'VM-Kompania', 'keywords' => '', 'description' => '', 'cssFiles' => array('/css/default.css'), 'bodyClass' => 'body', 'contentWidth' => '850', ); $lSiteViz = new siteViz($pSettings); $mySession = new siteSession(); if ($mySession->hasSession()) { if (!empty($_SESSION['site'])) { switch ($_SESSION['site']) { case 1: // bg $lDBName = DB_NAME_BG; break; case 2: // en $lDBName = DB_NAME_EN; break; case 3: // ru $lDBName = DB_NAME_RU; break; case 4: // de $lDBName = DB_NAME_DE; break; case 5: // fr $lDBName = DB_NAME_FR; break; } if (FALSE === ($link = @mysql_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD))) { exit('Database Error!'); } if (!mysql_select_db($lDBName, $link)) { exit('Database Error!'); } } if ($page == 'pages') { if ($submode == 'edit') { switch ($_SESSION['site']) { case 2: // en $lSubDir = '/en'; break; case 3: // ru $lSubDir = '/ru'; break; case 4: // de $lSubDir = '/de'; break; case 5: // fr $lSubDir = '/fr'; break; default: $lSubDir = ''; break; } if ($submit) { $data['id'] = isset($_POST['id']) ? intval($_POST['id']) : null; $data['section'] = isset($_POST['section']) ? intval($_POST['section']) : null; $data['menutitle'] = isset($_REQUEST['menutitle']) ? strip_tags(trim($_REQUEST['menutitle'])) : ''; $data['urlname'] = isset($_REQUEST['urlname']) ? str_replace(' ', '-', strtolower(strip_tags(trim($_REQUEST['urlname'])))) : ''; $data['isactive'] = isset($_POST['isactive']) ? 1 : 0; $data['title'] = isset($_REQUEST['title']) ? strip_tags(trim($_REQUEST['title'])) : ''; $data['description'] = isset($_REQUEST['description']) ? strip_tags(trim($_REQUEST['description'])) : ''; $data['keywords'] = isset($_REQUEST['keywords']) ? strip_tags(trim($_REQUEST['keywords'])) : ''; $data['hiddentext'] = isset($_REQUEST['hiddentext']) ? strip_tags(trim($_REQUEST['hiddentext'])) : ''; $data['h1title'] = isset($_REQUEST['h1title']) ? strip_tags(trim($_REQUEST['h1title'])) : ''; $data['subtitle'] = isset($_REQUEST['subtitle']) ? strip_tags(trim($_REQUEST['subtitle'])) : ''; $data['content'] = isset($_REQUEST['content']) ? trim($_REQUEST['content']) : ''; $data['ord'] = isset($_POST['ord']) ? intval($_POST['ord']) : 50; $data['logoalttext'] = isset($_REQUEST['logoalttext']) ? strip_tags(trim($_REQUEST['logoalttext'])) : ''; $data['picalttext'] = isset($_REQUEST['picalttext']) ? strip_tags(trim($_REQUEST['picalttext'])) : ''; $data['delpic'] = isset($_REQUEST['delpic']) ? 1 : 0; if (strlen($data['menutitle']) == 0) { $errorMsg = 'Трябва да въведете име на страницата за менюто!'; $submitError = TRUE; } else if (strlen($data['urlname']) == 0) { $errorMsg = 'Трябва да въведете има на страницата за url-то!'; $submitError = TRUE; } else if (empty($data['section'])) { $errorMsg = 'Трябва да изберете за коя секция е страницата!'; $submitError = TRUE; } if (!$submitError) { $res2 = mysql_query("SELECT count(*) FROM pages WHERE urlname = '".$data['urlname']."'".(!empty($data['id']) ? " AND id <> ".$data['id'] : ''), $link); if ($res2 && mysql_result($res2, 0, 0) > 0) { $errorMsg = 'Страница с това име за url вече съществува!'; $submitError = TRUE; } } if (!$submitError) { $theid = null; if (isset($_FILES['picture']) && $_FILES['picture']['tmp_name']) { managePicture($_FILES['picture'], $data['id'], '0', $submitError, $errorMsg, $theid, $link); } } } if ($submit && !$submitError) { if (!empty($data['delpic'])) { @unlink($_SERVER['DOCUMENT_ROOT'] . $lSubDir . '/images/pages/' . $data['id'] . '-0.jpg'); @unlink($_SERVER['DOCUMENT_ROOT'] . $lSubDir . '/images/pages/' . $data['id'] . '-0.gif'); } if (!empty($data['id'])) { $result = mysql_query(" UPDATE pages SET menutitle = '".addslashes($data['menutitle'])."', urlname = '".addslashes($data['urlname'])."', ord = ".intval($data['ord']).", section = ".intval($data['section']).", title = '".addslashes($data['title'])."', isactive = ".