function show_branch() { switch (@$_GET['message']) { case "branchjustadded": $message_html = template_get("message", array('message' => "Город успешно добавлен")); break; default: $message_html = template_get("nomessage"); } $branch_id = $_GET['branch']; $branch = db_easy("SELECT * FROM `phpbb_branches` WHERE `id`={$branch_id}"); $pointsRES = db_query("SELECT * FROM `phpbb_points` WHERE `branch_id`={$branch_id}"); if (db_count($pointsRES) > 0) { while ($point = db_fetch($pointsRES)) { $points_html .= "<div style='padding-bottom:5px;'><a href='/manager.php?action=show_point&point={$point['id']}'>{$point['name']}</a></div>"; } } else { $points_html = "-"; } if (check_rights('add_branch')) { $edit_branch_html = "<a href='/manager.php?action=edit_branch&branch={$branch_id}' style='font-size:8pt;'>Редактировать</a>"; } $html .= template_get("branches/show_branch", array('name' => $branch['name'], 'editbranch' => $edit_branch_html, 'message' => $message_html, 'points' => $points_html)); return $html; }
function show_rights() { //Определяем переменные $html = ""; $rights_html = ""; /*Выводим список менеджеров HR*/ $rightsRES = db_query("SELECT * FROM `phpbb_rights` ORDER BY `name` ASC"); //IF if (db_count($rightsRES) > 0) { $i = 0; //WHILE while ($right = db_fetch($rightsRES)) { if (trim($right['description']) != "") { $right_description_html = "<div class='comment'>({$right['description']})</div>"; } else { $right_description_html = "<br/><br/>"; } $rights_html .= "<h4>{$right['name']}</h4><a href='/manager.php?action=add_right&right={$right['id']}'><img src='/images/add.png' /></a>\r\n\t\t\t\t\t\t\t\t{$right_description_html}\r\n\t\t\t\t\t\t\t\t\t"; $rights_html .= show_right_users($right['id'], $right['name']); $rights_html .= "<br/><br/>"; if (db_count($rightsRES) != $i + 1) { $rights_html .= "<hr/><br/>"; } $i++; } } else { $rights_html .= "<br/>Нет прав. Сперва создайте права."; } /*Подключаем файл шаблона*/ $html .= template_get("rights/show_rights", array('rights_html' => $rights_html)); //Возвращаем значение функции return $html; }
function page_index() { $q = db_query("SELECT * FROM `intr_message`"); $message_html = ""; if (get_user_group() == "writer") { $add_message_html = "<a href='" . uri_make_v1(array("UriScript" => "intranet.php", "add_message" => "yes")) . "' style='padding:0 0 0 10px;'><img src='/_content/img/add-icon.png'/></a>"; } else { $add_message_html = ""; } while ($message = db_fetch($q)) { $message_html .= "<a href='" . uri_make_v1(array("UriScript" => "intranet.php", "page" => "message", "message" => $message['id'])) . "'>" . trim($message['title']) . "</a>"; if (check_group("writer") || $user['name'] == get_user()) { //$message_html.="<br/><a href='".uri_make_v1(array("UriScript"=>'intranet.php', 'edit_message'=>'yes', 'message'=>$message['id']))."' style='font-size:8pt;'>Редактировать</a>"; //$message_html.="<a href='".uri_make_v1(array("UriScript"=>'intranet.php', 'delete_message'=>'yes', 'message'=>$message['id']))."' style='padding-left:10px;font-size:8pt;' onClick=\"if(!confirm('Удалить?')) return false;\">Удалить</a>"; //$message_html.="<br/><br/>"; /*$comments_html.="<a href='".uri_make_v1(array("UriScript"=>'intranet.php', 'page'=>'message', 'message'=>$message['id'], 'edit_comment'=>'yes', 'comment'=>$comment['id']))."' style='font-size:8pt;'>Редактировать</a>"; $comments_html.="<a href='".uri_make_v1(array("UriScript"=>'intranet.php', 'page'=>'message', 'message'=>$message['id'], 'delete_comment'=>'yes', 'comment'=>$comment['id']))."' style='padding-left:10px;font-size:8pt;' onClick=\"if(!confirm('Удалить?')) return false;\">Удалить</a>"; */ $message_html .= "<a href='" . uri_make_v1(array("UriScript" => "intranet.php", "edit_message" => "yes", "message" => $message['id'])) . "' style='padding:0 0 0 10px;'><img src='/_content/img/edit-icon.png'/></a>"; $message_html .= "<a href='" . uri_make_v1(array("UriScript" => "intranet.php", "delete_message" => "yes", "message" => $message['id'])) . "' style='padding:0 0 0 10px;' onClick=\"if(!confirm('Удалить?')) return false;\"><img src='/_content/img/remove-icon.png'/></a>" . "<br/>"; } } $contacts_html = ""; $q = db_query("SELECT * FROM `users`"); while ($user = db_fetch($q)) { $contacts_html .= "<a href='" . uri_make_v1(array("UriScript" => "intranet.php", "page" => "contact", "name" => $user['name'])) . "'>" . $user['name_rus'] . "</a>" . "<br/>"; } $html .= template_get('intranet/intranet', array("add_message" => $add_message_html, "message" => $message_html, "contacts" => $contacts_html)); //Подключаем подвал $html .= template_get('footer'); return $html; }
function list_stat_by_dates() { //Определяем переменные $stat_html = ""; $users = array(); $stats = array(); $userStats = array(); //Запрос к базе $usersRES = db_query("SELECT *\r\n\t\t\t\t\t\t\t\tFROM `phpbb_users`\r\n\t\t\t\t\t\t\t\tWHERE (`user_type`=0 OR `user_type`=3) AND `username`!='root' AND `user_email`!='*****@*****.**' AND `user_id`!=95 AND `user_id`!=5871\r\n\t\t\t\t\t\t\t\tORDER BY `username` ASC"); //Цикл while ($userWHILE = db_fetch($usersRES)) { $users[$userWHILE['user_id']]['name'] = $userWHILE['username']; } //Запрос к базе $statsRES = db_query("SELECT * FROM `phpbb_stat` ORDER BY `date` DESC"); //Цикл while ($statWHILE = db_fetch($statsRES)) { if ($statWHILE['user_id'] != 5871) { $date_stats[date("d/m/Y", strtotime($statWHILE['date']))][] = array('uri' => $statWHILE['uri'], 'time' => date("H:i", strtotime($statWHILE['date'])), 'user_id' => $statWHILE['user_id']); } } //Цикл foreach ($date_stats as $date => $stat) { $stat_html .= "<a href='manager.php?action=show_stat&date={$date}'>" . $date . "</a>: " . count($stat) . "<br/>"; } //Возвращаем значение функции return $html .= template_get("stat/list_stat", array('userStats' => $stat_html)); }
