function lxReport()
{
global $DB, $C, $L, $t;
$v = new Validator();
$v->Register($_REQUEST['message'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['REPORT']}");
// Verify captcha code
if ($C['report_captcha']) {
VerifyCaptcha($v);
}
// Check dsbl.org for spam submissions
if ($C['dsbl_report'] && CheckDsbl($_SERVER['REMOTE_ADDR'])) {
$v->SetError($L['DSBL_MATCHED']);
}
if (!$v->Validate()) {
$errors = join('<br />', $v->GetErrors());
lxShReport($errors);
return;
}
$link = $DB->Row('SELECT * FROM lx_links JOIN lx_link_fields USING (link_id) WHERE lx_links.link_id=?', array($_REQUEST['id']));
if ($link) {
$DB->Update('INSERT INTO lx_reports VALUES (?,?,?,?,?)', array(null, $_REQUEST['id'], $_REQUEST['message'], MYSQL_NOW, $_SERVER['REMOTE_ADDR']));
$t->assign_by_ref('link', $link);
}
$t->display('report-submitted.tpl');
}
function txReportAdd()
{
global $DB, $C, $L, $t, $domain;
$gallery = $DB->Row('SELECT * FROM `tx_galleries` WHERE `gallery_id`=?', array($_REQUEST['id']));
$v = new Validator();
$v->Register($_REQUEST['reason'], V_EMPTY, sprintf($L['REQUIRED_FIELD'], $L['REPORT']));
if (!$gallery) {
$v->SetError($L['BAD_GALLERY_ID']);
}
if ($C['report_captcha']) {
VerifyCaptcha($v);
}
if (!$v->Validate()) {
return $v->ValidationError('txShReportAdd', TRUE);
}
$DB->Update('INSERT INTO `tx_reports` VALUES (?,?,?,?,?)', array(null, $gallery['gallery_id'], $_SERVER['REMOTE_ADDR'], MYSQL_NOW, $_REQUEST['reason']));
$_REQUEST['report_id'] = $DB->InsertID();
$t->assign_by_ref('report', $_REQUEST);
$t->display($domain['template_prefix'] . 'report-complete.tpl');
flush();
// See if we need to e-mail any administrators
$reports_waiting = $DB->Count('SELECT COUNT(*) FROM `tx_reports`');
$t->assign('reports_waiting', $reports_waiting);
$administrators =& $DB->FetchAll('SELECT * FROM `tx_administrators`');
foreach ($administrators as $administrator) {
if ($administrator['reports_waiting'] > 0) {
if ($administrator['notifications'] & E_CHEAT_REPORT && $reports_waiting % $administrator['reports_waiting'] == 0) {
SendMail($administrator['email'], 'email-admin-reports.tpl', $t);
}
}
}
}
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
require_once 'includes/common.php';
require_once "{$GLOBALS['BASE_DIR']}/includes/template.class.php";
require_once "{$GLOBALS['BASE_DIR']}/includes/mysql.class.php";
require_once "{$GLOBALS['BASE_DIR']}/includes/validator.class.php";
SetupRequest();
$DB = new DB($C['db_hostname'], $C['db_username'], $C['db_password'], $C['db_name']);
$DB->Connect();
$t = new Template();
$t->assign_by_ref('config', $C);
$v = new Validator();
$v->Register($_REQUEST['email'], V_EMAIL, $L['INVALID_EMAIL']);
$v->Register($_REQUEST['name'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['NAME']}");
$v->Register($_REQUEST['comment'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['COMMENT']}");
$v->Register($_REQUEST['comment'], V_LENGTH, sprintf($L['COMMENT_LENGTH'], $C['min_comment_length'], $C['max_comment_length']), "{$C['min_comment_length']},{$C['max_comment_length']}");
// Verify captcha code
if ($C['comments_captcha']) {
VerifyCaptcha($v, 'linkxcaptcha_comment');
}
$account = ValidUserLogin();
if ($C['user_for_comments']) {
if ($account === FALSE || $account['status'] != 'active') {
if ($account === FALSE) {
$v->SetError($L['INVALID_LOGIN']);
} else {
if ($account['status'] == 'suspended') {
$v->SetError($L['SUSPENDED_ACCOUNT']);
function tlxPasswordReset($errors = null)
{
global $C, $DB, $L, $t;
$v = new Validator();
$v->Register($_REQUEST['email'], V_EMAIL, $L['INVALID_EMAIL']);
if (!empty($_REQUEST['email'])) {
$account = $DB->Row('SELECT * FROM `tlx_accounts` WHERE `email`=?', array($_REQUEST['email']));
if (!$account) {
$v->SetError($L['NO_MATCHING_EMAIL']);
} else {
if ($account['status'] != STATUS_ACTIVE) {
$v->SetError($L['ACCOUNT_PENDING']);
} else {
if ($account['suspended']) {
$v->SetError($L['ACCOUNT_SUSPENDED']);
}
}
}
}
if (!$v->Validate()) {
return $v->ValidationError('tlxShPasswordReset', TRUE);
}
$confirm_id = md5(uniqid(rand(), TRUE));
$DB->Update('DELETE FROM `tlx_account_confirms` WHERE `username`=?', array($account['username']));
$DB->Update('INSERT INTO `tlx_account_confirms` VALUES (?,?,?)', array($account['username'], $confirm_id, MYSQL_NOW));
$t->assign_by_ref('account', $account);
$t->assign('confirm_id', $confirm_id);
SendMail($account['email'], 'email-account-password-confirm.tpl', $t);
$t->display('accounts-password-reset-confirm.tpl');
}
function txAddGallery()
{
global $DB, $C, $L, $t, $domain;
// Set some default values
$defaults = array('weight' => $C['gallery_weight'], 'clicks' => 0, 'submit_ip' => $_SERVER['REMOTE_ADDR'], 'sponsor_id' => null, 'type' => 'submitted', 'format' => $C['allow_format'] ? $_REQUEST['format'] : FMT_PICTURES, 'status' => 'pending', 'previous_status' => null, 'date_scanned' => MYSQL_NOW, 'date_added' => MYSQL_NOW, 'date_approved' => null, 'date_scheduled' => null, 'date_displayed' => null, 'date_deletion' => null, 'allow_scan' => 1, 'allow_preview' => 1, 'has_preview' => 0, 'times_selected' => 0, 'used_counter' => 0, 'build_counter' => 0, 'tags' => $domain['tags']);
