protected function post_tags() { global $aidlink; if (isset($_POST['save_tag'])) { $this->data = array('tag_id' => isset($_GET['tag_id']) && isnum($_GET['tag_id']) ? intval($_GET['tag_id']) : 0, 'tag_title' => form_sanitizer($_POST['tag_title'], '', 'tag_title'), 'tag_language' => form_sanitizer($_POST['tag_language'], '', 'tag_language'), 'tag_color' => form_sanitizer($_POST['tag_color'], '', 'tag_color'), 'tag_description' => form_sanitizer($_POST['tag_description'], '', 'tag_description'), 'tag_status' => isset($_POST['tag_status']) && isnum($_POST['tag_status']) ? intval($_POST['tag_status']) : 0); if (\defender::safe()) { if (!empty($this->data['tag_id'])) { /** * Update */ dbquery_insert(DB_FORUM_TAGS, $this->data, "update"); addNotice('success', self::$locale['forum_tag_0105']); redirect(FUSION_SELF . $aidlink . '§ion=ft'); } else { /** * Save New */ dbquery_insert(DB_FORUM_TAGS, $this->data, "save"); addNotice('success', self::$locale['forum_tag_0106']); redirect(FUSION_SELF . $aidlink . '§ion=ft'); } } } if (isset($_GET['delete']) && isnum($_GET['delete'])) { $result = dbquery("DELETE FROM " . DB_FORUM_TAGS . " WHERE tag_id='" . $_GET['delete'] . "'"); if ($result) { addNotice("success", self::$locale['forum_tag_0107']); redirect(FUSION_SELF . $aidlink . '§ion=ft'); } } }
protected function post_forum_ranks() { global $aidlink; if (isset($_POST['save_rank'])) { $this->data = array('rank_id' => isset($_GET['rank_id']) && isnum($_GET['rank_id']) ? intval($_GET['rank_id']) : 0, 'rank_title' => form_sanitizer($_POST['rank_title'], '', 'rank_title'), 'rank_image' => form_sanitizer($_POST['rank_image'], "", "rank_image"), 'rank_language' => form_sanitizer($_POST['rank_language'], "", "rank_language"), 'rank_posts' => isset($_POST['rank_posts']) && isnum($_POST['rank_posts']) ? $_POST['rank_posts'] : 0, 'rank_type' => isset($_POST['rank_type']) && isnum($_POST['rank_type']) ? $_POST['rank_type'] : 0, 'rank_apply_normal' => isset($_POST['rank_apply_normal']) && isnum($_POST['rank_apply_normal']) ? $_POST['rank_apply_normal'] : USER_LEVEL_MEMBER, 'rank_apply_special' => isset($_POST['rank_apply_special']) && isnum($_POST['rank_apply_special']) ? $_POST['rank_apply_special'] : 1); $this->data += array('rank_apply' => $this->data['rank_type'] == 2 ? $this->data['rank_apply_special'] : $this->data['rank_apply_normal']); if (\defender::safe()) { if (!empty($this->data['rank_id']) && !$this->check_duplicate_ranks()) { /** * Update */ dbquery_insert(DB_FORUM_RANKS, $this->data, "update"); addNotice('info', self::$locale['411']); redirect(FUSION_SELF . $aidlink . '§ion=fr'); } elseif (!$this->check_duplicate_ranks()) { /** * Save New */ dbquery_insert(DB_FORUM_RANKS, $this->data, "save"); addNotice('info', self::$locale['410']); redirect(FUSION_SELF . $aidlink . '§ion=fr'); } } } if (isset($_GET['delete']) && isnum($_GET['delete'])) { $result = dbquery("DELETE FROM " . DB_FORUM_RANKS . " WHERE rank_id='" . $_GET['delete'] . "'"); if ($result) { addNotice("success", self::$locale['412']); redirect(FUSION_SELF . $aidlink . '§ion=fr'); } } }
/** * Button Groups * @param $input_name * @param string $label * @param $input_value * @param array $options * @return string */ function form_btngroup($input_name, $label = "", $input_value, array $options = array()) { global $defender, $locale; $title = $label ? stripinput($label) : ucfirst(strtolower(str_replace("_", " ", $input_name))); $input_value = isset($input_value) && !empty($input_value) ? stripinput($input_value) : ""; $default_options = array('options' => array($locale['disable'], $locale['enable']), 'input_id' => $input_name, 'class' => "btn-default", 'icon' => "", "multiple" => FALSE, "delimiter" => ",", 'deactivate' => FALSE, 'error_text' => "", 'inline' => FALSE, 'safemode' => FALSE, 'required' => FALSE, 'callback_check' => ''); $options += $default_options; $error_class = ""; if ($defender->inputHasError($input_name)) { $error_class = "has-error "; if (!empty($options['error_text'])) { $new_error_text = $defender->getErrorText($input_name); if (!empty($new_error_text)) { $options['error_text'] = $new_error_text; } addNotice("danger", "<strong>{$title}</strong> - " . $options['error_text']); } } $html = "<div id='" . $options['input_id'] . "-field' class='form-group " . $error_class . "clearfix'>\n"; $html .= $label ? "<label class='control-label " . ($options['inline'] ? "col-xs-12 col-sm-3 col-md-3 col-lg-3 p-l-0" : 'col-xs-12 col-sm-12 col-md-12 col-lg-12 p-l-0') . "' for='" . $options['input_id'] . "'>{$label} " . ($options['required'] == 1 ? "<span class='required'>*</span>" : '') . "</label>\n" : ''; $html .= $options['inline'] ? "<div class='col-xs-12 col-sm-9 col-md-9 col-lg-9'>\n" : ''; $html .= "<div class='btn-group' id='" . $options['input_id'] . "'>"; $i = 1; if (!empty($options['options']) && is_array($options['options'])) { foreach ($options['options'] as $arr => $v) { $active = ''; if ($input_value == $arr) { $active = "active"; } $html .= "<button type='button' data-value='{$arr}' class='btn " . $options['class'] . " " . (count($options['options']) == $i ? 'last-child' : '') . " {$active}'>" . $v . "</button>\n"; $i++; } } $html .= "</div>\n"; $html .= "<input name='{$input_name}' type='hidden' id='" . $options['input_id'] . "-text' value='{$input_value}' />\n"; $html .= $defender->inputHasError($input_name) ? "<div id='" . $options['input_id'] . "-help' class='label label-danger p-5 display-inline-block'>" . $options['error_text'] . "</div>" : ""; $html .= $options['inline'] ? "</div>\n" : ''; $html .= "</div>\n"; $input_name = $options['multiple'] ? str_replace("[]", "", $input_name) : $input_name; $defender->add_field_session(array('input_name' => $input_name, 'title' => trim($title, '[]'), 'id' => $options['input_id'], 'type' => 'dropdown', 'required' => $options['required'], 'callback_check' => $options['callback_check'], 'safemode' => $options['safemode'], 'error_text' => $options['error_text'], 'delimiter' => $options['delimiter'])); add_to_jquery("\n\t\$('#" . $options['input_id'] . " button').bind('click', function(e){\n\t\t\$('#" . $options['input_id'] . " button').removeClass('active');\n\t\t\$(this).toggleClass('active');\n\t\tvalue = \$(this).data('value');\n\t\t\$('#" . $options['input_id'] . "-text').val(value);\n\t});\n\t"); return $html; }
function form_colorpicker($input_name, $label = '', $input_value = '', array $options = array()) { global $defender, $locale; if (!defined("COLORPICKER")) { define("COLORPICKER", TRUE); add_to_head("<link href='" . DYNAMICS . "assets/colorpick/css/bootstrap-colorpicker.css' rel='stylesheet' media='screen' />"); add_to_head("<script src='" . DYNAMICS . "assets/colorpick/js/bootstrap-colorpicker.js'></script>"); } $title = $label ? stripinput($label) : ucfirst(strtolower(str_replace("_", " ", $input_name))); $input_name = stripinput($input_name); $input_value = stripinput($input_value); $default_options = array('input_id' => $input_name, 'required' => FALSE, 'placeholder' => '', 'deactivate' => FALSE, 'width' => '250px', 'class' => '', 'inline' => FALSE, 'error_text' => $locale['error_input_default'], 'safemode' => FALSE, 'icon' => "", "tip" => "", 'format' => 'hex'); $options += $default_options; if (!$options['width']) { $options['width'] = $default_options['width']; } $input_id = $options['input_id'] ?: $default_options['input_id']; $error_class = ""; if ($defender->inputHasError($input_name)) { $error_class = "has-error "; if (!empty($options['error_text'])) { $new_error_text = $defender->getErrorText($input_name); if (!empty($new_error_text)) { $options['error_text'] = $new_error_text; } addNotice("danger", "<strong>{$title}</strong> - " . $options['error_text']); } } $html = "<div id='{$input_id}-field' class='form-group clearfix m-b-10 " . $error_class . $options['class'] . " '>\n"; $html .= $label ? "<label class='control-label " . ($options['inline'] ? "col-xs-12 col-sm-3 col-md-3 col-lg-3" : '') . "' for='{$input_id}'>{$label} " . ($options['required'] ? "<span class='required'>*</span>" : '') . "\n\t" . ($options['tip'] ? "<i class='pointer fa fa-question-circle' title='" . $options['tip'] . "'></i>" : '') . "\n\t</label>\n" : ''; $html .= $options['inline'] ? "<div class='col-xs-12 col-sm-9 col-md-9 col-lg-9'>\n" : "<br/>\n"; $html .= "<div id='{$input_id}' style='width: " . $options['width'] . "' class='input-group colorpicker-component bscp colorpicker-element m-b-10' data-color='{$input_value}' data-color-format='" . $options['format'] . "'>"; $html .= "<input type='text' name='{$input_name}' class='form-control " . $options['class'] . "' id='" . $input_id . "' value='{$input_value}' data-color-format='" . $options['format'] . "' placeholder='" . $options['placeholder'] . "' " . ($options['deactivate'] ? "readonly" : "") . ">"; $html .= "<span id='{$input_id}-cp' class='input-group-addon'>"; $html .= "<i style='background: rgba(255,255,255,1);'></i>"; $html .= "</span></div>"; $html .= $options['inline'] ? "</div>\n" : ""; $html .= "</div>\n"; $defender->add_field_session(array('input_name' => $input_name, 'type' => 'color', 'title' => $title, 'id' => $input_id, 'required' => $options['required'], 'safemode' => $options['safemode'], 'error_text' => $options['error_text'])); add_to_jquery("\$('#{$input_id}').colorpicker({ format : '" . $options['format'] . "' });"); return $html; }
function flood_control($field, $table, $where, $debug = FALSE) { global $userdata, $settings, $locale, $defender; $flood = FALSE; if (!iSUPERADMIN && !iADMIN && (!defined("iMOD") || !iMOD) || $debug) { $result = dbquery("SELECT MAX(" . $field . ") AS last_post FROM " . $table . " WHERE " . $where); if (dbrows($result)) { $time = time(); $data = dbarray($result); if ($time - $data['last_post'] < $settings['flood_interval']) { $defender->stop(); addNotice('warning', sprintf($locale['flood'], countdown($settings['flood_interval'] - ($time - $data['last_post'])))); $flood = TRUE; $result = dbquery("INSERT INTO " . DB_FLOOD_CONTROL . " (flood_ip, flood_ip_type, flood_timestamp) VALUES ('" . USER_IP . "', '" . USER_IP_TYPE . "', '" . time() . "')"); // This should be in settings, "After how many flood offences take action" then a setting for what action to take if (dbcount("(flood_ip)", DB_FLOOD_CONTROL, "flood_ip='" . USER_IP . "'") > 4) { if (!$debug) { if (iMEMBER && $settings['flood_autoban'] == "1") { require_once INCLUDES . "sendmail_include.php"; require_once INCLUDES . "suspend_include.php"; $result = dbquery("UPDATE " . DB_USERS . " SET user_status='4', user_actiontime='0' WHERE user_id='" . $userdata['user_id'] . "'"); suspend_log($userdata['user_id'], 4, $locale['global_440'], TRUE); $message = str_replace("[USER_NAME]", $userdata['user_name'], $locale['global_442']); $message = str_replace("[USER_IP]", USER_IP, $message); $message = str_replace("[USER_IP]", USER_IP, $message); $message = str_replace("[SITE_EMAIL]", $settings['siteemail'], $message); $message = str_replace("[SITEUSERNAME]", $settings['siteusername'], $message); $subject = str_replace("[SITENAME]", $settings['sitename'], $locale['global_441']); sendemail($userdata['user_name'], $userdata['user_email'], $settings['siteusername'], $settings['siteemail'], $subject, $message); } elseif (!iMEMBER) { $result = dbquery("INSERT INTO " . DB_BLACKLIST . " (blacklist_ip, blacklist_ip_type, blacklist_email, blacklist_reason) VALUES ('" . USER_IP . "', '" . USER_IP_TYPE . "', '', '" . $locale['global_440'] . "')"); } } else { addNotice('info', "DEBUG MESSAGE: Triggered flood control action due to repeated offences. This could've resulted in a ban or suspenstion"); } } } } } return $flood; }
public function viewSettingsAdmin() { global $aidlink; pageAccess('F'); $forum_settings = $this->get_forum_settings(); add_breadcrumb(array('link' => ADMIN . 'settings_forum.php' . $aidlink, 'title' => self::$locale['forum_settings'])); if (isset($_POST['recount_user_post'])) { $result = dbquery("SELECT post_author, COUNT(post_id) as num_posts FROM " . DB_FORUM_POSTS . " GROUP BY post_author"); if (dbrows($result)) { while ($data = dbarray($result)) { $result2 = dbquery("UPDATE " . DB_USERS . " SET user_posts='" . $data['num_posts'] . "' WHERE user_id='" . $data['post_author'] . "'"); } addNotice('success', self::$locale['forum_061']); } } if (isset($_POST['savesettings'])) { $numofthreads = form_sanitizer($_POST['numofthreads'], 20, 'numofthreads'); $threads_num = form_sanitizer($_POST['threads_per_page'], 20, 'threads_per_page'); $posts_num = form_sanitizer($_POST['posts_per_page'], 20, 'posts_per_page'); $forum_ips = form_sanitizer($_POST['forum_ips'], -103, 'forum_ips'); $attachmax = form_sanitizer($_POST['calc_b'], 1, 'calc_b') * form_sanitizer($_POST['calc_c'], 1000000, 'calc_c'); $attachmax_count = form_sanitizer($_POST['forum_attachmax_count'], 5, 'forum_attachmax_count'); $attachtypes = form_sanitizer($_POST['forum_attachtypes'], '.pdf,.gif,.jpg,.png,.zip,.rar,.tar,.bz2,.7z', 'forum_attachtypes'); $thread_notify = form_sanitizer($_POST['thread_notify'], '0', 'thread_notify'); $forum_ranks = form_sanitizer($_POST['forum_ranks'], '0', 'forum_ranks'); $forum_rank_style = form_sanitizer($_POST['forum_rank_style'], '0', 'forum_rank_style'); $forum_edit_lock = form_sanitizer($_POST['forum_edit_lock'], '0', 'forum_edit_lock'); $forum_edit_timelimit = form_sanitizer($_POST['forum_edit_timelimit'], '0', 'forum_edit_timelimit'); $popular_threads_timeframe = form_sanitizer($_POST['popular_threads_timeframe'], '604800', 'popular_threads_timeframe'); $forum_last_posts_reply = form_sanitizer($_POST['forum_last_posts_reply'], '0', 'forum_last_posts_reply'); $forum_last_post_avatar = form_sanitizer($_POST['forum_last_post_avatar'], '0', 'forum_last_post_avatar'); $forum_editpost_to_lastpost = form_sanitizer($_POST['forum_editpost_to_lastpost'], '0', 'forum_editpost_to_lastpost'); if (\defender::safe()) { dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$numofthreads}' WHERE settings_name='numofthreads' AND settings_inf='forum'"); dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$threads_num}' WHERE settings_name='threads_per_page' AND settings_inf='forum'"); dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$posts_num}' WHERE settings_name='posts_per_page' AND settings_inf='forum'"); //".