本文整理匯總了PHP中misc::make_db_unsafe方法的典型用法代碼示例。如果您正苦於以下問題:PHP misc::make_db_unsafe方法的具體用法?PHP misc::make_db_unsafe怎麽用?PHP misc::make_db_unsafe使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類misc
的用法示例。
在下文中一共展示了misc::make_db_unsafe方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。
示例1: intval
function edit_post_comments()
{
global $conn, $lang, $config;
$security = login::loginCheck('can_access_blog_manager', true);
$display = '';
$blog_user_type = intval($_SESSION['blog_user_type']);
if ($security === true) {
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
//Load the Core Template
require_once $config['basepath'] . '/include/class/template/core.inc.php';
$page = new page_user();
require_once $config['basepath'] . '/include/user.inc.php';
$userclass = new user();
require_once $config['basepath'] . '/include/blog_functions.inc.php';
$blog_functions = new blog_functions();
//Load TEmplate File
$page->load_page($config['admin_template_path'] . '/blog_edit_comments.html');
// Do we need to save?
if (isset($_GET['id'])) {
$post_id = intval($_GET['id']);
//Get Blog Post Information
$blog_title = $blog_functions->get_blog_title($post_id);
$page->page = $page->parse_template_section($page->page, 'blog_title', $blog_title);
$blog_author = $blog_functions->get_blog_author($post_id);
$page->page = $page->parse_template_section($page->page, 'blog_author', $blog_author);
$blog_date_posted = $blog_functions->get_blog_date($post_id);
$page->page = $page->parse_template_section($page->page, 'blog_date_posted', $blog_date_posted);
//Handle any deletions and comment approvals before we load the comments
if (isset($_GET['caction']) && $_GET['caction'] == 'delete') {
if (isset($_GET['cid'])) {
$cid = intval($_GET['cid']);
//Do permission checks.
if ($blog_user_type < 4) {
//Throw Error
$display .= '<div class="error_message">' . $lang['blog_permission_denied'] . '</div><br />';
unset($_GET['caction']);
$display .= $this->edit_post_comments();
return $display;
}
//Delete
$sql = 'DELETE FROM ' . $config['table_prefix'] . 'blogcomments WHERE blogcomments_id = ' . $cid . ' AND blogmain_id = ' . $post_id;
//Load Record Set
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
}
}
if (isset($_GET['caction']) && $_GET['caction'] == 'approve') {
if (isset($_GET['cid'])) {
$cid = intval($_GET['cid']);
//Do permission checks.
if ($blog_user_type < 4) {
//Throw Error
$display .= '<div class="error_message">' . $lang['blog_permission_denied'] . '</div><br />';
unset($_GET['caction']);
$display .= $this->edit_post_comments();
return $display;
}
//Delete
$sql = 'UPDATE ' . $config['table_prefix'] . 'blogcomments SET blogcomments_moderated = 1 WHERE blogcomments_id = ' . $cid . ' AND blogmain_id = ' . $post_id;
//Load Record Set
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
}
}
//Ok Load the comments.
$sql = 'SELECT * FROM ' . $config['table_prefix'] . 'blogcomments WHERE blogmain_id = ' . $post_id . ' ORDER BY blogcomments_timestamp ASC';
//Load Record Set
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
//Handle Next prev
$num_rows = $recordSet->RecordCount();
if (!isset($_GET['cur_page'])) {
$_GET['cur_page'] = 0;
}
$limit_str = $_GET['cur_page'] * $config['listings_per_page'];
$recordSet = $conn->SelectLimit($sql, $config['listings_per_page'], $limit_str);
if ($recordSet === false) {
$misc->log_error($sql);
}
$blog_comment_template = '';
while (!$recordSet->EOF) {
//Load DB Values
$comment_author_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']);
$blogcomments_id = $misc->make_db_unsafe($recordSet->fields['blogcomments_id']);
$blogcomments_moderated = $misc->make_db_unsafe($recordSet->fields['blogcomments_moderated']);
$blogcomments_timestamp = $misc->make_db_unsafe($recordSet->fields['blogcomments_timestamp']);
$blogcomments_text = html_entity_decode($misc->make_db_unsafe($recordSet->fields['blogcomments_text']), ENT_NOQUOTES, $config['charset']);
//Load Template Block
$blog_comment_template .= $page->get_template_section('blog_article_comment_item_block');
//Lookup Blog Author..
$author_type = $userclass->get_user_type($comment_author_id);
if ($author_type == 'member') {
$author_display = $userclass->get_user_name($comment_author_id);
//.........這裏部分代碼省略.........
