bnumber == $selected)
echo ' selected="selected"';
@@ -776,8 +880,11 @@ class ADMIN {
}
+ /**
+ * @todo document this
+ */
function action_browseownitems() {
- global $member;
+ global $member, $manager, $CONF;
$this->pagehead();
@@ -786,15 +893,18 @@ class ADMIN {
// start index
if (postVar('start'))
- $start = postVar('start');
+ $start = intPostVar('start');
else
$start = 0;
// amount of items to show
if (postVar('amount'))
- $amount = postVar('amount');
- else
- $amount = 10;
+ $amount = intPostVar('amount');
+ else {
+ $amount = intval($CONF['DefaultListSize']);
+ if ($amount < 1)
+ $amount = 10;
+ }
$search = postVar('search'); // search through items
@@ -803,7 +913,7 @@ class ADMIN {
. ' WHERE iauthor='. $member->getID() .' and iauthor=mnumber and iblog=bnumber and icat=catid';
if ($search)
- $query .= ' and ((ititle LIKE "%' . addslashes($search) . '%") or (ibody LIKE "%' . addslashes($search) . '%") or (imore LIKE "%' . addslashes($search) . '%"))';
+ $query .= ' and ((ititle LIKE "%' . sql_real_escape_string($search) . '%") or (ibody LIKE "%' . sql_real_escape_string($search) . '%") or (imore LIKE "%' . sql_real_escape_string($search) . '%"))';
$query .= ' ORDER BY itime DESC'
. " LIMIT $start,$amount";
@@ -811,7 +921,8 @@ class ADMIN {
$template['content'] = 'itemlist';
$template['now'] = time();
- $navList =& new NAVLIST('browseownitems', $start, $amount, 0, 1000, $blogid, $search, 0);
+ $manager->loadClass("ENCAPSULATE");
+ $navList =& new NAVLIST('browseownitems', $start, $amount, 0, 1000, /*$blogid*/ 0, $search, 0);
$navList->showBatchList('item',$query,'table',$template);
$this->pagefoot();
@@ -819,10 +930,11 @@ class ADMIN {
}
/**
- * Show all the comments for a given item
- */
+ * Show all the comments for a given item
+ * @param int $itemid
+ */
function action_itemcommentlist($itemid = '') {
- global $member;
+ global $member, $manager, $CONF;
if ($itemid == '')
$itemid = intRequestVar('itemid');
@@ -836,25 +948,28 @@ class ADMIN {
// start index
if (postVar('start'))
- $start = postVar('start');
+ $start = intPostVar('start');
else
$start = 0;
// amount of items to show
if (postVar('amount'))
- $amount = postVar('amount');
- else
- $amount = 10;
+ $amount = intPostVar('amount');
+ else {
+ $amount = intval($CONF['DefaultListSize']);
+ if ($amount < 1)
+ $amount = 10;
+ }
$search = postVar('search');
echo '(',_BACKTOOVERVIEW,' )
';
echo '',_COMMENTS,' ';
- $query = 'SELECT cbody, cuser, cmail, mname, ctime, chost, cnumber, cip, citem FROM '.sql_table('comment').' LEFT OUTER JOIN '.sql_table('member').' ON mnumber=cmember WHERE citem=' . $itemid;
+ $query = 'SELECT cbody, cuser, cmail, cemail, mname, ctime, chost, cnumber, cip, citem FROM ' . sql_table('comment') . ' LEFT OUTER JOIN ' . sql_table('member') . ' ON mnumber = cmember WHERE citem = ' . $itemid;
if ($search)
- $query .= ' and cbody LIKE "%' . addslashes($search) . '%"';
+ $query .= ' and cbody LIKE "%' . sql_real_escape_string($search) . '%"';
$query .= ' ORDER BY ctime ASC'
. " LIMIT $start,$amount";
@@ -862,6 +977,7 @@ class ADMIN {
$template['content'] = 'commentlist';
$template['canAddBan'] = $member->blogAdminRights(getBlogIDFromItemID($itemid));
+ $manager->loadClass("ENCAPSULATE");
$navList =& new NAVLIST('itemcommentlist', $start, $amount, 0, 1000, 0, $search, $itemid);
$navList->showBatchList('comment',$query,'table',$template,_NOCOMMENTS);
@@ -869,22 +985,25 @@ class ADMIN {
}
/**
- * Browse own comments
- */
+ * Browse own comments
+ */
function action_browseowncomments() {
- global $member;
+ global $member, $manager, $CONF;
// start index
if (postVar('start'))
- $start = postVar('start');
+ $start = intPostVar('start');
else
$start = 0;
// amount of items to show
if (postVar('amount'))
- $amount = postVar('amount');
- else
- $amount = 10;
+ $amount = intPostVar('amount');
+ else {
+ $amount = intval($CONF['DefaultListSize']);
+ if ($amount < 1)
+ $amount = 10;
+ }
$search = postVar('search');
@@ -892,7 +1011,7 @@ class ADMIN {
$query = 'SELECT cbody, cuser, cmail, mname, ctime, chost, cnumber, cip, citem FROM '.sql_table('comment').' LEFT OUTER JOIN '.sql_table('member').' ON mnumber=cmember WHERE cmember=' . $member->getID();
if ($search)
- $query .= ' and cbody LIKE "%' . addslashes($search) . '%"';
+ $query .= ' and cbody LIKE "%' . sql_real_escape_string($search) . '%"';
$query .= ' ORDER BY ctime DESC'
. " LIMIT $start,$amount";
@@ -903,8 +1022,9 @@ class ADMIN {
echo '', _COMMENTS_YOUR ,' ';
$template['content'] = 'commentlist';
- $template['canAddBan'] = 0; // doesn't make sense to allow banning yourself
+ $template['canAddBan'] = 0; // doesn't make sense to allow banning yourself
+ $manager->loadClass("ENCAPSULATE");
$navList =& new NAVLIST('browseowncomments', $start, $amount, 0, 1000, 0, $search, 0);
$navList->showBatchList('comment',$query,'table',$template,_NOCOMMENTS_YOUR);
@@ -912,11 +1032,12 @@ class ADMIN {
}
/**
- * Browse all comments for a weblog
- */
+ * Browse all comments for a weblog
+ * @param int $blogid
+ */
function action_blogcommentlist($blogid = '')
{
- global $member, $manager;
+ global $member, $manager, $CONF;
if ($blogid == '')
$blogid = intRequestVar('blogid');
@@ -927,23 +1048,26 @@ class ADMIN {
// start index
if (postVar('start'))
- $start = postVar('start');
+ $start = intPostVar('start');
else
$start = 0;
// amount of items to show
if (postVar('amount'))
- $amount = postVar('amount');
- else
- $amount = 10;
+ $amount = intPostVar('amount');
+ else {
+ $amount = intval($CONF['DefaultListSize']);
+ if ($amount < 1)
+ $amount = 10;
+ }
$search = postVar('search'); // search through comments
- $query = 'SELECT cbody, cuser, cmail, mname, ctime, chost, cnumber, cip, citem FROM '.sql_table('comment').' LEFT OUTER JOIN '.sql_table('member').' ON mnumber=cmember WHERE cblog=' . intval($blogid);
+ $query = 'SELECT cbody, cuser, cemail, cmail, mname, ctime, chost, cnumber, cip, citem FROM '.sql_table('comment').' LEFT OUTER JOIN '.sql_table('member').' ON mnumber=cmember WHERE cblog=' . intval($blogid);
if ($search != '')
- $query .= ' and cbody LIKE "%' . addslashes($search) . '%"';
+ $query .= ' and cbody LIKE "%' . sql_real_escape_string($search) . '%"';
$query .= ' ORDER BY ctime DESC'
@@ -960,6 +1084,7 @@ class ADMIN {
$template['content'] = 'commentlist';
$template['canAddBan'] = $member->blogAdminRights($blogid);
+ $manager->loadClass("ENCAPSULATE");
$navList =& new NAVLIST('blogcommentlist', $start, $amount, 0, 1000, $blogid, $search, 0);
$navList->showBatchList('comment',$query,'table',$template, _NOCOMMENTS_BLOG);
@@ -967,8 +1092,8 @@ class ADMIN {
}
/**
- * Provide a page to item a new item to the given blog
- */
+ * Provide a page to item a new item to the given blog
+ */
function action_createitem() {
global $member, $manager;
@@ -990,6 +1115,9 @@ class ADMIN {
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_itemedit() {
global $member, $manager;
@@ -1015,6 +1143,9 @@ class ADMIN {
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_itemupdate() {
global $member, $manager, $CONF;
@@ -1032,10 +1163,11 @@ class ADMIN {
return;
}
- $body = postVar('body');
- $title = postVar('title');
- $more = postVar('more');
+ $body = postVar('body');
+ $title = postVar('title');
+ $more = postVar('more');
$closed = intPostVar('closed');
+ $draftid = intPostVar('draftid');
// default action = add now
if (!$actiontype)
@@ -1067,42 +1199,26 @@ class ADMIN {
$wasdraft: set to 1 when the item used to be a draft item
$publish: set to 1 when the edited item is not a draft
*/
- switch ($actiontype) {
- case 'adddraft':
- $publish = 0;
- $wasdraft = 1;
- $timestamp = 0;
- break;
- case 'addfuture':
- $wasdraft = 1;
- $publish = 1;
- $timestamp = mktime(postVar('hour'), postVar('minutes'), 0, postVar('month'), postVar('day'), postVar('year'));
- break;
- case 'addnow':
- $wasdraft = 1;
- $publish = 1;
- $timestamp = 0;
- break;
- case 'changedate':
- $timestamp = mktime(postVar('hour'), postVar('minutes'), 0, postVar('month'), postVar('day'), postVar('year'));
- $publish = 1;
- $wasdraft = 0;
- break;
- case 'edit':
- default:
- $publish = 1;
- $wasdraft = 0;
- $timestamp = 0;
+ $blogid = getBlogIDFromItemID($itemid);
+ $blog =& $manager->getBlog($blogid);
+
+ $wasdrafts = array('adddraft', 'addfuture', 'addnow');
+ $wasdraft = in_array($actiontype, $wasdrafts) ? 1 : 0;
+ $publish = ($actiontype != 'adddraft' && $actiontype != 'backtodrafts') ? 1 : 0;
+ if ($actiontype == 'addfuture' || $actiontype == 'changedate') {
+ $timestamp = mktime(intPostVar('hour'), intPostVar('minutes'), 0, intPostVar('month'), intPostVar('day'), intPostVar('year'));
+ } else {
+ $timestamp =0;
}
// edit the item for real
ITEM::update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, $timestamp);
- $blogid = getBlogIDFromItemID($itemid);
- $blog =& $manager->getBlog($blogid);
- if (!$closed && $publish && $wasdraft && $blog->pingUserland()) {
- $this->action_sendping($blogid);
- return;
+ $this->updateFuturePosted($blogid);
+
+ if ($draftid > 0) {
+ // delete permission is checked inside ITEM::delete()
+ ITEM::delete($draftid);
}
// show category edit window when we created a new category
@@ -1119,6 +1235,9 @@ class ADMIN {
}
}
+ /**
+ * @todo document this
+ */
function action_itemdelete() {
global $member, $manager;
@@ -1157,6 +1276,9 @@ class ADMIN {
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_itemdeleteconfirm() {
global $member;
@@ -1174,7 +1296,10 @@ class ADMIN {
$this->action_itemlist($blogid);
}
- // deletes one item and returns error if something goes wrong
+ /**
+ * Deletes one item and returns error if something goes wrong
+ * @param int $itemid
+ */
function deleteOneItem($itemid) {
global $member, $manager;
@@ -1182,10 +1307,38 @@ class ADMIN {
if (!$member->canAlterItem($itemid))
return _ERROR_DISALLOWED;
+ // need to get blogid before the item is deleted
+ $blogid = getBlogIDFromItemId($itemid);
+
$manager->loadClass('ITEM');
ITEM::delete($itemid);
+
+ // update blog's futureposted
+ $this->updateFuturePosted($blogid);
+ }
+
+ /**
+ * Update a blog's future posted flag
+ * @param int $blogid
+ */
+ function updateFuturePosted($blogid) {
+ global $manager;
+
+ $blog =& $manager->getBlog($blogid);
+ $currenttime = $blog->getCorrectTime(time());
+ $result = sql_query("SELECT * FROM ".sql_table('item').