(isnum($_POST['forum_ips']) ? $_POST['forum_ips'] : "103")." dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_ips}' WHERE settings_name='forum_ips' AND settings_inf='forum'"); dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$attachmax}' WHERE settings_name='forum_attachmax' AND settings_inf='forum'"); dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$attachmax_count}' WHERE settings_name='forum_attachmax_count' AND settings_inf='forum'"); dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$attachtypes}' WHERE settings_name='forum_attachtypes' AND settings_inf='forum'"); dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$thread_notify}' WHERE settings_name='thread_notify' AND settings_inf='forum'"); dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_ranks}' WHERE settings_name='forum_ranks' AND settings_inf='forum'"); dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_rank_style}' WHERE settings_name='forum_rank_style' AND settings_inf='forum'"); dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_edit_lock}' WHERE settings_name='forum_edit_lock' AND settings_inf='forum'"); dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_edit_timelimit}' WHERE settings_name='forum_edit_timelimit' AND settings_inf='forum'"); dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$popular_threads_timeframe}' WHERE settings_name='popular_threads_timeframe' AND settings_inf='forum'"); dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_last_posts_reply}' WHERE settings_name='forum_last_posts_reply' AND settings_inf='forum'"); dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_last_post_avatar}' WHERE settings_name='forum_last_post_avatar' AND settings_inf='forum'"); dbquery("UPDATE " . DB_SETTINGS_INF . " SET settings_value='{$forum_editpost_to_lastpost}' WHERE settings_name='forum_editpost_to_lastpost' AND settings_inf='forum'"); addNotice('success', self::$locale['900']); redirect(FUSION_SELF . $aidlink . '§ion=fs'); } } $yes_no_array = array('1' => self::$locale['yes'], '0' => self::$locale['no']); echo "<div class='well'>" . self::$locale['forum_description'] . "</div>"; echo openform('forum_settings_form', 'post', FUSION_REQUEST, array('class' => 'm-t-20')); echo "<div class='row'>\n"; echo "<div class='col-xs-12 col-sm-8'>\n"; openside(''); echo "<span class='small pull-right'>* " . self::$locale['506'] . "</span><br/>\n"; echo form_text('numofthreads', self::$locale['505'], $forum_settings['numofthreads'], array('error_text' => self::$locale['error_value'], 'inline' => 1, 'width' => '150px', 'type' => 'number')); closeside(); openside(''); echo form_text('threads_per_page', self::$locale['forum_080'], $forum_settings['threads_per_page'], array('error_text' => self::$locale['error_value'], 'inline' => 1, 'width' => '150px', 'type' => 'number')); echo form_text('posts_per_page', self::$locale['forum_081'], $forum_settings['posts_per_page'], array('error_text' => self::$locale['error_value'], 'inline' => 1, 'width' => '150px', 'type' => 'number')); closeside(); openside(''); echo form_select('thread_notify', self::$locale['512'], $forum_settings['thread_notify'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1)); closeside(); openside(''); echo "<span class='pull-right position-absolute small' style='right:30px;'>" . self::$locale['537'] . "</span>\n"; echo form_select('forum_edit_timelimit', self::$locale['536'], $forum_settings['forum_edit_timelimit'], array('options' => array('0', '10', '30', '45', '60'), 'max_length' => 2, 'width' => '100px', 'required' => 1, 'error_text' => self::$locale['error_value'], 'inline' => 1)); echo form_select('forum_ips', self::$locale['507'], $forum_settings['forum_ips'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1)); echo form_select('forum_ranks', self::$locale['520'], $forum_settings['forum_ranks'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1)); echo form_select('forum_rank_style', self::$locale['forum_064'], $forum_settings['forum_rank_style'], array('options' => array(self::$locale['forum_063'], self::$locale['forum_062']), 'error_text' => self::$locale['error_value'], 'inline' => 1)); echo form_select('forum_last_post_avatar', self::$locale['539'], $forum_settings['forum_last_post_avatar'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1)); echo form_select('forum_edit_lock', self::$locale['521'], $forum_settings['forum_edit_lock'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1)); echo form_select('forum_editpost_to_lastpost', self::$locale['538'], $forum_settings['forum_editpost_to_lastpost'], array('options' => $yes_no_array, 'error_text' => self::$locale['error_value'], 'inline' => 1)); closeside(); echo "</div>\n"; echo "<div class='col-xs-12 col-sm-4'>\n"; openside(''); $calc_opts = array(1 => 'Bytes (bytes)', 1000 => 'KB (Kilobytes)', 1000000 => 'MB (Megabytes)'); $calc_c = self::calculate_byte($forum_settings['forum_attachmax']); $calc_b = $forum_settings['forum_attachmax'] / $calc_c; require_once INCLUDES . "mimetypes_include.php"; $mime = mimeTypes(); $mime_opts = array(); foreach ($mime as $m => $Mime) { $ext = ".{$m}"; $mime_opts[$ext] = $ext; } sort($mime_opts); echo "<div class='clearfix'>\n"; echo "<span class='pull-right small'>" . self::$locale['509'] . "</span>"; echo "<label for='calc_c'>" . self::$locale['508'] . "</label><br />\n"; echo form_text('calc_b', '', $calc_b, array('required' => 1, 'number' => 1, 'error_text' => self::$locale['error_rate'], 'width' => '100px', 'max_length' => '3', 'class' => 'm-r-10 pull-left')); echo form_select('calc_c', '', $calc_c, array('options' => $calc_opts, 'placeholder' => self::$locale['choose'], 'class' => 'pull-left', 'width' => '100%')); echo "</div>\n"; echo "<div class='clearfix'>\n"; echo "<span class='small pull-right'>" . self::$locale['535'] . "</span>\n"; echo "<label for='attachmax_count'>" . self::$locale['534'] . "</label>\n"; echo form_select('forum_attachmax_count', '', $forum_settings['forum_attachmax_count'], array('options' => range(1, 10), 'error_text' => self::$locale['error_value'], 'width' => '100%')); echo "</div>\n"; echo "<div class='clearfix'>\n"; echo "<span class='small pull-right'>" . self::$locale['511'] . "</span>\n"; echo form_select('forum_attachtypes', self::$locale['510'], $forum_settings['forum_attachtypes'], array('options' => $mime_opts, 'width' => '100%', 'error_text' => self::$locale['error_type'], 'tags' => 1, 'multiple' => 1, 'placeholder' => self::$locale['choose'])); echo "</div>\n"; closeside(); openside(''); $timeframe_opts = array('604800' => self::$locale['527'], '2419200' => self::$locale['528'], '31557600' => self::$locale['529'], '0' => self::$locale['530']); $lastpost_opts = array('0' => self::$locale['519'], '1' => self::$locale['533']); for ($i = 2; $i <= 20; $i++) { $array_opts[$i] = sprintf(self::$locale['532'], $i); } if (isset($_GET['action']) && $_GET['action'] == "count_posts") { echo alert(self::$locale['524'], '', array('class' => 'warning')); } echo "<div class='clearfix'>\n"; echo form_select('popular_threads_timeframe', self::$locale['525'], $forum_settings['popular_threads_timeframe'], array('options' => $timeframe_opts, 'error_text' => self::$locale['error_value'], 'width' => '100%')); echo "</div>\n"; echo "<div class='clearfix'>\n"; echo form_select('forum_last_posts_reply', self::$locale['531'], $forum_settings['forum_last_posts_reply'], array('options' => $lastpost_opts, 'error_text' => self::$locale['error_value'], 'width' => '100%')); echo "</div>\n"; echo form_button('recount_user_post', self::$locale['523'], '1', array('class' => 'btn-primary btn-block')); closeside(); echo "</div>\n"; echo "</div>\n"; echo form_button('savesettings', self::$locale['750'], self::$locale['750'], array('class' => 'btn-success')); echo closeform(); }
add_breadcrumb(array('link' => ADMIN . 'banners.php' . $aidlink, 'title' => $locale['850'])); $message = ''; if (isset($_GET['error'])) { switch ($_GET['error']) { case '1': $message = $locale['901']; $status = 'danger'; $icon = "<i class='fa fa-alert fa-lg fa-fw'></i>"; break; default: $message = $locale['900']; $status = 'success'; $icon = "<i class='fa fa-check-square-o fa-lg fa-fw'></i>"; } if ($message) { addNotice($status, $icon . $message); } } if (isset($_POST['save_banners'])) { $error = 0; $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . addslash($_POST['sitebanner1']) . "' WHERE settings_name='sitebanner1'"); if (!$result) { $error = 1; } $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . addslash($_POST['sitebanner2']) . "' WHERE settings_name='sitebanner2'"); if (!$result) { $error = 1; } redirect(FUSION_SELF . $aidlink . "&error=" . $error, TRUE); } if (isset($_POST['preview_banners'])) {
function form_textarea($input_name, $label = '', $input_value = '', array $options = array()) { global $locale, $defender, $userdata; // for editor $title = $label ? stripinput($label) : ucfirst(strtolower(str_replace("_", " ", $input_name))); $input_name = isset($input_name) && !empty($input_name) ? stripinput($input_name) : ""; require_once INCLUDES . "bbcode_include.php"; require_once INCLUDES . "html_buttons_include.php"; include_once LOCALE . LOCALESET . "admin/html_buttons.php"; include_once LOCALE . LOCALESET . "error.php"; if (!empty($options['bbcode'])) { $options['type'] = "bbcode"; } elseif (!empty($options['html'])) { $options['type'] = "html"; } $options = array('input_id' => !empty($options['input_id']) ? $options['input_id'] : $input_name, "type" => !empty($options['type']) && in_array($options['type'], array("html", "bbcode", "tinymce")) ? $options['type'] : "", 'required' => !empty($options['required']) && $options['required'] == 1 ? '1' : '0', 'placeholder' => !empty($options['placeholder']) ? $options['placeholder'] : '', 'deactivate' => !empty($options['deactivate']) && $options['deactivate'] == 1 ? '1' : '', 'width' => !empty($options['width']) ? $options['width'] : '100%', 'height' => !empty($options['height']) ? $options['height'] : '80px', 'class' => !empty($options['class']) ? $options['class'] : '', 'inline' => !empty($options['inline']) && $options['inline'] == 1 ? '1' : '0', 'length' => !empty($options['length']) ? $options['length'] : '200', 'error_text' => !empty($options['error_text']) ? $options['error_text'] : $locale['error_input_default'], 'safemode' => !empty($options['safemode']) && $options['safemode'] == 1 ? '1' : '0', 'form_name' => !empty($options['form_name']) ? $options['form_name'] : 'input_form', 'tinymce' => !empty($options['tinymce']) && in_array($options['tinymce'], array(TRUE, 'simple', 'advanced')) ? $options['tinymce'] : "simple", 'no_resize' => !empty($options['no_resize']) && $options['no_resize'] == '1' ? '1' : '0', 'autosize' => !empty($options['autosize']) && $options['autosize'] == 1 ? '1' : '0', 'preview' => !empty($options['preview']) && $options['preview'] == TRUE ? TRUE : FALSE, 'path' => !empty($options['path']) && $options['path'] ? $options['path'] : IMAGES, 'maxlength' => !empty($options['maxlength']) && isnum($options['maxlength']) ? $options['maxlength'] : '', 'tip' => !empty($options['tip']) ? $options['tip'] : ''); if ($options['type'] == "tinymce") { $tinymce_list = array(); $image_list = makefilelist(IMAGES, ".|..|"); $image_filter = array('png', 'PNG', 'bmp', 'BMP', 'jpg', 'JPG', 'jpeg', 'gif', 'GIF', 'tiff', 'TIFF'); foreach ($image_list as $image_name) { $image_1 = explode('.', $image_name); $last_str = count($image_1) - 1; if (in_array($image_1[$last_str], $image_filter)) { $tinymce_list[] = array('title' => $image_name, 'value' => IMAGES . $image_name); } } $tinymce_list = json_encode($tinymce_list); $tinymce_smiley_vars = ""; if (!defined('tinymce')) { add_to_head("<style type='text/css'>.mceIframeContainer iframe{width:100%!important; height:30px;}</style>"); add_to_footer("<script type='text/javascript' src='" . INCLUDES . "jscripts/tinymce/tinymce.min.js'></script>"); define('tinymce', TRUE); // PHP-Fusion Parse Cache Smileys $smileys = cache_smileys(); $tinymce_smiley_vars = ""; if (!empty($smileys)) { $tinymce_smiley_vars = "var shortcuts = {\n"; foreach ($smileys as $params) { $tinymce_smiley_vars .= "'" . strtolower($params['smiley_code']) . "' : '<img alt=\"" . $params['smiley_text'] . "\" src=\"" . IMAGES . "smiley/" . $params['smiley_image'] . "\"/>',\n"; } $tinymce_smiley_vars .= "};\n"; $tinymce_smiley_vars .= "\n\t\t\t\ted.on('keyup load', function(e){\n\t\t\t\t\tvar marker = tinymce.activeEditor.selection.getBookmark();\n\t\t\t\t\t// Store editor contents\n\t\t\t\t\tvar content = tinymce.activeEditor.getContent({'format':'raw'});\n\t\t\t\t\t// Loop through all shortcuts\n\t\t\t\t\tfor(var key in shortcuts){\n\t\t\t\t\t\t// Check if the editor html contains the looped shortcut\n\t\t\t\t\t\tif(content.toLowerCase().indexOf(key) != -1) {\n\t\t\t\t\t\t\t// Escaping special characters to be able to use the shortcuts in regular expression\n\t\t\t\t\t\t\tvar k = key.replace(/[<>*()?']