API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 22nd, 2020
82
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 30.54 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. $urlPrefix="../";
  3. include($urlPrefix."config.php");
  4. if(!defined("CONFIG")){ header("$SERVER_PROTOCOL 404 Not Found"); exit; }
  5. include($urlPrefix."admin/auth.php");
  6.  
  7. if(!function_exists("form_function")){
  8. FUNCTION form_function($type="html", $arr=Array() ){
  9. $return = Array("success"=>false, "globalError"=>"Error!");
  10.  
  11. if($type=="rebuild"){
  12. reset($arr); $connectionHash = ""; $conn = false;
  13. while ( list($k, $Form) = each($arr)){
  14. //echo $Form["formFields"]; exit;
  15. if( !is_array($Form["formFields"]) || !sizeof($Form["formFields"]) ) { continue; }
  16. reset($Form["formFields"]);
  17. while(list($kk, $FormField) = each($Form["formFields"]) ){
  18. if( !is_array($FormField) || !sizeof($FormField) ) { continue; }
  19. if( !isset($FormField["buildOptionsFromSQL"]) || !strlen($FormField["buildOptionsFromSQL"]) ) { continue; }
  20. $newHash = "hash ".$Form["mysqlServer"]." ".$Form["mysqlUser"]." ".$Form["mysqlPassword"]." ";
  21. if($connectionHash!==$newHash){
  22. if($conn!==false) { @mysql_close($conn); }
  23. $conn = @mysql_connect($Form["mysqlServer"], $Form["mysqlUser"], $Form["mysqlPassword"]);
  24. $connectionHash=$newHash;
  25. }
  26. if( $conn===false || mysql_select_db($Form["mysqlDatabase"], $conn)===false ){ return $return; }
  27. $result = mysql_query($FormField["buildOptionsFromSQL"], $conn); $mysql_error = mysql_error($conn);
  28. if($mysql_error!="") { @mysql_close($conn); $return["globalError"]="File:".__FILE__." Line:$line MysqlQuery:\r\n".$sql."\r\n---\r\n".$mysql_error; return $return; }
  29. $arr[$k]["formFields"][$kk]["options"] = Array("0"=>"N/A");
  30. while($rowArr = mysql_fetch_array($result) ){
  31. $arr[$k]["formFields"][$kk]["options"][$rowArr["k"]]=$rowArr["v"];
  32. }
  33. }
  34. }
  35. @mysql_close($conn);
  36. $return["success"]=true;
  37. $return["arr"]=$arr;
  38. return $return;
  39. }
  40.  
  41.  
  42. if( !isset($arr["formFields"]) && !sizeof($arr["formFields"]) ) { return $return; }
  43. $maxLimit = 3000; $defaultLimit=3;
  44. $limit = ($arr["formMethod"]=="POST") ? abs(intval($_POST["limit"])) : abs(intval($_GET["limit"]));
  45. $limit = ( $limit <=1 ) ? $defaultLimit : ( ($limit > $maxLimit) ? $maxLimit : $limit );
  46. $page = ($arr["formMethod"]=="POST") ? abs(intval($_POST["page"])) : abs(intval($_GET["page"]));
  47.  
  48. $orderArr = Array(1=>"ASC", 2=>"DESC");
  49. $orderDir = ($arr["formMethod"]=="POST") ? abs(intval($_POST["orderDir"])) : abs(intval($_GET["orderDir"]));
  50. $orderDir = (isset($orderArr[$orderDir])) ? $orderDir : 1;
  51.  
  52. $orderField = ($arr["formMethod"]=="POST") ? stripslashes($_POST["orderField"]) : stripslashes($_GET["orderField"]);
  53. $orderField = (@strlen($orderField)) ? $orderField : false;
  54. $checkFunctions = Array(
  55. "minlength"=>Array("jsUse"=>false, "jsCode"=>"function(e, c){\r\n if( typeof(e)==\"undefined\" || typeof(e.tagName)==\"undefined\") { return false; }\r\n".
  56. " if(e.value.replace(/\\s/g, \"\").length < c ) { e.style.color=\"red\"; return false; }else{ e.style.color=\"\"; return true; }\r\n}" )
  57. );
  58.  
  59. if( $type=="delete" ){
  60. $idList = preg_split('/[^\d+]/', (($arr["formMethod"]=="POST") ? $_POST["idList"] : $_GET["idList"]), 50, PREG_SPLIT_NO_EMPTY);
  61. if(!sizeof($idList)) { @mysql_close($conn); return $return; }
  62. if( isset($arr["preventDeleteAndDisableID"]) && in_array($arr["preventDeleteAndDisableID"], $idList) ){
  63. $return["success"]=false;
  64. $return["globalError"] = "�� �� ������ ������� ��� ������!";
  65. $return["javascript"]="top.oParent.className=top.oldPCn;";
  66. return $return;
  67. }
  68.  
  69. if( !empty($arr["disable_delete"]) ){
  70. $return["success"]=false;
  71. $return["globalError"] = "�������� ���������!";
  72. $return["javascript"]="top.oParent.className=top.oldPCn;";
  73. return $return;
  74. }
  75.  
