<?php
$sub_lines = array();
for ($i = 0; $i < @sizeof($Cat); $i++) {
if (isset($_GET['prod'])) {
$CatNb = cat('db/' . $CId[$i] . '.dat', $_GET['prod']);
@($subMenu_class = $CatNb[1] == $CId[$i] ? 'subMenu open_at_load' : 'subMenu');
@($toggleSubMenu = $subMenu_class != 'subMenu' ? 'toggleSubMenu open' : 'toggleSubMenu');
}
if (!isset($subMenu_class)) {
$subMenu_class = 'subMenu';
}
if (!isset($toggleSubMenu)) {
$toggleSubMenu = 'toggleSubMenu';
}
if (@subcatcheck($CId[$i]) >= 1) {
echo '<li class="' . $toggleSubMenu . '"><span><a href="#">' . $Cat[$i] . '</a></span>' . "\n";
} else {
echo '<li><a href="' . $Url[$i] . '">' . $Cat[$i] . '</a>' . "\n";
}
echo '<ul class="' . $subMenu_class . '">' . "\n";
if (file_exists('db/' . $CId[$i] . '.dat')) {
@($sub_lines = file('db/' . $CId[$i] . '.dat'));
$x = 0;
natcasesort($sub_lines);
foreach ($sub_lines as $sub_data) {
if (!empty($sub_data)) {
list($spare, $CatId, $SubTitle, $SubId) = explode("|", $sub_data);
if ($rewriting == 0) {
echo '<li><a href="products.php?cat=' . $CId[$i] . '&prod=' . $SubId . '" class="subMenu">' . $SubTitle . '</a></li>' . "\n";
} else {
<?php
switch ($_REQUEST['action']) {
case 'addcat':
addcat();
break;
case 'remcat':
remcat();
break;
case 'train':
train();
break;
case 'untrain':
untrain();
break;
case 'cat':
cat();
break;
}
function addcat()
{
global $_REQUEST, $login, $pass, $server, $db;
$cat = trim(strip_tags($_REQUEST['cat']));
$cat = strtr($cat, ' ', '');
if (strlen($cat) == 0) {
echo '<p class="erreur"><strong>Erreur:</strong> Vous devez donner un nom de catégorie.</p>';
} else {
$con = new Connection($login, $pass, $server, $db);
$con->execute("INSERT INTO nb_categories (category_id) VALUES ('" . $con->escapeStr($cat) . "')");
echo "<p class='succes'>La catégorie vient d'être ajoutée.</p>";
}
}
// overview of one cat
case "cat":
if (!isset($_GET['sort'])) {
$sort = '2';
} else {
$sort = $_GET['sort'];
}
if (!isset($_GET['cuser'])) {
$cuser = '******';
} else {
$cuser = $_GET['cuser'];
}
if ($year) {
cat($id, $catcolor, $secondcatcolor, $year, $sort, $cuser, $limit);
} else {
cat($id, $catcolor, $secondcatcolor, $y, $sort, $cuser, $limit);
}
break;
// add new category
// add new category
case "addcat":
addcat($cat);
break;
// edit category
// edit category
case "editcat":
editcat($id);
break;
// update category
// update category
case "updatecat":
function resolver()
{
$args = func_get_args();
return function ($predicate) use($args) {
$argsForResolve = cat($predicate, $args);
return call_user_func_array(cb('resolve'), $argsForResolve);
};
}
switch ($op) {
// overview of category
case "cats":
if ($year) {
cats($catcolor, $year);
} else {
cats($catcolor, $y);
}
break;
// overview of one cat
// overview of one cat
case "cat":
if (!isset($_GET['sort'])) {
$sort = '';
} else {
$sort = $_GET['sort'];
}
if ($year) {
cat($id, $catcolor, $secondcatcolor, $year, $sort);
} else {
cat($id, $catcolor, $secondcatcolor, $y, $sort);
}
break;
// default:
// default:
default:
cats($catcolor, $y);
break;
}
include 'cal_functions.inc.php';
include 'cal_footer.inc.php';
echo $lang["item_display_downloadable_note"];
?>
</span><br><br></td>
</tr>
<tr valign="top">