示例2: getListingEmail
public static function getListingEmail($listingID, $value_only = false)
{
// get the email address for the person who posted a listing
global $conn, $lang, $config;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
$listingID = $misc->make_db_extra_safe($listingID);
$sql = "SELECT userdb_emailaddress FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "userdb WHERE ((listingsdb_id = {$listingID}) AND (" . $config['table_prefix'] . "userdb.userdb_id = " . $config['table_prefix'] . "listingsdb.userdb_id))";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
// return the email address
while (!$recordSet->EOF) {
$listing_emailAddress = $misc->make_db_unsafe($recordSet->fields['userdb_emailaddress']);
$recordSet->MoveNext();
}
// end while
if ($value_only === true) {
$display = "{$listing_emailAddress}";
} else {
$display = "<b>{$lang['user_email']}:</b> <a href=\"mailto:{$listing_emailAddress}\">{$listing_emailAddress}</a><br />";
}
return $display;
}
示例3: display
function display()
{
global $conn, $config, $lang;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
// Make Sure we passed the PageID
$display = '';
if (!isset($_GET['PageID'])) {
$display .= "ERROR. PageID not sent";
}
$page_id = $misc->make_db_safe($_GET['PageID']);
$display .= '<div class="page_display">';
$sql = "SELECT pagesmain_full,pagesmain_id FROM " . $config['table_prefix'] . "pagesmain WHERE pagesmain_id=" . $page_id;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$full = html_entity_decode($misc->make_db_unsafe($recordSet->fields['pagesmain_full']), ENT_NOQUOTES, $config['charset']);
//$full = $misc->make_db_unsafe($recordSet->fields['pagesmain_full']);
$id = $recordSet->fields['pagesmain_id'];
if ($config["wysiwyg_execute_php"] == 1) {
ob_start();
$full = str_replace("<!--<?php", "<?php", $full);
$full = str_replace("?>-->", "?>", $full);
eval('?>' . "{$full}" . '<?php ');
$display .= ob_get_contents();
ob_end_clean();
} else {
$display .= $full;
}
// Allow Admin To Edit #
if (isset($_SESSION['editpages']) && $_SESSION['admin_privs'] == 'yes' && $config["wysiwyg_show_edit"] == 1) {
$display .= "<p> </p>";
$display .= "<a href=\"{$config['baseurl']}/admin/index.php?action=edit_page&id={$id}\">{$lang['edit_html_from_site']}</a>";
}
$display .= '</div>';
// parse page for template varibales
require_once $config['basepath'] . '/include/class/template/core.inc.php';
$template = new page_user();
$template->page = $display;
$template->replace_tags(array('templated_search_form', 'featured_listings_horizontal', 'featured_listings_vertical', 'company_name', 'link_printer_friendly'));
$display = $template->return_page();
return $display;
}
示例4: goodvtour
function goodvtour($listingID)
{
global $lang, $conn, $config, $jscript;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
$ext = 'bad';
if (isset($_GET['listingID'])) {
if ($_GET['listingID'] != "") {
$listingID = intval($listingID);
$sql = "SELECT vtourimages_file_name, vtourimages_rank FROM " . $config['table_prefix'] . "vtourimages WHERE (listingsdb_id = {$listingID}) ORDER BY vtourimages_rank";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
}
$num_images = $recordSet->RecordCount();
if ($num_images > 0) {
while (!$recordSet->EOF) {
$file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_file_name']);
$ext = substr(strrchr($file_name, '.'), 1);
$recordSet->MoveNext();
}
// end while
}
// end if ($num_images > 0)
}
if ($ext == 'jpg' || $ext == 'egg') {
return true;
} else {
return false;
}
}
示例5: misc
function verify_email()
{
global $conn, $config, $lang;
$display = '';
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
if (isset($_GET['id']) && isset($_GET['key'])) {
$userID = $misc->make_db_unsafe($_GET['id']);
$sql = 'SELECT userdb_id, userdb_user_name, userdb_user_password, userdb_emailaddress, userdb_is_agent FROM ' . $config['table_prefix'] . 'userdb WHERE userdb_id = ' . $userID;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$user_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']);
$user_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_name']);
$user_pass = $misc->make_db_unsafe($recordSet->fields['userdb_user_password']);
$emailAddress = $misc->make_db_unsafe($recordSet->fields['userdb_emailaddress']);
if (md5($user_id . ':' . $emailAddress) == $_GET['key']) {
$valid = true;
}
if ($recordSet->fields['userdb_is_agent'] == 'yes') {
$type = 'agent';
} else {
$type = 'member';
}
if ($config['moderate_' . $type . 's'] == 0) {
if ($type == 'agent') {
if ($config["agent_default_active"] == 0) {
$set_active = "no";
} else {
$set_active = "yes";
}
} else {
$set_active = "yes";
}
} else {
$set_active = "no";
}
$sql_set_active = $misc->make_db_safe($set_active);
if ($valid == true) {
if ($config['email_notification_of_new_users'] == 1) {
// if the site admin should be notified when a new user is added
$message = $_SERVER['REMOTE_ADDR'] . ' -- ' . date('F j, Y, g:i:s a') . "\r\n\r\n" . $lang['admin_new_user'] . ":\r\n" . $config['baseurl'] . '/admin/index.php?action=user_manager&edit=' . $userID . "\r\n";
$header = 'From: ' . $config['admin_name'] . ' <' . $config['admin_email'] . ">\r\n";
$header .= "X-Sender: {$config['admin_email']}\r\n";
$header .= "Return-Path: {$config['admin_email']}\r\n";
mail("{$config['admin_email']}", "{$lang['admin_new_user']}", $message, $header);
}
// end if
$verified = $misc->make_db_safe('yes');
$sql = 'UPDATE ' . $config['table_prefix'] . 'userdb SET userdb_active = ' . $sql_set_active . ', userdb_email_verified = ' . $verified . ' WHERE userdb_id = ' . $userID;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$display .= '<p class="notice">' . $lang['verify_email_thanks'] . '</p>';
if ($config['moderate_' . $type . 's'] == 1) {
// if moderation is turned on...