/ig, \"\\\$&\");\n\t\t\t\t\t\t\ttinymce.activeEditor.setContent(content.replace(k, shortcuts[key]));\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\t// Now put cursor back where it was\n\t\t\t\t\ttinymce.activeEditor.selection.moveToBookmark(marker);\n\t\t\t\t});\n\t\t\t\t"; } } // Mode switching for TinyMCE switch ($options['tinymce']) { case 'advanced': add_to_jquery("\n tinymce.init({\n selector: '#" . $options['input_id'] . "',\n theme: 'modern',\n entity_encoding : 'raw',\n width: '100%',\n height: 300,\n plugins: [\n 'advlist autolink autoresize link image lists charmap print preview hr anchor pagebreak spellchecker',\n 'searchreplace wordcount visualblocks visualchars code fullscreen insertdatetime media nonbreaking',\n 'save table contextmenu directionality template paste textcolor'\n ],\n image_list: {$tinymce_list},\n content_css: '" . THEMES . "admin_templates/" . fusion_get_settings("admin_theme") . "/acp_styles.css',\n toolbar1: 'insertfile undo redo | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | newdocument fullscreen preview cut copy paste pastetext spellchecker searchreplace code',\n toolbar2: 'styleselect formatselect removeformat | fontselect fontsizeselect bold italic underline strikethrough subscript superscript blockquote | forecolor backcolor',\n toolbar3: 'hr pagebreak insertdatetime | link unlink anchor | image media | table charmap visualchars visualblocks emoticons',\n image_advtab: true,\n style_formats: [\n {title: 'Bold text', inline: 'b'},\n {title: 'Red text', inline: 'span', styles: {color: '#ff0000'}},\n {title: 'Red header', block: 'h1', styles: {color: '#ff0000'}},\n {title: 'Example 1', inline: 'span', classes: 'example1'},\n {title: 'Example 2', inline: 'span', classes: 'example2'},\n {title: 'Table styles'},\n {title: 'Table row 1', selector: 'tr', classes: 'tablerow1'}\n ],\n setup: function(ed) {\n \t\t\t\t\t// add tabkey listener\n \t\t\t\t\ted.on('keydown', function(event) {\n \t\t\t\t\tif (event.keyCode == 9) { // tab pressed\n \t\t\t\t\t\tif (event.shiftKey) { ed.execCommand('Outdent'); } else { ed.execCommand('Indent'); }\n \t\t\t\t\t\tevent.preventDefault();\n \t\t\t\t\t\treturn false;\n \t\t\t\t\t}\n\t\t\t\t\t\t});\n\t\t\t\t\t\t// auto smileys parsing\n\t\t\t\t\t\t" . $tinymce_smiley_vars . "\n\t\t\t\t}\n });\n "); break; case 'simple': add_to_jquery("\n tinymce.init({\n selector: '#" . $options['input_id'] . "',\n theme: 'modern',\n menubar: false,\n statusbar: false,\n content_css: '" . THEMES . "/templates/tinymce.css',\n image_list: {$tinymce_list},\n plugins: [\n 'advlist autolink autoresize link lists charmap print preview hr anchor pagebreak spellchecker',\n 'searchreplace wordcount visualblocks visualchars code fullscreen insertdatetime media nonbreaking',\n 'contextmenu directionality template paste bbcode autoresize'\n ],\n height: 30,\n image_advtab: true,\n toolbar1: 'undo redo | bold italic underline | bullist numlist blockquote | hr media | fullscreen',\n entity_encoding : 'raw',\n language: '" . $locale['tinymce'] . "',\n object_resizing: false,\n resize: false,\n relative_urls: false,\n setup: function(ed) {\n \t\t\t\t\t// add tabkey listener\n \t\t\t\t\ted.on('keydown', function(event) {\n \t\t\t\t\tif (event.keyCode == 9) { // tab pressed\n \t\t\t\t\t\tif (event.shiftKey) { ed.execCommand('Outdent'); } else { ed.execCommand('Indent'); }\n \t\t\t\t\t\tevent.preventDefault();\n \t\t\t\t\t\treturn false;\n \t\t\t\t\t}\n\t\t\t\t\t\t});\n\t\t\t\t\t\t// auto smileys parsing\n\t\t\t\t\t\t" . $tinymce_smiley_vars . "\n\t\t\t\t}\n });\n "); add_to_jquery("\n\t\t\t\t\$('#inject').bind('click', function() {\n\t\t\t\t\ttinyMCE.activeEditor.execCommand(\"mceInsertContent\", true, '[b]I am injecting in stuff..[/b]');\n\t\t\t\t\t});\n\t\t\t\t"); break; case 'default': add_to_jquery("\n tinymce.init({\n selector: '#" . $options['input_id'] . "',\n theme: 'modern',\n entity_encoding : 'raw',\n language:'" . $locale['tinymce'] . "',\n setup: function(ed) {\n \t\t\t\t\t// add tabkey listener\n \t\t\t\t\ted.on('keydown', function(event) {\n \t\t\t\t\tif (event.keyCode == 9) { // tab pressed\n \t\t\t\t\t\tif (event.shiftKey) { ed.execCommand('Outdent'); } else { ed.execCommand('Indent'); }\n \t\t\t\t\t\tevent.preventDefault();\n \t\t\t\t\t\treturn false;\n \t\t\t\t\t}\n\t\t\t\t\t\t});\n\t\t\t\t\t\t// auto smileys parsing\n\t\t\t\t\t\t" . $tinymce_smiley_vars . "\n\t\t\t\t}\n });\n "); break; } } else { if (!defined('autogrow') && $options['autosize']) { define('autogrow', TRUE); add_to_footer("<script src='" . DYNAMICS . "assets/autosize/jquery.autosize.min.js'></script>"); } if ($options['autosize']) { add_to_jquery("\n\t\t \$('#" . $options['input_id'] . "').autosize();\n\t\t "); } } if ($input_value !== '') { $input_value = html_entity_decode(stripslashes($input_value), ENT_QUOTES, $locale['charset']); $input_value = str_replace("<br />", "", $input_value); } $error_class = ""; if ($defender->inputHasError($input_name)) { $error_class = "has-error "; if (!empty($options['error_text'])) { $new_error_text = $defender->getErrorText($input_name); if (!empty($new_error_text)) { $options['error_text'] = $new_error_text; } addNotice("danger", "<strong>{$title}</strong> - " . $options['error_text']); } } $html = "<div id='" . $options['input_id'] . "-field' class='form-group " . $error_class . $options['class'] . "' " . ($options['inline'] && $options['width'] && !$label ? "style='width: " . $options['width'] . " !important;'" : '') . ">\n"; $html .= $label ? "<label class='control-label " . ($options['inline'] ? "col-xs-12 col-sm-3 col-md-3 col-lg-3 p-l-0" : '') . "' for='" . $options['input_id'] . "'>{$label} " . ($options['required'] == 1 ? "<span class='required'>*</span>" : '') . " " . ($options['tip'] ? "<i class='pointer fa fa-question-circle' title='" . $options['tip'] . "'></i>" : '') . "</label>\n" : ''; $html .= $options['inline'] ? "<div class='col-xs-12 " . ($label ? "col-sm-9 col-md-9 col-lg-9 p-r-0" : "col-sm-12 p-l-0") . "'>\n" : ""; $tab_active = 0; $tab_title = array(); if ($options['preview'] && ($options['type'] == "html" || $options['type'] == "bbcode")) { $tab_title['title'][] = $locale['preview']; $tab_title['id'][] = "prw-" . $options['input_id']; $tab_title['icon'][] = ''; $tab_title['title'][] = $locale['texts']; $tab_title['id'][] = "txt-" . $options['input_id']; $tab_title['icon'][] = ''; $tab_active = tab_active($tab_title, 1); $html .= opentab($tab_title, $tab_active, $options['input_id'] . "-link", "", "editor-wrapper"); $html .= opentabbody($tab_title['title'][1], "txt-" . $options['input_id'], $tab_active); } $html .= $options['type'] == "html" || $options['type'] == "bbcode" ? "<div class='panel panel-default panel-txtarea m-b-0' " . ($options['preview'] ? "style='border-top:0 !important; border-radius:0 !important;'" : '') . ">\n<div class='panel-heading clearfix' style='padding-bottom:0 !important;'>\n" : ''; if ($options['type'] == "bbcode" && $options['form_name']) { $html .= display_bbcodes('90%', $input_name, $options['form_name']); } elseif ($options['type'] == "html" && $options['form_name']) { $html .= display_html($options['form_name'], $input_name, TRUE, TRUE, TRUE, $options['path']); } $html .= $options['type'] == "html" || $options['type'] == "bbcode" ? "</div>\n<div class='panel-body p-0'>\n" : ''; $html .= "<textarea name='{$input_name}' style='width:100%; height:" . $options['height'] . "; " . ($options['no_resize'] ? 'resize: none;' : '') . "' class='form-control p-15 m-0 " . $options['class'] . " " . ($options['autosize'] ? 'animated-height' : '') . " " . ($options['type'] == "html" || $options['type'] == "bbcode" ? "no-shadow no-border" : '') . " textbox ' placeholder='" . $options['placeholder'] . "' id='" . $options['input_id'] . "' " . ($options['deactivate'] ? 'readonly' : '') . ($options['maxlength'] ? "maxlength='" . $options['maxlength'] . "'" : '') . ">" . $input_value . "</textarea>\n"; if ($options['type'] == "html" || $options['type'] == "bbcode") { $html .= "</div>\n<div class='panel-footer clearfix'>\n"; $html .= "<div class='overflow-hide'><small>" . $locale['word_count'] . ": <span id='" . $options['input_id'] . "-wordcount'></span></small></div>"; add_to_jquery("\n\t\tvar init_str = \$('#" . $options['input_id'] . "').val().replace(/<[^>]+>/ig, '').replace(/\\n/g,'').replace(/ /g, '').length;\n\t\t\$('#" . $options['input_id'] . "-wordcount').text(init_str);\n\t\t\$('#" . $options['input_id'] . "').on('input propertychange paste', function() {\n\t\tvar str = \$(this).val().replace(/<[^>]+>/ig, '').replace(/\\n/g,'').replace(/ /g, '').length;\n\t\t\$('#" . $options['input_id'] . "-wordcount').text(str);\n\t\t});\n\t\t"); $html .= "</div>\n</div>\n"; } if ($options['preview'] && ($options['type'] == "bbcode" || $options['type'] == "html")) { $html .= closetabbody(); $html .= opentabbody($tab_title['title'][0], "prw-" . $options['input_id'] . "", $tab_active); $html .= "No Result"; $html .= closetabbody(); $html .= closetab(); add_to_jquery("\n\t\t// preview syntax\n\t\tvar form = \$('#" . $options['form_name'] . "');\n\t\t\$('#tab-prw-" . $options['input_id'] . "').bind('click',function(){\n\t\tvar text = \$('#" . $options['input_id'] . "').val();\n\t\tvar format = '" . ($options['type'] == "bbcode" ? 'bbcode' : 'html') . "';\n\t\tvar data = {\n\t\t\t" . (defined('ADMIN_PANEL') ? "'mode': 'admin', " : "") . "\n\t\t\t'text' : text,\n\t\t\t'editor' : format,\n\t\t\t'url' : '" . $_SERVER['REQUEST_URI'] . "',\n\t\t};\n\t\tvar sendData = form.serialize() + '&' + \$.param(data);\n\t\t\$.ajax({\n\t\t\turl: '" . INCLUDES . "dynamics/assets/preview/preview.ajax.php',\n\t\t\ttype: 'POST',\n\t\t\tdataType: 'html',\n\t\t\tdata : sendData,\n\t\t\tsuccess: function(result){\n\t\t\t//console.log(result);\n\t\t\t\$('#prw-" . $options['input_id'] . "').html(result);\n\t\t\t},\n\t\t\terror: function(result) {\n\t\t\t\tnew PNotify({\n\t\t\t\t\ttitle: '" . $locale['error_preview'] . "',\n\t\t\t\t\ttext: '" . $locale['error_preview_text'] . "',\n\t\t\t\t\ticon: 'notify_icon n-attention',\n\t\t\t\t\tanimation: 'fade',\n\t\t\t\t\twidth: 'auto',\n\t\t\t\t\tdelay: '3000'\n\t\t\t\t});\n\t\t\t}\n\t\t\t});\n\t\t});\n\t\t"); } $html .= $options['required'] == 1 && $defender->inputHasError($input_name) || $defender->inputHasError($input_name) ? "<div id='" . $options['input_id'] . "-help' class='label label-danger p-5 display-inline-block'>" . $options['error_text'] . "</div>" : ""; $html .= $options['inline'] ? "</div>\n" : ''; $html .= "</div>\n"; $defender->add_field_session(array('input_name' => $input_name, 'type' => 'textarea', 'title' => $label, 'id' => $options['input_id'], 'required' => $options['required'], 'safemode' => $options['safemode'], 'error_text' => $options['error_text'])); return $html; }
include INCLUDES . "rewrites/" . $rewrite_name . "_rewrite_info.php"; } $rows = dbcount("(rewrite_id)", DB_PERMALINK_REWRITE, "rewrite_name='" . $rewrite_name . "'"); if ($rows > 0) { $result = dbquery("SELECT p.* FROM " . DB_PERMALINK_REWRITE . " r\n INNER JOIN " . DB_PERMALINK_METHOD . " p ON r.rewrite_id=p.pattern_type\n WHERE r.rewrite_name='" . $rewrite_name . "'"); if (dbrows($result) > 0) { while ($data = dbarray($result)) { $driver[] = $data; } $edit_name = sprintf($locale['405'], $permalink_name); } else { addNotice("danger", sprintf($locale['422'], $permalink_name)); redirect(FUSION_SELF . $aidlink); } } else { addNotice('danger', $locale['423']); redirect(FUSION_SELF . $aidlink); } } else { $result = dbquery("SELECT * FROM " . DB_PERMALINK_REWRITE . " ORDER BY rewrite_name ASC"); if (dbrows($result)) { while ($data = dbarray($result)) { $permalink[] = $data; $enabled_rewrites[] = $data['rewrite_name']; } } } $tab['title'][] = $edit_name == TRUE ? $edit_name : $locale['400']; $tab['id'][] = $default_section; $tab['icon'][] = ""; $tab['title'][] = $locale['401'];
/** * Thread Class constructor - This builds all essential data on load. */ public function __construct() { global $locale, $userdata, $settings, $forum_settings; // exit no.1 if (!isset($_GET['thread_id']) && !isnum($_GET['thread_id'])) { redirect(INFUSIONS . 'forum/index.php'); } $thread_data = \PHPFusion\Forums\Functions::get_thread($_GET['thread_id']); // fetch query and define iMOD if (!empty($thread_data)) { $thread_stat = self::get_thread_stats($_GET['thread_id']); // get post_count, lastpost_id, first_post_id. if ($thread_data['forum_type'] == 1) { redirect(INFUSIONS . 'forum/index.php'); } if ($thread_stat['post_count'] < 1) { redirect(INFUSIONS . 'forum/index.php'); } // Set meta add_to_meta($locale['forum_0000']); if ($thread_data['forum_description'] !== '') { add_to_meta('description', $thread_data['forum_description']); } if ($thread_data['forum_meta'] !== '') { add_to_meta('keywords', $thread_data['forum_meta']); } add_to_title($thread_data['thread_subject']); // Set Forum Breadcrumbs $this->forum_index = dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'); add_breadcrumb(array('link' => INFUSIONS . 'forum/index.php', 'title' => $locale['forum_0000'])); forum_breadcrumbs($this->forum_index, $thread_data['forum_id']); add_breadcrumb(array('link' => INFUSIONS . 'forum/viewthread.php?forum_id=' . $thread_data['forum_id'] . '&thread_id=' . $thread_data['thread_id'], 'title' => $thread_data['thread_subject'])); $this->setThreadPermission($thread_data); // Sanitizes $_GETs $_GET['forum_id'] = $thread_data['forum_id']; /** * Generate User Tracked Buttons */ $this->thread_info['buttons']['notify'] = array(); if ($this->getThreadPermission("can_access")) { // only member can track the thread if ($thread_data['user_tracked']) { $this->thread_info['buttons']['notify'] = array('link' => INFUSIONS . "forum/postify.php?post=off&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'], 'title' => $locale['forum_0174']); } else { $this->thread_info['buttons']['notify'] = array('link' => INFUSIONS . "forum/postify.php?post=on&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'], 'title' => $locale['forum_0175']); } } /** * Generate Quick Reply Form */ $qr_form = ""; if ($this->getThreadPermission("can_reply") == TRUE && $thread_data['forum_quick_edit'] == TRUE) { $qr_form = "<!--sub_forum_thread-->\n"; $form_url = INFUSIONS . "forum/viewthread.php?thread_id=" . $thread_data['thread_id']; $qr_form .= openform('quick_reply_form', 'post', $form_url, array('class' => 'm-b-20 m-t-20')); $qr_form .= "<h4 class='m-t-20 pull-left'>" . $locale['forum_0168'] . "</h4>\n"; $qr_form .= form_textarea('post_message', $locale['forum_0601'], '', array('bbcode' => true, 'required' => true, 'autosize' => true, 'preview' => true, 'form_name' => 'quick_reply_form')); $qr_form .