Example #1
0
/**
* Shows story editor
*
* Displays the story entry form
*
* @param    string      $sid            ID of story to edit
* @param    string      $mode           'preview', 'edit', 'editsubmission', 'clone'
* @param    string      $errormsg       a message to display on top of the page
* @param    string      $currenttopic   topic selection for drop-down menu
* @return   string      HTML for story editor
*
*/
function storyeditor($sid = '', $mode = '', $errormsg = '', $currenttopic = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG24, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS;
    $display = '';
    if (!isset($_CONF['hour_mode'])) {
        $_CONF['hour_mode'] = 12;
    }
    if (!empty($errormsg)) {
        $display .= COM_showMessageText($errormsg, $LANG24[25]);
    }
    if (!empty($currenttopic)) {
        $allowed = DB_getItem($_TABLES['topics'], 'tid', "tid = '" . addslashes($currenttopic) . "'" . COM_getTopicSql('AND'));
        if ($allowed != $currenttopic) {
            $currenttopic = '';
        }
    }
    $story = new Story();
    if ($mode == 'preview') {
        // Handle Magic GPC Garbage:
        while (list($key, $value) = each($_POST)) {
            if (!is_array($value)) {
                $_POST[$key] = COM_stripslashes($value);
            } else {
                while (list($subkey, $subvalue) = each($value)) {
                    $value[$subkey] = COM_stripslashes($subvalue);
                }
            }
        }
        $result = $story->loadFromArgsArray($_POST);
        // in preview mode, we now need to re-insert the images
        if ($_CONF['maximagesperarticle'] > 0) {
            $errors = $story->insertImages();
            if (count($errors) > 0) {
                $msg = $LANG24[55] . LB . '<ul>' . LB;
                foreach ($errors as $err) {
                    $msg .= '<li>' . $err . '</li>' . LB;
                }
                $msg .= '</ul>' . LB;
                $display .= COM_showMessageText($msg, $LANG24[54]);
            }
        }
    } else {
        $result = $story->loadFromDatabase($sid, $mode);
    }
    if ($result == STORY_PERMISSION_DENIED || $result == STORY_NO_ACCESS_PARAMS) {
        $display .= COM_showMessageText($LANG24[42], $LANG_ACCESS['accessdenied']);
        COM_accessLog("User {$_USER['username']} tried to illegally access story {$sid}.");
        return $display;
    } elseif ($result == STORY_EDIT_DENIED || $result == STORY_EXISTING_NO_EDIT_PERMISSION) {
        $display .= COM_showMessageText($LANG24[41], $LANG_ACCESS['accessdenied']);
        $display .= STORY_renderArticle($story, 'p');
        COM_accessLog("User {$_USER['username']} tried to illegally edit story {$sid}.");
        return $display;
    } elseif ($result == STORY_INVALID_SID) {
        if ($mode == 'editsubmission') {
            // that submission doesn't seem to be there any more (may have been
            // handled by another Admin) - take us back to the moderation page
            return COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
        } else {
            return COM_refresh($_CONF['site_admin_url'] . '/story.php');
        }
    } elseif ($result == STORY_DUPLICATE_SID) {
        $display .= COM_showMessageText($LANG24[24]);
    }
    // Load HTML templates
    $story_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/story');
    if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
        $story_templates->set_file(array('editor' => 'storyeditor_advanced.thtml'));
        $advanced_editormode = true;
        $story_templates->set_var('change_editormode', 'onchange="change_editmode(this);"');
        require_once $_CONF['path_system'] . 'classes/navbar.class.php';
        $story_templates->set_var('show_preview', 'none');
        $story_templates->set_var('lang_expandhelp', $LANG24[67]);
        $story_templates->set_var('lang_reducehelp', $LANG24[68]);
        $story_templates->set_var('lang_publishdate', $LANG24[69]);
        $story_templates->set_var('lang_toolbar', $LANG24[70]);
        $story_templates->set_var('toolbar1', $LANG24[71]);
        $story_templates->set_var('toolbar2', $LANG24[72]);
        $story_templates->set_var('toolbar3', $LANG24[73]);
        $story_templates->set_var('toolbar4', $LANG24[74]);
        $story_templates->set_var('toolbar5', $LANG24[75]);
        if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
            $story_templates->set_var('show_texteditor', 'none');
            $story_templates->set_var('show_htmleditor', '');
        } else {
            $story_templates->set_var('show_texteditor', '');
            $story_templates->set_var('show_htmleditor', 'none');
        }
    } else {
        $story_templates->set_file(array('editor' => 'storyeditor.thtml'));
        $advanced_editormode = false;
    }
    $story_templates->set_var('hour_mode', $_CONF['hour_mode']);
    if ($story->hasContent()) {
        $previewContent = STORY_renderArticle($story, 'p');
        if ($advanced_editormode and $previewContent != '') {
            $story_templates->set_var('preview_content', $previewContent);
        } elseif ($previewContent != '') {
            $display .= COM_startBlock($LANG24[26], '', COM_getBlockTemplate('_admin_block', 'header'));
            $display .= $previewContent;
            $display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
        }
    }
    if ($advanced_editormode) {
        $navbar = new navbar();
        if (!empty($previewContent)) {
            $navbar->add_menuitem($LANG24[79], 'showhideEditorDiv("preview",0);return false;', true);
            $navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",1);return false;', true);
            $navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",2);return false;', true);
            $navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",3);return false;', true);
            $navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",4);return false;', true);
            $navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",5);return false;', true);
            $navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",6);return false;', true);
        } else {
            $navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",0);return false;', true);
            $navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",1);return false;', true);
            $navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",2);return false;', true);
            $navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",3);return false;', true);
            $navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",4);return false;', true);
            $navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",5);return false;', true);
        }
        if ($mode == 'preview') {
            $story_templates->set_var('show_preview', '');
            $story_templates->set_var('show_htmleditor', 'none');
            $story_templates->set_var('show_texteditor', 'none');
            $story_templates->set_var('show_submitoptions', 'none');
            $navbar->set_selected($LANG24[79]);
        } else {
            $navbar->set_selected($LANG24[80]);
        }
        $story_templates->set_var('navbar', $navbar->generate());
    }
    $oldsid = $story->EditElements('originalSid');
    if (!empty($oldsid) && $mode != 'clone') {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $story_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $story_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    }
    if ($mode == 'editsubmission' || $story->type == 'submission') {
        $story_templates->set_var('submission_option', '<input type="hidden" name="type" value="submission"' . XHTML . '>');
    }
    $story_templates->set_var('lang_author', $LANG24[7]);
    $storyauthor = COM_getDisplayName($story->EditElements('uid'));
    $story_templates->set_var('story_author', $storyauthor);
    $story_templates->set_var('author', $storyauthor);
    $story_templates->set_var('story_uid', $story->EditElements('uid'));
    // user access info
    $story_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $story_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($story->EditElements('owner_id'));
    $story_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', 'uid = ' . $story->EditElements('owner_id')));
    $story_templates->set_var('owner_name', $ownername);
    $story_templates->set_var('owner', $ownername);
    $story_templates->set_var('owner_id', $story->EditElements('owner_id'));
    $story_templates->set_var('lang_group', $LANG_ACCESS['group']);
    $story_templates->set_var('group_dropdown', SEC_getGroupDropdown($story->EditElements('group_id'), 3));
    $story_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $story_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $story_templates->set_var('permissions_editor', SEC_getPermissionsHTML($story->EditElements('perm_owner'), $story->EditElements('perm_group'), $story->EditElements('perm_members'), $story->EditElements('perm_anon')));
    $story_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
    $story_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $curtime = COM_getUserDateTimeFormat($story->EditElements('date'));
    $story_templates->set_var('lang_date', $LANG24[15]);
    $story_templates->set_var('publish_second', $story->EditElements('publish_second'));
    $publish_ampm = '';
    $publish_hour = $story->EditElements('publish_hour');
    if ($publish_hour >= 12) {
        if ($publish_hour > 12) {
            $publish_hour = $publish_hour - 12;
        }
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    }
    $ampm_select = COM_getAmPmFormSelection('publish_ampm', $ampm);
    $story_templates->set_var('publishampm_selection', $ampm_select);
    $month_options = COM_getMonthFormOptions($story->EditElements('publish_month'));
    $story_templates->set_var('publish_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('publish_day'));
    $story_templates->set_var('publish_day_options', $day_options);
    $year_options = COM_getYearFormOptions($story->EditElements('publish_year'));
    $story_templates->set_var('publish_year_options', $year_options);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('publish_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($publish_hour);
    }
    $story_templates->set_var('publish_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('publish_minute'));
    $story_templates->set_var('publish_minute_options', $minute_options);
    $story_templates->set_var('publish_date_explanation', $LANG24[46]);
    $story_templates->set_var('story_unixstamp', $story->EditElements('unixdate'));
    $story_templates->set_var('expire_second', $story->EditElements('expire_second'));
    $expire_ampm = '';
    $expire_hour = $story->EditElements('expire_hour');
    if ($expire_hour >= 12) {
        if ($expire_hour > 12) {
            $expire_hour = $expire_hour - 12;
        }
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    }
    $ampm_select = COM_getAmPmFormSelection('expire_ampm', $ampm);
    if (empty($ampm_select)) {
        // have a hidden field to 24 hour mode to prevent JavaScript errors
        $ampm_select = '<input type="hidden" name="expire_ampm" value=""' . XHTML . '>';
    }
    $story_templates->set_var('expireampm_selection', $ampm_select);
    $month_options = COM_getMonthFormOptions($story->EditElements('expire_month'));
    $story_templates->set_var('expire_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('expire_day'));
    $story_templates->set_var('expire_day_options', $day_options);
    $year_options = COM_getYearFormOptions($story->EditElements('expire_year'));
    $story_templates->set_var('expire_year_options', $year_options);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('expire_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($expire_hour);
    }
    $story_templates->set_var('expire_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('expire_minute'));
    $story_templates->set_var('expire_minute_options', $minute_options);
    $story_templates->set_var('expire_date_explanation', $LANG24[46]);
    $story_templates->set_var('story_unixstamp', $story->EditElements('expirestamp'));
    $atopic = DB_getItem($_TABLES['topics'], 'tid', "archive_flag = 1");
    $have_archive_topic = empty($atopic) ? false : true;
    if ($story->EditElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE) {
        $story_templates->set_var('is_checked2', 'checked="checked"');
        $story_templates->set_var('is_checked3', 'checked="checked"');
        $js_showarchivedisabled = 'false';
        $have_archive_topic = true;
        // force display of auto archive option
    } elseif ($story->EditElements('statuscode') == STORY_DELETE_ON_EXPIRE) {
        $story_templates->set_var('is_checked2', 'checked="checked"');
        $story_templates->set_var('is_checked4', 'checked="checked"');
        if (!$have_archive_topic) {
            $story_templates->set_var('is_checked3', 'style="display:none;"');
        }
        $js_showarchivedisabled = 'false';
    } else {
        if (!$have_archive_topic) {
            $story_templates->set_var('is_checked3', 'style="display:none;"');
        }
        $js_showarchivedisabled = 'true';
    }
    $story_templates->set_var('lang_archivetitle', $LANG24[58]);
    $story_templates->set_var('lang_option', $LANG24[59]);
    $story_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
    $story_templates->set_var('lang_story_stats', $LANG24[87]);
    if ($have_archive_topic) {
        $story_templates->set_var('lang_optionarchive', $LANG24[61]);
    } else {
        $story_templates->set_var('lang_optionarchive', '');
    }
    $story_templates->set_var('lang_optiondelete', $LANG24[62]);
    $story_templates->set_var('lang_title', $LANG_ADMIN['title']);
    $story_templates->set_var('story_title', $story->EditElements('title'));
    $story_templates->set_var('lang_page_title', $LANG_ADMIN['page_title']);
    $story_templates->set_var('page_title', $story->EditElements('page_title'));
    $story_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
    $story_templates->set_var('meta_description', $story->EditElements('meta_description'));
    $story_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
    $story_templates->set_var('meta_keywords', $story->EditElements('meta_keywords'));
    if ($_CONF['meta_tags'] > 0) {
        $story_templates->set_var('hide_meta', '');
    } else {
        $story_templates->set_var('hide_meta', ' style="display:none;"');
    }
    $story_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
    if (empty($currenttopic) && $story->EditElements('tid') == '') {
        $story->setTid(DB_getItem($_TABLES['topics'], 'tid', 'is_default = 1' . COM_getPermSQL('AND')));
