X-Git-Url: http://git.sourceforge.jp/view?p=nucleus-jp%2Fnucleus-jp-ancient.git;a=blobdiff_plain;f=utf8%2Fnucleus%2Flibs%2FADMIN.php;h=682ce2aede6e1ff32c06c5178992faa920aa3050;hp=dbeef1a02b16bb8b92d69763a3279cc7d9ace2b7;hb=b5f3f1bf515d9979f70fd0043dc562d6c6ca3a4b;hpb=4b16861085a5a9bc281f4782b9e1547f5ad15e2d diff --git a/utf8/nucleus/libs/ADMIN.php b/utf8/nucleus/libs/ADMIN.php index dbeef1a..682ce2a 100755 --- a/utf8/nucleus/libs/ADMIN.php +++ b/utf8/nucleus/libs/ADMIN.php @@ -1,78 +1,165 @@ action_xxxx method) + /** + * @var string $action action currently being executed ($action=xxxx -> action_xxxx method) + */ var $action; + /** + * Class constructor + */ function ADMIN() { } - + /** - * Executes an action - * - * @param $action - * action to be performed - */ + * Executes an action + * + * @param string $action action to be performed + */ function action($action) { + global $CONF, $manager; + // list of action aliases $alias = array( 'login' => 'overview', '' => 'overview' ); - if ($alias[$action]) + if (isset($alias[$action])) $action = $alias[$action]; $methodName = 'action_' . $action; - - $this->action = $action; + + $this->action = strtolower($action); + + // check ticket. All actions need a ticket, unless they are considered to be safe (a safe action + // is an action that requires user interaction before something is actually done) + // all safe actions are in this array: + $aActionsNotToCheck = array( + 'showlogin', + 'login', + 'overview', + 'itemlist', + 'blogcommentlist', + 'bookmarklet', + 'blogsettings', + 'banlist', + 'deleteblog', + 'editmembersettings', + 'browseownitems', + 'browseowncomments', + 'createitem', + 'itemedit', + 'itemmove', + 'categoryedit', + 'categorydelete', + 'manage', + 'actionlog', + 'settingsedit', + 'backupoverview', + 'pluginlist', + 'createnewlog', + 'usermanagement', + 'skinoverview', + 'templateoverview', + 'skinieoverview', + 'itemcommentlist', + 'commentedit', + 'commentdelete', + 'banlistnewfromitem', + 'banlistdelete', + 'itemdelete', + 'manageteam', + 'teamdelete', + 'banlistnew', + 'memberedit', + 'memberdelete', + 'pluginhelp', + 'pluginoptions', + 'plugindelete', + 'skinedittype', + 'skinremovetype', + 'skindelete', + 'skinedit', + 'templateedit', + 'templatedelete', + 'activate', + 'systemoverview' + ); +/* + // the rest of the actions needs to be checked + $aActionsToCheck = array('additem', 'itemupdate', 'itemmoveto', 'categoryupdate', 'categorydeleteconfirm', 'itemdeleteconfirm', 'commentdeleteconfirm', 'teamdeleteconfirm', 'memberdeleteconfirm', 'templatedeleteconfirm', 'skindeleteconfirm', 'banlistdeleteconfirm', 'plugindeleteconfirm', 'batchitem', 'batchcomment', 'batchmember', 'batchcategory', 'batchteam', 'regfile', 'commentupdate', 'banlistadd', 'changemembersettings', 'clearactionlog', 'settingsupdate', 'blogsettingsupdate', 'categorynew', 'teamchangeadmin', 'teamaddmember', 'memberadd', 'addnewlog', 'addnewlog2', 'backupcreate', 'backuprestore', 'pluginup', 'plugindown', 'pluginupdate', 'pluginadd', 'pluginoptionsupdate', 'skinupdate', 'skinclone', 'skineditgeneral', 'templateclone', 'templatenew', 'templateupdate', 'skinieimport', 'skinieexport', 'skiniedoimport', 'skinnew', 'deleteblogconfirm', 'sendping', 'rawping', 'activatesetpwd'); +*/ + if (!in_array($this->action, $aActionsNotToCheck)) + { + if (!$manager->checkTicket()) + $this->error(_ERROR_BADTICKET); + } if (method_exists($this, $methodName)) call_user_func(array(&$this, $methodName)); else - $this->error(_BADACTION . " ($action)"); - - } + $this->error(_BADACTION . htmlspecialchars(" ($action)")); + } + /** + * @todo document this + */ function action_showlogin() { global $error; $this->action_login($error); } + /** + * @todo document this + */ function action_login($msg = '', $passvars = 1) { global $member; - + // skip to overview when allowed if ($member->isLoggedIn() && $member->canLogin()) { $this->action_overview(); exit; } - + $this->pagehead(); - + echo '

', _LOGIN ,'

'; if ($msg) echo _MESSAGE , ': ', htmlspecialchars($msg); ?> - +

- :
+

- :
+


@@ -83,13 +170,13 @@ class ADMIN {

pagefoot(); @@ -97,56 +184,57 @@ class ADMIN { /** - * provides a screen with the overview of the actions available - */ + * provides a screen with the overview of the actions available + * @todo document parameter + */ function action_overview($msg = '') { global $member; - + $this->pagehead(); - + if ($msg) echo _MESSAGE , ': ', $msg; - + /* ---- add items ---- */ echo '

' . _OVERVIEW_YRBLOGS . '

'; - + $showAll = requestVar('showall'); - + if (($member->isAdmin()) && ($showAll == 'yes')) { // Super-Admins have access to all blogs! (no add item support though) $query = 'SELECT bnumber, bname, 1 as tadmin, burl, bshortname' - . ' FROM ' . sql_table('blog') - . ' ORDER BY bname'; + . ' FROM ' . sql_table('blog') + . ' ORDER BY bname'; } else { $query = 'SELECT bnumber, bname, tadmin, burl, bshortname' - . ' FROM ' . sql_table('blog') . ', ' . sql_table('team') - . ' WHERE tblog=bnumber and tmember=' . $member->getID() - . ' ORDER BY bname'; + . ' FROM ' . sql_table('blog') . ', ' . sql_table('team') + . ' WHERE tblog=bnumber and tmember=' . $member->getID() + . ' ORDER BY bname'; } $template['content'] = 'bloglist'; $template['superadmin'] = $member->isAdmin(); $amount = showlist($query,'table',$template); - + if (($showAll != 'yes') && ($member->isAdmin())) { $total = quickQuery('SELECT COUNT(*) as result FROM ' . sql_table('blog')); - if ($total > $amount) - echo '

Show all blogs

'; + if ($total > $amount) + echo '

' . _OVERVIEW_SHOWALL . '

'; } if ($amount == 0) echo _OVERVIEW_NOBLOGS; - + if ($amount != 0) { echo '

' . _OVERVIEW_YRDRAFTS . '

'; $query = 'SELECT ititle, inumber, bshortname' . ' FROM ' . sql_table('item'). ', ' . sql_table('blog') - . ' WHERE iauthor='.$member->getID().' and iblog=bnumber and idraft=1'; + . ' WHERE iauthor='.$member->getID().' and iblog=bnumber and idraft=1'; $template['content'] = 'draftlist'; $amountdrafts = showlist($query, 'table', $template); - if ($amountdrafts == 0) + if ($amountdrafts == 0) echo _OVERVIEW_NODRAFTS; } - + /* ---- user settings ---- */ echo '

' . _OVERVIEW_YRSETTINGS . '

'; echo ''; - + /* ---- general settings ---- */ if ($member->isAdmin()) { echo '

' . _OVERVIEW_MANAGEMENT. '

'; @@ -162,144 +250,158 @@ class ADMIN { echo '
  • ',_OVERVIEW_MANAGE,'
    • '; echo ''; } - - + + $this->pagefoot(); } - - // returns a link to a weblog (takes BLOG object as parameter) + + /** + * Returns a link to a weblog + * @param object BLOG + */ function bloglink(&$blog) { - return ''.$blog->getName() .''; + return ''. htmlspecialchars( $blog->getName() ) .''; } - + + /** + * @todo document this + */ function action_manage($msg = '') { global $member; - + $member->isAdmin() or $this->disallow(); - + $this->pagehead(); - + echo '

    (',_BACKHOME,')

    '; - + if ($msg) echo '

    ' , _MESSAGE , ': ', $msg , '

    '; echo '

    ' . _MANAGE_GENERAL. '

    '; - + echo ''; - + echo '

    ' . _MANAGE_SKINS . '

    '; echo ''; - - echo '

    ' . _MANAGE_EXTRA . '

    '; + + echo '

    ' . _MANAGE_EXTRA . '

    '; echo ''; - - $this->pagefoot(); + echo '
  • '._OVERVIEW_BACKUP.'
    • '; + echo '
  • '._OVERVIEW_PLUGINS.'
    • '; + echo ''; + + $this->pagefoot(); } - + + /** + * @todo document this + */ function action_itemlist($blogid = '') { - global $member, $manager; - + global $member, $manager, $CONF; + if ($blogid == '') $blogid = intRequestVar('blogid'); - - $member->teamRights($blogid) or $member->isAdmin() or $this->disallow(); - + + $member->teamRights($blogid) or $member->isAdmin() or $this->disallow(); + $this->pagehead(); $blog =& $manager->getBlog($blogid); - - echo '

    (',_BACKHOME,')

    '; + + echo '

    (',_BACKHOME,')

    '; echo '

    ' . _ITEMLIST_BLOG . ' ' . $this->bloglink($blog) . '

    '; - + // start index if (postVar('start')) $start = intPostVar('start'); else - $start = 0; - + $start = 0; + if ($start == 0) - echo '

    ',_ITEMLIST_ADDNEW,'

    '; - + echo '

    ',_ITEMLIST_ADDNEW,'

    '; + // amount of items to show if (postVar('amount')) $amount = intPostVar('amount'); - else - $amount = 10; - + else { + $amount = intval($CONF['DefaultListSize']); + if ($amount < 1) + $amount = 10; + } + $search = postVar('search'); // search through items - + $query = 'SELECT bshortname, cname, mname, ititle, ibody, inumber, idraft, itime' - . ' FROM ' . sql_table('item') . ', ' . sql_table('blog') . ', ' . sql_table('member') . ', ' . sql_table('category') - . ' WHERE iblog=bnumber and iauthor=mnumber and icat=catid and iblog=' . $blogid; - - if ($search) - $query .= ' and ((ititle LIKE "%' . addslashes($search) . '%") or (ibody LIKE "%' . addslashes($search) . '%") or (imore LIKE "%' . addslashes($search) . '%"))'; - + . ' FROM ' . sql_table('item') . ', ' . sql_table('blog') . ', ' . sql_table('member') . ', ' . sql_table('category') + . ' WHERE iblog=bnumber and iauthor=mnumber and icat=catid and iblog=' . $blogid; + + if ($search) + $query .= ' and ((ititle LIKE "%' . addslashes($search) . '%") or (ibody LIKE "%' . addslashes($search) . '%") or (imore LIKE "%' . addslashes($search) . '%"))'; + // non-blog-admins can only edit/delete their own items - if (!$member->blogAdminRights($blogid)) + if (!$member->blogAdminRights($blogid)) $query .= ' and iauthor=' . $member->getID(); - + $query .= ' ORDER BY itime DESC' - . " LIMIT $start,$amount"; - + . " LIMIT $start,$amount"; + $template['content'] = 'itemlist'; $template['now'] = $blog->getCorrectTime(time()); - - $navList = new NAVLIST('itemlist', $start, $amount, 0, 1000, $blogid, $search, 0); + $manager->loadClass("ENCAPSULATE"); + $navList =& new NAVLIST('itemlist', $start, $amount, 0, 1000, $blogid, $search, 0); $navList->showBatchList('item',$query,'table',$template); - + $this->pagefoot(); } - - + + /** + * @todo document this + */ function action_batchitem() { global $member, $manager; - + // check if logged in $member->isLoggedIn() or $this->disallow(); - - // more precise check will be done for each performed operation - + + // more precise check will be done for each performed operation + // get array of itemids from request $selected = requestIntArray('batch'); $action = requestVar('batchaction'); - + // Show error when no items were selected if (!is_array($selected) || sizeof($selected) == 0) $this->error(_BATCH_NOSELECTION); - + // On move: when no destination blog/category chosen, show choice now $destCatid = intRequestVar('destcatid'); - if (($action == 'move') && (!$manager->existsCategory($destCatid))) + if (($action == 'move') && (!$manager->existsCategory($destCatid))) $this->batchMoveSelectDestination('item',$selected); - + // On delete: check if confirmation has been given - if (($action == 'delete') && (requestVar('confirmation') != 'yes')) + if (($action == 'delete') && (requestVar('confirmation') != 'yes')) $this->batchAskDeleteConfirmation('item',$selected); $this->pagehead(); - - echo '(',_BACKHOME,')'; + + echo '(',_BACKHOME,')'; echo '

    ',_BATCH_ITEMS,'

    '; echo '

    ',_BATCH_EXECUTING,' ',htmlspecialchars($action),'

    '; echo ''; echo '',_BATCH_DONE,''; - + $this->pagefoot(); - + } - + + /** + * @todo document this + */ function action_batchcomment() { global $member; - + // check if logged in $member->isLoggedIn() or $this->disallow(); - - // more precise check will be done for each performed operation - + + // more precise check will be done for each performed operation + // get array of itemids from request $selected = requestIntArray('batch'); $action = requestVar('batchaction'); - + // Show error when no items were selected if (!is_array($selected) || sizeof($selected) == 0) $this->error(_BATCH_NOSELECTION); - + // On delete: check if confirmation has been given - if (($action == 'delete') && (requestVar('confirmation') != 'yes')) + if (($action == 'delete') && (requestVar('confirmation') != 'yes')) $this->batchAskDeleteConfirmation('comment',$selected); $this->pagehead(); - - echo '(',_BACKHOME,')'; + + echo '(',_BACKHOME,')'; echo '

    ',_BATCH_COMMENTS,'

    '; echo '

    ',_BATCH_EXECUTING,' ',htmlspecialchars($action),'

    '; echo ''; echo '',_BATCH_DONE,''; - + $this->pagefoot(); - + } + /** + * @todo document this + */ function action_batchmember() { global $member; - + // check if logged in and admin ($member->isLoggedIn() && $member->isAdmin()) or $this->disallow(); - + // get array of itemids from request $selected = requestIntArray('batch'); $action = requestVar('batchaction'); - + // Show error when no members selected if (!is_array($selected) || sizeof($selected) == 0) $this->error(_BATCH_NOSELECTION); - + // On delete: check if confirmation has been given - if (($action == 'delete') && (requestVar('confirmation') != 'yes')) + if (($action == 'delete') && (requestVar('confirmation') != 'yes')) $this->batchAskDeleteConfirmation('member',$selected); $this->pagehead(); - - echo '(',_MEMBERS_BACKTOOVERVIEW,')'; + + echo '(',_MEMBERS_BACKTOOVERVIEW,')'; echo '

    ',_BATCH_MEMBERS,'

    '; echo '

    ',_BATCH_EXECUTING,' ',htmlspecialchars($action),'

    '; echo ''; echo '',_BATCH_DONE,''; - + $this->pagefoot(); - - } - + } + + /** + * @todo document this + */ function action_batchteam() { global $member; - + $blogid = intRequestVar('blogid'); - + // check if logged in and admin ($member->isLoggedIn() && $member->blogAdminRights($blogid)) or $this->disallow(); - + // get array of itemids from request $selected = requestIntArray('batch'); $action = requestVar('batchaction'); - + // Show error when no members selected if (!is_array($selected) || sizeof($selected) == 0) $this->error(_BATCH_NOSELECTION); - + // On delete: check if confirmation has been given - if (($action == 'delete') && (requestVar('confirmation') != 'yes')) + if (($action == 'delete') && (requestVar('confirmation') != 'yes')) $this->batchAskDeleteConfirmation('team',$selected); $this->pagehead(); - + echo '

    (',_BACK,')

    '; echo '

    ',_BATCH_TEAM,'

    '; echo '

    ',_BATCH_EXECUTING,' ',htmlspecialchars($action),'

    '; echo ''; echo '',_BATCH_DONE,''; - + $this->pagefoot(); - - } + } - + /** + * @todo document this + */ function action_batchcategory() { global $member, $manager; - + // check if logged in $member->isLoggedIn() or $this->disallow(); - - // more precise check will be done for each performed operation - + + // more precise check will be done for each performed operation + // get array of itemids from request $selected = requestIntArray('batch'); $action = requestVar('batchaction'); - + // Show error when no items were selected if (!is_array($selected) || sizeof($selected) == 0) $this->error(_BATCH_NOSELECTION); - + // On move: when no destination blog chosen, show choice now $destBlogId = intRequestVar('destblogid'); - if (($action == 'move') && (!$manager->existsBlogID($destBlogId))) + if (($action == 'move') && (!$manager->existsBlogID($destBlogId))) $this->batchMoveCategorySelectDestination('category',$selected); - + // On delete: check if confirmation has been given - if (($action == 'delete') && (requestVar('confirmation') != 'yes')) + if (($action == 'delete') && (requestVar('confirmation') != 'yes')) $this->batchAskDeleteConfirmation('category',$selected); $this->pagehead(); - - echo '(',_BACKHOME,')'; + + echo '(',_BACKHOME,')'; echo '

