Location: PHPKode > projects > QuickTicket > quickticket/quickticket/qti_adm_secu.php
<?php

/*
 * PHP versions 4 and 5
 *
 * LICENSE: This source file is subject to version 3.0 of the PHP license
 * that is available through the world-wide-web at the following URI:
 * http://www.php.net/license. If you did not receive a copy of
 * the PHP License and are unable to obtain it through the web, please
 * send a note to hide@address.com so we can mail you a copy immediately.
 *
 * @category   Troubleticket
 * @package    QuickTicket
 * @author     Philippe Vandenberghe <hide@address.com>
 * @copyright  2008-2012 The PHP Group
 * @license    http://www.php.net/license  PHP License 3.0
 * @version    1.9.0.3 build:20081001
 * @link       http://www.qt-cute.org/doc/package/qti
 * @since      File available since Release 1.0.0
 * @deprecated File deprecated in Release 2.0.0
 *
 */
session_start();
require_once('bin/qti_init.php');
include(Translate('qti_lang_adm.inc'));

if ( $oVIP->role!='A' ) die($L['E_admin']);

// INITIALISE

$oVIP->selfurl = 'qti_adm_secu.php';
$oVIP->selfname = $L['Adm_security'];

// --------
// SUBMITTED
// --------

if ( isset($_POST['ok']) )
{
  // check form

  $_SESSION[QT]['visitor_right']=$_POST['pal'];
  $oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$_SESSION[QT]['visitor_right'].'" WHERE param="visitor_right"');

  $_SESSION[QT]['register_mode']=$_POST['regmode'];
  $oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$_SESSION[QT]['register_mode'].'" WHERE param="register_mode"');

  $_SESSION[QT]['register_safe']=$_POST['regsafe'];
  $oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$_SESSION[QT]['register_safe'].'" WHERE param="register_safe"');

  $_SESSION[QT]['javamail']=$_POST['javamail'];
  $oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$_POST['javamail'].'" WHERE param="javamail"');

  $_SESSION[QT]['avatar']=$_POST['avatar'];
  $oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$_POST['avatar'].'" WHERE param="avatar"');

  $_SESSION[QT]['upload']=$_POST['upload'];
  $oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$_POST['upload'].'" WHERE param="upload"');

  $_SESSION[QT]['bbc']=$_POST['bbc'];
  $oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$_POST['bbc'].'" WHERE param="bbc"');

  if ( $_SESSION[QT]['avatar']!='0' )
  {
    if ( isset($_POST['avatarwidth']) )
    {
      $str = strip_tags(trim($_POST['avatarwidth']));
      if ( !QTisbetween($str,20,200) ) { $qti_error = $L['Avatar'].S.$L['Maximum'].' '.$L['E_invalid'].' (20-200 pixels)'; }
      if ( empty($qti_error) )
      {
      $oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'" WHERE param="avatar_width"');
      $_SESSION[QT]['avatar_width']=$str;
      }
    }
    if ( isset($_POST['avatarheight']) )
    {
      $str = strip_tags(trim($_POST['avatarheight']));
      if ( !QTisbetween($str,20,200) ) { $qti_error = $L['Avatar'].S.$L['Maximum'].' '.$L['E_invalid'].' (20-200 pixels)'; }
      if ( empty($qti_error) )
      {
      $oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'" WHERE param="avatar_height"');
      $_SESSION[QT]['avatar_height']=$str;
      }
    }
    if ( isset($_POST['avatarsize']) )
    {
      $str = strip_tags(trim($_POST['avatarsize']));
      if ( !QTisbetween($str,10,100) ) $qti_error = $L['Avatar'].S.$L['Maximum'].S.$L['E_invalid'].' (10-100 kb)';
      if ( empty($qti_error) )
      {
      $oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'" WHERE param="avatar_size"');
      $_SESSION[QT]['avatar_size']=$str;
      }
    }
  }
  if ( $_SESSION[QT]['upload']!='0' )
  {
    if ( isset($_POST['uploadsize']) )
    {
      $str = strip_tags(trim($_POST['uploadsize']));
      if ( !QTisbetween($str,1,10000) ) { $qti_error = $L['Allow_upload'].S.$L['E_invalid'].' (1-10000 Kb)'; }
      if ( empty($qti_error) )
      {
      $oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'" WHERE param="upload_size"');
      $_SESSION[QT]['upload_size']=$str;
      }
    }
  }

