Revision 2098
Added by darkviper almost 11 years ago
save.php | ||
---|---|---|
26 | 26 |
//require_once(WB_PATH.'/framework/class.admin.php'); |
27 | 27 |
|
28 | 28 |
// Include config file |
29 |
$config_file = realpath('../../config.php'); |
|
30 |
if(file_exists($config_file) && !defined('WB_URL')) |
|
31 |
{ |
|
32 |
require($config_file); |
|
29 |
if (!defined('WB_URL')) { |
|
30 |
require('../../config.php'); |
|
33 | 31 |
} |
32 |
$oDb = WbDatabase::getInstance(); |
|
33 |
$oTrans = Translate::getInstance(); |
|
34 |
$oTrans->enableAddon('admin\\settings'); |
|
34 | 35 |
|
35 |
if(!class_exists('admin', false)){ include(WB_PATH.'/framework/class.admin.php'); } |
|
36 |
|
|
37 | 36 |
require_once(WB_PATH.'/framework/functions.php'); |
38 |
|
|
39 | 37 |
// suppress to print the header, so no new FTAN will be set |
40 |
if($advanced == '') |
|
41 |
{ |
|
38 |
if ($advanced == '') { |
|
42 | 39 |
$admin = new admin('Settings', 'settings_basic',false); |
43 | 40 |
} else { |
44 | 41 |
$admin = new admin('Settings', 'settings_advanced',false); |
... | ... | |
49 | 46 |
if( !$admin->checkFTAN() ) |
50 | 47 |
{ |
51 | 48 |
$admin->print_header(); |
52 |
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'],$js_back );
|
|
49 |
$admin->print_error($oTrans->MESSAGE_GENERIC_SECURITY_ACCESS, $js_back );
|
|
53 | 50 |
} |
54 | 51 |
// After check print the header |
55 | 52 |
$admin->print_header(); |
56 |
|
|
53 |
$oTrans->enableAddon('admin\\settings'); |
|
57 | 54 |
// Ensure that the specified default email is formally valid |
58 | 55 |
if(isset($_POST['server_email'])) |
59 | 56 |
{ |
... | ... | |
63 | 60 |
// if(false == preg_match($pattern, $_POST['server_email'])) |
64 | 61 |
if(!$admin->validate_email($_POST['server_email'])) |
65 | 62 |
{ |
66 |
$admin->print_error($MESSAGE['USERS_INVALID_EMAIL'].
|
|
63 |
$admin->print_error($oTrans->MESSAGE_USERS_INVALID_EMAIL.
|
|
67 | 64 |
'<br /><strong>Email: '.htmlentities($_POST['server_email']).'</strong>', $js_back); |
68 | 65 |
} |
69 | 66 |
} |
... | ... | |
78 | 75 |
// $checkSmtpPassword = (isset($_POST['wbmailer_smtp_password']) && ($_POST['wbmailer_smtp_password']=='') ? false : true); |
79 | 76 |
|
80 | 77 |
if(!$checkSmtpHost || !$checkSmtpUser || !$checkSmtpPassword) { |
81 |
$admin->print_error($TEXT['REQUIRED'].' '.$TEXT['WBMAILER_SMTP_AUTH'].
|
|
82 |
'<br /><strong>'.$MESSAGE['GENERIC_FILL_IN_ALL'].'</strong>', $js_back);
|
|
78 |
$admin->print_error($oTrans->TEXT_REQUIRED.' '.$oTrans->TEXT_WBMAILER_SMTP_AUTH.
