ExamDiff Pro Diff Report

C:\php-fusion-7-00\files\administration\panel_editor.php

E:\v7.00-Custom-Panels-Control-v1.00-RC1\files\administration\panel_editor.php

1|<?php

2|/*-------------------------------------------------------+

3|| PHP-Fusion Content Management System

5|| http://www.php-fusion.co.uk/

6|+--------------------------------------------------------+

7|| Filename: panel_editor.php

8|| Author: Nick Jones (Digitanium)

9|+--------------------------------------------------------+

10|| This program is released as free software under the

11|| Affero GPL license. You can redistribute it and/or

12|| modify it under the terms of this license which you

13|| can read by viewing the included agpl.txt or online

14|| at www.gnu.org/licenses/agpl.html. Removal of this

15|| copyright header is strictly prohibited without

16|| written permission from the original author(s).

17|+--------------------------------------------------------*/

18|require_once "../maincore.php";

19|require_once THEMES."templates/admin_header.php";

20|include LOCALE.LOCALESET."admin/panels.php";

21|

22|if (!checkrights("P") || !defined("iAUTH") || $_GET['aid'] != iAUTH) { redirect("../index.php"); }

23|

24|$temp = opendir(INFUSIONS);

25|while ($folder = readdir($temp)) {

26| if (!in_array($folder, array(".","..")) && strstr($folder, "_panel")) {

27| if (is_dir(INFUSIONS.$folder)) $panel_list[] = $folder;

28| }

29|}

30|closedir($temp); sort($panel_list); array_unshift($panel_list, "none");

31|

32|if (isset($_POST['save'])) {

33| $error = "";

34| $panel_name = stripinput($_POST['panel_name']);

35| if ($panel_name == "") $error .= $locale['470']."<br />";

36| if ($_POST['panel_filename'] == "none") {

37| $panel_filename = "";

38| $panel_content = addslash($_POST['panel_content']);

39| $panel_type = "php";

40| } else {

41| $panel_filename = stripinput($_POST['panel_filename']);

42| $panel_content = "";

43| $panel_type = "file";

44| }

45| $admin_password = isset($_POST['admin_password']) ? $_POST['admin_password'] : "";

46| $panel_side = isnum($_POST['panel_side']) ? $_POST['panel_side'] : "1";

47| $panel_access = isnum($_POST['panel_access']) ? $_POST['panel_access'] : "0";

48| if ($panel_side == "1" || $panel_side == "4") {

49| $panel_display = "0";

50| } else {

51| $panel_display = isset($_POST['panel_display']) ? "1" : "0";

52| }

53| if (isset($_GET['panel_id']) && isnum($_GET['panel_id'])) {

54| if ($panel_name) {

55| $data = dbarray(dbquery("SELECT * FROM ".DB_PANELS." WHERE panel_id='".$_GET['panel_id']."'"));

56| if ($panel_name != $data['panel_name']) {

57| $result = dbquery("SELECT * FROM ".DB_PANELS." WHERE panel_name='$panel_name'");

58| if (dbrows($result)) { $error .= $locale['471']."<br />"; }

59| }

60| }

61| if ($panel_type == "php" && $panel_content == "") { $error .= $locale['472']."<br />"; }

62| if ((!isset($_COOKIE[COOKIE_PREFIX.'admin']) || md5($_COOKIE[COOKIE_PREFIX.'admin']) != $userdata['user_admin_password']) && md5(md5($admin_password)) != $userdata['user_admin_password']) {

63| $error .= $locale['474']."<br />";

64| }

65| if (!$error) {

66| $result = dbquery("UPDATE ".DB_PANELS." SET panel_name='$panel_name', panel_filename='$panel_filename', panel_content='$panel_content', panel_access='$panel_access', panel_display='$panel_display' WHERE panel_id='".$_GET['panel_id']."'");

67| }

68| opentable($locale['480']);

69| echo "<div style='text-align:center'><br />\n";

70| if ($error) {

71| echo $locale['481']."<br /><br />\n".$error."<br />\n";

72| } else {

73| echo $locale['482']."<br /><br />\n";

74| }

75| echo "<a href='panels.php".$aidlink."'>".$locale['486']."</a><br /><br />\n";

76| echo "<a href='index.php".$aidlink."'>".$locale['487']."</a><br /><br />\n";

77| echo "</div>\n";

