Temos pavadinimas: WordPress, Shopify ir PHPFusion programuotojų bendruomenė :: Sumbit.php

Parašė Haked· 2008 Lie. 14 11:07:18
#1

Kaip man padaryti taip, kad svečiai galėtu dėti naujienas?

Parašė Hardrock· 2008 Lie. 14 11:07:28
#2

atkopijuok submit.php failą (neprisek). Pažėsiu kuom galiu padėti

Parašė Haked· 2008 Lie. 14 11:07:43
#3

<?php
/*---------------------------------------------------+
| PHP-Fusion 6 Content Management System
+----------------------------------------------------+
| Copyright © 2002 - 2006 Nick Jones
| http://www.php-fusion.co.uk/
+----------------------------------------------------+
| Released under the terms & conditions of v2 of the
| GNU General Public License. For details refer to
| the included gpl.txt file or visit http://gnu.org
+----------------------------------------------------*/
require_once "maincore.php";
require_once "subheader.php";
require_once "side_left.php";
include LOCALE.LOCALESET."submit.php";

if (!iMEMBER) fallback("index.php");

if (!isset($stype) || !in_array($stype, array("a","l","n","p"))) fallback("index.php");

if ($stype == "l") {
   if (isset($_POST['submit_link'])) {
      if ($_POST['link_name'] != "" && $_POST['link_url'] != "" && $_POST['link_description'] != "") {
         $submit_info['link_category'] = stripinput($_POST['link_category']);
         $submit_info['link_name'] = stripinput($_POST['link_name']);
         $submit_info['link_url'] = stripinput($_POST['link_url']);
         $submit_info['link_description'] = stripinput($_POST['link_description']);
         $result = dbquery("INSERT INTO ".$db_prefix."submissions (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES ('l', '".$userdata['user_id']."', '".time()."', '".serialize($submit_info)."')");
         opentable($locale['400']);
         echo "<center><br>\n".$locale['410']."<br><br>
<a href='submit.php?stype=l'>".$locale['411']."</a><br><br>
<a href='index.php'>".$locale['412']."</a><br><br>\n</center>\n";
         closetable();
      }
   } else {
      $opts = "";
      opentable($locale['400']);
      $result = dbquery("SELECT * FROM ".$db_prefix."weblink_cats ORDER BY weblink_cat_name");
      if (dbrows($result)) {
         while ($data = dbarray($result)) $opts .= "<option>".$data['weblink_cat_name']."</option>\n";
         echo $locale['420']."<br><br>
<form name='submit_form' method='post' action='".FUSION_SELF."?stype=l' onSubmit='return validateLink(this);'>
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td class='tbl'>".$locale['421']."</td>
<td class='tbl'><select name='link_category' class='textbox'>
$opts</select></td>
</tr>
<tr>
<td class='tbl'>".$locale['422']."</td>
<td class='tbl'><input type='text' name='link_name' maxlength='100' class='textbox' style='width:300px;'></td>
</tr>
<tr>
<td class='tbl'>".$locale['423']."</td>
<td class='tbl'><input type='text' name='link_url' value='http://' maxlength='200' class='textbox' style='width:300px;'></td>
</tr>
<tr>
<td class='tbl'>".$locale['424']."</td>
<td class='tbl'><input type='text' name='link_description' maxlength='200' class='textbox' style='width:300px;'></td>
</tr>
<tr>
<td align='center' colspan='2' class='tbl'><br>
<input type='submit' name='submit_link' value='".$locale['425']."' class='button'>
</td>
</tr>
</table>
</form>\n";
      } else {
         echo "<center><br>\n".$locale['551']."<br><br>\n</center>\n";
      }
      closetable();
   }
} elseif ($stype == "n") {
   if (isset($_POST['submit_news'])) {
      if ($_POST['news_subject'] != "" && $_POST['news_body'] != "") {
         $submit_info['news_subject'] = stripinput($_POST['news_subject']);
         $submit_info['news_cat'] = isNum($_POST['news_cat']) ? $_POST['news_cat'] : "0";
         $submit_info['news_body'] = descript($_POST['news_body']);
         $submit_info['news_breaks'] = (isset($_POST['line_breaks']) ? "y" : "n");
