예제 #1
0
function awec_post_process_events(&$events, &$out)
{
    global $ec_today, $ec_tomorrow, $locale, $awec_settings;
    $count = 0;
    $current = 'others';
    $path_event = INFUSIONS . 'aw_ecal_panel/view_event.php?id=';
    $path_birthday = INFUSIONS . 'aw_ecal_panel/birthday.php?id=';
    $show_details = $awec_settings['show_today_in_panel'] ? true : false;
    foreach ($events as $year => $y_data) {
        ksort($y_data, SORT_NUMERIC);
        foreach ($y_data as $month => $m_data) {
            ksort($m_data, SORT_NUMERIC);
            $today_month = $ec_today['mon'] == $month && $ec_today['year'] == $year;
            $tomorrow_month = $ec_tomorrow['mon'] == $month && $ec_tomorrow['year'] == $year;
            foreach ($m_data as $mday => $d_data) {
                if ($today_month && $ec_today['mday'] == $mday) {
                    $current = 'today';
                } else {
                    if ($tomorrow_month && $ec_tomorrow['mday'] == $mday) {
                        $current = 'tomorrow';
                    } else {
                        $current = 'others';
                    }
                }
                foreach ($d_data as $ev) {
                    $item = '';
                    if ($current != 'others') {
                        if ($ev['start_time']) {
                            $item .= $ev['start_time'];
                            if ($ev['end_time']) {
                                $item .= '-' . $ev['end_time'];
                            }
                            $item .= ' ';
                        }
                    } else {
                        $item .= ec_format_fucking_date($year, $month, $mday) . ' ';
                    }
                    if ($ev['is_birthday']) {
                        $path = $path_birthday . $ev['user_id'];
                    } else {
                        $path = $path_event . $ev['ev_id'];
                    }
                    $item .= '<a href="' . $path . '">' . $ev['ev_title'] . '</a>';
                    if ($show_details && $current == 'today') {
                        $body = parseubb($ev['ev_body']);
                        $body = explode(stripinput(AWEC_BREAK), $body);
                        if (count($body) > 1) {
                            $body[0] .= ' <a href="' . $path . '">' . $locale['EC207'] . '</a>';
                        }
                        $item .= '<br /><span class="small2">' . $body[0] . '</span>';
                    }
                    $out[$current][] = $item;
                    ++$count;
                }
            }
        }
    }
    return $count;
}
예제 #2
0
function gp_content()
{
    global $gp_content;
    if (!empty($gp_content)) {
        eval(stripinput($gp_content) . "();");
    } else {
        include LAYOUT_DIR . "content.php";
    }
}
예제 #3
0
function form_datepicker($title, $input_name, $input_id, $input_value, $array = FALSE)
{
    if (!defined('DATEPICKER')) {
        define('DATEPICKER', TRUE);
        add_to_head("<link href='" . DYNAMICS . "assets/datepicker/css/datepicker3.css' rel='stylesheet' />");
        add_to_head("<script src='" . DYNAMICS . "assets/datepicker/js/bootstrap-datepicker.js'></script>");
    }
    $title2 = isset($title) && !empty($title) ? stripinput($title) : ucfirst(strtolower(str_replace("_", " ", $input_name)));
    $input_name = isset($input_name) && !empty($input_name) ? stripinput($input_name) : "";
    $input_id = isset($input_id) && !empty($input_id) ? stripinput($input_id) : "";
    if ($input_value && strstr($input_value, "-")) {
        // then this is date.
        $input_value = $input_value;
    } else {
        $input_value = $input_value ? date("d-m-Y", $input_value) : '';
    }
    if (!is_array($array)) {
        $placeholder = "";
        $date_format = "dd-mm-yyyy";
        $width = "250px";
        $required = 0;
        $safemode = 0;
        $deactivate = 0;
        $icon = '';
        $inline = 0;
        $error_text = '';
        $class = '';
    } else {
        $icon = array_key_exists('icon', $array) ? $array['icon'] : "";
        $placeholder = array_key_exists("placeholder", $array) ? $array['placeholder'] : "";
        $width = array_key_exists("width", $array) ? $array['width'] : "250px";
        $date_format = array_key_exists("date_format", $array) ? $array['date_format'] : "dd-mm-yyyy";
        $class = array_key_exists('class', $array) ? $array['class'] : "";
        $error_text = array_key_exists("error_text", $array) ? $array['error_text'] : "";
        $required = array_key_exists('required', $array) && $array['required'] == 1 ? 1 : 0;
        $safemode = array_key_exists('safemode', $array) && $array['safemode'] == 1 ? 1 : 0;
        $deactivate = array_key_exists('deactivate', $array) && $array['deactivate'] == 1 ? 1 : 0;
        $inline = array_key_exists("inline", $array) ? 1 : 0;
    }
    $html = "<div id='{$input_id}-field' class='form-group m-b-0 {$class} " . ($icon ? 'has-feedback' : '') . "'>\n";
    $html .= $title ? "<label class='control-label " . ($inline ? "col-sm-3 col-md-3 col-lg-3" : '') . "' for='{$input_id}'>{$title} " . ($required == 1 ? "<span class='required'>*</span>" : '') . "</label>\n" : '';
    $html .= $inline ? "<div class='col-sm-9 col-md-9 col-lg-9'>\n" : "";
    $html .= "<div class='input-group date' " . ($width ? "style='width:{$width};'" : '') . ">\n";
    $html .= "<input type='text' name='" . $input_name . "' id='" . $input_id . "' value='" . $input_value . "' class='form-control textbox' placeholder='{$placeholder}' />\n";
    $html .= $icon ? "<div class='form-control-feedback'><i class='glyphicon {$icon}'></i></div>\n" : '';
    $html .= "<span class='input-group-addon'><i class='entypo calendar'></i></span>\n";
    $html .= "</div>\n";
    $html .= "<div id='{$input_id}-help' style='display:inline-block !important;'></div>";
    $html .= $inline ? "</div>\n" : "";
    $html .= "</div>\n";
    // Generate Defender Strings
    $html .= "<input type='hidden' name='def[{$input_name}]' value='[type=date],[title={$title2}],[id={$input_id}],[required={$required}],[safemode={$safemode}]" . ($error_text ? ",[error_text={$error_text}]" : '') . "' readonly />";
    if ($deactivate !== 1) {
        add_to_jquery("\n        \$('#{$input_id}-field .input-group.date').datepicker({\n        format: '" . $date_format . "',\n        todayBtn: 'linked',\n        autoclose: true,\n        todayHighlight: true\n        });\n        ");
    }
    return $html;
}
예제 #4
0
 private function _authenticate($inputUserName, $inputPassword, $remember)
 {
     global $locale, $settings;
     $inputUserName = preg_replace(array("/\\=/", "/\\#/", "/\\sOR\\s/"), "", stripinput($inputUserName));
     $result = dbquery("SELECT * FROM " . DB_USERS . " WHERE user_name='" . $inputUserName . "' LIMIT 1");
