fwrite($f, "WORDS={$words}\nTHUMB={$thumb}\nFIELDS={$fields}\n"); fclose($f); // redirct to edit of this album header("Location: " . FULLWEBPATH . "/" . ZENFOLDER . "/admin-edit.php?page=edit&album=" . urlencode($redirect)); exit; } } } $_GET['page'] = 'edit'; // pretend to be the edit page. printAdminHeader(); echo "\n</head>"; echo "\n<body>"; printLogoAndLinks(); echo "\n" . '<div id="main">'; printTabs('edit'); echo "\n" . '<div id="content">'; echo "<h1>" . gettext("zenphoto Create Dynamic Album") . "</h1>\n"; if (isset($_POST['savealbum'])) { // we fell through, some kind of error echo "<div class=\"errorbox space\">"; echo "<h2>" . gettext("Failed to save the album file") . "</h2>"; echo "</div>\n"; } $gallery = new Gallery(); $albumlist = array(); genAlbumUploadList($albumlist); $params = trim(zp_getCookie('zenphoto_image_search_params')); $search->setSearchParams($params); $fields = $search->fields; $words = trim($search->words);
admin_securityChecks(NULL, currentRelativeURL()); if (isset($_GET['sendmail'])) { XSRFdefender('mailing_list'); } $admins = $_zp_authority->getAdministrators(); $zenphoto_tabs['overview']['subtabs'] = array(gettext('Mailing') => ''); printAdminHeader('overview', 'Mailing'); ?> </head> <body> <?php printLogoAndLinks(); ?> <div id="main"> <?php printTabs(); ?> <div id="content"> <?php printSubtabs('Mailing'); ?> <div class="tabbox"> <?php zp_apply_filter('admin_note', 'user_mailing', ''); ?> <h1><?php echo gettext('User mailing list'); ?> </h1> <p><?php echo gettext("A tool to send e-mails to all registered users who have provided an e-mail address. There is always a copy sent to the current admin and all e-mails are sent as <em>blind copies</em>.");
if (empty($_POST['processed'])) { $errormsg = gettext("You've most likely exceeded the upload limits. Try uploading fewer files at a time, or use a ZIP file."); } else { $errormsg = gettext("There was an error submitting the form. Please try again. If this keeps happening, check your server and PHP configuration (make sure file uploads are enabled, and upload_max_filesize is set high enough)") . gettext("If you think this is a bug, file a bug report. Thanks!"); } } } } } } printAdminHeader(); echo "\n</head>"; echo "\n<body>"; printLogoAndLinks(); echo "\n" . '<div id="main">'; printTabs('upload'); echo "\n" . '<div id="content">'; $albumlist = array(); genAlbumUploadList($albumlist); ?> <script type="text/javascript"> window.totalinputs = 5; // Array of album names for javascript functions. var albumArray = new Array ( <?php $separator = ''; foreach ($albumlist as $key => $value) { echo $separator . "'" . addslashes($key) . "'"; $separator = ", "; }
/** * * Executes the configuration change code */ function reconfigureAction($mandatory) { list($diff, $needs) = checkSignature($mandatory); $diffkeys = array_keys($diff); if ($mandatory) { if (isset($_GET['rss']) || isset($_GET['external'])) { if (isset($_GET['rss']) && file_exists(SERVERPATH . '/' . DATA_FOLDER . '/rss-closed.xml')) { $xml = file_get_contents(SERVERPATH . '/' . DATA_FOLDER . '/rss-closed.xml'); $xml = preg_replace('~<pubDate>(.*)</pubDate>~', '<pubDate>' . date("r", time()) . '</pubDate>', $xml); echo $xml; } exit; // can't really run setup from an RSS feed. } if (empty($needs)) { $dir = str_replace('\\', '/', dirname($_SERVER['SCRIPT_NAME'])); $p = strpos($dir, ZENFOLDER); if ($p !