         $result = dbquery("INSERT INTO ".$db_prefix."submissions (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES('n', '".$userdata['user_id']."', '".time()."', '".addslashes(serialize($submit_info))."')");
         opentable($locale['400']);
         echo "<center><br>\n".$locale['460']."<br><br>
<a href='submit.php?stype=n'>".$locale['461']."</a><br><br>
<a href='index.php'>".$locale['412']."</a><br><br>\n</center>\n";
         closetable();
      }
   } else {
      if (isset($_POST['preview_news'])) {
         $news_subject = stripinput($_POST['news_subject']);
         $news_cat = isNum($_POST['news_cat']) ? $_POST['news_cat'] : "0";
         $news_body = phpentities(descript(stripslash($_POST['news_body'])));
         $breaks = (isset($_POST['line_breaks']) ? " checked" : "");
         opentable($news_subject);
         echo (isset($_POST['line_breaks']) ? nl2br($news_body) : $news_body);
         closetable();
         tablebreak();
      }
      if (!isset($_POST['preview_news'])) {
         $news_subject = "";
         $news_body = "";
         $breaks = " checked";
      }
      $news_cat_opts = ""; $sel = "";
      $result2 = dbquery("SELECT * FROM ".$db_prefix."news_cats ORDER BY news_cat_name");
      if (dbrows($result2)) {
         while ($data2 = dbarray($result2)) {
            if (isset($news_cat)) $sel = ($news_cat == $data2['news_cat_id'] ? " selected" : "");
            $news_cat_opts .= "<option value='".$data2['news_cat_id']."'$sel>".$data2['news_cat_name']."</option>\n";
         }
      }   
      opentable($locale['450']);
      echo $locale['470']."<br><br>
<form name='submit_form' method='post' action='".FUSION_SELF."?stype=n' onSubmit='return validateNews(this);'>
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td class='tbl'>".$locale['471']."</td>
<td class='tbl'><input type='text' name='news_subject' value='$news_subject' maxlength='64' class='textbox' style='width:300px;'></td>
</tr>
<tr>
<td width='100' class='tbl'>".$locale['476']."</td>
<td width='80%' class='tbl'><select name='news_cat' class='textbox'>
<option value='0'>".$locale['477']."</option>
$news_cat_opts</select>
</td>
</tr>
<tr>
<td valign='top' class='tbl'>".$locale['472']."</td>
<td class='tbl'><textarea class='textbox' name='news_body' rows='8' style='width:300px;'>$news_body</textarea></td>
</tr>
<tr>
<td colspan='2' class='tbl'><br><center>
<input type='checkbox' name='line_breaks' value='yes'$breaks>".$locale['473']."<br><br>
<input type='submit' name='preview_news' value='".$locale['474']."' class='button'>
<input type='submit' name='submit_news' value='".$locale['475']."' class='button'></center>
</td>
</tr>
</table>
</form>\n";
      closetable();
   }
} elseif ($stype == "a") {
   if (isset($_POST['submit_article'])) {
      if ($_POST['article_subject'] != "" && $_POST['article_body'] != "") {
         $submit_info['article_cat'] = $_POST['article_cat'];
         $submit_info['article_subject'] = stripinput($_POST['article_subject']);
         $submit_info['article_snippet'] = descript($_POST['article_snippet']);
         $submit_info['article_body'] = descript($_POST['article_body']);
         $submit_info['article_breaks'] = (isset($_POST['line_breaks']) ? "y" : "n");
         $result = dbquery("INSERT INTO ".$db_prefix."submissions (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES ('a', '".$userdata['user_id']."', '".time()."', '".addslashes(serialize($submit_info))."')");
         opentable($locale['400']);
         echo "<center><br>\n".$locale['510']."<br><br>
<a href='submit.php?stype=a'>".$locale['511']."</a><br><br>
<a href='index.php'>".$locale['412']."</a><br><br>\n</center>\n";
         closetable();
      }
   } else {
      if (isset($_POST['preview_article'])) {
         $article_cat = $_POST['article_cat'];
