public function set_filterInfo() { $locale = fusion_get_locale("", FORUM_LOCALE); $time = isset($_GET['time']) ? $_GET['time'] : ''; $type = isset($_GET['type']) ? $_GET['type'] : ''; $sort = isset($_GET['sort']) ? $_GET['sort'] : ''; $order = isset($_GET['order']) ? $_GET['order'] : ''; $timeCol = ''; $typeCol = ''; if ($time) { $time_array = array('today' => strtotime('today'), '2days' => strtotime('-2 days'), '1week' => strtotime('-1 week'), '2week' => strtotime('-2 weeks'), '1month' => strtotime('-2 months'), '2month' => strtotime('-2 months'), '3month' => strtotime('-2 months'), '6month' => strtotime('-6 months'), '1year' => strtotime('-1 year')); $time_stop = $time_array['today']; foreach ($time_array as $key => $value) { if ($time == $key) { $time_stop = prev($time_array); break; } } if ($time !== 'today') { $start_time = intval($time_array[$time]); $end_time = time(); $timeCol = "AND ((p1.post_datestamp BETWEEN '{$start_time}' AND '{$end_time}') OR (t.thread_lastpost BETWEEN '{$start_time}' AND '{$end_time}'))"; } else { $timeCol = "AND (p1.post_datestamp >= " . intval($time_array[$time]) . " OR t.thread_lastpost >= " . intval($time_stop) . " )"; } } if ($type) { $type_array = array('all' => '', 'discussions' => "AND (a1.attach_name IS NULL or a1.attach_name='') AND (a2.attach_name IS NULL or a2.attach_name='') AND (forum_poll_title IS NULL or forum_poll_title='')", 'attachments' => "AND a1.attach_name !='' OR a2.attach_name !='' AND (forum_poll_title IS NULL or forum_poll_title='')", 'poll' => "AND (a1.attach_name IS NULL or a1.attach_name='') AND (a2.attach_name IS NULL or a2.attach_name='') AND forum_poll_title !=''", 'solved' => "AND t.thread_answered = '1'", 'unsolved' => "AND t.thread_answered = '0'"); $typeCol = $type_array[$type]; } $sortCol = "ORDER BY t.thread_lastpost "; $orderCol = 'DESC'; if ($sort) { $sort_array = array('author' => 't.thread_author', 'time' => 't.thread_lastpost', 'subject' => 't.thread_subject', 'reply' => 't.thread_postcount', 'view' => 't.thread_views'); $sortCol = "ORDER BY " . $sort_array[$sort] . " "; } if ($order) { $order_array = array('ascending' => 'ASC', 'descending' => 'DESC'); $orderCol = $order_array[$order]; } $this->filter_sql = array('condition' => $timeCol . $typeCol, 'order' => $sortCol . $orderCol); // Filter Links $timeExt = isset($_GET['time']) ? "&time=" . $time : ''; $typeExt = isset($_GET['type']) ? "&type=" . $type : ''; $sortExt = isset($_GET['sort']) ? "&sort=" . $sort : ''; $orderExt = isset($_GET['order']) ? "&order=" . $order : ''; $baseLink = clean_request("", array("time", "type", "sort", "order"), FALSE); if (isset($_GET['viewforum']) && isset($_GET['forum_id'])) { $baseLink = INFUSIONS . 'forum/index.php?viewforum&forum_id=' . $_GET['forum_id'] . '' . (isset($_GET['parent_id']) ? '&parent_id=' . $_GET['parent_id'] . '' : ''); } $timeLink = $baseLink . $typeExt . $sortExt . $orderExt; $this->filter_info['time'] = array($locale['forum_3006'] => $baseLink, $locale['forum_3007'] => $timeLink . '&time=today', $locale['forum_3008'] => $timeLink . '&time=2days', $locale['forum_3009'] => $timeLink . '&time=1week', $locale['forum_3010'] => $timeLink . '&time=2week', $locale['forum_3011'] => $timeLink . '&time=1month', $locale['forum_3012'] => $timeLink . '&time=2month', $locale['forum_3013'] => $timeLink . '&time=3month', $locale['forum_3014'] => $timeLink . '&time=6month', $locale['forum_3015'] => $timeLink . '&time=1year'); $typeLink = $baseLink . $timeExt . $sortExt . $orderExt; $this->filter_info['type'] = array($locale['forum_3000'] => $typeLink . '&type=all', $locale['forum_3001'] => $typeLink . '&type=discussions', $locale['forum_3002'] => $typeLink . '&type=attachments', $locale['forum_3003'] => $typeLink . '&type=poll', $locale['forum_3004'] => $typeLink . '&type=solved', $locale['forum_3005'] => $typeLink . '&type=unsolved'); $sortLink = $baseLink . $timeExt . $typeExt . $orderExt; $this->filter_info['sort'] = array($locale['forum_3016'] => $sortLink . '&sort=author', $locale['forum_3017'] => $sortLink . '&sort=time', $locale['forum_3018'] => $sortLink . '&sort=subject', $locale['forum_3019'] => $sortLink . '&sort=reply', $locale['forum_3020'] => $sortLink . '&sort=view'); $orderLink = $baseLink . $timeExt . $typeExt . $sortExt; $this->filter_info['order'] = array($locale['forum_3021'] => $orderLink . '&order=descending', $locale['forum_3022'] => $orderLink . '&order=ascending'); }
public function display_thread() { $info = $this->thread()->get_threadInfo(); if (isset($_GET['action'])) { $poll = new Poll($info); switch ($_GET['action']) { case 'editpoll': $poll->render_poll_form(true); break; case 'deletepoll': $poll->delete_poll(); break; case 'newpoll': $poll->render_poll_form(); break; case 'edit': $this->render_edit_form(); break; case 'reply': $this->render_reply_form(); break; default: redirect(clean_request('', array('action'), false)); } } else { $response = self::check_download_request(); if ($response == true) { redirect(clean_request("", array("getfile"), false)); } // +1 threadviews $this->increment_thread_views($info['thread']['thread_id']); // +1 see who is viewing thread $this->thread()->set_thread_visitor(); if ($info['thread']['forum_users'] == true) { $info['thread_users'] = $this->get_participated_users($info); } render_thread($info); } }
/** * Recursive function to display administration table * @param $data * @param int $id */ function display_news_category($data, $id = 0) { $locale = fusion_get_locale(); if (!$id) { ?> <table class="table table-responsive table-striped"> <thead> <tr> <th></th> <th class="col-xs-4">Category Name</th> <th>Image</th> <th>News Status</th> <th>Draft</th> <th>Sticky</th> <th>Visibility</th> <th>Language</th> <th>Actions</th> <th>ID</th> </tr> </thead> <tbody> <?php } ?> <?php if (!empty($data[$id])) { ?> <?php foreach ($data[$id] as $cat_id => $cdata) { $edit_link = clean_request("section=news_category&ref=news_cat_form&action=edit&cat_id=" . $cat_id, array("section", "ref", "action", "cat_id"), FALSE); $delete_link = clean_request("section=news_category&ref=news_cat_form&action=delete&cat_id=" . $cat_id, array("section", "ref", "action", "cat_id"), FALSE); ?> <tr> <td><?php echo form_checkbox("news_cat_id[]", "", "", array("value" => $cat_id, "class" => "m-b-0")); ?> </td> <td> <a class="text-dark" href="<?php echo $edit_link; ?> "> <?php echo $cdata['news_cat_name']; ?> </a> </td> <td> <img style="width:50px" src="<?php echo get_image("nc_" . $cdata['news_cat_name']); ?> " alt="<?php echo $cdata['news_cat_name']; ?> "/> </td> <td> <span class="badge"><?php echo $cdata['news_published']; ?> published</span> <span class="label label-default m-r-10"><i class="fa fa-star fa-fw"></i> <?php echo $cdata['news_draft']; ?> </span> <span class="label label-warning"><i class="fa fa-sticky-note-o fa-fw"></i> <?php echo $cdata['news_sticky']; ?> </span> </td> <td><span class="badge"><?php echo $cdata['news_cat_draft'] ? $locale['yes'] : $locale['no']; ?> </span> </td> <td><span class="badge"><?php echo $cdata['news_cat_sticky'] ? $locale['yes'] : $locale['no']; ?> </span> </td> <td><span class="badge"><?php echo getgroupname($cdata['news_cat_visibility']); ?> </span></td> <td><?php echo $cdata['news_cat_language']; ?> </td> <td> <div class="btn-group"> <a class="btn btn-xs btn-default" href="<?php echo $edit_link; ?> "> <?php echo $locale['edit']; ?> </a> <a class="btn btn-xs btn-default" href="<?php echo $delete_link; ?> " onclick="return confirm('<?php echo $locale['news_0350']; ?> ')"> <?php echo $locale['delete']; ?> </a> </div> </td> <td> <?php echo $cdata['news_cat_id']; ?> </td> </tr> <?php if (isset($data[$cdata['news_cat_id']])) { display_news_category($data, $cdata['news_cat_id']); } ?> <?php } ?> <?php } else { ?> <tr> <td colspan="10" class="text-center"> <?php echo $locale['news_0303']; ?> </td> </tr> <?php } ?> <?php if (!$id) { ?> </tbody> </table> <?php } }
} else { if ($mime_types[$extension] != $each['type']) { die('Prevented an unwanted file upload attempt!'); } } } unset($file_info, $extension); } } unset($mime_types); } } $defender = new defender(); // Set admin login procedures Authenticate::setAdminLogin(); $defender->debug_notice = FALSE; // turn this off after beta. $defender->sniff_token(); $dynamic = new dynamics(); $dynamic->boot(); $fusion_page_head_tags =& \PHPFusion\OutputHandler::$pageHeadTags; $fusion_page_footer_tags =& \PHPFusion\OutputHandler::$pageFooterTags; $fusion_jquery_tags =& \PHPFusion\OutputHandler::$jqueryTags; // Set theme using $_GET as well. // Set theme if ($userdata['user_level'] == USER_LEVEL_SUPER_ADMIN && isset($_GET['themes']) && theme_exists($_GET['themes'])) { $newUserTheme = array("user_id" => $userdata['user_id'], "user_theme" => stripinput($_GET['themes'])); dbquery_insert(DB_USERS, $newUserTheme, "update"); redirect(clean_request("", array("themes"), FALSE)); } set_theme(empty($userdata['user_theme']) ? fusion_get_settings("theme") : $userdata['user_theme']);
echo form_button('preview', $locale['articles_0240'], $locale['articles_0240'], array('class' => 'btn-default m-r-10')); echo form_button('publish', $locale['articles_0242'], $locale['articles_0242'], array('class' => 'btn-primary m-r-10')); echo form_button('delete', $locale['articles_0243'], $locale['articles_0243'], array('class' => 'btn-warning m-r-10')); echo closeform(); } } } } else { $result = dbquery("SELECT\n\t\t\tts.submit_id, ts.submit_datestamp, ts.submit_criteria, tu.user_id, tu.user_name, tu.user_avatar, tu.user_status\n\t\t\tFROM " . DB_SUBMISSIONS . " ts\n\t\t\tLEFT JOIN " . DB_USERS . " tu ON ts.submit_user=tu.user_id\n\t\t\tWHERE submit_type='a' order by submit_datestamp desc\n\t\t\t"); $rows = dbrows($result); if ($rows > 0) { echo "<div class='well'>" . sprintf($locale['articles_0044'], format_word($rows, $locale['fmt_submission'])) . "</div>\n"; echo "<table class='table table-striped'>\n"; echo "<tr>\n"; echo "<th>" . $locale['articles_0041'] . "</th>\n<th>" . $locale['articles_0046'] . "</th><th>" . $locale['articles_0047'] . "</th><th>" . $locale['articles_0048'] . "</th>"; echo "</tr>\n"; echo "<tbody>\n"; while ($data = dbarray($result)) { $submit_criteria = unserialize($data['submit_criteria']); echo "<tr>\n"; echo "<td><a href='" . clean_request("submit_id=" . $data['submit_id'], array("section", "aid"), TRUE) . "'>" . $submit_criteria['article_subject'] . "</a></td>\n"; echo "<td>" . profile_link($data['user_id'], $data['user_name'], $data['user_status']) . "</td>\n"; echo "<td>" . timer($data['submit_datestamp']) . "</td>\n"; echo "<td>" . $data['submit_id'] . "</td>\n"; echo "</tr>\n"; } echo "</tbody>\n</table>\n"; } else { echo "<div class='well text-center m-t-20'>" . $locale['articles_0042'] . "</div>\n"; } }
/** * @param $comment_type - abbr or short ID * @param $comment_db - Current Application DB - DB_BLOG for example. * @param $comment_col - current sql primary key column - 'blog_id' for example * @param $comment_item_id - current sql primary key value '$_GET['blog_id']' for example * @param $clink - current page link 'FUSION_SELF' is ok. */ function showcomments($comment_type, $comment_db, $comment_col, $comment_item_id, $clink) { global $settings, $locale, $userdata, $aidlink; $link = FUSION_SELF . (FUSION_QUERY ? "?" . FUSION_QUERY : ""); $link = preg_replace("^(&|\\?)c_action=(edit|delete)&comment_id=\\d*^", "", $link); $_GET['comment'] = isset($_GET['comment']) && isnum($_GET['comment']) ? $_GET['comment'] : 0; $cpp = $settings['comments_per_page']; if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "delete") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) { if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $_GET['comment_id'] . "' AND comment_name='" . $userdata['user_id'] . "'")) { $result = dbquery("DELETE FROM " . DB_COMMENTS . "\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "'" . (iADMIN ? "" : "\n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "'")); } redirect($clink . ($settings['comments_sorting'] == "ASC" ? "" : "&c_start=0")); } if ($settings['comments_enabled'] == "1") { if ((iMEMBER || $settings['guestposts'] == "1") && isset($_POST['post_comment'])) { if (!iMEMBER && $settings['guestpost'] == 1) { if (!isset($_POST['comment_name'])) { redirect($link); } if (isnum($_POST['comment_name'])) { $_POST['comment_name'] = ''; } $_CAPTCHA_IS_VALID = FALSE; include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_check.php"; if (!isset($_POST['captcha_code']) || $_CAPTCHA_IS_VALID == FALSE) { redirect($link); } } $comment_data = array('comment_id' => isset($_GET['comment_id']) && isnum($_GET['comment_id']) ? $_GET['comment_id'] : 0, 'comment_name' => iMEMBER ? $userdata['user_id'] : form_sanitizer($_POST['comment_name'], '', 'comment_name'), 'comment_message' => form_sanitizer($_POST['comment_message'], '', 'comment_message'), 'comment_datestamp' => time(), 'comment_item_id' => $comment_item_id, 'comment_type' => $comment_type, 'comment_cat' => 0, 'comment_ip' => USER_IP, 'comment_ip_type' => USER_IP_TYPE, 'comment_hidden' => 0); if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && $comment_data['comment_id']) { $comment_updated = FALSE; if (iADMIN && checkrights("C") || iMEMBER && dbcount("(comment_id)", DB_COMMENTS, "comment_id='" . $comment_data['comment_id'] . "' \n\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\tAND comment_type='" . $comment_type . "' \n\t\t\t\tAND comment_name='" . $userdata['user_id'] . "' \n\t\t\t\tAND comment_hidden='0'")) { dbquery_insert(DB_COMMENTS, $comment_data, 'update'); if ($comment_data['comment_message']) { $result = dbquery("UPDATE " . DB_COMMENTS . " SET comment_message='" . $comment_data['comment_message'] . "'\n \t\t\t\t\t\t\t\t\t WHERE comment_id='" . $_GET['comment_id'] . "' " . (iADMIN ? "" : "AND comment_name='" . $userdata['user_id'] . "'")); if ($result) { $comment_updated = TRUE; } } } if ($comment_updated) { if ($settings['comments_sorting'] == "ASC") { $c_operator = "<="; } else { $c_operator = ">="; } $c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_id" . $c_operator . "'" . $comment_data['comment_id'] . "'\n\t\t\t\t\t\t\t\tAND comment_item_id='" . $comment_item_id . "'\n\t\t\t\t\t\t\t\tAND comment_type='" . $comment_type . "'"); $c_start = (ceil($c_count / $cpp) - 1) * $cpp; } redirect($clink . "&c_start=" . (isset($c_start) && isnum($c_start) ? $c_start : "")); } else { if (!dbcount("(" . $comment_col . ")", $comment_db, $comment_col . "='" . $comment_item_id . "'")) { redirect(BASEDIR . "index.php"); } $id = 0; if ($comment_data['comment_name'] && $comment_data['comment_message']) { require_once INCLUDES . "flood_include.php"; if (!flood_control("comment_datestamp", DB_COMMENTS, "comment_ip='" . USER_IP . "'")) { dbquery_insert(DB_COMMENTS, $comment_data, 'save'); $id = dblastid(); } } if ($settings['comments_sorting'] == "ASC") { $c_count = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "'"); $c_start = (ceil($c_count / $cpp) - 1) * $cpp; } else { $c_start = 0; } //if (!