  76. //--���������� ������� �� ��������
  77. if( isset($arr["onbeforedelete"]) && function_exists($arr["onbeforedelete"]) ){
  78. $onbeforedelete_result = $arr["onbeforedelete"]($idList[0]);
  79. }
  80. //--
  81. $conn = @mysql_connect($arr["mysqlServer"], $arr["mysqlUser"], $arr["mysqlPassword"]);
  82. if( $conn===false || mysql_select_db($arr["mysqlDatabase"], $conn)===false ){ return $return; }
  83. $line=__LINE__; $sql = "DELETE FROM ".$arr["mysqlTable"]." WHERE id IN(".implode(",", $idList).");";
  84.  
  85. //write_log [--
  86. mysql_query('INSERT INTO `'.$GLOBALS['adm_log_table'].'` SET `inserted`=NOW(), `admin_id`=\''.addslashes($GLOBALS['u_id']).'\', `table`=\''.addslashes($arr["mysqlTable"]).'\', `sql`=\''.addslashes($sql).'\' ', $conn);
  87. // --]
  88.  
  89. $result = mysql_query($sql, $conn); $mysql_error = mysql_error($conn);
  90. if($mysql_error!="") { @mysql_close($conn); $return["globalError"]="File:".__FILE__." Line:$line MysqlQuery:\r\n".$sql."\r\n---\r\n".$mysql_error; return $return; }
  91. @mysql_close($conn);
  92. //--����������� ������� ����� ��������
  93. if( isset($arr["ondelete"]) && function_exists($arr["ondelete"]) ){
  94. $arr["ondelete"]($onbeforedelete_result);
  95. }
  96. //--
  97. $return["success"]=true;
  98. $return["javascript"]="BBSdArr[\"rowsArr\"]=Array(\r\n";
  99. reset($idList); $separator="";
  100. while(list(,$v)=each($idList)){
  101. $return["javascript"].=$separator."Array(\"".$v."\")";
  102. $separator=",\r\n ";
  103. }
  104. $return["javascript"].=");\r\n";
  105. return $return;
  106. }
  107. if( $type=="search" || $type=="add" || $type=="update" ){
  108. $fieldName = ( $type=="update" ) ? (($arr["formMethod"]=="POST") ? $_POST["fieldName"] : $_GET["fieldName"]) : false;
  109. $fieldValue = ( $type=="update" ) ? (($arr["formMethod"]=="POST") ? $_POST["fieldValue"] : $_GET["fieldValue"]) : false;
  110. reset($arr["formFields"]);
  111. $sqlSelect = ""; $sqlWhere=""; $sqlOrder=""; $selectSeparator=""; $whereSeparator="";
  112. $sqlSet = ""; $setSeparator = ""; $uniqueWhere = ""; $uniqueSeparator = ""; $updatedOptionValue=false;
  113. $columnListArr = Array();
  114. while( list(,$field) = each($arr["formFields"]) ){
  115. if( ( $type=="add" || $type=="update" ) && $field["type"]=="timestamp" ){
  116. $sqlSet.=$setSeparator.$arr["mysqlTable"].".".$field["name"]."=NOW()"; $setSeparator=", ";
  117. }
  118. if( $type=="update" && $field["name"]!=$fieldName ) { continue; }
  119. if( $field["type"]!="id" && $field["createField"]!==true && $field["createColumn"]!==true ) { continue; }
  120. $oName = ($type=="update") ? $fieldName : ((@strlen($field["nameAlias"])) ? $field["nameAlias"] : $field["name"]);
  121. $oValue = ($type=="update") ? $fieldValue : (($arr["formMethod"]=="POST") ? $_POST[$oName] : $_GET[$oName]);
  122. $oValue = (@strlen($oValue)) ? trim(stripslashes($oValue)) : (($type=="update") ? "" : false);
  123. $likeValue = preg_replace(Array("'[%_]'", "'\?'" ), Array("\\\\\\0", "_" ), addslashes(str_replace("\\", "\\\\",$oValue)))."%";
  124. if( $orderField!==false && $orderField==$oName ) {
  125. $sqlOrder=' ORDER BY '.(($orderField=='login') ? ' LENGTH(login) ' : $field["name"]).' '.$orderArr[$orderDir];
  126. }
  127. if( $field["createColumn"]===true || $field["type"]=="id" ){
  128. if($field["type"]=="id"){
  129. $columnListArr["id"]=Array();
  130. $sqlSelect.=$selectSeparator.$arr["mysqlTable"].".".$field["name"];
  131. $selectSeparator=", ";
  132. }else{
  133. $columnListArr[$oName]=Array(
  134. "width"=>( (abs($field["columnWidth"])) ? abs($field["columnWidth"]) : ((abs($field["width"])) ? $field["width"] : 20)),
  135. "title"=>$field["title"],
  136. "order"=>(($orderField==$oName || $orderField=='login' ) ? $orderDir : 0),
  137. "type"=>$field["type"] );
  138. if(isset($field['onupdate']) && function_exists($field['onupdate'])){
  139. $columnListArr[$oName]['onupdate']=$field['onupdate'];
