/**
* Get search results
*/
public function sb_base_theme_index_top($h)
{
// Get page title
if ($h->cage->get->keyExists('search')) {
$title = stripslashes(htmlentities($h->cage->get->sanitizeTags('search'), ENT_QUOTES, 'UTF-8'));
$h->pageTitle = make_name($title);
$h->subPage = 'search';
$h->pageType = 'list';
$h->pageName = 'search';
}
}
</tr>
<?php
if ($themes) {
foreach ($themes as $theme) {
//$href= SITEURL . "admin_index.php?page=plugin_management&action=update&plugin=" . strtolower($plugin['folder']) . "&resourceId=" . $plugin['resourceId'] . "&versionId=" . $plugin['resourceVersionId'] . "#tab_updates";
?>
<tr>
<td>
<?php
if ($theme == rtrim(THEME, '/')) {
$active = ' <i><small>(current)</small></i>';
} else {
$active = '';
}
echo "<a href='" . SITEURL . "admin_index.php?page=theme_settings&theme=" . $theme . "'>" . make_name($theme, '-') . "</a>" . $active . "\n";
?>
</td>
<td><?php
//echo $plugin['version'];
?>
</td>
<td><a href="admin_index.php?page=theme_settings&theme=<?php
echo $theme;
?>
" class="btn btn-primary btn-xs">Settings</button></a></td>
<td><!--<a href="<?php
//echo $href;
?>
" class="btn btn-warning btn-xs">Update</button></a>--></td>
</tr>
/**
* Edit Default Permissions
*/
public function defaultPerms($h)
{
$role = $h->cage->get->testAlpha('role');
if (!$role) {
$role = $h->cage->post->testAlpha('role');
}
if ($role) {
$h->vars['user_man_role'] = $role;
} else {
$h->vars['user_man_role'] = 'member';
}
$h->vars['user_man_perms_existing'] = "";
// disable applying changes to other users by default
// prevent non-admin user viewing permissions of admin user
if ($h->vars['user_man_role'] == 'admin' && $h->currentUser->role != 'admin') {
$h->showMessage($h->lang["user_man_admin_access_denied"], 'red');
return true;
}
// if the form has been submitted...
if ($h->cage->post->testAlnumLines('subpage') == 'default_perms' && $h->cage->post->testAlpha('submitted') == 'true') {
// No CSRF check here because all plugin setting pages are already checked.
// get all existing site permissions:
$sql = "SELECT miscdata_value FROM " . TABLE_MISCDATA . " WHERE miscdata_key = %s";
$old_perms = $h->db->get_var($h->db->prepare($sql, 'permissions'));
$new_perms = unserialize($old_perms);
foreach ($new_perms as $perm => $roles) {
if ($perm == 'options') {
continue;
}
$updated = false;
foreach ($roles as $role => $value) {
if ($role == $h->vars['user_man_role']) {
$new_perms[$perm][$role] = $h->cage->post->testAlnumLines($perm);
$updated = true;
}
}
// if no permission found for this role so make one:
if (!$updated) {
$new_perms[$perm][$h->vars['user_man_role']] = $h->cage->post->testAlnumLines($perm);
}
}
// save updated site permissions:
$sql = "UPDATE " . TABLE_MISCDATA . " SET miscdata_value = %s, miscdata_updateby = %d WHERE miscdata_key = %s";
$h->db->query($h->db->prepare($sql, serialize($new_perms), $h->currentUser->id, 'permissions'));
$h->message = $h->lang["user_man_perms_updated"];
$h->messageType = 'green';
}
// revert to original defaults for this usergroup
if ($h->cage->get->testAlnumLines('subpage') == 'default_perms' && $h->cage->get->testAlpha('revert') == 'true') {
// get original base permissions:
$sql = "SELECT miscdata_default FROM " . TABLE_MISCDATA . " WHERE miscdata_key = %s";
$base_perms = $h->db->get_var($h->db->prepare($sql, 'permissions'));
if (!$base_perms) {
$base_perms = array();
} else {
$base_perms = unserialize($base_perms);
}
//echo "BASE PERMS: " . "<br />";
//echo "<pre>"; print_r($base_perms); echo "</pre>";
// get site permissions:
$sql = "SELECT miscdata_value FROM " . TABLE_MISCDATA . " WHERE miscdata_key = %s";
$site_perms = $h->db->get_var($h->db->prepare($sql, 'permissions'));
if (!$site_perms) {
$site_perms = array();
} else {
$site_perms = unserialize($site_perms);
}
//echo "SITE PERMS: " . "<br />";
//echo "<pre>"; print_r($site_perms); echo "</pre>";
// remove role from site perms
foreach ($site_perms as $perm => $roles) {
if ($perm == 'options') {
unset($site_perms[$perm]);
continue;
}
foreach ($roles as $role => $value) {
if ($role == $h->vars['user_man_role']) {
unset($site_perms[$perm][$role]);
}
}
}
//merge arrays
$site_perms = array_merge($site_perms, $base_perms);
//echo "MERGED PERMS: " . "<br />";
//echo "<pre>"; print_r($site_perms); echo "</pre>";
// save updated site permissions:
