PageRenderTime 25ms CodeModel.GetById 32ms RepoModel.GetById 0ms app.codeStats 0ms

/www/admin/admin_snippets_edit.php

https://github.com/Sweil/Frogsystem-2
PHP | 326 lines | 241 code | 36 blank | 49 comment | 44 complexity | 8fca65e323c934895e057e8e0905d355 MD5 | raw file
    

  1. <?php if (!defined('ACP_GO')) die('Unauthorized access!');
    2. 

  2. 

  3. /////////////////////////////
    4. 

  4. //// DB: Update Snippets ////
    5. 

  5. /////////////////////////////
    6. 

  6. 

  7. if (
    8. 

  8.         isset ( $_POST['sended'] ) && $_POST['sended'] == 'edit'
    9. 

  9.         && isset ( $_POST['snippet_action'] ) && $_POST['snippet_action'] == 'edit'
    10. 

  10.         && isset ( $_POST['snippet_id'] )
    11. 

  11.     )
    12. 

  12. {
    13. 

  13.     // Security-Functions
    14. 

  14.     settype ( $_POST['snippet_id'], 'integer' );
    15. 

  15.     settype ( $_POST['snippet_active'], 'integer' );
    16. 

  16. 

  17.     // SQL-Queries
    18. 

  18.     $stmt = $FD->db()->conn()->prepare('
    19. 

  19.                 UPDATE `'.$FD->env('DB_PREFIX')."snippets`
    20. 

  20.                 SET
    21. 

  21.                     `snippet_text` = ?,
    22. 

  22.                     `snippet_active` = '".$_POST['snippet_active']."'
    23. 

  23.                 WHERE `snippet_id` = '".$_POST['snippet_id']."'");
    24. 

  24.     $stmt->execute(array($_POST['snippet_text']));
    25. 

  25. 

  26.     // Display Message
    27. 

  27.     systext ( $FD->text("admin", "changes_saved"),
    28. 

  28.         $FD->text("admin", "info"), FALSE, $FD->text("admin", "icon_save_ok") );
    29. 

  29. 

  30.     // Unset Vars
    31. 

  31.     unset ( $_POST );
    32. 

  32. }
    33. 

  33. 

  34. /////////////////////////////
    35. 

  35. //// DB: Delete Snippets ////
    36. 

  36. /////////////////////////////
    37. 

  37. elseif (
    38. 

  38.         $_SESSION['snippets_delete']
    39. 

  39.         && isset ( $_POST['sended'] ) && $_POST['sended'] == 'delete'
    40. 

  40.         && isset ( $_POST['snippet_action'] ) && $_POST['snippet_action'] == 'delete'
    41. 

  41.         && isset ( $_POST['snippet_id'] )
    42. 

  42.         && isset ( $_POST['snippet_delete'] )
    43. 

  43.     )
    44. 

  44. {
    45. 

  45.     if ( $_POST['snippet_delete'] == 1 ) {
    46. 

  46. 

  47.         // Security-Functions
    48. 

  48.         $_POST['snippet_id'] = array_map ( 'intval', explode ( ',', $_POST['snippet_id'] ) );
    49. 

  49. 

  50.         // SQL-Delete-Query
    51. 

  51.         $FD->db()->conn()->exec ('
    52. 

  52.             DELETE
    53. 

  53.             FROM `'.$FD->env('DB_PREFIX').'snippets`
    54. 

  54.             WHERE `snippet_id` IN ('.implode ( ',', $_POST['snippet_id'] ).')');
    55. 

    56. 

  56.         systext ( $FD->text("admin", "snippets_deleted"),
    57. 

  57.             $FD->text("admin", "info"), FALSE, $FD->text("admin", "icon_trash_ok") );
    58. 

  58. 

  59.     } else {
    60. 

  60.         systext ( $FD->text("admin", "snippets_not_deleted"),
    61. 

