}
URL::redirect(URL::admin('messages'));
} else {
if (isset($_GET['del']) && isset($_POST['confirm'])) {
$db->sql_query('DELETE FROM ' . $prefix . '_message WHERE mid=' . intval($_GET['del']));
$db->optimize_table($prefix . '_message');
URL::redirect(URL::admin('messages'));
}
}
require_once 'header.php';
GraphicAdmin('_AMENU3');
if (isset($_GET['del'])) {
if (isset($_POST['cancel'])) {
URL::redirect(URL::admin('messages'));
}
cpg_delete_msg(URL::admin('&del=' . intval($_GET['del'])), _REMOVEMSG);
} else {
if (isset($_GET['edit'])) {
OpenTable();
$id = intval($_GET['edit']);
$result = $db->sql_query('SELECT title, content, date, expire, active, view, mlanguage FROM ' . $prefix . '_message WHERE mid=' . $id);
$row = $db->sql_fetchrow($result);
echo '<div style="text-align:center;" class="option">' . _EDITMSG . '</div>' . '<form name="edit_message" action="' . URL::admin('messages&save=' . $id) . '" method="post" enctype="multipart/form-data" accept-charset="utf-8">' . '<br /><strong>' . _MESSAGETITLE . '</strong><br />' . '<input type="text" name="title" value="' . htmlprepare($row['title']) . '" size="50" maxlength="100" /><br /><br />' . '<strong>' . _MESSAGECONTENT . '</strong><br />' . bbcode_table('content', 'edit_message', 1) . '<div style="float:left;"><textarea name="content" rows="15" wrap="virtual" cols="63" onselect="storeCaret(this);" onclick="storeCaret(this);" onkeyup="storeCaret(this);" onchange="storeCaret(this);">' . htmlprepare($row['content']) . '</textarea></div>
<div style="float:left; margin-left:5px;">' . smilies_table('inline', 'content', 'edit_message') . '</div><br /><br />';
if ($MAIN_CFG['global']['multilingual']) {
echo '<strong>' . _LANGUAGE . '</strong> ' . lang_selectbox($row['mlanguage'], 'language') . '<br /><br />';
} else {
echo '<input type="hidden" name="language" value="" />';
}
echo "<strong>" . _EXPIRATION . '</strong> ' . select_box('expire', $row['expire'], array(86400 => '1 ' . _DAY, 172800 => '2 ' . _DAYS, 432000 => '5 ' . _DAYS, 1296000 => '15 ' . _DAYS, 2592000 => '30 ' . _DAYS, 0 => _UNLIMITED)) . '<br /><br />' . '<strong>' . _ACTIVATE2 . '</strong> ' . yesno_option('active', $row['active']);
if ($row['active']) {
// Delete PM's
if (isset($mark_list) && !is_array($mark_list)) {
// Set to empty array instead of '0' if nothing is selected.
$mark_list = array();
}
if (!$confirm) {
$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
$s_hidden_fields .= isset($_POST['delete']) ? '<input type="hidden" name="delete" value="true" />' : '<input type="hidden" name="deleteall" value="true" />';
for ($i = 0; $i < count($mark_list); $i++) {
$s_hidden_fields .= '<input type="hidden" name="mark[]" value="' . intval($mark_list[$i]) . '" />';
}
//
// Output confirmation page
//
$pagetitle = $lang['Confirm_delete_pm'];
cpg_delete_msg(URL::index('&folder=' . $folder), count($mark_list) == 1 ? $lang['Confirm_delete_pm'] : $lang['Confirm_delete_pms'], $s_hidden_fields);
} else {
if ($delete_all) {
switch ($folder) {
case 'inbox':
$delete_type = "privmsgs_to_userid = {$userinfo['user_id']} AND (\n\t\t\t\tprivmsgs_type = " . PM_READ_MAIL . " OR privmsgs_type = " . PM_NEW_MAIL . " OR privmsgs_type = " . PM_UNREAD_MAIL . " )";
