예제 #1
0
     $module = $match[1];
     $value = gcms::getVars($_POST, 'value', 0);
 } else {
     $action = gcms::getVars($_POST, 'action', '');
     $id = gcms::getVars($_POST, 'id', '');
     $value = gcms::getVars($_POST, 'value', 0);
     $module = gcms::getVars($_POST, 'module', 0);
 }
 // โมดูลที่เรียก
 $index = $db->getRec(DB_MODULES, $module);
 if ($index) {
     // config
     gcms::r2config($index['config'], $index);
     // ตรวจสอบ เจ้าของ แอดมิน
     $sql = "SELECT `id`,`picture` FROM `" . DB_INDEX . "` WHERE `id` IN({$id}) AND `module_id`='{$index['id']}'";
     if (!gcms::canConfig($index, 'moderator') && !gcms::isAdmin()) {
         $sql .= ' AND `member_id`=' . (int) $_SESSION['login']['id'];
     }
     $ids = array();
     foreach ($db->customQuery($sql) as $item) {
         $ids[$item['id']] = $item['picture'];
     }
     if (sizeof($ids) > 0) {
         $id = implode(',', array_keys($ids));
         if ($action == 'delete') {
             // ลบ (บทความ)
             foreach ($ids as $i => $item) {
                 @unlink(DATA_PATH . "document/{$item}");
             }
             $db->query("DELETE FROM `" . DB_COMMENT . "` WHERE `index_id` IN ({$id}) AND `module_id`='{$index['id']}'");
             $db->query("DELETE FROM `" . DB_INDEX . "` WHERE `id` IN ({$id}) AND `module_id`='{$index['id']}'");
예제 #2
0
파일: list.php 프로젝트: phannack/GCMS
 $list = array();
 if ($cat_count > 0 || $index['categories'] == 0 || $index['category_display'] == 0) {
     // เลือกหมวดมา หรือไม่มีหมวด หรือปิดการแสดงผลหมวดหมู่ แสดงรายการเรื่อง
     include ROOT_PATH . 'modules/document/stories.php';
     $template = 'list';
 } else {
     // ลิสต์รายชื่อหมวด
     include ROOT_PATH . 'modules/document/categories.php';
     $template = 'category';
 }
 // แสดงผลหน้าเว็บ
 $patt = array('/{BREADCRUMS}/', '/{LIST}/', '/{NEWTOPIC}/', '/{CATEGORY}/', '/{TOPIC}/', '/{DETAIL}/', '/{SPLITPAGE}/', '/{LANGUAGE}/', '/{MODULE}/');
 $replace = array();
 $replace[] = implode("\n", $breadcrumbs);
 $replace[] = sizeof($list) > 0 ? '<div class="row iconview">' . implode("\n", $list) . '</div>' : '';
 $replace[] = is_file(ROOT_PATH . 'modules/document/write.php') && gcms::canConfig($index, 'can_write') ? '' : 'hidden';
 $replace[] = $cat;
 $replace[] = $index['topic'];
 $replace[] = gcms::getVars($index, 'detail', '');
 $replace[] = $splitpage;
 $replace[] = LANGUAGE;
 $replace[] = $index['module'];
 if (sizeof($list) > 0) {
     $content = preg_replace($patt, $replace, gcms::loadtemplate($index['module'], 'document', $template));
 } else {
     $content = preg_replace($patt, $replace, gcms::loadtemplate($index['module'], 'document', 'empty'));
 }
 // title,keywords,description
 $title = $index['topic'];
 $keywords = $index['keywords'];
 $description = $index['description'];
예제 #3
0
<?php

// modules/board/admin_config.php
if (MAIN_INIT == 'admin' && $isMember) {
    // ตรวจสอบโมดูลที่เรียก
    $sql = "SELECT `id`,`module`,`config` FROM `" . DB_MODULES . "` WHERE `id`=" . (int) $_GET['id'] . " AND `owner`='board' LIMIT 1";
    $index = $db->customQuery($sql);
    $index = sizeof($index) == 1 ? $index[0] : false;
    if ($index) {
        // อ่าน config ของโมดูล
        gcms::r2config($index['config'], $index);
        // ตรวจสอบสถานะที่สามารถเข้าหน้านี้ได้
        if (!gcms::canConfig($index, 'can_config')) {
            $index = false;
        }
    }
    if (!$index) {
        $title = $lng['LNG_DATA_NOT_FOUND'];
        $content[] = '<aside class=error>' . $title . '</aside>';
    } else {
        // title
        $m = ucwords($index['module']);
        $title = "{$lng['LNG_CONFIG']} {$m}";
        $a = array();
        $a[] = '<span class=icon-board>{LNG_MODULES}</span>';
        $a[] = $m;
        $a[] = '{LNG_CONFIG}';
        // แสดงผล
        $content[] = '<div class=breadcrumbs><ul><li>' . implode('</li><li>', $a) . '</li></ul></div>';
        $content[] = '<section>';
        $content[] = '<header><h1 class=icon-config>' . $title . '</h1></header>';
예제 #4
0
<?php