== false) { $dir = substr($dir, 0, $p); } if (OFFSET_PATH) { $where = 'admin'; } else { $where = 'gallery'; } $dir = rtrim($dir, '/'); $location = "http://" . $_SERVER['HTTP_HOST'] . $dir . "/" . ZENFOLDER . "/setup/index.php?autorun={$where}"; header("Location: {$location}"); exitZP(); } else { global $subtabs, $zenphoto_tabs, $main_tab_space, $_zp_admin_tab, $_zp_invisible_execute, $_zp_gallery; $_zp_invisible_execute = 1; require_once SERVERPATH . '/' . ZENFOLDER . '/admin-globals.php'; header('Last-Modified: ' . ZP_LAST_MODIFIED); header('Content-Type: text/html; charset=UTF-8'); ?> <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8" /> <link rel="stylesheet" href="<?php echo WEBPATH . '/' . ZENFOLDER; ?> /admin.css" type="text/css" /> <?php reconfigureCS(); ?> </head> <body> <?php if ($_zp_gallery) { printLogoAndLinks(); } ?> <div id="main"> <?php if ($_zp_gallery) { printTabs(); } ?> <div id="content"> <h1><?php echo gettext('Setup request'); ?> </h1> <div class="tabbox"> <?php reconfigurePage($diff, $needs, $mandatory); ?> </div> </div> </div> </body> </html> <?php exitZP(); } } else { if (!empty($diff)) { if (function_exists('zp_register_filter') && zp_loggedin(ADMIN_RIGHTS)) { // no point in telling someone who can't do anything about it zp_register_filter('admin_note', 'signatureChange'); zp_register_filter('admin_head', 'reconfigureCS'); zp_register_filter('theme_head', 'reconfigureCS'); zp_register_filter('theme_body_open', 'signatureChange'); } } } }
<?php // If they are not logged in, display the login form and exit if (!zp_loggedin()) { $from = isset($_GET['from']) ? $_GET['from'] : null; printLoginForm($from); echo "\n</body>"; echo "\n</html>"; exit; } else { /* Admin-only content safe from here on. */ printLogoAndLinks(); ?> <div id="main"> <?php printTabs($page); ?> <div id="content"> <?php /*** HOME ***************************************************************************/ /************************************************************************************/ $page = "home"; if (!empty($msg)) { echo '<div class="messagebox" id="fade-message">'; echo "<h2>{$msg}</h2>"; echo '</div>'; } ?> <div id="overview-leftcolumn"> <div class="box" id="overview-comments">
echo '<li>' . $dir . ' (<small>' . $lastchange . ')</small>'; //<a class="colorbox" href="'.FULLWEBPATH.'/cache_html/sitemap/'.$dir.'">Preview</a></li>'; } echo '</ol>'; } } ?> <body> <?php printLogoAndLinks(); ?> <div id="main"> <a name="top"></a> <?php printTabs('home'); ?> <div id="content"> <?php zp_apply_filter('admin_note', 'sitemap', ''); ?> <h1>Sitemap tools</h1> <?php if (!isset($_GET['generatesitemaps']) && !isset($_GET['clearsitemapcache'])) { ?> <p class="notebox"><?php echo gettext('<strong>NOTE:</strong> If your theme uses different custom settings instead of the backend options the sitemaps may not match your site.'); ?> </p> <p><?php echo gettext('This creates individual static xml sitemap files of the following items:');
