| [ Index ] |
|
Code source de CMS made simple 1.0.5 |
1 <?php 2 #CMS - CMS Made Simple 3 #(c)2004 by Ted Kulp (wishy@users.sf.net) 4 #This project's homepage is: http://cmsmadesimple.sf.net 5 # 6 #This program is free software; you can redistribute it and/or modify 7 #it under the terms of the GNU General Public License as published by 8 #the Free Software Foundation; either version 2 of the License, or 9 #(at your option) any later version. 10 # 11 #This program is distributed in the hope that it will be useful, 12 #but WITHOUT ANY WARRANTY; without even the implied warranty of 13 #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 #GNU General Public License for more details. 15 #You should have received a copy of the GNU General Public License 16 #along with this program; if not, write to the Free Software 17 #Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 18 # 19 #$Id: edituserplugin.php 3784 2007-02-09 23:20:35Z elijahlofgren $ 20 21 $CMS_ADMIN_PAGE=1; 22 23 require_once ("../include.php"); 24 25 check_login(); 26 global $gCms; 27 $db =& $gCms->GetDb(); 28 29 $error = array(); 30 31 $userplugin_id = ""; 32 if (isset($_POST["userplugin_id"])) $userplugin_id = $_POST["userplugin_id"]; 33 else if (isset($_GET["userplugin_id"])) $userplugin_id = $_GET["userplugin_id"]; 34 35 $plugin_name= ""; 36 if (isset($_POST["plugin_name"])) $plugin_name = $_POST["plugin_name"]; 37 38 $orig_plugin_name = ""; 39 if (isset($_POST["origpluginname"])) $orig_plugin_name = $_POST["origpluginname"]; 40 41 $code= ""; 42 if (isset($_POST["code"])) $code = $_POST["code"]; 43 44 if (isset($_POST["cancel"])) { 45 redirect("listusertags.php"); 46 return; 47 } 48 49 $userid = get_userid(); 50 $access = check_permission($userid, 'Modify User-defined Tags'); 51 52 $use_javasyntax = false; 53 if (get_preference($userid, 'use_javasyntax') == "1") $use_javasyntax = true; 54 55 $smarty = new Smarty_CMS($gCms->config); 56 load_plugins($smarty); 57 58 if ($access) { 59 if (isset($_POST["editplugin"])) { 60 61 $CMS_EXCLUDE_FROM_RECENT = 1; 62 $validinfo = true; 63 if ($plugin_name == "") { 64 $error[] = lang('nofieldgiven', array(lang('editusertag'))); 65 $validinfo = false; 66 } 67 else 68 { 69 if ($plugin_name != $orig_plugin_name && in_array($plugin_name, $gCms->cmsplugins)) 70 { 71 $error[] = lang('usertagexists'); 72 $validinfo = false; 73 } 74 } 75 // Make sure no spaces are put into plugin name. 76 $without_spaces = str_replace(' ', '', $plugin_name); 77 if ($plugin_name != $without_spaces) 78 { 79 $error[] = lang('error_udt_name_whitespace'); 80 $validinfo = false; 81 } 82 if ($code == "") { 83 $error[] = lang('nofieldgiven', array(lang('code'))); 84 $validinfo = false; 85 } 86 else if (strrpos($code, '{') !== FALSE) 87 { 88 $lastopenbrace = strrpos($code, '{'); 89 $lastclosebrace = strrpos($code, '}'); 90 if ($lastopenbrace > $lastclosebrace) 91 { 92 $error[] = lang('invalidcode'); 93 $error[] = lang('invalidcode_brace_missing'); 94 $validinfo = false; 95 } 96 } 97 98 if ($validinfo) 99 { 100 srand(); 101 ob_start(); 102 if (eval('function testfunction'.rand().'() {'.$code.'}') === FALSE) 103 { 104 $error[] = lang('invalidcode'); 105 //catch the error 106 //eval('function testfunction'.rand().'() {'.$code.'