= "<div class='m-t-10 pull-right'>\n"; $qr_form .= form_button('post_quick_reply', $locale['forum_0172'], $locale['forum_0172'], array('class' => 'btn-primary btn-sm m-r-10')); $qr_form .= "</div>\n"; $qr_form .= "<div class='overflow-hide'>\n"; $qr_form .= form_checkbox('post_smileys', $locale['forum_0169'], '', array('class' => 'm-b-0')); if (array_key_exists("user_sig", $userdata) && $userdata['user_sig']) { $qr_form .= form_checkbox('post_showsig', $locale['forum_0170'], '1', array('class' => 'm-b-0')); } if ($forum_settings['thread_notify']) { $qr_form .= form_checkbox('notify_me', $locale['forum_0171'], $thread_data['user_tracked'], array('class' => 'm-b-0')); } $qr_form .= "</div>\n"; $qr_form .= closeform(); } /** * Generate Poll Form */ $poll = array(); $poll_form = ""; if ($this->getThreadPermission("can_access") && $thread_data['thread_poll'] == TRUE) { $poll_result = dbquery("SELECT\n\t\t\t\tpoll_opts.*, poll.forum_poll_title, poll.forum_poll_votes\n\t\t\t\tFROM " . DB_FORUM_POLL_OPTIONS . " poll_opts\n\t\t\t\tINNER JOIN " . DB_FORUM_POLLS . " poll using (thread_id)\n\t\t\t\tWHERE poll.thread_id='" . intval($thread_data['thread_id']) . "'\n\t\t\t\t"); if (dbrows($poll_result) > 0) { $i = 0; // Construct poll data - model while ($pdata = dbarray($poll_result)) { if ($i == 0) { $poll['forum_poll_title'] = $pdata['forum_poll_title']; $poll['forum_poll_votes'] = $pdata['forum_poll_votes']; $poll['forum_poll_max_options'] = dbrows($poll_result); } $poll['forum_poll_options'][$pdata['forum_poll_option_id']] = $pdata; $i++; } // SQL cast poll vote if (isset($_POST['poll_option']) && isnum($_POST['poll_option']) && $_POST['poll_option'] <= $poll['forum_poll_max_options']) { if ($this->getThreadPermission("can_vote_poll") == TRUE) { $pollInput['poll_option_id'] = stripinput($_POST['poll_option']); global $defender; if ($defender->safe()) { dbquery("UPDATE " . DB_FORUM_POLL_OPTIONS . " SET forum_poll_option_votes=forum_poll_option_votes+1 WHERE thread_id='" . intval($thread_data['thread_id']) . "' AND forum_poll_option_id='" . intval($pollInput['poll_option_id']) . "'"); dbquery("UPDATE " . DB_FORUM_POLLS . " SET forum_poll_votes=forum_poll_votes+1 WHERE thread_id='" . intval($thread_data['thread_id']) . "'"); dbquery("INSERT INTO " . DB_FORUM_POLL_VOTERS . " (thread_id, forum_vote_user_id, forum_vote_user_ip, forum_vote_user_ip_type) VALUES ('" . $thread_data['thread_id'] . "', '" . $userdata['user_id'] . "', '" . USER_IP . "', '" . USER_IP_TYPE . "')"); addNotice('success', $locale['forum_0614']); redirect(INFUSIONS . "forum/viewthread.php?forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id']); } else { addNotice("danger", "You are not eligible to cast a vote in the poll."); } } } $poll_form_start = ""; $poll_form_end = ""; if ($this->getThreadPermission("can_vote_poll")) { $poll_form_start = openform("poll_vote_form", "post", INFUSIONS . "forum/viewthread.php?thread_id=" . $thread_data['thread_id']); $poll_form_end = form_button('vote', $locale['forum_2010'], 'vote', array('class' => 'btn btn-sm btn-primary m-l-20 ')); $poll_form_end .= closeform(); } // need to fix security. if ($this->getThreadPermission("can_edit_poll")) { $poll_form .= "<div class='pull-right btn-group'>\n"; $poll_form .= "<a class='btn btn-sm btn-default' href='" . INFUSIONS . "forum/viewthread.php?action=editpoll&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'] . "'>" . $locale['forum_0603'] . "</a>\n"; $poll_form .= "<a class='btn btn-sm btn-default' href='" . INFUSIONS . "forum/viewthread.php?action=deletepoll&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'] . "' onclick='confirm('" . $locale['forum_0616'] . "');'>" . $locale['delete'] . "</a>\n"; $poll_form .= "</div>\n"; } $poll_form .= $poll_form_start; $poll_form .= "<h3 class='strong m-b-10'><i class='fa fa-fw fa-pie-chart fa-lg'></i>" . $locale['forum_0377'] . " : " . $poll['forum_poll_title'] . "</h3>\n"; $poll_form .= "<ul class='p-l-20 p-t-0'>\n"; if (!empty($poll['forum_poll_options'])) { $i = 1; $vote_options = $poll['forum_poll_options']; foreach ($vote_options as $poll_option) { if ($this->getThreadPermission("can_vote_poll") == TRUE) { $poll_form .= "<li><label for='opt-" . $i . "'><input id='opt-" . $i . "' type='radio' name='poll_option' value='" . $i . "' class='m-r-20'> <span class='m-l-10'>" . $poll_option['forum_poll_option_text'] . "</span>\n</label></li>\n"; } else { $option_votes = $poll['forum_poll_votes'] ? number_format(100 / $poll['forum_poll_votes'] * $poll_option['forum_poll_option_votes']) : 0; $poll_form .= progress_bar($option_votes, $poll_option['forum_poll_option_text'], '', '10px'); } $i++; } } $poll_form .= "</ul>\n"; $poll_form .= $poll_form_end; } } /** * Generate Attachment */ $attachments = array(); if ($this->getThreadPermission("can_download_attach") == TRUE) { $a_result = dbquery("SELECT * FROM " . DB_FORUM_ATTACHMENTS . " WHERE thread_id='" . intval($thread_data['thread_id']) . "' ORDER BY post_id ASC"); if (dbrows($a_result) > 0) { while ($a_data = dbarray($a_result)) { if (file_exists(INFUSIONS . "forum/attachments/" . $a_data['attach_name'])) { //$this->thread_info['attachments'][$a_data['post_id']][] = $a_data; $attachments[$a_data['post_id']][] = $a_data; } } } } /** * Generate Mod Form */ if (iMOD) { // need to wrap with issets? $mod = new Moderator(); $mod->setForumId($thread_data['forum_id']); $mod->setThreadId($thread_data['thread_id']); $mod->set_modActions(); /** * Thread moderation form template */ $this->thread_info['mod_options'] = array('renew' => $locale['forum_0207'], 'delete' => $locale['forum_0201'], $thread_data['thread_locked'] ? "unlock" : "lock" => $thread_data['thread_locked'] ? $locale['forum_0203'] : $locale['forum_0202'], $thread_data['thread_sticky'] ? "nonsticky" : "sticky" => $thread_data['thread_sticky'] ? $locale['forum_0205'] : $locale['forum_0204'], 'move' => $locale['forum_0206']); $addition = isset($_GET['rowstart']) ? "&rowstart=" . intval($_GET['rowstart']) : ""; $this->thread_info['form_action'] = INFUSIONS . "forum/viewthread.php?thread_id=" . intval($thread_data['thread_id']) . $addition; $this->thread_info['open_post_form'] = openform('moderator_menu', 'post', $this->thread_info['form_action']); $this->thread_info['close_post_form'] = closeform(); /* * <a id='check' class='btn button btn-sm btn-default text-dark' href='#' onclick=\"javascript:setChecked('mod_form','delete_post[]',1);return false;\">".$locale['forum_0080']."</a>\n <a id='uncheck' class='btn button btn-sm btn-default text-dark' href='#' onclick=\"javascript:setChecked('mod_form','delete_post[]',0);return false;\">".$locale['forum_0081']."</a>\n */ $this->thread_info['mod_form'] = "\n\t\t\t\t<div class='list-group-item'>\n\n\t\t\t\t\t<div class='btn-group m-r-10'>\n\n\t\t\t\t\t\t" . form_button("check_all", $locale['forum_0080'], $locale['forum_0080'], array('class' => 'btn-default btn-sm', "type" => "button")) . "\n\t\t\t\t\t\t" . form_button("check_none", $locale['forum_0081'], $locale['forum_0080'], array('class' => 'btn-default btn-sm', "type" => "button")) . "\n\t\t\t\t\t</div>\n\n\t\t\t\t\t" . form_button('move_posts', $locale['forum_0176'], $locale['forum_0176'], array('class' => 'btn-default btn-sm m-r-10')) . "\n\t\t\t\t\t" . form_button('delete_posts', $locale['forum_0177'], $locale['forum_0177'], array('class' => 'btn-default btn-sm')) . "\n\t\t\t\t\t<div class='pull-right'>\n\t\t\t\t\t\t" . form_button('go', $locale['forum_0208'], $locale['forum_0208'], array('class' => 'btn-default pull-right btn-sm m-t-0 m-l-10')) . "\n\t\t\t\t\t\t" . form_select('step', '', '', array('options' => $this->thread_info['mod_options'], 'placeholder' => $locale['forum_0200'], 'width' => '250px', 'allowclear' => 1, 'class' => 'm-b-0 m-t-5', 'inline' => 1)) . "\n\t\t\t\t\t</div>\n\n\t\t\t\t</div>\n"; add_to_jquery("\n\t\t\t\t\$('#check_all').bind('click', function() {\n\t\t\t\t var thread_posts = \$('#moderator_menu input:checkbox').prop('checked', true);\n\t\t\t\t});\n\t\t\t\t\$('#check_none').bind('click', function() {\n\t\t\t\t var thread_posts = \$('#moderator_menu input:checkbox').prop('checked', false); });\n\t\t\t\t"); } $this->thread_info += array("thread" => $thread_data, "thread_id" => $thread_data['thread_id'], "forum_id" => $thread_data['forum_id'], "forum_cat" => isset($_GET['forum_cat']) && verify_forum($_GET['forum_cat']) ? $_GET['forum_cat'] : 0, "forum_branch" => isset($_GET['forum_branch']) && verify_forum($_GET['forum_branch']) ? $_GET['forum_branch'] : 0, "forum_link" => array("link" => INFUSIONS . "forum/index.php?viewforum&forum_id=" . $thread_data['forum_id'] . "&forum_cat=" . $thread_data['forum_cat'] . "&forum_branch=" . $thread_data['forum_branch'], "title" => $thread_data['forum_name']), "post_id" => isset($_GET['post_id']) && verify_post($_GET['post_id']) ? $_GET['post_id'] : 0, "pid" => isset($_GET['pid']) && isnum($_GET['pid']) ? $_GET['pid'] : 0, "section" => isset($_GET['section']) ? $_GET['section'] : '', "forum_moderators" => Functions::parse_forumMods($thread_data['forum_mods']), "max_post_items" => $thread_stat['post_count'], "post_firstpost" => $thread_stat['first_post_id'], "post_lastpost" => $thread_stat['last_post_id'], "posts_per_page" => $forum_settings['posts_per_page'], "threads_per_page" => $forum_settings['threads_per_page'], "lastvisited" => isset($userdata['user_lastvisit']) && isnum($userdata['user_lastvisit']) ? $userdata['user_lastvisit'] : time(), "allowed_post_filters" => array('oldest', 'latest', 'high'), "attachtypes" => explode(",", $forum_settings['forum_attachtypes']), "quick_reply_form" => $qr_form, "poll_form" => $poll_form, "post-filters" => "", 'mod_options' => array(), 'form_action' => '', 'open_post_form' => '', 'close_post_form' => '', 'mod_form' => ''); /** * Generate All Thread Buttons */ $this->thread_info['buttons'] += array("print" => array("link" => BASEDIR . "print.php?type=F&item_id=" . $thread_data['thread_id'] . "&rowstart=" . $_GET['rowstart'], "title" => $locale['forum_0178']), "newthread" => $this->getThreadPermission("can_post") == TRUE ? array("link" => INFUSIONS . "forum/newthread.php?forum_id=" . $thread_data['forum_id'], "title" => $locale['forum_0264']) : array(), "reply" => $this->getThreadPermission("can_reply") == TRUE ? array("link" => INFUSIONS . "forum/viewthread.php?action=reply&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'], "title" => $locale['forum_0360']) : array(), "poll" => $this->getThreadPermission("can_create_poll") == TRUE ? array("link" => INFUSIONS . "forum/viewthread.php?action=newpoll&forum_id=" . $thread_data['forum_id'] . "&thread_id=" . $thread_data['thread_id'], "title" => $locale['forum_0366']) : array()); /** * Generate Post Filters */ $this->thread_info['post-filters'][0] = array('value' => INFUSIONS . 'forum/viewthread.php?thread_id=' . $thread_data['thread_id'] . '&section=oldest', 'locale' => $locale['forum_0180']); $this->thread_info['post-filters'][1] = array('value' => INFUSIONS . 'forum/viewthread.php?thread_id=' . $thread_data['thread_id'] . '&section=latest', 'locale' => $locale['forum_0181']); if ($this->getThreadPermission("can_rate") == TRUE) { $this->thread_info['allowed-post-filters'][2] = 'high'; $this->thread_info['post-filters'][2] = array('value' => INFUSIONS . 'forum/viewthread.php?thread_id=' . $this->thread_info['thread_id'] . '&section=high', 'locale' => $locale['forum_0182']); } $this->handle_quick_reply(); $this->get_thread_post(); //self::set_ThreadJs(); // execute in the end. //self::set_ForumPostDB(); } else { redirect(FORUM . 'index.php'); } }
| Affero GPL license. You can redistribute it and/or | modify it under the terms of this license which you | can read by viewing the included agpl.txt or online | at www.gnu.org/licenses/agpl.html. Removal of this | copyright header is strictly prohibited without | written permission from the original author(s). +--------------------------------------------------------*/ pageAccess("S8"); if (isset($_POST['savesettings'])) { $error = 0; $inputArray = array("article_pagination" => form_sanitizer($_POST['article_pagination'], 0, "article_pagination"), "article_allow_submission" => form_sanitizer($_POST['article_allow_submission'], 0, "article_allow_submission"), "article_extended_required" => isset($_POST['article_extended_required']) ? 1 : 0); if (defender::safe()) { foreach ($inputArray as $settings_name => $settings_value) { $inputSettings = array("settings_name" => $settings_name, "settings_value" => $settings_value, "settings_inf" => "article"); dbquery_insert(DB_SETTINGS_INF, $inputSettings, "update", array("primary_key" => "settings_name")); } addNotice("success", $locale['900']); redirect(FUSION_REQUEST); } else { addNotice('danger', $locale['901']); } } echo "<div class='well'>" . $locale['articles_0031'] . "</div>"; echo openform('settingsform', 'post', FUSION_REQUEST); openside(''); echo form_text("article_pagination", $locale['articles_0032'], $article_settings['article_pagination'], array("inline" => TRUE, "max_length" => 4, "width" => "150px", "type" => "number")); echo form_select("article_allow_submission", $locale['articles_0033'], $article_settings['article_allow_submission'], array("inline" => TRUE, "options" => array($locale['disable'], $locale['enable']))); echo form_checkbox("article_extended_required", $locale['articles_0034'], $article_settings['article_extended_required'], array("inline" => TRUE)); closeside(); echo form_button('savesettings', $locale['750'], $locale['750'], array('class' => 'btn-primary')); echo closeform();
