function __construct(&$data, $id, $table, $cols = 'cat,access,author') { global $db, $lang; if ($id) { $this->old = $db->query('SELECT ' . $cols . ' FROM ' . PRE . $table . ' WHERE ID=' . $id)->fetch(2); $this->old_cat = $this->old ? $this->old['cat'] : null; } else { $this->old_cat =& $data['cat']; } //ID, dane $this->id = $id; $this->data =& $data; //Dane istniej±? if ($this->old_cat !== null) { $db->beginTransaction(); } else { throw new Exception($lang['noex']); } //Prawa do kategorii if (!admit($this->data['cat'], 'CAT') || $this->data['cat'] != $this->old_cat && !admit($this->old_cat, 'CAT')) { throw new Exception($lang['nor']); //Skoñcz } //Autor if (isset($data['author'])) { $data['author'] = $this->authorID($data['author']); } }
function BugRights($x) { global $user; switch ($x) { case '': case NULL: if (admit('BUGS')) { return true; } break; case 'ALL': return true; break; case 'LOGD': if (UID) { return true; } break; default: if (UID) { $r = explode(' ', $x); if (in_array('U:' . UID, $r) || in_array('LV:' . LEVEL, $r)) { return true; } } } return false; }
function tags($id, $type, $mayTag = false) { global $db, $cfg, $view; $may = admit('TAG'); $url = url('tags/'); $tag = array(); $res = $db->prepare('SELECT tag,num FROM ' . PRE . 'tags WHERE ID=? AND TYPE=? GROUP BY tag ORDER BY tag'); $res->execute(array($id, $type)); foreach ($res as $x) { $tag[] = array('tag' => $x['tag'], 'url' => $url . $x['tag'], 'num' => $x['num']); } if ($tag || $may) { $view->add('tag', array('tag' => $tag, 'editTags' => $may, 'urls' => "['{$url}','request.php?go=tags&type={$type}&id={$id}']")); } }
<?php if (iCMSa != 1 || !admit('DB')) { exit; } require LANG_DIR . 'admAll.php'; #Page title $view->title = $lang['dbcopy']; #Supported databases switch ($db_db) { case 'mysql': $type = 'mysql'; $show = 'SHOW TABLES'; break; case 'sqlite': $type = 'sqlite'; $show = 'SELECT name FROM sqlite_master WHERE type="table" ORDER BY name'; break; default: $view->info('Cannot parse database type.'); return 1; } #Action: tables if (isset($_POST['tab'])) { $n = "\n"; @set_time_limit(50); #Use gzip if (isset($_POST['gz'])) { header('Content-type: application/x-gzip'); $ex = '.sql.gz'; } else {
$cats = 'cat=' . $d; } #Subcategories if ($cat['opt'] & 8) { $res = $db->query('SELECT ID,name,dsc,nums FROM ' . PRE . 'cats WHERE sc=' . $cat['ID'] . ' AND (access=1 OR access="' . LANG . '") ORDER BY name'); $res->setFetchMode(3); foreach ($res as $c) { $sc[] = array('url' => url($c[0]), 'name' => $c[1], 'desc' => $c[2], 'num' => $c[3]); } } #If empty and have privileges if ($cat['num'] == '0' && empty($sc) && admit($d, 'CAT')) { header('Location: ' . URL . url('edit/' . $cat['type'])); } #Prepare template $data = array('cat' => &$cat, 'edit' => admit('C') ? url('editCat/' . $d, 'ref', 'admin') : null, 'add' => url('edit/' . $cat['type'], 'catid=' . $d), 'list' => url('list/' . $cat['type'] . '/' . $d), 'subcats' => isset($sc) ? $sc : null, 'options' => admit($d, 'CAT')); #Category path if ($cat['opt'] & 1 && isset($cfg['catStr'])) { $view->nav = catPath($d, $cat); $data['path'] = catPath($d, $cat); } else { $view->nav = null; $data['path'] = null; } #Load item list generator - TODO: improve if ($cat['num']) { $view->add('cat', $data); include './mod/cat/' . $cat['type'] . '.php'; } else { $data['type'] = $lang['cats']; $data['cats'] = url('cats');
