Цитата (Alexander @ 2011-01-23, 4:38)
peter, приведите, пожалуйста, выдержки из этого самого кода
Скачал с мид тиам(от нуллид вс) свежую версию(вышла неделю назад):
К примеру первый попавшийся файл:
<?php
/*
=====================================================
DataLife Engine - by SoftNews Media Group
-----------------------------------------------------
Autor email: nick-on@mail.ru icq: 333396679
-----------------------------------------------------
Copyright (c) 2004,2011
=====================================================
Файл: editvote.php
-----------------------------------------------------
Назначение: Список опросов, Управление опросами
=====================================================
*/
if( !defined( 'DATALIFEENGINE' ) OR !defined( 'LOGGED_IN' ) ) {
die( "Hacking attempt!" );
}
if( ! $user_group[$member_id['user_group']]['admin_editvote'] ) {
msg( "error", $lang['index_denied'], $lang['index_denied'] );
}
if( isset( $_REQUEST['id'] ) ) $id = intval( $_REQUEST['id'] ); else $id = "";
if( $_GET['action'] == "delete" ) {
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
die( "Hacking attempt! User not found" );
}
$db->query( "DELETE FROM " . PREFIX . "_vote WHERE id='$id'" );
$db->query( "DELETE FROM " . PREFIX . "_vote_result WHERE vote_id='$id'" );
@unlink( ENGINE_DIR . '/cache/system/vote.php' );
msg( "info", $lang['vote_str_2'], $lang['vote_str_2'], "?mod=editvote" );
}
if( $_GET['action'] == "clear" ) {
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
die( "Hacking attempt! User not found" );
}
$db->query( "UPDATE " . PREFIX . "_vote set vote_num='0' WHERE id='$id'" );
$db->query( "DELETE FROM " . PREFIX . "_vote_result WHERE vote_id='$id'" );
@unlink( ENGINE_DIR . '/cache/system/vote.php' );
msg( "info", $lang['vote_clear3'], $lang['vote_clear3'], "?mod=editvote" );
}
if( $_GET['action'] == "off" ) {
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
die( "Hacking attempt! User not found" );
}
$db->query( "UPDATE " . PREFIX . "_vote set approve='0' WHERE id='$id'" );
@unlink( ENGINE_DIR . '/cache/system/vote.php' );
}
if( $_GET['action'] == "on" ) {
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
die( "Hacking attempt! User not found" );
}
$db->query( "UPDATE " . PREFIX . "_vote set approve='1' WHERE id='$id'" );
@unlink( ENGINE_DIR . '/cache/system/vote.php' );
}
if( $_GET['action'] == "views" AND $_GET['id']) {
$id = intval ($_GET['id']);
$row = $db->super_query( "SELECT id, title, category, body, vote_num FROM " . PREFIX . "_vote WHERE id='$id'" );
$title = stripslashes( $row['title'] );
$body = stripslashes( $row['body'] );
$body = explode( "<br />", $body );
$max = $row['vote_num'];
$db->query( "SELECT answer, count(*) as count FROM " . PREFIX . "_vote_result WHERE vote_id='$id' GROUP BY answer" );
$pn = 0;
$entry = "";
$answer = array ();
while ( $row = $db->get_row() ) {
$answer[$row['answer']]['count'] = $row['count'];
}
$db->free();
for($i = 0; $i < sizeof( $body ); $i ++) {
++ $pn;
if( $pn > 5 ) $pn = 1;
$num = $answer[$i]['count'];
if( ! $num ) $num = 0;
if( $max != 0 ) $proc = (100 * $num) / $max;
else $proc = 0;
$proc = round( $proc, 2 );
$entry .= "<div class=\"vote\" align=\"left\">$body[$i] - $num ($proc%)</div>
<div class=\"vote\" align=\"left\">
<img src=\"" . $config['http_home_url'] . "templates/" . $config['skin'] . "/dleimages/poll{$pn}.gif\" height=\"10\" width=\"".intval($proc)."%\" style=\"border:1px solid black\">
</div>\n";
}
if ( !$title ) $entry = $lang['vote_notfound'];
$entry = "<div style=\"width:500px;\">$entry</div>";
echoheader( "", "" );
echo <<<HTML
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
<tr>
<td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['vote_result']} {$title}</div></td>
</tr>
</table>
<div class="unterline"></div>
<table width="100%">
<tr>
<td style="padding:2px;">
<div id="main_box" align="center"><br />{$entry}<br /><br />{$lang['vote_count']} {$max}<br /><br />
<input id = "next_button" onclick="history.go(-1); return false;" class="buttons" style="width:150px;" ENGINE="button" value="{$lang['func_msg']}">
</div>
</td>
</tr>
</table>
</td>
<td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div>
HTML;
echofooter();
} else {
echoheader( "vote", $lang[editvote] );
// ********************************************************************************
// Список голосований
// ********************************************************************************
echo "
<script language=\"javascript\">
<!-- begin
function confirmdelete(id){
DLEconfirm( '{$lang['vote_confirm']}', '{$lang['p_confirm']}', function () {
document.location=\"?mod=editvote&action=delete&user_hash={$dle_login_hash}&id=\"+id;
} );
}
function confirmclear(id){
DLEconfirm( '{$lang['vote_clear']}', '{$lang['p_confirm']}', function () {
document.location=\"?mod=editvote&action=clear&user_hash={$dle_login_hash}&id=\"+id;
} );
}
// end -->
</script>";
/* Vote List */
$db->query( "SELECT * FROM " . PREFIX . "_vote ORDER BY id DESC" );
$entries = "";
while ( $row = $db->get_row() ) {
$item_id = $row['id'];
$item_date = date( "d.m.Y", strtotime( $row['date'] ) );
$title = htmlspecialchars( stripslashes( $row['title'] ) );
if ( $row['start'] ) $start_date = date( "d.m.Y H:i", $row['start'] ); else $start_date = "--";
if ( $row['end'] ) $end_date = date( "d.m.Y H:i", $row['end'] ); else $end_date = "--";
if( dle_strlen( $title, $config['charset'] ) > 74 ) {
$title = dle_substr( $title, 0, 70, $config['charset'] ) . " ...";
}
$item_num = $row['vote_num'];
if( empty( $row['category'] ) ) {
$item_category = "<center>--</center>";
} elseif( $row['category'] == "all" ) {
$item_category = $lang['edit_all'];
} else {
$item_category = $cat[$row['category']];
}
;
if( $row['approve'] ) {
$status = "led_green.gif";
$lang['led_title'] = $lang['led_on_title'];
$led_action = "off";
} else {
$status = "led_gray.gif";
$lang['led_title'] = $lang['led_off_title'];
$led_action = "on";
}
$entries .= "
<tr>
<td height=22 class=\"list\">
$item_date - <a title='$lang[word_ledit]' href=\"$PHP_SELF?mod=addvote&action=edit&id=$item_id\">{$title}</td>
<td class=\"list\" align=\"center\">{$start_date}</td>
<td class=\"list\" align=\"center\">{$end_date}</td>
<td class=\"list\" align=\"center\"><img src=\"engine/skins/images/" . $status . "\" title=\"" . $lang['led_title'] . "\" border=\"0\"></td>
<td class=\"list\" align=\"center\">{$row['vote_num']}</td>
<td class=\"list\" align=\"center\">{$item_category}</td>
<td class=\"list\" align=\"center\"><a onClick=\"return dropdownmenu(this, event, MenuBuild('" . $item_id . "', '" . $led_action . "'), '170px')\" href=\"#\"><img src=\"engine/skins/images/browser_action.gif\" border=\"0\"></a></td>
</tr>
<tr><td background=\"engine/skins/images/mline.gif\" height=1 colspan=7></td></tr>";
}
$db->free();
if( empty( $entries ) ) {
$entries = "<tr><td colspan=7 align=center height=40>" . $lang['vote_nodata'] . "</td></tr>";
}
echo <<<HTML
<script language="javascript" type="text/javascript">
<!--
function MenuBuild( m_id , led_action){
var menu=new Array()
var lang_action = "";
if (led_action == 'off') { lang_action = "{$lang['vote_aus']}"; } else { lang_action = "{$lang['vote_ein']}"; }
menu[0]='<a onClick="document.location=\'?mod=editvote&action=views&id=' + m_id + '\'; return(false)" href="#">{$lang['vote_view']}</a>';
menu[1]='<a onClick="document.location=\'?mod=editvote&action=' + led_action + '&user_hash={$dle_login_hash}&id=' + m_id + '\'; return(false)" href="#">' + lang_action + '</a>';
menu[2]='<a onClick="javascript:confirmclear(' + m_id + '); return(false)" href="#">{$lang['vote_clear2']}</a>';
menu[3]='<a onClick="javascript:confirmdelete(' + m_id + '); return(false)" href="#">{$lang['cat_del']}</a>';
return menu;
}
//-->
</script>
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
<tr>
<td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['opt_votec']}</div></td>
</tr>
</table>
<div class="unterline"></div>
<table width="100%">
<tr>
<td> {$lang['edit_title']}</td>
<td width=110 align="center">{$lang['vote_startinfo']}</td>
<td width=110 align="center">{$lang['vote_endinfo']}</td>
<td width=50 align="center">{$lang['led_status']}</td>
<td width=60 align="center">{$lang['vote_count']}</td>
<td width=150 align="center">{$lang['edit_cl']}</td>
<td width=80 align="center">{$lang[vote_action]}</td>
</tr>
<tr><td colspan="7"><div class="hr_line"></div></td></tr>
{$entries}
<tr><td colspan="7"><div class="hr_line"></div></td></tr>
<tr><td colspan="7"><a href="?mod=addvote"><input onclick="document.location='?mod=addvote'" type="button" class="buttons" value=" {$lang['poll_new']} "></a></td></tr>
</table>
</td>
<td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div>
HTML;
echofooter();
}
?>
Добавлено через 3 минут, 29 секунд:Можно было все настройки сайта и языковую конфигурацию вынести в константы(дефайны) - нет вынесли в массив. Теперь они не смогут сменить, т.к. например массив $lang употреблен в системе думаю около 5000 раз - не считая модули.
Добавлено через 7 минут, 22 секунд:rss.php:
<?php
/*
=====================================================
DataLife Engine - by SoftNews Media Group
-----------------------------------------------------
http://dle-news.ru/
-----------------------------------------------------
Copyright (c) 2004,2011 SoftNews Media Group
=====================================================
Данный код защищен авторскими правами
=====================================================
Файл: rss.php
-----------------------------------------------------
Назначение: Управление RSS каналами
=====================================================
*/
if( !defined( 'DATALIFEENGINE' ) OR !defined( 'LOGGED_IN' ) ) {
die( "Hacking attempt!" );
}
if( ! $user_group[$member_id['user_group']]['admin_rss'] ) {
msg( "error", $lang['index_denied'], $lang['index_denied'] );
}
if( isset( $_REQUEST['id'] ) ) $id = intval( $_REQUEST['id'] ); else $id = "";
if( $_GET['subaction'] == "clear" ) {
$lastdate = intval( $_GET['lastdate'] );
if( $id and $lastdate ) $db->query( "UPDATE " . PREFIX . "_rss SET lastdate='$lastdate' WHERE id='$id'" );
}
if( $_REQUEST['action'] == "addnews" ) {
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
die( "Hacking attempt! User not found" );
}
include_once ENGINE_DIR . '/classes/parse.class.php';
$parse = new ParseFilter( Array (), Array (), 1, 1 );
$allow_comm = intval( $_POST['allow_comm'] );
$allow_main = intval( $_POST['allow_main'] );
$allow_rating = intval( $_POST['allow_rating'] );
$news_fixed = 0;
$allow_br = intval( $_POST['text_type'] );
$lastdate = intval( $_POST['lastdate'] );
if( count( $_POST['content'] ) ) {
foreach ( $_POST['content'] as $content ) {
$approve = intval( $content['approve'] );
if( ! count( $content['category'] ) ) {
$content['category'] = array ();
$content['category'][] = '0';
}
$category_list = array();
foreach ( $content['category'] as $value ) {
$category_list[] = intval($value);
}
$category_list = $db->safesql( implode( ',', $category_list ) );
$full_story = $parse->process( $content['full'] );
$short_story = $parse->process( $content['short'] );
$title = $parse->process( $content['title'] );
$_POST['title'] = $title;
$alt_name = totranslit( stripslashes( $title ) );
$title = $db->safesql( $parse->process( $title ) );
if( ! $allow_br ) {
$full_story = $db->safesql( $parse->BB_Parse( $full_story ) );
$short_story = $db->safesql( $parse->BB_Parse( $short_story ) );
} else {
$full_story = $db->safesql( $parse->BB_Parse( $full_story, false ) );
$short_story = $db->safesql( $parse->BB_Parse( $short_story, false ) );
}
$metatags = create_metatags( $short_story . $full_story );
$thistime = date( "Y-m-d H:i:s", strtotime( $content['date'] ) );
if( trim( $title ) == "" ) {
msg( "error", $lang['addnews_error'], $lang['addnews_ertitle'], "javascript:history.go(-1)" );
}
if( trim( $short_story ) == "" ) {
msg( "error", $lang['addnews_error'], $lang['addnews_erstory'], "javascript:history.go(-1)" );
}
$db->query( "INSERT INTO " . PREFIX . "_post (date, autor, short_story, full_story, xfields, title, descr, keywords, category, alt_name, allow_comm, approve, allow_main, allow_rate, allow_br, votes, flag) values ('$thistime', '{$member_id['name']}', '$short_story', '$full_story', '', '$title', '{$metatags['description']}', '{$metatags['keywords']}', '$category_list', '$alt_name', '$allow_comm', '$approve', '$allow_main', '$allow_rating', '$allow_br', '0', '1')" );
$db->query( "UPDATE " . USERPREFIX . "_users set news_num=news_num+1 where user_id='{$member_id['user_id']}'" );
}
if( $id and $lastdate ) $db->query( "UPDATE " . PREFIX . "_rss SET lastdate='$lastdate' WHERE id='$id'" );
clear_cache();
msg( "info", $lang['addnews_ok'], $lang['rss_added'], "$PHP_SELF?mod=rss" );
}
msg( "error", $lang['addnews_error'], $lang['rss_notadded'], "$PHP_SELF?mod=rss" );
} elseif( $_REQUEST['action'] == "news" and $id ) {
include_once ENGINE_DIR . '/classes/rss.class.php';
include_once ENGINE_DIR . '/classes/parse.class.php';
$parse = new ParseFilter( Array (), Array (), 1, 1 );
$parse->leech_mode = true;
$rss = $db->super_query( "SELECT * FROM " . PREFIX . "_rss WHERE id='$id'" );
$xml = new xmlParser( stripslashes( $rss['url'] ), $rss['max_news'] );
if( $xml->rss_option == "UTF-8" ) $xml->convert( "UTF-8", strtolower( $config['charset'] ) );
elseif( $xml->rss_charset != strtolower( $config['charset'] ) ) $xml->convert( $xml->rss_charset, strtolower( $config['charset'] ) );
$xml->pre_lastdate = $rss['lastdate'];
$xml->pre_parse( $rss['date'] );
$i = 0;
foreach ( $xml->content as $content ) {
if( $rss['text_type'] ) {
$xml->content[$i]['title'] = $parse->decodeBBCodes( $xml->content[$i]['title'], false );
$xml->content[$i]['description'] = $parse->decodeBBCodes( $xml->content[$i]['description'], false );
$xml->content[$i]['date'] = date( "Y-m-d H:i:s", $xml->content[$i]['date'] );
} else {
$xml->content[$i]['title'] = $parse->decodeBBCodes( $xml->content[$i]['title'], false );
$xml->content[$i]['description'] = $parse->decodeBBCodes( $xml->content[$i]['description'], true, "yes" );
$xml->content[$i]['date'] = date( "Y-m-d H:i:s", $xml->content[$i]['date'] );
}
$i ++;
}
$js_array[] = "engine/skins/calendar.js";
echoheader( "", "" );
echo <<<HTML
<!-- calendar stylesheet -->
<link rel="stylesheet" type="text/css" media="all" href="engine/skins/calendar-blue.css" title="win2k-cold-1" />
<script language="javascript" type="text/javascript">
function doFull( link, news_id, rss_id )
