/**
* Shows a given submission form
*
* This is the submission it is modular to allow us to write as little as
* possible. It takes a type and formats a form for the user. Currently the
* types is story. If no type is provided, Story is assumed.
*
* @param string $type type of submission ('story')
* @param string $mode story mode ('personal' or empty string)
* @param string $topic topic (for stories)
* @return string HTML for submission form
*
*/
function submissionform($type = 'story', $mode = '', $topic = '')
{
global $_CONF, $_TABLES, $_USER, $LANG12, $LANG_LOGIN;
$retval = '';
$postmode = $_CONF['postmode'];
COM_clearSpeedlimit($_CONF['speedlimit'], 'submit');
$last = COM_checkSpeedlimit('submit');
if ($last > 0) {
$retval .= COM_showMessageText($LANG12[30] . $last . $LANG12[31], $LANG12[26], false, 'error');
} else {
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['submitloginrequired'] == 1)) {
$display = COM_siteHeader('menu', $LANG_LOGIN[1]);
$display .= SEC_loginRequiredForm();
$display .= COM_siteFooter();
echo $display;
exit;
} else {
$retval .= COM_startBlock($LANG12[19], '', COM_getBlockTemplate('_submit_story', 'header')) . $LANG12[9] . COM_endBlock(COM_getBlockTemplate('_submit_story', 'footer'));
$retval .= '<div style="border-bottom:1px solid #cccccc"></div>';
if (strlen($type) > 0 && $type != 'story') {
$formresult = PLG_showSubmitForm($type);
if ($formresult == false) {
COM_errorLog("Someone tried to submit an item to the {$type}-plugin, which cannot be found.", 1);
COM_displayMessageAndAbort(79, '', 410, 'Gone');
} else {
$retval .= $formresult;
}
} else {
$retval .= submitstory($topic);
}
}
}
return $retval;
}
/**
* Shows all polls in system
*
* List all the polls on the system if no $pid is provided
*
* @return string HTML for poll listing
*
*/
function polllist()
{
global $_CONF, $_TABLES, $_USER, $_PO_CONF, $LANG25, $LANG_LOGIN, $LANG_POLLS;
$retval = '';
if (empty($_USER['username']) && ($_CONF['loginrequired'] == 1 || $_PO_CONF['pollsloginrequired'] == 1)) {
$retval = COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
$login = new Template($_CONF['path_layout'] . 'submit');
$login->set_file(array('login' => 'submitloginrequired.thtml'));
$login->set_var('xhtml', XHTML);
$login->set_var('login_message', $LANG_LOGIN[2]);
$login->set_var('site_url', $_CONF['site_url']);
$login->set_var('lang_login', $LANG_LOGIN[3]);
$login->set_var('lang_newuser', $LANG_LOGIN[4]);
$login->parse('output', 'login');
$retval .= $login->finish($login->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
} else {
require_once $_CONF['path_system'] . 'lib-admin.php';
$header_arr = array(array('text' => $LANG25[9], 'field' => 'topic', 'sort' => true), array('text' => $LANG25[20], 'field' => 'voters', 'sort' => true), array('text' => $LANG25[3], 'field' => 'unixdate', 'sort' => true), array('text' => $LANG_POLLS['open_poll'], 'field' => 'is_open', 'sort' => true));
$defsort_arr = array('field' => 'unixdate', 'direction' => 'desc');
$text_arr = array('has_menu' => false, 'title' => $LANG_POLLS['pollstitle'], 'instructions' => "", 'icon' => '', 'form_url' => '');
$query_arr = array('table' => 'polltopics', 'sql' => $sql = "SELECT *,UNIX_TIMESTAMP(date) AS unixdate, display " . "FROM {$_TABLES['polltopics']} WHERE 1=1", 'query_fields' => array('topic'), 'default_filter' => COM_getPermSQL(), 'query' => '', 'query_limit' => 0);
$retval .= ADMIN_list('polls', 'plugin_getListField_polls', $header_arr, $text_arr, $query_arr, $defsort_arr);
}
return $retval;
}
function MG_access_denied()
{
global $LANG_MG00, $LANG_ACCESS;
$display = COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header')) . '<br' . XHTML . '>' . $LANG_MG00['access_denied_msg'] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$display = MG_createHTMLDocument($display);
COM_output($display);
exit;
}
function filemgmt_navbar($selected = '')
{
global $_CONF, $LANG_FM02, $_TABLES, $LANG_ADMIN;
$retval = '';
$totalnewdownloads = DB_count($_TABLES['filemgmt_filedetail'], 'status', 0);
$totalbrokendownloads = DB_count($_TABLES['filemgmt_brokenlinks']);
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/filemgmt/index.php', 'text' => 'File Listing'), array('url' => $_CONF['site_admin_url'] . '/plugins/filemgmt/index.php?op=categoryConfigAdmin', 'text' => $LANG_FM02['nav2']), array('url' => $_CONF['site_admin_url'] . '/plugins/filemgmt/index.php?op=newfileConfigAdmin', 'text' => $LANG_FM02['nav3']), array('url' => $_CONF['site_admin_url'] . '/plugins/filemgmt/index.php?op=listNewDownloads', 'text' => sprintf($LANG_FM02['nav4'], $totalnewdownloads)), array('url' => $_CONF['site_admin_url'] . '/plugins/filemgmt/index.php?op=listBrokenDownloads', 'text' => sprintf($LANG_FM02['nav5'], $totalbrokendownloads)), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$retval .= COM_startBlock(_MD_ADMINTITLE, '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $LANG_FM02['instructions'], $_CONF['site_url'] . '/filemgmt/images/filemgmt.png');
$retval .= '<br />';
return $retval;
}
function MG_invalidRequest()
{
global $LANG_MG02, $_CONF, $_MG_CONF;
$retval = '';
$retval .= COM_startBlock($LANG_MG02['error_header'], '', COM_getBlockTemplate('_admin_block', 'header'));
$T = new Template($_MG_CONF['template_path']);
$T->set_file('admin', 'error.thtml');
$T->set_var('errormessage', $LANG_MG02['generic_error']);
$T->parse('output', 'admin');
$retval .= $T->finish($T->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* Shows the form the admin uses to send Geeklog members a message. Right now
* you can only email an entire group.
*
* @return string HTML for the email form
*
*/
function list_hello()
{
global $_CONF, $_TABLES, $LANG_HELLO01;
require_once $_CONF['path_system'] . 'lib-admin.php';
$retval = '';
//Build header list
$header_arr = array(array('text' => $LANG_HELLO01['see_email'], 'field' => 'see_hello', 'sort' => false), array('text' => $LANG_HELLO01['id'], 'field' => 'hello_id', 'sort' => true), array('text' => $LANG_HELLO01['subjet'], 'field' => 'subject', 'sort' => true), array('text' => $LANG_HELLO01['creation'], 'field' => 'creation', 'sort' => true), array('text' => $LANG_HELLO01['group'], 'field' => 'email_group', 'sort' => true), array('text' => $LANG_HELLO01['quantity'], 'field' => 'quantity', 'sort' => true));
$defsort_arr = array('field' => $_TABLES['hello'] . '.hello_id', 'direction' => 'DESC');
$retval .= COM_startBlock($LANG28[11], '', COM_getBlockTemplate('_admin_block', 'header'));
$text_arr = array('has_extras' => true, 'form_url' => $_CONF['site_admin_url'] . '/plugins/hello/read_email.php', 'help_url' => '');
$sql = "SELECT {$_TABLES['hello']}.hello_id,subject,creation,email_group,quantity " . "FROM {$_TABLES['hello']} WHERE 1=1";
$query_arr = array('table' => 'hello', 'sql' => $sql, 'query_fields' => array('hello_id', 'subject', 'creation', 'email_group', 'quantity'), 'default_filter' => "");
$retval .= ADMIN_list('hello', 'HELLO_getListField_hello', $header_arr, $text_arr, $query_arr, $defsort_arr);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* Build the admin list of pages
* @return string HTML content
*/
function EXP_adminList()
{
global $_CONF, $_TABLES, $LANG_ADMIN, $LANG_ACCESS, $_CONF_EXP, $LANG_EX00;
USES_lib_admin();
$retval = '';
$header_arr = array(array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false), array('text' => 'Page ID', 'field' => 'exid', 'sort' => true), array('text' => 'Title', 'field' => 'title', 'sort' => true), array('text' => 'URL', 'field' => 'url', 'sort' => true), array('text' => 'Hits', 'field' => 'hits', 'sort' => true));
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/' . $_CONF_EXP['pi_name'] . '/edit.php?exid=0', 'text' => 'Add New'), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$defsort_arr = array('field' => 'exid', 'direction' => 'asc');
$header_str = $LANG_EX00['header'] . ' ' . $LANG_EX00['version'] . ' ' . $_CONF_EXP['pi_version'];
$retval .= COM_startBlock($header_str, '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, 'Administer External Pages', plugin_geticon_external());
$text_arr = array('has_extras' => true, 'form_url' => "{$_CONF['site_admin_url']}/plugins/{$_CONF_EXP['pi_name']}/index.php");
$query_arr = array('table' => 'external', 'sql' => "SELECT * FROM {$_TABLES['external']} ", 'query_fields' => array('title', 'url'), 'default_filter' => COM_getPermSql());
$retval .= ADMIN_list('external', 'EXP_getAdminListField', $header_arr, $text_arr, $query_arr, $defsort_arr, '', '', '', $form_arr);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
function _logoEdit()
{
global $_CONF, $_LOGO, $_TABLES, $LANG_ADMIN, $LANG_LOGO, $_IMAGE_TYPE;
$retval = '';
$menu_arr = array(array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$retval .= COM_startBlock($LANG_LOGO['logo_options'], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $LANG_LOGO['instructions'], $_CONF['layout_url'] . '/images/icons/logo.' . $_IMAGE_TYPE);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
if (file_exists($_CONF['path_html'] . '/images/' . $_LOGO['logo_name'])) {
$current_logo = '<img src="' . $_CONF['site_url'] . '/images/' . $_LOGO['logo_name'] . '" alt="" border="0"/>';
} else {
$current_logo = $LANG_LOGO['no_logo_graphic'];
}
$T = new Template($_CONF['path_layout'] . 'admin/logo/');
$T->set_file('admin', 'logo.thtml');
$T->set_var(array('s_form_action' => $_CONF['site_admin_url'] . '/logo.php', 'graphic_logo_selected' => $_LOGO['use_graphic_logo'] == 1 ? ' checked="checked"' : '', 'text_logo_selected' => $_LOGO['use_graphic_logo'] == 0 ? ' checked="checked"' : '', 'no_logo_selected' => $_LOGO['use_graphic_logo'] == -1 ? ' checked="checked"' : '', 'slogan_selected' => $_LOGO['display_site_slogan'] == 1 ? ' checked="checked"' : '', 'current_logo_graphic' => $current_logo));
$T->parse('output', 'admin');
$retval .= $T->finish($T->get_var('output'));
return $retval;
}
/**
* Create the common header for all admin functions
*
* @param string $page Current page. Used for selecting menus
* @return string HTML for admin header portion.
