Пример #1
0
function main()
{
    $body .= '
	<script><!--
	$(document).ready(function(){
	$("#visit").datepicker({
		firstDay: 1
});
  });
-->
	</script>
<fieldset><legend>Add a new visit</legend><form method="post">
		<label>Restaurant <select name="restaurant">';
    foreach (getRestaurantList() as $id => $name) {
        $body .= '<option value="' . $id . '">' . $name . '</option>';
    }
    $body .= '</select></label>
		<label>Date <input type="text" name="date"  id="visit" value="' . date("m/d/Y") . '"/></label>
		<label>Duration (minutes)<input type="text" name="duration"/></label>
		<button type="submit" name="action" value="new">Save New Visit</button>
		</form></fieldset>';
    $db = new DB();
    $db->query("SELECT h.RestaurantID,r.Name,h.Date,h.Duration\n\t\t    FROM history h\n\t\t    \tJOIN restaurants r ON h.RestaurantID = r.ID\n\t\t    ORDER BY h.Date DESC");
    if ($db->size() == 0) {
        return "<span class=\"error\">No history found.</span>";
    }
    $body .= "<h2 style='margin-top:20px;'>Past Visits</h2><table><thead><tr><td>Restaurant Name</td><td>Date of Visit</td><td>Duration</td></tr></thead><tbody>";
    while (list($rid, $rName, $date, $duration) = $db->fetchrow()) {
        $body .= "<tr class=\"" . ($q++ % 2 == 0 ? "even" : "odd") . "\" id=\"hist{$rid}\"><td>{$rName}</td><td>{$date}</td><td>{$duration} minutes</td><td><a href=\"?action=delete&id={$rid}&date={$date}\"><img src=\"delete.png\" alt=\"Delete this entry\" style=\"width:50%\" /></a></td></tr>";
        // Undesireable slide animation:
        //onclick=\"$('#hist$rid').hide('slide',{direction:'up'},'slow');\"
    }
    $body .= "</tbody></table>";
    return $body;
}
Пример #2
0
function _HCM_linkuser($jmeno = "")
{
    $name = DB::esc(_anchorStr($jmeno, false));
    $query = DB::query("SELECT id FROM `" . _mysql_prefix . "-users` WHERE username='******'");
    if (DB::size($query) != 0) {
        $query = DB::row($query);
        return _linkUser($query['id']);
    }
}
Пример #3
0
function _HCM_linkroot($id = null, $text = null, $nove_okno = false)
{
    $is_id = is_numeric($id);
    if ($is_id) {
        $id = intval($id);
    } else {
        $id = DB::val($id);
    }
    $query = DB::query("SELECT title,title_seo FROM `" . _mysql_prefix . "-root` WHERE " . ($is_id ? 'id' : 'title_seo') . "=" . $id);
    if (isset($nove_okno) and _boolean($nove_okno)) {
        $target = " target='_blank'";
    } else {
        $target = "";
    }
    if (DB::size($query) != 0) {
        $query = DB::row($query);
        if (isset($text) and $text != "") {
            $query['title'] = $text;
        }
        return "<a href='" . _linkRoot($id, $query['title_seo']) . "'" . $target . ">" . $query['title'] . "</a>";
    }
}
Пример #4
0
 case 1:
     if ($item['var1'] == 1) {
         $iteminfo .= "<span>" . $_lang['article.comments'] . ":</span> " . DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-posts` WHERE type=1 AND home=" . $item['id']), 0);
     }
     break;
     // kategorie
 // kategorie
 case 2:
     $iteminfo .= "<span>" . $_lang['global.articlesnum'] . ":</span> " . DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-articles` AS art WHERE (home1=" . $item['id'] . " OR home2=" . $item['id'] . " OR home3=" . $item['id'] . ") AND " . _sqlArticleFilter()), 0);
     break;
     // kniha
 // kniha
 case 3:
     // nacteni jmena autora posledniho prispevku
     $lastpost = DB::query("SELECT author,guest FROM `" . _mysql_prefix . "-posts` WHERE home=" . $item['id'] . " ORDER BY id DESC LIMIT 1");
     if (DB::size($lastpost) != 0) {
         $lastpost = DB::row($lastpost);
         if ($lastpost['author'] != -1) {
             $lastpost = _linkUser($lastpost['author'], null, true, true);
         } else {
             $lastpost = $lastpost['guest'];
         }
     } else {
         $lastpost = "-";
     }
     $iteminfo .= "<span>" . $_lang['global.postsnum'] . ":</span> " . DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-posts` WHERE type=3 AND home=" . $item['id']), 0) . _template_listinfoseparator . "<span>" . $_lang['global.lastpost'] . ":</span> " . $lastpost;
     break;
     // galerie
 // galerie
 case 5:
     $iteminfo .= "<span>" . $_lang['global.imgsnum'] . ":</span> " . DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-images` WHERE home=" . $item['id']), 0);
Пример #5
0
         } else {
             // neplatna cookie - zaznam v ip logu
             _iplogUpdate(1);
         }
     }
 }
 // kontroly
 $continue = false;
 if (!$persistent_cookie_bad) {
     $id = intval($_SESSION[_sessionprefix . "user"]);
     $pass = $_SESSION[_sessionprefix . "password"];
     $ip = $_SESSION[_sessionprefix . "ip"];
     if (!$persistent_cookie_used) {
         $uquery = DB::query("SELECT * FROM `" . _mysql_prefix . "-users` WHERE id=" . $id);
     }
     if ($persistent_cookie_used or DB::size($uquery) != 0) {
         if (!$persistent_cookie_used) {
             $uquery = DB::row($uquery);
         }
         $gquery = DB::query_row("SELECT * FROM `" . _mysql_prefix . "-groups` WHERE id=" . $uquery['group']);
         if ($uquery['password'] == $pass and $uquery['blocked'] == 0 and $gquery['blocked'] == 0 and (!$_SESSION[_sessionprefix . 'ipbound'] or $ip == _userip)) {
             $continue = true;
         }
         // vse ok
     }
 }
 // zabiti neplatne session
 if ($continue != true) {
     _userLogout(false);
 }
 // definovani konstant
Пример #6
0
// titulek
$title = $query['title'];
if (_template_autoheadings && $query['autotitle']) {
    $content .= "<h1>" . $query['title'] . "</h1>\n";
    _extend('call', 'page.gallery.aftertitle', $extend_args);
}
// obsah
_extend('call', 'page.gallery.content.before', $extend_args);
if ($query['content'] != "") {
    $content .= _parseHCM($query['content']) . "\n\n<div class='hr'><hr /></div>\n\n";
}
_extend('call', 'page.gallery.content.after', $extend_args);
// obrazky
$paging = _resultPaging(_indexOutput_url, $query['var2'], "images", "home=" . $id);
$images = DB::query("SELECT * FROM `" . _mysql_prefix . "-images` WHERE home=" . $id . " ORDER BY ord " . $paging[1]);
$images_number = DB::size($images);
if ($images_number != 0) {
    $usetable = $query['var1'] != -1;
    if (_pagingmode == 1 or _pagingmode == 2) {
        $content .= $paging[0];
    }
    if ($usetable) {
        $content .= "<table class='gallery'>\n";
    } else {
        $content .= "<div class='gallery'>\n";
    }
    // obrazky
    $counter = 0;
    $cell_counter = 0;
    while ($img = DB::row($images)) {
        if ($usetable and $cell_counter == 0) {
Пример #7
0
function _HCM_poll($id = null, $sirka = 150)
{
    // nacteni promennych
    $id = intval($id);
    if (isset($sirka)) {
        $sirka = intval($sirka);
    } else {
        $sirka = 150;
    }
    if ($sirka < 100) {
        $sirka = 100;
    }
    // nacteni dat ankety
    $vpolldata = DB::query("SELECT * FROM `" . _mysql_prefix . "-polls` WHERE id=" . $id);
    if (DB::size($vpolldata) != 0) {
        $vpolldata = DB::row($vpolldata);
        $rcontinue = true;
    } else {
        $rcontinue = false;
    }
    // sestaveni kodu
    if ($rcontinue) {
        // odpovedi
        $ranswers = explode("\n", $vpolldata['answers']);
        $rvotes = explode("-", $vpolldata['votes']);
        $rvotes_sum = array_sum($rvotes);
        if (_loginright_pollvote == 1 and $vpolldata['locked'] != 1 and _iplogCheck(4, $id)) {
            $rallowvote = true;
        } else {
            $rallowvote = false;
        }
        if ($rallowvote) {
            $ranswers_code = "<form action='" . _indexroot . "remote/hcm/pvote.php?_return=" . urlencode(_indexOutput_url . "#hcm_poll_" . SL::$hcmUid) . "' method='post'>\n<input type='hidden' name='pid' value='" . $vpolldata['id'] . "' />";
        } else {
            $ranswers_code = "";
        }
        $ranswer_id = 0;
        foreach ($ranswers as $item) {
            if ($rvotes_sum != 0 and $rvotes[$ranswer_id] != 0) {
                $rpercent = $rvotes[$ranswer_id] / $rvotes_sum;
                $rbarwidth = round($rpercent * ($sirka - _template_votebarwidthreduction));
            } else {
                $rpercent = 0;
                $rbarwidth = 1;
            }
            if ($rallowvote) {
                $item = "<label><input type='radio' name='option' value='" . $ranswer_id . "' /> " . $item . " [" . $rvotes[$ranswer_id] . "/" . round($rpercent * 100) . "%]</label>";
            } else {
                $item .= " [" . $rvotes[$ranswer_id] . "/" . round($rpercent * 100) . "%]";
            }
            $ranswers_code .= "<div class='poll-answer'>" . $item . "<div style='width:" . $rbarwidth . "px;'></div></div>\n";
            $ranswer_id++;
        }
        $ranswers_code .= "<div class='poll-answer'>";
        if ($rallowvote) {
            $ranswers_code .= "<input type='submit' value='" . $GLOBALS['_lang']['hcm.poll.vote'] . "' class='votebutton' />";
        }
        $ranswers_code .= $GLOBALS['_lang']['hcm.poll.votes'] . ":&nbsp;" . $rvotes_sum . "</div>";
        if ($rallowvote) {
            $ranswers_code .= _xsrfProtect() . "</form>\n";
        }
        return "\n<div class='anchor'><a name='hcm_poll_" . SL::$hcmUid . "'></a></div>\n<div class='poll' style='width:" . $sirka . "px;'>\n<div class='poll-content'>\n\n<div class='poll-question'>\n" . $vpolldata['question'] . "\n" . ($vpolldata['locked'] == 1 ? "<div>(" . $GLOBALS['_lang']['hcm.poll.locked'] . ")</div>" : '') . "\n</div>\n\n" . $ranswers_code . "\n\n</div>\n</div>\n\n";
    }
}
Пример #8
0
    // nejnovejsi odpovedi na tema
    case 6:
        $query = DB::query("SELECT subject FROM `" . _mysql_prefix . "-posts` WHERE type=5 AND id=" . $id . " AND (" . _loginindicator . "=1 OR (SELECT public FROM `" . _mysql_prefix . "-root` WHERE id=`" . _mysql_prefix . "-posts`.id)=1)");
        $feedtitle = $_lang['rss.recentanswers'];
        $typelimit = "type=5 AND xhome=" . $id;
        $homelimit = "";
        $pagetitle_column = "subject";
        break;
        // nelegalni typ
    // nelegalni typ
    default:
        exit;
        break;
}
// nacteni polozek
if ($custom_cond and ($donottestsource or DB::size($query) != 0)) {
    $feeditems = array();
    if (!$donottestsource) {
        $query = DB::row($query);
    }
    $pagetitle = $query[$pagetitle_column];
    switch ($type) {
        // komentare/prispevky/temata
