function submit_edit_category($config) { $id = $_POST['id']; $name = $_POST['name']; $receipt = $_POST['type'] == "receipt" ? 1 : 0; $description = $_POST['description']; return edit_category($config, $id, $name, $receipt, $description); }
if (!login()) { $login = site_url() . 'login'; header("location: {$login}"); } $title = from($_REQUEST, 'title'); $url = from($_REQUEST, 'url'); $content = from($_REQUEST, 'content'); $oldfile = from($_REQUEST, 'oldfile'); $destination = from($_GET, 'destination'); $description = from($_REQUEST, 'description'); if ($proper && !empty($title) && !empty($content)) { if (!empty($url)) { edit_category($title, $url, $content, $oldfile, $destination, $description); } else { $url = $title; edit_category($title, $url, $content, $oldfile, $destination, $description); } } else { $message['error'] = ''; if (empty($title)) { $message['error'] .= '<li>Title field is required.</li>'; } if (empty($content)) { $message['error'] .= '<li>Content field is required.</li>'; } if (!$proper) { $message['error'] .= '<li>CSRF Token not correct.</li>'; } config('views.root', 'system/admin/views'); render('edit-page', array('title' => 'Edit category - ' . blog_title(), 'description' => blog_description(), 'canonical' => site_url(), 'error' => '<ul>' . $message['error'] . '</ul>', 'oldfile' => $oldfile, 'postTitle' => $title, 'postUrl' => $url, 'postContent' => $content, 'type' => 'is_category', 'bodyclass' => 'editcategory', 'breadcrumb' => '<a href="' . site_url() . '">' . config('breadcrumb.home') . '</a> » Edit category')); }
} elseif (defined('HESK_DEMO')) { hesk_process_messages($hesklang['ddemo'], 'manage_knowledgebase.php', 'NOTICE'); } elseif ($action == 'new_article') { new_article(); } elseif ($action == 'new_category') { new_category(); } elseif ($action == 'remove_article') { remove_article(); } elseif ($action == 'save_article') { save_article(); } elseif ($action == 'order_article') { order_article(); } elseif ($action == 'order_cat') { order_category(); } elseif ($action == 'edit_category') { edit_category(); } elseif ($action == 'remove_kb_att') { remove_kb_att(); } elseif ($action == 'sticky') { toggle_sticky(); } elseif ($action == 'update_count') { update_count(1); } } // Part of a trick to prevent duplicate article submissions by reloading pages hesk_cleanSessionVars('article_submitted'); /* Print header */ require_once HESK_PATH . 'inc/header.inc.php'; /* Print main manage users page */ require_once HESK_PATH . 'inc/show_admin_nav.inc.php'; ?>
content_review($title, $subtitle, $page_header, $text, $page_footer, $signature, $clanguage, $active); break; case "content_save": content_save($title, $subtitle, $page_header, $text, $page_footer, $signature, $clanguage, $active, $cid); break; case "content_save_edit": content_save_edit($pid, $title, $subtitle, $page_header, $text, $page_footer, $signature, $clanguage, $active, $cid); break; case "content_change_status": content_change_status($pid, $active); break; case "add_category": add_category($cat_title, $description); break; case "edit_category": edit_category($cid); break; case "save_category": save_category($cid, $cat_title, $description); break; case "del_content_cat": del_content_cat($cid, $ok); break; } } else { include "header.php"; GraphicAdmin(); OpenTable(); echo "<center><b>" . _ERROR . "</b><br><br>You do not have administration permission for module \"{$module_name}\"</center>"; CloseTable(); include "footer.php";
include "db.php"; echo "<h2>Category Maintenance</h2>"; echo "<form action='Food_inventory.php?page=1' method='POST'>"; echo "<input type='submit' value='Home' />"; echo "</form>"; sortBy(); echo "<hr />"; $id = NULL; $action = NULL; if (isset($_GET['action'])) { $action = $_GET['action']; } if (isset($_GET['id'])) { $id = $_GET['id']; if ($action == 'edit') { edit_category($id); } } else { //Displaying the form. (no editing) display_food(); } //If someone pressed delete and the url is set. if ($id && $action == "delete") { delete($id); } //If update button is pressed. if ($id && isset($_POST['update'])) { update_info($id); } function display_food() {
echo '<p class="success">Category <i>' . $cat . '</i> deleted.</p>'; } else { echo '<p class="error">Error deleting category. ' . 'Please try again.</p>'; } } else { echo '<p class="error">There are categories that are assigned as ' . 'children to this category. Please delete them before ' . 'attempting to delete this category.</p>'; } } /*_____________________________________________________________________EDIT__*/ } else { if ($action == 'edit') { $show_edit_form = true; $show_default = false; if (isset($_POST['catname']) && $_POST['catname'] != '') { $old = get_category_name($_POST['id']); $success = edit_category($_POST['id'], $_POST['catname'], $_POST['parentid']); if ($success) { echo '<p class="success">Category <i>' . $old . '</i> successfully changed.</p>'; $show_edit_form = false; $show_default = true; } else { echo '<p class="error">Error editing <i>' . $old . ' </i> category. Please try again.</p>'; } } // end if catname is present if ($show_edit_form) { $old = get_category_name($_GET['id']); $parent = get_category_parent($_GET['id']); ?> <p>You can edit the category info for <i><?php echo $old;
