stopError($conf['l']['admin:msg:NoData']); } ajaxSuccess(bwView::textFormatter($_REQUEST['smt']['aContent'])); } elseif ($canonical->currentArgs['subAction'] == 'delete') { $admin->checkCSRFCode('articlesave'); $article->deleteArticle($_REQUEST['aID']); header("Location: {$conf['siteURL']}/{$conf['linkPrefixAdmin']}/articles/{$conf['linkConj']}CSRFCode=" . $admin->getCSRFCode('navibar')); } elseif ($canonical->currentArgs['subAction'] == 'batchdel') { $admin->checkCSRFCode('navibar'); $aIDList = @explode('<', $_REQUEST['aID']); $article->deleteArticleBatch($aIDList); ajaxSuccess(''); } elseif ($canonical->currentArgs['subAction'] == 'batchdraft') { $admin->checkCSRFCode('navibar'); $aIDList = @explode('<', $_REQUEST['aID']); $article->changeAsDraft($aIDList); ajaxSuccess(''); } elseif ($canonical->currentArgs['subAction'] == 'uploader') { $admin->checkCSRFCode('upload'); if (count($_FILES) < 1) { exit; } $picfiles = $files = array(); foreach ($_FILES["uploadFile"]["error"] as $key => $error) { if ($error == UPLOAD_ERR_OK) { $tmp_name = $_FILES["uploadFile"]["tmp_name"][$key]; $fOriginalName = $_FILES["uploadFile"]["name"][$key]; $fExtName = pathinfo($fOriginalName, PATHINFO_EXTENSION); $fStoreName = substr(md5(rand(10, 99) . $fOriginalName), 10, 8) . '.' . $fExtName; if (in_array(strtolower($fExtName), array('gif', 'jpg', 'png', 'bmp', 'jpeg', 'jpe'))) { move_uploaded_file($tmp_name, P . "storage/{$fStoreName}");