X   Сообщение сайта
(Сообщение закроется через 2 секунды)

Здравствуйте, гость ( Вход | Регистрация )

4 страниц Открыть меню  « < 2 3 4  
Ответить в данную темуНачать новую тему
> DLE - Это плохое решение...
7Azimuth
сообщение 2010-10-20, 22:40
Сообщение #61
Опытный
Иконка группы

Группа: Eleanor user
Сообщений: 525
Регистрация: 2010-10-20
Из: Украина

Репутация:   нет  
Всего: нет


А я вот сейчас присматриваюсь к этому движку. Как мне кажется довольна не плохое решение для новостных сайтов.
Перейти в начало страницы
+Цитировать сообщение
peter
сообщение 2011-01-22, 21:55
Сообщение #62
Заглянувший
Иконка группы

Группа: Персона нон грата
Сообщений: 24
Регистрация: 2010-06-09
Версия системы: RC5

Репутация:   нет  
Всего: нет


Цитата (7Azimuth @ 2010-10-20, 23:40)
А я вот сейчас присматриваюсь к этому движку. Как мне кажется довольна не плохое решение для новостных сайтов.


Посмотри на код, они только сверху красят систему с помощью jquery.
Перейти в начало страницы
+Цитировать сообщение
Alexander
сообщение 2011-01-23, 3:38
Сообщение #63
Eleanor developer
Иконка группы

Группа: Администраторы
Сообщений: 5 259
Регистрация: 2008-11-11
Из: Николаев
Версия системы: RC5

Репутация:   нет  
Всего: 67


peter, приведите, пожалуйста, выдержки из этого самого кода :)
Перейти в начало страницы
+Цитировать сообщение
peter
сообщение 2011-01-23, 6:50
Сообщение #64
Заглянувший
Иконка группы

Группа: Персона нон грата
Сообщений: 24
Регистрация: 2010-06-09
Версия системы: RC5

Репутация:   нет  
Всего: нет


Цитата (Alexander @ 2011-01-23, 4:38)
peter, приведите, пожалуйста, выдержки из этого самого кода :)


Скачал с мид тиам(от нуллид вс) свежую версию(вышла неделю назад):


К примеру первый попавшийся файл:


<?php
/*
=====================================================
DataLife Engine - by SoftNews Media Group 
-----------------------------------------------------
 Autor email: nick-on@mail.ru  icq: 333396679
-----------------------------------------------------
 Copyright (c) 2004,2011
=====================================================
 Файл: editvote.php
-----------------------------------------------------
 Назначение: Список опросов, Управление опросами
=====================================================
*/

if( !defined( 'DATALIFEENGINE' ) OR !defined( 'LOGGED_IN' ) ) {
	die( "Hacking attempt!" );
}

if( ! $user_group[$member_id['user_group']]['admin_editvote'] ) {
	msg( "error", $lang['index_denied'], $lang['index_denied'] );
}

if( isset( $_REQUEST['id'] ) ) $id = intval( $_REQUEST['id'] ); else $id = "";

if( $_GET['action'] == "delete" ) {

		if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
		
		die( "Hacking attempt! User not found" );
	
	}
	
	$db->query( "DELETE FROM " . PREFIX . "_vote WHERE id='$id'" );
	$db->query( "DELETE FROM " . PREFIX . "_vote_result WHERE vote_id='$id'" );
	@unlink( ENGINE_DIR . '/cache/system/vote.php' );
	msg( "info", $lang['vote_str_2'], $lang['vote_str_2'], "?mod=editvote" );

}
if( $_GET['action'] == "clear" ) {

		if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
		
		die( "Hacking attempt! User not found" );
	
	}
	
	$db->query( "UPDATE " . PREFIX . "_vote set vote_num='0' WHERE id='$id'" );
	$db->query( "DELETE FROM " . PREFIX . "_vote_result WHERE vote_id='$id'" );
	@unlink( ENGINE_DIR . '/cache/system/vote.php' );
	msg( "info", $lang['vote_clear3'], $lang['vote_clear3'], "?mod=editvote" );

}

if( $_GET['action'] == "off" ) {
	if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
		
		die( "Hacking attempt! User not found" );
	
	}
	
	$db->query( "UPDATE " . PREFIX . "_vote set approve='0' WHERE id='$id'" );
	@unlink( ENGINE_DIR . '/cache/system/vote.php' );
}
if( $_GET['action'] == "on" ) {
	
	if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
		
		die( "Hacking attempt! User not found" );
	
	}
	
	$db->query( "UPDATE " . PREFIX . "_vote set approve='1' WHERE id='$id'" );
	@unlink( ENGINE_DIR . '/cache/system/vote.php' );
}
if( $_GET['action'] == "views" AND $_GET['id']) {

	$id = intval ($_GET['id']);

	$row = $db->super_query( "SELECT id, title, category, body, vote_num FROM " . PREFIX . "_vote WHERE id='$id'" );
		
	$title = stripslashes( $row['title'] );
	$body = stripslashes( $row['body'] );
	$body = explode( "<br />", $body );
	$max = $row['vote_num'];


	$db->query( "SELECT answer, count(*) as count FROM " . PREFIX . "_vote_result WHERE vote_id='$id' GROUP BY answer" );
	
	$pn = 0;
	$entry = "";
	$answer = array ();
	
	while ( $row = $db->get_row() ) {
		$answer[$row['answer']]['count'] = $row['count'];
	}
	
	$db->free();

	for($i = 0; $i < sizeof( $body ); $i ++) {
			
		++ $pn;
		if( $pn > 5 ) $pn = 1;
			
		$num = $answer[$i]['count'];
		if( ! $num ) $num = 0;
		if( $max != 0 ) $proc = (100 * $num) / $max;
		else $proc = 0;
		$proc = round( $proc, 2 );
			
		$entry .= "<div class=\"vote\" align=\"left\">$body[$i] - $num ($proc%)</div>
      <div class=\"vote\" align=\"left\">
        <img src=\"" . $config['http_home_url'] . "templates/" . $config['skin'] . "/dleimages/poll{$pn}.gif\" height=\"10\" width=\"".intval($proc)."%\" style=\"border:1px solid black\">
      </div>\n";
	}

	if ( !$title ) $entry = $lang['vote_notfound'];

	$entry = "<div style=\"width:500px;\">$entry</div>";

	echoheader( "", "" );

echo <<<HTML
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
    <tr>
        <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
        <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
        <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
    </tr>
    <tr>
        <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
        <td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
    <tr>
        <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['vote_result']}&nbsp;{$title}</div></td>
    </tr>
</table>
<div class="unterline"></div>
<table width="100%">
    <tr>
        <td style="padding:2px;">
		<div id="main_box" align="center"><br />{$entry}<br /><br />{$lang['vote_count']}&nbsp;{$max}<br /><br /> 
		<input id = "next_button" onclick="history.go(-1); return false;" class="buttons" style="width:150px;" ENGINE="button" value="{$lang['func_msg']}">
		</div>
		</td>
    </tr>
</table>
</td>
        <td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
    </tr>
    <tr>
        <td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
        <td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
        <td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
    </tr>
</table>
</div>
HTML;

	echofooter();

} else {

echoheader( "vote", $lang[editvote] );
// ********************************************************************************
// Список голосований
// ********************************************************************************


echo "
 <script language=\"javascript\">
 <!-- begin
    function confirmdelete(id){
	    DLEconfirm( '{$lang['vote_confirm']}', '{$lang['p_confirm']}', function () {
			document.location=\"?mod=editvote&action=delete&user_hash={$dle_login_hash}&id=\"+id;
		} );
    }
    function confirmclear(id){
	    DLEconfirm( '{$lang['vote_clear']}', '{$lang['p_confirm']}', function () {
			document.location=\"?mod=editvote&action=clear&user_hash={$dle_login_hash}&id=\"+id;
		} );
    }
 // end -->
 </script>";

/* Vote List */
$db->query( "SELECT * FROM " . PREFIX . "_vote ORDER BY id DESC" );

$entries = "";

while ( $row = $db->get_row() ) {
	
	$item_id = $row['id'];
	$item_date = date( "d.m.Y", strtotime( $row['date'] ) );
	$title = htmlspecialchars( stripslashes( $row['title'] ) );

	if ( $row['start'] ) $start_date = date( "d.m.Y H:i", $row['start'] ); else $start_date = "--";
	if ( $row['end'] ) $end_date = date( "d.m.Y H:i", $row['end'] ); else $end_date = "--";
	
	if( dle_strlen( $title, $config['charset'] ) > 74 ) {
		$title = dle_substr( $title, 0, 70, $config['charset'] ) . " ...";
	}
	
	$item_num = $row['vote_num'];
	if( empty( $row['category'] ) ) {
		$item_category = "<center>--</center>";
	} elseif( $row['category'] == "all" ) {
		$item_category = $lang['edit_all'];
	} else {
		$item_category = $cat[$row['category']];
	}
	;
	
	if( $row['approve'] ) {
		$status = "led_green.gif";
		$lang['led_title'] = $lang['led_on_title'];
		$led_action = "off";
	} else {
		$status = "led_gray.gif";
		$lang['led_title'] = $lang['led_off_title'];
		$led_action = "on";
	}
	
	$entries .= "
   <tr>
    <td height=22 class=\"list\">
    $item_date&nbsp;-&nbsp;<a title='$lang[word_ledit]' href=\"$PHP_SELF?mod=addvote&action=edit&id=$item_id\">{$title}</td>
    <td class=\"list\" align=\"center\">{$start_date}</td>
    <td class=\"list\" align=\"center\">{$end_date}</td>
    <td class=\"list\" align=\"center\"><img src=\"engine/skins/images/" . $status . "\" title=\"" . $lang['led_title'] . "\" border=\"0\"></td>
    <td class=\"list\" align=\"center\">{$row['vote_num']}</td>
    <td class=\"list\" align=\"center\">{$item_category}</td>
    <td class=\"list\" align=\"center\"><a onClick=\"return dropdownmenu(this, event, MenuBuild('" . $item_id . "', '" . $led_action . "'), '170px')\" href=\"#\"><img src=\"engine/skins/images/browser_action.gif\" border=\"0\"></a></td>
     </tr>
	<tr><td background=\"engine/skins/images/mline.gif\" height=1 colspan=7></td></tr>";
}
$db->free();

if( empty( $entries ) ) {
	$entries = "<tr><td colspan=7 align=center height=40>" . $lang['vote_nodata'] . "</td></tr>";
}

echo <<<HTML
<script language="javascript" type="text/javascript">
<!--
function MenuBuild( m_id , led_action){

var menu=new Array()
var lang_action = "";

if (led_action == 'off') { lang_action = "{$lang['vote_aus']}"; } else { lang_action = "{$lang['vote_ein']}"; }


menu[0]='<a onClick="document.location=\'?mod=editvote&action=views&id=' + m_id + '\'; return(false)" href="#">{$lang['vote_view']}</a>';
menu[1]='<a onClick="document.location=\'?mod=editvote&action=' + led_action + '&user_hash={$dle_login_hash}&id=' + m_id + '\'; return(false)" href="#">' + lang_action + '</a>';
menu[2]='<a onClick="javascript:confirmclear(' + m_id + '); return(false)" href="#">{$lang['vote_clear2']}</a>';
menu[3]='<a onClick="javascript:confirmdelete(' + m_id + '); return(false)" href="#">{$lang['cat_del']}</a>';

return menu;
}
//-->
</script>
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
    <tr>
        <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
        <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
        <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
    </tr>
    <tr>
        <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
        <td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
    <tr>
        <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['opt_votec']}</div></td>
    </tr>
</table>
<div class="unterline"></div>
<table width="100%">
  <tr>
   <td>&nbsp;&nbsp;{$lang['edit_title']}</td>
   <td width=110 align="center">{$lang['vote_startinfo']}</td>
   <td width=110 align="center">{$lang['vote_endinfo']}</td>
   <td width=50 align="center">{$lang['led_status']}</td>
   <td width=60 align="center">{$lang['vote_count']}</td>
   <td width=150 align="center">{$lang['edit_cl']}</td>
   <td width=80 align="center">{$lang[vote_action]}</td>
  </tr>
	<tr><td colspan="7"><div class="hr_line"></div></td></tr>
	{$entries}
	<tr><td colspan="7"><div class="hr_line"></div></td></tr>
  <tr><td colspan="7"><a href="?mod=addvote"><input onclick="document.location='?mod=addvote'" type="button" class="buttons" value="&nbsp;&nbsp;{$lang['poll_new']}&nbsp;&nbsp;"></a></td></tr>
</table>
</td>
        <td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
    </tr>
    <tr>
        <td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
        <td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
        <td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
    </tr>
</table>
</div>
HTML;

echofooter();

}
?>


Добавлено через 3 минут, 29 секунд:

Можно было все настройки сайта и языковую конфигурацию вынести в константы(дефайны) - нет вынесли в массив. Теперь они не смогут сменить, т.к. например массив $lang употреблен в системе думаю около 5000 раз - не считая модули.

Добавлено через 7 минут, 22 секунд:

rss.php:

<?php
/*
=====================================================
 DataLife Engine - by SoftNews Media Group 
-----------------------------------------------------
 http://dle-news.ru/
-----------------------------------------------------
 Copyright (c) 2004,2011 SoftNews Media Group
=====================================================
 Данный код защищен авторскими правами
=====================================================
 Файл: rss.php
-----------------------------------------------------
 Назначение: Управление RSS каналами
=====================================================
*/

if( !defined( 'DATALIFEENGINE' ) OR !defined( 'LOGGED_IN' ) ) {
	die( "Hacking attempt!" );
}

if( ! $user_group[$member_id['user_group']]['admin_rss'] ) {
	msg( "error", $lang['index_denied'], $lang['index_denied'] );
}

if( isset( $_REQUEST['id'] ) ) $id = intval( $_REQUEST['id'] ); else $id = "";


if( $_GET['subaction'] == "clear" ) {

	$lastdate = intval( $_GET['lastdate'] );
	if( $id and $lastdate ) $db->query( "UPDATE " . PREFIX . "_rss SET lastdate='$lastdate' WHERE id='$id'" );

}

if( $_REQUEST['action'] == "addnews" ) {

	if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
		
		die( "Hacking attempt! User not found" );
	
	}

	include_once ENGINE_DIR . '/classes/parse.class.php';
	
	$parse = new ParseFilter( Array (), Array (), 1, 1 );
	
	$allow_comm = intval( $_POST['allow_comm'] );
	$allow_main = intval( $_POST['allow_main'] );
	$allow_rating = intval( $_POST['allow_rating'] );
	$news_fixed = 0;
	$allow_br = intval( $_POST['text_type'] );
	$lastdate = intval( $_POST['lastdate'] );
	
	if( count( $_POST['content'] ) ) {
		
		foreach ( $_POST['content'] as $content ) {
			$approve = intval( $content['approve'] );
			
			if( ! count( $content['category'] ) ) {
				$content['category'] = array ();
				$content['category'][] = '0';
			}

			$category_list = array();
		
			foreach ( $content['category'] as $value ) {
				$category_list[] = intval($value);
			}
		
			$category_list = $db->safesql( implode( ',', $category_list ) );
			
			$full_story = $parse->process( $content['full'] );
			$short_story = $parse->process( $content['short'] );
			$title = $parse->process( $content['title'] );
			$_POST['title'] = $title;
			$alt_name = totranslit( stripslashes( $title ) );
			$title = $db->safesql( $parse->process( $title ) );
			
			if( ! $allow_br ) {
				$full_story = $db->safesql( $parse->BB_Parse( $full_story ) );
				$short_story = $db->safesql( $parse->BB_Parse( $short_story ) );
			} else {
				$full_story = $db->safesql( $parse->BB_Parse( $full_story, false ) );
				$short_story = $db->safesql( $parse->BB_Parse( $short_story, false ) );
			}
			
			$metatags = create_metatags( $short_story . $full_story );
			$thistime = date( "Y-m-d H:i:s", strtotime( $content['date'] ) );
			
			if( trim( $title ) == "" ) {
				msg( "error", $lang['addnews_error'], $lang['addnews_ertitle'], "javascript:history.go(-1)" );
			}
			if( trim( $short_story ) == "" ) {
				msg( "error", $lang['addnews_error'], $lang['addnews_erstory'], "javascript:history.go(-1)" );
			}
			
			$db->query( "INSERT INTO " . PREFIX . "_post (date, autor, short_story, full_story, xfields, title, descr, keywords, category, alt_name, allow_comm, approve, allow_main, allow_rate, allow_br, votes, flag) values ('$thistime', '{$member_id['name']}', '$short_story', '$full_story', '', '$title', '{$metatags['description']}', '{$metatags['keywords']}', '$category_list', '$alt_name', '$allow_comm', '$approve', '$allow_main', '$allow_rating', '$allow_br', '0', '1')" );
			$db->query( "UPDATE " . USERPREFIX . "_users set news_num=news_num+1 where user_id='{$member_id['user_id']}'" );
		
		}
		
		if( $id and $lastdate ) $db->query( "UPDATE " . PREFIX . "_rss SET lastdate='$lastdate' WHERE id='$id'" );
		
		clear_cache();
		msg( "info", $lang['addnews_ok'], $lang['rss_added'], "$PHP_SELF?mod=rss" );
	
	}
	
	msg( "error", $lang['addnews_error'], $lang['rss_notadded'], "$PHP_SELF?mod=rss" );

} elseif( $_REQUEST['action'] == "news" and $id ) {
	
	include_once ENGINE_DIR . '/classes/rss.class.php';
	include_once ENGINE_DIR . '/classes/parse.class.php';
	
	$parse = new ParseFilter( Array (), Array (), 1, 1 );
	$parse->leech_mode = true;
	
	$rss = $db->super_query( "SELECT * FROM " . PREFIX . "_rss WHERE id='$id'" );
	
	$xml = new xmlParser( stripslashes( $rss['url'] ), $rss['max_news'] );
	
	if( $xml->rss_option == "UTF-8" ) $xml->convert( "UTF-8", strtolower( $config['charset'] ) );
	elseif( $xml->rss_charset != strtolower( $config['charset'] ) ) $xml->convert( $xml->rss_charset, strtolower( $config['charset'] ) );
	
	$xml->pre_lastdate = $rss['lastdate'];
	
	$xml->pre_parse( $rss['date'] );
	
	$i = 0;
	
	foreach ( $xml->content as $content ) {
		if( $rss['text_type'] ) {
			$xml->content[$i]['title'] = $parse->decodeBBCodes( $xml->content[$i]['title'], false );
			$xml->content[$i]['description'] = $parse->decodeBBCodes( $xml->content[$i]['description'], false );
			$xml->content[$i]['date'] = date( "Y-m-d H:i:s", $xml->content[$i]['date'] );
		
		} else {
			$xml->content[$i]['title'] = $parse->decodeBBCodes( $xml->content[$i]['title'], false );
			$xml->content[$i]['description'] = $parse->decodeBBCodes( $xml->content[$i]['description'], true, "yes" );
			$xml->content[$i]['date'] = date( "Y-m-d H:i:s", $xml->content[$i]['date'] );
		}
		$i ++;
	}

	$js_array[] = "engine/skins/calendar.js";
	
	echoheader( "", "" );
	
	echo <<<HTML
<!-- calendar stylesheet -->
<link rel="stylesheet" type="text/css" media="all" href="engine/skins/calendar-blue.css" title="win2k-cold-1" />
<script language="javascript" type="text/javascript">

	function doFull( link, news_id, rss_id )
	{

		ShowLoading('');

		$.post('engine/ajax/rss.php', { link: link, news_id: news_id, rss_id: rss_id, rss_charset: "{$xml->rss_charset}" }, function(data){
	
			HideLoading('');
	
			$('#cfull'+ news_id).html(data);
	
		});

	return false;
	}

	function RemoveTable( nummer ) {
	    DLEconfirm( '{$lang['edit_cdel']}', '{$lang['p_confirm']}', function () {
			document.getElementById('ContentTable' + nummer).innerHTML = '';
		} );
	}

	function preview( id )
	{
        dd=window.open('','prv','height=400,width=750,resizable=1,scrollbars=1');
        document.addnews.target='prv';
		document.addnews.title.value = document.getElementById('title_' + id).value;
		document.addnews.short_story.value = document.getElementById('short_' + id).value;
		if (document.getElementById('full_' + id)) {
		document.addnews.full_story.value = document.getElementById('full_' + id).value;
		} else {
		document.addnews.full_story.value = "";
		}
        document.addnews.submit();
    }
</script>
<form method=post name="addnewsrss" action="?mod=rss&action=addnews">
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
    <tr>
        <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
        <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
        <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
    </tr>
    <tr>
        <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
        <td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
    <tr>
        <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$rss['url']}</div></td>
    </tr>
</table>
<div class="unterline"></div>
HTML;
	
