Файл: Kagao-v3.0/upload/classes/controller.php
Строк: 180
<?php
//namespace kogaopackage;
//use kogaopackageInit as Init;
class Install extends Init
{
private static $install_file = 'install.php';
public static function check(){
if( file_exists( self::$install_file ) ){
self::location( self::$install_file );
die;
}
}
}
class Controller extends Init
{
public static function isMobile(){
if( self::issetGet('desktop') ){
self::deleteSession('mobile');
}
if( self::issetGet('mobile') ){
if( self::$module['modul_mobile'] ){
self::setSession( 'mobile', 'on' );
self::location('index.php');
die;
}
}
}
/*
* Insert/Update/Delete Controller
*/
public static function go( $arg = NULL ){
$switch = self::_GET('request');
switch( $switch ){
case 'createpage':
if($_SESSION['login'] != 1100){
self::location('../../login');
die;
}else{
self::db()->query('INSERT INTO pages SET name = "'.self::_GET('name').'"');
self::location('../../admin.php?sk=pages');
die;
}
break;
case 'deletepage':
if($_SESSION['login'] != 1100){
self::location('../../login');
die;
}else{
self::db()->query('DELETE FROM pages WHERE id = "'.self::_GET('id').'"');
self::location('../../admin.php?sk=pages');
die;
}
break;
case 'editpage':
if($_SESSION['login'] != 1100){
self::location('../../login');
die;
}else{
self::db()->query('UPDATE pages SET html = "'.htmlspecialchars($_POST['html']).'" WHERE id = "'.$_POST['id'].'"');
self::location('../../admin.php?sk=pages');
die;
}
break;
case 'createbanner':
if($_SESSION['login'] != 1100){
self::location('../../login');
die;
}else{
$bild = $_FILES['file']['name'];
move_uploaded_file($_FILES['file']['tmp_name'], "tpl/upload/banner/" . $_FILES['file']['name']);
self::db()->query('INSERT INTO werbung SET
art = "'.$_POST['format'].'",
bannercode = "'.base64_encode($_POST['code']).'",
banner = "'.$_FILES['file']['name'].'",
link = "'.$_POST['link'].'",
namen = "'.$_POST['name'].'",
endon = "'.$_POST['end'].'"
');
self::location('../../admin.php?sk=ads');
die;
}
break;
case 'deleteallads':
if($_SESSION['login'] == 1100){
self::db()->query('DELETE FROM produkte WHERE uid = "'.intval(self::_GET('id')).'"');
self::location('../../../../admin.php?sk=mitglieder');
}else{
self::location('../../../../index.php?_=error');
}
die;
break;
case 'deletemember':
if( $_SESSION['login'] == 1100 ){
self::db()->query('DELETE FROM produkte WHERE uid = "'.intval(self::_GET('id')).'"');
self::db()->query('DELETE FROM user WHERE id = "'.intval(self::_GET('id')).'"');
self::location('../../admin.php?sk=mitglieder');
die;
}
break;
case 'setcookie':
$_SESSION['cookie_true'] = true;
self::location('../../index.php?cookie');
die;
break;
case 'deletead':
if($_SESSION['login'] != 1100){
self::location('../../login');
die;
}else{
self::db()->query('DELETE FROM werbung WHERE id = "'.self::_GET('id').'"');
self::location('../../admin.php?sk=ads');
die;
}
break;
}
}
/*
* Verfiy Email
*/
public static function isVerifyEmailAdress( $arg = NULL ){
if( $_GET['request'] == 'emailverify' ){
$code = self::_GET('code');
if( empty( $code ) ){
self::location('../../error');
}else{
self::db()->query('UPDATE user SET vcode = "0" WHERE id = "'.intval($code).'"');
self::location('../../login?reg=ok');
}
}
}
/*
* Cronjobs
*/
public static function utf8( $arg = NULL ){
$arg = str_replace('ä', 'ä', $arg);
$arg = str_replace('ö', 'ö', $arg);
$arg = str_replace('ü', 'ü', $arg);
return $arg;
}
public static function pushUTF8( $arg = NULL ){
$get = self::db()->query('
SELECT id, name
FROM kategorie_under
');
while( $row = $get->fetch( PDO::FETCH_ASSOC ) ){
self::db()->query('UPDATE kategorie_under SET name = "'.self::utf8( $row['name'] ).'" WHERE id = "'.$row['id'].'"');