  140. }
  141. }
  142. if($field["type"]=="date" || $field["type"]=="datetime"){
  143. if($oValue===false || !preg_match('/(?P<day>\d{2})\.(?P<month>\d{2})\.(?P<year>\d{4})(?: (?P<hour>\d{2})\:(?P<minute>\d{2})|)/', $oValue, $dtm) ){
  144. $sqlSet.=$setSeparator.$arr["mysqlTable"].".".$field["name"]."=NOW()"; $setSeparator=", ";
  145. $oValue=date('d.m.Y H:i', time());
  146. }else{
  147. $dtm=mktime( $dtm['hour'] , $dtm['minute'], $dtm['second'], $dtm['month'], $dtm['day'], $dtm['year'] );
  148. $oValue=date('d.m.Y H:i', $dtm);
  149. $sqlSet.=$setSeparator.$arr["mysqlTable"].".".$field["name"]."='".date('Y-m-d H:i:s', $dtm)."'";
  150. $setSeparator=", ";
  151. }
  152. $sqlSelect.=$selectSeparator."DATE_FORMAT(".$arr["mysqlTable"].".".$field["name"].", '%d.%m.%Y".(($field["type"]=="datetime") ? " %H:%i" : "")."')";
  153. $selectSeparator=", ";
  154. }
  155. if($field["type"]=="password" || $field["type"]=="password_md5" || $field["type"]=="password_sha1"){
  156. $sqlSelect.=$selectSeparator." ' ' AS ".$field["name"];
  157. $selectSeparator=", ";
  158. }
  159. if($field["type"]=="checkbox"){
  160. $sqlSelect.=$selectSeparator." IF(".$arr["mysqlTable"].".".$field["name"]."='".$field["defaultValue"]."', '�', '') AS ".$field["name"];
  161. $selectSeparator=", ";
  162. }
  163. if($field["type"]=="IPv4"){
  164. $sqlSelect.=$selectSeparator." INET_NTOA(".$arr["mysqlTable"].".".$field["name"].") ";
  165. $selectSeparator=", ";
  166. }
  167. if($field["type"]=="text"||$field["type"]=="email"||$field["type"]=="select"){
  168. $sqlSelect.=$selectSeparator.$arr["mysqlTable"].".".$field["name"];
  169. $selectSeparator=", ";
  170. }
  171. }
  172.  
  173. if( $field["createField"]===true && $oValue !==false ){
  174.  
  175.  
  176. if( !empty($field["disable_edit"]) && $type=="update" ){ //������ �� ��������������
  177. $return["success"]=false;
  178. $return["globalError"].="\r\n� 12.08.2014 18:10:00 ���� [".$field["title"]."] ��������� �������������.";
  179. @mysql_close($conn);
  180. return $return;
  181. }
  182.  
  183. if(isset($field["check"]["minlength"])){
  184. if(strlen($oValue) < abs($field["check"]["minlength"])) {
  185. $return["success"]=false;
  186. $return["globalError"].="\r\n���� [".$field["title"]."] ���������� ���. ".$field["check"]["minlength"]." ����.";
  187. @mysql_close($conn);
  188. return $return;
  189. }
  190. }
  191. if(isset($field["check"]["maxlength"])){
  192. if(strlen($oValue) > abs($field["check"]["maxlength"])) {
  193. $return["success"]=false;
  194. $return["globalError"].="\r\n���� [".$field["title"]."] �� ����� ������� ����� ".$field["check"]["maxlength"]." ����.";
  195. @mysql_close($conn);
  196. return $return;
  197. }
  198. }
  199. if(isset($field["check"]["unique"])){
  200. $uniqueWhere.=$uniqueSeparator.$arr["mysqlTable"].".".$field["name"].
  201. (($field["check"]["unique"]["caseSensitive"]===true) ? "='".addslashes($oValue)."'" : " LIKE '".preg_replace(Array("'[%_]'"), Array("\\\\\\0"), addslashes($oValue))."'");
  202. $return["globalError"].="\r\n".$field["check"]["unique"]["errorMsg"];
  203. $uniqueSeparator=" OR ";
  204. }
  205. if($field["type"]=="id"){
  206. $ids = preg_split('/[^\d+]/', $oValue, 50, PREG_SPLIT_NO_EMPTY);
  207. if(sizeof($ids)===0) { continue; }
  208. $sqlWhere.=$whereSeparator.$arr["mysqlTable"].".".$field["name"].((sizeof($ids)>1) ? " IN(".implode(",", $ids).")" : "='".implode(",", $ids)."'");
  209. $whereSeparator=" AND ";
  210. }
  211. if($field["type"]=="checkbox"){
  212. $sqlSet.=$setSeparator.$arr["mysqlTable"].".".$field["name"]."='".(($oValue=="�") ? addslashes($field["defaultValue"]) : 0)."'"; $setSeparator=", ";
  213. $sqlWhere.=$whereSeparator.$arr["mysqlTable"].".".$field["name"]."='".(($oValue=="�") ? addslashes($field["defaultValue"]) : 0)."'";
  214. $whereSeparator=" AND ";
  215. }
  216. if($field["type"]=="password_md5"){
