}
}
show_message("Attendies Updated", "index.php?page=calender&item={$itemid}&menuid={$menuid}");
}
}
$sql = $data->select_query("profilefields", "WHERE place=2 AND eventid={$itemid} AND register=1 ORDER BY query ASC");
$numfields = $data->num_rows($sql);
$fields = array();
while ($temp = $data->fetch_array($sql)) {
$temp['options'] = unserialize($temp['options']);
$fields[] = $temp;
}
$tpl->assign("numfields", $numfields);
$tpl->assign("fields", $fields);
}
$edit = is_owner($item['id'], "events") ? true : false;
$editlink = "index.php?page=mythings&cat=events&action=edit&id={$item['id']}&cal=1&menuid={$menuid}";
$articlesql = $data->select_query("patrol_articles", "WHERE event_id={$item['id']} AND allowed=1 AND trash=0 ORDER BY title ASC", "ID, title");
$numarticles = $data->num_rows($articlesql);
$articlelist = array();
while ($articlelist[] = $data->fetch_array($articlesql)) {
}
$sql = $data->select_query("calendar_downloads", "WHERE eid={$itemid}");
$downloads = array();
$numdownloads = 0;
while ($temp = $data->fetch_array($sql)) {
$temp1 = $data->select_fetch_one_row("downloads", "WHERE id={$temp['did']}", "name, cat");
$temp['name'] = $temp1['name'];
if ($downloadaccess != 1 && $temp['permission'] == 0) {
$tempcat = $data->select_fetch_one_row("download_cats", "WHERE id={$temp1['cat']}");
$auth = unserialize($tempcat['downauth']);
<ul>
<?php
if (is_editor()) {
?>
<li><a href="/admin/posts">Manage posts</a></li>
<li><a href="/admin/posts/new">Create a new post</a></li>
<?php
}
if (is_manager()) {
?>
<li><a href="/admin/users">Manage users</a></li>
<li><a href="/admin/users/new">Create a new user</a></li>
<li><a href="/admin/users/block">Block users</a></li>
<li><a href="/admin/users/unblock">Unblock users</a></li>
<?php
}
if (is_owner()) {
?>
<li><a href="/admin/config">Control site configuration</a></li>
<?php
}
?>
</ul>
</div>
</div>
<?php
include $_SERVER["DOCUMENT_ROOT"] . "/../includes/content.resources.php";
?>
</body>
</html>
function block_users()
{
$users = get_blocked_users();
$ip_address = $_SERVER["REMOTE_ADDR"];
if (!($_SERVER["REQUEST_URI"] === "/blocked" || $_SERVER["REQUEST_URI"] === "/blocked/") && strpos($_SERVER["REQUEST_URI"], "/res") === false && !is_owner()) {
foreach ($users as $user) {
if ($user["ip"] == $ip_address) {
header("Location: /blocked");
}
}
}
}
$text->acode = $acode;
print_spacer(20);
print_heading(format_string(get_string('correction', 'blended')));
print_box(format_text(get_string('deletescanjobdesc', 'blended', $text)), 'generalbox', 'intro');
print_spacer(20);
$mform = new deleteForm();
$mform->_form->addElement('hidden', 'id', $id);
$mform->_form->addElement('hidden', 'a', $a);
$mform->_form->addElement('hidden', 'acode', $acode);
$mform->_form->addElement('hidden', 'scanjobid', $scan->id);
$mform->_form->addElement('hidden', 'jobname', $scan->scan_name);
if (!$mform->is_cancelled() && ($data = $mform->get_data())) {
$acode = $data->acode;
$continue = "{$CFG->wwwroot}/mod/blended/scan.php?&a={$a}";
$continuescanned = "{$CFG->wwwroot}/mod/blended/scan.php?&a={$a}&jobid={$scanjobid}";
$owner = is_owner(0, $scan->id);
if (has_capability('mod/blended:deletescanjob', $context) and $owner or has_capability('mod/blended:deleteall', $context)) {
blended_delete_scan_job($scan);
echo "<CENTER>El trabajo ha sido eliminado.</CENTER><BR>";
} else {
echo "<CENTER>No cuenta con permisos suficientes para realizar la acción.</CENTER><BR>";
}
print_continue($continue);
//$redirect = 'scannedJob.php?id=$course->id&a=$a&jobname=$jobname';
// redirect($redirect,'');
} elseif ($mform->is_cancelled()) {
//you need this section if you have a cancel button on your form
//here you tell php what to do if your user presses cancel
//probably a redirect is called for!