	$i = 0;
	$categories_list = CategoryNewsSelection( $rss['category'], 0 );
	
	if( count( $xml->content ) ) {
		foreach ( $xml->content as $content ) {
			
			echo '<span id="ContentTable' . $i . '"><table width="100%"><tr><td height="20"  style="padding: 5px;" colspan="2">
    <b><a onClick="RemoveTable(' . $i . '); return false;" href="#" ><img src="engine/skins/images/delete.png"  style="vertical-align: middle;border: none;" /></a> <a class="main" href="javascript:ShowOrHide(\'cp' . $i . '\',\'cc' . $i . '\')" >' . $content['title'] . '</a></td>
    </tr>
    <tr id=\'cp' . $i . '\' style=\'display:none\'>
    <td width=200 valign="top" style="padding: 5px"><input class="edit bk" type="text" size="55" id="title_' . $i . '" name="content[' . $i . '][title]" value="' . $content['title'] . '"><br />
	<br /><input type="text" name="content[' . $i . '][date]" id="f_date_c' . $i . '" size="20"  class="edit bk" value="' . $content['date'] . '">
<img src="engine/skins/images/img.gif"  align="absmiddle" id="f_trigger_c' . $i . '" style="cursor: pointer; border: 0" title="' . $lang['edit_ecal'] . '"/>
<script type="text/javascript">
    Calendar.setup({
        inputField     :    "f_date_c' . $i . '",     // id of the input field
        ifFormat       :    "%Y-%m-%d %H:%M",      // format of the input field
        button         :    "f_trigger_c' . $i . '",  // trigger for the calendar (button ID)
        align          :    "Br",           // alignment 
		timeFormat     :    "24",
		showsTime      :    true,
        singleClick    :    true
    });
</script></td>
    <td valign="top" style="padding: 5px"><select name="content[' . $i . '][category][]" id="category" class="cat_select" multiple>
    ' . $categories_list . '</select></td>
    </tr>
    <tr id=\'cc' . $i . '\' style=\'display:none\'>
    <td colspan="2">
    <textarea class="bk" style="width:98%;height:200px;" id="short_' . $i . '" name="content[' . $i . '][short]">' . $content['description'] . '</textarea>
	<div id="cfull' . $i . '">' . htmlspecialchars( $content['link'] ) . '</div>
	<input type="checkbox" name="content[' . $i . '][approve]" value="1" checked>' . $lang['addnews_mod'] . '<br />
	<br /><input onClick="doFull(\'' . urlencode( rtrim( $content['link'] ) ) . '\', \'' . $i . '\', \'' . $rss['id'] . '\')" type="button" class="buttons" value="&nbsp;&nbsp;' . $lang['rss_dofull'] . '&nbsp;&nbsp;">&nbsp;&nbsp;<input onClick="preview(' . $i . ')" type="button" class="buttons" value="&nbsp;&nbsp;' . $lang['btn_preview'] . '&nbsp;&nbsp;">&nbsp;&nbsp;<input onClick="RemoveTable(' . $i . '); return false;" type="button" class="buttons" value="&nbsp;&nbsp;' . $lang['edit_dnews'] . '&nbsp;&nbsp;"><br /><br />
  </tr><tr><td background="engine/skins/images/mline.gif" height="1" colspan="2"></td></tr></table></span>';
			
			$i ++;
		}
		
		echo <<<HTML
    <br />&nbsp;&nbsp;<input type="submit" value=" {$lang['rss_addnews']} " class="buttons">
&nbsp;&nbsp;<a href="?mod=rss&action=news&subaction=clear&id={$id}&lastdate={$xml->lastdate}"><input onclick="document.location='?mod=rss&action=news&subaction=clear&id={$id}&lastdate={$xml->lastdate}'" type="button" value=" {$lang['rss_clear']} " class="buttons"></a>
	<input type=hidden name="allow_main" value="{$rss['allow_main']}">
	<input type=hidden name="allow_rating" value="{$rss['allow_rating']}">
	<input type=hidden name="allow_comm" value="{$rss['allow_comm']}">
	<input type=hidden name="lastdate" value="{$xml->lastdate}">
	<input type=hidden name="id" value="{$id}">
	<input type="hidden" name="user_hash" value="$dle_login_hash" />
	<input type=hidden name="text_type" value="{$rss['text_type']}">
HTML;
	
	} else {
		
		echo "<div style=\"padding:10px;\" align=\"center\">" . $lang['rss_no_rss'] . "<br /><br><a class=main href=\"?mod=rss\">{$lang['func_msg']}</a></div>";
	
	}
	
	echo <<<HTML
</td>
        <td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
    </tr>
    <tr>
        <td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
        <td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
        <td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
    </tr>
</table>
</div></form>
<form method=post name="addnews" id="addnews">
<input type=hidden name="mod" value="preview">
<input type=hidden name="title" value="">
<input type=hidden name="short_story" value="">
<input type=hidden name="full_story" value="">
<input type=hidden name="allow_br" value="{$rss['text_type']}">
</form>
HTML;
	
	echofooter();

} elseif( $_REQUEST['action'] == "doadd" or $_REQUEST['action'] == "doedit" ) {
	
	$url = $db->safesql( trim( $_REQUEST['rss_url'] ) );
	$description = $db->safesql( trim( $_REQUEST['rss_descr'] ) );
	
	$max_news = intval( $_REQUEST['rss_maxnews'] );
	$allow_main = intval( $_REQUEST['allow_main'] );
	$allow_rating = intval( $_REQUEST['allow_rating'] );
	$allow_comm = intval( $_REQUEST['allow_comm'] );
	$text_type = intval( $_REQUEST['text_type'] );
	$date = intval( $_REQUEST['rss_date'] );
	$category = intval( $_REQUEST['category'] );
	
	$search = $db->safesql( trim( $_REQUEST['rss_search'] ) );
	$cookies = $db->safesql( trim( $_REQUEST['rss_cookie'] ) );
	
	if( $url == "" ) msg( "error", $lang['addnews_error'], $lang['rss_err1'], "javascript:history.go(-1)" );
	
	if( $_REQUEST['action'] == "doadd" ) {
		$db->query( "INSERT INTO " . PREFIX . "_rss (url, description, allow_main, allow_rating, allow_comm, text_type, date, search, max_news, cookie, category) values ('$url', '$description', '$allow_main', '$allow_rating', '$allow_comm', '$text_type', '$date', '$search', '$max_news', '$cookies', '$category')" );
		msg( "info", $lang['all_info'], $lang['rss_ok1'], "$PHP_SELF?mod=rss" );
	} else {
		$db->query( "UPDATE " . PREFIX . "_rss set url='$url', description='$description', allow_main='$allow_main', allow_rating='$allow_rating', allow_comm='$allow_comm', text_type='$text_type', date='$date', search='$search', max_news='$max_news', cookie='$cookies', category='$category', lastdate='' WHERE id='{$id}'" );
		msg( "info", $lang['all_info'], $lang['rss_ok2'], "$PHP_SELF?mod=rss" );
	}

} elseif( $_REQUEST['action'] == "add" or $_REQUEST['action'] == "edit" ) {
	
	function makeDropDown($options, $name, $selected) {
		$output = "<select name=\"$name\">\r\n";
		foreach ( $options as $value => $description ) {
			$output .= "<option value=\"$value\"";
			if( $selected == $value ) {
				$output .= " selected ";
			}
			$output .= ">$description</option>\n";
		}
		$output .= "</select>";
		return $output;
	}
	
	echoheader( "", "" );
	
	if( $action == "add" ) {
		
		$rss_date = makeDropDown( array ("1" => $lang['rss_date_1'], "0" => $lang['rss_date_2'] ), "rss_date", "1" );
		$text_type = makeDropDown( array ("1" => "BBCODES", "0" => "HTML" ), "text_type", "1" );
		
		$allow_main = makeDropDown( array ("1" => $lang['opt_sys_yes'], "0" => $lang['opt_sys_no'] ), "allow_main", "1" );
		$allow_rating = makeDropDown( array ("1" => $lang['opt_sys_yes'], "0" => $lang['opt_sys_no'] ), "allow_rating", "1" );
		$allow_comm = makeDropDown( array ("1" => $lang['opt_sys_yes'], "0" => $lang['opt_sys_no'] ), "allow_comm", "1" );
		
		$rss_search_value = "<html>{get}</html>";
		$rss_maxnews_value = 5;
		
		$categories_list = CategoryNewsSelection( 0, 0 );
		$rss_info = $lang['rss_new'];
		$submit_value = $lang['rss_new'];
		$form_action = "$PHP_SELF?mod=rss&amp;action=doadd";
	
	} else {
		
		$row = $db->super_query( "SELECT * FROM " . PREFIX . "_rss WHERE id='$id'" );
		
		$rss_date = makeDropDown( array ("1" => $lang['rss_date_1'], "0" => $lang['rss_date_2'] ), "rss_date", $row['date'] );
		$text_type = makeDropDown( array ("1" => "BBCODES", "0" => "HTML" ), "text_type", $row['text_type'] );
		
		$allow_main = makeDropDown( array ("1" => $lang['opt_sys_yes'], "0" => $lang['opt_sys_no'] ), "allow_main", $row['allow_main'] );
		$allow_rating = makeDropDown( array ("1" => $lang['opt_sys_yes'], "0" => $lang['opt_sys_no'] ), "allow_rating", $row['allow_rating'] );
		$allow_comm = makeDropDown( array ("1" => $lang['opt_sys_yes'], "0" => $lang['opt_sys_no'] ), "allow_comm", $row['allow_comm'] );
		
		$rss_search_value = htmlspecialchars( stripslashes( $row['search'] ) );
		$rss_maxnews_value = $row['max_news'];
		
		$categories_list = CategoryNewsSelection( $row['category'], 0 );
		$rss_info = $row['url'];
		$submit_value = $lang['user_save'];
		$rss_url_value = htmlspecialchars( stripslashes( $row['url'] ) );
		$rss_descr_value = htmlspecialchars( stripslashes( $row['description'] ) );
		$rss_cookie_value = htmlspecialchars( stripslashes( $row['cookie'] ) );
		
		$form_action = "$PHP_SELF?mod=rss&amp;action=doedit&amp;id=" . $id;
	}
	
	echo <<<HTML
<form action="{$form_action}" method="post">
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
    <tr>
        <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
        <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
        <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
    </tr>
    <tr>
        <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
        <td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
    <tr>
        <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$rss_info}</div></td>
    </tr>
</table>
<div class="unterline"></div>
<table width="100%">
    <tr>
        <td width="240" style="padding:4px;">{$lang['rss_url']}</td>
        <td style="padding-top:2px;padding-bottom:2px;"><input class="edit bk" type="text" size="25" name="rss_url" value="{$rss_url_value}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[rss_hurl]}', this, event, '220px')">[?]</a></td>
    </tr>
	<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
    <tr>
        <td style="padding:4px;">{$lang['rss_descr']}</td>
        <td style="padding-top:2px;padding-bottom:2px;"><input class="edit bk" type="text" size="55" name="rss_descr" value="{$rss_descr_value}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[rss_hdescr]}', this, event, '220px')">[?]</a></td>
    </tr>
	<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
    <tr>
        <td style="padding:4px;">{$lang['rss_maxnews']}</td>
        <td style="padding-top:2px;padding-bottom:2px;"><input class="edit bk" type="text" size="5" name="rss_maxnews" value="{$rss_maxnews_value}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[rss_hmaxnews]}', this, event, '220px')">[?]</a></td>
    </tr>
	<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
    <tr>
        <td style="padding:4px;">{$lang['xfield_xcat']}</td>
        <td style="padding-top:2px;padding-bottom:2px;"><select name="category">
{$categories_list}
</select></td>
    </tr>
	<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
    <tr>
        <td style="padding:4px;">{$lang['rss_date']}</td>
        <td style="padding-top:2px;padding-bottom:2px;">{$rss_date}</td>
    </tr>
	<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
    <tr>
        <td style="padding:4px;">{$lang['rss_main']}</td>
        <td style="padding-top:2px;padding-bottom:2px;">{$allow_main}</td>
    </tr>
	<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
    <tr>
        <td style="padding:4px;">{$lang['rss_rating']}</td>
        <td style="padding-top:2px;padding-bottom:2px;">{$allow_rating}</td>
    </tr>
	<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
    <tr>
        <td style="padding:4px;">{$lang['rss_comm']}</td>
        <td style="padding-top:2px;padding-bottom:2px;">{$allow_comm}</td>
    </tr>
	<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
    <tr>
        <td style="padding:4px;">{$lang['rss_text_type']}</td>
        <td style="padding-top:2px;padding-bottom:2px;">{$text_type}</td>
    </tr>
	<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
    <tr>
        <td style="padding:4px;">{$lang['rss_search']}</td>
        <td style="padding-top:2px;padding-bottom:2px;"><textarea cols="50" rows="5" class="edit" name="rss_search">{$rss_search_value}</textarea><a href="#" class="hintanchor" onMouseover="showhint('{$lang[rss_hsearch]}', this, event, '300px')">[?]</a></td>
    </tr>
	<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
    <tr>
        <td style="padding:4px;">{$lang['rss_cookie']}</td>
        <td style="padding-top:2px;padding-bottom:2px;"><textarea cols="50" rows="5" class="edit" name="rss_cookie">{$rss_cookie_value}</textarea><a href="#" class="hintanchor" onMouseover="showhint('{$lang[rss_hcookie]}', this, event, '300px')">[?]</a></td>
    </tr>
	<tr><td background="engine/skins/images/mline.gif" height=1 colspan=2></td></tr>
   <tr>
        <td style="padding:4px;"><input class="bbcodes" type="submit" value=" $submit_value "></td>
        <td>&nbsp;</td>
    </tr>
</table>
</td>
        <td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
    </tr>
    <tr>
        <td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
        <td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
        <td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
    </tr>
</table>
</div>
HTML;
	
	echofooter();
} else {
	
	if( $_REQUEST['action'] == "del" and $id ) {
		
		if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
			
			die( "Hacking attempt! User not found" );
		
		}
		
		$db->query( "DELETE FROM " . PREFIX . "_rss WHERE id = '$id'" );
	}
	
	echoheader( "", "" );
	
	$db->query( "SELECT id, url, description FROM " . PREFIX . "_rss ORDER BY id DESC" );
	
	while ( $row = $db->get_row() ) {
		$row['description'] = stripslashes( $row['description'] );
		$entries .= "
    <tr>
    <td height=22 class=\"list\">&nbsp;&nbsp;<b>{$row['id']}</b></td>
    <td class=\"list\">{$row['url']}</td>
    <td class=\"list\">{$row['description']}</td>
    <td class=\"list\" align=\"center\"><a onClick=\"return dropdownmenu(this, event, MenuBuild('" . $row['id'] . "'), '150px')\" href=\"#\"><img src=\"engine/skins/images/browser_action.gif\" border=\"0\"></a></td>
     </tr>
	<tr><td background=\"engine/skins/images/mline.gif\" height=1 colspan=4></td></tr>";
	}
	$db->free();
	echo <<<HTML
<div style="padding-top:5px;padding-bottom:2px;">
<script language="javascript" type="text/javascript">
<!--
function MenuBuild( m_id ){

var menu=new Array()

menu[0]='<a href="?mod=rss&action=news&id=' + m_id + '" >{$lang['rss_news']}</a>';
menu[1]='<a href="?mod=rss&action=edit&id=' + m_id + '" >{$lang['rss_edit']}</a>';
menu[2]='<a href="?mod=rss&action=del&user_hash={$dle_login_hash}&id=' + m_id + '" >{$lang['rss_del']}</a>';

return menu;
}
//-->
</script>
<table width="100%">
    <tr>
        <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
        <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
        <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
    </tr>
    <tr>
        <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
        <td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
    <tr>
        <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['rss_list']}</div></td>
    </tr>
</table>
<div class="unterline"></div>
<table width="100%">
    <tr>
        <td style="padding:2px;">
<table width="100%">
  <tr>
   <td width=50>&nbsp;&nbsp;ID</td>
   <td>{$lang['rss_url']}</td>
   <td>{$lang['rss_descr']}</td>
   <td width=70 align="center">&nbsp;</td>
  </tr>
	<tr><td colspan="4"><div class="hr_line"></div></td></tr>
	{$entries}
	<tr><td colspan="4"><div class="hr_line"></div></td></tr>
  <tr><td colspan="4"><a href="?mod=rss&action=add"><input onclick="document.location='?mod=rss&action=add'" type="button" class="buttons" value=" {$lang['rss_new']} "></a></td></tr>
</table>
	</td>
    </tr>
</table>
</td>
        <td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
    </tr>
    <tr>
        <td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
        <td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
        <td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
    </tr>
</table>
</div>
</form>
HTML;
	
	echofooter();
}
?>

:rolleyes:
htmlspecialchars( stripslashes());


Добавлено через 8 минут, 0 секунд:

<?php

if( !defined( 'DATALIFEENGINE' ) ) {
	die( "Hacking attempt!" );
}

require_once ROOT_DIR.'/engine/classes/templates.class.php';

$tpl = new dle_template;
$tpl->allow_php_include = false;
$dle_module = "main";

 if ($_POST['preview_mode'] == "static" AND $_POST['skin_name'])
 {
	if (@is_dir(ROOT_DIR.'/templates/'.$_POST['skin_name']))
		{
			$config['skin'] = $_POST['skin_name'];
		}

 }

$tpl->dir = ROOT_DIR.'/templates/'.$config['skin'];

$tpl->load_template('preview.css');

echo <<<HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta content="text/html; charset={$config['charset']}" http-equiv=Content-Type>
<style type="text/css">
{$tpl->copy_template}
</style>
</head>
<body>
<script type="text/javascript" src="{$config['http_home_url']}engine/classes/highslide/highslide.js"></script>
<script type="text/javascript">    
    hs.graphicsDir = '{$config['http_home_url']}engine/classes/highslide/graphics/';
    hs.outlineType = 'rounded-white';
    hs.numberOfImagesToPreload = 0;
    hs.showCredits = false;
</script>
HTML;

$tpl->clear();

echo <<<HTML
<script language="javascript" type="text/javascript">
<!--
function ShowBild(sPicURL) {
	window.open('{$config['http_home_url']}engine/modules/imagepreview.php?image='+sPicURL, '', 'resizable=1,HEIGHT=200,WIDTH=200, scrollbars=yes');
};

function ShowOrHide(d1) {
	  if (d1 != '') DoDiv(d1);
};

function DoDiv(id) {
	  var item = null;
	  if (document.getElementById) {
		item = document.getElementById(id);
	  } else if (document.all){
		item = document.all[id];
	  } else if (document.layers){
		item = document.layers[id];
	  }
	  if (!item) {
	  }
	  else if (item.style) {
		if (item.style.display == "none"){ item.style.display = ""; }
		else {item.style.display = "none"; }
	  }else{ item.visibility = "show"; }
};
//-->
</script>
HTML;

include_once ENGINE_DIR.'/classes/parse.class.php';

$parse = new ParseFilter(Array(), Array(), 1, 1);
$allow_br = intval( $_POST['allow_br'] );

if ($_POST['preview_mode'] == "static" ) {

	if ($member_id['user_group'] != 1 AND $allow_br > 1 ) $allow_br = 1;

	if ($allow_br == 2) {

		if( function_exists( "get_magic_quotes_gpc" ) && get_magic_quotes_gpc() ) $_POST['template'] = stripslashes( $_POST['template'] );  

		$template = trim( addslashes( $_POST['template'] ) );

	} else {

		if ( $config['allow_static_wysiwyg'] == "yes" ) $parse->allow_code = false;

		$template = $parse->process( $_POST['template'] );
	
		if( $config['allow_static_wysiwyg'] == "yes" or $allow_br != '1' ) {
			$template = $parse->BB_Parse( $template );
		} else {
			$template = $parse->BB_Parse( $template, false );
		}

	}

	$descr = trim(htmlspecialchars(stripslashes($_POST['description'])));

	if ($_GET['page'] == "rules" ) $descr = $lang['rules_edit'];

	if ($_POST['allow_template']) {

		$dle_module = "static";

		if ($_POST['static_tpl'] == "" ) {

			if ( @is_file($tpl->dir."/preview.tpl") ) $tpl->load_template('preview.tpl');
	    	else $tpl->load_template('static.tpl');

		} else
	    	$tpl->load_template($_POST['static_tpl'].'.tpl');

	    $tpl->set('[static-preview]', "");
	    $tpl->set('[/static-preview]', "");
		$tpl->set_block("'\\[full-preview\\](.*?)\\[/full-preview\\]'si","");
		$tpl->set_block("'\\[short-preview\\](.*?)\\[/short-preview\\]'si","");

	    $tpl->set('{static}', stripslashes( $template ) );
	    $tpl->set('{description}', $descr);
	   	$tpl->set('{views}', "0");
		$tpl->set('{pages}', "");
		$tpl->set('{date}', "--");
		$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "", $tpl->copy_template );


	    $tpl->set('[print-link]',"<a href=#>");
	    $tpl->set('[/print-link]',"</a>");