  $str = strip_tags(trim($_POST['ppt']));
  if ( !QTisbetween($str,10,999) ) $qti_error = $L['Max_replies_per_topics'].S.$L['E_invalid'].' (10-999)';
  if ( empty($qti_error) )
  {
    $oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'" WHERE param="posts_per_topic"');
    $_SESSION[QT]['posts_per_topic']=$str;
  }
  $str = strip_tags(trim($_POST['cpp']));
  if ( !QTisbetween($str,1,32) ) $qti_error = $L['Max_char_per_post'].S.$L['E_invalid'].' (1-32)';
  if ( $oDB->type=='db2' && !QTisbetween($str,1,32) ) $qti_error = $L['Max_char_per_post'].S.$L['E_invalid'].' (1-32)';
  if ( $oDB->type=='oci' && !QTisbetween($str,1,4) ) $qti_error = $L['Max_char_per_post'].S.$L['E_invalid'].' (1-4)';
  if ( empty($qti_error) )
  {
    $oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'000" WHERE param="chars_per_post"');
    $_SESSION[QT]['chars_per_post']=intval($str)*1000;
  }
  $str = strip_tags(trim($_POST['lpp']));
  if ( !QTisbetween($str,10,999) ) $qti_error = $L['Max_line_per_post'].S.$L['E_invalid'].' (10-999)';
  if ( empty($qti_error) )
  {
    $oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'" WHERE param="lines_per_post"');
    $_SESSION[QT]['lines_per_post']=$str;
  }
  $str = strip_tags(trim($_POST['delay']));
  if ( !QTisbetween($str,1,99) ) $qti_error = $L['Posts_delay'].S.$L['E_invalid'].' (1-99)';
  if ( empty($qti_error) )
  {
    $oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'" WHERE param="posts_delay"');
    $_SESSION[QT]['posts_delay']=$str;
  }
  $str = strip_tags(trim($_POST['ppd']));
  if ( !QTisbetween($str,1,999) ) $qti_error = $L['Max_post_per_user'].S.$L['E_invalid'].' (1-999)';
  if ( empty($qti_error) )
  {
    $oDB->Query('UPDATE '.TABSETTING.' SET setting="'.$str.'" WHERE param="posts_per_day"');
    $_SESSION[QT]['posts_per_day']=$str;
  }

  // exit
  if ( empty($qti_error) ) $strInfo = $L['S_save'];

}

// --------
// HTML START
// --------

include('qti_adm_p_header.php');
include('qti_adm_p_title.php');

// FORM

echo '
<script type="text/javascript">
<!--
function avatardisabled(str)
{
  if (str=="0")
  {
  document.getElementById("avatarwidth").disabled=true;
  document.getElementById("avatarheight").disabled=true;
  document.getElementById("avatarsize").disabled=true;
  }
  else
  {
  document.getElementById("avatarwidth").disabled=false;
  document.getElementById("avatarheight").disabled=false;
  document.getElementById("avatarsize").disabled=false;
  }
  return null;
}
function uploaddisabled(str)
{
  if (str=="0")
  {
  document.getElementById("uploadsize").disabled=true;
  }
  else
  {
  document.getElementById("uploadsize").disabled=false;
  }
  return null;
}
function ValidateForm(theForm)
{
  if (theForm.tpf.value.length < 1) { alert(html_entity_decode("',$L['E_mandatory'],': ',$L['Max_topics_per_section'],'")); return false; }
  if (theForm.ppt.value.length < 1) { alert(html_entity_decode("',$L['E_mandatory'],': ',$L['Max_replies_per_topics'],'")); return false; }
  if (theForm.delay.value.length < 1) { alert(html_entity_decode("',$L['E_mandatory'],': ',$L['Posts_delay'],'")); return false; }
  if (theForm.ppd.value.length < 1) { alert(html_entity_decode("',$L['E_mandatory'],': ',$L['Max_post_per_user'],'")); return false; }
  if (theForm.cpp.value.length < 1) { alert(html_entity_decode("',$L['E_mandatory'],': ',$L['Max_char_per_post'],'")); return false; }
  if (theForm.lpp.value.length < 1) { alert(html_entity_decode("',$L['E_mandatory'],': ',$L['Max_line_per_post'],'")); return false; }
  return null;
}
-->
</script>
';

