<div class="warning"><?php
echo CMTX_MSG_DEMO;
?>
</div>
<div style="clear: left;"></div>
<?php
} else {
if (isset($_POST['submit'])) {
cmtx_check_csrf_form_key();
$powered_by = $_POST['powered_by'];
if (isset($_POST['powered_by_new_window'])) {
$powered_by_new_window = 1;
} else {
$powered_by_new_window = 0;
}
$powered_by_san = cmtx_sanitize($powered_by);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$powered_by_san}' WHERE `title` = 'powered_by'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$powered_by_new_window}' WHERE `title` = 'powered_by_new_window'");
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
<div style="clear: left;"></div>
<?php
}
}
?>
<p />
function cmtx_clean_form_defaults()
{
//clean default form field values
global $cmtx_default_name, $cmtx_default_email, $cmtx_default_website, $cmtx_default_town, $cmtx_default_country, $cmtx_default_rating, $cmtx_default_comment;
//globalise variables
//remove " character
$cmtx_default_name = str_replace('"', '', $cmtx_default_name);
$cmtx_default_email = str_replace('"', '', $cmtx_default_email);
$cmtx_default_website = str_replace('"', '', $cmtx_default_website);
$cmtx_default_town = str_replace('"', '', $cmtx_default_town);
$cmtx_default_country = str_replace('"', '', $cmtx_default_country);
$cmtx_default_rating = str_replace('"', '', $cmtx_default_rating);
//remove invalid characters
$cmtx_default_name = preg_replace('/[^\\p{L}&\\-\'. 0-9]/u', '', $cmtx_default_name);
// \p{L} (any kind of letter from any language)
$cmtx_default_email = filter_var($cmtx_default_email, FILTER_SANITIZE_EMAIL);
$cmtx_default_website = cmtx_url_encode_spaces($cmtx_default_website);
$cmtx_default_website = filter_var($cmtx_default_website, FILTER_SANITIZE_URL);
$cmtx_default_town = preg_replace('/[^\\p{L}&\\-\'. ]/u', '', $cmtx_default_town);
$cmtx_default_country = preg_replace('/[^\\p{L}&\\-\'. ]/u', '', $cmtx_default_country);
$cmtx_default_rating = preg_replace('/[^1-5]/', '', $cmtx_default_rating);
//convert to HTML entities
$cmtx_default_name = cmtx_sanitize($cmtx_default_name, true, false);
$cmtx_default_email = cmtx_sanitize($cmtx_default_email, true, false);
$cmtx_default_website = cmtx_sanitize($cmtx_default_website, true, false);
$cmtx_default_town = cmtx_sanitize($cmtx_default_town, true, false);
$cmtx_default_country = cmtx_sanitize($cmtx_default_country, true, false);
$cmtx_default_rating = cmtx_sanitize($cmtx_default_rating, true, false);
$cmtx_default_comment = cmtx_sanitize($cmtx_default_comment, true, false);
}
<div class="warning"><?php
echo CMTX_MSG_DEMO;
?>
</div>
<div style="clear: left;"></div>
<?php
} else {
if (isset($_POST['submit'])) {
cmtx_check_csrf_form_key();
if (isset($_POST['enabled'])) {
$akismet_enabled = 1;
} else {
$akismet_enabled = 0;
}
$akismet_key = $_POST['akismet_key'];
$akismet_key_san = cmtx_sanitize($akismet_key);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$akismet_enabled}' WHERE `title` = 'akismet_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$akismet_key_san}' WHERE `title` = 'akismet_key'");
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
<div style="clear: left;"></div>
<?php
}
}
?>
<p />
echo $cmtx_ratings;
?>
<p />
<label class='edit_comment'><?php
echo CMTX_FIELD_LABEL_COMMENT;
?>
</label> <div style="margin-left:78px; width:650px"> <textarea name="comment" cols="39" rows="6"><?php
echo cmtx_sanitize($comment, true, false);
?>
</textarea> </div>
<p />
<label class='edit_comment'><?php
echo CMTX_FIELD_LABEL_ADMIN;
?>
</label> <div style="margin-left:78px; width:650px"> <textarea name="reply" cols="39" rows="6"><?php
echo cmtx_sanitize($reply, true, false);
?>
</textarea> </div>
<br /><hr class="separator"/><br />
<label class='edit_comment'><?php
echo CMTX_FIELD_LABEL_PAGE;
?>
</label> <select name="page_id">
<?php
$pages = cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "pages` ORDER BY `id` ASC");
while ($page = cmtx_db_fetch_assoc($pages)) {
?>
<option value='<?php
echo $page['id'];
?>
</div>
<div style="clear: left;"></div>
<?php
} else {
if (isset($_POST['submit'])) {
cmtx_check_csrf_form_key();
$subscriber_confirmation_subject = $_POST['subscriber_confirmation_subject'];
$subscriber_confirmation_from_name = $_POST['subscriber_confirmation_from_name'];
$subscriber_confirmation_from_email = $_POST['subscriber_confirmation_from_email'];
$subscriber_confirmation_reply_to = $_POST['subscriber_confirmation_reply_to'];
$email_content = $_POST['email_content'];
$subscriber_confirmation_subject_san = cmtx_sanitize($subscriber_confirmation_subject);
$subscriber_confirmation_from_name_san = cmtx_sanitize($subscriber_confirmation_from_name);
$subscriber_confirmation_from_email_san = cmtx_sanitize($subscriber_confirmation_from_email);
