function add()
{
$input = array('username' => clear_all($_POST['username']), 'content' => clear_all($_POST['content']), 'pro_id' => intval($_GET['id']));
$this->db->insert_record($this->table, $input);
$this->db->alert(COMMENT_SUCCESS);
header_redirect(change_url(full_url()));
}
/**
* Comment wall initialisation.
*/
function commentwall_init()
{
global $CFG, $db, $function, $metatags, $template;
// Add meta tags
$metatags .= "<script type=\"text/javascript\" src=\"{$CFG->wwwroot}mod/commentwall/commentwall.js\"><!-- commentwall js --></script>";
// Define some templates
templates_add_context('commentwallobject', 'mod/commentwall/template');
templates_add_context('commentwallfooter', 'mod/commentwall/footer');
templates_add_context('css', 'mod/commentwall/css');
// Set up the database
$tables = $db->Metatables();
if (!in_array($CFG->prefix . "commentwall", $tables)) {
if (file_exists($CFG->dirroot . "mod/commentwall/{$CFG->dbtype}.sql")) {
modify_database($CFG->dirroot . "mod/commentwall/{$CFG->dbtype}.sql");
//reload system
header_redirect($CFG->wwwroot);
} else {
error("Error: Your database ({$CFG->dbtype}) is not yet fully supported by the Elgg commentwall. See the mod/commentwall directory.");
}
print_continue($CFG->wwwroot);
exit;
}
// Add configuration options
$function['userdetails:edit:details'][] = $CFG->dirroot . "mod/commentwall/lib/commentwall_settings.php";
}
function elggadmin_pagesetup()
{
// first login?
global $CFG;
if (user_flag_get('admin', $_SESSION['userid']) && !isset($CFG->elggadmin_installed)) {
$CFG->elggadmin_installed = true;
set_config('elggadmin_installed', true);
header_redirect(get_url(null, 'elggadmin::config'), __gettext('Welcome to the Elgg configuration manager!'));
}
if (context() == 'admin') {
if (!plugin_is_loaded('pages')) {
elgg_messages_add(__gettext('Error: <code>elggadmin</code> plugin needs <code>pages</code> plugin to run'));
} else {
pages_submenu_add('elggadmin', __gettext('Site administration'), get_url(null, 'elggadmin::'), 10);
}
} elseif (context() == 'elggadmin') {
if (!plugin_is_loaded('pages')) {
elgg_messages_add(__gettext('Error: <code>elggadmin</code> plugin needs <code>pages</code> plugin to run'));
header_redirect(get_url(null, 'admin::'));
}
// submenu options
pages_submenu_add('elggadmin', __gettext('Configuration manager'), get_url(null, 'elggadmin::'));
pages_submenu_add('elggadmin:theme', __gettext('Default theme editor'), get_url(null, 'elggadmin::theme'));
pages_submenu_add('elggadmin:frontpage', __gettext('Frontpage template editor'), get_url(null, 'elggadmin::frontpage'));
pages_submenu_add('elggadmin:logs', __gettext('Error log'), get_url(null, 'elggadmin::logs'));
sidebar_add(50, 'sidebar-' . elggadmin_currentpage(), elggadmin_sidebar());
// clear sidebar
$clear_sidebar[] = 'sidebar-profile';
$clear_sidebar[] = 'sidebar-' . elggadmin_currentpage();
sidebar_remove($clear_sidebar, true);
if (elggadmin_is_404()) {
header('HTTP/1.0 404 Not Found');
}
}
}
function add()
{
global $sitelink;
$input = array('name' => clear_all($_POST['name']), 'email' => clear_all($_POST['email']), 'subject' => clear_all($_POST['subject']), 'content' => clear_all($_POST['content']), 'date' => date('Y-m-d h:m:s'));
$this->db->insert_record($this->table, $input);
header_redirect($sitelink . $this->module . '/success');
}
function generic_comments_init()
{
global $CFG, $db, $function, $metatags, $template;
$metatags .= "<script type=\"text/javascript\" src=\"{$CFG->wwwroot}mod/generic_comments/generic_comments.js\"><!-- generic_comments js --></script>";
// create the generic_comments and generic watchlist table
$tables = $db->Metatables();
if (!in_array($CFG->prefix . "comments", $tables) || !in_array($CFG->prefix . "watchlist", $tables)) {
if (file_exists($CFG->dirroot . "mod/generic_comments/{$CFG->dbtype}.sql")) {
modify_database($CFG->dirroot . "mod/generic_comments/{$CFG->dbtype}.sql");
//reload system
header_redirect($CFG->wwwroot);
} else {
error("Error: Your database ({$CFG->dbtype}) is not yet fully supported by the Elgg generic comments. See the mod/generic_comments directory.");
}
print_continue("index.php");
exit;
}
$function['comments:init'][] = $CFG->dirroot . "mod/generic_comments/comments_actions.php";
$function['permissions:check'][] = $CFG->dirroot . "mod/generic_comments/permissions_check.php";
// Add annotation support
display_set_display_annotation_function("file::file", "generic_comments_displayobjectannotations");
display_set_display_annotation_function("mediastream::media", "generic_comments_displayobjectannotations");
// Register file river hook (if there)
if (function_exists('river_save_event')) {
river_register_friendlyname_hook('file::file', 'generic_comments_get_friendly_name');
}
templates_add_context('embeddedcomments', 'mod/generic_comments/comments');