function generate_main() { global $categories, $forums; global $filter_forum, $filter_topic; global $db_prefix; global $forum_name, $forum_description; //Categories $res = mysql_query('SELECT cat_id, cat_title FROM ' . $db_prefix . 'categories order by cat_order'); while ($row = mysql_fetch_assoc($res)) { $cid = $row['cat_id']; $categories[$row['cat_id']] = array('title' => $row['cat_title'], 'forums' => array()); } //Forums $res = mysql_query('SELECT forum_id, cat_id, forum_name, forum_posts, forum_topics FROM ' . $db_prefix . 'forums ORDER BY forum_order'); while ($row = mysql_fetch_assoc($res)) { $fid = $row['forum_id']; if (in_array($fid, $filter_forum)) { continue; } $forums[$fid] = array('cid' => $row['cat_id'], 'title' => $row['forum_name'], 'nposts' => $row['forum_posts'], 'ntopics' => $row['forum_topics'], 'topics' => array()); $categories[$row['cat_id']]['forums'][] = $fid; } // Content $var = array('categories' => $categories, 'forums' => $forums, 'forum_name' => $forum_name, 'forum_description' => $forum_description); $content = template_get($var, 'main.tpl.php'); write_content('index.html', $content); log_info("Index: index.html\n"); }
function menu_top($manual_items=""){ //Подключаем глобальную переменную global $DocumentId; db_connect(); $html_items=" <a href='/engine.php?table=documents'>Документ покупки</a><span class='divider'></span> <a href='/engine.php?table=computers'>Сборки компьютеров</a><span class='divider'></span> <a href='/statistics.php'>Статистика</a><span class='divider'></span> <a href='/engine.php?table=documents&document=$DocumentId&action=list_contragents'>Контрагенты</a><span class='divider'></span> <a href='/engine.php?table=documents&document=$DocumentId&action=list_positions'>Позиции</a><span class='divider'></span> <br/> "; //Запрашиваем из таблицы БД 'menus' все пункты меню, принадлежащие размещению 'top' $items_query=db_query("SELECT `href`, `text`, `label` FROM `menu_items` WHERE `area`='top' ORDER BY `order` ASC"); $number_item=1; //Ручное добавление пунктов $html_items.=$manual_items; //Пункты меню найдены if(db_count($items_query)>0){ //Перебираем пункты меню while($item=db_fetch($items_query)){ $html_items.="<a href='{$item['href']}' class='".get_class_depend_on_uri("!=", 'table_name', $item['label'])."'>{$item['text']}</a>"; $html_items.="<span class='divider'></span>"; if($number_item % 7 == 0) $html_items.="<br/>"; $number_item++; } //Такие пункты меню не найдены } return template_get('menus/menu_top', array('html_items'=>$html_items, 'login'=>$_SESSION['user'])); }
function page_message() { $message_id = $_GET['message']; $message = db_easy("SELECT * FROM `intr_message` WHERE `id`={$message_id}"); $q_comm = db_query("SELECT * FROM `intr_comments` WHERE `message_id`={$message_id} ORDER BY `date` DESC"); $user = db_easy("SELECT * FROM `users` WHERE `id`=" . $message['user_id']); $edit_del_comment_html = ""; if (check_group("writer") || $user['name'] == get_user()) { $edit_del_message_html .= "<br/><a href='" . uri_make_v1(array("UriScript" => 'intranet.php', 'page' => 'message', 'message' => $message_id, 'edit_message' => 'yes', 'message' => $message['id'])) . "' style='font-size:8pt;'>Редактировать</a>"; $edit_del_message_html .= "<a href='" . uri_make_v1(array("UriScript" => 'intranet.php', 'page' => 'message', 'message' => $message_id, 'delete_message' => 'yes', 'message' => $message['id'])) . "' style='padding-left:10px;font-size:8pt;' onClick=\"if(!confirm('Удалить?')) return false;\">Удалить</a>"; } $comments_html = ""; while ($comment = db_fetch($q_comm)) { $user = db_easy("SELECT * FROM `users` WHERE `id`={$comment['user_id']}"); $comments_html .= "<div style='margin:15px 0 0 0;padding:0 0 0 10px;border-left:2px solid #AAA;'>"; $comments_html .= "<span style='font-size:8pt;font-style:italic;'><b>" . $user['name_rus'] . ",</b> " . date("d.m.Y H:i", strtotime($comment['date'])) . "</span><br/>" . $comment['text'] . "</div>"; if (check_group("writer") || $user['name'] == get_user()) { $comments_html .= "<a href='" . uri_make_v1(array("UriScript" => 'intranet.php', 'page' => 'message', 'message' => $message_id, 'edit_comment' => 'yes', 'comment' => $comment['id'])) . "' style='font-size:8pt;'>Редактировать</a>"; $comments_html .= "<a href='" . uri_make_v1(array("UriScript" => 'intranet.php', 'page' => 'message', 'message' => $message_id, 'delete_comment' => 'yes', 'comment' => $comment['id'])) . "' style='padding-left:10px;font-size:8pt;' onClick=\"if(!confirm('Удалить?')) return false;\">Удалить</a>"; } } $html .= template_get('message/message', array("user" => $user['name_rus'], "date" => date("d.m.Y", strtotime($message['date'])), "title" => $message['title'], "edit_del_message" => $edit_del_message_html, "text" => $message['text'], "uri_back" => uri_make_v1(array("UriScript" => "intranet.php")), "uri_comment" => uri_make_v1(array("UriScript" => "intranet.php", "page" => "message", "message" => $message_id, "add_comment" => "yes")), "comments" => $comments_html)); //Подключаем подвал $html .= template_get('footer'); return $html; }