		$tpl->copy_template = "<fieldset style=\"border-style:solid; border-width:1; border-color:black;\"><legend> <span style=\"font-size: 10px; font-family: Verdana\">{$lang['preview_static']}</span> </legend>".$tpl->copy_template."</fieldset>";
		$tpl->compile('template');
		$tpl->result['template'] = preg_replace( "'\[hide\](.*?)\[/hide\]'si", "\\1", $tpl->result['template']);
		$tpl->result['template'] = str_replace ( '{THEME}', $config['http_home_url'] . 'templates/' . $config['skin'], $tpl->result['template'] );

		echo $tpl->result['template'];

	} else {

		echo "<fieldset style=\"border-style:solid; border-width:1; border-color:black;\"><legend> <span style=\"font-size: 10px; font-family: Verdana\">{$lang['preview_static']}</span> </legend>".$template."</fieldset>";

	}


} else {

$title = stripslashes($parse->process($_POST['title']));

if ( $config['allow_admin_wysiwyg'] == "yes" ) $parse->allow_code = false;

$full_story = $parse->process($_POST['full_story']);
$short_story = $parse->process($_POST['short_story']);

if ($config['allow_admin_wysiwyg'] == "yes" OR $allow_br != '1'){

	$full_story = $parse->BB_Parse($full_story);
	$short_story = $parse->BB_Parse($short_story);

} else {

	$full_story = $parse->BB_Parse($full_story, false);
	$short_story = $parse->BB_Parse($short_story, false);

}

		if (!count($category)) { $my_cat = "---"; $my_cat_link = "---";} else {

		$my_cat = array (); $my_cat_link = array ();
	
			foreach ($category as $element) {
				if ($element) { $my_cat[] = $cat[$element];
								$my_cat_link[] = "<a href=\"#\">{$cat[$element]}</a>";
				}
			}
		$my_cat = stripslashes(implode (', ', $my_cat));
		$my_cat_link = stripslashes(implode (', ', $my_cat_link));
		}

	$dle_module = "main";

	if ( @is_file($tpl->dir."/preview.tpl") ) $tpl->load_template('preview.tpl');
    else $tpl->load_template('shortstory.tpl');

	if ( $parse->not_allowed_text ) $tpl->copy_template = $lang['news_err_39'];

    $tpl->set('[short-preview]', "");
    $tpl->set('[/short-preview]', "");
	$tpl->set_block("'\\[full-preview\\](.*?)\\[/full-preview\\]'si","");
	$tpl->set_block("'\\[static-preview\\](.*?)\\[/static-preview\\]'si","");

    $tpl->set('{title}', $title);
    $tpl->set('{views}', 0);
	$date = time();
	$tpl->set( '{date}', langdate( $config['timestamp_active'], $date ) );
	$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "langdate('\\1', '{$date}')", $tpl->copy_template );
    $tpl->set('[link]',"<a href=#>");
    $tpl->set('[/link]',"</a>");
    $tpl->set('{comments-num}', 0);
    $tpl->set('[full-link]', "<a href=#>");
    $tpl->set('[/full-link]', "</a>");
    $tpl->set('[day-news]', "<a href=#>");
    $tpl->set('[/day-news]', "</a>");
    $tpl->set('[com-link]', "<a href=#>");
    $tpl->set('[/com-link]', "</a>");
	$tpl->set('{rating}', "");
	$tpl->set('{approve}', "");
	$tpl->set('{author}', "--");
    $tpl->set('{category}', $my_cat);
    $tpl->set('{favorites}', '');
    $tpl->set('{link-category}', $my_cat_link);
    if($cat_icon[$category[0]] != ""){ $tpl->set('{category-icon}', $cat_icon[$category[0]]); }
    else{ $tpl->set('{category-icon}', "{THEME}/dleimages/no_icon.gif"); }
	$tpl->set_block("'\\[tags\\](.*?)\\[/tags\\]'si","");
	$tpl->set('{tags}',  "");
	$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "", $tpl->copy_template );


	if ( $_POST['news_fixed'] ) {

		$tpl->set( '[fixed]', "" );
		$tpl->set( '[/fixed]', "" );
		$tpl->set_block( "'\\[not-fixed\\](.*?)\\[/not-fixed\\]'si", "" );

	} else {

		$tpl->set( '[not-fixed]', "" );
		$tpl->set( '[/not-fixed]', "" );
		$tpl->set_block( "'\\[fixed\\](.*?)\\[/fixed\\]'si", "" );
	}

	$tpl->set('{edit-date}',  "");
	$tpl->set('{editor}',  "");
	$tpl->set('{edit-reason}',  "");
	$tpl->set_block("'\\[edit-date\\](.*?)\\[/edit-date\\]'si","");
	$tpl->set_block("'\\[edit-reason\\](.*?)\\[/edit-reason\\]'si","");

    $tpl->set('[mail]',"");
    $tpl->set('[/mail]',"");
    $tpl->set('{news-id}', "ID Unknown");
    $tpl->set('{php-self}', $PHP_SELF);

	$tpl->copy_template = preg_replace( "#\\[category=(.+?)\\](.*?)\\[/category\\]#is","\\2", $tpl->copy_template);

	$tpl->set_block("'\\[edit\\].*?\\[/edit\\]'si","");

    $xfieldsaction = "templatereplacepreview";
    $xfieldsinput = $tpl->copy_template;
    include(ENGINE_DIR.'/inc/xfields.php');
    $tpl->copy_template = $xfieldsoutput;

    $tpl->set('{short-story}', stripslashes($short_story));
    $tpl->set('{full-story}', stripslashes($full_story));


	$tpl->copy_template = "<fieldset style=\"border-style:solid; border-width:1; border-color:black;\"><legend> <span style=\"font-size: 10px; font-family: Verdana\">{$lang['preview_short']}</span> </legend>".$tpl->copy_template."</fieldset>";
	$tpl->compile('shortstory');
	
	$tpl->result['shortstory'] = preg_replace( "'\[hide\](.*?)\[/hide\]'si", "\\1", $tpl->result['shortstory']);
	$tpl->result['shortstory'] = str_replace ( '{THEME}', $config['http_home_url'] . 'templates/' . $config['skin'], $tpl->result['shortstory'] );
	
	echo $tpl->result['shortstory'];

	$dle_module = "showfull";

	if ( @is_file($tpl->dir."/preview.tpl") ) $tpl->load_template('preview.tpl');
    else $tpl->load_template('fullstory.tpl');

	if ( $parse->not_allowed_text ) $tpl->copy_template = $lang['news_err_39'];

	$tpl->copy_template = str_replace('[full-preview]', "", $tpl->copy_template);
	$tpl->copy_template = str_replace('[/full-preview]', "", $tpl->copy_template);
	$tpl->copy_template = preg_replace("'\\[short-preview\\](.*?)\\[/short-preview\\]'si","", $tpl->copy_template);
	$tpl->copy_template = preg_replace("'\\[static-preview\\](.*?)\\[/static-preview\\]'si","", $tpl->copy_template);


	if( strlen( $full_story ) < 13 AND strpos( $tpl->copy_template, "{short-story}" ) === false ) { $full_story = $short_story; }

    $tpl->set('{title}', $title);
    $tpl->set('{views}', 0);
	$tpl->set( '{date}', langdate( $config['timestamp_active'], $date ) );
	$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "langdate('\\1', '{$date}')", $tpl->copy_template );
    $tpl->set('[link]',"<a href=#>");
    $tpl->set('[/link]',"</a>");
    $tpl->set('{comments-num}', 0);
    $tpl->set('[full-link]', "<a href=#>");
    $tpl->set('[/full-link]', "</a>");
    $tpl->set('[com-link]', "<a href=#>");
    $tpl->set('[/com-link]', "</a>");
    $tpl->set('[day-news]', "<a href=#>");
    $tpl->set('[/day-news]', "</a>");
	$tpl->set('{rating}', "");
	$tpl->set('{author}', "--");
	$tpl->copy_template = preg_replace ( "#\{date=(.+?)\}#ie", "", $tpl->copy_template );
    $tpl->set('{category}', $my_cat);
    $tpl->set('{link-category}', $my_cat_link);
    $tpl->set('{related-news}', "");

    if($cat_icon[$category[0]] != ""){ $tpl->set('{category-icon}', $cat_icon[$category[0]]); }
    else{ $tpl->set('{category-icon}', "{THEME}/dleimages/no_icon.gif"); }

	if ( $_POST['news_fixed'] ) {

		$tpl->set( '[fixed]', "" );
		$tpl->set( '[/fixed]', "" );
		$tpl->set_block( "'\\[not-fixed\\](.*?)\\[/not-fixed\\]'si", "" );

	} else {

		$tpl->set( '[not-fixed]', "" );
		$tpl->set( '[/not-fixed]', "" );
		$tpl->set_block( "'\\[fixed\\](.*?)\\[/fixed\\]'si", "" );
	}

    $tpl->set('{pages}', '');
    $tpl->set('{favorites}', '');
    $tpl->set('[mail]',"");
    $tpl->set('[/mail]',"");
    $tpl->set('{poll}', '');
    $tpl->set('{news-id}', "ID Unknown");
    $tpl->set('{php-self}', $PHP_SELF);

	$tpl->copy_template = preg_replace( "#\\[category=(.+?)\\](.*?)\\[/category\\]#is","\\2", $tpl->copy_template);

	$tpl->set_block("'\\[edit\\].*?\\[/edit\\]'si","");
	$tpl->set_block("'{banner_(.*?)}'si","");
	$tpl->set('{edit-date}',  "");
	$tpl->set('{editor}',  "");
	$tpl->set('{edit-reason}',  "");
	$tpl->set_block("'\\[edit-date\\](.*?)\\[/edit-date\\]'si","");
	$tpl->set_block("'\\[edit-reason\\](.*?)\\[/edit-reason\\]'si","");
	$tpl->set_block("'\\[tags\\](.*?)\\[/tags\\]'si","");
	$tpl->set('{tags}',  "");

    $tpl->set('[print-link]',"<a href=#>");
    $tpl->set('[/print-link]',"</a>");

    $xfieldsaction = "templatereplacepreview";
    $xfieldsinput = $tpl->copy_template;
    include(ENGINE_DIR.'/inc/xfields.php');
    $tpl->copy_template = $xfieldsoutput;

    $tpl->set('{short-story}', stripslashes($short_story));
    $tpl->set('{full-story}', stripslashes($full_story));

$tpl->copy_template = "<fieldset style=\"border-style:solid; border-width:1; border-color:black;\"><legend> <span style=\"font-size: 10px; font-family: Verdana\">{$lang['preview_full']}</span> </legend>".$tpl->copy_template."</fieldset>";
$tpl->compile('fullstory');
$tpl->result['fullstory'] = preg_replace( "'\[hide\](.*?)\[/hide\]'si", "\\1", $tpl->result['fullstory']);
$tpl->result['fullstory'] = str_replace ( '{THEME}', $config['http_home_url'] . 'templates/' . $config['skin'], $tpl->result['fullstory'] );

echo $tpl->result['fullstory'];

}

?>
</body></html>


Добавлено через 11 минут, 5 секунд:

Все в куче - js ... php .. html


<?php
/*
=====================================================
 DataLife Engine - by SoftNews Media Group 
-----------------------------------------------------
 http://dle-news.ru/
-----------------------------------------------------
 Copyright (c) 2004,2011 SoftNews Media Group
=====================================================
 Данный код защищен авторскими правами
=====================================================
 Файл: userfields.php
-----------------------------------------------------
 Назначение: дополнительные поля профиля
=====================================================
*/
if(!defined('DATALIFEENGINE'))
{
  die("Hacking attempt!");
}

if (!isset($xfieldsaction)) $xfieldsaction = $_REQUEST['xfieldsaction'];
if (isset ( $_REQUEST['xfieldssubactionadd'] )) $xfieldssubactionadd = $_REQUEST['xfieldssubactionadd'];
if (isset ( $_REQUEST['xfieldssubaction'] )) $xfieldssubaction = $_REQUEST['xfieldssubaction'];
if (isset ( $_REQUEST['xfieldsindex'] )) $xfieldsindex = intval($_REQUEST['xfieldsindex']);
if (isset ( $_REQUEST['editedxfield'] )) $editedxfield = $_REQUEST['editedxfield'];

if (isset ($xfieldssubactionadd))
if ($xfieldssubactionadd == "add") {
  $xfieldssubaction = $xfieldssubactionadd;
}

if (!isset($xf_inited)) $xf_inited = "";

if ($xf_inited !== true) { // Prevent "Cannot redeclare" error

function profilesave($data) {
	global $lang, $dle_login_hash;

	if ($_REQUEST['user_hash'] == "" OR $_REQUEST['user_hash'] != $dle_login_hash) {

		  die("Hacking attempt! User not found");

	}

    $data = array_values($data);
    foreach ($data as $index => $value) {
      $value = array_values($value);
      foreach ($value as $index2 => $value2) {
        $value2 = stripslashes($value2);
        $value2 = str_replace("|", "&#124;", $value2);
        $value2 = str_replace("\r\n", "__NEWL__", $value2);
        $filecontents .= $value2 . ($index2 < count($value) - 1 ? "|" : "");
      }
      $filecontents .= ($index < count($data) - 1 ? "\r\n" : "");
    }
  
    $filehandle = fopen(ENGINE_DIR.'/data/xprofile.txt', "w+");
    if (!$filehandle)
    msg("error", $lang['xfield_error'], "$lang[xfield_err_1] \"".ENGINE_DIR."/data/xprofile.txt\", $lang[xfield_err_1]");
    fwrite($filehandle, $filecontents);
    fclose($filehandle);
    header("Location: http://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] .
        "?mod=userfields&xfieldsaction=configure");
    exit;
  }

function profileload() {
  global $lang;
  $path = ENGINE_DIR.'/data/xprofile.txt';
  $filecontents = file($path);

    if (!is_array($filecontents))
    msg("error", $lang['xfield_error'], "$lang[xfield_err_3] \"engine/data/xprofile.txt\". $lang[xfield_err_4]");
  
    foreach ($filecontents as $name => $value) {
      $filecontents[$name] = explode("|", trim($value));
      foreach ($filecontents[$name] as $name2 => $value2) {
        $value2 = str_replace("&#124;", "|", $value2); 
        $value2 = str_replace("__NEWL__", "\r\n", $value2);
        $filecontents[$name][$name2] = $value2;
      }
    }
    return $filecontents;
  }

function array_move(&$array, $index1, $dist) {
    $index2 = $index1 + $dist;
    if ($index1 < 0 or
        $index1 > count($array) - 1 or
        $index2 < 0 or
        $index2 > count($array) - 1) {
      return false;
    }
    $value1 = $array[$index1];
  
    $array[$index1] = $array[$index2];
    $array[$index2] = $value1;
  
    return true;
  }

  $xf_inited = true;
}

$xfields = profileload();

switch ($xfieldsaction) {
  case "configure":

	if( ! $user_group[$member_id['user_group']]['admin_userfields'] ) {
		msg( "error", $lang['index_denied'], $lang['index_denied'] );
	}

    switch ($xfieldssubaction) {
      case "delete":
        if (!isset($xfieldsindex)) {
          msg("error", $lang['xfield_error'], $lang['xfield_err_5'],"javascript:history.go(-1)");
        }
        msg("options", "info", "$lang[xfield_err_6]<br /><br /><a href=\"$PHP_SELF?mod=userfields&amp;xfieldsaction=configure&amp;xfieldsindex=$xfieldsindex&amp;xfieldssubaction=delete2&user_hash={$dle_login_hash}\">[$lang[opt_sys_yes]]</a>&nbsp;&nbsp;<a href=\"$PHP_SELF?mod=userfields&amp;xfieldsaction=configure\">[$lang[opt_sys_no]]</a>");
        break;
      case "delete2":
        if (!isset($xfieldsindex)) {
          msg("error", $lang['xfield_error'], $lang['xfield_err_5'],"javascript:history.go(-1)");
        }
        unset($xfields[$xfieldsindex]);
        @profilesave($xfields);
        break;
      case "moveup":
        if (!isset($xfieldsindex)) {
          msg("error", $lang['xfield_error'], $lang['xfield_err_7'],"javascript:history.go(-1)");
        }
        array_move($xfields, $xfieldsindex, -1);
        @profilesave($xfields);
        break;
      case "movedown":
        if (!isset($xfieldsindex)) {
          msg("error", $lang['xfield_error'], $lang['xfield_err_7'],"javascript:history.go(-1)");
        }
        array_move($xfields, $xfieldsindex, +1);
        @profilesave($xfields);
        break;
      case "add":
        $xfieldsindex = count($xfields);
        // Fall trough to edit
      case "edit":

        if (!isset($xfieldsindex)) {
          msg("error", $lang['xfield_error'], $lang['xfield_err_8'],"javascript:history.go(-1)");
        }
  
        if (!$editedxfield) {
          $editedxfield = $xfields[$xfieldsindex];
        } elseif (strlen(trim($editedxfield[0])) > 0 and
            strlen(trim($editedxfield[1])) > 0) {
          foreach ($xfields as $name => $value) {
            if ($name != $xfieldsindex and
                $value[0] == $editedxfield[0]) {
              msg("error", $lang['xfield_error'], $lang['xfield_err_9'],"javascript:history.go(-1)");
            }
          }
          $editedxfield[0] = totranslit(trim($editedxfield[0]));
          $editedxfield[1] = htmlspecialchars(trim($editedxfield[1]));
          $editedxfield[2] = intval($editedxfield[2]);
          $editedxfield[4] = intval($editedxfield[4]);
          $editedxfield[5] = intval($editedxfield[5]);

          if ($editedxfield[3] == "select") {
            $options = array();
            foreach (explode("\r\n", $editedxfield["6_select"]) as $name => $value) {
              $value = trim($value);
              if (!in_array($value, $options)) {
                $options[] = $value;
              }
            }
            if (count($options) < 2) {
            msg("error", $lang['xfield_error'], $lang['xfield_err_10'],"javascript:history.go(-1)");
            }
            $editedxfield[6] = implode("\r\n", $options);
          } else { $editedxfield[6] = ""; }

          unset($editedxfield['6_select']);

          ksort($editedxfield);
          
          $xfields[$xfieldsindex] = $editedxfield;
          ksort($xfields);

          @profilesave($xfields);
          break;
        } else {
          msg("error", $lang['xfield_error'], $lang['xfield_err_11'],"javascript:history.go(-1)");
        }
        echoheader("options", (($xfieldssubaction == "add") ? $lang['xfield_addh'] : $lang['xfield_edith']) . " " . $lang['xfield_fih']);
        $checked = ($editedxfield[5] ? " checked" : "");

?>
    <form action="<? echo $_SERVER['PHP_SELF']; ?>" method="post" name="xfieldsform">
      <script language="javascript">
      function ShowOrHideEx(id, show) {
        var item = null;
        if (document.getElementById) {
          item = document.getElementById(id);
        } else if (document.all) {
          item = document.all[id];
        } else if (document.layers){
          item = document.layers[id];
        }
        if (item && item.style) {
          item.style.display = show ? "" : "none";
        }
      }
      function onTypeChange(value) {
        ShowOrHideEx("select_options", value == "select");
      }
      </script>
      <input type="hidden" name="mod" value="userfields">
      <input type="hidden" name="user_hash" value="<? echo $dle_login_hash; ?>">
      <input type="hidden" name="xfieldsaction" value="configure">
      <input type="hidden" name="xfieldssubaction" value="edit">
      <input type="hidden" name="xfieldsindex" value="<?php echo $xfieldsindex; ?>">

