protected function main()
{
// Seuls les membres peuvent créer des brouillons
if (!is_logged_in()) {
redir(Nw::$lang['common']['need_login'], false, 'users-10.html');
}
// Si le paramètre ID manque
if (empty($_GET['id']) || !is_numeric($_GET['id'])) {
header('Location: ./');
}
// Le commentaire n'existe pas
inc_lib('news/cmt_news_exists');
if (cmt_news_exists($_GET['id']) == false) {
redir(Nw::$lang['news']['cmt_not_exist'], false, './');
}
inc_lib('news/get_info_cmt_news');
inc_lib('news/add_vote_cmt');
$donnees_cmt = get_info_cmt_news($_GET['id']);
$response = add_vote_cmt($_GET['id']);
inc_lib('news/get_info_news');
$donnees_news = get_info_news($donnees_cmt['c_id_news']);
$rewrite_news = $donnees_news['c_rewrite'] . '/' . rewrite($donnees_news['n_titre']) . '-' . $donnees_news['n_id'] . '/';
// Pour rediriger le visiteur d'où il est venu
if (!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url) !== false && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url . $rewrite_news) === false) {
$_SESSION['nw_referer_edit'] = $_SERVER['HTTP_REFERER'];
}
// Vote bien ajouté
if ($response) {
$text_redir = Nw::$lang['news']['vote_cmt_ok'];
} else {
$text_redir = Nw::$lang['news']['vote_cmt_pasok'];
}
$link_redir = !empty($_SESSION['nw_referer_edit']) ? $_SESSION['nw_referer_edit'] : $rewrite_news;
redir($text_redir, true, $link_redir);
}
protected function main()
{
inc_lib('news/news_exists');
$count_news_existe = news_exists($_GET['id']);
if ($count_news_existe == false && (is_logged_in() && !check_auth('view_histo_all_news'))) {
redir(Nw::$lang['news']['news_not_exist'], false, './');
}
inc_lib('news/get_info_news');
$donnees_news = get_info_news($_GET['id']);
$this->set_title(Nw::$lang['news']['historique_news'] . ' | ' . $donnees_news['n_titre']);
$this->set_tpl('news/log_news.html');
$this->add_css('code.css');
// Fil ariane
if ($count_news_existe) {
$this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), $donnees_news['c_nom'] => array($donnees_news['c_rewrite'] . '/'), $donnees_news['n_titre'] => array($donnees_news['c_rewrite'] . '/' . rewrite($donnees_news['n_titre']) . '-' . $_GET['id'] . '/'), Nw::$lang['news']['historique_news'] => array('')));
} else {
$this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), Nw::$lang['news']['historique_news'] => array('')));
}
/**
* Affichage du logo
**/
inc_lib('news/get_news_logs');
$donnees_logs = get_news_logs('l_id_news = ' . intval($_GET['id']), 'l_date DESC');
foreach ($donnees_logs as $donnees) {
Nw::$tpl->setBlock('log', array('ACTION' => $donnees['l_action'], 'ACTION_LOG' => isset(Nw::$lang['news']['log_news_' . $donnees['l_action']]) ? Nw::$lang['news']['log_news_' . $donnees['l_action']] : '', 'TEXTE' => nl2br($donnees['l_texte']), 'TITRE' => $donnees['l_titre'], 'DATE' => date_sql($donnees['date'], $donnees['heures_date'], $donnees['jours_date']), 'AUTEUR' => $donnees['u_pseudo'], 'AUTEUR_ID' => $donnees['u_id'], 'AUTEUR_AVATAR' => $donnees['u_avatar'], 'AUTEUR_ALIAS' => $donnees['u_alias'], 'IP' => long2ip($donnees['l_ip'])));
}
Nw::$tpl->set(array('ID' => $_GET['id'], 'TITRE' => $donnees_news['n_titre']));
}
public function digestCookieData()
{
global $whmcs;
$sortdata = WHMCS_Cookie::get("SD", true);
$name = $this->name;
if (array_key_exists($name, $sortdata)) {
$orderby = $sortdata[$name]['orderby'];
if ($orderby) {
$this->setOrderBy($orderby);
}
$orderbysort = $sortdata[$name]['sort'];
if ($orderbysort) {
$this->setSortDirection($orderbysort);
}
}
if ($orderby = $whmcs->get_req_var("orderby")) {
$this->setOrderBy($orderby);
$sortdata[$name] = array("orderby" => $this->orderby, "sort" => $this->sort);
WHMCS_Cookie::set("SD", $sortdata);
redir("filter=1");
}
if ($page = $whmcs->get_req_var("page")) {
$this->setPage($page);
}
$this->setRecordLimit($whmcs->get_config("NumRecordstoDisplay"));
}
function del($id)
{
onlyadmin();
$id = protect($id);
mysql_query("DELETE FROM shoutbox WHERE `id`='{$id}'");
redir("shoutbox");
}
protected function main()
{
//Si on a bien envoyé un article à éditer
if (!empty($_GET['id']) && is_numeric($_GET['id'])) {
inc_lib('press/get_info_article');
$dn_article = get_info_article($_GET['id']);
if (empty($dn_article)) {
redir(Nw::$lang['press']['error_dont_exist'], false, 'press.html');
}
//Si on a soumis le formulaire
if (isset($_POST['submit'])) {
inc_lib('press/edit_article');
edit_article($dn_article['p_id'], $_POST['paper'], $_POST['link'], $_POST['numero'], $_POST['country'], $_POST['contenu'], $_POST['date_pub']);
redir(Nw::$lang['press']['redir_article_edited'], true, 'press.html?article=' . $dn_article['p_id']);
}
$this->set_title($dn_article['p_ressource_name']);
$this->set_tpl('press/edit.html');
$this->add_css('code.css');
$this->add_css('forms.css');
// Fil ariane
$this->set_filAriane(array(Nw::$lang['press']['mod_title'] => array('press.html'), $dn_article['p_ressource_name'] => array('press.html?article=' . $dn_article['p_id']), Nw::$lang['press']['art_edit'] => array('')));
inc_lib('bbcode/unparse');
Nw::$tpl->set(array('ID' => $dn_article['p_id'], 'RESSOURCE' => $dn_article['p_ressource_name'], 'DATE' => $dn_article['date'], 'LIEN' => $dn_article['p_link'], 'CONTENU' => unparse($dn_article['p_description']), 'PAYS' => $dn_article['p_lang'], 'NUMERO' => $dn_article['p_num']));
} else {
redir(Nw::$lang['press']['error_dont_exist'], false, 'press.html');
}
}
protected function main()
{
if (!is_logged_in()) {
redir(Nw::$lang['common']['need_login'], false, 'users-10.html');
}
// Si le paramètre ID manque
if (empty($_GET['id']) || !is_numeric($_GET['id']) || empty($_GET['id2']) || !is_numeric($_GET['id2'])) {
header('Location: ./');
}
// Cette news existe vraiment ?