|
|
79 |
'<br /><strong>'.$oTrans->MESSAGE_GENERIC_FILL_IN_ALL.'</strong>', $js_back);
|
|
83 | 80 |
} |
84 | 81 |
|
85 | 82 |
} |
... | ... | |
214 | 211 |
//$settings = array(); |
215 | 212 |
//$old_settings = array(); |
216 | 213 |
// Query current settings in the db, then loop through them to get old values |
217 |
$sql = 'SELECT `name`, `value` FROM `'.TABLE_PREFIX.'settings`';
|
|
218 |
$sql .= 'ORDER BY `name`';
|
|
214 |
$sql = 'SELECT `name`, `value` FROM `'.$oDb->TablePrefix.'settings` '
|
|
215 |
. 'ORDER BY `name`';
|
|
219 | 216 |
|
220 |
if($res_settings = $database->query($sql)) { |
|
221 |
$iQueryStart = $database->getQueryCount; |
|
222 |
while($setting = $res_settings->fetchRow(MYSQL_ASSOC)) |
|
223 |
{ |
|
217 |
if (($res_settings = $oDb->doQuery($sql))) { |
|
218 |
$iQueryStart = $oDb->QueryCount; |
|
219 |
while ($setting = $res_settings->fetchRow(MYSQL_ASSOC)) { |
|
224 | 220 |
$passed = false; |
225 | 221 |
$setting_name = $setting['name']; |
226 | 222 |
// $old_settings = $setting['value']; |
... | ... | |
234 | 230 |
$passed = ($value != $setting['value']); |
235 | 231 |
break; |
236 | 232 |
case 'string_dir_mode': |
237 |
$value=$dir_mode;
|
|
233 |
$value = $dir_mode;
|
|
238 | 234 |
$passed = ($value != $setting['value']); |
239 | 235 |
break; |
240 | 236 |
case 'string_file_mode': |
241 |
$value=$file_mode;
|
|
237 |
$value = $file_mode;
|
|
242 | 238 |
$passed = ($value != $setting['value']); |
243 | 239 |
break; |
244 | 240 |
case 'page_extension': |
... | ... | |
250 | 246 |
break; |
251 | 247 |
case 'sec_anchor': |
252 | 248 |
$value = $admin->StripCodeFromText($value); |
253 |
$value=(($value=='') ? 'Sec' : $value);
|
|
249 |
$value = (($value=='') ? 'Sec' : $value);
|
|
254 | 250 |
$passed = ($value != $setting['value']); |
255 | 251 |
break; |
256 | 252 |
case 'media_directory': |
... | ... | |
259 | 255 |
$passed = ($value != $setting['value']); |
260 | 256 |
break; |
261 | 257 |
case 'pages_directory': |
262 |
$sql = 'SELECT COUNT(*) FROM `'.TABLE_PREFIX.'pages`';
|
|
263 |
if( !($database->get_one($sql)) ) {
|
|
264 |
$value = rtrim($admin->StripCodeFromText($value));
|
|
265 |
$passed = ($value != $setting['value']);
|
|
266 |
}
|
|
267 |
$value = trim($value,'/');
|
|
268 |
$value = ( ($value != '') ? '/'.$value : '' );
|
|
269 |
break;
|
|
258 |
$sql = 'SELECT COUNT(*) FROM `'.$oDb->TablePrefix.'pages`';
|
|
259 |
if (!($oDb->getOne($sql))) {
|
|
260 |
$value = rtrim($admin->StripCodeFromText($value));
|
|
261 |
$passed = ($value != $setting['value']);
|
|
262 |
}
|
|
263 |
$value = trim($value,'/');
|
|
264 |
$value = ( ($value != '') ? '/'.$value : '' );
|
|
265 |
break;
|
|
270 | 266 |
default : |
271 |
if($value == '') {
|
|
267 |
if($value == '') { |
|
272 | 268 |
$passed = ((in_array($setting_name, $allow_empty_values)) && ($value != $setting['value'])); |
273 | 269 |
} else { |
274 | 270 |
if(in_array($setting_name, $StripCodeFromInput) ) { |
... | ... | |
283 | 279 |
{ |
284 | 280 |
$value = strip_tags($value); |
285 | 281 |
} |
286 |
if( !in_array($setting_name, $aPreventFromUpdate) && $passed ) |
|
287 |
// if ( !in_array($setting_name, $aPreventFromUpdate) && (isset($_POST[$setting_name]) || $passed == true) ) |
|
288 |
{ |
|
282 |
if (!in_array($setting_name, $aPreventFromUpdate) && $passed) { |
|
289 | 283 |