    } elseif ($story->EditElements('tid') == '') {
        $story->setTid($currenttopic);
    }
    $tlist = COM_topicList('tid,topic', $story->EditElements('tid'), 1, true);
    if (empty($tlist)) {
        $display .= COM_showMessage(101);
        return $display;
    }
    $story_templates->set_var('topic_options', $tlist);
    $story_templates->set_var('lang_show_topic_icon', $LANG24[56]);
    if ($story->EditElements('show_topic_icon') == 1) {
        $story_templates->set_var('show_topic_icon_checked', 'checked="checked"');
    } else {
        $story_templates->set_var('show_topic_icon_checked', '');
    }
    $story_templates->set_var('lang_draft', $LANG24[34]);
    if ($story->EditElements('draft_flag')) {
        $story_templates->set_var('is_checked', 'checked="checked"');
    }
    $story_templates->set_var('lang_mode', $LANG24[3]);
    $story_templates->set_var('status_options', COM_optionList($_TABLES['statuscodes'], 'code,name', $story->EditElements('statuscode')));
    $story_templates->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $story->EditElements('commentcode')));
    $story_templates->set_var('trackback_options', COM_optionList($_TABLES['trackbackcodes'], 'code,name', $story->EditElements('trackbackcode')));
    // comment expire
    $story_templates->set_var('lang_cmt_disable', $LANG24[63]);
    if ($story->EditElements('cmt_close')) {
        $story_templates->set_var('is_checked5', 'checked="checked"');
        $js_showcmtclosedisabled = 'false';
    } else {
        $js_showcmtclosedisabled = 'true';
    }
    $month_options = COM_getMonthFormOptions($story->EditElements('cmt_close_month'));
    $story_templates->set_var('cmt_close_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('cmt_close_day'));
    $story_templates->set_var('cmt_close_day_options', $day_options);
    // ensure that the year dropdown includes the close year
    $endtm = mktime(0, 0, 0, date('m'), date('d') + $_CONF['article_comment_close_days'], date('Y'));
    $yoffset = date('Y', $endtm) - date('Y');
    $close_year = $story->EditElements('cmt_close_year');
    if ($yoffset < -1) {
        $year_options = COM_getYearFormOptions($close_year, $yoffset);
    } elseif ($yoffset > 5) {
        $year_options = COM_getYearFormOptions($close_year, -1, $yoffset);
    } else {
        $year_options = COM_getYearFormOptions($close_year);
    }
    $story_templates->set_var('cmt_close_year_options', $year_options);
    $cmt_close_ampm = '';
    $cmt_close_hour = $story->EditElements('cmt_close_hour');
    //correct hour
    if ($cmt_close_hour >= 12) {
        if ($cmt_close_hour > 12) {
            $cmt_close_hour = $cmt_close_hour - 12;
        }
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    }
    $ampm_select = COM_getAmPmFormSelection('cmt_close_ampm', $ampm);
    if (empty($ampm_select)) {
        // have a hidden field to 24 hour mode to prevent JavaScript errors
        $ampm_select = '<input type="hidden" name="cmt_close_ampm" value=""' . XHTML . '>';
    }
    $story_templates->set_var('cmt_close_ampm_selection', $ampm_select);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('cmt_close_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($cmt_close_hour);
    }
    $story_templates->set_var('cmt_close_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('cmt_close_minute'));
    $story_templates->set_var('cmt_close_minute_options', $minute_options);
    $story_templates->set_var('cmt_close_second', $story->EditElements('cmt_close_second'));
    if ($_CONF['onlyrootfeatures'] == 1 && SEC_inGroup('Root') or $_CONF['onlyrootfeatures'] !== 1) {
        $featured_options = "<select name=\"featured\">" . LB . COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured')) . "</select>" . LB;
    } else {
        $featured_options = "<input type=\"hidden\" name=\"featured\" value=\"0\"" . XHTML . ">";
    }
    $story_templates->set_var('featured_options', $featured_options);
    $story_templates->set_var('frontpage_options', COM_optionList($_TABLES['frontpagecodes'], 'code,name', $story->EditElements('frontpage')));
    $story_templates->set_var('story_introtext', $story->EditElements('introtext'));
    $story_templates->set_var('story_bodytext', $story->EditElements('bodytext'));
    $story_templates->set_var('lang_introtext', $LANG24[16]);
    $story_templates->set_var('lang_bodytext', $LANG24[17]);
    $story_templates->set_var('lang_postmode', $LANG24[4]);
    $story_templates->set_var('lang_publishoptions', $LANG24[76]);
    $story_templates->set_var('noscript', COM_getNoScript(false, $LANG24[77], sprintf($LANG24[78], $_CONF['site_admin_url'], $sid)));
    $post_options = COM_optionList($_TABLES['postmodes'], 'code,name', $story->EditElements('postmode'));
    // If Advanced Mode - add post option and set default if editing story created with Advanced Editor
    if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
        if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
            $post_options .= '<option value="adveditor" selected="selected">' . $LANG24[86] . '</option>';
        } else {
            $post_options .= '<option value="adveditor">' . $LANG24[86] . '</option>';
        }
    }
    if ($_CONF['wikitext_editor']) {
        if ($story->EditElements('postmode') == 'wikitext') {
            $post_options .= '<option value="wikitext" selected="selected">' . $LANG24[88] . '</option>';
        } else {
            $post_options .= '<option value="wikitext">' . $LANG24[88] . '</option>';
        }
    }
    $story_templates->set_var('post_options', $post_options);
    $story_templates->set_var('lang_allowed_html', COM_allowedHTML('story.edit'));
    $fileinputs = '';
    $saved_images = '';
    if ($_CONF['maximagesperarticle'] > 0) {
        $story_templates->set_var('lang_images', $LANG24[47]);
        $icount = DB_count($_TABLES['article_images'], 'ai_sid', $story->getSid());
        if ($icount > 0) {
            $result_articles = DB_query("SELECT * FROM {$_TABLES['article_images']} WHERE ai_sid = '" . $story->getSid() . "'");
            for ($z = 1; $z <= $icount; $z++) {
                $I = DB_fetchArray($result_articles);
                $saved_images .= $z . ') ' . COM_createLink($I['ai_filename'], $_CONF['site_url'] . '/images/articles/' . $I['ai_filename']) . '&nbsp;&nbsp;&nbsp;' . $LANG_ADMIN['delete'] . ': <input type="checkbox" name="delete[' . $I['ai_img_num'] . ']"' . XHTML . '><br' . XHTML . '>';
            }
        }
        $newallowed = $_CONF['maximagesperarticle'] - $icount;
        for ($z = $icount + 1; $z <= $_CONF['maximagesperarticle']; $z++) {
            $fileinputs .= $z . ') <input type="file" dir="ltr" name="file' . $z . '"' . XHTML . '>';
            if ($z < $_CONF['maximagesperarticle']) {
                $fileinputs .= '<br' . XHTML . '>';
            }
        }
        $fileinputs .= '<br' . XHTML . '>' . $LANG24[51];
        if ($_CONF['allow_user_scaling'] == 1) {
            $fileinputs .= $LANG24[27];
        }
        $fileinputs .= $LANG24[28] . '<br' . XHTML . '>';
    }
    // *****************************************
    // Add JavaScript
    if (!$advanced_editormode) {
        $js = '<script type="text/javascript">
        //<![CDATA[
        function enablearchive(obj) {
            var f = obj.form;           // all elements have their parent form in "form"
            var disable = obj.checked;  // Disable when checked
            if (f.elements["archiveflag"].checked==true && f.elements["storycode11"].checked==false) {
                f.elements["storycode10"].checked=true;
            }
            f.elements["storycode10"].disabled=!disable;
            f.elements["storycode11"].disabled=!disable;
            f.elements["expire_month"].disabled=!disable;
            f.elements["expire_day"].disabled=!disable;
            f.elements["expire_year"].disabled=!disable;
            f.elements["expire_hour"].disabled=!disable;
            f.elements["expire_minute"].disabled=!disable;
            f.elements["expire_ampm"].disabled=!disable;
        }
            
            function enablecmtclose(obj) {
            var f = obj.form;           // all elements have their parent form in "form"
            var disable = obj.checked;  // Disable when checked
        
            f.elements["cmt_close_month"].disabled=!disable;
            f.elements["cmt_close_day"].disabled=!disable;
            f.elements["cmt_close_year"].disabled=!disable;
            f.elements["cmt_close_hour"].disabled=!disable;
            f.elements["cmt_close_minute"].disabled=!disable;
            f.elements["cmt_close_ampm"].disabled=!disable;
            
        }
        //]]>
        </script>' . LB;
    } else {
        $js = '<script type="text/javascript">
            // Setup editor path for FCKeditor JS Functions
            geeklogEditorBasePath = "' . $_CONF['site_url'] . '/fckeditor/";
        </script>' . LB;
        $js .= '<!-- Hide the Advanced Editor as Javascript is required. If JS is enabled then the JS below will un-hide it -->
        <script type="text/javascript">
            document.getElementById("advanced_editor").style.display=""
        </script>';
        $_SCRIPTS->setJavaScriptFile('advanced_editor', '/javascript/advanced_editor.js');
        $_SCRIPTS->setJavaScriptFile('storyeditor_fckeditor', '/javascript/storyeditor_fckeditor.js');
    }
    $js .= '<script type="text/javascript">
    <!-- This code will only be executed by a browser that supports Javascript -->
    var jstest = ' . $js_showarchivedisabled . ';
    var jstest2 = ' . $js_showcmtclosedisabled . ';
    if (jstest) {
        document.frmstory.expire_month.disabled=true;
        document.frmstory.expire_day.disabled=true;
        document.frmstory.expire_year.disabled=true;
        document.frmstory.expire_hour.disabled=true;
        document.frmstory.expire_minute.disabled=true;
        document.frmstory.expire_ampm.disabled=true;
        document.frmstory.storycode10.disabled=true;
        document.frmstory.storycode11.disabled=true;
    }
    if (jstest2) {
        document.frmstory.cmt_close_month.disabled=true;
        document.frmstory.cmt_close_day.disabled=true;
        document.frmstory.cmt_close_year.disabled=true;
        document.frmstory.cmt_close_hour.disabled=true;
        document.frmstory.cmt_close_minute.disabled=true;
        document.frmstory.cmt_close_ampm.disabled=true;
    }
    </script>';
    $_SCRIPTS->setJavaScript($js);
    // *****************************************
    $story_templates->set_var('saved_images', $saved_images);
    $story_templates->set_var('image_form_elements', $fileinputs);
    $story_templates->set_var('lang_hits', $LANG24[18]);
    $story_templates->set_var('story_hits', $story->EditElements('hits'));
    $story_templates->set_var('lang_comments', $LANG24[19]);
    $story_templates->set_var('story_comments', $story->EditElements('comments'));
    $story_templates->set_var('lang_trackbacks', $LANG24[29]);
    $story_templates->set_var('story_trackbacks', $story->EditElements('trackbacks'));
    $story_templates->set_var('lang_emails', $LANG24[39]);
    $story_templates->set_var('story_emails', $story->EditElements('numemails'));
    if ($mode == 'clone') {
        $story_templates->set_var('story_id', COM_makesid());
    } else {
        $story_templates->set_var('story_id', $story->getSid());
        $story_templates->set_var('old_story_id', $story->EditElements('originalSid'));
    }
    $story_templates->set_var('lang_sid', $LANG24[12]);
    $story_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $story_templates->set_var('lang_preview', $LANG_ADMIN['preview']);
    $story_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $story_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
    $story_templates->set_var('gltoken_name', CSRF_TOKEN);
    $token = SEC_createToken();
    $story_templates->set_var('gltoken', $token);
    $story_templates->parse('output', 'editor');
    $display .= COM_startBlock($LANG24[5], '', COM_getBlockTemplate('_admin_block', 'header'));
    $display .= SEC_getTokenExpiryNotice($token, $LANG24[91]);
    $display .= $story_templates->finish($story_templates->get_var('output'));
    $display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $display;
}
Example #2
0
/**
* Shows the story submission form
*
*/
function submitstory($topic = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG12, $LANG24;
    $retval = '';
    $story = new Story();
    if (isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
        // preview
        $story->loadSubmission();
        $retval .= COM_startBlock($LANG12[32]) . STORY_renderArticle($story, 'p') . COM_endBlock();
    } else {
        $story->initSubmission($topic);
    }
    $storyform = new Template($_CONF['path_layout'] . 'submit');
    if (isset($_CONF['advanced_editor']) && $_CONF['advanced_editor'] == 1 && file_exists($_CONF['path_layout'] . 'submit/submitstory_advanced.thtml')) {
        $storyform->set_file('storyform', 'submitstory_advanced.thtml');
        $storyform->set_var('change_editormode', 'onchange="change_editmode(this);"');
        $storyform->set_var('lang_expandhelp', $LANG24[67]);
        $storyform->set_var('lang_reducehelp', $LANG24[68]);
        if ($story->EditElements('postmode') == 'html') {
            $storyform->set_var('show_texteditor', 'none');
            $storyform->set_var('show_htmleditor', '');
        } else {
            $storyform->set_var('show_texteditor', '');
            $storyform->set_var('show_htmleditor', 'none');
        }
    } else {
        $storyform->set_file('storyform', 'submitstory.thtml');
        if ($story->EditElements('postmode') == 'html') {
            $storyform->set_var('show_texteditor', 'none');
            $storyform->set_var('show_htmleditor', '');
        } else {
            $storyform->set_var('show_texteditor', '');
            $storyform->set_var('show_htmleditor', 'none');
        }
    }
    $storyform->set_var('xhtml', XHTML);
    $storyform->set_var('site_url', $_CONF['site_url']);
    $storyform->set_var('site_admin_url', $_CONF['site_admin_url']);
    $storyform->set_var('layout_url', $_CONF['layout_url']);
    $storyform->set_var('lang_username', $LANG12[27]);
    if (!empty($_USER['username'])) {
        $storyform->set_var('story_username', $_USER['username']);
        $storyform->set_var('author', COM_getDisplayName());
        $storyform->set_var('status_url', $_CONF['site_url'] . '/users.php?mode=logout');
        $storyform->set_var('lang_loginout', $LANG12[34]);
    } else {
        $storyform->set_var('status_url', $_CONF['site_url'] . '/users.php');
        $storyform->set_var('lang_loginout', $LANG12[2]);
        if (!$_CONF['disable_new_user_registration']) {
            $storyform->set_var('separator', ' | ');
            $storyform->set_var('seperator', ' | ');
