"; if (!$GO_CONFIG->jquery_on || !$GO_CONFIG->jquery_mod_login_top){ $txtmp .="".img("ico/left9.gif",_HIDE_MENU,16,16)." "._HIDE_MENU.""; } $txtmp .="    "; $txtmp .=" ["; $txtmp .= "ver.".$GO_CONFIG->version; if ($GO_CONFIG->version_text) $txtmp .= " ".$GO_CONFIG->version_text; $txtmp .="] "; // $txtmp .= _AUTOLOGOUT.":   "; // $txtmp .= "  "; $txtmp .="

"; } /* przeniesione nizej //----------top if (getpost("action")<>"edit"){ if ($GO_CONFIG->dz_stop){ echo $GWPE->s_top(get_page($GO_CONFIG->dz_top_idpage)); } if ($GO_CONFIG->dz_stop_banner){ echo $GWPE->s_btop("bannertop"); } if ($GO_CONFIG->dz_smenu){ echo $GWPE->s_mtop("menu"); } } */ //echo getpost("action")."--".getpost(op)."==".getpost(ss)."==".session_id();exit; //--------------------------listpg start //echo "fsdF";exit; if (getpost("action")=="listpg" AND (is_moderator() OR (getpost(op)=="spopup" AND getpost(ss)==session_id()) ) ){ //echo "fsdf";exit; if ($GO_CONFIG->external_tpl){ //echo "fsdf";exit; ob_start(); } echo ""; if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering // echo $external_tpl_config } //--------------------------listpg end //if ($op=="setting" AND (is_admin() OR is_sadmin())){ //===============================================================------------------------------------------------------------------- } else if ($op=="setting" AND ( ($dzcfg>0 AND is_admindzial($dzcfg,1)) OR (!$dzcfg AND is_admin()) OR is_sadmin()) ){ if ($GO_CONFIG->external_tpl){ ob_start(); } //echo ""; if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //===================================================================------------------------------------------------------- } else if ($op=="system" AND is_sadmin()){ if ($GO_CONFIG->external_tpl){ ob_start(); } include("config/system.php"); if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //====================================================================------------------------------------------------------ } else if ($op=="config_dzialy" AND is_admindzial(0,1)){ if ($GO_CONFIG->external_tpl){ ob_start(); } include("config/dzialy.php"); if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //=========================================================================------------------------------------------ } else if ($op=="config_note" AND is_admin()){ if ($GO_CONFIG->external_tpl){ ob_start(); } include("config/notepad.php"); if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //================================================================----------------------------- } else if ($op=="config_stat" AND is_admin()){ if ($GO_CONFIG->external_tpl){ ob_start(); } define("A_SETTING_STAT","1"); if ($_GET['action']=="clearallstat"){ $sql="TRUNCATE TABLE ".$GO_CONFIG->dbprefix."stat "; $db->sql_query($sql); $sql="TRUNCATE TABLE ".$GO_CONFIG->dbprefix."statrefresh "; $db->sql_query($sql); $sql="TRUNCATE TABLE ".$GO_CONFIG->dbprefix."stat_domains "; $db->sql_query($sql); $sql="TRUNCATE TABLE ".$GO_CONFIG->dbprefix."stat_dzialy "; $db->sql_query($sql); $sql="TRUNCATE TABLE ".$GO_CONFIG->dbprefix."stat_firstpg "; $db->sql_query($sql); $sql="TRUNCATE TABLE ".$GO_CONFIG->dbprefix."stat_fromcountry "; $db->sql_query($sql); $sql="TRUNCATE TABLE ".$GO_CONFIG->dbprefix."stat_fromip "; $db->sql_query($sql); $sql="TRUNCATE TABLE ".$GO_CONFIG->dbprefix."stat_modules "; $db->sql_query($sql); $sql="TRUNCATE TABLE ".$GO_CONFIG->dbprefix."stat_pages "; $db->sql_query($sql); $sql="TRUNCATE TABLE ".$GO_CONFIG->dbprefix."stat_referer "; $db->sql_query($sql); $sql="TRUNCATE TABLE ".$GO_CONFIG->dbprefix."stat_scr "; $db->sql_query($sql); $sql="TRUNCATE TABLE ".$GO_CONFIG->dbprefix."stat_system "; $db->sql_query($sql); } include("config/stat.php"); if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //=============================================================------------------------------------------ } else if ($op=="config_banner" AND is_admin()){ if ($GO_CONFIG->external_tpl){ ob_start(); } define("A_SETTING_BANNERS","1"); $res=""; if ($_POST['action']=="addclient"){ if ($_POST['upclid']>0){//update client if ($_POST['bcl_passwd']) $clpasswd=" password='".addslashes($_POST['bcl_passwd'])."', "; else $clpasswd=""; $sql="UPDATE ".$GO_CONFIG->dbprefix."banners_owners SET $clpasswd id_user='".addslashes($_POST['bcl_iduser'])."', gid_owner='".addslashes($_POST['bcl_gidowner'])."', name='".addslashes($_POST['bcl_name'])."', email='".addslashes($_POST['bcl_email'])."', adres='".addslashes($_POST['bcl_adres'])."' WHERE id='".addslashes($_POST['upclid'])."' limit 1"; $result = $db->sql_query($sql); //return edit client $_GET['action']="addclient"; $_GET['edidcl']=$_POST['upclid']; echo "upadte client"; }else{//insert client if ($_POST['bcl_gidowner'] AND $_POST['bcl_name'] AND $_POST['bcl_passwd']){ $sql = "INSERT INTO ".$GO_CONFIG->dbprefix."banners_owners ( id, id_user, gid_owner, name, password, email, adres, last_data_login, last_ip_login, all_login )VALUES( '','".addslashes($_POST['bcl_iduser'])."','".addslashes($_POST['bcl_gidowner'])."', '".addslashes($_POST['bcl_name'])."','".addslashes($_POST['bcl_passwd'])."','".addslashes($_POST['bcl_email'])."', '".addslashes($_POST['bcl_adres'])."', '','','' )"; $result = $db->sql_query($sql); $newinsid=$db->sql_nextid(); if ($newinsid>0){ $res= ""._ADDBANNERUSEROK." "._IDBANERUSER.": ".$newinsid.""; }else echo error(_ERRORINSERTDB); }else echo error(_NONEEDFIELD); }//insert client end }else if ($_POST['action']=="addbanner"){ if ($_POST['ban_alwaysshow']==1) $ban_alwaysshow=1; else $ban_alwaysshow=0; if ($_POST['ban_piorytet']<1) $_POST['ban_piorytet']=1; if ($_POST['ban_width']<1) $_POST['ban_width']="100px"; if ($_POST['ban_height']<1) $_POST['ban_height']="100px"; if ($_POST['upbanid']>0){//update if ($_POST['ban_www']){ if ($_POST['ban_counter_data']) $databan=" '".date2timestamp($_POST['ban_counter_data'])."' "; else $databan="NULL"; $sql="UPDATE ".$GO_CONFIG->dbprefix."banners SET id_banowner='".addslashes($_POST['ban_owners'])."', www='".addslashes($_POST['ban_www'])."',banner_type='".addslashes($_POST['ban_type'])."', file_width='".addslashes($_POST['ban_width'])."',file_height='".addslashes($_POST['ban_height'])."', file_border='".addslashes($_POST[ban_brweight])."', file_colborder='".addslashes($_POST[ban_borcol])."', counter_views='".addslashes($_POST['ban_counter_views'])."', counter_click='".addslashes($_POST['ban_counter_visit'])."', counter_datae=".$databan.", counter_always='".$ban_alwaysshow."', active='".addslashes($_POST['ban_active'])."', done_prio='".addslashes($_POST['ban_piorytet'])."' WHERE id='".addslashes($_POST['upbanid'])."' limit 1"; $result = $db->sql_query($sql); }else echo error(_ERRORNONEEDFIELD); //return edit banner $_GET['action']="addbanner"; $_GET['edidb']=$_POST['upbanid']; }else{//insert new banner start if ($_FILES["ban_file"]["tmp_name"] AND $_POST['ban_www'] AND $_POST['ban_filetype'] AND $_POST['ban_owners'] AND $_POST['ban_width'] AND $_POST['ban_height']){ if ($_POST['ban_counter_data']) $databan=" '".date2timestamp($_POST['ban_counter_data'])."' "; else $databan="NULL"; $sql = "INSERT INTO ".$GO_CONFIG->dbprefix."banners ( id, id_banowner, www, banner_type, file_type, file_width, file_height, file_border, file_colborder, id_dzial, counter_views, counter_click, counter_datae, counter_always, active, done, done_prio, views, clicks )VALUES( '','".addslashes($_POST['ban_owners'])."', '".addslashes($_POST['ban_www'])."','".addslashes($_POST['ban_type'])."','".addslashes($_POST['ban_filetype'])."', '".addslashes($_POST['ban_width'])."','".addslashes($_POST['ban_height'])."','".addslashes($_POST['ban_brweight'])."','".addslashes($_POST['ban_borcol'])."', '".addslashes($_POST['ban_iddzial'])."', '".addslashes($_POST['ban_counter_views'])."','".addslashes($_POST['ban_counter_visit'])."',".$databan.", '".$ban_alwaysshow."','".addslashes($_POST['ban_active'])."', '".addslashes($_POST['ban_piorytet'])."','".addslashes($_POST['ban_piorytet'])."', '1','1' ) "; $result = $db->sql_query($sql); $newinsid=$db->sql_nextid(); if ($newinsid>0){ $newfile="image_banners/".$_POST['ban_owners']."/".$newinsid.".".addslashes($_POST['ban_filetype']); if (!is_dir("image_banners/".$_POST['ban_owners'])){ mkdir("image_banners/".$_POST['ban_owners'], 0700); } if (!move_uploaded_file($_FILES["ban_file"]["tmp_name"],$newfile)) { $sql = "DEKLETE FROM ".$GO_CONFIG->dbprefix."banners WHERE id='$newinsid' LIMIT 1"; $db->sql_query($sql); echo error(_ERRORUPLOADING); }else $res= ""._ADDBANNEROK." "._IDBANER.": ".$newinsid.""; }else echo error(_ERRORINSERTDB); }else echo error(_ERRORNONEEDFIELD); }//insert } if ($_GET['action']=="addclient"){ if ($_GET['edidcl']>0) { $sql = "SELECT * FROM ".$GO_CONFIG->dbprefix."banners_owners WHERE id='".addslashes($_GET['edidcl'])."' limit 1"; $result = $db->sql_query($sql); $rowecl=$db->sql_fetchrow($result); // echo "edit client"; } else if ($_GET[delidcl]>0) { //delete file start $sql="SELEDT id FROM ".$GO_CONFIG->dbprefix."banners WHERE id_banowner='".addslashes($_GET['delidcl'])."' "; $result = $db->sql_query($sql); while($row=$db->sql_fetchrow($result)){ unlink("image_banners/".$row['id_banowner']."/".$row['id'].".".$row['file_type']); } //delete file end $sql="DELETE FROM ".$GO_CONFIG->dbprefix."banners_owners WHERE id='".addslashes($_GET['delidcl'])."' limit 1"; $db->sql_query($sql); $sql="DELETE FROM ".$GO_CONFIG->dbprefix."banners WHERE id_banowner='".addslashes($_GET['delidcl'])."' "; $db->sql_query($sql); echo "delete client TODO UNLINK FILE"; } }else if ($_GET['action']=="addbanner"){ if ($_GET[edidb]>0) { //edit banner $sql = "SELECT * FROM ".$GO_CONFIG->dbprefix."banners WHERE id='".addslashes($_GET['edidb'])."' limit 1"; $result = $db->sql_query($sql); $rowedb=$db->sql_fetchrow($result); // echo "edit banner"; }else if ($_GET[delidb]>0) {//delete banner //delete file start $sql="SELEDT id FROM ".$GO_CONFIG->dbprefix."banners WHERE id='".addslashes($_GET['delidb'])."' limit 1"; $result = $db->sql_query($sql); $row=$db->sql_fetchrow($result); unlink("image_banners/".$row['id_banowner']."/".$row['id'].".".$row['file_type']); //delete file end $sql="DELETE FROM ".$GO_CONFIG->dbprefix."banners WHERE id='".addslashes($_GET['delidb'])."' limit 1"; $db->sql_query($sql); echo "delete banner TODO UNLINK FILE"; }else if ($_GET[offidb]>0){//unactive banner $sql="UPDATE ".$GO_CONFIG->dbprefix."banners SET active='0' WHERE id='".addslashes($_GET['offidb'])."' AND active='1' limit 1"; $db->sql_query($sql); // echo "OFF banner"; }else if ($_GET[onidb]>0){//active banner $sql="UPDATE ".$GO_CONFIG->dbprefix."banners SET active='1' WHERE id='".addslashes($_GET['onidb'])."' AND active='0' limit 1"; $db->sql_query($sql); // echo "ON banner"; } } include("config/banners.php"); if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //===================================================================------------------------------------------------------- } else if ($op=="config_domain" AND is_sadmin()){ if ($GO_CONFIG->external_tpl){ ob_start(); } if ($_POST['sm']=="0" AND $_POST['domainquery']<>"" AND $_POST['searchdomain'] AND $_POST['searchdomainwhere']<>""){ $sql = "SELECT * FROM ".$GO_CONFIG->dbprefix."domain WHERE name like '%".addslashes($_POST['domainquery'])."%' AND types='".addslashes($_POST['searchdomainwhere'])."' "; $result = $db->sql_query($sql); }else if ($_POST['sm']=="1" AND $_POST['newdomain']<>"" AND $_POST['domainsub_id2']>0){ if ($_POST['newdomainlock']) $_POST['newdomainlock']=1; else $_POST['newdomainlock']=0; $sql="INSERT INTO ".