$_REQUEST = array_merge($_REQUEST, $defaults);
$v = new Validator();
// Verify and grab partner account
$partner = null;
if (!IsEmptyString($_REQUEST['username']) || !IsEmptyString($_REQUEST['password'])) {
$partner = $DB->Row('SELECT * FROM `tx_partners` WHERE `username`=? AND `password`=?', array($_REQUEST['username'], sha1($_REQUEST['password'])));
if (!$partner) {
$v->SetError($L['INVALID_LOGIN']);
} else {
// Setup the correct weight value for this account
$_REQUEST['weight'] = $partner['weight'];
$_REQUEST['partner'] = $partner['username'];
$_REQUEST['email'] = $partner['email'];
$_REQUEST['nickname'] = $partner['name'];
if (!empty($partner['categories'])) {
$partner['categories'] = unserialize($partner['categories']);
}
// Nickname not required for partner accounts
if ($C['require_nickname']) {
$v->Register($_REQUEST['nickname'], V_EMPTY, $L['NO_PARTNER_NICKNAME']);
}
// Check if the partner account is active and valid to submit
if ($partner['status'] == 'suspended') {
$v->SetError($L['ACCOUNT_SUSPENDED']);
} else {
if ($partner['status'] != 'active') {
$v->SetError($L['ACCOUNT_PENDING']);
}
}
// Check active dates
if (!IsEmptyString($partner['date_end']) && !IsEmptyString($partner['date_start'])) {
$now = strtotime(MYSQL_NOW);
$end = strtotime($partner['date_end']);
$start = strtotime($partner['date_start']);
if ($now < $start || $now > $end) {
$start_time = date("{$C['date_format']} {$C['time_format']}", $start);
$end_time = date("{$C['date_format']} {$C['time_format']}", $end);
$v->SetError(sprintf($L['ACCOUNT_EXPIRED'], $start_time, $end_time));
}
}
if ($partner['domains']) {
$partner['domains'] = unserialize($partner['domains']);
if ($domain) {
if (!$partner['domains_as_exclude'] && !in_array($domain['domain_id'], $partner['domains']) || $partner['domains_as_exclude'] && in_array($domain['domain_id'], $partner['domains'])) {
$v->SetError($L['BAD_PARTNER_DOMAIN']);
}
}
}
}
}
// See if only accepting submissions from partners
if (!$partner && $C['submit_status'] == 'partner') {
$v->SetError($L['PARTNERS_ONLY']);
}
// Do partner account validation
if (!$v->Validate()) {
return $v->ValidationError('txShGallerySubmit', TRUE);
}
$v->Register($_REQUEST['email'], V_EMAIL, $L['INVALID_EMAIL']);
$v->Register($_REQUEST['gallery_url'], V_URL, sprintf($L['INVALID_URL'], $L['GALLERY_URL']));
if ($C['require_keywords']) {
$v->Register($_REQUEST['keywords'], V_EMPTY, sprintf($L['REQUIRED_FIELD'], $L['KEYWORDS']));
}
if ($C['require_nickname']) {
$v->Register($_REQUEST['nickname'], V_EMPTY, sprintf($L['REQUIRED_FIELD'], $L['NAME']));
}
if ($C['require_description']) {
$v->Register($_REQUEST['description'], V_EMPTY, sprintf($L['REQUIRED_FIELD'], $L['DESCRIPTION']));
}
// Check description length if required or provided
if ($C['require_description'] || !IsEmptyString($_REQUEST['description'])) {
$v->Register($_REQUEST['description'], V_LENGTH, sprintf($L['DESCRIPTION_LENGTH'], $C['min_desc_length'], $C['max_desc_length']), "{$C['min_desc_length']},{$C['max_desc_length']}");
}
// Format keywords and check number
$_REQUEST['keywords'] = FormatSpaceSeparated($_REQUEST['keywords']);
$keywords = explode(' ', $_REQUEST['keywords']);
$v->Register(count($keywords), V_LESS_EQ, sprintf($L['MAXIMUM_KEYWORDS'], $C['max_keywords']), $C['max_keywords']);
// Validation of user defined fields
$fields =& GetUserGalleryFields();
foreach ($fields as $field) {
if ($field['on_submit']) {
if ($field['required']) {
$v->Register($_REQUEST[$field['name']], V_EMPTY, sprintf($L['REQUIRED_FIELD'], $field['label']));
}
if (!IsEmptyString($_REQUEST[$field['name']]) && $field['validation']) {
$v->Register($_REQUEST[$field['name']], $field['validation'], $field['validation_message'], $field['validation_extras']);
}
}
}
// Check the global number of submissions
if (!$partner && $C['max_submissions'] != -1) {
$todays_submissions = $DB->Count('SELECT COUNT(*) FROM `tx_galleries` WHERE type=? AND (partner=? OR partner IS NULL) AND `date_added` BETWEEN ? AND ?', array('submitted', '', MYSQL_CURDATE . ' 00:00:00', MYSQL_CURDATE . ' 23:59:59'));
if ($todays_submissions >= $C['max_submissions']) {
$t->display($domain['template_prefix'] . 'submit-full-global.tpl');
return;
}
}
// Check the number of submitted galleries
if ($partner) {
if ($partner['per_day'] != -1) {
$amount = $DB->Count('SELECT COUNT(*) FROM `tx_galleries` WHERE `partner`=? AND `type`=? AND `date_added` BETWEEN ? AND ?', array($partner['username'], 'submitted', MYSQL_CURDATE . ' 00:00:00', MYSQL_CURDATE . ' 23:59:59'));
if ($amount >= $partner['per_day']) {
$v->SetError($L['SUBMIT_LIMIT_REACHED']);
}
}
} else {
if ($C['submissions_per_person'] != -1) {
$amount = $DB->Count('SELECT COUNT(*) FROM `tx_galleries` WHERE (`submit_ip`=? OR `email`=? OR `gallery_url`=?) AND `type`=? AND `date_added` BETWEEN ? AND ?', array($_SERVER['REMOTE_ADDR'], $_REQUEST['email'], LevelUpUrl($_REQUEST['gallery_url']), 'submitted', MYSQL_CURDATE . ' 00:00:00', MYSQL_CURDATE . ' 23:59:59'));
if ($amount >= $C['submissions_per_person']) {
$v->SetError($L['SUBMIT_LIMIT_REACHED']);
}
}
}