$subscriber_confirmation_reply_to_san = cmtx_sanitize($subscriber_confirmation_reply_to);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$subscriber_confirmation_subject_san}' WHERE `title` = 'subscriber_confirmation_subject'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$subscriber_confirmation_from_name_san}' WHERE `title` = 'subscriber_confirmation_from_name'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$subscriber_confirmation_from_email_san}' WHERE `title` = 'subscriber_confirmation_from_email'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$subscriber_confirmation_reply_to_san}' WHERE `title` = 'subscriber_confirmation_reply_to'");
$file = '../includes/emails/' . cmtx_setting('language_frontend') . '/user/custom/subscriber_confirmation.txt';
$handle = fopen($file, 'w');
fputs($handle, $email_content);
fclose($handle);
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
<div style="clear: left;"></div>
<?php
?>
</div>
<div style="clear: left;"></div>
<?php
} else {
if (isset($_POST['submit'])) {
cmtx_check_csrf_form_key();
$subscriber_notification_reply_subject = $_POST['subscriber_notification_reply_subject'];
$subscriber_notification_reply_from_name = $_POST['subscriber_notification_reply_from_name'];
$subscriber_notification_reply_from_email = $_POST['subscriber_notification_reply_from_email'];
$subscriber_notification_reply_reply_to = $_POST['subscriber_notification_reply_reply_to'];
$email_content = $_POST['email_content'];
$subscriber_notification_reply_subject_san = cmtx_sanitize($subscriber_notification_reply_subject);
$subscriber_notification_reply_from_name_san = cmtx_sanitize($subscriber_notification_reply_from_name);
$subscriber_notification_reply_from_email_san = cmtx_sanitize($subscriber_notification_reply_from_email);
$subscriber_notification_reply_reply_to_san = cmtx_sanitize($subscriber_notification_reply_reply_to);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$subscriber_notification_reply_subject_san}' WHERE `title` = 'subscriber_notification_reply_subject'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$subscriber_notification_reply_from_name_san}' WHERE `title` = 'subscriber_notification_reply_from_name'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$subscriber_notification_reply_from_email_san}' WHERE `title` = 'subscriber_notification_reply_from_email'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$subscriber_notification_reply_reply_to_san}' WHERE `title` = 'subscriber_notification_reply_reply_to'");
$file = '../includes/emails/' . cmtx_setting('language_frontend') . '/user/custom/subscriber_notification_reply.txt';
$handle = fopen($file, 'w');
fputs($handle, $email_content);
fclose($handle);
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
<div style="clear: left;"></div>
<?php
<div class="warning"><?php
echo CMTX_MSG_DEMO;
?>
</div>
<div style="clear: left;"></div>
<?php
} else {
if (isset($_POST['bulk_delete']) && isset($_POST['bulk'])) {
cmtx_check_csrf_form_key();
$items = $_POST['bulk'];
$count = count($items);
$success = 0;
$failure = 0;
for ($i = 0; $i < $count; $i++) {
$id = $items[$i];
$id = cmtx_sanitize($id);
if (cmtx_db_num_rows(cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "admins` WHERE `is_super` = '1' AND `id` = '{$id}'"))) {
$failure++;
} else {
cmtx_db_query("DELETE FROM `" . $cmtx_mysql_table_prefix . "admins` WHERE `id` = '{$id}'");
$success++;
}
}
if ($success == 1) {
?>
<div class="success"><?php
echo CMTX_MSG_ADMIN_BULK_DELETED;
?>
</div><?php
}
if ($success > 1) {
echo CMTX_MSG_DEMO;
?>
</div>
<div style="clear: left;"></div>
<?php
} else {
if (isset($_POST['submit'])) {
cmtx_check_csrf_form_key();
$sort_order_fields = $_POST['sort_order_fields'];
$sort_order_captchas = $_POST['sort_order_captchas'];
$sort_order_checkboxes = $_POST['sort_order_checkboxes'];
$sort_order_buttons = $_POST['sort_order_buttons'];
$sort_order_fields_san = cmtx_sanitize($sort_order_fields);
$sort_order_captchas_san = cmtx_sanitize($sort_order_captchas);
$sort_order_checkboxes_san = cmtx_sanitize($sort_order_checkboxes);
$sort_order_buttons_san = cmtx_sanitize($sort_order_buttons);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$sort_order_fields_san}' WHERE `title` = 'sort_order_fields'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$sort_order_captchas_san}' WHERE `title` = 'sort_order_captchas'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$sort_order_checkboxes_san}' WHERE `title` = 'sort_order_checkboxes'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$sort_order_buttons_san}' WHERE `title` = 'sort_order_buttons'");
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
<div style="clear: left;"></div>
<?php
}
}
?>
cmtx_error_reporting('includes/logs/errors.log');
/* Time Zone */
cmtx_set_time_zone(cmtx_setting('time_zone'));
$ip_address = cmtx_get_ip_address();
//get user's IP address
if (isset($_POST['id']) && isset($_POST['rating'])) {
$id = $_POST['id'];
if (!ctype_digit($id)) {
die;
}
$id = cmtx_sanitize($id, true, true);
$rating = $_POST['rating'];
