Вход Регистрация
Файл: style_edit.php
Строк: 188
<?php

define
('IN_PHPBB'true);
$phpbb_root_path './';
include(
$phpbb_root_path 'extension.inc');
include(
$phpbb_root_path 'common.'.$phpEx);

$userdata session_pagestart($user_ipPAGE_INDEX);
init_userprefs($userdata);

if ( isset(
$HTTP_GET_VARS['style']) || isset($HTTP_POST_VARS['style']) )
{
    
$style = ( isset($HTTP_POST_VARS['style']) ) ? intval($HTTP_POST_VARS['style']) : intval($HTTP_GET_VARS['style']);
}
else
{
    
$style '';
}
$delete = ( isset($HTTP_GET_VARS['delete']) ) ? TRUE FALSE;
$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE FALSE;
$confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE FALSE;

if ( !
$userdata['session_logged_in'] )
{
    
redirect(append_sid("login.$phpEx?redirect=style_edit.$phpEx&s=$style_id"true));
}
if ( 
$cancel )
{
    
redirect(append_sid("styles.$phpEx?style=$style"TRUE));
}

if (
$style != '')
{    
        
$sql "SELECT * FROM " $table_prefix "css_style
            WHERE style_id = 
$style";
        if ( !(
$result $db->sql_query($sql)) )
        {
            
message_die(GENERAL_ERROR'Таблицы в базе поломаны!'''__LINE____FILE__$sql);
        }
        if ( !(
$style_info $db->sql_fetchrow($result)) )
        {
                
message_die(GENERAL_MESSAGE'Такого стиля не существует!');
        } 
        if ( 
$userdata['user_id'] != $style_info['user_id'] && $userdata['user_level'] != ADMIN )
        {
                
message_die(GENERAL_MESSAGE'Чужой стиль не возможно изменить/удалить!');
        }
}          

$error FALSE;
$error_msg ''
if ( isset(
$HTTP_POST_VARS['submit']))
{
    
$style_name = ( isset($HTTP_POST_VARS['style_name']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['style_name'])) : '';
    
$body_background = ( isset($HTTP_POST_VARS['body_background']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['body_background'])) : '';
    
$body_color = ( isset($HTTP_POST_VARS['body_color']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['body_color'])) : '';
    
$body_border = ( isset($HTTP_POST_VARS['body_border']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['body_border'])) : '';
    
$body_width = ( isset($HTTP_POST_VARS['body_width']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['body_width'])) : '';
    
$body_max = ( isset($HTTP_POST_VARS['body_max']) ) ? ( ($HTTP_POST_VARS['body_max']) ? TRUE ) : 1;

    
$a_link = ( isset($HTTP_POST_VARS['a_link']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['a_link'])) : '';
    
$a_hower = ( isset($HTTP_POST_VARS['a_hower']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['a_hower'])) : '';
    
$top_background = ( isset($HTTP_POST_VARS['top_background']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['top_background'])) : '';
    
$top_color = ( isset($HTTP_POST_VARS['top_color']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['top_color'])) : '';
    
$top_border = ( isset($HTTP_POST_VARS['top_border']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['top_border'])) : '';
    
$tab_background = ( isset($HTTP_POST_VARS['tab_background']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['tab_background'])) : '';
    
$tab_color = ( isset($HTTP_POST_VARS['tab_color']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['tab_color'])) : '';
    
$tab_border = ( isset($HTTP_POST_VARS['tab_border']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['tab_border'])) : '';
    
$row1_background = ( isset($HTTP_POST_VARS['row1_background']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['row1_background'])) : '';
    
$row1_color = ( isset($HTTP_POST_VARS['row1_color']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['row1_color'])) : '';
    
$row1_border = ( isset($HTTP_POST_VARS['row1_border']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['row1_border'])) : '';
    
$row_hard_background = ( isset($HTTP_POST_VARS['row_hard_background']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['row_hard_background'])) : '';
    
$row_hard_color = ( isset($HTTP_POST_VARS['row_hard_color']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['row_hard_color'])) : '';
    
$row_hard_border = ( isset($HTTP_POST_VARS['row_hard_border']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['row_hard_border'])) : '';
    
$row_easy_background = ( isset($HTTP_POST_VARS['row_easy_background']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['row_easy_background'])) : '';
    
$row_easy_color = ( isset($HTTP_POST_VARS['row_easy_color']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['row_easy_color'])) : '';
    