break;
case 'outbox':
$delete_type = "privmsgs_from_userid = {$userinfo['user_id']} AND ( privmsgs_type = " . PM_NEW_MAIL . " OR privmsgs_type = " . PM_UNREAD_MAIL . " )";
break;
case 'sentbox':
$delete_type = "privmsgs_from_userid = {$userinfo['user_id']} AND privmsgs_type = " . PM_SENT_MAIL;
break;
case 'savebox':
$delete_type = "( ( privmsgs_from_userid = {$userinfo['user_id']}\n\t\t\t\t\tAND privmsgs_type = " . PM_SAVED_OUT_MAIL . " )\n\t\t\t\tOR ( privmsgs_to_userid = " . $userinfo['user_id'] . "\n\t\t\t\t\tAND privmsgs_type = " . PM_SAVED_IN_MAIL . " ) )";
break;
} elseif (isset($_POST['saveEntry'])) {
$id = intval($_POST['entry_id']);
$year = Fix_Quotes($_POST['entry_year'], 1);
$content = Fix_Quotes($_POST['entry_content']);
$entry_language = $_POST['entry_lang'];
$db->sql_query("UPDATE " . $prefix . "_history SET yid='{$year}', content='{$content}', language='{$entry_language}' WHERE eid='{$id}'");
URL::redirect(URL::admin('&edit=' . $id));
} elseif (isset($_GET['delete'])) {
if (isset($_POST['cancel'])) {
URL::redirect(URL::admin());
}
if (isset($_POST['confirm'])) {
$db->sql_query("DELETE FROM " . $prefix . "_history WHERE eid='" . intval($_GET['delete']) . "'");
URL::redirect(URL::admin());
}
cpg_delete_msg(URL::admin('&delete=' . intval($_GET['delete'])), sprintf(_ERROR_DELETE_CONF, 'this entry'));
} elseif (isset($_POST['transferEntry'])) {
$entry_day = intval($_POST['day']);
$entry_month = intval($_POST['month']);
URL::redirect(URL::admin('&mode=show&month=' . $entry_month . '&day=' . $entry_day));
} elseif (isset($_GET['mode']) && $_GET['mode'] == 'show') {
$entry_day = intval($_GET['day']);
$entry_month = intval($_GET['month']);
if (strlen($_GET['day']) < 1 || strlen($_GET['month']) < 1) {
cpg_error(sprintf(_ERROR_NOT_SET, 'ID'), _SEC_ERROR);
}
$pagetitle .= ' ' . _BC_DELIM . ' ' . _EPHEMMAINT;
require_once 'header.php';
GraphicAdmin('_AMENU5');
OpenTable();
echo '<span class="genmed"><strong>' . _EPHEMADMIN . '</strong></span><br /><br />';
}
if (!is_admin()) {
cpg_die(_ERROR, PERM_DENIED, __FILE__, __LINE__);
}
if ($CLASS['member']->demo) {
pageheader(PERM_DENIED);
cpg_die(_ERROR, PERM_DENIED, __FILE__, __LINE__);
pagefooter();
}
if (isset($_POST['cancel'])) {
$redirect = URL::index("&file=usermgr");
URL::redirect($redirect);
}
if (!isset($_POST['confirm'])) {
$msg = DEL_USER . ' - ' . $user_id . '<br />' . USER_CONFIRM_DEL;
cpg_delete_msg(URL::index("&file=delete"), $msg, '<input type="hidden" name="what" value="user" /><input type="hidden" name="id" value="' . $user_id . '" />');
}
$result = $db->sql_query("SELECT username FROM {$CONFIG['TABLE_USERS']} WHERE user_id = '{$user_id}'", false, __FILE__, __LINE__);
if (!$db->sql_numrows($result)) {
cpg_die(_CRITICAL_ERROR, $ERR_UNKNOWN_USE, __FILE__, __LINE__);
}
$user_data = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
pageheader(DEL_USER);
starttable("100%", DEL_USER . ' - ' . $user_data['username'], 6);
// First delete the albums
$result = $db->sql_query("SELECT aid FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = '" . (FIRST_USER_CAT + $user_id) . "'", false, __FILE__, __LINE__);
while ($album = $db->sql_fetchrow($result)) {