{
ShowLoading('');
$.post('engine/ajax/rss.php', { link: link, news_id: news_id, rss_id: rss_id, rss_charset: "{$xml->rss_charset}" }, function(data){
HideLoading('');
$('#cfull'+ news_id).html(data);
});
return false;
}
function RemoveTable( nummer ) {
DLEconfirm( '{$lang['edit_cdel']}', '{$lang['p_confirm']}', function () {
document.getElementById('ContentTable' + nummer).innerHTML = '';
} );
}
function preview( id )
{
dd=window.open('','prv','height=400,width=750,resizable=1,scrollbars=1');
document.addnews.target='prv';
document.addnews.title.value = document.getElementById('title_' + id).value;
document.addnews.short_story.value = document.getElementById('short_' + id).value;
if (document.getElementById('full_' + id)) {
document.addnews.full_story.value = document.getElementById('full_' + id).value;
} else {
document.addnews.full_story.value = "";
}
document.addnews.submit();
}
</script>
<form method=post name="addnewsrss" action="?mod=rss&action=addnews">
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
<tr>
<td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$rss['url']}</div></td>
</tr>
</table>
<div class="unterline"></div>
HTML;
$i = 0;
$categories_list = CategoryNewsSelection( $rss['category'], 0 );
if( count( $xml->content ) ) {
foreach ( $xml->content as $content ) {
echo '<span id="ContentTable' . $i . '"><table width="100%"><tr><td height="20" style="padding: 5px;" colspan="2">
<b><a onClick="RemoveTable(' . $i . '); return false;" href="#" ><img src="engine/skins/images/delete.png" style="vertical-align: middle;border: none;" /></a> <a class="main" href="javascript:ShowOrHide(\'cp' . $i . '\',\'cc' . $i . '\')" >' . $content['title'] . '</a></td>
</tr>
<tr id=\'cp' . $i . '\' style=\'display:none\'>
<td width=200 valign="top" style="padding: 5px"><input class="edit bk" type="text" size="55" id="title_' . $i . '" name="content[' . $i . '][title]" value="' . $content['title'] . '"><br />
<br /><input type="text" name="content[' . $i . '][date]" id="f_date_c' . $i . '" size="20" class="edit bk" value="' . $content['date'] . '">
<img src="engine/skins/images/img.gif" align="absmiddle" id="f_trigger_c' . $i . '" style="cursor: pointer; border: 0" title="' . $lang['edit_ecal'] . '"/>
<script type="text/javascript">
Calendar.setup({
inputField : "f_date_c' . $i . '", // id of the input field
ifFormat : "%Y-%m-%d %H:%M", // format of the input field
button : "f_trigger_c' . $i . '", // trigger for the calendar (button ID)
align : "Br", // alignment
timeFormat : "24",
showsTime : true,
singleClick : true
});
</script></td>
<td valign="top" style="padding: 5px"><select name="content[' . $i . '][category][]" id="category" class="cat_select" multiple>
' . $categories_list . '</select></td>
</tr>
<tr id=\'cc' . $i . '\' style=\'display:none\'>
<td colspan="2">
<textarea class="bk" style="width:98%;height:200px;" id="short_' . $i . '" name="content[' . $i . '][short]">' . $content['description'] . '</textarea>
<div id="cfull' . $i . '">' . htmlspecialchars( $content['link'] ) . '</div>
<input type="checkbox" name="content[' . $i . '][approve]" value="1" checked>' . $lang['addnews_mod'] . '<br />
<br /><input onClick="doFull(\'' . urlencode( rtrim( $content['link'] ) ) . '\', \'' . $i . '\', \'' . $rss['id'] . '\')" type="button" class="buttons" value=" ' . $lang['rss_dofull'] . ' "> <input onClick="preview(' . $i . ')" type="button" class="buttons" value=" ' . $lang['btn_preview'] . ' "> <input onClick="RemoveTable(' . $i . '); return false;" type="button" class="buttons" value=" ' . $lang['edit_dnews'] . ' "><br /><br />
</tr><tr><td background="engine/skins/images/mline.gif" height="1" colspan="2"></td></tr></table></span>';
$i ++;
}
echo <<<HTML
<br /> <input type="submit" value=" {$lang['rss_addnews']} " class="buttons">
<a href="?mod=rss&action=news&subaction=clear&id={$id}&lastdate={$xml->lastdate}"><input onclick="document.location='?mod=rss&action=news&subaction=clear&id={$id}&lastdate={$xml->lastdate}'" type="button" value=" {$lang['rss_clear']} " class="buttons"></a>
<input type=hidden name="allow_main" value="{$rss['allow_main']}">
<input type=hidden name="allow_rating" value="{$rss['allow_rating']}">
<input type=hidden name="allow_comm" value="{$rss['allow_comm']}">
<input type=hidden name="lastdate" value="{$xml->lastdate}">
<input type=hidden name="id" value="{$id}">
<input type="hidden" name="user_hash" value="$dle_login_hash" />
<input type=hidden name="text_type" value="{$rss['text_type']}">
HTML;
} else {
echo "<div style=\"padding:10px;\" align=\"center\">" . $lang['rss_no_rss'] . "<br /><br><a class=main href=\"?mod=rss\">{$lang['func_msg']}</a></div>";
}
echo <<<HTML
</td>
<td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div></form>
<form method=post name="addnews" id="addnews">
<input type=hidden name="mod" value="preview">
<input type=hidden name="title" value="">
<input type=hidden name="short_story" value="">
<input type=hidden name="full_story" value="">
<input type=hidden name="allow_br" value="{$rss['text_type']}">
</form>
HTML;
echofooter();
} elseif( $_REQUEST['action'] == "doadd" or $_REQUEST['action'] == "doedit" ) {
$url = $db->safesql( trim( $_REQUEST['rss_url'] ) );
$description = $db->safesql( trim( $_REQUEST['rss_descr'] ) );
$max_news = intval( $_REQUEST['rss_maxnews'] );
$allow_main = intval( $_REQUEST['allow_main'] );
$allow_rating = intval( $_REQUEST['allow_rating'] );
$allow_comm = intval( $_REQUEST['allow_comm'] );
$text_type = intval( $_REQUEST['text_type'] );
$date = intval( $_REQUEST['rss_date'] );
$category = intval( $_REQUEST['category'] );
$search = $db->safesql( trim( $_REQUEST['rss_search'] ) );
$cookies = $db->safesql( trim( $_REQUEST['rss_cookie'] ) );
if( $url == "" ) msg( "error", $lang['addnews_error'], $lang['rss_err1'], "javascript:history.go(-1)" );
if( $_REQUEST['action'] == "doadd" ) {
$db->query( "INSERT INTO " . PREFIX . "_rss (url, description, allow_main, allow_rating, allow_comm, text_type, date, search, max_news, cookie, category) values ('$url', '$description', '$allow_main', '$allow_rating', '$allow_comm', '$text_type', '$date', '$search', '$max_news', '$cookies', '$category')" );
msg( "info", $lang['all_info'], $lang['rss_ok1'], "$PHP_SELF?mod=rss" );
} else {
$db->query( "UPDATE " . PREFIX . "_rss set url='$url', description='$description', allow_main='$allow_main', allow_rating='$allow_rating', allow_comm='$allow_comm', text_type='$text_type', date='$date', search='$search', max_news='$max_news', cookie='$cookies', category='$category', lastdate='' WHERE id='{$id}'" );
msg( "info", $lang['all_info'], $lang['rss_ok2'], "$PHP_SELF?mod=rss" );
}
} elseif( $_REQUEST['action'] == "add" or $_REQUEST['action'] == "edit" ) {
function makeDropDown($options, $name, $selected) {
$output = "<select name=\"$name\">\r\n";
foreach ( $options as $value => $description ) {
$output .= "<option value=\"$value\"";
if( $selected == $value ) {
$output .= " selected ";
}
$output .= ">$description</option>\n";
}
$output .= "</select>";
return $output;
}
echoheader( "", "" );
if( $action == "add" ) {
$rss_date = makeDropDown( array ("1" => $lang['rss_date_1'], "0" => $lang['rss_date_2'] ), "rss_date", "1" );
$text_type = makeDropDown( array ("1" => "BBCODES", "0" => "HTML" ), "text_type", "1" );
$allow_main = makeDropDown( array ("1" => $lang['opt_sys_yes'], "0" => $lang['opt_sys_no'] ), "allow_main", "1" );
$allow_rating = makeDropDown( array ("1" => $lang['opt_sys_yes'], "0" => $lang['opt_sys_no'] ), "allow_rating", "1" );
$allow_comm = makeDropDown( array ("1" => $lang['opt_sys_yes'], "0" => $lang['opt_sys_no'] ), "allow_comm", "1" );
$rss_search_value = "<html>{get}</html>";
$rss_maxnews_value = 5;
$categories_list = CategoryNewsSelection( 0, 0 );
$rss_info = $lang['rss_new'];
$submit_value = $lang['rss_new'];
$form_action = "$PHP_SELF?mod=rss&action=doadd";
} else {
$row = $db->super_query( "SELECT * FROM " . PREFIX . "_rss WHERE id='$id'" );
$rss_date = makeDropDown( array ("1" => $lang['rss_date_1'], "0" => $lang['rss_date_2'] ), "rss_date", $row['date'] );
$text_type = makeDropDown( array ("1" => "BBCODES", "0" => "HTML" ), "text_type", $row['text_type'] );
$allow_main = makeDropDown( array ("1" => $lang['opt_sys_yes'], "0" => $lang['opt_sys_no'] ), "allow_main", $row['allow_main'] );
$allow_rating = makeDropDown( array ("1" => $lang['opt_sys_yes'], "0" => $lang['opt_sys_no'] ), "allow_rating", $row['allow_rating'] );
$allow_comm = makeDropDown( array ("1" => $lang['opt_sys_yes'], "0" => $lang['opt_sys_no'] ), "allow_comm", $row['allow_comm'] );
$rss_search_value = htmlspecialchars( stripslashes( $row['search'] ) );
$rss_maxnews_value = $row['max_news'];
$categories_list = CategoryNewsSelection( $row['category'], 0 );
$rss_info = $row['url'];
$submit_value = $lang['user_save'];
$rss_url_value = htmlspecialchars( stripslashes( $row['url'] ) );
$rss_descr_value = htmlspecialchars( stripslashes( $row['description'] ) );
$rss_cookie_value = htmlspecialchars( stripslashes( $row['cookie'] ) );
$form_action = "$PHP_SELF?mod=rss&action=doedit&id=" . $id;
}
echo <<<HTML
<form action="{$form_action}" method="post">
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
<tr>
<td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$rss_info}</div></td>
</tr>
</table>
<div class="unterline"></div>
<table width="100%">
<tr>
<td width="240" style="padding:4px;">{$lang['rss_url']}</td>
<td style="padding-top:2px;padding-bottom:2px;"><input class="edit bk" type="text" size="25" name="rss_url" value="{$rss_url_value}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[rss_hurl]}', this, event, '220px')">[?]</a></td>
</tr>
<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
<tr>
<td style="padding:4px;">{$lang['rss_descr']}</td>
<td style="padding-top:2px;padding-bottom:2px;"><input class="edit bk" type="text" size="55" name="rss_descr" value="{$rss_descr_value}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[rss_hdescr]}', this, event, '220px')">[?]</a></td>
</tr>
<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
<tr>
<td style="padding:4px;">{$lang['rss_maxnews']}</td>
<td style="padding-top:2px;padding-bottom:2px;"><input class="edit bk" type="text" size="5" name="rss_maxnews" value="{$rss_maxnews_value}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[rss_hmaxnews]}', this, event, '220px')">[?]</a></td>
</tr>
<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
<tr>
<td style="padding:4px;">{$lang['xfield_xcat']}</td>
<td style="padding-top:2px;padding-bottom:2px;"><select name="category">
{$categories_list}
</select></td>
</tr>
<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
<tr>
<td style="padding:4px;">{$lang['rss_date']}</td>
<td style="padding-top:2px;padding-bottom:2px;">{$rss_date}</td>
</tr>
<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
<tr>
<td style="padding:4px;">{$lang['rss_main']}</td>
<td style="padding-top:2px;padding-bottom:2px;">{$allow_main}</td>
</tr>
<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
<tr>
<td style="padding:4px;">{$lang['rss_rating']}</td>
<td style="padding-top:2px;padding-bottom:2px;">{$allow_rating}</td>
</tr>
<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
<tr>
<td style="padding:4px;">{$lang['rss_comm']}</td>
<td style="padding-top:2px;padding-bottom:2px;">{$allow_comm}</td>
</tr>
<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
<tr>
<td style="padding:4px;">{$lang['rss_text_type']}</td>
<td style="padding-top:2px;padding-bottom:2px;">{$text_type}</td>
</tr>
<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
<tr>
<td style="padding:4px;">{$lang['rss_search']}</td>
<td style="padding-top:2px;padding-bottom:2px;"><textarea cols="50" rows="5" class="edit" name="rss_search">{$rss_search_value}</textarea><a href="#" class="hintanchor" onMouseover="showhint('{$lang[rss_hsearch]}', this, event, '300px')">[?]</a></td>
</tr>
<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
<tr>
<td style="padding:4px;">{$lang['rss_cookie']}</td>
<td style="padding-top:2px;padding-bottom:2px;"><textarea cols="50" rows="5" class="edit" name="rss_cookie">{$rss_cookie_value}</textarea><a href="#" class="hintanchor" onMouseover="showhint('{$lang[rss_hcookie]}', this, event, '300px')">[?]</a></td>
</tr>
<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
<tr>
<td style="padding:4px;"><input class="bbcodes" type="submit" value=" $submit_value "></td>
<td> </td>
</tr>
</table>
</td>
<td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div>
HTML;
echofooter();
} else {
if( $_REQUEST['action'] == "del" and $id ) {
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
die( "Hacking attempt! User not found" );
}
$db->query( "DELETE FROM " . PREFIX . "_rss WHERE id = '$id'" );
}
echoheader( "", "" );
$db->query( "SELECT id, url, description FROM " . PREFIX . "_rss ORDER BY id DESC" );
while ( $row = $db->get_row() ) {
$row['description'] = stripslashes( $row['description'] );
$entries .= "
<tr>
<td height=22 class=\"list\"> <b>{$row['id']}</b></td>
<td class=\"list\">{$row['url']}</td>
<td class=\"list\">{$row['description']}</td>
<td class=\"list\" align=\"center\"><a onClick=\"return dropdownmenu(this, event, MenuBuild('" . $row['id'] . "'), '150px')\" href=\"#\"><img src=\"engine/skins/images/browser_action.gif\" border=\"0\"></a></td>
</tr>
<tr><td background=\"engine/skins/images/mline.gif\" height=1 colspan=4></td></tr>";
}
$db->free();
echo <<<HTML
<div style="padding-top:5px;padding-bottom:2px;">
<script language="javascript" type="text/javascript">
<!--
function MenuBuild( m_id ){
var menu=new Array()
menu[0]='<a href="?mod=rss&action=news&id=' + m_id + '" >{$lang['rss_news']}</a>';
menu[1]='<a href="?mod=rss&action=edit&id=' + m_id + '" >{$lang['rss_edit']}</a>';
menu[2]='<a href="?mod=rss&action=del&user_hash={$dle_login_hash}&id=' + m_id + '" >{$lang['rss_del']}</a>';
return menu;
}
//-->
</script>
<table width="100%">
<tr>
<td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['rss_list']}</div></td>
</tr>
</table>
<div class="unterline"></div>
<table width="100%">
<tr>
<td style="padding:2px;">
<table width="100%">
<tr>
<td width=50> ID</td>
<td>{$lang['rss_url']}</td>
<td>{$lang['rss_descr']}</td>
<td width=70 align="center"> </td>
</tr>
<tr><td colspan="4"><div class="hr_line"></div></td></tr>
{$entries}
<tr><td colspan="4"><div class="hr_line"></div></td></tr>