         $article_subject = stripinput($_POST['article_subject']);
         $article_snippet = phpentities(descript(stripslash($_POST['article_snippet'])));
         $article_body = phpentities(descript(stripslash($_POST['article_body'])));
         $breaks = (isset($_POST['line_breaks']) ? " checked" : "");
         opentable($article_subject);
         echo (isset($_POST['line_breaks']) ? nl2br($article_body) : $article_body);
         closetable();
         tablebreak();
      }
      if (!isset($_POST['preview_article'])) {
         $article_category = "";
         $article_subject = "";
         $article_snippet = "";
         $article_body = "";
         $breaks = " checked";
      }
      $cat_list = ""; $sel = "";
      opentable($locale['500']);
      $result = dbquery("SELECT * FROM ".$db_prefix."article_cats ORDER BY article_cat_name DESC");
      if (dbrows($result)) {
         while ($data = dbarray($result)) {
            if (isset($_POST['preview_article'])) $sel = ($article_cat == $data['article_cat_id'] ? " selected" : "");
            $cat_list .= "<option value='".$data['article_cat_id']."'$sel>".$data['article_cat_name']."</option>\n";
         }
         echo $locale['520']."<br><br>
<form name='submit_form' method='post' action='".FUSION_SELF."?stype=a' onSubmit='return validateArticle(this);'>
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td width='100' class='tbl'>".$locale['521']."</td>
<td class='tbl'><select name='article_cat' class='textbox'>
$cat_list</select></td>
</tr>
<tr>
<td class='tbl'>".$locale['522']."</td>
<td class='tbl'><input type='text' name='article_subject' value='$article_subject' maxlength='64' class='textbox' style='width:300px;'></td>
</tr>
<tr>
<td valign='top' class='tbl'>".$locale['523']."</td>
<td class='tbl'><textarea class='textbox' name='article_snippet' rows='3' style='width:300px;'>$article_snippet</textarea></td>
</tr>
<tr>
<td valign='top' class='tbl'>".$locale['524']."</td>
<td class='tbl'><textarea class='textbox' name='article_body' rows='8' style='width:300px;'>$article_body</textarea></td>
</tr>
<tr>
<td colspan='2' class='tbl'><br><center>
<input type='checkbox' name='line_breaks' value='yes'$breaks>".$locale['525']."<br><br>
<input type='submit' name='preview_article' value='".$locale['526']."' class='button'>
<input type='submit' name='submit_article' value='".$locale['527']."' class='button'></center>
</td>
</tr>
</table>
</form>\n";
      } else {
         echo "<center><br>\n".$locale['551']."<br><br>\n</center>\n";
      }
      closetable();
   }
} elseif ($stype == "p") {
   if (isset($_POST['submit_photo'])) {
      require_once INCLUDES."photo_functions_include.php";
      $error = "";
      $submit_info['photo_title'] = stripinput($_POST['photo_title']);
      $submit_info['photo_description'] = stripinput($_POST['photo_description']);
      $submit_info['album_id'] = isNum($_POST['album_id']) ? $_POST['album_id'] : "0";
      if (is_uploaded_file($_FILES['photo_pic_file']['tmp_name'])) {
         $photo_types = array(".gif",".jpg",".jpeg",".png");
         $photo_pic = $_FILES['photo_pic_file'];
         $photo_name = strtolower(substr($photo_pic['name'], 0, strrpos($photo_pic['name'], ".")));
         $photo_ext = strtolower(strrchr($photo_pic['name'],"."));
         $photo_dest = PHOTOS."submissions/";
         if (!preg_match("/^[-0-9A-Z_\[\]]+$/i", $photo_name)) {
            $error = 1;
         } elseif ($photo_pic['size'] > $settings['photo_max_b']){
            $error = 2;
         } elseif (!in_array($photo_ext, $photo_types)) {
            $error = 3;
         } else {
            $photo_file = image_exists($photo_dest, $photo_name.$photo_ext);
            move_uploaded_file($photo_pic['tmp_name'], $photo_dest.$photo_file);
            chmod($photo_dest.$photo_file, 0644);