$sql = "UPDATE " . TABLE_MISCDATA . " SET miscdata_value = %s, miscdata_updateby = %d WHERE miscdata_key = %s";
$h->db->query($h->db->prepare($sql, serialize($site_perms), $h->currentUser->id, 'permissions'));
$h->message = $h->lang["user_man_perms_reverted"];
$h->messageType = 'green';
}
// revert all usergroups to original defaults
if ($h->cage->get->testAlnumLines('subpage') == 'default_perms' && $h->cage->get->testAlpha('revert') == 'all') {
// get original base permissions:
$sql = "SELECT miscdata_default FROM " . TABLE_MISCDATA . " WHERE miscdata_key = %s";
$base_perms = $h->db->get_var($h->db->prepare($sql, 'permissions'));
// overwrite site permissions:
if ($base_perms) {
$sql = "UPDATE " . TABLE_MISCDATA . " SET miscdata_value = %s, miscdata_updateby = %d WHERE miscdata_key = %s";
$h->db->query($h->db->prepare($sql, $base_perms, $h->currentUser->id, 'permissions'));
}
$h->message = $h->lang["user_man_all_perms_reverted"];
$h->messageType = 'green';
}
// wipe all defaults and reinstall plugins
if ($h->cage->get->testAlnumLines('subpage') == 'default_perms' && $h->cage->get->testAlpha('revert') == 'complete') {
// delete defaults:
$sql = "DELETE FROM " . TABLE_MISCDATA . " WHERE miscdata_key = %s";
$h->db->query($h->db->prepare($sql, 'permissions'));
// Default permissions
$perms['options']['can_access_admin'] = array('yes', 'no');
$perms['can_access_admin']['admin'] = 'yes';
$perms['can_access_admin']['supermod'] = 'yes';
$perms['can_access_admin']['default'] = 'no';
$perms = serialize($perms);
$sql = "INSERT INTO " . TABLE_MISCDATA . " (miscdata_key, miscdata_value, miscdata_default, miscdata_updateby) VALUES (%s, %s, %s, %d)";
$h->db->query($h->db->prepare($sql, 'permissions', $perms, $perms, $h->currentUser->id));
$h->message = $h->lang["user_man_all_perms_deleted"];
$h->messageType = 'green';
}
// get permissions from the database
$h->vars['tempPermissionsCache'] = array();
// clear the cache
$perm_options = $h->getDefaultPermissions('', 'site', true);
$default_perms = $h->getDefaultPermissions($h->vars['user_man_role'], 'site');
// update existing users?
if ($h->cage->post->keyExists('apply_perms')) {
$sql = "UPDATE " . TABLE_USERS . " SET user_permissions = %s, user_updateby = %d WHERE user_role = %s";
$h->db->query($h->db->prepare($sql, serialize($default_perms), $h->currentUser->id, $h->vars['user_man_role']));
}
$h->vars['perm_options'] = '';
foreach ($perm_options as $key => $options) {
$h->vars['perm_options'] .= "<tr><td>" . make_name($key) . ": </td>\n";
foreach ($options as $value) {
if (isset($default_perms[$key]) && $default_perms[$key] == $value) {
$checked = 'checked';
} else {
$checked = '';
}
if ($key == 'can_access_admin' && $h->vars['user_man_role'] == 'admin') {
$disabled = 'disabled';
} else {
$disabled = '';
}
$h->vars['perm_options'] .= "<td><input type='radio' name='" . $key . "' value='" . $value . "' " . $checked . " " . $disabled . "> " . $value . " </td>\n";
}
$h->vars['perm_options'] .= "</tr>";
}
// Show template:
$h->displayTemplate('user_man_perms', 'user_manager');
}
function validate_input($valid, &$p, &$error)
{
$error = null;
if ($valid['type'] != 'func') {
if (is_array($p)) {
$val =& $p[$valid['_input']];
} else {
$val =& $p;
}
}
switch ($valid['type']) {
case 'address':
$val = string_check($val);
if (empty($valid['blank']) and strlen($val) < 4) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid address.';
}
if (!empty($valid['lines']) and !empty($val) and substr_count($val, "\n") < $valid['lines'] - 1) {
$error = 'This address must contain at least ' . $valid['lines'] . ' lines.';
}
if (!empty($valid['format'])) {
$val = str_replace(array("\r", "\n", "\r\n", ', '), ',', $val);
}
break;
case 'array':
case 'choice':
case 'select':
// $val can't be an array at this point as that's sorted higher up by validate_input_array()
if (!is_array($valid['options']) and function_exists($valid['options'])) {
$valid['options'] = $valid['options']();
}
if (is_array($valid['options'])) {
if (is_assoc($valid['options'])) {
$err = !@isset($valid['options'][$val]);
} else {
$err = !in_array($val, $valid['options']);
}
} elseif (isset($valid['no-opts'])) {
$val = '';
} else {
$err = true;
$valid['msg'] = 'The options could not be found for this field.';
}
if (isset($valid['not-empty']) and empty($val)) {
$err = true;
}
if (!empty($err)) {