$display .= '<p>' . $lang['admin_new_user_moderated'] . '</p>';
} else {
//log the user in
$_SESSION['username'] = $user_name;
$_SESSION['userpassword'] = $user_pass;
login::loginCheck('Member');
$display .= '<p>' . $lang['you_may_now_view_priv'] . '</p>';
}
} else {
$display .= '<p class="notice">' . $lang['verify_email_invalid_link'] . '</div>';
}
} else {
$display .= '<p class="notice">' . $lang['verify_email_invalid_link'] . '</div>';
}
return $display;
}
示例6: misc
function create_vcard($user)
{
global $config, $conn;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
require_once $config['basepath'] . '/include/class/vcard/vcard.inc.php';
$v = new vCard();
$first = $this->get_user_first_name($user);
$last = $this->get_user_last_name($user);
$v->setName($last, $first);
$sql = 'SELECT userdb_emailaddress FROM ' . $config['lang_table_prefix'] . 'userdb WHERE userdb_id=' . $user;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$email = $recordSet->fields['userdb_emailaddress'];
$v->setEmail($email);
$sql = $sql = "SELECT userdbelements_field_name,userdbelements_field_value FROM " . $config['lang_table_prefix'] . "userdbelements WHERE userdb_id=" . $user;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
if ($recordSet->fields['userdbelements_field_name'] == $config['vcard_phone']) {
$phone = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
$v->setPhoneNumber($phone, "HOME;VOICE");
} elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_fax']) {
$fax = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
$v->setPhoneNumber($fax, "HOME;FAX");
} elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_mobile']) {
$mobile = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
$v->setPhoneNumber($mobile, "HOME;CELL");
} elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_notes']) {
$notes = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
$v->setNote($notes);
} elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_url']) {
$url = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
$v->setURL($url, "HOME");
} elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_address']) {
$address = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
} elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_city']) {
$city = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
} elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_state']) {
$state = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
} elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_zip']) {
$zip = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
} elseif ($recordSet->fields['userdbelements_field_name'] == $config['vcard_country']) {
$country = $misc->make_db_unsafe($recordSet->fields['userdbelements_field_value']);
}
$v->setAddress("", "", $address, $city, $state, $zip, $country, "HOME;POSTAL");
$recordSet->MoveNext();
}
$output = $v->getVCard();
echo $output;
$filename = $v->getFileName();
Header("Content-Disposition: attachment; filename={$filename}");
Header("Content-Length: " . strlen($output));
Header("Connection: close");
Header("Content-Type: text/x-vCard; name={$filename}");
}
示例7: misc
/**
* delete_listing()
*
* @param $id
* @param boolean $verify_user
* @return
*/
function delete_listing($id, $verify_user = true)
{
global $conn, $lang, $config;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
$display = '';
if (!is_numeric($id)) {
die($lang['data type mismatch']);
}
$sql_delete = $misc->make_db_safe($id);
// delete a listing
$configured_langs = explode(',', $config['configured_langs']);
foreach ($configured_langs as $configured_lang) {
if ($verify_user === true) {
$sql = "DELETE FROM " . $config['table_prefix_no_lang'] . $configured_lang . "_listingsdb WHERE ((listingsdb_id = {$sql_delete}) AND (userdb_id = {$_SESSION['userID']}))";
} else {
$sql = "DELETE FROM " . $config['table_prefix_no_lang'] . $configured_lang . "_listingsdb WHERE listingsdb_id = {$sql_delete}";
}
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
// delete all the elements associated with a listing
if ($verify_user === true) {
$sql = "DELETE FROM " . $config['table_prefix_no_lang'] . $configured_lang . "_listingsdbelements WHERE ((listingsdb_id = {$sql_delete}) AND (userdb_id = {$_SESSION['userID']}))";
} else {
$sql = "DELETE FROM " . $config['table_prefix_no_lang'] . $configured_lang . "_listingsdbelements WHERE listingsdb_id = {$sql_delete}";
}
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
}
// now get all the images associated with an listing
if ($verify_user === true) {
$sql = "SELECT listingsimages_file_name, listingsimages_thumb_file_name FROM " . $config['table_prefix'] . "listingsimages WHERE ((listingsdb_id = {$sql_delete}) AND (userdb_id = {$_SESSION['userID']}))";
} else {
$sql = "SELECT listingsimages_file_name, listingsimages_thumb_file_name FROM " . $config['table_prefix'] . "listingsimages WHERE listingsdb_id = {$sql_delete}";
}
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
// so, you've got 'em... it's time to unlink those bad boys...
while (!$recordSet->EOF) {
$thumb_file_name = $misc->make_db_unsafe($recordSet->fields['listingsimages_thumb_file_name']);
$file_name = $misc->make_db_unsafe($recordSet->fields['listingsimages_file_name']);
// get rid of those darned things...
@unlink("{$config['listings_upload_path']}/{$file_name}");
if ($file_name != $thumb_file_name) {
@unlink("{$config['listings_upload_path']}/{$thumb_file_name}");
}
$recordSet->MoveNext();
}
// now get all the vtours associated with an listing
if ($verify_user === true) {
$sql = "SELECT vtourimages_file_name, vtourimages_thumb_file_name FROM " . $config['table_prefix'] . "vtourimages WHERE ((listingsdb_id = {$sql_delete}) AND (userdb_id = {$_SESSION['userID']}))";
} else {
$sql = "SELECT vtourimages_file_name, vtourimages_thumb_file_name FROM " . $config['table_prefix'] . "vtourimages WHERE listingsdb_id = {$sql_delete}";
}
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
// so, you've got 'em... it's time to unlink those bad boys...
while (!$recordSet->EOF) {
$thumb_file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_thumb_file_name']);
$file_name = $misc->make_db_unsafe($recordSet->fields['vtourimages_file_name']);
// get rid of those darned things...