$settings['site_seo']) { redirect($clink . "&c_start=" . $c_start . "#c" . $id); //} } } $c_arr = array("c_con" => array(), "c_info" => array("c_makepagenav" => FALSE, "admin_link" => FALSE)); $c_rows = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'"); if (!isset($_GET['c_start']) && $c_rows > $cpp) { $_GET['c_start'] = (ceil($c_rows / $cpp) - 1) * $cpp; } if (!isset($_GET['c_start']) || !isnum($_GET['c_start'])) { $_GET['c_start'] = 0; } $result = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcm.comment_datestamp,\n\t\t\t\t\ttcu.user_id, tcu.user_name, tcu.user_avatar, tcu.user_status\n\t\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\t\tWHERE comment_item_id='" . $comment_item_id . "' AND comment_type='" . $comment_type . "' AND comment_hidden='0'\n\t\t\t\t\tORDER BY comment_datestamp " . $settings['comments_sorting'] . " LIMIT " . $_GET['c_start'] . "," . $cpp); if (dbrows($result) > 0) { $i = $settings['comments_sorting'] == "ASC" ? $_GET['c_start'] + 1 : $c_rows - $_GET['c_start']; if ($c_rows > $cpp) { $c_arr['c_info']['c_makepagenav'] = makepagenav($_GET['c_start'], $cpp, $c_rows, 3, $clink . "&", "c_start"); } while ($data = dbarray($result)) { $c_arr['c_con'][$i]['comment_id'] = $data['comment_id']; $c_arr['c_con'][$i]['edit_dell'] = FALSE; $c_arr['c_con'][$i]['i'] = $i; if ($data['user_name']) { $c_arr['c_con'][$i]['comment_name'] = profile_link($data['comment_name'], $data['user_name'], $data['user_status'], 'strong text-dark'); } else { $c_arr['c_con'][$i]['comment_name'] = $data['comment_name']; } $c_arr['c_con'][$i]['user_avatar'] = display_avatar($data, '35px', '', true, 'img-rounded'); $c_arr['c_con'][$i]['user'] = array('user_id' => $data['user_id'], 'user_name' => $data['user_name'], 'user_avatar' => $avatar = $data['user_avatar'] !== '' && file_exists(IMAGES . 'avatars/' . $data['user_avatar']) ? IMAGES . 'avatars/' . $data['user_avatar'] : IMAGES . "avatars/noavatar50.png", 'user_status' => $data['user_status']); $c_arr['c_con'][$i]['comment_datestamp'] = showdate('shortdate', $data['comment_datestamp']); $c_arr['c_con'][$i]['comment_time'] = timer($data['comment_datestamp']); $c_arr['c_con'][$i]['comment_message'] = "<!--comment_message-->\n" . nl2br(parseubb(parsesmileys($data['comment_message']))); if (iADMIN && checkrights("C") || iMEMBER && $data['comment_name'] == $userdata['user_id'] && isset($data['user_name'])) { $edit_link = clean_request('c_action=edit&comment_id=' . $data['comment_id'], array('c_action', 'comment_id'), false) . "#edit_comment"; $delete_link = clean_request('c_action=delete&comment_id=' . $data['comment_id'], array('c_action', 'comment_id'), false); $c_arr['c_con'][$i]['edit_link'] = array('link' => $edit_link, 'name' => $locale['c108']); $c_arr['c_con'][$i]['delete_link'] = array('link' => $delete_link, 'name' => $locale['c109']); $c_arr['c_con'][$i]['edit_dell'] = "<!--comment_actions-->\n"; $c_arr['c_con'][$i]['edit_dell'] .= "<div class='btn-group'>"; $c_arr['c_con'][$i]['edit_dell'] .= "<a class='btn btn-xs btn-default' href='" . $edit_link . "'>"; $c_arr['c_con'][$i]['edit_dell'] .= $locale['c108'] . "</a>\n"; $c_arr['c_con'][$i]['edit_dell'] .= "<a class='btn btn-xs btn-default' href='" . $delete_link . "' onclick=\"return confirm('" . $locale['c110'] . "');\">"; $c_arr['c_con'][$i]['edit_dell'] .= "<i class='fa fa-trash'></i> " . $locale['c109'] . "</a>"; $c_arr['c_con'][$i]['edit_dell'] .= "</div>\n"; } $settings['comments_sorting'] == "ASC" ? $i++ : $i--; } if (iADMIN && checkrights("C")) { $c_arr['c_info']['admin_link'] = "<!--comment_admin-->\n"; $c_arr['c_info']['admin_link'] .= "<a href='" . ADMIN . "comments.php" . $aidlink . "&ctype=" . $comment_type . "&comment_item_id=" . $comment_item_id . "'>" . $locale['c106'] . "</a>"; } } opentable($locale['c102']); $comment_message = ""; if (iMEMBER && (isset($_GET['c_action']) && $_GET['c_action'] == "edit") && (isset($_GET['comment_id']) && isnum($_GET['comment_id']))) { $eresult = dbquery("SELECT tcm.comment_id, tcm.comment_name, tcm.comment_message, tcu.user_name\n\t\t\t\tFROM " . DB_COMMENTS . " tcm\n\t\t\t\tLEFT JOIN " . DB_USERS . " tcu ON tcm.comment_name=tcu.user_id\n\t\t\t\tWHERE comment_id='" . $_GET['comment_id'] . "' AND comment_item_id='" . $comment_item_id . "'\n\t\t\t\tAND comment_type='" . $comment_type . "' AND comment_hidden='0'"); if (dbrows($eresult) > 0) { $edata = dbarray($eresult); if (iADMIN && checkrights("C") || iMEMBER && $edata['comment_name'] == $userdata['user_id'] && isset($edata['user_name'])) { $clink .= "&c_action=edit&comment_id=" . $edata['comment_id']; $comment_message = $edata['comment_message']; } } else { $comment_message = ""; } } if (iMEMBER || $settings['guestposts'] == "1") { require_once INCLUDES . "bbcode_include.php"; echo "<a id='edit_comment' name='edit_comment'></a>\n"; echo openform('inputform', 'post', $clink, array('class' => 'm-b-20', 'max_tokens' => 1)); if (iGUEST) { echo form_text('comment_name', $locale['c104'], '', array('max_length' => 30)); } echo form_textarea('comment_message', '', $comment_message, array('required' => 1, 'autosize' => 1, 'form_name' => 'inputform', 'bbcode' => 1)); if (iGUEST && (!isset($_CAPTCHA_HIDE_INPUT) || isset($_CAPTCHA_HIDE_INPUT) && !$_CAPTCHA_HIDE_INPUT)) { $_CAPTCHA_HIDE_INPUT = FALSE; echo "<div style='width:360px; margin:10px auto;'>"; echo $locale['global_150'] . "<br />\n"; include INCLUDES . "captchas/" . $settings['captcha'] . "/captcha_display.php"; if (!$_CAPTCHA_HIDE_INPUT) { echo "<br />\n<label for='captcha_code'>" . $locale['global_151'] . "</label>"; echo "<br />\n<input type='text' id='captcha_code' name='captcha_code' class='textbox' autocomplete='off' style='width:100px' />\n"; } echo "</div>\n"; } echo form_button('post_comment', $comment_message ? $locale['c103'] : $locale['c102'], $comment_message ? $locale['c103'] : $locale['c102'], array('class' => 'btn-success m-t-10')); echo closeform(); } else { echo "<div class='well'>\n"; echo $locale['c105'] . "\n"; echo "</div>\n"; } closetable(); echo "<a id='comments' name='comments'></a>"; render_comments($c_arr['c_con'], $c_arr['c_info']); } }
function render_admin_panel() { global $locale, $userdata, $defender, $pages, $aidlink, $admin; $languages = fusion_get_enabled_languages(); // Admin panel page echo "<div id='admin-panel' class='clearfix in'>\n"; // Top header section echo "<section id='acp-header' class='pull-left affix clearfix' data-offset-top='0' data-offset-bottom='0'>\n"; // Top left logo echo "<div class='brand'>\n"; echo "<div class='pull-right'>\n"; echo "</div>\n</div>\n"; // Top navigation echo "<nav>\n"; // Top side panel toggler echo "<ul class='venus-toggler'>\n"; echo "<li><a id='toggle-canvas' class='pointer' style='border-left:none;'><i class='fa fa-bars fa-lg'></i></a></li>\n"; echo "</ul>\n"; echo $admin->horiziontal_admin_nav(true); // Top right menu links echo "<ul class='top-right-menu pull-right m-r-15'>\n"; echo "<li class='dropdown'>\n"; echo "<a class='dropdown-toggle pointer' data-toggle='dropdown'>" . display_avatar($userdata, '25px', '', '', '') . " " . $locale['logged'] . "<strong>" . $userdata['user_name'] . "</strong> <span class='caret'></span>\n</a>\n"; echo "<ul class='dropdown-menu' role='menu'>\n"; echo "<li><a class='display-block' href='" . BASEDIR . "edit_profile.php'>" . $locale['edit'] . " " . $locale['profile'] . "</a></li>\n"; echo "<li><a class='display-block' href='" . BASEDIR . "profile.php?lookup=" . $userdata['user_id'] . "'>" . $locale['view'] . " " . $locale['profile'] . "</a></li>\n"; echo "<li class='divider'> </li>\n"; echo "<li><a class='display-block' href='" . FUSION_REQUEST . "&logout'>" . $locale['admin-logout'] . "</a></li>\n"; echo "<li><a class='display-block' href='" . BASEDIR . "index.php?logout=yes'>" . $locale['logout'] . "</a></li>\n"; echo "</ul>\n"; echo "</li>\n"; echo "<li><a title='" . $locale['settings'] . "' href='" . ADMIN . "settings_main.php" . $aidlink . "'><i class='fa fa-cog fa-lg'></i></a></li>\n"; echo "<li><a title='" . fusion_get_settings('sitename') . "' href='" . BASEDIR . "index.php'><i class='fa fa-home fa-lg'></i></a>\n</li>\n"; echo "<li><a title='" . $locale['message'] . "' href='" . BASEDIR . "messages.php'><i class='fa fa-envelope-o fa-lg'></i></a>\n</li>\n"; if (count($languages) > 1) { echo "<li class='dropdown'><a class='dropdown-toggle pointer' data-toggle='dropdown' title='" . $locale['282'] . "'><i class='fa fa-globe fa-lg fa-fw'></i> " . translate_lang_names(LANGUAGE) . "<span class='caret'></span></a>\n"; echo "<ul class='dropdown-menu'>\n"; foreach ($languages as $language_folder => $language_name) { echo "<li><a class='display-block' href='" . clean_request("lang=" . $language_folder, array("lang"), FALSE) . "'><img class='m-r-5' src='" . BASEDIR . "locale/{$language_folder}/{$language_folder}-s.png'> {$language_name}</a></li>\n"; } echo "</ul>\n"; echo "</li>\n"; } echo "</ul>\n"; // .top-right-menu echo "</nav>\n"; echo "</section>\n"; // Content section echo "<div class='content-wrapper display-table pull-left'>\n"; // Left side panel echo "<div id='acp-left' class='pull-left affix' data-offset-top='0' data-offset-bottom='0'>\n"; // collapse to top menu on sm and xs echo "<div class='panel panel-default admin'><div class='panel-body clearfix'>\n"; echo "<div class='pull-left m-r-10'>\n" . display_avatar($userdata, '50px', '', '', '') . "</div>\n"; echo "<span class='overflow-hide m-t-10'><h4 class='m-b-0 text-stronger'>\n" . $userdata['user_name'] . "</h4>\n" . getuserlevel($userdata['user_level']) . "</span></div>\n"; echo "</div>\n"; echo $admin->vertical_admin_nav(); echo "</div>\n"; // #acp-left // Control panel content wrapper echo "<div id='acp-main' class='clearfix' style='vertical-align:top;'>\n"; // Main content wrapper echo "<div id='acp-content' class='m-t-20 col-xs-12 col-sm-12 col-md-12 col-lg-12'>\n"; // Render breadcrumbs echo render_breadcrumbs(); // Get and render notices $notices = getNotices(); echo renderNotices($notices); // Render the content echo CONTENT; echo "</div>\n"; // #acp-content // Footer section echo "<footer class='m-l-20 display-inline-block m-t-20 m-b-20'>\n"; // Copyright echo "Venus Admin © " . date("Y") . " created by <a href='https://www.php-fusion.co.uk'><strong>PHP-Fusion Inc.</strong></a>\n"; echo showcopyright(); // Render time if (fusion_get_settings('rendertime_enabled')) { echo "<br /><br />"; // Make showing of queries and memory usage separate settings echo showrendertime(); echo showMemoryUsage(); } echo "</footer>\n"; echo "</div>\n"; // .acp-main echo "</div>\n"; // .content-wrapper echo "</div>\n"; // #admin-panel add_to_footer("<script src='" . THEMES . "admin_themes/Venus/includes/jquery.slimscroll.min.js'></script>"); if (!isset($_COOKIE['acp_sidemenu'])) { setcookie("acp_sidemenu", 1, 64800); } add_to_jquery("\n\t// Initialize slimscroll\n\t\$('#adl').slimScroll({\n\t\theight: null\n\t});\n\n\t// Function to toggle side menu\n\tfunction toggleSideMenu(state) {\n\t\tvar panel_state = null;\n\t\tif (state == 'show') {\n\t\t\t\$('#admin-panel').addClass('in');\n\t\t\tvar panel_state = 1;\n\t\t} else if (state == 'hide') {\n\t\t\t\$('#admin-panel').removeClass('in');\n\t\t\tvar panel_state = 0;\n\t\t} else {\n\t\t\t\$('#admin-panel').toggleClass('in');\n\t\t\tvar panel_state = \$('#admin-panel').hasClass('in');\n\t\t}\n\t\tif (panel_state) {\n\t\t\t\$.cookie('" . COOKIE_PREFIX . "acp_sidemenu', '1', {expires: 164800});\n\t\t} else {\n\t\t\t\$.cookie('" . COOKIE_PREFIX . "acp_sidemenu', '0', {expires: 164800});\n\t\t}\n\t}\n\n\t// Adjust side menu height on page load, resize or orientation change\n\t\$(window).on('load resize orientationchange', function(event) {\n\t\tvar init_hgt = \$(window).height();\n\t\tvar small = \$('.brand-text').is(':visible');\n\t\tvar panel_height = (small ? init_hgt-125 : init_hgt-80);\n\t\tvar hgt = \$(this).height();\n\t\t\$('#acp-left').css('height', hgt);\n\t\t\$('.admin-vertical-link').css('height', panel_height);\n\t\t// Hide side menu on orientation change\n\t\t//if (event.type === 'orientationchange') {\n\t\t//\ttoggleSideMenu('show');\n\t\t//}\n\t});\n\t// Side menu toggler\n\t\$('#toggle-canvas').on('click', toggleSideMenu);\n\t"); }
redirect(FUSION_SELF . $aidlink . "&show_faq=" . $data['faq_cat_id'] . "&faq_start=" . $faq_start); } } $cat_opts = array(); $result2 = dbquery("SELECT faq_cat_id, faq_cat_name, faq_cat_language\n\tFROM " . DB_FAQ_CATS . " " . (multilang_table("FQ") ? "WHERE faq_cat_language='" . LANGUAGE . "'" : "") . " ORDER BY faq_cat_name"); if (dbrows($result2) != 0) { while ($data2 = dbarray($result2)) { $cat_opts[$data2['faq_cat_id']] = $data2['faq_cat_name']; } echo openform('inputform', 'post', FUSION_REQUEST, array("class" => "m-t-20")); echo "<div class='row'>\n"; echo "<div class='col-xs-12 col-sm-8'>\n"; openside(""); echo form_hidden("faq_id", "", $data['faq_id']); echo form_text('faq_question', $locale['faq_0301'], $data['faq_question'], array('required' => TRUE)); echo form_textarea('faq_answer', $locale['faq_0302'], $data['faq_answer'], $fusion_mce); closeside(); echo "</div>\n"; echo "<div class='col-xs-12 col-sm-4'>\n"; openside(""); echo form_select("faq_cat_id", $locale['faq_0300'], $data['faq_cat_id'], array('options' => $cat_opts, "width" => "100%")); closeside(); echo "</div>\n"; echo "</div>\n"; echo form_button('save_faq', $locale['faq_0303'], $locale['faq_0303'], array('class' => 'btn-primary m-t-10')); echo closeform(); } else { echo "<div class='well text-center m-t-20'>\n"; echo str_replace(array("[LINK]", "[/LINK]"), array("<a href='" . clean_request("section=faq-category", array("aid"), TRUE) . "'>", "</a>"), $locale['faq_0304']); echo "</div>\n"; }
if (!$tin[$id]) { array_push($tab, $req); $tin[$id] = 1; } } } return $tab; } if (!$_REQUEST['node_id']) { exit(1); } $matches = null; if (!preg_match("/^([\\d]{1,5},?){1,20}\$/", $_REQUEST['node_id'], $matches)) { exit(1); } $tab = clean_request($_REQUEST['node_id']); if (!$tab) { print "Empty tab<br>"; exit(1); } ShoCKDB_db::$db_backend = 'sqlite'; ShoCKDB_db::$db_path = 'data/feedNodi.sl3'; $db = new ShoCKDB_db(); if (!$db->open()) { print "Impossible d'ouvrir la db!<br>"; exit(1); } header('Content-Type: application/json'); $res = new ShoCKDB_response($db); for ($i = 0; $i < sizeof($tab); $i++) { //print "id: " . $tab[$i] . "<br>";
function breadcrumb_page_arrays($tree_index, $tree_full, $id_col, $title_col, $getname, $id) { $crumb =& $crumb; if (isset($tree_index[get_parent($tree_index, $id)])) { $_name = get_parent_array($tree_full, $id); $crumb = array('link' => isset($_name[$id_col]) ? clean_request($getname . "=" . $_name[$id_col], array("aid"), TRUE) : "", 'title' => isset($_name[$title_col]) ? \PHPFusion\QuantumFields::parse_label($_name[$title_col]) : ""); if (get_parent($tree_index, $id) == 0) { return $crumb; } $crumb_1 = breadcrumb_page_arrays($tree_index, $tree_full, $id_col, $title_col, $getname, get_parent($tree_index, $id)); if (!empty($crumb_1)) { $crumb = array_merge_recursive($crumb, $crumb_1); } } return $crumb; }
