define('BASE_PATH', $base); } // Include general configuration /*MARKER*/ require_once BASE_PATH . '/lib/sitemap.php'; // security check done ASAP if (!checkAuth() || empty($_SESSION['rc1']) || empty($_SESSION['rc2'])) { die("No external access to file"); } if (!$cfg['IN_DEVELOPMENT_ENVIRONMENT']) { die($ccms['lang']['auth']['featnotallowed']); } $do = getGETparam4IdOrNumber('do'); $to_lang = getGETparam4IdOrNumber('to_lang'); if (!empty($_COOKIE['googtrans'])) { $to_lang = filterParam4IdOrNumber(substr($_COOKIE['googtrans'], strrpos($_COOKIE['googtrans'], '/') + 1)); } if (empty($to_lang)) { $to_lang = 'xx'; } $status = getGETparam4IdOrNumber('status'); $status_message = getGETparam4DisplayHTML('msg'); function load_lang_file($language) { /* We collect hand-checked translation strings by loading the language file itself, then discard the babelfish-produced translations. (Rather, the automated translations originate from the google translation service, rather than babelfish, but alas. You get the point.)
// nasty way to do 'shorthand in PHP -- I do miss my #define macros! :'-| /** * * Either INSERT or UPDATE preferences * */ if ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST) && checkAuth()) { FbX::SetFeedbackLocation("permissions.Manage.php"); try { // (!) Only administrators can change these values if ($_SESSION['ccms_userLevel'] >= 4) { // Execute UPDATE $values = array(); // [i_a] make sure $values is an empty array to start with here foreach ($_POST as $key => $value) { $key = filterParam4IdOrNumber($key); $setting = filterParam4Number($value); if (empty($key) || empty($setting) && $value !== "0") { throw new FbX($ccms['lang']['system']['error_forged'] . ' (' . __FILE__ . ', ' . __LINE__ . ')'); } $perm->set($key, $value); } if ($perm->SavePermissions($db, $cfg['db_prefix'], false)) { header('Location: ' . makeAbsoluteURI('permissions.Manage.php?status=notice&msg=' . rawurlencode($ccms['lang']['backend']['settingssaved']))); exit; } else { throw new FbX($db->MyDyingMessage()); } } else { throw new FbX($ccms['lang']['auth']['featnotallowed']); }
function getREQUESTparam4IdOrNumber($name, $def = null) { if (!isset($_REQUEST[$name])) { return $def; } return filterParam4IdOrNumber(rawurldecode($_REQUEST[$name]), $def); }