  217. $sqlSet.=$setSeparator.$arr["mysqlTable"].".".$field["name"]."=MD5('".addslashes($oValue)."')"; $setSeparator=", ";
  218. }
  219. if($field["type"]=="password_sha1"){
  220. $sqlSet.=$setSeparator.$arr["mysqlTable"].".".$field["name"]."=SHA1('".addslashes($oValue)."')"; $setSeparator=", ";
  221. }
  222. if($field["type"]=="password"){
  223. $sqlSet.=$setSeparator.$arr["mysqlTable"].".".$field["name"]."='".addslashes($oValue)."'"; $setSeparator=", ";
  224. }
  225. if($field["type"]=="select"){
  226. $oValue = abs(intval($oValue));
  227. $sqlSet.=$setSeparator.$arr["mysqlTable"].".".$field["name"]."='".$oValue."'"; $setSeparator=", ";
  228. $updatedOptionValue = $field["options"][abs($oValue)];
  229. if($oValue > 0){
  230. $sqlWhere.=$whereSeparator.$arr["mysqlTable"].".".$field["name"]."='".$oValue."'";
  231. $whereSeparator=" AND ";
  232. }
  233. }
  234. if($field["type"]=="IPv4"){
  235. $sqlSet.=$setSeparator.$arr["mysqlTable"].".".$field["name"]."=INET_ATON('".addslashes(trim($oValue))."')"; $setSeparator=", ";
  236. $sqlWhere.=$whereSeparator.$arr["mysqlTable"].".".$field["name"]."=INET_ATON('".$oValue."')";
  237. $whereSeparator=" AND ";
  238. }
  239. if($field["type"]=="text" || $field["type"]=="email"){
  240. $sqlSet.=$setSeparator.$arr["mysqlTable"].".".$field["name"]."='".addslashes(trim($oValue))."'"; $setSeparator=", ";
  241. $sqlWhere.=$whereSeparator.$arr["mysqlTable"].".".$field["name"]." LIKE '".$likeValue."'";
  242. $whereSeparator=" AND ";
  243. }
  244. }
  245. }
  246.  
  247. if( $type!="delete" && !strlen($sqlSelect) ){
  248. $return["globalError"] = "Error! �� ��������� ����. ��� ���� createColumn=false";
  249. return $return;
  250. }
  251. $conn = @mysql_connect($arr["mysqlServer"], $arr["mysqlUser"], $arr["mysqlPassword"]);
  252. if( $conn===false || mysql_select_db($arr["mysqlDatabase"], $conn)===false ){ return $return; }
  253. if($type=="update"){
  254. if( strlen($uniqueWhere) ){
  255. $line=__LINE__; $sql = "SELECT COUNT(*) FROM ".$arr["mysqlTable"]." WHERE ".$uniqueWhere;
  256. $result = mysql_query($sql, $conn); $mysql_error = mysql_error($conn);
  257. if($mysql_error!="") { @mysql_close($conn); $return["globalError"]="File:".__FILE__." Line:$line MysqlQuery:\r\n".$sql."\r\n---\r\n".$mysql_error; return $return; }
  258. $rows = abs(mysql_result($result, 0));
  259. if($rows!=0) {
  260. @mysql_close($conn);
  261. $return["success"]=false;
  262. return $return;
  263. }
  264. }
  265. $idList = preg_split('/[^\d+]/', (($arr["formMethod"]=="POST") ? $_POST["idList"] : $_GET["idList"]), 50, PREG_SPLIT_NO_EMPTY);
  266. $line=__LINE__; $sql = "UPDATE ".$arr["mysqlTable"]." SET ".$sqlSet." WHERE id IN(".implode(",", $idList).");";
  267.  
  268. //write_log [--
  269. mysql_query('INSERT INTO `'.$GLOBALS['adm_log_table'].'` SET `inserted`=NOW(), `admin_id`=\''.addslashes($GLOBALS['u_id']).'\', `table`=\''.addslashes($arr["mysqlTable"]).'\', `sql`=\''.addslashes($sql).'\' ', $conn);
  270. // --]
  271.  
  272. $result = mysql_query($sql, $conn); $mysql_error = mysql_error($conn);
  273. if($mysql_error!="") { @mysql_close($conn); $return["globalError"]="File:".__FILE__." Line:$line MysqlQuery:\r\n".$sql."\r\n---\r\n".$mysql_error; return $return; }
  274. @mysql_close($conn);
  275. if($updatedOptionValue!==false) { $oValue=$updatedOptionValue; }
  276. $return["success"]=true;
  277. // [ -- onupdate
  278. reset($columnListArr);
  279. foreach($idList as $key=>$value){
  280. list($k,$v) = each($columnListArr);
  281. if(isset($v['onupdate']) && function_exists($v['onupdate'])){
  282. $v['onupdate']($value, $oValue);
  283. }
  284. }
  285. // -- ]
  286. $return["javascript"]="BBSdArr[\"rowsArr\"]=Array(\r\n".
  287. "Array(\"".implode(",", $idList)."\", \"".preg_replace(Array("'\\\'", "'\"'", "'�'", "'[\r\n]'", "' '", "'<'", "'>'"), Array("\\\\\\", "\\\"", "\\\�", "", "", "&lt;", "&gt;"), $oValue)."\")".