            $storyform->set_var('create_account', COM_createLink($LANG12[53], $_CONF['site_url'] . '/users.php?mode=new', array('rel' => "nofollow")));
        }
    }
    $storyform->set_var('lang_title', $LANG12[10]);
    $storyform->set_var('story_title', $story->EditElements('title'));
    $storyform->set_var('lang_topic', $LANG12[28]);
    $tlist = COM_topicList('tid,topic', $story->EditElements('tid'));
    if (empty($tlist)) {
        $retval .= COM_showMessage(101);
        return $retval;
    }
    $storyform->set_var('story_topic_options', $tlist);
    $storyform->set_var('lang_story', $LANG12[29]);
    $storyform->set_var('lang_introtext', $LANG12[54]);
    $storyform->set_var('lang_bodytext', $LANG12[55]);
    $storyform->set_var('story_introtext', $story->EditElements('introtext'));
    $storyform->set_var('story_bodytext', $story->EditElements('bodytext'));
    $storyform->set_var('lang_postmode', $LANG12[36]);
    $storyform->set_var('story_postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $story->EditElements('postmode')));
    $storyform->set_var('allowed_html', COM_allowedHTML());
    $storyform->set_var('story_uid', $story->EditElements('uid'));
    $storyform->set_var('story_sid', $story->EditElements('sid'));
    $storyform->set_var('story_date', $story->EditElements('unixdate'));
    $storyform->set_var('lang_preview', $LANG12[32]);
    PLG_templateSetVars('story', $storyform);
    if ($_CONF['skip_preview'] == 1 || isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
        $storyform->set_var('save_button', '<input name="mode" type="submit" value="' . $LANG12[8] . '"' . XHTML . '>');
    }
    $retval .= COM_startBlock($LANG12[6], 'submitstory.html');
    $storyform->parse('theform', 'storyform');
    $retval .= $storyform->finish($storyform->get_var('theform'));
    $retval .= COM_endBlock();
    return $retval;
}
Example #3
0
 /**
  * Shows search form
  *
  * Shows advanced search page
  *
  * @author Tony Bibbs, tony AT geeklog DOT net
  * @access public
  * @return string HTML output for form
  *
  */
 function showForm()
 {
     global $_CONF, $_TABLES, $LANG09;
     $retval = '';
     // Verify current user my use the search form
     if (!$this->_isFormAllowed()) {
         return $this->_getAccessDeniedMessage();
     }
     $retval .= COM_startBlock($LANG09[1], 'advancedsearch.html');
     $searchform = new Template($_CONF['path_layout'] . 'search');
     $searchform->set_file(array('searchform' => 'searchform.thtml', 'authors' => 'searchauthors.thtml'));
     $searchform->set_var('xhtml', XHTML);
     $searchform->set_var('search_intro', $LANG09[19]);
     $searchform->set_var('site_url', $_CONF['site_url']);
     $searchform->set_var('site_admin_url', $_CONF['site_admin_url']);
     $searchform->set_var('layout_url', $_CONF['layout_url']);
     $searchform->set_var('lang_keywords', $LANG09[2]);
     $searchform->set_var('lang_date', $LANG09[20]);
     $searchform->set_var('lang_to', $LANG09[21]);
     $searchform->set_var('date_format', $LANG09[22]);
     $searchform->set_var('lang_topic', $LANG09[3]);
     $searchform->set_var('lang_all', $LANG09[4]);
     $searchform->set_var('topic_option_list', COM_topicList('tid,topic', $this->_topic));
     $searchform->set_var('lang_type', $LANG09[5]);
     $searchform->set_var('lang_results', $LANG09[59]);
     $searchform->set_var('lang_per_page', $LANG09[60]);
     $searchform->set_var('lang_exact_phrase', $LANG09[43]);
     $searchform->set_var('lang_all_words', $LANG09[44]);
     $searchform->set_var('lang_any_word', $LANG09[45]);
     $searchform->set_var('lang_titles', $LANG09[69]);
     $escquery = htmlspecialchars($this->_query);
     $escquery = str_replace(array('{', '}'), array('&#123;', '&#125;'), $escquery);
     $searchform->set_var('query', $escquery);
     $searchform->set_var('datestart', $this->_dateStart);
     $searchform->set_var('dateend', $this->_dateEnd);
     if ($this->_titlesOnly) {
         $searchform->set_var('title_checked', ' checked="checked"');
     } else {
         $searchform->set_var('title_checked', '');
     }
     $phrase_selected = '';
     $all_selected = '';
     $any_selected = '';
     if ($this->_keyType == 'phrase') {
         $phrase_selected = 'selected="selected"';
     } else {
         if ($this->_keyType == 'all') {
             $all_selected = 'selected="selected"';
         } else {
             if ($this->_keyType == 'any') {
                 $any_selected = 'selected="selected"';
             }
         }
     }
     $searchform->set_var('key_phrase_selected', $phrase_selected);
     $searchform->set_var('key_all_selected', $all_selected);
     $searchform->set_var('key_any_selected', $any_selected);
     $options = '';
     $plugintypes = array('all' => $LANG09[4], 'stories' => $LANG09[6], 'comments' => $LANG09[7]);
     $plugintypes = array_merge($plugintypes, PLG_getSearchTypes());
     // Generally I don't like to hardcode HTML but this seems easiest
     foreach ($plugintypes as $key => $val) {
         $options .= "<option value=\"{$key}\"";
         if ($this->_type == $key) {
             $options .= ' selected="selected"';
         }
         $options .= ">{$val}</option>" . LB;
     }
     $searchform->set_var('plugin_types', $options);
     if ($_CONF['contributedbyline'] == 1) {
         $searchform->set_var('lang_authors', $LANG09[8]);
         $searchusers = array();
         $result = DB_query("SELECT DISTINCT uid FROM {$_TABLES['comments']}");
         while ($A = DB_fetchArray($result)) {
             $searchusers[$A['uid']] = $A['uid'];
         }
         $result = DB_query("SELECT DISTINCT uid FROM {$_TABLES['stories']} WHERE (date <= NOW()) AND (draft_flag = 0)");
         while ($A = DB_fetchArray($result)) {
             $searchusers[$A['uid']] = $A['uid'];
         }
         $inlist = implode(',', $searchusers);
         if (!empty($inlist)) {
             $sql = "SELECT uid,username,fullname FROM {$_TABLES['users']} WHERE uid IN ({$inlist})";
             if (isset($_CONF['show_fullname']) && $_CONF['show_fullname'] == 1) {
                 /* Caveat: This will group all users with an emtpy fullname
                  *         together, so it's not exactly sorted by their
                  *         full name ...
                  */
                 $sql .= ' ORDER BY fullname,username';
             } else {
                 $sql .= ' ORDER BY username';
             }
             $result = DB_query($sql);
             $options = '';
             while ($A = DB_fetchArray($result)) {
                 $options .= '<option value="' . $A['uid'] . '"';
                 if ($A['uid'] == $this->_author) {
                     $options .= ' selected="selected"';
                 }
                 $options .= '>' . htmlspecialchars(COM_getDisplayName('', $A['username'], $A['fullname'])) . '</option>';
             }
             $searchform->set_var('author_option_list', $options);
             $searchform->parse('author_form_element', 'authors', true);
         } else {
             $searchform->set_var('author_form_element', '<input type="hidden" name="author" value="0"' . XHTML . '>');
         }
     } else {
         $searchform->set_var('author_form_element', '<input type="hidden" name="author" value="0"' . XHTML . '>');
     }
     // Results per page
     $options = '';
     $limits = explode(',', $_CONF['search_limits']);
     foreach ($limits as $limit) {
         $options .= "<option value=\"{$limit}\"";
         if ($_CONF['num_search_results'] == $limit) {
             $options .= ' selected="selected"';
         }
         $options .= ">{$limit}</option>" . LB;
     }
     $searchform->set_var('search_limits', $options);
     $searchform->set_var('lang_search', $LANG09[10]);
     $searchform->parse('output', 'searchform');
     $retval .= $searchform->finish($searchform->get_var('output'));
     $retval .= COM_endBlock();
     return $retval;
 }
Example #4
0
/**
* Displays the static page form
*
* @param    array   $A      Data to display
* @param    string  $error  Error message to display
*
*/
function PAGE_form($A, $error = false)
{
    global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $action, $sp_id, $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG24, $LANG_postmodes, $MESSAGE;
    USES_lib_admin();
    $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/staticpages/index.php', 'text' => $LANG_STATIC['page_list']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
    $template_path = staticpages_templatePath('admin');
    if (!empty($sp_id) && ($action == 'edit' || $action == 'clone')) {
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    } else {
        $A['owner_id'] = $_USER['uid'];
        if (isset($_GROUPS['staticpages Admin'])) {
            $A['group_id'] = $_GROUPS['staticpages Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('staticpages.edit');
        }
        SEC_setDefaultPermissions($A, $_SP_CONF['default_permissions']);
        $access = 3;
    }
    $retval = '';
    if (empty($A['owner_id'])) {
        $error = COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header'));
        $error .= $LANG_STATIC['deny_msg'];
        $error .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
    }
    if ($error) {
        $retval .= $error . '<br/><br/>';
    } else {
        $sp_template = new Template($template_path);
        $sp_template->set_file('form', 'editor.thtml');
        $sp_template->set_var('lang_mode', $LANG24[3]);
        $sp_template->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $A['commentcode']));
        $ownername = COM_getDisplayName($A['owner_id']);
        $sp_template->set_var(array('sp_search_checked' => $A['sp_search'] == 1 ? ' checked="checked"' : '', 'sp_status_checked' => $A['sp_status'] == 1 ? ' checked="checked"' : '', 'lang_accessrights' => $LANG_ACCESS['accessrights'], 'lang_owner' => $LANG_ACCESS['owner'], 'owner_username' => DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"), 'owner_name' => $ownername, 'owner' => $ownername, 'owner_id' => $A['owner_id'], 'lang_group' => $LANG_ACCESS['group'], 'group_dropdown' => SEC_getGroupDropdown($A['group_id'], $access), 'permissions_editor' => SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']), 'lang_permissions' => $LANG_ACCESS['permissions'], 'lang_perm_key' => $LANG_ACCESS['permissionskey'], 'permissions_msg' => $LANG_ACCESS['permmsg'], 'start_block_editor' => COM_startBlock($LANG_STATIC['staticpages'] . ' :: ' . $LANG_STATIC['staticpageeditor'], '', COM_getBlockTemplate('_admin_block', 'header')), 'lang_save' => $LANG_ADMIN['save'], 'lang_cancel' => $LANG_ADMIN['cancel'], 'lang_preview' => $LANG_ADMIN['preview'], 'lang_editor' => $LANG_STATIC['staticpageeditor'], 'lang_attributes' => $LANG_STATIC['attributes']));
        if (SEC_hasRights('staticpages.delete') && $action != 'clone' && !empty($A['sp_old_id'])) {
            $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="delete"%s/>';
            $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
            $sp_template->set_var('delete_option', sprintf($delbutton, $jsconfirm));
            $sp_template->set_var('delete_button', true);
            $sp_template->set_var('lang_delete_confirm', $MESSAGE[76]);
            $sp_template->set_var('lang_delete', $LANG_ADMIN['delete']);
            $sp_template->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
        } else {
            $sp_template->set_var('delete_option', '');
        }
        $sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']);
        $sp_template->set_var('username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['sp_uid']}"));
        $authorname = COM_getDisplayName($A['sp_uid']);
        $sp_template->set_var('name', $authorname);
        $sp_template->set_var('author', $authorname);
        $sp_template->set_var('lang_url', $LANG_STATIC['url']);
        $sp_template->set_var('lang_id', $LANG_STATIC['id']);
        $sp_template->set_var('sp_uid', $A['sp_uid']);
        $sp_template->set_var('sp_id', $A['sp_id']);
        $sp_template->set_var('sp_old_id', $A['sp_old_id']);
        $sp_template->set_var('example_url', COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $A['sp_id']));
        $sp_template->set_var('lang_centerblock', $LANG_STATIC['centerblock']);
        $sp_template->set_var('lang_centerblock_help', $LANG_ADMIN['help_url']);
        $sp_template->set_var('lang_centerblock_include', $LANG21[51]);
        $sp_template->set_var('lang_centerblock_desc', $LANG21[52]);
        $sp_template->set_var('centerblock_help', $A['sp_help']);
        $sp_template->set_var('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']);
        if (isset($A['sp_centerblock']) && $A['sp_centerblock'] == 1) {
            $sp_template->set_var('centerblock_checked', 'checked="checked"');
        } else {
            $sp_template->set_var('centerblock_checked', '');
        }
        $sp_template->set_var('lang_topic', $LANG_STATIC['topic']);
        $sp_template->set_var('lang_position', $LANG_STATIC['position']);
        $current_topic = '';
        if (isset($A['sp_tid'])) {
            $current_topic = $A['sp_tid'];
        }
        if (empty($current_topic)) {
            $current_topic = 'none';
        }
        $topics = COM_topicList('tid,topic', $current_topic, 1, true);
        $alltopics = '<option value="all"';
        if ($current_topic == 'all') {
            $alltopics .= ' selected="selected"';
        }
        $alltopics .= '>' . $LANG_STATIC['all_topics'] . '</option>' . LB;
        $allnhp = '<option value="allnhp"';
        if ($current_topic == 'allnhp') {
            $allnhp .= ' selected="selected"';
        }
        $allnhp .= '>' . $LANG_STATIC['allnhp_topics'] . '</option>' . LB;
        $notopic = '<option value="none"';
        if ($current_topic == 'none') {
            $notopic .= ' selected="selected"';
        }
        $notopic .= '>' . $LANG_STATIC['no_topic'] . '</option>' . LB;
        $sp_template->set_var('topic_selection', '<select name="sp_tid">' . $alltopics . $allnhp . $notopic . $topics . '</select>');
        $position = '<select name="sp_where">';
        $position .= '<option value="1"';
        if ($A['sp_where'] == 1) {
            $position .= ' selected="selected"';
        }
        $position .= '>' . $LANG_STATIC['position_top'] . '</option>';
        $position .= '<option value="2"';
        if ($A['sp_where'] == 2) {
            $position .= ' selected="selected"';
        }
        $position .= '>' . $LANG_STATIC['position_feat'] . '</option>';
        $position .= '<option value="3"';
        if ($A['sp_where'] == 3) {
            $position .= ' selected="selected"';
        }
        $position .= '>' . $LANG_STATIC['position_bottom'] . '</option>';
        $position .= '<option value="0"';
