$sql"); if(mysql_num_rows($res)) { while($rowfl=mysql_fetch_array($res)) { $id_field = $rowfl[id]; if(empty($fid)) // ako nema fid, uzmi prvog $fid = $id_field; $href_fid = $WCT[wct_index]."?run=WCTL&wct=$rowt[id]&rid=$HTTP_GET_VARS[rid]&fid=$id_field"; $td_list .= "$rowfl[fl_caption] | "; if($fid==$id_field) // ovaj ide lower { $fl_name = $rowfl[fl_name]; $defa_value = nl2br($row[$fl_name]); $fl_caption = $rowfl[fl_caption]; $tr_lower = WCTL_lower($rowfl,$fid,$row); } } $form_action = $WCT[wct_index]."?run=WCTL_db&wct=$HTTP_GET_VARS[wct]&rid=$HTTP_GET_VARS[rid]&fid=$fid"; $submit_button = input_submit($rowt,$rowfl,$row); $retval =<<
Višejezična polja: | $td_list $tr_lower $submit_button
$fl_caption:  $defa_value
EOWCTLU1; } else { $retval = "Nema višejezičnih polja"; } return $retval; } // eof LANG // WCTL function WCTL_lower(&$rowfl,$fid,&$row) { global $CMT,$VArow,$HTTP_GET_VARS,$HTTP_POST_VARS,$rowt; /* maska za unos ovog polja $row su podaci iz wct_field o njemu fid je njegov id u wct_field */ $CMT[attbs][$fid] = get_attributes('wct_field',$fid); // attributes for this field $function_call = "input_".$rowfl[fl_input]."_tag"; // input_text(), input_texarea() ... $fl_name = $rowfl[fl_name]; $fl_input = $rowfl[fl_input]; $defa_value = nl2br($row[$fl_name]); // multirows $sql = " SELECT * FROM $CMT[table_multilang] WHERE id_table=$rowt[id] and id_field=$fid and id_record=$HTTP_GET_VARS[rid] ORDER BY id_table,id_field,id_field,id_lang "; $res = mysql_query($sql) or die(mysql_error()."
$sql"); if(mysql_num_rows($res)) { while($row_ml=mysql_fetch_array($res)) { $ml_lang = $row_ml[id_lang]; $ml_value[$ml_lang] = $row_ml[ml_value]; $ml_record[$ml_lang] = $row_ml[id_record]; } } // languages $sql=" SELECT * from $CMT[table_lang] ORDER BY lang_order "; $res = mysql_query($sql) or die(mysql_error()."
$sql"); if(mysql_num_rows($res)) { $itab=0; while($row_lang=mysql_fetch_array($res)) { $the_lang = $row_lang[id]; $itab++; // $fname = $rowfl[fl_name]."[$the_lang]"; $fname = "ml_input[$the_lang]"; if($rowfl[fl_input]=='textarea_html') { if(empty($CMT[tiny_elements])) $CMT[tiny_elements] = $fname; else $CMT[tiny_elements] .= ",$fname"; } if(empty($ml_value[$the_lang])) $value = $defa_value; else $value = $ml_value[$the_lang]; if(function_exists($function_call)) $ret_input = $function_call($fname,$value,$CMT[attbs][$fid],$itab); else die("nema: $function_call"); $retval .=<< $row_lang[lang_name]:  $ret_input EOWCTL_lo; } } return $retval; } // eof WCTL_lower // WCTL function WCTL_db() { global $CMT,$VArow,$HTTP_GET_VARS,$HTTP_POST_VARS,$rowt; if($HTTP_POST_VARS[submit_form]==$CMT[submit_odustani]) { $href_tab = $WCT[wct_index]."?run=tab&wct=$HTTP_GET_VARS[wct]"; return ""; } /* upiši u bazu višejezično polje */ /* foreach($HTTP_GET_VARS as $key=>$value) { $$key=$value; echo "$key: $value
"; } foreach($HTTP_POST_VARS as $key=>$value) { $$key=$value; echo "$key: $value
"; } */ $ml_input = $HTTP_POST_VARS[ml_input]; foreach($ml_input as $key=>$value) { // $$key=$value; // echo "$key: $value
"; $AZU[id_field] = $HTTP_GET_VARS[fid]; $AZU[id_table] = $HTTP_GET_VARS[wct]; $AZU[id_record] = $HTTP_GET_VARS[rid]; $AZU[id_lang] = $key; $AZU[ml_value] = $value; $WHERE = "id_field=$HTTP_GET_VARS[fid] and id_table=$HTTP_GET_VARS[wct] and id_record=$HTTP_GET_VARS[rid] and id_lang=$key"; $probains = azuriraj($AZU,$CMT[table_multilang],"I",""); $probaupd = azuriraj($AZU,$CMT[table_multilang],"U",$WHERE); // echo "id_field=$HTTP_GET_VARS[fid], id_table=$HTTP_GET_VARS[wct] ($rowt[tb_table]), id_record=$HTTP_GET_VARS[rid], id_lang=$key, value=$value :: I=$probains, U=$probaupd
"; } //die(); // $href_replace = $WCT[wct_index]."?run=tab&wct=$HTTP_GET_VARS[wct]"; $href_replace = $HTTP_POST_VARS[REFERER]; // $href_replace = $WCT[wct_index]."?run=WCTL&wct=$HTTP_GET_VARS[wct]&rid=$HTTP_GET_VARS[wct]&fid=$HTTP_GET_VARS[fid]"; return <<location.replace('$href_replace'); EOECTLdb; } // eof WCTL_db // GET_MULTILANG function get_multilang($id_table,$field_name,&$row) { global $CMT,$rowt,$rowtr,$rowtd,$VArow,$HTTP_GET_VARS; /* za zahvat u multi trebam id_table id_field (dobiti iz naziva) id_record moram dobiti proslijeđeno (preko $row) id_lang _GET */ // default (ako nista ne nadje) $defa_value = $row[$field_name]; // ako nema $row nema nista drugo za prevoditi if(empty($row)) return $defa_value; // nadji id field po nazivu $rowfl1 = gimme($CMT[table_wct_field],$id_table,"id_table","fl_name='$field_name'"); if(empty($rowfl1)) // nema? return $defa_value; // u wct_table znam kako mi se zove id polje $rowt1 = gimme($CMT[table_wct_table],$id_table); if(empty($rowt1)) // nema? return $defa_value; $tb_id_field = $rowt1[tb_id_field]; $id_record = $row[$tb_id_field]; // slozi SQL.. $sql = " SELECT * FROM $CMT[table_multilang] WHERE id_table=$id_table and id_field=$rowfl1[id] and id_record=$id_record and id_lang=$HTTP_GET_VARS[lang] "; $res = mysql_query($sql) or die(mysql_error()."
$sql"); if(mysql_num_rows($res)) { $row_ml=mysql_fetch_array($res); if(is_array($row_ml)) $retval = $row_ml[ml_value]; else $retval = $defa_value; } else $retval = $defa_value; return $retval; } // eof get_multilang // get_langcapt function get_langcapt($id_table,$WHERE='1=1') { global $CMT; if(empty($id_table)) return ""; $sql = " select * from $CMT[table_wct_field] where id_table=$id_table and $WHERE; "; $res = mysql_query($sql) or die(mysql_error()."
$sql"); if(mysql_num_rows($res)) { while($row_capt=mysql_fetch_array($res,MYSQL_ASSOC)) { $fl_name = $row_capt[fl_name]; $CAPT[$fl_name] = get_multilang($CMT[id_wct_field],'fl_caption',$row_capt); // a tu višejezično } } return $CAPT; } // eof get_langcapt // show__MULTILANG function show__MULTILANG(&$fname,&$value,$i,&$row) { global $CMT,$rowt,$rowtr,$rowtd,$VArow,$HTTP_GET_VARS; $idfield = $rowt[tb_id_field]; $href_multilang = $CMT[wct_index]."?run=WCTL&wct=$HTTP_GET_VARS[wct]&rid=$row[$idfield]"; return "
jezici"; } // eof _MULTILANG // show__CHECKBOX function show__CHECKBOX(&$fname,&$value,$i,&$row) { global $CMT,$rowt,$rowtr,$rowtd,$VArow,$HTTP_GET_VARS; return ""; $idfield = $rowt[tb_id_field]; $idvalue = $row[$idfield]; return ""; } // eof show__CHECKBOX // tpl_defs function tpl_defs($tabela="",$id=1) { global $CMT,$VArow,$HTTP_GET_VARS; /* uzmi iz nek_template sve definicije potrebne za template pa preabci u VArow */ // kraticu jezika trebam u templateu za slike $row_lang = gimme($CMT[table_lang],$HTTP_GET_VARS[lang]); $CMT[lang_short] = $row_lang[lang_short]; if(empty($HTTP_GET_VARS[lang])) $HTTP_GET_VARS[lang]=1; $row_tpl = gimme($CMT[table_template],$HTTP_GET_VARS[lang]); if(!is_array($row_tpl)) // ako nije uneseno, daj prvi! $row_tpl = gimme($CMT[table_template],'1'); if(is_array($row_tpl)) { foreach($row_tpl as $key=>$value) { $VArow[$key]=$value; if($key=='meta') { $value = str_replace('"','"',$value); $value = str_replace('’',"\'",$value); $VArow[$key] = $value; } } } } // eof tpl_defs // tpl_defs /** * sam definira tabelu iz koje uzima podatke * ne gleda GET[lang] ! * * @param unknown_type $tabela * @param unknown_type $id */ function tpl_defs_2($tabela="",$id=1) { global $CMT,$VArow,$HTTP_GET_VARS; /* uzmi iz nek_template sve definicije potrebne za template pa prebaci u VArow */ if(empty($tabela)) $tabela = $CMT['table_template']; $row_tpl = gimme($tabela,$id); if(is_array($row_tpl)) { foreach($row_tpl as $key=>$value) { $VArow[$key]=$value; if($key=='meta') { $value = str_replace('"','"',$value); $value = str_replace('’',"\'",$value); $VArow[$key] = $value; } } } } // eof tpl_defs ?>"; // nekad pozivamo tab preko index.php (i sl.) koji sami ubacuju get parametre // a $_SERVER['QUERY_STRING'] ostaje prazan! if(empty($_SERVER['QUERY_STRING'])) { foreach ($_GET as $gvar=>$gvalue) { if(empty($tusam)) $tusam = "$gvar=$gvalue"; else $tusam .= "&$gvar=$gvalue"; } $_SESSION[$this_table] = $tusam; } } define("_VALID_WCT", 1); $start_path = substr($_SERVER[DOCUMENT_ROOT],0,0-strlen(strrchr($_SERVER[DOCUMENT_ROOT],'/'))+1); $start_url = substr($_SERVER['REQUEST_URI'],0,0-strlen(strrchr($_SERVER['REQUEST_URI'],'/'))+1); $CMT[error_redirect] = $start_url; define("LOG_FOLDER",$start_path.'WOLF_LOG'); //echo "$CMT[error_redirect]
".LOG_FOLDER."
"; // malo varijabli za b2b define("B2B_PARTNER", "partner"); define("B2B_NARUDZBA", "narudzba"); define("B2B_STAVKA", "stavka"); // ovo trebam za forum na misljenja.hr switch($_SERVER['SERVER_NAME']) { case 'www.wolf01.com': case 'wolf01.com': define("PRETPLATNIK_FORUM", 1003); // id pretplatnika ciji clanovi su sudionici (samo) foruma break; case 'www.misljenja.hr': case 'misljenja.hr': define("PRETPLATNIK_FORUM", 1003); break; } $CMT[multilanguage]='0'; $CMT[auto_proceed] = "1"; $CMT[print_template] = "common/print_index.php"; $CMT[tigra_popup] = '1'; // koristi tigra popup calendar? $CMT[tigra_attribs] = ''; $CMT[login_required] = '1'; $CMT[user_table] = "korisnik"; // potrebno za login $CMT[user_table_id] = "id"; $CMT[user_table_username] = "kor_username"; $CMT[user_table_password] = "kor_password"; $CMT[user_table_status] = "kor_status"; // provjerava status kod logina! $CMT[user_table_token] = "kor_token"; $CMT[user_table_lastlogin] = "kor_prijava"; $CMT[user_table_fullname] = '$rowuser[kor_ime] $rowuser[kor_prezime]'; // prikazuje ime i prezime $CMT[user_table_myurl] = ''; // link za editiranje $CMT[logout_redirect] = "admin.php"; $CMT[login_redirect] = "admin.php"; $CMT[resize_function] = "please_resize"; $CMT[pdf_icon] = "wcs/images/pdf.png"; $CMT[word_icon] = "wcs/images/document.png"; $CMT[unknown_icon] = "wcs/images/icon_docs.gif"; // malo iz urz $CMT[excel_icon] = "images/excel-icon.gif"; $CMT[zip_icon] = "images/winzip-icon.jpg"; $CMT[document_icon] = "images/document-icon.gif"; $CMT[folder_seminar] = $_SERVER['DOCUMENT_ROOT']."/dok/seminar/"; $CMT[root_folder] = "dok"; table_def(); // definicije table_* i id_* // ovo sve moze bit u nekoj drugoj tabeli $CMT[login_mess] = "prijavi se"; $CMT[logout_mess] = "odjavi se"; $CMT[submit_mess] = "Prihvati"; $CMT[cancel_mess] = "Odustani"; $CMT[required_mess] = "Obavezno upisati"; $CMT[error_in_form] = "GreĹĄka kod unosa"; $CMT[reenter_form] = "Ponoviti unos"; //$CMT[required_icon] = "ikone/icon_asterix.gif"; $CMT[help_icon] = 'ikone/help-agent.png'; //'wcs/images/help.gif'; $CMT[submit_upisi] = "UpiĹĄi"; $CMT[submit_odustani] = "Odustani"; $CMT[insert_mess] = "dodaj"; $CMT[update_mess] = "izmijeni"; $CMT[delete_mess] = "obriĹĄi"; //$CMT[insert_img] = "$CMT[insert_mess]"; $CMT[insert_img] = "$CMT[insert_mess]"; //$CMT[update_img] = "$CMT[update_mess]"; $CMT[update_img] = "$CMT[update_mess]"; $CMT[delete_img] = "$CMT[delete_mess]"; // za disp=1 $CMT[checked_yes] = "Da"; $CMT[checked_not] = "Ne"; $CMT[noinsert_mess] = "Nemate pravo unosa"; $CMT[noupdate_mess] = "Nemate pravo izmjene"; $CMT[nodelete_mess] = "Nemate pravo brisanja"; $CMT[noview_mess] = "Pristup nije dozvoljen"; $CMT[back_mess] = "Povratak"; $VArow[ISO] = "UTF-8"; // default vrijednosti $CMT[pageitems] = 10; // broj redaka na jednoj strani $CMT[navpages] = 10; // navigacija nudi 10 stranica $CMT[default_template] = "common/index_admin.php"; // mora postojati $CMT[css] = "css/default.css"; // css // input vrijednosti $CMT[text_default] = 'size="50" maxlength="255"'; $CMT[textarea_default] = 'cols="100" rows="3"'; $CMT[file_default] = 'size="20"'; $CMT[empty_input_date] = ''; /* default postavke (trbaju postojati u .css za tabele koje ispljune ovaj program table.wct sama tabela table.wct td.title naslov tablice table.wct td.header nazivi stupaca table.wct tr.item0 podaci u 1. redu table.wct tr.item1 podaci u 2. redu, naizmjenično */ $CMT[sifraop_naknada] = '6.'; // sifra za OP za sve naknade // koristi ga radnik->racun_dodatak(); $CMT[print_version_icon] = "ikone/print-icon.gif"; // ikone $CMT[icon_obracun_osobe] = "Unos radnika"; $CMT[icon_obracun_obrada] = "Obračun plaće"; $CMT[icon_obracun_ispis] = "Ispis obrazaca"; $CMT[icon_obracun_postavke] = "Parametri obračuna"; $CMT[icon_radnik_postavke] = "Parametri radnika title="; $CMT[icon_obracun_nazad] = "Povratak"; $CMT[icon_money_plus] = "Vrste rada"; $CMT[icon_money_minus] = "Obustave"; $CMT[icon_obracun_radnik] = "Obračun plaće"; $CMT[icon_locked] = "Obračun zaključen"; $CMT[icon_copy_new] = "Otvoriti novi obračun"; $CMT[icon_lista] = "Lista"; $CMT[icon_liste] = "Liste"; $CMT[icon_razdoblje] = "Razdoblja"; $CMT[icon_radnik_osnovno] = "Osnovni podaci"; $CMT[icon_radnik_obrazovanje] = "Podaci o obrazovanju"; $CMT[icon_radnik_obitelj] = "Podaci o obitelji"; $CMT[icon_radnik_zaposlenje] = "Podaci o zaposlenju"; $CMT[icon_radnik_adresa] = "Podaci o stanovanju"; $CMT[icon_radnik_staz] = "Podaci o staĹžu"; $CMT[icon_kalkulator] = "Izračunaj"; $CMT[value_NULL] = "nema podatka"; $CMT[value_0] = "nije upisano"; if(empty($CMT[wct_css])) $CMT[wct_css] = ""; // wct_export function wct_export() { global $CMT,$HTTP_GET_VARS; return exec("c:\\xampp\mysql\\bin\\WOLF_WCT.BAT"); } // wct_export // u_izradi function u_izradi() { global $CMT,$HTTP_GET_VARS; return "

Stranica je u izradi.

