include $pl;
}
/* ===== */
$ruser['user_name'] = cot_import('rusername', 'P', 'TXT', 100, TRUE);
$ruser['user_email'] = cot_import('ruseremail', 'P', 'TXT', 64, TRUE);
$rpassword1 = cot_import('rpassword1', 'P', 'HTM', 32);
$rpassword2 = cot_import('rpassword2', 'P', 'HTM', 32);
$ruser['user_country'] = cot_import('rcountry', 'P', 'TXT');
$ruser['user_timezone'] = cot_import('rusertimezone', 'P', 'TXT');
$ruser['user_timezone'] = !$ruser['user_timezone'] ? $cfg['defaulttimezone'] : $ruser['user_timezone'];
$ruser['user_gender'] = cot_import('rusergender', 'P', 'TXT');
$ruser['user_email'] = mb_strtolower($ruser['user_email']);
// Extra fields
if (!empty(cot::$extrafields[cot::$db->users])) {
foreach (cot::$extrafields[cot::$db->users] as $exfld) {
$ruser['user_' . $exfld['field_name']] = cot_import_extrafields('ruser' . $exfld['field_name'], $exfld, 'P', '', 'user_');
}
}
$ruser['user_birthdate'] = cot_import_date('ruserbirthdate', false);
if (!is_null($ruser['user_birthdate']) && $ruser['user_birthdate'] > cot::$sys['now']) {
cot_error('pro_invalidbirthdate', 'ruserbirthdate');
}
$user_exists = (bool) cot::$db->query("SELECT user_id FROM " . cot::$db->users . " WHERE user_name = ? LIMIT 1", array($ruser['user_name']))->fetch();
$email_exists = (bool) cot::$db->query("SELECT user_id FROM " . cot::$db->users . " WHERE user_email = ? LIMIT 1", array($ruser['user_email']))->fetch();
if (preg_match('/&#\\d+;/', $ruser['user_name']) || preg_match('/[<>#\'"\\/]/', $ruser['user_name'])) {
cot_error('aut_invalidloginchars', 'rusername');
}
if (mb_strlen($ruser['user_name']) < 2) {
cot_error('aut_usernametooshort', 'rusername');
}
if (mb_strlen($rpassword1) < 4) {
} else {
cot_error('adm_structure_somenotupdated');
}
cot_redirect(cot_url('admin', 'm=structure&n=' . $n . '&mode=' . $mode . '&d=' . $durl, '', true));
} elseif ($a == 'add' && !empty($_POST)) {
$rstructure['structure_code'] = preg_replace('#[^\\w\\p{L}\\-]#u', '', cot_import('rstructurecode', 'P', 'TXT'));
$rstructure['structure_path'] = cot_import('rstructurepath', 'P', 'TXT');
$rstructure['structure_title'] = cot_import('rstructuretitle', 'P', 'TXT');
$rstructure['structure_desc'] = cot_import('rstructuredesc', 'P', 'TXT');
$rstructure['structure_icon'] = cot_import('rstructureicon', 'P', 'TXT');
$rstructure['structure_locked'] = cot_import('rstructurelocked', 'P', 'BOL') ? 1 : 0;
$rstructure['structure_area'] = $n;
$rtplmode = cot_import('rtplmode', 'P', 'INT');
$rtplquick = cot_import('rtplquick', 'P', 'TXT');
foreach ($cot_extrafields[$db_structure] as $exfld) {
$rstructure['structure_' . $exfld['field_name']] = cot_import_extrafields('rstructure' . $exfld['field_name'], $exfld);
}
$rstructure['structure_code'] != 'all' || cot_error('adm_structure_code_reserved', 'rstructurecode');
$rstructure['structure_code'] || cot_error('adm_structure_code_required', 'rstructurecode');
$rstructure['structure_path'] || cot_error('adm_structure_path_required', 'rstructurepath');
$rstructure['structure_title'] || cot_error('adm_structure_title_required', 'rstructuretitle');
if (!empty($rtplquick)) {
$rstructure['structure_tpl'] = $rtplquick;
} elseif ($rtplmode == 3) {
$rstructure['structure_tpl'] = cot_import('rtplforced', 'P', 'TXT');
} elseif ($rtplmode == 2) {
$rstructure['structure_tpl'] = 'same_as_parent';
} else {
$rstructure['structure_tpl'] = '';
}
/* === Hook === */
/**
* Imports product data from request parameters.
