function getPostList()
{
$dossier = "posts/*.md";
$list = glob($dossier);
$pages = makeLinkList($list);
$page = getPagePath($pages);
return markdownToHTML($page);
}
function getProfileGroupsAndFormsList($userId)
{
global $sourceFolder;
require_once "{$sourceFolder}/group.lib.php";
$groupRows = getGroupsFromUserId($userId);
$groupRowsCount = count($groupRows);
$associatedGroups = array();
$unassociatedGroups = array();
for ($i = 0; $i < $groupRowsCount; $i++) {
if ($groupRows[$i]['form_id'] == 0) {
$unassociatedGroups[] = '<tr><td>' . $groupRows[$i]['group_name'] . '</td><td>' . $groupRows[$i]['group_description'] . '</td></tr>';
} else {
$formPath = getPagePath(getPageIdFromModuleComponentId('form', $groupRows[$i]['form_id']));
global $urlRequestRoot;
$formPathLink = $urlRequestRoot . $formPath;
$associatedGroups[] = '<tr><td><a href="' . $formPathLink . '">' . $formPath . '</a></td><td>' . $groupRows[$i]['group_name'] . '</td><td><a href="' . $formPathLink . '&subaction=unregister" onclick="return confirm(\'Are you sure you wish to unregister from this form?\')">Unregister</a></td></tr>';
}
}
if (count($associatedGroups) == 0 && count($unassociatedGroups) == 0) {
return false;
}
global $ICONS;
$retVal = "<fieldset style=\"padding: 8px\"><legend>{$ICONS['User Groups']['small']}Groups I Belong To</legend>";
if (count($associatedGroups) > 0) {
$retVal .= '<strong>Groups associated with forms:</strong><br /><br /><table style="margin-left: 8px" border="1" cellpadding="4px" cellspacing="4px">' . '<tr><th>Form Path</th><th>Group Name</th><th>Unregister</th></tr>' . implode("\n", $associatedGroups) . '</table><br /><br />';
}
if (count($unassociatedGroups) > 0) {
$retVal .= '<strong>Groups not associated with any form:</strong><br /><table style="margin-left: 8px" border="1" cellpadding="4px" cellspacing="4px">' . '<tr><th>Group Name</th><th>Group Description</th></tr>' . implode("\n", $unassociatedGroups) . '</table><br />';
}
$retVal .= '</fieldset>';
return $retVal;
}
function emptyGroup($groupName, $silent = false)
{
$groupRow = getGroupRow($groupName);
if (!$groupRow) {
return false;
}
$groupId = $groupRow['group_id'];
$formId = $groupRow['form_id'];
if ($formId == 0) {
$groupQuery = 'DELETE FROM `' . MYSQL_DATABASE_PREFIX . 'usergroup` WHERE `group_id` = \'' . $groupId . "'";
if (!mysql_query($groupQuery)) {
displayerror('Error running MySQL query. The given group could not be emptied.');
return false;
}
if (!$silent) {
displayinfo("Group '{$groupName}' Emptied Successfully");
}
} else {
displayinfo('This group is associated with a form. You must unassociate the group from the form before you can empty it.' . '<a href="' . getPagePath(getPageIdFromModuleComponentId('form', $groupRow['form_id'])) . '">Click Here</a> to visit the form\'s edit page.');
return false;
}
return true;
}
/**
* Get the ChildList for the current item in menu.
* @param $pageId the page Id of the current Page
* @param $depth The number of levels of menu that should be generated
* @param $userId The viewers id - To check for permissions.
* @return Associative Array containing the child pages informaion.;
*/
function getChildList($pageId, $depth, $rootUri, $userId, $curdepth)
{
if ($depth > 0 || $depth == -1) {
if ($curdepth == 1 || $pageId == 0) {
$classname = "topnav";
} else {
$classname = "subnav";
}
$MYHOST = hostURL();
$pageRow = getChildren($pageId, $userId);
$var = "<div class='div_{$classname}'><ul class='{$classname} depth{$curdepth}'>";
for ($i = 0; $i < count($pageRow); $i += 1) {
$query = "SELECT `page_openinnewtab` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_id` = '{$pageRow[$i][0]}'";
$result = mysql_query($query);
$result = mysql_fetch_assoc($result);
$opennewtab = "";
if ($result['page_openinnewtab'] == '1') {
$opennewtab = ' target="_blank" ';
}
$newdepth = $curdepth + 1;
$imageTag = '';
if ($pageRow[$i][4]) {
if ($pageRow[$i][3] != NULL) {
$imageTag = "<img width=32 height=32 src=\"{$MYHOST}/{$pageRow[$i][3]}\" alt=\"{$pageRow[$i][1]}\" />";
}
/*
*@usage: display a default folder icon if the table value is NULL
*@code:
else {
global $cmsFolder;
global $templateFolder;
$imageTag = "<img src=\"{$hostt}/$cmsFolder/$templateFolder/common/images/folder.png\" alt=\"{$pageRow[$i][1]}\" width=\"16\" height=\"16\"/>";
}*/
}
$var .= "\n<li id=\"cms-menu-item{$i}\"><a href=\"" . $rootUri . '/home' . getPagePath($pageRow[$i][0]) . "\" {$opennewtab} ><div class='cms-menuitem'>" . $imageTag . " " . $pageRow[$i][2] . "</div></a>";
$var .= getChildList($pageRow[$i][0], $depth == -1 ? $depth : $depth - 1, $rootUri, $userId, $newdepth, true);
$var .= "</li>";
}
$var .= "</ul></div>";
if (count($pageRow) == 0) {
return "";
}
return $var;
}
}
private function getNewsletterPath($pageId)
{
return getPagePath($pageId);
}
function handleModuleManagement()
{
global $sourceFolder;
if (isset($_POST['btn_install'])) {
$uploadId = processUploaded("Module");
if ($uploadId != -1) {
return installModule($uploadId, "Module");
}
} else {
if (isset($_POST['btn_uninstall'])) {
