| [ Index ] |
|
Code source de Joomla 1.0.13 |
1 <?php 2 /** 3 * @version $Id: weblinks.php 5074 2006-09-15 22:56:27Z friesengeist $ 4 * @package Joomla 5 * @subpackage Weblinks 6 * @copyright Copyright (C) 2005 Open Source Matters. All rights reserved. 7 * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php 8 * Joomla! is free software. This version may have been modified pursuant 9 * to the GNU General Public License, and as distributed it includes or 10 * is derivative of works licensed under the GNU General Public License or 11 * other free or open source software licenses. 12 * See COPYRIGHT.php for copyright notices and details. 13 */ 14 15 // no direct access 16 defined( '_VALID_MOS' ) or die( 'Restricted access' ); 17 18 /** load the html drawing class */ 19 require_once( $mainframe->getPath( 'front_html' ) ); 20 require_once( $mainframe->getPath( 'class' ) ); 21 $mainframe->setPageTitle( _WEBLINKS_TITLE ); 22 23 $id = intval( mosGetParam( $_REQUEST, 'id', 0 ) ); 24 $catid = intval( mosGetParam( $_REQUEST, 'catid', 0 ) ); 25 26 switch ($task) { 27 case 'new': 28 editWebLink( 0, $option ); 29 break; 30 31 case 'edit': 32 /* 33 * Disabled until ACL system is implemented. When enabled the $id variable 34 * will be passed instead of a 0 35 */ 36 editWebLink( 0, $option ); 37 break; 38 39 case 'save': 40 saveWebLink( $option ); 41 break; 42 43 case 'cancel': 44 cancelWebLink( $option ); 45 break; 46 47 case 'view': 48 showItem( $id ); 49 break; 50 51 default: 52 listWeblinks( $catid ); 53 break; 54 } 55 56 function listWeblinks( $catid ) { 57 global $mainframe, $database, $my; 58 global $mosConfig_live_site; 59 global $Itemid; 60 61 $rows = array(); 62 $currentcat = null; 63 if ( $catid ) { 64 // url links info for category 65 $query = "SELECT id, url, title, description, date, hits, params" 66 . "\n FROM #__weblinks" 67 . "\n WHERE catid = " . (int) $catid 68 . "\n AND published = 1" 69 . "\n AND archived = 0" 70 . "\n ORDER BY ordering" 71 ; 72 $database->setQuery( $query ); 73 $rows = $database->loadObjectList(); 74 75 // current cate info 76 $query = "SELECT *" 77 . "\n FROM #__categories" 78 . "\n WHERE id = " . (int) $catid 79 . "\n AND published = 1" 80 . "\n AND access <= " . (int) $my->gid 81 ; 82 $database->setQuery( $query ); 83 $database->loadObject( $currentcat ); 84 85 /* 86 Check if the category is published or if access level allows access 87 */ 88 if (!$currentcat->name) { 89 mosNotAuth(); 90 return; 91 } 92 } 93 94 /* Query to retrieve all categories that belong under the web links section and that are published. */ 95 $query = "SELECT cc.*, a.catid, a.title, a.url, COUNT(a.id) AS numlinks" 96 . "\n FROM #__categories AS cc" 97 . "\n LEFT JOIN #__weblinks AS a ON a.catid = cc.id" 98 . "\n WHERE a.published = 1" 99 . "\n AND section = 'com_weblinks'" 100 . "\n AND cc.published = 1" 101 . "\n AND cc.access <= " . (int) $my->gid 102 . "\n GROUP BY cc.id" 103 . "\n ORDER BY cc.ordering" 104 ; 105 $database->setQuery( $query ); 106 $categories = $database->loadObjectList(); 107 108 // Parameters 109 $menu = $mainframe->get( 'menu' ); 110 $params = new mosParameters( $menu->params ); 111 $params->def( 'page_title', 1 ); 112 $params->def( 'header', $menu->name ); 113 $params->def( 'pageclass_sfx', '' ); 114 $params->def( 'headings', 1 ); 115 $params->def( 'hits', $mainframe->getCfg( 'hits' ) ); 116 $params->def( 'item_description', 1 ); 117 $params->def( 'other_cat_section', 1 ); 118 $params->def( 'other_cat', 1 ); 119 $params->def( 'description', 1 ); 120 $params->def( 'description_text', _WEBLINKS_DESC ); 121 $params->def( 'image', '-1' ); 122 $params->def( 'weblink_icons', '' ); 123 $params->def( 'image_align', 'right' ); 124 $params->def( 'back_button', $mainframe->getCfg( 'back_button' ) ); 125 126 if ( $catid ) { 127 $params->set( 'type', 'category' ); 128 } else { 129 $params->set( 'type', 'section' ); 130 } 131 132 // page description 133 $currentcat->descrip = ''; 134 if( ( @$currentcat->description ) != '' ) { 135 $currentcat->descrip = $currentcat->description; 136 } else if ( !$catid ) { 137 // show description 138 if ( $params->get( 'description' ) ) { 139 $currentcat->descrip = $params->get( 'description_text' ); 140 } 141 } 142 143 // page image 144 $currentcat->img = ''; 145 $path = $mosConfig_live_site .'/images/stories/'; 146 if ( ( @$currentcat->image ) != '' ) { 147 $currentcat->img = $path . $currentcat->image; 148 $currentcat->align = $currentcat->image_position; 149 } else if ( !$catid ) { 150 if ( $params->get( 'image' ) != -1 ) { 151 $currentcat->img = $path . $params->get( 'image' ); 152 $currentcat->align = $params->get( 'image_align' ); 153 } 154 } 155 156 // page header 157 $currentcat->header = ''; 158 if ( @$currentcat->name != '' ) { 159 $currentcat->header = $currentcat->name; 160 } else { 161 $currentcat->header = $params->get( 'header' ); 162 } 163 164 // used to show table rows in alternating colours 165 $tabclass = array( 'sectiontableentry1', 'sectiontableentry2' ); 166 167 HTML_weblinks::displaylist( $categories, $rows, $catid, $currentcat, $params, $tabclass ); 168 } 169 170 171 function showItem ( $id ) { 172 global $database, $my; 173 174 $link = new mosWeblink($database); 175 $link->load((int)$id); 176 177 /* 178 * Check if link is published 179 */ 180 if (!$link->published) { 181 mosNotAuth(); 182 return; 183 } 184 185 $cat = new mosCategory($database); 186 $cat->load((int)$link->catid); 187 188 /* 189 * Check if category is published 190 */ 191 if (!$cat->published) { 192 mosNotAuth(); 193 return; 194 } 195 /* 196 * check whether category access level allows access 197 */ 198 if ( $cat->access > $my->gid ) { 199 mosNotAuth(); 200 return; 201 } 202 203 // Record the hit 204 $query = "UPDATE #__weblinks" 205 . "\n SET hits = hits + 1" 206 . "\n WHERE id = " . (int) $id 207 ; 208 $database->setQuery( $query ); 209 $database->query(); 210 211 if ( $link->url ) { 212 // redirects to url if matching id found 213 mosRedirect ( $link->url ); 214 } else { 215 // redirects to weblink category page if no matching id found 216 listWeblinks( $catid ); 217 } 218 } 219 220 function editWebLink( $id, $option ) { 221 global $database, $my; 222 223 if ($my->gid < 1) { 224 mosNotAuth(); 225 return; 226 } 227 228 // security check to see if link exists in a menu 229 $link = 'index.php?option=com_weblinks&task=new'; 230 $query = "SELECT id" 231 . "\n FROM #__menu" 232 . "\n WHERE link LIKE '%$link%'" 233 . "\n AND published = 1" 234 ; 235 $database->setQuery( $query ); 236 $exists = $database->loadResult(); 237 if ( !