     if (dbrows($result) == 1) {
         $user = dbarray($result);
         require_once CLASSES . "PasswordAuth.class.php";
         // Initialize password auth
         $passAuth = new PasswordAuth();
         $passAuth->currentAlgo = $user["user_algo"];
         $passAuth->currentSalt = $user["user_salt"];
         $passAuth->currentPasswordHash = $user["user_password"];
         $passAuth->inputPassword = $inputPassword;
         // Check if input password is valid
         if ($passAuth->isValidCurrentPassword(true)) {
             if ($settings['multiple_logins'] != 1) {
                 $user['user_algo'] = $passAuth->getNewAlgo();
                 $user['user_salt'] = $passAuth->getNewSalt();
                 $user['user_password'] = $passAuth->getNewHash();
                 $result = dbquery("UPDATE " . DB_USERS . "\n\t\t\t\t\t\tSET user_algo='" . $user['user_algo'] . "', user_salt='" . $user['user_salt'] . "', user_password='******'user_password'] . "'\n\t\t\t\t\t\tWHERE user_id='" . $user['user_id'] . "'");
             }
             if ($user['user_status'] == 0 && $user['user_actiontime'] == 0) {
                 Authenticate::setUserCookie($user['user_id'], $user['user_salt'], $user['user_algo'], $remember, true);
                 Authenticate::_setUserTheme($user);
                 $this->_userData = $user;
             } else {
                 require_once INCLUDES . "suspend_include.php";
                 require_once INCLUDES . "sendmail_include.php";
                 if ($user['user_status'] == 3 && $user['user_actiontime'] < time() || $user['user_status'] == 7) {
                     $result = dbquery("UPDATE " . DB_USERS . " SET user_status='0', user_actiontime='0' WHERE user_id='" . $user['user_id'] . "'");
                     if ($user['user_status'] == 3) {
                         $subject = $locale['global_453'];
                         $message = $locale['global_455'];
                         unsuspend_log($user['user_id'], 3, $locale['global_450'], true);
                     } else {
                         $subject = $locale['global_454'];
                         $message = $locale['global_452'];
                     }
                     $message = str_replace("USER_NAME", $user['user_name'], $message);
                     sendemail($user['user_name'], $user['user_email'], $settings['siteusername'], $settings['siteemail'], $subject, $message);
                 } else {
                     redirect(Authenticate::getRedirectUrl(4, $user['user_status'], $user['user_id']));
                 }
             }
         } else {
             redirect(Authenticate::getRedirectUrl(1));
         }
     } else {
         redirect(Authenticate::getRedirectUrl(1));
     }
 }
function new_warning_post($post_or_userid, $subject, $message, $points, $KIND)
{
    global $userdata, $settings, $locale;
    if ($KIND == "Forum") {
        $new_warning_sql = dbquery("SELECT post_id, thread_id, forum_id, post_author FROM " . DB_POSTS . " WHERE post_id='" . $post_or_userid . "'");
    }
    if ($KIND == "Other" || dbrows($new_warning_sql) != 0) {
        if ($KIND == "Forum") {
            $post_warn_data = dbarray($new_warning_sql);
            $warnuser_id = $post_warn_data['post_author'];
            $post = $post_or_userid;
            $threadid = $post_warn_data['thread_id'];
            $forumid = $post_warn_data['forum_id'];
        } else {
            $warnuser_id = $post_or_userid;
            $post = "0";
            $threadid = "0";
            $forumid = "0";
        }
        $insertdate = date("U");
        $sql = dbquery("INSERT INTO " . DB_WARNING . "\r\n\t\t(warn_kind, user_id, post_id, thread_id, forum_id, warn_subject, warn_message, warn_point, warn_admin, warn_datestamp)\r\n\t\tVALUES\r\n\t\t(" . _db($KIND) . ", " . _db($warnuser_id) . ", " . _db($post) . ", " . _db($threadid) . ", " . _db($forumid) . ", " . _db($subject) . ", " . _db($message) . ",\r\n\t\t" . _db($points) . ", " . _db($userdata['user_id']) . ", " . _db($insertdate) . ");");
        // We need to send a PM to the warned user
        if ($settings['warning_set_send_pm'] == 1) {
            $pn_subject = stripinput(trim($locale['WARN210']));
            if ($KIND == "Forum") {
                $in = $locale['WARN211'] . " [url=" . $settings['siteurl'] . "forum/viewthread.php?thread_id=" . $post_warn_data['thread_id'] . "&pid=" . $post_warn_data['post_id'] . "#post_" . $post_warn_data['post_id'] . "]" . GetPostTitle($post_warn_data['thread_id']) . "[/url]\n";
            } else {
                $in = '';
            }
            $warning_subject = dbarray(dbquery("SELECT warn_subject FROM " . DB_WARNING_CATALOG . " WHERE warn_id='" . $subject . "'"));
            $data_w = dbarray(dbquery("SELECT warn_length FROM " . DB_WARNING_CATALOG . " WHERE warn_id='" . (int) $subject . "'"));
            $warning_length = $insertdate + $data_w['warn_length'] * 86400;
            $pn_messages = stripinput(trim($in . $locale['WARN212'] . " " . $warning_subject['warn_subject'] . "\r\n\t\t\t\t\t\t\t\t\t" . $locale['WARN213'] . " " . $message . "\r\n\t\t\t\t\t\t\t\t\t" . $locale['WARN214'] . date($locale['WARN215'], $warning_length) . $locale['WARN216']));
            if ($settings['warning_set_pm_from'] == 0) {
                $pn_from = $userdata['user_id'];
            } else {
                $pn_from = $settings['warning_set_pm_from'];
            }
            $result = dbquery("INSERT INTO " . DB_MESSAGES . " (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) VALUES ('" . $warnuser_id . "','" . $pn_from . "','" . $pn_subject . "','" . $pn_messages . "','y','0','" . $insertdate . "','0')");
        }
        // We need to send a PM to an Admin if User has more than 100 points
        if (show_warning_points($warnuser_id) >= 100) {
            $pn_subject = stripinput(trim($locale['WARN217']));
            $pn_messages = stripinput(trim("The member reached the limit:\n [url=" . $settings['siteurl'] . "warning.php?lookup=" . $warnuser_id . "]" . $locale['WARN218'] . "[/url]\n You should take some actions and suspend/bann this member!"));
            $result = dbquery("INSERT INTO " . DB_MESSAGES . " (message_to, message_from, message_subject, message_message, message_smileys, message_read, message_datestamp, message_folder) VALUES ('" . $settings['warning_set_pm_to'] . "','" . "0" . "','" . $pn_subject . "','" . $pn_messages . "','y','0','" . $insertdate . "','0')");
        }
        return true;
    } else {
        return false;
    }
}
예제 #6
0
function filter_show($row_start_key = false, $items_per_page_key = false)
{
    if (isset($_GET[$row_start_key]) || isset($_GET[$items_per_page_key])) {
        $condition = '';
        if ($_GET[$items_per_page_key]) {
            // WHEN show is available we set to rowstat, and show items.