if (!isset($_POST['Module']) || $_POST['Module'] == "") {
return "";
}
if ($_POST['Module'] == 'article') {
displayerror("Article module can't be deleted for the home page itself is a article");
return "";
}
$toDelete = escape($_POST['Module']);
$query = "SELECT `page_id` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_module` = '{$toDelete}' LIMIT 10";
$result = mysql_query($query) or displayerror(mysql_error());
if (mysql_num_rows($result) == 0 || isset($_POST['confirm'])) {
if (deleteModule($toDelete)) {
displayinfo("Module " . safe_html($_POST['Module']) . " uninstalled!");
return "";
} else {
displayerror("Module uninstallation failed!");
return "";
}
}
if (isset($_POST['confirm'])) {
$query = "DELETE FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_module` = '" . $toDelete . "'";
mysql_query($query) or displayerror(mysql_error());
}
$pageList = "";
while ($row = mysql_fetch_assoc($result)) {
$pageList .= "/home" . getPagePath($row['page_id']) . "<br>";
}
$modulename = safe_html($_POST['Module']);
$ret = <<<RET
<fieldset>
<legend>{$ICONS['Modules Management']['small']}Module Management</legend>
Some of the page of type {$modulename} are:<br>
{$pageList}
<div class='cms-error'>These pages will be removed and cant be recovered, If you proceed deleting the module.</div>
<form method=POST action='./+admin&subaction=module&subsubaction=uninstall'>
<input type=hidden value='{$modulename}' name='Module' />
<input type=submit value='Delete module' name='btn_uninstall' />
<input type=hidden value='confirm' name='confirm' />
</form>
</fieldset>
RET;
return $ret;
} else {
if (isset($_GET['subsubaction']) && $_GET['subsubaction'] == 'finalize') {
return finalizeInstallation(escape($_POST['id']), "Module");
} else {
if (isset($_GET['subsubaction']) && $_GET['subsubaction'] == 'cancel') {
$uploadId = escape($_POST['id']);
$result = mysql_fetch_assoc(mysql_query("SELECT * FROM `" . MYSQL_DATABASE_PREFIX . "tempuploads` WHERE `id` = '{$uploadId}'"));
if ($result != NULL) {
$zipFile = $result['filePath'];
$temp = explode(";", $result['info']);
$extractedPath = $temp[0];
$moduleActualPath = $temp[1];
$moduleName = $temp[2];
}
delDir($extractedPath);
unlink($zipFile);
mysql_query("DELETE FROM `" . MYSQL_DATABASE_PREFIX . "tempuploads` WHERE `id` = '{$uploadId}'") or displayerror(mysql_error());
return "";
}
}
}
}
}
function handleTemplateManagement()
{
global $sourceFolder;
if (isset($_POST['btn_install'])) {
$uploadId = processUploaded("Template");
if ($uploadId != -1) {
return installModule($uploadId, "Template");
}
} else {
if (isset($_POST['btn_uninstall'])) {
$query = "SELECT `value` FROM `" . MYSQL_DATABASE_PREFIX . "global` WHERE attribute= 'default_template'";
$res = mysql_query($query);
$row1 = array();
$row1 = mysql_fetch_row($res);
if (!isset($_POST['Template']) || $_POST['Template'] == "") {
return "";
}
$toDelete = escape($_POST['Template']);
$query = "SELECT * FROM `" . MYSQL_DATABASE_PREFIX . "templates` WHERE `template_name` = '" . $toDelete . "'";
$query2 = "SELECT `page_id` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_template` = '{$toDelete}' LIMIT 10";
$result2 = mysql_query($query2) or displayerror(mysql_error());
if ($row1[0] == $toDelete) {
displayerror("The default template cannot be deleted! If you want to delete this template, first change the default template from 'Global Settings'.");
return "";
}
if (mysql_num_rows($result2) == 0 || isset($_POST['confirm'])) {
if ($row = mysql_fetch_array(mysql_query($query))) {
$query = "DELETE FROM `" . MYSQL_DATABASE_PREFIX . "templates` WHERE `template_name` = '" . $toDelete . "'";
mysql_query($query);
$query = "UPDATE `" . MYSQL_DATABASE_PREFIX . "pages` SET `page_template` = '" . $row1[0] . "' WHERE `page_template` = '" . $toDelete . "'";
mysql_query($query) or displayerror(mysql_error());
$templateDir = $sourceFolder . "/templates/" . $toDelete . "/";
if (file_exists($templateDir)) {
delDir($templateDir);
}
displayinfo("Template " . safe_html($_POST['Template']) . " uninstalled!");
return "";
} else {
displayerror("Template uninstallation failed!");
return "";
}
}
$pageList = "";
while ($row = mysql_fetch_assoc($result2)) {
$pageList .= "/home" . getPagePath($row['page_id']) . "<br>";
}
$templatename = safe_html($_POST['Template']);
$ret = <<<RET
<fieldset>
<legend>{$ICONS['Templates Management']['small']}Template Management</legend>
Some of the page with {$templatename} template are:<br>
{$pageList}
<div class='cms-error'>The templates of these pages will be reset to default template if you proceed deleting the template.</div>
<form method=POST action='./+admin&subaction=template&subsubaction=uninstall'>
<input type=hidden value='{$templatename}' name='Template' />
<input type=submit value='Delete template' name='btn_uninstall' />
<input type=hidden value='confirm' name='confirm' />
</form>
</fieldset>
RET;
return $ret;
}
}
/*
this finalize and cancel subsubactions are vulnerabilities, any one can vary $_POST['path'] and make cms to delete itself.
