function page_admin_images($act = "", $id = "")
{
requires_admin();
use_template("admin");
if ($act == "add") {
if (form_file_uploaded("file")) {
$fname = $_FILES["file"]['name'];
db_query("INSERT INTO images (link) VALUES ('')");
$id = db_last_id();
$fname = $id . "." . fileext($fname);
form_file_uploaded_move("file", "img/" . $fname);
db_query("UPDATE images SET link='img/{$fname}' WHERE id=%d", $id);
redir("admin/images");
}
form_start("", "post", " enctype='multipart/form-data' ");
form_file("Файл", "file");
form_submit("Загрузить", "submit");
form_end();
$o = form();
return $o;
}
if ($act == "del") {
$im = db_object_get("images", $id);
@unlink("../{$im->link}");
}
$o = table_edit("images", "admin/images", $act, $id, "", "", "", "image_func");
return $o;
}
function new_item($name, $description, $image, $imageProperties)
{
$result = db_query("INSERT INTO Item (id, name, description, image, image_type) VALUES (DEFAULT, '{$name}', '{$description}', '{$image}', '{$imageProperties}')");
if ($result) {
return db_last_id();
}
return $result;
}
function page_admin_menu_page_attach($id)
{
$page_title = menu_page_title($id);
db_query("INSERT INTO pages (short) VALUES ('%s')", $page_title);
$page_id = db_last_id();
db_query("UPDATE menu SET page_id=%d WHERE id=%d", $page_id, $id);
redir("admin/edit/pages/content/{$page_id}&back=" . form_post("back"));
}
/**
* Create new profile;
*
* @param : (array) $aProfileFields - `Profiles` table's fields;
* @return : (integer) - profile's Id;
*/
function createProfile(&$aProfileFields)
{
$sFields = null;
// procces all recived fields;
foreach ($aProfileFields as $sKey => $mValue) {
$mValue = process_db_input($mValue, BX_TAGS_VALIDATE, BX_SLASHES_AUTO);
$sKey = process_db_input($sKey, BX_TAGS_STRIP, BX_SLASHES_NO_ACTION);
$sFields .= "`{$sKey}` = '{$mValue}', ";
}
$sFields = preg_replace('/,$/', '', trim($sFields));
$sQuery = "INSERT INTO `Profiles` SET {$sFields}";
$this->query($sQuery);
return db_last_id();
}
function page_admin_images($act = "", $id = "")
{
requires_admin();
use_layout("admin");
form_start("", "post", " enctype='multipart/form-data' ");
form_file("Файл", "file");
$caption = "Загрузить картинку";
if ($act == "edit") {
$caption = "Изменить картинку";
}
form_submit($caption, "submit");
form_end();
$upload = form();
if (form_file_uploaded("file")) {
$fname = $_FILES["file"]['name'];
$ext = strtolower(fileext($fname));
if (!($ext == "swf" || $ext == "jpg" || $ext == "gif" || $ext == "png" || $ext == "bmp" || $ext == "jpeg" || $ext == "pdf")) {
$o = "Данный тип файла не является картинкой";
return $o;
} else {
if ($act == "add") {
db_query("INSERT INTO images (link) VALUES ('')");
$id = db_last_id();
} else {
@unlink(db_result(db_query("SELECT link FROM images WHERE id=%d", $id)));
}
$fname = $id . "." . fileext($fname);
form_file_uploaded_move("file", "img/" . $fname);
db_query("UPDATE images SET link='img/{$fname}' WHERE id=%d", $id);
redir("admin/images/edit/{$id}");
}
}
if ($act == "add") {
$o = $upload;
return $o;
}
if ($act == "del") {
$im = db_object_get("images", $id);
@unlink("{$im->link}");
}
$o = table_edit("images", "admin/images", $act, $id, "", "", "", "image_func");
if ($act == 'edit') {
$im = db_object_get("images", $id);
$o .= "<img width=100px src={$im->link}><br>{$upload}";
}
return $o;
}
function zyklusinsert($sar, $ear, $z, $_POST)
{
$x = 1;
$first_id = 0;
for ($i0 = $sar[0]; $i0 <= $ear[0]; $i0++) {
$sm = 1;
$em = 12;
if ($sar[0] == $i0) {
$sm = $sar[1];
}
if ($ear[0] == $i0) {
$em = $ear[1];
}
for ($i1 = $sm; $i1 <= $em; $i1++) {
$st = 1;
$et = date('t', mktime(0, 0, 0, $i1, 1, $i0));
if ($sar[0] == $i0 and $sar[1] == $i1) {
$st = $sar[2];
}
if ($ear[0] == $i0 and $ear[1] == $i1) {
$et = $ear[2];
}
for ($i2 = $st; $i2 <= $et; $i2++) {
if (checkzyklusins($x, $i0, $i1, $i2, $z, $sar)) {
$time = mktime($_POST['stunde'], $_POST['minute'], 0, $i1, $i2, $i0);
db_query("INSERT INTO `prefix_kalender` (`time`,`gid`,`title`,`text`,`recht`) VALUES (" . $time . "," . $first_id . ",'" . escape($_POST['title'], 'string') . "','" . escape($_POST['txt'], 'string') . "','" . escape($_POST['recht'], 'integer') . "')");
if ($first_id == 0) {
$first_id = db_last_id();
db_query("UPDATE `prefix_kalender` SET `gid` = " . $first_id . " WHERE `id` = " . $first_id);
}
}
$x++;
}
}
}
}
function updateLangFile($key, $string)
{
$langName = getParam('lang_default');
$langID = db_value("SELECT `ID` FROM `sys_localization_languages` WHERE `Name` = '" . addslashes($langName) . "'");
$keyID = db_value("SELECT `ID` FROM `sys_localization_keys` WHERE `Key` = '" . process_db_input($key) . "'");
if ($keyID) {
db_res("UPDATE `sys_localization_strings` SET `String` = '" . process_db_input($string) . "' WHERE `IDKey`='{$keyID}' AND `IDLanguage`='{$langID}'");
} else {
db_res("INSERT INTO `sys_localization_keys` SET `IDCategory` = 2, `Key` = '" . process_db_input($key) . "'");
db_res("INSERT INTO `sys_localization_strings` SET `IDKey` = " . db_last_id() . ", `IDLanguage` = '{$langID}', `String` = '" . process_db_input($string) . "'");
}
compileLanguage($langID);
}
function sendpm($sid, $eid, $ti, $te, $status = 0)
{
$page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"];
// Testen, ob Array. Sonst umwandeln.