@unlink("{$config['vtour_upload_path']}/{$file_name}");
if ($file_name != $thumb_file_name) {
@unlink("{$config['vtour_upload_path']}/{$thumb_file_name}");
}
$recordSet->MoveNext();
}
// for the grand finale, we're going to remove the db records of 'em as well...
foreach ($configured_langs as $configured_lang) {
if ($verify_user === true) {
$sql = "DELETE FROM " . $config['table_prefix_no_lang'] . $configured_lang . "_listingsimages WHERE listingsdb_id = {$sql_delete} AND userdb_id = {$_SESSION['userID']}";
} else {
$sql = "DELETE FROM " . $config['table_prefix_no_lang'] . $configured_lang . "_listingsimages WHERE listingsdb_id = {$sql_delete}";
}
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
if ($verify_user === true) {
$sql = "DELETE FROM " . $config['table_prefix_no_lang'] . $configured_lang . "_vtourimages WHERE listingsdb_id = {$sql_delete} AND userdb_id = {$_SESSION['userID']}";
} else {
$sql = "DELETE FROM " . $config['table_prefix_no_lang'] . $configured_lang . "_vtourimages WHERE listingsdb_id = {$sql_delete}";
}
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
//.........這裏部分代碼省略.........
示例8: misc
function create_download($ID, $file_id, $type)
{
global $config, $conn;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
$folderid = $ID;
$ID = $misc->make_db_extra_safe($ID);
$fileID = $misc->make_db_extra_safe($file_id);
if ($type == 'listing') {
$file_upload_path = $config['listings_file_upload_path'];
$file_view_path = $config['listings_view_file_path'];
$sqltype = 'listings';
} else {
$file_upload_path = $config['users_file_upload_path'];
$file_view_path = $config['users_view_file_path'];
$sqltype = 'user';
}
$sql = "SELECT DISTINCT " . $type . "sfiles_file_name FROM " . $config['table_prefix'] . "" . $type . "sfiles WHERE (" . $sqltype . "db_id = {$ID}) AND (" . $type . "sfiles_id = " . $fileID . ") ORDER BY " . $type . "sfiles_rank";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$file_filename = $misc->make_db_unsafe($recordSet->fields[$type . 'sfiles_file_name']);
$recordSet->MoveNext();
}
$fullPath = $file_upload_path . '/' . $folderid . '/' . $file_filename;
if ($fd = fopen($fullPath, "r")) {
$fsize = filesize($fullPath);
$path_parts = pathinfo($fullPath);
header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename=\"" . $path_parts["basename"] . "\"");
header("Content-length: {$fsize}");
header("Cache-control: private");
//use this to open files directly
while (!feof($fd)) {
$buffer = fread($fd, 2048);
echo $buffer;
}
}
fclose($fd);
}
示例9: misc
function get_blog_keywords($blog_id)
{
global $conn, $config;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
if (isset($_GET['PageID'])) {
$blog_id = $misc->make_db_safe($blog_id);
$sql = "SELECT blogmain_keywords FROM " . $config['table_prefix'] . "blogmain WHERE blogmain_id=" . $blog_id;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$keywords = $misc->make_db_unsafe($recordSet->fields['blogmain_keywords']);
return $keywords;
} else {
return '';
}
}
示例10: displayListingDetails
function displayListingDetails($sql)
{
// $page = new page_user();
// $page->replace_listing_field_tags($_GET['listingID']);
global $conn, $config, $rs_listingDetails;
$misc = new misc();
$rs = $conn->Execute($sql);
if (!empty($rs)) {
$listing_id = $misc->make_db_unsafe($rs->fields['listingsdb_id']);
$listing_title = $misc->make_db_unsafe($rs->fields['listingsdb_title']);
//var_dump($listing_id);
$sql_getListingDetail = "SELECT listingsdb_title, listingsdbelements_field_name, listingsdbelements_field_value FROM " . $config['table_prefix'] . "listingsdb, " . $config['table_prefix'] . "listingsdbelements WHERE " . $config['table_prefix'] . "listingsdbelements.listingsdb_id = " . $listing_id;
$rs_listingDetails = $conn->Execute($sql_getListingDetail);
//var_dump($rs_listingDetails);
while (!$rs_listingDetails->EOF) {
$listing_fieldname = $misc->make_db_unsafe($rs_listingDetails->fields['listingsdbelements_field_name']);
switch ($listing_fieldname) {
case "address":
$listing_address = $misc->make_db_unsafe($rs_listingDetails->fields['listingsdbelements_field_value']);
break;
case "city":
$listing_city = $misc->make_db_unsafe($rs_listingDetails->fields['listingsdbelements_field_value']);
break;
case "state":
$listing_state = $misc->make_db_unsafe($rs_listingDetails->fields['listingsdbelements_field_value']);
break;
case "full_desc":
$listing_fulldesc = $misc->make_db_unsafe($rs_listingDetails->fields['listingsdbelements_field_value']);
break;
// case "city":
// $listing_city = $misc->make_db_unsafe ($rs->fields['listingsdbelements_feild_value']);
// break;
// case "state":
// $listing_state = $misc->make_db_unsafe ($rs->fields['listingsdbelements_feild_value']);
// break;
// case "city":
// $listing_city = $misc->make_db_unsafe ($rs->fields['listingsdbelements_feild_value']);
// break;
// case "state":
// $listing_state = $misc->make_db_unsafe ($rs->fields['listingsdbelements_feild_value']);
// break;
default:
$listing_value = $misc->make_db_unsafe($rs_listingDetails->fields['listingsdbelements_field_value']);
}
$rs_listingDetails->MoveNext();
}
}
?>
<tr>
<td bgcolor="#EEEEEE"><a href="/moblisting.php?action=listingview&listingID=<?php
echo $listing_id;
?>
"><img src="<?php
echo $listing_image;
?>
" width="320" /><br />
<strong><?php
echo $listing_title;
?>
</strong> </a>
<p><?php
echo $listing_fulldesc;
?>
</p>
<strong> $<?php
echo $listing_address;
?>
</strong>
<strong> $<?php
echo $listing_city;
?>
</strong>
<strong> $<?php
echo $listing_state;
?>
</strong>
</td>
</tr>
<?php
// <td colspan="2" align="left" valign="top"><strong>Address</strong>: 34 High St<br>
// <strong>City</strong>: Berwick<br>
// <strong>State</strong>: VIC<br>
// <strong>Postcode</strong>: 3806<br>
// <strong>Country</strong>: Australia<br>
// <strong>Parking Spaces</strong>: 2<br>
// <strong>Asking Price</strong>: $165,000<br>
// <strong>Asset Value</strong>: $75,000<br>
// <strong>Year Founded</strong>: 2000<br>
// <strong>Annual Net Profit</strong>: $60,000<br>
// <strong>Annual Business Turnover</strong>: $450,000<br>
// <strong>Status</strong>: Active<br></td>
// </tr>
//
// $sql_getdescription = "select listingsdbelements_field_value as fulldesc from default_en_listingsdbelements where listingsdbelements_field_name = 'full_desc' and listingsdb_id = " . $listing_id . " limit 1";
// $rs_desc = $conn->Execute($sql_getdescription);
//.........這裏部分代碼省略.........