  61.             $FD->text("admin", "info"), FALSE, $FD->text("admin", "icon_trash_error") );
    62. 

  62.     }
    63. 

  63. 

  64.     // Unset Vars
    65. 

  65.     unset ( $_POST );
    66. 

  66. }
    67. 

  67. 

  68. ///////////////////////
    69. 

  69. //// Display Forms ////
    70. 

  70. ///////////////////////
    71. 

  71. if (  isset ( $_POST['snippet_id'] ) && is_array ( $_POST['snippet_id'] ) && $_POST['snippet_action'] )
    72. 

  72. {
    73. 

  73.     // Security Function
    74. 

  74.     $_POST['snippet_id'] = array_map ( 'intval', $_POST['snippet_id'] );
    75. 

  75. 

  76.     ///////////////////////////
    77. 

  77.     //// Edit Snippet Form ////
    78. 

  78.     ///////////////////////////
    79. 

  79.     if ( $_POST['snippet_action'] == 'edit' && count ( $_POST['snippet_id'] ) == 1 )
    80. 

  80.     {
    81. 

  81.         $_POST['snippet_id'] = $_POST['snippet_id'][0];
    82. 

  82. 

  83.         // Display Error Messages
    84. 

  84.         if ( isset($_POST['sended']) && ($_POST['sended'] == 'edit') ) {
    85. 

  85. 

  86.             // Shouldn't happen
    87. 

  87. 

  88.         // Get Data from DB
    89. 

  89.         } else {
    90. 

  90.             $index = $FD->db()->conn()->query ( '
    91. 

  91.                         SELECT *
    92. 

  92.                         FROM `'.$FD->env('DB_PREFIX')."snippets`
    93. 

  93.                         WHERE `snippet_id` = '".$_POST['snippet_id']."'
    94. 

  94.                         LIMIT 0,1" );
    95. 

  95.             $data_arr = $index->fetch(PDO::FETCH_ASSOC);
    96. 

  96.             putintopost ( $data_arr );
    97. 

  97.         }
    98. 

  98. 

  99.         // Security Functions
    100. 

  100.         $_POST['snippet_tag'] = killhtml ( $_POST['snippet_tag'] );
    101. 

  101.         $_POST['snippet_text'] = killhtml ( $_POST['snippet_text'] );
    102. 

  102. 

  103.         settype ( $_POST['snippet_id'], 'integer' );
    104. 

  104.         settype ( $_POST['snippet_active'], 'integer' );
    105. 

  105. 

  106.         // Display Form
    107. 

  107.         echo '
    108. 

  108.                     <form action="" method="post">
    109. 

  109.                         <input type="hidden" name="go" value="snippets_edit">
    110. 

  110.                         <input type="hidden" name="snippet_action" value="edit">
    111. 

  111.                         <input type="hidden" name="sended" value="edit">
    112. 

  112.                         <input type="hidden" name="snippet_id" value="'.$_POST['snippet_id'].'">
    113. 

  113.                         <table class="configtable" cellpadding="4" cellspacing="0">
    114. 

  114.                             <tr><td class="line" colspan="2">'.$FD->text("admin", "snippet_edit_title").'</td></tr>
    115. 

  115.                             <tr>
    116. 

  116.                                 <td class="config" width="50%">
    117. 

  117.                                     '.$FD->text("admin", "snippet_tag_title").':<br>
    118. 

  118.                                     <span class="small">'.$FD->text("admin", "snippet_tag_desc").'</span>
    119. 

  119.                                 </td>
    120. 

  120.                                 <td class="config" width="50%">
    121. 

  121.                                     '.$_POST['snippet_tag'].'
    122. 

  122.                                 </td>
    123. 

  123.                             </tr>
    124. 

  124.                             <tr>
    125. 

  125.                                 <td class="config">
    126. 

  126.                                     '.$FD->text("admin", "snippet_active_title").':<br>
    127. 

