/**
* update node data
*
* @param array $data
*/
function updateNode(&$data)
{
// We need PEAR File to read the nodes file
include_once 'File.php';
$fp =& new File();
// Add navigation node body
$node_body = SF_BASE_DIR . 'data/navigation/' . $data['node'];
if (!is_int($fp->write($node_body, commonUtil::stripSlashes($data['body']), FILE_MODE_WRITE))) {
$this->B->{$data}['error'] = 'Could not write file: ' . $node_body;
return FALSE;
}
$fp->unlock($node_body, FILE_MODE_WRITE);
$this->B->node[$data['node']]['title'] = commonUtil::transform($data['title']);
$this->B->node[$data['node']]['status'] = $data['status'];
if ($this->B->node[$data['node']]['parent_id'] != (int) $data['parent_id']) {
$this->_move = TRUE;
$this->_verifyParentId($data['node'], (int) $data['parent_id']);
if ($this->_move == TRUE) {
$tmp = array();
$tmp['node'] = $this->B->node[$data['node']]['parent_id'];
$this->B->node[$data['node']]['order'] = $this->getLastOrderId((int) $data['parent_id']);
$this->B->node[$data['node']]['parent_id'] = (int) $data['parent_id'];
$_data = $this->getChildren($tmp);
$_order = 1;
foreach ($_data as $node => $val) {
$this->B->node[$node]['order'] = $_order;
$_order++;
}
}
}
}
/**
* Update main options
*
* @access privat
*/
function _update_main_options()
{
// init var - used if a config value has been modified
$this->B->_modified = FALSE;
// Empty all cache data
if (isset($_POST['update_clean_cache'])) {
// Delete cache data
M(MOD_COMMON, 'cache_delete', array('group' => ''));
} elseif (isset($_POST['update_main_options_email'])) {
$this->B->sys['option']['email'] = $_POST['site_email'];
$this->B->_modified = TRUE;
} elseif (isset($_POST['update_main_options_title'])) {
$this->B->sys['option']['site_title'] = htmlspecialchars(commonUtil::stripSlashes($_POST['site_title']), ENT_QUOTES);
$this->B->sys['option']['site_desc'] = htmlspecialchars(commonUtil::stripSlashes($_POST['site_desc']), ENT_QUOTES);
$this->B->_modified = TRUE;
} elseif (isset($_POST['update_main_options_charset'])) {
$this->B->sys['option']['charset'] = $_POST['charset'];
$this->B->_modified = TRUE;
} elseif (isset($_POST['update_main_options_tpl'])) {
$this->B->sys['option']['tpl'] = $_POST['tplgroup'];
$this->B->_modified = TRUE;
} elseif (isset($_POST['update_main_options_view'])) {
$this->B->sys['option']['view'] = $_POST['viewgroup'];
$this->B->_modified = TRUE;
}
}
function _reset_form_data()
{
$this->B->tpl_form = array();
$this->B->tpl_form['forename'] = commonUtil::stripSlashes($_POST['forename']);
$this->B->tpl_form['lastname'] = commonUtil::stripSlashes($_POST['lastname']);
$this->B->tpl_form['login'] = commonUtil::stripSlashes($_POST['login']);
$this->B->tpl_form['email'] = commonUtil::stripSlashes($_POST['email']);
}
/**
* reset the form fields with old user data
*
* @access privat
*/
function _reset_old_fields_data()
{
// if empty assign form field with old values
$this->B->form_forename = htmlspecialchars(commonUtil::stripSlashes($_POST['forename']));
$this->B->form_lastname = htmlspecialchars(commonUtil::stripSlashes($_POST['lastname']));
$this->B->form_email = htmlspecialchars(commonUtil::stripSlashes($_POST['email']));
$this->B->form_login = htmlspecialchars(commonUtil::stripSlashes($_POST['login']));
$this->B->form_passwd = htmlspecialchars(commonUtil::stripSlashes($_POST['passwd']));
}
/**
* reset the form fields with old user data
*
* @access privat
*/
function _reset_old_fields_data()