<tr><td colspan="4"><a href="?mod=rss&action=add"><input onclick="document.location='?mod=rss&action=add'" type="button" class="buttons" value=" {$lang['rss_new']} "></a></td></tr>
</table>
</td>
</tr>
</table>
</td>
<td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div>
</form>
HTML;
echofooter();
}
?>
htmlspecialchars( stripslashes());
Добавлено через 8 минут, 0 секунд:<?php
if( !defined( 'DATALIFEENGINE' ) ) {
die( "Hacking attempt!" );
}
require_once ROOT_DIR.'/engine/classes/templates.class.php';
$tpl = new dle_template;
$tpl->allow_php_include = false;
$dle_module = "main";
if ($_POST['preview_mode'] == "static" AND $_POST['skin_name'])
{
if (@is_dir(ROOT_DIR.'/templates/'.$_POST['skin_name']))
{
$config['skin'] = $_POST['skin_name'];
}
}
$tpl->dir = ROOT_DIR.'/templates/'.$config['skin'];
$tpl->load_template('preview.css');
echo <<<HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta content="text/html; charset={$config['charset']}" http-equiv=Content-Type>
<style type="text/css">
{$tpl->copy_template}
</style>
</head>
<body>
<script type="text/javascript" src="{$config['http_home_url']}engine/classes/highslide/highslide.js"></script>
<script type="text/javascript">
hs.graphicsDir = '{$config['http_home_url']}engine/classes/highslide/graphics/';
hs.outlineType = 'rounded-white';
hs.numberOfImagesToPreload = 0;
hs.showCredits = false;
</script>
HTML;
$tpl->clear();
echo <<<HTML
<script language="javascript" type="text/javascript">
<!--
function ShowBild(sPicURL) {
window.open('{$config['http_home_url']}engine/modules/imagepreview.php?image='+sPicURL, '', 'resizable=1,HEIGHT=200,WIDTH=200, scrollbars=yes');
};
function ShowOrHide(d1) {
if (d1 != '') DoDiv(d1);
};
function DoDiv(id) {
var item = null;
if (document.getElementById) {
item = document.getElementById(id);
} else if (document.all){
item = document.all[id];
} else if (document.layers){
item = document.layers[id];
}
if (!item) {
}
else if (item.style) {
if (item.style.display == "none"){ item.style.display = ""; }
else {item.style.display = "none"; }
}else{ item.visibility = "show"; }
};
//-->
</script>
HTML;
include_once ENGINE_DIR.'/classes/parse.class.php';
$parse = new ParseFilter(Array(), Array(), 1, 1);
$allow_br = intval( $_POST['allow_br'] );
if ($_POST['preview_mode'] == "static" ) {
if ($member_id['user_group'] != 1 AND $allow_br > 1 ) $allow_br = 1;
if ($allow_br == 2) {
if( function_exists( "get_magic_quotes_gpc" ) && get_magic_quotes_gpc() ) $_POST['template'] = stripslashes( $_POST['template'] );
$template = trim( addslashes( $_POST['template'] ) );
} else {
if ( $config['allow_static_wysiwyg'] == "yes" ) $parse->allow_code = false;
$template = $parse->process( $_POST['template'] );
if( $config['allow_static_wysiwyg'] == "yes" or $allow_br != '1' ) {
$template = $parse->BB_Parse( $template );
} else {
$template = $parse->BB_Parse( $template, false );
}
}
$descr = trim(htmlspecialchars(stripslashes($_POST['description'])));
if ($_GET['page'] == "rules" ) $descr = $lang['rules_edit'];
if ($_POST['allow_template']) {
$dle_module = "static";
if ($_POST['static_tpl'] == "" ) {
if ( @is_file($tpl->dir."/preview.tpl") ) $tpl->load_template('preview.tpl');
else $tpl->load_template('static.tpl');
} else
$tpl->load_template($_POST['static_tpl'].'.tpl');
$tpl->set('[static-preview]', "");
$tpl->set('[/static-preview]', "");
$tpl->set_block("'\\[full-preview\\](.*?)\\[/full-preview\\]'si","");
$tpl->set_block("'\\[short-preview\\](.*?)\\[/short-preview\\]'si","");
$tpl->set('{static}', stripslashes( $template ) );
$tpl->set('{description}', $descr);
$tpl->set('{views}', "0");
$tpl->set('{pages}', "");
$tpl->set('{date}', "--");
$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "", $tpl->copy_template );
$tpl->set('[print-link]',"<a href=#>");
$tpl->set('[/print-link]',"</a>");
$tpl->copy_template = "<fieldset style=\"border-style:solid; border-width:1; border-color:black;\"><legend> <span style=\"font-size: 10px; font-family: Verdana\">{$lang['preview_static']}</span> </legend>".$tpl->copy_template."</fieldset>";
$tpl->compile('template');
$tpl->result['template'] = preg_replace( "'\[hide\](.*?)\[/hide\]'si", "\\1", $tpl->result['template']);
$tpl->result['template'] = str_replace ( '{THEME}', $config['http_home_url'] . 'templates/' . $config['skin'], $tpl->result['template'] );
echo $tpl->result['template'];
} else {
echo "<fieldset style=\"border-style:solid; border-width:1; border-color:black;\"><legend> <span style=\"font-size: 10px; font-family: Verdana\">{$lang['preview_static']}</span> </legend>".$template."</fieldset>";
}
} else {
$title = stripslashes($parse->process($_POST['title']));
if ( $config['allow_admin_wysiwyg'] == "yes" ) $parse->allow_code = false;
$full_story = $parse->process($_POST['full_story']);
$short_story = $parse->process($_POST['short_story']);
if ($config['allow_admin_wysiwyg'] == "yes" OR $allow_br != '1'){
$full_story = $parse->BB_Parse($full_story);
$short_story = $parse->BB_Parse($short_story);
} else {
$full_story = $parse->BB_Parse($full_story, false);
$short_story = $parse->BB_Parse($short_story, false);
}
if (!count($category)) { $my_cat = "---"; $my_cat_link = "---";} else {
$my_cat = array (); $my_cat_link = array ();
foreach ($category as $element) {
if ($element) { $my_cat[] = $cat[$element];
$my_cat_link[] = "<a href=\"#\">{$cat[$element]}</a>";
}
}
$my_cat = stripslashes(implode (', ', $my_cat));
$my_cat_link = stripslashes(implode (', ', $my_cat_link));
}
$dle_module = "main";
if ( @is_file($tpl->dir."/preview.tpl") ) $tpl->load_template('preview.tpl');
else $tpl->load_template('shortstory.tpl');
if ( $parse->not_allowed_text ) $tpl->copy_template = $lang['news_err_39'];
$tpl->set('[short-preview]', "");
$tpl->set('[/short-preview]', "");
$tpl->set_block("'\\[full-preview\\](.*?)\\[/full-preview\\]'si","");
$tpl->set_block("'\\[static-preview\\](.*?)\\[/static-preview\\]'si","");
$tpl->set('{title}', $title);
$tpl->set('{views}', 0);
$date = time();
$tpl->set( '{date}', langdate( $config['timestamp_active'], $date ) );
$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "langdate('\\1', '{$date}')", $tpl->copy_template );
$tpl->set('[link]',"<a href=#>");
$tpl->set('[/link]',"</a>");
$tpl->set('{comments-num}', 0);
$tpl->set('[full-link]', "<a href=#>");
$tpl->set('[/full-link]', "</a>");
$tpl->set('[day-news]', "<a href=#>");
$tpl->set('[/day-news]', "</a>");
$tpl->set('[com-link]', "<a href=#>");
$tpl->set('[/com-link]', "</a>");
$tpl->set('{rating}', "");
$tpl->set('{approve}', "");
$tpl->set('{author}', "--");
$tpl->set('{category}', $my_cat);
$tpl->set('{favorites}', '');
$tpl->set('{link-category}', $my_cat_link);
if($cat_icon[$category[0]] != ""){ $tpl->set('{category-icon}', $cat_icon[$category[0]]); }
else{ $tpl->set('{category-icon}', "{THEME}/dleimages/no_icon.gif"); }
$tpl->set_block("'\\[tags\\](.*?)\\[/tags\\]'si","");
$tpl->set('{tags}', "");
$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "", $tpl->copy_template );
if ( $_POST['news_fixed'] ) {
$tpl->set( '[fixed]', "" );
$tpl->set( '[/fixed]', "" );
$tpl->set_block( "'\\[not-fixed\\](.*?)\\[/not-fixed\\]'si", "" );
} else {
$tpl->set( '[not-fixed]', "" );
$tpl->set( '[/not-fixed]', "" );
$tpl->set_block( "'\\[fixed\\](.*?)\\[/fixed\\]'si", "" );
}
$tpl->set('{edit-date}', "");
$tpl->set('{editor}', "");
$tpl->set('{edit-reason}', "");
$tpl->set_block("'\\[edit-date\\](.*?)\\[/edit-date\\]'si","");
$tpl->set_block("'\\[edit-reason\\](.*?)\\[/edit-reason\\]'si","");
$tpl->set('[mail]',"");
$tpl->set('[/mail]',"");
$tpl->set('{news-id}', "ID Unknown");
$tpl->set('{php-self}', $PHP_SELF);
$tpl->copy_template = preg_replace( "#\\[category=(.+?)\\](.*?)\\[/category\\]#is","\\2", $tpl->copy_template);
$tpl->set_block("'\\[edit\\].*?\\[/edit\\]'si","");
$xfieldsaction = "templatereplacepreview";
$xfieldsinput = $tpl->copy_template;
include(ENGINE_DIR.'/inc/xfields.php');
$tpl->copy_template = $xfieldsoutput;
$tpl->set('{short-story}', stripslashes($short_story));
$tpl->set('{full-story}', stripslashes($full_story));
$tpl->copy_template = "<fieldset style=\"border-style:solid; border-width:1; border-color:black;\"><legend> <span style=\"font-size: 10px; font-family: Verdana\">{$lang['preview_short']}</span> </legend>".$tpl->copy_template."</fieldset>";
$tpl->compile('shortstory');
$tpl->result['shortstory'] = preg_replace( "'\[hide\](.*?)\[/hide\]'si", "\\1", $tpl->result['shortstory']);
$tpl->result['shortstory'] = str_replace ( '{THEME}', $config['http_home_url'] . 'templates/' . $config['skin'], $tpl->result['shortstory'] );
echo $tpl->result['shortstory'];
$dle_module = "showfull";
if ( @is_file($tpl->dir."/preview.tpl") ) $tpl->load_template('preview.tpl');
else $tpl->load_template('fullstory.tpl');
if ( $parse->not_allowed_text ) $tpl->copy_template = $lang['news_err_39'];
$tpl->copy_template = str_replace('[full-preview]', "", $tpl->copy_template);
$tpl->copy_template = str_replace('[/full-preview]', "", $tpl->copy_template);
$tpl->copy_template = preg_replace("'\\[short-preview\\](.*?)\\[/short-preview\\]'si","", $tpl->copy_template);
$tpl->copy_template = preg_replace("'\\[static-preview\\](.*?)\\[/static-preview\\]'si","", $tpl->copy_template);
if( strlen( $full_story ) < 13 AND strpos( $tpl->copy_template, "{short-story}" ) === false ) { $full_story = $short_story; }
$tpl->set('{title}', $title);
$tpl->set('{views}', 0);
$tpl->set( '{date}', langdate( $config['timestamp_active'], $date ) );
$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "langdate('\\1', '{$date}')", $tpl->copy_template );
$tpl->set('[link]',"<a href=#>");
$tpl->set('[/link]',"</a>");
$tpl->set('{comments-num}', 0);
$tpl->set('[full-link]', "<a href=#>");
$tpl->set('[/full-link]', "</a>");
$tpl->set('[com-link]', "<a href=#>");
$tpl->set('[/com-link]', "</a>");
$tpl->set('[day-news]', "<a href=#>");
$tpl->set('[/day-news]', "</a>");
$tpl->set('{rating}', "");
$tpl->set('{author}', "--");
$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "", $tpl->copy_template );
$tpl->set('{category}', $my_cat);
$tpl->set('{link-category}', $my_cat_link);
$tpl->set('{related-news}', "");
if($cat_icon[$category[0]] != ""){ $tpl->set('{category-icon}', $cat_icon[$category[0]]); }
else{ $tpl->set('{category-icon}', "{THEME}/dleimages/no_icon.gif"); }
if ( $_POST['news_fixed'] ) {
$tpl->set( '[fixed]', "" );
$tpl->set( '[/fixed]', "" );
$tpl->set_block( "'\\[not-fixed\\](.*?)\\[/not-fixed\\]'si", "" );
} else {
$tpl->set( '[not-fixed]', "" );
$tpl->set( '[/not-fixed]', "" );
$tpl->set_block( "'\\[fixed\\](.*?)\\[/fixed\\]'si", "" );
}
$tpl->set('{pages}', '');
$tpl->set('{favorites}', '');
$tpl->set('[mail]',"");
$tpl->set('[/mail]',"");
$tpl->set('{poll}', '');
$tpl->set('{news-id}', "ID Unknown");
$tpl->set('{php-self}', $PHP_SELF);
$tpl->copy_template = preg_replace( "#\\[category=(.+?)\\](.*?)\\[/category\\]#is","\\2", $tpl->copy_template);
$tpl->set_block("'\\[edit\\].*?\\[/edit\\]'si","");
$tpl->set_block("'{banner_(.*?)}'si","");
$tpl->set('{edit-date}', "");
$tpl->set('{editor}', "");
$tpl->set('{edit-reason}', "");
$tpl->set_block("'\\[edit-date\\](.*?)\\[/edit-date\\]'si","");
$tpl->set_block("'\\[edit-reason\\](.*?)\\[/edit-reason\\]'si","");
$tpl->set_block("'\\[tags\\](.*?)\\[/tags\\]'si","");
$tpl->set('{tags}', "");
$tpl->set('[print-link]',"<a href=#>");
$tpl->set('[/print-link]',"</a>");
$xfieldsaction = "templatereplacepreview";
$xfieldsinput = $tpl->copy_template;
include(ENGINE_DIR.'/inc/xfields.php');
$tpl->copy_template = $xfieldsoutput;
$tpl->set('{short-story}', stripslashes($short_story));
$tpl->set('{full-story}', stripslashes($full_story));
$tpl->copy_template = "<fieldset style=\"border-style:solid; border-width:1; border-color:black;\"><legend> <span style=\"font-size: 10px; font-family: Verdana\">{$lang['preview_full']}</span> </legend>".$tpl->copy_template."</fieldset>";
$tpl->compile('fullstory');
$tpl->result['fullstory'] = preg_replace( "'\[hide\](.*?)\[/hide\]'si", "\\1", $tpl->result['fullstory']);
$tpl->result['fullstory'] = str_replace ( '{THEME}', $config['http_home_url'] . 'templates/' . $config['skin'], $tpl->result['fullstory'] );
echo $tpl->result['fullstory'];
}
?>
</body></html>
Добавлено через 11 минут, 5 секунд:Все в куче - js ... php .. html
<?php
/*
=====================================================
DataLife Engine - by SoftNews Media Group
-----------------------------------------------------
http://dle-news.ru/
-----------------------------------------------------
Copyright (c) 2004,2011 SoftNews Media Group
=====================================================
Данный код защищен авторскими правами
=====================================================
Файл: userfields.php
-----------------------------------------------------
Назначение: дополнительные поля профиля
=====================================================
*/
if(!defined('DATALIFEENGINE'))
{
die("Hacking attempt!");
}
if (!isset($xfieldsaction)) $xfieldsaction = $_REQUEST['xfieldsaction'];
if (isset ( $_REQUEST['xfieldssubactionadd'] )) $xfieldssubactionadd = $_REQUEST['xfieldssubactionadd'];
if (isset ( $_REQUEST['xfieldssubaction'] )) $xfieldssubaction = $_REQUEST['xfieldssubaction'];
if (isset ( $_REQUEST['xfieldsindex'] )) $xfieldsindex = intval($_REQUEST['xfieldsindex']);
if (isset ( $_REQUEST['editedxfield'] )) $editedxfield = $_REQUEST['editedxfield'];
if (isset ($xfieldssubactionadd))
if ($xfieldssubactionadd == "add") {
$xfieldssubaction = $xfieldssubactionadd;
}
if (!isset($xf_inited)) $xf_inited = "";
if ($xf_inited !== true) { // Prevent "Cannot redeclare" error
function profilesave($data) {
global $lang, $dle_login_hash;
if ($_REQUEST['user_hash'] == "" OR $_REQUEST['user_hash'] != $dle_login_hash) {
die("Hacking attempt! User not found");
}
$data = array_values($data);
foreach ($data as $index => $value) {
$value = array_values($value);
foreach ($value as $index2 => $value2) {
$value2 = stripslashes($value2);
$value2 = str_replace("|", "|", $value2);
$value2 = str_replace("\r\n", "__NEWL__", $value2);
$filecontents .= $value2 . ($index2 < count($value) - 1 ? "|" : "");
}
$filecontents .= ($index < count($data) - 1 ? "\r\n" : "");
}
$filehandle = fopen(ENGINE_DIR.'/data/xprofile.txt', "w+");
if (!$filehandle)
msg("error", $lang['xfield_error'], "$lang[xfield_err_1] \"".ENGINE_DIR."/data/xprofile.txt\", $lang[xfield_err_1]");
fwrite($filehandle, $filecontents);
fclose($filehandle);
header("Location: http://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] .