  288. ");\r\n";
  289. return $return;
  290. }
  291. if($type=="add"){
  292. if(!strlen($uniqueWhere)){
  293. $line=__LINE__; $sql = "INSERT INTO ".$arr["mysqlTable"]." SET ".$sqlSet;
  294.  
  295. //write_log [--
  296. mysql_query('INSERT INTO `'.$GLOBALS['adm_log_table'].'` SET `inserted`=NOW(), `admin_id`=\''.addslashes($GLOBALS['u_id']).'\', `table`=\''.addslashes($arr["mysqlTable"]).'\', `sql`=\''.addslashes($sql).'\' ', $conn);
  297. // --]
  298.  
  299. $result = mysql_query($sql, $conn); $mysql_error = mysql_error($conn);
  300. if($mysql_error!="") { @mysql_close($conn); $return["globalError"]="File:".__FILE__." Line:$line MysqlQuery:\r\n".$sql."\r\n---\r\n".$mysql_error; return $return; }
  301. $sqlWhere=" id=".abs(mysql_insert_id($conn));
  302. $return["success"]=true;
  303. }else{
  304. $sqlWhere = $uniqueWhere;
  305. }
  306. }
  307. $line=__LINE__; $sql = "SELECT COUNT(*) FROM ".$arr["mysqlTable"].( (strlen($sqlWhere) ) ? " WHERE ".$sqlWhere : "" );
  308. $result = mysql_query($sql, $conn); $mysql_error = mysql_error($conn);
  309. if($mysql_error!="") { @mysql_close($conn); $return["globalError"]="File:".__FILE__." Line:$line MysqlQuery:\r\n".$sql."\r\n---\r\n".$mysql_error; return $return; }
  310. $rows = abs(mysql_result($result, 0));
  311. if( $rows!=0 && $type=="add" && strlen($uniqueWhere) ){ @mysql_close($conn); return $return; }
  312. if( $rows==0 && $type=="add" && strlen($uniqueWhere) ){
  313. $line=__LINE__; $sql = "INSERT INTO ".$arr["mysqlTable"]." SET ".$sqlSet;
  314.  
  315. //write_log [--
  316. mysql_query('INSERT INTO `'.$GLOBALS['adm_log_table'].'` SET `inserted`=NOW(), `admin_id`=\''.addslashes($GLOBALS['u_id']).'\', `table`=\''.addslashes($arr["mysqlTable"]).'\', `sql`=\''.addslashes($sql).'\' ', $conn);
  317. // --]
  318.  
  319. $result = mysql_query($sql, $conn); $mysql_error = mysql_error($conn);
  320. if($mysql_error!="") { @mysql_close($conn); $return["globalError"]="File:".__FILE__." Line:$line MysqlQuery:\r\n".$sql."\r\n---\r\n".$mysql_error; return $return; }
  321. $sqlWhere=" id=".abs(mysql_insert_id($conn));
  322. $rows=1; $orderField=false; $page=0;
  323. }
  324. $return["success"]=true;
  325. $return["javascript"]="BBSdArr[\"total_rows\"]=".$rows.";\r\n";
  326. if($rows==0) {
  327. $return["success"]=($type=="insert") ? false : true;
  328. @mysql_close($conn); return $return;
  329. }
  330. $rulerSize = ( $rows!=$limit && intval($rows / $limit) >=1 ) ? ( ( intval($rows / $limit) < ($rows / $limit) ) ? intval($rows / $limit)+1 : intval($rows / $limit) ) : 0;
  331. $page = ( $page > $rulerSize ) ? $rulerSize : $page;
  332. $startRow = 0;
  333. if( $page!=0 ){
  334. $startRow = (( ($limit*$page) > $rows ) ? ($limit*($page-1))+1 : ($limit*$page));
  335. $sqlLimit = "LIMIT ".$startRow.",".$limit;
  336. }else{
  337. $sqlLimit = "LIMIT ".$limit;
  338. }
  339. $sqlOrder = ( $orderField!==false ) ? "ORDER BY ".$orderField." ".$orderArr[$orderDir] : "";
  340. $line=__LINE__; $sql = "SELECT ".$sqlSelect." FROM ".$arr["mysqlTable"].( (strlen($sqlWhere)) ? " WHERE ".$sqlWhere : "" )." ".$sqlOrder." ".$sqlLimit;
  341. $result = mysql_query($sql, $conn); $mysql_error = mysql_error($conn);
  342. @mysql_close($conn);
  343. if($mysql_error!="") { $return["globalError"]="File:".__FILE__." Line:$line MysqlQuery:\r\n".$sql."\r\n---\r\n".$mysql_error; return $return; }
  344. $return["globalError"]="";
  345. $return["javascript"].=
  346. "BBSdArr[\"page_length\"]=".$rulerSize.";\r\n".
  347. "BBSdArr[\"page\"]=".$page.";\r\n".
  348. "BBSdArr[\"startRow\"]=".$startRow.";\r\n".
  349. "BBSdArr[\"columnsArr\"]=Array(";
  350. reset($columnListArr); $separator="";
  351. while( list($key, $val) = each($columnListArr) ){
  352. $return["javascript"].=$separator."Array(\"".$key."\", \"".$val["title"]."\", ".abs($val["width"]).", ".abs($val["order"]).", \"".$val["type"]."\")";
  353. $separator=", ";
  354. }
  355. $return["javascript"].=");\r\n".
