/** * Constructor * * @param string $name "name" attribute */ function XoopsFormHiddenToken($name = null, $timeout = 360) { if (empty($name)) { $token =& XoopsMultiTokenHandler::quickCreate(XOOPS_TOKEN_DEFAULT); $name = $token->getTokenName(); } else { $token =& XoopsSingleTokenHandler::quickCreate(XOOPS_TOKEN_DEFAULT); } $this->XoopsFormHidden($name, $token->getTokenValue()); }
} } } else { $msgs[] = '<span style="color:#ff0000;">ERROR: Default template files cannot be deleted</span>'; } xoops_cp_header(); foreach ($msgs as $msg) { echo '<code>' . $msg . '</code><br />'; } echo '<br /><a href="admin.php?fct=tplsets">' . _MD_AM_BTOTADMIN . '</a>'; xoops_cp_footer(); break; case 'clone': include_once XOOPS_ROOT_PATH . '/class/xoopsformloader.php'; $form = new XoopsThemeForm(_MD_CLONETHEME, 'template_form', 'admin.php'); $form->addElement(new XoopsFormToken(XoopsSingleTokenHandler::quickCreate('tplsets_clone'))); $form->addElement(new XoopsFormLabel(_MD_THEMENAME, $tplset4disp)); $form->addElement(new XoopsFormText(_MD_NEWNAME, 'newtheme', 30, 50), true); $form->addElement(new XoopsFormHidden('tplset', $tplset4disp)); $form->addElement(new XoopsFormHidden('op', 'clone_go')); $form->addElement(new XoopsFormHidden('fct', 'tplsets')); $form->addElement(new XoopsFormButton('', 'tpl_button', _SUBMIT, 'submit')); xoops_cp_header(); echo '<a href="admin.php?fct=tplsets">' . _MD_TPLMAIN . '</a> <span style="font-weight:bold;">»»</span> ' . _MD_CLONETHEME . '<br /><br />'; $form->display(); xoops_cp_footer(); break; case 'clone_go': $msgs = array(); $tplset = isset($_POST['tplset']) ? $myts->stripslashesGPC(trim($_POST['tplset'])) : ''; $newtheme = isset($_POST['newtheme']) ? trim($_POST['newtheme']) : '';
} } } redirect_header("admin.php?fct=users", 1, _AM_DBUPDATED); break; case "delUser": xoops_cp_header(); $member_handler =& xoops_gethandler('member'); $userdata =& $member_handler->getUser($uid); xoops_token_confirm(array('fct' => 'users', 'op' => 'delUserConf', 'del_uid' => $userdata->getVar('uid')), 'admin.php', sprintf(_AM_AYSYWTDU, $userdata->getVar('uname'))); xoops_cp_footer(); break; case "delete_many": xoops_cp_header(); $count = count($_POST['memberslist_id']); $token =& XoopsSingleTokenHandler::quickCreate('users_deletemany'); if ($count > 0) { $list = $hidden = ''; for ($i = 0; $i < $count; $i++) { $id = intval($_POST['memberslist_id'][$i]); if ($id > 0) { $list .= ", <a href='" . XOOPS_URL . "/userinfo.php?uid={$id}' target='_blank'>" . htmlspecialchars($_POST['memberslist_uname'][$id]) . "</a>"; $hidden .= "<input type='hidden' name='memberslist_id[]' value='{$id}' />\n"; } } echo "<div><h4>" . sprintf(_AM_AYSYWTDU, " " . $list . " ") . "</h4>"; echo _AM_BYTHIS . "<br /><br />\n <form action='admin.php' method='post'>\n <input type='hidden' name='fct' value='users' />\n <input type='hidden' name='op' value='delete_many_ok' />\n <input type='submit' value='" . _YES . "' />\n <input type='button' value='" . _NO . "' onclick='javascript:location.href=\"admin.php?op=adminMain\"' />"; echo $token->getHtml(); echo $hidden; echo "</form></div>"; } else {