"; } // eof u_izradi /******************************************************************************/ /******************************************************************************/ // sef2run function sef2run() { global $CMT,$VArow,$HTTP_GET_VARS; $CMT[sef2run] = 1; // zapamti da si obradio sef switch($_GET[wct]) { case $CMT[id_artikal_public]: sef2proizvod(); break; case $CMT['id_group_user']: case $CMT['id_group_user_en']: sef2group(); break; case $CMT['id_subgr_user']: case $CMT['id_subgr_user_en']: sef2subgroup(); break; case $CMT['id_item_user']: case $CMT['id_item_user_en']: sef2item(); break; } } // eof sef2run // get_error function get_error(&$arr_error) { global $CMT,$HTTP_GET_VARS; /* print_r($_SERVER); echo "\nNEISPRAVNA _GET POLJA:\n"; print_r($arr_error); */ if(empty($CMT[error_redirect])) $CMT[error_redirect] = "/"; $log_file = LOG_FOLDER . "/hack_".date("Y-m-d").".txt"; $handle = fopen($log_file,'a'); if($handle) { fwrite($handle, date("Y-m-d H:i:s")." [".$_SERVER['REMOTE_ADDR']."]\n\n"); fwrite($handle, "SERVER\n"); foreach ($_SERVER as $key=>$value) { fwrite($handle, "$key: $value\n"); } fwrite($handle, "\nNEISPRAVNA _GET POLJA:\n"); foreach ($arr_error as $key=>$value) { fwrite($handle, "$key:$value\n"); } fwrite($handle, "\n --------------------------------------------------- \n\n"); fclose($handle); } Header("Location: $CMT[error_redirect]"); exit; } // eof get_error // sef2proizvod // obradjujemo grupa proizvoda / proizvod // run, wct, g, p function sef2proizvod() { global $CMT,$HTTP_GET_VARS; if($_GET[p]) $HTTP_GET_VARS[run] = $_GET[run] = "voda_proizvod"; else $HTTP_GET_VARS[run] = $_GET[run] = "voda_kategorija"; // grupa artikala $row_grp = gimme_db($CMT[table_artikal_grupa],$_GET[g],"grp_seo_url"); $HTTP_GET_VARS[grp] = $_GET[grp] = $row_grp[grp_id]; // artikal if($_GET[p]) { $row_art = gimme_db($CMT[table_artikal],$_GET[p],"art_seo_url"); $HTTP_GET_VARS[art] = $_GET[art] = $row_art[art_id]; } unset($_GET[g]); unset($_GET[p]); unset($HTTP_GET_VARS[g]); unset($HTTP_GET_VARS[p]); } // eof sef2proizvod // sef2group // vezano za wcr_group // run, wct, g function sef2group() { global $CMT,$HTTP_GET_VARS; $HTTP_GET_VARS[run] = $_GET[run] = "row"; // rubrika $row_group = gimme_db($CMT[table_group],$_GET[g],"group_seo_url"); $HTTP_GET_VARS[rid] = $_GET[rid] = $row_group[id]; unset($_GET[g]); unset($HTTP_GET_VARS[g]); } // eof sef2group // sef2subgroup // vezano za wcr_subgroup // run, wct, g, s function sef2subgroup() { global $CMT,$HTTP_GET_VARS; $HTTP_GET_VARS[run] = $_GET[run] = "row"; // rubrika $row_group = gimme_db($CMT[table_group],$_GET[g],"group_seo_url"); $row_subgroup = gimme_db($CMT[table_subgroup],$_GET[s],"subgr_seo_url","id_group=".$row_group['id']); $HTTP_GET_VARS[rid] = $_GET[rid] = $row_subgroup[id]; $HTTP_GET_VARS[gid] = $_GET[gid] = $row_group[id]; unset($_GET[g]); unset($HTTP_GET_VARS[g]); unset($_GET[s]); unset($HTTP_GET_VARS[s]); } // eof sef2subgroup // sef2item // vezano za wcr_item // run, wct, g, s, i function sef2item() { global $CMT,$HTTP_GET_VARS; $HTTP_GET_VARS['run'] = $_GET['run'] = "row"; // rubrika $row_group = gimme_db($CMT['table_group'],$_GET[g],"group_seo_url"); $row_subgroup = gimme_db($CMT['table_subgroup'],$_GET['s'],"subgr_seo_url","id_group=".$row_group['id']); $row_item = gimme_db($CMT['table_item'],$_GET['i'],"item_seo_url","id_subgroup=".$row_subgroup['id']); $HTTP_GET_VARS['rid'] = $_GET['rid'] = $row_item['id']; $HTTP_GET_VARS['sid'] = $_GET['sid'] = $row_subgroup['id']; $HTTP_GET_VARS['gid'] = $_GET['gid'] = $row_group['id']; unset($_GET['g']); unset($HTTP_GET_VARS['g']); unset($_GET['s']); unset($HTTP_GET_VARS['s']); unset($_GET['i']); unset($HTTP_GET_VARS['i']); } // eof sef2item /** * ******************************************************************************************** * * SEF LINKOVI za proretail * group, subgroup, item * project * * */ // sef_link_group function sef_link_group($row_group) { global $CMT,$HTTP_GET_VARS; return $CMT['root_folder'] . $row_group['group_seo_url'] . "/"; } // eof sef_link_group // sef_link_subgroup function sef_link_subgroup($row_group,$row_subgroup) { global $CMT,$HTTP_GET_VARS; return $CMT['root_folder'] . $row_group['group_seo_url'] . "/" . $row_subgroup['subgr_seo_url'] . "/"; } // eof sef_link_subgroup // sef_link_item function sef_link_item($row_group,$row_subgroup,$row_item) { global $CMT,$HTTP_GET_VARS; return $CMT['root_folder'] . $row_group['group_seo_url'] . "/" . $row_subgroup['subgr_seo_url'] . "/".$row_item['item_seo_url']."/"; } // eof sef_link_item // sef_link_project // link for menu 'Projekte' // from wcr_service function sef_link_project($seo_link_projekte,$row_service) { global $CMT,$HTTP_GET_VARS; return $CMT['root_folder'] . $seo_link_projekte . "/" .$row_service['ser_seo_url'] . "/"; } // eof sef_link_project // sef_link_service // link for menu 'Dienstleistungen' (services) // from wcr_service function sef_link_service($seo_link_services,$row_service) { global $CMT,$HTTP_GET_VARS; return $CMT['root_folder'] . $seo_link_services . "/" .$row_service['ser_seo_url'] . "/"; } // eof sef_link_service // sef_link_project function sef_link_case($row_case) { global $CMT,$HTTP_GET_VARS; return $CMT['root_folder'] . $CMT['projekte_seo_url'] . "/" .$row_case['news_seo_url'] . "/"; } // eof sef_link_project // help_overlib function help_overlib($help_id) { global $CMT; $row_help = gimme($CMT[table_help],$help_id,"id"); if (is_array($row_help)) { // zbog js moram izbaciti sve prelaske u novi red i specijalne karaktere $help_arr = explode("\n",$row_help[tekst]); foreach ($help_arr as $key => $value) { $help_tekst .= htmlspecialchars(trim($value)); } $retval = "'$help_tekst', CAPTION, '$row_help[naslov]', WIDTH, 300, CSSCLASS,TEXTFONTCLASS,'h_fontClass',FGCLASS,'h_fgClass', BGCLASS,'h_bgClass',CAPTIONFONTCLASS,'h_capfontClass', CLOSEFONTCLASS, 'h_capfontClass'"; } else // nije učitao $retval = ""; return $retval; } // eof help_overlib // html_editor /* imam ckeditor i ckfinder u root folderu! */ function html_editor() { global $CMT,$HTTP_GET_VARS,$rowfl,$classuser; switch($CMT['application_version']) { case 'misljenja': case 'edit': case 'bee': case 'jeklotehna': return html_editor_old(); } if (is_array($rowfl)) // $tiny_elements za textarea_html { foreach($rowfl as $key=>$value) { $$key=$value; // echo "$key
"; foreach($value as $key2=>$value2) { $$key2=$value2; // echo "$key2: $value2
"; } if($fl_input=='textarea_html') { if(empty($CMT[tiny_elements])) $CMT[tiny_elements] = $fl_name; else $CMT[tiny_elements] .= ",$fl_name"; } // echo "$key: $value
"; } } // IZBACUJEM tiny, ubacujem CKEditor if($CMT['tiny_elements']) { // pripremi i za CKEditor $html_arr = explode(",",$CMT['tiny_elements']); foreach ($html_arr as $key=>$fl_name) { $CMT['ck_elements'] .= " CKEDITOR.replace('$fl_name') ; "; } $CMT['ck_elements'] = " "; return << EOJSFCK; } else { return ""; } } // eof html_editor // html_editor_old function html_editor_old() { global $CMT,$HTTP_GET_VARS,$rowfl,$classuser; if (is_array($rowfl)) // $tiny_elements za textarea_html { foreach($rowfl as $key=>$value) { $$key=$value; // echo "$key
"; foreach($value as $key2=>$value2) { $$key2=$value2; // echo "$key2: $value2
"; } if($fl_input=='textarea_html') { if(empty($CMT[tiny_elements])) $CMT[tiny_elements] = $fl_name; else $CMT[tiny_elements] .= ",$fl_name"; } // echo "$key: $value
"; } } // IZBACUJEM tiny, ubacujem CKEditor if($CMT['tiny_elements']) { // pripremi i za CKEditor $html_arr = explode(",",$CMT['tiny_elements']); foreach ($html_arr as $key=>$fl_name) { $CMT['ck_elements'] .= " var oFCKeditor = new FCKeditor( '$fl_name' ) ; oFCKeditor.ReplaceTextarea() ; "; } $CMT['ck_elements'] = " "; return << EOJSFCK; } else { return ""; } } // eof html_editor_old // ispis // javascript-e koje se koriste kod cms-a // submit upisi (onClik) // submit odustani // checkRegForm function js_cms() { global $CMT,$HTTP_GET_VARS,$rowt,$VArow; if($CMT[my_js_cms]) { // specificni js if(function_exists($CMT[my_js_cms])) return $CMT[my_js_cms](); } $this_table = "table_".$HTTP_GET_VARS[wct]; $a_polozaj = "a_".$rowt[tb_id_field]."_".$HTTP_GET_VARS[rid]; if(empty($_SESSION[$this_table])) $run_wct = "run=tab&wct=".$rowt['id']; else $run_wct =$_SESSION[$this_table]; // $REFERER = $CMT[wct_index]."?".$run_wct."#".$a_polozaj; if($VArow['submit_odustani']) $REFERER = $VArow['submit_odustani']; else $REFERER = $_SERVER['HTTP_REFERER']; return << EOJSCMS; } // eof ispis // dijagnoza function js_nl2br(&$tekst) { global $CMT,$HTTP_GET_VARS; // zbog js moram izbaciti sve prelaske u novi red i specijalne karaktere $retval = ""; $tekst_arr = explode("\n",$tekst); if(is_array($tekst_arr)) { foreach ($tekst_arr as $key => $value) $retval .= htmlspecialchars(trim($value))."
"; } return $retval; } // eof dijagnoza // U P L O A D F I L E // chkmk_dir function chkmk_dir($folderfix,$foldervar) { /* check if folder exist if not mkdir folderfix (fixed part od path) must exist and have 777 privilege, ends with '/' foldervar (variable part rg. $id) I can create */ $fullpath = $folderfix . $foldervar; if(@is_dir($fullpath)) { $retval = 1; } else { if (@mkdir($fullpath,0777)) { @chmod($fullpath,0777); $retval = 1; } else $retval = 0; } return $retval; } // eof chkmk_dir // please_resize // zadana sirina i visina! function please_resize2($imedat,$tosizex,$tosizey) { $imageinfo = GetImageSize($imedat); $imagewidth = $imageinfo[0]; $imageheight = $imageinfo[1]; $imagetype = $imageinfo[2]; $proporcije_max = $tosizex / $tosizey; $proporcije_this = $imagewidth / $imageheight; if($proporcije_this > $proporcije_max) { // resize po x $resize_width = $tosizex; } else { // resize po y $resize_height = $tosizey; $resize_width = $resize_height * $proporcije_this; } // echo "($tosizex,$tosizey) convert.exe -geometry $resize_width $imedat $imeda
"; if($_SERVER['WINDIR']) { $convert = exec("convert.exe -geometry $resize_width $imedat $imedat"); } else { // $convert = exec("/usr/bin/convert -geometry $resize_width $imedat $imedat"); please_resize_php($imedat,$resize_width); } chmod($imedat,0666); } // eof please_resize // please_resize // zadana sirina! function please_resize($imedat,$tosize) { global $CMT,$HTTP_GET_VARS; if(!empty($tosize)) { $imageinfo = GetImageSize($imedat); $imagewidth = $imageinfo[0]; $imageheight = $imageinfo[1]; $imagetype = $imageinfo[2]; if (($imagewidth > $tosize) || ($imageheight > $tosize)) { if ($imagewidth >= $imageheight) { $n_width = $tosize; $n_height = $tosize * $imageheight / $imagewidth; } else { $n_width = $tosize * $imagewidth / $imageheight; $n_height = $tosize; } // $convert=system("convert -geometry $n_width $imedat $imedat"); switch ($CMT[resize_exec]) { case 'convert': exec("convert -geometry $n_width $imedat $imedat"); break; case 'convert-win': //echo " (c:\prograč1\imagemč1.2-q\convert.exe -geometry $n_width $imedat $imedat) "; // $imedat_win = str_replace(); // $recimi = system("c:\prograč1\imagemč1.2-q\convert.exe -geometry $n_width $imedat $imedat"); $recimi = exec("resize.bat $n_width $imedat"); break; case 'resizejpegs': $recimi = exec("resizejpegs.exe -f \"$imedat\" -r -c -a -x $n_width -y $n_height"); // echo " [$recimi] "; // die("resizejpegs.exe -f \"$imedat\" -r -c -x -a $n_width"); break; case 'php': please_resize_php($imedat,$n_width); break; default: exec("convert -geometry $n_width $imedat $imedat"); } } } } // eof please_resize // please_resize_php function please_resize_php($imedat,$tosize) { if ($tosize > 0) { $src_im = GetImageSize($imedat); $srcW = $src_im[0]; $srcH = $src_im[1]; $imagetype = $src_im[2]; if (($srcW > $tosize) || ($srcH > $tosize)){ // racunam Width/Heigt if ($srcW >= $srcH) { $dstW = $tosize; $dstH = (int) ($tosize * $srcH / $srcW); } else { $dstH = $tosize; $dstW = (int) ($tosize * $srcW / $srcH); } $srcX = $srcY = $dstX = $dstY = 0; switch($imagetype) { case '1': $src_im2 = ImageCreateFromGIF($imedat); break; case '2': $src_im2 = ImageCreateFromJPeG($imedat); break; case '3': $src_im2 = ImageCreateFromPNG($imedat); break; } $dst_im = ImageCreateTrueColor ($dstW, $dstH); $copyrs = imagecopyresized ($dst_im, $src_im2, $dstX, $dstY, $srcX, $srcY, $dstW, $dstH, $srcW, $srcH); switch($imagetype) { case '1': $wrirers = imageGIF ($dst_im, $imedat); break; case '2': $wrirers = imageJPEG ($dst_im, $imedat,60); break; case '3': $wrirers = imagePNG ($dst_im, $imedat); break; } // echo "$dst_im, $src_im, $dstX, $dstY, $srcX, $srcY, $dstW, $dstH, $srcW, $srcH
"; // echo "convert -geometry $n_width $imedat $imedat
"; // $convert=system("convert -geometry $dstW $imedat $imedat"); chmod($imedat,0666); } } // tosize > 0 } // eof please_resize_php // upl_fileF function upl_fileF($HTTP_POST_FILES,$fname,$folderfix,$foldervar,$fixed_name,$resizeto=0,$resizethumb=0) { global $CMT,$HTTP_GET_VARS; /* echo $HTTP_POST_FILES[$fname][name]."
"; echo $HTTP_POST_FILES[$fname][tmp_name]."
"; echo $HTTP_POST_FILES[$fname][size]."
"; echo $HTTP_POST_FILES[$fname][type]."
"; 'F' version of handling pictures ... FIXED FILENAME folderfix (fixed part od path) must exist and have 777 privilege foldervar (variable part eg. $id) I can create filename: fixed_name.extension eg. 12.pdf return fullpath */ $retval = ""; if(empty($HTTP_POST_FILES[$fname][tmp_name]) || $HTTP_POST_FILES[$fname][tmp_name]=='none') { // return ""; // tmp_name not empty // not 'none' // exists! } else { $file_ext = file_extension($HTTP_POST_FILES[$fname][name]); if($file_ext=='') return ""; // $encode_name = ereg_replace('%[A-Z,1-9].',"_",rawurlencode($HTTP_POST_FILES[$fname][name])); $encode_name = $fixed_name . '.'. $file_ext; $encode_name_m = $fixed_name . '_m.'. $file_ext; // check/make folder if (chkmk_dir($folderfix,$foldervar)) { $upload_name = $folderfix . $foldervar . '/' . $encode_name; $thumb_name = $folderfix . $foldervar . '/' . $encode_name_m; if(is_file($HTTP_POST_FILES[$fname][tmp_name])) { // copy file if (copy($HTTP_POST_FILES[$fname][tmp_name],$upload_name)) { @chmod($upload_name, 0666); // resize file // php :: imagecopyresized if($resizeto) { //die("params: $HTTP_POST_FILES,$fname,$folderfix,$foldervar,$fixed_name,$resizeto,$resizetoh

$upload_name,$resizeto"); $resize_function = $CMT[resize_function]; $resize_function($upload_name,$resizeto); if($resizethumb) { if (copy($HTTP_POST_FILES[$fname][tmp_name],$thumb_name)) { $resize_function($thumb_name,$resizethumb); } } // resizethumb } // resizeto $retval = $upload_name; // fullpath } // copy } // is_file } // chkmk_dir } // empty return $retval; } // eof upl_file // upl_Naslovnica function upl_Naslovnica($HTTP_POST_FILES,$fname,$folderfix,$foldervar,$fixed_name,$resizeto=0,$resizethumb=0) { global $CMT,$HTTP_GET_VARS; /* echo $HTTP_POST_FILES[$fname][name]."
"; echo $HTTP_POST_FILES[$fname][tmp_name]."
"; echo $HTTP_POST_FILES[$fname][size]."
"; echo $HTTP_POST_FILES[$fname][type]."
"; die(); 'F' version of handling pictures ... FIXED FILENAME folderfix (fixed part od path) must exist and have 777 privilege foldervar (variable part eg. $id) I can create filename: fixed_name.extension eg. 12.pdf return fullpath */ $retval = ""; if(empty($HTTP_POST_FILES[$fname][tmp_name]) || $HTTP_POST_FILES[$fname][tmp_name]=='none') { // return ""; // tmp_name not empty // not 'none' // exists! } else { $file_ext = file_extension($HTTP_POST_FILES[$fname][name]); if($file_ext=='') return ""; // $encode_name = ereg_replace('%[A-Z,1-9].',"_",rawurlencode($HTTP_POST_FILES[$fname][name])); $encode_name = "naslov-" . sprintf("%03d",$fixed_name) . '.jpg'; $upload_name = 'dok/knjiga/' . $encode_name; if(is_file($HTTP_POST_FILES[$fname][tmp_name])) { // copy file if (copy($HTTP_POST_FILES[$fname][tmp_name],$upload_name)) { @chmod($upload_name, 0666); // resize file // php :: imagecopyresized if($resizeto) { //die("params: $HTTP_POST_FILES,$fname,$folderfix,$foldervar,$fixed_name,$resizeto,$resizetoh

