*/ // prevent this file from being accessed directly defined('WB_PATH') or die(header('Location: ../../index.php')); require_once WB_PATH . '/framework/module.functions.php'; // include jscalendar-setup $jscal_use_time = true; // whether to use a clock, too require_once WB_PATH . "/include/jscalendar/wb-setup.php"; require_once WB_PATH . "/include/jscalendar/jscalendar-functions.php"; /** * Include Website Baker template parser and configure it */ // include template class and initiate object (set template folder: "./htt") $tpl = new Template(dirname(__FILE__) . '/htt'); // configure handling of unknown {variables} (remove:=default, keep, comment) $tpl->set_unknowns('remove'); // configure debug mode (0:= default, 1:=variable assignments, 2:=calls to get variable, 4:=show internals) $tpl->debug = 0; if (!isset($_POST['search'])) { // Show usersearch form // set template file (assign file "backend_view.htt" to variable/handle "page") $tpl->set_file('page', 'usersearch_form.htt'); // set blocks (NOTE: always start with the inner most block first) // parameters: file variable/handle of file containing the block, block name in the file, new variable/handle for the block) $tpl->set_block('page', 'groupsearch_block', 'groupsearch_block_handle'); // System variables // Think to compare WB_URL and ADMIN_URL $tpl->set_var('WB_URL', WB_URL); $tpl->set_var('ADMIN_URL', ADMIN_URL); $tpl->set_var('FORM_VALID_URL', $_SERVER['REQUEST_URI']); $tpl->set_var('JSCAL_IFFORMAT', $jscal_ifformat);
// Must include code to stop this file being accessed directly if (defined('WB_PATH') == false) { die('Illegale file access /' . basename(__DIR__) . '/' . basename(__FILE__) . ''); } /* -------------------------------------------------------- */ // check if module language file exists for the language set by the user (e.g. DE, EN) $sAddonName = basename(__DIR__); require WB_PATH . '/modules/' . $sAddonName . '/languages/EN.php'; if (file_exists(WB_PATH . '/modules/' . $sAddonName . '/languages/' . LANGUAGE . '.php')) { require WB_PATH . '/modules/' . $sAddonName . '/languages/' . LANGUAGE . '.php'; } $sModulName = basename(__DIR__); if (!$admin->get_permission($sModulName, 'module')) { die($MESSAGE['ADMIN_INSUFFICIENT_PRIVELLIGES']); } require WB_PATH . '/include/editarea/wb_wrapper_edit_area.php'; // Setup template object $template = new Template(WB_PATH . '/modules/' . $sAddonName); $template->set_file('page', 'htt/modify.htt'); $template->set_block('page', 'main_block', 'main'); // Get page content $query = "SELECT content FROM `" . TABLE_PREFIX . "mod_code` WHERE `section_id` = '{$section_id}'"; $get_content = $database->query($query); $content = $get_content->fetchRow(MYSQLI_ASSOC); $content = htmlspecialchars($content['content']); // Insert vars $template->set_var(array('PAGE_ID' => $page_id, 'SECTION_ID' => $section_id, 'REGISTER_EDIT_AREA' => function_exists('registerEditArea') ? registerEditArea('content' . $section_id, 'php', false) : '', 'WB_URL' => WB_URL, 'CONTENT' => $content, 'TEXT_SAVE' => $TEXT['SAVE'], 'TEXT_CANCEL' => $TEXT['CANCEL'], 'SECTION' => $section_id, 'FTAN' => $admin->getFTAN())); // Parse template object $template->set_unknowns('keep'); $template->parse('main', 'main_block', false); $template->pparse('output', 'page', false);
LICENCE TERMS: This module is free software. You can redistribute it and/or modify it under the terms of the GNU General Public License - version 2 or later, as published by the Free Software Foundation: http://www.gnu.org/licenses/gpl.html. DISCLAIMER: This module is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. */ // Include WB template parser and create template object require_once WB_PATH . '/include/phplib/template.inc'; $tpl = new Template(WB_PATH . '/modules/bakery/templates/mini_cart'); // Define how to deal with unknown {PLACEHOLDERS} (remove:=default, keep, comment) $tpl->set_unknowns('keep'); // Define debug mode (0:=disabled (default), 1:=variable assignments, 2:=calls to get variable, 4:=debug