//$avatar_tray = new XoopsFormElementTray(_US_AVATAR, " "); //$avatar_tray->addElement($avatar_select); //$avatar_tray->addElement($avatar_label); //foreach ($a_dir_labels as $a_dir_label) { // $avatar_tray->addElement($a_dir_label); //} $reg_form = new XoopsThemeForm(_US_USERREG, "userinfo", "register.php"); $uname_size = $xoopsConfigUser['maxuname'] < 25 ? $xoopsConfigUser['maxuname'] : 25; $reg_form->addElement(new XoopsFormText(_US_NICKNAME, "uname", $uname_size, $uname_size, $myts->htmlSpecialChars($uname)), true); $reg_form->addElement($email_tray); $reg_form->addElement(new XoopsFormText(_US_WEBSITE, "url", 25, 255, $myts->htmlSpecialChars($url))); $tzselected = $timezone_offset != "" ? $timezone_offset : $xoopsConfig['default_TZ']; $reg_form->addElement(new XoopsFormSelectTimezone(_US_TIMEZONE, "timezone_offset", $tzselected)); //$reg_form->addElement($avatar_tray); $reg_form->addElement(new XoopsFormPassword(_US_PASSWORD, "pass", 10, 32, $myts->htmlSpecialChars($pass)), true); $reg_form->addElement(new XoopsFormPassword(_US_VERIFYPASS, "vpass", 10, 32, $myts->htmlSpecialChars($vpass)), true); $reg_form->addElement(new XoopsFormRadioYN(_US_MAILOK, 'user_mailok', $user_mailok)); if ($xoopsConfigUser['reg_dispdsclmr'] != 0 && $xoopsConfigUser['reg_disclaimer'] != '') { $disc_tray = new XoopsFormElementTray(_US_DISCLAIMER, '<br />'); $disc_text = new XoopsFormTextarea('', 'disclaimer', $xoopsConfigUser['reg_disclaimer'], 8); $disc_text->setExtra('readonly="readonly"'); $disc_tray->addElement($disc_text); $agree_chk = new XoopsFormCheckBox('', 'agree_disc', $agree_disc); $agree_chk->addOption(1, _US_IAGREE); $disc_tray->addElement($agree_chk); $reg_form->addElement($disc_tray); } $reg_form->addElement(new XoopsFormHidden("op", "newuser")); $reg_form->addElement(new XoopsFormToken(XoopsSingleTokenHandler::quickCreate('register_newuser'))); $reg_form->addElement(new XoopsFormButton("", "submit", _US_SUBMIT, "submit")); $reg_form->setRequired($email_text);
$form->addElement(new XoopsFormHidden('uid', $xoopsUser->getVar('uid'))); $form->addElement(new XoopsFormButton('', 'submit', _SUBMIT, 'submit')); $form->display(); } $avatar_handler =& xoops_gethandler('avatar'); $form2 = new XoopsThemeForm(_US_CHOOSEAVT, 'uploadavatar', 'edituser.php'); $avatar_select = new XoopsFormSelect('', 'user_avatar', $xoopsUser->getVar('user_avatar')); $avatar_select->addOptionArray($avatar_handler->getList('S')); $avatar_select->setExtra("onchange='showImgSelected(\"avatar\", \"user_avatar\", \"uploads\", \"\", \"" . XOOPS_URL . "\")'"); $avatar_tray = new XoopsFormElementTray(_US_AVATAR, ' '); $avatar_tray->addElement($avatar_select); $avatar_tray->addElement(new XoopsFormLabel('', "<img src='" . XOOPS_UPLOAD_URL . "/" . $xoopsUser->getVar("user_avatar", "E") . "' name='avatar' id='avatar' alt='' /> <a href=\"javascript:openWithSelfMain('" . XOOPS_URL . "/misc.php?action=showpopups&type=avatars','avatars',600,400);\">" . _LIST . "</a>")); $form2->addElement($avatar_tray); $form2->addElement(new XoopsFormHidden('uid', $xoopsUser->getVar('uid'))); $form2->addElement(new XoopsFormHidden('op', 'avatarchoose')); $form2->addElement(new XoopsFormToken(XoopsSingleTokenHandler::quickCreate('avatarchoose'))); $form2->addElement(new XoopsFormButton('', 'submit2', _SUBMIT, 'submit')); $form2->display(); include XOOPS_ROOT_PATH . '/footer.php'; } if ($op == 'avatarupload') { if (!XoopsSingleTokenHandler::quickValidate('avatarupload')) { redirect_header('index.php', 3, _US_NOEDITRIGHT); exit; } $xoops_upload_file = array(); $uid = 0; if (!empty($_POST['xoops_upload_file']) && is_array($_POST['xoops_upload_file'])) { $xoops_upload_file = $_POST['xoops_upload_file']; } if (!empty($_POST['uid'])) {
$xoopsMailer->setFromName($myts->oopsStripSlashesGPC($_POST['mail_fromname'])); $xoopsMailer->setFromEmail($myts->oopsStripSlashesGPC($_POST['mail_fromemail'])); $xoopsMailer->setSubject($myts->oopsStripSlashesGPC($_POST['mail_subject'])); $xoopsMailer->setBody($myts->oopsStripSlashesGPC($_POST['mail_body'])); if (in_array("mail", $_POST['mail_send_to'])) { $xoopsMailer->useMail(); } if (in_array("pm", $_POST['mail_send_to']) && empty($_POST['mail_inactive'])) { $xoopsMailer->usePM(); } $xoopsMailer->send(true); echo $xoopsMailer->getSuccess(); echo $xoopsMailer->getErrors(); if ($added_count > $mail_end) { $form = new XoopsThemeForm(_AM_SENDMTOUSERS, "mailusers", "admin.php?fct=mailusers"); $form->addElement(new XoopsFormToken(XoopsSingleTokenHandler::quickCreate('mailusers_send'))); if (!empty($_POST['mail_to_group'])) { foreach ($_POST['mail_to_group'] as $mailgroup) { $group_hidden = new XoopsFormHidden("mail_to_group[]", $mailgroup); $form->addElement($group_hidden); } } if (isset($_POST['mail_inactive'])) { $form->addElement(new XoopsFormHidden("mail_inactive", intval($_POST['mail_inactive']))); } if (isset($_POST['mail_mailok'])) { $form->addElement(new XoopsFormHidden("mail_mailok", intval($_POST['mail_mailok']))); } $lastlog_min_hidden = new XoopsFormHidden("mail_lastlog_min", $myts->makeTboxData4PreviewInForm($_POST['mail_lastlog_min'])); $lastlog_max_hidden = new XoopsFormHidden("mail_lastlog_max", $myts->makeTboxData4PreviewInForm($_POST['mail_lastlog_max'])); $regd_min_hidden = new XoopsFormHidden("mail_regd_min", $myts->makeTboxData4PreviewInForm($_POST['mail_regd_max']));
} redirect_header('admin.php?fct=images', 2, _MD_AM_DBUPDATED); } if ($op == 'editcat') { if ($imgcat_id <= 0) { redirect_header('admin.php?fct=images', 1); } $imgcat_handler = xoops_gethandler('imagecategory'); $imagecategory =& $imgcat_handler->get($imgcat_id); if (!is_object($imagecategory)) { redirect_header('admin.php?fct=images', 1); } include_once XOOPS_ROOT_PATH . '/class/xoopsformloader.php'; $imagecategoryperm_handler =& xoops_gethandler('groupperm'); $form = new XoopsThemeForm(_MD_EDITIMGCAT, 'imagecat_form', 'admin.php'); $form->addElement(new XoopsFormToken(XoopsSingleTokenHandler::quickCreate('images_updatecat'))); $form->addElement(new