  356. "BBSdArr[\"rowsArr\"]=Array(\r\n";
  357. $separator="";
  358. while( $row = mysql_fetch_row($result) ){
  359. $return["javascript"].=$separator."Array(";
  360. $sep="";
  361. while( list(, $v) = each($row) ) {
  362. $return["javascript"].=$sep."\"".preg_replace(Array("'\\\'", "'\"'", "'�'", "'[\r\n]'", "' '", "'<'", "'>'"), Array("\\\\\\", "\\\"", "\\\�", "", "", "&lt;", "&gt;"), $v)."\"";
  363. $sep=",";
  364. }
  365. $return["javascript"].=")";
  366. $separator=",\r\n";
  367. }
  368. $return["javascript"].=");\r\n";
  369. return $return;
  370. }
  371.  
  372.  
  373. reset($arr["formFields"]); $separator=$return["fields"]=$return["columns"]="";
  374. $jsBBSFormCheckElements="";
  375. while( list(,$field) = each($arr["formFields"]) ){
  376. $return["fields"].=(!is_array($field)) ? $field : "";
  377. $oName = (@strlen($field["nameAlias"])) ? $field["nameAlias"] : $field["name"];
  378. if( is_array($field) && $field["createColumn"] ){
  379. $return["columns"].=$separator."<td".( (@strlen($field["width"])) ? " style=\"width:".$field["width"]."px\"" : "" )."><button><div>".$field["title"]."</div></button></td>";
  380. $separator="<td class=resize></td>";
  381. }
  382. if( !is_array($field) || $field["createField"]!==true) { continue; }
  383. $is_required = (isset($field["check"]) && $field["check"]["minlength"]) ? true : false;
  384. if( isset($field["check"]) && sizeof($field["check"]) ){
  385. while( list($k, $v) = each($field["check"]) ){
  386. if(!isset($checkFunctions[$k])) { continue; }
  387. $checkFunctions[$k]["jsUse"]=true;
  388. }
  389. reset($field["check"]);
  390. }
  391. $recuiredSimbol = ($is_required) ? "<span class=required title=\"����������� � ����������\">!</span> " : "";
  392. if( $field["type"]=="text" || $field["type"]=="password" || $field["type"]=="password_md5" || $field["type"]=="password_sha1" || $field["type"]=="email" || $field["type"]=="IPv4" ){
  393. $return["fields"].="<div class=field>".
  394. "<span class=label>".$recuiredSimbol.$field["title"].(($is_required) ? " (".$field["check"]["minlength"]."-".$field["check"]["maxlength"].")" : "" )."</span>".
  395. "<div>\r\n".
  396. "<input type=text name=\"".$oName."\"".
  397. " value=\"".( (@strlen($field["defaultValue"])) ? preg_replace(Array("'\"'", "[\r\n]"), Array("&quot;", " "), $field["defaultValue"]) : "" )."\"".
  398. ( (@strlen($field["width"])) ? " style=\"width:".$field["width"]."px\"" : "" ).
  399. " class=text>\r\n".
  400. "</div></div>\r\n";
  401. $jsBBSFormCheckElements.=( isset($field["check"]["minlength"]) ) ?
  402. "ad=( BBScf.minlength(frm[\"".$oName."\"], ".$field["check"]["minlength"].") && (ad==null || ad==false) ) ? false : true;\r\n" : "";
  403. }
  404. if( $field["type"]=="checkbox" ){
  405. $return["fields"].="<div class=field>".
  406. "<span class=label>".$recuiredSimbol.$field["title"]."</span>".
  407. "<div><table cellpadding=0 cellspacing=0 border=0><tr align=center><td width=24 height=24>\r\n".
  408. "<input type=checkbox name=\"".( (@strlen($field["nameAlias"])) ? $field["nameAlias"] : $field["name"] )."\"".
  409. " value=\"�\" ".( ( $field["defaultChecked"]===true) ? " checked" : "" )." class=checkbox>\r\n".
  410. "</td><td>".$field["description"]."</td></tr></table></div></div>\r\n";
  411. }
  412. if( $field["type"]=="select" ){
  413. $return["fields"].="<div class=field>".
  414. "<span class=label>".$recuiredSimbol.$field["title"]."</span>".
  415. "<div>\r\n".
  416. "<select name=\"".( (@strlen($field["nameAlias"])) ? $field["nameAlias"] : $field["name"] )."\"".
  417. " class=select ".((strlen($field["width"])) ? " style=\"width:".$field["width"]."px\"" : "").">\r\n";
  418. if(is_array($field["options"])){
  419. reset($field["options"]);
  420. while( list($oK,$oV) =each($field["options"]) ){
  421. $return["fields"].="<option value=\"".$oK."\"".(($oK==$field["defaultValue"]) ? " selected" : "").">".$oV."</option>\r\n";
  422. }
  423. }
  424. $return["fields"].="</select></div></div>\r\n";
  425. }
  426. }
  427.  
  428. $jsBBSFormCheck="<script language=JavaScript>\r\n".
