} else {
if ($ids = dimplode($_GET['delete'])) {
C::t('common_admincp_cmenu')->delete($_GET['delete'], $_G['uid']);
}
if (is_array($_GET['titlenew'])) {
foreach ($_GET['titlenew'] as $id => $title) {
$_GET['urlnew'][$id] = rawurlencode($_GET['urlnew'][$id]);
$title = dhtmlspecialchars($_GET['langnew'][$id] && cplang($_GET['langnew'][$id], false) ? $_GET['langnew'][$id] : $title);
$ordernew = intval($_GET['displayordernew'][$id]);
C::t('common_admincp_cmenu')->update($id, array('title' => $title, 'displayorder' => $ordernew, 'url' => dhtmlspecialchars($_GET['urlnew'][$id])));
}
}
if (is_array($_GET['newtitle'])) {
foreach ($_GET['newtitle'] as $k => $v) {
$_GET['urlnew'][$k] = rawurlencode($_GET['urlnew'][$k]);
C::t('common_admincp_cmenu')->insert(array('title' => dhtmlspecialchars($v), 'displayorder' => intval($_GET['newdisplayorder'][$k]), 'url' => dhtmlspecialchars($_GET['newurl'][$k]), 'sort' => 1, 'uid' => $_G['uid']));
}
}
updatemenu('index');
cpmsg('custommenu_edit_succeed', 'action=misc&operation=custommenu', 'succeed');
}
} elseif ($do == 'add') {
if ($_GET['title'] && $_GET['url']) {
admincustom($_GET['title'], dhtmlspecialchars($_GET['url']), 1);
updatemenu('index');
cpmsg('custommenu_add_succeed', rawurldecode($_GET['url']), 'succeed', array('title' => cplang($_GET['title'])));
} else {
cpmsg('parameters_error', '', 'error');
}
}
}
} else {
if ($ids = dimplode($_G['gp_delete'])) {
DB::query("DELETE FROM " . DB::table('common_admincp_cmenu') . " WHERE id IN ({$ids}) AND uid='{$_G['uid']}'");
}
if (is_array($_G['gp_titlenew'])) {
foreach ($_G['gp_titlenew'] as $id => $title) {
$_G['gp_urlnew'][$id] = rawurlencode($_G['gp_urlnew'][$id]);
$title = dhtmlspecialchars($_G['gp_langnew'][$id] && lang($_G['gp_langnew'][$id], false) ? $_G['gp_langnew'][$id] : $title);
$ordernew = intval($_G['gp_displayordernew'][$id]);
DB::query("UPDATE " . DB::table('common_admincp_cmenu') . " SET title='{$title}', displayorder='{$ordernew}', url='" . dhtmlspecialchars($_G['gp_urlnew'][$id]) . "' WHERE id='{$id}'");
}
}
if (is_array($_G['gp_newtitle'])) {
foreach ($_G['gp_newtitle'] as $k => $v) {
$_G['gp_urlnew'][$k] = rawurlencode($_G['gp_urlnew'][$k]);
DB::query("INSERT INTO " . DB::table('common_admincp_cmenu') . " (title, displayorder, url, sort, uid) VALUES ('" . dhtmlspecialchars($v) . "', '" . intval($_G['gp_newdisplayorder'][$k]) . "', '" . dhtmlspecialchars($_G['gp_newurl'][$k]) . "', '1', '{$_G['uid']}')");
}
}
updatemenu('index');
cpmsg('custommenu_edit_succeed', 'action=misc&operation=custommenu', 'succeed');
}
} elseif ($do == 'add') {
if ($_G['gp_title'] && $_G['gp_url']) {
admincustom($_G['gp_title'], dhtmlspecialchars($_G['gp_url']), 1);
updatemenu('index');
cpmsg('custommenu_add_succeed', rawurldecode($_G['gp_url']), 'succeed', array('title' => cplang($_G['gp_title'])));
} else {
cpmsg('parameters_error', '', 'error');
}
}
}
for ($i = 3; $i >= 1; $i--) {
$stylebin .= empty($stylenew[$i]) ? '0' : '1';
}
$stylenew = bindec($stylebin);
$targetnew = intval($targetnew) ? 1 : 0;
$levelnew = intval($levelnew) && $levelnew > 0 && $levelnew < 4 ? intval($levelnew) : 0;