// modules/gallery/admin_action.php
header("content-type: text/html; charset=UTF-8");
// inint
include '../../bin/inint.php';
$ret = array();
// referer, member
if (gcms::isReferer() && gcms::canConfig($config, 'gallery_can_write')) {
    if (isset($_SESSION['login']['account']) && $_SESSION['login']['account'] == 'demo') {
        $ret['error'] = 'EX_MODE_ERROR';
    } else {
        $action = gcms::getVars($_POST, 'action', '');
        $ids = array();
        foreach (explode(',', $_POST['id']) as $id) {
            $ids[] = (int) $id;
        }
        if (sizeof($ids) > 0) {
            $ids = implode(',', $ids);
            if ($action == 'delete') {
                // ลบอัลบัม, ตรวจสอบ id
                $sql = "SELECT `id` FROM `" . DB_GALLERY_ALBUM . "` WHERE `id` IN ({$ids}) AND `module_id`=(SELECT `id` FROM `" . DB_MODULES . "` WHERE `owner`='gallery')";
                $ids = array();
                foreach ($db->customQuery($sql) as $item) {
                    // ลบโฟลเดอร์และรูป
                    gcms::rm_dir(DATA_PATH . "gallery/{$item['id']}/");
                    // id ที่ลบ
                    $ids[] = $item['id'];
                }
                if (sizeof($ids) > 0) {
                    $ids = implode(',', $ids);
예제 #5
0
<?php

// modules/personnel/admin_category.php
if (MAIN_INIT == 'admin' && gcms::canConfig($config, 'personnel_can_config')) {
    // ตรวจสอบโมดูลที่เรียก
    $sql = "SELECT `id` FROM `" . DB_MODULES . "` WHERE `owner`='personnel' LIMIT 1";
    $index = $db->customQuery($sql);
    if (sizeof($index) == 1) {
        $index = $index[0];
        // title
        $title = "{$lng['LNG_CREATE']} - {$lng['LNG_EDIT']} {$lng['LNG_PERSONNEL_CATEGORY']}";
        $a = array();
        $a[] = '<span class=icon-modules>{LNG_MODULES}</span>';
        $a[] = '<a href="{URLQUERY?module=personnel-config&id=0}">{LNG_PERSONNEL}</a>';
        $a[] = '<a href="{URLQUERY?module=personnel-category&id=0}">{LNG_PERSONNEL_CATEGORY}</a>';
        // แสดงผล
        $content[] = '<div class=breadcrumbs><ul><li>' . implode('</li><li>', $a) . '</li></ul></div>';
        $content[] = '<section>';
        $content[] = '<header><h1 class=icon-customer>' . $title . '</h1></header>';
        // หมวดหมู่
        $content[] = '<div class=subtitle>{LNG_PERSONNEL_CATEGORY_COMMENT}</div>';
        $content[] = '<dl id=config_category class=editinplace_list>';
        $sql = "SELECT `id`,`category_id`,`topic` FROM `" . DB_CATEGORY . "` WHERE `module_id`='{$index['id']}' ORDER BY `category_id`";
        foreach ($db->customQuery($sql) as $item) {
            $id = $item['id'];
            $row = '<dd id=config_category_' . $id . '>';
            $row .= '<span class=no>[' . $item['category_id'] . ']</span>';
            $row .= '<span class=icon-delete id=config_category_delete_' . $id . ' title="{LNG_DELETE} {LNG_CATEGORY}"></span>';
            $row .= '{LNG_CATEGORY} <span id=config_category_name_' . $id . ' title="{LNG_CLICK_TO} {LNG_EDIT}">' . htmlspecialchars(gcms::ser2Str($item, 'topic')) . '</span>';
            $row .= '</dd>';
            $content[] = $row;
예제 #6
0
<?php