$upload_name,$resizeto"); $resize_function = $CMT[resize_function]; $resize_function($upload_name,$resizeto); } // resizeto $retval = $upload_name; // fullpath } // copy } // is_file } // empty return $retval; } // eof upl_file // upl_Poglavlje function upl_Poglavlje($HTTP_POST_FILES,$fname,$folderfix,$foldervar,$fixed_name,$resizeto=0,$resizethumb=0) { global $CMT,$HTTP_GET_VARS; /* echo $HTTP_POST_FILES[$fname][name]."
"; echo $HTTP_POST_FILES[$fname][tmp_name]."
"; echo $HTTP_POST_FILES[$fname][size]."
"; echo $HTTP_POST_FILES[$fname][type]."
"; die(); 'F' version of handling pictures ... FIXED FILENAME folderfix (fixed part od path) must exist and have 777 privilege foldervar (variable part eg. $id) I can create filename: fixed_name.extension eg. 12.pdf return fullpath */ $retval = ""; if(empty($HTTP_POST_FILES[$fname][tmp_name]) || $HTTP_POST_FILES[$fname][tmp_name]=='none') { // return ""; // tmp_name not empty // not 'none' // exists! } else { $file_ext = file_extension($HTTP_POST_FILES[$fname][name]); if($file_ext=='') return ""; // $encode_name = ereg_replace('%[A-Z,1-9].',"_",rawurlencode($HTTP_POST_FILES[$fname][name])); $encode_name = $fixed_name . '.pdf'; $upload_name = $encode_name; $copy_name = $CMT[pdf_root] . "poglavlje/" . $encode_name; if(is_file($HTTP_POST_FILES[$fname][tmp_name])) { // copy file if (copy($HTTP_POST_FILES[$fname][tmp_name],$copy_name)) { @chmod($copy_name, 0666); // resize file $retval = $upload_name; // fullpath } // copy } // is_file } // empty return $retval; } // eof upl_Poglavlje // upl_pdf /* upload jednog pdf vezanog uz clanak */ function upl_pdf($HTTP_POST_FILES,$fname,$folderfix,$foldervar,$fixed_name,$resizeto=0,$resizethumb=0) { global $CMT,$HTTP_GET_VARS,$HTTP_POST_VARS; /* echo "$fname,$folderfix,$foldervar,$fixed_name,$resizeto,$resizethumb

"; foreach($HTTP_POST_FILES as $key => $value) { // $$key = $value; echo "_FILE $key: $value
"; } foreach($HTTP_POST_VARS as $key => $value) { // $$key = $value; echo "_POST $key: $value
"; } */ /* lokacija za spremanje dok vrsta_casopisa godina $HTTP_POST_VARS[CasopisID] $HTTP_POST_VARS[IDClanak] */ // provjera foldera // folder $folderfix '/dok' ne provjeravam, mora biti! $pdf_ext = strtolower(file_extension($HTTP_POST_FILES[$fname][name])); if($pdf_ext=='') return ""; // die("ext: $pdf_ext"); $vrsta_path = $HTTP_POST_VARS[filler_vrstacas]; $godina_path = $vrsta_path . "/" . $HTTP_POST_VARS[filler_godina]; $casopis_path = $godina_path . "/" . $HTTP_POST_VARS[CasopisID]; $clanak_path = $folderfix . $casopis_path . "/" . $HTTP_POST_VARS[IDClanak] . "." . $pdf_ext; if(chkmk_dir($folderfix,$vrsta_path)) { if(chkmk_dir($folderfix,$godina_path)) { if(chkmk_dir($folderfix,$casopis_path)) { // echo "copy ".$HTTP_POST_FILES[$fname][tmp_name].",$clanak_path
"; if (copy($HTTP_POST_FILES[$fname][tmp_name],$clanak_path)) @chmod($clanak_path, 0666); else die(convert_uni_2_web("Upload nije moguć [članak: $clanak_path ]")); } else die(convert_uni_2_web("Upload nije moguć [časopis: $casopis_path ]")); } else die(convert_uni_2_web("Upload nije moguć [godina: $godina_path ]")); } else die(convert_uni_2_web("Upload nije moguć [vrsta časopisa: $vrsta_path ]")); //echo "RETURN: $clanak_path

"; return $clanak_path; } // upl_pdf // upload file function upload_file(&$HTTP_POST_VARS,&$rowt) { global $CMT,$HTTP_POST_FILES,$HTTP_GET_VARS; if(is_array($HTTP_POST_FILES)) // ima li post_files { foreach($HTTP_POST_FILES as $this_field=>$value) { $$this_field=$value; /* echo " upload_file:: $this_field: $value, $value[name]
$rowt[id]
"; */ $row_file = gimme($CMT[table_wct_file],$rowt[id],"id_table","file_field='$this_field'"); if(is_array($row_file)) // ima li definicija u wct_file { foreach($row_file as $key2=>$value2) { $$key2=$value2; // echo "$key2: $value2
"; } // foreach row_file // analiziraj mi parametre if(function_exists($file_function)) // ima li funkciju? { eval("\$this_rootfolder = \"$file_rootfolder\";"); // obradi parametre eval("\$this_docfolder = \"$file_docfolder\";"); eval("\$this_docid = \"$file_docid\";"); eval("\$this_resizew = \"$file_resizew\";"); eval("\$this_resizeh = \"$file_resizeh\";"); if(empty($this_rootfolder)) // postoji li rootfolder $upload_err .= "$this_field: Root foldername does not exist
"; else { if(is_dir($this_rootfolder)) { if(!is_writeable($this_rootfolder)) $upload_err .= "$this_field: Root folder $this_rootfolder is not writeable
"; } else $upload_err .= "$this_field: Root folder $this_rootfolder does not exist
"; /* mora postojati imati write privilegije ostale provjere ne trebaju jer ce program sam napraviti docfolder if(is_dir($this_rootfolder)) { $this_path = $this_rootfolder . $this_docfolder; if(!is_dir($this_docfolder)) $upload_err .= "Document folder does not exist: $this_docfolder
"; { } else $upload_err .= "Root folder does not exist: $this_rootfolder
"; */ } // pozovi funkciju ako nema gresaka if(empty($upload_err)) { // echo ("$file_function($HTTP_POST_FILES, $this_field, $this_rootfolder, $this_docfolder, $this_docid, $this_resizew, $this_resizeh)
"); $dok_path = $file_function($HTTP_POST_FILES, $this_field, $this_rootfolder, $this_docfolder, $this_docid, $this_resizew, $this_resizeh); // proslijedi putanju u POST polje if (!empty($dok_path)) { $HTTP_POST_VARS[file_fields] .= $this_field.","; // ovo će iskoristiti PostI za azuriranje u bazi! $HTTP_POST_VARS[$this_field] = $dok_path; } // brisanje polja u bazi // trebalo bi obrisati i sliku u folderu if($HTTP_POST_FILES[$this_field][name]=='_del') { $HTTP_POST_VARS[$this_field] = ""; $HTTP_POST_VARS[file_fields] .= $this_field.","; } } } else $upload_err .= "$this_field: Function does not exist: $file_function
"; } // is_array row_file } // foreach $HTTP_POST_FILES } // is array // echo "upload error:
$upload_err
"; return $upload_err; } // eof upload_file // upload_file_db function upload_file_db($HTTP_POST_VARS,$AZU_TABLE,$AZU_WHERE) { /* napravi update u svim poljima koja se navedu u $HTTP_POST_VARS[file_fields] coma delimited */ if(!empty($HTTP_POST_VARS[file_fields])) { $arr_fname = explode(',',$HTTP_POST_VARS[file_fields]); if(is_array($arr_fname)) { foreach($arr_fname as $key=>$fname) { if(!empty($fname)) { $AZU[$fname] = $HTTP_POST_VARS[$fname]; azuriraj($AZU,$AZU_TABLE,"U",$AZU_WHERE); //die($AZU[$fname].",$AZU_TABLE,$AZU_WHERE"); } } } } return; } // eof upload_file_db function delete_picture($rid) { global $CMT; $file_ext[] = "jpg"; $file_ext[] = "gif"; $file_ext[] = "png"; foreach($file_ext as $key => $extension) { $encode_name = $rid.".".$extension; $upload_name = $CMT[dok_root] . $CMT[subgroup_id] . '/' . $encode_name; $thumb_name = $CMT[dok_root] . $CMT[subgroup_id] . '/t_' . $encode_name; @unlink($upload_name); @unlink($thumb_name); } return; } // eof delete_picture // class pretplatnik class pretplatnik { public $id_pretplatnik = 0; public $administrator = false; public $username = ""; public $ime = ""; public $status = "0"; public $vrsta = 0; public $vrstanaz = ""; public $grupa = 0; public $grupanaz = ""; public $stavki = 0; public $interna_upotreba = false; public $detalji = array(); public $pretplate = array(); // sve pretplate public $pretplate_kratko = ""; // aktivno, ova godina, txt oblik... public $pretplate_dugo = ""; // aktivno, sve godine public $pretplate_sve = ""; // sve, sve godine public $pretplata_id = 0; // trenutni clanak, koja pretplata? public $error_message = ""; // najava::__constructor // id_pret je id korisnika/petplatnika u bazi // operater: "K"-Korisnik, "P"-Pretplatnik function __construct($id_pret,$operater) { global $CMT,$VArow; if($operater=="P" && $id_pret) { $row_pret = gimme($CMT[table_pretplatnik],$id_pret,"id_pretplatnik"); if(is_array($row_pret) && $row_pret[id_pretplatnik]===$id_pret) { $row_vrsta = gimme($CMT[table_select], $row_pret[pret_vrsta], "select_id", "select_group='vrsta_pretplatnika'"); $row_grupa = gimme($CMT[table_select], $row_pret[pret_grupa], "select_id", "select_group='grupa_pretplatnika'"); $this->id_pretplatnik = $row_pret[id_pretplatnik]; $this->administrator = false; $this->username = $row_pret[pret_username]; $this->ime = $row_pret[pret_ime]; $this->status = $row_pret[pret_status]; $this->vrsta = $row_pret[pret_vrsta]; $this->vrstanaz = $row_vrsta[select_name]; $this->grupa = $row_pret[pret_grupa]; $this->grupanaz = $row_grupa[select_name]; $this->detalji = $row_pret; $this->dodaj_pretplate(); if($row_grupa[select_id]==='3') $this->interna_upotreba = true; } // endif is_array(row_pret)... } // endif id_pret if($operater=="K" && $id_pret) { // korisnik tj. administrator $row_pret = gimme($CMT[table_korisnik],$id_pret,"id"); if(is_array($row_pret) && $row_pret[id]===$id_pret) { $this->id_pretplatnik = $row_pret[id]; $this->administrator = true; $this->detalji = $row_pret; $this->interna_upotreba = true; } // endif is_array(row_pret)... } // endif id_pret } // eof __constructor // pretplatnik::dodaj_detalje function dodaj_pretplate() { global $CMT,$VArow; $sql = " SELECT * FROM $CMT[table_pretplata] p, $CMT[table_vrstacas] v WHERE p.pretplatnik_id=$this->id_pretplatnik AND p.pretplata_casopis=v.IDVrstaCas ORDER BY p.pretplata_datum DESC "; $res = mysql_query($sql) or die(mysql_error()."
$sql"); if(mysql_num_rows($res)) { while ($row_p=mysql_fetch_array($res,MYSQL_ASSOC)) { $this->stavki++; $this->pretplate[$this->stavki] = $row_p; $row_p[pretplata_pola]=='1' ? $pola_godine = convert_uni_2_web(", polugodišnja") : $pola_godine = ""; // verzije ispisa pretplate: kratko (aktivno+ova godina) if($row_p[pretplata_aktivno]=='1' && $row_p[pretplata_godina]>=date("Y")) $this->pretplate_kratko .= $row_p[Oznaka]."-".$row_p[pretplata_godina].$pola_godine."
"; // dugo (aktivno) if($row_p[pretplata_aktivno]=='1') $this->pretplate_dugo .= $row_p[Oznaka]."-".$row_p[pretplata_godina].$pola_godine."
"; // sve $this->pretplate_sve .= $row_p[Oznaka]."-".$row_p[pretplata_godina].$pola_godine."
"; } // while row } // >1 } // eof dodaj_stavku // moze_clanak function moze_clanak(&$row_clanak,&$row_casopis) { global $CMT,$VArow; /* trebam provjeriti da li je pretplatnik može ozvoriti ovaj članak */ if($this->interna_upotreba) return true; $this->error_message = ""; $retval = false; for($i=1;$i<=$this->stavki;$i++) { $this->error_message .= "/$i/ "; $row_p = $this->pretplate[$i]; // array tabele pret_pretplata if($row_p[pretplata_aktivno]==='1') { // aktivno if($row_p[pretplata_casopis]===$row_casopis[VrstaCasID]) { // taj casopis $god_c = (int) $row_casopis[Godina]; $mje_c = (int) $row_casopis[Mjesec]; $god_p = (int) $row_p[pretplata_godina]; if($row_p[pretplata_pola]==='1') $mjesec_pocetak = 7; else $mjesec_pocetak = 1; if($god_c==$god_p && $mje_c>=$mjesec_pocetak && $mje_c<=12) { // odgovara mjesec $retval = true; break; } else $this->error_message .= "Ne ogovara godina/mjesec
"; } // taj casopis else $this->error_message .= "Ne ogovara vrsta casopisa
"; } // aktivno else $this->error_message .= "Ne ogovara status ($row_p[pretplata_aktivno])
"; } return $retval; } // eof moze_clanak } // eoc pretplatnik // class korisnik class korisnik { // malo generalija public $id_korisnik = 0; public $username = ""; public $token = ""; public $ime = ""; public $firma_id = 0; public $firma; public $status = "0"; public $lastlogin = "0000-00-00 00:00:00"; public $grupe = array(); public $error_message = ""; // parametri ovisni o izvrsenju trenutnog wct_modula public $can_view = "0"; public $can_insert = "0"; public $can_update = "0"; public $can_delete = "0"; public $superadmin = "0"; // koje menue moze vidjeti public $mnu_list = ""; public $admmnu = 0; // koji menu treba prikazati? // za slucaj da se povezuje s nekim drugim adresarom public $veza = array(); // korisnik::__constructor function __construct($rowuser) { global $CMT,$VArow; if(is_array($rowuser)) { // postavi varijable $this->id_korisnik = $rowuser[id]; $this->username = $rowuser[kor_username]; $this->token = $rowuser[kor_token]; $this->ime = "$rowuser[kor_ime] $rowuser[kor_prezime]"; $this->firma_id = $rowuser[prog_firma]; $this->firma = new firma($this->firma_id); $this->status = $rowuser[kor_status]; $this->lastlogin = $rowuser[kor_prijava]; $this->admmnu = $rowuser[kor_prvimenu]; // postavi druge indikatore $this->get_menulist(); $this->get_privileges(); // i globalno... $CMT[prog_firma] = $this->firma_id; $CMT[prog_verzija] = $this->firma->verzija; } else $this->error_message = "Not an array!"; } // eof __constructor // get_menulist function get_menulist() { global $CMT,$HTTP_GET_VARS,$HTTP_POST_VARS,$HTTP_COOKIE_VARS,$QUERY_STRING,$rowuser; /* if($HTTP_COOKIE_VARS[wct_menu] && in_array($HTTP_COOKIE_VARS[wct_menu],$rowuser[mnu_arr])) $admmnu = $HTTP_COOKIE_VARS[wct_menu]; else $admmnu = $rowuser[mnu_arr][0]; */ // koji menui su mu na raspolaganju // odmah postavlja i redirekciju $sql_m = " SELECT * FROM $CMT[table_grupa] G, $CMT[table_clan] C WHERE G.grp_aktivna='1' AND C.clan_grupa=G.grp_id AND C.clan_korisnik=$this->id_korisnik ORDER BY clan_id "; $res_m = mysql_query($sql_m) or die(mysql_error()."
$sql_m"); $prvimenu = 0; if(mysql_num_rows($res_m)) { while ($row_m=mysql_fetch_array($res_m,MYSQL_ASSOC)) { // $rowuser[mnu_arr][] = $row_m[grp_menu]; if(empty($this->mnu_list)) $this->mnu_list = "'$row_m[grp_menu]'"; else $this->mnu_list .= ",'$row_m[grp_menu]'"; // ima li redirect? if($row_m[grp_redirect]) $CMT[login_redirect] = $row_m[grp_redirect]; // mozda ga treba postaviti jer je poslan preko _GET if($_GET[admmnu] === $row_m[grp_menu]) { // setcookie("wct_menu",$_GET[admmnu],time()+60*60*24*365); $this->admmnu = $_GET[admmnu]; } else { // ili je zapisan u cookie-u if($_COOKIE[wct_menu] === $row_m[grp_menu]) $this->admmnu = $row_m[grp_menu]; elseif ($row_m[clan_default]=='1') { $this->admmnu = $row_m[grp_menu]; } } if(empty($prvimenu)) // zapamti prvog $prvimenu = $row_m[grp_menu]; } // while row if(empty($this->admmnu)) $this->admmnu = $prvimenu; } // >1 } // eoc menulist // get_privileges function get_privileges() { global $CMT,$HTTP_GET_VARS,$HTTP_POST_VARS,$HTTP_COOKIE_VARS,$QUERY_STRING,$rowuser; if(empty($HTTP_GET_VARS[wct])) return; /* preuzima privilegije iz baze kor_pravo najprije gleda da li ima postavljeno direktno za sebe prv_KG='K' zatim da provjerava za sve grupe ciji je clan dobiva pravo ako ga ima bar u jednoj grupi */ //echo "u: $user_idvalue
"; // direktne postavke za njega kao korisnika $row_pravo = gimme($CMT[table_pravo],$this->id_korisnik,"prv_korisnik","prv_KG='K' AND prv_wct=$HTTP_GET_VARS[wct]"); if(is_array($row_pravo) && $row_pravo[prv_korisnik]==$this->id_korisnik) { //echo "direktno
"; $this->can_view = $row_pravo[prv_view]; $this->can_insert = $row_pravo[prv_insert]; $this->can_update = $row_pravo[prv_update]; $this->can_delete = $row_pravo[prv_delete]; return; } // da li je superman: clan grupe koja ima superadmin ovlasti $sql = " SELECT * FROM $CMT[table_grupa] G, $CMT[table_clan] C WHERE G.grp_id=C.clan_grupa AND G.grp_superadmin='1' AND C.clan_korisnik=$this->id_korisnik "; $res = mysql_query($sql) or die(mysql_error()."
$sql"); if(mysql_num_rows($res)) { //echo "superadmin
"; // $row_super=mysql_fetch_array($res,MYSQL_ASSOC); $this->can_view = '1'; $this->can_insert = '1'; $this->can_update = '1'; $this->can_delete = '1'; // superadmin ima "1111", ali neka se postavi i ovo, iako moze biti višak $this->superadmin = '1'; return; } // postavke grupe (koja nije superadmin) ciji je clan (1 ili vise) $sql = " SELECT * FROM $CMT[table_pravo] P, $CMT[table_grupa] G, $CMT[table_clan] C WHERE P.prv_KG='G' AND P.prv_wct=$HTTP_GET_VARS[wct] AND G.grp_id=P.prv_korisnik AND G.grp_id=C.clan_grupa AND G.grp_superadmin='0' AND C.clan_korisnik=$this->id_korisnik; "; $res = mysql_query($sql) or die(mysql_error()."
$sql"); if(mysql_num_rows($res)) { while ($row_pravo=mysql_fetch_array($res,MYSQL_ASSOC)) { // pridodjeljuje im pravo ako grupa ima pravo // ostavlja kako je ako grupa nema pravo $i++; $this->grupe[$i] = $row_pravo[grp_id]; if($row_pravo[prv_view]=='1') $this->can_view='1'; if($row_pravo[prv_insert]=='1') $this->can_insert='1'; if($row_pravo[prv_update]=='1') $this->can_update='1'; if($row_pravo[prv_delete]=='1') $this->can_delete='1'; } // while row } // >1 } // eof get_privileges // clan_grupe function clan_grupe($grp_id) { global $CMT,$HTTP_GET_VARS; if($grp_id && is_array($this->grupe)) { return (int) array_search($grp_id,$this->grupe); } else return 0; } // eof clan_grupe } // eoc pretplatnik // class firma class firma { public $id_firma = 0; public $naziv = ""; public $logo = ""; public $vrsta_obveznika = ""; public $verzija = ""; // verzija programa koju koristi ova firma public $oib = ""; public $detalji = array(); public $error_message = ""; // korisnik::__constructor function __construct($id_firma) { global $CMT,$VArow; if($id_firma) { $row_firma = gimme($CMT[table_partner],$id_firma,"id"); if(is_array($row_firma)) { $this->id_firma = $id_firma; $this->naziv = $row_firma[partneri_naziv]; if($row_firma[partneri_naziv2]) $this->naziv .= "
".$row_firma[partneri_naziv2]; $this->logo = $row_firma[partneri_logo]; $this->vrsta_obveznika = $row_firma[partneri_vrsta_obveznika]; $this->verzija = $row_firma[partneri_verzija]; $this->oib = $row_firma[partneri_oib]; $this->detalji = $row_firma; } else $this->error_message = "Nema firme sa ID:$id_firma"; } else $this->error_message = "Nije definiran ID firme"; } } // eoc firma // test_sql function test_sql() { echo phpinfo(); } // eof test_sql // upute_placa function upute_placa() { global $CMT,$HTTP_GET_VARS; $sql = " SELECT * FROM $CMT[table_help] WHERE sadrzaj_tema=1 ORDER BY sadrzaj_slijed "; $res = mysql_query($sql) or die(mysql_error()."
$sql"); if(mysql_num_rows($res)) { while($row=mysql_fetch_array($res)) { $retval .=<<$row[naslov]