*/
function EVLIST_adminHeader($page)
{
global $_CONF, $LANG_ADMIN, $LANG_EVLIST, $_EV_CONF;
$retval = '';
USES_lib_admin();
$menu_arr = array();
if ($page == 'events') {
$menu_arr[] = array('url' => EVLIST_URL . '/event.php?edit=event', 'text' => $LANG_EVLIST['new_event']);
} else {
$menu_arr[] = array('url' => EVLIST_ADMIN_URL . '/index.php', 'text' => $LANG_EVLIST['events']);
}
if ($page == 'calendars') {
$menu_arr[] = array('url' => EVLIST_ADMIN_URL . '/index.php?editcal=x', 'text' => $LANG_EVLIST['new_calendar']);
} else {
$menu_arr[] = array('url' => EVLIST_ADMIN_URL . '/index.php?view=calendars', 'text' => $LANG_EVLIST['calendars']);
}
if ($page == 'categories') {
$menu_arr[] = array('url' => EVLIST_ADMIN_URL . '/index.php?editcat=x', 'text' => $LANG_EVLIST['new_category']);
} else {
$menu_arr[] = array('url' => EVLIST_ADMIN_URL . '/index.php?categories=x', 'text' => $LANG_EVLIST['categories']);
}
if ($_EV_CONF['enable_rsvp']) {
if ($page == 'tickettypes') {
$menu_arr[] = array('url' => EVLIST_ADMIN_URL . '/index.php?editticket=0', 'text' => $LANG_EVLIST['new_ticket_type']);
} else {
$menu_arr[] = array('url' => EVLIST_ADMIN_URL . '/index.php?tickettypes', 'text' => $LANG_EVLIST['ticket_types']);
}
}
$menu_arr[] = array('url' => EVLIST_ADMIN_URL . '/index.php?importcalendar=x', 'text' => $LANG_EVLIST['import_calendar']);
$menu_arr[] = array('url' => EVLIST_ADMIN_URL . '/index.php?import=x', 'text' => $LANG_EVLIST['import_from_csv']);
$menu_arr[] = array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']);
$retval .= COM_startBlock('evList ' . $_EV_CONF['pi_version'], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $LANG_EVLIST['admin_instr'][$page], plugin_geticon_evlist());
$retval .= COM_endBlock();
return $retval;
}
case 'save':
// 保存
$retval = LIB_Save($pi_name, $edt_flg, $navbarMenu, $menuno);
$information['pagetitle'] = $retval['title'];
$display .= $retval['display'];
break;
case 'delete':
// 削除
$display .= LIB_delete($pi_name);
break;
case 'copy':
//コピー
//コピー
case 'edit':
// 編集
if (!empty($id)) {
$information['pagetitle'] = $LANG_DATABOX_ADMIN['piname'] . $LANG_DATABOX_ADMIN['edit'];
$display .= LIB_Edit($pi_name, $id, $edt_flg, $msg, "", $mode);
}
break;
default:
// 初期表示、一覧表示
$information['pagetitle'] = $LANG_DATABOX_ADMIN['piname'];
if (isset($msg)) {
$display .= COM_showMessage($msg, $pi_name);
}
$display .= LIB_List($pi_name);
}
$display = COM_startBlock($LANG_DATABOX_ADMIN['piname'], '', COM_getBlockTemplate('_admin_block', 'header')) . ppNavbarjp($navbarMenu, $LANG_DATABOX_admin_menu[$menuno]) . LIB_Menu($pi_name) . $display . COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
$display = DATABOX_displaypage($pi_name, '_admin', $display, $information);
COM_output($display);
/**
* Display form to email a story to someone.
*
* @param string $sid ID of article to email
* @return string HTML for email story form
*
*/
function mailstoryform($sid, $to = '', $toemail = '', $from = '', $fromemail = '', $shortmsg = '', $msg = 0)
{
global $_CONF, $_TABLES, $_USER, $LANG08, $LANG_LOGIN;
require_once $_CONF['path_system'] . 'lib-story.php';
$retval = '';
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
$retval = COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
$login = new Template($_CONF['path_layout'] . 'submit');
$login->set_file(array('login' => 'submitloginrequired.thtml'));
$login->set_var('xhtml', XHTML);
$login->set_var('site_url', $_CONF['site_url']);
$login->set_var('site_admin_url', $_CONF['site_admin_url']);
$login->set_var('layout_url', $_CONF['layout_url']);
$login->set_var('login_message', $LANG_LOGIN[2]);
$login->set_var('lang_login', $LANG_LOGIN[3]);
$login->set_var('lang_newuser', $LANG_LOGIN[4]);
$login->parse('output', 'login');
$retval .= $login->finish($login->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
return $retval;
}
$story = new Story();
$result = $story->loadFromDatabase($sid, 'view');
if ($result != STORY_LOADED_OK) {
return COM_refresh($_CONF['site_url'] . '/index.php');
}
if ($msg > 0) {
$retval .= COM_showMessage($msg);
}
if (empty($from) && empty($fromemail)) {
if (!COM_isAnonUser()) {
$from = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
$fromemail = DB_getItem($_TABLES['users'], 'email', "uid = {$_USER['uid']}");
}
}
$mail_template = new Template($_CONF['path_layout'] . 'profiles');
$mail_template->set_file('form', 'contactauthorform.thtml');
$mail_template->set_var('xhtml', XHTML);
$mail_template->set_var('site_url', $_CONF['site_url']);
$mail_template->set_var('site_admin_url', $_CONF['site_admin_url']);
$mail_template->set_var('layout_url', $_CONF['layout_url']);
$mail_template->set_var('start_block_mailstory2friend', COM_startBlock($LANG08[17]));
$mail_template->set_var('lang_title', $LANG08[31]);
$mail_template->set_var('story_title', $story->displayElements('title'));
$url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
$mail_template->set_var('story_url', $url);
$link = COM_createLink($story->displayElements('title'), $url);
$mail_template->set_var('story_link', $link);
$mail_template->set_var('lang_fromname', $LANG08[20]);
$mail_template->set_var('name', $from);
$mail_template->set_var('lang_fromemailaddress', $LANG08[21]);
$mail_template->set_var('email', $fromemail);
$mail_template->set_var('lang_toname', $LANG08[18]);
$mail_template->set_var('toname', $to);
$mail_template->set_var('lang_toemailaddress', $LANG08[19]);
$mail_template->set_var('toemail', $toemail);
$mail_template->set_var('lang_cc', $LANG08[36]);
$mail_template->set_var('lang_cc_description', $LANG08[37]);
$mail_template->set_var('lang_shortmessage', $LANG08[27]);
$mail_template->set_var('shortmsg', htmlspecialchars($shortmsg));
$mail_template->set_var('lang_warning', $LANG08[22]);
$mail_template->set_var('lang_sendmessage', $LANG08[16]);
$mail_template->set_var('story_id', $sid);
$mail_template->set_var('end_block', COM_endBlock());
PLG_templateSetVars('emailstory', $mail_template);
$mail_template->parse('output', 'form');
$retval .= $mail_template->finish($mail_template->get_var('output'));
return $retval;
}
/**
* Displays a list of topics
* Lists all the topics and their icons.
*
* @param string $token Security token to use in list
* @return string HTML for the topic list
*/
function listTopics($token)
{
global $_CONF, $_TABLES, $LANG27, $LANG_ACCESS, $LANG_ADMIN, $_SCRIPTS;
require_once $_CONF['path_system'] . 'lib-admin.php';
$_SCRIPTS->setJavaScriptFile('admin.topic', '/javascript/admin.topic.js');
$retval = '';
$retval .= COM_startBlock($LANG27[8], '', COM_getBlockTemplate('_admin_block', 'header'));
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/topic.php?mode=edit', 'text' => $LANG_ADMIN['create_new']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$retval .= ADMIN_createMenu($menu_arr, $LANG27[9], $_CONF['layout_url'] . "/images/icons/topic.png");
$header_arr[] = array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false);
$header_arr[] = array('text' => $LANG27[10], 'field' => 'sortnum', 'sort' => true);
$header_arr[] = array('text' => $LANG27[53], 'field' => 'image', 'sort' => false);
$header_arr[] = array('text' => $LANG27[3], 'field' => 'topic', 'sort' => false);
$header_arr[] = array('text' => $LANG27[2], 'field' => 'tid', 'sort' => true);
$header_arr[] = array('text' => $LANG27[52], 'field' => 'story', 'sort' => false);
$header_arr[] = array('text' => $LANG_ACCESS['access'], 'field' => 'access', 'sort' => false);
$header_arr[] = array('text' => $LANG27[33], 'field' => 'inherit', 'sort' => false);
$header_arr[] = array('text' => $LANG27[35], 'field' => 'hidden', 'sort' => false);
$defsort_arr = array('field' => 'sortnum', 'direction' => 'asc');
$text_arr = array('has_extras' => true, 'form_url' => $_CONF['site_admin_url'] . '/topic.php');
$query_arr = array('table' => 'topics', 'sql' => "SELECT * FROM {$_TABLES['topics']} WHERE 1=1 ", 'query_fields' => array('topic'), 'default_filter' => COM_getPermSQL('AND'));
$retval .= ADMIN_list('topics', 'ADMIN_getListField_topics', $header_arr, $text_arr, $query_arr, $defsort_arr, '', $token);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* Display upload form
*
* @param string $token Security token
* @return string HTML for the upload form
*
*/
function plugin_show_uploadform($token)
{
global $_CONF, $LANG28, $LANG32;
$retval = '';
$retval .= COM_startBlock($LANG32[39], '', COM_getBlockTemplate('_admin_block', 'header'));
// Check if all the requirements needed to upload a plugin are met
$errors = plugin_upload_enabled();
if (count($errors) == 0) {
// Show the upload form
$retval .= '<p>' . $LANG32[40] . '</p>' . LB . '<form name="plugins_upload" action="' . $_CONF['site_admin_url'] . '/plugins.php" method="post" enctype="multipart/form-data">' . LB . '<div>' . $LANG28[29] . ': ' . '<input type="file" dir="ltr" name="plugin" size="40"' . XHTML . '> ' . LB . '<input type="submit" name="upload" value="' . $LANG32[41] . '"' . XHTML . '>' . LB . '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '"' . XHTML . '>' . '</div>' . LB . '</form>' . LB;
} else {
// Show the errors
$retval .= '<p>' . $LANG32[65] . '</p>' . LB . '<div><ul>' . LB;
foreach ($errors as $key => $value) {
$retval .= "<li>{$value}</li>";
}
$retval .= '</ul></div>' . LB;
}
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
} else {
if (strpos($referrer, $_CONF['site_url']) !== false) {
$allowed = 1;
}
}
if ($allowed == 0) {
return;
}
$mid = isset($_GET['mid']) ? COM_applyFilter($_GET['mid']) : '';
if (empty($mid)) {
return;
}
$aid = DB_getItem($_TABLES['mg_media_albums'], 'album_id', 'media_id="' . addslashes($mid) . '"');
$album_data = MG_getAlbumData($aid, array('album_id'), true);
if ($album_data['access'] == 0) {
$display = COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header')) . '<br' . XHTML . '>' . $LANG_MG00['access_denied_msg'] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$display = MG_createHTMLDocument($display);
COM_output($display);
exit;
}
$sql = "SELECT * FROM {$_TABLES['mg_media']} WHERE media_id='" . addslashes($mid) . "'";
$result = DB_query($sql);
while ($A = DB_fetchArray($result)) {
$filename = $A['media_original_filename'];
if (empty($filename)) {
$filename = $A['media_filename'] . '.' . $A['media_mime_ext'];
}
$mime_type = $A['mime_type'];
if ($mime_type == 'application/octet-stream' && strtolower($A['media_mime_ext']) == 'pdf') {
$mime_type = 'application/pdf';
}
/**
* Provide an interface to configure backups
*
* @return string HTML for configuration function
*/
function DBADMIN_configBackup()
{
global $_TABLES, $_CONF, $_VARS, $LANG_LGLIB, $pi_title, $_DB_table_prefix;
/*$res = DB_query("SHOW TABLES LIKE '{$_DB_table_prefix}%'");
$mysql_tables = array();