$GO_CONFIG->dbprefix."domain ( id_domain, name, types, id_dzial, param, active, `lock`, id_owner, top_user, top_active, todate )VALUES( '','".addslashes($_POST['newdomain'])."','s', '".addslashes($_POST['domainsub_id2'])."','".addslashes($_POST['newdomainparam'])."','".addslashes($_POST['newdomainact'])."', '".addslashes($_POST['newdomainlock'])."', '','','',NOW() )"; $db->sql_query($sql); }else if ($_POST['sm']=="0" AND $_POST['editdomain']<>"" AND $_POST['editdomainsub_id2']>0 AND $_POST['editdomainid']){ if ($_POST['editdomainlock']==1) $_POST['editdomainlock']=1; else $_POST['editdomainlock']=0; $sql="UPDATE ".$GO_CONFIG->dbprefix."domain SET name='".addslashes($_POST['editdomain'])."', id_dzial='".addslashes($_POST['editdomainsub_id2'])."', `lock`='".addslashes($_POST['editdomainlock'])."', param='".addslashes($_POST['editdomainparam'])."', active='".addslashes($_POST['editdomainact'])."' WHERE id_domain='".addslashes($_POST['editdomainid'])."' limit 1"; $db->sql_query($sql); }else if ($_GET['sm']=="0" AND $_GET['action']=="editdomain" AND $_GET['dmcfg']>0){ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."domain WHERE id_domain='".addslashes($_GET['dmcfg'])."' limit 1"; $result = $db->sql_query($sql); $row=$db->sql_fetchrow($result); define("_editdomain","".$_GET['dmcfg'].""); }else if ($_GET['sm']=="0" AND $_GET['action']=="deletedomain" AND $_GET['dmcfg']>0){ $sql="DELETE FROM ".$GO_CONFIG->dbprefix."domain WHERE id_domain='".addslashes($_GET['dmcfg'])."' limit 1"; $db->sql_query($sql); } include("config/domain.php"); if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //=============================================================================------------------------------------------ } else if ($op=="config_info"){ if ($GO_CONFIG->external_tpl){ ob_start(); } include("config/info.php"); if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //=========================================================================------------------------------------------------ } else if ($op=="config_newsletter" AND is_admin()){ if ($GO_CONFIG->external_tpl){ ob_start(); } //-----save if ($_POST['action']=="sendmailsnl" AND $_POST['idnl']>0 AND $_POST['f_content']){ if ($_POST['nl_name']) $subiect=$_POST['nl_name']; else $subiect=_NEWSLETTERSUBIECT; $contentnl_foother .="
\nNewsletter ".gdate()."
\n
\n "; $contentnl .=$_POST['f_content']; // $contentnl .=$_POST[nl_name]."
\n "; $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."newsletter_recepient WHERE type_nl='".addslashes($_POST['idnl'])."' AND active='1' "; $result = $db->sql_query($sql); $mok=0; $merr=0; $merror=""; while($row = $db->sql_fetchrow($result)){ if ($row['email']){ $recipient=stripslashes($row['email']); $contentnl_header .="Witaj [".$recipient."],
\n"; $contentnlok=$contentnl_header.$contentnl.$contentnl_foother; $mailsstatus=sendmailer($recipient,$subiect,$contentnlok,1); if ($mailsstatus==true){ $mok++; }else{ $merror .= "
".$mailsstatus; $merr++; } }else $merr++; } echo "Wyslano maili: ".($mok+$merr).", "; echo "W tym: "; echo "Pomyslnie: ".$mok.", "; echo "Blednie: ".$merr.", "; if ($merror) echo "Mail status: ".$merror; // if ($_GET[action]=="sendnewsletter" AND $_GET[idnl]>0){ // echo "send prepere"; }else if ($_GET['action']=="deletenl" AND $_GET['idnl']>0){ $sql="DELETE FROM ".$GO_CONFIG->dbprefix."newsletter_type WHERE nl_id='".addslashes($_GET['idnl'])."' LIMIT 1"; $db->sql_query($sql); $sql="DELETE FROM ".$GO_CONFIG->dbprefix."newsletter_recepient WHERE type_nl='".addslashes($_GET['idnl'])."' "; $db->sql_query($sql); }else if ($_GET['action']=="editnewsletter" AND $_GET['idnl']>0){ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."newsletter_type WHERE nl_id='".addslashes($_GET['idnl'])."' LIMIT 1"; $result = $db->sql_query($sql); $editnl = $db->sql_fetchrow($result); }else if ($_POST['action']=="updatenl" AND $_POST['idnl']>0 AND $_POST['nl_name'] AND $_POST['nlidgrowner']>0){ $sql="UPDATE ".$GO_CONFIG->dbprefix."newsletter_type SET name='".addslashes($_POST['nl_name'])."', gid_owner='".addslashes($_POST['nlidgrowner'])."' WHERE nl_id='".addslashes($_POST['idnl'])."' LIMIT 1"; $db->sql_query($sql); }else if ($_POST['action']=="addnewnl" AND $_POST['nlidgrowner']>0 AND $_POST['nl_name']){ $sql="INSERT INTO ".$GO_CONFIG->dbprefix."newsletter_type ( nl_id , name, gid_owner , last_send_date )VALUES ( '', '".addslashes($_POST['nl_name'])."', '".addslashes($_POST['nlidgrowner'])."', NOW( ) )"; $db->sql_query($sql); } //-----show lista if (is_sadmin()){ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."newsletter_type ORDER BY gid_owner, name "; }else{ $sql="SELECT st.* FROM ".$GO_CONFIG->dbprefix."newsletter_type st, ".$GO_CONFIG->dbprefix."users_group gr WHERE ( ( (st.gid_owner=gr.id_group) AND (gr.id_user='".addslashes(conf(id_user))."') ) ) ORDER BY st.name DESC"; //echo $sql; } $result = $db->sql_query($sql); include("config/config_newsletter.php"); if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //} else if ($op=="config_tpledit" AND is_moderator()){ //====================================================================------------------------------------------------------------------ } else if ($op=="config_tpledit" AND is_admin()){ if ($GO_CONFIG->external_tpl){ ob_start(); } //echo "sss"; echo ""; if ($GO_CONFIG->get_sesid()==$_POST['ss']){ if ($_POST["op"]=="config_tpledit" AND $_POST['op2']=="tplsource"){//save source if ($_POST['pt'] AND $_POST['tpl_tplsource'] AND is_file("form/menu_edpage/template/".$_POST['pt'].".tpl")){//update $handle = fopen("form/menu_edpage/template/".$_POST['pt'].".tpl", "wb"); $newstring =str_replace("TPLxPATH","include_web/tpl_preview/".$_POST['pt'],stripslashes($_POST['tpl_tplsource'])); $numbytes = fwrite($handle, $newstring); fclose($handle); // echo ok($numbytes." bytes written"); echo ok(round(($numbytes/1024),2)." KB written"); } }else if ($_POST["op"]=="config_tpledit" AND $_POST['op2']=="class"){//save class // if ($_POST['pt'] AND $_POST['tpl_class'] AND is_file("form/menu_edpage/template/".$_POST['pt'].".tpl")){//update if ($_POST['pt'] AND $_POST['tpl_class']){//update $filex=$_POST['pt']; $newstring =str_replace("TPLxPATH","tpl_preview/".$filex,stripslashes($_POST['tpl_class'])); $uchwyt = @fopen ("include_web/tpl_preview.css", "rb"); $ret=""; if ($uchwyt) { $is=0; while (!feof($uchwyt)) { $buffer = fgets($uchwyt, 4096); $buffer = str_replace("\n","",$buffer); $buffer = str_replace("\r","",$buffer); if ($buffer=="/* ---TPL:".$filex."S--- */") $is=1; else if ($buffer=="/* ---TPL:".$filex."E--- */") $is=2; if ($is<>1 AND $is<>2){ if ($buffer) $ret .= $buffer."\n"; } if ($is==2) { $ret .="\n/* ---TPL:".$filex."S--- */\n"; $ret .=$newstring; $ret .="\n/* ---TPL:".$filex."E--- */\n"; $is=0; } } fclose ($uchwyt); } if ($ret){ $uchwyt = fopen("include_web/tpl_preview.TMP_update", 'wb'); if ($uchwyt) { $numbytes=fwrite($uchwyt, $ret); // echo ok(round(($numbytes/1024),2)." KB written"); echo ok(round((strlen($newstring)/1024),2)." KB written"); fclose($uchwyt); } } if (copy("include_web/tpl_preview.TMP_update","include_web/tpl_preview.css")); unlink("include_web/tpl_preview.TMP_update"); }//aaaaaaaaaaaaaaaaa }else if ($_POST["op"]=="config_tpledit" AND $_POST['op2']=="image"){//save image echo "save image todo..."; if ($_POST['pt'] AND $_POST['dz_deletetpl_img'] AND $_POST['f_mod_tpl_img']){//delete echo ok("DELETED"); if (is_file("include_web/tpl_preview/".$_POST['pt']."/".$_POST['f_mod_tpl_img'])) unlink("include_web/tpl_preview/".$_POST['pt']."/".$_POST['f_mod_tpl_img']); else echo error(_NOFOUNDFILE); }else if ($_POST['pt'] AND $_FILES['new_mtpl_img']['name']){//upload $new_name=str_replace(" ","_",$_FILES['new_mtpl_img']['name']); $new_name=str_replace("..","x",$new_name); if (move_uploaded_file($_FILES['new_mtpl_img']['tmp_name'], "include_web/tpl_preview/".$_POST['pt']."/".$new_name)){ echo ok("UPLOAD OK"); }else echo error(_NOLUPOADED); } }else if ($_POST["op"]=="config_tpledit" AND $_POST['f_mod_tpl'] AND $_POST["make_new_tpl"] AND $_POST['name_new_tpl'] AND is_admindzial($_POST['dz'],1)){//COPY AND SAVE AS NEW TPL // echo "NEW TPL SAVE FROM"; $_POST['name_new_tpl']=clear_username($_POST['name_new_tpl']); if (!is_dir("include_web/tpl_preview/".$_POST['name_new_tpl']) AND !is_file("form/menu_edpage/template/".$_POST['name_new_tpl'].".tpl")){ //--make image dir if (mkdir("include_web/tpl_preview/".$_POST['name_new_tpl'])){ //copy tpl copy("form/menu_edpage/template/".$_POST['f_mod_tpl'].".tpl","form/menu_edpage/template/".$_POST['name_new_tpl'].".tpl"); //---replace $uchwyt = @fopen ("form/menu_edpage/template/".$_POST['name_new_tpl'].".tpl", "rb"); $ret=""; while (!feof($uchwyt)) { $buffer = fgets($uchwyt, 4096); $ret .= $buffer; } fclose ($uchwyt); if ($ret){ $uchwyt = fopen("form/menu_edpage/template/".$_POST['name_new_tpl'].".tpl", 'wb'); if ($uchwyt) { $ret=str_replace($_POST['f_mod_tpl'],$_POST['name_new_tpl'],$ret); fwrite($uchwyt, $ret); fclose($uchwyt); } } //------------------ // copy("form/menu_edpage/template/".$_POST['f_mod_tpl'].".txt","form/menu_edpage/template/".$_POST['name_new_tpl'].".txt"); $uchwyt = fopen("form/menu_edpage/template/".$_POST['name_new_tpl'].".txt", 'wb'); if ($uchwyt) { fwrite($uchwyt, $_POST['name_new_tpl'].">"); fclose($uchwyt); } //copy class start $filex=$_POST['f_mod_tpl']; $uchwyt = @fopen ("include_web/tpl_preview.css", "rb"); $ret=""; if ($uchwyt) { $is=0; $newstring=""; while (!feof($uchwyt)) { $buffer = fgets($uchwyt, 4096); $buffer = str_replace("\n","",$buffer); $buffer = str_replace("\r","",$buffer); if ($buffer=="/* ---TPL:".$filex."S--- */") $is=1; else if ($buffer=="/* ---TPL:".$filex."E--- */") $is=2; if ($buffer) $ret .= $buffer."\n"; if ($is==1) { $newstring .= $buffer."\n"; } if ($is==2) { $newstring .= $buffer."\n"; // $newstring ="\n/* ---TPL:".$_POST['name_new_tpl']."S--- */\n".str_replace($filex,$_POST['name_new_tpl'],$newstring)."\n/* ---TPL:".$_POST['name_new_tpl']."E--- */\n"; $newstring =str_replace($filex,$_POST['name_new_tpl'],$newstring); $is=3; } } if ($newstring) $ret .=$newstring; fclose ($uchwyt); } if ($ret){ $uchwyt = fopen("include_web/tpl_preview.TMP_addnew", 'wb'); if ($uchwyt) { fwrite($uchwyt, $ret); fclose($uchwyt); } } if (copy("include_web/tpl_preview.TMP_addnew","include_web/tpl_preview.css")); unlink("include_web/tpl_preview.TMP_addnew"); //copy class end }else echo error(_CANTMAKEDIR); }else echo error(_NAMEALREADYEXIST); }else if ($_POST["op"]=="config_tpledit" AND $_POST["dz_gettpl"] AND is_admindzial($_POST['dz'],1)){//get ziped mTpl $GO_CONFIG->save_dzial_setting_gettpl($_POST['f_mod_tpl']); }else if ($_POST["op"]=="config_tpledit" AND $_POST["dz_uploadmtpl"] AND is_admindzial($_POST['dz'],1)){//wczytaj nowego mTPLa z pliku $GO_CONFIG->save_dzial_setting_uploadtpl($_FILES['new_mtpl']['name']); }else if ($_POST["op"]=="config_tpledit" AND $_POST['dz_deletetpl'] AND $_POST['f_mod_tpl']){//delete tpl if ($_POST['ss']==$GO_CONFIG->get_sesid()){ $erx=$GO_CONFIG->delete_tpl($_POST['f_mod_tpl']); if ($erx=="1") redirect("mod.php?dz=".getpost(dz)."&ss=".getpost(ss)."&op=config_tpledit"); else exit; }else echo error(_NOACCES); } }//if ss define("A_SETTING_TPL","1"); include("config/tpledit.php"); if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //===========================================================================================-------------------------------------------------------- } else if ($op=="config_news" AND is_moderator()){ //print_r($_GET);exit; if ($GO_CONFIG->external_tpl){ ob_start(); } //echo "=