78| closetable();

79| if (!isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5(md5($admin_password)) == $userdata['user_admin_password']) {

80| setcookie(COOKIE_PREFIX."admin", md5($admin_password), time() + 3600, "/", "", "0");

81| }

82| } else {

83| if ($panel_name) {

84| $result = dbquery("SELECT * FROM ".DB_PANELS." WHERE panel_name='$panel_name'");

85| if (dbrows($result) != 0) { $error .= $locale['471']."<br />"; }

86| }

87| if ($panel_type == "php" && $panel_content == "") { $error .= $locale['472']."<br />"; }

88| if ($panel_type == "file" && $panel_filename == "none") { $error .= $locale['473']."<br />"; }

89| if ((!isset($_COOKIE[COOKIE_PREFIX.'admin']) || md5($_COOKIE[COOKIE_PREFIX.'admin']) != $userdata['user_admin_password']) && md5(md5($admin_password)) != $userdata['user_admin_password']) {

90| $error .= $locale['474']."<br />";

91| }

92| if (!$error) {

93| $result = dbquery("SELECT * FROM ".DB_PANELS." WHERE panel_side='$panel_side' ORDER BY panel_order DESC LIMIT 1");

94| if (dbrows($result) != 0) { $data = dbarray($result); $neworder = $data['panel_order'] + 1; } else { $neworder = 1; }

95| $result = dbquery("INSERT INTO ".DB_PANELS." (panel_name, panel_filename, panel_content, panel_side, panel_order, panel_type, panel_access, panel_display, panel_status) VALUES ('$panel_name', '$panel_filename', '$panel_content', '$panel_side', '$neworder', '$panel_type', '$panel_access', '$panel_display', '0')");

96| }

97| opentable($locale['483']);

98| echo "<div style='text-align:center'><br />\n";

99| if ($error) {

100| echo $locale['484']."<br /><br />\n".$error."<br />\n";

101| } else {

102| echo $locale['485']."<br /><br />\n";

103| }

104| echo "<a href='panels.php".$aidlink."'>".$locale['486']."</a><br /><br />\n";

105| echo "<a href='index.php".$aidlink."'>".$locale['487']."</a><br /><br />\n";

106| echo "</div>\n";

107| closetable();

108| if (!isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5(md5($admin_password)) == $userdata['user_admin_password']) {

109| setcookie(COOKIE_PREFIX."admin", md5($admin_password), time() + 3600, "/", "", "0");

110| }

111| }

112|} else {

113| if (isset($_POST['preview'])) {

114| $panel_name = stripinput($_POST['panel_name']);

115| $panel_filename = $_POST['panel_filename'];

116| $panel_content = isset($_POST['panel_content']) ? stripslash($_POST['panel_content']) : "";

117| $admin_password = isset($_POST['admin_password']) ? $_POST['admin_password'] : "";

118| $panel_side = $_POST['panel_side'];

119| $panel_access = $_POST['panel_access'];

120| $panelon = isset($_POST['panel_display']) ? " checked='checked'" : "";

121| $panelopts = $_POST['panel_side'] == "1" || $_POST['panel_side'] == "4" ? " style='display:none'" : " style='display:block'";

122| $panel_type = $panel_filename == "none" ? "php" : "file";

123| if ((isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5($_COOKIE[COOKIE_PREFIX.'admin']) == $userdata['user_admin_password']) || md5(md5($admin_password)) == $userdata['user_admin_password']) {

124| opentable($panel_name);

125| if ($panel_type == "file") {

126| @include INFUSIONS.$panel_filename."/".$panel_filename.".php";

127| } else {

128| eval($panel_content);

129| }

130| $panel_content = phpentities($panel_content);

131| closetable();

132| if (!isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5(md5($admin_password)) == $userdata['user_admin_password']) {

133| setcookie(COOKIE_PREFIX."admin", md5($admin_password), time() + 3600, "/", "", "0");

134| }

135| } else {

136| echo "<div class='admin-message'>".$locale['global_182']."</div>\n";

137| $panel_content = phpentities($panel_content);

138| }

139| }

140| if ((isset($_GET['action']) && $_GET['action'] == "edit") && (isset($_GET['panel_id']) && isnum($_GET['panel_id']))) {

141| $result = dbquery("SELECT * FROM ".DB_PANELS." WHERE panel_id='".$_GET['panel_id']."'");

