safe() public static method

Request whether safe to proceed at all times
public static safe ( ) : boolean
return boolean
Exemplo n.º 1
0
 protected function post_tags()
 {
     global $aidlink;
     if (isset($_POST['save_tag'])) {
         $this->data = array('tag_id' => isset($_GET['tag_id']) && isnum($_GET['tag_id']) ? intval($_GET['tag_id']) : 0, 'tag_title' => form_sanitizer($_POST['tag_title'], '', 'tag_title'), 'tag_language' => form_sanitizer($_POST['tag_language'], '', 'tag_language'), 'tag_color' => form_sanitizer($_POST['tag_color'], '', 'tag_color'), 'tag_description' => form_sanitizer($_POST['tag_description'], '', 'tag_description'), 'tag_status' => isset($_POST['tag_status']) && isnum($_POST['tag_status']) ? intval($_POST['tag_status']) : 0);
         if (\defender::safe()) {
             if (!empty($this->data['tag_id'])) {
                 /**
                  * Update
                  */
                 dbquery_insert(DB_FORUM_TAGS, $this->data, "update");
                 addNotice('success', self::$locale['forum_tag_0105']);
                 redirect(FUSION_SELF . $aidlink . '&section=ft');
             } else {
                 /**
                  * Save New
                  */
                 dbquery_insert(DB_FORUM_TAGS, $this->data, "save");
                 addNotice('success', self::$locale['forum_tag_0106']);
                 redirect(FUSION_SELF . $aidlink . '&section=ft');
             }
         }
     }
     if (isset($_GET['delete']) && isnum($_GET['delete'])) {
         $result = dbquery("DELETE FROM " . DB_FORUM_TAGS . " WHERE tag_id='" . $_GET['delete'] . "'");
         if ($result) {
             addNotice("success", self::$locale['forum_tag_0107']);
             redirect(FUSION_SELF . $aidlink . '&section=ft');
         }
     }
 }
Exemplo n.º 2
0
 protected function post_forum_ranks()
 {
     global $aidlink;
     if (isset($_POST['save_rank'])) {
         $this->data = array('rank_id' => isset($_GET['rank_id']) && isnum($_GET['rank_id']) ? intval($_GET['rank_id']) : 0, 'rank_title' => form_sanitizer($_POST['rank_title'], '', 'rank_title'), 'rank_image' => form_sanitizer($_POST['rank_image'], "", "rank_image"), 'rank_language' => form_sanitizer($_POST['rank_language'], "", "rank_language"), 'rank_posts' => isset($_POST['rank_posts']) && isnum($_POST['rank_posts']) ? $_POST['rank_posts'] : 0, 'rank_type' => isset($_POST['rank_type']) && isnum($_POST['rank_type']) ? $_POST['rank_type'] : 0, 'rank_apply_normal' => isset($_POST['rank_apply_normal']) && isnum($_POST['rank_apply_normal']) ? $_POST['rank_apply_normal'] : USER_LEVEL_MEMBER, 'rank_apply_special' => isset($_POST['rank_apply_special']) && isnum($_POST['rank_apply_special']) ? $_POST['rank_apply_special'] : 1);
         $this->data += array('rank_apply' => $this->data['rank_type'] == 2 ? $this->data['rank_apply_special'] : $this->data['rank_apply_normal']);
         if (\defender::safe()) {
             if (!empty($this->data['rank_id']) && !$this->check_duplicate_ranks()) {
                 /**
                  * Update
                  */
                 dbquery_insert(DB_FORUM_RANKS, $this->data, "update");
                 addNotice('info', self::$locale['411']);
                 redirect(FUSION_SELF . $aidlink . '&section=fr');
             } elseif (!$this->check_duplicate_ranks()) {
                 /**
                  * Save New
                  */
                 dbquery_insert(DB_FORUM_RANKS, $this->data, "save");
                 addNotice('info', self::$locale['410']);
                 redirect(FUSION_SELF . $aidlink . '&section=fr');
             }
         }
     }
     if (isset($_GET['delete']) && isnum($_GET['delete'])) {
         $result = dbquery("DELETE FROM " . DB_FORUM_RANKS . " WHERE rank_id='" . $_GET['delete'] . "'");
         if ($result) {
             addNotice("success", self::$locale['412']);
             redirect(FUSION_SELF . $aidlink . '&section=fr');
         }
     }
 }
Exemplo n.º 3
0
 /**
  * Post execution of forum mood
  */
 protected function post_Mood()
 {
     $locale = fusion_get_locale('', FORUM_ADMIN_LOCALE);
     if (isset($_POST['cancel_mood'])) {
         redirect(clean_request('', array('mood_id', 'ref'), FALSE));
     }
     if (isset($_POST['save_mood'])) {
         $this->data = array("mood_id" => form_sanitizer($_POST['mood_id'], 0, 'mood_id'), "mood_name" => form_sanitizer($_POST['mood_name'], '', 'mood_name', TRUE), "mood_description" => form_sanitizer($_POST['mood_description'], '', 'mood_description', TRUE), "mood_icon" => form_sanitizer($_POST['mood_icon'], '', 'mood_icon'), "mood_status" => form_sanitizer($_POST['mood_status'], '', 'mood_status'), "mood_notify" => form_sanitizer($_POST['mood_notify'], '', 'mood_notify'), "mood_access" => form_sanitizer($_POST['mood_access'], '', 'mood_access'));
         if (\defender::safe()) {
             if (!empty($this->data['mood_id'])) {
                 dbquery_insert(DB_FORUM_MOODS, $this->data, 'update');
                 addNotice('success', $locale['forum_notice_16']);
             } else {
                 dbquery_insert(DB_FORUM_MOODS, $this->data, 'save');
                 addNotice('success', $locale['forum_notice_15']);
             }
             redirect(clean_request('', array('mood_id', 'ref'), FALSE));
         }
     }
 }
Exemplo n.º 4
0
 public function post_mood()
 {
     $response = FALSE;
     // this is general single static output
     if (isset($_POST['post_mood']) && isnum($_POST['post_mood'])) {
         // if is a valid mood
         // insert into post notify
         $notify_data = array('post_id' => form_sanitizer($_POST['post_id'], 0, 'post_id'), 'notify_mood_id' => intval($_POST['post_mood']), 'notify_datestamp' => time(), 'notify_user' => form_sanitizer($_POST['post_author'], 0, 'post_author'), 'notify_sender' => fusion_get_userdata('user_id'), 'notify_status' => 1);
         if (\defender::safe() && dbcount('(mood_id)', DB_FORUM_MOODS, "mood_id='" . $notify_data['notify_mood_id'] . "'") && !$this->mood_exists($notify_data['notify_sender'], $notify_data['notify_mood_id'], $notify_data['post_id'])) {
             dbquery_insert(DB_POST_NOTIFY, $notify_data, 'save');
             $response = TRUE;
         }
     } elseif (isset($_POST['unpost_mood']) && isnum($_POST['unpost_mood'])) {
         // if is a valid mood
         // insert into post notify
         $notify_data = array('post_id' => form_sanitizer($_POST['post_id'], 0, 'post_id'), 'notify_mood_id' => intval($_POST['unpost_mood']), 'notify_user' => form_sanitizer($_POST['post_author'], 0, 'post_author'), 'notify_sender' => fusion_get_userdata('user_id'));
         if (\defender::safe() && dbcount('(mood_id)', DB_FORUM_MOODS, "mood_id='" . $notify_data['notify_mood_id'] . "'") && $this->mood_exists($notify_data['notify_sender'], $notify_data['notify_mood_id'], $notify_data['post_id'])) {
             dbquery("DELETE FROM " . DB_POST_NOTIFY . " WHERE post_id=" . $notify_data['post_id'] . "\n                AND notify_mood_id=" . $notify_data['notify_mood_id'] . "\n                AND notify_user="******"\n                AND notify_sender=" . $notify_data['notify_sender']);
             $response = TRUE;
         }
     }
     return (bool) $response;
 }
Exemplo n.º 5
0
 /**
  * The HTML form
  * @param $data
  */
 public static function customPage_form($data)
 {
     global $aidlink, $locale;
     if (isset($_POST['preview'])) {
         if (\defender::safe()) {
             echo openmodal("cp_preview", $locale['429']);
             echo "<h3>" . $data['page_title'] . "</h3>\n";
             if (fusion_get_settings("allow_php_exe")) {
                 ob_start();
                 eval("?>" . stripslashes($_POST['page_content']) . "<?php ");
                 $eval = ob_get_contents();
                 ob_end_clean();
                 echo $eval;
             } else {
                 echo "<p>" . nl2br(parse_textarea($_POST['page_content'])) . "</p>\n";
             }
             echo closemodal();
         }
         $data = array('page_id' => form_sanitizer($_POST['page_id'], 0, 'page_id'), 'link_id' => form_sanitizer($_POST['link_id'], 0, 'link_id'), 'link_order' => form_sanitizer($_POST['link_order'], 0, 'link_order'), 'page_link_cat' => form_sanitizer($_POST['page_link_cat'], 0, 'page_link_cat'), 'page_title' => form_sanitizer($_POST['page_title'], '', 'page_title'), 'page_access' => form_sanitizer($_POST['page_access'], 0, 'page_access'), 'page_content' => form_sanitizer($_POST['page_content'], "", "page_content"), 'page_keywords' => form_sanitizer($_POST['page_keywords'], '', 'page_keywords'), 'page_language' => implode('.', isset($_POST['page_language']) ? sanitize_array($_POST['page_language']) : array()), 'page_allow_comments' => isset($_POST['page_allow_comments']) ? 1 : 0, 'page_allow_ratings' => isset($_POST['page_allow_ratings']) ? 1 : 0);
     }
     echo openform('inputform', 'post', FUSION_REQUEST, array("class" => "m-t-20"));
     if (isset($_POST['edit']) && isset($_POST['page_id'])) {
         echo form_hidden('edit', '', 'edit');
     }
     echo "<div class='row m-t-20' >\n";
     echo "<div class='col-xs-12 col-sm-8'>\n";
     echo form_text('page_title', $locale['422'], $data['page_title'], array('required' => 1));
     echo form_select('page_keywords', $locale['432'], $data['page_keywords'], array('max_length' => 320, 'width' => '100%', 'tags' => 1, 'multiple' => 1));
     $textArea_config = array('width' => '100%', 'height' => '260px', 'form_name' => 'inputform', 'type' => "html", 'class' => 'm-t-20');
     if (isset($_COOKIE['custom_pages_tinymce']) && $_COOKIE['custom_pages_tinymce'] == 1 && fusion_get_settings('tinymce_enabled')) {
         $textArea_config = array("type" => "tinymce", "tinymce" => "advanced", "class" => "m-t-20");
     }
     echo form_textarea('page_content', '', $data['page_content'], $textArea_config);
     echo "</div>\n";
     echo "<div class='col-xs-12 col-sm-4'>\n";
     openside("");
     echo form_button('save', $locale['430'], $locale['430'], array('class' => 'btn-primary m-r-10 m-t-10'));
     echo form_button('preview', $locale['429'], $locale['429'], array('class' => 'btn-default m-r-10 m-t-10'));
     closeside();
     if (fusion_get_settings('tinymce_enabled')) {
         openside('');
         $val = !isset($_COOKIE['custom_pages_tinymce']) || $_COOKIE['custom_pages_tinymce'] == 0 ? $locale['461'] . " TINYMCE" : $locale['462'] . " TINYMCE";
         echo form_button('tinymce_switch', $val, $val, array('class' => 'btn-default btn-block', 'type' => 'button'));
         add_to_jquery("\n\t\t\t\$('#tinymce_switch').bind('click', function() {\n\t\t\t\tSetTinyMCE(" . (!isset($_COOKIE['custom_pages_tinymce']) || $_COOKIE['custom_pages_tinymce'] == 0 ? 1 : 0) . ");\n\t\t\t});\n\t\t\t");
         closeside();
     }
     if (fusion_get_settings('comments_enabled') == "0" || fusion_get_settings('ratings_enabled') == "0") {
         echo "<div class='tbl2 well'>\n";
         if (fusion_get_settings('comments_enabled') == "0" && fusion_get_settings('ratings_enabled') == "0") {
             $sys = $locale['457'];
         } elseif (fusion_get_settings('comments_enabled') == "0") {
             $sys = $locale['455'];
         } else {
             $sys = $locale['456'];
         }
         echo sprintf($locale['454'], $sys);
         echo "</div>\n";
     }
     if (!$data['page_id']) {
         openside("");
         echo form_checkbox('add_link', $locale['426'], 1);
         echo "<div id='link_add_sel' style='display:none;'>\n";
         echo form_select_tree("page_link_cat", $locale['SL_0029'], $data['page_link_cat'], array("parent_value" => $locale['parent'], 'width' => '100%', 'query' => (multilang_table("SL") ? "WHERE link_language='" . LANGUAGE . "' AND" : '') . " link_position >= 2", 'disable_opts' => $data['link_id'], 'hide_disabled' => 1), DB_SITE_LINKS, "link_name", "link_id", "link_cat");
         echo "</div>\n";
         add_to_jquery("\n            var checked = \$('#add_link').is(':checked');\n            if (checked) {\n                \$('#link_add_sel').show();\n            } else {\n                \$('#link_add_sel').hide();\n            }\n            \$('#add_link').bind('click', function(e) {\n                var checked = \$(this).is(':checked');\n                if (checked) {\n                    \$('#link_add_sel').show();\n                } else {\n                    \$('#link_add_sel').hide();\n                }\n            });\n            ");
         closeside();
     }
     openside("");
     echo form_checkbox('page_allow_comments', $locale['427'], $data['page_allow_comments'], array('class' => 'm-b-0'));
     echo form_checkbox('page_allow_ratings', $locale['428'], $data['page_allow_ratings'], array('class' => 'm-b-0'));
     echo form_hidden('link_id', '', $data['link_id']);
     echo form_hidden('link_order', '', $data['link_order']);
     closeside();
     openside();
     if (multilang_table("CP")) {
         $page_lang = !empty($data['page_language']) ? explode('.', $data['page_language']) : array();
         foreach (fusion_get_enabled_languages() as $language => $language_name) {
             $isDisabled = LANGUAGE == $language ? TRUE : FALSE;
             echo form_checkbox('page_language[]', $language_name, in_array($language, $page_lang) ? TRUE : FALSE, array('class' => 'm-b-0', 'value' => $language, 'input_id' => 'page_lang-' . $language, "disabled" => $isDisabled ? TRUE : FALSE, "delimiter" => "."));
             if ($isDisabled) {
                 echo form_hidden("page_language[]", "", $language);
             }
         }
     } else {
         echo form_hidden('page_language', '', $data['page_language']);
     }
     closeside();
     openside();
     echo form_select('page_access', $locale['423'], $data['page_access'], array('options' => fusion_get_groups(), 'width' => '100%'));
     closeside();
     echo "</div></div>\n";
     echo form_hidden('page_id', '', $data['page_id']);
     echo form_button('save', $locale['430'], $locale['430'], array('class' => 'btn-primary m-r-10'));
     if (isset($_POST['edit'])) {
         echo form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default m-r-10'));
     }
     echo closeform();
     closetable();
     add_to_jquery("\n\t\t\t\$('#delete').bind('click', function() { confirm('" . $locale['450'] . "'); });\n\t\t\t\$('#save').bind('click', function() {\n\t\t\tvar page_title = \$('#page_title').val();\n\t\t\tif (page_title =='') { alert('" . $locale['451'] . "'); return false; }\n\t\t\t});\n\t\t");
     if (fusion_get_settings('tinymce_enabled')) {
         add_to_jquery("\n\t\t\tfunction SetTinyMCE(val) {\n\t\t\tnow=new Date();\n" . "now.setTime(now.getTime()+1000*60*60*24*365);\n\t\t\texpire=(now.toGMTString());\n" . "document.cookie=\"custom_pages_tinymce=\"+escape(val)+\";expires=\"+expire;\n\t\t\tlocation.href='" . FUSION_SELF . $aidlink . "&section=cp2';\n\t\t\t}\n\t\t    ");
     }
 }
Exemplo n.º 6
0
 private function _setUserDataUpdate()
 {
     global $locale;
     $user_info = array();
     $quantum = new QuantumFields();
     $quantum->setCategoryDb(DB_USER_FIELD_CATS);
     $quantum->setFieldDb(DB_USER_FIELDS);
     $quantum->setPluginFolder(INCLUDES . "user_fields/");
     $quantum->setPluginLocaleFolder(LOCALE . LOCALESET . "user_fields/");
     $quantum->set_Fields();
     $quantum->load_field_cats();
     $quantum->setCallbackData($this->data);
     $fields_input = $quantum->return_fields_input(DB_USERS, 'user_id');
     $user_info += $this->_setEmptyFields();
     if (!empty($fields_input)) {
         foreach ($fields_input as $table_name => $fields_array) {
             $user_info += $fields_array;
         }
     }
     if (\defender::safe()) {
         if ($this->_userName != $this->userData['user_name']) {
             save_user_log($this->userData['user_id'], "user_name", $this->_userName, $this->userData['user_name']);
         }
         if ($this->_userEmail != $this->userData['user_email']) {
             save_user_log($this->userData['user_id'], "user_email", $this->_userEmail, $this->userData['user_email']);
         }
     }
     $quantum->log_user_action(DB_USERS, "user_id");
     // @todo: now that updates doesn't override unspecified column, i think can remove this line. confirm later.