if (!is_array($eid)) {
$eid = array($eid);
}
// Alle Emf�nger durchlaufen
foreach ($eid as $empf) {
// PM schreiben und ID speichern
db_query("INSERT INTO `prefix_pm` (`sid`,`eid`,`time`,`titel`,`txt`,`status`) VALUES (" . $sid . "," . $empf . ",'" . time() . "','" . $ti . "','" . $te . "'," . $status . ")");
$last_id = db_last_id();
// Alle Zeiten der letzten PMs abfragen, die nach dem letzten Login des Empf�ngers verschickt wurden
$erg = db_query("SELECT `b`.`time` FROM `prefix_user` AS `a` LEFT JOIN `prefix_pm` AS `b` ON `a`.`id` = `b`.`eid` AND `b`.`id` != " . $last_id . " WHERE `a`.`id` = " . $empf . " AND `a`.`llogin` < `b`.`time`");
// Wenn keine PM gefunden wurde, Email schreiben
if (db_num_rows($erg) == 0) {
// Email-Adresse abfragen und Email verschicken
$mail = db_result(db_query("SELECT `email` FROM `prefix_user` WHERE `id` = " . $empf), 0);
if (!empty($mail)) {
icmail($mail, "Du hast eine neue Nachricht", "Hallo,\ndu hast eben eine Neue Nachricht mit dem Betreff '" . $ti . "' bekommen. Diese Nachricht kannst du nun unter folgender Adresse mit Deinen Logindaten aufrufen: " . $page . "?forum-privmsg-showmsg-" . $last_id . "\n\nWir wünschen Dir noch einen schönen Tag!");
}
}
}
}
function checkNewBlock($iBlockID)
{
$iBlockID = (int) $iBlockID;
$sQuery = "SELECT `Desc`, `Caption`, `Func`, `Content`, `Visible`, `DesignBox` FROM `{$this->sDBTable}` WHERE `ID` = '{$iBlockID}'";
$aBlock = db_assoc_arr($sQuery);
if ($aBlock['Func'] == 'Sample') {
$sQuery = "\n INSERT INTO `{$this->sDBTable}` SET\n `Desc` = '" . addslashes($aBlock['Desc']) . "',\n `Caption` = '" . addslashes($aBlock['Caption']) . "',\n `Func` = '{$aBlock['Content']}',\n `Visible` = '{$aBlock['Visible']}',\n `DesignBox` = '{$aBlock['DesignBox']}',\n `Page` = '{$this->sPage_db}'\n ";
db_res($sQuery);
echo db_last_id();
$this->createCache();
}
}
// mal kurz nen neuen user anlegen
// mal kurz nen neuen user anlegen
case 'createNewUser':
$msg = '';
if (!empty($_POST['name']) and !empty($_POST['pass']) and !empty($_POST['email']) and chk_antispam('adminuser_create', true)) {
$_POST['name'] = escape($_POST['name'], 'string');
$_POST['recht'] = escape($_POST['recht'], 'integer');
$_POST['email'] = escape($_POST['email'], 'string');
$erg = db_query("SELECT id FROM prefix_user WHERE name = BINARY '" . $_POST['name'] . "'");
if (db_num_rows($erg) > 0) {
$msg = 'Der Name ist leider schon vorhanden!';
} else {
$new_pass = $_POST['pass'];
$passwordHash = user_pw_crypt($new_pass);
db_query("INSERT INTO prefix_user (name,pass,recht,regist,llogin,email)\r\n\t\t VALUES('" . $_POST['name'] . "','" . $passwordHash . "'," . $_POST['recht'] . ",'" . time() . "','" . time() . "','" . $_POST['email'] . "')");
$userid = db_last_id();
db_query("INSERT INTO prefix_userfields (uid,fid,val) VALUES (" . $userid . ",2,'1')");
db_query("INSERT INTO prefix_userfields (uid,fid,val) VALUES (" . $userid . ",3,'1')");
if (isset($_POST['info'])) {
$page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"];
$page = str_replace('admin.php', 'index.php', $page);
$tpl = new tpl('user/new_user_email', 1);
$tpl->set('name', $_POST['name']);
$tpl->set('pass', $_POST['pass']);
$tpl->set('page', $page);
$txt = $tpl->get(0);
unset($tpl);
icmail($_POST['email'], 'Admin hat dich angelegt', $txt);
}
$msg = 'Benutzer angelegt <a href="javascript:closeThisWindow()">Fenster schließen</a>';
}
function page_admin_catalog_images($catalog_id = "", $act = "", $id = "")
{
requires_admin();
use_template("admin");
global $tables;
$tables['catalog_images']['weight'] = 1;
$o = "";
if ($act == "edit") {
$o .= "<a href=admin/catalog/images/{$catalog_id}><<Назад</a><br>";
} else {
$catalog = db_object_get("catalog", $catalog_id);
$o .= "<a href=admin/catalog/edit/{$catalog->parent_id}/edit/{$catalog_id}><<Назад</a><br>";
}
if ($act == "del") {
$fname = db_object_get("catalog_images", $id)->image_file;
@unlink("img/upload/catalog/{$fname}");
}
if ($act == "edit") {
form_start("", "post", " enctype='multipart/form-data' ");
form_file("Файл", "file");
form_submit("Загрузить картинку", "submit");
form_end();
$upload = form();
$upload .= "<script>\r\n \$(function() {\r\n\t\t\t\t \$('input[name=submit]').remove();\r\n \$('input[name=file]').change( function() {\r\n\t\t\t\t\t \$('form').submit();\r\n\t });\r\n\t });\r\n\t\t </script>";
$o .= $upload;
if (form_file_uploaded("file")) {
$fname = $_FILES["file"]['name'];
$ext = strtolower(fileext($fname));
if (!($ext == "swf" || $ext == "jpg" || $ext == "gif" || $ext == "png" || $ext == "bmp" || $ext == "jpeg" || $ext == "pdf")) {
$o = "Данный тип файла не является картинкой";
return $o;
} else {
@unlink("img/upload/catalog/" . db_result(db_query("SELECT image_file FROM catalog_images WHERE id=%d", $id)));
$fname = $id . "." . fileext($fname);
form_file_uploaded_move("file", "img/upload/catalog/" . $fname);
db_query("UPDATE catalog_images SET image_file='{$fname}' WHERE id=%d", $id);
redir("admin/catalog/images/{$catalog_id}");
}
}
}
if ($act == "add") {
$_REQUEST['add'] = true;
}
global $table_edit_props;
$table_edit_props->add_redir = false;
$o .= table_edit("catalog_images", "admin/catalog/images/{$catalog_id}", $act, $id, "catalog_id", $catalog_id, "", "on_catalog_image");
if ($act == "add") {
$id = db_last_id();
redir("admin/catalog/images/{$catalog_id}/edit/" . $id);
