| [ Index ] |
|
Code source de GeekLog 1.4.1 |
1 <?php 2 3 /* Reminder: always indent with 4 spaces (no tabs). */ 4 // +---------------------------------------------------------------------------+ 5 // | Static Pages Geeklog Plugin 1.4.3 | 6 // +---------------------------------------------------------------------------+ 7 // | index.php | 8 // | | 9 // | Administration page. | 10 // +---------------------------------------------------------------------------+ 11 // | Copyright (C) 2000-2006 by the following authors: | 12 // | | 13 // | Authors: Tony Bibbs - tony AT tonybibbs DOT com | 14 // | Phill Gillespie - phill AT mediaaustralia DOT com DOT au | 15 // | Tom Willett - twillett AT users DOT sourceforge DOT net | 16 // | Dirk Haun - dirk AT haun-online DOT de | 17 // +---------------------------------------------------------------------------+ 18 // | | 19 // | This program is free software; you can redistribute it and/or | 20 // | modify it under the terms of the GNU General Public License | 21 // | as published by the Free Software Foundation; either version 2 | 22 // | of the License, or (at your option) any later version. | 23 // | | 24 // | This program is distributed in the hope that it will be useful, | 25 // | but WITHOUT ANY WARRANTY; without even the implied warranty of | 26 // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 27 // | GNU General Public License for more details. | 28 // | | 29 // | You should have received a copy of the GNU General Public License | 30 // | along with this program; if not, write to the Free Software Foundation, | 31 // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | 32 // | | 33 // +---------------------------------------------------------------------------+ 34 // 35 // $Id: index.php,v 1.80 2006/12/09 12:57:03 dhaun Exp $ 36 37 require_once ('../../../lib-common.php'); 38 require_once ('../../auth.inc.php'); 39 40 if (!SEC_hasRights ('staticpages.edit')) { 41 $display = COM_siteHeader ('menu', $LANG_STATIC['access_denied']); 42 $display .= COM_startBlock ($LANG_STATIC['access_denied'], '', 43 COM_getBlockTemplate ('_msg_block', 'header')); 44 $display .= $LANG_STATIC['access_denied_msg']; 45 $display .= COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer')); 46 $display .= COM_siteFooter (); 47 COM_accessLog ("User {$_USER['username']} tried to illegally access the static pages administration screen."); 48 echo $display; 49 exit; 50 } 51 52 53 /** 54 * Displays the static page form 55 * 56 * @param array $A Data to display 57 * @param string $error Error message to display 58 * 59 */ 60 function form ($A, $error = false) 61 { 62 global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $mode, $sp_id, 63 $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG24, 64 $LANG_postmodes, $MESSAGE; 65 66 if (!empty($sp_id) && $mode=='edit') { 67 $access = SEC_hasAccess($A['owner_id'],$A['group_id'],$A['perm_owner'],$A['perm_group'],$A['perm_members'],$A['perm_anon']); 68 } else { 69 if ($mode != 'clone') { 70 $A['sp_inblock'] = $_SP_CONF['in_block']; 71 } 72 $A['owner_id'] = $_USER['uid']; 73 if (isset ($_GROUPS['Static Page Admin'])) { 74 $A['group_id'] = $_GROUPS['Static Page Admin']; 75 } else { 76 $A['group_id'] = SEC_getFeatureGroup ('staticpages.edit'); 77 } 78 SEC_setDefaultPermissions ($A, $_SP_CONF['default_permissions']); 79 $access = 3; 80 if (isset ($_CONF['advanced_editor']) && 81 ($_CONF['advanced_editor'] == 1) && 82 file_exists ($template_path . '/editor_advanced.thtml')) 83 { 84 $A['advanced_editor_mode'] = 1; 85 } 86 } 87 $retval = ''; 88 89 if (empty ($A['owner_id'])) { 90 $error = COM_startBlock ($LANG_ACCESS['accessdenied'], '', 91 COM_getBlockTemplate ('_msg_block', 'header')); 92 $error .