示例#1
0
 /**
  * Delete Forum.
  * If Forum has Sub Forum, deletion will give you a move form.
  * If Forum has no Sub Forum, it will prune itself and delete itself.
  *
  */
 private function validate_forum_removal()
 {
     global $aidlink;
     if (isset($_GET['forum_id']) && isnum($_GET['forum_id']) && isset($_GET['forum_cat']) && isnum($_GET['forum_cat'])) {
         $forum_count = dbcount("('forum_id')", DB_FORUMS, "forum_cat='" . $_GET['forum_id'] . "'");
         if ($forum_count >= 1) {
             // Delete forum
             /**
              * $action_data
              * 'forum_id' - current forum id
              * 'forum_branch' - the branch id
              * 'threads_to_forum' - target destination where all threads should move to
              * 'delete_threads' - if delete threads are checked
              * 'subforum_to_forum' - target destination where all subforums should move to
              * 'delete_forum' - if delete all subforums are checked
              */
             if (isset($_POST['forum_remove'])) {
                 $action_data = array('forum_id' => isset($_POST['forum_id']) ? form_sanitizer($_POST['forum_id'], 0, 'forum_id') : 0, 'forum_branch' => isset($_POST['forum_branch']) ? form_sanitizer($_POST['forum_branch'], 0, 'forum_branch') : 0, 'threads_to_forum' => isset($_POST['move_threads']) ? form_sanitizer($_POST['move_threads'], 0, 'move_threads') : '', 'delete_threads' => isset($_POST['delete_threads']) ? 1 : 0, 'subforums_to_forum' => isset($_POST['move_forums']) ? form_sanitizer($_POST['move_forums'], 0, 'move_forums') : '', 'delete_forums' => isset($_POST['delete_forums']) ? 1 : 0);
                 if (self::verify_forum($action_data['forum_id'])) {
                     // Threads and Posts action
                     if (!$action_data['delete_threads'] && $action_data['threads_to_forum']) {
                         //dbquery("UPDATE ".DB_FORUM_THREADS." SET forum_id='".$action_data['threads_to_forum']."' WHERE forum_id='".$action_data['forum_id']."'");
                         dbquery("UPDATE " . DB_FORUM_POSTS . " SET forum_id='" . $action_data['threads_to_forum'] . "' WHERE forum_id='" . $action_data['forum_id'] . "'");
                     } elseif ($action_data['delete_threads']) {
                         // remove all threads and all posts in this forum.
                         self::prune_attachment($action_data['forum_id']);
                         // wipe
                         self::prune_posts($action_data['forum_id']);
                         // wipe
                         self::prune_threads($action_data['forum_id']);
                         // wipe
                         self::recalculate_post($action_data['forum_id']);
                         // wipe
                     } else {
                         \defender::stop();
                         addNotice('danger', self::$locale['forum_notice_na']);
                     }
                     // Subforum action
                     if (!$action_data['delete_forums'] && $action_data['subforums_to_forum']) {
                         dbquery("UPDATE " . DB_FORUMS . " SET forum_cat='" . $action_data['subforums_to_forum'] . "', forum_branch='" . get_hkey(DB_FORUMS, 'forum_id', 'forum_cat', $action_data['subforums_to_forum']) . "'\n\t\t\t\t" . (multilang_table("FO") ? "WHERE forum_language='" . LANGUAGE . "' AND" : "WHERE") . " forum_cat='" . $action_data['forum_id'] . "'");
                     } elseif (!$action_data['delete_forums']) {
                         \defender::stop();
                         addNotice('danger', self::$locale['forum_notice_na']);
                     }
                 } else {
                     \defender::stop();
                     addNotice('error', self::$locale['forum_notice_na']);
                 }
                 self::prune_forums($action_data['forum_id']);
                 addNotice('info', self::$locale['forum_notice_5']);
                 redirect(FUSION_SELF . $aidlink);
             }
             self::display_forum_move_form();
         } else {
             self::prune_attachment($_GET['forum_id']);
             self::prune_posts($_GET['forum_id']);
             self::prune_threads($_GET['forum_id']);
             self::recalculate_post($_GET['forum_id']);
             dbquery("DELETE FROM " . DB_FORUMS . " WHERE forum_id='" . intval($_GET['forum_id']) . "'");
             addNotice('info', self::$locale['forum_notice_5']);
             redirect(FUSION_SELF . $aidlink);
         }
     }
 }
示例#2
0
function get_hkey($db, $id_col, $cat_col, $parent_id)
{
    $hkey =& $hkey;
    $query = "SELECT {$id_col}, {$cat_col} FROM " . $db . " WHERE {$id_col} = '{$parent_id}' LIMIT 1";
    //echo $query;
    $result = dbquery($query);
    if (dbrows($result) > 0) {
        $data = dbarray($result);
        if ($data[$cat_col] > 0) {
            $hkey = get_hkey($db, $id_col, $cat_col, $data[$cat_col]);
        } else {
            $hkey = $data[$id_col];
        }
    } else {
        // predict current row.
