advanced();\n"; } else { require_once INCLUDES."html_buttons_include.php"; } if (!iMEMBER) { redirect("index.php"); } if (!isset($_GET['stype']) || !preg_check("/^[a-z]$/", $_GET['stype'])) { redirect("index.php"); } $submit_info = array(); if ($_GET['stype'] == "l") { if (isset($_POST['submit_link'])) { if ($_POST['link_name'] != "" && $_POST['link_url'] != "" && $_POST['link_description'] != "") { $submit_info['link_category'] = stripinput($_POST['link_category']); $submit_info['link_name'] = stripinput($_POST['link_name']); $submit_info['link_url'] = stripinput($_POST['link_url']); $submit_info['link_description'] = stripinput($_POST['link_description']); $result = dbquery("INSERT INTO ".DB_SUBMISSIONS." (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES ('l', '".$userdata['user_id']."', '".time()."', '".addslashes(serialize($submit_info))."')"); add_to_title($locale['global_200'].$locale['400']); opentable($locale['400']); echo "

\n".$locale['410']."

\n"; echo "".$locale['411']."

\n"; echo "".$locale['412']."

\n

\n"; closetable(); } } else { $opts = ""; add_to_title($locale['global_200'].$locale['400']); opentable($locale['400']); $result = dbquery("SELECT weblink_cat_id, weblink_cat_name FROM ".DB_WEBLINK_CATS." WHERE ".groupaccess("weblink_cat_access")." ORDER BY weblink_cat_name"); if (dbrows($result)) { while ($data = dbarray($result)) { $opts .= "\n"; } echo $locale['420']."

\n"; echo "\n"; } else { echo "

\n".$locale['551']."

\n

\n"; } closetable(); } } elseif ($_GET['stype'] == "n") { if (isset($_POST['submit_news'])) { if ($_POST['news_subject'] != "" && $_POST['news_body'] != "") { $submit_info['news_subject'] = stripinput($_POST['news_subject']); $submit_info['news_cat'] = isnum($_POST['news_cat']) ? $_POST['news_cat'] : "0"; $submit_info['news_snippet'] = descript($_POST['news_snippet']); $submit_info['news_body'] = descript($_POST['news_body']); $submit_info['news_breaks'] = (isset($_POST['line_breaks']) ? "y" : "n"); $result = dbquery("INSERT INTO ".DB_SUBMISSIONS." (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES('n', '".$userdata['user_id']."', '".time()."', '".addslashes(serialize($submit_info))."')"); add_to_title($locale['global_200'].$locale['450']); opentable($locale['450']); echo "

\n".$locale['460']."

\n"; echo "".$locale['461']."

\n"; echo "".$locale['412']."

\n

\n"; closetable(); } } else { if (isset($_POST['preview_news'])) { $news_subject = stripinput($_POST['news_subject']); $news_cat = isnum($_POST['news_cat']) ? $_POST['news_cat'] : "0"; $news_snippet = stripslash($_POST['news_snippet']); $news_body = stripslash($_POST['news_body']); $breaks = (isset($_POST['line_breaks']) ? " checked='checked'" : ""); opentable($news_subject); echo $locale['478']." ".(isset($_POST['line_breaks']) ? nl2br($news_snippet) : $news_snippet)."

"; echo $locale['472']." ".(isset($_POST['line_breaks']) ? nl2br($news_body) : $news_body); closetable(); tablebreak(); } if (!isset($_POST['preview_news'])) { $news_subject = ""; $news_cat = "0"; $news_snippet = ""; $news_body = ""; $breaks = " checked='checked'"; } $cat_list = ""; $sel = ""; $result2 = dbquery("SELECT news_cat_id, news_cat_name FROM ".DB_NEWS_CATS." ORDER BY news_cat_name"); if (dbrows($result2)) { while ($data2 = dbarray($result2)) { if (isset($_POST['preview_news'])) { $sel = ($news_cat == $data2['news_cat_id'] ? " selected" : ""); } $cat_list .= "\n"; } } add_to_title($locale['global_200'].$locale['450']); opentable($locale['450']); echo $locale['470']."

