exit; } /** * * Save configuration * */ if ($_SERVER['REQUEST_METHOD'] == 'POST' && $do_action == 'save-cfg' && checkAuth()) { $page_id = getPOSTparam4IdOrNumber('page_id'); FbX::SetFeedbackLocation('comment.Manage.php'); try { if (!empty($page_id)) { FbX::SetFeedbackLocation('comment.Manage.php', 'page_id=' . $page_id); // Only if current user has the rights if ($perm->is_level_okay('manageModComment', $_SESSION['ccms_userLevel'])) { $showMessage = getPOSTparam4Number('messages'); $showLocale = getPOSTparam4IdOrNumber('locale'); if (!empty($showMessage) && !empty($showLocale)) { $values = array(); // [i_a] make sure $values is an empty array to start with here $values['page_id'] = MySQL::SQLValue($page_id, MySQL::SQLVALUE_NUMBER); $values['showMessage'] = MySQL::SQLValue($showMessage, MySQL::SQLVALUE_NUMBER); $values['showLocale'] = MySQL::SQLValue($showLocale, MySQL::SQLVALUE_TEXT); // Insert or update configuration if ($db->AutoInsertUpdate($cfg['db_prefix'] . 'cfgcomment', $values, array('cfgID' => MySQL::BuildSQLValue($cfgID)))) { header('Location: ' . makeAbsoluteURI('comment.Manage.php?page_id=' . $page_id . '&status=notice&msg=' . rawurlencode($ccms['lang']['backend']['settingssaved']))); exit; } else { throw new FbX($db->MyDyingMessage()); } } else {
$e->croak(); } } /** * * Edit user level as posted by an authorized user * */ if ($do_action == 'edit-user-level' && $_SERVER['REQUEST_METHOD'] == 'POST' && checkAuth()) { FbX::SetFeedbackLocation('user-management.Manage.php'); try { // Only if current user has the rights if ($perm->is_level_okay('manageUsers', $_SESSION['ccms_userLevel'])) { $userID = getPOSTparam4Number('userID'); $userActive = getPOSTparam4boolean('userActive'); $userLevel = getPOSTparam4Number('userLevel'); if ($userLevel > 0) { $values = array(); // [i_a] make sure $values is an empty array to start with here $values['userLevel'] = MySQL::SQLValue($userLevel, MySQL::SQLVALUE_NUMBER); $values['userActive'] = MySQL::SQLValue($userActive, MySQL::SQLVALUE_BOOLEAN); if ($db->UpdateRow($cfg['db_prefix'] . 'users', $values, array('userID' => MySQL::SQLValue($userID, MySQL::SQLVALUE_NUMBER)))) { if ($userID == $_SESSION['ccms_userID']) { $_SESSION['ccms_userLevel'] = $userLevel; } header('Location: ' . makeAbsoluteURI('user-management.Manage.php?status=notice&msg=' . rawurlencode($ccms['lang']['backend']['settingssaved']))); exit; } else { throw new FbX($db->MyDyingMessage()); } } else {
} if (empty($error)) { echo '<p class="h1 ss_has_sprite"><span class="ss_sprite_16 ss_accept" title="' . $ccms['lang']['backend']['success'] . '"> </span>' . $ccms['lang']['backend']['success'] . '</p><p>' . $ccms['lang']['backend']['orderprefsaved'] . '</p>'; } else { echo '<p class="h1 ss_has_sprite"><span class="ss_sprite_16 ss_exclamation" title="' . $ccms['lang']['system']['error_general'] . '"> </span>' . $ccms['lang']['system']['error_correct'] . '</p><p class="fault">- ' . $error . '</p>'; } exit; } /** * * Set actual hyperlink behind menu item to true/false * */ if ($do_action == 'islink' && $_SERVER['REQUEST_METHOD'] == 'POST' && checkAuth()) { if ($perm->is_level_okay('manageMenu', $_SESSION['ccms_userLevel'])) { $page_id = getPOSTparam4Number('id'); $islink_in_menu = getPOSTparam4boolYN('cvalue', 'N'); $values = array(); // [i_a] make sure $values is an empty array to start with here $values['islink'] = MySQL::SQLValue($islink_in_menu, MySQL::SQLVALUE_Y_N); if ($db->UpdateRow($cfg['db_prefix'] . 'pages', $values, array('page_id' => MySQL::SQLValue($page_id, MySQL::SQLVALUE_NUMBER)))) { if ($values['islink'] == 'Y') { echo $ccms['lang']['backend']['yes']; } else { echo $ccms['lang']['backend']['no']; } } else { $db->Kill(); } } else { die($ccms['lang']['system']['error_forged'] . ' (' . __FILE__ . ', ' . __LINE__ . ')');