Ejemplo n.º 1
	* Saves the CB plugin params after an edit form submit
	function savePluginParams( $option, $task ) {
		global $_CB_framework, $_CB_database, $_POST;
		if ( isset( $_POST['params'] ) ) {
		 	$_POST['params']	=	cbParamsEditorController::getRawParamsMagicgpcEscaped( $_POST['params'] );
		} else {
			$_POST['params']	=	null;
		$row = new moscomprofilerPlugin( $_CB_database );
		if (!$row->bind( $_POST )) {
			echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-1); </script>\n";
		if (!$row->check()) {
			echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-1); </script>\n";
		if (!$row->store()) {
			echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-1); </script>\n";
		$row->updateOrder( "type='".$_CB_database->getEscaped($row->type)."' AND ordering > -10000 AND ordering < 10000 " );
		switch ( $task ) {
			case 'applyPlugin':
				$msg = sprintf(CBTxt::T('Successfully Saved changes to Plugin: %s'), $row->name);
				cbRedirect( $_CB_framework->backendUrl( "index.php?option=$option&task=editPlugin&cid=$row->id" ), $msg );
			case 'savePlugin':
				$msg = sprintf(CBTxt::T('Successfully Saved Plugin: %s'), $row->name);
				cbRedirect( $_CB_framework->backendUrl( "index.php?option=$option&task=showPlugins" ), $msg );
Ejemplo n.º 2
	function saveTab( $option ) {
		global $_CB_database, $_CB_framework, $_POST;


		if ( isset( $_POST['params'] ) ) {
		 	$_POST['params']	=	cbParamsEditorController::getRawParamsMagicgpcEscaped( $_POST['params'] );
		} else {
			$_POST['params']	=	'';
		if ( ! isset( $_POST['tabid'] ) || ( count( $_POST ) == 0 ) ) {
			echo "<script type=\"text/javascript\"> alert('" . addslashes( CBTxt::T('Missing post values') ) . "'); window.history.go(-2); </script>\n";
		if ( $_POST['tabid'] ) {
			$oldrow		=	new moscomprofilerTabs( $_CB_database );
			if ( $oldrow->load( (int) $_POST['tabid'] )
				&& 	( ! in_array( $oldrow->useraccessgroupid, getChildGIDS( userGID( $_CB_framework->myId() ) ) ) ) ) {
				echo "<script type=\"text/javascript\"> alert('" . addslashes( CBTxt::T('Unauthorized Access') ) . "'); window.history.go(-1);</script>\n";
		$row = new moscomprofilerTabs( $_CB_database );
		if (!$row->bind( $_POST )) {
			echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-1); </script>\n";
		if ( ! $row->ordering_register ) {
			$row->ordering_register		=	10;
		$row->description	=	cleanEditorsTranslationJunk( trim( $row->description ) );
		if (!$row->check()) {
			echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-2); </script>\n";
		$row->tabid			=	(int) cbGetParam( $_POST, 'tabid', 0 );
		if ( ! $row->store() ) {
			echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-2); </script>\n";
		cbRedirect( $_CB_framework->backendUrl( "index.php?option=$option&task=showTab" ), CBTxt::T('Successfully Saved Tab') . ": ". $row->title );
Ejemplo n.º 3
* Converts the parameters received as POST array into the |*| and CBparams formats
* @param  array  $params  MODIFIED BY THIS CALL: POST array
	function fixMultiSelects( &$params ) {
		if ( is_array( $params ) ) {
			foreach ( $params as $k => $v ) {
				if ( is_array( $v ) ) {
					if ( isset( $v[0] ) ) {
						$params[$k]		=	implode( "|*|", $v );
					} else {
						$params[$k]		=	cbParamsEditorController::getRawParamsMagicgpcEscaped( $v );
function saveList($option)
    global $_CB_framework, $_CB_database, $_POST;
    $oldrow = new moscomprofilerLists($_CB_database);
    if (isset($_POST['listid']) && $_POST['listid']) {
        $oldrow->load((int) $_POST['listid']);
        // Check if user is a super user:
        if (!$_CB_framework->acl->amIaSuperAdmin()) {
            // Check if user belongs to useraccessgroupid:
            if (!in_array($oldrow->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
                echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
            // Check if user belongs to viewaccesslevel:
            if (!in_array($oldrow->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) {
                echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
    $row = new moscomprofilerLists($_CB_database);
    $_POST['params'] = cbParamsEditorController::getRawParamsMagicgpcEscaped($_POST['params']);
