//$pass = array_flip(array('pageindex', 'orderby', 'orderdi')); //to pass to next page $param2 = http_build_query(array_diff_key($_GET, $ignore)); //$param2 = http_build_query(array_intersect_key($_GET, $pass)); if (!empty($param2)) { $param2 = '?' . $param2 . '&'; } else { $param2 = '?'; } $au_id = (int) getgpcvar("au_id", "G"); $my_user_id = (int) @$_SESSION["cusa_admin_usr_id"]; if ($my_user_id <= 0) { exit; } ///////////////////////////////////////////////////////////////// if (isset($_POST['first_name'])) { $au_id = (int) getgpcvar("au_id", "P"); #/ Check Attempts include_once '../../includes/check_attempts.php'; #/* if (check_attempts(5, 'CUSA_ADMIN_MSG_GLOBAL') == false) { update_attempt_counts(); redirect_me("{$consts['DOC_ROOT_ADMIN']}logout", true); } #*/ ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); if ($au_id <= 0 || array_key_exists('update_acc_info', $_POST) && $_POST['update_acc_info'] == '1') { $rules = ['required' => [['first_name'], ['last_name'], ['email_add'], ['new_pass']], 'lengthMax' => [['first_name', 60], ['last_name', 60], ['email_add', 100], ['new_pass', 20]], 'lengthMin' => [['new_pass', 7]], 'email' => [['email_add']]]; } else { $rules = ['required' => [['first_name'], ['last_name'], ['email_add']], 'lengthMax' => [['first_name', 60], ['last_name', 60], ['email_add', 100]], 'email' => [['email_add']]];
$_POST = format_str($_POST); $_GET = format_str($_GET); $ignore = array_flip(array('conf_id')); //for move within OPERATION page $param2 = http_build_query(array_diff_key($_GET, $ignore)); if (!empty($param2)) { $param2 = '?' . $param2 . '&'; } else { $param2 = '?'; } $conf_id = (int) getgpcvar("conf_id", "G"); $back_page = "system_config.php"; $cur_page = cur_page(); ///////////////////////////////////////////////////////////////// if (isset($_POST['title'])) { $conf_id = (int) getgpcvar("conf_id", "P"); ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['title'], ['c_value']], 'lengthMax' => [['title', 100], ['c_value', 50]]]; $form_v->labels(array('title' => 'Title', 'c_value' => 'Value')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); #- if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { if ($conf_id > 0) { ###/ Updating Database #/ system_config $sql_tb1 = "UPDATE system_config SET title='{$_POST['title']}', c_value='{$_POST['c_value']}'\n WHERE id='{$conf_id}'";
$_POST = format_str($_POST); $_GET = format_str($_GET); $ignore = array_flip(array('misc_id')); //for move within OPERATION page $param2 = http_build_query(array_diff_key($_GET, $ignore)); if (!empty($param2)) { $param2 = '?' . $param2 . '&'; } else { $param2 = '?'; } $misc_id = (int) getgpcvar("misc_id", "G"); $back_page = "site_misc_data.php"; $cur_page = cur_page(); ///////////////////////////////////////////////////////////////// if (isset($_POST['title'])) { $misc_id = (int) getgpcvar("misc_id", "P"); //die('x'); ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['title'], ['m_value'], ['m_cat']], 'lengthMax' => [['title', 250], ['m_cat', 70]]]; $form_v->labels(array('title' => 'Name / Title', 'm_value' => 'Value', 'm_cat' => 'Category')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); #- if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $content_type = @$_POST['content_type']; if ($content_type == 'html') { $m_value = rem_risky_tags($_POST_ori['m_value']);
$_POST = format_str($_POST); $_GET = format_str($_GET); $ignore = array_flip(array('pc_id')); //for back to LIST $param2 = http_build_query(array_diff_key($_GET, $ignore)); if (!empty($param2)) { $param2 = '?' . $param2 . '&'; } else { $param2 = '?'; } $pc_id = (int) getgpcvar("pc_id", "G"); $back_page = "pages_categories.php"; $cur_page = cur_page(); ///////////////////////////////////////////////////////////////// if (isset($_POST['title'])) { $pc_id = (int) getgpcvar("pc_id", "P"); ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['title']], 'lengthMax' => [['title', 60]]]; $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); #- if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $is_active = (int) @$_POST['is_active']; if ($pc_id > 0) { ###/ Updating Database #/ page_categories $sql_page_categories = "UPDATE page_categories SET title='{$_POST['title']}',\n is_active='{$is_active}' WHERE id='{$pc_id}'";