  429. "if(typeof(BBScf)==\"undefined\"){ var BBScf = new Object(); }\r\n".
  430. "var BBS".$arr["mysqlTable"]."Valid=false;\r\n";
  431. while(list($k, $v) = each($checkFunctions)){
  432. if( isset($v["jsCode"]) && $v["jsUse"]!==true ){ continue; }
  433. $jsBBSFormCheck.="BBScf.".$k."=".$v["jsCode"]."\r\n";
  434. }
  435.  
  436. $jsBBSFormCheck.="function BBS".$arr["mysqlTable"]."Check(){\r\n".
  437. "ad=null;\r\n".
  438. "frm = document.forms[\"bbs_".$arr["mysqlTable"]."_form\"];\r\n".
  439. $jsBBSFormCheckElements.
  440. "elm = doc(\"bbs_".$arr["mysqlTable"]."_addButton\"); elm.disabled=ad; elm.className=(ad) ? 'disabled' : '';\r\n".
  441. "return (ad==null || ad===true) ? false : true;\r\n".
  442. "}\r\n".
  443. "function BBS".$arr["mysqlTable"]."Submit(a){\r\n".
  444. " frm=document.forms[\"bbs_".$arr["mysqlTable"]."_form\"];\r\n".
  445. " frm[\"use\"].value=\"\";\r\n".
  446. "if(a==\"full_search\"){\r\n".
  447. " frm[\"use\"].value=\"search\";\r\n".
  448. " frm.submit();\r\n".
  449. " }\r\n".
  450. "if(a==\"add\"){\r\n".
  451. " if(!confirm(\"�������� ����� ������?\")) { return false; }\r\n".
  452. " frm[\"use\"].value=\"add\";\r\n".
  453. " frm.submit();\r\n".
  454. " }\r\n".
  455. "}\r\n".
  456. "BBStmp = document.forms[\"bbs_".$arr["mysqlTable"]."_form\"];\r\n".
  457. "BBStmp.onsubmit=BBS".$arr["mysqlTable"]."Check;\r\n".
  458. "for(i=0; i < BBStmp.elements.length; i++ ){\r\n".
  459. "e = BBStmp.elements[i];\r\n".
  460. "if(typeof(e.type)==\"undefined\"){ continue; }\r\n".
  461. "if(e.type=='text'){\r\n".
  462. "e.onkeyup=BBS".$arr["mysqlTable"]."Check;\r\n".
  463. "e.onblur=BBS".$arr["mysqlTable"]."Check;\r\n".
  464. "e.change=BBS".$arr["mysqlTable"]."Check;\r\n".
  465. "}\r\n".
  466. "}\r\n".
  467. "</script>\r\n";
  468.  
  469. $return["html"]="<table cellpadding=0 cellspacing=0 border=0 width=100% class=bbsFrm>\r\n".
  470. "<tr><td class=caption>[ ".$arr["formTitle"]." ]</td>".
  471. "<td class=toolbar align=center style=\"border-width:0;\">".
  472. "<div class=loading>".
  473. "<iframe name=bbs_".$arr["mysqlTable"]."_port width=60 height=15 frameborder=0 allowtransparency=true vspace=0 scrolling=no ".
  474. "style=\"background-color:transparent;\" src=0.htm></iframe></div>".
  475. "</td>".
  476. "<td class=columns valign=bottom style=\"padding:0px;\" id=bbs_".$arr["mysqlTable"]."_columns>&nbsp;</td></tr>\r\n".
  477. "<tr valign=top><td width=30%>".
  478. "<form autocomplete=off target=bbs_".$arr["mysqlTable"]."_port name=\"bbs_".$arr["mysqlTable"]."_form\" ".
  479. ((@strlen($arr["formMethod"]) ? " method=".$arr["formMethod"] : "")).
  480. ((@strlen($arr["formAction"]) ? " action=".$arr["formAction"] : "")).
  481. ">\r\n".
  482. "<input type=hidden name=table value=".$arr["mysqlTable"].">\r\n".
  483. "<input type=hidden name=use value=\"search\">\r\n".
  484. "<input type=hidden name=page value=\"0\">\r\n".
  485. "<table cellpadding=0 cellspacing=0 border=0>".
  486. $return["fields"].
  487. "</table></td>\r\n".
  488. "<td width=2% class=toolbar>".
  489. "<div style=padding-right:2px;text-align:right>".
  490. "<button type=reset title=\"�������� �����\" style=\"width:20px; height:20px; margin:0px; padding:0px; float:left;\"><div>X</div></button>".
  491. "<select name=limit class=limit title=\"���-�� ������� �� ��������\" style=\"width:40px;\"><option>20</option><option>40</option><option selected>100</option><option>1000</option><option>3000</option></select></div>".
  492. "<button id=bbs_".$arr["mysqlTable"]."_searchButton title=\"����� � ������ ���� �����\" onclick=\"BBS".$arr["mysqlTable"]."Submit('full_search')\"><div>".
  493. "<img src=images/search.gif width=24 height=24><br>�����</div></button></form><br>".
  494. "<button id=bbs_".$arr["mysqlTable"]."_addButton class=disabled onclick=\"BBS".$arr["mysqlTable"]."Submit('add')\" disabled><div>".