EOTEMA1; } } return <<Upute za rad sa programom (kliknite na naziv teme za prikaz teksta)

$retval EOUPUTE; } // eof upute_placa // provjeri_username function provjeri_username() { global $CMT,$HTTP_GET_VARS; $CMT[template] = "cms/template_empty.php"; $trazim = trim($_GET[trazim]); if($trazim=='') return "0"; $preskoci = (int) $_GET[preskoci]; $sql = " SELECT * FROM $CMT[table_korisnik] WHERE kor_username='$trazim' AND id!=$preskoci LIMIT 1 "; $res = mysql_query($sql) or die(mysql_error()."
$sql"); $imaih = mysql_num_rows($res); if($imaih) return "-1"; else return "1"; } // eof provjeri_username // plupload_album /** * plupload glavna forma za unos fotku * * @param unknown_type $naslov * @param unknown_type $php_url * @param unknown_type $js_folder * @return unknown */ function plupload_album($naslov,$php_url,$js_folder,$trenutno_ima=0) { global $CMT,$rowt; if($trenutno_ima > 0) $trenutno_tekst = " (do sada unijeto $trenutno_ima)"; return <<


DODAJ NOVE FOTOGRAFIJE $trenutno_tekst

Your browser doesn't have Flash, Silverlight or HTML5 support.


EOPHOTOALBUM; } // eof plupload_album // odabir_photo /** * univerzalna procedura za prikaz fotki * */ function odabir_photo($row_gallery,$verzija='thumbs') { global $CMT; if(!is_array($row_gallery)) return ""; if($row_gallery['gall_aktivno']=='0') return ""; switch($verzija) { case 'thumbs': case 'lightbox': $WHERE_AKTIVNO = "AND photo_aktivno='1'"; break; case 'edt': $WHERE_AKTIVNO = ""; break; } $sql = " SELECT * FROM ".$CMT['table_photo']." WHERE photo_album=".$row_gallery['gall_id']." $WHERE_AKTIVNO AND prog_firma=".$CMT['prog_firma']." ORDER BY photo_rb "; $res = mysql_query($sql) or die(mysql_error()."
$sql"); $brojilo = 0; if($imanas = $res_rows=mysql_num_rows($res)) { while ($row_photo=mysql_fetch_array($res,MYSQL_ASSOC)) { $brojilo++; switch($verzija) { case 'thumbs': // samo thumbovi ispod clanaka $photo_arr = pathinfo($row_photo['photo_slika']); $mala_name = $photo_arr['filename']."_m.".$photo_arr['extension']; $mala_path = $CMT['root_folder']."dok/gallery/".$row_gallery['gall_id']."/".$mala_name; $retval .= "   "; break; case 'lightbox': // samo thumbovi ispod clanaka $photo_arr = pathinfo($row_photo['photo_slika']); $mala_name = $photo_arr['filename']."_m.".$photo_arr['extension']; $mala_path = $CMT['root_folder']."dok/gallery/".$row_gallery['gall_id']."/".$mala_name; $vela_name = $photo_arr['filename']."_v.".$photo_arr['extension']; $vela_path = $CMT['root_folder']."dok/gallery/".$row_gallery['gall_id']."/".$vela_name; $retval .= "   "; break; case 'edt': // samo thumbovi ispod clanaka $photo_arr = pathinfo($row_photo['photo_slika']); $mala_name = $photo_arr['filename']."_m.".$photo_arr['extension']; $mala_path = $CMT['root_folder_public']."dok/gallery/".$row_gallery['gall_id']."/".$mala_name; $vela_name = $photo_arr['filename']."_v.".$photo_arr['extension']; $vela_path = $CMT['root_folder_public']."dok/gallery/".$row_gallery['gall_id']."/".$vela_name; $sele_rb = select_num(1,$imanas,"rb[$brojilo]",$brojilo); $input_naslov = new input_field("text","naslov[$brojilo]","value=".$row_photo['photo_naslov']."||size=80"); $input_del = new input_field("checkbox","delete[$brojilo]","value=1"); $input_id = new input_field("hidden","rid[$brojilo]","value=".$row_photo['photo_id']); $retval .= " ".$input_id->generate_html()." $sele_rb ".$input_naslov->generate_html()." ".$input_del->generate_html()." "; break; } } // while mysql_fetch_array } // res_rows>0 return $retval; } // eof odabir_photo // odabir_gallery /** * univerzalna procedura za prikaz foto galerije * */ function odabir_gallery($verzija='thumbs') { global $CMT; switch($verzija) { case 'thumbs': $WHERE_AKTIVNO = "AND gall_aktivno='1'"; break; case 'edt': $WHERE_AKTIVNO = ""; break; } $sql = " SELECT * FROM ".$CMT['table_gallery']." WHERE prog_firma=".$CMT['prog_firma']." $WHERE_AKTIVNO ORDER BY gall_rb "; $res = mysql_query($sql) or die(mysql_error()."
$sql"); $brojilo = 0; if($imanas = $res_rows=mysql_num_rows($res)) { while ($row_gallery=mysql_fetch_array($res,MYSQL_ASSOC)) { $brojilo++; $row_photo = gimme($CMT['table_photo'],$row_gallery['gall_id'],"photo_album","photo_aktivno='1' ORDER BY photo_rb"); if(!is_array($row_photo)) // nema niti jedne fotke? continue; $href_gallery = href_gallery($row_gallery); switch($verzija) { case 'thumbs': // samo thumbovi ispod clanaka $photo_arr = pathinfo($row_photo['photo_slika']); $mala_name = $photo_arr['filename']."_m.".$photo_arr['extension']; $mala_path = $CMT['root_folder']."dok/gallery/".$row_gallery['gall_id']."/".$mala_name; $retval .= "

".$row_gallery['gall_naslov']."

".strip_tags($row_gallery['gall_tekst'])."



"; break; } } // while mysql_fetch_array } // res_rows>0 return $retval; } // eof odabir_gallery // href_gallery function href_gallery($row_gallery) { global $CMT,$HTTP_GET_VARS; return $CMT['root_folder']."foto-galerija/".$row_gallery['gall_id']."/"; } // eof href_gallery // plupload_js_cms // javascript-e koje se koriste kod cms-a // submit upisi (onClik) // submit odustani // checkRegForm // napravljeno prema require.inc.php:js_cms(); // function plupload_js_cms() { global $CMT,$HTTP_GET_VARS,$rowt; $this_table = "table_".$HTTP_GET_VARS[wct]; $a_polozaj = "a_".$rowt[tb_id_field]."_".$HTTP_GET_VARS[rid]; if(empty($_SESSION[$this_table])) $run_wct = "run=tab&wct=".$rowt['id']; else $run_wct =$_SESSION[$this_table]; // $REFERER = $CMT[wct_index]."?".$run_wct."#".$a_polozaj; $REFERER = $_SERVER['HTTP_REFERER']."#".$a_polozaj; return << EOJSCMS; } // eof plupload_js_cms // plupload_upload /** * php skripta koju poziva plupload * radi kopiranje na server, resize i spremanje u bazu * * @return unknown */ function plupload_upload() { global $CMT,$HTTP_GET_VARS; $CMT['template'] = "cms/template_empty.php"; // Make sure file is not cached (as it happens for example on iOS devices) header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); // da pripremimo sto trebamo // default resize $resize[1]['width'] = 800; $resize[2]['width'] = 240; // ovo je uvijek isto $resize[1]['sufiks'] = "_v"; // velika $resize[2]['sufiks'] = "_m"; // mala switch($_GET['app']) { case 'group': $row_group = gimme($CMT['table_group'],$_GET['rid'],"id"); $row_gallery = plupload_gallery_group($row_group); if(!is_array($row_gallery)) // ako nije array return $row_gallery; // onda je to poruka greske // resize if($row_group['group_resize']) $resize[1]['width'] = $row_group['group_resize']; if($row_group['group_thumb']) $resize[2]['width'] = $row_group['group_thumb']; break; case 'subgroup': $row_subgroup = gimme($CMT['table_subgroup'],$_GET['rid'],"id"); $row_group = gimme($CMT['table_group'],$row_subgroup['id_group'],"id"); $row_gallery = plupload_gallery_subgroup($row_subgroup,$row_group); if(!is_array($row_gallery)) // ako nije array return $row_gallery; // onda je to poruka greske // resize if($row_group['group_resize']) $resize[1]['width'] = $row_group['group_resize']; if($row_subgroup['subgr_resize']) $resize[1]['width'] = $row_subgroup['subgr_resize']; if($row_group['group_thumb']) $resize[2]['width'] = $row_group['group_thumb']; if($row_subgroup['subgr_thumb']) $resize[2]['width'] = $row_subgroup['subgr_thumb']; break; } /* // Support CORS header("Access-Control-Allow-Origin: *"); // other CORS headers if any... if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') { exit; // finish preflight CORS requests here } */ // 15 minutes execution time @set_time_limit(15 * 60); // Uncomment this one to fake upload time // usleep(5000); // Settings // $targetDir = ini_get("upload_tmp_dir") . "/" . "plupload"; // TREBA RADITI I NA WINDOWSIMA $root_folder = str_replace("/","/",$CMT['root_folder_public']); $targetDir = $_SERVER['DOCUMENT_ROOT'].$root_folder."dok"."/"."gallery"; $targetDir .= "/".$row_gallery['gall_id']; // $targetDir = 'uploads'; $cleanupTargetDir = true; // Remove old files $maxFileAge = 15 * 3600; // Temp file age in seconds // Create target dir if (!file_exists($targetDir)) { @mkdir($targetDir); } // Get a file name if (isset($_REQUEST["name"])) { $fileName = $_REQUEST["name"]; } elseif (!empty($_FILES)) { $fileName = $_FILES["file"]["name"]; } else { $fileName = uniqid("file_"); } $name_arr = pathinfo($_REQUEST["name"]); // samo unique $uniqueid = uniqid("photo_"); $fileName = $uniqueid.".".$name_arr['extension']; $fileName_v = $uniqueid."_v.".$name_arr['extension']; $fileName_m = $uniqueid."_m.".$name_arr['extension']; $filePath = $targetDir . "/" . $fileName; $filePath_v = $targetDir . "/" . $fileName_v; $filePath_m = $targetDir . "/" . $fileName_m; // moj log file /* $log_file = "photo_log.txt"; $log_handler = fopen($log_file,'a+'); fwrite($log_handler,$filePath."\n".date("d.m.Y H:i:s")."\n"); foreach ($_GET as $key => $value) fwrite($log_handler,"GET:".$key."="."$value\n"); foreach ($_POST as $key => $value) fwrite($log_handler,"POST:".$key."="."$value\n"); fwrite($log_handler,"------------\n"); fwrite($log_handler,"targetDir=".$targetDir."\n"); fwrite($log_handler,"filePath=".$filePath."\n"); fwrite($log_handler,"\n\n"); fclose($log_handler); */ // Chunking might be enabled $chunk = isset($_REQUEST["chunk"]) ? intval($_REQUEST["chunk"]) : 0; $chunks = isset($_REQUEST["chunks"]) ? intval($_REQUEST["chunks"]) : 0; // Remove old temp files if ($cleanupTargetDir) { if (!is_dir($targetDir) || !$dir = opendir($targetDir)) { return '{"jsonrpc" : "2.0", "error" : {"code": 100, "message": "Failed to open temp directory."}, "id" : "id"}'; } while (($file = readdir($dir)) !== false) { $tmpfilePath = $targetDir . "/" . $file; // If temp file is current file proceed to the next if ($tmpfilePath == "{$filePath}.part") { continue; } // Remove temp file if it is older than the max age and is not the current file if (preg_match('/\.part$/', $file) && (filemtime($tmpfilePath) < time() - $maxFileAge)) { @unlink($tmpfilePath); } } closedir($dir); } // Open temp file if (!$out = @fopen("{$filePath}.part", $chunks ? "ab" : "wb")) { return '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}'; } if (!empty($_FILES)) { if ($_FILES["file"]["error"] || !is_uploaded_file($_FILES["file"]["tmp_name"])) { return '{"jsonrpc" : "2.0", "error" : {"code": 103, "message": "Failed to move uploaded file."}, "id" : "id"}'; } // Read binary input stream and append it to temp file if (!$in = @fopen($_FILES["file"]["tmp_name"], "rb")) { return '{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}'; } } else { if (!$in = @fopen("php://input", "rb")) { return '{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}'; } } while ($buff = fread($in, 4096)) { fwrite($out, $buff); } @fclose($out); @fclose($in); // Check if file has been uploaded if (!$chunks || $chunk == $chunks - 1) { // Strip the temp .part suffix off rename("{$filePath}.part", $filePath); // dodatni resize! copy($filePath,$filePath_v); please_resize_php($filePath_v,$resize[1]['width']); copy($filePath,$filePath_m); please_resize_php($filePath_m,$resize[2]['width']); // spremi u bazu! $AZU1['photo_album'] = $row_gallery['gall_id']; $AZU1['photo_rb'] = autoinc2($CMT['table_photo'],"photo_rb","photo_album=".$row_gallery['gall_id']); $AZU1['photo_slika'] = $fileName; $AZU1['photo_naslov'] = $row_gallery['gall_naslov']; // za pocetak $AZU1['photo_origigi'] = $_REQUEST["name"]; $AZU1['photo_aktivno'] = '1'; $AZU1['prog_firma'] = $CMT['prog_firma']; // spremi u log file $log_file = "photo_log.txt"; $log_handler = fopen($log_file,'a+'); fwrite($log_handler,"UPLOADED: ".$filePath."\n".date("d.m.Y H:i:s")."\n"); fwrite($log_handler,$_REQUEST["name"]."\n"); foreach ($AZU1 as $key => $value) fwrite($log_handler,"$key=$value"."\n"); fwrite($log_handler,"\n\n"); fclose($log_handler); azuriraj($AZU1,$CMT['table_photo'],"I",""); } // Return Success JSON-RPC response return '{"jsonrpc" : "2.0", "result" : null, "id" : "id"}'; } // eof plupload_upload // plupload_gallery_group /** * na osnovu wcr_group vrati row_gallery * * @return unknown */ function plupload_gallery_group($row_group) { global $CMT; if(is_array($row_group)) { $row_gallery = gimme($CMT['table_gallery'],$row_group['id'],"gall_rid","gall_veza='".$CMT['table_group']."'"); if(!is_array($row_gallery)) { $AZU['gall_naslov'] = $row_group['group_title']; $AZU['gall_date'] = $row_group['group_date']; $AZU['gall_tekst'] = ""; // $row_group['group_introtxt']; $AZU['gall_veza'] = $CMT['table_group']; $AZU['gall_rid'] = $row_group['id']; $AZU['gall_rb'] = autoinc2($CMT['table_gallery'],"gall_rb","prog_firma=".$CMT['prog_firma']); $AZU['gall_aktivno'] = '1'; $AZU['prog_firma'] = $CMT['prog_firma']; azuriraj($AZU,$CMT['table_gallery'],"I",""); $AZU['gall_id'] = $CMT['insert_id']; if(empty($AZU['gall_id'])) return '{"jsonrpc" : "2.0", "error" : {"code": 111, "message": "Greska kod stvaranja nove galerije."}, "id" : "id"}'; else $row_gallery = gimme($CMT['table_gallery'],$AZU['gall_id'],"gall_id"); if(!is_array($row_gallery)) return '{"jsonrpc" : "2.0", "error" : {"code": 112, "message": "Greska kod otvaranja galerije."}, "id" : "id"}'; } } else { return '{"jsonrpc" : "2.0", "error" : {"code": 110, "message": "Pogresna rubrika."}, "id" : "id"}'; } return $row_gallery; } // eof plupload_gallery_group // plupload_gallery_subgroup /** * na osnovu wcr_subgroup vrati row_gallery * * @return unknown */ function plupload_gallery_subgroup($row_subgroup,$row_group) { global $CMT; if(!is_array($row_group)) return '{"jsonrpc" : "2.0", "error" : {"code": 110, "message": "Pogresna rubrika."}, "id" : "id"}'; if(is_array($row_subgroup)) { $row_gallery = gimme($CMT['table_gallery'],$row_subgroup['id'],"gall_rid","gall_veza='".$CMT['table_subgroup']."'"); if(!is_array($row_gallery)) { $AZU['gall_naslov'] = $row_subgroup['subgr_title']; $AZU['gall_date'] = $row_subgroup['subgr_date']; $AZU['gall_tekst'] = ""; //$row_subgroup['subgr_text']; $AZU['gall_veza'] = $CMT['table_subgroup']; $AZU['gall_rid'] = $row_subgroup['id']; $AZU['gall_rb'] = autoinc2($CMT['table_gallery'],"gall_rb","prog_firma=".$CMT['prog_firma']); $AZU['gall_aktivno'] = '1'; $AZU['prog_firma'] = $CMT['prog_firma']; azuriraj($AZU,$CMT['table_gallery'],"I",""); $AZU['gall_id'] = $CMT['insert_id']; if(empty($AZU['gall_id'])) return '{"jsonrpc" : "2.0", "error" : {"code": 111, "message": "Greska kod stvaranja nove galerije."}, "id" : "id"}'; else $row_gallery = gimme($CMT['table_gallery'],$AZU['gall_id'],"gall_id"); if(!is_array($row_gallery)) return '{"jsonrpc" : "2.0", "error" : {"code": 112, "message": "Greska kod otvaranja galerije."}, "id" : "id"}'; } } else { return '{"jsonrpc" : "2.0", "error" : {"code": 113, "message": "Pogresna podrubrika."}, "id" : "id"}'; } return $row_gallery; } // eof plupload_gallery_subgroup // plupload_del_photo /** * brise jednu sliku iz foldera * * @param unknown_type $row_gallery * @param unknown_type $row_photo * @return unknown */ function plupload_del_photo($row_gallery,$row_photo) { global $CMT,$HTTP_GET_VARS; $root_folder = str_replace("/","/",$CMT['root_folder_public']); $targetDir = $_SERVER['DOCUMENT_ROOT'].$root_folder."dok"."/"."gallery"; $targetDir .= "/".$row_gallery['gall_id']; $name_arr = pathinfo($row_photo['photo_slika']); // samo unique $fileName = $name_arr['filename'].".".$name_arr['extension']; $fileName_v = $name_arr['filename']."_v.".$name_arr['extension']; $fileName_m = $name_arr['filename']."_m.".$name_arr['extension']; $filePath = $targetDir . "/" . $fileName; $filePath_v = $targetDir . "/" . $fileName_v; $filePath_m = $targetDir . "/" . $fileName_m; if(file_exists($filePath)) unlink($filePath); if(file_exists($filePath_v)) unlink($filePath_v); if(file_exists($filePath_m)) unlink($filePath_m); return ""; } // eof plupload_del_photo // uploadni_dok function uploadani_dok($app,$rid,$verzija="") { global $CMT,$HTTP_GET_VARS; switch($app) { case "misljenje": $dok_upload_folder = "misljenja"; break; case "vijest": $dok_upload_folder = "novosti"; break; case "newsletter": $dok_upload_folder = "newsletter"; break; case "clanak": $dok_upload_folder = "clanak"; break; default: return ""; } $sql = " SELECT * FROM ".$CMT['table_wcr_dok']." WHERE dok_veza='$app' AND dok_veza_id=$rid AND prog_firma=".$CMT['prog_firma']." ORDER BY dok_rb "; $res = mysql_query($sql) or die(mysql_error()."
$sql"); if($imanas=mysql_num_rows($res)) { while($row_dok=mysql_fetch_array($res,MYSQL_ASSOC)) { $brojilo++; $pdf_full_path = $_SERVER['DOCUMENT_ROOT'].$CMT['root_folder_public']."dok/$dok_upload_folder/".$row_dok['dok_veza_id']."/".$row_dok['dok_filename']; $pdf_http_path = "http://".$_SERVER['SERVER_NAME'].$CMT['root_folder_public']."dok/$dok_upload_folder/".$row_dok['dok_veza_id']."/".$row_dok['dok_filename']; $pdf_path = $CMT['root_folder_public']."dok/$dok_upload_folder/".$row_dok['dok_veza_id']."/".$row_dok['dok_filename']; if(file_exists($pdf_full_path)) { $onClick = "ow2('$pdf_http_path');"; $show_dok = "PrikaĹži dokument"; } else $show_dok = " "; $size = filesize($pdf_full_path); $size = num2cro($size/1000,0)." kB"; $sele_rb = select_num(1,$imanas,"rb[".$row_dok['dok_id']."]",$brojilo); $retval_default .= " $sele_rb ".$row_dok['dok_origigi']." $show_dok $size obrisati "; $retval_prikaz .= "".$row_dok['dok_origigi']."
"; $retval_attach[] = $pdf_full_path."||".$row_dok['dok_origigi']; } $retval_default = "