die;
}
return $o;
}
function _updateLanguage($bInstall, $aLanguage, $iCategoryId = 0)
{
if (empty($iCategoryId)) {
$iCategoryId = (int) db_value("SELECT `ID` FROM `sys_localization_categories` WHERE `Name`='" . $this->_aConfig['language_category'] . "' LIMIT 1");
}
$sPath = $this->_sHomePath . 'install/langs/' . $aLanguage['name'] . '.php';
if (!file_exists($sPath)) {
return false;
}
include $sPath;
if (!(isset($aLangContent) && is_array($aLangContent))) {
return false;
}
//--- Installation ---//
if ($bInstall) {
foreach ($aLangContent as $sKey => $sValue) {
$iLangKeyId = (int) db_value("SELECT `ID` FROM `sys_localization_keys` WHERE `IDCategory`='" . $iCategoryId . "' AND `Key`='" . $sKey . "' LIMIT 1");
if ($iLangKeyId == 0) {
db_res("INSERT INTO `sys_localization_keys`(`IDCategory`, `Key`) VALUES('" . $iCategoryId . "', '" . $sKey . "')");
if (db_affected_rows() <= 0) {
continue;
}
$iLangKeyId = db_last_id();
}
db_res("INSERT IGNORE INTO `sys_localization_strings`(`IDKey`, `IDLanguage`, `String`) VALUES('" . $iLangKeyId . "', '" . $aLanguage['id'] . "', '" . addslashes($sValue) . "')");
}
} else {
foreach ($aLangContent as $sKey => $sValue) {
db_res("DELETE FROM `sys_localization_keys`, `sys_localization_strings` USING `sys_localization_keys`, `sys_localization_strings` WHERE `sys_localization_keys`.`ID`=`sys_localization_strings`.`IDKey` AND `sys_localization_keys`.`Key`='" . $sKey . "'");
}
}
return true;
}
$um = $menu->get(1);
if ($menu->get(1) == 'del') {
db_query('DELETE FROM `prefix_poll` WHERE `poll_id` = "' . $_GET['del'] . '"');
db_query('DELETE FROM `prefix_poll_res` WHERE `poll_id` = "' . $_GET['del'] . '"');
}
if ($menu->get(1) == 5) {
db_query('UPDATE `prefix_poll` SET `stat` = "' . $_GET['ak'] . '" WHERE `poll_id` = "' . $_GET['id'] . '"');
}
// A L L E V O T E S W E R D E N A N G E Z E I G T
if (isset($_POST['sub']) and chk_antispam('adminuser_action', true)) {
$_POST['frage'] = escape($_POST['frage'], 'string');
$_POST['poll_recht'] = escape($_POST['poll_recht'], 'integer');
$_POST['vid'] = escape($_POST['vid'], 'integer');
if (empty($_POST['vid'])) {
db_query('INSERT INTO `prefix_poll` (`frage`,`recht`,`stat`,`text`) VALUES ( "' . $_POST['frage'] . '" , "' . $_POST['poll_recht'] . '" , "1" ,"") ');
$poll_id = db_last_id();
$i = 1;
foreach ($_POST['antw'] as $v) {
if (!empty($v)) {
$v = escape($v, 'string');
db_query('INSERT INTO `prefix_poll_res` (`sort`,`poll_id`,`antw`,`res`) VALUES ( "' . $i . '" , "' . $poll_id . '" , "' . $v . '" , "" ) ');
$i++;
}
}
} else {
db_query('UPDATE `prefix_poll` SET frage = "' . $_POST['frage'] . '", recht = "' . $_POST['poll_recht'] . '" WHERE poll_id = "' . $_POST['vid'] . '"');
$i = 1;
foreach ($_POST['antw'] as $k => $v) {
$a = db_count_query("SELECT COUNT(*) FROM `prefix_poll_res` WHERE `poll_id` = " . $_POST['vid'] . " AND `sort` = " . $k);
$v = escape($v, 'string');
if ($a == 0 and $v != '') {
$tpl->set_ar_out($ar, 1);
} else {
// save toipc
$_SESSION['klicktime'] = $dppk_time;
$design = new design($title, $hmenu, 0);
$design->header($load);
if (loggedin()) {
$uid = $_SESSION['authid'];
$erst = escape($_SESSION['authname'], 'string');
db_query("UPDATE `prefix_user` SET `posts` = `posts`+1 WHERE `id` = " . $uid);
} else {
$erst = $xnn;
$uid = 0;
}
db_query("INSERT INTO `prefix_topics` (`fid`, `name`, `erst`, `stat`) VALUES ( " . $fid . ", '" . $topic . "', '" . $erst . "', 1 )");
$tid = db_last_id();
// topic alert
if (!empty($_POST['topic_alert']) and $_POST['topic_alert'] == 'yes' and loggedin()) {
if (0 == db_result(db_query("SELECT COUNT(*) FROM `prefix_topic_alerts` WHERE `uid` = " . $_SESSION['authid'] . " AND `tid` = " . $tid), 0)) {
db_query("INSERT INTO `prefix_topic_alerts` (`tid`,`uid`) VALUES (" . $tid . ", " . $_SESSION['authid'] . ")");
}
}
db_query("INSERT INTO `prefix_posts` (`tid`,`fid`,`erst`,`erstid`,`time`,`txt`) VALUES ( " . $tid . ", " . $fid . ", '" . $erst . "', " . $uid . ", " . $time . ", '" . $txt . "')");
$pid = db_last_id();
db_query("UPDATE `prefix_topics` SET `last_post_id` = " . $pid . " WHERE `id` = " . $tid);
db_query("UPDATE `prefix_forums` SET `posts` = `posts` + 1, `last_post_id` = " . $pid . ", `topics` = `topics` + 1 WHERE `id` = " . $fid);
// toipc als gelesen markieren
$_SESSION['forumSEE'][$fid][$tid] = time();
wd('index.php?forum-showposts-' . $tid, $lang['createtopicsuccessful']);
}
$design->footer();
function insert_table_record()
{
#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# add a record in the table
#
global $USER_RRN, $dbh, $_FIELDS, $_T_FIELDS;
// if(strlen($lang)==0) { $lang = $_SESSION['table_editor']['lang']; }
// if(strlen($lang)==0) { $lang = $_SESSION['sitelanguage']; }
$sql = 'INSERT INTO ' . MAINSITE_DB . '.`' . EDIT_TABLE_NAME . '` ' . 'SET ';
if (defined('EDIT_TABLE_IS_LAST_USER') && EDIT_TABLE_IS_LAST_USER == true) {
$sql .= '`' . EDIT_TABLE_NAME . '`.`LAST_USER` = ' . (int) $USER_RRN . ', ';
}
for ($i = 0; $i < $_T_FIELDS; $i++) {
$post_name = $_FIELDS[$i]['Field'];
if ($post_name != 'RRN' && $post_name != 'LAST_USER' && $post_name != 'LAST_UPDATE') {
# if is not a reserved field
#
$field_len_info = table_editor_get_field_len_info($_FIELDS[$i]['Type']);
//var_dump($field_len_info);echo '<hr>';
$field_name = 'r_' . $_FIELDS[$i]['Field'];
