<?php
+/*
+ * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
+ * Copyright (C) 2002-2007 The Nucleus Group
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ * (see nucleus/documentation/index.html#license for more info)
+ */
/**
- * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
- * Copyright (C) 2002-2005 The Nucleus Group
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- * (see nucleus/documentation/index.html#license for more info)
- *
- * The code for the Nucleus admin area
- *
- * $Id: ADMIN.php,v 1.9 2007-03-22 08:32:11 kimitake Exp $
- * $NucleusJP: ADMIN.php,v 1.8 2005/08/13 07:21:33 kimitake Exp $
- */
+ * The code for the Nucleus admin area
+ *
+ * @license http://nucleuscms.org/license.txt GNU General Public License
+ * @copyright Copyright (C) 2002-2007 The Nucleus Group
+ * @version $Id: ADMIN.php,v 1.10 2007-04-04 07:52:08 kimitake Exp $
+ * @version $NucleusJP: ADMIN.php,v 1.20 2007/03/22 03:30:14 kmorimatsu Exp $
+ */
+
+if ( !function_exists('requestVar') ) exit;
+require_once dirname(__FILE__) . '/showlist.php';
+/**
+ * Builds the admin area and executes admin actions
+ */
class ADMIN {
- // action currently being executed ($action=xxxx -> action_xxxx method)
+ /**
+ * @var string $action action currently being executed ($action=xxxx -> action_xxxx method)
+ */
var $action;
+ /**
+ * Class constructor
+ */
function ADMIN() {
}
/**
- * Executes an action
- *
- * @param $action
- * action to be performed
- */
+ * Executes an action
+ *
+ * @param string $action action to be performed
+ */
function action($action) {
global $CONF, $manager;
'' => 'overview'
);
- if ($alias[$action])
+ if (isset($alias[$action]))
$action = $alias[$action];
$methodName = 'action_' . $action;
// check ticket. All actions need a ticket, unless they are considered to be safe (a safe action
// is an action that requires user interaction before something is actually done)
// all safe actions are in this array:
- $aActionsNotToCheck = array('showlogin', 'login', 'overview', 'itemlist', 'blogcommentlist', 'bookmarklet', 'blogsettings', 'banlist', 'deleteblog', 'editmembersettings', 'browseownitems', 'browseowncomments', 'createitem', 'itemedit', 'itemmove', 'categoryedit', 'categorydelete', 'manage', 'actionlog', 'settingsedit', 'backupoverview', 'pluginlist', 'createnewlog', 'usermanagement', 'skinoverview', 'templateoverview', 'skinieoverview', 'itemcommentlist', 'commentedit', 'commentdelete', 'banlistnewfromitem', 'banlistdelete', 'itemdelete', 'manageteam', 'teamdelete', 'banlistnew', 'memberedit', 'memberdelete', 'pluginhelp', 'pluginoptions', 'plugindelete', 'skinedittype', 'skindelete', 'skinedit', 'templateedit', 'templatedelete', 'activate');
+ $aActionsNotToCheck = array('showlogin', 'login', 'overview', 'itemlist', 'blogcommentlist', 'bookmarklet', 'blogsettings', 'banlist', 'deleteblog', 'editmembersettings', 'browseownitems', 'browseowncomments', 'createitem', 'itemedit', 'itemmove', 'categoryedit', 'categorydelete', 'manage', 'actionlog', 'settingsedit', 'backupoverview', 'pluginlist', 'createnewlog', 'usermanagement', 'skinoverview', 'templateoverview', 'skinieoverview', 'itemcommentlist', 'commentedit', 'commentdelete', 'banlistnewfromitem', 'banlistdelete', 'itemdelete', 'manageteam', 'teamdelete', 'banlistnew', 'memberedit', 'memberdelete', 'pluginhelp', 'pluginoptions', 'plugindelete', 'skinedittype', 'skinremovetype', 'skindelete', 'skinedit', 'templateedit', 'templatedelete', 'activate');
/*
// the rest of the actions needs to be checked
$aActionsToCheck = array('additem', 'itemupdate', 'itemmoveto', 'categoryupdate', 'categorydeleteconfirm', 'itemdeleteconfirm', 'commentdeleteconfirm', 'teamdeleteconfirm', 'memberdeleteconfirm', 'templatedeleteconfirm', 'skindeleteconfirm', 'banlistdeleteconfirm', 'plugindeleteconfirm', 'batchitem', 'batchcomment', 'batchmember', 'batchcategory', 'batchteam', 'regfile', 'commentupdate', 'banlistadd', 'changemembersettings', 'clearactionlog', 'settingsupdate', 'blogsettingsupdate', 'categorynew', 'teamchangeadmin', 'teamaddmember', 'memberadd', 'addnewlog', 'addnewlog2', 'backupcreate', 'backuprestore', 'pluginup', 'plugindown', 'pluginupdate', 'pluginadd', 'pluginoptionsupdate', 'skinupdate', 'skinclone', 'skineditgeneral', 'templateclone', 'templatenew', 'templateupdate', 'skinieimport', 'skinieexport', 'skiniedoimport', 'skinnew', 'deleteblogconfirm', 'sendping', 'rawping', 'activatesetpwd');
if (method_exists($this, $methodName))
call_user_func(array(&$this, $methodName));
else
- $this->error(_BADACTION . " ($action)");
+ $this->error(_BADACTION . htmlspecialchars(" ($action)"));
}
-
+ /**
+ * @todo document this
+ */
function action_showlogin() {
global $error;
$this->action_login($error);
}
+ /**
+ * @todo document this
+ */
function action_login($msg = '', $passvars = 1) {
global $member;
/**
- * provides a screen with the overview of the actions available
- */
+ * provides a screen with the overview of the actions available
+ * @todo document parameter
+ */
function action_overview($msg = '') {
global $member;
$this->pagefoot();
}
- // returns a link to a weblog (takes BLOG object as parameter)
+ /**
+ * Returns a link to a weblog
+ * @param object BLOG
+ */
function bloglink(&$blog) {
- return '<a href="'.htmlspecialchars($blog->getURL()).'" title="'._BLOGLIST_TT_VISIT.'">'.$blog->getName() .'</a>';
+ return '<a href="'.htmlspecialchars($blog->getURL()).'" title="'._BLOGLIST_TT_VISIT.'">'. htmlspecialchars( $blog->getName() ) .'</a>';
}
+ /**
+ * @todo document this
+ */
function action_manage($msg = '') {
global $member;
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_itemlist($blogid = '') {
global $member, $manager;
$template['content'] = 'itemlist';
$template['now'] = $blog->getCorrectTime(time());
-
+ $manager->loadClass("ENCAPSULATE");
$navList =& new NAVLIST('itemlist', $start, $amount, 0, 1000, $blogid, $search, 0);
$navList->showBatchList('item',$query,'table',$template);
$this->pagefoot();
}
-
+ /**
+ * @todo document this
+ */
function action_batchitem() {
global $member, $manager;
$error = $this->moveOneItem($itemid, $destCatid);
break;
default:
- $error = _BATCH_UNKNOWN . $action;
+ $error = _BATCH_UNKNOWN . htmlspecialchars($action);
}
echo '<b>',($error ? $error : _BATCH_SUCCESS),'</b>';
}
+ /**
+ * @todo document this
+ */
function action_batchcomment() {
global $member;
$error = $this->deleteOneComment($commentid);
break;
default:
- $error = _BATCH_UNKNOWN . $action;
+ $error = _BATCH_UNKNOWN . htmlspecialchars($action);
}
echo '<b>',($error ? $error : _BATCH_SUCCESS),'</b>';
}
+ /**
+ * @todo document this
+ */
function action_batchmember() {
global $member;
sql_query('UPDATE ' . sql_table('member') .' SET madmin=0 WHERE mnumber='.$memberid);
break;
default:
- $error = _BATCH_UNKNOWN . $action;
+ $error = _BATCH_UNKNOWN . htmlspecialchars($action);
}
echo '<b>',($error ? $error : _BATCH_SUCCESS),'</b>';
}
-
+ /**
+ * @todo document this
+ */
function action_batchteam() {
global $member;
sql_query('UPDATE '.sql_table('team').' SET tadmin=0 WHERE tblog='.$blogid.' and tmember='.$memberid);
break;
default:
- $error = _BATCH_UNKNOWN . $action;
+ $error = _BATCH_UNKNOWN . htmlspecialchars($action);
}
echo '<b>',($error ? $error : _BATCH_SUCCESS),'</b>';
}
-
-
+ /**
+ * @todo document this
+ */
function action_batchcategory() {
global $member, $manager;
$error = $this->moveOneCategory($catid, $destBlogId);
break;
default:
- $error = _BATCH_UNKNOWN . $action;
+ $error = _BATCH_UNKNOWN . htmlspecialchars($action);
}
echo '<b>',($error ? 'Error: '.$error : _BATCH_SUCCESS),'</b>';
}
+ /**
+ * @todo document this
+ */
function batchMoveSelectDestination($type, $ids) {
global $manager;
$this->pagehead();
exit;
}
+ /**
+ * @todo document this
+ */
function batchMoveCategorySelectDestination($type, $ids) {
global $manager;
$this->pagehead();
exit;
}
+ /**
+ * @todo document this
+ */
function batchAskDeleteConfirmation($type, $ids) {
global $manager;
/**
- * Inserts a HTML select element with choices for all categories to which the current
- * member has access
- */
+ * Inserts a HTML select element with choices for all categories to which the current
+ * member has access
+ * @see function selectBlog
+ */
function selectBlogCategory($name, $selected = 0, $tabindex = 0, $showNewCat = 0, $iForcedBlogInclude = -1) {
ADMIN::selectBlog($name, 'category', $selected, $tabindex, $showNewCat, $iForcedBlogInclude);
}
/**
- * Inserts a HTML select element with choices for all blogs to which the user has access
- * mode = 'blog' => shows blognames and values are blogids
- * mode = 'category' => show category names and values are catids
- *
- * @param $iForcedBlogInclude
- * ID of a blog that always needs to be included, without checking if the member is on the blog team (-1 = none)
- */
+ * Inserts a HTML select element with choices for all blogs to which the user has access
+ * mode = 'blog' => shows blognames and values are blogids
+ * mode = 'category' => show category names and values are catids
+ *
+ * @param $iForcedBlogInclude
+ * ID of a blog that always needs to be included, without checking if the
+ * member is on the blog team (-1 = none)
+ * @todo document parameters
+ */
function selectBlog($name, $mode='blog', $selected = 0, $tabindex = 0, $showNewCat = 0, $iForcedBlogInclude = -1) {
global $member, $CONF;
}
+ /**
+ * @todo document this
+ */
function action_browseownitems() {
- global $member;
+ global $member, $manager;
$this->pagehead();
$template['content'] = 'itemlist';
$template['now'] = time();
- $navList =& new NAVLIST('browseownitems', $start, $amount, 0, 1000, $blogid, $search, 0);
+ $manager->loadClass("ENCAPSULATE");
+ $navList =& new NAVLIST('browseownitems', $start, $amount, 0, 1000, /*$blogid*/ 0, $search, 0);
$navList->showBatchList('item',$query,'table',$template);
$this->pagefoot();
}
/**
- * Show all the comments for a given item
- */
+ * Show all the comments for a given item
+ * @param int $itemid
+ */
function action_itemcommentlist($itemid = '') {
- global $member;
+ global $member, $manager;
if ($itemid == '')
$itemid = intRequestVar('itemid');
$template['content'] = 'commentlist';
$template['canAddBan'] = $member->blogAdminRights(getBlogIDFromItemID($itemid));
+ $manager->loadClass("ENCAPSULATE");
$navList =& new NAVLIST('itemcommentlist', $start, $amount, 0, 1000, 0, $search, $itemid);
$navList->showBatchList('comment',$query,'table',$template,_NOCOMMENTS);
}
/**
- * Browse own comments
- */
+ * Browse own comments
+ */
function action_browseowncomments() {
- global $member;
+ global $member, $manager;
// start index
if (postVar('start'))
$template['content'] = 'commentlist';
$template['canAddBan'] = 0; // doesn't make sense to allow banning yourself
+ $manager->loadClass("ENCAPSULATE");
$navList =& new NAVLIST('browseowncomments', $start, $amount, 0, 1000, 0, $search, 0);
$navList->showBatchList('comment',$query,'table',$template,_NOCOMMENTS_YOUR);
}
/**
- * Browse all comments for a weblog
- */
+ * Browse all comments for a weblog
+ * @param int $blogid
+ */
function action_blogcommentlist($blogid = '')
{
global $member, $manager;
$search = postVar('search'); // search through comments
- $query = 'SELECT cbody, cuser, cmail, mname, ctime, chost, cnumber, cip, citem FROM '.sql_table('comment').' LEFT OUTER JOIN '.sql_table('member').' ON mnumber=cmember WHERE cblog=' . intval($blogid);
+ $query = 'SELECT cbody, cuser, cemail, cmail, mname, ctime, chost, cnumber, cip, citem FROM '.sql_table('comment').' LEFT OUTER JOIN '.sql_table('member').' ON mnumber=cmember WHERE cblog=' . intval($blogid);
if ($search != '')
$query .= ' and cbody LIKE "%' . addslashes($search) . '%"';
$template['content'] = 'commentlist';
$template['canAddBan'] = $member->blogAdminRights($blogid);
+ $manager->loadClass("ENCAPSULATE");
$navList =& new NAVLIST('blogcommentlist', $start, $amount, 0, 1000, $blogid, $search, 0);
$navList->showBatchList('comment',$query,'table',$template, _NOCOMMENTS_BLOG);
}
/**
- * Provide a page to item a new item to the given blog
- */
+ * Provide a page to item a new item to the given blog
+ */
function action_createitem() {
global $member, $manager;
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_itemedit() {
global $member, $manager;
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_itemupdate() {
global $member, $manager, $CONF;
$title = postVar('title');
$more = postVar('more');
$closed = intPostVar('closed');
+ $draftid = intPostVar('draftid');
// default action = add now
if (!$actiontype)
// edit the item for real
ITEM::update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, $timestamp);
+ if ($draftid > 0) {
+ ITEM::delete($draftid);
+ }
+
$blogid = getBlogIDFromItemID($itemid);
$blog =& $manager->getBlog($blogid);
if (!$closed && $publish && $wasdraft && $blog->pingUserland()) {
}
}
+ /**
+ * @todo document this
+ */
function action_itemdelete() {
global $member, $manager;
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_itemdeleteconfirm() {
global $member;
$this->action_itemlist($blogid);
}
- // deletes one item and returns error if something goes wrong
+ /**
+ * Deletes one item and returns error if something goes wrong
+ * @param int $itemid
+ */
function deleteOneItem($itemid) {
global $member, $manager;
ITEM::delete($itemid);
}
+ /**
+ * @todo document this
+ */
function action_itemmove() {
global $member, $manager;
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_itemmoveto() {
global $member, $manager;
}
/**
- * Moves one item to a given category (category existance should be checked by caller)
- * errors are returned
- */
+ * Moves one item to a given category (category existance should be checked by caller)
+ * errors are returned
+ * @param int $itemid
+ * @param int $destCatid category ID to which the item will be moved
+ */
function moveOneItem($itemid, $destCatid) {
global $member;
}
/**
- * Adds a item to the chosen blog
- */
+ * Adds a item to the chosen blog
+ */
function action_additem() {
global $member, $manager, $CONF;
}
/**
- * Shows a window that says we're about to ping weblogs.com.
