function input_value($obj, $property, $fallback = null)
{
if (isset($obj->{$property}) && !str_empty($obj->{$property})) {
return old($property, $obj->{$property});
}
return str_or_fallback($fallback, old($property));
}
function add_attribute($attribute, $val, $space = '', $allow_empty = false, $html_encode = false)
{
if (!$allow_empty && str_empty($val)) {
return '';
}
if ($html_encode) {
$val = html($val);
}
$attribute = $attribute . '="' . $val . '"';
if ($space) {
$attribute = $space . $attribute;
}
return $attribute;
}
}
$send_verification = isset($_POST["verification_email"]) ? 1 : 0;
if (str_empty($new_login)) {
$user_err = $BL['be_admin_usr_err2'] . "\n";
} else {
$sql = "SELECT COUNT(*) AS anzahl FROM " . DB_PREPEND . "phpwcms_user WHERE usr_login='******'";
if ($result = mysql_query($sql, $db)) {
if ($check_anzahl = mysql_fetch_array($result)) {
if ($check_anzahl["anzahl"]) {
$user_err .= $BL['be_admin_usr_err1'] . "\n";
}
}
mysql_free_result($result);
}
}
if (str_empty($new_password)) {
$user_err .= $BL['be_admin_usr_err3'] . "\n";
}
if (!is_valid_email($new_email) && $send_verification) {
$user_err .= $BL['be_admin_usr_err4'] . "\n";
}
if (empty($user_err)) {
//Insert new User
$sql = "INSERT INTO " . DB_PREPEND . "phpwcms_user (usr_login, usr_pass, usr_email, " . "usr_admin, usr_aktiv, usr_name, usr_wysiwyg, usr_fe ) VALUES ('" . aporeplace($new_login) . "', '" . aporeplace(md5(makeCharsetConversion($new_password, PHPWCMS_CHARSET, 'utf-8'))) . "', '" . aporeplace($new_email) . "', '" . $set_user_admin . "', '" . $set_user_aktiv . "', '" . aporeplace($new_name) . "', 1, '" . $set_user_fe . "')";
if (mysql_query($sql, $db) or die('error while creating new user')) {
$new_user_id = mysql_insert_id($db);
$user_ok = 1;
if ($send_verification) {
$emailbody = str_replace('{LOGIN}', $new_login, $BL['be_admin_usr_mailbody']);
$emailbody = str_replace('{PASSWORD}', $new_password, $emailbody);
$emailbody = str_replace('{SITE}', PHPWCMS_URL, $emailbody);
if (isset($_POST["redirect_error_template"])) {
$redirect_error_template = trim($_POST["redirect_error_template"]);
unset($_POST["redirect_error_template"]);
}
if (isset($_POST["submit"])) {
unset($_POST["submit"]);
}
if (isset($_POST["type"])) {
unset($_POST["type"]);
}
//checking values and setting labels
if (count($_POST)) {
$err_num = 0;
foreach ($_POST as $key => $value) {
//Check for required fields
if (!empty($required_val[$key]) && str_empty($value) && $key !== 'Captcha_Validation') {
if (isset($form_label[$key])) {
$form_error[500 + $err_num] = str_replace("###value###", $form_label[$key], $translate[$lang]["error400"]);
} else {
$form_error[500 + $err_num] = str_replace("###value###", strtoupper($key), $translate[$lang]["error400"]);
}
$err_num += 10;
}
if (is_array($value)) {
//if field value is an array then split form name
$x = 1;
foreach ($value as $field_value) {
$form[$key . "[" . $x . "]"] = trim($field_value);
$x++;
}
} else {
function generate_keymaps_content($macro_name, $matrix_rows, $matrix_cols, $matrices, $blank_entries = array())
{
// prepare symbols
foreach ($matrices as &$matrix) {
foreach ($blank_entries as $blank) {
list($row, $col) = explode(",", $blank);
$matrix[$row][$col] = "";
}
}
unset($matrix);
// generate array content
$content = "";
foreach ($matrices as $layer => $matrix) {
$content .= " [{$layer}] = {$macro_name}(\n ";