    if (!$row->bind($_POST)) {
        echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
    // Set defaults if nothing is found
    // Also check if oldrow value to use its current value or default otherwise
    // This prevents a tab from storing to database with null values when some inputs are set disabled:
    if ($row->published == '') {
        $row->published = $oldrow->published != '' ? $oldrow->published : 1;
    if ($row->default == '') {
        $row->default = $oldrow->default != '' ? $oldrow->default : 0;
    if ($row->useraccessgroupid == '') {
        $row->useraccessgroupid = $oldrow->useraccessgroupid != '' ? $oldrow->useraccessgroupid : -2;
    if ($row->viewaccesslevel == '') {
        $row->viewaccesslevel = $oldrow->viewaccesslevel != '' ? $oldrow->viewaccesslevel : 1;
    if ($row->ordering == '') {
        $row->ordering = $oldrow->ordering != '' ? $oldrow->ordering : 999;
    if ($row->usergroupids == '') {
        $row->usergroupids = $oldrow->usergroupids != '' ? $oldrow->usergroupids : implode(', ', $_CB_framework->acl->get_groups_below_me(null, true));
    $row->description = cleanEditorsTranslationJunk(trim($row->description));
    // Check if user is a super user:
    if (!$_CB_framework->acl->amIaSuperAdmin()) {
        $failed = false;
        $canEditState = CBuser::getMyInstance()->authoriseAction('core.edit.state');
        // Check if user belongs to useraccessgroupid
        if ($row->useraccessgroupid != '' && !in_array($row->useraccessgroupid != '', $_CB_framework->acl->get_groups_below_me(null, true))) {
            $failed = true;
        // Check if user belongs to viewaccesslevel
        if ($row->viewaccesslevel != '' && !in_array($row->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) {
            $failed = true;
        // Check if user can edit status:
        if (!$canEditState) {
            // Check if row exists and if publish is different from existing row
            // Check if row doesn't exist and if publish is different from default
            if ($oldrow->listid && ($row->published != '' && $oldrow->published != $row->published) || !$oldrow->listid && ($row->published != '' && $row->published != 1)) {
                $failed = true;
            // Check if row exists and if publish is different from existing row
            // Check if row doesn't exist and if publish is different from default
            if ($oldrow->listid && ($row->default != '' && $oldrow->default != $row->default) || !$oldrow->listid && ($row->default != '' && $row->default != 1)) {
                $failed = true;
            // Check if row exists and if useraccessgroupid is different from existing row
            // Check if row doesn't exist and if useraccessgroupid is different from default
            if ($oldrow->listid && ($row->useraccessgroupid != '' && $oldrow->useraccessgroupid != $row->useraccessgroupid) || !$oldrow->listid && ($row->useraccessgroupid != '' && $row->useraccessgroupid != -2)) {
                $failed = true;
            // Check if row exists and if viewaccesslevel is different from existing row
            // Check if row doesn't exist and if viewaccesslevel is different from default
            if ($oldrow->listid && ($row->viewaccesslevel != '' && $oldrow->viewaccesslevel != $row->viewaccesslevel) || !$oldrow->listid && ($row->viewaccesslevel != '' && $row->viewaccesslevel != 1)) {
                $failed = true;
            // Check if row exists and if ordering is different from existing row
            // Check if row doesn't exist and if ordering is different from default
            if ($oldrow->listid && ($row->ordering != '' && $oldrow->ordering != $row->ordering) || !$oldrow->listid && ($row->ordering != '' && $row->ordering != 999)) {
                $failed = true;
        if ($failed) {
            echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
    if (isset($_POST['col1'])) {
        $row->col1fields = implode("|*|", $_POST['col1']);
    } else {
        $row->col1fields = null;
    if (isset($_POST['col2'])) {
        $row->col2fields = implode("|*|", $_POST['col2']);
    } else {
        $row->col2fields = null;