- * immediately refresh to the real pinging page, which will
- * show an error, or redirect to the blog.
- *
- * @param $blogid ID of blog for which ping needs to be sent out
- */
+ * Shows a window that says we're about to ping weblogs.com.
+ * immediately refresh to the real pinging page, which will
+ * show an error, or redirect to the blog.
+ *
+ * @param int $blogid ID of blog for which ping needs to be sent out
+ */
function action_sendping($blogid = -1) {
global $member, $manager;
<?php $this->pagefoot();
}
- // ping to Weblogs.com
- // sends the real ping (can take up to 10 seconds!)
+ /**
+ * Ping to Weblogs.com
+ * Sends the real ping (can take up to 10 seconds!)
+ */
function action_rawping() {
global $manager;
// TODO: checks?
}
/**
- * Allows to edit previously made comments
- */
+ * Allows to edit previously made comments
+ */
function action_commentedit() {
global $member, $manager;
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_commentupdate() {
global $member, $manager;
}
+ /**
+ * @todo document this
+ */
function action_commentdelete() {
global $member, $manager;
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_commentdeleteconfirm() {
global $member;
$this->action_browseowncomments();
}
+ /**
+ * @todo document this
+ */
function deleteOneComment($commentid) {
global $member, $manager;
}
/**
- * Usermanagement main
- */
+ * Usermanagement main
+ */
function action_usermanagement() {
global $member, $manager;
$template['content'] = 'memberlist';
$template['tabindex'] = 10;
+ $manager->loadClass("ENCAPSULATE");
$batch =& new BATCH('member');
$batch->showlist($query,'table',$template);
echo '<h3>' . _MEMBERS_NEW .'</h3>';
?>
- <form method="post" action="index.php"><div>
+ <form method="post" action="index.php" name="memberedit"><div>
<input type="hidden" name="action" value="memberadd" />
<?php $manager->addTicketHidden() ?>
<th colspan="2"><?php echo _MEMBERS_NEW?></th>
</tr><tr>
<td><?php echo _MEMBERS_DISPLAY?> <?php help('shortnames');?>
- <br /><small>(This is the name used to logon)</small>
+ <br /><small><?php echo _MEMBERS_DISPLAY_INFO?></small>
</td>
<td><input tabindex="10010" name="name" size="16" maxlength="16" /></td>
</tr><tr>
}
/**
- * Edit member settings
- */
+ * Edit member settings
+ */
function action_memberedit() {
$this->action_editmembersettings(intRequestVar('memberid'));
}
+
+ /**
+ * @todo document this
+ */
function action_editmembersettings($memberid = '') {
global $member, $manager, $CONF;
$mem = MEMBER::createFromID($memberid);
?>
- <form method="post" action="index.php"><div>
+ <form method="post" action="index.php" name="memberedit"><div>
<input type="hidden" name="action" value="changemembersettings" />
<input type="hidden" name="memberid" value="<?php echo $memberid; ?>" />
<td><?php $this->input_yesno('admin',$mem->isAdmin(),60); ?></td>
</tr><tr>
<td><?php echo _MEMBERS_CANLOGIN?> <?php help('canlogin'); ?></td>
- <td><?php $this->input_yesno('canlogin',$mem->canLogin(),70); ?></td>
+ <td><?php $this->input_yesno('canlogin',$mem->canLogin(),70,1,0,_YES,_NO,$mem->isAdmin()); ?></td>
<?php } ?>
</tr><tr>
<td><?php echo _MEMBERS_NOTES?></td>
$this->pagefoot();
}
-
+ /**
+ * @todo document this
+ */
function action_changemembersettings() {
global $member, $CONF, $manager;
// check if allowed
($member->getID() == $memberid) or $member->isAdmin() or $this->disallow();
- $name = trim(postVar('name'));
- $realname = trim(postVar('realname'));
+ $name = trim(strip_tags(postVar('name')));
+ $realname = trim(strip_tags(postVar('realname')));
$password = postVar('password');
$repeatpassword = postVar('repeatpassword');
- $email = postVar('email');
- $url = postVar('url');
+ $email = strip_tags(postVar('email'));
+ $url = strip_tags(postVar('url'));
// Sometimes user didn't prefix the URL with http://, this cause a malformed URL. Let's fix it.
if (!eregi("^https?://", $url))
$admin = postVar('admin');
$canlogin = postVar('canlogin');
- $notes = postVar('notes');
+ $notes = strip_tags(postVar('notes'));
$deflang = postVar('deflang');
$mem = MEMBER::createFromID($memberid);
$mem->setPassword($password);
}
- if ($newpass)
- $mem->setPassword($password);
-
$oldEmail = $mem->getEmail();
$mem->setRealName($realname);
$mem->write();
+ // store plugin options
+ $aOptions = requestArray('plugoption');
+ NucleusPlugin::_applyPluginOptions($aOptions);
+ $manager->notify('PostPluginOptionsUpdate',array('context' => 'member', 'memberid' => $memberid, 'member' => &$mem));
+
// if email changed, generate new password
if ($oldEmail != $mem->getEmail())
{
$mem->sendActivationLink('addresschange', $oldEmail);
// logout member
$mem->newCookieKey();
- $member->logout();
+
+ // only log out if the member being edited is the current member.
