if ($continue) { $output .= "\n<a href='index.php?p=content-editgallery&id=" . $g . "' class='backlink'>< návrat zpět</a>\n<h1>" . $_lang['admin.content.manageimgs.title'] . "</h1>\n<p class='bborder'>" . str_replace("*galtitle*", $galdata['title'], $_lang['admin.content.manageimgs.p']) . "</p>\n\n" . $message . "\n\n<script type='text/javascript'>\n/* <![CDATA[ */\n\$(document).ready(function(){\n \$('.hs_fieldset').each(function(){\n var fieldset = this;\n var link = \$(fieldset).find('legend > a').get(0);\n var form = \$(fieldset).children('form');\n \$(form).hide();\n \$(link).click(function(){\n \$(form).slideToggle('fast');\n\n return false;\n });\n });\n});\n/* ]]> */\n</script>\n\n<fieldset>\n<legend>" . $_lang['admin.content.manageimgs.upload'] . "</legend>\n<form action='index.php?p=content-manageimgs&g=" . $g . "' method='post' enctype='multipart/form-data'>\n <p>" . sprintf($_lang['admin.content.manageimgs.upload.text'], _galuploadresize_w, _galuploadresize_h) . "</p>\n <input type='hidden' name='xaction' value='7' />\n <div id='fmanFiles'><input type='file' name='uf0[]' multiple='multiple' /> <a href='#' onclick='return _sysFmanAddFile();'>" . $_lang['admin.fman.upload.addfile'] . "</a></div>\n <div class='hr'><hr /></div>\n <p>\n <input type='submit' value='" . $_lang['admin.content.manageimgs.upload.submit'] . "' />" . (($uplimit = _getUploadLimit(true)) !== null ? " <small>" . $_lang['global.uploadlimit'] . ": <em>" . _getUploadLimit() . "MB</em>, " . $_lang['global.uploadext'] . ": <em>" . implode(', ', SL::$imageExt) . "</em></small>" : '') . "<br />\n <label><input type='checkbox' value='1' name='moveords' checked='checked' /> " . $_lang['admin.content.manageimgs.moveords'] . "</label>\n </p>\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n<fieldset class='hs_fieldset'>\n<legend><a href='#'>" . $_lang['admin.content.manageimgs.insert'] . "</a> <small>(" . $_lang['admin.content.manageimgs.insert.tip'] . ")</small></legend>\n<form action='index.php?p=content-manageimgs&g=" . $g . "' method='post' name='addform' onsubmit='_sysGalTransferPath(this);'>\n<input type='hidden' name='xaction' value='1' />\n\n<table>\n<tr class='valign-top'>\n\n<td>\n <table>\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n <td><input type='text' name='title' class='inputmedium' maxlength='64' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n <td><input type='text' name='ord' class='inputsmall' disabled='disabled' /> <label><input type='checkbox' name='moveords' value='1' checked='checked' onclick=\"_sysDisableField(this.checked, 'addform', 'ord');\" /> " . $_lang['admin.content.manageimgs.moveords'] . "</label></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.manageimgs.prev'] . "</strong></td>\n <td><input type='text' name='prev' class='inputsmall' disabled='disabled' /> <label><input type='checkbox' name='autoprev' value='1' checked='checked' onclick=\"_sysDisableField(this.checked, 'addform', 'prev');\" /> " . $_lang['admin.content.manageimgs.autoprev'] . "</label></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.manageimgs.full'] . "</strong></td>\n <td><input type='text' name='full' class='inputmedium' /></td>\n </tr>\n\n <tr>\n <td></td>\n <td><input type='submit' value='" . $_lang['global.insert'] . "' /></td>\n </tr>\n\n </table>\n</td>\n\n<td>\n" . (_loginright_adminfman ? "<div id='gallery-browser'>\n " . (!isset($_GET['browserpath']) ? "<a href='#' onclick=\"return _sysGalBrowse('" . urlencode(_upload_dir) . (_loginright_adminfmanlimit ? _loginname . '%2F' : '') . "');\"><img src='images/icons/loupe.png' alt='browse' class='icon' />" . $_lang['admin.content.manageimgs.insert.browser.link'] . "</a>" : "<script type='text/javascript'>_sysGalBrowse('" . _htmlStr($_GET['browserpath']) . "');</script>") . "\n</div>" : '') . "\n</td>\n\n</tr>\n</table>\n\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n"; // strankovani $paging = _resultPaging("index.php?p=content-manageimgs&g=" . $g, $galdata['var2'], "images", "home=" . $g); $s = $paging[2]; $output .= "\n<fieldset>\n<legend>" . $_lang['admin.content.manageimgs.current'] . "</legend>\n<form action='index.php?p=content-manageimgs&g=" . $g . "&page=" . $s . "' method='post' name='editform'>\n<input type='hidden' name='xaction' value='4' />\n\n<input type='submit' value='" . $_lang['admin.content.manageimgs.savechanges'] . "' class='gallery-savebutton' />\n" . $paging[0] . "\n<div class='cleaner'></div>"; // vypis obrazku $images = DB::query("SELECT * FROM `" . _mysql_prefix . "-images` WHERE home=" . $g . " ORDER BY ord " . $paging[1]); $images_forms = array(); if (DB::size($images) != 0) { // sestaveni formularu while ($image = DB::row($images)) { // kod nahledu $preview = _galleryImage($image, "1", $galdata['var4'], $galdata['var3']); // kod formulare $images_forms[] .= "\n<table>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_title' class='inputmedium' value='" . $image['title'] . "' maxlength='64' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_ord' class='inputmedium' value='" . $image['ord'] . "' /></td>\n</tr>\n\n" . (!