<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
    <tr>
        <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
        <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
        <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
    </tr>
    <tr>
        <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
        <td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
    <tr>
        <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation"><?php echo $lang['xfield_title']; ?></div></td>
    </tr>
</table>
<div class="unterline"></div>
<table width="100%">
    <tr>
        <td width="260" style="padding:4px;"><?php echo $lang['xfield_xname']; ?></td>
        <td><input class=edit style="width: 200px;" type="text" name="editedxfield[0]" value="<? echo $editedxfield[0];?>" />&nbsp;&nbsp;&nbsp;(<?php echo $lang['xf_lat']; ?>)</td>
    </tr>
    <tr>
        <td style="padding:4px;"><?php echo $lang['xfield_xdescr']; ?></td>
        <td><input  class=edit style="width: 200px;" type="text" name="editedxfield[1]" value="<? echo $editedxfield[1];?>" /></td>
    </tr>
    <tr>
        <td style="padding:4px;"><?php echo $lang['xfield_xtype']; ?></td>
        <td><select name="editedxfield[3]" id="type" onchange="onTypeChange(this.value)" />
          <option value="text"<?=($editedxfield[3] != "text") ? " selected" : ""?>><?php echo $lang['xfield_xstr']; ?></option>
          <option value="textarea"<?=($editedxfield[3] == "textarea") ? " selected" : ""?>><?php echo $lang['xfield_xarea']; ?></option>
          <option value="select"<?=($editedxfield[3] == "select") ? " selected" : ""?>><?php echo $lang['xfield_xsel']; ?></option>
        </select></td>
    </tr>
	<tr id="select_options">
        <td style="padding:4px;"><?php echo $lang['xfield_xfaul']; ?></td>
        <td><textarea style="width: 320px; height: 100px;" name="editedxfield[6_select]"><?=($editedxfield[3] == "select") ? $editedxfield[6] : ""?></textarea><br>на одной строке одно значение</td>
    </tr>
    <tr>
        <td style="padding:4px;"><?php echo $lang['xp_reg']; ?></td>
        <td><input type="radio" name="editedxfield[2]" <?=($editedxfield[2]) ? "checked" : ""?> value="1"> <?php echo $lang['opt_sys_yes']; ?> <input type="radio" name="editedxfield[2]" <?=(!$editedxfield[2]) ? "checked" : ""?> value="0"> <?php echo $lang['opt_sys_no']; ?> <a href="#" class="hintanchor" onMouseover="showhint('<?php echo $lang['xp_reg_hint']; ?>', this, event, '220px')">[?]</a>
		</td>
    </tr>
    <tr>
        <td style="padding:4px;"><?php echo $lang['xp_edit']; ?></td>
        <td><input type="radio" name="editedxfield[4]" <?=($editedxfield[4]) ? "checked" : ""?> value="1"> <?php echo $lang['opt_sys_yes']; ?> <input type="radio" name="editedxfield[4]" <?=(!$editedxfield[4]) ? "checked" : ""?> value="0"> <?php echo $lang['opt_sys_no']; ?> <a href="#" class="hintanchor" onMouseover="showhint('<?php echo $lang['xp_edit_hint']; ?>', this, event, '220px')">[?]</a>
		</td>
    </tr>
    <tr>
        <td style="padding:4px;"><?php echo $lang['xp_privat']; ?></td>
        <td><input type="radio" name="editedxfield[5]" <?=($editedxfield[5]) ? "checked" : ""?> value="1"> <?php echo $lang['opt_sys_yes']; ?> <input type="radio" name="editedxfield[5]" <?=(!$editedxfield[5]) ? "checked" : ""?> value="0"> <?php echo $lang['opt_sys_no']; ?> <a href="#" class="hintanchor" onMouseover="showhint('<?php echo $lang['xp_privat_hint']; ?>', this, event, '220px')">[?]</a>
		</td>
    </tr>
    <tr>
        <td colspan=2><div class="hr_line"></div></td>
    </tr>
    <tr>
        <td colspan=2 style="padding:4px;"><input type="submit" class="buttons" value=" <?php echo $lang['user_save']; ?> "></td>
    </tr>
</table>
</td>
        <td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
    </tr>
    <tr>
        <td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
        <td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
        <td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
    </tr>
</table>
</div>
    </form>
    <script type="text/javascript">
    <!--
      var item_type = null;
      if (document.getElementById) {
        item_type = document.getElementById("type");
      } else if (document.all) {
        item_type = document.all["type"];
      } else if (document.layers) {
        item_type = document.layers["type"];
      }
      if (item_type) {
        onTypeChange(item_type.value);
      }
    // -->
    </script>
<?php
        echofooter();
        break;

      default:
        echoheader("options", "Дополнительные поля");
?>
<form action="<? echo $_SERVER["PHP_SELF"]; ?>" method="get" name="xfieldsform">
<input type="hidden" name="mod" value="userfields">
<input type="hidden" name="user_hash" value="<? echo $dle_login_hash; ?>">
<input type="hidden" name="xfieldsaction" value="configure">
<input type="hidden" name="xfieldssubactionadd" value="">
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
    <tr>
        <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
        <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
        <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
    </tr>
    <tr>
        <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
        <td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
    <tr>
        <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation"><?php echo $lang['xp_xlist']; ?></div></td>
    </tr>
</table>
<div class="unterline"></div>
<table width="100%">
  <tr>
    <td style="padding:5px;">
      <B><?php echo $lang['xfield_xname']; ?></B>
    </td>
    <td>
      <B><?php echo $lang['xp_descr']; ?></B>
    </td>
    <td>
      <B><?php echo $lang['xfield_xtype']; ?></B>
    </td>
    <td>
      <B><?php echo $lang['xp_regh']; ?></B>
    </td>
    <td>
      <B><?php echo $lang['xp_edith']; ?></B>
    </td>
    <td>
      <B><?php echo $lang['xp_privath']; ?></B>
    </td>
    <td width=10>&nbsp;
    </td>
  </tr>
    <tr>
        <td colspan=7><div class="hr_line"></div></td>
    </tr>
<?php
        if (count($xfields) == 0) {
          echo "<tr><td colspan=\"7\" align=\"center\"><br /><br />$lang[xfield_xnof]</td></tr>";
        } else {
          foreach ($xfields as $name => $value) {
?>
        <tr>
          <td style="padding:2px;">
            <? echo $value[0]; ?>
          </td>
          <td style="padding:2px;">
            <? echo $value[1]; ?>
          </td>
          <td>
            <?=(($value[3] == "text") ? $lang['xfield_xstr'] : "")?>
            <?=(($value[3] == "textarea") ? $lang['xfield_xarea'] : "")?>
            <?=(($value[3] == "select") ? $lang['xfield_xsel'] : "")?>
          </td>
          <td>
            <?=($value[2] != 0 ? $lang['opt_sys_yes'] : $lang['opt_sys_no'])?>
          </td>
          <td>
            <?=($value[4] != 0 ? $lang['opt_sys_yes'] : $lang['opt_sys_no'])?>
          </td>
          <td>
            <?=($value[5] != 0 ? $lang['opt_sys_yes'] : $lang['opt_sys_no'])?>
          </td>
          <td>
            <input type="radio" name="xfieldsindex" value="<?php echo $name; ?>">
          </td>
        </tr><tr><td background="engine/skins/images/mline.gif" height=1 colspan=7></td></tr>
<?php
          }
        }
?>
    <tr>
        <td colspan=7><div class="hr_line"></div></td>
    </tr>
      <tr>
		<td ><a class=main onClick="javascript:Help('xprofile')" href="#"><?php echo $lang['xfield_xhelp']; ?></a></td>
        <td colspan="4" class="main" style="text-align: right; padding-top: 10px;">
          <?php if (count($xfields) > 0) { ?>
          <?php echo $lang['xfield_xact']; ?>: 
          <select name="xfieldssubaction">
            <option value="edit"><?php echo $lang['xfield_xedit']; ?></option>
            <option value="delete"><?php echo $lang['xfield_xdel']; ?></option>
            <option value="moveup"><?php echo $lang['xfield_xo']; ?></option>
            <option value="movedown"><?php echo $lang['xfield_xu']; ?></option>
          </select>
          <input type="submit" class="buttons" value=" <?php echo $lang['b_start']; ?> " onclick="document.forms['xfieldsform'].xfieldssubactionadd.value = '';">
          <?php } ?>
          <input type="submit" class="buttons" value=" <?php echo $lang['b_create']; ?> " onclick="document.forms['xfieldsform'].xfieldssubactionadd.value = 'add';">
        </td>
      </tr>
</table>
</td>
        <td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
    </tr>
    <tr>
        <td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
        <td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
        <td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
    </tr>
</table>
</div>
  </form>

<?php
      echofooter();
    }
    break;
case "list":
    $output = "";
    if (!isset($xfieldsid)) $xfieldsid = "";
    $xfieldsdata = xfieldsdataload ($xfieldsid);

    foreach ($xfields as $name => $value) {
      $fieldname = $value[0];

      if (!$xfieldsadd) {
        $fieldvalue = $xfieldsdata[$value[0]];
        $fieldvalue = $parse->decodeBBCodes($fieldvalue, false);
		if ((!$xfieldsadd) AND !intval($value[4]) AND ($is_logged AND $member_id['user_group'] != 1)) continue;
      }

if (intval($value[2]) OR (!$xfieldsadd)) {
     if ($value[3] == "textarea") {      
      $output .= <<<HTML
<tr>
<td>$value[1]:</td>
<td class="xprofile" colspan="2"><textarea name="xfield[$fieldname]" id="xf_$fieldname">$fieldvalue</textarea></td></tr>
HTML;
      } elseif ($value[3] == "text") {
        $output .= <<<HTML
<tr>
<td>$value[1]:</td>
<td class="xprofile" colspan="2"><input type="text" name="xfield[$fieldname]" id="xfield[$fieldname]" value="$fieldvalue" /></td>
</tr>
HTML;
      } elseif ($value[3] == "select") {

        $output .= <<<HTML

<tr id="$holderid">
<td>$value[1]:</td>
<td class="xprofile" colspan="2"><select name="xfield[$fieldname]" id="xf_$fieldname">
HTML;
        foreach (explode("\r\n", $value[6]) as $index => $value) {

		  $value = str_replace("'", "&#039;", $value);
          $output .= "<option value=\"$index\"" . ($fieldvalue == $value ? " selected" : "") . ">$value</option>\r\n";
        }

$output .= <<<HTML
</select></td>
</tr>
HTML;
      }
}

    }
    break;
case "admin":
    $output = "";
    if (!isset($xfieldsid)) $xfieldsid = "";
    $xfieldsdata = xfieldsdataload ($xfieldsid);
    foreach ($xfields as $name => $value) {
        $fieldname = $value[0];

        $fieldvalue = $xfieldsdata[$value[0]];
        $fieldvalue = $parse->decodeBBCodes($fieldvalue, false);


     if ($value[3] == "textarea") {      
      $output .= <<<HTML
<tr>
<td>$value[1]:</td>
<td class="xprofile" colspan="2"><textarea name="xfield[$fieldname]" id="xf_$fieldname">$fieldvalue</textarea></td></tr>
HTML;
      } elseif ($value[3] == "text") {
        $output .= <<<HTML
<tr>
<td>$value[1]:</td>
<td class="xprofile" colspan="2"><input type="text" name="xfield[$fieldname]" id="xfield[$fieldname]" value="$fieldvalue" /></td>
</tr>
HTML;
      } elseif ($value[3] == "select") {

        $output .= <<<HTML

<tr id="$holderid">
<td>$value[1]:</td>
<td class="xprofile" colspan="2"><select name="xfield[$fieldname]" id="xf_$fieldname">
HTML;
        foreach (explode("\r\n", $value[6]) as $index => $value) {

		  $value = str_replace("'", "&#039;", $value);
          $output .= "<option value=\"$index\"" . ($fieldvalue == $value ? " selected" : "") . ">$value</option>\r\n";
        }

$output .= <<<HTML
</select></td>
</tr>
HTML;
      }

    }
    break;
  case "init":
    $postedxfields = $_POST['xfield'];
    $newpostedxfields = array();
    if (!isset($xfieldsid)) $xfieldsid = "";
    $xfieldsdata = xfieldsdataload ($xfieldsid);

    foreach ($xfields as $name => $value) {
		if ((!$value[2] AND $xfieldsadd)) {
			continue;
		}

		if (intval($value[4]) OR $member_id['user_group'] == 1 OR ($value[2] AND $xfieldsadd))
	      $newpostedxfields[$value[0]] = substr($postedxfields[$value[0]], 0, 10000);
		else
	      $newpostedxfields[$value[0]] = $xfieldsdata[$value[0]];

	    if ($value[3] == "select") {
	        $options = explode("\r\n", $value[6]);

			if (intval($value[4]) OR $member_id['user_group'] == 1 OR ($value[2] AND $xfieldsadd))
		        $newpostedxfields[$value[0]] = $options[$postedxfields[$value[0]]];
			else
				$newpostedxfields[$value[0]] = $xfieldsdata[$value[0]];
	    }

	}

    $postedxfields = $newpostedxfields;
    break;
  case "init_admin":
    $postedxfields = $_POST["xfield"];
    $newpostedxfields = array();

    foreach ($xfields as $name => $value) {
		$newpostedxfields[$value[0]] = substr($postedxfields[$value[0]], 0, 10000);

	    if ($value[3] == "select") {
	        $options = explode("\r\n", $value[6]);
	        $newpostedxfields[$value[0]] = $options[$postedxfields[$value[0]]];
	    }
	}

    $postedxfields = $newpostedxfields;
    break;
  default:
  if (function_exists('msg'))
    msg("error", $lang['xfield_error'], $lang['xfield_xerr2']);
}
?>


Добавлено через 13 минут, 16 секунд:

Здесь немного получше кажется - мельком увидел пути, которые нельзя задать - uploads/posts

<?php
/*
=====================================================
 DataLife Engine - by SoftNews Media Group 
-----------------------------------------------------
 http://dle-news.ru/
-----------------------------------------------------
 Copyright (c) 2004,2011 SoftNews Media Group
=====================================================
 Данный код защищен авторскими правами
=====================================================
 Файл: static.php
-----------------------------------------------------
 Назначение: редактирование статистических страниц
=====================================================
*/
if( !defined( 'DATALIFEENGINE' ) OR !defined( 'LOGGED_IN' ) ) {
	die( "Hacking attempt!" );
}

if( ! $user_group[$member_id['user_group']]['admin_static'] ) {
	msg( "error", $lang['index_denied'], $lang['index_denied'] );
}

include_once ENGINE_DIR . '/classes/parse.class.php';

$parse = new ParseFilter( Array (), Array (), 1, 1 );
$parse->allow_php = true;

function SelectSkin($skin) {
	global $lang;
	
	$templates_list = array ();
	
	$handle = opendir( './templates' );
	
	while ( false !== ($file = readdir( $handle )) ) {
		if( is_dir( "./templates/$file" ) and ($file != "." and $file != "..") ) {
			$templates_list[] = $file;
		}
	}
	closedir( $handle );
	
	$skin_list = "<select name=skin_name>";
	$skin_list .= "<option value=\"\">" . $lang['cat_skin_sel'] . "</option>";
	
	foreach ( $templates_list as $single_template ) {
		if( $single_template == $skin ) $selected = " selected";
		else $selected = "";
		$skin_list .= "<option value=\"$single_template\"" . $selected . ">$single_template</option>";
	}
	$skin_list .= '</select>';
	
	return $skin_list;
}

if( !$action ) $action = "list";

if( $action == "list" ) {
	$_SESSION['admin_referrer'] = $_SERVER['REQUEST_URI'];

	$js_array[] = "engine/skins/calendar.js";

	echoheader( "static", "static" );
	
	$search_field = $db->safesql( trim( htmlspecialchars( stripslashes( @urldecode( $_GET['search_field'] ) ), ENT_QUOTES ) ) );
	if ($_GET['fromnewsdate']) $fromnewsdate = strtotime( $_GET['fromnewsdate'] ); else $fromnewsdate = "";
	if ($_GET['tonewsdate']) $tonewsdate = strtotime( $_GET['tonewsdate'] ); else $tonewsdate = "";


	if ($fromnewsdate === -1 OR !$fromnewsdate) $fromnewsdate = "";
	if ($tonewsdate === -1 OR !$tonewsdate)   $tonewsdate = "";
	
	$start_from = intval( $_GET['start_from'] );
	$news_per_page = intval( $_GET['news_per_page'] );
	$gopage = intval( $_REQUEST['gopage'] );

	if( ! $news_per_page or $news_per_page < 1 ) {
		$news_per_page = 50;
	}
	if( $gopage ) $start_from = ($gopage - 1) * $news_per_page;
	
	if( $start_from < 0 ) $start_from = 0;

	$where = array ();
	$where[] = "name != 'dle-rules-page'";
	
	if( $search_field != "" ) {
		
		$where[] = "(template like '%$search_field%' OR descr like '%$search_field%')";
	
	}
	
	if( $fromnewsdate != "" ) {
		
		$where[] = "date >= '$fromnewsdate'";
	
	}
	
	if( $tonewsdate != "" ) {
		
		$where[] = "date <= '$tonewsdate'";
	
	}
	
	if( count( $where ) ) {
		
		$where = implode( " AND ", $where );
		$where = " WHERE " . $where;
	
	} else {
		$where = "";
	}
	
	$order_by = array ();
	
	if( $_REQUEST['search_order_t'] == "asc" or $_REQUEST['search_order_t'] == "desc" ) $search_order_t = $_REQUEST['search_order_t'];
	else $search_order_t = "";
	if( $_REQUEST['search_order_d'] == "asc" or $_REQUEST['search_order_d'] == "desc" ) $search_order_d = $_REQUEST['search_order_d'];
	else $search_order_d = "";
	
	if( ! empty( $search_order_t ) ) {
		$order_by[] = "name $search_order_t";
	}
	if( ! empty( $search_order_d ) ) {
		$order_by[] = "date $search_order_d";
	}
	
	$order_by = implode( ", ", $order_by );
	if( ! $order_by ) $order_by = "date desc";
	
	$search_order_date = array ('----' => '', 'asc' => '', 'desc' => '' );
	if( isset( $_REQUEST['search_order_d'] ) ) {
		$search_order_date[$search_order_d] = 'selected';
	} else {
		$search_order_date['desc'] = 'selected';
	}
	$search_order_title = array ('----' => '', 'asc' => '', 'desc' => '' );
	if( ! empty( $search_order_t ) ) {
		$search_order_title[$search_order_t] = 'selected';
	} else {
		$search_order_title['----'] = 'selected';
	}

	$db->query( "SELECT id, name, descr, template, views, date FROM " . PREFIX . "_static" . $where . " ORDER BY " . $order_by . " LIMIT $start_from,$news_per_page" );
	
	// Prelist Entries
	$flag = 1;
	if( $start_from == "0" ) {
		$start_from = "";
	}
	$i = $start_from;
	$entries_showed = 0;
	
	$entries = "";
	
	while ( $row = $db->get_array() ) {

		$i ++;
		
		$itemdate = @date( "d.m.Y H:i", $row['date'] );
		
		$title = htmlspecialchars( stripslashes( $row['name'] ), ENT_QUOTES );
		$descr = stripslashes($row['descr']);
		if( $config['allow_alt_url'] == "yes" ) $vlink = $config['http_home_url'] . $row['name'] . ".html";
		else $vlink = $config['http_home_url'] . "index.php?do=static&page=" . $row['name'];

		$entries .= "<tr>

        <td class=\"list\" style=\"padding:4px;\" nowrap>
        $itemdate - <a title=\"{$lang[static_view]}\" class=\"list\" href=\"{$vlink}\" target=\"_blank\">$title</a></td>
        <td align=left><a title=\"{$lang[edit_static_act]}\" class=\"list\" href=\"$PHP_SELF?mod=static&action=doedit&id={$row['id']}\">$descr</a></td>
        <td align=center>{$row['views']}</td>
        <td align=center><input name=\"selected_news[]\" value=\"{$row['id']}\" type='checkbox' /></td>
        </tr>
        <tr><td background=\"engine/skins/images/mline.gif\" height=1 colspan=4></td></tr>";

		$entries_showed ++;
		
		if( $i >= $news_per_page + $start_from ) {
			break;
		}
	}
	
	// End prelisting
	$result_count = $db->super_query( "SELECT COUNT(*) as count FROM " . PREFIX . "_static" . $where );
	
	$all_count_news = $result_count['count'];
	if ( $fromnewsdate ) $fromnewsdate = date("Y-m-d", $fromnewsdate );
	if ( $tonewsdate ) $tonewsdate = date("Y-m-d", $tonewsdate );

	
	///////////////////////////////////////////
	// Options Bar
	echo <<<HTML
<!-- calendar stylesheet -->
<link rel="stylesheet" type="text/css" media="all" href="engine/skins/calendar-blue.css" title="win2k-cold-1" />
<script language="javascript">
    function search_submit(prm){
      document.optionsbar.start_from.value=prm;
      document.optionsbar.submit();
      return false;
    }
    function gopage_submit(prm){
      document.optionsbar.start_from.value= (prm - 1) * {$news_per_page};
      document.optionsbar.submit();
      return false;
    }
    </script>
<form action="?mod=static&amp;action=list" method="GET" name="optionsbar" id="optionsbar">
<input type="hidden" name="mod" value="static">
<input type="hidden" name="action" value="list">
<div style="padding-top:5px;padding-bottom:2px;display:none" name="advancedsearch" id="advancedsearch">
<table width="100%">
    <tr>
        <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
        <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
        <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
    </tr>
    <tr>
        <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
        <td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
    <tr>
        <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['edit_stat']}&nbsp;<b>{$entries_showed}</b>&nbsp;&nbsp;&nbsp;{$lang['edit_stat_1']}&nbsp;<b>{$all_count_news}</b></div></td>
    </tr>
</table>
<div class="unterline"></div>
<table width="100%">
     <tr>
		<td style="padding:5px;">{$lang['edit_search_static']}</td>
		<td style="padding-left:5px;"><input class="edit bk" name="search_field" value="{$search_field}" type="text" size="35"></td>
		<td style="padding-left:5px;">{$lang['search_by_date']}</td>
		<td style="padding-left:5px;">{$lang['edit_fdate']} <input type="text" name="fromnewsdate" id="fromnewsdate" size="11" maxlength="16" class="edit bk" value="{$fromnewsdate}">
<img src="engine/skins/images/img.gif"  align="absmiddle" id="f_trigger_dnews" style="cursor: pointer; border: 0" title="{$lang['edit_ecal']}"/>
<script type="text/javascript">
    Calendar.setup({
      inputField     :    "fromnewsdate",     // id of the input field
      ifFormat       :    "%Y-%m-%d",      // format of the input field
      button         :    "f_trigger_dnews",  // trigger for the calendar (button ID)
      align          :    "Br",           // alignment 
		  timeFormat     :    "24",
		  showsTime      :    false,
      singleClick    :    true
    });
</script> {$lang['edit_tdate']} <input type="text" name="tonewsdate" id="tonewsdate" size="11" maxlength="16" class="edit bk" value="{$tonewsdate}">
<img src="engine/skins/images/img.gif"  align="absmiddle" id="f_trigger_tnews" style="cursor: pointer; border: 0" title="{$lang['edit_ecal']}"/>
<script type="text/javascript">
    Calendar.setup({
      inputField     :    "tonewsdate",     // id of the input field
      ifFormat       :    "%Y-%m-%d",      // format of the input field
      button         :    "f_trigger_tnews",  // trigger for the calendar (button ID)
      align          :    "Br",           // alignment 
		  timeFormat     :    "24",
		  showsTime      :    false,
      singleClick    :    true
    });
</script></td>