示例11: renderNotifyListings
function renderNotifyListings($listingIDArray, $search_title, $user_name, $email)
{
global $conn, $lang, $config, $db_type, $current_ID;
//Load the Core Template class and the Misc Class
require_once $config['basepath'] . '/include/class/template/core.inc.php';
$page = new page_user();
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
require_once $config['basepath'] . '/include/listing.inc.php';
$listingclass = new listing_pages();
//Declare an empty display variable to hold all output from function.
$display = '';
//If We have a $current_ID save it
$old_current_ID = '';
if ($current_ID != '') {
$old_current_ID = $current_ID;
}
//Load the Notify Listing Template specified in the Site Config
$page->load_page($config['template_path'] . '/' . $config['notify_listings_template']);
// Determine if the template uses rows.
// First item in array is the row conent second item is the number of block per block row
$notify_template_row = $page->get_template_section_row('notify_listing_block_row');
if (is_array($notify_template_row)) {
$row = $notify_template_row[0];
$col_count = $notify_template_row[1];
$user_rows = true;
$x = 1;
//Create an empty array to hold the row conents
$new_row_data = array();
} else {
$user_rows = false;
}
$notify_template_section = '';
foreach ($listingIDArray as $current_ID) {
if ($user_rows == true && $x > $col_count) {
//We are at then end of a row. Save the template section as a new row.
$new_row_data[] = $page->replace_template_section('notify_listing_block', $notify_template_section, $row);
//$new_row_data[] = $notify_template_section;
$notify_template_section = $page->get_template_section('notify_listing_block');
$x = 1;
} else {
$notify_template_section .= $page->get_template_section('notify_listing_block');
}
$listing_title = $listingclass->get_title($current_ID);
if ($config['url_style'] == '1') {
$notify_url = $config['baseurl'] . '/index.php?action=listingview&listingID=' . $current_ID;
// #####
} else {
$url_title = str_replace("/", "", $listing_title);
$url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
$notify_url = $config['baseurl'] . '/listing-' . misc::urlencode_to_sef($url_title) . '-' . $current_ID . '.html';
// #####
}
$notify_template_section = $page->replace_listing_field_tags($current_ID, $notify_template_section);
$notify_template_section = $page->replace_listing_field_tags($current_ID, $notify_template_section);
$notify_template_section = $page->parse_template_section($notify_template_section, 'notify_url', $notify_url);
$notify_template_section = $page->parse_template_section($notify_template_section, 'listingid', $current_ID);
// Setup Image Tags
$sql2 = "SELECT listingsimages_thumb_file_name,listingsimages_file_name\n\t\t\t\t\tFROM " . $config['table_prefix'] . "listingsimages\n\t\t\t\t\tWHERE (listingsdb_id = {$current_ID})\n\t\t\t\t\tORDER BY listingsimages_rank";
$recordSet2 = $conn->SelectLimit($sql2, 1, 0);
if ($recordSet2 === false) {
$misc->log_error($sql2);
}
if ($recordSet2->RecordCount() > 0) {
$thumb_file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_thumb_file_name']);
$file_name = $misc->make_db_unsafe($recordSet2->fields['listingsimages_file_name']);
if ($thumb_file_name != "" && file_exists("{$config['listings_upload_path']}/{$thumb_file_name}")) {
// gotta grab the thumbnail image size
$imagedata = GetImageSize("{$config['listings_upload_path']}/{$thumb_file_name}");
$imagewidth = $imagedata[0];
$imageheight = $imagedata[1];
$shrinkage = $config['thumbnail_width'] / $imagewidth;
$notify_thumb_width = $imagewidth * $shrinkage;
$notify_thumb_height = $imageheight * $shrinkage;
$notify_thumb_src = $config['listings_view_images_path'] . '/' . $thumb_file_name;
// gotta grab the thumbnail image size
$imagedata = GetImageSize("{$config['listings_upload_path']}/{$file_name}");
$imagewidth = $imagedata[0];
$imageheight = $imagedata[1];
$notify_width = $imagewidth;
$notify_height = $imageheight;
$notify_src = $config['listings_view_images_path'] . '/' . $file_name;
}
} else {
if ($config['show_no_photo'] == 1) {
$imagedata = GetImageSize($config['basepath'] . "/images/nophoto.gif");
$imagewidth = $imagedata[0];
$imageheight = $imagedata[1];
$shrinkage = $config['thumbnail_width'] / $imagewidth;
$notify_thumb_width = $imagewidth * $shrinkage;
$notify_thumb_height = $imageheight * $shrinkage;
$notify_thumb_src = $config['baseurl'] . '/images/nophoto.gif';
$notify_width = $notify_thumb_width;
$notify_height = $notify_thumb_height;
$notify_src = $config['baseurl'] . '/images/nophoto.gif';
} else {
$notify_thumb_width = '';
$notify_thumb_height = '';
$notify_thumb_src = '';
$notify_width = '';
//.........這裏部分代碼省略.........