= $LANG_STATIC['deny_msg']; 93 $error .= COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer')); 94 } 95 96 if ($error) { 97 $retval .= $error . '<br><br>'; 98 } else { 99 $template_path = staticpages_templatePath ('admin'); 100 $sp_template = new Template ($template_path); 101 if (isset ($_CONF['advanced_editor']) && 102 ($_CONF['advanced_editor'] == 1) && 103 file_exists ($template_path . '/editor_advanced.thtml')) 104 { 105 $sp_template->set_file ('form', 'editor_advanced.thtml'); 106 $sp_template->set_var ('lang_expandhelp', $LANG24[67]); 107 $sp_template->set_var ('lang_reducehelp', $LANG24[68]); 108 $sp_template->set_var ('lang_toolbar', $LANG24[70]); 109 $sp_template->set_var ('toolbar1', $LANG24[71]); 110 $sp_template->set_var ('toolbar2', $LANG24[72]); 111 $sp_template->set_var ('toolbar3', $LANG24[73]); 112 $sp_template->set_var ('toolbar4', $LANG24[74]); 113 $sp_template->set_var ('toolbar5', $LANG24[75]); 114 $sp_template->set_var('lang_nojavascript',$LANG24[77]); 115 $sp_template->set_var('lang_postmode', $LANG24[4]); 116 if ($A['postmode'] == 'adveditor') { 117 $sp_template->set_var('show_adveditor',''); 118 $sp_template->set_var('show_htmleditor','none'); 119 } else { 120 $sp_template->set_var('show_adveditor','none'); 121 $sp_template->set_var('show_htmleditor',''); 122 } 123 $post_options .= '<option value="html" selected="selected">'.$LANG_postmodes['html'].'</option>'; 124 if ($A['postmode'] == 'adveditor') { 125 $post_options .= '<option value="adveditor" selected="selected">'.$LANG24[86].'</option>'; 126 } else { 127 $post_options .= '<option value="adveditor">'.$LANG24[86].'</option>'; 128 } 129 $sp_template->set_var('post_options',$post_options ); 130 $sp_template->set_var ('change_editormode', 'onChange="change_editmode(this);"'); 131 } else { 132 $sp_template->set_file ('form', 'editor.thtml'); 133 } 134 $sp_template->set_var('layout_url', $_CONF['layout_url']); 135 136 $sp_template->set_var('lang_accessrights', $LANG_ACCESS['accessrights']); 137 $sp_template->set_var('lang_owner', $LANG_ACCESS['owner']); 138 $ownername = COM_getDisplayName ($A['owner_id']); 139 $sp_template->set_var('owner_username', DB_getItem($_TABLES['users'], 140 'username',"uid = {$A['owner_id']}")); 141 $sp_template->set_var('owner_name', $ownername); 142 $sp_template->set_var('owner', $ownername); 143 $sp_template->set_var('owner_id', $A['owner_id']); 144 $sp_template->set_var('lang_group', $LANG_ACCESS['group']); 145 $sp_template->set_var('group_dropdown', 146 SEC_getGroupDropdown ($A['group_id'], $access)); 147 $sp_template->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'],$A['perm_group'],$A['perm_members'],$A['perm_anon'])); 148 $sp_template->set_var('lang_permissions', $LANG_ACCESS['permissions']); 149 $sp_template->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']); 150 $sp_template->set_var('permissions_msg', $LANG_ACCESS['permmsg']); 151 $sp_template->set_var('site_url', $_CONF['site_url']); 152 $sp_template->set_var('site_admin_url', $_CONF['site_admin_url']); 