+ if ($member->getID() == $memberid)
+ $member->logout();
$this->action_login(_MSG_ACTIVATION_SENT, 0);
return;
}
- // store plugin options
- $aOptions = requestArray('plugoption');
- NucleusPlugin::_applyPluginOptions($aOptions);
- $manager->notify('PostPluginOptionsUpdate',array('context' => 'member', 'memberid' => $memberid, 'member' => &$mem));
-
if ( ( $mem->getID() == $member->getID() )
- && ( $newpass || ( $mem->getDisplayName() != $member->getDisplayName() ) )
+ && ( $mem->getDisplayName() != $member->getDisplayName() )
) {
$mem->newCookieKey();
$member->logout();
}
}
+ /**
+ * @todo document this
+ */
function action_memberadd() {
- global $member;
+ global $member, $manager;
// check if allowed
$member->isAdmin() or $this->disallow();
if ($res != 1)
$this->error($res);
+ // fire PostRegister event
+ $newmem = new MEMBER();
+ $newmem->readFromName(postVar('name'));
+ $manager->notify('PostRegister',array('member' => &$newmem));
+
$this->action_usermanagement();
}
$this->_showActivationPage($key);
}
+ /**
+ * @todo document this
+ */
function _showActivationPage($key, $message = '')
{
global $manager;
}
/**
- * Manage team
- */
+ * Manage team
+ */
function action_manageteam() {
global $member, $manager;
$template['content'] = 'teamlist';
$template['tabindex'] = 10;
+ $manager->loadClass("ENCAPSULATE");
$batch =& new BATCH('team');
$batch->showlist($query, 'table', $template);
}
/**
- * Add member tot tram
- */
+ * Add member to team
+ */
function action_teamaddmember() {
global $member, $manager;
}
+ /**
+ * @todo document this
+ */
function action_teamdelete() {
global $member, $manager;
?>
<h2><?php echo _DELETE_CONFIRM?></h2>
- <p><?php echo _CONFIRMTXT_TEAM1?><b><?php echo $teammem->getDisplayName() ?></b><?php echo _CONFIRMTXT_TEAM2?><b><?php echo htmlspecialchars(strip_tags($blog->getName())) ?></b>
+ <p><?php echo _CONFIRMTXT_TEAM1?><b><?php echo htmlspecialchars($teammem->getDisplayName()) ?></b><?php echo _CONFIRMTXT_TEAM2?><b><?php echo htmlspecialchars(strip_tags($blog->getName())) ?></b>
</p>
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_teamdeleteconfirm() {
global $member;
$this->action_manageteam();
}
+ /**
+ * @todo document this
+ */
function deleteOneTeamMember($blogid, $memberid) {
global $member, $manager;
return '';
}
+ /**
+ * @todo document this
+ */
function action_teamchangeadmin() {
global $member;
$this->action_overview(_MSG_ADMINCHANGED);
}
+ /**
+ * @todo document this
+ */
function action_blogsettings() {
global $member, $manager;
</td>
<td><?php $this->input_yesno('public',$blog->isPublic(),70); ?></td>
</tr><tr>
+ <td><?php echo _EBLOG_REQUIREDEMAIL?>
+ </td>
+ <td><?php $this->input_yesno('reqemail',$blog->emailRequired(),72); ?></td>
+ </tr><tr>
<td><?php echo _EBLOG_NOTIFY?> <?php help('blognotify'); ?></td>
<td><input name="notify" tabindex="80" maxlength="60" size="40" value="<?php echo htmlspecialchars($blog->getNotifyAddress()); ?>" /></td>
</tr><tr>
$template['content'] = 'categorylist';
$template['tabindex'] = 200;
+ $manager->loadClass("ENCAPSULATE");
$batch =& new BATCH('category');
$batch->showlist($query,'table',$template);
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_categorynew() {
global $member, $manager;
$this->action_blogsettings();
}
-
+ /**
+ * @todo document this
+ */
function action_categoryedit($catid = '', $blogid = '', $desturl = '') {
global $member, $manager;
$extrahead = '<script type="text/javascript" src="javascript/numbercheck.js"></script>';
$this->pagehead($extrahead);
+ echo "<p><a href='index.php?action=blogsettings&blogid=$blogid'>(",_BACK_TO_BLOGSETTINGS,")</a></p>";
+
?>
<h2><?php echo _EBLOG_CAT_UPDATE?> '<?php echo htmlspecialchars($cname)?>'</h2>
<form method='post' action='index.php'><div>
$this->pagefoot();
}
-
+ /**
+ * @todo document this
+ */
function action_categoryupdate() {
global $member, $manager;
}
}
+ /**
+ * @todo document this
+ */
function action_categorydelete() {
global $member, $manager;
<h2><?php echo _DELETE_CONFIRM?></h2>
<div>
- <?php echo _CONFIRMTXT_CATEGORY?><b><?php echo $blog->getCategoryName($catid)?></b>
+ <?php echo _CONFIRMTXT_CATEGORY?><b><?php echo htmlspecialchars($blog->getCategoryName($catid))?></b>
</div>
<form method="post" action="index.php"><div>
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_categorydeleteconfirm() {
global $member, $manager;
$this->action_blogsettings();
}
+ /**
+ * @todo document this
+ */
function deleteOneCategory($catid) {
global $manager, $member;
}
+ /**
+ * @todo document this
+ */
function moveOneCategory($catid, $destblogid) {
global $manager, $member;
}
+ /**
+ * @todo document this
+ */
function action_blogsettingsupdate() {
global $member, $manager;
$blog->setAllowPastPosting(intPostVar('allowpastposting'));
$blog->setDefaultCategory(intPostVar('defcat'));
$blog->setSearchable(intPostVar('searchable'));
+ $blog->setEmailRequired(intPostVar('reqemail'));
$blog->writeSettings();
$this->action_overview(_MSG_SETTINGSCHANGED);
}
+ /**
+ * @todo document this
+ */
function action_deleteblog() {
global $member, $CONF, $manager;
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_deleteblogconfirm() {
global $member, $CONF, $manager;
$this->action_overview(_DELETED_BLOG);
}
+ /**
+ * @todo document this
+ */
function action_memberdelete() {
global $member, $manager;
?>
<h2><?php echo _DELETE_CONFIRM?></h2>
- <p><?php echo _CONFIRMTXT_MEMBER?><b><?php echo $mem->getDisplayName() ?></b>
+ <p><?php echo _CONFIRMTXT_MEMBER?><b><?php echo htmlspecialchars($mem->getDisplayName()) ?></b>
</p>
<p>
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_memberdeleteconfirm() {
global $member;
$this->action_overview(_DELETED_MEMBER);
}
- // (static)
+ /**
+ * @static
+ * @todo document this
+ */
function deleteOneMember($memberid) {
global $manager;
$manager->notify('PreDeleteMember', array('member' => &$mem));
+ /* unlink comments from memberid */
+ $query = 'UPDATE ' . sql_table('comment') . ' SET cmember="0", cuser="'. addslashes($mem->getDisplayName())
+ .'" WHERE cmember='.$memberid;
+ sql_query($query);
+
$query = 'DELETE FROM '.sql_table('member').' WHERE mnumber='.$memberid;
sql_query($query);
return '';
}
+ /**
+ * @todo document this
+ */
function action_createnewlog() {
global $member, $CONF, $manager;
<td><input name="timeoffset" tabindex="110" size="3" value="0" /></td>
</tr><tr>
<td><?php echo _EBLOG_ADMIN?>
- <?php help('blogadmin'); ?>
+ <?php help('teamadmin'); ?>
</td>
<td><?php echo _EBLOG_ADMIN_MSG?></td>
</tr><tr>
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_addnewlog() {
global $member, $manager, $CONF;
$manager->notify(
'PostAddCategory',
array(
+ 'blog' => &$blog,
+ 'name' => 'General',
+ 'description' => 'Items that do not fit in other categories',
'catid' => $catid
)
);
<p>¿·¤·¤¤weblog¤ÎºîÀ®¤ò´°Î»¤¹¤ë¤¿¤á¤Ë¤Ï¡¢²¼¤Ë¤³¤Î¥Õ¥¡¥¤¥ë¤ÎURL¤òÆþÎϤ·¤Æ¤¯¤À¤µ¤¤¡£ (¤¹¤Ç¤ËÍÑ°Õ¤·¤¿Ãͤǹç¤Ã¤Æ¤¤¤ë¤È¤Ï»×¤¤¤Þ¤¹¤¬ÊݾڤϤ·¤Þ¤»¤ó):</p>
-
<form action="index.php" method="post"><div>
<input type="hidden" name="action" value="addnewlog2" />
<?php $manager->addTicketHidden() ?>
<p>¿·¤·¤¤weblog¤ÎºîÀ®¤ò´°Î»¤¹¤ë¤¿¤á¤Ë¤Ï¡¢²¼¤ËURL¤òÆþÎϤ·¤Æ¤¯¤À¤µ¤¤¡£ (ÂçÄñ¤Ï´û¸blog¤ÈƱ¤¸URL)</p>
-
<form action="index.php" method="post"><div>
<input type="hidden" name="action" value="addnewlog2" />
<?php $manager->addTicketHidden() ?>
}
+ /**
+ * @todo document this
+ */
function action_addnewlog2() {
global $member, $manager;
$this->action_overview(_MSG_NEWBLOG);
}
+ /**
+ * @todo document this
+ */
function action_skinieoverview() {
global $member, $DIR_LIBS, $manager;
}
+ /**
+ * @todo document this
+ */
function action_skinieimport() {
global $member, $DIR_LIBS, $DIR_SKINS, $manager;
// read only metadata
$error = $importer->readFile($skinFile, 1);
+ // clashes
+ $skinNameClashes = $importer->checkSkinNameClashes();
+ $templateNameClashes = $importer->checkTemplateNameClashes();
+ $hasNameClashes = (count($skinNameClashes) > 0) || (count($templateNameClashes) > 0);
if ($error) $this->error($error);
<li><p><strong><?php echo _SKINIE_INFO_GENERAL?></strong> <?php echo htmlspecialchars($importer->getInfo())?></p></li>
<li><p><strong><?php echo _SKINIE_INFO_SKINS?></strong> <?php echo implode(' <em>'._AND.'</em> ',$importer->getSkinNames())?></p></li>
<li><p><strong><?php echo _SKINIE_INFO_TEMPLATES?></strong> <?php echo implode(' <em>'._AND.'</em> ',$importer->getTemplateNames())?></p></li>
- <li><p><strong style="color: red;"><?php echo _SKINIE_INFO_SKINCLASH?></strong> <?php echo implode(' <em>'._AND.'</em> ',$importer->checkSkinNameClashes())?></p></li>
- <li><p><strong style="color: red;"><?php echo _SKINIE_INFO_TEMPLCLASH?></strong> <?php echo implode(' <em>'._AND.'</em> ',$importer->checkTemplateNameClashes())?></p></li>
+ <?php
+ if ($hasNameClashes)
+ {
+ ?>
+ <li><p><strong style="color: red;"><?php echo _SKINIE_INFO_SKINCLASH?></strong> <?php echo implode(' <em>'._AND.'</em> ',$skinNameClashes)?></p></li>
+ <li><p><strong style="color: red;"><?php echo _SKINIE_INFO_TEMPLCLASH?></strong> <?php echo implode(' <em>'._AND.'</em> ',$templateNameClashes)?></p></li>
+ <?php
+ } // if (hasNameClashes)
+ ?>
</ul>
<form method="post" action="index.php"><div>
<input type="hidden" name="skinfile" value="<?php echo htmlspecialchars(postVar('skinfile'))?>" />
<input type="hidden" name="mode" value="<?php echo htmlspecialchars($mode)?>" />
<input type="submit" value="<?php echo _SKINIE_CONFIRM_IMPORT?>" />
+ <?php
+ if ($hasNameClashes)
+ {
+ ?>
<br />
<input type="checkbox" name="overwrite" value="1" id="cb_overwrite" /><label for="cb_overwrite"><?php echo _SKINIE_CONFIRM_OVERWRITE?></label>
+ <?php
+ } // if (hasNameClashes)
+ ?>
</div></form>
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_skiniedoimport() {
global $member, $DIR_LIBS, $DIR_SKINS;
}
+ /**
+ * @todo document this
+ */
function action_skinieexport() {
global $member, $DIR_LIBS;
$exporter->export();
}
+ /**
+ * @todo document this
+ */
function action_templateoverview() {
global $member, $manager;
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_templateedit($msg = '') {
global $member, $manager;
<a href="index.php?action=templateoverview">(<?php echo _TEMPLATE_BACK?>)</a>
</p>
- <h2><?php echo _TEMPLATE_EDIT_TITLE?> '<?php echo $templatename; ?>'</h2>
+ <h2><?php echo _TEMPLATE_EDIT_TITLE?> '<?php echo htmlspecialchars($templatename); ?>'</h2>
<?php if ($msg) echo "<p>"._MESSAGE.": $msg</p>";
?>
$this->_templateEditRow($template, _TEMPLATE_AFOOTER, 'ARCHIVELIST_FOOTER', '', 150);
?>
</tr><tr>
+ <th colspan="2"><?php echo _TEMPLATE_BLOGLIST?> <?php help('templatebloglists'); ?></th>
+<?php $this->_templateEditRow($template, _TEMPLATE_BLOGHEADER, 'BLOGLIST_HEADER', '', 160);
+ $this->_templateEditRow($template, _TEMPLATE_BLOGITEM, 'BLOGLIST_LISTITEM', '', 170);
+ $this->_templateEditRow($template, _TEMPLATE_BLOGFOOTER, 'BLOGLIST_FOOTER', '', 180);
+?>
+ </tr><tr>
<th colspan="2"><?php echo _TEMPLATE_CATEGORYLIST?> <?php help('templatecategorylists'); ?></th>
<?php $this->_templateEditRow($template, _TEMPLATE_CATHEADER, 'CATLIST_HEADER', '', 160);
$this->_templateEditRow($template, _TEMPLATE_CATITEM, 'CATLIST_LISTITEM', '', 170);