  127.                                     <span class="small">'.$FD->text("admin", "snippet_active_desc").'</span>
    128. 

  128.                                 </td>
    129. 

  129.                                 <td class="config">
    130. 

  130.                                     <input class="pointer" type="checkbox" name="snippet_active" value="1" '.getchecked ( 1, $_POST['snippet_active'] ).'>
    131. 

  131.                                 </td>
    132. 

  132.                             </tr>
    133. 

  133.                             <tr>
    134. 

  134.                                 <td class="config">
    135. 

  135.                                     '.$FD->text("admin", "snippet_text_title").':<br>
    136. 

  136.                                     <span class="small">'.$FD->text("admin", "snippet_text_desc").'</span>
    137. 

  137.                                 </td>
    138. 

  138.                             </tr>
    139. 

  139.                             <tr>
    140. 

  140.                                 <td class="config" colspan="2">
    141. 

  141.                                     <textarea style="width:100%;" name="snippet_text" rows="20" wrap="virtual">'.$_POST['snippet_text'].'</textarea>
    142. 

  142.                                 </td>
    143. 

  143.                             </tr>
    144. 

  144.                             <tr><td class="space"></td></tr>
    145. 

  145.                             <tr>
    146. 

  146.                                 <td colspan="2" class="buttontd">
    147. 

  147.                                     <button class="button_new" type="submit">
    148. 

  148.                                         '.$FD->text("admin", "button_arrow").' '.$FD->text("admin", "save_changes_button").'
    149. 

  149.                                     </button>
    150. 

  150.                                 </td>
    151. 

  151.                             </tr>
    152. 

  152.                         </table>
    153. 

  153.                     </form>
    154. 

  154.         ';
    155. 

  155.     }
    156. 

  156. 

  157.     ///////////////////////////////////////////////////////////////
    158. 

  158.     //// Show too much selected Error & Go back to Select Form ////
    159. 

  159.     ///////////////////////////////////////////////////////////////
    160. 

  160.     elseif ( $_POST['snippet_action'] == 'edit' && count ( $_POST['snippet_id'] ) > 1 ) {
    161. 

  161.         // Display Error
    162. 

  162.         systext ( $FD->text("admin", "select_only_one_to_edit"),
    163. 

  163.             $FD->text("admin", "error"), TRUE, $FD->text("admin", "icon_error") );
    164. 

  164.         unset ( $_POST['snippet_id'] );
    165. 

  165.     }
    166. 

  166. 

  167.     /////////////////////////////
    168. 

  168.     //// Delete Snippet Form ////
    169. 

  169.     /////////////////////////////
    170. 

  170.     elseif ( $_SESSION['snippets_delete'] && $_POST['snippet_action'] == 'delete' && count ( $_POST['snippet_id'] ) >= 1 )
    171. 

  171.     {
    172. 

  172.         // Display Head of Table
    173. 

  173.         echo '
    174. 

  174.                     <form action="" method="post">
    175. 

  175.                         <input type="hidden" name="go" value="snippets_edit">
    176. 

  176.                         <input type="hidden" name="snippet_action" value="delete">
    177. 

  177.                         <input type="hidden" name="sended" value="delete">
    178. 

  178.                         <input type="hidden" name="snippet_id" value="'.implode ( ',', $_POST['snippet_id'] ).'">
    179. 

  179.                         <table class="configtable" cellpadding="4" cellspacing="0">
    180. 

  180.                             <tr><td class="line" colspan="2">'.$FD->text("admin", "snippets_delete_title").'</td></tr>
    181. 

  181.                             <tr>
    182. 

  182.                                 <td class="configthin">
    183. 

  183.                                     '.$FD->text("admin", "snippets_delete_question").'
    184. 

  184.                                     <br><br>
    185. 

  185.         ';
    186. 

    187. 

  187.         // get snippets from db
    188. 

  188.         $index = $FD->db()->conn()->query ( '
    189. 