inc_lib('news/news_exists');
if (news_exists($_GET['id']) == false) {
redir(Nw::$lang['news']['news_not_exist'], false, './');
}
inc_lib('news/vrs_exists');
if (vrs_exists($_GET['id'], $_GET['id2']) == false) {
redir(Nw::$lang['news']['version_not_exist'], false, 'news-16-' . $_GET['id'] . '.html');
}
inc_lib('news/get_info_news');
$donnees_news = get_info_news($_GET['id']);
// Le membre a le droit de restaurer une version de news
if (Nw::$droits['can_change_version_my_news'] && $donnees_news['n_id_auteur'] == Nw::$dn_mbr['u_id'] || Nw::$droits['can_change_version_all_news']) {
// La version actuelle n'est pas la même que celle que l'on veut restaurer..
if ($donnees_news['n_last_version'] != $_GET['id2']) {
inc_lib('news/restore_vrs');
restore_vrs($_GET['id'], $_GET['id2']);
redir(Nw::$lang['news']['vrs_restored'], true, 'news-16-' . $_GET['id'] . '.html');
} else {
redir(Nw::$lang['news']['error_already_restored'], false, 'news-16-' . $_GET['id'] . '.html');
}
} else {
redir(Nw::$lang['news']['error_restore_vrs'], false, 'news-16-' . $_GET['id'] . '.html');
}
}
function checkPermission($action, $noredirect = "")
{
static $AdminRoleID = 0;
static $AdminRolePerms = array();
$permid = array_search($action, getAdminPermsArray());
if (isset($_SESSION['adminid'])) {
if (!$AdminRoleID) {
$result = select_query("tbladmins", "roleid", array("id" => $_SESSION['adminid']));
$data = mysql_fetch_array($result);
$roleid = $data['roleid'];
$AdminRoleID = $roleid;
}
if (!count($AdminRolePerms)) {
$result = select_query("tbladminperms", "permid", array("roleid" => $AdminRoleID));
while ($data = mysql_fetch_array($result)) {
$AdminRolePerms[] = $data[0];
}
}
}
$match = in_array($permid, $AdminRolePerms) ? true : false;
if ($noredirect) {
if ($match) {
return true;
}
return false;
}
if (!$match) {
redir("permid=" . $permid, "accessdenied.php");
}
}
/**
* Déconnexion de l'utilisateur
* @author Cam
* @return void
*/
protected function main()
{
// L'ID membre n'est pas renseigné, direction l'index
if (empty($_GET['id'])) {
header('Location: ./');
}
// Pour rediriger le visiteur d'où il est venu
if (!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url) !== false && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url . 'membres-10.html') === false) {
$_SESSION['nw_referer_deco'] = $_SERVER['HTTP_REFERER'];
}
$link_redir = !empty($_SESSION['nw_referer_deco']) ? $_SESSION['nw_referer_deco'] : './';
// Le membre est bien connecté
if (is_logged_in() && $_GET['id'] == Nw::$dn_mbr['u_id']) {
$_SESSION = array();
session_destroy();
// Si les cookies existent, on les supprime
if (isset($_COOKIE['nw_ident']) && isset($_COOKIE['nw_pass'])) {
setcookie('nw_ident', null, time() - 3600);
setcookie('nw_pass', null, time() - 3600);
}
// On affiche le message de confirmation et le redirige
redir(Nw::$lang['users']['disconnect_msg'], true, $link_redir);
} else {
header('Location: ./');
}
}
function page_admin_images($act = "", $id = "")
{
requires_admin();
use_template("admin");
if ($act == "add") {
if (form_file_uploaded("file")) {
$fname = $_FILES["file"]['name'];
db_query("INSERT INTO images (link) VALUES ('')");
$id = db_last_id();
$fname = $id . "." . fileext($fname);
form_file_uploaded_move("file", "img/" . $fname);
db_query("UPDATE images SET link='img/{$fname}' WHERE id=%d", $id);
redir("admin/images");
}
form_start("", "post", " enctype='multipart/form-data' ");
form_file("Файл", "file");
form_submit("Загрузить", "submit");
form_end();
$o = form();
return $o;
}
if ($act == "del") {
$im = db_object_get("images", $id);
@unlink("../{$im->link}");
}
$o = table_edit("images", "admin/images", $act, $id, "", "", "", "image_func");
return $o;
}
/**
* Mot de passe oublié (partie 1)
* @author Cam
* @return tpl
*/
protected function main()
{
// Si le membre est déjà connecté
if (is_logged_in()) {
redir(Nw::$lang['common']['already_connected'], false, './');
}
$this->set_title(Nw::$lang['users']['title_lost_pwd']);
$this->set_tpl('membres/oubli_mdp.html');
$this->add_css('forms.css');
// Fil ariane
$this->set_filAriane(Nw::$lang['users']['title_lost_pwd']);
//Si le formulaire a été validé
if (isset($_POST['submit'])) {
// Cette adresse email existe bien sur le site
inc_lib('users/email_exists');
if (email_exists($_POST['mail'])) {
//On récupère les infos du membre
inc_lib('users/get_info_mbr');
$membre_mail = get_info_mbr($_POST['mail'], 'mail');
$lien_password = Nw::$site_url . 'users-13.html?idm=' . $membre_mail['u_id'] . '&ca=' . $membre_mail['u_code_act'];
//On prépare le texte de l'email
$txt_mail = sprintf(Nw::$lang['users']['mail_oubli_pwd'], $membre_mail['u_pseudo'], $lien_password, $lien_password, $lien_password);
@envoi_mail(trim($_POST['mail']), sprintf(Nw::$lang['users']['title_mail_lost_pwd'], Nw::$site_name), $txt_mail);
redir(Nw::$lang['users']['send_mail_lost'], true, './');
} else {
redir(Nw::$lang['users']['email_aucun_mbr'], false, 'users-12.html');
}
}
}
/**
* Activation du compte.