// modules/download/admin_category.php
if (MAIN_INIT == 'admin' && gcms::canConfig($config, 'download_can_config')) {
    // ตรวจสอบโมดูลที่เรียก
    $sql = "SELECT `id` FROM `" . DB_MODULES . "` WHERE `owner`='download' LIMIT 1";
    $index = $db->customQuery($sql);
    if (sizeof($index) == 1) {
        $index = $index[0];
        // title
        $title = "{$lng['LNG_CREATE']} - {$lng['LNG_EDIT']} {$lng['LNG_CATEGORY']}";
        $a = array();
        $a[] = '<span class=icon-download>{LNG_MODULES}</span>';
        $a[] = '<a href="{URLQUERY?module=download-config}">{LNG_DOWNLOAD}</a>';
        $a[] = '{LNG_CATEGORY}';
        // แสดงผล
        $content[] = '<div class=breadcrumbs><ul><li>' . implode('</li><li>', $a) . '</li></ul></div>';
        $content[] = '<section>';
        $content[] = '<header><h1 class=icon-category>' . $title . '</h1></header>';
        // หมวดหมู่
        $content[] = '<div class=subtitle>{LNG_DOWNLOAD_CATEGORY_DETAIL}</div>';
        $content[] = '<dl id=config_category class=editinplace_list>';
        $sql = "SELECT `id`,`category_id`,`topic` FROM `" . DB_CATEGORY . "` WHERE `module_id`='{$index['id']}' ORDER BY `category_id`";
        foreach ($db->customQuery($sql) as $item) {
            $id = $item['id'];
            $row = '<dd id=config_category_' . $id . '>';
            $row .= '<span class=no>[' . $item['category_id'] . ']</span>';
            $row .= '<span class=icon-delete id=config_category_delete_' . $id . ' title="{LNG_DELETE} {LNG_CATEGORY}"></span>';
            $row .= '{LNG_CATEGORY} <span id=config_category_name_' . $id . ' title="{LNG_CLICK_TO} {LNG_EDIT}">' . htmlspecialchars(gcms::ser2Str($item, 'topic')) . '</span>';
            $row .= '</dd>';
            $content[] = $row;
예제 #7
0
파일: write.php 프로젝트: phannack/GCMS
     // ไม่พบรายการหรือยังไม่ได้ติดตั้ง
     $title = $lng['LNG_DATA_NOT_FOUND'];
     $content = '<div class=error>' . $title . '</div>';
 } elseif (empty($config['edocument_can_upload']) || !gcms::canConfig($config, 'edocument_can_upload')) {
     // ไม่สามารถอัปโหลดได้
     $title = $lng['ACTION_FORBIDDEN'];
     $content = '<div class=error>' . $title . '</div>';
 } else {
     $index = $index[0];
     // login
     $login = gcms::getVars($_SESSION, 'login', array('id' => 0, 'status' => -1, 'email' => '', 'password' => ''));
     if ($id > 0) {
         // เจ้าของ
         $canEdit = $index['sender_id'] == $login['id'];
         // ผู้ดูแล
         $moderator = gcms::canConfig($config, 'edocument_moderator');
         // เจ้าของหรือผู้ดูแล แก้ไขได้
         $canEdit = $canEdit || $moderator;
         // ผู้รับเอกสาร
         $reciever = explode(',', $index['reciever']);
     } else {
         $index['document_no'] = sprintf($config['edocument_format_no'], (int) $index['document_no'] + 1);
         $index['topic'] = '';
         $index['detail'] = '';
         $index['ext'] = '';
         $index['id'] = 0;
         $reciever = array();
     }
     if ($id == 0 || $canEdit) {
         // antispam
         $antispam = gcms::rndname(32);
예제 #8
0
// modules/document/admin_setup.php
if (MAIN_INIT == 'admin' && $isMember) {
    unset($url_query['qid']);
    // โมดูลที่เรียก
    $id = gcms::getVars($_GET, 'id', 0);
    // ตรวจสอบโมดูลที่เรียก
    $sql = "SELECT * FROM `" . DB_MODULES . "` WHERE `id`={$id} AND `owner`='document' LIMIT 1";
    $index = $db->customQuery($sql);
    $index = sizeof($index) == 1 ? $index[0] : false;
    if ($index) {
        // อ่าน config ของโมดูล
        gcms::r2config($index['config'], $index);
        // ตรวจสอบสถานะที่สามารถเข้าหน้านี้ได้
        $can_write = gcms::canConfig($index, 'can_write');
        $moderator = gcms::canConfig($index, 'moderator');
        if (!$moderator && !$can_write) {
            $index = false;
        }
    }
    if (!$index) {
        $title = $lng['LNG_DATA_NOT_FOUND'];
        $content[] = '<aside class=error>' . $title . '</aside>';
    } else {
        // ค่าที่ส่งมา
        $q = array();
        // หมวดที่เลือก
        $cat = gcms::getVars($_GET, 'cat', 0);
        if ($cat > 0) {
            $q[] = "P.`category_id`={$cat}";
        }
예제 #9
0
<?php

// modules/personnel/admin_inint.php
if (MAIN_INIT == 'admin' && $isAdmin && (sizeof($install_owners['personnel']) == 0 || !defined('DB_PERSONNEL'))) {
    // เมนูติดตั้ง
    $admin_menus['tools']['install']['personnel'] = '<a href="index.php?module=install&amp;modules=personnel"><span>Personnel</span></a>';
} else {
    // เมนูแอดมิน
    if (gcms::canConfig($config, 'personnel_can_config')) {
        $admin_menus['modules']['personnel']['category'] = '<a href="index.php?module=personnel-category"><span>{LNG_PERSONNEL_CATEGORY}</span></a>';
    } else {
        unset($admin_menus['modules']['personnel']['config']);
        unset($admin_menus['modules']['personnel']['category']);
    }
    if (gcms::canConfig($config, 'personnel_can_config')) {
        $admin_menus['modules']['personnel']['setup'] = '<a href="index.php?module=personnel-setup"><span>{LNG_PERSONNEL_LIST}</span></a>';
        $admin_menus['modules']['personnel']['write'] = '<a href="index.php?module=personnel-write"><span>{LNG_ADD_NEW} {LNG_PERSONNEL}</span></a>';
    } else {
        unset($admin_menus['modules']['personnel']['setup']);
    }
}
예제 #10
0
     if (isset($_POST['id'])) {
         foreach (explode(',', $_POST['id']) as $id) {
             $ids[] = (int) $id;
         }
         $id = implode(',', $ids);
     }
 }
 // ตรวจสอบ module
 $index = $db->getRec(DB_MODULES, $module);
 if ($index) {
     if (in_array($index['owner'], array('document', 'board'))) {
         // config
         gcms::r2config($index['config'], $index);
         $admin = gcms::canConfig($index, 'can_config');
     } else {
         $admin = gcms::canConfig($config, $index['owner'] . '_can_config');
     }
     if ($admin && $action == 'delete') {
         // ลบหมวดหมู่, ตรวจสอบรายการที่เลือก และลบ icon ของหมวด
         $ids = array();
         $categories = array();
         $sql = "SELECT `id`,`icon` FROM `" . DB_CATEGORY . "` WHERE `id` IN ({$id}) AND `module_id`='{$index['id']}'";
         foreach ($db->customQuery($sql) as $item) {
             foreach (gcms::ser2Array($item, 'icon') as $icon) {
                 if (is_file(DATA_PATH . "{$index['owner']}/{$icon}")) {
                     // ลบไอคอนของหมวด
                     unlink(DATA_PATH . "{$index['owner']}/{$icon}");
                 }
             }
             // รายการที่ลบ category_detail
             $ids[] = $item['id'];
예제 #11
0
<?php