            $condition = " LIMIT ";
            $condition .= isset($_GET[$row_start_key]) && isnum($_GET[$row_start_key]) ? stripinput($_GET[$row_start_key]) : 0;
            if (isset($_GET[$items_per_page_key]) && isnum($_GET[$items_per_page_key])) {
                $condition .= "," . stripinput($_GET[$items_per_page_key]);
            }
        }
        return $condition;
    }
}
예제 #7
0
function form_badge($title, $array = false)
{
    if (!is_array($array)) {
        $class = "";
        $icon = "";
    } else {
        $class = array_key_exists('class', $array) ? $array['class'] : "";
        $icon = array_key_exists('icon', $array) ? "<i class='" . $array['icon'] . "'></i>" : "";
    }
    if (isset($title) && $title !== "") {
        $title = stripinput($title);
    } else {
        $title = "";
    }
    return "<span class='badge {$class}'>{$icon} {$title}</span>\n";
}
예제 #8
0
 function stripinput_fix($text)
 {
     if (!is_array($text)) {
         if (QUOTES_GPC) {
             $text = stripslashes($text);
         }
         $search = array("&", "\"", "'", "\\", '\\"', "\\'", "<", ">", "&nbsp;");
         $replace = array("&amp;", "&quot;", "&#39;", "&#92;", "&quot;", "&#39;", "&lt;", "&gt;", " ");
         $text = str_replace($search, $replace, $text);
     } else {
         while (list($key, $value) = each($text)) {
             $text[$key] = stripinput($value);
         }
     }
     return $text;
 }
예제 #9
0
 /**
  * Given a matching URL, fetch Sitelinks data
  * @param string $url - url to match (link_url) column
  * @param string $key - column data to output, blank for all
  * @return array|bool
  */
 public static function get_current_SiteLinks($url = "", $key = NULL)
 {
     $url = stripinput($url);
     static $data = array();
     if (empty($data)) {
         if (!$url) {
             $pathinfo = pathinfo($_SERVER['PHP_SELF']);
             $url = FUSION_FILELINK;
         }
         $result = dbquery("SELECT * FROM " . DB_SITE_LINKS . " WHERE link_url='" . $url . "' AND link_language='" . LANGUAGE . "'");
         if (dbrows($result) > 0) {
             $data = dbarray($result);
         }
     }
     return $key === NULL ? (array) $data : (isset($data[$key]) ? $data[$key] : NULL);
 }
예제 #10
0
 /**
  * Given a matching URL, fetch Sitelinks data
  * @param string $url - url to match (link_url) column
  * @param string $column - column data to output, blank for all
  * @return array|bool
  */
 public static function get_current_SiteLinks($url = "", $key = NULL)
 {
     $url = stripinput($url);
     static $data = array();
     if (empty($data)) {
         if (!$url) {
             $pathinfo = pathinfo($_SERVER['PHP_SELF']);
             $url = str_replace(fusion_get_settings("site_path"), "", $pathinfo['dirname']) . '/' . $pathinfo['basename'];
         }
         $result = dbquery("SELECT * FROM " . DB_SITE_LINKS . " WHERE link_url='" . $url . "' AND link_language='" . LANGUAGE . "'");
         if (dbrows($result) > 0) {
             $data = dbarray($result);
         }
     }
     return $key === NULL ? $data : (isset($data[$key]) ? $data[$key] : NULL);
 }
예제 #11
0
 function __construct()
 {
     // Save some memory.. (since we don't use these anyway.)
     unset($GLOBALS['HTTP_COOKIE_VARS'], $GLOBALS['HTTP_ENV_VARS'], $GLOBALS['HTTP_GET_VARS']);
     unset($GLOBALS['HTTP_POST_VARS'], $GLOBALS['HTTP_SERVER_VARS'], $GLOBALS['HTTP_POST_FILES']);
     unset($GLOBALS['_FILES'], $GLOBALS['_ENV']);
     // Filter. No any html/js/non_uft code
     foreach ($_COOKIE as $numop => $valo) {
         $_COOKIE[$numop] = stripinput($valo);
     }
     foreach ($_POST as $numop => $valo) {
         $_POST[$numop] = stripinput($valo);
     }
     foreach ($_GET as $numop => $valo) {
         $_GET[$numop] = stripinput($valo);
     }
     foreach ($_REQUEST as $numop => $valo) {
         $_REQUEST[$numop] = stripinput($valo);
     }
     // Prevent any possible XSS attacks via $_GET.
     foreach ($_GET as $check_url) {
         if (eregi("<[^>]*script*\"?[^>]*>", $check_url) || eregi("<[^>]*object*\"?[^>]*>", $check_url) || eregi("<[^>]*iframe*\"?[^>]*>", $check_url) || eregi("<[^>]*applet*\"?[^>]*>", $check_url) || eregi("<[^>]*meta*\"?[^>]*>", $check_url) || eregi("<[^>]*style*\"?[^>]*>", $check_url) || eregi("<[^>]*form*\"?[^>]*>", $check_url) || eregi("\\([^>]*\"?[^)]*\\)", $check_url) || eregi("\"", $check_url)) {
             //die ('XSS attack filtred');
             die;
         }
     }
     // Some PHP defaults. For stable work on different systems.
     ini_set('precision', 14);
     ini_set('serialize_precision', 14);
     /*
     	if(!iCONSOLE) {
     		$_SERVER['HTTP_ACCEPT_ENCODING'] = isset($_SERVER['HTTP_ACCEPT_ENCODING']) ? $_SERVER['HTTP_ACCEPT_ENCODING'] : '';
     		// enable Gzip compression
     		if(substr_count($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip')) ob_start(array('ob_gzhandler',9));
     		// no caching hint
     		//header("Expires: Mon, 01 Jan 2000 05:00:00 GMT");
     		header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
     		header("Cache-Control: no-store, no-cache, must-revalidate");// HTTP/1.1
     		header("Cache-Control: post-check=0, pre-check=0", false);
     		header("Pragma: no-cache");// HTTP/1.0
     	}
     */
 }
function setError($error_level, $error_message, $error_file, $error_line, $error_context)
{
    global $userdata, $_errorHandler;
    $showError = true;
    $result = dbquery("SELECT error_id, error_status FROM " . DB_ERRORS . "\n\t\tWHERE error_level='" . intval($error_level) . "' AND error_file='" . stripinput($error_file) . "'\n\t\tAND error_line='" . intval($error_line) . "' AND error_status!='1'\n\t\tORDER BY error_timestamp DESC LIMIT 1");
    if (dbrows($result) == 0) {
        $result = dbquery("INSERT INTO " . DB_ERRORS . " (\n\t\t\t\terror_level, error_message, error_file, error_line, error_page,\n\t\t\t\terror_user_level, error_user_ip, error_user_ip_type, error_status, error_timestamp\n\t\t\t) VALUES (\n\t\t\t\t'" . intval($error_level) . "', '" . stripinput($error_message) . "',\n\t\t\t\t'" . stripinput($error_file) . "', '" . intval($error_line) . "',\n\t\t\t\t'" . TRUE_PHP_SELF . "', '" . $userdata['user_level'] . "', '" . USER_IP . "', '" . USER_IP_TYPE . "',\n\t\t\t\t'0', '" . time() . "'\n\t\t\t)");
        $errorId = mysql_insert_id();
    } else {
        $data = dbarray($result);
        $errorId = $data['error_id'];
        if ($data['error_status'] == 2) {
            $showError = false;
        }
    }
    if ($showError) {