* @param string $source Source request method for parameters
* @param array $ritem Existing product data from database
* @param array $auth Permissions array
* @return array Product data
*/
function cot_market_import($source = 'POST', $ritem = array(), $auth = array())
{
global $cfg, $db_market, $cot_extrafields, $usr, $sys;
if (count($auth) == 0) {
$auth = cot_page_auth($ritem['item_cat']);
}
if ($source == 'D' || $source == 'DIRECT') {
// A trick so we don't have to affect every line below
global $_PATCH;
$_PATCH = $ritem;
$source = 'PATCH';
}
$ritem['item_cat'] = cot_import('rcat', $source, 'TXT');
$ritem['item_title'] = cot_import('rtitle', $source, 'TXT');
$ritem['item_alias'] = cot_import('ralias', $source, 'TXT');
$ritem['item_text'] = cot_import('rtext', $source, 'HTM');
$ritem['item_cost'] = cot_import('rcost', $source, 'NUM');
$ritem['item_parser'] = cot_import('rparser', $source, 'ALP');
if (empty($ritem['item_date'])) {
$ritem['item_date'] = (int) $sys['now'];
} else {
$ritem['item_update'] = (int) $sys['now'];
}
if ($auth['isadmin'] && isset($ritem['item_userid'])) {
$ritem['item_count'] = cot_import('rcount', $source, 'INT');
$ritem['item_userid'] = $ritem['item_userid'];
} else {
$ritem['item_userid'] = $usr['id'];
}
// Extra fields
foreach ($cot_extrafields[$db_market] as $exfld) {
$ritem['item_' . $exfld['field_name']] = cot_import_extrafields('ritem' . $exfld['field_name'], $exfld, $source, $ritem['item_' . $exfld['field_name']]);
}
return $ritem;
}
include $pl;
}
/* ===== */
$roffer['offer_cost_min'] = (int) cot_import('costmin', 'P', 'NUM');
$roffer['offer_cost_max'] = (int) cot_import('costmax', 'P', 'NUM');
$roffer['offer_time_min'] = (int) cot_import('timemin', 'P', 'INT');
$roffer['offer_time_max'] = (int) cot_import('timemax', 'P', 'INT');
$roffer['offer_time_type'] = (int) cot_import('timetype', 'P', 'INT');
$roffer['offer_hidden'] = (int) cot_import('hidden', 'P', 'BOL');
$roffer['offer_text'] = cot_import('offertext', 'P', 'HTM');
$roffer['offer_pid'] = (int) $id;
$roffer['offer_userid'] = (int) $usr['id'];
$roffer['offer_date'] = (int) $sys['now'];
// Extra fields
foreach ($cot_extrafields[$db_projects_offers] as $exfld) {
$roffer['offer_' . $exfld['field_name']] = cot_import_extrafields('roffer' . $exfld['field_name'], $exfld, 'P', $roffer['offer_' . $exfld['field_name']]);
}
/* === Hook === */
foreach (cot_getextplugins('projects.offers.add.import') as $pl) {
include $pl;
}
/* ===== */
cot_check(empty($roffer['offer_text']), $L['offers_empty_text']);
/* === Hook === */
foreach (cot_getextplugins('projects.offers.add.error') as $pl) {
include $pl;
}
/* ===== */
if (!cot_error_found()) {
$db->insert($db_projects_offers, $roffer);
$offerid = $db->lastInsertId();
/**
* Imports page data from request parameters.