$image['in_storage'] ? "<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.manageimgs.prev'] . "</strong></td>\n<td><input type='hidden' name='i" . $image['id'] . "_prevtrigger' value='1' /><input type='text' name='i" . $image['id'] . "_prev' class='inputsmall' value='" . $image['prev'] . "'" . _inputDisable($image['prev'] != "") . " /> <label><input type='checkbox' name='i" . $image['id'] . "_autoprev' value='1' onclick=\"_sysDisableField(checked, 'editform', 'i" . $image['id'] . "_prev');\"" . _checkboxActivate($image['prev'] == "") . " /> " . $_lang['admin.content.manageimgs.autoprev'] . "</label></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.manageimgs.full'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_full' class='inputmedium' value='" . $image['full'] . "' /></td>\n</tr>" : '') . "\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['global.preview'] . "</strong></td>\n<td>" . $preview . "<br /><br /><a href='" . _xsrfLink("index.php?p=content-manageimgs&g=" . $g . "&page=" . $s . "&del=" . $image['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['admin.content.manageimgs.delete'] . "</a></td>\n</tr>\n\n</table>\n "; } // sestaveni tabulky formularu po dvou $output .= "\n<table id='gallery-edittable'>"; $count = count($images_forms); for ($i = 0; $i < $count; $i += 2) { if (isset($images_forms[$i])) { $output .= "<tr><td" . (0 === $i % 2 && !isset($images_forms[$i + 1]) && 1 !== $count ? ' colspan="2"' : '') . " class='gallery-edittable-td'>\n" . $images_forms[$i] . "\n</td>\n"; if (isset($images_forms[$i + 1])) { $output .= "<td class='gallery-edittable-td'>\n" . $images_forms[$i + 1] . "\n</td></tr>\n"; } else { $output .= '</tr>' . _nl; } } } $output .= '</table>';
$output .= $message . "\n<form action='' method='post'>\n<table class='formtable'>\n\n<tr>\n <td class='rpad'><strong>" . $_lang['admin.content.redir.old'] . "</strong></td>\n <td><input type='text' name='old' value='" . $q['old'] . "' class='inputmedium' maxlength='255' /></td>\n</tr>\n\n<tr>\n <td class='rpad'><strong>" . $_lang['admin.content.redir.new'] . "</strong></td>\n <td><input type='text' name='new' value='" . $q['new'] . "' class='inputmedium' maxlength='255' /></td>\n</tr>\n\n<tr>\n <td class='rpad'><strong>" . $_lang['admin.content.redir.act'] . "</strong></td>\n <td><input type='checkbox' name='act' value='1'" . _checkboxActivate($q['active']) . " /></td>\n</tr>\n\n<tr>\n <td></td>\n <td><input type='submit' value='" . $_lang['global.' . ($new ? 'create' : 'save')] . "' /></td>\n</tr>\n\n</table>\n" . _xsrfProtect() . "</form>"; } while (false); } elseif (isset($_GET['del']) && _xsrfCheck(true)) { // smazani DB::query('DELETE FROM `' . _mysql_prefix . '-redir` WHERE id=' . intval($_GET['del'])); $output .= _formMessage(1, $_lang['global.done']); } elseif (isset($_GET['wipe'])) { // smazani vsech if (isset($_POST['wipe_confirm'])) { DB::query('TRUNCATE TABLE `' . _mysql_prefix . '-redir`'); $output .= _formMessage(1, $_lang['global.done']); } else { $output .= "\n<form action='' method='post' class='formbox'>\n" . _formMessage(2, $_lang['admin.content.redir.act.wipe.confirm']) . "\n<input type='submit' name='wipe_confirm' value='" . $_lang['admin.content.redir.act.wipe.submit'] . "' />\n" . _xsrfProtect() . "</form>\n"; } } // tabulka $output .= "<table class='list'>\n<thead><tr><td>" . $_lang['admin.content.redir.old'] . "</td><td>" . $_lang['admin.content.redir.new'] . "</td><td>" . $_lang['admin.content.redir.act'] . "</td><td>" . $_lang['global.action'] . "</td></tr></thead>\n<tbody>\n"; // vypis $counter = 0; $q = DB::query('SELECT * FROM `' . _mysql_prefix . '-redir`'); while ($r = DB::row($q)) { $output .= "<tr><td><code>" . $r['old'] . "</code></td><td><code>" . $r['new'] . "</code></td><td class='text-" . ($r['active'] ? 'green' : 'red') . "'>" . $_lang['global.' . ($r['active'] ? 'yes' : 'no')] . "</td><td><a href='index.php?p=content-redir&edit=" . $r['id'] . "'><img src='images/icons/edit.png' alt='edit' class='icon' /></a> <a href='" . _xsrfLink("index.php?p=content-redir&del=" . $r['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' /></a></td></tr>"; ++$counter; } // zadna data? if ($counter === 0) { $output .= "<tr><td colspan='4'>" . $_lang['global.nokit'] . "</td></tr>\n"; } // konec tabulky $output .= "</tbody>\n</table>\n"; }
