function uploadForm($rewrite, $type) { if ($type == 'img') { echo '<form action="' . $rewrite->add . '" method="post" enctype="multipart/form-data"> <label>Nazwa</label> <input type="text" name="title" maxlength="64" value="' . (isset($_POST['title']) ? htmlspecialchars($_POST['title']) : '') . '" /> <label>Plik</label> <input type="file" name="image" /> <label>Kategoria</label> <select name="cat"> ' . $this->catList() . ' </select> <label>Źródło</label> <input type="text" name="source" maxlength="64" value="' . (isset($_POST['source']) ? htmlspecialchars($_POST['source']) : '') . '" /> <label><img src="' . kernel::host() . '/admin/lib/captcha/image.php" alt="Captcha"></label> <input type="text" name="question" /> <br/> <input type="submit" name="send_img" value="Dodaj" /> </form>'; } else { if ($type == 'youtube') { echo '<form action="' . $rewrite->add . '" method="post" enctype="multipart/form-data"> <input type="hidden" name="type" value="youtube" /> <label>Nazwa</label> <input type="text" name="title" maxlength="64" value="' . (isset($_POST['title']) ? htmlspecialchars($_POST['title']) : '') . '" /> <label>Adres klipu YouTube</label> <input type="text" name="src" value="' . (isset($_POST['src']) ? htmlspecialchars($_POST['src']) : '') . '" /> <label>Kategoria</label> <select name="cat"> ' . $this->catList() . ' </select> <label><img src="' . kernel::host() . '/admin/lib/captcha/image.php" alt="Captcha"></label> <input type="text" name="question" /> <br/> <input type="submit" name="send_movie" value="Dodaj" /> </form>'; } else { if ($type == 'vimeo') { echo '<form action="' . $rewrite->add . '" method="post" enctype="multipart/form-data"> <input type="hidden" name="type" value="vimeo" /> <label>Nazwa</label> <input type="text" name="title" maxlength="64" value="' . (isset($_POST['title']) ? htmlspecialchars($_POST['title']) : '') . '" /> <label>Adres klipu Vimeo</label> <input type="text" name="src" value="' . (isset($_POST['src']) ? htmlspecialchars($_POST['src']) : '') . '" /> <label>Kategoria</label> <select name="cat"> ' . $this->catList() . ' </select> <label><img src="' . kernel::host() . '/admin/lib/captcha/image.php" alt="Captcha"></label> <input type="text" name="question"> <br/> <input type="submit" name="send_movie" value="Dodaj" /> </form>'; } } } }
$i = 0; foreach ($content->subpages() as $name => $url) { if (isset($_GET['feature'])) { if ($_GET['feature'] == $url) { $class = ' class="active" '; } else { $class = NULL; } } else { if ($i == 0) { $class = ' class="active" '; } else { $class = NULL; } } echo '<li><a href="' . $kernel->host() . '?go=' . $get . '&feature=' . $url . '"' . @$class . '>' . $name . '</a></li>'; $i++; } echo ' </ul> </div>'; } } if (isset($content)) { if (class_exists("mainContent")) { if (method_exists($content, "init")) { $content->init(@$_GET['feature']); } else { $kernel->make_notify("Metoda <i>init()</i> nie istnieje. Wtyczka nie zostanie wczytana", NULL, 1); } } else {
function pms($user_id) { global $rewrite; if ($this->appConf('active') && $user_id != NULL) { $this->delete($user_id); if (empty($_GET['go'])) { //Lista wadomosci if ($this->get_total_pms($user_id) > 0) { echo '<table width="100%"> <tr> <th>Tytuł</th> <th width="20%">Nadawca</th> <th align="right" width="20%">Data wysłania</th> <th align="right" width="3%"></th> </tr> ' . $this->getPMS(' <tr> <td><a href="?go=view&id=#ID#">#SUBJECT#</a></td> <td width="20%">#FROM#</td> <td align="right" width="20%">#DATE#</td> <td align="right" width="2%" valign="middle"><a href="?delete=#ID#" title="Usuń"><img src="' . kernel::host() . '/admin/apps/inbox/img/delete.png" alt="delete"/></a></td> </tr>', $user_id, @$_GET['page'], 10) . ' </table>'; echo '<div style="margin-top:10px;text-align:center;">' . $this->pagination(' <a href="?page=#">«</a> ', ' <a