// modules/video/admin_config_save.php
header("content-type: text/html; charset=UTF-8");
// inint
include '../../bin/inint.php';
$ret = array();
// referer, admin
if (gcms::isReferer() && gcms::canConfig($config, 'video_can_config')) {
    if (isset($_SESSION['login']['account']) && $_SESSION['login']['account'] == 'demo') {
        $ret['error'] = 'EX_MODE_ERROR';
    } else {
        // โหลด config ใหม่
        $config = array();
        if (is_file(CONFIG)) {
            include CONFIG;
        }
        // ค่าที่ส่งมา
        $config['google_api_key'] = gcms::getVars($_POST, 'google_api_key', '');
        $config['video_cols'] = gcms::getVars($_POST, 'config_cols', 0);
        $config['video_rows'] = gcms::getVars($_POST, 'config_rows', 0);
        $config['video_can_write'] = isset($_POST['config_can_write']) ? $_POST['config_can_write'] : array();
        $config['video_can_write'][] = 1;
        $config['video_can_config'] = isset($_POST['config_can_config']) ? $_POST['config_can_config'] : array();
        $config['video_can_config'][] = 1;
        // บันทึก config.php
        if (gcms::saveconfig(CONFIG, $config)) {
            $ret['error'] = 'SAVE_COMPLETE';
            $ret['location'] = 'reload';
        } else {
            $ret['error'] = 'DO_NOT_SAVE';
예제 #12
0
<?php

// modules/event/admin_inint.php
if (MAIN_INIT == 'admin' && $isAdmin && (sizeof($install_owners['event']) == 0 || !defined('DB_EVENTCALENDAR'))) {
    // เมนูติดตั้ง
    $admin_menus['tools']['install']['event'] = '<a href="index.php?module=install&amp;modules=event"><span>Event Calendar</span></a>';
} else {
    // เมนูแอดมิน
    if (!gcms::canConfig($config, 'event_can_config')) {
        unset($admin_menus['modules']['event']['config']);
    }
    if (gcms::canConfig($config, 'event_can_write')) {
        $admin_menus['modules']['event']['setup'] = '<a href="index.php?module=event-setup"><span>{LNG_EVENT_LIST}</span></a>';
    } else {
        unset($admin_menus['modules']['event']['setup']);
    }
}
예제 #13
0
<?php

// modules/edocument/admin_config_save.php
header("content-type: text/html; charset=UTF-8");
// inint
include '../../bin/inint.php';
$ret = array();
// referer, admin
if (gcms::isReferer() && gcms::canConfig($config, 'edocument_can_config')) {
    if (isset($_SESSION['login']['account']) && $_SESSION['login']['account'] == 'demo') {
        $ret['error'] = 'EX_MODE_ERROR';
    } else {
        $error = false;
        // ตรวจสอบชนิดของไฟล์
        $file_typies = strtolower(preg_replace('/[\\s]/', '', $_POST['config_file_typies']));
        if ($file_typies != '') {
            foreach (explode(',', $file_typies) as $item) {
                if (!preg_match('/^[a-z0-9]{2,6}$/u', $item)) {
                    $error = true;
                }
            }
        }
        $edocument_format_no = $db->sql_trim_str($_POST, 'config_format_no');
        // ตรวจสอบค่าที่ส่งมา
        $ret['ret_config_format_no'] = '';
        $ret['ret_config_file_typies'] = '';
        if ($edocument_format_no == '') {
            $ret['error'] = 'EDOCUMENT_FORMAT_NO_EMPTY';
            $ret['input'] = 'config_format_no';
            $ret['ret_config_format_no'] = 'EDOCUMENT_FORMAT_NO_EMPTY';
        } elseif ($file_typies == '') {
예제 #14
0
<?php

// modules/download/admin_inint.php
if (MAIN_INIT == 'admin' && $isAdmin && (sizeof($install_owners['download']) == 0 || !defined('DB_DOWNLOAD'))) {
    // เมนูติดตั้ง
    $admin_menus['tools']['install']['download'] = '<a href="index.php?module=install&amp;modules=download"><span>Download</span></a>';
} else {
    // เมนูแอดมิน
    if (!gcms::canConfig($config, 'download_can_config')) {
        unset($admin_menus['modules']['download']['config']);
        unset($admin_menus['modules']['download']['category']);
    }
    if (gcms::canConfig($config, 'download_can_upload')) {
        $admin_menus['modules']['download']['setup'] = '<a href="index.php?module=download-setup"><span>{LNG_DOWNLOAD_FILES}</span></a>';
        $admin_menus['modules']['download']['write'] = '<a href="index.php?module=download-write"><span>{LNG_UPLOAD}</span></a>';
    } else {
        unset($admin_menus['modules']['download']['setup']);
    }
}
예제 #15
0
<?php