case '4': (require './mod/edit/link.php') or $view->set404(); break; case 'gallery': (require './mod/edit/photos.php') or $view->set404(); break; default: if (file_exists('./mod/edit/' . $TYPE . '.php')) { (require './mod/edit/' . $TYPE . '.php') or $view->set404(); } else { return; } } unset($_POST); return 1; } #Tytul $view->title = $lang['mantxt']; #Ostatni komentarz if (admit('CM') && ($c = $db->query('SELECT name,date,text FROM ' . PRE . 'comms ORDER BY ID DESC LIMIT 1')->fetch(3))) { if (isset($cfg['bbcode'])) { require_once './lib/bbcode.php'; $c[2] = BBCode($c[2]); } $last = array('title' => $c[0], 'date' => genDate($c[1], 1), 'text' => emots($c[2]), 'color' => isset($cfg['colorCode'])); } else { $last = array(); } #Wolne strony $view->add('content', array('comment' => &$last, 'page' => admit('P') ? url('editPage', '', 'admin') : null, 'pages' => admit('P') ? url('pages', '', 'admin') : null));
<?php if (iCMSa != 1 || !admit('BUGADM')) { exit; } #Language if (file_exists('./plugins/bugs/lang/adm' . LANG . '.php')) { require './plugins/bugs/lang/adm' . LANG . '.php'; } else { require './plugins/bugs/lang/en.php'; } #Template folders $view->dir = './plugins/bugs/style/'; $view->cache = './cache/bugs/'; $view->title = $lang['tracker']; if (isset($URL[1])) { switch ($URL[1]) { case 'sections': require 'plugins/bugs/admSect.php'; break; case 'config': require 'plugins/bugs/admCfg.php'; break; case 'edit': require 'plugins/bugs/admEdit.php'; break; default: return; } } else { require 'plugins/bugs/admCats.php';
$sort = 'name'; break; case '5': $sort = 'rate DESC, ID DESC'; break; default: $sort = 'ID DESC'; } #Zacznij od... if ($st != 0) { $st = ($page - 1) * $cfg['inp']; } #Odczyt $res = $db->query('SELECT ID,name,date,th FROM ' . PRE . 'imgs WHERE ' . $cats . ' AND access=1 ORDER BY priority,' . $sort . ' LIMIT ' . $st . ',' . $cfg['inp']); $res->setFetchMode(3); $total = 0; $url = url('img/'); $img = array(); #Lista foreach ($res as $x) { $img[] = array('num' => ++$total, 'title' => $x[1], 'src' => $x[3], 'url' => $url . $x[0], 'date' => genDate($x[2])); } #Strony if ($cat['num'] > $total) { $pages = pages($page, $cat['num'], $cfg['inp'], url($d), 0, '/'); } else { $pages = null; } #Do szablonu $view->add('cat_images', array('pages' => &$pages, 'image' => &$img, 'add' => admit($d, 'CAT') ? url('edit/3') : null, 'cats' => url(isset($cfg['allCat']) ? 'cats' : 'cats/images'), 'type' => isset($cfg['allCat']) ? $lang['cats'] : $lang['imgs'])); unset($res, $total, $x);
<?php if (iCMSa != 1 || !admit('CFG')) { exit; } #Update links if (isset($_SESSION['renew'])) { try { require './lib/mcache.php'; require './lib/categories.php'; RenderMenu(); Latest(); RSS(); if (function_exists('glob') && ($glob = glob('cache/cat*.php'))) { foreach ($glob as $x) { unlink($x); } } unset($_SESSION['renew'], $glob, $x); include './admin/config.php'; return 1; } catch (Exception $e) { $view->info($lang['saved']); } } #Save if ($_POST) { $opt = array('url' => $_POST['url'], 'path' => $_POST['path'], 'nice' => (int) $_POST['nice']); require './lib/config.php'; $f = new Config('db'); try {