$row_easy_border = ( isset($HTTP_POST_VARS['row_easy_border']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['row_easy_border'])) : '';
    
$buttom_background = ( isset($HTTP_POST_VARS['buttom_background']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['buttom_background'])) : '';
    
$buttom_color = ( isset($HTTP_POST_VARS['buttom_color']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['buttom_color'])) : '';
    
$buttom_border = ( isset($HTTP_POST_VARS['buttom_border']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['buttom_border'])) : '';                                    
    
    if ( 
$style_name == '' )
    {
            
$error true;
        
$error_msg .= 'Введите название!';                    
    }    
    if( 
$body_background == '' || $body_color == '' || $a_link == '' || $a_hower ''
    {
                
$error true;
        
$error_msg .= 'Заполните поля: цвет фона, цвет текста и цвета ссылок!';
    }   
    if ( 
$style != '' )
    {              
                
$user_id $style_info['user_id'];                                 
            if(
$userdata['user_id'] == $style_info['user_id'] || $userdata['user_level'] == ADMIN
                {    
                if( !
$error )
                    {        
                           
$sql "UPDATE " $table_prefix "css_style SET 
                                       style_name = '" 
str_replace("'""''"$style_name) . "', 
                                       user_id = 
$user_id
                                       body_background = '" 
str_replace("'""''"$body_background) . "',
                                       body_color = '" 
str_replace("'""''"$body_color) . "',
                                       body_border = '" 
str_replace("'""''"$body_border) . "',
                                       body_width = '" 
str_replace("'""''"$body_width) . "',
                                       body_max = '" 
$body_max "',
                                       a_link = '" 
str_replace("'""''"$a_link) . "',
                                       a_hower = '" 
str_replace("'""''"$a_hower) . "',
                                       top_background = '" 
str_replace("'""''"$top_background) . "',
                                       top_color = '" 
str_replace("'""''"$top_color) . "',
                                       top_border = '" 
str_replace("'""''"$top_border) . "',
                                       tab_background = '" 
str_replace("'""''"$tab_background) . "',
                                       tab_color = '" 
str_replace("'""''"$tab_color) . "',
                                       tab_border = '" 
str_replace("'""''"$tab_border) . "',
                                           row1_background = '" 
str_replace("'""''"$row1_background) . "',
                                           row1_color = '" 
str_replace("'""''"$row1_color) . "',
                                           row1_border = '" 
str_replace("'""''"$row1_border) . "',
                                           row_hard_background = '" 
str_replace("'""''"$row_hard_background) . "',
                                           row_hard_color = '" 
str_replace("'""''"$row_hard_color) . "',
                                           row_hard_border = '" 
str_replace("'""''"$row_hard_border) . "',
                                           row_easy_background = '" 
str_replace("'""''"$row_easy_background) . "',
                                           row_easy_color = '" 
str_replace("'""''"$row_easy_color) . "',
                                           row_easy_border = '" 
str_replace("'""''"$row_easy_border) . "',
                                           buttom_background = '" 
str_replace("'""''"$buttom_background) . "',
                                           buttom_color = '" 
str_replace("'""''"$buttom_color) . "',
                                           buttom_border = '" 
str_replace("'""''"$buttom_border) . "'                                                                                      
                           WHERE style_id = 
$style";
                   if ( !(
$result $db->sql_query($sql)) )
                   {
                       
message_die(GENERAL_ERROR'Could not update users table'''__LINE____FILE__$sql);
                   }
                        
$message 'Информация стиля обновлена.<br /><br /><a href="' .append_sid("styles.$phpEx?style=$style") . '">К стилю</a>';

                   
$template->assign_vars(array(
                       
"META" => '<meta http-equiv="refresh" content="2;url=' append_sid("styles.$phpEx?style=$style") . '">')
                   );
                   
message_die(GENERAL_MESSAGE$message);
                 }                
                }    
       }        
       else if( 
$userdata['session_logged_in'] )    
       {                             
           if( !
$error )
           {
                      
$user_id = (int)$userdata['user_id'];                    
                  
