59 lines
2.1 KiB
PHP
59 lines
2.1 KiB
PHP
|
<?PHP
|
||
|
@session_start ();
|
||
|
@error_reporting ( E_ALL ^ E_NOTICE );
|
||
|
@ini_set ( 'display_errors', true );
|
||
|
@ini_set ( 'html_errors', false );
|
||
|
@ini_set ( 'error_reporting', E_ALL ^ E_NOTICE );
|
||
|
|
||
|
define ( 'DATALIFEENGINE', true );
|
||
|
define( 'ROOT_DIR', substr( dirname( __FILE__ ), 0, -7 ) );
|
||
|
define( 'SYSTEM_DIR', ROOT_DIR . '/system' );
|
||
|
|
||
|
extract ( $_REQUEST, EXTR_SKIP );
|
||
|
require SYSTEM_DIR . "/data/config.php";
|
||
|
require_once SYSTEM_DIR . '/classes/mysql.php';
|
||
|
require_once SYSTEM_DIR . "/data/dbconfig.php";
|
||
|
require_once SYSTEM_DIR . "/inc/include/functions.inc.php";
|
||
|
|
||
|
check_xss ();
|
||
|
|
||
|
if ($_COOKIE['dle_skin']) {
|
||
|
if (@is_dir ( ROOT_DIR . '/templates/' . $_COOKIE['dle_skin'] )) {
|
||
|
$config['skin'] = $_COOKIE['dle_skin'];
|
||
|
}
|
||
|
}
|
||
|
|
||
|
include_once ROOT_DIR . '/language/' . $config['langs'] . '/adminpanel.lng';
|
||
|
|
||
|
$config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset'];
|
||
|
|
||
|
$user_group = $cache->get( "usergroup" );
|
||
|
if( ! $user_group ) {$user_group = array ();
|
||
|
$db->query( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
|
||
|
while ( $row = $db->get_row() ) {$user_group[$row['id']] = array ();
|
||
|
foreach ( $row as $key => $value ) {$user_group[$row['id']][$key] = stripslashes($value);}
|
||
|
}
|
||
|
$cache->set( "usergroup", $user_group );
|
||
|
$db->free();
|
||
|
}
|
||
|
|
||
|
include_once SYSTEM_DIR . '/modules/sitelogin.php';
|
||
|
|
||
|
if (! $is_logged) {die ( "<br><br><br><br><center>$lang[err_notlogged]</center>" );}
|
||
|
if (! $user_group[$member_id['user_group']]['allow_image_upload'] and $member_id['user_group'] != 1) {die ( "<br><br><br><br><center>$lang[err_noupload]</center>" );}
|
||
|
|
||
|
$_REQUEST['news_id'] = (intval ( $_REQUEST['add_id'] )) ? intval ( $_REQUEST['add_id'] ) : '0';
|
||
|
$_REQUEST['action'] = "quick";
|
||
|
$_REQUEST['author'] = $member_id['name'];
|
||
|
|
||
|
if ( $_REQUEST['news_id'] ) {
|
||
|
$row = $db->super_query( "SELECT id, autor, approve FROM " . PREFIX . "_post WHERE id = '".intval($_REQUEST['news_id'])."'" );
|
||
|
if ( !$row['id'] OR $row['approve'] OR $row['autor'] != $member_id['name'] ) die( "Hacking attempt!" );
|
||
|
}
|
||
|
|
||
|
$action = "quick";
|
||
|
$author = $member_id['name'];
|
||
|
define( 'LOGGED_IN', true );
|
||
|
|
||
|
require_once SYSTEM_DIR . '/inc/files.php';
|
||
|
?>
|