templates_add_context('embeddedcomment', 'mod/generic_comments/comment');
templates_add_context('css', 'mod/generic_comments/css', true, false);
}
function install_check()
{
if (!file_exists(BH_INCLUDE_PATH . "config.inc.php")) {
header_redirect('./install/index.php');
}
install_check_php_version();
install_check_php_extensions();
install_check_mysql_version();
if (@file_exists('./install/index.php') && !defined("BEEHIVE_DEVELOPER_MODE")) {
install_draw_top();
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"400\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <table class=\"box\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"posthead\">\n";
echo " <table class=\"posthead\" width=\"500\">\n";
echo " <tr>\n";
echo " <td align=\"left\" colspan=\"2\" class=\"subhead\">Installation Incomplete</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\">\n";
echo " <table class=\"posthead\" width=\"95%\">\n";
echo " <tr>\n";
echo " <td align=\"left\">Your Beehive Forum would appear to be already installed, but you have not removed the installation files. You must delete the 'install' directory before your Beehive Forum can be used.</td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " <form accept-charset=\"utf-8\" method=\"get\" action=\"index.php\">\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"500\">\n";
echo " <tr>\n";
echo " <td align=\"left\" width=\"500\"> </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\"><input type=\"submit\" name=\"submit\" value=\"Retry\" class=\"button\" /></td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </form>\n";
install_draw_bottom();
exit;
}
}
function widget_init()
{
global $CFG, $function, $db, $METATABLES;
$function['init'][] = $CFG->dirroot . "mod/widget/init.php";
// Initialise the 'allcontent' widget array - i.e., widgets where Javascript is allowed
if (!isset($CFG->widgets->allcontent)) {
$CFG->widgets->allcontent = array();
}
// register the widgets that this module provides
$CFG->widgets->list[] = array('name' => gettext("Text box"), 'description' => gettext("Displays the text of your choice."), 'type' => "widget::text");
if (!in_array($CFG->prefix . "widget_data", $METATABLES) || !in_array($CFG->prefix . "widgets", $METATABLES)) {
if (file_exists($CFG->dirroot . "mod/widget/{$CFG->dbtype}.sql")) {
modify_database($CFG->dirroot . "mod/widget/{$CFG->dbtype}.sql");
//reload system
header_redirect($CFG->wwwroot);
} else {
error("Error: Your database ({$CFG->dbtype}) is not yet fully supported by the Elgg widgets. See the mod/widget directory.");
}
print_continue("index.php");
exit;
}
// Delete users
listen_for_event("user", "delete", "widget_user_delete");
}
// Redirect so that a reload doesn't write to the DB twice:
header_redirect($redirect_to);
/* EXITED */
break;
case 'remove_report':
// Remove one report on user:
// Check that this action request is not a CSRF hacked request:
$Session->assert_received_crumb('users');
$reporter_ID = param('reporter_ID', 'integer', true);
// Remove the report from DB:
$DB->query('DELETE FROM T_users__reports
WHERE urep_target_user_ID = ' . $DB->quote($edited_User->ID) . '
AND urep_reporter_ID = ' . $DB->quote($reporter_ID));
$Messages->add(T_('The report has been removed!'), 'success');
// Redirect so that a reload doesn't write to the DB twice:
header_redirect($admin_url . '?ctrl=user&user_tab=activity&user_ID=' . $edited_User->ID);
/* EXITED */
break;
}
}
// Used for autocomplete user fields in filter "Specific criteria" or to highlight user level cell on change
require_js('#jqueryUI#');
require_css('#jqueryUI_css#');
// We might delegate to this action from above:
/*if( $action == 'edit' )
{
$Plugins->trigger_event( 'PluginUserSettingsEditAction', $tmp_params = array( 'User' => & $edited_User ) );
$Session->delete( 'core.changepwd.request_id' ); // delete the request_id for password change request (from /htsrv/login.php)
}*/
$AdminUI->breadcrumbpath_init(false);
// fp> I'm playing with the idea of keeping the current blog in the path here...
// Delete user field:
// Check that this action request is not a CSRF hacked request:
$Session->assert_received_crumb('userfieldgroup');
// Check permission:
$current_User->check_perm('users', 'edit', true);
// Make sure we got an ufgp_ID:
param('ufgp_ID', 'integer', true);
if (param('confirm', 'integer', 0)) {
// confirmed, Delete from DB:
$msg = sprintf(T_('User field group «%s» deleted.'), $edited_UserfieldGroup->dget('name'));
$edited_UserfieldGroup->dbdelete(true);
unset($edited_UserfieldGroup);
forget_param('ufgp_ID');
$Messages->add($msg, 'success');
// Redirect so that a reload doesn't write to the DB twice:
header_redirect('?ctrl=userfields', 303);
// Will EXIT
// We have EXITed already at this point!!