// Check for valid category if allowing multiple categories to be selected
$category = null;
if ($C['allow_multiple_cats']) {
if (is_array($_REQUEST['category_id'])) {
$_REQUEST['category_id'] = array_unique($_REQUEST['category_id']);
if (count($_REQUEST['category_id']) > $C['max_categories']) {
$v->SetError(sprintf($L['EXCESSIVE_CATEGORIES'], $C['max_categories']));
} else {
$category_names = array();
$category_tags = array();
$_REQUEST['submitted_categories'] = join(',', $_REQUEST['category_id']);
// Check that all categories are valid
foreach ($_REQUEST['category_id'] as $category_id) {
$temp_category = $DB->Row('SELECT * FROM `tx_categories` WHERE `category_id`=? AND `hidden`=0', array($category_id));
if (!$temp_category) {
$v->SetError($L['INVALID_CATEGORY']);
} else {
// Set primary category
if ($category == null) {
$category = $temp_category;
}
// Check category submission limit
if ($temp_category['per_day'] != -1) {
$category_submissions = $DB->Count('SELECT COUNT(*) FROM `tx_galleries` WHERE type=? AND MATCH(`categories`) AGAINST(? IN BOOLEAN MODE) AND `date_added` BETWEEN ? AND ?', array('submitted', $temp_category['tag'], MYSQL_CURDATE . ' 00:00:00', MYSQL_CURDATE . ' 23:59:59'));
if ($category_submissions >= $temp_category['per_day']) {
$v->SetError(sprintf($L['CATEGORY_FULL'], htmlspecialchars($temp_category['name'])));
}
}
// Check if partner is allowed to submit to this category
if ($partner['categories']) {
if (!$partner['categories_as_exclude'] && !in_array($temp_category['category_id'], $partner['categories']) || $partner['categories_as_exclude'] && in_array($temp_category['category_id'], $partner['categories'])) {
$v->SetError(sprintf($L['BAD_PARTNER_CATEGORY'], $category['name']));
}
}
$category_names[] = $temp_category['name'];
$category_tags[] = $temp_category['tag'];
}
}
$_REQUEST['category'] = join(', ', $category_names);
$category['tag'] = join(' ', $category_tags);
}
} else {
$v->SetError($L['INVALID_CATEGORY']);
}
} else {
if (is_array($_REQUEST['category_id'])) {
$_REQUEST['category_id'] = $_REQUEST['category_id'][0];
}
$category = $DB->Row('SELECT * FROM `tx_categories` WHERE `category_id`=? AND `hidden`=0', array($_REQUEST['category_id']));
if (!$category) {
$v->SetError($L['INVALID_CATEGORY']);
} else {
// Check category submission limit
if ($category['per_day'] != -1) {
$category_submissions = $DB->Count('SELECT COUNT(*) FROM `tx_galleries` WHERE type=? AND MATCH(`categories`) AGAINST(? IN BOOLEAN MODE) AND `date_added` BETWEEN ? AND ?', array('submitted', $category['tag'], MYSQL_CURDATE . ' 00:00:00', MYSQL_CURDATE . ' 23:59:59'));
if ($category_submissions >= $category['per_day']) {
$v->SetError(sprintf($L['CATEGORY_FULL'], htmlspecialchars($category['name'])));
}
}
// Check if partner is allowed to submit to this category
if ($partner['categories']) {
if (!$partner['categories_as_exclude'] && !in_array($_REQUEST['category_id'], $partner['categories']) || $partner['categories_as_exclude'] && in_array($_REQUEST['category_id'], $partner['categories'])) {
$v->SetError(sprintf($L['BAD_PARTNER_CATEGORY'], $category['name']));
}
}
$_REQUEST['category'] = $category['name'];
}
}
// Verify captcha code
if (!$partner && $C['gallery_captcha'] || $partner && $C['gallery_captcha_partner']) {
VerifyCaptcha($v);
}
// Check for duplicate gallery URL
if (!$C['allow_duplicates'] && $DB->Count('SELECT COUNT(*) FROM `tx_galleries` WHERE `gallery_url`=?', array($_REQUEST['gallery_url']))) {
$v->SetError($L['DUPLICATE_URL']);
}
// Do preliminary validation before gallery scan
if (!$v->Validate()) {
return $v->ValidationError('txShGallerySubmit', TRUE);
}
// Check if whitelisted
$whitelisted = MergeWhitelistOptions(CheckWhitelist($_REQUEST), $partner);
// Scan gallery
$scan =& ScanGallery($_REQUEST, $category, $whitelisted);
$_REQUEST['scan'] = $scan;
// Make sure the gallery URL is working
if (!$scan['success']) {
$v->SetError(sprintf($L['BROKEN_URL'], $L['GALLERY_URL'], $scan['errstr']));
return $v->ValidationError('txShGallerySubmit', TRUE);
}
// Check if gallery content is hosted on same server
if ($C['require_content_on_server'] && !$scan['server_match']) {
$v->SetError($L['CONTENT_NOT_ON_SERVER']);
}
// Check for a reciprocal link
if ($C['require_recip'] && !$whitelisted['allow_norecip'] && !$scan['has_recip']) {
$v->SetError($L['NO_RECIP_FOUND']);
}
// Give weight boost to galleries with a reciprocal link
if ($scan['has_recip'] && $C['give_recip_boost']) {
$_REQUEST['weight']++;
}
// Check for 2257 code
if ($C['require_2257'] && !$scan['has_2257']) {
$v->SetError($L['NO_2257_FOUND']);
}
// Check for existing gallery with the same hash
if (!$C['allow_same_hash']) {
$amount = $DB->Count('SELECT COUNT(*) FROM `tx_galleries` WHERE `page_hash`=?', array($scan['page_hash']));
}
// Override the number of thumbnails
if (!$C['allow_num_thumbs']) {
$_REQUEST['thumbnails'] = $scan['thumbnails'];
}
// Check blacklist
$blacklisted = FALSE;
if (!$whitelisted['allow_blacklist']) {
$_REQUEST['html'] = $scan['html'];
$_REQUEST['headers'] = $scan['headers'];
$blacklisted = CheckBlacklistGallery($_REQUEST);
if ($blacklisted !== FALSE) {