        $rows = dbrows(dbquery("SELECT {$id_col} FROM " . $db . ""));
        $hkey = $rows + 1;
    }
    return $hkey;
}
示例#3
0
 private function _delete_category()
 {
     global $aidlink;
     $this->locale = fusion_get_locale();
     $this->debug = FALSE;
     $data = array();
     if (isset($_POST['cancel'])) {
         redirect(FUSION_SELF . $aidlink);
     }
     if (isset($_GET['action']) && $_GET['action'] == 'cat_delete' && isset($_GET['cat_id']) && self::validate_fieldCat($_GET['cat_id'])) {
         // do action of the interior form
         if (isset($_POST['delete_cat'])) {
             // get root node
             $target_database = '';
             $field_list = array();
             if (isset($_POST['delete_subcat']) or isset($_POST['delete_field'])) {
                 if (in_array($_GET['cat_id'], $this->page_list)) {
                     // this is root.
                     $result = dbquery("\n                                  SELECT field_cat_id, field_parent, field_cat_db FROM " . $this->category_db . "\n                                  WHERE field_cat_id='" . intval($_GET['cat_id']) . "'\n                                  ");
                 } else {
                     // is is not a root.
                     $result = dbquery("\n                        SELECT uf.field_cat_id, root.field_cat_db FROM " . $this->category_db . " uf\n\t\t\t\t\t\tLEFT JOIN " . $this->category_db . " root ON uf.field_parent = root.field_cat_id\n\t\t\t\t\t\tWHERE uf.field_cat_id='" . intval($_GET['cat_id']) . "'\n\t\t\t\t\t\t");
                 }
                 if ($result == NULL) {
                     die("no result");
                 }
                 if (dbrows($result) > 0) {
                     $data += dbarray($result);
                     $target_database = $data['field_cat_db'] ? DB_PREFIX . $data['field_cat_db'] : DB_USERS;
                     $field_list = fieldgenerator($target_database);
                 }
                 if ($this->debug) {
                     print_p($field_list);
                     print_p($target_database);
                 }
             }
             if (isset($_POST['delete_subcat'])) {
                 // When deletion of a master page and involving all subcategories
                 if ($this->debug) {
                     print_p($this->page[$_GET['cat_id']]);
                 }
                 // execute removal on child fields and cats
                 foreach ($this->page[$_GET['cat_id']] as $arr => $field_category) {
                     $result = dbquery("\n                                  SELECT field_id, field_name FROM " . $this->field_db . "\n                                  WHERE field_cat='" . $field_category['field_cat_id'] . "'\n                                  ");
                     // find all child > 1
                     if (dbrows($result) > 0) {
                         while ($data = dbarray($result)) {
                             // remove column from db , and fields
                             if (in_array($data['field_name'], $field_list)) {
                                 // verify table integrity
                                 if ($this->debug) {
                                     print_p("DROP " . $data['field_name'] . " FROM " . $target_database);
                                     print_p("DELETE " . $data['field_id'] . " FROM " . $this->field_db);
                                 } else {
                                     dbquery("DELETE FROM " . $this->field_db . " WHERE field_id='" . $data['field_id'] . "'");
                                     if (!empty($target_database) && !empty($data['field_name'])) {
                                         self::drop_column($target_database, $data['field_name']);
                                     }
                                 }
                             }
                             // remove category.