"?mod=userfields&xfieldsaction=configure");
exit;
}
function profileload() {
global $lang;
$path = ENGINE_DIR.'/data/xprofile.txt';
$filecontents = file($path);
if (!is_array($filecontents))
msg("error", $lang['xfield_error'], "$lang[xfield_err_3] \"engine/data/xprofile.txt\". $lang[xfield_err_4]");
foreach ($filecontents as $name => $value) {
$filecontents[$name] = explode("|", trim($value));
foreach ($filecontents[$name] as $name2 => $value2) {
$value2 = str_replace("|", "|", $value2);
$value2 = str_replace("__NEWL__", "\r\n", $value2);
$filecontents[$name][$name2] = $value2;
}
}
return $filecontents;
}
function array_move(&$array, $index1, $dist) {
$index2 = $index1 + $dist;
if ($index1 < 0 or
$index1 > count($array) - 1 or
$index2 < 0 or
$index2 > count($array) - 1) {
return false;
}
$value1 = $array[$index1];
$array[$index1] = $array[$index2];
$array[$index2] = $value1;
return true;
}
$xf_inited = true;
}
$xfields = profileload();
switch ($xfieldsaction) {
case "configure":
if( ! $user_group[$member_id['user_group']]['admin_userfields'] ) {
msg( "error", $lang['index_denied'], $lang['index_denied'] );
}
switch ($xfieldssubaction) {
case "delete":
if (!isset($xfieldsindex)) {
msg("error", $lang['xfield_error'], $lang['xfield_err_5'],"javascript:history.go(-1)");
}
msg("options", "info", "$lang[xfield_err_6]<br /><br /><a href=\"$PHP_SELF?mod=userfields&xfieldsaction=configure&xfieldsindex=$xfieldsindex&xfieldssubaction=delete2&user_hash={$dle_login_hash}\">[$lang[opt_sys_yes]]</a> <a href=\"$PHP_SELF?mod=userfields&xfieldsaction=configure\">[$lang[opt_sys_no]]</a>");
break;
case "delete2":
if (!isset($xfieldsindex)) {
msg("error", $lang['xfield_error'], $lang['xfield_err_5'],"javascript:history.go(-1)");
}
unset($xfields[$xfieldsindex]);
@profilesave($xfields);
break;
case "moveup":
if (!isset($xfieldsindex)) {
msg("error", $lang['xfield_error'], $lang['xfield_err_7'],"javascript:history.go(-1)");
}
array_move($xfields, $xfieldsindex, -1);
@profilesave($xfields);
break;
case "movedown":
if (!isset($xfieldsindex)) {
msg("error", $lang['xfield_error'], $lang['xfield_err_7'],"javascript:history.go(-1)");
}
array_move($xfields, $xfieldsindex, +1);
@profilesave($xfields);
break;
case "add":
$xfieldsindex = count($xfields);
// Fall trough to edit
case "edit":
if (!isset($xfieldsindex)) {
msg("error", $lang['xfield_error'], $lang['xfield_err_8'],"javascript:history.go(-1)");
}
if (!$editedxfield) {
$editedxfield = $xfields[$xfieldsindex];
} elseif (strlen(trim($editedxfield[0])) > 0 and
strlen(trim($editedxfield[1])) > 0) {
foreach ($xfields as $name => $value) {
if ($name != $xfieldsindex and
$value[0] == $editedxfield[0]) {
msg("error", $lang['xfield_error'], $lang['xfield_err_9'],"javascript:history.go(-1)");
}
}
$editedxfield[0] = totranslit(trim($editedxfield[0]));
$editedxfield[1] = htmlspecialchars(trim($editedxfield[1]));
$editedxfield[2] = intval($editedxfield[2]);
$editedxfield[4] = intval($editedxfield[4]);
$editedxfield[5] = intval($editedxfield[5]);
if ($editedxfield[3] == "select") {
$options = array();
foreach (explode("\r\n", $editedxfield["6_select"]) as $name => $value) {
$value = trim($value);
if (!in_array($value, $options)) {
$options[] = $value;
}
}
if (count($options) < 2) {
msg("error", $lang['xfield_error'], $lang['xfield_err_10'],"javascript:history.go(-1)");
}
$editedxfield[6] = implode("\r\n", $options);
} else { $editedxfield[6] = ""; }
unset($editedxfield['6_select']);
ksort($editedxfield);
$xfields[$xfieldsindex] = $editedxfield;
ksort($xfields);
@profilesave($xfields);
break;
} else {
msg("error", $lang['xfield_error'], $lang['xfield_err_11'],"javascript:history.go(-1)");
}
echoheader("options", (($xfieldssubaction == "add") ? $lang['xfield_addh'] : $lang['xfield_edith']) . " " . $lang['xfield_fih']);
$checked = ($editedxfield[5] ? " checked" : "");
?>
<form action="<? echo $_SERVER['PHP_SELF']; ?>" method="post" name="xfieldsform">
<script language="javascript">
function ShowOrHideEx(id, show) {
var item = null;
if (document.getElementById) {
item = document.getElementById(id);
} else if (document.all) {
item = document.all[id];
} else if (document.layers){
item = document.layers[id];
}
if (item && item.style) {
item.style.display = show ? "" : "none";
}
}
function onTypeChange(value) {
ShowOrHideEx("select_options", value == "select");
}
</script>
<input type="hidden" name="mod" value="userfields">
<input type="hidden" name="user_hash" value="<? echo $dle_login_hash; ?>">
<input type="hidden" name="xfieldsaction" value="configure">
<input type="hidden" name="xfieldssubaction" value="edit">
<input type="hidden" name="xfieldsindex" value="<?php echo $xfieldsindex; ?>">
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
<tr>
<td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation"><?php echo $lang['xfield_title']; ?></div></td>
</tr>
</table>
<div class="unterline"></div>
<table width="100%">
<tr>
<td width="260" style="padding:4px;"><?php echo $lang['xfield_xname']; ?></td>
<td><input class=edit style="width: 200px;" type="text" name="editedxfield[0]" value="<? echo $editedxfield[0];?>" /> (<?php echo $lang['xf_lat']; ?>)</td>
</tr>
<tr>
<td style="padding:4px;"><?php echo $lang['xfield_xdescr']; ?></td>
<td><input class=edit style="width: 200px;" type="text" name="editedxfield[1]" value="<? echo $editedxfield[1];?>" /></td>
</tr>
<tr>
<td style="padding:4px;"><?php echo $lang['xfield_xtype']; ?></td>
<td><select name="editedxfield[3]" id="type" onchange="onTypeChange(this.value)" />
<option value="text"<?=($editedxfield[3] != "text") ? " selected" : ""?>><?php echo $lang['xfield_xstr']; ?></option>
<option value="textarea"<?=($editedxfield[3] == "textarea") ? " selected" : ""?>><?php echo $lang['xfield_xarea']; ?></option>
<option value="select"<?=($editedxfield[3] == "select") ? " selected" : ""?>><?php echo $lang['xfield_xsel']; ?></option>
</select></td>
</tr>
<tr id="select_options">
<td style="padding:4px;"><?php echo $lang['xfield_xfaul']; ?></td>
<td><textarea style="width: 320px; height: 100px;" name="editedxfield[6_select]"><?=($editedxfield[3] == "select") ? $editedxfield[6] : ""?></textarea><br>на одной строке одно значение</td>
</tr>
<tr>
<td style="padding:4px;"><?php echo $lang['xp_reg']; ?></td>
<td><input type="radio" name="editedxfield[2]" <?=($editedxfield[2]) ? "checked" : ""?> value="1"> <?php echo $lang['opt_sys_yes']; ?> <input type="radio" name="editedxfield[2]" <?=(!$editedxfield[2]) ? "checked" : ""?> value="0"> <?php echo $lang['opt_sys_no']; ?> <a href="#" class="hintanchor" onMouseover="showhint('<?php echo $lang['xp_reg_hint']; ?>', this, event, '220px')">[?]</a>
</td>
</tr>
<tr>
<td style="padding:4px;"><?php echo $lang['xp_edit']; ?></td>
<td><input type="radio" name="editedxfield[4]" <?=($editedxfield[4]) ? "checked" : ""?> value="1"> <?php echo $lang['opt_sys_yes']; ?> <input type="radio" name="editedxfield[4]" <?=(!$editedxfield[4]) ? "checked" : ""?> value="0"> <?php echo $lang['opt_sys_no']; ?> <a href="#" class="hintanchor" onMouseover="showhint('<?php echo $lang['xp_edit_hint']; ?>', this, event, '220px')">[?]</a>
</td>
</tr>
<tr>
<td style="padding:4px;"><?php echo $lang['xp_privat']; ?></td>
<td><input type="radio" name="editedxfield[5]" <?=($editedxfield[5]) ? "checked" : ""?> value="1"> <?php echo $lang['opt_sys_yes']; ?> <input type="radio" name="editedxfield[5]" <?=(!$editedxfield[5]) ? "checked" : ""?> value="0"> <?php echo $lang['opt_sys_no']; ?> <a href="#" class="hintanchor" onMouseover="showhint('<?php echo $lang['xp_privat_hint']; ?>', this, event, '220px')">[?]</a>
</td>
</tr>
<tr>
<td colspan=2><div class="hr_line"></div></td>
</tr>
<tr>
<td colspan=2 style="padding:4px;"><input type="submit" class="buttons" value=" <?php echo $lang['user_save']; ?> "></td>
</tr>
</table>
</td>
<td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div>
</form>
<script type="text/javascript">
<!--
var item_type = null;
if (document.getElementById) {
item_type = document.getElementById("type");
} else if (document.all) {
item_type = document.all["type"];
} else if (document.layers) {
item_type = document.layers["type"];
}
if (item_type) {
onTypeChange(item_type.value);
}
// -->
</script>
<?php
echofooter();
break;
default:
echoheader("options", "Дополнительные поля");
?>
<form action="<? echo $_SERVER["PHP_SELF"]; ?>" method="get" name="xfieldsform">
<input type="hidden" name="mod" value="userfields">
<input type="hidden" name="user_hash" value="<? echo $dle_login_hash; ?>">
<input type="hidden" name="xfieldsaction" value="configure">
<input type="hidden" name="xfieldssubactionadd" value="">
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
<tr>
<td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation"><?php echo $lang['xp_xlist']; ?></div></td>
</tr>
</table>
<div class="unterline"></div>
<table width="100%">
<tr>
<td style="padding:5px;">
<B><?php echo $lang['xfield_xname']; ?></B>
</td>
<td>
<B><?php echo $lang['xp_descr']; ?></B>
</td>
<td>
<B><?php echo $lang['xfield_xtype']; ?></B>
</td>
<td>
<B><?php echo $lang['xp_regh']; ?></B>
</td>
<td>
<B><?php echo $lang['xp_edith']; ?></B>
</td>
<td>
<B><?php echo $lang['xp_privath']; ?></B>
</td>
<td width=10>
</td>
</tr>
<tr>
<td colspan=7><div class="hr_line"></div></td>
</tr>
<?php
if (count($xfields) == 0) {
echo "<tr><td colspan=\"7\" align=\"center\"><br /><br />$lang[xfield_xnof]</td></tr>";
} else {
foreach ($xfields as $name => $value) {
?>
<tr>
<td style="padding:2px;">
<? echo $value[0]; ?>
</td>
<td style="padding:2px;">
<? echo $value[1]; ?>
</td>
<td>
<?=(($value[3] == "text") ? $lang['xfield_xstr'] : "")?>
<?=(($value[3] == "textarea") ? $lang['xfield_xarea'] : "")?>
<?=(($value[3] == "select") ? $lang['xfield_xsel'] : "")?>
</td>
<td>
<?=($value[2] != 0 ? $lang['opt_sys_yes'] : $lang['opt_sys_no'])?>
</td>
<td>
<?=($value[4] != 0 ? $lang['opt_sys_yes'] : $lang['opt_sys_no'])?>
</td>
<td>
<?=($value[5] != 0 ? $lang['opt_sys_yes'] : $lang['opt_sys_no'])?>
</td>
<td>
<input type="radio" name="xfieldsindex" value="<?php echo $name; ?>">
</td>
</tr><tr><td background="engine/skins/images/mline.gif" height=1 colspan=7></td></tr>
<?php
}
}
?>
<tr>
<td colspan=7><div class="hr_line"></div></td>
</tr>
<tr>
<td ><a class=main onClick="javascript:Help('xprofile')" href="#"><?php echo $lang['xfield_xhelp']; ?></a></td>
<td colspan="4" class="main" style="text-align: right; padding-top: 10px;">
<?php if (count($xfields) > 0) { ?>
<?php echo $lang['xfield_xact']; ?>:
<select name="xfieldssubaction">
<option value="edit"><?php echo $lang['xfield_xedit']; ?></option>
<option value="delete"><?php echo $lang['xfield_xdel']; ?></option>
<option value="moveup"><?php echo $lang['xfield_xo']; ?></option>
<option value="movedown"><?php echo $lang['xfield_xu']; ?></option>
</select>
<input type="submit" class="buttons" value=" <?php echo $lang['b_start']; ?> " onclick="document.forms['xfieldsform'].xfieldssubactionadd.value = '';">
<?php } ?>
<input type="submit" class="buttons" value=" <?php echo $lang['b_create']; ?> " onclick="document.forms['xfieldsform'].xfieldssubactionadd.value = 'add';">
</td>
</tr>
</table>
</td>
<td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div>
</form>
<?php
echofooter();
}
break;
case "list":
$output = "";
if (!isset($xfieldsid)) $xfieldsid = "";
$xfieldsdata = xfieldsdataload ($xfieldsid);
foreach ($xfields as $name => $value) {
$fieldname = $value[0];
if (!$xfieldsadd) {
$fieldvalue = $xfieldsdata[$value[0]];
$fieldvalue = $parse->decodeBBCodes($fieldvalue, false);
if ((!$xfieldsadd) AND !intval($value[4]) AND ($is_logged AND $member_id['user_group'] != 1)) continue;
}
if (intval($value[2]) OR (!$xfieldsadd)) {
if ($value[3] == "textarea") {
$output .= <<<HTML
<tr>
<td>$value[1]:</td>
<td class="xprofile" colspan="2"><textarea name="xfield[$fieldname]" id="xf_$fieldname">$fieldvalue</textarea></td></tr>
HTML;
} elseif ($value[3] == "text") {
$output .= <<<HTML
<tr>
<td>$value[1]:</td>
<td class="xprofile" colspan="2"><input type="text" name="xfield[$fieldname]" id="xfield[$fieldname]" value="$fieldvalue" /></td>
</tr>
HTML;
} elseif ($value[3] == "select") {
$output .= <<<HTML
<tr id="$holderid">
<td>$value[1]:</td>
<td class="xprofile" colspan="2"><select name="xfield[$fieldname]" id="xf_$fieldname">
HTML;
foreach (explode("\r\n", $value[6]) as $index => $value) {
$value = str_replace("'", "'", $value);
$output .= "<option value=\"$index\"" . ($fieldvalue == $value ? " selected" : "") . ">$value</option>\r\n";
}
$output .= <<<HTML
</select></td>
</tr>
HTML;
}
}
}
break;
case "admin":
$output = "";
if (!isset($xfieldsid)) $xfieldsid = "";
$xfieldsdata = xfieldsdataload ($xfieldsid);
foreach ($xfields as $name => $value) {
$fieldname = $value[0];
$fieldvalue = $xfieldsdata[$value[0]];
$fieldvalue = $parse->decodeBBCodes($fieldvalue, false);
if ($value[3] == "textarea") {
$output .= <<<HTML
<tr>
<td>$value[1]:</td>
<td class="xprofile" colspan="2"><textarea name="xfield[$fieldname]" id="xf_$fieldname">$fieldvalue</textarea></td></tr>
HTML;
} elseif ($value[3] == "text") {
$output .= <<<HTML
<tr>
<td>$value[1]:</td>
<td class="xprofile" colspan="2"><input type="text" name="xfield[$fieldname]" id="xfield[$fieldname]" value="$fieldvalue" /></td>
</tr>
HTML;
} elseif ($value[3] == "select") {
$output .= <<<HTML
<tr id="$holderid">
<td>$value[1]:</td>
<td class="xprofile" colspan="2"><select name="xfield[$fieldname]" id="xf_$fieldname">
HTML;
foreach (explode("\r\n", $value[6]) as $index => $value) {
$value = str_replace("'", "'", $value);
$output .= "<option value=\"$index\"" . ($fieldvalue == $value ? " selected" : "") . ">$value</option>\r\n";
}
$output .= <<<HTML
</select></td>
</tr>
HTML;
}
}
break;
case "init":
$postedxfields = $_POST['xfield'];
$newpostedxfields = array();
if (!isset($xfieldsid)) $xfieldsid = "";
$xfieldsdata = xfieldsdataload ($xfieldsid);
foreach ($xfields as $name => $value) {
if ((!$value[2] AND $xfieldsadd)) {
continue;
}
if (intval($value[4]) OR $member_id['user_group'] == 1 OR ($value[2] AND $xfieldsadd))
$newpostedxfields[$value[0]] = substr($postedxfields[$value[0]], 0, 10000);
else
$newpostedxfields[$value[0]] = $xfieldsdata[$value[0]];
if ($value[3] == "select") {
$options = explode("\r\n", $value[6]);
if (intval($value[4]) OR $member_id['user_group'] == 1 OR ($value[2] AND $xfieldsadd))
$newpostedxfields[$value[0]] = $options[$postedxfields[$value[0]]];
else
$newpostedxfields[$value[0]] = $xfieldsdata[$value[0]];
}
}
$postedxfields = $newpostedxfields;
break;
case "init_admin":
$postedxfields = $_POST["xfield"];
$newpostedxfields = array();
foreach ($xfields as $name => $value) {
$newpostedxfields[$value[0]] = substr($postedxfields[$value[0]], 0, 10000);
if ($value[3] == "select") {
$options = explode("\r\n", $value[6]);
$newpostedxfields[$value[0]] = $options[$postedxfields[$value[0]]];
}
}
$postedxfields = $newpostedxfields;
break;
default:
if (function_exists('msg'))
msg("error", $lang['xfield_error'], $lang['xfield_xerr2']);
}
?>
Добавлено через 13 минут, 16 секунд:Здесь немного получше кажется - мельком увидел пути, которые нельзя задать - uploads/posts
<?php
/*
=====================================================
DataLife Engine - by SoftNews Media Group
-----------------------------------------------------
http://dle-news.ru/
-----------------------------------------------------
Copyright (c) 2004,2011 SoftNews Media Group
=====================================================
Данный код защищен авторскими правами
=====================================================
Файл: static.php
-----------------------------------------------------
Назначение: редактирование статистических страниц
=====================================================
*/
if( !defined( 'DATALIFEENGINE' ) OR !defined( 'LOGGED_IN' ) ) {
die( "Hacking attempt!" );
}
if( ! $user_group[$member_id['user_group']]['admin_static'] ) {
msg( "error", $lang['index_denied'], $lang['index_denied'] );
}
include_once ENGINE_DIR . '/classes/parse.class.php';
$parse = new ParseFilter( Array (), Array (), 1, 1 );
$parse->allow_php = true;
function SelectSkin($skin) {
global $lang;
$templates_list = array ();
$handle = opendir( './templates' );
while ( false !== ($file = readdir( $handle )) ) {
if( is_dir( "./templates/$file" ) and ($file != "." and $file != "..") ) {
$templates_list[] = $file;
}
}
closedir( $handle );
$skin_list = "<select name=skin_name>";
$skin_list .= "<option value=\"\">" . $lang['cat_skin_sel'] . "</option>";
foreach ( $templates_list as $single_template ) {
if( $single_template == $skin ) $selected = " selected";
else $selected = "";
$skin_list .= "<option value=\"$single_template\"" . $selected . ">$single_template</option>";
}
$skin_list .= '</select>';
return $skin_list;
}
if( !$action ) $action = "list";
if( $action == "list" ) {
$_SESSION['admin_referrer'] = $_SERVER['REQUEST_URI'];
$js_array[] = "engine/skins/calendar.js";
echoheader( "static", "static" );
$search_field = $db->safesql( trim( htmlspecialchars( stripslashes( @urldecode( $_GET['search_field'] ) ), ENT_QUOTES ) ) );
if ($_GET['fromnewsdate']) $fromnewsdate = strtotime( $_GET['fromnewsdate'] ); else $fromnewsdate = "";
if ($_GET['tonewsdate']) $tonewsdate = strtotime( $_GET['tonewsdate'] ); else $tonewsdate = "";
if ($fromnewsdate === -1 OR !$fromnewsdate) $fromnewsdate = "";
if ($tonewsdate === -1 OR !$tonewsdate) $tonewsdate = "";
$start_from = intval( $_GET['start_from'] );
$news_per_page = intval( $_GET['news_per_page'] );
$gopage = intval( $_REQUEST['gopage'] );
if( ! $news_per_page or $news_per_page < 1 ) {
$news_per_page = 50;