</td> </tr> </table> '; // tabulka // priprava strankovani if (!$search) { $paging = _resultPaging("index.php?p=users-list&group=" . $group, 50, "users", $grouplimit2); $output .= $paging[0]; } // tabulka $output .= "<br />\n <table class='list'>\n <thead><tr><td>ID</td><td>" . $_lang['login.username'] . "</td><td>" . $_lang['global.email'] . "</td><td>" . $_lang['mod.settings.publicname'] . "</td><td colspan='2'>" . $_lang['global.group'] . "</td></tr></thead>\n <tbody>\n "; // dotaz na db if (!$search) { $query = DB::query("SELECT `" . _mysql_prefix . "-users`.id, `" . _mysql_prefix . "-users`.username, `" . _mysql_prefix . "-users`.publicname, `" . _mysql_prefix . "-users`.levelshift, `" . _mysql_prefix . "-users`.email, `" . _mysql_prefix . "-groups`.title, `" . _mysql_prefix . "-groups`.icon, `" . _mysql_prefix . "-users`.id FROM `" . _mysql_prefix . "-users`, `" . _mysql_prefix . "-groups` WHERE `" . _mysql_prefix . "-users`.`group`=`" . _mysql_prefix . "-groups`.id" . $grouplimit . " ORDER BY `" . _mysql_prefix . "-groups`.level DESC,`" . _mysql_prefix . "-users`.id " . $paging[1]); } else { $query = DB::query("SELECT `" . _mysql_prefix . "-users`.username, `" . _mysql_prefix . "-users`.publicname, `" . _mysql_prefix . "-users`.levelshift, `" . _mysql_prefix . "-users`.email, `" . _mysql_prefix . "-groups`.title, `" . _mysql_prefix . "-groups`.icon, `" . _mysql_prefix . "-users`.id FROM `" . _mysql_prefix . "-users`, `" . _mysql_prefix . "-groups` WHERE `" . _mysql_prefix . "-users`.`group`=`" . _mysql_prefix . "-groups`.id AND (`" . _mysql_prefix . "-users`.username LIKE '%" . $searchword . "%' OR `" . _mysql_prefix . "-users`.publicname LIKE '%" . $searchword . "%' OR `" . _mysql_prefix . "-users`.email LIKE '%" . $searchword . "%' OR `" . _mysql_prefix . "-users`.ip LIKE '%" . $searchword . "%')" . $grouplimit . " ORDER BY `" . _mysql_prefix . "-groups`.level DESC,`" . _mysql_prefix . "-users`.id LIMIT 100"); } // vypis if (DB::size($query) != 0) { while ($item = DB::row($query)) { $output .= "<tr><td>" . $item['id'] . "</td><td>" . ($item['icon'] != "" ? "<img src='" . _indexroot . "pictures/groupicons/" . $item['icon'] . "' alt='icon' class='groupicon' /> " : '') . "<a href='index.php?p=users-edit&id=" . $item['username'] . "'>" . ($item['levelshift'] == 1 ? "<strong>" : '') . $item['username'] . ($item['levelshift'] == 1 ? "</strong>" : '') . "</a></td><td>" . $item['email'] . "</td><td>" . ($item['publicname'] != "" ? $item['publicname'] : "-") . "</td><td>" . $item['title'] . "</td><td><a href='" . _xsrfLink("index.php?p=users-delete&id=" . $item['username']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['global.delete'] . "</a></td></tr>\n"; } } else { $output .= "<tr><td colspan='5'>" . $_lang['global.nokit'] . "</td></tr>\n"; } $output .= "</tbody></table>"; // pocet uzivatelu $totalusers = DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-users`"), 0); $output .= "\n<br />" . $_lang['admin.users.list.totalusers'] . ": " . $totalusers;
$author_filter_id = intval($_GET['author']); $author_filter = "author=" . intval($_GET['author']); } else { $pasep = false; $author_filter = ""; $author_filter_id = -1; } $output .= "\n<p class='bborder'>" . $_lang['admin.content.polls.p'] . "</p>\n<p><img src='images/icons/new.png' class='icon' alt='new' /><a href='index.php?p=content-polls-edit'>" . $_lang['admin.content.polls.new'] . "</a></p>\n"; // filtr if (_loginright_adminpollall) { $output .= "\n <form class='cform' action='index.php' method='get'>\n <input type='hidden' name='p' value='content-polls' />\n <strong>" . $_lang['admin.content.polls.filter'] . ":</strong> " . _admin_authorSelect("author", $author_filter_id, "adminpoll=1", null, $_lang['global.all2']) . " <input type='submit' value='" . $_lang['global.apply'] . "' />\n </form>\n "; } // strankovani $paging = _resultPaging("index.php?p=content-polls", 25, "polls", $author_filter . _admin_pollAccess($pasep), "&filter=" . $author_filter_id); $output .= $paging[0] . "<br />"; $output .= $message . "\n<table class='list'>\n<thead><tr><td>" . $_lang['admin.content.form.question'] . "</td>" . (_loginright_adminpollall ? "<td>" . $_lang['article.author'] . "</td>" : '') . "<td>" . $_lang['global.id'] . "</td><td>" . $_lang['global.action'] . "</td></tr></thead>\n<tbody>\n"; // vypis anket $query = DB::query("SELECT question,id,author,locked FROM `" . _mysql_prefix . "-polls` WHERE " . $author_filter . _admin_pollAccess($pasep) . " ORDER BY id DESC " . $paging[1]); if (DB::size($query) != 0) { while ($item = DB::row($query)) { if (_loginright_adminpollall) { $username = "******" . _linkUser($item['author']) . "</td>"; } else { $username = ""; } $output .= "<tr><td><a href='index.php?p=content-polls-edit&id=" . $item['id'] . "' class='block'>" . _cutStr($item['question'], 64) . "</a>" . ($item['locked'] == 1 ? " (" . $_lang['admin.content.form.locked'] . ")" : '') . "</td>" . $username . "<td>" . $item['id'] . "</td><td><a href='" . _xsrfLink("index.php?p=content-polls&author=" . $author_filter_id . "&page=" . $paging[2] . "&del=" . $item['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' class='icon' alt='del' /> " . $_lang['global.delete'] . "</a></td></tr>\n"; } } else { $output .= "<tr><td colspan='" . (_loginright_adminpollall ? "4" : "3") . "'>" . $_lang['global.nokit'] . "</td></tr>"; } $output .= "\n</tbody>\n</table>\n\n<br />\n<form class='cform' action='index.php' method='get'>\n<input type='hidden' name='p' value='content-polls-edit' />\n" . $_lang['admin.content.polls.openid'] . ": <input type='text' name='id' class='inputmini' /> <input type='submit' value='" . $_lang['global.open'] . "' />\n</form>\n";
