</div>'; if (isset($_GET['coupon'])) { $coupon = json_decode(urldecode($_GET['coupon']), true); $id = key($coupon); $coupon = array_map('htmlspecialchars', current($coupon)); } else { $coupon = array(); } if (!isset($coupon['Advertiser']) || !($store = \plugin\CJApi\inc\import::store_imported($coupon['Advertiser']))) { echo '<div class="a-error">Sorry, the store is not imported.</div>'; } else { if (\plugin\CJApi\inc\import::coupon_imported($id)) { echo '<div class="a-alert">Sorry, the coupon is already imported.</div>'; } else { if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['coupon'])) { $coupon = \site\utils::array_map_recursive('htmlspecialchars', $_POST['coupon']); if (isset($_POST['csrf']) && check_csrf($_POST['csrf'], 'cjapi_csrf')) { if (\plugin\CJApi\inc\actions::add_item(array('cjID' => $id, 'store' => $store->ID, 'category' => $_POST['coupon']['Category'], 'popular' => isset($_POST['coupon']['Popular']) ? true : false, 'exclusive' => isset($_POST['coupon']['Exclusive']) ? true : false, 'name' => $_POST['coupon']['Title'], 'link' => !isset($_POST['coupon']['Ownlink']) && isset($_POST['coupon']['Link']) && filter_var($_POST['coupon']['Link'], FILTER_VALIDATE_URL) ? $_POST['coupon']['Link'] : '', 'code' => $_POST['coupon']['Code'], 'description' => $_POST['coupon']['Description'], 'tags' => $_POST['coupon']['Tags'], 'start' => implode($_POST['coupon']['SD'], ', '), 'end' => implode($_POST['coupon']['ED'], ', '), 'publish' => isset($_POST['coupon']['Publish']) ? true : false, 'meta_title' => $_POST['coupon']['MTitle'], 'meta_desc' => $_POST['coupon']['MDesc']))) { echo '<div class="a-success">Added!</div><button class="btn" onclick="window.history.go(-2);">Back</button>'; return; } else { echo '<div class="a-error">Error!</div>'; } } } $csrf = $_SESSION['cjapi_csrf'] = \site\utils::str_random(10); echo '<div class="form-table"> <form action="#" method="POST" autocomplete="off"> <div class="row"><span>Category:</span>
public static function edit_user($id, $opt = array()) { global $db; if (!ab_to(array('users' => 'edit'))) { return false; } $opt = \site\utils::array_map_recursive('trim', $opt); if (empty($opt['name']) || empty($opt['email'])) { return false; } $user = \query\main::user_infos($id); $avatar = \site\images::upload(@$_FILES['logo'], 'avatar_', array('path' => DIR . '/', 'max_size' => 1024, 'max_width' => 500, 'max_height' => 600, 'current' => $user->avatar)); $stmt = $db->stmt_init(); $stmt->prepare("UPDATE " . DB_TABLE_PREFIX . "users SET name = ?, email = ?, avatar = ?, points = ?, credits = ?, privileges = ?, erole = ?, subscriber = ?, valid = ? WHERE id = ?"); $stmt->bind_param("sssiiisiii", $opt['name'], $opt['email'], $avatar, $opt['points'], $opt['credits'], $opt['privileges'], @serialize($opt['erole']), $opt['subscriber'], $opt['confirm'], $id); $execute = $stmt->execute(); $stmt->close(); if ($execute) { return true; } return false; }