} else {
// not confirmed, Check for restrictions:
if (!$edited_UserfieldGroup->check_delete(sprintf(T_('Cannot delete user field group «%s»'), $edited_UserfieldGroup->dget('name')))) {
// There are restrictions:
$action = 'view';
}
}
break;
}
$AdminUI->breadcrumbpath_init(false);
// fp> I'm playing with the idea of keeping the current blog in the path here...
$AdminUI->breadcrumbpath_add(T_('Users'), '?ctrl=users');
$AdminUI->breadcrumbpath_add(T_('Settings'), '?ctrl=usersettings');
} else {
$user_prefs['PM_NOTIFY_EMAIL'] = "N";
}
if (isset($_POST['anon_logon']) && is_numeric($_POST['anon_logon'])) {
$user_prefs['ANON_LOGON'] = $_POST['anon_logon'];
} else {
$user_prefs['ANON_LOGON'] = 0;
}
if (isset($_POST['dob_display'])) {
$user_prefs['DOB_DISPLAY'] = trim($_POST['dob_display']);
} else {
$user_prefs['DOB_DISPLAY'] = 0;
}
// Update USER_PREFS
if (user_update_prefs($_SESSION['UID'], $user_prefs, $user_prefs_global)) {
header_redirect("edit_email.php?webtag={$webtag}&updated=true");
exit;
} else {
$error_msg_array[] = gettext("Some or all of your user account details could not be updated. Please try again later.");
$valid = false;
}
}
// Check to see if we should show the set for all forums checkboxes
$show_set_all = forums_get_available_count() > 1 ? true : false;
html_draw_top(array('title' => gettext('My Controls - Email & Privacy'), 'class' => 'window_title', 'js' => array('js/prefs.js')));
echo "<h1>", htmlentities_array(gettext("Email & Privacy")), "</h1>\n";
if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
html_display_error_array($error_msg_array, '700', 'left');
} else {
if (isset($_GET['updated'])) {
html_display_success_msg(gettext("Preferences were successfully updated."), '700', 'left');
/**
* Sends the desired HTTP response header in case of a "404".
*/
function skin_404_header()
{
global $Blog;
// We have a 404 unresolved content error
// How do we want do deal with it?
switch ($resp_code = $Blog->get_setting('404_response')) {
case '404':
header_http_response('404 Not Found');
break;
case '410':
header_http_response('410 Gone');
break;
case '301':
case '302':
case '303':
// Redirect to home page:
header_redirect($Blog->get('url'), intval($resp_code));
// THIS WILL EXIT!
break;
default:
// Will result in a 200 OK
}
}
*
* @todo iTunes podcast tags: http://www.apple.com/itunes/store/podcaststechspecs.html
* Note: itunes support: .m4a, .mp3, .mov, .mp4, .m4v, and .pdf.
*
* @package evoskins
* @subpackage rss
*
* @version $Id: index.main.php 3157 2013-03-06 04:34:44Z fplanque $
*/
if (!defined('EVO_MAIN_INIT')) {
die('Please, do not access this page directly.');
}
// EXTERNAL FEED PROVIDER?
$rss2_redirect = $Blog->get_setting('rss2_redirect');
if (!empty($rss2_redirect) && empty($Chapter) && $redir == 'yes') {
header_redirect($rss2_redirect, 301);
exit(0);
}
// Note: even if we request the same post as $Item earlier, the following will do more restrictions (dates, etc.)
// Init the MainList object:
init_MainList($Blog->get_setting('posts_per_feed'));
// What level of detail do we want?
$feed_content = $Blog->get_setting('feed_content');
if ($feed_content == 'none') {
// We don't want to provide this feed!
// This will normaly have been detected earlier but just for security:
debug_die('Feeds are disabled.');
}
$image_size = $Blog->get_setting('image_size');
headers_content_mightcache('application/xml');
// In most situations, you do NOT want to cache dynamic content!