internals) $tpl->debug = 0; // Look for language file if (LANGUAGE_LOADED && !isset($MOD_BAKERY)) { include WB_PATH . '/modules/bakery/languages/EN.php'; if (file_exists(WB_PATH . '/modules/bakery/languages/' . LANGUAGE . '.php')) { include WB_PATH . '/modules/bakery/languages/' . LANGUAGE . '.php'; } } // Check order id if (isset($_SESSION['bakery']['order_id']) && is_numeric($_SESSION['bakery']['order_id']) && $_SESSION['bakery']['order_id'] >= 0) { $order_id = $_SESSION['bakery']['order_id']; // Look for items in the db $query_order = $database->query("SELECT item_id, attributes, quantity, price FROM " . TABLE_PREFIX . "mod_bakery_order WHERE order_id = '{$order_id}'"); $num_orders = $query_order->numRows();
function testSetUnknowns() { $tp2 = new Template(); $tp2->set_unknowns('keep'); // there should be a getter method for this ... $this->assertEquals('keep', $tp2->getUnknowns()); }
} $edit_prompt = $LANG_GF02['msg190'] . '<br><input type="checkbox" name="silentedit" '; if ($_POST['silentedit'] == 1 or !isset($_POST['modedit']) and $CONF_FORUM['silent_edit_default']) { $edit_prompt .= 'checked="checked" '; } $edit_prompt .= 'value="1">'; $submissionform_main->set_var('attachments', gf_showattachments($id, 'edit')); } else { $edit_prompt = ' '; $submissionform_main->set_var('attachments', ''); if ($uniqueid > 0) { $submissionform_main->set_var('attachments', gf_showattachments($uniqueid, 'edit')); } } $subject = str_replace('"', '"', $subject); $submissionform_main->set_unknowns('keep'); $submissionform_main->set_var('LANG_SUBJECT', $LANG_GF01['SUBJECT']); $submissionform_main->set_var('LANG_OPTIONS', $LANG_GF01['OPTIONS']); $submissionform_main->set_var('mode_prompt', $mode_prompt); $submissionform_main->set_var('notify_prompt', $notify_prompt); $submissionform_main->set_var('locked_prompt', $locked_prompt); $submissionform_main->set_var('sticky_prompt', $sticky_prompt); $submissionform_main->set_var('edit_prompt', $edit_prompt); $submissionform_main->set_var('LANG_SUBMIT', $LANG_GF01['SUBMIT']); $submissionform_main->set_var('LANG_PREVIEW', $LANG_GF01['PREVIEW']); $submissionform_main->set_var('required', $required); $submissionform_main->set_var('subject', $subject); $submissionform_main->set_var('smilies', $smilies); $submissionform_main->set_var('LANG_attachments', $LANG_GF10['attachments']); $submissionform_main->set_var('LANG_maxattachments', sprintf($LANG_GF10['maxattachments'], $CONF_FORUM['maxattachments'])); // Check and see if the filemgmt plugin is installed and enabled
break; case 'updateall': THM_updateAll(); break; case $LANG_THM['image']: header('Location: ' . $_CONF['site_admin_url'] . '/plugins/themedit/upload.php?thm_theme=' . rawurlencode($theme)); exit; break; default: break; } // Display $T = new Template($_CONF['path'] . 'plugins/themedit/templates'); $T->set_file('admin', 'admin.thtml'); // Prevents template engine from removing template vars loaded in <textarea> $T->set_unknowns('keep'); $T->set_var('xhtml', XHTML); $T->set_var('temp_site_url', $_CONF['site_url']); $T->set_var('temp_site_admin_url', $_CONF['site_admin_url']); $T->set_var('temp_header', THM_str('admin')); $code4preview = <<<EOD1 <script type="text/javascript"> <!-- \twindow.open("{$_CONF['site_admin_url']}/plugins/themedit/preview.html", "PREVIEW"); //--> </script> EOD1; if ($op === $LANG_THM['preview']) { /** * If a file is being edited, first swap its contents with that of the * corresponding file saved on the Web, then create a preview, and finally