echo "<CENTER>El proceso ha sido cancelado.</CENTER><BR>";
print_continue($continuescanned);
echo "<CENTER>No cuenta con permisos suficientes para realizar la acción.</CENTER><BR>";
}
print_continue($continue);
} elseif ($page == 'scannedJob.php') {
if ($acode !== 0) {
$owner = is_owner($acode, 0);
if (has_capability('mod/blended:deletequiz', $context) and $owner or has_capability('mod/blended:deleteall', $context)) {
delete_quiz($data);
echo "<CENTER>El cuestionario ha sido eliminado.</CENTER><BR>";
} else {
echo "<CENTER>No cuenta con permisos suficientes para realizar la acción.</CENTER><BR>";
}
print_continue($continuescanned);
}
if ($acode == 0) {
$owner = is_owner(0, $jobid);
if (has_capability('mod/blended:deletescanjob', $context) and $owner or has_capability('mod/blended:deleteall', $context)) {
delete_image($data);
echo "<CENTER>La imagen ha sido eliminada.</CENTER><BR>";
} else {
echo "<CENTER>No cuenta con permisos suficientes para realizar la acción.</CENTER><BR>";
}
print_continue($continuescanned);
}
} else {
error("Unknown referrral page: {$page}");
}
//$redirect = 'scannedJob.php?id=$course->id&a=$a&jobname=$jobname';
// redirect($redirect,'');
} elseif ($mform->is_cancelled()) {
//you need this section if you have a cancel button on your form
redirect("/prihlasenie");
}
// získame id článku z url adresy
$post_id = segment(2);
// ak sa tam žiadne id článku nenachádzalo, zobrazíme 404 stránku
if (!$post_id) {
show_404();
}
// získame dáta o článku
$post = get_post($post_id);
// ak sme nezískali žiadne dáta, článok neexistuje a zobrazíme 404 stránku
if (!$post) {
show_404();
}
// ak prihlásený užívateľ nie je majteľom článku, zobrazíme 404 stránku
if (!is_owner($post)) {
show_404();
}
// ak bol na túto stránku odoslaný formulár...
if (is_post()) {
// ... vymažeme článok ...
if (delete_post($post_id)) {
// ... a ak sa úspešne vymazal, presmerujeme na úvodnú stránku
redirect();
}
}
include_header(array("title" => "Vymazanie článku"));
?>
<h1 class="text-center">Vymazanie článku</h1>
$tpl->assign("rss", $rss);
$tpl->assign("numarts", $numarts);
$tpl->assign("patrolarts", $patrolarts);
$tpl->assign("art", $art);
} elseif ($action == "view" && $id != 'NULL') {
$mode = "viewarticle";
$highlight = unserialize(stripslashes(html_entity_decode($_GET['highlight'])));
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
$tpl->assign('editFormAction', $editFormAction);
$showarticle = 'yes';
$sql = $data->select_query("patrol_articles", "WHERE ID={$id} AND allowed=1 AND trash=0");
$article = $data->fetch_array($sql);
$edit = is_owner($article['ID'], "articles") ? true : false;
$editlink = "index.php?page=mythings&cat=articles&action=edit&id={$article['ID']}&menuid={$menuid}";
if ($article['album_id'] != 0) {
$photo = $data->select_fetch_all_rows($number_of_photos, "photos", "WHERE album_id={$article['album_id']}");
$scriptList['gallery'] = 1;
$tpl->assign("photo", $photo);
$tpl->assign("number_of_photos", $number_of_photos);
}
if (isset($article['event_id'])) {
$event = $data->select_fetch_one_row("calendar_items", "WHERE id = {$article['event_id']} AND trash=0", "id, summary, startdate, enddate");
$tpl->assign("event", $event);
}
$article['relatedlist'] = '';
$article['related'] = unserialize($article['related']);
$num = 1;
$topicid = $_GET['tid'];
if (CHV\getSetting('theme_custom_js_code')) {
?>
<script><?php
echo CHV\getSetting('theme_custom_js_code');
?>
</script>
<?php
}
?>
</head>
<?php
G\Render\include_theme_file('custom_hooks/header');
if (!G\isPreventedRoute() and in_array(G\get_route_name(), ['user', 'image']) && !is_404()) {
$body_class = (G\is_route("image") or G\is_route("user") and get_user()["background"] or is_owner() or is_admin()) ? " no-margin-top" : "";
}