}
}
public static function pushLocationInfo( $arg = NULL ){
$get = self::db()->query('
SELECT produkte.id, geo.geo_ort
FROM produkte
LEFT JOIN geo
ON produkte.postleitzahl = geo.geo_plz
WHERE produkte.stadt = ""
');
$get->execute();
while( $row = $get->fetch( PDO::FETCH_ASSOC ) ){
self::db()->query('UPDATE produkte SET stadt = "'.$row['geo_ort'].'" WHERE id = "'.$row['id'].'"');
}
$get->closeCursor();
}
public static function pushAdProducts( $arg = NULL ){
self::db()->query('UPDATE produkte SET ad_galerie = "", ad_galerie_time = "" WHERE ad_galerie = "'.date('d.m.Y').'"');
self::db()->query('UPDATE produkte SET ad_highlight = "", ad_highlight_time = "" WHERE ad_highlight = "'.date('d.m.Y').'"');
self::db()->query('UPDATE produkte SET ad_hochschieben = "", ad_hochschieben_time = "" WHERE ad_hochschieben = "'.date('d.m.Y').'"');
}
/*
* Watchlist
*/
public static function delWatchList( $arg = NULL ){
if( self::issetGet('watchlistdel') ){
if( self::isSession('login') ){
if( !empty( $_GET['aid'] ) ){
$id = self::_GET('id');
$aid = self::_GET('aid');
self::db()->query('DELETE FROM merkliste WHERE pid = "'.intval($aid).'" AND uid = "'.self::getSession('login').'"');
self::db()->query('UPDATE produkte SET beobachter = beobachter-1 WHERE id = "'.intval($aid).'"');
self::location('itm' . self::_GET('aid'));
die;
}else{
self::location('mainmeineanzeigen');
die;
}
}else{
self::location('mainmeineanzeigen');
die;
}
}
}
public static function setWatchList( $arg = NULL ){
if( self::issetGet('addlike') ){
if( self::isSession('login') ){
if( !empty( $_GET['id'] ) ){
$id = self::_GET('id');
$lng = self::_GET('lng');
$lat = self::_GET('lat');
#->addWatchlist
$getisWatch = self::db()->query('
SELECT id
FROM merkliste
WHERE uid = "'.self::getSession('login').'" AND pid = "'.intval( $id ).'"
');
$getisWatch->execute();
$row = $getisWatch->fetch( PDO::FETCH_ASSOC );
$getisWatch->closeCursor();
if( empty( $row['id'] ) ){
self::db()->query('INSERT INTO merkliste SET
uid = "'.self::getSession('login').'",
pid = "'.intval($id).'",
lng = "'.$lng.'",
lat = "'.$lat.'",
datum = "'.time().'",
ipadress= "'.$_SERVER['REMOTE_ADDR'].'"
');
self::db()->query('UPDATE produkte SET beobachter = beobachter+1 WHERE id = "'.intval($id).'"');
}
self::location('itm' . self::_GET('id'));
die;
}else{
self::location('mainmeineanzeigen');
die;
}
}else{
self::location('mainmeineanzeigen');
die;
}
}
}
/*
* Products
*/
public static function getLastViewedProducts( $arg = NULL ){
$get = self::db()->query('
SELECT produkte.*
FROM list
LEFT JOIN produkte
ON produkte.id = list.aid
WHERE list.ip = "'.$_SERVER['REMOTE_ADDR'].'" AND produkte.statuscode = "1" AND produkte.titel != ""
ORDER BY list.id DESC
LIMIT 4
');
$get->execute();
$data = $get->fetchAll( PDO::FETCH_ASSOC );
$get->closeCursor();
return $data;
}
public static function getProductByAd( $arg = NULL ){
$get = self::db()->query('
SELECT ads.*
FROM(
SELECT *
FROM produkte
WHERE ad_galerie_time != "" AND statuscode = "1"
ORDER BY ad_galerie_time DESC
LIMIT 20
) AS ads
ORDER BY rand()
');
$get->execute();
$data = $get->fetchAll( PDO::FETCH_ASSOC );
$get->closeCursor();
return $data;
}
public static function getCategoryString( $arg = NULL ){
$arg = str_replace(' ', '-', $arg);
$arg = str_replace(',', '', $arg);
return $arg;
}
public static function getCategorys( $arg = NULL ){
$get = self::db()->query('
SELECT *
FROM kategorie_big
ORDER BY name
');
$get->execute();
while( $row = $get->fetch( PDO::FETCH_ASSOC ) ){
$data[] = array(
$row['id'],
$row['name'],
$row['status'],
self::getCategoryString($row['name']),
NULL
);
}
$get->closeCursor();
return $data;
}
}
?>