142| if (dbrows($result)) {

143| $data = dbarray($result);

144| $panel_name = $data['panel_name'];

145| $panel_filename = $data['panel_filename'];

146| $panel_content = phpentities(stripslashes($data['panel_content']));

147| $admin_password = "";

148| $panel_type = $data['panel_type'];

149| $panel_side = $data['panel_side'];

150| $panel_access = $data['panel_access'];

151| $panelon = $data['panel_display'] == "1" ? " checked='checked'" : "";

152| $panelopts = $panel_side == "1" || $panel_side == "4" ? " style='display:none'" : " style='display:block'";

153| } else {

154| redirect(FUSION_SELF.$aidlink);

155| }

156| }

157| if (isset($_GET['panel_id']) && isnum($_GET['panel_id'])) {

158| $action = FUSION_SELF.$aidlink."&panel_id=".$_GET['panel_id'];

159| opentable($locale['450']);

160| } else {

161| if (!isset($_POST['preview'])) {

162| $panel_name = "";

163| $panel_filename = "";

164| $panel_content = "openside(\"name\");\n"." echo \"content\";\n"."closeside();";

165| $admin_password = "";

166| $panel_type = "";

167| $panel_side = "";

168| $panel_access = "";

169| $panelon = "";

170| $panelopts = " style='display:none'";

171| }

172| $action = FUSION_SELF.$aidlink;

173| opentable($locale['451']);

174| }

175| $user_groups = getusergroups(); $access_opts = "";

176| while(list($key, $user_group) = each($user_groups)){

177| $sel = ($panel_access == $user_group['0'] ? " selected='selected'" : "");

178| $access_opts .= "<option value='".$user_group['0']."'$sel>".$user_group['1']."</option>\n";

179| }

180| echo "<form name='editform' method='post' action='$action'>\n";

181| echo "<table cellpadding='0' cellspacing='0' class='center'>\n<tr>\n";

182| echo "<td class='tbl'>".$locale['452']."</td>\n";

183| echo "<td class='tbl'><input type='text' name='panel_name' value='$panel_name' class='textbox' style='width:200px;' /></td>\n";

184| echo "</tr>\n";

185| if (isset($_GET['panel_id']) && isnum($_GET['panel_id'])) {

186| if ($panel_type == "file") {

187| echo "<tr>\n<td class='tbl'>".$locale['453']."</td>\n";

188| echo "<td class='tbl'><select name='panel_filename' class='textbox' style='width:200px;'>\n";

189| for ($i=0;$i < count($panel_list);$i++) {

190| echo "<option".($panel_filename == $panel_list[$i] ? " selected='selected'" : "").">".$panel_list[$i]."</option>\n";

191| }

192| echo "</select></td>\n</tr>\n";

193| }

194| } else {

195| echo "<tr>\n<td class='tbl'>".$locale['453']."</td>\n";

196| echo "<td class='tbl'><select name='panel_filename' class='textbox' style='width:200px;'>\n";

197| for ($i=0;$i < count($panel_list);$i++) {

198| echo "<option".($panel_filename == $panel_list[$i] ? " selected='selected'" : "").">".$panel_list[$i]."</option>\n";

199| }

200| echo "</select>  <span class='small2'>".$locale['454']."</span></td>\n</tr>\n";

201| }

202| if (isset($_GET['panel_id']) && isnum($_GET['panel_id'])) {

203| if ($panel_type == "php") {

204| echo "<tr>\n<td valign='top' class='tbl'>".$locale['455']."</td>\n";

205| echo "<td class='tbl'><textarea name='panel_content' cols='95' rows='15' class='textbox' style='width:98%'>".$panel_content."</textarea></td>\n";

206| echo "</tr>\n";

207| }

208| } else {

209| echo "<tr>\n<td valign='top' class='tbl'>".$locale['455']."</td>\n";

210| echo "<td class='tbl'><textarea name='panel_content' cols='95' rows='15' class='textbox' style='width:98%'>".$panel_content."</textarea></td>\n";

211| echo "</tr>\n";

212| }

213| if ((!isset($_COOKIE[COOKIE_PREFIX.'admin']) || md5($_COOKIE[COOKIE_PREFIX.'admin']) != $userdata['user_admin_password']) && md5(md5($admin_password)) != $userdata['user_admin_password']) {

