function edit() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } //Sektions-Liste if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') { $_POST['secid'] = array('all'); } if ($_POST['send'] == 1) { list($source) = $db->first("SELECT source FROM " . PRE . "_videos WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title'] || !$_POST['catid'] || !$_POST['text']) { infoNotComplete(); } elseif ($source == 'apexx' && !$_POST['select_flv']) { infoNotComplete(); } elseif ($source != 'apexx' && $_POST['embed_url'] && !($extInfo = $this->getEmbedVideo($_POST['embed_url']))) { info($apx->lang->get('INFO_EMBED_NOTFOUND')); } elseif ($source == 'apexx' && !file_exists(BASEDIR . getpath('uploads') . $_POST['select_flv'])) { info($apx->lang->get('INFO_NOTEXISTS', array('FILE' => $_POST['select_flv']))); } elseif ($source == 'apexx' && $_POST['select_file'] && !file_exists(BASEDIR . getpath('uploads') . $_POST['select_file'])) { info($apx->lang->get('INFO_NOTEXISTS', array('FILE' => $_POST['select_file']))); } elseif ($source == 'external' && (!$_POST['external_flv'] || $_POST['external_file'] && !$_POST['external_filesize'])) { infoNotComplete(); } elseif (!$this->category_is_open($_POST['catid'])) { die('you are not allowed to add videos to this category!'); } elseif (!$this->update_teaserpic()) { /*DO NOTHING*/ } else { $addfield = ''; //Veröffentlichung if ($apx->user->has_right('videos.enable') && isset($_POST['t_day_1'])) { $_POST['starttime'] = maketime(1); $_POST['endtime'] = maketime(2); if ($_POST['starttime']) { if (!$_POST['endtime'] || $_POST['endtime'] <= $_POST['starttime']) { $_POST['endtime'] = 3000000000; } $addfield .= ',starttime,endtime'; } } $_POST['secid'] = serialize_section($_POST['secid']); $_POST['teaserpic'] = $this->teaserpicpath; $_POST['regonly'] = 0; $_POST['limit'] = 0; $_POST['filesize'] = 0; $_POST['password'] = ''; //Autor if ($apx->user->has_spright('videos.edit') && $_POST['userid']) { $_POST['userid'] = $_POST['userid']; $addfield .= ',userid'; } //Auswahl if ($source == 'apexx') { $_POST['source'] = 'apexx'; $_POST['flvfile'] = $_POST['select_flv']; $_POST['file'] = $_POST['select_file']; $addfield .= ',file,flvfile,source'; //Download-Optionen if ($_POST['select_file']) { $_POST['regonly'] = (int) $_POST['select_regonly']; $_POST['limit'] = (int) $_POST['select_limit']; $_POST['password'] = $_POST['select_password']; } } elseif ($source == 'external') { $_POST['source'] = 'external'; $_POST['flvfile'] = $_POST['external_flv']; $_POST['file'] = $_POST['external_file']; $_POST['status'] = 'finished'; //Download-Optionen if ($_POST['external_file']) { $_POST['regonly'] = (int) $_POST['external_regonly']; $_POST['limit'] = (int) $_POST['external_limit']; $_POST['password'] = $_POST['external_password']; if ($_POST['external_filesize_format'] == 'kb') { $_POST['filesize'] = (int) 1024 * (double) str_replace(',', '.', $_POST['external_filesize']); } elseif ($_POST['external_filesize_format'] == 'mb') { $_POST['filesize'] = (int) 1024 * 1024 * (double) str_replace(',', '.', $_POST['external_filesize']); } elseif ($_POST['external_filesize_format'] == 'gb') { $_POST['filesize'] = (int) 1024 * 1024 * 1024 * (double) str_replace(',', '.', $_POST['external_filesize']); } else { $_POST['filesize'] = $_POST['external_filesize']; } } $addfield .= ',file,flvfile,source'; } elseif ($_POST['embed_url']) { $_POST['source'] = $extInfo['source']; $_POST['flvfile'] = $extInfo['identifier']; $_POST['file'] = ''; $addfield .= ',file,flvfile,source'; } $db->dupdate(PRE . '_videos', 'secid,prodid,catid,title,text,meta_description,teaserpic,filesize,password,limit,top,regonly,searchable,allowcoms,allowrating,restricted' . $addfield, "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); logit('VIDEOS_EDIT', 'ID #' . $_REQUEST['id']); //Tags $db->query("DELETE FROM " . PRE . "_videos_tags WHERE id='" . $_REQUEST['id'] . "'"); $tagids = produceTagIds($_POST['tags']); foreach ($tagids as $tagid) { $db->query("INSERT IGNORE INTO " . PRE . "_videos_tags VALUES('" . $_REQUEST['id'] . "', '" . $tagid . "')"); } printJSRedirect(get_index('videos.show')); } } else { require BASEDIR . getmodulepath('videos') . 