function add_right() { //Определяем переменные $html = ""; $users_html = ""; /*Проверка прав на выполнение действия*/ if (!check_rights('add_right')) { return "У вас нет соответствующих прав"; } //IF if (!isset($_POST['user'])) { /*Получаем и проверяем данные от пользвователя*/ $right_id = (int) $_GET['right']; /*Проверка входных данных*/ $rightRES = db_query("SELECT `name` FROM `phpbb_rights` WHERE `id`='{$right_id}'"); if (db_count($rightRES) == 0) { return "Ошибка в формате входных данных (right)"; } else { $right_name = db_fetch($rightRES)['name']; } //Запрос к базе $usersRES = db_query("SELECT * FROM `phpbb_users`\r\n\t\t\t\t\t\t\t\tWHERE (`user_type`=0 OR `user_type`=3) AND `username`!='root'\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tORDER BY `username` ASC"); //WHILE while ($userWHILE = db_fetch($usersRES)) { if (db_easy_count("SELECT * FROM `phpbb_rights_users`\r\n\t\t\t\t\t\t\t\tWHERE `user_id`={$userWHILE['user_id']}\r\n\t\t\t\t\t\t\t\t\tAND `right_id`={$right_id}\r\n\t\t\t\t\t\t") == 0) { $users_html .= "<option value='{$userWHILE['user_id']}'>{$userWHILE['username']}</option>"; } } /*Подключаем шаблон*/ $html .= template_get("rights/add_right", array('users' => $users_html, 'right_id' => $right_id, 'right_name' => $right_name)); //ELSE } else { /*Получаем и проверяем данные от пользвователя*/ $user_id = (int) $_POST['user']; /*Получаем и проверяем данные от пользвователя*/ $right_id = (int) $_POST['right']; /*Проверка входных данных*/ if (db_easy_count("SELECT * FROM `phpbb_users` WHERE `user_id`={$user_id}") == 0) { return "Ошибка в формате входных данных (user)"; } /*Проверка входных данных*/ if (db_easy_count("SELECT * FROM `phpbb_rights` WHERE `id`='{$right_id}'") == 0) { return "Ошибка в формате входных данных (right)"; } //Запрос к базе if (db_easy_count("SELECT * FROM `phpbb_rights_users` WHERE `user_id`={$user_id} AND `right_id`={$right_id}") == 0) { $insertRES = db_query("INSERT INTO `phpbb_rights_users` SET `user_id`={$user_id}, `right_id`={$right_id}"); } /*Проверка правильности выполнения запроса к БД*/ if (!db_result($insertRES)) { return "Ошибка при выполнении (insert)"; } //Выполняем HTTP запрос header("location: /manager.php?action=show_rights"); } //Возвращаем значение функции return $html; }
function project_menu() { //Получаем глобальные переменные global $project_id; //Определяем переменные $html = ""; //Возвращаем значение функции return template_get('versioncontrol/project_menu', array('project_id' => $project_id)); }
function show_admin_panel() { //Определяем переменную $html = ""; /*Подключаем файл шаблона*/ $html .= template_get("admin/show_admin_panel", array()); //Возвращаем значение функции return $html; }
function page_contact() { $user_name = $_GET['name']; $user = db_easy("SELECT * FROM `users` WHERE `name`='" . $user_name . "'"); $edit_del_comment_html = ""; if (check_group("writer") || $user['name'] == get_user()) { } $html .= template_get('contacts/contact', array("name_rus" => $user['name_rus'], "position" => $user['position'], "mobile_phone" => $user['mobile_phone'])); //Подключаем подвал $html .= template_get('footer'); return $html; }
function login_form($message=''){ $html.=""; $html.=template_get('header'); $html.="<div style='width:100%;height:100%' align='center'>"; $html.="<form action='/?action=login' method='post' style='margin-top:25%;width:300px;height:300px;'>"; $html.="Введите логин и пароль<br/>"; $html.=$message; $html.="<input type='text' name='user'/><br/>"; $html.="<input type='password' name='password'/><br/>"; $html.="<input type='submit' value='Войти'/>"; $html.="</form>"; $html.="</div>"; $html.=template_get('footer'); return $html; }
function list_points() { if (isset($_GET['message'])) { $point_id = trim($_GET['point']); $point_name = trim($_GET['name']); switch (@$_GET['message']) { case "pointadded": $message_html = template_get("message", array('message' => "Добавлена точка \"{$point_name}\"")); break; case "pointdeleted": $message_html = template_get("message", array('message' => "Удалена точка \"{$point_name}\"")); break; default: $message_html = template_get("nomessage"); } } $result_points = db_query("SELECT * FROM `phpbb_points` WHERE `id`!=1 ORDER BY `name` ASC"); $num_points = db_count($result_points); $num = 0; $table_html = ""; if (check_rights('delete_point')) { $th_html = "\t<th class='right'></th>"; } else { $th_html = ""; } while ($point = db_fetch($result_points)) { $num++; if ($num == $num_points) { $bottom_class = "bottom"; } else { $bottom_class = ""; } if (check_rights('delete_point')) { $right_class = ''; } else { $right_class = 'right'; } $table_html .= "\t<tr class='{$bottom_class}'>\r\n\t\t\t\t\t\t\t<td><a href='/manager.php?action=show_point&point={$point['id']}' style='font-size:9pt;'>" . $point['name'] . "</a></td>\r\n\t\t\t\t\t\t\t<td>" . $point['phone'] . "</td>\r\n\t\t\t\t\t\t\t<td class='{$right_class}'>" . $point['address'] . "</td>"; if (check_rights('delete_point')) { $table_html .= "\t<td class='right'><a href='/manager.php?action=delete_point&point={$point['id']}' onclick=\"if(!confirm('Удалить?')) return false;\">Удалить</a><br/></td>\r\n\t\t\t\t\t\t</tr>"; } } if (check_rights('add_point')) { $add_point_link = "<a href='/manager.php?action=add_point' class='listcontacts'>Добавить офис/склад</a><br/><br/>"; } $html .= template_get("points/list_points", array('addpointlink' => $add_point_link, 'numpoints' => $num_points, 'table' => $table_html, 'message' => $message_html, 'th_html' => $th_html, 'right_class' => $right_class)); return $html; }