so template installation is also merged with module and widget installation,
but some extra features specific to template installation(ie ignoring missing template variables and changing template name)
are missing in that installation, these will remain commented for reference till those features are implemented the other way
else if(isset($_GET['subsubaction']) && $_GET['subsubaction'] == 'finalize')
{
$issues = "";
$ret = reportIssues(escape($_POST['path']),$issues);
if($ret[0] == 1)
{
displayerror("Your template is still not compatible with Pragyan CMS. Please fix the reported issues during installation.");
delDir(escape($_POST['del']));
unlink(escape($_POST['file']));
return "";
}
$templates=getAvailableTemplates();
$flag=false;
foreach ($templates as $template)
if($template==$_POST['template'])
{
$flag=true;
break;
}
if($_POST['template']=="common" || $flag || file_exists($sourceFolder . "/templates/" . escape($_POST['template']) . "/"))
{
displayerror("Template Installation failed : A folder by the template name already exists.");
$templatePath=safe_html($_POST['del']);
$str=safe_html($_POST['file']);
$ret=<<<RET
<form method=POST action='./+admin&subaction=canceltemplate'>
Please click the following button to start a fresh installation :
<input type=hidden name='path' value='{$templatePath}'>
<input type=hidden name='file' value='{$str}'>
<input type=submit value="Fresh Installation">
</form>
RET;
return $ret;
}
rename(escape($_POST['path']), $sourceFolder . "/templates/" . escape($_POST['template']) . "/");
delDir(escape($_POST['del']));
unlink(escape($_POST['file']));
mysql_query("INSERT INTO `" . MYSQL_DATABASE_PREFIX . "templates` VALUES('" . escape($_POST['template']) . "')");
displayinfo("Template installation complete");
return "";
}
else if(isset($_GET['subsubaction']) && $_GET['subsubaction'] == 'cancel')
{
delDir(escape($_POST['path']));
unlink(escape($_POST['file']));
return "";
}*/
}
</head>
<body onKeyDown="keyDown(event)" onKeyUp="keyUp(event)" onLoad="onLoadBody()" onResize="resizeBody()">
<iframe id="iframeGeneral" name="iframeGeneral" src="" style="display:none;"></iframe>
<input id="idEstadistica" type="hidden" value="<?php
echo $idEstadistica;
?>
" />
<input id="iPaginaPublica" type="hidden" value="<?php
echo isPublicPage($pageid) ? "t" : "f";
?>
" />
<div align="center" id="divContainer">
<div id="divHeader"><? require_once("header.php") ?></div>
<div id="divMain">
<div id="divMenu"><? require_once("menu.php") ?></div>
<div id="divContenido"><? require_once(getPagePath($pageid))?></div>
<div id="divNada"></div>
</div>
</div>
<!--ZOOMSTOP-->
<!-- *** VISOR DE IMÁGENES - INICIO.. -->
<div id="divVisorImagenes" onClick="cerrarVisorImagenes()">
<div id="divVisorImagenesFondo"></div>
<div id="divVisorImagenesImagen">
<img id="imgVisorImagenesCargandoImagen" src="/images/visor_imagenes/loading_grande.gif" style="position:absolute;" />
<img id="imgVisorImagenesImagen" />
</div>
<div id="divVisorImagenesFlechas" style="display:none;">
<div id="divVisorImagenesFlechaAnterior" onMouseOut="mouseOutFlechas()" onMouseOver="mouseOverFlechas()"><img src="/images/visor_imagenes/anterior.gif" /></div>
<div id="divVisorImagenesFlechaSiguiente" onMouseOut="mouseOutFlechas()" onMouseOver="mouseOverFlechas()"><img src="/images/visor_imagenes/siguiente.gif" /></div>
</div>
public function deleteModule($moduleComponentId)
{
/* Remove the indexing from sphider // Abhishek */
$pageId = getPageIdFromModuleComponentId("article", $moduleComponentId);
$path = getPagePath($pageId);
global $urlRequestRoot;
$delurl = "http://" . $_SERVER['HTTP_HOST'] . $urlRequestRoot . "/home" . $path;
$query = "SELECT link_id FROM `links` WHERE url='{$delurl}'";
$result = mysql_query($query);
if (mysql_num_rows($result) == 0) {
return true;
}
//Nothing to delete
$delids = "";
while ($row = mysql_fetch_row($result)) {
$delids .= $row[0] . ",";
}
$delids = rtrim($delids, ",");
$query = "DELETE FROM `links` WHERE url='{$delurl}'";
mysql_query($query);
for ($i = 0; $i <= 15; $i++) {
$char = dechex($i);
$query = "DELETE FROM `link_keyword{$char}` WHERE link_id IN ({$delids})";
mysql_query($query) or die(mysql_error() . " article.lib.php L:441");
}
return true;
}
/**
* @param $userId The user for whom the list of permitted actions must be computed.
* @param $pageId The page on which the permissible action for the user is computed
*
* @return $searchbar The search bar for tags.
*/
function getSearchbar($userId, $pageId)
{
if (isset($_GET['searchbar']) && isset($_GET['searchContents'])) {
$_GET['searchbar'] = escape($_GET['searchbar']);
$_GET['searchContents'] = escape($_GET['searchContents']);
$allPageQuery = "SELECT `page_id`, `page_module` FROM `" . MYSQL_DATABASE_PREFIX . "pages`";
$allPageResult = mysql_query($allPageQuery);
$pagesIdList = array();
//Contains all pages for which the user has view permission
while ($row = mysql_fetch_assoc($allPageResult)) {
if (getPermissions($userId, $row['page_id'], $action = "view", $module = $row['page_module'])) {
array_push($pagesIdList, intval($row['page_id']));
}
}
$searchQueryParams = "";
foreach ($pagesIdList as $key => $value) {
$searchQueryParams .= $value . ",";
}
$searchQueryParams = substr($searchQueryParams, 0, -1);