            $imagefile = @getimagesize($photo_dest.$photo_file);
            if (!verify_image($photo_dest.$photo_file)) {
               $error = 3;
               unlink($photo_dest.$photo_file);
            } elseif ($imagefile[0] > $settings['photo_max_w'] || $imagefile[1] > $settings['photo_max_h']) {
               $error = 4;
               unlink($photo_dest.$photo_file);
            } else {
               $submit_info['photo_file'] = $photo_file;
            }
         }
      }
      opentable($locale['570']);
      if (!$error) {
         $result = dbquery("INSERT INTO ".$db_prefix."submissions (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES ('p', '".$userdata['user_id']."', '".time()."', '".serialize($submit_info)."')");
         echo "<center><br>\n".$locale['580']."<br><br>
<a href='submit.php?stype=p'>".$locale['581']."</a><br><br>
<a href='index.php'>".$locale['412']."</a><br><br>\n</center>\n";
      } else {
         echo "<center><br>\n".$locale['600']."<br><br>\n";
         if ($error == 1) { echo $locale['601']; }
         elseif ($error == 2) { echo sprintf($locale['602'], $settings['photo_max_b']); }
         elseif ($error == 3) { echo $locale['603']; }
         elseif ($error == 4) { echo sprintf($locale['604'], $settings['photo_max_w'], $settings['photo_max_h']); }
         echo "<br><br>\n<a href='submit.php?stype=p'>".$locale['411']."</a><br><br>\n</center>\n";
      }
      closetable();
   } else {
      $opts = "";
      opentable($locale['570']);
      $result = dbquery("SELECT * FROM ".$db_prefix."photo_albums ORDER BY album_title");
      if (dbrows($result)) {
         while ($data = dbarray($result)) $opts .= "<option value='".$data['album_id']."'>".$data['album_title']."</option>\n";
         echo $locale['620']."<br><br>
<form name='submit_form' method='post' action='".FUSION_SELF."?stype=p' enctype='multipart/form-data' onSubmit='return validatePhoto(this);'>
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td class='tbl'>".$locale['621']."</td>
<td class='tbl'><input type='text' name='photo_title' maxlength='100' class='textbox' style='width:250px;'></td>
</tr>
<tr>
<td valign='top' class='tbl'>".$locale['622']."</td>
<td class='tbl'><textarea name='photo_description' rows='5' class='textbox' style='width:250px;'></textarea></td>
</tr>
<tr>
<td valign='top' class='tbl'>".$locale['623']."</td>
<td class='tbl'><input type='file' name='photo_pic_file' class='textbox' style='width:250px;'><br>
<span class='small2'>".sprintf($locale['624'], parsebytesize($settings['photo_max_b']), $settings['photo_max_w'], $settings['photo_max_h'])."</span></td>
</tr>
<tr>
<td class='tbl'>".$locale['625']."</td>
<td class='tbl'><select name='album_id' class='textbox'>
$opts</select></td>
</tr>
<tr>
<td align='center' colspan='2' class='tbl'><br>
<input type='submit' name='submit_photo' value='".$locale['626']."' class='button'>
</td>
</tr>
</table>
</form>\n";
      } else {
         echo "<center><br>\n".$locale['551']."<br><br>\n</center>\n";
      }
      closetable();
   }
}
echo "<script type='text/javascript'>
function validateLink(frm) {
   if (frm.link_name.value==\"\" || frm.link_name.value==\"\" || frm.link_description.value==\"\") {
      alert(\"".$locale['550']."\"); return false;
   }
}
function validateNews(frm) {
   if (frm.news_subject.value==\"\" || frm.news_body.value==\"\") {
      alert(\"".$locale['550']."\"); return false;
   }
}
function validateArticle(frm) {
   if (frm.article_subject.value==\"\" || frm.article_snippet.value==\"\" || frm.article_body.value==\"\") {
      alert(\"".$locale['550']."\");
      return false;
   }
}
function validatePhoto(frm) {
   if (frm.photo_title.value==\"\" || frm.photo_description.value==\"\" || frm.photo_pic_file.value==\"\") {
      alert(\"".$locale['550']."\");
      return false;
   }
}
</script>\n";