214| echo "<tr>\n<td class='tbl'>".$locale['456']."</td>\n";

215| echo "<td class='tbl'><input type='password' name='admin_password' value='".$admin_password."' class='textbox' style='width:150px;' /></td>\n";

216| echo "</tr>\n";

217| }

218| if (!isset($_GET['panel_id']) || !isnum($_GET['panel_id'])) {

219| echo "<tr>\n<td class='tbl'>".$locale['457']."</td>\n";

220| echo "<td class='tbl'><select name='panel_side' class='textbox' style='width:150px;' onchange=\"showopts(this.options[this.selectedIndex].value);\">\n";

221| echo "<option value='1'".($panel_side == "1" ? " selected='selected'" : "").">".$locale['420']."</option>\n";

222| echo "<option value='2'".($panel_side == "2" ? " selected='selected'" : "").">".$locale['421']."</option>\n";

223| echo "<option value='3'".($panel_side == "3" ? " selected='selected'" : "").">".$locale['425']."</option>\n";

224| echo "<option value='4'".($panel_side == "4" ? " selected='selected'" : "").">".$locale['422']."</option>\n";

225| echo "</select></td>\n</tr>\n";

226| }

227| echo "<tr>\n<td class='tbl'>".$locale['458']."</td>\n";

228| echo "<td class='tbl'><select name='panel_access' class='textbox' style='width:150px;'>\n".$access_opts."</select></td>\n";

229| echo "</tr>\n<tr>\n";

230| echo "<td align='center' colspan='2' class='tbl'>\n";

231| echo "<div id='panelopts'".$panelopts."><input type='checkbox' id='panel_display' name='panel_display' value='1'".$panelon." /> ".$locale['459']."</div>\n";

232| echo "<br />\n";

233| if (isset($_GET['panel_id']) && isnum($_GET['panel_id'])) {

234| if ($panel_type == "php") {

235| echo "<input type='hidden' name='panel_filename' value='none' />\n";

236| }

237| echo "<input type='hidden' name='panel_side' value='".$panel_side."' />\n";

238| }

239| echo "<input type='submit' name='preview' value='".$locale['460']."' class='button' />\n";

240| echo "<input type='submit' name='save' value='".$locale['461']."' class='button' /></td>\n";

241| echo "</tr>\n</table>\n</form>\n";

242| closetable();

243|}

244|

245|echo "<script type='text/javascript'>

246| function showopts(panelside) {

247| var panelopts = document.getElementById('panelopts');

248| var paneldisplay = document.getElementById('panel_display');

249| if (panelside == 1 || panelside == 4) {

250| panelopts.style.display = 'none';

251| paneldisplay.checked = false;

252| } else {

253| panelopts.style.display = 'block';

254| }

255| }

256|</script>\n";

257|

258|require_once THEMES."templates/footer.php";

259|?>

260|

1|<?php

2|/*-------------------------------------------------------+

3|| PHP-Fusion Content Management System

5|| http://www.php-fusion.co.uk/

6|+--------------------------------------------------------+

7|| Filename: panel_editor.php

8|| Author: Nick Jones (Digitanium), modded by WEC

9|+--------------------------------------------------------+

10|| This program is released as free software under the

11|| Affero GPL license. You can redistribute it and/or

12|| modify it under the terms of this license which you

13|| can read by viewing the included agpl.txt or online

14|| at www.gnu.org/licenses/agpl.html. Removal of this

15|| copyright header is strictly prohibited without

16|| written permission from the original author(s).

17|+--------------------------------------------------------*/

18|require_once "../maincore.php";

19|require_once THEMES."templates/admin_header.php";

20|include LOCALE.LOCALESET."admin/panels.php";

21|

22|// Call mod locales ///

23|if (file_exists(INFUSIONS."custom-panels_control/locale/".$settings['locale'].".php")) {

24| include INFUSIONS."custom-panels_control/locale/".$settings['locale'].".php";

25|} else {

26| include INFUSIONS."custom-panels_control/locale/English.php";

27|}

28|

29|if (!checkrights("P") || !defined("iAUTH") || $_GET['aid'] != iAUTH) { redirect("../index.php"); }

30|

31|$temp = opendir(INFUSIONS);

32|while ($folder = readdir($temp)) {

33| if (!in_array($folder, array(".","..")) && strstr($folder, "_panel")) {

34| if (is_dir(INFUSIONS.$folder)) $panel_list[] = $folder;