$searchQuery = "SELECT * FROM `" . MYSQL_DATABASE_PREFIX . "pagetags` WHERE `tag_text` LIKE '%{$_GET['searchContents']}%' AND `page_id` IN (" . $searchQueryParams . ");";
$tagsWithPermsResult = mysql_query($searchQuery);
$searchResult = mysql_query($searchQuery);
$suggestions = "";
while ($row = mysql_fetch_assoc($searchResult)) {
$suggestions .= "<a href=" . hostURL() . getPagePath($row['page_id']) . ">";
$pageInfo = getPageInfo($row['page_id']);
$suggestions .= $pageInfo['page_title'] . "</a><br/>";
}
echo $suggestions;
exit(0);
}
$searchbar = <<<SEARCHSCRIPT
<script>
function showResult(searchstr) {
if (searchstr.length==0) {
document.getElementById("tagSuggestions").innerHTML="";
document.getElementById("tagSuggestions").style.border="0px";
return;
}
if (window.XMLHttpRequest) {
// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp=new XMLHttpRequest();
}else { // code for IE6, IE5
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.onreadystatechange=function() {
if (xmlhttp.readyState==4 && xmlhttp.status==200) {
if(xmlhttp.responseText != "") {
console.log(xmlhttp.responseText);
document.getElementById("tagSuggestions").innerHTML=xmlhttp.responseText;
document.getElementById("tagSuggestions").style.border="1px solid #A5ACB2";
}
else {
document.getElementById("tagSuggestions").innerHTML="";
document.getElementById("tagSuggestions").style.border="0px";
}
}
}
xmlhttp.open("GET","./&searchbar=1&searchContents="+searchstr,true);
xmlhttp.send();
}
</script>
SEARCHSCRIPT;
$searchbar .= "<div id='cms-searchbar'>";
$searchbar .= "<input type='text' size='30' onkeyup='showResult(this.value)'>";
$searchbar .= "<div id='tagSuggestions'></div>";
$searchbar .= "</div>";
return $searchbar;
}
function groupManagementForm($currentUserId, $modifiableGroups, &$pagePath)
{
require_once "group.lib.php";
global $ICONS;
global $urlRequestRoot, $cmsFolder, $templateFolder, $moduleFolder, $sourceFolder;
$scriptsFolder = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/scripts";
$imagesFolder = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/images";
/// Parse any get variables, do necessary validation and stuff, so that we needn't check inside every if
$groupRow = $groupId = $userId = null;
$subAction = '';
//isset($_GET['subaction']) ? $_GET['subaction'] : '';
if (isset($_GET['subsubaction']) && $_GET['subsubaction'] == 'editgroup' && isset($_GET['groupname']) || isset($_POST['btnEditGroup']) && isset($_POST['selEditGroups'])) {
$subAction = 'showeditform';
} elseif (isset($_GET['subsubaction']) && $_GET['subsubaction'] == 'associateform') {
$subAction = 'associateform';
} elseif (isset($_GET['subsubaction']) && $_GET['subsubaction'] == 'deleteuser' && isset($_GET['groupname']) && isset($_GET['useremail'])) {
$subAction = 'deleteuser';
} elseif (isset($_POST['btnAddUserToGroup'])) {
$subAction = 'addusertogroup';
} elseif (isset($_POST['btnSaveGroupProperties'])) {
$subAction = 'savegroupproperties';
} elseif (isset($_POST['btnEditGroupPriorities']) || isset($_GET['subsubaction']) && $_GET['subsubaction'] == 'editgrouppriorities') {
$subAction = 'editgrouppriorities';
}
if (isset($_POST['selEditGroups']) || isset($_GET['groupname'])) {
$groupRow = getGroupRow(isset($_POST['selEditGroups']) ? escape($_POST['selEditGroups']) : escape($_GET['groupname']));
$groupId = $groupRow['group_id'];
if ($subAction != 'editgrouppriorities' && (!$groupRow || !$groupId || $groupId < 2)) {
displayerror('Error! Invalid group requested.');
return;
}
if (!is_null($groupId)) {
if ($modifiableGroups[count($modifiableGroups) - 1]['group_priority'] < $groupRow['group_priority']) {
displayerror('You do not have the permission to modify the selected group.');
return '';
}
}
}
if (isset($_GET['useremail'])) {
$userId = getUserIdFromEmail($_GET['useremail']);
}
if ($subAction != 'editgrouppriorities' && (isset($_GET['subaction']) && $_GET['subaction'] == 'editgroups' && !is_null($groupId))) {
if ($subAction == 'deleteuser') {
if ($groupRow['form_id'] != 0) {
displayerror('The group is associated with a form. To remove a user, use the edit registrants in the assoicated form.');
} elseif (!$userId) {
displayerror('Unknown E-mail. Could not find a registered user with the given E-mail Id');
} else {
$deleteQuery = 'DELETE FROM `' . MYSQL_DATABASE_PREFIX . 'usergroup` WHERE `user_id` = \'' . $userId . '\' AND `group_id` = ' . $groupId;
$deleteResult = mysql_query($deleteQuery);
if (!$deleteResult || mysql_affected_rows() != 1) {
displayerror('Could not delete user with the given E-mail from the given group.');
} else {
displayinfo('Successfully removed user from the current group');
if ($userId == $currentUserId) {
$virtue = '';
$maxPriorityGroup = getMaxPriorityGroup($pagePath, $currentUserId, array_reverse(getGroupIds($currentUserId)), $virtue);
$modifiableGroups = getModifiableGroups($currentUserId, $maxPriorityGroup, $ordering = 'asc');
}
}
}
} elseif ($subAction == 'savegroupproperties' && isset($_POST['txtGroupDescription'])) {
$updateQuery = "UPDATE `" . MYSQL_DATABASE_PREFIX . "groups` SET `group_description` = '" . escape($_POST['txtGroupDescription']) . "' WHERE `group_id` = '{$groupId}'";
$updateResult = mysql_query($updateQuery);
if (!$updateResult) {
displayerror('Could not update database.');
} else {
displayinfo('Changes to the group have been successfully saved.');
}