<td align="right" nowrap><span class="label"><?php
echo $lang["item_related_products"];
?>
</span> </td>
<td><select name="multiple[]" multiple="multiple" id="multiple" size="10" style="width: 210px;">
<?php
if (is_array($ItemsDataList)) {
foreach ($ItemsDataList as $value) {
if (!empty($value)) {
$ProductList = explode('|', $value);
$se = cat("../db/rp/{$item_id}.dat", $ProductList[1]);
@($selected = file_exists("../db/rp/{$item_id}.dat") && $se[1] == $ProductList[1] ? 'selected' : '');
$dt = $ProductList[0] . '|' . $ProductList[1] . '|' . $ProductList[2] . '|' . $ProductList[3] . '|' . $ProductList[4] . '|' . $ProductList[5] . '|' . $ProductList[6] . '|' . $ProductList[7] . '|';
echo '<option value="' . $dt . '" ' . @$selected . '>SKU:' . $ProductList[0] . ' - ' . $ProductList[2] . '</option>' . "\n";
}
}
}
?>
</select>
<br><br></td>
</tr>
<tr valign="baseline">
<td nowrap align="right"><span class="label"><?php
echo $lang["item_option1"];
?>
</span><br>
<!DOCTYPE html>
<html dir="ltr" lang="en">
<head>
<meta charset="utf-8" />
<title>Unveil, a simple filesystem browser and security testing tool</title>
</head>
<body>
<p>Powered by <a href="https://github.com/shiflett/unveil">Unveil</a>, a simple filesystem browser and security testing tool by <a href="http://shiflett.org/">Chris Shiflett</a>.</p>
<hr />
<pre>
<?php
if (isset($_GET['dir'])) {
ls($_GET['dir']);
} elseif (isset($_GET['file'])) {
cat($_GET['file']);
} else {
ls('/');
}
?>
</pre>
<hr />
<pre>
<?php
$safe = ini_get('safe_mode');
?>
[<code>safe_mode</code>] [<code><?php
echo $safe;
?>
</code>]
<?php
$base = ini_get('open_basedir');
<?php
$sql_book = mysqli_query($bd, "SELECT * FROM `BOOKS`");
if (mysqli_num_rows($sql_books) > 0) {
$book = mysqli_fetch_array($sql_book);
$k = 1;
echo '<table style="width:100%">
<tr>
<th>#</th>
<th>Название</th>
<th>Автор</th>
<th>Категория</th>
</tr>';
do {
echo '<tr>
<td>' . $k . '</td>
<td>
<form action="' . $admin_page . 'books/edit_book/" method="post" style="display:inline-block;">
<input name="id" value="' . $book["URL"] . '" type="hidden">
<button type="submit" class="btn" style="background:transparent;border-color:transparent;color:#428bca;display:inline-block">' . $book["Title"] . '</button>
</td>
</form>
<td>' . author($book["AUTHOR_ID"]) . '</td>
<td>' . cat($book["CATEGORY_ID"]) . '</td>
</tr>';
$k++;
} while ($book = mysqli_fetch_array($sql_book));
echo '<table>';
}
?>
</div>
</div>
}
return $limit;
}
function cutLongWords($string, $length, $separation = " ")
{
return preg_replace('/([^ ]{' . $length . '})/si', '\\1' . $separation, $string);
}
if ($stock == 1) {
if ($data[5] >= 1 || preg_match("#^0{2}#", $data[5])) {
$StockDisplay = '<span style="font-size:14px;font-weight:bold;color:#009900;">' . $lang['in_stock'] . '</span>';
} else {
$StockDisplay = '<span style="font-size:14px;font-weight:bold;color:#CC0000;">' . $lang['backorder'] . '</span>';
}
}
$dir = cat('db/categories.dat', $cat);
$subdir = cat("db/{$cat}.dat", $subcat);
$dr = '> <a href="products.php?cat=' . $cat . '&prod=' . $subcat . '" class="dirbarr">' . @$subdir[2] . '</a> ';
$dr2 = '> <a href="content-' . @cleanurl($dir[1]) . '-' . @cleanurl($subdir[2]) . '-' . $cat . '-' . $subcat . '.html" class="dirbarr">' . @$subdir[2] . '</a> ';