// Handle blacklist transparently
if ($C['use_transparent_blacklist']) {
$_REQUEST['gallery_id'] = $DB->Count('SELECT MAX(gallery_id) FROM `tx_galleries`') + 1;
$t->assign_by_ref('gallery', $_REQUEST);
$t->display($domain['template_prefix'] . 'submit-complete.tpl');
return;
} else {
$v->SetError(sprintf($blacklisted[0]['reason'] ? $L['BLACKLISTED_REASON'] : $L['BLACKLISTED'], $blacklisted[0]['match'], $blacklisted[0]['reason']));
}
}
}
// Check number of links on the gallery
if ($C['max_links'] != -1 && $scan['links'] > $C['max_links']) {
$v->SetError(sprintf($L['EXCESSIVE_LINKS'], $C['max_links']));
}
// Get information about what is allowed for this category and format
if ($C['allow_format']) {
$scan['format'] = $_REQUEST['format'];
}
$format = GetCategoryFormat($scan['format'], $category);
$_REQUEST['category_format'] = $format;
// See if category allows this format
if (!$format['allowed']) {
$v->SetError(sprintf($L['INVALID_FORMAT'], $format['format_lang']));
}
// Check number of thumbnails
if ($_REQUEST['thumbnails'] < $format['minimum'] || $_REQUEST['thumbnails'] > $format['maximum']) {
$v->SetError(sprintf($L['BAD_THUMB_COUNT'], $format['minimum'], $format['maximum']));
}
// Clear keywords if not allowed
if (!$C['allow_keywords']) {
$_REQUEST['keywords'] = null;
}
// Clear preview thumbnail if only allowing partners to submit
// OR
// if this category and format does not allow preview thumbs
if ($C['allow_preview_partner'] && !$partner || !$format['preview_allowed']) {
$_REQUEST['preview'] = null;
}
// Handle the preview thumbnail if it was uploaded or to be automatically selected
$preview = HandlePreviewThumb($v, $format, LoadAnnotation($format['annotation'], $category['name']));
// Check size of gallery content
if ($C['check_content_size']) {
foreach ($scan['thumbs'] as $thumb) {
$head = new Http();
if ($head->Head($thumb['content'], FALSE, $scan['end_url'])) {
if (!empty($head->response_headers['content-length']) && $head->response_headers['content-length'] < $format['file_size']) {
$v->SetError(sprintf($L['SMALL_CONTENT'], $format['file_size'] / 1024));
break;
}
}
}
}
// Check download speed
if ($C['check_download_speed'] && $scan['speed_download'] < $C['min_download_speed']) {
$v->SetError(sprintf($L['SLOW_DOWNLOAD'], $scan['speed_download'], $C['min_download_speed']));
}
// Do final validation after gallery scan
if (!$v->Validate()) {
return $v->ValidationError('txShGallerySubmit', TRUE);
}
// Determine gallery status
$autoapprove_general = empty($partner) && !$C['require_confirm'] && ($C['allow_autoapprove'] || $whitelisted['allow_autoapprove']);
$autoapprove_partner = !empty($partner) && ($partner['allow_noconfirm'] || !$C['require_confirm']) && $whitelisted['allow_autoapprove'];
if ($_REQUEST['preview'] == 'crop') {
$_REQUEST['status'] = 'submitting';
} else {
if ($autoapprove_general || $autoapprove_partner) {
$_REQUEST['status'] = 'approved';
$_REQUEST['date_approved'] = MYSQL_NOW;
$_REQUEST['administrator'] = 'AUTO';
} else {
if (empty($partner) && $C['require_confirm'] || !empty($partner) && !$partner['allow_noconfirm'] && $C['require_confirm']) {
$_REQUEST['status'] = 'unconfirmed';
$_REQUEST['confirm_id'] = md5(uniqid(rand(), true));
}
}
}
// Add gallery data to the database
$DB->Update('INSERT INTO `tx_galleries` VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)', array(null, $_REQUEST['gallery_url'], $_REQUEST['description'], $_REQUEST['keywords'], $_REQUEST['thumbnails'], $_REQUEST['email'], $_REQUEST['nickname'], $_REQUEST['weight'], $_REQUEST['clicks'], $_REQUEST['submit_ip'], $_REQUEST['gallery_ip'], $_REQUEST['sponsor_id'], $_REQUEST['type'], $scan['format'], $_REQUEST['status'], $_REQUEST['previous_status'], $_REQUEST['date_scanned'], $_REQUEST['date_added'], $_REQUEST['date_approved'], $_REQUEST['date_scheduled'], $_REQUEST['date_displayed'], $_REQUEST['date_deletion'], $_REQUEST['partner'], $_REQUEST['administrator'], $_REQUEST['admin_comments'], $scan['page_hash'], $scan['has_recip'], $_REQUEST['has_preview'], $_REQUEST['allow_scan'], $_REQUEST['allow_preview'], $_REQUEST['times_selected'], $_REQUEST['used_counter'], $_REQUEST['build_counter'], $_REQUEST['tags'], MIXED_CATEGORY . " " . $category['tag']));
$_REQUEST['gallery_id'] = $DB->InsertID();
// Insert user defined database fields
$query_data = CreateUserInsert('tx_gallery_fields', $_REQUEST);
$DB->Update('INSERT INTO `tx_gallery_fields` VALUES (' . $query_data['bind_list'] . ')', $query_data['binds']);
// If partner account has icons, assign those to this gallery
if ($partner) {
$icons =& $DB->FetchAll('SELECT * FROM `tx_partner_icons` WHERE `username`=?', array($partner['username']));
foreach ($icons as $icon) {
$DB->Update('INSERT INTO `tx_gallery_icons` VALUES (?,?)', array($_REQUEST['gallery_id'], $icon['icon_id']));
}
}
// Log e-mail address
if ($C['log_emails']) {
$DB->Update('REPLACE INTO `tx_email_log` VALUES (?)', array($_REQUEST['email']));
}
// Show thumbnail cropping interface
if ($_REQUEST['preview'] == 'crop' && $_REQUEST['thumbnails'] > 0) {
txShCrop();
} else {
// Add preview thumbnail to database and rename
