<?php
include '../../../../includes/configuration/master.configuration.php';
checkAdminSpaceLogin();
$multimedia_id = SanitizeData($_GET['multimedia_id']);
$mySQL = "SELECT * FROM multimedia WHERE multimedia_id = '{$multimedia_id}'";
$recSET = mysql_query($mySQL) or die(mysql_error());
$recROW = mysql_fetch_assoc($recSET);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<title>Untitled 1</title>
<style type="text/css">
body {
background-color: #800000;
margin:0px;
}
.border {
border:1px white solid;
}
</style>
<?php
include '../../includes/configuration/master.configuration.php';
$username = mysql_escape_string(SanitizeData($_POST['uni1']));
$password = mysql_escape_string(SanitizeData($_POST['ptree2']));
$mySQL = "SELECT admin_id FROM admin WHERE username = '******' AND password = '******'";
$recSET = mysql_query($mySQL) or die(mysql_error());
if ($recROW = mysql_fetch_assoc($recSET)) {
$_SESSION['admin_login'] = $recROW['admin_id'];
header("Location:{$absoluteURL}" . "admin.space/");
exit;
} else {
header("Location:{$absoluteURL}" . "admin.space/login/index.php?error=1");
exit;
}
'fileDesc': '<?php
echo GetSetting('file_extensions_description', $feature_id);
?>
',
'fileExt': '<?php
echo GetSetting('file_extensions', $feature_id);
?>
',
'scriptData': {'nav_tab_id': <?php
echo SanitizeData($nav_tab_id);
?>
,'feature_id': <?php
echo SanitizeData($feature_id);
?>
,'vignette_id': <?php
echo SanitizeData($vignette_id);
?>
},
onError: function (event, queueID ,fileObj, errorObj) {
var msg;
if (errorObj.status == 404) {
alert('Could not find upload script. Use a path relative to: '+'<?php
echo getcwd();
?>
');
msg = 'Could not find upload script.';
} else if (errorObj.type === "HTTP")
msg = errorObj.type+": "+errorObj.status;
else if (errorObj.type ==="File Size")
msg = fileObj.name+'<br>'+errorObj.type+' Limit: '+Math.round(errorObj.sizeLimit/1024)+'KB';
<?php
include '../../../includes/configuration/master.configuration.php';
checkAdminSpaceLogin();
$nav_tab_id = SanitizeData($_GET['id']);
/*************************************************************************************************************************
SAVE THE LINK
**************************************************************************************************************************/
$link_target = $_POST['link_target'];
$link_type = $_POST['link_type'];
$link_external = $_POST['link_external'];
$link_internal = $_POST['link_internal'];
if ($link_type == 1) {
echo $link = $link_internal;
}
if ($link_type == 2) {
echo $link = $link_external;
}
/*************************************************************************************************************************
DELETE RECORD FROM TABLE AND ADD A NEW ONE
**************************************************************************************************************************/
$mySQL = "DELETE FROM link WHERE nav_tab_id = '{$nav_tab_id}'";
mysql_query($mySQL) or die(mysql_error());
/*************************************************************************************************************************
....to develop Need to capture the target navigation tab
**************************************************************************************************************************/
$mySQL = "INSERT INTO link (nav_tab_id, url) VALUES ('{$nav_tab_id}', '{$link}')";
mysql_query($mySQL) or die(mysql_error());
?>
<head>
<link href="../../../includes/style/admin.space.css" rel="stylesheet" type="text/css">
$mySQLt = "SELECT * FROM template ORDER BY template_type ASC";
$recSETt = mysql_query($mySQLt) or die(mysql_error());
while ($recROWt = mysql_fetch_assoc($recSETt)) {
/*************************************************************************************************************************
FOR EACH TEMPLATE GET THE LIST OF FEATURES
**************************************************************************************************************************/
$template_id = $recROWt['template_id'];
$mySQL = "SELECT * FROM feature ORDER BY usort ASC";
$recSET = mysql_query($mySQL) or die(mysql_error());
while ($recROW = mysql_fetch_assoc($recSET)) {