if (G\Handler::getRoute() == 'index') {
$body_class = CHV\Settings::get('homepage_style');
}
if (G\Handler::getRoute() == 'index' and in_array($body_class, ['landing', 'split'])) {
?>
<style>
#home-cover {
background-image: url(<?php
echo CHV\get_system_image_url(CHV\Settings::get('homepage_cover_image'));
?>
);
}
</style>
<?php
}
# Lock folder with password
if (!empty($_POST['pass']) && !empty($_POST['id']) && !empty($_POST['confirm']) && is_owner($_POST['id']) && $_POST['confirm'] == $_POST['pass']) {
$id = $_POST['id'];
$file = id2file($id);
$password = blur_password($_POST['pass']);
# turn normal share id into password hashed id
$ids = unstore();
unset($ids[$id]);
$ids[$password . $id] = $file;
store($ids);
header('location:index.php?p=admin&token=' . TOKEN);
exit;
}
# Handle folder share with users
if (!empty($_POST['share']) && is_owner($_POST['share'])) {
$folder_id = $_POST['share'];
$users = $auto_restrict['users'];
unset($users[$_SESSION['login']]);
$shared_with = load_folder_share();
$sent = array_flip($_POST['users']);
foreach ($users as $login => $data) {
if (isset($sent[$login])) {
# User checked: add share
$shared_with[$login][$folder_id] = array('folder' => id2file($folder_id), 'from' => $_SESSION['login']);
} else {
# User not checked: remove share if exists
if (isset($shared_with[$login][$folder_id])) {
unset($shared_with[$login][$folder_id]);
}
}
function edit_progtot()
{
$out =& $GLOBALS['page'];
$out->setWorkingZone('content');
$lang =& DoceboLanguage::createInstance('project', "lms");
// Controllo che l'utente non cerchi di entrare in progetti a cui non e' iscritto.
$id = $_GET["id"];
$itemid = importVar("itemid");
$myprj = user_projects(Docebo::user()->getIdSt());
$view_perm = checkPerm('view', true);
if ($view_perm && in_array($id, $myprj) && (is_owner(Docebo::user()->getIdSt(), $id) || is_admin(Docebo::user()->getIdSt(), $id))) {
//area title
$out->add(getTitleArea($lang->def("_PROJECT_MANAGER"), "project"));
$out->add('<div class="std_block">');
if (isset($_POST["applychanges"])) {
$progtot = (int) $_POST["progtot"];
$query = sql_query("UPDATE " . $GLOBALS["prefix_lms"] . "_prj SET pprog='{$progtot}' WHERE id='{$id}' LIMIT 1;");
@Util::jump_to(" index.php?modname=project&op=showprj&id={$id}");
}
$out->add("<form method=\"post\" action=\"index.php?modname=project&op=editprogtot&id={$id}\">\n" . '<input type="hidden" id="authentic_request_prj" name="authentic_request" value="' . Util::getSignature() . '" />');
// progresso totale: ___%
$query = sql_query("SELECT * FROM " . $GLOBALS["prefix_lms"] . "_prj WHERE id='{$id}' LIMIT 1;");
$row = mysql_fetch_array($query);
$out->add($lang->def("_PRJPROGTOT") . ":\n");
$out->add("<input type=\"text\" size=\"3\" id=\"progtot\" name=\"progtot\" value=\"" . (int) $row["pprog"] . "\" />%<br /><br />\n");
$out->add("<input type=\"hidden\" id=\"applychanges\" name=\"applychanges\" value=\"1\" />\n");
$out->add("<input class=\"button\" type=\"submit\" value=\"" . $lang->def("_SAVE") . "\" />\n");
$out->add("</form><br />\n");
// $out->add("<div align=\"center\"><b>[ <a href=\"index.php?modname=project&op=showprj&id=$id\">".$lang->def("_BACK")."</a> ]</b></div>\n");
$url = "index.php?modname=project&op=showprj&id=" . $id;
$out->add(getBackUi($url, $lang->def('_BACK')));
$out->add('<br /></div>');
} else {
die("You can't access");
}
}
if (!is_dir(dirname('thumbs/' . $_SESSION['upload_root_path'] . $_SESSION['upload_user_path'] . $destination))) {
mkdir(dirname('thumbs/' . $_SESSION['upload_root_path'] . $_SESSION['upload_user_path'] . $destination), 0744, true);
}
rename(get_thumbs_name($file), get_thumbs_name($destination));
// changer le chemin dans l'id
$id = file2id($file);
$ids = unstore();
$ids[$id] = $destination;
store($ids);
}
}