$result = dbquery("\n\t\t\tSELECT ts.submit_id, ts.submit_datestamp, ts.submit_criteria\n\t\t\tFROM " . DB_SUBMISSIONS . " ts\n\t\t\tWHERE submit_type='d' and submit_id='" . intval($_GET['submit_id']) . "'\n\t\t"); if (dbrows($result) > 0) { $callback_data = dbarray($result); // delete all the relevant files $delCriteria = unserialize($callback_data['submit_criteria']); if (!empty($delCriteria['download_image']) && file_exists(INFUSIONS . "downloads/submisisons/images/" . $delCriteria['download_image'])) { unlink(INFUSIONS . "downloads/submisisons/images/" . $delCriteria['download_image']); } if (!empty($delCriteria['download_image_thumb']) && file_exists(INFUSIONS . "downloads/submisisons/images/" . $delCriteria['download_image_thumb'])) { unlink(INFUSIONS . "downloads/submisisons/images/" . $delCriteria['download_image_thumb']); } if (!empty($delCriteria['download_file']) && file_exists(INFUSIONS . "downloads/submisisons/images/" . $delCriteria['download_file'])) { unlink(INFUSIONS . "downloads/submisisons/" . $delCriteria['download_file']); } $result = dbquery("DELETE FROM " . DB_SUBMISSIONS . " WHERE submit_id='" . intval($callback_data['submit_id']) . "'"); addNotice("success", $locale['download_0062']); } redirect(clean_request("", array("submit_id"), FALSE)); } else { $result = dbquery("SELECT ts.submit_id,\n\t\t\tts.submit_datestamp, ts.submit_criteria, tu.user_id, tu.user_name, tu.user_avatar, tu.user_status\n\t\t\tFROM " . DB_SUBMISSIONS . " ts\n\t\t\tLEFT JOIN " . DB_USERS . " tu ON ts.submit_user=tu.user_id\n\t\t\tWHERE submit_type='d' order by submit_datestamp desc"); if (dbrows($result) > 0) { $data = dbarray($result); $submit_criteria = unserialize($data['submit_criteria']); $callback_data = array("download_title" => $submit_criteria['download_title'], "download_keywords" => $submit_criteria['download_keywords'], "download_description" => $submit_criteria['download_description'], "download_description_short" => $submit_criteria['download_description_short'], "download_cat" => $submit_criteria['download_cat'], "download_homepage" => $submit_criteria['download_homepage'], "download_license" => $submit_criteria['download_license'], "download_copyright" => $submit_criteria['download_copyright'], "download_os" => $submit_criteria['download_os'], "download_version" => $submit_criteria['download_version'], "download_file" => $submit_criteria['download_file'], "download_url" => $submit_criteria['download_url'], "download_filesize" => $submit_criteria['download_file'] ? $submit_criteria['download_filesize'] : 0, "download_image" => $submit_criteria['download_image'], "download_image_thumb" => $submit_criteria['download_image_thumb'], "download_id" => 0, "download_allow_comments" => TRUE, "download_allow_ratings" => TRUE, "download_visibility" => iGUEST, "download_datestamp" => $data['submit_datestamp']); add_to_title($locale['global_200'] . $locale['503'] . $locale['global_201'] . $callback_data['download_title'] . "?"); echo openform("publish_download", "post", FUSION_REQUEST); echo "<div class='well clearfix'>\n"; echo "<div class='pull-left'>\n"; echo display_avatar($callback_data, "30px", "", "", ""); echo "</div>\n"; echo "<div class='overflow-hide'>\n";
if (isset($_GET['action']) && $_GET['action'] == "delete" && (isset($_GET['weblink_id']) && isnum($_GET['weblink_id']))) { $result = dbquery("DELETE FROM " . DB_WEBLINKS . " WHERE weblink_id='" . $_GET['weblink_id'] . "'"); addNotice("success", $locale['wl_0302']); redirect(FUSION_SELF . $aidlink); } if (isset($_POST['save_link'])) { $data = array("weblink_id" => form_sanitizer($_POST['weblink_id'], 0, 'weblink_id'), "weblink_cat" => form_sanitizer($_POST['weblink_cat'], 0, 'weblink_cat'), "weblink_name" => form_sanitizer($_POST['weblink_name'], '', 'weblink_name'), "weblink_description" => form_sanitizer($_POST['weblink_description'], '', 'weblink_description'), "weblink_visibility" => form_sanitizer($_POST['weblink_visibility'], '0', 'weblink_visibility'), "weblink_url" => form_sanitizer($_POST['weblink_url'], '', 'weblink_url'), "weblink_datestamp" => form_sanitizer($_POST['weblink_datestamp'], '', 'weblink_datestamp')); if (defender::safe()) { if (dbcount("(weblink_id)", DB_WEBLINKS, "weblink_id='" . intval($data['weblink_id']) . "'")) { $data['weblink_datestamp'] = isset($_POST['update_datestamp']) ? time() : $data['weblink_datestamp']; dbquery_insert(DB_WEBLINKS, $data, "update"); addNotice("success", $locale['wl_0301']); redirect(FUSION_SELF . $aidlink); } else { dbquery_insert(DB_WEBLINKS, $data, "save"); addNotice("success", $locale['wl_0300']); redirect(FUSION_SELF . $aidlink); } } } if ($weblink_edit) { $result = dbquery("SELECT * FROM " . DB_WEBLINKS . " WHERE weblink_id='" . intval($_GET['weblink_id']) . "'"); if (dbrows($result)) { $data = dbarray($result); } else { redirect(FUSION_SELF . $aidlink); } } echo openform('inputform', 'post', FUSION_REQUEST, array("class" => "m-t-20")); echo "<div class='row'>\n"; echo "<div class='col-xs-12 col-sm-8'>\n";
function form_fileinput($input_name, $label = '', $input_value = FALSE, array $options = array()) { global $locale, $defender; $title = $label ? stripinput($label) : ucfirst(strtolower(str_replace("_", " ", $input_name))); $input_name = isset($input_name) && !empty($input_name) ? stripinput($input_name) : ""; $template_choices = array('classic', 'modern', 'thumbnail'); $default_options = array("input_id" => $input_name, "upload_path" => IMAGES, "required" => FALSE, "safemode" => FALSE, "deactivate" => FALSE, "preview_off" => FALSE, "type" => "image", "width" => "100%", "label" => $locale['browse'], "inline" => TRUE, "class" => "", "tip" => "", "ext_tip" => "", "error_text" => $locale['error_input_file'], "btn_class" => "btn-default", "icon" => "fa fa-upload", "jsonurl" => FALSE, "valid_ext" => ".jpg,.png,.PNG,.JPG,.JPEG,.gif,.GIF,.bmp,.BMP", "thumbnail" => FALSE, "thumbnail_w" => 300, "thumbnail_h" => 300, "thumbnail_folder" => "", "thumbnail_suffix" => "_t1", "thumbnail2" => FALSE, "thumbnail2_w" => 600, "thumbnail2_h" => 400, "thumbnail2_suffix" => "_t2", "delete_original" => FALSE, "max_width" => 1800, "max_height" => 1600, "max_byte" => 1500000, "max_count" => 1, "multiple" => FALSE, "template" => "classic"); $options += $default_options; if (!is_dir($options['upload_path'])) { $options['upload_path'] = IMAGES; } $options['thumbnail_folder'] = rtrim($options['thumbnail_folder'], "/"); if (!in_array($options['template'], $template_choices)) { $options['template'] = "classic"; } $options['input_id'] = trim($options['input_id'], "[]"); $error_class = ""; if ($defender->inputHasError($input_name)) { $error_class = "has-error "; if (!empty($options['error_text'])) { addNotice("danger", "<strong>{$title}</strong> - " . $options['error_text']); } } // default max file size $format = ''; $browseLabel = $locale['df_300']; // file type if single filter, if not will accept as object if left empty. $type_for_js = NULL; if ($options['type']) { if (!stristr($options['type'], ',') && $options['type']) { if ($options['type'] == 'image') { $format = "image/*"; $browseLabel = $locale['df_301']; } elseif ($options['type'] == 'video') { $format = "video/*"; $browseLabel = $locale['df_302']; } elseif ($options['type'] == 'audio') { $format = "audio/*"; $browseLabel = $locale['df_303']; } } $type_for_js = json_encode((array) $options['type']); } $value = ''; if (!empty($input_value)) { if (is_array($input_value)) { foreach ($input_value as $value) { $value[] = "<img class='img-responsive' src='" . $value . "/>"; } } else { $value = "<img class='img-responsive' src='" . $input_value . "'/>"; } $value = json_encode($value); } if (!defined('form_fileinput')) { add_to_head("<link href='" . DYNAMICS . "assets/fileinput/css/fileinput.min.css' media='all' rel='stylesheet' type='text/css' />"); add_to_footer("<script src='" . DYNAMICS . "assets/fileinput/js/fileinput.min.js' type='text/javascript'></script>"); define('form_fileinput', TRUE); } $html = "<div id='" . $options['input_id'] . "-field' class='form-group " . $error_class . $options['class'] . "' " . ($options['width'] && !$label ? "style='width: " . $options['width'] . " !important;'" : '') . ">\n"; $html .= $label ? "<label class='control-label " . ($options['inline'] ? "col-xs-12 col-sm-3 col-md-3 col-lg-3 p-l-0" : '') . "' for='" . $options['input_id'] . "'>{$label} " . ($options['required'] ? "<span class='required'>*</span>" : '') . "\n\t" . ($options['tip'] ? "<i class='pointer fa fa-question-circle' title='" . $options['tip'] . "'></i>" : '') . "\n\t</label>\n" : ''; $html .= $options['inline'] ? "<div class='col-xs-12 " . ($label ? "col-sm-9 col-md-9 col-lg-9" : "col-sm-12") . "'>\n" : ""; $html .= "<input type='file' " . ($format ? "accept='" . $format . "'" : '') . " name='" . $input_name . "' id='" . $options['input_id'] . "' style='width:" . $options['width'] . "' " . ($options['deactivate'] ? 'readonly' : '') . " " . ($options['multiple'] ? "multiple='1'" : '') . " />\n"; $html .= $options['ext_tip'] ? "<br/>\n<span class='tip'><i>" . $options['ext_tip'] . "</i></span>" : ""; $html .= $options['required'] == 1 && $defender->inputHasError($input_name) || $defender->inputHasError($input_name) ? "<div id='" . $options['input_id'] . "-help' class='label label-danger p-5 display-inline-block'>" . $options['error_text'] . "</div>" : ""; $html .= $options['inline'] ? "</div>\n" : ""; $html .= "</div>\n"; $defender->add_field_session(array('input_name' => trim($input_name, '[]'), 'type' => (array) $options['type'] == array('image') ? 'image' : 'file', 'title' => $title, 'id' => $options['input_id'], 'required' => $options['required'], 'safemode' => $options['safemode'], 'error_text' => $options['error_text'], 'path' => $options['upload_path'], 'thumbnail_folder' => $options['thumbnail_folder'], 'thumbnail' => $options['thumbnail'], 'thumbnail_suffix' => $options['thumbnail_suffix'], 'thumbnail_w' => $options['thumbnail_w'], 'thumbnail_h' => $options['thumbnail_h'], 'thumbnail2' => $options['thumbnail2'], 'thumbnail2_w' => $options['thumbnail2_w'], 'thumbnail2_h' => $options['thumbnail2_h'], 'thumbnail2_suffix' => $options['thumbnail2_suffix'], 'delete_original' => $options['delete_original'], 'max_width' => $options['max_width'], 'max_height' => $options['max_height'], 'max_count' => $options['max_count'], 'max_byte' => $options['max_byte'], 'multiple' => $options['multiple'], 'valid_ext' => $options['valid_ext'])); switch ($options['template']) { case "classic": add_to_jquery("\n \$('#" . $options['input_id'] . "').fileinput({\n allowedFileTypes: " . $type_for_js . ",\n allowedPreviewTypes : " . $type_for_js . ",\n " . ($value ? "initialPreview: " . $value . ", " : '') . "\n " . ($options['preview_off'] ? "showPreview: false, " : '') . "\n browseClass: 'btn " . $options['btn_class'] . " button',\n uploadClass: 'btn btn-default button',\n captionClass : '',\n removeClass : 'btn btn-default button',\n browseLabel: '" . $browseLabel . "',\n browseIcon: '<i class=\"" . $options['icon'] . " m-r-10\"></i>',\n " . ($options['jsonurl'] ? "uploadUrl : '" . $options['url'] . "'," : '') . "\n " . ($options['jsonurl'] ? '' : 'showUpload: false') . "\n });\n "); break; case "modern": add_to_jquery("\n \$('#" . $options['input_id'] . "').fileinput({\n allowedFileTypes: " . $type_for_js . ",\n allowedPreviewTypes : " . $type_for_js . ",\n " . ($value ? "initialPreview: " . $value . ", " : '') . "\n " . ($options['preview_off'] ? "showPreview: false, " : '') . "\n browseClass: 'btn btn-modal',\n uploadClass: 'btn btn-modal',\n captionClass : '',\n removeClass : 'btn button',\n browseLabel: '" . $browseLabel . "',\n browseIcon: '<i class=\"fa fa-plus m-r-10\"></i>',\n showCaption: false,\n showRemove: false,\n showUpload: false,\n layoutTemplates: {\n main2: '<div class=\"btn-photo-upload btn-link\">'+' {browse}'+' </div></span></div> {preview}',\n },\n });\n "); break; case "thumbnail": add_to_jquery("\n \$('#" . $options['input_id'] . "').fileinput({\n allowedFileTypes: " . $type_for_js . ",\n allowedPreviewTypes : " . $type_for_js . ",\n " . ($value ? "initialPreview: " . $value . ", " : '') . "\n " . ($options['preview_off'] ? "showPreview: false, " : '') . "\n defaultPreviewContent: '<img class=\"img-responsive\" src=\"" . IMAGES . "no_photo.png\" alt=\"" . $browseLabel . "\" style=\"width:100%;\">',\n browseClass: 'btn btn-sm btn-block btn-default',\n uploadClass: 'btn btn-modal',\n captionClass : '',\n removeClass : 'btn button',\n browseLabel: '" . $browseLabel . "',\n browseIcon: '<i class=\"fa fa-plus m-r-10\"></i>',\n showCaption: false,\n showRemove: false,\n showUpload: false,\n layoutTemplates: {\n main2: '<div class=\"panel panel-default\">'+'{preview}'+'<div class=\"panel-body\">'+' {browse}'+'</div></div>',\n },\n });\n "); break; } return $html; }
public function verifyCode($value) { global $locale, $userdata; if (!preg_check("/^[0-9a-z]{32}\$/i", $value)) { redirect("index.php"); } $result = dbquery("SELECT * FROM " . DB_EMAIL_VERIFY . " WHERE user_code='" . $value . "'"); if (dbrows($result)) { $data = dbarray($result); if ($data['user_id'] == $userdata['user_id']) { if ($data['user_email'] != $userdata['user_email']) { $result = dbquery("SELECT user_email FROM " . DB_USERS . " WHERE user_email='" . $data['user_email'] . "'"); if (dbrows($result) > 0) { addNotice("danger", $locale['u164'] . "<br />\n" . $locale['u121']); } else { $this->_completeMessage = $locale['u169']; } $result = dbquery("UPDATE " . DB_USERS . " SET user_email='" . $data['user_email'] . "' WHERE user_id='" . $data['user_id'] . "'"); $result = dbquery("DELETE FROM " . DB_EMAIL_VERIFY . " WHERE user_id='" . $data['user_id'] . "'"); } } else { redirect("index.php"); } } else { redirect("index.php"); } }