return confirm('<?php echo js_encode(gettext("Are you sure you want to delete the checked items?")); ?> '); } else { return true; } } // ]]> --> </script> <?php echo "\n</head>"; echo "\n<body>"; printLogoAndLinks(); echo "\n" . '<div id="main">'; $subtab = printTabs(); echo "\n" . '<div id="content">'; if ($page == "editcomment" && isset($_GET['id'])) { zp_apply_filter('admin_note', 'comments', $subtab); ?> <h1><?php echo gettext("edit comment"); ?> </h1> <div class="box" style="padding: 10px"> <?php $id = sanitize_numeric($_GET['id']); $commentarr = query_single_row("SELECT * FROM " . prefix('comments') . " WHERE id = {$id} LIMIT 1"); extract($commentarr); ?>
} } if ($alb) { $folder = sanitize_path($alb); $object = $folder; $tab = 'edit'; } else { $object = '<em>' . gettext('Gallery') . '</em>'; $tab = 'home'; } printAdminHeader(); echo "\n</head>"; echo "\n<body>"; printLogoAndLinks(); echo "\n" . '<div id="main">'; printTabs($tab); echo "\n" . '<div id="content">'; if (isset($_REQUEST['clear'])) { $clear = sprintf(gettext('Clearing and refreshing cache for %s'), $object); } else { $clear = sprintf(gettext('Refreshing cache for %s'), $object); } global $_zp_gallery; $count = 0; $gallery = new Gallery(); if ($alb) { echo "\n<h2>" . $clear . "</h2>"; if (isset($_REQUEST['clear'])) { $gallery->clearCache(SERVERCACHE . '/' . $folder); // clean out what was there }
} } // foreach end echo "</table>"; } echo '</head>'; ?> <body> <?php printLogoAndLinks(); ?> <div id="main"> <a name="top"></a> <?php printTabs('database'); // getting the counts $albumcount = $gallery->getNumAlbums(true); $albumscount_unpub = $albumcount - $gallery->getNumAlbums(true, true); $imagecount = $gallery->getNumImages(); $imagecount_unpub = $imagecount - $gallery->getNumImages(true); ?> <div id="content"> <h1><?php echo gettext("Gallery Statistics"); ?> </h1> <p><?php echo gettext("This page shows more detailed statistics of your gallery. For album statistics the bar graph always shows the total number of images in that album. For image statistics always the album the image is in is shown.<br />Unpublished items are marked in darkred. Images are marked unpublished if their (direct) album is, too."); ?> </p>
?> ').tagSuggest({ tags: [<?php echo implode(',', $dbfields); ?> ] }); }); </script> <?php } echo "\n</head>"; echo "\n<body>"; printLogoAndLinks(); echo "\n" . '<div id="main">'; printTabs('options'); echo "\n" . '<div id="content">'; if ($_zp_null_account) { echo "<div class=\"errorbox space\">"; echo "<h2>" . gettext("Password reset request.<br/>You may now set admin usernames and passwords.") . "</h2>"; echo "</div>"; } /* Page code */ ?> <div id="container"> <?php if (isset($_GET['saved'])) { echo '<div class="messagebox" id="fade-message">'; echo "<h2>" . gettext("Saved") . "</h2>"; echo '</div>'; }
$email = mysql_real_escape_string(sanitize($_POST['email'], 3)); $website = mysql_real_escape_string(sanitize($_POST['website'], 3)); $date = mysql_real_escape_string(sanitize($_POST['date'], 3)); $comment = mysql_real_escape_string(sanitize($_POST['comment'], 1)); $sql = "UPDATE " . prefix('comments') . " SET `name` = '{$name}', `email` = '{$email}', `website` = '{$website}', `comment` = '{$comment}' WHERE id = {$id}"; query($sql); header("Location: " . FULLWEBPATH . "/" . ZENFOLDER . "/admin-comments.php?sedit"); exit; } } printAdminHeader(); echo "\n</head>"; echo "\n<body>"; printLogoAndLinks(); echo "\n" . '<div id="main">'; printTabs('comments'); echo "\n" . '<div id="content">'; if ($page == "editcomment" && isset($_GET['id'])) { ?> <h1><?php echo gettext("edit comment"); ?> </h1> <?php $id = $_GET['id']; $commentarr = query_single_row("SELECT * FROM " . prefix('comments') . " WHERE id = {$id} LIMIT 1"); extract($commentarr); ?> <form action="?action=savecomment" method="post"><input type="hidden" name="id" value="<?php