}
if( $gopage ) $start_from = ($gopage - 1) * $news_per_page;
if( $start_from < 0 ) $start_from = 0;
$where = array ();
$where[] = "name != 'dle-rules-page'";
if( $search_field != "" ) {
$where[] = "(template like '%$search_field%' OR descr like '%$search_field%')";
}
if( $fromnewsdate != "" ) {
$where[] = "date >= '$fromnewsdate'";
}
if( $tonewsdate != "" ) {
$where[] = "date <= '$tonewsdate'";
}
if( count( $where ) ) {
$where = implode( " AND ", $where );
$where = " WHERE " . $where;
} else {
$where = "";
}
$order_by = array ();
if( $_REQUEST['search_order_t'] == "asc" or $_REQUEST['search_order_t'] == "desc" ) $search_order_t = $_REQUEST['search_order_t'];
else $search_order_t = "";
if( $_REQUEST['search_order_d'] == "asc" or $_REQUEST['search_order_d'] == "desc" ) $search_order_d = $_REQUEST['search_order_d'];
else $search_order_d = "";
if( ! empty( $search_order_t ) ) {
$order_by[] = "name $search_order_t";
}
if( ! empty( $search_order_d ) ) {
$order_by[] = "date $search_order_d";
}
$order_by = implode( ", ", $order_by );
if( ! $order_by ) $order_by = "date desc";
$search_order_date = array ('----' => '', 'asc' => '', 'desc' => '' );
if( isset( $_REQUEST['search_order_d'] ) ) {
$search_order_date[$search_order_d] = 'selected';
} else {
$search_order_date['desc'] = 'selected';
}
$search_order_title = array ('----' => '', 'asc' => '', 'desc' => '' );
if( ! empty( $search_order_t ) ) {
$search_order_title[$search_order_t] = 'selected';
} else {
$search_order_title['----'] = 'selected';
}
$db->query( "SELECT id, name, descr, template, views, date FROM " . PREFIX . "_static" . $where . " ORDER BY " . $order_by . " LIMIT $start_from,$news_per_page" );
// Prelist Entries
$flag = 1;
if( $start_from == "0" ) {
$start_from = "";
}
$i = $start_from;
$entries_showed = 0;
$entries = "";
while ( $row = $db->get_array() ) {
$i ++;
$itemdate = @date( "d.m.Y H:i", $row['date'] );
$title = htmlspecialchars( stripslashes( $row['name'] ), ENT_QUOTES );
$descr = stripslashes($row['descr']);
if( $config['allow_alt_url'] == "yes" ) $vlink = $config['http_home_url'] . $row['name'] . ".html";
else $vlink = $config['http_home_url'] . "index.php?do=static&page=" . $row['name'];
$entries .= "<tr>
<td class=\"list\" style=\"padding:4px;\" nowrap>
$itemdate - <a title=\"{$lang[static_view]}\" class=\"list\" href=\"{$vlink}\" target=\"_blank\">$title</a></td>
<td align=left><a title=\"{$lang[edit_static_act]}\" class=\"list\" href=\"$PHP_SELF?mod=static&action=doedit&id={$row['id']}\">$descr</a></td>
<td align=center>{$row['views']}</td>
<td align=center><input name=\"selected_news[]\" value=\"{$row['id']}\" type='checkbox' /></td>
</tr>
<tr><td background=\"engine/skins/images/mline.gif\" height=1 colspan=4></td></tr>";
$entries_showed ++;
if( $i >= $news_per_page + $start_from ) {
break;
}
}
// End prelisting
$result_count = $db->super_query( "SELECT COUNT(*) as count FROM " . PREFIX . "_static" . $where );
$all_count_news = $result_count['count'];
if ( $fromnewsdate ) $fromnewsdate = date("Y-m-d", $fromnewsdate );
if ( $tonewsdate ) $tonewsdate = date("Y-m-d", $tonewsdate );
///////////////////////////////////////////
// Options Bar
echo <<<HTML
<!-- calendar stylesheet -->
<link rel="stylesheet" type="text/css" media="all" href="engine/skins/calendar-blue.css" title="win2k-cold-1" />
<script language="javascript">
function search_submit(prm){
document.optionsbar.start_from.value=prm;
document.optionsbar.submit();
return false;
}
function gopage_submit(prm){
document.optionsbar.start_from.value= (prm - 1) * {$news_per_page};
document.optionsbar.submit();
return false;
}
</script>
<form action="?mod=static&action=list" method="GET" name="optionsbar" id="optionsbar">
<input type="hidden" name="mod" value="static">
<input type="hidden" name="action" value="list">
<div style="padding-top:5px;padding-bottom:2px;display:none" name="advancedsearch" id="advancedsearch">
<table width="100%">
<tr>
<td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['edit_stat']} <b>{$entries_showed}</b> {$lang['edit_stat_1']} <b>{$all_count_news}</b></div></td>
</tr>
</table>
<div class="unterline"></div>
<table width="100%">
<tr>
<td style="padding:5px;">{$lang['edit_search_static']}</td>
<td style="padding-left:5px;"><input class="edit bk" name="search_field" value="{$search_field}" type="text" size="35"></td>
<td style="padding-left:5px;">{$lang['search_by_date']}</td>
<td style="padding-left:5px;">{$lang['edit_fdate']} <input type="text" name="fromnewsdate" id="fromnewsdate" size="11" maxlength="16" class="edit bk" value="{$fromnewsdate}">
<img src="engine/skins/images/img.gif" align="absmiddle" id="f_trigger_dnews" style="cursor: pointer; border: 0" title="{$lang['edit_ecal']}"/>
<script type="text/javascript">
Calendar.setup({
inputField : "fromnewsdate", // id of the input field
ifFormat : "%Y-%m-%d", // format of the input field
button : "f_trigger_dnews", // trigger for the calendar (button ID)
align : "Br", // alignment
timeFormat : "24",
showsTime : false,
singleClick : true
});
</script> {$lang['edit_tdate']} <input type="text" name="tonewsdate" id="tonewsdate" size="11" maxlength="16" class="edit bk" value="{$tonewsdate}">
<img src="engine/skins/images/img.gif" align="absmiddle" id="f_trigger_tnews" style="cursor: pointer; border: 0" title="{$lang['edit_ecal']}"/>
<script type="text/javascript">
Calendar.setup({
inputField : "tonewsdate", // id of the input field
ifFormat : "%Y-%m-%d", // format of the input field
button : "f_trigger_tnews", // trigger for the calendar (button ID)
align : "Br", // alignment
timeFormat : "24",
showsTime : false,
singleClick : true
});
</script></td>
</tr>
<tr>
<td style="padding:5px;">{$lang['static_per_page']}</td>
<td style="padding-left:5px;"><input class="edit bk" style="text-align: center" name="news_per_page" value="{$news_per_page}" type="text" size="10"></td>
<td colspan="2"></td>
</tr>
<tr>
<td colspan="4"><div class="hr_line"></div></td>
</tr>
<tr>
<td colspan="4">{$lang['static_order']}</td>
</tr>
<tr>
<td style="padding:5px;">{$lang['edit_et']}</td>
<td style="padding-left:5px;"><select name="search_order_t" id="search_order_t">
<option {$search_order_title['----']} value="">{$lang['user_order_no']}</option>
<option {$search_order_title['asc']} value="asc">{$lang['user_order_plus']}</option>
<option {$search_order_title['desc']} value="desc">{$lang['user_order_minus']}</option>
</select>
</td>
<td style="padding-left:5px;">{$lang['search_by_date']}</td>
<td style="padding-left:5px;"><select name="search_order_d" id="search_order_d">
<option {$search_order_date['----']} value="">{$lang['user_order_no']}</option>
<option {$search_order_date['asc']} value="asc">{$lang['user_order_plus']}</option>
<option {$search_order_date['desc']} value="desc">{$lang['user_order_minus']}</option>
</select>
</td>
</tr>
<tr>
<td colspan="4"><div class="hr_line"></div></td>
</tr>
<tr>
<td style="padding:5px;"> </td>
<td colspan="3">
<input type="hidden" name="start_from" id="start_from" value="{$start_from}">
<input onClick="javascript:search_submit(0); return(false);" class="edit" type="submit" value="{$lang['edit_act_1']}">
</td>
</tr>
</table>
</td>
<td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div>
</form>
HTML;
// End Options Bar
echo <<<JSCRIPT
<script language='JavaScript' type="text/javascript">
<!--
function ckeck_uncheck_all() {
var frm = document.static;
for (var i=0;i<frm.elements.length;i++) {
var elmnt = frm.elements[i];
if (elmnt.type=='checkbox') {
if(frm.master_box.checked == true){ elmnt.checked=false; }
else{ elmnt.checked=true; }
}
}
if(frm.master_box.checked == true){ frm.master_box.checked = false; }
else{ frm.master_box.checked = true; }
}
-->
</script>
JSCRIPT;
if( $entries_showed == 0 ) {
echo <<<HTML
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
<tr>
<td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['static_head']}</div></td>
<td bgcolor="#EFEFEF" height="29" style="padding:5px;" align="right"><a href="javascript:ShowOrHide('advancedsearch');">{$lang['static_advanced_search']}</a></td>
</tr>
</table>
<div class="unterline"></div>
<table width="100%">
<tr>
<td style="height:50px;"><br><br><center>{$lang['edit_nostatic']}</center>
<br><br> <input type="button" value="{$lang['static_new']}" class="bbcodes" onclick="document.location='$PHP_SELF?mod=static&action=addnew'"></td>
</tr>
</table>
</td>
<td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div>
HTML;
} else {
echo <<<HTML
<form action="" method="post" name="static">
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
<tr>
<td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['static_head']}</div></td>
<td bgcolor="#EFEFEF" height="29" style="padding:5px;" align="right"><a href="javascript:ShowOrHide('advancedsearch');">{$lang['static_advanced_search']}</a></td>
</tr>
</table>
<div class="unterline"></div>
<table width=100% id="staticlist">
<tr class="thead">
<th width="350" style="padding:2px;">{$lang['static_title']}</th>
<th>{$lang['static_descr']}</th>
<th width="100" align="center"><div style="text-align: center;"> {$lang['st_views']} </div></th>
<th width="10" align="center"><div style="text-align: center;"><input type="checkbox" name="master_box" title="{$lang['edit_selall']}" onclick="javascript:ckeck_uncheck_all()"></div></th>
</tr>
<tr class="tfoot"><th colspan="4"><div class="hr_line"></div></td></th>
{$entries}
<tr class="tfoot"><th colspan="4"><div class="hr_line"></div></td></th>
</table>
HTML;
// pagination
$npp_nav = "<div class=\"news_navigation\" style=\"margin-bottom:5px; margin-top:5px;\">";
if( $start_from > 0 ) {
$previous = $start_from - $news_per_page;
$npp_nav .= "<a onClick=\"javascript:search_submit($previous); return(false);\" href=\"#\" title=\"{$lang['edit_prev']}\"><<</a> ";
}
if( $all_count_news > $news_per_page ) {
$enpages_count = @ceil( $all_count_news / $news_per_page );
$enpages_start_from = 0;
$enpages = "";
if( $enpages_count <= 10 ) {
for($j = 1; $j <= $enpages_count; $j ++) {
if( $enpages_start_from != $start_from ) {
$enpages .= "<a onClick=\"javascript:search_submit($enpages_start_from); return(false);\" href=\"#\">$j</a> ";
} else {
$enpages .= "<span>$j</span> ";
}
$enpages_start_from += $news_per_page;
}
$npp_nav .= $enpages;
} else {
$start = 1;
$end = 10;
if( $start_from > 0 ) {
if( ($start_from / $news_per_page) > 4 ) {
$start = @ceil( $start_from / $news_per_page ) - 3;
$end = $start + 9;
if( $end > $enpages_count ) {
$start = $enpages_count - 10;
$end = $enpages_count - 1;
}
$enpages_start_from = ($start - 1) * $news_per_page;
}
}
if( $start > 2 ) {
$enpages .= "<a onClick=\"javascript:search_submit(0); return(false);\" href=\"#\">1</a> ... ";
}
for($j = $start; $j <= $end; $j ++) {
if( $enpages_start_from != $start_from ) {
$enpages .= "<a onClick=\"javascript:search_submit($enpages_start_from); return(false);\" href=\"#\">$j</a> ";
} else {
$enpages .= "<span>$j</span> ";
}
$enpages_start_from += $news_per_page;
}
$enpages_start_from = ($enpages_count - 1) * $news_per_page;
$enpages .= "... <a onClick=\"javascript:search_submit($enpages_start_from); return(false);\" href=\"#\">$enpages_count</a> ";
$npp_nav .= $enpages;
}
}
if( $all_count_news > $i ) {
$how_next = $all_count_news - $i;
if( $how_next > $news_per_page ) {
$how_next = $news_per_page;
}
$npp_nav .= "<a onClick=\"javascript:search_submit($i); return(false);\" href=\"#\" title=\"{$lang['edit_next']}\">>></a>";
}
$npp_nav .= "</div>";
// pagination
if( $entries_showed != 0 ) {
echo <<<HTML
<table width=100%>
<tr><td>{$npp_nav}</td>
<td align="right" valign="top"><div style="margin-bottom:5px; margin-top:5px;">
<select name="action">
<option value="">{$lang['edit_selact']}</option>
<option value="mass_date">{$lang['mass_edit_date']}</option>
<option value="mass_clear_count">{$lang['mass_clear_count']}</option>
<option value="mass_delete">{$lang['edit_seldel']}</option>
</select>
<input type="hidden" name="mod" value="mass_static_actions">
<input type="hidden" name="user_hash" value="$dle_login_hash" />
<input class="edit" type="submit" value="{$lang['b_start']}">
</div><td></tr>
HTML;
if( $all_count_news > $news_per_page ) {
echo <<<HTML
<tr><td colspan="2">
{$lang['edit_go_page']} <input class="edit bk" style="text-align: center" name="gopage" id="gopage" value="" type="text" size="3"> <input onClick="javascript:gopage_submit(document.getElementById('gopage').value); return(false);" class="edit" type="button" value=" ok ">
</td></tr>
HTML;
}
}
echo <<<HTML
<tr><td colspan="2">
<input type="button" value=" {$lang['static_new']} " class="bbcodes" onclick="document.location='$PHP_SELF?mod=static&action=addnew'">
</td></tr>
</table>
</td>
<td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div></form>
<script type="text/javascript">
$(function(){
$("#staticlist").delegate("tr", "hover", function(){
$(this).toggleClass("hoverRow");
});
});
</script>
HTML;
}
echofooter();
} elseif( $action == "addnew" ) {
$js_array[] = "engine/skins/calendar.js";
echoheader( "static", "static" );
echo "
<SCRIPT LANGUAGE=\"JavaScript\">
function preview(){";
if( $config['allow_static_wysiwyg'] == "yes" ) {
echo "document.getElementById('template').value = $('#template').html();";
}
echo "if(document.static.template.value == '' || document.static.description.value == '' || document.static.name.value == ''){ DLEalert('$lang[static_err_1]', '$lang[p_info]'); }
else{
dd=window.open('','prv','height=400,width=750,resizable=1,scrollbars=1')
document.static.mod.value='preview';document.static.target='prv'
document.static.submit(); dd.focus()
setTimeout(\"document.static.mod.value='static';document.static.target='_self'\",500)
}
}
onload=focus;function focus(){document.forms[0].name.focus();}
</SCRIPT>";
if( $config['allow_static_wysiwyg'] == "yes" ) echo "<form method=post name=\"static\" id=\"static\" onsubmit=\"document.getElementById('template').value = $('#template').html(); if(document.static.name.value == '' || document.static.description.value == '' || document.static.template.value == ''){DLEalert('$lang[vote_alert]', '$lang[p_info]');return false}\" action=\"\">";
else echo "<form method=post name=\"static\" id=\"static\" onsubmit=\"if(document.static.name.value == '' || document.static.description.value == '' || document.static.template.value == ''){DLEalert('$lang[vote_alert]', '$lang[p_info]');return false}\" action=\"\">";
echo <<<HTML
<!-- calendar stylesheet -->
<link rel="stylesheet" type="text/css" media="all" href="engine/skins/calendar-blue.css" title="win2k-cold-1" />
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
<tr>
<td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['static_a']}</div></td>
</tr>
</table>
<div class="unterline"></div>
<table width="100%">
<tr>
<td width="150" style="padding:2px;">{$lang['static_title']}</td>
<td style="padding:2px;"><input type="text" name="name" size="25" class="edit bk"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_stitle]}', this, event, '250px')">[?]</a></td>
</tr>
<tr>
<td style="padding:2px;">{$lang['static_descr']}</td>
<td style="padding:2px;"><input type="text" name="description" size="55" class="edit bk"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_sdesc]}', this, event, '250px')">[?]</a></td>
</tr>
<tr>
<td style="padding:2px;">{$lang['edit_edate']}</td>
<td style="padding:2px;"><input type="text" name="newdate" id="f_date_c" size="20" class="edit bk" value="">
<img src="engine/skins/images/img.gif" align="absmiddle" id="f_trigger_c" style="cursor: pointer; border: 0" title="{$lang['edit_ecal']}"/> <input type="checkbox" name="allow_now" id="allow_now" value="yes" checked> {$lang['edit_jdate']}
<script type="text/javascript">
Calendar.setup({
inputField : "f_date_c", // id of the input field
ifFormat : "%Y-%m-%d %H:%M", // format of the input field
button : "f_trigger_c", // trigger for the calendar (button ID)
align : "Br", // alignment
timeFormat : "24",
showsTime : true,
singleClick : true
});
</script></td>
</tr>
HTML;
if( $config['allow_static_wysiwyg'] == "yes" ) {
include (ENGINE_DIR . '/editor/static.php');
} else {
include (ENGINE_DIR . '/inc/include/inserttag.php');
echo <<<HTML
<tr>
<td style="padding:2px;">{$lang['static_templ']}</td>
<td style="padding-left:2px;">{$bb_code}<textarea class="bk" style="width:98%; height:300px;" name="template" id="template" onclick=setFieldName(this.name)></textarea><script type=text/javascript>var selField = "template";</script></td>
</tr>
HTML;
}
if( $config['allow_static_wysiwyg'] != "yes" ) $fix_br = "<input type=\"radio\" name=\"allow_br\" value=\"1\" checked=\"checked\" /> {$lang['static_br_html']}<br /><input type=\"radio\" name=\"allow_br\" value=\"0\" /> {$lang['static_br_html_1']}";
else $fix_br = "<input type=\"radio\" name=\"allow_br\" value=\"0\" /> {$lang['static_br_html_1']}";
if ($member_id['user_group'] == 1 ) $fix_br .= "<br /><input type=\"radio\" name=\"allow_br\" value=\"2\" /> {$lang['static_br_html_2']}";
$groups = get_groups();
$skinlist = SelectSkin( '' );
echo <<<HTML
<tr><td>{$lang['static_type']}</td><td>{$fix_br}</td></tr>
<tr><td colspan="2"><div class="hr_line"></div></td></tr>
<tr>
<td> </td>
<td>{$lang['add_metatags']}<a href="#" class="hintanchor" onMouseover="showhint('{$lang['hint_metas']}', this, event, '220px')">[?]</a></td>
</tr>
<tr>
<td height="29" style="padding-left:5px;">{$lang['meta_title']}</td>
<td><input type="text" name="meta_title" style="width:388px;" class="edit bk"></td>
</tr>
<tr>
<td height="29" style="padding-left:5px;">{$lang['meta_descr']}</td>