if (!empty($valid['blank'])) {
$val = '';
} elseif (!empty($valid['msg'])) {
$error = $valid['msg'];
} else {
$error = 'You must select one of the available options.';
}
}
break;
case 'bool':
case 'boolean':
if (!empty($val)) {
$val = !empty($valid['set']) ? $valid['set'] : 1;
} elseif (!empty($valid['mandatory'])) {
$error = 'You must tick this box to continue.';
} else {
$val = !empty($valid['empty']) ? $valid['empty'] : 0;
}
break;
case 'clear':
$val = false;
break;
// we can't do this because of the isset check in valid; use the func method to point to valid_copy instead
// case 'copy':
// $val=$p[$valid['copy']];
// break;
// we can't do this because of the isset check in valid; use the func method to point to valid_copy instead
// case 'copy':
// $val=$p[$valid['copy']];
// break;
case 'currency':
if (!make_currency($val, $valid['blank'] ? 1 : false)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid currency value';
}
if (!empty($valid['positive']) and $val < 0) {
$val *= -1;
}
break;
case 'dat':
case 'date':
// we had to be careful here, as when we moved to a function with &$error
// it started adding the error even if we planned to ignore it
// use $err in these cases but might be better to pass on the blank flag
// to sub functions of the validator
$func = 'sql_' . $valid['type'];
$val = $func($val, $err);
$today_date = date('Y-m-d');
if (empty($val)) {
if (!empty($valid['blank'])) {
$val = $valid['blank'] == 'today' ? $today_date : '';
} else {
$error = !empty($err) ? $err : 'The date you entered was not recognised';
}
} else {
if (!empty($valid['past'])) {
$valid['max'] = $today_date;
}
if (!empty($valid['future'])) {
$valid['min'] = $today_date;
}
if (!empty($valid['max']) and $val > $valid['max']) {
$error = 'The date specified is greater than the maximum allowed.';
}
if (!empty($valid['min']) and $val < $valid['min']) {
$error = 'The date specified is less than the minimum allowed.';
}
}
break;
case 'dob':
if (!empty($val)) {
$val = date_from_dob($val);
}
if (empty($val) and empty($valid['blank'])) {
if (!empty($valid['msg'])) {
$error = $valid['msg'];
} else {
$error = 'You must enter a valid date of birth, try ' . (defined(DATE_USA) ? 'mm/dd/yy' : 'dd/mm/yy') . '.';
}
}
if (isset($valid['max']) or isset($valid['min'])) {
$age = age_from_dob($val);
if (!empty($valid['max']) and $age > $valid['max']) {
$error = 'This date of birth indicates an age of ' . $age . '. It is required that the age is ' . $valid['max'] . ' or less.';
}
if (!empty($valid['min']) and $age < $valid['min']) {
$error = 'This date of birth indicates an age of ' . $age . '. It is required that the age is ' . $valid['min'] . ' or more.';
}
}
if ($val > date('Y-m-d')) {
$error = 'A date of birth may not be in the future. If time travel has been invented, please let us know last year.';
}
break;
case 'email':
if (!make_email($val, $valid['blank'] ? 1 : false)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid email address.';
}
break;
case 'equal':
if (!string_compare($val, $valid['equal'])) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter the exact value.';
}
break;
// this isn't really a data type, could be removed now that we can accept arrays
// this isn't really a data type, could be removed now that we can accept arrays
case 'extra':
$extra = array();
if (is_array($val['key'])) {
foreach ($val['key'] as $n => $key) {
$extra[string_check($key)] = string_check($val['val'][$n]);
}
}
$val = serialize($extra);
break;
case 'html':
$val = make_html($val, $valid['tags'], !empty($valid['multi_byte']) ? true : false);
if ($valid['length'] > 0) {
if (strlen($val) < $valid['length']) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a value at least ' . ($valid['length'] == 1 ? '1 character' : $valid['length'] . ' characters.') . ' long';
}
}
break;
case 'image':
break;
case 'keygen':
if (empty($val) and empty($valid['regen'])) {
$val = rand_pass();
}
break;
case 'name':
$val = make_name($val);
if (empty($valid['blank']) and empty($val)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid name.';
}
break;
case 'num':
case 'number':
if (!is_number($val, $valid['blank'] ? 1 : false)) {
if (!empty($valid['default'])) {
$val = $valid['default'];
} else {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid number.';
}
}
if (!empty($val)) {
// for legacy support