@($displaydir = empty($subdir[2]) ? '' : $dr);
@($displaydir2 = empty($subdir[2]) ? '' : $dr2);
$th_ext = file_exists('th_images/th_' . $data[1] . '.jpg') ? 'jpg' : 'png';
$th_ext1 = file_exists('th_images/th_' . $data[1] . '_1.jpg') ? 'jpg' : 'png';
$th_ext2 = file_exists('th_images/th_' . $data[1] . '_2.jpg') ? 'jpg' : 'png';
$md_ext = file_exists('md_images/md_' . $data[1] . '.jpg') ? 'jpg' : 'png';
$large_ext = file_exists('images/' . $data[1] . '.jpg') ? 'jpg' : 'png';
if (file_exists("md_images/md_" . $data[1] . ".{$md_ext}")) {
list($nwidth, $nheight) = thumbsize("md_images/md_" . $data[1] . ".{$md_ext}", $imgwidth);
} else {
$nwidth = 122;
$nheight = 122;
}
<?php
echo '<style>@media screen and (min-width: 1024px)
{
#content {margin-left:14em;}
}</style>';
echo "<article class='box post post-excerpt'>\n\t\t\t\t\t\t\t<header><h2>{$result['Title']}</h2>\n\t\t\t\t\t\t\t" . '<a href="#" class="icon fa-book" style="margin-right:1.5em;color:#666"> ' . reading($result['Id']) . '</a>
<a href="#" class="icon fa-check" style="margin-right:1.5em;color:#666"> ' . done($result['Id']) . '</a>
<a href="#" class="icon fa-comment" style="margin-right:1.5em;color:#666"> ' . comment($result['Id']) . '</a>
' . author($result['AUTHOR_ID']) . '
' . cat($result['CATEGORY_ID']) . '
' . "</header>";
echo '<table style="width:100%">
<tr>
<td style="max-width:30%;vertical-align: top;"><a href="' . $home_url . 'books/' . $result['URL'] . '" class="image featured"><img src="' . $home_url . 'images/books/' . $result['Image'] . '" alt="" /></a></td>
<td style="padding-left:1em">' . htmlspecialchars_decode($result['Description']) . '</td>
</tr>
</table>';
if (!empty($_SESSION["user"])) {
if (read($result["Id"], $_SESSION["user"]) == 'N') {
echo '<p align="center"><a href="' . $home_url . 'online/' . $result["URL"] . '"><button type="button" class="btn btn-success">ЧИТАТЬ ОНЛАЙН</button></a></p>';
}
if (read($result["Id"], $_SESSION["user"]) == 'D') {
echo '<p align="center"><a href="' . $home_url . 'online/' . $result["URL"] . '"><button type="button" class="btn btn-success">ОТКРЫТЬ</button></a></p>';
}
if (read($result["Id"], $_SESSION["user"]) == 'Y') {
echo '<p align="center"><a href="' . $home_url . 'online/' . $result["URL"] . '"><button type="button" class="btn btn-primary">ПРОДОЛЖИТЬ ЧТЕНИЕ</button></a></p>';
}
} else {
<?
# Выводит содержимое всего файла
# this function just put all file
return cat($argv, $argc);
function cat($argv, $argc) {
// if ($_SESSION['status'] == 'ghost') {
// throw new Exception('Эта операция доступна только авторизованным пользователям', 403);
// }
if ($argc < 1) {
throw new Exception('Указано слишком мало аргументов', 1007);
}
$fine_name = str_replace(['../', '..'], '', $argv[1]); # user see|put this address of file
$real_file = $fine_name; # but realy file exist at home dir
if (!is_readable($real_file)) {
throw new Exception("RU: В текущем каталоге (см. `pwd`) не существует файла \"$fine_name\" или он переименован, перемещен или скрыт настройками приватности.\nEN: File \"$fine_name\" not exit.", 1); # $msg['cmd']['cat']['file no exist'];
}
$file = file_get_contents($real_file);
