_aenter($_da, 1); @extract($btags); extract($_da, EXTR_OVERWRITE); tpl_refresh($tplname); @(include M_ROOT . "template/{$templatedir}/pcache/{$tplname}.php"); $_content = ob_get_contents(); ob_clean(); mexit($_content); } } else { load_cache('mlfields'); include_once M_ROOT . "./include/fields.cls.php"; include_once M_ROOT . "./include/upload.cls.php"; include_once M_ROOT . "./include/cheader.inc.php"; include_once M_ROOT . "./include/mcuedit.cls.php"; $inajax ? aheader() : _header(); if (!empty($mcommu['setting']['norepeat']) && ($cid = $db->result_one("SELECT cid FROM {$tblprefix}mflinks WHERE mid='{$mid}' AND fromid='{$memberid}' ORDER BY cid"))) { mcmessage('dorepeataddflink', axaction(2, M_REFERER)); } $db->query("INSERT INTO {$tblprefix}mflinks SET\n\t\t\tmid='{$mid}',\n\t\t\tmname='" . $actuser->info['mname'] . "',\n\t\t\tfromid='{$memberid}',\n\t\t\tfromname='" . $curuser->info['mname'] . "',\n\t\t\tcreatedate='{$timestamp}'\n\t\t\t"); if ($cid = $db->insert_id()) { $uedit = new cls_mcuedit(); $uedit->read($cid, 'flink'); foreach (array('fields') as $var) { ${$var} =& $uedit->{$var}; } $c_upload = new cls_upload(); $fields = fields_order($fields); $a_field = new cls_field(); foreach ($fields as $k => $v) { if (!$v['isfunc'] && !$v['isadmin']) {
<?php (!defined('M_COM') || !defined('M_ADMIN')) && exit('No Permission'); aheader(); if (!backallow('lang')) { amessage('no_apermission'); } load_cache('alangs'); if (empty($action)) { $action = 'alangsedit'; } $url_type = 'langs'; include 'urlsarr.inc.php'; url_nav(lang('lanpackmanage'), $urlsarr, 'alang'); if ($action == 'alangsedit') { $page = !empty($page) ? max(1, intval($page)) : 1; submitcheck('bfilter') && ($page = 1); $keyword = empty($keyword) ? '' : $keyword; $wheresql = ''; $fromsql = "FROM {$tblprefix}alangs"; $keyword && ($wheresql = "WHERE ename LIKE '%" . str_replace(array(' ', '*'), '%', addcslashes($keyword, '%_')) . "%' OR content LIKE '%" . str_replace(array(' ', '*'), '%', addcslashes($keyword, '%_')) . "%'"); $filterstr = ''; foreach (array('keyword') as $k) { $filterstr .= "&{$k}=" . rawurlencode(stripslashes(${$k})); } if (!submitcheck('balangsedit')) { echo form_str($actionid . 'arcsedit', "?entry=alangs&action=alangsedit&page={$page}"); tabheader_e(); echo "<tr><td class=\"txt txtleft\">"; echo lang('search_keyword') . " <input class=\"text\" name=\"keyword\" type=\"text\" value=\"{$keyword}\" size=\"10\"> "; echo strbutton('bfilter', 'filter0');
<?php include_once dirname(dirname(__FILE__)) . '/include/general.inc.php'; include_once M_ROOT . 'include/cheader.inc.php'; $inajax ? aheader() : _header(lang('membergetpwd'), 'curbox'); $forward = empty($forward) ? M_REFERER : $forward; $forwardstr = 'forward=' . rawurlencode($forward); empty($action) && ($action = ''); if ($action == 'getpwd' && !empty($mid) && !empty($id)) { $cmember = $db->fetch_one("SELECT m.mid,m.mname,m.email,s.confirmstr FROM {$tblprefix}members m,{$tblprefix}members_sub s WHERE m.mid='{$mid}' AND s.mid=m.mid"); if (!$cmember || !