'plattforms.php'; $res = $db->first("SELECT * FROM " . PRE . "_videos WHERE id='" . $_REQUEST['id'] . "' LIMIT 1", 1); foreach ($res as $key => $val) { $_POST[$key] = $val; } $_POST['secid'] = unserialize_section($_POST['secid']); //Autor if (!$res['userid']) { $_POST['userid'] = 'send'; } //Veröffentlichung if ($res['starttime']) { maketimepost(1, $res['starttime']); if ($res['endtime'] < 2147483647) { maketimepost(2, $res['endtime']); } } mediamanager('videos'); //Autor if ($apx->user->has_spright('videos.edit')) { $apx->tmpl->assign('USERLIST', $this->get_userlist()); } //Teaserpic $teaserpic = ''; if ($_POST['teaserpic']) { $teaserpicpath = $_POST['teaserpic']; $poppicpath = str_replace('-thumb.', '.', $teaserpicpath); if (file_exists(BASEDIR . getpath('uploads') . $poppicpath)) { $teaserpic = '../' . getpath('uploads') . $poppicpath; } else { $teaserpic = '../' . getpath('uploads') . $teaserpicpath; } } //Veröffentlichung if ($apx->user->has_right('videos.enable') && isset($_POST['t_day_1'])) { $apx->tmpl->assign('STARTTIME', choosetime(1, 0, maketime(1))); $apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2))); } //Tags $tags = array(); $tagdata = $db->fetch("\n\t\t\tSELECT t.tag\n\t\t\tFROM " . PRE . "_videos_tags AS n\n\t\t\tLEFT JOIN " . PRE . "_tags AS t USING(tagid)\n\t\t\tWHERE n.id='" . $_REQUEST['id'] . "'\n\t\t\tORDER BY t.tag ASC\n\t\t"); $tags = get_ids($tagdata, 'tag'); $_POST['tags'] = implode(', ', $tags); $apx->tmpl->assign('USERID', $_POST['userid']); $apx->tmpl->assign('PRODID', $_POST['prodid']); $apx->tmpl->assign('SECID', $_POST['secid']); $apx->tmpl->assign('CATLIST', $this->get_catlist()); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description'])); $apx->tmpl->assign('TAGS', compatible_hsc($_POST['tags'])); $apx->tmpl->assign('TEASERPIC', $teaserpic); $apx->tmpl->assign('PIC_COPY', compatible_hsc($_POST['pic_copy'])); $apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']); $apx->tmpl->assign('ALLOWRATING', (int) $_POST['allowrating']); $apx->tmpl->assign('TOP', (int) $_POST['top']); $apx->tmpl->assign('PUBNOW', (int) $_POST['pubnow']); $apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']); $apx->tmpl->assign('RESTRICTED', (int) $_POST['restricted']); $apx->tmpl->assign('CAN_CONVERT', $set['videos']['ffmpeg'] && $set['videos']['flvtool2']); $apx->tmpl->assign('SOURCE', compatible_hsc($_POST['source'])); $apx->tmpl->assign('SOURCE_NAME', compatible_hsc($plattforms[$_POST['source']][4])); $apx->tmpl->assign('FLVFILE', compatible_hsc($_POST['flvfile'])); $apx->tmpl->assign('FILE', compatible_hsc($_POST['file'])); if ($_POST['source'] == 'apexx' && $_POST['file']) { $apx->tmpl->assign('PASSWORD', compatible_hsc($_POST['password'])); $apx->tmpl->assign('REGONLY', $_POST['regonly']); $apx->tmpl->assign('LIMIT', $_POST['limit']); } elseif ($_POST['source'] == 'external' && $_POST['file']) { $apx->tmpl->assign('PASSWORD', compatible_hsc($_POST['password'])); $apx->tmpl->assign('REGONLY', $_POST['regonly']); $apx->tmpl->assign('LIMIT', $_POST['limit']); $apx->tmpl->assign('FILESIZE', compatible_hsc($_POST['filesize'])); $apx->tmpl->assign('FILESIZE_FORMAT', $_POST['filesize_format']); } $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->parse('add_edit'); } }
function edit() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } //Sektions-Liste if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') { $_POST['secid'] = array('all'); } if ($_POST['send'] == 1) { if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['catid'] || !$_POST['title'] || !$_POST['text']) { infoNotComplete(); } else { $_POST['secid'] = serialize_section($_POST['secid']); $_POST['lastchange'] = time(); $_POST['lastchange_userid'] = $apx->user->info['userid']; //Autor aktualisieren if ($apx->user->has_spright('content.edit') && $_POST['userid']) { if ($_POST['userid'] == 'send') { $_POST['userid'] = 0; } else { $_POST['userid'] = $_POST['userid']; } $addfields .