function add_point() { if (!check_rights('add_point')) { //Возвращаем значение функции return "У вас нет соответствующих прав"; } if (!isset($_POST['name'])) { switch (@$_GET['message']) { case "emptypointname": $message_html = template_get("errormessage", array('message' => "Название не может быть пустым")); break; case "samepointexists": $message_html = template_get("errormessage", array('message' => "Офис/склад с таким именем уже имеется")); break; default: $message_html = template_get("nomessage"); } $branches_html = ""; $branchesRES = db_query("SELECT * FROM `phpbb_branches` ORDER BY `name` ASC"); while ($branch = db_fetch($branchesRES)) { $branches_html .= "<option value='{$branch['id']}' {$selected_html}>{$branch['name']}</option>"; } $html .= template_get("points/add_point", array('action' => "/manager.php?action=add_point", 'branches' => $branches_html, 'message' => $message_html)); } else { $do = true; //Проверка на пустое название города $point['name'] = trim($_POST['name']); $point['address'] = trim($_POST['address']); $point['phone'] = trim($_POST['phone']); $point['branch_id'] = trim($_POST['branch']); if (!preg_match("/^.{1,70}\$/", $point['name'])) { header("location: /manager.php?action=add_point&message=emptypointname"); $do = false; } //Проверка на наличие города с таким же именем if (db_easy_count("SELECT * FROM `phpbb_points` WHERE `name`='{$point['name']}'") > 0) { header("location: /manager.php?action=add_point&message=samepointexists"); $do = false; } if ($do) { db_query("INSERT INTO `phpbb_points` SET\r\n\t\t\t\t\t\t\t\t\t\t`name`='{$point['name']}',\r\n\t\t\t\t\t\t\t\t\t\t`address`='{$point['address']}',\r\n\t\t\t\t\t\t\t\t\t\t`phone`='{$point['phone']}',\r\n\t\t\t\t\t\t\t\t\t\t`branch_id`={$point['branch_id']}"); $point_id = db_insert_id(); header("location: /manager.php?action=list_points&message=pointadded&name={$point['name']}"); } } return $html; }
function edit_branch() { if (!check_rights('edit_branch')) { //Возвращаем значение функции return "У вас нет соответствующих прав"; } $branch_id = $_GET['branch']; if (!isset($_POST['name'])) { switch (@$_GET['message']) { case "branchsaved": $message_html = template_get("message", array('message' => "Изменения сохранены")); break; case "emptybranchname": $message_html = template_get("errormessage", array('message' => "Название подразделения не может быть пустым")); break; case "samebranchexists": $message_html = template_get("errormessage", array('message' => "Подразделение с таким именем уже имеется")); break; default: $message_html = template_get("nomessage"); } $branch = db_easy("SELECT * FROM `phpbb_branches` WHERE `id`={$branch_id}"); $show_branch_html = "<a href='/manager.php?action=show_branch&branch={$branch_id}' style='font-size:8pt;'>Просмотреть</a>"; $html .= template_get("branches/edit_branch", array('action' => "/manager.php?action=edit_branch&branch={$branch_id}", 'name' => $branch['name'], 'showbranch' => $show_branch_html, 'message' => $message_html)); } else { $branch['name'] = trim($_POST['name']); $do = true; //Проверка на пустое название города $branch['name'] = trim($_POST['name']); if (!preg_match("/^.{1,70}\$/", $branch['name'])) { header("location: /manager.php?action=edit_branch&branch={$branch_id}&message=emptybranchname"); $do = false; } //Проверка на наличие города с таким же именем if (db_easy_count("SELECT * FROM `phpbb_branches` WHERE `name`='{$branch['name']}'") > 0) { header("location: /manager.php?action=edit_branch&branch={$branch_id}&message=samebranchexists"); $do = false; } if ($do) { db_query("UPDATE `phpbb_branches`\r\n\t\t\t\t\tSET `name`='{$branch['name']}'\r\n\t\t\t\t\tWHERE `id`={$branch_id}"); header("location: /manager.php?action=edit_branch&branch={$branch_id}&message=branchsaved"); } } return $html; }
function template_parse_site($file, $array) { $temp = template_get('header'); $temp .= template_get($file); $temp .= template_get('footer'); global $LANG; if ($temp) { foreach ($array as $key => $value) { $temp = str_replace('{' . $key . '}', $value, $temp); } foreach ($LANG as $key => $value) { $temp = str_replace('{' . $key . '}', $value, $temp); } } else { echo '\\"templates/' . TEMPLATE . '/' . $file . '.htm\\" Does Not Exist.'; } return $temp; }
function add_hr_manager_right() { //Определяем переменные $html = ""; $users_html = ""; /*Проверка прав на выполнение действия*/ if (!check_rights('add_hr_manager_right')) { return "У вас нет соответствующих прав"; } //IF if (!isset($_POST['user'])) { //Запрос к базе $usersRES = db_query("SELECT * FROM `phpbb_users` WHERE (`user_type`=0 OR `user_type`=3) AND `hrmanager`!=1 AND `username`!='root' ORDER BY `username` ASC"); //WHILE while ($userWHILE = db_fetch($usersRES)) { $users_html .= "<option value='{$userWHILE['user_id']}'>{$userWHILE['username']}</option>"; } /*Подключаем шаблон*/ $html .= template_get("rights/add_hr_manager_right", array('users' => $users_html)); //ELSE } else { /*Проверка входных данных*/ if (!preg_match("/^[0-9]{1,8}\$/", $_POST['user'])) { return "Ошибка в формате входных данных (1)"; } //Определяем переменную $user_id = (int) $_POST['user']; /*Проверка входных данных*/ if (db_easy_count("SELECT * FROM `phpbb_users` WHERE `user_id`={$user_id}") == 0) { return "Ошибка в формате входных данных (2)"; } //Запрос к базе db_query("UPDATE `phpbb_users` SET `hrmanager`=1 WHERE `user_id`={$user_id}"); /*Проверка правильности выполнения запроса к БД*/ if (!db_result()) { return "Ошибка при выполнении (3)"; } //Выполняем HTTP запрос header("location: /manager.php?action=show_rights"); } //Возвращаем значение функции return $html; }