        if ($A['sp_where'] == 0) {
            $position .= ' selected="selected"';
        }
        $position .= '>' . $LANG_STATIC['position_entire'] . '</option>';
        $position .= '<option value="4"';
        if ($A['sp_where'] == 4) {
            $position .= ' selected="selected"';
        }
        $position .= '>' . $LANG_STATIC['position_nonews'] . '</option>';
        $position .= '</select>';
        $sp_template->set_var('pos_selection', $position);
        if ($_SP_CONF['allow_php'] == 1 && SEC_hasRights('staticpages.PHP')) {
            if (!isset($A['sp_php'])) {
                $A['sp_php'] = 0;
            }
            $selection = '<select name="sp_php">' . LB;
            $selection .= '<option value="0"';
            if ($A['sp_php'] <= 0 || $A['sp_php'] > 2) {
                $selection .= ' selected="selected"';
            }
            $selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB;
            $selection .= '<option value="1"';
            if ($A['sp_php'] == 1) {
                $selection .= ' selected="selected"';
            }
            $selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB;
            $selection .= '<option value="2"';
            if ($A['sp_php'] == 2) {
                $selection .= ' selected="selected"';
            }
            $selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB;
            $selection .= '</select>';
            $sp_template->set_var('php_selector', $selection);
            $sp_template->set_var('php_warn', $LANG_STATIC['php_warn']);
        } else {
            $sp_template->set_var('php_selector', '');
            $sp_template->set_var('php_warn', $LANG_STATIC['php_not_activated']);
        }
        $sp_template->set_var('php_msg', $LANG_STATIC['php_msg']);
        // old variables (for the 1.3-type checkbox)
        $sp_template->set_var('php_checked', '');
        $sp_template->set_var('php_type', 'hidden');
        if (isset($A['sp_nf']) && $A['sp_nf'] == 1) {
            $sp_template->set_var('exit_checked', 'checked="checked"');
        } else {
            $sp_template->set_var('exit_checked', '');
        }
        $sp_template->set_var('exit_msg', $LANG_STATIC['exit_msg']);
        $sp_template->set_var('exit_info', $LANG_STATIC['exit_info']);
        if (isset($A['sp_inblock']) && $A['sp_inblock'] == 1) {
            $sp_template->set_var('inblock_checked', 'checked="checked"');
        } else {
            $sp_template->set_var('inblock_checked', '');
        }
        $sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']);
        $sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']);
        $curtime = COM_getUserDateTimeFormat($A['unixdate']);
        $sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']);
        $sp_template->set_var('sp_formateddate', $curtime[0]);
        $sp_template->set_var('sp_date', $curtime[1]);
        $sp_template->set_var('lang_title', $LANG_STATIC['title']);
        $title = '';
        if (isset($A['sp_title'])) {
            $title = htmlspecialchars($A['sp_title']);
        }
        $sp_template->set_var('sp_title', $title);
        $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']);
        if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) {
            $sp_template->set_var('onmenu_checked', 'checked="checked"');
        } else {
            $sp_template->set_var('onmenu_checked', '');
        }
        $sp_template->set_var('lang_label', $LANG_STATIC['label']);
        if (isset($A['sp_label'])) {
            $sp_template->set_var('sp_label', $A['sp_label']);
        } else {
            $sp_template->set_var('sp_label', '');
        }
        $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']);
        $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']);
        $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']);
        $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']);
        $sp_template->set_var('lang_rightblocks', $LANG_STATIC['rightblocks']);
        $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']);
        if (!isset($A['sp_format'])) {
            $A['sp_format'] = '';
        }
        if ($A['sp_format'] == 'noblocks') {
            $sp_template->set_var('noblock_selected', 'selected="selected"');
        } else {
            $sp_template->set_var('noblock_selected', '');
        }
        if ($A['sp_format'] == 'leftblocks') {
            $sp_template->set_var('leftblocks_selected', 'selected="selected"');
        } else {
            $sp_template->set_var('leftblocks_selected', '');
        }
        if ($A['sp_format'] == 'rightblocks') {
            $sp_template->set_var('rightblocks_selected', 'selected="selected"');
        } else {
            $sp_template->set_var('rightblocks_selected', '');
        }
        if ($A['sp_format'] == 'blankpage') {
            $sp_template->set_var('blankpage_selected', 'selected="selected"');
        } else {
            $sp_template->set_var('blankpage_selected', '');
        }
        if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) {
            $sp_template->set_var('allblocks_selected', 'selected="selected"');
        } else {
            $sp_template->set_var('allblocks_selected', '');
        }
        $sp_template->set_var('lang_content', $LANG_STATIC['content']);
        $content = '';
        if (isset($A['sp_content'])) {
            $content = htmlspecialchars($A['sp_content']);
        }
        $sp_template->set_var('sp_content', $content);
        if ($_SP_CONF['filter_html'] == 1) {
            $sp_template->set_var('lang_allowedhtml', COM_allowedHTML(SEC_getUserPermissions(), false, 'staticpages', 'page'));
        } else {
            $sp_template->set_var('lang_allowedhtml', $LANG_STATIC['all_html_allowed']);
        }
        $sp_template->set_var('lang_hits', $LANG_STATIC['hits']);
        if (empty($A['sp_hits'])) {
            $sp_template->set_var('sp_hits', '0');
            $sp_template->set_var('sp_hits_formatted', '0');
        } else {
            $sp_template->set_var('sp_hits', $A['sp_hits']);
            $sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits']));
        }
        $sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
        $sp_template->set_var('owner_dropdown', COM_buildOwnerList('owner_id', $A['owner_id']));
        $sp_template->set_var('writtenby_dropdown', COM_buildOwnerList('sp_uid', $A['sp_uid']));
        $sp_template->set_var('gltoken_name', CSRF_TOKEN);
        $sp_template->set_var('gltoken', SEC_createToken());
        $sp_template->set_var('admin_menu', ADMIN_createMenu($menu_arr, $LANG_STATIC['instructions_edit'], plugin_geticon_staticpages()));
        PLG_templateSetVars('sp_editor', $sp_template);
        $retval .= $sp_template->parse('output', 'form');
    }
    return $retval;
}
Example #5
0
/**
* Display the feed editor.
*
* @param    int      $fid    feed id (0 for new feeds)
* @param    string   $type   type of feed, e.g. 'article'
* @return   string           HTML for the feed editor
*
*/
function FEED_edit($fid = 0, $type = '')
{
    global $_CONF, $_TABLES, $LANG33, $LANG_ADMIN, $MESSAGE, $_IMAGE_TYPE;
    USES_lib_admin();
    if ($fid > 0) {
        $result = DB_query("SELECT *,UNIX_TIMESTAMP(updated) AS date FROM {$_TABLES['syndication']} WHERE fid = '{$fid}'");
        $A = DB_fetchArray($result);
        $fid = $A['fid'];
    }
    if ($fid == 0) {
        if (!empty($type)) {
            // set defaults
            $A['fid'] = $fid;
            $A['type'] = $type;
            $A['topic'] = '::all';
            $A['header_tid'] = 'none';
            $A['format'] = 'RSS-2.0';
            $A['limits'] = $_CONF['rdf_limit'];
            $A['content_length'] = $_CONF['rdf_storytext'];
            $A['title'] = $_CONF['site_name'];
            $A['description'] = $_CONF['site_slogan'];
            $A['feedlogo'] = '';
            $A['filename'] = '';
            $A['charset'] = $_CONF['default_charset'];
            $A['language'] = $_CONF['rdf_language'];
            $A['is_enabled'] = 1;
            $A['updated'] = '';
            $A['update_info'] = '';
            $A['date'] = time();
        } else {
            return COM_refresh($_CONF['site_admin_url'] . '/syndication.php');
        }
    }
    $retval = '';
    $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/syndication.php', 'text' => $LANG33[57]), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
    $feed_template = new Template($_CONF['path_layout'] . 'admin/syndication');
    $feed_template->set_file('editor', 'feededitor.thtml');
    $feed_template->set_var('start_feed_editor', COM_startBlock($LANG33[24], '', COM_getBlockTemplate('_admin_block', 'header')));
    $feed_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    $feed_template->set_var('lang_feedtitle', $LANG33[25]);
    $feed_template->set_var('lang_enabled', $LANG33[19]);
    $feed_template->set_var('lang_format', $LANG33[17]);
    $feed_template->set_var('lang_limits', $LANG33[26]);
    $feed_template->set_var('lang_content_length', $LANG33[27]);
    $feed_template->set_var('lang_clen_explain', $LANG33[28]);
    $feed_template->set_var('lang_description', $LANG33[29]);
    $feed_template->set_var('lang_feedlogo', $LANG33[49]);
    $feed_template->set_var('lang_feedlogo_explain', $LANG33[50]);
    $feed_template->set_var('lang_filename', $LANG33[16]);
    $feed_template->set_var('lang_updated', $LANG33[30]);
    $feed_template->set_var('lang_type', $LANG33[15]);
    $feed_template->set_var('lang_charset', $LANG33[31]);
    $feed_template->set_var('lang_language', $LANG33[32]);
    $feed_template->set_var('lang_topic', $LANG33[33]);
    $feed_template->set_var('admin_menu', ADMIN_createMenu($menu_arr, $LANG33[58], $_CONF['layout_url'] . '/images/icons/syndication.' . $_IMAGE_TYPE));
    if ($A['header_tid'] == 'all') {
        $feed_template->set_var('all_selected', 'selected="selected"');
    } elseif ($A['header_tid'] == 'none') {
        $feed_template->set_var('none_selected', 'selected="selected"');
    }
    $feed_template->set_var('lang_header_all', $LANG33[43]);
    $feed_template->set_var('lang_header_none', $LANG33[44]);
    $feed_template->set_var('lang_header_topic', $LANG33[45]);
    $feed_template->set_var('header_topic_options', COM_topicList('tid,topic', $A['header_tid'], 1, true));
    $feed_template->set_var('lang_save', $LANG_ADMIN['save']);
    $feed_template->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    if ($A['fid'] > 0) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . '/>';
        $jsconfirm = ' onclick="return confirm(\'' . $LANG33[56] . '\');"';
        $feed_template->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $feed_template->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
        $feed_template->set_var('delete_button', true);
        $feed_template->set_var('lang_delete_confirm', $LANG33[56]);
        $feed_template->set_var('lang_delete', $LANG_ADMIN['delete']);
    }
    $feed_template->set_var('feed_id', $A['fid']);
    $feed_template->set_var('feed_title', $A['title']);
    $feed_template->set_var('feed_description', $A['description']);
    $feed_template->set_var('feed_logo', $A['feedlogo']);
    $feed_template->set_var('feed_content_length', $A['content_length']);
    $feed_template->set_var('feed_filename', $A['filename']);
    $feed_template->set_var('feed_type', $A['type']);
    if ($A['type'] == 'article') {
        $feed_template->set_var('feed_type_display', $LANG33[55]);
    } else {
        $feed_template->set_var('feed_type_display', ucwords($A['type']));
    }
    $feed_template->set_var('feed_charset', $A['charset']);
    $feed_template->set_var('feed_language', $A['language']);
    $nicedate = COM_getUserDateTimeFormat($A['date']);
    $feed_template->set_var('feed_updated', $nicedate[0]);
    $formats = FEED_findFormats();
    $selection = '<select name="format">' . LB;
    foreach ($formats as $f) {
        // if one changes this format below ('name-version'), also change parsing
        // in COM_siteHeader. It uses explode( "-" , $string )
        $selection .= '<option value="' . $f['name'] . '-' . $f['version'] . '"';
        if ($A['format'] == $f['name'] . '-' . $f['version']) {
            $selection .= ' selected="selected"';
        }
        $selection .= '>' . ucwords($f['name'] . ' ' . $f['version']) . '</option>' . LB;
    }
    $selection .= '</select>' . LB;
    $feed_template->set_var('feed_format', $selection);
    $limits = $A['limits'];
    $hours = false;
    if (substr($A['limits'], -1) == 'h') {
        $limits = substr($A['limits'], 0, -1);
        $hours = true;
    }
    $selection = '<select name="limits_in">' . LB;
    $selection .= '<option value="0"';
    if (!$hours) {
        $selection .= ' selected="selected"';
    }
    $selection .= '>' . $LANG33[34] . '</option>' . LB;
    $selection .= '<option value="1"';
    if ($hours) {
        $selection .= ' selected="selected"';
    }
    $selection .= '>' . $LANG33[35] . '</option>' . LB;
    $selection .= '</select>' . LB;
    $feed_template->set_var('feed_limits', $limits);
    $feed_template->set_var('feed_limits_what', $selection);
    if ($A['type'] == 'article') {
        $options = FEED_getArticleFeeds();
    } else {
        $result = DB_query("SELECT pi_enabled FROM {$_TABLES['plugins']} WHERE pi_name='{$A['type']}'");
        if ($result) {
            $P = DB_fetchArray($result);
            if ($P['pi_enabled'] == 0) {
                COM_setMessage(80);
                echo COM_refresh($_CONF['site_admin_url'] . '/syndication.php');
                exit;
            }
        }
        $options = PLG_getFeedNames($A['type']);
    }
    $selection = '<select name="topic">' . LB;
    foreach ($options as $o) {
        $selection .= '<option value="' . $o['id'] . '"';
        if ($A['topic'] == $o['id']) {
            $selection .= ' selected="selected"';
        }
        $selection .= '>' . $o['name'] . '</option>' . LB;
    }
    $selection .= '</select>' . LB;
    $feed_template->set_var('feed_topic', $selection);
    if ($A['is_enabled'] == 1) {
        $feed_template->set_var('is_enabled', 'checked="checked"');
    } else {
        $feed_template->set_var('is_enabled', '');
    }
    $security_token = SEC_createToken();
    $feed_template->set_var('sec_token_name', CSRF_TOKEN);
    $feed_template->set_var('sec_token', $security_token);
    //depreciated
    $feed_template->set_var('gltoken_name', CSRF_TOKEN);
    $feed_template->set_var('gltoken', $security_token);
    //end of depreciated
    $retval .= $feed_template->finish($feed_template->parse('output', 'editor'));
    return $retval;
}
Example #6
0
/**
* Shows the block editor
*
* This will show a block edit form.  If this is a Geeklog default block it will
* send it off to editdefaultblock.