= ',userid'; } $db->dupdate(PRE . '_content', 'secid,catid,title,text,meta_description,lastchange,lastchange_userid,allowcoms,searchable,allowrating' . $addfields, "WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('content.edit'), " AND userid='" . $apx->user->info['userid'] . "'") . " ) LIMIT 1"); logit('CONTENT_EDIT', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('content.show')); } } else { $res = $db->first("SELECT secid,catid,userid,title,text,meta_description,searchable,allowrating,allowcoms FROM " . PRE . "_content WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('content.edit'), " AND userid='" . $apx->user->info['userid'] . "'") . " )"); foreach ($res as $key => $val) { $_POST[$key] = $val; } $_POST['secid'] = unserialize_section($_POST['secid']); mediamanager('content'); $apx->tmpl->assign('CATLIST', $this->get_catlist($_POST['catid'])); $apx->tmpl->assign('SECID', $_POST['secid']); $apx->tmpl->assign('USERID', $_POST['userid']); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description'])); $apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']); $apx->tmpl->assign('ALLOWRATING', (int) $_POST['allowrating']); $apx->tmpl->assign('PUBNOW', (int) $_POST['pubnow']); $apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']); $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->parse('add_edit'); } }
function edit() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } //Sektions-Liste if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') { $_POST['secid'] = array('all'); } //News aktualisieren if ($_POST['send'] == 1) { if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title'] || !$_POST['catid'] || !$_POST['text']) { infoNotComplete(); } elseif ($_POST['catid'] != 'newcat' && !$this->category_is_open($_POST['catid'])) { die('you are not allowed to add news to this category!'); } elseif (!$this->update_newspic()) { /*DO NOTHING*/ } else { //Links for ($i = 1; $i <= 40; $i++) { if (!$_POST['link' . $i . '_title'] || !$_POST['link' . $i . '_text'] || !$_POST['link' . $i . '_url']) { continue; } $links[] = array('title' => $_POST['link' . $i . '_title'], 'text' => $_POST['link' . $i . '_text'], 'url' => $_POST['link' . $i . '_url'], 'popup' => intval($_POST['link' . $i . '_popup'])); } //Veröffentlichung if ($apx->user->has_right('news.enable') && isset($_POST['t_day_1'])) { $_POST['starttime'] = maketime(1); $_POST['endtime'] = maketime(2); if ($_POST['starttime']) { if (!$_POST['endtime'] || $_POST['endtime'] <= $_POST['starttime']) { $_POST['endtime'] = 3000000000; } $addfields = ',starttime,endtime'; } } //Sticky Ende if ($_POST['sticky'] && ($stickyend = maketime(3)) != 0) { $_POST['sticky'] = $stickyend; } elseif ($_POST['sticky']) { $_POST['sticky'] = 3000000000; } //Autor if ($apx->user->has_spright('news.edit') && $_POST['userid']) { if ($_POST['userid'] == 'send') { $_POST['userid'] = 0; } else { $_POST['userid'] = $_POST['userid']; } $addfields .= ',userid'; } $_POST['secid'] = serialize_section($_POST['secid']); $_POST['links'] = serialize($links); $_POST['newspic'] = $this->newspicpath; $db->dupdate(PRE . '_news', 'secid,prodid,catid,title,subtitle,newspic,teaser,text,meta_description,galid,links,top,sticky,searchable,restricted,allowcoms,allowrating' . $addfields, "WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('news.edit'), " AND userid='" . $apx->user->info['userid'] . "'") . " )"); logit('NEWS_EDIT', "ID #" . $_REQUEST['id']); //Tags $db->query("DELETE FROM " . PRE . "_news_tags WHERE id='" . $_REQUEST['id'] . "'"); $tagids = produceTagIds($_POST['tags']); foreach ($tagids as $tagid) { $db->query("INSERT IGNORE INTO " . PRE . "_news_tags VALUES('" . $_REQUEST['id'] . "', '" . $tagid . "')"); } if ($_POST['catid'] == 'newcat' && $apx->user->has_right('news.catadd')) { printJSRedirect('action.php?action=news.catadd&addid=' . $_REQUEST['id']); } else { printJSRedirect(get_index('news.show')); } } } else { $res = $db->first("SELECT secid,prodid,userid,send_username,send_email,catid,newspic,title,subtitle,teaser,text,meta_description,galid,links,top,sticky,searchable,restricted,allowcoms,allowrating,starttime,endtime FROM " . PRE . "_news WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('news.edit'), " AND userid='" . $apx->user->info['userid'] . "'") . " ) LIMIT 1", 1); //Umsetzung zu POST foreach ($res as $key => $val) { if ($key == 'links') { continue; } $_POST[$key] = $val; } //Keine Benutzer-ID gesetzt => Eingesendete News if (!