    ',BATCH_CATEGORIES,'

    '; echo '

    ',_BATCH_EXECUTING,' ',htmlspecialchars($action),'

    '; echo ''; echo '',_BATCH_DONE,''; - + $this->pagefoot(); - + } - + + /** + * @todo document this + */ function batchMoveSelectDestination($type, $ids) { + global $manager; $this->pagehead(); ?>

    @@ -585,25 +700,32 @@ class ADMIN { - addTicketHidden(); + + // insert selected item numbers $idx = 0; foreach ($ids as $id) echo ''; - + // show blog/category selection list $this->selectBlogCategory('destcatid'); - + ?> - - + + pagefoot(); exit; } - + + /** + * @todo document this + */ function batchMoveCategorySelectDestination($type, $ids) { + global $manager; $this->pagehead(); ?>

    @@ -611,94 +733,106 @@ class ADMIN { - addTicketHidden(); + + // insert selected item numbers $idx = 0; foreach ($ids as $id) echo ''; - + // show blog/category selection list $this->selectBlog('destblogid'); - + ?> - - + + pagefoot(); exit; } - + + /** + * @todo document this + */ function batchAskDeleteConfirmation($type, $ids) { + global $manager; + $this->pagehead(); ?>

    + addTicketHidden() ?> - + '; - + // add hidden vars for team & comment - if ($type == 'team') + if ($type == 'team') { echo ''; } - if ($type == 'comment') + if ($type == 'comment') { echo ''; } - + ?> - +
    pagefoot(); exit; } - - + + /** - * Inserts a HTML select element with choices for all categories to which the current - * member has access - */ + * Inserts a HTML select element with choices for all categories to which the current + * member has access + * @see function selectBlog + */ function selectBlogCategory($name, $selected = 0, $tabindex = 0, $showNewCat = 0, $iForcedBlogInclude = -1) { ADMIN::selectBlog($name, 'category', $selected, $tabindex, $showNewCat, $iForcedBlogInclude); } - + /** - * Inserts a HTML select element with choices for all blogs to which the user has access - * mode = 'blog' => shows blognames and values are blogids - * mode = 'category' => show category names and values are catids - * - * @param $iForcedBlogInclude - * ID of a blog that always needs to be included, without checking if the member is on the blog team (-1 = none) - */ + * Inserts a HTML select element with choices for all blogs to which the user has access + * mode = 'blog' => shows blognames and values are blogids + * mode = 'category' => show category names and values are catids + * + * @param $iForcedBlogInclude + * ID of a blog that always needs to be included, without checking if the + * member is on the blog team (-1 = none) + * @todo document parameters + */ function selectBlog($name, $mode='blog', $selected = 0, $tabindex = 0, $showNewCat = 0, $iForcedBlogInclude = -1) { global $member, $CONF; - + // 0. get IDs of blogs to which member can post items (+ forced blog) $aBlogIds = array(); if ($iForcedBlogInclude != -1) $aBlogIds[] = intval($iForcedBlogInclude); - if (($member->isAdmin()) && ($CONF['ShowAllBlogs'])) + if (($member->isAdmin()) && ($CONF['ShowAllBlogs'])) $queryBlogs = 'SELECT bnumber FROM '.sql_table('blog').' ORDER BY bname'; else - $queryBlogs = 'SELECT bnumber FROM '.sql_table('blog').', '.sql_table('team').' WHERE tblog=bnumber and tmember=' . $member->getID(); + $queryBlogs = 'SELECT bnumber FROM '.sql_table('blog').', '.sql_table('team').' WHERE tblog=bnumber and tmember=' . $member->getID(); $rblogids = sql_query($queryBlogs); - while ($o = mysql_fetch_object($rblogids)) + while ($o = sql_fetch_object($rblogids)) if ($o->bnumber != $iForcedBlogInclude) $aBlogIds[] = intval($o->bnumber); - + if (count($aBlogIds) == 0) return; - + echo ''; - + } - + + /** + * @todo document this + */ function action_browseownitems() { - global $member; - + global $member, $manager, $CONF; + $this->pagehead(); - - echo '

    (',_BACKHOME,')

    '; + + echo '

    (',_BACKHOME,')

    '; echo '

    ' . _ITEMLIST_YOUR. '

    '; - + // start index if (postVar('start')) - $start = postVar('start'); + $start = intPostVar('start'); else - $start = 0; - + $start = 0; + // amount of items to show if (postVar('amount')) - $amount = postVar('amount'); - else - $amount = 10; - + $amount = intPostVar('amount'); + else { + $amount = intval($CONF['DefaultListSize']); + if ($amount < 1) + $amount = 10; + } + $search = postVar('search'); // search through items - + $query = 'SELECT bshortname, cname, mname, ititle, ibody, idraft, inumber, itime' - . ' FROM '.sql_table('item').', '.sql_table('blog') . ', '.sql_table('member') . ', '.sql_table('category') - . ' WHERE iauthor='. $member->getID() .' and iauthor=mnumber and iblog=bnumber and icat=catid'; - - if ($search) + . ' FROM '.sql_table('item').', '.sql_table('blog') . ', '.sql_table('member') . ', '.sql_table('category') + . ' WHERE iauthor='. $member->getID() .' and iauthor=mnumber and iblog=bnumber and icat=catid'; + + if ($search) $query .= ' and ((ititle LIKE "%' . addslashes($search) . '%") or (ibody LIKE "%' . addslashes($search) . '%") or (imore LIKE "%' . addslashes($search) . '%"))'; - + $query .= ' ORDER BY itime DESC' - . " LIMIT $start,$amount"; - + . " LIMIT $start,$amount"; + $template['content'] = 'itemlist'; $template['now'] = time(); - $navList = new NAVLIST('browseownitems', $start, $amount, 0, 1000, $blogid, $search, 0); + $manager->loadClass("ENCAPSULATE"); + $navList =& new NAVLIST('browseownitems', $start, $amount, 0, 1000, /*$blogid*/ 0, $search, 0); $navList->showBatchList('item',$query,'table',$template); - $this->pagefoot(); - + $this->pagefoot(); + } - + /** - * Show all the comments for a given item - */ + * Show all the comments for a given item + * @param int $itemid + */ function action_itemcommentlist($itemid = '') { - global $member; - + global $member, $manager, $CONF; + if ($itemid == '') $itemid = intRequestVar('itemid'); - + // only allow if user is allowed to alter item $member->canAlterItem($itemid) or $this->disallow(); - + $blogid = getBlogIdFromItemId($itemid); - + $this->pagehead(); - + // start index if (postVar('start')) - $start = postVar('start'); + $start = intPostVar('start'); else - $start = 0; - + $start = 0; + // amount of items to show if (postVar('amount')) - $amount = postVar('amount'); - else - $amount = 10; - - $search = postVar('search'); - + $amount = intPostVar('amount'); + else { + $amount = intval($CONF['DefaultListSize']); + if ($amount < 1) + $amount = 10; + } + + $search = postVar('search'); + echo '

    (',_BACKTOOVERVIEW,')

    '; echo '

    ',_COMMENTS,'

    '; - - $query = 'SELECT cbody, cuser, cmail, mname, ctime, chost, cnumber, cip, citem FROM '.sql_table('comment').' LEFT OUTER JOIN '.sql_table('member').' ON mnumber=cmember WHERE citem=' . $itemid; - if ($search) + $query = 'SELECT cbody, cuser, cmail, cemail, mname, ctime, chost, cnumber, cip, citem FROM ' . sql_table('comment') . ' LEFT OUTER JOIN ' . sql_table('member') . ' ON mnumber = cmember WHERE citem = ' . $itemid; + + if ($search) $query .= ' and cbody LIKE "%' . addslashes($search) . '%"'; $query .= ' ORDER BY ctime ASC' - . " LIMIT $start,$amount"; + . " LIMIT $start,$amount"; $template['content'] = 'commentlist'; $template['canAddBan'] = $member->blogAdminRights(getBlogIDFromItemID($itemid)); - $navList = new NAVLIST('itemcommentlist', $start, $amount, 0, 1000, 0, $search, $itemid); + $manager->loadClass("ENCAPSULATE"); + $navList =& new NAVLIST('itemcommentlist', $start, $amount, 0, 1000, 0, $search, $itemid); $navList->showBatchList('comment',$query,'table',$template,_NOCOMMENTS); - + $this->pagefoot(); } - + /** - * Browse own comments - */ + * Browse own comments + */ function action_browseowncomments() { - global $member; - + global $member, $manager, $CONF; + // start index if (postVar('start')) - $start = postVar('start'); + $start = intPostVar('start'); else - $start = 0; - + $start = 0; + // amount of items to show if (postVar('amount')) - $amount = postVar('amount'); - else - $amount = 10; - - $search = postVar('search'); + $amount = intPostVar('amount'); + else { + $amount = intval($CONF['DefaultListSize']); + if ($amount < 1) + $amount = 10; + } + + $search = postVar('search'); $query = 'SELECT cbody, cuser, cmail, mname, ctime, chost, cnumber, cip, citem FROM '.sql_table('comment').' LEFT OUTER JOIN '.sql_table('member').' ON mnumber=cmember WHERE cmember=' . $member->getID(); - if ($search) + if ($search) $query .= ' and cbody LIKE "%' . addslashes($search) . '%"'; $query .= ' ORDER BY ctime DESC' - . " LIMIT $start,$amount"; - + . " LIMIT $start,$amount"; + $this->pagehead(); - - echo '

    (',_BACKHOME,')

    '; + + echo '

    (',_BACKHOME,')

    '; echo '

    ', _COMMENTS_YOUR ,'

    '; - + $template['content'] = 'commentlist'; $template['canAddBan'] = 0; // doesn't make sense to allow banning yourself - - $navList = new NAVLIST('browseowncomments', $start, $amount, 0, 1000, 0, $search, 0); + + $manager->loadClass("ENCAPSULATE"); + $navList =& new NAVLIST('browseowncomments', $start, $amount, 0, 1000, 0, $search, 0); $navList->showBatchList('comment',$query,'table',$template,_NOCOMMENTS_YOUR); - + $this->pagefoot(); } - + /** - * Browse all comments for a weblog - */ - function action_blogcommentlist($blogid = '') + * Browse all comments for a weblog + * @param int $blogid + */ + function action_blogcommentlist($blogid = '') { - global $member, $manager; - + global $member, $manager, $CONF; + if ($blogid == '') $blogid = intRequestVar('blogid'); else $blogid = intval($blogid); - - $member->teamRights($blogid) or $member->isAdmin() or $this->disallow(); - + + $member->teamRights($blogid) or $member->isAdmin() or $this->disallow(); + // start index if (postVar('start')) - $start = postVar('start'); + $start = intPostVar('start'); else - $start = 0; - + $start = 0; + // amount of items to show if (postVar('amount')) - $amount = postVar('amount'); - else - $amount = 10; - + $amount = intPostVar('amount'); + else { + $amount = intval($CONF['DefaultListSize']); + if ($amount < 1) + $amount = 10; + } + $search = postVar('search'); // search through comments - $query = 'SELECT cbody, cuser, cmail, mname, ctime, chost, cnumber, cip, citem FROM '.sql_table('comment').' LEFT OUTER JOIN '.sql_table('member').' ON mnumber=cmember WHERE cblog=' . intval($blogid); + $query = 'SELECT cbody, cuser, cemail, cmail, mname, ctime, chost, cnumber, cip, citem FROM '.sql_table('comment').' LEFT OUTER JOIN '.sql_table('member').' ON mnumber=cmember WHERE cblog=' . intval($blogid); - if ($search != '') + if ($search != '') $query .= ' and cbody LIKE "%' . addslashes($search) . '%"'; - - + + $query .= ' ORDER BY ctime DESC' - . " LIMIT $start,$amount"; + . " LIMIT $start,$amount"; $blog =& $manager->getBlog($blogid); $this->pagehead(); - - echo '

    (',_BACKHOME,')

    '; + + echo '

    (',_BACKHOME,')

    '; echo '

    ', _COMMENTS_BLOG , ' ' , $this->bloglink($blog), '

    '; - + $template['content'] = 'commentlist'; $template['canAddBan'] = $member->blogAdminRights($blogid); - + + $manager->loadClass("ENCAPSULATE"); $navList =& new NAVLIST('blogcommentlist', $start, $amount, 0, 1000, $blogid, $search, 0); - $navList->showBatchList('comment',$query,'table',$template, 'No comments were made on items of this blog'); - + $navList->showBatchList('comment',$query,'table',$template, _NOCOMMENTS_BLOG); + $this->pagefoot(); } /** - * Provide a page to item a new item to the given blog - */ + * Provide a page to item a new item to the given blog + */ function action_createitem() { global $member, $manager; - + $blogid = intRequestVar('blogid'); - + // check if allowed - $member->teamRights($blogid) or $this->disallow(); - + $member->teamRights($blogid) or $this->disallow(); + $memberid = $member->getID(); - + $blog =& $manager->getBlog($blogid); - + $this->pagehead(); - + // generate the add-item form - $formfactory = new PAGEFACTORY($blogid); + $formfactory =& new PAGEFACTORY($blogid); $formfactory->createAddForm('admin'); - $this->pagefoot(); + $this->pagefoot(); } - + + /** + * @todo document this + */ function action_itemedit() { global $member, $manager; - + $itemid = intRequestVar('itemid'); - + // only allow if user is allowed to alter item $member->canAlterItem($itemid) or $this->disallow(); - + $item =& $manager->getItem($itemid,1,1); $blog =& $manager->getBlog(getBlogIDFromItemID($itemid)); - + $manager->notify('PrepareItemForEdit', array('item' => &$item)); - + if ($blog->convertBreaks()) { $item['body'] = removeBreaks($item['body']); $item['more'] = removeBreaks($item['more']); } - + // form to edit blog items $this->pagehead(); - $formfactory = new PAGEFACTORY($blog->getID()); - $formfactory->createEditForm('admin',$item); - $this->pagefoot(); + $formfactory =& new PAGEFACTORY($blog->getID()); + $formfactory->createEditForm('admin',$item); + $this->pagefoot(); } - - function action_itemupdate() { + + /** + * @todo document this + */ + function action_itemupdate() { global $member, $manager, $CONF; - + $itemid = intRequestVar('itemid'); $catid = postVar('catid'); - + // only allow if user is allowed to alter item $member->canUpdateItem($itemid, $catid) or $this->disallow(); $actiontype = postVar('actiontype'); - + // delete actions are handled by itemdelete (which has confirmation) if ($actiontype == 'delete') { $this->action_itemdelete(); - return; + return; } - + $body = postVar('body'); $title = postVar('title'); $more = postVar('more'); $closed = intPostVar('closed'); + $draftid = intPostVar('draftid'); // default action = add now - if (!$actiontype) + if (!$actiontype) $actiontype='addnow'; - - // create new category if needed + + // create new category if needed if (strstr($catid,'newcat')) { - // get blogid + // get blogid list($blogid) = sscanf($catid,"newcat-%d"); - + // create $blog =& $manager->getBlog($blogid); $catid = $blog->createNewCategory(); // show error when sth goes wrong - if (!$catid) + if (!$catid) $this->doError(_ERROR_CATCREATEFAIL); - } + } /* set some variables based on actiontype - + actiontypes: draft items -> addnow, addfuture, adddraft, delete non-draft items -> edit, changedate, delete - + variables set: $timestamp: set to a nonzero value for future dates or date changes $wasdraft: set to 1 when the item used to be a draft item $publish: set to 1 when the edited item is not a draft */ - switch ($actiontype) { - case 'adddraft': - $publish = 0; - $wasdraft = 1; - $timestamp = 0; - break; - case 'addfuture': - $wasdraft = 1; - $publish = 1; - $timestamp = mktime(postVar('hour'), postVar('minutes'), 0, postVar('month'), postVar('day'), postVar('year')); - break; - case 'addnow': - $wasdraft = 1; - $publish = 1; - $timestamp = 0; - break; - case 'changedate': - $timestamp = mktime(postVar('hour'), postVar('minutes'), 0, postVar('month'), postVar('day'), postVar('year')); - $publish = 1; - $wasdraft = 0; - break; - case 'edit': - default: - $publish = 1; - $wasdraft = 0; - $timestamp = 0; + $blogid = getBlogIDFromItemID($itemid); + $blog =& $manager->getBlog($blogid); + + $wasdrafts = array('adddraft', 'addfuture', 'addnow'); + $wasdraft = in_array($actiontype, $wasdrafts) ? 1 : 0; + $publish = ($actiontype != 'adddraft' && $actiontype != 'backtodrafts') ? 1 : 0; + if ($actiontype == 'addfuture' || $actiontype == 'changedate') { + $timestamp = mktime(intPostVar('hour'), intPostVar('minutes'), 0, intPostVar('month'), intPostVar('day'), intPostVar('year')); + } else { + $timestamp =0; } - + $doping = ($publish && $timestamp < $blog->getCorrectTime() && postVar('dosendping')) ? 1 : 0; + // edit the item for real ITEM::update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, $timestamp); - + + $this->updateFuturePosted($blogid); + + if ($draftid > 0) { + // delete permission is checked inside ITEM::delete() + ITEM::delete($draftid); + } + + if (!$closed && $doping && $blog->sendPing() && numberOfEventSubscriber('SendPing') > 0) { // + $this->action_sendping($blogid); + return; + } + // show category edit window when we created a new category // ($catid will then be a new category ID, while postVar('catid') will be 'newcat-x') if ($catid != intPostVar('catid')) { $this->action_categoryedit( - $catid, + $catid, $blog->getID(), $CONF['AdminURL'] . 'index.php?action=itemlist&blogid=' . getBlogIDFromItemID($itemid) ); @@ -1081,136 +1240,191 @@ class ADMIN { $this->action_itemlist(getBlogIDFromItemID($itemid)); } } - + + /** + * @todo document this + */ function action_itemdelete() { global $member, $manager; - + $itemid = intRequestVar('itemid'); - + // only allow if user is allowed to alter item $member->canAlterItem($itemid) or $this->disallow(); - + if (!$manager->existsItem($itemid,1,1)) $this->error(_ERROR_NOSUCHITEM); - + $item =& $manager->getItem($itemid,1,1); $title = htmlspecialchars(strip_tags($item['title'])); $body = strip_tags($item['body']); $body = htmlspecialchars(shorten($body,300,'...')); - + $this->pagehead(); ?>

