function discuss_list($message = '') { global $comment_list_pageby; pagetop(gTxt('list_discussions'), $message); echo graf('<a href="index.php?event=discuss' . a . 'step=ipban_list">' . gTxt('list_banned_ips') . '</a>', ' style="text-align: center;"'); extract(gpsa(array('sort', 'dir', 'page', 'crit', 'search_method'))); $dir = $dir == 'asc' ? 'asc' : 'desc'; switch ($sort) { case 'id': $sort_sql = 'discussid ' . $dir; break; case 'ip': $sort_sql = 'ip ' . $dir; break; case 'name': $sort_sql = 'name ' . $dir; break; case 'email': $sort_sql = 'email ' . $dir; break; case 'website': $sort_sql = 'web ' . $dir; break; case 'message': $sort_sql = 'message ' . $dir; break; case 'status': $sort_sql = 'visible ' . $dir; break; case 'parent': $sort_sql = 'parentid ' . $dir; break; default: $sort = 'date'; $sort_sql = 'txp_discuss.posted ' . $dir; break; } if ($sort != 'date') { $sort_sql .= ', txp_discuss.posted asc'; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "discussid = '{$crit_escaped}'", 'parent' => "parentid = '{$crit_escaped}'" . (intval($crit_escaped) ? '' : " OR title like '%{$crit_escaped}%'"), 'name' => "name like '%{$crit_escaped}%'", 'message' => "message like '%{$crit_escaped}%'", 'email' => "email like '%{$crit_escaped}%'", 'website' => "web like '%{$crit_escaped}%'", 'ip' => "ip like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $counts = getRows('SELECT visible, COUNT(*) AS c' . ' FROM ' . safe_pfx_j('txp_discuss') . ' LEFT JOIN ' . safe_pfx_j('textpattern') . ' ON txp_discuss.parentid = textpattern.ID' . ' WHERE ' . $criteria . ' GROUP BY visible'); $count[SPAM] = $count[MODERATE] = $count[VISIBLE] = 0; if ($counts) { foreach ($counts as $c) { $count[$c['visible']] = $c['c']; } } // grand total comment count $total = $count[SPAM] + $count[MODERATE] + $count[VISIBLE]; if ($total < 1) { if ($criteria != 1) { echo n . discuss_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"'); } else { echo graf(gTxt('no_comments_recorded'), ' class="indicator"'); } return; } // paging through displayed comments $total = (cs('toggle_show_spam') ? $count[SPAM] : 0) + $count[MODERATE] + $count[VISIBLE]; $limit = max($comment_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo discuss_search_form($crit, $search_method); $spamq = cs('toggle_show_spam') ? '1=1' : 'visible != ' . intval(SPAM); $rs = safe_query('SELECT txp_discuss.*, unix_timestamp(txp_discuss.posted) as uPosted, ID as thisid, Section as section, url_title, Title as title, Status, unix_timestamp(textpattern.Posted) as posted' . ' FROM ' . safe_pfx_j('txp_discuss') . ' LEFT JOIN ' . safe_pfx_j('textpattern') . ' ON txp_discuss.parentid = textpattern.ID' . ' WHERE ' . $spamq . ' AND ' . $criteria . ' ORDER BY ' . $sort_sql . ' LIMIT ' . $offset . ', ' . $limit); if ($rs) { echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '90%') . n . n . tr(column_head('ID', 'id', 'discuss', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . column_head('date', 'date', 'discuss', true, $switch_dir, $crit, $search_method, 'date' == $sort ? $dir : '') . column_head('name', 'name', 'discuss', true, $switch_dir, $crit, $search_method, 'name' == $sort ? $dir : '') . column_head('message', 'message', 'discuss', true, $switch_dir, $crit, $search_method, 'message' == $sort ? $dir : '') . column_head('email', 'email', 'discuss', true, $switch_dir, $crit, $search_method, ('email' == $sort ? "{$dir} " : '') . 'discuss_detail') . column_head('website', 'website', 'discuss', true, $switch_dir, $crit, $search_method, ('website' == $sort ? "{$dir} " : '') . 'discuss_detail') . column_head('IP', 'ip', 'discuss', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'discuss_detail') . column_head('status', 'status', 'discuss', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'discuss_detail') . column_head('parent', 'parent', 'discuss', true, $switch_dir, $crit, $search_method, 'parent' == $sort ? $dir : '') . hCell()); include_once txpath . '/publish/taghandlers.php'; while ($a = nextRow($rs)) { extract($a); $parentid = assert_int($parentid); $edit_url = '?event=discuss' . a . 'step=discuss_edit' . a . 'discussid=' . $discussid . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; $dmessage = $visible == SPAM ? short_preview($message) : $message; switch ($visible) { case VISIBLE: $comment_status = gTxt('visible'); $row_class = 'visible'; break; case SPAM: $comment_status = gTxt('spam'); $row_class = 'spam'; break; case MODERATE: $comment_status = gTxt('unmoderated'); $row_class = 'moderate'; break; default: break; } if (empty($thisid)) { $parent = gTxt('article_deleted') . ' (' . $parentid . ')'; $view = ''; } else { $parent_title = empty($title) ? '<em>' . gTxt('untitled') . '</em>' : escape_title($title); $parent = href($parent_title, '?event=article' . a . 'step=edit' . a . 'ID=' . $parentid); $view = ''; if ($visible == VISIBLE and in_array($Status, array(4, 5))) { $view = n . t . '<li><a href="' . permlinkurl($a) . '#c' . $discussid . '">' . gTxt('view') . '</a></li>'; } } echo n . n . tr(n . td('<a href="' . $edit_url . '">' . $discussid . '</a>' . n . '<ul class="discuss_detail">' . n . t . '<li><a href="' . $edit_url . '">' . gTxt('edit') . '</a></li>' . $view . n . '</ul>', 50) . td(gTime($uPosted)) . td(htmlspecialchars(soft_wrap($name, 15))) . td(short_preview($dmessage)) . td(htmlspecialchars(soft_wrap($email, 15)), '', 'discuss_detail') . td(htmlspecialchars(soft_wrap($web, 15)), '', 'discuss_detail') . td($ip, '', 'discuss_detail') . td($comment_status, '', 'discuss_detail') . td($parent) . td(fInput('checkbox', 'selected[]', $discussid)), ' class="' . $row_class . '"'); } if (empty($message)) { echo tr(tda(gTxt('just_spam_results_found'), ' colspan="9" style="text-align: left; border: none;"')); } echo tr(tda(toggle_box('discuss_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . discuss_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="9" style="text-align: right; border: none;"')) . endTable() . '</form>' . n . cookie_box('show_spam') . nav_form('discuss', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('discuss', $comment_list_pageby); } }
function pagetop($pagetitle, $message = "") { global $css_mode, $siteurl, $sitename, $txp_user, $event; $area = gps('area'); $event = !$event ? 'article' : $event; $bm = gps('bm'); $privs = safe_field("privs", "txp_users", "name = '" . doSlash($txp_user) . "'"); $GLOBALS['privs'] = $privs; $areas = areas(); $area = false; foreach ($areas as $k => $v) { if (in_array($event, $v)) { $area = $k; break; } } if (gps('logout')) { $body_id = 'page-logout'; } elseif (!$txp_user) { $body_id = 'page-login'; } else { $body_id = 'page-' . $event; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo LANG; ?> " lang="<?php echo LANG; ?> " dir="<?php echo gTxt('lang_dir'); ?> "> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta name="robots" content="noindex, nofollow" /> <title>Txp › <?php echo htmlspecialchars($sitename); ?> › <?php echo escape_title($pagetitle); ?> </title> <link href="textpattern.css" rel="stylesheet" type="text/css" /> <script type="text/javascript" src="textpattern.js"></script> <script type="text/javascript"> <!-- var cookieEnabled = checkCookies(); if (!cookieEnabled) { confirm('<?php echo trim(gTxt('cookies_must_be_enabled')); ?> '); } <?php $edit = array(); if ($event == 'list') { $rs = safe_column('name', 'txp_section', "name != 'default'"); $edit['section'] = $rs ? selectInput('Section', $rs, '', true) : ''; $rs = getTree('root', 'article'); $edit['category1'] = $rs ? treeSelectInput('Category1', $rs, '') : ''; $edit['category2'] = $rs ? treeSelectInput('Category2', $rs, '') : ''; $edit['comments'] = onoffRadio('Annotate', safe_field('val', 'txp_prefs', "name = 'comments_on_default'")); $edit['status'] = selectInput('Status', array(1 => gTxt('draft'), 2 => gTxt('hidden'), 3 => gTxt('pending'), 4 => gTxt('live'), 5 => gTxt('sticky')), '', true); $rs = safe_column('name', 'txp_users', "privs not in(0,6)"); $edit['author'] = $rs ? selectInput('AuthorID', $rs, '', true) : ''; } if (in_array($event, array('image', 'file', 'link'))) { $rs = getTree('root', $event); $edit['category'] = $rs ? treeSelectInput('category', $rs, '') : ''; } if ($event == 'plugin') { $edit['order'] = selectInput('order', array(1 => 1, 2 => 2, 3 => 3, 4 => 4, 5 => 5, 6 => 6, 7 => 7, 8 => 8, 9 => 9), 5, false); } if ($event == 'admin') { $edit['privilege'] = privs(); } // output JavaScript ?> function poweredit(elm) { var something = elm.options[elm.selectedIndex].value; // Add another chunk of HTML var pjs = document.getElementById('js'); if (pjs == null) { var br = document.createElement('br'); elm.parentNode.appendChild(br); pjs = document.createElement('P'); pjs.setAttribute('id','js'); elm.parentNode.appendChild(pjs); } if (pjs.style.display == 'none' || pjs.style.display == '') { pjs.style.display = 'block'; } if (something != '') { switch (something) { <?php foreach ($edit as $key => $val) { echo "case 'change" . $key . "':" . n . t . "pjs.innerHTML = '<span>" . str_replace(array("\n", '-'), array('', '-'), addslashes($val)) . "</span>';" . n . t . 'break;' . n . n; } ?> default: pjs.style.display = 'none'; break; } } return false; } addEvent(window, 'load', cleanSelects); --> </script> <script type="text/javascript" src="jquery.js"></script> <?php callback_event('admin_side', 'head_end'); ?> </head> <body id="<?php echo $body_id; ?> "> <?php callback_event('admin_side', 'pagetop'); ?> <table id="pagetop" cellpadding="0" cellspacing="0"> <tr id="branding"><td><h1 id="textpattern">Textpattern</h1></td><td id="navpop"><?php echo navPop(1); ?> </td></tr> <tr id="nav-primary"><td align="center" class="tabs" colspan="2"> <?php if (!$bm) { echo '<table cellpadding="0" cellspacing="0" align="center"><tr> <td valign="middle" style="width:368px"> ' . $message . '</td>', has_privs('tab.content') ? areatab(gTxt('tab_content'), 'content', 'article', $area) : '', has_privs('tab.presentation') ? areatab(gTxt('tab_presentation'), 'presentation', 'page', $area) : '', has_privs('tab.admin') ? areatab(gTxt('tab_admin'), 'admin', 'admin', $area) : '', (has_privs('tab.extensions') and !empty($areas['extensions'])) ? areatab(gTxt('tab_extensions'), 'extensions', array_shift($areas['extensions']), $area) : '', '<td class="tabdown"><a href="' . hu . '" class="plain" target="_blank">' . gTxt('tab_view_site') . '</a></td>', '</tr></table>'; $secondary = tabsort($area, $event); if ($secondary) { echo '</td></tr><tr id="nav-secondary"><td align="center" class="tabs" colspan="2"> <table cellpadding="0" cellspacing="0" align="center"><tr>', $secondary, '</tr></table>'; } } echo '</td></tr></table>'; callback_event('admin_side', 'pagetop_end'); }
function discuss_list($message = '') { pagetop(gTxt('list_discussions'), $message); echo graf('<a href="index.php?event=discuss' . a . 'step=ipban_list">' . gTxt('list_banned_ips') . '</a>', ' style="text-align: center;"'); extract(get_prefs()); extract(gpsa(array('sort', 'dir', 'page', 'crit', 'search_method'))); $dir = $dir == 'asc' ? 'asc' : 'desc'; switch ($sort) { case 'id': $sort_sql = 'discussid ' . $dir; break; case 'ip': $sort_sql = 'ip ' . $dir . ', posted asc'; break; case 'name': $sort_sql = 'name ' . $dir . ', posted asc'; break; case 'email': $sort_sql = 'email ' . $dir . ', posted asc'; break; case 'website': $sort_sql = 'web ' . $dir . ', posted asc'; break; case 'message': $sort_sql = 'message ' . $dir . ', posted asc'; break; case 'status': $sort_sql = "visible {$dir}, posted asc"; break; case 'parent': $sort_sql = 'parentid ' . $dir . ', posted asc'; break; default: $sort = 'date'; $sort_sql = 'posted ' . $dir; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "discussid = '{$crit_escaped}'", 'parent' => "parentid = '{$crit_escaped}'", 'name' => "name like '%{$crit_escaped}%'", 'message' => "message like '%{$crit_escaped}%'", 'email' => "email like '%{$crit_escaped}%'", 'website' => "web like '%{$crit_escaped}%'", 'ip' => "ip like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('txp_discuss', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . discuss_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"'); } else { echo graf(gTxt('no_comments_recorded'), ' style="text-align: center;"'); } return; } $limit = max(@$comment_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo discuss_search_form($crit, $search_method); $spamq = cs('toggle_show_spam') ? '1=1' : 'visible != ' . intval(SPAM); $rs = safe_rows_start('*, unix_timestamp(posted) as uPosted', 'txp_discuss', "{$spamq} and {$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '90%') . n . n . tr(column_head('ID', 'id', 'discuss', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . column_head('date', 'date', 'discuss', true, $switch_dir, $crit, $search_method, 'date' == $sort ? $dir : '') . column_head('name', 'name', 'discuss', true, $switch_dir, $crit, $search_method, 'name' == $sort ? $dir : '') . column_head('message', 'message', 'discuss', true, $switch_dir, $crit, $search_method, 'message' == $sort ? $dir : '') . column_head('email', 'email', 'discuss', true, $switch_dir, $crit, $search_method, ('email' == $sort ? "{$dir} " : '') . 'discuss_detail') . column_head('website', 'website', 'discuss', true, $switch_dir, $crit, $search_method, ('website' == $sort ? "{$dir} " : '') . 'discuss_detail') . column_head('IP', 'ip', 'discuss', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'discuss_detail') . column_head('status', 'status', 'discuss', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'discuss_detail') . column_head('parent', 'parent', 'discuss', true, $switch_dir, $crit, $search_method, 'parent' == $sort ? $dir : '') . hCell()); include_once txpath . '/publish/taghandlers.php'; while ($a = nextRow($rs)) { extract($a); $parentid = assert_int($parentid); $tq = safe_row('*, ID as thisid, unix_timestamp(Posted) as posted', 'textpattern', "ID = {$parentid}"); $edit_url = '?event=discuss' . a . 'step=discuss_edit' . a . 'discussid=' . $discussid . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; $dmessage = $visible == SPAM ? short_preview($message) : $message; switch ($visible) { case VISIBLE: $comment_status = gTxt('visible'); $row_class = 'visible'; break; case SPAM: $comment_status = gTxt('spam'); $row_class = 'spam'; break; case MODERATE: $comment_status = gTxt('unmoderated'); $row_class = 'moderate'; break; default: break; } if (empty($tq)) { $parent = gTxt('article_deleted') . ' (' . $parentid . ')'; $view = ''; } else { $parent_title = empty($tq['Title']) ? '<em>' . gTxt('untitled') . '</em>' : escape_title($tq['Title']); $parent = href($parent_title, '?event=list' . a . 'step=list' . a . 'search_method=id' . a . 'crit=' . $tq['ID']); $view = ''; if ($visible == VISIBLE and in_array($tq['Status'], array(4, 5))) { $view = n . t . '<li><a href="' . permlinkurl($tq) . '#c' . $discussid . '">' . gTxt('view') . '</a></li>'; } } echo n . n . tr(n . td('<a href="' . $edit_url . '">' . $discussid . '</a>' . n . '<ul class="discuss_detail">' . n . t . '<li><a href="' . $edit_url . '">' . gTxt('edit') . '</a></li>' . $view . n . '</ul>', 50) . td(gTime($uPosted)) . td(htmlspecialchars(soft_wrap($name, 15))) . td(short_preview($dmessage)) . td(htmlspecialchars(soft_wrap($email, 15)), '', 'discuss_detail') . td(htmlspecialchars(soft_wrap($web, 15)), '', 'discuss_detail') . td($ip, '', 'discuss_detail') . td($comment_status, '', 'discuss_detail') . td($parent) . td(fInput('checkbox', 'selected[]', $discussid)), ' class="' . $row_class . '"'); } echo tr(tda(toggle_box('discuss_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . discuss_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="9" style="text-align: right; border: none;"')) . endTable() . '</form>' . n . tag(cookie_box('show_spam'), 'div', ' style="margin:auto;padding:0 0 0 10px; width:90%"') . nav_form('discuss', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('discuss', $comment_list_pageby); } }
