// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
use WT\Auth;
define('WT_SCRIPT_NAME', 'index_edit.php');
require './includes/session.php';
$controller = new WT_Controller_Ajax();
// Only one of $user_id and $gedcom_id should be set
$user_id = WT_Filter::get('user_id', WT_REGEX_INTEGER, WT_Filter::post('user_id', WT_REGEX_INTEGER));
if ($user_id) {
$gedcom_id = null;
} else {
$gedcom_id = WT_Filter::get('gedcom_id', WT_REGEX_INTEGER, WT_Filter::post('gedcom_id', WT_REGEX_INTEGER));
}
// Only an admin can edit the "default" page
// Only managers can edit the "home page"
// Only a user or an admin can edit a user’s "my page"
if ($gedcom_id < 0 && !Auth::isAdmin() || $gedcom_id > 0 && !Auth::isManager(WT_Tree::get($gedcom_id)) || $user_id && Auth::id() != $user_id && !Auth::isAdmin()) {
$controller->pageHeader();
$controller->addInlineJavascript('window.location.reload();');
exit;
}
$action = WT_Filter::get('action');
if (isset($_REQUEST['main'])) {
$main = $_REQUEST['main'];
} else {
$main = array();
}
if (isset($_REQUEST['right'])) {
$right = $_REQUEST['right'];
} else {
$right = array();
}
function set_gedcom_setting($gedcom_id, $setting_name, $setting_value)
{
WT_Tree::get($gedcom_id)->preference($setting_name, $setting_value);
}
private function generate_file($ged_id, $rec_type, $volume)
{
// Check the cache
$timestamp = get_module_setting($this->getName(), 'sitemap-' . $ged_id . '-' . $rec_type . '-' . $volume . '.timestamp');
if ($timestamp > WT_TIMESTAMP - self::CACHE_LIFE && !WT_USER_ID) {
$data = get_module_setting($this->getName(), 'sitemap-' . $ged_id . '-' . $rec_type . '-' . $volume . '.xml');
} else {
$tree = WT_Tree::get($ged_id);
$data = '<url><loc>' . WT_SERVER_NAME . WT_SCRIPT_PATH . 'index.php?ctype=gedcom&ged=' . $tree->tree_name_url . '</loc></url>' . PHP_EOL;
$records = array();
switch ($rec_type) {
case 'i':
$rows = WT_DB::prepare("SELECT i_id AS xref, i_file AS gedcom_id, i_gedcom AS gedcom" . " FROM `##individuals`" . " WHERE i_file=?" . " ORDER BY i_id" . " LIMIT " . self::RECORDS_PER_VOLUME . " OFFSET " . $volume * self::RECORDS_PER_VOLUME)->execute(array($ged_id))->fetchAll();
foreach ($rows as $row) {
$records[] = WT_Individual::getInstance($row->xref, $row->gedcom_id, $row->gedcom);
}
break;
case 's':
$rows = WT_DB::prepare("SELECT s_id AS xref, s_file AS gedcom_id, s_gedcom AS gedcom" . " FROM `##sources`" . " WHERE s_file=?" . " ORDER BY s_id" . " LIMIT " . self::RECORDS_PER_VOLUME . " OFFSET " . $volume * self::RECORDS_PER_VOLUME)->execute(array($ged_id))->fetchAll();
foreach ($rows as $row) {
$records[] = WT_Source::getInstance($row->xref, $row->gedcom_id, $row->gedcom);
}
break;
case 'r':
$rows = WT_DB::prepare("SELECT o_id AS xref, o_file AS gedcom_id, o_gedcom AS gedcom" . " FROM `##other`" . " WHERE o_file=? AND o_type='REPO'" . " ORDER BY o_id" . " LIMIT " . self::RECORDS_PER_VOLUME . " OFFSET " . $volume * self::RECORDS_PER_VOLUME)->execute(array($ged_id))->fetchAll();
foreach ($rows as $row) {
$records[] = WT_Repository::getInstance($row->xref, $row->gedcom_id, $row->gedcom);
}
break;
case 'n':
$rows = WT_DB::prepare("SELECT o_id AS xref, o_file AS gedcom_id, o_gedcom AS gedcom" . " FROM `##other`" . " WHERE o_file=? AND o_type='NOTE'" . " ORDER BY o_id" . " LIMIT " . self::RECORDS_PER_VOLUME . " OFFSET " . $volume * self::RECORDS_PER_VOLUME)->execute(array($ged_id))->fetchAll();
foreach ($rows as $row) {
$records[] = WT_Note::getInstance($row->xref, $row->gedcom_id, $row->gedcom);