if (isset($valid['ulimit'])) {
$valid['max'] = $valid['ulimit'];
}
if (isset($valid['dlimit'])) {
$valid['min'] = $valid['dlimit'];
}
//
if (isset($valid['max']) and $val > $valid['max']) {
$error = 'You must enter a number no greater than ' . $valid['max'] . '.';
}
if (isset($valid['min']) and $val < $valid['min']) {
$error = 'You must enter a number no lower than ' . $valid['min'] . '.';
}
if (isset($valid['max-other']) and $val > $p[$valid['max-other']]) {
$error = 'You must enter a number no greater than ' . $p[$valid['max-other']] . '.';
}
}
break;
case 'phone':
if (isset($valid['other'])) {
$error = !make_phones($val, $p[$valid['other']]);
} else {
$error = !make_phone($val, $valid['blank'] ? 1 : false);
}
if (!empty($error)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid phone number.';
}
break;
case 'postcode':
if (!make_postcode($val, $valid['blank'] ? 1 : false)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid postcode.';
}
break;
case 'time':
if (!make_time($val, $valid['blank'] ? 1 : false, $valid['format'] ? $valid['format'] : null)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid time.';
}
break;
case 'url':
case 'website':
if (!make_website($val, $valid['blank'] ? 1 : false)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid website address.';
}
if (is_array($valid['unique'])) {
$check = query("SELECT " . $valid['unique']['id'] . " FROM " . $valid['unique']['table'] . " WHERE website='{$val}'", 'single');
if ($check > 0) {
$error = 'The website address you entered is already registered.';
}
}
break;
case 'func':
$func = $valid['func'];
if (function_exists($func)) {
if (!$func($p, $err, $valid)) {
$error = !empty($valid['msg']) ? $valid['msg'] : $err;
}
break;
}
default:
if (!empty($val)) {
$val = string_check($val, $valid['strip']);
}
if (!empty($valid['length'])) {
if (strlen($val) < $valid['length']) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a value at least ' . ($valid['length'] == 1 ? '1 character' : $valid['length'] . ' characters.') . ' long';
}
} elseif (!empty($valid['default']) and empty($val)) {
$val = $valid['default'];
}
if (!empty($valid['max']) and $strlen > $valid['max']) {
$error = 'You may not enter a value longer than ' . $valid['max'] . ' characters.';
}
}
validate_unique($valid, $val, $error);
if ($error) {
return false;
}
return true;
}
$href = SITEURL . "admin_index.php?page=plugin_management&action=update&plugin=" . strtolower($pluginData->plugin_folder) . "&resourceId=" . $pluginData->plugin_resourceId . "&versionId=" . $pluginData->plugin_resourceVersionId . "#tab_updates";
$h->showMessage('There is a newer version of this plugin, version ' . $pluginData->plugin_latestversion . '. <a class="alert-link" href="' . $href . '">upgrade now</a>', 'alert-info');
// show version number in the message
}
if ($plugin_latest_version == '0.0') {
$h->showMessage('No version information could be found on the plugin server ', 'alert-info');
// show version number in the message
}
?>
<div id="plugin_settings">
<?php
$result = '';
$forumLink = "http://forums.hotarucms.org/resources/";
if ($h->vars['settings_plugin']) {
$displayName = ucfirst(make_name($plugin)) . ' v.' . $pluginData->plugin_version;
$urlLink = $pluginData->plugin_resourceId != 0 ? $forumLink . $pluginData->plugin_resourceId : null;
$urlHref = $urlLink ? '<a href="' . $urlLink . '" target="_blank" class="btn btn-primary">' . $displayName . ' <i class="fa fa-comments"></i></a>' : '<a href="#" class="btn btn-info">' . $displayName . '</a>';
echo '<ul class="nav nav-tabs" id="Admin_Plugins_Tab">';
echo '<li>' . $urlHref . '</li>';
$h->pluginHook('admin_plugin_tabLabel_pre_first', $plugin);
echo '<li class="active"><a href="#settings" data-toggle="tab">Settings</a></li>
<li><a href="#home" data-toggle="tab">Overview</a></li>
<li><a href="#about" data-toggle="tab">About</a></li>
<li class="pull-right dropdown">';
echo \Libs\PluginSettings::getSettingsDropdownList($h, "Other Plugins");
echo '</li>';
$h->pluginHook('admin_plugin_tabLabel_after_last', $plugin);
echo '</ul>';
echo '<div class="tab-content">';
echo '<br/>';
/**
* Determine the title tags for the header
*
* @param bool $raw -return the title only
* @return string - the title
*/
public function getTitle($h, $delimiter = ' « ', $raw = false)
{
// if the title is already set...