$groupRow = getGroupRow($groupRow['group_name']);
} elseif ($subAction == 'addusertogroup' && isset($_POST['txtUserEmail']) && trim($_POST['txtUserEmail']) != '') {
if ($groupRow['form_id'] != 0) {
displayerror('The selected group is associated with a form. To add a user, register the user to the form.');
} else {
$passedEmails = explode(',', escape($_POST['txtUserEmail']));
for ($i = 0; $i < count($passedEmails); $i++) {
$hyphenPos = strpos($passedEmails[$i], '-');
if ($hyphenPos >= 0) {
$userEmail = trim(substr($passedEmails[$i], 0, $hyphenPos - 1));
} else {
$userEmail = escape($_POST['txtUserEmail']);
}
$userId = getUserIdFromEmail($userEmail);
if (!$userId || $userId < 1) {
displayerror('Unknown E-mail. Could not find a registered user with the given E-mail Id');
}
if (!addUserToGroupName($groupRow['group_name'], $userId)) {
displayerror('Could not add the given user to the current group.');
} else {
displayinfo('User has been successfully inserted into the given group.');
}
}
}
} elseif ($subAction == 'associateform') {
if (isset($_POST['btnAssociateGroup'])) {
$pageIdArray = array();
$formPageId = parseUrlReal(escape($_POST['selFormPath']), $pageIdArray);
if ($formPageId <= 0 || getPageModule($formPageId) != 'form') {
displayerror('Invalid page selected! The page you selected is not a form.');
} elseif (!getPermissions($currentUserId, $formPageId, 'editregistrants', 'form')) {
displayerror('You do not have the permissions to associate the selected form with a group.');
} else {
$formModuleId = getModuleComponentIdFromPageId($formPageId, 'form');
require_once "{$sourceFolder}/{$moduleFolder}/form.lib.php";
if (isGroupEmpty($groupId) || form::getRegisteredUserCount($formModuleId) == 0) {
associateGroupWithForm($groupId, $formModuleId);
$groupRow = getGroupRow($groupRow['group_name']);
} else {
displayerror('Both the group and the form already contain registered users, and the group cannot be associated with the selected form.');
}
}
} elseif (isset($_POST['btnUnassociateGroup'])) {
if ($groupRow['form_id'] <= 0) {
displayerror('The selected group is currently not associated with any form.');
} elseif (!getPermissions($currentUserId, getPageIdFromModuleComponentId('form', $groupRow['form_id']), 'editregistrants', 'form')) {
displayerror('You do not have the permissions to unassociate the form from this group.');
} else {
unassociateFormFromGroup($groupId);
$virtue = '';
$maxPriorityGroup = getMaxPriorityGroup($pagePath, $currentUserId, array_reverse(getGroupIds($currentUserId)), $virtue);
$modifiableGroups = getModifiableGroups($currentUserId, $maxPriorityGroup, $ordering = 'asc');
$groupRow = getGroupRow($groupRow['group_name']);
}
}
}
if ($modifiableGroups[count($modifiableGroups) - 1]['group_priority'] < $groupRow['group_priority']) {
displayerror('You do not have the permission to modify the selected group.');
return '';
}
$usersTable = '`' . MYSQL_DATABASE_PREFIX . 'users`';
$usergroupTable = '`' . MYSQL_DATABASE_PREFIX . 'usergroup`';
$userQuery = "SELECT `user_email`, `user_fullname` FROM {$usergroupTable}, {$usersTable} WHERE `group_id` = '{$groupId}' AND {$usersTable}.`user_id` = {$usergroupTable}.`user_id` ORDER BY `user_email`";
$userResult = mysql_query($userQuery);
if (!$userResult) {
displayerror('Error! Could not fetch group information.');
return '';
}
$userEmails = array();
$userFullnames = array();
while ($userRow = mysql_fetch_row($userResult)) {
$userEmails[] = $userRow[0];
$userFullnames[] = $userRow[1];
}
$groupEditForm = <<<GROUPEDITFORM
\t\t\t<h2>Group '{$groupRow['group_name']}' - '{$groupRow['group_description']}'</h2><br />
\t\t\t<fieldset style="padding: 8px">
\t\t\t\t<legend>{$ICONS['User Groups']['small']}Group Properties</legend>
\t\t\t\t<form name="groupeditform" method="POST" action="./+admin&subaction=editgroups&groupname={$groupRow['group_name']}">
\t\t\t\t\tGroup Description: <input type="text" name="txtGroupDescription" value="{$groupRow['group_description']}" />
\t\t\t\t\t<input type="submit" name="btnSaveGroupProperties" value="Save Group Properties" />
\t\t\t\t</form>
\t\t\t</fieldset>
\t\t\t<br />
\t\t\t<fieldset style="padding: 8px">
\t\t\t\t<legend>{$ICONS['User Groups']['small']}Existing Users in Group:</legend>
GROUPEDITFORM;
$userCount = mysql_num_rows($userResult);
global $urlRequestRoot, $cmsFolder, $templateFolder, $sourceFolder;
$deleteImage = "<img src=\"{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/icons/16x16/actions/edit-delete.png\" alt=\"Remove user from the group\" title=\"Remove user from the group\" />";
for ($i = 0; $i < $userCount; $i++) {
$isntAssociatedWithForm = $groupRow['form_id'] == 0;
if ($isntAssociatedWithForm) {
$groupEditForm .= '<a onclick="return confirm(\'Are you sure you wish to remove this user from this group?\')" href="./+admin&subaction=editgroups&subsubaction=deleteuser&groupname=' . $groupRow['group_name'] . '&useremail=' . $userEmails[$i] . '">' . $deleteImage . "</a>";
}
$groupEditForm .= " {$userEmails[$i]} - {$userFullnames[$i]}<br />\n";
}
$associateForm = '';
if ($groupRow['form_id'] == 0) {
$associableForms = getAssociableFormsList($currentUserId, !isGroupEmpty($groupId));
$associableFormCount = count($associableForms);
$associableFormsBox = '<select name="selFormPath">';
for ($i = 0; $i < $associableFormCount; ++$i) {