XoopsFormText(_MD_IMGCATNAME, 'imgcat_name', 50, 255, $imagecategory->getVar('imgcat_name')), true); $form->addElement(new XoopsFormSelectGroup(_MD_IMGCATRGRP, 'readgroup', true, $imagecategoryperm_handler->getGroupIds('imgcat_read', $imgcat_id), 5, true)); $form->addElement(new XoopsFormSelectGroup(_MD_IMGCATWGRP, 'writegroup', true, $imagecategoryperm_handler->getGroupIds('imgcat_write', $imgcat_id), 5, true)); $form->addElement(new XoopsFormText(_IMGMAXSIZE, 'imgcat_maxsize', 10, 10, $imagecategory->getVar('imgcat_maxsize'))); $form->addElement(new XoopsFormText(_IMGMAXWIDTH, 'imgcat_maxwidth', 3, 4, $imagecategory->getVar('imgcat_maxwidth'))); $form->addElement(new XoopsFormText(_IMGMAXHEIGHT, 'imgcat_maxheight', 3, 4, $imagecategory->getVar('imgcat_maxheight'))); $form->addElement(new XoopsFormText(_MD_IMGCATWEIGHT, 'imgcat_weight', 3, 4, $imagecategory->getVar('imgcat_weight'))); $form->addElement(new XoopsFormRadioYN(_MD_IMGCATDISPLAY, 'imgcat_display', $imagecategory->getVar('imgcat_display'), _YES, _NO)); $storetype = array('db' => _MD_INDB, 'file' => _MD_ASFILE); $form->addElement(new XoopsFormLabel(_MD_IMGCATSTRTYPE, $storetype[$imagecategory->getVar('imgcat_storetype')])); $form->addElement(new XoopsFormHidden('imgcat_id', $imgcat_id)); $form->addElement(new XoopsFormHidden('op', 'updatecat')); $form->addElement(new XoopsFormHidden('fct', 'images')); $form->addElement(new XoopsFormButton('', 'imgcat_button', _SUBMIT, 'submit')); xoops_cp_header();
} include_once XOOPS_ROOT_PATH . '/class/xoopsblock.php'; include_once XOOPS_ROOT_PATH . "/modules/system/admin/modulesadmin/modulesadmin.php"; $op = "list"; if (isset($_GET['op'])) { $op = $_GET['op']; $module = $_GET['module']; } elseif (isset($_POST['op'])) { $op = $_POST['op']; } if ($op == "list") { xoops_module_list(); exit; } if ($op == "confirm") { $token =& XoopsSingleTokenHandler::quickCreate('modulesadmin_submit'); xoops_cp_header(); //OpenTable(); $error = array(); if (!is_writable(XOOPS_CACHE_PATH . '/')) { // attempt to chmod 666 if (!chmod(XOOPS_CACHE_PATH . '/', 0777)) { $error[] = sprintf(_MUSTWABLE, "<b>" . XOOPS_CACHE_PATH . '/</b>'); } } if (count($error) > 0) { xoops_error($error); echo "<p><a href='admin.php?fct=modulesadmin'>" . _MD_AM_BTOMADMIN . "</a></p>"; xoops_cp_footer(); exit; }
$agree_disc = isset($_POST['agree_disc']) && intval($_POST['agree_disc']) ? 1 : 0; switch ($op) { case 'newuser': if (!XoopsSingleTokenHandler::quickValidate('register_newuser')) { exit; } include 'header.php'; $stop = ''; if ($xoopsConfigUser['reg_dispdsclmr'] != 0 && $xoopsConfigUser['reg_disclaimer'] != '') { if (empty($agree_disc)) { $stop .= _US_UNEEDAGREE . '<br />'; } } $stop .= userCheck($uname, $email, $pass, $vpass); if (empty($stop)) { $token =& XoopsSingleTokenHandler::quickCreate('register_finish'); echo _US_USERNAME . ": " . $myts->htmlSpecialChars($uname) . "<br />"; echo _US_EMAIL . ": " . $myts->htmlSpecialChars($email) . "<br />"; if ($url != '') { $url = formatURL($url); echo _US_WEBSITE . ': ' . $myts->htmlSpecialChars($url) . '<br />'; } $f_timezone = $timezone_offset < 0 ? 