function action_editzone() { global $smarty, $ref; $db = Database::singletone()->db(); $date = getdate(); $submit = Utils::p("submit", 0); $zid = Utils::pg("zid", 0); $mode = Utils::pg("mode", "add"); $smarty->assign("mode", $mode); $zone = array(); if (!$submit) { if ($mode == "add") { $zone['zone_name'] = ""; $zone['zone_type'] = "IN"; $zone['zone_serial'] = sprintf("%04d%02d%02d01", $date['year'], $date['mon'], $date['mday']); $zone['zone_admin'] = ""; $zone['zone_origin'] = ""; $zone['zone_refresh'] = 10800; $zone['zone_retry'] = 900; $zone['zone_expiry'] = 604800; $zone['zone_minimum'] = 86400; $zone['zone_ttl'] = 3600; } else { $q = $db->prepare("SELECT * FROM phpdns_zones WHERE zone_id = ?"); $r = $db->execute($q, $zid); $zone = $r->fetchRow(); } $smarty->assign("zone", $zone); } else { $zone['zone_name'] = Utils::p("zone_name"); $zone['zone_type'] = Utils::p("zone_type"); $zone['zone_serial'] = Utils::p("zone_serial"); $zone['zone_admin'] = Utils::p("zone_admin"); $zone['zone_origin'] = Utils::p("zone_origin"); $zone['zone_refresh'] = Utils::p("zone_refresh"); $zone['zone_retry'] = Utils::p("zone_retry"); $zone['zone_expiry'] = Utils::p("zone_expiry"); $zone['zone_minimum'] = Utils::p("zone_minimum"); $zone['zone_ttl'] = Utils::p("zone_ttl"); if ($mode == "add") { $q = $db->prepare("INSERT INTO phpdns_zones (zone_name, zone_type, zone_serial, zone_admin, zone_origin, zone_refresh, zone_retry, zone_expiry, zone_minimum, zone_ttl) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"); $db->execute($q, array_values($zone)); } else { if ($mode == "edit") { $q = $db->prepare("UPDATE phpdns_zones SET zone_name = ?, zone_type = ?, zone_serial = ?, zone_admin = ?, zone_origin = ?, zone_refresh = ?, zone_retry = ?, zone_expiry = ?, zone_minimum = ?, zone_ttl = ? WHERE zone_id = ?"); $z = array_values($zone); $z[] = $zid; $db->execute($q, $z); } } header("Location: " . $ref); } }
$_COOKIE = array_map('stripslashes_deep', $_COOKIE); } //function get_photo($pid, $cid) { // // $photo = new Photo($pid); // $data = $photo->get(100, 100); // // return array( // 'id' => $pid, // 'title' => $photo->_dbo->photo_title, // 'description' => $photo->_dbo->photo_description, // 'url' => url('view') . "&pid=$pid&cid=$cid", // 'thumb_img' => $data[7], // 'thumb' => $data[0], // 'user_id' => $photo->_dbo->user_id, // 'user_login' => $photo->_user->user_login, // 'user_url' => url('user', array('uid' => $photo->_dbo->user_id)) // ); //} $action = Utils::pg("action", "start"); if ($action == "admin" || strpos($action, 'adm-') === 0) { $engine = new Admin($action); } else { $engine = new Phphoto($action); } if (!$engine->valid()) { $engine = new Error($action, $engine->statusCode()); } // Page not found. Give up. $engine->call(); $engine->output($time_start);
private function getPhotosWhereSql($addwhere = true) { $uid = Utils::pg('uid', 0); $cid = Utils::pg('cid', 0); $scid = Utils::pg('scid', 0); $approved = Utils::pg('approved', ''); $rejected = Utils::pg('rejected', ''); $waiting = Utils::pg('waiting', ''); $user_login = Utils::pg('user_login', ''); if (!empty($user_login)) { $db = Database::singletone()->db(); $sth = $db->prepare('SELECT user_id FROM phph_users WHERE user_login = :login'); $sth->bindParam(':login', $user_login); $sth->execute(); $row = $sth->fetch(); if ($row) { $uid = $row['user_id']; } } $sql = ''; if (!is_numeric($uid)) { $uid = 0; } if (!is_numeric($cid)) { $cid = 0; } if (!empty($approved) || !empty($rejected) || !empty($waiting)) { $ssql = ' (0=1 '; if (!empty($approved)) { $ssql .= " OR pm.moderation_mode = 'approve'"; } if (!empty($rejected)) { $ssql .= " OR pm.moderation_mode = 'reject'"; } if (!empty($waiting)) { $ssql .= " OR p.moderation_id IS NULL"; } $ssql .= ') '; $sql .= (empty($sql) ? "" : " AND ") . $ssql; } if ($uid > 0) { $sql .= (empty($sql) ? "" : " AND ") . " p.user_id = {$uid}"; } if ($cid > 0) { if (!empty($scid)) { $cids = array(); $cids = Category::getSubCategoriesCIDs($cid, true); $cids[] = $cid; $scids = implode(', ', $cids); $sql .= (empty($sql) ? "" : " AND ") . "p.photo_id IN (SELECT c.photo_id FROM phph_photos_categories c WHERE c.category_id IN ({$scids}))"; } else { $sql .= (empty($sql) ? "" : " AND ") . "p.photo_id IN (SELECT c.photo_id FROM phph_photos_categories c WHERE c.category_id = {$cid})"; } } if ($addwhere) { if (empty($sql)) { $sql = 'WHERE 1=1 '; } else { $sql = 'WHERE ' . $sql; } } return $sql; }
