function remove($checkperm = true) { global $db; if ($checkperm && !Permissions::checkPermAndLevel('delete_comments', $this->_dbo->user_id)) { throw new Exception2("Nie mona usun�komentarza", "Brak uprawnie�"); } $q = $db->prepare("DELETE FROM phph_comments WHERE comment_id = ?"); $db->execute($q, array($this->_cmid)); return true; }
} if (!Permissions::checkPerm('admin_panel')) { die("Permission denied."); } HTML::startHTML(); HTML::head(); HTML::startBODY("a_body"); $action = Utils::pg("action", "edit"); $cmid = Utils::pg("cmid"); $ref = urldecode(Utils::pg("ref")); $comment_title = ""; $comment_text = ""; $comment = new Comment($cmid); $comment_title = $comment->_dbo->comment_title; $comment_text = $comment->_dbo->comment_text; if (!Permissions::checkPermAndLevel('edit_comments', $comment->_dbo->user_id)) { die("Permission denied."); } ?> <div class="a_white_pane"> <h1 class="a_title">Edycja komentarza</h1> </div> <br /> <?php if (!empty($_POST['submit'])) { try { $comment->update($_POST['comment_title'], $_POST['comment_text']); if (!empty($ref)) {
require_once "includes/db.php"; require_once "includes/html.php"; require_once "includes/permissions.php"; require_once "includes/lang.php"; $session = Session::singletone(); if ($session->requireLogin()) { exit; } if (!Permissions::checkPerm('admin_panel')) { die("Permission denied."); } $uid = Utils::pg("uid"); if (empty($uid)) { header("Location: " . $session->addSID(Config::get("site_url") . "/admin/users.php")); } if (!Permissions::checkPermAndLevel('edit_users', $uid)) { die("Permission denied."); } HTML::startHTML(); HTML::head(); HTML::startBODY("a_body"); $err_login = false; $err_pass1 = false; $err_pass2 = false; $err_email = false; $user_login = ""; $user_pass1 = ""; $user_pass2 = ""; $user_email = ""; ?>
function renderContent() { $comments = $this->_photo->getComments(); $session = Session::singletone(); if (!empty($comments)) { foreach ($comments as $cmnt) { ?> <div class="a_comment"> <div class="a_comment_hdr"><?=htmlspecialchars($cmnt->_dbo->comment_title)?></div> <div class="a_comment_text"> <div class="a_table_list_details"><?=htmlspecialchars($cmnt->_user->user_login)?>, <?=Utils::formatTime($cmnt->_dbo->comment_date)?></div> <?=nl2br(htmlspecialchars($cmnt->_dbo->comment_text))?> </div> <div class="a_comment_actions"> <?php if ($cmnt->_dbo->user_id == $session->_uid || Permissions::checkPermAndLevel('edit_comments', $cmnt->_dbo->user_id)) { ?> <a href="<?php echo HTML::addRef($session->addSID("edit_comment.php?cmid=" . $cmnt->_cmid));?>" title="Edytuj komentarz"><?php HTML::img("edit.gif", "Edytuj komentarz"); ?></a> <? } ?> <?php if ($cmnt->_dbo->user_id == $session->_uid || Permissions::checkPermAndLevel('delete_comments', $cmnt->_dbo->user_id)) { ?> <a href="<?php echo HTML::addRef($session->addSID("remove_comment.php?cmid=" . $cmnt->_cmid));?>" onclick='return confirm("Czy na pewno usun±æ komentarz?");' title="Usuñ komentarz"><?php HTML::img("trash.gif", "Usuñ komentarz"); ?></a> <?php } ?> </div> </div> <?php } } else { ?> <div class="a_comment">Brak komentarzy.</div> <?php } }