<?php if (iCMS != 1) { exit; } #Rights if (admit('BUGS')) { $rights = 1; } else { $rights = 0; } #Get issue - FETCH_ASSOC $bug = $db->query('SELECT b.*, c.name as catName, c.rate FROM ' . PRE . 'bugs b INNER JOIN ' . PRE . 'bugcats c ON b.cat = c.ID WHERE b.ID=' . $id . ' AND (c.see=1 OR c.see="' . LANG . '")')->fetch(2); #Page title $view->title = $bug['name']; #Does not exist if (!$bug) { $view->set404(); return; } #Not approved if ($bug['status'] == 5 && $bug['who'] != UID && !$rights) { header('Location: ' . URL . url('bugs')); return; } #BBCode if (isset($cfg['bbcode'])) { require 'lib/bbcode.php'; $bug['text'] = BBCode($bug['text']); } #Date, author
$view->info('<ul><li>' . join('</li><li>', $error) . '</li></ul>'); } else { try { if ($id) { $q = $db->prepare('UPDATE ' . PRE . 'users SET login=:login, mail=:mail, sex=:sex, about=:about, www=:www, city=:city, icq=:icq, skype=:skype, tlen=:tlen, jabber=:jabber, gg=:gg, photo=:photo WHERE ID=' . $id); } else { $u['pass'] = md5($_POST['pass']); $u['regt'] = $_SERVER['REQUEST_TIME']; $q = $db->prepare('INSERT INTO ' . PRE . 'users (login,pass,mail,sex,regt,about,www,city,icq,skype,tlen,jabber,gg,photo) VALUES (:login,:pass,:mail,:sex,:regt,:about,:www,:city,:icq,:skype,:tlen,:jabber,:gg,:photo)'); } $q->execute($u); $view->info($lang['upd'], array(url('user/' . urlencode($u['login'])) => $u['login'])); return 1; } catch (PDOException $e) { $view->info($lang['error'] . $e); } } } elseif ($id) { if (!($u = $db->query('SELECT * FROM ' . PRE . 'users WHERE ID=' . $id)->fetch(2))) { return; } } else { $u = array('login' => '', 'mail' => '', 'sex' => 1, 'about' => '', 'www' => 'http://', 'city' => '', 'icq' => '', 'skype' => '', 'tlen' => '', 'jabber' => '', 'gg' => '', 'photo' => ''); } #Prepare template $view->add('editUser', array('u' => &$u, 'url' => url('editUser/' . $id, '', 'admin'), 'pass' => !$id, 'bbcode' => isset($cfg['bbcode']), 'fileman' => admit('FM')));
#Page title $view->title = $news['name']; #Emoticons if ($news['opt'] & 2) { $news['txt'] = emots($news['txt']); if ($full) { $full = emots($full); } } #Line breaks if ($news['opt'] & 1) { $news['txt'] = nl2br($news['txt']); if ($full) { $full = nl2br($full); } } #Date, author $news['date'] = genDate($news['date'], true); $news['wrote'] = autor($news['author']); #Assign to template $view->add('news', array('news' => &$news, 'full' => &$full, 'path' => catPath($news['cat']), 'edit' => admit($news['cat'], 'CAT') ? url('edit/5/' . $id, 'ref') : false, 'root' => isset($cfg['allCat']) ? $lang['cats'] : $lang['news'], 'cats' => url(isset($cfg['allCat']) ? 'cats' : 'cats/news'))); #Tags if (isset($cfg['tags'])) { include './lib/tags.php'; tags($id, 5); } #Comments if (isset($cfg['ncomm']) && $news['catOpt'] & 2) { require './lib/comm.php'; comments($id, 5); }