    if (isset($_POST['col3'])) {
        $row->col3fields = implode("|*|", $_POST['col3']);
    } else {
        $row->col3fields = null;
    if (isset($_POST['col4'])) {
        $row->col4fields = implode("|*|", $_POST['col4']);
    } else {
        $row->col4fields = null;
    if ($row->col1enabled != 1) {
        $row->col1enabled = 0;
    if ($row->col2enabled != 1) {
        $row->col2enabled = 0;
    if ($row->col3enabled != 1) {
        $row->col3enabled = 0;
    if ($row->col4enabled != 1) {
        $row->col4enabled = 0;
    if ($row->col1captions != 1) {
        $row->col1captions = 0;
    if ($row->col2captions != 1) {
        $row->col2captions = 0;
    if ($row->col3captions != 1) {
        $row->col3captions = 0;
    if ($row->col4captions != 1) {
        $row->col4captions = 0;
    if (!$row->store((int) $_POST['listid'], true)) {
        echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n";
    cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task=showLists"), sprintf(CBTxt::T('Successfully Saved List: %s'), $row->title));
Ejemplo n.º 5
function saveList( $option ) {
	global $_CB_framework, $_CB_database, $_POST;

	$row = new moscomprofilerLists( $_CB_database );

 	$_POST['params']	=	cbParamsEditorController::getRawParamsMagicgpcEscaped( $_POST['params'] );

	if (!$row->bind( $_POST )) {
		echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-1); </script>\n";
	$row->description	=	cleanEditorsTranslationJunk( trim( $row->description ) );

	if(isset($_POST['col1'])) { $row->col1fields = implode("|*|",$_POST['col1']); } else { $row->col1fields = null; } ;
	if(isset($_POST['col2'])) { $row->col2fields = implode("|*|",$_POST['col2']); } else { $row->col2fields = null; } ;
	if(isset($_POST['col3'])) { $row->col3fields = implode("|*|",$_POST['col3']); } else { $row->col3fields = null; } ;
	if(isset($_POST['col4'])) { $row->col4fields = implode("|*|",$_POST['col4']); } else { $row->col4fields = null; } ;

	if ($row->col1enabled != 1) $row->col1enabled=0;
	if ($row->col2enabled != 1) $row->col2enabled=0;
	if ($row->col3enabled != 1) $row->col3enabled=0;
	if ($row->col4enabled != 1) $row->col4enabled=0;
	if ($row->col1captions != 1) $row->col1captions=0;
	if ($row->col2captions != 1) $row->col2captions=0;
	if ($row->col3captions != 1) $row->col3captions=0;
	if ($row->col4captions != 1) $row->col4captions=0;
	if (!$row->store( (int) $_POST['listid'],true)) {
		echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-2); </script>\n";

	cbRedirect( $_CB_framework->backendUrl( "index.php?option=$option&task=showLists" ), sprintf(CBTxt::T('Successfully Saved List: %s'), $row->title) );
  * Saves the CB plugin params after an edit form submit
 function savePluginParams($option, $task)
     global $_CB_framework, $_CB_database, $_POST;
     if (isset($_POST['params'])) {
         $_POST['params'] = cbParamsEditorController::getRawParamsMagicgpcEscaped($_POST['params']);
     } else {
         $_POST['params'] = null;
     $oldrow = new moscomprofilerPlugin($_CB_database);
     if (isset($_POST['id'])) {
         $oldrow->load((int) $_POST['id']);
         // Check if user is a super user:
         if (!$_CB_framework->acl->amIaSuperAdmin()) {
             // Check if user belongs to access:
             if (!in_array($oldrow->access, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(true))) {
                 echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
     $row = new moscomprofilerPlugin($_CB_database);
     if (!$row->bind($_POST)) {
         echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
     // Set defaults if nothing is found
     // Also check if oldrow exists to use its current value or default
     // This prevents a plugin from storing to database with null values when some inputs are set disabled:
     $defaultaccess = checkJversion() >= 2 ? 1 : 0;
     if ($row->access == '') {
         $row->access = $oldrow->access != '' ? $oldrow->access : $defaultaccess;
     if ($row->ordering == '') {
         $row->ordering = $oldrow->ordering != '' ? $oldrow->ordering : 999;
     if ($row->published == '') {
         $row->published = $oldrow->published != '' ? $oldrow->published : 1;