*
* @param    string  $bid    ID of block to edit
* @return   string          HTML for block editor
*
*/
function editblock($bid = '')
{
    global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG01, $LANG21, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE;
    $retval = '';
    if (!empty($bid)) {
        $sql['mysql'] = "SELECT * FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'";
        $sql['mssql'] = "SELECT bid, is_enabled, name, type, title, tid, blockorder, cast(content as text) as content, rdfurl, ";
        $sql['mssql'] .= "rdfupdated, rdflimit, onleft, phpblockfn, help, owner_id,group_id, ";
        $sql['mssql'] .= "perm_owner, perm_group, perm_members, perm_anon, allow_autotags FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'";
        $sql['pgsql'] = "SELECT * FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'";
        $result = DB_query($sql);
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access == 2 || $access == 0 || hasBlockTopicAccess($A['tid']) < 3) {
            $retval .= COM_showMessageText($LANG21[45], $LANG_ACCESS['accessdenied']);
            COM_accessLog("User {$_USER['username']} tried to illegally create or edit block {$bid}.");
            return $retval;
        }
        if ($A['type'] == 'gldefault') {
            $retval .= editdefaultblock($A, $access);
            return $retval;
        }
    } else {
        $A['bid'] = 0;
        $A['is_enabled'] = 1;
        $A['name'] = '';
        $A['type'] = 'normal';
        $A['title'] = '';
        $A['tid'] = 'All';
        $A['blockorder'] = 0;
        $A['content'] = '';
        $A['allow_autotags'] = 0;
        $A['rdfurl'] = '';
        $A['rdfupdated'] = '';
        $A['rdflimit'] = 0;
        $A['onleft'] = 0;
        $A['phpblockfn'] = '';
        $A['help'] = '';
        $A['owner_id'] = $_USER['uid'];
        if (isset($_GROUPS['Block Admin'])) {
            $A['group_id'] = $_GROUPS['Block Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('block.edit');
        }
        SEC_setDefaultPermissions($A, $_CONF['default_permissions_block']);
        $access = 3;
    }
    $token = SEC_createToken();
    $block_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/block');
    $block_templates->set_file('editor', 'blockeditor.thtml');
    $block_start = COM_startBlock($LANG21[3], '', COM_getBlockTemplate('_admin_block', 'header'));
    $block_start .= LB . SEC_getTokenExpiryNotice($token);
    $block_templates->set_var('start_block_editor', $block_start);
    if (!empty($bid) && SEC_hasrights('block.delete')) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $block_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $block_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    }
    $block_templates->set_var('block_bid', $A['bid']);
    // standard Admin strings
    $block_templates->set_var('lang_blocktitle', $LANG_ADMIN['title']);
    $block_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
    $block_templates->set_var('lang_blockhelpurl', $LANG_ADMIN['help_url']);
    $block_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
    $block_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $block_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $block_templates->set_var('lang_blocktype', $LANG_ADMIN['type']);
    $block_templates->set_var('lang_allowed_html', $LANG01[123]);
    $block_templates->set_var('block_title', stripslashes($A['title']));
    $block_templates->set_var('lang_enabled', $LANG21[53]);
    if ($A['is_enabled'] == 1) {
        $block_templates->set_var('is_enabled', 'checked="checked"');
    } else {
        $block_templates->set_var('is_enabled', '');
    }
    $block_templates->set_var('block_help', $A['help']);
    $block_templates->set_var('lang_includehttp', $LANG21[51]);
    $block_templates->set_var('lang_explanation', $LANG21[52]);
    $block_templates->set_var('block_name', $A['name']);
    $block_templates->set_var('lang_blockname', $LANG21[48]);
    $block_templates->set_var('lang_nospaces', $LANG21[49]);
    $block_templates->set_var('lang_all', $LANG21[7]);
    $block_templates->set_var('lang_homeonly', $LANG21[43]);
    if ($A['tid'] == 'all') {
        $block_templates->set_var('all_selected', 'selected="selected"');
    } elseif ($A['tid'] == 'homeonly') {
        $block_templates->set_var('homeonly_selected', 'selected="selected"');
    }
    $block_templates->set_var('topic_options', COM_topicList('tid,topic', $A['tid'], 1, true));
    $block_templates->set_var('lang_side', $LANG21[39]);
    $block_templates->set_var('lang_left', $LANG21[40]);
    $block_templates->set_var('lang_right', $LANG21[41]);
    if ($A['onleft'] == 1) {
        $block_templates->set_var('left_selected', 'selected="selected"');
    } elseif ($A['onleft'] == 0) {
        $block_templates->set_var('right_selected', 'selected="selected"');
    }
    $block_templates->set_var('lang_blockorder', $LANG21[9]);
    $block_templates->set_var('block_order', $A['blockorder']);
    $block_templates->set_var('lang_normalblock', $LANG21[12]);
    $block_templates->set_var('lang_phpblock', $LANG21[27]);
    $block_templates->set_var('lang_portalblock', $LANG21[11]);
    if ($A['type'] == 'normal') {
        $block_templates->set_var('normal_selected', 'selected="selected"');
    } elseif ($A['type'] == 'phpblock') {
        $block_templates->set_var('php_selected', 'selected="selected"');
    } elseif ($A['type'] == 'portal') {
        $block_templates->set_var('portal_selected', 'selected="selected"');
    }
    $block_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $block_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($A['owner_id']);
    $block_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = '{$A['owner_id']}'"));
    $block_templates->set_var('owner_name', $ownername);
    $block_templates->set_var('owner', $ownername);
    $block_templates->set_var('owner_id', $A['owner_id']);
    $block_templates->set_var('lang_group', $LANG_ACCESS['group']);
    $block_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $block_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $block_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $block_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    $block_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $block_templates->set_var('lang_phpblockoptions', $LANG21[28]);
    $block_templates->set_var('lang_blockfunction', $LANG21[29]);
    $block_templates->set_var('block_phpblockfn', $A['phpblockfn']);
    $block_templates->set_var('lang_phpblockwarning', $LANG21[30]);
    $block_templates->set_var('lang_portalblockoptions', $LANG21[13]);
    $block_templates->set_var('lang_rdfurl', $LANG21[14]);
    $block_templates->set_var('max_url_length', 255);
    $block_templates->set_var('block_rdfurl', $A['rdfurl']);
    $block_templates->set_var('lang_rdflimit', $LANG21[62]);
    $block_templates->set_var('block_rdflimit', $A['rdflimit']);
    $block_templates->set_var('lang_lastrdfupdate', $LANG21[15]);
    if ($A['rdfupdated'] == '0000-00-00 00:00:00') {
        $block_templates->set_var('block_rdfupdated', '');
    } else {
        $block_templates->set_var('block_rdfupdated', $A['rdfupdated']);
    }
    $block_templates->set_var('lang_normalblockoptions', $LANG21[16]);
    $block_templates->set_var('lang_blockcontent', $LANG21[17]);
    $block_templates->set_var('lang_autotags', $LANG21[66]);
    $block_templates->set_var('lang_use_autotags', $LANG21[67]);
    $content = htmlspecialchars(stripslashes($A['content']));
    $content = str_replace(array('{', '}'), array('&#123;', '&#125;'), $content);
    $block_templates->set_var('block_content', $content);
    if ($A['allow_autotags'] == 1) {
        $block_templates->set_var('allow_autotags', 'checked="checked"');
    } else {
        $block_templates->set_var('allow_autotags', '');
    }
    $block_templates->set_var('gltoken_name', CSRF_TOKEN);
    $block_templates->set_var('gltoken', $token);
    $block_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    $block_templates->parse('output', 'editor');
    $retval .= $block_templates->finish($block_templates->get_var('output'));
    return $retval;
}
Example #7
0
/**
* Displays the static page editor form
*
* @param    array   $A  Data to display
* @return   string      HTML for the static page editor
*
*/
function staticpageeditor_form($A, $error = false)
{
    global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $mode, $sp_id, $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG24, $LANG_postmodes, $MESSAGE;
    $template_path = staticpages_templatePath('admin');
    if (!empty($sp_id) && $mode == 'edit') {
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    } else {
        if ($mode != 'clone') {
            $A['sp_inblock'] = $_SP_CONF['in_block'];
        }
        $A['owner_id'] = $_USER['uid'];
        if (isset($_GROUPS['Static Page Admin'])) {
            $A['group_id'] = $_GROUPS['Static Page Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('staticpages.edit');
        }
        SEC_setDefaultPermissions($A, $_SP_CONF['default_permissions']);
        $access = 3;
        if (isset($_CONF['advanced_editor']) && $_CONF['advanced_editor'] == 1 && file_exists($template_path . '/editor_advanced.thtml')) {
            $A['advanced_editor_mode'] = 1;
        }
    }
    $retval = '';
    $sp_template = new Template($template_path);
    if (isset($_CONF['advanced_editor']) && $_CONF['advanced_editor'] == 1 && file_exists($template_path . '/editor_advanced.thtml')) {
        $sp_template->set_file('form', 'editor_advanced.thtml');
        $sp_template->set_var('lang_expandhelp', $LANG24[67]);
        $sp_template->set_var('lang_reducehelp', $LANG24[68]);
        $sp_template->set_var('lang_toolbar', $LANG24[70]);
        $sp_template->set_var('toolbar1', $LANG24[71]);
        $sp_template->set_var('toolbar2', $LANG24[72]);
        $sp_template->set_var('toolbar3', $LANG24[73]);
        $sp_template->set_var('toolbar4', $LANG24[74]);
        $sp_template->set_var('toolbar5', $LANG24[75]);
        $sp_template->set_var('lang_nojavascript', $LANG24[77]);
        $sp_template->set_var('lang_postmode', $LANG24[4]);
        if (isset($A['postmode']) && $A['postmode'] == 'adveditor') {
            $sp_template->set_var('show_adveditor', '');
            $sp_template->set_var('show_htmleditor', 'none');
        } else {
            $sp_template->set_var('show_adveditor', 'none');
            $sp_template->set_var('show_htmleditor', '');
        }
        $post_options = '<option value="html" selected="selected">' . $LANG_postmodes['html'] . '</option>';
        if (isset($A['postmode']) && $A['postmode'] == 'adveditor') {
            $post_options .= '<option value="adveditor" selected="selected">' . $LANG24[86] . '</option>';
        } else {
            $post_options .= '<option value="adveditor">' . $LANG24[86] . '</option>';
        }
        $sp_template->set_var('post_options', $post_options);
        $sp_template->set_var('change_editormode', 'onchange="change_editmode(this);"');
    } else {
        $sp_template->set_file('form', 'editor.thtml');
    }
    $sp_template->set_var('layout_url', $_CONF['layout_url']);