require_once "side_right.php";
require_once "footer.php";
?>



Parašė Hardrock· 2008 Lie. 14 11:07:19
#4

Prašom.
<?php
/*---------------------------------------------------+
| PHP-Fusion 6 Content Management System
+----------------------------------------------------+
| Copyright © 2002 - 2006 Nick Jones
| http://www.php-fusion.co.uk/
+----------------------------------------------------+
| Released under the terms & conditions of v2 of the
| GNU General Public License. For details refer to
| the included gpl.txt file or visit http://gnu.org
+----------------------------------------------------*/
require_once "maincore.php";
require_once "subheader.php";
require_once "side_left.php";
include LOCALE.LOCALESET."submit.php";


if (!isset($stype) || !in_array($stype, array("a","l","n","p"))) fallback("index.php");

if ($stype == "l") {
   if (isset($_POST['submit_link'])) {
      if ($_POST['link_name'] != "" && $_POST['link_url'] != "" && $_POST['link_description'] != "") {
         $submit_info['link_category'] = stripinput($_POST['link_category']);
         $submit_info['link_name'] = stripinput($_POST['link_name']);
         $submit_info['link_url'] = stripinput($_POST['link_url']);
         $submit_info['link_description'] = stripinput($_POST['link_description']);
         $result = dbquery("INSERT INTO ".$db_prefix."submissions (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES ('l', '".$userdata['user_id']."', '".time()."', '".serialize($submit_info)."')");
         opentable($locale['400']);
         echo "<center><br>\n".$locale['410']."<br><br>
<a href='submit.php?stype=l'>".$locale['411']."</a><br><br>
<a href='index.php'>".$locale['412']."</a><br><br>\n</center>\n";
         closetable();
      }
   } else {
      $opts = "";
      opentable($locale['400']);
      $result = dbquery("SELECT * FROM ".$db_prefix."weblink_cats ORDER BY weblink_cat_name");
      if (dbrows($result)) {
         while ($data = dbarray($result)) $opts .= "<option>".$data['weblink_cat_name']."</option>\n";
         echo $locale['420']."<br><br>
<form name='submit_form' method='post' action='".FUSION_SELF."?stype=l' onSubmit='return validateLink(this);'>
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td class='tbl'>".$locale['421']."</td>
<td class='tbl'><select name='link_category' class='textbox'>
$opts</select></td>
</tr>
<tr>
<td class='tbl'>".$locale['422']."</td>
<td class='tbl'><input type='text' name='link_name' maxlength='100' class='textbox' style='width:300px;'></td>
</tr>
<tr>
<td class='tbl'>".$locale['423']."</td>
<td class='tbl'><input type='text' name='link_url' value='http://' maxlength='200' class='textbox' style='width:300px;'></td>
</tr>
<tr>
<td class='tbl'>".$locale['424']."</td>
<td class='tbl'><input type='text' name='link_description' maxlength='200' class='textbox' style='width:300px;'></td>
</tr>
<tr>
<td align='center' colspan='2' class='tbl'><br>
<input type='submit' name='submit_link' value='".$locale['425']."' class='button'>
</td>
</tr>
</table>
</form>\n";
      } else {
         echo "<center><br>\n".$locale['551']."<br><br>\n</center>\n";
      }
      closetable();
   }
} elseif ($stype == "n") {
   if (isset($_POST['submit_news'])) {
      if ($_POST['news_subject'] != "" && $_POST['news_body'] != "") {
         $submit_info['news_subject'] = stripinput($_POST['news_subject']);
         $submit_info['news_cat'] = isNum($_POST['news_cat']) ? $_POST['news_cat'] : "0";
         $submit_info['news_body'] = descript($_POST['news_body']);
         $submit_info['news_breaks'] = (isset($_POST['line_breaks']) ? "y" : "n");
         $result = dbquery("INSERT INTO ".$db_prefix."submissions (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES('n', '".$userdata['user_id']."', '".time()."', '".addslashes(serialize($submit_info))."')");
         opentable($locale['400']);
         echo "<center><br>\n".$locale['460']."<br><br>