{
// if empty assign form field with old values
$this->B->tpl_data['name'] = commonUtil::stripSlashes($_POST['name']);
$this->B->tpl_data['emailserver'] = commonUtil::stripSlashes($_POST['emailserver']);
$this->B->tpl_data['email'] = commonUtil::stripSlashes($_POST['email']);
$this->B->tpl_data['description'] = commonUtil::stripSlashes($_POST['description']);
$this->B->tpl_data['status'] = $_POST['status'];
}
/**
* reset the form fields with old user data
*
* @access privat
*/
function _reset_old_fields_data()
{
// if empty assign form field with old values
$this->B->tpl_data['subject'] = commonUtil::stripSlashes($_POST['subject']);
$this->B->tpl_data['body'] = commonUtil::stripSlashes($_POST['body']);
$this->B->tpl_data['mid'] = $_POST['mid'];
$this->B->tpl_data['lid'] = $_POST['lid'];
$this->B->tpl_data['pageID'] = $_POST['pageID'];
}
/**
* Do setup for this module
*
* @param array $data
*/
function perform($data = FALSE)
{
// launch setup
if ($_POST['do_setup']) {
if (FALSE == M(MOD_SETUP, 'sys_setup')) {
$this->B->form_host = htmlspecialchars(commonUtil::stripSlashes($_POST['dbhost']));
$this->B->form_user = htmlspecialchars(commonUtil::stripSlashes($_POST['dbuser']));
$this->B->form_dbname = htmlspecialchars(commonUtil::stripSlashes($_POST['dbname']));
$this->B->form_tableprefix = htmlspecialchars(commonUtil::stripSlashes($_POST['dbtablesprefix']));
$this->B->form_sysname = htmlspecialchars(commonUtil::stripSlashes($_POST['sysname']));
$this->B->form_syslastname = htmlspecialchars(commonUtil::stripSlashes($_POST['syslastname']));
$this->B->form_syslogin = htmlspecialchars(commonUtil::stripSlashes($_POST['syslogin']));
}
}
return TRUE;
}
/**
* Do setup for this module
*
* @param array $data
*/
function perform($data)
{
// launch setup
if ($_POST['do_setup']) {
$_data = array('dbhost' => (string) $_POST['dbhost'], 'dbuser' => (string) $_POST['dbuser'], 'dbpasswd' => (string) $_POST['dbpasswd'], 'dbname' => (string) $_POST['dbname'], 'dbtype' => (string) $_POST['dbtype'], 'dbtablesprefix' => (string) $_POST['dbtablesprefix'], 'dbcreate' => (string) $_POST['create_db'], 'charset' => (string) $_POST['charset'], 'userlogin' => (string) $_POST['userlogin'], 'username' => (string) $_POST['username'], 'userlastname' => (string) $_POST['userlastname'], 'userpasswd1' => (string) $_POST['userpasswd1'], 'userpasswd2' => (string) $_POST['userpasswd2']);
if (FALSE == $this->B->M(MOD_SETUP, 'sys_setup', $_data)) {
$this->B->form_host = htmlspecialchars(commonUtil::stripSlashes($_POST['dbhost']));
$this->B->form_user = htmlspecialchars(commonUtil::stripSlashes($_POST['dbuser']));
$this->B->form_dbname = htmlspecialchars(commonUtil::stripSlashes($_POST['dbname']));
$this->B->form_tableprefix = htmlspecialchars(commonUtil::stripSlashes($_POST['dbtablesprefix']));
$this->B->form_sysname = htmlspecialchars(commonUtil::stripSlashes($_POST['username']));
$this->B->form_syslastname = htmlspecialchars(commonUtil::stripSlashes($_POST['userlastname']));
$this->B->form_syslogin = htmlspecialchars(commonUtil::stripSlashes($_POST['userlogin']));
}
}
return TRUE;
}
/**
* add node data
*
* @param array $data
*/
function addNode(&$data)
{
$node_id = $this->createUniqueId();
// We need PEAR File to read the nodes file
include_once 'File.php';
$fp =& new File();
// Add navigation node body
$node_body = SF_BASE_DIR . 'data/navigation/' . $node_id;