                      
$sql "INSERT INTO " $table_prefix "css_style ( 
                                           style_name, 
                                       user_id, 
                                       body_background,
                                       body_color,
                                       body_border,
                                       body_width,
                                       body_max,
                                       a_link,
                                       a_hower,
                                       top_background,
                                       top_color,
                                       top_border,
                                       tab_background,
                                       tab_color,
                                       tab_border,
                                           row1_background,
                                           row1_color,
                                           row1_border,
                                           row_hard_background,
                                           row_hard_color,
                                           row_hard_border,
                                           row_easy_background,
                                           row_easy_color,
                                           row_easy_border,
                                           buttom_background,
                                           buttom_color,
                                           buttom_border)
                                VALUES (     
                                          '" 
str_replace("'""''"$style_name) . "', 
                                      '" 
$user_id "', 
                                      '" 
str_replace("'""''"$body_background) . "',
                                      '" 
str_replace("'""''"$body_color) . "',
                                      '" 
str_replace("'""''"$body_border) . "',
                                      '" 
str_replace("'""''"$body_width) . "',
                                      '" 
$body_max "',
                                      '" 
str_replace("'""''"$a_link) . "',
                                      '" 
str_replace("'""''"$a_hower) . "',
                                      '" 
str_replace("'""''"$top_background) . "',
                                      '" 
str_replace("'""''"$top_color) . "',
                                      '" 
str_replace("'""''"$top_border) . "',
                                      '" 
str_replace("'""''"$tab_background) . "',
                                      '" 
str_replace("'""''"$tab_color) . "',
                                      '" 
str_replace("'""''"$tab_border) . "',
                                          '" 
str_replace("'""''"$row1_background) . "',
                                          '" 
str_replace("'""''"$row1_color) . "',
                                          '" 
str_replace("'""''"$row1_border) . "',
                                          '" 
str_replace("'""''"$row_hard_background) . "',
                                          '" 
str_replace("'""''"$row_hard_color) . "',
                                          '" 
str_replace("'""''"$row_hard_border) . "',
                                          '" 
str_replace("'""''"$row_easy_background) . "',
                                          '" 
str_replace("'""''"$row_easy_color) . "',
                                          '" 
str_replace("'""''"$row_easy_border) . "',
                                          '" 
str_replace("'""''"$buttom_background) . "',
                                          '" 
str_replace("'""''"$buttom_color) . "',
                                          '" 
str_replace("'""''"$buttom_border) . "')";
                      if ( !
$db->sql_query($sql) )
                      {
                             
message_die(GENERAL_ERROR'Could not insert new group'''__LINE____FILE__$sql);
                      }
              
message_die(GENERAL_MESSAGE'Стиль успешно создан!<br/><a href="styles.php">К стилям</a>');
           }                          
       }      
       if(
$error)
       {
           
$template->set_filenames(array(
               
'reg_header' => 'error_body.tpl')
           );
           
$template->assign_vars(array(
               
'ERROR_MESSAGE' => $error_msg)
           );
           
$template->assign_var_from_handle('ERROR_BOX''reg_header');
       }
}
if (
$delete)
{    
    if ( empty(
$HTTP_GET_VARS['style']) && empty($HTTP_POST_VARS['style']) )
    {
        
message_die(GENERAL_MESSAGE'Нихера, пусто!');
    }
        if ( 
$userdata['user_id'] != $style_info['user_id'] && $userdata['user_level'] != ADMIN )
        {
                
message_die(GENERAL_MESSAGE'Не свой стиль не возможно удалить!');
        }
    if ( !
$confirm )
    {
        
$s_hidden_fields '<input type="hidden" name="delete" value="true" />';
        
        include(
$phpbb_root_path 'includes/page_header.'.$phpEx);

        
$template->set_filenames(array(
            
'confirm_body' => 'confirm_body.tpl')
        );
        
        
$template->assign_vars(array(
            
'MESSAGE_TITLE' => $lang['Information'],
            
'MESSAGE_TEXT' => 'Вы уверены что хотите удалить стиль?',
            
'L_YES' => $lang['Yes'],
            
'L_NO' => $lang['No'],
            
'S_CONFIRM_ACTION' => append_sid("style_edit.$phpEx?style=$style&amp;delete"),
            
'S_HIDDEN_FIELDS' => $s_hidden_fields)
        );

        
$template->pparse('confirm_body');

        include(
$phpbb_root_path 'includes/page_tail.'.$phpEx);

    } 
    else 
    {               
            
$sql "DELETE FROM " $table_prefix "css_style WHERE style_id = $style";
            
        if ( !
$db->sql_query($sql) )
        {
            
message_die(GENERAL_ERROR'Could not delete style text'''__LINE____FILE__$sql);
        } 
        