html_guest_error();
}
$error_msg_array = array();
if (isset($_POST['save'])) {
$valid = true;
if (isset($_POST['set_interest']) && is_array($_POST['set_interest'])) {
foreach ($_POST['set_interest'] as $folder) {
if ($valid && is_numeric($folder) && ($folder_title = folder_get_title($folder))) {
if (!user_set_folder_interest($folder, 0)) {
$error_msg_array[] = sprintf(gettext("Could not update interest on folder '%s'"), $folder_title);
$valid = false;
}
}
}
if ($valid) {
header_redirect("folder_subscriptions.php?webtag={$webtag}&updated=true");
exit;
}
}
}
if (isset($_GET['page']) && is_numeric($_GET['page'])) {
$page = $_GET['page'];
} else {
if (isset($_POST['page']) && is_numeric($_POST['page'])) {
$page = $_POST['page'];
} else {
$page = 1;
}
}
if (isset($_GET['view']) && is_numeric($_GET['view'])) {
$view = $_GET['view'];
$tg2 = $ca[$i];
$arr[$i] = $arr[$j];
$ca[$i] = $ca[$j];
$arr[$j] = $tg1;
$ca[$j] = $tg2;
}
}
}
$image = $list_cards['image'];
$type_name = $list_cards['name'];
$featured = $list_cards['featured'];
$_SESSION['f'] = $list_cards['featured'];
$header_text = $list_cards['header_text'];
$footer_text = $list_cards['footer_text'];
} else {
header_redirect($sitelink);
}
if (count($ca) > 0) {
$top_list_names = "";
$head_name = $list_cards['head_name'] ? $list_cards['head_name'] : $type_name;
if ($list_cards['top_type_name'] && $list_cards['top_list']) {
$top_list_names = array_combine(explode(",", $list_cards['top_list']), explode("@||@|@", $list_cards['top_type_name']));
}
?>
<div class=card_pg_contain>
<div class="content-khongbiet">
<?php
$extraie1 = $extraie2 = $extraie3 = "";
if ($matchcase) {
if (isset($_POST['prune_log'])) {
$valid = true;
if (isset($_POST['remove_type']) && is_numeric($_POST['remove_type'])) {
$remove_type = $_POST['remove_type'];
} else {
$error_msg_array[] = gettext("You must specify an action type to remove");
$valid = false;
}
if (isset($_POST['remove_days']) && is_numeric($_POST['remove_days'])) {
$remove_days = $_POST['remove_days'];
} else {
$remove_days = 0;
}
if ($valid) {
if (admin_prune_log($remove_type, $remove_days)) {
header_redirect("admin_viewlog.php?webtag={$webtag}&sort_dir={$sort_dir}&sort_by={$sort_by}&group_by={$group_by}&pruned=true");
exit;
} else {
$error_msg_array[] = gettext("Failed To Prune Admin Log");
$valid = false;
}
}
}
html_draw_top(array('title' => gettext('Admin - Admin Access Log'), 'class' => 'window_title', 'main_css' => 'admin.css'));
$admin_log_array = admin_get_log_entries($page, $group_by, $sort_by, $sort_dir);
echo "<h1>", gettext("Admin"), html_style_image('separator'), gettext("Admin Access Log"), "</h1>\n";
if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
html_display_error_array($error_msg_array, '86%', 'center');
} else {
if (isset($_GET['pruned'])) {
html_display_success_msg(gettext("Successfully Pruned Admin Log"), '86%', 'center');
echo " <tr>\n";
echo " <td align=\"center\">", form_submit("confirm_unread_cutoff", gettext("Yes")), " ", form_submit("cancel_unread_cutoff", gettext("No")), "</td>\n";
echo " </tr>\n";
echo " </table>\n";
echo "</form>\n";
echo "</div>\n";
html_display_warning_msg(gettext("Clicking 'No' will only cancel the unread cut-off changes. Other changes you've made will still be saved."), '600', 'center');
html_draw_bottom();
exit;
}
}
if (forum_save_global_settings($new_forum_settings)) {
if (isset($_POST['confirm_unread_cutoff'])) {
forum_update_unread_data($unread_cutoff_stamp);
}
header_redirect("admin_default_forum_settings.php?webtag={$webtag}&updated=true", gettext("Forum settings successfully updated"));
} else {
$valid = false;
$error_msg_array[] = gettext("Failed to update forum settings. Please try again later.");
}
}
$forum_global_settings = array_merge($forum_global_settings, $new_forum_settings);
}
// Start Output Here
html_draw_top(sprintf('title=%s', gettext("Admin - Global Forum Settings")), 'class=window_title', "admin.js", "emoticons.js");
echo "<h1>", gettext("Admin"), "<img src=\"", html_style_image('separator.png'), "\" alt=\"\" border=\"0\" />", gettext("Global Forum Settings"), "</h1>\n";
if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
html_display_error_array($error_msg_array, '600', 'center');
} else {
if (isset($_GET['updated'])) {
html_display_success_msg(gettext("Preferences were successfully updated."), '600', 'center');
function check_install()
{
// Check the config file exists.
if (!file_exists(BH_INCLUDE_PATH . "config.inc.php")) {
header_redirect('./install/index.php');
}
// Check the PHP version
install_check_php_version();
// Check the PHP extensions
install_check_php_extensions();
// Check the MySQL version
install_check_mysql_version();
// Check if the installer files still exist. Ignore them
// if the BEEHIVE_DEVELOPER_MODE constant has been defined.