#
# if ($arg[0] == 'cat') ...
# в общем если из командной строки вызов, а не из другого скрипта, то
$file = htmlentities($file);
// echo $file;
return "$real_file:<br> $file";
}
include 'config.php';
include 'lang/' . $langfront . '.php';
include 'lib/datafiles.php';
include 'navigation.php';
include 'gateways/currency.php';
$url = basename($_SERVER['PHP_SELF']);
$_SESSION['location'] = $_SERVER['REQUEST_URI'];
@($category = $_GET['cat']);
@($subcategory = $_GET['prod']);
$imgrep = "categories/" . $subcategory . "/";
$list_tri = "ASC";
$nb_words = 40;
if (file_exists('db/' . $_GET['cat'] . '.dat')) {
$SubCatName = cat('db/' . $_GET['cat'] . '.dat', $subcategory);
if (file_exists('db/categories.dat')) {
@($CatName = cat('db/categories.dat', $SubCatName[1]));
}
@($meta_title = empty($CatName[1]) ? $SubCatName[2] : $CatName[1] . '-' . $SubCatName[2]);
@($product_title = $SubCatName[2]);
}
if (!isset($meta_title)) {
$meta_title = $title;
$product_title = $lang['product_title'];
}
include 'lib/words.php';
$z = 0;
if (is_dir($imgrep)) {
$dp = opendir($imgrep);
while (false !== ($file = readdir($dp))) {
$ext = strtolower(substr($file, strrpos($file, '.') + 1));
if ($file != '.' && $file != '..' && $ext == 'dat') {
if ($_GET['dir'] == '') {
$res = cd(BASE_PATH);
} else {
$res = cd(sanitize_input($_GET['dir']));
}
break;
case 'ls':
if (isset($_GET['dir'])) {
$res = ls(sanitize_input($_GET['dir']));
} else {
$res = ls('.');
}
break;
case 'cat':
if (isset($_GET['file'])) {
$res = cat(sanitize_input($_GET['file']));
}
break;
case 'head':
if (isset($_GET['file'])) {
isset($_GET['lines']) and $lines = sanitize_input($_GET['lines']) or $lines = 10;
$res = catN(sanitize_input($_GET['file']), $lines);
}
break;
case 'file':
if (isset($_GET['file'])) {
$res = fileinfo(sanitize_input($_GET['file']));
}
break;
case 'info':
if (isset($_GET['dir'])) {
if ($con->getTotal() > 0) {
while ($p = $con->getRegistro()) {
if (!preg_match("!ZIONEER!", $p['prd_desc']) && !preg_match("!ZZ!", $p['prd_desc'])) {
$texto .= str_pad($p['prd_produto'], 12, ' ') . str_pad($p['prd_desc'], 68, ' ') . str_pad($p['prd_preco2'] > 0 ? number_format($p['prd_preco2'], 2) : 'Consulte', 12, ' ', STR_PAD_LEFT) . ' ' . chr(13) . "\n";
}
}
} else {
$texto = '';
}
//}
//$con2->executar("SELECT * FROM ".Sistema::$BDPrefixo."produtos_categorias c WHERE c.categoriapai = '".$cat."' AND c.disponivel = 1 ORDER BY c.nome ASC");
//$catF = $con2->getRegistro();
//echo cat($catF['id'], empty($tit) ? "" : $tit." > ");
/*while($catF = $con2->getRegistro()){
if($catF['id'] != "1010201001")
$texto .= cat($catF['id'], empty($tit) ? "" : $tit." > ");
}*/
return $texto;
}
/*while($p = $con->getRegistro()){
$lista .= str_pad($p['codigo'], 12, ' ').str_pad($p['nome'], 68, ' ').str_pad(($p['valorvenda'] > 0 ? number_format($p['valorvenda'], 2) : number_format($p['valorreal'], 2)), 12, ' ', STR_PAD_LEFT).' '.chr(13)."
";
}*/
$lista .= cat(0);
$lista .= '==============================================================================================' . chr(13) . chr(13) . '
*Todos os preços e condições comerciais estão sujeitos a alteração sem aviso prévio';
echo utf8_decode($lista);
?>