public function importAdminCP($parsedXML, $startat = 0, $perpage = 1, $overwrite = false, $styleid = -1, $anyversion = false, $extra = array())
{
/*
* Since this function allows passing in a string rather than pulling a file from the filesystem, we should
* be more careful about who can call it
* This check is based on the admincp/template.php script @ if ($_REQUEST['do'] == 'upload'). We should keep them in line.
*/
if (!vB::getUserContext()->hasAdminPermission('canadmintemplates') or !vB::getUserContext()->hasAdminPermission('canadminstyles')) {
require_once DIR . '/includes/adminfunctions.php';
print_cp_no_permission();
}
if (empty($parsedXML['guid'])) {
// todo: some error handling here if basic xml file validation isn't okay.
}
$this->parsedXML['theme'] = $parsedXML;
// make sure we have the theme parent, as any imported themes will be its children
if (empty(self::$themeParent['guid'])) {
$this->getDefaultParentTheme();
}
/*
* drop any unexpected extra variables.
* Let's also clean them, since there might be someway a user w/ the right permissions
* hits this function directly. So here we have an issue. If coming through the adminCP page,
* things will already be cleaned, so STRINGS will already be escaped. However, I don't think
* the title should contain any special HTML characters, so I think we don't have to worry about
* double escaping here. If we do end up having to worry about double escaping, we need to remove
* the cleaning here, and just rely on the adminCP page's cleaning, then make sure NOTHING HERE
* GOES STRAIGHT TO DB without going through the assertor in adminfunctions_template.php
*/
$unclean = $extra;
$extra = array();
$cleanMap = array('title' => vB_Cleaner::TYPE_STR, 'parentid' => vB_Cleaner::TYPE_INT, 'displayorder' => vB_Cleaner::TYPE_INT, 'userselect' => vB_Cleaner::TYPE_BOOL);
foreach ($unclean as $key => $value) {
if (isset($cleanMap[$key])) {
$extra[$key] = vB::getCleaner()->clean($value, $cleanMap[$key]);
}
}
return $this->import($startat, $perpage, $overwrite, $styleid, $anyversion, $extra);
}
// ######################## SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE & ~8192);
// ##################### DEFINE IMPORTANT CONSTANTS #######################
define('CVS_REVISION', '$RCSfile$ - $Revision: 39862 $');
// #################### PRE-CACHE TEMPLATES AND DATA ######################
$phrasegroups = array();
$specialtemplates = array('bookmarksitecache');
// ########################## REQUIRE BACK-END ############################
require_once './global.php';
require_once DIR . '/includes/adminfunctions_bookmarksite.php';
// ############################# LOG ACTION ###############################
$vbulletin->input->clean_array_gpc('r', array('bookmarksiteid' => TYPE_INT));
log_admin_action($vbulletin->GPC['bookmarksiteid'] != 0 ? "bookmark site id = " . $vbulletin->GPC['bookmarksiteid'] : '');
// ######################## CHECK ADMIN PERMISSIONS #######################
if (!can_administer('canadminsettings')) {
print_cp_no_permission();
}
// ########################################################################
// ######################### START MAIN SCRIPT ############################
// ########################################################################
print_cp_header($vbphrase['social_bookmarking_manager']);
// default action
if (empty($_REQUEST['do'])) {
$_REQUEST['do'] = 'modify';
}
// ########################################################################
// when we want to add a new site from the site list page we need change the action before the main 'socialbookmarks_setpost' handler
// we came here if somebody press the add button in the sitelist edit/save form
if ($_POST['do'] == 'socialbookmarks_setpost' and $vbulletin->GPC['add']) {
$_POST['do'] = 'add';
}
function get_style_export_xml
(
$styleid,
$product,
$product_version,
$title,
$mode
)
{
//only is the (badly named) list of template groups
global $vbulletin, $vbphrase, $only;
if ($styleid == -1)
{
// set the style title as 'master style'
$style = array('title' => $vbphrase['master_style']);
$sqlcondition = "styleid = -1";
$parentlist = "-1";
$is_master = true;
}
else
{
// query everything from the specified style
$style = $vbulletin->db->query_first("
SELECT *
FROM " . TABLE_PREFIX . "style
WHERE styleid = " . $styleid
);
//export as master -- export a style with all changes as a new master style.