        case 1:
        case 2:
        case 3:
        case 5:
        case 6:
            $items = DB::query("SELECT * FROM `" . _mysql_prefix . "-posts` WHERE " . $homelimit . $typelimit . " ORDER BY id DESC LIMIT " . _rsslimit);
            $titlebonus = "";
            while ($item = DB::row($items)) {
Пример #9
0
function _HCM_sbox($id = null)
{
    // priprava
    $result = "";
    $id = intval($id);
    // nacteni dat shoutboxu
    $sboxdata = DB::query("SELECT * FROM `" . _mysql_prefix . "-sboxes` WHERE id=" . $id);
    if (DB::size($sboxdata) != 0) {
        $sboxdata = DB::row($sboxdata);
        $rcontinue = true;
    } else {
        $rcontinue = false;
    }
    // sestaveni kodu
    if ($rcontinue) {
        $result = "\n    <div class='anchor'><a name='hcm_sbox_" . SL::$hcmUid . "'></a></div>\n    <div class='sbox'>\n    <div class='sbox-content'>\n    " . ($sboxdata['title'] != "" ? "<div class='sbox-title'>" . $sboxdata['title'] . "</div>" : '') . "<div class='sbox-item'" . ($sboxdata['title'] == "" ? " style='border-top:none;'" : '') . ">";
        // formular na pridani
        if ($sboxdata['locked'] != 1 and _publicAccess($sboxdata['public'])) {
            // priprava bunek
            // $captcha = _captchaInit();
            if (!_loginindicator) {
                $inputs[] = array($GLOBALS['_lang']['posts.guestname'], "<input type='text' name='guest' class='sbox-input' maxlength='22' />");
            }
            $inputs[] = array($GLOBALS['_lang']['posts.text'], "<input type='text' name='text' class='sbox-input' maxlength='255' /><input type='hidden' name='_posttype' value='4' /><input type='hidden' name='_posttarget' value='" . $id . "' />");
            if (!_loginindicator) {
                $inputs[1][2] = true;
                // $inputs[] = $captcha;
            }
            $result .= _formOutput("hcm_sboxform_" . SL::$hcmUid, _indexroot . "remote/post.php?_return=" . urlencode(_indexOutput_url . "#hcm_sbox_" . SL::$hcmUid), $inputs, null, null);
        } else {
            if ($sboxdata['locked'] != 1) {
                $result .= $GLOBALS['_lang']['posts.loginrequired'];
            } else {
                $result .= "<img src='" . _templateImage("icons/lock.png") . "' alt='locked' class='icon' /> " . $GLOBALS['_lang']['posts.locked2'];
            }
        }
        $result .= "\n</div>\n<div class='sbox-posts'>";
        // vypis prispevku
        $sposts = DB::query("SELECT id,text,author,guest,time,ip FROM `" . _mysql_prefix . "-posts` WHERE home=" . $id . " AND type=4 ORDER BY id DESC");
        if (DB::size($sposts) != 0) {
            while ($spost = DB::row($sposts)) {
                // nacteni autora
                if ($spost['author'] != -1) {
                    $author = _linkUser($spost['author'], "post-author' title='" . _formatTime($spost['time']), false, false, 16, ":");
                } else {
                    $author = "<span class='post-author-guest' title='" . _formatTime($spost['time']) . ", ip=" . _showIP($spost['ip']) . "'>" . $spost['guest'] . ":</span>";
                }
                // odkaz na spravu
                if (_postAccess($spost)) {
                    $alink = " <a href='index.php?m=editpost&amp;id=" . $spost['id'] . "'><img src='" . _templateImage("icons/edit.png") . "' alt='edit' class='icon' /></a>";
                } else {
                    $alink = "";
                }
                // kod polozky
                $result .= "<div class='sbox-item'>" . $author . $alink . " " . _parsePost($spost['text'], true, false, false) . "</div>\n";
            }
        } else {
            $result .= "\n<div class='sbox-item'>" . $GLOBALS['_lang']['posts.noposts'] . "</div>\n";
        }
        $result .= "\n  </div>\n  </div>\n  </div>\n  ";
    }
    return $result;
}
Пример #10
0
 /**
  * Import data to the database
  * @param  KZipStream|string $stream KZipStream instance or file path
  * @return array             array(true, skipped_tables) on success, array(false, err_msg) on failure
  */
 public function importData($stream)
 {
     // prepare
     global $_lang;
     $err = null;
     $this->_import_tmap = array();
     // rather ugly hack to use existing file path as KZipStream
     if (is_string($stream)) {
         $file = $stream;
         $stream = new KZipStream(null, array(KZip::FILE_TOADD, $file, null));
         unset($file);
     }
     // vars
     $null = chr(0);
     $nullv = chr(1);
     $version = '';
     // import process
     do {
         // read header
         $offset = 0;
         while (true) {
             ++$offset;
             $byte = $stream->read(1);
             if ($byte === $null) {
                 // header read
                 break;
             } else {
                 $version .= $byte;
             }
             if ($offset > 32) {
                 $err = $_lang['dbdump']['dataerror'];
                 break 2;
             }
         }
         // check version
         if (!_checkVersion('database', $version)) {
             $err = $_lang['dbdump']['badversion'];
             break;
         }
         // find local tables
         $tables = array();
         $q = DB::query('SHOW TABLES LIKE \'' . _mysql_prefix . '-%\'');
         while ($r = DB::rown($q)) {
             $tables[$r[0]] = true;
         }
         DB::free($q);
         unset($r);
         // determine maximum query size
         $max_size = DB::query('SHOW VARIABLES LIKE \'max_allowed_packet\'');
         if (DB::size($max_size) !== 1) {
             $err = $_lang['dbdump']['maxpacket'];
             break;
         }
         $max_size = DB::result($max_size, 0, 1);
         $max_size -= 128;
         $max_size = floor(($max_size - 128) * 0.9);
         // adjust maximum query size to available memory
         $memlimit = _phpIniLimit('memory_limit');
         if (isset($memlimit)) {
             $avail_mem = $memlimit - memory_get_usage() - 131072;
             if ($max_size > $avail_mem) {
                 $max_size = $avail_mem;
             }
             unset($avail_mem);
         }
         if ($max_size < 32768) {
             $err = $_lang['dbdump']['memory'];
             break;
         }
         // turn off auto_increment for zero values
         DB::query('SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO"');
         // prepare
         $reset = true;
         $skipped_tables = array();
         $stream_buffer = '';
         $stream_buffer_i = 0;
         // import data
         while (true) {
             // reset?
             if ($reset) {
                 $phase = 0;
                 $table = '';
                 $column = '';
                 $columns = array();
                 $columns_size = 0;
                 $values = array();
                 $value = '';
                 $value_counter = 0;
                 $sql = '';
                 $sql_len = 0;
                 $sql_buffer = '';
                 $sql_buffer_len = 0;
                 $skipping_table = false;
                 $reset = false;
             }
             // get 1 byte
             if (!isset($stream_buffer[$stream_buffer_i])) {
                 if ($stream->eof()) {
                     break;
                 }
                 $stream_buffer = $stream->read();
                 $stream_buffer_i = 0;
                 if ($stream_buffer === '') {
                     break;
                 }
             }
             $byte = $stream_buffer[$stream_buffer_i];
             ++$stream_buffer_i;
             // phase
             switch ($phase) {
                 /* --  reading table name  -- */
                 case 0:
                     // end of table name?
                     if ($byte === $null) {
                         // read column list
                         $phase = 1;
                         if (!isset($tables[_mysql_prefix . '-' . $table])) {
                             $skipping_table = true;
                             $skipped_tables[] = $table;
                         }
                         break;
                     }
                     // znak nazvu tabulky
                     $table .= $byte;
                     break;
                     /* --  reading column list  -- */
                 /* --  reading column list  -- */
                 case 1:
                     // end of column
                     if ($byte === $null) {
                         if ($column === '') {
                             // end of list, process columns
                             if (!$skipping_table) {
                                 $columns = '`' . implode('`,`', $columns) . '`';
                             }
                             // begin to read rows
                             $phase = 2;
                         } else {
                             // end of column
                             if (!$skipping_table) {
                                 $columns[] = $column;
                             }
                             ++$columns_size;
                             $column = '';
                         }
                         break;
                     }
                     // column name char
                     $column .= $byte;
                     break;
                     /* --  reading row data  -- */
                 /* --  reading row data  -- */
                 case 2:
                     // end of value?
                     if ($byte === $null) {
                         if ($value_counter === 0 && $value === '') {
                             // end of all rows, reset
                             $reset = true;
                             // import remaining data
                             if ($sql_buffer !== '' && !$skipping_table) {
                                 $import = $this->_db_import($table, $columns, $sql_buffer, $sql_buffer_len);
                                 if (isset($import)) {
                                     $err = _htmlStr($import);
                                     break 3;
                                 }
                             }
                         } else {
                             // end of value
                             ++$value_counter;
                             $values[] = $value;
                             $value = '';
                             // end of one row?