* @author Cam
* @return tpl
*/
protected function main()
{
if (empty($_GET['mid']) || empty($_GET['ca'])) {
header('Location: ./');
}
if (is_logged_in()) {
redir(Nw::$lang['common']['already_connected'], false, './');
}
$return_valid = false;
inc_lib('users/mbr_act_exists');
if (mbr_act_exists($_GET['mid'], $_GET['ca'])) {
inc_lib('users/get_info_mbr');
$donnees_compte = get_info_mbr($_GET['mid']);
if ($donnees_compte['u_active'] == 0) {
inc_lib('users/valid_account');
inc_lib('admin/gen_cachefile_nb_members');
valid_account($_GET['mid']);
gen_cachefile_nb_members();
generate_members_sitemap();
redir(Nw::$lang['users']['compte_valide'], true, './');
$return_valid = true;
}
}
if (!$return_valid) {
redir(Nw::$lang['users']['compte_valid_error'], false, './');
}
}
protected function main()
{
$this->set_title(Nw::$site_slogan);
$this->set_tpl('mobile/users/login.html');
$this->load_lang_file('users');
// Si le membre est déjà connecté
if (is_logged_in()) {
redir(Nw::$lang['common']['already_connected'], false, 'mobile-2.html');
}
//Si on a soumis le formulaire
if (!multi_empty(trim($_POST['nw_nickname']), trim($_POST['nw_password']))) {
$array_post = array('pseudo' => $_POST['nw_nickname'], 'remember' => isset($_POST['nw_remember']));
//On vérifie que la paire pseudo/mot de passe existe
inc_lib('users/get_info_account');
if ($dn_info_account = get_info_account($_POST['nw_nickname'], $_POST['nw_password'])) {
//Si le compte est actif
if ($dn_info_account['u_active'] == 1) {
$link_redir = 'mobile-2.html';
$connex_auto = 1;
inc_lib('users/connect_auto_user');
connect_auto_user($dn_info_account['u_id'], $_POST['nw_password'], $connex_auto);
// On redirige le membre
redir(sprintf(Nw::$lang['users']['welcome_user'], $_POST['nw_nickname']), true, $link_redir);
} else {
display_form($array_post, Nw::$lang['users']['not_active']);
}
return;
} else {
display_form($array_post, Nw::$lang['users']['account_no_exist']);
}
return;
}
display_form(array('pseudo' => '', 'remember' => true));
Nw::$tpl->set('INC_HEAD', empty($_SERVER['HTTP_AJAX']));
}
protected function main()
{
if (!is_logged_in()) {
header('Location: mobile.html');
}
$this->set_tpl('mobile/categories/list_news.html');
$this->load_lang_file('news');
// On compte le nbr de news en rédaction
inc_lib('news/count_news');
$nombre_news = count_news('n_etat = 1');
// Pagination
$page = (!empty($_GET['page']) and is_numeric($_GET['page']) and $_GET['page'] > 0) ? (int) $_GET['page'] : 1;
$nombreDePages = ceil($nombre_news / Nw::$pref['nb_news_redac']);
// On vérifie bien que la page existe
if ($nombreDePages > 0 && $page > $nombreDePages) {
redir(Nw::$lang['common']['pg_not_exist'], false, './mobile.html');
}
// On recherche toutes les news en rédaction
inc_lib('news/get_list_news');
$list_dn_news = get_list_news('n_etat = 1', 'n_date DESC', $page, Nw::$pref['nb_news_redac']);
// On affiche toutes les news en rédaction
foreach ($list_dn_news as $donnees_news) {
Nw::$tpl->setBlock('news', array('ID' => $donnees_news['n_id'], 'CAT_ID' => $donnees_news['c_id'], 'CAT_TITRE' => $donnees_news['c_nom'], 'IMAGE_ID' => $donnees_news['i_id'], 'IMAGE_NOM' => $donnees_news['i_nom'], 'TITRE' => $donnees_news['n_titre'], 'RESUME' => $donnees_news['n_resume'], 'REWRITE' => rewrite($donnees_news['n_titre']), 'AUTEUR' => $donnees_news['u_pseudo'], 'AUTEUR_ID' => $donnees_news['u_id'], 'AUTEUR_ALIAS' => $donnees_news['u_alias'], 'AUTEUR_AVATAR' => $donnees_news['u_avatar'], 'DATE' => date_sql($donnees_news['date_news'], $donnees_news['heures_date_news'], $donnees_news['jours_date_news']), 'NBR_COMS' => sprintf(Nw::$lang['news']['nbr_comments_news'], $donnees_news['n_nbr_coms'], $donnees_news['n_nbr_coms'] > 1 ? Nw::$lang['news']['add_s_comments'] : ''), 'VOTES' => $donnees_news['n_nb_votes'], 'VOTES_NEG' => $donnees_news['n_nb_votes_neg'], 'HAS_VOTED' => is_logged_in() ? $donnees_news['v_id_membre'] : 0));
}
Nw::$tpl->set(array('LIST_PG' => list_pg($nombreDePages, $page, 'mobile-2%s.html'), 'NB_NEWS' => $nombre_news, 'TITLE' => Nw::$lang['news']['en_attente_title'], 'TITLE_REWRITE' => 'news_en_attente', 'INC_HEAD' => empty($_SERVER['HTTP_AJAX'])));
}
protected function main()
{
// Seuls les membres peuvent créer des brouillons
if (!is_logged_in()) {
redir(Nw::$lang['common']['need_login'], false, 'users-10.html');
}
// Si le paramètre ID manque
if (empty($_GET['id']) || !is_numeric($_GET['id'])) {
header('Location: ./');
}
// Cette news existe vraiment ?