/* --- vystup --- */ if ($continue) { $nokit = false; // zprava if (isset($_GET['created'])) { $message = _formMessage(1, $_lang['global.created']); } $output .= "<div class='hr'><hr /></div><br />" . $message . "\n<form class='cform' action='index.php?p=content-boxes-edit&c=" . urlencode($c) . "&saved' method='post'>\n<input type='hidden' name='do' value='1' />\n<p><input type='submit' value='" . $_lang['admin.content.boxes.saveboxeschanges'] . "' /> <a href='index.php?p=content-boxes-new&c=" . urlencode($c) . "'><img src='images/icons/new.png' alt='new' class='icon' />" . $_lang['admin.content.boxes.create'] . "</a></p>\n<table id='boxesedit'>\n"; $query = DB::query("SELECT * FROM `" . _mysql_prefix . "-boxes` WHERE `column`='" . DB::esc($c) . "' ORDER BY ord"); if (DB::size($query) != 0) { $isfirst = true; while ($item = DB::row($query)) { if ($isfirst) { $output .= "\n\n\n\n<tr>\n\n\n\n"; } $output .= "\n <td class='cell'>\n <div>\n <table class='formtable'>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n <td><input type='text' name='" . $item['id'] . "-title' value='" . $item['title'] . "' class='inputmedium' maxlength='96' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.boxes.column'] . "</strong></td>\n <td><input type='text' maxlength='64' name='" . $item['id'] . "-column' value='" . _htmlStr($item['column']) . "' class='inputmedium' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n <td><input type='text' name='" . $item['id'] . "-ord' value='" . $item['ord'] . "' class='inputmedium' /></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.class'] . "</strong></td>\n <td><input type='text' name='" . $item['id'] . "-class' value='" . $item['class'] . "' class='inputmedium' maxlength='24' /></td>\n </tr>\n\n <tr class='valign-top'>\n <td class='rpad'><strong>" . $_lang['admin.content.form.content'] . "</strong></td>\n <td><textarea name='" . $item['id'] . "-content' class='areasmall_100pwidth codemirror' rows='9' cols='33'>" . _htmlStr($item['content']) . "</textarea></td>\n </tr>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n <td>\n <label><input type='checkbox' name='" . $item['id'] . "-visiblenew' value='1'" . _checkboxActivate($item['visible']) . " /> " . $_lang['admin.content.form.visible'] . "</label> \n <label><input type='checkbox' name='" . $item['id'] . "-publicnew' value='1'" . _checkboxActivate($item['public']) . " /> " . $_lang['admin.content.form.public'] . "</label>\n <input type='hidden' name='" . $item['id'] . "-visible' value='1' />\n <input type='hidden' name='" . $item['id'] . "-public' value='1' />\n <a href='" . _xsrfLink("index.php?p=content-boxes-edit&c=" . urlencode($c) . "&del=" . $item['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['admin.content.boxes.delete'] . "</a>\n </td>\n </tr>\n\n </table>\n </div>\n </td>\n "; if (!$isfirst) { $output .= "\n\n\n\n</tr>\n\n\n\n"; } $isfirst = !$isfirst; } // dodatecne uzavreni radku tabulky (pri lichem poctu boxu) if (!$isfirst) { $output .= "\n\n\n\n</tr>\n\n\n\n"; } } else { $nokit = true; $output .= '<tr><td>' . $_lang['global.nokit'] . '</td></tr>'; } $output .= "</table>\n" . ($nokit ? '' : "<p><input type='submit' value='" . $_lang['admin.content.boxes.saveboxeschanges'] . "' /></p>") . "\n" . _xsrfProtect() . "</form>"; } else {
/** * Vypis kodu uzivatelskeho menu * @param bool $return navratit namisto vypsani 1/0 */ function _templateUserMenu($return = false) { global $_lang; $output = ""; if (_template_usermenu_parent != "") { $output .= "<" . _template_usermenu_parent . ">\n"; } $extend_args = _extendArgs($output); _extend('call', 'tpl.usermenu.first', $extend_args); if (!_loginindicator) { /*prihlaseni*/ $output .= _template_usermenu_item_start . "<a href='" . _indexroot . "index.php?m=login&login_form_return=" . urlencode($_SERVER['REQUEST_URI']) . "' class='usermenu-item-login'>" . $_lang['usermenu.login'] . "</a>" . _template_usermenu_item_end . "\n"; if (_registration) { /*registrace*/ $output .= _template_usermenu_item_start . "<a href='" . _indexroot . "index.php?m=reg' class='usermenu-item-reg'>" . $_lang['usermenu.registration'] . "</a>" . _template_usermenu_item_end . "\n"; } } else { /*vzkazy*/ if (_messages) { $messages_count = DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-pm` WHERE (receiver=" . _loginid . " AND receiver_deleted=0 AND receiver_readtime<update_time) OR (sender=" . _loginid . " AND sender_deleted=0 AND sender_readtime<update_time)"), 0); if ($messages_count != 0) { $messages_count = " [" . $messages_count . "]"; } else { $messages_count = ""; } $output .= _template_usermenu_item_start . "<a href='" . _indexroot . "index.php?m=messages' class='usermenu-item-messages'>" . $_lang['usermenu.messages'] . $messages_count . "</a>" . _template_usermenu_item_end . "\n"; } /*nastaveni*/ $output .