                             if ($value_counter === $columns_size) {
                                 if (!$skipping_table) {
                                     // build part of the SQL query
                                     $sql = '(';
                                     for ($i = 0, $lastcol = $columns_size - 1; isset($values[$i]); ++$i) {
                                         if ($values[$i] === $nullv) {
                                             $sql .= 'NULL';
                                         } else {
                                             $sql .= '\'' . $values[$i] . '\'';
                                         }
                                         if ($i !== $lastcol) {
                                             $sql .= ',';
                                         }
                                     }
                                     $sql .= ')';
                                     // execute query or use buffer
                                     $sql_len = strlen($sql);
                                     if ($sql_buffer_len + $sql_len + 1 >= $max_size) {
                                         $this->_db_import($table, $columns, $sql_buffer, $sql_buffer_len);
                                         if (isset($import)) {
                                             $err = _htmlStr($import);
                                             break 3;
                                         }
                                     } else {
                                         // separate
                                         if ($sql_buffer !== '') {
                                             $sql_buffer .= ',';
                                             ++$sql_buffer_len;
                                         }
                                         // add query to buffer
                                         $sql_buffer .= $sql;
                                         $sql_buffer_len += $sql_len;
                                     }
                                     // clean up
                                     $sql = '';
                                     $sql_len = 0;
                                 }
                                 $value_counter = 0;
                                 $values = array();
                             }
                         }
                         break;
                     }
                     // value char
                     $value .= $byte;
                     break;
             }
         }
         // restore sql_mode
         DB::query('SET SQL_MODE=""');
     } while (false);
     // void truncate map
     $this->_import_tmap = null;
     // return
     if (!isset($err)) {
         return array(true, $skipped_tables);
     }
     return array(false, $err);
 }
             if (_mail('', $subject, $text, "Bcc: " . implode(",", $rec_buffer) . "\n" . $headers)) {
                 $done += sizeof($rec_buffer);
             }
             $rec_buffer = array();
             $rec_buffer_counter = 0;
         }
     }
     // zprava
     if ($done != 0) {
         $output .= _formMessage(1, str_replace(array("*done*", "*total*"), array($done, $item_total), $_lang['admin.other.massemail.send']));
     } else {
         $output .= _formMessage(2, $_lang['admin.other.massemail.noreceiversfound']);
     }
 } else {
     // vypis emailu
     $emails_total = DB::size($query);
     if ($emails_total != 0) {
         $emails = '';
         $email_counter = 0;
         while ($item = DB::row($query)) {
             ++$email_counter;
             $emails .= $item['email'];
             if ($email_counter !== $emails_total) {
                 $emails .= ',';
             }
         }
         $output .= _formMessage(1, "<textarea class='areasmallwide' rows='9' cols='33' name='list'>" . $emails . "</textarea>");
     } else {
         $output .= _formMessage(2, $_lang['admin.other.massemail.noreceiversfound']);
     }
 }
Пример #12
0
 if ($id == null and $password == "") {
     $errors[] = $_lang['admin.users.edit.passwordneeded'];
 }
 if ($password != "") {
     $passwordchange = true;
     $password = _md5Salt($password);
 }
 // note
 $note = DB::esc(_htmlStr(_wsTrim(mb_substr($_POST['note'], 0, 1024))));
 // blocked
 $blocked = _checkboxLoad("blocked");
 // group
 if (isset($_POST['group'])) {
     $group = intval($_POST['group']);
     $group_test = DB::query("SELECT level FROM `" . _mysql_prefix . "-groups` WHERE id=" . $group . " AND id!=2 AND level<" . _loginright_level);
     if (DB::size($group_test) != 0) {
         $group_test = DB::row($group_test);
         if ($group_test['level'] > _loginright_level) {
             $errors[] = $_lang['global.badinput'];
         }
     } else {
         $errors[] = $_lang['global.badinput'];
     }
 } else {
     $group = $query['group'];
 }
 // levelshift
 if (_loginid == 0) {
     $levelshift = _checkboxLoad("levelshift");
 } else {
     $levelshift = $query['levelshift'];
Пример #13
0
    } else {
        $message = _formMessage(2, _eventList($errors, 'errors'));
    }
}
/* ---  modul  --- */
if (_template_autoheadings == 1) {
    $module .= "<h1>" . $_lang['mod.reg'] . "</h1>";
}
switch ($phase) {
    // registracni formular
    case 0:
        // priprava vyberu skupiny
        $groupselect = array(null);
        if (_registration_grouplist) {
            $groupselect_items = DB::query("SELECT id,title FROM `" . _mysql_prefix . "-groups` WHERE `blocked`=0 AND reglist=1 ORDER BY title");
            if (DB::size($groupselect_items) != 0) {
                $groupselect_content = "";
                while ($groupselect_item = DB::row($groupselect_items)) {
                    $groupselect_content .= "<option value='" . $groupselect_item['id'] . "'" . ($groupselect_item['id'] == _defaultgroup ? " selected='selected'" : '') . ">" . $groupselect_item['title'] . "</option>\n";
                }
                $groupselect = array($_lang['global.group'], "<select name='group'>" . $groupselect_content . "</select>");
            }
        }
        // priprava podminek
        if (SL::$settings['rules'] != "") {
            $rules = array("<div class='hr'><hr /></div><h2>" . $_lang['mod.reg.rules'] . "</h2>" . SL::$settings['rules'] . "<br /><label><input type='checkbox' name='agreement' value='1'" . _checkboxActivate(isset($_POST['agreement'])) . " /> " . $_lang['mod.reg.rules.agreement'] . "</label><div class='hr'><hr /></div><br />", "", true);
        } else {
            $rules = array(null);
        }
        // formular
        $captcha = _captchaInit();
Пример #14
0
/**
 * Aktualizace logu IP adres
 * Pro info o argumentech viz {@link _ipLogCheck}
 * @param int $type typ zaznamu
 * @param mixed $var promenny argument dle typu
 */
function _iplogUpdate($type, $var = null)
{
    $querybasic = "SELECT * FROM `" . _mysql_prefix . "-iplog` WHERE ip='" . _userip . "' AND type=" . $type;
    switch ($type) {
        // prihlaseni
        case 1:
            $query = DB::query($querybasic);
            if (DB::size($query) != 0) {
                $query = DB::row($query);
                DB::query("UPDATE `" . _mysql_prefix . "-iplog` SET var=" . ($query['var'] + 1) . " WHERE id=" . $query['id']);
            } else {
                DB::query("INSERT INTO `" . _mysql_prefix . "-iplog` (ip,type,time,var) VALUES ('" . _userip . "',1," . time() . ",1)");
            }
            break;
            // precteni clanku
        // precteni clanku
        case 2:
            DB::query("INSERT INTO `" . _mysql_prefix . "-iplog` (ip,type,time,var) VALUES ('" . _userip . "',2," . time() . "," . $var . ")");
            break;
            // hodnoceni clanku
        // hodnoceni clanku
        case 3:
            DB::query("INSERT INTO `" . _mysql_prefix . "-iplog` (ip,type,time,var) VALUES ('" . _userip . "',3," . time() . "," . $var . ")");
            break;
            // hlasovani v ankete
        // hlasovani v ankete
        case 4:
            DB::query("INSERT INTO `" . _mysql_prefix . "-iplog` (ip,type,time,var) VALUES ('" . _userip . "',4," . time() . "," . $var . ")");
            break;
            // odeslani komentare, prispevku nebo vzkazu; zadost o obnovu hesla
        // odeslani komentare, prispevku nebo vzkazu; zadost o obnovu hesla
        case 5:
        case 7:
            DB::query("INSERT INTO `" . _mysql_prefix . "-iplog` (ip,type,time,var) VALUES ('" . _userip . "'," . $type . "," . time() . ",0)");
            break;
            // pokus o aktivaci uctu
        // pokus o aktivaci uctu
        case 6:
            $query = DB::query($querybasic);
            if (DB::size($query) != 0) {
                $query = DB::row($query);
                DB::query("UPDATE `" . _mysql_prefix . "-iplog` SET var=" . ($query['var'] + 1) . " WHERE id=" . $query['id']);
            } else {
                DB::query("INSERT INTO `" . _mysql_prefix . "-iplog` (ip,type,time,var) VALUES ('" . _userip . "',6," . time() . ",1)");
            }
            break;
    }
}
                 break;
         }
     }
     if (!$skip) {
         $cond .= " AND ";
     }
 }
 // vycisteni podminky
 if ($cond == "") {
     $cond = 1;
 } else {
     $cond = mb_substr($cond, 0, mb_strlen($cond) - 5);
 }
 // vyhledani clanku
 $query = DB::query("SELECT art.id,art.title,art.title_seo,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE " . $cond);
 $found = DB::size($query);
 if ($found != 0) {
     if (!_checkboxLoad("_process")) {
         $infopage = true;
     } else {
         $boolparams = array("public", "visible", "comments", "rateon", "showinfo");
         if (_loginright_adminconfirm) {
             $boolparams[] = "confirmed";
         }
         while ($item = DB::row($query)) {
             // smazani komentaru
             if ($new_delcomments or $new_delete) {
                 DB::query("DELETE FROM `" . _mysql_prefix . "-posts` WHERE type=2 AND home=" . $item['id']);
             }
             // smazani clanku
             if ($new_delete) {
Пример #16
0
     if (_loginright_admingallery and _loginright_admincontent) {
         $_GET['a'] = "addtogallery";
     }
     break;
     // pridani vyberu do galerie - ulozeni
 // pridani vyberu do galerie - ulozeni
 case "addtogallery":
     if (_loginright_admingallery and _loginright_admincontent) {
         // priprava promennych
         $counter = 0;
         $galid = intval($_POST['gallery']);