inc_lib('news/news_exists');
if (news_exists($_GET['id']) == false) {
redir(Nw::$lang['news']['news_not_exist'], false, './');
}
// Pour rediriger le visiteur d'où il est venu
if (!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url) !== false && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url . 'news-25-' . $_GET['id'] . '.html') === false) {
$_SESSION['nw_referer_edit'] = $_SERVER['HTTP_REFERER'];
}
$link_redir = !empty($_SESSION['nw_referer_edit']) ? $_SESSION['nw_referer_edit'] : 'news-10-' . intval($_GET['id']) . '.html';
inc_lib('news/get_info_news');
inc_lib('news/manage_fav');
$donnees_news = get_info_news($_GET['id']);
$response = manage_fav($_GET['id']);
// Nouveau favoris
if ($response == 1) {
$text_redir = Nw::$lang['news']['news_favorite_ok'];
} elseif ($response == 2) {
$text_redir = Nw::$lang['news']['news_defavorite_ok'];
}
redir($text_redir, true, $link_redir);
}
protected function main()
{
// Si le paramètre ID manque
if (empty($_GET['id']) || !is_numeric($_GET['id'])) {
header('Location: news-70.html');
}
inc_lib('news/news_exists');
if (news_exists($_GET['id']) == false) {
redir(Nw::$lang['news']['news_not_exist'], false, 'news-70.html');
}
inc_lib('news/get_info_news');
$info_news = get_info_news($_GET['id']);
if (!is_logged_in()) {
redir(Nw::$lang['news']['error_cant_alert'], false, './');
}
//Si on a envoyé des erreurs
if (!empty($_POST['contenu'])) {
inc_lib('news/add_alert_news');
add_alert_news(Nw::$dn_mbr['u_id'], $_GET['id'], $_POST['contenu'], $_POST['motif']);
redir(Nw::$lang['news']['confirm_alert'], true, $info_news['c_rewrite'] . '/' . rewrite($info_news['n_titre']) . '-' . $_GET['id'] . '/');
}
$this->set_title($info_news['n_titre'] . ' | ' . $info_news['c_nom']);
$this->set_tpl('news/alert.html');
$this->add_css('forms.css');
$this->add_css('code.css');
$this->add_js('write.js');
$this->add_js('forms.js');
$this->add_form('contenu');
Nw::$tpl->set('ID', $info_news['n_id']);
inc_lib('bbcode/clearer');
Nw::$tpl->set(array('ID' => $_GET['id'], 'BAL_CHAMP' => 'contenu', 'NEWS' => $info_news['n_titre'], 'RESUME' => CoupeChar(clearer($info_news['v_texte'])), 'CAT_REWRITE' => $info_news['c_rewrite'], 'REWRITE' => rewrite($info_news['n_titre'])));
// Fil ariane
$this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), $info_news['c_nom'] => array($info_news['c_rewrite'] . '/'), $info_news['n_titre'] => array($info_news['c_rewrite'] . '/' . rewrite($info_news['n_titre']) . '-' . $_GET['id'] . '/'), Nw::$lang['news']['alert'] => array('')));
}
protected function main()
{
$this->set_title(Nw::$lang['contact']['contact']);
$this->add_css('forms.css');
$this->set_filAriane(array(Nw::$lang['contact']['contact'] => array('')));
$this->set_tpl('contact/contact.html');
$this->load_lang_file('users');
$this->add_form('contenu');
//Si on veut envoyer le mail
if (isset($_POST['submit'])) {
if (empty($_POST['pseudo'])) {
$msg_error = sprintf(Nw::$lang['contact']['error_empty'], Nw::$lang['contact']['_pseudo']);
} elseif (empty($_POST['mail'])) {
$msg_error = sprintf(Nw::$lang['contact']['error_empty'], Nw::$lang['contact']['_mail']);
} elseif (empty($_POST['sujet'])) {
$msg_error = sprintf(Nw::$lang['contact']['error_empty'], Nw::$lang['contact']['_sujet']);
} elseif (empty($_POST['contenu'])) {
$msg_error = sprintf(Nw::$lang['contact']['error_empty'], Nw::$lang['contact']['_contenu']);
} elseif ($_POST['code_cap'] != $_SESSION['cap_nw']) {
$msg_error = Nw::$lang['users']['wrong_antispam'];
}
if (!empty($msg_error)) {
display_form(array('pseudo' => $_POST['pseudo'], 'mail' => $_POST['mail'], 'sujet' => $_POST['sujet'], 'contenu' => $_POST['contenu'], 'captcha' => $_POST['captcha'], 'nom' => $_POST['nom'], 'code_cap' => ''), $msg_error);
} else {
inc_lib('mail/email_contact');
if (email_contact($_POST['mail'], $_POST['pseudo'], $_POST['nom'], '[Contact] ' . $_POST['sujet'], $_POST['contenu'], get_ip())) {
redir(Nw::$lang['contact']['redir_ok'], true, 'contact.html');
}
}
} else {
display_form(array('pseudo' => is_logged_in() ? Nw::$dn_mbr['u_pseudo'] : '', 'mail' => is_logged_in() ? Nw::$dn_mbr['u_email'] : '', 'sujet' => '', 'contenu' => '', 'captcha' => '', 'nom' => '', 'code_cap' => ''));
}
}
protected function main()
{
if (!is_logged_in()) {
redir(Nw::$lang['common']['need_login'], false, 'users-10.html');
}
// Si le paramètre ID manque
if (empty($_GET['id']) || !is_numeric($_GET['id'])) {
header('Location: news-70.html');
}
// Cette news existe vraiment ?