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function _templateEditRow(&$template, $description, $name, $help = '', $tabindex = 0, $big = 0) {
static $count = 1;
?>
<?php $count++;
}
+ /**
+ * @todo document this
+ */
function action_templateupdate() {
global $member;
$this->addToTemplate($templateid, 'ARCHIVELIST_HEADER', postVar('ARCHIVELIST_HEADER'));
$this->addToTemplate($templateid, 'ARCHIVELIST_LISTITEM', postVar('ARCHIVELIST_LISTITEM'));
$this->addToTemplate($templateid, 'ARCHIVELIST_FOOTER', postVar('ARCHIVELIST_FOOTER'));
+ $this->addToTemplate($templateid, 'BLOGLIST_HEADER', postVar('BLOGLIST_HEADER'));
+ $this->addToTemplate($templateid, 'BLOGLIST_LISTITEM', postVar('BLOGLIST_LISTITEM'));
+ $this->addToTemplate($templateid, 'BLOGLIST_FOOTER', postVar('BLOGLIST_FOOTER'));
$this->addToTemplate($templateid, 'CATLIST_HEADER', postVar('CATLIST_HEADER'));
$this->addToTemplate($templateid, 'CATLIST_LISTITEM', postVar('CATLIST_LISTITEM'));
$this->addToTemplate($templateid, 'CATLIST_FOOTER', postVar('CATLIST_FOOTER'));
}
+ /**
+ * @todo document this
+ */
function addToTemplate($id, $partname, $content) {
$partname = addslashes($partname);
$content = addslashes($content);
$query = 'INSERT INTO '.sql_table('template')." (tdesc, tpartname, tcontent) "
. "VALUES ($id, '$partname', '$content')";
- mysql_query($query) or die("Query error: " . mysql_error());
+ sql_query($query) or die("Query error: " . mysql_error());
return mysql_insert_id();
}
+ /**
+ * @todo document this
+ */
function action_templatedelete() {
global $member, $manager;
<h2><?php echo _DELETE_CONFIRM?></h2>
<p>
- <?php echo _CONFIRMTXT_TEMPLATE?><b><?php echo $name?></b> (<?php echo htmlspecialchars($desc) ?>)
+ <?php echo _CONFIRMTXT_TEMPLATE?><b><?php echo htmlspecialchars($name)?></b> (<?php echo htmlspecialchars($desc) ?>)
</p>
<form method="post" action="index.php"><div>
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_templatedeleteconfirm() {
global $member, $manager;
$this->action_templateoverview();
}
+ /**
+ * @todo document this
+ */
function action_templatenew() {
global $member;
$this->action_templateoverview();
}
+ /**
+ * @todo document this
+ */
function action_templateclone() {
global $member;
$this->action_templateoverview();
}
+ /**
+ * @todo document this
+ */
function action_skinoverview() {
global $member, $manager;
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_skinnew() {
global $member;
$this->action_skinoverview();
}
+ /**
+ * @todo document this
+ */
function action_skinedit() {
global $member, $manager;
<li><a tabindex="75" href="index.php?action=skinedittype&skinid=<?php echo $skinid ?>&type=imagepopup"><?php echo _SKIN_PART_POPUP?></a> <?php help('skinpartimagepopup')?></li>
</ul>
- <h3><?php echo _SKIN_GENSETTINGS_TITLE?></h3>
+ <?php
+
+ $query = "SELECT stype FROM " . sql_table('skin') . " WHERE stype NOT IN ('index', 'item', 'error', 'search', 'archive', 'archivelist', 'imagepopup', 'member') and sdesc = " . $skinid;
+ $res = sql_query($query);
+
+ echo '<h3>' . _SKIN_PARTS_SPECIAL . '</h3>';
+ echo '<form method="get" action="index.php">' . "\r\n";
+ echo '<input type="hidden" name="action" value="skinedittype" />' . "\r\n";
+ echo '<input type="hidden" name="skinid" value="' . $skinid . '" />' . "\r\n";
+ echo '<input name="type" tabindex="89" size="20" maxlength="20" />' . "\r\n";
+ echo '<input type="submit" tabindex="140" value="' . _SKIN_CREATE . '" onclick="return checkSubmit();" />' . "\r\n";
+ echo '</form>' . "\r\n";
+
+ if ($res && mysql_num_rows($res) > 0) {
+ echo '<ul>';
+ $tabstart = 75;
+
+ while ($row = mysql_fetch_assoc($res)) {
+ echo '<li><a tabindex="' . ($tabstart++) . '" href="index.php?action=skinedittype&skinid=' . $skinid . '&type=' . htmlspecialchars(strtolower($row['stype'])) . '">' . htmlspecialchars(ucfirst($row['stype'])) . '</a> (<a tabindex="' . ($tabstart++) . '" href="index.php?action=skinremovetype&skinid=' . $skinid . '&type=' . htmlspecialchars(strtolower($row['stype'])) . '">remove</a>)</li>';
+ }
+
+ echo '</ul>';
+ }
+
+ ?>
+
+ <h3><?php echo _SKIN_GENSETTINGS_TITLE; ?></h3>
<form method="post" action="index.php">
<div>
<?php $this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_skineditgeneral() {
global $member;
}
+ /**
+ * @todo document this
+ */
function action_skinedittype($msg = '') {
global $member, $manager;
$member->isAdmin() or $this->disallow();
+ $type = trim($type);
+ $type = strtolower($type);
+
+ if (!isValidShortName($type)) {
+ $this->error(_ERROR_SKIN_PARTS_SPECIAL_FORMAT);
+ }
+
$skin =& new SKIN($skinid);
$friendlyNames = SKIN::getFriendlyNames();
?>
<p>(<a href="index.php?action=skinoverview"><?php echo _SKIN_GOBACK?></a>)</p>
- <h2><?php echo _SKIN_EDITPART_TITLE?> '<?php echo $skin->getName() ?>': <?php echo $friendlyNames[$type] ?></h2>
+ <h2><?php echo _SKIN_EDITPART_TITLE?> '<?php echo htmlspecialchars($skin->getName()) ?>': <?php echo htmlspecialchars(isset($friendlyNames[$type]) ? $friendlyNames[$type] : ucfirst($type)); ?></h2>
<?php if ($msg) echo "<p>"._MESSAGE.": $msg</p>";
?>
<input type="submit" value="<?php echo _SKIN_UPDATE_BTN?>" onclick="return checkSubmit();" />
<input type="reset" value="<?php echo _SKIN_RESET_BTN?>" />
- (skin type: <?php echo $friendlyNames[$type] ?>)
- <?php help('skinpart' . $type);?>
+ (skin type: <?php echo htmlspecialchars(isset($friendlyNames[$type]) ? $friendlyNames[$type] : ucfirst($type)); ?>)
+ <?php if (in_array($type, array('index', 'item', 'archivelist', 'archive', 'search', 'error', 'member', 'imagepopup'))) {
+ help('skinpart' . $type);
+ } else {
+ help('skinpartspecial');
+ }?>
<br />
<textarea class="skinedit" tabindex="10" rows="20" cols="80" name="content"><?php echo htmlspecialchars($skin->getContent($type)) ?></textarea>
<br />
<input type="submit" tabindex="20" value="<?php echo _SKIN_UPDATE_BTN?>" onclick="return checkSubmit();" />
<input type="reset" value="<?php echo _SKIN_RESET_BTN?>" />
- (skin type: <?php echo $friendlyNames[$type] ?>)
+ (skin type: <?php echo htmlspecialchars(isset($friendlyNames[$type]) ? $friendlyNames[$type] : ucfirst($type)); ?>)
<br /><br />
<?php echo _SKIN_ALLOWEDVARS?>
<?php $this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_skinupdate() {
global $member;
$this->action_skinedittype(_SKIN_UPDATED);
}
+ /**
+ * @todo document this
+ */
function action_skindelete() {
global $member, $manager, $CONF;
$query = 'SELECT bname FROM '.sql_table('blog').' WHERE bdefskin=' . $skinid;
$r = sql_query($query);
if ($o = mysql_fetch_object($r))
- $this->error(_ERROR_SKINDEFDELETE . $o->bname);
+ $this->error(_ERROR_SKINDEFDELETE . htmlspecialchars($o->bname));
$this->pagehead();
<h2><?php echo _DELETE_CONFIRM?></h2>
<p>
- <?php echo _CONFIRMTXT_SKIN?><b><?php echo $name ?></b> (<?php echo htmlspecialchars($desc)?>)
+ <?php echo _CONFIRMTXT_SKIN?><b><?php echo htmlspecialchars($name) ?></b> (<?php echo htmlspecialchars($desc)?>)
</p>
<form method="post" action="index.php"><div>
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_skindeleteconfirm() {
global $member, $CONF, $manager;
$this->action_skinoverview();
}
- function action_skinclone() {
- global $member;
+ /**
+ * @todo document this
+ */
+ function action_skinremovetype() {
+ global $member, $manager, $CONF;
$skinid = intRequestVar('skinid');
+ $skintype = requestVar('type');
+
+ if (!isValidShortName($skintype)) {
+ $this->error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
+ }
$member->isAdmin() or $this->disallow();
- // 1. read skin to clone
+ // don't allow default skinparts to be deleted
+ if (in_array($skintype, array('index', 'item', 'archivelist', 'archive', 'search', 'error', 'member', 'imagepopup'))) {
+ $this->error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
+ }
+
+ $this->pagehead();
+
+ $skin =& new SKIN($skinid);
+ $name = $skin->getName();
+ $desc = $skin->getDescription();
+
+ ?>
+ <h2><?php echo _DELETE_CONFIRM?></h2>
+
+ <p>
+ <?php echo _CONFIRMTXT_SKIN_PARTS_SPECIAL; ?> <b><?php echo htmlspecialchars($skintype); ?> (<?php echo htmlspecialchars($name); ?>)</b> (<?php echo htmlspecialchars($desc)?>)
+ </p>
+
+ <form method="post" action="index.php"><div>
+ <input type="hidden" name="action" value="skinremovetypeconfirm" />
+ <?php $manager->addTicketHidden() ?>
+ <input type="hidden" name="skinid" value="<?php echo $skinid; ?>" />
+ <input type="hidden" name="type" value="<?php echo htmlspecialchars($skintype); ?>" />
+ <input type="submit" tabindex="10" value="<?php echo _DELETE_CONFIRM_BTN?>" />
+ </div></form>
+ <?php
+ $this->pagefoot();
+ }
+
+ /**
+ * @todo document this
+ */
+ function action_skinremovetypeconfirm() {
+ global $member, $CONF, $manager;
+
+ $skinid = intRequestVar('skinid');
+ $skintype = requestVar('type');
+
+ if (!isValidShortName($skintype)) {
+ $this->error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
+ }
+
+ $member->isAdmin() or $this->disallow();
+
+ // don't allow default skinparts to be deleted
+ if (in_array($skintype, array('index', 'item', 'archivelist', 'archive', 'search', 'error', 'member', 'imagepopup'))) {
+ $this->error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
+ }
+
+ $manager->notify('PreDeleteSkinPart', array('skinid' => $skinid, 'skintype' => $skintype));
+
+ // delete part
+ sql_query('DELETE FROM '.sql_table('skin').' WHERE sdesc=' . $skinid . ' AND stype=\'' . $skintype . '\'');
+
+ $manager->notify('PostDeleteSkinPart', array('skinid' => $skinid, 'skintype' => $skintype));
+
+ $this->action_skinedit();
+ }
+
+ /**
+ * @todo document this
+ */
+ function action_skinclone() {
+ global $member;
+
+ $skinid = intRequestVar('skinid');
+
+ $member->isAdmin() or $this->disallow();
+
+ // 1. read skin to clone
$skin =& new SKIN($skinid);
$name = "clone_" . $skin->getName();
// 3. clone
+ /*
$this->skinclonetype($skin, $newid, 'index');
$this->skinclonetype($skin, $newid, 'item');
$this->skinclonetype($skin, $newid, 'archivelist');
$this->skinclonetype($skin, $newid, 'error');
$this->skinclonetype($skin, $newid, 'member');
$this->skinclonetype($skin, $newid, 'imagepopup');
+ */
+
+ $query = "SELECT stype FROM " . sql_table('skin') . " WHERE sdesc = " . $skinid;
+ $res = sql_query($query);
+ while ($row = mysql_fetch_assoc($res)) {
+ $this->skinclonetype($skin, $newid, $row['stype']);
+ }
$this->action_skinoverview();
}
+ /**
+ * @todo document this
+ */
function skinclonetype($skin, $newid, $type) {
$newid = intval($newid);
$content = $skin->getContent($type);
}
}
+ /**
+ * @todo document this
+ */
function action_settingsedit() {
global $member, $manager, $CONF, $DIR_NUCLEUS, $DIR_MEDIA;
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_settingsupdate() {
global $member, $CONF;
}
-
+ /**
+ * @todo document this
+ */
function updateConfig($name, $val) {
$name = addslashes($name);
$val = trim(addslashes($val));
. " SET value='$val'"
. " WHERE name='$name'";
- mysql_query($query) or die("Query error: " . mysql_error());
+ sql_query($query) or die("Query error: " . mysql_error());
return mysql_insert_id();
}
/**
- * Error message
- */
+ * Error message
+ * @param string $msg message that will be shown
+ */
function error($msg) {