  189.                         SELECT COUNT(*)
    190. 

  190.                         FROM `'.$FD->env('DB_PREFIX').'snippets`
    191. 

  191.                         WHERE `snippet_id` IN ('.implode ( ',', $_POST['snippet_id'] ).')' );
    192. 

  192.         // snippets found
    193. 

  193.         if ( $index->fetchColumn() > 0 ) {
    194. 

  194. 

  195.             // display snippets
    196. 

  196.             $index = $FD->db()->conn()->query ( '
    197. 

  197.                         SELECT *
    198. 

  198.                         FROM `'.$FD->env('DB_PREFIX').'snippets`
    199. 

  199.                         WHERE `snippet_id` IN ('.implode ( ',', $_POST['snippet_id'] ).')
    200. 

  200.                         ORDER BY `snippet_tag`' );
    201. 

  201.             while ( $data_arr = $index->fetch(PDO::FETCH_ASSOC) ) {
    202. 

  202. 

  203.                 // get other data
    204. 

  204.                 $data_arr['active_text'] = ( $data_arr['snippet_active'] == 1 ) ? $FD->text("admin", "snippet_active") : $FD->text("admin", "snippet_not_active");
    205. 

  205. 

  206.                 echo '
    207. 

  207.                                     <b>'.killhtml ( $data_arr['snippet_tag'] ).'</b> ('.$data_arr['active_text'].')<br>
    208. 

  208.                 ';
    209. 

  209.             }
    210. 

  210.         }
    211. 

  211. 

  212.         // Display End of Table
    213. 

  213.         echo '
    214. 

  214.                                 </td>
    215. 

  215.                                 <td class="config right top" style="padding: 0px;">
    216. 

  216.                                     '.get_yesno_table ( 'snippet_delete' ).'
    217. 

  217.                                 </td>
    218. 

  218.                             </tr>
    219. 

  219.                             <tr><td class="space"></td></tr>
    220. 

  220.                             <tr>
    221. 

  221.                                 <td class="buttontd" colspan="2">
    222. 

  222.                                     <button class="button_new" type="submit">
    223. 

  223.                                         '.$FD->text("admin", "button_arrow").' '.$FD->text("admin", "do_action_button_long").'
    224. 

  224.                                     </button>
    225. 

  225.                                 </td>
    226. 

  226.                             </tr>
    227. 

  227.                         </table>
    228. 

  228.                     </form>
    229. 

  229.         ';
    230. 

  230.     }
    231. 

  231. }
    232. 

  232. /////////////////////////////
    233. 

  233. //// Select Snippet Form ////
    234. 

  234. /////////////////////////////
    235. 

  235. if ( !isset ( $_POST['snippet_id'] ) )
    236. 

  236. {
    237. 

  237. 

  238.     // start display
    239. 

  239.     echo '
    240. 

  240.                     <form action="" method="post">
    241. 

  241.                         <input type="hidden" name="go" value="snippets_edit">
    242. 

  242.                         <table class="configtable select_list" cellpadding="4" cellspacing="0">
    243. 

  243.                             <tr><td class="line" colspan="3">'.$FD->text("admin", "snippet_select_title").'</td></tr>
    244. 

  244.     ';
    245. 

    246. 

  246.     // get snippets from db
    247. 

  247.     $index = $FD->db()->conn()->query ( '
    248. 

  248.                 SELECT COUNT(*)
    249. 

  249.                 FROM `'.$FD->env('DB_PREFIX').'snippets`' );
    250. 

    251. 

  251.     // snippets found
    252. 

  252.     if ( $index->fetchColumn() > 0 ) {
    253. 

  253. 

  254.         // display table head
    255. 

  255.         echo '
    256. 

  256.                             <tr>
    257. 

  257.                                 <td class="config">'.$FD->text("admin", "snippet_tag_title").'</td>
    258. 