$associableFormsBox .= '<option value="' . $associableForms[$i][2] . '">' . $associableForms[$i][1] . ' - ' . $associableForms[$i][2] . '</option>';
}
$associableFormsBox .= '</select>';
$associateForm = <<<GROUPASSOCIATEFORM
\t\t\tSelect a form to associate the group with: {$associableFormsBox}
\t\t\t<input type="submit" name="btnAssociateGroup" value="Associate Group with Form" />
GROUPASSOCIATEFORM;
} else {
$associatedFormPageId = getPageIdFromModuleComponentId('form', $groupRow['form_id']);
$associateForm = 'This group is currently associated with the form: ' . getPageTitle($associatedFormPageId) . ' (' . getPagePath($associatedFormPageId) . ')<br />' . '<input type="submit" name="btnUnassociateGroup" value="Unassociate" />';
}
$groupEditForm .= '</fieldset>';
if ($groupRow['form_id'] == 0) {
$groupEditForm .= <<<GROUPEDITFORM
\t\t\t\t<br />
\t\t\t\t<fieldset style="padding: 8px">
\t\t\t\t\t<legend>{$ICONS['Add']['small']}Add Users to Group</legend>
\t\t\t\t\t<form name="addusertogroup" method="POST" action="./+admin&subaction=editgroups&groupname={$groupRow['group_name']}">
\t\t\t\t\t\tEmail ID: <input type="text" name="txtUserEmail" id="txtUserEmail" value="" style="width: 256px" autocomplete="off" />
\t\t\t\t\t\t<div id="suggestionDiv" class="suggestionbox"></div>
\t\t\t\t\t\t<script language="javascript" type="text/javascript" src="{$scriptsFolder}/ajaxsuggestionbox.js"></script>
\t\t\t\t\t\t<script language="javascript" type="text/javascript">
\t\t\t\t\t\t<!--
\t\t\t\t\t\t\tvar addUserBox = new SuggestionBox(document.getElementById('txtUserEmail'), document.getElementById('suggestionDiv'), "./+admin&doaction=getsuggestions&forwhat=%pattern%");
\t\t\t\t\t\t\taddUserBox.loadingImageUrl = '{$imagesFolder}/ajaxloading.gif';
\t\t\t\t\t\t-->
\t\t\t\t\t\t</script>
\t\t\t\t\t\t<input type="submit" name="btnAddUserToGroup" value="Add User to Group" />
\t\t\t\t\t</form>
\t\t\t\t</fieldset>
GROUPEDITFORM;
}
$groupEditForm .= <<<GROUPEDITFORM
\t\t\t<br />
\t\t\t<fieldset style="padding: 8px">
\t\t\t\t<legend>{$ICONS['Group Associate Form']['small']}Associate With Form</legend>
\t\t\t\t<form name="groupassociationform" action="./+admin&subaction=editgroups&subsubaction=associateform&groupname={$groupRow['group_name']}" method="POST">
\t\t\t\t\t{$associateForm}
\t\t\t\t</form>
\t\t\t</fieldset>
GROUPEDITFORM;
return $groupEditForm;
}
if ($subAction == 'editgrouppriorities') {
$modifiableCount = count($modifiableGroups);
$userMaxPriority = $maxPriorityGroup = 1;
if ($modifiableCount != 0) {
$userMaxPriority = max($modifiableGroups[0]['group_priority'], $modifiableGroups[$modifiableCount - 1]['group_priority']);
$maxPriorityGroup = $modifiableGroups[0]['group_priority'] > $modifiableGroups[$modifiableCount - 1]['group_priority'] ? $modifiableGroups[0]['group_id'] : $modifiableGroups[$modifiableCount - 1]['group_id'];
}
if (isset($_GET['dowhat']) && !is_null($groupId)) {
if ($_GET['dowhat'] == 'incrementpriority' || $_GET['dowhat'] == 'decrementpriority') {
shiftGroupPriority($currentUserId, $groupRow['group_name'], $_GET['dowhat'] == 'incrementpriority' ? 'up' : 'down', $userMaxPriority, true);
} elseif ($_GET['dowhat'] == 'movegroupup' || $_GET['dowhat'] == 'movegroupdown') {
shiftGroupPriority($currentUserId, $groupRow['group_name'], $_GET['dowhat'] == 'movegroupup' ? 'up' : 'down', $userMaxPriority, false);
} elseif ($_GET['dowhat'] == 'emptygroup') {
emptyGroup($groupRow['group_name']);
} elseif ($_GET['dowhat'] == 'deletegroup') {
if (deleteGroup($groupRow['group_name'])) {
$virtue = '';
$maxPriorityGroup = getMaxPriorityGroup($pagePath, $currentUserId, array_reverse(getGroupIds($currentUserId)), $virtue);
$modifiableGroups = getModifiableGroups($currentUserId, $maxPriorityGroup, $ordering = 'asc');
}
}
$modifiableGroups = reevaluateGroupPriorities($modifiableGroups);
} elseif (isset($_GET['dowhat']) && $_GET['dowhat'] == 'addgroup') {
if (isset($_POST['txtGroupName']) && isset($_POST['txtGroupDescription']) && isset($_POST['selGroupPriority'])) {
$existsQuery = 'SELECT `group_id` FROM `' . MYSQL_DATABASE_PREFIX . "groups` WHERE `group_name` = '" . escape($_POST['txtGroupName']) . "'";
$existsResult = mysql_query($existsQuery);
if (trim($_POST['txtGroupName']) == '') {
displayerror('Cannot create a group with an empty name. Please type in a name for the new group.');
} elseif (mysql_num_rows($existsResult) >= 1) {
displayerror('A group with the name you specified already exists.');
} else {
$idQuery = 'SELECT MAX(`group_id`) FROM `' . MYSQL_DATABASE_PREFIX . 'groups`';
$idResult = mysql_query($idQuery);
$idRow = mysql_fetch_row($idResult);
$newGroupId = 2;
if (!is_null($idRow[0])) {
$newGroupId = $idRow[0] + 1;
}
$newGroupPriority = 1;
if ($_POST['selGroupPriority'] <= $userMaxPriority && $_POST['selGroupPriority'] > 0) {
$newGroupPriority = escape($_POST['selGroupPriority']);
}
$addGroupQuery = 'INSERT INTO `' . MYSQL_DATABASE_PREFIX . 'groups` (`group_id`, `group_name`, `group_description`, `group_priority`) ' . "VALUES({$newGroupId}, '" . escape($_POST['txtGroupName']) . "', '" . escape($_POST['txtGroupDescription']) . "', '{$newGroupPriority}')";
$addGroupResult = mysql_query($addGroupQuery);
if ($addGroupResult) {
displayinfo('New group added successfully.');
if (isset($_POST['chkAddMe'])) {