// modules/edocument/admin_config.php
if (MAIN_INIT == 'admin' && gcms::canConfig($config, 'edocument_can_config')) {
    // ตรวจสอบโมดูลที่เรียก
    $sql = "SELECT `id` FROM `" . DB_MODULES . "` WHERE `owner`='edocument' LIMIT 1";
    $index = $db->customQuery($sql);
    if (sizeof($index) == 0) {
        $title = $lng['LNG_DATA_NOT_FOUND'];
        $content[] = '<aside class=error>' . $title . '</aside>';
    } else {
        $index = $index[0];
        // title
        $title = "{$lng['LNG_CONFIG']} {$lng['LNG_EDOCUMENT']}";
        $a = array();
        $a[] = '<span class=icon-edocument>{LNG_MODULES}</span>';
        $a[] = '{LNG_EDOCUMENT}';
        $a[] = '{LNG_CONFIG}';
        // แสดงผล
        $content[] = '<div class=breadcrumbs><ul><li>' . implode('</li><li>', $a) . '</li></ul></div>';
        $content[] = '<section>';
        $content[] = '<header><h1 class=icon-config>' . $title . '</h1></header>';
        // form
        $content[] = '<form id=setup_frm class=setup_frm method=post action=index.php autocomplete=off>';
        $content[] = '<fieldset>';
        $content[] = '<legend><span>{LNG_MAIN_CONFIG}</span></legend>';
        // edocument_format_no
        $content[] = '<div class=item>';
        $content[] = '<label for=config_format_no>{LNG_EDOCUMENT_NO} :</label>';
        $content[] = '<span class="g-input icon-config"><input type=text id=config_format_no name=config_format_no value="' . $config['edocument_format_no'] . '" size=100 title="{LNG_EDOCUMENT_FORMAT_NO_COMMENT}"></span>';
        $content[] = '<div class=comment id=result_config_format_no>{LNG_EDOCUMENT_FORMAT_NO_COMMENT}</div>';
예제 #16
0
<?php

// modules/event/admin_write_save.php
header("content-type: text/html; charset=UTF-8");
// inint
include '../../bin/inint.php';
$ret = array();
// ตรวจสอบ referer และ สมาชิก
if (gcms::isReferer() && gcms::canConfig($config, 'event_can_write')) {
    if (isset($_SESSION['login']['account']) && $_SESSION['login']['account'] == 'demo') {
        $ret['error'] = 'EX_MODE_ERROR';
    } else {
        // ค่าที่ส่งมา
        $save['topic'] = gcms::getTags($_POST['write_topic']);
        $keywords = gcms::getTags($_POST['write_keywords']);
        $save['keywords'] = $db->sql_clean(gcms::cutstring(preg_replace('/[\'\\"\\r\\n\\s]{1,}/isu', ' ', $keywords == '' ? $save['topic'] : $keywords), 149));
        $description = trim(gcms::getVars($_POST, 'write_description', ''));
        $save['description'] = $db->sql_trim_str(gcms::cutstring(gcms::html2txt($description == '' ? $_POST['write_detail'] : $description), 149));
        $save['detail'] = gcms::ckDetail($_POST['write_detail']);
        $save['published_date'] = $db->sql_trim_str($_POST, 'write_published_date');
        $save['published'] = $_POST['write_published'] == '1' ? '1' : '0';
        $save['begin_date'] = "{$_POST['write_d']} {$_POST['write_h']}:{$_POST['write_m']}:00";
        $save['color'] = $db->sql_trim_str($_POST, 'write_color');
        $id = gcms::getVars($_POST, 'write_id', 0);
        if ($id > 0) {
            // ตรวจสอบโมดูล หรือ เรื่องที่เลือก (แก้ไข)
            $sql = "SELECT I.`module_id`,M.`module`";
            $sql .= " FROM `" . DB_EVENTCALENDAR . "` AS I";
            $sql .= " INNER JOIN `" . DB_MODULES . "` AS M ON M.`owner`='event' AND M.`id`=I.`module_id`";
            $sql .= " WHERE I.`id`='{$id}'";
            $sql .= " LIMIT 1";
예제 #17
0
<?php