while ($A = DB_fetchArray($res)) {
$mysql_tables[] = $A[0];
}
// Select only tables that we actually use
$tablenames = array_intersect($mysql_tables, $_TABLES);
*/
$tablenames = $_TABLES;
$exclude_tables = @unserialize($_VARS['lglib_dbback_exclude']);
if (!is_array($exclude_tables)) {
$exclude_tables = array();
}
$curr_interval = (int) $_VARS['lglib_dbback_cron'];
if ($curr_interval == '-1') {
$interval_disabled = ' disbled="disabled" ';
$disable_cron = ' checked="checked" ';
} else {
$interval_disabled = '';
$disable_cron = '';
}
$chk_gzip = isset($_VARS['lglib_dbback_gzip']) && $_VARS['lglib_dbback_gzip'] == 1 ? ' checked="checked" ' : '';
$max_files = (int) $_VARS['lglib_dbback_files'];
$cols = 3;
$retval = DBADMIN_menu($LANG_LGLIB['instr_db_bkup_config']);
$T = new Template(LGLIB_PI_PATH . '/templates');
$T->set_file('dbform', 'db_backup.thtml');
$col = 0;
$included = '';
$excluded = '';
$include_tables = array_diff($tablenames, $exclude_tables);
foreach ($include_tables as $key => $name) {
$included .= "<option value=\"{$name}\">{$name}</option>\n";
}
foreach ($exclude_tables as $key => $name) {
$excluded .= "<option value=\"{$name}\">{$name}</option>\n";
}
$T->set_var(array('included_tables' => $included, 'excluded_tables' => $excluded, 'interval_disabled' => $interval_disabled, 'curr_interval' => $curr_interval, 'chk_disable_cron' => $disable_cron, 'max_files' => $max_files, 'chk_gzip' => $chk_gzip));
$T->parse('output', 'dbform');
$retval .= $T->finish($T->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* Display a list of routes
*
* @return string HTML for the list
*/
function listRoutes()
{
global $_CONF, $_TABLES, $LANG_ADMIN, $LANG_ROUTER, $_IMAGE_TYPE, $securityToken;
require_once $_CONF['path_system'] . 'lib-admin.php';
// Writing the menu on top
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/router.php?mode=edit&rid=0', 'text' => $LANG_ADMIN['create_new']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$notice = $LANG_ROUTER[11];
if (!isset($_CONF['url_rewrite']) || empty($_CONF['url_rewrite'])) {
$notice .= ' ' . $LANG_ROUTER[18];
}
if (!isset($_CONF['url_routing']) || $_CONF['url_routing'] == Router::ROUTING_DISABLED) {
$notice .= ' ' . $LANG_ROUTER[19];
}
$retval = COM_startBlock($LANG_ROUTER[2], '', COM_getBlockTemplate('_admin_block', 'header')) . ADMIN_createMenu($menu_arr, $notice, $_CONF['layout_url'] . '/images/icons/router.' . $_IMAGE_TYPE);
$headerArray = array(array('text' => $LANG_ADMIN['edit'], 'field' => 'rid', 'sort' => false), array('text' => $LANG_ROUTER[4], 'field' => 'method', 'sort' => true), array('text' => $LANG_ROUTER[5], 'field' => 'rule', 'sort' => true), array('text' => $LANG_ROUTER[6], 'field' => 'route', 'sort' => true), array('text' => $LANG_ROUTER[7], 'field' => 'priority', 'sort' => true));
$defaultSortArray = array('field' => 'priority', 'direction' => 'asc');
$textArray = array('has_extras' => false, 'title' => $LANG_ROUTER[1], 'form_url' => $_CONF['site_admin_url'] . '/router.php');
$queryArray = array('table' => 'routes', 'sql' => "SELECT * FROM {$_TABLES['routes']} WHERE (1 = 1) ", 'query_fields' => array('rule', 'route', 'priority'), 'default_filter' => COM_getPermSql('AND'));
$retval .= ADMIN_list('routes', 'ADMIN_getListFieldRoutes', $headerArray, $textArray, $queryArray, $defaultSortArray, '', $securityToken, '');
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* View details of an entry
*
* @param int $id ID of the entry to display
* @param int $page page number on the list (for the back link)
* @return string HTML for the entry details
*
*/
function _bb_viewEntry($id, $page = 1)
{
global $_CONF, $_TABLES, $LANG_ADMIN, $LANG_BAD_BEHAVIOR, $LANG_BB2_RESPONSE;
$retval = '';
$donate = $LANG_BAD_BEHAVIOR['description'];
if (DB_getItem($_TABLES['vars'], 'value', "name = 'bad_behavior2.donate'") == 1) {
$donate .= '<p>' . $LANG_BAD_BEHAVIOR['donate_msg'] . '</p>' . LB;
}
$backlink = $_CONF['site_admin_url'] . '/plugins/' . BAD_BEHAVIOR_PLUGIN . '/index.php?mode=list';
if ($page > 1) {
$backlink .= '&page=' . $page;
}
// writing the menu on top
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/bad_behavior2/index.php?mode=list', 'text' => 'Log Entries'), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$retval .= COM_startBlock($LANG_BAD_BEHAVIOR['plugin_display_name'] . ' - ' . $LANG_BAD_BEHAVIOR['block_title_entry'], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $donate, $_CONF['site_url'] . '/bad_behavior2/images/bad_behavior2.png');
$retval .= '<br />';
$templates = new Template($_CONF['path'] . 'plugins/' . BAD_BEHAVIOR_PLUGIN . '/templates');
$templates->set_file('entry', 'entry.thtml');
$templates->set_var('id', $id);
$templates->set_var('lang_ip', $LANG_BAD_BEHAVIOR['row_ip']);
$templates->set_var('lang_user_agent', $LANG_BAD_BEHAVIOR['row_user_agent']);
$templates->set_var('lang_referer', $LANG_BAD_BEHAVIOR['row_referer']);
$templates->set_var('lang_response', $LANG_BAD_BEHAVIOR['row_response']);
$templates->set_var('lang_method', $LANG_BAD_BEHAVIOR['row_method']);
$templates->set_var('lang_protocol', $LANG_BAD_BEHAVIOR['row_protocol']);
$templates->set_var('lang_date', $LANG_BAD_BEHAVIOR['row_date']);
$templates->set_var('lang_back', $LANG_BAD_BEHAVIOR['link_back']);
$templates->set_var('lang_denied_reason', $LANG_BAD_BEHAVIOR['denied_reason']);
$templates->set_var('lang_search', $LANG_BAD_BEHAVIOR['search']);
$id = DB_escapeString($id);
$result = DB_query("SELECT ip,date,request_method,request_uri,server_protocol,http_headers,user_agent,request_entity,`key` FROM " . WP_BB_LOG . " WHERE id = '{$id}'");
$A = DB_fetchArray($result);
foreach ($A as $key => $val) {
$A[$key] = htmlspecialchars($val);
}
$templates->set_var('ip', $A['ip']);
$templates->set_var('request_method', $A['request_method']);
$templates->set_var('http_host', $A['request_uri']);
$templates->set_var('server_protocol', $A['server_protocol']);
$templates->set_var('http_referer', $A['http_headers']);
$templates->set_var('http_user_agent', $A['user_agent']);
$templates->set_var('http_response', $A['request_entity']);
$templates->set_var('date_and_time', $A['date']);
$templates->set_var('http_headers', $A['http_headers']);
$templates->set_var('denied_reason', $LANG_BB2_RESPONSE[$A['key']]);
if (!empty($_CONF['ip_lookup'])) {
$iplookup = str_replace('*', $A['ip'], $_CONF['ip_lookup']);
$templates->set_var('start_ip_lookup_anchortag', '<a href="' . $iplookup . '" title="' . $LANG_BAD_BEHAVIOR['title_lookup_ip'] . '">');
$templates->set_var('end_ip_lookup_anchortag', '</a>');
} else {
$templates->set_var('start_ip_lookup_anchortag', '');
$templates->set_var('end_ip_lookup_anchortag', '');
}
$templates->parse('output', 'entry');
$retval .= $templates->finish($templates->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
if (isset($_REQUEST['msg'])) {
$display .= COM_showMessage(COM_applyFilter($_REQUEST['msg'], true), $pi_name);
}
switch ($action) {
case $LANG_USERBOX_ADMIN['config_init']:
$dummy = LIB_Deleteconfig($pi_name, $config);
$dummy = LIB_Initializeconfig($pi_name);
echo COM_refresh($_CONF['site_admin_url'] . '/plugins/userbox/backuprestore.php');
exit;
break;
case $LANG_USERBOX_ADMIN['config_backup']:
$display .= LIB_Backupconfig($pi_name);
break;
case $LANG_USERBOX_ADMIN['config_restore']:
$display .= LIB_Restoreconfig($pi_name, $config);
break;
case $LANG_USERBOX_ADMIN['config_update']:
$dummy = LIB_Backupconfig($pi_name, "update");
$dummy = LIB_Deleteconfig($pi_name, $config);
$dummy = LIB_Initializeconfig($pi_name);
$dummy = LIB_Restoreconfig($pi_name, $config, "update");
echo COM_refresh($_CONF['site_admin_url'] . '/plugins/userbox/backuprestore.php');
exit;
break;
default:
}
$display .= fncMenu($pi_name);
$display .= fncDisply($pi_name);
$display = COM_startBlock($LANG_USERBOX_ADMIN['piname'], '', COM_getBlockTemplate('_admin_block', 'header')) . $display . COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
$display = DATABOX_displaypage($pi_name, '_admin', $display, $information);
COM_output($display);
/**
* Create the banner list depending on the category given
*
* @param array $message message(s) to display
* @return string the banner page
*
*/
function banner_list($message)
{
global $_CONF, $_TABLES, $_BAN_CONF, $LANG_BANNER_ADMIN, $LANG_BANNER, $LANG_BANNER_STATS;
$cid = $_BAN_CONF['root'];
$display = '';
if (isset($_GET['category'])) {
$cid = strip_tags(COM_stripslashes($_GET['category']));
} elseif (isset($_POST['category'])) {
$cid = strip_tags(COM_stripslashes($_POST['category']));
}
$cat = addslashes($cid);
$page = 0;
if (isset($_GET['page'])) {
$page = COM_applyFilter($_GET['page'], true);
}
if ($page == 0) {
$page = 1;
}
if (empty($cid)) {
if ($page > 1) {
$page_title = sprintf($LANG_BANNER[114] . ' (%d)', $page);
} else {
$page_title = $LANG_BANNER[114];
}
} else {
if ($cid == $_BAN_CONF['root']) {
$category = $LANG_BANNER['root'];
} else {
$category = DB_getItem($_TABLES['bannercategories'], 'category', "cid = '{$cat}'");
}
if ($page > 1) {
$page_title = sprintf($LANG_BANNER[114] . ': %s (%d)', $category, $page);
} else {
$page_title = sprintf($LANG_BANNER[114] . ': %s', $category);
}
}
// Check has access to this category
if ($cid != $_BAN_CONF['root']) {
$result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['bannercategories']} WHERE cid='{$cat}'");
$A = DB_fetchArray($result);
if (SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) < 2) {
$display .= COM_siteHeader('menu', $page_title);
$display .= COM_showMessage(5, 'banner');
$display .= COM_siteFooter();
echo $display;
exit;
}
}
$display .= COM_siteHeader('menu', $page_title);
if (is_array($message) && !empty($message[0])) {
$display .= COM_startBlock($message[0], '', COM_getBlockTemplate('_msg_block', 'header'));
$display .= $message[1];
$display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
} else {
if (isset($_REQUEST['msg'])) {
$msg = COM_applyFilter($_REQUEST['msg'], true);
if ($msg > 0) {
$display .= COM_showMessage($msg, 'banner');
}
}
}
$bannerlist = new Template($_CONF['path'] . 'plugins/banner/templates/');
$bannerlist->set_file(array('bannerlist' => 'banner.thtml', 'catbanner' => 'categorybanner.thtml', 'banner' => 'bannerdetails.thtml', 'catnav' => 'categorynavigation.thtml', 'catrow' => 'categoryrow.thtml', 'catcol' => 'categorycol.thtml', 'actcol' => 'categoryactivecol.thtml', 'pagenav' => 'pagenavigation.thtml', 'catdrop' => 'categorydropdown.thtml'));
$bannerlist->set_var('xhtml', XHTML);
$bannerlist->set_var('blockheader', COM_startBlock($LANG_BANNER[114]));
$bannerlist->set_var('layout_url', $_CONF['layout_url']);
if ($_BAN_CONF['bannercols'] > 0) {
// Create breadcrumb trail