* @param string $source Source request method for parameters
* @param array $rpage Existing page data from database
* @param array $auth Permissions array
* @return array Page data
*/
function cot_page_import($source = 'POST', $rpage = array(), $auth = array())
{
global $cfg, $db_pages, $cot_extrafields, $usr, $sys;
if (count($auth) == 0) {
$auth = cot_page_auth($rpage['page_cat']);
}
if ($source == 'D' || $source == 'DIRECT') {
// A trick so we don't have to affect every line below
global $_PATCH;
$_PATCH = $rpage;
$source = 'PATCH';
}
$rpage['page_cat'] = cot_import('rpagecat', $source, 'TXT');
$rpage['page_keywords'] = cot_import('rpagekeywords', $source, 'TXT');
$rpage['page_alias'] = cot_import('rpagealias', $source, 'TXT');
$rpage['page_title'] = cot_import('rpagetitle', $source, 'TXT');
$rpage['page_desc'] = cot_import('rpagedesc', $source, 'TXT');
$rpage['page_text'] = cot_import('rpagetext', $source, 'HTM');
$rpage['page_parser'] = cot_import('rpageparser', $source, 'ALP');
$rpage['page_author'] = cot_import('rpageauthor', $source, 'TXT');
$rpage['page_file'] = intval(cot_import('rpagefile', $source, 'INT'));
$rpage['page_url'] = cot_import('rpageurl', $source, 'TXT');
$rpage['page_size'] = (int) cot_import('rpagesize', $source, 'INT');
$rpage['page_file'] = $rpage['page_file'] == 0 && !empty($rpage['page_url']) ? 1 : $rpage['page_file'];
$rpagedatenow = cot_import('rpagedatenow', $source, 'BOL');
$rpage['page_date'] = cot_import_date('rpagedate', true, false, $source);
$rpage['page_date'] = $rpagedatenow || is_null($rpage['page_date']) ? $sys['now'] : (int) $rpage['page_date'];
$rpage['page_begin'] = (int) cot_import_date('rpagebegin');
$rpage['page_expire'] = (int) cot_import_date('rpageexpire');
$rpage['page_expire'] = $rpage['page_expire'] <= $rpage['page_begin'] ? 0 : $rpage['page_expire'];
$rpage['page_updated'] = $sys['now'];
$rpage['page_keywords'] = cot_import('rpagekeywords', $source, 'TXT');
$rpage['page_metatitle'] = cot_import('rpagemetatitle', $source, 'TXT');
$rpage['page_metadesc'] = cot_import('rpagemetadesc', $source, 'TXT');
$rpublish = cot_import('rpublish', $source, 'ALP');
// For backwards compatibility
$rpage['page_state'] = $rpublish == 'OK' ? 0 : cot_import('rpagestate', $source, 'INT');
if ($auth['isadmin'] && isset($rpage['page_ownerid'])) {
$rpage['page_count'] = cot_import('rpagecount', $source, 'INT');
$rpage['page_ownerid'] = cot_import('rpageownerid', $source, 'INT');
$rpage['page_filecount'] = cot_import('rpagefilecount', $source, 'INT');
} else {
$rpage['page_ownerid'] = $usr['id'];
}
$parser_list = cot_get_parsers();
if (empty($rpage['page_parser']) || !in_array($rpage['page_parser'], $parser_list) || $rpage['page_parser'] != 'none' && !cot_auth('plug', $rpage['page_parser'], 'W')) {