    - +

    - +
    ""
    - +
    + addTicketHidden() ?>
    - pagefoot(); } - + + /** + * @todo document this + */ function action_itemdeleteconfirm() { global $member; - + $itemid = intRequestVar('itemid'); - + // only allow if user is allowed to alter item $member->canAlterItem($itemid) or $this->disallow(); // get blogid first $blogid = getBlogIdFromItemId($itemid); - + // delete item (note: some checks will be performed twice) $this->deleteOneItem($itemid); - + $this->action_itemlist($blogid); } - - // deletes one item and returns error if something goes wrong + + /** + * Deletes one item and returns error if something goes wrong + * @param int $itemid + */ function deleteOneItem($itemid) { global $member, $manager; - + // only allow if user is allowed to alter item (also checks if itemid exists) if (!$member->canAlterItem($itemid)) return _ERROR_DISALLOWED; - + + // need to get blogid before the item is deleted + $blogid = getBlogIDFromItemId($itemid); + $manager->loadClass('ITEM'); ITEM::delete($itemid); + + // update blog's futureposted + $this->updateFuturePosted($blogid); + } + + /** + * Update a blog's future posted flag + * @param int $blogid + */ + function updateFuturePosted($blogid) { + global $manager; + + $blog =& $manager->getBlog($blogid); + $currenttime = $blog->getCorrectTime(time()); + $result = sql_query("SELECT * FROM ".sql_table('item'). + " WHERE iblog='".$blogid."' AND iposted=0 AND itime>".mysqldate($currenttime)); + if (sql_num_rows($result) > 0) { + $blog->setFuturePost(); + } + else { + $blog->clearFuturePost(); + } } + /** + * @todo document this + */ function action_itemmove() { global $member, $manager; - - $itemid = intRequestVar('itemid'); - + + $itemid = intRequestVar('itemid'); + // only allow if user is allowed to alter item $member->canAlterItem($itemid) or $this->disallow(); $item =& $manager->getItem($itemid,1,1); - + $this->pagehead(); ?>

    - - selectBlogCategory('catid',$item['catid'],10,1);?> - + + addTicketHidden(); + $this->selectBlogCategory('catid',$item['catid'],10,1); + ?> +
    - pagefoot(); } + /** + * @todo document this + */ function action_itemmoveto() { global $member, $manager; - + $itemid = intRequestVar('itemid'); $catid = requestVar('catid'); - - // create new category if needed + + // create new category if needed if (strstr($catid,'newcat')) { - // get blogid + // get blogid list($blogid) = sscanf($catid,'newcat-%d'); - + // create $blog =& $manager->getBlog($blogid); $catid = $blog->createNewCategory(); // show error when sth goes wrong - if (!$catid) + if (!$catid) $this->doError(_ERROR_CATCREATEFAIL); - } - + } + // only allow if user is allowed to alter item $member->canUpdateItem($itemid, $catid) or $this->disallow(); - ITEM::move($itemid, $catid); - + $old_blogid = getBlogIDFromItemId($itemid); + + ITEM::move($itemid, $catid); + + // set the futurePosted flag on the blog + $this->updateFuturePosted(getBlogIDFromItemId($itemid)); + + // reset the futurePosted in case the item is moved from one blog to another + $this->updateFuturePosted($old_blogid); + if ($catid != intRequestVar('catid')) $this->action_categoryedit($catid, $blog->getID()); else - $this->action_itemlist(getBlogIDFromCatID($catid)); + $this->action_itemlist(getBlogIDFromCatID($catid)); } - + /** - * Moves one item to a given category (category existance should be checked by caller) - * errors are returned - */ + * Moves one item to a given category (category existance should be checked by caller) + * errors are returned + * @param int $itemid + * @param int $destCatid category ID to which the item will be moved + */ function moveOneItem($itemid, $destCatid) { global $member; - + // only allow if user is allowed to move item if (!$member->canUpdateItem($itemid, $destCatid)) return _ERROR_DISALLOWED; @@ -1219,129 +1433,131 @@ class ADMIN { } /** - * Adds a item to the chosen blog - */ + * Adds a item to the chosen blog + */ function action_additem() { global $member, $manager, $CONF; - + $manager->loadClass('ITEM'); $result = ITEM::createFromRequest(); - + if ($result['status'] == 'error') $this->error($result['message']); - + $blogid = getBlogIDFromItemID($result['itemid']); $blog =& $manager->getBlog($blogid); - - if ($result['status'] == 'newcategory') - $this->action_categoryedit( - $result['catid'], - $blogid, - $blog->pingUserland() ? $CONF['AdminURL'] . 'index.php?action=sendping&blogid=' . intval($blogid) : '' - ); - elseif ((postVar('actiontype') == 'addnow') && $blog->pingUserland()) - $this->action_sendping($blogid); - else - $this->action_itemlist($blogid); + $btimestamp = $blog->getCorrectTime(); + $item = $manager->getItem(intval($result['itemid']), 1, 1); + if (!$item['draft'] && postVar('dosendping') && $item['timestamp'] <= $btimestamp) { + $nextAction = 'sendping'; + } else { + $nextAction = 'itemlist'; + } + if ($result['status'] == 'newcategory') { + $distURI = $manager->addTicketToUrl($CONF['AdminURL'] . 'index.php?action=' . $nextAction . '&blogid=' . intval($blogid)); + $this->action_categoryedit($result['catid'], $blogid, $distURI); + } else { + $methodName = 'action_' . $nextAction; + call_user_func(array(&$this, $methodName), $blogid); + } } - + /** - * Shows a window that says we're about to ping weblogs.com. - * immediately refresh to the real pinging page, which will - * show an error, or redirect to the blog. - * - * @param $blogid ID of blog for which ping needs to be sent out - */ + * Shows a window that says we're about to ping. + * immediately refresh to the real pinging page, which will + * show an error, or redirect to the blog. + * + * @param int $blogid ID of blog for which ping needs to be sent out + */ function action_sendping($blogid = -1) { - global $member; - + global $member, $manager; + if ($blogid == -1) $blogid = intRequestVar('blogid'); - + $member->isLoggedIn() or $this->disallow(); - - $this->pagehead(''); - ?> -

    Site Updated, Now pinging weblogs.com

    -

    - Pinging weblogs.com! This can a while... -
    - When the ping is complete (and successfull), your weblog will show up in the weblogs.com updates list. -

    - -

    - If you aren't automatically passed through, try again + $rawPingUrl = $manager->addTicketToUrl('index.php?action=rawping&blogid=' . intval($blogid)); + + $this->pagehead(''); + echo _UPDATEDPING_MESSAGE; + ?> +

    - pagefoot(); + pagefoot(); } - - // ping to Weblogs.com - // sends the real ping (can take up to 10 seconds!) + + /** + * Sends the real ping (can take up to 10 seconds!) + */ function action_rawping() { global $manager; // TODO: checks? - + $blogid = intRequestVar('blogid'); $blog =& $manager->getBlog($blogid); - - $result = $blog->sendUserlandPing(); - + $this->pagehead(); - + ?> - -

    Ping Results

    - -

    The following message was returned by weblogs.com:

    - -
    - + +

    +
    + notify('SendPing', array('blogid' => $blogid)); + + ?> +
    + - + pagefoot(); } - - /** - * Allows to edit previously made comments - */ + + /** + * Allows to edit previously made comments + */ function action_commentedit() { global $member, $manager; - + $commentid = intRequestVar('commentid'); - + $member->canAlterComment($commentid) or $this->disallow(); $comment = COMMENT::getComment($commentid); - + $manager->notify('PrepareCommentForEdit',array('comment' => &$comment)); // change
    to \n $comment['body'] = str_replace('
    ','',$comment['body']); - - $comment['body'] = eregi_replace("[^<]*","\\1",$comment['body']); - + + $comment['body'] = eregi_replace("[^<]*","\\1",$comment['body']); + $this->pagehead(); - + ?>

    - +
    - + + addTicketHidden(); ?> @@ -1351,7 +1567,16 @@ class ADMIN { - + + + + + + + + + + - +
    -
    - - pagefoot(); - + } - + + /** + * @todo document this + */ function action_skinieimport() { - global $member, $DIR_LIBS, $DIR_SKINS; - + global $member, $DIR_LIBS, $DIR_SKINS, $manager; + $member->isAdmin() or $this->disallow(); - + // load skinie class include_once($DIR_LIBS . 'skinie.php'); - + $skinFileRaw= postVar('skinfile'); $mode = postVar('mode'); - $importer = new SKINIMPORT(); - + $importer =& new SKINIMPORT(); + // get full filename if ($mode == 'file') { $skinFile = $DIR_SKINS . $skinFileRaw . '/skinbackup.xml'; - + // backwards compatibilty (in v2.0, exports were saved as skindata.xml) if (!file_exists($skinFile)) $skinFile = $DIR_SKINS . $skinFileRaw . '/skindata.xml'; } else { $skinFile = $skinFileRaw; } - + // read only metadata - $error = $importer->readFile($skinFile, 1); - + $error = $importer->readFile($skinFile, 1); + + // clashes + $skinNameClashes = $importer->checkSkinNameClashes(); + $templateNameClashes = $importer->checkTemplateNameClashes(); + $hasNameClashes = (count($skinNameClashes) > 0) || (count($templateNameClashes) > 0); if ($error) $this->error($error); $this->pagehead(); - echo '

    (',_BACK,')

    '; + echo '

    (',_BACK,')

    '; ?>

    @@ -3089,29 +3651,47 @@ selector();

  • getInfo())?>

  • '._AND.' ',$importer->getSkinNames())?>

  • '._AND.' ',$importer->getTemplateNames())?>

    • -

  • '._AND.' ',$importer->checkSkinNameClashes())?>

    • -

  • '._AND.' ',$importer->checkTemplateNameClashes())?>

    • + +

  • '._AND.' ',$skinNameClashes)?>

    • +

  • '._AND.' ',$templateNameClashes)?>

    • +
    + addTicketHidden() ?> - + +
    +
    - pagefoot(); } - + + /** + * @todo document this + */ function action_skiniedoimport() { global $member, $DIR_LIBS, $DIR_SKINS; - + $member->isAdmin() or $this->disallow(); - + // load skinie class include_once($DIR_LIBS . 'skinie.php'); @@ -3119,23 +3699,23 @@ selector(); $mode = postVar('mode'); $allowOverwrite = intPostVar('overwrite'); - + // get full filename if ($mode == 'file') { - $skinFile = $DIR_SKINS . $skinFileRaw . '/skinbackup.xml'; - + $skinFile = $DIR_SKINS . $skinFileRaw . '/skinbackup.xml'; + // backwards compatibilty (in v2.0, exports were saved as skindata.xml) if (!file_exists($skinFile)) $skinFile = $DIR_SKINS . $skinFileRaw . '/skindata.xml'; - + } else { $skinFile = $skinFileRaw; } - $importer = new SKINIMPORT(); + $importer =& new SKINIMPORT(); - $error = $importer->readFile($skinFile); + $error = $importer->readFile($skinFile); if ($error) $this->error($error); @@ -3147,7 +3727,7 @@ selector(); $this->pagehead(); - echo '

    (',_BACKTOMANAGE,')

    '; + echo '

    (',_BACKTOMANAGE,')

    '; ?>

    @@ -3160,15 +3740,18 @@ selector(); pagefoot(); } - + + /** + * @todo document this + */ function action_skinieexport() { global $member, $DIR_LIBS; - + $member->isAdmin() or $this->disallow(); - + // load skinie class include_once($DIR_LIBS . 'skinie.php'); - + $aSkins = requestIntArray('skin'); $aTemplates = requestIntArray('template'); @@ -3176,11 +3759,11 @@ selector(); if (!is_array($aSkins)) $aSkins = array(); $skinList = array_keys($aSkins); - $templateList = array_keys($aTemplates); + $templateList = array_keys($aTemplates); $info = postVar('info'); - $exporter = new SKINEXPORT(); + $exporter =& new SKINEXPORT(); foreach ($skinList as $skinId) { $exporter->addSkin($skinId); } @@ -3189,32 +3772,36 @@ selector(); } $exporter->setInfo($info); - $exporter->export(); + $exporter->export(); } - + + /** + * @todo document this + */ function action_templateoverview() { - global $member; - + global $member, $manager; + $member->isAdmin() or $this->disallow(); - + $this->pagehead(); - - echo '

    (',_BACKTOMANAGE,')

    '; - + + echo '

    (',_BACKTOMANAGE,')

    '; + echo '

    ' . _TEMPLATE_TITLE . '

    '; echo '

    ' . _TEMPLATE_AVAILABLE_TITLE . '

    '; - + $query = 'SELECT * FROM '.sql_table('template_desc').' ORDER BY tdname'; $template['content'] = 'templatelist'; $template['tabindex'] = 10; showlist($query,'table',$template); - + echo '

    ' . _TEMPLATE_NEW_TITLE . '

    '; - + ?>
    - + + addTicketHidden() ?> @@ -3225,47 +3812,51 @@ selector();
    - +
    - - pagefoot(); } - + + /** + * @todo document this + */ function action_templateedit($msg = '') { - global $member; - + global $member, $manager; + $templateid = intRequestVar('templateid'); - + $member->isAdmin() or $this->disallow(); - + $extrahead = ''; $extrahead .= ''; $this->pagehead($extrahead); - + $templatename = TEMPLATE::getNameFromId($templateid); $templatedescription = TEMPLATE::getDesc($templateid); - $template = TEMPLATE::read($templatename); - + $template =& $manager->getTemplate($templatename); + ?>

    ()

    -

    ''

    - +

    ''

