$params['tag_keywords'] = prepare_input($_POST['tag_keywords']); } if (isset($_POST['tag_description'])) { $params['tag_description'] = prepare_input($_POST['tag_description']); } if (isset($_POST['page_title'])) { $params['page_title'] = prepare_input($_POST['page_title']); } if (isset($_POST['page_text'])) { $params['page_text'] = prepare_input($_POST['page_text'], false, 'low'); } if (isset($_POST['menu_link'])) { $params['menu_link'] = prepare_input($_POST['menu_link']); } $params['menu_id'] = isset($_POST['menu_id']) ? prepare_input($_POST['menu_id']) : '0'; $params['page_key'] = create_seo_url(prepare_input($_POST['page_title'])); $params['language_id'] = isset($_POST['language_id']) ? prepare_input($_POST['language_id']) : ''; $params['finish_publishing'] = isset($_POST['finish_publishing']) && check_date($_POST['finish_publishing']) ? prepare_input($_POST['finish_publishing']) : '0000-00-00'; if ($objPage->PageCreate($params, $copy_to_other_langs)) { $msg = draw_success_message(_PAGE_CREATED, false); $objSession->SetMessage('notice', $msg); header('location: index.php?admin=pages' . (Application::Get('type') != '' ? '&type=' . Application::Get('type') : '') . '&mg_language_id=' . $params['language_id']); exit; } else { $msg = draw_important_message($objPage->error, false); } } if ($msg == '') { $msg = draw_message(_ALERT_REQUIRED_FILEDS, false); } }
/** * @project ApPHP Business Directory * @copyright (c) 2011 ApPHP * @author ApPHP <*****@*****.**> * @license http://www.gnu.org/licenses/ */ // *** Make sure the file isn't accessed directly defined('APPHP_EXEC') or die('Restricted Access'); //-------------------------------------------------------------------------- $curr_page_id = Application::Get('system_page') == '' ? Application::Get('page_id') : Application::Get('system_page'); $field_name = Application::Get('system_page') == '' ? 'id' : 'system_page'; $mg_language_id = isset($_REQUEST['mg_language_id']) ? prepare_input($_REQUEST['mg_language_id']) : Application::Get('lang'); $new_page_id = Pages::GetPageId($curr_page_id, $mg_language_id, $field_name); $field_from = Application::Get('system_page') == '' ? 'pid=' . $curr_page_id : 'system_page=' . $curr_page_id; $field_to = Application::Get('system_page') == '' ? 'pid=' . $new_page_id : 'system_page=' . $new_page_id; $seo_field_from = Application::Get('system_page') == '' ? '/' . $curr_page_id . '/' : '/' . $curr_page_id . '.'; $seo_field_to = Application::Get('system_page') == '' ? '/' . $new_page_id . '/' : '/' . $new_page_id . '.'; if (!empty($new_page_id) && $curr_page_id != $new_page_id) { $url = get_page_url(false); if ($objSettings->GetParameter('seo_urls') == '1') { $url = str_replace($seo_field_from, $seo_field_to, $url); } else { $url = str_replace($field_from, $field_to, $url); } header('location: ' . $url); exit; } else { if (empty($new_page_id)) { $objSession->SetMessage('notice', draw_important_message(_PAGE_UNKNOWN, false)); } }
<?php /** * @project ApPHP Business Directory * @copyright (c) 2012 ApPHP * @author ApPHP <*****@*****.**> * @license http://www.gnu.org/licenses/ */ // draw title bar draw_title_bar(_PAGES); draw_content_start(); draw_important_message(_PAGE_NOT_EXISTS); draw_content_end();
} else { if ($submition_type == 'site_info') { $params_ranks = array(); $params_ranks['alexa_rank'] = number_format((double) $objSettings->CheckAlexaRank($http_host)); $params_ranks['google_rank'] = (int) $objSettings->CheckGoogleRank($http_host); if ($objSettings->UpdateFields($params_ranks) == true) { $msg = draw_success_message(_CHANGES_WERE_SAVED, false); } else { $msg = draw_important_message($objSettings->error, false); } } else { if ($submition_type == 'cron_settings') { if ($objSettings->UpdateFields($params_cron) == true) { $msg = draw_success_message(_CHANGES_WERE_SAVED, false); } else { $msg = draw_important_message($objSettings->error, false); } } } } } } } } } } } $template = $objSettings->GetTemplate(); if (strtolower(SITE_MODE) != 'demo' && $submition_type == 'general' || $submition_type == 'visual_settings' || $submition_type == 'meta_tags') { $objSiteDescription->LoadData(); RSSFeed::UpdateFeeds();
exit; } else { //echo mysql_error(); $msg = draw_important_message(_TRY_LATER, false); } } } } } } } } } } } else { $msg = draw_important_message(str_replace('_COUNT_', $maximum_inquiries, _MAXIMUM_ALLOWED_INQUIRIES_PER_SESSION), false); } } else { if ($act == 'location_reload') { // currently do nothing } else { if ($act == 'inquiry_sent') { $msg = draw_success_message(_INQUIRY_SENT_SUCCESS_MSG, false); } } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head>
* @license http://www.gnu.org/licenses/ */ // *** Make sure the file isn't accessed directly defined('APPHP_EXEC') or die('Restricted Access'); //-------------------------------------------------------------------------- $task = isset($_POST['task']) ? prepare_input($_POST['task']) : ''; $keyword = isset($_POST['keyword']) ? strip_tags(prepare_input($_POST['keyword'])) : ''; if ($keyword == _SEARCH_KEYWORDS . '...') { $keyword = ''; } $p = isset($_POST['p']) ? (int) $_POST['p'] : ''; $objSearch = new Search(); $search_result = ''; $title_bar = _LOOK_IN . ': <select class="look_in" name="search_in" onchange="javascript:document.getElementById(\'search_in\').value=this.value;appQuickSearch();"> <option value="listings" ' . (Application::Get('search_in') == 'listings' ? 'selected="selected"' : '') . '>' . _LISTINGS . '</option> <option value="pages" ' . (Application::Get('search_in') == 'pages' ? 'selected="selected"' : '') . '>' . _PAGES . '</option> <option value="news" ' . (Application::Get('search_in') == 'news' ? 'selected="selected"' : '') . '>' . _NEWS . '</option> </select>'; // Check if there is a page if ($keyword != '') { draw_title_bar(_SEARCH_RESULT_FOR . ': ' . $keyword . '', $title_bar); if ($task == 'quick_search') { $search_result = $objSearch->SearchBy($keyword, $p, Application::Get('search_in')); } $objSearch->DrawPopularSearches(); $objSearch->DrawSearchResult($search_result, $p, $keyword); } else { draw_title_bar(_SEARCH_RESULT_FOR . ': ' . $keyword); draw_important_message(_NO_RECORDS_FOUND); }
if ($objLogin->IsLoggedInAsAdmin()) { $objPage = new Pages(Application::Get('page_id'), false, $mg_language_id); } else { $objPage = new Pages(Application::Get('system_page') != '' ? Application::Get('system_page') : Application::Get('page_id'), true, $mg_language_id); } $button_text = ''; // check if there is a page if ($objSession->IsMessage('notice')) { draw_title_bar(_PAGE); echo $objSession->GetMessage('notice'); } else { if ($objPage->CheckAccessRights($objLogin->IsLoggedIn())) { // check if there is a page if ($objPage->GetId() != '') { if ($objLogin->IsLoggedInAsAdmin() && Application::Get('preview') != 'yes') { $button_text = prepare_permanent_link('index.php?admin=pages' . (Application::Get('type') == 'system' ? '&type=system' : '') . '&mg_language_id=' . $mg_language_id, _BUTTON_BACK); } $objPage->DrawTitle($button_text); if (Modules::IsModuleInstalled('adsense') && (ModulesSettings::Get('adsense', 'adsense_code_activation') == 'All' || ModulesSettings::Get('adsense', 'adsense_code_activation') == 'Horizontal')) { //echo '<div class="adsense-horizontal">'.Adsense::GetHorizontalBanerCode().'</div>'; } $objPage->DrawText(); } else { draw_title_bar(_PAGES); draw_important_message(_PAGE_UNKNOWN); } } else { draw_title_bar(_PAGE); draw_important_message(_MUST_BE_LOGGED); } }