         // vlozeni obrazku
         if (DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-root` WHERE id=" . $galid . " AND type=5"), 0) != 0) {
             // nacteni nejmensiho poradoveho cisla
             $smallestord = DB::query("SELECT ord FROM `" . _mysql_prefix . "-images` WHERE home=" . $galid . " ORDER BY ord LIMIT 1");
             if (DB::size($smallestord) != 0) {
                 $smallestord = DB::row($smallestord);
                 $smallestord = $smallestord['ord'];
             } else {
                 $smallestord = 1;
             }
             // posunuti poradovych cisel
             DB::query("UPDATE `" . _mysql_prefix . "-images` SET ord=ord+" . (count($_POST) - 2) . " WHERE home=" . $galid);
             // cyklus
             $sql = "";
             foreach ($_POST as $var => $val) {
                 if ($var == "action" or $var == "param") {
                     continue;
                 }
                 $val = _admin_cparam($val);
                 $ext = pathinfo($val);
Пример #17
0
/**
 * [ADMIN] Sestavit <select> pro vyber uzivatele/skupiny
 * @param string $name nazev selectu
 * @param int $selected id zvoleneho uzivatele
 * @param string $gcond SQL podminka pro zarazeni skupiny
 * @param string|null $class trida selectu nebo null
 * @param string|null $extraoption popisek extra volby (-1) nebo null (= deaktivovano)
 * @param bool $groupmode vybirat pouze cele skupiny 1/0
 * @param int|null $multiple povolit vyber vice polozek (size = $multiple) nebo null (= deaktivovano)
 * @return string
 */
function _admin_authorSelect($name, $selected, $gcond, $class = null, $extraoption = null, $groupmode = false, $multiple = null)
{
    if ($class != null) {
        $class = " class='" . $class . "'";
    } else {
        $class = "";
    }
    if ($multiple != null) {
        $multiple = " multiple='multiple' size='" . $multiple . "'";
        $name .= "[]";
    } else {
        $multiple = "";
    }
    $return = "<select name='" . $name . "'" . $class . $multiple . ">";
    $query = DB::query("SELECT id,title,level FROM `" . _mysql_prefix . "-groups` WHERE " . $gcond . " AND id!=2 ORDER BY level DESC");
    if ($extraoption != null) {
        $return .= "<option value='-1' class='special'>" . $extraoption . "</option>";
    }
    if (!$groupmode) {
        while ($item = DB::row($query)) {
            $users = DB::query("SELECT id,username,publicname FROM `" . _mysql_prefix . "-users` WHERE `group`=" . $item['id'] . " AND (" . $item['level'] . "<" . _loginright_level . " OR id=" . _loginid . ") ORDER BY id");
            if (DB::size($users) != 0) {
                $return .= "<optgroup label='" . $item['title'] . "'>";
                while ($user = DB::row($users)) {
                    if ($selected == $user['id']) {
                        $sel = " selected='selected'";
                    } else {
                        $sel = "";
                    }
                    $return .= "<option value='" . $user['id'] . "'" . $sel . ">" . $user['' !== $user['publicname'] ? 'publicname' : 'username'] . "</option>\n";
                }
                $return .= "</optgroup>";
            }
        }
    } else {
        while ($item = DB::row($query)) {
            if ($selected == $item['id']) {
                $sel = " selected='selected'";
            } else {
                $sel = "";
            }
            $return .= "<option value='" . $item['id'] . "'" . $sel . ">" . $item['title'] . " (" . DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-users` WHERE `group`=" . $item['id']), 0) . ")</option>\n";
        }
    }
    $return .= "</select>";
    return $return;
}
Пример #18
0
        break;
        // plugin post
    // plugin post
    case 7:
        _extend('call', 'posts.' . $pluginflag . '.validate', array('home' => $posttarget, 'valid' => &$continue));
        break;
        // blbost
    // blbost
    default:
        die;
}
/* --  kontrola prispevku pro odpoved  -- */
if ($xhome != -1 && $posttype != 6) {
    $continue2 = false;
    $tdata = DB::query("SELECT xhome FROM `" . _mysql_prefix . "-posts` WHERE id=" . $xhome . " AND home=" . $posttarget . " AND locked=0");
    if (DB::size($tdata) != 0) {
        $tdata = DB::row($tdata);
        if ($tdata['xhome'] == -1) {
            $continue2 = true;
        }
    }
} else {
    $continue2 = true;
}
/* --  ulozeni prispevku  -- */
if ($continue and $continue2 and $text != "" and $posttype == 4 || _captchaCheck()) {
    if (_xsrfCheck()) {
        if ($posttype == 4 or _loginright_unlimitedpostaccess or _iplogCheck(5)) {
            if ($guest === '' || DB::result(DB::query('SELECT COUNT(*) FROM `' . _mysql_prefix . '-users` WHERE username=\'' . DB::esc($guest) . '\' OR publicname=\'' . DB::esc($guest) . '\''), 0) == 0) {
                // zpracovani pluginem
                $allow = true;
Пример #19
0
 /**
  * List action
  * @param  array      $params
  * @param  array      $action
  * @param  AdminBread $bread
  * @return array
  */
 public static function listAction(array $params, array $action, AdminBread $bread)
 {
     /* ----- prepare query ----- */
     // format condition
     if ('1' !== $action['query_cond']) {
         $cond = $bread->formatSql($action['query_cond'], $action['query_cond_params']);
     } else {
         $cond = $action['query_cond'];
     }
     // format sql
     $sql = $bread->formatSql($action['query'], array('columns' => $action['columns'], 'table' => '`' . $bread->formatTable($bread->table) . "`", 'table_alias' => $bread->tableAlias, 'cond' => $cond));
     // add order by
     if (!empty($action['query_orderby'])) {
         $sql .= " ORDER BY {$action['query_orderby']}";
     }
     /* ----- init paginator ----- */
     if ($action['paginator']) {
         $total = DB::query_row('SELECT COUNT(*) total FROM `' . $bread->formatTable($bread->table) . '` ' . $bread->tableAlias . ' WHERE ' . $cond);
         $paging = _resultPaging(_htmlStr($params['url']), $action['paginator_size'], intval($total['total']));
         $sql .= " {$paging[1]}";
     } else {
         $paging = null;
     }
     /* ----- fetch data ----- */
     $result = DB::query($sql);
     if (false === $result) {
         return array(null, self::ACTION_ERR);
     }
     /* ----- render ----- */
     $out = $bread->render($action['template'], array('result' => $result, 'count' => DB::size($result), 'paging' => $paging, 'self' => $params['action']));
     DB::free($result);
     // return
     return array(null, $out);
 }
Пример #20
0
    exit;
}
/* ---  akce  --- */
$sysgroups_array = array(1, 2, 3);
$msg = 0;
// vytvoreni skupiny
if (isset($_POST['type']) and _loginright_admingroups) {
    $type = intval($_POST['type']);
    if ($type == -1) {
        // prazdna skupina
        DB::query("INSERT INTO `" . _mysql_prefix . "-groups` (title,level,icon) VALUES ('" . $_lang['admin.users.groups.new.empty'] . "',0,'')");
        $msg = 1;
    } else {
        // kopirovat skupinu
        $cgroup = DB::query("SELECT * FROM `" . _mysql_prefix . "-groups` WHERE id=" . $type);
        if (DB::size($cgroup) != 0) {
            $cgroup = DB::row($cgroup);
            $ngroup = array();
            $skip = false;
            $columns = "";
            $values = "";
            // sesbirani dat
            foreach ($cgroup as $column => $val) {
                $quotes = "";
                switch ($column) {
                    case "id":
                        $val = 'NULL';
                        break;
                    case "level":
                        if ($val >= 10000) {
                            $val = 9999;
Пример #21
0
?>
</a>
<?php 
echo _xsrfProtect();
?>
</form>

<?php 
if ($process) {
    echo '<h2>' . $_lang['global.result'] . '</h2><br />';
    $query = DB::query($sql, true);
    if (DB::error() == null) {
        $fields = array();
        $aff_rows = DB::affectedRows();
        if ($query) {
            $num_rows = intval(DB::size($query));
        } else {
            $num_rows = 0;
        }
        $heading = false;
        if ($num_rows != 0) {
            echo '<p><strong>' . $_lang['admin.other.sqlex.rows'] . ':</strong> ' . $num_rows . '</p>
<table class="list">' . "\n";
            while ($item = DB::row($query)) {
                // nacteni sloupcu, vytvoreni hlavicky tabulky
                if (!$heading) {
                    // sloupce
                    $load = false;
                    foreach ($item as $field => $value) {
                        $fields[] = $field;
                    }
Пример #22
0
<?php

/* ---  kontrola jadra  --- */
if (!defined('_core')) {
    exit;
}
/* ---  ulozeni  --- */
$message = "";
if (isset($_POST['sourcegroup'])) {
    $source = intval($_POST['sourcegroup']);
    $target = intval($_POST['targetgroup']);
    $source_data = DB::query("SELECT level FROM `" . _mysql_prefix . "-groups` WHERE id=" . $source);
    $target_data = DB::query("SELECT level FROM `" . _mysql_prefix . "-groups` WHERE id=" . $target);
    if (DB::size($source_data) != 0 and DB::size($target_data) != 0 and $source != 2 and $target != 2) {
        if ($source != $target) {
            $source_data = DB::row($source_data);
            $target_data = DB::row($target_data);
            if (_loginright_level > $source_data['level'] and _loginright_level > $target_data['level']) {
                DB::query("UPDATE `" . _mysql_prefix . "-users` SET `group`=" . $target . " WHERE `group`=" . $source . " AND id!=0");
                $message = _formMessage(1, $_lang['global.done']);
            } else {
                $message = _formMessage(2, $_lang['admin.users.move.failed']);
            }
        } else {
            $message = _formMessage(2, $_lang['admin.users.move.same']);
        }
    } else {
        $message = _formMessage(3, $_lang['global.badinput']);
    }
}
/* ---  vystup  --- */
    DB::query("DELETE FROM `" . _mysql_prefix . "-images` WHERE id=" . $del . " AND home=" . $g);
    if (DB::affectedRows() === 1) {
        $message = _formMessage(1, $_lang['global.done']);
    }
}
/* ---  vystup  --- */
if ($continue) {