---

---

dupa=".is_moderator(); if ($_GET['action']=="show_article"){ define("A_SHOWART","1"); if (is_sadmin()){ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."stories WHERE topic_id='".addslashes($_GET['topic'])."' ORDER BY startdate DESC,title"; }else{ $sql="SELECT st.* FROM ".$GO_CONFIG->dbprefix."stories st, ".$GO_CONFIG->dbprefix."topics tp, ".$GO_CONFIG->dbprefix."users_group gr WHERE ( ( (st.topic_id='".addslashes($_GET['topic'])."') AND (st.topic_id=tp.topic_id) AND (tp.gid_owner =gr.id_group) AND (gr.id_user='".addslashes(conf('id_user'))."') ) ) ORDER BY st.startdate DESC, st.title"; } $result = $db->sql_query($sql); }else if ($_GET['action']=="addnewarticle"){ define("A_ADDART","1"); $row=""; }else if ($_GET['action']=="editarticle"){ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."stories WHERE `sid`='".addslashes($_GET['idart'])."' limit 1"; $result = $db->sql_query($sql); $row=$db->sql_fetchrow($result); if ($_GET['idart']>0 AND $row['sid']>0) { define("A_EDITART","".$_GET['idart'].""); } }else if ($_GET['action']=="onarticle"){ if ($_GET[idart]>0) { $sql="UPDATE ".$GO_CONFIG->dbprefix."stories SET active='1' WHERE `sid`='".addslashes($_GET['idart'])."' limit 1"; $db->sql_query($sql); if ($_GET['retop']) redirect("mod.php?dz=".getpost(dz)."&ss=".$GO_CONFIG->get_sesid()."&op=config_news&action=".$_GET['retop']."&topic=".$_GET['topic'].""); } }else if ($_GET['action']=="offarticle"){ if ($_GET['idart']>0) { $sql="UPDATE ".$GO_CONFIG->dbprefix."stories SET active='0' WHERE `sid`='".addslashes($_GET['idart'])."' limit 1"; $db->sql_query($sql); if ($_GET['retop']) redirect("mod.php?dz=".getpost(dz)."&ss=".$GO_CONFIG->get_sesid()."&op=config_news&action=".$_GET['retop']."&topic=".$_GET['topic'].""); } }else if ($_GET['action']=="deletearticle"){ if ($_GET['idart']>0){ $sql="DELETE FROM ".$GO_CONFIG->dbprefix."stories WHERE `sid`='".addslashes($_GET['idart'])."' limit 1"; $db->sql_query($sql); //--------delete gallery start $dir="modules/News/gallery_images/".$_GET['idart']."/"; if (is_dir($dir)) { if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { if (is_file($dir.$file)){ unlink($dir.$file); } }//while } rmdir($dir); } //--------delete gallery end if ($_GET['retop']) redirect("mod.php?dz=".getpost(dz)."&ss=".$GO_CONFIG->get_sesid()."&op=config_news&action=".$_GET['retop']."&topic=".$_GET['topic'].""); } //-- }else if (getpost(action)=="addtopic"){ if ($_POST['subtopicid']<>"" AND $_POST['idgrowner']>0){ if ($_POST[newnametopic]<>""){ //---spr perm for topics if ($_POST['subtopicid']=="0" AND is_sadmin()){ $error=0; }else if ($_POST['subtopicid']>"0"){ $sql="SELECT tp.* FROM ".$GO_CONFIG->dbprefix."topics tp, ".$GO_CONFIG->dbprefix."users_group gr WHERE ( ( (tp.topic_id='".addslashes($_POST['subtopicid'])."') AND (tp.gid_owner =gr.id_group) AND (gr.id_user='".addslashes(conf(id_user))."') ) OR ( (tp.topic_id='".addslashes($_POST['subtopicid'])."') AND (gr.id_group ='4') AND (gr.id_user='".addslashes(conf(id_user))."') ) ) limit 1"; $result=$db->sql_query($sql); if ($db->sql_numrows($result)==1) $error=0; else $error=1; }else{ $error=1; } //---spr perm for topics end if (!$error){ if ($_POST['ftopicactive']==1) $ftopicactive=1; else $ftopicactive=0; $sql="INSERT INTO ".$GO_CONFIG->dbprefix."topics ( topic_id, topicname, topicimage, topictext, counter, id2, active, gid_owner, id_domain )VALUES( '','".addslashes($_POST['newnametopic'])."','','','','".addslashes($_POST['subtopicid'])."','".addslashes($ftopicactive)."','".addslashes($_POST['idgrowner'])."','' )"; //echo $sql; $db->sql_query($sql); $lastgrid=$db->sql_nextid(); //----------------------------------dodaje nowe zdjecie dla topica if ($lastgrid>0 AND $_FILES["uplotopicimg"]["tmp_name"]){ //-----deletr first unlink("modules/News/imagetopic/".addslashes($lastgrid).".jpg"); unlink("modules/News/imagetopic/".addslashes($lastgrid).".gif"); //----file start $uploaddir="modules/News/imagetopic/"; if (!is_dir($uploaddir)) mkdir($uploaddir); // $max_x=$GO_CONFIG->Ads_widthimagebig; // $max_y=$GO_CONFIG->Ads_heightimagebig; $max_x=100; $max_y=150; $jpeg_quality=60; $file_extension = strtolower(substr(strrchr($_FILES["uplotopicimg"]["name"],"."),1)); $userimage=$lastgrid.".".$file_extension; if(!move_uploaded_file($_FILES["uplotopicimg"]["tmp_name"], $uploaddir.$userimage)) { echo error(_NOUPLOADFILE); }else{ $source=$uploaddir.$userimage; resize_existing_photo ($source,$uploaddir,$userimage,1,$max_x,$max_y,$jpeg_quality); } //----file end } //----------------------------------dodaje zdjecieend // if ($_GET[retop]) redirect("mod.php?dz=".getpost(dz)."&ss=".$GO_CONFIG->get_sesid()."&op=config_news&action=".$_GET[retop]."&topic=".$_GET['ftopicid'].""); }else{ echo error(_NOPERM); } } }else if ($_GET['topic']<>""){ define("A_ADDTOPIC",1); } }else if (getpost(action)=="edittopic" ){ if ($_POST['subtopicid']<>"" AND $_POST['idgrowner']>0 AND $_POST['idtopicedid']>0){ if ($_POST['newnametopic']<>""){ //---spr perm for topics if ($_POST['subtopicid']=="0" AND is_sadmin()){ $error=0; }else if ($_POST['subtopicid']>"0"){ $sql="SELECT tp.* FROM ".$GO_CONFIG->dbprefix."topics tp, ".$GO_CONFIG->dbprefix."users_group gr WHERE ( ( (tp.topic_id='".addslashes($_POST['subtopicid'])."') AND (tp.gid_owner =gr.id_group) AND (gr.id_user='".addslashes(conf(id_user))."') ) OR ( (tp.topic_id='".addslashes($_POST['subtopicid'])."') AND (gr.id_group ='4') AND (gr.id_user='".addslashes(conf(id_user))."') ) ) limit 1"; $result=$db->sql_query($sql); if ($db->sql_numrows($result)==1) $error=0; else $error=1; }else{ echo error(_NOPERM); } //---spr perm for topics end if (!$error){ if ($_POST['idtopicedid']<>""){ if ($_POST[ftopicactive]==1) $ftopicactive=1; else $ftopicactive=0; $sql="UPDATE ".$GO_CONFIG->dbprefix."topics SET topicname='".addslashes($_POST['newnametopic'])."', id2='".addslashes($_POST['subtopicid'])."', gid_owner ='".addslashes($_POST['idgrowner'])."', active='".addslashes($ftopicactive)."' WHERE `topic_id`='".addslashes($_POST['idtopicedid'])."' limit 1"; $db->sql_query($sql); //echo $sql;exit; //----------------------------------dodaje nowe zdjecie dla topica if ($_FILES["uplotopicimg"]["tmp_name"]){ //-----deletr first unlink("modules/News/imagetopic/".addslashes($_POST['idtopicedid']).".jpg"); unlink("modules/News/imagetopic/".addslashes($_POST['idtopicedid']).".gif"); //----file start $uploaddir="modules/News/imagetopic/"; if (!is_dir($uploaddir)) mkdir($uploaddir); // $max_x=$GO_CONFIG->Ads_widthimagebig; // $max_y=$GO_CONFIG->Ads_heightimagebig; $max_x=100; $max_y=150; $jpeg_quality=60; $file_extension = strtolower(substr(strrchr($_FILES["uplotopicimg"]["name"],"."),1)); $userimage=$_POST[idtopicedid].".".$file_extension; if(!move_uploaded_file($_FILES["uplotopicimg"]["tmp_name"], $uploaddir.$userimage)) { echo error(_NOUPLOADFILE); }else{ $source=$uploaddir.$userimage; resize_existing_photo ($source,$uploaddir,$userimage,1,$max_x,$max_y,$jpeg_quality); } //----file end //----------------------------------kasuje zdjecie jak kazoano }else if ($_POST['deletetopicimg']==1){ unlink("modules/News/imagetopic/".addslashes($_POST[idtopicedid]).".jpg"); unlink("modules/News/imagetopic/".addslashes($_POST[idtopicedid]).".gif"); } //---------------------------------end kasowaanie zdjec if ($_POST[opret]) redirect("mod.php?dz=".getpost(dz)."&ss=".$GO_CONFIG->get_sesid()."&op=config_news&action=show_article&topic=".$_POST['ftopicid'].""); } }else{ echo error(_NOPERM); } } }else if ($_GET['topiced']>0){ $sql="SELECT tp.* FROM ".$GO_CONFIG->dbprefix."topics tp, ".$GO_CONFIG->dbprefix."users_group gr WHERE ( ( (tp.topic_id='".addslashes($_GET['topiced'])."') AND (tp.gid_owner =gr.id_group) AND (gr.id_user='".addslashes(conf(id_user))."') ) OR ( (tp.topic_id='".addslashes($_GET['topiced'])."') AND (gr.id_group ='4') AND (gr.id_user='".addslashes(conf(id_user))."') ) ) limit 1"; $result=$db->sql_query($sql); if ($db->sql_numrows($result)==1){ $rowtp=$db->sql_fetchrow($result); define("A_EDITTOPIC",1); } } }else if ($_GET['action']=="deletetopic"){ //---spr perm for topics if ($_GET['topic']>0 AND is_sadmin()){ $error=0; }else if ($_GET['topic']>0){ $sql="SELECT tp.* FROM ".$GO_CONFIG->dbprefix."topics tp, ".$GO_CONFIG->dbprefix."users_group gr WHERE ( ( (tp.topic_id='".addslashes($_GET['topic'])."') AND (tp.gid_owner =gr.id_group) AND (gr.id_user='".addslashes(conf(id_user))."') ) OR ( (tp.topic_id='".addslashes($_GET['topic'])."') AND (gr.id_group ='4') AND (gr.id_user='".addslashes(conf(id_user))."') ) ) limit 1"; $result=$db->sql_query($sql); if ($db->sql_numrows($result)==1) { $error=0; //----------------------------------kasuje zdjecie jak kazoano unlink("modules/News/imagetopic/".addslashes($_GET['topic']).".jpg"); unlink("modules/News/imagetopic/".addslashes($_GET['topic']).".gif"); //---------------------------------end kasowaanie zdjec }else $error=1; }else{ echo error(_NOPERM); } //---spr perm for topics end if (!$error){ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."stories WHERE topic_id='".addslashes($_GET['topic'])."' limit 1"; $result=$db->sql_query($sql); if ($db->sql_numrows($result)==1){ echo error(_TOPICHASSTORIES); }else{ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."topics WHERE id2='".addslashes($_GET['topic'])."' limit 1"; $result=$db->sql_query($sql); if ($db->sql_numrows($result)==1){ echo error(_TOPICHASSUNTOPICS); }else{ $sql="DELETE FROM ".$GO_CONFIG->dbprefix."topics WHERE topic_id='".addslashes($_GET['topic'])."' limit 1"; $db->sql_query($sql); } } } }else if ($_GET['action']=="activetopic"){ if ($_GET[topic]>0) { $sql="UPDATE ".$GO_CONFIG->dbprefix."topics SET active='1' WHERE `topic_id`='".addslashes($_GET['topic'])."' limit 1"; $db->sql_query($sql); } }else if ($_GET['action']=="deactivetopic"){ if ($_GET[topic]>0) { $sql="UPDATE ".$GO_CONFIG->dbprefix."topics SET active='0' WHERE `topic_id`='".addslashes($_GET['topic'])."' limit 1"; $db->sql_query($sql); } }else if ($_POST['action']=="savegallerynews"){//--------------------------------------------------save news gallery if ($_POST['idart']>0){ // echo "sfsd"; //$_FILES['plik']['tmp_name']; //echo count($_FILES['tmp_name']);exit; //print_r($_FILES); //print_r($_POST); if (count($_POST['gal_news_delete'])>0){ for ($i=0;$i"; //-----upload new image if ($_FILES['gal_news']['tmp_name'][$i] AND is_file($_FILES['gal_news']['tmp_name'][$i])){ $ext=strtolower(substr($_FILES['gal_news']['name'][$i], -3, 3)); $fname=clear_username(substr($_FILES['gal_news']['name'][$i], 0, -4)); if (!is_dir("modules/News/gallery_images/")){ mkdir("modules/News/gallery_images/"); } if (!is_dir("modules/News/gallery_images/".$_POST['idart'])){ mkdir("modules/News/gallery_images/".$_POST['idart']); } $newdestpath="modules/News/gallery_images/".$_POST['idart']."/"; $newmainfile=$fname.".".strtolower($ext); $newthumbfile="thumb_".$fname.".".strtolower($ext); $newfile=$newdestpath.$newmainfile; //print_r($_FILES); if(!move_uploaded_file($_FILES['gal_news']['tmp_name'][$i], $newfile)){ echo error(_ERROR.": Cant upload file"); $error=1; }else{ //ng_maxx ng_maxy ng_quality //--------zoom if (getpost('ng_maxx')) $imgmaxx=getpost('ng_maxx'); else if ($GO_CONFIG->imgmax_x) $imgmaxx=$GO_CONFIG->imgmax_x; else if (!$GO_CONFIG->Gallery_widthimagebig) $imgmaxx=300; else $imgmaxx=$GO_CONFIG->Gallery_widthimagebig; if (getpost('ng_maxy')) $imgmaxy=getpost('ng_maxy'); else if ($GO_CONFIG->imgmax_y) $imgmaxy=$GO_CONFIG->imgmax_y; else if (!$GO_CONFIG->Gallery_heightimagebig) $imgmaxy=400; else $imgmaxy=$GO_CONFIG->Gallery_heightimagebig; //-------thumbal if (!$GO_CONFIG->Gallery_widthimage) $imgmaxtx=200; else $imgmaxtx=$GO_CONFIG->Gallery_widthimage; if (!$GO_CONFIG->Gallery_heightimage) $imgmaxty=200; else $imgmaxty=$GO_CONFIG->Gallery_heightimage; //--------quality if (getpost('ng_quality')) $imgquality=getpost('ng_quality'); else if ($GO_CONFIG->imgquality) $imgquality=$GO_CONFIG->imgquality; else if (!$GO_CONFIG->Gallery_quality) $imgquality=65; else $imgquality=$GO_CONFIG->Gallery_quality; //echo $imgmaxx."==".$imgmaxy;exit; // resize_existing_photo ($newfile,$newdestpath,$newthumbfile,1,$imgmaxtx,$imgmaxty,60); //make thumb resize_existing_photo ($newfile,$newdestpath,$newmainfile,1,$imgmaxx,$imgmaxy,$imgquality); //resize resize_existing_photo ($newfile,$newdestpath,$newthumbfile,1,$imgmaxtx,$imgmaxty,$imgquality); //make thumb } } //-----end upload new image } } //echo "===".$ile; //exit; } redirect("mod.php?dz=5&action=editarticle&idart=".$_POST['idart']."&ss=".$GO_CONFIG->get_sesid()."&op=config_news&opret=show_article&topic=".$_POST['ftopicid']."&off_right=off&off_left=off"); }else if ($_POST['action']=="saveeditnews"){//--------------------------------------------------save news article //echo "===$_POST[dz_save],$_POST[ftitle],$_POST[ftopicid]"; if ($_POST['dz_save']<>"" AND $_POST['ftitle']<>"" AND $_POST['f_content']<>"" AND $_POST['ftopicid']>0){ //---spr perm for topics if (!is_admin() OR !is_sadmin()){ $sql="SELECT tp.* FROM ".$GO_CONFIG->dbprefix."topics tp, ".$GO_CONFIG->dbprefix."users_group gr WHERE ( ( (tp.topic_id='".addslashes($_POST['ftopicid'])."') AND (tp.gid_owner =gr.id_group) AND (gr.id_user='".addslashes(conf(id_user))."') ) ) limit 1"; $result=$db->sql_query($sql); $row=$db->sql_fetchrow($result); if (!$row[topic_id]) $error=1; else $error=0; } //---spr perm for topics end if (!$error){ $startdate=date2imestamp($_POST['fstart_date']); $today=date2imestamp(gdate('sql')); //fcalenddate //fin_calendar if ($_POST['fin_calendar']){ $incalendar ="in_calendar='1',"; $dataendcal=date2imestamp($_POST['fcalenddate']); if (!