     if (iADMIN) {
         $user_info['user_admin_algo'] = $this->data['user_admin_algo'];
         $user_info['user_admin_salt'] = $this->data['user_admin_salt'];
         $user_info['user_admin_password'] = $this->data['user_admin_password'];
     }
     dbquery_insert(DB_USERS, $user_info, 'update');
     $this->_completeMessage = $locale['u163'];
 }
Exemplo n.º 7
0
    die("Access Denied");
}
$article_settings = get_settings("article");
if (file_exists(INFUSIONS . "articles/locale/" . LOCALESET . "articles_admin.php")) {
    include INFUSIONS . "articles/locale/" . LOCALESET . "articles_admin.php";
} else {
    include INFUSIONS . "articles/locale/English/articles_admin.php";
}
opentable("<i class='fa fa-commenting-o fa-lg m-r-10'></i>" . $locale['articles_0060']);
if (iMEMBER && $article_settings['article_allow_submission'] && ($cat_exist = dbcount("(article_cat_id)", DB_ARTICLE_CATS, multilang_table("AR") ? "article_cat_language='" . LANGUAGE . "'" : ""))) {
    $criteriaArray = array("article_subject" => "", "article_cat" => 0, "article_snippet" => "", "article_article" => "", "article_language" => LANGUAGE, "article_keywords" => "");
    if (isset($_POST['submit_article'])) {
        $submit_info['article_snippet'] = nl2br(parseubb(stripinput($_POST['article_snippet'])));
        $submit_info['article_article'] = nl2br(parseubb(stripinput($_POST['article_article'])));
        $criteriaArray = array("article_subject" => form_sanitizer($_POST['article_subject'], "", "article_subject"), "article_cat" => form_sanitizer($_POST['article_cat'], "", "article_cat"), "article_snippet" => form_sanitizer($submit_info['article_snippet'], "", "article_snippet"), "article_article" => form_sanitizer($submit_info['article_article'], "", "article_article"), "article_language" => form_sanitizer($_POST['article_language'], "", "article_language"), "article_keywords" => form_sanitizer($_POST['article_keywords'], "", "article_keywords"));
        if (defender::safe()) {
            $inputArray = array("submit_type" => "a", "submit_user" => $userdata['user_id'], "submit_datestamp" => time(), "submit_criteria" => addslashes(serialize($criteriaArray)));
            dbquery_insert(DB_SUBMISSIONS, $inputArray, "save");
            addNotice("success", $locale['articles_0061']);
            redirect(clean_request("submitted=a", array("stype"), TRUE));
        }
    }
    if (isset($_GET['submitted']) && $_GET['submitted'] == "a") {
        add_to_title($locale['global_200'] . $locale['articles_0040']);
        echo "<div class='well text-center'><p><strong>" . $locale['articles_0061'] . "</strong></p>";
        echo "<p><a href='submit.php?stype=a'>" . $locale['articles_0062'] . "</a></p>";
        echo "<p><a href='index.php'>" . str_replace("[SITENAME]", fusion_get_settings("sitename"), $locale['articles_0064']) . "</a></p>\n";
        echo "</div>\n";
    } else {
        // Preview
        if (isset($_POST['preview_article'])) {
Exemplo n.º 8
0
 /**
  * Update User Fields
  * @return bool
  */
 public function saveUpdate()
 {
     $locale = fusion_get_locale();
     $settings = fusion_get_settings();
     $this->_method = "validate_update";
     //$this->data = $this->userData; // Turn off for Next
     $this->_settUserName();
     $this->_setPassword();
     if (!defined('ADMIN_PANEL')) {
         $this->_setAdminPassword();
     }
     $this->_setUserEmail();
     if ($this->validation == 1) {
         $this->_setValidationError();
     }
     $this->_setUserAvatar();
     $quantum = new QuantumFields();
     $quantum->setCategoryDb(DB_USER_FIELD_CATS);
     $quantum->setFieldDb(DB_USER_FIELDS);
     $quantum->setPluginFolder(INCLUDES . "user_fields/");
     $quantum->setPluginLocaleFolder(LOCALE . LOCALESET . "user_fields/");
     $quantum->load_fields();
     $quantum->load_field_cats();
     $quantum->setCallbackData($this->data);
     $_input = $quantum->return_fields_input(DB_USERS, 'user_id');
     if (!empty($_input)) {
         foreach ($_input as $input) {
             $this->data += $input;
         }
     }
     if (\defender::safe()) {
         if ($this->_userName != $this->userData['user_name']) {
             save_user_log($this->userData['user_id'], "user_name", $this->_userName, $this->userData['user_name']);
         }
         if ($this->_userEmail != $this->userData['user_email']) {
             save_user_log($this->userData['user_id'], "user_email", $this->_userEmail, $this->userData['user_email']);
         }
         $quantum->log_user_action(DB_USERS, "user_id");
         dbquery_insert(DB_USERS, $this->data, 'update');
         $this->_completeMessage = $locale['u163'];
         if ($this->isAdminPanel && $this->_isValidCurrentPassword && $this->_newUserPassword && $this->_newUserPassword2) {
             // inform user that password has changed. and tell him your new password
             include INCLUDES . "sendmail_include.php";
             addNotice("success", str_replace("USER_NAME", $this->userData['user_name'], $locale['global_458']));
             $input = array("mailname" => $this->userData['user_name'], "email" => $this->userData['user_email'], "subject" => str_replace("[SITENAME]", $settings['sitename'], $locale['global_456']), "message" => str_replace(array("[SITENAME]", "[SITEUSERNAME]", "USER_NAME", "[PASSWORD]"), array($settings['sitename'], $settings['siteusername'], $this->userData['user_name'], $this->_newUserPassword), $locale['global_457']));
             if (!sendemail($input['mailname'], $input['email'], $settings['siteusername'], $settings['siteemail'], $input['subject'], $input['message'])) {
                 addNotice('warning', str_replace("USER_NAME", $this->userData['user_name'], $locale['global_459']));
             }
         }
         if (\defender::safe()) {
             addNotice('success', $locale['u169']);
         }
         return true;
     }
     return false;
 }
Exemplo n.º 9
0
 /**
  * The Panel Editor Form
  */
 public function add_panel_form()
 {
     global $locale;
     fusion_confirm_exit();
     if (isset($_POST['panel_preview'])) {
         $panel_title = form_sanitizer($_POST['panel_name'], "", "panel_name");
         if (\defender::safe()) {
             echo openmodal("cp_preview", $panel_title);
             if (fusion_get_settings("allow_php_exe")) {
                 ob_start();
                 eval("?>" . stripslashes($_POST['panel_content']) . "<?php ");
                 $eval = ob_get_contents();
                 ob_end_clean();
                 echo $eval;
             } else {
                 echo "<p>" . nl2br(parse_textarea($_POST['panel_content'])) . "</p>\n";
             }
             echo closemodal();
         }
         $this->data = array("panel_id" => form_sanitizer($_POST['panel_id'], 0, "panel_id"), "panel_name" => form_sanitizer($_POST['panel_name'], "", "panel_name"), "panel_filename" => form_sanitizer($_POST['panel_filename'], "", "panel_filename"), "panel_side" => form_sanitizer($_POST['panel_side'], "", "panel_side"), "panel_content" => form_sanitizer($_POST['panel_content'], "", "panel_content"), "panel_restriction" => form_sanitizer($_POST['panel_restriction'], "", "panel_restriction"), "panel_url_list" => form_sanitizer($_POST['panel_url_list'], "", "panel_url_list"), "panel_display" => form_sanitizer($_POST['panel_display'], "", "panel_display"), "panel_access" => form_sanitizer($_POST['panel_access'], iGUEST, "panel_access"), "panel_languages" => !empty($_POST['panel_languages']) ? form_sanitizer($_POST['panel_languages'], "", "panel_languages") : LANGUAGE);
     }
     echo "<div class='m-t-20'>\n";
     echo openform('panel_form', 'post', $this->formaction, array('max_tokens' => 1));
     echo "<div class='row'>\n";
     echo "<div class='col-xs-12 col-sm-8'>\n";
     openside('');
     echo form_hidden('panel_id', '', $this->data['panel_id']);
     echo form_text('panel_name', $locale['452'], $this->data['panel_name'], array('inline' => 1, 'required' => 1));
     //'error_text'=>$locale['470']
     echo form_select('panel_filename', $locale['453'], $this->data['panel_filename'], array('options' => self::get_panelOpts(), 'inline' => 1));
     $grid_opts = self::get_panel_grid();
     echo form_select('panel_side', $locale['457'], $this->data['panel_side'], array('options' => $grid_opts, 'inline' => TRUE));
     closeside();
     openside('');
     add_to_jquery("\n\t\t" . ($this->data['panel_restriction'] == 3 || $this->data['panel_restriction'] == 2 ? "\$('#panel_url_list-grp').hide();" : '') . "\n\t\t\$('#panel_restriction').bind('change', function(e) {\n\t\t\tif (\$(this).val() == '3' || \$(this).val() == '2') { \$('#panel_url_list-grp').hide(); } else { \$('#panel_url_list-grp').show(); }\n\t\t});\n\t\t");
     echo form_select('panel_restriction', $locale['468'], $this->data['panel_restriction'], array('options' => self::get_includeOpts(), 'inline' => 1));
     echo "<div id='panel_url_list-grp'>\n";
     echo "<div class='text-smaller'></div>\n";
     echo form_select('panel_url_list', $locale['462'], $this->data['panel_url_list'], array('options' => self::get_panel_url_list(), 'inline' => 1, 'tags' => 1, 'multiple' => 1, 'width' => '100%'));
     echo "</div>\n";
     echo form_hidden('panel_display', '', $this->data['panel_display']);
     closeside();
     add_to_jquery("\n\t\t" . ($this->data['panel_filename'] > 0 ? "\$('#pgrp').hide();" : "\$('#pgrp').show();") . "\n\t\t\$('#panel_filename').bind('change', function(e) {\n\t\t\tif (\$(this).val() > 0) { \$('#pgrp').hide(); } else { \$('#pgrp').show(); }\n\t\t});\n\t\t");
     echo "<div id='pgrp'>\n";
     echo form_textarea('panel_content', $locale['455'], $this->data['panel_content'], array('html' => fusion_get_settings("allow_php_exe") ? FALSE : TRUE, 'form_name' => 'panel_form', 'autosize' => 1, 'preview' => fusion_get_settings("allow_php_exe") ? FALSE : TRUE));
     echo "</div>\n";
     echo "</div>\n<div class='col-xs-12 col-sm-4'>\n";
     openside('');
     echo form_select('panel_access', $locale['458'], $this->data['panel_access'], array("options" => self::get_accessOpts()));
     echo form_button('panel_save', $locale['461'], $locale['461'], array('class' => 'btn-primary'));
     echo form_button('panel_preview', $locale['preview'], $locale['preview'], array('input_id' => 'prev2', 'class' => 'm-l-10 btn-default'));
     closeside();
     openside('');
     echo "<label class='label-control m-b-10'>" . $locale['466'] . "</label>\n";
     $languages = !empty($this->data['panel_languages']) ? explode('.', $this->data['panel_languages']) : array();
     foreach (fusion_get_enabled_languages() as $language => $language_name) {
         echo form_checkbox('panel_languages[]', $language_name, in_array($language, $languages) ? 1 : 0, array('class' => 'm-b-0', 'value' => $language, "reverse_label" => TRUE, 'input_id' => 'panel_lang-' . $language));
     }
     closeside();
     echo "</div>\n";
     echo "</div>\n";
     echo form_button('panel_save', $locale['461'], $locale['460'], array('class' => 'btn-primary'));
     echo form_button('panel_preview', $locale['preview'], $locale['preview'], array('class' => 'm-l-10 btn-default'));
     echo closeform();
     echo "</div>\n";
 }
Exemplo n.º 10
0
 /**
  * Reply and send
  * SQL send pm
  */
 private function send_message()
 {
     global $userdata, $locale, $defender;
     $inputData = array();
     if (iADMIN && isset($_POST['chk_sendtoall'])) {
         $inputData += array("to_group" => isset($_POST['msg_group_send']) ? form_sanitizer($_POST['msg_group_send'], 0, 'msg_group_send') : 0);
     } else {
         $inputData += array("to" => form_sanitizer($_POST['msg_send'], 0, 'msg_send'));
     }
     $inputData += array("from" => $userdata['user_id'], "subject" => form_sanitizer($_POST['subject'], '', 'subject'), "message" => form_sanitizer($_POST['message'], '', 'message'), "smileys" => isset($_POST['chk_disablesmileys']) || preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['message']) ? "n" : "y", "to_group" => 0);
     if ($defender::safe()) {
         if (iADMIN && isset($_POST['chk_sendtoall']) && $inputData['to_group']) {
             self::send_pm($inputData['to_group'], $inputData['from'], $inputData['subject'], $inputData['message'], $inputData['smileys'], TRUE);
         } else {
             self::send_pm($inputData['to'], $inputData['from'], $inputData['subject'], $inputData['message'], $inputData['smileys'], FALSE);
         }
         if (\defender::safe()) {
             addNotice("success", $locale['491']);
             redirect(BASEDIR . "messages.php");
         }
     }
 }
Exemplo n.º 11
0
 /**
  * Handle post of Quick Reply Form
  */
 private function handle_quick_reply()
 {
     $forum_settings = $this->get_forum_settings();
     $locale = fusion_get_locale();
     $userdata = fusion_get_userdata();
     if (isset($_POST['post_quick_reply'])) {
         if ($this->getThreadPermission("can_reply") && \defender::safe()) {
             $this->thread_data = $this->thread_info['thread'];
             require_once INCLUDES . "flood_include.php";
             if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
                 // have notice
                 $post_data = array('post_id' => 0, 'forum_id' => $this->thread_data['forum_id'], 'thread_id' => $this->thread_data['thread_id'], 'post_message' => form_sanitizer($_POST['post_message'], '', 'post_message'), 'post_showsig' => isset($_POST['post_showsig']) ? 1 : 0, 'post_smileys' => isset($_POST['post_smileys']) || preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? 1 : 0, 'post_author' => $userdata['user_id'], 'post_datestamp' => time(), 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => 0, 'post_edittime' => 0, 'post_editreason' => '', 'post_hidden' => 0, 'post_locked' => $forum_settings['forum_edit_lock'] || isset($_POST['post_locked']) ? 1 : 0);
                 if (\defender::safe()) {
                     // post message is invalid or whatever is invalid
                     $update_forum_lastpost = FALSE;
                     // Prepare forum merging action
                     $last_post_author = dbarray(dbquery("SELECT post_author FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $this->thread_data['thread_id'] . "' ORDER BY post_id DESC LIMIT 1"));
                     if ($last_post_author['post_author'] == $post_data['post_author'] && $this->thread_data['forum_merge']) {
                         $last_message = dbarray(dbquery("SELECT post_id, post_message FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $this->thread_data['thread_id'] . "' ORDER BY post_id DESC"));
                         $post_data['post_id'] = $last_message['post_id'];
                         $post_data['post_message'] = $last_message['post_message'] . "\n\n" . $locale['forum_0640'] . " " . showdate("longdate", time()) . ":\n" . $post_data['post_message'];
                         dbquery_insert(DB_FORUM_POSTS, $post_data, 'update', array('primary_key' => 'post_id'));
                     } else {
                         $update_forum_lastpost = TRUE;
                         dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id'));
                         $post_data['post_id'] = dblastid();
                         dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . $post_data['post_author'] . "'");
                     }
                     // Update stats in forum and threads
                     if ($update_forum_lastpost) {
                         // find all parents and update them
                         $list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), $this->thread_data['forum_id']);
                         if (!empty($list_of_forums)) {
                             foreach ($list_of_forums as $fid) {
                                 dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $fid . "'");
                             }
                         }
                         // update current forum
                         dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $this->thread_data['forum_id'] . "'");
                         // update current thread
                         dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost='" . time() . "', thread_lastpostid='" . $post_data['post_id'] . "', thread_postcount=thread_postcount+1, thread_lastuser='******'post_author'] . "' WHERE thread_id='" . $this->thread_data['thread_id'] . "'");
                     }
                     // set notify
                     if ($forum_settings['thread_notify'] == TRUE && isset($_POST['notify_me']) && $this->thread_data['thread_id']) {
                         if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $this->thread_data['thread_id'] . "' AND notify_user='******'post_author'] . "'")) {
                             dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $this->thread_data['thread_id'] . "', '" . time() . "', '" . $post_data['post_author'] . "', '1')");
                         }
                     }
                 }
                 redirect(INFUSIONS . "forum/postify.php?post=reply&error=0&amp;forum_id=" . intval($post_data['forum_id']) . "&amp;thread_id=" . intval($post_data['thread_id']) . "&amp;post_id=" . intval($post_data['post_id']));
             }
         }
     }
 }
Exemplo n.º 12
0
 public function log_user_action($db, $primary_key)
 {
     if (\defender::safe()) {
         $output_fields = array();
         $field = flatten_array($this->fields);
         $output_fields[$db] = $this->callback_data;
         foreach ($field as $arr => $field_data) {
             $target_database = $field_data['field_cat_db'] ? DB_PREFIX . $field_data['field_cat_db'] : $db;
             $col_name = $field_data['field_cat_index'] ? $field_data['field_cat_index'] : $primary_key;
             $index_value = isset($_POST[$col_name]) ? form_sanitizer($_POST[$col_name], 0) : '';
             if ($field_data['field_log'] == TRUE && isset($this->callback_data[$field_data['field_name']]) && isset($this->output_fields[$target_database][$field_data['field_name']]) && $this->callback_data[$field_data['field_name']] !== $this->output_fields[$target_database][$field_data['field_name']]) {
                 //print_p($this->callback_data[$field_data['field_name']]." => ".$this->output_fields[$target_database][$field_data['field_name']]);
                 save_user_log($index_value, $field_data['field_name'], $this->output_fields[$target_database][$field_data['field_name']], $this->callback_data[$field_data['field_name']]);
             }
             //print_p($field_data);
             //print_p($this->output_fields);
             // nothing to return
         }
     }
 }
Exemplo n.º 13
0
 /**
  * Display Comments
  * @param $comment_type
  * @param $comment_db
  * @param $comment_col
  * @param $comment_item_id
  * @param $clink
  */
 public function showComments($comment_type, $comment_db, $comment_col, $comment_item_id, $clink)
 {
     global $aidlink;
     $locale = fusion_get_locale();
     $locale += fusion_get_locale('', LOCALE . LOCALESET . "user_fields.php");
     $cpp = $this->settings['comments_per_page'];
     $comment_data = array('comment_id' => isset($_GET['comment_id']) && isnum($_GET['comment_id']) ? $_GET['comment_id'] : 0, 'comment_name' => '', 'comment_message' => '', 'comment_datestamp' => time(), 'comment_item_id' => $comment_item_id, 'comment_type' => $comment_type, 'comment_cat' => 0, 'comment_ip' => USER_IP, 'comment_ip_type' => USER_IP_TYPE, 'comment_hidden' => 0);
     /** Delete */
     if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) {
         if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $this->userdata['user_id'] . "'")) {
             $result = dbquery("\n                DELETE FROM " . DB_COMMENTS . "\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : "\n\t\t\t\tAND comment_name='" . $this->userdata['user_id'] . "'"));
         }
         redirect($clink . ($this->settings['comments_sorting'] == "ASC" ? "" : "&amp;c_start=0"));