if (!is_int($fp->write($node_body, commonUtil::stripSlashes($data['body']), FILE_MODE_WRITE))) {
$this->B->{$data}['error'] = 'Could not write file: ' . $node_body;
return FALSE;
}
$fp->unlock($node_body, FILE_MODE_WRITE);
$this->B->node[$node_id]['title'] = commonUtil::transform($data['title']);
$this->B->node[$node_id]['status'] = $data['status'];
$this->B->node[$node_id]['order'] = $this->getLastOrderId((int) $data['parent_id']);
$this->B->node[$node_id]['parent_id'] = (int) $data['parent_id'];
}
/**
* Set options for this module
*
* @param array $data
*/
function perform($data)
{
// get var name to store the result
$this->B->{$data}['error_var'] = FALSE;
$this->_error =& $this->B->{$data}['error_var'];
if (FALSE === $this->_validate($data)) {
return FALSE;
}
$_data = array('error' => 'tmp_error', 'user_data' => array('forename' => $this->B->db->quoteSmart(commonUtil::stripSlashes($data['reg_data']['forename'])), 'lastname' => $this->B->db->quoteSmart(commonUtil::stripSlashes($data['reg_data']['lastname'])), 'email' => $this->B->db->quoteSmart(commonUtil::stripSlashes($data['reg_data']['email'])), 'login' => $this->B->db->quoteSmart(commonUtil::stripSlashes($data['reg_data']['login'])), 'passwd' => $this->B->db->quoteSmart(md5($data['reg_data']['passwd1'])), 'rights' => 1, 'status' => 1));
if (FALSE === ($uid = M(MOD_USER, 'add', $_data))) {
$this->_error .= 'Couldnt add user data';
return FALSE;
} else {
$header = "From: {$this->B->sys['option']['email']}\r\n";
$header .= "MIME-Version: 1.0\r\n";
$header .= "Content-type: text/html; charset={$this->B->sys['option']['charset']}\r\n";
if ($this->B->sys['option']['user']['register_type'] == 'auto') {
$ustr = $this->_add_registered_user_data($uid);
$validate_msg = str_replace("(URL)", "<a href='" . SF_BASE_LOCATION . "/index.php?view=validate&usr_id={$ustr}'>validate</a>", $data['email_msg']);
$validate_msg = str_replace("(EMAIL)", "<a href='mailto:{$this->B->sys['option']['email']}'>{$this->B->sys['option']['email']}</a>", $validate_msg);
if (FALSE == @mail($data['reg_data']['email'], $data['email_subject'], $validate_msg, $header)) {
trigger_error("Email couldnt be sended to the user who want to register: {$data['reg_data']['email']}", E_USER_ERROR);
$this->_error .= "Unexpected error: Email couldnt be send to you!<br>Please contact the <a href='mailto:{$this->B->sys['option']['email']}'>admin</a> to validate your account.";
return FALSE;
}
} elseif ($this->B->sys['option']['user']['register_type'] == 'manual') {
$subject = 'User validation needed';
$msg = 'You have to validate a user registration:<br />';
$msg .= '<a href="' . SF_BASE_LOCATION . '/index.php?admin=1&m=user&sec=edituser&uid=' . $uid . '">' . SF_BASE_LOCATION . '/index.php?admin=1&m=user&sec=edituser&uid=' . $uid . '</a>';
if (FALSE === @mail($this->B->sys['option']['email'], $subject, $msg, $header)) {
trigger_error("Sending manual validation email fails for login: {$_data['login']}.", E_USER_ERROR);
$this->_error .= "Unexpected error: Email couldnt be send to you!<br>Please contact the <a href='mailto:{$this->B->sys['option']['email']}'>admin</a> to validate your account.";
return FALSE;
}
return TRUE;
}
return TRUE;
}
}
/**
* reset the form fields with old user data
*
* @access privat
*/
function _reset_old_fields_data()
{
$this->B->tpl_data['email'] = commonUtil::stripSlashes($_POST['email']);
$this->B->tpl_data['login'] = commonUtil::stripSlashes($_POST['user']);