<td><input type="text" name="descr" id="autodescr" style="width:388px;" class="edit bk"> ({$lang['meta_descr_max']})</td>
</tr>
<tr>
<td height="29" style="padding-left:5px;">{$lang['meta_keys']}</td>
<td><textarea name="keywords" id='keywords' style="width:388px;height:70px;" class="bk"></textarea></td>
</tr>
<tr><td colspan="2"><div class="hr_line"></div></td></tr>
<tr>
<td style="padding:2px;">{$lang['static_tpl']}</td>
<td style="padding-left:2px;"><input type="text" name="static_tpl" size="20" class="edit bk">.tpl<a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_stpl]}', this, event, '250px')">[?]</a></td>
</tr>
<tr>
<td style="padding:2px;">{$lang['static_skin']}</td>
<td style="padding:2px;">{$skinlist}<a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_static_skin]}', this, event, '250px')">[?]</a> <input type="checkbox" name="allow_template" value="1" checked> {$lang['st_al_templ']}</td>
</tr>
<tr>
<td style="padding:2px;">{$lang['stat_allow']}</td>
<td style="padding:2px;"><select name="grouplevel[]" style="width:150px;height:93px;" multiple><option value="all" selected>{$lang['edit_all']}</option>{$groups}</select></td>
</tr>
<tr>
<td style="padding:2px;"> </td>
<td><br /><br /><input type="submit" value="{$lang['user_save']}" class="buttons" style="width:100px;"> <input onClick="preview()" type="button" class="buttons" value="{$lang['btn_preview']}" style="width:100px;">
<input type=hidden name="action" value="dosavenew">
<input type=hidden name="mod" value="static">
<input type=hidden name="preview_mode" value="static" >
<input type="hidden" name="user_hash" value="$dle_login_hash" />
<br><br></td>
</tr>
</table>
</td>
<td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div></form>
HTML;
echofooter();
} elseif( $action == "dosavenew" ) {
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
die( "Hacking attempt! User not found" );
}
$allow_br = intval( $_POST['allow_br'] );
if ($member_id['user_group'] != 1 AND $allow_br > 1 ) $allow_br = 1;
if ($allow_br == 2) {
if( function_exists( "get_magic_quotes_gpc" ) && get_magic_quotes_gpc() ) $_POST['template'] = stripslashes( $_POST['template'] );
$template = trim( addslashes( $_POST['template'] ) );
} else {
if ( $config['allow_static_wysiwyg'] == "yes" ) $parse->allow_code = false;
$template = $parse->process( $_POST['template'] );
if( $config['allow_static_wysiwyg'] == "yes" or $allow_br != '1' ) {
$template = $parse->BB_Parse( $template );
} else {
$template = $parse->BB_Parse( $template, false );
}
}
$metatags = create_metatags( $template );
$name = trim( totranslit( $_POST['name'], true, false ) );
$descr = trim( $db->safesql( htmlspecialchars( $_POST['description'] ) ) );
$template = $db->safesql( $template );
$tpl = trim( totranslit( $_POST['static_tpl'] ) );
$skin_name = trim( totranslit( $_POST['skin_name'], false, false ) );
$newdate = $_POST['newdate'];
if( isset( $_POST['allow_now'] ) ) $allow_now = $_POST['allow_now']; else $allow_now = "";
if( ! count( $_POST['grouplevel'] ) ) $_POST['grouplevel'] = array ("all" );
$grouplevel = $db->safesql( implode( ',', $_POST['grouplevel'] ) );
$allow_template = intval( $_POST['allow_template'] );
// Обработка даты и времени
$added_time = time() + ($config['date_adjust'] * 60);
$newsdate = strtotime( $newdate );
if( ($allow_now == "yes") OR ($newsdate === - 1) OR !$newsdate) {
$thistime = $added_time;
} else {
$thistime = $newsdate;
if( ! intval( $config['no_date'] ) and $newsdate > $added_time ) $thistime = $added_time;
}
if( $name == "" or $descr == "" or $template == "" ) msg( "error", $lang['static_err'], $lang['static_err_1'], "javascript:history.go(-1)" );
$static_count = $db->super_query( "SELECT COUNT(*) as count FROM " . PREFIX . "_static WHERE name='$name'" );
if ($static_count['count']) msg( "error", $lang['static_err'], $lang['static_err_2'], "javascript:history.go(-1)" );
$db->query( "INSERT INTO " . PREFIX . "_static (name, descr, template, allow_br, allow_template, grouplevel, tpl, metadescr, metakeys, template_folder, date, metatitle) values ('$name', '$descr', '$template', '$allow_br', '$allow_template', '$grouplevel', '$tpl', '{$metatags['description']}', '{$metatags['keywords']}', '{$skin_name}', '{$thistime}', '{$metatags['title']}')" );
$row = $db->insert_id();
$db->query( "UPDATE " . PREFIX . "_static_files SET static_id='{$row}' WHERE author = '{$member_id['name']}' AND static_id = '0'" );
msg( "info", $lang['static_addok'], $lang['static_addok_1'], "?mod=static" );
} elseif( $action == "doedit" ) {
$id = intval( $_GET['id'] );
if( $_GET['page'] == "rules" ) {
$row = $db->super_query( "SELECT * FROM " . PREFIX . "_static where name='dle-rules-page'" );
$lang['static_edit'] = $lang['rules_edit'];
if( ! $row['id'] ) {
$id = "";
$row['allow_template'] = "1";
} else
$id = $row['id'];
if( ! $config['registration_rules'] ) $lang['rules_descr'] = $lang['rules_descr'] . " <font color=\"red\">" . $lang['rules_check'] . "</font>";
} else {
$row = $db->super_query( "SELECT * FROM " . PREFIX . "_static where id='$id'" );
}
if ($row['allow_br'] == 2) {
if ($member_id['user_group'] != 1) msg( "error", $lang['index_denied'], $lang['static_not_allowed'] );
$row['template'] = htmlspecialchars( stripslashes( $row['template'] ) );
} else {
if( $row['allow_br'] != '1' or $config['allow_static_wysiwyg'] == "yes" ) {
$row['template'] = $parse->decodeBBCodes( $row['template'], true, $config['allow_static_wysiwyg'] );
} else {
$row['template'] = $parse->decodeBBCodes( $row['template'], false );
}
}
$skinlist = SelectSkin( $row['template_folder'] );
$row['descr'] = stripslashes($row['descr']);
$row['metatitle'] = stripslashes( $row['metatitle'] );
$itemdate = @date( "Y-m-d H:i", $row['date'] );
$js_array[] = "engine/skins/calendar.js";
echoheader( "static", "static" );
echo <<<HTML
<!-- calendar stylesheet -->
<link rel="stylesheet" type="text/css" media="all" href="engine/skins/calendar-blue.css" title="win2k-cold-1" />
<script language="javascript">
function CheckStatus(Form){
if(Form.allow_date.checked) {
Form.allow_now.disabled = true;
Form.allow_now.checked = false;
} else {
Form.allow_now.disabled = false;
}
}
function confirmdelete(id) {
DLEconfirm( '{$lang['static_confirm']}', '{$lang['p_confirm']}', function () {
document.location="{$PHP_SELF}?mod=static&action=dodelete&user_hash={$dle_login_hash}&id="+id;
} );
}
</script>
HTML;
echo "
<SCRIPT LANGUAGE=\"JavaScript\">
function preview(){";
if( $config['allow_static_wysiwyg'] == "yes" ) {
echo "document.getElementById('template').value = $('#template').html();";
}
echo "if(document.static.template.value == ''){ DLEalert('$lang[static_err_1]', '$lang[p_info]'); }
else{
dd=window.open('','prv','height=400,width=750,resizable=1,scrollbars=1')
document.static.mod.value='preview';document.static.target='prv'
document.static.submit(); dd.focus()
setTimeout(\"document.static.mod.value='static';document.static.target='_self'\",500)
}
}
</SCRIPT>";
if( $_GET['page'] == "rules" ) {
if( $config['allow_static_wysiwyg'] == "yes" ) echo "<form method=post name=\"static\" id=\"static\" onsubmit=\"document.getElementById('template').value = $('#template').html();\" action=\"\">";
else echo "<form method=post name=\"static\" id=\"static\" action=\"\">";
} else {
if( $config['allow_static_wysiwyg'] == "yes" ) echo "<form method=post name=\"static\" id=\"static\" onsubmit=\"document.getElementById('template').value = $('#template').html(); if(document.static.name.value == '' || document.static.description.value == '' || document.static.template.value == ''){DLEalert('$lang[vote_alert]', '$lang[p_info]');return false}\" action=\"\">";
else echo "<form method=post name=\"static\" id=\"static\" onsubmit=\"if(document.static.name.value == '' || document.static.description.value == '' || document.static.template.value == ''){DLEalert('$lang[vote_alert]', '$lang[p_info]');return false}\" action=\"\">";
}
echo <<<HTML
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
<tr>
<td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['static_edit']}</div></td>
</tr>
</table>
<div class="unterline"></div>
<table width="100%">
HTML;
if( $_GET['page'] == "rules" ) {
echo <<<HTML
<tr>
<td width="150" style="padding:2px;">{$lang['static_descr']}</td>
<td style="padding:2px;" class="navigation">{$lang['rules_descr']}</td>
</tr>
HTML;
} else {
echo <<<HTML
<tr>
<td width="150" style="padding:2px;">{$lang['static_title']}</td>
<td style="padding:2px;"><input type="text" name="name" size="25" class="edit bk" value="{$row['name']}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_stitle]}', this, event, '250px')">[?]</a></td>
</tr>
<tr>
<td style="padding:2px;">{$lang['static_descr']}</td>
<td style="padding:2px;"><input type="text" name="description" size="55" class="edit bk" value="{$row['descr']}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_sdesc]}', this, event, '250px')">[?]</a></td>
</tr>
HTML;
}
echo <<<HTML
<tr>
<td style="padding:2px;">{$lang['edit_edate']}</td>
<td style="padding:2px;"><input type="text" name="newdate" id="f_date_c" size="20" class="edit bk" value="{$itemdate}">
<img src="engine/skins/images/img.gif" align="absmiddle" id="f_trigger_c" style="cursor: pointer; border: 0" title="{$lang['edit_ecal']}"/> <input type="checkbox" name="allow_date" id="allow_date" value="yes" onclick="CheckStatus(static)" checked> {$lang['edit_ndate']} <input type="checkbox" name="allow_now" id="allow_now" value="yes" disabled> {$lang['edit_jdate']}
<script type="text/javascript">
Calendar.setup({
inputField : "f_date_c", // id of the input field
ifFormat : "%Y-%m-%d %H:%M", // format of the input field
button : "f_trigger_c", // trigger for the calendar (button ID)
align : "Br", // alignment
timeFormat : "24",
showsTime : true,
singleClick : true
});
</script></td>
</tr>
HTML;
if( $config['allow_static_wysiwyg'] == "yes" ) {
include (ENGINE_DIR . '/editor/static.php');
} else {
include (ENGINE_DIR . '/inc/include/inserttag.php');
echo <<<HTML
<tr>
<td style="padding:2px;">{$lang['static_templ']}</td>
<td style="padding:2px;">{$bb_code}<textarea class="bk" style="width:98%; height:300px;" name="template" id="template" onclick=setFieldName(this.name)>{$row['template']}</textarea><script type=text/javascript>var selField = "template";</script></td>
</tr>
HTML;
}
$check = array();
$check[$row['allow_br']] = "checked=\"checked\"";
if( $config['allow_static_wysiwyg'] != "yes" ) $fix_br = "<input type=\"radio\" name=\"allow_br\" value=\"1\" {$check[1]} /> {$lang['static_br_html']}<br /><input type=\"radio\" name=\"allow_br\" value=\"0\" {$check[0]} /> {$lang['static_br_html_1']}";
else $fix_br = "<input type=\"radio\" name=\"allow_br\" value=\"0\" {$check[0]} /> {$lang['static_br_html_1']}";
if ($member_id['user_group'] == 1 ) $fix_br .= "<br /><input type=\"radio\" name=\"allow_br\" value=\"2\" {$check[2]} /> {$lang['static_br_html_2']}";
if( $row['allow_template'] ) $check_t = "checked";
else $check_t = "";
$groups = get_groups( explode( ',', $row['grouplevel'] ) );
if( $row['grouplevel'] == "all" ) $check_all = "selected";
else $check_all = "";
echo <<<HTML
<tr><td>{$lang['static_type']}</td><td>{$fix_br}</td></tr>
<tr><td colspan="2"><div class="hr_line"></div></td></tr>
<tr>
<td> </td>
<td>{$lang['add_metatags']}<a href="#" class="hintanchor" onMouseover="showhint('{$lang['hint_metas']}', this, event, '220px')">[?]</a></td>
</tr>
<tr>
<td height="29" style="padding-left:5px;">{$lang['meta_title']}</td>
<td><input type="text" name="meta_title" style="width:388px;" class="edit bk" value="{$row['metatitle']}"></td>
</tr>
<tr>
<td height="29" style="padding-left:5px;">{$lang['meta_descr']}</td>
<td><input type="text" name="descr" style="width:388px;" class="edit bk" value="{$row['metadescr']}"> ({$lang['meta_descr_max']})</td>
</tr>
<tr>
<td height="29" style="padding-left:5px;">{$lang['meta_keys']}</td>
<td><textarea name="keywords" style="width:388px;height:70px;" class="bk">{$row['metakeys']}</textarea></td>
</tr>
<tr><td colspan="2"><div class="hr_line"></div></td></tr>
<tr>
<td style="padding:2px;">{$lang['static_tpl']}</td>
<td style="padding:2px;"><input type="text" name="static_tpl" size="20" value="{$row['tpl']}" class="edit bk">.tpl<a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_stpl]}', this, event, '250px')">[?]</a></td>
</tr>
HTML;
if( $_GET['page'] != "rules" ) echo <<<HTML
<tr>
<td style="padding:2px;">{$lang['static_skin']}</td>
<td style="padding:2px;">{$skinlist}<a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_static_skin]}', this, event, '250px')">[?]</a></td>
</tr>
<tr>
<td style="padding:2px;">{$lang['stat_allow']}</td>
<td style="padding:2px;"><select name="grouplevel[]" style="width:150px;height:93px;" multiple><option value="all" {$check_all}>{$lang['edit_all']}</option>{$groups}</select></td>
</tr>
HTML;
echo <<<HTML
<tr>
<td style="padding:2px;"> </td>
<td style="padding-left:2px;"><input type="checkbox" name="allow_template" value="1" {$check_t}> {$lang['st_al_templ']}</td>
</tr>
<tr>
<td style="padding:2px;"> </td>
<td><br> <input type="submit" value="{$lang['user_save']}" class="buttons" style="width:100px;"> <input onClick="preview()" type="button" class="buttons" value="{$lang['btn_preview']}" style="width:100px;"> <input onClick="confirmdelete('{$row['id']}'); return(false)" type="button" class="buttons" value="{$lang['edit_dnews']}" style="width:100px;">
<input type="hidden" name="action" value="dosaveedit">
<input type=hidden name="mod" value="static">
<input type=hidden name="preview_mode" value="static" >
<input type="hidden" name="user_hash" value="$dle_login_hash" />
<input type="hidden" name="static_date" value="{$row['date']}" />
<input type="hidden" name="id" value="{$id}">
<br><br></td>
</tr>
</table>
</td>
<td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div></form>
HTML;
echofooter();
} elseif( $action == "dosaveedit" ) {
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
die( "Hacking attempt! User not found" );
}
$allow_br = intval( $_POST['allow_br'] );
if ($member_id['user_group'] != 1 AND $allow_br > 1 ) $allow_br = 1;
if ($allow_br == 2) {
if( function_exists( "get_magic_quotes_gpc" ) && get_magic_quotes_gpc() ) $_POST['template'] = stripslashes( $_POST['template'] );
$template = trim( addslashes( $_POST['template'] ) );
} else {
if ( $config['allow_static_wysiwyg'] == "yes" ) $parse->allow_code = false;
$template = $parse->process( $_POST['template'] );
if( $config['allow_static_wysiwyg'] == "yes" or $allow_br != '1' ) {
$template = $parse->BB_Parse( $template );
} else {
$template = $parse->BB_Parse( $template, false );
}
}
$metatags = create_metatags( $template );
if( $_GET['page'] == "rules" ) {
$name = "dle-rules-page";
$descr = $lang['rules_edit'];
} else {
$name = trim( totranslit( $_POST['name'], true, false ) );
$descr = trim( $db->safesql( htmlspecialchars( $_POST['description'] ) ) );
if( ! count( $_POST['grouplevel'] ) ) $_POST['grouplevel'] = array ("all" );
$grouplevel = $db->safesql( implode( ',', $_POST['grouplevel'] ) );
}
$template = $db->safesql( $template );
$allow_template = intval( $_POST['allow_template'] );
$tpl = trim( totranslit( $_POST['static_tpl'] ) );
$skin_name = trim( totranslit( $_POST['skin_name'], false, false ) );
$newdate = $_POST['newdate'];
if( isset( $_POST['allow_date'] ) ) $allow_date = $_POST['allow_date']; else $allow_date = "";
if( isset( $_POST['allow_now'] ) ) $allow_now = $_POST['allow_now']; else $allow_now = "";
// Обработка даты и времени
$added_time = time() + ($config['date_adjust'] * 60);
$newsdate = strtotime( $newdate );
if( $allow_date != "yes" ) {
if( $allow_now == "yes" ) $thistime = $added_time;
elseif( ($newsdate === - 1) OR !$newsdate ) {
$thistime = $added_time;
} else {
$thistime = $newsdate;
if( ! intval( $config['no_date'] ) and $newsdate > $added_time ) {
$thistime = $added_time;
}
}
} else {
$thistime = intval( $_POST['static_date'] );
}
if( $_GET['page'] == "rules" ) {
if( $_POST['id'] ) {
$db->query( "UPDATE " . PREFIX . "_static SET descr='$descr', template='$template', allow_br='$allow_br', allow_template='$allow_template', grouplevel='all', tpl='$tpl', metadescr='{$metatags['description']}', metakeys='{$metatags['keywords']}', template_folder='{$skin_name}', date='{$thistime}', metatitle='{$metatags['title']}' WHERE name='dle-rules-page'" );
} else {
$db->query( "INSERT INTO " . PREFIX . "_static (name, descr, template, allow_br, allow_template, grouplevel, tpl, metadescr, metakeys, template_folder, date, metatitle) values ('$name', '$descr', '$template', '$allow_br', '$allow_template', 'all', '$tpl', '{$metatags['description']}', '{$metatags['keywords']}', '{$skin_name}', '{$thistime}', '{$metatags['title']}')" );
$row = $db->insert_id();
$db->query( "UPDATE " . PREFIX . "_static_files SET static_id='{$row}' WHERE author = '{$member_id['name']}' AND static_id = '0'" );
}
msg( "info", $lang['rules_ok'], $lang['rules_ok'], "?mod=static&action=doedit&page=rules" );
} else {
$id = intval( $_GET['id'] );
if( $name == "" or $descr == "" or $template == "" ) msg( "error", $lang['static_err'], $lang['static_err_1'], "javascript:history.go(-1)" );
$static_count = $db->super_query( "SELECT COUNT(*) as count FROM " . PREFIX . "_static WHERE name='$name' AND id != '$id'" );
if ($static_count['count']) msg( "error", $lang['static_err'], $lang['static_err_2'], "javascript:history.go(-1)" );
$db->query( "UPDATE " . PREFIX . "_static SET name='$name', descr='$descr', template='$template', allow_br='$allow_br', allow_template='$allow_template', grouplevel='$grouplevel', tpl='$tpl', metadescr='{$metatags['description']}', metakeys='{$metatags['keywords']}', template_folder='{$skin_name}', date='{$thistime}', metatitle='{$metatags['title']}' WHERE id='$id'" );