        $_errorHandler[] = array("id" => $errorId, "level" => $error_level, "file" => $error_file, "line" => $error_line);
    }
}
예제 #13
0
 private function _isValidEMailAddress($email)
 {
     $email = stripinput(trim(preg_replace("/ +/i", "", $email)));
     if (preg_match("/^[-0-9A-Z_\\.]{1,50}@([-0-9A-Z_\\.]+\\.){1,50}([0-9A-Z]){2,4}\$/i", $email)) {
         $check = dbcount("(user_id)", DB_USERS, "user_email='" . $email . "'");
         if ($check > 0) {
             $this->_userEMail = $email;
             return TRUE;
         } else {
             // e-mail adress is not found
             $this->_error = 1;
             return FALSE;
         }
     } else {
         // no valid e-mail adress
         $this->_error = 2;
         return FALSE;
     }
 }
예제 #14
0
/**
 * Button Groups
 * @param        $input_name
 * @param string $label
 * @param        $input_value
 * @param array  $options
 * @return string
 */
function form_btngroup($input_name, $label = "", $input_value, array $options = array())
{
    global $defender, $locale;
    $title = $label ? stripinput($label) : ucfirst(strtolower(str_replace("_", " ", $input_name)));
    $input_value = isset($input_value) && !empty($input_value) ? stripinput($input_value) : "";
    $default_options = array('options' => array($locale['disable'], $locale['enable']), 'input_id' => $input_name, 'class' => "btn-default", 'icon' => "", "multiple" => FALSE, "delimiter" => ",", 'deactivate' => FALSE, 'error_text' => "", 'inline' => FALSE, 'safemode' => FALSE, 'required' => FALSE, 'callback_check' => '');
    $options += $default_options;
    $error_class = "";
    if ($defender->inputHasError($input_name)) {
        $error_class = "has-error ";
        if (!empty($options['error_text'])) {
            $new_error_text = $defender->getErrorText($input_name);
            if (!empty($new_error_text)) {
                $options['error_text'] = $new_error_text;
            }
            addNotice("danger", "<strong>{$title}</strong> - " . $options['error_text']);
        }
    }
    $html = "<div id='" . $options['input_id'] . "-field' class='form-group " . $error_class . "clearfix'>\n";
    $html .= $label ? "<label class='control-label " . ($options['inline'] ? "col-xs-12 col-sm-3 col-md-3 col-lg-3 p-l-0" : 'col-xs-12 col-sm-12 col-md-12 col-lg-12 p-l-0') . "' for='" . $options['input_id'] . "'>{$label} " . ($options['required'] == 1 ? "<span class='required'>*</span>" : '') . "</label>\n" : '';
    $html .= $options['inline'] ? "<div class='col-xs-12 col-sm-9 col-md-9 col-lg-9'>\n" : '';
    $html .= "<div class='btn-group' id='" . $options['input_id'] . "'>";
    $i = 1;
    if (!empty($options['options']) && is_array($options['options'])) {
        foreach ($options['options'] as $arr => $v) {
            $active = '';
            if ($input_value == $arr) {
                $active = "active";
            }
            $html .= "<button type='button' data-value='{$arr}' class='btn " . $options['class'] . " " . (count($options['options']) == $i ? 'last-child' : '') . " {$active}'>" . $v . "</button>\n";
            $i++;
        }
    }
    $html .= "</div>\n";
    $html .= "<input name='{$input_name}' type='hidden' id='" . $options['input_id'] . "-text' value='{$input_value}' />\n";
    $html .= $defender->inputHasError($input_name) ? "<div id='" . $options['input_id'] . "-help' class='label label-danger p-5 display-inline-block'>" . $options['error_text'] . "</div>" : "";
    $html .= $options['inline'] ? "</div>\n" : '';
    $html .= "</div>\n";
    $input_name = $options['multiple'] ? str_replace("[]", "", $input_name) : $input_name;
    $defender->add_field_session(array('input_name' => $input_name, 'title' => trim($title, '[]'), 'id' => $options['input_id'], 'type' => 'dropdown', 'required' => $options['required'], 'callback_check' => $options['callback_check'], 'safemode' => $options['safemode'], 'error_text' => $options['error_text'], 'delimiter' => $options['delimiter']));
    add_to_jquery("\n\t\$('#" . $options['input_id'] . " button').bind('click', function(e){\n\t\t\$('#" . $options['input_id'] . " button').removeClass('active');\n\t\t\$(this).toggleClass('active');\n\t\tvalue = \$(this).data('value');\n\t\t\$('#" . $options['input_id'] . "-text').val(value);\n\t});\n\t");
    return $html;
}
예제 #15
0
function form_colorpicker($input_name, $label = '', $input_value = '', array $options = array())
{
    global $defender, $locale;
    if (!defined("COLORPICKER")) {
        define("COLORPICKER", TRUE);
        add_to_head("<link href='" . DYNAMICS . "assets/colorpick/css/bootstrap-colorpicker.css' rel='stylesheet' media='screen' />");
        add_to_head("<script src='" . DYNAMICS . "assets/colorpick/js/bootstrap-colorpicker.js'></script>");
    }
    $title = $label ? stripinput($label) : ucfirst(strtolower(str_replace("_", " ", $input_name)));
    $input_name = stripinput($input_name);
    $input_value = stripinput($input_value);
    $default_options = array('input_id' => $input_name, 'required' => FALSE, 'placeholder' => '', 'deactivate' => FALSE, 'width' => '250px', 'class' => '', 'inline' => FALSE, 'error_text' => $locale['error_input_default'], 'safemode' => FALSE, 'icon' => "", "tip" => "", 'format' => 'hex');
    $options += $default_options;
    if (!$options['width']) {
        $options['width'] = $default_options['width'];
    }
    $input_id = $options['input_id'] ?: $default_options['input_id'];
    $error_class = "";
    if ($defender->inputHasError($input_name)) {
        $error_class = "has-error ";
        if (!empty($options['error_text'])) {
            $new_error_text = $defender->getErrorText($input_name);
            if (!empty($new_error_text)) {
                $options['error_text'] = $new_error_text;
            }
            addNotice("danger", "<strong>{$title}</strong> - " . $options['error_text']);
        }
    }
    $html = "<div id='{$input_id}-field' class='form-group clearfix m-b-10 " . $error_class . $options['class'] . " '>\n";
    $html .= $label ? "<label class='control-label " . ($options['inline'] ? "col-xs-12 col-sm-3 col-md-3 col-lg-3" : '') . "' for='{$input_id}'>{$label} " . ($options['required'] ? "<span class='required'>*</span>" : '') . "\n\t" . ($options['tip'] ? "<i class='pointer fa fa-question-circle' title='" . $options['tip'] . "'></i>" : '') . "\n\t</label>\n" : '';
    $html .= $options['inline'] ? "<div class='col-xs-12 col-sm-9 col-md-9 col-lg-9'>\n" : "<br/>\n";
    $html .= "<div id='{$input_id}' style='width: " . $options['width'] . "' class='input-group colorpicker-component bscp colorpicker-element m-b-10' data-color='{$input_value}' data-color-format='" . $options['format'] . "'>";