+ " WHERE iblog='".$blogid."' AND iposted=0 AND itime>".mysqldate($currenttime));
+ if (sql_num_rows($result) > 0) {
+ $blog->setFuturePost();
+ }
+ else {
+ $blog->clearFuturePost();
+ }
}
+ /**
+ * @todo document this
+ */
function action_itemmove() {
global $member, $manager;
@@ -1215,6 +1368,9 @@ class ADMIN {
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_itemmoveto() {
global $member, $manager;
@@ -1238,8 +1394,16 @@ class ADMIN {
// only allow if user is allowed to alter item
$member->canUpdateItem($itemid, $catid) or $this->disallow();
+ $old_blogid = getBlogIDFromItemId($itemid);
+
ITEM::move($itemid, $catid);
+ // set the futurePosted flag on the blog
+ $this->updateFuturePosted(getBlogIDFromItemId($itemid));
+
+ // reset the futurePosted in case the item is moved from one blog to another
+ $this->updateFuturePosted($old_blogid);
+
if ($catid != intRequestVar('catid'))
$this->action_categoryedit($catid, $blog->getID());
else
@@ -1247,9 +1411,11 @@ class ADMIN {
}
/**
- * Moves one item to a given category (category existance should be checked by caller)
- * errors are returned
- */
+ * Moves one item to a given category (category existance should be checked by caller)
+ * errors are returned
+ * @param int $itemid
+ * @param int $destCatid category ID to which the item will be moved
+ */
function moveOneItem($itemid, $destCatid) {
global $member;
@@ -1261,10 +1427,10 @@ class ADMIN {
}
/**
- * Adds a item to the chosen blog
- */
+ * Adds a item to the chosen blog
+ */
function action_additem() {
- global $member, $manager, $CONF;
+ global $manager, $CONF;
$manager->loadClass('ITEM');
@@ -1275,86 +1441,21 @@ class ADMIN {
$blogid = getBlogIDFromItemID($result['itemid']);
$blog =& $manager->getBlog($blogid);
+ $btimestamp = $blog->getCorrectTime();
+ $item = $manager->getItem(intval($result['itemid']), 1, 1);
- $pingUrl = $manager->addTicketToUrl($CONF['AdminURL'] . 'index.php?action=sendping&blogid=' . intval($blogid));
-
- if ($result['status'] == 'newcategory')
- $this->action_categoryedit(
- $result['catid'],
- $blogid,
- $blog->pingUserland() ? $pingUrl : ''
- );
- elseif ((postVar('actiontype') == 'addnow') && $blog->pingUserland())
- $this->action_sendping($blogid);
- else
- $this->action_itemlist($blogid);
- }
-
- /**
- * Shows a window that says we're about to ping weblogs.com.
- * immediately refresh to the real pinging page, which will
- * show an error, or redirect to the blog.
- *
- * @param $blogid ID of blog for which ping needs to be sent out
- */
- function action_sendping($blogid = -1) {
- global $member, $manager;
-
- if ($blogid == -1)
- $blogid = intRequestVar('blogid');
-
- $member->isLoggedIn() or $this->disallow();
-
- $rawPingUrl = $manager->addTicketToUrl('index.php?action=rawping&blogid=' . intval($blogid));
-
- $this->pagehead('Site Updated, Now pinging weblogs.com
-
-
- Pinging weblogs.com! This can a while...
-
-
-
- If you aren't automatically passed through, try again
-
- pagefoot();
- }
-
- // ping to Weblogs.com
- // sends the real ping (can take up to 10 seconds!)
- function action_rawping() {
- global $manager;
- // TODO: checks?
-
- $blogid = intRequestVar('blogid');
- $blog =& $manager->getBlog($blogid);
-
- $result = $blog->sendUserlandPing();
-
- $this->pagehead();
-
- ?>
-
- Ping Results
-
- The following message was returned by weblogs.com:
-
-
-
-
-
- pagefoot();
+ if ($result['status'] == 'newcategory') {
+ $distURI = $manager->addTicketToUrl($CONF['AdminURL'] . 'index.php?action=itemList&blogid=' . intval($blogid));
+ $this->action_categoryedit($result['catid'], $blogid, $distURI);
+ } else {
+ $methodName = 'action_itemList';
+ call_user_func(array(&$this, $methodName), $blogid);
+ }
}
/**
- * Allows to edit previously made comments
- */
+ * Allows to edit previously made comments
+ */
function action_commentedit() {
global $member, $manager;
@@ -1368,9 +1469,11 @@ class ADMIN {
// change [^<]* ","\\1",$comment['body']);
-
+
+ // replaced eregi_replace() below with preg_replace(). ereg* functions are deprecated in PHP 5.3.0
+ /* original eregi_replace: eregi_replace("[^<]* ", "\\1", $comment['body']) */
+ $comment['body'] = preg_replace("#[^<]* #I", "\\1", $comment['body']);
+
$this->pagehead();
?>
@@ -1386,7 +1489,7 @@ class ADMIN {
-
+
+
+
+
+
+
-
@@ -1415,6 +1527,9 @@ class ADMIN {
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_commentupdate() {
global $member, $manager;
@@ -1422,19 +1537,28 @@ class ADMIN {
$member->canAlterComment($commentid) or $this->disallow();
+ $url = postVar('url');
+ $email = postVar('email');
$body = postVar('body');
-
+
+ # replaced eregi() below with preg_match(). ereg* functions are deprecated in PHP 5.3.0
+ # original eregi: eregi("[a-zA-Z0-9|\.,;:!\?=\/\\]{90,90}", $body) != FALSE
+ # important note that '\' must be matched with '\\\\' in preg* expressions
// intercept words that are too long
- if (eregi("[a-zA-Z0-9|\.,;:!\?=\/\\]{90,90}",$body) != false)
+ if (preg_match('#[a-zA-Z0-9|\.,;:!\?=\/\\\\]{90,90}#', $body) != FALSE)
+ {
$this->error(_ERROR_COMMENT_LONGWORD);
-
+ }
+
// check length
- if (strlen($body)<3)
+ if (strlen($body) < 3) {
$this->error(_ERROR_COMMENT_NOCOMMENT);
+ }
if (strlen($body)>5000)
+ {
$this->error(_ERROR_COMMENT_TOOLONG);
-
-
+ }
+
// prepare body
$body = COMMENT::prepareBody($body);
@@ -1442,13 +1566,13 @@ class ADMIN {
$manager->notify('PreUpdateComment',array('body' => &$body));
$query = 'UPDATE '.sql_table('comment')
- . " SET cbody='" .addslashes($body). "'"
+ . " SET cmail = '" . sql_real_escape_string($url) . "', cemail = '" . sql_real_escape_string($email) . "', cbody = '" . sql_real_escape_string($body) . "'"
. " WHERE cnumber=" . $commentid;
sql_query($query);
// get itemid
$res = sql_query('SELECT citem FROM '.sql_table('comment').' WHERE cnumber=' . $commentid);
- $o = mysql_fetch_object($res);
+ $o = sql_fetch_object($res);
$itemid = $o->citem;
if ($member->canAlterItem($itemid))
@@ -1458,6 +1582,9 @@ class ADMIN {
}
+ /**
+ * @todo document this
+ */
function action_commentdelete() {
global $member, $manager;
@@ -1498,6 +1625,9 @@ class ADMIN {
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_commentdeleteconfirm() {
global $member;
@@ -1505,7 +1635,7 @@ class ADMIN {
// get item id first
$res = sql_query('SELECT citem FROM '.sql_table('comment') .' WHERE cnumber=' . $commentid);
- $o = mysql_fetch_object($res);
+ $o = sql_fetch_object($res);
$itemid = $o->citem;
$error = $this->deleteOneComment($commentid);
@@ -1518,6 +1648,9 @@ class ADMIN {
$this->action_browseowncomments();
}
+ /**
+ * @todo document this
+ */
function deleteOneComment($commentid) {
global $member, $manager;
@@ -1538,8 +1671,8 @@ class ADMIN {
}
/**
- * Usermanagement main
- */
+ * Usermanagement main
+ */
function action_usermanagement() {
global $member, $manager;
@@ -1560,12 +1693,13 @@ class ADMIN {
$template['content'] = 'memberlist';
$template['tabindex'] = 10;
+ $manager->loadClass("ENCAPSULATE");
$batch =& new BATCH('member');
$batch->showlist($query,'table',$template);
echo '' . _MEMBERS_NEW .' ';
?>
-
- (This is the name used to logon)
+
-
- input_yesno('canlogin',$mem->canLogin(),70); ?>
+ input_yesno('canlogin',$mem->canLogin(),70,1,0,_YES,_NO,$mem->isAdmin()); ?>
getLanguage() )
+ {
+ echo " selected=\"selected\"";
+ }
echo ">$name ";
}
}
closedir($dirhandle);
-
+
?>
+
+
+ input_yesno('autosave', $mem->getAutosave(), 87); ?>
+
_insertPluginOptions('member',$memberid);
@@ -1746,7 +1894,9 @@ class ADMIN {
$this->pagefoot();
}
-
+ /**
+ * @todo document this
+ */
function action_changemembersettings() {
global $member, $CONF, $manager;
@@ -1755,20 +1905,23 @@ class ADMIN {
// check if allowed
($member->getID() == $memberid) or $member->isAdmin() or $this->disallow();
- $name = trim(postVar('name'));
- $realname = trim(postVar('realname'));
- $password = postVar('password');
- $repeatpassword = postVar('repeatpassword');
- $email = postVar('email');
- $url = postVar('url');
-
- // Sometimes user didn't prefix the URL with http://, this cause a malformed URL. Let's fix it.