public function set_ForumInfo() { global $forum_settings, $userdata, $locale; if (stristr($_SERVER['PHP_SELF'], 'forum_id')) { if ($_GET['section'] == 'latest') { redirect(INFUSIONS . 'forum/index.php?section=latest'); } if ($_GET['section'] == 'mypost') { redirect(INFUSIONS . 'forum/index.php?section=mypost'); } if ($_GET['section'] == 'tracked') { redirect(INFUSIONS . 'forum/index.php?section=tracked'); } } // security boot due to insufficient access level if (isset($_GET['viewforum']) && !verify_forum($_GET['forum_id'])) { redirect(INFUSIONS . 'forum/index.php'); } // Xss sanitization $this->forum_info = array('forum_id' => isset($_GET['forum_id']) ? $_GET['forum_id'] : 0, 'parent_id' => isset($_GET['parent_id']) && verify_forum($_GET['parent_id']) ? $_GET['parent_id'] : 0, 'forum_branch' => isset($_GET['forum_branch']) && verify_forum($_GET['forum_branch']) ? $_GET['forum_branch'] : 0, 'new_thread_link' => '', 'lastvisited' => isset($userdata['user_lastvisit']) && isnum($userdata['user_lastvisit']) ? $userdata['user_lastvisit'] : time(), 'posts_per_page' => $forum_settings['posts_per_page'], 'threads_per_page' => $forum_settings['threads_per_page'], 'forum_index' => dbquery_tree(DB_FORUMS, 'forum_id', 'forum_cat'), 'threads' => array(), 'section' => isset($_GET['section']) ? $_GET['section'] : 'thread'); // Set Max Rows -- XSS $this->forum_info['forum_max_rows'] = dbcount("('forum_id')", DB_FORUMS, (multilang_table("FO") ? "forum_language='" . LANGUAGE . "' AND" : '') . "\n\t\tforum_cat='" . $this->forum_info['parent_id'] . "' AND " . groupaccess('forum_access') . ""); // Sanitize Globals $_GET['forum_id'] = $this->forum_info['forum_id']; $_GET['rowstart'] = isset($_GET['rowstart']) && $_GET['rowstart'] <= $this->forum_info['forum_max_rows'] ? $_GET['rowstart'] : 0; $this->ext = isset($this->forum_info['parent_id']) && isnum($this->forum_info['parent_id']) ? "&parent_id=" . $this->forum_info['parent_id'] : ''; add_to_title($locale['global_200'] . $locale['forum_0000']); add_breadcrumb(array('link' => INFUSIONS . 'forum/index.php', 'title' => $locale['forum_0000'])); forum_breadcrumbs($this->forum_info['forum_index']); // Set Meta data if ($this->forum_info['forum_id'] > 0) { $meta_result = dbquery("SELECT forum_meta, forum_description FROM " . DB_FORUMS . " WHERE forum_id='" . intval($this->forum_info['forum_id']) . "'"); if (dbrows($meta_result) > 0) { $meta_data = dbarray($meta_result); if ($meta_data['forum_description'] !== '') { set_meta('description', $meta_data['forum_description']); } if ($meta_data['forum_meta'] !== '') { set_meta('keywords', $meta_data['forum_meta']); } } } // Additional Sections in Index View if (isset($_GET['section'])) { switch ($_GET['section']) { case 'participated': include INFUSIONS . "forum/sections/participated.php"; add_to_title($locale['global_201'] . $locale['global_024']); add_breadcrumb(array('link' => INFUSIONS . "forum/index.php?section=participated", 'title' => $locale['global_024'])); set_meta("description", $locale['global_024']); break; case 'latest': include INFUSIONS . "forum/sections/latest.php"; add_to_title($locale['global_201'] . $locale['global_021']); add_breadcrumb(array('link' => INFUSIONS . "forum/index.php?section=latest", 'title' => $locale['global_021'])); set_meta("description", $locale['global_021']); break; case 'tracked': include INFUSIONS . "forum/sections/tracked.php"; add_to_title($locale['global_201'] . $locale['global_056']); add_breadcrumb(array('link' => INFUSIONS . "forum/index.php?section=tracked", 'title' => $locale['global_056'])); set_meta("description", $locale['global_056']); break; case "unanswered": include INFUSIONS . "forum/sections/unanswered.php"; add_to_title($locale['global_201'] . $locale['global_027']); add_breadcrumb(array('link' => INFUSIONS . "forum/index.php?section=unanswered", 'title' => $locale['global_027'])); set_meta("description", $locale['global_027']); break; case "unsolved": include INFUSIONS . "forum/sections/unsolved.php"; add_to_title($locale['global_201'] . $locale['global_028']); add_breadcrumb(array('link' => INFUSIONS . "forum/index.php?section=unsolved", 'title' => $locale['global_028'])); set_meta("description", $locale['global_028']); break; default: redirect(FUSION_SELF); } } else { // Switch between view forum or forum index -- required: $_GET['viewforum'] if ($this->forum_info['forum_id'] && isset($this->forum_info['parent_id']) && isset($_GET['viewforum'])) { /** * View Forum Additional Views - add Filter Initialization */ $time = isset($_GET['time']) ? $_GET['time'] : ''; $type = isset($_GET['type']) ? $_GET['type'] : ''; $sort = isset($_GET['sort']) ? $_GET['sort'] : ''; $order = isset($_GET['order']) ? $_GET['order'] : ''; $timeCol = ''; $typeCol = ''; if ($time) { $time_array = array('today' => strtotime('today'), '2days' => strtotime('-2 day'), '1week' => strtotime('-1 week'), '2week' => strtotime('-2 week'), '1month' => strtotime('-2 month'), '2month' => strtotime('-2 month'), '3month' => strtotime('-2 month'), '6month' => strtotime('-6 month'), '1year' => strtotime('-1 year')); $time_stop = ''; foreach ($time_array as $key => $value) { if ($time == $key) { $time_stop = prev($time_array); break; } } if ($time !== 'today') { $timeCol = "AND ((post_datestamp >= '" . $time_array[$time] . "' OR t.thread_lastpost >= '" . $time_array[$time] . "') AND (post_datestamp <= '" . $time_stop . "' OR t.thread_lastpost <= '" . $time_stop . "')) "; } else { $timeCol = "AND (post_datestamp >= '" . $time_array[$time] . "' OR t.thread_lastpost >= '" . $time_array[$time] . "') "; } } if ($type) { $type_array = array('all' => '', 'discussions' => "AND (a1.attach_name IS NULL or a1.attach_name='') AND (a2.attach_name IS NULL or a2.attach_name='') AND (forum_poll_title IS NULL or forum_poll_title='')", 'attachments' => "AND a1.attach_name !='' OR a2.attach_name !='' AND (forum_poll_title IS NULL or forum_poll_title='')", 'poll' => "AND (a1.attach_name IS NULL or a1.attach_name='') AND (a2.attach_name IS NULL or a2.attach_name='') AND forum_poll_title !=''", 'solved' => "AND t.thread_answered = '1'", 'unsolved' => "AND t.thread_answered = '0'"); $typeCol = $type_array[$type]; } $sortCol = "ORDER BY t.thread_lastpost "; $orderCol = 'ASC'; if ($sort) { $sort_array = array('author' => 't.thread_author', 'time' => 't.thread_lastpost', 'subject' => 't.thread_subject', 'reply' => 't.thread_postcount', 'view' => 't.thread_views'); $sortCol = "ORDER BY " . $sort_array[$sort] . " "; } if ($order) { $order_array = array('ascending' => 'ASC', 'descending' => 'DESC'); $orderCol = $order_array[$order]; } $sql_condition = $timeCol . $typeCol; $sql_order = $sortCol . $orderCol; // Filter Links $timeExt = isset($_GET['time']) ? "&time=" . $_GET['time'] : ''; $typeExt = isset($_GET['type']) ? "&type=" . $_GET['type'] : ''; $sortExt = isset($_GET['sort']) ? "&sort=" . $_GET['sort'] : ''; $orderExt = isset($_GET['order']) ? "&order=" . $_GET['order'] : ''; $baseLink = INFUSIONS . 'forum/index.php?viewforum&forum_id=' . $_GET['forum_id'] . '' . (isset($_GET['parent_id']) ? '&parent_id=' . $_GET['parent_id'] . '' : ''); $timeLink = $baseLink . $typeExt . $sortExt . $orderExt; $this->forum_info['filter']['time'] = array($locale['forum_3006'] => INFUSIONS . 'forum/index.php?viewforum&forum_id=' . $_GET['forum_id'] . '' . (isset($_GET['parent_id']) ? '&parent_id=' . $_GET['parent_id'] . '' : ''), $locale['forum_3007'] => $timeLink . '&time=today', $locale['forum_3008'] => $timeLink . '&time=2days', $locale['forum_3009'] => $timeLink . '&time=1week', $locale['forum_3010'] => $timeLink . '&time=2week', $locale['forum_3011'] => $timeLink . '&time=1month', $locale['forum_3012'] => $timeLink . '&time=2month', $locale['forum_3013'] => $timeLink . '&time=3month', $locale['forum_3014'] => $timeLink . '&time=6month', $locale['forum_3015'] => $timeLink . '&time=1year'); $typeLink = $baseLink . $timeExt . $sortExt . $orderExt; $this->forum_info['filter']['type'] = array($locale['forum_3000'] => $typeLink . '&type=all', $locale['forum_3001'] => $typeLink . '&type=discussions', $locale['forum_3002'] => $typeLink . '&type=attachments', $locale['forum_3003'] => $typeLink . '&type=poll', $locale['forum_3004'] => $typeLink . '&type=solved', $locale['forum_3005'] => $typeLink . '&type=unsolved'); $sortLink = $baseLink . $timeExt . $typeExt . $orderExt; $this->forum_info['filter']['sort'] = array($locale['forum_3016'] => $sortLink . '&sort=author', $locale['forum_3017'] => $sortLink . '&sort=time', $locale['forum_3018'] => $sortLink . '&sort=subject', $locale['forum_3019'] => $sortLink . '&sort=reply', $locale['forum_3020'] => $sortLink . '&sort=view'); $orderLink = $baseLink . $timeExt . $typeExt . $sortExt; $this->forum_info['filter']['order'] = array($locale['forum_3021'] => $orderLink . '&order=descending', $locale['forum_3022'] => $orderLink . '&order=ascending'); // Forum SQL $result = dbquery("SELECT f.*, f2.forum_name AS forum_cat_name,\n\t\t\t\tt.thread_id, t.thread_lastpost, t.thread_lastpostid, t.thread_subject,\n\t\t\t\tcount(t.thread_id) as forum_threadcount, p.post_message,\n\t\t\t\tu.user_id, u.user_name, u.user_status, u.user_avatar\n\t\t\t\tFROM " . DB_FORUMS . " f\n\t\t\t\tLEFT JOIN " . DB_FORUMS . " f2 ON f.forum_cat = f2.forum_id\n\t\t\t\tLEFT JOIN " . DB_FORUM_THREADS . " t ON t.forum_id = f.forum_id\n\t\t\t\tLEFT JOIN " . DB_FORUM_POSTS . " p on p.thread_id = t.thread_id and p.post_id = t.thread_lastpostid\n\t\t\t\tLEFT JOIN " . DB_USERS . " u ON f.forum_lastuser=u.user_id ## -- redo this part -- ##\n\t\t\t\t" . (multilang_table("FO") ? "WHERE f.forum_language='" . LANGUAGE . "' AND" : "WHERE") . " " . groupaccess('f.forum_access') . "\n\t\t\t\tAND f.forum_id='" . intval($this->forum_info['forum_id']) . "' OR f.forum_cat='" . intval($this->forum_info['forum_id']) . "' OR f.forum_branch='" . intval($this->forum_info['forum_branch']) . "'\n\t\t\t\tgroup by f.forum_id ORDER BY forum_cat ASC\n\t\t\t\t"); $refs = array(); if (dbrows($result) > 0) { while ($row = dbarray($result) and checkgroup($row['forum_access'])) { // Calculate Forum New Status $newStatus = ""; $forum_match = "\\|" . $row['forum_lastpost'] . "\\|" . $row['forum_id']; $last_visited = isset($userdata['user_lastvisit']) && isnum($userdata['user_lastvisit']) ? $userdata['user_lastvisit'] : time(); if ($row['forum_lastpost'] > $last_visited) { if (iMEMBER && ($row['forum_lastuser'] !== $userdata['user_id'] || !preg_match("({$forum_match}\\.|{$forum_match}\$)", $userdata['user_threads']))) { $newStatus = "<span class='forum-new-icon'><i title='" . $locale['forum_0260'] . "' class='" . Functions::get_forumIcons('new') . "'></i></span>"; } } // Calculate lastpost information $lastPostInfo = array(); if ($row['forum_lastpostid']) { $last_post = array('avatar' => '', 'avatar_src' => $row['user_avatar'] && file_exists(IMAGES . 'avatars/' . $row['user_avatar']) && !is_dir(IMAGES . 'avatars/' . $row['user_avatar']) ? IMAGES . 'avatars/' . $row['user_avatar'] : '', 'message' => fusion_first_words(parseubb(parsesmileys($row['post_message'])), 10), 'profile_link' => profile_link($row['forum_lastuser'], $row['user_name'], $row['user_status']), 'time' => timer($row['forum_lastpost']), 'date' => showdate("forumdate", $row['forum_lastpost']), 'thread_link' => INFUSIONS . "forum/viewthread.php?forum_id=" . $row['forum_id'] . "&thread_id=" . $row['thread_id'], 'post_link' => INFUSIONS . "forum/viewthread.php?forum_id=" . $row['forum_id'] . "&thread_id=" . $row['thread_id'] . "&pid=" . $row['thread_lastpostid'] . "#post_" . $row['thread_lastpostid']); if ($forum_settings['forum_last_post_avatar']) { $last_post['avatar'] = display_avatar($row, '30px', '', '', 'img-rounded'); } $lastPostInfo = $last_post; } /** * Default system icons - why do i need this? Why not let themers decide? */ switch ($row['forum_type']) { case '1': $forum_icon = "<i class='" . Functions::get_forumIcons('forum') . " fa-fw m-r-10'></i>"; $forum_icon_lg = "<i class='" . Functions::get_forumIcons('forum') . " fa-3x fa-fw m-r-10'></i>"; break; case '2': $forum_icon = "<i class='" . Functions::get_forumIcons('thread') . " fa-fw m-r-10'></i>"; $forum_icon_lg = "<i class='" . Functions::get_forumIcons('thread') . " fa-3x fa-fw m-r-10'></i>"; break; case '3': $forum_icon = "<i class='" . Functions::get_forumIcons('link') . " fa-fw m-r-10'></i>"; $forum_icon_lg = "<i class='" . Functions::get_forumIcons('link') . " fa-3x fa-fw m-r-10'></i>"; break; case '4': $forum_icon = "<i class='" . Functions::get_forumIcons('question') . " fa-fw m-r-10'></i>"; $forum_icon_lg = "<i class='" . Functions::get_forumIcons('question') . " fa-3x fa-fw m-r-10'></i>"; break; default: $forum_icon = ""; $forum_icon_lg = ""; } $row += array("forum_moderators" => Functions::parse_forumMods($row['forum_mods']), "forum_new_status" => $newStatus, "forum_link" => array("link" => INFUSIONS . "forum/index.php?viewforum&forum_id=" . $row['forum_id'] . "&parent_id=" . $row['forum_cat'], "title" => $row['forum_name']), "forum_description" => nl2br(parseubb($row['forum_description'])), "forum_postcount_word" => format_word($row['forum_postcount'], $locale['fmt_post']), "forum_threadcount_word" => format_word($row['forum_threadcount'], $locale['fmt_thread']), "last_post" => $lastPostInfo, "forum_icon" => $forum_icon, "forum_icon_lg" => $forum_icon_lg, "forum_image" => $row['forum_image'] && file_exists(FORUM . "images/" . $row['forum_image']) ? $row['forum_image'] : ""); $this->forum_info['forum_moderators'] = $row['forum_moderators']; // child hierarchy data. $thisref =& $refs[$row['forum_id']]; $thisref = $row; if ($row['forum_cat'] == $this->forum_info['parent_id']) { $this->forum_info['item'][$row['forum_id']] =& $thisref; // will push main item out. } else { $refs[$row['forum_cat']]['child'][$row['forum_id']] =& $thisref; } /** * The current forum */ if ($row['forum_id'] == $this->forum_info['forum_id']) { require_once INCLUDES . "mimetypes_include.php"; define_forum_mods($row); // do the full string of checks for forums access $this->setForumPermission($row); // Generate Links if ($this->getForumPermission("can_post")) { $this->forum_info['new_thread_link'] = INFUSIONS . "forum/newthread.php?forum_id=" . $row['forum_id']; } /** * Get threads with filter conditions */ //xss $count = dbarray(dbquery("SELECT\n\t\t\t\t\t\t\t\tcount(t.thread_id) 'thread_max_rows',\n\t\t\t\t\t\t\t\tcount(a1.attach_id) 'attach_image',\n\t\t\t\t\t\t\t\tcount(a2.attach_id) 'attach_files'\n\n\t\t\t\t\t\t\t\tFROM " . DB_FORUM_THREADS . " t\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUMS . " tf ON tf.forum_id = t.forum_id\n\t\t\t\t\t\t\t\tINNER JOIN " . DB_USERS . " tu1 ON t.thread_author = tu1.user_id\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_USERS . " tu2 ON t.thread_lastuser = tu2.user_id #issue 323\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_POSTS . " p1 ON p1.thread_id = t.thread_id and p1.post_id = t.thread_lastpostid\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_POLLS . " p ON p.thread_id = t.thread_id\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_VOTES . " v ON v.thread_id = t.thread_id AND p1.post_id = v.post_id\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_ATTACHMENTS . " a1 on a1.thread_id = t.thread_id AND a1.attach_mime IN ('" . implode(",", img_mimeTypes()) . "')\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_ATTACHMENTS . " a2 on a2.thread_id = t.thread_id AND a2.attach_mime NOT IN ('" . implode(",", img_mimeTypes()) . "')\n\t\t\t\t\t\t\t\tWHERE t.forum_id='" . $this->forum_info['forum_id'] . "' AND t.thread_hidden='0' AND " . groupaccess('tf.forum_access') . " {$sql_condition}\n\t\t\t\t\t\t\t\t##GROUP BY t.thread_id {$sql_order}\n\t\t\t\t\t\t")); $this->forum_info['thread_max_rows'] = $count['thread_max_rows']; if ($this->forum_info['thread_max_rows'] > 0) { $this->forum_info['threads']['pagenav'] = ""; $this->forum_info['threads']['pagenav2'] = ""; // anti-XSS filtered rowstart $_GET['thread_rowstart'] = isset($_GET['thread_rowstart']) && isnum($_GET['thread_rowstart']) && $_GET['thread_rowstart'] <= $this->forum_info['thread_max_rows'] ? $_GET['thread_rowstart'] : 0; $t_result = dbquery("\n SELECT t.