$sysmsg[] = __('online_demo_deny');
}
if (checklength($nav_text, 2, 250)) {
$error = true;
$sysmsg[] = __('nav_text_error');
}
if ($nav_title && checklength($nav_title, 2, 50)) {
$error = true;
$sysmsg[] = __('nav_title_error');
}
if (checklength($nav_href, 5, 80)) {
$error = true;
$sysmsg[] = __('nav_href_error');
}
if (!$error) {
$ins = array('text' => replace_js($nav_text), 'title' => replace_js($nav_title), 'href' => replace_js($nav_href), 'target' => $nav_target, 'position' => $nav_position);
$db->query_unbuffered("update {$tpf}navigations set " . $db->sql_array($ins) . " where navid='{$navid}' limit 1;");
redirect(urr(ADMINCP, "item={$item}&menu=extend&action=index"), '', 0);
} else {
redirect('back', $sysmsg);
}
} else {
$rs = $db->fetch_one_array("select * from {$tpf}navigations where navid='{$navid}'");
if ($rs) {
$nav_text = $rs['text'];
$nav_title = $rs['title'];
$nav_href = $rs['href'];
$nav_target = $rs['target'];
$nav_position = $rs['position'];
}
unset($rs);
die;
}
if (isset($_GET["replace-section"])) {
section_replace();
exit;
}
if (isset($_GET["replace-rules-section"])) {
section_rules_replace();
exit;
}
if (isset($_GET["replace-search"])) {
replace_search();
exit;
}
if (isset($_GET["js-replace"])) {
replace_js();
exit;
}
if (isset($_GET["js-replace-group"])) {
replace_group_js();
exit;
}
if (isset($_GET["replace-group-tabs"])) {
replace_group_tab();
exit;
}
if (isset($_GET["replace-group-popup"])) {
replace_group_popup();
exit;
}
if (isset($_GET["group-replace-search"])) {
$msg = __('report_already_exists');
}
unset($rs);
$ref = $_SERVER['HTTP_REFERER'];
require_once template_echo($item, $user_tpl_dir);
}
break;
case 'post_comment':
$file_id = (int) gpc('file_id', 'GP', 0);
if ($task == 'post_comment') {
form_auth(gpc('formhash', 'P', ''), formhash());
$content = trim(gpc('content', 'P', ''));
$ref = trim(gpc('ref', 'P', ''));
if (checklength($content, 2, 600)) {
$error = true;
$sysmsg[] = __('cmt_content_error');
}
if (!$error) {
$ins = array('userid' => $pd_uid, 'file_id' => $file_id, 'content' => replace_js($content), 'in_time' => $timestamp, 'ip' => $onlineip, 'is_checked' => $settings['check_comment'] ? 0 : 1);
$db->query("insert into {$tpf}comments set " . $db->sql_array($ins) . ";");
$sysmsg[] = __('cmt_success');
tb_redirect($ref, $sysmsg);
} else {
tb_redirect('back', $sysmsg);
}
} else {
$ref = $_SERVER['HTTP_REFERER'];
require_once template_echo($item, $user_tpl_dir);
}
break;
}
$sysmsg[] = __('online_demo_deny');
}
if (checklength($link_title, 2, 100)) {
$error = true;
$sysmsg[] = __('link_title_error');
}
if (checklength($link_url, 5, 100)) {
$error = true;
$sysmsg[] = __('link_url_error');
}
if (substr($link_url, 0, 7) != 'http://' && substr($link_url, 0, 8) != 'https://') {
$error = true;
$sysmsg[] = __('link_url_prefix');
}
if (!$error) {
$ins = array('title' => replace_js($link_title), 'url' => replace_js($link_url), 'logo' => replace_js($link_logo));
$db->query_unbuffered("update {$tpf}links set " . $db->sql_array($ins) . " where linkid='{$linkid}' limit 1;");
redirect(urr(ADMINCP, "item={$item}&menu=extend&action=index"), '', 0);
} else {
redirect('back', $sysmsg);
}
} else {
$rs = $db->fetch_one_array("select * from {$tpf}links where linkid='{$linkid}'");
if ($rs) {
$link_title = $rs['title'];
$link_url = $rs['url'];
$link_logo = $rs['logo'];
}
unset($rs);
require_once template_echo($item, $admin_tpl_dir, '', 1);
}
require_once template_echo($item, $admin_tpl_dir, '', 1);
}
break;
case 'category':
if ($task == 'update') {
form_auth(gpc('formhash', 'P', ''), formhash());
$show_order = gpc('show_order', 'P', array());
$cate_ids = gpc('cate_ids', 'P', array());
$cate_names = gpc('cate_names', 'P', array());
if ($settings['online_demo']) {
$error = true;
$sysmsg[] = __('online_demo_deny');
}
if (!$error) {
for ($i = 0; $i < count($cate_ids); $i++) {
$title = trim(replace_js($cate_names[$i]));
if ($title) {
$db->query_unbuffered("update {$tpf}categories set show_order='" . (int) $show_order[$i] . "',cate_name='{$title}' where cate_id='" . (int) $cate_ids[$i] . "'");
}
}
redirect(urr(ADMINCP, "item={$item}&menu=file&action=category"), '', 0);
} else {
redirect('back', $sysmsg);
}
} else {
$q = $db->query("select * from {$tpf}categories order by show_order asc, cate_id asc");
$cates = array();
while ($rs = $db->fetch_array($q)) {
$cates[] = $rs;
}
$db->free($q);