$res['userid']) { $_POST['userid'] = 'send'; } //Links umformen $_POST['link1_popup'] = 1; $links = unserialize($res['links']); if (is_array($links) && count($links)) { foreach ($links as $link) { ++$i; $_POST['link' . $i . '_title'] = $link['title']; $_POST['link' . $i . '_text'] = $link['text']; $_POST['link' . $i . '_url'] = $link['url']; $_POST['link' . $i . '_popup'] = $link['popup']; } } //Veröffentlichung if ($res['starttime']) { maketimepost(1, $res['starttime']); if ($res['endtime'] < 2147483647) { maketimepost(2, $res['endtime']); } } //Sticky Ende if ($res['sticky'] < 2147483647) { maketimepost(3, $res['sticky']); } $_POST['secid'] = unserialize_section($_POST['secid']); mediamanager('news'); //Normale Links if (!$_POST['link1_title']) { $_POST['link1_title'] = $apx->lang->get('LLINK'); } for ($i = 1; $i <= 40; $i++) { if ($i > 1 && (!$_POST['link' . $i . '_title'] || $_POST['link' . $i . '_title'] == $apx->lang->get('LLINK')) && !$_POST['link' . $i . '_text'] && !$_POST['link' . $i . '_url']) { continue; } $linklist[] = array('TITLE' => compatible_hsc($_POST['link' . $i . '_title']), 'TEXT' => compatible_hsc($_POST['link' . $i . '_text']), 'URL' => compatible_hsc($_POST['link' . $i . '_url']), 'POPUP' => (int) $_POST['link' . $i . '_popup'], 'DISPLAY' => 1); } while (count($linklist) < 40) { $linklist[] = array('TITLE' => $apx->lang->get('LLINK'), 'POPUP' => 1); } //Veröffentlichung if ($apx->user->has_right('news.enable') && isset($_POST['t_day_1'])) { $apx->tmpl->assign('STARTTIME', choosetime(1, 0, maketime(1))); $apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2))); } //Einsende-User beachten $send = $db->first("SELECT send_username,send_email FROM " . PRE . "_news WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); if ($send['send_username']) { $usersend = '<option value="send"' . iif($_POST['userid'] == 'send', ' selected="selected"') . '>' . $apx->lang->get('GUEST') . ': ' . $send['send_username'] . iif($send['send_email'], ' (' . $send['send_email'] . ')') . '</option>'; } //Newspic $teaserpic = ''; if ($_POST['newspic']) { $teaserpicpath = $_POST['newspic']; $poppicpath = str_replace('-thumb.', '.', $teaserpicpath); if (file_exists(BASEDIR . getpath('uploads') . $poppicpath)) { $teaserpic = '../' . getpath('uploads') . $poppicpath; } else { $teaserpic = '../' . getpath('uploads') . $teaserpicpath; } } //Tags $tags = array(); $tagdata = $db->fetch("\n\t\t\tSELECT t.tag\n\t\t\tFROM " . PRE . "_news_tags AS n\n\t\t\tLEFT JOIN " . PRE . "_tags AS t USING(tagid)\n\t\t\tWHERE n.id='" . $_REQUEST['id'] . "'\n\t\t\tORDER BY t.tag ASC\n\t\t"); $tags = get_ids($tagdata, 'tag'); $_POST['tags'] = implode(', ', $tags); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('USERID', $_POST['userid']); $apx->tmpl->assign('PRODID', $_POST['prodid']); $apx->tmpl->assign('USER_SEND', $usersend); $apx->tmpl->assign('SECID', $_POST['secid']); $apx->tmpl->assign('GALID', $_POST['galid']); $apx->tmpl->assign('CATLIST', $this->get_catlist()); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('SUBTITLE', compatible_hsc($_POST['subtitle'])); $apx->tmpl->assign('TEASER', compatible_hsc($_POST['teaser'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description'])); $apx->tmpl->assign('TAGS', compatible_hsc($_POST['tags'])); $apx->tmpl->assign('NEWSPIC', $teaserpic); $apx->tmpl->assign('PIC_COPY', compatible_hsc($_POST['pic_copy'])); $apx->tmpl->assign('LINK', $linklist); $apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']); $apx->tmpl->assign('ALLOWRATING', (int) $_POST['allowrating']); $apx->tmpl->assign('TOP', (int) $_POST['top']); $apx->tmpl->assign('STICKY', (int) $_POST['sticky']); $apx->tmpl->assign('STICKYTIME', choosetime(3, 1, maketime(3))); $apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']); $apx->tmpl->assign('RESTRICTED', (int) $_POST['restricted']); $apx->tmpl->parse('edit'); } }