                             if ($this->debug) {
                                 print_p("DELETE " . $field_category['field_cat_id'] . " FROM " . $this->category_db);
                             } else {
                                 dbquery("DELETE FROM " . $this->category_db . " WHERE field_cat_id='" . $field_category['field_cat_id'] . "'");
                             }
                         }
                         // end while
                     }
                 }
             } elseif (isset($_POST['move_subcat']) && $_POST['move_subcat'] > 0) {
                 // When deletion to move subcategory
                 foreach ($this->page[$_GET['cat_id']] as $arr => $field_category) {
                     $new_parent = form_sanitizer($_POST['move_subcat'], 0, 'move_subcat');
                     if ($this->debug) {
                         print_p("MOVED " . $field_category['field_cat_id'] . " TO category " . $new_parent);
                         print_p("DELETE " . $_GET['cat_id'] . " FROM " . $this->category_db);
                     } else {
                         dbquery("UPDATE " . $this->category_db . " SET field_parent='" . $new_parent . "' WHERE field_cat_id='" . $field_category['field_cat_id'] . "'");
                     }
                 }
             } elseif (isset($_POST['delete_field']) && isset($_GET['cat_id']) && isnum($_GET['cat_id'])) {
                 // Delete fields
                 $this->debug = FALSE;
                 if ($this->debug) {
                     print_p('Delete Fields');
                 }
                 // Delete Fields - Bug with Isset errors
                 $result = dbquery("SELECT field_id, field_name FROM " . $this->field_db . " WHERE field_cat='" . intval($_GET['cat_id']) . "'");
                 if (dbrows($result) > 0) {
                     while ($data = dbarray($result)) {
                         if (in_array($data['field_name'], $field_list)) {
                             // verify table integrity
                             if ($this->debug) {
                                 print_p("DROP " . $data['field_name'] . " FROM " . $target_database);
                                 print_p("DELETE " . $data['field_id'] . " FROM " . $this->field_db);
                             } else {
                                 $field_del_sql = "DELETE FROM " . $this->field_db . " WHERE field_id='" . $data['field_id'] . "'";
                                 $field_count = $this->validate_field($data['field_id']);
                                 if ($field_count) {
                                     dbquery($field_del_sql);
                                 }
                                 // drop a column
                                 if (!empty($target_database)) {
                                     self::drop_column($target_database, $data['field_name']);
                                 }
                             }
                         }
                     }
                     addNotice('success', $this->locale['field_0200']);
                     redirect(FUSION_SELF . $aidlink);
                 }
             } elseif (!isset($_POST['delete_field']) && isset($_POST['move_field']) && $_POST['move_field'] > 0) {
                 $rows = dbcount("(field_id)", $this->field_db, "field_cat='" . intval($_GET['cat_id']) . "'");
                 if ($rows) {
                     $new_parent = form_sanitizer($_POST['move_field'], 0, 'move_field');
                     dbquery("UPDATE " . $this->field_db . " SET field_cat='" . intval($new_parent) . "' WHERE field_cat='" . intval($_GET['cat_id']) . "'");
                 }
             }
             // Delete the current category
             $delete_cat_sql = "DELETE FROM " . $this->category_db . " WHERE field_cat_id='" . intval($_GET['cat_id']) . "'";
             if ($this->debug) {
                 print_p($delete_cat_sql);
             } else {
                 dbquery($delete_cat_sql);
                 addNotice('success', $this->locale['field_0200']);
                 redirect(FUSION_SELF . $aidlink);
             }
         } else {
             // show interior form
             $field_list = array();
             $form_action = FUSION_SELF . $aidlink . "&action=cat_delete&cat_id=" . $_GET['cat_id'];
             $result = dbquery("SELECT * FROM " . $this->category_db . " WHERE field_cat_id='" . $_GET['cat_id'] . "' OR field_cat_id='" . get_hkey($this->category_db, "field_cat_id", "field_parent", $_GET['cat_id']) . "'");
             if (dbrows($result) > 0) {
                 $data += dbarray($result);
                 // get field list - populate child fields of a category.