$urladd = $nav['type'] == '1' && $urlnew ? ", url='" . dhtmlspecialchars($urlnew) . "'" : '';
$db->query("UPDATE {$tablepre}navs SET name='{$namenew}', title='{$titlenew}', highlight='{$stylenew}{$colornew}', target='{$targetnew}', level='{$levelnew}' {$urladd} WHERE id='{$id}'");
updatecache('settings');
cpmsg('nav_add_succeed', $BASESCRIPT . '?action=misc&operation=customnav', 'succeed');
}
}
} elseif ($operation == 'custombar') {
$id = '';
if (!empty($title) && !empty($url)) {
$id = admincustom($title, dhtmlspecialchars($url), 2);
}
if (!empty($deleteid)) {
$deleteid = intval($deleteid);
$db->query("DELETE FROM {$tablepre}admincustom WHERE id='{$deleteid}' AND uid='{$discuz_uid}' AND sort='2'");
}
$historymenus = '';
$query = $db->query("SELECT id, title, url FROM {$tablepre}admincustom WHERE uid='{$discuz_uid}' AND sort='2' ORDER BY dateline");
while ($custom = $db->fetch_array($query)) {
$historymenus .= '<em id="custombar_' . $custom['id'] . '"><a onclick="mainFrame(' . $custom['id'] . ', this.href);doane(event)" href="' . $custom['url'] . '" hidefocus="true">' . lang($custom['title']) . '</a><span onclick="custombar_update(' . $custom['id'] . ')" title="' . $lang['custombar_del'] . '"> </span></em>';
}
include template('header_ajax');
echo $historymenus;
include template('footer_ajax');
} elseif ($operation == 'focus') {
require_once DISCUZ_ROOT . './include/post.func.php';
default:
$extralog = '';
}
$extralog = trim(str_replace(array('GET={};', 'POST={};'), '', $extralog));
$extralog = $action == 'home' && isset($securyservice) || $action == 'insenz' && in_array($operation, array('register', 'binding')) ? '' : $extralog;
writelog('cplog', implode("\t", clearlogstring(array($timestamp, $discuz_userss, $adminid, $onlineip, $action, $extralog))));
unset($extralog);
}
$isfounder = $adminsession->isfounder = isfounder();
if (empty($action) || isset($frames)) {
$extra = cpurl('url');
$extra = $extra && $action ? $extra : (!empty($runwizard) ? 'action=runwizard' : 'action=home');
require_once DISCUZ_ROOT . './admin/main.inc.php';
} elseif ($action == 'logout') {
$adminsession->destroy();
dheader("Location: {$indexname}");
} else {
checkacpaction($action, $operation);
if (in_array($action, array('home', 'settings', 'members', 'profilefields', 'admingroups', 'usergroups', 'ranks', 'forums', 'threadtypes', 'threads', 'moderate', 'attach', 'smilies', 'recyclebin', 'prune', 'styles', 'plugins', 'tasks', 'magics', 'medals', 'google', 'qihoo', 'video', 'announce', 'faq', 'ec', 'tradelog', 'creditwizard', 'jswizard', 'project', 'counter', 'misc', 'adv', 'insenz', 'logs', 'tools', 'checktools', 'search', 'upgrade')) || $isfounder && in_array($action, array('runwizard', 'templates', 'db'))) {
require_once DISCUZ_ROOT . './admin/' . $action . '.inc.php';
$title = 'cplog_' . $action . ($operation ? '_' . $operation : '');
if (!in_array($action, array('home', 'custommenu')) && lang($title, false)) {
strtolower($_SERVER['REQUEST_METHOD']) == 'get' && admincustom($title, cpurl('url'));
}
} else {
cpheader();
cpmsg('noaccess');
}
cpfooter();
}
}