     if (!$row->check()) {
         echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
     // Check if user is a super user:
     if (!$_CB_framework->acl->amIaSuperAdmin()) {
         $canEditState = CBuser::getMyInstance()->authoriseAction('core.edit.state');
         // Check if user belongs to access
         // Check if row exists and if access is different from existing row
         // Check if row doesn't exist and if access is different from default
         // Check if user can edit status:
         if ($row->access != '' && !in_array($row->access, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(true))) {
             echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
         // Check if user can edit status:
         if (!$canEditState) {
             // Check if row exists and if access is different from existing row
             // Check if row doesn't exist and if access is different from default
             if ($oldrow->id && ($row->access != '' && $oldrow->access != $row->access) || !$oldrow->id && ($row->access != '' && $row->access != $defaultaccess)) {
                 echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
             // Check if row exists and if ordering is different from existing row
             // Check if row doesn't exist and if ordering is different from default
             if ($oldrow->id && ($row->ordering != '' && $oldrow->ordering != $row->ordering) || !$oldrow->id && ($row->ordering != '' && $row->ordering != 999)) {
                 echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
             // Check if row exists and if published is different from existing row
             // Check if row doesn't exist and if published is different from default
             if ($oldrow->id && ($row->published != '' && $oldrow->published != $row->published) || !$oldrow->id && ($row->published != '' && $row->published != 1)) {
                 echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
     if (!$row->store()) {
         echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
     $row->updateOrder("type='" . $_CB_database->getEscaped($row->type) . "' AND ordering > -10000 AND ordering < 10000 ");
     switch ($task) {
         case 'applyPlugin':
             $msg = sprintf(CBTxt::T('Successfully Saved changes to Plugin: %s'), $row->name);
             cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task=editPlugin&cid={$row->id}"), $msg);
         case 'savePlugin':
             $msg = sprintf(CBTxt::T('Successfully Saved Plugin: %s'), $row->name);
             cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task=showPlugins"), $msg);
 function saveTab($option)
     global $_CB_database, $_CB_framework, $_POST;
     if (isset($_POST['params'])) {
         $_POST['params'] = cbParamsEditorController::getRawParamsMagicgpcEscaped($_POST['params']);
     } else {
         $_POST['params'] = '';
     if (!isset($_POST['tabid']) || count($_POST) == 0) {
         echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Missing post values')) . "'); window.history.go(-2); </script>\n";
     $oldrow = new moscomprofilerTabs($_CB_database);
     if (isset($_POST['tabid']) && $_POST['tabid']) {
         $oldrow->load((int) $_POST['tabid']);
         // Check if user is a super user:
         if (!$_CB_framework->acl->amIaSuperAdmin()) {
             // Check if user belongs to useraccessgroupid:
             if (!in_array($oldrow->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
                 echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
             // Check if user belongs to viewaccesslevel:
             if (!in_array($oldrow->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) {
                 echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
     $row = new moscomprofilerTabs($_CB_database);
     if (!$row->bind($_POST)) {
         echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n";
     // Set defaults if nothing is found
     // Also check if oldrow value to use its current value or default otherwise
     // This prevents a tab from storing to database with null values when some inputs are set disabled:
     if ($row->useraccessgroupid == '') {
         $row->useraccessgroupid = $oldrow->useraccessgroupid != '' ? $oldrow->useraccessgroupid : -2;
     if ($row->viewaccesslevel == '') {
         $row->viewaccesslevel = $oldrow->viewaccesslevel != '' ? $oldrow->viewaccesslevel : 1;
     if ($row->ordering == '') {
         $row->ordering = $oldrow->ordering != '' ? $oldrow->ordering : 999;
     if ($row->ordering_register == '') {
         $row->ordering_register = $oldrow->ordering_register != '' ? $oldrow->ordering_register : 10;
     if ($row->enabled == '') {
         $row->enabled = $oldrow->enabled != '' ? $oldrow->enabled : 1;
     $row->description = cleanEditorsTranslationJunk(trim($row->description));
     if (!$row->check()) {
         echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n";
     $row->tabid = (int) cbGetParam($_POST, 'tabid', 0);
     // Check if user is a super user:
     if (!$_CB_framework->acl->amIaSuperAdmin()) {
         $canEditState = CBuser::getMyInstance()->authoriseAction('core.edit.state');
         // Check if user belongs to useraccessgroupid
         if ($row->useraccessgroupid != '' && !in_array($row->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) {
             echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
         // Check if user belongs to viewaccesslevel
         if ($row->viewaccesslevel != '' && !in_array($row->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) {
             echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
         // Check if user can edit status (and if not, that status are as expected):
         if (!$canEditState) {
             $failed = false;
             // Check if row exists and if useraccessgroupid is different from existing row
             // Check if row doesn't exist and if useraccessgroupid is different from default
             if ($oldrow->tabid && ($row->useraccessgroupid != '' && $oldrow->useraccessgroupid != $row->useraccessgroupid) || !$oldrow->tabid && ($row->useraccessgroupid != '' && $row->useraccessgroupid != -2)) {
                 $failed = true;
             // Check if row exists and if viewaccesslevel is different from existing row
             // Check if row doesn't exist and if viewaccesslevel is different from default
             // Check if user can edit status:
             if ($oldrow->tabid && ($row->viewaccesslevel != '' && $oldrow->viewaccesslevel != $row->viewaccesslevel) || !$oldrow->tabid && ($row->viewaccesslevel != '' && $row->viewaccesslevel != 1)) {
                 $failed = true;
             // Check if row exists and if ordering is different from existing row
             // Check if row doesn't exist and if ordering is different from default
             // Check if user can edit status:
             if ($oldrow->tabid && ($row->ordering != '' && $oldrow->ordering != $row->ordering) || !$oldrow->tabid && ($row->ordering != '' && $row->ordering != 999)) {
                 $failed = true;
             // Check if row exists and if ordering_register is different from existing row
             // Check if row doesn't exist and if ordering_register is different from default
             // Check if user can edit status:
             if ($oldrow->tabid && ($row->ordering_register != '' && $oldrow->ordering_register != $row->ordering_register) || !$oldrow->tabid && ($row->ordering_register != '' && $row->ordering_register != 10)) {
                 $failed = true;
             // Check if row exists and if publish is different from existing row
             // Check if row doesn't exist and if publish is different from default
             // Check if user can edit status:
             if ($oldrow->tabid && ($row->enabled != '' && $oldrow->enabled != $row->enabled) || !$oldrow->tabid && ($row->enabled != '' && $row->enabled != 1)) {
                 $failed = true;
             if ($failed) {
                 echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n";
     if (!$row->store()) {
         echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n";
     cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task=showTab"), CBTxt::T('Successfully Saved Tab') . ": " . $row->title);