35| }

36|}

37|closedir($temp); sort($panel_list); array_unshift($panel_list, "none");

38|

39|if (isset($_POST['save'])) {

40| $error = "";

41| $panel_name = stripinput($_POST['panel_name']);

42| $panel_url_list = stripinput($_POST['panel_url_list']); ///

43| $panel_url_list_exclude = isset($_POST['panel_url_list_exclude']) ? $_POST['panel_url_list_exclude'] : "0"; ///#

44| if ($panel_name == "") $error .= $locale['470']."<br />";

45| if ($_POST['panel_filename'] == "none") {

46| $panel_filename = "";

47| $panel_content = addslash($_POST['panel_content']);

48| $panel_type = "php";

49| } else {

50| $panel_filename = stripinput($_POST['panel_filename']);

51| $panel_content = "";

52| $panel_type = "file";

53| }

54| $admin_password = isset($_POST['admin_password']) ? $_POST['admin_password'] : "";

55| $panel_side = isnum($_POST['panel_side']) ? $_POST['panel_side'] : "1";

56| $panel_access = isnum($_POST['panel_access']) ? $_POST['panel_access'] : "0";

57| if ($panel_side == "1" || $panel_side == "4") {

58| $panel_display = "0";

59| } else {

60| $panel_display = isset($_POST['panel_display']) ? "1" : "0";

61| }

62| if (isset($_GET['panel_id']) && isnum($_GET['panel_id'])) {

63| if ($panel_name) {

64| $data = dbarray(dbquery("SELECT * FROM ".DB_PANELS." WHERE panel_id='".$_GET['panel_id']."'"));

65| if ($panel_name != $data['panel_name']) {

66| $result = dbquery("SELECT * FROM ".DB_PANELS." WHERE panel_name='$panel_name'");

67| if (dbrows($result)) { $error .= $locale['471']."<br />"; }

68| }

69| }

70| if ($panel_type == "php" && $panel_content == "") { $error .= $locale['472']."<br />"; }

71| If (($panel_side == "2" || $panel_side == "3") && $panel_display == "0" && $panel_url_list !== "") { $error .= $locale['cpac_014']."<br />"; } // 0.26 ///

72| if ((!isset($_COOKIE[COOKIE_PREFIX.'admin']) || md5($_COOKIE[COOKIE_PREFIX.'admin']) != $userdata['user_admin_password']) && md5(md5($admin_password)) != $userdata['user_admin_password']) {

73| $error .= $locale['474']."<br />";

74| }

75| if (!$error) {

76| $result = dbquery("UPDATE ".DB_PANELS." SET panel_name='$panel_name', panel_url_list='$panel_url_list', panel_url_list_exclude='$panel_url_list_exclude', panel_filename='$panel_filename', panel_content='$panel_content', panel_access='$panel_access', panel_display='$panel_display' WHERE panel_id='".$_GET['panel_id']."'"); ///

77| }

78| opentable($locale['480']);

79| echo "<div style='text-align:center'><br />\n";

80| if ($error) {

81| echo $locale['481']."<br /><br />\n".$error."<br />\n";

82| } else {

83| echo $locale['482']."<br /><br />\n";

84| }

85| echo "<a href='panels.php".$aidlink."'>".$locale['486']."</a><br /><br />\n";

86| echo "<a href='index.php".$aidlink."'>".$locale['487']."</a><br /><br />\n";

87| echo "</div>\n";

88| closetable();

89| if (!isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5(md5($admin_password)) == $userdata['user_admin_password']) {

90| setcookie(COOKIE_PREFIX."admin", md5($admin_password), time() + 3600, "/", "", "0");

91| }

92| } else {

93| if ($panel_name) {

94| $result = dbquery("SELECT * FROM ".DB_PANELS." WHERE panel_name='$panel_name'");

95| if (dbrows($result) != 0) { $error .= $locale['471']."<br />"; }

96| }

97| if ($panel_type == "php" && $panel_content == "") { $error .= $locale['472']."<br />"; }

98| if ($panel_type == "file" && $panel_filename == "none") { $error .= $locale['473']."<br />"; }

99| If (($panel_side == "2" || $panel_side == "3") && $panel_display == "0" && $panel_url_list !== "") { $error .= $locale['cpac_014']."<br />"; } // 0.26 ///