break; case '4': $orderby = 'sp.is_active'; break; case '5': $orderby = 'popup_only'; break; case '6': $orderby = 'sp.id'; break; } $orderdi = getgpcvar("orderdi", "G"); if (in_array($orderdi, array("ASC", "DESC")) == false) { $orderdi = "DESC"; } $pageindex = (int) getgpcvar("pageindex", "G"); if ($pageindex < 0) { $pageindex = 0; } $pagesize = 30; $query = sprintf("SELECT sp.*, sp.id as sp_id, st.seo_tag, pc.title as cat_title\n\n FROM site_pages sp\n LEFT JOIN seo_tags st ON st.id = sp.seo_tag_id\n LEFT JOIN page_categories pc ON sp.cat_id=pc.id\n\n WHERE 1 = 1 %s\n\tORDER BY %s %s\n LIMIT %d, %d\n\t", $where, $orderby, $orderdi, $pageindex * $pagesize, $pagesize); //echo '<pre>'.$query; die(); #### --- $token = mysql_query($query) or die(mysql_error()); $recrd = mysql_fetch_assoc($token); switch ($orderby) { case 'sp.title': $orderby = '1'; break; case 'st.seo_tag': $orderby = '2';
//for move within OPERATION page $param2 = http_build_query(array_diff_key($_GET, $ignore)); if (!empty($param2)) { $param2 = '?' . $param2 . '&'; } else { $param2 = '?'; } $u_id = (int) getgpcvar("u_id", "G"); $read_only = (int) getgpcvar("ro", "G"); //$read_only = 1; //testing $back_page = "users.php"; $cur_page = cur_page(); ///////////////////////////////////////////////////////////////// if ($read_only <= 0) { if (isset($_POST['first_name'])) { $u_id = (int) getgpcvar("u_id", "P"); ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['package_id'], ['email_add'], ['first_name'], ['last_name'], ['screen_name']], 'lengthMin' => [['screen_name', 5]], 'lengthMax' => [['email_add', 120], ['first_name', 50], ['middle_name', 20], ['last_name', 50], ['company_name', 100], ['screen_name', 50], ['address_ln_1', 200], ['city', 180], ['country_code', 2], ['state', 50], ['zip', 20]], 'email' => [['email_add']], 'slug' => [['screen_name']]]; $form_v->labels(array('package_id' => 'Membership Package', 'email_add' => 'Email Address', 'country_code' => 'Country')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); #- #/ Check if Email Add exists if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $chk_user = mysql_exec("SELECT email_add FROM users WHERE email_add='{$_POST['email_add']}' and id!='{$u_id}'", 'single'); if (!empty($chk_user)) { $fv_errors[] = array('This Email Address is already used, please try a different one!');
$_POST = format_str($_POST); $_GET = format_str($_GET); $ignore = array_flip(array('sp_id')); //for move within OPERATION page $param2 = http_build_query(array_diff_key($_GET, $ignore)); if (!empty($param2)) { $param2 = '?' . $param2 . '&'; } else { $param2 = '?'; } $sp_id = (int) getgpcvar("sp_id", "G"); $back_page = "site_pages.php"; $cur_page = cur_page(); ///////////////////////////////////////////////////////////////// if (isset($_POST['seo_tag'])) { $sp_id = (int) getgpcvar("sp_id", "P"); $seo_tag_id = (int) @$_POST['seo_tag_id']; $content_type = @$_POST['content_type']; $self_managed = (int) @$_POST['self_managed']; ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); if ($content_type == 'pdf') { $rules = ['required' => [['title'], ['seo_tag']], 'lengthMax' => [['title', 60], ['seo_tag', 30]], 'slug' => [['seo_tag']]]; } else { if ($content_type == 'html') { if ($self_managed == '1') { $rules = ['required' => [['title'], ['seo_tag'], ['page_heading']], 'lengthMax' => [['title', 60], ['seo_tag', 30], ['page_heading', 150]], 'slug' => [['seo_tag']]]; } else { $rules = ['required' => [['title'], ['seo_tag'], ['page_heading'], ['pg_content']], 'lengthMax' => [['title', 60], ['seo_tag', 30], ['page_heading', 150]], 'slug' => [['seo_tag']]]; }
