl->process('content', 'content', TPL_LOOP | TPL_NOLOOP);
$tpl->drop_loop('countries');
$tplvars['title'] = 'Location Management: Countries';
$tplvars['page'] = 'loc_countries';
include 'frame.php';
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'][] = 'FTP Host is wrong.';
}
} else {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'][] = 'Server configuration does not allow ftp connections.';
}
}
if (!$error) {
$input['fileop_mode'] = $_SESSION['install']['write'];
$input['license_key'] = strtoupper(gen_pass(22));
$input['license_key_md5'] = md5($input['license_key']);
$tpl = new phemplate('../skin/', 'remove_nonjs');
$tpl->set_file('content', 'defines.inc.php');
$tpl->set_var('input', $input);
$towrite = $tpl->process('content', 'content', TPL_FINISH);
define('_BASEPATH_', $input['basepath']);
define('_FILEOP_MODE_', $input['fileop_mode']);
define('_FTPHOST_', $input['ftphost']);
define('_FTPPATH_', $input['ftppath']);
define('_FTPUSER_', $input['ftpuser']);
define('_FTPPASS_', $input['ftppass']);
require_once '../../includes/classes/fileop.class.php';
$fileop = new fileop();
$fileop->delete($input['basepath'] . '/includes/defines.inc.php');
$fileop->file_put_contents($input['basepath'] . '/includes/defines.inc.php', $towrite);
$_SESSION['install']['input'] = $input;
} else {
$nextpage = 'install/step2.php';
// you must re-read all textareas from $_POST like this:
<?php
/******************************************************************************
Etano
===============================================================================
File: admin/index.php
$Revision$
Software by: DateMill (http://www.datemill.com)
Copyright by: DateMill (http://www.datemill.com)
Support at: http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license. *
******************************************************************************/
require_once '../includes/common.inc.php';
if (!isset($_SESSION[_LICENSE_KEY_]['admin']['admin_id'])) {
if (!empty($_SESSION['topass'])) {
$topass = $_SESSION['topass'];
$_SESSION['topass'] = array();
}
$message = isset($topass['message']) ? $topass['message'] : '';
$tpl = new phemplate('skin/', 'remove_nonjs');
$tpl->set_file('frame', 'index.html');
$tpl->set_var('title', 'Admin panel login');
$tpl->set_var('baseurl', _BASEURL_);
$tpl->set_var('message', $message);
$tpl->set_var('tplvars', $tplvars);
echo $tpl->process('', 'frame', TPL_FINISH);
} else {
redirect2page('admin/cpanel.php');
}
if (!isset($_SESSION[_LICENSE_KEY_]['admin']['prefs']['datetime_format']) || !isset($_SESSION[_LICENSE_KEY_]['admin']['prefs']['time_offset'])) {
if (!isset($_SESSION[_LICENSE_KEY_]['admin']['prefs'])) {
$_SESSION[_LICENSE_KEY_]['admin']['prefs'] = array();
}
$_SESSION[_LICENSE_KEY_]['admin']['prefs'] = array_merge($_SESSION[_LICENSE_KEY_]['admin']['prefs'], get_site_option(array('time_offset', 'datetime_format'), 'def_user_prefs'));
}
$query = "SELECT `log_id`,`fk_user_id`,`user`,`level_code`,`ip`,UNIX_TIMESTAMP(`time`) as `time` FROM `{$dbtable_prefix}site_log` ORDER BY `log_id` DESC limit 10";
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
$loop = array();
$last_id = 0;
while ($rsrow = mysql_fetch_assoc($res)) {