$preview = AddPreview($_REQUEST['gallery_id'], $format['preview_size'], $preview);
$_REQUEST['preview_url'] = $preview['url'];
// Assign gallery data to the template
$t->assign_by_ref('gallery', $_REQUEST);
$t->assign_by_ref('user_fields', $fields);
// Handle confirmation
if ($_REQUEST['status'] == 'unconfirmed') {
SendMail($_REQUEST['email'], $domain['template_prefix'] . 'email-gallery-confirm.tpl', $t);
$DB->Update('INSERT INTO `tx_gallery_confirms` VALUES (?,?,?)', array($_REQUEST['gallery_id'], $_REQUEST['confirm_id'], MYSQL_NOW));
}
// Update number of submitted galleries if partner account
if ($partner) {
$DB->Update('UPDATE `tx_partners` SET `submitted`=`submitted`+1,`date_last_submit`=? WHERE `username`=?', array(MYSQL_NOW, $partner['username']));
}
// Update the date of last submission for this category
$DB->Update('UPDATE `tx_categories` SET `date_last_submit`=? WHERE `category_id`=?', array(MYSQL_NOW, $category['category_id']));
$t->display($domain['template_prefix'] . 'submit-complete.tpl');
}
}
function &ValidateUserDefined($defs_table, $predefined_table, $editing = FALSE)
{
global $DB, $C;
// See if field name already exists
$field_count = $DB->Count('SELECT COUNT(*) FROM # WHERE `name`=?', array($defs_table, $_REQUEST['name']));
// Get pre-defined fields so there are no duplicates
$predefined = $DB->GetColumns($predefined_table);
$v = new Validator();
$v->Register($_REQUEST['name'], V_EMPTY, 'The Field Name must be filled in');
$v->Register($_REQUEST['name'], V_REGEX, 'The Field Name can contain only letters, numbers, and underscores', '/^[a-z0-9_]+$/i');
$v->Register($_REQUEST['name'], V_LENGTH, 'The Field Name can be at most 30 characters', '0,30');
$v->Register($_REQUEST['label'], V_EMPTY, 'The Label field must be filled in');
if ($_REQUEST['type'] == FT_SELECT) {
$v->Register($_REQUEST['options'], V_EMPTY, 'The Options field must be filled in for this field type');
}
if ($_REQUEST['validation'] != V_NONE) {
$v->Register($_REQUEST['validation_message'], V_EMPTY, 'The Validation Error field must be filled in');
}
if (!$editing || $_REQUEST['name'] != $_REQUEST['old_name']) {
$v->Register(in_array($_REQUEST['name'], $predefined), V_FALSE, 'The field name you have selected conflicts with a pre-defined field name');
$v->Register($field_count, V_ZERO, 'A field with this name already exists');
}
return $v;
}
function lxEditAccount()
{
global $DB, $C, $t, $L;
$account = ValidUserLogin();
if ($account === FALSE) {
lxShLogin($L['INVALID_LOGIN']);
return;
} else {
if ($account['status'] != 'active') {
lxShLogin($account['status'] == 'suspended' ? $L['SUSPENDED_ACCOUNT'] : $L['PENDING_ACCOUNT']);
return;
} else {
$password = $account['password'];
$v = new Validator();
$v->Register($_REQUEST['email'], V_EMAIL, $L['INVALID_EMAIL']);
$v->Register($_REQUEST['name'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['NAME']}");
if (!empty($_REQUEST['password'])) {
$v->Register($_REQUEST['password'], V_EQUALS, $L['NO_PASSWORD_MATCH'], $_REQUEST['confirm_password']);
$v->Register($_REQUEST['password'], V_LENGTH, $L['PASSWORD_LENGTH'], '4,9999');
$password = sha1($_REQUEST['password']);
}
// Validation of user defined fields
$fields =& GetUserAccountFields();
foreach ($fields as $field) {
if ($field['on_edit']) {
if ($field['required']) {
$v->Register($_REQUEST[$field['name']], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$field['label']}");
}
if ($field['validation']) {
$v->Register($_REQUEST[$field['name']], $field['validation'], $field['validation_message'], $field['validation_extras']);
}
}
}
// E-mail exists?
if ($DB->Count('SELECT COUNT(*) FROM lx_users WHERE username!=? AND email=?', array($account['username'], $_REQUEST['email']))) {
$v->SetError($L['DUPLICATE_EMAIL']);
}
// Check blacklist
$blacklisted = CheckBlacklistAccount($_REQUEST);
if ($blacklisted !== FALSE) {
$v->SetError(sprintf($L['BLACKLIST_MATCHED'], $blacklisted[0]['match'], $blacklisted[0]['reason']));
}
if (!$v->Validate()) {
$errors = join('<br />', $v->GetErrors());
lxShEdit($errors);
return;
}
// Update pre-defined data
$DB->Update('UPDATE lx_users SET ' . 'password=?, ' . 'name=?, ' . 'email=? ' . 'WHERE username=?', array($password, $_REQUEST['name'], $_REQUEST['email'], $account['username']));
// Update user defined fields
UserDefinedUpdate('lx_user_fields', 'lx_user_field_defs', 'username', $account['username'], $_REQUEST, FALSE);
// Back to the account overview
lxLogin(null, 'accountupdate');
}
}
}
function lxEditLink()
{
global $DB, $C, $L, $t;
$v = new Validator();
// Make sure user is allowed to edit this link
$link = $DB->Row('SELECT * FROM lx_links JOIN lx_link_fields USING (link_id) WHERE lx_links.link_id=?', array($_REQUEST['link_id']));
if ($_REQUEST['noaccount']) {
if (!empty($link['username']) || $link['site_url'] != $_REQUEST['login_site_url'] || $link['password'] != sha1($_REQUEST['login_password']) || $link['email'] != $_REQUEST['login_email']) {
$t->assign('error', $L['LINK_EDIT_REFUSED']);
$t->display('error-nice.tpl');
return;
}
} else {
$account = ValidUserLogin();
if (!$account || $account['username'] != $link['username']) {