if (!preg_match('/[1-5]/', $rating)) {
die;
}
$rating = cmtx_sanitize($rating, true, true);
//check if page exists
$query = cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "pages` WHERE `id` = '{$id}'");
$count = cmtx_db_num_rows($query);
if ($count == 0) {
echo CMTX_RATE_NO_PAGE;
return;
}
//check if user has already rated as a poster
$query = cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "comments` WHERE `page_id` = '{$id}' AND `ip_address` = '{$ip_address}' AND `rating` != '0'");
$count = cmtx_db_num_rows($query);
if ($count > 0) {
echo CMTX_RATE_ALREADY_RATED;
return;
}
//check if user has already rated as a guest
function cmtx_add_viewer()
{
//add viewer to database
global $cmtx_mysql_table_prefix, $cmtx_reference, $cmtx_url, $cmtx_is_admin;
//globalise variables
cmtx_unban_viewer();
//unban viewer if requested by admin
if (cmtx_setting('viewers_enabled') && !$cmtx_is_admin) {
//if viewers feature is enabled and viewer is not admin
$ip_address = cmtx_get_ip_address();
$user_agent = cmtx_get_user_agent();
$page_reference = cmtx_sanitize($cmtx_reference, true, true);
$page_url = cmtx_sanitize($cmtx_url, true, true);
$timestamp = time();
$timeout = $timestamp - cmtx_setting('viewers_timeout');
cmtx_db_query("DELETE FROM `" . $cmtx_mysql_table_prefix . "viewers` WHERE `timestamp` < '{$timeout}'");
cmtx_db_query("DELETE FROM `" . $cmtx_mysql_table_prefix . "viewers` WHERE `ip_address` = '{$ip_address}'");
cmtx_db_query("INSERT INTO `" . $cmtx_mysql_table_prefix . "viewers` (`user_agent`, `ip_address`, `page_reference`, `page_url`, `timestamp`) VALUES ('{$user_agent}', '{$ip_address}', '{$page_reference}', '{$page_url}', '{$timestamp}')");
}
}
<?php
if (isset($_POST['submit']) && cmtx_setting('is_demo')) {
?>
<div class="warning"><?php
echo CMTX_MSG_DEMO;
?>
</div>
<div style="clear: left;"></div>
<?php
} else {
if (isset($_POST['submit'])) {
cmtx_check_csrf_form_key();
$language_frontend = $_POST['language_frontend'];
$language_backend = $_POST['language_backend'];
$language_frontend_san = cmtx_sanitize($language_frontend);
$language_backend_san = cmtx_sanitize($language_backend);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$language_frontend_san}' WHERE `title` = 'language_frontend'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$language_backend_san}' WHERE `title` = 'language_backend'");
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
<div style="clear: left;"></div>
<?php
}
}
?>
<p />
?>
</div>
<div style="clear: left;"></div>
<?php
} else {
if (isset($_POST['submit'])) {
cmtx_check_csrf_form_key();
$admin_new_ban_subject = $_POST['admin_new_ban_subject'];
$admin_new_ban_from_name = $_POST['admin_new_ban_from_name'];
$admin_new_ban_from_email = $_POST['admin_new_ban_from_email'];
$admin_new_ban_reply_to = $_POST['admin_new_ban_reply_to'];
$email_content = $_POST['email_content'];
$admin_new_ban_subject_san = cmtx_sanitize($admin_new_ban_subject);
$admin_new_ban_from_name_san = cmtx_sanitize($admin_new_ban_from_name);
$admin_new_ban_from_email_san = cmtx_sanitize($admin_new_ban_from_email);
$admin_new_ban_reply_to_san = cmtx_sanitize($admin_new_ban_reply_to);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_new_ban_subject_san}' WHERE `title` = 'admin_new_ban_subject'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_new_ban_from_name_san}' WHERE `title` = 'admin_new_ban_from_name'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_new_ban_from_email_san}' WHERE `title` = 'admin_new_ban_from_email'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_new_ban_reply_to_san}' WHERE `title` = 'admin_new_ban_reply_to'");
$file = '../includes/emails/' . cmtx_setting('language_frontend') . '/admin/custom/new_ban.txt';
$handle = fopen($file, 'w');
fputs($handle, $email_content);
fclose($handle);
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
<div style="clear: left;"></div>
<?php
$default_notify = 1;
} else {
$default_notify = 0;
}
if (isset($_POST['default_remember'])) {
$default_remember = 1;
} else {
$default_remember = 0;
}
$default_name_san = cmtx_sanitize($default_name);
$default_email_san = cmtx_sanitize($default_email);
$default_website_san = cmtx_sanitize($default_website);
$default_town_san = cmtx_sanitize($default_town);
$default_country_san = cmtx_sanitize($default_country);
$default_rating_san = cmtx_sanitize($default_rating);
$default_comment_san = cmtx_sanitize($default_comment);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$default_name_san}' WHERE `title` = 'default_name'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$default_email_san}' WHERE `title` = 'default_email'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$default_website_san}' WHERE `title` = 'default_website'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$default_town_san}' WHERE `title` = 'default_town'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$default_country_san}' WHERE `title` = 'default_country'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$default_rating_san}' WHERE `title` = 'default_rating'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$default_comment_san}' WHERE `title` = 'default_comment'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$default_notify}' WHERE `title` = 'default_notify'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$default_remember}' WHERE `title` = 'default_remember'");