     }
     if ($this->settings['comments_enabled'] == "1") {
         $this->c_arr['c_info']['comments_count'] = format_word(0, $this->locale['fmt_comment']);
         // Handle Comment Posts
         if ((iMEMBER || $this->settings['guestposts']) && isset($_POST['post_comment'])) {
             if (!iMEMBER && $this->settings['guestposts']) {
                 // Process Captchas
                 $_CAPTCHA_IS_VALID = FALSE;
                 include INCLUDES . "captchas/" . $this->settings['captcha'] . "/captcha_check.php";
                 if (!isset($_POST['captcha_code']) && $_CAPTCHA_IS_VALID == FALSE) {
                     \defender::stop();
                     addNotice("danger", $locale['u194']);
                 }
             }
             $comment_data = array('comment_id' => isset($_GET['comment_id']) && isnum($_GET['comment_id']) ? $_GET['comment_id'] : 0, 'comment_name' => iMEMBER ? $this->userdata['user_id'] : form_sanitizer($_POST['comment_name'], '', 'comment_name'), 'comment_message' => form_sanitizer($_POST['comment_message'], '', 'comment_message'), 'comment_datestamp' => time(), 'comment_item_id' => $comment_item_id, 'comment_type' => $comment_type, 'comment_cat' => form_sanitizer($_POST['comment_cat'], 0, 'comment_cat'), 'comment_ip' => USER_IP, 'comment_ip_type' => USER_IP_TYPE, 'comment_hidden' => 0);
             if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && $comment_data['comment_id']) {
                 // Update comment
                 if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $comment_data['comment_id'] . "'\n                        AND comment_item_id='" . $comment_item_id . "'\n                        AND comment_type='" . $comment_type . "'\n                        AND comment_name='" . $this->userdata['user_id'] . "'\n                        AND comment_hidden='0'") && \defender::safe()) {
                     $c_name_query = "SELECT comment_name FROM " . DB_COMMENTS . " WHERE comment_id='" . $comment_data['comment_id'] . "'";
                     $comment_data['comment_name'] = dbresult(dbquery($c_name_query), 0);
                     dbquery_insert(DB_COMMENTS, $comment_data, 'update');
                     if ($this->settings['comments_sorting'] == "ASC") {
                         $c_operator = "<=";
                     } else {
                         $c_operator = ">=";
                     }
                     $c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_id" . $c_operator . "'" . $comment_data['comment_id'] . "'\n                            AND comment_item_id='" . $comment_item_id . "'\n                            AND comment_type='" . $comment_type . "'");
                     $c_start = (ceil($c_count / $cpp) - 1) * $cpp;
                     addNotice("success", $locale['global_027']);
                     redirect(self::format_clink($clink) . "&amp;c_start=" . (isset($c_start) && isnum($c_start) ? $c_start : ""));
                 }
             } else {
                 // Save New comment
                 if (!dbcount("(" . $comment_col . ")", $comment_db, $comment_col . "='" . $comment_item_id . "'")) {
                     redirect(BASEDIR . "index.php");
                 }
                 if (\defender::safe()) {
                     $c_start = 0;
                     $id = 0;
                     if ($comment_data['comment_name'] && $comment_data['comment_message']) {
                         require_once INCLUDES . "flood_include.php";
                         if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) {
                             dbquery_insert(DB_COMMENTS, $comment_data, 'save');
                             $id = dblastid();
                             if ($this->settings['comments_sorting'] == "ASC") {
                                 $c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "'");
                                 $c_start = (ceil($c_count / $cpp) - 1) * $cpp;
                             }
                         }
                         redirect(self::format_clink($clink) . "&amp;c_start=" . $c_start . "#c" . $id);
                     }
                 }
             }
         }
         $c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'");
         if (!isset($_GET['c_start']) && $c_rows > $cpp) {
             $_GET['c_start'] = (ceil($c_rows / $cpp) - 1) * $cpp;
         }
         if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) {
             $_GET['c_start'] = 0;
         }
         $comment_query = "\n            SELECT tcm.*, tcu.user_id, tcu.user_name, tcu.user_avatar, tcu.user_status\n            FROM " . DB_COMMENTS . " tcm\n            LEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n            WHERE comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'\n            ORDER BY comment_datestamp " . $this->settings['comments_sorting'] . ", comment_cat DESC";
         $query = dbquery($comment_query);
         if (dbrows($query) > 0) {
             $i = $this->settings['comments_sorting'] == "ASC" ? $_GET['c_start'] + 1 : $c_rows - $_GET['c_start'];
             if ($c_rows > $cpp) {
                 $this->c_arr['c_info']['c_makepagenav'] = makepagenav($_GET['c_start'], $cpp, $c_rows, 3, $clink . "&amp;", "c_start");
             }
             if (iADMIN && checkrights("C")) {
                 $this->c_arr['c_info']['admin_link'] = "<!--comment_admin-->\n";
                 $this->c_arr['c_info']['admin_link'] .= "<a href='" . ADMIN . "comments.php" . $aidlink . "&amp;ctype=" . $comment_type . "&amp;comment_item_id=" . $comment_item_id . "'>" . $this->locale['c106'] . "</a>";
             }
             while ($row = dbarray($query)) {
                 $actions = array("edit_dell" => "", "edit_link" => "", "delete_link" => "");
                 if (iADMIN && checkrights("C") || iMEMBER && $row['comment_name'] == $this->userdata['user_id'] && isset($row['user_name'])) {
                     $edit_link = clean_request('c_action=edit&comment_id=' . $row['comment_id'], array('c_action', 'comment_id'), false) . "#edit_comment";
                     $delete_link = clean_request('c_action=delete&comment_id=' . $row['comment_id'], array('c_action', 'comment_id'), false);
                     $comment_actions = "<!---comment_actions--><div class='btn-group'>\n                        <a class='btn btn-xs btn-default' href='{$edit_link}'>" . $this->locale['c108'] . "</a>\n                        <a class='btn btn-xs btn-default' href='{$delete_link}' onclick=\"return confirm('" . $this->locale['c110'] . "');\"><i class='fa fa-trash'></i>" . $this->locale['c109'] . "</a>\n                        </div><!---//comment_actions-->\n                    ";
                     $actions = array("edit_link" => array('link' => $edit_link, 'name' => $this->locale['c108']), "delete_link" => array('link' => $delete_link, 'name' => $this->locale['c109']), "edit_dell" => $comment_actions);
                 }
                 $reply_form = "";
                 if (isset($_GET['comment_reply']) && $_GET['comment_reply'] == $row['comment_id']) {
                     $locale = fusion_get_locale();
                     $comment_data['comment_cat'] = $row['comment_id'];
                     $reply_form = openform("comments_reply_form", "post", FUSION_REQUEST, array("class" => "comments_reply_form"));
                     if (iGUEST) {
                         $reply_form .= form_text('comment_name', fusion_get_locale('c104'), $comment_data['comment_name'], array('max_length' => 30));
                     }
                     $reply_form .= form_hidden("comment_cat", "", $comment_data['comment_cat']);
                     $reply_form .= form_textarea("comment_message", "", $comment_data['comment_message'], array("tinymce" => "simple", "type" => fusion_get_settings("tinymce_enabled") ? "tinymce" : "bbcode", "input_id" => "comment_message-" . $i, "required" => true));
                     if (iGUEST && (!isset($_CAPTCHA_HIDE_INPUT) || isset($_CAPTCHA_HIDE_INPUT) && !$_CAPTCHA_HIDE_INPUT)) {
                         $_CAPTCHA_HIDE_INPUT = FALSE;
                         $reply_form .= "<div class='m-t-10 m-b-10'>";
                         $reply_form .= "<label class='col-xs-12 col-sm-3'>" . $locale['global_150'] . "</label><div class='col-xs-12 col-sm-9'>\n";
                         ob_start();
                         include INCLUDES . "captchas/" . $this->settings['captcha'] . "/captcha_display.php";
                         $reply_form .= ob_get_contents();
                         ob_end_clean();
                         if (!$_CAPTCHA_HIDE_INPUT) {
                             $reply_form .= "<br />\n<label for='captcha_code'>" . $locale['global_151'] . "</label>";
                             $reply_form .= "<br />\n<input type='text' id='captcha_code' name='captcha_code' class='textbox' autocomplete='off' style='width:100px' />\n";
                         }
                         $reply_form .= "</div>\n";
                         $reply_form .= "</div>\n";
                     }
                     $reply_form .= form_button('post_comment', $locale['c102'], $locale['c102'], array('class' => 'btn-success m-t-10'));
                     $reply_form .= closeform();
                 }
                 /** formats $row */
                 $row = array("comment_id" => $row['comment_id'], "comment_cat" => $row['comment_cat'], "i" => $i, "user_avatar" => display_avatar($row, '50px', '', false, 'img-rounded'), "user" => array("user_id" => $row['user_id'], "user_name" => $row['user_name'], "user_avatar" => $row['user_avatar'], "status" => $row['user_status']), "reply_link" => clean_request("comment_reply=" . $row['comment_id'], array("comment_reply"), false), "reply_form" => $reply_form, "comment_datestamp" => showdate('shortdate', $row['comment_datestamp']), "comment_time" => timer($row['comment_datestamp']), "comment_message" => "<!--comment_message-->\n" . nl2br(parseubb(parsesmileys($row['comment_message']))) . "<!--//comment_message-->\n", "comment_name" => $row['user_name'] ? profile_link($row['comment_name'], $row['user_name'], $row['user_status'], 'strong text-dark') : $row['comment_name']);
                 $row += $actions;
                 $id = $row['comment_id'];
                 $parent_id = $row['comment_cat'] === NULL ? "0" : $row['comment_cat'];
                 $data[$id] = $row;
                 $this->c_arr['c_con'][$parent_id][$id] = $row;
                 $this->settings['comments_sorting'] == "ASC" ? $i++ : $i--;
             }
             // Paginate the array
             $this->c_arr['c_con'][0] = array_chunk($this->c_arr['c_con'][0], $cpp, true);
             // Pass cpp settings
             $this->c_arr['c_info']['comments_per_page'] = $cpp;
             $this->c_arr['c_info']['comments_count'] = format_word(number_format($i - 1, 0), $this->locale['fmt_comment']);
         }
         echo "<a id='comments' name='comments'></a>";
         render_comments($this->c_arr['c_con'], $this->c_arr['c_info']);
         render_comments_form($comment_type, $clink, $comment_item_id, isset($_CAPTCHA_HIDE_INPUT) ? $_CAPTCHA_HIDE_INPUT : FALSE);
     }
 }
Exemplo n.º 14
0
 /**
  * Move a single column from one table to another
  * @param $old_table
  * @param $new_table
  * @param $column_name
  */
 protected static function move_column($old_table, $new_table, $column_name)
 {
     $result = dbquery("SHOW COLUMNS FROM " . $old_table);
     $data = array();
     if (dbrows($result) > 0) {
         $i = 1;
         while ($data = dbarray($result)) {
             if ($data['Field'] == $column_name) {
                 break;
             }
         }
     }
     if (!empty($data)) {
         $result = dbquery("ALTER TABLE " . $new_table . " ADD COLUMN " . $data['Field'] . " " . $data['Type'] . " " . ($data['Null'] == "NO" ? "NOT NULL" : "NULL") . " DEFAULT '" . $data['Default'] . "'");
         if (!$result) {
             \defender::stop();
         }
         if ($result && \defender::safe()) {
             dbquery("INSERT INTO " . $new_table . " (" . $data['Field'] . ") SELECT " . $data['Field'] . " FROM " . $old_table);
         }
         if (!$result && \defender::safe()) {
             \defender::stop();
         }
         if (!\defender::safe()) {
             addNotice("danger", "Cannot move " . $column_name);
         }
     }
 }
Exemplo n.º 15
0
function mass_photo_form()
{
    global $locale, $aidlink, $gll_settings, $userdata;
    $albumRows = dbcount("(album_id)", DB_PHOTO_ALBUMS, multilang_table("PG") ? "album_language='" . LANGUAGE . "'" : "");
    if ($albumRows) {
        if (isset($_POST['upload_photo'])) {
            $data['album_id'] = form_sanitizer($_POST['album_id'], 0, "album_id");
            if (defender::safe()) {
                $upload = form_sanitizer($_FILES['photo_mass_image'], "", "photo_mass_image");
                $success_upload = 0;
                $failed_upload = 0;
                if (!empty($upload)) {
                    $total_files_uploaded = count($upload);
                    for ($i = 0; $i < $total_files_uploaded; $i++) {
                        $current_upload = $upload[$i];
                        if ($current_upload['error'] == 0) {
                            $current_photos = array("album_id" => $data['album_id'], "photo_title" => $current_upload['image_name'], "photo_filename" => $current_upload['image_name'], "photo_thumb1" => $current_upload['thumb1_name'], "photo_thumb2" => $current_upload['thumb2_name'], "photo_datestamp" => time(), "photo_user" => $userdata['user_id'], "photo_order" => dbresult(dbquery("SELECT MAX(photo_order) FROM " . DB_PHOTOS . " where album_id='" . $data['album_id'] . "'"), 0) + 1);
                            dbquery("\n\t\t\t\t\t\t\tinsert into " . DB_PHOTOS . "\n\t\t\t\t\t\t\t(" . implode(", ", array_keys($current_photos)) . ") values ('" . implode("','", array_values($current_photos)) . "')\n\t\t\t\t\t\t\t");
                            $success_upload++;
                        } else {
                            $failed_upload++;
                        }
                    }
                    addNotice("success", sprintf($locale['photo_0021'], $success_upload));
                    if ($failed_upload) {
                        addNotice("warning", sprintf($locale['photo_0021a'], $failed_upload));
                    }
                    redirect(FUSION_SELF . $aidlink . "&amp;album_id='" . $data['album_id']);
                }
            }
        }
        $upload_settings = array("upload_path" => IMAGES_G, "required" => TRUE, 'thumbnail_folder' => 'thumbs', 'thumbnail' => TRUE, 'thumbnail_w' => $gll_settings['thumb_w'], 'thumbnail_h' => $gll_settings['thumb_h'], 'thumbnail_suffix' => '_t1', 'thumbnail2' => TRUE, 'thumbnail2_w' => $gll_settings['photo_w'], 'thumbnail2_h' => $gll_settings['photo_h'], 'thumbnail2_suffix' => '_t2', 'max_width' => $gll_settings['photo_max_w'], 'max_height' => $gll_settings['photo_max_h'], 'max_byte' => $gll_settings['photo_max_b'], 'delete_original' => FALSE, "template" => "modern", "multiple" => TRUE, "inline" => TRUE, "error_text" => $locale['photo_0014']);
        echo openform("mass_form", "post", FUSION_REQUEST, array("enctype" => TRUE, "class" => "clearfix"));
        echo "<div class='well text-center'>\n" . $locale['photo_0019'] . "</div>\n";
        echo form_select('album_id', $locale['photo_0003'], "", array("input_id" => "album", "options" => get_albumOpts(), "inline" => TRUE));
        echo form_fileinput('photo_mass_image[]', $locale['photo_0004'], "", $upload_settings);
        echo "<div class='m-b-10 col-xs-12 col-sm-offset-3'>" . sprintf($locale['photo_0017'], parsebytesize($gll_settings['photo_max_b']), str_replace(',', ' ', ".jpg,.gif,.png"), $gll_settings['photo_max_w'], $gll_settings['photo_max_h']) . "</div>\n";
        echo form_button("upload_photo", $locale['photo_0020'], $locale['photo_0020'], array("class" => "btn-primary"));
        echo closeform();
    } else {
        echo "<div class='well m-t-20 text-center'>\n";
        echo sprintf($locale['gallery_0012'], FUSION_SELF . $aidlink . "&amp;section=album_form");
        echo "</div>\n";
    }
}
Exemplo n.º 16
0
/**
 * Displays News Form
 */
function display_news_form()
{
    global $aidlink;
    if (isset($_POST['cancel'])) {
        redirect(FUSION_SELF . $aidlink);
    }
    $formaction = FUSION_REQUEST;
    $locale = fusion_get_locale();
    $userdata = fusion_get_userdata();
    $news_settings = fusion_get_settings("news");
    $edit = isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['news_id']) && isnum($_GET['news_id']) ? TRUE : FALSE;
    add_breadcrumb(array('link' => '', 'title' => $edit ? $locale['news_0003'] : $locale['news_0002']));
    $data = array('news_id' => 0, 'news_draft' => 0, 'news_sticky' => 0, 'news_news' => '', 'news_datestamp' => time(), 'news_extended' => '', 'news_keywords' => '', 'news_breaks' => 'n', 'news_allow_comments' => 1, 'news_allow_ratings' => 1, 'news_language' => LANGUAGE, 'news_visibility' => 0, 'news_subject' => '', 'news_start' => '', 'news_end' => '', 'news_cat' => 0, 'news_image' => '', 'news_ialign' => 'pull-left');
    if (fusion_get_settings("tinymce_enabled")) {
        $data['news_breaks'] = 'n';
    } else {
        $data['news_breaks'] = 'y';
    }
    if (isset($_POST['save']) or isset($_POST['save_and_close'])) {
        $news_news = "";
        if ($_POST['news_news']) {
            $news_news = str_replace("src='" . str_replace("../", "", IMAGES_N), "src='" . IMAGES_N, fusion_get_settings('allow_php_exe') ? htmlspecialchars($_POST['news_news']) : stripslashes($_POST['news_news']));
            $news_news = parse_textarea($news_news);
        }
        $news_extended = "";
        if ($_POST['news_extended']) {
            $news_extended = str_replace("src='" . str_replace("../", "", IMAGES_N), "src='" . IMAGES_N, fusion_get_settings('allow_php_exe') ? htmlspecialchars($_POST['news_extended']) : stripslashes($_POST['news_extended']));
            $news_extended = parse_textarea($news_extended);
        }
        $data = array('news_id' => form_sanitizer($_POST['news_id'], 0, 'news_id'), 'news_subject' => form_sanitizer($_POST['news_subject'], '', 'news_subject'), 'news_cat' => form_sanitizer($_POST['news_cat'], 0, 'news_cat'), 'news_news' => form_sanitizer($news_news, "", "news_news"), 'news_extended' => form_sanitizer($news_extended, "", "news_extended"), 'news_keywords' => form_sanitizer($_POST['news_keywords'], '', 'news_keywords'), 'news_datestamp' => form_sanitizer($_POST['news_datestamp'], '', 'news_datestamp'), 'news_start' => form_sanitizer($_POST['news_start'], 0, 'news_start'), 'news_end' => form_sanitizer($_POST['news_end'], 0, 'news_end'), 'news_visibility' => form_sanitizer($_POST['news_visibility'], 0, 'news_visibility'), 'news_draft' => isset($_POST['news_draft']) ? "1" : "0", 'news_sticky' => isset($_POST['news_sticky']) ? "1" : "0", 'news_allow_comments' => isset($_POST['news_allow_comments']) ? "1" : "0", 'news_allow_ratings' => isset($_POST['news_allow_ratings']) ? "1" : "0", 'news_language' => form_sanitizer($_POST['news_language'], '', 'news_language'), 'news_image' => "", 'news_ialign' => "", 'news_image_t1' => "", 'news_image_t2' => "");
        if (isset($_FILES['news_image'])) {
            // when files is uploaded.
            $upload = form_sanitizer($_FILES['news_image'], '', 'news_image');
            if (!empty($upload) && !$upload['error']) {
                $data['news_image'] = $upload['image_name'];
                $data['news_image_t1'] = $upload['thumb1_name'];
                $data['news_image_t2'] = $upload['thumb2_name'];
                $data['news_ialign'] = isset($_POST['news_ialign']) ? form_sanitizer($_POST['news_ialign'], "pull-left", "news_ialign") : "pull-left";
            }
        } else {
            // when files not uploaded. but there should be exist check.