$cmember['confirmstr']) { mcmessage('invalidoperate'); } list($dateline, $deal, $confirmid) = explode("\t", $cmember['confirmstr']); if ($dateline < $timestamp - 86400 * 3 || $deal != 1 || $confirmid != $id) { mcmessage('invalidoperate'); } if (!submitcheck('bgetpwd')) { tabheader(lang('memberpwdsetting'), 'getpwd', "?action=getpwd&mid={$mid}&id={$id}", 2, 0, 1); trbasic(lang('membercname'), '', $cmember['mname'], ''); trbasic(lang('inputnewpwd'), 'npassword', '', 'password'); trbasic(lang('renewpwd'), 'npassword2', '', 'password'); $submitstr = ''; $submitstr .= makesubmitstr('npassword', 1, 0, 3, 15); $submitstr .= makesubmitstr('npassword2', 1, 0, 3, 15); $submitstr .= tr_regcode('register'); tabfooter('bgetpwd'); check_submit_func($submitstr); } else { if (!regcode_pass('register', empty($regcode) ? '' : trim($regcode))) { mcmessage('safecodeerr');
redirect('index.php?go=admins', true, true); } else { aerror('خطأ'); $SQL->close(); exit; } } else { aheader('المدراء'); echo "<ul>"; $result = $SQL->build(array('SELECT' => '*', 'FROM' => "{$dbprefix}admins")); while ($row = $SQL->fetch_array($result)) { echo '<li>' . $row['username'] . ' - <a href="index.php?go=admins&delete=' . $row['id'] . '">حذف</a></li>'; } echo "</ul><hr />"; $SQL->freeresult($result); echo "<h1>اضف مدير جديد </h1>"; echo '<form method="POST" action="index.php?go=admins">'; echo 'حساب المدير الجديد: <input name="username" value="" type="text" /><br /> كلمة المرور : <input name="userpassword" value="" type="password" /><br />'; echo '<input name="submit" type="submit" value="حفظ" /></form>'; //echo ''; afooter(); } } break; default: aheader('البداية'); echo ''; afooter(); break; }
function ainfo($msg = '') { aheader('info'); echo '<div style="color:green;"><strong>' . $msg . '</storng></div>'; afooter(); }
function login_msg($message, $url_forward = '', $msgtype = 'message') { global $memberid, $curuser, $entry, $lan_title, $cms_regcode, $cms_abs, $mcharset, $param_suffix, $inajax, $infloat, $handlekey, $ajaxtarget; $url_forward .= $url_forward ? $param_suffix : ''; $entry = mhtmlspecialchars($entry); $target = $infloat ? ' onclick="floatwin(\'close_' . $handlekey . '\');return floatwin(\'open_login\',this)"' : ''; if ($msgtype == 'message') { $message = '<tr><td align="center" colspan="2"><br><br>' . $message; if ($infloat) { $message .= '<script reload="1">setTimeout("floatwin(\'close_' . $handlekey . '\')", 1250);floatwin(\'closeparent_' . $handlekey . '\')</script><br><br><br></tr>'; } elseif ($url_forward) { if (preg_match('/[?&]entry=logout\\b/i', $url_forward)) { $url_forward = '?entry=home'; } $message .= "<br><br><a href=\"{$url_forward}\">" . lang('clickhere') . "</a>"; $message .= "<script reload=\"1\">setTimeout(\"redirect('{$url_forward}');\", 1250);</script><br><br></td></tr>"; } else { $message .= '<br><br><br></tr>'; } } elseif ($msgtype == 'error') { #$message = '<tr><td align="center" colspan="2"><br>'.lang('cur_member').' '.$curuser->info['mname'].'<br><br>'.$message. # $message = '<tr><td align="center" colspan="2"><br>'.$message. #'<br><br>'.($memberid ? '<a href="login.php?action=logout">>>'.lang('logout_member').'</a>' : '<a href="login.php?action=login"'.$target.'>>>'.lang('login_member').'</a>'). #' <a href="'.$cms_abs.'">>>'.lang('goback_index').'