$rpage['page_parser'] = isset($sys['parser']) ? $sys['parser'] : $cfg['page']['parser'];
}
// Extra fields
foreach ($cot_extrafields[$db_pages] as $exfld) {
$rpage['page_' . $exfld['field_name']] = cot_import_extrafields('rpage' . $exfld['field_name'], $exfld, $source, $rpage['page_' . $exfld['field_name']]);
}
return $rpage;
}
$rtopic['ft_desc'] = cot_import('rtopicdesc', 'P', 'TXT', 255);
$rmsg = array();
$rmsg['fp_text'] = cot_import('rmsgtext', 'P', 'HTM');
$rmsg['fp_updater'] = $rowpost['fp_posterid'] == $usr['id'] && $sys['now'] < $rowpost['fp_updated'] + 300 && empty($rowpost['fp_updater']) ? '' : $usr['name'];
$rmsg['fp_updated'] = $sys['now'];
if (isset($_POST['rtopictitle']) && mb_strlen($rtopic['ft_title']) < $cfg['forums']['mintitlelength']) {
cot_error('forums_titletooshort', 'rtopictitle');
}
if (mb_strlen($rmsg['fp_text']) < $cfg['forums']['minpostlength']) {
cot_error('forums_messagetooshort', 'rmsgtext');
}
foreach ($cot_extrafields[$db_forum_topics] as $exfld) {
$rtopic['ft_' . $exfld['field_name']] = cot_import_extrafields('rtopic' . $exfld['field_name'], $exfld);
}
foreach ($cot_extrafields[$db_forum_posts] as $exfld) {
$rmsg['fp_' . $exfld['field_name']] = cot_import_extrafields('rmsg' . $exfld['field_name'], $exfld);
}
if (!cot_error_found()) {
$db->update($db_forum_posts, $rmsg, "fp_id={$p}");
if (!empty($rtopic['ft_title']) && $db->query("SELECT fp_id FROM {$db_forum_posts} WHERE fp_topicid = {$q} ORDER BY fp_id ASC LIMIT 1")->fetchColumn() == $p) {
if (mb_substr($rtopic['ft_title'], 0, 1) == "#") {
$rtopic['ft_title'] = str_replace('#', '', $rtopic['ft_title']);
}
$rtopic['ft_preview'] = mb_substr(htmlspecialchars($rmsg['fp_text']), 0, 128);
$db->update($db_forum_topics, $rtopic, "ft_id = {$q}");
}
cot_extrafield_movefiles();
}
/* === Hook === */
foreach (cot_getextplugins('forums.editpost.update.done') as $pl) {
include $pl;
function update()
{
global $db, $db_mavatars, $sys, $cot_extrafields;
if ($this->code != 'new') {
$mavatars['mav_enabled'] = cot_import('mavatar_enabled', 'P', 'ARR');
$mavatars['mav_order'] = cot_import('mavatar_order', 'P', 'ARR');
$mavatars['mav_desc'] = cot_import('mavatar_desc', 'P', 'ARR');
$mavatars['mav_new'] = cot_import('mavatar_new', 'P', 'ARR');
$mavatars['mav_enabled'] = count($mavatars['mav_enabled']) > 0 ? $mavatars['mav_enabled'] : array();
foreach ($cot_extrafields[$db_mavatars] as $exfld) {
if ($exfld['field_type'] != 'file' || $exfld['field_type'] != 'filesize') {
$mavatars[$exfld['field_name']] = cot_import('mavatar_' . $exfld['field_name'], 'P', 'ARR');
} elseif ($exfld['field_type'] == 'file') {
// TODO FIXME!