<a href='submit.php?stype=n'>".$locale['461']."</a><br><br>
<a href='index.php'>".$locale['412']."</a><br><br>\n</center>\n";
         closetable();
      }
   } else {
      if (isset($_POST['preview_news'])) {
         $news_subject = stripinput($_POST['news_subject']);
         $news_cat = isNum($_POST['news_cat']) ? $_POST['news_cat'] : "0";
         $news_body = phpentities(descript(stripslash($_POST['news_body'])));
         $breaks = (isset($_POST['line_breaks']) ? " checked" : "");
         opentable($news_subject);
         echo (isset($_POST['line_breaks']) ? nl2br($news_body) : $news_body);
         closetable();
         tablebreak();
      }
      if (!isset($_POST['preview_news'])) {
         $news_subject = "";
         $news_body = "";
         $breaks = " checked";
      }
      $news_cat_opts = ""; $sel = "";
      $result2 = dbquery("SELECT * FROM ".$db_prefix."news_cats ORDER BY news_cat_name");
      if (dbrows($result2)) {
         while ($data2 = dbarray($result2)) {
            if (isset($news_cat)) $sel = ($news_cat == $data2['news_cat_id'] ? " selected" : "");
            $news_cat_opts .= "<option value='".$data2['news_cat_id']."'$sel>".$data2['news_cat_name']."</option>\n";
         }
      }   
      opentable($locale['450']);
      echo $locale['470']."<br><br>
<form name='submit_form' method='post' action='".FUSION_SELF."?stype=n' onSubmit='return validateNews(this);'>
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td class='tbl'>".$locale['471']."</td>
<td class='tbl'><input type='text' name='news_subject' value='$news_subject' maxlength='64' class='textbox' style='width:300px;'></td>
</tr>
<tr>
<td width='100' class='tbl'>".$locale['476']."</td>
<td width='80%' class='tbl'><select name='news_cat' class='textbox'>
<option value='0'>".$locale['477']."</option>
$news_cat_opts</select>
</td>
</tr>
<tr>
<td valign='top' class='tbl'>".$locale['472']."</td>
<td class='tbl'><textarea class='textbox' name='news_body' rows='8' style='width:300px;'>$news_body</textarea></td>
</tr>
<tr>
<td colspan='2' class='tbl'><br><center>
<input type='checkbox' name='line_breaks' value='yes'$breaks>".$locale['473']."<br><br>
<input type='submit' name='preview_news' value='".$locale['474']."' class='button'>
<input type='submit' name='submit_news' value='".$locale['475']."' class='button'></center>
</td>
</tr>
</table>
</form>\n";
      closetable();
   }
} elseif ($stype == "a") {
   if (isset($_POST['submit_article'])) {
      if ($_POST['article_subject'] != "" && $_POST['article_body'] != "") {
         $submit_info['article_cat'] = $_POST['article_cat'];
         $submit_info['article_subject'] = stripinput($_POST['article_subject']);
         $submit_info['article_snippet'] = descript($_POST['article_snippet']);
         $submit_info['article_body'] = descript($_POST['article_body']);
         $submit_info['article_breaks'] = (isset($_POST['line_breaks']) ? "y" : "n");
         $result = dbquery("INSERT INTO ".$db_prefix."submissions (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES ('a', '".$userdata['user_id']."', '".time()."', '".addslashes(serialize($submit_info))."')");
         opentable($locale['400']);
         echo "<center><br>\n".$locale['510']."<br><br>
<a href='submit.php?stype=a'>".$locale['511']."</a><br><br>
<a href='index.php'>".$locale['412']."</a><br><br>\n</center>\n";
         closetable();
      }
   } else {
      if (isset($_POST['preview_article'])) {
         $article_cat = $_POST['article_cat'];
         $article_subject = stripinput($_POST['article_subject']);
         $article_snippet = phpentities(descript(stripslash($_POST['article_snippet'])));
         $article_body = phpentities(descript(stripslash($_POST['article_body'])));
         $breaks = (isset($_POST['line_breaks']) ? " checked" : "");
         opentable($article_subject);
         echo (isset($_POST['line_breaks']) ? nl2br($article_body) : $article_body);