$value = trim($database->escapeString($value)); |
290 | 284 |
$sql = 'UPDATE `'.TABLE_PREFIX.'settings` '; |
291 | 285 |
$sql .= 'SET `value` = \''.($value).'\' '; |
292 | 286 |
$sql .= 'WHERE `name` != \'wb_version\' '; |
293 | 287 |
$sql .= 'AND `name` = \''.$setting_name.'\' '; |
294 |
if (!$database->query($sql)) |
|
295 |
{ |
|
296 |
if($database->is_error()) { |
|
297 |
$admin->print_error($database->get_error, $js_back ); |
|
288 |
if (!$oDb->doQuery($sql)) { |
|
289 |
if($oDb->isError()) { |
|
290 |
$admin->print_error($oDb->getError, $js_back ); |
|
298 | 291 |
} |
299 | 292 |
} |
300 | 293 |
} |
301 | 294 |
} |
302 |
$iQueriesDone = $database->getQueryCount - $iQueryStart;
|
|
295 |
$iQueriesDone = $oDb->QueryCount - $iQueryStart;
|
|
303 | 296 |
} |
304 | 297 |
|
305 | 298 |
/** |
... | ... | |
336 | 329 |
); |
337 | 330 |
|
338 | 331 |
// Query current search settings in the db, then loop through them and update the db with the new value |
339 |
$sql = 'SELECT `name`, `value` FROM `'.TABLE_PREFIX.'search` ';
|
|
340 |
$sql .= 'WHERE `extra` = \'\' ';
|
|
341 |
if( !($oSearch = $database->query($sql)) ) {
|
|
342 |
if($database->is_error()) {
|
|
343 |
$admin->print_error(explode(';',$database->get_error()), $js_back );
|
|
332 |
$sql = 'SELECT `name`, `value` FROM `'.$oDb->TablePrefix.'search` '
|
|
333 |
. 'WHERE `extra` = \'\' ';
|
|
334 |
if (!($oSearch = $oDb->doQuery($sql))) {
|
|
335 |
if ($oDb->isError()) {
|
|
336 |
$admin->print_error(explode(';',$oDb->getError()), $js_back );
|
|
344 | 337 |
} |
345 | 338 |
} |
346 | 339 |
|
... | ... | |
380 | 373 |
break; |
381 | 374 |
default : |
382 | 375 |
$passed = ($admin->get_post($sPostName) || in_array($sSearchName, $allow_empty_values)); |
383 |
|
|
384 |
if (!in_array($sSearchName, $allow_tags_in_fields)) |
|
385 |
{ |
|
376 |
if (!in_array($sSearchName, $allow_tags_in_fields)) { |
|
386 | 377 |
$value = strip_tags($value); |
387 | 378 |
} |
388 | 379 |
break; |
389 | 380 |
} |
390 | 381 |
|
391 |
if ( ($passed == true) ) |
|
392 |
{ |
|
393 |
$sql = 'UPDATE `'.TABLE_PREFIX.'search` '; |
|
394 |
$sql .= 'SET `value` = \''.$database->escapeString($value).'\' '; |
|
395 |
$sql .= 'WHERE `name` = \''.$sSearchName.'\' '; |
|
396 |
$sql .= 'AND `extra` = \'\' '; |
|
397 |
$database->query($sql); |
|
382 |
if (($passed == true)) { |
|
383 |
$sql = 'UPDATE `'.$oDb->TablePrefix.'search` ' |
|
384 |
. 'SET `value` = \''.$oDb->escapeString($value).'\' ' |
|
385 |
. 'WHERE `name` = \''.$sSearchName.'\' AND `extra` = \'\' '; |
|
386 |
$oDb->doQuery($sql); |
|
398 | 387 |
} |
399 | 388 |
} |
400 | 389 |
|
401 | 390 |
// Check if there was an error updating the db |
402 |
if($database->is_error()) {
|
|
403 |
$admin->print_error($database->get_error, $js_back );
|
|
391 |
if($oDb->isError()) {
|
|
392 |
$admin->print_error($oDb->getError, $js_back );
|
|
404 | 393 |
} else { |
405 |
// $admin->print_success($iQueriesDone.' Queries '.$MESSAGE['SETTINGS_SAVED'], $js_back ); |
|
406 |
$admin->print_success($MESSAGE['SETTINGS_SAVED'], $js_back ); |
|
394 |
$admin->print_success($oTrans->MESSAGE_SETTINGS_SAVED, $js_back ); |
|
407 | 395 |
} |
408 | 396 |
$admin->print_footer(); |
Also available in: Unified diff
! activate class Translate for all addons in admin/ (except pages/)
! class.admin >> add translation of the current theme to Translate