$this->pagehead();
?>
exit;
}
+ /**
+ * @todo document this
+ */
function disallow() {
ACTIONLOG::add(WARNING, _ACTIONLOG_DISALLOWED . serverVar('REQUEST_URI'));
$this->error(_ERROR_DISALLOWED);
}
-
+ /**
+ * @todo document this
+ */
function pagehead($extrahead = '') {
global $member, $nucleus, $CONF, $manager;
echo '<br />(';
+ // Note(JP): disabled code name description
+/*
+ if ($member->isLoggedIn() && $member->isAdmin())
+ echo '<a href="http://nucleuscms.org/version.php?v=',getNucleusVersion(),'&pl=',getNucleusPatchLevel(),'" title="Check for upgrade">Nucleus CMS ', $nucleus['version'], ' "', $nucleus['codename'], '"</a>';
+ else
+ echo 'Nucleus CMS ', $nucleus['version'], ' "', $nucleus['codename'], '"';
+*/
if ($member->isLoggedIn() && $member->isAdmin())
- echo '<a href="http://nucleuscms.org/version.php?v=',getNucleusVersion(),'&pl=',getNucleusPatchLevel(),'" title="Check for upgrade">Nucleus CMS ', $nucleus['version'], '</a>';
+ echo '<a href="http://nucleuscms.org/version.php?v=',getNucleusVersion(),'&pl=',getNucleusPatchLevel(),'" title="Check for upgrade">Nucleus CMS ', $nucleus['version'], ' </a>';
else
- echo 'Nucleus CMS ' , $nucleus['version'];
+ echo 'Nucleus CMS ', $nucleus['version'];
echo ')';
echo '</div>';
}
+ /**
+ * @todo document this
+ */
function pagefoot() {
global $action, $member, $manager;
<?php }
?>
<div class="foot">
- <a href="http://nucleuscms.org/">Nucleus CMS</a> © 2002-2005 The Nucleus Group
+ <a href="http://nucleuscms.org/">Nucleus CMS</a> © 2002-<?php echo date('Y'); ?> The Nucleus Group
-
<a href="http://nucleuscms.org/donate.php">Donate!</a>
</div>
</html>
<?php }
-
+ /**
+ * @todo document this
+ */
function action_regfile() {
global $member, $CONF;
echo '"contexts"=hex:31';
}
+ /**
+ * @todo document this
+ */
function action_bookmarklet() {
global $member, $manager;
}
-
+ /**
+ * @todo document this
+ */
function action_actionlog() {
global $member, $manager;
}
-
+ /**
+ * @todo document this
+ */
function action_banlist() {
global $member, $manager;
}
-
+ /**
+ * @todo document this
+ */
function action_banlistdelete() {
global $member, $manager;
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_banlistdeleteconfirm() {
global $member, $manager;
}
+ /**
+ * @todo document this
+ */
function action_banlistnewfromitem() {
$this->action_banlistnew(getBlogIDFromItemID(intRequestVar('itemid')));
}
+ /**
+ * @todo document this
+ */
function action_banlistnew($blogid = '') {
global $member, $manager;
<?php $this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_banlistadd() {
global $member;
}
+ /**
+ * @todo document this
+ */
function action_clearactionlog() {
global $member;
$this->action_manage(_MSG_ACTIONLOGCLEARED);
}
+ /**
+ * @todo document this
+ */
function action_backupoverview() {
global $member, $manager;
<?php $this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_backupcreate() {
global $member, $DIR_LIBS;
exit;
}
-
+ /**
+ * @todo document this
+ */
function action_backuprestore() {
global $member, $DIR_LIBS;
}
-
+ /**
+ * @todo document this
+ */
function action_pluginlist() {
global $member, $manager;
if (ereg('^NP_(.*)\.php$',$filename,$matches)) {
$name = $matches[1];
// only show in list when not yet installed
- if (mysql_num_rows(sql_query('SELECT * FROM '.sql_table('plugin').' WHERE pfile="NP_'.addslashes($name).'"')) == 0)
+ $res = sql_query('SELECT * FROM '.sql_table('plugin').' WHERE pfile="NP_'.addslashes($name).'"');
+ if (mysql_num_rows($res) == 0)
array_push($candidates,$name);
}
}
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_pluginhelp() {
global $member, $manager, $DIR_PLUGINS, $CONF;
$this->pagefoot();
}
-
+ /**
+ * @todo document this
+ */
function action_pluginadd() {
global $member, $manager, $DIR_PLUGINS;
if ($manager->pluginInstalled($name))
$this->error(_ERROR_DUPPLUGIN);
if (!checkPlugin($name))
- $this->error(_ERROR_PLUGFILEERROR . ' (' . $name . ')');
-
- // check if the plugin dependency is met
- $plugin =& $manager->getPlugin($name);
- $pluginList = $plugin->getPluginDep();
- foreach ($pluginList as $pluginName)
- {
-
- $res = sql_query('SELECT * FROM '.sql_table('plugin') . ' WHERE pfile="' . $pluginName . '"');
- if (mysql_num_rows($res) == 0)
- {
- // uninstall plugin again...
- $this->deleteOnePlugin($plugin->getID());
-
- $this->error(_ERROR_INSREQPLUGIN . $pluginName);
- }
- }
+ $this->error(_ERROR_PLUGFILEERROR . ' (' . htmlspecialchars($name) . ')');
// get number of currently installed plugins
- $numCurrent = mysql_num_rows(sql_query('SELECT * FROM '.sql_table('plugin')));
+ $res = sql_query('SELECT * FROM '.sql_table('plugin'));
+ $numCurrent = mysql_num_rows($res);
// plugin will be added as last one in the list
$newOrder = $numCurrent + 1;
sql_query($query);
$iPid = mysql_insert_id();
- // need to update the plugin object's pid since we didn't have it above when it's first create....
- $plugin->plugid = $iPid;
-
$manager->clearCachedInfo('installedPlugins');
- // call the install method of the plugin
+ // Load the plugin for condition checking and instalation
+ $plugin =& $manager->getPlugin($name);
+
+ // check if it got loaded (could have failed)
if (!$plugin)
{
sql_query('DELETE FROM ' . sql_table('plugin') . ' WHERE pid='. intval($iPid));
$manager->clearCachedInfo('installedPlugins');
- $this->error('Plugin could not be loaded, or does not support certain features that are required for it to run on your Nucleus installation (you might want to check the <a href="?action=actionlog">actionlog</a> for more info)');
+ $this->error(_ERROR_PLUGIN_LOAD);
}
// check if plugin needs a newer Nucleus version
$this->deleteOnePlugin($plugin->getID());
// ...and show error
- $this->error(_ERROR_NUCLEUSVERSIONREQ . $plugin->getMinNucleusVersion());
+ $this->error(_ERROR_NUCLEUSVERSIONREQ . htmlspecialchars($plugin->getMinNucleusVersion()));
}
// check if plugin needs a newer Nucleus version
$this->deleteOnePlugin($plugin->getID());
// ...and show error
- $this->error(_ERROR_NUCLEUSVERSIONREQ . $plugin->getMinNucleusVersion() . ' patch ' . $plugin->getMinNucleusPatchLevel());
+ $this->error(_ERROR_NUCLEUSVERSIONREQ . htmlspecialchars( $plugin->getMinNucleusVersion() . ' patch ' . $plugin->getMinNucleusPatchLevel() ) );
}
+ $pluginList = $plugin->getPluginDep();
+ foreach ($pluginList as $pluginName)
+ {
+
+ $res = sql_query('SELECT * FROM '.sql_table('plugin') . ' WHERE pfile="' . $pluginName . '"');
+ if (mysql_num_rows($res) == 0)
+ {
+ // uninstall plugin again...
+ $this->deleteOnePlugin($plugin->getID());
+
+ $this->error(_ERROR_INSREQPLUGIN . htmlspecialchars($pluginName));
+ }
+ }
+
+ // call the install method of the plugin
$plugin->install();
$manager->notify(
$this->action_pluginupdate();
}
+ /**
+ * @todo document this
+ */
function action_pluginupdate() {
global $member, $manager;
$this->action_pluginlist();
}
+ /**
+ * @todo document this
+ */
function action_plugindelete() {
global $member, $manager;
<?php $this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_plugindeleteconfirm() {
global $member, $manager;
$this->action_pluginlist();
}
+ /**
+ * @todo document this
+ */
function deleteOnePlugin($pid, $callUninstall = 0) {
global $manager;
sql_query('DELETE FROM '.sql_table('plugin_option').' WHERE oid in ('.implode(',',$aOIDs).')');
// update order numbers
- $o = mysql_fetch_object(sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid=' . $pid));
+ $res = sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid=' . $pid);
+ $o = mysql_fetch_object($res);
sql_query('UPDATE '.sql_table('plugin').' SET porder=(porder - 1) WHERE porder>'.$o->porder);
// delete row
return '';
}
+ /**
+ * @todo document this
+ */
function action_pluginup() {
global $member, $manager;
$this->error(_ERROR_NOSUCHPLUGIN);
// 1. get old order number
- $o = mysql_fetch_object(sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid='.$plugid));
+ $res = sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid='.$plugid);
+ $o = mysql_fetch_object($res);
$oldOrder = $o->porder;
// 2. calculate new order number
$this->action_pluginlist();
}
+ /**
+ * @todo document this
+ */
function action_plugindown() {
global $member, $manager;
$this->error(_ERROR_NOSUCHPLUGIN);
// 1. get old order number
- $o = mysql_fetch_object(sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid='.$plugid));
+ $res = sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid='.$plugid);
+ $o = mysql_fetch_object($res);
$oldOrder = $o->porder;
- $maxOrder = mysql_num_rows(sql_query('SELECT * FROM '.sql_table('plugin')));
+ $res = sql_query('SELECT * FROM '.sql_table('plugin'));
+ $maxOrder = mysql_num_rows($res);
// 2. calculate new order number
$newOrder = ($oldOrder < $maxOrder) ? ($oldOrder + 1) : $maxOrder;
$this->action_pluginlist();
}
+ /**
+ * @todo document this
+ */
function action_pluginoptions($message = '') {
global $member, $manager;
}
+ /**
+ * @todo document this
+ */
function action_pluginoptionsupdate() {
global $member, $manager;
}
/**
- * @static
- */
+ * @static
+ * @todo document this
+ */
function _insertPluginOptions($context, $contextid = 0) {
// get all current values for this contextid
// (note: this might contain doubles for overlapping contextids)
}
- /* helper functions to create option forms etc. */
- function input_yesno($name, $checkedval,$tabindex = 0, $value1 = 1, $value2 = 0, $yesval = _YES, $noval = _NO) {
+ /**
+ * Helper functions to create option forms etc.
+ * @todo document parameters
+ */
+ function input_yesno($name, $checkedval,$tabindex = 0, $value1 = 1, $value2 = 0, $yesval = _YES, $noval = _NO, $isAdmin = 0) {
$id = htmlspecialchars($name);
$id = str_replace('[','-',$id);
$id = str_replace(']','-',$id);
$id1 = $id . htmlspecialchars($value1);
$id2 = $id . htmlspecialchars($value2);
- echo '<input type="radio" name="', htmlspecialchars($name),'" value="', htmlspecialchars($value1),'" ';
+ if ($name=="admin") {
+ echo '<input onclick="selectCanLogin(true);" type="radio" name="', htmlspecialchars($name),'" value="', htmlspecialchars($value1),'" ';
+ } else {
+ echo '<input type="radio" name="', htmlspecialchars($name),'" value="', htmlspecialchars($value1),'" ';
+ }
+
if ($checkedval == $value1)
echo "tabindex='$tabindex' checked='checked'";
echo ' id="'.$id1.'" /><label for="'.$id1.'">' . $yesval . '</label>';
echo ' ';
- echo '<input type="radio" name="', htmlspecialchars($name),'" value="', htmlspecialchars($value2),'" ';
+ if ($name=="admin") {
+ echo '<input onclick="selectCanLogin(false);" type="radio" name="', htmlspecialchars($name),'" value="', htmlspecialchars($value2),'" ';
+ } else {
+ echo '<input type="radio" name="', htmlspecialchars($name),'" value="', htmlspecialchars($value2),'" ';
+ }
if ($checkedval != $value1)
echo "tabindex='$tabindex' checked='checked'";
+ if ($isAdmin && $name=="canlogin")
+ echo " disabled='true'";
echo ' id="'.$id2.'" /><label for="'.$id2.'">' . $noval . '</label>';
}
-
-
} // class ADMIN
-class ENCAPSULATE {
- /**
- * Uses $call to call a function using parameters $params
- * This function should return the amount of entries shown.
- * When entries are show, batch operation handlers are shown too.