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
<div style="clear: left;"></div>
?>
</div>
<div style="clear: left;"></div>
<?php
} else {
if (isset($_POST['submit'])) {
cmtx_check_csrf_form_key();
$admin_new_comment_okay_subject = $_POST['admin_new_comment_okay_subject'];
$admin_new_comment_okay_from_name = $_POST['admin_new_comment_okay_from_name'];
$admin_new_comment_okay_from_email = $_POST['admin_new_comment_okay_from_email'];
$admin_new_comment_okay_reply_to = $_POST['admin_new_comment_okay_reply_to'];
$email_content = $_POST['email_content'];
$admin_new_comment_okay_subject_san = cmtx_sanitize($admin_new_comment_okay_subject);
$admin_new_comment_okay_from_name_san = cmtx_sanitize($admin_new_comment_okay_from_name);
$admin_new_comment_okay_from_email_san = cmtx_sanitize($admin_new_comment_okay_from_email);
$admin_new_comment_okay_reply_to_san = cmtx_sanitize($admin_new_comment_okay_reply_to);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_new_comment_okay_subject_san}' WHERE `title` = 'admin_new_comment_okay_subject'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_new_comment_okay_from_name_san}' WHERE `title` = 'admin_new_comment_okay_from_name'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_new_comment_okay_from_email_san}' WHERE `title` = 'admin_new_comment_okay_from_email'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_new_comment_okay_reply_to_san}' WHERE `title` = 'admin_new_comment_okay_reply_to'");
$file = '../includes/emails/' . cmtx_setting('language_frontend') . '/admin/custom/new_comment_okay.txt';
$handle = fopen($file, 'w');
fputs($handle, $email_content);
fclose($handle);
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
<div style="clear: left;"></div>
<?php
$rss_image_enabled = 1;
} else {
$rss_image_enabled = 0;
}
$rss_image_url = $_POST['rss_image_url'];
$rss_image_width = $_POST['rss_image_width'];
$rss_image_height = $_POST['rss_image_height'];
if (isset($_POST['rss_most_recent_enabled'])) {
$rss_most_recent_enabled = 1;
} else {
$rss_most_recent_enabled = 0;
}
$rss_most_recent_amount = $_POST['rss_most_recent_amount'];
$rss_title_san = cmtx_sanitize($rss_title);
$rss_link_san = cmtx_sanitize($rss_link);
$rss_image_url_san = cmtx_sanitize($rss_image_url);
$rss_image_width_san = (int) $rss_image_width;
$rss_image_height_san = (int) $rss_image_height;
$rss_most_recent_amount_san = (int) $rss_most_recent_amount;
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$show_rss}' WHERE `title` = 'show_rss'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rss_title_san}' WHERE `title` = 'rss_title'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rss_link_san}' WHERE `title` = 'rss_link'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rss_image_enabled}' WHERE `title` = 'rss_image_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rss_image_url_san}' WHERE `title` = 'rss_image_url'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rss_image_width_san}' WHERE `title` = 'rss_image_width'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rss_image_height_san}' WHERE `title` = 'rss_image_height'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rss_most_recent_enabled}' WHERE `title` = 'rss_most_recent_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rss_most_recent_amount_san}' WHERE `title` = 'rss_most_recent_amount'");
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "bans` SET `ip_address` = '{$ip_address_san}' WHERE `id` = '{$id_san}'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "bans` SET `reason` = '{$reason_san}' WHERE `id` = '{$id_san}'");
?>
<div class="success"><?php
echo CMTX_MSG_BAN_UPDATED;
?>
</div>
<div style="clear: left;"></div>
<?php
}
}
?>
<?php
$id = $_GET['id'];
$id_san = cmtx_sanitize($id);
$ban_query = cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "bans` WHERE `id` = '{$id_san}'");
$ban_result = cmtx_db_fetch_assoc($ban_query);
$ip_address = $ban_result["ip_address"];
$reason = $ban_result["reason"];
$time = cmtx_format_date(date(CMTX_TIME_FORMAT, strtotime($ban_result["dated"])));
$date = cmtx_format_date(date(CMTX_DATE_FORMAT, strtotime($ban_result["dated"])));
?>
<p />
<form name="edit_ban" id="edit_ban" action="index.php?page=edit_ban&id=<?php
echo $id;
?>
" method="post">
<label class='edit_ban'><?php
<div class="warning"><?php
echo CMTX_MSG_DEMO;
?>
</div>
<div style="clear: left;"></div>
<?php
} else {
if (isset($_POST['submit'])) {