function edit() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } if ($_POST['send'] == 1) { if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title'] || !$_POST['catid'] || !$_POST['text']) { infoNotComplete(); } else { $db->dupdate(PRE . '_glossar', 'catid,title,spelling,text,meta_description,searchable,allowcoms,allowrating', "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $nid = $db->insert_id(); logit('GLOSSAR_ADD', 'ID #' . $nid); //Inlinescreens mediamanager_setinline($nid); //Tags $db->query("DELETE FROM " . PRE . "_glossar_tags WHERE id='" . $_REQUEST['id'] . "'"); $tagids = produceTagIds($_POST['tags']); foreach ($tagids as $tagid) { $db->query("INSERT IGNORE INTO " . PRE . "_glossar_tags VALUES('" . $_REQUEST['id'] . "', '" . $tagid . "')"); } printJSRedirect(get_index('glossar.show')); } } else { $res = $db->first("SELECT * FROM " . PRE . "_glossar WHERE id='" . $_REQUEST['id'] . "' LIMIT 1", 1); foreach ($res as $key => $value) { $_POST[$key] = $value; } mediamanager('glossar'); //Tags $tags = array(); $tagdata = $db->fetch("\n\t\t\tSELECT t.tag\n\t\t\tFROM " . PRE . "_glossar_tags AS n\n\t\t\tLEFT JOIN " . PRE . "_tags AS t USING(tagid)\n\t\t\tWHERE n.id='" . $_REQUEST['id'] . "'\n\t\t\tORDER BY t.tag ASC\n\t\t"); $tags = get_ids($tagdata, 'tag'); $_POST['tags'] = implode(', ', $tags); $apx->tmpl->assign('CATLIST', $this->get_catlist($_POST['catid'])); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description'])); $apx->tmpl->assign('SPELLING', compatible_hsc($_POST['spelling'])); $apx->tmpl->assign('TAGS', compatible_hsc($_POST['tags'])); $apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']); $apx->tmpl->assign('ALLOWRATING', (int) $_POST['allowrating']); $apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->parse('add_edit'); } }
function edit() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } //Sektions-Liste if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') { $_POST['secid'] = array('all'); } //Anfrage abesenden if ($_POST['send'] == 1) { if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title'] || !$_POST['url'] || !$_POST['catid'] || !$_POST['text']) { infoNotComplete(); } elseif (!$this->update_linkpic()) { /*DO NOTHING*/ } else { $_POST['secid'] = serialize_section($_POST['secid']); $_POST['linkpic'] = $this->linkpicpath; //Autor if ($apx->user->has_spright('links.edit') && $_POST['userid']) { if ($_POST['userid'] == 'send') { $_POST['userid'] = 0; } else { $_POST['userid'] = $_POST['userid']; } $addfields .= ',userid'; } //Veröffentlichung if ($apx->user->has_right('links.enable') && isset($_POST['t_day_1'])) { $_POST['starttime'] = maketime(1); $_POST['endtime'] = maketime(2); if ($_POST['starttime']) { if (!$_POST['endtime'] || $_POST['endtime'] <= $_POST['starttime']) { $_POST['endtime'] = 3000000000; } $addfields .= ',starttime,endtime'; } } $db->dupdate(PRE . '_links', 'secid,catid,userid,title,url,linkpic,text,meta_description,galid,searchable,restricted,allowcoms,allowrating,top' . $addfield, "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); logit('LINKS_EDIT', 'ID #' . $_REQUEST['id']); //Tags $db->query("DELETE FROM " . PRE . "_links_tags WHERE id='" . $_REQUEST['id'] . "'"); $tagids = produceTagIds($_POST['tags']); foreach ($tagids as $tagid) { $db->query("INSERT IGNORE INTO " . PRE . "_links_tags VALUES('" . $_REQUEST['id'] . "', '" . $tagid . "')"); } if ($_POST['catid'] == 'newcat' && $apx->user->has_right('links.catadd')) { return printJSRedirect('action.php?action=links.catadd&addid=' . $_REQUEST['id']); } else { printJSRedirect(get_index('links.show')); } } } else { $res = $db->first("SELECT * FROM " . PRE . "_links WHERE id='" . $_REQUEST['id'] . "' LIMIT 1", 1); foreach ($res as $key => $val) { $_POST[$key] = $val; } $_POST['secid'] = unserialize_section($_POST['secid']); //Keine Benutzer-ID gesetzt => Eingesendeter Link if (!$res['userid']) { $_POST['userid'] = 'send'; } //Veröffentlichung if ($res['starttime']) { maketimepost(1, $res['starttime']); if ($res['endtime'] < 2147483647) { maketimepost(2, $res['endtime']); } } mediamanager('links'); //Veröffentlichung if ($apx->user->has_right('links.enable') && isset($_POST['t_day_1'])) { $apx->tmpl->assign('STARTTIME', choosetime(1, 0, maketime(1))); $apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2))); } //Einsende-User beachten $send = $db->first("SELECT send_username,send_email FROM " . PRE . "_links WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); if ($send['send_username']) { $usersend = '<option value="send"' . iif($_POST['userid'] == 'send', ' selected="selected"') . '>' . $apx->lang->get('GUEST') . ': ' . $send['send_username'] . iif($send['send_email'], ' (' . $send['send_email'] . ')') . '</option>'; } //Bild $teaserpic = ''; if ($_POST['linkpic']) { $teaserpicpath = $_POST['linkpic']; $poppicpath = str_replace('-thumb.', '.', $teaserpicpath); if (file_exists(BASEDIR . getpath('uploads') . $poppicpath)) { $teaserpic = '../' . getpath('uploads') . $poppicpath; } else { $teaserpic = '../' . getpath('uploads') . $teaserpicpath; } } //Tags $tags = array(); $tagdata = $db->fetch("\n\t\t\tSELECT t.tag\n\t\t\tFROM " . PRE . "_links_tags AS n\n\t\t\tLEFT JOIN " . PRE . "_tags AS t USING(tagid)\n\t\t\tWHERE n.id='" . $_REQUEST['id'] . "'\n\t\t\tORDER BY t.tag ASC\n\t\t"); $tags = get_ids($tagdata, 'tag'); $_POST['tags'] = implode(', ', $tags); $apx->tmpl->assign('USERID', $_POST['userid']); $apx->tmpl->assign('USER_SEND', $usersend); $apx->tmpl->assign('SECID', $_POST['secid']); $apx->tmpl->assign('GALID', $_POST['galid']); $apx->tmpl->assign('CATLIST', $this->get_catlist()); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('URL', compatible_hsc($_POST['url'])); $apx->tmpl->assign('LINKPIC', $teaserpic); $apx->tmpl->assign('PIC_COPY', compatible_hsc($_POST['pic_copy'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description'])); $apx->tmpl->assign('TAGS', compatible_hsc($_POST['tags'])); $apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']); $apx->tmpl->assign('ALLOWRATING', (int) $_POST['allowrating']); $apx->tmpl->assign('TOP', (int) $_POST['top']); $apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']); $apx->tmpl->assign('RESTRICTED', (int) $_POST['restricted']); $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->parse('add_edit'); } }
function page_add_edit() { global $set, $db, $apx; //Artikel-Seite löschen if ($_REQUEST['del']) { $apx->lang->dropaction('articles', 'pdel'); $this->page_del(); return; } elseif ($_REQUEST['move'] && $_REQUEST['direction']) { $this->page_move(); return; } list($brother1, $brother2) = $this->get_brothers(); list($pagecount) = $db->first("SELECT count(id) FROM " . PRE . "_articles_pages WHERE artid='" . $_REQUEST['id'] . "'"); if ($_POST['send'] == 1) { //Eine Seite zurück, wenn nichts ausgefüllt if ($_POST['submit_prev'] && !$_POST['title'] && !$_POST['text']) { list($brother1, $brother2) = $this->get_brothers(); printJSRedirect('action.php?action=' . $_REQUEST['action'] . '&id=' . $_REQUEST['id'] . '&pubnow=' . $_REQUEST['pubnow'] . '&pageid=' . $brother1); } elseif ($pagecount && $_POST['submit_finish'] && !$_POST['title'] && !$_POST['text']) { $this->finish_article(); return; } elseif ($pagecount && $_POST['submit_walk'] && !$_POST['title'] && !$_POST['text']) { if ($this->type == 'normal') { printJSRedirect('action.php?action=' . $_REQUEST['action'] . '&id=' . $_REQUEST['id'] . '&pubnow=' . $_REQUEST['pubnow'] . '&pageid=pics'); return; } else { printJSRedirect('action.php?action=' . $_REQUEST['action'] . '&id=' . $_REQUEST['id'] . '&pubnow=' . $_REQUEST['pubnow'] . '&pageid=conclusion'); return; } } elseif (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title'] || !$_POST['text']) { infoNotComplete(); } else { //MYSQL einfügen: Neue Seite if ($_REQUEST['pageid'] == 'new') { $_POST['artid'] = $_REQUEST['id']; $_POST['addtime'] = time(); list($lastord) = $db->first("SELECT ord FROM " . PRE . "_articles_pages WHERE artid='" . $_REQUEST['id'] . "' ORDER BY ord DESC LIMIT 1"); $_POST['ord'] = $lastord + 1; $db->dinsert(PRE . '_articles_pages', 'artid,title,text,ord'); //Inlinescreens mediamanager_setinline($_REQUEST['id']); } else { $db->dupdate(PRE . '_articles_pages', 'title,text', "WHERE ( id='" . $_REQUEST['pageid'] . "' AND artid='" . $_REQUEST['id'] . "' ) LIMIT 1"); } //WEITER: Vorherige Seite if ($_POST['submit_prev']) { printJSRedirect('action.php?action=' . $_REQUEST['action'] . '&id=' . $_REQUEST['id'] . '&pubnow=' . $_REQUEST['pubnow'] . '&pageid=' . $brother1); } elseif ($_POST['submit_next'] && !