require_once "includes/session.php"; require_once "DB/DataObject.php"; require_once "includes/html.php"; require_once "includes/lang.php"; require_once "includes/smarty.php"; require_once "includes/utils.php"; require_once "includes/photo.php"; $session = Session::singletone(); if ($session->requireLogin()) { exit; } HTML::startHTML(); HTML::head(_UPLOAD_PHOTO); HTML::startBODY(); $smarty = new Phph_Smarty(_UPLOAD_PHOTO); $ref = Utils::pg("ref"); if (isset($_POST['submit'])) { try { $photo = new Photo(); $photo->upload($_FILES['file'], $_POST['title'], $_POST['description'], $_POST['cid']); } catch (Exception2 $e) { $smarty->assign('error', 1); $smarty->assign('error_title', $e->getMessage()); $smarty->assign('error_description', $e->getDescription()); } } $smarty->assign('l_upload', _UPLOAD); $smarty->assign('l_file', _FILE); $smarty->assign('l_title', _TITLE); $smarty->assign('l_description', _DESCRIPTION); $smarty->assign('l_category', _CATEGORY);
?> <div class="a_white_pane"> <h1 class="a_title"><?php echo _ADMIN_USERS_AND_GROUPS; ?> :: <?php echo _ADMIN_ADD_NEW_USER; ?> </h1> </div> <br /> <?php $ref = urldecode(Utils::pg("ref")); if (!empty($_POST['submit'])) { try { $user_login = trim($_POST['user_login']); $user_pass1 = $_POST['user_pass1']; $user_pass2 = $_POST['user_pass2']; $user_email = trim($_POST['user_email']); if ($user_login == "") { $err_login = true; throw new Exception2(_ADMIN_CANT_CREATE_ACCOUNT, _ADMIN_ERROR_EMPTY_LOGIN); } if ($user_pass1 == "") { $err_pass1 = true; $err_pass2 = true; throw new Exception2(_ADMIN_CANT_CREATE_ACCOUNT, _ADMIN_ERROR_EMPTY_PASSWORD); }
} HTML::startHTML(); HTML::head(); HTML::startBODY("a_body"); $action = Utils::pg("action", "edit"); if ($action == "edit") { if (!Permissions::checkPerm('edit_categories')) { die("Permission denied."); } } else { if (!Permissions::checkPerm('add_categories')) { die("Permission denied."); } } $ref = urldecode(Utils::pg("ref")); $cid = Utils::pg("cid"); $category_name = ""; $category_parent = 0; $category_description = ""; if ($action == "edit") { $category = DB_DataObject::Factory('phph_categories'); if (PEAR::isError($category)) { die($category->getMessage()); } $r = $category->get($cid); if (PEAR::isError($r)) { die($r->getMessage()); } if ($r == 0) { if (!empty($ref)) { header("Location: " . $ref);
if ($session->requireLogin()) exit; if (!Permissions::checkPerm('admin_panel')) die ("Permission denied."); if (!Permissions::checkPerm('edit_categories')) die ("Permission denied."); HTML::startHTML(); HTML::head(); HTML::startBODY("a_body"); $action = Utils::pg("action", "edit"); $ref = urldecode(Utils::pg("ref")); $pid = Utils::pg("pid"); if (empty($pid)) die(); $photo = new Photo($pid); $photo_title = $photo->_dbo->photo_title; $photo_description = $photo->_dbo->photo_description; $photo_approved = !empty($photo->_dbo->photo_approved); $photo_cids = $photo->_cids; ?> <div class="a_white_pane"> <h1 class="a_title">Edycja zdjêcia :: <?=htmlspecialchars($photo_title)?></h1>
require_once "DB/DataObject.php"; require_once "DB/DataObject/Cast.php"; require_once "includes/config.php"; require_once "includes/utils.php"; require_once "includes/db.php"; require_once "includes/html.php"; require_once "includes/lang.php"; require_once "includes/permissions.php"; $session = Session::singletone(); if ($session->requireLogin()) { exit; } if (!Permissions::checkPerm('admin_panel')) { die("Permission denied."); } $cid = Utils::pg("cid", null); HTML::startHTML(); HTML::head(); HTML::startBODY("a_body"); ?> <div class="a_white_pane"> <h1 class="a_title"><?php echo _ADMIN_PHOTOS; ?> :: <?php echo _ADMIN_CATEGORIES; ?> </h1> </div>