/** * Draws vocabulary * @param $key */ public function DrawVocabulary($key) { $align_left = Application::Get('lang_dir') == 'ltr' ? 'left' : 'right'; $align_right = Application::Get('lang_dir') == 'ltr' ? 'right' : 'left'; $this->GetVocabulary($this->whereClause); echo '<a name="top"></a>'; echo '<table width="100%" align="center" border="0" cellspacing="0" cellpadding="2" class="main_text"> <tr> <td>' . _FILTER_BY . ': '; echo prepare_permanent_link('index.php?admin=vocabulary' . $this->langIdByUrl, _ALL) . ' - '; for ($i = 65; $i < 91; $i++) { if ($this->filterBy == chr($i)) { $chr_i = '<b><u>' . chr($i) . '</u></b>'; } else { $chr_i = chr($i); } echo prepare_permanent_link('index.php?admin=vocabulary&filter_by=' . chr($i) . $this->langIdByUrl, $chr_i) . ' '; } echo ' - '; for ($i = 1; $i <= 5; $i++) { if ($this->filterBy == $i) { $chr_i = '<b><u>' . $i . '</u></b>'; } else { $chr_i = $i; } echo prepare_permanent_link('index.php?admin=vocabulary&filter_by=' . $i . $this->langIdByUrl, $chr_i) . ' '; } echo '</td> <td width="7%" align="center" nowrap="nowrap"> ' . _TOTAL . ': ' . count($this->keys) . ' </td> </tr>'; echo '<tr align="center"><td colspan="2">' . draw_line('line_no_margin', IMAGE_DIRECTORY, false) . '</td></tr>'; echo '</table>'; if (!empty($this->keys)) { echo '<table width="100%" align="center" border="0" cellspacing="0" cellpadding="3" class="main_text">'; echo '<tr> <th width="1%">#</th> <th width="25%" align="' . $align_left . '">' . _KEY . '</th> <th width="65%" align="' . $align_left . '">' . _VALUE . '</th> <th width="9%"></th>'; for ($i = 0; $i < $this->vocabularySize; $i++) { // Prepare key_text for displaying $decoded_text = strip_tags(decode_text($this->keys[$i]['key_text'])); if (strlen($decoded_text) > 90) { $key_text = '<span style="cursor:help;" title="' . $decoded_text . '">' . substr_by_word($decoded_text, 95, true) . '</span>'; } else { $key_text = $decoded_text; } // Display vocabulary row if ($this->keys[$i]['key_value'] == $this->currentKey) { echo '<tr>'; echo '<td align="' . $align_right . '" class="voc_row_edit_' . $align_left . '" nowrap="nowrap">' . ($i + 1) . '.</td>'; echo '<td align="' . $align_left . '" class="voc_row_edit_middle" nowrap="nowrap">' . $this->keys[$i]['key_value'] . '</td>'; echo '<td align="' . $align_left . '" class="voc_row_edit_middle">' . $key_text . '</td> <td align="center" class="voc_row_edit_' . $align_right . '">' . prepare_permanent_link('index.php?admin=vocabulary&key=' . $this->keys[$i]['id'] . '&act=edit' . $this->filterByUrl . $this->langIdByUrl, '[ ' . _EDIT_WORD . ' ]') . '</td> </tr>'; } else { if ($this->keys[$i]['id'] == (int) $key) { echo '<tr>'; echo '<td align="' . $align_right . '" class="voc_row_update_' . $align_left . '" nowrap="nowrap">' . ($i + 1) . '.</td>'; echo '<td align="' . $align_left . '" class="voc_row_update_middle" nowrap="nowrap">' . $this->keys[$i]['key_value'] . '</td>'; echo '<td align="' . $align_left . '" class="voc_row_update_middle">' . $key_text . '</td> <td align="center" class="voc_row_update_' . $align_right . '">' . prepare_permanent_link('index.php?admin=vocabulary&key=' . $this->keys[$i]['id'] . '&act=edit' . $this->filterByUrl . $this->langIdByUrl, '[ ' . _EDIT_WORD . ' ]') . '</td> </tr>'; } else { echo '<tr ' . highlight(0) . ' onmouseover="oldColor=this.style.backgroundColor;this.style.backgroundColor=\'#ededed\';" onmouseout="this.style.backgroundColor=oldColor">'; echo '<td align="' . $align_right . '" nowrap="nowrap">' . ($i + 1) . '.</td>'; echo '<td align="' . $align_left . '" nowrap="nowrap">' . $this->keys[$i]['key_value'] . '</td>'; echo '<td align="' . $align_left . '">' . $key_text . '</td> <td align="center">' . prepare_permanent_link('index.php?admin=vocabulary&key=' . $this->keys[$i]['id'] . '&act=edit' . $this->filterByUrl . $this->langIdByUrl, '[ ' . _EDIT_WORD . ' ]') . '</td> </tr>'; } } } echo '<tr><td colspan="4" nowrap="nowrap" height="10px"></td></tr>'; if ($this->vocabularySize > 15) { echo '<tr valign="bottom"><td colspan="3"></td><td align="center">' . prepare_permanent_link('index.php?admin=vocabulary' . $this->filterByUrl . $this->langIdByUrl . '#top', _TOP . ' ^') . '</td></tr>'; } echo '</table>'; } else { draw_important_message(_VOC_NOT_FOUND); } }
if ($action == 'add') { $mode = 'view'; } else { if ($action == 'create') { $mode = 'view'; } else { if ($action == 'edit') { $mode = 'edit'; } else { if ($action == 'update') { if ($objModules->UpdateRecord($rid)) { $mst_text = $objModules->error != '' ? $objModules->error : _UPDATING_OPERATION_COMPLETED; $msg = draw_success_message($mst_text, false); $mode = 'view'; } else { $msg = draw_important_message($objModules->error, false); $mode = 'edit'; } } else { if ($action == 'delete') { $mode = 'view'; } else { if ($action == 'details') { $mode = 'view'; } else { if ($action == 'cancel_add') { $mode = 'view'; } else { if ($action == 'cancel_edit') { $mode = 'view'; }
} else { if ($reg_confirmation == 'by admin') { $email_template = 'new_account_created_confirm_by_admin'; } else { $email_template = 'new_account_created'; } } send_email($email, $objSettings->GetParameter('admin_email'), $email_template, array('{FIRST NAME}' => $first_name, '{LAST NAME}' => $last_name, '{USER NAME}' => $user_name, '{USER PASSWORD}' => $user_password1, '{WEB SITE}' => $_SERVER['SERVER_NAME'], '{REGISTRATION CODE}' => $registration_code, '{BASE URL}' => APPHP_BASE, '{YEAR}' => date('Y'))); if ($admin_alert_new_registration == 'yes') { send_email($objSettings->GetParameter('admin_email'), $objSettings->GetParameter('admin_email'), 'new_account_created_notify_admin', array('{FIRST NAME}' => $first_name, '{LAST NAME}' => $last_name, '{USER NAME}' => $user_name, '{USER EMAIL}' => $email, '{WEB SITE}' => $_SERVER['SERVER_NAME'], '{BASE URL}' => APPHP_BASE, '{YEAR}' => date('Y'))); } //////////////////////////////////////////////////////////// if ($reg_confirmation == 'by email') { $msg = draw_success_message(_ACCOUNT_CREATED_CONF_BY_EMAIL_MSG, false); $msg .= '<br />' . draw_message(_ACCOUT_CREATED_CONF_LINK, false); } else { if ($reg_confirmation == 'by admin') { $msg = draw_success_message(_ACCOUNT_CREATED_CONF_BY_ADMIN_MSG, false); $msg .= '<br />' . draw_message(_ACCOUT_CREATED_CONF_LINK, false); } else { $msg = draw_success_message(_ACCOUNT_CREATED_NON_CONFIRM_MSG, false); $msg .= '<br />' . draw_message(_ACCOUNT_CREATED_NON_CONFIRM_LINK, false); } } $account_created = true; } else { $msg = draw_important_message(_CREATING_ACCOUNT_ERROR, false); } } } }
/** * Draws registration form * @param $news_id * @param $event_title * @param $draw */ public function DrawRegistrationForm($news_id = '0', $event_title = '', $draw = true) { if (!$news_id) { return ''; } global $objSettings, $objLogin; $lang = Application::Get('lang'); $focus_element = 'first_name'; // post fields $task = isset($_POST['task']) ? prepare_input($_POST['task']) : ''; $event_id = isset($_POST['event_id']) ? (int) $_POST['event_id'] : '0'; $first_name = isset($_POST['first_name']) ? prepare_input($_POST['first_name']) : ''; $last_name = isset($_POST['last_name']) ? prepare_input($_POST['last_name']) : ''; $email = isset($_POST['email']) ? prepare_input($_POST['email']) : ''; $phone = isset($_POST['phone']) ? prepare_input($_POST['phone']) : ''; $message = isset($_POST['message']) ? substr(prepare_input($_POST['message']), 0, 2048) : ''; $captcha_code = isset($_POST['captcha_code']) ? prepare_input($_POST['captcha_code']) : ''; $admin_email = $objSettings->GetParameter('admin_email'); $msg = ''; if ($task == 'register_to_event') { include_once 'modules/captcha/securimage.php'; $objImg = new Securimage(); if ($first_name == '') { $msg = draw_important_message(_FIRST_NAME_EMPTY_ALERT, false); $focus_element = 'first_name'; } else { if ($last_name == '') { $msg = draw_important_message(_LAST_NAME_EMPTY_ALERT, false); $focus_element = 'last_name'; } else { if ($email == '') { $msg = draw_important_message(_EMAIL_EMPTY_ALERT, false); $focus_element = 'email'; } else { if ($email != '' && !check_email_address($email)) { $msg = draw_important_message(_EMAIL_VALID_ALERT, false); $focus_element = 'email'; } else { if ($phone == '') { $msg = draw_important_message(str_replace('_FIELD_', _PHONE, _FIELD_CANNOT_BE_EMPTY), false); $focus_element = 'phone'; } else { if (!