function edit()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
//Sektions-Liste
if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') {
$_POST['secid'] = array('all');
}
if ($_POST['send'] == 1) {
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['catid'] || !$_POST['title'] || !$_POST['text']) {
infoNotComplete();
} else {
$_POST['secid'] = serialize_section($_POST['secid']);
$_POST['lastchange'] = time();
$_POST['lastchange_userid'] = $apx->user->info['userid'];
//Autor aktualisieren
if ($apx->user->has_spright('content.edit') && $_POST['userid']) {
if ($_POST['userid'] == 'send') {
$_POST['userid'] = 0;
} else {
$_POST['userid'] = $_POST['userid'];
}
$addfields .= ',userid';
}
$db->dupdate(PRE . '_content', 'secid,catid,title,text,meta_description,lastchange,lastchange_userid,allowcoms,searchable,allowrating' . $addfields, "WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('content.edit'), " AND userid='" . $apx->user->info['userid'] . "'") . " ) LIMIT 1");
logit('CONTENT_EDIT', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('content.show'));
}
} else {
$res = $db->first("SELECT secid,catid,userid,title,text,meta_description,searchable,allowrating,allowcoms FROM " . PRE . "_content WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('content.edit'), " AND userid='" . $apx->user->info['userid'] . "'") . " )");
foreach ($res as $key => $val) {
$_POST[$key] = $val;
}
$_POST['secid'] = unserialize_section($_POST['secid']);
mediamanager('content');
$apx->tmpl->assign('CATLIST', $this->get_catlist($_POST['catid']));
$apx->tmpl->assign('SECID', $_POST['secid']);
$apx->tmpl->assign('USERID', $_POST['userid']);
$apx->tmpl->assign('TITLE', compatible_hsc($_POST['title']));
$apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
$apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description']));
$apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']);
$apx->tmpl->assign('ALLOWRATING', (int) $_POST['allowrating']);
$apx->tmpl->assign('PUBNOW', (int) $_POST['pubnow']);
$apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']);
$apx->tmpl->assign('ACTION', 'edit');
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->parse('add_edit');
}
}
function edit()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
//Sektions-Liste
if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') {
$_POST['secid'] = array('all');
}
if ($_POST['send']) {
//Mindestens zwei Felder belegt?
for ($i = 1; $i <= 20; $i++) {
if ($_POST['a' . $i]) {
++$ac;
}
if ($ac == 2) {
break;
}
}
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['question'] || !$_POST['days'] || $ac < 2) {
infoNotComplete();
} else {
for ($i = 1; $i <= 20; $i++) {
if ($_POST['a' . $i] && $_POST['color' . $i]) {
$qcache[] = array($_POST['a' . $i], $_POST['color' . $i], $_POST['a' . $i . '_c']);
}
}
for ($i = 1; $i <= 20; $i++) {
$_POST['a' . $i] = $qcache[$i - 1][0];
$_POST['color' . $i] = $qcache[$i - 1][1];
$_POST['a' . $i . '_c'] = $qcache[$i - 1][2];
}
$_POST['secid'] = serialize_section($_POST['secid']);
//Veröffentlichung
if ($apx->user->has_right('poll.enable') && isset($_POST['t_day_1'])) {
$_POST['starttime'] = maketime(1);
$_POST['endtime'] = maketime(2);
if ($_POST['starttime']) {
if (!$_POST['endtime'] || $_POST['endtime'] <= $_POST['starttime']) {
$_POST['endtime'] = 3000000000;
}
$addfields = ',starttime,endtime';
}
}
$db->dupdate(PRE . '_poll', 'secid,question,meta_description,a1,a2,a3,a4,a5,a6,a7,a8,a9,a10,a11,a12,a13,a14,a15,a16,a17,a18,a19,a20,color1,color2,color3,color4,color5,color6,color7,color8,color9,color10,color11,color12,color13,color14,color15,color16,color17,color18,color19,color20,a1_c,a2_c,a3_c,a4_c,a5_c,a6_c,a7_c,a8_c,a9_c,a10_c,a11_c,a12_c,a13_c,a14_c,a15_c,a16_c,a17_c,a18_c,a19_c,a20_c,days,multiple,searchable,allowcoms' . $addfields, "WHERE ( id='" . $_REQUEST['id'] . "' ) LIMIT 1");
logit('POLL_EDIT', 'ID #' . $_REQUEST['id']);
//Tags
$db->query("DELETE FROM " . PRE . "_poll_tags WHERE id='" . $_REQUEST['id'] . "'");
$tagids = produceTagIds($_POST['tags']);
foreach ($tagids as $tagid) {
$db->query("INSERT IGNORE INTO " . PRE . "_poll_tags VALUES('" . $_REQUEST['id'] . "', '" . $tagid . "')");
}
printJSRedirect(get_index('poll.show'));
}
} else {
$res = $db->first("SELECT * FROM " . PRE . "_poll WHERE ( id='" . $_REQUEST['id'] . "' ) LIMIT 1");
foreach ($res as $key => $val) {
$_POST[$key] = $val;
}
$_POST['secid'] = unserialize_section($_POST['secid']);
//Veröffentlichung
if ($res['starttime']) {
maketimepost(1, $res['starttime']);
if ($res['endtime'] < 2147483647) {
maketimepost(2, $res['endtime']);
}
}
//Sektionen auflisten
if (is_array($apx->sections) && count($apx->sections)) {
$seclist = '<option value="all" style="font-weight:bold;"' . iif(in_array('all', $_POST['secid']), ' selected="selected"') . '>' . $apx->lang->get('ALLSEC') . '</option>';
foreach ($apx->sections as $id => $info) {
$seclist .= '<option value="' . $id . '"' . iif(in_array($id, $_POST['secid']), ' selected="selected"') . '>' . replace($info['title']) . '</option>';
}
}
//Antwortmöglichkeiten
for ($i = 1; $i <= 20; $i++) {
if ($i > 1 && !$_POST['a' . $i]) {
continue;
}
$answerdata[$i]['TEXT'] = compatible_hsc($_POST['a' . $i]);
$answerdata[$i]['VOTES'] = intval($_POST['a' . $i . '_c']);
$answerdata[$i]['COLOR'] = iif($_POST['color' . $i], $_POST['color' . $i], $this->colors[0]);
$answerdata[$i]['DISPLAY'] = 1;
}
//Felder auffüllen
while (count($answerdata) < 20) {
$answerdata[] = array('COLOR' => $this->colors[0]);
}
//Veröffentlichung
if ($apx->user->has_right('poll.enable') && isset($_POST['t_day_1'])) {
$apx->tmpl->assign('STARTTIME', choosetime(1, 0, maketime(1)));
$apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2)));
}
//Farben
foreach ($this->colors as $color) {
$colordata[]['ID'] = $color;
}
//Tags
$tags = array();
$tagdata = $db->fetch("\n\t\t\tSELECT t.tag\n\t\t\tFROM " . PRE . "_poll_tags AS n\n\t\t\tLEFT JOIN " . PRE . "_tags AS t USING(tagid)\n\t\t\tWHERE n.id='" . $_REQUEST['id'] . "'\n\t\t\tORDER BY t.tag ASC\n\t\t");
$tags = get_ids($tagdata, 'tag');
$_POST['tags'] = implode(', ', $tags);
$apx->tmpl->assign('COLOR', $colordata);
$apx->tmpl->assign('ANSWER', $answerdata);
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('SECLIST', $seclist);
$apx->tmpl->assign('QUESTION', compatible_hsc($_POST['question']));
$apx->tmpl->assign('DAYS', intval($_POST['days']));
$apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description']));
$apx->tmpl->assign('TAGS', compatible_hsc($_POST['tags']));
$apx->tmpl->assign('MULTIPLE', (int) $_POST['multiple']);
$apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']);
$apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']);
$apx->tmpl->parse('edit');
}
}
function stats()
{
global $set, $db, $apx;
$datestamp = date('Ymd', time() - TIMEDIFF);
list($count_files) = $db->first("SELECT count(id) FROM " . PRE . "_videos WHERE starttime!='0'");
$count_dlsperday = $this->stats_dlsperday();
$count_sizeperday = $this->stats_sizeperday();
list($count_all, $size[0]) = $db->first("SELECT sum(hits),sum(bytes*hits) FROM " . PRE . "_videos_stats");
list($count_week, $size[1]) = $db->first("SELECT sum(hits),sum(bytes*hits) FROM " . PRE . "_videos_stats WHERE daystamp BETWEEN '" . date('Ymd', time() - 6 * 24 * 3600 - TIMEDIFF) . "' AND '" . date('Ymd', time() - TIMEDIFF) . "'");
list($count_today, $size[2]) = $db->first("SELECT sum(hits),sum(bytes*hits) FROM " . PRE . "_videos_stats WHERE daystamp='" . date('Ymd', time() - TIMEDIFF) . "'");
$apx->tmpl->assign('FILES', $count_files);
$apx->tmpl->assign('DLS_PERDAY', $count_dlsperday);
$apx->tmpl->assign('SIZE_PERDAY', $count_sizeperday);
$apx->tmpl->assign('DLS_ALL', (int) $count_all);
$apx->tmpl->assign('DLS_WEEK', (int) $count_week);
$apx->tmpl->assign('DLS_TODAY', (int) $count_today);
$apx->tmpl->assign('SIZE_ALL', $this->format_size($size[0]));
$apx->tmpl->assign('SIZE_WEEK', $this->format_size($size[1]));
$apx->tmpl->assign('SIZE_TODAY', $this->format_size($size[2]));
//Die letzten 50 Tage
if ($_REQUEST['show'] == 'size') {
$data = $db->fetch("SELECT sum(bytes*hits) AS count,daystamp,time FROM " . PRE . "_videos_stats WHERE daystamp>='" . date('Ymd', time() - 50 * 24 * 3600 - TIMEDIFF) . "' GROUP BY daystamp ORDER BY daystamp ASC");
$apx->tmpl->assign('GRAPH_HEADLINE', $apx->lang->get('TRAFFIC'));
} else {
$data = $db->fetch("SELECT sum(hits) AS count,daystamp,time FROM " . PRE . "_videos_stats WHERE daystamp>='" . date('Ymd', time() - 50 * 24 * 3600 - TIMEDIFF) . "' GROUP BY daystamp ORDER BY daystamp ASC");
$apx->tmpl->assign('GRAPH_HEADLINE', $apx->lang->get('DOWNLOADS'));
}
if (count($data)) {
//Maximum holen
foreach ($data as $res) {
if ($res['count'] > $max) {
$max = $res['count'];
}
}
//Base generieren
if ($_REQUEST['show'] == 'size') {
if (strlen($max) > 3) {
$pot = floor(strlen($max) / 3);
$multi = floor(strlen($max) % 3);
if ($multi == 0) {
--$pot;
$multi = 3;
}
for ($i = 1; $i <= 10; $i++) {
$base = pow(1024, $pot) * pow(10, $multi - 1) * $i;
if ($base >= $max) {
break;
}
}
} else {
for ($i = 1; $i <= 10; $i++) {
$base = pow(10, strlen($max) - 1) * $i;
if ($base >= $max) {
break;
}
}
}
$apx->tmpl->assign('SCALE1', $this->format_size(round($base / 4), 0));
$apx->tmpl->assign('SCALE2', $this->format_size(round($base / 4 * 2), 0));
$apx->tmpl->assign('SCALE3', $this->format_size(round($base / 4 * 3), 0));
$apx->tmpl->assign('SCALE4', $this->format_size(round($base), 0));
} else {
if (strlen($max) > 1) {
for ($i = 1; $i <= 10; $i++) {
$base = pow(10, strlen($max) - 1) * $i;
if ($base >= $max) {
break;
}
}
} else {
$base = $max;
}
$apx->tmpl->assign('SCALE1', round($base / 4));
$apx->tmpl->assign('SCALE2', round($base / 4 * 2));
$apx->tmpl->assign('SCALE3', round($base / 4 * 3));
$apx->tmpl->assign('SCALE4', $base);
}
//Statistik generieren
foreach ($data as $res) {
++$i;
if ($_REQUEST['show'] == 'size') {
$info = $this->format_size($res['count']);
} else {
$info = $res['count'] . ' ' . $apx->lang->get('HITS');
}
$statdata[$i]['DATE'] = apxdate($res['time']);
$statdata[$i]['INFO'] = $info;
$statdata[$i]['COUNT'] = $res['count'];
$statdata[$i]['HEIGHT'] = round($res['count'] / $base * 299);
}
}
//Beliebteste Videos
$data = $db->fetch("SELECT sum(a.hits) AS count,b.id,b.title FROM " . PRE . "_videos_stats AS a LEFT JOIN " . PRE . "_videos AS b ON a.dlid=b.id WHERE time BETWEEN '" . (time() - 7 * 24 * 3600) . "' AND '" . time() . "' GROUP BY dlid ORDER BY count DESC LIMIT 20");
if (count($data)) {
foreach ($data as $res) {
++$i;
$popdata[$i]['COUNT'] = $res['count'];
$popdata[$i]['TITLE'] = strip_tags($res['title']);
$popdata[$i]['LINK'] = mklink('videos.php?id=' . $res['id'], 'videos,id' . $res['id'] . urlformat($res['title']) . '.html', iif($set['main']['forcesection'], iif(unserialize_section($res['secid']) == array('all'), $apx->section_default, array_shift($tmp = unserialize_section($res['secid']))), 0));
}
}
$apx->tmpl->assign('STAT', $statdata);
$apx->tmpl->assign('POP', $popdata);
$apx->tmpl->parse('stats');
}
function postPollTwitter($data, &$twitter)
{
global $set, $apx, $db;
foreach ($data as $entry) {
$tmp = unserialize_section($entry['secid']);
$entry['link'] = mklink('poll.php?id=' . $entry['id'], 'poll,' . $entry['id'] . urlformat($entry['title']) . '.html', iif($set['main']['forcesection'], iif(unserialize_section($entry['secid']) == array('all'), $apx->section_default, array_shift($tmp)), 0));
$sectionTitle = getTwitterSectionTitle($entry['secid']);
$input = array('SECTION' => $sectionTitle, 'TITLE' => $entry['title'], 'LINK' => $entry['link']);
postTwitterMessage($twitter, $set['twitter']['tpl_poll'], $input);
}
}
function edit()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
//Sektions-Liste
if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') {
$_POST['secid'] = array('all');
}
$info = $db->first("SELECT secid,`group`,title,text,image,link,starttime,endtime FROM " . PRE . "_teaser WHERE id='" . intval($_REQUEST['id']) . "' LIMIT 1");
if ($_POST['send'] == 1) {
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$ext = $mm->getext($_FILES['image']['name']);
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['title'] || !$_POST['link']) {
infoNotComplete();
} elseif ($_FILES['image']['tmp_name'] && !in_array($ext, array('GIF', 'JPG', 'JPE', 'JPEG', 'PNG'))) {
info($apx->lang->get('INFO_NOIMAGE'));
} else {
//Bild aktualisieren
if ($_FILES['image']['tmp_name']) {
list($oldpic) = $db->first("SELECT image FROM " . PRE . "_teaser WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
if ($oldpic) {
$mm->deletefile($oldpic);
}
$newfile = 'teaser-' . intval($_REQUEST['id']) . '.' . strtolower($ext);
$mm->uploadfile($_FILES['image'], 'teaser', $newfile);
$_POST['image'] = 'teaser/' . $newfile;
} elseif ($_POST['delimage']) {
list($oldpic) = $db->first("SELECT image FROM " . PRE . "_teaser WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$mm->deletefile($oldpic);
$_POST['image'] = '';
}
$_POST['secid'] = serialize_section($_POST['secid']);
//Veröffentlichung
$addfields = '';
if ($apx->user->has_right('teaser.enable') && isset($_POST['t_day_1'])) {
$_POST['starttime'] = maketime(1);
$_POST['endtime'] = maketime(2);
if ($_POST['starttime']) {
if (!$_POST['endtime'] || $_POST['endtime'] <= $_POST['starttime']) {