                 $result = dbquery("SELECT field_id, field_name, field_cat FROM " . $this->field_db . " WHERE field_cat='" . intval($_GET['cat_id']) . "'");
                 if (dbrows($result) > 0) {
                     // get field list.
                     while ($data = dbarray($result)) {
                         $field_list[$data['field_cat']][$data['field_id']] = $data['field_name'];
                     }
                 }
                 if (isset($this->page[$data['field_parent']]) or !empty($field_list) && $field_list[$_GET['cat_id']] > 0) {
                     ob_start();
                     echo openmodal("delete", $this->locale['fields_0313'], array('class' => 'modal-lg modal-center', 'static' => TRUE));
                     echo openform('delete_cat_form', 'post', $form_action);
                     if (isset($this->page[$_GET['cat_id']])) {
                         echo "<div class='row'>\n";
                         echo "<div class='col-xs-12 col-sm-6'>\n<span class='strong'>" . sprintf($this->locale['fields_0600'], count($this->page[$_GET['cat_id']])) . "</span><br/>\n";
                         echo "<div class='alert alert-info m-t-10'>\n";
                         echo "<ol style='list-style:inherit !important; margin-bottom:0;'>\n";
                         foreach ($this->page[$_GET['cat_id']] as $arr => $field_category) {
                             echo "<li style='list-style-type:decimal;'>" . self::parse_label($field_category['field_cat_name']) . "</li>\n";
                         }
                         echo "</ol>\n";
                         echo "</div>\n";
                         echo "</div>\n<div class='col-xs-12 col-sm-6 col-md-6 col-lg-6'>\n";
                         $page_list = $this->page_list;
                         unset($page_list[$_GET['cat_id']]);
                         if (count($page_list) > 0) {
                             echo form_select('move_subcat', $this->locale['fields_0314'], '', array("options" => $page_list));
                         }
                         echo form_checkbox('delete_subcat', $this->locale['fields_0315'], count($page_list) < 1 ? TRUE : FALSE);
                         echo "</div></div>";
                     }
                     if (isset($field_list[$_GET['cat_id']])) {
                         echo "<div class='row'>\n";
                         echo "<div class='col-xs-12 col-sm-6 col-md-6 col-lg-6'>\n<span class='strong'>" . sprintf($this->locale['fields_0601'], count($field_list[$_GET['cat_id']])) . "</span><br/>\n";
                         echo "<div class='well strong m-t-10'>\n";
                         foreach ($field_list[$_GET['cat_id']] as $arr => $field) {
                             echo "- " . $field . "<br/>\n";
                         }
                         echo "</div>\n";
                         echo "</div>\n<div class='col-xs-12 col-sm-6 col-md-6 col-lg-6'>\n";
                         $exclude_list[] = $_GET['cat_id'];
                         foreach ($this->page_list as $page_id => $page_name) {
                             $exclude_list[] = $page_id;
                         }
                         echo form_select_tree('move_field', $this->locale['fields_0316'], '', array('no_root' => 1, 'disable_opts' => $exclude_list), $this->category_db, 'field_cat_name', 'field_cat_id', 'field_parent');
                         echo form_checkbox('delete_field', $this->locale['fields_0317'], '');
                         echo "</div></div>";
                     }
                     echo form_button('delete_cat', $this->locale['fields_0313'], $this->locale['fields_0313'], array('class' => 'btn-danger btn-sm'));
                     echo form_button('cancel', $this->locale['cancel'], $this->locale['cancel'], array('class' => 'btn-default m-l-10 btn-sm'));
                     echo closeform();
                     echo closemodal();
                     add_to_footer(ob_get_contents());
