include "../includes/config.php"; include "../includes/classes.php"; session_start(); $db = new mysqli($CONF['host'], $CONF['user'], $CONF['pass'], $CONF['name']); if ($db->connect_errno) { echo "Failed to connect to MySQL: (" . $db->connect_errno . ") " . $db->connect_error; } $db->set_charset("utf8"); if (in_array($_POST['type'], array('0', '1', '2', '3'))) { if (isset($_SESSION['username']) && isset($_SESSION['password']) || isset($_COOKIE['username']) && isset($_COOKIE['password'])) { $loggedIn = new loggedIn(); $loggedIn->db = $db; $loggedIn->url = $CONF['url']; $loggedIn->username = isset($_SESSION['username']) ? $_SESSION['username'] : $_COOKIE['username']; $loggedIn->password = isset($_SESSION['password']) ? $_SESSION['password'] : $_COOKIE['password']; $verify = $loggedIn->verify(); if ($verify['username']) { $feed = new feed(); $feed->db = $db; $feed->url = $CONF['url']; $feed->username = $verify['username']; $feed->id = $verify['idu']; $result = $feed->delete($_POST['id'], $_POST['type']); if ($result) { echo 1; } else { echo 0; } } } }
include "../includes/config.php"; include "../includes/classes.php"; session_start(); $db = new mysqli($CONF['host'], $CONF['user'], $CONF['pass'], $CONF['name']); if ($db->connect_errno) { echo "Failed to connect to MySQL: (" . $db->connect_errno . ") " . $db->connect_error; } $db->set_charset("utf8"); if (in_array($_POST['type'], array('0', '1', '2'))) { if (isset($_SESSION['username']) && isset($_SESSION['password']) || isset($_COOKIE['username']) && isset($_COOKIE['password'])) { $loggedIn = new loggedIn(); $loggedIn->db = $db; $loggedIn->url = $CONF['url']; $loggedIn->username = isset($_SESSION['username']) ? $_SESSION['username'] : $_COOKIE['username']; $loggedIn->password = isset($_SESSION['password']) ? $_SESSION['password'] : $_COOKIE['password']; $verify = $loggedIn->verify(); if ($verify['username']) { $feed = new feed(); $feed->db = $db; $feed->url = $CONF['url']; $feed->username = $verify['username']; $feed->id = $verify['idu']; $result = $feed->delete($_POST['message'], $_POST['type']); if ($result) { echo 1; } else { echo 0; } } } }
function run() { global $user; global $layout; global $DB; global $website; $out = ''; $item = new feed(); switch ($_REQUEST['act']) { case 1: // json data retrieval & operations switch ($_REQUEST['oper']) { case 'del': // remove rows $ids = $_REQUEST['ids']; foreach ($ids as $id) { $item->load($id); $item->delete(); } echo json_encode(true); break; default: // list or search $page = intval($_REQUEST['page']); $max = intval($_REQUEST['rows']); $offset = ($page - 1) * $max; $orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord']; $where = " f.website = " . $website->id; if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) { if (isset($_REQUEST['quicksearch'])) { $where .= $item->quicksearch($_REQUEST['quicksearch']); } else { if (isset($_REQUEST['filters'])) { $where .= navitable::jqgridsearch($_REQUEST['filters']); } else { // single search $where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']); } } } $sql = ' SELECT SQL_CALC_FOUND_ROWS f.*, d.text as title FROM nv_feeds f LEFT JOIN nv_webdictionary d ON f.id = d.node_id AND d.node_type = "feed" AND d.subtype = "title" AND d.lang = "' . $website->languages_list[0] . '" AND d.website = ' . $website->id . ' WHERE ' . $where . ' ORDER BY ' . $orderby . ' LIMIT ' . $max . ' OFFSET ' . $offset; if (!$DB->query($sql, 'array')) { throw new Exception($DB->get_last_error()); } $dataset = $DB->result(); $total = $DB->foundRows(); $out = array(); $permissions = array(0 => '<img src="img/icons/silk/world.png" align="absmiddle" /> ' . t(69, 'Published'), 1 => '<img src="img/icons/silk/world_dawn.png" align="absmiddle" /> ' . t(70, 'Private'), 2 => '<img src="img/icons/silk/world_night.png" align="absmiddle" /> ' . t(81, 'Hidden')); if (empty($dataset)) { $rows = 0; } else { $rows = count($dataset); } for ($i = 0; $i < $rows; $i++) { $out[$i] = array(0 => $dataset[$i]['id'], 1 => $dataset[$i]['title'], 2 => count(explode(',', $dataset[$i]['categories'])), 3 => $dataset[$i]['format'], 4 => $dataset[$i]['views'], 5 => $permissions[$dataset[$i]['permission']], 6 => $dataset[$i]['enabled'] == 1 ? '<img src="img/icons/silk/accept.png" />' : '<img src="img/icons/silk/cancel.png" />'); } navitable::jqgridJson($out, $page, $offset, $max, $total); break; } core_terminate(); break; case 2: // edit/new form if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); } if (isset($_REQUEST['form-sent'])) { $item->load_from_post(); try { $item->save(); $id = $item->id; unset($item); $item = new feed(); $item->load($id); $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check'); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } } $out = feeds_form($item); break; case 4: // remove if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); if ($item->delete() > 0) { $layout->navigate_notification(t(55, 'Item removed successfully.'), false); $out = feeds_list(); } else { $layout->navigate_notification(t(56, 'Unexpected error.'), false); $out = feeds_list(); } } break; case "path_check": // check if a requested path is not used $path = $_REQUEST['path']; $id = $_REQUEST['id']; $DB->query('SELECT type, object_id, lang FROM nv_paths WHERE path = ' . protect($path) . ' AND website = ' . $website->id); $rs = $DB->result(); echo json_encode($rs); core_terminate(); break; case 0: // list / search result // list / search result default: $out = feeds_list(); break; } return $out; }