function list_branches() { $result_branches = db_query("SELECT * FROM `phpbb_branches` WHERE `id`!=1 ORDER BY `name`"); $num_branches = db_count($result_branches); $num = 0; $table_html = ""; while ($branch = db_fetch($result_branches)) { $num++; if ($num == $num_branches) { $bottom_class = "bottom"; } else { $bottom_class = ""; } $table_html .= "\t<tr class='{$bottom_class}'>\r\n\t\t\t\t\t\t\t<td><a href='/manager.php?action=show_branch&branch=" . $branch['id'] . "' style='font-size:9pt;'>" . $branch['name'] . "</a></td>\r\n\t\t\t\t\t\t\t<td><a href='/manager.php?action=edit_branch&branch={$branch['id']}'>Редактировать</a></td>\r\n\t\t\t\t\t\t\t<td class='right'><a href='/manager.php?action=delete_branch&branch={$branch['id']}' onclick=\"if(!confirm('Удалить?')) return false;\">Удалить</a><br/></td>\r\n\t\t\t\t\t\t</tr>"; } $add_branch_link = "manager.php?action=add_branch"; $html .= template_get("branches/list_branches", array('addbranchlink' => $add_branch_link, 'numbranches' => $num_branches, 'table' => $table_html)); return $html; }
function add_branch() { if (!check_rights('add_branch')) { //Возвращаем значение функции return "У вас нет соответствующих прав"; } if (!isset($_POST['name'])) { switch (@$_GET['message']) { case "emptybranchname": $message_html = template_get("errormessage", array('message' => "Название подразделения не может быть пустым")); break; case "samebranchexists": $message_html = template_get("errormessage", array('message' => "Подразделение с таким именем уже имеется")); break; default: $message_html = template_get("nomessage"); } $html .= template_get("branches/add_branch", array('action' => "/manager.php?action=add_branch", 'message' => $message_html)); } else { $do = true; //Проверка на пустое название города $branch['name'] = trim($_POST['name']); if (!preg_match("/^.{1,70}\$/", $branch['name'])) { header("location: /manager.php?action=add_branch&message=emptybranchname"); $do = false; } //Проверка на наличие города с таким же именем if (db_easy_count("SELECT * FROM `phpbb_branches` WHERE `name`='{$branch['name']}'") > 0) { header("location: /manager.php?action=add_branch&message=samebranchexists"); $do = false; } if ($do) { db_query("INSERT INTO `phpbb_branches` SET `name`='{$branch['name']}'"); $branch_id = db_insert_id(); header("location: /manager.php?action=show_branch&branch={$branch_id}&message=branchjustadded"); } } return $html; }
function show_messages($messages) { //Определяем переменную $html = ""; /*Сообщение о результате действия*/ if (count($messages) > 0) { //FOREACH foreach ($messages as $index => $message) { //Определяем переменную $messages_html .= $message; //Сокращенный IF-ELSE $index < count($messages) ? $messages_html .= "<br/>" : ''; } /*Подключаем шаблон*/ $html = template_get("errormessage", array('message' => $messages_html)); } else { /*Подключаем шаблон*/ $html = template_get("nomessage"); } //Возвращаем значение функции return $html; }
function show_point() { switch (@$_GET['message']) { case "pointjustadded": $message_html = template_get("message", array('message' => "Офис/склад успешно добавлен")); break; default: $message_html = template_get("nomessage"); } $point_id = $_GET['point']; $point = db_easy("SELECT * FROM `phpbb_points` WHERE `id`={$point_id}"); $branch = db_easy("SELECT * FROM `phpbb_branches` WHERE `id`={$point['branch_id']}"); if (check_rights('edit_point')) { $edit_point_html = "<a href='/manager.php?action=edit_point&point={$point_id}' style='font-size:8pt;'>Редактировать</a>"; } $contactsRES = db_query("SELECT * FROM `phpbb_users`\r\n\t\t\t\t\t\t\t\t\tWHERE (`user_type`=0 OR `user_type`=3) AND `username`!='root' AND `user_email`!='*****@*****.**'\r\n\t\t\t\t\t\t\t\t\t\t\tAND `point_id`={$point_id}\r\n\t\t\t\t\t\t\t\t\tORDER BY `username` ASC\r\n\t\t\t\t\t\t\t\t\t"); $contacts_html = ""; while ($contact = db_fetch($contactsRES)) { $contacts_html .= "<a href='/manager.php?action=show_contact&contact={$contact['user_id']}'>" . $contact['username'] . "</a><br/>"; } $html .= template_get("points/show_point", array('name' => $point['name'], 'address' => $point['address'], 'phone' => $point['phone'], 'editpoint' => $edit_point_html, 'message' => $message_html, 'branch' => $branch['name'], 'contacts' => $contacts_html)); return $html; }
$dp = opendir($dir); while($subdir = readdir($dp)){ if($subdir != '.' && $subdir != '..' && is_dir($dir."/".$subdir)){ $action_file=$dir."/".$subdir."/".$action.".php"; if(file_exists($action_file)){ require_once($action_file); db_connect(); $html.=$action(); } } } /*КОНЕЦ: Manager. Автор: Домышев Илья, Акустик Групп*/ // Assign index specific vars $template->assign_vars(array( 'HTML' => template_get('main', array('html'=>"<div class='manager'>".$html."</div><br/>")), 'TOTAL_POSTS' => sprintf($user->lang[$l_total_post_s], $total_posts), 'TOTAL_TOPICS' => sprintf($user->lang[$l_total_topic_s], $total_topics), 'TOTAL_USERS' => sprintf($user->lang[$l_total_user_s], $total_users), 'NEWEST_USER' => sprintf($user->lang['NEWEST_USER'], get_username_string('full', $config['newest_user_id'], $config['newest_username'], $config['newest_user_colour'])), 'LEGEND' => $legend, 'BIRTHDAY_LIST' => $birthday_list, 'FORUM_IMG' => $user->img('forum_read', 'NO_UNREAD_POSTS'), 'FORUM_UNREAD_IMG' => $user->img('forum_unread', 'UNREAD_POSTS'), 'FORUM_LOCKED_IMG' => $user->img('forum_read_locked', 'NO_UNREAD_POSTS_LOCKED'), 'FORUM_UNREAD_LOCKED_IMG' => $user->img('forum_unread_locked', 'UNREAD_POSTS_LOCKED'), 'S_LOGIN_ACTION' => append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login'), 'S_DISPLAY_BIRTHDAY_LIST' => ($config['load_birthdays']) ? true : false,