100| if ((!isset($_COOKIE[COOKIE_PREFIX.'admin']) || md5($_COOKIE[COOKIE_PREFIX.'admin']) != $userdata['user_admin_password']) && md5(md5($admin_password)) != $userdata['user_admin_password']) {

101| $error .= $locale['474']."<br />";

102| }

103| if (!$error) {

104| $result = dbquery("SELECT * FROM ".DB_PANELS." WHERE panel_side='$panel_side' ORDER BY panel_order DESC LIMIT 1");

105| if (dbrows($result) != 0) { $data = dbarray($result); $neworder = $data['panel_order'] + 1; } else { $neworder = 1; }

106| $result = dbquery("INSERT INTO ".DB_PANELS." (panel_name, panel_url_list, panel_url_list_exclude, panel_filename, panel_content, panel_side, panel_order, panel_type, panel_access, panel_display, panel_status) VALUES ('$panel_name', '$panel_url_list', '$panel_url_list_exclude', '$panel_filename', '$panel_content', '$panel_side', '$neworder', '$panel_type', '$panel_access', '$panel_display', '0')"); ///

107| }

108| opentable($locale['483']);

109| echo "<div style='text-align:center'><br />\n";

110| if ($error) {

111| echo $locale['484']."<br /><br />\n".$error."<br />\n";

112| } else {

113| echo $locale['485']."<br /><br />\n";

114| }

115| echo "<a href='panels.php".$aidlink."'>".$locale['486']."</a><br /><br />\n";

116| echo "<a href='index.php".$aidlink."'>".$locale['487']."</a><br /><br />\n";

117| echo "</div>\n";

118| closetable();

119| if (!isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5(md5($admin_password)) == $userdata['user_admin_password']) {

120| setcookie(COOKIE_PREFIX."admin", md5($admin_password), time() + 3600, "/", "", "0");

121| }

122| }

123|} else {

124| if (isset($_POST['preview'])) {

125| $panel_name = stripinput($_POST['panel_name']);

126| $panel_url_list = stripinput($_POST['panel_url_list']); ///

127| ////$panel_url_list_exclude = stripinput($_POST['panel_url_list_exclude']); /// #

128| $pos1_check = ($_POST['panel_url_list_exclude']=="1" ? " checked='checked'" : ""); ///#

129| $pos2_check = ($_POST['panel_url_list_exclude']=="0" ? " checked='checked'" : ""); ///#

130| $panel_filename = $_POST['panel_filename'];

131| $panel_content = isset($_POST['panel_content']) ? stripslash($_POST['panel_content']) : "";

132| $admin_password = isset($_POST['admin_password']) ? $_POST['admin_password'] : "";

133| $panel_side = $_POST['panel_side'];

134| $panel_access = $_POST['panel_access'];

135| $panelon = isset($_POST['panel_display']) ? " checked='checked'" : "";

136| $panelopts = $_POST['panel_side'] == "1" || $_POST['panel_side'] == "4" ? " style='display:none'" : " style='display:block'";

137| $panel_type = $panel_filename == "none" ? "php" : "file";

138| if ((isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5($_COOKIE[COOKIE_PREFIX.'admin']) == $userdata['user_admin_password']) || md5(md5($admin_password)) == $userdata['user_admin_password']) {

139| opentable($panel_name);

140| if ($panel_type == "file") {

141| @include INFUSIONS.$panel_filename."/".$panel_filename.".php";

142| } else {

143| eval($panel_content);

144| }

145| $panel_content = phpentities($panel_content);

146| closetable();

147| if (!isset($_COOKIE[COOKIE_PREFIX.'admin']) && md5(md5($admin_password)) == $userdata['user_admin_password']) {

148| setcookie(COOKIE_PREFIX."admin", md5($admin_password), time() + 3600, "/", "", "0");

149| }

150| } else {

151| echo "<div class='admin-message'>".$locale['global_182']."</div>\n";

152| $panel_content = phpentities($panel_content);

153| }

154| }

155| if ((isset($_GET['action']) && $_GET['action'] == "edit") && (isset($_GET['panel_id']) && isnum($_GET['panel_id']))) {

156| $result = dbquery("SELECT * FROM ".DB_PANELS." WHERE panel_id='".$_GET['panel_id']."'");