    + "._MESSAGE.": $msg

    "; ?> - +

    - +
    - + + addTicketHidden() ?> - + @@ -3284,125 +3875,153 @@ selector(); -_templateEditRow($template, _TEMPLATE_ITEMHEADER, 'ITEM_HEADER', '', 8); - $this->_templateEditRow($template, _TEMPLATE_ITEMBODY, 'ITEM', '', 9, 1); - $this->_templateEditRow($template, _TEMPLATE_ITEMFOOTER, 'ITEM_FOOTER', '', 10); - $this->_templateEditRow($template, _TEMPLATE_MORELINK, 'MORELINK', 'morelink', 20); - $this->_templateEditRow($template, _TEMPLATE_EDITLINK, 'EDITLINK', 'editlink', 25); - $this->_templateEditRow($template, _TEMPLATE_NEW, 'NEW', 'new', 30); +_templateEditRow($template, _TEMPLATE_ITEMHEADER, 'ITEM_HEADER', '', 8); + $this->_templateEditRow($template, _TEMPLATE_ITEMBODY, 'ITEM', '', 9, 1); + $this->_templateEditRow($template, _TEMPLATE_ITEMFOOTER, 'ITEM_FOOTER', '', 10); + $this->_templateEditRow($template, _TEMPLATE_MORELINK, 'MORELINK', 'morelink', 20); + $this->_templateEditRow($template, _TEMPLATE_EDITLINK, 'EDITLINK', 'editlink', 25); + $this->_templateEditRow($template, _TEMPLATE_NEW, 'NEW', 'new', 30); ?> - + -_templateEditRow($template, _TEMPLATE_CHEADER, 'COMMENTS_HEADER', 'commentheaders', 40); - $this->_templateEditRow($template, _TEMPLATE_CBODY, 'COMMENTS_BODY', 'commentbody', 50, 1); - $this->_templateEditRow($template, _TEMPLATE_CFOOTER, 'COMMENTS_FOOTER', 'commentheaders', 60); - $this->_templateEditRow($template, _TEMPLATE_CONE, 'COMMENTS_ONE', 'commentwords', 70); - $this->_templateEditRow($template, _TEMPLATE_CMANY, 'COMMENTS_MANY', 'commentwords', 80); - $this->_templateEditRow($template, _TEMPLATE_CMORE, 'COMMENTS_CONTINUED', 'commentcontinued', 90); - $this->_templateEditRow($template, _TEMPLATE_CMEXTRA, 'COMMENTS_AUTH', 'memberextra', 100); +_templateEditRow($template, _TEMPLATE_CHEADER, 'COMMENTS_HEADER', 'commentheaders', 40); + $this->_templateEditRow($template, _TEMPLATE_CBODY, 'COMMENTS_BODY', 'commentbody', 50, 1); + $this->_templateEditRow($template, _TEMPLATE_CFOOTER, 'COMMENTS_FOOTER', 'commentheaders', 60); + $this->_templateEditRow($template, _TEMPLATE_CONE, 'COMMENTS_ONE', 'commentwords', 70); + $this->_templateEditRow($template, _TEMPLATE_CMANY, 'COMMENTS_MANY', 'commentwords', 80); + $this->_templateEditRow($template, _TEMPLATE_CMORE, 'COMMENTS_CONTINUED', 'commentcontinued', 90); + $this->_templateEditRow($template, _TEMPLATE_CMEXTRA, 'COMMENTS_AUTH', 'memberextra', 100); ?> - + _templateEditRow($template, _TEMPLATE_CNONE, 'COMMENTS_NONE', '', 110); + $this->_templateEditRow($template, _TEMPLATE_CNONE, 'COMMENTS_NONE', '', 110); ?> - + -_templateEditRow($template, _TEMPLATE_CTOOMUCH, 'COMMENTS_TOOMUCH', '', 120); +_templateEditRow($template, _TEMPLATE_CTOOMUCH, 'COMMENTS_TOOMUCH', '', 120); ?> - + -_templateEditRow($template, _TEMPLATE_AHEADER, 'ARCHIVELIST_HEADER', '', 130); - $this->_templateEditRow($template, _TEMPLATE_AITEM, 'ARCHIVELIST_LISTITEM', '', 140); - $this->_templateEditRow($template, _TEMPLATE_AFOOTER, 'ARCHIVELIST_FOOTER', '', 150); +_templateEditRow($template, _TEMPLATE_AHEADER, 'ARCHIVELIST_HEADER', '', 130); + $this->_templateEditRow($template, _TEMPLATE_AITEM, 'ARCHIVELIST_LISTITEM', '', 140); + $this->_templateEditRow($template, _TEMPLATE_AFOOTER, 'ARCHIVELIST_FOOTER', '', 150); +?> + + +_templateEditRow($template, _TEMPLATE_BLOGHEADER, 'BLOGLIST_HEADER', '', 160); + $this->_templateEditRow($template, _TEMPLATE_BLOGITEM, 'BLOGLIST_LISTITEM', '', 170); + $this->_templateEditRow($template, _TEMPLATE_BLOGFOOTER, 'BLOGLIST_FOOTER', '', 180); ?> - + -_templateEditRow($template, _TEMPLATE_CATHEADER, 'CATLIST_HEADER', '', 160); - $this->_templateEditRow($template, _TEMPLATE_CATITEM, 'CATLIST_LISTITEM', '', 170); - $this->_templateEditRow($template, _TEMPLATE_CATFOOTER, 'CATLIST_FOOTER', '', 180); +_templateEditRow($template, _TEMPLATE_CATHEADER, 'CATLIST_HEADER', '', 190); + $this->_templateEditRow($template, _TEMPLATE_CATITEM, 'CATLIST_LISTITEM', '', 200); + $this->_templateEditRow($template, _TEMPLATE_CATFOOTER, 'CATLIST_FOOTER', '', 210); ?> -_templateEditRow($template, _TEMPLATE_DHEADER, 'DATE_HEADER', 'dateheads', 190); - $this->_templateEditRow($template, _TEMPLATE_DFOOTER, 'DATE_FOOTER', 'dateheads', 200); - $this->_templateEditRow($template, _TEMPLATE_DFORMAT, 'FORMAT_DATE', 'datetime', 210); - $this->_templateEditRow($template, _TEMPLATE_TFORMAT, 'FORMAT_TIME', 'datetime', 220); - $this->_templateEditRow($template, _TEMPLATE_LOCALE, 'LOCALE', 'locale', 230); +_templateEditRow($template, _TEMPLATE_DHEADER, 'DATE_HEADER', 'dateheads', 220); + $this->_templateEditRow($template, _TEMPLATE_DFOOTER, 'DATE_FOOTER', 'dateheads', 230); + $this->_templateEditRow($template, _TEMPLATE_DFORMAT, 'FORMAT_DATE', 'datetime', 240); + $this->_templateEditRow($template, _TEMPLATE_TFORMAT, 'FORMAT_TIME', 'datetime', 250); + $this->_templateEditRow($template, _TEMPLATE_LOCALE, 'LOCALE', 'locale', 260); ?> - + -_templateEditRow($template, _TEMPLATE_PCODE, 'POPUP_CODE', '', 240); - $this->_templateEditRow($template, _TEMPLATE_ICODE, 'IMAGE_CODE', '', 250); - $this->_templateEditRow($template, _TEMPLATE_MCODE, 'MEDIA_CODE', '', 260); +_templateEditRow($template, _TEMPLATE_PCODE, 'POPUP_CODE', '', 270); + $this->_templateEditRow($template, _TEMPLATE_ICODE, 'IMAGE_CODE', '', 280); + $this->_templateEditRow($template, _TEMPLATE_MCODE, 'MEDIA_CODE', '', 290); ?> -_templateEditRow($template, _TEMPLATE_SHIGHLIGHT, 'SEARCH_HIGHLIGHT', 'highlight',270); - $this->_templateEditRow($template, _TEMPLATE_SNOTFOUND, 'SEARCH_NOTHINGFOUND', 'nothingfound',280); -?> +_templateEditRow($template, _TEMPLATE_SHIGHLIGHT, 'SEARCH_HIGHLIGHT', 'highlight',300); + $this->_templateEditRow($template, _TEMPLATE_SNOTFOUND, 'SEARCH_NOTHINGFOUND', 'nothingfound',310); +?> + + +notify('TemplateExtraFields',array('fields'=>&$pluginfields)); + + foreach ($pluginfields as $pfkey=>$pfvalue) { + echo "\n"; + echo '\n"; + foreach ($pfvalue as $pffield=>$pfdesc) { + $this->_templateEditRow($template, $pfdesc, $pffield, '',++$tab,0); + } + } +?>
    '.htmlentities($pfkey)."
    - - + +
    - +
    - pagefoot(); } - + + /** + * @todo document this + */ function _templateEditRow(&$template, $description, $name, $help = '', $tabindex = 0, $big = 0) { static $count = 1; + if (!isset($template[$name])) $template[$name] = ''; ?> - + isAdmin() or $this->disallow(); - + $name = postVar('tname'); $desc = postVar('tdesc'); - + if (!isValidTemplateName($name)) $this->error(_ERROR_BADTEMPLATENAME); - + if ((TEMPLATE::getNameFromId($templateid) != $name) && TEMPLATE::exists($name)) $this->error(_ERROR_DUPTEMPLATENAME); - + $name = addslashes($name); $desc = addslashes($desc); - + // 1. Remove all template parts $query = 'DELETE FROM '.sql_table('template').' WHERE tdesc=' . $templateid; sql_query($query); - + // 2. Update description $query = 'UPDATE '.sql_table('template_desc').' SET' - . " tdname='" . $name . "'," - . " tddesc='" . $desc . "'" - . " WHERE tdnumber=" . $templateid; + . " tdname='" . $name . "'," + . " tddesc='" . $desc . "'" + . " WHERE tdnumber=" . $templateid; sql_query($query); - + // 3. Add non-empty template parts $this->addToTemplate($templateid, 'ITEM_HEADER', postVar('ITEM_HEADER')); $this->addToTemplate($templateid, 'ITEM', postVar('ITEM')); $this->addToTemplate($templateid, 'ITEM_FOOTER', postVar('ITEM_FOOTER')); $this->addToTemplate($templateid, 'MORELINK', postVar('MORELINK')); - $this->addToTemplate($templateid, 'EDITLINK', postVar('EDITLINK')); + $this->addToTemplate($templateid, 'EDITLINK', postVar('EDITLINK')); $this->addToTemplate($templateid, 'NEW', postVar('NEW')); $this->addToTemplate($templateid, 'COMMENTS_HEADER', postVar('COMMENTS_HEADER')); $this->addToTemplate($templateid, 'COMMENTS_BODY', postVar('COMMENTS_BODY')); @@ -3416,6 +4035,9 @@ selector(); $this->addToTemplate($templateid, 'ARCHIVELIST_HEADER', postVar('ARCHIVELIST_HEADER')); $this->addToTemplate($templateid, 'ARCHIVELIST_LISTITEM', postVar('ARCHIVELIST_LISTITEM')); $this->addToTemplate($templateid, 'ARCHIVELIST_FOOTER', postVar('ARCHIVELIST_FOOTER')); + $this->addToTemplate($templateid, 'BLOGLIST_HEADER', postVar('BLOGLIST_HEADER')); + $this->addToTemplate($templateid, 'BLOGLIST_LISTITEM', postVar('BLOGLIST_LISTITEM')); + $this->addToTemplate($templateid, 'BLOGLIST_FOOTER', postVar('BLOGLIST_FOOTER')); $this->addToTemplate($templateid, 'CATLIST_HEADER', postVar('CATLIST_HEADER')); $this->addToTemplate($templateid, 'CATLIST_LISTITEM', postVar('CATLIST_LISTITEM')); $this->addToTemplate($templateid, 'CATLIST_FOOTER', postVar('CATLIST_FOOTER')); @@ -3429,155 +4051,182 @@ selector(); $this->addToTemplate($templateid, 'POPUP_CODE', postVar('POPUP_CODE')); $this->addToTemplate($templateid, 'MEDIA_CODE', postVar('MEDIA_CODE')); $this->addToTemplate($templateid, 'IMAGE_CODE', postVar('IMAGE_CODE')); - - + + $pluginfields = array(); + $manager->notify('TemplateExtraFields',array('fields'=>&$pluginfields)); + foreach ($pluginfields as $pfkey=>$pfvalue) { + foreach ($pfvalue as $pffield=>$pfdesc) { + $this->addToTemplate($templateid, $pffield, postVar($pffield)); + } + } + // jump back to template edit $this->action_templateedit(_TEMPLATE_UPDATED); - - } + } + + /** + * @todo document this + */ function addToTemplate($id, $partname, $content) { $partname = addslashes($partname); - $content = addslashes($content); - + $content = addslashes($content); + $id = intval($id); - + // don't add empty parts: if (!trim($content)) return -1; - + $query = 'INSERT INTO '.sql_table('template')." (tdesc, tpartname, tcontent) " - . "VALUES ($id, '$partname', '$content')"; - mysql_query($query) or die("Query error: " . mysql_error()); - return mysql_insert_id(); - } - + . "VALUES ($id, '$partname', '$content')"; + sql_query($query) or exit(_ADMIN_SQLDIE_QUERYERROR . sql_error()); + return sql_insert_id(); + } + + /** + * @todo document this + */ function action_templatedelete() { - global $member; - + global $member, $manager; + $member->isAdmin() or $this->disallow(); - + $templateid = intRequestVar('templateid'); // TODO: check if template can be deleted - + $this->pagehead(); - + $name = TEMPLATE::getNameFromId($templateid); $desc = TEMPLATE::getDesc($templateid); - + ?>

    - +

    - () + ()

    - +
    + addTicketHidden() ?>
    - pagefoot(); - } - + } + + /** + * @todo document this + */ function action_templatedeleteconfirm() { global $member, $manager; - + $templateid = intRequestVar('templateid'); - + $member->isAdmin() or $this->disallow(); - + $manager->notify('PreDeleteTemplate', array('templateid' => $templateid)); - + // 1. delete description sql_query('DELETE FROM '.sql_table('template_desc').' WHERE tdnumber=' . $templateid); - + // 2. delete parts sql_query('DELETE FROM '.sql_table('template').' WHERE tdesc=' . $templateid); - - $manager->notify('PostDeleteTemplate', array('templateid' => $templateid)); - + + $manager->notify('PostDeleteTemplate', array('templateid' => $templateid)); + $this->action_templateoverview(); - } - + } + + /** + * @todo document this + */ function action_templatenew() { global $member; - + $member->isAdmin() or $this->disallow(); - + $name = postVar('name'); $desc = postVar('desc'); - + if (!isValidTemplateName($name)) $this->error(_ERROR_BADTEMPLATENAME); - + if (TEMPLATE::exists($name)) - $this->error(_ERROR_DUPTEMPLATENAME); + $this->error(_ERROR_DUPTEMPLATENAME); $newTemplateId = TEMPLATE::createNew($name, $desc); $this->action_templateoverview(); } - + + /** + * @todo document this + */ function action_templateclone() { global $member; - + $templateid = intRequestVar('templateid'); - + $member->isAdmin() or $this->disallow(); - + // 1. read old template $name = TEMPLATE::getNameFromId($templateid); $desc = TEMPLATE::getDesc($templateid); // 2. create desc thing $name = "cloned" . $name; - + // if a template with that name already exists: if (TEMPLATE::exists($name)) { $i = 1; while (TEMPLATE::exists($name . $i)) $i++; $name .= $i; - } - + } + $newid = TEMPLATE::createNew($name, $desc); // 3. create clone // go through parts of old template and add them to the new one $res = sql_query('SELECT tpartname, tcontent FROM '.sql_table('template').' WHERE tdesc=' . $templateid); - while ($o = mysql_fetch_object($res)) { + while ($o = sql_fetch_object($res)) { $this->addToTemplate($newid, $o->tpartname, $o->tcontent); } $this->action_templateoverview(); } - + + /** + * @todo document this + */ function action_skinoverview() { - global $member; - + global $member, $manager; + $member->isAdmin() or $this->disallow(); - + $this->pagehead(); - - echo '

    (',_BACKTOMANAGE,')

    '; - + + echo '

    (',_BACKTOMANAGE,')

    '; + echo '

    ' . _SKIN_EDIT_TITLE . '

    '; - + echo '

    ' . _SKIN_AVAILABLE_TITLE . '

    '; - + $query = 'SELECT * FROM '.sql_table('skin_desc').' ORDER BY sdname'; $template['content'] = 'skinlist'; $template['tabindex'] = 10; showlist($query,'table',$template); - + echo '

    ' . _SKIN_NEW_TITLE . '

    '; - + ?>
    - + + addTicketHidden() ?> @@ -3588,49 +4237,55 @@ selector();
    - +
    - - pagefoot(); } - + + /** + * @todo document this + */ function action_skinnew() { global $member; - + $member->isAdmin() or $this->disallow(); - + $name = trim(postVar('name')); $desc = trim(postVar('desc')); - + if (!isValidSkinName($name)) $this->error(_ERROR_BADSKINNAME); - + if (SKIN::exists($name)) - $this->error(_ERROR_DUPSKINNAME); - + $this->error(_ERROR_DUPSKINNAME); + $newId = SKIN::createNew($name, $desc); - + $this->action_skinoverview(); - } + } + /** + * @todo document this + */ function action_skinedit() { - global $member; - + global $member, $manager; + $skinid = intRequestVar('skinid'); - + $member->isAdmin() or $this->disallow(); - - $skin = new SKIN($skinid); - + + $skin =& new SKIN($skinid); + $this->pagehead(); ?>

    - () + ()

    'getName() ?>'

    - +

    - -

    + + ' . _SKIN_PARTS_SPECIAL . ''; + echo '
    ' . "\r\n"; + echo '' . "\r\n"; + echo '' . "\r\n"; + echo '' . "\r\n"; + echo '' . "\r\n"; + echo '
    ' . "\r\n"; + + if ($res && sql_num_rows($res) > 0) { + echo ''; + } + + ?> + +

    - + + addTicketHidden() ?> @@ -3662,40 +4344,43 @@ selector(); - + - +
    input_yesno('inc_mode',$skin->getIncludeMode(),120,'skindir','normal',_PARSER_INCMODE_SKINDIR,_PARSER_INCMODE_NORMAL);?>
    - +
    - - + + pagefoot(); } - + + /** + * @todo document this + */ function action_skineditgeneral() { global $member; - - $skinid = intRequestVar('skinid'); - + + $skinid = intRequestVar('skinid'); + $member->isAdmin() or $this->disallow(); - + $name = postVar('name'); $desc = postVar('desc'); $type = postVar('type'); $inc_mode = postVar('inc_mode'); $inc_prefix = postVar('inc_prefix'); - - $skin = new SKIN($skinid); - + + $skin =& new SKIN($skinid); + // 1. Some checks if (!isValidSkinName($name)) $this->error(_ERROR_BADSKINNAME); - + if (($skin->getName() != $name) && SKIN::exists($name)) $this->error(_ERROR_DUPSKINNAME); @@ -3704,185 +4389,277 @@ selector(); // 2. Update description $skin->updateGeneralInfo($name, $desc, $type, $inc_mode, $inc_prefix); - + $this->action_skinedit(); - + } - + + /** + * @todo document this + */ function action_skinedittype($msg = '') { - global $member; - + global $member, $manager; + $skinid = intRequestVar('skinid'); $type = requestVar('type'); - + $member->isAdmin() or $this->disallow(); - - $skin = new SKIN($skinid); - + + $type = trim($type); + $type = strtolower($type); + + if (!isValidShortName($type)) { + $this->error(_ERROR_SKIN_PARTS_SPECIAL_FORMAT); + } + + $skin =& new SKIN($skinid); + $friendlyNames = SKIN::getFriendlyNames(); - + $this->pagehead(); ?>