    </tr>
     <tr>
		<td style="padding:5px;">{$lang['static_per_page']}</td>
		<td style="padding-left:5px;"><input class="edit bk" style="text-align: center" name="news_per_page" value="{$news_per_page}" type="text" size="10"></td>
    <td colspan="2"></td>

    </tr>
    <tr>
        <td colspan="4"><div class="hr_line"></div></td>
    </tr>
    <tr>
        <td colspan="4">{$lang['static_order']}</td>
    </tr>
    <tr>
        <td style="padding:5px;">{$lang['edit_et']}</td>
        <td style="padding-left:5px;"><select name="search_order_t" id="search_order_t">
           <option {$search_order_title['----']} value="">{$lang['user_order_no']}</option>
           <option {$search_order_title['asc']} value="asc">{$lang['user_order_plus']}</option>
           <option {$search_order_title['desc']} value="desc">{$lang['user_order_minus']}</option>
            </select>
        </td>
        <td style="padding-left:5px;">{$lang['search_by_date']}</td>
        <td style="padding-left:5px;"><select name="search_order_d" id="search_order_d">
           <option {$search_order_date['----']} value="">{$lang['user_order_no']}</option>
           <option {$search_order_date['asc']} value="asc">{$lang['user_order_plus']}</option>
           <option {$search_order_date['desc']} value="desc">{$lang['user_order_minus']}</option>
            </select>
        </td>
    </tr>
    <tr>
        <td colspan="4"><div class="hr_line"></div></td>
    </tr>
    <tr>
		<td style="padding:5px;">&nbsp;</td>
		<td colspan="3">
<input type="hidden" name="start_from" id="start_from" value="{$start_from}">
<input onClick="javascript:search_submit(0); return(false);" class="edit" type="submit" value="{$lang['edit_act_1']}">
    </td>
    </tr>
</table>
</td>
        <td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
    </tr>
    <tr>
        <td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
        <td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
        <td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
    </tr>
</table>
</div>
</form>
HTML;
	// End Options Bar
	

	echo <<<JSCRIPT
<script language='JavaScript' type="text/javascript">
<!--
function ckeck_uncheck_all() {
    var frm = document.static;
    for (var i=0;i<frm.elements.length;i++) {
        var elmnt = frm.elements[i];
        if (elmnt.type=='checkbox') {
            if(frm.master_box.checked == true){ elmnt.checked=false; }
            else{ elmnt.checked=true; }
        }
    }
    if(frm.master_box.checked == true){ frm.master_box.checked = false; }
    else{ frm.master_box.checked = true; }
}
-->
</script>
JSCRIPT;
	
	if( $entries_showed == 0 ) {
		
		echo <<<HTML
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
    <tr>
        <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
        <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
        <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
    </tr>
    <tr>
        <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
        <td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
    <tr>
        <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['static_head']}</div></td>
        <td bgcolor="#EFEFEF" height="29" style="padding:5px;" align="right"><a href="javascript:ShowOrHide('advancedsearch');">{$lang['static_advanced_search']}</a></td>
    </tr>
</table>
<div class="unterline"></div>
<table width="100%">
    <tr>
        <td style="height:50px;"><br><br><center>{$lang['edit_nostatic']}</center>
<br><br>&nbsp;&nbsp;&nbsp;<input type="button" value="{$lang['static_new']}" class="bbcodes" onclick="document.location='$PHP_SELF?mod=static&action=addnew'"></td>
    </tr>
</table>
</td>
        <td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
    </tr>
    <tr>
        <td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
        <td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
        <td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
    </tr>
</table>
</div>
HTML;
	
	} else {
		
		echo <<<HTML
<form action="" method="post" name="static">
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
    <tr>
        <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
        <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
        <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
    </tr>
    <tr>
        <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
        <td style="padding:5px;" bgcolor="#FFFFFF">

<table width="100%">
    <tr>
        <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['static_head']}</div></td>
        <td bgcolor="#EFEFEF" height="29" style="padding:5px;" align="right"><a href="javascript:ShowOrHide('advancedsearch');">{$lang['static_advanced_search']}</a></td>
    </tr>
</table>
<div class="unterline"></div>
<table width=100% id="staticlist">
	<tr class="thead">
    <th width="350" style="padding:2px;">{$lang['static_title']}</th>
    <th>{$lang['static_descr']}</th>
    <th width="100" align="center"><div style="text-align: center;">&nbsp;{$lang['st_views']}&nbsp;</div></th>
    <th width="10" align="center"><div style="text-align: center;"><input type="checkbox" name="master_box" title="{$lang['edit_selall']}" onclick="javascript:ckeck_uncheck_all()"></div></th>
	</tr>
	<tr class="tfoot"><th colspan="4"><div class="hr_line"></div></td></th>
	{$entries}
	<tr class="tfoot"><th colspan="4"><div class="hr_line"></div></td></th>
</table>
HTML;
		
		// pagination

		$npp_nav = "<div class=\"news_navigation\" style=\"margin-bottom:5px; margin-top:5px;\">";
		
		if( $start_from > 0 ) {
			$previous = $start_from - $news_per_page;
			$npp_nav .= "<a onClick=\"javascript:search_submit($previous); return(false);\" href=\"#\" title=\"{$lang['edit_prev']}\">&lt;&lt;</a> ";
		}
		
		if( $all_count_news > $news_per_page ) {
			
			$enpages_count = @ceil( $all_count_news / $news_per_page );
			$enpages_start_from = 0;
			$enpages = "";
			
			if( $enpages_count <= 10 ) {
				
				for($j = 1; $j <= $enpages_count; $j ++) {
					
					if( $enpages_start_from != $start_from ) {
						
						$enpages .= "<a onClick=\"javascript:search_submit($enpages_start_from); return(false);\" href=\"#\">$j</a> ";
					
					} else {
						
						$enpages .= "<span>$j</span> ";
					}
					
					$enpages_start_from += $news_per_page;
				}
				
				$npp_nav .= $enpages;
			
			} else {
				
				$start = 1;
				$end = 10;
				
				if( $start_from > 0 ) {
					
					if( ($start_from / $news_per_page) > 4 ) {
						
						$start = @ceil( $start_from / $news_per_page ) - 3;
						$end = $start + 9;
						
						if( $end > $enpages_count ) {
							$start = $enpages_count - 10;
							$end = $enpages_count - 1;
						}
						
						$enpages_start_from = ($start - 1) * $news_per_page;
					
					}
				
				}
				
				if( $start > 2 ) {
					
					$enpages .= "<a onClick=\"javascript:search_submit(0); return(false);\" href=\"#\">1</a> ... ";
				
				}
				
				for($j = $start; $j <= $end; $j ++) {
					
					if( $enpages_start_from != $start_from ) {
						
						$enpages .= "<a onClick=\"javascript:search_submit($enpages_start_from); return(false);\" href=\"#\">$j</a> ";
					
					} else {
						
						$enpages .= "<span>$j</span> ";
					}
					
					$enpages_start_from += $news_per_page;
				}
				
				$enpages_start_from = ($enpages_count - 1) * $news_per_page;
				$enpages .= "... <a onClick=\"javascript:search_submit($enpages_start_from); return(false);\" href=\"#\">$enpages_count</a> ";
				
				$npp_nav .= $enpages;
			
			}
		
		}
		
		if( $all_count_news > $i ) {
			$how_next = $all_count_news - $i;
			if( $how_next > $news_per_page ) {
				$how_next = $news_per_page;
			}
			$npp_nav .= "<a onClick=\"javascript:search_submit($i); return(false);\" href=\"#\" title=\"{$lang['edit_next']}\">&gt;&gt;</a>";
		}
		
		$npp_nav .= "</div>";
		
		// pagination
		

		if( $entries_showed != 0 ) {
			echo <<<HTML
<table width=100%>
<tr><td>{$npp_nav}</td>
<td align="right" valign="top"><div style="margin-bottom:5px; margin-top:5px;">
<select name="action">
<option value="">{$lang['edit_selact']}</option>
<option value="mass_date">{$lang['mass_edit_date']}</option>
<option value="mass_clear_count">{$lang['mass_clear_count']}</option>
<option value="mass_delete">{$lang['edit_seldel']}</option>
</select>
<input type="hidden" name="mod" value="mass_static_actions">
<input type="hidden" name="user_hash" value="$dle_login_hash" />
<input class="edit" type="submit" value="{$lang['b_start']}">
</div><td></tr>
HTML;
			
			if( $all_count_news > $news_per_page ) {
				
				echo <<<HTML
<tr><td colspan="2">
{$lang['edit_go_page']} <input class="edit bk" style="text-align: center" name="gopage" id="gopage" value="" type="text" size="3"> <input onClick="javascript:gopage_submit(document.getElementById('gopage').value); return(false);" class="edit" type="button" value=" ok ">
</td></tr>
HTML;
			
			}
		
		}
		
		echo <<<HTML
<tr><td colspan="2">
&nbsp;&nbsp;&nbsp;<input type="button" value="&nbsp;&nbsp;{$lang['static_new']}&nbsp;&nbsp;" class="bbcodes" onclick="document.location='$PHP_SELF?mod=static&action=addnew'">
</td></tr>
	</table>

</td>
        <td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
    </tr>
    <tr>
        <td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
        <td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
        <td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
    </tr>
</table>
</div></form>
<script type="text/javascript">
$(function(){

	$("#staticlist").delegate("tr", "hover", function(){
	  $(this).toggleClass("hoverRow");
	});

});
</script>
HTML;
	
	}
	
	echofooter();

} elseif( $action == "addnew" ) {

	$js_array[] = "engine/skins/calendar.js";

	echoheader( "static", "static" );
	
	echo "
    <SCRIPT LANGUAGE=\"JavaScript\">
    function preview(){";
	
	if( $config['allow_static_wysiwyg'] == "yes" ) {
		echo "document.getElementById('template').value = $('#template').html();";
	}
	
	echo "if(document.static.template.value == '' || document.static.description.value == '' || document.static.name.value == ''){ DLEalert('$lang[static_err_1]', '$lang[p_info]'); }
    else{
        dd=window.open('','prv','height=400,width=750,resizable=1,scrollbars=1')
        document.static.mod.value='preview';document.static.target='prv'
        document.static.submit(); dd.focus()
        setTimeout(\"document.static.mod.value='static';document.static.target='_self'\",500)
    }
    }
    onload=focus;function focus(){document.forms[0].name.focus();}
    </SCRIPT>";
	
	if( $config['allow_static_wysiwyg'] == "yes" ) echo "<form method=post name=\"static\" id=\"static\" onsubmit=\"document.getElementById('template').value = $('#template').html(); if(document.static.name.value == '' || document.static.description.value == '' || document.static.template.value == ''){DLEalert('$lang[vote_alert]', '$lang[p_info]');return false}\" action=\"\">";
	else echo "<form method=post name=\"static\" id=\"static\" onsubmit=\"if(document.static.name.value == '' || document.static.description.value == '' || document.static.template.value == ''){DLEalert('$lang[vote_alert]', '$lang[p_info]');return false}\" action=\"\">";
	
	echo <<<HTML
<!-- calendar stylesheet -->
<link rel="stylesheet" type="text/css" media="all" href="engine/skins/calendar-blue.css" title="win2k-cold-1" />
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
    <tr>
        <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
        <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
        <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
    </tr>
    <tr>
        <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
        <td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
    <tr>
        <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['static_a']}</div></td>
    </tr>
</table>
<div class="unterline"></div>
<table width="100%">
    <tr>
        <td width="150" style="padding:2px;">{$lang['static_title']}</td>
        <td style="padding:2px;"><input type="text" name="name" size="25"  class="edit bk"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_stitle]}', this, event, '250px')">[?]</a></td>
    </tr>
    <tr>
        <td style="padding:2px;">{$lang['static_descr']}</td>
        <td style="padding:2px;"><input type="text" name="description" size="55"  class="edit bk"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_sdesc]}', this, event, '250px')">[?]</a></td>
    </tr>

    <tr>
        <td style="padding:2px;">{$lang['edit_edate']}</td>
        <td style="padding:2px;"><input type="text" name="newdate" id="f_date_c" size="20"  class="edit bk" value="">
<img src="engine/skins/images/img.gif"  align="absmiddle" id="f_trigger_c" style="cursor: pointer; border: 0" title="{$lang['edit_ecal']}"/>&nbsp;<input type="checkbox" name="allow_now" id="allow_now" value="yes" checked>&nbsp;{$lang['edit_jdate']}
<script type="text/javascript">
    Calendar.setup({
        inputField     :    "f_date_c",     // id of the input field
        ifFormat       :    "%Y-%m-%d %H:%M",      // format of the input field
        button         :    "f_trigger_c",  // trigger for the calendar (button ID)
        align          :    "Br",           // alignment 
		timeFormat     :    "24",
		showsTime      :    true,
        singleClick    :    true
    });
</script></td>
    </tr>

HTML;
	
	if( $config['allow_static_wysiwyg'] == "yes" ) {
		
		include (ENGINE_DIR . '/editor/static.php');
	
	} else {
		
		include (ENGINE_DIR . '/inc/include/inserttag.php');
		
		echo <<<HTML
    <tr>
        <td style="padding:2px;">{$lang['static_templ']}</td>
        <td style="padding-left:2px;">{$bb_code}<textarea class="bk" style="width:98%; height:300px;" name="template" id="template"  onclick=setFieldName(this.name)></textarea><script type=text/javascript>var selField  = "template";</script></td>
    </tr>
HTML;
	
	}
	
	if( $config['allow_static_wysiwyg'] != "yes" ) $fix_br = "<input type=\"radio\" name=\"allow_br\" value=\"1\" checked=\"checked\" /> {$lang['static_br_html']}<br /><input type=\"radio\" name=\"allow_br\" value=\"0\" /> {$lang['static_br_html_1']}";
	else $fix_br = "<input type=\"radio\" name=\"allow_br\" value=\"0\" /> {$lang['static_br_html_1']}";

	if ($member_id['user_group'] == 1 ) $fix_br .= "<br /><input type=\"radio\" name=\"allow_br\" value=\"2\" /> {$lang['static_br_html_2']}";

	$groups = get_groups();
	$skinlist = SelectSkin( '' );
	
	echo <<<HTML
		<tr><td>{$lang['static_type']}</td><td>{$fix_br}</td></tr>
		<tr><td colspan="2"><div class="hr_line"></div></td></tr>
	    <tr>
	        <td>&nbsp;</td>
	        <td>{$lang['add_metatags']}<a href="#" class="hintanchor" onMouseover="showhint('{$lang['hint_metas']}', this, event, '220px')">[?]</a></td>
	    </tr>
	    <tr>
	        <td height="29" style="padding-left:5px;">{$lang['meta_title']}</td>
	        <td><input type="text" name="meta_title" style="width:388px;" class="edit bk"></td>
	    </tr>
	    <tr>
	        <td height="29" style="padding-left:5px;">{$lang['meta_descr']}</td>
	        <td><input type="text" name="descr" id="autodescr" style="width:388px;" class="edit bk"> ({$lang['meta_descr_max']})</td>
	    </tr>
	    <tr>
	        <td height="29" style="padding-left:5px;">{$lang['meta_keys']}</td>
	        <td><textarea name="keywords" id='keywords' style="width:388px;height:70px;" class="bk"></textarea></td>
	    </tr>
		<tr><td colspan="2"><div class="hr_line"></div></td></tr>
    <tr>
        <td style="padding:2px;">{$lang['static_tpl']}</td>
        <td style="padding-left:2px;"><input type="text" name="static_tpl" size="20"  class="edit bk">.tpl<a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_stpl]}', this, event, '250px')">[?]</a></td>
    </tr>
    <tr>
        <td style="padding:2px;">{$lang['static_skin']}</td>
        <td style="padding:2px;">{$skinlist}<a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_static_skin]}', this, event, '250px')">[?]</a> <input type="checkbox" name="allow_template" value="1" checked> {$lang['st_al_templ']}</td>
    </tr>
    <tr>
        <td style="padding:2px;">{$lang['stat_allow']}</td>
        <td style="padding:2px;"><select name="grouplevel[]" style="width:150px;height:93px;" multiple><option value="all" selected>{$lang['edit_all']}</option>{$groups}</select></td>
    </tr>
    <tr>
        <td style="padding:2px;">&nbsp;</td>
        <td><br /><br /><input type="submit" value="{$lang['user_save']}" class="buttons" style="width:100px;">&nbsp;&nbsp;&nbsp;<input onClick="preview()" type="button" class="buttons" value="{$lang['btn_preview']}" style="width:100px;">
	<input type=hidden name="action" value="dosavenew">
	<input type=hidden name="mod" value="static">
	<input type=hidden name="preview_mode" value="static" >
	<input type="hidden" name="user_hash" value="$dle_login_hash" />
	<br><br></td>
    </tr>
</table>
</td>
        <td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
    </tr>
    <tr>
        <td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
        <td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
        <td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
    </tr>
</table>
</div></form>
HTML;
	
	echofooter();
} elseif( $action == "dosavenew" ) {
	
	if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
		
		die( "Hacking attempt! User not found" );
	
	}

	$allow_br = intval( $_POST['allow_br'] );
	if ($member_id['user_group'] != 1 AND $allow_br > 1 ) $allow_br = 1;

	if ($allow_br == 2) {

		if( function_exists( "get_magic_quotes_gpc" ) && get_magic_quotes_gpc() ) $_POST['template'] = stripslashes( $_POST['template'] );  

		$template = trim( addslashes( $_POST['template'] ) );

	} else {

		if ( $config['allow_static_wysiwyg'] == "yes" ) $parse->allow_code = false;

		$template = $parse->process( $_POST['template'] );
	
		if( $config['allow_static_wysiwyg'] == "yes" or $allow_br != '1' ) {
			$template = $parse->BB_Parse( $template );
		} else {
			$template = $parse->BB_Parse( $template, false );
		}

	}

	$metatags = create_metatags( $template );
	$name = trim( totranslit( $_POST['name'], true, false ) );
	$descr = trim( $db->safesql( htmlspecialchars( $_POST['description'] ) ) );
	$template = $db->safesql( $template );
	$tpl = trim( totranslit( $_POST['static_tpl'] ) );
	$skin_name =  trim( totranslit( $_POST['skin_name'], false, false ) );
	$newdate = $_POST['newdate'];
    if( isset( $_POST['allow_now'] ) ) $allow_now = $_POST['allow_now']; else $allow_now = "";
	
	if( ! count( $_POST['grouplevel'] ) ) $_POST['grouplevel'] = array ("all" );
	$grouplevel = $db->safesql( implode( ',', $_POST['grouplevel'] ) );
	
	$allow_template = intval( $_POST['allow_template'] );

  // Обработка даты и времени
	$added_time = time() + ($config['date_adjust'] * 60);
	$newsdate = strtotime( $newdate );

	if( ($allow_now == "yes") OR ($newsdate === - 1) OR !$newsdate) {
		$thistime = $added_time;
	} else {
		$thistime = $newsdate;
		if( ! intval( $config['no_date'] ) and $newsdate > $added_time ) $thistime = $added_time;
	}
					
	if( $name == "" or $descr == "" or $template == "" ) msg( "error", $lang['static_err'], $lang['static_err_1'], "javascript:history.go(-1)" );

	$static_count = $db->super_query( "SELECT COUNT(*) as count FROM " . PREFIX . "_static WHERE name='$name'" );

	if ($static_count['count']) msg( "error", $lang['static_err'], $lang['static_err_2'], "javascript:history.go(-1)" );
	