*, tu1.user_name AS author_name, tu1.user_status AS author_status, tu1.user_avatar as author_avatar,\n\t\t\t\t\t\t\t\ttu2.user_name AS last_user_name, tu2.user_status AS last_user_status, tu2.user_avatar AS last_user_avatar,\n\t\t\t\t\t\t\t\tp1.post_datestamp, p1.post_message,\n\t\t\t\t\t\t\t\tp.forum_poll_title,\n\t\t\t\t\t\t\t\tcount(v.post_id) AS vote_count,\n\t\t\t\t\t\t\t\ta1.attach_name, a1.attach_id,\n\t\t\t\t\t\t\t\ta2.attach_name, a2.attach_id,\n\t\t\t\t\t\t\t\tcount(a1.attach_mime) 'attach_image',\n\t\t\t\t\t\t\t\tcount(a2.attach_mime) 'attach_files'\n\t\t\t\t\t\t\t\tFROM " . DB_FORUM_THREADS . " t\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUMS . " tf ON tf.forum_id = t.forum_id\n\t\t\t\t\t\t\t\tINNER JOIN " . DB_USERS . " tu1 ON t.thread_author = tu1.user_id\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_USERS . " tu2 ON t.thread_lastuser = tu2.user_id #issue 323\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_POSTS . " p1 ON p1.thread_id = t.thread_id and p1.post_id = t.thread_lastpostid\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_POLLS . " p ON p.thread_id = t.thread_id\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_VOTES . " v ON v.thread_id = t.thread_id AND p1.post_id = v.post_id\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_ATTACHMENTS . " a1 on a1.thread_id = t.thread_id AND a1.attach_mime IN ('" . implode(",", img_mimeTypes()) . "')\n\t\t\t\t\t\t\t\tLEFT JOIN " . DB_FORUM_ATTACHMENTS . " a2 on a2.thread_id = t.thread_id AND a2.attach_mime NOT IN ('" . implode(",", img_mimeTypes()) . "')\n\t\t\t\t\t\t\t\tWHERE t.forum_id='" . $this->forum_info['forum_id'] . "' AND t.thread_hidden='0' AND " . groupaccess('tf.forum_access') . " {$sql_condition}\n\t\t\t\t\t\t\t\tGROUP BY t.thread_id {$sql_order} LIMIT " . intval($_GET['thread_rowstart']) . ", " . $this->forum_info['threads_per_page']); $thread_rows = dbrows($t_result); if ($thread_rows > 0) { while ($threads = dbarray($t_result)) { $icon = ""; $match_regex = $threads['thread_id'] . "\\|" . $threads['thread_lastpost'] . "\\|" . $threads['forum_id']; if ($threads['thread_lastpost'] > $this->forum_info['lastvisited']) { if (iMEMBER && ($threads['thread_lastuser'] == $userdata['user_id'] || preg_match("(^\\.{$match_regex}\$|\\.{$match_regex}\\.|\\.{$match_regex}\$)", $userdata['user_threads']))) { $icon = "<i class='" . get_forumIcons('thread') . "' title='" . $locale['forum_0261'] . "'></i>"; } else { $icon = "<i class='" . get_forumIcons('new') . "' title='" . $locale['forum_0260'] . "'></i>"; } } $author = array('user_id' => $threads['thread_author'], 'user_name' => $threads['author_name'], 'user_status' => $threads['author_status'], 'user_avatar' => $threads['author_avatar']); $lastuser = array('user_id' => $threads['thread_lastuser'], 'user_name' => $threads['last_user_name'], 'user_status' => $threads['last_user_status'], 'user_avatar' => $threads['last_user_avatar']); $threads += array("thread_link" => array("link" => INFUSIONS . "forum/viewthread.php?thread_id=" . $threads['thread_id'], "title" => $threads['thread_subject']), "forum_type" => $row['forum_type'], "thread_pages" => makepagenav(0, $forum_settings['posts_per_page'], $threads['thread_postcount'], 3, FORUM . "viewthread.php?thread_id=" . $threads['thread_id'] . "&"), "thread_icons" => array('lock' => $threads['thread_locked'] ? "<i class='" . get_forumIcons('lock') . "' title='" . $locale['forum_0263'] . "'></i>" : '', 'sticky' => $threads['thread_sticky'] ? "<i class='" . get_forumIcons('sticky') . "' title='" . $locale['forum_0103'] . "'></i>" : '', 'poll' => $threads['thread_poll'] ? "<i class='" . get_forumIcons('poll') . "' title='" . $locale['forum_0314'] . "'></i>" : '', 'hot' => $threads['thread_postcount'] >= 20 ? "<i class='" . get_forumIcons('hot') . "' title='" . $locale['forum_0311'] . "'></i>" : '', 'reads' => $threads['thread_views'] >= 20 ? "<i class='" . get_forumIcons('reads') . "' title='" . $locale['forum_0311'] . "'></i>" : '', 'image' => $threads['attach_image'] > 0 ? "<i class='" . get_forumIcons('image') . "' title='" . $locale['forum_0313'] . "'></i>" : '', 'file' => $threads['attach_files'] > 0 ? "<i class='" . get_forumIcons('file') . "' title='" . $locale['forum_0312'] . "'></i>" : '', 'icon' => $icon), "thread_starter" => $locale['forum_0006'] . timer($threads['post_datestamp']) . " " . $locale['by'] . " " . profile_link($author['user_id'], $author['user_name'], $author['user_status']) . "</span>", "thread_author" => $author, "thread_last" => array('avatar' => display_avatar($lastuser, '30px', '', '', ''), 'profile_link' => profile_link($lastuser['user_id'], $lastuser['user_name'], $lastuser['user_status']), 'time' => $threads['post_datestamp'], 'post_message' => parseubb(parsesmileys($threads['post_message'])), "formatted" => "<div class='pull-left'>" . display_avatar($lastuser, '30px', '', '', '') . "</div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class='overflow-hide'>" . $locale['forum_0373'] . " <span class='forum_profile_link'>" . profile_link($lastuser['user_id'], $lastuser['user_name'], $lastuser['user_status']) . "</span><br/>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . timer($threads['post_datestamp']) . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t</div>")); //if ($threads['thread_status']['reads']) $threads['thread_status']['icon'] = $threads['thread_status']['reads']; //if ($threads['thread_status']['hot']) $threads['thread_status']['icon'] = $threads['thread_status']['hot']; //if ($threads['thread_status']['sticky']) $threads['thread_status']['icon'] = $threads['thread_status']['sticky']; //if ($threads['thread_status']['lock']) $threads['thread_status']['icon'] = $threads['thread_status']['lock']; // Threads Customized Output /* $attach_image = 0; $attach_file = 0; $a_result = dbquery("SELECT attach_id, attach_mime FROM ".DB_FORUM_ATTACHMENTS." WHERE thread_id ='".$threads['thread_id']."'"); if (dbrows($a_result) > 0) { require_once INCLUDES."mimetypes_include.php"; while ($adata = dbarray($a_result)) { if (in_array($adata['attach_mime'], img_mimeTypes())) { $attach_image = $attach_image+1; } else { $attach_file = $attach_file+1; } } }*/ if ($threads['thread_sticky']) { $this->forum_info['threads']['sticky'][$threads['thread_id']] = $threads; } else { $this->forum_info['threads']['item'][$threads['thread_id']] = $threads; } } } if ($this->forum_info['thread_max_rows'] > $this->forum_info['threads_per_page']) { $this->forum_info['threads']['pagenav'] = makepagenav($_GET['thread_rowstart'], $this->forum_info['threads_per_page'], $this->forum_info['thread_max_rows'], 3, clean_request("", array("thread_rowstart"), FALSE) . "&", "thread_rowstart"); $this->forum_info['threads']['pagenav2'] = makepagenav($_GET['thread_rowstart'], $this->forum_info['threads_per_page'], $this->forum_info['thread_max_rows'], 3, clean_request("", array("thread_rowstart"), FALSE) . "&", "thread_rowstart", TRUE); } } } } } else { redirect(INFUSIONS . 'forum/index.php'); } } else { $this->forum_info['forums'] = Functions::get_forum(); } } }
protected function displayTagForm() { global $aidlink; if (isset($_POST['cancel_tag'])) { redirect(clean_request("", array("tag_id", "ref"), FALSE)); } $this->data['rank_language'] = LANGUAGE; // Special Select $groups_arr = getusergroups(); $groups_except = array(USER_LEVEL_PUBLIC, USER_LEVEL_MEMBER, USER_LEVEL_ADMIN, USER_LEVEL_SUPER_ADMIN); $group_opts = array(); foreach ($groups_arr as $group) { if (!in_array($group[0], $groups_except)) { $group_opts[$group[0]] = $group[1]; } } $language_opts = fusion_get_enabled_languages(); $this->post_tags(); $form_action = FUSION_SELF . $aidlink . '&section=ft&ref=tag_form'; if (isset($_GET['tag_id']) && isnum($_GET['tag_id'])) { $result = dbquery("SELECT * FROM " . DB_FORUM_TAGS . " WHERE tag_id='" . intval($_GET['tag_id']) . "'"); if (dbrows($result) > 0) { $this->data = dbarray($result); $form_action = FUSION_SELF . $aidlink . "&section=ft&ref=tag_form&tag_id=" . $_GET['tag_id']; } else { redirect(clean_request("", array("rank_id", "ref"), FALSE)); } } $button_locale = $this->data['tag_id'] ? self::$locale['forum_tag_0208'] : self::$locale['forum_tag_0207']; $html = openform('tag_form', 'post', $form_action, array('class' => 'm-t-20')) . form_text('tag_title', self::$locale['forum_tag_0200'], $this->data['tag_title'], array('required' => 1, 'error_text' => self::$locale['414'], "inline" => TRUE)) . form_textarea('tag_description', self::$locale['forum_tag_0201'], $this->data['tag_description'], array('inline' => TRUE, 'type' => 'bbcode', 'autosize' => TRUE, 'preview' => TRUE)) . form_colorpicker('tag_color', self::$locale['forum_tag_0202'], $this->data['tag_color'], array('inline' => TRUE, 'required' => TRUE)); if (multilang_table("FR")) { $html .= form_select('tag_language', self::$locale['forum_tag_0203'], $this->data['tag_language'], array('options' => $language_opts, 'placeholder' => self::$locale['choose'], "inline" => TRUE)); } else { $html .= form_hidden('tag_language', '', $this->data['tag_language']); } $html .= form_checkbox('tag_status', self::$locale['forum_tag_0204'], $this->data['tag_status'], array("options" => array(1 => self::$locale['forum_tag_0205'], 0 => self::$locale['forum_tag_0206']), "type" => "radio", "inline" => TRUE)) . form_button('save_tag', $button_locale, $button_locale, array('class' => 'btn-primary m-r-10')) . form_button('cancel_tag', self::$locale['cancel'], self::$locale['cancel'], array('class' => 'btn-default')) . closeform(); return $html; }
/** The Theme Editor - Manage UI */ public static function display_theme_editor($theme_name) { global $aidlink, $locale; // sanitize theme exist $theme_name = self::verify_theme($theme_name) ? $theme_name : ""; if (!$theme_name) { redirect(clean_request("", array("aid"), TRUE)); } add_breadcrumb(array('link' => '', 'title' => $locale['theme_1018'])); // go with tabs $tab['title'] = array($locale['theme_1022'], $locale['theme_1023'], $locale['theme_1024']); $tab['id'] = array("dashboard", "widgets", "css"); $tab['icon'] = array("fa fa-edit fa-fw", "fa fa-cube fa-fw", "fa fa-css3 fa-fw"); if (isset($_GET['action'])) { $tab['title'][] = $locale['theme_1029']; $tab['id'][] = "close"; $tab['icon'][] = "fa fa-close fa-fw"; } if (isset($_POST['close_theme'])) { redirect(FUSION_SELF . $aidlink); } $_GET['section'] = isset($_GET['section']) && in_array($_GET['section'], $tab['id']) ? $_GET['section'] : "dashboard"; $tab_active = $_GET['section']; $atom = new \PHPFusion\Atom\Atom(); $atom->target_folder = $theme_name; $atom->theme_name = $theme_name; echo opentab($tab, $tab_active, "theme_admin", TRUE); // now include the thing as necessary switch ($_GET['section']) { case "dashboard": /** * Delete preset */ if (isset($_GET['delete_preset']) && isnum($_GET['delete_preset'])) { if (empty($_GET['theme'])) { redirect(FUSION_SELF . $aidlink); } $theme_name = stripinput($_GET['theme']); $file = dbarray(dbquery("SELECT theme_file FROM " . DB_THEME . " WHERE theme_name='" . $theme_name . "'\n\t\t\t\t\tand theme_id='" . intval($_GET['delete_preset']) . "'")); if (file_exists(THEMES . $theme_name . "/" . $file['theme_file'])) { unlink(THEMES . $theme_name . "/" . $file['theme_file']); } dbquery("DELETE FROM " . DB_THEME . " WHERE theme_id='" . intval($_GET['delete_preset']) . "'"); addNotice('success', $locale['theme_success_002']); redirect(clean_request("", array("section", "aid", "action", "theme"), TRUE)); } /** * Set active presets */ if (isset($_POST['load_preset']) && isnum($_POST['load_preset'])) { $result = dbquery("select theme_id FROM " . DB_THEME . " WHERE theme_active='1'"); if (dbrows($result) > 0) { $data = dbarray($result); $data = array("theme_id" => $data['theme_id'], "theme_active" => 0); dbquery_insert(DB_THEME, $data, "update"); } $data = array("theme_id" => $_POST['load_preset'], "theme_active" => 1); dbquery_insert(DB_THEME, $data, "update"); redirect(clean_request("", array("section", "aid", "action", "theme"), TRUE)); } $atom->display_theme_overview(); break; case "widgets": $atom->display_theme_widgets(); break; case "css": $atom->theme_editor(); break; case "close": redirect(FUSION_SELF . $aidlink); break; default: break; } echo closetab(); }
