This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | include_once __DIR__ . '/admin_header.php'; |
||
3 | /* |
||
4 | * 处理 |
||
5 | **/ |
||
6 | |||
7 | //头部 |
||
8 | include "martin.header.php"; |
||
9 | $currentFile = basename(__FILE__); |
||
10 | $myModuleAdmin = new ModuleAdmin(); |
||
11 | echo $myModuleAdmin->addNavigation($currentFile); |
||
12 | |||
13 | //parameter 参数 |
||
14 | $action = isset($_POST['action']) ? $_POST['action'] : @$_GET['action']; |
||
15 | $action = empty($action) ? 'list' : $action; |
||
16 | $action = trim(strtolower($action)); |
||
17 | $id = !empty($_POST['id']) ? $_POST['id'] : @$_GET['id']; |
||
18 | $id = (int)($id); |
||
19 | $start = isset($_GET['start']) ? (int)($_GET['start']) : 0; |
||
20 | $city_parentid = isset($_GET['city_parentid']) ? (int)($_GET['city_parentid']) : 0; |
||
21 | //确认删除 |
||
22 | $confirm = (isset($_POST['confirm'])) ? $_POST['confirm'] : 0; |
||
23 | //parameter 参数 |
||
24 | |||
25 | // martin_adminMenu(5, "订房后台 > 城市管理"); |
||
26 | |||
27 | $hotelcity_handler =& xoops_getmodulehandler('hotelcity', MARTIN_DIRNAME, true); |
||
28 | |||
29 | if ($id) { |
||
30 | $HotelCityObj = $hotelcity_handler->get($id); |
||
31 | } else { |
||
32 | $HotelCityObj = $hotelcity_handler->create(); |
||
33 | } |
||
34 | //var_dump($HotelCityObj); |
||
35 | //var_dump($hotelcity_handler); |
||
36 | //var_dump($hotelcity_handler->city_name()); |
||
37 | |||
38 | switch ($action) { |
||
39 | View Code Duplication | case "add": |
|
40 | include MARTIN_ROOT_PATH . 'include/form.hotel.city.php'; |
||
41 | martin_collapsableBar('createtable', 'createtableicon', _AM_MARTIN_ADD_HOTEL_CITY, _AM_MARTIN_ADD_HOTEL_CITY); |
||
42 | //Create_button(array('addcity'=>array('url'=>'mconfirmartin.hotel.city.php?action=add','value'=>_AM_MARTIN_CITY_NAME))); |
||
43 | $form = new form_hotel_city($HotelCityObj); |
||
44 | |||
45 | $form->display(); |
||
46 | martin_close_collapsable('createtable', 'createtableicon'); |
||
0 ignored issues
–
show
Unused Code
introduced
by
![]() |
|||
47 | break; |
||
48 | |||
49 | case "save": |
||
50 | $city_alias = isset($_POST['city_alias']) ? addslashes($_POST['city_alias']) : ''; |
||
51 | $city_parentid = isset($_POST['city_parentid']) ? (int)($_POST['city_parentid']) : 0; |
||
52 | $city_alias = $city_parentid ? '' : $city_alias; |
||
53 | $HotelCityObj->setVar('city_id', $id); |
||
54 | $HotelCityObj->setVar('city_parentid', $city_parentid); |
||
55 | $HotelCityObj->setVar('city_name', (isset($_POST['city_name'])) ? addslashes($_POST['city_name']) : ''); |
||
56 | $HotelCityObj->setVar('city_alias', $city_alias); |
||
57 | $HotelCityObj->setVar('city_level', 0); |
||
58 | |||
59 | if (!$id) { |
||
60 | $HotelCityObj->setNew(); |
||
61 | } |
||
62 | |||
63 | if ($HotelCityObj->isNew()) { |
||
64 | $redirect_msg = _AM_MARTIN_ADDED_SUCCESSFULLY; |
||
65 | $redirect_to = 'martin.hotel.city.php'; |
||
66 | } else { |
||
67 | $redirect_msg = _AM_MARTIN_MODIFIED_SUCCESSFULLY; |
||
68 | $redirect_to = 'martin.hotel.city.php'; |
||
69 | } |
||
70 | if (!$hotelcity_handler->insert($HotelCityObj)) { |
||
71 | redirect_header('javascript:history.go(-1);', 2, _AM_MARTIN_OPERATION_FAILED); |
||
72 | exit(); |
||
73 | } |
||
74 | redirect_header($redirect_to, 2, $redirect_msg); |
||
75 | break; |
||
76 | View Code Duplication | case "del": |
|
77 | if (!$confirm) { |
||
78 | xoops_confirm(array('op' => 'del', 'id' => $HotelCityObj->city_id(), 'confirm' => 1, 'name' => $HotelCityObj->city_name()), '?action=del', _DELETE . " '" . $HotelCityObj->city_name() . "'. <br /> <br />"._AM_MARTIN_OK_TO_DELETE_THE_DISTRICTS, _DELETE); |
||
79 | } else { |
||
80 | if ($hotelcity_handler->delete($HotelCityObj)) { |