if ($h->pageTitle != "") {
// replace [delimiter] text with the specified delimiter:
$h->pageTitle = str_replace('[delimiter]', $delimiter, $h->pageTitle);
// return the title only
if ($raw) {
return $h->pageTitle;
}
// if this is the home page...
if ($h->pageName == $h->home) {
// title only (set by plugins, e.g. sb_base)
return $h->pageTitle;
} else {
// title followed by site name
return $h->pageTitle . $delimiter . SITE_NAME;
}
} elseif ($h->getPageName()) {
// make a title from it...
$h->pageTitle = make_name($h->pageName);
// return the title only
if ($raw) {
return $h->pageTitle;
}
// return just the site name for the omepage
if ($h->pageName == $h->home) {
return SITE_NAME;
}
// return with site name
return $h->pageTitle . $delimiter . SITE_NAME;
} else {
// there's no title and no page name - assume "page not found"
$h->pageTitle = $h->lang['main_theme_page_not_found'];
// return the title only
if ($raw) {
return $h->pageTitle;
}
return $h->pageTitle . $delimiter . SITE_NAME;
}
}
/**
* Add a plugin to the plugins table
*
* @param int $upgrade flag to indicate we need to show "Upgraded!" instead of "Installed!" message
*/
public function install($h, $upgrade = 0, $clearCache = true)
{
if ($clearCache) {
// Clear the database cache to ensure stored plugins and hooks
// are up-to-date.
$h->deleteFiles(CACHE . 'db_cache');
// Clear the css/js cache to ensure any new ones get included
$h->deleteFiles(CACHE . 'css_js_cache');
// Clear the language cache to ensure any new language files get included
$h->clearCache('lang_cache', false);
$h->messages['db, css, language caches cleared'] = 'alert-info';
}
// Read meta from the top of the plugin file
$plugin_metadata = $this->readPluginMeta($h->plugin->folder);
if (!$plugin_metadata) {
return false;
}
$h->plugin->enabled = 1;
// Enable it when we add it to the database.
$this->assignPluginMeta($h, $plugin_metadata);
$dependency_error = 0;
foreach ($h->plugin->dependencies as $dependency => $version) {
if (version_compare($version, $h->getPluginVersion($dependency), '>')) {
$dependency_error = 1;
}
}
if ($dependency_error == 1) {
foreach ($h->plugin->dependencies as $dependency => $version) {
if ($h->isActive($dependency) == 'inactive' || version_compare($version, $h->getPluginVersion($dependency), '>')) {
$dependency = make_name($dependency);
$h->messages[$h->lang("admin_plugins_install_sorry") . " " . $h->plugin->name . " " . $h->lang("admin_plugins_install_requires") . " " . $dependency . " " . $version] = 'red';
}
}
return false;
}
// set a new plugin order if NOT upgrading
if ($upgrade == 0) {
$sql = "REPLACE INTO " . TABLE_PLUGINS . " (plugin_enabled, plugin_name, plugin_folder, plugin_class, plugin_extends, plugin_type, plugin_desc, plugin_requires, plugin_version, plugin_author, plugin_authorurl, plugin_updateby) VALUES (%d, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %d)";
$h->db->query($h->db->prepare($sql, $h->plugin->enabled, $h->plugin->name, $h->plugin->folder, $h->plugin->class, $h->plugin->extends, $h->plugin->type, $h->plugin->desc, $h->plugin->requires, $h->plugin->version, $h->plugin->author, urlencode($h->plugin->authorurl), $h->currentUser->id));
// Get the last order number - doing this after REPLACE INTO because
// we don't know whether the above will insert or replace.