'GMT ' . $timezone_offset : 'GMT +' . $timezone_offset; echo _US_TIMEZONE . ": {$f_timezone}<br />"; echo "<form action='register.php' method='post'>"; echo $token->getHtml(); echo "<input type='hidden' name='uname' value='" . $myts->htmlSpecialChars($uname) . "' />\n <input type='hidden' name='email' value='" . $myts->htmlSpecialChars($email) . "' />"; echo "<input type='hidden' name='user_viewemail' value='" . $user_viewemail . "' />\n <input type='hidden' name='timezone_offset' value='" . (double) $timezone_offset . "' />\n <input type='hidden' name='url' value='" . $myts->htmlSpecialChars($url) . "' />\n <input type='hidden' name='pass' value='" . $myts->htmlSpecialChars($pass) . "' />\n <input type='hidden' name='vpass' value='" . $myts->htmlSpecialChars($vpass) . "' />\n <input type='hidden' name='user_mailok' value='" . $user_mailok . "' />\n <br /><br /><input type='hidden' name='op' value='finish' /><input type='submit' value='" . _US_FINISH . "' /></form>"; } else { echo "<span style='color:#ff0000;'>{$stop}</span>"; include 'include/registerform.php';
function BannerClientEdit($cid) { $cid = intval($cid); $token =& XoopsSingleTokenHandler::quickCreate('banners_ClientChange'); global $xoopsConfig, $xoopsModule; $xoopsDB =& Database::getInstance(); $myts =& MyTextSanitizer::getInstance(); xoops_cp_header(); $result = $xoopsDB->query("SELECT name, contact, email, login, passwd, extrainfo FROM " . $xoopsDB->prefix("bannerclient") . " WHERE cid={$cid}"); list($name, $contact, $email, $login, $passwd, $extrainfo) = $xoopsDB->fetchRow($result); $name = $myts->makeTboxData4Edit($name); $contact = $myts->makeTboxData4Show($contact); $email = $myts->makeTboxData4Edit($email); $login = $myts->makeTboxData4Edit($login); $passwd = $myts->makeTboxData4Edit($passwd); $extrainfo = $myts->makeTareaData4Show($extrainfo); echo "<table width='100%' border='0' cellspacing='1' class='outer'><tr><td class=\"odd\">"; echo "\r\n <h4>" . _AM_EDITADVCLI . "</h4>\r\n <form action='admin.php' method='post'>"; echo $token->getHtml(); echo _AM_CLINAMET . "<input type='text' name='name' value='{$name}' size='30' maxlength='60' /><br />\r\n " . _AM_CONTNAMET . "<input type='text' name='contact' value='{$contact}' size='30' maxlength='60' /><br />\r\n " . _AM_CONTMAILT . "<input type='text' name='email' size='30' maxlength='60' value='{$email}' /><br />\r\n " . _AM_CLILOGINT . "<input type='text' name='login' size='12' maxlength='10' value='{$login}' /><br />\r\n " . _AM_CLIPASST . "<input type='text' name='passwd' size='12' maxlength='10' value='{$passwd}' /><br />\r\n " . _AM_EXTINFO . "<br /><textarea name='extrainfo' cols='60' rows='10'>{$extrainfo}</textarea><br />\r\n <input type='hidden' name='cid' value='{$cid}' />\r\n <input type='hidden' name='op' value='BannerClientChange' />\r\n <input type='hidden' name='fct' value='banners' />\r\n <input type='submit' value='" . _AM_CHGCLI . "' />"; echo "</td></tr></table>"; xoops_cp_footer(); }