delete_album($album['aid']);
}
// while
}
} elseif (isset($_GET['del']) && !($CLASS['member']->demo && $_GET['del'] == $MAIN_CFG['global']['language'])) {
if (!preg_match('#^([a-zA-Z0-9_\\-]+)$#', $_GET['del'])) {
cpg_error('Invalid title');
}
if (!is_dir('language/' . $_GET['del'])) {
cpg_error('Language does not exist');
}
if (isset($_POST['cancel'])) {
URL::redirect(URL::admin());
}
if (isset($_POST['confirm'])) {
del_folder($_GET['del']);
cpg_error(get_lang_title($_GET['del']) . ' language pack successfully deleted', _TB_INFO, URL::admin());
}
cpg_delete_msg(URL::admin('&del=' . $_GET['del']), 'Are you sure that you want to delete the ' . get_lang_title($_GET['del']) . ' language pack?');
} elseif (isset($_POST['cvs_lang'])) {
require_once CORE_PATH . 'classes/cvs.php';
if (!preg_match('#^([a-zA-Z0-9_\\-]+)$#', $_POST['cvs_lang'])) {
cpg_error('Invalid title');
}
$path = 'language/' . $_POST['cvs_lang'];
if (!CVS::create($path, 'dragonflycms.org', '/cvs', 'l10n/' . $_POST['cvs_lang'], $_POST['cvs_uname'], $_POST['cvs_pass'])) {
cpg_error('Error creating important CVS files and folders');
} else {
$log = CVS::update($path);
if (!isset($log['error'])) {
if (!isset($log['notes'])) {
cpg_error(get_lang_title($_POST['cvs_lang']) . ' language pack successfully installed', _TB_INFO, URL::admin());
}
$log = nl2br(CVS::formatlog($log));
cpg_error($lang['Group_joined'], 'Joined group', $groupurl);
} else {
if (isset($_POST['unsub']) || isset($_POST['unsubpending']) && $group_id) {
//
// Unsubscribe from a group
//
if (!is_user()) {
URL::redirect(URL::index('Your_Account'), true);
}
if (isset($_POST['confirm'])) {
$db->sql_query("DELETE FROM " . USER_GROUP_TABLE . " WHERE user_id=" . $userinfo['user_id'] . " AND group_id={$group_id}");
cpg_error($lang['Unsub_success'], 'Unsubscribed', URL::index());
} else {
$unsub_msg = isset($_POST['unsub']) ? $lang['Confirm_unsub'] : $lang['Confirm_unsub_pending'];
$hidden_fields = '<input type="hidden" name="g" value="' . $group_id . '" /><input type="hidden" name="unsub" value="1" />';
cpg_delete_msg(URL::index(), $unsub_msg, $hidden_fields);
}
} else {
if ($group_id) {
//
// Did the group moderator get here through an email?
// If so, check to see if they are logged in.
//
if (isset($_GET['validate']) && !is_user()) {
URL::redirect(URL::index('Your_Account'), true);
}
//
// For security, get the ID of the group moderator.
//
$result = $db->sql_query("SELECT group_moderator, group_type FROM " . GROUPS_TABLE . " WHERE group_id = {$group_id}");
if ($group_info = $db->sql_fetchrow($result)) {
BlocksEdit(intval($_GET['edit']));
} else {
if (isset($_GET['del'])) {
$bid = intval($_GET['del']);
list($bposition, $weight, $title) = $db->sql_ufetchrow('SELECT bposition, weight, title from ' . $prefix . '_blocks where bid=' . $bid, SQL_NUM);
if (!isset($bposition) || isset($_POST['cancel'])) {
URL::redirect(URL::admin());
}
if (isset($_POST['confirm'])) {
$db->sql_uquery('UPDATE ' . $prefix . '_blocks SET weight=weight-1 WHERE bposition=\'' . $bposition . '\' AND weight>' . $weight);
$db->sql_uquery('DELETE FROM ' . $prefix . '_blocks WHERE bid=' . $bid);
$db->sql_uquery('DELETE FROM ' . $prefix . '_blocks_custom WHERE bid=' . $bid);