$bannerlist->set_var('breadcrumbs', banner_breadcrumbs($_BAN_CONF['root'], $cid));
// Set dropdown for category jump
$bannerlist->set_var('lang_go', $LANG_BANNER[124]);
$bannerlist->set_var('banner_dropdown', banner_select_box(2, $cid));
// Show categories
$sql = "SELECT cid,pid,category,description FROM {$_TABLES['bannercategories']} WHERE pid='{$cat}'";
$sql .= COM_getLangSQL('cid', 'AND');
$sql .= COM_getPermSQL('AND') . " ORDER BY category";
$result = DB_query($sql);
$nrows = DB_numRows($result);
if ($nrows > 0) {
$bannerlist->set_var('lang_categories', $LANG_BANNER_ADMIN[14]);
for ($i = 1; $i <= $nrows; $i++) {
$C = DB_fetchArray($result);
// Get number of child banner user can see in this category
$ccid = addslashes($C['cid']);
$result1 = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['banner']} WHERE cid='{$ccid}'" . COM_getPermSQL('AND'));
$D = DB_fetchArray($result1);
// Get number of child categories user can see in this category
$result2 = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['bannercategories']} WHERE pid='{$ccid}'" . COM_getPermSQL('AND'));
$E = DB_fetchArray($result2);
// Format numbers for display
$display_count = '';
// don't show zeroes
if ($E['count'] > 0) {
$display_count = COM_numberFormat($E['count']);
}
if ($E['count'] > 0 && $D['count'] > 0) {
$display_count .= ', ';
}
if ($D['count'] > 0) {
$display_count .= COM_numberFormat($D['count']);
}
// add brackets if child items exist
if ($display_count != '') {
$display_count = '(' . $display_count . ')';
}
$bannerlist->set_var('category_name', $C['category']);
if ($_BAN_CONF['show_category_descriptions']) {
$bannerlist->set_var('category_description', $C['description']);
} else {
$bannerlist->set_var('category_description', '');
}
$bannerlist->set_var('category_link', $_CONF['site_url'] . '/banner/index.php?category=' . urlencode($C['cid']));
$bannerlist->set_var('category_count', $display_count);
$bannerlist->set_var('width', floor(100 / $_BAN_CONF['bannercols']));
if (!empty($cid) && $cid == $C['cid']) {
$bannerlist->parse('category_col', 'actcol', true);
} else {
$bannerlist->parse('category_col', 'catcol', true);
}
if ($i % $_BAN_CONF['bannercols'] == 0) {
$bannerlist->parse('category_row', 'catrow', true);
$bannerlist->set_var('category_col', '');
}
}
if ($nrows % $_BAN_CONF['bannercols'] != 0) {
$bannerlist->parse('category_row', 'catrow', true);
}
$bannerlist->parse('category_navigation', 'catnav', true);
} else {
$bannerlist->set_var('category_navigation', '');
}
} else {
$bannerlist->set_var('category_navigation', '');
}
if ($_BAN_CONF['bannercols'] == 0) {
$bannerlist->set_var('category_dropdown', '');
} else {
$bannerlist->parse('category_dropdown', 'catdrop', true);
}
$bannerlist->set_var('site_url', $_CONF['site_url']);
$bannerlist->set_var('cid', $cid);
$bannerlist->set_var('cid_plain', $cid);
$bannerlist->set_var('cid_encoded', urlencode($cid));
$bannerlist->set_var('lang_addabanner', $LANG_BANNER[116]);
// Build SQL for banner
$sql = 'SELECT bid,cid,url,description,title,hits,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon';
$from_where = " FROM {$_TABLES['banner']}";
if ($_BAN_CONF['bannercols'] > 0) {
if (!empty($cid)) {
$from_where .= " WHERE cid='" . addslashes($cid) . "'";
} else {
$from_where .= " WHERE cid=''";
}
$from_where .= ' AND (publishstart IS NULL OR publishstart < NOW()) and (publishend IS NULL OR publishend > NOW())';
$from_where .= COM_getPermSQL('AND');
} else {
$from_where .= COM_getPermSQL();
}
$order = ' ORDER BY cid ASC,title';
$limit = '';
if ($_BAN_CONF['bannerperpage'] > 0) {
if ($page < 1) {
$start = 0;
} else {
$start = ($page - 1) * $_BAN_CONF['bannerperpage'];
}
$limit = ' LIMIT ' . $start . ',' . $_BAN_CONF['bannerperpage'];
}
$result = DB_query($sql . $from_where . $order . $limit);
$nrows = DB_numRows($result);
if ($nrows == 0) {
if ($cid == $_BAN_CONF['root'] && $page <= 1 && $_BAN_CONF['show_top10']) {
$result = DB_query("SELECT bid,url,title,description,hits,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['banner']} WHERE (hits > 0) AND (publishstart IS NULL OR publishstart < NOW()) and (publishend IS NULL OR publishend > NOW())" . COM_getPermSQL('AND') . " ORDER BY hits DESC LIMIT 10");
$nrows = DB_numRows($result);
if ($nrows > 0) {
$bannerlist->set_var('banner_details', '');
$bannerlist->set_var('banner_category', $LANG_BANNER_STATS['stats_headline']);
for ($i = 0; $i < $nrows; $i++) {
$A = DB_fetchArray($result);
prepare_banner_item($A, $bannerlist);
$bannerlist->parse('banner_details', 'banner', true);
}
$bannerlist->parse('category_banner', 'catbanner', true);
}
}
$bannerlist->set_var('page_navigation', '');
} else {
$currentcid = '';
for ($i = 0; $i < $nrows; $i++) {
$A = DB_fetchArray($result);
if (strcasecmp($A['cid'], $currentcid) != 0) {
// print the category and banner
if ($i > 0) {
$bannerlist->parse('category_banner', 'catbanner', true);
$bannerlist->set_var('banner_details', '');
}
$currentcid = $A['cid'];
$currentcategory = DB_getItem($_TABLES['bannercategories'], 'category', "cid = '" . addslashes($currentcid) . "'");
$bannerlist->set_var('banner_category', $currentcategory);
}
prepare_banner_item($A, $bannerlist);
$bannerlist->parse('banner_details', 'banner', true);
}
$bannerlist->parse('category_banner', 'catbanner', true);
$result = DB_query('SELECT COUNT(*) AS count ' . $from_where);
list($numbanner) = DB_fetchArray($result);
$pages = 0;
if ($_BAN_CONF['bannerperpage'] > 0) {
$pages = (int) ($numbanner / $_BAN_CONF['bannerperpage']);
if ($numbanner % $_BAN_CONF['bannerperpage'] > 0) {
$pages++;
}
}
if ($pages > 0) {
if ($_BAN_CONF['bannercols'] > 0 && !empty($currentcid)) {
$catbanner = '?category=' . urlencode($currentcid);
} else {
$catbanner = '';
}
$bannerlist->set_var('page_navigation', COM_printPageNavigation($_CONF['site_url'] . '/banner/index.php' . $catbanner, $page, $pages));
} else {
$bannerlist->set_var('page_navigation', '');
}
}
$bannerlist->set_var('blockfooter', COM_endBlock());
$bannerlist->parse('output', 'bannerlist');
$display .= $bannerlist->finish($bannerlist->get_var('output'));
return $display;
}
/**
* Show the category editor
*/
function showEditor($cid, $mode = 'edit')
{
global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $_DLM_CONF, $LANG_DLM, $mytree;
$retval = '';
if (!empty($this->_editor_mode)) {
$mode = $this->_editor_mode;
} else {
$this->_editor_mode = $mode;
}
if ($mode == 'edit' || $mode == 'clone') {
if ($this->_retry == true) {
$this->_loadFromArgs($_POST);
} else {
$this->_loadFromDatabase($cid);
}
}
if ($mode == 'clone') {
$this->_cid = $this->_createID($this->_cid . '_');
$this->_old_cid = $this->_cid;
}
if ($mode == 'create') {
if ($this->_retry == true) {
$this->_loadFromArgs($_POST);
} else {
$this->_initVars();
}
}
$this->_checkHasAccess();
$blocktitle = $mode == 'edit' ? $LANG_DLM['modcat'] : $LANG_DLM['addcat'];
$retval .= $this->_showMessage();
$retval .= COM_startBlock($blocktitle, '', COM_getBlockTemplate('_admin_block', 'header'));
$T = new Template($_DLM_CONF['path_layout']);
$T->set_file(array('t_modcategory' => 'admin_modcategory.thtml', 't_admin_access' => 'admin_access.thtml', 't_admin_submit_delete' => 'admin_submit_delete.thtml'));
DLM_setDefaultTemplateVars($T);
$lang = array('title', 'imgurlmain', 'parent', 'save', 'delete', 'cancel', 'confirm_delete', 'topic', 'catid', 'is_enabled', 'corder', 'upload');
foreach ($lang as $v) {
$T->set_var('lang_' . $v, $LANG_DLM[$v]);
}
$T->set_var('preview', $this->_makeForm_category_image());
$T->set_var('imgurl', $this->_imgurl);
$T->set_var('imgurlold', $this->_imgurl);
$T->set_var('cid', $this->_cid);
$T->set_var('old_cid', $this->_old_cid);
$T->set_var('corder', $this->_corder);
$T->set_var('title', $this->_title);
$T->set_var('op', $mode == 'edit' ? 'saveCategory' : 'addCategory');
$T->set_var('delete_disabled', $mode == 'edit' ? '' : UC_DISABLED);
$T->set_var('val_is_enabled', $this->_is_enabled == 1 ? UC_CHECKED : '');
$T->set_var('selparents', $mytree->makeSelBox('title', 'corder', $this->_pid, 1, 'pid', '', $this->_cid));
// user access info
$lang = array('accessrights', 'owner', 'group', 'permissions', 'permissionskey', 'permmsg');
foreach ($lang as $v) {
$T->set_var('lang_' . $v, $LANG_ACCESS[$v]);
}
$this->_owner_id = (int) $this->_owner_id;
$T->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$this->_owner_id}"));
$ownername = COM_getDisplayName($this->_owner_id);
$T->set_var('owner_name', $ownername);
$T->set_var('owner', $ownername);
$T->set_var('ownerid', $this->_owner_id);
$T->set_var('group_dropdown', SEC_getGroupDropdown($this->_group_id, 3));
$T->set_var('permissions_editor', SEC_getPermissionsHTML($this->_perm_owner, $this->_perm_group, $this->_perm_members, $this->_perm_anon));
$hidden_values = $this->_makeForm_hidden('editor_mode', $this->_editor_mode);
$T->set_var('hidden_values', $hidden_values);
$T->parse('admin_access', 't_admin_access');
if ($mode == 'edit') {
$T->parse('admin_submit_delete', 't_admin_submit_delete');
}
$T->set_var('gltoken_name', CSRF_TOKEN);
$T->set_var('gltoken', SEC_createToken());
$T->parse('output', 't_modcategory');
$retval .= $T->finish($T->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
$retval = DLM_createHTMLDocument($retval, array('pagetitle' => $blocktitle));
return $retval;
}
/**
* Display "batch add" (import) form
*
* @return string HTML for import form
*
*/
function display_batchAddform()
{
global $_CONF, $LANG28, $LANG_ADMIN, $_IMAGE_TYPE;
require_once $_CONF['path_system'] . 'lib-admin.php';
$retval = '';
$token = SEC_createToken();
$retval .= COM_startBlock($LANG28[24], '', COM_getBlockTemplate('_admin_block', 'header'));
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/user.php', 'text' => $LANG28[11]), array('url' => $_CONF['site_admin_url'] . '/user.php?mode=batchdelete', 'text' => $LANG28[54]), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$desc = '<p>' . $LANG28[25] . '</p>';
$icon = $_CONF['layout_url'] . '/images/icons/user.' . $_IMAGE_TYPE;
$retval .= ADMIN_createMenu($menu_arr, $desc, $icon);
$retval .= '<form action="' . $_CONF['site_admin_url'] . '/user.php" method="post" enctype="multipart/form-data"><div>' . $LANG28[29] . ': <input type="file" dir="ltr" name="importfile" size="40"' . XHTML . '>' . '<input type="hidden" name="mode" value="import"' . XHTML . '>' . '<input type="submit" name="submit" value="' . $LANG28[30] . '"' . XHTML . '><input type="hidden" name="' . CSRF_TOKEN . "\" value=\"{$token}\"" . XHTML . '></div></form>' . LB;
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG28[24]));
return $retval;
}
function SFS_adminList()
{
global $_CONF, $_USER, $_TABLES, $LANG_SFS, $LANG_ADMIN;
// force the query limit to 10 if user has not set a limit.