- * When no entries were shown, $errormsg is used to display an error
- *
- * Passes on the amount of results found (for further encapsulation)
- */
- function doEncapsulate($call, $params, $errorMessage = 'No entries') {
- // start output buffering
- ob_start();
-
- $nbOfRows = call_user_func_array($call, $params);
-
- // get list contents and stop buffering
- $list = ob_get_contents();
- ob_end_clean();
-
- if ($nbOfRows > 0) {
- $this->showHead();
- echo $list;
- $this->showFoot();
- } else {
- echo $errorMessage;
- }
-
- return $nbOfRows;
- }
-}
-
-
-/**
- * A class used to encapsulate a list of some sort inside next/prev buttons
- */
-class NAVLIST extends ENCAPSULATE {
-
- function NAVLIST($action, $start, $amount, $minamount, $maxamount, $blogid, $search, $itemid) {
- $this->action = $action;
- $this->start = $start;
- $this->amount = $amount;
- $this->minamount = $minamount;
- $this->maxamount = $maxamount;
- $this->blogid = $blogid;
- $this->search = $search;
- $this->itemid = $itemid;
- }
-
- function showBatchList($batchtype, $query, $type, $template, $errorMessage = _LISTS_NOMORE) {
- $batch =& new BATCH($batchtype);
-
- $this->doEncapsulate(
- array(&$batch, 'showlist'),
- array(&$query, $type, $template),
- $errorMessage
- );
-
- }
-
-
- function showHead() {
- $this->showNavigation();
- }
- function showFoot() {
- $this->showNavigation();
- }
-
- /**
- * Displays a next/prev bar for long tables
- */
- function showNavigation() {
- $action = $this->action;
- $start = $this->start;
- $amount = $this->amount;
- $minamount = $this->minamount;
- $maxamount = $this->maxamount;
- $blogid = $this->blogid;
- $search = $this->search;
- $itemid = $this->itemid;
-
- $prev = $start - $amount;
- if ($prev < $minamount) $prev=$minamount;
-
- // maxamount not used yet
- // if ($start + $amount <= $maxamount)
- $next = $start + $amount;
- // else
- // $next = $start;
-
- ?>
- <table class="navigation">
- <tr><td>
- <form method="post" action="index.php"><div>
- <input type="submit" value="<< <?php echo _LISTS_PREV?>" />
- <input type="hidden" name="blogid" value="<?php echo $blogid; ?>" />
- <input type="hidden" name="itemid" value="<?php echo $itemid; ?>" />
- <input type="hidden" name="action" value="<?php echo $action; ?>" />
- <input type="hidden" name="amount" value="<?php echo $amount; ?>" />
- <input type="hidden" name="search" value="<?php echo $search; ?>" />
- <input type="hidden" name="start" value="<?php echo $prev; ?>" />
- </div></form>
- </td><td>
- <form method="post" action="index.php"><div>
- <input type="hidden" name="blogid" value="<?php echo $blogid; ?>" />
- <input type="hidden" name="itemid" value="<?php echo $itemid; ?>" />
- <input type="hidden" name="action" value="<?php echo $action; ?>" />
- <input name="amount" size="3" value="<?php echo $amount; ?>" /> <?php echo _LISTS_PERPAGE?>
- <input type="hidden" name="start" value="<?php echo $start; ?>" />
- <input type="hidden" name="search" value="<?php echo $search; ?>" />
- <input type="submit" value="> <?php echo _LISTS_CHANGE?>" />
- </div></form>
- </td><td>
- <form method="post" action="index.php"><div>
- <input type="hidden" name="blogid" value="<?php echo $blogid; ?>" />
- <input type="hidden" name="itemid" value="<?php echo $itemid; ?>" />
- <input type="hidden" name="action" value="<?php echo $action; ?>" />
- <input type="hidden" name="amount" value="<?php echo $amount; ?>" />
- <input type="hidden" name="start" value="0" />
- <input type="text" name="search" value="<?php echo $search; ?>" size="7" />
- <input type="submit" value="> <?php echo _LISTS_SEARCH?>" />
- </div></form>
- </td><td>
- <form method="post" action="index.php"><div>
- <input type="submit" value="<?php echo _LISTS_NEXT?> > >" />
- <input type="hidden" name="search" value="<?php echo $search; ?>" />
- <input type="hidden" name="blogid" value="<?php echo $blogid; ?>" />
- <input type="hidden" name="itemid" value="<?php echo $itemid; ?>" />
- <input type="hidden" name="action" value="<?php echo $action; ?>" />
- <input type="hidden" name="amount" value="<?php echo $amount; ?>" />
- <input type="hidden" name="start" value="<?php echo $next; ?>" />
- </div></form>
- </td></tr>
- </table>
- <?php }
-
-
-}
-
-/**
- * A class used to encapsulate a list of some sort in a batch selection
- */
-class BATCH extends ENCAPSULATE {
- function BATCH($type) {
- $this->type = $type;
- }
-
- function showHead() {
- ?>
- <form method="post" action="index.php">
- <?php
-// TODO: get a list op operations above the list too
-// (be careful not to use the same names for the select...)
-// $this->showOperationList();
- }
-
- function showFoot() {
- $this->showOperationList();
- ?>
- </form>
- <?php }
-
- function showOperationList() {
- global $manager;
- ?>
- <div class="batchoperations">
- <?php echo _BATCH_WITH_SEL ?>
- <select name="batchaction">
- <?php $options = array();
- switch($this->type) {
- case 'item':
- $options = array(
- 'delete' => _BATCH_ITEM_DELETE,
- 'move' => _BATCH_ITEM_MOVE
- );
- break;
- case 'member':
- $options = array(
- 'delete' => _BATCH_MEMBER_DELETE,
- 'setadmin' => _BATCH_MEMBER_SET_ADM,
- 'unsetadmin' => _BATCH_MEMBER_UNSET_ADM
- );
- break;
- case 'team':
- $options = array(
- 'delete' => _BATCH_TEAM_DELETE,
- 'setadmin' => _BATCH_TEAM_SET_ADM,
- 'unsetadmin' => _BATCH_TEAM_UNSET_ADM,
- );
- break;
- case 'category':
- $options = array(
- 'delete' => _BATCH_CAT_DELETE,
- 'move' => _BATCH_CAT_MOVE,
- );
- break;
- case 'comment':
- $options = array(
- 'delete' => _BATCH_COMMENT_DELETE,
- );
- break;
- }
- foreach ($options as $option => $label) {
- echo '<option value="',$option,'">',$label,'</option>';
- }
- ?>
- </select>
- <input type="hidden" name="action" value="batch<?php echo $this->type?>" />
- <?php
- $manager->addTicketHidden();
-
- // add hidden fields for 'team' and 'comment' batchlists
- if ($this->type == 'team')
- {
- echo '<input type="hidden" name="blogid" value="',intRequestVar('blogid'),'" />';
- }
- if ($this->type == 'comment')
- {
- echo '<input type="hidden" name="itemid" value="',intRequestVar('itemid'),'" />';
- }
-
- echo '<input type="submit" value="',_BATCH_EXEC,'" />';
- ?>(
- <a href="" onclick="if (event && event.preventDefault) event.preventDefault(); return batchSelectAll(1); "><?php echo _BATCH_SELECTALL?></a> -
- <a href="" onclick="if (event && event.preventDefault) event.preventDefault(); return batchSelectAll(0); "><?php echo _BATCH_DESELECTALL?></a>
- )
- </div>
- <?php }
-
- // shortcut :)
- function showList($query, $type, $template, $errorMessage = _LISTS_NOMORE) {
- return $this->doEncapsulate( 'showlist',
- array($query, $type, $template),
- $errorMessage
- );
- }
-
-}
-
-
-
-// can take either an array of objects, or an SQL query
-function showlist($query, $type, $template) {
-
- if (is_array($query)) {
- if (sizeof($query) == 0)
- return 0;
-
- call_user_func('listplug_' . $type, $template, 'HEAD');
-
- foreach ($query as $currentObj) {
- $template['current'] = $currentObj;
- call_user_func('listplug_' . $type, $template, 'BODY');
- }
-
- call_user_func('listplug_' . $type, $template, 'FOOT');
-
- return sizeof($query);
-
- } else {
- $res = sql_query($query);
-
- // don't do anything if there are no results
- $numrows = mysql_num_rows($res);
- if ($numrows == 0)
- return 0;
-
- call_user_func('listplug_' . $type, $template, 'HEAD');
-
- while($template['current'] = mysql_fetch_object($res))
- call_user_func('listplug_' . $type, $template, 'BODY');
-
- call_user_func('listplug_' . $type, $template, 'FOOT');
-
- mysql_free_result($res);
-
- // return amount of results
- return $numrows;
- }
-}
-
-function listplug_select($template, $type) {
- switch($type) {
- case 'HEAD':
- echo '<select name="'.$template['name'].'" tabindex="'.$template['tabindex'].'" '.$template['javascript'].'>';
-
- // add extra row if needed
- if ($template['extra']) {
- echo '<option value="',$template['extraval'],'">',$template['extra'],'</option>';
- }
-
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '<option value="' . htmlspecialchars($current->value) . '"';
- if ($template['selected'] == $current->value)
- echo ' selected="selected" ';
- if ($template['shorten'] > 0) {
- echo ' title="'. htmlspecialchars($current->text).'"';
- $current->text = shorten($current->text, $template['shorten'], $template['shortenel']);
- }
- echo '>' . htmlspecialchars($current->text) . '</option>';
- break;
- case 'FOOT':
- echo '</select>';
- break;
- }
-}
-
-function listplug_table($template, $type) {
- switch($type) {
- case 'HEAD':
- echo "<table>";
- echo "<thead><tr>";
- // print head
- call_user_func("listplug_table_" . $template['content'] , $template, 'HEAD');
- echo "</tr></thead><tbody>";
- break;
- case 'BODY':
- // print tabletype specific thingies
- echo "<tr onmouseover='focusRow(this);' onmouseout='blurRow(this);'>";
- call_user_func("listplug_table_" . $template['content'] , $template, 'BODY');
- echo "</tr>";
- break;
- case 'FOOT':
- call_user_func("listplug_table_" . $template['content'] , $template, 'FOOT');
- echo "</tbody></table>";
- break;
- }
-}
-
-function listplug_table_memberlist($template, $type) {
- switch($type) {
- case 'HEAD':
- echo '<th>' . _LIST_MEMBER_NAME . '</th><th>' . _LIST_MEMBER_RNAME . '</th><th>' . _LIST_MEMBER_URL . '</th><th>' . _LIST_MEMBER_ADMIN;
- help('superadmin');
- echo "</th><th>" . _LIST_MEMBER_LOGIN;
- help('canlogin');
- echo "</th><th colspan='2'>" . _LISTS_ACTIONS. "</th>";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '<td>';
- $id = listplug_nextBatchId();
- echo '<input type="checkbox" id="batch',$id,'" name="batch[',$id,']" value="',$current->mnumber,'" />';
- echo '<label for="batch',$id,'">';
- echo "<a href='mailto:", htmlspecialchars($current->memail), "' tabindex='".$template['tabindex']."'>", htmlspecialchars($current->mname), "</a>";
- echo '</label>';
- echo '</td>';
- echo '<td>', htmlspecialchars($current->mrealname), '</td>';
- echo "<td><a href='$current->murl' tabindex='".$template['tabindex']."'>$current->murl</a></td>";
- echo '<td>', ($current->madmin ? _YES : _NO),'</td>';
- echo '<td>', ($current->mcanlogin ? _YES : _NO), '</td>';