if ($field_len_info['dec'] > 0) {
# MySQL does not like the comma used as the decimal separator...
#
$value = str_replace(',', '.', $_POST[$post_name]);
}
if ($field_len_info['isSTRING'] == true || $field_len_info['isTEXT'] == true) {
$sql .= '`' . EDIT_TABLE_NAME . '`.`' . $post_name . '` = \'' . mysql_real_escape_string($_POST[$post_name]) . '\', ';
} else {
if ($_FIELDS[$i]['Type'] == 'date') {
$sql .= '`' . EDIT_TABLE_NAME . '`.`' . $post_name . '` = \'' . format_calendar_to_date($_POST[$post_name]) . '\', ';
} elseif ($_FIELDS[$i]['Type'] == 'datetime' || $_FIELDS[$i]['Type'] == 'timestamp') {
$sql .= '`' . EDIT_TABLE_NAME . '`.`' . $post_name . '` = \'' . format_calendar_to_datetime($_POST[$post_name]) . '\', ';
} elseif ((int) $field_len_info['dec'] > 0) {
//$sql .= '`'.EDIT_TABLE_NAME.'`.`'.$post_name.'` = '.number_format($_POST[$post_name], (int)$field_len_info['dec'], '.', '').', ';
$sql .= '`' . EDIT_TABLE_NAME . '`.`' . $post_name . '` = ' . $value . ', ';
} else {
$sql .= '`' . EDIT_TABLE_NAME . '`.`' . $post_name . '` = ' . (int) $_POST[$post_name] . ', ';
}
}
}
}
$sql = substr($sql, 0, -2);
//echo $sql.'<br><br>';
//return;
$sth = db_query($sql, __LINE__, __FILE__);
$RRN = db_last_id($dbh);
#
return $RRN;
}
function addStringToLanguage($langKey, $langString, $langID = -1, $categoryID = BX_DOL_LANGUAGE_CATEGORY_SYSTEM)
{
// input validation
$langID = (int) $langID;
$categoryID = (int) $categoryID;
if ($langID == -1) {
$resLangs = db_res('SELECT `ID`, `Name` FROM `sys_localization_languages`');
} else {
$resLangs = db_res('
SELECT `ID`, `Name`
FROM `sys_localization_languages`
WHERE `ID` = ' . $langID);
}
$langKey = process_db_input($langKey, BX_TAGS_STRIP);
$langString = process_db_input($langString, BX_TAGS_VALIDATE);
$resInsertKey = db_res("\n INSERT INTO\t`sys_localization_keys`\n SET\t\t\t`IDCategory` = {$categoryID},\n `Key` = '{$langKey}'", false);
if (!$resInsertKey || db_affected_rows() <= 0) {
return false;
}
$keyID = db_last_id();
while ($arrLanguage = mysql_fetch_assoc($resLangs)) {
$resInsertString = db_res("\n INSERT INTO\t`sys_localization_strings`\n SET\t\t\t`IDKey` = {$keyID},\n `IDLanguage` = {$arrLanguage['ID']},\n `String` = '{$langString}'", false);
if (!$resInsertString || db_affected_rows() <= 0) {
return false;
}
compileLanguage($arrLanguage['ID']);
}
return true;
}
function createLanguage(&$aData)
{
global $MySQL;
$sTitle = process_db_input($aData['CopyLanguage_Title']);
$sName = mb_strtolower(process_db_input($aData['CopyLanguage_Name']));
$sFlag = htmlspecialchars_adv($aData['Flag']);
$iSourceId = isset($aData['CopyLanguage_SourceLangID']) ? (int) $aData['CopyLanguage_SourceLangID'] : 0;
if (strlen($sTitle) <= 0) {
return '_adm_txt_langs_empty_title';
}
if (strlen($sName) <= 0) {
return '_adm_txt_langs_empty_name';
}
if (isset($aData['id']) && (int) $aData['id'] != 0) {
$MySQL->query("UPDATE `sys_localization_languages` SET `Name`='" . $sName . "', `Flag`='" . $sFlag . "', `Title`='" . $sTitle . "' WHERE `ID`='" . (int) $aData['id'] . "'");
return '_adm_txt_langs_success_updated';
}
$mixedResult = $MySQL->query("INSERT INTO `sys_localization_languages` (`Name`, `Flag`, `Title`) VALUES ('{$sName}', '{$sFlag}', '{$sTitle}')");
if ($mixedResult === false) {
return '_adm_txt_langs_cannot_create';
}
$iId = db_last_id();
$aStrings = $MySQL->getAll("SELECT\t`IDKey`, `String` FROM\t`sys_localization_strings` WHERE\t`IDLanguage` = {$iSourceId}");
foreach ($aStrings as $aString) {
$aString['String'] = addslashes($aString['String']);
$MySQL->query("INSERT INTO `sys_localization_strings`(`IDKey`, `IDLanguage`, `String`) VALUES ('{$aString['IDKey']}', {$iId}, '{$aString['String']}')");
if (!db_affected_rows()) {
return '_adm_txt_langs_cannot_add_string';
}
}
return '_adm_txt_langs_success_create';
}
$_POST['pkey'] = escape($_POST['pkey'], 'integer');
$_POST['gegner'] = escape($_POST['gegner'], 'string');
$_POST['page'] = get_homepage(escape($_POST['page'], 'string'));
$_POST['tid'] = escape($_POST['tid'], 'integer');
$_POST['mod'] = escape($_POST['mod'], 'string');
$_POST['game'] = escape($_POST['game'], 'string');
$_POST['mtyp'] = escape($_POST['mtyp'], 'string');
$_POST['land'] = escape($_POST['land'], 'string');
$_POST['txt'] = escape($_POST['txt'], 'string');
$_POST['tag'] = escape($_POST['tag'], 'string');
$_POST['email'] = escape($_POST['email'], 'string');
$_POST['icq'] = escape($_POST['icq'], 'string');
$_POST['wo'] = escape($_POST['wo'], 'string');
if (empty($_POST['pkey'])) {
db_query("INSERT INTO `prefix_wars` (`datime`,`status`,`gegner`,`tag`,`page`,`mail`,`icq`,`wo`,`tid`,`mod`,`game`,`mtyp`,`land`,`txt`) VALUES ('" . get_datime() . "',2,'" . $_POST['gegner'] . "','" . $_POST['tag'] . "','" . $_POST['page'] . "','" . $_POST['email'] . "','" . $_POST['icq'] . "','" . $_POST['wo'] . "','" . $_POST['tid'] . "','" . $_POST['mod'] . "','" . $_POST['game'] . "','" . $_POST['mtyp'] . "','" . $_POST['land'] . "','" . $_POST['txt'] . "')");
$wid = db_last_id();
// in den kalender eintragen wenn gewuenscht
if (isset($_POST['kalender']) and $_POST['kalender'] == 'yes') {
$timestamp = strtotime(get_datime());
$page = str_replace('admin.php', 'index.php', $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"]);
db_query("INSERT INTO `prefix_kalender` (`time`, `title`, `text`, `recht`) VALUES (" . $timestamp . ",'Nextwar gegen " . $_POST['gegner'] . "', '" . $_POST['mtyp'] . " " . $_POST['mod'] . " in " . $_POST['game'] . " gegen [url=" . $_POST['page'] . "]" . $_POST['gegner'] . "[/url]\n\n[url=http://" . $page . "?wars-more-" . $wid . "]details des Wars[/url]', 0)");
