$twig->loadTemplate('news/edit.twig')->display(array('PMF_LANG' => $PMF_LANG, 'comments' => $comments, 'commentType' => PMF_Comment::COMMENT_TYPE_NEWS, 'dateEnd' => $dateEnd, 'dateStart' => $dateStart, 'languageSelector' => PMF_Language::selectLanguages($newsData['lang'], false, array(), 'langTo'), 'newsData' => $newsData)); } elseif ('savenews' == $action && $user->perm->checkRight($user->getUserId(), "addnews")) { $dateStart = PMF_Filter::filterInput(INPUT_POST, 'dateStart', FILTER_SANITIZE_STRING); $dateEnd = PMF_Filter::filterInput(INPUT_POST, 'dateEnd', FILTER_SANITIZE_STRING); $header = PMF_Filter::filterInput(INPUT_POST, 'newsheader', FILTER_SANITIZE_STRIPPED); $content = PMF_Filter::filterInput(INPUT_POST, 'news', FILTER_SANITIZE_SPECIAL_CHARS); $author = PMF_Filter::filterInput(INPUT_POST, 'authorName', FILTER_SANITIZE_STRIPPED); $email = PMF_Filter::filterInput(INPUT_POST, 'authorEmail', FILTER_VALIDATE_EMAIL); $active = PMF_Filter::filterInput(INPUT_POST, 'active', FILTER_SANITIZE_STRING); $comment = PMF_Filter::filterInput(INPUT_POST, 'comment', FILTER_SANITIZE_STRING); $link = PMF_Filter::filterInput(INPUT_POST, 'link', FILTER_VALIDATE_URL); $linktitle = PMF_Filter::filterInput(INPUT_POST, 'linkTitle', FILTER_SANITIZE_STRIPPED); $newslang = PMF_Filter::filterInput(INPUT_POST, 'langTo', FILTER_SANITIZE_STRING); $target = PMF_Filter::filterInput(INPUT_POST, 'target', FILTER_SANITIZE_STRIPPED); $newsData = array('lang' => $newslang, 'header' => $header, 'content' => html_entity_decode($content), 'authorName' => $author, 'authorEmail' => $email, 'active' => is_null($active) ? 'n' : 'y', 'comment' => is_null($comment) ? 'n' : 'y', 'dateStart' => empty($dateStart) ? '00000000000000' : str_replace('-', '', $dateStart) . '000000', 'dateEnd' => empty($dateEnd) ? '99991231235959' : str_replace('-', '', $dateEnd) . '235959', 'link' => $link, 'linkTitle' => $linktitle, 'date' => date('YmdHis'), 'target' => is_null($target) ? '' : $target); $success = $news->addNewsEntry($newsData); $twig->loadTemplate('news/save.twig')->display(array('PMF_LANG' => $PMF_LANG, 'success' => $success)); } elseif ('updatenews' == $action && $user->perm->checkRight($user->getUserId(), "editnews")) { $dateStart = PMF_Filter::filterInput(INPUT_POST, 'dateStart', FILTER_SANITIZE_STRING); $dateEnd = PMF_Filter::filterInput(INPUT_POST, 'dateEnd', FILTER_SANITIZE_STRING); $header = PMF_Filter::filterInput(INPUT_POST, 'newsheader', FILTER_SANITIZE_STRIPPED); $content = PMF_Filter::filterInput(INPUT_POST, 'news', FILTER_SANITIZE_SPECIAL_CHARS); $author = PMF_Filter::filterInput(INPUT_POST, 'authorName', FILTER_SANITIZE_STRIPPED); $email = PMF_Filter::filterInput(INPUT_POST, 'authorEmail', FILTER_VALIDATE_EMAIL); $active = PMF_Filter::filterInput(INPUT_POST, 'active', FILTER_SANITIZE_STRING); $comment = PMF_Filter::filterInput(INPUT_POST, 'comment', FILTER_SANITIZE_STRING); $link = PMF_Filter::filterInput(INPUT_POST, 'link', FILTER_VALIDATE_URL); $linktitle = PMF_Filter::filterInput(INPUT_POST, 'linkTitle', FILTER_SANITIZE_STRIPPED); $newslang = PMF_Filter::filterInput(INPUT_POST, 'langTo', FILTER_SANITIZE_STRING); $target = PMF_Filter::filterInput(INPUT_POST, 'target', FILTER_SANITIZE_STRIPPED); $newsData = array('lang' => $newslang, 'header' => $header, 'content' => html_entity_decode($content), 'authorName' => $author, 'authorEmail' => $email, 'active' => is_null($active) ? 