    $output .= "\n<a href='index.php?p=content-editgallery&amp;id=" . $g . "' class='backlink'>&lt; návrat zpět</a>\n<h1>" . $_lang['admin.content.manageimgs.title'] . "</h1>\n<p class='bborder'>" . str_replace("*galtitle*", $galdata['title'], $_lang['admin.content.manageimgs.p']) . "</p>\n\n" . $message . "\n\n<script type='text/javascript'>\n/* <![CDATA[ */\n\$(document).ready(function(){\n    \$('.hs_fieldset').each(function(){\n        var fieldset = this;\n        var link = \$(fieldset).find('legend > a').get(0);\n        var form = \$(fieldset).children('form');\n        \$(form).hide();\n        \$(link).click(function(){\n            \$(form).slideToggle('fast');\n\n            return false;\n        });\n    });\n});\n/* ]]> */\n</script>\n\n<fieldset>\n<legend>" . $_lang['admin.content.manageimgs.upload'] . "</legend>\n<form action='index.php?p=content-manageimgs&amp;g=" . $g . "' method='post' enctype='multipart/form-data'>\n    <p>" . sprintf($_lang['admin.content.manageimgs.upload.text'], _galuploadresize_w, _galuploadresize_h) . "</p>\n    <input type='hidden' name='xaction' value='7' />\n    <div id='fmanFiles'><input type='file' name='uf0[]' multiple='multiple' />&nbsp;&nbsp;<a href='#' onclick='return _sysFmanAddFile();'>" . $_lang['admin.fman.upload.addfile'] . "</a></div>\n    <div class='hr'><hr /></div>\n    <p>\n        <input type='submit' value='" . $_lang['admin.content.manageimgs.upload.submit'] . "' />" . (($uplimit = _getUploadLimit(true)) !== null ? " &nbsp;<small>" . $_lang['global.uploadlimit'] . ": <em>" . _getUploadLimit() . "MB</em>, " . $_lang['global.uploadext'] . ": <em>" . implode(', ', SL::$imageExt) . "</em></small>" : '') . "<br />\n        <label><input type='checkbox' value='1' name='moveords' checked='checked' /> " . $_lang['admin.content.manageimgs.moveords'] . "</label>\n    </p>\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n<fieldset class='hs_fieldset'>\n<legend><a href='#'>" . $_lang['admin.content.manageimgs.insert'] . "</a> &nbsp;<small>(" . $_lang['admin.content.manageimgs.insert.tip'] . ")</small></legend>\n<form action='index.php?p=content-manageimgs&amp;g=" . $g . "' method='post' name='addform' onsubmit='_sysGalTransferPath(this);'>\n<input type='hidden' name='xaction' value='1' />\n\n<table>\n<tr class='valign-top'>\n\n<td>\n    <table>\n    <tr>\n    <td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n    <td><input type='text' name='title' class='inputmedium' maxlength='64' /></td>\n    </tr>\n\n    <tr>\n    <td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n    <td><input type='text' name='ord' class='inputsmall' disabled='disabled' />&nbsp;&nbsp;<label><input type='checkbox' name='moveords' value='1' checked='checked' onclick=\"_sysDisableField(this.checked, 'addform', 'ord');\" /> " . $_lang['admin.content.manageimgs.moveords'] . "</label></td>\n    </tr>\n\n    <tr>\n    <td class='rpad'><strong>" . $_lang['admin.content.manageimgs.prev'] . "</strong></td>\n    <td><input type='text' name='prev' class='inputsmall' disabled='disabled' />&nbsp;&nbsp;<label><input type='checkbox' name='autoprev' value='1' checked='checked' onclick=\"_sysDisableField(this.checked, 'addform', 'prev');\" /> " . $_lang['admin.content.manageimgs.autoprev'] . "</label></td>\n    </tr>\n\n    <tr>\n    <td class='rpad'><strong>" . $_lang['admin.content.manageimgs.full'] . "</strong></td>\n    <td><input type='text' name='full' class='inputmedium' /></td>\n    </tr>\n\n    <tr>\n    <td></td>\n    <td><input type='submit' value='" . $_lang['global.insert'] . "' /></td>\n    </tr>\n\n    </table>\n</td>\n\n<td>\n" . (_loginright_adminfman ? "<div id='gallery-browser'>\n    " . (!isset($_GET['browserpath']) ? "<a href='#' onclick=\"return _sysGalBrowse('" . urlencode(_upload_dir) . (_loginright_adminfmanlimit ? _loginname . '%2F' : '') . "');\"><img src='images/icons/loupe.png' alt='browse' class='icon' />" . $_lang['admin.content.manageimgs.insert.browser.link'] . "</a>" : "<script type='text/javascript'>_sysGalBrowse('" . _htmlStr($_GET['browserpath']) . "');</script>") . "\n</div>" : '') . "\n</td>\n\n</tr>\n</table>\n\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n";
    // strankovani
    $paging = _resultPaging("index.php?p=content-manageimgs&amp;g=" . $g, $galdata['var2'], "images", "home=" . $g);
    $s = $paging[2];
    $output .= "\n<fieldset>\n<legend>" . $_lang['admin.content.manageimgs.current'] . "</legend>\n<form action='index.php?p=content-manageimgs&amp;g=" . $g . "&amp;page=" . $s . "' method='post' name='editform'>\n<input type='hidden' name='xaction' value='4' />\n\n<input type='submit' value='" . $_lang['admin.content.manageimgs.savechanges'] . "' class='gallery-savebutton' />\n" . $paging[0] . "\n<div class='cleaner'></div>";
    // vypis obrazku
    $images = DB::query("SELECT * FROM `" . _mysql_prefix . "-images` WHERE home=" . $g . " ORDER BY ord " . $paging[1]);
    $images_forms = array();
    if (DB::size($images) != 0) {
        // sestaveni formularu
        while ($image = DB::row($images)) {
            // kod nahledu
            $preview = _galleryImage($image, "1", $galdata['var4'], $galdata['var3']);
            // kod formulare
            $images_forms[] .= "\n<table>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_title' class='inputmedium' value='" . $image['title'] . "' maxlength='64' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_ord' class='inputmedium' value='" . $image['ord'] . "' /></td>\n</tr>\n\n" . (!$image['in_storage'] ? "<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.manageimgs.prev'] . "</strong></td>\n<td><input type='hidden' name='i" . $image['id'] . "_prevtrigger' value='1' /><input type='text' name='i" . $image['id'] . "_prev' class='inputsmall' value='" . $image['prev'] . "'" . _inputDisable($image['prev'] != "") . " />&nbsp;&nbsp;<label><input type='checkbox' name='i" . $image['id'] . "_autoprev' value='1' onclick=\"_sysDisableField(checked, 'editform', 'i" . $image['id'] . "_prev');\"" . _checkboxActivate($image['prev'] == "") . " /> " . $_lang['admin.content.manageimgs.autoprev'] . "</label></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.manageimgs.full'] . "</strong></td>\n<td><input type='text' name='i" . $image['id'] . "_full' class='inputmedium' value='" . $image['full'] . "' /></td>\n</tr>" : '') . "\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['global.preview'] . "</strong></td>\n<td>" . $preview . "<br /><br /><a href='" . _xsrfLink("index.php?p=content-manageimgs&amp;g=" . $g . "&amp;page=" . $s . "&amp;del=" . $image['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['admin.content.manageimgs.delete'] . "</a></td>\n</tr>\n\n</table>\n    ";
        }
        // sestaveni tabulky formularu po dvou
        $output .= "\n<table id='gallery-edittable'>";
        $count = count($images_forms);
        for ($i = 0; $i < $count; $i += 2) {
            if (isset($images_forms[$i])) {
                $output .= "<tr><td" . (0 === $i % 2 && !isset($images_forms[$i + 1]) && 1 !== $count ? ' colspan="2"' : '') . " class='gallery-edittable-td'>\n" . $images_forms[$i] . "\n</td>\n";
                if (isset($images_forms[$i + 1])) {
                    $output .= "<td class='gallery-edittable-td'>\n" . $images_forms[$i + 1] . "\n</td></tr>\n";
Пример #24
0
 /**
  * Obnovit stav hloubky v cele vetvi
  * @param int $currentNodeId
  * @parma bool|null $isRootNode
  */
 protected function doRefreshDepth($currentNodeId, $isRootNode = null)
 {
     // zjistit korenovy uzel
     $rootNodeId = $currentNodeId;
     if (true !== $isRootNode && null !== $currentNodeId) {
         $rootNodeId = $this->getRoot($currentNodeId);
     }
     // pripravit frontu a depth mapu
     $queue = array(array($rootNodeId, 0, array()));
     $depthmap = array();
     // traverzovat frontu
     for ($i = 0; isset($queue[$i]); ++$i) {
         // vyhledat potomky
         if (null !== $queue[$i][0]) {
             $childCondition = $this->parentColumn . '=' . DB::val($queue[$i][0]);
         } else {
             $childCondition = $this->parentColumn . ' IS NULL';
         }
         $children = DB::query($s = 'SELECT ' . $this->idColumn . ',' . $this->depthColumn . ' FROM `' . $this->table . '` WHERE ' . $childCondition);
         if (DB::size($children) > 0) {
             // uzel ma potomky, pridat do fronty
             if (null !== $queue[$i][0]) {
                 $childParents = array_merge(array($queue[$i][0]), $queue[$i][2]);
             } else {
                 $childParents = $queue[$i][2];
             }
             while ($child = DB::row($children)) {
                 $queue[] = array($child[$this->idColumn], $child[$this->depthColumn], $childParents);
             }
         }
         DB::free($children);
         // aktualizovat urovne nadrazenych uzlu
         if (null !== $queue[$i][0] && !isset($depthmap[$queue[$i][0]])) {
             $depthmap[$queue[$i][0]] = 0;
         }
         for ($j = 0; isset($queue[$i][2][$j]); ++$j) {
             $currentDepth = $j + 1;
             if (!isset($depthmap[$queue[$i][2][$j]]) || $depthmap[$queue[$i][2][$j]] < $currentDepth) {
                 $depthmap[$queue[$i][2][$j]] = $currentDepth;
             }
         }
         unset($queue[$i]);
     }
     // aplikovat depth mapu
     foreach ($depthmap as $nodeId => $newDepth) {
         DB::update($this->table, $this->idColumn . '=' . DB::val($nodeId), array($this->depthColumn => $newDepth));
     }
 }
        case 3:
            $artorder = "art.title";
            break;
        case 4:
            $artorder = "art.title DESC";
            break;
    }
    // titulek kategorie
    $output .= "<h2>" . $catdata['title'] . " &nbsp; <a href='index.php?p=content-articles-edit&amp;new_cat=" . $cid . "'><img src='images/icons/new.png' alt='new' class='icon' />" . $_lang['admin.content.articles.create'] . "</a></h2>\n";
    // vypis clanku
    // zprava
    $message = "";
    if (isset($_GET['artdeleted'])) {
        $message = _formMessage(1, $_lang['admin.content.articles.delete.done']);
    }
    $cond = "(art.home1=" . $cid . " OR art.home2=" . $cid . " OR art.home3=" . $cid . ")" . _admin_artAccess('art');
    $paging = _resultPaging("index.php?p=content-articles-list&amp;cat=" . $cid, $catdata['var2'], "articles:art", $cond);
    $s = $paging[2];
    $output .= $paging[0] . "<div class='hr'><hr /></div>\n" . $message . "\n<table class='list'>\n<thead><tr><td>" . $_lang['global.article'] . "</td><td>" . $_lang['article.author'] . "</td><td>" . $_lang['article.posted'] . "</td><td>" . $_lang['global.action'] . "</td></tr></thead>\n<tbody>";
    $arts = DB::query("SELECT art.id,art.title,art.title_seo,art.time,art.author,art.confirmed,art.visible,art.public,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE " . $cond . " ORDER BY " . $artorder . " " . $paging[1]);