$_POST = format_str($_POST); $_GET = format_str($_GET); $ignore = array_flip(array('med_id')); //for move within OPERATION page $param2 = http_build_query(array_diff_key($_GET, $ignore)); if (!empty($param2)) { $param2 = '?' . $param2 . '&'; } else { $param2 = '?'; } $med_id = (int) getgpcvar("med_id", "G"); $back_page = "site_media.php"; $cur_page = cur_page(); ///////////////////////////////////////////////////////////////// if (isset($_POST['m_cat'])) { $med_id = (int) getgpcvar("med_id", "P"); ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['m_cat']], 'lengthMax' => [['m_cat', 25], ['alt_text', 100]]]; $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); #- if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { ###/ Image processing & savings include_once '../../includes/resize_images.php'; $up_path = "../assets/images_2/media/"; //if(!is_dir($up_path)){mkdir($up_path, 0705, true);} #/ Determine $m_type
///////////////////////////////////////////////////////////////////// include_once '../../includes/format_str.php'; include_once '../../includes/func_1.php'; include_once '../../includes/db_lib.php'; include_once "../../includes/admin/functions.php"; $_POST = format_str($_POST); $_GET = format_str($_GET); $ignore = array_flip(array('vc_id')); //for move within OPERATION page $param2 = http_build_query(array_diff_key($_GET, $ignore)); if (!empty($param2)) { $param2 = '?' . $param2 . '&'; } else { $param2 = '?'; } $vc_id = (int) getgpcvar("vc_id", "G"); $cur_page = cur_page(); ///////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////// #### Get record if EDIT Mode $empt = $empt_2 = $total = array(); $vote_list = ''; if ($vc_id && empty($empt)) { $query = sprintf("SELECT vv.*, uv.question_text, u.email_add\n FROM user_voices uv\n RIGHT JOIN voices_votes vv ON vv.voice_id=uv.id\n LEFT JOIN users u ON u.id=vv.user_id\n WHERE voice_id='%d'\n ORDER BY voted_on DESC", $vc_id); /*$token = mysql_query($query, $cn1); //or die(mysql_error($cn1)); $empt = @mysql_fetch_assoc($token); $empt2 = $empt;*/ $empt = mysql_exec($query); if ($empt == false || empty($empt)) { die("Record Not Found !"); }
} $read_only = (int) getgpcvar("ro", "G"); //$read_only = 1; //test $btr = (int) getgpcvar("btr", "G"); $bkr = (string) getgpcvar("bkr", "G"); if ($user_select <= 0) { $back_page = "user_payments.php"; } else { $back_page = urldecode($bkr); $param2 = ''; } $cur_page = cur_page(); ///////////////////////////////////////////////////////////////// if ($user_select > 0) { if (isset($_POST['user_select'])) { $user_select = (int) getgpcvar("user_select", "P"); ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['invoice'], ['amount'], ['paid_on'], ['payment_status'], ['gateway_name']], 'lengthMax' => [['invoice', 30], ['transaction_id', 150], ['gateway_name', 50], ['gateway_payer_id', 100], ['gateway_msg', 500], ['payment_status', 30]], 'numeric' => [['amount']]]; $form_v->labels(array('paid_on' => 'Payment Date', 'gateway_name' => 'Payment Gateway')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); //die(); #- #/ Check if Email Add exists if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $chk_user = mysql_exec("SELECT invoice FROM user_payments WHERE invoice='{$_POST['invoice']}'", 'single'); if (!empty($chk_user)) { $fv_errors[] = array('This Invoice is already used, please try a different one!');
if (!empty($param2)) { $param2 = '?' . $param2 . '&'; } else { $param2 = '?'; } $vc_id = (int) getgpcvar("vc_id", "G"); $back_page = "voices.php"; $cur_page = cur_page(); if ($vc_id <= 0) { redirect_me("{$consts['DOC_ROOT_ADMIN']}{$back_page}{$param2}", true); //prevent add } ///////////////////////////////////////////////////////////////// if (isset($_POST['question_text'])) { $vc_id = (int) getgpcvar("vc_id", "P"); $user_id = (int) getgpcvar("user_id", "P"); ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['question_text'], ['voice_cat_id'], ['user_id']], 'lengthMax' => [['question_text', 170]]]; $form_v->labels(array('question_text' => 'Voice Question', 'voice_cat_id' => 'Voice Category', 'user_id' => 'User Info')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); #- if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $voice_details = rem_risky_tags($_POST_ori['voice_details']); $_POST['is_blocked'] = (int) @$_POST['is_blocked']; ##/ Set Voice Tags $voice_tag_ids = '';