$dataendcal OR $dataendcal<$startdate) $dataendcal=$startdate; $data_calendar_end=$dataendcal; $incalendar .="calenddate='".addslashes($dataendcal)."',"; }else{ $incalendar ="in_calendar='0',calenddate=NULL,"; } // $f_content=corect_to_save($_POST['f_content']); if ($_POST['idart']>0){ if (!$_POST[factive]) $active=0; else $active=1; if (strpos($_POST['f_content'], "src=")===false AND strpos($_POST['f_content'], "SRC=")===false){ $isimage=0; $oneimage=""; }else{ $isimage=1; $oneimage=get_first_img($_POST['f_content'],1); } $sqladd=",`id_owner`='".addslashes($_POST['fidowner'])."', `gid_owner`='".addslashes($_POST['fgidowner'])."'"; $sql="UPDATE ".$GO_CONFIG->dbprefix."stories SET startdate='".addslashes($startdate)."', ".$incalendar." title='".addslashes($_POST['ftitle'])."', bodytext ='".corect_to_save($_POST['f_content'])."', topic_id='".addslashes($_POST['ftopicid'])."', author ='".addslashes($_POST['fautor'])."', active='".addslashes($factive)."', is_image='".$isimage."', one_image='".addslashes($oneimage)."' $sqladd WHERE `sid`='".addslashes($_POST['idart'])."' limit 1"; $db->sql_query($sql); //------------insert into calendar start // if ($_POST['fin_calendar']){ // } $sql="DELETE FROM ".$GO_CONFIG->dbprefix."Calendar WHERE id_stories='".addslashes($_POST['idart'])."' LIMIT 1"; $db->sql_query($sql); if ($_POST['fin_calendar']){ $sql="INSERT INTO ".$GO_CONFIG->dbprefix."Calendar ( id, id_page, cat_id, ext,id_language ,id_group_owner ,id_owner , id_stories , title ,startdate ,todate, active )VALUES( '','0','0','','0','0','0', '".addslashes($_POST['idart'])."','".addslashes($_POST['ftitle'])."','".addslashes($startdate)."','".addslashes($data_calendar_end)."', '1' )"; $db->sql_query($sql); } //------------insert into calendar end if ($_POST['opret']) redirect("mod.php?dz=".getpost(dz)."&ss=".$GO_CONFIG->get_sesid()."&op=config_news&action=show_article&topic=".$_POST['ftopicid'].""); }else{ if ($startdate>$today AND !$_POST['factive']) $active=0; else $active=1; if (strpos($_POST['f_content'], "src=")===false AND strpos($_POST['f_content'], "SRC=")===false){ $isimage=0; $oneimage=""; }else{ $isimage=1; $oneimage=get_first_img($_POST['f_content'],1); } if (is_sadmin()) $owner=addslashes($_POST['fidowner']); else $owner=conf(id_user); if ($_POST['fin_calendar']){ $incalendar ="'1',"; $dataendcal=date2imestamp($_POST['fcalenddate']); if (!$dataendcal OR $dataendcal<$startdate) $dataendcal=$startdate; $data_calendar_end=$dataendcal; $incalendar .="'".addslashes($dataendcal)."',"; }else{ $incalendar ="'0',NULL,"; } $sql="INSERT INTO ".$GO_CONFIG->dbprefix."stories ( `sid`, `aid` , `title`, `startdate`, `in_calendar`,`calenddate`, `hometext` , `bodytext`, `comments`, `counter`, `topic_id`, `informant`, `notes`, `ihome`, `author`, `acomm`, `haspoll`, `pollID`, `score`, `ratings`, `active`, `inform_mail`, `is_image`, `one_image`, `id_miasto`, `id_owner`, `gid_owner` )VALUES( '','".conf(user)."', '".addslashes($_POST['ftitle'])."','".addslashes(date2imestamp($_POST['fstart_date']))."', ".$incalendar." '','".corect_to_save($_POST['f_content'])."', '','', '".addslashes($_POST['ftopicid'])."', '','','','".addslashes($_POST['fautor'])."', '','','','','', '".addslashes($active)."','','".$isimage."','".addslashes($oneimage)."','', '".$owner."','".addslashes($_POST['fgidowner'])."' )"; $db->sql_query($sql); //------------insert into calendar start $lastgrid=$db->sql_nextid(); if ($_POST['fin_calendar'] AND $lastgrid>0){ $sql="INSERT INTO ".$GO_CONFIG->dbprefix."Calendar ( id, id_page, cat_id, ext,id_language ,id_group_owner ,id_owner , id_stories , title ,startdate ,todate, active )VALUES( '','0','0','','0','0','0', '".addslashes($lastgrid)."','".addslashes($_POST['ftitle'])."','".addslashes(date2imestamp($_POST['fstart_date']))."','".addslashes($data_calendar_end)."', '1' )"; $db->sql_query($sql); } //------------insert into calendar end //echo $sql;exit; // if ($_GET[retop]) redirect("mod.php?dz=".getpost(dz)."&ss=".$GO_CONFIG->get_sesid()."&op=config_news&action=".$_GET[retop]."&topic=".$_GET['ftopicid'].""); redirect("mod.php?dz=".getpost(dz)."&off_right=off&off_left=off&ss=".$GO_CONFIG->get_sesid()."&op=config_news&action=addnewarticle&topic=".$_POST['ftopicid']."&eddate=".$startdate."&edlang=".$_POST['cat_language'].""); } }else{ echo error(_NOPERM); } //echo "ddd"; // if ($_POST[opret]) redirect("mod.php?dz=".getpost(dz)."&ss=".$GO_CONFIG->get_sesid()."&op=config_news&action=".$_POST[opret]."&topic=".$_POST['topic'].""); }else echo error(_FILLTITLEANDCONTENT); } include("config/news.php"); if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //====================================================================================================------------------------------------------------------------------- } else if ($op=="config_acces" AND is_admin()){ if ($GO_CONFIG->external_tpl){ ob_start(); } if (($_GET['delip']>0 OR $_GET['delip']=="*") AND $_GET['deltype'] AND $_GET['action']=="delip"){ //-------------------------------spr deny for delete self $delete=1; if (get_userip()==$_GET['delip'] OR $_GET['delip']=="*"){ if ($_GET['delip']=="*"){ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."acces_ip WHERE `type`='".addslashes($_GET['deltype'])."' AND ( (a_ip='".addslashes(get_userip())."' AND acces='1') ) "; }else{ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."acces_ip WHERE `type`='".addslashes($_GET['deltype'])."' AND ( (a_ip='*' AND acces='1') ) "; } //echo $sql; $result = $db->sql_query($sql); $ilejest=$db->sql_numrows($result); if ($ilejest>0) $delete=1; else $delete=0; } //--------------------------------end spr delete self if ($delete){ $sql="DELETE FROM ".$GO_CONFIG->dbprefix."acces_ip WHERE a_ip ='".addslashes($_GET['delip'])."' AND `type`='".addslashes($_GET['deltype'])."' limit 1"; $db->sql_query($sql); }else echo error(_CANTDELETESELF); }else if ($_POST['newipadd']<>"" AND $_POST['addtype'] AND ($_POST['ipacces']=="0" OR $_POST['ipacces']=="1")){ //-----------------------------------spr deny for delete self $cadd=1; if (!$_POST['ipacces'] AND (get_userip()==$_POST['newipadd'] OR $_POST['newipadd']=="*")){ if ($_POST['newipadd']=="*"){ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."acces_ip WHERE `type`='".addslashes($_POST['addtype'])."' AND ( (a_ip='".addslashes(get_userip())."' AND acces='1') ) "; }else{ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."acces_ip WHERE `type`='".addslashes($_GET['deltype'])."' AND ( (a_ip='*' AND acces='1') ) "; } //echo $sql; $result = $db->sql_query($sql); if ($db->sql_numrows($result)) $cadd=1; else $cadd=0; } //--------------------------------------end spr self if ($cadd){ if ($_POST['ipacces']==1) $ipacces=1; else $ipacces=0; $sql="INSERT INTO ".$GO_CONFIG->dbprefix."acces_ip ( a_ip,`type`,acces )VALUES( '".addslashes($_POST['newipadd'])."','".addslashes($_POST['addtype'])."','".$ipacces."' )"; //echo $sql; $db->sql_query($sql); }else echo error(_CANTADDSELF); } include("config/acces.php"); if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //===================================================================================-------------------------------------------------------------- } else if ($op=="config_liveupdate" AND is_sadmin()){//---------------------------------------------------------------------- LIVE UPDATE if ($GO_CONFIG->external_tpl){ ob_start(); } if ($_POST['update_modules']){//------------------------------------------- update modules ini_set("memory_limit","150M"); $result_update_modules=""; //echo $GO_CONFIG->updateacmsurl; exit; if ($_POST['update_modules'] AND $_POST['ss']==$GO_CONFIG->get_sesid()){ //print_r($_POST); if ($_POST['ssupdate'] AND $_POST['ident'] AND $_POST['updatedmod'] AND $_POST['updatevfrom']){ // $listtoupdate=$_POST['updatedmod']; // $listtoupdate=$_POST['updatedmod']; $listtoupdate=array(); $xx=$_POST['updatedmod']; if (is_array($xx)) $listtoupdate=$xx; else $listtoupdate[0]=$xx; $listvfrom=$_POST['updatevfrom']; //-----main //print_r($listtoupdate); if (in_array('MAIN_System_',$listtoupdate)){ $download_succes=false; $filev=$listvfrom['MAIN_System_']; $filefrom=$GO_CONFIG->updateacmsurl."?action=doupdate&ident=".$_POST['ident']."&updatemod=MAIN_System_&ssupdate=".$_POST['ssupdate']."&vfrom=".$filev; //echo $filefrom; if (download_fromweb($filefrom,"tmp_gwpe/MAIN_System__".$filev.".php")){ if (is_file("tmp_gwpe/MAIN_System__".$filev.".php") AND filesize("tmp_gwpe/MAIN_System__".$filev.".php")>0){ include("tmp_gwpe/MAIN_System__".$filev.".php"); unlink("tmp_gwpe/MAIN_System__".$filev.".php"); //----sql if (is_file("include/sql.php")){ include("include/sql.php"); if ($mod_update){ if ($GO_CONFIG->dbprefix<>"gwpe_") $mod_update=str_replace("gwpe_",$GO_CONFIG->dbprefix,$mod_update); require("classes/gwpe.class.Parse_Sql.inc"); $parsesql=new parse_sql(); $mod_update = $parsesql->remove_remarks($mod_update); $mod_update = $parsesql->remove_comments($mod_update); $mod_update = $parsesql->split_sql_file($mod_update, ";"); for ($i = 0; $i < sizeof($mod_update); $i++){ if (trim($mod_update[$i]) != ''){ // echo $mod_update[$i]; // echo "------------\n"; $sql=$mod_update[$i]; $db->sql_query($sql); } } } // unlink("include/sql.php"); $myString ="<"; $myString .="?\n"; $myString .="\$"; $myString .="mod_update="; $myString .="\"\";\n"; $myString .="?"; $myString .=">\n"; $fh=fopen('include/sql.php',"w"); // fwrite($fh,utf8_encode($myString)); fwrite($fh,$myString); fclose($fh); } //----sql end $download_succes=true; }else if (is_file("tmp_gwpe/MAIN_System__".$filev.".php")){ unlink("tmp_gwpe/MAIN_System__".$filev.".php"); } } if ($download_succes==true){ $result_update_modules .= ""; $result_update_modules .= ""; $result_update_modules .= "";+ $result_update_modules .= ""; $result_update_modules .=""._MAINSYSTEM.""; $result_update_modules .= ""; $result_update_modules .= ""; // $result_update_modules .="".$GO_CONFIG->version.""; // $result_update_modules .= "new version 111"; $result_update_modules .= ""; $result_update_modules .= ""; $result_update_modules .= "Update... OK"; $result_update_modules .= ""; $result_update_modules .= ""; }else{ $result_update_modules .= ""; $result_update_modules .= ""; $result_update_modules .= ""; $result_update_modules .= ""; $result_update_modules .=""._MAINSYSTEM.""; $result_update_modules .= ""; $result_update_modules .= ""; // $result_update_modules .="".$GO_CONFIG->version.""; // $result_update_modules .= "new version 111"; $result_update_modules .= ""; $result_update_modules .= ""; $result_update_modules .= "Update... ERROR"; $result_update_modules .= ""; $result_update_modules .= ""; } } //-----main end //----modules $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."perm WHERE types='im' AND installed='1' AND active='1' ORDER BY module_name "; $result = $db->sql_query($sql); while($row=$db->sql_fetchrow($result)){ if (in_array($row['module_name'],$listtoupdate)){ $download_succes=false; $filev=$listvfrom[$row['module_name']]; $filefrom=$GO_CONFIG->updateacmsurl."?action=doupdate&ident=".$_POST[ident]."&updatemod=".$row['module_name']."&ssupdate=".$_POST['ssupdate']."&vfrom=".$filev; if (download_fromweb($filefrom,"tmp_gwpe/".$row['module_name']."_".$filev.".php")){ if (is_file("tmp_gwpe/".$row['module_name']."_".$filev.".php") AND filesize("tmp_gwpe/".$row['module_name']."_".$filev.".php")>0){ include("tmp_gwpe/".$row['module_name']."_".$filev.".php"); unlink("tmp_gwpe/".$row['module_name']."_".$filev.".php"); //----sql if (is_file("./modules/".$row['module_name']."/info/sql.php")){ include("./modules/".$row['module_name']."/info/sql.php"); if ($mod_update){ if ($GO_CONFIG->dbprefix<>"gwpe_") $mod_update=str_replace("gwpe_",$GO_CONFIG->dbprefix,$mod_update); require("classes/gwpe.class.Parse_Sql.inc"); $parsesql=new parse_sql(); $mod_update = $parsesql->remove_remarks($mod_update); $mod_update = $parsesql->remove_comments($mod_update); $mod_update = $parsesql->split_sql_file($mod_update, ";"); for ($i = 0; $i < sizeof($mod_update); $i++){ if (trim($mod_update[$i]) != ''){ // echo $mod_update[$i]; // echo "------------\n"; $sql=$mod_update[$i]; $db->sql_query($sql); } } } // unlink("./modules/".$row[module_name]."/info/sql.php"); } //----sql end $download_succes=true; }else if (is_file("tmp_gwpe/".$row['module_name']."_".$filev.".php")){ unlink("tmp_gwpe/".$row['module_name']."_".$filev.".php"); } } if ($download_succes==true){ $result_update_modules .= ""; $result_update_modules .= ""; $result_update_modules .= ""; $result_update_modules .= ""; $result_update_modules .= $row['module_name']; $result_update_modules .= ""; $result_update_modules .= ""; // $result_update_modules .= "new version 222"; $result_update_modules .= ""; $result_update_modules .= ""; $result_update_modules .= "Update... OK"; $result_update_modules .= ""; $result_update_modules .= ""; }else { $result_update_modules .= ""; $result_update_modules .= ""; $result_update_modules .= ""; $result_update_modules .= ""; $result_update_modules .= $row['module_name']; $result_update_modules .= ""; $result_update_modules .= ""; // $result_update_modules .= "new version 222"; $result_update_modules .= ""; $result_update_modules .= ""; $result_update_modules .= "Update... ERROR"; $result_update_modules .= ""; $result_update_modules .= ""; } }//if mod do udate w array }//while $result_update_modules .= ""; $result_update_modules .= ""; $result_update_modules .= "