}'); 107 $buffer = ob_get_clean(); 108 //add error 109 $error[] = preg_replace('/<br \/>/', '', $buffer ); 110 $validinfo = false; 111 } 112 else 113 { 114 ob_get_clean(); 115 } 116 } 117 118 if ($validinfo) { 119 Events::SendEvent('Core', 'EditUserDefinedTagPre', array('id' => $userplugin_id, 'name' => &$plugin_name, 'code' => &$code)); 120 $query = "UPDATE ".cms_db_prefix()."userplugins SET userplugin_name = ".$db->qstr($plugin_name).", code = ".$db->qstr($code).", modified_date = ".$db->DBTimeStamp(time())." WHERE userplugin_id = ".$userplugin_id; 121 $result = $db->Execute($query); 122 if ($result) { 123 Events::SendEvent('Core', 'EditUserDefinedTagPost', array('id' => $userplugin_id, 'name' => &$plugin_name, 'code' => &$code)); 124 audit($userplugin_id, $plugin_name, 'Edited User Defined Tag'); 125 redirect("listusertags.php?message=usertagupdated"); 126 return; 127 } 128 else { 129 $error[] = lang('errorupdatingusertag'); 130 } 131 } 132 } 133 else if ($userplugin_id != -1) { 134 135 $query = "SELECT * from ".cms_db_prefix()."userplugins WHERE userplugin_id = ?"; 136 $result = $db->Execute($query,array($userplugin_id)); 137 138 $row = $result->FetchRow(); 139 140 $plugin_name = $row["userplugin_name"]; 141 $orig_plugin_name = $plugin_name; 142 $code = $row['code']; 143 } 144 } 145 if (strlen($plugin_name)>0) 146 { 147 $CMS_ADMIN_SUBTITLE = $plugin_name; 148 } 149 include_once ("header.php"); 150 151 if (!$access) { 152 echo '<div class=\"pageerrorcontainer\"><p class="pageerror">'.lang('noaccessto', array(lang('addusertag'))).'</p></div>'; 153 } 154 else { 155 if (FALSE == empty($error)) { 156 echo $themeObject->ShowErrors($error); 157 } 158 159 ?> 160 161 <div class="pagecontainer"> 162 <?php echo $themeObject->ShowHeader('editusertag'); ?> 163 <form enctype="multipart/form-data" action="edituserplugin.php" method="post"> 164 <div class="pageoverflow"> 165 <p class="pagetext">*<?php echo lang('name')?>:</p> 166 <p class="pageinput"><input type="text" name="plugin_name" maxlength="255" value="<?php echo $plugin_name?>" /></p> 167 </div> 168 <div class="pageoverflow"> 169 <p class="pagetext">*<?php echo lang('code')?></p> 170 <p class="pageinput"><?php echo textarea_highlight($use_javasyntax, $code, "code", "pagetextarea", "Java") ?></p> 171 </div> 172 <div class="pageoverflow"> 173 <p class="pagetext"> </p> 174 <p class="pageinput"> 175 <input type="hidden" name="userplugin_id" value="<?php echo $userplugin_id?>" /> 176 <input type="hidden" name="origpluginname" value="<?php echo $orig_plugin_name?>" /> 177 <input type="hidden" name="editplugin" value="true" /> 178 <input type="submit" value="<?php echo lang('submit')?>" class="pagebutton" onmouseover="this.className='pagebuttonhover'" onmouseout="this.className='pagebutton'" /> 179 <input type="submit" name="cancel" value="<?php echo lang('cancel')?>" class="pagebutton" onmouseover="this.className='pagebuttonhover'" onmouseout="this.className='pagebutton'" /> 180 </p> 181 </div> 182 </form> 183 </div> 184 <?php 185 } 186 echo '<p class="pageback"><a class="pageback" href="'.$themeObject->BackUrl().'">« '.lang('back').'</a></p>'; 187 include_once ("footer.php"); 188 189 # vim:ts=4 sw=4 noet 190 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Tue Apr 3 18:50:37 2007 | par Balluche grâce à PHPXref 0.7 |