	$db->query( "INSERT INTO " . PREFIX . "_static (name, descr, template, allow_br, allow_template, grouplevel, tpl, metadescr, metakeys, template_folder, date, metatitle) values ('$name', '$descr', '$template', '$allow_br', '$allow_template', '$grouplevel', '$tpl', '{$metatags['description']}', '{$metatags['keywords']}', '{$skin_name}', '{$thistime}', '{$metatags['title']}')" );
	$row = $db->insert_id();
	$db->query( "UPDATE " . PREFIX . "_static_files SET static_id='{$row}' WHERE author = '{$member_id['name']}' AND static_id = '0'" );
	
	msg( "info", $lang['static_addok'], $lang['static_addok_1'], "?mod=static" );

} elseif( $action == "doedit" ) {
	
	$id = intval( $_GET['id'] );
	
	if( $_GET['page'] == "rules" ) {
		
		$row = $db->super_query( "SELECT * FROM " . PREFIX . "_static where name='dle-rules-page'" );
		$lang['static_edit'] = $lang['rules_edit'];
		if( ! $row['id'] ) {
			$id = "";
			$row['allow_template'] = "1";
		} else
			$id = $row['id'];
		
		if( ! $config['registration_rules'] ) $lang['rules_descr'] = $lang['rules_descr'] . " <font color=\"red\">" . $lang['rules_check'] . "</font>";
	
	} else {
		
		$row = $db->super_query( "SELECT * FROM " . PREFIX . "_static where id='$id'" );
	}

	if ($row['allow_br'] == 2) {

		if ($member_id['user_group'] != 1) msg( "error", $lang['index_denied'], $lang['static_not_allowed'] );

		$row['template'] = htmlspecialchars( stripslashes( $row['template'] ) );


	} else {
	
		if( $row['allow_br'] != '1' or $config['allow_static_wysiwyg'] == "yes" ) {
			
			$row['template'] = $parse->decodeBBCodes( $row['template'], true, $config['allow_static_wysiwyg'] );
		
		} else {
			
			$row['template'] = $parse->decodeBBCodes( $row['template'], false );
		
		}
	}
	
	$skinlist = SelectSkin( $row['template_folder'] );
	$row['descr'] = stripslashes($row['descr']);
	$row['metatitle'] = stripslashes( $row['metatitle'] );
	$itemdate = @date( "Y-m-d H:i", $row['date'] );

	$js_array[] = "engine/skins/calendar.js";
	
	echoheader( "static", "static" );
	
	echo <<<HTML
<!-- calendar stylesheet -->
<link rel="stylesheet" type="text/css" media="all" href="engine/skins/calendar-blue.css" title="win2k-cold-1" />
<script language="javascript">

function CheckStatus(Form){
	if(Form.allow_date.checked) {
		Form.allow_now.disabled = true;
		Form.allow_now.checked = false;
	} else {
		Form.allow_now.disabled = false;
	}
}

function confirmdelete(id) {
	    DLEconfirm( '{$lang['static_confirm']}', '{$lang['p_confirm']}', function () {
			document.location="{$PHP_SELF}?mod=static&action=dodelete&user_hash={$dle_login_hash}&id="+id;
		} );
}
</script>
HTML;

	echo "
    <SCRIPT LANGUAGE=\"JavaScript\">
    function preview(){";
	
	if( $config['allow_static_wysiwyg'] == "yes" ) {
		echo "document.getElementById('template').value = $('#template').html();";
	}
	
	echo "if(document.static.template.value == ''){ DLEalert('$lang[static_err_1]', '$lang[p_info]'); }
    else{
        dd=window.open('','prv','height=400,width=750,resizable=1,scrollbars=1')
        document.static.mod.value='preview';document.static.target='prv'
        document.static.submit(); dd.focus()
        setTimeout(\"document.static.mod.value='static';document.static.target='_self'\",500)
    }
    }
    </SCRIPT>";
	
	if( $_GET['page'] == "rules" ) {
		
		if( $config['allow_static_wysiwyg'] == "yes" ) echo "<form method=post name=\"static\" id=\"static\" onsubmit=\"document.getElementById('template').value = $('#template').html();\" action=\"\">";
		else echo "<form method=post name=\"static\" id=\"static\" action=\"\">";
	
	} else {
		
		if( $config['allow_static_wysiwyg'] == "yes" ) echo "<form method=post name=\"static\" id=\"static\" onsubmit=\"document.getElementById('template').value = $('#template').html(); if(document.static.name.value == '' || document.static.description.value == '' || document.static.template.value == ''){DLEalert('$lang[vote_alert]', '$lang[p_info]');return false}\" action=\"\">";
		else echo "<form method=post name=\"static\" id=\"static\" onsubmit=\"if(document.static.name.value == '' || document.static.description.value == '' || document.static.template.value == ''){DLEalert('$lang[vote_alert]', '$lang[p_info]');return false}\" action=\"\">";
	
	}
	
	echo <<<HTML
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
    <tr>
        <td width="4"><img src="engine/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
        <td background="engine/skins/images/tl_oo.gif"><img src="engine/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
        <td width="6"><img src="engine/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
    </tr>
    <tr>
        <td background="engine/skins/images/tl_lb.gif"><img src="engine/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
        <td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
    <tr>
        <td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['static_edit']}</div></td>
    </tr>
</table>
<div class="unterline"></div>
<table width="100%">
HTML;
	
	if( $_GET['page'] == "rules" ) {
		
		echo <<<HTML
    <tr>
        <td width="150" style="padding:2px;">{$lang['static_descr']}</td>
        <td style="padding:2px;" class="navigation">{$lang['rules_descr']}</td>
    </tr>
HTML;
	
	} else {
		
		echo <<<HTML
    <tr>
        <td width="150" style="padding:2px;">{$lang['static_title']}</td>
        <td style="padding:2px;"><input type="text" name="name" size="25"  class="edit bk" value="{$row['name']}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_stitle]}', this, event, '250px')">[?]</a></td>
    </tr>
    <tr>
        <td style="padding:2px;">{$lang['static_descr']}</td>
        <td style="padding:2px;"><input type="text" name="description" size="55"  class="edit bk" value="{$row['descr']}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_sdesc]}', this, event, '250px')">[?]</a></td>
    </tr>
HTML;
	
	}
	
		echo <<<HTML
    <tr>
        <td style="padding:2px;">{$lang['edit_edate']}</td>
        <td style="padding:2px;"><input type="text" name="newdate" id="f_date_c" size="20"  class="edit bk" value="{$itemdate}">
<img src="engine/skins/images/img.gif"  align="absmiddle" id="f_trigger_c" style="cursor: pointer; border: 0" title="{$lang['edit_ecal']}"/>&nbsp;<input type="checkbox" name="allow_date" id="allow_date" value="yes" onclick="CheckStatus(static)" checked>&nbsp;{$lang['edit_ndate']}&nbsp;<input type="checkbox" name="allow_now" id="allow_now" value="yes" disabled>&nbsp;{$lang['edit_jdate']}
<script type="text/javascript">
    Calendar.setup({
        inputField     :    "f_date_c",     // id of the input field
        ifFormat       :    "%Y-%m-%d %H:%M",      // format of the input field
        button         :    "f_trigger_c",  // trigger for the calendar (button ID)
        align          :    "Br",           // alignment 
		timeFormat     :    "24",
		showsTime      :    true,
        singleClick    :    true
    });
</script></td>
    </tr>
HTML;


	if( $config['allow_static_wysiwyg'] == "yes" ) {
		
		include (ENGINE_DIR . '/editor/static.php');
	
	} else {
		
		include (ENGINE_DIR . '/inc/include/inserttag.php');
		
		echo <<<HTML
    <tr>
        <td style="padding:2px;">{$lang['static_templ']}</td>
        <td style="padding:2px;">{$bb_code}<textarea class="bk" style="width:98%; height:300px;" name="template" id="template"  onclick=setFieldName(this.name)>{$row['template']}</textarea><script type=text/javascript>var selField  = "template";</script></td>
    </tr>
HTML;
	
	}
	
	$check = array();

	$check[$row['allow_br']] = "checked=\"checked\"";

	if( $config['allow_static_wysiwyg'] != "yes" ) $fix_br = "<input type=\"radio\" name=\"allow_br\" value=\"1\" {$check[1]} /> {$lang['static_br_html']}<br /><input type=\"radio\" name=\"allow_br\" value=\"0\" {$check[0]} /> {$lang['static_br_html_1']}";
	else $fix_br = "<input type=\"radio\" name=\"allow_br\" value=\"0\" {$check[0]} /> {$lang['static_br_html_1']}";

	if ($member_id['user_group'] == 1 ) $fix_br .= "<br /><input type=\"radio\" name=\"allow_br\" value=\"2\" {$check[2]} /> {$lang['static_br_html_2']}";

	if( $row['allow_template'] ) $check_t = "checked";
	else $check_t = "";

	$groups = get_groups( explode( ',', $row['grouplevel'] ) );
	if( $row['grouplevel'] == "all" ) $check_all = "selected";
	else $check_all = "";
	
	echo <<<HTML
		<tr><td>{$lang['static_type']}</td><td>{$fix_br}</td></tr>
		<tr><td colspan="2"><div class="hr_line"></div></td></tr>
	    <tr>
	        <td>&nbsp;</td>
	        <td>{$lang['add_metatags']}<a href="#" class="hintanchor" onMouseover="showhint('{$lang['hint_metas']}', this, event, '220px')">[?]</a></td>
	    </tr>
	    <tr>
	        <td height="29" style="padding-left:5px;">{$lang['meta_title']}</td>
	        <td><input type="text" name="meta_title" style="width:388px;" class="edit bk" value="{$row['metatitle']}"></td>
	    </tr>
	    <tr>
	        <td height="29" style="padding-left:5px;">{$lang['meta_descr']}</td>
	        <td><input type="text" name="descr" style="width:388px;" class="edit bk" value="{$row['metadescr']}"> ({$lang['meta_descr_max']})</td>
	    </tr>
	    <tr>
	        <td height="29" style="padding-left:5px;">{$lang['meta_keys']}</td>
	        <td><textarea name="keywords" style="width:388px;height:70px;" class="bk">{$row['metakeys']}</textarea></td>
	    </tr>
		<tr><td colspan="2"><div class="hr_line"></div></td></tr>
    <tr>
        <td style="padding:2px;">{$lang['static_tpl']}</td>
        <td style="padding:2px;"><input type="text" name="static_tpl" size="20" value="{$row['tpl']}" class="edit bk">.tpl<a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_stpl]}', this, event, '250px')">[?]</a></td>
    </tr>
HTML;
	
	if( $_GET['page'] != "rules" ) echo <<<HTML
    <tr>
        <td style="padding:2px;">{$lang['static_skin']}</td>
        <td style="padding:2px;">{$skinlist}<a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_static_skin]}', this, event, '250px')">[?]</a></td>
    </tr>
    <tr>
        <td style="padding:2px;">{$lang['stat_allow']}</td>
        <td style="padding:2px;"><select name="grouplevel[]" style="width:150px;height:93px;" multiple><option value="all" {$check_all}>{$lang['edit_all']}</option>{$groups}</select></td>
    </tr>
HTML;
	
	echo <<<HTML
    <tr>
        <td style="padding:2px;">&nbsp;</td>
        <td style="padding-left:2px;"><input type="checkbox" name="allow_template" value="1" {$check_t}> {$lang['st_al_templ']}</td>
    </tr>
    <tr>
        <td style="padding:2px;">&nbsp;</td>
        <td><br>&nbsp;<input type="submit" value="{$lang['user_save']}" class="buttons" style="width:100px;">&nbsp;&nbsp;&nbsp;<input onClick="preview()" type="button" class="buttons" value="{$lang['btn_preview']}" style="width:100px;">&nbsp;&nbsp;&nbsp;<input onClick="confirmdelete('{$row['id']}'); return(false)" type="button" class="buttons" value="{$lang['edit_dnews']}" style="width:100px;">
	<input type="hidden" name="action" value="dosaveedit">
	<input type=hidden name="mod" value="static">
	<input type=hidden name="preview_mode" value="static" >
	<input type="hidden" name="user_hash" value="$dle_login_hash" />
	<input type="hidden" name="static_date" value="{$row['date']}" />
	<input type="hidden" name="id" value="{$id}">
	<br><br></td>
    </tr>
</table>
</td>
        <td background="engine/skins/images/tl_rb.gif"><img src="engine/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
    </tr>
    <tr>
        <td><img src="engine/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
        <td background="engine/skins/images/tl_ub.gif"><img src="engine/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
        <td><img src="engine/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
    </tr>
</table>
</div></form>
HTML;
	
	echofooter();
} elseif( $action == "dosaveedit" ) {
	
	if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
		
		die( "Hacking attempt! User not found" );
	
	}

	$allow_br = intval( $_POST['allow_br'] );
	if ($member_id['user_group'] != 1 AND $allow_br > 1 ) $allow_br = 1;

	if ($allow_br == 2) {

		if( function_exists( "get_magic_quotes_gpc" ) && get_magic_quotes_gpc() ) $_POST['template'] = stripslashes( $_POST['template'] );  

		$template = trim( addslashes( $_POST['template'] ) );

	} else {

		if ( $config['allow_static_wysiwyg'] == "yes" ) $parse->allow_code = false;

		$template = $parse->process( $_POST['template'] );
	
		if( $config['allow_static_wysiwyg'] == "yes" or $allow_br != '1' ) {
			$template = $parse->BB_Parse( $template );
		} else {
			$template = $parse->BB_Parse( $template, false );
		}

	}
	
	$metatags = create_metatags( $template );
	
	if( $_GET['page'] == "rules" ) {
		
		$name = "dle-rules-page";
		$descr = $lang['rules_edit'];
	
	} else {
		
		$name = trim( totranslit( $_POST['name'], true, false ) );
		$descr = trim( $db->safesql( htmlspecialchars( $_POST['description'] ) ) );
		
		if( ! count( $_POST['grouplevel'] ) ) $_POST['grouplevel'] = array ("all" );
		$grouplevel = $db->safesql( implode( ',', $_POST['grouplevel'] ) );
	
	}
	
	$template = $db->safesql( $template );
	$allow_template = intval( $_POST['allow_template'] );
	$tpl = trim( totranslit( $_POST['static_tpl'] ) );
	$skin_name =  trim( totranslit( $_POST['skin_name'], false, false ) );
	$newdate = $_POST['newdate'];
	if( isset( $_POST['allow_date'] ) ) $allow_date = $_POST['allow_date']; else $allow_date = "";
	if( isset( $_POST['allow_now'] ) )  $allow_now = $_POST['allow_now']; else $allow_now = "";

	// Обработка даты и времени
	$added_time = time() + ($config['date_adjust'] * 60);
	$newsdate = strtotime( $newdate );

	if( $allow_date != "yes" ) {

		if( $allow_now == "yes" ) $thistime = $added_time;
		elseif( ($newsdate === - 1) OR !$newsdate ) {
				$thistime = $added_time;
		} else {

			$thistime = $newsdate;

			if( ! intval( $config['no_date'] ) and $newsdate > $added_time ) {
				$thistime = $added_time;
			}

		}
					
	} else {
		$thistime = intval( $_POST['static_date'] );
	}
	
	if( $_GET['page'] == "rules" ) {
		
		if( $_POST['id'] ) {
			
			$db->query( "UPDATE " . PREFIX . "_static SET descr='$descr', template='$template', allow_br='$allow_br', allow_template='$allow_template', grouplevel='all', tpl='$tpl', metadescr='{$metatags['description']}', metakeys='{$metatags['keywords']}', template_folder='{$skin_name}', date='{$thistime}', metatitle='{$metatags['title']}' WHERE name='dle-rules-page'" );
		
		} else {
			
			$db->query( "INSERT INTO " . PREFIX . "_static (name, descr, template, allow_br, allow_template, grouplevel, tpl, metadescr, metakeys, template_folder, date, metatitle) values ('$name', '$descr', '$template', '$allow_br', '$allow_template', 'all', '$tpl', '{$metatags['description']}', '{$metatags['keywords']}', '{$skin_name}', '{$thistime}', '{$metatags['title']}')" );
			$row = $db->insert_id();
			$db->query( "UPDATE " . PREFIX . "_static_files SET static_id='{$row}' WHERE author = '{$member_id['name']}' AND static_id = '0'" );
		
		}
		
		msg( "info", $lang['rules_ok'], $lang['rules_ok'], "?mod=static&action=doedit&page=rules" );
	
	} else {
		
		$id = intval( $_GET['id'] );

		if( $name == "" or $descr == "" or $template == "" ) msg( "error", $lang['static_err'], $lang['static_err_1'], "javascript:history.go(-1)" );

		$static_count = $db->super_query( "SELECT COUNT(*) as count FROM " . PREFIX . "_static WHERE name='$name' AND id != '$id'" );
	
		if ($static_count['count']) msg( "error", $lang['static_err'], $lang['static_err_2'], "javascript:history.go(-1)" );

		
		$db->query( "UPDATE " . PREFIX . "_static SET name='$name', descr='$descr', template='$template', allow_br='$allow_br', allow_template='$allow_template', grouplevel='$grouplevel', tpl='$tpl', metadescr='{$metatags['description']}', metakeys='{$metatags['keywords']}', template_folder='{$skin_name}', date='{$thistime}', metatitle='{$metatags['title']}' WHERE id='$id'" );
		
		msg( "info", $lang['static_addok'], $lang['static_addok_1'], "?mod=static" );
	
	}
	
	msg( "info", $lang['static_addok'], $lang['static_addok_1'], "?mod=static" );

} elseif( $action == "dodelete" ) {
	
	if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {
		
		die( "Hacking attempt! User not found" );
	
	}
	
	$id = intval( $_GET['id'] );
	
	$db->query( "DELETE FROM " . PREFIX . "_static WHERE id='$id'" );
	
	$db->query( "SELECT name, onserver FROM " . PREFIX . "_static_files WHERE static_id = '$id'" );
	
	while ( $row = $db->get_row() ) {
		
		if( $row['onserver'] ) {
			
			@unlink( ROOT_DIR . "/uploads/files/" . $row['onserver'] );
		
		} else {
			
			$url_image = explode( "/", $row['name'] );
			
			if( count( $url_image ) == 2 ) {
				
				$folder_prefix = $url_image[0] . "/";
				$dataimages = $url_image[1];
			
			} else {
				
				$folder_prefix = "";
				$dataimages = $url_image[0];
			
			}
			
			@unlink( ROOT_DIR . "/uploads/posts/" . $folder_prefix . $dataimages );
			@unlink( ROOT_DIR . "/uploads/posts/" . $folder_prefix . "thumbs/" . $dataimages );
		}
	
	}
	
	$db->query( "DELETE FROM " . PREFIX . "_static_files WHERE static_id = '$id'" );
	
	msg( "info", $lang['static_del'], $lang['static_del_1'], "$PHP_SELF?mod=static" );

}
?>


Добавлено через 14 минут, 45 секунд:

Вот знаменитые Dle API думаю будет интересно почитать комментарии:

<?php
/*
=====================================================
 DataLife Engine - by SoftNews Media Group 
-----------------------------------------------------
 http://dle-news.ru/
-----------------------------------------------------
 Copyright (c) 2009, 2011 IT-Security (Asafov Sergey)
=====================================================
 Данный код защищен авторскими правами
=====================================================
 Файл: api.class.php
-----------------------------------------------------
 Назначение: API для написания модификаций или интеграции в другие скрипты
=====================================================
*/

if( ! defined( 'DATALIFEENGINE' ) ) {
	define( 'DATALIFEENGINE', true );
}
if( ! defined( 'ROOT_DIR' ) ) {
	define( 'ROOT_DIR', substr( dirname( __FILE__ ), 0, - 11 ) );
}

if( ! defined( 'ENGINE_DIR' ) ) {
	define( 'ENGINE_DIR', ROOT_DIR . '/engine' );
}

if( ! class_exists( 'DLE_API' ) )
{
	class DLE_API
	{
		/**
		 * Экземпляр класса DB
		 * @var object
		 */
     	var $db = false;
    	 	
		/**
		 * Версия API
		 * @var string
		 */
      	var $version = '0.07';
    	  	
		/**
		 * Копия конфига DLE
		 * @var array
		 */
      	var $dle_config = array ();
      	
		/**
		 * Путь до директории с кешем
		 * @var string
		 */
      	var $cache_dir = false;
      	
		/**
		 * Массив со всеми файлами кеша
		 * @var array
		 */      	
      	var $cache_files = array();
    	  	
		/**
		 * Конструктор класса
		 * @return boolean
		 */
		function DLE_API()
		{
			if (!$this->cache_dir)
			{
				$this->cache_dir = ENGINE_DIR."/cache/";
			}
			return true;
		}
			
		/**
		 * Получение информации о пользователе по его ID
		 * @param $id int - ID пользователя
		 * @param $select_list string - Перечень полей с информации или * для всех
		 * @return Массив с данными в случае успеха и false если пользователь не найден
		 */	
		function take_user_by_id ($id, $select_list = "*")
		{
			$id = intval( $id );
			if( $id == 0 ) return false;
			$row = $this->load_table(USERPREFIX."_users", $select_list, "user_id = '$id'");
			if( count( $row ) == 0 )
				return false;
			else
				return $row;
		}
		