- if (!eregi("^https?://", $url))
- $url = "http://".$url;
-
- $admin = postVar('admin');
- $canlogin = postVar('canlogin');
- $notes = postVar('notes');
+ $name = trim(strip_tags(postVar('name')));
+ $realname = trim(strip_tags(postVar('realname')));
+ $password = postVar('password');
+ $repeatpassword = postVar('repeatpassword');
+ $email = strip_tags(postVar('email'));
+ $url = strip_tags(postVar('url'));
+
+ # replaced eregi() below with preg_match(). ereg* functions are deprecated in PHP 5.3.0
+ # original eregi: !eregi("^https?://", $url)
+ // begin if: sometimes user didn't prefix the URL with http:// or https://, this cause a malformed URL. Let's fix it.
+ if (!preg_match('#^https?://#', $url) )
+ {
+ $url = "http://" . $url;
+ }
+ $admin = postVar('admin');
+ $canlogin = postVar('canlogin');
+ $notes = strip_tags(postVar('notes'));
$deflang = postVar('deflang');
$mem = MEMBER::createFromID($memberid);
@@ -1786,6 +1939,15 @@ class ADMIN {
if ($password && (strlen($password) < 6))
$this->error(_ERROR_PASSWORDTOOSHORT);
+
+ if ($password) {
+ $pwdvalid = true;
+ $pwderror = '';
+ $manager->notify('PrePasswordSet',array('password' => $password, 'errormessage' => &$pwderror, 'valid' => &$pwdvalid));
+ if (!$pwdvalid) {
+ $this->error($pwderror);
+ }
+ }
}
if (!isValidMailAddress($email))
@@ -1800,12 +1962,12 @@ class ADMIN {
// check if there will remain at least one site member with both the logon and admin rights
// (check occurs when taking away one of these rights from such a member)
- if ( (!$admin && $mem->isAdmin() && $mem->canLogin())
+ if ( (!$admin && $mem->isAdmin() && $mem->canLogin())
|| (!$canlogin && $mem->isAdmin() && $mem->canLogin())
)
{
$r = sql_query('SELECT * FROM '.sql_table('member').' WHERE madmin=1 and mcanlogin=1');
- if (mysql_num_rows($r) < 2)
+ if (sql_num_rows($r) < 2)
$this->error(_ERROR_ATLEASTONEADMIN);
}
@@ -1815,9 +1977,6 @@ class ADMIN {
$mem->setPassword($password);
}
- if ($newpass)
- $mem->setPassword($password);
-
$oldEmail = $mem->getEmail();
$mem->setRealName($realname);
@@ -1833,28 +1992,33 @@ class ADMIN {
$mem->setCanLogin($canlogin);
}
+ $autosave = postVar ('autosave');
+ $mem->setAutosave($autosave);
$mem->write();
+ // store plugin options
+ $aOptions = requestArray('plugoption');
+ NucleusPlugin::_applyPluginOptions($aOptions);
+ $manager->notify('PostPluginOptionsUpdate',array('context' => 'member', 'memberid' => $memberid, 'member' => &$mem));
+
// if email changed, generate new password
if ($oldEmail != $mem->getEmail())
{
$mem->sendActivationLink('addresschange', $oldEmail);
// logout member
$mem->newCookieKey();
- $member->logout();
+
+ // only log out if the member being edited is the current member.
+ if ($member->getID() == $memberid)
+ $member->logout();
$this->action_login(_MSG_ACTIVATION_SENT, 0);
return;
}
- // store plugin options
- $aOptions = requestArray('plugoption');
- NucleusPlugin::_applyPluginOptions($aOptions);
- $manager->notify('PostPluginOptionsUpdate',array('context' => 'member', 'memberid' => $memberid, 'member' => &$mem));
-
if ( ( $mem->getID() == $member->getID() )
- && ( $newpass || ( $mem->getDisplayName() != $member->getDisplayName() ) )
+ && ( $mem->getDisplayName() != $member->getDisplayName() )
) {
$mem->newCookieKey();
$member->logout();
@@ -1864,8 +2028,11 @@ class ADMIN {
}
}
+ /**
+ * @todo document this
+ */
function action_memberadd() {
- global $member;
+ global $member, $manager;
// check if allowed
$member->isAdmin() or $this->disallow();
@@ -1879,6 +2046,11 @@ class ADMIN {
if ($res != 1)
$this->error($res);
+ // fire PostRegister event
+ $newmem = new MEMBER();
+ $newmem->readFromName(postVar('name'));
+ $manager->notify('PostRegister',array('member' => &$newmem));
+
$this->action_usermanagement();
}
@@ -1893,6 +2065,9 @@ class ADMIN {
$this->_showActivationPage($key);
}
+ /**
+ * @todo document this
+ */
function _showActivationPage($key, $message = '')
{
global $manager;
@@ -1992,7 +2167,7 @@ class ADMIN {
* @author dekarma
*/
function action_activatesetpwd() {
-
+
$key = postVar('key');
// clean up old activation keys
@@ -2009,17 +2184,25 @@ class ADMIN {
if (!$mem)
return $this->_showActivationPage($key, _ERROR_ACTIVATE);
- $password = postVar('password');
- $repeatpassword = postVar('repeatpassword');
+ $password = postVar('password');
+ $repeatpassword = postVar('repeatpassword');
if ($password != $repeatpassword)
return $this->_showActivationPage($key, _ERROR_PASSWORDMISMATCH);
if ($password && (strlen($password) < 6))
return $this->_showActivationPage($key, _ERROR_PASSWORDTOOSHORT);
-
+
+ if ($password) {
+ $pwdvalid = true;
+ $pwderror = '';
+ global $manager;
+ $manager->notify('PrePasswordSet',array('password' => $password, 'errormessage' => &$pwderror, 'valid' => &$pwdvalid));
+ if (!$pwdvalid) {
+ return $this->_showActivationPage($key,$pwderror);
+ }
+ }
$error = '';
- global $manager;
$manager->notify('ValidateForm', array('type' => 'activation', 'member' => $mem, 'error' => &$error));
if ($error != '')
return $this->_showActivationPage($key, $error);
@@ -2039,8 +2222,8 @@ class ADMIN {
}
/**
- * Manage team
- */
+ * Manage team
+ */
function action_manageteam() {
global $member, $manager;
@@ -2066,6 +2249,7 @@ class ADMIN {
$template['content'] = 'teamlist';
$template['tabindex'] = 10;
+ $manager->loadClass("ENCAPSULATE");
$batch =& new BATCH('team');
$batch->showlist($query, 'table', $template);
@@ -2080,7 +2264,7 @@ class ADMIN {
getDisplayName() ?> getName())) ?>
+
getDisplayName()) ?> getName())) ?>
@@ -2153,6 +2340,9 @@ class ADMIN {
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_teamdeleteconfirm() {
global $member;
@@ -2167,6 +2357,9 @@ class ADMIN {
$this->action_manageteam();
}
+ /**
+ * @todo document this
+ */
function deleteOneTeamMember($blogid, $memberid) {
global $member, $manager;
@@ -2178,28 +2371,31 @@ class ADMIN {
return _ERROR_DISALLOWED;
// check if: - there remains at least one blog admin
- // - (there remains at least one team member)
+ // - (there remains at least one team member)
$tmem = MEMBER::createFromID($memberid);
- $manager->notify('PreDeleteTeamMember', array('member' => &$mem, 'blogid' => $blogid));
+ $manager->notify('PreDeleteTeamMember', array('member' => &$tmem, 'blogid' => $blogid));
if ($tmem->isBlogAdmin($blogid)) {
// check if there are more blog members left and at least one admin
// (check for at least two admins before deletion)
$query = 'SELECT * FROM '.sql_table('team') . ' WHERE tblog='.$blogid.' and tadmin=1';
$r = sql_query($query);
- if (mysql_num_rows($r) < 2)
+ if (sql_num_rows($r) < 2)
return _ERROR_ATLEASTONEBLOGADMIN;
}
$query = 'DELETE FROM '.sql_table('team')." WHERE tblog=$blogid and tmember=$memberid";
sql_query($query);
- $manager->notify('PostDeleteTeamMember', array('member' => &$mem, 'blogid' => $blogid));
+ $manager->notify('PostDeleteTeamMember', array('member' => &$tmem, 'blogid' => $blogid));
return '';
}
+ /**
+ * @todo document this
+ */
function action_teamchangeadmin() {
global $member;
@@ -2214,7 +2410,7 @@ class ADMIN {
// don't allow when there is only one admin at this moment
if ($mem->isBlogAdmin($blogid)) {
$r = sql_query('SELECT * FROM '.sql_table('team') . " WHERE tblog=$blogid and tadmin=1");
- if (mysql_num_rows($r) == 1)
+ if (sql_num_rows($r) == 1)
$this->error(_ERROR_ATLEASTONEBLOGADMIN);
}
@@ -2233,6 +2429,9 @@ class ADMIN {
$this->action_overview(_MSG_ADMINCHANGED);
}
+ /**
+ * @todo document this
+ */
function action_blogsettings() {
global $member, $manager;
@@ -2252,11 +2451,11 @@ class ADMIN {
Members currently on your team:
+
mname) . ' (' . htmlspecialchars($o->mrealname). ')');
echo implode(',', $aMemberNames);
?>
@@ -2321,8 +2520,12 @@ class ADMIN {
input_yesno('public',$blog->isPublic(),70); ?>
+
+
+ input_yesno('reqemail',$blog->emailRequired(),72); ?>
+
-
@@ -2339,9 +2542,6 @@ class ADMIN {
/>
-
- input_yesno('pinguserland',$blog->pingUserland(),85); ?>
-