// modules/gallery/admin_upload.php
if (MAIN_INIT == 'admin' && gcms::canConfig($config, 'gallery_can_write')) {
    // อัลบัมที่แก้ไข
    $id = gcms::getVars($_GET, 'id', 0);
    // ตรวจสอบโมดูลที่เรียก
    if ($id > 0) {
        $sql = "SELECT C.`id`,C.`topic`,M.`module` FROM `" . DB_MODULES . "` AS M";
        $sql .= " INNER JOIN `" . DB_GALLERY_ALBUM . "` AS C ON C.`module_id`=M.`id` AND C.`id`={$id}";
        $sql .= " WHERE M.`owner`='gallery' LIMIT 1";
        $index = $db->customQuery($sql);
    }
    if ($id == 0 || sizeof($index) == 0) {
        $title = $lng['LNG_DATA_NOT_FOUND'];
        $content[] = '<aside class=error>' . $title . '</aside>';
    } else {
        $index = $index[0];
        // guploads
        $javascript['guploads'] = '<script src=' . WEB_URL . '/widgets/guploads/script.js></script>';
        // title
        $title = "{$lng['LNG_ADD']} - {$lng['LNG_DELETE']} {$lng['LNG_IMAGE']}";
        $a = array();
        $a[] = '<span class=icon-gallery>{LNG_MODULES}</span>';
        $a[] = '<a href="{URLQUERY?module=gallery-config&id=0}">{LNG_GALLERY}</a>';
        $a[] = '<a href="{URLQUERY?module=gallery-album&id=0}">{LNG_GALLERY_ALBUM}</a>';
        $a[] = '{LNG_GALLERY_UPLOAD}';
        // แสดงผล
        $content[] = '<div class=breadcrumbs><ul><li>' . implode('</li><li>', $a) . '</li></ul></div>';
        $content[] = '<section>';
        $content[] = '<header><h1 class=icon-upload>' . $title . '&nbsp;{LNG_GALLERY_ALBUM}&nbsp;' . $index['topic'] . '</h1></header>';
예제 #18
0
파일: main.php 프로젝트: phannack/GCMS
 $totalpage = round($count['count'] / $config['edocument_listperpage']);
 $totalpage += $totalpage * $config['edocument_listperpage'] < $count['count'] ? 1 : 0;
 $page = $page > $totalpage ? $totalpage : $page;
 $page = $page < 1 ? 1 : $page;
 $start = $config['edocument_listperpage'] * ($page - 1);
 // list รายการ
 $sql = "SELECT D.*,U.`fname`,U.`lname`,U.`email`,U.`status` FROM `" . DB_EDOCUMENT . "` AS D";
 $sql .= " INNER JOIN `" . DB_USER . "` AS U ON U.`id`=D.`sender_id`";
 $sql .= " {$where} ORDER BY D.`last_update` DESC LIMIT {$start},{$config['edocument_listperpage']}";
 $datas = $cache->get($sql);
 if (!$datas) {
     $datas = $db->customQuery($sql);
     $cache->save($sql, $datas);
 }
 // ผู้ดุแล
 $moderator = $isAdmin || gcms::canConfig($config, 'edocument_moderator');
 // อ่านรายการลงใน $list
 $list = array();
 $patt = array('/(edit\\s{ID})/', '/(report\\s{ID})/', '/(delete\\s{ID})/', '/{ID}/', '/{NAME}/', '/{EXT}/', '/{ICON}/', '/{DETAIL}/', '/{DATE}/', '/{NO}/', '/{SIZE}/', '/{SENDER}/', '/{STATUS}/', '/{UID}/');
 $listitem = gcms::loadtemplate($index['module'], 'edocument', 'listitem');
 foreach ($datas as $item) {
     $replace = array();
     $replace[] = $moderator || $login_id == $item['sender_id'] ? '\\1' : 'hidden';
     $replace[] = $moderator || $login_id == $item['sender_id'] ? '\\1' : 'hidden';
     $replace[] = $moderator || $login_id == $item['sender_id'] ? '\\1' : 'hidden';
     $replace[] = $item['id'];
     $replace[] = $item['topic'];
     $replace[] = $item['ext'];
     $replace[] = WEB_URL . '/skin/ext/' . (is_file(ROOT_PATH . "skin/ext/{$item['ext']}.png") ? $item['ext'] : 'file') . '.png';
     $replace[] = $item['detail'];
     $replace[] = gcms::mktime2date($item['last_update'], 'd M Y');
예제 #19
0
<?php

// modules/video/admin_inint.php
if (MAIN_INIT == 'admin' && $isAdmin && (sizeof($install_owners['video']) == 0 || !defined('DB_VIDEO'))) {
    // เมนูติดตั้ง
    $admin_menus['tools']['install']['video'] = '<a href="index.php?module=install&amp;modules=video"><span>Video</span></a>';
} else {
    // เมนูแอดมิน
    if (!gcms::canConfig($config, 'video_can_config')) {
        unset($admin_menus['modules']['video']['config']);
    }
    if (gcms::canConfig($config, 'video_can_write')) {
        $admin_menus['modules']['video']['setup'] = '<a href="index.php?module=video-setup"><span>{LNG_VIDEO_LIST}</span></a>';
        $admin_menus['modules']['video']['write'] = '<a href="index.php?module=video-write"><span>{LNG_ADD_NEW} {LNG_VIDEO}</span></a>';
    } else {
        unset($admin_menus['modules']['video']['setup']);
    }
}
예제 #20
0
<?php

// modules/edocument/admin_setup.php
if (MAIN_INIT == 'admin' && gcms::canConfig($config, 'edocument_moderator')) {
    unset($url_query['id']);
    // ตรวจสอบโมดูลที่เรียก
    $sql = "SELECT `id`,`module` FROM `" . DB_MODULES . "` WHERE `owner`='edocument' LIMIT 1";
    $index = $db->customQuery($sql);
    if (sizeof($index) == 0) {
        $title = $lng['LNG_DATA_NOT_FOUND'];
        $content[] = '<aside class=error>' . $title . '</aside>';
    } else {
        $index = $index[0];
        // sql
        $q = array("D.`module_id`='{$index['id']}'");
        // ค้นหาจาก นามสกุลของไฟล์, เลขที่, ชื่อเอกสาร
        $search = $db->sql_trim_str($_GET, 'search');
        if ($search != '') {
            $q[] = "(`ext`='{$search}' OR `document_no` LIKE '%{$search}%' OR `topic` LIKE '%{$search}%')";
            $url_query['search'] = urlencode($search);
        }
        $where = 'WHERE ' . implode(' AND ', $q);
        // ทั้งหมด
        $sql = "SELECT COUNT(*) AS `count` FROM `" . DB_EDOCUMENT . "` AS D {$where}";
        $count = $db->customQuery($sql);
        // รายการต่อหน้า
        $list_per_page = gcms::getVars('GET,COOKIE', 'count,edocument_listperpage', 30);
        $list_per_page = max(10, $list_per_page);
        // หน้าที่เลือก
        $page = max(1, gcms::getVars($_GET, 'page', 1));
        // ตรวจสอบหน้าที่เลือกสูงสุด
예제 #21
0
<?php