cmtx_check_csrf_form_key();
if (isset($_POST['rich_snippets'])) {
$rich_snippets = 1;
} else {
$rich_snippets = 0;
}
$rich_snippets_markup = $_POST['rich_snippets_markups'];
$rich_snippets_markup_san = cmtx_sanitize($rich_snippets_markup);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rich_snippets}' WHERE `title` = 'rich_snippets'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$rich_snippets_markup_san}' WHERE `title` = 'rich_snippets_markup'");
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
<div style="clear: left;"></div>
<?php
}
}
?>
<p />
$reset_password_email_file = $cmtx_path . 'includes/emails/' . cmtx_setting('language_frontend') . '/admin/reset_password.txt';
//build path to reset password email file
}
$body = file_get_contents($reset_password_email_file);
//get the file's contents
$admin_link = cmtx_url_encode_spaces(cmtx_setting('commentics_url') . cmtx_setting('admin_folder')) . '/';
//build admin panel link
//convert email variables with actual variables
$body = str_ireplace('[username]', $username, $body);
$body = str_ireplace('[password]', $password, $body);
$body = str_ireplace('[admin link]', $admin_link, $body);
$body = str_ireplace('[signature]', cmtx_setting('signature'), $body);
//send email
cmtx_email($email, null, cmtx_setting('admin_reset_password_subject'), $body, cmtx_setting('admin_reset_password_from_email'), cmtx_setting('admin_reset_password_from_name'), cmtx_setting('admin_reset_password_reply_to'));
$password = md5($password);
$password = cmtx_sanitize($password);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "admins` SET `password` = '{$password}' WHERE `email` = '{$email}'");
echo '<span class="positive">' . CMTX_RESET_SENT . '</span>';
}
} else {
echo '<span class="negative">' . CMTX_RESET_ADDR . '</span>';
}
}
}
?>
</div>
<div style="text-align:center; margin-top:10px;">
<span class="login_link"><a href="index.php" title="<?php
echo CMTX_RESET_LOGIN;
?>
"><?php
}
if (isset($_POST['display_parsing'])) {
$display_parsing = 1;
} else {
$display_parsing = 0;
}
$limit_comments = $_POST['limit_comments'];
$admin_cookie_days = $_POST['admin_cookie_days'];
$site_name_san = cmtx_sanitize($site_name);
$time_zone_san = cmtx_sanitize($time_zone);
$site_domain_san = cmtx_sanitize($site_domain);
$site_url_san = cmtx_sanitize($site_url);
$commentics_folder_san = cmtx_sanitize($commentics_folder);
$commentics_url_san = cmtx_sanitize($commentics_url);
$admin_folder_san = cmtx_sanitize($admin_folder);
$mysqldump_path_san = cmtx_sanitize($mysqldump_path);
$limit_comments_san = (int) $limit_comments;
$admin_cookie_days_san = (int) $admin_cookie_days;
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$site_name_san}' WHERE `title` = 'site_name'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$time_zone_san}' WHERE `title` = 'time_zone'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$site_domain_san}' WHERE `title` = 'site_domain'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$site_url_san}' WHERE `title` = 'site_url'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$commentics_folder_san}' WHERE `title` = 'commentics_folder'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$commentics_url_san}' WHERE `title` = 'commentics_url'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_folder_san}' WHERE `title` = 'admin_folder'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$mysqldump_path_san}' WHERE `title` = 'mysqldump_path'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$enabled_wysiwyg}' WHERE `title` = 'enabled_wysiwyg'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$display_parsing}' WHERE `title` = 'display_parsing'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$limit_comments_san}' WHERE `title` = 'limit_comments'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_cookie_days_san}' WHERE `title` = 'admin_cookie_days'");
?>
if (isset($_POST['dummy_names_enabled'])) {
$dummy_names_enabled = 1;
} else {
$dummy_names_enabled = 0;
}
$dummy_names_action = $_POST['dummy_names_action'];
if (isset($_POST['banned_names_enabled'])) {
$banned_names_enabled = 1;
} else {
$banned_names_enabled = 0;
}
$banned_names_action = $_POST['banned_names_action'];
$link_in_name_action_san = cmtx_sanitize($link_in_name_action);
$reserved_names_action_san = cmtx_sanitize($reserved_names_action);
$dummy_names_action_san = cmtx_sanitize($dummy_names_action);