$this->B->tpl_data['passwd'] = commonUtil::stripSlashes($_POST['passwd']);
}
return FALSE;
}
// create table if it dosent exist
$sql = "CREATE TABLE IF NOT EXISTS {$this->B->conf_val['db']['table_prefix']}user_registered (\n uid INT(11) NOT NULL,\n md5_str CHAR(32) NOT NULL default '',\n reg_date DATETIME NOT NULL default '0000-00-00 00:00:00')";
$result = $this->B->db->query($sql);
if (DB::isError($result)) {
trigger_error($result->getMessage() . "\n" . $result->userinfo . "\n\nFILE: " . __FILE__ . "\nLINE: " . __LINE__, E_USER_ERROR);
$this->B->setup_error[] = $result->getMessage() . "\n\nINFO: " . $result->userinfo . "\n\nFILE: " . __FILE__ . "\nLINE: " . __LINE__;
$success = FALSE;
return FALSE;
}
if ($success != FALSE) {
// insert an administrator
$forename = $this->B->db->quoteSmart(commonUtil::stripSlashes($_POST['sysname']));
$lastename = $this->B->db->quoteSmart(commonUtil::stripSlashes($_POST['syslastname']));
$login = $this->B->db->quoteSmart(commonUtil::stripSlashes($_POST['syslogin']));
$passwd = $this->B->db->quoteSmart(md5($_POST['syspassword1']));
$uid = $this->B->db->nextId($this->B->conf_val['db']['table_prefix'] . 'user_seq_add_user');
if (DB::isError($uid)) {
trigger_error($uid->getMessage() . "\n" . $uid->userinfo . "\n\nFILE: " . __FILE__ . "\nLINE: " . __LINE__, E_USER_ERROR);
$success = FALSE;
return FALSE;
}
$sql = 'INSERT INTO ' . $this->B->conf_val['db']['table_prefix'] . 'user_users
(uid,forename,lastname,login,passwd,status,rights)
VALUES
(' . $uid . ',' . $forename . ',' . $lastename . ',' . $login . ',' . $passwd . ',2,5)';
$result = $this->B->db->query($sql);
if (DB::isError($result)) {
trigger_error($result->getMessage() . "\n" . $result->userinfo . "\n\nFILE: " . __FILE__ . "\nLINE: " . __LINE__, E_USER_ERROR);
$this->B->setup_error[] = $result->getMessage() . "\n\nINFO: " . $result->userinfo . "\n\nFILE: " . __FILE__ . "\nLINE: " . __LINE__;
/**
* reset the form fields with old user data
*
* @access privat
*/
function _reset_old_fields_data()
{
$this->B->tpl_title = str_replace("'", "'", commonUtil::stripSlashes($_POST['title']));
$this->B->tpl_body = commonUtil::stripSlashes($_POST['body']);
}
exit;
}
// Init form field values
$B->form_error = FALSE;
$B->form_name = '';
$B->form_emailserver = '';
$B->form_email = '';
$B->form_description = '';
$B->form_status = '';
// Check if some form fields are empty
if (empty($_POST['name']) || empty($_POST['emailserver']) || empty($_POST['email'])) {
// if empty assign form field with old values
$B->form_name = htmlspecialchars(commonUtil::stripSlashes($_POST['name']));
$B->form_emailserver = htmlspecialchars(commonUtil::stripSlashes($_POST['emailserver']));
$B->form_email = htmlspecialchars(commonUtil::stripSlashes($_POST['email']));
$B->form_description = htmlspecialchars(commonUtil::stripSlashes($_POST['description']));
$B->form_status = $_POST['status'];
$B->form_error = 'You have fill out all fields!';
} else {
// get list messages attachment folder string
$list_folder = commonUtil::unique_md5_str();
if (!@mkdir(SF_BASE_DIR . '/data/earchive/' . $list_folder, SF_DIR_MODE)) {
$B->form_error = 'Cannot create list messages attachment folder! Contact the administrator.';
}
// add new email lsit