\n"; echo "\n"; closetable(); } } elseif ($_GET['stype'] == "a") { if (isset($_POST['submit_article'])) { if ($_POST['article_subject'] != "" && $_POST['article_body'] != "") { $submit_info['article_cat'] = isnum($_POST['article_cat']) ? $_POST['article_cat'] : "0"; $submit_info['article_subject'] = stripinput($_POST['article_subject']); $submit_info['article_snippet'] = descript($_POST['article_snippet']); $submit_info['article_body'] = descript($_POST['article_body']); $submit_info['article_breaks'] = (isset($_POST['line_breaks']) ? "y" : "n"); $result = dbquery("INSERT INTO ".DB_SUBMISSIONS." (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES ('a', '".$userdata['user_id']."', '".time()."', '".addslashes(serialize($submit_info))."')"); add_to_title($locale['global_200'].$locale['500']); opentable($locale['500']); echo "

\n".$locale['510']."

\n"; echo "".$locale['511']."

\n"; echo "".$locale['412']."

\n

\n"; closetable(); } } else { if (isset($_POST['preview_article'])) { $article_cat = isnum($_POST['article_cat']) ? $_POST['article_cat'] : "0"; $article_subject = stripinput($_POST['article_subject']); $article_snippet = stripslash($_POST['article_snippet']); $article_body = stripslash($_POST['article_body']); $breaks = (isset($_POST['line_breaks']) ? " checked='checked'" : ""); opentable($article_subject); echo $locale['524']." ".(isset($_POST['line_breaks']) ? nl2br($article_body) : $article_body); closetable(); tablebreak(); } if (!isset($_POST['preview_article'])) { $article_cat = "0"; $article_subject = ""; $article_snippet = ""; $article_body = ""; $breaks = " checked='checked'"; } $cat_list = ""; $sel = ""; add_to_title($locale['global_200'].$locale['500']); opentable($locale['500']); $result = dbquery("SELECT article_cat_id, article_cat_name FROM ".DB_ARTICLE_CATS." WHERE ".groupaccess("article_cat_access")." ORDER BY article_cat_name"); if (dbrows($result)) { while ($data = dbarray($result)) { if (isset($_POST['preview_article'])) { $sel = $article_cat == $data['article_cat_id'] ? " selected" : ""; } $cat_list .= "\n"; } echo $locale['520']."

\n"; echo "\n"; } else { echo "

\n".$locale['551']."

\n

\n"; } closetable(); } } elseif ($_GET['stype'] == "p") { if (isset($_POST['submit_photo'])) { require_once INCLUDES."photo_functions_include.php"; $error = ""; $submit_info['photo_title'] = stripinput($_POST['photo_title']); $submit_info['photo_description'] = stripinput($_POST['photo_description']); $submit_info['album_id'] = isnum($_POST['album_id']) ? $_POST['album_id'] : "0"; if (is_uploaded_file($_FILES['photo_pic_file']['tmp_name'])) { $photo_types = array(".gif",".jpg",".jpeg",".png"); $photo_pic = $_FILES['photo_pic_file']; $photo_name = stripfilename(strtolower(substr($photo_pic['name'], 0, strrpos($photo_pic['name'], ".")))); $photo_ext = strtolower(strrchr($photo_pic['name'],".")); $photo_dest = PHOTOS."submissions/"; if (!preg_match("/^[-0-9A-Z_\[\]]+$/i", $photo_name)) { $error = 1; } elseif ($photo_pic['size'] > $settings['photo_max_b']){ $error = 2; } elseif (!in_array($photo_ext, $photo_types)) { $error = 3; } else { $photo_file = image_exists($photo_dest, $photo_name.$photo_ext); move_uploaded_file($photo_pic['tmp_name'], $photo_dest.$photo_file); chmod($photo_dest.$photo_file, 0644); $imagefile = @getimagesize($photo_dest.$photo_file); if (!verify_image($photo_dest.$photo_file)) { $error = 3; unlink($photo_dest.$photo_file); } elseif ($imagefile[0] > $settings['photo_max_w'] || $imagefile[1] > $settings['photo_max_h']) { $error = 4; unlink($photo_dest.$photo_file); } else { $submit_info['photo_file'] = $photo_file; } } } add_to_title($locale['global_200'].$locale['570']); opentable($locale['570']); if (!$error) { $result = dbquery("INSERT INTO ".DB_SUBMISSIONS." (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES ('p', '".$userdata['user_id']."', '".time()."', '".addslashes(serialize($submit_info))."')"); echo "

\n".$locale['580']."