$objImg->check($captcha_code)) { $msg = draw_important_message(_WRONG_CODE_ALERT, false); $focus_element = 'captcha_code'; } else { $sql = 'SELECT * FROM ' . TABLE_EVENTS_REGISTERED . ' WHERE event_id = \'' . (int) $event_id . '\' AND email = \'' . $email . '\''; if (database_query($sql, ROWS_ONLY, FIRST_ROW_ONLY) > 0) { $msg = draw_important_message(_EVENT_USER_ALREADY_REGISTERED, false); } } } } } } } // deny all operations in demo version if (strtolower(SITE_MODE) == 'demo') { $msg = draw_important_message(_OPERATION_BLOCKED, false); } if ($msg == '') { if ($objLogin->IpAddressBlocked(get_current_ip())) { $msg = draw_important_message(_IP_ADDRESS_BLOCKED, false); } else { if ($objLogin->EmailBlocked($email)) { $msg = draw_important_message(_EMAIL_BLOCKED, false); } else { $sql = 'INSERT INTO ' . TABLE_EVENTS_REGISTERED . ' (id, event_id, first_name, last_name, email, phone, message, date_registered) VALUES (NULL, ' . (int) $event_id . ', \'' . encode_text($first_name) . '\', \'' . encode_text($last_name) . '\', \'' . encode_text($email) . '\', \'' . encode_text($phone) . '\', \'' . encode_text($message) . '\', \'' . @date('Y-m-d H:i:s') . '\')'; if (database_void_query($sql)) { $msg = draw_success_message(_EVENT_REGISTRATION_COMPLETED, false); //////////////////////////////////////////////////////////// send_email($email, $admin_email, 'events_new_registration', array('{FIRST NAME}' => $first_name, '{LAST NAME}' => $last_name, '{EVENT}' => '<b>' . $event_title . '</b>'), '', $admin_email, 'Events - new user was registered (admin copy)'); //////////////////////////////////////////////////////////// $first_name = $last_name = $email = $phone = $message = ''; } else { ///echo mysql_error(); $msg = draw_important_message(_TRY_LATER, false); } } } } } $output = ' ' . ($msg != '' ? $msg : '') . '<br /> <fieldset style="border:1px solid #cccccc;padding-left:10px;margin:0px 12px 12px 12px;"> <legend><b>' . _REGISTRATION_FORM . '</b></legend> <form method="post" name="frmEventRegistration" id="frmEventRegistration"> ' . draw_hidden_field('task', 'register_to_event', false) . ' ' . draw_hidden_field('event_id', $news_id, false) . ' ' . draw_token_field(false); $output .= ' <table cellspacing="1" cellpadding="2" border="0" width="100%"> <tbody> <tr> <td width="25%" align="' . Application::Get('defined_right') . '">' . _FIRST_NAME . ':</td> <td><span class="mandatory_star">*</span></td> <td nowrap="nowrap" align="' . Application::Get('defined_left') . '"><input type="text" id="first_name" name="first_name" size="34" maxlength="32" value="' . decode_text($first_name) . '" autocomplete="off" /></td> </tr> <tr> <td align="' . Application::Get('defined_right') . '">' . _LAST_NAME . ':</td> <td><span class="mandatory_star">*</span></td> <td nowrap="nowrap" align="' . Application::Get('defined_left') . '"><input type="text" id="last_name" name="last_name" size="34" maxlength="32" value="' . decode_text($last_name) . '" autocomplete="off" /></td> </tr> <tr> <td align="' . Application::Get('defined_right') . '">' . _EMAIL_ADDRESS . ':</td> <td><span class="mandatory_star">*</span></td> <td nowrap="nowrap" align="' . Application::Get('defined_left') . '"><input type="text" id="email" name="email" size="34" maxlength="70" value="' . decode_text($email) . '" autocomplete="off" /></td> </tr> <tr> <td align="' . Application::Get('defined_right') . '">' . _PHONE . ':</td> <td><span class="mandatory_star">*</span></td> <td nowrap="nowrap" align="' . Application::Get('defined_left') . '"><input type="text" id="phone" name="phone" size="22" maxlength="32" value="' . decode_text($phone) . '" autocomplete="off" /></td> </tr> <tr valign="top"> <td align="' . Application::Get('defined_right') . '">' . _MESSAGE . ':</td> <td></td> <td nowrap="nowrap" align="' . Application::Get('defined_left') . '"> <textarea id="message" name="message" style="width:390px;" rows="4" maxlength="2048">' . $message . '</textarea> </td> </tr> <tr> <td colspan="2"></td> <td colspan="2">'; $output .= '<table border="0" cellspacing="2" cellpadding="2"> <tr> <td> <img id="captcha_image" src="modules/captcha/securimage_show.php?sid=' . md5(uniqid(time())) . '" /> </td> <td> <img style="cursor:pointer; padding:0px; margin:0px;" id="captcha_image_reload" src="modules/captcha/images/refresh.gif" style="cursor:pointer;" onclick="document.getElementById(\'captcha_image\').src = \'modules/captcha/securimage_show.php?sid=\' + Math.random(); appSetFocus(\'captcha_code\'); return false" title="' . _REFRESH . '" alt="' . _REFRESH . '" /><br /> <a href="modules/captcha/securimage_play.php"><img border="0" style="padding:0px; margin:0px;" id="captcha_image_play" src="modules/captcha/images/audio_icon.gif" title="' . _PLAY . '" alt="' . _PLAY . '" /></a> </td> <td> ' . _TYPE_CHARS . '<br /> <input type="text" name="captcha_code" id="captcha_code" style="width:175px;margin-top:5px;" value="" maxlength="20" autocomplete="off" /> </td> </tr> </table>'; $output .= '</td> </tr> <tr><td height="20" colspan="3"> </td></tr> <tr> <td colspan="3" align="center"> <input type="submit" class="form_button" name="btnSubmitPD" id="btnSubmitPD" value=" ' . _SEND . ' "> </td> </tr> <tr><td colspan="3"> </td></tr> </table> </form> </form> </fieldset>'; if ($focus_element != '') { $output .= '<script type="text/javascript">appSetFocus(\'' . $focus_element . '\');</script>'; } if ($draw) { echo $output; } else { return $output; } }
/** * Draw page text */ public function DrawText() { global $objLogin; $objGallery = new GalleryAlbums(); $objContactUs = ContactUs::Instance(); $replace_needles = 1; $module_page = false; if (!count($this->page)) { return false; } // dont show this page if it was expired if (!$objLogin->IsLoggedInAsAdmin() && $this->page['finish_publishing'] != '0000-00-00' && date('Y-m-d') > $this->page['finish_publishing']) { draw_important_message(_PAGE_EXPIRED); return false; } if ($this->page['content_type'] == 'article' && isset($this->page['page_text'])) { $page_text = decode_text($this->page['page_text'], false); echo '<div class="pages_contents">'; if (preg_match('/{module:gallery}/i', $page_text)) { $module_page = true; $page_text = @preg_replace('/{module:gallery}/i', $objGallery->DrawGallery(false), $page_text, 1); } if (preg_match_all('/{module:album=(.*?)}/i', $page_text, $matches)) { $module_page = true; if (is_array($matches[1])) { foreach ($matches[1] as $key => $val) { if (strtolower($val) != 'code') { $val = @preg_replace('/[^A-Za-z0-9:]/i', '', $val); $page_text = @preg_replace('/{module:album=' . $val . '}/i', $objGallery->DrawAlbum($val, false), $page_text, 1); } } } } if (self::$PROJECT == 'MedicalAppointment') { if (preg_match('/{module:about_us}/i', $page_text)) { $module_page = true; $page_text = @preg_replace('/{module:about_us}/i', Clinic::DrawAboutUs(false), $page_text, 1); } } if (self::$PROJECT == 'HotelSite') { if (preg_match('/{module:about_us}/i', $page_text)) { $module_page = true; $page_text = @preg_replace('/{module:about_us}/i', Hotels::DrawAboutUs(false), $page_text, 1); } if (preg_match('/{module:rooms}/i', $page_text)) { $module_page = true; $page_text = @preg_replace('/{module:rooms}/i', Rooms::DrawRoomsInfo(false), $page_text, 1); } if (preg_match('/{module:testimonials}/i', $page_text)) { $module_page = true; $page_text = @preg_replace('/{module:testimonials}/i', Testimonials::DrawTestimonails(false), $page_text, 1); } } if (preg_match('/{module:contact_us}/i', $page_text)) { $module_page = true; $page_text = @preg_replace('/{module:contact_us}/i', $objContactUs->DrawContactUsForm(false), $page_text, 1); } if (preg_match('/{module:faq}/i', $page_text)) { $module_page = true; $page_text = @preg_replace('/{module:faq}/i', FaqCategories::DrawFaqList(false), $page_text, 1); } if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) { $page_text = stripslashes($page_text); } if ($this->page['is_home']) { if (self::$PROJECT == 'HotelSite') { Campaigns::DrawCampaignBanner('standard'); Campaigns::DrawCampaignBanner('global'); } } //echo $page_text; //echo "<hr>"; // draw all needed blocks for Home page if ($this->page['is_home']) { if (self::$PROJECT == 'BusinessDirectory') { if (ModulesSettings::Get('listings', 'show_categories_home_block') == 'yes') { Categories::DrawHomePageBlock(); } } else { if (self::$PROJECT == 'ShoppingCart') { if (ModulesSettings::Get('products_catalog', 'is_active') == 'yes') { Campaigns::DrawCampaignBanner(); if (ModulesSettings::Get('products_catalog', 'show_featured_block') == 'home page') { Products::DrawFeaturedBlock('home'); } if (ModulesSettings::Get('products_catalog', 'show_new_products_block') == 'home page') { Products::DrawNewProductsBlock(); } Categories::DrawHomePageBlock(); } } } } // draw comments form if (!