    $html .= "<input type='text' name='{$input_name}' class='form-control " . $options['class'] . "' id='" . $input_id . "' value='{$input_value}' data-color-format='" . $options['format'] . "' placeholder='" . $options['placeholder'] . "' " . ($options['deactivate'] ? "readonly" : "") . ">";
    $html .= "<span id='{$input_id}-cp' class='input-group-addon'>";
    $html .= "<i style='background: rgba(255,255,255,1);'></i>";
    $html .= "</span></div>";
    $html .= $options['inline'] ? "</div>\n" : "";
    $html .= "</div>\n";
    $defender->add_field_session(array('input_name' => $input_name, 'type' => 'color', 'title' => $title, 'id' => $input_id, 'required' => $options['required'], 'safemode' => $options['safemode'], 'error_text' => $options['error_text']));
    add_to_jquery("\$('#{$input_id}').colorpicker({ format : '" . $options['format'] . "'  });");
    return $html;
}
예제 #16
0
 static function get_css($path)
 {
     $file = isset($path) && $path ? file($path) : print_p('no file');
     $init = 0;
     $css_token = array();
     foreach ($file as $arr => $value) {
         $value = stripinput($value);
         if (preg_match('@Marker@si', $value)) {
             $init = 1;
         }
         if ($init > 0) {
             if ($init > 1) {
                 $css_token = strtok($value, "{}");
                 $css[] = str_replace(':before', '', $css_token);
             }
             $init++;
         }
     }
     return $css;
 }
예제 #17
0
function send_pm($to_id, $subject, $body, $smilies)
{
    global $locale, $userdata, $settings;
    if (iMEMBER) {
        $from_id = $userdata['user_id'];
    } else {
        $from_id = 0;
    }
    if (!$to_id || $from_id == $to_id) {
        return true;
    }
    // get user
    $res = dbquery("SELECT user_name, user_email\n\t\tFROM " . DB_USERS . "\n\t\tWHERE user_id='" . $to_id . "'");
    if (!dbrows($res)) {
        return false;
    }
    $data = dbarray($res);
    // send pm
    $ok = dbquery("INSERT INTO " . DB_MESSAGES . "\n\t\tSET\n\t\tmessage_to='" . $to_id . "',\n\t\tmessage_from='" . $from_id . "',\n\t\tmessage_subject='" . stripinput($subject) . "',\n\t\tmessage_message='" . stripinput($body) . "',\n\t\tmessage_smileys='" . ($smilies ? '1' : '0') . "',\n\t\tmessage_read='0',\n\t\tmessage_datestamp='" . time() . "'");
    // FIXME: inform about NEW PM!
    /*FIXME
    	// send mail
    	require_once(INCLUDES."sendmail_include.php");
    	$type = "plain";
    
    	$body = $subject;
    	$body .= "\n\n";
    	$body .= stripinput($locale['PDP902']['body'][$pm_type]);
    	$body .= "\n\n";
    	$body .= $locale['PDP026'].": ".$settings['siteurl']
    		."infusions/pro_download_panel/download.php"
    		."?did=".$this->id;
    	$body .= "\n\n";
    
    	sendemail($data['user_name'], $data['user_email'],
    		$settings['siteusername'],
    		$settings['siteemail'],
    		$subject, strip_tags(nl2br(parseubb($body))), $type);
    */
    return true;
}
예제 #18
0
/**
 * @param        $input_name
 * @param string $label
 * @param string $input_value
 * @param array  $options
 * @return string
 */
function form_hidden($input_name, $label = "", $input_value = "", array $options = array())
{
    global $defender;
    $title = $label ? stripinput($label) : ucfirst(strtolower(str_replace("_", " ", $input_name)));
    $html = '';
    $default_options = array("input_id" => $input_name, "show_title" => FALSE, "width" => "100%", "class" => "", "inline" => FALSE, "required" => FALSE, "placeholder" => "", "deactivate" => FALSE, "delimiter" => ",", "error_text" => "");
    $options += $default_options;
    if ($options['show_title']) {
        $html .= "<div id='" . $options['input_id'] . "-field' class='form-group m-b-0 " . $options['class'] . " '>\n";
        $html .= $label ? "<label class='control-label " . ($options['inline'] ? "col-xs-12 col-sm-3 col-md-3 col-lg-3" : '') . "' for='" . $options['input_id'] . "'>{$title} " . ($options['required'] ? "<span class='required'>*</span>" : '') . "</label>\n" : '';
        $html .= $options['inline'] ? "<div class='col-xs-12 col-sm-9 col-md-9 col-lg-9'>\n" : '';
    }
    $html .= "<input type='hidden' name='{$input_name}' id='" . $options['input_id'] . "' value='{$input_value}' " . ($options['width'] ? "style='width:" . $options['width'] . "'" : '') . " " . ($options['show_title'] ? "" : "readonly") . " />\n";
    if ($options['show_title']) {
        $html .= "<div id='" . $options['input_id'] . "-help'></div>";
        $html .= $options['inline'] ? "</div>\n" : "";
        $html .= "</div>\n";
    }
    $defender->add_field_session(array('input_name' => $input_name, 'title' => trim($title, '[]'), 'type' => 'textbox', 'id' => $options['input_id'], 'required' => $options['required'], 'safemode' => '0', "delimiter" => $options['delimiter'], 'error_text' => $options['error_text']));
    return $html;
}
예제 #19
0
function form_photosize($title, $input_name, $input_id, $input_value_width, $input_value_height, $array = false)
{
    $title = isset($title) && !empty($title) ? $title : "";
    $title2 = isset($title) && !empty($title) ? $title : ucfirst(strtolower(str_replace("_", " ", $input_name)));
    $input_name = isset($input_name) && !empty($input_name) ? stripinput($input_name) : "";
    $input_id = isset($input_id) && !empty($input_id) ? stripinput($input_id) : "";
    if (!is_array($array)) {
        $inline = '';
        $placeholder = 'px';
        $deactivate = '';
        $required = 0;
        $error_text = '';
    } else {
        $inline = array_key_exists('rowstart', $array) ? 1 : 0;
        $placeholder = array_key_exists('placeholder', $array) ? $array['placeholder'] : 'px';
        $deactivate = array_key_exists('deactivate', $array) ? $array['deactivate'] : "";
        $class = array_key_exists('class', $array) ? "class='" . $array['class'] . "'" : "";
        $required = array_key_exists('required', $array) && $array['required'] == 1 ? 1 : 0;
        $deactivate = '';
        $error_text = array_key_exists("error_text", $array) ? $array['error_text'] : "";
    }
    $html = "<div id='{$input_id}-field' class='form-group m-b-0 has-feedback'>\n";
    $html .= $title ? "<label class='control-label " . ($inline ? "col-xs-3 col-sm-3 col-md-3 col-lg-3" : '') . "' for='{$input_id}'>{$title} " . ($required == 1 ? "<span class='required'>*</span>" : '') . "</label>\n" : '';
    $html .= $inline ? "<div class='col-xs-9 col-sm-9 col-md-9 col-lg-9'>\n" : "<div class='col-xs-12 col-sm-12 col-md-12 col-lg-12 p-l-0 form-horizontal'>\n";