function atom() { global $thisarticle; extract($GLOBALS['prefs']); define("t_texthtml", ' type="text/html"'); define("t_text", ' type="text"'); define("t_html", ' type="html"'); define("t_xhtml", ' type="xhtml"'); define('t_appxhtml', ' type="xhtml"'); define("r_relalt", ' rel="alternate"'); define("r_relself", ' rel="self"'); $area = doSlash(gps('area')); extract(doSlash(gpsa(array('category', 'section', 'limit')))); $last = fetch('unix_timestamp(val)', 'txp_prefs', 'name', 'lastmod'); $sitename .= $section ? ' - ' . $section : ''; $sitename .= $category ? ' - ' . $category : ''; $pub = safe_row("RealName, email", "txp_users", "privs=1"); $out[] = tag($sitename, 'title', t_text); $out[] = tag($site_slogan, 'subtitle', t_text); $out[] = '<link' . r_relself . ' href="' . pagelinkurl(array('atom' => 1)) . '" />'; $out[] = '<link' . r_relalt . t_texthtml . ' href="' . hu . '" />'; $articles = array(); //Atom feeds with mail or domain name $dn = explode('/', $siteurl); $mail_or_domain = $use_mail_on_feeds_id ? eE($blog_mail_uid) : $dn[0]; $out[] = tag('tag:' . $mail_or_domain . ',' . $blog_time_uid . ':' . $blog_uid . ($section ? '/' . $section : '') . ($category ? '/' . $category : ''), 'id'); $out[] = tag('Textpattern', 'generator', ' uri="http://textpattern.com/" version="' . $version . '"'); $out[] = tag(gmdate("Y-m-d\\TH:i:s\\Z", $last), 'updated'); $auth[] = tag($pub['RealName'], 'name'); $auth[] = $include_email_atom ? tag(eE($pub['email']), 'email') : ''; $auth[] = tag(hu, 'uri'); $out[] = tag(n . t . t . join(n . t . t, $auth) . n, 'author'); if (!$area or $area == 'article') { $sfilter = $section ? "and Section = '" . $section . "'" : ''; $cfilter = $category ? "and (Category1='" . $category . "' or Category2='" . $category . "')" : ''; $limit = $limit ? $limit : $rss_how_many; $limit = min($limit, max(100, $rss_how_many)); $frs = safe_column("name", "txp_section", "in_rss != '1'"); $query = array(); foreach ($frs as $f) { $query[] = "and Section != '" . doSlash($f) . "'"; } $query[] = $sfilter; $query[] = $cfilter; $rs = safe_rows_start("*, \n\t\t\t\tID as thisid, \n\t\t\t\tunix_timestamp(Posted) as uPosted,\n\t\t\t\tunix_timestamp(LastMod) as uLastMod", "textpattern", "Status=4 and Posted <= now() " . join(' ', $query) . "order by Posted desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); populateArticleData($a); $e = array(); $a['posted'] = $uPosted; if ($show_comment_count_in_feed) { $count = $comments_count > 0 ? ' [' . $comments_count . ']' : ''; } else { $count = ''; } $thisauthor = get_author_name($AuthorID); $e['thisauthor'] = tag(n . t . t . t . tag(htmlspecialchars($thisauthor), 'name') . n . t . t, 'author'); $e['issued'] = tag(gmdate('Y-m-d\\TH:i:s\\Z', $uPosted), 'published'); $e['modified'] = tag(gmdate('Y-m-d\\TH:i:s\\Z', $uLastMod), 'updated'); $escaped_title = escape_title($Title); $escaped_title = preg_replace("/&(?![#a-z0-9]+;)/i", '&', $escaped_title); $escaped_title = str_replace('<', '<', $escaped_title); $escaped_title = str_replace('>', '>', $escaped_title); $e['title'] = tag($escaped_title . $count, 'title'); $uTitle = $url_title ? $url_title : stripSpace($Title); $uTitle = htmlspecialchars($uTitle, ENT_NOQUOTES); $permlink = permlinkurl($a); $e['link'] = '<link' . r_relalt . t_texthtml . ' href="' . $permlink . '" />'; $e['id'] = tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $blog_uid . '/' . $uid, 'id'); $e['category1'] = trim($Category1) ? '<category term="' . htmlspecialchars($Category1) . '" />' : ''; $e['category2'] = trim($Category2) ? '<category term="' . htmlspecialchars($Category2) . '" />' : ''; $Excerpt = fixup_for_feed($thisarticle['excerpt'], permlinkurl($a)); if ($syndicate_body_or_excerpt == 0) { $Body = fixup_for_feed($thisarticle['body'], permlinkurl($a)); } else { $Body = ''; // If there's no excerpt, use body as content instead of body as summary if (!trim($Excerpt)) { $Body = fixup_for_feed($thisarticle['body'], permlinkurl($a)); } } if (trim($Body)) { $e['content'] = tag(n . $Body . n, 'content', t_html); } if (trim($Excerpt)) { $e['summary'] = tag(n . $Excerpt . n, 'summary', t_html); } $articles[$ID] = tag(n . t . t . join(n . t . t, $e) . n, 'entry'); $etags[$ID] = strtoupper(dechex(crc32($articles[$ID]))); $dates[$ID] = $uLastMod; } } } elseif ($area == 'link') { $cfilter = $category ? "category='" . $category . "'" : '1'; $limit = $limit ? $limit : $rss_how_many; $limit = min($limit, max(100, $rss_how_many)); $rs = safe_rows_start("*", "txp_link", "{$cfilter} order by date desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); $e['title'] = tag(doSpecial($linkname), 'title'); $content = utf8_encode(htmlspecialchars($description)); $e['content'] = tag(n . $description . n, 'content', t_texthtml); $url = preg_replace("/^\\/(.*)/", "http://{$siteurl}/\$1", $url); $url = preg_replace("/&((?U).*)=/", "&\\1=", $url); $e['link'] = '<link' . r_relalt . t_texthtml . ' href="' . $url . '" />'; $e['issued'] = tag(gmdate('Y-m-d\\TH:i:s\\Z', strtotime($date)), 'published'); $e['modified'] = tag(gmdate('Y-m-d\\TH:i:s\\Z', strtotime($date)), 'updated'); $e['id'] = tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $id, 'id'); $articles[$id] = tag(n . t . t . join(n . t . t, $e) . n, 'entry'); $etags[$id] = strtoupper(dechex(crc32($articles[$id]))); $dates[$id] = $date; } } } if (!empty($articles)) { //turn on compression if we aren't using it already if (extension_loaded('zlib') && ini_get("zlib.output_compression") == 0 && ini_get('output_handler') != 'ob_gzhandler' && !headers_sent()) { @ob_start("ob_gzhandler"); } $expires = gmdate('D, d M Y H:i:s \\G\\M\\T', time() + 3600 * 1); header("Expires: {$expires}"); $hims = serverset('HTTP_IF_MODIFIED_SINCE'); $imsd = $hims ? strtotime($hims) : 0; if ($imsd >= $last) { txp_status_header("304 Not Modified"); exit; } header("Last-Modified: " . gmdate('D, d M Y H:i:s \\G\\M\\T', $last)); if (is_callable('apache_request_headers')) { $headers = apache_request_headers(); if (isset($headers["A-IM"])) { $canaim = strpos($headers["A-IM"], "feed"); } else { $canaim = false; } } else { $canaim = false; } $hinm = stripslashes(serverset('HTTP_IF_NONE_MATCH')); $cutarticles = false; if ($canaim !== false) { foreach ($articles as $id => $thing) { if (strpos($hinm, $etags[$id])) { unset($articles[$id]); $cutarticles = true; $cut_etag = true; } if ($dates[$id] < $imsd) { unset($articles[$id]); $cutarticles = true; $cut_time = true; } } } if (isset($cut_etag) && isset($cut_time)) { header("Vary: If-None-Match, If-Modified-Since"); } else { if (isset($cut_etag)) { header("Vary: If-None-Match"); } else { if (isset($cut_time)) { header("Vary: If-Modified-Since"); } } } $etag = @join("-", $etags); if (strstr($hinm, $etag)) { header("HTTP/1.1 304 Not Modified"); exit; } if ($etag) { header('ETag: "' . $etag . '"'); } if ($cutarticles) { //header("HTTP/1.1 226 IM Used"); //This should be used as opposed to 200, but Apache doesn't like it. //http://intertwingly.net/blog/2004/09/11/Vary-ETag/ says that the status code should be 200. header("Cache-Control: no-store, im"); header("IM: feed"); } $out = array_merge($out, $articles); header('Content-type: application/atom+xml; charset=utf-8'); return chr(60) . '?xml version="1.0" encoding="UTF-8"?' . chr(62) . n . '<feed xml:lang="' . $language . '" xmlns="http://www.w3.org/2005/Atom">' . join(n, $out) . '</feed>'; } }
function rss() { global $prefs, $thisarticle; set_error_handler('feedErrorHandler'); ob_clean(); extract($prefs); extract(doSlash(gpsa(array('limit', 'area')))); // build filter criteria from a comma-separated list of sections and categories $feed_filter_limit = get_pref('feed_filter_limit', 10); $section = gps('section'); $category = gps('category'); if (!is_scalar($section) || !is_scalar($category)) { txp_die('Not Found', 404); } $section = $section ? array_slice(array_unique(do_list($section)), 0, $feed_filter_limit) : array(); $category = $category ? array_slice(array_unique(do_list($category)), 0, $feed_filter_limit) : array(); $st = array(); foreach ($section as $s) { $st[] = fetch_section_title($s); } $ct = array(); foreach ($category as $c) { $ct[] = fetch_category_title($c); } $sitename .= $section ? ' - ' . join(' - ', $st) : ''; $sitename .= $category ? ' - ' . join(' - ', $ct) : ''; $dn = explode('/', $siteurl); $mail_or_domain = $use_mail_on_feeds_id ? eE($blog_mail_uid) : $dn[0]; // feed header $out[] = tag('http://textpattern.com/?v=' . $version, 'generator'); $out[] = tag(doSpecial($sitename), 'title'); $out[] = tag(hu, 'link'); $out[] = '<atom:link href="' . pagelinkurl(array('rss' => 1, 'area' => $area, 'section' => $section, 'category' => $category, 'limit' => $limit)) . '" rel="self" type="application/rss+xml" />'; $out[] = tag(doSpecial($site_slogan), 'description'); $last = fetch('unix_timestamp(val)', 'txp_prefs', 'name', 'lastmod'); $out[] = tag(safe_strftime('rfc822', $last), 'pubDate'); $out[] = callback_event('rss_head'); // feed items $articles = array(); $section = doSlash($section); $category = doSlash($category); if (!$area or $area == 'article') { $sfilter = !empty($section) ? "and Section in ('" . join("','", $section) . "')" : ''; $cfilter = !empty($category) ? "and (Category1 in ('" . join("','", $category) . "') or Category2 in ('" . join("','", $category) . "'))" : ''; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $frs = safe_column("name", "txp_section", "in_rss != '1'"); if ($frs) { foreach ($frs as $f) { $query[] = "and Section != '" . doSlash($f) . "'"; } } $query[] = $sfilter; $query[] = $cfilter; $expired = $publish_expired_articles ? '' : ' and (now() <= Expires or Expires = ' . NULLDATETIME . ') '; $rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted, unix_timestamp(LastMod) as uLastMod, unix_timestamp(Expires) as uExpires, ID as thisid", "textpattern", "Status = 4 " . join(' ', $query) . "and Posted < now()" . $expired . "order by Posted desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); populateArticleData($a); $cb = callback_event('rss_entry'); $a['posted'] = $uPosted; $permlink = permlinkurl($a); $summary = trim(replace_relative_urls(parse($thisarticle['excerpt']), $permlink)); $content = trim(replace_relative_urls(parse($thisarticle['body']), $permlink)); if ($syndicate_body_or_excerpt) { # short feed: use body as summary if there's no excerpt if (!trim($summary)) { $summary = $content; } $content = ''; } if ($show_comment_count_in_feed) { $count = $comments_count > 0 ? ' [' . $comments_count . ']' : ''; } else { $count = ''; } $Title = escape_title(strip_tags($Title)) . $count; $thisauthor = get_author_name($AuthorID); $item = tag($Title, 'title') . n . (trim($summary) ? tag(n . escape_cdata($summary) . n, 'description') . n : '') . (trim($content) ? tag(n . escape_cdata($content) . n, 'content:encoded') . n : '') . tag($permlink, 'link') . n . tag(safe_strftime('rfc822', $a['posted']), 'pubDate') . n . tag(htmlspecialchars($thisauthor), 'dc:creator') . n . tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $blog_uid . '/' . $uid, 'guid', ' isPermaLink="false"') . n . $cb; $articles[$ID] = tag($item, 'item'); $etags[$ID] = strtoupper(dechex(crc32($articles[$ID]))); $dates[$ID] = $uPosted; } } } elseif ($area == 'link') { $cfilter = $category ? "category in ('" . join("','", $category) . "')" : '1'; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $rs = safe_rows_start("*, unix_timestamp(date) as uDate", "txp_link", "{$cfilter} order by date desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); $item = tag(doSpecial($linkname), 'title') . n . tag(doSpecial($description), 'description') . n . tag(doSpecial($url), 'link') . n . tag(safe_strftime('rfc822', $uDate), 'pubDate'); $articles[$id] = tag($item, 'item'); $etags[$id] = strtoupper(dechex(crc32($articles[$id]))); $dates[$id] = $date; } } } if (!$articles) { if ($section) { if (safe_field('name', 'txp_section', "name in ('" . join("','", $section) . "')") == false) { txp_die(gTxt('404_not_found'), '404'); } } elseif ($category) { switch ($area) { case 'link': if (safe_field('id', 'txp_category', "name = '{$category}' and type = 'link'") == false) { txp_die(gTxt('404_not_found'), '404'); } break; case 'article': default: if (safe_field('id', 'txp_category', "name in ('" . join("','", $category) . "') and type = 'article'") == false) { txp_die(gTxt('404_not_found'), '404'); } break; } } } else { //turn on compression if we aren't using it already if (extension_loaded('zlib') && ini_get("zlib.output_compression") == 0 && ini_get('output_handler') != 'ob_gzhandler' && !headers_sent()) { // make sure notices/warnings/errors don't fudge up the feed // when compression is used $buf = ''; while ($b = @ob_get_clean()) { $buf .= $b; } @ob_start('ob_gzhandler'); echo $buf; } handle_lastmod(); $hims = serverset('HTTP_IF_MODIFIED_SINCE'); $imsd = $hims ? strtotime($hims) : 0; if (is_callable('apache_request_headers')) { $headers = apache_request_headers(); if (isset($headers["A-IM"])) { $canaim = strpos($headers["A-IM"], "feed"); } else { $canaim = false; } } else { $canaim = false; } $hinm = stripslashes(serverset('HTTP_IF_NONE_MATCH')); $cutarticles = false; if ($canaim !== false) { foreach ($articles as $id => $thing) { if (strpos($hinm, $etags[$id]) !== false) { unset($articles[$id]); $cutarticles = true; $cut_etag = true; } if ($dates[$id] < $imsd) { unset($articles[$id]); $cutarticles = true; $cut_time = true; } } } if (isset($cut_etag) && isset($cut_time)) { header("Vary: If-None-Match, If-Modified-Since"); } else { if (isset($cut_etag)) { header("Vary: If-None-Match"); } else { if (isset($cut_time)) { header("Vary: If-Modified-Since"); } } } $etag = @join("-", $etags); if (strstr($hinm, $etag)) { txp_status_header('304 Not Modified'); exit(0); } if ($cutarticles) { //header("HTTP/1.1 226 IM Used"); //This should be used as opposed to 200, but Apache doesn't like it. //http://intertwingly.net/blog/2004/09/11/Vary-ETag/ says that the status code should be 200. header("Cache-Control: no-store, im"); header("IM: feed"); } } $out = array_merge($out, $articles); header("Content-Type: application/rss+xml; charset=utf-8"); if (isset($etag)) { header('ETag: "' . $etag . '"'); } return '<?xml version="1.0" encoding="utf-8"?>' . n . '<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:atom="http://www.w3.org/2005/Atom">' . n . tag(join(n, $out), 'channel') . n . '</rss>'; }