msg( "info", $lang['static_addok'], $lang['static_addok_1'], "?mod=static" );
}
msg( "info", $lang['static_addok'], $lang['static_addok_1'], "?mod=static" );
} elseif( $action == "dodelete" ) {
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
die( "Hacking attempt! User not found" );
}
$id = intval( $_GET['id'] );
$db->query( "DELETE FROM " . PREFIX . "_static WHERE id='$id'" );
$db->query( "SELECT name, onserver FROM " . PREFIX . "_static_files WHERE static_id = '$id'" );
while ( $row = $db->get_row() ) {
if( $row['onserver'] ) {
@unlink( ROOT_DIR . "/uploads/files/" . $row['onserver'] );
} else {
$url_image = explode( "/", $row['name'] );
if( count( $url_image ) == 2 ) {
$folder_prefix = $url_image[0] . "/";
$dataimages = $url_image[1];
} else {
$folder_prefix = "";
$dataimages = $url_image[0];
}
@unlink( ROOT_DIR . "/uploads/posts/" . $folder_prefix . $dataimages );
@unlink( ROOT_DIR . "/uploads/posts/" . $folder_prefix . "thumbs/" . $dataimages );
}
}
$db->query( "DELETE FROM " . PREFIX . "_static_files WHERE static_id = '$id'" );
msg( "info", $lang['static_del'], $lang['static_del_1'], "$PHP_SELF?mod=static" );
}
?>
Добавлено через 14 минут, 45 секунд:Вот знаменитые Dle API думаю будет интересно почитать комментарии:
<?php
/*
=====================================================
DataLife Engine - by SoftNews Media Group
-----------------------------------------------------
http://dle-news.ru/
-----------------------------------------------------
Copyright (c) 2009, 2011 IT-Security (Asafov Sergey)
=====================================================
Данный код защищен авторскими правами
=====================================================
Файл: api.class.php
-----------------------------------------------------
Назначение: API для написания модификаций или интеграции в другие скрипты
=====================================================
*/
if( ! defined( 'DATALIFEENGINE' ) ) {
define( 'DATALIFEENGINE', true );
}
if( ! defined( 'ROOT_DIR' ) ) {
define( 'ROOT_DIR', substr( dirname( __FILE__ ), 0, - 11 ) );
}
if( ! defined( 'ENGINE_DIR' ) ) {
define( 'ENGINE_DIR', ROOT_DIR . '/engine' );
}
if( ! class_exists( 'DLE_API' ) )
{
class DLE_API
{
/**
* Экземпляр класса DB
* @var object
*/
var $db = false;
/**
* Версия API
* @var string
*/
var $version = '0.07';
/**
* Копия конфига DLE
* @var array
*/
var $dle_config = array ();
/**
* Путь до директории с кешем
* @var string
*/
var $cache_dir = false;
/**
* Массив со всеми файлами кеша
* @var array
*/
var $cache_files = array();
/**
* Конструктор класса
* @return boolean
*/
function DLE_API()
{
if (!$this->cache_dir)
{
$this->cache_dir = ENGINE_DIR."/cache/";
}
return true;
}
/**
* Получение информации о пользователе по его ID
* @param $id int - ID пользователя
* @param $select_list string - Перечень полей с информации или * для всех
* @return Массив с данными в случае успеха и false если пользователь не найден
*/
function take_user_by_id ($id, $select_list = "*")
{
$id = intval( $id );
if( $id == 0 ) return false;
$row = $this->load_table(USERPREFIX."_users", $select_list, "user_id = '$id'");
if( count( $row ) == 0 )
return false;
else
return $row;
}
/**
* Получение информации о пользователе по его имени
* @param $name string - Имя пользователя
* @param $select_list string - Перечень полей с информации или * для всех
* @return Массив с данными в случае успеха и false если пользователь не найден
*/
function take_user_by_name($name, $select_list = "*")
{
$name = $this->db->safesql( $name );
if( $name == '' ) return false;
$row = $this->load_table(USERPREFIX."_users", $select_list, "name = '$name'");
if( count( $row ) == 0 )
return false;
else
return $row;
}
/**
* Получение информации о пользователе по его емайлу
* @param $email string - Емайл пользователя
* @param $select_list string - Перечень полей с информации или * для всех
* @return Массив с данными в случае успеха и false если пользователь не найден
*/
function take_user_by_email($email, $select_list = "*")
{
$email = $this->db->safesql( $email );
if( $email == '' ) return false;
$row = $this->load_table(USERPREFIX."_users", $select_list, "email = '$email'");
if( count( $row ) == 0 )
return false;
else
return $row;
}
/**
* Получение данных пользователей определённой группы
* @param $group int - ID группы
* @param $select_list string - Перечень полей с информации или * для всех
* @param $limit int - Количество получаемых пользователей
* @return 2-х мерный массив с данными в случае успеха и false если пользователь не найден
*/
function take_users_by_group ($group, $select_list = "*", $limit = 0)
{
$group = intval( $group );
$data = array();
if( $group == 0 ) return false;
$data = $this->load_table(USERPREFIX."_users", $select_list, "user_group = '$group'", true, 0, $limit);
if( count( $data ) == 0 )
return false;
else
return $data;
}
/**
* Получение данных пользователей, засветившихся под определённым IP
* @param $ip string - Интересующий нас IP
* @param $like bool - использовать ли маску при поиске
* @param $select_list string - Перечень полей с информации или * для всех
* @param $limit int - Количество получаемых пользователей
* @return 2-х мерный массив с данными в случае успеха и false если пользователь не найден
*/
function take_users_by_ip ($ip, $like = false, $select_list = "*", $limit = 0)
{
$ip = $this->db->safesql( $ip );
$data = array();
if( $ip == '' ) return false;
if( $like )
$condition = "logged_ip like '$ip%'";
else
$condition = "logged_ip = '$ip'";
$data = $this->load_table(USERPREFIX."_users", $select_list, $condition, true, 0, $limit);
if( count( $data ) == 0 )
return false;
else
return $data;
}
/**
* Смена имени пользователя
* @param $user_id int - ID пользователя
* @param $new_name string - Новое имя пользователя
* @return bool - true в случае успеха и false ежели новое имя уже занято другим пользователем
*/
function change_user_name ($user_id, $new_name)
{
$user_id = intval( $user_id );
$new_name = $this->db->safesql( $new_name );
$count_arr = $this->load_table(USERPREFIX."_users", "count(user_id) as count", "name = '$new_name'");
$count = $count_arr['count'];
if( $count > 0 ) return false;
$old_name_arr = $this->load_table(USERPREFIX."_users", "name", "user_id = '$user_id'");
$old_name = $old_name_arr['name'];
$this->db->query( "UPDATE " . PREFIX . "_post SET autor='$new_name' WHERE autor='{$old_name}'" );
$this->db->query( "UPDATE " . PREFIX . "_comments SET autor='$new_name' WHERE autor='{$old_name}' AND is_register='1'" );
$this->db->query( "UPDATE " . USERPREFIX . "_pm SET user_from='$new_name' WHERE user_from='{$old_name}'" );
$this->db->query( "UPDATE " . PREFIX . "_vote_result SET name='$new_name' WHERE name='{$old_name}'" );
$this->db->query( "UPDATE " . PREFIX . "_images SET author='$new_name' WHERE author='{$old_name}'" );
$this->db->query( "update " . USERPREFIX . "_users set name = '$new_name' where user_id = '$user_id'" );
return true;
}
/**
* Изменение пароля пользователя
* @param $user_id int - ID пользователя
* @param $new_password string - новый пароль
* @return null
*/
function change_user_password($user_id, $new_password)
{
$user_id = intval( $user_id );
$new_password = md5( md5( $new_password ) );
$this->db->query( "update " . USERPREFIX . "_users set password = '$new_password' where user_id = '$user_id'" );
}
/**
* Изменение емайла пользователя
* @param $user_id int - ID пользователя
* @param $new_email string - новый емайл пользователя
* @return int - некий код
* -2: некорректный емайл
* -1: новый емайл используется другим пользователем
* 1: операция прошла успешно
*/
function change_user_email($user_id, $new_email)
{
$user_id = intval( $user_id );
if( (! preg_match('/^([a-z0-9])(([-a-z0-9._])*([a-z0-9]))*\@([a-z0-9])'.'(([a-z0-9-])*([a-z0-9]))+' . '(\.([a-z0-9])([-a-z0-9_-])?([a-z0-9])+)+$/i', $new_email )) or (empty( $new_email )) )
{
return -2;
}
$new_email = $this->db->safesql( $new_email );
$email_exist_arr = $this->load_table(USERPREFIX."_users", "count(user_id) as count", "email = '$new_email'");
if ($email_exist_arr['count'] > 0) return -1;
$q = $this->db->query( "update " . USERPREFIX . "_users set email = '$new_email' where user_id = '$user_id'" );
return 1;
}
/**
* Изменение группы пользователя
* @param $user_id int - ID пользователя
* @param $new_group int - ID новой группы пользователя
* @return bool - true в случае успеха и false если указан ID несуществующей группы
*/
function change_user_group($user_id, $new_group)
{
$user_id = intval( $user_id );
$new_group = intval( $new_group );
if($this->checkGroup($new_group) === false) return false;
$this->db->query( "update " . USERPREFIX . "_users set user_group = '$new_group' where user_id = '$user_id'" );
return true;
}
/**
* Авторизация пользователя по имени и паролю
* @param $login string - имя пользователя
* @param $password string - пароль пользователя
* @return bool
* true: разрешаем авторизацию
* false: авторизация не пройдена
*/
function external_auth($login, $password)
{
$login = $this->db->safesql( $login );
$password = md5( md5( $password ) );
$arr = $this->load_table(USERPREFIX."_users", "user_id", "name = '$login' AND password = '$password'");
if( ! empty( $arr['user_id'] ) )
return true;
else
return false;
}
/**
* Добавление в базу нового пользователя
* @param $login string - имя пользователя
* @param $password string - пароль пользователя
* @param $email string - емайл пользователя
* @param $group int - группа пользователя
* @return int - код
* -4: задана несуществующая группа
* -3: некорректный емайл
* -2: емайл занят другим пользователем
* -1: имя пользователя тоже занято, вот неудача
* 1: операция прошла успешно
*/
function external_register($login, $password, $email, $group)
{
$login = $this->db->safesql( $login );
$password = md5( md5( $password ) );
$email = $this->db->safesql( $email );
$group = intval( $group );
$login_exist_arr = $this->load_table(USERPREFIX."_users", "count(user_id) as count", "name = '$login'");
if( $login_exist_arr['count'] > 0 ) return -1;
$email_exist_arr = $this->load_table(USERPREFIX."_users", "count(user_id) as count", "email = '$email'");
if( $email_exist_arr['count'] > 0 ) return -2;
if (!ereg( '^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+' . '@' . '[-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $email ) or (empty( $email )))
{
return -3;
}
if($this->checkGroup($group) === false) return -4;
$now = time();
$q = $this->db->query( "insert into " . USERPREFIX . "_users (email, password, name, user_group, reg_date) VALUES ('$email', '$password', '$login', '$group', '$now')" );
return 1;
}
/**
* Отправка пользователю персонального сообщения
* @param $user_id int - ID получателя
* @param $subject string - тема сообщения
* @param $text string - текст сообщения
* @param $from string - имя отправителя
* @return int - код
* -1: получатель не существует
* 0: операция неудалась
* 1: операция прошла успешно
*/
function send_pm_to_user($user_id, $subject, $text, $from)
{
$user_id = intval( $user_id );
// Check if user exist
$count_arr = $this->load_table(USERPREFIX."_users", "count(user_id) as count", "user_id = '$user_id'");
if($count_arr['count'] == 0 ) return - 1;
$subject = $this->db->safesql( $subject );
$text = $this->db->safesql( $text );
$from = $this->db->safesql( $from );
$now = time();
$q = $this->db->query( "insert into " . PREFIX . "_pm (subj, text, user, user_from, date, pm_read, folder) VALUES ('$subject', '$text', '$user_id', '$from', '$now', 'no', 'inbox')" );
if( ! $q ) return 0;
$this->db->query( "update " . USERPREFIX . "_users set pm_unread = pm_unread + 1, pm_all = pm_all+1 where user_id = '$user_id'" );
return 1;
}
/**
* Service function - take params from table
* @param $table string - название таблицы
* @param $fields string - необходимые поля через запятйю или * для всех
* @param $where string - условие выборки
* @param $multirow bool - забирать ли один ряд или несколько
* @param $start int - начальное значение выборки
* @param $limit int - количество записей для выборки, 0 - выбрать все
* @param $sort string - поле, по которому осуществляется сортировка
* @param $sort_order - направление сортировки
* @return array с данными или false если mysql вернуль 0 рядов
*/
function load_table ($table, $fields = "*", $where = '1', $multirow = false, $start = 0, $limit = 0, $sort = '', $sort_order = 'desc')
{
if (!$table) return false;
if ($sort!='') $where.= ' order by '.$sort.' '.$sort_order;
if ($limit>0) $where.= ' limit '.$start.','.$limit;
$q = $this->db->query("Select ".$fields." from ".$table." where ".$where);
if ($multirow)
{
while ($row = $this->db->get_row())
{
$values[] = $row;
}
}
else
{
$values = $this->db->get_row();
}
if (count($values)>0) return $values;
return false;
}
/**
* Запись данных в кеш
* @param $fname string - имя файла для кеша без расширения
* @param $vars - данные для записи
* @return unknown_type
*/
function save_to_cache ($fname, $vars)
{
// @TODO собачка - зло
$filename = $fname.".tmp";
$f = @fopen($this->cache_dir.$filename, "w+");
@chmod('0777', $this->cache_dir.$filename);
if (is_array($vars)) $vars = serialize($vars);
@fwrite($f, $vars);
@fclose($f);
return $vars;
}
/**
* Загрузка данных из кеша
* @param $fnamee string - имя файла для кеша без расширения
* @param $timeout int - время жизни кэша в секундах
* @param $type string - тип данных в кеше. если не text - считаем, что хранился массив
* @return unknown_type
*/
function load_from_cache ($fname, $timeout=300, $type = 'text')
{
$filename = $fname.".tmp";
if (!file_exists($this->cache_dir.$filename)) return false;
if ((filemtime($this->cache_dir.$filename)) < (time()-$timeout)) return false;
if ($type=='text')
{
return file_get_contents($this->cache_dir.$filename);
}
else
{
return unserialize(file_get_contents($this->cache_dir.$filename));
}
}
/**
* Удаление кеша
* @param $name string - имя файла для удаления. При значении GLOBAL удаляем весь кеш
* @return null
*/
function clean_cache($name = "GLOBAL")
{
$this->get_cached_files();
if ($name=="GLOBAL")
{
foreach ($this->cache_files as $cached_file)
{
@unlink($this->cache_dir.$cached_file);
}
}
elseif (in_array($name.".tmp", $this->cache_files))
{
@unlink($this->cache_dir.$name.".tmp");
}
}
/**
* Получение массива содержащего названия файлов кеша
* @return array
*/
function get_cached_files()
{
$handle = opendir($this->cache_dir);
while (($file = readdir($handle)) !== false)
{
if ($file != '.' && $file != '..' && (!is_dir($this->cache_dir.$file) && $file !='.htaccess'))
{
$this->cache_files [] = $file;
}
}
closedir($handle);
}
/**
* Сохранение параметров скрипта
* @param $key string или array
* string: Название параметра
* array: ассоциативный массив параметров
* @param $new_value - значение параметра. Не используется, если $key массив
* @return null;
*/
function edit_config ($key, $new_value = '')
{
$find[] = "'\r'";
$replace[] = "";
$find[] = "'\n'";
$replace[] = "";
$config = $this->dle_config;
if (is_array($key))
{
foreach ($key as $ckey=>$cvalue)
{
if ($config[$ckey])
{
$config[$ckey] = $cvalue;
}
}
}
else
{
if ($config[$key])
{
$config[$key] = $new_value;
}
}
// Записываем новый конфиг
$handle = @fopen(ENGINE_DIR.'/data/config.php', 'w');
fwrite( $handle, "<?PHP \n\n//System Configurations\n\n\$config = array (\n\n" );
foreach ( $config as $name => $value )
{
if( $name != "offline_reason" )
{
$value = trim( stripslashes( $value ) );
$value = htmlspecialchars( $value);
$value = preg_replace( $find, $replace, $value );
$name = trim( stripslashes( $name ) );
$name = htmlspecialchars( $name, ENT_QUOTES );
$name = preg_replace( $find, $replace, $name );
}
$value = str_replace( "$", "$", $value );
$value = str_replace( "{", "{", $value );
$value = str_replace( "}", "}", $value );
$name = str_replace( "$", "$", $name );
$name = str_replace( "{", "{", $name );
$name = str_replace( "}", "}", $name );
fwrite( $handle, "'{$name}' => \"{$value}\",\n\n" );
}
fwrite( $handle, ");\n\n?>" );
fclose( $handle );
$this->clean_cache();
}
/**
* Получение новостей
* @param $cat string - категории новостей, через запятую
* @param $fields string - перечень получаемых полей новостей или * для всех
* @param $start int - начальное значение выборки
* @param $limit int - количество новостей для выборки, 0 - выбрать все новости
* @param $sort string - поле, по которому осуществляется сортировка
* @param $sort_order - направление сортировки
* @return array - ассоциативный 2-х мерный массив с новостями
*/
function take_news ($cat, $fields = "*", $start = 0, $limit = 10, $sort = 'id', $sort_order = 'desc')
{
if ($this->dle_config['allow_multi_category'] == 1)
{
$condition = 'category regexp "[[:<:]]('.str_replace(',', '|', $cat).')[[:>:]]"';
}
else
{
$condition = 'category IN ('.$cat.')';
}
return $this->load_table (PREFIX."_post", $fields, $condition, $multirow = true, $start, $limit, $sort, $sort_order);
}
/**
* Проверка существования группы с указанным ID
* @param $group int - ID группы
* @return bool - true если существует и false если нет
*/
function checkGroup($group)
{
$row = $this->db->super_query('SELECT group_name FROM '.USERPREFIX.'_usergroups WHERE id = '.intval($group));
return isset($row['group_name']);
}
/**
* Установка административной части модуля
* @param $name string - название модуля, а именно файла .php находящегося в папке engine/inc/,
но без расширения файла
* @param $title string - заголовок модуля
* @param $descr string - описание модуля
* @param $icon string - имя иконки для модуля, без указания пути.