$_POST['endtime'] = 3000000000;
}
$addfields = ',starttime,endtime';
}
}
$db->dupdate(PRE . '_teaser', 'secid,group,title,text,link' . iif(isset($_POST['image']), ',image') . $addfields, "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
logit('TEASER_EDIT', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('teaser.show'));
}
} else {
$_POST['group'] = $info['group'];
$_POST['title'] = $info['title'];
$_POST['text'] = $info['text'];
$_POST['link'] = $info['link'];
$_POST['starttime'] = $info['starttime'];
$_POST['endtime'] = $info['endtime'];
$_POST['secid'] = unserialize_section($info['secid']);
$imageWidth = '';
if ($info['image']) {
$size = @getimagesize(BASEDIR . getpath('uploads') . $info['image']);
if ($size[0] && $size[0] > 300) {
$imageWidth = 300;
}
}
//Bannergruppen auflisten
$grouplist = '';
foreach ($set['teaser']['groups'] as $id => $title) {
$grouplist .= '<option value="' . $id . '"' . iif($id == $_POST['group'], ' selected="selected"') . '>' . replace($title) . '</option>';
}
//Veröffentlichung
if ($_POST['starttime']) {
maketimepost(1, $_POST['starttime']);
if ($_POST['endtime'] < 2147483647) {
maketimepost(2, $_POST['endtime']);
}
}
//Veröffentlichung
if ($apx->user->has_right('teaser.enable') && isset($_POST['t_day_1'])) {
$apx->tmpl->assign('STARTTIME', choosetime(1, 0, maketime(1)));
$apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2)));
}
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('SECID', $_POST['secid']);
$apx->tmpl->assign('GROUPS', $grouplist);
$apx->tmpl->assign('TITLE', compatible_hsc($_POST['title']));
$apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
$apx->tmpl->assign('LINK', compatible_hsc($_POST['link']));
$apx->tmpl->assign('IMAGE', iif($info['image'], getpath('uploads') . $info['image']));
$apx->tmpl->assign('IMAGE_WIDTH', $imageWidth);
$apx->tmpl->assign('DELIMAGE', (int) $_POST['delimage']);
$apx->tmpl->parse('edit');
}
}
function edit()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
//Sektions-Liste
if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') {
$_POST['secid'] = array('all');
}
//News aktualisieren
if ($_POST['send'] == 1) {
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['title'] || !$_POST['catid'] || !$_POST['text']) {
infoNotComplete();
} elseif ($_POST['catid'] != 'newcat' && !$this->category_is_open($_POST['catid'])) {
die('you are not allowed to add news to this category!');
} elseif (!$this->update_newspic()) {
/*DO NOTHING*/
} else {
//Links
for ($i = 1; $i <= 40; $i++) {
if (!$_POST['link' . $i . '_title'] || !$_POST['link' . $i . '_text'] || !$_POST['link' . $i . '_url']) {
continue;
}
$links[] = array('title' => $_POST['link' . $i . '_title'], 'text' => $_POST['link' . $i . '_text'], 'url' => $_POST['link' . $i . '_url'], 'popup' => intval($_POST['link' . $i . '_popup']));
}
//Veröffentlichung
if ($apx->user->has_right('news.enable') && isset($_POST['t_day_1'])) {
$_POST['starttime'] = maketime(1);
$_POST['endtime'] = maketime(2);
if ($_POST['starttime']) {
if (!$_POST['endtime'] || $_POST['endtime'] <= $_POST['starttime']) {
$_POST['endtime'] = 3000000000;
}
$addfields = ',starttime,endtime';
}
}
//Sticky Ende
if ($_POST['sticky'] && ($stickyend = maketime(3)) != 0) {
$_POST['sticky'] = $stickyend;
} elseif ($_POST['sticky']) {
$_POST['sticky'] = 3000000000;
}
//Autor
if ($apx->user->has_spright('news.edit') && $_POST['userid']) {
if ($_POST['userid'] == 'send') {
$_POST['userid'] = 0;
} else {
$_POST['userid'] = $_POST['userid'];
}
$addfields .= ',userid';
}
$_POST['secid'] = serialize_section($_POST['secid']);
$_POST['links'] = serialize($links);
$_POST['newspic'] = $this->newspicpath;
$db->dupdate(PRE . '_news', 'secid,prodid,catid,title,subtitle,newspic,teaser,text,meta_description,galid,links,top,sticky,searchable,restricted,allowcoms,allowrating' . $addfields, "WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('news.edit'), " AND userid='" . $apx->user->info['userid'] . "'") . " )");
logit('NEWS_EDIT', "ID #" . $_REQUEST['id']);
//Tags
$db->query("DELETE FROM " . PRE . "_news_tags WHERE id='" . $_REQUEST['id'] . "'");
$tagids = produceTagIds($_POST['tags']);
foreach ($tagids as $tagid) {
$db->query("INSERT IGNORE INTO " . PRE . "_news_tags VALUES('" . $_REQUEST['id'] . "', '" . $tagid . "')");
}
if ($_POST['catid'] == 'newcat' && $apx->user->has_right('news.catadd')) {
printJSRedirect('action.php?action=news.catadd&addid=' . $_REQUEST['id']);
} else {
printJSRedirect(get_index('news.show'));
}
}
} else {
$res = $db->first("SELECT secid,prodid,userid,send_username,send_email,catid,newspic,title,subtitle,teaser,text,meta_description,galid,links,top,sticky,searchable,restricted,allowcoms,allowrating,starttime,endtime FROM " . PRE . "_news WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('news.edit'), " AND userid='" . $apx->user->info['userid'] . "'") . " ) LIMIT 1", 1);
//Umsetzung zu POST
foreach ($res as $key => $val) {
if ($key == 'links') {
continue;
}
$_POST[$key] = $val;
}
//Keine Benutzer-ID gesetzt => Eingesendete News
if (!$res['userid']) {
$_POST['userid'] = 'send';
}
//Links umformen
$_POST['link1_popup'] = 1;
$links = unserialize($res['links']);
if (is_array($links) && count($links)) {
foreach ($links as $link) {
++$i;
$_POST['link' . $i . '_title'] = $link['title'];
$_POST['link' . $i . '_text'] = $link['text'];
$_POST['link' . $i . '_url'] = $link['url'];
$_POST['link' . $i . '_popup'] = $link['popup'];
}
}
//Veröffentlichung
if ($res['starttime']) {
maketimepost(1, $res['starttime']);
if ($res['endtime'] < 2147483647) {
maketimepost(2, $res['endtime']);
}
}
//Sticky Ende
if ($res['sticky'] < 2147483647) {
maketimepost(3, $res['sticky']);
}
$_POST['secid'] = unserialize_section($_POST['secid']);
mediamanager('news');
//Normale Links
if (!$_POST['link1_title']) {
$_POST['link1_title'] = $apx->lang->get('LLINK');
}
for ($i = 1; $i <= 40; $i++) {
if ($i > 1 && (!$_POST['link' . $i . '_title'] || $_POST['link' . $i . '_title'] == $apx->lang->get('LLINK')) && !$_POST['link' . $i . '_text'] && !$_POST['link' . $i . '_url']) {
continue;
}
$linklist[] = array('TITLE' => compatible_hsc($_POST['link' . $i . '_title']), 'TEXT' => compatible_hsc($_POST['link' . $i . '_text']), 'URL' => compatible_hsc($_POST['link' . $i . '_url']), 'POPUP' => (int) $_POST['link' . $i . '_popup'], 'DISPLAY' => 1);
}
while (count($linklist) < 40) {
$linklist[] = array('TITLE' => $apx->lang->get('LLINK'), 'POPUP' => 1);
}
//Veröffentlichung
if ($apx->user->has_right('news.enable') && isset($_POST['t_day_1'])) {
$apx->tmpl->assign('STARTTIME', choosetime(1, 0, maketime(1)));
$apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2)));