//$rstructureextrafieldsarr[$exfld['field_name']] = cot_import_filesarray('rstructure'.$exfld['field_name']);
}
}
foreach ($mavatars['mav_enabled'] as $id => $enabled) {
$mavatar_info = $this->get_mavatar_byid($id);
$mavatar = array();
$enabled = cot_import($enabled, 'D', 'BOL') ? true : false;
$mavatar['mav_order'] = cot_import($mavatars['mav_order'][$id], 'D', 'INT');
$mavatar['mav_desc'] = cot_import($mavatars['mav_desc'][$id], 'D', 'TXT');
foreach ($cot_extrafields[$db_mavatars] as $exfld) {
$mavarray['mav_' . $exfld['field_name']] = cot_import_extrafields($mavatars['mav_' . $exfld['field_name']][$id], $exfld, 'D', $mavatar_info['mav_' . $exfld['field_name']]);
}
$new = cot_import($mavatars['mav_new'][$id], 'D', 'BOL');
if ($enabled) {
$mavatar['mav_extension'] = $this->extension;
$mavatar['mav_category'] = $this->category;
$mavatar['mav_code'] = $this->code;
$mavatar['mav_filename'] = $this->rename_file($mavatar_info, $mavatar['mav_desc']);
$mavatar['mav_date'] = $sys['now'];
$db->update($db_mavatars, $mavatar, 'mav_id=' . (int) $id);
} else {
$mavatar = $this->get_mavatar_byid($id);
$this->delete_mavatar($mavatar);
}
}
$this->get_mavatars();
}
}
$rmsg['fp_updater'] = $rowpost['fp_posterid'] == cot::$usr['id'] && cot::$sys['now'] < $rowpost['fp_updated'] + 300 && empty($rowpost['fp_updater']) ? '' : cot::$usr['name'];
$rmsg['fp_updated'] = cot::$sys['now'];
if (isset($_POST['rtopictitle']) && mb_strlen($rtopic['ft_title']) < cot::$cfg['forums']['mintitlelength']) {
cot_error('forums_titletooshort', 'rtopictitle');
}
if (mb_strlen($rmsg['fp_text']) < cot::$cfg['forums']['minpostlength']) {
cot_error('forums_messagetooshort', 'rmsgtext');
}
if (!empty(cot::$extrafields[cot::$db->forum_topics])) {
foreach (cot::$extrafields[cot::$db->forum_topics] as $exfld) {
$rtopic['ft_' . $exfld['field_name']] = cot_import_extrafields('rtopic' . $exfld['field_name'], $exfld, 'P', '', 'forums_topic_');
}
}
if (!empty(cot::$extrafields[cot::$db->forum_posts])) {
foreach (cot::$extrafields[cot::$db->forum_posts] as $exfld) {
$rmsg['fp_' . $exfld['field_name']] = cot_import_extrafields('rmsg' . $exfld['field_name'], $exfld, 'P', '', 'forums_post_');
}
}
if (!cot_error_found()) {
cot::$db->update(cot::$db->forum_posts, $rmsg, "fp_id={$p}");
if (!empty($rtopic['ft_title']) && cot::$db->query("SELECT fp_id FROM " . cot::$db->forum_posts . " WHERE fp_topicid = {$q} ORDER BY fp_id ASC LIMIT 1")->fetchColumn() == $p) {
if (mb_substr($rtopic['ft_title'], 0, 1) == "#") {
$rtopic['ft_title'] = str_replace('#', '', $rtopic['ft_title']);
}
$rtopic['ft_preview'] = mb_substr(htmlspecialchars($rmsg['fp_text']), 0, 128);
cot::$db->update(cot::$db->forum_topics, $rtopic, "ft_id = {$q}");
}
cot_extrafield_movefiles();
}
/* === Hook === */
foreach (cot_getextplugins('forums.editpost.update.done') as $pl) {
}
/* == Hook == */
foreach (cot_getextplugins('comments.edit.tags') as $pl) {
include $pl;
}
/* ===== */
$t->parse('MAIN.COMMENTS_FORM_EDIT');
}
if ($a == 'send' && $usr['auth_write']) {
cot_shield_protect();
$rtext = cot_import('rtext', 'P', 'HTM');
$rname = cot_import('rname', 'P', 'TXT');
$comarray = array();
// Extra fields
foreach ($cot_extrafields[$db_com] as $exfld) {
$comarray['com_' . $exfld['field_name']] = cot_import_extrafields('rcomments' . $exfld['field_name'], $exfld);