inc_lib('news/news_exists');
if (news_exists($_GET['id']) == false) {
redir(Nw::$lang['news']['news_not_exist'], false, 'news-70.html');
}
inc_lib('news/get_info_news');
$donnees_news = get_info_news($_GET['id']);
// Ce n'est pas l'auteur de la news, il ne peut la proposer
if ($donnees_news['n_id_auteur'] != Nw::$dn_mbr['u_id']) {
redir(Nw::$lang['news']['dont_propose_news'], false, 'news-70.html');
}
// La news a déjà été proposée
if ($donnees_news['n_etat'] == 2) {
redir(Nw::$lang['news']['news_already_attente'], false, 'news-80.html');
}
// Proposition de la news
inc_lib('news/propose_news_votes');
propose_news_votes($_GET['id']);
redir(Nw::$lang['news']['msg_news_attente'], true, 'news-80.html');
}
protected function main()
{
//Si on a posté un article à voir
if (!empty($_GET['article']) && is_numeric($_GET['article'])) {
inc_lib('press/get_info_article');
$dn_article = get_info_article($_GET['article']);
if (empty($dn_article)) {
redir(Nw::$lang['press']['error_dont_exist'], false, 'press.html');
}
$this->set_title($dn_article['p_ressource_name']);
// Fil ariane
$this->set_filAriane(array(Nw::$lang['press']['mod_title'] => array('press.html'), $dn_article['p_ressource_name'] => array('press.html?article=' . $dn_article['p_id']), Nw::$lang['press']['art_details'] => array('')));
Nw::$tpl->set(array('DISPLAY_ARTICLE' => true, 'ID' => $dn_article['p_id'], 'TITRE' => sprintf(Nw::$lang['press']['apparition_in'], $dn_article['p_ressource_name']), 'RESSOURCE' => $dn_article['p_ressource_name'], 'DATE' => $dn_article['date'], 'LIEN' => $dn_article['p_link'], 'CONTENU' => $dn_article['p_description'], 'PAYS' => Nw::$lang['common']['countries'][$dn_article['p_lang']], 'NUMERO' => $dn_article['p_num'], 'ID_ADMIN' => $dn_article['u_id'], 'PSEUDO_ADMIN' => $dn_article['u_pseudo']));
} else {
$this->set_title(Nw::$lang['press']['mod_title']);
// Fil ariane
$this->set_filAriane(array(Nw::$lang['press']['mod_title'] => array('press.html'), Nw::$lang['press']['art_list'] => array('')));
Nw::$tpl->set('DISPLAY_ARTICLE', false);
}
$this->set_tpl('press/list.html');
$this->add_css('code.css');
//Récupération de la liste des articles
inc_lib('press/get_list_articles');
$list_articles = get_list_articles();
foreach ($list_articles as $art) {
Nw::$tpl->setBlock('art', array('ID' => $art['p_id'], 'TITRE' => $art['p_ressource_name'] . ' (' . $art['date'] . ')'));
}
}
protected function main()
{
// Il y a bien tous les paramètres nécessaires à l'éxécution du script
if (!is_logged_in() && !empty($_GET['idm']) && is_numeric($_GET['idm']) && !empty($_GET['ca'])) {
// Fil ariane
$this->set_filAriane(Nw::$lang['users']['title_redef_pass']);
$this->set_title(Nw::$lang['users']['title_redef_pass']);
$this->set_tpl('membres/redefine_mdp.html');
$this->add_css('forms.css');
// Ce code existe bien avec ce code d'activation
inc_lib('users/mbr_act_exists');
if (!mbr_act_exists($_GET['idm'], $_GET['ca'])) {
redir(Nw::$lang['users']['redef_mdp_echoue'], false, './');
}
//Si on redéfinit
if (isset($_POST['submit']) && !multi_empty(trim($_POST['nw_pass1']), trim($_POST['nw_pass2']))) {
if ($_POST['nw_pass1'] == $_POST['nw_pass2']) {
inc_lib('users/chg_password');
chg_password($_POST['nw_pass1'], $_GET['idm'], $_GET['ca']);
redir(Nw::$lang['users']['new_redef_pwd'], true, './');
} else {
redir(Nw::$lang['users']['sames_password'], false, $_SERVER['REQUEST_URI']);
}
}
} else {
header('Location: ./');
}
}
protected function main()
{
$this->set_tpl('mobile/news/une.html');
$this->load_lang_file('news');
// On compte le nbr de news publiées
inc_lib('news/count_news');
$nombre_news = count_news('n_etat = 3');
$ids_all_news = array();
// Pagination
$page = !empty($_GET['page']) ? (int) $_GET['page'] : 1;
$nombreDePages = ceil($nombre_news / Nw::$pref['nb_news_homepage']);
// On vérifie que la page existe bien
if ($nombreDePages > 0 && $page > $nombreDePages) {
redir(Nw::$lang['common']['pg_not_exist'], false, './');
}
// On recherche toutes les news publiées
inc_lib('news/get_list_news');
$list_dn_news = get_list_news('n_etat = 3', 'n_date DESC', $page, Nw::$pref['nb_news_homepage']);
$cours_news = 0;
foreach ($list_dn_news as $donnees_news) {