}
break;
case 'm':
$rows = WT_DB::prepare("SELECT m_id AS xref, m_file AS gedcom_id, m_gedcom AS gedcom" . " FROM `##media`" . " WHERE m_file=?" . " ORDER BY m_id" . " LIMIT " . self::RECORDS_PER_VOLUME . " OFFSET " . $volume * self::RECORDS_PER_VOLUME)->execute(array($ged_id))->fetchAll();
foreach ($rows as $row) {
$records[] = WT_Media::getInstance($row->xref, $row->gedcom_id, $row->gedcom);
}
break;
}
foreach ($records as $record) {
if ($record->canShowName()) {
$data .= '<url>';
$data .= '<loc>' . WT_SERVER_NAME . WT_SCRIPT_PATH . $record->getHtmlUrl() . '</loc>';
$chan = $record->getFirstFact('CHAN');
if ($chan) {
$date = $chan->getDate();
if ($date->isOK()) {
$data .= '<lastmod>' . $date->minDate()->Format('%Y-%m-%d') . '</lastmod>';
}
}
$data .= '</url>' . PHP_EOL;
}
}
$data = '<' . '?xml version="1.0" encoding="UTF-8" ?' . '>' . PHP_EOL . '<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.sitemaps.org/schemas/sitemap/0.9 http://www.sitemaps.org/schemas/sitemap/0.9/sitemap.xsd">' . PHP_EOL . $data . '</urlset>' . PHP_EOL;
// Cache this data - but only for visitors, as we don’t want
// visitors to see data created by logged-in users.
if (!WT_USER_ID) {
set_module_setting($this->getName(), 'sitemap-' . $ged_id . '-' . $rec_type . '-' . $volume . '.xml', $data);
set_module_setting($this->getName(), 'sitemap-' . $ged_id . '-' . $rec_type . '-' . $volume . '.timestamp', WT_TIMESTAMP);
}
}
header('Content-Type: application/xml');
header('Content-Length: ' . strlen($data));
echo $data;
}
fail();
break;
}
ok();
break;
case 'user_gedcom_setting':
//////////////////////////////////////////////////////////////////////////////
// Table name: WT_USER_GEDCOM_SETTING
// ID format: user_gedcom_setting-{user_id}-{gedcom_id}-{setting_name}
//////////////////////////////////////////////////////////////////////////////
switch ($id3) {
case 'rootid':
case 'gedcomid':
case 'canedit':
case 'RELATIONSHIP_PATH_LENGTH':
$tree = WT_Tree::get($id2);
if (Auth::isManager($tree)) {
$tree->userPreference($id1, $id3, $value);
ok();
break;
}
}
fail();
break;
case 'user_setting':
//////////////////////////////////////////////////////////////////////////////
// Table name: WT_USER_SETTING
// ID format: user_setting-{user_id}-{setting_name}
//////////////////////////////////////////////////////////////////////////////
$user = User::find($id1);
// Authorisation
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
use WT\Auth;
define('WT_SCRIPT_NAME', 'block_edit.php');
require './includes/session.php';
$block_id = WT_Filter::getInteger('block_id');
$block = WT_DB::prepare("SELECT SQL_CACHE * FROM `##block` WHERE block_id=?")->execute(array($block_id))->fetchOneRow();
// Check access. (1) the block must exist, (2) gedcom blocks require
// managers, (3) user blocks require the user or an admin
if (!$block || $block->gedcom_id && !Auth::isManager(WT_Tree::get($block->gedcom_id)) || $block->user_id && $block->user_id != Auth::id() && !Auth::isAdmin()) {
exit;
}
$class_name = $block->module_name . '_WT_Module';
$block = new $class_name();
$controller = new WT_Controller_Ajax();
$controller->pageHeader();
if (array_key_exists('ckeditor', WT_Module::getActiveModules())) {
ckeditor_WT_Module::enableEditor($controller);
}
?>
<form name="block" method="post" action="block_edit.php?block_id=<?php
echo $block_id;
?>
" onsubmit="return modalDialogSubmitAjax(this);" >
<input type="hidden" name="save" value="1">