/** * Renders a link with two additional URL parameters. * * Renders a link invoking an admin-side action * while taking up to two additional URL parameters. * * @param string $event Event * @param string $step Step * @param string $thing URL parameter key #1 * @param string $value URL parameter value #1 * @param string $linktext Link text * @param string $thing2 URL parameter key #2 * @param string $val2 URL parameter value #2 * @param string $title Anchor title * @return string HTML */ function eLink($event, $step, $thing, $value, $linktext, $thing2 = '', $val2 = '', $title = 'edit') { if ($title) { $title = gTxt($title); } if ($linktext === '') { $linktext = null; } else { $linktext = escape_title($linktext); } return href($linktext, array('event' => $event, 'step' => $step, $thing => $value, $thing2 => $val2, '_txp_token' => form_token()), array('title' => $title)); }
/** * Renders <ol> list of recent articles. * * The rendered widget can be customised via the 'article_ui > recent_articles' * pluggable UI callback event. * * @param array $rs Article data * @return string HTML */ function article_partial_recent_articles($rs) { $recents = safe_rows_start("Title, ID", 'textpattern', "1 = 1 ORDER BY LastMod DESC LIMIT " . (int) WRITE_RECENT_ARTICLES_COUNT); $ra = ''; if ($recents && numRows($recents)) { $ra = '<ol class="recent">'; while ($recent = nextRow($recents)) { if ($recent['Title'] === '') { $recent['Title'] = gTxt('untitled') . sp . $recent['ID']; } $ra .= n . '<li class="recent-article">' . href(escape_title($recent['Title']), '?event=article' . a . 'step=edit' . a . 'ID=' . $recent['ID']) . '</li>'; } $ra .= '</ol>'; } return pluggable_ui('article_ui', 'recent_articles', $ra, $rs); }
function article_edit_form($step, $view, $from_view, $article) { global $txpcfg, $txp_user, $article_vars; extract(get_prefs()); extract($article); if ($step != 'create') { // Previous record? $prev_id = checkIfNeighbour('prev', $sPosted); // Next record? $next_id = checkIfNeighbour('next', $sPosted); } echo n . n . '<form name="article" method="post" action="index.php" enctype="multipart/form-data">'; if ($view != 'text') { echo hInput('store', base64_encode(serialize($article))); } echo hInput('ID', $ID) . eInput('article') . sInput($step) . '<input type="hidden" name="view" />' . startTable('edit') . '<tr>' . n . '<td id="article-col-1">'; if ($view == 'text') { //-- markup help -------------- echo side_help($markup_body, $markup_excerpt) . '<h3 class="plain"><a href="#advanced" onclick="toggleDisplay(\'advanced\'); return false;">' . gTxt('advanced_options') . '</a></h3>', '<div id="advanced" style="display:none;">', n . graf('<label for="markup-body">' . gTxt('article_markup') . '</label>' . br . pref_markup('markup_body', $markup_body, 'markup-body')), n . graf('<label for="markup-excerpt">' . gTxt('excerpt_markup') . '</label>' . pref_markup('markup_excerpt', $markup_excerpt, 'markup-excerpt')), $allow_form_override ? graf('<label for="override-form">' . gTxt('override_default_form') . '</label>' . br . form_pop($override_form, 'override-form') . sp . popHelp('override_form')) : '', n . graf('<label for="article-image">' . gTxt('article_image') . '</label>' . sp . popHelp('article_image') . br . fInput('text', 'Image', $Image, 'edit', '', '', 22, '', 'article-image')), n . graf('<label for="url-title">' . gTxt('url_title') . '</label>' . sp . popHelp('url_title') . br . fInput('text', 'url_title', $url_title, 'edit', '', '', 22, '', 'url-title')) . '</div> <h3 class="plain"><a href="#recent" onclick="toggleDisplay(\'recent\'); return false;">' . gTxt('recent_articles') . '</a>' . '</h3>' . '<div id="recent" style="display:none;">'; $recents = safe_rows_start("Title, ID", 'textpattern', "1=1 order by LastMod desc limit 10"); if ($recents) { echo '<ul class="plain-list">'; while ($recent = nextRow($recents)) { if (!$recent['Title']) { $recent['Title'] = gTxt('untitled') . sp . $recent['ID']; } echo n . t . '<li><a href="?event=article' . a . 'step=edit' . a . 'ID=' . $recent['ID'] . '">' . escape_title($recent['Title']) . '</a></li>'; } echo '</ul>'; } echo '</div>'; } else { echo sp; } echo '</td>' . n . '<td id="article-main">'; //-- title input -------------- if ($view == 'preview') { echo hed(gTxt('preview'), 2) . hed($Title, 1); } elseif ($view == 'html') { echo hed('XHTML', 2) . hed($Title, 1); } else { echo '<p><label for="title">' . gTxt('title') . '</label>'; if (($Status == 4 or $Status == 5) and $step != 'create') { include_once txpath . '/publish/taghandlers.php'; echo sp . sp . '[<a href="' . permlinkurl_id($ID) . '">' . gTxt('view') . '</a>]'; } echo '<br />' . n . '<input type="text" id="title" name="Title" value="' . cleanfInput($Title) . '" class="edit" size="65" tabindex="1" /></p>'; } //-- body -------------------- if ($view == 'preview') { echo do_markup($markup_body, $Body); } elseif ($view == 'html') { $bod = do_markup($markup_body, $Body); echo tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($bod)), 'code'); } else { echo n . graf('<label for="body">' . gTxt('body') . '</label><br />' . n . '<textarea id="body" name="Body" cols="55" rows="31" tabindex="2">' . htmlspecialchars($Body) . '</textarea>'); } //-- excerpt -------------------- if ($articles_use_excerpts) { if ($view == 'text') { echo n . graf('<label for="excerpt">' . gTxt('excerpt') . '</label>' . sp . popHelp('excerpt') . br . '<textarea id="excerpt" name="Excerpt" cols="55" rows="10" tabindex="3">' . htmlspecialchars($Excerpt) . '</textarea>'); } else { echo n . '<hr width="50%" />'; echo $view == 'preview' ? graf(do_markup($markup_excerpt, $Excerpt)) : tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars(do_markup($markup_excerpt, $Excerpt))), 'code'); } } //-- keywords -------------- if ($view == 'text') { echo n . graf('<label for="keywords">' . gTxt('keywords') . '</label>' . sp . popHelp('keywords') . br . '<textarea id="keywords" name="Keywords" cols="55" rows="5">' . htmlspecialchars(str_replace(',', ', ', $Keywords)) . '</textarea>'); //-- custom fields -------------- echo $custom_1_set ? custField(1, $custom_1_set, $custom_1) : '', $custom_2_set ? custField(2, $custom_2_set, $custom_2) : '', $custom_3_set ? custField(3, $custom_3_set, $custom_3) : '', $custom_4_set ? custField(4, $custom_4_set, $custom_4) : '', $custom_5_set ? custField(5, $custom_5_set, $custom_5) : '', $custom_6_set ? custField(6, $custom_6_set, $custom_6) : '', $custom_7_set ? custField(7, $custom_7_set, $custom_7) : '', $custom_8_set ? custField(8, $custom_8_set, $custom_8) : '', $custom_9_set ? custField(9, $custom_9_set, $custom_9) : '', $custom_10_set ? custField(10, $custom_10_set, $custom_10) : ''; } //-- author -------------- if ($view == "text" && $step != "create") { echo '<p class="small">' . gTxt('posted_by') . ': ' . htmlspecialchars($AuthorID) . ' · ' . safe_strftime('%d %b %Y · %X', $sPosted); if ($sPosted != $sLastMod) { echo br . gTxt('modified_by') . ': ' . htmlspecialchars($LastModID) . ' · ' . safe_strftime('%d %b %Y · %X', $sLastMod); } echo '</p>'; } echo hInput('from_view', $view); echo '</td>'; echo '<td id="article-tabs">'; //-- layer tabs ------------------- echo graf(tab('text', $view) . br . tab('html', $view) . br . tab('preview', $view)); echo '</td>'; echo '<td id="article-col-2">'; if ($view == 'text') { if ($step != 'create') { echo n . graf(href(gtxt('create_new'), 'index.php?event=article')); } //-- prev/next article links -- if ($step != 'create' and ($prev_id or $next_id)) { echo '<p>', $prev_id ? prevnext_link('‹' . gTxt('prev'), 'article', 'edit', $prev_id, gTxt('prev')) : '', $next_id ? prevnext_link(gTxt('next') . '›', 'article', 'edit', $next_id, gTxt('next')) : '', '</p>'; } //-- status radios -------------- echo n . n . fieldset(status_radio($Status), gTxt('status'), 'write-status') . n . n . fieldset(n . graf('<label for="section">' . gTxt('section') . '</label> ' . '<span class="small">[' . eLink('section', '', '', '', gTxt('edit')) . ']</span>' . br . section_popup($Section, 'section')) . n . graf('<label for="category-1">' . gTxt('category1') . '</label> ' . '<span class="small">[' . eLink('category', '', '', '', gTxt('edit')) . ']</span>' . br . n . category_popup('Category1', $Category1, 'category-1')) . n . graf('<label for="category-2">' . gTxt('category2') . '</label>' . br . n . category_popup('Category2', $Category2, 'category-2')), gTxt('sort_display'), 'write-sort') . n . n . '<h3 class="plain"><a href="#more" onclick="toggleDisplay(\'more\'); return false;">' . gTxt('more') . '</a></h3>', '<div id="more" style="display: none;">'; //-- comments stuff -------------- if ($step == "create") { //Avoiding invite disappear when previewing $AnnotateInvite = !empty($store_out['AnnotateInvite']) ? $store_out['AnnotateInvite'] : $comments_default_invite; if ($comments_on_default == 1) { $Annotate = 1; } } if ($use_comments == 1) { echo n . n . '<fieldset id="write-comments">' . n . '<legend>' . gTxt('comments') . '</legend>'; $comments_expired = false; if ($step != 'create' && $comments_disabled_after) { $lifespan = $comments_disabled_after * 86400; $time_since = time() - $sPosted; if ($time_since > $lifespan) { $comments_expired = true; } } if ($comments_expired) { echo n . n . graf(gTxt('expired')); } else { echo n . n . graf(onoffRadio('Annotate', $Annotate)) . n . n . graf('<label for="comment-invite">' . gTxt('comment_invitation') . '</label>' . br . fInput('text', 'AnnotateInvite', $AnnotateInvite, 'edit', '', '', '', '', 'comment-invite')); } echo n . n . '</fieldset>'; } if ($step == "create" and empty($GLOBALS['ID'])) { //-- timestamp ------------------- //Avoiding modified date to disappear $persist_timestamp = !empty($store_out['year']) ? safe_strtotime($store_out['year'] . '-' . $store_out['month'] . '-' . $store_out['day'] . ' ' . $store_out['hour'] . ':' . $store_out['minute'] . ':' . $store_out['second']) : time(); echo n . n . fieldset(n . graf(checkbox('publish_now', '1', $publish_now, '', 'publish_now') . '<label for="publish_now">' . gTxt('set_to_now') . '</label>') . n . graf(gTxt('or_publish_at') . sp . popHelp('timestamp')) . n . graf(gtxt('date') . sp . tsi('year', '%Y', $persist_timestamp, '', 4) . ' / ' . tsi('month', '%m', $persist_timestamp) . ' / ' . tsi('day', '%d', $persist_timestamp)) . n . graf(gTxt('time') . sp . tsi('hour', '%H', $persist_timestamp) . ' : ' . tsi('minute', '%M', $persist_timestamp) . ' : ' . tsi('second', '%S', $persist_timestamp)), gTxt('timestamp'), 'write-timestamp'); //-- expires ------------------- $persist_timestamp = !empty($store_out['exp_year']) ? safe_strtotime($store_out['exp_year'] . '-' . $store_out['exp_month'] . '-' . $store_out['exp_day'] . ' ' . $store_out['exp_hour'] . ':' . $store_out['exp_minute'] . ':' . $store_out['second']) : NULLDATETIME; echo n . n . fieldset(n . graf(gtxt('date') . sp . tsi('exp_year', '%Y', $persist_timestamp, '', 4) . ' / ' . tsi('exp_month', '%m', $persist_timestamp) . ' / ' . tsi('exp_day', '%d', $persist_timestamp)) . n . graf(gTxt('time') . sp . tsi('exp_hour', '%H', $persist_timestamp) . ' : ' . tsi('exp_minute', '%M', $persist_timestamp) . ' : ' . tsi('exp_second', '%S', $persist_timestamp)), gTxt('expires') . sp . popHelp('expires'), 'write-expires') . n . n . '</div>'; //-- publish button -------------- echo has_privs('article.publish') ? fInput('submit', 'publish', gTxt('publish'), "publish", '', '', '', 4) : fInput('submit', 'publish', gTxt('save'), "publish", '', '', '', 4); } else { //-- timestamp ------------------- if (!empty($year)) { $sPosted = safe_strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second); } echo n . n . fieldset(n . graf(checkbox('reset_time', '1', $reset_time, '', 'reset_time') . '<label for="reset_time">' . gTxt('reset_time') . '</label>') . n . graf(gTxt('published_at') . sp . popHelp('timestamp')) . n . graf(gtxt('date') . sp . tsi('year', '%Y', $sPosted, '', 4) . ' / ' . tsi('month', '%m', $sPosted) . ' / ' . tsi('day', '%d', $sPosted)) . n . graf(gTxt('time') . sp . tsi('hour', '%H', $sPosted) . ' : ' . tsi('minute', '%M', $sPosted) . ' : ' . tsi('second', '%S', $sPosted)) . n . hInput('sPosted', $sPosted) . n . hInput('sLastMod', $sLastMod) . n . hInput('AuthorID', $AuthorID) . n . hInput('LastModID', $LastModID), gTxt('timestamp'), 'write-timestamp'); //-- expires ------------------- if (!empty($exp_year)) { if (empty($exp_month)) { $exp_month = 1; } if (empty($exp_day)) { $exp_day = 1; } if (empty($exp_hour)) { $exp_hour = 0; } if (empty($exp_minute)) { $exp_minute = 0; } if (empty($exp_second)) { $exp_second = 0; } $sExpires = safe_strtotime($exp_year . '-' . $exp_month . '-' . $exp_day . ' ' . $exp_hour . ':' . $exp_minute . ':' . $exp_second); } echo n . n . fieldset(n . graf(gtxt('date') . sp . tsi('exp_year', '%Y', $sExpires, '', 4) . ' / ' . tsi('exp_month', '%m', $sExpires) . ' / ' . tsi('exp_day', '%d', $sExpires)) . n . graf(gTxt('time') . sp . tsi('exp_hour', '%H', $sExpires) . ' : ' . tsi('exp_minute', '%M', $sExpires) . ' : ' . tsi('exp_second', '%S', $sExpires)) . n . hInput('sExpires', $sExpires), gTxt('expires') . sp . popHelp('expires'), 'write-expires') . n . n . '</div>'; //-- save button -------------- if ($Status >= 4 and has_privs('article.edit.published') or $Status >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $Status < 4 and has_privs('article.edit') or $Status < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) { echo fInput('submit', 'save', gTxt('save'), "publish", '', '', '', 4); } } } echo '</td></tr></table></form>'; }
} /* ======= CATEGORIES ======== */ $cat_titles = array(); $result = mysql_query('SELECT name, title FROM ' . $txpcfg['table_prefix'] . 'txp_category'); if ($result) { while ($cat = mysql_fetch_assoc($result)) { $cat_titles[$cat['name']] = $cat['title']; } } /* ======= POSTS ======== */ $sql = 'SELECT * FROM ' . $txpcfg['table_prefix'] . 'textpattern'; $result = mysql_query($sql); while ($row = mysql_fetch_assoc($result)) { $article_time = strtotime($row['Posted']); echo '<item>' . EOL; echo '<title>' . escape_title($row['Title']) . '</title>' . EOL; switch ($permlink_mode) { case 'section_id_title': $url = $siteurl . $row['Section'] . '/' . $row['ID'] . '/' . $row['url_title']; break; case 'year_month_day_title': $url = $siteurl . date('Y/m/d', $article_time) . '/' . $row['url_title']; break; case 'section_title': $url = $siteurl . $row['Section'] . '/' . $row['url_title']; break; case 'title_only': $url = $siteurl . $row['url_title']; break; case 'id_title': $url = $siteurl . $row['ID'] . '/' . $row['url_title'];
function article_partial_recent_articles($rs) { $recents = safe_rows_start("Title, ID", 'textpattern', "1=1 order by LastMod desc limit 10"); $ra = ''; if ($recents) { $ra = '<ul class="recent plain-list">'; while ($recent = nextRow($recents)) { if (!$recent['Title']) { $recent['Title'] = gTxt('untitled') . sp . $recent['ID']; } $ra .= n . t . '<li class="recent-article"><a href="?event=article' . a . 'step=edit' . a . 'ID=' . $recent['ID'] . '">' . escape_title($recent['Title']) . '</a></li>'; } $ra .= '</ul>'; } return pluggable_ui('article_ui', 'recent_articles', $ra, $rs); }