$banned_names_action_san = cmtx_sanitize($banned_names_action);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$one_name_enabled}' WHERE `title` = 'one_name_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$fix_name_enabled}' WHERE `title` = 'fix_name_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$detect_link_in_name_enabled}' WHERE `title` = 'detect_link_in_name_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$link_in_name_action_san}' WHERE `title` = 'link_in_name_action'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$reserved_names_enabled}' WHERE `title` = 'reserved_names_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$reserved_names_action_san}' WHERE `title` = 'reserved_names_action'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$dummy_names_enabled}' WHERE `title` = 'dummy_names_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$dummy_names_action_san}' WHERE `title` = 'dummy_names_action'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$banned_names_enabled}' WHERE `title` = 'banned_names_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$banned_names_action_san}' WHERE `title` = 'banned_names_action'");
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
if (isset($_POST['dummy_towns_enabled'])) {
$dummy_towns_enabled = 1;
} else {
$dummy_towns_enabled = 0;
}
$dummy_towns_action = $_POST['dummy_towns_action'];
if (isset($_POST['banned_towns_enabled'])) {
$banned_towns_enabled = 1;
} else {
$banned_towns_enabled = 0;
}
$banned_towns_action = $_POST['banned_towns_action'];
$link_in_town_action_san = cmtx_sanitize($link_in_town_action);
$reserved_towns_action_san = cmtx_sanitize($reserved_towns_action);
$dummy_towns_action_san = cmtx_sanitize($dummy_towns_action);
$banned_towns_action_san = cmtx_sanitize($banned_towns_action);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$fix_town_enabled}' WHERE `title` = 'fix_town_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$detect_link_in_town_enabled}' WHERE `title` = 'detect_link_in_town_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$link_in_town_action_san}' WHERE `title` = 'link_in_town_action'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$reserved_towns_enabled}' WHERE `title` = 'reserved_towns_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$reserved_towns_action_san}' WHERE `title` = 'reserved_towns_action'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$dummy_towns_enabled}' WHERE `title` = 'dummy_towns_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$dummy_towns_action_san}' WHERE `title` = 'dummy_towns_action'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$banned_towns_enabled}' WHERE `title` = 'banned_towns_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$banned_towns_action_san}' WHERE `title` = 'banned_towns_action'");
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
<div style="clear: left;"></div>
$reserved_emails_action = $_POST['reserved_emails_action'];
if (isset($_POST['dummy_emails_enabled'])) {
$dummy_emails_enabled = 1;
} else {
$dummy_emails_enabled = 0;
}
$dummy_emails_action = $_POST['dummy_emails_action'];
if (isset($_POST['banned_emails_enabled'])) {
$banned_emails_enabled = 1;
} else {
$banned_emails_enabled = 0;
}
$banned_emails_action = $_POST['banned_emails_action'];
$reserved_emails_action_san = cmtx_sanitize($reserved_emails_action);
$dummy_emails_action_san = cmtx_sanitize($dummy_emails_action);
$banned_emails_action_san = cmtx_sanitize($banned_emails_action);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$reserved_emails_enabled}' WHERE `title` = 'reserved_emails_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$reserved_emails_action_san}' WHERE `title` = 'reserved_emails_action'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$dummy_emails_enabled}' WHERE `title` = 'dummy_emails_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$dummy_emails_action_san}' WHERE `title` = 'dummy_emails_action'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$banned_emails_enabled}' WHERE `title` = 'banned_emails_enabled'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$banned_emails_action_san}' WHERE `title` = 'banned_emails_action'");
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
<div style="clear: left;"></div>
<?php
}
}
}
if (isset($_POST['receive_email_new_comment_okay'])) {
$receive_email_new_comment_okay = 1;
} else {
$receive_email_new_comment_okay = 0;
}
if (isset($_POST['receive_email_new_flag'])) {
$receive_email_new_flag = 1;
} else {
$receive_email_new_flag = 0;
}
$username_san = cmtx_sanitize($username);
if (!empty($_POST['password_1'])) {
$password_san = cmtx_sanitize($password);
}
$email_san = cmtx_sanitize($email);
if (cmtx_db_num_rows(cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "admins` WHERE `username` = '{$username_san}' AND `id` != '{$admin_id}'"))) {
?>
<div class="error"><?php
echo CMTX_MSG_ADMIN_EXISTS;
?>
</div>
<div style="clear: left;"></div>
<?php
} else {
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "admins` SET `username` = '{$username_san}' WHERE `id` = '{$admin_id}'");
if (!empty($_POST['password_1'])) {
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "admins` SET `password` = '{$password_san}' WHERE `id` = '{$admin_id}'");
}