Cache::array_delete('blocks_list');
URL::redirect(URL::admin());
}
cpg_delete_msg(URL::admin('&del=' . $bid), sprintf(_ERROR_DELETE_CONF, '<strong>' . (defined($title) ? constant($title) : $title) . '</strong>'));
} else {
if (isset($_GET['save'])) {
BlocksEditSave(intval($_GET['save']));
} else {
if (isset($_POST['add']) && !BlocksAdd()) {
rssfail();
return;
}
if (Security::check_post()) {
$sides = array('l', 'c', 'r', 'd', 'n');
$count = count($_POST['id']);
$blocks = blocks_list();
$mid = intval($_POST['mid']);
$module = $db->sql_escape_string($_POST['module']);
for ($i = 0; $i < $count; ++$i) {
$catname = trim($_POST['catname']) ? Fix_Quotes($_POST['catname']) : '<???>';
$description = Fix_Quotes($_POST['description']);
$db->sql_query("INSERT INTO {$CONFIG['TABLE_CATEGORIES']} (pos, parent, catname, description) VALUES ('10000', '{$parent}', '{$catname}', '{$description}')", false, __FILE__, __LINE__);
break;
case 'deletecat':
if (!isset($_POST['cid'])) {
cpg_die(_CRITICAL_ERROR, sprintf(MISS_PARAM, 'deletecat'), __FILE__, __LINE__);
}
$cid = intval($_POST['cid']);
if (isset($_POST['cancel'])) {
$redirect = isset($CPG_SESS['user']['redirect']) ? $CPG_SESS['user']['redirect'] : URL::index("&file=catmgr");
URL::redirect($redirect);
}
if (!isset($_POST['confirm'])) {
$msg = CONFIRM_DELETE_CAT . $_POST['catname'];
cpg_delete_msg(URL::index("&file=catmgr"), $msg, '<input type="hidden" name="oppe" value="deletecat" />
<input type="hidden" name="cid" value="' . $cid . '" />');
} else {
$result = $db->sql_query("SELECT parent FROM {$CONFIG['TABLE_CATEGORIES']} WHERE cid = '{$cid}'", false, __FILE__, __LINE__);
if ($cid == 1) {
cpg_die(_ERROR, USERGAL_CAT_RO, __FILE__, __LINE__);
}
if (!$db->sql_numrows($result)) {
cpg_die(_ERROR, UNKNOWN_CAT, __FILE__, __LINE__);
}
$del_category = $db->sql_fetchrow($result);
$parent = $del_category['parent'];
$result = $db->sql_query("UPDATE {$CONFIG['TABLE_CATEGORIES']} SET parent='{$parent}' WHERE parent = '{$cid}'", false, __FILE__, __LINE__);
$result = $db->sql_query("UPDATE {$CONFIG['TABLE_ALBUMS']} SET category='{$parent}' WHERE category = '{$cid}'", false, __FILE__, __LINE__);
$result = $db->sql_query("DELETE FROM {$CONFIG['TABLE_CATEGORIES']} WHERE cid='{$cid}'", false, __FILE__, __LINE__);
}
break;
cpg_error(_ERROR_BAD_LINK, _SEC_ERROR);
}
if (!is_numeric($_GET['del_aid'])) {
cpg_error(sprintf(_ERROR_NOT_SET, _ADMINID), _SEC_ERROR);
}
$del_aid = intval($_GET['del_aid']);
if ($del_aid == 1) {
cpg_error(_GODNOTDEL);
}
if (isset($_POST['confirm'])) {
$db->sql_query('DELETE FROM ' . $prefix . "_admins WHERE admin_id='{$del_aid}'");
} else {
if (!isset($_POST['cancel'])) {
$pagetitle .= ' ' . _BC_DELIM . ' ' . _AUTHORDEL;
list($author_name) = $db->sql_ufetchrow('SELECT aid FROM ' . $prefix . '_admins WHERE admin_id=' . $del_aid, SQL_NUM);
cpg_delete_msg(URL::admin('admins&del_aid=' . $del_aid), sprintf(_ERROR_DELETE_CONF, '<strong>' . $author_name . '</strong>'), $hidden = '');
}
}
URL::redirect(URL::admin('admins'));
} else {
if (isset($_GET['update'])) {
$adm_aid = intval($_GET['update']);
if (!can_admin() && $CLASS['member']->admin['admin_id'] != $adm_aid || $CPG_SESS['admin']['page'] != 'admins' || $adm_aid < 1) {