    $sp_template->set_var('lang_mode', $LANG24[3]);
    $sp_template->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $A['commentcode']));
    $sp_template->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $sp_template->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($A['owner_id']);
    $sp_template->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
    $sp_template->set_var('owner_name', $ownername);
    $sp_template->set_var('owner', $ownername);
    $sp_template->set_var('owner_id', $A['owner_id']);
    $sp_template->set_var('lang_group', $LANG_ACCESS['group']);
    $sp_template->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $sp_template->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    $sp_template->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $sp_template->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $sp_template->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
    $sp_template->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $sp_template->set_var('site_url', $_CONF['site_url']);
    $sp_template->set_var('site_admin_url', $_CONF['site_admin_url']);
    $token = SEC_createToken();
    $start_block = COM_startBlock($LANG_STATIC['staticpageeditor'], '', COM_getBlockTemplate('_admin_block', 'header'));
    $start_block .= SEC_getTokenExpiryNotice($token);
    $sp_template->set_var('start_block_editor', $start_block);
    $sp_template->set_var('lang_save', $LANG_ADMIN['save']);
    $sp_template->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $sp_template->set_var('lang_preview', $LANG_ADMIN['preview']);
    if (SEC_hasRights('staticpages.delete') && $mode != 'clone' && !empty($A['sp_old_id'])) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $sp_template->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $sp_template->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    } else {
        $sp_template->set_var('delete_option', '');
    }
    $sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']);
    $sp_template->set_var('username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['sp_uid']}"));
    $authorname = COM_getDisplayName($A['sp_uid']);
    $sp_template->set_var('name', $authorname);
    $sp_template->set_var('author', $authorname);
    $sp_template->set_var('lang_url', $LANG_STATIC['url']);
    $sp_template->set_var('lang_id', $LANG_STATIC['id']);
    $sp_template->set_var('sp_uid', $A['sp_uid']);
    $sp_template->set_var('sp_id', $A['sp_id']);
    $sp_template->set_var('sp_old_id', $A['sp_old_id']);
    $sp_template->set_var('example_url', COM_buildURL($_CONF['site_url'] . '/staticpages/index.php?page=' . $A['sp_id']));
    $sp_template->set_var('lang_centerblock', $LANG_STATIC['centerblock']);
    $sp_template->set_var('lang_centerblock_help', $LANG_ADMIN['help_url']);
    $sp_template->set_var('lang_centerblock_include', $LANG21[51]);
    $sp_template->set_var('lang_centerblock_desc', $LANG21[52]);
    $sp_template->set_var('centerblock_help', $A['sp_help']);
    $sp_template->set_var('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']);
    if (isset($A['sp_centerblock']) && $A['sp_centerblock'] == 1) {
        $sp_template->set_var('centerblock_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('centerblock_checked', '');
    }
    $sp_template->set_var('lang_topic', $LANG_STATIC['topic']);
    $sp_template->set_var('lang_position', $LANG_STATIC['position']);
    $current_topic = '';
    if (isset($A['sp_tid'])) {
        $current_topic = $A['sp_tid'];
    }
    if (empty($current_topic)) {
        $current_topic = 'none';
    }
    $topics = COM_topicList('tid,topic', $current_topic, 1, true);
    $alltopics = '<option value="all"';
    if ($current_topic == 'all') {
        $alltopics .= ' selected="selected"';
    }
    $alltopics .= '>' . $LANG_STATIC['all_topics'] . '</option>' . LB;
    $notopic = '<option value="none"';
    if ($current_topic == 'none') {
        $notopic .= ' selected="selected"';
    }
    $notopic .= '>' . $LANG_STATIC['no_topic'] . '</option>' . LB;
    $sp_template->set_var('topic_selection', '<select name="sp_tid">' . $alltopics . $notopic . $topics . '</select>');
    $position = '<select name="sp_where">';
    $position .= '<option value="1"';
    if ($A['sp_where'] == 1) {
        $position .= ' selected="selected"';
    }
    $position .= '>' . $LANG_STATIC['position_top'] . '</option>';
    $position .= '<option value="2"';
    if ($A['sp_where'] == 2) {
        $position .= ' selected="selected"';
    }
    $position .= '>' . $LANG_STATIC['position_feat'] . '</option>';
    $position .= '<option value="3"';
    if ($A['sp_where'] == 3) {
        $position .= ' selected="selected"';
    }
    $position .= '>' . $LANG_STATIC['position_bottom'] . '</option>';
    $position .= '<option value="0"';
    if ($A['sp_where'] == 0) {
        $position .= ' selected="selected"';
    }
    $position .= '>' . $LANG_STATIC['position_entire'] . '</option>';
    $position .= '</select>';
    $sp_template->set_var('pos_selection', $position);
    if ($_SP_CONF['allow_php'] == 1 && SEC_hasRights('staticpages.PHP')) {
        if (!isset($A['sp_php'])) {
            $A['sp_php'] = 0;
        }
        $selection = '<select name="sp_php">' . LB;
        $selection .= '<option value="0"';
        if ($A['sp_php'] <= 0 || $A['sp_php'] > 2) {
            $selection .= ' selected="selected"';
        }
        $selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB;
        $selection .= '<option value="1"';
        if ($A['sp_php'] == 1) {
            $selection .= ' selected="selected"';
        }
        $selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB;
        $selection .= '<option value="2"';
        if ($A['sp_php'] == 2) {
            $selection .= ' selected="selected"';
        }
        $selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB;
        $selection .= '</select>';
        $sp_template->set_var('php_selector', $selection);
        $sp_template->set_var('php_warn', $LANG_STATIC['php_warn']);
    } else {
        $sp_template->set_var('php_selector', '');
        $sp_template->set_var('php_warn', $LANG_STATIC['php_not_activated']);
    }
    $sp_template->set_var('php_msg', $LANG_STATIC['php_msg']);
    // old variables (for the 1.3-type checkbox)
    $sp_template->set_var('php_checked', '');
    $sp_template->set_var('php_type', 'hidden');
    if (isset($A['sp_nf']) && $A['sp_nf'] == 1) {
        $sp_template->set_var('exit_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('exit_checked', '');
    }
    $sp_template->set_var('exit_msg', $LANG_STATIC['exit_msg']);
    $sp_template->set_var('exit_info', $LANG_STATIC['exit_info']);
    if ($A['sp_inblock'] == 1) {
        $sp_template->set_var('inblock_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('inblock_checked', '');
    }
    $sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']);
    $sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']);
    $curtime = COM_getUserDateTimeFormat($A['unixdate']);
    $sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']);
    $sp_template->set_var('sp_formateddate', $curtime[0]);
    $sp_template->set_var('sp_date', $curtime[1]);
    $sp_template->set_var('lang_title', $LANG_STATIC['title']);
    $title = '';
    if (isset($A['sp_title'])) {
        $title = htmlspecialchars(stripslashes($A['sp_title']));
    }
    $sp_template->set_var('sp_title', $title);
    $sp_template->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
    $sp_template->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
    if (!empty($A['meta_description'])) {
        $sp_template->set_var('meta_description', $A['meta_description']);
    }
    if (!empty($A['meta_keywords'])) {
        $sp_template->set_var('meta_keywords', $A['meta_keywords']);
    }
    $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']);
    if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) {
        $sp_template->set_var('onmenu_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('onmenu_checked', '');
    }
    $sp_template->set_var('lang_label', $LANG_STATIC['label']);
    if (isset($A['sp_label'])) {
        $sp_template->set_var('sp_label', $A['sp_label']);
    } else {
        $sp_template->set_var('sp_label', '');
    }
    $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']);
    $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']);
    $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']);
    $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']);
    $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']);
    if (!isset($A['sp_format'])) {
        $A['sp_format'] = '';
    }
    if ($A['sp_format'] == 'noblocks') {
        $sp_template->set_var('noblock_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('noblock_selected', '');
    }
    if ($A['sp_format'] == 'leftblocks') {
        $sp_template->set_var('leftblocks_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('leftblocks_selected', '');
    }
    if ($A['sp_format'] == 'blankpage') {
        $sp_template->set_var('blankpage_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('blankpage_selected', '');
    }
    if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) {
        $sp_template->set_var('allblocks_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('allblocks_selected', '');
    }
    $sp_template->set_var('lang_content', $LANG_STATIC['content']);
    $content = '';
    if (isset($A['sp_content'])) {
        $content = htmlspecialchars(stripslashes($A['sp_content']));
        $content = str_replace(array('{', '}'), array('&#123;', '&#125;'), $content);
    }
    $sp_template->set_var('sp_content', $content);
    if ($_SP_CONF['filter_html'] == 1) {
        $allowed = COM_allowedHTML('staticpages.edit');
        $sp_template->set_var('lang_allowedhtml', $allowed);
        $sp_template->set_var('lang_allowed_html', $allowed);
    } else {
        $sp_template->set_var('lang_allowedhtml', $LANG_STATIC['all_html_allowed']);
        $allowed = '<span class="warningsmall">' . $LANG_STATIC['all_html_allowed'] . ',</span>' . LB . '<div dir="ltr" class="warningsmall">';
        $autotags = array_keys(PLG_collectTags());
        $allowed .= '[' . implode(':], [', $autotags) . ':]';
        $allowed .= '</div>';
        $sp_template->set_var('lang_allowed_html', $allowed);
    }
    $sp_template->set_var('lang_hits', $LANG_STATIC['hits']);
    if (empty($A['sp_hits'])) {
        $sp_template->set_var('sp_hits', '0');
        $sp_template->set_var('sp_hits_formatted', '0');
    } else {
        $sp_template->set_var('sp_hits', $A['sp_hits']);
        $sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits']));
    }
    $sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    $sp_template->set_var('xhtml', XHTML);
    $sp_template->set_var('gltoken_name', CSRF_TOKEN);
    $sp_template->set_var('gltoken', $token);
    $sp_template->parse('output', 'form');
    $retval .= $sp_template->finish($sp_template->get_var('output'));
    return $retval;
}
Example #8
0
/**
* Shows the block editor
*
* This will show a block edit form.  If this is a glFusion default block it will
* send it off to BLOCK_editDefault().