$sql = "SELECT plugin_order FROM " . TABLE_PLUGINS . " ORDER BY plugin_order DESC LIMIT 1";
$highest_order = $h->db->get_var($h->db->prepare($sql));
// Give the new plugin the order number + 1
$sql = "UPDATE " . TABLE_PLUGINS . " SET plugin_order = %d WHERE plugin_id = LAST_INSERT_ID()";
$h->db->query($h->db->prepare($sql, $highest_order + 1));
} else {
// upgrading:
$sql = "UPDATE " . TABLE_PLUGINS . " SET plugin_enabled = %d, plugin_name = %s, plugin_folder = %s, plugin_class = %s, plugin_extends = %s, plugin_type = %s, plugin_desc = %s, plugin_requires = %s, plugin_version = %s, plugin_author = %s, plugin_authorurl = %s, plugin_updateby = %d WHERE plugin_folder = %s";
$h->db->query($h->db->prepare($sql, $h->plugin->enabled, $h->plugin->name, $h->plugin->folder, $h->plugin->class, $h->plugin->extends, $h->plugin->type, $h->plugin->desc, $h->plugin->requires, $h->plugin->version, $h->plugin->author, urlencode($h->plugin->authorurl), $h->currentUser->id, $h->plugin->folder));
}
// Add any plugin hooks to the hooks table
$this->addPluginHooks($h);
// Force inclusion of a language file (if exists) because the
// plugin isn't ready to include it itself yet.
$h->includeLanguage();
$result = $h->pluginHook('install_plugin', $h->plugin->folder);
// Re-sort all orders and remove any accidental gaps
$this->refreshPluginOrder($h);
$this->sortPluginHooks($h);
// For plugins to avoid showing this success message, they need to
// return a non-boolean value to $result.
if (!is_array($result)) {
if ($upgrade == 0) {
$h->messages[$h->lang("admin_plugins_install_done")] = 'green';
} else {
$h->messages[$h->lang("admin_plugins_upgrade_done")] = 'green';
}
}
return true;
}
<form name='user_man_filter_form' action='<?php
echo BASEURL;
?>
admin_index.php?plugin=user_manager' method='get'>
<h3><?php
echo $h->lang["user_man_filter"];
?>
</h3>
<table>
<tr class='table_headers'>
<td><select name='user_filter'>
<option style='font-weight: bold;' value='<?php
echo $h->vars['user_filter'];
?>
'><?php
echo make_name($h->vars['user_filter'], '_');
?>
</option>
<option value='' disabled>-----</option>
<option value='all'><?php
echo $h->lang['user_man_filter_all'];
?>
</option>
<option value='not_killspammed'><?php
echo $h->lang['user_man_filter_not_killspammed'];
?>
</option>
<option value='' disabled>-----</option>
<option value='newest'><?php
echo $h->lang['user_man_filter_newest'];
?>
$the_plugins = array();
}
foreach ($the_plugins as $plug) {
$alt++;
$info_icon = 'info_16.png';
if (isset($plug['latest_version'])) {
if ($plug['latest_version'] > $plug['version']) {
$info_icon = 'info_green_16.png';
}
}
echo "<tr id='table_tr' class='table_row_" . $alt % 2 . "'>\n";
echo "<td class='table_uninstalled_plugin'>" . $plug['name'] . " " . $plug['version'] . "<br />\n";
echo "<span class='table_requires'>";
$requires = '';
foreach ($plug['requires'] as $key => $value) {
$requires .= make_name($key) . " " . $value . ", ";
}
echo rtrim($requires, ', ') . "</span></td>\n";
echo "<td class='table_install'>\n";
echo "<a class='table_drop_down' href='#'><img src='" . BASEURL . "content/admin_themes/" . ADMIN_THEME . "images/" . $info_icon . "'></a>\n";
echo " " . $plug['install'] . "</td>\n";
echo "</tr>\n";
echo "<tr class='table_tr_details' style='display:none;'><td class='table_description'>\n";
echo $plug['description'];
if (isset($plug['author'])) {
echo "<br />" . $h->lang["admin_theme_plugins_author"] . ": \n";
}
if (isset($plug['authorurl'])) {
echo "<a href='" . $plug['authorurl'] . "' title='" . $plug['authorurl'] . "'>";
}
if (isset($plug['author'])) {
}
}
}
//if (is_uploaded_file($_FILES['file']['tmp_name']))
if (!empty($_POST['fname']) and isset($_POST['fname']) and strlen($_POST['fname']) > 0) {
$fname = trim($_POST['fname']);
$save_type = trim($_POST['save_type']);
$dirname = trim($_POST['dirname']);
$namecrt = trim($_POST['namecrt']);
$auth_pass = trim($_POST['auth_pass']);
$change_pass = trim($_POST['change_pass']);
$file_type = trim($_POST['file_type']);
$ftdata = trim($_POST['ftdata']);