// modules/edocument/admin_write_save.php
header("content-type: text/html; charset=UTF-8");
// inint
include '../../bin/inint.php';
$ret = array();
// referer, admin
if (gcms::isReferer() && gcms::canConfig($config, 'edocument_moderator')) {
    if (isset($_SESSION['login']['account']) && $_SESSION['login']['account'] == 'demo') {
        $ret['error'] = 'EX_MODE_ERROR';
    } else {
        // ค่าที่ส่งมา
        $save = array();
        $save['document_no'] = $db->sql_trim_str($_POST, 'edocument_no');
        $save['topic'] = $db->sql_trim_str($_POST, 'edocument_topic');
        $save['detail'] = gcms::ckClean($_POST['edocument_detail']);
        if (isset($_POST['edocument_reciever'])) {
            $save['reciever'] = implode(',', $_POST['edocument_reciever']);
        }
        $id = gcms::getVars($_POST, 'write_id', 0);
        $file = $_FILES['edocument_file'];
        // ตรวจสอบค่าที่ส่งมา
        $error = false;
        $input = false;
        if ($id > 0) {
            // แก้ไข
            $sql = "SELECT D.*,M.`module`";
            $sql .= " FROM `" . DB_EDOCUMENT . "` AS D";
            $sql .= " INNER JOIN `" . DB_MODULES . "` AS M ON M.`id`=D.`module_id`";
            $sql .= " WHERE D.`id`='{$id}' AND M.`owner`='edocument' LIMIT 1";
예제 #22
0
<?php

// modules/download/admin_config_save.php
header("content-type: text/html; charset=UTF-8");
// inint
include '../../bin/inint.php';
$ret = array();
// referer, member
if (gcms::isReferer() && gcms::canConfig($config, 'download_can_config')) {
    if (isset($_SESSION['login']['account']) && $_SESSION['login']['account'] == 'demo') {
        $ret['error'] = 'EX_MODE_ERROR';
    } else {
        // ตรวจสอบชนิดของไฟล์
        $error = false;
        $file_typies = strtolower(preg_replace('/[\\s]/', '', $_POST['config_file_typies']));
        if ($file_typies != '') {
            foreach (explode(',', $file_typies) as $item) {
                if (!preg_match('/^[a-z0-9]{2,6}$/u', $item)) {
                    $error = true;
                }
            }
        }
        // ตรวจสอบค่าที่ส่งมา
        $ret['ret_config_file_typies'] = '';
        if ($file_typies == '') {
            $ret['error'] = 'DOWNLOAD_FILE_TYPIES_EMPTY';
            $ret['input'] = 'config_file_typies';
            $ret['ret_config_file_typies'] = 'DOWNLOAD_FILE_TYPIES_EMPTY';
        } elseif ($error) {
            $ret['error'] = 'DOWNLOAD_FILE_TYPIES_INVALID';
            $ret['input'] = 'config_file_typies';
예제 #23
0
<?php

// modules/video/admin_setup.php
if (MAIN_INIT == 'admin' && gcms::canConfig($config, 'video_can_write')) {
    unset($url_query['id']);
    // ตรวจสอบโมดูลที่เรียก
    $sql = "SELECT `id` FROM `" . DB_MODULES . "` WHERE `owner`='video' LIMIT 1";
    $index = $db->customQuery($sql);
    if (sizeof($index) == 0) {
        $title = $lng['LNG_DATA_NOT_FOUND'];
        $content[] = '<aside class=error>' . $title . '</aside>';
    } else {
        $index = $index[0];
        // default query
        $q = array();
        $q[] = "`module_id`='{$index['id']}'";
        // ข้อความค้นหา
        $search = preg_replace('/[\\+\\s]+/u', ' ', $db->sql_trim_str($_GET, 'search', ''));
        $searchs = array();
        foreach (explode(' ', $search) as $item) {
            // แยกข้อความค้นหาออกเป็นคำๆ ค้นหาข้อความที่มีความยาวมากกว่า 2 ตัวอักษร
            if (mb_strlen($item) > 2) {
                $item = addslashes($item);
                $searchs[] = "`topic` LIKE '%{$item}%' OR `detail` LIKE '%{$item}%'";
            }
        }
        // ค้นหา สำหรับส่งไปหน้าถัดไป
        if (sizeof($searchs) > 0) {
            $q[] = '(' . implode(' OR ', $searchs) . ')';
            $url_query['search'] = urlencode($search);
        }
예제 #24
0
<?php

