// If this was triggered by a file upload, not a file on the server, ignore the serverfile and require a re-upload. // Since the previously uploaded temporary file isn't guaranteed to still be there, we need to re-upload it and allow // the importer to import it all in one go. unset($args['serverfile']); // copied from print_confirmation(). We basically want the confirmation page but also want the upload row. // print_confirmation($phrase, $phpscript, $do, $hiddenfields = array()) echo "<p> </p><p> </p>"; print_form_header('template', 'upload', 1, 1, '', '75%'); foreach ($args as $varname => $value) { construct_hidden_code($varname, $value); } print_table_header($vbphrase['confirm_action']); print_upload_row($vbphrase['theme_overwrite_reupload_xml_file'], 'stylefile', 999999999); print_submit_row($vbphrase['continue'], 0, 2, $vbphrase['go_back']); } else { print_confirmation($vbphrase['theme_confirm_overwrite'], 'template', 'upload', $args); } } // ############################################################################# // file manager if ($_REQUEST['do'] == 'files') { if (!vB::getUserContext()->hasAdminPermission('canadmintemplates') or !vB::getUserContext()->hasAdminPermission('canadminstyles')) { print_cp_no_permission(); } $stylecache = vB_Library::instance('Style')->fetchStyles(false, false); ?> <script type="text/javascript"> <!-- function js_confirm_upload(tform, filefield) { if (filefield.value == "")
} // Delete DL-list if ($mode == 'dl_delete' && $topic_id) { if (!IS_ADMIN) { $sql = "SELECT forum_id FROM " . BB_TOPICS . " WHERE topic_id = {$topic_id} LIMIT 1"; if (!($row = DB()->sql_fetchrow(DB()->sql_query($sql)))) { bb_die('Could not obtain forum_id for this topic'); } $is_auth = auth(AUTH_ALL, $row['forum_id'], $userdata); if (!$is_auth['auth_mod']) { bb_die($lang['NOT_MODERATOR']); } } if (!$confirmed) { $hidden_fields = array('t' => $topic_id, 'mode' => 'dl_delete'); print_confirmation(array('QUESTION' => $lang['DL_LIST_DEL_CONFIRM'], 'FORM_ACTION' => 'dl_list.php', 'HIDDEN_FIELDS' => build_hidden_fields($hidden_fields))); } clear_dl_list($topic_id); redirect("{$redirect_type}?{$redirect}"); } // Update DL status $req_topics_ary = $topics_ary = array(); // Get topics selected by user if ($mode == 'set_topics_dl_status') { if (!isset($_POST['dl_topics_id_list']) || !is_array($_POST['dl_topics_id_list'])) { bb_die($lang['NONE_SELECTED']); } foreach ($_POST['dl_topics_id_list'] as $topic_id) { $req_topics_ary[] = (int) $topic_id; } } elseif ($mode == 'set_dl_status') {
$vbulletin->input->clean_array_gpc('r', array( 'gridid' => TYPE_UINT, )); $gridinfo = $db->query_first(" SELECT * FROM " . TABLE_PREFIX . "cms_grid WHERE gridid = " . $vbulletin->GPC['gridid'] . " AND flattened = 1 "); if (!$gridinfo) { print_stop_message('invalid_x_specified', 'gridid'); } print_confirmation($vbphrase['confirm_unflatten_grid'], 'cms_admin', 'grid_dounflatten', array('gridid' => $gridinfo['gridid'])); } if ($_REQUEST['do'] == 'grid_dounflatten') { $vbulletin->input->clean_array_gpc('r', array( 'gridid' => TYPE_UINT, )); $gridinfo = $db->query_first(" SELECT * FROM " . TABLE_PREFIX . "cms_grid WHERE gridid = " . $vbulletin->GPC['gridid'] . " AND flattened = 1 "); if (!$gridinfo)