$content .= join_with_func_glur(function ($current, $next, $width) {
if (is_null($next)) {
return "";
} else {
$glur = preg_match('/,\\s*$/', $current) ? " " : ",";
return $glur . str_patch($current, $width) . " \\\n ";
}
}, array_map(function ($array) {
return join_with_func_glur(function ($current, $next) {
if (is_null($next)) {
return "";
} else {
$glue = str_empty($current) ? " " : ",";
return $glue . str_patch($current, 4);
}
}, array_map(function ($val) {
return substr($val, 3);
}, $array), function ($array, $index) {
return find_next_non_empty($array, $index);
});
}, $matrix), function ($array, $index) {
return find_next_non_empty($array, $index);
}, $matrix_cols * 5 - 1);
$content .= "),\n";
}
return $content;
}
}
if (isset($_POST['msg_send_aktion']) && intval($_POST['msg_send_aktion'])) {
$msg_subject = strip_tags(slweg(trim($_POST["msg_send_subject"])));
$msg_message = strip_tags(slweg($_POST["msg_send_msg"]));
$msg_to = slweg(trim($_POST["msg_send_receiver"]));
$msg_pid = intval($_POST['msg_send_pid']);
if (str_empty($msg_to)) {
$msg_err .= "- " . $BL['be_msg_err1'] . "\n";
}
if (str_empty($msg_subject)) {
$msg_err .= "- " . $BL['be_msg_err2'] . "\n";
}
if (str_empty($msg_message)) {
$msg_err .= "- " . $BL['be_msg_err3'] . "\n";
}
if (str_empty($msg_err)) {
//send message routine
$msg_receivers = explode(":", $msg_to);
foreach ($msg_receivers as $value) {
$sql = "INSERT INTO " . DB_PREPEND . "phpwcms_message (" . "msg_pid, msg_uid, msg_subject, msg_text, msg_to, msg_from) VALUES (" . $msg_pid . "," . intval($value) . ",'" . aporeplace($msg_subject) . "','" . aporeplace($msg_message) . "','" . aporeplace($msg_to) . "'," . $_SESSION["wcs_user_id"] . ");";
mysql_query($sql, $db) or die("Error while sending message");
}
$msg_send_ok = 1;
}
}
if ($msg_send_ok) {
echo "<span class=\"title\">" . $BL['be_msg_sent'] . "</span><br /><img src='img/leer.gif' width=1 height=6><br />";
echo $BL['be_msg_fwd'] . " <br /><a href='phpwcms.php?do=messages&p=1'>" . $BL['be_msg_create'] . "</a>.";
$forward_to_message_center = 1;
} else {
//Mitteilungszusammenstellung
if (isset($_POST["dir_aktion"]) && intval($_POST["dir_aktion"]) == 1) {
$dir_pid = intval($_POST["dir_pid"]);
$dir_aktiv = empty($_POST["dir_aktiv"]) ? 0 : 1;
$dir_public = empty($_POST["dir_public"]) ? 0 : 1;
$dir_newname = clean_slweg($_POST["dir_newname"]);
$dir_longinfo = clean_slweg($_POST["dir_longinfo"]);
$dir_gallery = empty($_POST["dir_gallery"]) ? 0 : intval($_POST["dir_gallery"]);
$dir_sort = intval($_POST["dir_sort"]);
switch ($dir_gallery) {
case 2:
case 3:
break;
default:
$dir_gallery = 0;
}
if (str_empty($dir_newname)) {
$dir_error = 1;
}
//Eintragen des neuen verzeichnisnamens
if (!isset($dir_error)) {
$sql = "INSERT INTO " . DB_PREPEND . "phpwcms_file (f_pid, f_uid, f_name, f_aktiv, f_public, " . "f_created, f_kid, f_longinfo, f_gallerystatus, f_sort) VALUES (" . $dir_pid . ", " . $_SESSION["wcs_user_id"] . ", '" . aporeplace($dir_newname) . "', " . $dir_aktiv . ", " . $dir_public . ", '" . time() . "', 0, '" . aporeplace($dir_longinfo) . "', " . $dir_gallery . ", " . $dir_sort . ")";
if ($result = mysql_query($sql, $db) or die("error while writing new dir info")) {
headerRedirect(PHPWCMS_URL . 'phpwcms.php?' . get_token_get_string('csrftoken') . '&do=files&f=0');
}
}
}
//Ende Auswerten Formular
//Wenn ID angegeben, dann -> oder aber Root Verzeichnis