157| if (dbrows($result)) {

158| $data = dbarray($result);

159| $panel_name = $data['panel_name'];

160| $panel_url_list = $data['panel_url_list']; ///

161| $pos1_check = ($data['panel_url_list_exclude']=="1" ? " checked='checked'" : ""); ///#

162| $pos2_check = ($data['panel_url_list_exclude']=="0" ? " checked='checked'" : ""); ///#

163| $panel_filename = $data['panel_filename'];

164| $panel_content = phpentities(stripslashes($data['panel_content']));

165| $admin_password = "";

166| $panel_type = $data['panel_type'];

167| $panel_side = $data['panel_side'];

168| $panel_access = $data['panel_access'];

169| $panelon = $data['panel_display'] == "1" ? " checked='checked'" : "";

170| $panelopts = $panel_side == "1" || $panel_side == "4" ? " style='display:none'" : " style='display:block'";

171| } else {

172| redirect(FUSION_SELF.$aidlink);

173| }

174| }

175| if (isset($_GET['panel_id']) && isnum($_GET['panel_id'])) {

176| $action = FUSION_SELF.$aidlink."&panel_id=".$_GET['panel_id'];

177| opentable($locale['450']);

178| } else {

179| if (!isset($_POST['preview'])) {

180| $panel_name = "";

181| $panel_url_list = ""; ///

182| $pos1_check = " checked='checked'"; /// #

183| $pos2_check = ""; /// #

184| $panel_filename = "";

185| $panel_content = "openside(\"name\");\n"." echo \"content\";\n"."closeside();";

186| $admin_password = "";

187| $panel_type = "";

188| $panel_side = "";

189| $panel_access = "";

190| $panelon = "";

191| $panelopts = " style='display:none'";

192| }

193| $action = FUSION_SELF.$aidlink;

194| opentable($locale['451']);

195| }

196| $user_groups = getusergroups(); $access_opts = "";

197| while(list($key, $user_group) = each($user_groups)){

198| $sel = ($panel_access == $user_group['0'] ? " selected='selected'" : "");

199| $access_opts .= "<option value='".$user_group['0']."'$sel>".$user_group['1']."</option>\n";

200| }

201| echo "<form name='editform' method='post' action='$action'>\n";

202|

203| echo "<table cellpadding='0' cellspacing='0' class='center'>\n<tr>\n";

204| echo "<td class='tbl'>".$locale['452']."</td>\n";

205| echo "<td colspan='2' class='tbl'><input type='text' name='panel_name' value='$panel_name' class='textbox' style='width:200px;' /></td>\n";

206| echo "</tr>\n";

207|

208| // URL list, exclude or include ///

209| echo "<tr>\n";

210| echo "<td valign='top' class='tbl'>".$locale['cpac_010']."<br /><span class='small2'><i>".$locale['cpac_011']."<br />/news.php<br />/forum/index.php</i></span></td>\n";

211| echo "<td width='200' valign='top' class='tbl'><textarea name='panel_url_list' cols='50' rows='5' class='textbox' style='width:200px;'>".$panel_url_list."</textarea></td>\n";

212| echo "<td valign='top' class='tbl'><label><input type='radio' name='panel_url_list_exclude' value='1'".$pos1_check." /> ".$locale['cpac_012']."</label><br />\n";

213| echo "<label><input type='radio' name='panel_url_list_exclude' value='0'".$pos2_check." /> ".$locale['cpac_013']."</label><br />\n</td>\n";

214| echo "</tr>\n";

215|

216| if (isset($_GET['panel_id']) && isnum($_GET['panel_id'])) {

217| if ($panel_type == "file") {

218| echo "<tr>\n<td class='tbl'>".$locale['453']."</td>\n";

219| echo "<td colspan='2' class='tbl'><select name='panel_filename' class='textbox' style='width:200px;'>\n";

220| for ($i=0;$i < count($panel_list);$i++) {

221| echo "<option".($panel_filename == $panel_list[$i] ? " selected='selected'" : "").">".$panel_list[$i]."</option>\n";

222| }

223| echo "</select></td>\n</tr>\n";

224| }

225| } else {

226| echo "<tr>\n<td class='tbl'>".$locale['453']."</td>\n";

227| echo "<td colspan='2' class='tbl'><select name='panel_filename' class='textbox' style='width:200px;'>\n";