    $html .= "<div class='form-group m-b-0 has-feedback col-sm-6 col-md-6 col-lg-6 m-r-10'>";
    $html .= "<input type='text' class='form-control input-sm {$class}' name='" . $input_name . "_w' id='" . $input_id . "' value='{$input_value_width}' placeholder='width (" . $placeholder . ")' " . ($deactivate == "1" && isnum($deactivate) ? "readonly" : "") . ">\n";
    $html .= "<div class='form-control-feedback'><i class='glyphicon glyphicon-resize-horizontal'></i></div>\n";
    $html .= "<div id='{$input_id}-help' style='display:inline-block !important;'></div>";
    $html .= "</div>\n";
    $html .= "<div class='form-group m-b-0 has-feedback col-sm-6 col-md-6 col-lg-6'>";
    $html .= "<input type='text' class='form-control input-sm {$class}' name='" . $input_name . "_h' id='" . $input_id . "' value='{$input_value_height}' placeholder='height (" . $placeholder . ")' " . ($deactivate == "1" && isnum($deactivate) ? "readonly" : "") . ">\n";
    $html .= "<div class='form-control-feedback'><i class='glyphicon glyphicon-resize-vertical'></i></div>\n";
    $html .= "<div id='{$input_id}-help' style='display:inline-block !important;'></div>";
    $html .= "</div>\n";
    $html .= "</div></div>\n";
    $html .= "<input type='hidden' name='def['" . $input_name . "_w']' value='[type=text],[title={$title2}],[id={$input_id}],[required={$required}],[safemode=0]" . ($error_text ? ",[error_text={$error_text}]" : '') . "' readonly />";
    $html .= "<input type='hidden' name='def['" . $input_name . "_h']' value='[type=text],[title={$title2}],[id={$input_id}],[required={$required}],[safemode=0]" . ($error_text ? ",[error_text={$error_text}]" : '') . "' readonly />";
    return $html;
}
예제 #20
0
function form_alert($title, $text, $array = false)
{
    // <a href="#" class="alert-link">...</a>
    if (isset($title) && $title !== "") {
        $title = stripinput($title);
    } else {
        $title = "";
    }
    //if (isset($text) && ($text !=="")) { $text = stripinput($text); } else { $text = ""; }
    if (!is_array($array)) {
        $class = '';
        $dismiss = '';
    } else {
        $class = array_key_exists('class', $array) ? $array['class'] : "";
        $dismiss = array_key_exists('dismiss', $array) ? $array['dismiss'] : "";
    }
    if ($dismiss == "1") {
        $html = "<div class='alert alert-dismissable {$class}'><button type='button' class='close' data-dismiss='alert' aria-hidden='true'>&times;</button><strong>{$title}</strong> {$text}</div>";
    } else {
        $html = "<div class='alert {$class}'><strong>{$title}</strong> {$text}</div>";
    }
    add_to_jquery("\n    \$('div.alert a').addClass('alert-link');\n    ");
    return $html;
}
예제 #21
0
    for ($i = 0; $i < count($file_list); $i++) {
        echo $file_list[$i];
    }
    echo "</select> <input type='submit' name='infuse' value='" . $locale['401'] . "' class='button' />\n";
    if (isset($_GET['error'])) {
        echo "<br /><br />\n" . ($_GET['error'] == 1 ? $locale['402'] : $locale['403']) . "<br /><br />\n";
    }
    echo "<br /><br />\n" . $locale['413'] . " <span style='color:red;'>" . $locale['414'] . "</span> ::\n";
    echo "<span style='color:green;'>" . $locale['415'] . "</span> ::\n";
    echo "<span style='color:blue;'>" . $locale['416'] . "</span>\n";
    echo "</form>\n</div>\n";
    closetable();
}
if (isset($_POST['infuse']) && isset($_POST['infusion'])) {
    $error = "";
    $infusion = stripinput($_POST['infusion']);
    if (file_exists(INFUSIONS . $infusion . "/infusion.php")) {
        include INFUSIONS . $infusion . "/infusion.php";
        $result = dbquery("SELECT * FROM " . DB_INFUSIONS . " WHERE inf_folder='" . $inf_folder . "'");
        if (dbrows($result)) {
            $data = dbarray($result);
            if ($inf_version > $data['inf_version']) {
                if (isset($inf_altertable) && is_array($inf_altertable) && count($inf_altertable)) {
                    for ($i = 1; $i < count($inf_altertable) + 1; $i++) {
                        $result = dbquery("ALTER TABLE " . $inf_altertable[$i]);
                    }
                }
                $result2 = dbquery("UPDATE " . DB_INFUSIONS . " SET inf_version='" . $inf_version . "' WHERE inf_id='" . $data['inf_id'] . "'");
            }
        } else {
            if (isset($inf_adminpanel) && is_array($inf_adminpanel) && count($inf_adminpanel)) {
예제 #22
0
             } else {
                 $error .= "&middot; " . $recaptcha_error . "<br />\n";
             }
         } else {
             #$log['question_rec'] = $_POST["recaptcha_challenge_field"];
             $log['response_rec'] = $_POST["recaptcha_response_field"];
         }
     } else {
         $error .= "&middot; " . $locale['554'] . "<br />\n";
     }
 }
 // <-
 // Pimped: Registration Questions
 if ($settings['registration_question']) {
     $secure_re = isset($_POST['user_secure_question']) ? stripinput(trim($_POST['user_secure_question'])) : "";
     $secure_id = isset($_POST['user_secure_id']) ? stripinput(trim($_POST['user_secure_id'])) : "";
     if ($secure_re == "" || $secure_id == "" || !isnum($secure_id)) {
         $error .= "&middot; " . $locale['412'] . "<br />\n";
     } else {
         $sec_result = dbquery("SELECT question, response FROM " . DB_REGISTRATION . " WHERE id=" . (int) $secure_id . "");
         if (dbrows($sec_result)) {
             $sec_data = dbarray($sec_result);
             if (strtolower($sec_data['response']) != strtolower($secure_re)) {
                 $error .= "&middot; " . $locale['413'] . "<br />\n";
             } else {
                 $log['question_qu'] = $sec_data['question'];
                 $log['response_qu'] = $secure_re;
             }
             unset($sec_data);
         } else {
             $error .= "&middot; " . $locale['414'] . "<br />\n";
예제 #23
0
 if (!$result) {
     $error = 1;
 }
 $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['thumbs_per_page']) ? $_POST['thumbs_per_page'] : "12") . "' WHERE settings_name='thumbs_per_page'");
 if (!$result) {
     $error = 1;
 }
 $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['photo_watermark']) ? $_POST['photo_watermark'] : "0") . "' WHERE settings_name='photo_watermark'");
 if (!$result) {
     $error = 1;
 }
 $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['photo_watermark_save']) ? $_POST['photo_watermark_save'] : "0") . "' WHERE settings_name='photo_watermark_save'");
 if (!$result) {
     $error = 1;
 }
 $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . stripinput($_POST['photo_watermark_image']) . "' WHERE settings_name='photo_watermark_image'");