<?php // $Id$ require_once "includes/Utils.php"; require_once "includes/AjaxService.php"; $action = Utils::pg("action", "start"); if ($action == "service") { // AJAX service handlers $ajax = new AjaxService(); $ajax->call(Utils::pg("method", "unknown"), Utils::pg("_uniqid", "")); $ajax->response(); }
require_once "includes/lang.php"; require_once "includes/permissions.php"; require_once "includes/category.php"; $session = Session::singletone(); if ($session->requireLogin()) { exit; } if (!Permissions::checkPerm('admin_panel')) { die("Permission denied."); } if (!Permissions::checkPerm('edit_categories')) { die("Permission denied."); } $ref = urldecode(Utils::pg("ref")); $cid = urldecode(Utils::pg("cid")); $pcid = urldecode(Utils::pg("pcid")); $category = new Category($cid); if (!empty($pcid)) { $q = $db->prepare("SELECT category_order, category_id FROM phph_categories WHERE category_parent = ? AND category_order > ? ORDER BY category_order ASC LIMIT 0, 1"); $res = $db->execute($q, array($pcid, $category->_dbo->category_order)); } else { $q = $db->prepare("SELECT category_order, category_id FROM phph_categories WHERE category_parent IS NULL AND category_order > ? ORDER BY category_order ASC LIMIT 0, 1"); $res = $db->execute($q, array($category->_dbo->category_order)); } if ($res->numRows() == 1) { $row = $res->fetchRow(); $q = $db->prepare("UPDATE phph_categories SET category_order = ? WHERE category_id = ?"); $db->execute($q, array($row['category_order'], $category->_cid)); $db->execute($q, array($category->_dbo->category_order, $row['category_id'])); } header("Location: {$ref}");
protected function _user() { $cid = Utils::pg("cid", 0); $uid = Utils::pg("uid", 0); $cat = new Category($cid); $user = new User($uid); $this->_smarty->assign('category_tree', $cat->getSubTree(true)); $this->_smarty->assign('page_title', $user->_dbo->user_login); $this->_smarty->assign('user_login', $user->_dbo->user_login); $this->_smarty->assign('user_name', $user->_dbo->user_name); $pids = $cat->getPhotos(); if (!empty($pids)) { $in_s = implode(", ", $pids); $q = $this->_db->prepare("SELECT photo_id FROM phph_photos WHERE photo_id IN ({$in_s}) AND photo_approved IS NOT NULL AND user_id = ? ORDER BY photo_added DESC LIMIT ?, ?"); $res = $this->_db->execute($q, array($uid, intval($this->_page) * $this->_count, intval($this->_count))); $photos = array(); while ($row = $res->fetchRow()) { $photos[] = get_photo($row['photo_id'], $cid); } $this->_smarty->assign('photos', $photos); $this->_pages = pager(url('user', array('cid' => $cid, 'uid' => $uid)), count(array_unique($pids))); $this->_smarty->assign('pager', $this->_pages); } }
<?php // $Id$ set_include_path(get_include_path() . ":../"); require_once "includes/session.php"; require_once "includes/utils.php"; require_once "includes/permissions.php"; require_once "includes/comment.php"; $session = Session::singletone(); if ($session->requireLogin()) { exit; } if (!Permissions::checkPerm('admin_panel')) { die("Permission denied."); } $ref = urldecode(Utils::pg("ref")); $cmid = urldecode(Utils::pg("cmid")); if (empty($cmid)) { die; } $comment = new Comment($cmid); if (!Permissions::checkPermAndLevel('delete_comments', $comment->_dbo->user_id)) { die("Permission denied."); } $comment->remove(); header("Location: {$ref}"); ini_restore('include_path');
function count() { return intval(Utils::pg("c", $this->_default_count)); }
function rejectPhoto() { $session = Session::singletone(); $db = Database::singletone()->db(); $pid = Utils::pg("pid", 0); $this->_query->appendChild($this->_dom->createElement("photo-id", $pid)); if ($pid <= 0) { $this->error("bad-arguments"); return; } if (!$session->checkPerm("approve-photos")) { $this->error("permission-denied"); return; } $photo = new Photo($pid); $photo->reject(Utils::pg('note', '')); $this->success(); }