Nw::$tpl->setBlock('news', array('ID' => $donnees_news['n_id'], 'CAT_ID' => $donnees_news['c_id'], 'CAT_TITRE' => $donnees_news['c_nom'], 'CAT_REWRITE' => rewrite($donnees_news['c_nom']), 'IMAGE_ID' => $donnees_news['i_id'], 'IMAGE_NOM' => $donnees_news['i_nom'], 'TITRE' => $donnees_news['n_titre'], 'RESUME' => $donnees_news['n_resume'], 'REWRITE' => rewrite($donnees_news['n_titre']), 'AUTEUR' => $donnees_news['u_pseudo'], 'AUTEUR_ID' => $donnees_news['u_id'], 'AUTEUR_ALIAS' => $donnees_news['u_alias'], 'AUTEUR_AVATAR' => $donnees_news['u_avatar'], 'DATE' => date_sql($donnees_news['date_news'], $donnees_news['heures_date_news'], $donnees_news['jours_date_news']), 'NBR_VOTES' => $donnees_news['n_nb_votes'], 'NBR_COMS' => sprintf(Nw::$lang['news']['nbr_comments_news'], $donnees_news['n_nbr_coms'], $donnees_news['n_nbr_coms'] > 1 ? Nw::$lang['news']['add_s_comments'] : '')));
++$cours_news;
}
Nw::$tpl->set(array('LIST_PG' => list_pg($nombreDePages, $page, 'mobile-2%s.html'), 'NB_NEWS' => $cours_news, 'INC_HEAD' => empty($_SERVER['HTTP_AJAX'])));
}
protected function main()
{
//Si on a bien envoyé un article à supprimer
if (!empty($_GET['id']) && is_numeric($_GET['id'])) {
inc_lib('press/get_info_article');
$dn_article = get_info_article($_GET['id']);
if (empty($dn_article)) {
redir(Nw::$lang['press']['error_dont_exist'], false, 'press.html');
}
//Si on a soumis le formulaire
if (isset($_POST['submit'])) {
inc_lib('press/delete_article');
delete_article($dn_article['p_id']);
redir(Nw::$lang['press']['redir_article_deleted'], true, 'press.html');
} elseif (isset($_POST['cancel'])) {
header('Location: press.html?article=' . $dn_article['p_id']);
}
$this->set_title($dn_article['p_ressource_name']);
$this->set_tpl('press/delete.html');
$this->add_css('forms.css');
// Fil ariane
$this->set_filAriane(array(Nw::$lang['press']['mod_title'] => array('press.html'), $dn_article['p_ressource_name'] => array('press.html?article=' . $dn_article['p_id']), Nw::$lang['press']['art_delete'] => array('')));
Nw::$tpl->set(array('ID' => $dn_article['p_id'], 'RESSOURCE' => $dn_article['p_ressource_name'], 'TEXT_CONFIRM' => sprintf(Nw::$lang['press']['confirm_delete'], $dn_article['p_id'], $dn_article['p_ressource_name'])));
} else {
redir(Nw::$lang['press']['error_dont_exist'], false, 'press.html');
}
}
protected function main()
{
if (!is_logged_in() && !check_auth('view_histo_all_news')) {
header('Location: ./');
}
$this->set_title(Nw::$lang['news']['historiques_news']);
$this->set_tpl('news/log_admin.html');
$this->add_css('code.css');
$this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), Nw::$lang['news']['historiques_news'] => array('')));
$get_param = '';
$param_tpl = '';
if (!empty($_GET['t'])) {
$get_param = 'l_titre LIKE "%' . insertBD(urldecode($_GET['t'])) . '%" OR l_texte LIKE "%' . insertBD(urldecode($_GET['t'])) . '%"';
$param_tpl = htmlspecialchars($_GET['t']);
}
inc_lib('news/count_news_logs');
$nombre_logs = count_news_logs($get_param);
// Pagination
$page = isset($_GET['page']) ? intval($_GET['page']) : 1;
$nombreDePages = ceil($nombre_logs / Nw::$pref['nb_logs_admin']);
// On vérifie que la page existe bien
if ($nombreDePages > 0 && $page > $nombreDePages) {
redir(Nw::$lang['common']['pg_not_exist'], false, 'news-21.html?t=' . $param_tpl);
}
/**
* Affichage du logo
**/
inc_lib('news/get_news_logs');
$donnees_logs = get_news_logs($get_param, 'l_date DESC', $page, Nw::$pref['nb_logs_admin']);
foreach ($donnees_logs as $donnees) {
Nw::$tpl->setBlock('log', array('ACTION' => $donnees['l_action'], 'ACTION_LOG' => isset(Nw::$lang['news']['log_news_' . $donnees['l_action']]) ? Nw::$lang['news']['log_news_' . $donnees['l_action']] : '', 'TEXTE' => nl2br($donnees['l_texte']), 'DATE' => date_sql($donnees['date'], $donnees['heures_date'], $donnees['jours_date']), 'AUTEUR' => $donnees['u_pseudo'], 'AUTEUR_ID' => $donnees['u_id'], 'AUTEUR_AVATAR' => $donnees['u_avatar'], 'AUTEUR_ALIAS' => $donnees['u_alias'], 'NEWS_ID' => $donnees['l_id_news'], 'NEWS_TITRE' => $donnees['n_titre'], 'TITRE_ACTU' => $donnees['l_titre'], 'IP' => long2ip($donnees['l_ip'])));
}
Nw::$tpl->set(array('TITRE' => urldecode($param_tpl), 'LIST_PG' => list_pg($nombreDePages, $page, 'news-21%s.html?t=' . $param_tpl)));
}
protected function main()
{
if (!is_logged_in()) {
redir(Nw::$lang['common']['need_login'], false, 'users-10.html');
}
$this->set_title(Nw::$lang['users']['item_mdp']);
$this->set_tpl('membres/options_pass.html');
$this->add_css('forms.css');
$this->set_filAriane(array(Nw::$lang['users']['mes_options_title'] => array('users-60.html'), Nw::$lang['users']['item_mdp'] => array('')));