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "admins` SET `email` = '{$email_san}' WHERE `id` = '{$admin_id}'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "admins` SET `receive_email_new_ban` = '{$receive_email_new_ban}' WHERE `id` = '{$admin_id}'");
} else {
if (cmtx_approval_needed()) {
//if approval needed
if (!cmtx_page_exists()) {
//if page does not exist
cmtx_create_page();
//create it now
}
if (cmtx_setting('approve_comments')) {
//if approving all comments
$cmtx_approve_reason = CMTX_APPROVE_REASON_ALL;
} else {
$cmtx_approve_reason = substr_replace($cmtx_approve_reason, "", -2);
//remove ending line break
}
$cmtx_approve_reason = cmtx_sanitize($cmtx_approve_reason, true, true);
//sanitize approve reason
//insert user's comment into 'comments' database table
cmtx_db_query("INSERT INTO `" . $cmtx_mysql_table_prefix . "comments` (`name`, `email`, `website`, `town`, `country`, `rating`, `reply_to`, `comment`, `reply`, `ip_address`, `page_id`, `is_approved`, `approval_reasoning`, `is_admin`, `is_sent`, `sent_to`, `likes`, `dislikes`, `is_sticky`, `is_locked`, `is_verified`, `dated`) VALUES ('{$cmtx_name}', '{$cmtx_email}', '{$cmtx_website}', '{$cmtx_town}', '{$cmtx_country}', '{$cmtx_rating}', '{$cmtx_reply_to}', '{$cmtx_comment}', '', '{$cmtx_ip_address}', '{$cmtx_page_id}', 0, '{$cmtx_approve_reason}', '{$cmtx_is_admin}', 0, 0, 0, 0, 0, 0, 0, NOW())");
$cmtx_comment_id = cmtx_db_insert_id();
//get the ID of the comment
//build the approval box
$cmtx_box = "<div class='cmtx_approval_box'>";
$cmtx_box .= "<div class='cmtx_approval_message_line_1'>";
$cmtx_box .= CMTX_APPROVAL_OPENING;
$cmtx_box .= "</div>";
$cmtx_box .= "<div class='cmtx_approval_message_line_2'>";
$cmtx_box .= CMTX_APPROVAL_TEXT;
$cmtx_box .= "</div>";
$cmtx_box .= "</div>";
$cmtx_box .= "<div style='clear: left;'></div>";
curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_USERAGENT, 'Commentics');
curl_setopt($ch, CURLOPT_URL, $news_url);
$news = curl_exec($ch);
curl_close($ch);
} else {
if ((bool) ini_get('allow_url_fopen')) {
//if allow_url_fopen is available
$news = file_get_contents($news_url);
}
}
$news = cmtx_sanitize($news, true, false);
echo nl2br($news);
}
?>
</div>
</div>
<div class="dashboard_block">
<div class="dashboard_title"><?php
echo CMTX_DASH_QUICK_LINKS;
?>
</div>
<div class="dashboard_content">
<?php
$pages = cmtx_db_query("SELECT `page`, COUNT(*) AS `frequency` FROM `" . $cmtx_mysql_table_prefix . "access` WHERE `page` != 'dashboard' AND `page` != 'spam' AND `page` NOT LIKE 'edit%' GROUP BY `page` ORDER BY `frequency` DESC LIMIT 5");
if (cmtx_db_num_rows($pages) != 5) {
?>
</div>
<div style="clear: left;"></div>
<?php
} else {
if (isset($_POST['submit'])) {
cmtx_check_csrf_form_key();
$admin_email_test_subject = $_POST['admin_email_test_subject'];
$admin_email_test_from_name = $_POST['admin_email_test_from_name'];
$admin_email_test_from_email = $_POST['admin_email_test_from_email'];
$admin_email_test_reply_to = $_POST['admin_email_test_reply_to'];
$email_content = $_POST['email_content'];
$admin_email_test_subject_san = cmtx_sanitize($admin_email_test_subject);
$admin_email_test_from_name_san = cmtx_sanitize($admin_email_test_from_name);
$admin_email_test_from_email_san = cmtx_sanitize($admin_email_test_from_email);
$admin_email_test_reply_to_san = cmtx_sanitize($admin_email_test_reply_to);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_email_test_subject_san}' WHERE `title` = 'admin_email_test_subject'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_email_test_from_name_san}' WHERE `title` = 'admin_email_test_from_name'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_email_test_from_email_san}' WHERE `title` = 'admin_email_test_from_email'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$admin_email_test_reply_to_san}' WHERE `title` = 'admin_email_test_reply_to'");
$file = '../includes/emails/' . cmtx_setting('language_frontend') . '/admin/custom/email_test.txt';
$handle = fopen($file, 'w');
fputs($handle, $email_content);
fclose($handle);
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
<div style="clear: left;"></div>
<?php
?>
<div class="warning"><?php
echo CMTX_MSG_DEMO;
?>
</div>
<div style="clear: left;"></div>
<?php
} else {
if (isset($_POST['submit'])) {
cmtx_check_csrf_form_key();
$setup_from_name = $_POST['setup_from_name'];
$setup_from_email = $_POST['setup_from_email'];
$setup_reply_to = $_POST['setup_reply_to'];
$setup_from_name_san = cmtx_sanitize($setup_from_name);
$setup_from_email_san = cmtx_sanitize($setup_from_email);