require_once "includes/db.php"; require_once "includes/html.php"; require_once "includes/lang.php"; require_once "includes/permissions.php"; $session = Session::singletone(); if ($session->requireLogin()) { exit; } if (!Permissions::checkPerm('admin_panel')) { die("Permission denied."); } if (!Permissions::checkPerm('delete_users')) { die("Permission denied."); } $ref = urldecode(Utils::pg("ref")); $uid = urldecode(Utils::pg("uid")); $user = DB_DataObject::Factory("phph_users"); if (PEAR::isError($user)) { die($user->getMessage()); } $r = $user->get($uid); if (PEAR::isError($r)) { die($r->getMessage()); } if (!(Permissions::isAdmin() || Permissions::checkLevel($user->user_id))) { header("Location: {$ref}"); } $q = $db->prepare("DELETE FROM phph_users WHERE user_id = ?"); $r = $db->execute($q, $uid); if (PEAR::isError($r)) { die($r->getMessage());
require_once "includes/db.php"; require_once "includes/html.php"; require_once "includes/lang.php"; require_once "includes/permissions.php"; $session = Session::singletone(); if ($session->requireLogin()) { exit; } if (!Permissions::checkPerm('admin_panel')) { die("Permission denied."); } if (!Permissions::checkPerm('delete_categories')) { die("Permission denied."); } $ref = urldecode(Utils::pg("ref")); $cid = urldecode(Utils::pg("cid")); function delete_category($cid) { global $db; $q = $db->prepare("SELECT category_id FROM phph_categories WHERE category_parent = ?"); $r = $db->execute($q, $cid); if (PEAR::isError($r)) { die($r->getMessage()); } while ($row = $r->fetchRow()) { delete_category($row['category_id']); } $q = $db->prepare("DELETE FROM phph_categories WHERE category_id = ?"); $r = $db->execute($q, $cid); if (PEAR::isError($r)) { die($r->getMessage());
require_once "includes/config.php"; require_once "includes/utils.php"; require_once "includes/db.php"; require_once "includes/html.php"; require_once "includes/permissions.php"; require_once "includes/lang.php"; $session = Session::singletone(); if ($session->requireLogin()) { exit; } if (!Permissions::checkPerm('admin_panel')) { die("Permission denied."); } $uid = Utils::pg("uid"); if (empty($uid)) { $gid = Utils::pg("gid"); if (empty($gid)) { header("Location: " . $session->addSID(Config::get("site_url") . "/admin/users.php")); } } if (!empty($uid)) { if (!Permissions::checkPerm('change_users_permissions')) { die("Permission denied."); } $user = DB_DataObject::Factory('phph_users'); if (PEAR::isError($user)) { die($user->getMessage()); } $r = $user->get($uid); if (PEAR::isError($r)) { die($r->getMessage());
<?php // $Id$ set_include_path(get_include_path() . ":../"); require_once "includes/session.php"; require_once "includes/utils.php"; require_once "includes/permissions.php"; require_once "includes/photo.php"; $session = Session::singletone(); if ($session->requireLogin()) { exit; } if (!Permissions::checkPerm('admin_panel')) { die("Permission denied."); } if (!Permissions::checkPerm('delete_photos')) { die("Permission denied."); } $ref = urldecode(Utils::pg("ref")); $pid = urldecode(Utils::pg("pid")); if (empty($pid)) { die; } $photo = new Photo($pid); $photo->remove(); header("Location: {$ref}"); ini_restore('include_path');
set_include_path(get_include_path() . ":../"); require_once "includes/session.php"; require_once "XML/Tree.php"; require_once "DB/DataObject.php"; require_once "DB/DataObject/Cast.php"; require_once "includes/config.php"; require_once "includes/utils.php"; require_once "includes/db.php"; require_once "includes/html.php"; require_once "includes/lang.php"; require_once "includes/permissions.php"; $session = Session::singletone(); if ($session->requireLogin()) { exit; } if (!Permissions::checkPerm('admin_panel')) { die("Permission denied."); } $ref = urldecode(Utils::pg("ref")); $uid = urldecode(Utils::pg("uid")); $gid = urldecode(Utils::pg("gid")); if (!Permissions::checkPermAndLevel('remove_group_members', $uid)) { die("Permission denied."); } $q = $db->prepare("DELETE FROM phph_group_users WHERE user_id = ? AND group_id = ?"); $r = $db->execute($q, array($uid, $gid)); if (PEAR::isError($r)) { die($r->getMessage()); } header("Location: {$ref}"); ini_restore('include_path');