    ()

    - -

    'getName() ?>':

    - + +

    'getName()) ?>':

    + "._MESSAGE.": $msg

    "; ?> - - + + +
    - + + addTicketHidden() ?> - + - (skin type: ) - + (skin type: ) +
    - + - +
    - (skin type: ) - + (skin type: ) +

    - + "; if (count($actions) != 0) echo ", "; } - ?> -

    - Short blog names: -
    ' . _SKINEDIT_ALLOWEDBLOGS; + $query = 'SELECT bshortname, bname FROM '.sql_table('blog'); showlist($query,'table',array('content'=>'shortblognames')); - ?> - -
    - Template names: - ' . _SKINEDIT_ALLOWEDTEMPLATESS; + $query = 'SELECT tdname as name, tddesc as description FROM '.sql_table('template_desc'); showlist($query,'table',array('content'=>'shortnames')); - ?> - - -
    -
    - - - pagefoot(); + echo '
    '; + $this->pagefoot(); } - + + /** + * @todo document this + */ function action_skinupdate() { global $member; - - $skinid = intRequestVar('skinid'); + + $skinid = intRequestVar('skinid'); $content = trim(postVar('content')); - $type = postVar('type'); + $type = postVar('type'); $member->isAdmin() or $this->disallow(); - - $skin = new SKIN($skinid); + + $skin =& new SKIN($skinid); $skin->update($type, $content); - + $this->action_skinedittype(_SKIN_UPDATED); } - + + /** + * @todo document this + */ function action_skindelete() { - global $member, $CONF; - + global $member, $manager, $CONF; + $skinid = intRequestVar('skinid'); - + $member->isAdmin() or $this->disallow(); - + // don't allow default skin to be deleted if ($skinid == $CONF['BaseSkin']) $this->error(_ERROR_DEFAULTSKIN); - + // don't allow deletion of default skins for blogs $query = 'SELECT bname FROM '.sql_table('blog').' WHERE bdefskin=' . $skinid; $r = sql_query($query); - if ($o = mysql_fetch_object($r)) - $this->error(_ERROR_SKINDEFDELETE . $o->bname); - + if ($o = sql_fetch_object($r)) + $this->error(_ERROR_SKINDEFDELETE . htmlspecialchars($o->bname)); + $this->pagehead(); - - $skin = new SKIN($skinid); + + $skin =& new SKIN($skinid); $name = $skin->getName(); $desc = $skin->getDescription(); - + ?>

    - +

    - () + ()

    - +
    + addTicketHidden() ?>
    - pagefoot(); - } - + } + + /** + * @todo document this + */ function action_skindeleteconfirm() { global $member, $CONF, $manager; - - $skinid = intRequestVar('skinid'); - + + $skinid = intRequestVar('skinid'); + $member->isAdmin() or $this->disallow(); - + // don't allow default skin to be deleted if ($skinid == $CONF['BaseSkin']) $this->error(_ERROR_DEFAULTSKIN); - + // don't allow deletion of default skins for blogs $query = 'SELECT bname FROM '.sql_table('blog').' WHERE bdefskin=' . $skinid; $r = sql_query($query); - if ($o = mysql_fetch_object($r)) - $this->error(_ERROR_SKINDEFDELETE .$o->bname); - - $manager->notify('PreDeleteSkin', array('skinid' => $skinid)); - + if ($o = sql_fetch_object($r)) + $this->error(_ERROR_SKINDEFDELETE .$o->bname); + + $manager->notify('PreDeleteSkin', array('skinid' => $skinid)); + // 1. delete description sql_query('DELETE FROM '.sql_table('skin_desc').' WHERE sdnumber=' . $skinid); - + // 2. delete parts sql_query('DELETE FROM '.sql_table('skin').' WHERE sdesc=' . $skinid); - - $manager->notify('PostDeleteSkin', array('skinid' => $skinid)); - + + $manager->notify('PostDeleteSkin', array('skinid' => $skinid)); + $this->action_skinoverview(); } - + + /** + * @todo document this + */ + function action_skinremovetype() { + global $member, $manager, $CONF; + + $skinid = intRequestVar('skinid'); + $skintype = requestVar('type'); + + if (!isValidShortName($skintype)) { + $this->error(_ERROR_SKIN_PARTS_SPECIAL_DELETE); + } + + $member->isAdmin() or $this->disallow(); + + // don't allow default skinparts to be deleted + if (in_array($skintype, array('index', 'item', 'archivelist', 'archive', 'search', 'error', 'member', 'imagepopup'))) { + $this->error(_ERROR_SKIN_PARTS_SPECIAL_DELETE); + } + + $this->pagehead(); + + $skin =& new SKIN($skinid); + $name = $skin->getName(); + $desc = $skin->getDescription(); + + ?> +

    + +

    + () () +

    + +
    + + addTicketHidden() ?> + + + +
    + pagefoot(); + } + + /** + * @todo document this + */ + function action_skinremovetypeconfirm() { + global $member, $CONF, $manager; + + $skinid = intRequestVar('skinid'); + $skintype = requestVar('type'); + + if (!isValidShortName($skintype)) { + $this->error(_ERROR_SKIN_PARTS_SPECIAL_DELETE); + } + + $member->isAdmin() or $this->disallow(); + + // don't allow default skinparts to be deleted + if (in_array($skintype, array('index', 'item', 'archivelist', 'archive', 'search', 'error', 'member', 'imagepopup'))) { + $this->error(_ERROR_SKIN_PARTS_SPECIAL_DELETE); + } + + $manager->notify('PreDeleteSkinPart', array('skinid' => $skinid, 'skintype' => $skintype)); + + // delete part + sql_query('DELETE FROM '.sql_table('skin').' WHERE sdesc=' . $skinid . ' AND stype=\'' . $skintype . '\''); + + $manager->notify('PostDeleteSkinPart', array('skinid' => $skinid, 'skintype' => $skintype)); + + $this->action_skinedit(); + } + + /** + * @todo document this + */ function action_skinclone() { global $member; - - $skinid = intRequestVar('skinid'); - + + $skinid = intRequestVar('skinid'); + $member->isAdmin() or $this->disallow(); - + // 1. read skin to clone - $skin = new SKIN($skinid); - + $skin =& new SKIN($skinid); + $name = "clone_" . $skin->getName(); - + // if a skin with that name already exists: if (SKIN::exists($name)) { $i = 1; @@ -3890,7 +4667,7 @@ selector(); $i++; $name .= $i; } - + // 2. create skin desc $newid = SKIN::createNew( $name, @@ -3899,9 +4676,10 @@ selector(); $skin->getIncludeMode(), $skin->getIncludePrefix() ); - - + + // 3. clone + /* $this->skinclonetype($skin, $newid, 'index'); $this->skinclonetype($skin, $newid, 'item'); $this->skinclonetype($skin, $newid, 'archivelist'); @@ -3910,11 +4688,21 @@ selector(); $this->skinclonetype($skin, $newid, 'error'); $this->skinclonetype($skin, $newid, 'member'); $this->skinclonetype($skin, $newid, 'imagepopup'); - + */ + + $query = "SELECT stype FROM " . sql_table('skin') . " WHERE sdesc = " . $skinid; + $res = sql_query($query); + while ($row = sql_fetch_assoc($res)) { + $this->skinclonetype($skin, $newid, $row['stype']); + } + $this->action_skinoverview(); - + } - + + /** + * @todo document this + */ function skinclonetype($skin, $newid, $type) { $newid = intval($newid); $content = $skin->getContent($type); @@ -3923,48 +4711,52 @@ selector(); sql_query($query); } } - + + /** + * @todo document this + */ function action_settingsedit() { global $member, $manager, $CONF, $DIR_NUCLEUS, $DIR_MEDIA; - + $member->isAdmin() or $this->disallow(); - + $this->pagehead(); - - echo '

    (',_BACKTOMANAGE,')

    '; + + echo '

    (',_BACKTOMANAGE,')

    '; ?>

    - +
    - + - + addTicketHidden() ?> + @@ -3988,11 +4780,11 @@ selector(); - + - + + + - + + + + + + + @@ -4088,13 +4902,13 @@ selector(); + + @@ -4104,33 +4918,33 @@ selector(); - + - + - + - + @@ -4140,6 +4954,9 @@ selector(); + + + @@ -4151,7 +4968,7 @@ selector(); @@ -4165,47 +4982,50 @@ selector();
    -
    -
    - + - + +
    input_yesno('DisableSite',$CONF['DisableSite'],10060); ?> -
    - URL: +
    +
    -
    - input_yesno('DisableJsTools',$CONF['DisableJsTools'],10075); */?> -
    input_yesno('URLMode',$CONF['URLMode'],10077, - 'normal','pathinfo',_SETTINGS_URLMODE_NORMAL,_SETTINGS_URLMODE_PATHINFO); - - echo ' ', _SETTINGS_URLMODE_HELP; - - ?> - input_yesno('URLMode',$CONF['URLMode'],10077, + 'normal','pathinfo',_SETTINGS_URLMODE_NORMAL,_SETTINGS_URLMODE_PATHINFO); + + echo ' ', _SETTINGS_URLMODE_HELP; + + ?> + +
    input_yesno('DebugVars',$CONF['DebugVars'],10078); + + ?> + +
    + + +
    - - " . _WARNING_NOTADIR . ""; - if (!is_readable($DIR_MEDIA)) - echo "
    " . _WARNING_NOTREADABLE . ""; - if (!is_writeable($DIR_MEDIA)) - echo "
    " . _WARNING_NOTWRITABLE . ""; - ?> + + " . _WARNING_NOTADIR . ""; + if (!is_readable($DIR_MEDIA)) + echo "
    " . _WARNING_NOTREADABLE . ""; + if (!is_writeable($DIR_MEDIA)) + echo "
    " . _WARNING_NOTWRITABLE . ""; + ?>
    - +
    - +
    - -
    input_yesno('MediaPrefix',$CONF['MediaPrefix'],10110); ?>
    input_yesno('AllowLoginEdit',$CONF['AllowLoginEdit'],10120); ?>
    - + input_yesno('AllowMemberCreate',$CONF['AllowMemberCreate'],10130); ?>
    -
    +
    		input_yesno('NewMemberCanLogon',$CONF['NewMemberCanLogon'],10140); ?>
    - + input_yesno('AllowMemberMail',$CONF['AllowMemberMail'],10150); ?>
    - + input_yesno('NonmemberMail',$CONF['NonmemberMail'],10155); ?>
    - + input_yesno('ProtectMemNames',$CONF['ProtectMemNames'],10156); ?>
    input_yesno('SessionCookie',$CONF['SessionCookie'],10190, - 1,0,_SETTINGS_COOKIESESSION,_SETTINGS_COOKIEMONTH); ?> + 1,0,_SETTINGS_COOKIESESSION,_SETTINGS_COOKIEMONTH); ?>
    - +
    - ',_PLUGINS_EXTRA,''; + ',_PLUGINS_EXTRA,''; $manager->notify( - 'GeneralSettingsFormExtras', + 'GeneralSettingsFormExtras', array() ); - + $this->pagefoot(); } - + + /** + * @todo document this + */ function action_settingsupdate() { global $member, $CONF; - + $member->isAdmin() or $this->disallow(); - + // check if email address for admin is valid if (!isValidMailAddress(postVar('AdminEmail'))) $this->error(_ERROR_BADMAILADDRESS); - - // save settings - $this->updateConfig('DefaultBlog', postVar('DefaultBlog')); - $this->updateConfig('BaseSkin', postVar('BaseSkin')); - $this->updateConfig('IndexURL', postVar('IndexURL')); + + // save settings + $this->updateConfig('DefaultBlog', postVar('DefaultBlog')); + $this->updateConfig('BaseSkin', postVar('BaseSkin')); + $this->updateConfig('IndexURL', postVar('IndexURL')); $this->updateConfig('AdminURL', postVar('AdminURL')); - $this->updateConfig('PluginURL', postVar('PluginURL')); - $this->updateConfig('SkinsURL', postVar('SkinsURL')); - $this->updateConfig('ActionURL', postVar('ActionURL')); - $this->updateConfig('Language', postVar('Language')); - $this->updateConfig('AdminEmail', postVar('AdminEmail')); - $this->updateConfig('SessionCookie', postVar('SessionCookie')); - $this->updateConfig('AllowMemberCreate',postVar('AllowMemberCreate')); - $this->updateConfig('AllowMemberMail', postVar('AllowMemberMail')); - $this->updateConfig('NonmemberMail', postVar('NonmemberMail')); - $this->updateConfig('ProtectMemNames', postVar('ProtectMemNames')); - $this->updateConfig('SiteName', postVar('SiteName')); + $this->updateConfig('PluginURL', postVar('PluginURL')); + $this->updateConfig('SkinsURL', postVar('SkinsURL')); + $this->updateConfig('ActionURL', postVar('ActionURL')); + $this->updateConfig('Language', postVar('Language')); + $this->updateConfig('AdminEmail', postVar('AdminEmail')); + $this->updateConfig('SessionCookie', postVar('SessionCookie')); + $this->updateConfig('AllowMemberCreate',postVar('AllowMemberCreate')); + $this->updateConfig('AllowMemberMail', postVar('AllowMemberMail')); + $this->updateConfig('NonmemberMail', postVar('NonmemberMail')); + $this->updateConfig('ProtectMemNames', postVar('ProtectMemNames')); + $this->updateConfig('SiteName', postVar('SiteName')); $this->updateConfig('NewMemberCanLogon',postVar('NewMemberCanLogon')); $this->updateConfig('DisableSite', postVar('DisableSite')); $this->updateConfig('DisableSiteURL', postVar('DisableSiteURL')); @@ -4214,39 +5034,185 @@ selector(); $this->updateConfig('AllowedTypes', postVar('AllowedTypes')); $this->updateConfig('AllowUpload', postVar('AllowUpload')); $this->updateConfig('MaxUploadSize', postVar('MaxUploadSize')); - $this->updateConfig('MediaPrefix', postVar('MediaPrefix')); + $this->updateConfig('MediaPrefix', postVar('MediaPrefix')); $this->updateConfig('AllowLoginEdit', postVar('AllowLoginEdit')); - $this->updateConfig('DisableJsTools', postVar('DisableJsTools')); + $this->updateConfig('DisableJsTools', postVar('DisableJsTools')); $this->updateConfig('CookieDomain', postVar('CookieDomain')); $this->updateConfig('CookiePath', postVar('CookiePath')); $this->updateConfig('CookieSecure', postVar('CookieSecure')); - $this->updateConfig('URLMode', postVar('URLMode')); - + $this->updateConfig('URLMode', postVar('URLMode')); + $this->updateConfig('CookiePrefix', postVar('CookiePrefix')); + $this->updateConfig('DebugVars', postVar('DebugVars')); + $this->updateConfig('DefaultListSize', postVar('DefaultListSize')); + // load new config and redirect (this way, the new language will be used is necessary) // note that when changing cookie settings, this redirect might cause the user // to have to log in again. getConfig(); redirect($CONF['AdminURL'] . '?action=manage'); exit; - + } - - + + /** + * Give an overview over the used system + */ + function action_systemoverview() { + global $member, $nucleus, $CONF; + + $this->pagehead(); + + echo '

    ' . _ADMIN_SYSTEMOVERVIEW_HEADING . "

    \n"; + + if ($member->isLoggedIn() && $member->isAdmin()) { + + // Information about the used PHP and MySQL installation + echo '

    ' . _ADMIN_SYSTEMOVERVIEW_PHPANDMYSQL . "