@@ -2391,6 +2591,7 @@ class ADMIN {
$template['content'] = 'categorylist';
$template['tabindex'] = 200;
+ $manager->loadClass("ENCAPSULATE");
$batch =& new BATCH('category');
$batch->showlist($query,'table',$template);
@@ -2431,6 +2632,9 @@ class ADMIN {
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_categorynew() {
global $member, $manager;
@@ -2444,18 +2648,20 @@ class ADMIN {
if (!isValidCategoryName($cname))
$this->error(_ERROR_BADCATEGORYNAME);
- $query = 'SELECT * FROM '.sql_table('category') . ' WHERE cname=\'' . addslashes($cname).'\' and cblog=' . intval($blogid);
+ $query = 'SELECT * FROM '.sql_table('category') . ' WHERE cname=\'' . sql_real_escape_string($cname).'\' and cblog=' . intval($blogid);
$res = sql_query($query);
- if (mysql_num_rows($res) > 0)
+ if (sql_num_rows($res) > 0)
$this->error(_ERROR_DUPCATEGORYNAME);
- $blog =& $manager->getBlog($blogid);
- $newCatID = $blog->createNewCategory($cname, $cdesc);
+ $blog =& $manager->getBlog($blogid);
+ $newCatID = $blog->createNewCategory($cname, $cdesc);
$this->action_blogsettings();
}
-
+ /**
+ * @todo document this
+ */
function action_categoryedit($catid = '', $blogid = '', $desturl = '') {
global $member, $manager;
@@ -2471,7 +2677,7 @@ class ADMIN {
$member->blogAdminRights($blogid) or $this->disallow();
$res = sql_query('SELECT * FROM '.sql_table('category')." WHERE cblog=$blogid AND catid=$catid");
- $obj = mysql_fetch_object($res);
+ $obj = sql_fetch_object($res);
$cname = $obj->cname;
$cdesc = $obj->cdesc;
@@ -2479,6 +2685,8 @@ class ADMIN {
$extrahead = '';
$this->pagehead($extrahead);
+ echo "(",_BACK_TO_BLOGSETTINGS,")
";
+
?>
''
-
+
@@ -3030,17 +3280,20 @@ class ADMIN {
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_addnewlog() {
global $member, $manager, $CONF;
// Only Super-Admins can do this
$member->isAdmin() or $this->disallow();
- $bname = trim(postVar('name'));
- $bshortname = trim(postVar('shortname'));
+ $bname = trim(postVar('name'));
+ $bshortname = trim(postVar('shortname'));
$btimeoffset = postVar('timeoffset');
- $bdesc = trim(postVar('desc'));
- $bdefskin = postVar('defskin');
+ $bdesc = trim(postVar('desc'));
+ $bdefskin = postVar('defskin');
if (!isValidShortName($bshortname))
$this->error(_ERROR_BADSHORTBLOGNAME);
@@ -3051,31 +3304,35 @@ class ADMIN {
$manager->notify(
'PreAddBlog',
array(
- 'name' => &$bname,
- 'shortname' => &$bshortname,
- 'timeoffset' => &$btimeoffset,
- 'description' => &$bdescription,
+ 'name' => &$bname,
+ 'shortname' => &$bshortname,
+ 'timeoffset' => &$btimeoffset,
+ 'description' => &$bdesc,
'defaultskin' => &$bdefskin
)
);
// add slashes for sql queries
- $bname = addslashes($bname);
- $bshortname = addslashes($bshortname);
- $btimeoffset = addslashes($btimeoffset);
- $bdesc = addslashes($bdesc);
- $bdefskin = addslashes($bdefskin);
+ $bname = sql_real_escape_string($bname);
+ $bshortname = sql_real_escape_string($bshortname);
+ $btimeoffset = sql_real_escape_string($btimeoffset);
+ $bdesc = sql_real_escape_string($bdesc);
+ $bdefskin = sql_real_escape_string($bdefskin);
// create blog
$query = 'INSERT INTO '.sql_table('blog')." (bname, bshortname, bdesc, btimeoffset, bdefskin) VALUES ('$bname', '$bshortname', '$bdesc', '$btimeoffset', '$bdefskin')";
sql_query($query);
- $blogid = mysql_insert_id();
- $blog =& $manager->getBlog($blogid);
+ $blogid = sql_insert_id();
+ $blog =& $manager->getBlog($blogid);
// create new category
- sql_query('INSERT INTO '.sql_table('category')." (cblog, cname, cdesc) VALUES ($blogid, 'General','Items that do not fit in other categories')");
- $catid = mysql_insert_id();
+ $catdefname = (defined('_EBLOGDEFAULTCATEGORY_NAME') ? _EBLOGDEFAULTCATEGORY_NAME : 'General');
+ $catdefdesc = (defined('_EBLOGDEFAULTCATEGORY_DESC') ? _EBLOGDEFAULTCATEGORY_DESC : 'Items that do not fit in other categories');
+ $sql = 'INSERT INTO %s (cblog, cname, cdesc) VALUES (%d, "%s", "%s")';
+ sql_query(sprintf($sql, sql_table('category'), $blogid, $catdefname, $catdefdesc));
+// sql_query('INSERT INTO '.sql_table('category')." (cblog, cname, cdesc) VALUES ($blogid, _EBLOGDEFAULTCATEGORY_NAME, _EBLOGDEFAULTCATEGORY_DESC)");
+ $catid = sql_insert_id();
// set as default category
$blog->setDefaultCategory($catid);
@@ -3085,10 +3342,15 @@ class ADMIN {
$memberid = $member->getID();
$query = 'INSERT INTO '.sql_table('team')." (tmember, tblog, tadmin) VALUES ($memberid, $blogid, 1)";
sql_query($query);
-
-
- $blog->additem($blog->getDefaultCategory(),'First Item','ããã¯ããªãã®weblogã«ãããæåã®ã¢ã¤ãã ã§ããèªç±ã«åé¤ãã¦ããã ãã¦ãã¾ãã¾ããã','',$blogid, $memberid,$blog->getCorrectTime(),0,0,0);
-
+
+ $itemdeftitle = (defined('_EBLOG_FIRSTITEM_TITLE') ? _EBLOG_FIRSTITEM_TITLE : 'First Item');
+ $itemdefbody = (defined('_EBLOG_FIRSTITEM_BODY') ? _EBLOG_FIRSTITEM_BODY : 'This is the first item in your weblog. Feel free to delete it.');
+
+ $blog->additem($blog->getDefaultCategory(),$itemdeftitle,$itemdefbody,'',$blogid, $memberid,$blog->getCorrectTime(),0,0,0);
+ //$blog->additem($blog->getDefaultCategory(),_EBLOG_FIRSTITEM_TITLE,_EBLOG_FIRSTITEM_BODY,'',$blogid, $memberid,$blog->getCorrectTime(),0,0,0);
+
+
+
$manager->notify(
'PostAddBlog',
array(
@@ -3099,24 +3361,27 @@ class ADMIN {
$manager->notify(
'PostAddCategory',
array(
- 'catid' => $catid
+ 'blog' => &$blog,
+ 'name' => _EBLOGDEFAULTCATEGORY_NAME,
+ 'description' => _EBLOGDEFAULTCATEGORY_DESC,
+ 'catid' => $catid
)
);
$this->pagehead();
?>
- æ°ããweblogãä½æããã¾ãã
+ æ°ããweblog ãããä½æããã¾ãããç¶ãã¦ãããã«ã¢ã¯ã»ã¹ããããã«ä»¥ä¸ã®ã©ã¡ããã®æé ã«é²ãã§ãã ããã
+
- ç°¡åãªæ¹æ³: ä¸ã®ã³ã¼ããè²¼ä»ãã .php ã¨ãããã¡ã¤ã«ãä½æãã é«åº¦ãªæ¹æ³: ç¾å¨ä½¿ç¨ãã¦ããã¹ãã³ã«æ°ããweblogãå±éãããããã®è¨è¿°ãå ãã
-
+ .php ã¨ãããã¡ã¤ã«ãä½æãã¦ãä¸èº«ã«ä»¥ä¸ã®ã³ã¼ããè²¼ãä»ãã:
+
<?php
$CONF['Self'] = '.php ';
@@ -3128,10 +3393,9 @@ selector();
?>ãã§ã«ããindex.phpã¨åããã£ã¬ã¯ããªã«ã¢ãããã¼ããã¾ãã
-
- æ°ããweblogã®ä½æãå®äºããããã«ã¯ãä¸ã«ãã®ãã¡ã¤ã«ã®URLãå
¥åãã¦ãã ããã (ãã§ã«ç¨æããå¤ã§åã£ã¦ããã¨ã¯æãã¾ããä¿è¨¼ã¯ãã¾ãã):
+
+
-
-
- æ°ããweblogã®ä½æãå®äºããããã«ã¯ãä¸ã«URLãå
¥åãã¦ãã ããã (大æµã¯æ¢åblogã¨åãURL)
+
- pagefoot();
+ pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_addnewlog2() {
global $member, $manager;
$member->blogAdminRights($blogid) or $this->disallow();
- $burl = requestVar('url');
- $blogid = intRequestVar('blogid');
+ $burl = requestVar('url');
+ $blogid = intRequestVar('blogid');
$blog =& $manager->getBlog($blogid);
$blog->setURL(trim($burl));
@@ -3183,6 +3449,9 @@ selector();
$this->action_overview(_MSG_NEWBLOG);
}
+ /**
+ * @todo document this
+ */
function action_skinieoverview() {
global $member, $DIR_LIBS, $manager;
@@ -3199,7 +3468,7 @@ selector();
- $skinfile) {
+ $skinfile) {
$html = htmlspecialchars($skinfile);
echo '',$skinname,' ';
}
@@ -3218,7 +3487,7 @@ selector();
- sdnumber;
echo '',htmlspecialchars($skinObj->sdname),' ',htmlspecialchars($templateObj->tdname),'
()
- ''
+ ''
- "._MESSAGE.": $msg";
+ "._MESSAGE.": $msg";
?>
@@ -3556,37 +3858,58 @@ selector();
$this->_templateEditRow($template, _TEMPLATE_AFOOTER, 'ARCHIVELIST_FOOTER', '', 150);
?>
+
+_templateEditRow($template, _TEMPLATE_BLOGHEADER, 'BLOGLIST_HEADER', '', 160);
+ $this->_templateEditRow($template, _TEMPLATE_BLOGITEM, 'BLOGLIST_LISTITEM', '', 170);
+ $this->_templateEditRow($template, _TEMPLATE_BLOGFOOTER, 'BLOGLIST_FOOTER', '', 180);
+?>
+
-_templateEditRow($template, _TEMPLATE_CATHEADER, 'CATLIST_HEADER', '', 160);
- $this->_templateEditRow($template, _TEMPLATE_CATITEM, 'CATLIST_LISTITEM', '', 170);
- $this->_templateEditRow($template, _TEMPLATE_CATFOOTER, 'CATLIST_FOOTER', '', 180);
+_templateEditRow($template, _TEMPLATE_CATHEADER, 'CATLIST_HEADER', '', 190);
+ $this->_templateEditRow($template, _TEMPLATE_CATITEM, 'CATLIST_LISTITEM', '', 200);
+ $this->_templateEditRow($template, _TEMPLATE_CATFOOTER, 'CATLIST_FOOTER', '', 210);
?>
-_templateEditRow($template, _TEMPLATE_PCODE, 'POPUP_CODE', '', 240);
- $this->_templateEditRow($template, _TEMPLATE_ICODE, 'IMAGE_CODE', '', 250);