if (!isset($_GET['query_limit']) && !isset($_POST['query_limit'])) {
$_GET['query_limit'] = 10;
}
if (defined('DVLP_VERSION')) {
$block_title = '<strong>DEVELOPMENT TOGGLE ENABLED</strong> - ' . $LANG_SFS['title'];
} else {
$block_title = $LANG_SFS['title'];
}
$retval = COM_startBlock($block_title, '', COM_getBlockTemplate('_admin_block', 'header'));
$menu_arr = array(array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$retval .= ADMIN_createMenu($menu_arr, $LANG_SFS['instructions'], $_CONF['layout_url'] . '/images/icons/sfs.png');
$header_arr = array(array('text' => $LANG_SFS['uid'], 'field' => 'uid', 'align' => 'center'), array('text' => $LANG_SFS['username'], 'field' => 'username', 'align' => 'left'), array('text' => $LANG_SFS['email'], 'field' => 'email', 'align' => 'left'), array('text' => $LANG_SFS['remote_ip'], 'field' => 'remote_ip', 'align' => 'left'), array('text' => $LANG_SFS['sfs_status'], 'field' => 'status'));
$text_arr = array('no_data' => $LANG_SFS['no_data'], 'form_url' => $_CONF['site_admin_url'] . '/sfs.php', 'help_url' => '', 'has_limit' => true, 'has_search' => false, 'has_paging' => true);
$actions = '<input name="banbutton" type="image" src="' . $_CONF['layout_url'] . '/images/admin/delete.png' . '" style="vertical-align:text-bottom;" title="' . $LANG_SFS['action_text'] . '" onclick="return doubleconfirm(\'' . $LANG_SFS['confirm_one'] . '\',\'' . $LANG_SFS['confirm_two'] . '\');"' . '/> ' . $LANG_SFS['action_text'];
$actions .= ' <input name="delbutton" type="image" src="' . $_CONF['layout_url'] . '/images/admin/delete.png' . '" style="vertical-align:text-bottom;" title="' . $LANG_SFS['action_text_del'] . '" onclick="return doubleconfirm(\'' . $LANG_SFS['confirm_one_del'] . '\',\'' . $LANG_SFS['confirm_two_del'] . '\');"' . '/> ' . $LANG_SFS['action_text_del'];
$actions .= '<br /><br />';
$option_arr = array('chkselect' => true, 'chkall' => true, 'chkfield' => 'uid', 'chkname' => 'actionitem', 'chkactions' => $actions);
$query_arr = array('table' => 'users', 'sql' => "SELECT uid,username,email,status,remote_ip FROM {$_TABLES['users']} WHERE status <> 0 ", 'query_fields' => array('status'), 'default_filter' => "");
$token = SEC_createToken();
$form_arr = array('top' => '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '"/>', 'bottom' => '<input type="hidden" name="userban" value="true"/>');
$defsort_arr = array('field' => 'regdate', 'direction' => 'DESC');
$retval .= ADMIN_list("sfs", "SFS_getListField", $header_arr, $text_arr, $query_arr, $defsort_arr, '', $token, $option_arr, $form_arr);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
function MB_editMenu($mid)
{
global $_CONF, $_TABLES, $_ST_CONF, $stMenu, $LANG_MB00, $LANG_MB01, $LANG_MB_ADMIN, $LANG_MB_TYPES, $LANG_MB_GLTYPES, $LANG_MB_GLFUNCTION, $LANG_MB_MENU_TYPES;
$retval = '';
$menu_id = $mid;
$menu = menu::getInstance($menu_id);
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/menu.php?mode=menu&menu=' . $menu_id, 'text' => $LANG_MB01['return_to'] . $menu->name), array('url' => $_CONF['site_admin_url'] . '/menu.php', 'text' => $LANG_MB01['menu_list']));
$retval .= COM_startBlock($LANG_MB01['menu_builder'] . ' :: ' . $LANG_MB01['edit_element'] . ' for ' . $menu->name, '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $LANG_MB_ADMIN[5], $_CONF['layout_url'] . '/images/icons/menubuilder.png');
// build menu type select
$menuTypeSelect = '<select id="menutype" name="menutype">' . LB;
while ($types = current($LANG_MB_MENU_TYPES)) {
$menuTypeSelect .= '<option value="' . key($LANG_MB_MENU_TYPES) . '"';
if (key($LANG_MB_MENU_TYPES) == $menu->type) {
$menuTypeSelect .= ' selected="selected"';
}
$menuTypeSelect .= '>' . $types . '</option>' . LB;
next($LANG_MB_MENU_TYPES);
}
$menuTypeSelect .= '</select>' . LB;
// build group select
$rootUser = DB_getItem($_TABLES['group_assignments'], 'ug_uid', 'ug_main_grp_id=1');
$usergroups = SEC_getUserGroups($rootUser);
$usergroups[$LANG_MB01['non-logged-in']] = 998;
uksort($usergroups, "strnatcasecmp");
$group_select = '<select id="group" name="group">' . LB;
for ($i = 0; $i < count($usergroups); $i++) {
$group_select .= '<option value="' . $usergroups[key($usergroups)] . '"';
if ($usergroups[key($usergroups)] == $menu->group_id) {
$group_select .= ' selected="selected"';
}
$group_select .= '>' . ucfirst(key($usergroups)) . '</option>' . LB;
next($usergroups);
}
$group_select .= '</select>' . LB;
$T = new Template($_CONF['path_layout'] . 'admin/menu');
$T->set_file(array('admin' => 'editmenu.thtml'));
if ($mid == 1 || $mid == 2 || $mid == 3) {
$disabled = ' readonly ';
} else {
$disabled = '';
}
$menu_active_check = $menu->active == 1 ? ' checked="checked"' : '';
$T->set_var(array('group_select' => $group_select, 'menutype' => $menu->type, 'menutype_select' => $menuTypeSelect, 'menuactive' => $menu->active == 1 ? ' checked="checked"' : ' ', 'form_action' => $_CONF['site_admin_url'] . '/menu.php', 'menu_id' => $mid, 'menuname' => $menu->name, 'enabled' => $menu_active_check, 'disabled' => $disabled));
$T->parse('output', 'admin');
$retval .= $T->finish($T->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* This will save a submission
*
* @param string $type Type of submission we are dealing with
* @param array $A Data for that submission
*
*/
function savesubmission($type, $A)
{
global $_CONF, $_TABLES, $_USER, $LANG12;
$retval = COM_siteHeader();
COM_clearSpeedlimit($_CONF['speedlimit'], 'submit');
$last = COM_checkSpeedlimit('submit');
if ($last > 0) {
$retval .= COM_startBlock($LANG12[26], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG12[30] . $last . $LANG12[31] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')) . COM_siteFooter();
return $retval;
}
if (!empty($type) && $type != 'story') {
// Update the submitspeedlimit for user - assuming Plugin approves
// submission record
COM_updateSpeedlimit('submit');
// see if this is a submission that needs to be handled by a plugin
// and should include its own redirect
$retval = PLG_saveSubmission($type, $A);
if ($retval === false) {
COM_errorLog("Could not save your submission. Bad type: {$type}");
} elseif (empty($retval)) {
// plugin should include its own redirect - but in case handle
// it here and redirect to the main page
return COM_refresh($_CONF['site_url'] . '/index.php');
} else {
return $retval;
}
}
if (!empty($A['title']) && !empty($A['introtext'])) {
$retval = savestory($A);
} else {
$retval .= COM_startBlock($LANG12[22], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG12[23] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')) . submissionform($type) . COM_siteFooter();
}
return $retval;
}
function _at_Header()
{
global $_CONF, $LANG_ADMIN, $LANG32;
$retval = '';
$retval .= COM_startBlock($LANG32[87], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* Get an existing static page
*
* @param array args Contains all the data provided by the client
* @param string &output OUTPUT parameter containing the returned text
* @param string &svc_msg OUTPUT parameter containing any service messages
* @return int Response code as defined in lib-plugins.php
*/
function service_get_staticpages($args, &$output, &$svc_msg)
{
global $_CONF, $_TABLES, $LANG_ACCESS, $LANG12, $LANG_STATIC, $_SP_CONF;
$output = '';
$svc_msg['output_fields'] = array('sp_hits', 'sp_format', 'draft_flag', 'owner_id', 'group_id', 'perm_owner', 'perm_group', 'perm_members', 'perm_anon', 'sp_help', 'sp_php', 'sp_inblock', 'commentcode');
if (empty($args['sp_id']) && !empty($args['id'])) {
$args['sp_id'] = $args['id'];
}
if ($args['gl_svc']) {
if (isset($args['sp_id'])) {
$args['sp_id'] = COM_applyBasicFilter($args['sp_id']);
}
if (isset($args['mode'])) {
$args['mode'] = COM_applyBasicFilter($args['mode']);
}
if (empty($args['sp_id'])) {
$svc_msg['gl_feed'] = true;
} else {
$svc_msg['gl_feed'] = false;
}
} else {
$svc_msg['gl_feed'] = false;
}
if (!$svc_msg['gl_feed']) {
$page = '';
if (isset($args['sp_id'])) {
$page = $args['sp_id'];
}
$mode = '';
if (isset($args['mode'])) {
$mode = $args['mode'];
}
$error = 0;
if ($page == '') {
$error = 1;
}
$perms = SP_getPerms();
if (!SEC_hasRights('staticpages.edit')) {
if (!empty($perms)) {
$perms .= ' AND';
}
$perms .= '(draft_flag = 0)';
}
if (!empty($perms)) {
$perms = ' AND ' . $perms;
}
$sql = array();
$sql['mysql'] = "SELECT sp_title,sp_page_title,sp_content,sp_hits,created,modified,sp_format," . "commentcode,meta_description,meta_keywords,template_flag,template_id,draft_flag," . "owner_id,group_id,perm_owner,perm_group," . "perm_members,perm_anon,sp_tid,sp_help,sp_php," . "sp_inblock FROM {$_TABLES['staticpage']} " . "WHERE (sp_id = '{$page}')" . $perms;
$sql['mssql'] = "SELECT sp_title,sp_page_title," . "CAST(sp_content AS text) AS sp_content,sp_hits," . "created,modified,sp_format,commentcode," . "CAST(meta_description AS text) AS meta_description," . "CAST(meta_keywords AS text) AS meta_keywords,template_flag,template_id,draft_flag," . "owner_id,group_id,perm_owner,perm_group,perm_members," . "perm_anon,sp_tid,sp_help,sp_php,sp_inblock " . "FROM {$_TABLES['staticpage']} WHERE (sp_id = '{$page}')" . $perms;
$sql['pgsql'] = "SELECT sp_title,sp_page_title,sp_content,sp_hits," . "created,modified,sp_format," . "commentcode,meta_description,meta_keywords,template_flag,template_id,draft_flag," . "owner_id,group_id,perm_owner,perm_group," . "perm_members,perm_anon,sp_tid,sp_help,sp_php," . "sp_inblock FROM {$_TABLES['staticpage']} " . "WHERE (sp_id = '{$page}')" . $perms;
$result = DB_query($sql);
$count = DB_numRows($result);
if ($count == 0 || $count > 1) {
$error = 1;
}
if (!$error) {
$output = DB_fetchArray($result, false);
// WE ASSUME $output doesn't have any confidential fields
if ($output['template_id'] != '') {
$retval = '';
$mode = '';
$xmlObject = simplexml_load_string($output['sp_content']);
// create array of XML data
$tag = array();
foreach ($xmlObject->variable as $variable) {
$key = $variable["name"] . '';
$value = $variable->data;
$tag[$key] = $value;
}
// Loop through variables to replace any autotags first
foreach ($tag as &$value) {
$value = PLG_replaceTags($value);
}
$args = array('sp_id' => $output['template_id'], 'mode' => $mode, 'gl_svc' => '');
$svc_msg = array();
if (PLG_invokeService('staticpages', 'get', $args, $retval, $svc_msg) == PLG_RET_OK) {
$retval['sp_content'] = str_replace(array_keys($tag), array_values($tag), $retval['sp_content']);
$output['sp_content'] = $retval['sp_content'];
}
}
} else {
// an error occured (page not found, access denied, ...)