    if (DB::size($arts) != 0) {
        while ($art = DB::row($arts)) {
            $output .= "<tr><td>" . _admin_articleEditLink($art) . "</td><td>" . _linkUser($art['author']) . "</td><td>" . _formatTime($art['time']) . "</td><td><a href='index.php?p=content-articles-edit&amp;id=" . $art['id'] . "&amp;returnid=" . $cid . "&amp;returnpage=" . $s . "'><img src='images/icons/edit.png' alt='edit' class='icon' />" . $_lang['global.edit'] . "</a>&nbsp;&nbsp;&nbsp;<a href='index.php?p=content-articles-delete&amp;id=" . $art['id'] . "&amp;returnid=" . $cid . "&amp;returnpage=" . $s . "'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['global.delete'] . "</a></td></tr>\n";
        }
    } else {
        $output .= "<tr><td colspan='4'>" . $_lang['global.nokit'] . "</td></tr>";
    }
    $output .= "</tbody></table>";
} else {
    $output .= _formMessage(3, $_lang['global.badinput']);
}
/**
 * Vytvoreni vypisu prispevku
 *
 * Type Popis               Vars
 * 1    komentare sekce     zamknute komentare 1/0
 * 2    komentare článku    zamknute komentare 1/0
 * 3    prispevky v knize   [polozek na stranu, povoleno prispivani 1/0, zamknuto 1/0]
 * 5    temata ve foru      [polozek na stranu, povoleno prispivani 1/0, zamknuto 1/0]
 * 6    odpovedi na tema    [polozek na stranu, povoleno prispivani 1/0, zamknuto 1/0, id tematu]
 * 7    vypis vzkazu        [zamknuto 1/0]
 * 8    vypis pluginpostu   [polozek na stranu, povoleno prispivani 1/0, zamknuto 1/0, plugin flag, radit sestupne 1/0, [titulek / null]]
 *
 * @param int $type typ prispevku
 * @param int $home id polozky asociovane s komentari
 * @param mixed $vars promenna nastaveni podle typu
 * @param bool $force_locked vynutit zamknuty stav
 * @param string|null $url vlastni url nebo null (= automaticky)
 * @return string
 */
function _postsOutput($type, $home, $vars, $force_locked = false, $url = null)
{
    global $_lang;
    /* ---  typ  --- */
    // vychozi hodnoty
    $desc = "DESC ";
    $ordercol = 'id';
    $countcond = "type=" . $type . " AND xhome=-1 AND home=" . $home;
    $locked_textid = '';
    $autolast = false;
    $postlink = false;
    $pluginflag = null;
    // url
    if (!isset($url)) {
        $url = _indexOutput_url;
    }
    $url_html = _htmlStr($url);
    switch ($type) {
        // komentare v sekci
        case 1:
            $posttype = 1;
            $xhome = -1;
            $subclass = "comments";
            $title = $_lang['posts.comments'];
            $addlink = $_lang['posts.addcomment'];
            $nopostsmessage = $_lang['posts.nocomments'];
            $postsperpage = _commentsperpage;
            $canpost = _loginright_postcomments;
            $locked = _boolean($vars);
            $replynote = true;
            break;
            // komentare u clanku
        // komentare u clanku
        case 2:
            $posttype = 2;
            $xhome = -1;
            $subclass = "comments";
            $title = $_lang['posts.comments'];
            $addlink = $_lang['posts.addcomment'];
            $nopostsmessage = $_lang['posts.nocomments'];
            $postsperpage = _commentsperpage;
            $canpost = _loginright_postcomments;
            $locked = _boolean($vars);
            $replynote = true;
            break;
            // prispevky v knize
        // prispevky v knize
        case 3:
            $posttype = 3;
            $xhome = -1;
            $subclass = "book";
            $title = null;
            $addlink = $_lang['posts.addpost'];
            $nopostsmessage = $_lang['posts.noposts'];
            $postsperpage = $vars[0];
            $canpost = $vars[1];
            $locked = _boolean($vars[2]);
            $replynote = true;
            break;
            // temata ve foru
        // temata ve foru
        case 5:
            $posttype = 5;
            $xhome = -1;
            $subclass = "book";
            $title = null;
            $addlink = $_lang['posts.addtopic'];
            $nopostsmessage = $_lang['posts.notopics'];
            $postsperpage = $vars[0];
            $canpost = $vars[1];
            $locked = _boolean($vars[2]);
            $replynote = true;
            $ordercol = 'bumptime';
            $locked_textid = '3';
            break;
            // odpovedi v tematu
        // odpovedi v tematu
        case 6:
            $posttype = 5;
            $xhome = $vars[3];
            $subclass = "book";
            $title = null;
            $addlink = $_lang['posts.addanswer'];
            $nopostsmessage = $_lang['posts.noanswers'];
            $postsperpage = $vars[0];
            $canpost = $vars[1];
            $locked = _boolean($vars[2]);
            $replynote = false;
            $desc = "";
            $countcond = "type=5 AND xhome=" . $xhome . " AND home=" . $home;
            $autolast = isset($_GET['autolast']);
            $postlink = true;
            break;
            // odpovedi v konverzaci
        // odpovedi v konverzaci
        case 7:
            $posttype = 6;
            $xhome = null;
            $subclass = "book";
            $title = null;
            $addlink = $_lang['posts.addanswer'];
            $nopostsmessage = $_lang['posts.noanswers'];
            $postsperpage = _messagesperpage;
            $canpost = true;
            $locked = _boolean($vars[0]);
            $replynote = false;
            $desc = "";
            $countcond = "type=6 AND home=" . $home;
            $locked_textid = '4';
            $autolast = true;
            break;
            // plugin posty
        // plugin posty
        case 8:
            $posttype = 7;
            $xhome = -1;
            $subclass = "book";
            $title = isset($vars[5]) ? $vars[5] : null;
            $addlink = $_lang['posts.addpost'];
            $nopostsmessage = $_lang['posts.noposts'];
            $postsperpage = $vars[0];
            $canpost = $vars[1];
            $locked = _boolean($vars[2]);
            $replynote = true;
            $pluginflag = $vars[3];
            $countcond .= " AND flag=" . $pluginflag;
            if (!$vars[4]) {
                $desc = '';
            }
            break;
    }
    // vynutit uzamceni parametrem
    if ($force_locked) {
        $locked = true;
    }
    // extend
    $callback = null;
    _extend('call', 'posts.output', array('type' => $type, 'home' => $home, 'xhome' => $xhome, 'vars' => $vars, 'post_type' => $posttype, 'plugin_flag' => $pluginflag, 'canpost' => &$canpost, 'locked' => &$locked, 'autolast' => &$autolast, 'post_link' => &$postlink, 'posts_per_page' => &$postsperpage, 'sql_desc' => &$desc, 'sql_ordercol' => &$ordercol, 'sql_countcond' => &$countcond, 'callback' => &$callback));
    /* ---  vystup  --- */
    $output = "\n  <div class='anchor'><a name='posts'></a></div>\n  <div class='posts-" . $subclass . "'>\n  ";
    if ($title != null) {
        $output .= "<h2>" . $title . _linkRss($home, $posttype) . "</h2>\n";
    }
    $output .= "<div class='posts-form' id='post-form'>\n";
    /* ---  priprava strankovani  --- */
    $paging = _resultPaging($url_html, $postsperpage, "posts", $countcond, "#posts", null, $autolast);
    /* ---  zprava  --- */
    if (isset($_GET['r'])) {
        switch ($_GET['r']) {
            case 0:
                $output .= _formMessage(2, $_lang['posts.failed']);
                break;
            case 1:
                $output .= _formMessage(1, $_lang[$type != 5 ? 'posts.added' : 'posts.topicadded']);
                break;
            case 2:
                $output .= _formMessage(2, str_replace("*postsendexpire*", _postsendexpire, $_lang['misc.requestlimit']));
                break;
            case 3:
                $output .= _formMessage(2, $_lang['posts.guestnamedenied']);
                break;
            case 4:
                $output .= _formMessage(2, $_lang['xsrf.msg']);
                break;
        }
    }
    /* ---  formular nebo odkaz na pridani  --- */
    if (!$locked and (isset($_GET['addpost']) or isset($_GET['replyto']))) {
        // nacteni cisla prispevku pro odpoved
        if ($xhome == -1) {
            if (isset($_GET['replyto']) and $_GET['replyto'] != -1) {
                $reply = intval($_GET['replyto']);
                if ($replynote) {
                    $output .= "<p>" . $_lang['posts.replynote'] . " (<a href='" . $url_html . "#posts'>" . $_lang['global.cancel'] . "</a>).</p>";
                }
            } else {
                $reply = -1;
            }
        } else {
            $reply = $xhome;
        }
        // formular nebo prihlaseni
        if ($canpost) {
            $form = _uniForm("postform", array('posttype' => $type, 'pluginflag' => $pluginflag, 'posttarget' => $home, 'xhome' => $reply, 'url' => $url));
            $output .= $form[0];
        } else {
            $loginform = _uniForm("login", array(), true);
            $output .= "<p>" . $_lang['posts.loginrequired'] . "</p>" . $loginform[0];
        }
    } else {
        if (!$locked) {
            $output .= "<a href='" . _addGetToLink($url_html, "addpost&amp;page=" . $paging[2]) . "#posts'><strong>" . $addlink . " &gt;</strong></a>";
        } else {
            $output .= "<img src='" . _templateImage("icons/lock.png") . "' alt='stop' class='icon' /> <strong>" . $_lang['posts.locked' . $locked_textid] . "</strong>";
        }
    }
    $output .= "</div>\n<div class='hr'><hr /></div>\n\n";
    /* ---  vypis  --- */
    if (_pagingmode == 1 or _pagingmode == 2) {
        $output .= $paging[0];
    }
    // zaklad query
    if ($type == 5) {
        $sql = "SELECT id,author,guest,subject,time,ip,locked,bumptime,sticky,(SELECT COUNT(id) FROM `" . _mysql_prefix . "-posts` WHERE type=5 AND xhome=post.id) AS answer_count";
    } else {
        $sql = "SELECT id,xhome,subject,text,author,guest,time,ip" . _extend('buffer', 'posts.columns');
    }
    $sql .= " FROM `" . _mysql_prefix . "-posts` AS post";
    // podminky a razeni
    $sql .= " WHERE post.type=" . $posttype . (isset($xhome) ? " AND post.xhome=" . $xhome : '') . " AND post.home=" . $home . (isset($pluginflag) ? " AND post.flag=" . $pluginflag : '');
    $sql .= " ORDER BY " . ($type == 5 ? 'sticky DESC,' : '') . $ordercol . ' ' . $desc . $paging[1];
    // dotaz
    $query = DB::query($sql);
    unset($sql);
    // nacteni prispevku do pole
    $items = array();
    if ($type == 5) {
        $item_ids_with_answers = array();
    }
