-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathsave_page_settings.php
More file actions
92 lines (78 loc) · 3.08 KB
/
save_page_settings.php
File metadata and controls
92 lines (78 loc) · 3.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
<?php
/**
*
* @category modules
* @package oneforall
* @author WBCE Community
* @copyright 2004-2009, Ryan Djurovich
* @copyright 2009-2010, Website Baker Org. e.V.
* @copyright 2019-, WBCE Community
* @link https://www.wbce.org/
* @license http://www.gnu.org/licenses/gpl.html
* @platform WBCE
*
*/
require('../../config.php');
// Include WB admin wrapper script
$update_when_modified = true; // Tells script to update when this page was last updated
require(WB_PATH.'/modules/admin.php');
// Include path
$inc_path = dirname(__FILE__);
// Get module name
require_once($inc_path.'/info.php');
require_once($inc_path.'/functions.php');
// This code removes any php tags and adds slashes
$friendly = array('<', '>', '?php');
$raw = array('<', '>', '');
$header = $database->escapeString(str_replace($friendly, $raw, $_POST['header'] ?? ''));
$item_loop = $database->escapeString(str_replace($friendly, $raw, $_POST['item_loop'] ?? ''));
$footer = $database->escapeString(str_replace($friendly, $raw, $_POST['footer'] ?? ''));
$item_header = $database->escapeString(str_replace($friendly, $raw, $_POST['item_header'] ?? ''));
$item_footer = $database->escapeString(str_replace($friendly, $raw, $_POST['item_footer'] ?? ''));
$items_per_page = (int)$_POST['items_per_page'];
if (extension_loaded('gd') AND function_exists('imageCreateFromJpeg')) {
$resize = (int)$_POST['resize'];
} else {
$resize = '';
}
if (isset($_POST['lb2_overview']) && isset($_POST['lb2_detail'])) {
$lightbox2 = "all";
} elseif (isset($_POST['lb2_overview'])) {
$lightbox2 = "overview";
} elseif (isset($_POST['lb2_detail'])) {
$lightbox2 = "detail";
} else {
$lightbox2 = '';
}
$img_section = empty($_POST['img_section']) ? 0 : 1;
$set = "`header`='$header', `item_loop`='$item_loop', `footer`='$footer',
`item_header`='$item_header', `item_footer`='$item_footer',
`items_per_page`='$items_per_page', `img_section`='$img_section',
`resize`='$resize', `lightbox2`='$lightbox2'";
// Update settings of specified section ids
if ($_POST['modify'] == "multiple") {
$where_clause = '';
foreach ($_POST['modify_sections'] as $section_id) {
if (!is_numeric($section_id)) { continue; }
$where_clause .= "section_id = '$section_id' OR ";
}
$where_clause = rtrim($where_clause, ' OR ');
$database->query("UPDATE `{TP}mod_{$mod_name}_page_settings` SET $set WHERE $where_clause");
}
// Update settings of all section ids
elseif ($_POST['modify'] == "all") {
$database->query("UPDATE `{TP}mod_{$mod_name}_page_settings` SET $set");
}
// Update settings of current section id only
elseif ($_POST['modify'] == "current") {
$database->query("UPDATE `{TP}mod_{$mod_name}_page_settings` SET $set WHERE `section_id` = '$section_id'");
}
// Check if there is a db error, otherwise say successful
if ($database->is_error()) {
$admin->print_error($database->get_error(), ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
} else {
$admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
}
// Print admin footer
$admin->print_footer();
?>