// modules/gallery/admin_inint.php
if (MAIN_INIT == 'admin' && $isAdmin && (sizeof($install_owners['gallery']) == 0 || !defined('DB_GALLERY'))) {
    // เมนูติดตั้ง
    $admin_menus['tools']['install']['gallery'] = '<a href="index.php?module=install&amp;modules=gallery"><span>Gallery</span></a>';
    unset($admin_menus['modules']['gallery']['config']);
} else {
    // เมนูแอดมิน
    if (!gcms::canConfig($config, 'gallery_can_config')) {
        unset($admin_menus['modules']['gallery']['config']);
    }
    if (gcms::canConfig($config, 'gallery_can_write')) {
        $admin_menus['modules']['gallery']['album'] = '<a href="index.php?module=gallery-album"><span>{LNG_GALLERY_ALBUM}</span></a>';
        $admin_menus['modules']['gallery']['write'] = '<a href="index.php?module=gallery-write"><span>{LNG_ADD_NEW} {LNG_GALLERY_ALBUM}</span></a>';
    }
}
예제 #25
0
파일: action.php 프로젝트: phannack/GCMS
     $sql .= " WHERE Q.`id`='{$qid}' LIMIT 1";
 }
 $index = $db->customQuery($sql);
 $ret = array();
 if (sizeof($index) == 0) {
     $ret['error'] = 'ACTION_ERROR';
 } else {
     $index = $index[0];
     // config
     gcms::r2config($index['config'], $index);
     // login
     $login = gcms::getVars($_SESSION, 'login', array('id' => 0, 'status' => -1, 'email' => '', 'password' => ''));
     // สมาชิก
     $isMember = gcms::isMember();
     // ผู้ดูแล
     $moderator = $isMember && gcms::canConfig($index, 'moderator');
     if ($action == 'quote') {
         // อ้างอิง
         if ($index['detail'] == '') {
             $ret['detail'] = '';
         } else {
             $ret['detail'] = rawurlencode('[quote' . ($rid > 0 ? " r={$no}]" : ']') . gcms::txtQuote($index['detail'], true) . '[/quote]');
         }
     } elseif ($qid > 0 && in_array($action, array('pin', 'lock')) && $moderator) {
         if ($action == 'pin') {
             $ret['value'] = $index['pin'] == 0 ? 1 : 0;
             $db->edit(DB_BOARD_Q, $qid, array('pin' => $ret['value']));
             $ret['title'] = $lng['LNG_' . ($ret['value'] == 0 ? '' : 'UN') . 'PIN'];
             $ret['error'] = 'BOARD_' . ($ret['value'] == 0 ? 'UN' : '') . 'PIN_SUCCESS';
         } elseif ($action == 'lock') {
             $ret['value'] = $index['locked'] == 0 ? 1 : 0;
예제 #26
0
<?php

// modules/personnel/admin_write_save.php
header("content-type: text/html; charset=UTF-8");
// inint
include '../../bin/inint.php';
$ret = array();
// referer, member
if (gcms::isReferer() && gcms::canConfig($config, 'personnel_can_write')) {
    if (isset($_SESSION['login']['account']) && $_SESSION['login']['account'] == 'demo') {
        $ret['error'] = 'EX_MODE_ERROR';
    } else {
        $error = false;
        // ค่าที่ส่งมา
        $save = array();
        $save['name'] = $db->sql_trim_str($_POST, 'write_name');
        $save['email'] = $db->sql_trim_str($_POST, 'write_email');
        $save['position'] = $db->sql_trim_str($_POST, 'write_position');
        $save['phone'] = $db->sql_trim_str($_POST, 'write_phone');
        $save['address'] = $db->sql_trim_str($_POST, 'write_address');
        $save['detail'] = $db->sql_trim_str($_POST, 'write_detail');
        $save['category_id'] = gcms::getVars($_POST, 'write_category', 0);
        $save['order'] = min(99, max(0, (int) $_POST['write_order']));
        $icon = $_FILES['write_picture'];
        $id = gcms::getVars($_POST, 'write_id', 0);
        // ตรวจสอบค่าที่ส่งมา
        if ($id > 0) {
            $sql = "SELECT C.*,M.`module` FROM `" . DB_MODULES . "` AS M";
            $sql .= " INNER JOIN `" . DB_PERSONNEL . "` AS C ON C.`module_id`=M.`id` AND C.`id`={$id}";
        } else {
            $sql1 = "SELECT MAX(`id`)+1 FROM `" . DB_PERSONNEL . "` WHERE `module_id`=M.`id`";
예제 #27
0
<?php

// modules/event/admin_write.php
if (MAIN_INIT == 'admin' && gcms::canConfig($config, 'event_can_write')) {
    // รายการที่แก้ไข
    $id = gcms::getVars($_GET, 'id', 0);
    // หมวดที่เลือก
    $cat = gcms::getVars($_GET, 'cat', 0);
    if ($id > 0) {
        // แก้ไข
        $sql = "SELECT D.*,M.`owner`,M.`module`";
        $sql .= " FROM `" . DB_EVENTCALENDAR . "` AS D";
        $sql .= " INNER JOIN `" . DB_MODULES . "` AS M ON M.`owner`='event' AND M.`id`=D.`module_id`";
        $sql .= " WHERE D.`id`='{$id}' LIMIT 1";
    } else {
        // ใหม่
        $sql = "SELECT M.`id` AS `module_id`,M.`module`,M.`owner`,{$cat} AS `category_id`,1 AS `published`";
        $sql .= " FROM `" . DB_MODULES . "` AS M";
        $sql .= " WHERE M.`owner`='event' LIMIT 1";
    }
    $index = $db->customQuery($sql);
    if (sizeof($index) == 1) {
        $index = $index[0];
        // title
        $a = array();
        $a[] = '<span class=icon-event>{LNG_MODULES}</span>';
        $a[] = '<a href="{URLQUERY?module=event-config}">' . ucwords($index['module']) . '</a>';
        $a[] = '<a href="{URLQUERY?module=event-setup}">{LNG_ALL_ITEMS}</a>';
        if ($id > 0) {
            $a[] = '{LNG_EDIT}';
            $title = "{$lng['LNG_EDIT']} {$lng['LNG_EVENT']} {$index['topic']}";