153 $sp_template->set_var('start_block_editor', 154 COM_startBlock($LANG_STATIC['staticpageeditor']), '', 155 COM_getBlockTemplate ('_admin_block', 'header')); 156 $sp_template->set_var('lang_save', $LANG_ADMIN['save']); 157 $sp_template->set_var('lang_cancel', $LANG_ADMIN['cancel']); 158 $sp_template->set_var('lang_preview', $LANG_ADMIN['preview']); 159 if (SEC_hasRights ('staticpages.delete') && ($mode != 'clone') && 160 !empty ($A['sp_old_id'])) { 161 $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] 162 . '" name="mode"%s>'; 163 $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; 164 $sp_template->set_var ('delete_option', 165 sprintf ($delbutton, $jsconfirm)); 166 $sp_template->set_var ('delete_option_no_confirmation', 167 sprintf ($delbutton, '')); 168 } else { 169 $sp_template->set_var('delete_option',''); 170 } 171 $sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']); 172 $sp_template->set_var('username', DB_getItem($_TABLES['users'], 173 'username', "uid = {$A['sp_uid']}")); 174 $authorname = COM_getDisplayName ($A['sp_uid']); 175 $sp_template->set_var ('name', $authorname); 176 $sp_template->set_var ('author', $authorname); 177 $sp_template->set_var ('lang_url', $LANG_STATIC['url']); 178 $sp_template->set_var ('lang_id', $LANG_STATIC['id']); 179 $sp_template->set_var('sp_uid', $A['sp_uid']); 180 $sp_template->set_var('sp_id', $A['sp_id']); 181 $sp_template->set_var('sp_old_id', $A['sp_old_id']); 182 $sp_template->set_var ('example_url', COM_buildURL ($_CONF['site_url'] 183 . '/staticpages/index.php?page=' . $A['sp_id'])); 184 185 $sp_template->set_var ('lang_centerblock', $LANG_STATIC['centerblock']); 186 $sp_template->set_var ('lang_centerblock_help', $LANG_ADMIN['help_url']); 187 $sp_template->set_var ('lang_centerblock_include', $LANG21[51]); 188 $sp_template->set_var ('lang_centerblock_desc', $LANG21[52]); 189 $sp_template->set_var ('centerblock_help', $A['sp_help']); 190 $sp_template->set_var ('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']); 191 if (isset ($A['sp_centerblock']) && ($A['sp_centerblock'] == 1)) { 192 $sp_template->set_var('centerblock_checked', 'checked="checked"'); 193 } else { 194 $sp_template->set_var('centerblock_checked', ''); 195 } 196 $sp_template->set_var ('lang_topic', $LANG_STATIC['topic']); 197 $sp_template->set_var ('lang_position', $LANG_STATIC['position']); 198 $current_topic = ''; 199 if (isset ($A['sp_tid'])) { 200 $current_topic = $A['sp_tid']; 201 } 202 if (empty ($current_topic)) { 203 $current_topic = 'none'; 204 } 205 $topics = COM_topicList ('tid,topic', $current_topic); 206 $alltopics = '<option value="all"'; 207 if ($current_topic == 'all') { 208 $alltopics .= ' selected="selected"'; 209 } 210 $alltopics .= '>' . $LANG_STATIC['all_topics'] . '</option>' . LB; 211 $notopic = '<option value="none"'; 212 if ($current_topic == 'none') { 213 $notopic .= ' selected="selected"'; 214 } 215 $notopic .= '>' . $LANG_STATIC['no_topic'] . '</option>' . LB; 216 $sp_template->set_var ('topic_selection', '<select name="sp_tid">' 217 . $alltopics . $notopic . $topics . '</select>'); 218 $position = '<select name="sp_where">'; 219 $position .= '<option value="1"'; 220 if ($A['sp_where'] == 1) { 221 $position .= ' selected="selected"'; 222 } 223 $position .= '>' . $LANG_STATIC['position_top'] . '</option>'; 224 $position .= '<option value="2"'; 225 if ($A['sp_where'] == 2) { 226 $position .