$exists ) { 238 mosNotAuth(); 239 return; 240 } 241 242 $row = new mosWeblink( $database ); 243 // load the row from the db table 244 $row->load( (int)$id ); 245 246 // fail if checked out not by 'me' 247 if ($row->isCheckedOut( $my->id )) { 248 mosRedirect( "index2.php?option=$option", 'The module $row->title is currently being edited by another administrator.' ); 249 } 250 251 if ($id) { 252 $row->checkout( $my->id ); 253 } else { 254 // initialise new record 255 $row->published = 0; 256 $row->approved = 1; 257 $row->ordering = 0; 258 } 259 260 // build list of categories 261 $lists['catid'] = mosAdminMenus::ComponentCategory( 'catid', $option, intval( $row->catid ) ); 262 263 HTML_weblinks::editWeblink( $option, $row, $lists ); 264 } 265 266 function cancelWebLink( $option ) { 267 global $database, $my; 268 269 if ($my->gid < 1) { 270 mosNotAuth(); 271 return; 272 } 273 274 $row = new mosWeblink( $database ); 275 $row->id = intval( mosGetParam( $_POST, 'id', 0 ) ); 276 $row->checkin(); 277 278 $referer = strval( mosGetParam( $_POST, 'referer', '' ) ); 279 mosRedirect( $referer ); 280 } 281 282 /** 283 * Saves the record on an edit form submit 284 * @param database A database connector object 285 */ 286 function saveWeblink( $option ) { 287 global $database, $my; 288 289 if ($my->gid < 1) { 290 mosNotAuth(); 291 return; 292 } 293 294 // security check to see if link exists in a menu 295 $link = 'index.php?option=com_weblinks&task=new'; 296 $query = "SELECT id" 297 . "\n FROM #__menu" 298 . "\n WHERE link LIKE '%$link%'" 299 . "\n AND published = 1" 300 ; 301 $database->setQuery( $query ); 302 $exists = $database->loadResult(); 303 if ( !$exists ) { 304 mosNotAuth(); 305 return; 306 } 307 308 // simple spoof check security 309 josSpoofCheck(); 310 311 $row = new mosWeblink( $database ); 312 if (!$row->bind( $_POST, 'published' )) { 313 echo "<script> alert('".$row->getError()."'); window.history.go(-1); </script>\n"; 314 exit(); 315 } 316 317 // sanitise id field 318 // $row->id = (int) $row->id; 319 // until full edit capabilities are given for weblinks - limit saving to new weblinks only 320 $row->id = 0; 321 322 $isNew = $row->id < 1; 323 324 $row->date = date( 'Y-m-d H:i:s' ); 325 326 if (!$row->check()) { 327 echo "<script> alert('".$row->getError()."'); window.history.go(-1); </script>\n"; 328 exit(); 329 } 330 if (!$row->store()) { 331 echo "<script> alert('".$row->getError()."'); window.history.go(-1); </script>\n"; 332 exit(); 333 } 334 $row->checkin(); 335 336 // admin users gid 337 $gid = 25; 338 339 // list of admins 340 $query = "SELECT email, name" 341 . "\n FROM #__users" 342 . "\n WHERE gid = " . (int) $gid 343 . "\n AND sendEmail = 1" 344 ; 345 $database->setQuery( $query ); 346 if(!$database->query()) { 347 echo $database->stderr( true ); 348 return; 349 } 350 $adminRows = $database->loadObjectList(); 351 352 // send email notification to admins 353 foreach($adminRows as $adminRow) { 354 mosSendAdminMail($adminRow->name, $adminRow->email, '', 'Weblink', $row->title, $my->username ); 355 } 356 357 $msg = $isNew ? _THANK_SUB : ''; 358 mosRedirect( 'index.php', $msg ); 359 } 360 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Wed Nov 21 14:43:32 2007 | par Balluche grâce à PHPXref 0.7 |
|
|