228| for ($i=0;$i < count($panel_list);$i++) {

229| echo "<option".($panel_filename == $panel_list[$i] ? " selected='selected'" : "").">".$panel_list[$i]."</option>\n";

230| }

231| echo "</select>  <span class='small2'>".$locale['454']."</span></td>\n</tr>\n";

232| }

233| if (isset($_GET['panel_id']) && isnum($_GET['panel_id'])) {

234| if ($panel_type == "php") {

235| echo "<tr>\n<td valign='top' class='tbl'>".$locale['455']."</td>\n";

236| echo "<td colspan='2' class='tbl'><textarea name='panel_content' cols='95' rows='15' class='textbox' style='width:98%'>".$panel_content."</textarea></td>\n";

237| echo "</tr>\n";

238| }

239| } else {

240| echo "<tr>\n<td valign='top' class='tbl'>".$locale['455']."</td>\n";

241| echo "<td colspan='2' class='tbl'><textarea name='panel_content' cols='95' rows='15' class='textbox' style='width:98%'>".$panel_content."</textarea></td>\n";

242| echo "</tr>\n";

243| }

244| if ((!isset($_COOKIE[COOKIE_PREFIX.'admin']) || md5($_COOKIE[COOKIE_PREFIX.'admin']) != $userdata['user_admin_password']) && md5(md5($admin_password)) != $userdata['user_admin_password']) {

245| echo "<tr>\n<td class='tbl'>".$locale['456']."</td>\n";

246| echo "<td colspan='2' class='tbl'><input type='password' name='admin_password' value='".$admin_password."' class='textbox' style='width:150px;' /></td>\n";

247| echo "</tr>\n";

248| }

249| if (!isset($_GET['panel_id']) || !isnum($_GET['panel_id'])) {

250| echo "<tr>\n<td class='tbl'>".$locale['457']."</td>\n";

251| echo "<td colspan='2' class='tbl'><select name='panel_side' class='textbox' style='width:150px;' onchange=\"showopts(this.options[this.selectedIndex].value);\">\n";

252| echo "<option value='1'".($panel_side == "1" ? " selected='selected'" : "").">".$locale['420']."</option>\n";

253| echo "<option value='2'".($panel_side == "2" ? " selected='selected'" : "").">".$locale['421']."</option>\n";

254| echo "<option value='3'".($panel_side == "3" ? " selected='selected'" : "").">".$locale['425']."</option>\n";

255| echo "<option value='4'".($panel_side == "4" ? " selected='selected'" : "").">".$locale['422']."</option>\n";

256| echo "</select></td>\n</tr>\n";

257| }

258| echo "<tr>\n<td class='tbl'>".$locale['458']."</td>\n";

259| echo "<td colspan='2' class='tbl'><select name='panel_access' class='textbox' style='width:150px;'>\n".$access_opts."</select></td>\n";

260| echo "</tr>\n<tr>\n";

261| echo "<td align='center' colspan='3' class='tbl'>\n";

262| echo "<div id='panelopts'".$panelopts."><input type='checkbox' id='panel_display' name='panel_display' value='1'".$panelon." /> ".$locale['459']."</div>\n";

263| echo "<br />\n";

264| if (isset($_GET['panel_id']) && isnum($_GET['panel_id'])) {

265| if ($panel_type == "php") {

266| echo "<input type='hidden' name='panel_filename' value='none' />\n";

267| }

268| echo "<input type='hidden' name='panel_side' value='".$panel_side."' />\n";

269| }

270| echo "<input type='submit' name='preview' value='".$locale['460']."' class='button' />\n";

271| echo "<input type='submit' name='save' value='".$locale['461']."' class='button' /></td>\n";

272| echo "</tr>\n</table>\n</form>\n";

273| closetable();

274|}

275|

276|echo "<script type='text/javascript'>

277| function showopts(panelside) {

278| var panelopts = document.getElementById('panelopts');

279| var paneldisplay = document.getElementById('panel_display');

280| if (panelside == 1 || panelside == 4) {

281| panelopts.style.display = 'none';

282| paneldisplay.checked = false;

283| } else {

284| panelopts.style.display = 'block';

285| }

286| }

287|</script>\n";

288|

289|require_once THEMES."templates/footer.php";

290|?>

291|

Legend:

Added(31+902)

Deleted(0+0)

Changed(12)

Changed words in changed(1)