            $data['news_image'] = isset($_POST['news_image']) ? $_POST['news_image'] : "";
            $data['news_image_t1'] = isset($_POST['news_image_t1']) ? $_POST['news_image_t1'] : "";
            $data['news_image_t2'] = isset($_POST['news_image_t2']) ? $_POST['news_image_t2'] : "";
            $data['news_ialign'] = isset($_POST['news_ialign']) ? form_sanitizer($_POST['news_ialign'], "pull-left", "news_ialign") : "pull-left";
        }
        if (fusion_get_settings('tinymce_enabled') != 1) {
            $data['news_breaks'] = isset($_POST['line_breaks']) ? "y" : "n";
        } else {
            $data['news_breaks'] = "n";
        }
        if ($data['news_sticky'] == "1") {
            $result = dbquery("UPDATE " . DB_NEWS . " SET news_sticky='0' WHERE news_sticky='1'");
        }
        // reset other sticky
        // delete image
        if (isset($_POST['del_image'])) {
            if (!empty($data['news_image']) && file_exists(IMAGES_N . $data['news_image'])) {
                unlink(IMAGES_N . $data['news_image']);
            }
            if (!empty($data['news_image_t1']) && file_exists(IMAGES_N_T . $data['news_image_t1'])) {
                unlink(IMAGES_N_T . $data['news_image_t1']);
            }
            if (!empty($data['news_image_t2']) && file_exists(IMAGES_N_T . $data['news_image_t2'])) {
                unlink(IMAGES_N_T . $data['news_image_t2']);
            }
            $data['news_image'] = "";
            $data['news_image_t1'] = "";
            $data['news_image_t2'] = "";
        }
        if (defender::safe()) {
            if (dbcount("('news_id')", DB_NEWS, "news_id='" . $data['news_id'] . "'")) {
                dbquery_insert(DB_NEWS, $data, 'update');
                addNotice('success', $locale['news_0101']);
            } else {
                $data['news_name'] = $userdata['user_id'];
                dbquery_insert(DB_NEWS, $data, 'save');
                addNotice('success', $locale['news_0100']);
            }
            if (isset($_POST['save_and_close'])) {
                redirect(clean_request("", array("ref"), FALSE));
            } else {
                redirect(FUSION_REQUEST);
            }
        }
    } elseif (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_POST['news_id']) && isnum($_POST['news_id'])) || isset($_GET['news_id']) && isnum($_GET['news_id'])) {
        $result = dbquery("SELECT * FROM " . DB_NEWS . " WHERE news_id='" . (isset($_POST['news_id']) ? $_POST['news_id'] : $_GET['news_id']) . "'");
        if (dbrows($result)) {
            $data = dbarray($result);
        } else {
            redirect(FUSION_SELF . $aidlink);
        }
    }
    $result = dbquery("SELECT news_cat_id, news_cat_name FROM " . DB_NEWS_CATS . " " . (multilang_table("NS") ? "WHERE news_cat_language='" . LANGUAGE . "'" : "") . " ORDER BY news_cat_name");
    $news_cat_opts = array();
    $news_cat_opts['0'] = $locale['news_0202'];
    if (dbrows($result)) {
        while ($odata = dbarray($result)) {
            $news_cat_opts[$odata['news_cat_id']] = $odata['news_cat_name'];
        }
    }
    echo "<div class='m-t-20'>\n";
    $news_settings = get_settings("news");
    echo openform('news_form', 'post', $formaction, array('enctype' => 1));
    echo "<div class='row'>\n";
    echo "<div class='col-xs-12 col-sm-12 col-md-7 col-lg-8'>\n";
    echo form_hidden('news_id', "", $data['news_id']);
    echo form_text('news_subject', $locale['news_0200'], $data['news_subject'], array('required' => 1, 'max_length' => 200, 'error_text' => $locale['news_0250']));
    echo form_select('news_keywords', $locale['news_0205'], $data['news_keywords'], array("max_length" => 320, "placeholder" => $locale['news_0205a'], "width" => "100%", "error_text" => $locale['news_0255'], "tags" => TRUE, "multiple" => TRUE));
    echo "<div class='pull-left m-r-10 display-inline-block'>\n";
    echo form_datepicker('news_start', $locale['news_0206'], $data['news_start'], array('placeholder' => $locale['news_0208'], "join_to_id" => "news_end"));
    echo "</div>\n<div class='pull-left m-r-10 display-inline-block'>\n";
    echo form_datepicker('news_end', $locale['news_0207'], $data['news_end'], array('placeholder' => $locale['news_0208'], "join_from_id" => "news_start"));
    echo "</div>\n";
    echo "</div>\n<div class='col-xs-12 col-sm-12 col-md-5 col-lg-4'>\n";
    openside('');
    echo form_select_tree("news_cat", $locale['news_0201'], $data['news_cat'], array("width" => "100%", "inline" => TRUE, "parent_value" => $locale['news_0202'], "query" => multilang_table("NS") ? "WHERE news_cat_language='" . LANGUAGE . "'" : ""), DB_NEWS_CATS, "news_cat_name", "news_cat_id", "news_cat_parent");
    echo form_select('news_visibility', $locale['news_0209'], $data['news_visibility'], array('options' => fusion_get_groups(), 'placeholder' => $locale['choose'], 'width' => '100%', "inline" => TRUE));
    if (multilang_table("NS")) {
        echo form_select('news_language', $locale['global_ML100'], $data['news_language'], array('options' => fusion_get_enabled_languages(), 'placeholder' => $locale['choose'], 'width' => '100%', "inline" => TRUE));
    } else {
        echo form_hidden('news_language', '', $data['news_language']);
    }
    echo form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default m-r-10'));
    echo form_button('save', $locale['news_0241'], $locale['news_0241'], array('class' => 'btn-success'));
    echo form_button("save_and_close", "Save and Close", "save_and_close", array("class" => "btn-primary m-l-10"));
    closeside();
    echo "</div>\n</div>\n";
    $snippetSettings = array("required" => TRUE, "preview" => TRUE, "html" => TRUE, "autosize" => TRUE, "placeholder" => $locale['news_0203a'], "form_name" => "news_form");
    if (fusion_get_settings("tinymce_enabled")) {
        $snippetSettings = array("required" => TRUE, "type" => "tinymce", "tinymce" => "advanced");
    }
    echo form_textarea('news_news', $locale['news_0203'], $data['news_news'], $snippetSettings);
    if (!fusion_get_settings("tinymce_enabled")) {
        $extendedSettings = array("preview" => TRUE, "html" => TRUE, "autosize" => TRUE, "placeholder" => $locale['news_0203b'], "form_name" => "news_form");
    } else {
        $extendedSettings = array("type" => "tinymce", "tinymce" => "advanced");
    }
    echo form_textarea('news_extended', $locale['news_0204'], $data['news_extended'], $extendedSettings);
    // second row
    echo "<div class='row'>\n";
    echo "<div class='col-xs-12 col-sm-12 col-md-7 col-lg-8'>\n";
    openside('');
    if ($data['news_image'] != "" && $data['news_image_t1'] != "") {
        $image_thumb = get_news_image_path($data['news_image'], $data['news_image_t1'], $data['news_image_t2']);
        if (!$image_thumb) {
            $image_thumb = IMAGES . "imagenotfound70.jpg";
        }
        echo "<div class='row'>\n";
        echo "<div class='col-xs-12 col-sm-6'>\n";
        echo "<label><img class='img-responsive img-thumbnail' src='" . $image_thumb . "' alt='" . $locale['news_0216'] . "' /><br />\n";
        echo "<input type='checkbox' name='del_image' value='y' /> " . $locale['delete'] . "</label>\n";
        echo "</div>\n";
        echo "<div class='col-xs-12 col-sm-6'>\n";
        $alignOptions = array('pull-left' => $locale['left'], 'news-img-center' => $locale['center'], 'pull-right' => $locale['right']);
        echo form_select('news_ialign', $locale['news_0218'], $data['news_ialign'], array("options" => $alignOptions, "inline" => FALSE));
        echo "</div>\n</div>\n";
        echo "<input type='hidden' name='news_image' value='" . $data['news_image'] . "' />\n";
        echo "<input type='hidden' name='news_image_t1' value='" . $data['news_image_t1'] . "' />\n";
        echo "<input type='hidden' name='news_image_t2' value='" . $data['news_image_t2'] . "' />\n";
    } else {
        $file_input_options = array('upload_path' => IMAGES_N, 'max_width' => $news_settings['news_photo_max_w'], 'max_height' => $news_settings['news_photo_max_h'], 'max_byte' => $news_settings['news_photo_max_b'], 'thumbnail' => 1, 'thumbnail_w' => $news_settings['news_thumb_w'], 'thumbnail_h' => $news_settings['news_thumb_h'], 'thumbnail_folder' => 'thumbs', 'delete_original' => 0, 'thumbnail2' => 1, 'thumbnail2_w' => $news_settings['news_photo_w'], 'thumbnail2_h' => $news_settings['news_photo_h'], 'type' => 'image');
        echo form_fileinput("news_image", $locale['news_0216'], "", $file_input_options);
        echo "<div class='small m-b-10'>" . sprintf($locale['news_0217'], parsebytesize($news_settings['news_photo_max_b'])) . "</div>\n";
        $alignOptions = array('pull-left' => $locale['left'], 'news-img-center' => $locale['center'], 'pull-right' => $locale['right']);
        echo form_select('news_ialign', $locale['news_0218'], $data['news_ialign'], array("options" => $alignOptions));
    }
    closeside();
    openside('');
    echo "<label><input type='checkbox' name='news_draft' value='yes'" . ($data['news_draft'] ? "checked='checked'" : "") . " /> " . $locale['news_0210'] . "</label><br />\n";
    echo "<label><input type='checkbox' name='news_sticky' value='yes'" . ($data['news_sticky'] ? "checked='checked'" : "") . "  /> " . $locale['news_0211'] . "</label><br />\n";
    echo form_hidden('news_datestamp', '', $data['news_datestamp']);
    if (fusion_get_settings("tinymce_enabled") != 1) {
        echo "<label><input type='checkbox' name='line_breaks' value='yes'" . ($data['news_breaks'] ? "checked='checked'" : "") . " /> " . $locale['news_0212'] . "</label><br />\n";
    }
    closeside();
    echo "</div>\n<div class='col-xs-12 col-sm-12 col-md-5 col-lg-4'>\n";
    openside("");
    if (!fusion_get_settings("comments_enabled") || !fusion_get_settings("ratings_enabled")) {
        $sys = "";
        if (!fusion_get_settings("comments_enabled") && !fusion_get_settings("ratings_enabled")) {
            $sys = $locale['comments_ratings'];
        } elseif (!fusion_get_settings("comments_enabled")) {
            $sys = $locale['comments'];
        } else {
            $sys = $locale['ratings'];
        }
        echo "<div class='alert alert-warning'>" . sprintf($locale['news_0253'], $sys) . "</div>\n";
    }
    echo "<label><input type='checkbox' name='news_allow_comments' value='yes' onclick='SetRatings();'" . ($data['news_allow_comments'] ? "checked='checked'" : "") . " /> " . $locale['news_0213'] . "</label><br/>";
    echo "<label><input type='checkbox' name='news_allow_ratings' value='yes'" . ($data['news_allow_ratings'] ? "checked='checked'" : "") . " /> " . $locale['news_0214'] . "</label>";
    closeside();
    echo "</div>\n</div>\n";
    echo form_button('preview', $locale['news_0240'], $locale['news_0240'], array('class' => 'btn-default m-r-10'));
    echo form_button('save', $locale['news_0241'], $locale['news_0241'], array('class' => 'btn-success'));
    echo form_button("save_and_close", "Save and Close", "save_and_close", array("class" => "btn-primary m-l-10"));
    echo closeform();
    echo "</div>\n";
}
Exemplo n.º 17
0
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "../../maincore.php";
$aid = isset($_GET['aidlink']) ? explode('=', $_GET['aidlink']) : '';
if (!empty($aid)) {
    $aid = $aid[1];
}
$id = isset($_GET['error_id']) && isnum($_GET['error_id']) ? $_GET['error_id'] : 0;
$type = isset($_GET['error_type']) && isnum($_GET['error_type']) ? $_GET['error_type'] : 0;
if (checkrights("ERRO") && defined("iAUTH") && $aid == iAUTH && defender::safe()) {
    $this_response = array('fusion_error_id' => $id, 'from' => 0, 'status' => 'Not Updated');
    $result = dbquery("SELECT error_status\tFROM " . DB_ERRORS . " WHERE error_id='" . intval($id) . "'");
    if (dbrows($result) > 0) {
        $data = dbarray($result);
        if ($type == 999) {
            // Delete Error
            $result = dbquery("DELETE FROM " . DB_ERRORS . " WHERE error_id='" . intval($id) . "'");
            if ($result) {
                $this_response = array('fusion_error_id' => $id, 'from' => $data['error_status'], 'to' => $type, 'status' => 'RMD');
            }
        } else {
            // Update Error Status
            $result = dbquery("UPDATE " . DB_ERRORS . " SET error_status='" . intval($type) . "' WHERE error_id='" . intval($id) . "'");
            if ($result) {
                $this_response = array('fusion_error_id' => $id, 'from' => $data['error_status'], 'to' => $type, 'status' => 'OK');
Exemplo n.º 18
0
 /**
  * Site Links Form
  */
 private function display_sitelinks_form()
 {
     $locale = fusion_get_locale();
     fusion_confirm_exit();
     if (isset($_POST['savelink'])) {
         $this->data = array("link_id" => form_sanitizer($_POST['link_id'], 0, 'link_id'), "link_cat" => form_sanitizer($_POST['link_cat'], 0, 'link_cat'), "link_name" => form_sanitizer($_POST['link_name'], '', 'link_name'), "link_url" => form_sanitizer($_POST['link_url'], '', 'link_url'), "link_icon" => form_sanitizer($_POST['link_icon'], '', 'link_icon'), "link_language" => form_sanitizer($_POST['link_language'], '', 'link_language'), "link_visibility" => form_sanitizer($_POST['link_visibility'], '', 'link_visibility'), "link_position" => form_sanitizer($_POST['link_position'], '', 'link_position'), "link_order" => form_sanitizer($_POST['link_order'], '', 'link_order'), "link_window" => form_sanitizer(isset($_POST['link_window']) && $_POST['link_window'] == 1 ? 1 : 0, 0, 'link_window'));
         if ($this->data['link_position'] > 3) {
             $this->data['link_position'] = form_sanitizer($_POST['link_position_id'], 3, 'link_position_id');
         }
         if (empty($this->data['link_order'])) {
             $max_order_query = "SELECT MAX(link_order) 'link_order' FROM " . DB_SITE_LINKS . "\n                " . (multilang_table("SL") ? "WHERE link_language='" . LANGUAGE . "' AND" : "WHERE") . "\n                link_cat='" . $this->data['link_cat'] . "'";
             $this->data['link_order'] = dbresult(dbquery($max_order_query), 0) + 1;
         }
         if (\defender::safe()) {
             if (!empty($this->data['link_id'])) {
                 dbquery_order(DB_SITE_LINKS, $this->data['link_order'], "link_order", $this->data['link_id'], "link_id", $this->data['link_cat'], "link_cat", multilang_table("SL"), "link_language", "update");
                 dbquery_insert(DB_SITE_LINKS, $this->data, 'update');
                 addNotice("success", $locale['SL_0016']);
             } else {
                 dbquery_order(DB_SITE_LINKS, $this->data['link_order'], "link_order", $this->data['link_id'], "link_id", $this->data['link_cat'], "link_cat", multilang_table("SL"), "link_language", "save");
                 dbquery_insert(DB_SITE_LINKS, $this->data, 'save');
                 addNotice("success", $locale['SL_0015']);
             }
             redirect(clean_request("link_cat=" . $this->data['link_cat'], array('ref'), FALSE));
         }
     }
     echo "<div class='m-t-20'>\n";
     echo openform('link_administration_frm', 'post', FUSION_REQUEST);
     echo "<div class='row'>\n";
     echo "<div class='col-xs-12 col-sm-12 col-md-8 col-lg-8'>\n";
     echo form_hidden('link_id', '', $this->data['link_id']);
     echo form_textarea('link_name', $locale['SL_0020'], $this->data['link_name'], array('max_length' => 100, 'required' => TRUE, 'error_text' => $locale['SL_0085'], 'form_name' => 'linkform', 'type' => 'bbcode', 'inline' => TRUE));
     echo form_text('link_icon', 'Link Icon', $this->data['link_icon'], array('max_length' => 100, 'inline' => TRUE));
     echo form_text('link_url', $locale['SL_0021'], $this->data['link_url'], array('required' => TRUE, 'error_text' => $locale['SL_0086'], 'inline' => TRUE));
     echo form_text('link_order', $locale['SL_0023'], $this->data['link_order'], array('class' => 'pull-left', 'inline' => TRUE, 'width' => '250px', 'type' => 'number'));
     // There will be a trick to manipulate the situation here
     if ($this->data['link_position'] > 3) {
         $this->data['link_position_id'] = $this->data['link_position'];
         $this->data['link_position'] = 4;
     }
     echo form_select('link_position', $locale['SL_0024'], $this->data['link_position'], array('options' => $this->position_opts, 'inline' => TRUE, 'stacked' => form_text('link_position_id', '', $this->data['link_position_id'], array('required' => true, 'placeholder' => 'ID', 'type' => 'number', 'type' => 'number', 'width' => '150px'))));
     add_to_jquery("\n        checkLinkPosition( " . $this->data['link_position'] . " );\n        \$('#link_position').bind('change', function(e) {\n            checkLinkPosition( \$(this).val() );\n        });\n        ");
     echo "</div>\n";
     echo "<div class='col-xs-12 col-sm-12 col-md-4 col-lg-4'>\n";
     echo form_select_tree("link_cat", $locale['SL_0029'], $this->data['link_cat'], array('input_id' => 'link_categorys', "parent_value" => $locale['parent'], 'width' => '100%', 'query' => multilang_table("SL") ? "WHERE link_language='" . LANGUAGE . "'" : '', 'disable_opts' => $this->data['link_id'], 'hide_disabled' => 1), DB_SITE_LINKS, "link_name", "link_id", "link_cat");
     echo form_select('link_language', $locale['global_ML100'], $this->data['link_language'], array('options' => $this->language_opts, 'placeholder' => $locale['choose'], 'width' => '100%'));
     echo form_select('link_visibility', $locale['SL_0022'], $this->data['link_visibility'], array('options' => self::get_LinkVisibility(), 'placeholder' => $locale['choose'], 'width' => '100%'));
     echo form_checkbox('link_window', $locale['SL_0028'], $this->data['link_window']);
     echo "</div>\n";
     echo "</div>\n";
     echo form_button('savelink', $locale['SL_0040'], $locale['SL_0040'], array('class' => 'btn-primary m-r-10', 'input_id' => 'savelink_2'));
     echo form_button("cancel", $locale['cancel'], "cancel", array('input_id' => 'cancel2'));
     echo closeform();
     echo "</div>\n";
 }
Exemplo n.º 19
0
             if (!dbcount("(article_cat_id)", DB_ARTICLE_CATS, $categoryNameCheck['when_saving'])) {
                 dbquery_insert(DB_ARTICLE_CATS, $inputArray, "save");
                 addNotice("success", $locale['articles_0150']);
                 redirect(clean_request("cat_view=1", array("section", "aid"), true));
             } else {
                 addNotice("danger", $locale['articles_0352']);
             }
         }
     }
 }
 // UI dual tab
 $articleCatTab['title'][] = $locale['articles_0020'];
 $articleCatTab['id'][] = "b";
 $articleCatTab['title'][] = $locale['articles_0027'];
 $articleCatTab['id'][] = "a";
 $tab_active = tab_active($articleCatTab, isset($_GET['action']) or !defender::safe() ? 1 : 0);
 echo opentab($articleCatTab, $tab_active, "artCTab", FALSE, "m-t-20");
 echo opentabbody($articleCatTab['title'][0], $articleCatTab['id'][0], $tab_active);
 echo "<table class='table table-responsive table-hover table-striped'>\n";
 if (dbcount("(article_cat_id)", DB_ARTICLE_CATS, multilang_table("AR") ? "article_cat_language='" . LANGUAGE . "'" : "")) {
     showcatlist();
 } else {
     echo "<tr><td align='center' class='tbl1' colspan='2'>" . $locale['articles_0342'] . "</td></tr>\n";
 }
 echo "</table>\n";
 echo closetabbody();
 echo opentabbody($articleCatTab['title'][1], $articleCatTab['id'][1], $tab_active);
 echo openform('addcat', 'post', FUSION_REQUEST, array('class' => "m-t-20"));
 echo form_hidden("cat_id", "", $cat_id);
 echo form_text('cat_name', $locale['articles_0300'], $cat_name, array("inline" => true, "required" => true, 'error_text' => $locale['articles_0351']));
 $textArea_opts = array("required" => TRUE, "type" => fusion_get_settings("tinymce_enabled") ? "tinymce" : "html", "tinymce" => fusion_get_settings("tinymce_enabled") && iADMIN ? "advanced" : "", "autosize" => TRUE, "inline" => TRUE, "preview" => TRUE, "form_name" => "addcat");
Exemplo n.º 20
0
 public function save_theme()
 {
     global $locale, $userdata;
     if (isset($_POST['save_theme'])) {
         $fieldArrays = $this->data;
         foreach ($fieldArrays as $fieldNames => $fieldDefaults) {
             $this->data[$fieldNames] = isset($_POST[$fieldNames]) ? form_sanitizer($_POST[$fieldNames], $fieldDefaults, $fieldNames) : "";
         }
         $old_file = isset($this->data['theme_file']) ? $this->data['theme_file'] : '';
         if (isset($this->data['theme_config'])) {
             unset($this->data['theme_config']);
         }
         // will need to rebuild. unset it.
         if (isset($this->data['theme_file'])) {
             unset($this->data['theme_file']);
         }
         // important to unset.