//Session life time should be set before session_start() session_set_cookie_params($session_lifetime); //Set session lifetime setcookie(session_name(), session_id(), time() + $session_lifetime); //Start session session_start(); //} //Connect to database db_connect(); //Start HTML flow $html = ""; //Add header $html .= template_get('header'); //Выполняем действия{ $action = $_GET['action']; $dir = $_SERVER['DOCUMENT_ROOT'] . "/actions/"; $dp = opendir($dir); while ($subdir = readdir($dp)) { if ($subdir != '.' && $subdir != '..' && is_dir($dir . "/" . $subdir)) { $action_file = $dir . "/" . $subdir . "/" . $action . ".php"; if (file_exists($action_file)) { require_once $action_file; $html .= $action(); } } } //} //Add footer $html .= template_get('footer'); //Show HTML flow echo $html;
function upload_user_photo($user_id) { $file_extension = get_file_extension($_FILES['file']['name']); if (db_easy_count("SELECT * FROM `phpbb_avatars` WHERE `user_id`={$user_id}") > 0) { db_query("DELETE FROM `phpbb_avatars` WHERE `user_id`={$user_id}"); } db_query("INSERT INTO `phpbb_avatars` SET `user_id`={$user_id}, `extension`='{$file_extension}'"); $file_id = db_insert_id(); $uploadfile = $_SERVER['DOCUMENT_ROOT'] . "images/avatars/upload/5748d7ff6b4d48da44e8a6525604c781_" . $file_id . "." . $file_extension; if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) { $image_size = getimagesize($uploadfile); db_query("UPDATE `phpbb_users` SET `user_avatar`='{$file_id}.{$file_extension}', `user_avatar_type`=1, `user_avatar_width`={$image_size[0]}, `user_avatar_height`={$image_size[1]} WHERE `user_id`={$user_id}"); return template_get("message", array('message' => "Фотография обновлена")); } else { return template_get("errormessage", array('message' => "Ошибка")); } }
function get_window($action, $html, $id = '', $enctype = 'application/x-www-form-urlencoded', $method = 'post') { return template_get('window', array('id' => $id, 'action' => $action, 'html' => $html, 'enctype' => $enctype, 'method' => $method)); }
/* * Ugamela OSE * index.php - Pagina inicial * Last Revition: 2009.05.03 01:33 (GMT - 03:00) * * Copyright (C) Perberos (German Augusto Perugorria) * Copyright (C) Matsusoft Corporation * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. ******************************************************************************/ define('INSIDE', true); $ugamela_root_path = './'; require $ugamela_root_path . 'extension.inc'; require $ugamela_root_path . 'common.' . $phpEx; if (!user_check()) { header('Location: login.php'); } else { echo template_parse(template_get('index_frames'), $lang); }
function show_stat_only_date() { //Определяем переменные $date = $_GET['date']; $stat_html = ""; //Определяем переменные $stats = array(); $date_stats = array(); //Определяем переменные $stat_html .= "<span style='font-weight:bold;text-decoration:underline;'>Тип</span>: по дате<br/>"; $stat_html .= "<span style='font-weight:bold;text-decoration:underline;'>Дата</span>: {$date}<br/><br/>"; //Запрос к базе $usersRES = db_query("SELECT *\r\n\t\t\t\t\t\t\t\tFROM `phpbb_users`\r\n\t\t\t\t\t\t\t\tWHERE (`user_type`=0 OR `user_type`=3) AND `username`!='root' AND `user_email`!='*****@*****.**' AND `user_id`!=95 AND `user_id`!=5871\r\n\t\t\t\t\t\t\t\tORDER BY `username` ASC"); //Цикл while ($userWHILE = db_fetch($usersRES)) { $users[$userWHILE['user_id']] = $userWHILE['username']; } //Запрос к базе $statsRES = db_query("SELECT * FROM `phpbb_stat` WHERE `user_id`!=5871 ORDER BY `date` DESC"); //Определяем переменные $number = db_count($statsRES); //Цикл while ($statWHILE = db_fetch($statsRES)) { $stats[date("d/m/Y", strtotime($statWHILE['date']))][$statWHILE['user_id']]++; } //Определяем переменные $date_stats = $stats[$date]; //show($date_stats); //Цикл foreach ($date_stats as $user_idFOR => $countFOR) { $stat_html .= "<a href='/manager.php?action=show_stat&user={$user_idFOR}'>" . $users[$user_idFOR] . "</a>: <a href='/manager.php?action=show_stat&user={$user_idFOR}&date={$date}'>" . $countFOR . " страниц</a><br/>"; } //Возвращаем значение функции return $html .= template_get("stat/show_stat", array('userStats' => $stat_html)); }
function list_contacts() { //НАЧАЛО: Получаем направление сортировки if (isset($_GET['sortdirection'])) { $sortdirection = $_GET['sortdirection']; } else { $sortdirection = "asc"; } if ($sortdirection == "asc") { $link_sortdirection = "desc"; } if ($sortdirection == "desc") { $link_sortdirection = "asc"; } //КОНЕЦ: Получаем направление сортировки //НАЧАЛО: Получаем столбец для сортировки if (isset($_GET['sort'])) { $sort = $_GET['sort']; } else { $sort = "username"; } //КОНЕЦ: Получаем столбец для сортировки //НАЧАЛО: Получаем заголовки колонок для сортировки $headers = array('username' => array('rus' => "ФИО", 'sortcolumn' => "username"), 'branch' => array('rus' => 'Подразделение', 'sortcolumn' => "`phpbb_points`.