$t->assign('error', $L['LINK_EDIT_REFUSED']);
$t->display('error-nice.tpl');
return;
}
}
$v->Register($_REQUEST['email'], V_EMAIL, $L['INVALID_EMAIL']);
$v->Register($_REQUEST['site_url'], V_URL, "{$L['INVALID_URL']}: {$L['SITE_URL']}");
$v->Register($_REQUEST['title'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['TITLE']}");
$v->Register($_REQUEST['description'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['DESCRIPTION']}");
$v->Register($_REQUEST['keywords'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['KEYWORDS']}");
$v->Register($_REQUEST['name'], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$L['NAME']}");
$v->Register($_REQUEST['description'], V_LENGTH, sprintf($L['DESCRIPTION_LENGTH'], $C['min_desc_length'], $C['max_desc_length']), "{$C['min_desc_length']},{$C['max_desc_length']}");
$v->Register($_REQUEST['title'], V_LENGTH, sprintf($L['TITLE_LENGTH'], $C['min_title_length'], $C['max_title_length']), "{$C['min_title_length']},{$C['max_title_length']}");
// Format keywords and check number
$_REQUEST['keywords'] = FormatKeywords($_REQUEST['keywords']);
$keywords = explode(' ', $_REQUEST['keywords']);
$v->Register(count($keywords), V_LESS, sprintf($L['MAXIMUM_KEYWORDS'], $C['max_keywords']), $C['max_keywords']);
if (!empty($_REQUEST['password'])) {
$v->Register($_REQUEST['password'], V_EQUALS, $L['NO_PASSWORD_MATCH'], $_REQUEST['confirm_password']);
}
// See if URL already exists
if ($DB->Count('SELECT COUNT(*) FROM lx_links WHERE site_url=? AND link_id!=?', array($_REQUEST['site_url'], $link['link_id']))) {
$v->SetError($L['DUPLICATE_URL']);
}
// Validation of user defined fields
$fields =& GetUserLinkFields();
foreach ($fields as $field) {
if ($field['on_edit']) {
if ($field['required']) {
$v->Register($_REQUEST[$field['name']], V_EMPTY, "{$L['REQUIRED_FIELD']}: {$field['label']}");
}
if ($field['validation']) {
$v->Register($_REQUEST[$field['name']], $field['validation'], $field['validation_message'], $field['validation_extras']);
}
}
}
$_REQUEST['allow_redirect'] = $link['allow_redirect'];
$_REQUEST['recip_required'] = $link['recip_required'];
// Scan link
$scan_result =& ScanLink($_REQUEST);
// Make sure site URL is working
if (!$scan_result['site_url']['working']) {
$v->SetError(sprintf($L['BROKEN_URL'], $L['SITE_URL'], $scan_result['site_url']['error']));
}
// Setup HTML code for blacklist check
$_REQUEST['html'] = $scan_result['site_url']['html'];
if (!empty($_REQUEST['recip_url'])) {
$_REQUEST['html'] .= ' ' . $scan_result['recip_url']['html'];
// Make sure recip URL is working
if (!$scan_result['recip_url']['working']) {
$v->SetError(sprintf($L['BROKEN_URL'], $L['RECIP_URL'], $scan_result['recip_url']['error']));
}
}
// Verify recip link was found
if ($_REQUEST['recip_required'] && !$scan_result['has_recip']) {
$v->SetError($L['NO_RECIP_FOUND']);
}
// Check blacklist
$blacklisted = CheckBlacklistLink($_REQUEST);
if ($blacklisted !== FALSE) {
$v->SetError(sprintf($L['BLACKLIST_MATCHED'], $blacklisted[0]['match'], $blacklisted[0]['reason']));
}
if (!$v->Validate()) {
$errors = join('<br />', $v->GetErrors());
lxShEdit($errors);
return;
}
if ($C['approve_link_edits']) {
$_REQUEST['submit_ip'] = $_SERVER['REMOTE_ADDR'];
$DB->Update('UPDATE lx_links SET is_edited=1,edit_data=? WHERE link_id=?', array(base64_encode(serialize($_REQUEST)), $link['link_id']));
} else {
// Update password, if necessary
$password = $link['password'];
if ($_REQUEST['noaccount'] && !empty($_REQUEST['password'])) {
$password = sha1($_REQUEST['password']);
}
// Update link data
$DB->Update('UPDATE lx_links SET ' . 'site_url=?, ' . 'recip_url=?, ' . 'title=?, ' . 'description=?, ' . 'name=?, ' . 'email=?, ' . 'submit_ip=?, ' . 'keywords=?, ' . 'date_modified=?, ' . 'password=?, ' . 'has_recip=? ' . 'WHERE link_id=?', array($_REQUEST['site_url'], $_REQUEST['recip_url'], $_REQUEST['title'], $_REQUEST['description'], $_REQUEST['name'], $_REQUEST['email'], $_SERVER['REMOTE_ADDR'], $_REQUEST['keywords'], MYSQL_NOW, $password, $scan_result['has_recip'], $link['link_id']));
// Update user defined fields
UserDefinedUpdate('lx_link_fields', 'lx_link_field_defs', 'link_id', $_REQUEST['link_id'], $_REQUEST, FALSE);
}
// Get category information
$categories = array();
$result = $DB->Query('SELECT * FROM lx_categories JOIN lx_link_cats USING (category_id) WHERE link_id=?', array($link['link_id']));
while ($category = $DB->NextRow($result)) {
$category['path_parts'] = unserialize($category['path_parts']);
$categories[] = $category;
}
$DB->Free($result);
// Show confirmation page
$t->assign_by_ref('categories', $categories);
$t->assign_by_ref('user_fields', $fields);
$t->assign_by_ref('link', $_REQUEST);
$t->display('submit-edited.tpl');
flush();
// Send e-mail to appropriate administrators
$result = $DB->Query('SELECT * FROM lx_administrators');
while ($admin = $DB->NextRow($result)) {
if ($admin['notifications'] & E_LINK_EDIT) {
SendMail($admin['email'], 'email-admin-link-edit.tpl', $t);
}
}
$DB->Free($result);
}
function lxSaveGeneralSettings()
{
global $C;
VerifyAdministrator();