$insertQuery = 'INSERT INTO `' . MYSQL_DATABASE_PREFIX . "usergroup`(`user_id`, `group_id`) VALUES ('{$currentUserId}', '{$newGroupId}')";
if (!mysql_query($insertQuery)) {
displayerror('Error adding user to newly created group: ' . $insertQuery . '<br />' . mysql_query());
}
}
$virtue = '';
$maxPriorityGroup = getMaxPriorityGroup($pagePath, $currentUserId, array_reverse(getGroupIds($currentUserId)), $virtue);
$modifiableGroups = getModifiableGroups($currentUserId, $maxPriorityGroup, $ordering = 'asc');
} else {
displayerror('Could not run MySQL query. New group could not be added.');
}
}
}
$modifiableGroups = reevaluateGroupPriorities($modifiableGroups);
}
$modifiableCount = count($modifiableGroups);
if ($modifiableGroups[0]['group_priority'] < $modifiableGroups[$modifiableCount - 1]['group_priority']) {
$modifiableGroups = array_reverse($modifiableGroups);
}
$previousPriority = $modifiableGroups[0]['group_priority'];
global $cmsFolder, $urlRequestRoot, $moduleFolder, $templateFolder, $sourceFolder;
$iconsFolderUrl = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/icons/16x16";
$moveUpImage = '<img src="' . $iconsFolderUrl . '/actions/go-up.png" title="Increment Group Priority" alt="Increment Group Priority" />';
$moveDownImage = '<img src="' . $iconsFolderUrl . '/actions/go-down.png" alt="Decrement Group Priority" title="Decrement Group Priority" />';
$moveTopImage = '<img src="' . $iconsFolderUrl . '/actions/go-top.png" alt="Move to next higher priority level" title="Move to next higher priority level" />';
$moveBottomImage = '<img src="' . $iconsFolderUrl . '/actions/go-bottom.png" alt="Move to next lower priority level" title="Move to next lower priority level" />';
$emptyImage = '<img src="' . $iconsFolderUrl . '/actions/edit-clear.png" alt="Empty Group" title="Empty Group" />';
$deleteImage = '<img src="' . $iconsFolderUrl . '/actions/edit-delete.png" alt="Delete Group" title="Delete Group" />';
$groupsForm = '<h3>Edit Group Priorities</h3><br />';
for ($i = 0; $i < $modifiableCount; $i++) {
if ($modifiableGroups[$i]['group_priority'] != $previousPriority) {
$groupsForm .= '<br /><br /><hr /><br />';
}
$groupsForm .= '<span style="margin: 4px;" title="' . $modifiableGroups[$i]['group_description'] . '">' . '<a href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=incrementpriority&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $moveUpImage . '</a>' . '<a href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=decrementpriority&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $moveDownImage . '</a>' . '<a href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=movegroupup&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $moveTopImage . '</a>' . '<a href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=movegroupdown&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $moveBottomImage . '</a>' . '<a onclick="return confirm(\'Are you sure you want to empty this group?\')" href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=emptygroup&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $emptyImage . '</a>' . '<a onclick="return confirm(\'Are you sure you want to delete this group?\')" href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=deletegroup&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $deleteImage . '</a>' . '<a href="./+admin&subaction=editgroups&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $modifiableGroups[$i]['group_name'] . "</a></span>\n";
$previousPriority = $modifiableGroups[$i]['group_priority'];
}
$priorityBox = '<option value="1">1</option>';
for ($i = 2; $i <= $userMaxPriority; ++$i) {
$priorityBox .= '<option value="' . $i . '">' . $i . '</option>';
}
$groupsForm .= <<<GROUPSFORM
\t\t<br /><br />
\t\t<fieldset style="padding: 8px">
\t\t\t<legend>Create New Group:</legend>
\t\t\t<form name="groupaddform" method="POST" action="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=addgroup">
\t\t\t\t<label>Group Name: <input type="text" name="txtGroupName" value="" /></label><br />
\t\t\t\t<label>Group Description: <input type="text" name="txtGroupDescription" value="" /></label><br />
\t\t\t\t<label>Group Priority: <select name="selGroupPriority">{$priorityBox}</select><br />
\t\t\t\t<label><input type="checkbox" name="chkAddMe" value="addme" /> Add me to group</label><br />
\t\t\t\t<input type="submit" name="btnAddNewGroup" value="Add Group" />
\t\t\t</form>
\t\t</fieldset>
GROUPSFORM;
return $groupsForm;
}
$modifiableCount = count($modifiableGroups);
$groupsBox = '<select name="selEditGroups">';
for ($i = 0; $i < $modifiableCount; ++$i) {
$groupsBox .= '<option value="' . $modifiableGroups[$i]['group_name'] . '">' . $modifiableGroups[$i]['group_name'] . ' - ' . $modifiableGroups[$i]['group_description'] . "</option>\n";
}
$groupsBox .= '</select>';
$groupsForm = <<<GROUPSFORM
\t\t<form name="groupeditform" method="POST" action="./+admin&subaction=editgroups">
\t\t\t{$groupsBox}
\t\t\t<input type="submit" name="btnEditGroup" value="Edit Selected Group" /><br /><br />
\t\t\t<input type="submit" name="btnEditGroupPriorities" value="Add/Shuffle/Remove Groups" />
\t\t</form>
GROUPSFORM;
return $groupsForm;
}
/**
* Gets the information about all the widgets which are inherited to a page via any parent page.
