$value) { if (is_array($value)) { unset($target[$key]); nw_adm_InitParameterVariables($value, $target[$key]); } else if ($is_magic_quotes) { $target[$key] = stripslashes($value); } else { $target[$key] = $value; } } return TRUE; } nw_adm_InitParameterVariables(GetGVariable(''), $myVars); nw_adm_InitParameterVariables(GetPostVariable(''), $myVars); if($myVars['nwadmact']=="logout"){ SetSessionVariable('nwpassword', ''); } if($myVars['nwadmact']=="adminlogin"){ SetSessionVariable('nwpassword', $myVars['nwpassword']); } $sessionPassword = ""; $a= GetSessionVariable('nwpassword'); if ( $a!='' ) { $sessionPassword = GetSessionVariable('nwpassword'); } if ( $sessionPassword != $passw ){ ?>

get('nw.Admin.Text.WrongPassword')?>

get('nw.AddForm.Required.PleaseFill.Text'); if (!file_exists(dirname($cgiDir.$dbPath))) { NOF_throwError(540,array("{1}"=>NOF_mapPath(dirname($cgiDir.$dbPath)),"{2}"=>getcwd())); } if (!is_writable(dirname($cgiDir.$dbPath))) { NOF_throwError(541,array("{1}"=>NOF_mapPath(dirname($cgiDir.$dbPath)),"{2}"=>getcwd())); } //$fields_array is set as global in nwgetdb function if($myVars['nwadmact']=="delete"){ $lines_array=nwgetdb($cgiDir.$dbPath,0); $arr_delete=array_reverse($lines_array); if(!$FILE = @fopen($cgiDir.$dbPath, 'wb')){ NOF_throwError(500,array("{1}"=>NOF_mapPath($cgiDir.$dbPath),"{2}"=>dirname($cgiDir.$dbPath))); }else{ $strfields=implode(',',$fields_array)."\r\n"; if(!@fputs($FILE, $strfields)){ NOF_throwError(502,array("{1}"=>NOF_mapPath($cgiDir.$dbPath),"{2}"=>dirname($cgiDir.$dbPath))); } foreach($arr_delete as $line){ if($line[$id_pos]==$myVars['id']){ //delete the image if it exists if ( $line[$picture_pos] != '' ) { if ( file_exists($cgiDir."images/".$line[$picture_pos]) ) { if ( ! unlink($cgiDir."images/".$line[$picture_pos]) ) { //undable to delete the image } } } } else { for ($i=0; $iNOF_mapPath($cgiDir.$dbPath),"{2}"=>dirname($cgiDir.$dbPath))); } } } fclose($FILE); } } if($myVars['nwadmact']=="validation"){ $lines_array=nwgetdb($cgiDir.$dbPath,0); $lines_array=array_reverse($lines_array); foreach($fields_array as $key => $value){ if(trim($value)=="validation"){ $validation_pos=$key; } } for($i=0;$iNOF_mapPath($cgiDir.$dbPath),"{2}"=>dirname($cgiDir.$dbPath))); }else{ $strfields=implode(",",$fields_array)."\r\n"; if(!@fputs($FILE, $strfields)){ NOF_throwError(502,array("{1}"=>NOF_mapPath($cgiDir.$dbPath),"{2}"=>dirname($cgiDir.$dbPath))); } foreach($lines_array as $line){ for ($i=0; $iNOF_mapPath($cgiDir.$dbPath),"{2}"=>dirname($cgiDir.$dbPath))); } } fclose($FILE); } } if($myVars['nwadmact']=="save"){ $lines_array=nwgetdb($cgiDir.$dbPath,0); $lines_array=array_reverse($lines_array); foreach($fields_array as $key => $value){ if(trim($value)=="validation"){ $validation_pos=$key; } } $saved=array(); $tmp_post = GetPostVariable(''); for($i=1;$i<=10;$i++){ if(isset($tmp_post['v'.$i])){ if(isset($tmp_post['c'.$i]) && $tmp_post['c'.$i]!=""){ $saved[$i][0]=$tmp_post['v'.$i]; $saved[$i][1]="true"; }else{ $saved[$i][0]=$tmp_post['v'.$i]; $saved[$i][1]="false"; } } } for($i=0;$iNOF_mapPath($cgiDir.$dbPath),"{2}"=>dirname($cgiDir.$dbPath))); }else{ $strfields=implode(',',$fields_array)."\r\n"; if(!@fputs($FILE, $strfields)){ NOF_throwError(502,array("{1}"=>NOF_mapPath($cgiDir.$dbPath),"{2}"=>dirname($cgiDir.$dbPath))); } foreach($lines_array as $line){ for ($i=0; $iNOF_mapPath($cgiDir.$dbPath),"{2}"=>dirname($cgiDir.