- $this->_templateEditRow($template, _TEMPLATE_MCODE, 'MEDIA_CODE', '', 260);
+_templateEditRow($template, _TEMPLATE_PCODE, 'POPUP_CODE', '', 270);
+ $this->_templateEditRow($template, _TEMPLATE_ICODE, 'IMAGE_CODE', '', 280);
+ $this->_templateEditRow($template, _TEMPLATE_MCODE, 'MEDIA_CODE', '', 290);
?>
+ \n";
+ echo ''.htmlentities($pfkey)." \n";
+ foreach ($pfvalue as $pffield=>$pfdesc) {
+ $this->_templateEditRow($template, $pfdesc, $pffield, '',++$tab,0);
+ }
+ }
?>
-
@@ -3596,17 +3919,24 @@ selector();
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function _templateEditRow(&$template, $description, $name, $help = '', $tabindex = 0, $big = 0) {
static $count = 1;
+ if (!isset($template[$name])) $template[$name] = '';
?>
-
';
+ $this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_skinupdate() {
global $member;
@@ -4045,6 +4444,9 @@ selector();
$this->action_skinedittype(_SKIN_UPDATED);
}
+ /**
+ * @todo document this
+ */
function action_skindelete() {
global $member, $manager, $CONF;
@@ -4059,8 +4461,8 @@ selector();
// don't allow deletion of default skins for blogs
$query = 'SELECT bname FROM '.sql_table('blog').' WHERE bdefskin=' . $skinid;
$r = sql_query($query);
- if ($o = mysql_fetch_object($r))
- $this->error(_ERROR_SKINDEFDELETE . $o->bname);
+ if ($o = sql_fetch_object($r))
+ $this->error(_ERROR_SKINDEFDELETE . htmlspecialchars($o->bname));
$this->pagehead();
@@ -4072,7 +4474,7 @@ selector();
-
input_yesno('DisableJsTools',$CONF['DisableJsTools'],10075); */?>
- ",_SETTINGS_JSTOOLBAR_NONE,"";
$extra = ($CONF['DisableJsTools'] == 2) ? 'selected="selected"' : '';
echo "",_SETTINGS_JSTOOLBAR_SIMPLE," ";
@@ -4311,12 +4813,32 @@ selector();
+
+ input_yesno('DebugVars',$CONF['DebugVars'],10078);
+
+ ?>
+
+
+
+
+
+
+
+
" . _WARNING_NOTADIR . " ";
if (!is_readable($DIR_MEDIA))
echo "" . _WARNING_NOTREADABLE . " ";
@@ -4430,6 +4952,9 @@ selector();
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_settingsupdate() {
global $member, $CONF;
@@ -4441,37 +4966,39 @@ selector();
// save settings
- $this->updateConfig('DefaultBlog', postVar('DefaultBlog'));
- $this->updateConfig('BaseSkin', postVar('BaseSkin'));
- $this->updateConfig('IndexURL', postVar('IndexURL'));
- $this->updateConfig('AdminURL', postVar('AdminURL'));
+ $this->updateConfig('DefaultBlog', postVar('DefaultBlog'));
+ $this->updateConfig('BaseSkin', postVar('BaseSkin'));
+ $this->updateConfig('IndexURL', postVar('IndexURL'));
+ $this->updateConfig('AdminURL', postVar('AdminURL'));
$this->updateConfig('PluginURL', postVar('PluginURL'));
- $this->updateConfig('SkinsURL', postVar('SkinsURL'));
+ $this->updateConfig('SkinsURL', postVar('SkinsURL'));
$this->updateConfig('ActionURL', postVar('ActionURL'));
- $this->updateConfig('Language', postVar('Language'));
- $this->updateConfig('AdminEmail', postVar('AdminEmail'));
+ $this->updateConfig('Language', postVar('Language'));
+ $this->updateConfig('AdminEmail', postVar('AdminEmail'));
$this->updateConfig('SessionCookie', postVar('SessionCookie'));
$this->updateConfig('AllowMemberCreate',postVar('AllowMemberCreate'));
- $this->updateConfig('AllowMemberMail', postVar('AllowMemberMail'));
+ $this->updateConfig('AllowMemberMail', postVar('AllowMemberMail'));
$this->updateConfig('NonmemberMail', postVar('NonmemberMail'));
- $this->updateConfig('ProtectMemNames', postVar('ProtectMemNames'));
- $this->updateConfig('SiteName', postVar('SiteName'));
+ $this->updateConfig('ProtectMemNames', postVar('ProtectMemNames'));
+ $this->updateConfig('SiteName', postVar('SiteName'));
$this->updateConfig('NewMemberCanLogon',postVar('NewMemberCanLogon'));
- $this->updateConfig('DisableSite', postVar('DisableSite'));
- $this->updateConfig('DisableSiteURL', postVar('DisableSiteURL'));
+ $this->updateConfig('DisableSite', postVar('DisableSite'));
+ $this->updateConfig('DisableSiteURL', postVar('DisableSiteURL'));
$this->updateConfig('LastVisit', postVar('LastVisit'));
- $this->updateConfig('MediaURL', postVar('MediaURL'));
- $this->updateConfig('AllowedTypes', postVar('AllowedTypes'));
- $this->updateConfig('AllowUpload', postVar('AllowUpload'));
+ $this->updateConfig('MediaURL', postVar('MediaURL'));
+ $this->updateConfig('AllowedTypes', postVar('AllowedTypes'));
+ $this->updateConfig('AllowUpload', postVar('AllowUpload'));
$this->updateConfig('MaxUploadSize', postVar('MaxUploadSize'));
- $this->updateConfig('MediaPrefix', postVar('MediaPrefix'));
- $this->updateConfig('AllowLoginEdit', postVar('AllowLoginEdit'));
- $this->updateConfig('DisableJsTools', postVar('DisableJsTools'));
- $this->updateConfig('CookieDomain', postVar('CookieDomain'));
- $this->updateConfig('CookiePath', postVar('CookiePath'));
- $this->updateConfig('CookieSecure', postVar('CookieSecure'));
- $this->updateConfig('URLMode', postVar('URLMode'));
- $this->updateConfig('CookiePrefix', postVar('CookiePrefix'));
+ $this->updateConfig('MediaPrefix', postVar('MediaPrefix'));
+ $this->updateConfig('AllowLoginEdit', postVar('AllowLoginEdit'));
+ $this->updateConfig('DisableJsTools', postVar('DisableJsTools'));
+ $this->updateConfig('CookieDomain', postVar('CookieDomain'));
+ $this->updateConfig('CookiePath', postVar('CookiePath'));
+ $this->updateConfig('CookieSecure', postVar('CookieSecure'));
+ $this->updateConfig('URLMode', postVar('URLMode'));
+ $this->updateConfig('CookiePrefix', postVar('CookiePrefix'));
+ $this->updateConfig('DebugVars', postVar('DebugVars'));
+ $this->updateConfig('DefaultListSize', postVar('DefaultListSize'));
// load new config and redirect (this way, the new language will be used is necessary)
// note that when changing cookie settings, this redirect might cause the user
@@ -4482,40 +5009,188 @@ selector();
}
+ /**
+ * Give an overview over the used system
+ */
+ function action_systemoverview() {
+ global $member, $nucleus, $CONF;
+
+ $this->pagehead();
+
+ echo '' . _ADMIN_SYSTEMOVERVIEW_HEADING . " \n";
+
+ if ($member->isLoggedIn() && $member->isAdmin()) {
+
+ // Information about the used PHP and MySQL installation
+ echo '' . _ADMIN_SYSTEMOVERVIEW_PHPANDMYSQL . " \n";
+
+ // Version of PHP MySQL
+ echo "\n";
+ echo "\t\n";
+ echo "\t\t" . '' . _ADMIN_SYSTEMOVERVIEW_VERSIONS . " \n";
+ echo "\t \n";
+ echo "\t\t" . '' . _ADMIN_SYSTEMOVERVIEW_PHPVERSION . " \n";
+ echo "\t\t" . '' . phpversion() . " \n";
+ echo "\t \n";
+ echo "\t\t" . '' . _ADMIN_SYSTEMOVERVIEW_MYSQLVERSION . " \n";
+ echo "\t\t" . '' . sql_get_server_info() . ' (' . sql_get_client_info() . ')' . " \n";
+ echo "\t ";
+ echo "
\n";
+
+ // Important PHP settings
+ echo "\n";
+ echo "\t\n";
+ echo "\t\t" . '' . _ADMIN_SYSTEMOVERVIEW_SETTINGS . " \n";
+ echo "\t \n";
+ echo "\t\t" . 'magic_quotes_gpc' . " \n";
+ $mqg = get_magic_quotes_gpc() ? 'On' : 'Off';
+ echo "\t\t" . '' . $mqg . " \n";
+ echo "\t \n";
+ echo "\t\t" . 'magic_quotes_runtime' . " \n";
+ $mqr = get_magic_quotes_runtime() ? 'On' : 'Off';
+ echo "\t\t" . '' . $mqr . " \n";
+ echo "\t \n";
+ echo "\t\t" . 'register_globals' . " \n";
+ $rg = ini_get('register_globals') ? 'On' : 'Off';
+ echo "\t\t" . '' . $rg . " \n";
+ echo "\t ";
+ echo "
\n";
+
+ // Information about GD library
+ $gdinfo = gd_info();
+ echo "\n";
+ echo "\t";
+ echo "\t\t" . '' . _ADMIN_SYSTEMOVERVIEW_GDLIBRALY . " \n";
+ echo "\t \n";
+ foreach ($gdinfo as $key=>$value) {
+ if (is_bool($value)) {
+ $value = $value ? _ADMIN_SYSTEMOVERVIEW_ENABLE : _ADMIN_SYSTEMOVERVIEW_DISABLE;
+ } else {
+ $value = htmlspecialchars($value, ENT_QUOTES);
+ }
+ echo "\t";
+ echo "\t\t" . '' . $key . " \n";
+ echo "\t\t" . '' . $value . " \n";
+ echo "\t \n";
+ }
+ echo "
\n";
+
+ // Check if special modules are loaded
+ ob_start();
+ phpinfo(INFO_MODULES);
+ $im = ob_get_contents();
+ ob_clean();
+ echo "\n";
+ echo "\t";
+ echo "\t\t" . '' . _ADMIN_SYSTEMOVERVIEW_MODULES . " \n";
+ echo "\t \n";
+ echo "\t\t" . 'mod_rewrite' . " \n";
+ $modrewrite = (strstr($im, 'mod_rewrite') != '') ?