  495. "<img src=images/add.gif width=24 height=24><br>�������</div></button><br>".
  496. "</td>".
  497. "<td width=68% class=listView><div class=Area id=bbs_".$arr["mysqlTable"]."_listView style=\"height:".$arr["formHeight"]."px;\">&nbsp;</div></td></tr>\r\n".
  498. "<tr height=22 class=status><td align=center id=bbs_".$arr["mysqlTable"]."_status>&nbsp;</td>".
  499. "<td class=toolbar align=right style=\"border-width:0;\">".
  500. "</td>".
  501. "<td style=\"border-top-style: solid; border-top-width: 1px; border-top-color: #FFFFFF;\">".
  502. "<span id=bbs_".$arr["mysqlTable"]."_ruller style=\"width:100%\">&nbsp;</span>".
  503. "</td></tr>".
  504. "</table>".
  505. "<form autocomplete=off target=bbs_".$arr["mysqlTable"]."_port name=bbs_".$arr["mysqlTable"]."_singleForm ".
  506. ((@strlen($arr["formMethod"]) ? " method=".$arr["formMethod"] : "")).
  507. ((@strlen($arr["formAction"]) ? " action=".$arr["formAction"] : "")).
  508. ">\r\n".
  509. "<input type=hidden name=idList value=\"\">\r\n".
  510. "<input type=hidden name=fieldName value=\"\">\r\n".
  511. "<input type=hidden name=fieldValue value=\"\">\r\n".
  512. "<input type=hidden name=table value=".$arr["mysqlTable"].">\r\n".
  513. "<input type=hidden name=use value=\"\">\r\n".
  514. "<input type=hidden name=page value=\"0\">\r\n".
  515. "</form>".
  516. $jsBBSFormCheck;
  517.  
  518. return $return;
  519. }
  520. }
  521.  
  522. include("form_config.php");
  523. $body="";
  524.  
  525. if(isset($FormArr) && sizeof($FormArr)){
  526. $tmp = form_function("rebuild", $FormArr);
  527. if($tmp["success"]==true) {
  528. $FormArr = $tmp["arr"]; unset($tmp);
  529. }else{
  530. echo $tmp["globalError"];
  531. exit;
  532. }
  533. $use = "";
  534. $table = ( isset($_POST["table"]) ) ? $_POST["table"] : $_GET["table"];
  535. if( strlen($table) >2 && strlen($table) < 255 && isset($FormArr[$table]) ){
  536. $use = ($FormArr[$table]["formMethod"]=="POST" && !isset($_GET["use"])) ? $_POST["use"] : $_GET["use"];
  537. $use = (strlen($use) >2 && strlen($use) < 255) ? $use : "";
  538. }
  539.  
  540. if( strlen($use) ) {
  541. if( $use=='vcard' ){
  542. if( !isset($FormArr[$table]['vcardFunction']) || !function_exists($FormArr[$table]['vcardFunction']) ){
  543. $body="<p><font size=\"2\" color=\"red\">��� ������ �������, �������� �� �������������!</font></p>";
  544. }else{
  545. $id = ( isset($_POST["id"]) ) ? $_POST["id"] : $_GET["id"];
  546. $body=$FormArr[$table]['vcardFunction'](addslashes($id));
  547. }
  548. echo "<html><head>\r\n".
  549. "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">\r\n".
  550. '<META HTTP-EQUIV="MSTHEMECOMPATIBLE" CONTENT="no">'."\r\n".
  551. "<style><!--\r\n".
  552. "BODY, FONT, TD { font-family: Arial, Helvetica, sans-serif; }\r\n".
  553. "--></style>\r\n".
  554. "<title></title>\r\n".
  555. "<body bgcolor=\"#FFFFFF\">".
  556. $body.
  557. "</body></html>";
  558. exit;
  559. }
  560.  
  561. $dataArr = form_function( $use, $FormArr[$table] );
  562. echo "<html><head>\r\n".
  563. "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">\r\n".
  564. "<title></title>\r\n".
  565. "<body bgcolor=".(($dataArr["success"]!==true) ? "red" : "#6E99ED").">\r\n<script Language=\"JavaScript\">\r\n".
  566. "var BBSdArr = new Array();\r\n".
  567. (($dataArr["success"]!==true) ? "BBSdArr[\"errorMsg\"]=\"".preg_replace(Array("[\r\n]"), Array("\\n"), addslashes($dataArr["globalError"]))."\";\r\n" : "").
  568. $dataArr["javascript"].
  569. "BBSdArr[\"use\"]=\"".$use."\";\r\n".
  570. "BBSdArr[\"table\"]=\"".$table."\";\r\n".
  571. "top.BBSlistView(BBSdArr);\r\n".
  572. "document.location.replace('0.htm');\r\n".
  573. "</script></body></html>";
  574. exit;
  575. }
  576. reset($FormArr);
  577. while ( list($k, $v) = each($FormArr)){
  578. $arr = form_function( "html", $v );
  579. $body.=( strlen($arr["html"]) >20 ) ? "<p>".$arr["html"]."</p>" : "";
  580. }
  581. unset($FormArr, $arr);
  582. }
  583.  
  584. include("first_page.inc");
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!