$brother2) { printJSRedirect('action.php?action=' . $_REQUEST['action'] . '&id=' . $_REQUEST['id'] . '&pubnow=' . $_REQUEST['pubnow'] . '&pageid=new'); } elseif ($_POST['submit_next']) { printJSRedirect('action.php?action=' . $_REQUEST['action'] . '&id=' . $_REQUEST['id'] . '&pubnow=' . $_REQUEST['pubnow'] . '&pageid=' . $brother2); } else { if ($_POST['submit_finish']) { $this->finish_article(); return; } elseif ($this->type == 'normal') { printJSRedirect('action.php?action=' . $_REQUEST['action'] . '&id=' . $_REQUEST['id'] . '&pubnow=' . $_REQUEST['pubnow'] . '&pageid=pics'); return; } else { printJSRedirect('action.php?action=' . $_REQUEST['action'] . '&id=' . $_REQUEST['id'] . '&pubnow=' . $_REQUEST['pubnow'] . '&pageid=conclusion'); return; } } } } else { if ($_REQUEST['pageid'] != 'new') { list($_POST['title'], $_POST['text']) = $db->first("SELECT title,text FROM " . PRE . "_articles_pages WHERE ( id='" . $_REQUEST['pageid'] . "' AND artid='" . $_REQUEST['id'] . "' ) LIMIT 1"); } $this->page_index(); mediamanager('articles'); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('PAGEID', $_REQUEST['pageid']); $apx->tmpl->assign('SET_PREVIOUS', $brother1); $apx->tmpl->assign('SET_NEWPAGE', !$brother2); $apx->tmpl->assign('PUBNOW', (int) $_REQUEST['pubnow']); $apx->tmpl->assign('TYPE', $this->type); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('ACTION', iif($_REQUEST['action'] == 'articles.add', 'add', 'edit')); $apx->tmpl->parse('padd_pedit'); } }
function edit() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } //Sektions-Liste if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') { $_POST['secid'] = array('all'); } //Sendfile list($tempfile, $filename) = $db->first("SELECT tempfile,file FROM " . PRE . "_downloads WHERE id='" . intval($_REQUEST['id']) . "' LIMIT 1"); //DATEI AKTIVIEREN if ($_POST['enablefile'] && $tempfile) { if (!checkToken()) { infoInvalidToken(); } else { $this->edit_enable($tempfile, $filename); printJSRedirect('action.php?action=downloads.edit&id=' . $_REQUEST['id']); } } elseif ($_POST['send'] == 1) { if (!checkToken()) { infoInvalidToken(); } elseif ($_FILES['file_upload']['error'] == 1) { info($apx->lang->get('INFO_TOOBIG')); } elseif (!$_POST['title'] || !$_POST['catid'] || !$_POST['text'] || !$_POST['file'] && !$_FILES['file_upload']['tmp_name'] || !$_POST['local'] && !$_POST['filesize']) { infoNotComplete(); } elseif (!$this->category_is_open($_POST['catid'])) { die('you are not allowed to add downloads to this category!'); } elseif (!$this->update_file()) { /*do nothing*/ } elseif (!$this->update_teaserpic()) { /*DO NOTHING*/ } else { //Dateigröße if ($_POST['local']) { $_POST['filesize'] = 0; } else { if ($_POST['filesize_format'] == 'kb') { $_POST['filesize'] = (int) 1024 * (double) str_replace(',', '.', $_POST['filesize']); } elseif ($_POST['filesize_format'] == 'mb') { $_POST['filesize'] = (int) 1024 * 1024 * (double) str_replace(',', '.', $_POST['filesize']); } elseif ($_POST['filesize_format'] == 'gb') { $_POST['filesize'] = (int) 1024 * 1024 * 1024 * (double) str_replace(',', '.', $_POST['filesize']); } } //Mirrors $mirrorlist = array(); for ($i = 1; $i <= 20; $i++) { if (!$_POST['mirror' . $i . '_title'] || !$_POST['mirror' . $i . '_url']) { continue; } $mirrorlist[] = array('title' => $_POST['mirror' . $i . '_title'], 'url' => $_POST['mirror' . $i . '_url']); } //Autor if ($apx->user->has_spright('downloads.edit') && $_POST['userid']) { if ($_POST['userid'] == 'send') { $_POST['userid'] = 0; } else { $_POST['userid'] = $_POST['userid']; } $addfields .= ',userid'; } //Veröffentlichung if ($apx->user->has_right('downloads.enable') && isset($_POST['t_day_1'])) { $_POST['starttime'] = maketime(1); $_POST['endtime'] = maketime(2); if ($_POST['starttime']) { if (!$_POST['endtime'] || $_POST['endtime'] <= $_POST['starttime']) { $_POST['endtime'] = 3000000000; } $addfields .= ',starttime,endtime'; } } $_POST['secid'] = serialize_section($_POST['secid']); $_POST['mirrors'] = serialize($mirrorlist); $_POST['file'] = $this->filepath; $_POST['tempfile'] = $this->tempfile; $_POST['teaserpic'] = $this->teaserpicpath; $db->dupdate(PRE . '_downloads', 'secid,prodid,catid,file,tempfile,filesize,format,local,title,text,teaserpic,meta_description,galid,author,author_link,mirrors,allowcoms,allowrating,top,regonly,searchable,restricted,limit,password' . $addfields, "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); logit('DOWNLOADS_EDIT', 'ID #' . $_REQUEST['id']); //Tags $db->query("DELETE FROM " . PRE . "_downloads_tags WHERE id='" . $_REQUEST['id'] . "'"); $tagids = produceTagIds($_POST['tags']); foreach ($tagids as $tagid) { $db->query("INSERT IGNORE INTO " . PRE . "_downloads_tags VALUES('" . $_REQUEST['id'] . "', '" . $tagid . "')"); } printJSRedirect(get_index('downloads.show')); } } else { $res = $db->first("SELECT * FROM " . PRE . "_downloads WHERE id='" . $_REQUEST['id'] . "' LIMIT 1", 1); foreach ($res as $key => $val) { $_POST[$key] = $val; } $_POST['secid'] = unserialize_section($_POST['secid']); //Autor if (!