<?php if (iCMSa != 1 || !admit('U')) { exit; } require LANG_DIR . 'rights.php'; #Get all privileged users - FETCH_NUM $res = $db->query('SELECT ID,login,lv,adm FROM ' . PRE . 'users WHERE lv>1 OR adm!=""'); $res->setFetchMode(3); #Info, links $view->info($lang['iadms'], array(url('editUser', '', 'admin') => $lang['addUser'])); #Page title $view->title = $lang['admins']; #Init variables $num = 0; $adms = array(); foreach ($res as $adm) { switch ($adm[2]) { case '0': $lv = $lang['locked']; break; case '1': $lv = $lang['user']; break; case '2': $lv = $lang['editor']; break; case '3': $lv = $lang['admin']; break; case '4':
} catch (Exception $e) { $view->info($e->getMessage()); } } else { if ($id) { $news = $db->query('SELECT n.*,f.text FROM ' . PRE . 'news n LEFT JOIN ' . PRE . 'newstxt f ON n.ID=f.ID WHERE n.ID=' . $id)->fetch(2); $full =& $news['text']; #Verify privileges if (!$news || !admit($news['cat'], 'CAT', $news['author'])) { return; } } else { $news = array('cat' => $lastCat, 'name' => '', 'txt' => '', 'access' => 1, 'img' => '', 'opt' => 3); $full = ''; } } #Checkbox fields $news['br'] = $news['opt'] & 1; $news['emo'] = $news['opt'] & 2; $news['fn'] = $news['opt'] & 4; #JavaScript editor if (isset($cfg['wysiwyg']) && is_dir('plugins/editor')) { $view->script('plugins/editor/loader.js'); } else { $view->script(LANG_DIR . 'edit.js'); $view->script('cache/emots.js'); $view->script('lib/editor.js'); } #Template $view->add('edit_news', array('news' => &$news, 'full' => &$full, 'id' => $id, 'cats' => Slaves(5, $news['cat']), 'fileman' => admit('FM')));
} #Post ID $id = isset($URL[2]) && is_numeric($URL[2]) ? $URL[2] : 0; #Page title $view->title = $id ? $lang['editPost'] : $lang['sign']; #Skrypty - BBCode if (isset($cfg['bbcode'])) { $view->script(LANG_DIR . 'edit.js'); $view->script('cache/emots.js'); $view->script('lib/editor.js'); } #Błędy $error = array(); $preview = null; #Cannot post if ($id && !admit('GB')) { $error[] = $lang['mayNot']; } elseif (!$id) { if (empty($cfg['gbPost'])) { $error[] = $lang['disabled']; } elseif (!UID && $cfg['gbPost'] == 2) { $error[] = $lang['mustLogin']; } } #CAPTCHA if (!UID && !empty($cfg['captcha']) && !isset($_SESSION['human'])) { require './lib/spam.php'; $noSPAM = CAPTCHA(); } else { $noSPAM = false; }
<?php if (iCMSa != 1 || !admit('R')) { exit; } require LANG_DIR . 'admAll.php'; #Aktualizuj lub usun if ($_POST && isset($_POST['del']) && ($x = GetID(true))) { $db->exec('DELETE FROM ' . PRE . 'rss WHERE ID IN (' . $x . ')'); } #Pobierz kanaly RSS $res = $db->query('SELECT ID,auto,name,lang FROM ' . PRE . 'rss ORDER BY lang,name'); $all = array(); foreach ($res as $x) { $all[] = array('id' => $x['ID'], 'title' => $x['name'], 'land' => $x['lang'], 'auto' => $x['auto'] ? $lang['yes'] : $lang['no'], 'edit' => url('editRss/' . $x['ID'], '', 'admin'), 'file' => file_exists('rss/' . $x['ID'] . '.xml') ? 'rss/' . $x['ID'] . '.xml' : null); } #Szablon $view->add('rss', array('channel' => &$all)); #Zapisz tytuly w opcjach if ($_POST || isset($URL[1])) { $cfg['RSS'] = array(); foreach ($all as $x) { if ($x['auto']) { $cfg['RSS'][$x['land']][$x['id']] = $x['title']; } } include_once './lib/config.php'; $o = new Config('main'); $o->add('cfg', $cfg); $o->save(); }