         // rebuild entire structure
         $data = array("theme_name" => $this->theme_name, "theme_title" => form_sanitizer($_POST['theme_title'], '', 'theme_title'), "theme_id" => form_sanitizer($_POST['theme_id'], '0', 'theme_id'), "theme_user" => $userdata['user_id'], "theme_datestamp" => time());
         if (\defender::safe()) {
             $data['theme_file'] = $this->buildCss();
             if (dbcount("(theme_id)", DB_THEME, "theme_name='" . $data['theme_name'] . "' AND theme_id='" . intval($data['theme_id']) . "'")) {
                 if (!empty($data['theme_file'])) {
                     $data['theme_active'] = 1;
                     $data['theme_config'] = addslashes(serialize($this->data));
                     if (!$this->debug && $data['theme_file']) {
                         if (file_exists(THEMES . $old_file) && !is_dir(THEMES . $old_file)) {
                             unlink(THEMES . $old_file);
                         }
                         dbquery_insert(DB_THEME, $data, 'update');
                         if (!defined("FUSION_NULL")) {
                             addNotice('info', $locale['theme_success_003']);
                             redirect(clean_request("", array("aid", "action", "theme"), TRUE));
                         }
                     } else {
                         // debug messages
                         print_p('Update Mode');
                         print_p($data);
                     }
                 }
             } else {
                 if (!$this->debug && !empty($data['theme_file'])) {
                     $rows = dbcount("(theme_id)", DB_THEME, "theme_name='" . $data['theme_name'] . "'");
                     $data['theme_active'] = $rows < 1 ? 1 : 0;
                     $data['theme_config'] = addslashes(serialize($this->data));
                     dbquery_insert(DB_THEME, $data, 'save');
                     if (\defender::safe()) {
                         addNotice('success', $locale['theme_success_004']);
                         redirect(clean_request("", array("aid", "action", "theme"), TRUE));
                     }
                 } else {
                     // debug messages
                     $rows = dbcount("(theme_id)", DB_THEME, "theme_name='" . $data['theme_name'] . "'");
                     $data['theme_active'] = $rows < 1 ? 1 : 0;
                     $data['theme_config'] = addslashes(serialize($this->data));
                     print_p($data);
                 }
             }
         }
     }
 }
Exemplo n.º 21
0
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "../maincore.php";
pageAccess('S3');
require_once THEMES . "templates/admin_header.php";
include LOCALE . LOCALESET . "admin/settings.php";
add_breadcrumb(array('link' => ADMIN . "settings_theme.php" . $aidlink, 'title' => $locale['theme_settings']));
// These are the default settings and the only settings we expect to be posted
$settings_theme = array('admin_theme' => fusion_get_settings('admin_theme'), 'theme' => fusion_get_settings('theme'), 'bootstrap' => fusion_get_settings('bootstrap'), 'entypo' => fusion_get_settings('entypo'), 'fontawesome' => fusion_get_settings('fontawesome'));
// Saving settings
if (isset($_POST['savesettings'])) {
    $settings_theme = array("admin_theme" => form_sanitizer($_POST['admin_theme'], $settings_theme['admin_theme'], "admin_theme"), "theme" => form_sanitizer($_POST['theme'], $settings_theme['theme'], "theme"), "bootstrap" => form_sanitizer($_POST['bootstrap'], 0, "bootstrap"), "entypo" => form_sanitizer($_POST['entypo'], 0, "entypo"), "fontawesome" => form_sanitizer($_POST['fontawesome'], 0, "fontawesome"));
    if (\defender::safe()) {
        $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . $settings_theme['admin_theme'] . "' WHERE settings_name='admin_theme'");
        if ($result) {
            dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . $settings_theme['theme'] . "' WHERE settings_name='theme'");
        }
        if ($result) {
            dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . $settings_theme['bootstrap'] . "' WHERE settings_name='bootstrap'");
        }
        if ($result) {
            dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . $settings_theme['entypo'] . "' WHERE settings_name='entypo'");
        }
        if ($result) {
            dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . $settings_theme['fontawesome'] . "' WHERE settings_name='fontawesome'");
        }
        if ($result) {
            addNotice("success", "<i class='fa fa-check-square-o m-r-10 fa-lg'></i>" . $locale['900']);
Exemplo n.º 22
0
/**
 * Displays News Category Listing
 */
function display_news_cat_listing()
{
    global $aidlink;
    $locale = fusion_get_locale();
    // need to paginate
    $_GET['rowstart'] = isset($_GET['rowstart']) && isnum($_GET['rowstart']) && $_GET['rowstart'] <= dbcount("(news_cat_id)", DB_NEWS_CATS, "") ? intval($_GET['rowstart']) : 0;
    // Run functions
    $allowed_actions = array_flip(array("publish", "unpublish", "sticky", "unsticky", "delete"));
    if (isset($_POST['table_action']) && isset($allowed_actions[$_POST['table_action']])) {
        $input = explode(",", form_sanitizer($_POST['news_cat_id'], "", "news_cat_id"));
        if (!empty($input)) {
            foreach ($input as $news_cat_id) {
                // check input table
                if (dbcount("('news_cat_id')", DB_NEWS_CATS, "news_cat_id='" . intval($news_cat_id) . "'") && defender::safe()) {
                    switch ($_POST['table_action']) {
                        case "publish":
                            dbquery("UPDATE " . DB_NEWS_CATS . " SET news_cat_draft='0' WHERE news_cat_id='" . intval($news_cat_id) . "'");
                            break;
                        case "unpublish":
                            dbquery("UPDATE " . DB_NEWS_CATS . " SET news_cat_draft='1' WHERE news_cat_id='" . intval($news_cat_id) . "'");
                            break;
                        case "sticky":
                            dbquery("UPDATE " . DB_NEWS_CATS . " SET news_cat_sticky='1' WHERE news_cat_id='" . intval($news_cat_id) . "'");
                            break;
                        case "unsticky":
                            dbquery("UPDATE " . DB_NEWS_CATS . " SET news_cat_sticky='0' WHERE news_cat_id='" . intval($news_cat_id) . "'");
                            break;
                        case "delete":
                            if (!dbcount("('news_id')", DB_NEWS, "news_cat='" . $news_cat_id . "'")) {
                                $result = dbquery("SELECT news_cat_image FROM " . DB_NEWS_CATS . " WHERE news_cat_id='" . intval($news_cat_id) . "'");
                                if (dbrows($result) > 0) {
                                    $photo = dbarray($result);
                                    if (!empty($photo['news_cat_image']) && file_exists(IMAGES_NC . $photo['news_cat_image'])) {
                                        unlink(IMAGES_NC . $photo['news_cat_image']);
                                    }
                                }
                                dbquery("DELETE FROM  " . DB_NEWS_CATS . " WHERE news_cat_id='" . intval($news_cat_id) . "'");
                            } else {
                                addNotice("warning", "Cannot delete News category because there are News Items");
                            }
                            break;
                        default:
                            addNotice("warning", "Category ID {$news_cat_id} is not valid and update aborted");
                            redirect(FUSION_REQUEST);
                    }
                }
            }
            addNotice("success", "News category listing has been updated");
            redirect(FUSION_REQUEST);
        }
        addNotice("warning", "No news category item selected. Please check a news item and try again");
        redirect(FUSION_REQUEST);
    }
    if (isset($_POST['news_clear'])) {
        redirect(FUSION_SELF . $aidlink);
    }
    // Switch to post
    $sql_condition = "";
    $search_string = array();
    if (isset($_POST['p-submit-news_cat_name'])) {
        $search_string['news_cat_name'] = array("input" => form_sanitizer($_POST['news_cat_name'], "", "news_cat_name"), "operator" => "LIKE");
    }
    if (!empty($_POST['news_cat_status']) && isnum($_POST['news_cat_status'])) {
        switch ($_POST['news_cat_status']) {
            case 1:
                // is a draft
                $search_string['news_cat_draft'] = array("input" => 1, "operator" => "=");
                break;
            case 2:
                // is a sticky
                $search_string['news_cat_sticky'] = array("input" => 1, "operator" => "=");
                break;
        }
    }
    if (!empty($_POST['news_cat_visibility'])) {
        $search_string['news_cat_visibility'] = array("input" => form_sanitizer($_POST['news_cat_visibility'], "", "news_cat_visibility"), "operator" => "=");
    }
    if (!empty($_POST['news_cat_language'])) {
        $search_string['news_cat_language'] = array("input" => form_sanitizer($_POST['news_cat_language'], "", "news_cat_language"), "operator" => "=");
    }
    if (!empty($search_string)) {
        foreach ($search_string as $key => $values) {
            $sql_condition .= " AND `{$key}` " . $values['operator'] . ($values['operator'] == "LIKE" ? "'%" : "'") . $values['input'] . ($values['operator'] == "LIKE" ? "%'" : "'");
        }
    }
    $result = dbquery_tree_full(DB_NEWS_CATS, "news_cat_id", "news_cat_parent", "", "SELECT nc.*,\n                            count(n1.news_id) 'news_published',\n                            count(n2.news_id) 'news_draft',\n                            count(n3.news_id) 'news_sticky'\n                            FROM " . DB_NEWS_CATS . " nc\n                            LEFT JOIN " . DB_NEWS . " n1 ON n1.news_id=nc.news_cat_id AND n1.news_draft='0' AND (n1.news_start='0'|| n1.news_start<=NOW()) AND (n1.news_end='0'|| n1.news_end>=NOW())\n                            LEFT JOIN " . DB_NEWS . " n2 ON n2.news_id=nc.news_cat_id AND n2.news_draft='1'\n                            LEFT JOIN " . DB_NEWS . " n3 ON n2.news_id=nc.news_cat_id AND n3.news_sticky='1' AND (n3.news_start='0'|| n3.news_start<=NOW()) AND (n3.news_end='0'|| n3.news_end>=NOW())\n                            WHERE " . (multilang_table("NS") ? "news_cat_language='" . LANGUAGE . "'" : "") . "\n                            {$sql_condition}\n                            GROUP BY news_cat_id\n                            ORDER BY news_cat_parent ASC, news_cat_id ASC LIMIT " . intval($_GET['rowstart']) . ", 20");
    ?>
    <div class="m-t-15">
        <?php 
    echo openform("news_filter", "post", FUSION_REQUEST);
    echo "<div class='clearfix'>\n";
    echo "<div class='pull-right'>\n";
    echo "<a class='btn btn-success btn-sm m-r-10' href='" . clean_request("ref=news_cat_form", array("ref"), FALSE) . "'>Add New</a>";
    echo "<a class='btn btn-default btn-sm m-r-10' onclick=\"run_admin('publish');\"><i class='fa fa-check fa-fw'></i> Publish</a>";
    echo "<a class='btn btn-default btn-sm m-r-10' onclick=\"run_admin('unpublish');\"><i class='fa fa-ban fa-fw'></i> Unpublish</a>";
    echo "<a class='btn btn-default btn-sm m-r-10' onclick=\"run_admin('sticky');\"><i class='fa fa-sticky-note fa-fw'></i> Sticky</a>";
    echo "<a class='btn btn-default btn-sm m-r-10' onclick=\"run_admin('unsticky');\"><i class='fa fa-sticky-note-o fa-fw'></i> Unsticky</a>";
    echo "<a class='btn btn-default btn-sm m-r-10' onclick=\"run_admin('delete');\"><i class='fa fa-trash-o fa-fw'></i> Trash</a>";
    echo "</div>\n";
    ?>
        <script>
            function run_admin(action) {
                $('#table_action').val(action);
                $('#news_table').submit();
            }
        </script>

        <?php 
    $filter_values = array("news_cat_name" => !empty($_POST['news_cat_name']) ? form_sanitizer($_POST['news_cat_name'], "", "news_cat_name") : "", "news_cat_status" => !empty($_POST['news_cat_status']) ? form_sanitizer($_POST['news_cat_status'], "", "news_cat_status") : "", "news_cat_visibility" => !empty($_POST['news_cat_visibility']) ? form_sanitizer($_POST['news_cat_visibility'], "", "news_cat_visibility") : "", "news_cat_language" => !empty($_POST['news_cat_language']) ? form_sanitizer($_POST['news_cat_language'], "", "news_cat_language") : "");
    $filter_empty = TRUE;
    foreach ($filter_values as $val) {
        if ($val) {
            $filter_empty = FALSE;
        }
    }
    echo "<div class='display-inline-block pull-left m-r-10' style='width:300px;'>\n";
    echo form_text("news_cat_name", "", $filter_values['news_cat_name'], array("placeholder" => "News Category Name", "append_button" => TRUE, "append_value" => "<i class='fa fa-search'></i>", "append_form_value" => "search_news", "width" => "250px"));
    echo "</div>\n";
    echo "<div class='display-inline-block'>";
    echo "<a class='btn btn-sm " . ($filter_empty == FALSE ? "btn-info" : " btn-default'") . "' id='toggle_options' href='#'>Search Options\n        <span id='filter_caret' class='fa " . ($filter_empty == FALSE ? "fa-caret-up" : "fa-caret-down") . "'></span></a>\n";
    echo form_button("news_clear", "Clear", "clear");
    echo "</div>\n";
    echo "</div>\n";
    add_to_jquery("\n        \$('#toggle_options').bind('click', function(e) {\n            \$('#news_filter_options').slideToggle();\n            var caret_status = \$('#filter_caret').hasClass('fa-caret-down');\n            if (caret_status == 1) {\n                \$('#filter_caret').removeClass('fa-caret-down').addClass('fa-caret-up');\n                \$(this).removeClass('btn-default').addClass('btn-info');\n            } else {\n                \$('#filter_caret').removeClass('fa-caret-up').addClass('fa-caret-down');\n                \$(this).removeClass('btn-info').addClass('btn-default');\n            }\n        });\n\n        // Select change\n        \$('#news_status, #news_visibility, #news_category, #news_language, #news_author').bind('change', function(e){\n            \$(this).closest('form').submit();\n        });\n        ");
    unset($filter_values['news_text']);
    echo "<div id='news_filter_options'" . ($filter_empty == FALSE ? "" : " style='display:none;'") . ">\n";
    echo "<div class='display-inline-block'>\n";
    echo form_select("news_cat_status", "", $filter_values['news_cat_status'], array("allowclear" => TRUE, "placeholder" => "- Select Status -", "options" => array(0 => "All Status", 1 => "Draft", 2 => "Sticky")));
    echo "</div>\n";
    echo "<div class='display-inline-block'>\n";
    echo form_select("news_cat_visibility", "", $filter_values['news_cat_visibility'], array("allowclear" => TRUE, "placeholder" => "- Select Access -", "options" => fusion_get_groups()));
    echo "</div>\n";
    echo "<div class='display-inline-block'>\n";
    $language_opts = array(0 => "All Language");
    $language_opts += fusion_get_enabled_languages();
    echo form_select("news_cat_language", "", $filter_values['news_cat_language'], array("allowclear" => TRUE, "placeholder" => "- Select Language -", "options" => $language_opts));
    echo "</div>\n";
    echo "</div>\n";
    echo closeform();
    ?>
    </div>

    <?php 
    echo openform("news_table", "post", FUSION_REQUEST);
    echo form_hidden("table_action", "", "");
    display_news_category($result);
    echo closeform();
    echo "<div class='text-center'><a class='btn btn-primary' href='" . ADMIN . "images.php" . $aidlink . "&amp;ifolder=imagesnc'>" . $locale['news_0304'] . "</a><br /><br />\n</div>\n";
}
Exemplo n.º 23
0
function debonair_theme_widget()
{
    global $locale;
    require_once "functions.php";
    $settings = get_theme_settings("debonair");
    /**
     * data parsing
     */
    $ubanner_col_1_data = uncomposeSelection($settings['ubanner_col_1']);
    $ubanner_col_2_data = uncomposeSelection($settings['ubanner_col_2']);
    $ubanner_col_3_data = uncomposeSelection($settings['ubanner_col_3']);
    $settings = array("main_banner_url" => $settings['main_banner_url'], "ubanner_col_1" => !empty($ubanner_col_1_data['selected']) ? $ubanner_col_1_data['selected'] : 0, "ubanner_col_2" => !empty($ubanner_col_2_data['selected']) ? $ubanner_col_2_data['selected'] : 0, "ubanner_col_3" => !empty($ubanner_col_3_data['selected']) ? $ubanner_col_3_data['selected'] : 0, "lbanner_col_1" => $settings['lbanner_col_1'], "lbanner_col_2" => $settings['lbanner_col_2'], "lbanner_col_3" => $settings['lbanner_col_3'], "lbanner_col_4" => $settings['lbanner_col_4'], "facebook_url" => $settings['facebook_url'], "twitter_url" => $settings['twitter_url']);
    if (isset($_POST['save_settings'])) {
        $inputArray = array("main_banner_url" => form_sanitizer($_POST['main_banner_url'], "", "main_banner_url"), "ubanner_col_1" => composeSelection(form_sanitizer($_POST['ubanner_col_1'], "", "ubanner_col_1")), "ubanner_col_2" => composeSelection(form_sanitizer($_POST['ubanner_col_2'], "", "ubanner_col_2")), "ubanner_col_3" => composeSelection(form_sanitizer($_POST['ubanner_col_3'], "", "ubanner_col_3")), "lbanner_col_1" => form_sanitizer($_POST['lbanner_col_1'], "", "lbanner_col_1"), "lbanner_col_2" => form_sanitizer($_POST['lbanner_col_2'], "", "lbanner_col_2"), "lbanner_col_3" => form_sanitizer($_POST['lbanner_col_3'], "", "lbanner_col_3"), "lbanner_col_4" => form_sanitizer($_POST['lbanner_col_4'], "", "lbanner_col_4"), "facebook_url" => form_sanitizer($_POST['facebook_url'], "", "facebook_url"), "twitter_url" => form_sanitizer($_POST['twitter_url'], "", "twitter_url"));
        foreach ($inputArray as $settings_name => $settings_value) {
            $sqlArray = array("settings_name" => $settings_name, "settings_value" => $settings_value, "settings_theme" => "debonair");
            dbquery_insert(DB_SETTINGS_THEME, $sqlArray, "update", array("primary_key" => "settings_name"));
        }
        if (defender::safe()) {
            redirect(FUSION_REQUEST);
        }
    }
    echo openform("debonair_theme_settings", "post", FUSION_REQUEST);
    $exclude_list = ".|..|.htaccess|.DS_Store|config.php|config.temp.php|.gitignore|LICENSE|README.md|robots.txt|reactivate.php|rewrite.php|maintenance.php|maincore.php|lostpassword.php|index.php|error.php";
    $list = array();
    $file_list = makefilelist(BASEDIR, $exclude_list);
    foreach ($file_list as $files) {
        $list[] = $files;
    }
    $include_list = array();
    $file_list = makefilelist(THEMES . "/debonair/include/", $exclude_list);
    foreach ($file_list as $files) {
        $include_list[$files] = str_replace(".php", "", str_replace("_", " ", ucwords($files)));
    }
    openside("");
    echo form_select("main_banner_url", $locale['debonair_0300'], $settings['main_banner_url'], array("options" => $list, "tags" => true, "multiple" => true, "width" => "100%", "inline" => false));
    echo "<p>" . $locale['debonair_0301'] . "</p>";
    closeside();
    openside("");
    echo form_text("facebook_url", $locale['debonair_0321'], $settings['facebook_url'], array("type" => "url", "inline" => true, "placeholder" => "http://www.facebook.com/your-page-id"));
    echo form_text("twitter_url", $locale['debonair_0322'], $settings['twitter_url'], array("type" => "url", "inline" => true, "placeholder" => "http://www.twitter.com/your-page-id"));
    closeside();
    $templateOpts[0] = $locale['debonair_0302'];
    /**
     * Article Selector
     */
    $articleOpts = array();
    if (db_exists(DB_ARTICLES)) {
        $article_result = dbquery("select article_id, article_subject, article_cat_language FROM " . DB_ARTICLES . " a\n\t \t\t\t\tleft join " . DB_ARTICLE_CATS . " ac on a.article_cat = ac.article_cat_id\n\t \t\t\t\torder by article_datestamp DESC\n\t \t\t\t\t");
        if (dbrows($article_result) > 0) {
            while ($data = dbarray($article_result)) {
                $articleOpts[$data['article_cat_language']][$data['article_id']] = $data['article_subject'];
            }
        }
        if (!empty($articleOpts)) {
            $templateOpts['articles'] = $locale['debonair_0303'];
        }
    }
    /**
     * News Selector
     */
    $newsOpts = array();
    if (db_exists(DB_NEWS)) {
        $news_result = dbquery("select news_id, news_subject, news_language FROM " . DB_NEWS . " order by news_datestamp DESC");
        if (dbrows($news_result) > 0) {
            while ($data = dbarray($news_result)) {
                $newsOpts[$data['news_language']][$data['news_id']] = $data['news_subject'];
            }
        }
        if (!empty($newsOpts)) {
            $templateOpts['news'] = $locale['debonair_0304'];
        }
    }
    /**
     * Blog Selector
     */
    $blogOpts = array();
    if (db_exists(DB_BLOG)) {
        $blog_result = dbquery("select blog_id, blog_subject, blog_language FROM " . DB_BLOG . "\n\t \t\t\t\torder by blog_datestamp DESC\n\t \t\t\t\t");
        if (dbrows($blog_result) > 0) {
            while ($data = dbarray($blog_result)) {
                $blogOpts[$data['blog_language']][$data['blog_id']] = $data['blog_subject'];
            }
        }
        if (!empty($blogOpts)) {
            $templateOpts['blog'] = $locale['debonair_0305'];
        }
    }
    /**
     * Custom Page Selector
     * Note: custom page has a different multilanguage setup.
