$task = 'file_properties';
$name = smart_addslashes(trim($_POST['name']));
if ($name == '') {
$feedback = '<p class="Error">' . $error_missing_field . '</p>';
} else {
if ($_POST['extension'] != '') {
$name = $name . '.' . $_POST['extension'];
}
$existing_id = $cms->file_exists($folder_id, $name);
if ($existing_id && $_POST['file_id'] != $existing_id) {
$feedback = '<p class="Error">' . $fbNameExists . '</p>';
} elseif (!($file = $cms->get_file($_POST['file_id']))) {
$feedback = '<p class="Error">' . $strSaveError . '</p>';
} else {
$hot_item = isset($_POST['hot_item']) ? '1' : '0';
if (!$cms->update_file($_POST['file_id'], $name, addslashes($file['content']), smart_addslashes($_POST['title']), smart_addslashes($_POST['description']), smart_addslashes($_POST['keywords']), $_POST['priority'], $hot_item)) {
$feedback = '<p class="Error">' . $strSaveError . '</p>';
} else {
if ($_POST['close'] == 'true') {
header('Location: ' . $return_to);
exit;
}
}
}
}
break;
case 'save_folder_properties':
$task = 'folder_properties';
$name = smart_addslashes(trim($_POST['name']));
if ($name == '') {
$feedback = '<p class="Error">' . $error_missing_field . '</p>';
//get the language file
require $GO_LANGUAGE->get_language_file('cms');
$task = isset($_REQUEST['task']) ? $_REQUEST['task'] : '';
$file_id = isset($_REQUEST['file_id']) ? $_REQUEST['file_id'] : 0;
$folder_id = isset($_REQUEST['folder_id']) ? $_REQUEST['folder_id'] : 0;
$site_id = isset($_REQUEST['site_id']) ? $_REQUEST['site_id'] : 0;
if ($folder_id == 0 || $site_id == 0) {
//no folder or site given so back off cowardly
header('Location: index.php');
exit;
}
if ($task == 'save') {
if ($file_id > 0) {
//fix for inserted iframes
$content = preg_replace("'<iframe([^>]*)/>'si", "<iframe\$1></iframe>", $_POST['content']);
$cms->update_file($file_id, smart_addslashes($_POST['name']), smart_addslashes($content), smart_addslashes($_POST['title']), smart_addslashes($_POST['description']), smart_addslashes($_POST['keywords']), $_POST['priority'], $_POST['hot_item']);
} else {
$name = smart_addslashes(trim($_POST['name']));
if ($name == '') {
$feedback = '<p class="Error">' . $error_missing_field . '</p>';
} else {
$filename = $name . '.html';
if ($cms->file_exists($folder_id, $filename)) {
$feedback = '<p class="Error">' . $fbNameExists . '</p>';
} elseif (!($file_id = $cms->add_file($folder_id, $filename, smart_addslashes($_POST['content']), '', '', '', $_POST['priority']))) {
$feedback = '<p class="Error">' . $strSaveError . '</p>';
}
}
}
}
if ($file_id > 0) {