if (@file_exists('./install/index.php') && !defined("BEEHIVE_DEVELOPER_MODE")) {
echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n";
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n";
echo "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\" dir=\"ltr\">\n";
echo "<head>\n";
echo "<title>Beehive Forum ", BEEHIVE_VERSION, " - Installation</title>\n";
echo "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n";
echo html_include_css(html_get_forum_file_path('styles/default/style.css')), "\n";
echo "</head>\n";
echo "<body>\n";
echo "<h1>Beehive Forum Installation Error</h1>\n";
echo "<br />\n";
echo "<div align=\"center\">\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"400\">\n";
echo " <tr>\n";
echo " <td align=\"left\">\n";
echo " <table class=\"box\">\n";
echo " <tr>\n";
echo " <td align=\"left\" class=\"posthead\">\n";
echo " <table class=\"posthead\" width=\"500\">\n";
echo " <tr>\n";
echo " <td align=\"left\" colspan=\"2\" class=\"subhead\">Installation Incomplete</td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\">\n";
echo " <table class=\"posthead\" width=\"95%\">\n";
echo " <tr>\n";
echo " <td align=\"left\">Your Beehive Forum would appear to be already installed, but you have not removed the installation files. You must delete the 'install' directory before your Beehive Forum can be used.</td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"left\"> </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " <form accept-charset=\"utf-8\" method=\"get\" action=\"index.php\">\n";
echo " <table cellpadding=\"0\" cellspacing=\"0\" width=\"500\">\n";
echo " <tr>\n";
echo " <td align=\"left\" width=\"500\"> </td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td align=\"center\"><input type=\"submit\" name=\"submit\" value=\"Retry\" class=\"button\" /></td>\n";
echo " </tr>\n";
echo " </table>\n";
echo " </form>\n";
echo "</div>\n";
echo "</body>\n";
echo "</html>\n";
exit;
}
}
case 'cleanup':
// Delete all orphan Tag entries:
// Check that this action request is not a CSRF hacked request:
$Session->assert_received_crumb('tag');
// Check that current user has permission to edit tags:
$current_User->check_perm('options', 'edit', true);
$DB->query('DELETE T_items__itemtag FROM T_items__itemtag
LEFT JOIN T_items__item ON itag_itm_ID = post_ID
WHERE post_ID IS NULL');
$Messages->add(sprintf(T_('Removed %d associations with non-existing posts.'), $DB->rows_affected), 'success');
$DB->query('DELETE T_items__tag FROM T_items__tag
LEFT JOIN T_items__itemtag ON tag_ID = itag_tag_ID
WHERE itag_itm_ID IS NULL');
$Messages->add(sprintf(T_('Removed %d obsolete tag entries.'), $DB->rows_affected), 'success');
// Redirect so that a reload doesn't write to the DB twice:
header_redirect($admin_url . '?ctrl=itemtags', 303);
// Will EXIT
// We have EXITed already at this point!!
break;
}
$AdminUI->breadcrumbpath_init(false);
$AdminUI->breadcrumbpath_add(T_('Site'), $admin_url . '?ctrl=dashboard');
$AdminUI->breadcrumbpath_add(T_('Tags'), $admin_url . '?ctrl=itemtags');
if ($action == 'new' || $action == 'edit') {
$AdminUI->set_page_manual_link('item-tag-form');
} else {
$AdminUI->set_page_manual_link('item-tags-list');
}
// Display <html><head>...</head> section! (Note: should be done early if actions do not redirect)
$AdminUI->disp_html_head();
// Display title, menu, messages, etc. (Note: messages MUST be displayed AFTER the actions)
}
}
if ($valid && isset($_POST['preview'])) {
$message_data['CONTENT'] = $t_content;
$message_data['SUBJECT'] = $t_subject;
$message_data['FOLDER'] = PM_FOLDER_OUTBOX;
$message_data['ATTACHMENTS'] = $attachments;
} else {
if ($valid && isset($_POST['apply'])) {
if (sizeof($attachments) > 0 && ($attachments_array = attachments_get($_SESSION['UID'], $attachments)) !== false) {
foreach ($attachments_array as $attachment) {
pm_add_attachment($mid, $attachment['aid']);
}
}
if (pm_edit_message($mid, $t_subject, $t_content)) {
header_redirect("lpm.php?webtag={$webtag}&mid={$mid}");
exit;
} else {
$error_msg_array[] = gettext("Error creating PM! Please try again in a few minutes");
$valid = false;
}
} else {
if (isset($_POST['emots_toggle'])) {
if (isset($_POST['t_subject']) && strlen(trim($_POST['t_subject'])) > 0) {
$t_subject = trim($_POST['t_subject']);
}
if (isset($_POST['t_content']) && strlen(trim($_POST['t_content'])) > 0) {
$t_content = nl2br(fix_html(emoticons_strip($_POST['t_content'])));
}
if (isset($_POST['t_to_uid']) && is_numeric($_POST['t_to_uid'])) {
$t_to_uid = $_POST['t_to_uid'];
$approved_user_success_array = array();
foreach ($approve_users as $user_uid) {
if ($valid && ($user_logon = user_get_logon($user_uid))) {
if (admin_approve_user($user_uid)) {
email_send_user_approved_notification($user_uid);
} else {