$this->page['is_home'] && !$module_page) { if (Modules::IsModuleInstalled('comments')) { if (ModulesSettings::Get('comments', 'comments_allow') == 'yes' && $this->page['comments_allowed']) { $objComments = new Comments(); $objComments->DrawArticleComments($this->page['id']); } } } echo '</div>'; } else { if ($this->page['content_type'] == 'link' && isset($this->page['link_url'])) { $link_url = decode_text($this->page['link_url']); echo '<div class="pages_contents">'; echo '<a href="' . $link_url . '">' . $link_url . '</a>'; echo '</div>'; } } }
// *** Make sure the file isn't accessed directly defined('APPHP_EXEC') or die('Restricted Access'); //-------------------------------------------------------------------------- $objNews = News::Instance(); $news = $objNews->GetNews(Application::Get('news_id')); // Draw title bar if ($objSession->IsMessage('notice')) { draw_title_bar(_NEWS); echo $objSession->GetMessage('notice'); } else { if ($news[1] == 1) { $news_type = isset($news[0]['type']) ? $news[0]['type'] : 'news'; $header_text = isset($news[0]['header_text']) ? str_replace("\\'", "'", $news[0]['header_text']) : ''; $body_text = isset($news[0]['body_text']) ? str_replace("\\'", "'", $news[0]['body_text']) : ''; $date_created = isset($news[0]['mod_date_created']) ? $news[0]['mod_date_created'] : ''; if ($news_type == 'events') { draw_title_bar(prepare_breadcrumbs(array(_EVENTS => '', $header_text => ''))); } else { draw_title_bar(prepare_breadcrumbs(array(_NEWS => '', $header_text => ''))); } echo '<div class="center_box_heading_news">' . $header_text . '</div>'; echo '<div class="center_box_contents_news">' . $body_text . '</div>'; echo '<div class="center_box_bottom_news"><i><b>' . _POSTED_ON . ':</b> ' . $date_created . '</i></div>'; if ($news_type == 'events') { $objNews->DrawRegistrationForm(Application::Get('news_id'), $header_text); } } else { draw_title_bar(_NEWS); draw_important_message(_WRONG_PARAMETER_PASSED); } }
/** * Draws search result * @param $search_result - search result * @param $page * @param $keyword * @param $type */ public function DrawSearchResult($search_result, $page = 1, $keyword = '', $type = 'quick') { $total_pages = (int) ($this->totalSearchRecords / $this->pageSize); if (!is_numeric($total_pages) || (int) $total_pages <= 0) { $total_pages = 1; } if ($search_result != '' && $search_result[1] > 0) { echo '<div class="pages_contents">'; for ($i = 0; $i < $search_result[1]; $i++) { if ($search_result[0][$i]['content_type'] == 'article') { echo $i + 1 . '. ' . prepare_permanent_link('index.php?' . $search_result[0][$i]['url'], decode_text($search_result[0][$i]['title'])) . '<br />'; if (isset($search_result[0][$i]['image_file_thumb'])) { echo '<img src="images/listings/' . $search_result[0][$i]['image_file_thumb'] . '" style="width:42px;height:42px;margin:4px;" align="' . Application::Get('defined_left') . '" alt="" />'; } $page_text = $search_result[0][$i]['text']; $page_text = str_replace(array('\\r', '\\n'), '', $page_text); $page_text = preg_replace('/{module:(.*?)}/i', '', $page_text); $page_text = strip_tags($page_text); $page_text = decode_text($page_text); if (!empty($keyword)) { $page_text = $this->HighLight($page_text, array($keyword)); } echo substr_by_word($page_text, 512) . '...<br />'; } else { echo $i + 1 . '. <a href="' . $search_result[0][$i]['link_url'] . '">' . decode_text($search_result[0][$i]['title']) . '</a> <img src="images/external_link.gif" alt="" /><br />'; } echo '<br />'; draw_line(); echo '<br />'; } echo '<b>' . _PAGES . ':</b> '; for ($i = 1; $i <= $total_pages; $i++) { echo '<a class="paging_link" href="javascript:void(0);" onclick="javascript:appPerformSearch(' . $i . ', \'' . ($type == 'advanced' ? 'frmAdvSearch' : 'frmQuickSearch') . '\');">' . ($i == $page ? '<b>[' . $i . ']</b>' : $i) . '</a> '; } echo '</div>'; } else { draw_important_message(_NO_RECORDS_FOUND); } }
/** * Draw single listing * @param $draw */ public function DrawListing($draw = true) { $output = ''; $nl = "\n"; if (isset($this->listing_info[1]) && $this->listing_info[1] > 0) { // get info about some fields that depends on advertise plan $advertise_plan_info = AdvertisePlans::GetPlanInfo($this->GetField('advertise_plan_id')); $bpf_business_name = $advertise_plan_info[0]['business_name']; $bpf_business_description = $advertise_plan_info[0]['business_description']; $bpf_address = $advertise_plan_info[0]['address']; $bpf_logo = $advertise_plan_info[0]['logo']; $bpf_images_count = $advertise_plan_info[0]['images_count']; $bpf_phone = $advertise_plan_info[0]['phone']; $bpf_map = $advertise_plan_info[0]['map']; $bpf_video_link = $advertise_plan_info[0]['video_link']; $bpf_inquiry_button = $advertise_plan_info[0]['inquiry_button']; $bpf_rating_button = $advertise_plan_info[0]['rating_button']; $nl = "\n"; if ($bpf_logo && $bpf_images_count && !Application::Get('js_included', 'lytebox')) { $output .= '<!-- LyteBox v3.22 Author: Markus F. Hay Website: http://www.dolem.com/lytebox -->' . $nl; $output .= '<link rel="stylesheet" href="modules/lytebox/css/lytebox.css" type="text/css" media="screen" />' . $nl; $output .= '<script type="text/javascript" language="javascript" src="modules/lytebox/js/lytebox.js"></script>' . $nl; } if (Modules::IsModuleInstalled('ratings') == 'yes' && $bpf_rating_button) { $output .= '<link href="modules/ratings/css/ratings.css" rel="stylesheet" type="text/css" />'; if (Application::Get('lang_dir') == 'rtl') { $output .= '<link href="modules/ratings/css/ratings-rtl.css" rel="stylesheet" type="text/css" />'; } $ratings_lang = file_exists('modules/ratings/langs/' . Application::Get('lang') . '.js') ? Application::Get('lang') : 'en'; $output .= '<script src="modules/ratings/langs/' . $ratings_lang . '.js" type="text/javascript"></script>'; $output .= '<script src="modules/ratings/js/ratings.js" type="text/javascript"></script>'; } $output .= '<div class="listing_description">'; $output .= '<div class="wide_block">' . $nl; if ($bpf_rating_button) { $output .= '<div class="ratings_stars" id="rt_listing_' . $this->GetField('id') . '"></div>' . $nl; } if ($bpf_business_name) { $output .= '<h2>' . $this->GetField('business_name') . '</h2><br />' . $nl; } $output .= '<ul class="l_items">' . $nl; if ($bpf_address && $this->GetField('business_address') != '') { $output .= '<li><span class="l_item">' . _ADDRESS . ':</span> <span class="l_description">' . $this->GetField('business_address') . '</span></li>' . $nl; } if ($bpf_phone && $this->GetField('business_phone') != '') { $output .= '<li><span class="l_item">' . _PHONE . ':</span> <span class="l_description">' . $this->GetField('business_phone') . '</span></li>' . $nl; } if ($bpf_phone && $this->GetField('business_fax') != '') { $output .= '<li><span class="l_item">' . _FAX . ':</span> <span class="l_description">' . $this->GetField('business_fax') . '</span></li>' . $nl; } if ($this->GetField('website_url') != '') { $output .