/** * Gallery Photo Listing UI */ function gallery_photo_listing() { global $locale, $gll_settings, $aidlink; // xss $photoRows = dbcount("(photo_id)", DB_PHOTOS, "album_id='" . intval($_GET['album_id']) . "'"); $_GET['rowstart'] = isset($_GET['rowstart']) && isnum($_GET['rowstart']) && $_GET['rowstart'] <= $photoRows ? $_GET['rowstart'] : 0; if (!empty($photoRows)) { $result = dbquery("\n\t\tselect photos.*,\n\t\talbum.*,\n\t\tphotos.photo_user as user_id, u.user_name, u.user_status, u.user_avatar,\n\t\tcount(comment_id) as comment_count,\n\t\tsum(rating_vote) as total_votes,\n\t\tcount(rating_id) as rating_count\n\t\tFROM " . DB_PHOTOS . " photos\n\t\tINNER JOIN " . DB_PHOTO_ALBUMS . " album on photos.album_id = album.album_id\n\t\tINNER JOIN " . DB_USERS . " u on u.user_id = photos.photo_user\n\t\tLEFT JOIN " . DB_COMMENTS . " comment on comment.comment_item_id= photos.photo_id AND comment_type = 'PH'\n\t\tLEFT JOIN " . DB_RATINGS . " rating on rating.rating_item_id = photos.photo_id AND rating_type = 'PH'\n\t\tWHERE " . groupaccess('album.album_access') . " and photos.album_id = '" . intval($_GET['album_id']) . "'\n\t\tGROUP BY photo_id\n\t\tORDER BY photos.photo_order ASC, photos.photo_datestamp DESC LIMIT " . intval($_GET['rowstart']) . ", " . intval($gll_settings['gallery_pagination']) . "\n\t\t"); $rows = dbrows($result); // Photo Album header echo "<aside class='text-left' style='border-bottom:1px solid #ddd; padding-bottom:15px;'>\n"; $album_data = dbarray(dbquery("select album_id, album_title, album_description, album_datestamp, album_access from " . DB_PHOTO_ALBUMS . " WHERE album_id='" . intval($_GET['album_id']) . "'")); add_breadcrumb(array('link' => clean_request("album_id=" . $album_data['album_id'], array("aid"), FALSE), "title" => $album_data['album_title'])); echo "<h2><strong>\n" . $album_data['album_title'] . "</strong></h2>\n"; echo $locale['album_0003'] . " " . $album_data['album_description']; echo "<div class='clearfix m-t-10'>\n"; echo "<div class='pull-right text-right col-xs-6 col-sm-6'>" . sprintf($locale['gallery_0019'], $rows, $photoRows) . "</div>\n"; echo "<span class='m-r-15'>" . $locale['gallery_0020'] . " " . timer($album_data['album_datestamp']) . "</span>\n"; echo "<span class='m-r-15'>" . $locale['gallery_0021'] . " " . getgroupname($album_data['album_access']) . "</span>\n"; if ($photoRows > $rows) { echo "<div class='display-inline-block m-b-10'>\n"; echo makepagenav($_GET['rowstart'], $gll_settings['gallery_pagination'], $photoRows, 3, FUSION_SELF . $aidlink . "&album_id=" . $_GET['album_id'] . "&"); echo "</div>\n"; } echo "</div>\n"; echo "</aside>\n"; if ($rows > 0) { echo "<a class='m-t-10 btn btn-danger' href='" . FUSION_SELF . $aidlink . "&section=actions&action=purge&cat_id=" . $_GET['album_id'] . "'>" . $locale['photo_0025'] . "</a>\n"; echo "<div class='row m-t-20'>\n"; $i = 1; while ($data = dbarray($result)) { echo "<div style='width:" . ($gll_settings['thumb_w'] + 15) . "px; float:left; padding-left:10px; padding-right:10px;'>\n"; echo "<div class='panel panel-default'>\n"; echo "<div class='overflow-hide' style='background: #ccc; height: " . ($gll_settings['thumb_h'] - 15) . "px'>\n"; echo displayPhotoImage($data['photo_filename'], $data['photo_thumb1'], $data['photo_thumb2'], IMAGES_G . $data['photo_filename']); echo "</div>\n"; echo "<div class='panel-body'>\n"; echo "<div class='dropdown'>\n"; echo "<button data-toggle='dropdown' class='btn btn-default dropdown-toggle btn-block' type='button'> " . $locale['gallery_0013'] . " <span class='caret'></span></button>\n"; echo "<ul class='dropdown-menu'>\n"; echo "<li><a href='" . FUSION_SELF . $aidlink . "&section=photo_form&action=edit&photo_id=" . $data['photo_id'] . "'><i class='fa fa-edit fa-fw'></i> " . $locale['gallery_0016'] . "</a></li>\n"; echo $i > 1 ? "<li><a href='" . FUSION_SELF . $aidlink . "&section=actions&action=pu&photo_id=" . $data['photo_id'] . "&album_id=" . $data['album_id'] . "&order=" . ($data['photo_order'] - 1) . "'><i class='fa fa-arrow-left fa-fw'></i> " . $locale['gallery_0014'] . "</a></li>\n" : ""; echo $i !== $rows ? "<li><a href='" . FUSION_SELF . $aidlink . "&section=actions&action=pd&photo_id=" . $data['photo_id'] . "&album_id=" . $data['album_id'] . "&order=" . ($data['photo_order'] + 1) . "'><i class='fa fa-arrow-right fa-fw'></i> " . $locale['gallery_0015'] . "</a></li>\n" : ""; echo "<li class='divider'></li>\n"; echo "<li><a href='" . FUSION_SELF . $aidlink . "&section=actions&action=delete&photo_id=" . $data['photo_id'] . "'><i class='fa fa-trash fa-fw'></i> " . $locale['gallery_0017'] . "</a></li>\n"; echo "</ul>\n"; echo "</div>\n"; echo "</div>\n"; echo "<div class='panel-footer'>\n"; echo "<span class='m-r-10'>\n<i class='fa fa-comments-o' title='" . $locale['comments'] . "'></i> " . $data['comment_count'] . "</span>\n"; echo "<span class='m-r-5'>\n<i class='fa fa-star' title='" . $locale['ratings'] . "'></i> " . ($data['rating_count'] > 0 ? $data['total_votes'] / $data['rating_count'] * 10 : 0) . " /10</span>\n"; echo "</div>\n</div>\n"; echo "</div>\n"; $i++; } echo "</div>\n"; } else { redirect(FUSION_SELF . $aidlink); } } else { redirect(FUSION_SELF . $aidlink); } }
$categoryNameCheck = array("when_updating" => "weblink_cat_name='" . $data['weblink_cat_name'] . "' and weblink_cat_id !='" . $data['weblink_cat_id'] . "'", "when_saving" => "weblink_cat_name='" . $data['weblink_cat_name'] . "'"); if (defender::safe()) { if ($weblinkCat_edit && dbcount("(weblink_cat_id)", DB_WEBLINK_CATS, "weblink_cat_id='" . intval($data['weblink_cat_id']) . "'")) { if (!dbcount("(weblink_cat_id)", DB_WEBLINK_CATS, $categoryNameCheck['when_updating'])) { dbquery_insert(DB_WEBLINK_CATS, $data, "update"); addNotice("success", $locale['wl_0305']); redirect(clean_request("", array("section", "aid"), TRUE)); } else { $defender->stop(); addNotice("danger", $locale['wl_0309']); } } else { if (!dbcount("(weblink_cat_id)", DB_WEBLINK_CATS, $categoryNameCheck['when_saving'])) { dbquery_insert(DB_WEBLINK_CATS, $data, "save"); addNotice("success", $locale['wl_0304']); redirect(clean_request("", array("section", "aid"), TRUE)); } else { $defender->stop(); addNotice("danger", $locale['wl_0309']); } } } } if ($weblinkCat_edit) { $result = dbquery("SELECT * FROM " . DB_WEBLINK_CATS . " " . (multilang_table("WL") ? "WHERE weblink_cat_language='" . LANGUAGE . "' AND" : "WHERE") . " weblink_cat_id='" . intval($_GET['cat_id']) . "'"); if (dbrows($result)) { $data = dbarray($result); $cat_hidden = array($data['weblink_cat_id']); $cat_sorting = explode(" ", $data['weblink_cat_sorting']); if ($cat_sorting[0] == "weblink_id") { $data['cat_sort_by'] = "1";
function showcatlist($parent = 0, $level = 0) { global $locale, $aidlink; $result = dbquery("\n\tSELECT article_cat_id, article_cat_name, article_cat_description\n\tFROM " . DB_ARTICLE_CATS . "\n\tWHERE article_cat_parent='" . $parent . "'" . (multilang_table("AR") ? " AND article_cat_language='" . LANGUAGE . "'" : "") . "\n\tORDER BY article_cat_name"); $rows = dbrows($result); if ($rows > 0) { while ($data = dbarray($result)) { $description = strip_tags(parse_textarea($data['article_cat_description'])); echo "<tr>\n"; echo "<td><strong>" . str_repeat("—", $level) . $data['article_cat_name'] . "</strong>\n"; if ($data['article_cat_description']) { echo "<br />" . str_repeat("—", $level) . "<span class='small'>" . trimlink($description, 45) . "</span></td>\n"; } echo "<td align='center' width='1%' style='white-space:nowrap'>\n\n\t\t\t<a href='" . clean_request("action=edit&cat_id=" . $data['article_cat_id'], array("section", "aid"), true) . "'>" . $locale['edit'] . "</a> -\n"; echo "<a href='" . clean_request("action=delete&cat_id=" . $data['article_cat_id'], array("section", "aid"), true) . "' onclick=\"return confirm('" . $locale['articles_0350'] . "');\">" . $locale['delete'] . "</a></td>\n"; echo "</tr>\n"; showcatlist($data['article_cat_id'], $level + 1); } } }
protected function displayRanksForm() { global $aidlink; if (isset($_POST['cancel_rank'])) { redirect(clean_request("", array("rank_id", "ref"), FALSE)); } add_to_footer("<script src='" . FORUM . "admin/admin_rank.js'></script>"); $this->data['rank_language'] = LANGUAGE; $array_apply_normal_opts = array(USER_LEVEL_MEMBER => self::$locale['424'], '104' => self::$locale['425'], USER_LEVEL_ADMIN => self::$locale['426'], USER_LEVEL_SUPER_ADMIN => self::$locale['427']); // Special Select $groups_arr = getusergroups(); $groups_except = array(USER_LEVEL_PUBLIC, USER_LEVEL_MEMBER, USER_LEVEL_ADMIN, USER_LEVEL_SUPER_ADMIN); $group_opts = array(); foreach ($groups_arr as $group) { if (!in_array($group[0], $groups_except)) { $group_opts[$group[0]] = $group[1]; } } $language_opts = fusion_get_enabled_languages(); $this->post_forum_ranks(); $form_action = FUSION_SELF . $aidlink . '§ion=fr'; if (isset($_GET['rank_id']) && isnum($_GET['rank_id'])) { $result = dbquery("SELECT * FROM " . DB_FORUM_RANKS . " WHERE rank_id='" . intval($_GET['rank_id']) . "'"); if (dbrows($result) > 0) { $this->data = dbarray($result); $form_action = FUSION_SELF . $aidlink . "§ion=fr&rank_id=" . $_GET['rank_id']; } else { redirect(clean_request("", array("rank_id", "ref"), FALSE)); } } $html = openform('rank_form', 'post', $form_action, array('class' => 'm-t-20')) . form_text('rank_title', self::$locale['420'], $this->data['rank_title'], array('required' => 1, 'error_text' => self::$locale['414'], "inline" => TRUE)) . form_select('rank_image', self::$locale['421'], $this->data['rank_image'], array('options' => $this->get_rank_images(), 'placeholder' => self::$locale['choose'], "inline" => TRUE)); if (multilang_table("FR")) { $html .= form_select('rank_language', self::$locale['global_ML100'], $this->data['rank_language'], array('options' => $language_opts, 'placeholder' => self::$locale['choose'], "inline" => TRUE)); } else { $html .= form_hidden('rank_language', '', $this->data['rank_language']); } $html .= form_checkbox('rank_type', self::$locale['429'], $this->data['rank_type'], array("options" => array(2 => self::$locale['429a'], 1 => self::$locale['429b'], 0 => self::$locale['429c']), "type" => "radio", "inline" => TRUE)) . form_text('rank_posts', self::$locale['422'], $this->data['rank_posts'], array('inline' => TRUE, 'type' => 'number', 'width' => '10%', 'disabled' => $this->data['rank_type'] != 0)) . "<span id='select_normal' " . ($this->data['rank_type'] == 2 ? "class='display-none'" : "") . " >" . form_select('rank_apply_normal', self::$locale['423'], $this->data['rank_apply'], array('options' => $array_apply_normal_opts, 'placeholder' => self::$locale['choose'], "inline" => TRUE)) . "</span>\n<span id='select_special'" . ($this->data['rank_type'] != 2 ? " class='display-none'" : "") . ">" . form_select('rank_apply_special', self::$locale['423'], $this->data['rank_apply'], array('options' => $group_opts, 'placeholder' => self::$locale['choose'], "inline" => TRUE)) . "</span>\n" . form_button('save_rank', self::$locale['428'], self::$locale['428'], array('class' => 'btn-primary m-r-10')) . form_button('cancel_rank', self::$locale['cancel'], self::$locale['cancel'], array('class' => 'btn-default')) . closeform(); return $html; /* echo "<td class='tbl'><strong>".self::$locale['429']."</strong></td>\n"; echo "<td class='tbl'>\n"; echo "<label><input type='radio' name='rank_type' value='2'".($rank_type == 2 ? " checked='checked'" : "")." /> ".self::$locale['429a']."</label>\n"; echo "<label><input type='radio' name='rank_type' value='1'".($rank_type == 1 ? " checked='checked'" : "")." /> ".self::$locale['429b']."</label>\n"; echo "<label><input type='radio' name='rank_type' value='0'".($rank_type == 0 ? " checked='checked'" : "")." /> ".self::$locale['429c']."</label>\n"; echo "</td>\n"; echo "</tr>\n<tr>\n"; */ }
function get_columns_and_values($request, $prefix, $db) { $columns = array(); $values = array(); $pl = strlen($prefix); foreach ($request as $key => $val) { if (substr($key, 0, $pl) != $prefix) { continue; } $val = clean_request($val); // Removes magic quotes, if any. if (substr($key, $pl + 1, 1) == 'c') { // This database field should be quoted. $val = $db->quoteSmart($val); } elseif ($val == '') { $val = $db->quoteSmart(NULL); } elseif (!is_numeric($val)) { $val = $db->quoteSmart($val); } $key = substr($key, $pl + 3); array_push($columns, $key); array_push($values, $val); } return array($columns, $values); }
// end row. echo form_button('publish', $locale['download_0061'], $locale['download_0061'], array('class' => 'btn-primary m-r-10')); echo form_button('delete', $locale['download_0060'], $locale['download_0060'], array('class' => 'btn-warning m-r-10')); echo closeform(); } } } } else { $result = dbquery("SELECT\n\t\t\tts.submit_id, ts.submit_datestamp, ts.submit_criteria, tu.user_id, tu.user_name, tu.user_avatar, tu.user_status\n\t\t\tFROM " . DB_SUBMISSIONS . " ts\n\t\t\tLEFT JOIN " . DB_USERS . " tu ON ts.submit_user=tu.user_id\n\t\t\tWHERE submit_type='d' order by submit_datestamp desc\n\t\t\t"); $rows = dbrows($result); if ($rows > 0) { echo "<div class='well'>" . sprintf($locale['download_0051'], format_word($rows, $locale['fmt_submission'])) . "</div>\n"; echo "<table class='table table-striped'>\n"; echo "<tr>\n"; echo "<th>" . $locale['download_0052'] . "</th>\n<th>" . $locale['download_0053'] . "</th>\n\t\t<th>" . $locale['download_0054'] . "</th><th>" . $locale['download_0055'] . "</th>"; echo "</tr>\n"; echo "<tbody>\n"; while ($callback_data = dbarray($result)) { $submit_criteria = unserialize($callback_data['submit_criteria']); echo "<tr>\n"; echo "<td><a href='" . clean_request("submit_id=" . $callback_data['submit_id'], array("section", "aid"), TRUE) . "'>" . $submit_criteria['download_title'] . "</a></td>\n"; echo "<td>" . profile_link($callback_data['user_id'], $callback_data['user_name'], $callback_data['user_status']) . "</td>\n"; echo "<td>" . timer($callback_data['submit_datestamp']) . "</td>\n"; echo "<td>" . $callback_data['submit_id'] . "</td>\n"; echo "</tr>\n"; } echo "</tbody>\n</table>\n"; } else { echo "<div class='well text-center m-t-20'>" . $locale['download_0050'] . "</div>\n"; } }
/** * Displays News Form */ function display_news_form() { global $aidlink; if (isset($_POST['cancel'])) { redirect(FUSION_SELF . $aidlink); } $formaction = FUSION_REQUEST; $locale = fusion_get_locale(); $userdata = fusion_get_userdata(); $news_settings = fusion_get_settings("news"); $edit = isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['news_id']) && isnum($_GET['news_id']) ? TRUE : FALSE; add_breadcrumb(array('link' => '', 'title' => $edit ? $locale['news_0003'] : $locale['news_0002'])); $data = array('news_id' => 0, 'news_draft' => 0, 'news_sticky' => 0, 'news_news' => '', 'news_datestamp' => time(), 'news_extended' => '', 'news_keywords' => '', 'news_breaks' => 'n', 'news_allow_comments' => 1, 'news_allow_ratings' => 1, 'news_language' => LANGUAGE, 'news_visibility' => 0, 'news_subject' => '', 'news_start' => '', 'news_end' => '', 'news_cat' => 0, 'news_image' => '', 'news_ialign' => 'pull-left'); if (fusion_get_settings("tinymce_enabled")) { $data['news_breaks'] = 'n'; } else { $data['news_breaks'] = 'y'; } if (isset($_POST['save']) or isset($_POST['save_and_close'])) { $news_news = ""; if ($_POST['news_news']) { $news_news = str_replace("src='" . str_replace("../", "", IMAGES_N), "src='" . IMAGES_N, fusion_get_settings('allow_php_exe') ? htmlspecialchars($_POST['news_news']) : stripslashes($_POST['news_news'])); $news_news = parse_textarea($news_news); } $news_extended = ""; if ($_POST['news_extended']) { $news_extended = str_replace("src='" . str_replace("../", "", IMAGES_N), "src='" . IMAGES_N, fusion_get_settings('allow_php_exe') ? htmlspecialchars($_POST['news_extended']) : stripslashes($_POST['news_extended'])); $news_extended = parse_textarea($news_extended); } $data = array('news_id' => form_sanitizer($_POST['news_id'], 0, 'news_id'), 'news_subject' => form_sanitizer($_POST['news_subject'], '', 'news_subject'), 'news_cat' => form_sanitizer($_POST['news_cat'], 0, 'news_cat'), 'news_news' => form_sanitizer($news_news, "", "news_news"), 'news_extended' => form_sanitizer($news_extended, "", "news_extended"), 'news_keywords' => form_sanitizer($_POST['news_keywords'], '', 'news_keywords'), 'news_datestamp' => form_sanitizer($_POST['news_datestamp'], '', 'news_datestamp'), 'news_start' => form_sanitizer($_POST['news_start'], 0, 'news_start'), 'news_end' => form_sanitizer($_POST['news_end'], 0, 'news_end'), 'news_visibility' => form_sanitizer($_POST['news_visibility'], 0, 'news_visibility'), 'news_draft' => isset($_POST['news_draft']) ? "1" : "0", 'news_sticky' => isset($_POST['news_sticky']) ? "1" : "0", 'news_allow_comments' => isset($_POST['news_allow_comments']) ? "1" : "0", 'news_allow_ratings' => isset($_POST['news_allow_ratings']) ? "1" : "0", 'news_language' => form_sanitizer($_POST['news_language'], '', 'news_language'), 'news_image' => "", 'news_ialign' => "", 'news_image_t1' => "", 'news_image_t2' => ""); if (isset($_FILES['news_image'])) { // when files is uploaded. $upload = form_sanitizer($_FILES['news_image'], '', 'news_image'); if (!empty($upload) && !