---

"; $result_update_modules .= ""._DOREPEATUPDATE.""; $result_update_modules .= "

"; $result_update_modules .= "get_sesid()."&op=config_liveupdate\">"; $result_update_modules .= img("ico/refresh99.png",_LIVEUPDATE,16,16); $result_update_modules .= " "; $result_update_modules .= ""._LIVEUPDATE.""; $result_update_modules .= ""; $result_update_modules .= "   "; $result_update_modules .= "

"; $result_update_modules .= ""; $result_update_modules .= ""; //----modules end } } //echo "sssssssssss"; $versions_mods=""; $versions_mods_toupdate=""; // include("config/liveupdate.php"); }else if ($_POST['checkout_modules']){//----------------------------------- sprawdzenie dostepnych if (count($_POST['installedmod'])>0){ $versions_mods['MAIN_System_']=$GO_CONFIG->version; $versions_mods_toupdate['MAIN_System_']="0.0"; foreach($_POST[installedmod] as $modname){ $modname=str_replace("..","x",$modname); if (is_dir("modules/".$modname."/info")){ if (is_file("modules/".$modname."/info/info.txt")){ $info=getFile("modules/".$modname."/info/info.txt"); $info=str_replace("\n\r","\n",$info); $info=explode("\n",$info); list($name,$version)=split(":",$info[1]); $versions_mods[$modname]=$version; $versions_mods_toupdate[$modname]="0.0"; } } }//foreach if ($versions_mods){//---------------------------------------sprawdzam jakie sa aktualne wersje dostepne $ret_modver=open_page($GO_CONFIG->updateacmsurl,"action=sprmod&smod=sss&cvmod=".Array2txt($versions_mods)); $actual_modver=txt2Array(stripslashes($ret_modver)); if (count($actual_modver)>0){ foreach($actual_modver as $mname => $mvalue){ $versions_mods_toupdate[$mname]=$mvalue; } } } } }else { $versions_mods=""; $versions_mods_toupdate=""; } include("config/liveupdate.php"); if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //============================================================================================------------------------------------------------------------------------- } else if ($op=="config_security" AND is_admin()){//------------------------------------------------------------------------- SECURITY if ($GO_CONFIG->external_tpl){ ob_start(); } if ($_GET['action']=="delgroup" AND $_GET['grcfg']>99 AND $_GET['sm']=="0"){ $sql="DELETE FROM ".$GO_CONFIG->dbprefix."group WHERE id='".addslashes($_GET['grcfg'])."' limit 1"; $db->sql_query($sql); //delusergroup $sql="DELETE FROM ".$GO_CONFIG->dbprefix."users_group WHERE id_group ='".addslashes($_GET['grcfg'])."' limit 1"; $db->sql_query($sql); //delperm $sql="DELETE FROM ".$GO_CONFIG->dbprefix."perm WHERE id_group='".addslashes($_GET['grcfg'])."' limit 1"; $db->sql_query($sql); //update-domain-owner // $sql="UPDATE ".$GO_CONFIG->dbprefix."domain SET id_owner='1' WHERE id_owner=".addslashes($_GET[grcfg])."' "; // $db->sql_query($sql); //updat-topics-owner $sql="UPDATE ".$GO_CONFIG->dbprefix."topics SET id_group_owner='1' WHERE id_group_owner=".addslashes($_GET['grcfg'])."' "; $db->sql_query($sql); //updat-stories-owner $sql="UPDATE ".$GO_CONFIG->dbprefix."stories SET gid_owner='1' WHERE gid_owner=".addslashes($_GET['grcfg'])."' "; $db->sql_query($sql); }else if ($_POST['gr_addnew'] AND $_POST['sm']=="0"){ $sql="INSERT INTO ".$GO_CONFIG->dbprefix."group (id,name,gid_owner)VALUES('','".addslashes($_POST['gr_addnew'])."','".addslashes($_POST['gr_groupacces'])."')"; $db->sql_query($sql); $lastgrid=$db->sql_nextid(); //echo $sql; //add self for new group $sql="INSERT INTO ".$GO_CONFIG->dbprefix."users_group (id_user, id_group , gid_owner )VALUES('".addslashes(conf(id_user))."','".addslashes($_POST['gr_groupacces'])."','".addslashes($_POST['gr_groupacces'])."')"; $db->sql_query($sql); $lastgridGR=$db->sql_nextid(); if ($lastgrid<100 AND $lastgrid>1){ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."group WHERE id>'99' ORDER BY id DESC limit 1"; $result = $db->sql_query($sql); $row=$db->sql_fetchrow($result); $newid=$row[id]+1; if ($newid<100) $newid=100; $sql="UPDATE ".$GO_CONFIG->dbprefix."group SET id='$newid' WHERE id='$lastgrid' limit 1"; $db->sql_query($sql); //group $sql="UPDATE ".$GO_CONFIG->dbprefix."users_group SET id_group='".$lastgrid."', gid_owner ='".$lastgrid."' WHERE id_ug='".$lastgrid."' limit 1"; $db->sql_query($sql); }else if ($lastgrid<1){ echo error(_GROUPEXIST); } }else if ($_POST[sm]=="0"){ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."group WHERE id>'99' ORDER BY name"; $result = $db->sql_query($sql); while($row=$db->sql_fetchrow($result)){ if ($row['name']<>$_POST["gr_".$row['id']] AND $_POST["gr_".$row['id']]<>""){ $sql="UPDATE ".$GO_CONFIG->dbprefix."group SET name='".addslashes($_POST["gr_".$row['id']])."' WHERE id='".$row['id']."' limit 1"; $db->sql_query($sql); } } }else if ($_POST['updateuser'] AND $_POST['sm']==1){//update user if (is_sadmin()){ // if ($_POST[u_uid] AND $_POST[u_user] AND $_POST[u_user_emal] AND $_POST[u_user_username] AND $_POST[eaged] AND $_POST[eagem] AND $_POST[eagey]){ if ($_POST['u_uid'] AND $_POST['u_user'] AND $_POST['u_user_emal'] AND $_POST['u_user_username']){ if ($_POST['u_user_passwd2'] AND $_POST['u_user_passwd']<>"" AND $_POST['u_user_passwd']<>" " AND $_POST['u_user_passwd']<>" " AND $_POST['u_user_passwd']<>" "){ if ($_POST['u_user_passwd2']==$_POST['u_user_passwd']){ $id_unique = md5(uniqid(rand())); $hash = crypt($_POST['u_user_passwd2'], substr($_POST['u_user_passwd2'], 0, 2)); $add=" passwd='".addslashes($hash)."', "; }else { echo error(_PASSWD); $add=""; } }else $add=""; $_POST['u_user_username']=clear_username($_POST['u_user_username']); $sql = "SELECT * FROM ".$GO_CONFIG->dbprefix."users where user like '".addslashes($_POST['u_user_username'])."' AND id<>'".addslashes($_POST['u_uid'])."' limit 1"; $result = $db->sql_query($sql); $authuser = $db->sql_numrows($result); $sql = "SELECT * FROM ".$GO_CONFIG->dbprefix."users where email='".addslashes($_POST['u_user_emal'])."' AND id<>'".addslashes($_POST['u_uid'])."' limit 1"; $result = $db->sql_query($sql); $authemail = $db->sql_numrows($result); //eage //echo $authuser."==".$authemail; if (!$authuser AND !$authemail){ // $eage=date2timestamp($_POST[eaged]."-".$_POST[eagem]."-".$_POST[eagey]); $sql="UPDATE ".$GO_CONFIG->dbprefix."users SET user='".addslashes($_POST['u_user_username'])."', email='".addslashes($_POST['u_user_emal'])."', ".$add." eage='".addslashes($eage)."' WHERE id='".addslashes($_POST['u_uid'])."' AND user='".addslashes($_POST['u_user'])."' limit 1"; $db->sql_query($sql); //------group if ($_POST['u_user_groups']){ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."users_group WHERE id_user='".addslashes($_POST['u_uid'])."' AND id_group='".addslashes($_POST['u_user_groups'])."' LIMIT 1"; $resultg = $db->sql_query($sql); $row_gr=$db->sql_fetchrow($resultg); if ($row_gr['id_group'] != $_POST['u_user_groups']){ $sql="INSERT INTO ".$GO_CONFIG->dbprefix."users_group ( id_ug, id_user, id_group, gid_owner )VALUES( '','".addslashes($_POST['u_uid'])."','".addslashes($_POST['u_user_groups'])."','1' )"; $db->sql_query($sql); } //-----------update group $sql="SELECT id_group FROM ".$GO_CONFIG->dbprefix."users_group WHERE id_user='".addslashes($_POST['u_uid'])."' AND id_group='".addslashes($_POST['u_user_groups'])."' ORDER BY id_group DESC LIMIT 1"; $resultg = $db->sql_query($sql); $row_gr=$db->sql_fetchrow($resultg); if ($row_gr['id_group']>0){ $sql="UPDATE ".$GO_CONFIG->dbprefix."users SET id_group='".addslashes($row_gr['id_group'])."' WHERE id='".addslashes($_POST['u_uid'])."' AND user='".addslashes($_POST['u_user'])."' LIMIT 1"; $db->sql_query($sql); } } //------group //echo $sql; }else echo error(_USERADDEXIST); }else echo error(); }else echo error(); }else if (($_POST['usersearch_user'] OR $_POST['addnewuser']) AND $_POST['sm']==1){ //echo "sss";exit; if ($_POST['addnewuser'] AND $_POST['user_username'] AND $_POST['user_emal'] AND $_POST['user_passwd'] AND ($_POST['user_passwd'] == $_POST['user_passwd2']) AND $_POST['user_groups']>0){ $id_unique = md5(uniqid(rand())); $hash = crypt($_POST['user_passwd2'], substr($_POST['user_passwd2'], 0, 2)); $_POST['user_username']=clear_username($_POST['user_username']); $sql = "SELECT * FROM ".$GO_CONFIG->dbprefix."users where user like '".addslashes($_POST['user_username'])."' limit 1"; $result = $db->sql_query($sql); $authuser = $db->sql_numrows($result); $sql = "SELECT * FROM ".$GO_CONFIG->dbprefix."users where email='".addslashes($_POST['user_emal'])."' limit 1"; $result = $db->sql_query($sql); $authemail = $db->sql_numrows($result); if (!$authuser AND !$authemail){ $sql="INSERT INTO ".$GO_CONFIG->dbprefix."users ( id, user, passwd, email, id_group, active, id_unique, gid_owner )VALUES( '', '".addslashes($_POST['user_username'])."','".addslashes($hash)."','".addslashes($_POST['user_emal'])."', '".addslashes($_POST['user_groups'])."','".addslashes($_POST['user_active'])."','$id_unique', '".addslashes($_POST['user_groupsowner'])."' )"; $db->sql_query($sql); $newuserid=$db->sql_nextid(); if ($newuserid>0){ $sql="INSERT INTO ".$GO_CONFIG->dbprefix."users_group (id_ug,id_user,id_group,gid_owner) VALUES ('','".$newuserid."','1','".addslashes($_POST['user_groupsowner'])."')"; $db->sql_query($sql); if ($_POST[user_groups]<>1){ $sql="INSERT INTO ".$GO_CONFIG->dbprefix."users_group (id_ug,id_user,id_group,gid_owner) VALUES ('','".$newuserid."','".addslashes($_POST['user_groups'])."','".addslashes($_POST['user_groupsowner'])."')"; $db->sql_query($sql); } if ($_POST['user_active']==-1){ $body_url=makeurl("action=activate&uid=$id_unique","mod.php"); $body = _EMAILREGISTER; $body .=""._ACTIVATEACCOUNT." - "._USER.": ".$_POST['user_username']." \n"; $body .= _ORTYPEANDPASTE." \n $body_url "; $to = $_POST['user_emal']; $subject = $GO_CONFIG->mailtitle; $makecodeok=sendmailer($to,$subject,$body,1,$GO_CONFIG->mailcodepage); if ($makecodeok){ echo ok(_USERADDSENDMAILOK."