         closetable();
         tablebreak();
      }
      if (!isset($_POST['preview_article'])) {
         $article_category = "";
         $article_subject = "";
         $article_snippet = "";
         $article_body = "";
         $breaks = " checked";
      }
      $cat_list = ""; $sel = "";
      opentable($locale['500']);
      $result = dbquery("SELECT * FROM ".$db_prefix."article_cats ORDER BY article_cat_name DESC");
      if (dbrows($result)) {
         while ($data = dbarray($result)) {
            if (isset($_POST['preview_article'])) $sel = ($article_cat == $data['article_cat_id'] ? " selected" : "");
            $cat_list .= "<option value='".$data['article_cat_id']."'$sel>".$data['article_cat_name']."</option>\n";
         }
         echo $locale['520']."<br><br>
<form name='submit_form' method='post' action='".FUSION_SELF."?stype=a' onSubmit='return validateArticle(this);'>
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td width='100' class='tbl'>".$locale['521']."</td>
<td class='tbl'><select name='article_cat' class='textbox'>
$cat_list</select></td>
</tr>
<tr>
<td class='tbl'>".$locale['522']."</td>
<td class='tbl'><input type='text' name='article_subject' value='$article_subject' maxlength='64' class='textbox' style='width:300px;'></td>
</tr>
<tr>
<td valign='top' class='tbl'>".$locale['523']."</td>
<td class='tbl'><textarea class='textbox' name='article_snippet' rows='3' style='width:300px;'>$article_snippet</textarea></td>
</tr>
<tr>
<td valign='top' class='tbl'>".$locale['524']."</td>
<td class='tbl'><textarea class='textbox' name='article_body' rows='8' style='width:300px;'>$article_body</textarea></td>
</tr>
<tr>
<td colspan='2' class='tbl'><br><center>
<input type='checkbox' name='line_breaks' value='yes'$breaks>".$locale['525']."<br><br>
<input type='submit' name='preview_article' value='".$locale['526']."' class='button'>
<input type='submit' name='submit_article' value='".$locale['527']."' class='button'></center>
</td>
</tr>
</table>
</form>\n";
      } else {
         echo "<center><br>\n".$locale['551']."<br><br>\n</center>\n";
      }
      closetable();
   }
} elseif ($stype == "p") {
   if (isset($_POST['submit_photo'])) {
      require_once INCLUDES."photo_functions_include.php";
      $error = "";
      $submit_info['photo_title'] = stripinput($_POST['photo_title']);
      $submit_info['photo_description'] = stripinput($_POST['photo_description']);
      $submit_info['album_id'] = isNum($_POST['album_id']) ? $_POST['album_id'] : "0";
      if (is_uploaded_file($_FILES['photo_pic_file']['tmp_name'])) {
         $photo_types = array(".gif",".jpg",".jpeg",".png");
         $photo_pic = $_FILES['photo_pic_file'];
         $photo_name = strtolower(substr($photo_pic['name'], 0, strrpos($photo_pic['name'], ".")));
         $photo_ext = strtolower(strrchr($photo_pic['name'],"."));
         $photo_dest = PHOTOS."submissions/";
         if (!preg_match("/^[-0-9A-Z_\[\]]+$/i", $photo_name)) {
            $error = 1;
         } elseif ($photo_pic['size'] > $settings['photo_max_b']){
            $error = 2;
         } elseif (!in_array($photo_ext, $photo_types)) {
            $error = 3;
         } else {
            $photo_file = image_exists($photo_dest, $photo_name.$photo_ext);
            move_uploaded_file($photo_pic['tmp_name'], $photo_dest.$photo_file);
            chmod($photo_dest.$photo_file, 0644);
            $imagefile = @getimagesize($photo_dest.$photo_file);
            if (!verify_image($photo_dest.$photo_file)) {
               $error = 3;
               unlink($photo_dest.$photo_file);
            } elseif ($imagefile[0] > $settings['photo_max_w'] || $imagefile[1] > $settings['photo_max_h']) {
               $error = 4;
               unlink($photo_dest.$photo_file);
            } else {
               $submit_info['photo_file'] = $photo_file;
            }
         }