= '<li><span class="l_item">' . _WEB_SITE . ':</span> <span class="l_description"><a href="' . $this->GetField('website_url') . '" target="_blank">' . $this->GetField('website_url') . '</a> <img src="images/external_link.gif" alt="" /></span></li>' . $nl; } if ($this->GetField('business_email') != '') { $output .= '<li><span class="l_item">' . _EMAIL_ADDRESS . ':</span> <span class="l_description"><a href="mailto:' . $this->GetField('business_email') . '" target="_blank">' . $this->GetField('business_email') . '</a></span></li>' . $nl; } if ($bpf_video_link && $this->GetField('video_url') != '') { $output .= '<li><span class="l_item">' . _VIDEO . ':</span> <span class="l_description"><a href="' . $this->GetField('video_url') . '" target="_blank">' . $this->GetField('video_url') . '</a> <img src="images/external_link.gif" alt="" /></span></li>' . $nl; } $output .= '<li><span class="l_item">' . _LOCATION . ':</span> <span class="l_description">' . $this->GetField('listing_location') . '</span></li>' . $nl; $output .= '<li><span class="l_item">' . _SUB_LOCATION . ':</span> <span class="l_description">' . $this->GetField('listing_sub_location') . '</span></li>' . $nl; if ($this->GetField('date_published') != '0000-00-00 00:00:00') { $output .= '<li><span class="l_item">' . _PUBLISHED . ':</span> <span class="l_description">' . format_datetime($this->GetField('date_published'), get_datetime_format(false), _UNKNOWN) . '</span></li>' . $nl; } if ($bpf_business_description) { $output .= '<li><span class="l_item">' . _DESCRIPTION . ':</span> <br>' . $this->GetField('business_description') . '</li>' . $nl; } $added_categories = ListingsCategories::GetCategoriesForListing($this->GetField('id')); $arr_added_categories = array(); $output .= '<li><span class="l_item">' . _CATEGORIES . ':</span><br>'; $categories = ''; foreach ($added_categories[0] as $key => $val) { $categories .= !empty($categories) ? ', ' : ''; $categories .= prepare_link('category', 'cid', $val['category_id'], '', $val['name'], '', ''); } $output .= $categories; $output .= '</li>'; $output .= '</ul>'; $output .= '</div>'; $output .= '<div class="narrow_block">'; $output .= '<div class="listing_images_wrapper">'; if ($bpf_logo) { $image_file = $this->GetField('image_file') != '' ? $this->GetField('image_file') : ''; $image_file_thumb = $this->GetField('image_file_thumb') != '' ? $this->GetField('image_file_thumb') : 'no_image.png'; if (!empty($image_file)) { $output .= '<a href="images/listings/' . $image_file . '" rel="lyteshow' . $this->GetField('id') . '">'; } $output .= '<img class="listing_image' . ($image_file == '' ? ' no_hover' : '') . '" src="images/listings/' . $image_file_thumb . '" alt="" />'; if (!empty($image_file)) { $output .= '</a>'; } $output .= '<br />'; } $additional_images = array(); for ($i = 1; $i <= $bpf_images_count; $i++) { $additional_image = $this->GetField('image_' . $i) != '' ? $this->GetField('image_' . $i) : ''; $additional_image_thumb = $this->GetField('image_' . $i . '_thumb') != '' ? $this->GetField('image_' . $i . '_thumb') : ''; if ($additional_image != '') { $output .= '<a href="images/listings/' . $additional_image . '" rel="lyteshow' . $this->GetField('id') . '">'; $output .= '<img class="listing_icon" src="images/listings/' . $additional_image_thumb . '" alt="" />'; $output .= '</a>'; } } $output .= '</div>'; $map_code = $this->GetField('map_code', false); if ($bpf_map && $map_code != '') { $map_code = preg_replace('/width="(.*?)"/', 'width="240px"', $map_code); $map_code = preg_replace('/height="(.*?)"/', 'height="200px"', $map_code); $output .= '<div class="map">' . $map_code . '</div><br /><br />'; } if (Modules::IsModuleInstalled('inquiries') == 'yes' && $bpf_inquiry_button) { $output .= '<form name="frmDirectInquiry" action="index.php?page=inquiry_form" method="post">'; $output .= draw_token_field(false); $output .= draw_hidden_field('listing_id', $this->listing_info[0]['id'], false); $output .= draw_hidden_field('visitor_locations', $this->listing_info[0]['listing_location_id'], false); $output .= draw_hidden_field('visitor_sub_locations', $this->listing_info[0]['listing_sub_location_id'], false); $output .= draw_hidden_field('business_name', $this->GetField('business_name'), false); $output .= draw_hidden_field('inquiry_type', '1', false); $output .= '<center><input type="submit" class="form_button" value="' . _SUBMIT_INQUIRY . '"></center>'; $output .= '</form><br /><br />'; } $output .= '</div>'; $output .= '<div style="clear:both;"></div>'; $output .= '</div>'; } else { $output .= draw_important_message(_NO_LISTINGS_TO_DISPLAY, false); } if ($draw) { echo $output; } else { return $output; } }
//-------------------------------------------------------------------------- if (!$objLogin->IsLoggedIn() && ModulesSettings::Get('customers', 'allow_registration') == 'yes') { $code = isset($_REQUEST['c']) ? prepare_input($_REQUEST['c']) : ''; $task = isset($_POST['task']) ? prepare_input($_POST['task']) : ''; $msg = ''; $confirmed = false; if ($code != '') { $sql = 'SELECT * FROM ' . TABLE_CUSTOMERS . ' WHERE registration_code = \'' . encode_text($code) . '\' AND is_active = 0'; $result = database_query($sql, DATA_AND_ROWS, FIRST_ROW_ONLY); if ($result[1] > 0) { $sql = 'UPDATE ' . TABLE_CUSTOMERS . ' SET is_active = 1, registration_code = \'\' WHERE registration_code = \'' . encode_text($code) . '\' AND is_active = 0'; database_void_query($sql); $msg = draw_success_message(_CONFIRMED_SUCCESS_MSG, false); $confirmed = true; $msg .= '<script type="text/javascript">setTimeout(\'appGoTo("customer=login")\', 15000);</script>'; } else { if (strlen($code) == 20) { $confirmed = true; $msg = draw_message(_CONFIRMED_ALREADY_MSG, false); } else { $msg = draw_important_message(_WRONG_CONFIRMATION_CODE, false); } } } else { if ($task == 'post_submission') { $msg = draw_important_message(str_replace('_FIELD_', _CONFIRMATION_CODE, _FIELD_CANNOT_BE_EMPTY), false); } } }
/** * Draws article comments * @param $article_id * @param $draw */ public function DrawArticleComments($article_id = '', $draw = true) { if (!$article_id) { return ''; } global $objLogin; $delete_pending_time = ModulesSettings::Get('comments', 'delete_pending_time'); $user_type = ModulesSettings::Get('comments', 'user_type'); $comment_length = ModulesSettings::Get('comments', 'comment_length'); $image_verification = ModulesSettings::Get('comments', 'image_verification_allow'); $comments_on_page = ModulesSettings::Get('comments', 'page_size'); $is_published = ModulesSettings::Get('comments', 'pre_moderation_allow') == 'yes' ? '0' : '1'; if ($image_verification == 'yes') { include_once 'modules/captcha/securimage.php'; $objImg = new Securimage(); } //echo '<pre>'; //print_r($_SERVER); //echo '</pre>'; $task = isset($_POST['task']) ? prepare_input($_POST['task']) : ''; $comment_id = isset($_POST['comment_id']) ? (int) $_POST['comment_id'] : ''; $init_state = 'closed'; $user_id = isset($_POST['user_id']) ? (int) $_POST['user_id'] : ''; $user_name = isset($_POST['comment_user_name']) ? prepare_input($_POST['comment_user_name']) : ''; $user_email = isset($_POST['comment_user_email']) ? prepare_input($_POST['comment_user_email']) : ''; $comment_text = isset($_POST['comment_text']) ? prepare_input($_POST['comment_text']) : ''; $captcha_code = isset($_POST['captcha_code']) ? prepare_input($_POST['captcha_code']) : ''; $msg = ''; $task_completed = false; $focus_field = ''; $current_page = isset($_GET['p']) ? abs((int) $_GET['p']) : '1'; if ($task == 'publish_comment') { $init_state = 'opened'; if ($user_name == '') { $msg = draw_important_message(_USERNAME_EMPTY_ALERT, false); $focus_field = 'comment_user_name'; } else { if (!check_email_address($user_email) && !$objLogin->IsLoggedInAs($this->user_type_name)) { $msg = draw_important_message(_EMAIL_IS_WRONG, false); $focus_field = 'comment_user_email'; } else { if ($comment_text == '') { $msg = draw_important_message(_MESSAGE_EMPTY_ALERT, false); $focus_field = 'comment_text'; } else { if ($comment_text != '' && strlen($comment_text) > $comment_length) { $msg = draw_important_message(str_replace('_LENGTH_', $comment_length, _COMMENT_LENGTH_ALERT), false); $focus_field = 'comment_text'; } else { if ($image_verification == 'yes' && !