ID:".$newuserid); } } echo ok(_USERADDOK."
ID:".$newuserid); }else{ echo error(_USERADDERROR); } }else{ echo error(_USERADDEXIST); } //-------powyzej przenioslem z 2 }else if ($_POST['usersearch_user']=="*"){ // $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."users ORDER by user "; $sql="SELECT us.* FROM ".$GO_CONFIG->dbprefix."users us, ".$GO_CONFIG->dbprefix."users_group gr, ".$GO_CONFIG->dbprefix."users_group growner WHERE ( (gr.id_group>'99' AND us.id=gr.id_user AND ( (gr.id_group=growner.id_group) OR (gr.gid_owner=growner.id_group) ) AND growner.id_user='".addslashes(conf(id_user))."' ) OR (growner.id_group ='4' AND growner.id_user='".addslashes(conf(id_user))."') ) GROUP BY us.id ORDER BY us.user limit 100"; //echo $sql; }else{ // $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."users WHERE id='".addslashes($_POST[usersearch_user])."' OR user like '%".addslashes($_POST[usersearch_user])."%' "; $sql="SELECT us.* FROM ".$GO_CONFIG->dbprefix."users us, ".$GO_CONFIG->dbprefix."users_group gr, ".$GO_CONFIG->dbprefix."users_group growner WHERE ( (gr.id_group>'99' AND us.id=gr.id_user AND ( (gr.id_group=growner.id_group) OR (gr.gid_owner=growner.id_group) ) AND growner.id_user='".addslashes(conf(id_user))."' ) OR (growner.id_group ='4' AND growner.id_user='".addslashes(conf(id_user))."') ) AND (id='".addslashes($_POST['usersearch_user'])."' OR user like '%".addslashes($_POST['usersearch_user'])."%') GROUP BY us.id ORDER BY us.user"; } $resultu=$db->sql_query($sql); $usersfind=$db->sql_numrows($resultu); // }else if ($_POST[sm]==2){ }else if (($_POST['sm']==2 OR ($_GET['sm']==2 AND $_GET['action']=="delpermgroupfile")) AND is_admin()){ if ($_GET['permgr_group']>0 AND $_GET['permdir']){ $_GET['permdir']=str_decode($_GET['permdir']); $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."perm WHERE types='f' AND module_name='".addslashes($_GET['permdir'])."' AND id_group='".addslashes($_GET['permgr_group'])."' limit 1"; $result = $db->sql_query($sql); if ($db->sql_numrows($result)==1){ $sql="DELETE FROM ".$GO_CONFIG->dbprefix."perm WHERE types='f' AND module_name='".addslashes($_GET['permdir'])."' AND id_group='".addslashes($_GET['permgr_group'])."' limit 1"; $db->sql_query($sql); }else{ echo error(_NOFINDGROUP); } }else if ($_POST['permdz_dzial']>0 AND $_POST['permfile_groupacces']>0 AND $_POST['file_catname']){ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."perm WHERE types='f' AND module_name='".addslashes($_POST['file_catname'])."' AND id_group='".addslashes($_POST['permfile_groupacces'])."' limit 1"; $result = $db->sql_query($sql); $jest=$db->sql_numrows($result); if ($jest!=1){ if ($_POST['permfile_canwrite']==1) $permdz_canwrite=1; else $permdz_canwrite=0; if ($_POST['permfile_canread']==1) $permdz_canread=1; else $permdz_canread=0; $sql="INSERT INTO ".$GO_CONFIG->dbprefix."perm ( types, id_group, id_dzial, module_name, `read`, `write`, `installed` , active, gid_owner )VALUES( 'f','".addslashes($_POST['permfile_groupacces'])."','0','".addslashes($_POST['file_catname'])."', '$permdz_canread','$permdz_canwrite', '','', '".addslashes($_POST['grfile_groupowner'])."' )"; $db->sql_query($sql); }else{ echo error(_ALREADYSET); } } }else if ($_POST['sm']==3 OR ($_GET['sm']==3 AND $_GET['action']=="delusergroup")){ if ($_GET['sm']==3 AND ($_GET['action']=="delusergroup") AND $_GET['ggrcfg']>0 AND $_GET['ugrcfg']>0){ if ($_GET['ggrcfg']>99 OR ($_GET['ggrcfg']<100 AND $_GET['ugrcfg']>1)){ $sql="DELETE FROM ".$GO_CONFIG->dbprefix."users_group WHERE id_user='".addslashes($_GET['ugrcfg'])."' AND id_group='".addslashes($_GET['ggrcfg'])."' limit 1"; $db->sql_query($sql); if ($_GET['retop']) redirect("mod.php?dz=".getpost(dz)."&ss=".$GO_CONFIG->get_sesid()."&op=".$_GET['retop']."&sm=3"); }else{ echo error(_NOPERM); } }else if ($_POST['user_idtogroup']>0 AND $_POST['user_addgroups']>0 AND $_POST['user_groupacces']>0){ $sql = "SELECT * FROM ".$GO_CONFIG->dbprefix."users where id='".addslashes($_POST['user_idtogroup'])."' limit 1"; $result = $db->sql_query($sql); if ($db->sql_numrows($result)>0){ $sql="INSERT INTO ".$GO_CONFIG->dbprefix."users_group ( id_ug,id_user, id_group, gid_owner )VALUES( '','".addslashes($_POST['user_idtogroup'])."','".addslashes($_POST['user_addgroups'])."','".addslashes($_POST['user_groupacces'])."' )"; //echo $sql; $db->sql_query($sql); }else{ echo error(_NOFINFUSER); } } }else if (($_POST['sm']==4 OR ($_GET['sm']==4 AND $_GET['action']=="delpermgroupdzial")) AND is_admin()){ if ($_GET['permdz_dzial']>0 AND $_GET['permgr_group']>0){ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."perm WHERE types='d' AND module_name IS NULL AND id_group='".addslashes($_GET['permgr_group'])."' AND id_dzial='".addslashes($_GET['permdz_dzial'])."' limit 1"; $result = $db->sql_query($sql); if ($db->sql_numrows($result)==1){ $sql="DELETE FROM ".$GO_CONFIG->dbprefix."perm WHERE types='d' AND module_name IS NULL AND id_group='".addslashes($_GET['permgr_group'])."' AND id_dzial='".addslashes($_GET['permdz_dzial'])."' limit 1"; $db->sql_query($sql); }else{ echo error(_NOFINDGROUP); } }else if ($_POST['permdz_dzial']>0 AND $_POST['permdz_user_addgroups']>0){ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."perm WHERE types='d' AND module_name IS NULL AND id_group='".addslashes($_POST['permdz_user_addgroups'])."' AND id_dzial='".addslashes($_POST['permdz_dzial'])."' limit 1"; $result = $db->sql_query($sql); $jest=$db->sql_numrows($result); if ($jest!=1){ if ($_POST['permdz_canwrite']==1) $permdz_canwrite=1; else $permdz_canwrite=0; if ($_POST['permdz_canread']==1) $permdz_canread=1; else $permdz_canread=0; $sql="INSERT INTO ".$GO_CONFIG->dbprefix."perm ( types, id_group, id_dzial, module_name, `read`, `write`, `installed` , active, gid_owner )VALUES( 'd','".addslashes($_POST['permdz_user_addgroups'])."','".addslashes($_POST['permdz_dzial'])."',NULL, '$permdz_canread','$permdz_canwrite', '','', '".addslashes($_POST['gr_groupacces'])."' )"; $db->sql_query($sql); }else{ echo error(_ALREADYSET); } } }else if (($_POST['sm']==5 OR ($_GET['sm']==5 AND $_GET['mocfg']<>"" AND $_GET['ggrcfg']>0)) AND is_admin()){ if ($_GET['mocfg']<>"" AND $_GET['ggrcfg']>0){ $sql="DELETE FROM ".$GO_CONFIG->dbprefix."perm WHERE types='m' AND module_name='".addslashes($_GET['mocfg'])."' AND id_group='".addslashes($_GET['ggrcfg'])."' AND id_dzial='0' limit 1"; //echo $sql; $db->sql_query($sql); }else if ($_POST['permmod_user_addgroups']>0 AND $_POST['permmod_modulename']<>""){ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."perm WHERE types='m' AND id_group='".addslashes($_POST['permmod_user_addgroups'])."' AND module_name='".addslashes($_POST['permmod_modulename'])."' limit 1"; $result = $db->sql_query($sql); $jest=$db->sql_numrows($result); if ($jest!=1){ if ($_POST['permmod_canwrite']==1) $permdz_canwrite=1; else $permdz_canwrite=0; if ($_POST['permmod_canread']==1) $permdz_canread=1; else $permdz_canread=0; $sql="INSERT INTO ".$GO_CONFIG->dbprefix."perm ( types, id_group, id_dzial, module_name, `read`, `write`, `installed` , active )VALUES( 'm','".addslashes($_POST['permmod_user_addgroups'])."','','".addslashes($_POST['permmod_modulename'])."', '$permdz_canread','$permdz_canwrite', '','' )"; $db->sql_query($sql); }else{ echo error(_ALREADYSET); } } } include("config/security.php"); if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //===========================================================================================----------------------------------------------------------------------- } else if ($op=="config_translate" AND is_sadmin()){//----------------------------------------------------------------------TRANSLATE if ($GO_CONFIG->external_tpl){ ob_start(); } define("A_SETTING_UPDATE","1"); $fret =""; //print_r($_POST); //echo "