exit('Cannot access this file directly'); } // Include WB functions file require_once WB_PATH . '/framework/functions.php'; // Include WB template parser require_once WB_PATH . '/include/phplib/template.inc'; // Create template object for screen output $tpl_so = new Template(WB_PATH . '/modules/bakery/templates/summary'); // Define how to deal with unknown {PLACEHOLDERS} (remove:=default, keep, comment) $tpl_so->set_unknowns('keep'); // Define debug mode (0:=disabled (default), 1:=variable assignments, 2:=calls to get variable, 4:=debug internals) $tpl_so->debug = 0; // Create template object for invoice print $tpl_ip = new Template(WB_PATH . '/modules/bakery/templates/invoice'); // Define how to deal with unknown {PLACEHOLDERS} (remove:=default, keep, comment) $tpl_ip->set_unknowns('keep'); // Define debug mode (0:=disabled (default), 1:=variable assignments, 2:=calls to get variable, 4:=debug internals) $tpl_ip->debug = 0; // Get order id $order_id = $_SESSION['bakery']['order_id']; // CUSTOMERS MESSAGE // ***************** // Get customers message $cust_msg = !empty($_POST['cust_msg']) ? strip_tags($_POST['cust_msg']) : ''; // Save customers message in session var $_SESSION['bakery']['cust_msg'] = $cust_msg; // PAYMENT METHOD // ************** // Put payment method selected by user into session var if (!empty($_POST['payment_method'])) { $payment_method_arr = array_keys($_POST['payment_method']);
function displayNewsItems($group_id = 0, $max_news_items = 10, $max_news_length = -1, $display_mode = 1, $lang_id = 'AUTO', $strip_tags = true, $allowed_tags = '<p><a><img>', $custom_placeholder = false, $sort_by = 1, $sort_order = 1, $not_older_than = 0, $group_id_type = 'group_id', $lang_filter = false) { global $wb, $database, $LANG; /** * Is the first arg an array() we're using this one! * Keep in mind, that all other args may be overwriten/ignore by * the settings inside this array! * * e.g. * $config = array( 'max_news_items' => 5 ); * displayNewsItems( $config, 23, ... * * Only 5 news-items (not 23) are shown, as the first array overwrites the following params! * */ $all_args = func_get_args(); if (isset($all_args[0]) && is_array($all_args[0])) { // param 1 is pass as an array! We're using this as our config! $defaults = array('group_id' => 0, 'max_news_items' => 10, 'max_news_length' => -1, 'display_mode' => 1, 'lang_id' => 'AUTO', 'strip_tags' => true, 'allowed_tags' => '<p><a><img>', 'custom_placeholder' => false, 'sort_by' => 1, 'sort_order' => 1, 'not_older_than' => 0, 'group_id_type' => 'group_id', 'lang_filter' => false); // overwrite the defaults within the values of the $config foreach ($all_args[0] as $key => $val) { $defaults[$key] = $val; } foreach ($defaults as $key => $val) { ${$key} = $val; } } /** * Include required Anynews files */ require_once 'code/anynews_functions.php'; require_once 'thirdparty/truncate.php'; require_once WB_PATH . '/include/phplib/template.inc'; /** * Sanitize user specified function parameters */ sanitizeUserInputs($group_id, 'i{0;0;999}'); sanitizeUserInputs($max_news_items, 'i{10;1;999}'); sanitizeUserInputs($max_news_length, 'i{-1;0;250}'); sanitizeUserInputs($display_mode, 'i{1;1;99}'); sanitizeUserInputs($strip_tags, 'b'); sanitizeUserInputs($allowed_tags, 's{TRIM}'); sanitizeUserInputs($sort_by, 'i{1;1;5}'); sanitizeUserInputs($sort_order, 'i{1;1;2}'); sanitizeUserInputs($not_older_than, 'd{0;0;999}'); sanitizeUserInputs($group_id_type, 'l{group_id;group_id;page_id;section_id;post_id}'); sanitizeUserInputs($lang_filter, 'b'); /** * Include Anynews language file depending on defined $lang_id */ $lang_id = getValidLanguageId($lang_id); loadLanguageFile($lang_id); /** * Create template object and configure it */ $tpl = new Template(dirname(__FILE__) . '/templates'); // configure handling of unknown {variables} (remove:=default, keep, comment) $tpl->set_unknowns('remove'); // configure debug mode (0:= default, 1:=variable assignments, 2:=calls to get variable, 4:=show internals) $tpl->debug = 0; // set template file depending on $display_mode if (file_exists(dirname(__FILE__) . '/templates/display_mode_' . $display_mode . '.htt')) { // set user defined template $tpl->set_file('page', 'display_mode_' . $display_mode . '.htt'); } else { // set default template $tpl->set_file('page', 'display_mode_1.htt'); } // define "read more block" used to show/hide readmore link depending on long news content $tpl->set_block('page', 'readmore_link_block', 'readmore_link_block_handle'); // define optional "custom block" which can be