		/**
		 * Получение информации о пользователе по его имени
		 * @param $name string - Имя пользователя
		 * @param $select_list string - Перечень полей с информации или * для всех
		 * @return Массив с данными в случае успеха и false если пользователь не найден
		 */
		function take_user_by_name($name, $select_list = "*")
		{
			$name = $this->db->safesql( $name );
			if( $name == '' ) return false;
			$row = $this->load_table(USERPREFIX."_users", $select_list, "name = '$name'");
			if( count( $row ) == 0 )
				return false;
			else
				return $row;
		}
			
		/**
		 * Получение информации о пользователе по его емайлу
		 * @param $email string - Емайл пользователя
		 * @param $select_list string - Перечень полей с информации или * для всех
		 * @return Массив с данными в случае успеха и false если пользователь не найден
		 */	
		function take_user_by_email($email, $select_list = "*")
		{
			$email = $this->db->safesql( $email );
			if( $email == '' ) return false;
			$row = $this->load_table(USERPREFIX."_users", $select_list, "email = '$email'");
			if( count( $row ) == 0 )
				return false;
			else
				return $row;
		}
		
		/**
		 * Получение данных пользователей определённой группы
		 * @param $group int - ID группы
		 * @param $select_list string - Перечень полей с информации или * для всех
		 * @param $limit int - Количество получаемых пользователей
		 * @return 2-х мерный массив с данными в случае успеха и false если пользователь не найден
		 */
		function take_users_by_group ($group, $select_list = "*", $limit = 0)
		{
			$group = intval( $group );
			$data = array();
			if( $group == 0 ) return false;
			$data = $this->load_table(USERPREFIX."_users", $select_list, "user_group = '$group'", true, 0, $limit);
			if( count( $data ) == 0 )
				return false;
			else
				return $data;
		}
		
		/**
		 * Получение данных пользователей, засветившихся под определённым IP
		 * @param $ip string - Интересующий нас IP
		 * @param $like bool - использовать ли маску при поиске
		 * @param $select_list string - Перечень полей с информации или * для всех
		 * @param $limit int - Количество получаемых пользователей
		 * @return 2-х мерный массив с данными в случае успеха и false если пользователь не найден
		 */
		function take_users_by_ip ($ip, $like = false, $select_list = "*", $limit = 0)
		{
			$ip = $this->db->safesql( $ip );
			$data = array();
			if( $ip == '' ) return false;
			if( $like )
				$condition  = "logged_ip like '$ip%'";
			else
				$condition  = "logged_ip = '$ip'";
			$data = $this->load_table(USERPREFIX."_users", $select_list, $condition, true, 0, $limit);
			if( count( $data ) == 0 )
				return false;
			else
				return $data;
		}
		
		/**
		 * Смена имени пользователя
		 * @param $user_id int - ID пользователя
		 * @param $new_name string - Новое имя пользователя
		 * @return bool - true в случае успеха и false ежели новое имя уже занято другим пользователем
		 */
		function change_user_name ($user_id, $new_name)
		{
			$user_id = intval( $user_id );
			$new_name = $this->db->safesql( $new_name );
			$count_arr = $this->load_table(USERPREFIX."_users", "count(user_id) as count", "name = '$new_name'");
			$count = $count_arr['count'];
			
			if( $count > 0 ) return false;

			$old_name_arr = $this->load_table(USERPREFIX."_users", "name", "user_id = '$user_id'");
			$old_name = $old_name_arr['name'];
			$this->db->query( "UPDATE " . PREFIX . "_post SET autor='$new_name' WHERE autor='{$old_name}'" );
			$this->db->query( "UPDATE " . PREFIX . "_comments SET autor='$new_name' WHERE autor='{$old_name}' AND is_register='1'" );
			$this->db->query( "UPDATE " . USERPREFIX . "_pm SET user_from='$new_name' WHERE user_from='{$old_name}'" );
			$this->db->query( "UPDATE " . PREFIX . "_vote_result SET name='$new_name' WHERE name='{$old_name}'" );
			$this->db->query( "UPDATE " . PREFIX . "_images SET author='$new_name' WHERE author='{$old_name}'" );
			$this->db->query( "update " . USERPREFIX . "_users set name = '$new_name' where user_id = '$user_id'" );
			return true;

		}

		/**
		 * Изменение пароля пользователя
		 * @param $user_id int - ID пользователя
		 * @param $new_password string - новый пароль
		 * @return null
		 */
		function change_user_password($user_id, $new_password)
		{
			$user_id = intval( $user_id );
			$new_password = md5( md5( $new_password ) );
			$this->db->query( "update " . USERPREFIX . "_users set password = '$new_password' where user_id = '$user_id'" );
		}
		
		/**
		 * Изменение емайла пользователя
		 * @param $user_id int - ID пользователя
		 * @param $new_email string - новый емайл пользователя
		 * @return int - некий код
		 * 		-2: некорректный емайл
		 * 		-1: новый емайл используется другим пользователем
		 * 		 1: операция прошла успешно
		 */
		function change_user_email($user_id, $new_email)
		{
			$user_id = intval( $user_id );

			if( (! preg_match('/^([a-z0-9])(([-a-z0-9._])*([a-z0-9]))*\@([a-z0-9])'.'(([a-z0-9-])*([a-z0-9]))+' . '(\.([a-z0-9])([-a-z0-9_-])?([a-z0-9])+)+$/i', $new_email )) or (empty( $new_email )) )
			{
				return -2;
			}

			$new_email = $this->db->safesql( $new_email );
			$email_exist_arr = $this->load_table(USERPREFIX."_users", "count(user_id) as count", "email = '$new_email'");
			if ($email_exist_arr['count'] > 0) return -1;

			$q = $this->db->query( "update " . USERPREFIX . "_users set email = '$new_email' where user_id = '$user_id'" );
			return 1;			
		}
			
			
		/**
		 * Изменение группы пользователя
		 * @param $user_id int - ID пользователя
		 * @param $new_group int - ID новой группы пользователя
		 * @return bool - true в случае успеха и false если указан ID несуществующей группы
		 */
		function change_user_group($user_id, $new_group)
		{
			$user_id = intval( $user_id );
			$new_group = intval( $new_group );
			if($this->checkGroup($new_group) === false) return false;
			$this->db->query( "update " . USERPREFIX . "_users set user_group = '$new_group' where user_id = '$user_id'" );
			return true;
		}
		
		/**
		 * Авторизация пользователя по имени и паролю
		 * @param $login string - имя пользователя
		 * @param $password string - пароль пользователя
		 * @return bool
		 * 		true:	разрешаем авторизацию
		 * 		false:	авторизация не пройдена
		 */
		function external_auth($login, $password)
		{
			$login = $this->db->safesql( $login );
			$password = md5( md5( $password ) );
			$arr = $this->load_table(USERPREFIX."_users", "user_id", "name = '$login' AND password = '$password'");
			if( ! empty( $arr['user_id'] ) )
				return true;
			else
				return false;
		}
		
		/**
		 * Добавление в базу нового пользователя
		 * @param $login string - имя пользователя
		 * @param $password string - пароль пользователя
		 * @param $email string - емайл пользователя
		 * @param $group int - группа пользователя
		 * @return int - код
		 * 		-4: задана несуществующая группа
		 * 		-3: некорректный емайл
		 * 		-2: емайл занят другим пользователем
		 * 		-1: имя пользователя тоже занято, вот неудача
		 * 		 1: операция прошла успешно
		 */
		function external_register($login, $password, $email, $group)
		{
			$login = $this->db->safesql( $login );
			$password = md5( md5( $password ) );
			$email = $this->db->safesql( $email );
			$group = intval( $group );
			
			$login_exist_arr = $this->load_table(USERPREFIX."_users", "count(user_id) as count", "name = '$login'");
			if( $login_exist_arr['count'] > 0 ) return -1;
			
			$email_exist_arr = $this->load_table(USERPREFIX."_users", "count(user_id) as count", "email = '$email'");
			if( $email_exist_arr['count'] > 0 ) return -2;
			
			if (!ereg( '^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+' . '@' . '[-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $email ) or (empty( $email )))
			{
				return -3;
			}
			
			if($this->checkGroup($group) === false) return -4;
			
			$now = time();
			$q = $this->db->query( "insert into " . USERPREFIX . "_users (email, password, name, user_group, reg_date) VALUES ('$email', '$password', '$login', '$group', '$now')" );
			return 1;
		}		

		/**
		 * Отправка пользователю персонального сообщения
		 * @param $user_id int - ID получателя
		 * @param $subject string - тема сообщения
		 * @param $text string - текст сообщения
		 * @param $from string - имя отправителя
		 * @return int - код
		 * 		-1: получатель не существует
		 * 		 0: операция неудалась
		 * 		 1: операция прошла успешно
		 */
		function send_pm_to_user($user_id, $subject, $text, $from)
		{
			$user_id = intval( $user_id );
			// Check if user exist
			$count_arr = $this->load_table(USERPREFIX."_users", "count(user_id) as count", "user_id = '$user_id'");
			if($count_arr['count'] == 0 ) return - 1;			

			$subject = $this->db->safesql( $subject );
			$text = $this->db->safesql( $text );
			$from = $this->db->safesql( $from );
			$now = time();
			$q = $this->db->query( "insert into " . PREFIX . "_pm (subj, text, user, user_from, date, pm_read, folder) VALUES ('$subject', '$text', '$user_id', '$from', '$now', 'no', 'inbox')" );
			if( ! $q ) return 0;

			
			$this->db->query( "update " . USERPREFIX . "_users set pm_unread = pm_unread + 1, pm_all = pm_all+1  where user_id = '$user_id'" );
			return 1;

		}
      	
		/**
		 * Service function - take params from table
		 * @param $table string - название таблицы
		 * @param $fields string - необходимые поля через запятйю или * для всех
		 * @param $where string - условие выборки
		 * @param $multirow bool - забирать ли один ряд или несколько
		 * @param $start int - начальное значение выборки
		 * @param $limit int - количество записей для выборки, 0 - выбрать все
		 * @param $sort string - поле, по которому осуществляется сортировка
		 * @param $sort_order - направление сортировки
		 * @return array с данными или false если mysql вернуль 0 рядов
		 */
		function load_table ($table, $fields = "*", $where = '1', $multirow = false, $start = 0, $limit = 0, $sort = '', $sort_order = 'desc')
		{
			if (!$table) return false;

			if ($sort!='') $where.= ' order by '.$sort.' '.$sort_order;
			if ($limit>0) $where.= ' limit '.$start.','.$limit;
			$q = $this->db->query("Select ".$fields." from ".$table." where ".$where);
			if ($multirow)
			{
				while ($row = $this->db->get_row())
				{
					$values[] = $row;
				}
			}
			else
			{
				$values = $this->db->get_row();
			}
			if (count($values)>0) return $values;
			
			return false;

		}
        
		/**
		 * Запись данных в кеш
		 * @param $fname string - имя файла для кеша без расширения
		 * @param $vars - данные для записи
		 * @return unknown_type
		 */
		function save_to_cache ($fname, $vars)
		{
			// @TODO собачка - зло
			$filename = $fname.".tmp";
			$f = @fopen($this->cache_dir.$filename, "w+");
			@chmod('0777', $this->cache_dir.$filename);
			if (is_array($vars)) $vars = serialize($vars);
			@fwrite($f, $vars);
			@fclose($f);
			return $vars;
		}
			
			
		/**
		 * Загрузка данных из кеша
		 * @param $fnamee string - имя файла для кеша без расширения
		 * @param $timeout int - время жизни кэша в секундах
		 * @param $type string - тип данных в кеше. если не text - считаем, что хранился массив
		 * @return unknown_type
		 */
		function load_from_cache ($fname, $timeout=300, $type = 'text')
		{
			$filename = $fname.".tmp";
			if (!file_exists($this->cache_dir.$filename)) return false;
			if ((filemtime($this->cache_dir.$filename)) < (time()-$timeout)) return false;

			if ($type=='text')
			{
				return file_get_contents($this->cache_dir.$filename);
			}
			else
			{
				return unserialize(file_get_contents($this->cache_dir.$filename));
			}
		}			

		/**
		 * Удаление кеша
		 * @param $name string - имя файла для удаления. При значении GLOBAL удаляем весь кеш
		 * @return null
		 */				
		function clean_cache($name = "GLOBAL")
		{
			$this->get_cached_files();
			
			if ($name=="GLOBAL")
			{
				foreach ($this->cache_files as $cached_file)
				{
					@unlink($this->cache_dir.$cached_file);
				}
			}
			elseif (in_array($name.".tmp", $this->cache_files))
			{
				@unlink($this->cache_dir.$name.".tmp");
			}
		}

		/**
		 * Получение массива содержащего названия файлов кеша
		 * @return array
		 */		
		function get_cached_files()
		{
			$handle = opendir($this->cache_dir);
			while (($file = readdir($handle)) !== false)
			{
				if ($file != '.' && $file != '..' && (!is_dir($this->cache_dir.$file) && $file !='.htaccess'))
				{
					$this->cache_files [] = $file;
				}
			}
			closedir($handle);
		}		

		/**
		 * Сохранение параметров скрипта
		 * @param $key string или array
		 * 		string: Название параметра
		 * 		 array: ассоциативный массив параметров
		 * @param $new_value - значение параметра. Не используется, если $key массив
		 * @return null;
		 */				
		function edit_config ($key, $new_value = '')
		{
			$find[] = "'\r'";
			$replace[] = "";
			$find[] = "'\n'";
			$replace[] = "";
			$config = $this->dle_config;
			if (is_array($key))
			{
				foreach ($key as $ckey=>$cvalue)
				{
					if ($config[$ckey])
					{
						$config[$ckey] = $cvalue;
					}
				}
			}
			else
			{
				if ($config[$key])
				{
					$config[$key] = $new_value;
				}
			}
			// Записываем новый конфиг
			$handle = @fopen(ENGINE_DIR.'/data/config.php', 'w');
			fwrite( $handle, "<?PHP \n\n//System Configurations\n\n\$config = array (\n\n" );
			foreach ( $config as $name => $value )
			{
				if( $name != "offline_reason" )
				{
					$value = trim( stripslashes( $value ) );
					$value = htmlspecialchars( $value);
					$value = preg_replace( $find, $replace, $value );
					$name = trim( stripslashes( $name ) );
					$name = htmlspecialchars( $name, ENT_QUOTES );
					$name = preg_replace( $find, $replace, $name );
				}
				$value = str_replace( "$", "&#036;", $value );
				$value = str_replace( "{", "&#123;", $value );
				$value = str_replace( "}", "&#125;", $value );
				$name = str_replace( "$", "&#036;", $name );
				$name = str_replace( "{", "&#123;", $name );
				$name = str_replace( "}", "&#125;", $name );
				fwrite( $handle, "'{$name}' => \"{$value}\",\n\n" );
			}
			fwrite( $handle, ");\n\n?>" );
			fclose( $handle );
			$this->clean_cache();
		}
         		
		/**
		 * Получение новостей
		 * @param $cat string - категории новостей, через запятую
		 * @param $fields string - перечень получаемых полей новостей или * для всех
		 * @param $start int - начальное значение выборки
		 * @param $limit int - количество новостей для выборки, 0 - выбрать все новости
		 * @param $sort string - поле, по которому осуществляется сортировка
		 * @param $sort_order - направление сортировки
		 * @return array - ассоциативный 2-х мерный массив с новостями
		 */
		function take_news ($cat, $fields = "*", $start = 0, $limit = 10, $sort = 'id', $sort_order = 'desc')
		{
			if ($this->dle_config['allow_multi_category'] == 1)
			{
				$condition = 'category regexp "[[:<:]]('.str_replace(',', '|', $cat).')[[:>:]]"';
			}
			else
			{
				$condition = 'category IN ('.$cat.')';
			}
			return $this->load_table (PREFIX."_post", $fields, $condition, $multirow = true, $start, $limit, $sort, $sort_order);
			 
		}
        	
        	
		/**
		 * Проверка существования группы с указанным ID
		 * @param $group int - ID группы
		 * @return bool - true если существует и false если нет
		 */		
		function checkGroup($group)
		{
			$row = $this->db->super_query('SELECT group_name FROM '.USERPREFIX.'_usergroups WHERE id = '.intval($group));
			return isset($row['group_name']);
		}        	
        	

		/**
		 * Установка административной части модуля
		 * @param $name string		- название модуля, а именно файла .php находящегося в папке engine/inc/,
									но без расширения файла
		 * @param $title string		- заголовок модуля
		 * @param $descr string		- описание модуля
		 * @param $icon string		- имя иконки для модуля, без указания пути.
		 							Иконка обязательно при этом должна находится в папке engine/skins/images/
		 * @param $perm string		- информация о группах которым разрешен показ данного модуля.
		 							Данное поле может принимать следующие значения: all или ID групп через запятую.
									Например: 1,2,3. если указано значение all то модуль будет показываться всем
									пользователям имеющим доступ в админпанель
		 * @return bool - true если успешно установлено и false если нет
		 */
		function install_admin_module ($name, $title, $descr, $icon, $perm = '1')
		{
			$name = $this->db->safesql($name);
			$title = $this->db->safesql($title);
			$descr = $this->db->safesql($descr);
			$icon = $this->db->safesql($icon);
			$perm = $this->db->safesql($perm);
			// Для начала проверяем наличие модуля
			$this->db->query("Select name from `".PREFIX."_admin_sections` where name = '$name'");
			if ($this->db->num_rows()>0)
			{
				// Модуль есть, обновляем данные
				$this->db->query("UPDATE `".PREFIX."_admin_sections` set title = '$title', descr = '$descr', icon = '$icon', allow_groups = '$perm' where name = '$name'");
				return true;
			}
			else
			{
				// Модуля нету, добавляем
				$this->db->query("INSERT INTO `".PREFIX."_admin_sections` (`name`, `title`, `descr`, `icon`, `allow_groups`) VALUES ('$name', '$title', '$descr', '$icon', '$perm')");
				return true;
			}

			return false;
		}

		/**
		 * Удаление административной части модуля
		 * @param $name string - название модуля
		 * @return null
		 */
		function uninstall_admin_module ($name)
		{
			$name = $this->db->safesql($name);
			$this->db->query("DELETE FROM `".PREFIX."_admin_sections` where name = '$name'");
		}

		/**
		 * Изменение прав административной части модуля
		 * @param $name string 		- название модуля
		 * @param $perm string		- информация о группах которым разрешен показ данного модуля.
		 							Данное поле может принимать следующие значения: all или ID групп через запятую.
									Например: 1,2,3. если указано значение all то модуль будет показываться всем
									пользователям имеющим доступ в админпанель
		 * @return null
		 */
		function change_admin_module_perms ($name, $perm)
		{
            $name = $this->db->safesql($name);
            $perm = $this->db->safesql($perm);
			$this->db->query("UPDATE `".PREFIX."_admin_sections` set allow_groups = '$perm' where name = '$name'");
		}
        	

	}
}

	$dle_api = new DLE_API ();
	if( ! $config['version_id'] ) include_once (ENGINE_DIR . '/data/config.php');
	$dle_api->dle_config = $config;
	if( ! isset( $db ) ) {
		include_once (ENGINE_DIR . '/classes/mysql.php');
		include_once (ENGINE_DIR . '/data/dbconfig.php');
	}
	$dle_api->db = $db;
?>


Добавлено через 18 минут, 54 секунд:

Порадовал отдельный файл для двух строк, хотя можно записать и одной:) :

<?php
/*
=====================================================
 DataLife Engine - by SoftNews Media Group 
-----------------------------------------------------
 http://dle-news.ru/
-----------------------------------------------------
 Copyright (c) 2004,2011 SoftNews Media Group
=====================================================
 Данный код защищен авторскими правами
=====================================================
 Файл: mysql.php
-----------------------------------------------------
 Назначение: Класс для работы с базой данных
=====================================================
*/

if(!defined('DATALIFEENGINE'))
{
  die("Hacking attempt!");
}

if ( extension_loaded('mysqli') )
{
	include_once( ENGINE_DIR."/classes/mysqli.class.php" );
}
else
{
	include_once( ENGINE_DIR."/classes/mysql.class.php" );
}

?>


Добавлено через 23 минут, 58 секунд:

Вот индекс пхп:

<?php
/*
=====================================================
 DataLife Engine - by SoftNews Media Group 
-----------------------------------------------------
 http://dle-news.ru/
-----------------------------------------------------
 Copyright (c) 2004,2011 SoftNews Media Group
=====================================================
 Данный код защищен авторскими правами
=====================================================
 Файл: index.php
-----------------------------------------------------
 Назначение: Главная страница
=====================================================
*/

@session_start ();
@ob_start ();
@ob_implicit_flush ( 0 );