if(isset($_POST['name'])){ add_product($_POST['name'], $_POST['contents'], $_POST['amount'], $_POST['nutriments'], $_POST['allergens'], $_POST['category'], $_POST['price'], $_POST['comparement_price'], $_POST['comparement_type']); } require "templates/admin/add-product.php"; } else if($_GET['action'] == 'add_category'){ if(isset($_POST['name'])){ add_category($_POST['name']); } require "templates/admin/add-category.php"; } else if($_GET['action'] == 'edit_category'){ if(isset($_POST['name']) && isset($_POST['id'])){ edit_category($_POST['name'], $_POST['id']); } require "templates/admin/edit-category.php"; } else if($_GET['action'] == 'edit_about'){ if(isset($_POST['text'])){ edit_about($_POST['text']); } require "templates/admin/edit-about.php"; } else if($_GET['action'] == 'edit_help'){ if(isset($_POST['text'])){ edit_help($_POST['text']); }
function processing() { if ($_SESSION['Logged_In'] != True) { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_not_logged_in') . "</p></div>"; return 0; } $action = $_REQUEST['action']; $id = $_REQUEST['id']; $commentid = $_POST['commentid']; $name = str_replace("\\'", "'", $_POST['name']); $category = $_POST['category']; $description = $_POST['description']; $title = str_replace("\\'", "'", $_POST['title']); $seftitle = $_POST['seftitle']; $comment = str_replace("\\'", "'", $_POST['editedcomment']); $text = str_replace("\\'", "'", $_POST['text']); $text_limit = $_POST['text_limit']; $auto_html = $_POST['auto_html']; $date = date('Y-m-d H:i:s'); $display_title = $_POST['display_title']; $display_info = $_POST['display_info']; $commentable = $_POST['commentable']; $publish = $_POST['publish']; $publish_category = $_POST['publish']; $position = $_POST['position']; $display = $_POST['display']; $image = $_POST['image']; $fpost_enabled = false; $fpublished = 1; if ($_POST['fposting'] == "YES" or $_POST['task'] == "advancededit") { $fpublished = 0; $fpost_enabled = true; $fpost_day = $_POST['fposting_day']; $fpost_month = $_POST['fposting_month']; $fpost_year = $_POST['fposting_year']; $fpost_hour = $_POST['fposting_hour']; $fpost_minute = $_POST['fposting_minute']; } if ($text_limit == "") { $text_limit = 0; } if ($position == "") { $position = 1; } if ($commentable == "") { $commentable = "NO"; } if ($publish != "ON") { $position = 4; } if ($display_title == "") { $display_title = "NO"; } if ($display_info == "") { $display_info = "NO"; } if ($fpost_enabled or $_POST['task'] == "advancededit") { $date = $fpost_year . '-' . $fpost_month . '-' . $fpost_day . ' ' . $fpost_hour . ':' . $fpost_minute . ':00'; } if ($_POST['task'] == "add_category") { if ($_POST['submit_text']) { if ($name == "") { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_name_empty') . "</p></div>"; view_categories(); } else { if ($seftitle == "") { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_seftitle_empty') . "</p></div>"; view_categories(); } else { if (check_if_unique('category_name', $name)) { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_name_exists') . "</p></div>"; view_categories(); } else { if (check_if_unique('category_seftitle', $seftitle)) { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_seftitle_exists') . "</p></div>"; view_categories(); } else { if (cleancheckSEF($seftitle) == "notok") { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_seftitle_illegal') . "</p></div>"; view_categories(); } else { mysql_query("INSERT INTO " . s('prefix') . "categories(name,seftitle,description,published) VALUES('{$name}', '{$seftitle}', '{$description}', '{$publish_category}')"); echo "<div class=\"" . s('css_success') . "\"><h2>" . l('operation_completed') . "</h2><p><a href='" . s('website') . "categories/'>" . l('back') . "</a></p></div>"; } } } } } } } if ($_POST['task'] == "edit_category") { if ($_POST['submit_text']) { if ($name == "") { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_name_empty') . "</p></div>"; edit_category(); } else { if ($seftitle == "") { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_seftitle_empty') . "</p></div>"; edit_category(); } else { if (check_if_unique('category_name', $name, $id)) { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_name_exists') . "</p></div>"; edit_category(); } else { if (check_if_unique('category_seftitle', $seftitle, $id)) { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_seftitle_exists') . "</p></div>"; edit_category(); } else { if (cleancheckSEF($seftitle) == "notok") { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_seftitle_illegal') . "</p></div>"; edit_category(); } else { mysql_query("UPDATE " . s('prefix') . "categories SET name='{$name}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "categories SET seftitle='{$seftitle}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "categories SET description='{$description}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "categories SET published='{$publish_category}' WHERE id='{$id}'"); echo "<div class=\"" . s('css_success') . "\"><h2>" . l('operation_completed') . "</h2><p><a href='" . s('website') . "categories/'>" . l('back') . "</a></p></div>"; } } } } } } } else { if ($_POST['task'] == "new") { if ($_POST['submit_text']) { $_SESSION['temp']['title'] = $title; $_SESSION['temp']['seftitle'] = $seftitle; $_SESSION['temp']['text'] = $text; if ($title == "") { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_title_empty') . "</p></div>"; new_article(); unset($_SESSION['temp']); } else { if ($seftitle == "") { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_seftitle_empty') . "</p></div>"; $_SESSION['temp']['seftitle'] = $_SESSION['temp']['title']; new_article(); unset($_SESSION['temp']); } else { if (cleancheckSEF($seftitle) == "notok") { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_seftitle_illegal') . "</p></div>"; new_article(); unset($_SESSION['temp']); } else { if (check_if_unique('article_title', $title)) { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_title_exists') . "</p></div>"; new_article(); unset($_SESSION['temp']); } else { if (check_if_unique('article_seftitle', $seftitle)) { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_seftitle_exists') . "</p></div>"; new_article(); unset($_SESSION['temp']); } else { if ($auto_html == "ON") { $text = str_replace('<p></p>', '', '<p>' . preg_replace('#\\n|\\r#', '</p>$0<p>', $text) . '</p>'); } $query = "INSERT INTO " . s('prefix') . "articles(title,seftitle,text,textlimit,date,category,position,displaytitle,displayinfo,commentable,image,published) VALUES('" . $title . "', '" . $seftitle . "', '" . $text . "', '" . $text_limit . "', '" . $date . "', '" . $category . "', '" . $position . "', '" . $display_title . "', '" . $display_info . "', '" . $commentable . "', '" . $image . "', '" . $fpublished . "')"; mysql_query($query); echo "<div class=\"" . s('css_success') . "\"><h2>" . l('operation_completed') . "</h2><p><a href='" . s('website') . "'>" . l('back') . "</a></p></div>"; unset($_SESSION['temp']); } } } } } } } else { if ($_POST['task'] == "simpleedit") { if ($_POST['submit_text']) { $_SESSION['temp']['title'] = $title; $_SESSION['temp']['text'] = $text; if ($title == "") { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_title_empty') . "</p></div>"; edit_article(simple); unset($_SESSION['temp']); } else { if (check_if_unique('article_title', $title, $id)) { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_title_exists') . "</p></div>"; edit_article(simple); unset($_SESSION['temp']); } else { $text = str_replace('<p></p>', '', '<p>' . preg_replace('#\\n|\\r#', '</p>$0<p>', $text) . '</p>'); mysql_query("UPDATE " . s('prefix') . "articles SET title='{$title}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET text='{$text}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET textlimit='{$text_limit}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET category='{$category}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET position='{$position}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET displaytitle='{$display_title}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET displayinfo='{$display_info}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET commentable='{$commentable}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET image='{$image}' WHERE id='{$id}'"); echo "<div class=\"" . s('css_success') . "\"><h2>" . l('operation_completed') . "</h2><p><a href='" . s('website') . find_cat_sef($category) . "/" . find_article_sef($id) . "/'>" . l('back') . "</a></p></div>"; unset($_SESSION['temp']); } } } } else { if ($_POST['task'] == "advancededit") { if ($_POST['submit_text']) { $_SESSION['temp']['title'] = $title; $_SESSION['temp']['seftitle'] = $seftitle; $_SESSION['temp']['text'] = $text; if ($title == "") { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_title_empty') . "</p></div>"; edit_article(advanced); unset($_SESSION['temp']); } else { if ($seftitle == "") { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_seftitle_empty') . "</p></div>"; edit_article(advanced); unset($_SESSION['temp']); } else { if (cleancheckSEF($seftitle) == "notok") { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_seftitle_illegal') . "</p></div>"; edit_article(advanced); unset($_SESSION['temp']); } else { if (check_if_unique('article_title', $title, $id)) { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_title_exists') . "</p></div>"; edit_article(advanced); unset($_SESSION['temp']); } else { if (check_if_unique('article_seftitle', $seftitle, $id)) { echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_seftitle_exists') . "</p></div>"; edit_article(advanced); unset($_SESSION['temp']); } else { mysql_query("UPDATE " . s('prefix') . "articles SET title='{$title}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET seftitle='{$seftitle}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET text='{$text}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET textlimit='{$text_limit}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET date='{$date}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET category='{$category}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET position='{$position}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET displaytitle='{$display_title}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET displayinfo='{$display_info}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET commentable='{$commentable}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET image='{$image}' WHERE id='{$id}'"); mysql_query("UPDATE " . s('prefix') . "articles SET published='{$fpublished}' WHERE id='{$id}'"); echo "<div class=\"" . s('css_success') . "\"><h2>" . l('operation_completed') . "</h2><p><a href='" . s('website') . find_cat_sef($category) . "/" . find_article_sef($id) . "/'>" . l('back') . "</a></p></div>"; unset($_SESSION['temp']); } } } } } } } else { if ($_GET['task'] == "delete") { mysql_query("DELETE FROM " . s('prefix') . "articles WHERE id='{$id}'"); echo "<h2>" . l('deleted_success') . "</h2><p><a href='" . s('website') . "'>" . l('backhome') . "</a></p>"; } else { if ($_POST['task'] == "editcomment") { mysql_query("UPDATE " . s('prefix') . "comments SET name='{$name}' WHERE id='{$commentid}'"); mysql_query("UPDATE " . s('prefix') . "comments SET comment='{$comment}' WHERE id='{$commentid}'"); echo "<div class=\"" . s('css_success') . "\"><h2>" . l('operation_completed') . "</h2><p><a href='" . s('website') . find_cat_sef($categoryid) . "/" . find_article_sef($id) . "/'>" . l('back') . "</a></p></div>"; } else { if ($_GET['task'] == "freezecomments") { $categoryid = find_article_cat($id); mysql_query("UPDATE " . s('prefix') . "articles SET commentable='FREEZ' WHERE id='{$id}'"); echo "<div class=\"" . s('css_success') . "\"><h2>" . l('operation_completed') . "</h2><p><a href='" . s('website') . find_cat_sef($categoryid) . "/" . find_article_sef($id) . "/'>" . l('back') . "</a></p></div>"; } else { if ($_GET['task'] == "unfreezecomments") { $categoryid = find_article_cat($id); mysql_query("UPDATE " . s('prefix') . "articles SET commentable='YES' WHERE id='{$id}'"); echo "<div class=\"" . s('css_success') . "\"><h2>" . l('operation_completed') . "</h2><p><a href='" . s('website') . find_cat_sef($categoryid) . "/" . find_article_sef($id) . "/'>" . l('back') . "</a></p></div>"; } else { if ($_GET['task'] == "deletecomment") { $commentid = $_GET['commentid']; $articleid = $_GET['articleid']; mysql_query("DELETE FROM " . s('prefix') . "comments WHERE id='{$commentid}'"); echo "<h2>" . l('deleted_success') . "</h2><p><a href='" . s('website') . find_cat_sef($categoryid) . "/" . find_article_sef($articleid) . "/'>" . l('back') . "</a></p>"; } else { if ($_GET['task'] == "deletecategory") { $categoryid = $_GET['categoryid']; mysql_query("DELETE FROM " . s('prefix') . "categories WHERE id='{$id}'"); echo "<h2>" . l('deleted_success') . "</h2><p><a href='" . s('website') . "categories/'>" . l('back') . "</a></p>"; } } } } } } } } } } }
} echo "</select>\n"; echo "</td></tr>\n"; echo "<tr><td colspan=\"2\" class=\"foot\"><input type='hidden' name='op' value='save' />"; echo "<input type='hidden' name='eid' value='{$eid}' />"; echo "<input type='submit' value='" . _AM_UPDATE . "' />"; echo " <input type='button' value='" . _AM_CANCEL . "' onclick='javascript:history.go(-1)' />"; echo "</td></tr></table>\n"; echo "</form>"; CloseTable(); break; case 'category': echo "<h3>" . _AM_CATEGORY . "</h3>\n"; echo "<hr /><br />"; if (isset($_GET['catid'])) { edit_category(intval($_GET['catid'])); } else { show_categories(); } break; case 'catimp': echo "<h3>" . _AM_CATEGORY . "</h3>\n"; echo "<hr /><br />"; import_category(); break; case 'summary': echo "<h3>" . _AM_SUMMARY . "</h3>\n"; echo "<hr /><br />"; $now = time(); $result = $xoopsDB->query('SELECT count(eid) FROM ' . EGTBL . ' LEFT JOIN ' . EXTBL . " ON eid=eidref"); list($count) = $xoopsDB->fetchRow($result);