$tpl->set_var(array("edit_locked" => "", "error" => "", "preview" => "", "form" => "", "accept" => ""));
print generate_page('Edit Message Denied', $tpl->parse("CONTENT", "disabled"));
exit;
}
$tpl->set_var("disabled", "");
$thread = get_thread($msg['tid']);
if (isset($thread['flag']['Locked']) && !$user->capable($forum['fid'], 'Lock')) {
$tpl->set_var(array("error" => "", "preview" => "", "form" => "", "accept" => ""));
print generate_page('Edit Message Denied', $tpl->parse("CONTENT", "edit_locked"));
exit;
}
$tpl->set_var("edit_locked", "");
/* Sanitize the strings */
$nmsg['name'] = stripcrap($user->name);
if ($expose_email) {
$nmsg['email'] = stripcrap($user->email);
} else {
$nmsg['email'] = "";
}
/* update offtopic status */
if ($msg['state'] == 'Active' && $offtopic) {
$nmsg['state'] = "OffTopic";
} else {
if ($user->capable($forum['fid'], 'OffTopic') && $msg['state'] == 'OffTopic' && !$offtopic) {
/* user can't unset offtopic unless he has offtopic capabilities */
$nmsg['state'] = "Active";
} else {
$nmsg['state'] = $msg['state'];
}
}
if (empty($nmsg['subject']) && strlen($nmsg['subject']) == 0) {
function process_request($tpl, $arg)
{
global $user;
if (!count($arg)) {
return;
}
dump($arg);
$args = '';
if (isset($arg['gid']) && is_numeric($arg['gid'])) {
$gid = $arg['gid'];
if ($gid < 0 || $gid > 31) {
err_not_found("GID out of range");
}
}
if (isset($gid)) {
$sqls = array();
$sargs = array();
$name = $user->name;
if (isset($arg['submit']) && $arg['submit'] == "Update Slot {$gid}") {
global $subject_tags;
$subject = stripcrap($arg['subject'], $subject_tags);
$url = stripcrapurl($arg['url']);
$sqls[] = "update f_global_messages set " . "subject = ?, url = ?, " . "name = ?, date = NOW() " . "where gid = ?";
$sargs[] = array($subject, $url, $name, $gid);
/* resend edit so we get the form back */
$args = "?gid={$gid}&edit";
}
if (isset($arg['add'])) {
$sqls[] = "insert into f_global_messages " . "(gid, name, date) values " . "(?, ?, NOW())";
$sargs[] = array($gid, $name);
}
if (isset($arg['take'])) {
$sqls[] = "update f_global_messages set " . "name = ?, date = NOW() " . "where gid = ?";
$sargs[] = array($name, $gid);
}
if (isset($arg['touch'])) {
$sqls[] = "update f_global_messages set " . "date = NOW() " . "where gid = ?";
$sargs[] = array($gid);
}
if (isset($arg['unhide'])) {
$sqls[] = "update u_users set " . "gmsgfilter = gmsgfilter & ~(1<<{$gid}) where gmsgfilter & (1<<{$gid})";
$sargs[] = array();
}
if (count($sqls)) {
/* don't allow any sql updates unless we have a valid token */
if (!$user->is_valid_token($arg['token'])) {
err_not_found("invalid token");
}
for ($i = 0; $i < count($sqls); $i++) {
$sql = $sqls[$i];
$sarg = $sargs[$i];
debug($sql . "\narray(" . implode(",", $sarg) . ")\n");
db_exec($sql, $sarg);
}
}
if (isset($arg['edit'])) {
/* on edit and add, we will send Location: but with "edit" again,
stripping add and the token */
if (isset($arg['add'])) {
$args = "?gid={$gid}&edit";
} else {
generate_edit_form($tpl, $gid);
}
}
if (count($sqls)) {
header("Location: /admin/gmessage.phtml{$args}");
}
}
}
* Training Typ editieren
*
**/
if ($action == "edit") {
$smarty->assign("action", $action);
if ($_POST['send']) {
$result = $db->query("UPDATE rhs_portal SET url='{$_POST['url']}', email='{$_POST['email']}', text='{$_POST['message']}', bilddb_id='{$_POST['bilddb_id']}', titel='{$_POST['titel']}', changedate=" . time() . " WHERE mandant=" . $adminsession->session_mandant_data['mandant_id'] . " AND id={$_GET['id']}");
if ($result) {
$smarty->assign("fehler", 1);
$smarty->assign("page_redirect", "index_portal.php?sid=" . $adminsession->session_data['hash']);
} else {
$smarty->assign("fehler", 2);
}
}
$rowlink = $db->query_first("SELECT * FROM rhs_portal WHERE mandant=" . $adminsession->session_mandant_data['mandant_id'] . " AND id={$_GET['id']}");
$rowlink['text'] = htmlconverter(stripcrap(trim($rowlink['text'])));
$rowlink['bilddb_id2'] = makeoption(false, "Keine Bilder", true);
$result = $db->query("SELECT g_title as title, g_id as aid FROM g2_Item WHERE g_canContainChildren = 1 ORDER BY g_title DESC");
while ($row = $db->fetch_array($result)) {
$rowlink['bilddb_id2'] .= makeoption($row['aid'], $row['title'], $rowlink['bilddb_id']);