if ($mode == 2)
{
//only allowed in debug mode.
if (!$vbulletin->debug)
{
print_cp_no_permission();
}
// get all items from this style and all parent styles
$sqlcondition = "templateid IN(" . implode(',', unserialize($style['templatelist'])) . ")";
$sqlcondition .= " AND title NOT LIKE 'vbcms_grid_%'";
$parentlist = $style['parentlist'];
$is_master = true;
$title = $vbphrase['master_style'];
}
//export with parent styles
else if ($mode == 1)
{
// get all items from this style and all parent styles (except master)
$sqlcondition = "styleid <> -1 AND templateid IN(" . implode(',', unserialize($style['templatelist'])) . ")";
//remove the master style id off the end of the list
$parentlist = substr(trim($style['parentlist']), 0, -3);
$is_master = false;
}
//this style only
else
{
// get only items customized in THIS style
$sqlcondition = "styleid = " . $styleid;
$parentlist = $styleid;
$is_master = false;
}
}
if ($product == 'vbulletin')
{
$sqlcondition .= " AND (product = '" . $vbulletin->db->escape_string($product) . "' OR product = '')";
}
else
{
$sqlcondition .= " AND product = '" . $vbulletin->db->escape_string($product) . "'";
}
// set a default title
if ($title == '' OR $styleid == -1)
{
$title = $style['title'];
}
// --------------------------------------------
// query the templates and put them in an array
$templates = array();
$gettemplates = $vbulletin->db->query_read("
SELECT title, templatetype, username, dateline, version,
IF(templatetype = 'template', template_un, template) AS template
FROM " . TABLE_PREFIX . "template
WHERE $sqlcondition
ORDER BY title
");
while ($gettemplate = $vbulletin->db->fetch_array($gettemplates))
{
switch($gettemplate['templatetype'])
{
case 'template': // regular template
// if we have ad template, and we are exporting as master, make sure we do not export the add data
if (substr($gettemplate['title'], 0, 3) == 'ad_' AND $mode == 2)
{
$gettemplate['template'] = '';
}
$isgrouped = false;
foreach(array_keys($only) AS $group)
{
if (strpos(strtolower(" $gettemplate[title]"), $group) == 1)
{
$templates["$group"][] = $gettemplate;
$isgrouped = true;
}
}
if (!$isgrouped)
{
$templates['zzz'][] = $gettemplate;
}
break;
case 'stylevar': // stylevar
$templates['StyleVar Special Templates'][] = $gettemplate;
break;
case 'css': // css
$templates['CSS Special Templates'][] = $gettemplate;
break;
case 'replacement': // replacement
$templates['Replacement Var Special Templates'][] = $gettemplate;
break;
}
}
unset($template);
$vbulletin->db->free_result($gettemplates);
if (!empty($templates))
{
ksort($templates);
$only['zzz'] = 'Ungrouped Templates';
}
// --------------------------------------------
// fetch stylevar-dfns
$stylevarinfo = get_stylevars_for_export($product, $parentlist, $is_master);
$stylevar_cache = $stylevarinfo['stylevars'];
$stylevar_dfn_cache = $stylevarinfo['stylevardfns'];
if (empty($templates) AND empty($stylevar_cache) AND empty($stylevar_dfn_cache))
{
print_stop_message('download_contains_no_customizations');
}
// --------------------------------------------
// now output the XML
require_once(DIR . '/includes/class_xml.php');
$xml = new vB_XML_Builder($vbulletin);
$xml->add_group('style',
array(
'name' => $title,
'vbversion' => $product_version,
'product' => $product,
'type' => $is_master ? 'master' : 'custom'
)
);
foreach($templates AS $group => $grouptemplates)
{
$xml->add_group('templategroup', array('name' => iif(isset($only["$group"]), $only["$group"], $group)));
foreach($grouptemplates AS $template)
{
$xml->add_tag('template', $template['template'],
array(
'name' => htmlspecialchars($template['title']),
'templatetype' => $template['templatetype'],
'date' => $template['dateline'],
'username' => $template['username'],
'version' => htmlspecialchars_uni($template['version'])),
true
);
}
$xml->close_group();
}
$xml->add_group('stylevardfns');
foreach ($stylevar_dfn_cache AS $stylevargroupname => $stylevargroup)
{
$xml->add_group('stylevargroup', array('name' => $stylevargroupname));