}
//Einsende-User beachten
$send = $db->first("SELECT send_username,send_email FROM " . PRE . "_news WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
if ($send['send_username']) {
$usersend = '<option value="send"' . iif($_POST['userid'] == 'send', ' selected="selected"') . '>' . $apx->lang->get('GUEST') . ': ' . $send['send_username'] . iif($send['send_email'], ' (' . $send['send_email'] . ')') . '</option>';
}
//Newspic
$teaserpic = '';
if ($_POST['newspic']) {
$teaserpicpath = $_POST['newspic'];
$poppicpath = str_replace('-thumb.', '.', $teaserpicpath);
if (file_exists(BASEDIR . getpath('uploads') . $poppicpath)) {
$teaserpic = '../' . getpath('uploads') . $poppicpath;
} else {
$teaserpic = '../' . getpath('uploads') . $teaserpicpath;
}
}
//Tags
$tags = array();
$tagdata = $db->fetch("\n\t\t\tSELECT t.tag\n\t\t\tFROM " . PRE . "_news_tags AS n\n\t\t\tLEFT JOIN " . PRE . "_tags AS t USING(tagid)\n\t\t\tWHERE n.id='" . $_REQUEST['id'] . "'\n\t\t\tORDER BY t.tag ASC\n\t\t");
$tags = get_ids($tagdata, 'tag');
$_POST['tags'] = implode(', ', $tags);
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('USERID', $_POST['userid']);
$apx->tmpl->assign('PRODID', $_POST['prodid']);
$apx->tmpl->assign('USER_SEND', $usersend);
$apx->tmpl->assign('SECID', $_POST['secid']);
$apx->tmpl->assign('GALID', $_POST['galid']);
$apx->tmpl->assign('CATLIST', $this->get_catlist());
$apx->tmpl->assign('TITLE', compatible_hsc($_POST['title']));
$apx->tmpl->assign('SUBTITLE', compatible_hsc($_POST['subtitle']));
$apx->tmpl->assign('TEASER', compatible_hsc($_POST['teaser']));
$apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
$apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description']));
$apx->tmpl->assign('TAGS', compatible_hsc($_POST['tags']));
$apx->tmpl->assign('NEWSPIC', $teaserpic);
$apx->tmpl->assign('PIC_COPY', compatible_hsc($_POST['pic_copy']));
$apx->tmpl->assign('LINK', $linklist);
$apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']);
$apx->tmpl->assign('ALLOWRATING', (int) $_POST['allowrating']);
$apx->tmpl->assign('TOP', (int) $_POST['top']);
$apx->tmpl->assign('STICKY', (int) $_POST['sticky']);
$apx->tmpl->assign('STICKYTIME', choosetime(3, 1, maketime(3)));
$apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']);
$apx->tmpl->assign('RESTRICTED', (int) $_POST['restricted']);
$apx->tmpl->parse('edit');
}
}
function edit()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
//Sektions-Liste
if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') {
$_POST['secid'] = array('all');
}
//Anfrage abesenden
if ($_POST['send'] == 1) {
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['title'] || !$_POST['url'] || !$_POST['catid'] || !$_POST['text']) {
infoNotComplete();
} elseif (!$this->update_linkpic()) {
/*DO NOTHING*/
} else {
$_POST['secid'] = serialize_section($_POST['secid']);
$_POST['linkpic'] = $this->linkpicpath;
//Autor
if ($apx->user->has_spright('links.edit') && $_POST['userid']) {
if ($_POST['userid'] == 'send') {
$_POST['userid'] = 0;
} else {
$_POST['userid'] = $_POST['userid'];
}
$addfields .= ',userid';
}
//Veröffentlichung
if ($apx->user->has_right('links.enable') && isset($_POST['t_day_1'])) {
$_POST['starttime'] = maketime(1);
$_POST['endtime'] = maketime(2);
if ($_POST['starttime']) {
if (!$_POST['endtime'] || $_POST['endtime'] <= $_POST['starttime']) {
$_POST['endtime'] = 3000000000;
}
$addfields .= ',starttime,endtime';
}
}
$db->dupdate(PRE . '_links', 'secid,catid,userid,title,url,linkpic,text,meta_description,galid,searchable,restricted,allowcoms,allowrating,top' . $addfield, "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
logit('LINKS_EDIT', 'ID #' . $_REQUEST['id']);
//Tags
$db->query("DELETE FROM " . PRE . "_links_tags WHERE id='" . $_REQUEST['id'] . "'");
$tagids = produceTagIds($_POST['tags']);
foreach ($tagids as $tagid) {
$db->query("INSERT IGNORE INTO " . PRE . "_links_tags VALUES('" . $_REQUEST['id'] . "', '" . $tagid . "')");
}
if ($_POST['catid'] == 'newcat' && $apx->user->has_right('links.catadd')) {
return printJSRedirect('action.php?action=links.catadd&addid=' . $_REQUEST['id']);
} else {
printJSRedirect(get_index('links.show'));
}
}
} else {
$res = $db->first("SELECT * FROM " . PRE . "_links WHERE id='" . $_REQUEST['id'] . "' LIMIT 1", 1);
foreach ($res as $key => $val) {
$_POST[$key] = $val;
}
$_POST['secid'] = unserialize_section($_POST['secid']);
//Keine Benutzer-ID gesetzt => Eingesendeter Link
if (!$res['userid']) {
$_POST['userid'] = 'send';
}
//Veröffentlichung
if ($res['starttime']) {
maketimepost(1, $res['starttime']);
if ($res['endtime'] < 2147483647) {
maketimepost(2, $res['endtime']);
}
}
mediamanager('links');
//Veröffentlichung
if ($apx->user->has_right('links.enable') && isset($_POST['t_day_1'])) {
$apx->tmpl->assign('STARTTIME', choosetime(1, 0, maketime(1)));
$apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2)));
}
//Einsende-User beachten
$send = $db->first("SELECT send_username,send_email FROM " . PRE . "_links WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
if ($send['send_username']) {
$usersend = '<option value="send"' . iif($_POST['userid'] == 'send', ' selected="selected"') . '>' . $apx->lang->get('GUEST') . ': ' . $send['send_username'] . iif($send['send_email'], ' (' . $send['send_email'] . ')') . '</option>';
}
//Bild
$teaserpic = '';
if ($_POST['linkpic']) {
$teaserpicpath = $_POST['linkpic'];
$poppicpath = str_replace('-thumb.', '.', $teaserpicpath);
if (file_exists(BASEDIR . getpath('uploads') . $poppicpath)) {
$teaserpic = '../' . getpath('uploads') . $poppicpath;
} else {
$teaserpic = '../' . getpath('uploads') . $teaserpicpath;
}
}
//Tags
$tags = array();
$tagdata = $db->fetch("\n\t\t\tSELECT t.tag\n\t\t\tFROM " . PRE . "_links_tags AS n\n\t\t\tLEFT JOIN " . PRE . "_tags AS t USING(tagid)\n\t\t\tWHERE n.id='" . $_REQUEST['id'] . "'\n\t\t\tORDER BY t.tag ASC\n\t\t");
$tags = get_ids($tagdata, 'tag');
$_POST['tags'] = implode(', ', $tags);
$apx->tmpl->assign('USERID', $_POST['userid']);
$apx->tmpl->assign('USER_SEND', $usersend);
$apx->tmpl->assign('SECID', $_POST['secid']);
$apx->tmpl->assign('GALID', $_POST['galid']);
$apx->tmpl->assign('CATLIST', $this->get_catlist());
$apx->tmpl->assign('TITLE', compatible_hsc($_POST['title']));
$apx->tmpl->assign('URL', compatible_hsc($_POST['url']));
$apx->tmpl->assign('LINKPIC', $teaserpic);
$apx->tmpl->assign('PIC_COPY', compatible_hsc($_POST['pic_copy']));
$apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
$apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description']));
$apx->tmpl->assign('TAGS', compatible_hsc($_POST['tags']));
$apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']);
$apx->tmpl->assign('ALLOWRATING', (int) $_POST['allowrating']);
$apx->tmpl->assign('TOP', (int) $_POST['top']);
$apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']);
$apx->tmpl->assign('RESTRICTED', (int) $_POST['restricted']);
$apx->tmpl->assign('ACTION', 'edit');
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->parse('add_edit');
}
}
function edit()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!in_array($_REQUEST['pageid'], array('new', 'conclusion', 'pics'))) {
$_REQUEST['pageid'] = (int) $_REQUEST['pageid'];
}
if (!$_REQUEST['id']) {
die('missing ID!');
}
//Artikelseiten
if ($_REQUEST['pageid']) {
$this->pagecontent();
return;
}
//Sektions-Liste
if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') {
$_POST['secid'] = array('all');
}
//Artikel aktualisieren
if ($_POST['send'] == 1) {
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['title'] || !$_POST['catid']) {
infoNotComplete();
} elseif ($_POST['catid'] != 'newcat' && !$this->category_is_open($_POST['catid'])) {
die('you are not allowed to add articles to this category!');
} elseif (!$this->update_artpic()) {
/*DO NOTHING*/
} else {
//Links
for ($i = 1; $i <= 20; $i++) {
if (!$_POST['link' . $i . '_title'] || !$_POST['link' . $i . '_text'] || !$_POST['link' . $i . '_url']) {
continue;
}
$links[] = array('title' => $_POST['link' . $i . '_title'], 'text' => $_POST['link' . $i . '_text'], 'url' => $_POST['link' . $i . '_url'], 'popup' => intval($_POST['link' . $i . '_popup']));
}
//Veröffentlichung
if ($apx->user->has_right('article.enable') && isset($_POST['t_day_1'])) {
$_POST['starttime'] = maketime(1);
$_POST['endtime'] = maketime(2);
if ($_POST['starttime']) {
if (!$_POST['endtime'] || $_POST['endtime'] <= $_POST['starttime']) {
$_POST['endtime'] = 3000000000;
}
$addfields = ',starttime,endtime';
}
}
//Sticky Ende
if ($_POST['sticky'] && ($stickyend = maketime(3)) != 0) {
$_POST['sticky'] = $stickyend;
} elseif ($_POST['sticky']) {
$_POST['sticky'] = 3000000000;
}
//Autor
if ($apx->user->has_spright('article.edit') && $_POST['userid']) {
$addfields .= ',userid';
}
$_POST['secid'] = serialize_section($_POST['secid']);
$_POST['artpic'] = $this->artpicpath;
$_POST['teaser'] = $_POST['text'];
$_POST['links'] = serialize($links);
$db->dupdate(PRE . '_articles', $addfield . 'secid,prodid,catid,title,subtitle,artpic,teaser,meta_description,galid,links,top,sticky,searchable,restricted,allowcoms,allowrating' . $addfields, "WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('articles.edit'), " AND userid='" . $apx->user->info['userid'] . "'") . " )");
logit('ARTICLES_EDIT', 'ID #' . $_REQUEST['id']);
//Tags
$db->query("DELETE FROM " . PRE . "_articles_tags WHERE id='" . $_REQUEST['id'] . "'");
$tagids = produceTagIds($_POST['tags']);
foreach ($tagids as $tagid) {
$db->query("INSERT IGNORE INTO " . PRE . "_articles_tags VALUES('" . $_REQUEST['id'] . "', '" . $tagid . "')");
}
if ($_POST['catid'] == 'newcat' && $apx->user->has_right('articles.catadd')) {
header("HTTP/1.1 301 Moved Permanently");
header('location:action.php?action=articles.catadd&addid=' . $_REQUEST['id'] . '&from=edit' . iif($_POST['submit_finish'], '&finish=1'));
} elseif ($_POST['submit_finish']) {
$this->finish_article();
} else {
list($pageid) = $db->first("SELECT id FROM " . PRE . "_articles_pages WHERE artid='" . $_REQUEST['id'] . "' ORDER BY ord ASC LIMIT 1");
if (!$pageid) {
$pageid = 'new';
}
printJSRedirect('action.php?action=articles.edit&id=' . $_REQUEST['id'] . '&pageid=' . $pageid);
}
return;
}
} else {
$res = $_POST = $db->first("SELECT userid,secid,prodid,catid,artpic,title,subtitle,teaser,links,meta_description,galid,top,sticky,searchable,restricted,allowcoms,allowrating,starttime,endtime FROM " . PRE . "_articles WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('articles.edit'), " AND userid='" . $apx->user->info['userid'] . "'") . " ) LIMIT 1", true);
$_POST['text'] = $_POST['teaser'];
$_POST['secid'] = unserialize_section($_POST['secid']);
//Links umformen
$_POST['link1_popup'] = 1;
$links = unserialize($res['links']);
if (is_array($links) && count($links)) {
foreach ($links as $link) {
++$i;
$_POST['link' . $i . '_title'] = $link['title'];
$_POST['link' . $i . '_text'] = $link['text'];
$_POST['link' . $i . '_url'] = $link['url'];
$_POST['link' . $i . '_popup'] = $link['popup'];
}
}
//Veröffentlichung
if ($res['starttime']) {
maketimepost(1, $res['starttime']);
if ($res['endtime'] < 2147483647) {
maketimepost(2, $res['endtime']);
}
}
//Sticky Ende
if ($res['sticky'] < 2147483647) {
maketimepost(3, $res['sticky']);
}
mediamanager('articles');
//Links
if (!$_POST['link1_title']) {
$_POST['link1_title'] = $apx->lang->get('LLINK');
}
for ($i = 1; $i <= 20; $i++) {
if ($i > 1 && (!$_POST['link' . $i . '_title'] || $_POST['link' . $i . '_title'] == $apx->lang->get('LLINK')) && !$_POST['link' . $i . '_text'] && !$_POST['link' . $i . '_url']) {
continue;
}
$linklist[] = array('TITLE' => compatible_hsc($_POST['link' . $i . '_title']), 'TEXT' => compatible_hsc($_POST['link' . $i . '_text']), 'URL' => compatible_hsc($_POST['link' . $i . '_url']), 'POPUP' => (int) $_POST['link' . $i . '_popup'], 'DISPLAY' => 1);
}
while (count($linklist) < 20) {
$linklist[] = array('TITLE' => $apx->lang->get('LLINK'), 'POPUP' => 1);
}
//Veröffentlichung
if ($apx->user->has_right('articles.enable') && isset($_POST['t_day_1'])) {
$apx->tmpl->assign('STARTTIME', choosetime(1, 0, maketime(1)));
$apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2)));
}
//Artpicpic
$teaserpic = '';
if ($_POST['artpic']) {
$teaserpicpath = $_POST['artpic'];
$poppicpath = str_replace('-thumb.', '.', $teaserpicpath);
if (file_exists(BASEDIR . getpath('uploads') . $poppicpath)) {
$teaserpic = '../' . getpath('uploads') . $poppicpath;
} else {
$teaserpic = '../' . getpath('uploads') . $teaserpicpath;
}
}
//Tags
$tags = array();
$tagdata = $db->fetch("\n\t\t\tSELECT t.tag\n\t\t\tFROM " . PRE . "_articles_tags AS n\n\t\t\tLEFT JOIN " . PRE . "_tags AS t USING(tagid)\n\t\t\tWHERE n.id='" . $_REQUEST['id'] . "'\n\t\t\tORDER BY t.tag ASC\n\t\t");
$tags = get_ids($tagdata, 'tag');
$_POST['tags'] = implode(', ', $tags);
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('USERID', $_POST['userid']);
$apx->tmpl->assign('PRODID', $_POST['prodid']);
$apx->tmpl->assign('GALID', $_POST['galid']);
$apx->tmpl->assign('SECID', $_POST['secid']);
$apx->tmpl->assign('CATLIST', $this->get_catlist());
$apx->tmpl->assign('TITLE', compatible_hsc($_POST['title']));
$apx->tmpl->assign('SUBTITLE', compatible_hsc($_POST['subtitle']));
$apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
$apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description']));
$apx->tmpl->assign('TAGS', compatible_hsc($_POST['tags']));
$apx->tmpl->assign('ARTPIC', $teaserpic);
$apx->tmpl->assign('PIC_COPY', compatible_hsc($_POST['pic_copy']));
$apx->tmpl->assign('LINK', $linklist);
$apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']);
$apx->tmpl->assign('ALLOWRATING', (int) $_POST['allowrating']);
$apx->tmpl->assign('TOP', (int) $_POST['top']);
$apx->tmpl->assign('STICKY', (int) $_POST['sticky']);
$apx->tmpl->assign('STICKYTIME', choosetime(3, 1, maketime(3)));
$apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']);
$apx->tmpl->assign('RESTRICTED', (int) $_POST['restricted']);
$apx->tmpl->parse('edit');
}
}
function addnews()
{
global $set, $db, $apx;
if (!$apx->is_module('news')) {
die('module news is not active!');
}
//Zeitraum generieren
if (!$_POST['period'] && !$_POST['finish'] && !$_POST['send']) {
$_POST['day_count'] = (int) $_POST['day_count'];
$_POST['week_count'] = (int) $_POST['week_count'];
$_POST['month_count'] = (int) $_POST['month_count'];
if ($_POST['type'] == 'day' && $_POST['day_count']) {
$_POST['period'] = $_POST['day_count'] * 24 * 3600;
} elseif ($_POST['type'] == 'week' && $_POST['week_count']) {
$_POST['period'] = $_POST['week_count'] * 7 * 24 * 3600;
} elseif ($_POST['type'] == 'month' && $_POST['month_count']) {
$_POST['period'] = $_POST['month_count'] * 30 * 24 * 3600;
}
}
//Newsletter erstellen
if ($_POST['finish']) {
if ($_POST['send'] == 1) {
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['subject'] || !$_POST['text']) {
infoNotComplete();
} else {
$_POST['addtime'] = time();
$db->dinsert(PRE . '_newsletter', 'catid,subject,text,text_html,addtime');
$insertid = $db->insert_id();
logit('NEWSLETTER_ADDNEWS', $insertid);
printJSRedirect('action.php?action=newsletter.show');
}
} else {
if (is_array($_POST['news']) && count($_POST['news'])) {
foreach ($_POST['news'] as $id => $trash) {
$id = (int) $id;
if (!$id) {
continue;
}
$ids[] = $id;
}
//Sonderzeichen-Symbole entfernen
$trans = get_html_translation_table(HTML_ENTITIES);
$trans = array_flip($trans);
$data = $db->fetch("SELECT id,secid,title,subtitle,teaser,text FROM " . PRE . "_news WHERE id IN (" . implode(',', $ids) . ")");
if (count($data)) {
foreach ($data as $res) {
++$ii;
//Image-Codes entfernen
$res['teaser'] = preg_replace('#{IMAGE\\( *[0-9]+ *\\)}#s', '', $res['teaser']);
$res['text'] = preg_replace('#{IMAGE\\( *[0-9]+ *\\)}#s', '', $res['text']);
$tmp = unserialize_section($res['secid']);
$newslink = HTTP_HOST . mklink('news.php?id=' . $res['id'], 'news,id' . $res['id'] . urlformat($res['title']) . '.html', iif($set['main']['forcesection'], iif(unserialize_section($res['secid']) == array('all'), $apx->section_default, array_shift($tmp)), 0));
$text .= strip_tags($res['title']) . "\n" . iif($res['teaser'], strip_tags(strtr($res['teaser'], $trans)) . "\n") . strip_tags(strtr($res['text'], $trans)) . "\n\n\n";
$text_html .= iif($ii > 1, '<br><br><br>') . '<b><a href="' . $newslink . '">' . $res['title'] . '</a></b><br>' . iif($res['teaser'], $res['teaser'] . '<br>') . $res['text'];
}
}
}
$_POST['text'] = trim($text);
$_POST['text_html'] = trim($text_html);
}
//Kategorien
$catinfo = $set['newsletter']['categories'];
asort($catinfo);
foreach ($catinfo as $id => $name) {
$catlist .= '<option value="' . $id . '"' . iif(intval($_POST['catid']) == $id, 'selected="selected"') . '>' . $name . '</option>';
}
$apx->tmpl->assign('ACTION', 'add');
$apx->tmpl->assign('SUBJECT', compatible_hsc($_POST['subject']));
$apx->tmpl->assign('CATLIST', $catlist);
$apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
$apx->tmpl->assign('TEXT_HTML', compatible_hsc($_POST['text_html']));
$apx->tmpl->parse('add_edit');
} elseif ($_POST['period']) {
//Sektions-Liste
if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') {
$_POST['secid'] = array('all');
}
//Filter nach Sektionen
$secfilter = '';
if ($_POST['secid'][0] != 'all') {
foreach ($_POST['secid'] as $secid) {
$secfilter .= " secid LIKE '%|" . intval($secid) . "|%' OR ";
}
$secfilter = " AND ( " . $secfilter . " secid='all' )";
}
$_POST['period'] = (int) $_POST['period'];
list($count) = $db->first("SELECT count(id) FROM " . PRE . "_news WHERE starttime>='" . (time() - $_POST['period']) . "' " . $secfilter);
$maxpage = ceil($count / 10);
$_REQUEST['p'] = (int) $_REQUEST['p'];
if ($_POST['previous']) {
--$_REQUEST['p'];
}
if ($_POST['next']) {
++$_REQUEST['p'];
}
if (!$_REQUEST['p']) {
$_REQUEST['p'] = 1;
}
if ($_REQUEST['p'] < 1 || $_REQUEST['p'] > $maxpage) {
$_REQUEST['p'] = 1;
}
if (!is_array($_POST['news'])) {
$_POST['news'] = array();
}
$data = $db->fetch("SELECT id,title,subtitle,teaser,text FROM " . PRE . "_news WHERE starttime>='" . (time() - $_POST['period']) . "' " . $secfilter . " LIMIT " . ($_REQUEST['p'] - 1) * 10 . ",10");
if (count($data)) {
foreach ($data as $res) {
++$i;
$tabledata[$i]['ID'] = $res['id'];
$tabledata[$i]['TITLE'] = strip_tags($res['title']);
if ($res['teaser']) {
$tabledata[$i]['TEXT'] = shorttext(strip_tags($res['teaser']), 200);
} else {
$tabledata[$i]['TEXT'] = shorttext(strip_tags($res['text']), 200);
}
$tabledata[$i]['CHECKED'] = iif(in_array($res['id'], $_POST['news']), 1, 0);
unset($_POST['news'][$res['id']]);
}
}
//Ausgewählte News
foreach ($_POST['news'] as $id => $trash) {
$checkednews .= '<input type="hidden" name="news[' . $id . ']" value="' . $id . '" />';
}
//Sektionen
$seclist = array();
foreach ($_POST['secid'] as $secid) {
$seclist[] = array('SECID' => $secid);
}
$apx->tmpl->assign('SECTION', $seclist);
$apx->tmpl->assign('NEWS', $tabledata);
$apx->tmpl->assign('MAXPAGE', $maxpage);
$apx->tmpl->assign('PERIOD', $_POST['period']);
$apx->tmpl->assign('P', $_REQUEST['p']);
$apx->tmpl->assign('CHECKEDNEWS', $checkednews);
$apx->tmpl->parse('addnews_choose');
} else {
if (!$_POST['day_count']) {
$_POST['day_count'] = 7;
}
if (!$_POST['week_count']) {
$_POST['week_count'] = 2;
}
if (!$_POST['month_count']) {
$_POST['month_count'] = 1;
}
if (!$_POST['type']) {
$_POST['type'] = 'day';
}
$apx->tmpl->assign('SECID', array('all'));
$apx->tmpl->assign('TYPE', $_POST['type']);
$apx->tmpl->assign('DAY_COUNT', $_POST['day_count']);
$apx->tmpl->assign('WEEK_COUNT', $_POST['week_count']);
$apx->tmpl->assign('MONTH_COUNT', $_POST['month_count']);
$apx->tmpl->parse('addnews_period');
}
}
function edit()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
//Sektions-Liste
if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') {
$_POST['secid'] = array('all');
}
//Aktualisieren
if ($_POST['send']) {