示例12: misc
/**
* maps::create_map_link()
* This is the function to call to show a map link. It should be called from the listing detail page, or any page where $_GET['listingID'] is set.
* This function then calls the appropriate make_mapname function as specified in the configuration.
*
* @see maps::make_mapquest()
* @see maps::make_yahoo_us()
* @return string Return the URL for the map as long as the required fields are filled out, if not it returns a empty string.
*/
function create_map_link($url_only = 'no')
{
global $conn, $config;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
// Map Type
// Get Address, City, State, Zip
// Create Blank Variables
$display = '';
$address = '';
$city = '';
$state = '';
$zip = '';
// Get Listing ID
$sql_listingID = $misc->make_db_safe($_GET['listingID']);
$listing_title = urlencode(listing_pages::get_title($_GET['listingID']));
// get address
$sql_address_field = $misc->make_db_safe($config['map_address']);
$sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_address_field}))";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$address = urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
$recordSet->MoveNext();
}
// end while
// Add address fields 2 & 3
$sql_address_field = $misc->make_db_safe($config['map_address2']);
$sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_address_field}))";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$address .= ' ' . urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
$recordSet->MoveNext();
}
// end while
$sql_address_field = $misc->make_db_safe($config['map_address3']);
$sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_address_field}))";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$address .= ' ' . urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
$recordSet->MoveNext();
}
// end while
$sql_address_field = $misc->make_db_safe($config['map_address4']);
$sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_address_field}))";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$address .= ' ' . urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
$recordSet->MoveNext();
}
// end while
// get city
$sql_city_field = $misc->make_db_safe($config['map_city']);
$sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_city_field}))";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$city = urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
$recordSet->MoveNext();
}
// end while
// get state
$sql_state_field = $misc->make_db_safe($config['map_state']);
$sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_state_field}))";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
while (!$recordSet->EOF) {
$state = urlencode($misc->make_db_unsafe($recordSet->fields['listingsdbelements_field_value']));
$recordSet->MoveNext();
}
// end while
// get zip
$sql_zip_field = $misc->make_db_safe($config['map_zip']);
$sql = "SELECT listingsdbelements_field_value, listingsformelements_field_type, listingsformelements_field_caption FROM " . $config['table_prefix'] . "listingsdbelements, " . $config['table_prefix'] . "listingsformelements WHERE ((" . $config['table_prefix'] . "listingsdbelements.listingsdb_id = {$sql_listingID}) AND (listingsformelements_field_name = listingsdbelements_field_name) AND (listingsdbelements_field_name = {$sql_zip_field}))";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
//.........這裏部分代碼省略.........
示例13: misc
function show_users($filter = '', $lookup_field = '', $lookup_value = '')
{
global $conn, $config, $lang;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
// Verify User is an Admin
$security = login::loginCheck('edit_all_users', true);
$display = '';
$filter_sql = '';
if ($filter == 'agents') {
$filter_sql = " WHERE userdb_is_agent = 'yes'";
} elseif ($filter == 'members') {
$filter_sql = " WHERE userdb_is_agent = 'no' AND userdb_is_admin = 'no'";
} elseif ($filter == 'admins') {
$filter_sql = " WHERE userdb_is_admin = 'yes'";
}
if ($security === true) {
$sql = "SELECT * FROM " . $config['table_prefix'] . "userdb {$filter_sql} ORDER BY userdb_id ";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$num_rows = $recordSet->RecordCount();
if (!isset($_GET['cur_page'])) {
$_GET['cur_page'] = 0;
}
$display .= '<center>' . $misc->next_prev($num_rows, intval($_GET['cur_page'])) . '</center>';
// put in the next/previous stuff
// build the string to select a certain number of users per page
$limit_str = intval($_GET['cur_page']) * $config['listings_per_page'];
$recordSet = $conn->SelectLimit($sql, $config['listings_per_page'], $limit_str);
if ($recordSet === false) {
$misc->log_error($sql);
}
$count = 0;
// $display .= "<br /><br />";
while (!$recordSet->EOF) {
// alternate the colors
if ($count == 0) {
$count = $count + 1;
} else {
$count = 0;
}
// strip slashes so input appears correctly
$edit_ID = $recordSet->fields['userdb_id'];
$edit_user_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_name']);
$edit_user_first_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_first_name']);
$edit_user_last_name = $misc->make_db_unsafe($recordSet->fields['userdb_user_last_name']);
$edit_emailAddress = $misc->make_db_unsafe($recordSet->fields['userdb_emailaddress']);
$edit_active = $recordSet->fields['userdb_active'];
$edit_isAgent = $recordSet->fields['userdb_is_agent'];
$edit_isAdmin = $recordSet->fields['userdb_is_admin'];
$edit_canEditSiteConfig = $recordSet->fields['userdb_can_edit_site_config'];
$edit_canEditMemberTemplate = $recordSet->fields['userdb_can_edit_member_template'];
$edit_canEditAgentTemplate = $recordSet->fields['userdb_can_edit_agent_template'];
$edit_canEditListingTemplate = $recordSet->fields['userdb_can_edit_listing_template'];
$edit_canFeatureListings = $recordSet->fields['userdb_can_feature_listings'];
$edit_canViewLogs = $recordSet->fields['userdb_can_view_logs'];
$edit_canModerate = $recordSet->fields['userdb_can_moderate'];