if (!empty($rsrow['fk_user_id'])) {
$rsrow['user'] = '******' . $rsrow['fk_user_id'] . '">' . $rsrow['user'] . '</a>';
}
if (empty($last_id)) {
$last_id = $rsrow['log_id'];
}
$rsrow['ip'] = long2ip($rsrow['ip']);
$rsrow['time'] = strftime($_SESSION[_LICENSE_KEY_]['admin']['prefs']['datetime_format'], $rsrow['time'] + $_SESSION[_LICENSE_KEY_]['admin']['prefs']['time_offset']);
$loop[] = $rsrow;
}
$tpl->set_file('content', 'live_action.html');
$tpl->set_loop('loop', $loop);
$tpl->set_var('last_id', $last_id);
$tpl->process('content', 'content', TPL_LOOP);
$tplvars['title'] = 'Live Site Activity';
$tplvars['css'] = 'live_action.css';
$tplvars['page'] = 'live_action';
include 'frame.php';
/******************************************************************************
Etano
===============================================================================
File: index.php
$Revision$
Software by: DateMill (http://www.datemill.com)
Copyright by: DateMill (http://www.datemill.com)
Support at: http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license. *
******************************************************************************/
//define('CACHE_LIMITER','private');
require 'includes/common.inc.php';
require _BASEPATH_ . '/includes/user_functions.inc.php';
check_login_member('all');
$tpl = new phemplate(_BASEPATH_ . '/skins_site/' . get_my_skin() . '/', 'remove_nonjs');
$tpl->set_file('content', 'index.html');
sort($basic_search_fields, SORT_NUMERIC);
$search_loop = create_search_form($basic_search_fields);
$tplvars['title'] = $tplvars['sitename'];
$tpl->set_loop('search', $search_loop);
$tpl->set_var('tplvars', $tplvars);
$tpl->process('content', 'content', TPL_OPTIONAL | TPL_LOOP);
if (!empty($GLOBALS['page_last_modified_time'])) {
// header('Expires: '. gmdate('D,d M Y H:i:s',time()+1209600).' GMT',true); // +14 days
// header('Expires: -1',true);
header('Cache-Control: private, max-age=0', true);
header('Last-Modified: ' . date('D,d M Y H:i:s', $GLOBALS['page_last_modified_time']) . ' GMT', true);
}
echo $tpl->process('content', 'content', TPL_FINISH | TPL_INCLUDE);
if (!empty($input['send_email'])) {
if (empty($input['reason_title'])) {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = 'Please enter the subject.';
}
if (empty($input['reject_reason'])) {
$error = true;
$topass['message']['type'] = MESSAGE_ERROR;
$topass['message']['text'] = 'Please enter the reason.';
}
}
if (!$error) {
$tpl = new phemplate(_BASEPATH_ . '/skins_site/' . $def_skin . '/', 'remove_nonjs');
$tpl->set_file('temp', 'emails/general.html');
$tpl->set_var('output.content', $input['reject_reason']);
$tpl->set_var('tplvars', $tplvars);
$input['reject_reason'] = $tpl->process('temp', 'temp', TPL_FINISH | TPL_OPTIONAL | TPL_INCLUDE);
$tpl->drop_var('temp');
$tpl->drop_var('output.content');
$reject_reason_email = $input['reject_reason'];
// for email
$input['reject_reason'] = sanitize_and_format($input['reject_reason'], TYPE_STRING, $__field2format[FIELD_TEXTAREA]);
switch ($input['t']) {
case AMTPL_REJECT_MEMBER:
$query = "UPDATE `{$dbtable_prefix}user_profiles` SET `status`=" . STAT_EDIT . ",`last_changed`='" . gmdate('YmdHis') . "',`reject_reason`='" . $input['reject_reason'] . "' WHERE `fk_user_id`=" . $input['id'];