$data['isactive'].", h1title = '".addslashes($data['h1title'])."', keywords = '".addslashes($data['keywords'])."', description = '".addslashes($data['description'])."', hiddentext = '".addslashes($data['hiddentext'])."', subtitle = '".addslashes($data['subtitle'])."', content = '".addslashes($data['content'])."', logoalttext = '".addslashes($data['logoalttext'])."', picalttext = '".addslashes($data['picalttext'])."' WHERE id = " . intval($data['id']), $link); $theid = $data['id']; } else { $res = mysql_query("SELECT MAX(id) FROM pages", $link); $theid = mysql_result($res, 0, 0) + 1; $result = mysql_query(" INSERT INTO pages SET ".(!empty($theid) ? "id = ".$theid.", " : "")." menutitle = '".addslashes($data['menutitle'])."', urlname = '".addslashes($data['urlname'])."', ord = ".intval($data['ord']).", section = ".intval($data['section']).", title = '".addslashes($data['title'])."', isactive = ".$data['isactive'].", h1title = '".addslashes($data['h1title'])."', keywords = '".addslashes($data['keywords'])."', description = '".addslashes($data['description'])."', hiddentext = '".addslashes($data['hiddentext'])."', subtitle = '".addslashes($data['subtitle'])."', content = '".addslashes($data['content'])."', logoalttext = '".addslashes($data['logoalttext'])."', picalttext = '".addslashes($data['picalttext'])."' ", $link); $data['id'] = $theid; } if ($result != FALSE) { createFile($data, $link); header ("Location: /administration/?page=pages"); } else { $submitError = TRUE; $errorMsg = 'Възникна проблем с базата данни!'; } } if (!$submit || $submitError) { if (!$submit && !empty($_REQUEST['id'])) { $result = mysql_query("SELECT * FROM pages WHERE id = " . intval($_REQUEST['id']), $link); if ($result != FALSE) { $row = mysql_fetch_array($result, MYSQL_ASSOC); $data['menutitle'] = $row['menutitle']; $data['urlname'] = $row['urlname']; $data['title'] = $row['title']; $data['keywords'] = $row['keywords']; $data['description'] = $row['description']; $data['hiddentext'] = $row['hiddentext']; $data['h1title'] = $row['h1title']; $data['subtitle'] = $row['subtitle']; $data['content'] = $row['content']; $data['logoalttext'] = $row['logoalttext']; $data['picalttext'] = $row['picalttext']; $data['isactive'] = intval($row['isactive']); $data['ord'] = intval($row['ord']); $data['id'] = intval($row['id']); $data['section'] = intval($row['section']); if (is_file($_SERVER['DOCUMENT_ROOT'] . $lSubDir . '/images/pages/'.$data['id'].'-0.jpg')) { $data['haspicture'] = true; } else if (is_file($_SERVER['DOCUMENT_ROOT'] . $lSubDir . '/images/pages/'.$data['id'].'-0.gif')) { $data['haspicture'] = true; } else { $data['haspicture'] = false; } } else { exit('DB Error'); } } echo $lSiteViz->showHeader(); include $_SERVER['DOCUMENT_ROOT'] . '/templates/adminlogo.tpl.html'; include $_SERVER['DOCUMENT_ROOT'] . '/templates/addeditpage.tpl.html'; include $_SERVER['DOCUMENT_ROOT'] . '/templates/adminfooter.tpl.html'; } } else { if ($submit) { // DO DEL if (isset($_POST['del']) && is_array($_POST['del'])) { foreach ($_POST['del'] AS $k => $v) { @mysql_query("DELETE FROM pages WHERE id = " . intval($k), $link); //pictures } } header ("Location: /administration/?page=pages"); } echo $lSiteViz->showHeader(); include $_SERVER['DOCUMENT_ROOT'] . '/templates/adminlogo.tpl.html'; showList ($templates['pages'], $offset, $link); include $_SERVER['DOCUMENT_ROOT'] . '/templates/adminfooter.tpl.html'; } } else if ($page == 'sections') { if ($submode == 'edit') { if ($submit) { $data['id'] = isset($_POST['id']) ? intval($_POST['id']) : null; $data['name'] = strip_tags(trim($_REQUEST['name'])); $data['ord'] = isset($_POST['ord']) ? intval($_POST['ord']) : 50; if (strlen($data['name']) == 0) { $errorMsg = 'Трябва да въведете име на секцията!'; $submitError = TRUE; } else if (empty($data['ord'])) { $errorMsg = 'Трябва да изберете подредба в менюто!'; $submitError = TRUE; } } if ($submit && !