foreach($stylevargroup AS $stylevar)
{
$xml->add_tag('stylevar', '',
array(
'name' => htmlspecialchars($stylevar['stylevarid']),
'datatype' => $stylevar['datatype'],
'validation' => base64_encode($stylevar['validation']),
'failsafe' => base64_encode($stylevar['failsafe'])
)
);
}
$xml->close_group();
}
$xml->close_group();
$xml->add_group('stylevars');
foreach ($stylevar_cache AS $stylevarid => $stylevar)
{
$xml->add_tag('stylevar', '',
array(
'name' => htmlspecialchars($stylevar['stylevarid']),
'value' => base64_encode($stylevar['value'])
)
);
}
$xml->close_group();
$xml->close_group();
$doc = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\r\n\r\n";
$doc .= $xml->output();
$xml = null;
return $doc;
}
function get_style_export_xml($styleid, $product, $product_version, $title, $mode)
{
// $only is the (badly named) list of template groups
global $vbulletin, $vbphrase, $only;
/* Load the master 'style' phrases for use in
the export, and then rebuild the $only array */
load_phrases(array('style'), -1);
build_template_groups($only);
if ($styleid == -1 or $styleid == -2) {
// set the style title as 'master style'
$style = array('title' => $styleid == -1 ? $vbphrase['master_style'] : $vbphrase['mobile_master_style']);
$sqlcondition = "styleid = {$styleid}";
$parentlist = $styleid;
$styletype = $styleid == -1 ? 'master' : 'mobilemaster';
} else {
// query everything from the specified style
$style = $vbulletin->db->query_first("\n\t\t\tSELECT *\n\t\t\tFROM " . TABLE_PREFIX . "style\n\t\t\tWHERE styleid = " . $styleid);
//export as master -- export a style with all changes as a new master style.
if ($mode == 2) {
//only allowed in debug mode.
if (!$vbulletin->debug) {
print_cp_no_permission();
}
// get all items from this style and all parent styles
$sqlcondition = "templateid IN(" . implode(',', unserialize($style['templatelist'])) . ")";
$sqlcondition .= " AND title NOT LIKE 'vbcms_grid_%'";
$parentlist = $style['parentlist'];
$styletype = $style['type'] == 'standard' ? 'master' : 'mobilemaster';
$title = $vbphrase['master_style'];
} else {
if ($mode == 1) {
// get all items from this style and all parent styles (except master)
$sqlcondition = "styleid <> -1 AND styleid <> -2 AND templateid IN(" . implode(',', unserialize($style['templatelist'])) . ")";
//remove the master style id off the end of the list
$parentlist = substr(trim($style['parentlist']), 0, -3);
$styletype = 'custom';
} else {
// get only items customized in THIS style
$sqlcondition = "styleid = " . $styleid;
$parentlist = $styleid;
$styletype = 'custom';
}
}
}
if ($product == 'vbulletin') {
$sqlcondition .= " AND (product = '" . $vbulletin->db->escape_string($product) . "' OR product = '')";
} else {
$sqlcondition .= " AND product = '" . $vbulletin->db->escape_string($product) . "'";
}
// set a default title
if ($title == '' or $styleid == -1 or $styleid == -2) {
$title = $style['title'];
}
// --------------------------------------------
// query the templates and put them in an array
$templates = array();
$gettemplates = $vbulletin->db->query_read("\n\t\tSELECT title, templatetype, username, dateline, version,\n\t\tIF(templatetype = 'template', template_un, template) AS template\n\t\tFROM " . TABLE_PREFIX . "template\n\t\tWHERE {$sqlcondition}\n\t\tORDER BY title\n\t");
$ugcount = $ugtemplates = 0;
while ($gettemplate = $vbulletin->db->fetch_array($gettemplates)) {
switch ($gettemplate['templatetype']) {
case 'template':
// regular template
// if we have ad template, and we are exporting as master, make sure we do not export the add data
if (substr($gettemplate['title'], 0, 3) == 'ad_' and $mode == 2) {
$gettemplate['template'] = '';
}
$isgrouped = false;
foreach (array_keys($only) as $group) {
if (strpos(strtolower(" {$gettemplate['title']}"), $group) == 1) {
$templates["{$group}"][] = $gettemplate;
$isgrouped = true;
}
}
if (!$isgrouped) {
if ($ugtemplates % 10 == 0) {
$ugcount++;
}
$ugtemplates++;
//sort ungrouped templates last.