$upload['error']) { $data['news_image'] = $upload['image_name']; $data['news_image_t1'] = $upload['thumb1_name']; $data['news_image_t2'] = $upload['thumb2_name']; $data['news_ialign'] = isset($_POST['news_ialign']) ? form_sanitizer($_POST['news_ialign'], "pull-left", "news_ialign") : "pull-left"; } } else { // when files not uploaded. but there should be exist check. $data['news_image'] = isset($_POST['news_image']) ? $_POST['news_image'] : ""; $data['news_image_t1'] = isset($_POST['news_image_t1']) ? $_POST['news_image_t1'] : ""; $data['news_image_t2'] = isset($_POST['news_image_t2']) ? $_POST['news_image_t2'] : ""; $data['news_ialign'] = isset($_POST['news_ialign']) ? form_sanitizer($_POST['news_ialign'], "pull-left", "news_ialign") : "pull-left"; } if (fusion_get_settings('tinymce_enabled') != 1) { $data['news_breaks'] = isset($_POST['line_breaks']) ? "y" : "n"; } else { $data['news_breaks'] = "n"; } if ($data['news_sticky'] == "1") { $result = dbquery("UPDATE " . DB_NEWS . " SET news_sticky='0' WHERE news_sticky='1'"); } // reset other sticky // delete image if (isset($_POST['del_image'])) { if (!empty($data['news_image']) && file_exists(IMAGES_N . $data['news_image'])) { unlink(IMAGES_N . $data['news_image']); } if (!empty($data['news_image_t1']) && file_exists(IMAGES_N_T . $data['news_image_t1'])) { unlink(IMAGES_N_T . $data['news_image_t1']); } if (!empty($data['news_image_t2']) && file_exists(IMAGES_N_T . $data['news_image_t2'])) { unlink(IMAGES_N_T . $data['news_image_t2']); } $data['news_image'] = ""; $data['news_image_t1'] = ""; $data['news_image_t2'] = ""; } if (defender::safe()) { if (dbcount("('news_id')", DB_NEWS, "news_id='" . $data['news_id'] . "'")) { dbquery_insert(DB_NEWS, $data, 'update'); addNotice('success', $locale['news_0101']); } else { $data['news_name'] = $userdata['user_id']; dbquery_insert(DB_NEWS, $data, 'save'); addNotice('success', $locale['news_0100']); } if (isset($_POST['save_and_close'])) { redirect(clean_request("", array("ref"), FALSE)); } else { redirect(FUSION_REQUEST); } } } elseif (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_POST['news_id']) && isnum($_POST['news_id'])) || isset($_GET['news_id']) && isnum($_GET['news_id'])) { $result = dbquery("SELECT * FROM " . DB_NEWS . " WHERE news_id='" . (isset($_POST['news_id']) ? $_POST['news_id'] : $_GET['news_id']) . "'"); if (dbrows($result)) { $data = dbarray($result); } else { redirect(FUSION_SELF . $aidlink); } } $result = dbquery("SELECT news_cat_id, news_cat_name FROM " . DB_NEWS_CATS . " " . (multilang_table("NS") ? "WHERE news_cat_language='" . LANGUAGE . "'" : "") . " ORDER BY news_cat_name"); $news_cat_opts = array(); $news_cat_opts['0'] = $locale['news_0202']; if (dbrows($result)) { while ($odata = dbarray($result)) { $news_cat_opts[$odata['news_cat_id']] = $odata['news_cat_name']; } } echo "<div class='m-t-20'>\n"; $news_settings = get_settings("news"); echo openform('news_form', 'post', $formaction, array('enctype' => 1)); echo "<div class='row'>\n"; echo "<div class='col-xs-12 col-sm-12 col-md-7 col-lg-8'>\n"; echo form_hidden('news_id', "", $data['news_id']); echo form_text('news_subject', $locale['news_0200'], $data['news_subject'], array('required' => 1, 'max_length' => 200, 'error_text' => $locale['news_0250'])); echo form_select('news_keywords', $locale['news_0205'], $data['news_keywords'], array("max_length" => 320, "placeholder" => $locale['news_0205a'], "width" => "100%", "error_text" => $locale['news_0255'], "tags" => TRUE, "multiple" => TRUE)); echo "<div class='pull-left m-r-10 display-inline-block'>\n"; echo form_datepicker('news_start', $locale['news_0206'], $data['news_start'], array('placeholder' => $locale['news_0208'], "join_to_id" => "news_end")); echo "</div>\n<div class='pull-left m-r-10 display-inline-block'>\n"; echo form_datepicker('news_end', $locale['news_0207'], $data['news_end'], array('placeholder' => $locale['news_0208'], "join_from_id" => "news_start")); echo "</div>\n"; echo "</div>\n<div class='col-xs-12 col-sm-12 col-md-5 col-lg-4'>\n"; openside(''); echo form_select_tree("news_cat", $locale['news_0201'], $data['news_cat'], array("width" => "100%", "inline" => TRUE, "parent_value" => $locale['news_0202'], "query" => multilang_table("NS") ? "WHERE news_cat_language='" . LANGUAGE . "'" : ""), DB_NEWS_CATS, "news_cat_name", "news_cat_id", "news_cat_parent"); echo form_select('news_visibility', $locale['news_0209'], $data['news_visibility'], array('options' => fusion_get_groups(), 'placeholder' => $locale['choose'], 'width' => '100%', "inline" => TRUE)); if (multilang_table("NS")) { echo form_select('news_language', $locale['global_ML100'], $data['news_language'], array('options' => fusion_get_enabled_languages(), 'placeholder' => $locale['choose'], 'width' => '100%', "inline" => TRUE)); } else { echo form_hidden('news_language', '', $data['news_language']); } echo form_button('cancel', $locale['cancel'], $locale['cancel'], array('class' => 'btn-default m-r-10')); echo form_button('save', $locale['news_0241'], $locale['news_0241'], array('class' => 'btn-success')); echo form_button("save_and_close", "Save and Close", "save_and_close", array("class" => "btn-primary m-l-10")); closeside(); echo "</div>\n</div>\n"; $snippetSettings = array("required" => TRUE, "preview" => TRUE, "html" => TRUE, "autosize" => TRUE, "placeholder" => $locale['news_0203a'], "form_name" => "news_form"); if (fusion_get_settings("tinymce_enabled")) { $snippetSettings = array("required" => TRUE, "type" => "tinymce", "tinymce" => "advanced"); } echo form_textarea('news_news', $locale['news_0203'], $data['news_news'], $snippetSettings); if (!fusion_get_settings("tinymce_enabled")) { $extendedSettings = array("preview" => TRUE, "html" => TRUE, "autosize" => TRUE, "placeholder" => $locale['news_0203b'], "form_name" => "news_form"); } else { $extendedSettings = array("type" => "tinymce", "tinymce" => "advanced"); } echo form_textarea('news_extended', $locale['news_0204'], $data['news_extended'], $extendedSettings); // second row echo "<div class='row'>\n"; echo "<div class='col-xs-12 col-sm-12 col-md-7 col-lg-8'>\n"; openside(''); if ($data['news_image'] != "" && $data['news_image_t1'] != "") { $image_thumb = get_news_image_path($data['news_image'], $data['news_image_t1'], $data['news_image_t2']); if (!$image_thumb) { $image_thumb = IMAGES . "imagenotfound70.jpg"; } echo "<div class='row'>\n"; echo "<div class='col-xs-12 col-sm-6'>\n"; echo "<label><img class='img-responsive img-thumbnail' src='" . $image_thumb . "' alt='" . $locale['news_0216'] . "' /><br />\n"; echo "<input type='checkbox' name='del_image' value='y' /> " . $locale['delete'] . "</label>\n"; echo "</div>\n"; echo "<div class='col-xs-12 col-sm-6'>\n"; $alignOptions = array('pull-left' => $locale['left'], 'news-img-center' => $locale['center'], 'pull-right' => $locale['right']); echo form_select('news_ialign', $locale['news_0218'], $data['news_ialign'], array("options" => $alignOptions, "inline" => FALSE)); echo "</div>\n</div>\n"; echo "<input type='hidden' name='news_image' value='" . $data['news_image'] . "' />\n"; echo "<input type='hidden' name='news_image_t1' value='" . $data['news_image_t1'] . "' />\n"; echo "<input type='hidden' name='news_image_t2' value='" . $data['news_image_t2'] . "' />\n"; } else { $file_input_options = array('upload_path' => IMAGES_N, 'max_width' => $news_settings['news_photo_max_w'], 'max_height' => $news_settings['news_photo_max_h'], 'max_byte' => $news_settings['news_photo_max_b'], 'thumbnail' => 1, 'thumbnail_w' => $news_settings['news_thumb_w'], 'thumbnail_h' => $news_settings['news_thumb_h'], 'thumbnail_folder' => 'thumbs', 'delete_original' => 0, 'thumbnail2' => 1, 'thumbnail2_w' => $news_settings['news_photo_w'], 'thumbnail2_h' => $news_settings['news_photo_h'], 'type' => 'image'); echo form_fileinput("news_image", $locale['news_0216'], "", $file_input_options); echo "<div class='small m-b-10'>" . sprintf($locale['news_0217'], parsebytesize($news_settings['news_photo_max_b'])) . "</div>\n"; $alignOptions = array('pull-left' => $locale['left'], 'news-img-center' => $locale['center'], 'pull-right' => $locale['right']); echo form_select('news_ialign', $locale['news_0218'], $data['news_ialign'], array("options" => $alignOptions)); } closeside(); openside(''); echo "<label><input type='checkbox' name='news_draft' value='yes'" . ($data['news_draft'] ? "checked='checked'" : "") . " /> " . $locale['news_0210'] . "</label><br />\n"; echo "<label><input type='checkbox' name='news_sticky' value='yes'" . ($data['news_sticky'] ? "checked='checked'" : "") . " /> " . $locale['news_0211'] . "</label><br />\n"; echo form_hidden('news_datestamp', '', $data['news_datestamp']); if (fusion_get_settings("tinymce_enabled") != 1) { echo "<label><input type='checkbox' name='line_breaks' value='yes'" . ($data['news_breaks'] ? "checked='checked'" : "") . " /> " . $locale['news_0212'] . "</label><br />\n"; } closeside(); echo "</div>\n<div class='col-xs-12 col-sm-12 col-md-5 col-lg-4'>\n"; openside(""); if (!fusion_get_settings("comments_enabled") || !fusion_get_settings("ratings_enabled")) { $sys = ""; if (!fusion_get_settings("comments_enabled") && !fusion_get_settings("ratings_enabled")) { $sys = $locale['comments_ratings']; } elseif (!fusion_get_settings("comments_enabled")) { $sys = $locale['comments']; } else { $sys = $locale['ratings']; } echo "<div class='alert alert-warning'>" . sprintf($locale['news_0253'], $sys) . "</div>\n"; } echo "<label><input type='checkbox' name='news_allow_comments' value='yes' onclick='SetRatings();'" . ($data['news_allow_comments'] ? "checked='checked'" : "") . " /> " . $locale['news_0213'] . "</label><br/>"; echo "<label><input type='checkbox' name='news_allow_ratings' value='yes'" . ($data['news_allow_ratings'] ? "checked='checked'" : "") . " /> " . $locale['news_0214'] . "</label>"; closeside(); echo "</div>\n</div>\n"; echo form_button('preview', $locale['news_0240'], $locale['news_0240'], array('class' => 'btn-default m-r-10')); echo form_button('save', $locale['news_0241'], $locale['news_0241'], array('class' => 'btn-success')); echo form_button("save_and_close", "Save and Close", "save_and_close", array("class" => "btn-primary m-l-10")); echo closeform(); echo "</div>\n"; }
function debonair_banner_widget() { global $locale; $acceptedMode = array("edit", "new", "del"); echo "<a class='btn btn-default m-t-10 m-b-20' href='" . clean_request("slides=new", array(), false) . "'>" . $locale['debonair_0203'] . "</a>\n"; echo "<div class='alert alert-info'>" . $locale['debonair_0700'] . "</div>\n"; if (isset($_GET['slides']) && in_array($_GET['slides'], $acceptedMode)) { $_GET['id'] = isset($_GET['id']) && isnum($_GET['id']) ? $_GET['id'] : 0; $data = array(); $db_keys = fieldgenerator(DB_DEBONAIR); foreach ($db_keys as $keys) { $value = ""; if ($keys == "banner_id") { $value = 0; } if ($keys == "banner_language") { $value = LANGUAGE; } if ($keys == "banner_visibility") { $value = iGUEST; } if ($keys == "banner_datestamp") { $value = time(); } if ($keys == "banner_order") { $value = dbcount("(banner_id)", DB_DEBONAIR, "banner_language='" . LANGUAGE . "'") + 1; } $data[$keys] = $value; } if ($_GET['slides'] == "edit" || $_GET['slides'] == "del") { $data = dbarray(dbquery("select * from " . DB_DEBONAIR . " WHERE banner_id='" . intval($_GET['id']) . "'")); if ($_GET['slides'] == "del" && !empty($data)) { // process deletion if ($data['banner_image']) { unlink(THEME . "upload/" . $data['banner_image']); unlink(THEME . "upload/" . $data['banner_thumb']); } dbquery_insert(DB_DEBONAIR, $data, "delete"); addNotice("success", $locale['debonair_0217']); redirect(clean_request("", array("slides"), false)); } } if (isset($_POST['save_slide'])) { $data = array("banner_id" => form_sanitizer($_POST['banner_id'], 0, "banner_id"), "banner_subject" => form_sanitizer($_POST['banner_subject'], "", "banner_subject"), "banner_description" => form_sanitizer($_POST['banner_description'], "", "banner_description"), "banner_link" => form_sanitizer($_POST['banner_link'], "", "banner_link"), "banner_language" => form_sanitizer($_POST['banner_language'], LANGUAGE, "banner_language"), "banner_visibility" => form_sanitizer($_POST['banner_visibility'], iGUEST, "banner_visibility"), "banner_datestamp" => time()); if (defender::safe()) { $upload = form_sanitizer($_FILES['banner_image'], "", "banner_image"); if (isset($upload['error']) && !$upload['error']) { $data['banner_image'] = $upload['image_name']; $data['banner_thumb'] = $upload['thumb1']; } if ($data['banner_id'] > 0 && dbcount("(banner_id)", DB_DEBONAIR, "banner_id='" . $data['banner_id'] . "'")) { // get old data. do ordering $old_data = dbquery("select banner_image, banner_thumb, banner_order from " . DB_DEBONAIR . " where banner_id='" . $data['banner_id'] . "'"); if ($old_data['banner_image']) { unlink(THEME . "upload/" . $old_data['banner_image']); unlink(THEME . "upload/" . $old_data['banner_thumb']); } dbquery_insert(DB_DEBONAIR, $data, "update"); } else { dbquery_insert(DB_DEBONAIR, $data, "save"); } addNotice("success", $locale['debonair_0212']); redirect(clean_request("", array("slides"), false)); } } echo "<h3>" . $locale['debonair_0203'] . "</h3>\n"; echo openform("debonair_banner", "post", FUSION_REQUEST, array("enctype" => true)); echo "<div class='row'>\n"; echo "<div class='col-xs-12 col-sm-8'>\n"; openside(""); echo form_hidden("banner_id", "", $data['banner_id']); echo form_text("banner_subject", $locale['debonair_0205'], $data['banner_subject'], array("required" => true, "inline" => true, "placeholder" => $locale['debonair_0206'])); echo form_textarea("banner_description", $locale['debonair_0207'], $data['banner_subject'], array("required" => true, "inline" => true, "placeholder" => $locale['debonair_0208'], "bbcode" => true)); echo form_text("banner_link", $locale['debonair_0209'], $data['banner_subject'], array("required" => true, "inline" => true, "placeholder" => "ie. news.php?readmore=1")); closeside(); openside(""); echo form_fileinput("banner_image", $locale['debonair_0210'], $data['banner_image'] ? THEME . "upload/" . $data['banner_image'] : "", array("upload_path" => THEME . "upload/", "inline" => true, "placeholder" => $locale['debonair_0210'], "template" => "modern")); closeside(); echo "</div>\n<div class='col-xs-12 col-sm-4'>\n"; openside(""); echo form_select("banner_language", $locale['debonair_0214'], $data['banner_language'], array("options" => fusion_get_enabled_languages(), "inline" => true, "placeholder" => $locale['debonair_0206'])); echo form_select("banner_visibility", $locale['debonair_0215'], $data['banner_visibility'], array("options" => fusion_get_groups(), "inline" => true, "placeholder" => $locale['debonair_0206'])); closeside(); echo form_button("save_slide", $locale['save_changes'], "save_slide", array("class" => "btn-primary")); echo "<a