$B->tmp_data = array('name' => $B->db->quoteSmart(commonUtil::stripSlashes($_POST['name'])), 'emailserver' => $B->db->quoteSmart(commonUtil::stripSlashes($_POST['emailserver'])), 'email' => $B->db->quoteSmart(commonUtil::stripSlashes($_POST['email'])), 'description' => $B->db->quoteSmart(commonUtil::stripSlashes($_POST['description'])), 'folder' => $B->db->quoteSmart($list_folder), 'status' => (int) $_POST['status']);
if (FALSE === $B->form_error && FALSE !== $B->earchive->add_list($B->tmp_data)) {
@header('Location: ' . SF_BASE_LOCATION . '/admin/index.php?m=EARCHIVE');
exit;
}
}
if (empty($B->form_error)) {
$B->tmp_data = array('forename' => $B->db->quoteSmart(commonUtil::stripSlashes($_POST['forename'])), 'lastname' => $B->db->quoteSmart(commonUtil::stripSlashes($_POST['lastname'])), 'email' => $B->db->quoteSmart(commonUtil::stripSlashes($_POST['email'])), 'rights' => (int) $_POST['rights'], 'status' => (int) $_POST['status']);
// update password if it isnt empty
if (!empty($_POST['passwd'])) {
$B->tmp_data['passwd'] == $B->db->quoteSmart(md5($_POST['passwd']));
}
// update user data
if (FALSE != $B->user->update_user((int) $_REQUEST['uid'], $B->tmp_data)) {
@header('Location: ' . SF_BASE_LOCATION . '/admin/index.php?m=USER');
exit;
} else {
$B->form_error = 'This login exist. Chose a other one!';
}
}
}
} else {
// get user data
$B->tmp_fields = array('uid', 'rights', 'status', 'email', 'login', 'forename', 'lastname');
$B->tpl_data = $B->user->get_user((int) $_REQUEST['uid'], $B->tmp_fields);
unset($B->tmp_fields);
}
// if error restore the form fields values
if (!empty($B->form_error)) {
$B->tpl_data['forename'] = htmlspecialchars(commonUtil::stripSlashes($_POST['forename']));
$B->tpl_data['lastname'] = htmlspecialchars(commonUtil::stripSlashes($_POST['lastname']));
$B->tpl_data['email'] = htmlspecialchars(commonUtil::stripSlashes($_POST['email']));
$B->tpl_data['login'] = htmlspecialchars(commonUtil::stripSlashes($_POST['login']));
$B->tpl_data['passwd'] = htmlspecialchars(commonUtil::stripSlashes($_POST['passwd']));
$B->tpl_data['rights'] = $_POST['rights'];
$B->tpl_data['status'] = $_POST['status'];
}
/**
* reset the form fields with old user data
*
* @access privat
*/
function _reset_old_fields_data()
{
$this->B->tpl_data['forename'] = htmlspecialchars(commonUtil::stripSlashes($_POST['forename']));
$this->B->tpl_data['lastname'] = htmlspecialchars(commonUtil::stripSlashes($_POST['lastname']));
$this->B->tpl_data['email'] = htmlspecialchars(commonUtil::stripSlashes($_POST['email']));
$this->B->tpl_data['login'] = htmlspecialchars(commonUtil::stripSlashes($_POST['_login']));
$this->B->tpl_data['passwd'] = htmlspecialchars(commonUtil::stripSlashes($_POST['passwd']));
$this->B->tpl_data['rights'] = $_POST['rights'];
$this->B->tpl_data['status'] = $_POST['status'];
}
function _reset_form_data()
{
$this->B->tpl_form = array();
$this->B->tpl_form['login_name'] = htmlentities(commonUtil::stripSlashes($_POST['login_name']));
}
</tr>
</table>
</form>
<form action="index.php?m=OPTION" method="post" name="title" id="title">
<table width="100%" border="0" cellspacing="4" cellpadding="4">
<tr>
<td colspan="2" align="left" valign="top"><span class="optiontitle">Site title and description </span></td>
</tr>
<tr>
<td width="87%" align="left" valign="top">
<input name="site_title" type="text" size="70" maxlength="1024" value="<?php
echo htmlspecialchars(commonUtil::stripSlashes($B->sys['option']['site_title']));
?>
">
<textarea name="site_desc" cols="50" rows="3" wrap="virtual"><?php
echo htmlspecialchars(commonUtil::stripSlashes($B->sys['option']['site_desc']));