/**
* if the user has edit permissions and the page does not exist,
* send them to the editor so they can create it "wiki style"
*/
$create_page = false;
if ($mode !== 'autotag' && $count == 0 && SEC_hasRights('staticpages.edit')) {
// check again without permissions
if (DB_count($_TABLES['staticpage'], 'sp_id', $page) == 0) {
$url = $_CONF['site_admin_url'] . '/plugins/staticpages/index.php?mode=edit&sp_new_id=' . $page . '&msg=21';
$output = COM_refresh($url);
$create_page = true;
}
}
if (!$create_page) {
if (empty($page)) {
$failflg = 0;
} else {
$failflg = DB_getItem($_TABLES['staticpage'], 'sp_nf', "sp_id = '{$page}'");
}
if ($failflg) {
if ($mode !== 'autotag') {
$output = COM_siteHeader('menu');
}
$output .= SEC_loginRequiredForm();
if ($mode !== 'autotag') {
$output .= COM_siteFooter(true);
}
} else {
if ($mode !== 'autotag') {
$output = COM_siteHeader('menu');
}
$output .= COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header'));
$output .= $LANG_STATIC['deny_msg'];
$output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
if ($mode !== 'autotag') {
$output .= COM_siteFooter(true);
}
}
}
return PLG_RET_ERROR;
}
if ($args['gl_svc']) {
// This date format is PHP 5 only,
// but only the web-service uses the value
$output['published'] = date('c', strtotime($output['created']));
$output['updated'] = date('c', strtotime($output['modified']));
$output['id'] = $page;
$output['title'] = $output['sp_title'];
$output['page_title'] = $output['sp_page_title'];
$output['category'] = array($output['sp_tid']);
$output['content'] = $output['sp_content'];
$output['content_type'] = 'html';
$owner_data = SESS_getUserDataFromId($output['owner_id']);
$output['author_name'] = $owner_data['username'];
$output['link_edit'] = $page;
}
} else {
$output = array();
$mode = '';
if (isset($args['mode'])) {
$mode = $args['mode'];
}
$perms = SP_getPerms();
if (!empty($perms)) {
$perms = ' WHERE ' . $perms;
}
$offset = 0;
if (isset($args['offset'])) {
$offset = COM_applyBasicFilter($args['offset'], true);
}
$max_items = $_SP_CONF['atom_max_items'] + 1;
$limit = " LIMIT {$offset}, {$max_items}";
$order = " ORDER BY modified DESC";
$sql = array();
$sql['mysql'] = "SELECT sp_id,sp_title,sp_page_title,sp_content,sp_hits,created,modified,sp_format,meta_description,meta_keywords,template_flag,template_id,draft_flag,owner_id," . "group_id,perm_owner,perm_group,perm_members,perm_anon,sp_tid,sp_help,sp_php," . "sp_inblock FROM {$_TABLES['staticpage']}" . $perms . $order . $limit;
$sql['mssql'] = "SELECT sp_id,sp_title,sp_page_title,CAST(sp_content AS text) AS sp_content,sp_hits," . "created,modified,sp_format,CAST(meta_description AS text) AS meta_description,CAST(meta_keywords AS text) AS meta_keywords,template_flag,template_id,draft_flag,owner_id,group_id,perm_owner,perm_group,perm_members," . "perm_anon,sp_tid,sp_help,sp_php,sp_inblock FROM {$_TABLES['staticpage']}" . $perms . $order . $limit;
$sql['pgsql'] = "SELECT sp_id,sp_title,sp_page_title,sp_content,sp_hits,created,modified,sp_format,meta_description,meta_keywords,template_flag,template_id,draft_flag,owner_id," . "group_id,perm_owner,perm_group,perm_members,perm_anon,sp_tid,sp_help,sp_php," . "sp_inblock FROM {$_TABLES['staticpage']}" . $perms . $order . $limit;
$result = DB_query($sql);
$count = 0;
while (($output_item = DB_fetchArray($result, false)) !== false) {
// WE ASSUME $output doesn't have any confidential fields
$count += 1;
if ($count == $max_items) {
$svc_msg['offset'] = $offset + $_SP_CONF['atom_max_items'];
break;
}
if ($args['gl_svc']) {
// This date format is PHP 5 only, but only the web-service uses the value
$output_item['published'] = date('c', strtotime($output_item['created']));
$output_item['updated'] = date('c', strtotime($output_item['modified']));
$output_item['id'] = $output_item['sp_id'];
$output_item['title'] = $output_item['sp_title'];
$output_item['page_title'] = $output_item['sp_page_title'];
$output_item['category'] = array($output_item['sp_tid']);
$output_item['content'] = $output_item['sp_content'];
$output_item['content_type'] = 'html';
$owner_data = SESS_getUserDataFromId($output_item['owner_id']);
$output_item['author_name'] = $owner_data['username'];
}
$output[] = $output_item;
}
}
return PLG_RET_OK;
}
function LIB_import($pi_name)
{
global $_CONF;
$lang_box_admin = "LANG_" . strtoupper($pi_name) . "_ADMIN";
global ${$lang_box_admin};
$lang_box_admin = ${$lang_box_admin};
$tmpl = new Template($_CONF['path'] . "plugins/" . THIS_PLUGIN . "/templates/admin/");
$tmpl->set_file(array('import' => 'import.thtml'));
$tmpl->set_var('site_admin_url', $_CONF['site_admin_url']);
$tmpl->set_var('gltoken_name', CSRF_TOKEN);
$tmpl->set_var('gltoken', SEC_createToken());
$tmpl->set_var('xhtml', XHTML);
$tmpl->set_var('script', THIS_SCRIPT);
$tmpl->set_var('importmsg', $lang_box_admin['importmsg']);
$tmpl->set_var('importfile', $lang_box_admin['importfile']);
$tmpl->set_var('submit', $lang_box_admin['submit']);
$tmpl->parse('output', 'import');
$import = $tmpl->finish($tmpl->get_var('output'));
$retval = "";
$retval .= COM_startBlock($lang_box_admin['import'], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= $import;
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* Shows story editor
*
* Displays the story entry form
*
* @param string $sid ID of story to edit
* @param string $mode 'preview', 'edit', 'editsubmission', 'clone'
* @param string $errormsg a message to display on top of the page
* @return string HTML for story editor
*
*/
function storyeditor($sid = '', $mode = '', $errormsg = '')
{
global $_CONF, $_TABLES, $_USER, $LANG24, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS, $LANG_DIRECTION, $LANG_MONTH, $LANG_WEEK;
$display = '';
if (!isset($_CONF['hour_mode'])) {
$_CONF['hour_mode'] = 12;
}
if (!empty($errormsg)) {
$display .= COM_showMessageText($errormsg, $LANG24[25]);
}
$story = new Story();
if ($mode == 'preview') {
// Handle Magic GPC Garbage:
while (list($key, $value) = each($_POST)) {
if (!is_array($value)) {
$_POST[$key] = COM_stripslashes($value);
} else {
while (list($subkey, $subvalue) = each($value)) {
$value[$subkey] = COM_stripslashes($subvalue);
}
}
}
$result = $story->loadFromArgsArray($_POST);
if ($_CONF['maximagesperarticle'] > 0) {
$errors = $story->checkAttachedImages();
if (count($errors) > 0) {
$msg = $LANG24[55] . LB . '<ul>' . LB;
foreach ($errors as $err) {
$msg .= '<li>' . $err . '</li>' . LB;
}
$msg .= '</ul>' . LB;
$display .= COM_showMessageText($msg, $LANG24[54]);
}
}
} else {
$result = $story->loadFromDatabase($sid, $mode);
}
if ($result == STORY_PERMISSION_DENIED || $result == STORY_NO_ACCESS_PARAMS) {
$display .= COM_showMessageText($LANG24[42], $LANG_ACCESS['accessdenied']);
COM_accessLog("User {$_USER['username']} tried to illegally access story {$sid}.");
return $display;
} elseif ($result == STORY_EDIT_DENIED || $result == STORY_EXISTING_NO_EDIT_PERMISSION) {
$display .= COM_showMessageText($LANG24[41], $LANG_ACCESS['accessdenied']);
$display .= STORY_renderArticle($story, 'p');
COM_accessLog("User {$_USER['username']} tried to illegally edit story {$sid}.");
return $display;
} elseif ($result == STORY_INVALID_SID) {
if ($mode == 'editsubmission') {
// that submission doesn't seem to be there any more (may have been
// handled by another Admin) - take us back to the moderation page
return COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
} else {
return COM_refresh($_CONF['site_admin_url'] . '/story.php');
}
} elseif ($result == STORY_DUPLICATE_SID) {
$display .= COM_showMessageText($LANG24[24]);
}
// Load HTML templates
$story_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/story');
if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
$story_templates->set_file(array('editor' => 'storyeditor_advanced.thtml'));
$advanced_editormode = true;
$story_templates->set_var('change_editormode', 'onchange="change_editmode(this);"');
require_once $_CONF['path_system'] . 'classes/navbar.class.php';
$story_templates->set_var('show_preview', 'none');
$story_templates->set_var('lang_expandhelp', $LANG24[67]);
$story_templates->set_var('lang_reducehelp', $LANG24[68]);
$story_templates->set_var('lang_publishdate', $LANG24[69]);
$story_templates->set_var('lang_toolbar', $LANG24[70]);
$story_templates->set_var('toolbar1', $LANG24[71]);
$story_templates->set_var('toolbar2', $LANG24[72]);
$story_templates->set_var('toolbar3', $LANG24[73]);
$story_templates->set_var('toolbar4', $LANG24[74]);
$story_templates->set_var('toolbar5', $LANG24[75]);
if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
$story_templates->set_var('show_texteditor', 'none');
$story_templates->set_var('show_htmleditor', '');
} else {
$story_templates->set_var('show_texteditor', '');
$story_templates->set_var('show_htmleditor', 'none');
}
} else {
$story_templates->set_file(array('editor' => 'storyeditor.thtml'));
$advanced_editormode = false;
}
$story_templates->set_var('hour_mode', $_CONF['hour_mode']);
if ($story->hasContent()) {
$previewContent = STORY_renderArticle($story, 'p');
if ($advanced_editormode and $previewContent != '') {
$story_templates->set_var('preview_content', $previewContent);
} elseif ($previewContent != '') {
$display .= COM_startBlock($LANG24[26], '', COM_getBlockTemplate('_admin_block', 'header'));
$display .= $previewContent;
$display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
}
}
if ($advanced_editormode) {
$navbar = new navbar();
if (!empty($previewContent)) {
$navbar->add_menuitem($LANG24[79], 'showhideEditorDiv("preview",0);return false;', true);
$navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",1);return false;', true);
$navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",2);return false;', true);
$navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",3);return false;', true);
$navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",4);return false;', true);
$navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",5);return false;', true);
$navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",6);return false;', true);
} else {
$navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",0);return false;', true);
$navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",1);return false;', true);
$navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",2);return false;', true);
$navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",3);return false;', true);
$navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",4);return false;', true);
$navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",5);return false;', true);
}
if ($mode == 'preview') {
$story_templates->set_var('show_preview', '');
$story_templates->set_var('show_htmleditor', 'none');
$story_templates->set_var('show_texteditor', 'none');
$story_templates->set_var('show_submitoptions', 'none');
$navbar->set_selected($LANG24[79]);
} else {
$navbar->set_selected($LANG24[80]);
}
$story_templates->set_var('navbar', $navbar->generate());
}
$oldsid = $story->EditElements('originalSid');
if (!empty($oldsid) && $mode != 'clone') {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$story_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$story_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
}
if ($mode == 'editsubmission' || $story->type == 'submission') {
$story_templates->set_var('submission_option', '<input type="hidden" name="type" value="submission"' . XHTML . '>');
}
$story_templates->set_var('lang_author', $LANG24[7]);
$storyauthor = COM_getDisplayName($story->EditElements('uid'));