}
$msg = '<tr class="Cmite"><td colspan="2">Erfolgreich eingetragen</td></tr>';
} else {
db_query("UPDATE `prefix_wars` SET `datime` = '" . get_datime() . "', `status` = 2,`gegner` = '" . $_POST['gegner'] . "',`tag` = '" . $_POST['tag'] . "',`page` = '" . $_POST['page'] . "',`mail` = '" . $_POST['email'] . "',`icq` = '" . $_POST['icq'] . "',`wo` = '" . $_POST['wo'] . "',`tid` = '" . $_POST['tid'] . "',`mod` = '" . $_POST['mod'] . "',`game` = '" . $_POST['game'] . "',`mtyp` = '" . $_POST['mtyp'] . "',`land` = '" . $_POST['land'] . "',`txt` = '" . $_POST['txt'] . "' WHERE `id` = '" . $_POST['pkey'] . "'");
$wid = $_POST['pkey'];
// in den kalender eintragen wenn gewuenscht
if (isset($_POST['kalender']) and $_POST['kalender'] == 'yes') {
$timestamp = strtotime(get_datime());
$page = str_replace('admin.php', 'index.php', $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"]);
if (1 == db_result(db_query("SELECT COUNT(*) FROM `prefix_kalender` WHERE `text` LIKE '%more-" . $wid . "]%'"), 0)) {
function walkThroughLanguage($aLanguage, $aLangInfo)
{
$sLangName = $aLangInfo['Name'];
$sLangFlag = $aLangInfo['Flag'];
$sLangTitle = $aLangInfo['Title'];
$sInsertLanguageSQL = "INSERT INTO `sys_localization_languages` VALUES (NULL, '{$sLangName}', '{$sLangFlag}', '{$sLangTitle}')";
db_res($sInsertLanguageSQL);
$iLangKey = db_last_id();
foreach ($aLanguage as $sKey => $sValue) {
$sDqKey = str_replace("'", "''", $sKey);
$sDqValue = str_replace("'", "''", $sValue);
$iExistedKey = (int) db_value("SELECT `ID` FROM `sys_localization_keys` WHERE `Key`='{$sDqKey}'");
if ($iExistedKey > 0) {
// Key exists, no need insert key
} else {
$sInsertKeySQL = "INSERT INTO `sys_localization_keys` VALUES(NULL, 1, '{$sDqKey}')";
db_res($sInsertKeySQL);
$iExistedKey = db_last_id();
}
$sInsertValueSQL = "INSERT INTO `sys_localization_strings` VALUES({$iExistedKey}, {$iLangKey}, '{$sDqValue}');";
db_res($sInsertValueSQL);
}
}
function insert($aValsToAdd = array())
{
$oChecker = new BxDolFormChecker($this->_sCheckerHelper);
$oChecker->setFormMethod($this->aFormAttrs['method']);
$sSql = $oChecker->dbInsert($this->aParams['db'], $this->aInputs, $aValsToAdd);
if (!$sSql) {
return false;
}
if (!db_res($sSql)) {
return false;
}
$iLastId = db_last_id();
$oZ = new BxDolAlerts('form', 'insert_data', 0, 0, array('vals_to_add' => $aValsToAdd, 'checker_object' => $oChecker, 'form_object' => $this, 'form_attrs' => &$this->aFormAttrs, 'table_attrs' => &$this->aTableAttrs, 'params' => &$this->aParams, 'inputs' => &$this->aInputs));
$oZ->alert();
return $iLastId;
}
function createNewElement($type, $source)
{
if ($source) {
if ($type == 'top' and $source > 1000) {
$source = $source - 1000;
db_res("\n INSERT INTO `sys_menu_admin`\n (`title`, `icon`, `icon_large`)\n SELECT\n `title`, `icon`, `icon_large`\n FROM `sys_menu_admin`\n WHERE `id` = '{$source}'\n ");
$newID = db_last_id();
} elseif ($type == 'custom' and $source < 1000) {
$aItem = db_res("SELECT * FROM `sys_menu_admin` WHERE `id` = '{$source}'");
if ($aItem['parent_id'] == 0) {
$newID = $source;
} else {
db_res("\n INSERT INTO `sys_menu_admin`\n (`title`, `url`, `description`, `check`, `icon`)\n SELECT\n `title`, `url`, `description`, `check`, `icon`\n FROM `sys_menu_admin`\n WHERE `id` = '{$source}'\n ");
$newID = db_last_id();
}
} elseif ($type == 'custom' and $source > 1000) {
$source = $source - 1000;
db_res("\n INSERT INTO `sys_menu_admin`\n (`title`)\n SELECT\n `title`\n FROM `sys_menu_admin`\n WHERE `id` = '{$source}'\n ");
$newID = db_last_id();
} elseif ($type == 'top' and $source < 1000) {
db_res("\n INSERT INTO `sys_menu_admin`\n (`title`)\n SELECT\n `title`\n FROM `sys_menu_admin`\n WHERE `id` = '{$source}'\n ");
$newID = db_last_id();
}
} else {
db_res("INSERT INTO `sys_menu_admin` SET `title` = 'NEW ITEM'");
$newID = db_last_id();
}
return $newID;
}
function createProfile($aData, $bSendMails = true, $iMainMemberID = 0)
{
if (!$aData or !is_array($aData) or empty($aData)) {
return false;
}
unset($aData['Couple']);
unset($aData['Captcha']);
unset($aData['TermsOfUse']);
unset($aData['ProfilePhoto']);
/* @var $this ->oPF BxDolProfileFields */
$this->oPF = new BxDolProfileFields(100);
if (!$this->oPF->aArea) {
echo 'Profile Fields cache not loaded. Cannot continue.';
return false;
}
$this->aItems = $this->oPF->aArea[0]['Items'];
if ($iMainMemberID) {
$aMainMember = $this->getProfileInfo($iMainMemberID);
} else {
$aMainMember = false;
}
// begin profile info collecting
$aNewProfile = array();
foreach ($this->aItems as $aItem) {
$sItemName = $aItem['Name'];
if (array_key_exists($sItemName, $aData)) {
$aNewProfile[$sItemName] = $aData[$sItemName];
} elseif ($aMainMember and array_key_exists($sItemName, $aMainMember) and $aItem['Type'] != 'system') {
if ($aItem['Unique']) {
$aNewProfile[$sItemName] = $this->genUniqueValue($sItemName, $aMainMember[$sItemName]);
} else {
$aNewProfile[$sItemName] = $aMainMember[$sItemName];
}
} else {
switch ($aItem['Type']) {
case 'pass':
$aNewProfile[$sItemName] = $this->genRandomPassword();
break;
case 'num':
$aNewProfile[$sItemName] = (int) $aItem['Default'];
break;
case 'bool':
$aNewProfile[$sItemName] = (bool) $aItem['Default'];
break;
case 'system':
switch ($sItemName) {
case 'ID':
//set automatically
//set automatically
case 'Captcha':