    while ($item = DB::row($query)) {
        $items[$item['id']] = $item;
        if ($type == 5 && $item['answer_count'] != 0) {
            $item_ids_with_answers[] = $item['id'];
        }
    }
    // uvolneni dotazu
    DB::free($query);
    if ($type == 5) {
        // posledni prispevek (pro vypis temat)
        if (!empty($item_ids_with_answers)) {
            $topicextra = DB::query("SELECT * FROM (SELECT id,xhome,author,guest FROM `" . _mysql_prefix . "-posts` AS reply WHERE type=5 AND home=" . $home . " AND xhome IN(" . implode(',', $item_ids_with_answers) . ") ORDER BY reply.id DESC) AS replies GROUP BY xhome");
            while ($item = DB::row($topicextra)) {
                if (!isset($items[$item['xhome']])) {
                    if (_dev) {
                        trigger_error('Nenalezen domovsky prispevek pro odpoved #' . $item['id'], E_USER_WARNING);
                    }
                    continue;
                }
                $items[$item['xhome']]['_lastpost'] = $item;
            }
        }
    } elseif (!empty($items)) {
        // odpovedi (pro komentare)
        $answers = DB::query("SELECT id,xhome,text,author,guest,time,ip FROM `" . _mysql_prefix . "-posts` WHERE type=" . $posttype . " AND home=" . $home . (isset($pluginflag) ? " AND flag=" . $pluginflag : '') . " AND xhome IN(" . implode(',', array_keys($items)) . ") ORDER BY id");
        while ($item = DB::row($answers)) {
            if (!isset($items[$item['xhome']])) {
                if (_dev) {
                    trigger_error('Nenalezen domovsky prispevek pro odpoved #' . $item['id'], E_USER_WARNING);
                }
                continue;
            }
            if (!isset($items[$item['xhome']]['_answers'])) {
                $items[$item['xhome']]['_answers'] = array();
            }
            $items[$item['xhome']]['_answers'][] = $item;
        }
        DB::free($answers);
    }
    // vypis
    if (!empty($items)) {
        // vypis prispevku nebo temat
        if ($type != 5) {
            $hl = true;
            foreach ($items as $item) {
                // nacteni autora
                if ($item['guest'] == "") {
                    $author = _linkUser($item['author'], "post-author");
                } else {
                    $author = "<span class='post-author-guest' title='" . _showIP($item['ip']) . "'>" . $item['guest'] . "</span>";
                }
                // odkazy pro spravu
                $post_access = _postAccess($item);
                if ($type < 6 or $type > 7 or $post_access) {
                    $actlinks = " <span class='post-actions'>";
                    if (($type < 6 or $type > 7) && !$locked) {
                        $actlinks .= "<a href='" . _addGetToLink($url_html, "replyto=" . $item['id']) . "#posts'>" . $_lang['posts.reply'] . "</a>";
                    }
                    if ($post_access) {
                        $actlinks .= (($type < 6 or $type > 7) ? " " : '') . "<a href='index.php?m=editpost&amp;id=" . $item['id'] . "'>" . $_lang['global.edit'] . "</a>";
                    }
                    $actlinks .= "</span>";
                } else {
                    $actlinks = "";
                }
                // avatar
                if (_show_avatars) {
                    $avatar = _getAvatar($item['author']);
                } else {
                    $avatar = null;
                }
                // prispevek
                $hl = !$hl;
                _extend('call', 'posts.post', array('item' => &$item, 'avatar' => &$avatar, 'type' => $type));
                if (null === $callback) {
                    $output .= "<div id='post-" . $item['id'] . "' class='post" . ($hl ? ' post-hl' : '') . (isset($avatar) ? ' post-withavatar' : '') . "'><div class='post-head'>" . $author;
                    if ($type < 6 || $type > 7) {
                        $output .= ", <span class='post-subject'>" . $item['subject'] . "</span> ";
                    }
                    $output .= "<span class='post-info'>(" . _formatTime($item['time']) . ")</span>" . $actlinks . ($postlink ? "<a class='post-postlink' href='" . _addGetToLink($url_html, 'page=' . $paging[2]) . "#post-" . $item['id'] . "'><span>#" . str_pad($item['id'], 6, '0', STR_PAD_LEFT) . "</span></a>" : '') . "</div><div class='post-body" . (isset($avatar) ? ' post-body-withavatar' : '') . "'>" . $avatar . '<div class="post-body-text">' . _parsePost($item['text']) . "</div></div></div>\n";
                } else {
                    $output .= call_user_func($callback, array('item' => $item, 'avatar' => $avatar, 'author' => $author, 'actlinks' => $actlinks, 'page' => $paging[2], 'postlink' => $postlink));
                }
                // odpovedi
                if (($type < 6 || $type > 7) && isset($item['_answers'])) {
                    foreach ($item['_answers'] as $answer) {
                        // jmeno autora
                        if ($answer['guest'] == "") {
                            $author = _linkUser($answer['author'], "post-author");
                        } else {
                            $author = "<span class='post-author-guest' title='" . _showIP($answer['ip']) . "'>" . $answer['guest'] . "</span>";
                        }
                        // odkazy pro spravu
                        if (_postAccess($answer)) {
                            $actlinks = " <span class='post-actions'><a href='index.php?m=editpost&amp;id=" . $answer['id'] . "'>" . $_lang['global.edit'] . "</a></span>";
                        } else {
                            $actlinks = "";
                        }
                        // avatar
                        if (_show_avatars) {
                            $avatar = _getAvatar($answer['author']);
                        } else {
                            $avatar = null;
                        }
                        _extend('call', 'posts.post', array('item' => &$answer, 'avatar' => &$avatar, 'type' => $type));
                        if (null === $callback) {
                            $output .= "<div id='post-" . $answer['id'] . "' class='post-answer" . (isset($avatar) ? ' post-answer-withavatar' : '') . "'><div class='post-head'>" . $author . " " . $_lang['posts.replied'] . " <span class='post-info'>(" . _formatTime($answer['time']) . ")</span>" . $actlinks . "</div><div class='post-body" . (isset($avatar) ? ' post-body-withavatar' : '') . "'>" . $avatar . '<div class="post-body-text">' . _parsePost($answer['text']) . "</div></div></div>\n";
                        } else {
                            $output .= call_user_func($callback, array('item' => $answer, 'avatar' => $avatar, 'author' => $author, 'actlinks' => $actlinks, 'page' => $paging[2], 'postlink' => $postlink));
                        }
                    }
                }
            }
            if (_pagingmode == 2 or _pagingmode == 3) {
                $output .= "<br />" . $paging[0];
            }
        } else {
            // tabulka s tematy
            $hl = false;
            $output .= "\n<table class='topic-table'>\n<thead><tr><td colspan='2'><strong>" . $_lang['posts.topic'] . "</strong></td><td><strong>" . $_lang['global.answersnum'] . "</strong></td><td><strong>" . $_lang['global.lastanswer'] . "</strong></td></tr></thead>\n<tbody>\n";
            foreach ($items as $item) {
                // nacteni autora
                if ($item['guest'] == "") {
                    $author = _linkUser($item['author'], "post-author", false, false, 16);
                } else {
                    $author = "<span class='post-author-guest' title='" . _showIP($item['ip']) . "'>" . _cutStr($item['guest'], 16) . "</span>";
                }
                // nacteni jmena autora posledniho prispevku
                if (isset($item['_lastpost'])) {
                    if ($item['_lastpost']['author'] != -1) {
                        $lastpost = _linkUser($item['_lastpost']['author'], "post-author", false, false, 16);
                    } else {
                        $lastpost = "<span class='post-author-guest'>" . _cutStr($item['_lastpost']['guest'], 16) . "</span>";
                    }
                } else {
                    $lastpost = "-";
                }
                // vyber ikony
                if ($item['sticky']) {
                    $icon = 'sticky';
                } elseif ($item['locked']) {
                    $icon = 'locked';
                } elseif ($item['answer_count'] == 0) {
                    $icon = 'new';
                } elseif ($item['answer_count'] < _topic_hot_ratio) {
                    $icon = 'normal';
                } else {
                    $icon = 'hot';
                }
                // mini strankovani
                $tpages = '';
                $tpages_num = ceil($item['answer_count'] / _commentsperpage);
                if ($tpages_num == 0) {
                    $tpages_num = 1;
                }
                if ($tpages_num > 1) {
                    $tpages .= '<span class=\'topic-pages\'>';
                    for ($i = 1; $i <= 3 && $i <= $tpages_num; ++$i) {
                        $tpages .= "<a href='index.php?m=topic&amp;id=" . $item['id'] . "&amp;page=" . $i . "#posts'>" . $i . '</a>';
                    }
                    if ($tpages_num > 3) {
                        $tpages .= "<a href='index.php?m=topic&amp;id=" . $item['id'] . "&amp;page=" . $tpages_num . "'>" . $tpages_num . ' &rarr;</a>';
                    }
                    $tpages .= '</span>';
                }
                // vystup radku
                $output .= "<tr class='topic-" . $icon . ($hl ? ' topic-hl' : '') . "'><td class='topic-icon-cell'><a href='index.php?m=topic&amp;id=" . $item['id'] . "'><img src='" . _templateImage('icons/topic-' . $icon . '.png') . "' alt='" . $_lang['posts.topic.' . $icon] . "' /></a></td><td class='topic-main-cell'><a href='index.php?m=topic&amp;id=" . $item['id'] . "'>" . $item['subject'] . "</a>" . $tpages . "<br />" . $author . " <small class='post-info'>(" . _formatTime($item['time']) . ")</small></td><td>" . $item['answer_count'] . "</td><td>" . $lastpost . ($item['answer_count'] != 0 ? "<br /><small class='post-info'>(" . _formatTime($item['bumptime']) . ")</small>" : '') . "</td></tr>\n";
                $hl = !$hl;
            }
            $output .= "</tbody></table><br />\n\n";
            if (_pagingmode == 2 or _pagingmode == 3) {