function breadcrumb($atts) { global $pretext, $thisarticle, $sitename; extract(lAtts(array('wraptag' => 'p', 'sep' => ' » ', 'link' => 'y', 'label' => $sitename, 'title' => '', 'class' => '', 'linkclass' => 'noline'), $atts)); $linked = $link == 'y' ? true : false; if ($linked) { $label = doTag($label, 'a', $linkclass, ' href="' . hu . '"'); } $content = array(); extract($pretext); if (!empty($s) && $s != 'default') { $section_title = $title ? fetch_section_title($s) : $s; $section_title_html = escape_title($section_title); $content[] = $linked ? doTag($section_title_html, 'a', $linkclass, ' href="' . pagelinkurl(array('s' => $s)) . '"') : $section_title_html; } $category = empty($c) ? '' : $c; foreach (getTreePath($category, 'article') as $cat) { if ($cat['name'] != 'root') { $category_title_html = $title ? escape_title($cat['title']) : $cat['name']; $content[] = $linked ? doTag($category_title_html, 'a', $linkclass, ' href="' . pagelinkurl(array('c' => $cat['name'])) . '"') : $category_title_html; } } //Add the label at the end, to prevent breadcrumb for home page if (!empty($content)) { $content = array_merge(array($label), $content); } //Add article title without link if we're on an individual archive page? return doTag(join($sep, $content), $wraptag, $class); }
function pagetop($pagetitle, $message = "") { global $css_mode, $siteurl, $sitename, $txp_user, $event; $area = gps('area'); $event = !$event ? 'article' : $event; $bm = gps('bm'); $privs = safe_field("privs", "txp_users", "name = '" . doSlash($txp_user) . "'"); $GLOBALS['privs'] = $privs; $areas = areas(); foreach ($areas as $k => $v) { if (in_array($event, $v)) { $area = $k; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta name="robots" content="noindex, nofollow" /> <title>Txp › <?php echo htmlspecialchars($sitename); ?> › <?php echo escape_title($pagetitle); ?> </title> <link href="textpattern.css" rel="Stylesheet" type="text/css" /> <script type="text/javascript" src="textpattern.js"></script> <script type="text/javascript"> <!-- var cookieEnabled = checkCookies(); if (!cookieEnabled) { confirm('<?php echo trim(gTxt('cookies_must_be_enabled')); ?> '); } <?php if ($event == 'list') { $sarr = array("\n", '-'); $rarr = array('', '-'); $sections = ''; $rs = safe_column('name', 'txp_section', "name != 'default'"); if ($rs) { $sections = str_replace($sarr, $rarr, addslashes(selectInput('Section', $rs, '', true))); } $category1 = ''; $category2 = ''; $rs = getTree('root', 'article'); if ($rs) { $category1 = str_replace($sarr, $rarr, addslashes(treeSelectInput('Category1', $rs, ''))); $category2 = str_replace($sarr, $rarr, addslashes(treeSelectInput('Category2', $rs, ''))); } $statuses = str_replace($sarr, $rarr, addslashes(selectInput('Status', array(1 => gTxt('draft'), 2 => gTxt('hidden'), 3 => gTxt('pending'), 4 => gTxt('live'), 5 => gTxt('sticky')), '', true))); $comments_annotate = addslashes(onoffRadio('Annotate', safe_field('val', 'txp_prefs', "name = 'comments_on_default'"))); $authors = ''; $rs = safe_column('name', 'txp_users', "privs not in(0,6)"); if ($rs) { $authors = str_replace($sarr, $rarr, addslashes(selectInput('AuthorID', $rs, '', true))); } // output JavaScript ?> function poweredit(elm) { var something = elm.options[elm.selectedIndex].value; // Add another chunk of HTML var pjs = document.getElementById('js'); if (pjs == null) { var br = document.createElement('br'); elm.parentNode.appendChild(br); pjs = document.createElement('P'); pjs.setAttribute('id','js'); elm.parentNode.appendChild(pjs); } if (pjs.style.display == 'none' || pjs.style.display == '') { pjs.style.display = 'block'; } if (something != '') { switch (something) { case 'changesection': var sections = '<?php echo $sections; ?> '; pjs.innerHTML = '<span><?php echo gTxt('section'); ?> : '+sections+'</span>'; break; case 'changecategory1': var categories = '<?php echo $category1; ?> '; pjs.innerHTML = '<span><?php echo gTxt('category1'); ?> : '+categories+'</span>'; break; case 'changecategory2': var categories = '<?php echo $category2; ?> '; pjs.innerHTML = '<span><?php echo gTxt('category2'); ?> : '+categories+'</span>'; break; case 'changestatus': var statuses = '<?php echo $statuses; ?> '; pjs.innerHTML = '<span><?php echo gTxt('status'); ?> : '+statuses+'</span>'; break; case 'changecomments': var comments = '<?php echo $comments_annotate; ?> '; pjs.innerHTML = '<span><?php echo gTxt('comments'); ?> : '+comments+'</span>'; break; case 'changeauthor': var authors = '<?php echo $authors; ?> '; pjs.innerHTML = '<span><?php echo gTxt('author'); ?> : '+authors+'</span>'; break; default: pjs.style.display = 'none'; break; } } return false; } addEvent(window, 'load', cleanSelects); <?php } ?> --> </script> <script type="text/javascript" src="jquery.js"></script> </head> <body> <table id="pagetop" cellpadding="0" cellspacing="0"> <tr id="branding"><td><img src="txp_img/textpattern.gif" alt="textpattern" /></td><td id="navpop"><?php echo navPop(1); ?> </td></tr> <tr id="nav-primary"><td align="center" class="tabs" colspan="2"> <?php if (!$bm) { echo '<table cellpadding="0" cellspacing="0" align="center"><tr> <td valign="middle" style="width:368px"> ' . $message . '</td>', has_privs('tab.content') ? areatab(gTxt('tab_content'), 'content', 'article', $area) : '', has_privs('tab.presentation') ? areatab(gTxt('tab_presentation'), 'presentation', 'page', $area) : '', has_privs('tab.admin') ? areatab(gTxt('tab_admin'), 'admin', 'admin', $area) : '', (has_privs('tab.extensions') and !empty($areas['extensions'])) ? areatab(gTxt('tab_extensions'), 'extensions', array_shift($areas['extensions']), $area) : '', '<td class="tabdown"><a href="' . hu . '" class="plain" target="blank">' . gTxt('tab_view_site') . '</a></td>', '</tr></table>', '</td></tr><tr id="nav-secondary"><td align="center" class="tabs" colspan="2"> <table cellpadding="0" cellspacing="0" align="center"><tr>', tabsort($area, $event), '</tr></table>'; } echo '</td></tr></table>'; }
function discuss_list($message = '') { global $event, $comment_list_pageby; pagetop(gTxt('list_discussions'), $message); extract(gpsa(array('sort', 'dir', 'page', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('discuss_sort_column', 'date'); } if ($dir === '') { $dir = get_pref('discuss_sort_dir', 'desc'); } $dir = $dir == 'asc' ? 'asc' : 'desc'; switch ($sort) { case 'id': $sort_sql = 'txp_discuss.discussid ' . $dir; break; case 'ip': $sort_sql = 'txp_discuss.ip ' . $dir; break; case 'name': $sort_sql = 'txp_discuss.name ' . $dir; break; case 'email': $sort_sql = 'txp_discuss.email ' . $dir; break; case 'website': $sort_sql = 'txp_discuss.web ' . $dir; break; case 'message': $sort_sql = 'txp_discuss.message ' . $dir; break; case 'status': $sort_sql = 'txp_discuss.visible ' . $dir; break; case 'parent': $sort_sql = 'txp_discuss.parentid ' . $dir; break; default: $sort = 'date'; $sort_sql = 'txp_discuss.posted ' . $dir; break; } if ($sort != 'date') { $sort_sql .= ', txp_discuss.posted asc'; } set_pref('discuss_sort_column', $sort, 'discuss', 2, '', 0, PREF_PRIVATE); set_pref('discuss_sort_dir', $dir, 'discuss', 2, '', 0, PREF_PRIVATE); $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit != '') { $verbatim = preg_match('/^"(.*)"$/', $crit, $m); $crit_escaped = $verbatim ? doSlash($m[1]) : doLike($crit); $critsql = $verbatim ? array('id' => "txp_discuss.discussid in ('" . join("','", do_list($crit_escaped)) . "')", 'parent' => "txp_discuss.parentid = '{$crit_escaped}'" . ((string) intval($crit_escaped) === $crit_escaped ? '' : " or textpattern.Title = '{$crit_escaped}'"), 'name' => "txp_discuss.name = '{$crit_escaped}'", 'message' => "txp_discuss.message = '{$crit_escaped}'", 'email' => "txp_discuss.email = '{$crit_escaped}'", 'website' => "txp_discuss.web = '{$crit_escaped}'", 'ip' => "txp_discuss.ip = '{$crit_escaped}'") : array('id' => "txp_discuss.discussid in ('" . join("','", do_list($crit_escaped)) . "')", 'parent' => "txp_discuss.parentid = '{$crit_escaped}'" . ((string) intval($crit_escaped) === $crit_escaped ? '' : " or textpattern.Title like '%{$crit_escaped}%'"), 'name' => "txp_discuss.name like '%{$crit_escaped}%'", 'message' => "txp_discuss.message like '%{$crit_escaped}%'", 'email' => "txp_discuss.email like '%{$crit_escaped}%'", 'website' => "txp_discuss.web like '%{$crit_escaped}%'", 'ip' => "txp_discuss.ip like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $criteria .= callback_event('admin_criteria', 'discuss_list', 0, $criteria); $counts = getRows("select txp_discuss.visible, COUNT(*) AS c\n from " . safe_pfx_j('txp_discuss') . "\n left join " . safe_pfx_j('textpattern') . " ON txp_discuss.parentid = textpattern.ID\n where {$criteria} group by txp_discuss.visible"); $count[SPAM] = $count[MODERATE] = $count[VISIBLE] = 0; if ($counts) { foreach ($counts as $c) { $count[$c['visible']] = $c['c']; } } // grand total comment count $total = $count[SPAM] + $count[MODERATE] + $count[VISIBLE]; echo hed(gTxt('list_discussions'), 1, array('class' => 'txp-heading')); echo n . '<div id="' . $event . '_control" class="txp-control-panel">'; echo graf(sLink('discuss', 'ipban_list', gTxt('list_banned_ips')), ' class="txp-buttons"'); if ($total < 1) { if ($criteria != 1) { echo discuss_search_form($crit, $search_method) . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>'; } else { echo graf(gTxt('no_comments_recorded'), ' class="indicator"') . '</div>'; } return; } echo discuss_search_form($crit, $search_method) . '</div>'; if (!cs('toggle_show_spam')) { $total = $count[MODERATE] + $count[VISIBLE]; $criteria = 'visible != ' . intval(SPAM) . ' and ' . $criteria; } $limit = max($comment_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); $rs = safe_query("select\n txp_discuss.discussid,\n txp_discuss.parentid,\n txp_discuss.name,\n txp_discuss.email,\n txp_discuss.web,\n txp_discuss.ip,\n txp_discuss.message,\n txp_discuss.visible,\n unix_timestamp(txp_discuss.posted) as uPosted,\n textpattern.ID as thisid,\n textpattern.Section as section,\n textpattern.url_title,\n textpattern.Title as title,\n textpattern.Status,\n unix_timestamp(textpattern.Posted) as posted\n from " . safe_pfx_j('txp_discuss') . "\n left join " . safe_pfx_j('textpattern') . " on txp_discuss.parentid = textpattern.ID\n where {$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { echo n . tag_start('div', array('id' => $event . '_container', 'class' => 'txp-container')) . n . tag_start('form', array('action' => 'index.php', 'id' => 'discuss_form', 'class' => 'multi_edit_form', 'method' => 'post', 'name' => 'longform')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' scope="col" title="' . gTxt('toggle_all_selected') . '" class="txp-list-col-multi-edit"') . column_head('ID', 'id', 'discuss', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'txp-list-col-id') . column_head('date', 'date', 'discuss', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'txp-list-col-created date') . column_head('name', 'name', 'discuss', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-name') . column_head('message', 'message', 'discuss', true, $switch_dir, $crit, $search_method, 'message' == $sort ? "{$dir} " : 'txp-list-col-message') . column_head('email', 'email', 'discuss', true, $switch_dir, $crit, $search_method, ('email' == $sort ? "{$dir} " : '') . 'txp-list-col-email discuss_detail') . column_head('website', 'website', 'discuss', true, $switch_dir, $crit, $search_method, ('website' == $sort ? "{$dir} " : '') . 'txp-list-col-website discuss_detail') . column_head('IP', 'ip', 'discuss', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'txp-list-col-ip discuss_detail') . column_head('status', 'status', 'discuss', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'txp-list-col-status') . column_head('parent', 'parent', 'discuss', true, $switch_dir, $crit, $search_method, ('parent' == $sort ? "{$dir} " : '') . 'txp-list-col-parent')) . n . tag_end('thead'); include_once txpath . '/publish/taghandlers.php'; echo n . tag_start('tbody'); while ($a = nextRow($rs)) { extract($a); $parentid = assert_int($parentid); $edit_url = array('event' => 'discuss', 'step' => 'discuss_edit', 'discussid' => $discussid, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit); $dmessage = $visible == SPAM ? short_preview($message) : $message; switch ($visible) { case VISIBLE: $comment_status = gTxt('visible'); $row_class = 'visible'; break; case SPAM: $comment_status = gTxt('spam'); $row_class = 'spam'; break; case MODERATE: $comment_status = gTxt('unmoderated'); $row_class = 'moderate'; break; default: break; } if (empty($thisid)) { $parent = gTxt('article_deleted') . ' (' . $parentid . ')'; $view = ''; } else { $parent_title = empty($title) ? '<em>' . gTxt('untitled') . '</em>' : escape_title($title); $parent = href($parent_title, '?event=article' . a . 'step=edit' . a . 'ID=' . $parentid); $view = $comment_status; if ($visible == VISIBLE and in_array($Status, array(4, 5))) { $view = href($comment_status, permlinkurl($a) . '#c' . $discussid, ' title="' . gTxt('view') . '"'); } } echo tr(td(fInput('checkbox', 'selected[]', $discussid), '', 'txp-list-col-multi-edit') . hCell(href($discussid, $edit_url, ' title="' . gTxt('edit') . '"'), '', ' scope="row" class="txp-list-col-id"') . td(gTime($uPosted), '', 'txp-list-col-created date') . td(txpspecialchars(soft_wrap($name, 15)), '', 'txp-list-col-name') . td(short_preview($dmessage), '', 'txp-list-col-message') . td(txpspecialchars(soft_wrap($email, 15)), '', 'txp-list-col-email discuss_detail') . td(txpspecialchars(soft_wrap($web, 15)), '', 'txp-list-col-website discuss_detail') . td($ip, '', 'txp-list-col-ip discuss_detail') . td($view, '', 'txp-list-col-status') . td($parent, '', 'txp-list-col-parent'), ' class="' . $row_class . '"'); } if (empty($message)) { echo n . tr(tda(gTxt('just_spam_results_found'), ' colspan="10"')); } echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . discuss_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . graf(toggle_box('discuss_detail'), array('class' => 'detail-toggle')) . cookie_box('show_spam') . n . tag_start('div', array('id' => $event . '_navigation', 'class' => 'txp-navigation')) . pageby_form('discuss', $comment_list_pageby) . nav_form('discuss', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div') . n . tag_end('div'); } }