//not been inserted
//not been inserted
case 'Location':
//not been inserted
//not been inserted
case 'Keyword':
//not been inserted
//not been inserted
case 'TermsOfUse':
//not been inserted
//pass
break;
case 'DateReg':
$aNewProfile[$sItemName] = date('Y-m-d H:i:s');
// set current date
break;
case 'DateLastEdit':
case 'DateLastLogin':
$aNewProfile[$sItemName] = '0000-00-00';
break;
case 'Couple':
$aNewProfile[$sItemName] = $aMainMember ? $iMainMemberID : 0;
//if main member exists, set him as a couple link
break;
case 'Featured':
$aNewProfile[$sItemName] = false;
break;
case 'Status':
if (getParam('autoApproval_ifNoConfEmail') == 'on') {
if (getParam('autoApproval_ifJoin') == 'on' && !(getParam('sys_dnsbl_enable') && 'approval' == getParam('sys_dnsbl_behaviour') && bx_is_ip_dns_blacklisted('', 'join'))) {
$aNewProfile[$sItemName] = 'Active';
} else {
$aNewProfile[$sItemName] = 'Approval';
}
} else {
$aNewProfile[$sItemName] = 'Unconfirmed';
}
break;
}
break;
default:
$aNewProfile[$sItemName] = $aItem['Default'];
}
}
}
//we completed collecting
// set default language
$aNewProfile['LangID'] = getLangIdByName(getCurrentLangName());
// set default privacy
bx_import('BxDolPrivacyQuery');
$oPrivacy = new BxDolPrivacyQuery();
$aNewProfile['allow_view_to'] = $oPrivacy->getDefaultValueModule('profile', 'view_block');
$sSet = $this->collectSetString($aNewProfile);
$sQuery = "INSERT INTO `Profiles` SET \n{$sSet}";
$rRes = db_res($sQuery);
if ($rRes) {
$iNewID = db_last_id();
$this->createProfileCache($iNewID);
if ($aMainMember) {
$this->updateProfile($iMainMemberID, array('Couple' => $iNewID));
}
//set main member's couple. they will be linked each other
//collect status text
if ($bSendMails and !$aMainMember) {
//send mail only to main member, not to couple
$sStatusText = $aNewProfile['Status'];
if (getParam('autoApproval_ifNoConfEmail') == 'on') {
if ('Active' == $sStatusText) {
$this->sendActivationMail($iNewID);
} else {
$this->sendApprovalMail($iNewID);
}
} else {
if (!$this->sendConfMail($iNewID)) {
$sStatusText = 'NotSent';
}
}
} else {
$sStatusText = 'OK';
}
//set crypted password
$sSalt = genRndSalt();
$this->updateProfile($iNewID, array('Password' => encryptUserPwd($aNewProfile['Password'], $sSalt), 'Salt' => $sSalt));
bx_member_ip_store($iNewID);
return array($iNewID, $sStatusText);
} else {
return array(false, 'Failed');
}
}
/**
* Function will send the compose message ;
*
* @param : $sMessageSubject (string) - message's subject ;
* @param : $sMessageBody (string) - message's body ;
* @param : $vRecipientID (variant)- message's recipient ID or NickName;
* @param : $aComposeSettings (array) - contain all needed settings for compose message ;
* [ send_copy ] (bolean) - allow to send message to phisical recipient's email ;
* [ notification ] (boolean) - allow to send notification to the recipient's email ;
* [ send_copy_to_me ] (boolean) - allow to send message to phisical sender's email ;
* @return : signaling information with Html ;
*/
function sendMessage($sMessageSubject, $sMessageBody, $vRecipientID, &$aComposeSettings, $isSimulateSending = false)
{
$sMessageSubject = process_db_input($sMessageSubject, BX_TAGS_STRIP);
$sMessageSubjectCopy = $GLOBALS['MySQL']->unescape($sMessageSubject);
$sMessageBody = process_db_input($sMessageBody, BX_TAGS_VALIDATE);
$sCopyMessage = $GLOBALS['MySQL']->unescape($sMessageBody);
if (!$isSimulateSending && (!$sMessageSubject || !$sMessageBody)) {
$this->iSendMessageStatusCode = BX_MAILBOX_SEND_FAILED;
return MsgBox(_t('_please_fill_next_fields_first'));
}
// init some needed variables ;
$sReturnMessage = null;
$sComposeUrl = BX_DOL_URL_ROOT . 'mail.php?mode=compose';
// try to define member's ID ;
$iRecipientID = (int) getId($vRecipientID);
if (!$iRecipientID) {
$this->iSendMessageStatusCode = BX_MAILBOX_SEND_UNKNOWN_RECIPIENT;
return MsgBox(_t('_Profile not found'));
}
$aRecipientInfo = getProfileInfo($iRecipientID);
$oEmailTemplate = new BxDolEmailTemplates();
$bAllowToSend = true;
$this->iSendMessageStatusCode = BX_MAILBOX_SEND_FAILED;
// ** check permission for recipient member ;
// Check if member is blocked ;
$sQuery = "\n SELECT\n `ID`, `Profile`\n FROM\n `sys_block_list`\n WHERE\n `Profile` = {$this->aMailBoxSettings['member_id']}\n AND\n `ID` = '{$iRecipientID}'\n ";
if (!isAdmin($this->aMailBoxSettings['member_id']) && db_arr($sQuery)) {
$sReturnMessage = MsgBox(_t('_FAILED_TO_SEND_MESSAGE_BLOCK'));
$this->iSendMessageStatusCode = BX_MAILBOX_SEND_BLOCKED;
$bAllowToSend = false;
}
// antispam check ;
$sQuery = "\n SELECT\n `ID`\n FROM\n `sys_messages`\n WHERE\n `Sender` = {$this->aMailBoxSettings['member_id']}\n AND\n date_add(`Date`, INTERVAL {$this->iWaitMinutes} MINUTE) > Now()\n ";
if (db_arr($sQuery)) {
$sReturnMessage = MsgBox(_t('_You have to wait for PERIOD minutes before you can write another message!', $this->iWaitMinutes, $sComposeUrl));
$this->iSendMessageStatusCode = BX_MAILBOX_SEND_WAIT;
$bAllowToSend = false;
}
// additional antispam check ;
if (bx_is_spam($sCopyMessage)) {
$sReturnMessage = MsgBox(sprintf(_t("_sys_spam_detected"), BX_DOL_URL_ROOT . 'contact.php'));
$this->iSendMessageStatusCode = BX_MAILBOX_SEND_FAILED;
$bAllowToSend = false;
}
// check if member not active ;
if ($aRecipientInfo['Status'] != 'Active') {
$sReturnMessage = MsgBox(_t('_FAILED_TO_SEND_MESSAGE_NOT_ACTIVE', $sComposeUrl));
$this->iSendMessageStatusCode = BX_MAILBOX_SEND_RECIPIENT_NOT_ACTIVE;
$bAllowToSend = false;