$ugcount_key = 'zzz' . str_pad($ugcount, 5, '0', STR_PAD_LEFT);
$templates[$ugcount_key][] = $gettemplate;
$only[$ugcount_key] = construct_phrase($vbphrase['ungrouped_templates_x'], $ugcount);
}
break;
case 'stylevar':
// stylevar
$templates[$vbphrase['stylevar_special_templates']][] = $gettemplate;
break;
case 'css':
// css
$templates[$vbphrase['css_special_templates']][] = $gettemplate;
break;
case 'replacement':
// replacement
$templates[$vbphrase['replacement_var_special_templates']][] = $gettemplate;
break;
}
}
unset($template);
$vbulletin->db->free_result($gettemplates);
if (!empty($templates)) {
ksort($templates);
}
// --------------------------------------------
// fetch stylevar-dfns
$stylevarinfo = get_stylevars_for_export($product, $parentlist);
$stylevar_cache = $stylevarinfo['stylevars'];
$stylevar_dfn_cache = $stylevarinfo['stylevardfns'];
if (empty($templates) and empty($stylevar_cache) and empty($stylevar_dfn_cache)) {
throw new vB_Exception_AdminStopMessage('download_contains_no_customizations');
}
// --------------------------------------------
// now output the XML
require_once DIR . '/includes/class_xml.php';
$xml = new vB_XML_Builder($vbulletin);
$xml->add_group('style', array('name' => $title, 'vbversion' => $product_version, 'product' => $product, 'type' => $styletype));
foreach ($templates as $group => $grouptemplates) {
$xml->add_group('templategroup', array('name' => iif(isset($only["{$group}"]), $only["{$group}"], $group)));
foreach ($grouptemplates as $template) {
$xml->add_tag('template', $template['template'], array('name' => htmlspecialchars_uni($template['title']), 'templatetype' => $template['templatetype'], 'date' => $template['dateline'], 'username' => $template['username'], 'version' => htmlspecialchars_uni($template['version'])), true);
}
$xml->close_group();
}
$xml->add_group('stylevardfns');
foreach ($stylevar_dfn_cache as $stylevargroupname => $stylevargroup) {
$xml->add_group('stylevargroup', array('name' => $stylevargroupname));
foreach ($stylevargroup as $stylevar) {
$xml->add_tag('stylevar', '', array('name' => htmlspecialchars_uni($stylevar['stylevarid']), 'datatype' => $stylevar['datatype'], 'validation' => vb_base64_encode($stylevar['validation']), 'failsafe' => vb_base64_encode($stylevar['failsafe'])));
}
$xml->close_group();
}
$xml->close_group();
$xml->add_group('stylevars');
foreach ($stylevar_cache as $stylevarid => $stylevar) {
$xml->add_tag('stylevar', '', array('name' => htmlspecialchars_uni($stylevar['stylevarid']), 'value' => vb_base64_encode($stylevar['value'])));
}
$xml->close_group();
$xml->close_group();
$doc = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\r\n\r\n";
$doc .= $xml->output();
$xml = null;
return $doc;
}