CheckAccessList();
$server = GetServerCapabilities();
$GLOBALS['_server_'] = $server;
$v = new Validator();
$required = array('base_url' => 'Base URL', 'cookie_domain' => 'Cookie Domain', 'from_email' => 'E-mail Address', 'from_email_name' => 'E-mail Name', 'page_new' => 'New Links Page', 'page_popular' => 'Popular Links Page', 'page_top' => 'Top Links Page', 'page_details' => 'Link Details Page', 'extension' => 'File Extension', 'date_format' => 'Date Format', 'time_format' => 'Time Format', 'dec_point' => 'Decimal Point', 'thousands_sep' => 'Thousands Separator', 'min_desc_length' => 'Minimum Description Length', 'max_desc_length' => 'Maximum Description Length', 'min_title_length' => 'Maximum Title Length', 'max_title_length' => 'Maximum Title Length', 'max_keywords' => 'Maximum Keywords', 'link_weight' => 'Default Link Weight', 'min_comment_length' => 'Maximum Comment Length', 'max_comment_length' => 'Maximum Comment Length', 'max_rating' => 'Maximum Rating', 'font_dir' => 'Font Directory', 'min_code_length' => 'Minimum Code Length', 'max_code_length' => 'Maximum Code Length', 'cache_index' => 'Index Page Cache', 'cache_category' => 'Category Page Cache', 'cache_new' => 'New Link Page Cache', 'cache_popular' => 'Popular Links Page Cache', 'cache_top' => 'Top Links Page Cache', 'cache_search' => 'Search Page Cache', 'cache_details' => 'Details Page Cache');
foreach ($required as $field => $name) {
$v->Register($_REQUEST[$field], V_EMPTY, "The {$name} field is required");
}
if ($v->Validate()) {
if (!preg_match('~%d~', $_REQUEST['page_details'])) {
if (strpos($_REQUEST['page_details'], '.') === FALSE) {
$_REQUEST['page_details'] .= "%d";
} else {
$_REQUEST['page_details'] = preg_replace('~\\.([^.]*)$~', '%d.$1', $_REQUEST['page_details']);
}
}
$_REQUEST['extension'] = preg_replace('~^\\.~', '', $_REQUEST['extension']);
$_REQUEST['base_url'] = preg_replace('~/$~', '', $_REQUEST['base_url']);
$_REQUEST['domain'] = preg_replace('~^www\\.~', '', $_SERVER['HTTP_HOST']);
$_REQUEST = array_merge($server, $_REQUEST);
WriteConfig($_REQUEST);
$GLOBALS['message'] = 'Your settings have been successfully updated';
} else {
$C = array_merge($C, $_REQUEST);
$GLOBALS['errstr'] = join('<br />', $v->GetErrors());
}
lxShGeneralSettings();
}
function txSendPasswordReset()
{
global $DB, $C, $t, $L, $domain;
$v = new Validator();
$v->Register($_REQUEST['email'], V_EMPTY, sprintf($L['REQUIRED_FIELD'], $L['EMAIL']));
if (!IsEmptyString($_REQUEST['email'])) {
$partner = $DB->Row('SELECT * FROM `tx_partners` WHERE `email`=?', array($_REQUEST['email']));
if (!$partner) {
$v->SetError($L['NO_MATCHING_EMAIL']);
} else {
if ($partner['status'] == 'suspended') {
$v->SetError($L['ACCOUNT_SUSPENDED']);
} else {
if ($partner['status'] != 'active') {
$v->SetError($L['ACCOUNT_PENDING']);
}
}
}
}
if (!$v->Validate()) {
return $v->ValidationError('txShPasswordReset', TRUE);
}
$confirm_id = md5(uniqid(rand(), TRUE));
$DB->Update('DELETE FROM `tx_partner_confirms` WHERE `username`=?', array($partner['username']));
$DB->Update('INSERT INTO `tx_partner_confirms` VALUES (?,?,?)', array($partner['username'], $confirm_id, MYSQL_NOW));
$t->assign_by_ref('partner', $partner);
$t->assign('confirm_id', $confirm_id);
SendMail($partner['email'], $domain['template_prefix'] . 'email-partner-reset-confirm.tpl', $t);
$t->display($domain['template_prefix'] . 'partner-reset-confirm.tpl');
}
function tlxAccountRateAndComment()
{
global $C, $DB, $L, $t;
$v = new Validator();
$v->Register($_REQUEST['rating'], V_BETWEEN, sprintf($L['RATING_RANGE'], $C['max_rating']), array('min' => 1, 'max' => $C['max_rating']));
$comment = FALSE;
if (!IsEmptyString($_REQUEST['name']) || !IsEmptyString($_REQUEST['email']) || !IsEmptyString($_REQUEST['comment'])) {
$comment = TRUE;
$v->Register($_REQUEST['name'], V_EMPTY, sprintf($L['REQUIRED_FIELD'], $L['NAME']));
$v->Register($_REQUEST['email'], V_EMAIL, $L['INVALID_EMAIL']);
$v->Register($_REQUEST['comment'], V_EMPTY, sprintf($L['REQUIRED_FIELD'], $L['COMMENT']));
$v->Register($_REQUEST['comment'], V_LENGTH, sprintf($L['COMMENT_LENGTH'], $C['min_comment_length'], $C['max_comment_length']), "{$C['min_comment_length']},{$C['max_comment_length']}");
}
// Verify captcha code
if ($C['rate_captcha']) {
VerifyCaptcha($v);
}
// Check blacklist
if (($blacklisted = CheckBlacklistRating($_REQUEST)) !== FALSE) {
$v->SetError(sprintf($blacklisted[0]['reason'] ? $L['BLACKLISTED_REASON'] : $L['BLACKLISTED'], $blacklisted[0]['match'], $blacklisted[0]['reason']));
}
if (!$v->Validate()) {
return $v->ValidationError('tlxShAccountRateAndComment', TRUE);
}
$account = $DB->Row('SELECT * FROM `tlx_accounts` WHERE `username`=?', array($_REQUEST['id']));
if ($account) {
ProcessRating($account);
if ($comment) {
ProcessComment();
}
}
$t->assign_by_ref('account', $account);
$t->assign_by_ref('rating', $_REQUEST);
$t->display('rate-submitted.tpl');
}
function txAdministratorEdit()
{
global $DB, $C;
VerifyAdministrator();
$administrator = $DB->Row('SELECT * FROM `tx_administrators` WHERE `username`=?', array($_REQUEST['username']));
$v = new Validator();