= _template_usermenu_item_start . "<a href='" . _indexroot . "index.php?m=settings' class='usermenu-item-settings'>" . $_lang['usermenu.settings'] . "</a>" . _template_usermenu_item_end . "\n"; _extend('call', 'tpl.usermenu.beforelogout', $extend_args); /*odhlaseni*/ $output .= _template_usermenu_item_start . "<a href='" . _xsrfLink(_indexroot . "remote/logout.php?_return=" . urlencode($_SERVER['REQUEST_URI'])) . "' class='usermenu-item-logout'>" . $_lang['usermenu.logout'] . (_template_usermenu_showusername ? " [" . _loginname . "]" : '') . "</a>" . _template_usermenu_item_end . "\n"; } if (_ulist and (!_notpublicsite or _loginindicator)) { /*uziv. menu*/ $output .= _template_usermenu_item_start . "<a href='" . _indexroot . "index.php?m=ulist' class='usermenu-item-ulist'>" . $_lang['usermenu.ulist'] . "</a>" . _template_usermenu_item_end . "\n"; } _extend('call', 'tpl.usermenu.last', $extend_args); if (_template_usermenu_parent != "") { $output .= "</" . _template_usermenu_parent . ">\n"; } if (_template_usermenu_trim == 1) { $output = trim($output); $output = trim($output, _template_usermenu_item_start); $output = trim($output, _template_usermenu_item_end); } // vratit nebo vypsat if ($return) { return $output; } echo $output; }
if (_loginindicator and _loginright_administration) { $avatar = _getAvatar(_loginid, true, true); if (isset($avatar)) { $usermenu .= '<a id="header-avatar" href="' . _indexroot . 'index.php?m=profile&id=' . _loginname . '"><img src="' . $avatar . '" alt="' . _loginname . '" /></a>'; } $usermenu .= _loginpublicname . ' ['; if (_messages) { $messages_count = DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-pm` WHERE (receiver=" . _loginid . " AND receiver_deleted=0 AND receiver_readtime<update_time) OR (sender=" . _loginid . " AND sender_deleted=0 AND sender_readtime<update_time)"), 0); if ($messages_count != 0) { $messages_count = " <span class='highlight'>(" . $messages_count . ")</span>"; } else { $messages_count = ""; } $usermenu .= "<a href='" . _indexroot . "index.php?m=messages'>" . $_lang['usermenu.messages'] . $messages_count . "</a>, "; } $usermenu .= '<a href="' . _indexroot . 'index.php?m=settings">' . $_lang['usermenu.settings'] . '</a>, <a href="' . _xsrfLink(_indexroot . 'remote/logout.php?_return=admin/') . '">' . $_lang['usermenu.logout'] . '</a>]'; $usermenu .= '<a href="' . _url . '/" target="_blank" class="usermenu-web-link" title="' . $_lang['admin.link.site'] . '"><img class="icon" src="images/icons/guide.png" alt="' . $_lang['admin.link.site'] . '" /></a>'; } else { $usermenu .= '<a href="./">' . $_lang['usermenu.guest'] . '</a>'; } $usermenu .= '</span>'; // systemove moduly (jmeno, 0-titulek, 1-prava ke vstupu, 2-nadrazeny modul, 3-podrazene moduly, [4-vlastni titulek a zpetny odkaz?], [5-je to plugin?]) $modules = array("index" => array($_lang['admin.menu.index'], true, null, array('index-edit'), true), "index-edit" => array($_lang['admin.menu.index.edit.title'], _loginright_group == 1, 'index', array(), false), "content" => array($_lang['admin.menu.content'], _loginright_admincontent, null, array("content-move", "content-titles", "content-redir", "content-articles", "content-confirm", "content-movearts", "content-polls", "content-polls-edit", "content-boxes", "content-editsection", "content-editcategory", "content-delete", "content-editintersection", "content-articles-list", "content-articles-edit", "content-articles-delete", "content-boxes-edit", "content-boxes-new", "content-editbook", "content-editseparator", "content-editlink", "content-editpluginpage", "content-editgallery", "content-manageimgs", "content-artfilter"), false), "content-setindex" => array($_lang['admin.content.setindex.title'], _loginright_admincontent, "content", array()), "content-move" => array($_lang['admin.content.move.title'], _loginright_admincontent, "content", array()), "content-titles" => array($_lang['admin.content.titles.title'], _loginright_admincontent, "content", array()), "content-redir" => array($_lang['admin.content.redir.title'], _loginright_admincontent, "content", array()), "content-articles" => array($_lang['admin.content.articles.title'], _loginright_adminart, "content", array()), "content-articles-list" => array($_lang['admin.content.articles.list.title'], _loginright_adminart, "content-articles", array()), "content-articles-edit" => array($_lang['admin.content.articles.edit.title'], _loginright_adminart, "content-articles", array(), true), "content-articles-delete" => array($_lang['admin.content.articles.delete.title'], _loginright_adminart, "content-articles", array(), true), "content-confirm" => array($_lang['admin.content.confirm.title'], _loginright_adminconfirm, "content", array()), "content-movearts" => array($_lang['admin.content.movearts.title'], _loginright_admincategory, "content", array()), "content-artfilter" => array($_lang['admin.content.artfilter.title'], _loginright_admincategory, "content", array()), "content-polls" => array($_lang['admin.content.polls.title'], _loginright_adminpoll, "content", array()), "content-polls-edit" => array($_lang['admin.content.polls.edit.title'], _loginright_adminpoll, "content-polls", array()), "content-sboxes" => array($_lang['admin.content.sboxes.title'], _loginright_adminsbox, "content", array()), "content-boxes" => array($_lang['admin.content.boxes.title'], _loginright_adminbox, "content", array()), "content-boxes-edit" => array($_lang['admin.content.boxes.edit.title'], _loginright_adminbox, "content-boxes", array()), "content-boxes-new" => array($_lang['admin.content.boxes.new.title'], _loginright_adminbox, "content-boxes", array(), true), "content-delete" => array($_lang['admin.content.delete.title'], true, "content", array()), "content-editsection" => array($_lang['admin.content.editsection.title'], _loginright_adminsection, "content", array(), false), "content-editcategory" => array($_lang['admin.content.editcategory.title'], _loginright_admincategory, "content", array(), false), "content-editintersection" => array($_lang['admin.content.editintersection.title'], _loginright_adminintersection, "content", array(), false), "content-editbook" => array($_lang['admin.content.editbook.title'], _loginright_adminbook, "content", array(), false), "content-editseparator" => array($_lang['admin.content.editseparator.title'], _loginright_adminseparator, "content", array(), false), "content-editlink" => array($_lang['admin.content.editlink.title'], _loginright_adminlink, "content", array(), false), "content-editgallery" => array($_lang['admin.content.editgallery.title'], _loginright_admingallery, "content", array(), false), "content-editforum" => array($_lang['admin.content.editforum.title'], _loginright_adminforum, "content", array(), false), "content-editpluginpage" => array($_lang['admin.content.editpluginpage.title'], _loginright_adminpluginpage, "content", array(), false), "content-manageimgs" => array($_lang['admin.content.manageimgs.title'], _loginright_admingallery, "content", array(), true), "users" => array($_lang['admin.menu.users'], _loginright_adminusers or _loginright_admingroups, null, array("users-editgroup", "users-delgroup", "users-edit", "users-delete", "users-list", "users-move")), "users-editgroup" => array($_lang['admin.users.groups.edittitle'], _loginright_admingroups, "users", array(), false), "users-delgroup" => array($_lang['admin.users.groups.deltitle'], _loginright_admingroups, "users", array()), "users-edit" => array($_lang['admin.users.edit.title'], _loginright_adminusers, "users", array()), "users-delete" => array($_lang['admin.users.deleteuser'], _loginright_adminusers, "users", array()), "users-list" => array($_lang['admin.users.list'], _loginright_adminusers, "users", array()), "users-move" => array($_lang['admin.users.move'], _loginright_adminusers, "users", array()), "fman" => array($_lang['admin.menu.fman'], _loginright_adminfman, null, array()), "settings" => array($_lang['admin.menu.settings'], _loginright_adminsettings, null, array("settings-plugins")), "settings-plugins" => array($_lang['admin.settings.plugins.title'], _loginright_adminsettings, "settings", array(), true), "other" => array($_lang['admin.menu.other'], _loginright_adminbackup or _loginright_adminrestore or _loginright_adminmassemail or _loginright_adminbans, null, array("other-backup", "other-massemail", "other-bans", "other-cleanup", "other-transm")), "other-backup" => array($_lang['admin.other.backup.title'], _loginright_adminbackup or _loginright_adminrestore, "other", array()), "other-cleanup" => array($_lang['admin.other.cleanup.title'], _loginright_level == 10001, "other", array()), "other-massemail" => array($_lang['admin.other.massemail.title'], _loginright_adminmassemail, "other", array()), "other-bans" => array($_lang['admin.other.bans.title'], _loginright_adminbans, "other", array()), "other-transm" => array($_lang['admin.other.transm.title'], _loginid == 0, "other", array())); // priprava menu, pluginu $menu = "<div id='menu'>\n"; // extend _extend('call', 'admin.start'); // vystup dle stavu prihlaseni if (_loginindicator and _loginright_administration) { // titulek adminu if (isset($modules[$getp][0])) {
<?php /* --- kontrola jadra --- */ if (!defined('_core')) { exit; } /* --- priprava, odstraneni sloupce --- */ $message = ""; if (isset($_GET['delcolumn']) && _xsrfCheck(true)) { DB::query("DELETE FROM `" . _mysql_prefix . "-boxes` WHERE `column`='" . DB::esc($_GET['delcolumn']) . "'"); $message = _formMessage(1, $_lang['global.done']); } /* --- vystup --- */ $output .= "<p class='bborder'>" . $_lang['admin.content.boxes.p'] . "</p>\n<p><a href='index.php?p=content-boxes-new'><img src='images/icons/new.png' alt='new' class='icon' />" . $_lang['admin.content.boxes.create'] . "</a></p>" . $message . "\n\n<table class='listable'>\n<thead><tr><td>" . $_lang['admin.content.boxes.column'] . "</td><td>" . $_lang['admin.content.boxes.totalboxes'] . "</td><td>" . $_lang['global.action'] . "</td></tr></thead>\n<tbody>"; $query = DB::query("SELECT DISTINCT `column` FROM `" . _mysql_prefix . "-boxes` ORDER BY `column`"); while ($item = DB::row($query)) { $output .= "<tr><td><a href='index.php?p=content-boxes-edit&c=" . urlencode($item['column']) . "' class='block'><img src='images/icons/dir.png' alt='col' class='icon' /><strong>" . _htmlStr($item['column']) . "</strong></a></td><td>" . DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-boxes` WHERE `column`='" . DB::esc($item['column']) . "'"), 0) . "</td><td><a href='" . _xsrfLink("index.php?p=content-boxes&delcolumn=" . urlencode($item['column'])) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['global.delete'] . "</a></td></tr>\n"; } $output .= "</tbody></table>";