`name`")); foreach ($headers as $name => $value) { if ($sort == $name) { $headers[$name]['html'] = "<a href='" . uri_make(array('sortdirection' => $link_sortdirection, 'sort' => $name)) . "' class='header'>" . $headers[$name]['rus'] . "<img src='/images/{$sortdirection}.png' class='header'></a>"; } else { $headers[$name]['html'] = "<a href='" . uri_make(array('sortdirection' => 'asc', 'sort' => $name)) . "' class='header'>" . $headers[$name]['rus'] . "</a>"; } } //КОНЕЦ: Получаем заголовки колонок для сортировки //НАЧАЛО: Строим фильтр городов $branchesRES = db_query("SELECT * FROM `phpbb_branches` ORDER BY `name`"); if (isset($_GET['branch']) && @$_GET['branch'] != 1) { $branch_id = $_GET['branch']; $branch_where1 = " , `phpbb_branches`, `phpbb_points` "; $branch_where2 = " AND `phpbb_branches`.`id`={$branch_id} "; } else { $branch_where1 = ""; $branch_where2 = ""; } $branches_html = ""; while ($branch = db_fetch($branchesRES)) { if ($branch_id == $branch['id']) { $selected = "selected"; } else { $selected = ""; } if ($branch['id'] != 1) { $branches_html .= "<option value='{$branch['id']}' {$selected}>{$branch['name']}</option>"; } else { $branches_html .= "<option value='1' {$selected}>Все города</option>"; } } if (check_rights('show_hidden_contacts')) { if (@$_GET['show_hidden_contacts'] == 'on') { $sql_hidden_contacts = "OR `user_type`=9"; $hidden_contact_checked = 'checked'; } else { $sql_hidden_contacts = ""; $hidden_contact_checked = ''; } } //КОНЕЦ: Строим фильтр городов isset($_GET['branch']) ? $input_hidden_branch = "<input type='hidden' name='branch' value='{$_GET['branch']}' />" : ($input_hidden_branch = ""); if (check_rights('show_hidden_contacts')) { $filter_hidden_contacts = template_get("contacts/filter_hidden_contacts", array('input_hidden_branch' => $input_hidden_branch, 'hidden_contact_checked' => $hidden_contact_checked)); } $usersRES = db_query("SELECT *, `phpbb_branches`.`name` as `branch_name`, `phpbb_branches`.`id` as `branch_id`, \r\n\t\t\t\t\t\t\t\t\t\t`phpbb_points`.`phone` as `officephone`,\r\n\t\t\t\t\t\t\t\t\t\t`phpbb_points`.`name` as `point_name`, `phpbb_points`.`id` as `point_id`\r\n\t\t\t\t\t\t\t\t\tFROM `phpbb_users` , `phpbb_branches`, `phpbb_points` \r\n\t\t\t\t\t\t\t\t\tWHERE (`user_type` IN (0,3) {$sql_hidden_contacts}) AND `username`!='root' \r\n\t\t\t\t\t\t\t\t\t\t\tAND `phpbb_points`.`id`=`phpbb_users`.`point_id`\r\n\t\t\t\t\t\t\t\t\t\t\tAND `phpbb_points`.`branch_id`=`phpbb_branches`.`id` \r\n\t\t\t\t\t\t\t\t\t\t\t{$branch_where2}\r\n\t\t\t\t\t\t\t\t\tORDER BY {$headers[$sort]['sortcolumn']} {$sortdirection}\r\n\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t\t\t\t"); $num_users = db_count($usersRES); $num = 0; $table_html = ""; if (check_rights('delete_contact')) { $th_html = "\t\t\r\n\t\t\t\t\t\t<th class='right'></th>"; } else { $th_html = ""; } while ($userWHILE = db_fetch($usersRES)) { $num++; $branch_points_number = db_easy_count("SELECT * FROM `phpbb_points` WHERE `branch_id`={$userWHILE['branch_id']}"); if ($branch_points_number == 1) { $branch_point_link = "/manager.php?action=show_point&point=" . $userWHILE['point_id']; } else { $branch_point_link = "/manager.php?action=show_branch&branch=" . $userWHILE['branch_id']; } if ($num == $num_users) { $bottom_class = "bottom"; } else { $bottom_class = ""; } if (trim($userWHILE['officephone']) != "") { $officephone = $userWHILE['officephone']; if (trim($userWHILE['user_extphone']) != "") { $officephone .= ", доб. " . $userWHILE['user_extphone']; } } else { $officephone = "-"; } if (trim($userWHILE['user_workmobilephone']) != "") { $mobilephone = $userWHILE['user_workmobilephone'] . " (рабочий)"; } elseif (trim($userWHILE['user_privatemobilephone']) != "") { $mobilephone = $userWHILE['user_privatemobilephone'] . " (личный)"; } else { $mobilephone = "-"; } if (trim($userWHILE['user_occ']) == "") { $userWHILE['user_occ'] = "-"; } if (trim($userWHILE['point_id']) == 1) { $userWHILE['point_name'] = "-"; $userWHILE['branch_name'] = "-"; } $userWHILE['user_type'] == 9 ? $style_hidden_contact = 'color:grey' : ($style_hidden_contact = ''); if (check_rights('delete_contact')) { $right_class = ''; } else { $right_class = 'right'; } $table_html .= "\t<tr class='{$bottom_class}'>\r\n\t\t\t\t\t\t\t<td class='left'><a href='/manager.php?action=show_contact&contact=" . $userWHILE['user_id'] . "' style='font-size:9pt;{$style_hidden_contact}'>" . $userWHILE['username'] . "</a></td>\r\n\t\t\t\t\t\t\t<td><a href='{$branch_point_link}' style='font-size:9pt;'>" . $userWHILE['branch_name'] . "</a></td>\r\n\t\t\t\t\t\t\t<td style='width:250px;'>" . $userWHILE['user_occ'] . "</td>\r\n\t\t\t\t\t\t\t<td style='width:250px;'>" . $mobilephone . "</td>\r\n\t\t\t\t\t\t\t<td class='{$right_class}'>" . $officephone . "</td>"; if (check_rights('delete_contact')) { $table_html .= "\t<td class='right'><a href='/manager.php?action=delete_contact&contact={$userWHILE['user_id']}' onclick=\"if(!confirm('Удалить?')) return false;\">Удалить</a><br/></td>\r\n\t\t\t\t\t\t</tr>"; } } //Ссылка "Добавить контакт" if (check_rights('add_contact')) { $add_contact_html = "<a href='/manager.php?action=add_contact' class='listcontacts'>Добавить сотрудника</a><br/><br/>"; } else { $add_contact_html = ""; } $html .= template_get("contacts/list_contacts", array('add_contact' => $add_contact_html, 'numusers' => $num_users, 'table' => $table_html, 'add_user' => $add_user_html, 'branches' => $branches_html, 'header[username]' => $headers['username']['html'], 'header[branch]' => $headers['branch']['html'], 'th_html' => $th_html, 'right_class' => $right_class, 'filter_hidden_contacts' => $filter_hidden_contacts)); return $html; }