'n' : 'y', 'comment' => is_null($comment) ? 'n' : 'y', 'dateStart' => empty($dateStart) ? '00000000000000' : str_replace('-', '', $dateStart) . '000000', 'dateEnd' => empty($dateEnd) ? '99991231235959' : str_replace('-', '', $dateEnd) . '235959', 'link' => $link, 'linkTitle' => $linktitle, 'date' => date('YmdHis'), 'target' => is_null($target) ? '' : $target);
<?php } } elseif ('savenews' == $action && $permission["addnews"]) { $dateStart = PMF_Filter::filterInput(INPUT_POST, 'dateStart', FILTER_SANITIZE_STRING, '00000000000000'); $dateEnd = PMF_Filter::filterInput(INPUT_POST, 'dateEnd', FILTER_SANITIZE_STRING, '99991231235959'); $header = PMF_Filter::filterInput(INPUT_POST, 'header', FILTER_SANITIZE_STRIPPED); $content = PMF_Filter::filterInput(INPUT_POST, 'content', FILTER_SANITIZE_SPECIAL_CHARS); $author = PMF_Filter::filterInput(INPUT_POST, 'authorName', FILTER_SANITIZE_STRIPPED); $email = PMF_Filter::filterInput(INPUT_POST, 'authorEmail', FILTER_VALIDATE_EMAIL); $active = PMF_Filter::filterInput(INPUT_POST, 'active', FILTER_SANITIZE_STRING); $comment = PMF_Filter::filterInput(INPUT_POST, 'comment', FILTER_SANITIZE_STRING); $link = PMF_Filter::filterInput(INPUT_POST, 'link', FILTER_VALIDATE_URL); $linktitle = PMF_Filter::filterInput(INPUT_POST, 'linkTitle', FILTER_SANITIZE_STRIPPED); $target = PMF_Filter::filterInput(INPUT_POST, 'target', FILTER_SANITIZE_STRIPPED); $newsData = array('lang' => $LANGCODE, 'header' => $header, 'content' => html_entity_decode($content), 'authorName' => $author, 'authorEmail' => $email, 'active' => is_null($active) ? 'n' : 'y', 'comment' => is_null($comment) ? 'n' : 'y', 'dateStart' => '' == $dateStart ? '00000000000000' : str_replace('-', '', $dateStart) . '000000', 'dateEnd' => '' == $dateEnd ? '99991231235959' : str_replace('-', '', $dateEnd) . '235959', 'link' => $link, 'linkTitle' => $linktitle, 'date' => date('YmdHis'), 'target' => is_null($target) ? '' : $target); if ($news->addNewsEntry($newsData)) { printf("<p>%s</p>", $PMF_LANG['ad_news_updatesuc']); } else { printf("<p>%s</p>", $PMF_LANG['ad_news_insertfail']); } } elseif ('updatenews' == $action && $permission["editnews"]) { $dateStart = PMF_Filter::filterInput(INPUT_POST, 'dateStart', FILTER_SANITIZE_STRING, '00000000000000'); $dateEnd = PMF_Filter::filterInput(INPUT_POST, 'dateEnd', FILTER_SANITIZE_STRING, '99991231235959'); $header = PMF_Filter::filterInput(INPUT_POST, 'header', FILTER_SANITIZE_STRIPPED); $content = PMF_Filter::filterInput(INPUT_POST, 'content', FILTER_SANITIZE_SPECIAL_CHARS); $author = PMF_Filter::filterInput(INPUT_POST, 'authorName', FILTER_SANITIZE_STRIPPED); $email = PMF_Filter::filterInput(INPUT_POST, 'authorEmail', FILTER_VALIDATE_EMAIL); $active = PMF_Filter::filterInput(INPUT_POST, 'active', FILTER_SANITIZE_STRING); $comment = PMF_Filter::filterInput(INPUT_POST, 'comment', FILTER_SANITIZE_STRING); $link = PMF_Filter::filterInput(INPUT_POST, 'link', FILTER_VALIDATE_URL); $linktitle = PMF_Filter::filterInput(INPUT_POST, 'linkTitle', FILTER_SANITIZE_STRIPPED);