\n"; echo "".$locale['581']."

\n"; echo "".$locale['412']."

\n

\n"; } else { echo "

\n".$locale['600']."

\n"; if ($error == 1) { echo $locale['601']; } elseif ($error == 2) { echo sprintf($locale['602'], $settings['photo_max_b']); } elseif ($error == 3) { echo $locale['603']; } elseif ($error == 4) { echo sprintf($locale['604'], $settings['photo_max_w'], $settings['photo_max_h']); } echo "

\n".$locale['581']."

\n

\n"; } closetable(); } else { $opts = ""; add_to_title($locale['global_200'].$locale['570']); opentable($locale['570']); $result = dbquery("SELECT album_id, album_title FROM ".DB_PHOTO_ALBUMS." WHERE ".groupaccess("album_access")." ORDER BY album_title"); if (dbrows($result)) { while ($data = dbarray($result)) $opts .= "\n"; echo $locale['620']."

\n"; echo "\n"; } else { echo "

\n".$locale['552']."

\n

\n"; } closetable(); } } elseif ($_GET['stype'] == "d") { if (isset($_POST['submit_download'])) { $error = 0; $submit_info['download_title'] = stripinput($_POST['download_title']); $submit_info['download_description'] = stripinput($_POST['download_description']); $submit_info['download_description_short'] = stripinput($_POST['download_description_short']); if (!$submit_info['download_title']){ $error = 1; } else { $submit_info['download_cat'] = isnum($_POST['download_cat']) ? $_POST['download_cat'] : "0"; $submit_info['download_homepage'] = stripinput($_POST['download_homepage']); $submit_info['download_license'] = stripinput($_POST['download_license']); $submit_info['download_copyright'] = stripinput($_POST['download_copyright']); $submit_info['download_os'] = stripinput($_POST['download_os']); $submit_info['download_version'] = stripinput($_POST['download_version']); $submit_info['download_filesize'] = stripinput($_POST['download_filesize']); $submit_info['download_url'] = stripinput($_POST['download_url']); $submit_info['download_file'] = ""; $submit_info['download_image'] = ""; $submit_info['download_image_thumb'] = ""; if (!$error && !empty($_FILES['download_file']['name']) && is_uploaded_file($_FILES['download_file']['tmp_name'])) { require_once INCLUDES."infusions_include.php"; $source_file = "download_file"; $target_file = $_FILES['download_file']['name']; $target_folder = DOWNLOADS."submissions/"; $max_size = $settings['download_max_b']; $upload = upload_file($source_file, $target_file, $target_folder, $settings['download_types'], $max_size); if (!$upload['error']) { $image_types = array(".gif",".jpg",".jpeg",".png"); if (in_array($upload['source_ext'], $image_types) && (!@getimagesize($target_folder.$upload['target_file']) || !@verify_image($target_folder.$upload['target_file']))) { unlink($upload['target_folder'].$upload['target_file']); $error = 11; } else { $submit_info['download_file'] = $upload['target_file']; $submit_info['download_url'] = ""; if (!$submit_info['download_filesize'] || isset($_POST['calc_upload'])) { $submit_info['download_filesize'] = parsebytesize($upload['source_size']); } } } else { switch ($upload['error']) { case 1 : $error = 4; break; case 2 : $error = 5; break; case 3 : $error = 6; break; default: $error = 11;break; } } } if (!$error && !$submit_info['download_url'] && !$submit_info['download_file']) { $error = 3; } elseif (!$error && !empty($_FILES['download_image']['name']) && is_uploaded_file($_FILES['download_image']['tmp_name'])) { require_once INCLUDES."infusions_include.php"; $image = "download_image"; $name = $_FILES['download_image']['name']; $folder = DOWNLOADS."submissions/images/"; $width = $settings['download_screen_max_w']; $height = $settings['download_screen_max_h']; $size = $settings['download_screen_max_b']; $upload = upload_image($image, $name, $folder, $width, $height, $size, false, true, false, 1, $folder); if (!$upload['error']) { if (!@getimagesize($folder.$upload['image_name']) || !@verify_image($folder.$upload['image_name'])) { unlink($folder.$upload['image_name']); unlink($folder.$upload['thumb1_name']); $error = 11; } else { $submit_info['download_image'] = $upload['image_name']; $submit_info['download_image_thumb'] = $upload['thumb1_name']; } } else { switch ($upload['error']) { case 1 : $error = 7; break; case 2 : $error = 8; break; case 3 : $error = 9; break; case 4 : $error = 10; break; default: $error = 11;break; } } } } add_to_title($locale['global_200'].$locale['650']); opentable($locale['650']); if (!$error) { $result = dbquery("INSERT INTO ".DB_SUBMISSIONS." (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES ('d', '".$userdata['user_id']."', '".time()."', '".addslashes(serialize($submit_info))."')"); echo "