$objImg->check($captcha_code)) { $msg = draw_important_message(_WRONG_CODE_ALERT, false); $focus_field = 'captcha_code'; } else { // Block operation in demo mode if (strtolower(SITE_MODE) == 'demo') { $msg = draw_important_message(_OPERATION_BLOCKED, false); } else { if ($objLogin->IpAddressBlocked(get_current_ip())) { $msg = draw_important_message(_IP_ADDRESS_BLOCKED, false); } else { if ($objLogin->EmailBlocked($user_email)) { $msg = draw_important_message(_EMAIL_BLOCKED, false); } else { $sql = 'INSERT INTO ' . TABLE_COMMENTS . '( id, article_id, user_id, user_name, user_email, comment_text, date_created, date_published, is_published )VALUES( NULL, ' . (int) $article_id . ', ' . (int) $user_id . ', \'' . encode_text($user_name) . '\', \'' . encode_text($user_email) . '\', \'' . encode_text(strip_tags($comment_text, '<b><i><u><br>')) . '\', \'' . date('Y-m-d H:i:s') . '\', \'' . ($is_published == '1' ? date('Y-m-d H:i:s') : '0000-00-00 00:00:00') . '\', \'' . $is_published . '\' )'; if (database_void_query($sql)) { if ($is_published == '1') { $msg = draw_success_message(_COMMENT_POSTED_SUCCESS, false); } else { $msg = draw_success_message(_COMMENT_SUBMITTED_SUCCESS, false); } $task_completed = true; } else { $msg = draw_important_message(_TRY_LATER, false); } } } } } } } } } } else { if ($task == 'delete_comment') { $init_state = 'opened'; $sql = 'DELETE FROM ' . $this->tableName . ' WHERE TIMESTAMPDIFF(MINUTE, date_published, \'' . date('Y-m-d H:i:s') . '\') < ' . $delete_pending_time . ' AND id = ' . (int) $comment_id; if (database_void_query($sql)) { $msg = draw_success_message(_COMMENT_DELETED_SUCCESS, false); } else { $msg = draw_important_message(_TRY_LATER, false); } } } // -------- pagination $total_comments = 0; $page_size = $comments_on_page; $sql = 'SELECT COUNT(*) as cnt FROM ' . TABLE_COMMENTS . ' WHERE is_published = 1 AND article_id = ' . (int) $article_id; $comments_result = database_query($sql, DATA_ONLY, FIRST_ROW_ONLY); $total_comments = $comments_result['cnt']; $total_pages = (int) ($total_comments / $page_size); if ($current_page > $total_pages + 1) { $current_page = 1; } if ($total_comments % $page_size != 0) { $total_pages++; } if ($task_completed) { $current_page = $total_pages; } if (!is_numeric($current_page) || (int) $current_page <= 0) { $current_page = 1; } $start_row = ($current_page - 1) * $page_size; if (isset($_GET['p'])) { $init_state = 'opened'; } // -------- $sql = 'SELECT * FROM ' . TABLE_COMMENTS . ' WHERE article_id = ' . (int) $article_id . ' AND is_published = 1 ORDER BY date_published ASC LIMIT ' . $start_row . ', ' . $page_size; $result = database_query($sql, DATA_AND_ROWS); $output = '<script type="text/javascript">function deleteComment(cid) { if(confirm(\'' . _PERFORM_OPERATION_COMMON_ALERT . '\')){ jQuery(\'#comment_task\').val(\'delete_comment\'); jQuery(\'#comment_id\').val(cid); jQuery(\'#frmComments\').submit(); return true; } return false; } </script>'; $output .= '<div id="commentsLink"><a href="javascript:void(0);" onclick="javascript:jQuery(\'#commentsWrapper\').slideToggle(\'fast\');">' . str_replace('_COUNT_', $total_comments, _COMMENTS_LINK) . '</a><br /><br /></div>'; $output .= '<div id="commentsWrapper" style="display:' . ($init_state == 'opened' ? '' : 'none') . ';">'; $output .= '<div id="commentsPublished">'; if ($result[1] > 0) { for ($i = 0; $i < $result[1]; $i++) { $output .= '<div class="comment">'; $output .= '<div class="comment_user_name"><b>' . $result[0][$i]['user_name'] . '</b> ' . _SAID . '...</div>'; $output .= '<div class="comment_test">' . $result[0][$i]['comment_text'] . '</div>'; $output .= '<div class="comment_date">'; if ($result[0][$i]['user_id'] == $objLogin->GetLoggedID() && floor(time_diff(date('Y-m-d H:i:s'), $result[0][$i]['date_published']) / 60) < $delete_pending_time) { $output .= '<img src="images/published_x.gif" alt="" style="cursor:pointer;margin-bottom:-3px;margin-right:3px;" onclick="deleteComment(\'' . $result[0][$i]['id'] . '\');">'; } $output .= '<i>' . _PUBLISHED . ': ' . format_datetime($result[0][$i]['date_published']) . '</i></div>'; $output .= '</div>'; } // draw pagination links if ($total_pages > 1) { $output .= '<div class="paging">'; for ($page_ind = 1; $page_ind <= $total_pages; $page_ind++) { $output .= prepare_permanent_link('index.php?page=' . Application::Get('page') . '&pid=' . Application::Get('page_id') . '&p=' . $page_ind, $page_ind == $current_page ? '<b>[' . $page_ind . ']</b>' : $page_ind, '', 'paging_link') . ' '; } $output .= '</div>'; } } else { $output .= '<div class="comment">'; $output .= '<b>' . _NO_COMMENTS_YET . '</b><br /><br />'; $output .= '</div>'; } $output .= '</div>'; $output .= $msg != '' ? $msg . '<br />' : ''; if ($user_type == 'registered' && !$objLogin->IsLoggedInAs($this->user_type_name)) { $output .= draw_message(_POST_COM_REGISTERED_ALERT, false); } else { $output .= $this->DrawCommentsForm($article_id, $image_verification, $focus_field, $task_completed, false); } $output .= '</div>'; if ($draw) { echo $output; } else { return $output; } }
*/ // *** Make sure the file isn't accessed directly defined('APPHP_EXEC') or die('Restricted Access'); //-------------------------------------------------------------------------- if ($objLogin->IsLoggedInAsAdmin() && $objLogin->HasPrivileges('add_menus')) { $act = isset($_POST['act']) ? prepare_input($_POST['act']) : ''; $mid = isset($_POST['mid']) ? prepare_input($_POST['mid']) : ''; $language_id = isset($_POST['language_id']) ? prepare_input($_POST['language_id']) : Languages::GetDefaultLang(); $menu = new Menu($mid); $msg = ''; // add new menu catagory if ($act == 'add') { $params = array(); $params['name'] = isset($_POST['name']) ? prepare_input($_POST['name']) : ''; $params['menu_placement'] = isset($_POST['menu_placement']) ? prepare_input($_POST['menu_placement']) : ''; $params['order'] = isset($_POST['order']) ? prepare_input($_POST['order']) : ''; $params['language_id'] = isset($_POST['language_id']) ? prepare_input($_POST['language_id']) : ''; $params['access_level'] = isset($_POST['access_level']) ? prepare_input($_POST['access_level']) : ''; if ($menu->MenuCreate($params)) { $msg = draw_success_message(_MENU_CREATED, false); $objSession->SetMessage('notice', $msg); header('location: index.php?admin=menus'); exit; } else { $msg = draw_important_message($menu->error, false); } } if ($msg == '') { $msg = draw_message(_ALERT_REQUIRED_FILEDS, false); } }
/** * @project ApPHP Business Directory * @copyright (c) 2011 ApPHP * @author ApPHP <*****@*****.**> * @license http://www.gnu.org/licenses/ */ // *** Make sure the file isn't accessed directly defined('APPHP_EXEC') or die('Restricted Access'); //-------------------------------------------------------------------------- $listing_type = Application::Get('type'); $listing_type_title = ''; if ($listing_type == 'featured') { $listing_type_title = _FEATURED_LISTINGS; } else { if ($listing_type == 'recent') { $listing_type_title = _RECENT_LISTINGS; } } draw_title_bar(prepare_breadcrumbs(array(_LISTINGS => '', $listing_type_title => ''))); if (!empty($listing_type_title)) { if ($listing_type == 'featured') { Listings::DrawFeaturedAll(); } else { if ($listing_type == 'recent') { Listings::DrawRecentAll(); } } } else { draw_important_message(_PAGE_UNKNOWN); }