$story_templates->set_var('story_author', $storyauthor);
$story_templates->set_var('author', $storyauthor);
$story_templates->set_var('story_uid', $story->EditElements('uid'));
// user access info
$story_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
$story_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
$ownername = COM_getDisplayName($story->EditElements('owner_id'));
$story_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', 'uid = ' . $story->EditElements('owner_id')));
$story_templates->set_var('owner_name', $ownername);
$story_templates->set_var('owner', $ownername);
$story_templates->set_var('owner_id', $story->EditElements('owner_id'));
$story_templates->set_var('lang_group', $LANG_ACCESS['group']);
$story_templates->set_var('group_dropdown', SEC_getGroupDropdown($story->EditElements('group_id'), 3));
$story_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
$story_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
$story_templates->set_var('permissions_editor', SEC_getPermissionsHTML($story->EditElements('perm_owner'), $story->EditElements('perm_group'), $story->EditElements('perm_members'), $story->EditElements('perm_anon')));
$story_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
$story_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
$curtime = COM_getUserDateTimeFormat($story->EditElements('date'));
$story_templates->set_var('lang_date', $LANG24[15]);
$story_templates->set_var('publish_second', $story->EditElements('publish_second'));
$publish_ampm = '';
$publish_hour = $story->EditElements('publish_hour');
if ($publish_hour >= 12) {
if ($publish_hour > 12) {
$publish_hour = $publish_hour - 12;
}
$ampm = 'pm';
} else {
$ampm = 'am';
}
$ampm_select = COM_getAmPmFormSelection('publish_ampm', $ampm);
$story_templates->set_var('publishampm_selection', $ampm_select);
$month_options = COM_getMonthFormOptions($story->EditElements('publish_month'));
$story_templates->set_var('publish_month_options', $month_options);
$day_options = COM_getDayFormOptions($story->EditElements('publish_day'));
$story_templates->set_var('publish_day_options', $day_options);
$year_options = COM_getYearFormOptions($story->EditElements('publish_year'));
$story_templates->set_var('publish_year_options', $year_options);
if ($_CONF['hour_mode'] == 24) {
$hour_options = COM_getHourFormOptions($story->EditElements('publish_hour'), 24);
} else {
$hour_options = COM_getHourFormOptions($publish_hour);
}
$story_templates->set_var('publish_hour_options', $hour_options);
$minute_options = COM_getMinuteFormOptions($story->EditElements('publish_minute'));
$story_templates->set_var('publish_minute_options', $minute_options);
$story_templates->set_var('publish_date_explanation', $LANG24[46]);
$story_templates->set_var('story_unixstamp', $story->EditElements('unixdate'));
$story_templates->set_var('expire_second', $story->EditElements('expire_second'));
$expire_ampm = '';
$expire_hour = $story->EditElements('expire_hour');
if ($expire_hour >= 12) {
if ($expire_hour > 12) {
$expire_hour = $expire_hour - 12;
}
$ampm = 'pm';
} else {
$ampm = 'am';
}
$ampm_select = COM_getAmPmFormSelection('expire_ampm', $ampm);
if (empty($ampm_select)) {
// have a hidden field to 24 hour mode to prevent JavaScript errors
$ampm_select = '<input type="hidden" name="expire_ampm" value=""' . XHTML . '>';
}
$story_templates->set_var('expireampm_selection', $ampm_select);
$month_options = COM_getMonthFormOptions($story->EditElements('expire_month'));
$story_templates->set_var('expire_month_options', $month_options);
$day_options = COM_getDayFormOptions($story->EditElements('expire_day'));
$story_templates->set_var('expire_day_options', $day_options);
$year_options = COM_getYearFormOptions($story->EditElements('expire_year'));
$story_templates->set_var('expire_year_options', $year_options);
if ($_CONF['hour_mode'] == 24) {
$hour_options = COM_getHourFormOptions($story->EditElements('expire_hour'), 24);
} else {
$hour_options = COM_getHourFormOptions($expire_hour);
}
$story_templates->set_var('expire_hour_options', $hour_options);
$minute_options = COM_getMinuteFormOptions($story->EditElements('expire_minute'));
$story_templates->set_var('expire_minute_options', $minute_options);
$story_templates->set_var('expire_date_explanation', $LANG24[46]);
$story_templates->set_var('story_unixstamp', $story->EditElements('expirestamp'));
$atopic = DB_getItem($_TABLES['topics'], 'tid', "archive_flag = 1");
$have_archive_topic = empty($atopic) ? false : true;
if ($story->EditElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE) {
$story_templates->set_var('is_checked2', 'checked="checked"');
$story_templates->set_var('is_checked3', 'checked="checked"');
$js_showarchivedisabled = 'false';
$have_archive_topic = true;
// force display of auto archive option
} elseif ($story->EditElements('statuscode') == STORY_DELETE_ON_EXPIRE) {
$story_templates->set_var('is_checked2', 'checked="checked"');
$story_templates->set_var('is_checked4', 'checked="checked"');
if (!$have_archive_topic) {
$story_templates->set_var('is_checked3', 'style="display:none;"');
}
$js_showarchivedisabled = 'false';
} else {
if (!$have_archive_topic) {
$story_templates->set_var('is_checked3', 'style="display:none;"');
}
$js_showarchivedisabled = 'true';
}
$story_templates->set_var('lang_archivetitle', $LANG24[58]);
$story_templates->set_var('lang_option', $LANG24[59]);
$story_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
$story_templates->set_var('lang_story_stats', $LANG24[87]);
if ($have_archive_topic) {
$story_templates->set_var('lang_optionarchive', $LANG24[61]);
} else {
$story_templates->set_var('lang_optionarchive', '');
}
$story_templates->set_var('lang_optiondelete', $LANG24[62]);
$story_templates->set_var('lang_title', $LANG_ADMIN['title']);
$story_templates->set_var('story_title', $story->EditElements('title'));
$story_templates->set_var('lang_page_title', $LANG_ADMIN['page_title']);
$story_templates->set_var('page_title', $story->EditElements('page_title'));
$story_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
$story_templates->set_var('meta_description', $story->EditElements('meta_description'));
$story_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
$story_templates->set_var('meta_keywords', $story->EditElements('meta_keywords'));
if ($_CONF['meta_tags'] > 0) {
$story_templates->set_var('hide_meta', '');
} else {
$story_templates->set_var('hide_meta', ' style="display:none;"');
}
$story_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
if ($mode == 'preview') {
$tlist = TOPIC_getTopicSelectionControl('article', '', false, true, true);
} else {
$tlist = TOPIC_getTopicSelectionControl('article', $oldsid, false, true, true);
}
if (empty($tlist)) {
$display .= COM_showMessage(101);
return $display;
}
$story_templates->set_var('topic_selection', $tlist);
$story_templates->set_var('lang_show_topic_icon', $LANG24[56]);
if ($story->EditElements('show_topic_icon') == 1) {
$story_templates->set_var('show_topic_icon_checked', 'checked="checked"');
} else {
$story_templates->set_var('show_topic_icon_checked', '');
}
$story_templates->set_var('lang_cachetime', $LANG24['cache_time']);
$story_templates->set_var('lang_cachetime_desc', $LANG24['cache_time_desc']);
$story_templates->set_var('cache_time', $story->EditElements('cache_time'));
$story_templates->set_var('lang_draft', $LANG24[34]);
if ($story->EditElements('draft_flag')) {
$story_templates->set_var('is_checked', 'checked="checked"');
}
$story_templates->set_var('lang_mode', $LANG24[3]);
$story_templates->set_var('status_options', COM_optionList($_TABLES['statuscodes'], 'code,name', $story->EditElements('statuscode')));
$story_templates->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $story->EditElements('commentcode')));
$story_templates->set_var('trackback_options', COM_optionList($_TABLES['trackbackcodes'], 'code,name', $story->EditElements('trackbackcode')));
// comment expire
$story_templates->set_var('lang_cmt_disable', $LANG24[63]);
if ($story->EditElements('cmt_close')) {
$story_templates->set_var('is_checked5', 'checked="checked"');
$js_showcmtclosedisabled = 'false';
} else {
$js_showcmtclosedisabled = 'true';
}
$month_options = COM_getMonthFormOptions($story->EditElements('cmt_close_month'));
$story_templates->set_var('cmt_close_month_options', $month_options);
$day_options = COM_getDayFormOptions($story->EditElements('cmt_close_day'));
$story_templates->set_var('cmt_close_day_options', $day_options);
// ensure that the year dropdown includes the close year
$endtm = mktime(0, 0, 0, date('m'), date('d') + $_CONF['article_comment_close_days'], date('Y'));
$yoffset = date('Y', $endtm) - date('Y');
$close_year = $story->EditElements('cmt_close_year');
if ($yoffset < -1) {
$year_options = COM_getYearFormOptions($close_year, $yoffset);
} elseif ($yoffset > 5) {
$year_options = COM_getYearFormOptions($close_year, -1, $yoffset);
} else {
$year_options = COM_getYearFormOptions($close_year);
}
$story_templates->set_var('cmt_close_year_options', $year_options);
$cmt_close_ampm = '';
$cmt_close_hour = $story->EditElements('cmt_close_hour');
//correct hour
if ($cmt_close_hour >= 12) {
if ($cmt_close_hour > 12) {
$cmt_close_hour = $cmt_close_hour - 12;
}
$ampm = 'pm';
} else {
$ampm = 'am';
}
$ampm_select = COM_getAmPmFormSelection('cmt_close_ampm', $ampm);
if (empty($ampm_select)) {
// have a hidden field to 24 hour mode to prevent JavaScript errors
$ampm_select = '<input type="hidden" name="cmt_close_ampm" value=""' . XHTML . '>';
}
$story_templates->set_var('cmt_close_ampm_selection', $ampm_select);
if ($_CONF['hour_mode'] == 24) {
$hour_options = COM_getHourFormOptions($story->EditElements('cmt_close_hour'), 24);
} else {
$hour_options = COM_getHourFormOptions($cmt_close_hour);
}
$story_templates->set_var('cmt_close_hour_options', $hour_options);
$minute_options = COM_getMinuteFormOptions($story->EditElements('cmt_close_minute'));
$story_templates->set_var('cmt_close_minute_options', $minute_options);
$story_templates->set_var('cmt_close_second', $story->EditElements('cmt_close_second'));
if ($_CONF['onlyrootfeatures'] == 1 && SEC_inGroup('Root') or $_CONF['onlyrootfeatures'] !== 1) {
$featured_options = "<select name=\"featured\">" . LB . COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured')) . "</select>" . LB;
} else {
$featured_options = "<input type=\"hidden\" name=\"featured\" value=\"0\"" . XHTML . ">";
}
$story_templates->set_var('featured_options', $featured_options);
$story_templates->set_var('frontpage_options', COM_optionList($_TABLES['frontpagecodes'], 'code,name', $story->EditElements('frontpage')));
$story_templates->set_var('story_introtext', $story->EditElements('introtext'));
$story_templates->set_var('story_bodytext', $story->EditElements('bodytext'));
$story_templates->set_var('lang_introtext', $LANG24[16]);
$story_templates->set_var('lang_bodytext', $LANG24[17]);
$story_templates->set_var('lang_postmode', $LANG24[4]);
$story_templates->set_var('lang_publishoptions', $LANG24[76]);
$story_templates->set_var('noscript', COM_getNoScript(false, $LANG24[77], sprintf($LANG24[78], $_CONF['site_admin_url'], $sid)));
$postmode = $story->EditElements('postmode');
if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
$postmode = '';
}
}
$post_options = COM_optionList($_TABLES['postmodes'], 'code,name', $postmode);
$postmode_list = 'plaintext,html';
// If Advanced Mode - add post option and set default if editing story created with Advanced Editor