    \n"; + + // Version of PHP MySQL + echo "\n"; + echo "\t\n"; + echo "\t\t" . '\n"; + echo "\t\n"; + echo "\t\t" . '\n"; + echo "\t\t" . '\n"; + echo "\t\n"; + echo "\t\t" . '\n"; + echo "\t\t" . '\n"; + echo "\t"; + echo "
    ' . _ADMIN_SYSTEMOVERVIEW_VERSIONS . "
    ' . _ADMIN_SYSTEMOVERVIEW_PHPVERSION . "' . phpversion() . "
    ' . _ADMIN_SYSTEMOVERVIEW_MYSQLVERSION . "' . sql_get_server_info() . ' (' . sql_get_client_info() . ')' . "
    \n"; + + // Important PHP settings + echo "\n"; + echo "\t\n"; + echo "\t\t" . '\n"; + echo "\t\n"; + echo "\t\t" . '\n"; + $mqg = get_magic_quotes_gpc() ? 'On' : 'Off'; + echo "\t\t" . '\n"; + echo "\t\n"; + echo "\t\t" . '\n"; + $mqr = get_magic_quotes_runtime() ? 'On' : 'Off'; + echo "\t\t" . '\n"; + echo "\t\n"; + echo "\t\t" . '\n"; + $rg = ini_get('register_globals') ? 'On' : 'Off'; + echo "\t\t" . '\n"; + echo "\t"; + echo "
    ' . _ADMIN_SYSTEMOVERVIEW_SETTINGS . "
    magic_quotes_gpc' . "' . $mqg . "
    magic_quotes_runtime' . "' . $mqr . "
    register_globals' . "' . $rg . "
    \n"; + + // Information about GD library + $gdinfo = gd_info(); + echo "\n"; + echo "\t"; + echo "\t\t" . '\n"; + echo "\t\n"; + foreach ($gdinfo as $key=>$value) { + if (is_bool($value)) { + $value = $value ? _ADMIN_SYSTEMOVERVIEW_ENABLE : _ADMIN_SYSTEMOVERVIEW_DISABLE; + } else { + $value = htmlspecialchars($value, ENT_QUOTES); + } + echo "\t"; + echo "\t\t" . '\n"; + echo "\t\t" . '\n"; + echo "\t\n"; + } + echo "
    ' . _ADMIN_SYSTEMOVERVIEW_GDLIBRALY . "
    ' . $key . "' . $value . "
    \n"; + + // Check if special modules are loaded + ob_start(); + phpinfo(INFO_MODULES); + $im = ob_get_contents(); + ob_clean(); + echo "\n"; + echo "\t"; + echo "\t\t" . '\n"; + echo "\t\n"; + echo "\t\t" . '\n"; + $modrewrite = (strstr($im, 'mod_rewrite') != '') ? + _ADMIN_SYSTEMOVERVIEW_ENABLE : + _ADMIN_SYSTEMOVERVIEW_DISABLE; + echo "\t\t" . '\n"; + echo "\t\n"; + echo "
    ' . _ADMIN_SYSTEMOVERVIEW_MODULES . "
    mod_rewrite' . "' . $modrewrite . "
    \n"; + + // Information about the used Nucleus CMS + echo '

    ' . _ADMIN_SYSTEMOVERVIEW_NUCLEUSSYSTEM . "

    \n"; + global $nucleus; + $nv = getNucleusVersion() / 100 . '(' . $nucleus['version'] . ')'; + $np = getNucleusPatchLevel(); + echo "\n"; + echo "\t"; + echo "\t\t" . '\n"; + echo "\t\n"; + echo "\t\t" . '\n"; + echo "\t\t" . '\n"; + echo "\t\n"; + echo "\t\t" . '\n"; + echo "\t\t" . '\n"; + echo "\t\n"; + echo "
    Nucleus CMS' . "
    ' . _ADMIN_SYSTEMOVERVIEW_NUCLEUSVERSION . "' . $nv . "
    ' . _ADMIN_SYSTEMOVERVIEW_NUCLEUSPATCHLEVEL . "' . $np . "
    \n"; + + // Important settings of the installation + echo "\n"; + echo "\t"; + echo "\t\t" . '\n"; + echo "\t\n"; + echo "\t\t" . '\n"; + echo "\t\t" . '\n"; + echo "\t\n"; + echo "\t\t" . '\n"; + echo "\t\t" . '\n"; + echo "\t\n"; + echo "\t\t" . '\n"; + $ohs = $CONF['alertOnHeadersSent'] ? + _ADMIN_SYSTEMOVERVIEW_ENABLE : + _ADMIN_SYSTEMOVERVIEW_DISABLE; + echo "\t\t" . '\n"; + echo "\t\n"; + echo "
    ' . _ADMIN_SYSTEMOVERVIEW_NUCLEUSSETTINGS . "
    ' . '$CONF[' . "'Self']' . $CONF['Self'] . "
    ' . '$CONF[' . "'ItemURL']' . $CONF['ItemURL'] . "
    ' . '$CONF[' . "'alertOnHeadersSent']' . $ohs . "
    \n"; + + // Link to the online version test at the Nucleus CMS website + echo '

    ' . _ADMIN_SYSTEMOVERVIEW_VERSIONCHECK . "

    \n"; + if ($nucleus['codename'] != '') { + $codenamestring = ' "' . $nucleus['codename'] . '"'; + } else { + $codenamestring = ''; + } + echo _ADMIN_SYSTEMOVERVIEW_VERSIONCHECK_TXT; + $checkURL = sprintf(_ADMIN_SYSTEMOVERVIEW_VERSIONCHECK_URL, getNucleusVersion(), getNucleusPatchLevel()); + echo ''; + echo 'Nucleus CMS ' . $nv . $codenamestring; + echo ''; + //echo '
    '; + } + else { + echo _ADMIN_SYSTEMOVERVIEW_NOT_ADMIN; + } + + $this->pagefoot(); + } + + /** + * @todo document this + */ function updateConfig($name, $val) { $name = addslashes($name); $val = trim(addslashes($val)); - + $query = 'UPDATE '.sql_table('config') - . " SET value='$val'" - . " WHERE name='$name'"; + . " SET value='$val'" + . " WHERE name='$name'"; - mysql_query($query) or die("Query error: " . mysql_error()); - return mysql_insert_id(); + sql_query($query) or die(_ADMIN_SQLDIE_QUERYERROR . sql_error()); + return sql_insert_id(); } - + /** - * Error message - */ + * Error message + * @param string $msg message that will be shown + */ function error($msg) { $this->pagehead(); ?> @@ -4257,17 +5223,22 @@ selector(); $this->pagefoot(); exit; } - + + /** + * @todo document this + */ function disallow() { ACTIONLOG::add(WARNING, _ACTIONLOG_DISALLOWED . serverVar('REQUEST_URI')); - + $this->error(_ERROR_DISALLOWED); } - - + + /** + * @todo document this + */ function pagehead($extrahead = '') { global $member, $nucleus, $CONF, $manager; - + $manager->notify( 'AdminPrePageHead', array( @@ -4275,66 +5246,80 @@ selector(); 'action' => $this->action ) ); - + $baseUrl = htmlspecialchars($CONF['AdminURL']); ?> - + > - <?php echo htmlspecialchars($CONF['SiteName'])?> - Admin + <?php echo htmlspecialchars($CONF['SiteName'])?> - Admin - - + - - - + + + +

    - isLoggedIn()) + isLoggedIn()) echo _LOGGEDINAS . ' ' . $member->getDisplayName() - ." - " . _LOGOUT. "" - . "
    " . _ADMINHOME . " - "; - else - echo _NOTLOGGEDIN . '
    '; + ." - " . _LOGOUT. "" + . "
    " . _ADMINHOME . " - "; + else + echo '' , _NOTLOGGEDIN , '
    '; echo ""._YOURSITE.""; - + echo '
    ('; - - if ($member->isLoggedIn() && $member->isAdmin()) - echo 'Nucleus ', $nucleus['version'], ''; - else - echo 'Nucleus ' , $nucleus['version']; + + $codenamestring = ($nucleus['codename']!='')? ' "'.$nucleus['codename'].'"':''; + + if ($member->isLoggedIn() && $member->isAdmin()) { + $checkURL = sprintf(_ADMIN_SYSTEMOVERVIEW_VERSIONCHECK_URL, getNucleusVersion(), getNucleusPatchLevel()); + echo 'Nucleus CMS ' . $nucleus['version'] . $codenamestring . ''; + $newestVersion = getLatestVersion(); + $newestCompare = str_replace('/','.',$newestVersion); + $currentVersion = str_replace(array('/','v'),array('.',''),$nucleus['version']); + if ($newestVersion && version_compare($newestCompare,$currentVersion)) { + echo '
    '._ADMIN_SYSTEMOVERVIEW_LATESTVERSION_TEXT.$newestVersion.''; + } + } else { + echo 'Nucleus CMS ' . $nucleus['version'] . $codenamestring; + } echo ')'; echo '
    '; } - + + /** + * @todo document this + */ function pagefoot() { global $action, $member, $manager; - + $manager->notify( 'AdminPrePageFoot', array( 'action' => $this->action ) - ); - - if ($action != 'showlogin') { + ); + + if ($member->isLoggedIn() && ($action != 'showlogin')) { ?>

    +
    - +
    - - isLoggedIn())) { echo ''; - + echo ''; + echo '

    ',_QMENU_ADD,'

    '; echo '
    '; echo ''; @@ -4373,7 +5358,7 @@ selector(); $query = 'SELECT bnumber as value, bname as text' . ' FROM ' . sql_table('blog') . ', ' . sql_table('team') . ' WHERE tblog=bnumber and tmember=' . $member->getID() - . ' ORDER BY bname'; + . ' ORDER BY bname'; } $template['name'] = 'blogid'; $template['tabindex'] = 15000; @@ -4381,44 +5366,45 @@ selector(); $template['selected'] = -1; $template['shorten'] = 10; $template['shortenel'] = ''; - $template['javascript'] = 'onchange="return form.submit()"'; + $template['javascript'] = 'onchange="return form.submit()"'; showlist($query,'select',$template); echo '
    '; echo '

    ' . $member->getDisplayName(). '

    '; echo ''; - // ---- general settings ---- + // ---- general settings ---- if ($member->isAdmin()) { echo '

    ',_QMENU_MANAGE,'

    '; echo ''; echo '

    ',_QMENU_LAYOUT,'

    '; echo ''; } - + $aPluginExtras = array(); $manager->notify( 'QuickMenu', @@ -4436,218 +5422,245 @@ selector(); } echo ''; } - - } else { - echo '

    ', _QMENU_INTRO, '

    ', _QMENU_INTRO_TEXT; - + } else if (($action == 'activate') || ($action == 'activatesetpwd')) { + + echo '

    ', _QMENU_ACTIVATE, '

    ', _QMENU_ACTIVATE_TEXT; + } else { + // introduction text on login screen + echo '

    ', _QMENU_INTRO, '

    ', _QMENU_INTRO_TEXT; } ?>
    - + -
    - - +
    + + + + teamRights($blogid) or $this->disallow(); - + // header-code stolen from phpMyAdmin // REGEDIT and bookmarklet code stolen from GreyMatter - $sjisBlogName = getBlogNameFromID($blogid); + $sjisBlogName = sprintf(_WINREGFILE_TEXT, getBlogNameFromID($blogid)); $sjisBlogName = mb_convert_encoding($sjisBlogName, "SJIS", "auto"); header('Content-Type: application/octetstream'); header('Content-Disposition: filename="nucleus.reg"'); header('Pragma: no-cache'); - header('Expires: 0'); - + header('Expires: 0'); + echo "REGEDIT4\n"; - echo "[HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\MenuExt\\Post To &Nucleus (".$sjisBlogName.")]\n"; + echo "[HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\MenuExt\\" . $sjisBlogName . "]\n"; echo '@="' . $CONF['AdminURL'] . "bookmarklet.php?action=contextmenucode&blogid=".intval($blogid)."\"\n"; - echo '"contexts"=hex:31'; + echo '"contexts"=hex:31'; } - + + /** + * @todo document this + */ function action_bookmarklet() { global $member, $manager; - + $blogid = intRequestVar('blogid'); - + $member->teamRights($blogid) or $this->disallow(); - + $blog =& $manager->getBlog($blogid); $bm = getBookmarklet($blogid); - + $this->pagehead(); echo '

    (',_BACKHOME,')

    '; - + ?> - -

    Bookmarklet

    - + +

    +

    - Bookmarklet とは、クリック1回で記事の投稿ができるシステムです。 この Bookmarklet をインストールすると、ブラウザのツールバーの'add to weblog'ボタンが利用可能となり、Nucleusの新規アイテムの追加ウィンドウがポップアップします。任意のWebページを開いた状態でこのボタンを押せば、そのWebページのタイトルと、そのページへのリンクタグがすでに埋め込まれた状態でアイテム追加ウィンドウが開き、さらに、そのページ内に引用したい文を選択した状態であればその引用文も自動的に引用します。 +

    - -

    Bookmarklet

    + +

    - 下のリンク部分を「お気に入り」もしくはツールバーにドラッグできます。(その前にテストしてみたい場合は単純に下のリンクをクリックしてみてください) +

    - Add to getShortName()?> (ほとんどのブラウザで動作します) + ' . sprintf(_BOOKMARKLET_ANCHOR, htmlspecialchars($blog->getName(), ENT_QUOTES)) . '' . _BOOKMARKLET_BMARKFOLLOW; ?>

    - -

    右クリックメニューにインストール (WindowsでIE使用時)

    + +

    - あるいは右クリックメニューにインストールすることもできます (「開く」を選択すれば直接レジストリに登録します) + addTicketToUrl($url); + ?> + ' . _BOOKMARKLET_RIGHTLABEL . '' . _BOOKMARKLET_RIGHTTEXT2; ?>

    - +

    - このインストールした右クリックメニューを表示するためにはIEの再起動が必要です +

    - -

    アンインストール

    + +

    - 「お気に入り」もしくはツールバーから消すには、単に削除するだけです。 +

    - +

    - 右クリックメニューから消したい時は、以下の手順を踏んでください: +

    - +
      -
    1. スタートメニューから「ファイルを指定して実行...」を選択
      2. -
    2. "regedit" と入力
      3. -
    3. "OK" ボタンを押す
      4. -
    4. "\HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt" をツリーの中から検索
      5. -
    5. "add to weblog" エントリを削除
      6. +
      7. +
      8. +
      9. +
      10. +
    pagefoot(); - - } + } + /** + * @todo document this + */ function action_actionlog() { - global $member; - + global $member, $manager; + $member->isAdmin() or $this->disallow(); - + $this->pagehead(); - - echo '

    (',_BACKTOMANAGE,')

    '; - + + echo '

    (',_BACKTOMANAGE,')

    '; + + $url = $manager->addTicketToUrl('index.php?action=clearactionlog'); + ?>

    -

    +

    ' . _ACTIONLOG_TITLE . ''; - + $query = 'SELECT * FROM '.sql_table('actionlog').' ORDER BY timestamp DESC'; $template['content'] = 'actionlist'; $amount = showlist($query,'table',$template); - + $this->pagefoot(); } - + /** + * @todo document this + */ function action_banlist() { global $member, $manager; - + $blogid = intRequestVar('blogid'); - + $member->blogAdminRights($blogid) or $this->disallow(); - + $blog =& $manager->getBlog($blogid); - + $this->pagehead(); - echo '

    (',_BACKHOME,')

    '; - + echo '

    (',_BACKHOME,')

    '; + echo '

    ' . _BAN_TITLE . " '". $this->bloglink($blog) ."'

    "; - + $query = 'SELECT * FROM '.sql_table('ban').' WHERE blogid='.$blogid.' ORDER BY iprange'; $template['content'] = 'banlist'; $amount = showlist($query,'table',$template); - + if ($amount == 0) echo _BAN_NONE; - + echo '

    '._BAN_NEW_TITLE.'

    '; echo "

    "._BAN_NEW_TEXT."

    "; - - + + $this->pagefoot(); } - + /** + * @todo document this + */ function action_banlistdelete() { global $member, $manager; - - $blogid = intRequestVar('blogid'); - $iprange = requestVar('iprange'); - + + $blogid = intRequestVar('blogid'); + $iprange = requestVar('iprange'); + $member->blogAdminRights($blogid) or $this->disallow(); - + $blog =& $manager->getBlog($blogid); - + $banBlogName = htmlspecialchars($blog->getName(), ENT_QUOTES); + $this->pagehead(); ?>

    - +
    - +

    - +

    - +

    - +
    - + +
    - +

    - +
    + addTicketHidden() ?>
    - +
    - pagefoot(); } + /** + * @todo document this + */ function action_banlistdeleteconfirm() { global $member, $manager; - + $blogid = intPostVar('blogid'); $allblogs = postVar('allblogs'); $iprange = postVar('iprange'); - + $member->blogAdminRights($blogid) or $this->disallow(); - + $deleted = array(); if (!$allblogs) { @@ -4662,113 +5675,130 @@ selector(); } } - if (sizeof($deleted) == 0) - $this->error(_ERROR_DELETEBAN); + if (sizeof($deleted) == 0) + $this->error(_ERROR_DELETEBAN); $this->pagehead(); - + echo '(',_BACK,')'; echo '

    '._BAN_REMOVED_TITLE.'

    '; echo "

    "._BAN_REMOVED_TEXT."