if (!$id) { $id = $db->lastInsertId(); } #Apply changes $e->apply(); #Redirect to link if (isset($_GET['ref']) && isset($cfg['linkFull'])) { header('Location: ' . URL . url('link/' . $id)); } #Link URL $url = isset($cfg['linkFull']) ? url('link/' . $id) : $link['adr']; #Info + links $view->info($lang['saved'], array($url => sprintf($lang['see'], $link['name']), url($link['cat']) => $lang['goCat'], url('edit/4') => $lang['add4'], url('list/4') => $lang['links'], url('list/4/' . $link['cat']) => $lang['doCat'])); unset($e, $link); return 1; } catch (Exception $e) { $view->info($e->getMessage()); } } else { if ($id) { $link = $db->query('SELECT * FROM ' . PRE . 'links WHERE ID=' . $id)->fetch(2); //ASSOC if (!$link || !admit($link['cat'], 'CAT')) { return; } } else { $link = array('cat' => $lastCat, 'name' => '', 'dsc' => '', 'access' => 1, 'nw' => 0, 'priority' => 2, 'adr' => 'http://'); } } #Template $view->add('edit_link', array('link' => &$link, 'id' => $id, 'cats' => Slaves(4, $link['cat'])));
$view->info(sprintf($lang['NVAL'], $img['name']), null, 'warning'); } #Dimensions $size = strpos($img['size'], '|') ? explode('|', $img['size']) : null; #Data, autor $img['date'] = genDate($img['date'], true); $img['author'] = autor($img['author']); #Ocena if (isset($cfg['irate']) and $img['opt'] & 4) { $view->css(SKIN_DIR . 'rate.css'); $rates = 'vote.php?type=3&id=' . $id; } else { $rates = 0; } #Tag title and meta description - clean temporary $view->title = $img['name']; $view->desc = $img['dsc'] ? clean(substr($img['dsc'], 0, 150)) : $cfg['metaDesc']; #Description $img['dsc'] = nl2br($img['dsc']); #Template $view->add('img', array('img' => &$img, 'size' => &$size, 'rates' => $rates, 'image' => $img['type'] === '1' ? true : false, 'flash' => $img['type'] === '2' ? true : false, 'audio' => $img['type'] === '3' ? true : false, 'video' => $img['type'] === '4' ? true : false, 'path' => catPath($img['cat']), 'edit' => admit($img['cat'], 'CAT') ? url('edit/3/' . $id, 'ref') : false, 'root' => isset($cfg['allCat']) ? $lang['cats'] : $lang['imgs'], 'cats' => url(isset($cfg['allCat']) ? 'cats' : 'cats/images'), 'lightbox' => isset($cfg['lightbox']))); #Tags if (isset($cfg['tags'])) { include './lib/tags.php'; tags($id, 3); } #Comments if (isset($cfg['icomm']) && $img['opt'] & 2) { require 'lib/comm.php'; comments($id, 3); }
#Rozszerzenia, ktorych nie mo¿na wyœwietliæ lub wgraæ $banEx = array('.php' => 1, '.db' => 1, '.ini' => 1); $banUp = array('.php', '.pl', '.cgi', '.asp', '.shtml', '.phtml', '.phps', '.jsp'); $banMIME = array('php', 'cgi'); #Aktualny katalog if (isset($_GET['dir']) && strpos($_GET['dir'], '.') === false) { $dir = $_GET['dir']; if (substr($dir, -1) != '/' && $dir != '') { $dir .= '/'; } } else { $dir = 'img/'; } #Uprawnienia admit('FM') or exit; $mayUpload = admit('UP') && is_writable($dir); #Upload - TODO: info, ze plik niedozwolony + sprawdzanie MIME if ($_FILES && $mayUpload) { foreach ($_FILES['file']['name'] as $i => $x) { if (!in_array(strrchr($x, '.'), $banUp)) { move_uploaded_file($_FILES['file']['tmp_name'][$i], $dir . $x); } } } #Lista plików $file = $folder = array(); $parent = $dir ? '?dir=' . join('/', explode('/', $dir, -2)) : false; foreach (scandir('./' . $dir) as $x) { if ($x[0] === '.') { continue; }