$nodeids['delete[' . $nodeid . ']'] = $nodeid; } } if (!empty($vbulletin->GPC['nodeid']) and $vbulletin->GPC['nodeid'] != $articleChannelId) { $nodeids['delete[' . $vbulletin->GPC['nodeid'] . ']'] = $vbulletin->GPC['nodeid']; } if (empty($nodeids)) { print_stop_message2('nothing_to_do'); } $phrasename = 'delete_' . $vbulletin->GPC['type'] . '_confirm_' . (count($nodeids) > 1 ? 'multiple' : 'single'); // if the gobackto was passed in as a query param from javascript, we need to undo the javascript's encodeURIComponent() if (!empty($vbulletin->GPC['uriencoded'])) { $vbulletin->GPC['gobackto'] = rawurldecode($vbulletin->GPC['gobackto']); } construct_hidden_code("gobackto", $vbulletin->GPC['gobackto']); print_confirmation($vbphrase[$phrasename], 'cms', 'kill', $nodeids); } // ###################### Start Delete ####################### if ($_REQUEST['do'] == 'kill') { $vbulletin->input->clean_array_gpc('r', array('delete' => vB_Cleaner::TYPE_ARRAY_INT, 'gobackto' => vB_Cleaner::TYPE_STR)); if (empty($vbulletin->GPC['delete']) or !is_array($vbulletin->GPC['delete'])) { print_stop_message2('nothing_to_do'); } // grab nodeids from the array keys & make sure they're int $nodeids = array(); foreach ($vbulletin->GPC['delete'] as $nodeid) { $nodeid = intval($nodeid); if ($nodeid > 0) { $nodeids['delete[' . $nodeid . ']'] = $nodeid; } }
// Dump it to the templating engine // $template->assign_vars(array('TO_USER' => profile_url(array('username' => $username_to, 'user_id' => $user_id_to, 'user_rank' => $privmsg['to_user_rank'])), 'FROM_USER' => profile_url($privmsg), 'QR_SUBJECT' => (!preg_match('/^Re:/', $post_subject) ? 'Re: ' : '') . $post_subject, 'MESSAGE_TO' => $username_to, 'MESSAGE_FROM' => $username_from, 'RANK_IMAGE' => @$rank_image ? $rank_image : '', 'POSTER_JOINED' => @$poster_joined ? $poster_joined : '', 'POSTER_POSTS' => @$poster_posts ? $poster_posts : '', 'POSTER_FROM' => @$poster_from ? $poster_from : '', 'POST_SUBJECT' => $post_subject, 'POST_DATE' => $post_date, 'PM_MESSAGE' => $private_message, 'PROFILE_IMG' => $profile_img, 'PROFILE' => $profile, 'SEARCH_IMG' => $search_img, 'SEARCH' => $search)); } else { if ($delete && $mark_list || $delete_all) { if (isset($mark_list) && !is_array($mark_list)) { // Set to empty array instead of '0' if nothing is selected. $mark_list = array(); } if (!$confirmed) { $delete = isset($_POST['delete']) ? 'delete' : 'deleteall'; $hidden_fields = array('mode' => $mode, $delete => 1); foreach ($mark_list as $pm_id) { $hidden_fields['mark'][] = (int) $pm_id; } print_confirmation(array('QUESTION' => count($mark_list) == 1 ? $lang['CONFIRM_DELETE_PM'] : $lang['CONFIRM_DELETE_PMS'], 'FORM_ACTION' => PM_URL . "?folder={$folder}", 'HIDDEN_FIELDS' => build_hidden_fields($hidden_fields))); } else { if ($confirmed) { $delete_sql_id = ''; if (!$delete_all) { for ($i = 0; $i < count($mark_list); $i++) { $delete_sql_id .= ($delete_sql_id != '' ? ', ' : '') . intval($mark_list[$i]); } $delete_sql_id = "AND privmsgs_id IN ({$delete_sql_id})"; } switch ($folder) { case 'inbox': $delete_type = "privmsgs_to_userid = " . $userdata['user_id'] . " AND (\n\t\t\t\tprivmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )"; break; case 'outbox': $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
$result = topic_delete($req_topics, $forum_id); //Обновление кеша новостей на главной $news_forums = array_flip(explode(',', $bb_cfg['latest_news_forum_id'])); if (isset($news_forums[$forum_id]) && $bb_cfg['show_latest_news'] && $result) { $datastore->enqueue('latest_news'); $datastore->update('latest_news'); } $net_forums = array_flip(explode(',', $bb_cfg['network_news_forum_id'])); if (isset($net_forums[$forum_id]) && $bb_cfg['show_network_news'] && $result) { $datastore->enqueue('network_news'); $datastore->update('network_news'); } $msg = $result ? $lang['TOPICS_REMOVED'] : $lang['NO_TOPICS_REMOVED']; bb_die(return_msg_mcp($msg)); } else { print_confirmation(array('QUESTION' => $lang['CONFIRM_DELETE_TOPIC'], 