 if (!$result) {
     $error = 1;
 }
 $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['photo_watermark_text']) ? $_POST['photo_watermark_text'] : "0") . "' WHERE settings_name='photo_watermark_text'");
 if (!$result) {
     $error = 1;
 }
 $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (preg_match("/^([0-9A-F]){6}\$/i", $_POST['photo_watermark_text_color1']) ? $_POST['photo_watermark_text_color1'] : "FF6600") . "' WHERE settings_name='photo_watermark_text_color1'");
 if (!$result) {
     $error = 1;
 }
 $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (preg_match("/^([0-9A-F]){6}\$/i", $_POST['photo_watermark_text_color2']) ? $_POST['photo_watermark_text_color2'] : "FFFF00") . "' WHERE settings_name='photo_watermark_text_color2'");
 if (!$result) {
     $error = 1;
 }
예제 #24
0
        $message = $locale['512'];
    }
    if ($message) {
        echo "<div id='close-message'><div class='admin-message'>" . $message . "</div></div>\n";
    }
}
$result = dbcount("(weblink_cat_id)", DB_WEBLINK_CATS);
if (!empty($result)) {
    if (isset($_GET['action']) && $_GET['action'] == "delete" && (isset($_GET['weblink_id']) && isnum($_GET['weblink_id']))) {
        $result = dbquery("DELETE FROM " . DB_WEBLINKS . " WHERE weblink_id='" . $_GET['weblink_id'] . "'");
        redirect(FUSION_SELF . $aidlink . "&weblink_cat_id=" . $_GET['weblink_cat_id'] . "&amp;status=del");
    }
    if (isset($_POST['save_link'])) {
        $weblink_name = stripinput($_POST['weblink_name']);
        $weblink_description = addslash($_POST['weblink_description']);
        $weblink_url = stripinput($_POST['weblink_url']);
        $weblink_cat = intval($_POST['weblink_cat']);
        if ($weblink_name) {
            if (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_GET['weblink_id']) && isnum($_GET['weblink_id']))) {
                $weblink_datestamp = isset($_POST['update_datestamp']) ? ", weblink_datestamp='" . time() . "'" : "";
                $result = dbquery("UPDATE " . DB_WEBLINKS . " SET weblink_name='{$weblink_name}', weblink_description='{$weblink_description}', weblink_url='{$weblink_url}', weblink_cat='{$weblink_cat}'" . $weblink_datestamp . " WHERE weblink_id='" . $_GET['weblink_id'] . "'");
                redirect(FUSION_SELF . $aidlink . "&weblink_cat_id={$weblink_cat}&amp;status=su");
            } else {
                $result = dbquery("INSERT INTO " . DB_WEBLINKS . " (weblink_name, weblink_description, weblink_url, weblink_cat, weblink_datestamp, weblink_count) VALUES ('{$weblink_name}', '{$weblink_description}', '{$weblink_url}', '{$weblink_cat}', '" . time() . "', '0')");
                redirect(FUSION_SELF . $aidlink . "&weblink_cat_id={$weblink_cat}&amp;status=sn");
            }
        } else {
            redirect(FUSION_SELF . $aidlink);
        }
    }
    if (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_GET['weblink_id']) && isnum($_GET['weblink_id']))) {
예제 #25
0
파일: polls.php 프로젝트: roniwahyu/AKEUDA
     $poll_title = $data['poll_title'];
     $poll_option = array();
     for ($i = 0; $i <= 9; $i++) {
         if ($data["poll_opt_" . $i]) {
             $poll_option[$i] = $data["poll_opt_" . $i];
         }
     }
     $opt_count = count($poll_option);
     $poll_started = $data['poll_started'];
     $_GET['poll_ended'] = $data['poll_ended'];
 }
 if (isset($_POST['addoption'])) {
     $poll_title = stripinput($_POST['poll_title']);
     if (isset($_POST['poll_option']) && is_array($_POST['poll_option'])) {
         foreach ($_POST['poll_option'] as $key => $value) {
             $poll_option[$key] = stripinput($_POST['poll_option'][$key]);
         }
         $opt_count = $_POST['opt_count'] != 10 ? count($poll_option) + 1 : $_POST['opt_count'];
     } else {
         $poll_option[0] = "";
         $opt_count = 1;
     }
 }
 $i = 0;
 $opt = 1;
 $poll_title = isset($poll_title) ? $poll_title : "";
 $opt_count = isset($opt_count) ? $opt_count : 2;
 if (isset($poll_id)) {
     $poll_ended = isset($poll_ended) ? $poll_ended : 0;
 }
 opentable(isset($_GET['poll_id']) ? $locale['401'] : $locale['400']);
예제 #26
0
     echo "<table cellpadding='0' cellspacing='1' width='450' class='tbl-border center'>\n";
     $i = 0;
     $users = "";
     while ($data = dbarray($result)) {
         $row_color = $i % 2 == 0 ? "tbl1" : "tbl2";
         $i++;
         $users .= "<tr>\n<td class='{$row_color}'><label><input type='radio' name='user_id' value='" . $data['user_id'] . "' /> " . $data['user_name'] . "</label></td>\n</tr>";
     }
     if ($i > 0) {
         echo "<tr>\n<td class='tbl2'><strong>" . $locale['413'] . "</strong></td>\n</tr>\n";
         echo $users . "<tr>\n<td align='center' class='tbl'>\n";
         echo "<label><input type='checkbox' name='all_rights' value='1' /> " . $locale['415'] . "</label><span style='color:red;font-weight:bold;margin-left:5px;'>*</span><br />\n";
         if ($userdata['user_level'] == 103) {
             echo "<label><input type='checkbox' name='make_super' value='1' /> " . $locale['416'] . "</label><span style='color:red;font-weight:bold;margin-left:5px;'>*</span><br />\n";
         }
         if (!check_admin_pass(isset($_POST['admin_password']) ? stripinput($_POST['admin_password']) : "")) {
             echo $locale['447'] . " <input type='password' name='admin_password' class='textbox' style='width:150px;' autocomplete='off' /><br /><br />\n";
         }
         echo "<br />\n<input type='submit' name='add_admin' value='" . $locale['417'] . "' class='button' onclick=\"return confirm('" . $locale['461'] . "');\" />\n";
         echo "</td>\n</tr>\n";
         echo "<tr>\n<td class='tbl' style='font-weight:bold;text-align:left; color:black !important; background-color:#FFDBDB;'><span style='color:red;font-weight:bold;margin-right:5px;'>*</span>" . $locale['462'] . "</td>\n</tr>\n";
     } else {
         echo "<tr>\n<td align='center' class='tbl'>" . $locale['418'] . "<br /><br />\n";
         echo "<a href='" . FUSION_SELF . $aidlink . "'>" . $locale['419'] . "</a>\n</td>\n</tr>\n";
     }
     echo "</table>\n</form>\n";
 } else {
     echo "<table cellpadding='0' cellspacing='1' width='450' class='tbl-border center'>\n";
     echo "<tr>\n<td align='center' class='tbl'>" . $locale['418'] . "<br /><br />\n";
     echo "<a href='" . FUSION_SELF . $aidlink . "'>" . $locale['419'] . "</a>\n</td>\n</tr>\n</table>\n";
 }
예제 #27
0
 * @package Kitto_Kitto_Kitto
 * @subpackage Board
 * @version 1.0.0
 **/
$ERRORS = array();
$max_items_per_page = 15;
// Handle the page ID for slicing and dicing the inventory up.