$submitError) { if (!empty($data['id'])) { $result = mysql_query(" UPDATE sections SET name = '".addslashes($data['name'])."', ord = ".$data['ord']." WHERE id = " . intval($data['id']), $link); } else { $res = mysql_query("SELECT MAX(id) FROM sections", $link); $theid = mysql_result($res, 0, 0) + 1; $result = mysql_query(" INSERT INTO sections SET ".($theid ? "id = ".$theid.", " : "")." name = '".addslashes($data['name'])."', ord = ".$data['ord'] , $link); $data['id'] = $theid; } if ($result != FALSE) { header ("Location: /administration/?page=sections"); } else { $submitError = TRUE; $errorMsg = 'Възникна проблем с базата данни!'; } } if (!$submit || $submitError) { if (!$submit && !empty($_REQUEST['id'])) { $result = mysql_query("SELECT * FROM sections WHERE id = " . intval($_REQUEST['id']), $link); if ($result != FALSE) { $row = mysql_fetch_array($result, MYSQL_ASSOC); $data['name'] = $row['name']; $data['ord'] = intval($row['ord']); $data['id'] = intval($row['id']); } else { exit('DB Error'); } } echo $lSiteViz->showHeader(); include $_SERVER['DOCUMENT_ROOT'] . '/templates/adminlogo.tpl.html'; include $_SERVER['DOCUMENT_ROOT'] . '/templates/addeditsections.tpl.html'; include $_SERVER['DOCUMENT_ROOT'] . '/templates/adminfooter.tpl.html'; } } else { if ($submit) { // DO DEL if (isset($_POST['del']) && is_array($_POST['del'])) { foreach ($_POST['del'] AS $k => $v) { @mysql_query("DELETE FROM sections WHERE id = " . intval($k), $link); } } header ("Location: /administration/?page=sections"); } echo $lSiteViz->showHeader(); include $_SERVER['DOCUMENT_ROOT'] . '/templates/adminlogo.tpl.html'; showList ($templates['sections'], $offset, $link); include $_SERVER['DOCUMENT_ROOT'] . '/templates/adminfooter.tpl.html'; } } else if ($page == 'faq') { if ($submode == 'edit') { if ($submit) { $data['id'] = isset($_POST['id']) ? intval($_POST['id']) : null; $data['section'] = isset($_POST['section']) ? intval($_POST['section']) : null; $data['urlname'] = isset($_REQUEST['urlname']) ? str_replace(' ', '-', strtolower(strip_tags(trim($_REQUEST['urlname'])))) : ''; $data['isactive'] = isset($_POST['isactive']) ? 1 : 0; $data['title'] = isset($_REQUEST['title']) ? strip_tags(trim($_REQUEST['title'])) : ''; $data['description'] = isset($_REQUEST['description']) ? strip_tags(trim($_REQUEST['description'])) : ''; $data['keywords'] = isset($_REQUEST['keywords']) ? strip_tags(trim($_REQUEST['keywords'])) : ''; $data['hiddentext'] = isset($_REQUEST['hiddentext']) ? strip_tags(trim($_REQUEST['hiddentext'])) : ''; $data['question'] = isset($_REQUEST['question']) ? strip_tags(trim($_REQUEST['question'])) : ''; $data['content'] = isset($_REQUEST['content']) ? trim($_REQUEST['content']) : ''; $data['ord'] = isset($_POST['ord']) ? intval($_POST['ord']) : 50; $data['logoalttext'] = isset($_REQUEST['logoalttext']) ? strip_tags(trim($_REQUEST['logoalttext'])) : ''; if (strlen($data['question']) == 0) { $errorMsg = 'Трябва да въведете въпроса!'; $submitError = TRUE; } else if (strlen($data['urlname']) == 0) { $errorMsg = 'Трябва да въведете има на страницата за url-то!'; $submitError = TRUE; } else if (empty($data['section'])) { $errorMsg = 'Трябва да изберете за коя секция е страницата!'; $submitError = TRUE; } if (!$submitError) { $res2 = mysql_query("SELECT count(*) FROM faq WHERE urlname = '".$data['urlname']."'".(!empty($data['id']) ? " AND id <> ".