$result = dbquery("select * from " . DB_FAQ_CATS . " WHERE faq_cat_id='" . intval($_GET['cat_id']) . "'"); if (dbrows($result) > 0) { $data = dbarray($result); } else { redirect(FUSION_SELF . $aidlink); } } if (isset($_POST['save_cat'])) { $data = array("faq_cat_id" => form_sanitizer($_POST['faq_cat_id'], 0, "faq_cat_id"), "faq_cat_name" => form_sanitizer($_POST['faq_cat_name'], "", "faq_cat_name"), "faq_cat_description" => form_sanitizer($_POST['faq_cat_description'], "", "faq_cat_description"), "faq_cat_language" => form_sanitizer($_POST['faq_cat_language'], "", "faq_cat_language")); if (defender::safe()) { if (dbcount("(faq_cat_id)", DB_FAQ_CATS, "faq_cat_id='" . $data['faq_cat_id'] . "'")) { dbquery_insert(DB_FAQ_CATS, $data, "update"); addNotice("success", $locale['faq_0205']); } else { dbquery_insert(DB_FAQ_CATS, $data, "save"); addNotice("success", $locale['faq_0204']); } redirect(FUSION_SELF . $aidlink); } } echo openform('faqCat_form', 'post', FUSION_REQUEST, array("class" => "m-t-20")); echo form_hidden('faq_cat_id', "", $data['faq_cat_id']); echo form_text('faq_cat_name', $locale['faq_0200'], $data['faq_cat_name'], array('error_text' => $locale['faq_0201'], 'required' => 1)); echo form_text('faq_cat_description', $locale['faq_0202'], $data['faq_cat_description']); if (multilang_table("FQ")) { echo form_select("faq_cat_language", $locale['global_ML100'], $data['faq_cat_language'], array('options' => fusion_get_enabled_languages())); } else { echo form_hidden("faq_cat_language", '', LANGUAGE); } echo form_button('save_cat', $locale['faq_0203'], $locale['faq_0203'], array('class' => 'btn-primary m-t-10')); echo closeform();
if (!dbcount("(blog_cat_id)", DB_BLOG_CATS, $categoryNameCheck['when_updating'])) { dbquery_insert(DB_BLOG_CATS, $inputArray, "update"); addNotice("success", $locale['blog_0521']); // FUSION_REQUEST without the "action" gets redirect(clean_request("", array("action"), FALSE)); } else { addNotice('danger', $locale['blog_0561']); } } else { // check category name is unique when saving new if (!dbcount("(blog_cat_id)", DB_BLOG_CATS, $categoryNameCheck['when_saving'])) { dbquery_insert(DB_BLOG_CATS, $inputArray, "save"); addNotice("success", $locale['blog_0520']); redirect(FUSION_REQUEST); } else { addNotice('danger', $locale['blog_0561']); } } } } elseif (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_GET['cat_id']) && isnum($_GET['cat_id']))) { $result = dbquery("SELECT blog_cat_id, blog_cat_name, blog_cat_parent, blog_cat_image, blog_cat_language FROM " . DB_BLOG_CATS . " " . (multilang_table("BL") ? "WHERE blog_cat_language='" . LANGUAGE . "' AND" : "WHERE") . " blog_cat_id='" . intval($_GET['cat_id']) . "'"); if (dbrows($result)) { $data = dbarray($result); $data['blog_cat_hidden'] = array($data['blog_cat_id']); $formTitle = $locale['blog_0402']; } else { // FUSION_REQUEST without the "action" gets redirect(clean_request("", array("action"), FALSE)); } } add_breadcrumb(array('link' => "", 'title' => $formTitle));
$result = dbquery("select * from " . DB_FAQS . " where faq_id='" . intval($_GET['faq_id']) . "'"); if (dbrows($result) > 0) { $data = dbarray($result); } else { redirect(FUSION_SELF . $aidlink); } } if (isset($_POST['save_faq'])) { $data = array("faq_id" => form_sanitizer($_POST['faq_id'], 0, "faq_id"), "faq_cat_id" => form_sanitizer($_POST['faq_cat_id'], 0, "faq_cat_id"), "faq_question" => form_sanitizer($_POST['faq_question'], "", "faq_question"), "faq_answer" => form_sanitizer($_POST['faq_answer'], "", "faq_answer")); if (defender::safe()) { if (dbcount("(faq_id)", DB_FAQS, "faq_id='" . $data['faq_id'] . "'")) { dbquery_insert(DB_FAQS, $data, "update"); addNotice("success", $locale['faq_0306']); } else { dbquery_insert(DB_FAQS, $data, "save"); addNotice("success", $locale['faq_0305']); } // it's 15 limiter in show_faq function // 5, 10, 15. // 17/5 = 3.4*5 = 15 $total_faqs = dbcount("(faq_id)", DB_FAQS, "faq_cat_id='" . $data['faq_cat_id'] . "'"); $faq_start = $total_faqs > $show_faqs ? floor($total_faqs / $show_faqs) * $show_faqs : 0; redirect(FUSION_SELF . $aidlink . "&show_faq=" . $data['faq_cat_id'] . "&faq_start=" . $faq_start); } } $cat_opts = array(); $result2 = dbquery("SELECT faq_cat_id, faq_cat_name, faq_cat_language\n\tFROM " . DB_FAQ_CATS . " " . (multilang_table("FQ") ? "WHERE faq_cat_language='" . LANGUAGE . "'" : "") . " ORDER BY faq_cat_name"); if (dbrows($result2) != 0) { while ($data2 = dbarray($result2)) { $cat_opts[$data2['faq_cat_id']] = $data2['faq_cat_name']; }
$template_data = dbarray($template_result); if ($template_data['template_active'] == "1") { if (!sendemail_template("CONTACT", $input['subject'], $input['message'], "", $template_data['template_sender_name'], "", $template_data['template_sender_email'], $input['mailname'], $input['email'])) { $defender->stop(); addNotice('warning', $locale['425']); } } else { if (!sendemail($settings['siteusername'], $settings['siteemail'], $input['mailname'], $input['email'], $input['subject'], $input['message'])) { $defender->stop(); addNotice('warning', $locale['425']); } } } else { if (!sendemail($settings['siteusername'], $settings['siteemail'], $input['mailname'], $input['email'], $input['subject'], $input['message'])) { $defender->stop(); addNotice('warning', $locale['425']); } } opentable($locale['400']); echo "<div class='alert alert-success' style='text-align:center'><br />\n" . $locale['440'] . "<br /><br />\n" . $locale['441'] . "</div><br />\n"; closetable(); } } opentable($locale['400']); $message = str_replace("[SITE_EMAIL]", hide_email(fusion_get_settings('siteemail')), $locale['401']); $message = str_replace("[PM_LINK]", "<a href='messages.php?msg_send=1'>" . $locale['global_121'] . "</a>", $message); echo $message . "<br /><br />\n"; echo "<!--contact_pre_idx-->"; echo openform('contactform', 'post', FUSION_SELF, array('max_tokens' => 1)); echo "<div class='panel panel-default tbl-border'>\n"; echo "<div class='panel-body'>\n";
function debonair_banner_widget() { global $locale; $acceptedMode = array("edit", "new", "del"); echo "<a class='btn btn-default m-t-10 m-b-20' href='" . clean_request("slides=new", array(), false) . "'>" . $locale['debonair_0203'] . "</a>\n"; echo "<div class='alert alert-info'>" . $locale['debonair_0700'] . "</div>\n"; if (isset($_GET['slides']) && in_array($_GET['slides'], $acceptedMode)) { $_GET['id'] = isset($_GET['id']) && isnum($_GET['id']) ? $_GET['id'] : 0; $data = array(); $db_keys = fieldgenerator(DB_DEBONAIR); foreach ($db_keys as $keys) { $value = ""; if ($keys == "banner_id") { $value = 0; } if ($keys == "banner_language") { $value = LANGUAGE; } if ($keys == "banner_visibility") { $value = iGUEST; } if ($keys == "banner_datestamp") { $value = time(); } if ($keys == "banner_order") { $value = dbcount("(banner_id)", DB_DEBONAIR, "banner_language='" . LANGUAGE . "'") + 1; } $data[$keys] = $value; } if ($_GET['slides'] == "edit" || $_GET['slides'] == "del") { $data = dbarray(dbquery("select * from " . DB_DEBONAIR . " WHERE banner_id='" . intval($_GET['id']) . "'")); if ($_GET['slides'] == "del" && !empty($data)) { // process deletion if ($data['banner_image']) { unlink(THEME . "upload/" . $data['banner_image']); unlink(THEME . "upload/" . $data['banner_thumb']); } dbquery_insert(DB_DEBONAIR, $data, "delete"); addNotice("success", $locale['debonair_0217']); redirect(clean_request("", array("slides"), false)); } } if (isset($_POST['save_slide'])) { $data = array("banner_id" => form_sanitizer($_POST['banner_id'], 0, "banner_id"), "banner_subject" => form_sanitizer($_POST['banner_subject'], "", "banner_subject"), "banner_description" => form_sanitizer($_POST['banner_description'], "", "banner_description"), "banner_link" => form_sanitizer($_POST['banner_link'], "", "banner_link"), "banner_language" => form_sanitizer($_POST['banner_language'], LANGUAGE, "banner_language"), "banner_visibility" => form_sanitizer($_POST['banner_visibility'], iGUEST, "banner_visibility"), "banner_datestamp" => time()); if (defender::safe()) { $upload = form_sanitizer($_FILES['banner_image'], "", "banner_image"); if (isset($upload['error']) && !$upload['error']) { $data['banner_image'] = $upload['image_name']; $data['banner_thumb'] = $upload['thumb1']; } if ($data['banner_id'] > 0 && dbcount("(banner_id)", DB_DEBONAIR, "banner_id='" . $data['banner_id'] . "'")) { // get old data. do ordering $old_data = dbquery("select banner_image, banner_thumb, banner_order from " . DB_DEBONAIR . " where banner_id='" . $data['banner_id'] . "'"); if ($old_data['banner_image']) { unlink(THEME . "upload/" . $old_data['banner_image']); unlink(THEME . "upload/" . $old_data['banner_thumb']); } dbquery_insert(DB_DEBONAIR, $data, "update"); } else { dbquery_insert(DB_DEBONAIR, $data, "save"); } addNotice("success", $locale['debonair_0212']); redirect(clean_request("", array("slides"), false)); } } echo "<h3>" . $locale['debonair_0203'] . "</h3>\n"; echo openform("debonair_banner", "post", FUSION_REQUEST, array("enctype" => true)); echo "<div class='row'>\n"; echo "<div class='col-xs-12 col-sm-8'>\n"; openside(""); echo form_hidden("banner_id", "", $data['banner_id']); echo form_text("banner_subject", $locale['debonair_0205'], $data['banner_subject'], array("required" => true, "inline" => true, "placeholder" => $locale['debonair_0206'])); echo form_textarea("banner_description", $locale['debonair_0207'], $data['banner_subject'], array("required" => true, "inline" => true, "placeholder" => $locale['debonair_0208'], "bbcode" => true)); echo form_text("banner_link", $locale['debonair_0209'], $data['banner_subject'], array("required" => true, "inline" => true, "placeholder" => "ie. news.php?readmore=1")); closeside(); openside(""); echo form_fileinput("banner_image", $locale['debonair_0210'], $data['banner_image'] ? THEME . "upload/" . $data['banner_image'] : "", array("upload_path" => THEME . "upload/", "inline" => true, "placeholder" => $locale['debonair_0210'], "template" => "modern")); closeside(); echo "</div>\n<div class='col-xs-12 col-sm-4'>\n"; openside(""); echo form_select("banner_language", $locale['debonair_0214'], $data['banner_language'], array("options" => fusion_get_enabled_languages(), "inline" => true, "placeholder" => $locale['debonair_0206'])); echo form_select("banner_visibility", $locale['debonair_0215'], $data['banner_visibility'], array("options" => fusion_get_groups(), "inline" => true, "placeholder" => $locale['debonair_0206'])); closeside(); echo form_button("save_slide", $locale['save_changes'], "save_slide", array("class" => "btn-primary")); echo "<a class='btn btn-default m-l-10' href='" . clean_request("", array("slides"), false) . "'>" . $locale['cancel'] . "</a>\n"; echo "</div>\n</div>\n"; echo closeform(); } else { if (isset($_GET['move']) && isset($_GET['id']) && isnum($_GET['id'])) { $data = dbarray(dbquery("select banner_id, banner_order FROM " . DB_DEBONAIR . " where banner_id='" . intval($_GET['id']) . "' AND banner_language='" . LANGUAGE . "'")); if ($_GET['move'] == "md") { dbquery("UPDATE " . DB_DEBONAIR . " SET banner_order=banner_order-1 WHERE banner_order= '" . ($data['banner_order'] + 1) . "' AND banner_language='" . LANGUAGE . "'"); dbquery("UPDATE " . DB_DEBONAIR . " SET banner_order=banner_order+1 WHERE banner_id='" . $data['banner_id'] . "' AND banner_language='" . LANGUAGE . "'"); } if ($_GET['move'] == "mup") { dbquery("UPDATE " . DB_DEBONAIR . " SET banner_order=banner_order+1 WHERE banner_order= '" . ($data['banner_order'] - 1) . "' AND banner_language='" . LANGUAGE . "'"); dbquery("UPDATE " . DB_DEBONAIR . " SET banner_order=banner_order-1 WHERE banner_id='" . $data['banner_id'] . "' AND banner_language='" . LANGUAGE . "'"); } addNotice("success", $locale['debonair_0220']); redirect(clean_request("", array("move", "id"), false)); } $result = dbquery("SELECT * FROM " . DB_DEBONAIR . " WHERE banner_language='" . LANGUAGE . "' order by banner_order ASC"); if (dbrows($result) > 0) { echo "<table class='table table-striped'>\n"; echo "<tr>\n\n\t\t<th>" . $locale['debonair_0205'] . "</th>\n\t\t<th>" . $locale['debonair_0210'] . "</th>\n\t\t<th>" . $locale['debonair_0214'] . "</th>\n<th>" . $locale['debonair_0215'] . "</th>\n\t\t<th>" . $locale['debonair_0211'] . "</th>\n\t\t<th>" . $locale['debonair_0216'] . "</th></tr>"; while ($data = dbarray($result)) { echo "\n\t\t\t<tr>\n\n\t\t\t<td><a href='" . clean_request("slides=edit&id=" . $data['banner_id'], array(), false) . "'>" . $data['banner_subject'] . "</a></td>\n\n\t\t\t<td>" . ($data['banner_image'] ? $locale['yes'] : $locale['no']) . "</td>\n\n\t\t\t<td>" . $data['banner_language'] . "</td>\n\n\t\t\t<td>" . getgroupname($data['banner_visibility']) . "</td>\n"; echo "<td>\n"; if ($data['banner_order'] == 1) { echo "<a href='" . clean_request("move=md&id=" . $data['banner_id'], array(), false) . "'>" . $locale['debonair_0219'] . "</a>"; } elseif ($data['banner_order'] == dbrows($result)) { echo "<a href='" . clean_request("move=mup&id=" . $data['banner_id'], array(), false) . "'>" . $locale['debonair_0218'] . "</a>"; } else { echo "<a href='" . clean_request("move=mup&id=" . $data['banner_id'], array(), false) . "'>" . $locale['debonair_0218'] . "</a> - "; echo "<a href='" . clean_request("move=md&id=" . $data['banner_id'], array(), false) . "'>" . $locale['debonair_0219'] . "</a>"; } echo "</td>\n\n\t\t\t<td>\n\t\t\t<a href='" . clean_request("slides=edit&id=" . $data['banner_id'], array(), false) . "'>" . $locale['edit'] . "</a>\n\t\t\t- <a href='" . clean_request("slides=del&id=" . $data['banner_id'], array(), false) . "'>" . $locale['delete'] . "</a>\n\t\t\t</td>\n\t\t\t</tr>\n\n\t\t\t"; } echo "</table>\n"; } else { echo "<div class='well text-center'>" . $locale['debonair_0213'] . "</div>\n"; } } }