*
* @param    string  $bid    ID of block to edit
* @param    array   $B      An array of block fields (optional)
* @return   string          HTML for block editor
*
*/
function BLOCK_edit($bid = '', $B = array())
{
    global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG01, $LANG21, $LANG24, $LANG_ACCESS, $LANG_ADMIN, $LANG_postmodes, $MESSAGE, $_IMAGE_TYPE;
    USES_lib_admin();
    $retval = '';
    $A = array();
    if (!empty($bid)) {
        $result = DB_query("SELECT * FROM {$_TABLES['blocks']} WHERE bid ='" . DB_escapeString($bid) . "'");
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access == 2 || $access == 0 || BLOCK_hasTopicAccess($A['tid']) < 3) {
            $retval .= COM_showMessageText($LANG21[45], $LANG_ACCESS['accessdenied'], true);
            COM_accessLog("User {$_USER['username']} tried to illegally create or edit block " . $bid);
            return $retval;
        }
        if ($A['type'] == 'gldefault') {
            $retval .= BLOCK_editDefault($A, $access);
            return $retval;
        }
    } else {
        $A['bid'] = isset($B['bid']) ? $B['bid'] : 0;
        $A['is_enabled'] = isset($B['is_enabled']) ? $B['is_enabled'] : 1;
        $A['name'] = isset($B['name']) ? $B['name'] : '';
        $A['type'] = isset($B['type']) ? $B['type'] : 'normal';
        $A['title'] = isset($B['title']) ? $B['title'] : '';
        $A['tid'] = isset($B['tid']) ? $B['tid'] : 'All';
        $A['blockorder'] = isset($B['blockorder']) ? $B['blockorder'] : 0;
        $A['content'] = isset($B['content']) ? $B['content'] : '';
        $A['allow_autotags'] = isset($B['allow_autotags']) && $B['allow_autotags'] == 1 ? 1 : 0;
        $A['rdfurl'] = isset($B['rdfurl']) ? $B['rdfurl'] : '';
        $A['rdfupdated'] = isset($B['rdfupdated']) ? $B['rdfupdated'] : '';
        $A['rdflimit'] = isset($B['rdflimit']) ? $B['rdflimit'] : 0;
        $A['onleft'] = isset($B['onleft']) ? $B['onleft'] : 0;
        $A['phpblockfn'] = isset($B['phpblockfn']) ? $B['phpblockfn'] : '';
        $A['help'] = isset($B['help']) ? $B['help'] : '';
        $A['owner_id'] = isset($B['owner_id']) ? $B['owner_id'] : $_USER['uid'];
        if (isset($B['group_id'])) {
            $A['group_id'] = $B['group_id'];
        } else {
            if (isset($_GROUPS['Block Admin'])) {
                $A['group_id'] = $_GROUPS['Block Admin'];
            } else {
                $A['group_id'] = SEC_getFeatureGroup('block.edit');
            }
        }
        if (isset($B['perm_owner'])) {
            $A['perm_owner'] = SEC_getPermissionValue($B['perm_owner']);
            $A['perm_group'] = SEC_getPermissionValue($B['perm_group']);
            $A['perm_members'] = SEC_getPermissionValue($B['perm_members']);
            $A['perm_anon'] = SEC_getPermissionValue($B['perm_anon']);
        } else {
            SEC_setDefaultPermissions($A, $_CONF['default_permissions_block']);
        }
        $access = 3;
    }
    $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/block.php', 'text' => $LANG_ADMIN['block_list']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
    $block_templates = new Template($_CONF['path_layout'] . 'admin/block');
    $block_templates->set_file('editor', 'blockeditor.thtml');
    $block_templates->set_var('start_block_editor', COM_startBlock($LANG21[3], '', COM_getBlockTemplate('_admin_block', 'header')));
    if (!empty($bid) && SEC_hasrights('block.delete')) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="delete"%s >';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $block_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $block_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
        $block_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
        $block_templates->set_var('lang_delete_confirm', $MESSAGE[76]);
    }
    $block_templates->set_var('block_bid', $A['bid']);
    // standard Admin strings
    $block_templates->set_var('lang_blocktitle', $LANG_ADMIN['title']);
    $block_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
    $block_templates->set_var('lang_blockhelpurl', $LANG_ADMIN['help_url']);
    $block_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
    $block_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $block_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $block_templates->set_var('lang_blocktype', $LANG_ADMIN['type']);
    $block_templates->set_var('lang_allowed_html', $LANG01[123]);
    $block_templates->set_var('block_title', htmlspecialchars($A['title'], ENT_QUOTES, COM_getEncodingt()));
    $block_templates->set_var('lang_enabled', $LANG21[53]);
    if ($A['is_enabled'] == 1) {
        $block_templates->set_var('is_enabled', 'checked="checked"');
    } else {
        $block_templates->set_var('is_enabled', '');
    }
    $block_templates->set_var('block_help', $A['help']);
    $block_templates->set_var('lang_includehttp', $LANG21[51]);
    $block_templates->set_var('lang_explanation', $LANG21[52]);
    $block_templates->set_var('block_name', $A['name']);
    $block_templates->set_var('lang_blockname', $LANG21[48]);
    $block_templates->set_var('lang_nospaces', $LANG21[49]);
    $block_templates->set_var('lang_all', $LANG21[7]);
    $block_templates->set_var('lang_homeonly', $LANG21[43]);
    $block_templates->set_var('lang_nohomepage', $LANG21[44]);
    if ($A['tid'] == 'all') {
        $block_templates->set_var('all_selected', 'selected="selected"');
    } else {
        if ($A['tid'] == 'homeonly') {
            $block_templates->set_var('homeonly_selected', 'selected="selected"');
        } else {
            if ($A['tid'] == 'allnhp') {
                $block_templates->set_var('nohomepage_selected', 'selected="selected"');
            }
        }
    }
    $block_templates->set_var('topic_options', COM_topicList('tid,topic', $A['tid'], 1, true));
    $block_templates->set_var('lang_side', $LANG21[39]);
    $block_templates->set_var('lang_left', $LANG21[40]);
    $block_templates->set_var('lang_right', $LANG21[41]);
    if ($A['onleft'] == 1) {
        $block_templates->set_var('left_selected', 'selected="selected"');
    } else {
        if ($A['onleft'] == 0) {
            $block_templates->set_var('right_selected', 'selected="selected"');
        }
    }
    $block_templates->set_var('lang_blockorder', $LANG21[9]);
    $block_templates->set_var('block_order', $A['blockorder']);
    $block_templates->set_var('lang_normalblock', $LANG21[12]);
    $block_templates->set_var('lang_phpblock', $LANG21[27]);
    $block_templates->set_var('lang_portalblock', $LANG21[11]);
    if ($A['type'] == 'normal') {
        $block_templates->set_var('normal_selected', 'selected="selected"');
    } else {
        if ($A['type'] == 'phpblock') {
            $block_templates->set_var('php_selected', 'selected="selected"');
        } else {
            if ($A['type'] == 'portal') {
                $block_templates->set_var('portal_selected', 'selected="selected"');
            }
        }
    }
    $block_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $block_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($A['owner_id']);
    $block_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = '{$A['owner_id']}'"));
    $block_templates->set_var('owner_name', $ownername);
    $block_templates->set_var('owner', $ownername);
    $block_templates->set_var('owner_id', $A['owner_id']);
    $block_templates->set_var('lang_group', $LANG_ACCESS['group']);
    $block_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $block_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $block_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $block_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    $block_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $block_templates->set_var('lang_phpblockoptions', $LANG21[28]);
    $block_templates->set_var('lang_blockfunction', $LANG21[29]);
    $block_templates->set_var('block_phpblockfn', $A['phpblockfn']);
    $block_templates->set_var('lang_phpblockwarning', $LANG21[30]);
    $block_templates->set_var('lang_portalblockoptions', $LANG21[13]);
    $block_templates->set_var('lang_rdfurl', $LANG21[14]);
    $block_templates->set_var('max_url_length', 255);
    $block_templates->set_var('block_rdfurl', $A['rdfurl']);
    $block_templates->set_var('lang_rdflimit', $LANG21[62]);
    $block_templates->set_var('block_rdflimit', $A['rdflimit']);
    $block_templates->set_var('lang_lastrdfupdate', $LANG21[15]);
    if ($A['rdfupdated'] == '1000-01-01 00:00:00') {
        $block_templates->set_var('block_rdfupdated', '');
    } else {
        $block_templates->set_var('block_rdfupdated', $A['rdfupdated']);
    }
    $block_templates->set_var('lang_normalblockoptions', $LANG21[16]);
    $block_templates->set_var('lang_blockcontent', $LANG21[17]);
    $block_templates->set_var('lang_autotags', $LANG21[66]);
    $block_templates->set_var('lang_use_autotags', $LANG21[67]);
    $block_templates->set_var('block_content', htmlspecialchars($A['content'], ENT_QUOTES, COM_getEncodingt()));
    $block_templates->set_var('block_text', htmlspecialchars($A['content'], ENT_QUOTES, COM_getEncodingt()));
    $block_templates->set_var('block_html', htmlspecialchars($A['content'], ENT_QUOTES, COM_getEncodingt()));
    if ($A['allow_autotags'] == 1) {
        $block_templates->set_var('allow_autotags', 'checked="checked"');
    } else {
        $block_templates->set_var('allow_autotags', '');
    }
    $block_templates->set_var('gltoken_name', CSRF_TOKEN);
    $block_templates->set_var('gltoken', SEC_createToken());
    $block_templates->set_var('admin_menu', ADMIN_createMenu($menu_arr, $LANG21[71], $_CONF['layout_url'] . '/images/icons/block.' . $_IMAGE_TYPE));
    $block_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    PLG_templateSetVars('blockeditor', $block_templates);
    $block_templates->parse('output', 'editor');
    $retval .= $block_templates->finish($block_templates->get_var('output'));
    return $retval;
}
Example #9
0
function CMED_editMenuitem($mid, $mode = 'edit', $A = array())
{
    global $_CONF, $_GROUPS, $_TABLES, $_USER, $_PLUGINS, $_CMED_CONF, $LANG_CMED_EDITOR, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE;
    $retval = '';
    if ($mode == 'edit' || $mode == 'clone') {
        if (empty($A)) {
            $result = DB_query("SELECT * FROM {$_TABLES['menuitems']} WHERE mid ='{$mid}'");
            $A = DB_fetchArray($result);
        }
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access < 3 || CMED_hasMenuitemTopicAccess($A['tid']) < 3) {
            $retval .= COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG_CMED_EDITOR['message_access1'] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
            COM_accessLog("User {$_USER['username']} tried to illegally create or edit menuitem {$mid}.");
            return $retval;
        }
        $selpmid = CMED_makeSelBox($A['pmid']);
    }
    if ($mode == 'clone') {
        preg_match('/(.*)_clone_(.+)/', $A['mid'], $match);
        $label = empty($match[1]) ? $A['mid'] : $match[1];
        $A['mid'] = CMED_createMenuitemID($label . '_clone_');
        $A['type'] = 'custom';
        $access = 3;
    }
    if ($mode == 'create') {
        $A['mid'] = CMED_createMenuitemID();
        $A['pmid'] = '';
        $A['is_enabled'] = 1;
        $A['type'] = 'custom';
        $A['mode'] = 'fixation';
        $A['label'] = '';
        $A['label_var'] = '';
        $A['php_function'] = '';
        $A['tid'] = 'all';
        $A['url'] = '';
        $A['icon_url'] = '';
        $A['menuorder'] = 0;
        $A['pattern'] = '';
        $A['is_preg'] = 0;
        $A['class_name'] = '';
        $selpmid = CMED_makeSelBox();
        $A['owner_id'] = $_USER['uid'];
        if (isset($_GROUPS['CustomMenu Admin'])) {
            $A['group_id'] = $_GROUPS['CustomMenu Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('custommenu.admin');
        }
        SEC_setDefaultPermissions($A, $_CMED_CONF['default_permissions']);
        $access = 3;
    }
    $T = COM_newTemplate($_CMED_CONF['path_layout']);
    $T->set_file('editor', 'menueditor.thtml');
    $T->set_var('icon_url', plugin_geticon_custommenu());
    $retval .= COM_startBlock($LANG_CMED_EDITOR['custommenueditor'], '', COM_getBlockTemplate('_admin_block', 'header'));
    $v = $mode == 'create' || $mode == 'clone' || $A['type'] == 'gldefault' || $A['type'] == 'plugin' && in_array($A['mid'], $_PLUGINS) ? UC_DISABLED : '';
    $T->set_var('delete_disabled', $v);
    foreach ($LANG_CMED_EDITOR as $key => $val) {
        $T->set_var('lang_' . $key, $val);
    }
    $v = ($mode == 'create' or $mode == 'clone') ? 'save' : 'update';
    $T->set_var('lang_save', $LANG_CMED_EDITOR[$v]);
    $T->set_var('val_title_fixation', stripslashes($A['label']));
    $T->set_var('val_title_variable', stripslashes($A['label_var']));
    $T->set_var('val_php_function', stripslashes($A['php_function']));
    $T->set_var('val_is_enabled', $A['is_enabled'] == 1 ? UC_CHECKED : '');
    $T->set_var('val_menuitemurl', $A['url']);
    $T->set_var('val_icon_url', $A['icon_url']);
    $T->set_var('val_mid', $A['mid']);
    $T->set_var('val_pmid', $A['pmid']);
    $T->set_var('selpmid', $selpmid);
    $T->set_var('val_old_mid', $A['mid']);
    $T->set_var('val_menuorder', $A['menuorder']);
    $T->set_var('val_type', $A['type']);
    $T->set_var('val_pattern', stripslashes($A['pattern']));
    $T->set_var('val_is_preg', $A['is_preg'] == 1 ? UC_CHECKED : '');
    $T->set_var('val_class_name', stripslashes($A['class_name']));
    $v = $A['type'] == 'gldefault' || $A['type'] == 'plugin' ? UC_READONLY : '';
    $T->set_var('mid_readonly', $v);
    $T->set_var($A['tid'] . '_selected', UC_SELECTED);
    $T->set_var('topic_options', COM_topicList('tid,topic', $A['tid'], 1, true));
    $T->set_var('lang_type', $LANG_CMED_EDITOR['type_' . $A['type']]);
    $T->set_var($A['type'] . '_selected', UC_SELECTED);
    $T->set_var('val_mode_' . $A['mode'], UC_SELECTED);
    // user access info
    $T->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $T->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($A['owner_id']);
    $T->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
    $T->set_var('owner_name', $ownername);
    $T->set_var('owner', $ownername);
    $T->set_var('owner_id', $A['owner_id']);
    $T->set_var('lang_group', $LANG_ACCESS['group']);
    $T->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $T->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $T->set_var('lang_permissionskey', $LANG_ACCESS['permissionskey']);
    $T->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    $T->set_var('lang_lockmsg', $LANG_ACCESS['permmsg']);
    if (!defined(CSRF_TOKEN)) {
        define('CSRF_TOKEN', 'token');
    }
    $T->set_var('gltoken_name', CSRF_TOKEN);
    $T->set_var('gltoken', SEC_createToken());
    $T->parse('output', 'editor');
    $retval .= $T->finish($T->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Example #10
0
/**
* Shows the story submission form
*
*/
function submitstory($topic = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG12, $LANG24, $REMOTE_ADDR;
    $retval = '';
    $story = new Story();
    if (isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
        // preview
        $story->loadSubmission();
        $retval .= COM_startBlock($LANG12[32]) . STORY_renderArticle($story, 'p') . COM_endBlock();
        $retval .= '<div style="border-bottom:1px solid #cccccc"></div>';