$data['id'] : ''), $link); if ($res2 && mysql_result($res2, 0, 0) > 0) { $errorMsg = 'Страница с това име за url вече съществува!'; $submitError = TRUE; } } } if ($submit && !$submitError) { if (!empty($data['id'])) { $result = mysql_query(" UPDATE faq SET urlname = '".addslashes($data['urlname'])."', ord = ".intval($data['ord']).", section = ".intval($data['section']).", title = '".addslashes($data['title'])."', isactive = ".$data['isactive'].", keywords = '".addslashes($data['keywords'])."', description = '".addslashes($data['description'])."', hiddentext = '".addslashes($data['hiddentext'])."', question = '".addslashes($data['question'])."', content = '".addslashes($data['content'])."', logoalttext = '".addslashes($data['logoalttext'])."' WHERE id = " . intval($data['id']), $link); $theid = $data['id']; } else { $res = mysql_query("SELECT MAX(id) FROM faq", $link); $theid = mysql_result($res, 0, 0) + 1; $result = mysql_query(" INSERT INTO faq SET ".(!empty($theid) ? "id = ".$theid.", " : "")." urlname = '".addslashes($data['urlname'])."', ord = ".intval($data['ord']).", section = ".intval($data['section']).", title = '".addslashes($data['title'])."', isactive = ".$data['isactive'].", keywords = '".addslashes($data['keywords'])."', description = '".addslashes($data['description'])."', hiddentext = '".addslashes($data['hiddentext'])."', question = '".addslashes($data['question'])."', content = '".addslashes($data['content'])."', logoalttext = '".addslashes($data['logoalttext'])."' ", $link); $data['id'] = $theid; } if ($result != FALSE) { createFAQFile($data, $link); header ("Location: /administration/?page=faq"); } else { $submitError = TRUE; $errorMsg = 'Възникна проблем с базата данни!'; } } if (!$submit || $submitError) { if (!$submit && !empty($_REQUEST['id'])) { $result = mysql_query("SELECT * FROM faq WHERE id = " . intval($_REQUEST['id']), $link); if ($result != FALSE) { $row = mysql_fetch_array($result, MYSQL_ASSOC); $data['urlname'] = $row['urlname']; $data['title'] = $row['title']; $data['keywords'] = $row['keywords']; $data['description'] = $row['description']; $data['hiddentext'] = $row['hiddentext']; $data['question'] = $row['question']; $data['content'] = $row['content']; $data['logoalttext'] = $row['logoalttext']; $data['isactive'] = intval($row['isactive']); $data['ord'] = intval($row['ord']); $data['id'] = intval($row['id']); $data['section'] = intval($row['section']); } else { exit('DB Error'); } } echo $lSiteViz->showHeader(); include $_SERVER['DOCUMENT_ROOT'] . '/templates/adminlogo.tpl.html'; include $_SERVER['DOCUMENT_ROOT'] . '/templates/addeditfaq.tpl.html'; include $_SERVER['DOCUMENT_ROOT'] . '/templates/adminfooter.tpl.html'; } } else { if ($submit) { // DO DEL if (isset($_POST['del']) && is_array($_POST['del'])) { foreach ($_POST['del'] AS $k => $v) { @mysql_query("DELETE FROM faq WHERE id = " . intval($k), $link); } } header ("Location: /administration/?page=faq"); } echo $lSiteViz->showHeader(); include $_SERVER['DOCUMENT_ROOT'] . '/templates/adminlogo.tpl.html'; showList ($templates['faq'], $offset, $link); include $_SERVER['DOCUMENT_ROOT'] . '/templates/adminfooter.tpl.html'; } } else { echo $lSiteViz->showHeader(); include $_SERVER['DOCUMENT_ROOT'] . '/templates/adminlogo.tpl.html'; include $_SERVER['DOCUMENT_ROOT'] . '/templates/adminmenu.tpl.html'; } } else { if ($submit) { if ($mySession->login($username, $password, $gAdministrators)) { header ("Location: http://" . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF']); } else { $errorMsg = 'Грешен Потребител и/или Парола!'; } } echo $lSiteViz->showHeader(); include $_SERVER['DOCUMENT_ROOT'] . '/templates/adminlogo.tpl.html'; include $_SERVER['DOCUMENT_ROOT'] . '/templates/login.tpl.html'; } echo $lSiteViz->showFooter(); ?>