if ($dir_pid) {
$sql = "SELECT f.f_id, f.f_name, f.f_uid, u.usr_login FROM " . DB_PREPEND . "phpwcms_file f ";
$sql .= "LEFT JOIN " . DB_PREPEND . "phpwcms_user u ON u.usr_id=f.f_uid ";
die("You Cannot Access This Script Directly, Have a Nice Day.");
}
// ----------------------------------------------------------------
// Content Type Form Email
$content["mailform"] = explode("\n", slweg($_POST["cmailform"]));
$content["mailform"] = array_diff($content["mailform"], array(''));
$content["mailsubject"] = clean_slweg($_POST["cmailsubject"]);
if (str_empty($content["mailsubject"])) {
$content["mailsubject"] = "Online webform email message";
}
$content["mailrecipient"] = clean_slweg($_POST["cmailrecipient"]);
if (!is_valid_email($content["mailrecipient"])) {
$content["error"]["mailrecipient"] = "Proof recipient - email format error";
}
$content["mailbutton"] = clean_slweg($_POST["cmailbutton"]);
if (str_empty($content["mailbutton"])) {
$content["mailbutton"] = "Send";
}
$content["mailhtml"] = isset($_POST["cmailhtml"]) ? intval($_POST["cmailhtml"]) : 0;
if (is_array($content["mailform"]) && count($content["mailform"])) {
foreach ($content["mailform"] as $key => $value) {
$content["mailform"][$key] = explode("|", chop($value));
// Field-Code
$content["mailform"][$key][0] = strtoupper(trim($content["mailform"][$key][0]));
if (in_array($content["mailform"][$key][0], array("IT", "IP", "IH", "TA", "SM", "SL", "IC", "IR", "SC", "IN", "CA"))) {
$content["mailform"][$key][1] = isset($content["mailform"][$key][1]) ? trim($content["mailform"][$key][1]) : '';
$content["mailform"][$key][1] = $content["mailform"][$key][1] ? $content["mailform"][$key][1] : "field_" . generic_string(3);
$content["mailform"][$key][2] = isset($content["mailform"][$key][2]) ? intval($content["mailform"][$key][2]) : 0;
$content["mailform"][$key][3] = isset($content["mailform"][$key][3]) ? trim($content["mailform"][$key][3]) : '';
if (isset($content["mailform"][$key][4])) {
$field_length = explode(",", $content["mailform"][$key][4]);
$fkey["sort"] = $row["fkey_sort"];
}
mysql_free_result($result);
}
$sendbutton = $BL['be_admin_fcat_button1'];
} else {
$sendbutton = $BL['be_admin_fcat_button2'];
}
if (!empty($_POST["fkey_aktion"])) {
//Formular zum Bearbeiten der Dateischlüssel-Namen
$fkey["name"] = clean_slweg($_POST["fkey_name"], 250);
$fkey["id"] = intval($_POST["fkey_id"]);
$fkey["active"] = intval($_POST["fkey_active"]);
$fkey["cid"] = intval($_POST["fkey_cid"]);
$fkey["sort"] = empty($_POST["fkey_sort"]) ? 0 : intval($_POST["fkey_sort"]);
if (str_empty($fkey["name"])) {
$fkey["error"] = 1;
} else {
if (!$fkey["id"]) {
$sql = "INSERT INTO " . DB_PREPEND . "phpwcms_filekey (fkey_name, fkey_aktiv, fkey_cid, fkey_sort) VALUES ('";
$sql .= aporeplace($fkey["name"]) . "', " . $fkey["active"] . ", " . $fkey["cid"] . ", " . $fkey["sort"] . ")";
} else {
$sql = "UPDATE " . DB_PREPEND . "phpwcms_filekey SET fkey_name='" . aporeplace($fkey["name"]);
$sql .= "', fkey_aktiv=" . $fkey["active"] . ", fkey_cid=" . $fkey["cid"] . ", fkey_sort=" . $fkey["sort"] . " WHERE fkey_id=" . $fkey["id"];
}
if ($result = mysql_query($sql, $db) or die("error while inserting/updating file key")) {
if (!$fkey["id"]) {
$fkey["id"] = mysql_insert_id($db);
}
headerRedirect(PHPWCMS_URL . 'phpwcms.php?' . get_token_get_string('csrftoken') . '&do=admin&p=7');
}