class='btn btn-default m-l-10' href='" . clean_request("", array("slides"), false) . "'>" . $locale['cancel'] . "</a>\n"; echo "</div>\n</div>\n"; echo closeform(); } else { if (isset($_GET['move']) && isset($_GET['id']) && isnum($_GET['id'])) { $data = dbarray(dbquery("select banner_id, banner_order FROM " . DB_DEBONAIR . " where banner_id='" . intval($_GET['id']) . "' AND banner_language='" . LANGUAGE . "'")); if ($_GET['move'] == "md") { dbquery("UPDATE " . DB_DEBONAIR . " SET banner_order=banner_order-1 WHERE banner_order= '" . ($data['banner_order'] + 1) . "' AND banner_language='" . LANGUAGE . "'"); dbquery("UPDATE " . DB_DEBONAIR . " SET banner_order=banner_order+1 WHERE banner_id='" . $data['banner_id'] . "' AND banner_language='" . LANGUAGE . "'"); } if ($_GET['move'] == "mup") { dbquery("UPDATE " . DB_DEBONAIR . " SET banner_order=banner_order+1 WHERE banner_order= '" . ($data['banner_order'] - 1) . "' AND banner_language='" . LANGUAGE . "'"); dbquery("UPDATE " . DB_DEBONAIR . " SET banner_order=banner_order-1 WHERE banner_id='" . $data['banner_id'] . "' AND banner_language='" . LANGUAGE . "'"); } addNotice("success", $locale['debonair_0220']); redirect(clean_request("", array("move", "id"), false)); } $result = dbquery("SELECT * FROM " . DB_DEBONAIR . " WHERE banner_language='" . LANGUAGE . "' order by banner_order ASC"); if (dbrows($result) > 0) { echo "<table class='table table-striped'>\n"; echo "<tr>\n\n\t\t<th>" . $locale['debonair_0205'] . "</th>\n\t\t<th>" . $locale['debonair_0210'] . "</th>\n\t\t<th>" . $locale['debonair_0214'] . "</th>\n<th>" . $locale['debonair_0215'] . "</th>\n\t\t<th>" . $locale['debonair_0211'] . "</th>\n\t\t<th>" . $locale['debonair_0216'] . "</th></tr>"; while ($data = dbarray($result)) { echo "\n\t\t\t<tr>\n\n\t\t\t<td><a href='" . clean_request("slides=edit&id=" . $data['banner_id'], array(), false) . "'>" . $data['banner_subject'] . "</a></td>\n\n\t\t\t<td>" . ($data['banner_image'] ? $locale['yes'] : $locale['no']) . "</td>\n\n\t\t\t<td>" . $data['banner_language'] . "</td>\n\n\t\t\t<td>" . getgroupname($data['banner_visibility']) . "</td>\n"; echo "<td>\n"; if ($data['banner_order'] == 1) { echo "<a href='" . clean_request("move=md&id=" . $data['banner_id'], array(), false) . "'>" . $locale['debonair_0219'] . "</a>"; } elseif ($data['banner_order'] == dbrows($result)) { echo "<a href='" . clean_request("move=mup&id=" . $data['banner_id'], array(), false) . "'>" . $locale['debonair_0218'] . "</a>"; } else { echo "<a href='" . clean_request("move=mup&id=" . $data['banner_id'], array(), false) . "'>" . $locale['debonair_0218'] . "</a> - "; echo "<a href='" . clean_request("move=md&id=" . $data['banner_id'], array(), false) . "'>" . $locale['debonair_0219'] . "</a>"; } echo "</td>\n\n\t\t\t<td>\n\t\t\t<a href='" . clean_request("slides=edit&id=" . $data['banner_id'], array(), false) . "'>" . $locale['edit'] . "</a>\n\t\t\t- <a href='" . clean_request("slides=del&id=" . $data['banner_id'], array(), false) . "'>" . $locale['delete'] . "</a>\n\t\t\t</td>\n\t\t\t</tr>\n\n\t\t\t"; } echo "</table>\n"; } else { echo "<div class='well text-center'>" . $locale['debonair_0213'] . "</div>\n"; } } }
function render_admin_panel() { global $locale, $userdata, $defender, $pages, $aidlink, $admin; $languages = fusion_get_enabled_languages(); // Admin panel page echo "<div id='admin-panel' class='clearfix in'>\n"; // Top header section echo "<section id='acp-header' class='pull-left affix clearfix' data-offset-top='0' data-offset-bottom='0'>\n"; // Top content sections navigation echo "<nav>\n"; echo "<ul class='top-left-menu pull-left m-l-15'>\n"; echo "<li><a title='" . $locale['ac00'] . "' href='" . ADMIN . "index.php" . $aidlink . "&pagenum=0'>" . $locale['ac00'] . "</a></li>\n"; echo "<li><a title='" . $locale['ac01'] . "' href='" . ADMIN . "index.php" . $aidlink . "&pagenum=1'>" . $locale['ac01'] . "</a></li>\n"; echo "<li><a title='" . $locale['ac02'] . "' href='" . ADMIN . "index.php" . $aidlink . "&pagenum=2'>" . $locale['ac02'] . "</a></li>\n"; echo "<li><a title='" . $locale['ac03'] . "' href='" . ADMIN . "index.php" . $aidlink . "&pagenum=3'>" . $locale['ac03'] . "</a></li>\n"; echo "<li><a title='" . $locale['ac04'] . "' href='" . ADMIN . "index.php" . $aidlink . "&pagenum=4'>" . $locale['ac04'] . "</a></li>\n"; echo "<li><a title='" . $locale['ac05'] . "' href='" . ADMIN . "index.php" . $aidlink . "&pagenum=5'>" . $locale['ac05'] . "</a></li>\n"; echo "</ul>\n"; echo "</nav>\n"; // Top navigation echo "<nav>\n"; // Top right menu links echo "<ul class='top-right-menu pull-right m-r-15'>\n"; echo "<li class='dropdown'>\n"; echo "<a class='dropdown-toggle pointer' data-toggle='dropdown'>" . display_avatar($userdata, '25px', '', '', '') . " " . $locale['logged'] . "<strong>" . $userdata['user_name'] . "</strong> <span class='caret'></span>\n</a>\n"; echo "<ul class='dropdown-menu' role='menu'>\n"; echo "<li><a class='display-block' href='" . BASEDIR . "edit_profile.php'>" . $locale['edit'] . " " . $locale['profile'] . "</a></li>\n"; echo "<li><a class='display-block' href='" . BASEDIR . "profile.php?lookup=" . $userdata['user_id'] . "'>" . $locale['view'] . " " . $locale['profile'] . "</a></li>\n"; echo "<li class='divider'> </li>\n"; echo "<li><a class='display-block' href='" . FUSION_REQUEST . "&logout'>" . $locale['admin-logout'] . "</a></li>\n"; echo "<li><a class='display-block' href='" . BASEDIR . "index.php?logout=yes'>" . $locale['logout'] . "</a></li>\n"; echo "</ul>\n"; echo "</li>\n"; if (count($languages) > 1) { echo "<li class='dropdown'><a class='dropdown-toggle pointer' data-toggle='dropdown' title='" . $locale['282'] . "'><i class='fa fa-globe fa-lg fa-fw'></i> " . translate_lang_names(LANGUAGE) . "<span class='caret'></span></a>\n"; echo "<ul class='dropdown-menu'>\n"; foreach ($languages as $language_folder => $language_name) { echo "<li><a class='display-block' href='" . clean_request("lang=" . $language_folder, array("lang"), FALSE) . "'><img class='m-r-5' src='" . BASEDIR . "locale/{$language_folder}/{$language_folder}-s.png'> {$language_name}</a></li>\n"; } echo "</ul>\n"; echo "</li>\n"; } echo "</ul>\n"; // .top-right-menu echo "</nav>\n"; echo "</section>\n"; // Content section echo "<div class='content-wrapper display-table pull-left'>\n"; // Main content wrapper echo "<div id='acp-content' class='m-t-20 col-xs-12 col-sm-12 col-md-12 col-lg-12'>\n"; // Render breadcrumbs echo render_breadcrumbs(); // Get and render notices $notices = getNotices(); echo renderNotices($notices); // Render the content echo CONTENT; echo "</div>\n"; // #acp-content // Footer section echo "<footer class='m-l-20 display-inline-block m-t-20 m-b-20'>\n"; // Copyright echo "Old_School Admin © " . date("Y") . " created by <a href='https://www.php-fusion.co.uk'><strong>PHP-Fusion Inc.</strong></a>\n"; echo showcopyright(); // Render time if (fusion_get_settings('rendertime_enabled')) { echo "<br /><br />"; // Make showing of queries and memory usage separate settings echo showrendertime(); echo showMemoryUsage(); } echo "<hr />\n"; echo showFooterErrors(); echo "</footer>\n"; echo "</div>\n"; // .acp-main echo "</div>\n"; // #admin-panel // Wrappers echo "</div></div></div></div>\n"; add_to_footer("<script src='" . THEMES . "admin_themes/Old_School/includes/jquery.slimscroll.min.js'></script>"); add_to_jquery("\n// Initialize slimscroll\n\$('#adl').slimScroll({\n\theight: null\n});\n"); }
dbquery_order(DB_PHOTOS, $photo_data['photo_order'], "photo_order", $photo_data['photo_id'], "photo_id", $photo_data['album_id'], "album_id", FALSE, FALSE, "delete"); dbquery_insert(DB_PHOTOS, $photo_data, 'delete'); addNotice("success", $locale['photo_0024']); redirect(clean_request("", array("aid", "album_id"), TRUE)); } } // purge photos if (isset($_GET['action']) && $_GET['action'] == "purge" && isset($_GET['cat_id']) && isnum($_GET['cat_id'])) { $result = dbquery("select * from " . DB_PHOTO_ALBUMS . " where album_id='" . intval($_GET['cat_id']) . "'"); if (dbrows($result) > 0) { // album verified $albumData = dbarray($result); $photoResult = dbquery("select photo_id, photo_filename, photo_thumb1, photo_thumb2\n\t\tfrom " . DB_PHOTOS . " where album_id='" . intval($_GET['cat_id']) . "'"); if (dbrows($photoResult) > 0) { if (!isset($_POST['purge_confirm'])) { echo $locale['photo_0026'] . "<br/><br/>\n"; echo openform("purgephotos", "post", FUSION_REQUEST); echo form_button("purge_confirm", $locale['photo_0027'], $locale['photo_0027'], array("class" => "btn-danger m-r-10")); echo form_button("cancel", $locale['photo_0028'], $locale['photo_0028'], array("class" => "btn-default m-r-10")); echo closeform(); } else { while ($pData = dbarray($photoResult)) { purgePhotoImage($pData); // purging everything, order is not relevant dbquery_insert(DB_PHOTOS, $pData, "delete"); } redirect(clean_request("album_id=" . $_GET['cat_id'], array("aid")), TRUE); } } } }
/** * Blog Listing HTML */ function blog_listing() { global $aidlink, $locale; // Remodel display results into straight view instead category container sorting. // consistently monitor sql results rendertime. -- Do not Surpass 0.15 // all blog are uncategorized by default unless specified. $limit = 15; $total_rows = dbcount("(blog_id)", DB_BLOG, multilang_table("BL") ? "blog_language='" . LANGUAGE . "'" : ""); $rowstart = isset($_GET['rowstart']) && $_GET['rowstart'] <= $total_rows ? $_GET['rowstart'] : 0; // add a filter browser $catOpts = array("all" => $locale['blog_0460'], "0" => $locale['blog_0424']); $categories = dbquery("select blog_cat_id, blog_cat_name\n\t\t\t\tfrom " . DB_BLOG_CATS . " " . (multilang_table("BL") ? "where blog_cat_language='" . LANGUAGE . "'" : "") . ""); if (dbrows($categories) > 0) { while ($cat_data = dbarray($categories)) { $catOpts[$cat_data['blog_cat_id']] = $cat_data['blog_cat_name']; } } // prevent xss $catFilter = ""; if (isset($_GET['filter_cid']) && isnum($_GET['filter_cid']) && isset($catOpts[$_GET['filter_cid']])) { if ($_GET['filter_cid'] > 0) { $catFilter = "and " . in_group("blog_cat", intval($_GET['filter_cid'])); } } $langFilter = multilang_table("BL") ? "blog_language='" . LANGUAGE . "'" : ""; if ($catFilter && $langFilter) { $filter = $catFilter . " AND " . $langFilter; } else { $filter = $catFilter . $langFilter; } $result = dbquery("\n\tSELECT blog_id, blog_cat, blog_subject, blog_image, blog_image_t1, blog_image_t2, blog_blog, blog_draft\n\tFROM " . DB_BLOG . "\n\t" . ($filter ? "WHERE " . $filter : "") . "\n\tORDER BY blog_draft DESC, blog_sticky DESC, blog_datestamp DESC LIMIT {$rowstart}, {$limit}\n\t"); $rows = dbrows($result); echo "<div class='clearfix'>\n"; echo "<span class='pull-right m-t-10'>" . sprintf($locale['blog_0408'], $rows, $total_rows) . "</span>\n"; if (!empty($catOpts) > 0 && $total_rows > 0) { echo "<div class='pull-left m-t-5 m-r-10'>" . $locale['blog_0458'] . "</div>\n"; echo "<div class='dropdown pull-left m-r-10' style='position:relative'>\n"; echo "<a class='dropdown-toggle btn btn-default btn-sm' style='width: 200px;' data-toggle='dropdown'>\n<strong>\n"; if (isset($_GET['filter_cid']) && isset($catOpts[$_GET['filter_cid']])) { echo $catOpts[$_GET['filter_cid']]; } else { echo $locale['blog_0459']; } echo " <span class='caret'></span></strong>\n</a>\n"; echo "<ul class='dropdown-menu' style='max-height:180px; width:200px; overflow-y: scroll'>\n"; foreach ($catOpts as $catID => $catName) { $active = isset($_GET['filter_cid']) && $_GET['filter_cid'] == $catID ? true : false; echo "<li" . ($active ? " class='active'" : "") . ">\n<a class='text-smaller' href='" . clean_request("filter_cid=" . $catID, array("section", "rowstart", "aid"), true) . "'>\n"; echo $catName; echo "</a>\n</li>\n"; } echo "</ul>\n"; echo "</div>\n"; } if ($total_rows > $rows) { echo makepagenav($rowstart, $limit, $total_rows, $limit, clean_request("", array("aid", "section"), true) . "&"); } echo "</div>\n"; echo "<ul class='list-group m-10'>\n"; if ($rows > 0) { while ($data2 = dbarray($result)) { echo "<li class='list-group-item'>\n"; echo "<div class='pull-left m-r-10'>\n"; $image_thumb = get_blog_image_path($data2['blog_image'], $data2['blog_image_t1'], $data2['blog_image_t2']); if (!$image_thumb) { $image_thumb = IMAGES . "imagenotfound70.jpg"; } echo thumbnail($image_thumb, '70px'); echo "</div>\n"; echo "<div class='overflow-hide'>\n"; echo "<div><span class='strong text-dark'>" . $data2['blog_subject'] . "</span><br/>\n"; if (!empty($data2['blog_cat'])) { $blog_cat = str_replace(".", ",", $data2['blog_cat']); $result2 = dbquery("SELECT blog_cat_id, blog_cat_name\n from " . DB_BLOG_CATS . " WHERE blog_cat_id in ({$blog_cat})\n "); $rows2 = dbrows($result2); if ($rows2 > 0) { echo "<div class='m-b-10'><strong>" . $locale['blog_0407'] . ": </strong>\n"; $i = 1; while ($cdata = dbarray($result2)) { echo "<a href='" . FUSION_SELF . $aidlink . "&action=edit&cat_id=" . $cdata['blog_cat_id'] . "&section=blog_category'>"; echo $cdata['blog_cat_name']; echo "</a>"; echo $i == $rows2 ? "" : ", "; $i++; } echo "</div>\n"; } echo "</div>\n"; } $blogText = strip_tags(parse_textarea($data2['blog_blog'])); echo fusion_first_words($blogText, '50'); echo "<div class='block m-t-10'><a href='" . FUSION_SELF . $aidlink . "&action=edit&section=blog_form&blog_id=" . $data2['blog_id'] . "'>" . $locale['blog_0420'] . "</a> -\n"; echo "<a href='" . FUSION_SELF . $aidlink . "&action=delete&section=blog_form&blog_id=" . $data2['blog_id'] . "' onclick=\"return confirm('" . $locale['blog_0451'] . "');\">" . $locale['blog_0421'] . "</a>\n"; echo "</div>\n</div>\n"; echo "</li>\n"; } } else { echo "<div class='panel-body text-center'>\n"; echo $locale['blog_0456']; echo "</div>\n"; } echo "</ul>\n"; if ($total_rows > $rows) { echo makepagenav($rowstart, $limit, $total_rows, $limit, clean_request("", array("aid", "section"), true) . "&"); } }
$result = dbquery("SELECT blog_cat_id, blog_cat_name FROM " . DB_BLOG_CATS . " " . (multilang_table("BL") ? "WHERE blog_cat_language='" . LANGUAGE . "'" : "") . " ORDER BY blog_cat_name"); $rows = dbrows($result); if ($rows != 0) { $counter = 0; $columns = 4; echo "<div class='row'>\n"; while ($data = dbarray($result)) { if ($counter != 0 && $counter % $columns == 0) { echo "</div>\n<div class='row'>\n"; } echo "<div class='col-xs-12 col-sm-3 col-md-3 col-lg-3 m-b-10 text-left'>\n"; echo "<strong>" . getblogCatPath($data['blog_cat_id']) . "</strong>\n<br/>\n"; echo "<img src='" . get_image("bl_" . $data['blog_cat_name']) . "' alt='" . $data['blog_cat_name'] . "' class='blog-category img-thumbnail m-r-20' />\n"; echo "<div class='display-block m-t-5'>\n"; echo "<span class='small'><a href='" . clean_request("action=edit&cat_id=" . $data['blog_cat_id'], array("aid", "section"), TRUE) . "'><i class='fa fa-edit'></i> " . $locale['edit'] . "</a> -\n"; echo "<a href='" . clean_request("action=delete&cat_id=" . $data['blog_cat_id'], array("aid", "section"), TRUE) . "' onclick=\"return confirm('" . $locale['blog_0550'] . "');\"><i class='fa fa-trash'></i> " . $locale['delete'] . "</a></span></div>\n"; echo "</div>\n"; $counter++; } echo "</div>\n"; } else { echo "<div class='well text-center'>" . $locale['blog_0461'] . "</div>\n"; } echo "<div class='text-center'><a class='btn btn-primary' href='" . ADMIN . "images.php" . $aidlink . "&ifolder=imagesbc'>" . $locale['blog_0536'] . "</a><br /><br />\n</div>\n"; closeside(); closetable(); function getblogCatPath($item_id) { $full_path = ""; while ($item_id > 0) { $result = dbquery("SELECT blog_cat_id, blog_cat_name, blog_cat_parent FROM " . DB_BLOG_CATS . " WHERE blog_cat_id='{$item_id}'" . (multilang_table("BL") ? " AND blog_cat_language='" . LANGUAGE . "'" : ""));