if (isset($_POST['submit']) && !multi_empty(trim($_POST['old']), trim($_POST['nw_pass1']), trim($_POST['nw_pass2']))) {
$bf_token = 'jJ_=éZAç1l';
$ft_token = 'ù%*àè1ç0°dezf';
$pass_membre = insertBD(sha1($bf_token . trim($_POST['old']) . $ft_token));
if ($_POST['nw_pass1'] == $_POST['nw_pass2']) {
if (Nw::$dn_mbr['u_password'] == $pass_membre) {
inc_lib('users/chg_password');
chg_password($_POST['nw_pass1'], Nw::$dn_mbr['u_id']);
if (!empty($_COOKIE['nw_pass'])) {
$time_expire = time() + 10 * 365 * 24 * 3600;
setcookie('nw_ident', Nw::$dn_mbr['u_id'], $time_expire);
setcookie('nw_pass', $pass_membre, $time_expire);
}
redir(Nw::$lang['users']['mdp_change'], true, 'users-60.html');
} else {
redir(Nw::$lang['users']['not_root_password'], false, 'users-63.html');
}
} else {
redir(Nw::$lang['users']['sames_password'], false, 'users-63.html');
}
}
}
protected function main()
{
// Si le paramètre ID manque
if (empty($_GET['id']) || !is_numeric($_GET['id'])) {
header('Location: news-70.html');
}
inc_lib('news/news_exists');
if (news_exists($_GET['id']) == false) {
redir(Nw::$lang['news']['news_not_exist'], false, 'news-70.html');
}
inc_lib('news/get_info_news');
$donnees_news = get_info_news($_GET['id']);
// Ce membre a le droit d'éditer la news ?
if ($donnees_news['n_etat'] != 3 && !is_logged_in()) {
redir(Nw::$lang['news']['not_view_news_perm'], false, './');
}
$this->set_tpl('mobile/news/view_news.html');
$this->load_lang_file('news');
inc_lib('news/has_voted_news');
Nw::$tpl->set(array('ID' => $_GET['id'], 'ETAT' => $donnees_news['n_etat'], 'CAT_ID' => $donnees_news['c_id'], 'CAT_TITRE' => $donnees_news['c_nom'], 'AUTEUR' => $donnees_news['u_pseudo'], 'AUTEUR_ALIAS' => $donnees_news['u_alias'], 'AUTEUR_AVATAR' => $donnees_news['u_avatar'], 'DATE' => date_sql($donnees_news['date_news'], $donnees_news['heures_date_news'], $donnees_news['jours_date_news']), 'NBR_COMS' => sprintf(Nw::$lang['news']['nbr_comments_news'], $donnees_news['n_nbr_coms'], $donnees_news['n_nbr_coms'] > 1 ? Nw::$lang['news']['add_s_comments'] : ''), 'COMS' => $donnees_news['n_nbr_coms'], 'NB_VOT_VALID' => Nw::$pref['nb_votes_valid_news'], 'VOTES' => $donnees_news['n_nb_votes'], 'VOTES_NEG' => $donnees_news['n_nb_votes_neg'], 'IMAGE_ID' => $donnees_news['i_id'], 'IMAGE_NOM' => $donnees_news['i_nom'], 'SOURCE' => !empty($donnees_news['n_src_url']) ? $donnees_news['n_src_url'] : '', 'SOURCE_NOM' => !empty($donnees_news['n_src_nom']) ? $donnees_news['n_src_nom'] : '', 'TITRE' => $donnees_news['n_titre'], 'REWRITE' => rewrite($donnees_news['n_titre']), 'CONTENU' => $donnees_news['v_texte'], 'HAS_VOTED' => is_logged_in() ? $donnees_news['v_id_membre'] : 0));
// Màj du nombre de visualisations
inc_lib('news/update_pg_vues');
update_pg_vues($_GET['id']);
Nw::$tpl->set('INC_HEAD', empty($_SERVER['HTTP_AJAX']));
}
protected function main()
{
// Si le paramètre ID manque
if (empty($_GET['id'])) {
header('Location: ./');
}
inc_lib('users/mbr_exists');
if (mbr_exists($_GET['id']) == false) {
redir(Nw::$lang['users']['mbr_dont_exist'], false, 'users.html');
}
inc_lib('users/get_info_mbr');
$donnees_profile = get_info_mbr($_GET['id']);
$this->load_lang_file('users');
$this->load_lang_file('news');
$this->add_wid_in_content('view_profile.' . $donnees_profile['u_id']);
$this->set_tpl('profile/list_comments.html');
$this->set_title(sprintf(Nw::$lang['profile']['profile_title'], $donnees_profile['u_pseudo']));
$this->add_css('code.css');
$this->add_js('profil.js');
$this->set_filAriane(array(Nw::$lang['users']['members_section'] => array('users.html'), $donnees_profile['u_pseudo'] => array('./profile/' . $donnees_profile['u_alias'] . '/'), Nw::$lang['profile']['title_cmts_author'] => array('')));
$params_contrib = array();
$params_contrib[] = 'c_id_membre = ' . intval($_GET['id']);
if (!is_logged_in()) {
$params_contrib[] = 'n_etat = 3';
}
inc_lib('profile/count_comments_mbr');
$nombre_cmts = count_comments_mbr(implode(' AND ', $params_contrib));
// Pagination
$page = isset($_GET['page']) ? intval($_GET['page']) : 1;
$nombreDePages = ceil($nombre_cmts / Nw::$pref['ppl_nb_comments']);
// On vérifie bien que la page existe
if ($nombreDePages > 0 && $page > $nombreDePages) {
redir(Nw::$lang['common']['pg_not_exist'], false, './');
}
inc_lib('profile/get_comments_mbr');
$com_cours = 0;