$dbPath))); } } fclose($FILE); } } if ( $myVars['nwadmact'] == 'saverec' ) { //upload $path =$cgiDir."images/"; $acceptable_file_types = "image/jpg|image/bmp|image/gif|image/jpeg|image/pjpeg|image/png|image/x-png"; $default_extension = ""; $mode = 2; // $success = true; $lines_array=nwgetdb($cgiDir.$dbPath,0); $lines_array=array_reverse($lines_array); $file_name = ""; $postFile = GetFileVariable($upload_file_name); if ( isset($postFile['name']) && $postFile['name'] != '' ) { $success = false; $my_uploader = new uploader; $my_uploader->max_filesize(200000); $my_uploader->max_image_size(5000,5000); if ($my_uploader->upload($upload_file_name, $acceptable_file_types, $default_extension)) { $success = $my_uploader->save_file($path, $mode); } if ( $success ) { $file_name=$my_uploader->file['name']; if ( $myVars['oldimage'] != '' ) $my_uploader->delete_file($path.$myVars['oldimage']); } else { if ( $my_uploader->errors != '' ) { $msg=$my_uploader->errors; } else { $msg=$GLOBALS['nof_resources']->get('nw.AddForm.CantUpload.Text'); } $myVars['nwadmact'] = 'edit'; } } if ( $success ) { if ( $myVars['id'] != '' ) { //edit if(!$FILE = @fopen($cgiDir.$dbPath, 'w')){ NOF_throwError(500,array("{1}"=>NOF_mapPath($cgiDir.$dbPath),"{2}"=>dirname($cgiDir.$dbPath))); }else{ $strfields=implode(',',$fields_array)."\r\n"; if(!@fputs($FILE, $strfields)){ NOF_throwError(502,array("{1}"=>NOF_mapPath($cgiDir.$dbPath),"{2}"=>dirname($cgiDir.$dbPath))); } foreach($lines_array as $line){ if ( $line[$id_pos] == $myVars['id'] ) { $line[$title_pos] = dbEncode(GetPostVariable('title')); $line[$shortmessage_pos] = dbEncode($myVars['shortmessage']); $line[$fullmessage_pos] = dbEncode($myVars['fullmessage']); $line[$author_pos] = dbEncode($myVars['author']); if ( $file_name == "" ) { $line[$picture_pos] = dbEncode($myVars['oldimage']); } else { $line[$picture_pos] = dbEncode($file_name); } $line[$validation_pos] = dbEncode($myVars['status']); } for ($i=0; $iNOF_mapPath($cgiDir.$dbPath),"{2}"=>dirname($cgiDir.$dbPath))); } } fclose($FILE); } } else { //add if(!$FILE = @fopen($cgiDir.$dbPath, 'a')){ NOF_throwError(500,array("{1}"=>NOF_mapPath($cgiDir.$dbPath),"{2}"=>dirname($cgiDir.$dbPath))); }else{ $newRecId=1; if ( sizeof($lines_array) > 0 ) { foreach ( $lines_array as $line ) { if ( sizeof($line)>1 and $line[0]!='' ) { $newRecId=$line[0]; } } $newRecId = $newRecId[0]+1; } $newRec = '"'.$newRecId.'","'.dbEncode($myVars['title']).'"'; $newRec .= ',"'.dbEncode($myVars['shortmessage']).'"'; $newRec .= ',"'.dbEncode($myVars['fullmessage']).'"'; $newRec .= ',"'.dbEncode($myVars['author']).'"'; $newRec .= ',"'.dbEncode($file_name).'"'; $newRec .= ',"'. strval(time() - date('Z',time())) .'","'.$myVars['status'].'"'."\r\n"; if ( !@fputs($FILE, $newRec) ) { NOF_throwError(502,array("{1}"=>NOF_mapPath($cgiDir.$dbPath),"{2}"=>dirname($cgiDir.$dbPath))); } fclose($FILE); } } } } if ( $myVars['nwadmact'] == 'add' || $myVars['nwadmact'] == 'edit' ) { $rec =array(""); for ( $i=0; $i<=count($labels)+1; $i++ ) { array_push($rec, ""); } if ( $myVars['nwadmact'] == 'add' ) { $myVars['id'] = ""; } if ( $myVars['id'] != "" ) { $lines_array=nwgetdb($cgiDir.$dbPath,0); foreach($lines_array as $line){ if ( $line[0] == $myVars['id'] ) { $rec = $line; } } } //show the add/edit form and stop the execution after this showEditForm($rec); } else { $flag_emptydb=0; if (!file_exists($cgiDir.$dbPath)) { $flag_emptydb=1; }else{ $lines_array=nwgetdb($cgiDir.$dbPath,0); $numberoflines = sizeof($lines_array); } if($myVars['nwadmact']=="view"){ $viewline=array(); foreach($lines_array as $line){ if ( $line[0]==$myVars['id'] ) { $viewline=$line; break; } } ?>