$page_id = stripinput($_REQUEST['page']);
if ($page_id == null || $page_id <= 0) {
    $page_id = 1;
}
// Where do we slice the record set?
$start = ($page_id - 1) * $max_items_per_page;
$end = ($page_id - 1) * $max_items_per_page + $max_items_per_page;
// Load the board.
$thread_id = stripinput($_REQUEST['thread_id']);
$thread = new BoardThread($db);
$thread = $thread->findOneByBoardThreadId($thread_id);
if ($thread == null) {
    $ERRORS[] = 'Invalid thread specified.';
} else {
    // Load the board info.
    $board = new Board($db);
    $board = $board->findOneByBoardId($thread->getBoardId());
    if ($board == null) {
        $ERRORS[] = 'Invalid board.';
    } else {
        if ($board->hasAccess($User) == false) {
            $ERRORS[] = 'Invalid board.';
        }
    }
예제 #28
0
파일: search.php 프로젝트: roniwahyu/AKEUDA
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "maincore.php";
require_once THEMES . "templates/header.php";
include LOCALE . LOCALESET . "search.php";
add_to_title($locale['global_202']);
if (!isset($_GET['rowstart']) || !isnum($_GET['rowstart'])) {
    $_GET['rowstart'] = 0;
}
if (isset($_GET['stext'])) {
    if (is_array($_GET['stext'])) {
        redirect(FUSION_SELF);
    } else {
        $_GET['stext'] = urlencode(stripinput($_GET['stext']));
    }
} else {
    $_GET['stext'] = "";
}
if (isset($_GET['method'])) {
    $_GET['method'] = $_GET['method'] == "OR" || $_GET['method'] == "AND" ? $_GET['method'] : "OR";
}
if (!isset($_GET['method'])) {
    $_GET['method'] = "OR";
}
if (isset($_GET['datelimit'])) {
    $_GET['datelimit'] = isnum($_GET['datelimit']) ? $_GET['datelimit'] : 0;
}
if (!isset($_GET['datelimit'])) {
    $_GET['datelimit'] = 0;
예제 #29
0
         $result = dbquery("UPDATE " . DB_ARTICLES . " SET article_cat='" . intval($_POST['article_cat']) . "', article_subject='{$subject}', article_snippet='{$body}', article_article='{$body2}', article_draft='{$draft}', article_breaks='{$breaks}', article_allow_comments='{$comments}', article_allow_ratings='{$ratings}' WHERE article_id='" . $_POST['article_id'] . "'");
         redirect(FUSION_SELF . $aidlink . "&status=su");
     } elseif (!defined("FUSION_NULL")) {
         $result = dbquery("INSERT INTO " . DB_ARTICLES . " (article_cat, article_subject, article_snippet, article_article, article_draft, article_breaks, article_name, article_datestamp, article_reads, article_allow_comments, article_allow_ratings) VALUES ('" . intval($_POST['article_cat']) . "', '{$subject}', '{$body}', '{$body2}', '{$draft}', '{$breaks}', '" . $userdata['user_id'] . "', '" . time() . "', '0', '{$comments}', '{$ratings}')");
         redirect(FUSION_SELF . $aidlink . "&status=sn");
     }
 } else {
     if (isset($_POST['delete']) && (isset($_POST['article_id']) && isnum($_POST['article_id']))) {
         $result = dbquery("DELETE FROM " . DB_ARTICLES . " WHERE article_id='" . $_POST['article_id'] . "'");
         $result = dbquery("DELETE FROM " . DB_COMMENTS . " WHERE comment_item_id='" . $_POST['article_id'] . "' and comment_type='A'");
         $result = dbquery("DELETE FROM " . DB_RATINGS . " WHERE rating_item_id='" . $_POST['article_id'] . "' and rating_type='A'");
         redirect(FUSION_SELF . $aidlink . "&status=del");
     } else {
         if (isset($_POST['preview'])) {
             $article_cat = $_POST['article_cat'];
             $subject = stripinput($_POST['subject']);
             $body = phpentities(stripslash($_POST['body']));
             $body2 = phpentities(stripslash($_POST['body2']));
             $bodypreview = str_replace("src='" . str_replace("../", "", IMAGES_A), "src='" . IMAGES_A, stripslash($_POST['body']));
             $body2preview = str_replace("src='" . str_replace("../", "", IMAGES_A), "src='" . IMAGES_A, stripslash($_POST['body2']));
             $draft = isset($_POST['article_draft']) ? " checked='checked'" : "";
             if (isset($_POST['line_breaks'])) {
                 $breaks = " checked='checked'";
                 $bodypreview = nl2br($bodypreview);
                 $body2preview = nl2br($body2preview);
             } else {
                 $breaks = "";
             }
             $comments = isset($_POST['article_comments']) ? " checked='checked'" : "";
             $ratings = isset($_POST['article_ratings']) ? " checked='checked'" : "";
             opentable($subject);
예제 #30
0
 if (dbrows($result)) {
     $data = dbarray($result);
     $submit_criteria = unserialize($data['submit_criteria']);
     $download_title = stripinput($_POST['download_title']);
     $download_description = stripinput($_POST['download_description']);
     $download_description_short = stripinput($_POST['download_description_short']);
     $download_cat = isnum($_POST['download_cat']) ? $_POST['download_cat'] : "0";
     $download_allow_comments = isset($_POST['download_allow_comments']) && isnum($_POST['download_allow_comments']) ? $_POST['download_allow_comments'] : "0";
     $download_allow_ratings = isset($_POST['download_allow_ratings']) && isnum($_POST['download_allow_ratings']) ? $_POST['download_allow_ratings'] : "0";
     $download_url = isset($_POST['download_url']) ? stripinput($_POST['download_url']) : "";
     $download_os = stripinput($_POST['download_os']);
     $download_license = stripinput($_POST['download_license']);
     $download_copyright = stripinput($_POST['download_copyright']);
     $download_homepage = stripinput($_POST['download_homepage']);
     $download_version = stripinput($_POST['download_version']);
     $download_filesize = stripinput($_POST['download_filesize']);
     $download_file = isset($submit_criteria['download_file']) && file_exists(DOWNLOADS . "submissions/" . $submit_criteria['download_file']) ? $submit_criteria['download_file'] : "";
     $download_image = isset($submit_criteria['download_image']) && file_exists(DOWNLOADS . "submissions/images/" . $submit_criteria['download_image']) ? $submit_criteria['download_image'] : "";
     $download_image_thumb = isset($submit_criteria['download_image_thumb']) && file_exists(DOWNLOADS . "submissions/images/" . $submit_criteria['download_image_thumb']) ? $submit_criteria['download_image_thumb'] : "";
     if (isset($_POST['del_image'])) {
         if (file_exists(DOWNLOADS . "submissions/images/" . $download_image)) {
             @unlink(DOWNLOADS . "submissions/images/" . $download_image);
             $download_image = "";
         }
         if (file_exists(DOWNLOADS . "submissions/images/" . $download_image_thumb)) {
             @unlink(DOWNLOADS . "submissions/images/" . $download_image_thumb);
             $download_image_thumb = "";
         }
     }
     if ($download_file) {
         $dest = DOWNLOADS;