?>
</textarea>
</td>
<td width="13%" align="left" valign="top"><input type="submit" name="update_main_options_title" value="update" onclick="subok(this.form.update_main_options_title);"></td>
</tr>
</table>
</form>
<form action="index.php?m=OPTION" method="post" name="charset" id="charset">
<table width="100%" border="0" cellspacing="4" cellpadding="4">
<tr>
<td colspan="2" align="left" valign="top"><span class="optiontitle">Charset</span></td>
</tr>
<tr>
<td width="37%" align="left" valign="top">
// Modify list data
if (isset($_POST['editlist'])) {
// check if some fields are empty
if (empty($_POST['name']) || empty($_POST['emailserver']) || empty($_POST['email'])) {
$B->form_error = 'You have fill out all fields!';
} else {
// add new user
$B->tmp_data = array('name' => $B->db->quoteSmart(commonUtil::stripSlashes($_POST['name'])), 'emailserver' => $B->db->quoteSmart(commonUtil::stripSlashes($_POST['emailserver'])), 'email' => $B->db->quoteSmart(commonUtil::stripSlashes($_POST['email'])), 'description' => $B->db->quoteSmart(commonUtil::stripSlashes($_POST['description'])), 'status' => (int) $_POST['status']);
// update list data
if (FALSE !== $B->earchive->update_list((int) $_REQUEST['lid'], $B->tmp_data)) {
@header('Location: index.php?m=EARCHIVE');
exit;
} else {
$B->form_error = 'Error during update. Try again!';
}
}
} else {
// get list data
$B->tmp_fields = array('lid', 'name', 'status', 'email', 'emailserver', 'description');
$B->tpl_data = $B->earchive->get_list((int) $_REQUEST['lid'], $B->tmp_fields);
unset($B->tmp_fields);
}
// if error restore the form fields values
if (!empty($B->form_error)) {
// if empty assign form field with old values
$B->tpl_data['name'] = commonUtil::stripSlashes($_POST['name']);
$B->tpl_data['emailserver'] = commonUtil::stripSlashes($_POST['emailserver']);
$B->tpl_data['email'] = commonUtil::stripSlashes($_POST['email']);
$B->tpl_data['description'] = commonUtil::stripSlashes($_POST['description']);
$B->tpl_data['status'] = $_POST['status'];
}
/**
* reset the form fields with old user data
*
* @access privat
*/
function _reset_old_fields_data()
{
// if empty assign form field with old values
$this->B->form_email = commonUtil::stripSlashes($_POST['email']);
$this->B->form_login = commonUtil::stripSlashes($_POST['login']);
$this->B->form_passwd = commonUtil::stripSlashes($_POST['passwd']);
}
/**
* Update main options
*
* @access privat
*/
function _update_main_options()
{
// init var - used if a config value has been modified
$this->B->_modified = FALSE;
// Empty public web cache
if (isset($_POST['cleancache'])) {
include_once SF_BASE_DIR . '/admin/modules/user/PEAR/Cache/Lite.php';
$options = array('cacheDir' => SF_BASE_DIR . '/admin/tmp/cache/');
$this->B->_cache =& new Cache_Lite($options);
$this->B->_cache->clean();
unset($this->B->_cache);
} elseif (isset($_POST['update_main_options_email'])) {
$this->B->sys['option']['email'] = $_POST['site_email'];
$this->B->_modified = TRUE;
} elseif (isset($_POST['update_main_options_title'])) {
$this->B->sys['option']['site_title'] = htmlspecialchars(commonUtil::stripSlashes($_POST['site_title']), ENT_QUOTES);
$this->B->sys['option']['site_desc'] = htmlspecialchars(commonUtil::stripSlashes($_POST['site_desc']), ENT_QUOTES);
$this->B->_modified = TRUE;
} elseif (isset($_POST['update_main_options_charset'])) {
$this->B->sys['option']['charset'] = $_POST['charset'];