".$_POST[op]."=".count($_POST[MAINSYSTEM])."=".count($_POST[MAINMODULE])."

---

"; if ($_GET['op']=="config_translate" AND !$_POST['MAINSYSTEM'] AND !$_POST['MAINMODULE'] AND $_GET['action']=="load_mainsystem"){//----------------------------------LOAD system language define("_SAVED_SYSTEM","0"); $_POST['sm']=0; $_GET['sm']=0; $sql="SELECT lan FROM ".$GO_CONFIG->dbprefix."language WHERE active='1' ORDER BY lan"; $result=$db->sql_query($sql); while($row=$db->sql_fetchrow($result)){ $dir_all[] =$row['lan']; } $fret = $dir_all; //print_r($fret ); //-----------------dir end }else if ($_POST['op']=="config_translate" AND !$_POST['save_language_module'] AND (!$_POST['MAINSYSTEM'] OR !$_POST['MAINMODULE']) AND $_POST['actionc']=="load_modules" AND $_POST['lang_module_edit']<>""){//-----------LOAD module language define("_SAVED_MODULE","0"); //echo "ss"; $_POST['sm']=1; $_GET['sm']=1; // if (is_file("modules/".str_replace("..","",$_GET[lang_module_edit])."/language/en.inc")){ if (is_dir("modules/".str_replace("..","",$_POST['lang_module_edit'])."/language/")){ $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."language WHERE active='1' ORDER BY lan"; $result=$db->sql_query($sql); while($row=$db->sql_fetchrow($result)){ $dir_all[] =$row['lan']; } $fret = $dir_all; }else $fret = _NOLANGUAGE; }else if ($_POST['op']=="config_translate" AND !$_POST['load_modules'] AND count($_POST['MAINSYSTEM'])>0 AND $_POST['do_save_language_sys']==$GO_CONFIG->get_sesid()){ //----------save language system $_POST[sm]=0; $sql="SELECT lan FROM ".$GO_CONFIG->dbprefix."language WHERE active='1' ORDER BY lan"; $result=$db->sql_query($sql); while($row=$db->sql_fetchrow($result)){ $dir_all[] =$row['lan']; } $fret = $dir_all; for($l=0;$l"; copy("language/".$fret[$l],"language/".$fret[$l].".inc_COPY"); $ok=putFile("language/".$fret[$l].".inc",$record); //---------restiore if ($ok) { echo ok (_SAVEDSYSLANGUAGES."
OK FILE: language/".$fret[$l].".inc"); }else { copy("language/".$fret[$l].".inc_COPY","language/".$fret[$l].".inc"); echo ok (_SAVEDERRORSYSLANGUAGES."
ERROR FILE: language/".$fret[$l].".inc"); } //---------restore } // if ($ok) { // echo ok (_SAVEDSYSLANGUAGES); //// }else { // copy("language/".$fret[$l].".inc_COPY","language/".$fret[$l].".inc"); // echo ok (_SAVEDERRORSYSLANGUAGES); // } define("_SAVED_SYSTEM","1"); // }else if ($_POST['op']=="config_translate" AND !$_POST[load_modules] AND $_POST['save_language_module'] AND $_POST['do_save_language_sys']==$GO_CONFIG->get_sesid()){ //--------------------------save language modules }else if ($_POST['op']=="config_translate" AND count($_POST['MAINMODULE'])>0 AND $_POST['save_language_module']<>"" ){ //--------------------------save language modules $_POST['sm']=1; define("_SAVED_MODULE","1"); $sql="SELECT lan FROM ".$GO_CONFIG->dbprefix."language WHERE active='1' ORDER BY lan"; $result=$db->sql_query($sql); while($row=$db->sql_fetchrow($result)){ $dir_all[] =$row['lan']; //echo $row['lan']; } $fret = $dir_all; for($l=0;$l"; //echo $lanchar."====".$fret[$l]."