if (!($res = @mysql_query($query))) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (!empty($input['send_email'])) {
$query = "SELECT `email` FROM `" . USER_ACCOUNTS_TABLE . "` WHERE `" . USER_ACCOUNT_ID . "`=" . $input['id'];
}
$output['ips'] = join(', ', $output['ips']);
}
$output['pic_width'] = get_site_option('pic_width', 'core_photo');
if (empty($output['search_md5'])) {
unset($output['search_md5']);
}
if (isset($_GET['o'])) {
$output['o'] = $_GET['o'];
}
if (isset($_GET['r'])) {
$output['r'] = $_GET['r'];
}
$output['return2me'] = 'profile.php';
if (!empty($_SERVER['QUERY_STRING'])) {
$output['return2me'] .= '?' . $_SERVER['QUERY_STRING'];
}
$output['return2me'] = rawurlencode($output['return2me']);
if (isset($_GET['return'])) {
$output['return2'] = sanitize_and_format($_GET['return'], TYPE_STRING, $__field2format[FIELD_TEXTFIELD]);
}
$tpl->set_file('content', 'profile.html');
$tpl->set_loop('categs', $categs);
$tpl->set_var('output', $output);
$tpl->set_var('account', $account);
$tpl->process('content', 'content', TPL_MULTILOOP | TPL_OPTIONAL);
$tpl->drop_loop('categs');
$tplvars['title'] = sprintf('%1$s Member Profile', $output['_user']);
$tplvars['css'] = 'profile.css';
$tplvars['page'] = 'profile';
include 'frame.php';
}
$output['fid'] = FOLDER_INBOX;
if (!empty($_GET['fid']) && isset($my_folders[$_GET['fid']])) {
$output['fid'] = (int) $_GET['fid'];
}
$moveto_folders = $my_folders;
unset($moveto_folders[FOLDER_SPAMBOX]);
unset($moveto_folders[FOLDER_OUTBOX]);
unset($moveto_folders[$output['fid']]);
$output['moveto_folders'] = vector2options($moveto_folders);
$my_folders = sanitize_and_format($my_folders, TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
$mailbox_table = 'inbox';
$where = "a.`fk_user_id`='" . $_SESSION[_LICENSE_KEY_]['user']['user_id'] . "' AND a.`mail_id`=" . $output['mail_id'];
switch ($output['fid']) {
case FOLDER_INBOX:
$tpl->set_var('spam_controls', true);
break;
case FOLDER_TRASH:
break;
case FOLDER_OUTBOX:
$mailbox_table = 'outbox';
$tpl->set_var('is_outbox', true);
break;
case FOLDER_SPAMBOX:
$mailbox_table = 'spambox';
break;
default:
$tpl->set_var('spam_controls', true);
break;
}
$query = "SELECT a.*,UNIX_TIMESTAMP(a.`date_sent`) as `date_sent`,b.`fk_user_id` as `other_id`,b.`_photo` as `photo` FROM `{$dbtable_prefix}user_{$mailbox_table}` a LEFT JOIN `{$dbtable_prefix}user_profiles` b ON a.`fk_user_id_other`=b.`fk_user_id` WHERE {$where} LIMIT 1";
$tpl->set_file('no_access', 'static/pcat_no_access.html');
$j = 0;
foreach ($_pcats as $pcat_id => $pcat) {
if ((int) $pcat['access_level'] & (int) $_SESSION[_LICENSE_KEY_]['user']['membership']) {
$temp = $user_cache->get_categ($output['uid'], $pcat_id);
if (!empty($temp)) {
$categs[$j]['content'] = $temp;
// if you prefer a custom layout use {profile.categ_1},{profile.categ_2},etc in <skin>/profile.html,
// uncomment the line below, remove $tpl->set_loop,
// $output['categ_'.$pcat_id]=$temp;
++$j;
}
} else {
// not allowed to view this member info
// maybe we should say something here like "upgrade your membership to view this info"...