= ' selected="selected"'; 227 } 228 $position .= '>' . $LANG_STATIC['position_feat'] . '</option>'; 229 $position .= '<option value="3"'; 230 if ($A['sp_where'] == 3) { 231 $position .= ' selected="selected"'; 232 } 233 $position .= '>' . $LANG_STATIC['position_bottom'] . '</option>'; 234 $position .= '<option value="0"'; 235 if ($A['sp_where'] == 0) { 236 $position .= ' selected="selected"'; 237 } 238 $position .= '>' . $LANG_STATIC['position_entire'] . '</option>'; 239 $position .= '</select>'; 240 $sp_template->set_var ('pos_selection', $position); 241 242 if (($_SP_CONF['allow_php'] == 1) && SEC_hasRights ('staticpages.PHP')) { 243 if (!isset ($A['sp_php'])) { 244 $A['sp_php'] = 0; 245 } 246 $selection = '<select name="sp_php">' . LB; 247 $selection .= '<option value="0"'; 248 if (($A['sp_php'] <= 0) || ($A['sp_php'] > 2)) { 249 $selection .= ' selected="selected"'; 250 } 251 $selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB; 252 $selection .= '<option value="1"'; 253 if ($A['sp_php'] == 1) { 254 $selection .= ' selected="selected"'; 255 } 256 $selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB; 257 $selection .= '<option value="2"'; 258 if ($A['sp_php'] == 2) { 259 $selection .= ' selected="selected"'; 260 } 261 $selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB; 262 $selection .= '</select>'; 263 $sp_template->set_var ('php_selector', $selection); 264 $sp_template->set_var ('php_warn', $LANG_STATIC['php_warn']); 265 } else { 266 $sp_template->set_var ('php_selector', ''); 267 $sp_template->set_var ('php_warn', $LANG_STATIC['php_not_activated']); 268 } 269 $sp_template->set_var ('php_msg', $LANG_STATIC['php_msg']); 270 271 // old variables (for the 1.3-type checkbox) 272 $sp_template->set_var ('php_checked', ''); 273 $sp_template->set_var ('php_type', 'hidden'); 274 275 if (isset ($A['sp_nf']) && ($A['sp_nf'] == 1)) { 276 $sp_template->set_var('exit_checked','checked="checked"'); 277 } else { 278 $sp_template->set_var('exit_checked',''); 279 } 280 $sp_template->set_var('exit_msg',$LANG_STATIC['exit_msg']); 281 $sp_template->set_var('exit_info',$LANG_STATIC['exit_info']); 282 283 if ($A['sp_inblock'] == 1) { 284 $sp_template->set_var ('inblock_checked', 'checked="checked"'); 285 } else { 286 $sp_template->set_var ('inblock_checked', ''); 287 } 288 $sp_template->set_var ('inblock_msg', $LANG_STATIC['inblock_msg']); 289 $sp_template->set_var ('inblock_info', $LANG_STATIC['inblock_info']); 290 291 $curtime = COM_getUserDateTimeFormat ($A['unixdate']); 292 $sp_template->set_var ('lang_lastupdated', $LANG_STATIC['date']); 293 $sp_template->set_var ('sp_formateddate', $curtime[0]); 294 $sp_template->set_var ('sp_date', $curtime[1]); 295 296 $sp_template->set_var('lang_title', $LANG_STATIC['title']); 297 $title = ''; 298 if (isset ($A['sp_title'])) { 299 $title = htmlspecialchars (stripslashes ($A['sp_title'])); 300 } 301 $sp_template->set_var('sp_title', $title); 302 $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']); 303 if (isset ($A['sp_onmenu']) && ($A['sp_onmenu'] == 1)) { 304 $sp_template->set_var('onmenu_checked', 'checked="checked"'); 305 } else { 306 $sp_template->set_var('onmenu_checked', ''); 307 } 308 $sp_template->set_var('lang_label', $LANG_STATIC['label']); 309 if (isset ($A['sp_label'])) { 310 $sp_template->set_var('sp_label', $A['sp_label']); 311 } else { 312 $sp_template->set_var('sp_label', ''); 313 } 314 $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']); 315 $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']); 316 $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']); 317 $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']); 318 $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']); 319 if (!isset ($A['sp_format'])) { 320 $A['sp_format'] = ''; 321 } 322 if ($A['sp_format'] == 'noblocks') { 323 $sp_template->set_var('noblock_selected', 'selected="selected"'); 324 } else { 325 $sp_template->set_var('noblock_selected', ''); 326 } 327 if ($A['sp_format'] == 'leftblocks') { 328 $sp_template->set_var('leftblocks_selected', 'selected="selected"'); 329 } else { 330 $sp_template->set_var('leftblocks_selected', ''); 331 } 332 if ($A['sp_format'] == 'blankpage') { 333 $sp_template->set_var('blankpage_selected', 'selected="selected"'); 334 } else { 335 $sp_template->set_var('blankpage_selected', ''); 336 } 337 if (($A['sp_format'] == 'allblocks') OR empty ($A['sp_format'])) { 338 $sp_template->set_var('allblocks_selected', 'selected="selected"'); 339 } else { 340 $sp_template->set_var('allblocks_selected', ''); 341 } 342 343 $sp_template->set_var('lang_content', $LANG_STATIC['content']); 344 $content = ''; 345 if (isset ($A['sp_content'])) { 346 $content = htmlspecialchars (stripslashes ($A['sp_content'])); 347 } 348 $sp_template->set_var('sp_content', $content); 349 if ($_SP_CONF['filter_html'] == 1) { 350 $sp_template->set_var('lang_allowedhtml', COM_allowedHTML()); 351 } else { 352 $sp_template->set_var('lang_allowedhtml', $LANG_STATIC['all_html_allowed']); 353 } 354 $sp_template->set_var ('lang_hits', $LANG_STATIC['hits']); 355 if (empty ($A['sp_hits'])) { 356 $sp_template->set_var ('sp_hits', '0'); 357 $sp_template->set_var ('sp_hits_formatted', '0'); 358 } else { 359 $sp_template->set_var ('sp_hits', $A['sp_hits']); 360 $sp_template->set_var ('sp_hits_formatted', 361 COM_numberFormat ($A['sp_hits'])); 362 } 363 $sp_template->set_var('end_block', 364 COM_endBlock (COM_getBlockTemplate ('_admin_block', 'footer'))); 365 $retval .= $sp_template->parse('output','form'); 366 } 367 368 return $retval; 369 } 370 371 function liststaticpages() 372 { 373 global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG_ADMIN, $LANG_STATIC; 374 require_once( $_CONF['path_system'] . 'lib-admin.php' ); 375 $retval = ''; 376 377 $header_arr = array( # dislay 'text' and use table field 'field' 378 array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false), 379 array('text' => $LANG_ADMIN['copy'], 'field' => 'copy', 'sort' => false), 380 array('text' => $LANG_STATIC['id'], 'field' => 'sp_id', 'sort' => true), 381 array('text' => $LANG_ADMIN['title'], 'field' => 'sp_title', 'sort' => true), 382 array('text' => $LANG_STATIC['writtenby'], 'field' => 'sp_uid', 'sort' => false), 383 array('text' => $LANG_STATIC['head_centerblock'], 'field' => 'sp_centerblock', 'sort' => true), 384 array('text' => $LANG_STATIC['date'], 'field' => 'unixdate', 'sort' => true) 385 ); 386 $defsort_arr = array('field' => 'sp_title', 'direction' => 'asc'); 387 388 $menu_arr = array ( 389 array('url' => $_CONF['site_admin_url'] . '/plugins/staticpages/index.php?mode=edit', 390 'text' => $LANG_ADMIN['create_new']), 391 array('url' => $_CONF['site_admin_url'], 392 'text' => $LANG_ADMIN['admin_home']) 393 ); 394 395 $text_arr = array('has_menu' => true, 396 'has_extras' => true, 397 'title' => $LANG_STATIC['staticpagelist'], 398 'instructions' => $LANG_STATIC['instructions'], 399 'icon' => $_CONF['site_url'] . '/staticpages/images/staticpages.png', 400 'form_url' => $_CONF['site_admin_url'] . "/plugins/staticpages/index.php"); 401 402 $query_arr = array('table' => 'staticpage', 403 'sql' => "SELECT *,UNIX_TIMESTAMP(sp_date) AS unixdate " 404 ."FROM {$_TABLES['staticpage']} WHERE 1=1 ", 405 'query_fields' => array('sp_title', 'sp_id'), 406 'default_filter' => COM_getPermSQL ('AND', 0, 3)); 407 408 $retval = ADMIN_list ("static_pages", "plugin_getListField_staticpages", $header_arr, $text_arr, 409 $query_arr, $menu_arr, $defsort_arr); 410 return $retval; 411 412 } 413 414 /** 415 * Displays the Static Page Editor 416 * 417 * @sp_id string ID of static page to edit 418 * @mode string Mode 419 * 420 */ 421 function staticpageeditor ($sp_id, $mode = '', $editor = '') 422 { 423 global $_CONF, $_TABLES, $_USER; 424 425 if (!empty ($sp_id) && $mode == 'edit') { 426 $result = DB_query ("SELECT *,UNIX_TIMESTAMP(sp_date) AS unixdate FROM {$_TABLES['staticpage']} WHERE sp_id = '$sp_id'" . COM_getPermSQL ('AND', 0, 3)); 427 $A = DB_fetchArray ($result); 428 $A['sp_old_id'] = $A['sp_id']; 429 } elseif ($mode == 'edit') { 430 $A['sp_id'] = COM_makesid (); 431 $A['sp_uid'] = $_USER['uid']; 432 $A['unixdate'] = time (); 433 $A['sp_help'] = ''; 434 $A['sp_old_id'] = ''; 435 $A['sp_where'] = 1; // default new pages to "top of page" 436 } elseif (!empty ($sp_id) && $mode == 'clone') { 437 $result = DB_query ("SELECT *,UNIX_TIMESTAMP(sp_date) AS unixdate FROM {$_TABLES['staticpage']} WHERE sp_id = '$sp_id'" . COM_getPermSQL ('AND', 0, 3)); 438 $A = DB_fetchArray ($result); 439 $A['sp_id'] = COM_makesid (); 440 $A['sp_uid'] = $_USER['uid']; 441 $A['unixdate'] = time (); 442 $A['sp_hits'] = 0; 443 $A['sp_old_id'] = ''; 444 } else { 445 $A = $_POST; 446 if (empty ($A['unixdate'])) { 447 $A['unixdate'] = time (); 448 } 449 $A['sp_content'] = COM_checkHTML (COM_checkWords ($A['sp_content'])); 450 } 451 if (isset ($A['sp_title'])) { 452 $A['sp_title'] = strip_tags ($A['sp_title']); 453 } 454 $A['editor'] = $editor; 455 456 return form ($A); 457 } 458 459 /** 460 * Saves a Static Page to the database 461 * 462 * @param sp_id string ID of static page 463 * @param sp_uid string ID of user that created page 464 * @param sp_title string title of page 465 * @param sp_content string page content 466 * @param sp_hits int Number of page views 467 * @param sp_format string HTML or plain text 468 * @param sp_onmenu string Flag to place entry on menu 469 * @param sp_label string Menu Entry 470 * @param owner_id int Permission bits 471 * @param group_id int 472 * @param perm_owner int 473 * @param perm_members int 474 * @param perm_anon int 475 * @param sp_php int Flag to indicate PHP usage 476 * @param sp_nf string Flag to indicate type of not found message 477 * @param sp_old_id string original ID of this static page 478 * @param sp_centerblock string Flag to indicate display as a center block 479 * @param sp_help string Help URL that displays in the block 480 * @param sp_tid string topid id (for center block) 481 * @param sp_where int position of center block 482 * @param sp_inblock string Flag: wrap page in a block (or not) 483 * 484 */ 485 function submitstaticpage ($sp_id, $sp_uid, $sp_title, $sp_content, $sp_hits, 486 $sp_format, $sp_onmenu, $sp_label, $owner_id, 487 $group_id, $perm_owner, $perm_group, $perm_members, 488 $perm_anon, $sp_php, $sp_nf, $sp_old_id, 489 $sp_centerblock, $sp_help, $sp_tid, $sp_where, 490 $sp_inblock, $postmode) 491 { 492 global $_CONF, $_TABLES, $LANG12, $LANG_STATIC, $_SP_CONF; 493 494 $retval = ''; 495 496 $sp_id = COM_sanitizeID ($sp_id); 497 498 // Check for unique page ID 499 $duplicate_id = false; 500 $delete_old_page = false; 501 if (DB_count ($_TABLES['staticpage'], 'sp_id', $sp_id) > 0) { 502 if ($sp_id != $sp_old_id) { 503 $duplicate_id = true; 504 } 505 } elseif (!empty ($sp_old_id)) { 506 if ($sp_id != $sp_old_id) { 507 $delete_old_page = true; 508 } 509 } 510 511 if ($duplicate_id) { 512 $retval .= COM_siteHeader ('menu', $LANG_STATIC['staticpageeditor']); 513 $retval .= COM_errorLog ($LANG_STATIC['duplicate_id'], 2); 514 $retval .= staticpageeditor ($sp_id); 515 $retval .= COM_siteFooter (); 516 echo $retval; 517 } elseif (!empty ($sp_title) && !empty ($sp_content)) { 518 if (empty ($sp_hits)) { 519 $sp_hits = 0; 520 } 521 522 if ($sp_onmenu == 'on') { 523 $sp_onmenu = 1; 524 } else { 525 $sp_onmenu = 0; 526 } 527 if ($sp_nf == 'on') { 528 $sp_nf = 1; 529 } else { 530 $sp_nf = 0; 531 } 532 if ($sp_centerblock == 'on') { 533 $sp_centerblock = 1; 534 } else { 535 $sp_centerblock = 0; 536 } 537 if ($sp_inblock == 'on') { 538 $sp_inblock = 1; 539 } else { 540 $sp_inblock = 0; 541 } 542 543 // Clean up the text 544 if ($_SP_CONF['censor'] == 1) { 545 $sp_content = COM_checkWords ($sp_content); 546 $sp_title = COM_checkWords ($sp_title); 547 } 548 if ($_SP_CONF['filter_html'] == 1) { 549 $sp_content = COM_checkHTML ($sp_content); 550 } 551 $sp_title = strip_tags ($sp_title); 552 $sp_label = strip_tags ($sp_label); 553 554 $sp_content = addslashes ($sp_content); 555 $sp_title = addslashes ($sp_title); 556 $sp_label = addslashes ($sp_label); 557 558 // If user does not have php edit perms, then set php flag to 0. 559 if (($_SP_CONF['allow_php'] != 1) || !SEC_hasRights ('staticpages.PHP')) { 560 $sp_php = 0; 561 } 562 563 // make sure there's only one "entire page" static page per topic 564 if (($sp_centerblock == 1) && ($sp_where == 0)) { 565 DB_query ("UPDATE {$_TABLES['staticpage']} SET sp_centerblock = 0 WHERE sp_centerblock = 1 AND sp_where = 0 AND sp_tid = '$sp_tid'" . COM_getLangSQL ('sp_id', 'AND')); 566 } 567 568 $formats = array ('allblocks', 'blankpage', 'leftblocks', 'noblocks'); 569 if (!in_array ($sp_format, $formats)) { 570 $sp_format = 'allblocks'; 571 } 572 573 list($perm_owner,$perm_group,$perm_members,$perm_anon) = SEC_getPermissionValues($perm_owner,$perm_group,$perm_members,$perm_anon); 574 DB_save ($_TABLES['staticpage'], 'sp_id,sp_uid,sp_title,sp_content,sp_date,sp_hits,sp_format,sp_onmenu,sp_label,owner_id,group_id,' 575 .'perm_owner,perm_group,perm_members,perm_anon,sp_php,sp_nf,sp_centerblock,sp_help,sp_tid,sp_where,sp_inblock,postmode', 576 "'$sp_id',$sp_uid,'$sp_title','$sp_content',NOW(),$sp_hits,'$sp_format',$sp_onmenu,'$sp_label',$owner_id,$group_id," 577 ."$perm_owner,$perm_group,$perm_members,$perm_anon,'$sp_php','$sp_nf',$sp_centerblock,'$sp_help','$sp_tid',$sp_where," 578 ."'$sp_inblock','$postmode'"); 579 if ($delete_old_page && !empty ($sp_old_id)) { 580 DB_delete ($_TABLES['staticpage'], 'sp_id', $sp_old_id); 581 } 582 echo COM_refresh ($_CONF['site_admin_url'] 583 . '/plugins/staticpages/index.php'); 584 } else { 585 $retval .