}
// chek membership level;
if (!$this->isSendMessageAlowed($this->aMailBoxSettings['member_id'], $isSimulateSending ? false : true)) {
$sReturnMessage = MsgBox(_t('_FAILED_TO_SEND_MESSAGE_MEMBERSHIP_DISALLOW'));
$this->iSendMessageStatusCode = BX_MAILBOX_SEND_FAILED_MEMBERSHIP_DISALLOW;
$bAllowToSend = false;
}
// ** allow to send message ;
if (!$isSimulateSending && $bAllowToSend) {
$sQuery = "\n INSERT INTO\n `sys_messages`\n SET\n `Sender` = {$this->aMailBoxSettings['member_id']},\n `Recipient` = {$iRecipientID},\n `Subject` = '{$sMessageSubject}',\n `Text` = '{$sMessageBody}',\n `Date` = NOW(),\n `New` = '1',\n `Type` = 'letter'\n ";
if (db_res($sQuery)) {
$sReturnMessage = MsgBox(_t('_MESSAGE_SENT', $sComposeUrl, getProfileLink($iRecipientID), $aRecipientInfo['NickName']));
$this->iSendMessageStatusCode = BX_MAILBOX_SEND_SUCCESS;
//--- create system event
bx_import('BxDolAlerts');
$aAlertData = array('msg_id' => db_last_id(), 'subject' => $sMessageSubjectCopy, 'body' => $sCopyMessage, 'send_copy' => $aComposeSettings['send_copy'], 'notification' => $aComposeSettings['notification'], 'send_copy_to_me' => $aComposeSettings['send_copy_to_me']);
$oZ = new BxDolAlerts('profile', 'send_mail_internal', $this->aMailBoxSettings['member_id'], $iRecipientID, $aAlertData);
$oZ->alert();
// ** check the additional parameters ;
// send message to phisical recipient's email ;
if ($aComposeSettings['send_copy']) {
$aTemplate = $oEmailTemplate->getTemplate('t_Message', $iRecipientID);
$aPlus = array();
$aPlus['MessageText'] = replace_full_uris($sCopyMessage);
$aPlus['ProfileReference'] = getNickName($this->aMailBoxSettings['member_id']);
$aPlus['ProfileUrl'] = getProfileLink($this->aMailBoxSettings['member_id']);
sendMail($aRecipientInfo['Email'], $sMessageSubjectCopy, $aTemplate['Body'], $iRecipientID, $aPlus);
}
// send notification to the recipient's email ;
if ($aComposeSettings['notification']) {
$aTemplate = $oEmailTemplate->getTemplate('t_Compose', $iRecipientID);
$aPlus['ProfileReference'] = getNickName($this->aMailBoxSettings['member_id']);
$aPlus['ProfileUrl'] = getProfileLink($this->aMailBoxSettings['member_id']);
sendMail($aRecipientInfo['Email'], $aTemplate['Subject'], $aTemplate['Body'], $iRecipientID, $aPlus);
}
// allow to send message to phisical sender's email;
if ($aComposeSettings['send_copy_to_me']) {
$aSenderInfo = getProfileInfo($this->aMailBoxSettings['member_id']);
$aTemplate = $oEmailTemplate->getTemplate('t_MessageCopy', $this->aMailBoxSettings['member_id']);
$aPlus['your subject here'] = $sMessageSubjectCopy;
$aPlus['your message here'] = replace_full_uris($sCopyMessage);
sendMail($aSenderInfo['Email'], $aTemplate['Subject'], $aTemplate['Body'], $this->aMailBoxSettings['member_id'], $aPlus);
}
} else {
$sReturnMessage = MsgBox(_t('_FAILED_TO_SEND_MESSAGE'));
$this->iSendMessageStatusCode = BX_MAILBOX_SEND_FAILED;
}
}
return $sReturnMessage;
}
function insert($aValsToAdd = array())
{
$oChecker = new BxDolFormChecker($this->_sCheckerHelper);
$oChecker->setFormMethod($this->aFormAttrs['method']);
$sSql = $oChecker->dbInsert($this->aParams['db'], $this->aInputs, $aValsToAdd);
if (!$sSql) {
return false;
}
if (db_res($sSql)) {
return db_last_id();
}
return false;
}
function updateLangFile($key, $string)
{
// clear from special chars ;
$key = preg_replace('|\\{([^\\}]+)\\}|', '', $key);
$langName = getParam('lang_default');
$langID = db_value("SELECT `ID` FROM `sys_localization_languages` WHERE `Name` = '" . addslashes($langName) . "'");
$keyID = db_value("SELECT `ID` FROM `sys_localization_keys` WHERE `Key` = '" . process_db_input($key) . "'");
if ($keyID) {
db_res("UPDATE `sys_localization_strings` SET `String` = '" . process_db_input($string) . "' WHERE `IDKey`={$keyID} AND `IDLanguage`={$langID}");
} else {
db_res("INSERT INTO `sys_localization_keys` SET `IDCategory` = 2, `Key` = '" . process_db_input($key) . "'");
db_res("INSERT INTO `sys_localization_strings` SET `IDKey` = " . db_last_id() . ", `IDLanguage` = {$langID}, `String` = '" . process_db_input($string) . "'");
}
compileLanguage($langID);
}
function user_regist($name, $mail, $pass)
{
global $allgAr, $lang;
$erg = db_query("SELECT id FROM prefix_user WHERE name = BINARY '" . $name . "'");
if (db_num_rows($erg) > 0) {
return false;
}
if ($allgAr['forum_regist_user_pass'] == 0) {
$new_pass = genkey(8);
} else {
$new_pass = $pass;
}
$passwordHash = user_pw_crypt($new_pass);
$confirmlinktext = '';
# confirm insert in confirm tb not confirm insert in user tb
if ($allgAr['forum_regist_confirm_link'] == 1) {
# confirm link + text ... bit of shit put it in languages file
$page = $_SERVER["HTTP_HOST"] . $_SERVER["SCRIPT_NAME"];
$id = md5(uniqid(rand()));
$confirmlinktext = "\n" . $lang['registconfirm'] . "\n\n" . sprintf($lang['registconfirmlink'], $page, $id);
db_query("INSERT INTO prefix_usercheck (`check`,name,email,pass,datime,ak)\n\t\tVALUES ('" . $id . "','" . $name . "','" . $mail . "','" . $passwordHash . "',NOW(),1)");
} else {
db_query("INSERT INTO prefix_user (name,pass,recht,regist,llogin,email,status,opt_mail,opt_pm)\n\t\tVALUES('" . $name . "','" . $passwordHash . "',-1,'" . time() . "','" . time() . "','" . $mail . "',1,1,1)");
$userid = db_last_id();
}
$regmail = sprintf($lang['registemail'], $name, $confirmlinktext, $name, $new_pass);
icmail($mail, 'Anmeldung', $regmail);
# email an user
return true;
}
$sql .= ", ";
}
}
$sql .= ") VALUES (";
$i = 0;