$criteriaArray['news_image'] = $upload['image_name']; $criteriaArray['news_image_t1'] = $upload['thumb1_name']; $criteriaArray['news_image_t2'] = $upload['thumb2_name']; $criteriaArray['news_ialign'] = isset($_POST['news_ialign']) ? form_sanitizer($_POST['news_ialign'], "pull-left", "news_ialign") : "pull-left"; } else { $criteriaArray['news_image'] = isset($_POST['news_image']) ? $_POST['news_image'] : ""; $criteriaArray['news_image_t1'] = isset($_POST['news_image_t1']) ? $_POST['news_image_t1'] : ""; $criteriaArray['news_image_t2'] = isset($_POST['news_image_t2']) ? $_POST['news_image_t2'] : ""; $criteriaArray['news_ialign'] = isset($_POST['news_ialign']) ? form_sanitizer($_POST['news_ialign'], "pull-left", "news_ialign") : "pull-left"; } } } if (defender::safe()) { $inputArray = array("submit_type" => "n", "submit_user" => $userdata['user_id'], "submit_datestamp" => time(), "submit_criteria" => addslashes(serialize($criteriaArray))); dbquery_insert(DB_SUBMISSIONS, $inputArray, "save"); addNotice("success", $locale['news_0701']); redirect(clean_request("submitted=n", array("stype"), TRUE)); } } if (isset($_GET['submitted']) && $_GET['submitted'] == "n") { add_to_title($locale['global_200'] . $locale['news_0400']); echo "<div class='well text-center'><p><strong>" . $locale['news_0701'] . "</strong></p>"; echo "<p><a href='submit.php?stype=n'>" . $locale['news_0702'] . "</a></p>"; echo "<p><a href='index.php'>" . str_replace("[SITENAME]", fusion_get_settings("sitename"), $locale['news_0704']) . "</a></p>\n"; echo "</div>\n"; } else { // Preview if (isset($_POST['preview_news'])) { $news_snippet = ""; if ($_POST['news_news']) { $news_snippet = parse_textarea($_POST['news_news']);
$data['album_thumb1'] = form_sanitizer(isset($_POST['album_thumb1']) ? $_POST['album_thumb1'] : "", "", "album_thumb1"); } } } if (defender::safe()) { if (dbcount("(album_id)", DB_PHOTO_ALBUMS, "album_id='" . intval($data['album_id']) . "'")) { // update album $result = dbquery_order(DB_PHOTO_ALBUMS, $data['album_order'], 'album_order', $data['album_id'], 'album_id', FALSE, FALSE, TRUE, 'album_language', 'update'); dbquery_insert(DB_PHOTO_ALBUMS, $data, "update"); addNotice('success', $locale['album_0013']); redirect(FUSION_SELF . $aidlink); } else { // create album $result = dbquery_order(DB_PHOTO_ALBUMS, $data['album_order'], 'album_order', 0, "album_id", FALSE, FALSE, TRUE, 'album_language', 'save'); dbquery_insert(DB_PHOTO_ALBUMS, $data, "save"); addNotice('success', $locale['album_0014']); redirect(FUSION_SELF . $aidlink); } } } // callback if ($album_edit) { $result = dbquery("SELECT * FROM " . DB_PHOTO_ALBUMS . " WHERE album_id='" . intval($_GET['cat_id']) . "'"); if (dbrows($result) > 0) { $data = dbarray($result); } } // edit features - add more in roadmap. // add features to purge all album photos and it's administration // add features to move all album photos to another album. echo openform('albumform', 'post', FUSION_REQUEST, array('enctype' => TRUE, 'class' => 'm-t-20'));
if (file_exists(INFUSIONS . "articles/locale/" . LOCALESET . "articles_admin.php")) { include INFUSIONS . "articles/locale/" . LOCALESET . "articles_admin.php"; } else { include INFUSIONS . "articles/locale/English/articles_admin.php"; } opentable("<i class='fa fa-commenting-o fa-lg m-r-10'></i>" . $locale['articles_0060']); if (iMEMBER && $article_settings['article_allow_submission'] && ($cat_exist = dbcount("(article_cat_id)", DB_ARTICLE_CATS, multilang_table("AR") ? "article_cat_language='" . LANGUAGE . "'" : ""))) { $criteriaArray = array("article_subject" => "", "article_cat" => 0, "article_snippet" => "", "article_article" => "", "article_language" => LANGUAGE, "article_keywords" => ""); if (isset($_POST['submit_article'])) { $submit_info['article_snippet'] = nl2br(parseubb(stripinput($_POST['article_snippet']))); $submit_info['article_article'] = nl2br(parseubb(stripinput($_POST['article_article']))); $criteriaArray = array("article_subject" => form_sanitizer($_POST['article_subject'], "", "article_subject"), "article_cat" => form_sanitizer($_POST['article_cat'], "", "article_cat"), "article_snippet" => form_sanitizer($submit_info['article_snippet'], "", "article_snippet"), "article_article" => form_sanitizer($submit_info['article_article'], "", "article_article"), "article_language" => form_sanitizer($_POST['article_language'], "", "article_language"), "article_keywords" => form_sanitizer($_POST['article_keywords'], "", "article_keywords")); if (defender::safe()) { $inputArray = array("submit_type" => "a", "submit_user" => $userdata['user_id'], "submit_datestamp" => time(), "submit_criteria" => addslashes(serialize($criteriaArray))); dbquery_insert(DB_SUBMISSIONS, $inputArray, "save"); addNotice("success", $locale['articles_0061']); redirect(clean_request("submitted=a", array("stype"), TRUE)); } } if (isset($_GET['submitted']) && $_GET['submitted'] == "a") { add_to_title($locale['global_200'] . $locale['articles_0040']); echo "<div class='well text-center'><p><strong>" . $locale['articles_0061'] . "</strong></p>"; echo "<p><a href='submit.php?stype=a'>" . $locale['articles_0062'] . "</a></p>"; echo "<p><a href='index.php'>" . str_replace("[SITENAME]", fusion_get_settings("sitename"), $locale['articles_0064']) . "</a></p>\n"; echo "</div>\n"; } else { // Preview if (isset($_POST['preview_article'])) { $article_snippet = ""; if ($_POST['article_snippet']) { $article_snippet = str_replace("src='" . str_replace("../", "", IMAGES_A), "src='" . IMAGES_A, parseubb(stripslashes($_POST['article_snippet'])));
/** * Display Forum Form */ public function display_forum_form() { require_once INCLUDES . 'photo_functions_include.php'; require_once INCLUDES . 'infusions_include.php'; $forum_settings = $this->get_forum_settings(); $language_opts = fusion_get_enabled_languages(); add_breadcrumb(array('link' => '', 'title' => self::$locale['forum_001'])); if (!isset($_GET['action']) && $_GET['parent_id']) { $data['forum_cat'] = $_GET['parent_id']; } $type_opts = array('1' => self::$locale['forum_opts_001'], '2' => self::$locale['forum_opts_002'], '3' => self::$locale['forum_opts_003'], '4' => self::$locale['forum_opts_004']); $forum_image_path = FORUM . "images/"; if (isset($_POST['remove_image']) && isset($_POST['forum_id'])) { $data['forum_id'] = form_sanitizer($_POST['forum_id'], '', 'forum_id'); if ($data['forum_id']) { $data = self::get_forum($data['forum_id']); if (!empty($data)) { $forum_image = $forum_image_path . $data['forum_image']; if (!empty($data['forum_image']) && file_exists($forum_image) && !is_dir($forum_image)) { @unlink($forum_image); $data['forum_image'] = ''; } dbquery_insert(DB_FORUMS, $data, 'update'); addNotice('success', self::$locale['forum_notice_8']); redirect(FUSION_REQUEST); } } } opentable(self::$locale['forum_001']); echo openform('inputform', 'post', FUSION_REQUEST, array('enctype' => 1)); echo "<div class='row'>\n<div class='col-xs-12 col-sm-8 col-md-8 col-lg-8'>\n"; echo form_text('forum_name', self::$locale['forum_006'], $this->data['forum_name'], array('required' => 1, 'error_text' => self::$locale['forum_error_1'])) . form_textarea('forum_description', self::$locale['forum_007'], $this->data['forum_description'], array('autosize' => 1, 'type' => 'bbcode', 'form_name' => 'inputform', 'preview' => TRUE)) . form_text('forum_alias', self::$locale['forum_011'], $this->data['forum_alias']); echo "</div><div class='col-xs-12 col-sm-4 col-md-4 col-lg-4'>\n"; openside(''); $self_id = $this->data['forum_id'] ? $this->data['forum_id'] : ''; echo form_select_tree('forum_cat', self::$locale['forum_008'], $this->data['forum_cat'], array('add_parent_opts' => 1, 'disable_opts' => $self_id, 'hide_disabled' => 1), DB_FORUMS, 'forum_name', 'forum_id', 'forum_cat', $self_id) . form_select('forum_type', self::$locale['forum_009'], $this->data['forum_type'], array("options" => $type_opts)) . form_select('forum_language', self::$locale['forum_010'], $this->data['forum_language'], array("options" => $language_opts)) . form_text('forum_order', self::$locale['forum_043'], $this->data['forum_order'], array('number' => 1)) . form_button('save_forum', $this->data['forum_id'] ? self::$locale['forum_000a'] : self::$locale['forum_000'], self::$locale['forum_000'], array('class' => 'btn btn-sm btn-success')); closeside(); echo "</div>\n</div>\n"; echo "<div class='row'>\n<div class='col-xs-12 col-sm-8 col-md-8 col-lg-8'>\n"; echo form_select('forum_meta', self::$locale['forum_012'], $this->data['forum_meta'], array('tags' => 1, 'multiple' => 1, 'width' => '100%')); if ($this->data['forum_image'] && file_exists(FORUM . "images/" . $this->data['forum_image'])) { openside(); echo "<div class='pull-left m-r-10'>\n"; echo thumbnail(FORUM . "images/" . $this->data['forum_image'], '80px', '80px'); echo "</div>\n<div class='overflow-hide'>\n"; echo "<span class='strong'>" . self::$locale['forum_013'] . "</span><br/>\n"; $image_size = @getimagesize(FORUM . "images/" . $this->data['forum_image']); echo "<span class='text-smaller'>" . sprintf(self::$locale['forum_027'], $image_size[0], $image_size[1]) . "</span><br/>"; echo form_hidden('forum_image', '', $this->data['forum_image']); echo form_button('remove_image', self::$locale['forum_028'], self::$locale['forum_028'], array('class' => 'btn-danger btn-sm m-t-10', 'icon' => 'fa fa-trash')); echo "</div>\n"; closeside(); } else { $tab_title['title'][] = self::$locale['forum_013']; $tab_title['id'][] = 'fir'; $tab_title['icon'][] = ''; $tab_title['title'][] = self::$locale['forum_014']; $tab_title['id'][] = 'ful'; $tab_title['icon'][] = ''; $tab_active = tab_active($tab_title, 0); echo opentab($tab_title, $tab_active, 'forum-image-tab', FALSE, "m-t-20 m-b-20"); // Upload Image echo opentabbody($tab_title['title'][0], 'fir', $tab_active); echo "<span class='display-inline-block m-t-10 m-b-10'>" . sprintf(self::$locale['forum_015'], parsebytesize($forum_settings['forum_attachmax'])) . "</span>\n"; $fileOptions = array("upload_path" => $forum_image_path, "thumbnail" => TRUE, "thumbnail_folder" => $forum_image_path, "type" => "image", "delete_original" => TRUE, "max_count" => $forum_settings['forum_attachmax']); echo form_fileinput('forum_image', "", '', $fileOptions); echo closetabbody(); // Upload image via Web Address echo opentabbody($tab_title['title'][1], 'ful', $tab_active); echo "<span class='display-inline-block m-t-10 m-b-10'>" . self::$locale['forum_016'] . "</strong></span>\n"; $header_opts = array('0' => 'Local Server', '1' => 'URL'); echo form_select('forum_image_header', self::$locale['forum_056'], '', array('inline' => TRUE, 'options' => $header_opts)); echo form_text('forum_image_url', self::$locale['forum_014'], '', array('placeholder' => 'images/forum/', 'inline' => TRUE)); echo closetabbody(); echo closetab(); } echo form_textarea('forum_rules', self::$locale['forum_017'], $this->data['forum_rules'], array('autosize' => 1, 'bbcode' => 1)); echo "</div><div class='col-xs-12 col-sm-4 col-md-4 col-lg-4'>\n"; openside(''); // need to get parent category echo form_select_tree('forum_permissions', self::$locale['forum_025'], $this->data['forum_branch'], array('no_root' => 1, 'deactivate' => $this->data['forum_id'] ? TRUE : FALSE), DB_FORUMS, 'forum_name', 'forum_id', 'forum_cat'); if ($this->data['forum_id']) { echo form_button('jp_forum', self::$locale['forum_029'], self::$locale['forum_029'], array('class' => 'btn-sm btn-default m-r-10')); } closeside(); openside(''); echo form_checkbox('forum_lock', self::$locale['forum_026'], $this->data['forum_lock'], array("reverse_label" => TRUE)) . form_checkbox('forum_users', self::$locale['forum_024'], $this->data['forum_users'], array("reverse_label" => TRUE)) . form_checkbox('forum_quick_edit', self::$locale['forum_021'], $this->data['forum_quick_edit'], array("reverse_label" => TRUE)) . form_checkbox('forum_merge', self::$locale['forum_019'], $this->data['forum_merge'], array("reverse_label" => TRUE)) . form_checkbox('forum_allow_attach', self::$locale['forum_020'], $this->data['forum_allow_attach'], array("reverse_label" => TRUE)) . form_checkbox('forum_allow_poll', self::$locale['forum_022'], $this->data['forum_allow_poll'], array("reverse_label" => TRUE)) . form_hidden('forum_id', '', $this->data['forum_id']) . form_hidden('forum_branch', '', $this->data['forum_branch']); closeside(); echo "</div>\n</div>\n"; echo form_button('save_forum', $this->data['forum_id'] ? self::$locale['forum_000a'] : self::$locale['forum_000'], self::$locale['forum_000'], array('class' => 'btn-sm btn-success')); echo closeform(); closetable(); }