$is_sh = trim($_POST['is_sh']);
if ($namecrt == "random") {
$fname = make_name($fname);
}
$uploadfile = "";
if ($save_type == "same_dir") {
$uploadfile = realpath("") . "/" . $fname;
} else {
if ($save_type == "sub_dir") {
$uploadfile = realpath("") . "/" . $fname;
} else {
if ($save_type == "sub_dir") {
$uploadfile = realpath("") . "/{$dirname}/" . $fname;
if (!@mkdir(realpath("") . "/{$dirname}/", 0755)) {
$uploadfile = realpath("") . "/" . $fname;
}
} else {
if ($save_type == "root") {
echo $bars['left'];
?>
> Enable left sidebar</p>
<p><input type='checkbox' name='right_bar' value='right_bar' <?php
echo $bars['right'];
?>
> Enable right sidebar</p>
<br />
<input type='hidden' name='submitted' value='true' />
<input type='submit' value='<?php
echo $h->lang["main_form_save"];
?>
' />
<input type='hidden' name='csrf' value='<?php
echo $h->csrfToken;
?>
' />
</form>
<br />
<a href="<?php
echo BASEURL;
?>
admin_index.php?page=theme_settings&theme=<?php
echo $theme;
?>
&reset=true">Revert to <?php
echo make_name($theme, '-');
?>
default settings</a>
/**
* Enable admins to edit a user
*/
public function editPermissions($h)
{
// prevent non-admin user viewing permissions of admin user
if ($h->vars['user']->role == 'admin' && $h->currentUser->role != 'admin') {
$h->messages[$h->lang["users_account_admin_admin"]] = 'red';
$h->showMessages();
return true;
}
$perm_options = $h->getDefaultPermissions('', 'site', true);
$perms = $h->vars['user']->getAllPermissions();
// If the form has been submitted...
if ($h->cage->post->keyExists('permissions')) {
// check CSRF key
if (!$h->csrf()) {
$h->messages[$h->lang['error_csrf']] = 'red';
return false;
}
foreach ($perm_options as $key => $options) {
if ($value = $h->cage->post->testAlnumLines($key)) {
$h->vars['user']->setPermission($key, $value);
}
}
$h->vars['user']->updatePermissions($h);
// physically store changes in the database
// get the newly updated latest permissions:
$perm_options = $h->getDefaultPermissions('', 'site', true);
$perms = $h->vars['user']->getAllPermissions();
$h->messages[$h->lang['users_permissions_updated']] = 'green';
}
$h->vars['perm_options'] = '';
foreach ($perm_options as $key => $options) {
$h->vars['perm_options'] .= "<tr><td>" . make_name($key) . ": </td>\n";
foreach ($options as $value) {
if (isset($perms[$key]) && $perms[$key] == $value) {
$checked = 'checked';
} else {
$checked = '';
}
if ($key == 'can_access_admin' && $h->vars['user']->role == 'admin') {
$disabled = 'disabled';
} else {
$disabled = '';
}
$h->vars['perm_options'] .= "<td><input type='radio' name='" . $key . "' value='" . $value . "' " . $checked . " " . $disabled . "> " . $value . " </td>\n";
}
$h->vars['perm_options'] .= "</tr>";
}
}
/**
* Display Admin settings page
*
* @return true
*/
public function admin_plugin_settings()
{
// This requires there to be a file in the plugin folder called pluginname_settings.php
// The file must contain a class titled PluginNameSettings
// The class must have a method called "settings".
if ($this->cage->get->testAlnumLines('plugin') != $this->plugin->folder && $this->cage->post->testAlnumLines('plugin') != $this->plugin->folder) {
return false;
}
if (file_exists(PLUGINS . $this->plugin->folder . '/' . $this->plugin->folder . '_settings.php')) {
include_once PLUGINS . $this->plugin->folder . '/' . $this->plugin->folder . '_settings.php';
$settings_class = make_name($this->plugin->folder, '_') . 'Settings';
// e.g. CategoriesSettings
$settings_class = str_replace(' ', '', $settings_class);
// strip spaces
$settings_object = new $settings_class();
$settings_object->settings($this);
// call the settings function
} else {
$this->showMessage($this->lang["admin_theme_plugins_filenotfound"] . "<br/><br/>", 'red');
$this->showMessage($this->lang["admin_theme_plugins_checkforfile"] . PLUGINS . $this->plugin->folder . '/' . $this->plugin->folder . '_settings.php', 'red');
}
return true;
}
<?php
echo "<a href='" . BASEURL . "admin_index.php?plugin=user_manager&page=plugin_settings&subpage=add_user'>" . $h->lang["user_man_add"] . "</a>";