header('location:index.php?p=admin&token=' . returnToken());
exit;
}
// protéger un dossier avec un mot de passe
if (!empty($_POST['password']) && !empty($_POST['id']) && is_owner($_POST['id'])) {
$id = $_POST['id'];
$file = id2file($id);
$password = blur_password($_POST['password']);
// turn normal share id into password hashed id
$ids = unstore();
unset($ids[$id]);
$ids[$password . $id] = $file;
store($ids);
header('location:index.php?p=admin&token=' . returnToken());
exit;
}
if ($_FILES) {
include 'core/auto_dropzone.php';
exit;
}
function show_comment($values)
{
$blog_name = $values['blog_name']['value'];
$post_id = $values['post_id']['value'];
if (is_owner($blog_name)) {
update_db(array('hidden' => 0), 'comments', 'id=' . $values['comment_id']['value'] . '');
}
header('Location: ../index.php?page=' . $blog_name . '&admin_page=show_comments&postid=' . $post_id . '');
}
function burned($id)
{
if ($id[0] == '*' && !isset($_GET['thumbs'])) {
if (!is_user_connected() || !is_owner($id)) {
removeID($id);
}
}
}
}
# Lock folder with password
if (!empty($_POST['password']) && !empty($_POST['id']) && is_owner($_POST['id'])) {
$id = $_POST['id'];
$file = id2file($id);
$password = blur_password($_POST['password']);
# turn normal share id into password hashed id
$ids = unstore();
unset($ids[$id]);
$ids[$password . $id] = $file;
store($ids);
header('location:index.php?p=admin&token=' . returnToken());
exit;
}
# Handle folder share with users
if (!empty($_GET['users']) && !empty($_GET['share']) && is_owner($_GET['share'])) {
$folder_id = $_GET['share'];
$users = $auto_restrict['users'];
unset($users[$_SESSION['login']]);
$shared_with = load_folder_share();
$sent = array_flip($_GET['users']);
foreach ($users as $login => $data) {
if (isset($sent[$login])) {
# User checked: add share
$shared_with[$login][$folder_id] = array('folder' => id2file($folder_id), 'from' => $_SESSION['login']);
} else {
# User not checked: remove share if exists
if (isset($shared_with[$login][$folder_id])) {
unset($shared_with[$login][$folder_id]);
}
}
?>
</div>
<?php
}
?>
</div>
<div id="content-listing-tabs" class="tabbed-listing">
<div id="tabbed-content-group">
<?php
G\Render\include_theme_file("snippets/listing");
?>
</div>
</div>
</div>
<?php
G\Render\include_theme_footer();
?>
<?php
if ((is_owner() or is_admin()) and isset($_REQUEST["deleted"])) {
?>
<script>PF.fn.growl.expirable("<?php
_se('The content has been deleted.');
?>
");</script>
<?php
}
<?php
}
?>
<?php
}
?>
</div>
<div class="post-teaser">
<?php
echo $post["teaser"];
?>
</div>
<?php
if (is_owner($post)) {
?>
<div class="post-action">
<a class="link link-edit" href="<?php
echo $post["link_edit"];
?>
"><strong>Editovať</strong></a>
<a class="link link-delete" href="<?php
echo $post["link_delete"];
?>
"><strong>Vymazať</strong></a>
</div>
<?php
}
?>
function delete_answer($id)
{
$webboard_answer = new Webboard_answer($id);
if (is_login('Administrator') or is_owner($webboard_answer->user_id)) {
if ($id) {
$webboard_answer = new webboard_answer($id);
$topic_id = $webboard_answer->webboard_quiz->id;
$webboard_answer->delete();
set_notify('success', 'ลบคำตอบเรียบร้อย');
}
redirect('webboards/view_topic/' . $topic_id);
} else {
$webboard_answer = new webboard_answer($id);
$topic_id = $webboard_answer->webboard_quiz->id;
set_notify('error', 'ไม่สามารถเข้าถึงได้');
redirect('webboards/view_topic/' . $topic_id);
redirect($site_redirect);
}
}
<?php if($webboard_quizs->webboard_answer->result_count() > 15):?>
<img src="themes/gcdnew/images/ico_hit.png" alt="กระทู้น่าสนใจ" title="กระทู้น่าสนใจ">
<?php else:?>
<?php if($webboard_quizs->type == "normal"):?>
<img src="themes/gcdnew/images/ico_regular.png" alt="กระทู้ปกติ" title="กระทู้ปกติ" height="24" width="24">