$this->B->_modified = TRUE;
} elseif (isset($_POST['update_main_options_tpl'])) {
$this->B->sys['option']['tpl'] = $_POST['tplgroup'];
$this->B->_modified = TRUE;
}
}
function stripSlashes_special($var)
{
$var = commonUtil::stripSlashes($var);
return preg_replace("/\\\\/", "", $var);
}
$B->form_rights = '';
$B->form_status = '';
// Check if some form fields are empty
if (empty($_POST['forename']) || empty($_POST['lastname']) || empty($_POST['email']) || empty($_POST['login']) || empty($_POST['passwd'])) {
// if empty assign form field with old values
$B->form_forename = htmlspecialchars(commonUtil::stripSlashes($_POST['forename']));
$B->form_lastname = htmlspecialchars(commonUtil::stripSlashes($_POST['lastname']));
$B->form_email = htmlspecialchars(commonUtil::stripSlashes($_POST['email']));
$B->form_login = htmlspecialchars(commonUtil::stripSlashes($_POST['login']));
$B->form_passwd = htmlspecialchars(commonUtil::stripSlashes($_POST['passwd']));
$B->form_rights = $_POST['rights'];
$B->form_status = $_POST['status'];
$B->form_error = 'You have fill out all fields!';
} else {
// add new user
$B->tmp_data = array('forename' => $B->db->quoteSmart(commonUtil::stripSlashes($_POST['forename'])), 'lastname' => $B->db->quoteSmart(commonUtil::stripSlashes($_POST['lastname'])), 'email' => $B->db->quoteSmart(commonUtil::stripSlashes($_POST['email'])), 'login' => $B->db->quoteSmart(commonUtil::stripSlashes($_POST['login'])), 'passwd' => $B->db->quoteSmart(md5($_POST['passwd'])), 'rights' => (int) $_POST['rights'], 'status' => (int) $_POST['status']);
if (FALSE !== $B->user->add_user($B->tmp_data)) {
@header('Location: ' . SF_BASE_LOCATION . '/admin/index.php?m=USER');
exit;
} else {
// on error during add user
$B->form_forename = htmlspecialchars(commonUtil::stripSlashes($_POST['forename']));
$B->form_lastname = htmlspecialchars(commonUtil::stripSlashes($_POST['lastname']));
$B->form_email = htmlspecialchars(commonUtil::stripSlashes($_POST['email']));
$B->form_login = htmlspecialchars(commonUtil::stripSlashes($_POST['login']));
$B->form_passwd = htmlspecialchars(commonUtil::stripSlashes($_POST['passwd']));
$B->form_rights = $_POST['rights'];
$B->form_status = $_POST['status'];
$B->form_error = 'This login exist. Chose an other one!';
}
}
@unlink($path . '/' . $file['file']);
$B->earchive->delete_attach_db_entry($aid);
}
}
// update message data
if (FALSE !== $B->earchive->update_message((int) $_REQUEST['mid'], $B->tmp_data)) {
@header('Location: index.php?m=EARCHIVE&mf=show_mess&lid=' . (int) $_REQUEST["lid"] . '&pageID=' . (int) $_REQUEST["pageID"]);
exit;
} else {
$B->form_error = 'Error during update. Try again!';
}
}
} else {
// get list data
$B->tmp_fields = array('mid', 'lid', 'subject', 'sender', 'body', 'folder');
$B->tpl_data = $B->earchive->get_message((int) $_REQUEST['mid'], $B->tmp_fields);
unset($B->tmp_fields);
// get list data
$B->tmp_fields = array('aid', 'file', 'size', 'type');
$B->tpl_attach = $B->earchive->get_message_attach((int) $_REQUEST['mid'], $B->tmp_fields);
unset($B->tmp_fields);
}
// if error restore the form fields values
if (!empty($B->form_error)) {
// if empty assign form field with old values
$B->tpl_data['subject'] = commonUtil::stripSlashes($_POST['subject']);
$B->tpl_data['body'] = commonUtil::stripSlashes($_POST['body']);
$B->tpl_data['mid'] = $_POST['mid'];
$B->tpl_data['lid'] = $_POST['lid'];
$B->tpl_data['pageID'] = $_POST['pageID'];
}