<ul class="catlist"><?php if (iCMS != 1) { exit; } $res = $db->query('SELECT ID,name FROM ' . PRE . 'cats WHERE sc=0 AND (access=1 OR access="' . LANG . '") ORDER BY name'); $cat = array(); $url = url(''); $res->setFetchMode(3); foreach ($res as $x) { echo '<li><a href="' . $url . $x[0] . '">' . $x[1] . '</a></li>'; } if (admit('C')) { echo '<li><a href="' . url('editCat', '', 'admin') . '">' . $lang['add'] . '...</a></li>'; } ?> </ul>
<?php if (iCMSa != 1 || !admit('E')) { exit; } require LANG_DIR . 'admAll.php'; #Get installed addons $setup = array(); if (file_exists('cfg/plug.php')) { include './cfg/plug.php'; } #Page title $view->title = $lang['plugs']; #Install addon if (isset($URL[1]) && ctype_alnum($URL[1])) { $name = $URL[1]; $data = parse_ini_file('plugins/' . $name . '/plugin.ini'); if (!isset($data['install'])) { $view->info($lang['noinst']); //Unpack & Play } elseif ($_POST) { define('DB_TYPE', $db_db); define('AUTONUM', $db_db == 'mysql' ? 'INT NOT NULL auto_increment PRIMARY KEY' : 'INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL'); require './lib/config.php'; require './plugins/' . $name . '/setup.php'; try { #Setup transaction $db->beginTransaction(); #Delete addon if (isset($setup[$name])) { unset($setup[$name]);
} #Params -> string $param = $join . ($param ? ' WHERE ' . join(' AND ', $param) : ''); #Count items $total = dbCount($table . $param); #Zero if ($total == 0 && !$find) { header('Location: ' . URL . url('edit/' . $act, $id ? 'catid=' . $id : null)); $view->info($lang['noc']); return 1; } #Prepare URL $url = url('list/' . $act . '/' . $id); #Get items $res = $db->query('SELECT ID,name,access FROM ' . PRE . $table . $param . ' ORDER BY ID DESC LIMIT ' . $st . ',30'); $res->setFetchMode(3); $items = array(); #Prepare item foreach ($res as $i) { switch ($i[2]) { case '1': $a = $lang['yes']; break; default: $a = $lang['no']; } $items[] = array('num' => ++$st, 'title' => $i[1], 'id' => $i[0], 'on' => $a, 'url' => $href . $i[0], 'editURL' => url('edit/' . $act . '/' . $i[0])); } #Template $view->add('list', array('item' => $items, 'act' => $act, 'url' => $url, 'intro' => $lang['i' . $act], 'type' => $type, 'cats' => Slaves($act), 'pages' => pages($page, $total, 30, $url . '&find=' . $find, 1), 'addURL' => url('edit/' . $act, $id ? 'catid=' . $id : null), 'catsURL' => admit('C') ? url('cats/' . $act, null, 'admin') : false));
function Slaves($type = 0, $id = 0, $o = null) { global $db; $where = array(); if (is_numeric($o)) { $where[] = 'ID!=' . $o; } #Prawa i typ if (!IS_OWNER && !$where && !admit('+')) { $where[] = 'ID IN (SELECT CatID FROM ' . PRE . 'acl WHERE UID=' . UID . ')'; } if ($type != 0) { $where[] = 'type=' . (int) $type; } #Odczyt $res = $db->query('SELECT ID,name,access,lft,rgt FROM ' . PRE . 'cats' . ($where ? ' WHERE ' . join(' AND ', $where) : '') . ' ORDER BY lft'); $depth = 0; $last = 1; $o = ''; #Lista foreach ($res as $cat) { #Poziom if ($last > $cat['rgt']) { ++$depth; } elseif ($depth > 0 && $last + 2 != $cat['rgt'] && $last + 1 != $cat['lft']) { $depth -= floor(($cat['lft'] - $last) / 2); } if ($depth < 0) { $depth = 0; } $last = $cat['rgt']; $o .= '<option value="' . $cat['ID'] . '"' . ($id == $cat['ID'] ? ' selected="selected"' : '') . ' style="padding-left: ' . $depth . 'em' . ($cat['access'] == '3' ? '; color: gray' : '') . '">' . $cat['name'] . '</option>'; } return $o; }