$error_msg_array[] = sprintf(gettext("Failed to approve user %s"), $user_logon);
$valid = false;
}
}
}
if ($valid) {
$redirect_uri = "admin_users.php?webtag={$webtag}&page={$page}";
$redirect_uri .= "&sort_by={$sort_by}&sort_dir={$sort_dir}&filter={$filter}";
$redirect_uri .= "&user_search=%s&approved=true";
header_redirect(sprintf($redirect_uri, htmlentities_array($user_search)));
exit;
}
}
}
}
}
}
}
if (isset($user_search) && strlen($user_search) > 0) {
$admin_user_array = admin_user_search($user_search, $sort_by, $sort_dir, $filter, $page);
} else {
$admin_user_array = admin_user_get_all($sort_by, $sort_dir, $filter, $page);
}
if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
html_display_error_array($error_msg_array, '86%', 'center');
$i = $lval['priority'];
$lswitchwith = $lkey;
}
}
if ($i > -1 && $i < 256) {
// switch
#echo 'Switching prio '.$locales[ $lswitchwith ]['priority'].' with '.$locales[ $lswitch ]['priority'].'<br />';
$locales[$lswitchwith]['priority'] = $locales[$edit_locale]['priority'];
$locales[$edit_locale]['priority'] = $i;
$lswitchwith_transliteration_map = is_array($locales[$lswitchwith]['transliteration_map']) ? base64_encode(serialize($locales[$lswitchwith]['transliteration_map'])) : '';
$edit_transliteration_map = is_array($locales[$edit_locale]['transliteration_map']) ? base64_encode(serialize($locales[$edit_locale]['transliteration_map'])) : '';
$query = "REPLACE INTO T_locales ( loc_locale, loc_charset, loc_datefmt, loc_timefmt, loc_name, loc_messages, loc_priority, loc_transliteration_map, loc_enabled )\tVALUES\n\t\t\t\t\t( '{$edit_locale}', '{$locales[$edit_locale]['charset']}', '{$locales[$edit_locale]['datefmt']}', '{$locales[$edit_locale]['timefmt']}', '{$locales[$edit_locale]['name']}', '{$locales[$edit_locale]['messages']}', '{$locales[$edit_locale]['priority']}', '{$edit_transliteration_map}', '{$locales[$edit_locale]['enabled']}'),\n\t\t\t\t\t( '{$lswitchwith}', '{$locales[$lswitchwith]['charset']}', '{$locales[$lswitchwith]['datefmt']}', '{$locales[$lswitchwith]['timefmt']}', '{$locales[$lswitchwith]['name']}', '{$locales[$lswitchwith]['messages']}', '{$locales[$lswitchwith]['priority']}', '{$lswitchwith_transliteration_map}', '{$locales[$lswitchwith]['enabled']}')";
$q = $DB->query($query);
$Messages->add(T_('Switched priorities.'), 'success');
// Redirect so that a reload doesn't write to the DB twice:
header_redirect('?ctrl=locales' . ($loc_transinfo ? '&loc_transinfo=1' : ''), 303);
// Will EXIT
// We have EXITed already at this point!!
}
// load locales from DB into $locales array:
locale_overwritefromDB();
}
break;
}
$AdminUI->breadcrumbpath_init(false);
$AdminUI->breadcrumbpath_add(T_('System'), '?ctrl=system', T_('Global settings are shared between all blogs; see Blog settings for more granular settings.'));
$AdminUI->breadcrumbpath_add(T_('Regional settings'), '?ctrl=locales');
$AdminUI->breadcrumbpath_add(T_('Locales'), '?ctrl=locales');
// Display <html><head>...</head> section! (Note: should be done early if actions do not redirect)
$AdminUI->disp_html_head();
// Display title, menu, messages, etc. (Note: messages MUST be displayed AFTER the actions)
// Redirect to a form for requesting an activation again if some errors exist
$redirect = url_add_param($redirect, 'force_request=1', '&');
}
} elseif ($action == 'lostpassword') {
// redirect to inskin lost password page
$redirect = $Blog->get('lostpasswordurl', array('glue' => '&'));
if (!empty($lostpassword_error)) {
// Set this param to know after redirection if error was here
$redirect = url_add_param($redirect, 'field_error=1', '&');
}
} else {
// redirect to inskin login page
$redirect = $Blog->get('loginurl', array('glue' => '&'));
}
$redirect = url_add_param($redirect, 'redirect_to=' . $redirect_to, '&');
header_redirect($redirect);
// already exited here
exit(0);
}
}
/**
* Display standard login screen:
*/
switch ($action) {
case 'lostpassword':
// Lost password:
$page_title = T_('Lost your password?');
$hidden_params = array('redirect_to' => url_rel_to_same_host($redirect_to, $secure_htsrv_url));
$wrap_width = '480px';
// Use the links in the form title
$use_form_links = true;
case 'delete':
// Delete thread:
// Check permission:
$current_User->check_perm('perm_messaging', 'delete', true);
if (param('confirm', 'integer', 0)) {
// confirmed, Delete from DB:
$msg = sprintf(T_('Thread «%s» deleted.'), $edited_Thread->dget('title'));
$edited_Thread->dbdelete(true);
unset($edited_Thread);
unset($edited_Message);
forget_param('thrd_ID');
forget_param('msg_ID');
$Messages->add($msg, 'success');
// Redirect so that a reload doesn't write to the DB twice:
$redirect_to = param('redirect_to', 'url', '?ctrl=threads');
header_redirect($redirect_to, 303);
// Will EXIT
// We have EXITed already at this point!!