if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
$postmode_list .= ',adveditor';
if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
$post_options .= '<option value="adveditor" selected="selected">' . $LANG24[86] . '</option>';
} else {
$post_options .= '<option value="adveditor">' . $LANG24[86] . '</option>';
}
}
if ($_CONF['wikitext_editor']) {
$postmode_list .= ',wikitext';
if ($story->EditElements('postmode') == 'wikitext') {
$post_options .= '<option value="wikitext" selected="selected">' . $LANG24[88] . '</option>';
} else {
$post_options .= '<option value="wikitext">' . $LANG24[88] . '</option>';
}
}
$story_templates->set_var('post_options', $post_options);
$postmode_array = explode(',', $postmode_list);
$allowed_html = '';
foreach ($postmode_array as $pm) {
$allowed_html .= COM_allowedHTML('story.edit', false, 1, $pm);
}
$allowed_tags = array('code', 'raw');
if ($_CONF['allow_page_breaks'] == 1) {
$allowed_tags = array_merge($allowed_tags, array('page_break'));
}
$allowed_html .= COM_allowedAutotags(false, $allowed_tags);
$story_templates->set_var('lang_allowed_html', $allowed_html);
$fileinputs = '';
$saved_images = '';
if ($_CONF['maximagesperarticle'] > 0) {
$story_templates->set_var('lang_images', $LANG24[47]);
$icount = DB_count($_TABLES['article_images'], 'ai_sid', $story->getSid());
if ($icount > 0) {
$result_articles = DB_query("SELECT * FROM {$_TABLES['article_images']} WHERE ai_sid = '" . $story->getSid() . "'");
for ($z = 1; $z <= $icount; $z++) {
$I = DB_fetchArray($result_articles);
$saved_images .= $z . ') ' . COM_createLink($I['ai_filename'], $_CONF['site_url'] . '/images/articles/' . $I['ai_filename']) . ' ' . $LANG_ADMIN['delete'] . ': <input type="checkbox" name="delete[' . $I['ai_img_num'] . ']"' . XHTML . '><br' . XHTML . '>';
}
}
$newallowed = $_CONF['maximagesperarticle'] - $icount;
for ($z = $icount + 1; $z <= $_CONF['maximagesperarticle']; $z++) {
$fileinputs .= $z . ') <input type="file" dir="ltr" name="file' . $z . '"' . XHTML . '>';
if ($z < $_CONF['maximagesperarticle']) {
$fileinputs .= '<br' . XHTML . '>';
}
}
$fileinputs .= '<br' . XHTML . '>' . $LANG24[51];
if ($_CONF['allow_user_scaling'] == 1) {
$fileinputs .= $LANG24[27];
}
$fileinputs .= $LANG24[28] . '<br' . XHTML . '>';
}
// Add JavaScript
$_SCRIPTS->setJavaScriptFile('story_editor', '/javascript/story_editor.js');
if ($_CONF['titletoid']) {
$_SCRIPTS->setJavaScriptFile('title_2_id', '/javascript/title_2_id.js');
$story_templates->set_var('titletoid', true);
}
$_SCRIPTS->setJavaScriptFile('postmode_control', '/javascript/postmode_control.js');
// Loads jQuery UI datepicker and timepicker-addon
$_SCRIPTS->setJavaScriptLibrary('jquery.ui.slider');
// $_SCRIPTS->setJavaScriptLibrary('jquery.ui.button');
$_SCRIPTS->setJavaScriptLibrary('jquery.ui.datepicker');
$_SCRIPTS->setJavaScriptLibrary('jquery-ui-i18n');
$_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon');
$_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon-i18n');
// $_SCRIPTS->setJavaScriptLibrary('jquery-ui-slideraccess');
$_SCRIPTS->setJavaScriptFile('datetimepicker', '/javascript/datetimepicker.js');
$langCode = COM_getLangIso639Code();
$toolTip = $MESSAGE[118];
$imgUrl = $_CONF['site_url'] . '/images/calendar.png';
$_SCRIPTS->setJavaScript("jQuery(function () {" . " geeklog.hour_mode = {$_CONF['hour_mode']};" . " geeklog.datetimepicker.set('publish', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . " geeklog.datetimepicker.set('expire', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . " geeklog.datetimepicker.set('cmt_close', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . "});", TRUE, TRUE);
// Setup Advanced Editor
COM_setupAdvancedEditor('/javascript/storyeditor_adveditor.js');
$story_templates->set_var('saved_images', $saved_images);
$story_templates->set_var('image_form_elements', $fileinputs);
$story_templates->set_var('lang_hits', $LANG24[18]);
$story_templates->set_var('story_hits', $story->EditElements('hits'));
$story_templates->set_var('lang_comments', $LANG24[19]);
$story_templates->set_var('story_comments', $story->EditElements('comments'));
$story_templates->set_var('lang_trackbacks', $LANG24[29]);
$story_templates->set_var('story_trackbacks', $story->EditElements('trackbacks'));
$story_templates->set_var('lang_emails', $LANG24[39]);
$story_templates->set_var('story_emails', $story->EditElements('numemails'));
if ($mode == 'clone') {
$story_templates->set_var('story_id', COM_makesid());
} else {
$story_templates->set_var('story_id', $story->getSid());
$story_templates->set_var('old_story_id', $story->EditElements('originalSid'));
}
$story_templates->set_var('lang_sid', $LANG24[12]);
$story_templates->set_var('lang_save', $LANG_ADMIN['save']);
$story_templates->set_var('lang_preview', $LANG_ADMIN['preview']);
$story_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$story_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
$story_templates->set_var('gltoken_name', CSRF_TOKEN);
$token = SEC_createToken();
$story_templates->set_var('gltoken', $token);
$story_templates->parse('output', 'editor');
$display .= COM_startBlock($LANG24[5], '', COM_getBlockTemplate('_admin_block', 'header'));
$display .= SEC_getTokenExpiryNotice($token, $LANG24[91]);
$display .= $story_templates->finish($story_templates->get_var('output'));
$display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $display;
}
if (isset($_GET['mode'])) {
$mode = COM_applyFilter($_GET['mode']);
}
}
$T = new Template($_MG_CONF['template_path']);
$T->set_file('admin', 'administration.thtml');
$T->set_var(array('site_admin_url' => $_CONF['site_admin_url'], 'site_url' => $_MG_CONF['site_url'], 'lang_admin' => $LANG_MG00['admin'], 'xhtml' => XHTML));
if ($mode == $LANG_MG01['save'] && !empty($LANG_MG01['save'])) {
MG_createUsers();
exit;
} elseif ($mode == $LANG_MG01['cancel']) {
echo COM_refresh($_MG_CONF['admin_url'] . 'index.php');
exit;
} else {
if (isset($_REQUEST['page'])) {
$page = COM_applyFilter($_REQUEST['page'], true) - 1;
if ($page < 0) {
$page = 0;
}
} else {
$page = 0;
}
$T->set_var(array('admin_body' => MG_selectUsers($page), 'title' => $LANG_MG01['batch_create_members'], 'lang_help' => '<img src="' . MG_getImageFile('button_help.png') . '" style="border:none;" alt="?"' . XHTML . '>', 'help_url' => $_MG_CONF['site_url'] . '/docs/usage.html#Batch_Create_Member_Albums'));
}
$T->parse('output', 'admin');
$display = COM_startBlock($LANG_MG00['admin'], '', COM_getBlockTemplate('_admin_block', 'header'));
$display .= MG_showAdminMenu('member_albums');
$display .= $T->finish($T->get_var('output'));
$display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
$display = COM_createHTMLDocument($display);
COM_output($display);
function links_edit_category($cid, $pid)
{
global $_CONF, $_TABLES, $_USER, $MESSAGE, $LANG_LINKS_ADMIN, $LANG_ADMIN, $LANG_ACCESS, $_LI_CONF;
$retval = '';
$cid = addslashes($cid);
if (!empty($pid)) {
// have parent id, so making a new subcategory
// get parent access rights
$result = DB_query("SELECT group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['linkcategories']} WHERE cid='" . addslashes($pid) . "'");
$A = DB_fetchArray($result);
$A['owner_id'] = $_USER['uid'];
$A['pid'] = $pid;
} elseif (!empty($cid)) {
// have category id, so editing a category
$sql = "SELECT * FROM {$_TABLES['linkcategories']} WHERE cid='{$cid}'" . COM_getPermSQL('AND');
$result = DB_query($sql);
$A = DB_fetchArray($result);
} else {
// nothing, so making a new top-level category
// get default access rights
$A['group_id'] = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='Links Admin'");
SEC_setDefaultPermissions($A, $_LI_CONF['category_permissions']);
$A['owner_id'] = $_USER['uid'];
$A['pid'] = $_LI_CONF['root'];
}
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
if ($access < 3) {
return COM_showMessage(6, 'links');
}
$token = SEC_createToken();
$retval .= COM_startBlock($LANG_LINKS_ADMIN[56], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= SEC_getTokenExpiryNotice($token);
$T = new Template($_CONF['path'] . 'plugins/links/templates/admin');
$T->set_file(array('page' => 'categoryeditor.thtml'));
$T->set_var('xhtml', XHTML);
$T->set_var('site_url', $_CONF['site_url']);
$T->set_var('site_admin_url', $_CONF['site_admin_url']);
$T->set_var('layout_url', $_CONF['layout_url']);
$T->set_var('lang_pagetitle', $LANG_LINKS_ADMIN[28]);
$T->set_var('lang_link_list', $LANG_LINKS_ADMIN[53]);
$T->set_var('lang_new_link', $LANG_LINKS_ADMIN[51]);
$T->set_var('lang_validate_links', $LANG_LINKS_ADMIN[26]);
$T->set_var('lang_list_categories', $LANG_LINKS_ADMIN[50]);
$T->set_var('lang_new_category', $LANG_LINKS_ADMIN[52]);
$T->set_var('lang_admin_home', $LANG_ADMIN['admin_home']);
$T->set_var('instructions', $LANG_LINKS_ADMIN[29]);
$T->set_var('lang_category', $LANG_LINKS_ADMIN[30]);
$T->set_var('lang_cid', $LANG_LINKS_ADMIN[32]);
$T->set_var('lang_description', $LANG_LINKS_ADMIN[31]);
$T->set_var('lang_topic', $LANG_LINKS_ADMIN[33]);
$T->set_var('lang_parent', $LANG_LINKS_ADMIN[34]);
$T->set_var('lang_save', $LANG_ADMIN['save']);
if (!empty($cid)) {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$T->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$T->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
} else {
$T->set_var('delete_option', '');
}
$T->set_var('lang_cancel', $LANG_ADMIN['cancel']);
if (!empty($cid)) {
$T->set_var('cid_value', $A['cid']);
$T->set_var('old_cid_value', $A['cid']);
$T->set_var('category_options', links_select_box(3, $A['pid']));
$T->set_var('category_value', $A['category']);
$T->set_var('description_value', $A['description']);
} else {
$A['cid'] = COM_makeSid();
$T->set_var('cid_value', $A['cid']);
$T->set_var('old_cid_value', '');
$T->set_var('category_options', links_select_box(3, $A['pid']));
$T->set_var('category_value', '');
$T->set_var('description_value', '');
}
if (!isset($A['tid'])) {
$A['tid'] = 'all';
}
$topics = COM_topicList('tid,topic', $A['tid'], 1, true);
$T->set_var('topic_list', $topics);
$alltopics = '<option value="all"';
if ($A['tid'] == 'all') {
$alltopics .= ' selected="selected"';
}
$alltopics .= '>' . $LANG_LINKS_ADMIN[35] . '</option>' . LB;
$T->set_var('topic_selection', '<select name="tid">' . $alltopics . $topics . '</select>');
if (empty($cid)) {
$num_links = $LANG_ADMIN['na'];
} else {
$nresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['links']} WHERE cid='{$cid}'" . COM_getPermSQL('AND'));
$N = DB_fetchArray($nresult);
$num_links = COM_numberFormat($N['count']);
}
$T->set_var('lang_num_links', $LANG_LINKS_ADMIN[61]);
$T->set_var('num_links', $num_links);
// user access info
$T->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
$T->set_var('lang_owner', $LANG_ACCESS['owner']);
$T->set_var('owner_name', COM_getDisplayName($A['owner_id']));
$T->set_var('cat_ownerid', $A['owner_id']);
$T->set_var('lang_group', $LANG_ACCESS['group']);
$T->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
$T->set_var('lang_permissions', $LANG_ACCESS['permissions']);
$T->set_var('lang_permissionskey', $LANG_ACCESS['permissionskey']);
$T->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
$T->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
$T->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
$T->set_var('lang_lockmsg', $LANG_ACCESS['permmsg']);
$T->set_var('gltoken_name', CSRF_TOKEN);
$T->set_var('gltoken', $token);
$T->parse('output', 'page');
$retval .= $T->finish($T->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}