     */
    $cpOpts = array();
    if (db_exists(DB_CUSTOM_PAGES)) {
        $cp_result = dbquery("select page_id, page_title, page_language FROM " . DB_CUSTOM_PAGES . " order by page_id ASC");
        if (dbrows($cp_result) > 0) {
            while ($data = dbarray($cp_result)) {
                $acceptedLang = stristr($data['page_language'], ".") ? explode(".", $data['page_language']) : array(0 => $data['page_language']);
                foreach (fusion_get_enabled_languages() as $lang) {
                    if (in_array($lang, $acceptedLang)) {
                        $cpOpts[$lang][$data['page_id']] = $data['page_title'];
                    }
                }
            }
        }
        if (!empty($cpOpts)) {
            $templateOpts['cp'] = $locale['debonair_0306'];
        }
    }
    openside("");
    echo "<div class='row'>\n";
    echo "<div class='col-xs-12 col-sm-4'>\n";
    echo form_select("ubanner_col_1", $locale['debonair_0307'], $settings['ubanner_col_1'], array("options" => $templateOpts, "inline" => false));
    if (!empty($articleOpts)) {
        echo "<div id='ubanner_col_1-articles-choices' class='choices1' " . ($settings['ubanner_col_1'] === "articles" ? "" : "style='display:none;'") . "'>\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_1'] === "articles" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
            echo form_select("articles-" . $lang, sprintf($locale['debonair_0310'], $lang), $callback_value, array("options" => isset($articleOpts[$lang]) ? $articleOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($newsOpts)) {
        echo "<div id='ubanner_col_1-news-choices' class='choices1' " . ($settings['ubanner_col_1'] === "news" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_1'] === "news" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
            echo form_select("news-" . $lang, sprintf($locale['debonair_0311'], $lang), $callback_value, array("options" => isset($newsOpts[$lang]) ? $newsOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($blogOpts)) {
        echo "<div id='ubanner_col_1-blog-choices' class='choices1' " . ($settings['ubanner_col_1'] === "blog" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_1'] === "blog" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
            echo form_select("blog-" . $lang, sprintf($locale['debonair_0312'], $lang), $callback_value, array("options" => isset($blogOpts[$lang]) ? $blogOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($cpOpts)) {
        echo "<div id='ubanner_col_1-cp-choices' class='choices1' " . ($settings['ubanner_col_1'] === "cp" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_1'] === "cp" && !empty($ubanner_col_1_data['options'][$lang]) ? $ubanner_col_1_data['options'][$lang] : "";
            echo form_select("cp-" . $lang, sprintf($locale['debonair_0313'], $lang), $callback_value, array("options" => isset($cpOpts[$lang]) ? $cpOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    echo "</div><div class='col-xs-12 col-sm-4'>\n";
    echo form_select("ubanner_col_2", $locale['debonair_0308'], $settings['ubanner_col_2'], array("options" => $templateOpts, "inline" => false));
    if (!empty($articleOpts)) {
        echo "<div id='ubanner_col_2-articles-choices' class='choices2' " . ($settings['ubanner_col_2'] === "articles" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_2'] === "articles" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
            echo form_select("articles2-" . $lang, sprintf($locale['debonair_0310'], $lang), $callback_value, array("options" => isset($articleOpts[$lang]) ? $articleOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($newsOpts)) {
        echo "<div id='ubanner_col_2-news-choices' class='choices2' " . ($settings['ubanner_col_2'] === "news" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_2'] === "news" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
            echo form_select("news2-" . $lang, sprintf($locale['debonair_0311'], $lang), $callback_value, array("options" => isset($newsOpts[$lang]) ? $newsOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($blogOpts)) {
        echo "<div id='ubanner_col_2-blog-choices' class='choices2' " . ($settings['ubanner_col_2'] === "blog" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_2'] === "blog" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
            echo form_select("blog2-" . $lang, sprintf($locale['debonair_0312'], $lang), $callback_value, array("options" => isset($blogOpts[$lang]) ? $blogOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($cpOpts)) {
        echo "<div id='ubanner_col_2-cp-choices' class='choices2' " . ($settings['ubanner_col_2'] === "cp" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_2'] === "cp" && !empty($ubanner_col_2_data['options'][$lang]) ? $ubanner_col_2_data['options'][$lang] : "";
            echo form_select("cp2-" . $lang, sprintf($locale['debonair_0313'], $lang), $callback_value, array("options" => isset($cpOpts[$lang]) ? $cpOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    echo "</div><div class='col-xs-12 col-sm-4'>\n";
    // 3rd
    echo form_select("ubanner_col_3", $locale['debonair_0309'], $settings['ubanner_col_3'], array("options" => $templateOpts, "inline" => false));
    if (!empty($articleOpts)) {
        echo "<div id='ubanner_col_3-articles-choices' class='choices3' " . ($settings['ubanner_col_3'] == "articles" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_3'] === "articles" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
            echo form_select("articles3-" . $lang, sprintf($locale['debonair_0310'], $lang), $callback_value, array("options" => isset($articleOpts[$lang]) ? $articleOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($newsOpts)) {
        echo "<div id='ubanner_col_3-news-choices' class='choices3' " . ($settings['ubanner_col_3'] === "news" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_3'] === "news" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
            echo form_select("news3-" . $lang, sprintf($locale['debonair_0311'], $lang), $callback_value, array("options" => isset($newsOpts[$lang]) ? $newsOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($blogOpts)) {
        echo "<div id='ubanner_col_3-blog-choices' class='choices3' " . ($settings['ubanner_col_3'] === "blog" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_3'] === "blog" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
            echo form_select("blog3-" . $lang, sprintf($locale['debonair_0312'], $lang), $callback_value, array("options" => isset($blogOpts[$lang]) ? $blogOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    if (!empty($cpOpts)) {
        echo "<div id='ubanner_col_3-cp-choices' class='choices3' " . ($settings['ubanner_col_3'] === "cp" ? "" : "style='display:none;'") . ">\n";
        foreach (fusion_get_enabled_languages() as $lang) {
            $callback_value = $settings['ubanner_col_3'] === "cp" && !empty($ubanner_col_3_data['options'][$lang]) ? $ubanner_col_3_data['options'][$lang] : "";
            echo form_select("cp3-" . $lang, sprintf($locale['debonair_0313'], $lang), $callback_value, array("options" => isset($cpOpts[$lang]) ? $cpOpts[$lang] : array()));
        }
        echo "</div>\n";
    }
    echo "</div>\n</div>\n";
    echo $locale['debonair_0315'];
    closeside();
    openside("");
    echo form_select("lbanner_col_1", $locale['debonair_0317'], $settings['lbanner_col_1'], array("options" => $include_list, "inline" => true));
    echo form_select("lbanner_col_2", $locale['debonair_0318'], $settings['lbanner_col_2'], array("options" => $include_list, "inline" => true));
    echo form_select("lbanner_col_3", $locale['debonair_0319'], $settings['lbanner_col_3'], array("options" => $include_list, "inline" => true));
    echo form_select("lbanner_col_4", $locale['debonair_0320'], $settings['lbanner_col_4'], array("options" => $include_list, "inline" => true));
    echo $locale['debonair_0316'];
    closeside();
    echo form_button("save_settings", $locale['save_changes'], "save", array("class" => "btn-success"));
    echo closeform();
    // Now use Jquery to chain the selectors - add_to_jquery combines, include into a single min. document ready script
    add_to_jquery("\n\tfunction switchSelection(selector, value) {\n\t\t\$('.choices'+selector).hide();\n\t\tif (value == '0') {\n\t\t\t\$('.choices'+selector).hide();\n\t\t} else {\n\t\t\t\$('#ubanner_col_'+selector+'-'+value+'-choices').show();\n\t\t}\n\t}\n\t\$('#ubanner_col_1').bind('change', function() { switchSelection(1, \$(this).val()); });\n\t\$('#ubanner_col_2').bind('change', function() { switchSelection(2, \$(this).val()); });\n\t\$('#ubanner_col_3').bind('change', function() { switchSelection(3, \$(this).val()); });\n\t");
}
Exemplo n.º 24
0
 public function render_edit_form()
 {
     $thread = $this->thread();
     $thread_info = $thread->get_threadInfo();
     $thread_data = $thread_info['thread'];
     $forum_settings = $this->get_forum_settings();
     $locale = fusion_get_locale("", FORUM_LOCALE);
     $locale += fusion_get_locale("", FORUM_TAGS_LOCALE);
     $userdata = fusion_get_userdata();
     if ((!iMOD or !iSUPERADMIN) && $thread_data['thread_locked']) {
         redirect(INFUSIONS . 'forum/index.php');
     }
     if (isset($_GET['post_id']) && isnum($_GET['post_id'])) {
         add_to_title($locale['global_201'] . $locale['forum_0503']);
         add_breadcrumb(array('link' => '', 'title' => $locale['forum_0503']));
         $result = dbquery("SELECT tp.*, tt.thread_subject, tt.thread_poll, tt.thread_author, tt.thread_locked, MIN(tp2.post_id) AS first_post\n\t\t\t\tFROM " . DB_FORUM_POSTS . " tp\n\t\t\t\tINNER JOIN " . DB_FORUM_THREADS . " tt on tp.thread_id=tt.thread_id\n\t\t\t\tINNER JOIN " . DB_FORUM_POSTS . " tp2 on tp.thread_id=tp2.thread_id\n\t\t\t\tWHERE tp.post_id='" . intval($_GET['post_id']) . "' AND tp.thread_id='" . intval($thread_data['thread_id']) . "' AND tp.forum_id='" . intval($thread_data['forum_id']) . "'\n\t\t\t\tGROUP BY tp2.post_id\n\t\t\t\t");
         // Permission to edit
         if (dbrows($result) > 0) {
             $post_data = dbarray($result);
             if ((iMOD or iSUPERADMIN) || $thread->getThreadPermission("can_reply") && $post_data['post_author'] == $userdata['user_id']) {
                 $is_first_post = $post_data['post_id'] == $thread_info['post_firstpost'] ? TRUE : FALSE;
                 // no edit if locked
                 if ($post_data['post_locked'] && !iMOD) {
                     redirect(FORUM . "postify.php?post=edit&error=5&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'] . "&post_id=" . $post_data['post_id']);
                 }
                 // no edit if time limit reached
                 if (!iMOD && ($forum_settings['forum_edit_timelimit'] > 0 && time() - $forum_settings['forum_edit_timelimit'] * 60 > $post_data['post_datestamp'])) {
                     redirect(FORUM . "postify.php?post=edit&error=6&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'] . "&post_id=" . $post_data['post_id']);
                 }
                 // execute form post actions
                 if (isset($_POST['post_edit'])) {
                     require_once INCLUDES . "flood_include.php";
                     if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
                         // have notice
                         $post_data = array('forum_id' => $thread_data['forum_id'], 'thread_id' => $thread_data['thread_id'], 'post_id' => $post_data['post_id'], 'thread_subject' => '', 'post_message' => form_sanitizer($_POST['post_message'], '', 'post_message'), 'post_showsig' => isset($_POST['post_showsig']) ? 1 : 0, 'post_smileys' => isset($_POST['post_smileys']) || isset($_POST['post_message']) && preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? 1 : 0, 'post_author' => $userdata['user_id'], 'post_datestamp' => $post_data['post_datestamp'], 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => $userdata['user_id'], 'post_edittime' => isset($_POST['hide_edit']) ? 0 : time(), 'post_editreason' => form_sanitizer($_POST['post_editreason'], '', 'post_editreason'), 'post_hidden' => 0, 'notify_me' => 0, 'post_locked' => $forum_settings['forum_edit_lock'] || isset($_POST['post_locked']) ? 1 : 0);
                         // require thread_subject if first post
                         if ($is_first_post) {
                             $post_data['thread_subject'] = form_sanitizer($_POST['thread_subject'], '', 'thread_subject');
                             $current_thread_tags = form_sanitizer($_POST['thread_tags'], '', 'thread_tags');
                             if ($thread_data['thread_tags'] !== $current_thread_tags) {
                                 // Assign the old ones into history
                                 $thread_data['thread_tags_old'] = $thread_data['thread_tags'];
                                 $thread_data['thread_tags_change'] = time();
                             }
                             $thread_data['thread_tags'] = $current_thread_tags;
                             $thread_data['thread_subject'] = $post_data['thread_subject'];
                         }
                         $thread_data['thread_sticky'] = isset($_POST['thread_sticky']) ? 1 : 0;
                         if (\defender::safe()) {
                             // If post delete checkbox
                             $this->delete_post($post_data['post_id'], $post_data['thread_id'], $post_data['forum_id']);
                             // Update thread subject
                             if ($is_first_post) {
                                 dbquery_insert(DB_FORUM_THREADS, $thread_data, "update", array("keep_session" => TRUE));
                             }
                             // Prepare forum merging action
                             $last_post_author = dbarray(dbquery("SELECT post_author FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $thread_data['thread_id'] . "' ORDER BY post_id DESC LIMIT 1"));
                             if ($last_post_author == $post_data['post_author'] && $thread_data['forum_merge']) {
                                 $last_message = dbarray(dbquery("SELECT post_id, post_message FROM " . DB_FORUM_POSTS . " WHERE thread_id='" . $thread_data['thread_id'] . "' ORDER BY post_id DESC"));
                                 $post_data['post_id'] = $last_message['post_id'];
                                 $post_data['post_message'] = $last_message['post_message'] . "\n\n" . $locale['forum_0640'] . " " . showdate("longdate", time()) . ":\n" . $post_data['post_message'];
                                 dbquery_insert(DB_FORUM_POSTS, $post_data, 'update', array('primary_key' => 'post_id', 'keep_session' => TRUE));
                             } else {
                                 dbquery_insert(DB_FORUM_POSTS, $post_data, 'update', array('primary_key' => 'post_id', 'keep_session' => TRUE));
                             }
                             // Delete attachments if there is any
                             foreach ($_POST as $key => $value) {
                                 if (!strstr($key, "delete_attach")) {
                                     continue;
                                 }
                                 $key = str_replace("delete_attach_", "", $key);
                                 $result = dbquery("SELECT * FROM " . DB_FORUM_ATTACHMENTS . " WHERE post_id='" . $post_data['post_id'] . "' AND attach_id='" . (isnum($key) ? $key : 0) . "'");
                                 if (dbrows($result) != 0 && $value) {
                                     $adata = dbarray($result);
                                     unlink(FORUM . "attachments/" . $adata['attach_name']);
                                     dbquery("DELETE FROM " . DB_FORUM_ATTACHMENTS . " WHERE post_id='" . $post_data['post_id'] . "' AND attach_id='" . (isnum($key) ? $key : 0) . "'");
                                 }
                             }
                             if (!empty($_FILES) && is_uploaded_file($_FILES['file_attachments']['tmp_name'][0]) && $thread->getThreadPermission("can_upload_attach")) {
                                 $upload = form_sanitizer($_FILES['file_attachments'], '', 'file_attachments');
                                 if ($upload['error'] == 0) {
                                     foreach ($upload['target_file'] as $arr => $file_name) {
                                         $attachment = array('thread_id' => $thread_data['thread_id'], 'post_id' => $post_data['post_id'], 'attach_name' => $file_name, 'attach_mime' => $upload['type'][$arr], 'attach_size' => $upload['source_size'][$arr], 'attach_count' => '0');
                                         dbquery_insert(DB_FORUM_ATTACHMENTS, $attachment, 'save', array('keep_session' => TRUE));
                                     }
                                 }
                             }
                             if (\defender::safe()) {
                                 redirect(FORUM . "postify.php?post=edit&error=0&amp;forum_id=" . intval($post_data['forum_id']) . "&amp;thread_id=" . intval($post_data['thread_id']) . "&amp;post_id=" . intval($post_data['post_id']));
                             }
                         }
                     }
                 }
                 // template data
                 $form_action = FORUM . "viewthread.php?action=edit&amp;forum_id=" . $thread_data['forum_id'] . "&amp;thread_id=" . $thread_data['thread_id'] . "&amp;post_id=" . $_GET['post_id'];
                 // get attachment.
                 $attachments = array();
                 $attach_rows = 0;
                 if ($thread->getThreadPermission("can_upload_attach") && !empty($thread_info['post_items'][$post_data['post_id']]['post_attachments'])) {
                     // need id
                     $a_result = dbquery("SELECT * FROM " . DB_FORUM_ATTACHMENTS . " WHERE post_id='" . intval($post_data['post_id']) . "' AND thread_id='" . intval($thread_data['thread_id']) . "'");
                     $attach_rows = dbrows($a_result);
                     if ($attach_rows > 0) {
                         while ($a_data = dbarray($a_result)) {
                             $attachments[] = $a_data;
                         }
                     }
                 }
                 $info = array('title' => $locale['forum_0507'], 'description' => $locale['forum_2000'] . $thread_data['thread_subject'], 'openform' => openform('input_form', 'post', $form_action, array('enctype' => $thread->getThreadPermission("can_upload_attach") ? TRUE : FALSE)), 'closeform' => closeform(), 'forum_id_field' => form_hidden('forum_id', '', $post_data['forum_id']), 'thread_id_field' => form_hidden('thread_id', '', $post_data['thread_id']), 'tags_field' => $is_first_post ? form_select('thread_tags[]', $locale['forum_tag_0100'], $thread_data['thread_tags'], array('options' => $this->tag()->get_TagOpts(), 'width' => '100%', 'multiple' => TRUE, 'delimiter' => '.', 'max_select' => 3)) : '', "forum_field" => "", 'subject_field' => $thread_info['post_firstpost'] == $_GET['post_id'] ? form_text('thread_subject', $locale['forum_0600'], $thread_data['thread_subject'], array('required' => TRUE, 'placeholder' => $locale['forum_2001'], "class" => 'm-t-20 m-b-20')) : form_hidden("thread_subject", "", $thread_data['thread_subject']), 'message_field' => form_textarea('post_message', $locale['forum_0601'], $post_data['post_message'], array('required' => TRUE, 'autosize' => TRUE, 'no_resize' => TRUE, 'preview' => TRUE, 'form_name' => 'input_form', 'bbcode' => TRUE)), 'delete_field' => form_checkbox('delete', $locale['forum_0624'], '', array('class' => 'm-b-0', 'reverse_label' => TRUE)), 'edit_reason_field' => form_text('post_editreason', $locale['forum_0611'], $post_data['post_editreason'], array('placeholder' => '', 'class' => 'm-t-20 m-b-20')), 'attachment_field' => $thread->getThreadPermission("can_upload_attach") ? form_fileinput('file_attachments[]', $locale['forum_0557'], "", array('input_id' => 'file_attachments', 'upload_path' => FORUM . 'attachments/', 'type' => 'object', 'preview_off' => TRUE, 'multiple' => TRUE, 'max_count' => $attach_rows > 0 ? $forum_settings['forum_attachmax_count'] - $attach_rows : $forum_settings['forum_attachmax_count'], 'valid_ext' => $forum_settings['forum_attachtypes'])) . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t <div class='m-b-20'>\n<small>" . sprintf($locale['forum_0559'], parsebytesize($forum_settings['forum_attachmax']), str_replace('|', ', ', $forum_settings['forum_attachtypes']), $forum_settings['forum_attachmax_count']) . "</small>\n</div>\n" : "", "poll_form" => "", 'smileys_field' => form_checkbox('post_smileys', $locale['forum_0622'], $post_data['post_smileys'], array('class' => 'm-b-0', 'reverse_label' => TRUE)), 'signature_field' => array_key_exists("user_sig", $userdata) && $userdata['user_sig'] ? form_checkbox('post_showsig', $locale['forum_0623'], $post_data['post_showsig'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'sticky_field' => (iMOD || iSUPERADMIN) && $is_first_post ? form_checkbox('thread_sticky', $locale['forum_0620'], $thread_data['thread_sticky'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'lock_field' => iMOD || iSUPERADMIN ? form_checkbox('thread_locked', $locale['forum_0621'], $thread_data['thread_locked'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'hide_edit_field' => form_checkbox('hide_edit', $locale['forum_0627'], !empty($post_data['post_editreason']) && empty($post_data['post_edittime']) ? 1 : 0, array('class' => 'm-b-0', 'reverse_label' => TRUE)), 'post_locked_field' => iMOD || iSUPERADMIN ? form_checkbox('post_locked', $locale['forum_0628'], $post_data['post_locked'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'notify_field' => '', 'post_buttons' => form_button('post_edit', $locale['forum_0504'], $locale['forum_0504'], array('class' => 'btn-primary')) . form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default m-l-10')), 'last_posts_reply' => '');
                 $a_info = '';
                 if (!empty($attachments)) {
                     foreach ($attachments as $a_data) {
                         $a_info .= form_checkbox("delete_attach_" . $a_data['attach_id'], $locale['forum_0625'], 0, array("reverse_label" => TRUE, "ext_tip" => "<a href='" . FORUM . "attachments/" . $a_data['attach_name'] . "'>" . $a_data['attach_name'] . "</a> [" . parsebytesize($a_data['attach_size']) . "]"));
                     }
                     $info['attachment_field'] = $a_info . $info['attachment_field'];
                 }
                 display_forum_postform($info);
             } else {
                 if (fusion_get_settings("site_seo")) {
                     redirect(fusion_get_settings("siteurl") . "infusions/forum/index.php");
                 }
                 redirect(FORUM . 'index.php');
                 // no access
             }
         } else {
             redirect(FORUM . "postify.php?post=edit&error=4&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'] . "&post_id=" . $_GET['post_id']);
         }
     } else {
         if (fusion_get_settings("site_seo")) {
             redirect(fusion_get_settings("siteurl") . "infusions/forum/index.php");
         }
         redirect(FORUM . "index.php");
     }
 }
Exemplo n.º 25
0
 /**
  * Forum Admin Main Template Output
  */
 public function display_forum_index()
 {
     $res = FALSE;
     if (isset($_POST['init_forum'])) {
         $this->data['forum_name'] = self::check_validForumName(form_sanitizer($_POST['forum_name'], '', 'forum_name'), 0);
         if ($this->data['forum_name']) {
             $this->data['forum_cat'] = isset($_GET['parent_id']) && isnum($_GET['parent_id']) ? $_GET['parent_id'] : 0;
             $res = TRUE;
         }
     }
     if ($res == TRUE or isset($_POST['save_forum']) && !\defender::safe() or isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['forum_id']) && isnum($_GET['forum_id'])) {
         $this->display_forum_form();
     } elseif (isset($_GET['action']) && $_GET['action'] == 'p_edit' && isset($_GET['forum_id']) && isnum($_GET['forum_id'])) {
         self::display_forum_permissions_form();
     } else {
         self::display_forum_jumper();
         self::display_forum_list();
         self::quick_create_forum();
     }
 }
Exemplo n.º 26
0
 /**
  * New thread
  */
 public function set_newThreadInfo()
 {
     $userdata = fusion_get_userdata();
     $locale = fusion_get_locale("", FORUM_LOCALE);
     $locale += fusion_get_locale("", FORUM_TAGS_LOCALE);
     $forum_settings = ForumServer::get_forum_settings();
     // @todo: Reduce lines and optimize further
     if (iMEMBER) {
         // New thread directly to a specified forum
         if (!empty($_GET['forum_id']) && ForumServer::verify_forum($_GET['forum_id'])) {
             add_to_title($locale['forum_0000']);
             add_to_meta("description", $locale['forum_0000']);
             add_breadcrumb(array("link" => FORUM . "index.php", "title" => $locale['forum_0000']));
             add_to_title($locale['global_201'] . $locale['forum_0057']);
             $forum_data = dbarray(dbquery("SELECT f.*, f2.forum_name AS forum_cat_name\n\t\t\t\tFROM " . DB_FORUMS . " f\n\t\t\t\tLEFT JOIN " . DB_FORUMS . " f2 ON f.forum_cat=f2.forum_id\n\t\t\t\tWHERE f.forum_id='" . intval($_GET['forum_id']) . "'\n\t\t\t\tAND " . groupaccess('f.forum_access') . "\n\t\t\t\t"));
             if ($forum_data['forum_type'] == 1) {
                 redirect(INFUSIONS . "forum/index.php");
             }
             // Use the new permission settings
             self::setPermission($forum_data);
             $forum_data['lock_edit'] = $forum_settings['forum_edit_lock'];
             if (self::getPermission("can_post") && self::getPermission("can_access")) {
                 add_breadcrumb(array('link' => INFUSIONS . 'forum/index.php?viewforum&amp;forum_id=' . $forum_data['forum_id'] . '&amp;parent_id=' . $forum_data['forum_cat'], 'title' => $forum_data['forum_name']));
                 add_breadcrumb(array('link' => INFUSIONS . 'forum/index.php?viewforum&amp;forum_id=' . $forum_data['forum_id'] . '&amp;parent_id=' . $forum_data['forum_cat'], 'title' => $locale['forum_0057']));
                 /**
                  * Generate a poll form
                  */
                 $poll_form = "";
                 if (self::getPermission("can_create_poll")) {
                     // initial data to push downwards
                     $pollData = array('thread_id' => 0, 'forum_poll_title' => !empty($_POST['forum_poll_title']) ? form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title') : '', 'forum_poll_start' => time(), 'forum_poll_length' => 2, 'forum_poll_votes' => 0);
                     // counter of lengths
                     $option_data[1] = "";
                     $option_data[2] = "";
                     // Do a validation if checked add_poll
                     if (isset($_POST['add_poll'])) {
                         $pollData = array('thread_id' => 0, 'forum_poll_title' => isset($_POST['forum_poll_title']) ? form_sanitizer($_POST['forum_poll_title'], '', 'forum_poll_title') : '', 'forum_poll_start' => time(), 'forum_poll_length' => count($option_data), 'forum_poll_votes' => 0);
                         // calculate poll lengths
                         if (!empty($_POST['poll_options']) && is_array($_POST['poll_options'])) {
                             foreach ($_POST['poll_options'] as $i => $value) {
                                 $option_data[$i] = form_sanitizer($value, '', "poll_options[{$i}]");
                             }
                         }
                     }
                     if (isset($_POST['add_poll_option']) && isset($_POST['poll_options'])) {
                         // reindex the whole array with blank values.