function renderContent() { global $session, $db, $gid; $q = $db->prepare("SELECT " . "u.user_id AS memb_id, " . "u.user_login AS memb_login, " . "u.user_name AS memb_name, " . "gu.add_time, " . "ua.user_id AS add_id, " . "ua.user_login AS add_login, " . "ua.user_name AS add_name, " . "u.user_email AS memb_email, " . "u.user_www AS memb_www " . "FROM phph_group_users gu " . "INNER JOIN phph_users u ON gu.user_id = u.user_id " . "LEFT OUTER JOIN phph_users ua ON gu.added_by = ua.user_id " . "LIMIT " . $this->_start . ", " . $this->_count); $res = $db->execute($q); if (PEAR::isError($res)) { die($res->getMessage()); } while ($res->fetchInto($row)) { $added = strftime("%Y-%m-%d %T", $row['add_time']); ?> <tr> <td><a href="<?php echo HTML::addRef($session->addSID("user_info.php?uid=" . $row['memb_id'])); ?> "><?php echo $row['memb_id']; ?> </a></td> <td> <a href="<?php echo HTML::addRef($session->addSID("user_info.php?uid=" . $row['memb_id'])); ?> "><?php echo htmlspecialchars($row['memb_login']); ?> </a> <div class="a_table_list_details"><?php echo htmlspecialchars($row['memb_login']); ?> </div> </td> <td><?php echo $added; ?> </td> <td> <a href="<?php echo HTML::addRef($session->addSID("user_info.php?uid=" . $row['add_id'])); ?> "><?php echo htmlspecialchars($row['add_login']); ?> </a> <div class="a_table_list_details"><?php echo htmlspecialchars($row['add_name']); ?> </div> </td> <td> <?php if ($row['memb_id'] == $session->_uid || Permissions::checkPermAndLevel('remove_group_members', $row['memb_id'])) { ?> <a href="<?php echo HTML::addRef($session->addSID("remove_member.php?uid=" . $row['memb_id'] . "&gid=" . $gid)); ?> " onclick='return confirm("<?php echo _ADMIN_CONFIRM_REMOVE_MEMBER; ?> ");' title="<?php echo _ADMIN_REMOVE_MEMBER; ?> "><?php HTML::img("remove.gif", _ADMIN_REMOVE_MEMBER); ?> </a> <?php } ?> <?php if ($row['memb_id'] == $session->_uid || Permissions::checkPermAndLevel('edit_users', $row['memb_id'])) { ?> <a href="<?php echo HTML::addRef($session->addSID("edit_user.php?uid=" . $row['memb_id'])); ?> " title="<?php echo _ADMIN_EDIT_USER; ?> "><?php HTML::img("edit.gif", _ADMIN_EDIT_USER); ?> </a> <?php } ?> <?php if ($row['memb_id'] == $session->_uid || Permissions::checkPermAndLevel('delete_users', $row['memb_id'])) { ?> <a href="<?php echo HTML::addRef($session->addSID("remove_user.php?uid=" . $row['memb_id'])); ?> " onclick='return confirm("<?php echo sprintf(_ADMIN_CONFIRM_DELETE_USER, $row['memb_login']); ?> ");' title="<?php echo _ADMIN_REMOVE_USER; ?> "><?php HTML::img("trash.gif", _ADMIN_REMOVE_USER); ?> </a> <?php } ?> <a href="mailto:<?php echo htmlspecialchars($row['memb_email']); ?> " title="<?php echo _ADMIN_USER_EMAIL_T; ?> "><?php HTML::img("email.gif", _ADMIN_USER_EMAIL_T); ?> </a> <?php if (!empty($row['memb_www'])) { ?> <a href="<?php echo htmlspecialchars($row['memb_www']); ?> " target="_blank" title="<?php echo _ADMIN_USER_HOME_PAGE_T; ?> "><?php HTML::img("www.gif", _ADMIN_USER_HOME_PAGE_T); ?> </a> <?php } ?> </td> </tr> <?php } }
set_include_path(get_include_path() . ":../"); require_once "includes/session.php"; require_once "XML/Tree.php"; require_once "DB/DataObject.php"; require_once "DB/DataObject/Cast.php"; require_once "includes/config.php"; require_once "includes/utils.php"; require_once "includes/db.php"; require_once "includes/html.php"; require_once "includes/lang.php"; require_once "includes/permissions.php"; $session = Session::singletone(); if ($session->requireLogin()) { exit; } if (!Permissions::checkPerm('admin_panel')) { die("Permission denied."); } $ref = urldecode(Utils::pg("ref")); $uid = urldecode(Utils::pg("uid")); $gid = urldecode(Utils::pg("gid")); if (!Permissions::checkPermAndLevel('remove_group_members', $uid)) { die("Permission denied."); } $q = $db->prepare("DELETE FROM phph_group_users WHERE user_id = ? AND group_id = ?"); $r = $db->execute($q, array($uid, $gid)); if (PEAR::isError($r)) { die($r->getMessage()); } header("Location: {$ref}"); ini_restore('include_path');