- echo "<td><a href='index.php?action=memberedit&memberid=$current->mnumber' tabindex='".$template['tabindex']."'>"._LISTS_EDIT."</a></td>";
- echo "<td><a href='index.php?action=memberdelete&memberid=$current->mnumber' tabindex='".$template['tabindex']."'>"._LISTS_DELETE."</a></td>";
- break;
- }
-}
-
-function listplug_table_teamlist($template, $type) {
- global $manager;
- switch($type) {
- case 'HEAD':
- echo "<th>"._LIST_MEMBER_NAME."</th><th>"._LIST_MEMBER_RNAME."</th><th>"._LIST_TEAM_ADMIN;
- help('teamadmin');
- echo "</th><th colspan='2'>"._LISTS_ACTIONS."</th>";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '<td>';
- $id = listplug_nextBatchId();
- echo '<input type="checkbox" id="batch',$id,'" name="batch[',$id,']" value="',$current->tmember,'" />';
- echo '<label for="batch',$id,'">';
- echo "<a href='mailto:", htmlspecialchars($current->memail), "' tabindex='".$template['tabindex']."'>", htmlspecialchars($current->mname), "</a>";
- echo '</label>';
- echo '</td>';
- echo '<td>', htmlspecialchars($current->mrealname), '</td>';
- echo '<td>', ($current->tadmin ? _YES : _NO) , '</td>';
- echo "<td><a href='index.php?action=teamdelete&memberid=$current->tmember&blogid=$current->tblog' tabindex='".$template['tabindex']."'>"._LISTS_DELETE."</a></td>";
-
- $url = 'index.php?action=teamchangeadmin&memberid=' . intval($current->tmember) . '&blogid=' . intval($current->tblog);
- $url = $manager->addTicketToUrl($url);
- echo "<td><a href='",htmlspecialchars($url),"' tabindex='".$template['tabindex']."'>"._LIST_TEAM_CHADMIN."</a></td>";
- break;
- }
-}
-
-function encode_desc(&$data)
- { //_$to_entities = get_html_translation_table(HTML_ENTITIES);
- $to_entities = get_html_translation_table(HTML_SPECIALCHARS);
- $from_entities = array_flip($to_entities);
- $data = str_replace('<br />','\n',$data); //hack
- $data = strtr($data,$from_entities);
- $data = strtr($data,$to_entities);
- $data = str_replace('\n','<br />',$data); //hack
- return $data;
- }
-
-function listplug_table_pluginlist($template, $type) {
- global $manager;
- switch($type) {
- case 'HEAD':
- echo '<th>'._LISTS_INFO.'</th><th>'._LISTS_DESC.'</th>';
- echo '<th style="white-space:nowrap">'._LISTS_ACTIONS.'</th>';
- break;
- case 'BODY':
- $current = $template['current'];
-
- $plug =& $manager->getPlugin($current->pfile);
- if ($plug) {
- echo '<td>';
- echo '<strong>' , htmlspecialchars($plug->getName()) , '</strong><br />';
- echo _LIST_PLUGS_AUTHOR, ' ' , htmlspecialchars($plug->getAuthor()) , '<br />';
- echo _LIST_PLUGS_VER, ' ' , htmlspecialchars($plug->getVersion()) , '<br />';
- if ($plug->getURL())
- echo '<a href="',htmlspecialchars($plug->getURL()),'" tabindex="'.$template['tabindex'].'">',_LIST_PLUGS_SITE,'</a><br />';
- echo '</td>';
- echo '<td>';
- echo _LIST_PLUGS_DESC .'<br/>'. encode_desc($plug->getDescription());
- if (sizeof($plug->getEventList()) > 0) {
- echo '<br /><br />',_LIST_PLUGS_SUBS,'<br />',htmlspecialchars(implode($plug->getEventList(),', '));
- // check the database to see if it is up-to-date and notice the user if not
- }
- if (!$plug->subscribtionListIsUptodate()) {
- echo '<br /><br /><strong>',_LIST_PLUG_SUBS_NEEDUPDATE,'</strong>';
- }
- if (sizeof($plug->getPluginDep()) > 0)
- echo '<br /><br />',_LIST_PLUGS_DEP,'<br />',htmlspecialchars(implode($plug->getPluginDep(),', '));
- echo '</td>';
- } else {
- echo '<td colspan="2">Error: plugin file <b>',htmlspecialchars($current->pfile),'.php</b> could not be loaded, or it has been set inactive because it does not support some features (check the <a href="?action=actionlog">actionlog</a> for more info)</td>';
- }
- echo '<td>';
-
- $baseUrl = 'index.php?plugid=' . intval($current->pid) . '&action=';
- $url = $manager->addTicketToUrl($baseUrl . 'pluginup');
- echo "<a href='",htmlspecialchars($url),"' tabindex='".$template['tabindex']."'>",_LIST_PLUGS_UP,"</a>";
- $url = $manager->addTicketToUrl($baseUrl . 'plugindown');
- echo "<br /><a href='",htmlspecialchars($url),"' tabindex='".$template['tabindex']."'>",_LIST_PLUGS_DOWN,"</a>";
- echo "<br /><a href='index.php?action=plugindelete&plugid=$current->pid' tabindex='".$template['tabindex']."'>",_LIST_PLUGS_UNINSTALL,"</a>";
- if ($plug && ($plug->hasAdminArea() > 0))
- echo "<br /><a href='".htmlspecialchars($plug->getAdminURL())."' tabindex='".$template['tabindex']."'>",_LIST_PLUGS_ADMIN,"</a>";
- if ($plug && ($plug->supportsFeature('HelpPage') > 0))
- echo "<br /><a href='index.php?action=pluginhelp&plugid=$current->pid' tabindex='".$template['tabindex']."'>",_LIST_PLUGS_HELP,"</a>";
- if (quickQuery('SELECT COUNT(*) AS result FROM '.sql_table('plugin_option_desc').' WHERE ocontext=\'global\' and opid='.$current->pid) > 0)
- echo "<br /><a href='index.php?action=pluginoptions&plugid=$current->pid' tabindex='".$template['tabindex']."'>",_LIST_PLUGS_OPTIONS,"</a>";
- echo '</td>';
- break;
- }
-}
-
-function listplug_table_plugoptionlist($template, $type) {
- global $manager;
- switch($type) {
- case 'HEAD':
- echo '<th>'._LISTS_INFO.'</th><th>'._LISTS_VALUE.'</th>';
- break;
- case 'BODY':
- $current = $template['current'];
- listplug_plugOptionRow($current);
- break;
- case 'FOOT':
- ?>
- <tr>
- <th colspan="2"><?php echo _PLUGS_SAVE?></th>
- </tr><tr>
- <td><?php echo _PLUGS_SAVE?></td>
- <td><input type="submit" value="<?php echo _PLUGS_SAVE?>" /></td>
- </tr>
- <?php break;
- }
-}
-
-function listplug_plugOptionRow($current) {
- $varname = 'plugoption['.$current['oid'].']['.$current['contextid'].']';
- // retreive the optionmeta
- $meta = NucleusPlugin::getOptionMeta($current['typeinfo']);
-
- // only if it is not a hidden option write the controls to the page
- if ($meta['access'] != 'hidden') {
- echo '<td>',htmlspecialchars($current['description']?$current['description']:$current['name']),'</td>';
- echo '<td>';
- switch($current['type']) {
- case 'yesno':
- ADMIN::input_yesno($varname, $current['value'], 0, 'yes', 'no');
- break;
- case 'password':
- echo '<input type="password" size="40" maxlength="128" name="',htmlspecialchars($varname),'" value="',htmlspecialchars($current['value']),'" />';
- break;
- case 'select':
- echo '<select name="'.htmlspecialchars($varname).'">';
- $aOptions = NucleusPlugin::getOptionSelectValues($current['typeinfo']);
- $aOptions = explode('|', $aOptions);
- for ($i=0; $i<(count($aOptions)-1); $i+=2) {
- echo '<option value="'.htmlspecialchars($aOptions[$i+1]).'"';
- if ($aOptions[$i+1] == $current['value'])
- echo ' selected="selected"';
- echo '>'.htmlspecialchars($aOptions[$i]).'</option>';
- }
- echo '</select>';
- break;
- case 'textarea':
- //$meta = NucleusPlugin::getOptionMeta($current['typeinfo']);
- echo '<textarea class="pluginoption" cols="30" rows="5" name="',htmlspecialchars($varname),'"';
- if ($meta['access'] == 'readonly') {
- echo ' readonly="readonly"';
- }
- echo '>',htmlspecialchars($current['value']),'</textarea>';
- break;
- case 'text':
- default:
- //$meta = NucleusPlugin::getOptionMeta($current['typeinfo']);
-
- echo '<input type="text" size="40" maxlength="128" name="',htmlspecialchars($varname),'" value="',htmlspecialchars($current['value']),'"';
- if ($meta['datatype'] == 'numerical') {
- echo ' onkeyup="checkNumeric(this)" onblur="checkNumeric(this)"';
- }
- if ($meta['access'] == 'readonly') {
- echo ' readonly="readonly"';
- }
- echo ' />';
- }
- echo $current['extra'];
- echo '</td>';
- }
-}
-
-function listplug_table_itemlist($template, $type) {
- switch($type) {
- case 'HEAD':
- echo "<th>"._LIST_ITEM_INFO."</th><th>"._LIST_ITEM_CONTENT."</th><th style=\"white-space:nowrap\" colspan='1'>"._LISTS_ACTIONS."</th>";
- break;
- case 'BODY':
- $current = $template['current'];
- $current->itime = strtotime($current->itime); // string -> unix timestamp
-
- if ($current->idraft == 1)
- $cssclass = "class='draft'";
-
- // (can't use offset time since offsets might vary between blogs)
- if ($current->itime > $template['now'])
- $cssclass = "class='future'";
-
- echo "<td $cssclass>",_LIST_ITEM_BLOG,' ', htmlspecialchars($current->bshortname);
- echo " <br />",_LIST_ITEM_CAT,' ', htmlspecialchars($current->cname);
- echo " <br />",_LIST_ITEM_AUTHOR, ' ', htmlspecialchars($current->mname);
- echo " <br />",_LIST_ITEM_DATE," " . date("Y-m-d",$current->itime);
- echo "<br />",_LIST_ITEM_TIME," " . date("H:i",$current->itime);
- echo "</td>";
- echo "<td $cssclass>";
-
- $id = listplug_nextBatchId();
-
- echo '<input type="checkbox" id="batch',$id,'" name="batch[',$id,']" value="',$current->inumber,'" />';
- echo '<label for="batch',$id,'">';
- echo "<b>" . htmlspecialchars(strip_tags($current->ititle)) . "</b>";
- echo '</label>';
- echo "<br />";
-
-
- $current->ibody = strip_tags($current->ibody);
- $current->ibody = htmlspecialchars(shorten($current->ibody,300,'...'));
-
- echo "$current->ibody</td>";
- echo "<td style=\"white-space:nowrap\" $cssclass>";
- echo "<a href='index.php?action=itemedit&itemid=$current->inumber'>"._LISTS_EDIT."</a>";
- echo "<br /><a href='index.php?action=itemcommentlist&itemid=$current->inumber'>"._LISTS_COMMENTS."</a>";
- echo "<br /><a href='index.php?action=itemmove&itemid=$current->inumber'>"._LISTS_MOVE."</a>";
- echo "<br /><a href='index.php?action=itemdelete&itemid=$current->inumber'>"._LISTS_DELETE."</a>";
- echo "</td>";
- break;
- }
-}
-
-// for batch operations: generates the index numbers for checkboxes
-function listplug_nextBatchId() {
- static $id = 0;
- return $id++;
-}
-
-function listplug_table_commentlist($template, $type) {
- switch($type) {
- case 'HEAD':
- echo "<th>"._LISTS_INFO."</th><th>"._LIST_COMMENT."</th><th colspan='3'>"._LISTS_ACTIONS."</th>";
- break;
- case 'BODY':
- $current = $template['current'];
- $current->ctime = strtotime($current->ctime); // string -> unix timestamp
-
- echo '<td>';
- echo date("Y-m-d@H:i",$current->ctime);
- echo '<br />';
- if ($current->mname)
- echo htmlspecialchars($current->mname) ,' ', _LIST_COMMENTS_MEMBER;
- else
- echo htmlspecialchars($current->cuser);
- echo '</td>';
-
-
- $current->cbody = strip_tags($current->cbody);
- $current->cbody = htmlspecialchars(shorten($current->cbody, 300, '...'));
-
- echo '<td>';
- $id = listplug_nextBatchId();
- echo '<input type="checkbox" id="batch',$id,'" name="batch[',$id,']" value="',$current->cnumber,'" />';