} else {
// not confirmed, Check for restrictions:
if (!$edited_Thread->check_delete(sprintf(T_('Cannot delete thread «%s»'), $edited_Thread->dget('title')))) {
// There are restrictions:
$action = 'view';
}
}
break;
case 'leave':
// Leave thread:
leave_thread($edited_Thread->ID, $current_User->ID, false);
$Messages->add(sprintf(T_('You have successfuly left the «%s» conversation!'), $edited_Thread->get('title')), 'success');
break;
$privacy = PROFILE_ITEM_PRIVATE;
} else {
$privacy = PROFILE_ITEM_PUBLIC;
}
}
if (!user_profile_update($uid, $piid, $profile_entry, $privacy)) {
$error_msg_array[] = gettext("Failed to update user profile");
$valid = false;
}
}
if ($valid) {
if ($admin_edit === true) {
header_redirect("admin_user.php?webtag={$webtag}&uid={$uid}&profile_updated=true", gettext("Profile updated."));
exit;
} else {
header_redirect("edit_profile.php?webtag={$webtag}&uid={$uid}&profile_updated=true", gettext("Profile updated."));
exit;
}
}
}
}
}
if (is_array($profile_items_array) && sizeof($profile_items_array) > 0) {
if ($admin_edit === true) {
$user = user_get($uid);
html_draw_top(sprintf('title=%s', sprintf(gettext("Admin - Edit Profile - %s"), format_user_name($user['LOGON'], $user['NICKNAME']))), 'class=window_title');
echo "<h1>", gettext("Admin"), "<img src=\"", html_style_image('separator.png'), "\" alt=\"\" border=\"0\" />", gettext("Edit Profile"), "<img src=\"", html_style_image('separator.png'), "\" alt=\"\" border=\"0\" />", format_user_name($user['LOGON'], $user['NICKNAME']), "</h1>\n";
} else {
html_draw_top(sprintf('title=%s', gettext("My Controls - Edit Profile")), 'class=window_title');
echo "<h1>", gettext("Edit Profile"), "</h1>\n";
}
break;
case 'generate_pot':
// Check that this action request is not a CSRF hacked request:
$Session->assert_received_crumb('locales');
if (translation_generate_pot_file()) {
$Messages->add(T_('The file .POT was generated successfully'), 'success');
}
header_redirect('?ctrl=locales', 303);
break;
case 'import_pot':
// Check that this action request is not a CSRF hacked request:
$Session->assert_received_crumb('locales');
if (translation_update_table_pot()) {
$Messages->add(T_('The file .POT was imported into database successfully'), 'success');
}
header_redirect('?ctrl=locales', 303);
break;
}
$AdminUI->breadcrumbpath_init(false);
$AdminUI->breadcrumbpath_add(T_('System'), $admin_url . '?ctrl=system', T_('Global settings are shared between all blogs; see Blog settings for more granular settings.'));
$AdminUI->breadcrumbpath_add(T_('Regional'), $admin_url . '?ctrl=locales');
$AdminUI->breadcrumbpath_add(T_('Locales'), $admin_url . '?ctrl=locales');
// Set an url for manual page:
if ($action == 'edit') {
$AdminUI->set_page_manual_link('locale-form');
} else {
$AdminUI->set_page_manual_link('locales-tab');
}
// Display <html><head>...</head> section! (Note: should be done early if actions do not redirect)
$AdminUI->disp_html_head();
// Display title, menu, messages, etc. (Note: messages MUST be displayed AFTER the actions)
if (strlen($message_text) > 0) {
if ($allow_sig == true && strlen(trim($sig_text)) > 0) {
$message_text .= "<div class=\"sig\">{$sig_text}</div>";
}
post_create($fid, $tid, 1, $uid, $uid, $message_text);
}
if ($high_interest == "Y") {
thread_set_high_interest($tid);
}
}
if (isset($tid) && $tid > 0) {
$uri = "discussion.php?webtag={$webtag}&msg={$tid}.1";
} else {
$uri = "discussion.php?webtag={$webtag}";
}
header_redirect($uri);
} else {
$error_msg_array[] = sprintf(gettext("You can only post once every %s seconds. Please try again later."), forum_get_setting('minimum_post_frequency', null, 0));
}
}
if (!($folder_dropdown = folder_draw_dropdown($fid, "fid", "", FOLDER_ALLOW_POLL_THREAD, USER_PERM_THREAD_CREATE, "", "post_folder_dropdown"))) {
html_draw_error(gettext("You cannot create new threads."));
}
html_draw_top(sprintf("title=%s", gettext("Create Poll")), "basetarget=_blank", "resize_width=785", "post.js", "poll.js", "attachments.js", "dictionary.js", "emoticons.js", 'class=window_title');
echo "<h1>", gettext("Create Poll"), "</h1>\n";
if (isset($error_msg_array) && sizeof($error_msg_array) > 0) {
html_display_error_array($error_msg_array, '785', 'left');