---

"; copy("modules/".str_replace("..","",$_POST['lang_module_edit'])."/language/".$fret[$l].".inc","modules/".str_replace("..","",$_POST['lang_module_edit'])."/language/".$fret[$l].".inc_COPY"); $ok=putFile("modules/".str_replace("..","",$_POST['lang_module_edit'])."/language/".$fret[$l].".inc",$record); //-----restore if ($ok==true) { echo ok (_SAVEDSYSLANGUAGES."
OK FILE: modules/".str_replace("..","",$_POST['lang_module_edit'])."/language/".$dir_all[$l].".inc

---

"); }else { copy("modules/".str_replace("..","",$_POST['lang_module_edit'])."/language/".$fret[$l].".inc_COPY","modules/".str_replace("..","",$_POST['lang_module_edit'])."/language/".$fret[$l].".inc"); echo ok (_SAVEDERRORSYSLANGUAGES."
ERROR FILE: modules/".str_replace("..","",$_POST['lang_module_edit'])."/language/".$dir_all[$l].".inc

---

"); } //-----restore } }//end save module language //echo "===============".getpost(sm); include("config/translate.php"); if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //============================================================================================================---------------------------------------------------------------- } else if ($op=="config_archive" AND is_sadmin()){ if ($GO_CONFIG->external_tpl){ ob_start(); } define("A_SETTING_UPDATE","1"); //-------------------------------------------------------------------------------------------veryfikacja if ($_GET['op']=="config_archive" AND $_GET['action']=="veryfydatabase"){ $sql="show tables"; $result=$db->sql_query($sql); // $myrow=$db->sql_fetchrow($result); //print_r($myrow);exit; $ret=""; while($myrow=$db->sql_fetchrow($result,"num")){ $table_name=$myrow[0]; $ret .= "
"._CHECKING.": ".$table_name."..."; $sql="CHECK TABLE `".$table_name."`"; $res=$db->sql_query($sql); if (!$res || $db->sql_numrows($res)<0) $ret .= "ERROR!!!"; else $ret .= "OK"; } //$bgcolor='#fff',$align="left", $width="100%", $padding="0px", $spacing="0px" $back=""; $back .= img("ico/back_n.gif",_DATABASE,16,16)." "._DATABASE; $back .= "

---

"; echo table($back.$ret,"#eeeeee","left","770px"); //-------------------------------------------------------------------------------------------optymalizacja }else if ($_GET['op']=="config_archive" AND $_GET['action']=="optimizedatabase"){ $sql="show tables"; $result=$db->sql_query($sql); // $myrow=$db->sql_fetchrow($result); //print_r($myrow);exit; $ret=""; while($myrow=$db->sql_fetchrow($result,"num")){ $table_name=$myrow[0]; $ret .= "
"._OPTIMALIZING.": ".$table_name."..."; $sql="OPTIMIZE TABLE `".$table_name."`"; $res=$db->sql_query($sql); if (!$res || $db->sql_numrows($res)<0) $ret .= "ERROR!!!"; else $ret .= "OK"; } //$bgcolor='#fff',$align="left", $width="100%", $padding="0px", $spacing="0px" $back=""; $back .= img("ico/back_n.gif",_DATABASE,16,16)." "._DATABASE; $back .= "

---

"; echo table($back.$ret,"#eeeeee","left","770px"); //-------------------------------------------------------------------------------------------naprawa }else if ($_GET['op']=="config_archive" AND $_GET['action']=="repeirdatabase"){ $sql="show tables"; $result=$db->sql_query($sql); // $myrow=$db->sql_fetchrow($result); //print_r($myrow);exit; $ret=""; while($myrow=$db->sql_fetchrow($result,"num")){ $table_name=$myrow[0]; $ret .= "
"._REPERING.": ".$table_name."..."; $sql="REPAIR TABLE `".$table_name."`"; $res=$db->sql_query($sql); if (!$res || $db->sql_numrows($res)<0) $ret .= "ERROR!!!"; else $ret .= "OK"; } //$bgcolor='#fff',$align="left", $width="100%", $padding="0px", $spacing="0px" $back=""; $back .= img("ico/back_n.gif",_DATABASE,16,16)." "._DATABASE; $back .= "

---

"; echo table($back.$ret,"#eeeeee","left","770px"); //-------------------------------------------------------------------------------------------archiwizacja }else if ($_GET['op']=="config_archive" AND $_GET['action']=="archivedatabase"){ include_once("include/dump_sql.php"); $back=""; $back .= img("ico/back_n.gif",_DATABASE,16,16)." "._DATABASE; $back .= "

---

"; $back .= backupdatabase("include/tmp/archivum.sql"); echo table($back,"#eeeeee","left","770px"); }else if ($_GET['op']=="config_archive" AND $_GET['action']=="doupdate"){ include("config/update_do.php"); echo $f_c; }else{ include("config/archive.php"); } if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //=========================================================================================================------------------------------------------------------------------ } else if ($op=="config_modules" AND is_admin()){ if ($GO_CONFIG->external_tpl){ ob_start(); } if (($_POST['action']=="modupload" OR $_GET['action']=="install" OR $_GET['action']=="uninstall" OR $_GET['action']=="active" OR $_GET['action']=="unactive") AND ($_GET['acmodule'] OR $_POST['action']=="modupload") AND is_sadmin()){ if ($_POST['action']=="modupload"){//instalacja nowego modulu zewnetrznego // $_FILES['newmodulef']['name']; if (is_uploaded_file($_FILES['newmodulef']['tmp_name'])){ if (strtolower(substr($_FILES['newmodulef']['name'],-3))=="bin"){ if (is_writable("modules/")){ $modinstalname=str_replace("..","",substr($_FILES['newmodulef']['name'],0,-4)); $modinstalldir="modules/".$modinstalname."/"; if (!is_dir($modinstalldir)){ mkdir($modinstalldir); move_uploaded_file($_FILES['newmodulef']['tmp_name'], $modinstalldir.$modinstalname.".php"); include ($modinstalldir.$modinstalname.".php"); unlink($modinstalldir.$modinstalname.".php"); echo ok(_NEWMODINSTSUCCES); }else echo error(_TMODULEALREADYINSTALLED); }else echo error(_DIRECTORYMNOTWRITABLE); }else echo error(_MODINSTALLFATALFORMAT); }else echo error(_NOUPOADEDMODFILE); }else if ($_GET['action']=="active"){ $sql="UPDATE ".$GO_CONFIG->dbprefix."perm SET active='1' WHERE types='im' AND module_name='".addslashes($_GET['acmodule'])."' AND active='0' limit 1"; $db->sql_query($sql); }else if ($_GET['action']=="unactive"){ $sql="UPDATE ".$GO_CONFIG->dbprefix."perm SET active='0' WHERE types='im' AND module_name='".addslashes($_GET['acmodule'])."' AND active='1' limit 1"; $db->sql_query($sql); }else if ($_GET['action']=="install"){ if (is_file("modules/".addslashes(str_replace("..","",$_GET['acmodule']))."/info/sql.php")){ require("modules/".addslashes(str_replace("..","",$_GET['acmodule']))."/info/sql.php"); if ($mod_install<>"") { if ($GO_CONFIG->dbprefix<>"gwpe_") $mod_install=str_replace("gwpe_",$GO_CONFIG->dbprefix,$mod_install); //----sql require("classes/gwpe.class.Parse_Sql.inc"); $parsesql=new parse_sql(); $mod_install = $parsesql->remove_remarks($mod_install); $mod_install = $parsesql->remove_comments($mod_install); $mod_install = $parsesql->split_sql_file($mod_install, ";"); for ($i = 0; $i < sizeof($mod_install); $i++){ if (trim($mod_install[$i]) != ''){ // echo $mod_install[$i]; // echo "------------\n"; $sql=$mod_install[$i]; $db->sql_query($sql); } } //----sql end // echo $mod_install; } $sql="SELECT * FROM ".$GO_CONFIG->dbprefix."perm WHERE types='im' AND module_name='".addslashes($_GET['acmodule'])."' limit 1"; $result = $db->sql_query($sql); $jest=$db->sql_numrows($result); if ($jest!=1){ $sql="INSERT INTO ".$GO_CONFIG->dbprefix."perm ( types,id_group, id_dzial, module_name, `read`, `write`, installed, active )VALUES( 'im','','','".addslashes($_GET['acmodule'])."','','','1','1' )"; $db->sql_query($sql); } }else echo error(_NOFILE.": modules/".addslashes(str_replace("..","",$_GET['acmodule']))."/info/sql.php"); }else if ($_GET['action']=="uninstall"){ if (is_file("modules/".addslashes(str_replace("..","",$_GET['acmodule']))."/info/sql.php")){ require("modules/".addslashes(str_replace("..","",$_GET['acmodule']))."/info/sql.php"); if ($mod_deinstall<>"") { if ($GO_CONFIG->dbprefix<>"gwpe_") $mod_deinstall=str_replace("gwpe_",$GO_CONFIG->dbprefix,$mod_deinstall); //----sql require("classes/gwpe.class.Parse_Sql.inc"); $parsesql=new parse_sql(); $mod_deinstall = $parsesql->remove_remarks($mod_deinstall); $mod_deinstall = $parsesql->remove_comments($mod_deinstall); $mod_deinstall = $parsesql->split_sql_file($mod_deinstall, ";"); for ($i = 0; $i < sizeof($mod_deinstall); $i++){ if (trim($mod_deinstall[$i]) != ''){ // echo $mod_deinstall[$i]; // echo "------------\n"; $sql=$mod_deinstall[$i]; $db->sql_query($sql); } } //----sql end // print_r($mod_deinstall); } $sql="DELETE FROM ".$GO_CONFIG->dbprefix."perm WHERE types='im' AND module_name='".addslashes($_GET['acmodule'])."' "; $db->sql_query($sql); }else echo error(_NOFILE.": modules/".addslashes(str_replace("..","",$_GET['acmodule']))."/info/sql.php"); } }else if (($_GET['action']=="setting" OR $_POST['action']=="saveconfig") AND getpost(setmodule)<>""){ $sql="SELECT perm.* FROM ".$GO_CONFIG->dbprefix."users_group gr, ".$GO_CONFIG->dbprefix."perm perm, ".$GO_CONFIG->dbprefix."perm uperm WHERE ( ( perm.types='im' AND perm.installed='1' AND uperm.module_name='".addslashes($_GET['setmodule'])."' AND uperm.id_group=gr.id_group AND gr.id_user='".addslashes(conf(id_user))."' ) OR ( gr.id_user='".addslashes(conf(id_user))."' AND gr.id_group='4' ) ) LIMIT 1 "; //echo $sql; $result=$db->sql_query($sql); if ($db->sql_numrows($result)>0){ define("A_ADMINMODULE","".getpost(setmodule).""); define("A_SETMODULE",1); } } include("config/modules.php"); // if ($GO_CONFIG->external_tpl){ // $external_tpl_config = ob_get_contents(); // store buffer in $contents // ob_end_clean(); // delete output buffer and stop buffering // echo $external_tpl_config // } //echo "sfdsf";exit; if ($GO_CONFIG->external_tpl){ $external_tpl_csetting = ob_get_contents(); // store buffer in $contents ob_end_clean(); // delete output buffer and stop buffering } //======================================================================================================--------------------------------------------------- }else{ //=================================================== //----------top //=================================================== //if (getpost("action")<>"edit"){ if (getpost("action")!="edit" AND getpost("action")<>"listpg" AND getpost('action')!="login" AND getpost('action')!="forget"){ if ($GO_CONFIG->external_tpl){ $external_tpl_top=""; $external_tpl_top_banner=""; $external_tpl_top_menu=""; $external_tpl_s1_left=""; $external_tpl_s1_center=""; $external_tpl_s1_right=""; $external_tpl_s2_left=""; $external_tpl_s2_center=""; $external_tpl_s2_right=""; $external_tpl_s3_left=""; $external_tpl_s3_center=""; $external_tpl_s3_right=""; $external_tpl_bottom_baner=""; $external_tpl_bottom=""; } if ($GO_CONFIG->dz_stop){ if ($GO_CONFIG->external_tpl){ ob_start(); } echo ""; echo $GWPE->s_top($GO_CONFIG->dz_top_idpage,$dz,1,$rowp); //---------------zewnetrzny modul includowany start $rowp=get_page($GO_CONFIG->dz_top_idpage); if ($rowp['mod_name'] AND $rowp['mod_active']){ $ismodule=$rowp['mod_name']; unset($modparam); $mod_param=""; if ($rowp['mod_param']){ $x=explode(";", $rowp['mod_param']); $q=0; while($x[$q]){ list($p1,$p2)=split("=", $x[$q]); // ${$p1}=$p2; $mod_param .= "&".$p1."=".$p2; $modparam[$p1]=$p2; $q++; } } $GO_CONFIG->scookie('_MODULE_PAGE',$rowp['id']); $GO_CONFIG->read_module_config($ismodule); if ($GO_CONFIG->support_phpnuke) { $is_module=str_replace("..","_",$ismodule); define('MODULE_FILE',$ismodule); if ($file) include("modules/$ismodule/$file.php"); else include("modules/$ismodule/index.php"); }else{ include("modules/$ismodule/index.php"); } $GO_CONFIG->dcookie('_MODULE_PAGE'); } //---------------zewnetrzny modul includowany end // echo "

dz_width.";\">"; } $ismodule=$rowp['mod_name']; unset($modparam); $mod_param=""; if ($rowp['mod_param']){ $x=explode(";", $rowp['mod_param']); $q=0; while($x[$q]){ list($p1,$p2)=split("=", $x[$q]); // ${$p1}=$p2; $mod_param .= "&".$p1."=".$p2; $modparam[$p1]=$p2; $q++; } } $GO_CONFIG->scookie('_MODULE_PAGE',$rowp['id']); $GO_CONFIG->read_module_config($ismodule); if ($GO_CONFIG->support_phpnuke) { $is_module=str_replace("..","_",$ismodule); define('MODULE_FILE',$ismodule); if ($file) include("modules/$ismodule/$file.php"); else include("modules/$ismodule/index.php"); }else{ include("modules/$ismodule/index.php"); } $GO_CONFIG->dcookie('_MODULE_PAGE'); if ($isadmin OR ($GO_CONFIG->dz_width AND $GO_CONFIG->dz_width!="100%")) { // echo "