href="?page=#">#</a> ', ' [ # ] ', ' <a href="?page=#">»</a> ', $user_id, @$_GET['page'], 10) . '</div>'; } else { $this->msg('Brak wiadomości', 2); } } else { //Czytanie wiadomosci if ($_GET['go'] == 'view') { if (is_numeric($_GET['id'])) { $msg_id = $_GET['id']; mysql_query("UPDATE `{$this->table}` SET `read`='1' WHERE `id`='{$msg_id}'"); echo $this->getPM('<table width="100%"> <tr> <th>#SUBJECT#</th> <th align="right">Nadawca: #FROM#</th> </tr> </table><br/>#CONTENT#', $msg_id); } else { $this->msg('Niepoprawny numer ID wiadomości', 1); } } else { if ($_GET['go'] == 'new') { if (isset($_GET['reply']) && is_numeric($_GET['reply'])) { $query_pm = mysql_query("SELECT * FROM `tentego_inbox` WHERE `id`='" . $_GET['reply'] . "' AND `to`='{$user_id}'"); $reply_pm = mysql_fetch_array($query_pm); $query_user = mysql_query("SELECT `user` FROM `tablicacms_users` WHERE `id`='" . $reply_pm['from'] . "'"); $reply_user = mysql_fetch_array($query_user); $_POST['to'] = $reply_user['user']; $_POST['subject'] = 'Re: ' . $reply_pm['subject']; $_POST['content'] = '[quote=' . $reply_user['user'] . ']' . $reply_pm['content'] . '[/quote]'; } if (isset($_GET['user']) && is_numeric($_GET['user'])) { $query_user = mysql_query("SELECT `user` FROM `tablicacms_users` WHERE `id`='" . $_GET['user'] . "'"); $reply_user = mysql_fetch_array($query_user); $_POST['to'] = $reply_user['user']; } if (isset($_POST['submit'])) { if (!empty($_POST['to']) && !empty($_POST['subject']) && !empty($_POST['content'])) { $to = htmlspecialchars(mysql_real_escape_string($_POST['to'])); $subject = htmlspecialchars(mysql_real_escape_string($_POST['subject'])); $content = htmlspecialchars(mysql_real_escape_string($_POST['content'])); $query_user = mysql_query("SELECT `id` FROM `tablicacms_users` WHERE `user`='{$to}'"); if (mysql_num_rows($query_user) > 0) { $user = mysql_fetch_array($query_user); $to = $user['id']; $date = date('Y-m-d H:i:s'); $from = $user_id; $query_send = mysql_query("INSERT INTO `{$this->table}` (`subject`,`content`,`to`,`from`,`date`,`read`) VALUES ('{$subject}','{$content}','{$to}','{$from}','{$date}',0)"); if ($query_send) { $this->msg('Wiadomość została poprawnie wysłana!', 3); $_POST['to'] = NULL; $_POST['subject'] = NULL; $_POST['content'] = NULL; } else { $this->msg('Niestety nie udało się wysłać wiadomości.', 1); } } else { $this->msg('Taki użytkownik nie istnieje!', 1); } } else { $this->msg('Wypełnij wszystkie pola!', 1); } } echo ' <script src="admin/apps/inbox/scripts.js"></script> <form action="' . $rewrite->inbox . '?go=new" method="post"> <label>Odbiorca</label> <input type="text" name="to" value="' . (isset($_POST['to']) ? htmlspecialchars($_POST['to']) : '') . '"/> <label>Tytuł</label> <input type="text" name="subject" maxlength="80" value="' . (isset($_POST['subject']) ? htmlspecialchars($_POST['subject']) : '') . '">'; if ($this->appConf('bbcode')) { echo '<label></label> <div class="options"> <input type="button" value="b" onClick="wstaw(\'[b]\',\'[/b]\')" /> <input type="button" value="i" onClick="wstaw(\'[i]\',\'[/i]\')" /> <input type="button" value="u" onClick="wstaw(\'[u]\',\'[/u]\')" /> <input type="button" value="s" onClick="wstaw(\'[s]\',\'[/s]\')"> <input type="button" value="link" onClick="wstaw(\'[url]\',\'[/url]\')" /> <input type="button" value="obrazek" onClick="wstaw(\'[img]\',\'[/img]\')" /> <input type="button" value="cytat" onClick="wstaw(\'[quote]\',\'[/quote]\')" /> <input type="button" value="kod" onClick="wstaw(\'[code]\',\'[/code]\')" /> </div>'; } echo '<label>Treść</label> <textarea id="content_input" name="content">' . (isset($_POST['content']) ? htmlspecialchars($_POST['content']) : '') . '</textarea> <br/> <input type="submit" name="submit" value="Wyślij" /> </form> '; } } } } else { $this->msg('Prywatne Wiadomości są wyłączone.', 1); } }