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['catid'] || !$_POST['title'] || !$_POST['text'] || !$_POST['start_day'] || !$_POST['start_month'] || !$_POST['start_year']) {
infoNotComplete();
} elseif (!$this->update_pic()) {
/*DO NOTHING*/
} else {
$_POST['picture'] = $this->picpath;
$_POST['startday'] = $this->generate_stamp($_POST['start_day'], $_POST['start_month'], $_POST['start_year']);
//Startzeit
$_POST['starttime'] = -1;
if ($_POST['start_hour'] !== '' && $_POST['start_minute'] !== '') {
$_POST['starttime'] = sprintf('%02d%02d', $_POST['start_hour'], $_POST['start_minute']);
}
//Termin Ende
$_POST['endday'] = 0;
if ($_POST['end_day'] !== '' && $_POST['end_month'] !== '' && $_POST['end_year'] !== '') {
$_POST['endday'] = $this->generate_stamp($_POST['end_day'], $_POST['end_month'], $_POST['end_year']);
$_POST['endtime'] = -1;
if ($_POST['end_hour'] !== '' && $_POST['end_minute'] !== '') {
$_POST['endtime'] = sprintf('%02d%02d', $_POST['end_hour'], $_POST['end_minute']);
}
} else {
$_POST['endday'] = $_POST['startday'];
$_POST['endtime'] = -1;
}
//Links
for ($i = 1; $i <= 20; $i++) {
if (!$_POST['link' . $i . '_title'] || !$_POST['link' . $i . '_text'] || !$_POST['link' . $i . '_url']) {
continue;
}
$links[] = array('title' => $_POST['link' . $i . '_title'], 'text' => $_POST['link' . $i . '_text'], 'url' => $_POST['link' . $i . '_url'], 'popup' => (int) $_POST['link' . $i . '_popup']);
}
$_POST['links'] = serialize($links);
//Autor
if ($_POST['userid'] == 'send') {
$_POST['userid'] = 0;
} else {
$_POST['userid'] = $_POST['userid'];
}
//Sektion
$_POST['secid'] = serialize_section($_POST['secid']);
$db->dupdate(PRE . '_calendar_events', 'secid,catid,userid,title,text,location,location_link,picture,priority,meta_description,galid,links,startday,starttime,endday,endtime,searchable,restricted,allowcoms,allownote', "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$nid = $db->insert_id();
logit('CALENDAR_EDIT', 'ID #' . $_REQUEST['id']);
//Tags
$db->query("DELETE FROM " . PRE . "_calendar_tags WHERE id='" . $_REQUEST['id'] . "'");
$tagids = produceTagIds($_POST['tags']);
foreach ($tagids as $tagid) {
$db->query("INSERT IGNORE INTO " . PRE . "_calendar_tags VALUES('" . $_REQUEST['id'] . "', '" . $tagid . "')");
}
printJSRedirect(get_index('calendar.show'));
return;
}
} else {
$res = $db->first("SELECT * FROM " . PRE . "_calendar_events WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
foreach ($res as $key => $value) {
$_POST[$key] = $value;
}
//Start
$start = $this->explode_stamp($res['startday']);
$_POST['start_day'] = $start['day'];
$_POST['start_month'] = $start['month'];
$_POST['start_year'] = $start['year'];
if ($res['starttime'] != -1) {
$starttime = sprintf('%04d', $res['starttime']);
$_POST['start_hour'] = substr($starttime, 0, 2);
$_POST['start_minute'] = substr($starttime, 2, 2);
}
//Ende
if ($res['endday'] != $res['startday'] || $res['endtime'] != -1) {
$end = $this->explode_stamp($res['endday']);
$_POST['end_day'] = $end['day'];
$_POST['end_month'] = $end['month'];
$_POST['end_year'] = $end['year'];
if ($res['endtime'] != -1) {
$endtime = sprintf('%04d', $res['endtime']);
$_POST['end_hour'] = substr($endtime, 0, 2);
$_POST['end_minute'] = substr($endtime, 2, 2);
}
}
//Links umformen
$_POST['link1_popup'] = 1;
$links = unserialize($res['links']);
if (is_array($links) && count($links)) {
foreach ($links as $link) {
++$i;
$_POST['link' . $i . '_title'] = $link['title'];
$_POST['link' . $i . '_text'] = $link['text'];
$_POST['link' . $i . '_url'] = $link['url'];
$_POST['link' . $i . '_popup'] = $link['popup'];
}
}
//Sektionen
$_POST['secid'] = unserialize_section($_POST['secid']);
//Aktuelles Bild
list($picture) = $db->first("SELECT picture FROM " . PRE . "_calendar_events WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$teaserpic = '';
if ($picture) {
$teaserpicpath = $picture;
$poppicpath = str_replace('-thumb.', '.', $teaserpicpath);
if (file_exists(BASEDIR . getpath('uploads') . $poppicpath)) {
$teaserpic = '../' . getpath('uploads') . $poppicpath;
} else {
$teaserpic = '../' . getpath('uploads') . $teaserpicpath;
}
}
//Einsende-User beachten
$send = $db->first("SELECT send_username,send_email FROM " . PRE . "_calendar_events WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
if ($send['send_username']) {
$usersend = '<option value="send"' . iif($_POST['userid'] == 'send', ' selected="selected"') . '>' . $apx->lang->get('GUEST') . ': ' . $send['send_username'] . iif($send['send_email'], ' (' . $send['send_email'] . ')') . '</option>';
}
//Normale Links
if (!$_POST['link1_title']) {
$_POST['link1_title'] = $apx->lang->get('LLINK');
}
for ($i = 1; $i <= 20; $i++) {
if ($i > 1 && (!$_POST['link' . $i . '_title'] || $_POST['link' . $i . '_title'] == $apx->lang->get('LLINK')) && !$_POST['link' . $i . '_text'] && !$_POST['link' . $i . '_url']) {
continue;
}
$linklist[] = array('TITLE' => compatible_hsc($_POST['link' . $i . '_title']), 'TEXT' => compatible_hsc($_POST['link' . $i . '_text']), 'URL' => compatible_hsc($_POST['link' . $i . '_url']), 'POPUP' => (int) $_POST['link' . $i . '_popup'], 'DISPLAY' => 1);
}
while (count($linklist) < 20) {
$linklist[] = array('TITLE' => $apx->lang->get('LLINK'), 'POPUP' => 1);
}
//Tags
$tags = array();
$tagdata = $db->fetch("\n\t\t\tSELECT t.tag\n\t\t\tFROM " . PRE . "_calendar_tags AS n\n\t\t\tLEFT JOIN " . PRE . "_tags AS t USING(tagid)\n\t\t\tWHERE n.id='" . $_REQUEST['id'] . "'\n\t\t\tORDER BY t.tag ASC\n\t\t");
$tags = get_ids($tagdata, 'tag');
$_POST['tags'] = implode(', ', $tags);
$apx->tmpl->assign('USERID', $_POST['userid']);
$apx->tmpl->assign('USER_SEND', $usersend);
$apx->tmpl->assign('SECID', $_POST['secid']);
$apx->tmpl->assign('CATLIST', $this->get_catlist());
$apx->tmpl->assign('TITLE', compatible_hsc($_POST['title']));
$apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
$apx->tmpl->assign('PICTURE', $teaserpic);
$apx->tmpl->assign('LOCATION', compatible_hsc($_POST['location']));
$apx->tmpl->assign('LOCATION_LINK', compatible_hsc($_POST['location_link']));
$apx->tmpl->assign('START_DAY', (int) $_POST['start_day']);
$apx->tmpl->assign('START_MONTH', (int) $_POST['start_month']);
$apx->tmpl->assign('START_YEAR', (int) $_POST['start_year']);
$apx->tmpl->assign('START_HOUR', $_POST['start_hour']);
$apx->tmpl->assign('START_MINUTE', $_POST['start_minute']);
$apx->tmpl->assign('END_DAY', (int) $_POST['end_day']);
$apx->tmpl->assign('END_MONTH', (int) $_POST['end_month']);
$apx->tmpl->assign('END_YEAR', (int) $_POST['end_year']);
$apx->tmpl->assign('END_HOUR', $_POST['end_hour']);
$apx->tmpl->assign('END_MINUTE', $_POST['end_minute']);
$apx->tmpl->assign('GALID', (int) $_POST['galid']);