Uplodani dokumenti

$retval_default
r.b. Dokument Otvori Veličina  


"; } switch($verzija) { case 'prikaz': return $retval_prikaz; break; case 'attach': return $retval_attach; break; default: return $retval_default; } } // eof uploadni_dok // hgk_adresar function hgk_adresar() { global $CMT,$HTTP_GET_VARS; $farr = file("materijal/hgk_adresar.txt"); foreach ($farr as $key=>$redak) { $string .= trim(chop($redak)); } // echo "$string
"; $sarr = explode(",",$string); foreach ($sarr as $key=>$adresa) { $adresa = str_replace('<','|',$adresa); $adresa = str_replace('>','|',$adresa); $aar = explode('|',$adresa); list($osoba,$domena) = explode('@',$aar[1]); // echo "$adresa
"; $retval .= " $aar[0] $aar[1] $domena "; $brojilo++; $UST[ust_sifra] = $brojilo; $UST[ust_grupa] = 3; // firme $UST[ust_naziv] = trim($aar[0]); $UST[ust_zupanija] = 11; $UST[ust_web] = $domena; $UST[ust_email] = trim($aar[1]); $UST[prog_firma] = 6; azuriraj($UST,"oblak_org.fin_ustanova_3","I",""); } return " $retval
naziv email domena
"; } // eof hgk_adresar // exit_404 function exit_404() { global $CMT; header("HTTP/1.1 404 File not found"); exit("

404 - File not found

"); } // eof exit_404 ?>id_korisnik"); // $getarr = parse_str($QUERY_STRING); $getarr = explode('&',$QUERY_STRING); $LOG_STRING = ""; foreach($getarr as $key=>$value) { // prepare return path list($key2,$value2) = explode('=',$value); switch ($key2) { case 'rid': break; case 'run': $LOG_STRING .= "run=tab"; break; case 'runval': // $LOG_STRING .= "run=$value2&"; break; default: $LOG_STRING .= "$key2=$value2&"; } } // log file $log_query= "INSERT INTO log_file (l_time,l_login,l_table,l_ip,l_action,l_attach,l_aff_rows,l_updstring,l_updwhere) VALUES (NOW(),'$classuser->id_korisnik','$user_table','$REMOTE_ADDR','O','','','$cookiename','')"; $log_result = mysql_query ($log_query) or die ("Log file corupt!" . mysql_error()); if(empty($CMT[logout_redirect])) $CMT[logout_redirect] = $CMT[wct_index].'?'.$LOG_STRING; return <<location.replace('$CMT[logout_redirect]'); EOLOGOUT; } // eof cmt_logout // CMT_LOGIN function cmt_login($ID,&$rowt) { global $CMT,$HTTP_GET_VARS,$HTTP_POST_VARS,$HTTP_COOKIE_VARS,$QUERY_STRING,$rowuser,$classuser; $retval = ""; foreach($HTTP_GET_VARS as $key=>$value) { $$key=$value; $retval .= "$key: $value
"; } foreach($HTTP_POST_VARS as $key=>$value) { $$key=$value; $retval .= "$key: $value
"; } $user_pattern = "/^([a-zA-Z0-9_-]){2,25}$/"; // slova, brojke, underscore i minus // if((empty($username) || empty($password))) if(!preg_match($user_pattern,$username) || !preg_match($user_pattern,$password)) return diehard("




Neispravno korisničko ime/lozinka

","",""); $cookiename = $rowt[tb_cookiename]; $user_table = $CMT[user_table]; $user_table_id = $CMT[user_table_id]; $user_table_username = $CMT[user_table_username]; $user_table_password = $CMT[user_table_password]; $user_table_status = $CMT[user_table_status]; // ima li polje za provjeru statusa $user_table_token = $CMT[user_table_token]; $user_table_lastlogin = $CMT[user_table_lastlogin]; if($user_table_status) $where_status = "$user_table_status='1'"; else $where_status = ""; $usrrow = gimme($user_table,$username,$user_table_username,$where_status); /* echo "$user_table,$username,$user_table_username,$where_status
"; foreach($usrrow as $key => $value) { $$key = $value; echo "$key: $value
"; } echo "
".$usrrow[$user_table_username]."==$username
".$usrrow[$user_table_password]."==$password
"; */ if($usrrow[$user_table_username]===$username && $usrrow[$user_table_password]===$password) { // $getarr = parse_str($QUERY_STRING); $getarr = explode('&',$QUERY_STRING); $LOG_STRING = ""; foreach($getarr as $key=>$value) { // prepare return path list($key2,$value2) = explode('=',$value); switch ($key2) { case 'run': break; case 'runval': $LOG_STRING .= "run=$value2&"; break; default: $LOG_STRING .= "$key2=$value2&"; } } // now set cookie $cookieval = $usrrow[$user_table_id]; // sada koristim token, a ne id! $user_hash = wct_hash(); $cookieval = $user_hash; $user_idvalue = $usrrow[$user_table_id]; // echo "$user_table_id ==> $user_idvalue
"; $la["mday"] = 1; $va = getdate(time()); $cookietime = mktime($va["hours"]+$la["hours"], $va["minutes"]+$la["minutes"], $va["seconds"]+$la["seconds"], $va["mon"]+$la["mon"], $va["mday"]+$la["mday"], $va["year"]+$la["year"]); if (setcookie($cookiename,$cookieval,$cookietime)) { // UPUŠI U BAZU! $AZU1[$user_table_token] = $user_hash; $AZU1[$user_table_lastlogin] = date("Y-m-d H:i:s");; azuriraj($AZU1,$user_table,"U","$user_table_id=$user_idvalue",true,false,false); // $LOG_STRING="run=tab&wct=$rowt[id]"; // return ""; $rowuser = $usrrow; if($user_table===$CMT[table_pretplatnik]) $classuser = new pretplatnik($rowuser[id_pretplatnik]); get_privileges($user_idvalue); $afunkcija = $CMT[login_redirect]; if(function_exists($afunkcija)) { $CMT[login_redirect] = $afunkcija($usrrow); } if(empty($CMT[login_redirect])) $CMT[login_redirect] = $CMT[wct_index].'?'.$LOG_STRING; // log_file $log_query= "INSERT INTO log_file (l_time,l_login,l_table,l_ip,l_action,l_attach,l_aff_rows,l_updstring,l_updwhere) VALUES (NOW(),'$rowuser[id]','$user_table','$REMOTE_ADDR','L','','','$cookiename','')"; $log_result = mysql_query ($log_query) or die ("Log file corupt!" . mysql_error()); if ($CMT[auto_proceed]) return " "; else return diehard("Prijava uspjela!",$CMT[login_redirect],"Nastavi"); } else return diehard("Prijava nije uspjela!","index.php","Nastavi"); } else { unset($rowuser); unset($classuser); return diehard(convert_uni_2_web("