used in template files if needed $tpl->set_block('page', 'custom_block', 'custom_block_handle'); // define "news block" used for text outputs of individual news items (news text, links etc.) $tpl->set_block('page', 'news_block', 'news_block_handle'); // define "news wrapper block" shown if at least one news entry exists $tpl->set_block('page', 'news_available_block', 'news_available_block_handle'); // define "no news wrapper block" shown in no news entry exists $tpl->set_block('page', 'no_news_available_block', 'no_news_available_block_handle'); // replace placeholders with values from language file foreach ($LANG['ANYNEWS'][0] as $key => $value) { $tpl->set_var($key, $value); } /** * Work out SQL query for group_id, limiting news to display depedning by defined $news_filter * option 1: $group_id:=0 => '1' * option 2: $group_id:=X => `group_id_type` = 'X' * option 3: $group_id:=array(2,3) => `group_id_type` IN (2,3) */ // show all news items if 0 is contained in group_id array if (is_array($group_id) && in_array(0, $group_id)) { $group_id = 0; } // check for multiple groups or single group values if (is_array($group_id)) { // SQL query for multiple groups $sql_group_id = "t1.`{$group_id_type}` IN (" . implode(',', $group_id) . ")"; } else { // SQL query for single or empty groups $sql_group_id = $group_id ? "t1.`{$group_id_type}` = '{$group_id}'" : '1'; } /** * Work out SQL query for the not older than option * This options allows to restrict the matches to news not older than X days */ // work out current server time (also used for published_when and published_until checks) $server_time = time(); $sql_not_older_than = '1'; if ($not_older_than > 0) { $sql_not_older_than = ' (t1.`published_when` >= \'' . ($server_time - $not_older_than * 24 * 60 * 60) . '\')'; } /** * Work out SQL query to hide news added via news pages NOT matching $lang_id * Requires to organize news items via news pages with page language set to $lang_id * Returns all news entries if no news page was found matching given $lang_id **/ $sql_lang_filter = '1'; if ($lang_filter) { // get all page_ids which page language match defined $lang_id $page_ids = getPageIdsByLanguage($lang_id); if (count($page_ids) > 0) { $sql_lang_filter = 't1.`page_id` in (' . implode(',', $page_ids) . ')'; } } /** * Work out SQL sort by and sort order query string */ // creates SQL query for sort by option $order_by_options = array('t1.`position`', 't1.`posted_when`', 't1.`published_when`', 'RAND()', '`comments`'); $sql_order_by = $order_by_options[$sort_by - 1]; // creates SQL query for sort order option $sql_sort_order = $sort_order == 1 ? 'DESC' : 'ASC'; /** * Perform SQL database query for Anynews */ $news_table = TABLE_PREFIX . 'mod_news_posts'; $comments_table = TABLE_PREFIX . 'mod_news_comments'; $sql = "SELECT t1.*, COUNT(`comment_id`) as `comments`\n\t\t\tFROM `{$news_table}` as t1\n\t\t\tLEFT JOIN `{$comments_table}` as t2\n\t\t\tON t1.`post_id` = t2.`post_id`\n\t\t\tWHERE t1.`active` = '1'\n\t\t\tAND {$sql_group_id}\n\t\t\tAND {$sql_lang_filter}\n\t\t\tAND (t1.`published_when` = '0' or t1.`published_when` <= '{$server_time}')\n\t\t\tAND (t1.`published_until` = '0' OR t1.`published_until` >= '{$server_time}')\n\t\t\tAND {$sql_not_older_than}\n\t\t\tGROUP BY t1.`post_id`\n\t\t\tORDER BY {$sql_order_by} {$sql_sort_order}\n\t\t\tLIMIT 0, {$max_news_items}\n\t\t"; /** * Process database query and output the template files */ $results = $database->query($sql); if ($results && $results->numRows() > 0) { // fetch news group titles from news database table $news_group_titles = getNewsGroupTitles(); // fetch user names from users database table $user_list = getUserNames(); // loop through all news articles found $news_counter = 1; while ($row = $results->fetchRow()) { // build absolute links from [wblink] tags found in news short or long text database field $wb->preprocess($row['content_short']); $wb->preprocess($row['content_long']); // fetch custom placeholders from short/long text fields and replace