} #Info + links $view->info($lang['saved'], array(url('art/' . $id) => sprintf($lang['see'], $art['name']), url($art['cat']) => $lang['goCat'], url('edit/1') => $lang['add1'], url('list/1') => $lang['arts'], url('list/1/' . $art['cat']) => $lang['doCat'])); unset($e, $q, $art, $full); return 1; } catch (Exception $e) { $view->info($e->getMessage()); } } else { if ($id) { $res = $db->query('SELECT * FROM ' . PRE . 'arts WHERE ID=' . $id); $art = $res->fetch(2); //ASSOC $res = null; #Privileges if (!$art || !admit($art['cat'], 'CAT', $art['author'])) { return; } #Get text $res = $db->query('SELECT page,text,opt FROM ' . PRE . 'artstxt WHERE ID=' . $id . ' ORDER BY page'); $full = $res->fetchAll(3); $res = null; if (!$full) { $full = array(array(1, '', 1)); } } else { $art = array('pages' => 1, 'name' => '', 'access' => 1, 'priority' => 2, 'dsc' => '', 'author' => $user['login'], 'cat' => $lastCat); $full = array(array(1, '', 1)); } } #Checkbox
if (isset($cfg['bbcode'])) { try { include './lib/bbcode.php'; $preview = BBCode($preview, 1); } catch (Exception $e) { $error[] = $lang['unclosed']; } } } elseif (isset($_POST['save'])) { if ($type) { #Anty-flood if (isset($_SESSION['post']) && $_SESSION['post'] > time()) { $error[] = $lang['c3']; } #Moderować? + IP $c['access'] = !isset($cfg['moderate']) || IS_EDITOR || admit('CM') ? 1 : 0; $c['IP'] = $_SERVER['REMOTE_ADDR']; $c['UA'] = clean($_SERVER['HTTP_USER_AGENT']); $c['date'] = $_SERVER['REQUEST_TIME']; $c['TYPE'] = $type; $c['CID'] = $id; $c['UID'] = UID; } #If no error, save comment if (!$error) { try { $db->beginTransaction(); if ($type) { $q = $db->prepare('INSERT INTO ' . PRE . 'comms (TYPE,CID,name,access,author,UID,IP,UA,date,text) VALUES (:TYPE,:CID,:name,:access,:author,:UID,:IP,:UA,:date,:text)'); #In case of news
<?php /* Grupy u¿ytkowników */ if (iCMS != 1) { exit; } require LANG_DIR . 'profile.php'; #Tytu³ strony $view->title = $lang['groups']; #Grupy u¿ytkownika $member = UID ? $db->query('SELECT g FROM ' . PRE . 'groupuser WHERE u=' . UID)->fetchAll(7) : array(); #Pobierz $res = $db->query('SELECT ID,name,dsc,num FROM ' . PRE . 'groups WHERE access="1" OR access="' . LANG . '" ORDER BY num DESC, name'); $res->setFetchMode(3); $gro = array(); foreach ($res as $x) { $gro[] = array('title' => $x[1], 'num' => $x[3], 'desc' => nl2br($x[2]), 'member' => in_array($x[0], $member), 'url' => url('group/' . $x[0])); } #Brak if (empty($gro)) { if (admit('G')) { $view->info($lang['noGroup'], array(url('editGroup', '', 'admin') => $lang['addGroup'], url('groups', '', 'admin') => $lang['groups'])); } else { $view->info($lang['noGroup']); } return 1; } #Szablon $view->add('groups', array('groups' => &$gro));
<?php //AJAX requests require './plugins/bugs/lang/' . LANG . '.php'; #Your rights $right = admit('BUGS'); #Bug ID if (isset($_POST['id']) && is_numeric($_POST['id'])) { $id = $_POST['id']; } else { return; } #Vote if ($URL[1] == 'vote' && is_numeric($_POST['v'])) { #Mark and IP $vote = $_POST['v']; $ip = $_SERVER['REMOTE_ADDR'] . (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? ' ' . $_SERVER['HTTP_X_FORWARDED_FOR'] : ''); #Guests if (!UID && !isset($cfg['bugsVote'])) { exit($lang['logtov']); } #Get data $q = $db->prepare('SELECT c.rate FROM ' . PRE . 'bugs b INNER JOIN ' . PRE . 'bugcats c ON b.cat=c.ID WHERE b.ID=?'); $q->bindValue(1, $id, 1); $q->execute(); #Does not exist if (!($bug = $q->fetch(2))) { exit('Issue not found!'); } #Hands try {