foreach ($_POST as $key => $val) {
$i++;
$sql .= "'" . $val . "'";
if ($i != $num) {
$sql .= ", ";
}
}
$sql .= ")";
db_mysql_query($sql, $conn);
if ($action != 'add') {
$id = db_last_id($conn);
}
}
}
###### Inhalt aus datenbank auslesen wenn ID gesetzt und Datenaktualisiert wurden ######
if (isset($id)) {
$sql = "SELECT * FROM " . $_SESSION['TABLE_PREFIX'] . $modul . " WHERE id = '" . $id . "' ";
$result = db_mysql_query($sql, $conn);
if (db_mysql_num_rows($result)) {
foreach (db_mysql_fetch_array($result) as $key => $val) {
${$key} = $val;
}
}
}
$success = true;
} else {
function createPage($aData, $bSendMails = true, $iMainMemberID = 0)
{
if (!$aData or !is_array($aData) or empty($aData)) {
return false;
}
unset($aData['Couple']);
unset($aData['Captcha']);
unset($aData['TermsOfUse']);
unset($aData['thumb']);
unset($aData['uri']);
/* @var $this->oPF BxDolProfileFields */
$this->oPF = new MlClonetwoPageFields(100);
if (!$this->oPF->aArea) {
echo 'Profile Fields cache not loaded. Cannot continue.';
return false;
}
$this->aItems = $this->oPF->aArea[0]['Items'];
if ($iMainMemberID) {
$aMainMember = $this->getPageInfo($iMainMemberID);
} else {
$aMainMember = false;
}
// begin profile info collecting
$aNewPage = array();
$aMediaFields = array();
foreach ($this->aItems as $aItem) {
$sItemName = $aItem['Name'];
if (array_key_exists($sItemName, $aData)) {
//if ($aItem['MediaType'] != 'none')
//$aMediaFields[$aItem['MediaType']][$sItemName] = $aData[$sItemName];
//else
$aNewPage[$sItemName] = $aData[$sItemName];
//if ($aData[$sItemName . '_photos'] && $aData[$sItemName])
//$aPhotoFields[$sItemName] = $aData[$sItemName . '_photos'];
} elseif ($aMainMember and array_key_exists($sItemName, $aMainMember) and $aItem['Type'] != 'system') {
if ($aItem['Unique']) {
$aNewPage[$sItemName] = $this->genUniqueValue($sItemName, $aMainMember[$sItemName]);
} else {
$aNewPage[$sItemName] = $aMainMember[$sItemName];
}
} else {
switch ($aItem['Type']) {
case 'pass':
$aNewPage[$sItemName] = $this->genRandomPassword();
break;
case 'num':
$aNewPage[$sItemName] = (int) $aItem['Default'];
break;
case 'bool':
$aNewPage[$sItemName] = (bool) $aItem['Default'];
break;
case 'system':
switch ($sItemName) {
case 'id':
//set automatically
//set automatically
case 'Captcha':
//not been inserted
//not been inserted
case 'Location':
//not been inserted
//not been inserted
case 'Keyword':
//not been inserted
//not been inserted
case 'TermsOfUse':
//not been inserted
//pass
break;
case 'created':
$aNewPage[$sItemName] = time();
// set current date
break;
case 'featured':
$aNewPage[$sItemName] = false;
break;
case 'status':
$aNewPage[$sItemName] = 'approved';
break;
}
break;
default:
$aNewPage[$sItemName] = $aItem['Default'];
}
}
}
//we completed collecting
$sEntryUri = uriGenerate($aNewPage['title'], 'ml_clonetwo_main', 'uri');
$aNewPage['uri'] = $sEntryUri;
$aNewPage['author_id'] = getLoggedId();
$sSet = $this->collectSetString($aNewPage);
$sQuery = "INSERT INTO `ml_clonetwo_main` SET \n{$sSet}";
$rRes = db_res($sQuery);
if ($rRes) {
$iNewID = db_last_id();
$aNewPage['title'] = sprintf($aNewPage['title'], $iNewID);
$sEntryUri = uriGenerate($aNewPage['title'], 'ml_clonetwo_main', 'uri');
$this->createPageCache($iNewID);
$sStatus = getParam('ml_clonetwo_autoapproval') == 'on' || isAdmin() ? 'approved' : 'pending';
$this->updatePage($iNewID, array('created' => time(), 'title' => $aNewPage['title'], 'uri' => $sEntryUri));
return array($iNewID, $sEntryUri, $sStatus, $aNewPage['title']);
} else {
return array(false, 'Failed', 0);
}
}
function updateLangString($sKey, $sString)
{
if ($sKey == '') {
return false;
}
$sKey_db = addslashes($sKey);
$sString_db = addslashes($sString);
$sQuery = "SELECT `ID` FROM `sys_localization_keys` WHERE `Key` = '{$sKey_db}'";
$iKeyID = (int) db_value($sQuery);
if (!$iKeyID) {
//create key
$sQuery = "INSERT INTO `sys_localization_keys` (`IDCategory`,`Key`) VALUES (32,'{$sKey_db}')";
db_res($sQuery);
$iKeyID = db_last_id();
}
$sQuery = "\n SELECT COUNT( * ) FROM `sys_localization_strings`\n WHERE `IDKey` = {$iKeyID} AND `IDLanguage` = {$this->sLangID}";
$iCount = (int) db_value($sQuery);
if ($iCount) {
$sQuery = "\n UPDATE `sys_localization_strings`\n SET `String` = '{$sString_db}'\n WHERE `IDKey` = {$iKeyID} AND `IDLanguage` = {$this->sLangID}";
db_res($sQuery);
} else {
$sQuery = "INSERT INTO `sys_localization_strings` VALUES ( {$iKeyID}, {$this->sLangID}, '{$sString_db}' )";
db_res($sQuery);
}
compileLanguage($this->sLangID);
}
function page_user_signup()
{
event("on_user_signup");
form_start("", "post", " name=signup_form ");
form_input("Email", "email", form_post("email"));
form_password("Password", "password", "", "", " class='password' ");
form_password("Retype", "retype");
form_submit("Sign Up", "Signup", " id=signup_submit ");
form_end();
$o = form();
if (form_post("email")) {
if (!form_post("password") || !form_post("retype")) {
$o .= "Please fill all fields.";
} else {
if (form_post("password") != form_post("retype")) {
$o .= "Retype doesn't match password.";
} else {
$exists = db_result(db_query("SELECT id FROM users WHERE email='%s'", form_post("email")));
if ($exists) {
$o .= errormsg("Such email (login) already in use.");
} else {
db_query("INSERT INTO users (email,password)\r\n VALUES ('%s','%s')", form_post("email"), form_post("password"));
$_SESSION['userid'] = db_last_id();
redir("");
die;
$o .= "Successfully signed up";
}
}
}
}
return "{$o}";
}
