}
/* --- priprava --- */
if (isset($_GET['c'])) {
$c = _get('c');
$returntolist = true;
} else {
$c = '1';
$returntolist = false;
}
/* --- ulozeni --- */
if (isset($_POST['title'])) {
// nacteni promennych
$title = DB::esc(_htmlStr($_POST['title']));
$column = _post('column');
$ord = floatval($_POST['ord']);
$content = DB::esc(_filtrateHCM($_POST['content']));
$visible = _checkboxLoad('visible');
$public = _checkboxLoad('public');
$class = trim($_POST['class']);
if ($class === '') {
$class = null;
} else {
$class = DB::esc(_htmlStr($class));
}
// vlozeni
DB::query("INSERT INTO `" . _mysql_prefix . "-boxes` (ord,title,content,visible,public,`column`,class) VALUES (" . $ord . ",'" . $title . "','" . $content . "'," . $visible . "," . $public . ",'" . DB::esc($column) . "'," . (isset($class) ? '\'' . $class . '\'' : 'NULL') . ")");
define('_redirect_to', 'index.php?p=content-boxes-edit&c=' . urlencode($column) . '&created');
return;
}
/* --- vystup --- */
$output .= "\n<a href='index.php?p=" . ($returntolist ? "content-boxes-edit&c=" . urlencode($c) : "content-boxes") . "' class='backlink'>< " . $_lang['global.return'] . "</a>\n<h1>" . $_lang['admin.content.boxes.new.title'] . "</h1>\n<p class='bborder'></p>\n\n<form class='cform' action='index.php?p=content-boxes-new&c=" . urlencode($c) . "' method='post'>\n\n<table class='formtable'>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.title'] . "</strong></td>\n<td><input type='text' name='title' class='inputmedium' maxlength='96' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.boxes.column'] . "</strong></td>\n<td><input type='text' maxlength='64' name='column' value='" . _htmlStr($c) . "' class='inputmedium' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.ord'] . "</strong></td>\n<td><input type='text' name='ord' value='1' class='inputmedium' /></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.class'] . "</strong></td>\n<td><input type='text' name='class' class='inputmedium' maxlength='24' /></td>\n</tr>\n\n<tr class='valign-top'>\n<td class='rpad'><strong>" . $_lang['admin.content.form.content'] . "</strong></td>\n<td><textarea name='content' class='areasmall_100pwidth codemirror' rows='9' cols='33'></textarea></td>\n</tr>\n\n<tr>\n<td class='rpad'><strong>" . $_lang['admin.content.form.settings'] . "</strong></td>\n<td>\n<label><input type='checkbox' name='visible' value='1' checked='checked' /> " . $_lang['admin.content.form.visible'] . "</label> \n<label><input type='checkbox' name='public' value='1' checked='checked' /> " . $_lang['admin.content.form.public'] . "</label>\n</td>\n</tr>\n\n<tr>\n<td></td>\n<td><input type='submit' value='" . $_lang['global.create'] . "' /></td>\n</tr>\n\n</table>\n\n" . _xsrfProtect() . "</form>\n\n";
switch ($var) {
case "title":
case "class":
$val = _htmlStr(trim($val));
if ($var === 'class' && $val === '') {
$val = null;
}
break;
case "column":
$val = strval($val);
break;
case "ord":
$val = floatval($val);
break;
case "content":
$val = _filtrateHCM($val);
break;
case "visible":
case "public":
$val = _checkboxLoad($id . '-' . $var . 'new');
break;
default:
continue 2;
}
// pridat do pole
if (!isset($update[$id])) {
$update[$id] = array();
}
$update[$id][$var] = $val;
}
}
$_POST['title_seo'] = $_POST['title'];
}
$newdata['title_seo'] = _anchorStr($_POST['title_seo'], true);
$newdata['keywords'] = DB::esc(_htmlStr(trim($_POST['keywords'])));
$newdata['description'] = DB::esc(_htmlStr(trim($_POST['description'])));
$newdata['home1'] = intval($_POST['home1']);
$newdata['home2'] = intval($_POST['home2']);
$newdata['home3'] = intval($_POST['home3']);
if (_loginright_adminchangeartauthor) {
$newdata['author'] = intval($_POST['author']);
} else {
$newdata['author'] = $query['author'];
}
$newdata['perex'] = DB::esc($_POST['perex']);
$newdata['content'] = DB::esc(_filtrateHCM($_POST['content']));
$newdata['infobox'] = DB::esc(_filtrateHCM(trim($_POST['infobox'])));
$newdata['public'] = _checkboxLoad('public');
$newdata['visible'] = _checkboxLoad('visible');
if (_loginright_adminconfirm || !_loginright_adminneedconfirm && $newdata['author'] == _loginid) {
$newdata['confirmed'] = _checkboxLoad('confirmed');
} else {
$newdata['confirmed'] = $query['confirmed'];
}
$newdata['comments'] = _checkboxLoad('comments');
$newdata['commentslocked'] = _checkboxLoad('commentslocked');
$newdata['rateon'] = _checkboxLoad('rateon');
$newdata['showinfo'] = _checkboxLoad('showinfo');
$newdata['resetrate'] = _checkboxLoad('resetrate');
$newdata['delcomments'] = _checkboxLoad('delcomments');
$newdata['resetread'] = _checkboxLoad('resetread');
$newdata['time'] = _loadTime('time', $query['time']);
case 2:
$val = intval($_POST[$item[0]]);
break;
case 3:
$val = floatval($_POST[$item[0]]);
break;
}
} else {
$val = _checkboxLoad($item[0]);
}
// individualni akce
$skip = false;
switch ($item[0]) {
// content
case "content":
$val = _filtrateHCM(trim($val));
break;
// intersection
// intersection
case "intersection":
if (DB::result(DB::query("SELECT COUNT(id) FROM `" . _mysql_prefix . "-root` WHERE id=" . $val . " AND type=7"), 0) == 0 or $type == 7) {
$val = -1;
}
break;
// title
// title
case "title":
$val = trim($val);
if ($val == "") {
$val = $_lang['global.novalue'];
}