/** * Sestavit kod systemoveho formulare * * $id Popis $vars * * login prihlasovaci formular - * notpublic prihlasovaci formular (neverejny obsah) [wholesite 1/0] * postform formular pro zaslani prispevku/komentare [posttype => viz fce _postsOutput, posttarget => id_home, xhome => id_xhome, [pluginflag(pouze pro typ 7)] => xx)] * * @param string $id identifikator formulare * @param array $vars promenne dle typu * @param bool $notitle nevkladat titulek do formulare 1/0 * @param bool $extend volat extend udalosti 1/0 * @return array array(content, title) */ function _uniForm($id, $vars = array(), $notitle = false, $extend = true) { // priprava global $_lang; $content = ""; $title = ""; // extend if ($extend) { _extend('call', 'sys.form', array('id' => $id, 'vars' => $vars, 'notitle' => &$notitle, 'content' => &$content)); } // typ if ('' === $content) { switch ($id) { /* --- prihlaseni --- */ case "login": // titulek $title = $_lang['login.title']; // zpravy if (isset($_GET['_mlr'])) { switch ($_GET['_mlr']) { case 0: $content .= _formMessage(2, $_lang['login.failure']); break; case 1: if (_loginindicator and !_administration) { $content .= _formMessage(1, $_lang['login.success']); } break; case 2: if (!_loginindicator) { $content .= _formMessage(2, $_lang['login.blocked.message']); } break; case 3: if (!_loginindicator) { $content .= _formMessage(3, $_lang['login.securitylogout']); } break; case 4: if (!_loginindicator) { $content .= _formMessage(1, $_lang['login.selfremove']); } break; case 5: if (!_loginindicator) { $content .= _formMessage(2, str_replace(array("*1*", "*2*"), array(_maxloginattempts, _maxloginexpire / 60), $_lang['login.attemptlimit'])); } break; case 6: $content .= _formMessage(3, $_lang['xsrf.msg']); break; } } // obsah if (!_loginindicator) { // adresa pro navrat if (isset($_GET['login_form_return'])) { $return = $_GET['login_form_return']; } else { $return = $_SERVER['REQUEST_URI']; } // adresa formulare $form_url = parse_url($_SERVER['REQUEST_URI']); if (isset($form_url['query'])) { parse_str($form_url['query'], $form_url['query']); unset($form_url['query']['_formData'], $form_url['query']['_mlr']); $form_url = _buildURL($form_url); } else { $form_url = $_SERVER['REQUEST_URI']; } // kod formulare $callArgs = array("login_form", _indexroot . "remote/login.php?_return=" . urlencode($return), array(array($_lang['login.username'], "<input type='text' name='username' class='inputmedium'" . _restoreGetFdValue("username") . " maxlength='24' />"), array($_lang['login.password'], "<input type='password' name='password' class='inputmedium' />")), null, $_lang['global.login'], " <label><input type='checkbox' name='persistent' value='1' /> " . $_lang['login.persistent'] . "</label><input type='hidden' name='form_url' value='" . _htmlStr($form_url) . "' />\n <label><input type='checkbox' name='ipbound' value='1' checked='checked' /> " . (isset($_lang['login.ipbound']) ? $_lang['login.ipbound'] : 'zabezpečené') . "</label>"); if ($extend) { _extend('call', 'sys.form.login', array('call' => &$callArgs)); } $content .= call_user_func_array('_formOutput', $callArgs); // odkazy if (_registration or _lostpass) { $content .= "\n\n<p>\n" . ((_registration and !_administration) ? "<a href='" . _indexroot . "index.php?m=reg'>" . $_lang['mod.reg'] . " ></a>\n" : '') . (_lostpass ? ((_registration and !_administration) ? "<br />" : '') . "<a href='" . _indexroot . "index.php?m=lostpass'>" . $_lang['mod.lostpass'] . " ></a>\n" : '') . "</p>"; } } else { $content .= "<p>" . $_lang['login.ininfo'] . " <em>" . _loginname . "</em> - <a href='" . _xsrfLink(_indexroot . "remote/logout.php") . "'>" . $_lang['usermenu.logout'] . "</a>.</p>"; } break; /* --- zprava o neverejnosti obsahu (0-notpublicsite) --- */ /* --- zprava o neverejnosti obsahu (0-notpublicsite) --- */ case "notpublic": $form = _uniForm("login", array(), true); if (!isset($vars[0])) { $vars[0] = false; } $content = "<p>" . $_lang['notpublic.p' . ($vars[0] == true ? '2' : '')] . "</p>" . $form[0]; $title = $_lang['notpublic.title']; break; /* --- formular pro zaslani prispevku / komentare (posttype,posttarget,xhome,url) --- */ /* --- formular pro zaslani prispevku / komentare (posttype,posttarget,xhome,url) --- */ case "postform": $title = ""; $notitle = true; // pole $inputs = array(); $captcha = _captchaInit(); $content = _jsLimitLength(16384, "postform", "text"); if (_loginindicator == 0) { $inputs[] = array($_lang['posts.guestname'], "<input type='text' name='guest' maxlength='24' class='inputsmall'" . _restoreGetFdValue("guest") . " />"); } if ($vars['xhome'] == -1) { $inputs[] = array($_lang[$vars['posttype'] != 5 ? 