      }
      opentable($locale['570']);
      if (!$error) {
         $result = dbquery("INSERT INTO ".$db_prefix."submissions (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES ('p', '".$userdata['user_id']."', '".time()."', '".serialize($submit_info)."')");
         echo "<center><br>\n".$locale['580']."<br><br>
<a href='submit.php?stype=p'>".$locale['581']."</a><br><br>
<a href='index.php'>".$locale['412']."</a><br><br>\n</center>\n";
      } else {
         echo "<center><br>\n".$locale['600']."<br><br>\n";
         if ($error == 1) { echo $locale['601']; }
         elseif ($error == 2) { echo sprintf($locale['602'], $settings['photo_max_b']); }
         elseif ($error == 3) { echo $locale['603']; }
         elseif ($error == 4) { echo sprintf($locale['604'], $settings['photo_max_w'], $settings['photo_max_h']); }
         echo "<br><br>\n<a href='submit.php?stype=p'>".$locale['411']."</a><br><br>\n</center>\n";
      }
      closetable();
   } else {
      $opts = "";
      opentable($locale['570']);
      $result = dbquery("SELECT * FROM ".$db_prefix."photo_albums ORDER BY album_title");
      if (dbrows($result)) {
         while ($data = dbarray($result)) $opts .= "<option value='".$data['album_id']."'>".$data['album_title']."</option>\n";
         echo $locale['620']."<br><br>
<form name='submit_form' method='post' action='".FUSION_SELF."?stype=p' enctype='multipart/form-data' onSubmit='return validatePhoto(this);'>
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td class='tbl'>".$locale['621']."</td>
<td class='tbl'><input type='text' name='photo_title' maxlength='100' class='textbox' style='width:250px;'></td>
</tr>
<tr>
<td valign='top' class='tbl'>".$locale['622']."</td>
<td class='tbl'><textarea name='photo_description' rows='5' class='textbox' style='width:250px;'></textarea></td>
</tr>
<tr>
<td valign='top' class='tbl'>".$locale['623']."</td>
<td class='tbl'><input type='file' name='photo_pic_file' class='textbox' style='width:250px;'><br>
<span class='small2'>".sprintf($locale['624'], parsebytesize($settings['photo_max_b']), $settings['photo_max_w'], $settings['photo_max_h'])."</span></td>
</tr>
<tr>
<td class='tbl'>".$locale['625']."</td>
<td class='tbl'><select name='album_id' class='textbox'>
$opts</select></td>
</tr>
<tr>
<td align='center' colspan='2' class='tbl'><br>
<input type='submit' name='submit_photo' value='".$locale['626']."' class='button'>
</td>
</tr>
</table>
</form>\n";
      } else {
         echo "<center><br>\n".$locale['551']."<br><br>\n</center>\n";
      }
      closetable();
   }
}
echo "<script type='text/javascript'>
function validateLink(frm) {
   if (frm.link_name.value==\"\" || frm.link_name.value==\"\" || frm.link_description.value==\"\") {
      alert(\"".$locale['550']."\"); return false;
   }
}
function validateNews(frm) {
   if (frm.news_subject.value==\"\" || frm.news_body.value==\"\") {
      alert(\"".$locale['550']."\"); return false;
   }
}
function validateArticle(frm) {
   if (frm.article_subject.value==\"\" || frm.article_snippet.value==\"\" || frm.article_body.value==\"\") {
      alert(\"".$locale['550']."\");
      return false;
   }
}
function validatePhoto(frm) {
   if (frm.photo_title.value==\"\" || frm.photo_description.value==\"\" || frm.photo_pic_file.value==\"\") {
      alert(\"".$locale['550']."\");
      return false;
   }
}
</script>\n";

require_once "side_right.php";
require_once "footer.php";
?>



Redagavo Hardrock· 2008 Lie. 14 11:07:32

Parašė Haked· 2008 Lie. 14 11:07:39
#5

ačiū

Parašė Hardrock· 2008 Lie. 14 11:07:39
#6

Tiesa, pagal šį kodą, svečiai galės dėti ne tik naujienas, bet ir visą kitą. Jei nenori, kad galėtų siūlyti straipsnius, fotkes ir t.t. pasikoreguok. + Dėl gražumo jei nori susikurk naują vartotoją, kurio id=0 ir pavadink kokius pvz: Svečias. Tik pažėk ar po to nesusipjaus niekas. Jei ne, tada palik.

Redagavo Hardrock· 2008 Lie. 14 11:07:24