cpg_error(_ERROR_BAD_LINK, _SEC_ERROR);
}
$chng_email = trim($_POST['chng_email']);
$chng_pwd = isset($_POST['chng_pwd']) ? $_POST['chng_pwd'] : '';
$chng_pwd2 = isset($_POST['chng_pwd2']) ? $_POST['chng_pwd2'] : '';
$fields = "email='{$chng_email}'";
if ($chng_pwd2 != '') {
if (!preg_match('#[0-9]#', $chng_pwd) && !preg_match('#[a-z]#', $chng_pwd) && !preg_match('#[A-Z]#', $chng_pwd)) {
<label class="ulog" for="headlinesurl">' . _RSSFILE . '</label>
<input type="text" name="headlinesurl" size="50" maxlength="200" value="' . $headlinesurl . '" /><br /><br />
<input type="hidden" name="save" value="' . $hid . '" />
<input type="submit" value="' . _SAVECHANGES . '" />
' . close_form();
CloseTable();
} else {
if (isset($_GET['del'])) {
if (isset($_POST['cancel'])) {
URL::redirect(URL::admin());
}
if (isset($_POST['confirm'])) {
$db->sql_query('DELETE FROM ' . $prefix . "_headlines WHERE hid='" . intval($_GET['del']) . "'");
URL::redirect(URL::admin());
}
cpg_delete_msg(URL::admin('&del=' . intval($_GET['del'])), _SURE2DELHEADLINE);
} else {
require_once 'header.php';
GraphicAdmin('_AMENU6');
OpenTable();
echo '<span class="genmed"><strong>' . _HEADLINESADMIN . '</strong></span><br /><br />
<table border="0" width="100%">
<tr bgcolor="' . $bgcolor2 . '">
<td><strong>' . _SITENAME . '</strong></td>
<td><strong>' . _URL . '</strong></td>
<td><strong>' . _FUNCTIONS . '</strong></td>
</tr>';
$result = $db->sql_uquery("SELECT hid, sitename, headlinesurl FROM " . $prefix . "_headlines ORDER BY hid");
$bgcolor = $bgcolor3;
while (list($hid, $sitename, $headlinesurl) = $db->sql_fetchrow($result)) {
$bgcolor = $bgcolor == '' ? ' bgcolor="' . $bgcolor3 . '"' : '';
}
if ($module->radmin) {
$db->alter_table($prefix . '_admins DROP radmin' . strtolower($class));
unset($_SESSION['CPG_ADMIN']);
}
$mid = $db->sql_fetchrow($db->sql_query('SELECT mid FROM ' . $prefix . "_modules WHERE title='{$class}'"));
$db->sql_query('DELETE FROM ' . $prefix . "_modules WHERE title='{$class}'");
$db->optimize_table($prefix . '_modules');
$db->sql_query('DELETE FROM ' . $prefix . "_blocks_custom WHERE mid='{$mid['0']}'");
$db->optimize_table($prefix . 'blocks_custom');
Cache::clear_conf();
cpg_error('The module "' . $class . '" has been properly uninstalled, you can safely delete the files associated with it', 'Module Uninstall', URL::admin('modules'));
}
} else {
if (!isset($_POST['cancel'])) {
cpg_delete_msg(URL::admin('&uninstall=' . $class), 'Are you sure that you want to remove all data associated with <strong>' . $class . '</strong>?');
}
}
URL::redirect(URL::admin('modules'));
}
}
$mods = array();
$result = $db->sql_query("SELECT mid, title, custom_title, active, view, inmenu, uninstall, blocks FROM " . $prefix . "_modules");
while ($row = $db->sql_fetchrow($result, SQL_ASSOC)) {
if (!file_exists("modules/{$row['title']}/index.php")) {
$db->sql_query("DELETE FROM {$prefix}_modules WHERE title='{$row['title']}'");
$db->optimize_table($prefix . '_modules');
$db->sql_query("DELETE FROM {$prefix}_blocks_custom WHERE mid='{$row['mid']}'");
$db->optimize_table($prefix . '_blocks_custom');
Cache::array_delete('blocks_list');
} else {