}
/* == Hook == */
foreach (cot_getextplugins('comments.send.first') as $pl) {
include $pl;
}
/* ===== */
if (empty($rname) && $usr['id'] == 0) {
cot_error($L['com_authortooshort'], 'rname');
}
if (mb_strlen($rtext) < $cfg['plugin']['comments']['minsize']) {
cot_error($L['com_commenttooshort'], 'rtext');
}
if ($cfg['plugin']['comments']['commentsize'] && mb_strlen($rtext) > $cfg['plugin']['comments']['commentsize']) {
cot_error($L['com_commenttoolong'], 'rtext');
}
}
}
$tplfile = cot_import('tpl', 'G', 'TXT');
$mskin = cot_tplfile(array('contact', $tplfile), 'plug');
$t = new XTemplate($mskin);
$rtext = cot_import('rtext', 'P', 'TXT');
if (!empty($rtext)) {
//Import the variables
$rcontact['contact_text'] = $rtext;
$rcontact['contact_author'] = cot_import('ruser', 'P', 'TXT');
$rcontact['contact_email'] = cot_import('remail', 'P', 'TXT');
$rcontact['contact_subject'] = cot_import('rsubject', 'P', 'TXT');
// Extra fields
if (!empty(cot::$extrafields[cot::$db->contact])) {
foreach (cot::$extrafields[cot::$db->contact] as $exfld) {
$rcontact['contact_' . $exfld['field_name']] = cot_import_extrafields('rcontact' . $exfld['field_name'], $exfld, 'P', '', 'contact_');
}
}
if (cot::$usr['id'] == 0 && !empty($cot_captcha)) {
$rverify = cot_import('rverify', 'P', 'TXT');
if (!cot_captcha_validate($rverify)) {
cot_error('captcha_verification_failed', 'rverify');
}
}
if ($rcontact['contact_author'] == '') {
cot_error('contact_noname', 'ruser');
}
if (!cot_check_email($rcontact['contact_email'])) {
cot_error('contact_emailnotvalid', 'remail');
}
if (mb_strlen($rcontact['contact_text']) < cot::$cfg['plugin']['contact']['minchars']) {
} else {
$db->update($db_config, array('config_value' => $data), "config_name = ? AND config_owner = ?\n\t\t\t\t\tAND config_cat = ? AND config_subcat = ?)", array($key, $o, $p, $editconfig));
}
}
}
}
$oldrow = $db->query("SELECT * FROM {$db_structure} WHERE structure_id=" . (int) $id)->fetch();
$rstructure['structure_code'] = preg_replace('#[^\\w\\p{L}\\-]#u', '', cot_import('rstructurecode', 'P', 'TXT'));
// $rstructure['structure_path'] = cot_import('rstructurepath', 'P', 'TXT');
$rstructure['structure_title'] = cot_import('rstructuretitle', 'P', 'TXT');
$rstructure['structure_desc'] = cot_import('rstructuredesc', 'P', 'TXT');
$rstructure['structure_icon'] = cot_import('rstructureicon', 'P', 'TXT');
$rstructure['structure_tpl'] = cot_import('rstructuretpl', 'P', 'TXT');
$rstructure['structure_locked'] = cot_import('rstructurelocked', 'P', 'BOL') ? 1 : 0;
foreach ($cot_extrafields[$db_structure] as $exfld) {
$rstructure['structure_' . $exfld['field_name']] = cot_import_extrafields('rstructure' . $exfld['field_name'], $exfld, 'P', $oldrow['structure_' . $exfld['field_name']]);
}
$rstructure['structure_code'] != 'all' || cot_error('adm_structure_code_reserved', 'rstructurecode');
$rstructure['structure_title'] || cot_error('adm_structure_title_required', 'rstructuretitle');
if (!cot_error_found()) {
if (empty($rstructure['structure_code'])) {
$rstructure['structure_code'] = $cot_structure->autoalias($rstructure['structure_title']);
}
$res = cot_structure_update($n, $id, $oldrow, $rstructure, $is_module);
if (is_array($res)) {
cot_error($res[0], $res[1]);
}
}
cot_extrafield_movefiles();
cot_auth_clear('all');
if ($cache) {