||
81 | $redirect_msg = _AM_MARTIN_OK_TO_DELETE_THE_ORDER; |
||
82 | $redirect_to = "martin.hotel.city.php"; |
||
83 | } else { |
||
84 | $redirect_msg = _AM_MARTIN_DELETE_FAILED; |
||
85 | $redirect_to = "javascript:history.go(-1);"; |
||
86 | } |
||
87 | redirect_header($redirect_to, 2, $redirect_msg); |
||
88 | } |
||
89 | break; |
||
90 | case "list": |
||
91 | martin_collapsableBar('createtable', 'createtableicon', _AM_MARTIN_ADD_CITY, _AM_MARTIN_ADD_CITY); |
||
92 | Create_button(array('addcity' => array('url' => 'martin.hotel.city.php?action=add', 'value' => _AM_MARTIN_CITY_NAME))); |
||
93 | |||
94 | $HoteCityObjs = $hotelcity_handler->getHotelCitys($xoopsModuleConfig['perpage'], $start, 0); |
||
95 | |||
96 | // Creating the objects for top categories |
||
97 | echo "<br />\n<table width='100%' cellspacing=1 cellpadding=2 border=0 class = outer>"; |
||
98 | echo "<tr>"; |
||
99 | echo "<td class='bg3' align='left'><b>" . _AM_MARTIN_CITY_NAME . "</b></td>"; |
||
100 | echo "<td width='60' class='bg3' align='center'><b>" . _AM_MARTIN_ACTIONS . "</b></td>"; |
||
101 | echo "</tr>"; |
||
102 | $CityCout = $hotelcity_handler->getCount(); |
||
103 | if (count($HoteCityObjs) > 0) { |
||
104 | foreach ($HoteCityObjs as $key => $thiscat) { |
||
105 | display($thiscat); |
||
106 | } |
||
107 | } else { |
||
108 | echo "<tr>"; |
||
109 | echo "<td class='head' align='center' colspan= '7'>" . MARTIN_IS_NUll . "</td>"; |
||
110 | echo "</tr>"; |
||
111 | $categoryid = '0'; |
||
112 | } |
||
113 | echo "</table>\n"; |
||
114 | include_once XOOPS_ROOT_PATH . '/class/pagenav.php'; |
||
115 | $pagenav = new XoopsPageNav($CityCout, $xoopsModuleConfig['perpage'], 0, 'start'); |
||
116 | echo '<div style="text-align:right;">' . $pagenav->renderNav() . '</div>'; |
||
117 | echo "<br />"; |
||
118 | martin_close_collapsable('createtable', 'createtableicon'); |
||
0 ignored issues
–
show
|
|||
119 | echo "<br>"; |
||
120 | |||
121 | break; |
||
122 | default: |
||
123 | redirect_header(XOOPS_URL, 2, _AM_MARTIN_UNAUTHORIZED_ACCESS); |
||
124 | break; |
||
125 | } |
||
126 | |||
127 | /** |
||
128 | * @param $HotelCityObj |
||
129 | * @param int $level |
||
130 | */ |
||
131 | function display($HotelCityObj, $level = 0) |
||
132 | { |
||
133 | global $xoopsModule, $hotelcity_handler; |
||
134 | $modify = "<a href='?action=add&id=" . $HotelCityObj->city_id() . "&city_parentid=" . $HotelCityObj->city_parentid() . "'><img src='" . XOOPS_URL . "/modules/" . $xoopsModule->dirname() . "/images/icon/edit.gif'/></a>"; |
||
135 | $delete = "<a href='?action=del&id=" . $HotelCityObj->city_id() . "&city_parentid=" . $HotelCityObj->city_parentid() . "'><img src='" . XOOPS_URL . "/modules/" . $xoopsModule->dirname() . "/images/icon/delete.gif'/></a>"; |
||
136 | |||
137 | $spaces = ''; |
||
138 | for ($j = 0; $j < $level; $j++) { |
||
139 | $spaces .= ' '; |
||
140 | } |
||
141 | echo "<tr>"; |
||
142 | echo "<td class='even' align='lefet'>" . $spaces . "<a href='" . XOOPS_URL . '/hotel/' . $HotelCityObj->city_alias() . "'><img src='" . XOOPS_URL . "/modules/martin/images/icon/subcat.gif' alt='' /> " . $HotelCityObj->city_name() . "</a></td>"; |
||
143 | echo "<td class='even' align='center'> $modify $delete </td>"; |
||
144 | echo "</tr>"; |
||
145 | $subObj = $hotelcity_handler->getHotelCitys(0, 0, $HotelCityObj->city_id()); |
||
146 | if (count($subObj) > 0) { |
||
147 | $level++; |
||
148 | foreach ($subObj as $key => $thiscat) { |
||
149 | display($thiscat, $level); |
||
150 | } |
||
151 | } |
||
152 | unset($HotelCityObj); |
||
153 | } |
||
154 | |||
155 | //底部 |
||
156 | include_once __DIR__ . '/admin_footer.php'; |
||
157 |