'posts.subject' : 'posts.topic'], "<input type='text' name='subject' class='input" . ($vars['posttype'] != 5 ? 'small' : 'medium') . "' maxlength='" . ($vars['posttype'] != 5 ? 22 : 48) . "'" . _restoreGetFdValue("subject") . " />"); } $inputs[] = $captcha; $inputs[] = array($_lang['posts.text'], "<textarea name='text' class='areamedium' rows='5' cols='33'>" . _restoreGetFdValue("text", null, true) . "</textarea><input type='hidden' name='_posttype' value='" . $vars['posttype'] . "' /><input type='hidden' name='_posttarget' value='" . $vars['posttarget'] . "' /><input type='hidden' name='_xhome' value='" . $vars['xhome'] . "' />" . (isset($vars['pluginflag']) ? "<input type='hidden' name='_pluginflag' value='" . $vars['pluginflag'] . "' />" : ''), true); // formular $callArgs = array('postform', _addGetToLink(_indexroot . "remote/post.php", "_return=" . urlencode($vars['url']), false), $inputs, array("text"), null, _getPostformControls("postform", "text")); if ($extend) { _extend('call', 'sys.form.postform', array('call' => &$callArgs, 'vars' => $vars)); } $content .= call_user_func_array('_formOutput', $callArgs); break; } } // return if ((_template_autoheadings == 1 or _administration == 1) and $notitle == false) { $content = "<h1>{$title}</h1>\n" . $content; } return array($content, $title); }
} } } // ulozeni posledniho nebo jedineho shoutboxu if ($sql != "") { $sql = trim($sql, ","); DB::query("UPDATE `" . _mysql_prefix . "-sboxes` SET " . $sql . " WHERE id=" . $id); } $message = _formMessage(1, $_lang['global.saved']); break; } } /* --- odstraneni shoutboxu --- */ if (isset($_GET['del']) && _xsrfCheck(true)) { $del = intval($_GET['del']); DB::query("DELETE FROM `" . _mysql_prefix . "-sboxes` WHERE id=" . $del); DB::query("DELETE FROM `" . _mysql_prefix . "-posts` WHERE home=" . $del . " AND type=4"); $message = _formMessage(1, $_lang['global.done']); } /* --- vystup --- */ $output .= "\n<p class='bborder'>" . $_lang['admin.content.sboxes.p'] . "</p>\n\n" . $message . "\n\n<fieldset>\n<legend>" . $_lang['admin.content.sboxes.create'] . "</legend>\n<form class='cform' action='index.php?p=content-sboxes' method='post'>\n<input type='hidden' name='action' value='1' />\n\n<table>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n<td><input type='text' name='title' class='inputbig' maxlength='64' /></td>\n</tr>\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n<td>\n<label><input type='checkbox' name='public' value='1' checked='checked' /> " . $_lang['admin.content.form.unregpost'] . "</label><br />\n<label><input type='checkbox' name='locked' value='1' /> " . $_lang['admin.content.form.locked2'] . "</label>\n</td>\n</tr>\n\n<tr>\n<td></td>\n<td><input type='submit' value='" . $_lang['global.create'] . "' /></td>\n</tr>\n\n</table>\n\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n\n<fieldset>\n<legend>" . $_lang['admin.content.sboxes.manage'] . "</legend>\n<form class='cform' action='index.php?p=content-sboxes' method='post'>\n<input type='hidden' name='action' value='2' />\n\n<input type='submit' value='" . $_lang['admin.content.sboxes.savechanges'] . "' />\n<div class='hr'><hr /></div>\n"; // vypis shoutboxu $shoutboxes = DB::query("SELECT * FROM `" . _mysql_prefix . "-sboxes` ORDER BY id DESC"); if (DB::size($shoutboxes) != 0) { while ($shoutbox = DB::row($shoutboxes)) { $output .= "\n <br />\n <table>\n\n <tr>\n <td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n <td><input type='text' name='s" . $shoutbox['id'] . "_title' class='inputmedium' value='" . $shoutbox['title'] . "' /></td>\n </tr>\n\n <tr>\n <td><strong>" . $_lang['global.id'] . "</strong></td>\n <td>" . $shoutbox['id'] . "</td>\n </tr>\n\n <tr class='valign-top'>\n <td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n <td>\n <input type='hidden' name='s" . $shoutbox['id'] . "_publictrigger' value='1' /><input type='hidden' name='s" . $shoutbox['id'] . "_lockedtrigger' value='1' />\n <label><input type='checkbox' name='s" . $shoutbox['id'] . "_public' value='1'" . _checkboxActivate($shoutbox['public']) . " /> " . $_lang['admin.content.form.unregpost'] . "</label><br />\n <label><input type='checkbox' name='s" . $shoutbox['id'] . "_locked' value='1'" . _checkboxActivate($shoutbox['locked']) . " /> " . $_lang['admin.content.form.locked2'] . "</label><br />\n <label><input type='checkbox' name='s" . $shoutbox['id'] . "_delposts' value='1' /> " . $_lang['admin.content.form.delposts'] . "</label><br /><br />\n <a href='" . _xsrfLink("index.php?p=content-sboxes&del=" . $shoutbox['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['global.delete'] . "</a>\n </td>\n </tr>\n\n </table>\n <br /><div class='hr'><hr /></div>\n "; } } else { $output .= $_lang['global.nokit']; } $output .= "\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n";