Neispravno korisničko ime/lozinka"),"$CMT[logout_redirect]","Povratak"); } } // eof cmt_login // get_privileges function get_privileges($user_idvalue) { global $CMT,$HTTP_GET_VARS,$HTTP_POST_VARS,$HTTP_COOKIE_VARS,$QUERY_STRING,$rowuser; /* preuzima privilegije iz baze kor_pravo najprije gleda da li ima postavljeno direktno za sebe prv_KG='K' zatim da provjerava za sve grupe ciji je clan dobiva pravo ako ga ima bar u jednoj grupi */ // default privileges $rowuser[can_view] = '0'; $rowuser[can_insert] = '0'; $rowuser[can_update] = '0'; $rowuser[can_delete] = '0'; $rowuser[superadmin] = '0'; // koji menui su mu na raspolaganju $sql_m = " SELECT * FROM $CMT[table_grupa] G, $CMT[table_clan] C WHERE G.grp_aktivna='1' AND C.clan_grupa=G.grp_id AND C.clan_korisnik=$user_idvalue "; $res_m = mysql_query($sql_m) or die_hard(mysql_error()."
$sql_m"); if(mysql_num_rows($res_m)) { while ($row_m=mysql_fetch_array($res_m,MYSQL_ASSOC)) { $rowuser[mnu_arr][] = $row_m[grp_menu]; if(empty($rowuser[mnu_list])) $rowuser[mnu_list] = "'$row_m[grp_menu]'"; else $rowuser[mnu_list] .= ",'$row_m[grp_menu]'"; // ima li redirect? if($row_m[grp_redirect]) $CMT[login_redirect] = $row_m[grp_redirect]; } // while row } // >1 //echo "u: $user_idvalue
"; // direktne postavke za njega kao korisnika $row_pravo = gimme($CMT[table_pravo],$user_idvalue,"prv_korisnik","prv_KG='K' AND prv_wct=$HTTP_GET_VARS[wct]"); if(is_array($row_pravo) && $row_pravo[prv_korisnik]==$user_idvalue) { //echo "direktno
"; $rowuser[can_view] = $row_pravo[prv_view]; $rowuser[can_insert] = $row_pravo[prv_insert]; $rowuser[can_update] = $row_pravo[prv_update]; $rowuser[can_delete] = $row_pravo[prv_delete]; return; } // da li je superman: clan grupe koja ima superadmin ovlasti $sql = " SELECT * FROM $CMT[table_grupa] G, $CMT[table_clan] C WHERE G.grp_id=C.clan_grupa AND G.grp_superadmin='1' AND C.clan_korisnik=$user_idvalue "; $res = mysql_query($sql) or die_hard(mysql_error()."
$sql"); if(mysql_num_rows($res)) { //echo "superadmin
"; // $row_super=mysql_fetch_array($res,MYSQL_ASSOC); $rowuser[can_view] = '1'; $rowuser[can_insert] = '1'; $rowuser[can_update] = '1'; $rowuser[can_delete] = '1'; // superadmin ima "1111", ali neka se postavi i ovo, iako moze biti višak $rowuser[superadmin] = '1'; return; } // postavke grupe (koja nije superadmin) ciji je clan (1 ili vise) $sql = " SELECT * FROM $CMT[table_pravo] P, $CMT[table_grupa] G, $CMT[table_clan] C WHERE P.prv_KG='G' AND P.prv_wct=$HTTP_GET_VARS[wct] AND G.grp_id=P.prv_korisnik AND G.grp_id=C.clan_grupa AND G.grp_superadmin='0' AND C.clan_korisnik=$user_idvalue "; $res = mysql_query($sql) or die_hard(mysql_error()."
$sql"); if(mysql_num_rows($res)) { while ($row_pravo=mysql_fetch_array($res,MYSQL_ASSOC)) { // pridodjeljuje im pravo ako grupa ima pravo // ostavlja kako je ako grupa nema pravo //echo "grupa: $row_pravo[grp_naziv]
"; if($row_pravo[prv_view]=='1') $rowuser[can_view]='1'; if($row_pravo[prv_insert]=='1') $rowuser[can_insert]='1'; if($row_pravo[prv_update]=='1') $rowuser[can_update]='1'; if($row_pravo[prv_delete]=='1') $rowuser[can_delete]='1'; } // while row } // >1 } // eof get_privileges // COOKIE_USER function cookie_user() { global $CMT,$HTTP_COOKIE_VARS,$rowt,$VArow,$QUERY_STRING,$rowuser,$classuser; $cookiename = $rowt[tb_cookiename]; $user_table = $CMT[user_table]; $user_table_id = $CMT[user_table_id]; $user_table_username = $CMT[user_table_username]; $user_table_fullname = $CMT[user_table_fullname]; $user_table_myurl = $CMT[user_table_myurl]; $user_table_status = $CMT[user_table_status]; // ima li polje za provjeru statusa $user_table_token = $CMT[user_table_token]; $user_table_lastlogin = $CMT[user_table_lastlogin]; if($user_table_status) $where_status = "$user_table_status='1'"; else $where_status = ""; // replace run=tab|row|... with run=log, other variables stay as is // remember value for run to restore url after login // $getarr = parse_str($QUERY_STRING); $getarr = explode('&',$QUERY_STRING); $LOG_STRING = ""; foreach($getarr as $key=>$value) { // $$key=$value; // echo "$key: $value
"; list($key2,$value2) = explode('=',$value); if($key2=='run') $LOG_STRING .= "runval=$value2&"; else $LOG_STRING .= "$key2=$value2&"; } if (!empty($HTTP_COOKIE_VARS[$cookiename])) { // uzmi preko hash-a $rowuser = gimme($user_table,$HTTP_COOKIE_VARS[$cookiename],$user_table_token,$where_status); // $rowuser = gimme($user_table,$HTTP_COOKIE_VARS[$cookiename],$user_table_id,$where_status); $classuser = new korisnik($rowuser); //print_r($classuser); //die(); // get_privileges($HTTP_COOKIE_VARS[$cookiename]); $retval[0] = $rowuser[$user_table_id]; // id eval("\$retval[1] = \"$user_table_fullname\";"); //"$rowuser[kor_ime] $rowuser[kor_prezime]"; // username $retval[2] = $rowuser[$user_table_username]; $LOG_STRING .= "run=logout"; // login param $log_mess = $CMT[logout_mess]; } else { $retval[0] = 0; // id $retval[1] = ''; // username $LOG_STRING .= "run=login"; // login param } return $retval; } // eof cookie_user // WCT_PRIVILEG // ovo bas i ne kotistim function wct_privileg($user_id) { /* privremeno razlikujem 0 nelogirani 1 obični user 9 superadmin tj ja :)) */ if(empty($user_id)) $level = '0'; else { if($user_id == '3') return '9'; else return '1'; } return $level; } // eof wct_privileg // STRKEY_VALUE function strkey_value($table,$field,$value,$return_field='') { global $CMT; /* strange key: input: table name, strangekey name, strkey value, field_name_to_return_value return: value in the field from the table defined in wct_strkey */ // get definitions from wct_strkey $selstring = " select * from $CMT[table_wct_strkey] where `id_table`='$table' and `str_field`='$field' limit 1 "; $strres = mysql_query($selstring) or die_hard(mysql_error()."
$selstring"); if(mysql_num_rows($strres)=='1') { $strrow = mysql_fetch_array($strres,MYSQL_ASSOC) or die_hard(mysql_error()."
$selstring"); $filter_exp = $strrow[target_filter]; eval("\$filter_show = \"$filter_exp\";"); if(empty($filter_show)) $filter_show = "1"; $filter_table = $strrow[target_table]; eval("\$target_table = \"$filter_table\";"); $srow = gimme($target_table,$value,$strrow[target_key],$filter_show); // get the row from target table if(empty($return_field)) // value to return ($return_field) $return_field = $strrow[target_return]; // default: name defined in wct_strkey $arrfields = explode(',',$return_field); if (is_array($arrfields)) { $retval = ""; foreach($arrfields as $key=>$value) { // $$key=$value; $retval .= $srow[$value]." "; } } else $retval = $srow[$return_field]; } else die_hard("strkey_value: No match
$selstring"); return $retval; } // eof strkey_value // NAVIGATE function navigate(&$pagestart,&$pageitems,$TOTALITEMS,$ID,$filter="") { global $CMT,$HTTP_GET_VARS,$HTTP_POST_VARS,$VArow; /* (navigation) page: 1 2 3 4 5 ..... 10 each page displays $pageitems items $pagestart is actual page $TOTALITEMS is total items from database */ $maxpages = ceil($TOTALITEMS / $pageitems); $pagestart = max($pagestart,1); // check if pagestart is valid $pagestart = min($pagestart,$maxpages); $frombegin = $pagestart - 1; $fromend = $maxpages - $pagestart; if(empty($filter)) $gofilter = ""; else $gofilter = "&filt=$filter"; if($maxpages<=$CMT[navpages]) // can show all { $stratfrom = 1; $endat = $maxpages; } $add=true; $istart = $iend = $pagestart; for($i=1;$i<=$CMT[navpages];$i++) // itteration (left <--> right) { if($add) $iend = min($istart + $i, $maxpages); else $istart = max($iend - $i, 1); $add=!$add; } $CMT['wct_uk_stranica'] = $maxpages; $CMT['wct_strana'] = $pagestart; // include other GET variables $gonavvar = ""; /* priprema GET varijabli ako se spominje kvart ne treba naselje, mjesto, zupanija, regija ako se spominje naselje ne treba mjesto, zupanija, regija ako se spominje mjesto ne treba zupanija, regija ako se spominje zupanija ne treba regija */ if (function_exists(prepare_GET)) prepare_GET($HTTP_GET_VARS); foreach($HTTP_GET_VARS as $key=>$value) { switch ($key) { case 'run': case 'id': case 'start': case 'items': case 'filt': case 'wct': break; case 'FILTER_STRING': if (!empty($HTTP_GET_VARS[filt])) $gonavvar .= "&$key=$value"; break; default: if(!empty($value)) $gonavvar .= "&$key=$value"; } } // finally, show it $retval = ""; $prev = $pagestart; $next = $maxpages; // display section // navigation $row_nav = gimme($CMT[table_wct_navigation],$ID,"id_table"); if(is_array($row_nav)) { foreach ($row_nav as $nav_key => $nav_value) { if(substr($nav_key,0,4) == 'nav_') // fields nav_* transfer to $VArow[nav_*] { $VArow[$nav_key] = $nav_value; // echo "$nav_key => $nav_value
"; } } } // default:: show indicators: ind_* if(!isset($VArow[nav_ind_show])) $VArow[nav_ind_show] = '1'; if(!isset($VArow[nav_ind_first])) $VArow[nav_ind_first] = '1'; if(!isset($VArow[nav_ind_last])) $VArow[nav_ind_last] = '1'; if(!isset($VArow[nav_ind_previous])) $VArow[nav_ind_previous] = '1'; if(!isset($VArow[nav_ind_next])) $VArow[nav_ind_next] = '1'; // default:: show labels(text) if(!isset($VArow[nav_show_page])) $VArow[nav_show_page] = "Stranica "; if(!isset($VArow[nav_first])) $VArow[nav_first] = "prva"; if(!isset($VArow[nav_last])) $VArow[nav_last] = "zadnja"; //$VArow[nav_last] .= ": $maxpages"; if(!isset($VArow[nav_previous])) $VArow[nav_previous] = "prethodna"; if(!isset($VArow[nav_next])) $VArow[nav_next] = convert_uni_2_web("sljedeća"); if(@file_exists($CMT[nav_include])) include($CMT[nav_include]); else { // default navigation $ret0 = "$VArow[nav_show_page] $pagestart/$maxpages"; for($i=$istart;$i<=$iend;$i++) { // dodajem i navigaciju preko
  • // i prebacujem to u $CMT da bude dostupno dizajnu if($i==$pagestart) { $retval.="$i"; if(function_exists($CMT[navigate_active])) $CMT[navigate_retval] .= $CMT[navigate_active]($i,'#'); else $CMT[navigate_retval] .= "
  • $i
  • "; } else { $href_1nav = "$CMT[wct_index]?run=tab&wct=$ID$gofilter$gonavvar&start=$i&items=$pageitems"; $retval.=" $i "; if(function_exists($CMT[navigate_goto])) $CMT[navigate_retval] .= $CMT[navigate_goto]($i,$href_1nav); else $CMT[navigate_retval] .= "
  • $i
  • "; } if($i<$pagestart) $prev = $i; if($i>$pagestart) $next = min($i,$next); } $href_punolivo = "$CMT[wct_index]?run=tab&wct=$ID$gofilter$gonavvar&start=$prev&items=$pageitems"; if(function_exists($CMT[navigate_left])) $CMT[navigate_retval] = $CMT[navigate_left]($i,$href_punolivo) . $CMT[navigate_retval]; $href_punodesno = "$CMT[wct_index]?run=tab&wct=$ID$gofilter$gonavvar&start=$next&items=$pageitems"; if(function_exists($CMT[navigate_right])) $CMT[navigate_retval] .= $CMT[navigate_right]($i,$href_punodesno); if($pagestart==1) $ret1 = "$VArow[nav_first]"; else $ret1 = "$VArow[nav_first]"; if($pagestart==$prev) $retprev = "$VArow[nav_previous]"; else $retprev = "$VArow[nav_previous]"; if($pagestart==$next) $retnext = "$VArow[nav_next]"; else $retnext = "$VArow[nav_next]"; if($pagestart==$maxpages) $retlast = "$VArow[nav_last]"; else $retlast = "$VArow[nav_last]"; // sve imaju href da ne bi skakali po ekranu $ret1 = "$VArow[nav_first]"; //$ret1 = ""; $retprev = " $VArow[nav_previous]"; //$retprev = ""; $retnext = "$VArow[nav_next]   "; //$retnext = ""; $retlast = "$VArow[nav_last] "; //$retlast = ""; // show them all if(!$VArow[nav_ind_show]) $ret0 = ""; if(!$VArow[nav_ind_first]) $ret1 = ""; if(!$VArow[nav_ind_previous]) $retprev = ""; if(!$VArow[nav_ind_next]) $retnext = ""; if(!$VArow[nav_ind_last]) $retlast = ""; if(empty($VArow[nav_class])) $VArow[nav_class] = "wct_navigate"; // sikus i dalje $retval =<< $ret0 $ret1 $retprev $retval $retnext $retlast EONAVIG; // /maxpages if(!empty($VArow[nav_align])) { $retval = "
    $retval
    "; } } // eo default navigation if($maxpages<=1) { if(isset($VArow[nav_ignore1page])) { if($VArow[nav_ignore1page]=='1') $retval = ""; } else $retval = ""; // default: ne prikazuje } return $retval; } // eof navigate // GET_ATTRIBUTES function get_attributes($atable,$aid) { global $CMT; // atable moze biti definirana sa database.atable if(strpos($atable,'.')) list($database,$atable) = explode('.',$atable); $WHERE = "wct_item='$atable' and id_item='$aid'"; $row=gimme2($CMT[table_wct_attribute],$WHERE); $classset = false; $retval = ''; if(is_array($row)) { foreach($row as $key=>$value) { $$key=$value; foreach($value as $key2=>$value2) { $$key2=$value2; } // att_value moze imati varijable! eval("\$eval_value = \"$att_value\";"); $retval .= "$att_name=\"$eval_value\" "; if ($att_name=='class') $classset = true; } } // is_array if (!$classset && $atable=='wct_table') // default wct only for wct_table $retval = "class=\"wct\" $retval"; return $retval; } // eof get_attributes // CMT_TR function cmt_tr(&$rowt,&$rowtr,&$rowtd) { global $CMT,$HTTP_GET_VARS; $colspan = $rowt[MAXTD] + $rowt[tb_update]+$rowt[tb_delete]; $tdparams = 'colspan="'.$colspan.'" class="title"'; $title_exp = $rowt[tb_caption]; if(function_exists($title_exp)) // A function { $title_show = $title_exp(); } else // B expression { eval("\$title_show = \"$title_exp\";"); } // // table name $titval =<< $title_show EOCMTTH0; if ($rowt[tb_showtitle]==0) $titval=""; $tdparams = 'class="header"'; $tdval = ""; for($i=1;$i<=$rowt[MAXTD];$i++) // column names { $caption_exp = $rowtd[$i][td_caption]; if(function_exists($caption_exp)) // A function { $caption_show = $caption_exp(); } else // B expression { eval("\$caption_show = \"$caption_exp\";"); } $tdval .=<<$caption_show EOTH1; } /* if($rowt[tb_update]=='1') $tdval .= " "; if($rowt[tb_delete]=='1') $tdval .= " "; */ // u zaglavlju iznad upd/del ubaciti + dodaj, ako ima update=1 ili delete=1 $col2span = $rowt[tb_update]+$rowt[tb_delete]; if($col2span) { $ins_url = ins_url($rowt); if($rowt[tb_insert]=='1') $tdval .= "$CMT[insert_img] $CMT[insert_mess]"; else $tdval .= " "; } $headval = << $tdval EOCMTTH; if ($rowt[tb_showheaders]==0) $headval = ""; $retval = $titval . $headval; return $retval; } // eof cmt_tr // CMT_TD function cmt_td(&$row) { global $CMT,$td_attribs,$rowt,$rowtr,$rowtd; /* return n .. (one every field) $row table with data $rowt,$rowtr,$rowtd cmt params $srow str_table (for strange_key) */ $retval = ""; for($i=1;$i<=$rowt[MAXTD];$i++) { $fname = $rowtd[$i][td_name]; $id_field = $rowt[tb_id_field]; $value = $row[$fname]; $id_value = $row[$id_field]; // value || str_key /* OLD VERSION $stable = $rowtd[$i][td_str_table]; if(!empty($rowtd[$i][td_str_table])) { $srow = gimme($rowtd[$i][td_str_table],$value,$rowtd[$i][td_str_key]); $fname = $rowtd[$i][td_str_field]; $value = $srow[$fname]; } */ // STRANGE_KEY using wct_strkey if($rowtd[$i][td_str_table]) { // $value = strkey_value($rowt[tb_table],$rowtd[$i][td_name],$value); $value = strkey_value($rowt[id],$rowtd[$i][td_name],$value); } // $attbs = "class=\"item\""; $function_call = "show_$fname"; $function_call2 = "show2_$fname"; if(function_exists($function_call2)) // show2_fname=poziv ajax procedure za edit { $value = $function_call2($fname,$value,$i,$row); } else if(function_exists($function_call)) // normalni poziv polja { $value = $function_call($fname,$value,$i,$row); } // standardni formati: datum, number, nl2br, checkbox... if($rowtd[$i][td_display_format]) { $fmt_array = explode(",",$rowtd[$i][td_display_format]); switch($fmt_array[0]) { case 'date': // npr "value,iso" $iso_hr = $fmt_array[1]; if(empty($iso_hr)) $iso_hr='iso'; $value = date_format2($value,$iso_hr); break; case 'datetime': // npr "value,iso" $iso_hr = $fmt_array[1]; if(empty($iso_hr)) $iso_hr='iso'; $value = date_format2(substr($value,0,10),$iso_hr).substr($value,10); break; case 'number': // npr "value,decimala" $num_decimala = $fmt_array[1]; if(empty($num_decimala)) $num_decimala=0; $value = $fmt_array[2].num2cro($value,$num_decimala).$fmt_array[3]; break; case 'textarea': $value = nl2br($value); break; case 'checkbox': if($value) $value = $CMT[checked_yes]; else $value = $CMT[checked_not]; break; case 'checkbox0': // prikazuje samo DA if($value) $value = $CMT[checked_yes]; else $value = " "; break; // klikom na njega da mu se mijenja status case 'checkbox_status': // prikazuje samo DA if($value) $ikona = $CMT[root_folder]."wcs/images/da.png"; else $ikona = $CMT[root_folder]."wcs/images/ne.png"; $status_php = $CMT[root_folder].$CMT[wct_index]; $value = "\"Promijeni"; break; case 'picture': // 1: width=250 (formatiranje) // 2: dok/folder/ (folder - relativno) $value = $CMT['root_folder'].$fmt_array[2].$value; $value = ""; break; case 'link': eval("\$mess_go = \"$fmt_array[1]\";"); // moze imati varijebale eval("\$href_go = \"$fmt_array[2]\";"); // moze imati varijebale $value = "$mess_go"; break; case 'bold': $value = "$value"; break; case 'order': // $reorder_function = '1'; // $value = select_num(1,30,"record_reorder",$value,"onChange=recordReorder('$fname',$id_value,this);"); $location = "wct_index.php?run=wct_corder&wct=$_GET[wct]&fname=$fname&rid=$id_value&new_ord="; $value = select_num(1, 99, "record_reorder", $value, "onChange=\"javascript:location.replace('$location'+this.value);\""); break; case 'staz': // prikaz staza g m d $value = staz_format($value); break; } } if($value=="") $value=" "; $retval .=<<$value EOCMTTD; } if($reorder_function=='1') $js_reorder=<< EOJSREORDER; return $js_reorder . $retval; } // eof cmt_td // CMT_TABLE function cmt_table($id,$filter="",$order="",$pagestart="",$pageitems="") { global $HTTP_POST_VARS,$HTTP_GET_VARS,$CMT,$td_attribs,$tr_attribs,$rowt,$rowtr,$rowtd,$VArow; /* pripremi i izvrši select oblikuje prikaz: uzima sve parametre iz wct_table, wct_tr i wxt_td doda atribute iz wct_attribute */ //die("i: $id
    f: $filter
    o: $order
    s: $pagestart
    i: $pageitems"); /* return ..m..
    ..n..
    for table for id */ if(empty($CMT[hide_wct_table])) // funkcije koje dolaze iza mogu isključiti prikaz centralne tabele $CMT[hide_wct_table] = '0'; if(empty($pagestart)) $pagestart = 1; // _table $vrati = "_TABLE
    "; foreach($rowt as $key=>$value) { $$key=$value; $vrati .= "$key: $value
    "; } // _tr (1 .. n) $trwhere = "id_table='$rowt[id]'"; $rowtr=gimme2($CMT[table_wct_tr],$trwhere); $vrati .= "_TR
    "; $key = 0; // init for MAX if (is_array($rowtr)) { foreach($rowtr as $key=>$value) { $$key=$value; foreach($value as $key2=>$value2) { $$key2=$value2; } } } // is_array $rowtr[MAXTR] = $key; // _td (1 .. n) $tdwhere = "id_table='$rowt[id]' and td_publish='1'" . $CMT[tdwhere_add]; /* $CMT[tdwhere_add] je dodatni uvjet koji se moze postaviti u aplikaciji i tijekom izvodjenja moze uvjetovati da se neko polje ne prikazuje primjer: if($HTTP_GET_VARS[prik]=='prev') $CMT[tdwhere_add] = " AND td_name!='act_izbaci'"; */ $rowtd=gimme2($CMT[table_wct_td],$tdwhere,"ORDER by td_order"); $vrati .= "_TD
    "; $key = 0; // init for MAX if (is_array($rowtd)) { foreach($rowtd as $key=>$value) { $$key=$value; foreach($value as $key2=>$value2) { $$key2=$value2; } } } // if rowtd $rowt[MAXTD] = $key; // FILTER if(!empty($rowt[tb_filter])) // predefined filter { $filt_exp = $rowt[tb_filter]; if(function_exists($filt_exp)) // A function { $rowt[tb_filter] = $filt_exp(); // die($afilt[filt_exp]); } else // B expression { eval("\$rowt[tb_filter] = \"$filt_exp\";"); // echo "$filt_exp
    "; } $WHERE = "WHERE $rowt[tb_filter]"; } //die($WHERE); if(empty($filter)) // during aplication execution { if(isset($filter)) { unset($filter); unset($HTTP_GET_VARS[filt]); unset($HTTP_GET_VARS[FILTER_STRING]); } // die(); } else { $afilt = gimme($CMT[table_wct_filter],$filter,"filt_id","id_table=$rowt[id]"); /* dovoljno je u bazu upisati filter sa varijablom, npr: concat(polje1,polje2,polje3) like '$FILTER_STRING' (FILTER_STRING mora biti donešena sa POST ILI GET) */ /* $FILTER_STRING="arko"; foreach ($afilt as $key=>$value) { $$key=$value; echo "$key: $value
    "; } eval("\$filt_exp = \"$filt_exp\";"); echo "$filt_exp
    "; die(); */ /* univerzalniji filter, moše biti bilo što u bazu se upisuje ime funkcije, npr filter_glavni a mora se kodirati funkcija filter_glavni(), negdje u show.inc.php od te aplikacije */ // A function $filt_exp = $afilt[filt_exp]; if(function_exists($filt_exp)) { $afilt[filt_exp] = $filt_exp(); // die($afilt[filt_exp]); } else { eval("\$afilt[filt_exp] = \"$filt_exp\";"); // die("eval $filt_exp
    "); } if(empty($WHERE)) $startWHERE = " WHERE "; else $startWHERE = $WHERE . " and "; $WHERE = $startWHERE . $afilt[filt_exp]; } $VArow[WHERE] = $WHERE; // echo "$afilt[filt_exp]
    $WHERE
    "; // die(); // count all items (without LIMIT) empty($rowt[tb_database]) ? $thistable = $rowt[tb_table] : eval("\$thistable = \"$rowt[tb_database].\$rowt[tb_table]\";"); $tsel = " select 1 from $thistable $WHERE "; $rowres = mysql_query($tsel) or die_hard(mysql_error()."
    $tsel"); $rowt[TOTALITEMS] = mysql_num_rows($rowres); mysql_free_result($rowres); // ORDER if(empty($order)) { if(!empty($rowt[tb_order])) { $order_exp = $rowt[tb_order]; if(function_exists($order_exp)) { $ORDER = $order_exp(); // die($afilt[filt_exp]); } else { eval("\$ORDER = \"$order_exp\";"); // die("eval $filt_exp
    "); } $ORDER = "ORDER BY $ORDER"; // $ORDER = "ORDER BY $rowt[tb_order]"; } } else // order function { $order_exp = $rowt[tb_order]; if(function_exists($order_exp)) { $ORDER = $order_exp(); // die($afilt[filt_exp]); } else // B expression { eval("\$ORDER = \"$order_exp\";"); // die("eval $filt_exp
    "); } } // LIMIT $pageitems2 = $HTTP_GET_VARS[items]; if(empty($pageitems2)) // ako nema parametra { if(empty($rowt[tb_pageitems])) // pa nema niti u tabeli { $pageitems2 = $CMT[pageitems]; // uzmi default } else $pageitems2=$rowt[tb_pageitems]; // ima u tabeli } // pageitems ima format br1,br2 // br1 broj objekata na strani // br2 broj objekata za prikaz u jednom redu, default 1 // list($pageitems,$itemsinrow) = explode(',',$pageitems2); if(empty($itemsinrow)) $itemsinrow = 1; $CMT[pageitems] = $pageitems; // daj to globalno $CMT[itemsinrow] = $itemsinrow; $maxpages = max(ceil($rowt[TOTALITEMS] / $pageitems), 1); $pagestart = max($pagestart,1); // check if pagestart is valid $pagestart = min($pagestart,$maxpages); if($pagestart==1) // pagestart { $LIMIT = "LIMIT $pageitems"; } else { $startfrom = ($pagestart-1) * $pageitems; $LIMIT = "LIMIT $startfrom,$pageitems"; } // run query $tsel = " SELECT $rowt[tb_field_list] FROM $thistable $WHERE $ORDER $LIMIT "; $rowres = mysql_query($tsel) or die_hard(mysql_error()."
    $tsel"); $retval = cmt_tr($rowt,$rowtr,$rowtd); // "th" /* attributes for every row (tr) */ for($i=1;$i<=$rowtr[MAXTR];$i++) { $tr_attribs[$i] = get_attributes($CMT[table_wct_tr],$rowtr[$i][id]); } /* attributes for every field (td) put in array td_attribs */ for($i=1;$i<=$rowt[MAXTD];$i++) { $td_attribs[$i] = get_attributes($CMT[table_wct_td],$rowtd[$i][id],$filter); } $row_id_field = $rowt[tb_id_field]; $countr = 0; while($row=mysql_fetch_array($rowres,MYSQL_ASSOC)) { // tr $countr++; switch ($rowtr[MAXTR]) { case 0: $CMT[tr_attbs] = ""; break; case 1: $CMT[tr_attbs] = $tr_attribs[1]; break; default: $modTR = $countr % $rowtr[MAXTR]; $modTR++; $CMT[tr_attbs] = $tr_attribs[$modTR]; // ++ because tr_attributes starts at 1 } $modinrow = $countr % $itemsinrow; // echo "$pageitems2 | $itemsinrow, $countr, $modinrow
    "; $td_n = cmt_td($row); // td .. td $row_id_value = $row[$row_id_field]; if($rowt[tb_update]=='1') { // update column button/link $upd_url = upd_url($rowt[id],$row_id_value); $td_n .= " $CMT[update_img] $CMT[update_mess]"; } if($rowt[tb_delete]=='1') { // delete column button/link $del_url = del_url($rowt[id],$row_id_value); $td_n .= " $CMT[delete_img] $CMT[delete_mess]"; } // before_tr if(function_exists("before_tr")) $html_before_tr = before_tr($row); // after_tr if(function_exists("after_tr")) $html_after_tr = after_tr($row); $td_xn .= $td_n; // ubaciti koliko td ide u jedan tr (default 1)! if($modinrow=='0') { $retval .= disp_tr($html_before_tr,$td_xn,$html_after_tr); $td_xn = ""; // ocisti za novi red } } if($modinrow) { // zadnji red (ako ima) for($i=$modinrow+1;$i<=$itemsinrow;$i++) $td_xn .= " "; $retval .= disp_tr($html_before_tr,$td_xn,$html_after_tr); } mysql_free_result($rowres); //die(); if($rowt[tb_insert]=='1') { $colspan = $rowt[MAXTD] + $rowt[tb_update]+$rowt[tb_delete]; $tdparams = 'colspan="'.$colspan.'" class="footer"'; $ins_url = ins_url($rowt); $retval .= << $CMT[insert_img] $CMT[insert_mess] EOFOOTINS; } // before_table if(function_exists("before_table")) $html_before_table = before_table(); // after_table if(function_exists("after_table")) $html_after_table = after_table(); // provjeriti zašto ovdje imam
    $html_after_table
    EO_AFT_TAB; $CMT[navigate] = navigate($pagestart,$pageitems2,$rowt[TOTALITEMS],$rowt[id],$filter); // navigacija: 0: bez; 1: dolje; 2: gore; 4: gore i dolje switch($rowt[tb_shownavigation]) { case '0': $html_navigation_after = ""; $html_navigation_before = ""; break; case '1': $html_navigation_after = $CMT[navigate]; $html_navigation_before = ""; break; case '2': $html_navigation_after = ""; $html_navigation_before = $CMT[navigate]; break; case '4': $html_navigation_after = $CMT[navigate]; $html_navigation_before = $CMT[navigate]; break; } $attbs = get_attributes($CMT[table_wct_table],$rowt[id]); // attributes for this table if(empty($retval)) $retval = "$CMT[empty_res]"; // after_table if(function_exists("last_tr")) $last_tr = last_tr(); $html_wct_table = " $retval $last_tr
    "; if ($CMT[hide_wct_table]=='1') $html_wct_table = ""; $retval = <<".$trsel; return $retval; } // eof cmt_table // DISP_TR function disp_tr(&$html_before_tr,&$td_xn,&$html_after_tr) { global $CMT; return << $td_xn $html_after_tr EOCMTTR; } // eof disp_tr // UPD_URL function upd_url($id,$rid) { global $CMT,$HTTP_GET_VARS; return "$CMT[wct_index]?run=edt&wct=$id&rid=$rid"; } // DEL_URL function del_url($id,$rid) { global $CMT,$HTTP_GET_VARS; return "$CMT[wct_index]?run=del&wct=$id&rid=$rid"; } // INS_URL function ins_url(&$rowt) { global $CMT,$HTTP_GET_VARS; if($CMT['custom_ins_url']) // definirano negdje u skriptama return $CMT['custom_ins_url']; if($rowt[tb_insert_params]=='forbidden') return "#"; // ima li dodatnih parametara if($rowt[tb_insert_params]) { $par_arr = explode(',',$rowt[tb_insert_params]); foreach($par_arr as $key => $value) { $value=trim(chop($value)); // list($row_value,$get_value) = explode(":",$value); $add_params .= "&$value=".$HTTP_GET_VARS[$value]; } } return "$CMT[wct_index]?run=edt&wct=$rowt[id]&rid=0".$add_params; } // eof ins_url // ispis function generate_anchor_id($rowt,&$row) { global $CMT,$HTTP_GET_VARS; $tb_id = $rowt['tb_id_field']; $tr_id = "a_".$tb_id."_".$row[$tb_id]; return $tr_id; } // eof ispis // CMT_ROW function cmt_row($id,$rid) { global $rowt,$CMT,$VArow,$HTTP_REFERER; /* shows one row from table using template */ $CMT[template] = $rowt[tb_template]; // general template for cmt_index $rowtemplate = $rowt[tb_rowtemplate]; // template for row $ridrow = gimme($rowt[tb_table],$rid,$rowt[tb_id_field]); // get row! foreach($ridrow as $key=>$value) { $VArow[$key] = $value; // VArow is needed for parse_sect } if(is_file($rowtemplate)) { $VArow[return_to_memb] = $HTTP_REFERER; $function_call = "show_trigger"; if(function_exists($function_call)) $retval .= $function_call($ridrow); $tplfile = join('',file($rowtemplate)); $retval = parse_sect($tplfile,$ridrow,'',''); } return $retval; } // eof cmt_row /** * definiraju se linkovi koji se pojavljuju prelaskom miša preko naziva prvog polja * klasika je update, razmak, delete * mogucnost dodavanja i mijenjanja redoslijeda akcija * mogucnost definiranja default akcije (klik na naziv) * */ class show_action { public $rid = 0; // id (wct) aplikacije public $wct = 0; // uid tabele koja se prikazuje public $limit_caption = 60; // maksimalno znakova u caption; 0=nema ogranicenja public $tb_id_field = ""; public $caption = ""; // tekst preko kojeg se prelazi public $cb = ""; // checkbox za svaki red (todo!) public $actions = array(); // lista akcija (
  • ....
  • ) public $default_action = "#"; public $div_id = ""; public $error_message = ""; // najava::__constructor function __construct(&$fname,&$value,$i,&$row) { global $CMT,$rowt,$rowtr,$rowtd; $this->tb_id_field = $rowt['tb_id_field']; $this->rid = $row[$this->tb_id_field]; $this->wct = $_GET['wct']; $this->caption = $value; //$row[$fname]; $this->div_id = "sebmenu_".$this->rid; // $cb = $this->show__CHECKBOX($fname,$value,$i,$row); // default: if($this->limit_caption>0) { if(mb_strlen($this->caption,'UTF-8')>$this->limit_caption) $disp_caption = mb_substr($this->caption,0,$this->limit_caption,'UTF-8')."..."; else $disp_caption = $this->caption; } $this->add_action(1,$this->upd_url(),"Uredi "".$disp_caption."""); $this->add_action(2,"#","---"); $this->add_action(3,$this->del_url(),"ObriĹĄi "".$disp_caption.""","red"); $this->default_action = $this->upd_url(); } // eof __constructor // display function display() { global $CMT,$rowt,$rowtr,$rowtd; for($i=1;$i<=sizeof($this->actions);$i++) $retval_li .= $this->actions[$i]; return <<cb $this->caption