  258.                                 <td class="config" width="20">&nbsp;&nbsp;'.$FD->text("admin", "active").'&nbsp;&nbsp;</td>
    259. 

  259.                                 <td class="config" width="20"></td>
    260. 

  260.                             </tr>
    261. 

  261.         ';
    262. 

    263. 

  263.         // display Snippets
    264. 

  264.         $index = $FD->db()->conn()->query ( '
    265. 

  265.                 SELECT *
    266. 

  266.                 FROM `'.$FD->env('DB_PREFIX').'snippets`
    267. 

  267.                 ORDER BY `snippet_tag`' );
    268. 

  268.         while ( $data_arr = $index->fetch(PDO::FETCH_ASSOC) ) {
    269. 

  269. 

  270.             // get other data
    271. 

  271.             $data_arr['active_text'] = ( $data_arr['snippet_active'] == 1 ) ? $FD->text("admin", "yes") : $FD->text("admin", "no");
    272. 

  272. 

  273.             echo '
    274. 

    275. 

  275.                             <tr class="select_entry">
    276. 

  276.                                 <td class="configthin middle">'.killhtml ( $data_arr['snippet_tag'] ).'</td>
    277. 

  277.                                 <td class="configthin middle center">'.$data_arr['active_text'].'</td>
    278. 

  278.                                 <td class="config top center">
    279. 

  279.                                     <input class="pointer select_box" type="checkbox" name="snippet_id[]" value="'.$data_arr['snippet_id'].'">
    280. 

  280.                                 </td>
    281. 

  281.                             </tr>
    282. 

  282.             ';
    283. 

  283.         }
    284. 

  284. 

  285.         if (!isset($_POST['snippet_action']))
    286. 

  286.           $_POST['snippet_action'] = '';
    287. 

  287.         // display footer with button
    288. 

  288.         echo'
    289. 

  289.                             <tr><td class="space"></td></tr>
    290. 

  290.                             <tr>
    291. 

  291.                                 <td class="right" colspan="4">
    292. 

  292.                                     <select class="select_type" name="snippet_action" size="1">
    293. 

  293.                                         <option class="select_one" value="edit" '.getselected( 'edit', $_POST['snippet_action'] ).'>'.$FD->text("admin", "selection_edit").'</option>
    294. 

  294.         ';
    295. 

  295.         echo ( $_SESSION['snippets_delete'] ) ? '<option class="select_red" value="delete" '.getselected ( 'delete', $_POST['snippet_action'] ).'>'.$FD->text("admin", "selection_delete").'</option>' : '';
    296. 

  296.         echo'
    297. 

  297.                                     </select>
    298. 

  298.                                 </td>
    299. 

  299.                             </tr>
    300. 

  300.                             <tr><td class="space"></td></tr>
    301. 

  301.                             <tr>
    302. 

  302.                                 <td class="buttontd" colspan="4">
    303. 

  303.                                     <button class="button_new" type="submit">
    304. 

  304.                                         '.$FD->text("admin", "button_arrow").' '.$FD->text("admin", "do_action_button_long").'
    305. 

  305.                                     </button>
    306. 

  306.                                 </td>
    307. 

  307.                             </tr>
    308. 

  308.         ';
    309. 

    310. 

  310.     // no Snippets found
    311. 

  311.     } else {
    312. 

  312. 

  313.            echo'
    314. 

  314.                             <tr><td class="space"></td></tr>
    315. 

  315.                             <tr>
    316. 

  316.                                 <td class="config center" colspan="4">'.$FD->text("admin", "snippets_not_found").'</td>
    317. 

  317.                             </tr>
    318. 

  318.                             <tr><td class="space"></td></tr>
    319. 

  319.         ';
    320. 

  320.     }
    321. 

  321.     echo '
    322. 

  322.                         </table>
    323. 

  323.                 </form>
    324. 

  324.     ';
    325. 

  325. }
    326. 

  326. ?>
    327. 

  327.