/** * Outputs the main panel listing all comments. * * @param string|array $message The activity message */ function discuss_list($message = '') { global $event, $comment_list_pageby; pagetop(gTxt('list_discussions'), $message); extract(gpsa(array('sort', 'dir', 'page', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('discuss_sort_column', 'date'); } else { if (!in_array($sort, array('id', 'ip', 'name', 'email', 'website', 'message', 'status', 'parent'))) { $sort = 'date'; } set_pref('discuss_sort_column', $sort, 'discuss', 2, '', 0, PREF_PRIVATE); } if ($dir === '') { $dir = get_pref('discuss_sort_dir', 'desc'); } else { $dir = $dir == 'asc' ? "asc" : "desc"; set_pref('discuss_sort_dir', $dir, 'discuss', 2, '', 0, PREF_PRIVATE); } switch ($sort) { case 'id': $sort_sql = "txp_discuss.discussid {$dir}"; break; case 'ip': $sort_sql = "txp_discuss.ip {$dir}"; break; case 'name': $sort_sql = "txp_discuss.name {$dir}"; break; case 'email': $sort_sql = "txp_discuss.email {$dir}"; break; case 'website': $sort_sql = "txp_discuss.web {$dir}"; break; case 'message': $sort_sql = "txp_discuss.message {$dir}"; break; case 'status': $sort_sql = "txp_discuss.visible {$dir}"; break; case 'parent': $sort_sql = "txp_discuss.parentid {$dir}"; break; default: $sort = 'date'; $sort_sql = "txp_discuss.posted {$dir}"; break; } if ($sort != 'date') { $sort_sql .= ", txp_discuss.posted ASC"; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $search = new Filter($event, array('id' => array('column' => 'txp_discuss.discussid', 'label' => gTxt('ID'), 'type' => 'integer'), 'parent' => array('column' => array('txp_discuss.parentid', 'textpattern.Title'), 'label' => gTxt('parent')), 'name' => array('column' => 'txp_discuss.name', 'label' => gTxt('name')), 'message' => array('column' => 'txp_discuss.message', 'label' => gTxt('message')), 'email' => array('column' => 'txp_discuss.email', 'label' => gTxt('email')), 'website' => array('column' => 'txp_discuss.web', 'label' => gTxt('website')), 'ip' => array('column' => 'txp_discuss.ip', 'label' => gTxt('IP')), 'visible' => array('column' => 'txp_discuss.visible', 'label' => gTxt('visible'), 'type' => 'numeric'))); $alias_yes = VISIBLE . ', Yes'; $alias_no = MODERATE . ', No, Unmoderated, Pending'; $alias_spam = SPAM . ', Spam'; $search->setAliases('visible', array(VISIBLE => $alias_yes, MODERATE => $alias_no, SPAM => $alias_spam)); list($criteria, $crit, $search_method) = $search->getFilter(array('id' => array('can_list' => true))); $search_render_options = array('placeholder' => 'search_comments'); $sql_from = safe_pfx_j('txp_discuss') . "\n left join " . safe_pfx_j('textpattern') . " on txp_discuss.parentid = textpattern.ID"; $counts = getRows("SELECT txp_discuss.visible, COUNT(*) AS c\n FROM " . safe_pfx_j('txp_discuss') . "\n LEFT JOIN " . safe_pfx_j('textpattern') . "\n ON txp_discuss.parentid = textpattern.ID\n WHERE {$criteria} GROUP BY txp_discuss.visible"); $count[SPAM] = $count[MODERATE] = $count[VISIBLE] = 0; if ($counts) { foreach ($counts as $c) { $count[$c['visible']] = $c['c']; } } // Grand total comment count. $total = $count[SPAM] + $count[MODERATE] + $count[VISIBLE]; echo n . tag(hed(gTxt('list_discussions'), 1, array('class' => 'txp-heading')), 'div', array('class' => 'txp-layout-2col-cell-1')); $searchBlock = n . tag($search->renderForm('discuss_list', $search_render_options), 'div', array('class' => 'txp-layout-2col-cell-2', 'id' => $event . '_control')); $contentBlockStart = n . tag_start('div', array('class' => 'txp-layout-1col', 'id' => $event . '_container')); if ($total < 1) { if ($criteria != 1) { echo $searchBlock . $contentBlockStart . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_results_found'), array('class' => 'alert-block information')); } else { echo $contentBlockStart . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_comments_recorded'), array('class' => 'alert-block information')); } echo n . tag_end('div'); return; } if (!cs('toggle_show_spam')) { $total = $count[MODERATE] + $count[VISIBLE]; $criteria = 'visible != ' . intval(SPAM) . ' and ' . $criteria; } $limit = max($comment_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo $searchBlock . $contentBlockStart; $rs = safe_query("SELECT\n txp_discuss.discussid,\n txp_discuss.parentid,\n txp_discuss.name,\n txp_discuss.email,\n txp_discuss.web,\n txp_discuss.ip,\n txp_discuss.message,\n txp_discuss.visible,\n UNIX_TIMESTAMP(txp_discuss.posted) AS uPosted,\n textpattern.ID AS thisid,\n textpattern.Section AS section,\n textpattern.url_title,\n textpattern.Title AS title,\n textpattern.Status,\n UNIX_TIMESTAMP(textpattern.Posted) AS posted\n FROM " . safe_pfx_j('txp_discuss') . "\n LEFT JOIN " . safe_pfx_j('textpattern') . " ON txp_discuss.parentid = textpattern.ID\n WHERE {$criteria} ORDER BY {$sort_sql} LIMIT {$offset}, {$limit}"); if ($rs) { echo n . tag(cookie_box('show_spam') . toggle_box('discuss_detail'), 'div', array('class' => 'txp-list-options')) . n . tag_start('form', array('class' => 'multi_edit_form', 'id' => 'discuss_form', 'name' => 'longform', 'method' => 'post', 'action' => 'index.php')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' class="txp-list-col-multi-edit" scope="col" title="' . gTxt('toggle_all_selected') . '"') . column_head('ID', 'id', 'discuss', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'txp-list-col-id') . column_head('date', 'date', 'discuss', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'txp-list-col-created date') . column_head('name', 'name', 'discuss', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-name') . column_head('message', 'message', 'discuss', true, $switch_dir, $crit, $search_method, 'message' == $sort ? "{$dir} " : 'txp-list-col-message') . column_head('email', 'email', 'discuss', true, $switch_dir, $crit, $search_method, ('email' == $sort ? "{$dir} " : '') . 'txp-list-col-email discuss_detail') . column_head('website', 'website', 'discuss', true, $switch_dir, $crit, $search_method, ('website' == $sort ? "{$dir} " : '') . 'txp-list-col-website discuss_detail') . column_head('IP', 'ip', 'discuss', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'txp-list-col-ip discuss_detail') . column_head('status', 'status', 'discuss', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'txp-list-col-status') . column_head('parent', 'parent', 'discuss', true, $switch_dir, $crit, $search_method, ('parent' == $sort ? "{$dir} " : '') . 'txp-list-col-parent')) . n . tag_end('thead'); include_once txpath . '/publish/taghandlers.php'; echo n . tag_start('tbody'); while ($a = nextRow($rs)) { extract($a); $parentid = assert_int($parentid); $edit_url = array('event' => 'discuss', 'step' => 'discuss_edit', 'discussid' => $discussid, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit); $dmessage = $visible == SPAM ? short_preview($message) : $message; switch ($visible) { case VISIBLE: $comment_status = gTxt('visible'); $row_class = 'visible'; break; case SPAM: $comment_status = gTxt('spam'); $row_class = 'spam'; break; case MODERATE: $comment_status = gTxt('unmoderated'); $row_class = 'moderate'; break; default: break; } if (empty($thisid)) { $parent = gTxt('article_deleted') . ' (' . $parentid . ')'; $view = ''; } else { $parent_title = empty($title) ? '<em>' . gTxt('untitled') . '</em>' : escape_title($title); $parent = href($parent_title, '?event=article' . a . 'step=edit' . a . 'ID=' . $parentid); $view = $comment_status; if ($visible == VISIBLE and in_array($Status, array(4, 5))) { $view = href($comment_status, permlinkurl($a) . '#c' . $discussid, ' title="' . gTxt('view') . '"'); } } echo tr(td(fInput('checkbox', 'selected[]', $discussid), '', 'txp-list-col-multi-edit') . hCell(href($discussid, $edit_url, ' title="' . gTxt('edit') . '"'), '', ' class="txp-list-col-id" scope="row"') . td(gTime($uPosted), '', 'txp-list-col-created date') . td(txpspecialchars(soft_wrap($name, 15)), '', 'txp-list-col-name') . td(short_preview($dmessage), '', 'txp-list-col-message') . td(txpspecialchars(soft_wrap($email, 15)), '', 'txp-list-col-email discuss_detail') . td(txpspecialchars(soft_wrap($web, 15)), '', 'txp-list-col-website discuss_detail') . td(href(txpspecialchars($ip), 'https://whois.domaintools.com/' . rawurlencode($ip), array('rel' => 'external', 'target' => '_blank')), '', 'txp-list-col-ip discuss_detail') . td($view, '', 'txp-list-col-status') . td($parent, '', 'txp-list-col-parent'), ' class="' . $row_class . '"'); } if (empty($message)) { echo n . tr(tda(gTxt('just_spam_results_found'), ' colspan="10"')); } echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . discuss_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . n . tag_start('div', array('class' => 'txp-navigation', 'id' => $event . '_navigation')) . pageby_form('discuss', $comment_list_pageby) . nav_form('discuss', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div'); } echo n . tag_end('div'); }
/** * Return the HTML <title> contents for an admin-side page. * * The rendered title can be customised via a 'admin_side > html_title' * pluggable UI callback event. * * @param string $pagetitle Specific page title part * @return string * @since 4.6.0 */ function admin_title($pagetitle) { global $sitename; if ((string) $pagetitle === '') { $title = gTxt('untitled'); } else { $title = $pagetitle; } $title = escape_title($title) . ' - ' . txpspecialchars($sitename) . ' | Textpattern CMS'; return pluggable_ui('admin_side', 'html_title', $title, compact('pagetitle')); }
function sed_cp_new_comment_digest($atts) { global $_sed_cp_new_cmts; /* Outputs a digest of comments since the viewer's last visit to the site (if any)... */ extract(lAtts(array('class' => __FUNCTION__, 'wraptag' => 'ul', 'break' => 'li', 'label' => '', 'labeltag' => '', 'limit' => '0', 'more' => ' …', 'max_visit' => 7200, 'empty' => gTxt('none')), $atts)); $new_comments = _sed_cp_get_comments($max_visit); if ($_sed_cp_new_cmts > 0) { $row_count = count($new_comments); if ($limit === '0' || intval($limit) < 0 || $row_count === intval($limit)) { $limit = $row_count + 1; } else { $limit = intval($limit); } foreach ($new_comments as $comment) { extract($comment); $item = href(escape_title($Title) . "({$new_com_count})", permlinkurl_id($parentid) . '#c' . $first_new); if (--$limit <= 0) { $items[] = $item . $more; break; } else { $items[] = $item; } } } else { $items[] = $empty; } return doLabel($label, $labeltag) . doWrap($items, $wraptag, $break, $class); }
function article_edit($message = '', $concurrent = FALSE) { global $vars, $txp_user, $comments_disabled_after, $txpcfg, $prefs, $event; extract($prefs); extract(gpsa(array('view', 'from_view', 'step'))); if (!empty($GLOBALS['ID'])) { // newly-saved article $ID = $GLOBALS['ID']; $step = 'edit'; } else { $ID = gps('ID'); } include_once txpath . '/lib/classTextile.php'; $textile = new Textile(); // switch to 'text' view upon page load and after article post if (!$view || gps('save') || gps('publish')) { $view = 'text'; } if (!$step) { $step = "create"; } if ($step == "edit" && $view == "text" && !empty($ID) && $from_view != 'preview' && $from_view != 'html' && !$concurrent) { $pull = true; //-- it's an existing article - off we go to the db $ID = assert_int($ID); $rs = safe_row("*, unix_timestamp(Posted) as sPosted,\n\t\t\t\tunix_timestamp(Expires) as sExpires,\n\t\t\t\tunix_timestamp(LastMod) as sLastMod", "textpattern", "ID={$ID}"); extract($rs); $reset_time = $publish_now = $Status < 4 && $sPosted <= time(); } else { $pull = false; //-- assume they came from post if ($from_view == 'preview' or $from_view == 'html') { $store_out = array(); $store = unserialize(base64_decode(ps('store'))); foreach ($vars as $var) { if (isset($store[$var])) { $store_out[$var] = $store[$var]; } } } else { $store_out = gpsa($vars); if ($concurrent) { $store_out['sLastMod'] = safe_field('unix_timestamp(LastMod) as sLastMod', 'textpattern', 'ID=' . $ID); } } $rs = $store_out; extract($store_out); } $GLOBALS['step'] = $step; if ($step == 'create') { $textile_body = $use_textile; $textile_excerpt = $use_textile; } if ($step != 'create' && $sPosted) { // Previous record? $prev_id = checkIfNeighbour('prev', $sPosted); // Next record? $next_id = checkIfNeighbour('next', $sPosted); } else { $prev_id = $next_id = 0; } $page_title = $Title ? $Title : gTxt('write'); pagetop($page_title, $message); echo n . '<div id="' . $event . '_container" class="txp-container txp-edit">'; echo n . n . '<form id="article_form" name="article_form" method="post" action="index.php">'; if (!empty($store_out)) { echo hInput('store', base64_encode(serialize($store_out))); } echo hInput('ID', $ID) . eInput('article') . sInput($step) . '<input type="hidden" name="view" />' . startTable('edit') . '<tr>' . n . '<td id="article-col-1"><div id="configuration_content">'; if ($view == 'text') { //-- markup help -------------- echo pluggable_ui('article_ui', 'sidehelp', side_help($textile_body, $textile_excerpt), $rs); //-- custom menu entries -------------- echo pluggable_ui('article_ui', 'extend_col_1', '', $rs); //-- advanced -------------- echo '<div id="advanced_group"><h3 class="plain lever' . (get_pref('pane_article_advanced_visible') ? ' expanded' : '') . '"><a href="#advanced">' . gTxt('advanced_options') . '</a></h3>' . '<div id="advanced" class="toggle" style="display:' . (get_pref('pane_article_advanced_visible') ? 'block' : 'none') . '">'; // markup selection echo pluggable_ui('article_ui', 'markup', n . graf('<label for="markup-body">' . gTxt('article_markup') . '</label>' . br . pref_text('textile_body', $textile_body, 'markup-body'), ' class="markup markup-body"') . n . graf('<label for="markup-excerpt">' . gTxt('excerpt_markup') . '</label>' . br . pref_text('textile_excerpt', $textile_excerpt, 'markup-excerpt'), ' class="markup markup-excerpt"'), $rs); // form override echo $allow_form_override ? pluggable_ui('article_ui', 'override', graf('<label for="override-form">' . gTxt('override_default_form') . '</label>' . sp . popHelp('override_form') . br . form_pop($override_form, 'override-form'), ' class="override-form"'), $rs) : ''; echo '</div></div>' . n; //-- custom fields -------------- $cf = ''; $cfs = getCustomFields(); echo '<div id="custom_field_group"' . ($cfs ? '' : ' class="empty"') . '><h3 class="plain lever' . (get_pref('pane_article_custom_field_visible') ? ' expanded' : '') . '"><a href="#custom_field">' . gTxt('custom') . '</a></h3>' . '<div id="custom_field" class="toggle" style="display:' . (get_pref('pane_article_custom_field_visible') ? 'block' : 'none') . '">'; foreach ($cfs as $i => $cf_name) { $custom_x_set = "custom_{$i}_set"; $custom_x = "custom_{$i}"; $cf .= ${$custom_x_set} !== '' ? custField($i, ${$custom_x_set}, ${$custom_x}) : ''; } echo pluggable_ui('article_ui', 'custom_fields', $cf, $rs); echo '</div></div>' . n; //-- article image -------------- echo '<div id="image_group"><h3 class="plain lever' . (get_pref('pane_article_image_visible') ? ' expanded' : '') . '"><a href="#image">' . gTxt('article_image') . '</a></h3>' . '<div id="image" class="toggle" style="display:' . (get_pref('pane_article_image_visible') ? 'block' : 'none') . '">'; echo pluggable_ui('article_ui', 'article_image', n . graf('<label for="article-image">' . gTxt('article_image') . '</label>' . sp . popHelp('article_image') . br . fInput('text', 'Image', $Image, 'edit', '', '', 22, '', 'article-image'), ' class="article-image"'), $rs); echo '</div></div>' . n; //-- meta info -------------- echo '<div id="meta_group"><h3 class="plain lever' . (get_pref('pane_article_meta_visible') ? ' expanded' : '') . '"><a href="#meta">' . gTxt('meta') . '</a></h3>' . '<div id="meta" class="toggle" style="display:' . (get_pref('pane_article_meta_visible') ? 'block' : 'none') . '">'; // keywords echo pluggable_ui('article_ui', 'keywords', n . graf('<label for="keywords">' . gTxt('keywords') . '</label>' . sp . popHelp('keywords') . br . n . '<textarea id="keywords" name="Keywords" cols="18" rows="5">' . htmlspecialchars(str_replace(',', ', ', $Keywords)) . '</textarea>', ' class="keywords"'), $rs); // url title echo pluggable_ui('article_ui', 'url_title', n . graf('<label for="url-title">' . gTxt('url_title') . '</label>' . sp . popHelp('url_title') . br . fInput('text', 'url_title', $url_title, 'edit', '', '', 22, '', 'url-title'), ' class="url-title"'), $rs); echo '</div></div>' . n; //-- recent articles -------------- echo '<div id="recent_group"><h3 class="plain lever' . (get_pref('pane_article_recent_visible') ? ' expanded' : '') . '"><a href="#recent">' . gTxt('recent_articles') . '</a>' . '</h3>' . '<div id="recent" class="toggle" style="display:' . (get_pref('pane_article_recent_visible') ? 