      $retval_li
    EOACTDISP; } // eof display // add_action /** * ubacuje
  • na $order mjesto, sve ispod pomice za jedno mjesto * radi to odozada prema napred!! * * @param number $order redni broj na listi * @param string $href * @param string $caption * @param string $additional */ function add_action($order,$href,$caption,$additional="") { global $CMT,$rowt,$rowtr,$rowtd; $imax = sizeof($this->actions); for($i=$imax;$i>=$order;$i--) { // pomicem preostale za 1 prema dolje $novi_order = $i+1; $this->actions[$novi_order] = $this->actions[$i]; } if($additional=="red") $a_style = "style='color: Red;'"; $arr_additional = explode("|",$additional); switch($arr_additional[0]) { case "ow2": $this->actions[$order] = "
  • $caption
  • "; break; case "otvoriIframe": $this->actions[$order] = "$caption"; break; default: $this->actions[$order] = "
  • $caption
  • "; } /* if($additional=="ow2") { $this->actions[$order] = "
  • $caption
  • "; } else { $this->actions[$order] = "
  • $caption
  • "; } */ } // eof add_action // UPD_URL function upd_url() { global $CMT,$rowt,$rowtr,$rowtd; if($CMT['akcija_update']) // mogu podmetnuti return $CMT['akcija_update']; else return $CMT['wct_index']."?run=edt&wct=".$this->wct."&rid=".$this->rid; } // DEL_URL function del_url() { global $CMT,$rowt,$rowtr,$rowtd; return $CMT['wct_index']."?run=del&wct=".$this->wct."&rid=".$this->rid; } // INS_URL function ins_url() { global $CMT,$rowt,$rowtr,$rowtd; if($rowt[tb_insert_params]=='forbidden') return "#"; // ima li dodtnih parametara if($rowt[tb_insert_params]) { $par_arr = explode(',',$rowt[tb_insert_params]); foreach($par_arr as $key => $value) { $value=trim(chop($value)); // list($row_value,$get_value) = explode(":",$value); $add_params .= "&$value=".$HTTP_GET_VARS[$value]; } } return $CMT['wct_index']."?run=edt&wct=".$this->wct."&rid=0".$add_params; } // eof ins_url // show__CHECKBOX function show__CHECKBOX() { global $CMT,$rowt,$rowtr,$rowtd,$VArow,$HTTP_GET_VARS; return ""; $idfield = $rowt[tb_id_field]; $idvalue = $row[$idfield]; return ""; } // eof show__CHECKBOX } // eoc show_action ?> > rows from wct_tr, wct_td, wct_attribs... // ID: application id // RID: id in application table $rowt = gimme($CMT[table_wct_table],$ID); // definitions from wct_table $idfname = $rowt[tb_id_field]; $tb_database = $rowt[tb_database]; eval("\$table_base = \"$tb_database\";"); if(!empty($RID)) // values $row = gimme("$table_base.$rowt[tb_table]",$RID,$rowt[tb_id_field]); // captions /* - ako se poziva sa database.table, ostavi tako - ako se poziva samo sa table - ako je to jedna od wct_xxx, tada dodaj wolf_wct.table - ako nije ostavi samo table */ $deltable = "$table_base.$rowt[tb_table]"; if(!strpos($deltable,'.')) { if(in_array($deltable,$CMT[WCT_TABLES])) $deltable = $CMT[DATABASE_WCT].".".$deltable; } $delstr = " delete from $deltable where $idfname='$RID' limit 1 "; // TRIGGERS $ACTION = 'D'; $CMT[ID] = $ID; $CMT[RID] = $RID; $preDmess = do_triggers('pre',$ACTION,$HTTP_POST_VARS,$rowt); if(!empty($preDmess)) { // EXIT: preD error return $preDmess; } else { // EXIT: query error /* sto u slucaju brisanja stranog kljuca? RESTRICT/CASCADE/SET NULL/NO ACTION */ switch ($rowt[tb_strkey_delete]) { case 'RESTRICT': $sk_fields = strkey_fields($row,$rowt); if($sk_fields) die("Delete: RESTRICT"); break; case 'CASCADE': cascade_delete($row,$rowt); break; case 'SET NULL': cascade_setnull($row,$rowt); break; case 'NO ACTION': break; } // log, backup /* idu najprije log i backup, jer backup mora pobrati situaciju prije update log mora ici prije backup kako bi dobio id u log_file s kojim ce se vezati backup record (tabela_backup.LOG_ID) */ $ide_log=$rowt[tb_log]; $ide_backup=$rowt[tb_backup]; if($ide_log) { // echo "log=[$ide_log]
    backup=[$ide_backup]
    "; $sstring=addslashes($delstr); $dWhere="$idfname=$RID"; // $rowuser[id]: pretpostavlja da tabela ima kljuc id, sto ako je neki drugi? $log_query= " INSERT INTO log_file (l_time,l_login,l_wct,l_table,l_ip,l_action,l_attach,l_aff_rows,l_updstring,l_updwhere) VALUES ( NOW(), '$rowuser[id]', '$ID', '$rowt[tb_table]', '$REMOTE_ADDR', 'D', '', '1', '$sstring', '$dWhere' )"; $log_result = mysql_query ($log_query) or die ("Log file corupt!" . mysql_error()."
    $log_query"); if(mysql_affected_rows()) $log_id = mysql_insert_id(); else $log_id = 0; // backup ide nakon zapisa u log za update if($ide_backup && mysql_affected_rows()) { backup_record($rowt[tb_table],"D",$dWhere,$log_id); } } // EXEC DELETE $retval = ""; $resd = mysql_query($delstr) or $retval ="Error: ".mysql_error()."
    $delstring"; if($retval && $log_id) // error, undo log/backup { $undo_query = "DELETE FROM log_file WHERE id=$log_id"; $undo_result = mysql_query ($undo_query) or die ("Log file corupt!" . mysql_error()); $undo_query = "DELETE FROM $rowt[tb_table]_table WHERE LOG_ID=$log_id"; $undo_result = mysql_query ($undo_query) or die ("Log file corupt!" . mysql_error()); } if (empty($retval)) { $retval = do_triggers('post',$ACTION,$HTTP_POST_VARS,$rowt); // postD_trigger() if(empty($retval)) { $retval = "Obrisano
    Klikni za nastavak"; if($CMT[auto_proceed]) $retval = ""; } } } return $retval; } // eof cms_del_db // CMS_DEL function cms_del($ID,$RID) { global $CMT,$VArow,$HTTP_REFERER; $retval = ""; $rowt = gimme($CMT[table_wct_table],$ID); // definitions from wct_table $CMT[template] = $rowt[tb_edittemplate]; // general template for cmt_index $tdwhere = "id_table='$rowt[id]' AND td_publish='1'"; // get fields from wct_field $tb_database = $rowt[tb_database]; eval("\$table_base = \"$tb_database\";"); if(!empty($RID)) // values $row = gimme("$table_base.$rowt[tb_table]",$RID,$rowt[tb_id_field]); // captions $rowtd=gimme2($CMT[table_wct_td],$tdwhere,"ORDER by td_order"); foreach($rowtd as $key=>$value) { $$key=$value; foreach($value as $key2=>$value2) { $$key2=$value2; } $retval .= "$td_caption: $row[$td_name]
    "; } $idfname = $rowt[tb_id_field]; $obrisi=convert_uni_2_web("Obriši!"); // Foreign Key Delete if($rowt[tb_strkey_delete]=='RESTRICT') { $sk_fields = strkey_fields($row,$rowt); //echo "$rowt[tb_strkey_delete]
    fields: $sk_fields
    "; // stop! $retval_hr = "

    Zahtjev za brisanje!

    iz tabele $rowt[tb_caption]
    $idfname = $row[$idfname]

    $retval
    Upozorenje:
    Brisanje nije dozvoljeno, jer se podaci za brisanje koriste na drugim mjestima.
    (
    $sk_fields )

    Back

    "; if($sk_fields) { if($CMT['admin_language']=='en') return $retval_en; else return $retval_hr; } } $retval_hr =<<Zahtjev za brisanje!

    iz tabele $rowt[tb_caption]
    $idfname = $row[$idfname]

    $retval
    EODEL1; $obrisi = "Delete!"; $retval_en =<<Request for deletion!

    from table $rowt[tb_caption]
    $idfname = $row[$idfname]