<?php elseif($webboard_quizs->type == "vote"):?>
<img src="themes/gcdnew/images/ico_pollboard.png" alt="โพล" title="โพล" height="24" width="24">
<?php endif;?>
<?php endif;?>
<?php endif;?>
<br><img src="themes/gcdnew/images/ico_time.png" style="margin-bottom: -2px;" height="12" width="12"> <span class="f10"><?php echo mysql_to_th($webboard_ans->created,'S',TRUE)?> <?php if($webboard_quizs->group_id != 0):?>(<?php echo lang_decode($webboard_quizs->group->name,'th')?>)<?php endif;?></span>
<div class="boxrequestdel"><img src="themes/gcdnew/images/ico_deletepost.gif" height="11" width="11"> <a rel="lightbox" href="webboards/relate/<?php echo $webboard_quizs->id?>/<?php echo $webboard_ans->id ?>?iframe=true&width=350&height=200" class="link_prev">แจ้งลบความคิดเห็นนี้</a> | <img src="themes/gcdnew/images/ico_refpost.gif" height="11" width="11"> <a href="webboards/reply/<?php echo $webboard_quizs->id?>/<?php echo $webboard_ans->id?>/quote" class="link_prev">อ้างถึงข้อความนี้</a></div>
</div>
<div class="post">
<?php if(is_owner($webboard_ans->user_id)):?>
<div style="float:right;"><a href="webboards/reply/<?php echo $webboard_quizs->id?>/<?php echo $webboard_ans->id?>/edit">แก้ไข</a> | <a href="webboards/delete_answer/<?php echo $webboard_ans->id?>" onclick="return confirm('ต้องการลบความเห็นนี้?')">ลบ</a></div>
<?php endif;?>
<?php echo censor(link_filter($webboard_ans->detail))?>
<?php if($webboard_ans->user->profile->signature != ""):?>
<div>
<img src="themes/gcdnew/images/sigline.gif" style="margin:5px 0; display:block;">
<?php echo $webboard_ans->user->profile->signature?>
</div>
<?php endif;?>
</div>
</td>
</tr>
<?php endforeach; ?>
}
/*************Display album on screen******************/
if ($albumid != 0) {
//First get check if the album exists
$sql = $data->select_query("album_track", " WHERE ID = {$albumid} AND allowed=1");
$number_albums = $data->num_rows($sql);
$album_info = $data->fetch_array($sql);
$view_album_name = censor($album_info['album_name']);
if ($number_albums == 0 && !$inarticle) {
show_message_back("No such album");
} elseif ($number_albums == 0 && $inarticle) {
$number_of_photos = 0;
} else {
if (!$inarticle) {
$pagenum = 2;
$edit = is_owner($album_info['ID'], "album") ? true : false;
$editlink = "index.php?page=mythings&cat=album&action=edit&id={$album_info['ID']}&menuid={$menuid}";
$articlesql = $data->select_query("patrol_articles", "WHERE album_id={$album_info['ID']} AND allowed=1 ORDER BY title ASC", "ID, title");
$numarticles = $data->num_rows($articlesql);
$articlelist = array();
while ($articlelist[] = $data->fetch_array($articlesql)) {
}
$tpl->assign("numarticles", $numarticles);
$tpl->assign("articlelist", $articlelist);
}
$next = false;
$prev = false;
//then get photo file names and captions from database
$photosql = $data->select_query("photos", "WHERE album_id = {$albumid} AND allowed = 1 ORDER BY date ASC");
$number_of_photos = $data->num_rows($photosql);
$limit = $config['pagephoto'] == 1 ? $limit : $number_of_photos;
<?php
require_once $_SERVER["DOCUMENT_ROOT"] . "/../includes/base.php";
if (!is_owner()) {
http_response_code(404);
header("Location: /error/404/not-found");
}
?>
<!DOCTYPE html>
<html>
<head>
<?php
include $_SERVER["DOCUMENT_ROOT"] . "/../includes/content.head.php";
?>
<title><?php
echo get_config_value("site", "title");
?>
| Admin - Configuration</title>
</head>
<body>
<div class="component-left">
<div class="container container-center">
<?php
include $_SERVER["DOCUMENT_ROOT"] . "/../includes/content.sidebar_left.php";
?>
</div>
</div>
<div class="component-right">
<div class="container container-padded">
<h3>Site Configuration</h3>
<p>Below is the site configuration file. You can freely edit this to change things about the site, but be careful.</p>