                         foreach ($_POST['poll_options'] as $i => $value) {
                             $option_data[$i] = form_sanitizer($value, '', "poll_options[{$i}]");
                         }
                         if (\defender::safe()) {
                             $option_data = array_values(array_filter($option_data));
                             array_unshift($option_data, NULL);
                             unset($option_data[0]);
                             $pollData['forum_poll_length'] = count($option_data);
                         }
                         array_push($option_data, '');
                     }
                     $poll_field = '';
                     $poll_field['poll_field'] = form_text('forum_poll_title', $locale['forum_0604'], $pollData['forum_poll_title'], array('max_length' => 255, 'placeholder' => $locale['forum_0604a'], 'inline' => TRUE, 'required' => TRUE));
                     for ($i = 1; $i <= count($option_data); $i++) {
                         $poll_field['poll_field'] .= form_text("poll_options[{$i}]", sprintf($locale['forum_0606'], $i), $option_data[$i], array('max_length' => 255, 'placeholder' => $locale['forum_0605'], 'inline' => TRUE, 'required' => $i <= 2 ? TRUE : FALSE));
                     }
                     $poll_field['poll_field'] .= "<div class='col-xs-12 col-sm-offset-3'>\n";
                     $poll_field['poll_field'] .= form_button('add_poll_option', $locale['forum_0608'], $locale['forum_0608'], array('class' => 'btn-primary btn-sm'));
                     $poll_field['poll_field'] .= "</div>\n";
                     $info = array('title' => $locale['forum_0366'], 'description' => $locale['forum_0630'], 'field' => $poll_field);
                     ob_start();
                     echo form_checkbox("add_poll", $locale['forum_0366'], isset($_POST['add_poll']) ? TRUE : FALSE, array('reverse_label' => TRUE));
                     echo "<div id='poll_form' class='poll-form' style='display:none;'>\n";
                     echo "<div class='well clearfix'>\n";
                     echo "<!--pre_form-->\n";
                     echo $info['field']['poll_field'];
                     echo "</div>\n";
                     echo "</div>\n";
                     $poll_form = ob_get_contents();
                     ob_end_clean();
                 }
                 $thread_data = array('forum_id' => $forum_data['forum_id'], 'thread_id' => 0, 'thread_subject' => isset($_POST['thread_subject']) ? form_sanitizer($_POST['thread_subject'], '', 'thread_subject') : '', 'thread_tags' => isset($_POST['thread_tags']) ? form_sanitizer($_POST['thread_tags'], '', 'thread_tags') : '', 'thread_author' => $userdata['user_id'], 'thread_views' => 0, 'thread_lastpost' => time(), 'thread_lastpostid' => 0, 'thread_lastuser' => $userdata['user_id'], 'thread_postcount' => 1, 'thread_poll' => 0, 'thread_sticky' => isset($_POST['thread_sticky']) ? 1 : 0, 'thread_locked' => isset($_POST['thread_sticky']) ? 1 : 0, 'thread_hidden' => 0);
                 $post_data = array('forum_id' => $forum_data['forum_id'], 'forum_cat' => $forum_data['forum_cat'], 'thread_id' => 0, 'post_id' => 0, 'post_message' => isset($_POST['post_message']) ? form_sanitizer($_POST['post_message'], '', 'post_message') : '', 'post_showsig' => isset($_POST['post_showsig']) ? 1 : 0, 'post_smileys' => !isset($_POST['post_smileys']) || isset($_POST['post_message']) && preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? 0 : 1, 'post_author' => $userdata['user_id'], 'post_datestamp' => time(), 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => 0, 'post_edittime' => 0, 'post_editreason' => '', 'post_hidden' => 0, 'notify_me' => isset($_POST['notify_me']) ? 1 : 0, 'post_locked' => 0);
                 // Execute post new thread
                 if (isset($_POST['post_newthread']) && \defender::safe()) {
                     require_once INCLUDES . "flood_include.php";
                     // all data is sanitized here.
                     if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
                         // have notice
                         if (\defender::safe()) {
                             // create a new thread.
                             dbquery_insert(DB_FORUM_THREADS, $thread_data, 'save', array('primary_key' => 'thread_id', 'keep_session' => TRUE));
                             $post_data['thread_id'] = dblastid();
                             $pollData['thread_id'] = dblastid();
                             dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id', 'keep_session' => TRUE));
                             $post_data['post_id'] = dblastid();
                             // Attach files if permitted
                             if (!empty($_FILES) && is_uploaded_file($_FILES['file_attachments']['tmp_name'][0]) && self::getPermission("can_upload_attach")) {
                                 $upload = form_sanitizer($_FILES['file_attachments'], '', 'file_attachments');
                                 if ($upload['error'] == 0) {
                                     foreach ($upload['target_file'] as $arr => $file_name) {
                                         $attach_data = array('thread_id' => $post_data['thread_id'], 'post_id' => $post_data['post_id'], 'attach_name' => $file_name, 'attach_mime' => $upload['type'][$arr], 'attach_size' => $upload['source_size'][$arr], 'attach_count' => '0');
                                         dbquery_insert(DB_FORUM_ATTACHMENTS, $attach_data, "save", array('keep_session' => TRUE));
                                     }
                                 }
                             }
                             dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . intval($post_data['post_author']) . "'");
                             // Update stats in forum and threads
                             // find all parents and update them
                             $list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), $post_data['forum_id']);
                             if (is_array($list_of_forums)) {
                                 foreach ($list_of_forums as $forum_id) {
                                     $forum_update_sql = "\n                                        UPDATE " . DB_FORUMS . " SET forum_lastpost='" . intval($post_data['post_datestamp']) . "',\n                                        forum_postcount=forum_postcount+1,\n                                        forum_threadcount=forum_threadcount+1,\n                                        forum_lastpostid='" . intval($post_data['post_id']) . "',\n                                        forum_lastuser='******'post_author']) . "' WHERE forum_id='" . intval($forum_id) . "'\n                                        ";
                                     dbquery($forum_update_sql);
                                 }
                             }
                             // update current forum
                             dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . $post_data['post_datestamp'] . "', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $post_data['forum_id'] . "'");
                             // update current thread
                             dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost='" . $post_data['post_datestamp'] . "', thread_lastpostid='" . $post_data['post_id'] . "', thread_lastuser='******'post_author'] . "' WHERE thread_id='" . $post_data['thread_id'] . "'");
                             // set notify
                             if ($forum_settings['thread_notify'] && isset($_POST['notify_me']) && $post_data['thread_id']) {
                                 if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $post_data['thread_id'] . "' AND notify_user='******'post_author'] . "'")) {
                                     dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $post_data['thread_id'] . "', '" . $post_data['post_datestamp'] . "', '" . $post_data['post_author'] . "', '1')");
                                 }
                             }
                             // Add poll if exist
                             if (!empty($option_data) && isset($_POST['add_poll'])) {
                                 dbquery_insert(DB_FORUM_POLLS, $pollData, 'save');
                                 $poll_option_data['thread_id'] = $pollData['thread_id'];
                                 $i = 1;
                                 foreach ($option_data as $option_text) {
                                     if ($option_text) {
                                         $poll_option_data['forum_poll_option_id'] = $i;
                                         $poll_option_data['forum_poll_option_text'] = $option_text;
                                         $poll_option_data['forum_poll_option_votes'] = 0;
                                         dbquery_insert(DB_FORUM_POLL_OPTIONS, $poll_option_data, 'save');
                                         $i++;
                                     }
                                 }
                                 dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_poll='1' WHERE thread_id='" . $pollData['thread_id'] . "'");
                             }
                         }
                         if (\defender::safe()) {
                             redirect(INFUSIONS . "forum/postify.php?post=new&error=0&amp;forum_id=" . intval($post_data['forum_id']) . "&amp;parent_id=" . intval($post_data['forum_cat']) . "&amp;thread_id=" . intval($post_data['thread_id'] . ""));
                         }
                     }
                 }
                 $this->info = array('title' => $locale['forum_0057'], 'description' => '', 'openform' => openform('input_form', 'post', FORUM . "newthread.php?forum_id=" . $post_data['forum_id'], array('enctype' => self::getPermission("can_upload_attach"))), 'closeform' => closeform(), 'forum_id_field' => '', 'thread_id_field' => '', "forum_field" => "", 'subject_field' => form_text('thread_subject', $locale['forum_0600'], $thread_data['thread_subject'], array('required' => 1, 'placeholder' => $locale['forum_2001'], 'error_text' => '', 'class' => 'm-t-20 m-b-20')), 'tags_field' => form_select('thread_tags[]', $locale['forum_tag_0100'], $thread_data['thread_tags'], array('options' => $this->tag()->get_TagOpts(TRUE), 'width' => '100%', 'multiple' => TRUE, 'delimiter' => '.', 'max_select' => 3)), 'message_field' => form_textarea('post_message', $locale['forum_0601'], $post_data['post_message'], array('required' => 1, 'error_text' => '', 'autosize' => 1, 'no_resize' => 1, 'preview' => 1, 'form_name' => 'input_form', 'bbcode' => 1)), 'attachment_field' => self::getPermission("can_upload_attach") ? form_fileinput('file_attachments[]', $locale['forum_0557'], "", array('input_id' => 'file_attachments', 'upload_path' => INFUSIONS . 'forum/attachments/', 'type' => 'object', 'preview_off' => TRUE, "multiple" => TRUE, "inline" => FALSE, 'max_count' => $forum_settings['forum_attachmax_count'], 'valid_ext' => $forum_settings['forum_attachtypes'], "class" => "m-b-0")) . " <div class='m-b-20'>\n<small>\n                            " . sprintf($locale['forum_0559'], parsebytesize($forum_settings['forum_attachmax']), str_replace('|', ', ', $forum_settings['forum_attachtypes']), $forum_settings['forum_attachmax_count']) . "</small>\n</div>\n" : "", 'poll_form' => $poll_form, 'smileys_field' => form_checkbox('post_smileys', $locale['forum_0622'], $post_data['post_smileys'], array('class' => 'm-b-0', 'reverse_label' => TRUE)), 'signature_field' => array_key_exists("user_sig", $userdata) && $userdata['user_sig'] ? form_checkbox('post_showsig', $locale['forum_0623'], $post_data['post_showsig'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'sticky_field' => iMOD || iSUPERADMIN ? form_checkbox('thread_sticky', $locale['forum_0620'], $thread_data['thread_sticky'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'lock_field' => iMOD || iSUPERADMIN ? form_checkbox('thread_locked', $locale['forum_0621'], $thread_data['thread_locked'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'edit_reason_field' => '', 'delete_field' => '', 'hide_edit_field' => '', 'post_locked_field' => '', 'notify_field' => $forum_settings['thread_notify'] ? form_checkbox('notify_me', $locale['forum_0626'], $post_data['notify_me'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'post_buttons' => form_button('post_newthread', $locale['forum_0057'], $locale['forum_0057'], array('class' => 'btn-primary btn-sm')) . form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default btn-sm m-l-10')), 'last_posts_reply' => '');
                 // add a jquery to toggle the poll form
                 add_to_jquery("\n                        if (\$('#add_poll').is(':checked')) {\n                            \$('#poll_form').show();\n                        } else {\n                            \$('#poll_form').hide();\n                        }\n                        \$('#add_poll').bind('click', function() {\n                            if (\$(this).is(':checked')) {\n                                \$('#poll_form').slideDown();\n                            } else {\n                                \$('#poll_form').slideUp();\n                            }\n                        });\n                    ");
             } else {
                 redirect(FORUM . "index.php");
             }
         } else {
             /*
              * Quick New Forum Posting.
              * Does not require to run permissions.
              * Does not contain forum poll.
              * Does not contain attachment
              */
             if (!dbcount("(forum_id)", DB_FORUMS, "forum_type !='1'")) {
                 redirect(INFUSIONS . "forum/index.php");
             }
             if (!dbcount("(forum_id)", DB_FORUMS, "forum_language ='" . LANGUAGE . "'")) {
                 redirect(INFUSIONS . "forum/index.php");
             }
             add_breadcrumb(array("link" => FORUM . "newthread.php?forum_id=0", "title" => $locale['forum_0057']));
             $thread_data = array('forum_id' => isset($_POST['forum_id']) ? form_sanitizer($_POST['forum_id'], 0, "forum_id") : 0, 'thread_id' => 0, 'thread_subject' => isset($_POST['thread_subject']) ? form_sanitizer($_POST['thread_subject'], '', 'thread_subject') : '', 'thread_tags' => isset($_POST['thread_tags']) ? form_sanitizer($_POST['thread_tags'], '', 'thread_tags') : '', 'thread_author' => $userdata['user_id'], 'thread_views' => 0, 'thread_lastpost' => time(), 'thread_lastpostid' => 0, 'thread_lastuser' => $userdata['user_id'], 'thread_postcount' => 1, 'thread_poll' => 0, 'thread_sticky' => isset($_POST['thread_sticky']) ? TRUE : FALSE, 'thread_locked' => isset($_POST['thread_sticky']) ? TRUE : FALSE, 'thread_hidden' => 0);
             $post_data = array('forum_id' => isset($_POST['forum_id']) ? form_sanitizer($_POST['forum_id'], 0, "forum_id") : 0, "forum_cat" => 0, 'thread_id' => 0, 'post_id' => 0, 'post_message' => isset($_POST['post_message']) ? form_sanitizer($_POST['post_message'], '', 'post_message') : '', 'post_showsig' => isset($_POST['post_showsig']) ? TRUE : FALSE, 'post_smileys' => !isset($_POST['post_smileys']) || isset($_POST['post_message']) && preg_match("#(\\[code\\](.*?)\\[/code\\]|\\[geshi=(.*?)\\](.*?)\\[/geshi\\]|\\[php\\](.*?)\\[/php\\])#si", $_POST['post_message']) ? FALSE : TRUE, 'post_author' => $userdata['user_id'], 'post_datestamp' => time(), 'post_ip' => USER_IP, 'post_ip_type' => USER_IP_TYPE, 'post_edituser' => 0, 'post_edittime' => 0, 'post_editreason' => '', 'post_hidden' => 0, 'notify_me' => isset($_POST['notify_me']) ? TRUE : FALSE, 'post_locked' => 0);
             // go for a new thread posting.
             // check data
             // and validate
             // do not run attach, and do not run poll.
             if (isset($_POST['post_newthread']) && \defender::safe()) {
                 require_once INCLUDES . "flood_include.php";
                 // all data is sanitized here.
                 if (!flood_control("post_datestamp", DB_FORUM_POSTS, "post_author='" . $userdata['user_id'] . "'")) {
                     // have notice
                     if (ForumServer::verify_forum($thread_data['forum_id'])) {
                         $forum_data = dbarray(dbquery("SELECT f.*, f2.forum_name AS forum_cat_name\n                            FROM " . DB_FORUMS . " f\n                            LEFT JOIN " . DB_FORUMS . " f2 ON f.forum_cat=f2.forum_id\n                            WHERE f.forum_id='" . intval($thread_data['forum_id']) . "'\n                            AND " . groupaccess('f.forum_access') . "\n                            "));
                         if ($forum_data['forum_type'] == 1) {
                             redirect(INFUSIONS . "forum/index.php");
                         }
                         // Use the new permission settings
                         self::setPermission($forum_data);
                         $forum_data['lock_edit'] = $forum_settings['forum_edit_lock'];
                         if (self::getPermission("can_post") && self::getPermission("can_access")) {
                             $post_data['forum_cat'] = $forum_data['forum_cat'];
                             // create a new thread.
