public function __construct()
{
self::parseCompilers();
if (Security::check_post()) {
foreach ($_POST as $key => $val) {
if (!preg_match('#^[a-z_/]+$#i', $key) || !preg_match('#^[a-z0-9\\-_\\s]+$#i', $val)) {
break;
}
$this->post[] = $key;
$this->post[] = $val;
}
if (!isset($this->installed[$this->post[0]])) {
cpg_error('No such compiler');
}
$this->compiler = $this->post[0];
$this->call = strtolower($this->post[1]);
if ($this->post[0] === 'tpl' && $this->post[1] === 'show') {
$this->current_file = $this->post[2];
}
}
/*else {*/
self::index();
/*}*/
}
of the GNU GPL version 2 or any later version
$Source: /cvs/html/modules/Tell_a_Friend/index.php,v $
$Revision: 9.10 $
$Author: nanocaiordo $
$Date: 2008/07/31 14:14:01 $
**********************************************/
if (!defined('CPG_NUKE')) {
exit;
}
$pagetitle = _TELLFRIEND . ' ' . $MAIN_CFG['global']['sitename'];
$html = $MAIN_CFG['email']['allow_html_email'] || is_admin();
list($reg_users) = $db->sql_ufetchrow("SELECT COUNT(*) FROM " . $user_prefix . "_users WHERE user_id > 1 AND user_level >= 0", SQL_NUM);
list($total_hits) = $db->sql_ufetchrow("SELECT SUM(count) FROM " . $prefix . "_counter WHERE type='os'", SQL_NUM);
if (isset($_POST['sendMessage'])) {
if (!Security::check_post()) {
cpg_error(_SEC_ERROR);
}
$sender_name = strip_tags($_POST['sender_name']);
$sender_email = strip_tags($_POST['sender_email']);
$recipient_name = strip_tags($_POST['recipient_name']);
$recipient_email = strip_tags($_POST['recipient_email']);
$personal_message = $_POST['personal_message'];
if (!isset($CPG_SESS['tell_friend']) && !$CPG_SESS['tell_friend']) {
$error = _SPAMGUARDPROTECTED;
}
if (empty($sender_name)) {
$error = _MISSINGSNAME;
}
if (empty($recipient_name)) {
$error = _MISSINGRNAME;
$db->sql_query("DELETE FROM " . $prefix . "_modules_cat WHERE cid=" . $cid);
URL::redirect(URL::admin('cpgmm'));
}
$cat['name'] = defined($cat['name']) ? constant($cat['name']) : $cat['name'];
$pagetitle .= ' ' . _BC_DELIM . ' Delete Category: ' . $cat['name'];
require 'header.php';
GraphicAdmin('_AMENU1');
OpenTable();
echo '<center>' . sprintf(_ERROR_DELETE_CONF, '<i>' . $cat['name'] . '</i>');
echo '<br /><br />[ <a href="' . URL::admin('cpgmm') . '">' . _NO . '</a> | <a href="' . URL::admin("cpgmm&cid={$cid}&mode=delcat&ok=1") . '">' . _YES . '</a> ]</center>';
CloseTable();
} else {
cpg_error(_CPG_MMNOCAT);
}
} else {
if (Security::check_post() && isset($_POST['updatecpgmm']) && intval($_POST['id']) && intval($_POST['parent']) && intval($_POST['pos'])) {
$cats = -1;
for ($i = 0; $i < count($_POST['id']); ++$i) {
if ($_POST['parent'][$i] == 0) {
++$cats;
if ($_POST['id'][$i] > 0 && $_POST['pos'][$i] != $i) {
$db->sql_update($prefix . '_modules_cat', array('pos' => $i), 'cid=' . $_POST['id'][$i]);
}
$parent = $_POST['id'][$i] == -1 ? '0' : $_POST['id'][$i];
}
if ($_POST['id'][$i] > 0 && $_POST['parent'][$i] != 0 && $_POST['pos'][$i] != $i) {
$db->sql_update($prefix . '_modules_links', array('pos' => $i - $cats, 'cat_id' => $parent), 'lid=' . $_POST['id'][$i]);
} elseif ($_POST['id'][$i] < 0 && $_POST['parent'][$i] != 0 && $_POST['pos'][$i] != $i) {
$db->sql_update($prefix . '_modules', array('pos' => $i - $cats, 'cat_id' => $parent), 'mid=' . ltrim((string) $_POST['id'][$i], '-'));
}
}
Then create a zip file containing all of your smiley images plus this .pak configuration file';
} else {
if (isset($_POST['add'])) {
if (!Security::check_post()) {
cpg_error(_SEC_ERROR);
}
// Admin has selected to add a smiley.