function dumps_explorer(){ global $servers; global $reg1; $html=""; //Выбор сервера для просмотра $html.="Выберите сервер: "; //Перебираем сервера foreach($servers as $server){ $url="/engine.php?action=dumps_explorer&server=$server"; //if(isset($_GET['dir'])) $url.="&dir=".$_GET['dir']; $html.="<a href='$url'>".$server."</a> "; } //Пустая строка $html.="<br/><br/>"; //Выводим информацию по серверу if(isset($_GET['server'])){ //Получаем имя сервера из uri $server=$_GET['server']; //Проверяем существование соответствующей директории if(!file_exists("/mnt/$server")){ $html.="Информация по серверу недоступна, т.к. недоступна директория /mnt/$server"; }else{ //Директория с дампами $dir=correct_path("/mnt/$server/MSSQL"); //Директория-хранилище $store=correct_path("/mnt/$server/MSSQL_Store"); $html.="Вывод информации: <a href='/engine.php?action=dumps_explorer&server=$server&show=dir'>Временные дампы</a> <a href='/engine.php?action=dumps_explorer&server=$server&show=store'>Хранилище</a><br/><br/>"; //Просмотр информации по директории if(@$_GET['show']=="dir"){ //Указываем имя сервера, по которому будет просматривать информацию $html.="Смотрим каталог $dir<br/><br/>"; //Проверяем, существует ли директория с дампами if(!$dp=opendir($dir)){ show("Ошибка opendir(\$store). Не удается открыть директорию $store."); exit; }else{ //Перебираем вложенные директории while($subdir = readdir($dp)){ $subdir_with_path=correct_path($dir.$subdir); if(is_dir($subdir_with_path) && preg_match($reg1, $subdir)){ $subdir_size=trim(explode("/", exec("du -h --summarize $subdir_with_path"))[0]); $subdir_size=str_replace("G", "Гб", str_replace("K", "Кб", str_replace("M", "Мб", $subdir_size))); $html.="<a href='/engine.php?action=dumps_explorer&server=$server&show=dir&dir=$subdir'>".$subdir."</a> $subdir_size<br/>"; //Проверяем, что каталог не пустой if(count(scandir($subdir_with_path))>2){ //Проверяем на ошибку открытия каталога if(!$dp1=opendir($subdir_with_path)){ show("Ошибка opendir(\$subdir_with_path). Не удается открыть директорию $subdir_with_path."); continue; }else{ //Перебираем каталоги while($subdir1 = readdir($dp1)){ //Проверяем, что это не каталоги "." и "..", а также соответствие каталогу из uri if($subdir1!="." && $subdir1!=".." && $subdir==$_GET['dir']){ $html.=" $subdir1<br/>"; } } } } } } } } //Просмотр информации по директории if(@$_GET['show']=="store"){ //Указываем имя сервера, по которому будет просматривать информацию $html.="Смотрим каталог $dir<br/><br/>"; //Проверяем, существует ли директория с дампами if(!$dp=opendir($store)){ show("Ошибка opendir(\$store). Не удается открыть директорию $store."); exit; }else{ //Перебираем вложенные директории while($subdir = readdir($dp)){ $subdir_with_path=correct_path($store.$subdir); if(is_dir($subdir_with_path) && $subdir!="." && $subdir!=".."){ $html.=$subdir; } } } } } } //Возвращаем HTML-поток шаблона return template_get( 'dumps/dumps_explorer', array( 'html'=>$html ) ); }
function edit_point() { if (!check_rights('edit_point')) { //Возвращаем значение функции return "У вас нет соответствующих прав"; } $point_id = $_GET['point']; if (!isset($_POST['name'])) { switch (@$_GET['message']) { case "pointsaved": $message_html = template_get("message", array('message' => "Изменения сохранены")); break; case "emptypointname": $message_html = template_get("errormessage", array('message' => "Название не может быть пустым")); break; case "samepointexists": $message_html = template_get("errormessage", array('message' => "Офис/склад с таким именем уже имеется")); break; default: $message_html = template_get("nomessage"); } $point = db_easy("SELECT * FROM `phpbb_points` WHERE `id`={$point_id}"); $show_point_html = "<a href='/manager.php?action=show_point&point={$point_id}&' style='font-size:8pt;'>Просмотреть</a>"; /*Строим список SELECT*/ $branches_html = ""; $selected_html = ""; $branchesRES = db_query("SELECT * FROM `phpbb_branches` ORDER BY `name` ASC"); while ($branch = db_fetch($branchesRES)) { if ($point['branch_id'] == $branch['id']) { $selected_html = "selected"; } else { $selected_html = ""; } $branches_html .= "<option value='{$branch['id']}' {$selected_html}>{$branch['name']}</option>"; } $html .= template_get("points/edit_point", array('action' => "/manager.php?action=edit_point&point={$point_id}", 'name' => $point['name'], 'address' => $point['address'], 'phone' => $point['phone'], 'branches' => $branches_html, 'showpoint' => $show_point_html, 'message' => $message_html)); } else { $point['name'] = trim($_POST['name']); $point['address'] = trim($_POST['address']); $point['phone'] = trim($_POST['phone']); $point['branch_id'] = trim($_POST['branch']); $do = true; //Проверка на пустое название города $point['name'] = trim($_POST['name']); if (!preg_match("/^.{1,70}\$/", $point['name'])) { header("location: /manager.php?action=edit_point&point={$point_id}&message=emptypointname"); $do = false; } //Проверка на наличие города с таким же именем $other_pointRES = db_query("SELECT * FROM `phpbb_points` WHERE `name`='{$point['name']}'"); $other_point = db_fetch($other_pointRES); if (db_count($other_pointRES) > 0) { if ($other_point['id'] != $point_id) { header("location: /manager.php?action=edit_point&point={$point_id}&message=samepointexists"); $do = false; } } if ($do) { db_query("UPDATE `phpbb_points`\r\n\t\t\t\t\tSET `name`='{$point['name']}',\r\n\t\t\t\t\t\t`branch_id`={$point['branch_id']},\r\n\t\t\t\t\t\t`address`='{$point['address']}',\r\n\t\t\t\t\t\t`phone`='{$point['phone']}'\r\n\t\t\t\t\tWHERE `id`={$point_id}"); header("location: /manager.php?action=edit_point&point={$point_id}&message=pointsaved"); } } return $html; }