protected function verify_image_upload() { $locale = fusion_get_locale(); require_once INCLUDES . "infusions_include.php"; if ($this->field_config['multiple']) { $target_folder = $this->field_config['path']; $target_width = $this->field_config['max_width']; $target_height = $this->field_config['max_height']; $max_size = $this->field_config['max_byte']; $delete_original = $this->field_config['delete_original']; $thumb1 = $this->field_config['thumbnail']; $thumb2 = $this->field_config['thumbnail2']; $thumb1_ratio = 1; $thumb1_folder = $this->field_config['path'] . $this->field_config['thumbnail_folder'] . "/"; $thumb1_suffix = $this->field_config['thumbnail_suffix']; $thumb1_width = $this->field_config['thumbnail_w']; $thumb1_height = $this->field_config['thumbnail_h']; $thumb2_ratio = 0; $thumb2_folder = $this->field_config['path'] . $this->field_config['thumbnail_folder'] . "/"; $thumb2_suffix = $this->field_config['thumbnail2_suffix']; $thumb2_width = $this->field_config['thumbnail2_w']; $thumb2_height = $this->field_config['thumbnail2_h']; $query = ''; if (!empty($_FILES[$this->field_config['input_name']]['name']) && is_uploaded_file($_FILES[$this->field_config['input_name']]['tmp_name'][0]) && $this->safe()) { $result = array(); for ($i = 0; $i <= count($_FILES[$this->field_config['input_name']]['name']) - 1; $i++) { if (is_uploaded_file($_FILES[$this->field_config['input_name']]['tmp_name'][$i])) { $image = $_FILES[$this->field_config['input_name']]; $target_name = $_FILES[$this->field_config['input_name']]['name'][$i]; if ($target_name != "" && !preg_match("/[^a-zA-Z0-9_-]/", $target_name)) { $image_name = $target_name; } else { $image_name = stripfilename(substr($image['name'][$i], 0, strrpos($image['name'][$i], "."))); } $image_ext = strtolower(strrchr($image['name'][$i], ".")); $image_res = array(); if (filesize($image['tmp_name'][$i]) > 10 && @getimagesize($image['tmp_name'][$i])) { $image_res = @getimagesize($image['tmp_name'][$i]); } $image_info = array("image" => FALSE, "image_name" => $image_name . $image_ext, "image_ext" => $image_ext, "image_size" => $image['size'], "image_width" => $image_res[0], "image_height" => $image_res[1], "thumb1" => FALSE, "thumb1_name" => "", "thumb2" => FALSE, "thumb2_name" => "", "error" => 0); if ($image_ext == ".gif") { $filetype = 1; } elseif ($image_ext == ".jpg") { $filetype = 2; } elseif ($image_ext == ".png") { $filetype = 3; } else { $filetype = FALSE; } if ($image['size'][$i] > $max_size) { // Invalid file size $image_info['error'] = 1; } elseif (!$filetype || !verify_image($image['tmp_name'][$i])) { // Unsupported image type $image_info['error'] = 2; } elseif ($image_res[0] > $target_width || $image_res[1] > $target_height) { // Invalid image resolution $image_info['error'] = 3; } else { if (!file_exists($target_folder)) { mkdir($target_folder, 0755); } $image_name_full = filename_exists($target_folder, $image_name . $image_ext); $image_name = substr($image_name_full, 0, strrpos($image_name_full, ".")); $image_info['image_name'] = $image_name_full; $image_info['image'] = TRUE; move_uploaded_file($image['tmp_name'][$i], $target_folder . $image_name_full); if (function_exists("chmod")) { chmod($target_folder . $image_name_full, 0755); } if ($query && !dbquery($query)) { // Invalid query string $image_info['error'] = 4; if (file_exists($target_folder . $image_name_full)) { @unlink($target_folder . $image_name_full); } } elseif ($thumb1 || $thumb2) { require_once INCLUDES . "photo_functions_include.php"; $noThumb = FALSE; if ($thumb1) { if ($image_res[0] <= $thumb1_width && $image_res[1] <= $thumb1_height) { $noThumb = TRUE; $image_info['thumb1_name'] = $image_info['image_name']; $image_info['thumb1'] = TRUE; } else { if (!file_exists($thumb1_folder)) { mkdir($thumb1_folder, 0755, TRUE); } $image_name_t1 = filename_exists($thumb1_folder, $image_name . $thumb1_suffix . $image_ext); $image_info['thumb1_name'] = $image_name_t1; $image_info['thumb1'] = TRUE; if ($thumb1_ratio == 0) { createthumbnail($filetype, $target_folder . $image_name_full, $thumb1_folder . $image_name_t1, $thumb1_width, $thumb1_height); } else { createsquarethumbnail($filetype, $target_folder . $image_name_full, $thumb1_folder . $image_name_t1, $thumb1_width); } } } if ($thumb2) { if ($image_res[0] < $thumb2_width && $image_res[1] < $thumb2_height) { $noThumb = TRUE; $image_info['thumb2_name'] = $image_info['image_name']; $image_info['thumb2'] = TRUE; } else { if (!file_exists($thumb2_folder)) { mkdir($thumb2_folder, 0755, TRUE); } $image_name_t2 = filename_exists($thumb2_folder, $image_name . $thumb2_suffix . $image_ext); $image_info['thumb2_name'] = $image_name_t2; $image_info['thumb2'] = TRUE; if ($thumb2_ratio == 0) { createthumbnail($filetype, $target_folder . $image_name_full, $thumb2_folder . $image_name_t2, $thumb2_width, $thumb2_height); } else { createsquarethumbnail($filetype, $target_folder . $image_name_full, $thumb2_folder . $image_name_t2, $thumb2_width); } } } if ($delete_original && !$noThumb) { unlink($target_folder . $image_name_full); $image_info['image'] = FALSE; } } } } else { $image_info = array("error" => 5); } if ($image_info['error'] != 0) { $this->stop(); // return FALSE if possible switch ($image_info['error']) { case 1: // Invalid file size addNotice('danger', sprintf($locale['df_416'], parsebytesize($this->field_config['max_byte']))); self::setInputError($this->field_name); break; case 2: // Unsupported image type addNotice('danger', sprintf($locale['df_417'], ".gif .jpg .png")); self::setInputError($this->field_name); break; case 3: // Invalid image resolution addNotice('danger', sprintf($locale['df_421'], $this->field_config['max_width'], $this->field_config['max_height'])); self::setInputError($this->field_name); break; case 4: // Invalid query string addNotice('danger', $locale['df_422']); self::setInputError($this->field_name); break; case 5: // Image not uploaded addNotice('danger', $locale['df_423']); self::setInputError($this->field_name); break; } $result[$i] = $image_info; } else { $result[$i] = $image_info; } } // end for return $result; } else { return array(); } } else { if (!empty($_FILES[$this->field_config['input_name']]['name']) && is_uploaded_file($_FILES[$this->field_config['input_name']]['tmp_name']) && $this->safe()) { $upload = upload_image($this->field_config['input_name'], $_FILES[$this->field_config['input_name']]['name'], $this->field_config['path'], $this->field_config['max_width'], $this->field_config['max_height'], $this->field_config['max_byte'], $this->field_config['delete_original'], $this->field_config['thumbnail'], $this->field_config['thumbnail2'], 1, $this->field_config['path'] . $this->field_config['thumbnail_folder'] . "/", $this->field_config['thumbnail_suffix'], $this->field_config['thumbnail_w'], $this->field_config['thumbnail_h'], 0, $this->field_config['path'] . $this->field_config['thumbnail_folder'] . "/", $this->field_config['thumbnail2_suffix'], $this->field_config['thumbnail2_w'], $this->field_config['thumbnail2_h']); if ($upload['error'] != 0) { $this->stop(); switch ($upload['error']) { case 1: // Invalid file size addNotice('danger', sprintf($locale['df_416'], parsebytesize($this->field_config['max_byte']))); self::setInputError($this->field_name); break; case 2: // Unsupported image type addNotice('danger', sprintf($locale['df_417'], ".gif .jpg .png")); self::setInputError($this->field_name); break; case 3: // Invalid image resolution addNotice('danger', sprintf($locale['df_421'], $this->field_config['max_width'], $this->field_config['max_height'])); self::setInputError($this->field_name); break; case 4: // Invalid query string addNotice('danger', $locale['df_422']); self::setInputError($this->field_name); break; case 5: // Image not uploaded addNotice('danger', $locale['df_423']); self::setInputError($this->field_name); break; } return $upload; } else { return $upload; } } else { return array(); } } }
dbquery_insert(DB_PHOTO_ALBUMS, $albumData, "delete"); addNotice("success", $locale['album_0030']); redirect(FUSION_SELF . $aidlink); } } } // delete photo if (isset($_GET['action']) && $_GET['action'] == "delete" && isset($_GET['photo_id']) && isnum($_GET['photo_id'])) { if (dbcount("(photo_id)", DB_PHOTOS, "photo_id='" . intval($_GET['photo_id']) . "'")) { $photo_data = dbarray(dbquery("select photo_id, photo_title, photo_filename, photo_thumb1, photo_thumb2 FROM " . DB_PHOTOS . "\n\t\twhere photo_id='" . intval($_GET['photo_id']) . "'\n\t\t")); purgePhotoImage($photo_data); dbquery("delete from " . DB_COMMENTS . " where comment_item_id='" . intval($photo_data['photo_id']) . "' and comment_type='P'"); dbquery("delete from " . DB_RATINGS . " where rating_item_id='" . intval($photo_data['photo_id']) . "' and rating_type='P'"); dbquery_order(DB_PHOTOS, $photo_data['photo_order'], "photo_order", $photo_data['photo_id'], "photo_id", $photo_data['album_id'], "album_id", FALSE, FALSE, "delete"); dbquery_insert(DB_PHOTOS, $photo_data, 'delete'); addNotice("success", $locale['photo_0024']); redirect(clean_request("", array("aid", "album_id"), TRUE)); } } // purge photos if (isset($_GET['action']) && $_GET['action'] == "purge" && isset($_GET['cat_id']) && isnum($_GET['cat_id'])) { $result = dbquery("select * from " . DB_PHOTO_ALBUMS . " where album_id='" . intval($_GET['cat_id']) . "'"); if (dbrows($result) > 0) { // album verified $albumData = dbarray($result); $photoResult = dbquery("select photo_id, photo_filename, photo_thumb1, photo_thumb2\n\t\tfrom " . DB_PHOTOS . " where album_id='" . intval($_GET['cat_id']) . "'"); if (dbrows($photoResult) > 0) { if (!isset($_POST['purge_confirm'])) { echo $locale['photo_0026'] . "<br/><br/>\n"; echo openform("purgephotos", "post", FUSION_REQUEST); echo form_button("purge_confirm", $locale['photo_0027'], $locale['photo_0027'], array("class" => "btn-danger m-r-10"));
add_breadcrumb(array("link" => "", "title" => $faqCat_edit ? $locale['faq_0102d'] : $locale['faq_0102'])); include "admin/faq_cats.php"; break; case "faqs": add_breadcrumb(array("link" => "", "title" => $faq_edit ? $locale['faq_0102c'] : $locale['faq_0102b'])); include "admin/faqs.php"; break; default: faq_listing(); } echo closetab(); closetable(); if (isset($_GET['action']) && $_GET['action'] == "delete" && (isset($_GET['faq_id']) && isnum($_GET['faq_id'])) && (isset($_GET['t']) && $_GET['t'] == "faq")) { $faq_count = dbcount("(faq_id)", DB_FAQS, "faq_id='" . $_GET['faq_id'] . "'"); $result = dbquery("DELETE FROM " . DB_FAQS . " WHERE faq_id='" . $_GET['faq_id'] . "'"); addNotice('warning', $locale['512']); if ($faq_count) { redirect(FUSION_SELF . $aidlink . "&faq_cat_id=" . intval($_GET['faq_cat_id'])); } else { redirect(FUSION_SELF . $aidlink . "&status=del"); } } require_once THEMES . "templates/footer.php"; function faq_listing() { global $locale, $aidlink, $show_faqs; $total_cat_count = dbcount("(faq_cat_id)", DB_FAQ_CATS, multilang_table("FQ") ? "faq_cat_language='" . LANGUAGE . "'" : ""); $_GET['show_faq'] = isset($_GET['show_faq']) && isnum($_GET['show_faq']) ? $_GET['show_faq'] : 0; $_GET['rowstart'] = isset($_GET['rowstart']) && isnum($_GET['rowstart']) && $_GET['rowstart'] <= $total_cat_count ? $_GET['rowstart'] : 0; $result = dbquery("SELECT fc.faq_cat_id, fc.faq_cat_name,\n\tcount(faq_id) 'faq_count'\n\tFROM " . DB_FAQ_CATS . " fc\n\tleft join " . DB_FAQS . " f using (faq_cat_id)\n\t" . (multilang_table("FQ") ? "WHERE fc.faq_cat_language='" . LANGUAGE . "'" : "") . "\n\tgroup by fc.faq_cat_id\n\tORDER BY fc.faq_cat_name\n\tlimit " . intval($_GET['rowstart']) . ", " . intval($show_faqs) . "\n\t"); $cat_rows = dbrows($result);
if (!empty($data['blog_image_t2']) && file_exists(IMAGES_B_T . $data['blog_image_t2'])) { unlink(IMAGES_B_T . $data['blog_image_t2']); } $data['blog_image'] = ""; $data['blog_image_t1'] = ""; $data['blog_image_t2'] = ""; } if (defender::safe()) { if (dbcount("('blog_id')", DB_BLOG, "blog_id='" . $data['blog_id'] . "'")) { dbquery_insert(DB_BLOG, $data, 'update'); addNotice('success', $locale['blog_0411']); redirect(FUSION_SELF . $aidlink); } else { $data['blog_name'] = $userdata['user_id']; dbquery_insert(DB_BLOG, $data, 'save'); addNotice('success', $locale['blog_0410']); redirect(FUSION_SELF . $aidlink); } } } elseif (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_POST['blog_id']) && isnum($_POST['blog_id'])) || isset($_GET['blog_id']) && isnum($_GET['blog_id'])) { $result = dbquery("SELECT * FROM " . DB_BLOG . " WHERE blog_id='" . (isset($_POST['blog_id']) ? $_POST['blog_id'] : $_GET['blog_id']) . "'"); if (dbrows($result)) { $data = dbarray($result); } else { redirect(FUSION_SELF . $aidlink); } } if (isset($_POST['preview'])) { $blog_blog = ""; if ($_POST['blog_blog']) { $blog_blog = str_replace("src='" . str_replace("../", "", IMAGES_B), "src='" . IMAGES_B, stripslashes($_POST['blog_blog']));
$result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (isnum($_POST['enable_terms']) ? $_POST['enable_terms'] : "0") . "' WHERE settings_name='enable_terms'"); if (!$result) { $error = 1; } $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='{$license_agreement}' WHERE settings_name='license_agreement'"); if (!$result) { $error = 1; } $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='{$license_lastupdate}' WHERE settings_name='license_lastupdate'"); if (!$result) { $error = 1; } if ($error) { addNotice('danger', $locale['901']); } else { addNotice('success', $locale['900']); } redirect(FUSION_SELF . $aidlink); } opentable($locale['register_settings']); echo openform('settingsform', 'post', FUSION_SELF . $aidlink, array('max_tokens' => 1)); $opts = array('1' => $locale['yes'], '0' => $locale['no']); echo "<div class='well'>" . $locale['register_description'] . "</div>\n"; echo "<div class='row'>\n"; echo "<div class='col-xs-12 col-sm-8'>\n"; openside(''); echo form_select('enable_terms', $locale['558'], $settings2['enable_terms'], array("options" => $opts)); echo form_textarea('license_agreement', $locale['559'], $settings2['license_agreement'], array('form_name' => 'settingsform', 'input_id' => 'enable_license_agreement', 'autosize' => !$settings['tinymce_enabled'], 'html' => !$settings['tinymce_enabled'])); closeside(); echo "</div><div class='col-xs-12 col-sm-4'>\n"; openside('');
$error = ""; $image_types = array(".gif", ".GIF", ".jpeg", ".JPEG", ".jpg", ".JPG", ".png", ".PNG"); $imgext = strrchr(strtolower($_FILES['myfile']['name']), "."); $imgname = stripfilename(strtolower(substr($_FILES['myfile']['name'], 0, strrpos($_FILES['myfile']['name'], ".")))); $imgsize = $_FILES['myfile']['size']; $imgtemp = $_FILES['myfile']['tmp_name']; if (!in_array($imgext, $image_types)) { addNotice('success', $locale['420']); redirect(FUSION_SELF . $aidlink . "&ifolder=" . $_GET['ifolder']); } elseif (is_uploaded_file($imgtemp)) { move_uploaded_file($imgtemp, $afolder . $imgname . $imgext); @chmod($afolder . $imgname . $imgext, 0644); if ($settings['tinymce_enabled'] == 1) { include INCLUDES . "buildlist.php"; } addNotice('success', $locale['420']); redirect(FUSION_SELF . $aidlink . "&ifolder=" . $_GET['ifolder'] . "&img=" . $imgname . $imgext); } } else { opentable($locale['420']); add_breadcrumb(array('link' => ADMIN . "images.php" . $aidlink, 'title' => $locale['420'])); echo openform('uploadform', 'post', "" . FUSION_SELF . $aidlink . "&ifolder=" . $_GET['ifolder'] . "", array('enctype' => 1, 'max_tokens' => 1)); echo "<table cellpadding='0' cellspacing='0' class='table table-responsive center'>\n<tr>\n"; echo "<td width='80' class='tbl'><label for='myfile'>" . $locale['421'] . "</label></td>\n"; echo "<td class='tbl'><input type='file' id='myfile' name='myfile' class='textbox' style='width:250px;' /></td>\n"; echo "</tr>\n<tr>\n"; echo "<td align='center' colspan='2' class='tbl'>\n"; echo form_button('uploadimage', $locale['420'], $locale['420'], array('class' => 'btn-primary')); echo "</td>\n</tr>\n</table>\n</form>\n"; closetable(); echo "<hr />\n";