+ _ADMIN_SYSTEMOVERVIEW_ENABLE :
+ _ADMIN_SYSTEMOVERVIEW_DISABLE;
+ echo "\t\t" . '' . $modrewrite . " \n";
+ echo "\t \n";
+ echo "
\n";
+
+ // Information about the used Nucleus CMS
+ echo '' . _ADMIN_SYSTEMOVERVIEW_NUCLEUSSYSTEM . " \n";
+ global $nucleus;
+ $nv = getNucleusVersion() / 100 . '(' . $nucleus['version'] . ')';
+ $np = getNucleusPatchLevel();
+ echo "\n";
+ echo "\t";
+ echo "\t\t" . 'Nucleus CMS' . " \n";
+ echo "\t \n";
+ echo "\t\t" . '' . _ADMIN_SYSTEMOVERVIEW_NUCLEUSVERSION . " \n";
+ echo "\t\t" . '' . $nv . " \n";
+ echo "\t \n";
+ echo "\t\t" . '' . _ADMIN_SYSTEMOVERVIEW_NUCLEUSPATCHLEVEL . " \n";
+ echo "\t\t" . '' . $np . " \n";
+ echo "\t \n";
+ echo "
\n";
+
+ // Important settings of the installation
+ echo "\n";
+ echo "\t";
+ echo "\t\t" . '' . _ADMIN_SYSTEMOVERVIEW_NUCLEUSSETTINGS . " \n";
+ echo "\t \n";
+ echo "\t\t" . '' . '$CONF[' . "'Self'] \n";
+ echo "\t\t" . '' . $CONF['Self'] . " \n";
+ echo "\t \n";
+ echo "\t\t" . '' . '$CONF[' . "'ItemURL'] \n";
+ echo "\t\t" . '' . $CONF['ItemURL'] . " \n";
+ echo "\t \n";
+ echo "\t\t" . '' . '$CONF[' . "'alertOnHeadersSent'] \n";
+ $ohs = $CONF['alertOnHeadersSent'] ?
+ _ADMIN_SYSTEMOVERVIEW_ENABLE :
+ _ADMIN_SYSTEMOVERVIEW_DISABLE;
+ echo "\t\t" . '' . $ohs . " \n";
+ echo "\t \n";
+ echo "
\n";
+
+ // Link to the online version test at the Nucleus CMS website
+ echo '' . _ADMIN_SYSTEMOVERVIEW_VERSIONCHECK . " \n";
+ if ($nucleus['codename'] != '') {
+ $codenamestring = ' "' . $nucleus['codename'] . '"';
+ } else {
+ $codenamestring = '';
+ }
+ echo _ADMIN_SYSTEMOVERVIEW_VERSIONCHECK_TXT;
+ $checkURL = sprintf(_ADMIN_SYSTEMOVERVIEW_VERSIONCHECK_URL, getNucleusVersion(), getNucleusPatchLevel());
+ echo '';
+ echo 'Nucleus CMS ' . $nv . $codenamestring;
+ echo ' ';
+ //echo 'Error!
- ";
echo ""._BACK." ";
$this->pagefoot();
exit;
}
+ /**
+ * @todo document this
+ */
function disallow() {
ACTIONLOG::add(WARNING, _ACTIONLOG_DISALLOWED . serverVar('REQUEST_URI'));
$this->error(_ERROR_DISALLOWED);
}
-
+ /**
+ * @todo document this
+ */
function pagehead($extrahead = '') {
global $member, $nucleus, $CONF, $manager;
@@ -4531,8 +5206,9 @@ selector();
?>
-
+ >
+ <?php echo htmlspecialchars($CONF['SiteName'])?> - Admin
- isLoggedIn())
+ isLoggedIn())
echo _LOGGEDINAS . ' ' . $member->getDisplayName()
." -
" . _LOGOUT. " "
. "
" . _ADMINHOME . " - ";
@@ -4566,14 +5243,28 @@ selector();
echo '
(';
- if ($member->isLoggedIn() && $member->isAdmin())
- echo '
Nucleus CMS ', $nucleus['version'], ' ';
- else
- echo 'Nucleus CMS ' , $nucleus['version'];
+ $codenamestring = ($nucleus['codename']!='')? ' "'.$nucleus['codename'].'"':'';
+
+ if ($member->isLoggedIn() && $member->isAdmin()) {
+ $checkURL = sprintf(_ADMIN_SYSTEMOVERVIEW_VERSIONCHECK_URL, getNucleusVersion(), getNucleusPatchLevel());
+ echo '
Nucleus CMS ' . $nucleus['version'] . $codenamestring . ' ';
+ $newestVersion = getLatestVersion();
+ $newestCompare = str_replace('/','.',$newestVersion);
+ $newestCompare = intval($newestCompare);
+ $currentVersion = str_replace(array('/','v'),array('.',''),$nucleus['version']);
+ if ($newestVersion && version_compare($newestCompare,$currentVersion) > 0) {
+ echo '
'._ADMIN_SYSTEMOVERVIEW_LATESTVERSION_TEXT.$newestVersion.' ';
+ }
+ } else {
+ echo 'Nucleus CMS ' . $nucleus['version'] . $codenamestring;
+ }
echo ')';
echo '
';
}
+ /**
+ * @todo document this
+ */
function pagefoot() {
global $action, $member, $manager;
@@ -4591,19 +5282,19 @@ selector();
-
+
-
+
+
-
- Bookmarklet
+
- Bookmarklet ã¨ã¯ãã¯ãªãã¯1åã§è¨äºã®æ稿ãã§ããã·ã¹ãã ã§ãã ãã® Bookmarklet ãã¤ã³ã¹ãã¼ã«ããã¨ããã©ã¦ã¶ã®ãã¼ã«ãã¼ã®'add to weblog'ãã¿ã³ãå©ç¨å¯è½ã¨ãªããNucleusã®æ°è¦ã¢ã¤ãã ã®è¿½å ã¦ã£ã³ãã¦ããããã¢ãããã¾ããä»»æã®Webãã¼ã¸ãéããç¶æ
ã§ãã®ãã¿ã³ãæ¼ãã°ããã®Webãã¼ã¸ã®ã¿ã¤ãã«ã¨ããã®ãã¼ã¸ã¸ã®ãªã³ã¯ã¿ã°ããã§ã«åãè¾¼ã¾ããç¶æ
ã§ã¢ã¤ãã 追å ã¦ã£ã³ãã¦ãéããããã«ããã®ãã¼ã¸å
ã«å¼ç¨ãããæãé¸æããç¶æ
ã§ããã°ãã®å¼ç¨æãèªåçã«å¼ç¨ãã¾ãã
+
- Bookmarklet
+
- ä¸ã®ãªã³ã¯é¨åãããæ°ã«å
¥ãããããã¯ãã¼ã«ãã¼ã«ãã©ãã°ã§ãã¾ãã(ãã®åã«ãã¹ããã¦ã¿ããå ´åã¯åç´ã«ä¸ã®ãªã³ã¯ãã¯ãªãã¯ãã¦ã¿ã¦ãã ãã)
+ Add to getShortName()?> (ã»ã¨ãã©ã®ãã©ã¦ã¶ã§åä½ãã¾ã)
+ ' . sprintf(_BOOKMARKLET_ANCHOR, htmlspecialchars($blog->getName(), ENT_QUOTES)) . '' . _BOOKMARKLET_BMARKFOLLOW; ?>
- å³ã¯ãªãã¯ã¡ãã¥ã¼ã«ã¤ã³ã¹ãã¼ã« (Windowsã§IE使ç¨æ)
+
addTicketToUrl($url);
?>
- ãããã¯å³ã¯ãªãã¯ã¡ãã¥ã¼ ã«ã¤ã³ã¹ãã¼ã«ãããã¨ãã§ãã¾ã (ãéãããé¸æããã°ç´æ¥ã¬ã¸ã¹ããªã«ç»é²ãã¾ã)
+ ' . _BOOKMARKLET_RIGHTLABEL . '' . _BOOKMARKLET_RIGHTTEXT2; ?>
- ãã®ã¤ã³ã¹ãã¼ã«ããå³ã¯ãªãã¯ã¡ãã¥ã¼ã表示ããããã«ã¯IEã®åèµ·åãå¿
è¦ã§ãã
+
- ã¢ã³ã¤ã³ã¹ãã¼ã«
+
- ããæ°ã«å
¥ãããããã¯ãã¼ã«ãã¼ããæ¶ãã«ã¯ãåã«åé¤ããã ãã§ãã
+
-
+
- å³ã¯ãªãã¯ã¡ãã¥ã¼ããæ¶ãããæã¯ã以ä¸ã®æé ãè¸ãã§ãã ãã:
+
- ã¹ã¿ã¼ãã¡ãã¥ã¼ããããã¡ã¤ã«ãæå®ãã¦å®è¡...ããé¸æ
- "regedit" ã¨å
¥å
- "OK" ãã¿ã³ãæ¼ã
- "\HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt" ãããªã¼ã®ä¸ããæ¤ç´¢
- "add to weblog" ã¨ã³ããªãåé¤
+
blogAdminRights($blogid) or $this->disallow();
$blog =& $manager->getBlog($blogid);
+ $banBlogName = htmlspecialchars($blog->getName(), ENT_QUOTES);
$this->pagehead();
?>
@@ -4880,7 +5586,8 @@ selector();
Only blog 'getName())?>'
+
@@ -4898,6 +5605,9 @@ selector();
$this->pagefoot();
}
+ /**
+ * @todo document this
+ */
function action_banlistdeleteconfirm() {
global $member, $manager;
@@ -4941,10 +5651,16 @@ selector();
}
+ /**
+ * @todo document this
+ */
function action_banlistnewfromitem() {
$this->action_banlistnew(getBlogIDFromItemID(intRequestVar('itemid')));
}
+ /**
+ * @todo document this
+ */
function action_banlistnew($blogid = '') {
global $member, $manager;
@@ -4969,16 +5685,23 @@ selector();
- An example : "134.58.253.193" will only block one computer, while "134.58.253" will block 256 IP addresses, including the one from the first example.