/** * Place order * @param $order_number * @param $cc_params */ public static function PlaceOrder($order_number, $cc_params = array()) { global $objLogin; if (SITE_MODE == 'demo') { self::$message = draw_important_message(_OPERATION_BLOCKED, false); return false; } $sql = 'SELECT id, order_number FROM ' . TABLE_ORDERS . ' WHERE order_number = \'' . $order_number . '\' AND customer_id = ' . (int) $objLogin->GetLoggedID() . ' AND status = 0 ORDER BY id DESC'; $result = database_query($sql, DATA_AND_ROWS, FIRST_ROW_ONLY); if ($result[1] > 0) { $sql = 'UPDATE ' . TABLE_ORDERS . ' SET created_date = \'' . date('Y-m-d H:i:s') . '\', status_changed = \'' . date('Y-m-d H:i:s') . '\', cc_type = \'' . $cc_params['cc_type'] . '\', cc_holder_name = \'' . $cc_params['cc_holder_name'] . '\', cc_number = AES_ENCRYPT(\'' . $cc_params['cc_number'] . '\', \'' . PASSWORDS_ENCRYPT_KEY . '\'), cc_expires_month = \'' . $cc_params['cc_expires_month'] . '\', cc_expires_year = \'' . $cc_params['cc_expires_year'] . '\', cc_cvv_code = \'' . $cc_params['cc_cvv_code'] . '\', status = \'1\' WHERE order_number = \'' . $order_number . '\''; database_void_query($sql); if (Orders::SendOrderEmail($order_number, 'accepted', $objLogin->GetLoggedID())) { // OK } else { //$this->message = draw_success_message(_ORDER_SEND_MAIL_ERROR, false); } return true; } else { self::$message = _ORDER_ERROR; return false; } }
/** * Sends mass mail */ public function SendMassMail() { global $objSettings; $template_name = isset($_POST['template_name']) ? prepare_input($_POST['template_name']) : ''; $email_from = isset($_POST['email_from']) ? prepare_input($_POST['email_from']) : ''; $email_to_req = isset($_POST['email_to']) ? prepare_input($_POST['email_to']) : ''; $subject = isset($_POST['subject']) ? prepare_input($_POST['subject']) : ''; $message = isset($_POST['message']) ? prepare_input($_POST['message']) : ''; $package_size = isset($_POST['package_size']) ? prepare_input($_POST['package_size']) : ''; $duration = isset($_POST['duration']) ? (int) $_POST['duration'] : '5'; $send_copy_to_admin = isset($_POST['send_copy_to_admin']) ? prepare_input($_POST['send_copy_to_admin']) : ''; $admin_email = $objSettings->GetParameter('admin_email'); $email_session_code = Session::Get('email_random_code'); $email_post_code = isset($_POST['email_random_code']) ? prepare_input($_POST['email_random_code']) : ''; $msg = ''; $emails_total = '0'; $emails_sent = '0'; if (strtolower(SITE_MODE) == 'demo') { draw_important_message(_OPERATION_BLOCKED); return false; } if ($email_post_code != '' && $email_session_code == $email_post_code) { $this->error = true; draw_message(_OPERATION_WAS_ALREADY_COMPLETED); return false; } // handle emails sending if ($subject != '' && $message != '') { $message = str_ireplace('{YEAR}', date('Y'), $message); $message = str_ireplace('{WEB SITE}', $_SERVER['SERVER_NAME'], $message); $message = str_ireplace('{BASE URL}', APPHP_BASE, $message); $email_to_parts = explode('|', $email_to_req); $email_to = isset($email_to_parts[0]) ? $email_to_parts[0] : ''; $email_to_subtype = isset($email_to_parts[1]) ? $email_to_parts[1] : ''; if ($email_to_subtype == 'all') { $member_where_clause = ''; } else { if ($email_to_subtype == 'uncategorized') { $member_where_clause = 'group_id=0 AND'; } else { if ($email_to_subtype != '') { $member_where_clause = 'group_id=' . $email_to_subtype . ' AND'; } else { $member_where_clause = ''; } } } if ($email_to == 'test') { $emails_total = '1'; if (send_email_wo_template($admin_email, $admin_email, $subject, $message)) { $emails_sent = '1'; } } else { $result = database_query('SELECT COUNT(*) as cnt FROM ' . $this->TABLE_NAME . ' WHERE is_active = 1 AND ' . $member_where_clause . ' email_notifications = 1 AND email != \'\'', DATA_ONLY, FIRST_ROW_ONLY); $members_emails_total = $result['cnt']; $result = database_query('SELECT COUNT(*) as cnt FROM ' . TABLE_ACCOUNTS . ' WHERE is_active = 1 AND email != \'\'', DATA_ONLY, FIRST_ROW_ONLY); $admins_emails_total = $result['cnt']; $result = database_query('SELECT COUNT(*) as cnt FROM ' . TABLE_NEWS_SUBSCRIBED . ' WHERE email != \'\'', DATA_ONLY, FIRST_ROW_ONLY); $newsletter_email_total = $result['cnt']; if ($email_to == 'members') { $emails_total = $members_emails_total; } else { if ($email_to == 'admins') { $emails_total = $admins_emails_total; } else { if ($email_to == 'all') { $emails_total = $members_emails_total + $admins_emails_total; } else { if ($email_to == 'newsletter_subscribers') { $emails_total = $newsletter_email_total; } } } } if ($email_to == 'members' || $email_to == 'all') { $sql = 'SELECT id, first_name, last_name, email, user_name FROM ' . $this->TABLE_NAME . ' WHERE is_active = 1 AND ' . $member_where_clause . ' email_notifications = 1 AND email != \'\' ORDER BY id ASC'; $result = database_query($sql, DATA_AND_ROWS, ALL_ROWS); for ($i = 0; $i < $result[1]; $i++) { $body_middle = str_ireplace('{FIRST NAME}', $result[0][$i]['first_name'], $message); $body_middle = str_ireplace('{LAST NAME}', $result[0][$i]['last_name'], $body_middle); $body_middle = str_ireplace('{USER NAME}', $result[0][$i]['user_name'], $body_middle); $body_middle = str_ireplace('{USER EMAIL}', $result[0][$i]['email'], $body_middle); if (send_email_wo_template($result[0][$i]['email'], $admin_email, $subject, $body_middle)) { $emails_sent++; } } } if ($email_to == 'admins' || $email_to == 'all') { $sql = 'SELECT id, first_name, last_name, email, user_name FROM ' . TABLE_ACCOUNTS . ' WHERE is_active = 1 AND email != \'\' ORDER BY id ASC'; $result = database_query($sql, DATA_AND_ROWS, ALL_ROWS); for ($i = 0; $i < $result[1]; $i++) { $body_middle = str_ireplace('{FIRST NAME}', $result[0][$i]['first_name'], $message); $body_middle = str_ireplace('{LAST NAME}', $result[0][$i]['last_name'], $body_middle); $body_middle = str_ireplace('{USER NAME}', $result[0][$i]['user_name'], $body_middle); $body_middle = str_ireplace('{USER EMAIL}', $result[0][$i]['email'], $body_middle); if (send_email_wo_template($result[0][$i]['email'], $admin_email, $subject, $body_middle)) { $emails_sent++; } } } if ($email_to == 'newsletter_subscribers') { $sql = 'SELECT email FROM ' . TABLE_NEWS_SUBSCRIBED . ' WHERE email != \'\' ORDER BY id ASC'; $result = database_query($sql, DATA_AND_ROWS, ALL_ROWS); for ($i = 0; $i < $result[1]; $i++) { $body_middle = $message; if (send_email_wo_template($result[0][$i]['email'], $admin_email, $subject, $body_middle)) { $emails_sent++; } } } if ($send_copy_to_admin == '1') { send_email_wo_template($admin_email, $admin_email, $subject . ' (admin copy)', $message); } } if ($emails_sent) { Session::Set('email_random_code', $email_post_code); $msg = str_replace('_SENT_', $emails_sent, _EMAILS_SUCCESSFULLY_SENT); $msg = str_replace('_TOTAL_', $emails_total, $msg); $this->error = false; draw_success_message($msg); } else { $this->error = true; draw_important_message(_EMAILS_SENT_ERROR); } } else { draw_important_message(_EMAIL_FIELDS_EMPTY_ALERT); } }
/** * Change Parameter * @param $param_val */ public function ChangeLang($param_val) { // deny all operations in demo version if (strtolower(SITE_MODE) == 'demo') { return draw_important_message(_OPERATION_BLOCKED, false); } global $objLogin; if (!empty($param_val)) { $sql = 'UPDATE ' . TABLE_ACCOUNTS . ' SET preferred_language = ' . quote_text(encode_text($param_val)) . ' WHERE id = ' . (int) $this->account_id; if (database_void_query($sql)) { $this->preferred_language = $param_val; $objLogin->SetPreferredLang($param_val); return draw_success_message(_SETTINGS_SAVED, false); } else { return draw_important_message(_TRY_LATER, false); } } else { return draw_important_message(str_replace('_FIELD_', _PREFERRED_LANGUAGE, _FIELD_CANNOT_BE_EMPTY), false); } }
} } } } } // Start main content draw_title_bar(prepare_breadcrumbs(array(_MODULES => '', _GALLERY => '', _GALLERY_SETTINGS => '', ucfirst($action) => ''))); echo '<br />'; //if($objSession->IsMessage('notice')) echo $objSession->GetMessage('notice'); echo $msg; draw_content_start(); if ($mode == 'view') { $objGallery->DrawViewMode(); } else { if ($mode == 'add') { $objGallery->DrawAddMode(); } else { if ($mode == 'edit') { $objGallery->DrawEditMode($rid); } else { if ($mode == 'details') { $objGallery->DrawDetailsMode($rid); } } } } draw_content_end(); } else { draw_title_bar(_ADMIN); draw_important_message(_NOT_AUTHORIZED); }