                     ob_end_clean();
                 }
             } else {
                 if ($this->debug) {
                     notify('Cat ID was not found. Please check again.', 'Category ID was not found. Please check again.');
                 } else {
                     redirect(FUSION_SELF . $aidlink);
                 }
             }
         }
     }
 }
示例#4
0
 /**
  * MYSQL update and save forum
  */
 private function set_forumDB()
 {
     global $aidlink, $locale;
     if (isset($_POST['save_forum'])) {
         $this->data = array('forum_id' => form_sanitizer($_POST['forum_id'], 0, 'forum_id'), 'forum_name' => form_sanitizer($_POST['forum_name'], '', 'forum_name'), 'forum_description' => form_sanitizer($_POST['forum_description'], '', 'forum_description'), 'forum_cat' => form_sanitizer($_POST['forum_cat'], 0, 'forum_cat'), 'forum_type' => form_sanitizer($_POST['forum_type'], '', 'forum_type'), 'forum_language' => form_sanitizer($_POST['forum_language'], '', 'forum_language'), 'forum_alias' => form_sanitizer($_POST['forum_alias'], '', 'forum_alias'), 'forum_meta' => form_sanitizer($_POST['forum_meta'], '', 'forum_meta'), 'forum_rules' => form_sanitizer($_POST['forum_rules'], '', 'forum_rules'), 'forum_image_enable' => isset($_POST['forum_image_enable']) ? 1 : 0, 'forum_merge' => isset($_POST['forum_merge']) ? 1 : 0, 'forum_allow_attach' => isset($_POST['forum_allow_attach']) ? 1 : 0, 'forum_quick_edit' => isset($_POST['forum_quick_edit']) ? 1 : 0, 'forum_allow_poll' => isset($_POST['forum_allow_poll']) ? 1 : 0, 'forum_poll' => USER_LEVEL_MEMBER, 'forum_users' => isset($_POST['forum_users']) ? 1 : 0, 'forum_lock' => isset($_POST['forum_lock']) ? 1 : 0, 'forum_permissions' => isset($_POST['forum_permissions']) ? form_sanitizer($_POST['forum_permissions'], 0, 'forum_permissions') : 0, 'forum_order' => isset($_POST['forum_order']) ? form_sanitizer($_POST['forum_order']) : '', 'forum_branch' => get_hkey(DB_FORUMS, 'forum_id', 'forum_cat', $this->data['forum_cat']), 'forum_image' => '', 'forum_mods' => "");
         $this->data['forum_alias'] = $this->data['forum_alias'] ? str_replace(' ', '-', $this->data['forum_alias']) : '';
         // Checks for unique forum alias
         if ($this->data['forum_alias']) {
             if ($this->data['forum_id']) {
                 $alias_check = dbcount("('alias_id')", DB_PERMALINK_ALIAS, "alias_url='" . $this->data['forum_alias'] . "' AND alias_item_id !='" . $this->data['forum_id'] . "'");
             } else {
                 $alias_check = dbcount("('alias_id')", DB_PERMALINK_ALIAS, "alias_url='" . $this->data['forum_alias'] . "'");
             }
             if ($alias_check) {
                 \defender::stop();
                 addNotice('warning', $locale['forum_error_6']);
             }
         }
         // check forum name unique
         $this->data['forum_name'] = self::check_validForumName($this->data['forum_name'], $this->data['forum_id']);
         // Uploads or copy forum image or use back the forum image existing
         if (!empty($_FILES) && is_uploaded_file($_FILES['forum_image']['tmp_name'])) {
             $upload = form_sanitizer($_FILES['forum_image'], '', 'forum_image');
             if ($upload['error'] == 0) {
                 if (!empty($upload['thumb1_name'])) {
                     $this->data['forum_image'] = $upload['thumb1_name'];
                 } else {
                     $this->data['forum_image'] = $upload['image_name'];
                 }
             }
         } elseif (isset($_POST['forum_image_url']) && $_POST['forum_image_url'] != "") {
             require_once INCLUDES . "photo_functions_include.php";
             // if forum_image_header is not empty
             $type_opts = array('0' => BASEDIR, '1' => '');
             // the url
             $this->data['forum_image'] = $type_opts[intval($_POST['forum_image_header'])] . form_sanitizer($_POST['forum_image_url'], '', 'forum_image_url');