    $retval
    EODEL1E; if($CMT['admin_language']=='en') return $retval_en; else return $retval_hr; } // eof cms_del // strkey_fields function strkey_fields($row,&$rowt) { global $CMT,$HTTP_GET_VARS; // 1) strkey definition $sql_sk = " SELECT * FROM $CMT[table_wct_strkey] WHERE target_table='$rowt[tb_table]' "; $res_sk = mysql_query($sql_sk) or die(mysql_error()."
    $sql_sk"); if($number_sk=mysql_num_rows($res_sk)) { while ($row_sk=mysql_fetch_array($res_sk,MYSQL_ASSOC)) { $row_fieldname = $row_sk[target_key]; $field_value = $row[$row_fieldname]; $sk_table = gimme($CMT[table_wct_table],$row_sk[id_table]); // 2. check for existing skrkeys $sql_sk2 = " SELECT $row_sk[str_field] FROM $sk_table[tb_table] WHERE $row_sk[str_field]='$field_value' LIMIT 1 "; $res_sk2 = mysql_query($sql_sk2) or die(mysql_error()."
    $sql_sk2"); if(mysql_num_rows($res_sk2)) { $retval .= "$sk_table[tb_table].$row_sk[str_field]='$field_value'
    "; } // >1 } // while row } // >1 return $retval; } // eof strkey_fields // cascade_delete function cascade_delete($row,&$rowt) { global $CMT,$HTTP_GET_VARS; // 1) strkey definition $sql_sk = " SELECT * FROM $CMT[table_wct_strkey] WHERE target_table='$rowt[tb_table]' "; $res_sk = mysql_query($sql_sk) or die(mysql_error()."
    $sql_sk"); if($number_sk=mysql_num_rows($res_sk)) { while ($row_sk=mysql_fetch_array($res_sk,MYSQL_ASSOC)) { $row_fieldname = $row_sk[target_key]; $field_value = $row[$row_fieldname]; $sk_table = gimme($CMT[table_wct_table],$row_sk[id_table]); //echo "field: $row_sk[target_key], value: $field_value
    "; // 2. delete records with existing skrkey $sql_sk2 = " DELETE FROM $sk_table[tb_table] WHERE $row_sk[str_field]='$field_value' "; // die($sql_sk2); $res_sk2 = mysql_query($sql_sk2) or die(mysql_error()."
    $sql_sk2"); } // while row } // >1 return $retval; } // eof cascade_delete // cascade_setnull function cascade_setnull($row,&$rowt) { global $CMT,$HTTP_GET_VARS; // 1) strkey definition $sql_sk = " SELECT * FROM $CMT[table_wct_strkey] WHERE target_table='$rowt[tb_table]' "; $res_sk = mysql_query($sql_sk) or die(mysql_error()."
    $sql_sk"); if($number_sk=mysql_num_rows($res_sk)) { while ($row_sk=mysql_fetch_array($res_sk,MYSQL_ASSOC)) { $row_fieldname = $row_sk[target_key]; $field_value = $row[$row_fieldname]; $sk_table = gimme($CMT[table_wct_table],$row_sk[id_table]); //echo "field: $row_sk[target_key], value: $field_value
    "; // 2. SET NULL $sql_sk2 = " UPDATE $sk_table[tb_table] SET $row_sk[str_field]=NULL WHERE $row_sk[str_field]='$field_value' "; // die($sql_sk2); $res_sk2 = mysql_query($sql_sk2) or die(mysql_error()."
    $sql_sk2"); } // while row } // >1 return $retval; } // eof cascade_setnull // DO_TRIGGERS function do_triggers($type,$ACTION,&$HTTP_POST_VARS,&$rowt) { global $CMT,$rowfl; /* gather all triggers trigger $type: 'pre', 'post' $ACTION: U I D preU_trigger() preI_trigger() preD_trigger postU_trigger postI_trigger() postD_trigger function can be stored in included file defined by wct-table.tb_include field */ // set checkbox if empty if($HTTP_POST_VARS[checkbox_fields]) { $cb_arr = explode(',',$HTTP_POST_VARS[checkbox_fields]); arr_delete_blanks($cb_arr); } if(is_array($cb_arr)) { foreach($cb_arr as $n=>$thefield) { if(empty($HTTP_POST_VARS[$thefield])) $HTTP_POST_VARS[$thefield] = '0'; } // foreach } // if array unset($field_arr); // samo PRE_TRIGGER!! if($type=="pre") { // set date format for DB if($HTTP_POST_VARS[date_fields]) { $date_arr = explode(',',$HTTP_POST_VARS[date_fields]); arr_delete_blanks($date_arr); foreach($date_arr as $n=>$thefield) { $HTTP_POST_VARS[$thefield] = date_format2($HTTP_POST_VARS[$thefield],'hr'); } // foreach } if($HTTP_POST_VARS[staz_fields]) { $staz_arr = explode(',',$HTTP_POST_VARS[staz_fields]); arr_delete_blanks($staz_arr); foreach($staz_arr as $n=>$thefield) { $field_GG = $thefield."_GG"; $field_MM = $thefield."_MM"; $field_DD = $thefield."_DD"; $HTTP_POST_VARS[$thefield] = $HTTP_POST_VARS[$field_GG]."-". $HTTP_POST_VARS[$field_MM]."-". $HTTP_POST_VARS[$field_DD]; } // foreach } // set number format for DB // number_arr: nazivi polja dobiveni iz _POST // // field_arr: nazivi polja koja se trebaju formatirati // dobiveno iz rowfl[fl_name] (definicije num polja) + // add_number_fields: rucno dodani nazivi num polja $number_arr = explode(',',$HTTP_POST_VARS[number_fields]); // zadnji element moze biti "" zbog zadnjeg zareza arr_delete_blanks($number_arr); if(is_array($number_arr)) { foreach($number_arr as $n=>$thefield) { // value=fl_name $HTTP_POST_VARS[$thefield] = cro2num($HTTP_POST_VARS[$thefield]); } // foreach } // if array unset($field_arr); } // die(); $retval = ''; // for echo ... $function_call = $type.$ACTION."_trigger"; if(function_exists($function_call)) $retval = $function_call($HTTP_POST_VARS,$rowt); return $retval; } // eof do_triggers function required_error($err_arr) { global $CMT,$rowt,$rowfl; $key = 0; // init for MAX $retval = "$CMT[required_mess]:
    "; foreach($rowfl as $key=>$value) { $$key=$value; if(in_array($value[fl_name],$err_arr)) $retval .= "  $value[fl_caption]
    "; /* foreach($value as $key2=>$value2) { $$key2=$value2; if(in_array($value2,$err_arr)) $retval .= "  $value2
    "; } */ } return $retval.diehard($CMT[error_in_form],"javascript:history.back();",$CMT[reenter_form]); } // required_error // required_field function required_field($REQ) { global $CMT; // stavi oznaku da je polje REQUIRED if(empty($CMT[required_icon])) $CMT[required_icon] = 'wcs/images/required.gif'; if(empty($CMT[required_mess])) $CMT[required_mess] = 'Obavezno upisati!'; if($REQ=='1') { $retval = "$CMT[required_mess] "; } return $retval; } // eof required_field // help_field function help_field($HELP) { global $CMT; // stavi gif sa helpom (onMouseOver) if(empty($CMT[help_icon])) $CMT[help_icon] = 'wcs/images/help.gif'; if($HELP) { $help_over = help_overlib($HELP); if(!empty($help_over)) $retval = <<   EOFL_HELP; } return $retval; } // eof help_field // CMS_ROW_DB function cms_row_db($ID,$RID) { global $CMT,$HTTP_POST_VARS,$HTTP_POST_FILES,$rowfl; /* write to database */ /* foreach($HTTP_POST_VARS as $key => $value) { $$key = $value; echo "POST) $key: $value
    "; } foreach($CMT as $key => $value) { $$key = $value; echo "CMT) $key: $value
    "; } die(); */ // stara verzija if($HTTP_POST_VARS[submit_form]==$CMT[submit_odustani]) { if(empty($CMT[cancel_redirect])) $CMT[cancel_redirect] = $HTTP_POST_VARS[REFERER]; // $CMT[cancel_redirect] = "$CMT[wct_index]?run=row&wct=$ID&rid=$RID"; $nastavi = "Odustao"; $nastavi = ""; die($nastavi); } // nova varijanta preko naziva submit polja if($HTTP_POST_VARS[submit_cancel]) { if(empty($CMT[cancel_redirect])) $CMT[cancel_redirect] = $HTTP_POST_VARS[REFERER]; // $CMT[cancel_redirect] = "$CMT[wct_index]?run=row&wct=$ID&rid=$RID"; $nastavi = "Odustao"; $nastavi = ""; die($nastavi); } $rowt = gimme($CMT[table_wct_table],$ID); // definitions from wct_table $CMT[template] = $rowt[tb_template]; // general template for cmt_index $edittemplate = $rowt[tb_edittemplate]; // template for row $flwhere = "id_table='$rowt[id]' and fl_publish='1'"; // get fields from wct_field $rowfl=gimme2($CMT[table_wct_field],$flwhere,"ORDER by fl_order"); if(isset($RID)) { if($RID=='0') // INSERT { $ACTION = "I"; $WHERE = ""; } else // UPDATE { $ACTION = "U"; $WHERE = "$rowt[tb_id_field]='$RID'"; } // TRIGGERS $retval = do_triggers('pre',$ACTION,$HTTP_POST_VARS,$rowt); if($HTTP_POST_VARS[return_status]=='-1') { // error na triger return $retval; } else { // triggeri OK // trazi tabelu iz wct_table[tb_database] $tb_db = $rowt[tb_database]; eval("\$tb_db = \"$tb_db\";"); $written = azuriraj($HTTP_POST_VARS,"$tb_db.$rowt[tb_table]",$ACTION,$WHERE); switch($HTTP_POST_VARS[return_status]) { case '-1': // error na azuriraj() $proceed = required_error($written); // written je tu error_array break; default: $proceed = do_triggers('post',$ACTION,$HTTP_POST_VARS,$rowt); if(empty($proceed)) { $proceed = "Nastavi"; if($CMT[auto_proceed]) $proceed = ""; } } return $proceed; } } else { // error RID not set! } return $retval; } // eof cmt_row_db function cms_input($ID,$RID,&$rowt,&$rowfl,&$row) { global $CMT,$VArow,$HTTP_REFERER,$resrow,$HTTP_GET_VARS; $HTTP_REFERER = $_SERVER['HTTP_REFERER']; /* generated input form */ $staz_fields = $date_fields = $checkbox_fields = $required_hidden = $number_fields = $retval = ""; if(function_exists(prepare_input)) { prepare_input($ID,$RID,$rowt,$rowfl,$row); } for($i=1;$i<=$rowt[MAXFL];$i++) { // iz prepare_input mogu ukljucivate_iskljucivati polja if($rowfl[$i][fl_publish]=='0') continue; $defvalue = $rowfl[$i][fl_default]; // default if(function_exists($defvalue)) { $rowfl[$i][fl_default] = $defvalue(); } else { eval("\$defvalue = \"$defvalue\";"); $rowfl[$i][fl_default] = $defvalue; } if($rowfl[$i][fl_required]) // required ? $required_hidden .= $rowfl[$i][fl_name].","; if($rowfl[$i][fl_input]=='checkbox') // checkbox ? $checkbox_fields .= $rowfl[$i][fl_name].","; if($rowfl[$i][fl_input]=='date') // date ? $date_fields .= $rowfl[$i][fl_name].","; if($rowfl[$i][fl_input]=='number') // number ? $number_fields .= $rowfl[$i][fl_name].","; if($rowfl[$i][fl_input]=='staz') // number ? $staz_fields .= $rowfl[$i][fl_name].","; // postoji jos mogucnost forsiranog dodavanja u hidden,checkbox,date,number... // to su hidden polja, sadrze imena polja u formi koja moraju biti hidden i sl... // primjenjuje se kada se neka polja definiraju preko display, pa nisu obuhvacena ovdje if($rowfl[$i][fl_name]=='add_required_fields') $required_hidden .= $rowfl[$i][fl_default].","; if($rowfl[$i][fl_name]=='add_checkbox_fields') $checkbox_fields .= $rowfl[$i][fl_default].","; if($rowfl[$i][fl_name]=='add_date_fields') $date_fields .= $rowfl[$i][fl_default].","; if($rowfl[$i][fl_name]=='add_number_fields') $number_fields .= $rowfl[$i][fl_default].","; if($rowfl[$i][fl_name]=='add_staz_fields') $staz_fields .= $rowfl[$i][fl_default].","; if($rowfl[$i][fl_autofocus]) // autofocus { $autofocus_field = $rowfl[$i][fl_name]; $CMT[onload_autofocus] = "document.wct_form.".$autofocus_field.".focus()"; } $this_fname = $rowfl[$i][fl_name]; $ftype = $rowfl[$i][fl_input]; // zajebi navodnike ako nije html editor ili display!! // $row[$this_fname] = addslashes($row[$this_fname]); switch($ftype) { case 'textarea_html': case 'display': break; default: $row[$this_fname] = str_replace('"','"',$row[$this_fname]); } $function_call = "input_$ftype"; // input_text(), input_texarea() ... if(function_exists($function_call)) { // mogu dodati style.display, pa zato trebam i tr_name // pripremit cu sve ovdje, pa svaka funkcija to moze koristiti ako zatreba $rowfl[$i][fl_tr_name] = "tr_$this_fname"; $retval1 = $function_call($rowt,$rowfl,$row,$i); // za standarni input // dodamo opcije pre_tr i post_tr: npr. za postaviti
    ...
    if($rowfl[$i][fl_before_tr]) { $before_tr = $rowfl[$i][fl_before_tr]; if(function_exists($before_tr)) $before_tr = $before_tr($rowt,$rowfl,$row,$i); // else // eval("\$before_tr = \"$before_tr\";"); $retval1 = $before_tr . $retval1; } if($rowfl[$i][fl_after_tr]) { $after_tr = $rowfl[$i][fl_after_tr]; if(function_exists($after_tr)) $after_tr = $after_tr($rowt,$rowfl,$row,$i); // else // eval("\$after_tr = \"$after_tr\";"); $retval1 = $retval1 . $after_tr; } $retval .= $retval1; // za standarni input $retval_tr[$this_fname] = $function_call($rowt,$rowfl,$row,$i); } } // end for all fields $submit_row = input_submit($rowt,$rowfl,$row); if($RID>=1) { // $function_call = "input_$ftype"; // input_text(), input_texarea() ... if(function_exists($VArow[preupdate_text])) $VArow[preform_text] = $VArow[preupdate_text](); else $VArow[preform_text] = $VArow[preupdate_text]; $VArow[postform_text] = $VArow[postupdate_text]; } else { if(function_exists($VArow[preinsert_text])) $VArow[preform_text] = $VArow[preinsert_text](); else $VArow[preform_text] = $VArow[preinsert_text]; $VArow[postform_text] = $VArow[postinsert_text]; } if (function_exists("submit_function")) $onSubmit = submit_function($rowt,$rowfl,$row); else $onSubmit = ""; // submit_row: 0: bez; 1: dolje; 2: gore; 4: gore i dolje switch($rowt[tb_submit]) { case '0': $submit_row_after = ""; $submit_row_before = ""; break; case '1': $submit_row_after = $submit_row; $submit_row_before = ""; break; case '2': $submit_row_after = ""; $submit_row_before = $submit_row; break; case '4': $submit_row_after = $submit_row; $submit_row_before = $submit_row; break; } // template za cijelu formu po ID-u // $CMT[fl_template] = "nekretnine/"; $form_template = $CMT[fl_template] . "form_" . $ID . ".inc.php"; // echo "$CMT[fl_template] // $form_template
    "; // mjesto za ubacivanje javascripte vezane uz formu // stavljeno ispod svih input elemenata kako bih ukljucio js naredbe koje mogu // setirati bilo koji element forme if (function_exists("javascript_function")) $js_code = javascript_function($ID,$RID,$rowt,$rowfl,$row); else $js_code = ""; $form_action = "http://".$_SERVER['SERVER_NAME'].$_SERVER['SCRIPT_NAME']."?run=edt&wct=$ID&rid=$RID"; // $form_action = "edt.php"; if(file_exists($form_template)) { include $form_template; // code snippet: $retval=.... } else $retval =<<
    $submit_row_before $retval $submit_row_after $js_code
    $VArow[postform_text] EOFLFORM; return $retval; } // eof cms_input // fl_iskljuci_polja function fl_iskljuci_polja(&$rowt,&$rowfl,$lista_iskljuci) { $arr_iskljuci = explode(",",$lista_iskljuci); if(is_array($arr_iskljuci)) { foreach ($arr_iskljuci as $key_i=>$iskljuci_name) { for($i=1;$i<=$rowt[MAXFL];$i++) { if($rowfl[$i][fl_name]==$iskljuci_name) { $rowfl[$i][fl_publish] = '0'; } } } } } // eof fl_iskljuci_polja function cms_row($ID,$RID) { global $CMT,$VArow,$HTTP_REFERER,$resrow,$rowfl,$row,$HTTP_GET_VARS; /* edit one row from table generated form */ $rowt = gimme($CMT[table_wct_table],$ID); // definitions from wct_table $CMT[template] = $rowt[tb_template]; // general template for cmt_index // $edittemplate = $rowt[tb_edittemplate]; // template for row $CMT[template] = $rowt[tb_edittemplate]; // general template for cmt_index $flwhere = "id_table='$rowt[id]' AND fl_publish='1'"; if(function_exists("flwhere_add")) $flwhere .= flwhere_add(); // get fields from wct_field $rowfl=gimme2($CMT[table_wct_field],$flwhere,"ORDER by fl_order"); $key = 0; // init for MAX foreach($rowfl as $key=>$value) { $$key=$value; foreach($value as $key2=>$value2) { $$key2=$value2; } $CMT[attbs][$key] = get_attributes('wct_field',$id); // attributes for this field // echo "$key: $id
    "; } $rowt[MAXFL] = $key; if(!empty($RID)) { // trazi tabelu iz wct_table[tb_database] $tb_db = $rowt[tb_database]; eval("\$tb_db = \"$tb_db\";"); $row = gimme("$tb_db.$rowt[tb_table]",$RID,$rowt[tb_id_field]); // get row! } if(empty($edittemplate)) { // generate input form $retval = cms_input($ID,$RID,$rowt,$rowfl,$row); } else { // input form from template } return $retval; } // eof cms_row ?>Cannot connect"); $dbsel = mysql_select_db($CMT[DATABASE]) or die(mysql_error()."
    Cannot select database"); $sql = "SET NAMES 'utf8'"; $res = mysql_query($sql) or die(mysql_error()."
    $sql"); ?>