#Page title $view->title = $cat['name']; #Category text if ($cat['text'] && isset($cfg['bugsUp'])) { $view->info(nl2br($cat['text'])); } #Page number if (isset($URL[3]) && is_numeric($URL[3]) && $URL[3] > 1) { $page = $URL[3]; $st = ($page - 1) * $cfg['bugsNum']; } else { $page = 1; $st = 0; } #Get issues $res = $db->prepare('SELECT ID,name,num,date,status,level FROM ' . PRE . 'bugs WHERE cat=?' . (admit('BUGS') ? '' : ' AND status!=5') . ' ORDER BY ID DESC LIMIT ?,?'); $res->bindValue(1, $id, 1); $res->bindValue(2, $st, 1); $res->bindValue(3, $cfg['bugsNum'], 1); $res->execute(); $all = array(); $num = 0; foreach ($res as $x) { $all[] = array('id' => $x['ID'], 'title' => $x['name'], 'status' => $x['status'], 'lv' => $x['level'], 'num' => $x['num'], 'url' => url('bugs/' . $x['ID']), 'date' => genDate($x['date'], 1), 'class' => BugIsNew('', $x['date']) ? 'New' : 'Old', 'level' => $lang['L' . $x['level']]); ++$num; } #Pages if (!$num) { $view->info($lang['noc']); } elseif ($cat['num'] > $num) { $pages = pages($page, $cat['num'], $cfg['bugsNum'], url('bugs/list/' . $id), 0, '/');
$sort = 'name'; break; case '4': $sort = 'dls DESC, ID DESC'; break; case '5': $sort = 'rate DESC, ID DESC'; break; default: $sort = 'ID DESC'; } #Odczyt $res = $db->query('SELECT ID,name,date,dsc,file,size FROM ' . PRE . 'files WHERE ' . $cats . ' AND access=1 ORDER BY priority,' . $sort . ' LIMIT ' . $st . ',' . $cfg['np']); $res->setFetchMode(3); $total = 0; $files = array(); $url = url('file/'); #Lista foreach ($res as $file) { $files[] = array('title' => $file[1], 'desc' => $file[3], 'size' => $file[5], 'url' => $url . $file[0], 'num' => ++$st, 'date' => genDate($file[2]), 'file_url' => isset($cfg['fcdl']) ? url('get/' . $file[0]) : $file[4]); ++$total; } #Strony if ($cat['num'] > $total) { $pages = pages($page, $cat['num'], $cfg['np'], url($d), 0, '/'); } else { $pages = null; } #Do szablonu $view->add('cat_files', array('files' => &$files, 'pages' => &$pages, 'add' => admit($d, 'CAT') ? url('edit/2') : null, 'cats' => url(isset($cfg['allCat']) ? 'cats' : 'cats/files'), 'type' => isset($cfg['allCat']) ? $lang['cats'] : $lang['files'])); unset($res, $total, $file);
<?php if (iCMSa != 1 || !admit('M')) { exit; } require './cfg/mail.php'; require LANG_DIR . 'admMail.php'; #Groups and level function Prepare($x) { if (empty($_POST['lv'])) { return ''; } else { return join(',', array_map('intval', $x)); } } #Remote emoticons function RemoteEmots($x) { include './cfg/emots.php'; foreach ($emodata as $e) { $x = str_replace($e[2], '<img src="' . URL . 'img/emo/' . $e[1] . '" title="' . $e[0] . '" alt="' . $e[2] . '" style="border: 0; vertical-align: middle" />', $x); } return $x; } #If E-mail disabled if (!isset($cfg['mailon'])) { $view->info($lang['mailsd']); return 1; } elseif (isset($_POST['txt'])) { #Initialize e-mail library