$setup_reply_to_san = cmtx_sanitize($setup_reply_to);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_name_san}' WHERE `title` = 'setup_from_name'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_email_san}' WHERE `title` = 'setup_from_email'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_reply_to_san}' WHERE `title` = 'setup_reply_to'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_name_san}' WHERE `title` = 'subscriber_confirmation_from_name'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_email_san}' WHERE `title` = 'subscriber_confirmation_from_email'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_reply_to_san}' WHERE `title` = 'subscriber_confirmation_reply_to'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_name_san}' WHERE `title` = 'subscriber_notification_admin_from_name'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_email_san}' WHERE `title` = 'subscriber_notification_admin_from_email'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_reply_to_san}' WHERE `title` = 'subscriber_notification_admin_reply_to'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_name_san}' WHERE `title` = 'subscriber_notification_basic_from_name'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_email_san}' WHERE `title` = 'subscriber_notification_basic_from_email'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_reply_to_san}' WHERE `title` = 'subscriber_notification_basic_reply_to'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_name_san}' WHERE `title` = 'subscriber_notification_reply_from_name'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_from_email_san}' WHERE `title` = 'subscriber_notification_reply_from_email'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$setup_reply_to_san}' WHERE `title` = 'subscriber_notification_reply_reply_to'");
} else {
if (isset($_POST['submit'])) {
cmtx_check_csrf_form_key();
if (isset($_POST['enabled'])) {
$captcha_type = 'recaptcha';
} else {
$captcha_type = 'securimage';
}
$recaptcha_public_key = $_POST['recaptcha_public_key'];
$recaptcha_private_key = $_POST['recaptcha_private_key'];
$recaptcha_theme = $_POST['recaptcha_themes'];
$recaptcha_language = $_POST['recaptcha_languages'];
$recaptcha_public_key_san = cmtx_sanitize($recaptcha_public_key);
$recaptcha_private_key_san = cmtx_sanitize($recaptcha_private_key);
$recaptcha_theme_san = cmtx_sanitize($recaptcha_theme);
$recaptcha_language_san = cmtx_sanitize($recaptcha_language);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$captcha_type}' WHERE `title` = 'captcha_type'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$recaptcha_public_key_san}' WHERE `title` = 'recaptcha_public_key'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$recaptcha_private_key_san}' WHERE `title` = 'recaptcha_private_key'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$recaptcha_theme_san}' WHERE `title` = 'recaptcha_theme'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$recaptcha_language_san}' WHERE `title` = 'recaptcha_language'");
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
<div style="clear: left;"></div>
<?php
}
}
?>
if (isset($_POST['submit'])) {
cmtx_check_csrf_form_key();
$transport_method = $_POST['transport_method'];
$smtp_host = $_POST['smtp_host'];
$smtp_port = $_POST['smtp_port'];
$smtp_encrypt = $_POST['smtp_encrypt'];
$smtp_username = $_POST['smtp_username'];
$smtp_password = $_POST['smtp_password'];
$sendmail_path = $_POST['sendmail_path'];
$transport_method_san = cmtx_sanitize($transport_method);
$smtp_host_san = cmtx_sanitize($smtp_host);
$smtp_port_san = (int) $smtp_port;
$smtp_encrypt_san = cmtx_sanitize($smtp_encrypt);
$smtp_username_san = cmtx_sanitize($smtp_username);
$smtp_password_san = cmtx_sanitize($smtp_password);
$sendmail_path_san = cmtx_sanitize($sendmail_path);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$transport_method_san}' WHERE `title` = 'transport_method'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$smtp_host_san}' WHERE `title` = 'smtp_host'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$smtp_port_san}' WHERE `title` = 'smtp_port'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$smtp_encrypt_san}' WHERE `title` = 'smtp_encrypt'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$smtp_username_san}' WHERE `title` = 'smtp_username'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$smtp_password_san}' WHERE `title` = 'smtp_password'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$sendmail_path_san}' WHERE `title` = 'sendmail_path'");
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
<div style="clear: left;"></div>
<?php
}
<div class="warning"><?php
echo CMTX_MSG_DEMO;
?>
</div>
<div style="clear: left;"></div>
<?php
} else {
if (isset($_POST['submit'])) {
cmtx_check_csrf_form_key();
if (isset($_POST['enabled'])) {
$maintenance_mode = 1;
} else {
$maintenance_mode = 0;
}
$maintenance_message = $_POST['message'];
$maintenance_message_san = cmtx_sanitize($maintenance_message);
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$maintenance_mode}' WHERE `title` = 'maintenance_mode'");
cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "settings` SET `value` = '{$maintenance_message_san}' WHERE `title` = 'maintenance_message'");
?>
<div class="success"><?php
echo CMTX_MSG_SAVED;
?>
</div>
<div style="clear: left;"></div>
<?php
}
}
?>
<p />