\n".$locale['660']."

\n"; echo "".$locale['661']."

\n"; echo "".$locale['412']."

\n

\n"; } else { echo "

\n".$locale['670']."

\n"; switch ($error) { case 1 : echo $locale['674']; break; case 3 : echo $locale['675']; break; case 4 : echo sprintf($locale['672'], parsebytesize($settings['download_max_b'])); break; case 5 : echo sprintf($locale['673'], str_replace(',', ' ', $settings['download_types'])); break; case 6 : echo $locale['671']; break; case 7 : echo sprintf($locale['672a'], parsebytesize($settings['download_screen_max_b'])); break; case 8 : echo sprintf($locale['673a'], ".gif .jpg .png"); break; case 8 : echo sprintf($locale['672b'], $settings['download_screen_max_w']." x ".$settings['download_screen_max_h']); break; case 10: echo $locale['671a']; break; } echo "

\n".$locale['661']."

\n

\n"; } closetable(); } else { $opts = ""; add_to_title($locale['global_200'].$locale['650']); opentable($locale['650']); $result = dbquery("SELECT download_cat_id, download_cat_name FROM ".DB_DOWNLOAD_CATS." WHERE ".groupaccess("download_cat_access")." ORDER BY download_cat_name"); if (dbrows($result)) { while ($data = dbarray($result)) $opts .= "\n"; echo $locale['680']."

\n"; echo "\n"; echo "\n"; } else { echo "

\n".$locale['551']."

\n

\n"; } closetable(); } } else { redirect("index.php"); } echo "\n"; require_once THEMES."templates/footer.php"; ?>

".$locale['421']."
".$locale['422']."
".$locale['423']."
".$locale['424']."
\n"; echo "\n

".$locale['471']."
".$locale['476']."
".$locale['478']."	$news_snippet
	\n"; echo display_html("submit_form", "news_snippet", true, true, true); echo "
".$locale['472']."	$news_body
	\n"; echo display_html("submit_form", "news_body", true, true, true); echo "
\n"; echo "".$locale['473']." \n"; echo "\n"; echo "\n

".$locale['521']."
".$locale['522']."
".$locale['524']."	$article_body
	\n"; echo display_html("submit_form", "article_body", true, true, true); echo "
\n"; echo "".$locale['525']." \n"; echo "\n"; echo "\n

".$locale['621']."
".$locale['622']."
".$locale['623']."	\n"; echo "".sprintf($locale['624'], parsebytesize($settings['photo_max_b']), $settings['photo_max_w'], $settings['photo_max_h'])."
".$locale['625']."
\n"; echo "\n

".$locale['681']."
".$locale['683']."
".$locale['687']."
".$locale['688']."
\n"; echo "\n