$apx->tmpl->assign('PRIORITY', (int) $_POST['priority']);
$apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description']));
$apx->tmpl->assign('TAGS', compatible_hsc($_POST['tags']));
$apx->tmpl->assign('LINK', $linklist);
$apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']);
$apx->tmpl->assign('ALLOWNOTE', (int) $_POST['allownote']);
$apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']);
$apx->tmpl->assign('RESTRICTED', (int) $_POST['restricted']);
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('ACTION', 'edit');
$apx->tmpl->parse('add_edit');
}
}
function edit()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
//Sektions-Liste
if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') {
$_POST['secid'] = array('all');
}
if ($_POST['send'] == 1) {
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['title']) {
infoNotComplete();
} else {
$update = array('prodid' => $_POST['prodid'], 'title' => $_POST['title'], 'description' => $_POST['description'], 'meta_description' => $_POST['meta_description'], 'searchable' => $_POST['searchable'], 'restricted' => $_POST['restricted'], 'allowcoms' => $_POST['allowcoms']);
//Veröffentlichung
if ($apx->user->has_right('gallery.enable') && isset($_POST['t_day_1'])) {
$update['starttime'] = maketime(1);
$update['endtime'] = maketime(2);
if ($update['starttime']) {
if (!$update['endtime'] || $update['endtime'] <= $_POST['starttime']) {
$update['endtime'] = 3000000000;
}
}
}
//Prüfen, ob der neue Elternknoten deaktiviert ist => falls ja den Knoten deaktivieren
if (intval($_POST['parent'])) {
list($parentEnabled) = $db->first("SELECT starttime FROM " . PRE . "_gallery WHERE id='" . intval($_POST['parent']) . "' LIMIT 1");
if (!$parentEnabled) {
$update['starttime'] = 0;
$update['endtime'] = 0;
}
}
//Unter-Galerien werden verwendet
if ($set['gallery']['subgals']) {
$nodeInfo = $this->cat->getNode($_REQUEST['id']);
$currentParentId = array_pop($nodeInfo['parents']);
//Dieser Knoten wird ein Unter-Knoten
//Übernehme secid vom neuen Parent, password löschen
if (intval($_POST['parent'])) {
$_POST['parent'] = intval($_POST['parent']);
//Parent hat sich geändert => Daten übernehmen
if ($currentParentId != $_POST['parent']) {
$rootNode = $this->cat->getNode($_POST['parent'], array('secid', 'password', 'restricted'));
$update['secid'] = $rootNode['secid'];
$update['password'] = '';
$update['restricted'] = '';
//Unter-Galerien des Knotens anpassen
$childrenIds = $nodeInfo['children'];
if ($childrenIds) {
$db->query("\n\t\t\t\t\t\t\t\tUPDATE " . PRE . "_gallery\n\t\t\t\t\t\t\t\tSET secid='" . addslashes($update['secid']) . "', password = '', restricted=0\n\t\t\t\t\t\t\t\tWHERE id IN (" . implode(',', $childrenIds) . ")\n\t\t\t\t\t\t\t");
}
}
} else {
$update['secid'] = serialize_section($_POST['secid']);
$update['password'] = $_POST['password'];
$update['restricted'] = $_POST['restricted'];
//Unter-Galerien des Knotens anpassen
$childrenIds = $nodeInfo['children'];
if ($childrenIds) {
$db->query("\n\t\t\t\t\t\t\tUPDATE " . PRE . "_gallery\n\t\t\t\t\t\t\tSET secid='" . addslashes($update['secid']) . "', password = '', restricted=0\n\t\t\t\t\t\t\tWHERE id IN (" . implode(',', $childrenIds) . ")\n\t\t\t\t\t\t");
}
}
} else {
$update['secid'] = serialize_section($_POST['secid']);
$update['password'] = $_POST['password'];
$update['restricted'] = $_POST['restricted'];
}
$this->cat->moveNode($_REQUEST['id'], intval($_POST['parent']), $update);
logit('GALLERY_EDIT', 'ID #' . $_REQUEST['id']);
//Tags
$db->query("DELETE FROM " . PRE . "_gallery_tags WHERE id='" . $_REQUEST['id'] . "'");
$tagids = produceTagIds($_POST['tags']);
foreach ($tagids as $tagid) {
$db->query("INSERT IGNORE INTO " . PRE . "_gallery_tags VALUES('" . $_REQUEST['id'] . "', '" . $tagid . "')");
}
printJSRedirect(get_index('gallery.show'));
}
} else {
$res = $this->cat->getNode($_REQUEST['id'], array('secid', 'prodid', 'title', 'description', 'meta_description', 'password', 'starttime', 'endtime', 'searchable', 'restricted', 'allowcoms'));
$_POST['secid'] = unserialize_section($res['secid']);
$_POST['prodid'] = $res['prodid'];
$_POST['title'] = $res['title'];
$_POST['description'] = $res['description'];
$_POST['meta_description'] = $res['meta_description'];
$_POST['password'] = $res['password'];
$_POST['searchable'] = $res['searchable'];
$_POST['restricted'] = $res['restricted'];
$_POST['allowcoms'] = $res['allowcoms'];
if (!$res['parents']) {
$_POST['parent'] = 'root';
} else {
$_POST['parent'] = array_pop($res['parents']);
}
//Veröffentlichung
if ($res['starttime']) {
maketimepost(1, $res['starttime']);
if ($res['endtime'] < 2147483647) {
maketimepost(2, $res['endtime']);
}
}
//Baum
if ($set['gallery']['subgals']) {
$gallist = '<option value="root" style="font-weight:bold;"' . iif($_POST['parent'] == 'root', ' selected="selected"') . '>' . $apx->lang->get('ROOT') . '</option>';
$data = $this->cat->getTree(array('title'));
if (count($data)) {
$gallist .= '<option value=""></option>';
foreach ($data as $res) {
if ($jumplevel && $res['level'] > $jumplevel) {
continue;
} else {
$jumplevel = 0;
}
if ($_REQUEST['id'] == $res['id']) {
$jumplevel = $res['level'];
continue;
}
$gallist .= '<option value="' . $res['id'] . '"' . iif($_POST['parent'] === $res['id'], ' selected="selected"') . '>' . str_repeat(' ', $res['level'] - 1) . replace($res['title']) . '</option>';
}
}
}
//Veröffentlichung
if ($apx->user->has_right('gallery.enable') && isset($_POST['t_day_1'])) {
$apx->tmpl->assign('STARTTIME', choosetime(1, 0, maketime(1)));
$apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2)));
}
//Tags
$tags = array();
$tagdata = $db->fetch("\n\t\t\tSELECT t.tag\n\t\t\tFROM " . PRE . "_gallery_tags AS n\n\t\t\tLEFT JOIN " . PRE . "_tags AS t USING(tagid)\n\t\t\tWHERE n.id='" . $_REQUEST['id'] . "'\n\t\t\tORDER BY t.tag ASC\n\t\t");
$tags = get_ids($tagdata, 'tag');
$_POST['tags'] = implode(', ', $tags);
$apx->tmpl->assign('PARENT', $gallist);
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('SECID', $_POST['secid']);
$apx->tmpl->assign('PRODID', $_POST['prodid']);
$apx->tmpl->assign('TITLE', compatible_hsc($_POST['title']));
$apx->tmpl->assign('DESCRIPTION', compatible_hsc($_POST['description']));
$apx->tmpl->assign('PASSWORD', compatible_hsc($_POST['password']));
$apx->tmpl->assign('META_DESCRIPTION', compatible_hsc($_POST['meta_description']));
$apx->tmpl->assign('TAGS', compatible_hsc($_POST['tags']));
$apx->tmpl->assign('SEARCHABLE', (int) $_POST['searchable']);
$apx->tmpl->assign('RESTRICTED', (int) $_POST['restricted']);
$apx->tmpl->assign('ALLOWCOMS', (int) $_POST['allowcoms']);
$apx->tmpl->parse('edit');
}
}