}
$smarty->assign($rowlink);
$smarty->display("a_index_portal_edit.tpl.php");
exit;
}
/**
*
* Links erzeugen
*
**/
if ($action == "new") {
exit;
}
/**
*
* Links erzeugen
*
**/
if ($action == "new") {
$smarty->assign("action", $action);
if ($_POST['send']) {
$result = $db->query("INSERT INTO rhs_mandant SET mandant_name='{$_POST['mandant_name']}', mandant_email='{$_POST['mandant_email']}',\n\t\tmandant_nachname='{$_POST['mandant_nachname']}', mandant_vorname='{$_POST['mandant_vorname']}', mandant_show_index_start='{$_POST['mandant_show_index_start']}',\n\t\tmandant_show_kontakt='{$_POST['mandant_show_kontakt']}', mandant_show_index_portal='{$_POST['mandant_show_index_portal']}',\n\t\tmandant_show_index_projects='{$_POST['mandant_show_index_projects']}', mandant_show_index_sponsors='{$_POST['mandant_show_index_sponsors']}',\n\t\tmandant_show_konto='{$_POST['mandant_show_konto']}', mandant_konto_nr='{$_POST['mandant_konto_nr']}',\n\t\tmandant_konto_blz='{$_POST['mandant_konto_blz']}', mandant_konto_bank='{$_POST['mandant_konto_bank']}',\n\t\tmandant_staffeltext='{$_POST['message']}'\n\t\t create_userid=" . $adminsession->session_user_data['customer_id'] . ", create_date=" . time());
@mkdir("../bilder/kontakt/" . $db->insert_id());
if ($result) {
$rowlink = $db->query_first("SELECT\n\t\t\t\tmandant_id as mandant_id2, mandant_name as mandant_name2, mandant_email as mandant_email2, mandant_nachname as mandant_nachname2,\n\t\t\t\tmandant_vorname as mandant_vorname2 , mandant_show_kontakt as mandant_show_kontakt2, mandant_show_index_start as mandant_show_index_start2,\n\t\t\t\tmandant_show_index_portal as mandant_show_index_portal2, mandant_show_index_projects as mandant_show_index_projects2,\n\t\t\t\tmandant_show_index_sponsors as mandant_show_index_sponsors2, mandant_show_konto as mandant_show_konto2, mandant_konto_nr as mandant_konto_nr2,\n\t\t\t\tmandant_konto_blz as mandant_konto_blz2, mandant_konto_bank as mandant_konto_bank2, mandant_staffeltext as mandant_staffeltext2\n\t\t\t\tFROM rhs_mandant WHERE mandant_id=" . $db->insert_id());
$smarty->assign("fehler", 1);
$smarty->assign("page_redirect", "mandant.php?sid=" . $adminsession->session_data['hash']);
} else {
$smarty->assign("fehler", 2);
}
}
$rowlink['mandant_show_index_start2'] = create_options_yes_no($rowlink['mandant_show_index_start2']);
$rowlink['mandant_show_kontakt2'] = create_options_yes_no($rowlink['mandant_show_kontakt2']);
$rowlink['mandant_show_index_portal2'] = create_options_yes_no($rowlink['mandant_show_index_portal2']);
$rowlink['mandant_show_index_projects2'] = create_options_yes_no($rowlink['mandant_show_index_projects2']);
$rowlink['mandant_show_index_sponsors2'] = create_options_yes_no($rowlink['mandant_show_index_sponsors2']);
$rowlink['mandant_show_konto2'] = create_options_yes_no($rowlink['mandant_show_konto2']);
$rowlink['mandant_staffeltext2'] = htmlconverter(stripcrap(trim($rowlink['mandant_staffeltext2'])));
$smarty->assign($rowlink);
$smarty->display("a_mandant_edit.tpl.php");
exit;
}
exit;
}
/**
*
* Links erzeugen
*
**/
if ($action == "new") {
$smarty->assign("action", $action);
$rowlink['dateto'] = time();
$rowlink['datefrom'] = time();
if ($_POST['send']) {
$result = $db->query("INSERT INTO rhs_tberichte SET titel='{$_POST['titel']}', datefrom='" . makemytime($_POST['datum']) . "', dateto='" . makemytime($_POST['datumbis']) . "', ort='{$_POST['ort']}', beschreibung='{$_POST['message']}', mandant=" . $adminsession->session_mandant_data['mandant_id'] . ", create_userid=" . $adminsession->session_user_data['customer_id'] . ", create_date=" . time());
if ($result) {
$rowlink = $db->query_first("SELECT * FROM rhs_tberichte WHERE mandant=" . $adminsession->session_mandant_data['mandant_id'] . " AND id=" . $db->insert_id());
$rowlink['beschreibung'] = htmlconverter(stripcrap(trim($rowlink['beschreibung'])));
$smarty->assign($rowlink);
$smarty->assign("fehler", 1);
$smarty->assign("page_redirect", "termin.php?sid=" . $adminsession->session_data['hash']);
} else {
$smarty->assign("fehler", 2);
}
}
$smarty->assign($rowlink);
$smarty->display("a_termin_edit.tpl.php");
exit;
}
/**
*
* Entfernen einer Link Kategorie
*