'block' : 'none') . '">'; $recents = safe_rows_start("Title, ID", 'textpattern', "1=1 order by LastMod desc limit 10"); $ra = ''; if ($recents) { $ra = '<ul class="recent plain-list">'; while ($recent = nextRow($recents)) { if (!$recent['Title']) { $recent['Title'] = gTxt('untitled') . sp . $recent['ID']; } $ra .= n . t . '<li class="recent-article"><a href="?event=article' . a . 'step=edit' . a . 'ID=' . $recent['ID'] . '">' . escape_title($recent['Title']) . '</a></li>'; } $ra .= '</ul>'; } echo pluggable_ui('article_ui', 'recent_articles', $ra, $rs); echo '</div></div>'; } else { echo sp; } echo '</div></td>' . n . '<td id="article-main"><div id="main_content">'; //-- title input -------------- if ($view == 'preview') { echo '<div class="preview">' . hed(gTxt('preview'), 2) . hed($Title, 1, ' class="title"'); } elseif ($view == 'html') { echo '<div class="xhtml">' . hed('XHTML', 2) . hed($Title, 1, ' class="title"'); } elseif ($view == 'text') { echo '<div class="text">' . pluggable_ui('article_ui', 'title', n . '<p class="title"><label for="title">' . gTxt('title') . '</label>' . sp . popHelp('title') . br . '<input type="text" id="title" name="Title" value="' . escape_title($Title) . '" class="edit" size="40" tabindex="1" />', $rs); if ($step != 'create') { if ($Status != 4 and $Status != 5) { $url = '?txpreview=' . intval($ID) . '.' . time(); // article ID plus cachebuster } else { include_once txpath . '/publish/taghandlers.php'; $url = permlinkurl_id($ID); } echo sp . sp . '<a href="' . $url . '" class="article-view">' . gTxt('view') . '</a>'; } echo '</p>'; } //-- body -------------------- if ($view == 'preview') { echo '<div class="body">'; if ($textile_body == USE_TEXTILE) { echo $textile->TextileThis($Body); } else { if ($textile_body == CONVERT_LINEBREAKS) { echo nl2br($Body); } else { if ($textile_body == LEAVE_TEXT_UNTOUCHED) { echo $Body; } } } echo '</div>'; } elseif ($view == 'html') { if ($textile_body == USE_TEXTILE) { $bod = $textile->TextileThis($Body); } else { if ($textile_body == CONVERT_LINEBREAKS) { $bod = nl2br($Body); } else { if ($textile_body == LEAVE_TEXT_UNTOUCHED) { $bod = $Body; } } } echo tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($bod)), 'code', ' class="body"'); } else { echo pluggable_ui('article_ui', 'body', n . graf('<label for="body">' . gTxt('body') . '</label>' . sp . popHelp('body') . br . '<textarea id="body" name="Body" cols="55" rows="31" tabindex="2">' . htmlspecialchars($Body) . '</textarea>', ' class="body"'), $rs); } //-- excerpt -------------------- if ($articles_use_excerpts) { if ($view == 'text') { echo pluggable_ui('article_ui', 'excerpt', n . graf('<label for="excerpt">' . gTxt('excerpt') . '</label>' . sp . popHelp('excerpt') . br . '<textarea id="excerpt" name="Excerpt" cols="55" rows="5" tabindex="3">' . htmlspecialchars($Excerpt) . '</textarea>', ' class="excerpt"'), $rs); } else { echo n . '<hr width="50%" />'; echo '<div class="excerpt">'; echo $textile_excerpt == USE_TEXTILE ? $view == 'preview' ? graf($textile->textileThis($Excerpt)) : tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($textile->TextileThis($Excerpt))), 'code', ' class="excerpt"') : graf($Excerpt); echo '</div>'; } } //-- author -------------- if ($view == "text" && $step != "create") { echo '<p class="author small">' . gTxt('posted_by') . ': ' . htmlspecialchars($AuthorID) . ' · ' . safe_strftime('%d %b %Y · %X', $sPosted); if ($sPosted != $sLastMod) { echo br . gTxt('modified_by') . ': ' . htmlspecialchars($LastModID) . ' · ' . safe_strftime('%d %b %Y · %X', $sLastMod); } echo '</p>'; } echo hInput('from_view', $view), '</div></div></td>'; //-- layer tabs ------------------- echo '<td id="article-tabs"><div id="view_modes">'; echo pluggable_ui('article_ui', 'view', $use_textile == USE_TEXTILE || $textile_body == USE_TEXTILE ? tag(tab('text', $view) . tab('html', $view) . tab('preview', $view), 'ul') : ' ', $rs); echo '</div></td>'; echo '<td id="article-col-2"><div id="supporting_content">'; if ($view == 'text') { if ($step != 'create') { echo n . graf(href(gtxt('create_new'), 'index.php?event=article'), ' class="action-create"'); } //-- prev/next article links -- if ($step != 'create' and ($prev_id or $next_id)) { echo '<p class="article-nav">', $prev_id ? prevnext_link('‹' . gTxt('prev'), 'article', 'edit', $prev_id, gTxt('prev')) : '', $next_id ? prevnext_link(gTxt('next') . '›', 'article', 'edit', $next_id, gTxt('next')) : '', '</p>'; } //-- status radios -------------- echo pluggable_ui('article_ui', 'status', n . n . '<fieldset id="write-status">' . n . '<legend>' . gTxt('status') . '</legend>' . n . status_radio($Status) . n . '</fieldset>', $rs); //-- category selects ----------- echo pluggable_ui('article_ui', 'categories', n . n . '<fieldset id="write-sort">' . n . '<legend>' . gTxt('sort_display') . '</legend>' . n . graf('<label for="category-1">' . gTxt('category1') . '</label> ' . '<span class="edit category-edit small">[' . eLink('category', '', '', '', gTxt('edit')) . ']</span>' . br . n . category_popup('Category1', $Category1, 'category-1'), ' class="category category-1"') . n . graf('<label for="category-2">' . gTxt('category2') . '</label>' . br . n . category_popup('Category2', $Category2, 'category-2'), ' class="category category-2"'), $rs); //-- section select -------------- if (!$from_view && !$pull) { $Section = getDefaultSection(); } echo pluggable_ui('article_ui', 'section', n . graf('<label for="section">' . gTxt('section') . '</label> ' . '<span class="edit section-edit small">[' . eLink('section', '', '', '', gTxt('edit')) . ']</span>' . br . section_popup($Section, 'section'), ' class="section"') . n . '</fieldset>', $rs); //-- "More" section echo n . n . '<div id="more_group"><h3 class="plain lever' . (get_pref('pane_article_more_visible') ? ' expanded' : '') . '"><a href="#more">' . gTxt('more') . '</a></h3>', '<div id="more" class="toggle" style="display:' . (get_pref('pane_article_more_visible') ? 'block' : 'none') . '">'; //-- comments stuff -------------- if ($step == "create") { //Avoiding invite disappear when previewing $AnnotateInvite = !empty($store_out['AnnotateInvite']) ? $store_out['AnnotateInvite'] : $comments_default_invite; if ($comments_on_default == 1) { $Annotate = 1; } } if ($use_comments == 1) { $invite[] = n . n . '<fieldset id="write-comments">' . n . '<legend>' . gTxt('comments') . '</legend>'; $comments_expired = false; if ($step != 'create' && $comments_disabled_after) { $lifespan = $comments_disabled_after * 86400; $time_since = time() - $sPosted; if ($time_since > $lifespan) { $comments_expired = true; } } if ($comments_expired) { $invite[] = n . n . graf(gTxt('expired'), ' class="comment-annotate"'); } else { $invite[] = n . n . graf(onoffRadio('Annotate', $Annotate), ' class="comment-annotate"') . n . n . graf('<label for="comment-invite">' . gTxt('comment_invitation') . '</label>' . br . fInput('text', 'AnnotateInvite', $AnnotateInvite, 'edit', '', '', '', '', 'comment-invite'), ' class="comment-invite"'); } $invite[] = n . n . '</fieldset>'; echo pluggable_ui('article_ui', 'annotate_invite', join('', $invite), $rs); } if ($step == "create" and empty($GLOBALS['ID'])) { //-- timestamp ------------------- //Avoiding modified date to disappear $persist_timestamp = !empty($store_out['year']) ? safe_strtotime($store_out['year'] . '-' . $store_out['month'] . '-' . $store_out['day'] . ' ' . $store_out['hour'] . ':' . $store_out['minute'] . ':' . $store_out['second']) : time(); echo pluggable_ui('article_ui', 'timestamp', n . n . '<fieldset id="write-timestamp">' . n . '<legend>' . gTxt('timestamp') . '</legend>' . n . graf(checkbox('publish_now', '1', $publish_now, '', 'publish_now') . '<label for="publish_now">' . gTxt('set_to_now') . '</label>', ' class="publish-now"') . n . graf(gTxt('or_publish_at') . sp . popHelp('timestamp'), ' class="publish-at"') . n . graf('<span class="label">' . gtxt('date') . '</span>' . sp . tsi('year', '%Y', $persist_timestamp) . ' / ' . tsi('month', '%m', $persist_timestamp) . ' / ' . tsi('day', '%d', $persist_timestamp), ' class="date posted created"') . n . graf('<span class="label">' . gTxt('time') . '</span>' . sp . tsi('hour', '%H', $persist_timestamp) . ' : ' . tsi('minute', '%M', $persist_timestamp) . ' : ' . tsi('second', '%S', $persist_timestamp), ' class="time posted created"') . n . '</fieldset>', array('sPosted' => $persist_timestamp) + $rs); //-- expires ------------------- $persist_timestamp = !empty($store_out['exp_year']) ? safe_strtotime($store_out['exp_year'] . '-' . $store_out['exp_month'] . '-' . $store_out['exp_day'] . ' ' . $store_out['exp_hour'] . ':' . $store_out['exp_minute'] . ':' . $store_out['second']) : NULLDATETIME; echo pluggable_ui('article_ui', 'expires', n . n . '<fieldset id="write-expires">' . n . '<legend>' . gTxt('expires') . '</legend>' . n . graf('<span class="label">' . gtxt('date') . '</span>' . sp . tsi('exp_year', '%Y', $persist_timestamp) . ' / ' . tsi('exp_month', '%m', $persist_timestamp) . ' / ' . tsi('exp_day', '%d', $persist_timestamp), ' class="date expires"') . n . graf('<span class="label">' . gTxt('time') . '</span>' . sp . tsi('exp_hour', '%H', $persist_timestamp) . ' : ' . tsi('exp_minute', '%M', $persist_timestamp) . ' : ' . tsi('exp_second', '%S', $persist_timestamp), ' class="time expires"') . n . '</fieldset>', $rs); // end "More" section echo n . n . '</div></div>'; //-- publish button -------------- echo has_privs('article.publish') ? fInput('submit', 'publish', gTxt('publish'), "publish", '', '', '', 4) : fInput('submit', 'publish', gTxt('save'), "publish", '', '', '', 4); } else { //-- timestamp ------------------- if (!empty($year)) { $sPosted = safe_strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second); } echo pluggable_ui('article_ui', 'timestamp', n . n . '<fieldset id="write-timestamp">' . n . '<legend>' . gTxt('timestamp') . '</legend>' . n . graf(checkbox('reset_time', '1', $reset_time, '', 'reset_time') . '<label for="reset_time">' . gTxt('reset_time') . '</label>', ' class="reset-time"') . n . graf(gTxt('published_at') . sp . popHelp('timestamp'), ' class="publish-at"') . n . graf('<span class="label">' . gtxt('date') . '</span>' . sp . tsi('year', '%Y', $sPosted) . ' / ' . tsi('month', '%m', $sPosted) . ' / ' . tsi('day', '%d', $sPosted), ' class="date posted created"') . n . graf('<span class="label">' . gTxt('time') . '</span>' . sp . tsi('hour', '%H', $sPosted) . ' : ' . tsi('minute', '%M', $sPosted) . ' : ' . tsi('second', '%S', $sPosted), ' class="time posted created"') . n . hInput('sPosted', $sPosted) . n . hInput('sLastMod', $sLastMod) . n . hInput('AuthorID', $AuthorID) . n . hInput('LastModID', $LastModID) . n . '</fieldset>', $rs); //-- expires ------------------- if (!empty($exp_year)) { if (empty($exp_month)) { $exp_month = 1; } if (empty($exp_day)) { $exp_day = 1; } if (empty($exp_hour)) { $exp_hour = 0; } if (empty($exp_minute)) { $exp_minute = 0; } if (empty($exp_second)) { $exp_second = 0; } $sExpires = safe_strtotime($exp_year . '-' . $exp_month . '-' . $exp_day . ' ' . $exp_hour . ':' . $exp_minute . ':' . $exp_second); } echo pluggable_ui('article_ui', 'expires', n . n . '<fieldset id="write-expires">' . n . '<legend>' . gTxt('expires') . '</legend>' . n . graf('<span class="label">' . gtxt('date') . '</span>' . sp . tsi('exp_year', '%Y', $sExpires) . ' / ' . tsi('exp_month', '%m', $sExpires) . ' / ' . tsi('exp_day', '%d', $sExpires), ' class="date expires"') . n . graf('<span class="label">' . gTxt('time') . '</span>' . sp . tsi('exp_hour', '%H', $sExpires) . ' : ' . tsi('exp_minute', '%M', $sExpires) . ' : ' . tsi('exp_second', '%S', $sExpires), ' class="time expires"') . n . hInput('sExpires', $sExpires) . n . '</fieldset>', $rs); // end "More" section echo n . n . '</div></div>'; //-- save button -------------- if ($Status >= 4 and has_privs('article.edit.published') or $Status >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $Status < 4 and has_privs('article.edit') or $Status < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) { echo fInput('submit', 'save', gTxt('save'), "publish", '', '', '', 4); } } } echo '</div></td></tr></table></form></div>' . n; // Assume users would not change the timestamp if they wanted to "publish now"/"reset time" echo script_js(<<<EOS \t\t\$('#write-timestamp input.edit').change( \t\t\tfunction() { \t\t\t\t\$('#publish_now').attr('checked', false); \t\t\t\t\$('#reset_time').attr('checked', false); \t\t\t}); EOS ); }
" lang="<?php echo LANG; ?> " dir="<?php echo gTxt('lang_dir'); ?> "> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="robots" content="noindex, nofollow" /> <title>Txp › <?php echo htmlspecialchars($sitename); ?> › <?php echo escape_title($pagetitle); ?> </title> <link rel="stylesheet" type="text/css" href="theme/default/style.css" /> <?php echo get_element_style($event); ?> <script type="text/javascript" src="js/jquery.js"></script> <script type="text/javascript" src="js/textpattern.js"></script> <script type="text/javascript"> <!-- <?php include_once txpath . DS . 'js/textpattern.js.php'; ?>
function cleanfInput($text) { trigger_error(gTxt('deprecated_function_with', array('{name}' => __FUNCTION__, '{with}' => 'escape_title')), E_USER_NOTICE); return escape_title($text); }
function pagetop($pagetitle, $message = "") { global $siteurl, $sitename, $txp_user, $event, $step, $app_mode, $theme; if ($app_mode == 'async') { return; } $area = gps('area'); $event = !$event ? 'article' : $event; $bm = gps('bm'); $privs = safe_field("privs", "txp_users", "name = '" . doSlash($txp_user) . "'"); $GLOBALS['privs'] = $privs; $areas = areas(); $area = false; foreach ($areas as $k => $v) { if (in_array($event, $v)) { $area = $k; break; } } if (gps('logout')) { $body_id = 'page-logout'; } elseif (!$txp_user) { $body_id = 'page-login'; } else { $body_id = 'page-' . txpspecialchars($event); } header('X-Frame-Options: ' . X_FRAME_OPTIONS); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo LANG; ?> " lang="<?php echo LANG; ?> " dir="<?php echo txpspecialchars(gTxt('lang_dir')); ?> "> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta name="robots" content="noindex, nofollow" /> <title><?php echo escape_title($pagetitle); ?> - <?php echo txpspecialchars($sitename); ?> | Textpattern CMS</title> <script type="text/javascript" src="jquery.js"></script> <?php echo script_js('var textpattern = { event: "' . txpspecialchars($event) . '", step: "' . txpspecialchars($step) . '", _txp_token: "' . txpspecialchars(form_token()) . '", ajax_timeout: ' . txpspecialchars(AJAX_TIMEOUT) . ', ajaxally_challenged: ' . (AJAXALLY_CHALLENGED ? 'true' : 'false') . ', textarray: {}, do_spellcheck: "' . txpspecialchars(get_pref('do_spellcheck', '#page-article #body, #page-article #title,' . '#page-image #alt-text, #page-image #caption,' . '#page-file #description,' . '#page-link #link-title, #page-link #link-description')) . '"};'); gTxtScript(array('form_submission_error', 'are_you_sure')); ?> <script type="text/javascript" src="textpattern.js"></script> <script type="text/javascript"> <!-- var cookieEnabled = checkCookies(); if (!cookieEnabled) { confirm('<?php echo trim(gTxt('cookies_must_be_enabled')); ?> '); } function poweredit(elm) { var something = elm.options[elm.selectedIndex].value; // Add another chunk of HTML var pjs = document.getElementById('js'); if (pjs == null) { var br = document.createElement('br'); elm.parentNode.appendChild(br); pjs = document.createElement('P'); pjs.setAttribute('id','js'); elm.parentNode.appendChild(pjs); } if (pjs.style.display == 'none' || pjs.style.display == '') { pjs.style.display = 'block'; } if (something != '') { switch (something) { default: pjs.style.display = 'none'; break; } } return false; } addEvent(window, 'load', cleanSelects); --> </script> <?php // Mandatory un-themable Textpattern core styles ?> <style type="text/css"> .not-ready .doc-ready, .not-ready form.async input[type="submit"], .not-ready a.async { visibility: hidden; } </style> <?php echo $theme->html_head(); callback_event('admin_side', 'head_end'); ?> </head> <body id="<?php echo $body_id; ?> " class="not-ready <?php echo $area; ?> "> <div class="txp-header"> <?php callback_event('admin_side', 'pagetop'); $theme->set_state($area, $event, $bm, $message); echo pluggable_ui('admin_side', 'header', $theme->header()); callback_event('admin_side', 'pagetop_end'); echo '</div><!-- /txp-header --><div class="txp-body">'; }