$filelist = safe_glob('*' . 'php'); chdir($curdir); foreach ($filelist as $extension) { $extension = FilesystemToUTF8($extension); $opt = 'zp_plugin_' . substr($extension, 0, -4); setBoolOption($opt, isset($_POST[$opt])); } $saved = true; } } printAdminHeader(); echo "\n</head>"; echo "\n<body>"; printLogoAndLinks(); echo "\n" . '<div id="main">'; printTabs('plugins'); echo "\n" . '<div id="content">'; /* Page code */ if ($saved) { echo '<div class="messagebox" id="fade-message">'; echo "<h2>" . gettext("Saved") . "</h2>"; echo '</div>'; } $curdir = getcwd(); chdir(SERVERPATH . "/" . ZENFOLDER . PLUGIN_FOLDER); $filelist = safe_glob('*' . 'php'); foreach ($filelist as $key => $plugin) { $filelist[$key] = FilesystemToUTF8($plugin); } natcasesort($filelist); echo "<h1>Plugins</h1>\n";
exit; } $gallery = new Gallery(); $_GET['page'] = 'tags'; if (isset($_REQUEST['tagsort'])) { $tagsort = sanitize($_REQUEST['tagsort'], 0); setBoolOption('tagsort', $tagsort); } else { $tagsort = getOption('tagsort'); } printAdminHeader(); echo "\n</head>"; echo "\n<body>"; printLogoAndLinks(); echo "\n" . '<div id="main">'; printTabs('tags'); echo "\n" . '<div id="content">'; if (count($_POST) > 0) { if (isset($_GET['newtags'])) { foreach ($_POST as $value) { if (!empty($value)) { $value = mysql_real_escape_string(sanitize($value, 3)); $result = query_single_row('SELECT `id` FROM ' . prefix('tags') . ' WHERE `name`="' . $value . '"'); if (!is_array($result)) { // it really is a new tag query('INSERT INTO ' . prefix('tags') . ' (`name`) VALUES ("' . $value . '")'); } } } } // newtags
if (!($_zp_loggedin & (THEMES_RIGHTS | ADMIN_RIGHTS))) { // prevent nefarious access to this page. header("Location: " . FULLWEBPATH . "/" . ZENFOLDER . "/admin.php"); exit; } if (!isset($_GET['theme'])) { header("Location: " . FULLWEBPATH . "/" . ZENFOLDER . "/admin-themes.php"); exit; } $gallery = new Gallery(); printAdminHeader(); echo "\n</head>"; echo "\n<body>"; printLogoAndLinks(); echo "\n" . '<div id="main">'; printTabs('themes'); echo "\n" . '<div id="content">'; // First, set up a few vars: $message = $file_to_edit = $file_content = null; $themes = $gallery->getThemes(); $theme = $_GET['theme']; $themedir = SERVERPATH . '/themes/' . UTF8ToFilesystem($theme); $themefiles = listDirectoryFiles($themedir); $themefiles_to_ext = array(); foreach ($themefiles as $file) { if (isTextFile($file)) { $path_info = pathinfo($file); $themefiles_to_ext[$path_info['extension']][] = $file; // array(['php']=>array('file.php', 'image.php'),['css']=>array('style.css')) } else { unset($themefiles[$file]);
* html .scheduleimagechecklist label { height: 1%; } </style> <?php echo '</head>'; ?> <body> <?php printLogoAndLinks(); ?> <div id="main"> <?php printTabs('content'); ?> <div id="content"> <h1><?php echo gettext('Manage content publication'); ?> </h1> <?php $publish_albums_list = array(); $publish_images_list = array(); if (db_connect()) { if (isset($_POST['set_defaults'])) { if (isset($_POST['album_default'])) { $albpublish = 1; } else { $albpublish = 0;