$edit_can_have_vtours = $recordSet->fields['userdb_can_have_vtours'];
$edit_can_edit_expiration = $recordSet->fields['userdb_can_edit_expiration'];
$edit_can_export_listings = $recordSet->fields['userdb_can_export_listings'];
$edit_canEditAllListings = $recordSet->fields['userdb_can_edit_all_listings'];
$edit_canEditAllUsers = $recordSet->fields['userdb_can_edit_all_users'];
$edit_canEditPropertyClasses = $recordSet->fields['userdb_can_edit_property_classes'];
// Determine user type
if ($edit_isAgent == 'yes') {
$user_type = $lang['user_manager_agent'];
} elseif ($edit_isAdmin == 'yes') {
$user_type = $lang['user_manager_admin'];
} else {
$user_type = $lang['user_manager_member'];
}
// Layout Start
$display .= '<table width="600" border="0" align="center" cellpadding="0" cellspacing="0">';
// $display .= '<tbody style="border-width:thin;border-style:solid;border-color:#FFFFFF;">';
$display .= '<tr bgcolor="#330099">';
$display .= '<td width="510" colspan="2" style="padding-left:2px">';
$display .= '<span style="color:#FFFFFF;font-weight:bold;">' . $edit_user_first_name . ' ' . $edit_user_last_name . ' (' . $edit_ID . '): ' . $edit_emailAddress . '</span>';
$display .= '</td>';
$display .= '<td width="90" align="right">';
$display .= '<a href="index.php?action=user_manager&edit=' . $edit_ID . '"><img src="images/' . $config['lang'] . '/user_manager_edit.jpg" alt="' . $lang['user_manager_edit_user'] . '" width="16" height="16"></a>';
$display .= '<img src="images/blank.gif" alt=" " width="16" height="16">';
$display .= '<a href="index.php?action=user_manager&delete=' . $edit_ID . '" onclick="return confirmDelete(\'' . $lang['delete_user'] . '\')"><img src="images/' . $config['lang'] . '/user_manager_delete.jpg" alt="' . $lang['user_manager_delete_user'] . '" width="16" height="16"></a>';
$display .= '</td>';
$display .= '</tr>';
$display .= '<tr>';
$display .= '<td colspan="2"><strong>' . $lang['user_manager_user_name'] . ': ' . $edit_user_name . '</strong></td>';
$display .= '<td></td>';
$display .= '</tr>';
$display .= '<tr>';
$display .= '<td colspan="2"><strong>' . $lang['user_manager_account_type'] . ': ' . $user_type . '</strong></td>';
$display .= '<td></td>';
$display .= '</tr>';
$display .= '<tr>';
$display .= '<td colspan="2"><strong>' . $lang['user_manager_active'] . ': ' . $edit_active . '</strong></td>';
$display .= '<td></td>';
$display .= '</tr>';
if ($edit_isAgent == 'yes') {
$display .= '<tr>';
//.........這裏部分代碼省略.........
示例14: generate_admin_config_page
/**
* generate_admin_config_page()
* This generates the html form for configuring the googlemap addon via the admin page.
* @return The html form for configuring the googlemap addon
*/
function generate_admin_config_page()
{
global $conn, $lang, $config;
$security = login::loginCheck('Admin', true);
$display = '';
if ($security === true) {
$api_version[1] = 1;
$api_version[2] = 2;
$map_type[1] = 'NORMAL_MAP';
$map_type[2] = 'SATELLITE_MAP';
$map_type[3] = 'HYBRID_MAP';
$map_control[1] = 'none';
$map_control[2] = 'LargeMapControl';
$map_control[3] = 'SmallMapControl';
$map_control[4] = 'SmallZoomControl';
$map_anchor[1] = 'TOP_LEFT';
$map_anchor[2] = 'TOP_RIGHT';
$map_anchor[3] = 'BOTTOM_LEFT';
$map_anchor[4] = 'BOTTOM_RIGHT';
$type_control[1] = 'none';
$type_control[2] = 'MapTypeControl';
$scale_control[1] = 'none';
$scale_control[2] = 'ScaleControl';
$overview_control[1] = 'none';
$overview_control[2] = 'OverviewMapControl';
// Open Connection to the Control Panel Table
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
// Include the Form Generation Class
include_once $config['basepath'] . '/include/class/form_generation.inc.php';
$formGen = new formGeneration();
// Default Options
$yes_no[0] = 'No';
$yes_no[1] = 'Yes';
$asc_desc['ASC'] = 'ASC';
$asc_desc['DESC'] = 'DESC';
// Save any Post Data
if (isset($_POST['api_version'])) {
// Update addon table
$sql = 'UPDATE ' . $config['table_prefix_no_lang'] . 'addon_googlemap SET ';
$sql_part = '';
foreach ($_POST as $field => $value) {
if (is_array($value)) {
$value2 = '';
foreach ($value as $f) {
if ($value2 == '') {
$value2 = "{$f}";
} else {
$value2 .= ",{$f}";
}
}
$value2 = $misc->make_db_safe($value2);
if ($sql_part == '') {
$sql_part = "{$field} = {$value2}";
} else {
$sql_part .= " , {$field} = {$value2}";
}
} else {
$value = $misc->make_db_safe($value);
if ($sql_part == '') {
$sql_part = "{$field} = {$value}";
} else {
$sql_part .= " , {$field} = {$value}";
}
}
}
$sql .= $sql_part;
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
$display .= '<br><b>' . $lang['configuration_saved'] . '</b><br>';
}
$sql = 'SELECT * from ' . $config["table_prefix_no_lang"] . 'addon_googlemap';
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
$display .= '<h2>Google Maps Addon Configuration. </h2><br /><br />';
$display .= $formGen->startform('index.php?&action=addon_googlemap_configure');
// Start Map Options Section
$display .= '<fieldset>';
$display .= '<legend><b>Map Options</b></legend>';
$display .= '<table cellspacing="0" cellpadding="3" width="99%" border="0">';
$display .= '<tr class=tdshade2>';
$display .= '<td width="130"><strong>API Version</strong></td>';
$display .= '<td>' . $formGen->createformitem('select', 'api_version', $misc->make_db_unsafe($recordSet->fields['api_version']), false, 35, '', '', '', '', $api_version, $misc->make_db_unsafe($recordSet->fields['api_version'])) . '</td>';
$display .= '<td>Version of the Google Maps API to use.</td>';
$display .= '</tr>';
$display .= '<tr class=tdshade1>';
$display .= '<td><strong>API Key</strong></td>';
$display .= '<td>' . $formGen->createformitem('text', 'api_key', $misc->make_db_unsafe($recordSet->fields['api_key']), false, 35, '', '', '', '', $yes_no, $misc->make_db_unsafe($recordSet->fields['api_key'])) . '</td>';
$display .= '<td>Google API Key for your site (required).</td>';
$display .= '</tr>';
$display .= '<tr class=tdshade2>';
//.........這裏部分代碼省略.........