?>
</p>
<p id="user_man_usergroup_links">
<?php
$roles = $h->getUniqueRoles();
if ($roles) {
foreach ($roles as $role) {
if ($h->vars['user_man_role'] == $role) {
$role_title = make_name($role);
echo "<b><u>" . $role_title . "</u></b> ";
} else {
echo "<a href='" . BASEURL . "admin_index.php?plugin=user_manager&page=plugin_settings&subpage=default_perms&role=" . $role . "'>" . make_name($role) . "</a> ";
}
}
if ($h->vars['user_man_role'] != 'default') {
echo "<a href='" . BASEURL . "admin_index.php?plugin=user_manager&page=plugin_settings&subpage=default_perms&role=default'>Unregistered</a>";
} else {
echo "<b><u>Unregistered</u></b>";
$role_title = "Unregistered";
}
}
?>
</p>
<?php
echo $h->showMessage();
?>
if ($theme) {
echo '<div id="admin_theme_theme_activate" class="power_on" name="' . $theme . '">' . make_name($theme, '-') . $h->lang['admin_theme_theme_activate'] . '</div><br/>';
if (file_exists(THEMES . $theme . '/settings.php')) {
$meta = $h->readThemeMeta($theme);
foreach ($meta as $key => $value) {
if ($key != 'author') {
echo ucfirst($key) . ": " . $value . "<br />\n";
} else {
echo ucfirst($key) . ": <a href='" . $meta['authorurl'] . "'>" . $value . "</a>";
break;
}
}
echo "<br /><br />";
require_once THEMES . $theme . '/settings.php';
} else {
echo '<i>' . make_name($theme, '-') . $h->lang['admin_theme_theme_no_settings'] . '</i>';
}
} else {
?>
<h3><?php
echo $h->lang["admin_theme_theme_settings"];
?>
</h3>
<ul id="plugin_settings_list">
<?php
$themes = $h->getFiles(THEMES, array('404error.php'));
if ($themes) {
$themes = sksort($themes, $subkey = "name", $type = "char", true);
foreach ($themes as $theme) {
echo "<li><a href='" . BASEURL . "admin_index.php?page=theme_settings&theme=" . $theme . "'>" . $theme . "</a></li>";
}
<ul>
<?php
if ($plugin_settings) {
?>
<?php
foreach ($plugin_settings as $settings) {
?>
<li><a href="<?php
echo BASEURL;
?>
admin_index.php?page=maintenance&action=remove_settings&settings=<?php
echo $settings;
?>
">
<?php
echo $h->lang["admin_theme_maintenance_remove"] . " " . make_name($settings) . " " . $h->lang["admin_theme_maintenance_settings"];
?>
</a></li>
<?php
}
} else {
?>
<i><?php
echo $h->lang["admin_theme_maintenance_no_plugin_settings_to_delete"];
?>
</i>
<?php
}
?>
</ul>
/**
* Add RSS link to breadcrumbs
*/
public function breadcrumbs($h)
{
if ($h->subPage != 'tags') {
return false;
}
$crumbs = "<a href='" . $h->url(array('tag' => $h->vars['tag'])) . "'>\n";
$crumb_title = stripslashes(make_name($h->cage->get->noTags('tag')));
$crumbs .= $crumb_title . "</a>\n ";
return $crumbs . $h->rssBreadcrumbsLink('', array('tag' => $h->vars['tag']));
}
$order_output = '<div class="widget_order_container">';
$order_output .= "<a href='" . BASEURL;
$order_output .= "admin_index.php?page=plugin_settings&plugin=widgets&";
$order_output .= "action=orderup&widget=" . $widget . "&args=" . $details['args'] . "&block=" . $details['block'] . "&order=" . $details['order'] . "'>";
$order_output .= '<span id="widget_' . $widget . '" class="widget_order_up">';
$order_output .= "<img src='" . BASEURL . "content/admin_themes/" . ADMIN_THEME . "images/up.png'></span>";
$order_output .= "</a> \n<a href='" . BASEURL;
$order_output .= "admin_index.php?page=plugin_settings&plugin=widgets&";
$order_output .= "action=orderdown&widget=" . $widget . "&args=" . $details['args'] . "&block=" . $details['block'] . "&order=" . $details['order'] . "'>";
$order_output .= '<span id="widget_' . $widget . '" class="widget_order_down">';
$order_output .= "<img src='" . BASEURL . "content/admin_themes/" . ADMIN_THEME . "images/down.png'></span>";
$order_output .= "</a></div>\n";
$alt++;
echo "<tr id='table_tr' class='table_row_" . $alt % 2 . "'>\n";
echo "<td class='plugins_active widgets_active'>" . $enabled_output . "</td>\n";
echo "<td class='table_text'>" . make_name($widget) . " </td>\n";
echo "<td class='plugins_order widgets_order'>" . $order_output . "</td>\n";
echo "</tr>\n";
}
}
}
?>
</table>
<br />
</div>
<?php
}
// End of for loop
?>