$v->Register($_REQUEST['email'], V_EMAIL, 'The e-mail address is not properly formatted');
if ($_REQUEST['password']) {
$v->Register($_REQUEST['password'], V_LENGTH, 'The password must contain at least 4 characters', array('min' => 4, 'max' => 999));
}
if (isset($_REQUEST['e_cheat_report']) && !is_numeric($_REQUEST['reports_waiting'])) {
$v->SetError('The number of reports waiting must be filled in and numeric');
}
if (isset($_REQUEST['e_partner_request']) && !is_numeric($_REQUEST['requests_waiting'])) {
$v->SetError('The number of requests waiting must be filled in and numeric');
}
if (!$v->Validate()) {
return $v->ValidationError('txShAdministratorEdit');
}
if ($_REQUEST['password']) {
// Password has changed, so invalidate any current session that may be active
if ($_REQUEST['username'] != $_SERVER['REMOTE_USER']) {
$DB->Update('UPDATE `tx_administrators` SET `session`=NULL,`session_start`=NULL WHERE `username`=?', array($_REQUEST['username']));
}
$_REQUEST['password'] = sha1($_REQUEST['password']);
} else {
$_REQUEST['password'] = $administrator['password'];
}
// Determine the privileges and notifications for this account
$privileges = GenerateFlags($_REQUEST, '^p_');
$notifications = GenerateFlags($_REQUEST, '^e_');
// Update account information
$DB->Update('UPDATE `tx_administrators` SET ' . '`password`=?, ' . '`name`=?, ' . '`email`=?, ' . '`type`=?, ' . '`notifications`=?, ' . '`rights`=?, ' . '`reports_waiting`=?, ' . '`requests_waiting`=? ' . 'WHERE `username`=?', array($_REQUEST['password'], $_REQUEST['name'], $_REQUEST['email'], $_REQUEST['type'], $notifications, $privileges, $_REQUEST['reports_waiting'], $_REQUEST['requests_waiting'], $_REQUEST['username']));
$GLOBALS['message'] = 'Administrator account successfully updated';
$GLOBALS['added'] = true;
txShAdministratorEdit();
}
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
require_once 'includes/common.php';
require_once "{$GLOBALS['BASE_DIR']}/includes/template.class.php";
require_once "{$GLOBALS['BASE_DIR']}/includes/mysql.class.php";
require_once "{$GLOBALS['BASE_DIR']}/includes/validator.class.php";
SetupRequest();
$_REQUEST['rating'] = intval($_REQUEST['rating']);
$DB = new DB($C['db_hostname'], $C['db_username'], $C['db_password'], $C['db_name']);
$DB->Connect();
$t = new Template();
$t->assign_by_ref('config', $C);
$v = new Validator();
$v->Register($_REQUEST['rating'], V_BETWEEN, sprintf($L['RATING_RANGE'], $C['max_rating']), "1,{$C['max_rating']}");
// Verify captcha code
if ($C['rate_captcha']) {
VerifyCaptcha($v, 'linkxcaptcha_rate');
}
if ($C['user_for_rate']) {
$account = ValidUserLogin();
if ($account === FALSE || $account['status'] != 'active') {
if ($account === FALSE) {
$v->SetError($L['INVALID_LOGIN']);
} else {
if ($account['status'] == 'suspended') {
$v->SetError($L['SUSPENDED_ACCOUNT']);
} else {
$v->SetError($L['PENDING_ACCOUNT']);
}
function tlxGeneralSettingsSave()
{
global $C;
VerifyAdministrator();
CheckAccessList();
$server = GetServerCapabilities();
$GLOBALS['_server_'] = $server;
$v = new Validator();
$required = array('document_root' => 'Document Root', 'install_url' => 'ToplistX URL', 'cookie_domain' => 'Cookie Domain', 'from_email' => 'E-mail Address', 'from_email_name' => 'E-mail Name', 'date_format' => 'Date Format', 'time_format' => 'Time Format', 'dec_point' => 'Decimal Point', 'thousands_sep' => 'Thousands Separator', 'secret_key' => 'Secret Key', 'forward_url' => 'Default Forward URL', 'alternate_out_url' => 'Alternate Out URL', 'redirect_code' => 'Redirect Status Code', 'max_rating' => 'Maximum Site Rating', 'min_comment_length' => 'Minimum Comment Length', 'max_comment_length' => 'Maximum Comment Length', 'comment_interval' => 'Comment Interval', 'min_desc_length' => 'Minimum Description Length', 'max_desc_length' => 'Maximum Description Length', 'max_keywords' => 'Maximum Keywords', 'return_percent' => 'Default Return Percent', 'banner_max_width' => 'Maximum Banner Width', 'banner_max_height' => 'Maximum Banner Height', 'banner_max_bytes' => 'Maximum Banner Filesize', 'font_dir' => 'Font Directory', 'min_code_length' => 'Minimum Code Length', 'max_code_length' => 'Maximum Code Length');
if (!$_REQUEST['using_cron']) {
$required['rebuild_interval'] = 'Rebuild Interval';
$v->Register($_REQUEST['rebuild_interval'], V_GREATER_EQ, 'The Rebuild Interval must be 60 or larger', 60);
}
foreach ($required as $field => $name) {
$v->Register($_REQUEST[$field], V_EMPTY, "The {$name} field is required");
}
$_REQUEST['return_percent'] /= 100;
$_REQUEST['document_root'] = preg_replace('~/$~', '', $_REQUEST['document_root']);
$_REQUEST['install_url'] = preg_replace('~/$~', '', $_REQUEST['install_url']);
$_REQUEST['domain'] = preg_replace('~^www\\.~', '', $_SERVER['HTTP_HOST']);
$_REQUEST['banner_dir'] = DirectoryFromRoot($_REQUEST['document_root'], $_REQUEST['banner_url']);
if (!$v->Validate()) {
$C = array_merge($C, $_REQUEST);
return $v->ValidationError('tlxShGeneralSettings');
}
$_REQUEST = array_merge($server, $_REQUEST);
WriteConfig($_REQUEST);
$GLOBALS['message'] = 'Your settings have been successfully updated';
tlxShGeneralSettings();
}