+
-
- Custom:
' , _PLUGS_TITLE_MANAGE , ' ', help('plugins'), ' ';
- echo '' , _PLUGS_TITLE_INSTALLED , ' ';
+ echo '' , _PLUGS_TITLE_INSTALLED , ' ', helplink('getplugins'), _PLUGS_TITLE_GETPLUGINS, ' ';
$query = 'SELECT * FROM '.sql_table('plugin').' ORDER BY porder ASC';
@@ -5185,22 +5926,31 @@ selector();
@@ -5210,20 +5960,29 @@ selector();
- ',htmlspecialchars($name),'';
+ ',htmlspecialchars($name),'';
+ }
?>
actionlog for more info)');
+ $this->error(_ERROR_PLUGIN_LOAD);
}
// check if plugin needs a newer Nucleus version
@@ -5325,7 +6071,7 @@ selector();
$this->deleteOnePlugin($plugin->getID());
// ...and show error
- $this->error(_ERROR_NUCLEUSVERSIONREQ . $plugin->getMinNucleusVersion());
+ $this->error(_ERROR_NUCLEUSVERSIONREQ . htmlspecialchars($plugin->getMinNucleusVersion()));
}
// check if plugin needs a newer Nucleus version
@@ -5335,9 +6081,24 @@ selector();
$this->deleteOnePlugin($plugin->getID());
// ...and show error
- $this->error(_ERROR_NUCLEUSVERSIONREQ . $plugin->getMinNucleusVersion() . ' patch ' . $plugin->getMinNucleusPatchLevel());
+ $this->error(_ERROR_NUCLEUSVERSIONREQ . htmlspecialchars( $plugin->getMinNucleusVersion() . ' patch ' . $plugin->getMinNucleusPatchLevel() ) );
}
+ $pluginList = $plugin->getPluginDep();
+ foreach ($pluginList as $pluginName)
+ {
+
+ $res = sql_query('SELECT * FROM '.sql_table('plugin') . ' WHERE pfile="' . $pluginName . '"');
+ if (sql_num_rows($res) == 0)
+ {
+ // uninstall plugin again...
+ $this->deleteOnePlugin($plugin->getID());
+
+ $this->error(sprintf(_ERROR_INSREQPLUGIN, htmlspecialchars($pluginName, ENT_QUOTES)));
+ }
+ }
+
+ // call the install method of the plugin
$plugin->install();
$manager->notify(
@@ -5351,8 +6112,11 @@ selector();
$this->action_pluginupdate();
}
+ /**
+ * @todo document this
+ */
function action_pluginupdate() {
- global $member, $manager;
+ global $member, $manager, $CONF;
// check if allowed
$member->isAdmin() or $this->disallow();
@@ -5362,20 +6126,24 @@ selector();
// loop over all installed plugins
$res = sql_query('SELECT pid, pfile FROM '.sql_table('plugin'));
- while($o = mysql_fetch_object($res)) {
+ while($o = sql_fetch_object($res)) {
$pid = $o->pid;
$plug =& $manager->getPlugin($o->pfile);
if ($plug)
{
$eventList = $plug->getEventList();
foreach ($eventList as $eventName)
- sql_query('INSERT INTO '.sql_table('plugin_event').' (pid, event) VALUES ('.$pid.', \''.addslashes($eventName).'\')');
+ sql_query('INSERT INTO '.sql_table('plugin_event').' (pid, event) VALUES ('.$pid.', \''.sql_real_escape_string($eventName).'\')');
}
}
- $this->action_pluginlist();
+ redirect($CONF['AdminURL'] . '?action=pluginlist');
+// $this->action_pluginlist();
}
+ /**
+ * @todo document this
+ */
function action_plugindelete() {
global $member, $manager;
@@ -5399,11 +6167,15 @@ selector();
()
- Options for
+ Options for ', htmlspecialchars($aOption['pfile']),' '.sprintf(_PLUGIN_OPTIONS_TITLE, htmlspecialchars($aOption['pfile'], ENT_QUOTES)).' ';
+ listplug_plugOptionRow($aOption);
+ echo ' ';
}
-
- echo '';
- listplug_plugOptionRow($aOption);
- echo ' ';
-
}
-
-
}
- /* helper functions to create option forms etc. */
- function input_yesno($name, $checkedval,$tabindex = 0, $value1 = 1, $value2 = 0, $yesval = _YES, $noval = _NO) {
+ /**
+ * Helper functions to create option forms etc.
+ * @todo document parameters
+ */
+ function input_yesno($name, $checkedval,$tabindex = 0, $value1 = 1, $value2 = 0, $yesval = _YES, $noval = _NO, $isAdmin = 0) {
$id = htmlspecialchars($name);
$id = str_replace('[','-',$id);
$id = str_replace(']','-',$id);
$id1 = $id . htmlspecialchars($value1);
$id2 = $id . htmlspecialchars($value2);
- echo '' . $yesval . ' ';
echo ' ';
- echo '' . $noval . ' ';
}
-
-
} // class ADMIN
-class ENCAPSULATE {
- /**
- * Uses $call to call a function using parameters $params
- * This function should return the amount of entries shown.
- * When entries are show, batch operation handlers are shown too.
- * When no entries were shown, $errormsg is used to display an error
- *
- * Passes on the amount of results found (for further encapsulation)
- */
- function doEncapsulate($call, $params, $errorMessage = 'No entries') {
- // start output buffering
- ob_start();
-
- $nbOfRows = call_user_func_array($call, $params);
-
- // get list contents and stop buffering
- $list = ob_get_contents();
- ob_end_clean();
-
- if ($nbOfRows > 0) {
- $this->showHead();
- echo $list;
- $this->showFoot();
- } else {
- echo $errorMessage;
- }
-
- return $nbOfRows;
- }
-}
-
-
-/**
- * A class used to encapsulate a list of some sort inside next/prev buttons
- */
-class NAVLIST extends ENCAPSULATE {
-
- function NAVLIST($action, $start, $amount, $minamount, $maxamount, $blogid, $search, $itemid) {
- $this->action = $action;
- $this->start = $start;
- $this->amount = $amount;
- $this->minamount = $minamount;
- $this->maxamount = $maxamount;
- $this->blogid = $blogid;
- $this->search = $search;
- $this->itemid = $itemid;
- }
-
- function showBatchList($batchtype, $query, $type, $template, $errorMessage = _LISTS_NOMORE) {
- $batch =& new BATCH($batchtype);
-
- $this->doEncapsulate(
- array(&$batch, 'showlist'),
- array(&$query, $type, $template),
- $errorMessage
- );
-
- }
-
-
- function showHead() {
- $this->showNavigation();
- }
- function showFoot() {
- $this->showNavigation();
- }
-
- /**
- * Displays a next/prev bar for long tables
- */
- function showNavigation() {
- $action = $this->action;
- $start = $this->start;
- $amount = $this->amount;
- $minamount = $this->minamount;
- $maxamount = $this->maxamount;
- $blogid = $this->blogid;
- $search = $this->search;
- $itemid = $this->itemid;
-
- $prev = $start - $amount;
- if ($prev < $minamount) $prev=$minamount;
-
- // maxamount not used yet
- // if ($start + $amount <= $maxamount)
- $next = $start + $amount;
- // else
- // $next = $start;
-
- ?>
-
- type = $type;
- }
-
- function showHead() {
- ?>
-
-
-
-
-
- type) {
- case 'item':
- $options = array(
- 'delete' => _BATCH_ITEM_DELETE,
- 'move' => _BATCH_ITEM_MOVE
- );
- break;
- case 'member':
- $options = array(
- 'delete' => _BATCH_MEMBER_DELETE,
- 'setadmin' => _BATCH_MEMBER_SET_ADM,
- 'unsetadmin' => _BATCH_MEMBER_UNSET_ADM
- );
- break;
- case 'team':
- $options = array(
- 'delete' => _BATCH_TEAM_DELETE,
- 'setadmin' => _BATCH_TEAM_SET_ADM,
- 'unsetadmin' => _BATCH_TEAM_UNSET_ADM,
- );
- break;
- case 'category':
- $options = array(
- 'delete' => _BATCH_CAT_DELETE,
- 'move' => _BATCH_CAT_MOVE,
- );
- break;
- case 'comment':
- $options = array(
- 'delete' => _BATCH_COMMENT_DELETE,
- );
- break;
- }
- foreach ($options as $option => $label) {
- echo '',$label,' ';
- }
- ?>
-
-
- addTicketHidden();
-
- // add hidden fields for 'team' and 'comment' batchlists
- if ($this->type == 'team')
- {
- echo '
';
- }
- if ($this->type == 'comment')
- {
- echo '
';
- }
-
- echo '
';
- ?>(
-
-
-
- )
-
';
-
- // add extra row if needed
- if ($template['extra']) {
- echo '',$template['extra'],' ';
- }
-
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo 'value)
- echo ' selected="selected" ';
- if ($template['shorten'] > 0) {
- echo ' title="'. htmlspecialchars($current->text).'"';
- $current->text = shorten($current->text, $template['shorten'], $template['shortenel']);
- }
- echo '>' . htmlspecialchars($current->text) . ' ';
- break;
- case 'FOOT':
- echo ' ';
- break;
- }
-}
-
-function listplug_table($template, $type) {
- switch($type) {
- case 'HEAD':
- echo "";
- echo "";
- // print head
- call_user_func("listplug_table_" . $template['content'] , $template, 'HEAD');
- echo " ";
- break;
- case 'BODY':
- // print tabletype specific thingies
- echo "";
- call_user_func("listplug_table_" . $template['content'] , $template, 'BODY');
- echo " ";
- break;
- case 'FOOT':
- call_user_func("listplug_table_" . $template['content'] , $template, 'FOOT');
- echo "
";
- break;
- }
-}
-
-function listplug_table_memberlist($template, $type) {
- switch($type) {
- case 'HEAD':
- echo '' . _LIST_MEMBER_NAME . ' ' . _LIST_MEMBER_RNAME . ' ' . _LIST_MEMBER_URL . ' ' . _LIST_MEMBER_ADMIN;
- help('superadmin');