示例15: misc
function add_page()
{
global $conn, $lang, $config;
$security = login::loginCheck('editpages', true);
$display = '';
if ($security === true) {
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
// Do we need to save?
if (isset($_POST['edit'])) {
// Save page now
$save_full = $_POST['ta'];
$save_title = $misc->make_db_safe($_POST['title']);
$save_description = $misc->make_db_safe($_POST['description']);
$save_keywords = $misc->make_db_safe($_POST['keywords']);
// $save_full_xhtml = urldecode($save_full);
// $save_full_xhtml = $this->html2xhtml($save_full_xhtml);
$save_full_xhtml = $misc->make_db_safe(editor::htmlEncodeText($save_full), TRUE);
$sql = "INSERT INTO " . $config['table_prefix'] . "pagesmain (pagesmain_full,pagesmain_title,pagesmain_date,pagesmain_summary,pagesmain_no_visitors,pagesmain_complete,pagesmain_description,pagesmain_keywords) VALUES ({$save_full_xhtml},{$save_title}," . $conn->DBDate(time()) . ",'',0,1,{$save_description},{$save_keywords})";
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
$display .= "<center><b>{$lang['page_saved']}</b></center><br />";
$display .= $this->page_list();
$display .= '<form action="index.php?action=edit_page" method="post" id="edit" name="edit">';
$html = '';
$sql = "SELECT pagesmain_full, pagesmain_title, pagesmain_complete, pagesmain_id, pagesmain_description, pagesmain_keywords FROM " . $config['table_prefix'] . "pagesmain WHERE pagesmain_title = " . $save_title;
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
// Save PageID to Session for Image Upload Plugin
$_SESSION['PageID'] = $recordSet->fields['pagesmain_id'];
// Pull the page from the database
$display .= "<input type=\"hidden\" name=\"edit\" value=\"yes\" />";
$display .= "<input type=\"hidden\" name=\"PageID\" value=\"" . $_SESSION['PageID'] . "\" />";
$html = $misc->make_db_unsafe($recordSet->fields['pagesmain_full']);
$title = $misc->make_db_unsafe($recordSet->fields['pagesmain_title']);
$description = $misc->make_db_unsafe($recordSet->fields['pagesmain_description']);
$keywords = $misc->make_db_unsafe($recordSet->fields['pagesmain_keywords']);
// $complete = $misc->make_db_unsafe($recordSet->fields['pagesmain_complete']);
$display .= $lang['title'] . ' <input type="text" name="title" value="' . $title . '" /><br /><br />';
$display .= $lang['page_meta_description'] . ' <input type="text" size="50" name="description" value="' . $description . '" /><br /><br />';
$display .= $lang['page_meta_keywords'] . ' <input type="text" size="50" name="keywords" value="' . $keywords . '" /><br /><br />';
$display .= '<textarea name="ta" id="ta" style="height: 350px; width: 100%;">' . $html . '</textarea>';
$display .= '<input type="submit" name="ok" value="' . $lang['submit'] . '" style="margin-top:3px;"/>';
$display .= '</form>';
if ($_SESSION['PageID'] != '') {
$display .= '<form action="index.php?action=edit_page" method="post" id="delete" style="margin-top:3px;">';
$display .= '<input type="hidden" name="delete" value="yes" />';
$display .= '<input type="hidden" name="PageID" value="' . $_SESSION['PageID'] . '" />';
$display .= '<input type="submit" name="ok" value="' . $lang['delete_page'] . '" />';
$display .= '</form>';
}
} else {
$display .= $this->page_list();
$display .= '<form action="index.php?action=add_page" method="post" id="edit" name="edit">';
$display .= "<input type=\"hidden\" name=\"edit\" value=\"yes\" />";
$display .= $lang['title'] . ' <input type="text" name="title" value="" /><br /><br />';
$display .= $lang['page_meta_description'] . ' <input type="text" size="50" name="description" value="" /><br /><br />';
$display .= $lang['page_meta_keywords'] . ' <input type="text" size="50" name="keywords" value="" /><br /><br />';
$display .= '<textarea name="ta" id="ta" style="height: 30em; width: 100%;"></textarea>';
$display .= '<input type="submit" name="ok" value="' . $lang['submit'] . '" style="margin-top:3px;" />';
$display .= '</form>';
}
} else {
$display .= '<div class="error_text">' . $lang['access_denied'] . '</div>';
}
return $display;
}