$template->assign_vars(array(
                 
"META" => '<meta http-equiv="refresh" content="2;url=' append_sid("index.$phpEx") . '">')
            );
            
message_die(GENERAL_MESSAGE'Стиль успешно удалён!');         
    }
}
$page_title 'Редактор стилей';
include(
$phpbb_root_path 'includes/page_header.'.$phpEx);


$template->set_filenames(array(
         
'body' => 'style_edit.tpl')
); 

$s_hidden_fields '<input type="hidden" name="style" value="' $style '" />';

$template->assign_vars(array(         
         
'L_SUBMIT' => $lang['Submit'],
         
'L_RESET' => $lang['Reset'],
         
'L_YES' => $lang['Yes'],
         
'L_NO' => $lang['No'],
         
'STYLE_NAME' => str_replace('"''&quot;'strip_tags($style_info['style_name'])),        
         
'BODY_BACKGROUND' => str_replace('"''&quot;'strip_tags($style_info['body_background'])),     
         
'BODY_COLOR' => str_replace('"''&quot;'strip_tags($style_info['body_color'])),     
         
'BODY_BORDER' => str_replace('"''&quot;'strip_tags($style_info['body_border'])),     
         
'BODY_WIDTH' => str_replace('"''&quot;'strip_tags($style_info['body_width'])),     
         
'BODY_MAX_NO' => ( !$userdata['body_max'] ) ? 'checked="checked"' '',
     
'BODY_MAX_YES' => ( $userdata['body_max'] ) ? 'checked="checked"' : (($style == '') ? 'checked="checked"' ''),    
         
'A_LINK' => str_replace('"''&quot;'strip_tags($style_info['a_link'])), 
         
'A_HOVER' => str_replace('"''&quot;'strip_tags($style_info['a_hower'])),     
         
'TOP_BACKGROUND' => str_replace('"''&quot;'strip_tags($style_info['top_background'])),     
         
'TOP_COLOR' => str_replace('"''&quot;'strip_tags($style_info['top_color'])),     
         
'TOP_BORDER' => str_replace('"''&quot;'strip_tags($style_info['top_border'])),     
         
'TAB_BACKGROUND' => str_replace('"''&quot;'strip_tags($style_info['tab_background'])),     
         
'TAB_COLOR' => str_replace('"''&quot;'strip_tags($style_info['tab_color'])),     
         
'TAB_BORDER' => str_replace('"''&quot;'strip_tags($style_info['tab_border'])),                   
         
'ROW1_BACKGROUND' => str_replace('"''&quot;'strip_tags($style_info['row1_background'])),     
         
'ROW1_COLOR' => str_replace('"''&quot;'strip_tags($style_info['row1_color'])),     
         
'ROW1_BORDER' => str_replace('"''&quot;'strip_tags($style_info['row1_border'])),                  
         
'ROW_HARD_BACKGROUND' => str_replace('"''&quot;'strip_tags($style_info['row_hard_background'])),     
         
'ROW_HARD_COLOR' => str_replace('"''&quot;'strip_tags($style_info['row_hard_color'])),     
         
'ROW_HARD_BORDER' => str_replace('"''&quot;'strip_tags($style_info['row_hard_border'])),     
         
'ROW_EASY_BACKGROUND' => str_replace('"''&quot;'strip_tags($style_info['row_easy_background'])),     
         
'ROW_EASY_COLOR' => str_replace('"''&quot;'strip_tags($style_info['row_easy_color'])),     
         
'ROW_EASY_BORDER' => str_replace('"''&quot;'strip_tags($style_info['row_easy_border'])),     
         
'BUTTOM_BACKGROUND' => str_replace('"''&quot;'strip_tags($style_info['buttom_background'])),     
         
'BUTTOM_COLOR' => str_replace('"''&quot;'strip_tags($style_info['buttom_color'])),     
         
'BUTTOM_BORDER' => str_replace('"''&quot;'strip_tags($style_info['buttom_border'])),
         
         
'S_FORM_ENCTYPE' => $form_enctype,
         
'S_GROUP_ACTION' => ( $style == '' ) ? append_sid("style_edit.$phpEx") : append_sid("style_edit.$phpEx?style=$style"),
         
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);

$template->pparse('body');

include(
$phpbb_root_path 'includes/page_tail.'.$phpEx);

?>
Онлайн: 2
Реклама