</a><br><br></td></tr>'; $extra = isset($entry) && empty($isframe) && $entry != 'logout' ? '?isframe=1&' . $_SERVER['QUERY_STRING'] : (in_array($entry, array('header', 'menu', 'logout')) ? '' : '?' . $_SERVER['QUERY_STRING']); $message = '<tr><td><form method="post" name="login" action="' . $extra . '"' . ($infloat ? " onsubmit=\"return ajaxform(this)\"" : '') . '>' . '<input type="hidden" name="isframe" value="1">' . '<input type="hidden" name="url_forward" value="' . $url_forward . '">' . '<table width="100%" border="0" cellpadding="0" cellspacing="0">' . '<tr class="txt"><td class="txtC w80">' . lang('admin_account') . '</td>' . '<td class="txt txtL"><input type="text" name="admin_mname" size="25"></td></tr>' . '<tr class="txt"><td class="txtC w80">' . lang('login_pwd') . '</td>' . '<td class="txt txtL"><input type="password" name="admin_password" size="25"></td></tr>'; if ($cms_regcode && in_array('admin', explode(',', $cms_regcode))) { $message .= '<tr class="txt"><td class="txtC w80">' . lang('regcode') . '</td>' . '<td class="txt txtL"><input type="text" name="regcode" id="regcode" size="4" maxlength="4"> ' . '<img src="tools/regcode.php" style="vertical-align: middle;cursor:pointer;" onClick="this.src=\'tools/regcode.php\'"></td></tr>'; } $message .= '<tr class="txtcenter"><td colspan="2"><input type="submit" class="btn" value="' . lang('submit') . '" /></td></tr></table></form></td></tr>'; } elseif ($msgtype == 'login') { if (substr($handlekey, 0, 8) == 'new_new_') { $message = '<script reload="1">setTimeout("floatwin(\'close_' . $handlekey . '\')", 1250)</script>' . '<td class="txt txtC">' . lang('passerror') . '</td></tr>'; } else { $extra = isset($entry) && empty($isframe) && $entry != 'logout' ? '?isframe=1&' . $_SERVER['QUERY_STRING'] : (in_array($entry, array('header', 'menu', 'logout')) ? '' : '?' . $_SERVER['QUERY_STRING']); $message = '<tr><td><form method="post" name="login" action="' . $extra . '"' . ($infloat ? " onsubmit=\"return ajaxform(this)\"" : '') . '>' . '<input type="hidden" name="isframe" value="1">' . '<input type="hidden" name="url_forward" value="' . $url_forward . '">' . '<table width="100%" border="0" cellpadding="0" cellspacing="0">' . '<tr class="txt"><td class="txtC w80">' . lang('admin_account') . '</td>' . '<td class="txt txtL"><input type="text" name="admin_mname" size="25"></td></tr>' . '<tr class="txt"><td class="txtC w80">' . lang('login_pwd') . '</td>' . '<td class="txt txtL"><input type="password" name="admin_password" size="25"></td></tr>'; if ($cms_regcode && in_array('admin', explode(',', $cms_regcode))) { $message .= '<tr class="txt"><td class="txtC w80">' . lang('regcode') . '</td>' . '<td class="txt txtL"><input type="text" name="regcode" id="regcode" size="4" maxlength="4"> ' . '<img src="tools/regcode.php" style="vertical-align: middle;cursor:pointer;" onClick="this.src=\'tools/regcode.php\'"></td></tr>'; } $message .= '<tr class="txtcenter"><td colspan="2"><input type="submit" class="btn" value="' . lang('submit') . '" /></td></tr></table></form></td></tr>'; } } else { if (substr($handlekey, 0, 8) == 'new_new_') { $message = '<script reload="1">setTimeout("floatwin(\'close_' . $handlekey . '\')", 1250)</script>' . '<td class="txt txtC">' . lang('passerror') . '</td></tr>'; } else { $extra = isset($entry) && empty($isframe) && $entry != 'logout' ? '?isframe=1&' . $_SERVER['QUERY_STRING'] : (in_array($entry, array('header', 'menu', 'logout')) ? '' : '?' . $_SERVER['QUERY_STRING']); $message = '<tr><td><form method="post" name="login" action="' . $extra . '"' . ($infloat ? " onsubmit=\"return ajaxform(this)\"" : '') . '>' . '<input type="hidden" name="isframe" value="1">' . '<input type="hidden" name="url_forward" value="' . $url_forward . '">' . '<table width="100%" border="0" cellpadding="0" cellspacing="0">' . '<tr class="txt"><td class="txtC w80">' . lang('admin_account') . '</td>' . '<td class="txt txtL">' . $curuser->info['mname'] . ' >><a href=\'login.php?action=logout\'>' . lang('exit') . '</a></td></tr>' . '<tr class="txt"><td class="txtC w80">' . lang('login_pwd') . '</td>' . '<td class="txt txtL"><input type="password" name="admin_password" size="15"></td></tr>'; if ($cms_regcode && in_array('admin', explode(',', $cms_regcode))) { $message .= '<tr class="txt"><td class="txtC w80">' . lang('regcode') . '</td>' . '<td class="txt txtL"><input type="text" name="regcode" id="regcode" size="4" maxlength="4"> ' . '<img src="tools/regcode.php" style="vertical-align: middle;cursor:pointer;" onClick="this.src=\'tools/regcode.php\'"></td></tr>'; } $message .= '<tr class="txtcenter"><td colspan="2"><input type="submit" class="btn" value="' . lang('submit') . '" /></td></tr></table></form></td></tr>'; } } if ($infloat) { aheader(); } else { ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title><?php echo $lan_title; ?> </title> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $mcharset; ?> "> <link rel="stylesheet" rev="stylesheet" href="./images/admina/contentsAdmin.css" type="text/css" media="all"> <script type="text/javascript">function redirect(url){top.location.replace(url)}</script> </head> <body> <?php } ?> <div style="margin:0 auto;margin-top:<?php echo $inajax ? 0 : 200; ?> px;"> <table width="100%" border="0" cellpadding="0" cellspacing="0" class="tb"><tr><td align="center"> <table width="400" border="0" cellpadding="8" cellspacing="0"<?php echo $inajax ? '' : ' class="tabmain"'; ?> > <tr style="text-align:center; text-indent:0;"><td colspan="2"><div class="conlist1 bdbot fB"><?php echo $lan_title; ?> </div></td></tr> <?php echo $message; ?> </table> </td></tr></table> </div> <?php if ($infloat) { afooter(); } else { ?> </body> </html> <?php } mexit(); }
/** # Project: PHPDISK File Storage Solution # This is NOT a freeware, use is subject to license terms. # # Site: http://www.google.com # # $Id: comment.php 121 2014-03-04 12:38:05Z along $ # # Copyright (C) 2008-2014 PHPDisk Team. All Rights Reserved. # */ include "includes/commons.inc.php"; $in_front = true; $file_id = (int) gpc('file_id', 'GP', 0); if (!$file_id) { aheader("Location: ./"); } $rs = $db->fetch_one_array("select file_name,file_extension from {$tpf}files where file_id='{$file_id}' limit 1"); if ($rs) { $tmp_ext = $rs['file_extension'] ? '.' . $rs['file_extension'] : ""; $file_name = $rs['file_name'] . $tmp_ext; } unset($rs); $a_viewfile = urr("viewfile", "file_id={$file_id}&file_key={$file_key}"); $title = __('comment') . ': ' . $file_name . ' - ' . $settings['site_title']; $perpage = 20; $rs = $db->fetch_one_array("select count(*) as total_num from {$tpf}comments where file_id='{$file_id}' and is_checked=1"); $total_num = $rs['total_num']; $start_num = ($pg - 1) * $perpage; function show_comment($file_id) {