}
echo "<br />\n";
echo "<form accept-charset=\"utf-8\" name=\"f_poll\" action=\"create_poll.php\" method=\"post\" target=\"_self\">\n";
echo " ", form_input_hidden('webtag', htmlentities_array($webtag)), "\n";
links_update($lid, $fid, $_SESSION['UID'], $title, $uri, $description);
if (session::check_perm(USER_PERM_FOLDER_MODERATE, 0) && $link['UID'] != $_SESSION['UID']) {
admin_add_log_entry(DELETE_LINK, array($lid));
}
header_redirect("links_detail.php?webtag={$webtag}&lid={$lid}&fid={$fid}");
}
}
if ($user_perm_links_moderate || $link['UID'] == $_SESSION['UID']) {
if (isset($_POST['hide']) && $_POST['hide'] == "confirm") {
links_change_visibility($lid, false);
} else {
if (!isset($_POST['hide']) || isset($_POST['hide']) && $_POST['hide'] != "confirm") {
links_change_visibility($lid, true);
}
}
header_redirect("links_detail.php?webtag={$webtag}&lid={$lid}&fid={$fid}");
}
}
}
if (isset($_GET['delete_comment']) && is_numeric($_GET['delete_comment'])) {
$comment_id = $_GET['delete_comment'];
$comment_uid = links_get_comment_uid($comment_id);
if ($user_perm_links_moderate || $comment_uid == $_SESSION['UID']) {
if (links_delete_comment($comment_id)) {
$success_msg = gettext("Comment was deleted.");
} else {
$error_msg_array[] = gettext("Comment could not be deleted.");
$valid = false;
}
}
}
function links_click($lid)
{
if (!is_numeric($lid)) {
return;
}
if (!($db = db::get())) {
return;
}
if (!($table_prefix = get_table_prefix())) {
return;
}
$sql = "UPDATE LOW_PRIORITY `{$table_prefix}LINKS` ";
$sql .= "SET CLICKS = CLICKS + 1 WHERE LID = '{$lid}'";
if (!$db->query($sql)) {
return;
}
$sql = "SELECT URI FROM `{$table_prefix}LINKS` ";
$sql .= "WHERE LID = '{$lid}'";
if (!($result = $db->query($sql))) {
return;
}
if ($result->num_rows == 0) {
return;
}
list($link_uri) = $result->fetch_row();
header_redirect($link_uri);
}
// Delete country:
// Check that this action request is not a CSRF hacked request:
$Session->assert_received_crumb('country');
// Check permission:
$current_User->check_perm('options', 'edit', true);
// Make sure we got an ctry_ID:
param('ctry_ID', 'integer', true);
if (param('confirm', 'integer', 0)) {
// confirmed, Delete from DB:
$msg = sprintf(T_('Country «%s» deleted.'), $edited_Country->dget('name'));
$edited_Country->dbdelete(true);
unset($edited_Country);
forget_param('ctry_ID');
$Messages->add($msg, 'success');
// Redirect so that a reload doesn't write to the DB twice:
header_redirect('?ctrl=countries', 303);
// Will EXIT
// We have EXITed already at this point!!
} else {
// not confirmed, Check for restrictions:
if (!$edited_Country->check_delete(sprintf(T_('Cannot delete country «%s»'), $edited_Country->dget('name')))) {
// There are restrictions:
$action = 'view';
}
}
break;
}
$AdminUI->breadcrumbpath_init(false);
$AdminUI->breadcrumbpath_add(T_('System'), '?ctrl=system', T_('Global settings are shared between all blogs; see Blog settings for more granular settings.'));
$AdminUI->breadcrumbpath_add(T_('Regional settings'), '?ctrl=locales');
$AdminUI->breadcrumbpath_add(T_('Countries'), '?ctrl=countries');
$next_ComponentWidget->set('order', $order);
$next_ComponentWidget->dbupdate();
$edited_ComponentWidget->set('order', $next_order);
$edited_ComponentWidget->dbupdate();
}
$DB->commit();
break;
case 'delete':
// Remove a widget from container:
$msg = sprintf(T_('Widget «%s» removed.'), $edited_ComponentWidget->get_name());
$edited_ComponentWidget->dbdelete(true);
unset($edited_ComponentWidget);
forget_param('wi_ID');
$Messages->add($msg, 'success');
// PREVENT RELOAD & Switch to list mode:
header_redirect('?ctrl=widgets&blog=' . $blog);
break;
case 'list':
break;
default:
debug_die('Action: unhandled action');
}
/**
* Display page header, menus & messages:
*/
$AdminUI->set_coll_list_params('blog_properties', 'edit', array('ctrl' => 'widgets'), T_('List'), '?ctrl=collections&blog=0');
$AdminUI->set_path('blogs', 'widgets');
// Display <html><head>...</head> section! (Note: should be done early if actions do not redirect)
$AdminUI->disp_html_head();
// Display title, menu, messages, etc. (Note: messages MUST be displayed AFTER the actions)
$AdminUI->disp_body_top();