    "; - + echo ""; - + $this->pagefoot(); } - + + /** + * @todo document this + */ function action_banlistnewfromitem() { $this->action_banlistnew(getBlogIDFromItemID(intRequestVar('itemid'))); } - + + /** + * @todo document this + */ function action_banlistnew($blogid = '') { global $member, $manager; - + if ($blogid == '') $blogid = intRequestVar('blogid'); - + $ip = requestVar('ip'); - + $member->blogAdminRights($blogid) or $this->disallow(); - + $blog =& $manager->getBlog($blogid); - + $this->pagehead(); ?>

    - - + +
    - +

    - +

    - +
    - An example: "134.58.253.193" will only block one computer, while "134.58.253" will block 256 IP addresses, including the one from the first example. + +
    - +
    - - + +
    - - + + + "; echo ""; } ?>
    - +

    -
    +

    - +

    - +

    - +
    + addTicketHidden() ?>
    - + - + pagefoot(); } - + + /** + * @todo document this + */ function action_banlistadd() { global $member; - + $blogid = intPostVar('blogid'); $allblogs = postVar('allblogs'); $iprange = postVar('iprange'); if ($iprange == "custom") $iprange = postVar('customiprange'); $reason = postVar('reason'); - + $member->blogAdminRights($blogid) or $this->disallow(); - + // TODO: check IP range validity - + if (!$allblogs) { if (!BAN::addBan($blogid, $iprange, $reason)) $this->error(_ERROR_ADDBAN); @@ -4783,61 +5813,69 @@ selector(); if ($failed) $this->error(_ERROR_ADDBAN); } - + $this->action_banlist(); - + } - + + /** + * @todo document this + */ function action_clearactionlog() { global $member; - + $member->isAdmin() or $this->disallow(); - + ACTIONLOG::clear(); - + $this->action_manage(_MSG_ACTIONLOGCLEARED); } - + + /** + * @todo document this + */ function action_backupoverview() { - global $member; - + global $member, $manager; + $member->isAdmin() or $this->disallow(); - + $this->pagehead(); - echo '

    (',_BACKTOMANAGE,')

    '; + echo '

    (',_BACKTOMANAGE,')

    '; ?>

    - +

    - +

    - +

    + addTicketHidden() ?>


    - +

    - +
    - +

    - +
    - +

    - +

    + addTicketHidden() ?>

    - +

    @@ -4845,82 +5883,92 @@ selector(); pagefoot(); } + /** + * @todo document this + */ function action_backupcreate() { global $member, $DIR_LIBS; - + $member->isAdmin() or $this->disallow(); // use compression ? $useGzip = intval(postVar('gzip')); - + include($DIR_LIBS . 'backup.php'); - - // try to extend time limit + + // try to extend time limit // (creating/restoring dumps might take a while) @set_time_limit(1200); - - do_backup($useGzip); + + $bu = new Backup(); + $bu->do_backup($useGzip); exit; } - + /** + * @todo document this + */ function action_backuprestore() { global $member, $DIR_LIBS; - + $member->isAdmin() or $this->disallow(); - + if (intPostVar('letsgo') != 1) $this->error(_ERROR_BACKUP_NOTSURE); include($DIR_LIBS . 'backup.php'); - - // try to extend time limit + + // try to extend time limit // (creating/restoring dumps might take a while) @set_time_limit(1200); - - $message = do_restore(); + + $bu = new Backup(); + $message = $bu->do_restore(); if ($message != '') $this->error($message); - + $this->pagehead(); ?>

    pagefoot(); } - + /** + * @todo document this + */ function action_pluginlist() { - global $member; - + global $member, $manager; + // check if allowed $member->isAdmin() or $this->disallow(); - + $this->pagehead(); - - echo '

    (',_BACKTOMANAGE,')

    '; - + + echo '

    (',_BACKTOMANAGE,')

    '; + echo '

    ' , _PLUGS_TITLE_MANAGE , ' ', help('plugins'), '

    '; - - echo '

    ' , _PLUGS_TITLE_INSTALLED , '

    '; - - + + echo '

    ' , _PLUGS_TITLE_INSTALLED , '   ', helplink('getplugins'), _PLUGS_TITLE_GETPLUGINS, '

    '; + + $query = 'SELECT * FROM '.sql_table('plugin').' ORDER BY porder ASC'; $template['content'] = 'pluginlist'; $template['tabindex'] = 10; showlist($query, 'table', $template); - + ?>

    - +

    - +
    + addTicketHidden() ?>
    - +

    0) { ?>

    - +
    + addTicketHidden() ?>
    - pagefoot(); + pagefoot(); } - + + /** + * @todo document this + */ function action_plugindeleteconfirm() { - global $member, $manager; - + global $member, $manager, $CONF; + // check if allowed $member->isAdmin() or $this->disallow(); - + $pid = intPostVar('plugid'); - + $error = $this->deleteOnePlugin($pid, 1); if ($error) { $this->error($error); } - $this->action_pluginlist(); + redirect($CONF['AdminURL'] . '?action=pluginlist'); +// $this->action_pluginlist(); } - + + /** + * @todo document this + */ function deleteOnePlugin($pid, $callUninstall = 0) { global $manager; - + $pid = intval($pid); - + if (!$manager->pidInstalled($pid)) return _ERROR_NOSUCHPLUGIN; - + + $name = quickQuery('SELECT pfile as result FROM '.sql_table('plugin').' WHERE pid='.$pid); + +/* // call the unInstall method of the plugin + if ($callUninstall) { + $plugin =& $manager->getPlugin($name); + if ($plugin) $plugin->unInstall(); + }*/ + + // check dependency before delete + $res = sql_query('SELECT pfile FROM '.sql_table('plugin')); + while($o = sql_fetch_object($res)) { + $plug =& $manager->getPlugin($o->pfile); + if ($plug) + { + $depList = $plug->getPluginDep(); + foreach ($depList as $depName) + { + if ($name == $depName) + { + return sprintf(_ERROR_DELREQPLUGIN, $o->pfile); + } + } + } + } + + $manager->notify('PreDeletePlugin', array('plugid' => $pid)); + // call the unInstall method of the plugin if ($callUninstall) { - $name = quickQuery('SELECT pfile as result FROM '.sql_table('plugin').' WHERE pid='.$pid); $plugin =& $manager->getPlugin($name); if ($plugin) $plugin->unInstall(); } - $manager->notify('PreDeletePlugin', array('plugid' => $pid)); - // delete all subscriptions sql_query('DELETE FROM '.sql_table('plugin_event').' WHERE pid=' . $pid); - + // delete all options // get OIDs from plugin_option_desc $res = sql_query('SELECT oid FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . $pid); $aOIDs = array(); - while ($o = mysql_fetch_object($res)) { + while ($o = sql_fetch_object($res)) { array_push($aOIDs, $o->oid); } - + // delete from plugin_option and plugin_option_desc sql_query('DELETE FROM '.sql_table('plugin_option_desc').' WHERE opid=' . $pid); if (count($aOIDs) > 0) - sql_query('DELETE FROM '.sql_table('plugin_option').' WHERE oid in ('.implode(',',$aOIDs).')'); - + sql_query('DELETE FROM '.sql_table('plugin_option').' WHERE oid in ('.implode(',',$aOIDs).')'); + // update order numbers - $o = mysql_fetch_object(sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid=' . $pid)); + $res = sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid=' . $pid); + $o = sql_fetch_object($res); sql_query('UPDATE '.sql_table('plugin').' SET porder=(porder - 1) WHERE porder>'.$o->porder); - + // delete row sql_query('DELETE FROM '.sql_table('plugin').' WHERE pid='.$pid); - + $manager->clearCachedInfo('installedPlugins'); - $manager->notify('PostDeletePlugin', array('plugid' => $pid)); - + $manager->notify('PostDeletePlugin', array('plugid' => $pid)); + return ''; } - + + /** + * @todo document this + */ function action_pluginup() { - global $member, $manager; - + global $member, $manager, $CONF; + // check if allowed $member->isAdmin() or $this->disallow(); - + $plugid = intGetVar('plugid'); if (!$manager->pidInstalled($plugid)) $this->error(_ERROR_NOSUCHPLUGIN); - + // 1. get old order number - $o = mysql_fetch_object(sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid='.$plugid)); + $res = sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid='.$plugid); + $o = sql_fetch_object($res); $oldOrder = $o->porder; - + // 2. calculate new order number $newOrder = ($oldOrder > 1) ? ($oldOrder - 1) : 1; - + // 3. update plug numbers - sql_query('UPDATE '.sql_table('plugin').' SET porder='.$oldOrder.' WHERE porder='.$newOrder); - sql_query('UPDATE '.sql_table('plugin').' SET porder='.$newOrder.' WHERE pid='.$plugid); - - $this->action_pluginlist(); + sql_query('UPDATE '.sql_table('plugin').' SET porder='.$oldOrder.' WHERE porder='.$newOrder); + sql_query('UPDATE '.sql_table('plugin').' SET porder='.$newOrder.' WHERE pid='.$plugid); + + //$this->action_pluginlist(); + // To avoid showing ticket in the URL, redirect to pluginlist, instead. + redirect($CONF['AdminURL'] . '?action=pluginlist'); } + /** + * @todo document this + */ function action_plugindown() { - global $member, $manager; - + global $member, $manager, $CONF; + // check if allowed $member->isAdmin() or $this->disallow(); - + $plugid = intGetVar('plugid'); if (!$manager->pidInstalled($plugid)) $this->error(_ERROR_NOSUCHPLUGIN); - + // 1. get old order number - $o = mysql_fetch_object(sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid='.$plugid)); + $res = sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid='.$plugid); + $o = sql_fetch_object($res); $oldOrder = $o->porder; - - $maxOrder = mysql_num_rows(sql_query('SELECT * FROM '.sql_table('plugin'))); - + + $res = sql_query('SELECT * FROM '.sql_table('plugin')); + $maxOrder = sql_num_rows($res); + // 2. calculate new order number $newOrder = ($oldOrder < $maxOrder) ? ($oldOrder + 1) : $maxOrder; - + // 3. update plug numbers - sql_query('UPDATE '.sql_table('plugin').' SET porder='.$oldOrder.' WHERE porder='.$newOrder); - sql_query('UPDATE '.sql_table('plugin').' SET porder='.$newOrder.' WHERE pid='.$plugid); - - $this->action_pluginlist(); + sql_query('UPDATE '.sql_table('plugin').' SET porder='.$oldOrder.' WHERE porder='.$newOrder); + sql_query('UPDATE '.sql_table('plugin').' SET porder='.$newOrder.' WHERE pid='.$plugid); + + //$this->action_pluginlist(); + // To avoid showing ticket in the URL, redirect to pluginlist, instead. + redirect($CONF['AdminURL'] . '?action=pluginlist'); } - + + /** + * @todo document this + */ function action_pluginoptions($message = '') { global $member, $manager; // check if allowed $member->isAdmin() or $this->disallow(); - + $pid = intRequestVar('plugid'); if (!$manager->pidInstalled($pid)) $this->error(_ERROR_NOSUCHPLUGIN); - $this->pagehead(); + $extrahead = ''; + $pluginName = htmlspecialchars(getPluginNameFromPid($pid), ENT_QUOTES); + $this->pagehead($extrahead); ?>

    ()

    - -

    Options for

    + +

    - - " /> + + addTicketHidden(); - $aOptions = array(); + $aOptions = array(); $aOIDs = array(); $query = 'SELECT * FROM ' . sql_table('plugin_option_desc') . ' WHERE ocontext=\'global\' and opid=' . $pid . ' ORDER BY oid ASC'; $r = sql_query($query); - while ($o = mysql_fetch_object($r)) { + while ($o = sql_fetch_object($r)) { array_push($aOIDs, $o->oid); $aOptions[$o->oid] = array( 'oid' => $o->oid, @@ -5244,27 +6411,30 @@ selector(); // fill out actual values if (count($aOIDs) > 0) { $r = sql_query('SELECT oid, ovalue FROM ' . sql_table('plugin_option') . ' WHERE oid in ('.implode(',',$aOIDs).')'); - while ($o = mysql_fetch_object($r)) + while ($o = sql_fetch_object($r)) $aOptions[$o->oid]['value'] = $o->ovalue; } - + // call plugins $manager->notify('PrePluginOptionsEdit',array('context' => 'global', 'plugid' => $pid, 'options'=>&$aOptions)); - + $template['content'] = 'plugoptionlist'; $amount = showlist($aOptions,'table',$template); if ($amount == 0) echo '

    ',_ERROR_NOPLUGOPTIONS,'