             $upload = copy_file($this->data['forum_image'], FORUM . "images/");
             if ($upload['error'] == TRUE) {
                 \defender::stop();
                 addNotice('danger', $locale['forum_error_9']);
             } else {
                 $this->data['forum_image'] = $upload['name'];
             }
         } else {
             $this->data['forum_image'] = isset($_POST['forum_image']) ? form_sanitizer($_POST['forum_image'], '', 'forum_image') : "";
         }
         if (!$this->data['forum_id']) {
             $this->data += array('forum_access' => USER_LEVEL_PUBLIC, 'forum_post' => USER_LEVEL_MEMBER, 'forum_reply' => USER_LEVEL_MEMBER, 'forum_post_ratings' => USER_LEVEL_MEMBER, 'forum_poll' => USER_LEVEL_MEMBER, 'forum_vote' => USER_LEVEL_MEMBER, 'forum_mods' => "");
         }
         // Set last order
         if (!$this->data['forum_order']) {
             $this->data['forum_order'] = dbresult(dbquery("SELECT MAX(forum_order) FROM " . DB_FORUMS . " " . (multilang_table("FO") ? "WHERE forum_language='" . LANGUAGE . "' AND" : "WHERE") . " forum_cat='" . $this->data['forum_cat'] . "'"), 0) + 1;
         }
         if (\defender::safe()) {
             if (self::verify_forum($this->data['forum_id'])) {
                 $result = dbquery_order(DB_FORUMS, $this->data['forum_order'], 'forum_order', $this->data['forum_id'], 'forum_id', $this->data['forum_cat'], 'forum_cat', 1, 'forum_language', 'update');
                 if ($result) {
                     dbquery_insert(DB_FORUMS, $this->data, 'update');
                 }
                 addNotice('success', $locale['forum_notice_9']);
                 redirect(FUSION_SELF . $aidlink . $this->ext);
             } else {
                 $new_forum_id = 0;
                 $result = dbquery_order(DB_FORUMS, $this->data['forum_order'], 'forum_order', FALSE, FALSE, $this->data['forum_cat'], 'forum_cat', 1, 'forum_language', 'save');
                 if ($result) {
                     dbquery_insert(DB_FORUMS, $this->data, 'save');
                     $new_forum_id = dblastid();
                 }
                 if ($this->data['forum_cat'] == 0) {
                     redirect(FUSION_SELF . $aidlink . "&amp;action=p_edit&amp;forum_id=" . $new_forum_id . "&amp;parent_id=0");
                 } else {
                     switch ($this->data['forum_type']) {
                         case '1':
                             addNotice('success', $locale['forum_notice_1']);
                             break;
                         case '2':
                             addNotice('success', $locale['forum_notice_2']);
                             break;
                         case '3':
                             addNotice('success', $locale['forum_notice_3']);
                             break;
                         case '4':
                             addNotice('success', $locale['forum_notice_4']);
                             break;
                     }
                     redirect(FUSION_SELF . $aidlink . $this->ext);
                 }
             }
         }
     }
 }
示例#5
0
/**
 * Get Tree Root ID of a child via SQL
 * Alternative function to get a root of a specific item when dbtree is not available
 * @param $db
 * @param $id_col
 * @param $cat_col
 * @param $parent_id
 * @return int
 */
function get_hkey($db, $id_col, $cat_col, $parent_id)
{
    $hkey =& $hkey;
    $result = dbquery("SELECT {$id_col}, {$cat_col} FROM " . $db . " WHERE {$id_col} = '{$parent_id}' LIMIT 1");
    if (dbrows($result) > 0) {
        $data = dbarray($result);
        if ($data[$cat_col] > 0) {
            $hkey = get_hkey($db, $id_col, $cat_col, $data[$cat_col]);
        } else {
            $hkey = $data[$id_col];
        }
    } else {
        // predict current row.
        $rows = dbarray(dbquery("SELECT MAX({$id_col}) as row FROM " . $db . ""));
        $rows = $rows['row'];
        $hkey = $rows + 1;
    }
    return (int) $hkey;
}