template placeholders with values $custom_vars_short_text = getCustomOutputVariables($row['content_short'], $custom_placeholder, 'SHORT'); $custom_vars_long_text = getCustomOutputVariables($row['content_long'], $custom_placeholder, 'LONG'); $custom_vars = array_merge($custom_vars_short_text, $custom_vars_long_text); // replace custom placeholders in template with values foreach ($custom_vars as $key => $value) { $tpl->set_var($key, $value); } // remove tags from short and long text if defined $row['content_short'] = $strip_tags ? strip_tags($row['content_short'], $allowed_tags) : $row['content_short']; $row['content_long'] = $strip_tags ? strip_tags($row['content_long'], $allowed_tags) : $row['content_long']; // shorten news text to defined news length (-1 for full text length) if ($max_news_length != -1 && strlen($row['content_short']) > $max_news_length) { // consider start position if short content starts with <p> or <div> $start_pos = preg_match('#^(<(p|div)>)#', $row['content_short'], $match) ? strlen($match[0]) : 0; $row['content_short'] = truncate(substr($row['content_short'], $start_pos), $max_news_length, '...', false, true); } // work out group image if exists $group_id = $row['group_id']; $image = ''; if (file_exists(WB_PATH . MEDIA_DIRECTORY . '/.news/image' . $group_id . '.jpg')) { $image = '<img src="' . WB_URL . MEDIA_DIRECTORY . '/.news/image' . $group_id . '.jpg' . '" alt="" />'; } // replace news article dependend template placeholders $tpl->set_var(array('WB_URL' => WB_URL, 'GROUP_IMAGE' => $image, 'NEWS_ID' => $news_counter, 'POST_ID' => (int) $row['post_id'], 'SECTION_ID' => (int) $row['section_id'], 'PAGE_ID' => (int) $row['page_id'], 'GROUP_ID' => (int) $row['group_id'], 'GROUP_TITLE' => array_key_exists($row['group_id'], $news_group_titles) ? htmlentities($news_group_titles[$row['group_id']]) : '', 'POSTED_BY' => (int) $row['posted_by'], 'USERNAME' => array_key_exists($row['posted_by'], $user_list) ? htmlentities($user_list[$row['posted_by']]['USERNAME']) : '', 'DISPLAY_NAME' => array_key_exists($row['posted_by'], $user_list) ? htmlentities($user_list[$row['posted_by']]['DISPLAY_NAME']) : '', 'TITLE' => $strip_tags ? strip_tags($row['title']) : $row['title'], 'COMMENTS' => isset($row['comments']) ? $row['comments'] : 0, 'LINK' => WB_URL . PAGES_DIRECTORY . $row['link'] . PAGE_EXTENSION, 'CONTENT_SHORT' => $image . $row['content_short'], 'CONTENT_LONG' => $row['content_long'], 'POSTED_WHEN' => date($LANG['ANYNEWS'][0]['DATE_FORMAT'], $row['posted_when']), 'PUBLISHED_WHEN' => date($LANG['ANYNEWS'][0]['DATE_FORMAT'], $row['published_when']), 'PUBLISHED_UNTIL' => date($LANG['ANYNEWS'][0]['DATE_FORMAT'], $row['published_until']))); // remove "read more block" from template if no long content is available $tpl->parse('readmore_link_block_handle', 'readmore_link_block', false); if (!isset($row['content_long']) || !strlen($row['content_long']) > 0) { $tpl->set_var('readmore_link_block_handle', ''); } // add optional custom template block in append mode (add per loop) $tpl->parse('custom_block_handle', 'custom_block', true); // add template values in news block in append mode (add per loop) $tpl->parse('news_block_handle', 'news_block', true); // remove custom variables to start blank for the next news entry foreach ($custom_vars as $key => $value) { $tpl->set_var($key, ''); } $news_counter++; } // update the total number of news items $tpl->set_var('NEWS_ITEMS', $news_counter - 1); // remove the "no news available block" from output $tpl->set_var('no_news_available_block_handle', ''); // parse the news content block $tpl->parse('news_available_block_handle', 'news_available_block', false); } else { // update the total number of news items $tpl->set_var('NEWS_ITEMS', 0); // remove the "news available block" from output $tpl->set_var('news_available_block_handle', ''); // remove blocks not used $tpl->parse('no_news_available_block_handle', 'no_news_available_block', true); } // ouput the final template $tpl->pparse('output', 'page'); }