@error_reporting ( E_ALL ^ E_WARNING ^ E_NOTICE );
@ini_set ( 'display_errors', true );
@ini_set ( 'html_errors', false );
@ini_set ( 'error_reporting', E_ALL ^ E_WARNING ^ E_NOTICE );

define ( 'DATALIFEENGINE', true );

$member_id = FALSE;
$is_logged = FALSE;

define ( 'ROOT_DIR', dirname ( __FILE__ ) );
define ( 'ENGINE_DIR', ROOT_DIR . '/engine' );

require_once ROOT_DIR . '/engine/init.php';

if (clean_url ( $_SERVER['HTTP_HOST'] ) != clean_url ( $config['http_home_url'] )) {
	
	$replace_url = array ();
	$replace_url[0] = clean_url ( $config['http_home_url'] );
	$replace_url[1] = clean_url ( $_SERVER['HTTP_HOST'] );

} else
	$replace_url = false;

$tpl->load_template ( 'main.tpl' );

$tpl->set ( '{calendar}', $tpl->result['calendar'] );
$tpl->set ( '{archives}', $tpl->result['archive'] );
$tpl->set ( '{tags}', $tpl->result['tags_cloud'] );
$tpl->set ( '{vote}', $tpl->result['vote'] );
$tpl->set ( '{topnews}', $topnews );
$tpl->set ( '{login}', $tpl->result['login_panel'] );
$tpl->set ( '{info}',  $tpl->result['info'] );
$tpl->set ( '{speedbar}', $tpl->result['speedbar'] );

if ($config['allow_skin_change'] == "yes") $tpl->set ( '{changeskin}', ChangeSkin ( ROOT_DIR . '/templates', $config['skin'] ) );

if (count ( $banners ) and $config['allow_banner']) {
	
	foreach ( $banners as $name => $value ) {
		$tpl->copy_template = str_replace ( "{banner_" . $name . "}", $value, $tpl->copy_template );
	}

}

$tpl->set_block ( "'{banner_(.*?)}'si", "" );

if (count ( $informers ) and $config['rss_informer']) {
	foreach ( $informers as $name => $value ) {
		$tpl->copy_template = str_replace ( "{inform_" . $name . "}", $value, $tpl->copy_template );
	}
}

if ($allow_active_news AND $config['allow_change_sort'] AND $do != "userinfo") {
	
	$tpl->set ( '[sort]', "" );
	$tpl->set ( '{sort}', news_sort ( $do ) );
	$tpl->set ( '[/sort]', "" );

} else {
	
	$tpl->set_block ( "'\\[sort\\](.*?)\\[/sort\\]'si", "" );

}

if ($dle_module == "showfull" ) {

	if (is_array($cat_list) AND count($cat_list) > 1 ) $category_id = implode(",", $cat_list);

}

if (strpos ( $tpl->copy_template, "[category=" ) !== false) {
	$tpl->copy_template = preg_replace ( "#\\[category=(.+?)\\](.*?)\\[/category\\]#ies", "check_category('\\1', '\\2', '{$category_id}')", $tpl->copy_template );
}

if (strpos ( $tpl->copy_template, "[not-category=" ) !== false) {
	$tpl->copy_template = preg_replace ( "#\\[not-category=(.+?)\\](.*?)\\[/not-category\\]#ies", "check_category('\\1', '\\2', '{$category_id}', false)", $tpl->copy_template );
}


if (strpos ( $tpl->copy_template, "[static=" ) !== false) {
	$tpl->copy_template = preg_replace ( "#\\[static=(.+?)\\](.*?)\\[/static\\]#ies", "check_static('\\1', '\\2')", $tpl->copy_template );
}

if (strpos ( $tpl->copy_template, "[not-static=" ) !== false) {
	$tpl->copy_template = preg_replace ( "#\\[not-static=(.+?)\\](.*?)\\[/not-static\\]#ies", "check_static('\\1', '\\2', false)", $tpl->copy_template );
}

if (strpos ( $tpl->copy_template, "{custom" ) !== false) {
	$tpl->copy_template = preg_replace ( "#\\{custom category=['\"](.+?)['\"] template=['\"](.+?)['\"] aviable=['\"](.+?)['\"] from=['\"](.+?)['\"] limit=['\"](.+?)['\"] cache=['\"](.+?)['\"]\\}#ies", "custom_print('\\1', '\\2', '\\3', '\\4', '\\5', '\\6', '{$dle_module}')", $tpl->copy_template );
}

$config['http_home_url'] = explode ( "index.php", strtolower ( $_SERVER['PHP_SELF'] ) );
$config['http_home_url'] = reset ( $config['http_home_url'] );

if (! $user_group[$member_id['user_group']]['allow_admin']) $config['admin_path'] = "";

$ajax .= <<<HTML
<div id="loading-layer" style="display:none"><div id="loading-layer-text">{$lang['ajax_info']}</div></div>{$pm_alert}
<script language="javascript" type="text/javascript">
<!--
var dle_root       = '{$config['http_home_url']}';
var dle_admin      = '{$config['admin_path']}';
var dle_login_hash = '{$dle_login_hash}';
var dle_group      = {$member_id['user_group']};
var dle_skin       = '{$config['skin']}';
var dle_wysiwyg    = '{$config['allow_comments_wysiwyg']}';
var quick_wysiwyg  = '{$config['allow_quick_wysiwyg']}';
var dle_act_lang   = ["{$lang['p_yes']}", "{$lang['p_no']}", "{$lang['p_enter']}", "{$lang['p_cancel']}"];
var menu_short     = '{$lang['menu_short']}';
var menu_full      = '{$lang['menu_full']}';
var menu_profile   = '{$lang['menu_profile']}';
var menu_send      = '{$lang['menu_send']}';
var menu_uedit     = '{$lang['menu_uedit']}';
var dle_info       = '{$lang['p_info']}';
var dle_confirm    = '{$lang['p_confirm']}';
var dle_prompt     = '{$lang['p_prompt']}';
var dle_req_field  = '{$lang['comm_req_f']}';
var dle_del_agree  = '{$lang['news_delcom']}';
var dle_del_news   = '{$lang['news_delnews']}';\n
HTML;

if ($user_group[$member_id['user_group']]['allow_all_edit']) {
	
	$ajax .= <<<HTML
var dle_notice     = '{$lang['btn_notice']}';
var dle_p_send     = '{$lang['p_send']}';
var dle_p_send_ok  = '{$lang['p_send_ok']}';
var dle_p_text     = '{$lang['p_text']}';
var dle_del_msg    = '{$lang['p_message']}';
var allow_dle_delete_news   = true;\n
HTML;

} else {
	
	$ajax .= <<<HTML
var allow_dle_delete_news   = false;\n
HTML;

}

if ($config['fast_search'] AND $user_group[$member_id['user_group']]['allow_search']) {

	$ajax .= <<<HTML
var dle_search_delay   = false;
var dle_search_value   = '';
$(function(){
	FastSearch();
});
HTML;

}

$ajax .= <<<HTML
//-->
</script>
HTML;

if ($allow_comments_ajax AND ($config['allow_comments_wysiwyg'] == "yes" OR $config['allow_quick_wysiwyg'])) $js_array[] ="engine/editor/jscripts/tiny_mce/jquery.tinymce.js";

if (strpos ( $tpl->result['content'], "hs.expand" ) !== false or strpos ( $tpl->copy_template, "hs.expand" ) !== false) {
	
	if ($config['thumb_dimming']) $dimming = "hs.dimmingOpacity = 0.60;"; else $dimming = "";

	if ($config['thumb_gallery'] AND ($dle_module == "showfull" OR $dle_module == "static") ) {

	$gallery = "
	hs.align = 'center';
	hs.transitions = ['expand', 'crossfade'];
	hs.addSlideshow({
		interval: 4000,
		repeat: false,
		useControls: true,
		fixedControls: 'fit',
		overlayOptions: {
			opacity: .75,
			position: 'bottom center',
			hideOnMouseOut: true
		}
	});";

	} else {

		$gallery = "";

	}

	$js_array[] = "engine/classes/highslide/highslide.js";

	switch ( $config['outlinetype'] ) {

		case 1 :
			$type = "hs.wrapperClassName = 'wide-border';";
			break;

		case 2 :
			$type = "hs.wrapperClassName = 'borderless';";
			break;

		case 3 :
			$type = "hs.wrapperClassName = 'less';\nhs.outlineType = null;";
			break;
	
		default :
			$type = "hs.outlineType = 'rounded-white';";
			break;


	}
	
	$ajax .= <<<HTML
<script language="javascript" type="text/javascript">  
<!--  
	hs.graphicsDir = '{$config['http_home_url']}engine/classes/highslide/graphics/';
	{$type}
	hs.numberOfImagesToPreload = 0;
	hs.showCredits = false;
	{$dimming}
	hs.lang = {
		loadingText :     '{$lang['loading']}',
		playTitle :       '{$lang['thumb_playtitle']}',
		pauseTitle:       '{$lang['thumb_pausetitle']}',
		previousTitle :   '{$lang['thumb_previoustitle']}',
		nextTitle :       '{$lang['thumb_nexttitle']}',
		moveTitle :       '{$lang['thumb_movetitle']}',
		closeTitle :      '{$lang['thumb_closetitle']}',
		fullExpandTitle : '{$lang['thumb_expandtitle']}',
		restoreTitle :    '{$lang['thumb_restore']}',
		focusTitle :      '{$lang['thumb_focustitle']}',
		loadingTitle :    '{$lang['thumb_cancel']}'
	};
	{$gallery}
//-->
</script>
HTML;

}

$tpl->set ( '{AJAX}', $ajax );
$tpl->set ( '{headers}', $metatags."\n".build_js($js_array, $config) );

$tpl->set ( '{content}', "<div id='dle-content'>" . $tpl->result['content'] . "</div>" );

$tpl->compile ( 'main' );
$tpl->result['main'] = str_replace ( '{THEME}', $config['http_home_url'] . 'templates/' . $config['skin'], $tpl->result['main'] );
if ($replace_url) $tpl->result['main'] = str_replace ( $replace_url[0]."/", $replace_url[1]."/", $tpl->result['main'] );
$tpl->result['main'] = str_replace ( 'img src="http://'.$_SERVER['HTTP_HOST'].'/', 'img src="/', $tpl->result['main'] );

echo $tpl->result['main'];
$tpl->global_clear ();
$db->close ();

echo "\n<!-- DataLife Engine Copyright SoftNews Media Group (http://dle-news.ru) -->\r\n";

GzipOut ();
?>
Перейти в начало страницы
+Цитировать сообщение
Loader
сообщение 2011-01-23, 7:14
Сообщение #65
Профессионал
Иконка группы

Группа: Eleanor user
Сообщений: 1 161
Регистрация: 2010-04-19

Репутация:   нет  
Всего: нет


peter ты просто жжёшь! :crazy:
Перейти в начало страницы
+Цитировать сообщение
peter
сообщение 2011-01-23, 7:19
Сообщение #66
Заглянувший
Иконка группы

Группа: Персона нон грата
Сообщений: 24
Регистрация: 2010-06-09
Версия системы: RC5

Репутация:   нет  
Всего: нет


echo ("done"); die ();//Сделано, умереть 

:rolleyes:

Обновление:

<?php

if( ! defined( 'DATALIFEENGINE' ) ) {
	die( "Hacking attempt!" );
}

$config['version_id'] = "9.2";
$config['allow_recaptcha'] = "0";
$config['recaptcha_public_key'] = "6LfoOroSAAAAAEg7PViyas0nRqCN9nIztKxWcDp_";
$config['recaptcha_private_key'] = "6LfoOroSAAAAAMgMr_BTRMZy20PFir0iGT2OQYZJ";
$config['recaptcha_theme'] = "clean";
unset($config['allow_upload']);
unset($config['news_captcha']);

$tableSchema = array();

$tableSchema[] = "ALTER TABLE `" . PREFIX . "_usergroups` ADD `admin_tagscloud` TINYINT( 1 ) NOT NULL DEFAULT '0'";
$tableSchema[] = "UPDATE " . PREFIX . "_usergroups SET `admin_tagscloud` = '1' WHERE id = '1'";
$tableSchema[] = "ALTER TABLE `" . PREFIX . "_comments` ADD INDEX `post_id` ( `post_id` ), ADD INDEX `approve` ( `approve` )";

foreach($tableSchema as $table) {
	$db->query ($table);
}


$handler = fopen(ENGINE_DIR.'/data/config.php', "w") or die("Извините, но невозможно записать информацию в файл <b>.engine/data/config.php</b>.<br />Проверьте правильность проставленного CHMOD!");
fwrite($handler, "<?PHP \n\n//System Configurations\n\n\$config = array (\n\n");
foreach($config as $name => $value)
{
	fwrite($handler, "'{$name}' => \"{$value}\",\n\n");
}
fwrite($handler, ");\n\n?>");
fclose($handler);

$fdir = opendir( ENGINE_DIR . '/cache/system/' );
while ( $file = readdir( $fdir ) ) {
	if( $file != '.' and $file != '..' and $file != '.htaccess' ) {
		@unlink( ENGINE_DIR . '/cache/system/' . $file );
		
	}
}

@unlink(ENGINE_DIR.'/data/snap.db');

clear_cache();

if ($db->error_count) $error_info = "Всего запланировано запросов: <b>".$db->query_num."</b> Неудалось выполнить запросов: <b>".$db->error_count."</b>. Возможно они уже выполнены ранее."; else $error_info = "";

msgbox("info","Информация", "<form action=\"index.php\" method=\"GET\">Обновление базы данных с версии <b>9.0</b> до версии <b>9.2</b> успешно завершено.<br />{$error_info}<br />Нажмите далее для продолжения процессa обновления скрипта<br /><br /><input type=\"hidden\" name=\"next\" value=\"next\"><input class=\"edit\" type=\"submit\" value=\"Далее ...\"></form>");
?>


Для обновления используется ещё один класс для работы с БД!

Добавлено через 7 минут, 33 секунд:

Не совсем понял зачем нужен этот кусок в website.lng И adminpanel.lng

////////////
// Локализация транслита
$langtranslit = array(
'а' => 'a', 'б' => 'b', 'в' => 'v',
'г' => 'g', 'д' => 'd', 'е' => 'e',
'ё' => 'e', 'ж' => 'zh', 'з' => 'z',
'и' => 'i', 'й' => 'y', 'к' => 'k',
'л' => 'l', 'м' => 'm', 'н' => 'n',
'о' => 'o', 'п' => 'p', 'р' => 'r',
'с' => 's', 'т' => 't', 'у' => 'u',
'ф' => 'f', 'х' => 'h', 'ц' => 'c',
'ч' => 'ch', 'ш' => 'sh', 'щ' => 'sch',
'ь' => '', 'ы' => 'y', 'ъ' => '',
'э' => 'e', 'ю' => 'yu', 'я' => 'ya',
"ї" => "yi", "є" => "ye",

'А' => 'A', 'Б' => 'B', 'В' => 'V',
'Г' => 'G', 'Д' => 'D', 'Е' => 'E',
'Ё' => 'E', 'Ж' => 'Zh', 'З' => 'Z',
'И' => 'I', 'Й' => 'Y', 'К' => 'K',
'Л' => 'L', 'М' => 'M', 'Н' => 'N',
'О' => 'O', 'П' => 'P', 'Р' => 'R',
'С' => 'S', 'Т' => 'T', 'У' => 'U',
'Ф' => 'F', 'Х' => 'H', 'Ц' => 'C',
'Ч' => 'Ch', 'Ш' => 'Sh', 'Щ' => 'Sch',
'Ь' => '', 'Ы' => 'Y', 'Ъ' => '',
'Э' => 'E', 'Ю' => 'Yu', 'Я' => 'Ya',
"Ї" => "yi", "Є" => "ye",
);


Сообщение отредактировал peter - 2011-01-23, 7:22
Перейти в начало страницы
+Цитировать сообщение
Alexander
сообщение 2011-01-23, 14:46
Сообщение #67
Eleanor developer
Иконка группы

Группа: Администраторы
Сообщений: 5 259
Регистрация: 2008-11-11
Из: Николаев
Версия системы: RC5

Репутация:   нет  
Всего: 67


Цитата (peter @ 2018-11-17 13:02)
Можно было все настройки сайта и языковую конфигурацию вынести в константы(дефайны) - нет вынесли в массив.

У нас тоже в массивах. Это и удобнее и практичнее.

В остальном, мне просто БОЛЬНО смотреть на такой кривой код... ХТМЛ (к скриптам внутри HTML я отношусь нормально) вперемешку с PHP. Невалидная верстка, устаревшие параметры... Это просто кошмар :(

Пишите, пожалуйста, еще.
Перейти в начало страницы
+Цитировать сообщение
peter
сообщение 2011-01-23, 15:49
Сообщение #68
Заглянувший
Иконка группы

Группа: Персона нон грата
Сообщений: 24
Регистрация: 2010-06-09
Версия системы: RC5

Репутация:   нет  
Всего: нет


Цитата (Alexander @ 2011-01-23, 15:46)
У нас тоже в массивах. Это и удобнее и практичнее.

В остальном, мне просто БОЛЬНО смотреть на такой кривой код... ХТМЛ (к скриптам внутри HTML я отношусь нормально) вперемешку с PHP. Невалидная верстка, устаревшие параметры... Это просто кошмар :(

Пишите, пожалуйста, еще.


Мне лично проще использовать define, т.к. эти определения будут доступны во всех классах/функциях и их нельзя изменить. Каждый раз копировать массив в функцию или выносить в глобал... Но в Eleanor реализовано все хорошо.

Этот код они уже долго не обновляли(несколько лет), т.к. нету смысла - там таких файлов полно.
Мне кажется невалидная верстка это как раз результат html в php, если бы вынесли в шаблон этого бы не было.

А "сверху" все выглядит красиво, у них очень много платных и бесплатных шаблонов.

Хотел посмотреть на редактор кода шаблонов с подсветкой,думаю будет как у MT.

Сообщение отредактировал peter - 2011-01-23, 16:02
Перейти в начало страницы
+Цитировать сообщение
Гость_Tvv_*
сообщение 2011-01-25, 18:27
Сообщение #69



Гости





Уважаемые мальчики и девочки. Был у меня случай с ДЛЕ.

Я построил три сайта на ДЛЕ нуллед. Было все супер, убил очень много времени в настройку, дизайн и наполнение информацией. Потом начал раскручивать. Когда все казалось супер меня разработчики нашли и перекрыли кислород сначала мне за лицензию. Конечно я не заплатил так как у меня сайты были фри. Я их послал. Они написали хосту и хост меня удалил за пиратские версии системы. Вопрос: Нахрена юзать нуллед если полно бесплатный и даже лучших есть. Например этот же Елеанор, еще бета тест но уже почти не уступает норм ЦМС-кам. А некоторые уже давно скрылись за горами. Я вам говорю: Вас не будут трогать пока ваш сайт не в топах, а когда появиться поверте вас заставят удалить или купить ту же лицензию. Это про ДЛЕ. Про булку так же было с лицензиец. Хотя булка для меня намного лучше ИПБ. А вот ИПБ проносит. Еще молчат они с лицензией.

Сообщение отредактировал Tvv - 2011-01-25, 18:28
Перейти в начало страницы
+Цитировать сообщение
Alexander
сообщение 2011-01-25, 18:43
Сообщение #70
Eleanor developer
Иконка группы

Группа: Администраторы
Сообщений: 5 259
Регистрация: 2008-11-11
Из: Николаев
Версия системы: RC5

Репутация:   нет  
Всего: 67


Tvv, за софт нужно платить вне зависимости какой сайт (фри или коммерческий).
Перейти в начало страницы
+Цитировать сообщение
Гость_Tvv_*
сообщение 2011-01-25, 19:17
Сообщение #71



Гости





Цитата (Alexander @ 2018-11-17 13:02)
Tvv, за софт нужно платить вне зависимости какой сайт (фри или коммерческий).


За какой софт платить? Платить только за лицензию ДЛЕ надо было, за лицензию булки тоже. Только за это надо было платить. Или ты имееш ввиду это софтом? А вся инфа была мои разработки которые я давал по лицензии фри.
Перейти в начало страницы
+Цитировать сообщение
Flynt
сообщение 2011-01-25, 19:25
Сообщение #72
Любитель
Иконка группы

Группа: Eleanor user
Сообщений: 313
Регистрация: 2010-06-30

Репутация:   нет  
Всего: нет


Цитата (Tvv @ 2018-11-17 13:02)
Платить только за лицензию ДЛЕ надо было, за лицензию булки тоже. Только за это надо было платить.

Сейчас жизнь такая каждый хочет урвать деньги.Но случай с дле совсем выходит из рамки, нет патента и лицензия 60 баксов стоит.
Перейти в начало страницы
+Цитировать сообщение

4 страниц Открыть меню  « < 2 3 4
Ответить в данную темуНачать новую тему
0 чел. читают эту тему (гостей: 0, скрытых пользователей: 0)
Пользователей: 0

 
RSS Текстовая версия 0.0558 сек.    11 запросов    GZIP включен    Сейчас: 2018-11-17, 12:02