echo '<form method="post" action="',$oVIP->selfurl,'"  onsubmit="return ValidateForm(this);">
';
echo '<table class="ta" cellspacing="0">
';
echo '<tr class="tr_t">
<th class="th_o th_o_all" colspan="2">',$L['Public_access_level'],'</th>
</tr>
';
echo '<tr class="tr_t" title="',$L['H_Visitors_can'],'">
<th class="th_o th_o_first"><label for="pal">',$L['Visitors_can'],'</label></th>
<td class="td_o">
<select id="pal" name="pal">',QTastags($L['Pal'],null,$_SESSION[QT]['visitor_right']),'</select></td>
</tr>
';
echo '<tr class="tr_t">
<th class="th_o th_o_all" colspan="2">',$L['Registration'],'</th>
</tr>
';
echo '<tr class="tr_t" title="',$L['Reg_mode'],'">
<th class="th_o th_o_first" style="width:250px;"><label for="regmode">',$L['Reg_mode'],'</label></th>
<td class="td_o">
<select id="regmode" name="regmode">
<option value="direct"',($_SESSION[QT]['register_mode']=='direct' ? QSEL : ''),'>',$L['Direct'],'</option>
<option value="email"',($_SESSION[QT]['register_mode']=='email' ? QSEL : ''),'>',$L['By_email'],'</option>
</select>
</tr>
';
echo '<tr class="tr_t" title="',$L['H_Reg_security'],'">
<th class="th_o th_o_first"><label for="regsafe">',$L['Reg_security'],'</label></th>
<td class="td_o">
<select id="regsafe" name="regsafe">
<option value="none"',($_SESSION[QT]['register_safe']=='none' ? QSEL : ''),'>',$L['None'],'</option>
<option value="text"',($_SESSION[QT]['register_safe']=='text' ? QSEL : ''),'>',$L['Text_code'],'</option>
<option value="image"',($_SESSION[QT]['register_safe']=='image' ? QSEL : ''),'>',$L['Image_code'],'</option>
</select>
</tr>
';
echo '<tr class="tr_t">
<th class="th_o th_o_all" colspan="2">',$L['Security_rules'],'</th>
</tr>
';
echo '<tr class="tr_t" title="',$L['H_Max_replies_per_topics'],'">
<th class="th_o th_o_first"><label for="ppt">',$L['Max_replies_per_topics'],'</label></th>
<td class="td_o"><input type="text" id="ppt" name="ppt" size="3" maxlength="3" value="',$_SESSION[QT]['posts_per_topic'],'"/>/',$L['Topic'],'</td>
</tr>
';
echo '<tr title="',$L['H_Posts_delay'],'">
<th class="th_o th_o_first"><label for="delay">',$L['Posts_delay'],'</label></th>
<td class="td_o"><input type="text" id="delay" name="delay" size="2" maxlength="2" value="',$_SESSION[QT]['posts_delay'],'"/> '.strtolower($L['Seconds']).'</td>
</tr>
';
echo '<tr class="tr_t" title="',$L['H_hacking_day'],'">
<th class="th_o th_o_first"><label for="ppd">',$L['Max_post_per_user'],'</label></th>
<td class="td_o"><input type="text" id="ppd" name="ppd" size="3" maxlength="3" value="',$_SESSION[QT]['posts_per_day'],'"/>/'.strtolower($L['Day']).'</td>
</tr>
';
echo '<tr class="tr_t" title="',$L['H_Max_char_per_post'],'">
<th class="th_o th_o_first"><label for="cpp">',$L['Max_char_per_post'],'</label></th>
<td class="td_o"><input type="text" id="cpp" name="cpp" size="2" maxlength="2" value="',($_SESSION[QT]['chars_per_post']/1000),'"/> x 1000</td>
</tr>
';
echo '<tr class="tr_t" title="',$L['H_Max_line_per_post'],'">
<th class="th_o th_o_first"><label for="lpp">',$L['Max_line_per_post'],'</label></th>