$filename_list = "";
for ($i = 0; $i < count($smiley_images); $i++) {
$filename_list .= '<option value="' . $smiley_images[$i] . '">' . $smiley_images[$i] . '</option>';
}
$s_hidden_fields = '<input type="hidden" name="mode" value="savenew" />';
smile_edit(array(), $s_hidden_fields, $filename_list, $smiley_images[0]);
} else {
if (isset($_POST['updatesmiles'])) {
if (Security::check_post() && intval($_POST['id'])) {
for ($i = 0; $i < count($_POST['id']); $i++) {
if ($_POST['pos'][$i] != $i) {
$db->sql_update($prefix . '_bbsmilies', array('pos' => $i), 'smilies_id=' . $_POST['id'][$i]);
}
}
}
Cache::array_delete('smilies', 'bb');
cpg_error('Smilies order was successfully updated', 'Smilies Position Update', URL::admin('smilies'));
} else {
if ($mode != '') {
switch ($mode) {
case 'delete':
// Admin has selected to delete a smiley.
$smiley_id = intval($_GET['id']);
$sql = "DELETE FROM " . SMILIES_TABLE . " WHERE smilies_id = " . $smiley_id;
function BlocksEditSave($bid)
{
global $prefix, $db;
if (!Security::check_post()) {
cpg_error(_SEC_ERROR);
}
$update['title'] = $_POST['title'];
$update['content'] = $_POST['content'];
$update['url'] = empty($_POST['url']) ? '' : $_POST['url'];
$oldposition = $_POST['oldposition'];
$update['bposition'] = $_POST['bposition'];
$update['active'] = $_POST['active'];
$update['refresh'] = isset($_POST['refresh']) ? intval($_POST['refresh']) : 0;
$update['blanguage'] = $_POST['blanguage'];
$update['blockfile'] = empty($_POST['blockfile']) ? '' : $_POST['blockfile'];
$update['view'] = intval($_POST['view']);
$update['weight'] = intval($_POST['weight']);
$update['in_module'] = '';
if ($update['url'] != '') {
$update['time'] = time();
if (0 !== stripos($update['url'], 'http://')) {
$update['url'] = 'http://' . $update['url'];
}
require_once CORE_PATH . 'classes/rss.php';
if (!($update['content'] = CPG_RSS::format(CPG_RSS::read($update['url'])))) {
rssfail();
return;
}
}
# can be removed
if ($oldposition != $update['bposition']) {
$db->sql_query('UPDATE ' . $prefix . '_blocks SET weight=weight+1 WHERE weight>=' . $update['weight'] . " AND bposition='{$update['bposition']}'");
$db->sql_query('UPDATE ' . $prefix . '_blocks SET weight=weight-1 WHERE weight>' . $update['weight'] . " AND bposition='{$oldposition}'");
}
$db->sql_update($prefix . '_blocks', $update, 'bid=' . $bid);
$count = empty($_POST['in_module']) ? 0 : count($_POST['in_module']);
for ($i = 0; $i < $count; $i++) {
if (!intval($_POST['in_module'][$i])) {
continue;
} else {
$new_in_modules[intval($_POST['in_module'][$i])] = intval($_POST['in_module'][$i]);
}
}
$table_data = array();
# select all data
$result = $db->sql_query('SELECT a.mid, a.bid, MAX(b.weight) FROM ' . $prefix . '_blocks_custom a, ' . $prefix . '_blocks_custom b GROUP BY a.mid, a.bid');
if ($db->sql_numrows($result)) {
while ($row = $db->sql_fetchrow($result, SQL_NUM)) {
# block is there but module id has not been posted so delete from it
if ($row[1] == $bid && !isset($new_in_modules[$row[0]])) {
$db->sql_uquery('DELETE FROM ' . $prefix . "_blocks_custom WHERE bid={$bid} AND mid=" . $row[0]);
$db->sql_uquery('UPDATE ' . $prefix . "_blocks_custom SET weight=weight-1 WHERE weight>{$row[2]} AND mid=" . $row[0]);
} else {
if ($row[1] == $bid && isset($new_in_modules[$row[0]])) {
# module id has been posted and it exists within the table: clearing posteded data
$new_in_modules[$row[0]] = '';
}
}
if (!isset($table_data[$row[0]])) {
# save what we need for later use
$table_data[$row[0]] = $row[2];
}
}
$db->sql_freeresult($result);
}
$values = array();
# insert anything left from the posted data
if (!empty($new_in_modules)) {
foreach ($new_in_modules as $mid) {
if (!empty($mid)) {
$values[] = "('{$bid}', '{$mid}', '{$update['bposition']}', '" . ($table_data[$mid] + 1) . "')";
}
}
}
if (!empty($values)) {
$db->sql_uquery('INSERT INTO ' . $prefix . '_blocks_custom (bid, mid, side, weight) VALUES ' . implode(',', $values));
}
Cache::array_delete('blocks_list');
URL::redirect(URL::admin('blocks'));
}