Иконка обязательно при этом должна находится в папке engine/skins/images/
* @param $perm string - информация о группах которым разрешен показ данного модуля.
Данное поле может принимать следующие значения: all или ID групп через запятую.
Например: 1,2,3. если указано значение all то модуль будет показываться всем
пользователям имеющим доступ в админпанель
* @return bool - true если успешно установлено и false если нет
*/
function install_admin_module ($name, $title, $descr, $icon, $perm = '1')
{
$name = $this->db->safesql($name);
$title = $this->db->safesql($title);
$descr = $this->db->safesql($descr);
$icon = $this->db->safesql($icon);
$perm = $this->db->safesql($perm);
// Для начала проверяем наличие модуля
$this->db->query("Select name from `".PREFIX."_admin_sections` where name = '$name'");
if ($this->db->num_rows()>0)
{
// Модуль есть, обновляем данные
$this->db->query("UPDATE `".PREFIX."_admin_sections` set title = '$title', descr = '$descr', icon = '$icon', allow_groups = '$perm' where name = '$name'");
return true;
}
else
{
// Модуля нету, добавляем
$this->db->query("INSERT INTO `".PREFIX."_admin_sections` (`name`, `title`, `descr`, `icon`, `allow_groups`) VALUES ('$name', '$title', '$descr', '$icon', '$perm')");
return true;
}
return false;
}
/**
* Удаление административной части модуля
* @param $name string - название модуля
* @return null
*/
function uninstall_admin_module ($name)
{
$name = $this->db->safesql($name);
$this->db->query("DELETE FROM `".PREFIX."_admin_sections` where name = '$name'");
}
/**
* Изменение прав административной части модуля
* @param $name string - название модуля
* @param $perm string - информация о группах которым разрешен показ данного модуля.
Данное поле может принимать следующие значения: all или ID групп через запятую.
Например: 1,2,3. если указано значение all то модуль будет показываться всем
пользователям имеющим доступ в админпанель
* @return null
*/
function change_admin_module_perms ($name, $perm)
{
$name = $this->db->safesql($name);
$perm = $this->db->safesql($perm);
$this->db->query("UPDATE `".PREFIX."_admin_sections` set allow_groups = '$perm' where name = '$name'");
}
}
}
$dle_api = new DLE_API ();
if( ! $config['version_id'] ) include_once (ENGINE_DIR . '/data/config.php');
$dle_api->dle_config = $config;
if( ! isset( $db ) ) {
include_once (ENGINE_DIR . '/classes/mysql.php');
include_once (ENGINE_DIR . '/data/dbconfig.php');
}
$dle_api->db = $db;
?>
Добавлено через 18 минут, 54 секунд:Порадовал отдельный файл для двух строк, хотя можно записать и одной:) :
<?php
/*
=====================================================
DataLife Engine - by SoftNews Media Group
-----------------------------------------------------
http://dle-news.ru/
-----------------------------------------------------
Copyright (c) 2004,2011 SoftNews Media Group
=====================================================
Данный код защищен авторскими правами
=====================================================
Файл: mysql.php
-----------------------------------------------------
Назначение: Класс для работы с базой данных
=====================================================
*/
if(!defined('DATALIFEENGINE'))
{
die("Hacking attempt!");
}
if ( extension_loaded('mysqli') )
{
include_once( ENGINE_DIR."/classes/mysqli.class.php" );
}
else
{
include_once( ENGINE_DIR."/classes/mysql.class.php" );
}
?>
Добавлено через 23 минут, 58 секунд:Вот индекс пхп:
<?php
/*
=====================================================
DataLife Engine - by SoftNews Media Group
-----------------------------------------------------
http://dle-news.ru/
-----------------------------------------------------
Copyright (c) 2004,2011 SoftNews Media Group
=====================================================
Данный код защищен авторскими правами
=====================================================
Файл: index.php
-----------------------------------------------------
Назначение: Главная страница
=====================================================
*/
@session_start ();
@ob_start ();
@ob_implicit_flush ( 0 );
@error_reporting ( E_ALL ^ E_WARNING ^ E_NOTICE );
@ini_set ( 'display_errors', true );
@ini_set ( 'html_errors', false );
@ini_set ( 'error_reporting', E_ALL ^ E_WARNING ^ E_NOTICE );
define ( 'DATALIFEENGINE', true );
$member_id = FALSE;
$is_logged = FALSE;
define ( 'ROOT_DIR', dirname ( __FILE__ ) );
define ( 'ENGINE_DIR', ROOT_DIR . '/engine' );
require_once ROOT_DIR . '/engine/init.php';
if (clean_url ( $_SERVER['HTTP_HOST'] ) != clean_url ( $config['http_home_url'] )) {
$replace_url = array ();
$replace_url[0] = clean_url ( $config['http_home_url'] );
$replace_url[1] = clean_url ( $_SERVER['HTTP_HOST'] );
} else
$replace_url = false;
$tpl->load_template ( 'main.tpl' );
$tpl->set ( '{calendar}', $tpl->result['calendar'] );
$tpl->set ( '{archives}', $tpl->result['archive'] );
$tpl->set ( '{tags}', $tpl->result['tags_cloud'] );
$tpl->set ( '{vote}', $tpl->result['vote'] );
$tpl->set ( '{topnews}', $topnews );
$tpl->set ( '{login}', $tpl->result['login_panel'] );
$tpl->set ( '{info}', $tpl->result['info'] );
$tpl->set ( '{speedbar}', $tpl->result['speedbar'] );
if ($config['allow_skin_change'] == "yes") $tpl->set ( '{changeskin}', ChangeSkin ( ROOT_DIR . '/templates', $config['skin'] ) );
if (count ( $banners ) and $config['allow_banner']) {
foreach ( $banners as $name => $value ) {
$tpl->copy_template = str_replace ( "{banner_" . $name . "}", $value, $tpl->copy_template );
}
}
$tpl->set_block ( "'{banner_(.*?)}'si", "" );
if (count ( $informers ) and $config['rss_informer']) {
foreach ( $informers as $name => $value ) {
$tpl->copy_template = str_replace ( "{inform_" . $name . "}", $value, $tpl->copy_template );
}
}
if ($allow_active_news AND $config['allow_change_sort'] AND $do != "userinfo") {
$tpl->set ( '[sort]', "" );
$tpl->set ( '{sort}', news_sort ( $do ) );
$tpl->set ( '[/sort]', "" );
} else {
$tpl->set_block ( "'\\[sort\\](.*?)\\[/sort\\]'si", "" );
}
if ($dle_module == "showfull" ) {
if (is_array($cat_list) AND count($cat_list) > 1 ) $category_id = implode(",", $cat_list);
}
if (strpos ( $tpl->copy_template, "[category=" ) !== false) {
$tpl->copy_template = preg_replace ( "#\\[category=(.+?)\\](.*?)\\[/category\\]#ies", "check_category('\\1', '\\2', '{$category_id}')", $tpl->copy_template );
}
if (strpos ( $tpl->copy_template, "[not-category=" ) !== false) {
$tpl->copy_template = preg_replace ( "#\\[not-category=(.+?)\\](.*?)\\[/not-category\\]#ies", "check_category('\\1', '\\2', '{$category_id}', false)", $tpl->copy_template );
}
if (strpos ( $tpl->copy_template, "[static=" ) !== false) {
$tpl->copy_template = preg_replace ( "#\\[static=(.+?)\\](.*?)\\[/static\\]#ies", "check_static('\\1', '\\2')", $tpl->copy_template );
}
if (strpos ( $tpl->copy_template, "[not-static=" ) !== false) {
$tpl->copy_template = preg_replace ( "#\\[not-static=(.+?)\\](.*?)\\[/not-static\\]#ies", "check_static('\\1', '\\2', false)", $tpl->copy_template );
}
if (strpos ( $tpl->copy_template, "{custom" ) !== false) {
$tpl->copy_template = preg_replace ( "#\\{custom category=['\"](.+?)['\"] template=['\"](.+?)['\"] aviable=['\"](.+?)['\"] from=['\"](.+?)['\"] limit=['\"](.+?)['\"] cache=['\"](.+?)['\"]\\}#ies", "custom_print('\\1', '\\2', '\\3', '\\4', '\\5', '\\6', '{$dle_module}')", $tpl->copy_template );
}
$config['http_home_url'] = explode ( "index.php", strtolower ( $_SERVER['PHP_SELF'] ) );
$config['http_home_url'] = reset ( $config['http_home_url'] );
if (! $user_group[$member_id['user_group']]['allow_admin']) $config['admin_path'] = "";
$ajax .= <<<HTML
<div id="loading-layer" style="display:none"><div id="loading-layer-text">{$lang['ajax_info']}</div></div>{$pm_alert}
<script language="javascript" type="text/javascript">
<!--
var dle_root = '{$config['http_home_url']}';
var dle_admin = '{$config['admin_path']}';
var dle_login_hash = '{$dle_login_hash}';
var dle_group = {$member_id['user_group']};
var dle_skin = '{$config['skin']}';
var dle_wysiwyg = '{$config['allow_comments_wysiwyg']}';
var quick_wysiwyg = '{$config['allow_quick_wysiwyg']}';
var dle_act_lang = ["{$lang['p_yes']}", "{$lang['p_no']}", "{$lang['p_enter']}", "{$lang['p_cancel']}"];
var menu_short = '{$lang['menu_short']}';
var menu_full = '{$lang['menu_full']}';
var menu_profile = '{$lang['menu_profile']}';
var menu_send = '{$lang['menu_send']}';
var menu_uedit = '{$lang['menu_uedit']}';
var dle_info = '{$lang['p_info']}';
var dle_confirm = '{$lang['p_confirm']}';
var dle_prompt = '{$lang['p_prompt']}';
var dle_req_field = '{$lang['comm_req_f']}';
var dle_del_agree = '{$lang['news_delcom']}';
var dle_del_news = '{$lang['news_delnews']}';\n
HTML;
if ($user_group[$member_id['user_group']]['allow_all_edit']) {
$ajax .= <<<HTML
var dle_notice = '{$lang['btn_notice']}';
var dle_p_send = '{$lang['p_send']}';
var dle_p_send_ok = '{$lang['p_send_ok']}';
var dle_p_text = '{$lang['p_text']}';
var dle_del_msg = '{$lang['p_message']}';
var allow_dle_delete_news = true;\n
HTML;
} else {
$ajax .= <<<HTML
var allow_dle_delete_news = false;\n
HTML;
}
if ($config['fast_search'] AND $user_group[$member_id['user_group']]['allow_search']) {
$ajax .= <<<HTML
var dle_search_delay = false;
var dle_search_value = '';
$(function(){
FastSearch();
});
HTML;
}
$ajax .= <<<HTML
//-->
</script>
HTML;
if ($allow_comments_ajax AND ($config['allow_comments_wysiwyg'] == "yes" OR $config['allow_quick_wysiwyg'])) $js_array[] ="engine/editor/jscripts/tiny_mce/jquery.tinymce.js";
if (strpos ( $tpl->result['content'], "hs.expand" ) !== false or strpos ( $tpl->copy_template, "hs.expand" ) !== false) {
if ($config['thumb_dimming']) $dimming = "hs.dimmingOpacity = 0.60;"; else $dimming = "";
if ($config['thumb_gallery'] AND ($dle_module == "showfull" OR $dle_module == "static") ) {
$gallery = "
hs.align = 'center';
hs.transitions = ['expand', 'crossfade'];
hs.addSlideshow({
interval: 4000,
repeat: false,
useControls: true,
fixedControls: 'fit',
overlayOptions: {
opacity: .75,
position: 'bottom center',
hideOnMouseOut: true
}
});";
} else {
$gallery = "";
}
$js_array[] = "engine/classes/highslide/highslide.js";
switch ( $config['outlinetype'] ) {
case 1 :
$type = "hs.wrapperClassName = 'wide-border';";
break;
case 2 :
$type = "hs.wrapperClassName = 'borderless';";
break;
case 3 :
$type = "hs.wrapperClassName = 'less';\nhs.outlineType = null;";
break;
default :
$type = "hs.outlineType = 'rounded-white';";
break;
}
$ajax .= <<<HTML
<script language="javascript" type="text/javascript">
<!--
hs.graphicsDir = '{$config['http_home_url']}engine/classes/highslide/graphics/';
{$type}
hs.numberOfImagesToPreload = 0;
hs.showCredits = false;
{$dimming}
hs.lang = {
loadingText : '{$lang['loading']}',
playTitle : '{$lang['thumb_playtitle']}',
pauseTitle: '{$lang['thumb_pausetitle']}',
previousTitle : '{$lang['thumb_previoustitle']}',
nextTitle : '{$lang['thumb_nexttitle']}',
moveTitle : '{$lang['thumb_movetitle']}',
closeTitle : '{$lang['thumb_closetitle']}',
fullExpandTitle : '{$lang['thumb_expandtitle']}',
restoreTitle : '{$lang['thumb_restore']}',
focusTitle : '{$lang['thumb_focustitle']}',
loadingTitle : '{$lang['thumb_cancel']}'
};
{$gallery}
//-->
</script>
HTML;
}
$tpl->set ( '{AJAX}', $ajax );
$tpl->set ( '{headers}', $metatags."\n".build_js($js_array, $config) );
$tpl->set ( '{content}', "<div id='dle-content'>" . $tpl->result['content'] . "</div>" );
$tpl->compile ( 'main' );
$tpl->result['main'] = str_replace ( '{THEME}', $config['http_home_url'] . 'templates/' . $config['skin'], $tpl->result['main'] );
if ($replace_url) $tpl->result['main'] = str_replace ( $replace_url[0]."/", $replace_url[1]."/", $tpl->result['main'] );
$tpl->result['main'] = str_replace ( 'img src="http://'.$_SERVER['HTTP_HOST'].'/', 'img src="/', $tpl->result['main'] );
echo $tpl->result['main'];
$tpl->global_clear ();
$db->close ();
echo "\n<!-- DataLife Engine Copyright SoftNews Media Group (http://dle-news.ru) -->\r\n";
GzipOut ();
?>
Сообщение сайта
DLE - Это плохое решение...
7Azimuth
2010-10-20, 22:40
нет 
0.0412 сек.
11 запросов
GZIP включен 
Сейчас: 2023-09-30, 1:38