= COM_siteHeader ('menu', $LANG_STATIC['staticpageeditor']); 586 $retval .= COM_errorLog ($LANG_STATIC['no_title_or_content'], 2); 587 $retval .= staticpageeditor ($sp_id); 588 $retval .= COM_siteFooter (); 589 echo $retval; 590 } 591 } 592 593 594 // MAIN 595 $mode = ''; 596 if (isset($_REQUEST['mode'])) { 597 $mode = COM_applyFilter ($_REQUEST['mode']); 598 } 599 $sp_id = ''; 600 if (isset($_REQUEST['sp_id'])) { 601 $sp_id = COM_applyFilter ($_REQUEST['sp_id']); 602 } 603 604 605 if (($mode == $LANG_ADMIN['delete']) && !empty ($LANG_ADMIN['delete'])) { 606 if (empty ($sp_id) || (is_numeric ($sp_id) && ($sp_id == 0))) { 607 COM_errorLog ('Attempted to delete static page sp_id=' . $sp_id); 608 } else { 609 DB_delete ($_TABLES['staticpage'], 'sp_id', $sp_id, 610 $_CONF['site_admin_url'] . '/plugins/staticpages/index.php'); 611 } 612 } else if ($mode == 'edit') { 613 $display .= COM_siteHeader ('menu', $LANG_STATIC['staticpageeditor']); 614 $editor = ''; 615 if (isset ($_GET['editor'])) { 616 $editor = COM_applyFilter ($_GET['editor']); 617 } 618 $display .= staticpageeditor ($sp_id, $mode, $editor); 619 $display .= COM_siteFooter (); 620 } else if ($mode == 'clone') { 621 if (!empty ($sp_id)) { 622 $display .= COM_siteHeader('menu', $LANG_STATIC['staticpageeditor']); 623 $display .= staticpageeditor($sp_id,$mode); 624 $display .= COM_siteFooter(); 625 } else { 626 $display = COM_refresh ($_CONF['site_admin_url'] . '/index.php'); 627 } 628 } else if (($mode == $LANG_ADMIN['save']) && !empty ($LANG_ADMIN['save'])) { 629 if (!empty ($sp_id)) { 630 if (!isset ($_POST['sp_onmenu'])) { 631 $_POST['sp_onmenu'] = ''; 632 } 633 if (!isset ($_POST['sp_nf'])) { 634 $_POST['sp_nf'] = ''; 635 } 636 if (!isset ($_POST['sp_centerblock'])) { 637 $_POST['sp_centerblock'] = ''; 638 } 639 $help = ''; 640 if (isset ($_POST['sp_help'])) { 641 $sp_help = COM_sanitizeUrl ($_POST['sp_help'], array ('http', 'https')); 642 } 643 if (!isset ($_POST['sp_inblock'])) { 644 $_POST['sp_inblock'] = ''; 645 } 646 $sp_uid = COM_applyFilter ($_POST['sp_uid'], true); 647 if ($sp_uid == 0) { 648 $sp_uid = $_USER['uid']; 649 } 650 if (!isset ($_POST['postmode'])) { 651 $_POST['postmode'] = ''; 652 } 653 submitstaticpage ($sp_id, $sp_uid, $_POST['sp_title'], 654 $_POST['sp_content'], COM_applyFilter ($_POST['sp_hits'], true), 655 COM_applyFilter ($_POST['sp_format']), $_POST['sp_onmenu'], 656 $_POST['sp_label'], COM_applyFilter ($_POST['owner_id'], true), 657 COM_applyFilter ($_POST['group_id'], true), $_POST['perm_owner'], 658 $_POST['perm_group'], $_POST['perm_members'], $_POST['perm_anon'], 659 $_POST['sp_php'], $_POST['sp_nf'], 660 COM_applyFilter ($_POST['sp_old_id']), $_POST['sp_centerblock'], 661 $sp_help, COM_applyFilter ($_POST['sp_tid']), 662 COM_applyFilter ($_POST['sp_where'], true), $_POST['sp_inblock'], 663 COM_applyFilter ($_POST['postmode'])); 664 } else { 665 $display = COM_refresh ($_CONF['site_admin_url'] . '/index.php'); 666 } 667 } else { 668 $display .= COM_siteHeader ('menu', $LANG_STATIC['staticpagelist']); 669 $display .= liststaticpages(); 670 $display .= COM_siteFooter (); 671 } 672 673 echo $display; 674 675 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Wed Nov 21 12:27:40 2007 | par Balluche grâce à PHPXref 0.7 |
|
|