                             dbquery_insert(DB_FORUM_THREADS, $thread_data, 'save', array('primary_key' => 'thread_id', 'keep_session' => TRUE));
                             $post_data['thread_id'] = dblastid();
                             dbquery_insert(DB_FORUM_POSTS, $post_data, 'save', array('primary_key' => 'post_id', 'keep_session' => TRUE));
                             $post_data['post_id'] = dblastid();
                             dbquery("UPDATE " . DB_USERS . " SET user_posts=user_posts+1 WHERE user_id='" . $post_data['post_author'] . "'");
                             // Update stats in forum and threads
                             // find all parents and update them
                             $list_of_forums = get_all_parent(dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), $post_data['forum_id']);
                             foreach ($list_of_forums as $fid) {
                                 dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost='" . time() . "', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $fid . "'");
                             }
                             // update current forum
                             dbquery("UPDATE " . DB_FORUMS . " SET forum_lastpost=''" . time() . "'', forum_postcount=forum_postcount+1, forum_threadcount=forum_threadcount+1, forum_lastpostid='" . $post_data['post_id'] . "', forum_lastuser='******'post_author'] . "' WHERE forum_id='" . $post_data['forum_id'] . "'");
                             // update current thread
                             dbquery("UPDATE " . DB_FORUM_THREADS . " SET thread_lastpost=''" . time() . "'', thread_lastpostid='" . $post_data['post_id'] . "', thread_lastuser='******'post_author'] . "' WHERE thread_id='" . $post_data['thread_id'] . "'");
                             // set notify
                             if ($forum_settings['thread_notify'] && isset($_POST['notify_me']) && $post_data['thread_id']) {
                                 if (!dbcount("(thread_id)", DB_FORUM_THREAD_NOTIFY, "thread_id='" . $post_data['thread_id'] . "' AND notify_user='******'post_author'] . "'")) {
                                     dbquery("INSERT INTO " . DB_FORUM_THREAD_NOTIFY . " (thread_id, notify_datestamp, notify_user, notify_status) VALUES('" . $post_data['thread_id'] . "', '" . time() . "', '" . $post_data['post_author'] . "', 1)");
                                 }
                             }
                             if (\defender::safe()) {
                                 redirect(INFUSIONS . "forum/postify.php?post=new&error=0&amp;forum_id=" . intval($post_data['forum_id']) . "&amp;parent_id=" . intval($post_data['forum_cat']) . "&amp;thread_id=" . intval($post_data['thread_id'] . ""));
                             }
                         } else {
                             addNotice("danger", $locale['forum_0186']);
                         }
                     } else {
                         addNotice("danger", $locale['forum_0187']);
                         redirect(INFUSIONS . "forum/index.php");
                     }
                 }
             }
             //Disable all parents
             $disabled_opts = array();
             $disable_query = "\n                SELECT forum_id FROM " . DB_FORUMS . " WHERE forum_type='1'\n                " . (multilang_table("FO") ? "AND forum_language='" . LANGUAGE . "'" : "") . "\n                ";
             $disable_query = dbquery(" {$disable_query} ");
             if (dbrows($disable_query) > 0) {
                 while ($d_forum = dbarray($disable_query)) {
                     $disabled_opts = $d_forum['forum_id'];
                 }
             }
             $this->info = array('title' => $locale['forum_0057'], 'description' => '', 'openform' => openform('input_form', 'post', FORUM . "newthread.php", array('enctype' => FALSE)), 'closeform' => closeform(), 'forum_id_field' => '', 'thread_id_field' => '', 'forum_field' => form_select_tree("forum_id", $locale['forum_0395'], $thread_data['forum_id'], array("required" => TRUE, "width" => "320px", "no_root" => TRUE, "disable_opts" => $disabled_opts, "query" => multilang_table("FO") ? "WHERE forum_language='" . LANGUAGE . "'" : ""), DB_FORUMS, "forum_name", "forum_id", "forum_cat"), 'subject_field' => form_text('thread_subject', $locale['forum_0600'], $thread_data['thread_subject'], array('required' => 1, 'placeholder' => $locale['forum_2001'], 'error_text' => '', 'class' => 'm-t-20 m-b-20')), 'tags_field' => form_select('thread_tags[]', $locale['forum_tag_0100'], $thread_data['thread_tags'], array('options' => $this->tag()->get_TagOpts(), 'width' => '100%', 'multiple' => TRUE, 'delimiter' => '.', 'max_select' => 3)), 'message_field' => form_textarea('post_message', $locale['forum_0601'], $post_data['post_message'], array('required' => 1, 'error_text' => '', 'autosize' => 1, 'no_resize' => 1, 'preview' => 1, 'form_name' => 'input_form', 'bbcode' => 1)), 'attachment_field' => "", 'poll_form' => "", 'smileys_field' => form_checkbox('post_smileys', $locale['forum_0622'], $post_data['post_smileys'], array('class' => 'm-b-0', 'reverse_label' => TRUE)), 'signature_field' => array_key_exists("user_sig", $userdata) && $userdata['user_sig'] ? form_checkbox('post_showsig', $locale['forum_0623'], $post_data['post_showsig'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'sticky_field' => iSUPERADMIN ? form_checkbox('thread_sticky', $locale['forum_0620'], $thread_data['thread_sticky'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'lock_field' => iSUPERADMIN ? form_checkbox('thread_locked', $locale['forum_0621'], $thread_data['thread_locked'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'edit_reason_field' => '', 'delete_field' => '', 'hide_edit_field' => '', 'post_locked_field' => '', 'notify_field' => $forum_settings['thread_notify'] ? form_checkbox('notify_me', $locale['forum_0626'], $post_data['notify_me'], array('class' => 'm-b-0', 'reverse_label' => TRUE)) : '', 'post_buttons' => form_button('post_newthread', $locale['forum_0057'], $locale['forum_0057'], array('class' => 'btn-primary btn-sm')) . form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default btn-sm m-l-10')), 'last_posts_reply' => '');
         }
     } else {
         redirect(INFUSIONS . 'forum/index.php');
     }
 }
Exemplo n.º 27
0
 public function viewSettingsAdmin()
 {
     global $aidlink;
     pageAccess('F');
     $forum_settings = $this->get_forum_settings();
     add_breadcrumb(array('link' => ADMIN . 'settings_forum.php' . $aidlink, 'title' => self::$locale['forum_settings']));
     if (isset($_POST['recount_user_post'])) {
         $result = dbquery("SELECT post_author, COUNT(post_id) as num_posts FROM " . DB_FORUM_POSTS . " GROUP BY post_author");
         if (dbrows($result)) {
             while ($data = dbarray($result)) {
                 $result2 = dbquery("UPDATE " . DB_USERS . " SET user_posts='" . $data['num_posts'] . "' WHERE user_id='" . $data['post_author'] . "'");
             }
             addNotice('success', self::$locale['forum_061']);
         }
     }
     if (isset($_POST['savesettings'])) {
         $numofthreads = form_sanitizer($_POST['numofthreads'], 20, 'numofthreads');
         $threads_num = form_sanitizer($_POST['threads_per_page'], 20, 'threads_per_page');
         $posts_num = form_sanitizer($_POST['posts_per_page'], 20, 'posts_per_page');
         $forum_ips = form_sanitizer($_POST['forum_ips'], -103, 'forum_ips');
         $attachmax = form_sanitizer($_POST['calc_b'], 1, 'calc_b') * form_sanitizer($_POST['calc_c'], 1000000, 'calc_c');
         $attachmax_count = form_sanitizer($_POST['forum_attachmax_count'], 5, 'forum_attachmax_count');
         $attachtypes = form_sanitizer($_POST['forum_attachtypes'], '.pdf,.gif,.jpg,.png,.zip,.rar,.tar,.bz2,.7z', 'forum_attachtypes');
         $thread_notify = form_sanitizer($_POST['thread_notify'], '0', 'thread_notify');
         $forum_ranks = form_sanitizer($_POST['forum_ranks'], '0', 'forum_ranks');
         $forum_rank_style = form_sanitizer($_POST['forum_rank_style'], '0', 'forum_rank_style');
         $forum_edit_lock = form_sanitizer($_POST['forum_edit_lock'], '0', 'forum_edit_lock');
         $forum_edit_timelimit = form_sanitizer($_POST['forum_edit_timelimit'], '0', 'forum_edit_timelimit');
         $popular_threads_timeframe = form_sanitizer($_POST['popular_threads_timeframe'], '604800', 'popular_threads_timeframe');
         $forum_last_posts_reply = form_sanitizer($_POST['forum_last_posts_reply'], '0', 'forum_last_posts_reply');
         $forum_last_post_avatar = form_sanitizer($_POST['forum_last_post_avatar'], '0', 'forum_last_post_avatar');
         $forum_editpost_to_lastpost = form_sanitizer($_POST['forum_editpost_to_lastpost'], '0', 'forum_editpost_to_lastpost');
         if (\defender::safe()) {
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$numofthreads}' WHERE settings_name='numofthreads' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$threads_num}' WHERE settings_name='threads_per_page' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$posts_num}' WHERE settings_name='posts_per_page'  AND settings_inf='forum'");
             //".(isnum($_POST['forum_ips']) ? $_POST['forum_ips'] : "103")."
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_ips}' WHERE settings_name='forum_ips' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$attachmax}' WHERE settings_name='forum_attachmax' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$attachmax_count}' WHERE settings_name='forum_attachmax_count' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$attachtypes}' WHERE settings_name='forum_attachtypes' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$thread_notify}' WHERE settings_name='thread_notify' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_ranks}' WHERE settings_name='forum_ranks' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_rank_style}' WHERE settings_name='forum_rank_style' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_edit_lock}' WHERE settings_name='forum_edit_lock' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_edit_timelimit}' WHERE settings_name='forum_edit_timelimit' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$popular_threads_timeframe}' WHERE settings_name='popular_threads_timeframe' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_last_posts_reply}' WHERE settings_name='forum_last_posts_reply' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_last_post_avatar}' WHERE settings_name='forum_last_post_avatar' AND settings_inf='forum'");
             dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_editpost_to_lastpost}' WHERE settings_name='forum_editpost_to_lastpost' AND settings_inf='forum'");
             addNotice('success', self::$locale['900']);
             redirect(FUSION_SELF . $aidlink . '&section=fs');
         }
     }
     $yes_no_array = array('1' => self::$locale['yes'], '0' => self::$locale['no']);
     echo "<div class='well'>" . self::$locale['forum_description'] . "</div>";
     echo openform('forum_settings_form', 'post', FUSION_REQUEST, array('class' => 'm-t-20'));
     echo "<div class='row'>\n";
     echo "<div class='col-xs-12 col-sm-8'>\n";
     openside('');
     echo "<span class='small pull-right'>* " . self::$locale['506'] . "</span><br/>\n";
     echo form_text('numofthreads', self::$locale['505'], $forum_settings['numofthreads'], array('error_text' => self::$locale['error_value'], 'inline' => 1, 'width' => '150px', 'type' => 'number'));
     closeside();
     openside('');
     echo form_text('threads_per_page', self::$locale['forum_080'], $forum_settings['threads_per_page'], array('error_text' => self::$locale['error_value'], 'inline' => 1, 'width' => '150px', 'type' => 'number'));
     echo form_text('posts_per_page', self::$locale['forum_081'], $forum_settings['posts_per_page'], array('error_text' => self::$locale['error_value'], 'inline' => 1, 'width' => '150px', 'type' => 'number'));
     closeside();
     openside('');
     echo form_select('thread_notify', self::$locale['512'], $forum_settings['thread_notify'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
     closeside();
     openside('');
     echo "<span class='pull-right position-absolute small' style='right:30px;'>" . self::$locale['537'] . "</span>\n";
     echo form_select('forum_edit_timelimit', self::$locale['536'], $forum_settings['forum_edit_timelimit'], array('options' => array('0', '10', '30', '45', '60'), 'max_length' => 2, 'width' => '100px', 'required' => 1, 'error_text' => self::$locale['error_value'], 'inline' => 1));
     echo form_select('forum_ips', self::$locale['507'], $forum_settings['forum_ips'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
     echo form_select('forum_ranks', self::$locale['520'], $forum_settings['forum_ranks'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
     echo form_select('forum_rank_style', self::$locale['forum_064'], $forum_settings['forum_rank_style'], array('options' => array(self::$locale['forum_063'], self::$locale['forum_062']), 'error_text' => self::$locale['error_value'], 'inline' => 1));
     echo form_select('forum_last_post_avatar', self::$locale['539'], $forum_settings['forum_last_post_avatar'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
     echo form_select('forum_edit_lock', self::$locale['521'], $forum_settings['forum_edit_lock'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
     echo form_select('forum_editpost_to_lastpost', self::$locale['538'], $forum_settings['forum_editpost_to_lastpost'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1));
     closeside();
     echo "</div>\n";
     echo "<div class='col-xs-12 col-sm-4'>\n";
     openside('');
     $calc_opts = array(1 => 'Bytes (bytes)', 1000 => 'KB (Kilobytes)', 1000000 => 'MB (Megabytes)');
     $calc_c = self::calculate_byte($forum_settings['forum_attachmax']);
     $calc_b = $forum_settings['forum_attachmax'] / $calc_c;
     require_once INCLUDES . "mimetypes_include.php";
     $mime = mimeTypes();
     $mime_opts = array();
     foreach ($mime as $m => $Mime) {
         $ext = ".{$m}";
         $mime_opts[$ext] = $ext;
     }
     sort($mime_opts);
     echo "<div class='clearfix'>\n";
     echo "<span class='pull-right small'>" . self::$locale['509'] . "</span>";
     echo "<label for='calc_c'>" . self::$locale['508'] . "</label><br />\n";
     echo form_text('calc_b', '', $calc_b, array('required' => 1, 'number' => 1, 'error_text' => self::$locale['error_rate'], 'width' => '100px', 'max_length' => '3', 'class' => 'm-r-10 pull-left'));
     echo form_select('calc_c', '', $calc_c, array('options' => $calc_opts, 'placeholder' => self::$locale['choose'], 'class' => 'pull-left', 'width' => '100%'));
     echo "</div>\n";
     echo "<div class='clearfix'>\n";
     echo "<span class='small pull-right'>" . self::$locale['535'] . "</span>\n";
     echo "<label for='attachmax_count'>" . self::$locale['534'] . "</label>\n";
     echo form_select('forum_attachmax_count', '', $forum_settings['forum_attachmax_count'], array('options' => range(1, 10), 'error_text' => self::$locale['error_value'], 'width' => '100%'));
     echo "</div>\n";
     echo "<div class='clearfix'>\n";
     echo "<span class='small pull-right'>" . self::$locale['511'] . "</span>\n";
     echo form_select('forum_attachtypes', self::$locale['510'], $forum_settings['forum_attachtypes'], array('options' => $mime_opts, 'width' => '100%', 'error_text' => self::$locale['error_type'], 'tags' => 1, 'multiple' => 1, 'placeholder' => self::$locale['choose']));
     echo "</div>\n";
     closeside();
     openside('');
     $timeframe_opts = array('604800' => self::$locale['527'], '2419200' => self::$locale['528'], '31557600' => self::$locale['529'], '0' => self::$locale['530']);
     $lastpost_opts = array('0' => self::$locale['519'], '1' => self::$locale['533']);
     for ($i = 2; $i <= 20; $i++) {
         $array_opts[$i] = sprintf(self::$locale['532'], $i);
     }
     if (isset($_GET['action']) && $_GET['action'] == "count_posts") {
         echo alert(self::$locale['524'], '', array('class' => 'warning'));
     }
     echo "<div class='clearfix'>\n";
     echo form_select('popular_threads_timeframe', self::$locale['525'], $forum_settings['popular_threads_timeframe'], array('options' => $timeframe_opts, 'error_text' => self::$locale['error_value'], 'width' => '100%'));
     echo "</div>\n";
     echo "<div class='clearfix'>\n";
     echo form_select('forum_last_posts_reply', self::$locale['531'], $forum_settings['forum_last_posts_reply'], array('options' => $lastpost_opts, 'error_text' => self::$locale['error_value'], 'width' => '100%'));
     echo "</div>\n";
     echo form_button('recount_user_post', self::$locale['523'], '1', array('class' => 'btn-primary btn-block'));
     closeside();
     echo "</div>\n";
     echo "</div>\n";
     echo form_button('savesettings', self::$locale['750'], self::$locale['750'], array('class' => 'btn-success'));
     echo closeform();
 }
Exemplo n.º 28
0
 /**
  * Site Links Form
  */
 public function menu_form()
 {
     global $locale, $aidlink;
     fusion_confirm_exit();
     $this->AdminInstance();
     if (isset($_POST['savelink'])) {
         $data = array("link_id" => form_sanitizer($_POST['link_id'], 0, 'link_id'), "link_cat" => form_sanitizer($_POST['link_cat'], 0, 'link_cat'), "link_name" => form_sanitizer($_POST['link_name'], '', 'link_name'), "link_url" => form_sanitizer($_POST['link_url'], '', 'link_url'), "link_icon" => form_sanitizer($_POST['link_icon'], '', 'link_icon'), "link_language" => form_sanitizer($_POST['link_language'], '', 'link_language'), "link_visibility" => form_sanitizer($_POST['link_visibility'], '', 'link_visibility'), "link_position" => form_sanitizer($_POST['link_position'], '', 'link_position'), "link_order" => form_sanitizer($_POST['link_order'], '', 'link_order'));
         if (!$data['link_order']) {
             $data['link_order'] = dbresult(dbquery("SELECT MAX(link_order) FROM " . DB_SITE_LINKS . " " . (multilang_table("SL") ? "WHERE link_language='" . LANGUAGE . "' AND" : "WHERE") . " link_cat='" . $data['link_cat'] . "'"), 0) + 1;
         }
         if (\defender::safe()) {
             if (self::verify_edit($data['link_id'])) {
                 dbquery_order(DB_SITE_LINKS, $data['link_order'], "link_order", $data['link_id'], "link_id", $data['link_cat'], "link_cat", multilang_table("SL"), "link_language", "update");
                 dbquery_insert(DB_SITE_LINKS, $data, 'update');
                 addNotice("success", $locale['SL_0016']);
                 redirect(FUSION_SELF . $aidlink . "&amp;link_cat=" . $data['link_cat']);
             } else {
                 dbquery_order(DB_SITE_LINKS, $data['link_order'], "link_order", $data['link_id'], "link_id", $data['link_cat'], "link_cat", multilang_table("SL"), "link_language", "save");
                 dbquery_insert(DB_SITE_LINKS, $data, 'save');
                 addNotice("success", $locale['SL_0015']);
                 redirect(FUSION_SELF . $aidlink . "&amp;link_cat=" . $data['link_cat']);
             }
         }
     }
     echo "<div class='m-t-20'>\n";
     echo openform('linkform', 'post', $this->form_action, array('max_tokens' => 1));
     echo "<div class='row'>\n";
     echo "<div class='col-xs-12 col-sm-12 col-md-8 col-lg-8'>\n";
     echo form_hidden('link_id', '', $this->data['link_id']);
     echo form_text('link_name', $locale['SL_0020'], $this->data['link_name'], array('max_length' => 100, 'required' => TRUE, 'error_text' => $locale['SL_0085'], 'inline' => TRUE));
     echo form_text('link_icon', 'Link Icon', $this->data['link_icon'], array('max_length' => 100, 'inline' => TRUE));
     echo form_text('link_url', $locale['SL_0021'], $this->data['link_url'], array('required' => TRUE, 'error_text' => $locale['SL_0086'], 'inline' => TRUE));
     echo form_text('link_order', $locale['SL_0023'], $this->data['link_order'], array('number' => TRUE, 'class' => 'pull-left', 'inline' => TRUE));
     echo form_select('link_position', $locale['SL_0024'], $this->data['link_position'], array('options' => $this->position_opts, 'inline' => TRUE));
     echo "</div>\n";
     echo "<div class='col-xs-12 col-sm-12 col-md-4 col-lg-4'>\n";
     openside('');
     echo form_select_tree("link_cat", $locale['SL_0029'], $this->data['link_cat'], array('input_id' => 'link_categorys', "parent_value" => $locale['parent'], 'width' => '100%', 'query' => multilang_table("SL") ? "WHERE link_language='" . LANGUAGE . "'" : '', 'disable_opts' => $this->data['link_id'], 'hide_disabled' => 1), DB_SITE_LINKS, "link_name", "link_id", "link_cat");
     echo form_select('link_language', $locale['global_ML100'], $this->data['link_language'], array('options' => $this->language_opts, 'placeholder' => $locale['choose'], 'width' => '100%'));
     echo form_select('link_visibility', $locale['SL_0022'], $this->data['link_visibility'], array('options' => self::getVisibility(), 'placeholder' => $locale['choose'], 'width' => '100%'));
     echo form_checkbox('link_window', $locale['SL_0028'], $this->data['link_window']);
     closeside();
     echo "</div>\n";
     echo "</div>\n";
     echo form_button('savelink', $locale['SL_0040'], $locale['SL_0040'], array('class' => 'btn-primary'));
     echo closeform();
     echo "</div>\n";
 }