                $output .= $paging[0] . "<br />";
            }
            // posledni odpovedi
            $output .= "\n<div class='hr'><hr /></div><br />\n<h3>" . $_lang['posts.forum.lastact'] . "</h3>\n";
            $query = DB::query("SELECT topic.id AS topic_id,topic.subject AS topic_subject,answer.author,answer.guest,answer.time FROM `" . _mysql_prefix . "-posts` AS answer JOIN `" . _mysql_prefix . "-posts` AS topic ON(topic.type=5 AND topic.id=answer.xhome) WHERE answer.type=5 AND answer.home=" . $home . " AND answer.xhome!=-1 ORDER BY answer.id DESC LIMIT " . _extratopicslimit);
            if (DB::size($query) != 0) {
                $output .= "<ul>\n";
                while ($item = DB::row($query)) {
                    if ($item['guest'] == "") {
                        $author = _linkUser($item['author']);
                    } else {
                        $author = "<span class='post-author-guest'>" . $item['guest'] . "</span>";
                    }
                    $output .= "<li><a href='index.php?m=topic&amp;id=" . $item['topic_id'] . "'>" . $item['topic_subject'] . "</a>&nbsp;&nbsp;<small>(" . $_lang['global.postauthor'] . " " . $author . " " . _formatTime($item['time']) . ")</small></li>\n";
                }
                $output .= "</ul>\n\n";
            } else {
                $output .= "<p>" . $_lang['global.nokit'] . "</p>";
            }
        }
    } else {
        $output .= "<p>" . $nopostsmessage . "</p>";
    }
    $output .= "</div>";
    return $output;
}
Пример #27
0
/* ---  inicializace jadra  --- */
require '../require/load.php';
SL::init('../');
if (_ratemode == 0) {
    exit;
}
/* ---  hodnoceni  --- */
// nacteni promennych
_checkKeys('_POST', array('id'));
$id = intval($_POST['id']);
$article_exists = false;
// kontrola promennych a pristupu
$continue = false;
$query = DB::query("SELECT art.id,art.title_seo,art.time,art.confirmed,art.public,art.home1,art.home2,art.home3,art.rateon,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art  JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE art.id=" . $id);
if (DB::size($query) != 0) {
    $article_exists = true;
    $query = DB::row($query);
    if (isset($_POST['r'])) {
        $r = round($_POST['r'] / 10) * 10;
        if (_iplogCheck(3, $id) and _xsrfCheck() and $query['rateon'] == 1 and _articleAccess($query) == 1 and $r <= 100 and $r >= 0) {
            $continue = true;
        }
    }
}
// zapocteni hodnoceni
if ($continue) {
    DB::query("UPDATE `" . _mysql_prefix . "-articles` SET ratenum=ratenum+1,ratesum=ratesum+" . $r . " WHERE id=" . $id);
    _iplogUpdate(3, $id);
}
// presmerovani
Пример #28
0
}
// vyhledavaci pole
// odkaz zpet na profil
if ($list) {
    $module .= "\n<a href='index.php?m=profile&amp;id=" . $id . "' class='backlink'>&lt; " . $_lang['global.return'] . "</a>\n";
}
$module .= "\n  <form action='index.php' method='get'>\n  <input type='hidden' name='m' value='profile-posts' />\n  <input type='text' name='id'" . ($id != null ? " value='" . $id . "'" : '') . " class='inputmedium' /> <input type='submit' value='" . $_lang['global.open'] . "' />\n  </form><br />\n  " . $message;
// tabulka
if ($list == true) {
    $cond = "author=" . $query['id'] . " AND `type`!=4 AND `type`!=6 AND `type`!=7";
    $paging = _resultPaging("index.php?m=profile-posts&amp;id=" . $id, 15, "posts", $cond);
    if (_pagingmode == 1 or _pagingmode == 2) {
        $module .= $paging[0];
    }
    $posts = DB::query("SELECT id,type,home,xhome,subject,text,author,time FROM `" . _mysql_prefix . "-posts` WHERE " . $cond . " ORDER BY time DESC " . $paging[1]);
    if (DB::size($posts) != 0) {
        while ($post = DB::row($posts)) {
            switch ($post['type']) {
                case 1:
                case 3:
                    $hometitle = DB::query_row("SELECT title,title_seo FROM `" . _mysql_prefix . "-root` WHERE id=" . $post['home']);
                    $homelink = _linkRoot($post['home'], $hometitle['title_seo']);
                    $hometitle = $hometitle['title'];
                    break;
                case 2:
                    $hometitle = DB::query_row("SELECT art.title,art.title_seo,cat.title_seo AS cat_title_seo FROM `" . _mysql_prefix . "-articles` AS art JOIN `" . _mysql_prefix . "-root` AS cat ON(cat.id=art.home1) WHERE art.id=" . $post['home']);
                    $homelink = _linkArticle($post['home'], $hometitle['title_seo']);
                    $hometitle = $hometitle['title'];
                    break;
                case 5:
                    $homelink = 'index.php?m=topic&amp;id=' . $post[$post['xhome'] == '-1' ? 'id' : 'xhome'];
Пример #29
0
         $module .= _formMessage(2, str_replace(array("*1*", "*2*"), array(_maxloginattempts, _maxloginexpire / 60), $_lang['login.attemptlimit']));
     }
     break;
 default:
     $module .= "<p class='bborder'>" . $_lang['mod.lostpass.p'] . "</p>";
     // kontrola promennych, odeslani emailu
     $sent = false;
     if (isset($_POST['username'])) {
         if (_iplogCheck(7)) {
             // nacteni promennych
             $username = _anchorStr($_POST['username'], false);
             $email = DB::esc($_POST['email']);
             // kontrola promennych
             if (_captchaCheck()) {
                 $userdata = DB::query("SELECT email,password,salt,username FROM `" . _mysql_prefix . "-users` WHERE username='******' AND email='" . $email . "'");
                 if (DB::size($userdata) != 0) {
                     // odeslani emailu
                     $userdata = DB::row($userdata);
                     $link = _url . "/index.php?m=lostpass&link&user="******"&hash=" . md5($userdata['email'] . $userdata['salt'] . $userdata['password']);
                     $text_tags = array("*domain*", "*username*", "*link*", "*date*", "*ip*");
                     $text_contents = array(_getDomain(), $userdata['username'], $link, _formatTime(time()), _userip);
                     if (_mail($userdata['email'], str_replace('*domain*', _getDomain(), $_lang['mod.lostpass.mail.subject']), str_replace($text_tags, $text_contents, $_lang['mod.lostpass.mail.text']), "Content-Type: text/plain; charset=UTF-8\n" . _sysMailHeader())) {
                         $module .= _formMessage(1, $_lang['mod.lostpass.cmailsent']);
                         _iplogUpdate(7);
                         $sent = true;
                     } else {
                         $module .= _formMessage(3, $_lang['hcm.mailform.msg.failure2']);
                     }
                 } else {
                     $module .= _formMessage(2, $_lang['mod.lostpass.notfound']);
                 }
Пример #30
0
                    }
                }
            }
            // ulozeni posledniho nebo jedineho shoutboxu
            if ($sql != "") {
                $sql = trim($sql, ",");
                DB::query("UPDATE `" . _mysql_prefix . "-sboxes` SET " . $sql . " WHERE id=" . $id);
            }
            $message = _formMessage(1, $_lang['global.saved']);
            break;
    }
}
/* ---  odstraneni shoutboxu  --- */
if (isset($_GET['del']) && _xsrfCheck(true)) {
    $del = intval($_GET['del']);
    DB::query("DELETE FROM `" . _mysql_prefix . "-sboxes` WHERE id=" . $del);
    DB::query("DELETE FROM `" . _mysql_prefix . "-posts` WHERE home=" . $del . " AND type=4");
    $message = _formMessage(1, $_lang['global.done']);
}
/* ---  vystup  --- */
$output .= "\n<p class='bborder'>" . $_lang['admin.content.sboxes.p'] . "</p>\n\n" . $message . "\n\n<fieldset>\n<legend>" . $_lang['admin.content.sboxes.create'] . "</legend>\n<form class='cform' action='index.php?p=content-sboxes' method='post'>\n<input type='hidden' name='action' value='1' />\n\n<table>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n<td><input type='text' name='title' class='inputbig' maxlength='64' /></td>\n</tr>\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n<td>\n<label><input type='checkbox' name='public' value='1' checked='checked' /> " . $_lang['admin.content.form.unregpost'] . "</label><br />\n<label><input type='checkbox' name='locked' value='1' /> " . $_lang['admin.content.form.locked2'] . "</label>\n</td>\n</tr>\n\n<tr>\n<td></td>\n<td><input type='submit' value='" . $_lang['global.create'] . "' /></td>\n</tr>\n\n</table>\n\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n\n<fieldset>\n<legend>" . $_lang['admin.content.sboxes.manage'] . "</legend>\n<form class='cform' action='index.php?p=content-sboxes' method='post'>\n<input type='hidden' name='action' value='2' />\n\n<input type='submit' value='" . $_lang['admin.content.sboxes.savechanges'] . "' />\n<div class='hr'><hr /></div>\n";
// vypis shoutboxu
$shoutboxes = DB::query("SELECT * FROM `" . _mysql_prefix . "-sboxes` ORDER BY id DESC");
if (DB::size($shoutboxes) != 0) {
    while ($shoutbox = DB::row($shoutboxes)) {
        $output .= "\n    <br />\n    <table>\n\n    <tr>\n    <td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n    <td><input type='text' name='s" . $shoutbox['id'] . "_title' class='inputmedium' value='" . $shoutbox['title'] . "' /></td>\n    </tr>\n\n    <tr>\n    <td><strong>" . $_lang['global.id'] . "</strong></td>\n    <td>" . $shoutbox['id'] . "</td>\n    </tr>\n\n    <tr class='valign-top'>\n    <td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n    <td>\n    <input type='hidden' name='s" . $shoutbox['id'] . "_publictrigger' value='1' /><input type='hidden' name='s" . $shoutbox['id'] . "_lockedtrigger' value='1' />\n    <label><input type='checkbox' name='s" . $shoutbox['id'] . "_public' value='1'" . _checkboxActivate($shoutbox['public']) . " /> " . $_lang['admin.content.form.unregpost'] . "</label><br />\n    <label><input type='checkbox' name='s" . $shoutbox['id'] . "_locked' value='1'" . _checkboxActivate($shoutbox['locked']) . " /> " . $_lang['admin.content.form.locked2'] . "</label><br />\n    <label><input type='checkbox' name='s" . $shoutbox['id'] . "_delposts' value='1' /> " . $_lang['admin.content.form.delposts'] . "</label><br /><br />\n    <a href='" . _xsrfLink("index.php?p=content-sboxes&amp;del=" . $shoutbox['id']) . "' onclick='return _sysConfirm();'><img src='images/icons/delete.png' alt='del' class='icon' />" . $_lang['global.delete'] . "</a>\n    </td>\n    </tr>\n\n    </table>\n    <br /><div class='hr'><hr /></div>\n    ";
    }
} else {
    $output .= $_lang['global.nokit'];
}
$output .= "\n" . _xsrfProtect() . "</form>\n</fieldset>\n\n";