$tpl->set_var('temp', $pcat);
$temp = $tpl->process('', 'no_access');
$categs[$j]['content'] = $temp;
++$j;
}
}
$categs[count($categs) - 1]['class'] = 'last';
// get some friends
$loop_friends = get_network_members($output['uid'], NET_FRIENDS, 4);
if (!empty($loop_friends)) {
$loop_friends = $user_cache->get_cache_tpl($loop_friends, 'result_user');
}
unset($user_cache);
// comments
$loop_comments = create_comments_loop('user', $output['uid'], $output);
$output['pic_width'] = get_site_option('pic_width', 'core_photo');
<?php
include 'tplutil.inc';
include 'phemplate.class.php';
$tpl = new phemplate('slides/pragmatic/');
$tpl->set_var('TITLE', 'My Title');
$tpl->set_var('USER', get_user());
$tpl->set_loop('OPTIONS', get_users(true));
$tpl->set_file('main', 'phemplate.tpl');
echo $tpl->process('out', 'main', 1);
Etano
===============================================================================
File: admin/site_skins_addedit.php
$Revision$
Software by: DateMill (http://www.datemill.com)
Copyright by: DateMill (http://www.datemill.com)
Support at: http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license. *
******************************************************************************/
require_once '../includes/common.inc.php';
require_once '../includes/admin_functions.inc.php';
require_once '../includes/tables/site_skins.inc.php';
allow_dept(DEPT_ADMIN);
$tpl = new phemplate('skin/', 'remove_nonjs');
$site_skins = $site_skins_default['defaults'];
if (isset($_SESSION['topass']['input'])) {
$site_skins = $_SESSION['topass']['input'];
} elseif (!empty($_GET['module_code'])) {
$module_code = sanitize_and_format($_GET['module_code'], TYPE_STRING, $__field2format[FIELD_TEXTFIELD]);
$site_skins = get_site_option(array(), $module_code);
$site_skins = sanitize_and_format($site_skins, TYPE_STRING, $__field2format[TEXT_DB2EDIT]);
$site_skins['fk_module_code'] = $module_code;
}
$site_skins['fk_locale_id'] = dbtable2options("`{$dbtable_prefix}locales`", '`locale_id`', '`locale_name`', '`locale_name`', $site_skins['fk_locale_id']);
$tpl->set_file('content', 'site_skins_addedit.html');
$tpl->set_var('site_skins', $site_skins);
$tpl->process('content', 'content');
$tplvars['title'] = 'Site Skins';
$tplvars['page'] = 'site_skins_addedit';
include 'frame.php';
}
}
$subscriptions_auto['fk_subscr_id'] = dbtable2options("`{$dbtable_prefix}subscriptions`", '`subscr_id`', '`subscr_name`', '`subscr_id`', $subscriptions_auto['fk_subscr_id']);
if (empty($subscriptions_auto['dbfield'])) {
$subscriptions_auto['to_members_1'] = 'checked="checked"';
} else {
$subscriptions_auto['to_members_2'] = 'checked="checked"';
}
$dbfields = array();
foreach ($_pfields as $pfield_id => $pfield) {
if (get_class($pfield) == 'field_select') {
$dbfields[$pfield['dbfield']] = $pfield->config['label'] . ' (' . $pfield->config['dbfield'] . ')';
}
}
if (!empty($subscriptions_auto['dbfield'])) {
$accepted_values = array();
foreach ($_pfields as $pfield_id => $pfield) {
if ($pfield->config['dbfield'] == $subscriptions_auto['dbfield']) {
$accepted_values = $pfield->config['accepted_values'];
}
}
$subscriptions_auto['field_value'] = vector2options($accepted_values, $subscriptions_auto['field_value']);
}
$subscriptions_auto['dbfield'] = vector2options($dbfields, $subscriptions_auto['dbfield']);
$tpl->set_file('content', 'subscriptions_auto_addedit.html');
$tpl->set_var('subscriptions_auto', $subscriptions_auto);
$tpl->process('content', 'content');
$tplvars['title'] = 'Auto Subscriptions Management';
$tplvars['css'] = 'subscriptions_auto_addedit.css';
$tplvars['page'] = 'subscriptions_auto_addedit';
include 'frame.php';