- echo " " . _LIST_MEMBER_LOGIN;
- help('canlogin');
- echo " " . _LISTS_ACTIONS. " ";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '';
- $id = listplug_nextBatchId();
- echo '';
- echo "", htmlspecialchars($current->mname), " ";
- echo ' ';
- echo ' ';
- echo '', htmlspecialchars($current->mrealname), ' ';
- echo "$current->murl ', ($current->madmin ? _YES : _NO),' ';
- echo '', ($current->mcanlogin ? _YES : _NO), ' ';
- echo ""._LISTS_EDIT." "._LISTS_DELETE." "._LIST_MEMBER_NAME." "._LIST_MEMBER_RNAME." "._LIST_TEAM_ADMIN;
- help('teamadmin');
- echo " "._LISTS_ACTIONS." ";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '';
- $id = listplug_nextBatchId();
- echo '';
- echo "", htmlspecialchars($current->mname), " ";
- echo ' ';
- echo ' ';
- echo '', htmlspecialchars($current->mrealname), ' ';
- echo '', ($current->tadmin ? _YES : _NO) , ' ';
- echo ""._LISTS_DELETE." "._LIST_TEAM_CHADMIN." '._LISTS_INFO.' '._LISTS_DESC.' ';
- echo ''._LISTS_ACTIONS.' ';
- break;
- case 'BODY':
- $current = $template['current'];
-
- $plug =& $manager->getPlugin($current->pfile);
- if ($plug) {
- echo '';
- echo '' , htmlspecialchars($plug->getName()) , ' ',_LIST_PLUGS_SITE,' ';
- echo '';
- echo _LIST_PLUGS_DESC .'',_LIST_PLUG_SUBS_NEEDUPDATE,' ';
- }
- if (sizeof($plug->getPluginDep()) > 0)
- echo ' ';
- } else {
- echo 'Error: plugin file ',htmlspecialchars($current->pfile),'.php could not be loaded, or it has been set inactive because it does not support some features (check the actionlog for more info) ';
- }
- echo '';
-
- $baseUrl = 'index.php?plugid=' . intval($current->pid) . '&action=';
- $url = $manager->addTicketToUrl($baseUrl . 'pluginup');
- echo "",_LIST_PLUGS_UP," ";
- $url = $manager->addTicketToUrl($baseUrl . 'plugindown');
- echo "",_LIST_PLUGS_DOWN," ";
- echo "",_LIST_PLUGS_UNINSTALL," ";
- if ($plug && ($plug->hasAdminArea() > 0))
- echo "",_LIST_PLUGS_ADMIN," ";
- if ($plug && ($plug->supportsFeature('HelpPage') > 0))
- echo "",_LIST_PLUGS_HELP," ";
- if (quickQuery('SELECT COUNT(*) AS result FROM '.sql_table('plugin_option_desc').' WHERE ocontext=\'global\' and opid='.$current->pid) > 0)
- echo "",_LIST_PLUGS_OPTIONS," ";
- echo ' ';
- break;
- }
-}
-
-function listplug_table_plugoptionlist($template, $type) {
- global $manager;
- switch($type) {
- case 'HEAD':
- echo ''._LISTS_INFO.' '._LISTS_VALUE.' ';
- break;
- case 'BODY':
- $current = $template['current'];
- listplug_plugOptionRow($current);
- break;
- case 'FOOT':
- ?>
-
-
-
- ',htmlspecialchars($current['description']?$current['description']:$current['name']),'';
- echo '';
- switch($current['type']) {
- case 'yesno':
- ADMIN::input_yesno($varname, $current['value'], 0, 'yes', 'no');
- break;
- case 'password':
- echo '';
- $aOptions = NucleusPlugin::getOptionSelectValues($current['typeinfo']);
- $aOptions = explode('|', $aOptions);
- for ($i=0; $i<(count($aOptions)-1); $i+=2) {
- echo ''.htmlspecialchars($aOptions[$i]).' ';
- }
- echo ' ';
- break;
- case 'textarea':
- //$meta = NucleusPlugin::getOptionMeta($current['typeinfo']);
- echo '';
- break;
- case 'text':
- default:
- //$meta = NucleusPlugin::getOptionMeta($current['typeinfo']);
-
- echo ' ';
- }
-}
-
-function listplug_table_itemlist($template, $type) {
- switch($type) {
- case 'HEAD':
- echo ""._LIST_ITEM_INFO." "._LIST_ITEM_CONTENT." "._LISTS_ACTIONS." ";
- break;
- case 'BODY':
- $current = $template['current'];
- $current->itime = strtotime($current->itime); // string -> unix timestamp
-
- if ($current->idraft == 1)
- $cssclass = "class='draft'";
-
- // (can't use offset time since offsets might vary between blogs)
- if ($current->itime > $template['now'])
- $cssclass = "class='future'";
-
- echo "",_LIST_ITEM_BLOG,' ', htmlspecialchars($current->bshortname);
- echo " ";
- echo "";
-
- $id = listplug_nextBatchId();
-
- echo '';
- echo "" . htmlspecialchars(strip_tags($current->ititle)) . " ";
- echo ' ';
- echo " ";
- echo "";
- echo ""._LISTS_EDIT." ";
- echo ""._LISTS_COMMENTS." ";
- echo ""._LISTS_MOVE." ";
- echo ""._LISTS_DELETE." ";
- echo " ";
- break;
- }
-}
-
-// for batch operations: generates the index numbers for checkboxes
-function listplug_nextBatchId() {
- static $id = 0;
- return $id++;
-}
-
-function listplug_table_commentlist($template, $type) {
- switch($type) {
- case 'HEAD':
- echo ""._LISTS_INFO." "._LIST_COMMENT." "._LISTS_ACTIONS." ";
- break;
- case 'BODY':
- $current = $template['current'];
- $current->ctime = strtotime($current->ctime); // string -> unix timestamp
-
- echo '';
- echo date("Y-m-d@H:i",$current->ctime);
- echo ' ';
-
-
- $current->cbody = strip_tags($current->cbody);
- $current->cbody = htmlspecialchars(shorten($current->cbody, 300, '...'));
-
- echo '';
- $id = listplug_nextBatchId();
- echo '';
- echo $current->cbody;
- echo ' ';
- echo ' ';
-
- echo ""._LISTS_EDIT." "._LISTS_DELETE." "._LIST_COMMENT_BANIP." " . _NAME . " " ._LISTS_ACTIONS. " ";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo "" . _BLOGLIST_ADD . " ". _BLOGLIST_EDIT." ". _BLOGLIST_COMMENTS." ". _BLOGLIST_BMLET . " " ._BLOGLIST_SETTINGS. " ". _BLOGLIST_BANS." " ._BLOGLIST_DELETE. " " . _NAME . " " . _NAME. " ";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '' , htmlspecialchars($current->bshortname) , ' ';
- echo '' , htmlspecialchars($current->bname) , ' ';
-
- break;
- }
-}
-
-function listplug_table_shortnames($template, $type) {
- switch($type) {
- case 'HEAD':
- echo "" . _NAME . " " . _LISTS_DESC. " ";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '' , htmlspecialchars($current->name) , ' ';
- echo '' , htmlspecialchars($current->description) , ' ';
-
- break;
- }
-}
-
-
-function listplug_table_categorylist($template, $type) {
- switch($type) {
- case 'HEAD':
- echo ""._LISTS_NAME." "._LISTS_DESC." "._LISTS_ACTIONS." ";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '';
- $id = listplug_nextBatchId();
- echo '';
- echo htmlspecialchars($current->cname);
- echo ' ';
- echo ' ';
-
- echo '', htmlspecialchars($current->cdesc), ' ';
- echo ""._LISTS_DELETE." "._LISTS_EDIT." "._LISTS_NAME." "._LISTS_DESC." "._LISTS_ACTIONS." ";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo "" , htmlspecialchars($current->tdname), " ";
- echo "" , htmlspecialchars($current->tddesc), " ";
- echo ""._LISTS_EDIT." "._LISTS_CLONE." "._LISTS_DELETE." "._LISTS_NAME." "._LISTS_DESC." "._LISTS_ACTIONS." ";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '';
-
- // use a special style for the default skin
- if ($current->sdnumber == $CONF['BaseSkin']) {
- echo '',htmlspecialchars($current->sdname),' ';
- } else {
- echo htmlspecialchars($current->sdname);
- }
-
- echo '';
-
- echo ' ';
-
- if (@file_exists($DIR_SKINS . $current->sdincpref . 'readme.html'))
- {
- echo 'Readme ';
- }
-
-
- }
-
- echo " ";
-
-
- echo "" , htmlspecialchars($current->sddesc);
- // show list of defined parts
- $r = sql_query('SELECT stype FROM '.sql_table('skin').' WHERE sdesc='.$current->sdnumber . ' ORDER BY stype');
- $types = array();
- while ($o = mysql_fetch_object($r))
- array_push($types,$o->stype);
- if (sizeof($types) > 0) {
- $friendlyNames = SKIN::getFriendlyNames();
- for ($i=0;$i' . htmlspecialchars($friendlyNames[$type]) . "";
- }
- echo ' ";
- echo ""._LISTS_EDIT." "._LISTS_CLONE." "._LISTS_DELETE." "._LISTS_BLOG." "._LISTS_TITLE." "._LISTS_ACTIONS." ";
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '', htmlspecialchars($current->bshortname) , ' ';
- echo '', htmlspecialchars(strip_tags($current->ititle)) , ' ';
- echo ""._LISTS_EDIT." "._LISTS_DELETE." '._LISTS_TIME.' '._LIST_ACTION_MSG.' ';
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '' , htmlspecialchars($current->timestamp), ' ';
- echo '' , htmlspecialchars($current->message), ' ';
-
- break;
- }
-}
-
-function listplug_table_banlist($template, $type) {
- switch($type) {
- case 'HEAD':
- echo ''._LIST_BAN_IPRANGE.' '. _LIST_BAN_REASON.' '._LISTS_ACTIONS.' ';
- break;
- case 'BODY':
- $current = $template['current'];
-
- echo '' , htmlspecialchars($current->iprange) , ' ';
- echo '' , htmlspecialchars($current->reason) , ' ';
- echo "",_LISTS_DELETE,"