$res['userid']) { $_POST['userid'] = 'send'; } //Veröffentlichung if ($res['starttime']) { maketimepost(1, $res['starttime']); if ($res['endtime'] < 2147483647) { maketimepost(2, $res['endtime']); } } //Mirrors $mirrors = unserialize($res['mirrors']); if (is_array($mirrors) && count($mirrors)) { foreach ($mirrors as $res) { ++$i; $_POST['mirror' . $i . '_title'] = $res['title']; $_POST['mirror' . $i . '_url'] = $res['url']; } } mediamanager('downloads'); //Mirrors $mirrorlist = array(); for ($i = 1; $i <= 20; $i++) { if ($i > 1 && (!$_POST['mirror' . $i . '_title'] || !$_POST['mirror' . $i . '_url'])) { continue; } $mirrorlist[] = array('TITLE' => compatible_hsc($_POST['mirror' . $i . '_title']), 'URL' => compatible_hsc($_POST['mirror' . $i . '_url']), 'DISPLAY' => 1); } while (count($mirrorlist) < 20) { $mirrorlist[] = array('TITLE' => '', 'URL' => ''); } //Autor if ($apx->user->has_spright('downloads.edit')) { $apx->tmpl->assign('USERLIST', $this->get_userlist()); } //Veröffentlichung if ($apx->user->has_right('downloads.enable') && isset($_POST['t_day_1'])) { $apx->tmpl->assign('STARTTIME', choosetime(1, 0, maketime(1))); $apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2))); } //Einsende-User beachten $send = $db->first("SELECT send_username,send_email FROM " . PRE . "_downloads WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); if ($send['send_username']) { $usersend = '<option value="send"' . iif($_POST['userid'] == 'send', ' selected="selected"') . '>' . $apx->lang->get('GUEST') . ': ' . $send['send_username'] . iif($send['send_email'], ' (' . $send['send_email'] . ')') . '</option>'; } //Teaserpic $teaserpic = ''; if ($_POST['teaserpic']) { $teaserpicpath = $_POST['teaserpic']; $poppicpath = str_replace('-thumb.', '.', $teaserpicpath); if (file_exists(BASEDIR . getpath('uploads') . $poppicpath)) { $teaserpic = '../' . getpath('uploads') . $poppicpath; } else { $teaserpic = '../' . getpath('uploads') . $teaserpicpath; } } //Tags $tags = array(); $tagdata = $db->fetch("\n\t\t\tSELECT t.tag\n\t\t\tFROM " . PRE . "_downloads_tags AS n\n\t\t\tLEFT JOIN " . PRE . "_tags AS t USING(tagid)\n\t\t\tWHERE n.id='" . $_REQUEST['id'] . "'\n\t\t\tORDER BY t.tag ASC\n\t\t"); $tags = get_ids($tagdata, 'tag'); $_POST['tags'] = implode(', ', $tags); $apx->tmpl->assign('USERID', $_POST['userid']); $apx->tmpl->assign('PRODID', $_POST['prodid']); $apx->tmpl->assign('USER_SEND', $usersend); $apx->tmpl->assign('SECID', $_POST['secid']); $apx->tmpl->assign('GALID', $_POST['galid']); $apx->tmpl->assign('CATLIST', $this->get_catlist()); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('TEASERPIC', $teaserpic); $apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description'])); $apx->tmpl->assign('TAGS', compatible_hsc($_POST['tags'])); $apx->tmpl->assign('AUTHOR', compatible_hsc($_POST['author'])); $apx->tmpl->assign('AUTHOR_LINK', compatible_hsc($_POST['author_link'])); $apx->tmpl->assign('FILE', compatible_hsc($_POST['file'])); $apx->tmpl->assign('TEMPFILE', $tempfile); $apx->tmpl->assign('TEMPFILE_URL', '../' . getpath('uploads') . $tempfile); $apx->tmpl->assign('FILESIZE', compatible_hsc($_POST['filesize'])); $apx->tmpl->assign('FILESIZE_FORMAT', $_POST['filesize_format']); $apx->tmpl->assign('FORMAT', compatible_hsc($_POST['format'])); $apx->tmpl->assign('MIRROR', $mirrorlist); $apx->tmpl->assign('LOCAL', (int) $_POST['local']); $apx->tmpl->assign('PASSWORD', compatible_hsc($_POST['password'])); $apx->tmpl->assign('LIMIT', (int) $_POST['limit']); $apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']); $apx->tmpl->assign('ALLOWRATING', (int) $_POST['allowrating']); $apx->tmpl->assign('TOP', (int) $_POST['top']); $apx->tmpl->assign('REGONLY', (int) $_POST['regonly']); $apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']); $apx->tmpl->assign('RESTRICTED', (int) $_POST['restricted']); $apx->tmpl->assign('ACTION', 'edit'); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->parse('add_edit'); } }