<td class="td_o"><input type="text" id="lpp" name="lpp" size="3" maxlength="3" value="',$_SESSION[QT]['lines_per_post'],'"/></td>
</tr>
';
echo '<tr class="tr_t">
<th class="th_o th_o_all" colspan="2">',$L['User_interface'],'</th>
</tr>
';
echo '<tr class="tr_t" title="',$L['H_java_mail'],'">
<th class="th_o th_o_first"><label for="javamail">',$L['Java_mail'],'</label></th>
<td class="td_o"><select id="javamail" name="javamail">
<option value="0"',($_SESSION[QT]['javamail']=='0' ? QSEL : ''),'>',$L['N'],'</option>
<option value="1"',($_SESSION[QT]['javamail']=='1' ? QSEL : ''),'>',$L['Y'],'</option>
</select></td>
</tr>
';
echo '<tr class="tr_t" title="',$L['Allow_bbc'],'">
<th class="th_o th_o_first"><label for="bbc">',$L['Allow_bbc'],'</label></th>
<td class="td_o"><select id="bbc" name="bbc">
<option value="0"',($_SESSION[QT]['bbc']=='0' ? QSEL : ''),'>',$L['N'],'</option>
<option value="1"',($_SESSION[QT]['bbc']=='1' ? QSEL : ''),'>',$L['Y'],'</option>
</select></td>
</tr>
';
echo '<tr class="tr_t" title="',$L['H_Allow_avatar'],'">
<th class="th_o th_o_first"><label for="avatar">',$L['Allow_avatar'],'</label></th>
<td class="td_o"><select id="avatar" name="avatar" onchange="avatardisabled(this.value)">
<option value="0"',($_SESSION[QT]['avatar']=='0' ? QSEL : ''),'>',$L['N'],'</option>
<option value="jpg,jpeg"',($_SESSION[QT]['avatar']=='jpg,jpeg' ? QSEL : ''),'>',$L['Y'],' (',$L['Jpg_only'],')</option>
<option value="gif,jpg,jpeg,png"'.($_SESSION[QT]['avatar']=='gif,jpg,jpeg,png' ? QSEL : '').'>',$L['Y'],' (',$L['Gif_jpg_png'],')</option>
</select> ',$L['Maximum'],' <input type="text" id="avatarwidth" name="avatarwidth" size="3" maxlength="3" value="',$_SESSION[QT]['avatar_width'],'"'.($_SESSION[QT]['avatar']=='0' ? QDIS : '').'/> x <input type="text" id="avatarheight" name="avatarheight" size="3" maxlength="3" value="',$_SESSION[QT]['avatar_height'],'"'.($_SESSION[QT]['avatar']=='0' ? QDIS : '').'/> pixels, <input type="text" id="avatarsize" name="avatarsize" size="3" maxlength="3" value="',$_SESSION[QT]['avatar_size'],'"'.($_SESSION[QT]['avatar']=='0' ? QDIS : '').'/>Kb</td>
</tr>
';
echo '<tr class="tr_t" title="',$L['H_Allow_upload'],'">
<th class="th_o th_o_first"><label for="upload">',$L['Allow_upload'],'</label></th>
<td class="td_o">
<select id="upload" name="upload" onchange="uploaddisabled(this.value)">
<option value="0"',($_SESSION[QT]['upload']=='0' ? QSEL : ''),'>',$L['N'],'</option>
',QTastags($L['Userrole'],$L['Y'].' (%s)',$_SESSION[QT]['upload']),'
</select> ',$L['Maximum'],' <input type="text" id="uploadsize" name="uploadsize" size="4" maxlength="4" value="',$_SESSION[QT]['upload_size'],'"',($_SESSION[QT]['upload']=='0' ? QDIS : ''),'/>Kb</td>
</tr>
';
echo '<tr class="tr_t">
<th class="th_o th_o_first" colspan="2" style="padding:6px; text-align:center"><input type="submit" name="ok" value="',$L['Save'],'"/></th>
</tr>
';
echo '</table>
</form><br/>',N,N;

// HTML END

include('qti_adm_p_footer.php');

?>
Return current item: QuickTicket