/*************************************************************************************************************************
CHECK IF THERE HAS BEEN AN ENTRY IN THE template_feature TABLE IF NOT INSERT ONE
**************************************************************************************************************************/
$feature_id = $recROW['feature_id'];
$name = "t{$template_id}" . "f{$feature_id}";
$checkbox = SanitizeData($_POST["{$name}"]);
$mySQLc = "SELECT * FROM template_feature WHERE template_id = '{$template_id}' AND feature_id = '{$feature_id}'";
$recSETc = mysql_query($mySQLc) or die(mysql_error());
if (mysql_num_rows($recSETc) == 0) {
mysql_query("INSERT INTO template_feature (template_id, feature_id) VALUES ('{$template_id}', '{$feature_id}')");
}
/*************************************************************************************************************************
CHECK THE STATUS OF THE FEATURE. IF CHECKBOX IS ON SET STATUS TO 1 OTHERWISE SET STATUS TO 0
**************************************************************************************************************************/
if ($checkbox == "on") {
$status = 1;
}
if ($checkbox != "on") {
$status = 0;
}
mysql_query("UPDATE template_feature SET status = '{$status}' WHERE template_id ='{$template_id}' AND feature_id ='{$feature_id}'");
<?php
}
?>
<p class="clear"></p>
</div>
<div class="editor_page">
<ul>
<li style="margin-left:0px; background:none; padding-left:0px"><a href="<?php
echo $absoluteURL;
?>
admin.space/website.navigation/">
Website Navigation</a></li>
<?php
echo html_entity_decode(return_cats_path_nolink(SanitizeData($_GET['id']), $lang = $_SESSION['languageID'], 1));
?>
</ul>
</div>
<p class="clear"></p>
<p style="height:10px; padding:0px; margin:0px"></p>
<?php
$mySQL = "SELECT * FROM vignette WHERE nav_tab_id = '{$nav_tab_id}' AND feature_id = '{$feature_id}' AND status = 3 ORDER BY usort ASC";
$recSET = mysql_query($mySQL) or die(mysql_error());
while ($recROW = mysql_fetch_assoc($recSET)) {
$vignette_id = $recROW['vignette_id'];
$usort = $recROW['usort'];
$mySQL2 = "SELECT * FROM page WHERE vignette_id = '{$vignette_id}' AND language_id = '{$default_language}'";
$recSET2 = mysql_query($mySQL2) or die(mysql_error());
$recROW2 = mysql_fetch_assoc($recSET2);
<?php
include '../../../includes/configuration/master.configuration.php';
checkAdminSpaceLogin();
/*************************************************************************************************************************
RETRIEVE VALUE FROM ARRAY AND SAVING CORRESPONDING CHANGE AS OCCURED
**************************************************************************************************************************/
$mySQL = "SELECT * FROM settings";
$recSET = mysql_query($mySQL) or die("Error occured" . mysql_error());
while ($recROW = mysql_fetch_assoc($recSET)) {
$i = $recROW['setting_id'];
$valuegroup = SanitizeData($_POST['value']);
$value = $valuegroup[$i];
if ($value != '') {
$updateSQL = "UPDATE settings SET value = '{$value}' WHERE setting_id = '{$i}'";
mysql_query($updateSQL);
}
}
$feature_id = $_GET['feature_id'];
echo $mySQL = "SHOW COLUMNS FROM feature WHERE Field <> 'feature_id'";
$recSET = mysql_query($mySQL) or die("Error occured" . mysql_error());
while ($recROW = mysql_fetch_assoc($recSET)) {
$field_name = $recROW['Field'];
$value = $_POST["{$field_name}"];
echo $updateSQL = "UPDATE feature SET {$field_name} = '{$value}' WHERE feature_id = '{$feature_id}'";
mysql_query($updateSQL);
}
?>
<head>
<h1><?php
echo deSanitizeData($feature_title);
?>
</h1>
<p class="clear"></p>
</div>
<div class="editor_page">
<ul>
<li style="margin-left:0px; background:none; padding-left:0px"><a href="<?php
echo $absoluteURL;
?>
admin.space/website.navigation/">Website Navigation</a></li>
<?php
echo html_entity_decode(return_cats_path_nolink(SanitizeData($nav_tab_id), $lang = $_SESSION['languageID'], 1));
?>
</ul>
</div>
<p class="clear"></p>
<div class="picture_uploader_holder">
<div id="fileUploadgrow3" class="style3"><strong>Please use a compatible browser</strong></div>
<p>
Click on the choose button above, browse your computer and select the files.