$list_cmts = get_comments_mbr(implode(' AND ', $params_contrib), 'c_date DESC', $page, Nw::$pref['ppl_nb_comments']);
foreach ($list_cmts as $donnees_cmts) {
++$com_cours;
$droit_edit = false;
$droit_delete = false;
if (is_logged_in()) {
$droit_edit = (bool) (Nw::$droits['can_edit_my_comments'] && $donnees_cmts['u_id'] == Nw::$dn_mbr['u_id']) || Nw::$droits['can_edit_all_comments'];
$droit_delete = (bool) (Nw::$droits['can_del_my_comments'] && $donnees_cmts['u_id'] == Nw::$dn_mbr['u_id']) || Nw::$droits['can_del_all_comments'];
}
$date_cmt = date_sql($donnees_cmts['date'], $donnees_cmts['heures_date'], $donnees_cmts['jours_date']);
$masque_motif = '';
if ($donnees_cmts['c_masque']) {
$date_cmt = sprintf(Nw::$lang['news']['del_cmt_with_reason'], strtolower(date_sql($donnees_cmts['date'], $donnees_cmts['heures_date'], $donnees_cmts['jours_date'])));
if (!empty($donnees_cmts['c_masque_raison'])) {
$masque_motif = ' (' . sprintf(Nw::$lang['news']['motif_delete_cmt'], $donnees_cmts['c_masque_raison']) . ')';
}
}
Nw::$tpl->setBlock('cmt', array('ID' => $donnees_cmts['c_id'], 'ID_NEWS' => $donnees_cmts['c_id_news'], 'REWRITE' => rewrite($donnees_cmts['n_titre']), 'CAT_REWRITE' => $donnees_cmts['c_rewrite'], 'NUM' => ($page - 1) * Nw::$pref['nb_cmts_page'] + $com_cours, 'DATE' => $date_cmt, 'AVATAR' => $donnees_cmts['u_avatar'], 'LANG_AVATAR' => sprintf(Nw::$lang['news']['lang_avatar'], $donnees_cmts['u_pseudo']), 'AUTEUR' => $donnees_cmts['u_pseudo'], 'AUTEUR_ID' => $donnees_cmts['u_id'], 'AUTEUR_ALIAS' => $donnees_cmts['u_alias'], 'TEXTE' => $donnees_cmts['c_texte'], 'PLUSSOIE' => $donnees_cmts['c_plussoie'], 'GRP_TITRE' => $donnees_cmts['g_titre'], 'GRP_ICON' => $donnees_cmts['g_icone'], 'IP' => long2ip($donnees_cmts['c_ip']), 'MASQUE' => $donnees_cmts['c_masque'], 'MASQUE_MOTIF' => $masque_motif, 'EDIT' => $droit_edit, 'DELETE' => $droit_delete));
}
Nw::$tpl->set(array('NOMBRE_CMTS' => $nombre_cmts, 'LIST_PG' => list_pg($nombreDePages, $page, 'profile-135-' . $_GET['id'] . '%s.html')));
inc_lib('profile/assign_required_vars_profile');
assign_required_vars_profile($donnees_profile);
}
public function requireLogin()
{
global $whmcs;
if ($this->isLoggedIn()) {
if (WHMCS_Session::get("2fabackupcodenew")) {
$this->setTemplate("logintwofa");
$twofa = new WHMCS_2FA();
if ($twofa->setClientID($this->getUserID())) {
$backupcode = $twofa->generateNewBackupCode();
$this->assign("newbackupcode", $backupcode);
WHMCS_Session::delete("2fabackupcodenew");
} else {
$this->assign("newbackupcodeerror", true);
}
$this->output();
exit;
}
return true;
}
$_SESSION['loginurlredirect'] = html_entity_decode($_SERVER['REQUEST_URI']);
if (WHMCS_Session::get("2faverifyc")) {
$this->setTemplate("logintwofa");
if (WHMCS_Session::get("2fabackupcodenew")) {
$this->assign("newbackupcode", true);
} else {
if ($whmcs->get_req_var("incorrect")) {
$this->assign("incorrect", true);
}
}
$twofa = new WHMCS_2FA();
if ($twofa->setClientID(WHMCS_Session::get("2faclientid"))) {
if (!$twofa->isActiveClients() || !$twofa->isEnabled()) {
WHMCS_Session::destroy();
redir();
}
if ($whmcs->get_req_var("backupcode")) {
$this->assign("backupcode", true);
} else {
$challenge = $twofa->moduleCall("challenge");
if ($challenge) {
$this->assign("challenge", $challenge);
} else {
$this->assign("error", "Bad 2 Factor Auth Module. Please contact support.");
}
}
} else {
$this->assign("error", "An error occurred. Please try again.");
}
} else {
$this->setTemplate("login");
$this->assign("loginpage", true);
$this->assign("formaction", "dologin.php");
if ($whmcs->get_req_var("incorrect")) {
$this->assign("incorrect", true);
}
}
$this->output();
exit;
}
function user_redir()
{
global $session;
if ($session->level != 'anonymous') {
// it's already logged in, it's not logging out... so what the hell
redir();
}
}
function requireLogin($type = 'login')
{
global $email;
global $url;
if ($email == 'guest') {
die(redir('/index.php?error=' . $type . '&ref=' . urlencode($_SERVER['REQUEST_URI'])));
}
}
function page_admin_menu_page_attach($id)
{
$page_title = menu_page_title($id);
db_query("INSERT INTO pages (short) VALUES ('%s')", $page_title);
$page_id = db_last_id();
db_query("UPDATE menu SET page_id=%d WHERE id=%d", $page_id, $id);
redir("admin/edit/pages/content/{$page_id}&back=" . form_post("back"));
}
function index()
{
if (is_logged()) {
redir("dashboard");
} else {
redir("account/login");
}
}