- echo '<label for="batch',$id,'">';
- echo $current->cbody;
- echo '</label>';
- echo '</td>';
-
- echo "<td style=\"white-space:nowrap\"><a href='index.php?action=commentedit&commentid=$current->cnumber'>"._LISTS_EDIT."</a></td>";
- echo "<td style=\"white-space:nowrap\"><a href='index.php?action=commentdelete&commentid=$current->cnumber'>"._LISTS_DELETE."</a></td>";
- if ($template['canAddBan'])
- echo "<td style=\"white-space:nowrap\"><a href='index.php?action=banlistnewfromitem&itemid=$current->citem&ip=", htmlspecialchars($current->cip), "' title='", htmlspecialchars($current->chost), "'>"._LIST_COMMENT_BANIP."</a></td>";
- break;
- }
-}
-
-
-function listplug_table_bloglist($template, $type) {
- switch($type) {
- case 'HEAD':
- echo "<th>" . _NAME . "</th><th colspan='7'>" ._LISTS_ACTIONS. "</th>";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo "<td title='blogid:$current->bnumber shortname:$current->bshortname'><a href='$current->burl'><img src='images/globe.gif' width='13' height='13' alt='". _BLOGLIST_TT_VISIT."' /></a> " . htmlspecialchars($current->bname) . "</td>";
- echo "<td><a href='index.php?action=createitem&blogid=$current->bnumber' title='" . _BLOGLIST_TT_ADD ."'>" . _BLOGLIST_ADD . "</a></td>";
- echo "<td><a href='index.php?action=itemlist&blogid=$current->bnumber' title='". _BLOGLIST_TT_EDIT."'>". _BLOGLIST_EDIT."</a></td>";
- echo "<td><a href='index.php?action=blogcommentlist&blogid=$current->bnumber' title='". _BLOGLIST_TT_COMMENTS."'>". _BLOGLIST_COMMENTS."</a></td>";
- echo "<td><a href='index.php?action=bookmarklet&blogid=$current->bnumber' title='". _BLOGLIST_TT_BMLET."'>". _BLOGLIST_BMLET . "</a></td>";
-
- if ($current->tadmin == 1) {
- echo "<td><a href='index.php?action=blogsettings&blogid=$current->bnumber' title='" . _BLOGLIST_TT_SETTINGS . "'>" ._BLOGLIST_SETTINGS. "</a></td>";
- echo "<td><a href='index.php?action=banlist&blogid=$current->bnumber' title='" . _BLOGLIST_TT_BANS. "'>". _BLOGLIST_BANS."</a></td>";
- }
-
- if ($template['superadmin']) {
- echo "<td><a href='index.php?action=deleteblog&blogid=$current->bnumber' title='". _BLOGLIST_TT_DELETE."'>" ._BLOGLIST_DELETE. "</a></td>";
- }
-
-
-
- break;
- }
-}
-
-function listplug_table_shortblognames($template, $type) {
- switch($type) {
- case 'HEAD':
- echo "<th>" . _NAME . "</th><th>" . _NAME. "</th>";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '<td>' , htmlspecialchars($current->bshortname) , '</td>';
- echo '<td>' , htmlspecialchars($current->bname) , '</td>';
-
- break;
- }
-}
-
-function listplug_table_shortnames($template, $type) {
- switch($type) {
- case 'HEAD':
- echo "<th>" . _NAME . "</th><th>" . _LISTS_DESC. "</th>";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '<td>' , htmlspecialchars($current->name) , '</td>';
- echo '<td>' , htmlspecialchars($current->description) , '</td>';
-
- break;
- }
-}
-
-
-function listplug_table_categorylist($template, $type) {
- switch($type) {
- case 'HEAD':
- echo "<th>"._LISTS_NAME."</th><th>"._LISTS_DESC."</th><th colspan='2'>"._LISTS_ACTIONS."</th>";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '<td>';
- $id = listplug_nextBatchId();
- echo '<input type="checkbox" id="batch',$id,'" name="batch[',$id,']" value="',$current->catid,'" />';
- echo '<label for="batch',$id,'">';
- echo htmlspecialchars($current->cname);
- echo '</label>';
- echo '</td>';
-
- echo '<td>', htmlspecialchars($current->cdesc), '</td>';
- echo "<td><a href='index.php?action=categorydelete&blogid=$current->cblog&catid=$current->catid' tabindex='".$template['tabindex']."'>"._LISTS_DELETE."</a></td>";
- echo "<td><a href='index.php?action=categoryedit&blogid=$current->cblog&catid=$current->catid' tabindex='".$template['tabindex']."'>"._LISTS_EDIT."</a></td>";
-
- break;
- }
-}
-
-
-function listplug_table_templatelist($template, $type) {
- global $manager;
- switch($type) {
- case 'HEAD':
- echo "<th>"._LISTS_NAME."</th><th>"._LISTS_DESC."</th><th colspan='3'>"._LISTS_ACTIONS."</th>";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo "<td>" , htmlspecialchars($current->tdname), "</td>";
- echo "<td>" , htmlspecialchars($current->tddesc), "</td>";
- echo "<td style=\"white-space:nowrap\"><a href='index.php?action=templateedit&templateid=$current->tdnumber' tabindex='".$template['tabindex']."'>"._LISTS_EDIT."</a></td>";
-
- $url = $manager->addTicketToUrl('index.php?action=templateclone&templateid=' . intval($current->tdnumber));
- echo "<td style=\"white-space:nowrap\"><a href='",htmlspecialchars($url),"' tabindex='".$template['tabindex']."'>"._LISTS_CLONE."</a></td>";
- echo "<td style=\"white-space:nowrap\"><a href='index.php?action=templatedelete&templateid=$current->tdnumber' tabindex='".$template['tabindex']."'>"._LISTS_DELETE."</a></td>";
-
- break;
- }
-}
-
-function listplug_table_skinlist($template, $type) {
- global $CONF, $DIR_SKINS, $manager;
- switch($type) {
- case 'HEAD':
- echo "<th>"._LISTS_NAME."</th><th>"._LISTS_DESC."</th><th colspan='3'>"._LISTS_ACTIONS."</th>";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '<td>';
-
- // use a special style for the default skin
- if ($current->sdnumber == $CONF['BaseSkin']) {
- echo '<strong>',htmlspecialchars($current->sdname),'</strong>';
- } else {
- echo htmlspecialchars($current->sdname);
- }
-
- echo '<br /><br />';
- echo _LISTS_TYPE ,': ' , htmlspecialchars($current->sdtype);
- echo '<br />', _LIST_SKINS_INCMODE , ' ' , (($current->sdincmode=='skindir') ?_PARSER_INCMODE_SKINDIR:_PARSER_INCMODE_NORMAL);
- if ($current->sdincpref) echo '<br />' , _LIST_SKINS_INCPREFIX , ' ', htmlspecialchars($current->sdincpref);
-
- // add preview image when present
- if ($current->sdincpref && @file_exists($DIR_SKINS . $current->sdincpref . 'preview.png'))
- {
- echo '<br /><br />';
-
- $hasEnlargement = @file_exists($DIR_SKINS . $current->sdincpref . 'preview-large.png');
- if ($hasEnlargement)
- echo '<a href="',$CONF['SkinsURL'], htmlspecialchars($current->sdincpref),'preview-large.png" title="View larger">';
-
- echo '<img class="skinpreview" src="',$CONF['SkinsURL'], htmlspecialchars($current->sdincpref),'preview.png" width="100" height="75" alt="Preview for \'',htmlspecialchars($current->sdname),'\' skin" />';
-
- if ($hasEnlargement)
- echo '</a>';
-
- if (@file_exists($DIR_SKINS . $current->sdincpref . 'readme.html'))
- {
- echo '<br /><a href="',$CONF['SkinsURL'], htmlspecialchars($current->sdincpref),'readme.html" title="More info on the \'',htmlspecialchars($current->sdname),'\' skin">Readme</a>';
- }
-
-
- }
-
- echo "</td>";
-
-
- echo "<td>" , htmlspecialchars($current->sddesc);
- // show list of defined parts
- $r = sql_query('SELECT stype FROM '.sql_table('skin').' WHERE sdesc='.$current->sdnumber . ' ORDER BY stype');
- $types = array();
- while ($o = mysql_fetch_object($r))
- array_push($types,$o->stype);
- if (sizeof($types) > 0) {
- $friendlyNames = SKIN::getFriendlyNames();
- for ($i=0;$i<sizeof($types);$i++) {
- $type = $types[$i];
- $types[$i] = '<li>' . helpHtml('skinpart'.$type) . ' <a href="index.php?action=skinedittype&skinid='.$current->sdnumber.'&type='.$type.'" tabindex="'.$template['tabindex'].'">' . htmlspecialchars($friendlyNames[$type]) . "</a></li>";
- }
- echo '<br /><br />',_LIST_SKINS_DEFINED,' <ul>',implode($types,'') ,'</ul>';
- }
- echo "</td>";
- echo "<td style=\"white-space:nowrap\"><a href='index.php?action=skinedit&skinid=$current->sdnumber' tabindex='".$template['tabindex']."'>"._LISTS_EDIT."</a></td>";
-
- $url = $manager->addTicketToUrl('index.php?action=skinclone&skinid=' . intval($current->sdnumber));
- echo "<td style=\"white-space:nowrap\"><a href='",htmlspecialchars($url),"' tabindex='".$template['tabindex']."'>"._LISTS_CLONE."</a></td>";
- echo "<td style=\"white-space:nowrap\"><a href='index.php?action=skindelete&skinid=$current->sdnumber' tabindex='".$template['tabindex']."'>"._LISTS_DELETE."</a></td>";
-
- break;
- }
-}
-
-function listplug_table_draftlist($template, $type) {
- switch($type) {
- case 'HEAD':
- echo "<th>"._LISTS_BLOG."</th><th>"._LISTS_TITLE."</th><th colspan='2'>"._LISTS_ACTIONS."</th>";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '<td>', htmlspecialchars($current->bshortname) , '</td>';
- echo '<td>', htmlspecialchars(strip_tags($current->ititle)) , '</td>';
- echo "<td><a href='index.php?action=itemedit&itemid=$current->inumber'>"._LISTS_EDIT."</a></td>";
- echo "<td><a href='index.php?action=itemdelete&itemid=$current->inumber'>"._LISTS_DELETE."</a></td>";
-
- break;
- }
-}
-
-
-function listplug_table_actionlist($template, $type) {
- switch($type) {
- case 'HEAD':
- echo '<th>'._LISTS_TIME.'</th><th>'._LIST_ACTION_MSG.'</th>';
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '<td>' , htmlspecialchars($current->timestamp), '</td>';
- echo '<td>' , htmlspecialchars($current->message), '</td>';
-
- break;
- }
-}
-
-function listplug_table_banlist($template, $type) {
- switch($type) {
- case 'HEAD':
- echo '<th>'._LIST_BAN_IPRANGE.'</th><th>'. _LIST_BAN_REASON.'</th><th>'._LISTS_ACTIONS.'</th>';
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '<td>' , htmlspecialchars($current->iprange) , '</td>';
- echo '<td>' , htmlspecialchars($current->reason) , '</td>';
- echo "<td><a href='index.php?action=banlistdelete&blogid=", intval($current->blogid) , "&iprange=" , htmlspecialchars($current->iprange) , "'>",_LISTS_DELETE,"</a></td>";
- break;
- }
-}
-
-/**
- * Returns the Javascript code for a bookmarklet that works on most modern browsers
- *
- * @param blogid
- */
-function getBookmarklet($blogid) {
- global $CONF;
-
- // normal
- $document = 'document';
- $bookmarkletline = "javascript:Q='';x=".$document.";y=window;if(x.selection){Q=x.selection.createRange().text;}else if(y.getSelection){Q=y.getSelection();}else if(x.getSelection){Q=x.getSelection();}wingm=window.open('";
- $bookmarkletline .= $CONF['AdminURL'] . "bookmarklet.php?blogid=$blogid";
- $bookmarkletline .="&logtext='+escape(Q)+'&loglink='+escape(x.location.href)+'&loglinktitle='+escape(x.title),'nucleusbm','scrollbars=yes,width=600,height=500,left=10,top=10,status=yes,resizable=yes');wingm.focus();";
-
- return $bookmarkletline;
-}
-
-
?>