    '; - + ?>
    pagefoot(); - - - + + + } - + + /** + * @todo document this + */ function action_pluginoptionsupdate() { global $member, $manager; @@ -5274,31 +6444,34 @@ selector(); $pid = intRequestVar('plugid'); if (!$manager->pidInstalled($pid)) $this->error(_ERROR_NOSUCHPLUGIN); - + $aOptions = requestArray('plugoption'); NucleusPlugin::_applyPluginOptions($aOptions); - $manager->notify('PostPluginOptionsUpdate',array('context' => 'global', 'plugid' => $pid)); - + $manager->notify('PostPluginOptionsUpdate',array('context' => 'global', 'plugid' => $pid)); + $this->action_pluginoptions(_PLUGS_OPTIONS_UPDATED); } - + /** + * @static + * @todo document this + */ function _insertPluginOptions($context, $contextid = 0) { - // get all current values for this contextid + // get all current values for this contextid // (note: this might contain doubles for overlapping contextids) $aIdToValue = array(); $res = sql_query('SELECT oid, ovalue FROM ' . sql_table('plugin_option') . ' WHERE ocontextid=' . intval($contextid)); - while ($o = mysql_fetch_object($res)) { + while ($o = sql_fetch_object($res)) { $aIdToValue[$o->oid] = $o->ovalue; } - + // get list of oids per pid $query = 'SELECT * FROM ' . sql_table('plugin_option_desc') . ',' . sql_table('plugin') . ' WHERE opid=pid and ocontext=\''.addslashes($context).'\' ORDER BY porder, oid ASC'; $res = sql_query($query); $aOptions = array(); - while ($o = mysql_fetch_object($res)) { + while ($o = sql_fetch_object($res)) { if (in_array($o->oid, array_keys($aIdToValue))) $value = $aIdToValue[$o->oid]; else @@ -5313,14 +6486,15 @@ selector(); 'description' => $o->odesc, 'type' => $o->otype, 'typeinfo' => $o->oextra, - 'contextid' => $contextid + 'contextid' => $contextid, + 'extra' => '' )); } - + global $manager; $manager->notify('PrePluginOptionsEdit',array('context' => $context, 'contextid' => $contextid, 'options'=>&$aOptions)); - - + + $iPrevPid = -1; foreach ($aOptions as $aOption) { @@ -5328,863 +6502,54 @@ selector(); if ($iPrevPid != $aOption['pid']) { $iPrevPid = $aOption['pid']; - echo 'Options for ', htmlspecialchars($aOption['pfile']),''; + echo ''.sprintf(_PLUGIN_OPTIONS_TITLE, htmlspecialchars($aOption['pfile']. ENT_QUOTES)).''; + } + + $meta = NucleusPlugin::getOptionMeta($aOption['typeinfo']); + if (@$meta['access'] != 'hidden') { + echo ''; + listplug_plugOptionRow($aOption); + echo ''; } - - echo ''; - listplug_plugOptionRow($aOption); - echo ''; - + } - + } - - /* helper functions to create option forms etc. */ - function input_yesno($name, $checkedval,$tabindex = 0, $value1 = 1, $value2 = 0, $yesval = _YES, $noval = _NO) { + + /** + * Helper functions to create option forms etc. + * @todo document parameters + */ + function input_yesno($name, $checkedval,$tabindex = 0, $value1 = 1, $value2 = 0, $yesval = _YES, $noval = _NO, $isAdmin = 0) { $id = htmlspecialchars($name); $id = str_replace('[','-',$id); - $id = str_replace(']','-',$id); + $id = str_replace(']','-',$id); $id1 = $id . htmlspecialchars($value1); $id2 = $id . htmlspecialchars($value2); - - echo ''; echo ' '; - echo ''; } - - } // class ADMIN -class ENCAPSULATE { - /** - * Uses $call to call a function using parameters $params - * This function should return the amount of entries shown. - * When entries are show, batch operation handlers are shown too. - * When no entries were shown, $errormsg is used to display an error - * - * Passes on the amount of results found (for further encapsulation) - */ - function doEncapsulate($call, $params, $errorMessage = 'No entries') { - // start output buffering - ob_start(); - - $nbOfRows = call_user_func_array($call, $params); - - // get list contents and stop buffering - $list = ob_get_contents(); - ob_end_clean(); - - if ($nbOfRows > 0) { - $this->showHead(); - echo $list; - $this->showFoot(); - } else { - echo $errorMessage; - } - - return $nbOfRows; - } -} - - -/** - * A class used to encapsulate a list of some sort inside next/prev buttons - */ -class NAVLIST extends ENCAPSULATE { - - function NAVLIST($action, $start, $amount, $minamount, $maxamount, $blogid, $search, $itemid) { - $this->action = $action; - $this->start = $start; - $this->amount = $amount; - $this->minamount = $minamount; - $this->maxamount = $maxamount; - $this->blogid = $blogid; - $this->search = $search; - $this->itemid = $itemid; - } - - function showBatchList($batchtype, $query, $type, $template, $errorMessage = _LISTS_NOMORE) { - $batch = new BATCH($batchtype); - - $this->doEncapsulate( - array(&$batch, 'showlist'), - array(&$query, $type, $template), - $errorMessage - ); - - } - - - function showHead() { - $this->showNavigation(); - } - function showFoot() { - $this->showNavigation(); - } - - /** - * Displays a next/prev bar for long tables - */ - function showNavigation() { - $action = $this->action; - $start = $this->start; - $amount = $this->amount; - $minamount = $this->minamount; - $maxamount = $this->maxamount; - $blogid = $this->blogid; - $search = $this->search; - $itemid = $this->itemid; - - $prev = $start - $amount; - if ($prev < $minamount) $prev=$minamount; - - // maxamount not used yet - // if ($start + $amount <= $maxamount) - $next = $start + $amount; - // else - // $next = $start; - - ?> - - -
    -
    - - - - - - - -
    -     		-
    - - - - - - - -
    -     		-
    - - - - - - - -
    -     		-
    - - - - - - - -
    -
    - type = $type; - } - - function showHead() { - ?> -
    - showOperationList(); - } - - function showFoot() { - $this->showOperationList(); - ?> -
    - -
    - - - - type == 'team') - { - echo ''; - } - if ($this->type == 'comment') - { - echo ''; - } - - ?> - - - ( - - - - ) -
    - doEncapsulate( 'showlist', - array($query, $type, $template), - $errorMessage - ); - } - -} - - - -// can take either an array of objects, or an SQL query -function showlist($query, $type, $template) { - - if (is_array($query)) { - if (sizeof($query) == 0) - return 0; - - call_user_func('listplug_' . $type, $template, 'HEAD'); - - // add extra row if needed - if ($template['extra']) { - echo ''; - } - - foreach ($query as $currentObj) { - $template['current'] = $currentObj; - call_user_func('listplug_' . $type, $template, 'BODY'); - } - - call_user_func('listplug_' . $type, $template, 'FOOT'); - - return sizeof($query); - - } else { - $res = sql_query($query); - - // don't do anything if there are no results - $numrows = mysql_num_rows($res); - if ($numrows == 0) - return 0; - - call_user_func('listplug_' . $type, $template, 'HEAD'); - - // add extra row if needed - if ($template['extra']) { - echo ''; - } - - while($template['current'] = mysql_fetch_object($res)) - call_user_func('listplug_' . $type, $template, 'BODY'); - - call_user_func('listplug_' . $type, $template, 'FOOT'); - - mysql_free_result($res); - - // return amount of results - return $numrows; - } -} - -function listplug_select($template, $type) { - switch($type) { - case 'HEAD': - echo ''; - break; - } -} - -function listplug_table($template, $type) { - switch($type) { - case 'HEAD': - echo ""; - echo ""; - // print head - call_user_func("listplug_table_" . $template['content'] , $template, 'HEAD'); - echo ""; - break; - case 'BODY': - // print tabletype specific thingies - echo ""; - call_user_func("listplug_table_" . $template['content'] , $template, 'BODY'); - echo ""; - break; - case 'FOOT': - call_user_func("listplug_table_" . $template['content'] , $template, 'FOOT'); - echo "
    "; - break; - } -} - -function listplug_table_memberlist($template, $type) { - switch($type) { - case 'HEAD': - echo '' . _LIST_MEMBER_NAME . '' . _LIST_MEMBER_RNAME . '' . _LIST_MEMBER_URL . '' . _LIST_MEMBER_ADMIN; - help('superadmin'); - echo "" . _LIST_MEMBER_LOGIN; - help('canlogin'); - echo "" . _LISTS_ACTIONS. ""; - break; - case 'BODY': - $current = $template['current']; - - echo ''; - $id = listplug_nextBatchId(); - echo ''; - echo ''; - echo ''; - echo '', htmlspecialchars($current->mrealname), ''; - echo "$current->murl"; - echo '', ($current->madmin ? _YES : _NO),''; - echo '', ($current->mcanlogin ? _YES : _NO), ''; - echo ""._LISTS_EDIT.""; - echo ""._LISTS_DELETE.""; - break; - } -} - -function listplug_table_teamlist($template, $type) { - switch($type) { - case 'HEAD': - echo ""._LIST_MEMBER_NAME.""._LIST_MEMBER_RNAME.""._LIST_TEAM_ADMIN; - help('teamadmin'); - echo ""._LISTS_ACTIONS.""; - break; - case 'BODY': - $current = $template['current']; - - echo ''; - $id = listplug_nextBatchId(); - echo ''; - echo ''; - echo ''; - echo '', htmlspecialchars($current->mrealname), ''; - echo '', ($current->tadmin ? _YES : _NO) , ''; - echo ""._LISTS_DELETE.""; - echo ""._LIST_TEAM_CHADMIN.""; - break; - } -} -function encode_desc(&$data) - { //_$to_entities = get_html_translation_table(HTML_ENTITIES); - $to_entities = get_html_translation_table(HTML_SPECIALCHARS); - $from_entities = array_flip($to_entities); - $data = str_replace('
    ','\n',$data); //hack - $data = strtr($data,$from_entities); - $data = strtr($data,$to_entities); - $data = str_replace('\n','
    ',$data); //hack - return $data; - } -function listplug_table_pluginlist($template, $type) { - global $manager; - switch($type) { - case 'HEAD': - echo ''._LISTS_INFO.''._LISTS_DESC.''; - echo ''._LISTS_ACTIONS.''; - break; - case 'BODY': - $current = $template['current']; - - $plug =& $manager->getPlugin($current->pfile); - if ($plug) { - echo ''; - echo '' , htmlspecialchars($plug->getName()) , '
    '; - echo _LIST_PLUGS_AUTHOR, ' ' , htmlspecialchars($plug->getAuthor()) , '
    '; - echo _LIST_PLUGS_VER, ' ' , htmlspecialchars($plug->getVersion()) , '
    '; - if ($plug->getURL()) - echo '',_LIST_PLUGS_SITE,'
    '; - echo ''; - echo ''; - echo _LIST_PLUGS_DESC .'
    '. encode_desc($plug->getDescription()); - if (sizeof($plug->getEventList()) > 0) - echo '

    ',_LIST_PLUGS_SUBS,'
    ',htmlspecialchars(implode($plug->getEventList(),', ')); - - echo ''; - } else { - echo 'Error: plugin file ',htmlspecialchars($current->pfile),'.php could not be loaded, or it has been set inactive because it does not support some features (check the actionlog for more info)'; - } - echo ''; - echo "",_LIST_PLUGS_UP,""; - echo "
    ",_LIST_PLUGS_DOWN,""; - echo "
    ",_LIST_PLUGS_UNINSTALL,""; - if ($plug && ($plug->hasAdminArea() > 0)) - echo "
    ",_LIST_PLUGS_ADMIN,""; - if (quickQuery('SELECT COUNT(*) AS result FROM '.sql_table('plugin_option_desc').' WHERE ocontext=\'global\' and opid='.$current->pid) > 0) - echo "
    ",_LIST_PLUGS_OPTIONS,""; - echo ''; - break; - } -} - -function listplug_table_plugoptionlist($template, $type) { - global $manager; - switch($type) { - case 'HEAD': - echo ''._LISTS_INFO.''._LISTS_VALUE.''; - break; - case 'BODY': - $current = $template['current']; - listplug_plugOptionRow($current); - break; - case 'FOOT': - ?> - - - - - - - ',htmlspecialchars($current['description']?$current['description']:$current['name']),''; - echo ''; - switch($current['type']) { - case 'yesno': - ADMIN::input_yesno($varname, $current['value'], 0, 'yes', 'no'); - break; - case 'password': - echo ''; - break; - case 'select': - echo ''; - break; - case 'textarea': - echo ''; - break; - case 'text': - default: - echo ''; - } - echo ''; -} - -function listplug_table_itemlist($template, $type) { - switch($type) { - case 'HEAD': - echo ""._LIST_ITEM_INFO.""._LIST_ITEM_CONTENT.""._LISTS_ACTIONS.""; - break; - case 'BODY': - $current = $template['current']; - $current->itime = strtotime($current->itime); // string -> unix timestamp - - if ($current->idraft == 1) - $cssclass = "class='draft'"; - - // (can't use offset time since offsets might vary between blogs) - if ($current->itime > $template['now']) - $cssclass = "class='future'"; - - echo "",_LIST_ITEM_BLOG," ", htmlspecialchars($current->bshortname); - echo "
    ",_LIST_ITEM_CAT," ", htmlspecialchars($current->cname); - echo "
    ",_LIST_ITEM_AUTHOR, " ", htmlspecialchars($current->mname); - echo "
    ",_LIST_ITEM_DATE," " . date("Y-m-d",$current->itime); - echo "
    ",_LIST_ITEM_TIME," " . date("H:i",$current->itime); - echo ""; - echo ""; - - $id = listplug_nextBatchId(); - - echo ''; - echo ''; - echo "
    "; - - - $current->ibody = strip_tags($current->ibody); - $current->ibody = htmlspecialchars(shorten($current->ibody,300,'...')); - - echo "$current->ibody"; - echo ""; - echo ""._LISTS_EDIT.""; - echo "
    "._LISTS_COMMENTS.""; - echo "
    "._LISTS_MOVE.""; - echo "
    "._LISTS_DELETE.""; - echo ""; - break; - } -} - -// for batch operations: generates the index numbers for checkboxes -function listplug_nextBatchId() { - static $id = 0; - return $id++; -} - -function listplug_table_commentlist($template, $type) { - switch($type) { - case 'HEAD': - echo ""._LISTS_INFO.""._LIST_COMMENT.""._LISTS_ACTIONS.""; - break; - case 'BODY': - $current = $template['current']; - $current->ctime = strtotime($current->ctime); // string -> unix timestamp - - echo ''; - echo date("Y-m-d@H:i",$current->ctime); - echo '
    '; - if ($current->mname) - echo htmlspecialchars($current->mname), ' ', _LIST_COMMENTS_MEMBER; - else - echo htmlspecialchars($current->cuser); - echo ''; - - - $current->cbody = strip_tags($current->cbody); - $current->cbody = htmlspecialchars(shorten($current->cbody, 300, '...')); - - echo ''; - $id = listplug_nextBatchId(); - echo ''; - echo ''; - echo ''; - - echo ""._LISTS_EDIT.""; - echo ""._LISTS_DELETE.""; - if ($template['canAddBan']) - echo ""._LIST_COMMENT_BANIP.""; - break; - } -} - - -function listplug_table_bloglist($template, $type) { - switch($type) { - case 'HEAD': - echo "" . _NAME . "" ._LISTS_ACTIONS. ""; - break; - case 'BODY': - $current = $template['current']; - - echo "". _BLOGLIST_TT_VISIT." " . htmlspecialchars($current->bname) . ""; - echo "" . _BLOGLIST_ADD . ""; - echo "". _BLOGLIST_EDIT.""; - echo "". _BLOGLIST_COMMENTS.""; - echo "". _BLOGLIST_BMLET . ""; - - if ($current->tadmin == 1) { - echo "" ._BLOGLIST_SETTINGS. ""; - echo "". _BLOGLIST_BANS.""; - } - - if ($template['superadmin']) { - echo "" ._BLOGLIST_DELETE. ""; - } - - - - break; - } -} - -function listplug_table_shortblognames($template, $type) { - switch($type) { - case 'HEAD': - echo "" . _NAME . "" . _NAME. ""; - break; - case 'BODY': - $current = $template['current']; - - echo '' , htmlspecialchars($current->bshortname) , ''; - echo '' , htmlspecialchars($current->bname) , ''; - - break; - } -} - -function listplug_table_shortnames($template, $type) { - switch($type) { - case 'HEAD': - echo "" . _NAME . "" . _LISTS_DESC. ""; - break; - case 'BODY': - $current = $template['current']; - - echo '' , htmlspecialchars($current->name) , ''; - echo '' , htmlspecialchars($current->description) , ''; - - break; - } -} - - -function listplug_table_categorylist($template, $type) { - switch($type) { - case 'HEAD': - echo ""._LISTS_NAME.""._LISTS_DESC.""._LISTS_ACTIONS.""; - break; - case 'BODY': - $current = $template['current']; - - echo ''; - $id = listplug_nextBatchId(); - echo ''; - echo ''; - echo ''; - - echo '', htmlspecialchars($current->cdesc), ''; - echo ""._LISTS_DELETE.""; - echo ""._LISTS_EDIT.""; - - break; - } -} - - -function listplug_table_templatelist($template, $type) { - switch($type) { - case 'HEAD': - echo ""._LISTS_NAME.""._LISTS_DESC.""._LISTS_ACTIONS.""; - break; - case 'BODY': - $current = $template['current']; - - echo "" , htmlspecialchars($current->tdname), ""; - echo "" , htmlspecialchars($current->tddesc), ""; - echo ""._LISTS_EDIT.""; - echo ""._LISTS_CLONE.""; - echo ""._LISTS_DELETE.""; - - break; - } -} - -function listplug_table_skinlist($template, $type) { - global $CONF, $DIR_SKINS; - switch($type) { - case 'HEAD': - echo ""._LISTS_NAME.""._LISTS_DESC.""._LISTS_ACTIONS.""; - break; - case 'BODY': - $current = $template['current']; - - echo ''; - - // use a special style for the default skin - if ($current->sdnumber == $CONF['BaseSkin']) { - echo '',htmlspecialchars($current->sdname),''; - } else { - echo htmlspecialchars($current->sdname); - } - - echo '

    '; - echo _LISTS_TYPE ,': ' , htmlspecialchars($current->sdtype); - echo '
    ', _LIST_SKINS_INCMODE , ' ' , (($current->sdincmode=='skindir') ?_PARSER_INCMODE_SKINDIR:_PARSER_INCMODE_NORMAL); - if ($current->sdincpref) echo '
    ' , _LIST_SKINS_INCPREFIX , ' ', htmlspecialchars($current->sdincpref); - - // add preview image when present - if ($current->sdincpref && @file_exists($DIR_SKINS . $current->sdincpref . 'preview.png')) - { - echo '

    '; - - $hasEnlargement = @file_exists($DIR_SKINS . $current->sdincpref . 'preview-large.png'); - if ($hasEnlargement) - echo ''; - - echo 'Preview for \'',htmlspecialchars($current->sdname),'\' skin'; - - if ($hasEnlargement) - echo ''; - - if (@file_exists($DIR_SKINS . $current->sdincpref . 'readme.html')) - { - echo '
    Readme'; - } - - - } - - echo ""; - - - echo "" , htmlspecialchars($current->sddesc); - // show list of defined parts - $r = sql_query('SELECT stype FROM '.sql_table('skin').' WHERE sdesc='.$current->sdnumber . ' ORDER BY stype'); - $types = array(); - while ($o = mysql_fetch_object($r)) - array_push($types,$o->stype); - if (sizeof($types) > 0) { - $friendlyNames = SKIN::getFriendlyNames(); - for ($i=0;$i' . htmlspecialchars($friendlyNames[$type]) . ""; - } - echo '

    ',_LIST_SKINS_DEFINED,'
      ',implode($types,'') ,'
    '; - } - echo ""; - echo ""._LISTS_EDIT.""; - echo ""._LISTS_CLONE.""; - echo ""._LISTS_DELETE.""; - - break; - } -} - -function listplug_table_draftlist($template, $type) { - switch($type) { - case 'HEAD': - echo ""._LISTS_BLOG.""._LISTS_TITLE.""._LISTS_ACTIONS.""; - break; - case 'BODY': - $current = $template['current']; - - echo '', htmlspecialchars($current->bshortname) , ''; - echo '', htmlspecialchars(strip_tags($current->ititle)) , ''; - echo ""._LISTS_EDIT.""; - echo ""._LISTS_DELETE.""; - - break; - } -} - - -function listplug_table_actionlist($template, $type) { - switch($type) { - case 'HEAD': - echo ''._LISTS_TIME.''._LIST_ACTION_MSG.''; - break; - case 'BODY': - $current = $template['current']; - - echo '' , htmlspecialchars($current->timestamp), ''; - echo '' , htmlspecialchars($current->message), ''; - - break; - } -} - -function listplug_table_banlist($template, $type) { - switch($type) { - case 'HEAD': - echo ''._LIST_BAN_IPRANGE.''. _LIST_BAN_REASON.''._LISTS_ACTIONS.''; - break; - case 'BODY': - $current = $template['current']; - - echo '' , htmlspecialchars($current->iprange) , ''; - echo '' , htmlspecialchars($current->reason) , ''; - echo "",_LISTS_DELETE,""; - break; - } -} - -/** - * Returns the Javascript code for a bookmarklet that works on most modern browsers - * - * @param blogid - */ -function getBookmarklet($blogid) { - global $CONF; - - // normal - $document = 'document'; - $bookmarkletline = "javascript:Q='';x=".$document.";y=window;if(x.selection){Q=x.selection.createRange().text;}else if(y.getSelection){Q=y.getSelection();}else if(x.getSelection){Q=x.getSelection();}wingm=window.open('"; - $bookmarkletline .= $CONF['AdminURL'] . "bookmarklet.php?blogid=$blogid"; - $bookmarkletline .="&logtext='+escape(Q)+'&loglink='+escape(x.location.href)+'&loglinktitle='+escape(x.title),'nucleusbm','scrollbars=yes,width=600,height=500,left=10,top=10,status=yes,resizable=yes');wingm.focus();"; - - return $bookmarkletline; -} - - -?> +?> \ No newline at end of file