get("nw.Admin.ViewPage.Title")?>
	",$viewline[$shortmessage_pos]); foreach($desc_array as $val){ echo htmlspecialchars($val)." "; } ?>
	",$viewline[$fullmessage_pos]); foreach($desc_array as $val){ echo htmlspecialchars($val)." "; } ?>
get('nw.PostedDate.Label')?>
Picture	get('nw.Admin.Picture.Empty'); }else{ echo imgresize($cgiDir."images/",$viewline[$picture_pos],250,300); }?>
get("nw.Admin.Text.Status")?>	' . $GLOBALS['nof_resources']->get('nw.Admin.Text.ApprovedNews') . '!'; } else { echo '' . $GLOBALS['nof_resources']->get('nw.Admin.Text.NotApprovedNews') . '!'; }?>
get('nw.Admin.Link.Back')?> -  get('nw.Admin.Link.Edit')?> -  get('nw.Admin.Link.Delete')?> -  get("nw.Admin.Link.Validate"); }else{ $str=$GLOBALS['nof_resources']->get("nw.Admin.Link.Invalidate"); } ?>

get('nw.Admin.Link.Logout')?>
=0 and $start<$numberoflines and $inc<=$pageSize and $lines_array[$start]){ ?> get('nw.Admin.Text.Title')?> get('nw.Admin.Text.Date')?> get('nw.Admin.Text.Name')?>   onclick="nw_updateAllBox()"> get('nw.Text.NoNews')?>            0){?>

get('nw.EditForm.Title'); $titleValue = formEscape($line[$title_pos]); $shortmessageValue = formEscape($line[$shortmessage_pos]); $fullmessageValue = formEscape($line[$fullmessage_pos]); $authorValue = formEscape($line[$author_pos]); $imageValue = formEscape($line[$picture_pos]); $dateValue = formEscape($line[$date_pos]); $statusValue = formEscape($line[$validation_pos]); } else { $formTitle = $GLOBALS['nof_resources']->get('nw.AddForm.Title'); $titleValue = ( isset($myVars["title"]) ) ? $myVars["title"] : ""; $shortmessageValue = ( isset($myVars["shortmessage"]) ) ? $myVars["shortmessage"] : ""; $fullmessageValue = ( isset($myVars["fullmessage"]) ) ? $myVars["fullmessage"] : ""; $authorValue = ( isset($myVars["author"]) ) ? $myVars["author"] : ""; $imageValue = ""; $dateValue = ""; $statusValue = ( isset($myVars["status"]) ) ? $myVars["status"] : ""; } $frmStr = ''; $frmStr .= ''.chr(13); $frmStr .= '

'.chr(13); $frmStr .= ''.chr(13); $frmStr .= ''.chr(13); $frmStr .= ''.chr(13); $frmStr .= ''.chr(13); $frmStr .= ''.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ''.chr(13); $frmStr .= ''.chr(13); $frmStr .= ' '.chr(13); $frmStr .=' '.chr(13); $frmStr .='

'.$formTitle.'

*'.$GLOBALS['nof_resources']->get('nw.AddForm.Required.Message').'

'.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.chr(13); $frmStr .=' '.chr(13); $frmStr .=' '.chr(13); $frmStr .=' '.chr(13); $frmStr .=' '.chr(13); $frmStr .=' '.chr(13); $frmStr .=' '.chr(13); $frmStr .=' '.chr(13); $frmStr .=' '.chr(13); $frmStr .=' '.$msg.' '.$titlelabel.''; if ( $titlereq ) { $frmStr .= '*'; } $frmStr .= ':  '.$shortmessagelabel.''; if ( $shortmessagereq ) { $frmStr .= '*'; } $frmStr .= ':  '; $frmStr .= $shortmessageValue.' '.$fullmessagelabel.''; if ( $fullmessagereq ) { $frmStr .= '*'; } $frmStr .= ':  '; $frmStr .= $fullmessageValue.' '.$authorlabel.''; if ( $showauthor and $authorreq ) { $frmStr .= '*'; } $frmStr .= ':  '.$picturelabel.''; if ( $showpicture and $picturereq ) { $frmStr .= '*'; } $frmStr .= ':  '.chr(13); if ( $line[$picture_pos] != "" ) { $popupLink = "javascript:window.open('" . $cgiDir . "nw_showImage.html?img=images/" . $imageValue . "','popupimage','left=' + window.screen.availWidth*20/100 + ',top=' + window.screen.availHeight*5/100 + ',toolbar=0,resizable=0,scrollbars=0,location=0');"; $frmStr .= ' '.$GLOBALS['nof_resources']->get('nw.Admin.Link.ViewImage').' '.chr(13); } $frmStr .= ' '.chr(13); $frmStr .= ' '.$conf[$SNCompIdent.'imageRequire'].' '.chr(13); $frmStr .= ' '.$GLOBALS['nof_resources']->get('nw.Admin.Text.Status').'*:  '.chr(13); $frmStr .= ' '.chr(13); $frmStr .= ' '.$GLOBALS['nof_resources']->get('nw.Status.True').''.chr(13); $frmStr .= ' get('nw.Status.False').''.chr(13).''; $frmStr .= '     '.chr(13); $frmStr .='     '.chr(13); $frmStr .=' '.chr(13); $frmStr .='

'.chr(13); $frmStr .='

'.chr(13); echo $frmStr; } ?>