* @param $pageId Page Id of the given page
* @return Array of widgets containing widgets information
*/
function getInheritedWidgets($pageId)
{
$parentId = getParentPage($pageId);
if ($parentId == $pageId) {
return array();
}
$query = "SELECT t1.`widget_id` AS 'id', t1.`widget_instanceid` AS 'instanceid', t1.`widget_location` AS 'location', t2.`widget_name` AS 'name', t2.`widget_description` AS 'description', t2.`widget_author` AS 'author', t2.`widget_version` AS 'version', t2.`widget_classname` AS 'classname', t2.`widget_foldername` AS 'foldername' FROM `" . MYSQL_DATABASE_PREFIX . "widgets` AS t1, `" . MYSQL_DATABASE_PREFIX . "widgetsinfo` AS t2 WHERE t1.`page_id`='{$parentId}' AND t1.`widget_propagate`=1 AND t2.`widget_id`=t1.`widget_id` ORDER BY t1.`widget_location` ASC";
$result = mysql_query($query);
$return = array();
while ($row = mysql_fetch_array($result)) {
$row['source'] = getPagePath($parentId);
$return[] = $row;
}
$more = getInheritedWidgets($parentId);
$return = array_merge($return, $more);
return $return;
}
function getPagePathFromModule($moduleName, $moduleComponentId)
{
return getPagePath(getPageIdFromModuleComponentId($moduleName, $moduleComponentId));
}
public function actionReports()
{
global $userId, $urlRequestRoot;
$query = "SELECT `page_id`, `page_modulecomponentid` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_module`='form'";
$resource = mysql_query($query);
$report = <<<CSS
\t\t <style type="text/css">
\t\t
#reports tbody tr.even td {
background-color: #f0f8ff;
color: #000;
}
#reports tbody tr td a, a:link, a:visited {
\tcolor: #000;
}
#reports tbody tr.odd td {
background-color: #fff;color: #000;
}
</style>
CSS;
$report .= '<table id="reports"><tbody><tr><td>Form</td><td>No. of registrants</td></tr>';
$class = 'even';
while ($result = mysql_fetch_assoc($resource)) {
$permission = getPermissions($userId, $result[page_id], 'viewRegistrant', 'form');
if ($permission) {
$pageId = $result['page_id'];
$parentPageId = getParentPage($pageId);
$parentTitle = getPageTitle($parentPageId);
$formTitle = getPageTitle($pageId);
$formInfo = $parentTitle . '_' . $formTitle;
$formPath = getPagePath($pageId);
$query = "SELECT count(distinct(`user_id`)) FROM `form_regdata` WHERE `page_modulecomponentid`='{$result['page_modulecomponentid']}'";
$resource2 = mysql_query($query);
//or die(mysql_error());
$result2 = mysql_fetch_row($resource2);
if (!strpos($formPath, 'qaos')) {
if ($class == 'even') {
$class = 'odd';
} else {
$class = 'even';
}
$report .= "<tr class=\"{$class}\"><td><a href=\"{$urlRequestRoot}{$formPath}\">{$formInfo}</a></td><td>{$result2['0']}</td></tr>";
}
}
}
$report .= '</tbody></table>';
return $report;
}
// **************************************************
//laczymy sie z baza danych
include("./db.inc.php");
db_connect();
// **************************************************
//sciezki do galerii
set_include_path("./phplib");
// **************************************************
//funkcje
include_once("./pages/functions.php");
// **************************************************
//jaka strona
$page = getPagePath($_REQUEST['page']);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="pl">
<head>
<title>ZHR Zielona Góra - Zwi±zek Harcerstwa Rzeczypospolitej</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-2" />
<meta http-equiv="Content-Language" content="pl" />
<meta name="author" content="perk" />
<meta name="keywords" content="skauting skaut zielona góra gora zgora harcerstwo zhr harcerze harcerki harcerski zwiazek zwi±zek harcerstwa rzeczypospolitej zbiórki zbiorki obozy hufiec dru¿yny dryzyny dru¿yna druzyna obwód obwod zielonogórski zielonogorski" />
<meta name="description" content="Strona zielonogórskiego ¶rodowiska ZHR - Zwi±zku Harcerstwa Rzeczypospolitej" />
<meta name="robots" content="index, follow" />
<link rel="stylesheet" href="./glowny.css" type="text/css" />
<link rel="alternate" type="application/rss+xml" title="aktualnosciRSS" href="rss.php" />
<? if ($_REQUEST['page'] == "galeria") include("./pages/galeria.head.php"); ?>
<script type="text/javascript">
function move_page($userId, $pageId, $parentId, $pagetitle, $pagename, $deleteoriginalentry)
{
/**
* return true or false.
* First check if page with same name exists in destination parent. If it does, and the parent is different from
* current parent, dont copy or move and return false
*
*/
//var_dump($str);
$query = "SELECT `page_id` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_parentid` = '{$parentId}' AND `page_name` = '{$pagename}'";
$result = mysql_query($query);
if (mysql_num_rows($result) > 0) {
return "Error: There exists a page with the same name in the destination path.";
}
$parentInfo = getPageInfo($parentId);
if (!getPermissions($userId, $parentId, "settings")) {
return "Error: You do not have permission to copy or move to the destination page.";
}
if ($parentInfo['page_module'] == "link") {
return "Error: Cannot move or copy a page to a page of the type link.";
}
$str = array();
parseUrlDereferenced($parentId, $str);
$arrlen = count($str);
for ($i = 0; $i < count($str); $i++) {
if ($pageId == $str[$i]) {
return 'Error : You are trying to copy a parent to a child page. This will create a loop';
}
}
//if the deleteoriginal entry is set then the page is MOVED from the original location to the new location.
if ($deleteoriginalentry == true) {
if ($pageId != 0) {
$query = "UPDATE `" . MYSQL_DATABASE_PREFIX . "pages` SET `page_parentid` = '" . $parentId . "' , `page_title` = '" . $pagetitle . "' , `page_name` = '" . $pagename . "' WHERE `page_id` ='{$pageId}' ;";
$result = mysql_query($query);
if (mysql_affected_rows() != 1) {
return 'Unable to perform the required action';
}
global $urlRequestRoot;
header("location:" . $urlRequestRoot . getPagePath($pageId) . "+settings&displayinfo=" . rawurlencode("The page has been successfully moved."));
} else {
return 'Error : You do not have permission to move the root page.';
}
} else {
$recursive = false;
if (isset($_POST['recursivelycopypage'])) {
$recursive = true;
}
if (copyPage($userId, $pageId, $parentId, $pagetitle, $pagename, $recursive)) {
displayinfo("Page copied successfully!");
}
}
}
function getPagePath($id)
{
$path = '';
$sql = 'SELECT `id` , `pagename` , `parentid` FROM `pages` WHERE `id` = ' . $id . '; ';
$rs = mysql_query($sql) or die("Unable to Execute Select query");
$row = mysql_fetch_assoc($rs);
$path .= $row['pagename'] . '/';
if ($row['parentid'] > 2) {
$path = getPagePath($row['parentid']) . $path;
}
return $path;
}