'ITEMS_LIST' => join("\n</li>\n<li>\n", $topic_titles), 'FORM_ACTION' => "modcp.php", 'HIDDEN_FIELDS' => build_hidden_fields($hidden_fields))); } break; case 'move': if ($confirmed) { $new_forum_id = (int) $_POST['new_forum']; $result = topic_move($req_topics, $new_forum_id, $forum_id, isset($_POST['move_leave_shadow']), isset($_POST['insert_bot_msg'])); //Обновление кеша новостей на главной $news_forums = array_flip(explode(',', $bb_cfg['latest_news_forum_id'])); if ((isset($news_forums[$forum_id]) || isset($news_forums[$new_forum_id])) && $bb_cfg['show_latest_news'] && $result) { $datastore->enqueue('latest_news'); $datastore->update('latest_news'); } $net_forums = array_flip(explode(',', $bb_cfg['network_news_forum_id'])); if ((isset($net_forums[$forum_id]) || isset($net_forums[$new_forum_id])) && $bb_cfg['show_network_news'] && $result) { $datastore->enqueue('network_news');
unset($rowset); } } } // -------------------- // What shall we do? // if (($delete || $mode == 'delete') && !$confirm) { if (isset($_POST['cancel'])) { redirect(POST_URL . "{$post_id}#{$post_id}"); } // // Confirm deletion // $hidden_fields = array('p' => $post_id, 'mode' => 'delete'); print_confirmation(array('QUESTION' => $lang['CONFIRM_DELETE'], 'FORM_ACTION' => POSTING_URL, 'HIDDEN_FIELDS' => build_hidden_fields($hidden_fields))); } elseif (($submit || $confirm) && !$topic_has_new_posts) { // // Submit post (newtopic, edit, reply, etc.) // $return_message = ''; $return_meta = ''; switch ($mode) { case 'editpost': case 'newtopic': case 'reply': $username = !empty($_POST['username']) ? clean_username($_POST['username']) : ''; $subject = !empty($_POST['subject']) ? clean_title($_POST['subject']) : ''; $message = !empty($_POST['message']) ? prepare_message($_POST['message']) : ''; $attach_rg_sig = isset($_POST['attach_rg_sig']) && isset($_POST['poster_rg']) && $_POST['poster_rg'] != -1 ? 1 : 0; $poster_rg_id = isset($_POST['poster_rg']) && $_POST['poster_rg'] != -1 ? (int) $_POST['poster_rg'] : 0;
$confirm = isset($_POST['confirm']); if ($confirm && sizeof($delete_id_list) > 0) { $attachments = array(); delete_attachment(0, $delete_id_list); } else { if ($delete && sizeof($delete_id_list) > 0) { // Not confirmed, show confirmation message $hidden_fields = '<input type="hidden" name="view" value="' . $view . '" />'; $hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />'; $hidden_fields .= '<input type="hidden" name="order" value="' . $sort_order . '" />'; $hidden_fields .= '<input type="hidden" name="u_id" value="' . $uid . '" />'; $hidden_fields .= '<input type="hidden" name="start" value="' . $start . '" />'; for ($i = 0; $i < sizeof($delete_id_list); $i++) { $hidden_fields .= '<input type="hidden" name="delete_id_list[]" value="' . $delete_id_list[$i] . '" />'; } print_confirmation(array('FORM_ACTION' => "admin_attach_cp.php", 'HIDDEN_FIELDS' => $hidden_fields)); } } // Assign Default Template Vars $template->assign_vars(array('S_VIEW_SELECT' => $select_view, 'S_MODE_ACTION' => 'admin_attach_cp.php')); if ($submit_change && $view == 'attachments') { $attach_change_list = get_var('attach_id_list', array(0)); $attach_comment_list = get_var('attach_comment_list', array('')); $attach_download_count_list = get_var('attach_count_list', array(0)); // Generate correct Change List $attachments = array(); for ($i = 0; $i < count($attach_change_list); $i++) { $attachments['_' . $attach_change_list[$i]]['comment'] = $attach_comment_list[$i]; $attachments['_' . $attach_change_list[$i]]['download_count'] = $attach_download_count_list[$i]; } $sql = 'SELECT *