/** * Render a link invoking an admin-side action while taking up to two additional URL parameters. * * @param string $event Event * @param string $step Step [''] * @param string $thing URL parameter key #1 [''] * @param string $value URL parameter value #1 [''] * @param string $linktext Link text * @param string $thing2 URL parameter key #2 [''] * @param string $val2 URL parameter value #2 [''] * @param string $title Anchor title ['edit'] * @return string HTML */ function eLink($event, $step = '', $thing = '', $value = '', $linktext, $thing2 = '', $val2 = '', $title = 'edit') { return join('', array('<a href="?event=' . $event, $step ? a . 'step=' . $step : '', $thing ? a . '' . $thing . '=' . urlencode($value) : '', $thing2 ? a . '' . $thing2 . '=' . urlencode($val2) : '', a . '_txp_token=' . form_token(), '"' . ($title ? ' title="' . gTxt($title) . '"' : '') . '>' . escape_title($linktext) . '</a>')); }
function breadcrumb($atts) { global $pretext, $sitename; extract(lAtts(array('wraptag' => 'p', 'sep' => ' » ', 'separator' => ' » ', 'link' => 1, 'label' => $sitename, 'title' => '', 'class' => '', 'linkclass' => ''), $atts)); if (isset($atts['sep'])) { $separator = $sep; trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sep')), E_USER_NOTICE); } // bc, get rid of in crockery if ($link == 'y') { $linked = true; } elseif ($link == 'n') { $linked = false; } else { $linked = $link; } $label = txpspecialchars($label); if ($linked) { $label = doTag($label, 'a', $linkclass, ' href="' . hu . '"'); } $content = array(); extract($pretext); if (!empty($s) && $s != 'default') { $section_title = $title ? fetch_section_title($s) : $s; $section_title_html = escape_title($section_title); $content[] = $linked ? doTag($section_title_html, 'a', $linkclass, ' href="' . pagelinkurl(array('s' => $s)) . '"') : $section_title_html; } $category = empty($c) ? '' : $c; foreach (getTreePath($category, 'article') as $cat) { if ($cat['name'] != 'root') { $category_title_html = $title ? escape_title($cat['title']) : $cat['name']; $content[] = $linked ? doTag($category_title_html, 'a', $linkclass, ' href="' . pagelinkurl(array('c' => $cat['name'])) . '"') : $category_title_html; } } // add the label at the end, to prevent breadcrumb for home page if ($content) { $content = array_merge(array($label), $content); return doTag(join($separator, $content), $wraptag, $class); } }
function pagetop($pagetitle, $message = "") { global $siteurl, $sitename, $txp_user, $event, $step, $app_mode, $theme; if ($app_mode == 'async') { return; } $area = gps('area'); $event = !$event ? 'article' : $event; $bm = gps('bm'); $privs = safe_field("privs", "txp_users", "name = '" . doSlash($txp_user) . "'"); $GLOBALS['privs'] = $privs; $areas = areas(); $area = false; foreach ($areas as $k => $v) { if (in_array($event, $v)) { $area = $k; break; } } if (gps('logout')) { $body_id = 'page-logout'; } elseif (!$txp_user) { $body_id = 'page-login'; } else { $body_id = 'page-' . htmlspecialchars($event); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo LANG; ?> " lang="<?php echo LANG; ?> " dir="<?php echo gTxt('lang_dir'); ?> "> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <meta name="robots" content="noindex, nofollow" /> <title>Txp › <?php echo htmlspecialchars($sitename); ?> › <?php echo escape_title($pagetitle); ?> </title> <script src="jquery.js" type="text/javascript"></script> <?php echo script_js('var textpattern = {event: "' . htmlspecialchars($event) . '", step: "' . htmlspecialchars($step) . '"};'); ?> <script type="text/javascript" src="textpattern.js"></script> <script type="text/javascript"> <!-- var cookieEnabled = checkCookies(); if (!cookieEnabled) { confirm('<?php echo trim(gTxt('cookies_must_be_enabled')); ?> '); } <?php $edit = array(); if ($event == 'list') { $rs = safe_column('name', 'txp_section', "name != 'default'"); $edit['section'] = $rs ? selectInput('Section', $rs, '', true) : ''; $rs = getTree('root', 'article'); $edit['category1'] = $rs ? treeSelectInput('Category1', $rs, '') : ''; $edit['category2'] = $rs ? treeSelectInput('Category2', $rs, '') : ''; $edit['comments'] = onoffRadio('Annotate', safe_field('val', 'txp_prefs', "name = 'comments_on_default'")); $edit['status'] = selectInput('Status', array(1 => gTxt('draft'), 2 => gTxt('hidden'), 3 => gTxt('pending'), 4 => gTxt('live'), 5 => gTxt('sticky')), '', true); $rs = safe_column('name', 'txp_users', "privs not in(0,6) order by name asc"); $edit['author'] = $rs ? selectInput('AuthorID', $rs, '', true) : ''; } if (in_array($event, array('image', 'file', 'link'))) { $rs = getTree('root', $event); $edit['category'] = $rs ? treeSelectInput('category', $rs, '') : ''; $rs = safe_column('name', 'txp_users', "privs not in(0,6) order by name asc"); $edit['author'] = $rs ? selectInput('author', $rs, '', true) : ''; } if ($event == 'plugin') { $edit['order'] = selectInput('order', array(1 => 1, 2 => 2, 3 => 3, 4 => 4, 5 => 5, 6 => 6, 7 => 7, 8 => 8, 9 => 9), 5, false); } if ($event == 'admin') { $edit['privilege'] = privs(); $rs = safe_column('name', 'txp_users', '1=1'); $edit_assign_assets = $rs ? selectInput('assign_assets', $rs, '', true) : ''; } // output JavaScript ?> function poweredit(elm) { var something = elm.options[elm.selectedIndex].value; // Add another chunk of HTML var pjs = document.getElementById('js'); if (pjs == null) { var br = document.createElement('br'); elm.parentNode.appendChild(br); pjs = document.createElement('P'); pjs.setAttribute('id','js'); elm.parentNode.appendChild(pjs); } if (pjs.style.display == 'none' || pjs.style.display == '') { pjs.style.display = 'block'; } if (something != '') { switch (something) { <?php foreach ($edit as $key => $val) { echo "case 'change" . $key . "':" . n . t . "pjs.innerHTML = '<span>" . str_replace(array("\n", '-'), array('', '-'), str_replace('</', '<\\/', addslashes($val))) . "<\\/span>';" . n . t . 'break;' . n . n; } if (isset($edit_assign_assets)) { echo "case 'delete':" . n . t . "pjs.innerHTML = '<label for=\"assign_assets\">" . addslashes(gTxt('assign_assets_to')) . "</label><span>" . str_replace(array("\n", '-'), array('', '-'), str_replace('</', '<\\/', addslashes($edit_assign_assets))) . "<\\/span>';" . n . t . 'break;' . n . n; } ?> default: pjs.style.display = 'none'; break; } } return false; } addEvent(window, 'load', cleanSelects); --> </script> <?php echo $theme->html_head(); callback_event('admin_side', 'head_end'); ?> </head> <body id="<?php echo $body_id; ?> " class="<?php echo $area; ?> "> <?php callback_event('admin_side', 'pagetop'); $theme->set_state($area, $event, $bm, $message); echo pluggable_ui('admin_side', 'header', $theme->header()); callback_event('admin_side', 'pagetop_end'); }
function cleanfInput($text) { return escape_title($text); }
function eLink($event, $step = '', $thing = '', $value = '', $linktext, $thing2 = '', $val2 = '') { return join('', array('<a href="?event=' . $event, $step ? a . 'step=' . $step : '', $thing ? a . '' . $thing . '=' . urlencode($value) : '', $thing2 ? a . '' . $thing2 . '=' . urlencode($val2) : '', '">' . escape_title($linktext) . '</a>')); }
function discuss_list($message = '') { global $event, $comment_list_pageby; pagetop(gTxt('list_discussions'), $message); extract(gpsa(array('sort', 'dir', 'page', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('discuss_sort_column', 'date'); } if ($dir === '') { $dir = get_pref('discuss_sort_dir', 'desc'); } $dir = $dir == 'asc' ? 'asc' : 'desc'; switch ($sort) { case 'id': $sort_sql = 'discussid ' . $dir; break; case 'ip': $sort_sql = 'ip ' . $dir; break; case 'name': $sort_sql = 'name ' . $dir; break; case 'email': $sort_sql = 'email ' . $dir; break; case 'website': $sort_sql = 'web ' . $dir; break; case 'message': $sort_sql = 'message ' . $dir; break; case 'status': $sort_sql = 'visible ' . $dir; break; case 'parent': $sort_sql = 'parentid ' . $dir; break; default: $sort = 'date'; $sort_sql = 'txp_discuss.posted ' . $dir; break; } if ($sort != 'date') { $sort_sql .= ', txp_discuss.posted asc'; } set_pref('discuss_sort_column', $sort, 'discuss', 2, '', 0, PREF_PRIVATE); set_pref('discuss_sort_dir', $dir, 'discuss', 2, '', 0, PREF_PRIVATE); $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit != '') { $verbatim = preg_match('/^"(.*)"$/', $crit, $m); $crit_escaped = doSlash($verbatim ? $m[1] : str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit)); $critsql = $verbatim ? array('id' => "discussid = '{$crit_escaped}'", 'parent' => "parentid = '{$crit_escaped}'" . (intval($crit_escaped) ? '' : " OR title = '{$crit_escaped}'"), 'name' => "name = '{$crit_escaped}'", 'message' => "message = '{$crit_escaped}'", 'email' => "email = '{$crit_escaped}'", 'website' => "web = '{$crit_escaped}'", 'ip' => "ip = '{$crit_escaped}'") : array('id' => "discussid = '{$crit_escaped}'", 'parent' => "parentid = '{$crit_escaped}'" . (intval($crit_escaped) ? '' : " OR title like '%{$crit_escaped}%'"), 'name' => "name like '%{$crit_escaped}%'", 'message' => "message like '%{$crit_escaped}%'", 'email' => "email like '%{$crit_escaped}%'", 'website' => "web like '%{$crit_escaped}%'", 'ip' => "ip like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $criteria .= callback_event('admin_criteria', 'discuss_list', 0, $criteria); $counts = getRows('SELECT visible, COUNT(*) AS c' . ' FROM ' . safe_pfx_j('txp_discuss') . ' LEFT JOIN ' . safe_pfx_j('textpattern') . ' ON txp_discuss.parentid = textpattern.ID' . ' WHERE ' . $criteria . ' GROUP BY visible'); $count[SPAM] = $count[MODERATE] = $count[VISIBLE] = 0; if ($counts) { foreach ($counts as $c) { $count[$c['visible']] = $c['c']; } } // grand total comment count $total = $count[SPAM] + $count[MODERATE] + $count[VISIBLE]; echo '<h1 class="txp-heading">' . gTxt('list_discussions') . '</h1>'; echo '<div id="' . $event . '_control" class="txp-control-panel">'; echo graf(sLink('discuss', 'ipban_list', gTxt('list_banned_ips')), ' class="txp-buttons"'); if ($total < 1) { if ($criteria != 1) { echo n . discuss_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>'; } else { echo graf(gTxt('no_comments_recorded'), ' class="indicator"') . '</div>'; } return; } // paging through displayed comments $total = (cs('toggle_show_spam') ? $count[SPAM] : 0) + $count[MODERATE] + $count[VISIBLE]; $limit = max($comment_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo discuss_search_form($crit, $search_method) . '</div>'; $spamq = cs('toggle_show_spam') ? '1=1' : 'visible != ' . intval(SPAM); $rs = safe_query('SELECT txp_discuss.*, unix_timestamp(txp_discuss.posted) as uPosted, ID as thisid, Section as section, url_title, Title as title, Status, unix_timestamp(textpattern.Posted) as posted' . ' FROM ' . safe_pfx_j('txp_discuss') . ' LEFT JOIN ' . safe_pfx_j('textpattern') . ' ON txp_discuss.parentid = textpattern.ID' . ' WHERE ' . $spamq . ' AND ' . $criteria . ' ORDER BY ' . $sort_sql . ' LIMIT ' . $offset . ', ' . $limit); if ($rs) { echo n . '<div id="' . $event . '_container" class="txp-container">'; echo n . n . '<form name="longform" id="discuss_form" class="multi_edit_form" method="post" action="index.php">' . n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . n . n . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('ID', 'id', 'discuss', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . n . column_head('date', 'date', 'discuss', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'date posted created') . n . column_head('name', 'name', 'discuss', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . n . column_head('message', 'message', 'discuss', true, $switch_dir, $crit, $search_method, 'message' == $sort ? "{$dir} " : 'message') . n . column_head('email', 'email', 'discuss', true, $switch_dir, $crit, $search_method, ('email' == $sort ? "{$dir} " : '') . 'discuss_detail email') . n . column_head('website', 'website', 'discuss', true, $switch_dir, $crit, $search_method, ('website' == $sort ? "{$dir} " : '') . 'discuss_detail website') . n . column_head('IP', 'ip', 'discuss', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'discuss_detail ip') . n . column_head('status', 'status', 'discuss', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'status') . n . column_head('parent', 'parent', 'discuss', true, $switch_dir, $crit, $search_method, ('parent' == $sort ? "{$dir} " : '') . 'parent')) . n . '</thead>'; include_once txpath . '/publish/taghandlers.php'; echo '<tbody>'; while ($a = nextRow($rs)) { extract($a); $parentid = assert_int($parentid); $edit_url = '?event=discuss' . a . 'step=discuss_edit' . a . 'discussid=' . $discussid . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; $dmessage = $visible == SPAM ? short_preview($message) : $message; switch ($visible) { case VISIBLE: $comment_status = gTxt('visible'); $row_class = 'visible'; break; case SPAM: $comment_status = gTxt('spam'); $row_class = 'spam'; break; case MODERATE: $comment_status = gTxt('unmoderated'); $row_class = 'moderate'; break; default: break; } if (empty($thisid)) { $parent = gTxt('article_deleted') . ' (' . $parentid . ')'; $view = ''; } else { $parent_title = empty($title) ? '<em>' . gTxt('untitled') . '</em>' : escape_title($title); $parent = href($parent_title, '?event=article' . a . 'step=edit' . a . 'ID=' . $parentid); $view = $comment_status; if ($visible == VISIBLE and in_array($Status, array(4, 5))) { $view = n . '<a title="' . gTxt('view') . '" href="' . permlinkurl($a) . '#c' . $discussid . '">' . $comment_status . '</a>'; } } echo n . n . tr(n . td(fInput('checkbox', 'selected[]', $discussid), '', 'multi-edit') . td('<a title="' . gTxt('edit') . '" href="' . $edit_url . '">' . $discussid . '</a>', '', 'id') . td(gTime($uPosted), '', 'date posted created') . td(txpspecialchars(soft_wrap($name, 15)), '', 'name') . td(short_preview($dmessage), '', 'message') . td(txpspecialchars(soft_wrap($email, 15)), '', 'discuss_detail email') . td(txpspecialchars(soft_wrap($web, 15)), '', 'discuss_detail website') . td($ip, '', 'discuss_detail ip') . td($view, '', 'status') . td($parent, '', 'parent'), ' class="' . $row_class . '"'); } if (empty($message)) { echo tr(tda(gTxt('just_spam_results_found'), ' colspan="10"')); } echo '</tbody>', n, endTable(), n, '</div>', n, discuss_multiedit_form($page, $sort, $dir, $crit, $search_method), n, tInput(), n, '</form>', n, graf(toggle_box('discuss_detail'), ' class="detail-toggle"'), n, cookie_box('show_spam'), n, '<div id="' . $event . '_navigation" class="txp-navigation">', n, nav_form('discuss', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit), n, pageby_form('discuss', $comment_list_pageby), n, '</div>', n, '</div>'; } }
