public function __construct($docid, rsMysql $db = null) { if (!$db) { $db = new rsMysql('tree'); } $this->page = $db->getRow('`id` = ' . intval($docid)); $this->set_title($this->page['name']); $this->set_description($this->page['beschreibung']); $this->set_content($this->page['content']); $this->set_template($this->page['template']); $this->docid = intval($docid); }
protected function build_usermanagement(rsContainer $Container) { if (isset($_GET['k']) && $_GET['k'] == 'usermanagement') { if (intval($_POST['userid'] > 0)) { $userdb = new rsMysql('user'); $rightsdb = new rsMysql('rights'); if (isset($_POST['email'])) { $gebdatum = explode('.', $_POST['geburtsdatum']); $userdb->update(array('vorname' => $_POST['vorname'], 'nachname' => $_POST['nachname'], 'aktiv' => $_POST['aktiv'] == 'on' ? '1' : '0', 'nickname' => strtolower($_POST['nickname']), 'klasse' => strtolower($_POST['klasse']), 'typ' => $_POST['typ'], 'amt' => $_POST['amt'], 'email' => strtolower($_POST['email']), 'geburtsdatum' => mktime(0, 0, 0, intval($gebdatum[1]), intval($gebdatum[0]), intval($gebdatum[2]))), '`id`=' . intval($_POST['userid'])); if ($_POST['docs'] != '' || $_POST['mediadirs'] != '') { $rightsdb->update_insert(array('docid' => $_POST['docs'], 'mediaid' => $_POST['mediadirs'], 'userid' => intval($_POST['userid'])), '`userid`=' . intval($_POST['userid'])); } $Container->subordinate('p', array('class' => 'success'), 'Der Benutzer "' . $_POST['vorname'] . ' ' . $_POST['nachname'] . '" (' . strtolower($_POST['email']) . ') wurde überarbeitet.'); } $user = $userdb->getRow('`id` = ' . intval($_POST['userid'])); $Container = $Container->subordinate('form', array('method' => 'post', 'class' => 'spalten')); $Container->subordinate('input', array('type' => 'hidden', 'name' => 'userid', 'value' => intval($_POST['userid']))); $Container->subordinate('p', '<div>Vorname:</div>')->subordinate('input', array('type' => 'text', 'name' => 'vorname', 'value' => $user['vorname'])); $Container->subordinate('p', '<div>Nachname:</div>')->subordinate('input', array('type' => 'text', 'name' => 'nachname', 'value' => $user['nachname'])); $Container->subordinate('p', '<div>Freigeschaltet:</div>')->subordinate('input', array('type' => 'checkbox', 'name' => 'aktiv', 'checked' => $user['aktiv'] == 0 ? 'false' : 'true')); $Container->subordinate('p', '<div>Klasse:</div>')->subordinate('input', array('type' => 'text', 'name' => 'klasse', 'value' => $user['klasse'])); $Container->subordinate('p', '<div>Nickname:</div>')->subordinate('input', array('type' => 'text', 'name' => 'nickname', 'value' => $user['nickname'])); $Container->subordinate('p', '<div>eMail-Adresse:</div>')->subordinate('input', array('type' => 'text', 'name' => 'email', 'value' => $user['email'])); $Container->subordinate('p', '<div>Amt:</div>')->subordinate('input', array('type' => 'text', 'name' => 'amt', 'value' => $user['amt'])); $Container->subordinate('p', '<div>Geburtsdatum:</div>')->subordinate('input', array('type' => 'text', 'name' => 'geburtsdatum', 'value' => date('d.m.Y', $user['geburtsdatum']))); $Typ = $Container->subordinate('p', '<div>Benutzer-Typ:</div>')->subordinate('select', array('name' => 'typ')); $Typ->subordinate('option', array('value' => 'schueler'), 'Schüler'); $Typ->subordinate('option', array('value' => 'lehrer'), 'Lehrer'); $Typ->subordinate('option', array('value' => 'aussenstehender'), 'Außenstehender'); $Container->subordinate('p', '<div>Dokument(e):</div>')->subordinate('input', array('type' => 'text', 'name' => 'docs', 'value' => $rightsdb->getColumn('docid', '`userid`=' . $user['id']))); $Container->subordinate('p', '<div>Medienverzeichniss(e):</div>')->subordinate('input', array('type' => 'text', 'name' => 'mediadirs', 'value' => $rightsdb->getColumn('mediaid', '`userid`=' . $user['id']))); $Container->subordinate('p', '<div></div>')->subordinate('input', array('type' => 'submit', 'value' => 'Änderungen sichern'))->subordinate('input', array('type' => 'button', 'onClick' => 'document.location.href=\'?i=' . $this->docid . '&j=administration\'', 'value' => 'Abbrechen')); } else { $Container = $Container->subordinate('form', array('method' => 'post')); $Container->subordinate('p', '<div>Benutzer: <span id="foundusername"></span></div>')->subordinate('input', array('type' => 'hidden', 'name' => 'userid', 'id' => 'inputfounduserid'))->subordinate('div', array('id' => 'getUser')); $Container->subordinate('div', array('id' => 'userprofile')); $Container->subordinate('p', '<div></div>')->subordinate('input', array('type' => 'submit', 'value' => 'Benutzerkonto bearbeiten'))->subordinate('input', array('type' => 'button', 'onClick' => 'document.location.href=\'?i=' . $this->docid . '&j=administration\'', 'value' => 'Abbrechen')); } } }
protected function get_file($fileid, $dir = null) { $filesdb = new rsMysql('files'); $filedata = $filesdb->getRow('`id` = ' . intval($fileid)); if (is_array($filedata) && $filedata['id'] == intval($fileid) && $this->check_file_rights($filedata)) { $filename = explode('.', $filedata['filename']); $filepath = ($dir ? $dir : '') . 'media/' . $filedata['filename']; $imagetypes = array('jpg', 'jpeg', 'png', 'gif', 'tif', 'tiff'); if (in_array(strtolower($filename[1]), $imagetypes)) { $imagesize = getimagesize($filepath); $content_type = image_type_to_mime_type($imagesize[2]); } else { $content_type = 'application/' . strtolower($filename[1]); } } elseif (is_array($filedata) && ($filedata['id'] = intval($fileid))) { $filepath = ($dir ? $dir : '') . 'static/images/notallowed.png'; $filename = array(1 => 'notallowed.png'); $content_type = 'image/png'; } if (!isset($filepath) || !file_exists($filepath)) { $filepath = ($dir ? $dir : '') . 'static/images/notfound.png'; $filename = array(1 => 'notfound.png'); $content_type = 'image/png'; } header('Content-Type: ' . $content_type); header('Content-Disposition: filename=' . $filedata['title'] . '.' . strtolower($filename[1])); header('Content-Length: ' . filesize($filepath)); readfile($filepath); return true; }
protected function process_validation(rsContainer $Container) { $postdb = new rsMysql('guestbook'); $data = $postdb->getRow('`id` = ' . intval($_GET['postid'])); if ($_GET['guestbook'] == md5($data['name'] . $data['email'] . $data['timestamp'])) { $postdb->update(array('valid' => 1), '`id` = ' . intval($_GET['postid'])); } else { $Container->subordinate('p', array('class' => 'error'), 'Der Link stimmt nicht oder Sie haben sich mit der Freischaltung zu viel Zeit gelassen.'); return false; } return true; }