<?php
if (getSetting('max_upload', $feature_id) > 0) {
?>
You can upload up to <?php
echo deSanitizeData(getSetting('max_upload', $feature_id));
?>
$bodygroup = SanitizeData($_POST['body']);
$mySQL = "SELECT * FROM language WHERE status > 0 ORDER BY status DESC";
$recSET = mysql_query($mySQL) or die(mysql_error());
while ($recROW = mysql_fetch_assoc($recSET)) {
$i = $recROW['language_id'];
$default_title_text = "Page title (" . $recROW['language_name'] . ")";
$default_synopsis_text = "Type in a brief description (" . $recROW['language_name'] . ")";
$default_meta_title_text = "<Meta Title> (" . $recROW['language_name'] . ")";
$default_meta_keyword_text = "<Meta Keyword> (" . $recROW['language_name'] . ")";
$default_meta_description_text = "<Meta Description> (" . $recROW['language_name'] . ")";
$title = SanitizeData($_POST["title{$i}"]);
$abstract = SanitizeData($_POST["abstract{$i}"]);
$titletag = SanitizeData($_POST["titletag{$i}"]);
$keyword = SanitizeData($_POST["keyword{$i}"]);
$description = SanitizeData($_POST["description{$i}"]);
$body = SanitizeData($_POST["body{$i}"]);
if ($title == $default_title_text) {
$title = "";
}
if ($abstract == $default_synopsis_text) {
$abstract = "";
}
if ($titletag == $default_meta_title_text) {
$titletag = "";
}
if ($keyword == $default_meta_keyword_text) {
$keyword = "";
}
if ($description == $default_meta_description_text) {
$description = "";
}
</head>
<body>
<div class="navigation_structure_backend">
<div class="title_space">
<h1>Member details</h1>
<p class="clear"></p>
</div>
<?php
/*************************************************************************************************************************
CHECKS IF MEMBER ALREADY HAS A RECORD IN THE MEMBER TABLE. IF NOT CREATE ONE
**************************************************************************************************************************/
$id = $_GET['id'];
$mySQL = "SELECT * FROM {$table} WHERE nav_tab_id = " . SanitizeData($_GET['id']);
$recSET = mysql_query($mySQL) or die('Cannot find member in member table');
if (mysql_num_rows($recSET) < 1) {
$mySQL = "INSERT INTO {$table} (nav_tab_id, date) VALUES ({$id}, now())";
mysql_query($mySQL);
$id = mysql_insert_id();
} else {
$recROW = mysql_fetch_assoc($recSET);
$id = $recROW[$table_id];
}
?>
<form action="save.php?<?php
echo $table_id;
?>
=<?php
<?php
include '../../../includes/configuration/master.configuration.php';
checkAdminSpaceLogin();
$nav_tab_id = SanitizeData($_GET['id']);
$question_type = SanitizeData($_POST['question_type']);
$mySQL = "SELECT * FROM question_type WHERE nav_tab_id = '{$nav_tab_id}'";
$recSET = mysql_query($mySQL) or die(mysql_error());
$count = mysql_numrows($recSET);
if ($count == 0) {
$mySQL = "INSERT INTO question_type (nav_tab_id, question_type, status, date) VALUE ('{$nav_tab_id}', '{$question_type}', 3, now())";
}
if ($count > 0) {
$mySQL = "UPDATE question_type SET question_type ='{$question_type}' WHERE nav_tab_id ='{$nav_tab_id}'";
}
mysql_query($mySQL);
header("Location:{$absoluteURL}" . "admin.space/website.navigation/");
<form method="post" action="../configuration/create/save.php?feature_id=<?php echo $feature_id; ?> " class="form_class"> <h4>Information</h4> <p><label>Title</label><input type="text" name="title" style="margin-left:4px;width:295px"></p> <p><label>Description</label><textarea name="description" cols="20" rows="2" style="margin-left:4px;height:50px"></textarea></p> <button type="submit" class="buttton"> <span>Create</span> </button> </form> </div> <form action="save.php?template_id=<?php echo SanitizeData($_GET['template_id']); ?> " method="post" class="navigation_structure_backend"> <?php /************************************************************************************************************************* GET GENERAL SETTINGS : If feature ID is blank display the general settings **************************************************************************************************************************/ ?> <h3 class="setting_header"><strong><?php echo $recROW2['template_type']; ?> </strong></h3> <ul class="settings"> <?php
<?php
include '../../../../includes/configuration/master.configuration.php';
checkAdminSpaceLogin();