$_POST = format_str($_POST); $_GET = format_str($_GET); $ignore = array_flip(array('pkg_id')); //for move within OPERATION page $param2 = http_build_query(array_diff_key($_GET, $ignore)); if (!empty($param2)) { $param2 = '?' . $param2 . '&'; } else { $param2 = '?'; } $pkg_id = (int) getgpcvar("pkg_id", "G"); $back_page = "packages.php"; $cur_page = cur_page(); ///////////////////////////////////////////////////////////////// if (isset($_POST['title'])) { $pkg_id = (int) getgpcvar("pkg_id", "P"); ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $_POST['is_recursive'] = (int) @$_POST['is_recursive']; $rules = ['required' => [['title'], ['cost'], ['display_order']], 'lengthMax' => [['title', 100]], 'integer' => [['display_order']], 'numeric' => [['cost'], ['recursive_cost']]]; if ($_POST['is_recursive'] == 1) { $rules['min'] = [['recursive_cost', 1]]; } $form_v->labels(array('recursive_cost' => 'Dues Amount')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); #- if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) {
$fv_msg_ar = array(); foreach ($fv_errors as $fv_k => $fv_v) { $fv_msg_ar = array_merge($fv_msg_ar, $fv_v); } $fv_msg .= @implode('<br />- ', $fv_msg_ar); //var_dump($fv_msg); die(); $_SESSION["CUSA_ADMIN_MSG_GLOBAL"] = array(false, $fv_msg); update_attempt_counts(); } } ////end if post................................. ////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////// #### Get record if EDIT Mode $empt = array(); $id = (int) getgpcvar("id", "G"); if ($id) { $query = sprintf("SELECT * FROM admin_users WHERE id='%d'", $id); $token = mysql_query($query, $cn1); // or die(mysql_error($cn1)); $empt = @mysql_fetch_assoc($token); if ($empt == false) { $_SESSION["CUSA_ADMIN_MSG_GLOBAL"] = array(false, "Record Not Found !"); redirect_me("{$consts['DOC_ROOT_ADMIN']}home", true); } } if (isset($_POST['first_name'])) { $empt = $_POST; } /////////////////////////////////////////////////////////////////// $pg_title = "Admin Settings";
$section_id = 8; include_once 'includes/check_permission.php'; ///////////////////////////////////////////////////////////////////// include_once '../../includes/format_str.php'; include_once '../../includes/func_1.php'; include_once '../../includes/db_lib.php'; include_once "../../includes/admin/functions.php"; $_POST = format_str($_POST); $_GET = format_str($_GET); $my_user_id = (int) @$_SESSION["cusa_admin_usr_id"]; if ($my_user_id <= 0) { exit; } ///////////////////////////////////////////////////////////////////////// $search_it = (int) @getgpcvar("search_it", "G"); $sr_tag = @getgpcvar("term", "G"); if (empty($sr_tag) || $search_it <= 0) { exit; } ///////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////////////////////// $recrd = false; #### Build SQL $where = ""; ##### Search String if ($search_it) { include_once "../../includes/srch_lib.php"; $src = new srch_h(); $get_where = ''; if (!empty($sr_tag)) { $get_where .= $src->where_it($sr_tag, 'tag', 'tag');
$_POST = format_str($_POST); $_GET = format_str($_GET); $ignore = array_flip(array('vt_id')); //for move within OPERATION page $param2 = http_build_query(array_diff_key($_GET, $ignore)); if (!empty($param2)) { $param2 = '?' . $param2 . '&'; } else { $param2 = '?'; } $vt_id = (int) getgpcvar("vt_id", "G"); $back_page = "voice_tags.php"; $cur_page = cur_page(); ///////////////////////////////////////////////////////////////// if (isset($_POST['tag'])) { $vt_id = (int) getgpcvar("vt_id", "P"); ##/ Validate Fields include_once '../../includes/form_validator.php'; $form_v = new Valitron\Validator($_POST); $rules = ['required' => [['tag']], 'lengthMin' => [['tag', 5]], 'lengthMax' => [['tag', 100]], 'slug' => [['tag']]]; $form_v->labels(array('tag' => 'Voice Tag')); $form_v->rules($rules); $form_v->validate(); $fv_errors = $form_v->errors(); //var_dump("<pre>", $_POST, $fv_errors); die(); #- #/ Check if Email Add exists if (!is_array($fv_errors) || empty($fv_errors) || count($fv_errors) <= 0) { $chk_user = mysql_exec("SELECT tag FROM voice_tags WHERE tag='{$_POST['tag']}' and id!='{$vt_id}'", 'single'); if (!empty($chk_user)) { $fv_errors[] = array('This Voice Tag is already used, please try a different one!');