function article_edit($message = '', $concurrent = FALSE) { global $vars, $txp_user, $comments_disabled_after, $txpcfg, $prefs; extract($prefs); extract(gpsa(array('view', 'from_view', 'step'))); if (!empty($GLOBALS['ID'])) { // newly-saved article $ID = $GLOBALS['ID']; $step = 'edit'; } else { $ID = gps('ID'); } include_once txpath . '/lib/classTextile.php'; $textile = new Textile(); // switch to 'text' view upon page load and after article post if (!$view || gps('save') || gps('publish')) { $view = 'text'; } if (!$step) { $step = "create"; } if ($step == "edit" && $view == "text" && !empty($ID) && $from_view != 'preview' && $from_view != 'html' && !$concurrent) { $pull = true; //-- it's an existing article - off we go to the db $ID = assert_int($ID); $rs = safe_row("*, unix_timestamp(Posted) as sPosted,\n\t\t\t\tunix_timestamp(Expires) as sExpires,\n\t\t\t\tunix_timestamp(LastMod) as sLastMod", "textpattern", "ID={$ID}"); extract($rs); $reset_time = $publish_now = $Status < 4; } else { $pull = false; //-- assume they came from post if ($from_view == 'preview' or $from_view == 'html') { $store_out = array(); $store = unserialize(base64_decode(ps('store'))); foreach ($vars as $var) { if (isset($store[$var])) { $store_out[$var] = $store[$var]; } } } else { $store_out = gpsa($vars); if ($concurrent) { $store_out['sLastMod'] = safe_field('unix_timestamp(LastMod) as sLastMod', 'textpattern', 'ID=' . $ID); } } extract($store_out); } $GLOBALS['step'] = $step; if ($step == 'create') { $textile_body = $use_textile; $textile_excerpt = $use_textile; } if ($step != 'create') { // Previous record? $prev_id = checkIfNeighbour('prev', $sPosted); // Next record? $next_id = checkIfNeighbour('next', $sPosted); } $page_title = $Title ? $Title : gTxt('write'); pagetop($page_title, $message); echo n . n . '<form name="article" method="post" action="index.php">'; if (!empty($store_out)) { echo hInput('store', base64_encode(serialize($store_out))); } echo hInput('ID', $ID) . eInput('article') . sInput($step) . '<input type="hidden" name="view" />' . startTable('edit') . '<tr>' . n . '<td id="article-col-1">'; if ($view == 'text') { //-- markup help -------------- echo side_help($textile_body, $textile_excerpt) . '<h3 class="plain"><a href="#advanced" onclick="toggleDisplay(\'advanced\'); return false;">' . gTxt('advanced_options') . '</a></h3>', '<div id="advanced" class="toggle" style="display:none">', n . graf('<label for="markup-body">' . gTxt('article_markup') . '</label>' . br . pref_text('textile_body', $textile_body, 'markup-body')), n . graf('<label for="markup-excerpt">' . gTxt('excerpt_markup') . '</label>' . br . pref_text('textile_excerpt', $textile_excerpt, 'markup-excerpt')), $allow_form_override ? graf('<label for="override-form">' . gTxt('override_default_form') . '</label>' . sp . popHelp('override_form') . br . form_pop($override_form, 'override-form')) : '', $custom_1_set ? custField(1, $custom_1_set, $custom_1) : '', $custom_2_set ? custField(2, $custom_2_set, $custom_2) : '', $custom_3_set ? custField(3, $custom_3_set, $custom_3) : '', $custom_4_set ? custField(4, $custom_4_set, $custom_4) : '', $custom_5_set ? custField(5, $custom_5_set, $custom_5) : '', $custom_6_set ? custField(6, $custom_6_set, $custom_6) : '', $custom_7_set ? custField(7, $custom_7_set, $custom_7) : '', $custom_8_set ? custField(8, $custom_8_set, $custom_8) : '', $custom_9_set ? custField(9, $custom_9_set, $custom_9) : '', $custom_10_set ? custField(10, $custom_10_set, $custom_10) : '', n . graf('<label for="keywords">' . gTxt('keywords') . '</label>' . sp . popHelp('keywords') . br . n . '<textarea id="keywords" name="Keywords" cols="18" rows="5">' . htmlspecialchars(str_replace(',', ', ', $Keywords)) . '</textarea>'), n . graf('<label for="article-image">' . gTxt('article_image') . '</label>' . sp . popHelp('article_image') . br . fInput('text', 'Image', $Image, 'edit', '', '', 22, '', 'article-image')), n . graf('<label for="url-title">' . gTxt('url_title') . '</label>' . sp . popHelp('url_title') . br . fInput('text', 'url_title', $url_title, 'edit', '', '', 22, '', 'url-title')), '</div> <h3 class="plain"><a href="#recent" onclick="toggleDisplay(\'recent\'); return false;">' . gTxt('recent_articles') . '</a>' . '</h3>' . '<div id="recent" class="toggle" style="display:none">'; $recents = safe_rows_start("Title, ID", 'textpattern', "1=1 order by LastMod desc limit 10"); if ($recents) { echo '<ul class="plain-list">'; while ($recent = nextRow($recents)) { if (!$recent['Title']) { $recent['Title'] = gTxt('untitled') . sp . $recent['ID']; } echo n . t . '<li><a href="?event=article' . a . 'step=edit' . a . 'ID=' . $recent['ID'] . '">' . escape_title($recent['Title']) . '</a></li>'; } echo '</ul>'; } echo '</div>'; } else { echo sp; } echo '</td>' . n . '<td id="article-main">'; //-- title input -------------- if ($view == 'preview') { echo hed(gTxt('preview'), 2) . hed($Title, 1); } elseif ($view == 'html') { echo hed('XHTML', 2) . hed($Title, 1); } elseif ($view == 'text') { echo n . '<p><label for="title">' . gTxt('title') . '</label>' . sp . popHelp('title') . br . '<input type="text" id="title" name="Title" value="' . escape_title($Title) . '" class="edit" size="40" tabindex="1" />'; if ($step != 'create') { include_once txpath . '/publish/taghandlers.php'; $url = permlinkurl_id($ID); if ($Status != 4 and $Status != 5) { $url .= (strpos($url, '?') === FALSE ? '?' : '&') . 'txpreview=' . intval($ID) . '.' . time(); } echo sp . sp . '<a href="' . $url . '" class="article-view">' . gTxt('view') . '</a>'; } echo '</p>'; } //-- body -------------------- if ($view == 'preview') { if ($textile_body == USE_TEXTILE) { echo $textile->TextileThis($Body); } else { if ($textile_body == CONVERT_LINEBREAKS) { echo nl2br($Body); } else { if ($textile_body == LEAVE_TEXT_UNTOUCHED) { echo $Body; } } } } elseif ($view == 'html') { if ($textile_body == USE_TEXTILE) { $bod = $textile->TextileThis($Body); } else { if ($textile_body == CONVERT_LINEBREAKS) { $bod = nl2br($Body); } else { if ($textile_body == LEAVE_TEXT_UNTOUCHED) { $bod = $Body; } } } echo tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($bod)), 'code'); } else { echo n . graf('<label for="body">' . gTxt('body') . '</label>' . sp . popHelp('body') . br . '<textarea id="body" name="Body" cols="55" rows="31" tabindex="2">' . htmlspecialchars($Body) . '</textarea>'); } //-- excerpt -------------------- if ($articles_use_excerpts) { if ($view == 'text') { echo n . graf('<label for="excerpt">' . gTxt('excerpt') . '</label>' . sp . popHelp('excerpt') . br . '<textarea id="excerpt" name="Excerpt" cols="55" rows="5" tabindex="3">' . htmlspecialchars($Excerpt) . '</textarea>'); } else { echo n . '<hr width="50%" />'; echo $textile_excerpt == USE_TEXTILE ? $view == 'preview' ? graf($textile->textileThis($Excerpt)) : tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($textile->TextileThis($Excerpt))), 'code') : graf($Excerpt); } } //-- author -------------- if ($view == "text" && $step != "create") { echo '<p class="small">' . gTxt('posted_by') . ': ' . htmlspecialchars($AuthorID) . ' · ' . safe_strftime('%d %b %Y · %X', $sPosted); if ($sPosted != $sLastMod) { echo br . gTxt('modified_by') . ': ' . htmlspecialchars($LastModID) . ' · ' . safe_strftime('%d %b %Y · %X', $sLastMod); } echo '</p>'; } echo hInput('from_view', $view), '</td>'; echo '<td id="article-tabs">'; //-- layer tabs ------------------- echo $use_textile == USE_TEXTILE || $textile_body == USE_TEXTILE ? '<ul>' . (tab('text', $view) . tab('html', $view) . tab('preview', $view)) . '</ul>' : ' '; echo '</td>'; echo '<td id="article-col-2">'; if ($view == 'text') { if ($step != 'create') { echo n . graf(href(gtxt('create_new'), 'index.php?event=article')); } //-- prev/next article links -- if ($step != 'create' and ($prev_id or $next_id)) { echo '<p>', $prev_id ? prevnext_link('‹' . gTxt('prev'), 'article', 'edit', $prev_id, gTxt('prev')) : '', $next_id ? prevnext_link(gTxt('next') . '›', 'article', 'edit', $next_id, gTxt('next')) : '', '</p>'; } //-- status radios -------------- echo n . n . '<fieldset id="write-status">' . n . '<legend>' . gTxt('status') . '</legend>' . n . status_radio($Status) . n . '</fieldset>'; //-- category selects ----------- echo n . n . '<fieldset id="write-sort">' . n . '<legend>' . gTxt('sort_display') . '</legend>' . n . graf('<label for="category-1">' . gTxt('category1') . '</label> ' . '<span class="small">[' . eLink('category', '', '', '', gTxt('edit')) . ']</span>' . br . n . category_popup('Category1', $Category1, 'category-1')) . n . graf('<label for="category-2">' . gTxt('category2') . '</label>' . br . n . category_popup('Category2', $Category2, 'category-2')); //-- section select -------------- if (!$from_view && !$pull) { $Section = getDefaultSection(); } echo n . graf('<label for="section">' . gTxt('section') . '</label> ' . '<span class="small">[' . eLink('section', '', '', '', gTxt('edit')) . ']</span>' . br . section_popup($Section, 'section')) . n . '</fieldset>' . n . n . '<h3 class="plain"><a href="#more" onclick="toggleDisplay(\'more\'); return false;">' . gTxt('more') . '</a></h3>', '<div id="more" class="toggle" style="display:none">'; //-- comments stuff -------------- if ($step == "create") { //Avoiding invite disappear when previewing $AnnotateInvite = !empty($store_out['AnnotateInvite']) ? $store_out['AnnotateInvite'] : $comments_default_invite; if ($comments_on_default == 1) { $Annotate = 1; } } if ($use_comments == 1) { echo n . n . '<fieldset id="write-comments">' . n . '<legend>' . gTxt('comments') . '</legend>'; $comments_expired = false; if ($step != 'create' && $comments_disabled_after) { $lifespan = $comments_disabled_after * 86400; $time_since = time() - $sPosted; if ($time_since > $lifespan) { $comments_expired = true; } } if ($comments_expired) { echo n . n . graf(gTxt('expired')); } else { echo n . n . graf(onoffRadio('Annotate', $Annotate)) . n . n . graf('<label for="comment-invite">' . gTxt('comment_invitation') . '</label>' . br . fInput('text', 'AnnotateInvite', $AnnotateInvite, 'edit', '', '', '', '', 'comment-invite')); } echo n . n . '</fieldset>'; } if ($step == "create" and empty($GLOBALS['ID'])) { //-- timestamp ------------------- //Avoiding modified date to disappear $persist_timestamp = !empty($store_out['year']) ? safe_strtotime($store_out['year'] . '-' . $store_out['month'] . '-' . $store_out['day'] . ' ' . $store_out['hour'] . ':' . $store_out['minute'] . ':' . $store_out['second']) : time(); echo n . n . '<fieldset id="write-timestamp">' . n . '<legend>' . gTxt('timestamp') . '</legend>' . n . graf(checkbox('publish_now', '1', $publish_now, '', 'publish_now') . '<label for="publish_now">' . gTxt('set_to_now') . '</label>') . n . graf(gTxt('or_publish_at') . sp . popHelp('timestamp')) . n . graf(gtxt('date') . sp . tsi('year', '%Y', $persist_timestamp) . ' / ' . tsi('month', '%m', $persist_timestamp) . ' / ' . tsi('day', '%d', $persist_timestamp)) . n . graf(gTxt('time') . sp . tsi('hour', '%H', $persist_timestamp) . ' : ' . tsi('minute', '%M', $persist_timestamp) . ' : ' . tsi('second', '%S', $persist_timestamp)) . n . '</fieldset>'; //-- expires ------------------- $persist_timestamp = !empty($store_out['exp_year']) ? safe_strtotime($store_out['exp_year'] . '-' . $store_out['exp_month'] . '-' . $store_out['exp_day'] . ' ' . $store_out['exp_hour'] . ':' . $store_out['exp_minute'] . ':' . $store_out['second']) : NULLDATETIME; echo n . n . '<fieldset id="write-expires">' . n . '<legend>' . gTxt('expires') . '</legend>' . n . graf(gtxt('date') . sp . tsi('exp_year', '%Y', $persist_timestamp) . ' / ' . tsi('exp_month', '%m', $persist_timestamp) . ' / ' . tsi('exp_day', '%d', $persist_timestamp)) . n . graf(gTxt('time') . sp . tsi('exp_hour', '%H', $persist_timestamp) . ' : ' . tsi('exp_minute', '%M', $persist_timestamp) . ' : ' . tsi('exp_second', '%S', $persist_timestamp)) . n . '</fieldset>' . n . n . '</div>'; //-- publish button -------------- echo has_privs('article.publish') ? fInput('submit', 'publish', gTxt('publish'), "publish", '', '', '', 4) : fInput('submit', 'publish', gTxt('save'), "publish", '', '', '', 4); } else { //-- timestamp ------------------- if (!empty($year)) { $sPosted = safe_strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second); } echo n . n . '<fieldset id="write-timestamp">' . n . '<legend>' . gTxt('timestamp') . '</legend>' . n . graf(checkbox('reset_time', '1', $reset_time, '', 'reset_time') . '<label for="reset_time">' . gTxt('reset_time') . '</label>') . n . graf(gTxt('published_at') . sp . popHelp('timestamp')) . n . graf(gtxt('date') . sp . tsi('year', '%Y', $sPosted) . ' / ' . tsi('month', '%m', $sPosted) . ' / ' . tsi('day', '%d', $sPosted)) . n . graf(gTxt('time') . sp . tsi('hour', '%H', $sPosted) . ' : ' . tsi('minute', '%M', $sPosted) . ' : ' . tsi('second', '%S', $sPosted)) . n . hInput('sPosted', $sPosted), n . hInput('sLastMod', $sLastMod), n . hInput('AuthorID', $AuthorID), n . hInput('LastModID', $LastModID), n . '</fieldset>'; //-- expires ------------------- if (!empty($exp_year)) { if (empty($exp_month)) { $exp_month = 1; } if (empty($exp_day)) { $exp_day = 1; } if (empty($exp_hour)) { $exp_hour = 0; } if (empty($exp_minute)) { $exp_minute = 0; } if (empty($exp_second)) { $exp_second = 0; } $sExpires = safe_strtotime($exp_year . '-' . $exp_month . '-' . $exp_day . ' ' . $exp_hour . ':' . $exp_minute . ':' . $exp_second); } echo n . n . '<fieldset id="write-expires">' . n . '<legend>' . gTxt('expires') . '</legend>' . n . graf(gtxt('date') . sp . tsi('exp_year', '%Y', $sExpires) . ' / ' . tsi('exp_month', '%m', $sExpires) . ' / ' . tsi('exp_day', '%d', $sExpires)) . n . graf(gTxt('time') . sp . tsi('exp_hour', '%H', $sExpires) . ' : ' . tsi('exp_minute', '%M', $sExpires) . ' : ' . tsi('exp_second', '%S', $sExpires)) . n . hInput('sExpires', $sExpires) . n . '</fieldset>' . n . n . '</div>'; //-- save button -------------- if ($Status >= 4 and has_privs('article.edit.published') or $Status >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $Status < 4 and has_privs('article.edit') or $Status < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) { echo fInput('submit', 'save', gTxt('save'), "publish", '', '', '', 4); } } } echo '</td></tr></table></form>'; }
function _l10n_get_article_members($article_id, $exclude_lang, $status = '4') { # # Returns an array of the lang->rendition mappings for all members of the # given article... # $result = array(); $article_id = (int) $article_id; $where = "`" . L10N_COL_GROUP . "`={$article_id} and `Status` >= '{$status}' and `" . L10N_COL_LANG . "`<>'{$exclude_lang}'"; $rows = safe_rows_start('*,ID as thisid, unix_timestamp(Posted) as posted', L10N_MASTER_TEXTPATTERN, $where); if (count($rows)) { while ($row = nextRow($rows)) { $lang = $row[L10N_COL_LANG]; $row['Title'] = escape_title($row['Title']); $result[$lang] = $row; } } return $result; }