/** * Draws Contact Us form * @param $draw */ public function DrawContactUsForm($draw = true) { global $objSettings, $objSiteDescription, $objLogin; $align_left = Application::Get('defined_left'); $align_right = Application::Get('defined_right'); if (!Modules::IsModuleInstalled('contact_us')) { return ''; } $output = ''; $from_email = $objSettings->GetParameter('admin_email'); $admin_email = ModulesSettings::Get('contact_us', 'email'); $delay_length = ModulesSettings::Get('contact_us', 'delay_length'); $is_send_delay = ModulesSettings::Get('contact_us', 'is_send_delay'); $image_verification = ModulesSettings::Get('contact_us', 'image_verification_allow'); $focus_element = ''; // post fields $task = isset($_POST['task']) ? prepare_input($_POST['task']) : ''; $first_name = isset($_POST['first_name']) ? prepare_input($_POST['first_name']) : ''; $last_name = isset($_POST['last_name']) ? prepare_input($_POST['last_name']) : ''; $email = isset($_POST['email']) ? prepare_input($_POST['email']) : ''; $phone = isset($_POST['phone']) ? prepare_input($_POST['phone']) : ''; $subject = isset($_POST['subject']) ? prepare_input($_POST['subject']) : ''; $message = isset($_POST['message']) ? prepare_input($_POST['message']) : ''; $captcha_code = isset($_POST['captcha_code']) ? prepare_input($_POST['captcha_code']) : ''; $msg = ''; $contact_mail_sent = (bool) Session::Get('contact_mail_sent'); $contact_mail_sent_time = Session::Get('contact_mail_sent_time'); if ($image_verification == 'yes') { include_once 'modules/captcha/securimage.php'; $objImg = new Securimage(); } if ($task == 'contact') { $time_elapsed = time_diff(date('Y-m-d H:i:s'), $contact_mail_sent_time); if ($contact_mail_sent && $is_send_delay == 'yes' && $time_elapsed < $delay_length) { $msg = draw_message(str_replace('_WAIT_', $delay_length - $time_elapsed, _CONTACT_US_ALREADY_SENT), false); } else { if ($first_name == '') { $msg = draw_important_message(_FIRST_NAME_EMPTY_ALERT, false); $focus_element = 'first_name'; } else { if ($last_name == '') { $msg = draw_important_message(_LAST_NAME_EMPTY_ALERT, false); $focus_element = 'last_name'; } else { if ($email == '') { $msg = draw_important_message(_EMAIL_EMPTY_ALERT, false); $focus_element = 'email'; } else { if ($email != '' && !check_email_address($email)) { $msg = draw_important_message(_EMAIL_VALID_ALERT, false); $focus_element = 'email'; } else { if ($subject == '') { $msg = draw_important_message(_SUBJECT_EMPTY_ALERT, false); $focus_element = 'subject'; #}else if($phone == ''){ # $msg = draw_important_message(str_replace('_FIELD_', _PHONE, _FIELD_CANNOT_BE_EMPTY), false); # $focus_element = 'phone'; } else { if ($message == '') { $msg = draw_important_message(_MESSAGE_EMPTY_ALERT, false); $focus_element = 'message'; } else { if (strlen($message) > 1024) { $msg = draw_important_message(str_replace(array('_FIELD_', '_LENGTH_'), array('<b>' . _MESSAGE . '</b>', 1024), _FIELD_LENGTH_EXCEEDED), false); $focus_element = 'message'; } else { if ($image_verification == 'yes' && !$objImg->check($captcha_code)) { $msg = draw_important_message(_WRONG_CODE_ALERT, false); $focus_element = 'captcha_code'; } } } } } } } } // deny all operations in demo version if (strtolower(SITE_MODE) == 'demo') { $msg = draw_important_message(_OPERATION_BLOCKED, false); } if ($msg == '') { //////////////////////////////////////////////////////////// send_email_wo_template($admin_email, $from_email, 'Question from visitor (via Contact Us - ' . $objSiteDescription->GetParameter('header_text') . ')', _FIRST_NAME . ': ' . str_replace('\\', '', $first_name) . '<br />' . _LAST_NAME . ': ' . str_replace('\\', '', $last_name) . '<br />' . _EMAIL_ADDRESS . ': ' . str_replace('\\', '', $email) . '<br />' . _PHONE . ': ' . str_replace('\\', '', $phone) . '<br />' . _SUBJECT . ': ' . str_replace('\\', '', $subject) . '<br />' . _MESSAGE . ': ' . str_replace('\\', '', $message)); //////////////////////////////////////////////////////////// $msg = draw_success_message(_CONTACT_US_EMAIL_SENT, false); Session::Set('contact_mail_sent', true); Session::Set('contact_mail_sent_time', date('Y-m-d H:i:s')); $first_name = $last_name = $email = $phone = $subject = $message = ''; } } } $output .= ($msg != '' ? $msg . '<br />' : '') . ' <form method="post" name="frmContactUs" id="frmContactUs"> ' . draw_hidden_field('task', 'contact', false) . ' ' . draw_token_field(false) . ' <table class="tblContactUs" border="0" width="99%"> <tbody> <tr> <td width="25%" align="' . $align_right . '">' . _FIRST_NAME . ':</td> <td><span class="mandatory_star">*</span></td> <td nowrap="nowrap" align="' . $align_left . '"><input type="text" id="first_name" name="first_name" size="34" maxlength="40" value="' . decode_text($first_name) . '" autocomplete="off" /></td> </tr> <tr> <td align="' . $align_right . '">' . _LAST_NAME . ':</td> <td><span class="mandatory_star">*</span></td> <td nowrap="nowrap" align="' . $align_left . '"><input type="text" id="last_name" name="last_name" size="34" maxlength="40" value="' . decode_text($last_name) . '" autocomplete="off" /></td> </tr> <tr> <td align="' . $align_right . '">' . _EMAIL_ADDRESS . ':</td> <td><span class="mandatory_star">*</span></td> <td nowrap="nowrap" align="' . $align_left . '"><input type="text" id="email" name="email" size="34" maxlength="70" value="' . decode_text($email) . '" autocomplete="off" /></td> </tr> <tr> <td align="' . $align_right . '">' . _PHONE . ':</td> <td></td> <td nowrap="nowrap" align="' . $align_left . '"><input type="text" id="phone" name="phone" size="22" maxlength="40" value="' . decode_text($phone) . '" autocomplete="off" /></td> </tr> <tr> <td align="' . $align_right . '">' . _SUBJECT . ':</td> <td><span class="mandatory_star">*</span></td> <td nowrap="nowrap" align="' . $align_left . '"><input type="text" id="subject" name="subject" style="width:385px;" maxlength="128" value="' . decode_text($subject) . '" autocomplete="off" /></td> </tr> <tr valign="top"> <td align="' . $align_right . '">' . _MESSAGE . ':</td> <td><span class="mandatory_star">*</span></td> <td nowrap="nowrap" align="' . $align_left . '"> <textarea id="message" name="message" style="width:385px;" maxlength="1024" rows="8">' . $message . '</textarea> </td> </tr> <tr> <td colspan="2"></td> <td>'; if ($image_verification == 'yes') { $output .= '<table border="0"> <tr> <td> <img id="captcha_image" src="' . APPHP_BASE . 'modules/captcha/securimage_show.php?sid=' . md5(uniqid(time())) . '" /> </td> <td width="30px" align="center"> <img style="cursor:pointer; padding:0px; margin:0px;" id="captcha_image_reload" src="modules/captcha/images/refresh.gif" style="cursor:pointer;" onclick="document.getElementById(\'captcha_image\').src = \'modules/captcha/securimage_show.php?sid=\' + Math.random(); appSetFocus(\'captcha_code\'); return false;" title="' . _REFRESH . '" alt="' . _REFRESH . '" /><br /> <a href="modules/captcha/securimage_play.php"><img border="0" style="padding:0px; margin:0px;" id="captcha_image_play" src="modules/captcha/images/audio_icon.gif" title="' . _PLAY . '" alt="' . _PLAY . '" /></a> </td> <td align="left"> ' . _TYPE_CHARS . '<br /> <input type="text" name="captcha_code" id="captcha_code" style="width:175px;margin-top:5px;" value="" maxlength="20" autocomplete="off" /> </td> </tr> </table>'; } $output .= '</td> </tr> <tr><td height="25" nowrap colspan="3"></td></tr> <tr> <td colspan="3" align="center"> <input type="submit" ' . ($objLogin->IsLoggedInAsAdmin() ? 'disabled' : '') . ' class="form_button" name="btnSubmitPD" id="btnSubmitPD" value="' . _SEND . '" /> </td> </tr> <tr><td height="25" nowrap colspan="3"></td></tr> </table> </form>'; if ($focus_element != '') { $output .= '<script type="text/javascript">appSetFocus(\'' . $focus_element . '\');</script>'; } if ($draw) { echo $output; } else { return $output; } }