$vignette_id = SanitizeData($_GET['vignette_id']);
$mySQL = "SELECT * FROM multimedia WHERE vignette_id = '{$vignette_id}' ORDER BY usort ASC";
$recSET = mysql_query($mySQL) or die(mysql_error());
$recROW = mysql_fetch_assoc($recSET);
$multimedia_id = $recROW['multimedia_id'];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<title>Untitled 1</title>
<style type="text/css">
body {
background-color: #800000;
margin:0px;
}
.border {
border:1px white solid;
}
</style>
<?php include '../../../includes/configuration/master.configuration.php'; checkAdminSpaceLogin(); $feature_id = SanitizeData($_GET['feature_id']); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type" > <title>Untitled 1</title> <link href="../../../includes/style/admin.space.css" rel="stylesheet" type="text/css" > <link href="../../../includes/style/form.css" rel="stylesheet" type="text/css" > <script type="text/javascript" src="../../../includes/javascript/jquery.animated.collapse.js"></script> <script type="text/javascript" src="../../../includes/javascript/jquery.animated.collapse.code.js"></script> </head> <body> <div class="navigation_structure_backend"> <div class="title_space"> <h1>Set configuration parameters</h1> <p class="clear"></p> </div> <div id="backend_create_nav" style="display:none" class="hidden_box"> <form method="post" action="create/save.php?feature_id=<?php
<?php
include '../../../includes/configuration/master.configuration.php';
checkAdminSpaceLogin();
$nav_tab_id = SanitizeData($_GET['nav_tab_id']);
$nav_tab_name = SanitizeData($_POST['nav_tab_name']);
$template_id = SanitizeData($_POST['template_id']);
$parentdrop = SanitizeData($_POST['parentdrop']);
$NodeStructure = SanitizeData($_POST['NodeStructure']);
$status = '3';
$admin_id = "Modify Tab - " . $_SESSION['admin_login'];
$parentdrop = explode(".", $parentdrop);
$ext = $parentdrop[0];
$id = $parentdrop[1];
if ($ext == 'nav') {
$nav_position_id = $id;
$parent_id = '0';
}
if ($ext == 'par') {
$parent_id = $id;
$nav_position_id = '0';
}
if ($ext != 'nav' and $ext != 'par') {
$nav_position_id = '0';
$parent_id = $NodeStructure;
}
$updateSQL = "UPDATE navigation_tab SET\r\n\t\t\t\t\tnav_tab_name \t= '{$nav_tab_name}', \r\n\t\t\t\t\ttemplate_id \t= '{$template_id}',\r\n\t\t\t\t\tnav_position_id = '{$nav_position_id}',\r\n\t\t\t\t\tparent_id \t\t= '{$parent_id}',\r\n\t\t\t\t\tadmin_id\t\t= '{$admin_id}',\r\n\t\t\t\t\tstatus \t\t\t= '{$status}'\r\n\t\t\t\t\tWHERE \r\n\t\t\t\t\tnav_tab_id\t\t= '{$nav_tab_id}';\r\n\t\t\t\t\t";
mysql_query($updateSQL);
header("Location:{$absoluteURL}/admin.space/website.navigation/");
<?php
include '../../../../includes/configuration/master.configuration.php';
checkAdminSpaceLogin();
$multimedia_id = SanitizeData($_GET['multimedia_id']);
$description = SanitizeData($_POST['description']);
$mySQL = "UPDATE multimedia SET description = '{$description}' WHERE multimedia_id = '{$multimedia_id}'";
mysql_query($mySQL) or die(mysql_error());
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta content="en-gb" http-equiv="Content-Language">
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<title>Untitled 1</title>
</head>
<body onload="self.parent.myLytebox.end();"></body>
</html>
<?php
include '../../includes/configuration/master.configuration.php';
checkAdminSpaceLogin();
/*************************************************************************************************************************
RETRIEVE password FROM ARRAY AND SAVING CORRESPONDING CHANGE AS OCCURED
**************************************************************************************************************************/
$mySQL = "SELECT * FROM admin";
$recSET = mysql_query($mySQL) or die("Error occured" . mysql_error());
while ($recROW = mysql_fetch_assoc($recSET)) {
$i = $recROW['admin_id'];
$passwordgroup = SanitizeData($_POST['password']);
$password = $passwordgroup[$i];
$updateSQL = "UPDATE admin SET password = '******' WHERE admin_id = '{$i}'";
mysql_query($updateSQL);
}
?>
<head>
<link href="../../includes/style/admin.space.css" rel="stylesheet" type="text/css">
<style type="text/css">
</style>
</head>
<div class="messageBox">
<h1>admin saved</h1>
<p>Your changes has been saved.</p>
</div>