/** * Get thread structure when given specific tag id * @param string $tag_id * @param bool|FALSE $filter * @return array */ public static function get_tag_thread($tag_id = '0', $filter = FALSE) { $info = array(); $locale = fusion_get_locale("", FORUM_LOCALE); $forum_settings = ForumServer::get_forum_settings(); $userdata = fusion_get_userdata(); $userdata['user_id'] = !empty($userdata['user_id']) ? (int) intval($userdata['user_id']) : 0; $lastVisited = isset($userdata['user_lastvisit']) && isnum($userdata['user_lastvisit']) ? $userdata['user_lastvisit'] : time(); /** * Get threads with filter conditions (XSS prevention) */ $thread_query = "\n SELECT\n count(t.thread_id) 'thread_max_rows',\n count(a1.attach_id) 'attach_image',\n count(a2.attach_id) 'attach_files'\n FROM " . DB_FORUM_THREADS . " t\n LEFT JOIN " . DB_FORUMS . " tf ON tf.forum_id = t.forum_id\n INNER JOIN " . DB_USERS . " tu1 ON t.thread_author = tu1.user_id\n #LEFT JOIN " . DB_USERS . " tu2 ON t.thread_lastuser = tu2.user_id\n LEFT JOIN " . DB_FORUM_POSTS . " p1 ON p1.thread_id = t.thread_id and p1.post_id = t.thread_lastpostid\n LEFT JOIN " . DB_FORUM_POLLS . " p ON p.thread_id = t.thread_id\n #LEFT JOIN " . DB_FORUM_VOTES . " v ON v.thread_id = t.thread_id AND p1.post_id = v.post_id\n LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a1 on a1.thread_id = t.thread_id AND a1.attach_mime IN ('" . implode(",", img_mimeTypes()) . "')\n LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a2 on a2.thread_id = t.thread_id AND a2.attach_mime NOT IN ('" . implode(",", img_mimeTypes()) . "')\n WHERE " . in_group('t.thread_tags', intval($tag_id), '.') . " AND t.thread_hidden='0' AND " . groupaccess('tf.forum_access') . "\n " . (isset($filter['condition']) ? $filter['condition'] : '') . "\n GROUP BY tf.forum_id\n "; $thread_result = dbquery($thread_query); $thread_rows = dbrows($thread_result); $count = array("thread_max_rows" => 0, "attach_image" => 0, "attach_files" => 0); $info['item'][$tag_id]['forum_threadcount'] = 0; $info['item'][$tag_id]['forum_threadcount_word'] = format_word($count['thread_max_rows'], $locale['fmt_thread']); if ($thread_rows > 0) { $count = dbarray($thread_result); $info['item'][$tag_id]['forum_threadcount'] = 0; $info['item'][$tag_id]['forum_threadcount_word'] = format_word($count['thread_max_rows'], $locale['fmt_thread']); } $info['thread_max_rows'] = $count['thread_max_rows']; if ($info['thread_max_rows'] > 0) { $info['threads']['pagenav'] = ""; $info['threads']['pagenav2'] = ""; // anti-XSS filtered rowstart $_GET['thread_rowstart'] = isset($_GET['thread_rowstart']) && isnum($_GET['thread_rowstart']) && $_GET['thread_rowstart'] <= $count['thread_max_rows'] ? $_GET['thread_rowstart'] : 0; $thread_query = "\n SELECT t.*, tf.forum_type, tf.forum_name, tf.forum_cat,\n tu1.user_name ' author_name', tu1.user_status 'author_status', tu1.user_avatar 'author_avatar',\n tu2.user_name 'last_user_name', tu2.user_status 'last_user_status', tu2.user_avatar 'last_user_avatar',\n p1.post_datestamp, p1.post_message,\n IF (n.thread_id > 0, 1 , 0) 'user_tracked',\n count(v.vote_user) 'thread_rated',\n count(pv.forum_vote_user_id) 'poll_voted',\n p.forum_poll_title,\n count(v.post_id) AS vote_count,\n a1.attach_name, a1.attach_id,\n a2.attach_name, a2.attach_id,\n count(a1.attach_mime) 'attach_image',\n count(a2.attach_mime) 'attach_files',\n min(p2.post_datestamp) 'first_post_datestamp'\n FROM " . DB_FORUM_THREADS . " t\n LEFT JOIN " . DB_FORUMS . " tf ON tf.forum_id = t.forum_id\n INNER JOIN " . DB_USERS . " tu1 ON t.thread_author = tu1.user_id\n LEFT JOIN " . DB_USERS . " tu2 ON t.thread_lastuser = tu2.user_id\n LEFT JOIN " . DB_FORUM_POSTS . " p1 ON p1.thread_id = t.thread_id and p1.post_id = t.thread_lastpostid\n LEFT JOIN " . DB_FORUM_POSTS . " p2 ON p2.thread_id = t.thread_id\n LEFT JOIN " . DB_FORUM_POLLS . " p ON p.thread_id = t.thread_id\n #LEFT JOIN " . DB_FORUM_VOTES . " v ON v.thread_id = t.thread_id AND p1.post_id = v.post_id\n LEFT JOIN " . DB_FORUM_VOTES . " v on v.thread_id = t.thread_id AND v.vote_user='******'user_id'] . "' AND v.forum_id = t.forum_id AND tf.forum_type='4'\n LEFT JOIN " . DB_FORUM_POLL_VOTERS . " pv on pv.thread_id = t.thread_id AND pv.forum_vote_user_id='" . $userdata['user_id'] . "' AND t.thread_poll=1\n LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a1 on a1.thread_id = t.thread_id AND a1.attach_mime IN ('" . implode(",", img_mimeTypes()) . "')\n LEFT JOIN " . DB_FORUM_ATTACHMENTS . " a2 on a2.thread_id = t.thread_id AND a2.attach_mime NOT IN ('" . implode(",", img_mimeTypes()) . "')\n LEFT JOIN " . DB_FORUM_THREAD_NOTIFY . " n on n.thread_id = t.thread_id and n.notify_user = '******'user_id'] . "'\n WHERE " . in_group('t.thread_tags', intval($tag_id), '.') . " AND t.thread_hidden='0' AND " . groupaccess('tf.forum_access') . "\n " . (isset($filter['condition']) ? $filter['condition'] : '') . "\n " . (multilang_table("FO") ? "AND tf.forum_language='" . LANGUAGE . "'" : '') . "\n GROUP BY t.thread_id\n " . (isset($filter['order']) ? $filter['order'] : '') . "\n LIMIT " . intval($_GET['thread_rowstart']) . ", " . $forum_settings['threads_per_page']; $cthread_result = dbquery($thread_query); if (dbrows($cthread_result) > 0) { while ($threads = dbarray($cthread_result)) { $icon = ""; $match_regex = $threads['thread_id'] . "\\|" . $threads['thread_lastpost'] . "\\|" . $threads['forum_id']; if ($threads['thread_lastpost'] > $lastVisited) { if (iMEMBER && ($threads['thread_lastuser'] == $userdata['user_id'] || preg_match("(^\\.{$match_regex}\$|\\.{$match_regex}\\.|\\.{$match_regex}\$)", $userdata['user_threads']))) { $icon = "<i class='" . get_forumIcons('thread') . "' title='" . $locale['forum_0261'] . "'></i>"; } else { $icon = "<i class='" . get_forumIcons('new') . "' title='" . $locale['forum_0260'] . "'></i>"; } } $author = array('user_id' => $threads['thread_author'], 'user_name' => $threads['author_name'], 'user_status' => $threads['author_status'], 'user_avatar' => $threads['author_avatar']); $lastuser = array('user_id' => $threads['thread_lastuser'], 'user_name' => $threads['last_user_name'], 'user_status' => $threads['last_user_status'], 'user_avatar' => $threads['last_user_avatar']); $threads += array("thread_link" => array("link" => FORUM . "viewthread.php?thread_id=" . $threads['thread_id'], "title" => $threads['thread_subject']), "forum_type" => $threads['forum_type'], "thread_pages" => makepagenav(0, $forum_settings['posts_per_page'], $threads['thread_postcount'], 3, FORUM . "viewthread.php?thread_id=" . $threads['thread_id'] . "&"), "thread_icons" => array('lock' => $threads['thread_locked'] ? "<i class='" . self::get_forumIcons('lock') . "' title='" . $locale['forum_0263'] . "'></i>" : '', 'sticky' => $threads['thread_sticky'] ? "<i class='" . self::get_forumIcons('sticky') . "' title='" . $locale['forum_0103'] . "'></i>" : '', 'poll' => $threads['thread_poll'] ? "<i class='" . self::get_forumIcons('poll') . "' title='" . $locale['forum_0314'] . "'></i>" : '', 'hot' => $threads['thread_postcount'] >= 20 ? "<i class='" . self::get_forumIcons('hot') . "' title='" . $locale['forum_0311'] . "'></i>" : '', 'reads' => $threads['thread_views'] >= 20 ? "<i class='" . self::get_forumIcons('reads') . "' title='" . $locale['forum_0311'] . "'></i>" : '', 'image' => $threads['attach_image'] > 0 ? "<i class='" . self::get_forumIcons('image') . "' title='" . $locale['forum_0313'] . "'></i>" : '', 'file' => $threads['attach_files'] > 0 ? "<i class='" . self::get_forumIcons('file') . "' title='" . $locale['forum_0312'] . "'></i>" : '', 'icon' => $icon), "thread_starter" => $locale['forum_0006'] . timer($threads['first_post_datestamp']) . " " . $locale['by'] . " " . profile_link($author['user_id'], $author['user_name'], $author['user_status']) . "</span>", "thread_author" => $author, "thread_last" => array('avatar' => display_avatar($lastuser, '30px', '', '', ''), 'profile_link' => profile_link($lastuser['user_id'], $lastuser['user_name'], $lastuser['user_status']), 'time' => $threads['post_datestamp'], 'post_message' => parseubb(parsesmileys($threads['post_message'])), "formatted" => "<div class='pull-left'>" . display_avatar($lastuser, '30px', '', '', '') . "</div>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<div class='overflow-hide'>" . $locale['forum_0373'] . " <span class='forum_profile_link'>" . profile_link($lastuser['user_id'], $lastuser['user_name'], $lastuser['user_status']) . "</span><br/>\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . timer($threads['post_datestamp']) . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t</div>")); if ($threads['thread_sticky']) { $info['threads']['sticky'][$threads['thread_id']] = $threads; } else { $info['threads']['item'][$threads['thread_id']] = $threads; } } } if ($info['thread_max_rows'] > $forum_settings['threads_per_page']) { $info['threads']['pagenav'] = makepagenav($_GET['thread_rowstart'], $forum_settings['threads_per_page'], $info['thread_max_rows'], 3, clean_request("", array("thread_rowstart"), FALSE) . "&", "thread_rowstart"); $info['threads']['pagenav2'] = makepagenav($_GET['thread_rowstart'], $forum_settings['threads_per_page'], $info['thread_max_rows'], 3, clean_request("", array("thread_rowstart"), FALSE) . "&", "thread_rowstart", TRUE); } } return (array) $info; }
error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_WARNING); session_init(); if (!$_SESSION['valid']) { return; } /* * Get Settings */ $settings = new phpVBoxConfigClass(); $vbox = new vboxconnector(); $vbox->connect(); /* * Clean request */ global $request; $request = clean_request(); /* * Determine directory separator */ $localbrowser = @$settings->browserLocal; if ($localbrowser) { define('DSEP', DIRECTORY_SEPARATOR); } else { define('DSEP', $vbox->getDsep()); } /* * Compose allowed file types list */ $allowed_exts = $settings->browserRestrictFiles; if (is_array($allowed_exts) && count($allowed_exts) > 0) { $allowed_exts = array_combine($allowed_exts, $allowed_exts);
private function renderPageLink() { global $aidlink; $section = array(); $result = dbquery("SELECT * FROM " . DB_USER_FIELD_CATS . " WHERE field_parent='0' ORDER BY field_cat_order"); if (dbrows($result) > 0) { $aid = isset($_GET['aid']) ? $aidlink . '&' : ''; $i = 0; while ($data = dbarray($result)) { $section[$data['field_cat_id']] = array("id" => $data['field_cat_id'], 'active' => isset($_GET['section']) && $_GET['section'] == $data['field_cat_id'] ? 1 : (!isset($_GET['section']) && $i == 0 ? 1 : 0), 'link' => clean_request($aid . 'section=' . $data['field_cat_id'] . '&lookup=' . $this->userData['user_id'], array('section'), FALSE), 'name' => ucwords(self::parse_label($data['field_cat_name']))); $i++; } } return $section; }
include INFUSIONS . "articles/locale/" . LOCALESET . "articles_admin.php"; } else { include INFUSIONS . "articles/locale/English/articles_admin.php"; } opentable("<i class='fa fa-commenting-o fa-lg m-r-10'></i>" . $locale['articles_0060']); if (iMEMBER && $article_settings['article_allow_submission'] && ($cat_exist = dbcount("(article_cat_id)", DB_ARTICLE_CATS, multilang_table("AR") ? "article_cat_language='" . LANGUAGE . "'" : ""))) { $criteriaArray = array("article_subject" => "", "article_cat" => 0, "article_snippet" => "", "article_article" => "", "article_language" => LANGUAGE, "article_keywords" => ""); if (isset($_POST['submit_article'])) { $submit_info['article_snippet'] = nl2br(parseubb(stripinput($_POST['article_snippet']))); $submit_info['article_article'] = nl2br(parseubb(stripinput($_POST['article_article']))); $criteriaArray = array("article_subject" => form_sanitizer($_POST['article_subject'], "", "article_subject"), "article_cat" => form_sanitizer($_POST['article_cat'], "", "article_cat"), "article_snippet" => form_sanitizer($submit_info['article_snippet'], "", "article_snippet"), "article_article" => form_sanitizer($submit_info['article_article'], "", "article_article"), "article_language" => form_sanitizer($_POST['article_language'], "", "article_language"), "article_keywords" => form_sanitizer($_POST['article_keywords'], "", "article_keywords")); if (defender::safe()) { $inputArray = array("submit_type" => "a", "submit_user" => $userdata['user_id'], "submit_datestamp" => time(), "submit_criteria" => addslashes(serialize($criteriaArray))); dbquery_insert(DB_SUBMISSIONS, $inputArray, "save"); addNotice("success", $locale['articles_0061']); redirect(clean_request("submitted=a", array("stype"), TRUE)); } } if (isset($_GET['submitted']) && $_GET['submitted'] == "a") { add_to_title($locale['global_200'] . $locale['articles_0040']); echo "<div class='well text-center'><p><strong>" . $locale['articles_0061'] . "</strong></p>"; echo "<p><a href='submit.php?stype=a'>" . $locale['articles_0062'] . "</a></p>"; echo "<p><a href='index.php'>" . str_replace("[SITENAME]", fusion_get_settings("sitename"), $locale['articles_0064']) . "</a></p>\n"; echo "</div>\n"; } else { // Preview if (isset($_POST['preview_article'])) { $article_snippet = ""; if ($_POST['article_snippet']) { $article_snippet = str_replace("src='" . str_replace("../", "", IMAGES_A), "src='" . IMAGES_A, parseubb(stripslashes($_POST['article_snippet']))); $article_snippet = parse_textarea($article_snippet);
| written permission from the original author(s). +--------------------------------------------------------*/ require_once "maincore.php"; $settings = fusion_get_settings(); if ($settings['site_seo'] == "1" && !isset($_GET['aid'])) { define("IN_PERMALINK", TRUE); $router = new PHPFusion\Rewrite\Router(); $router->rewritePage(); $filepath = $router->getFilePath(); if (empty($filepath) && filter_var(PERMALINK_CURRENT_PATH, FILTER_VALIDATE_URL, FILTER_FLAG_SCHEME_REQUIRED)) { redirect(PERMALINK_CURRENT_PATH); } else { if (isset($_GET['lang']) && valid_language($_GET['lang'])) { $lang = stripinput($_GET['lang']); set_language($lang); $redirectPath = clean_request("", array("lang"), FALSE); redirect($redirectPath); } else { if (isset($_GET['logout']) && $_GET['logout'] == "yes") { $userdata = Authenticate::logOut(); redirect(BASEDIR . "index.php"); } else { if (!empty($filepath)) { if ($filepath == "index.php") { redirect($settings['opening_page']); } else { require_once $filepath; } } else { if ($_SERVER['REQUEST_URI'] == $settings['site_path'] . $settings['opening_page'] or $_SERVER['REQUEST_URI'] == $settings['site_path'] . "index.php" or $_SERVER['REQUEST_URI'] == $settings['site_path']) { redirect($settings['opening_page']);