    } else {
        $story->initSubmission($topic);
        $story->loadSubmission();
    }
    if ($_CONF['story_submit_by_perm_only']) {
        $topicList = COM_topicList('tid,topic', $story->EditElements('tid'), 1, false, 3);
    } else {
        $topicList = COM_topicList('tid,topic', $story->EditElements('tid'));
    }
    // no topics
    if ($topicList == '') {
        $retval = COM_showMessageText($LANG24[66], '', 1, 'error');
        return $retval;
    }
    $retval .= COM_startBlock($LANG12[6]);
    $storyform = new Template($_CONF['path_layout'] . 'submit');
    $storyform->set_file('storyform', 'submitstory.thtml');
    if ($story->EditElements('postmode') == 'html') {
        $storyform->set_var('show_htmleditor', true);
    } else {
        $storyform->unset_var('show_htmleditor');
    }
    $storyform->set_var('site_admin_url', $_CONF['site_admin_url']);
    $storyform->set_var('lang_username', $LANG12[27]);
    if (!COM_isAnonUser()) {
        $storyform->set_var('story_username', $_USER['username']);
        $storyform->set_var('author', COM_getDisplayName());
        $storyform->set_var('status_url', $_CONF['site_url'] . '/users.php?mode=logout');
        $storyform->set_var('lang_loginout', $LANG12[34]);
    } else {
        $storyform->set_var('status_url', $_CONF['site_url'] . '/users.php');
        $storyform->set_var('lang_loginout', $LANG12[2]);
        if (!$_CONF['disable_new_user_registration']) {
            $storyform->set_var('separator', ' | ');
            $storyform->set_var('seperator', ' | ');
            $storyform->set_var('create_account', COM_createLink($LANG12[53], $_CONF['site_url'] . '/users.php?mode=new', array('rel' => "nofollow")));
        }
    }
    $storyform->set_var('lang_title', $LANG12[10]);
    $storyform->set_var('story_title', $story->EditElements('title'));
    $storyform->set_var('lang_topic', $LANG12[28]);
    $storyform->set_var('story_topic_options', $topicList);
    /*
        if ( $_CONF['story_submit_by_perm_only'] ) {
            $storyform->set_var('story_topic_options', COM_topicList('tid,topic',$story->EditElements('tid'),1,false,3));
        } else {
            $storyform->set_var('story_topic_options', COM_topicList('tid,topic',$story->EditElements('tid')));
        }
    */
    $storyform->set_var('lang_story', $LANG12[29]);
    $storyform->set_var('lang_introtext', $LANG12[54]);
    $storyform->set_var('lang_bodytext', $LANG12[55]);
    $storyform->set_var('story_introtext', $story->EditElements('introtext'));
    $storyform->set_var('story_bodytext', $story->EditElements('bodytext'));
    $storyform->set_var('lang_postmode', $LANG12[36]);
    $storyform->set_var('story_postmode_options', COM_optionList($_TABLES['postmodes'], 'code,name', $story->EditElements('postmode')));
    $storyform->set_var('postmode', $story->EditElements('postmode'));
    $storyform->set_var('allowed_html', COM_allowedHTML(SEC_getUserPermissions(), false, 'glfusion', 'story') . '<br/>' . COM_allowedAutotags(SEC_getUserPermissions(), false, 'glfusion', 'story'));
    $storyform->set_var('story_uid', $story->EditElements('uid'));
    $storyform->set_var('story_sid', $story->EditElements('sid'));
    $storyform->set_var('story_date', $story->EditElements('unixdate'));
    PLG_templateSetVars('story', $storyform);
    if ($_CONF['skip_preview'] == 1 || isset($_POST['mode']) && $_POST['mode'] == $LANG12[32]) {
        $storyform->set_var('save_button', '<input name="mode" type="submit" value="' . $LANG12[8] . '"' . XHTML . '>');
    }
    $storyform->set_var('lang_preview', $LANG12[32]);
    $storyform->parse('theform', 'storyform');
    $retval .= $storyform->finish($storyform->get_var('theform'));
    $retval .= COM_endBlock();
    $urlfor = 'advancededitor';
    if (COM_isAnonUser()) {
        $urlfor = 'advancededitor' . md5($REMOTE_ADDR);
    }
    $rc = @setcookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral($urlfor), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']);
    return $retval;
}
Example #11
0
/**
* Shows story editor
*
* Displays the story entry form
*
* @param    string      $sid            ID of story to edit
* @param    string      $action         'preview', 'edit', 'moderate', 'draft'
* @param    string      $errormsg       a message to display on top of the page
* @param    string      $currenttopic   topic selection for drop-down menu
* @return   string      HTML for story editor
*
*/
function STORY_edit($sid = '', $action = '', $errormsg = '', $currenttopic = '')
{
    global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG24, $LANG33, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_IMAGE_TYPE;
    USES_lib_admin();
    $display = '';
    switch ($action) {
        case 'clone':
        case 'edit':
        case 'preview':
        case 'error':
            $title = $LANG24[5];
            $saveoption = $LANG_ADMIN['save'];
            $submission = false;
            break;
        case 'moderate':
            $title = $LANG24[90];
            $saveoption = $LANG_ADMIN['moderate'];
            $submission = true;
            break;
        case 'draft':
            $title = $LANG24[91];
            $saveoption = $LANG_ADMIN['save'];
            $submission = true;
            $action = 'edit';
            break;
        default:
            $title = $LANG24[5];
            $saveoption = $LANG_ADMIN['save'];
            $submission = false;
            $action = 'edit';
            break;
    }
    // Load HTML templates
    $story_templates = new Template($_CONF['path_layout'] . 'admin/story');
    $story_templates->set_file(array('editor' => 'storyeditor.thtml'));
    if (!isset($_CONF['hour_mode'])) {
        $_CONF['hour_mode'] = 12;
    }
    if (!empty($errormsg)) {
        $display .= COM_showMessageText($errormsg, $LANG24[25], true);
    }
    if (!empty($currenttopic)) {
        $allowed = DB_getItem($_TABLES['topics'], 'tid', "tid = '" . DB_escapeString($currenttopic) . "'" . COM_getTopicSql('AND'));
        if ($allowed != $currenttopic) {
            $currenttopic = '';
        }
    }
    $story = new Story();
    if ($action == 'preview' || $action == 'error') {
        while (list($key, $value) = each($_POST)) {
            if (!is_array($value)) {
                $_POST[$key] = $value;
            } else {
                while (list($subkey, $subvalue) = each($value)) {
                    $value[$subkey] = $subvalue;
                }
            }
        }
        $result = $story->loadFromArgsArray($_POST);
    } else {
        $result = $story->loadFromDatabase($sid, $action);
    }
    if ($result == STORY_PERMISSION_DENIED || $result == STORY_NO_ACCESS_PARAMS) {
        $display .= COM_showMessageText($LANG24[42], $LANG_ACCESS['accessdenied'], true);
        COM_accessLog("User {$_USER['username']} tried to access story {$sid}. - STORY_PERMISSION_DENIED or STORY_NO_ACCESS_PARAMS - " . $result);
        return $display;
    } elseif ($result == STORY_EDIT_DENIED || $result == STORY_EXISTING_NO_EDIT_PERMISSION) {
        $display .= COM_showMessageText($LANG24[41], $LANG_ACCESS['accessdenied'], true);
        $display .= STORY_renderArticle($story, 'p');
        COM_accessLog("User {$_USER['username']} tried to illegally edit story {$sid}. - STORY_EDIT_DENIED or STORY_EXISTING_NO_EDIT_PERMISSION");
        return $display;
    } elseif ($result == STORY_INVALID_SID) {
        if ($action == 'moderate') {
            // that submission doesn't seem to be there any more (may have been
            // handled by another Admin) - take us back to the moderation page
            echo COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
        } else {
            echo COM_refresh($_CONF['site_admin_url'] . '/story.php');
        }
    } elseif ($result == STORY_DUPLICATE_SID) {
        $story_templates->set_var('error_message', $LANG24[24]);
    } elseif ($result == STORY_EMPTY_REQUIRED_FIELDS) {
        $story_templates->set_var('error_message', $LANG24[31]);
    }
    if (empty($currenttopic) && $story->EditElements('tid') == '') {
        $story->setTid(DB_getItem($_TABLES['topics'], 'tid', 'is_default = 1' . COM_getPermSQL('AND')));
    } else {
        if ($story->EditElements('tid') == '') {
            $story->setTid($currenttopic);
        }
    }
    if (SEC_hasRights('story.edit')) {
        $allowedTopicList = COM_topicList('tid,topic', $story->EditElements('tid'), 1, true, 0);
        $allowedAltTopicList = '<option value="">' . $LANG33[44] . '</option>' . COM_topicList('tid,topic', $story->EditElements('alternate_tid'), 1, true, 0);
    } else {
        $allowedTopicList = COM_topicList('tid,topic', $story->EditElements('tid'), 1, true, 3);
        $allowedAltTopicList = '<option value="">' . $LANG33[44] . '</option>' . COM_topicList('tid,topic', $story->EditElements('alternate_tid'), 1, true, 3);
    }
    if ($allowedTopicList == '') {
        $display .= COM_showMessageText($LANG24[42], $LANG_ACCESS['accessdenied'], true);
        COM_accessLog("User {$_USER['username']} tried to illegally access story {$sid}. No allowed topics.");
        return $display;
    }
    $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/story.php', 'text' => $LANG_ADMIN['story_list']), array('url' => $_CONF['site_admin_url'] . '/moderation.php', 'text' => $LANG_ADMIN['submissions']));
    if (SEC_inGroup('Root')) {
        $menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/story.php?global=x', 'text' => 'Global Settings');
    }
    $menu_arr[] = array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']);
    require_once $_CONF['path_system'] . 'classes/navbar.class.php';
    $story_templates->set_var('hour_mode', $_CONF['hour_mode']);
    if ($story->hasContent()) {
        $previewContent = STORY_renderArticle($story, 'p');
        if ($previewContent != '') {
            $story_templates->set_var('preview_content', $previewContent);
        }
    }
    $navbar = new navbar();
    if (!empty($previewContent)) {
        $navbar->add_menuitem($LANG24[79], 'showhideEditorDiv("preview",0);return false;', true);
        $navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",1);return false;', true);
        $navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",2);return false;', true);
        $navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",3);return false;', true);
        $navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",4);return false;', true);
        $navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",5);return false;', true);
        $navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",6);return false;', true);
    } else {
        $navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",0);return false;', true);
        $navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",1);return false;', true);
        $navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",2);return false;', true);
        $navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",3);return false;', true);
        $navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",4);return false;', true);
        $navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",5);return false;', true);
    }
    if ($action == 'preview') {
        $story_templates->set_var('show_preview', '');
        $story_templates->set_var('show_htmleditor', 'none');
        $story_templates->set_var('show_texteditor', 'none');
        $story_templates->set_var('show_submitoptions', 'none');
        $navbar->set_selected($LANG24[79]);
    } else {
        $navbar->set_selected($LANG24[80]);
        $story_templates->set_var('show_preview', 'none');
    }
    $story_templates->set_var('navbar', $navbar->generate());
    $story_templates->set_var('start_block', COM_startBlock($title, '', COM_getBlockTemplate('_admin_block', 'header')));
    // start generating the story editor block
    $story_templates->set_var('block_start', COM_startBlock($title, '', COM_getBlockTemplate('_admin_block', 'header')));
    $oldsid = $story->EditElements('originalSid');
    if (!empty($oldsid)) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="deletestory"%s/>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $story_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $story_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
        $story_templates->set_var('lang_delete_confirm', $MESSAGE[76]);
    }
    if ($submission || $story->type == 'submission') {
        $story_templates->set_var('submission_option', '<input type="hidden" name="type" value="submission"/>');
    }
    $story_templates->set_var('admin_menu', ADMIN_createMenu($menu_arr, $LANG24[92], $_CONF['layout_url'] . '/images/icons/story.' . $_IMAGE_TYPE));
    $story_templates->set_var('lang_author', $LANG24[7]);
    $storyauthor = COM_getDisplayName($story->EditElements('uid'));
    $storyauthor_select = COM_optionList($_TABLES['users'], 'uid,username', $story->EditElements('uid'));
    $story_templates->set_var('story_author', $storyauthor);
    $story_templates->set_var('story_author_select', $storyauthor_select);
    $story_templates->set_var('author', $storyauthor);
    $story_templates->set_var('story_uid', $story->EditElements('uid'));
    // user access info
    $story_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $story_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($story->EditElements('owner_id'));
    $story_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', 'uid = ' . (int) $story->EditElements('owner_id')));
    $story_templates->set_var('owner_name', $ownername);
    $story_templates->set_var('owner', $ownername);
    $story_templates->set_var('owner_id', $story->EditElements('owner_id'));
    if (SEC_hasRights('story.edit')) {
        $story_templates->set_var('owner_dropdown', COM_buildOwnerList('owner_id', $story->EditElements('owner_id')));
    } else {
        $ownerInfo = '<input type="hidden" name="owner_id" value="' . $story->editElements('owner_id') . '" />' . $ownername;
        $story_templates->set_var('owner_dropdown', $ownerInfo);
    }
    $story_templates->set_var('lang_group', $LANG_ACCESS['group']);
    if (SEC_inGroup($story->EditElements('group_id'))) {
        $story_templates->set_var('group_dropdown', SEC_getGroupDropdown($story->EditElements('group_id'), 3));
    } else {
        $gdrpdown = '<input type="hidden" name="group_id" value="' . $story->EditElements('group_id') . '"/>';
        $grpddown .= DB_getItem($_TABLES['groups'], 'grp_name', 'grp_id=' . (int) $story->EditElements('group_id'));
        $story_templates->set_var('group_dropdown', $grpddown);
    }
    $story_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $story_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $story_templates->set_var('permissions_editor', SEC_getPermissionsHTML($story->EditElements('perm_owner'), $story->EditElements('perm_group'), $story->EditElements('perm_members'), $story->EditElements('perm_anon')));
    $story_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
    $curtime = COM_getUserDateTimeFormat($story->EditElements('date'));
    $story_templates->set_var('lang_date', $LANG24[15]);
    $story_templates->set_var('publish_second', $story->EditElements('publish_second'));
    $publish_ampm = '';
    $publish_hour = $story->EditElements('publish_hour');
    if ($publish_hour >= 12) {
        if ($publish_hour > 12) {
            $publish_hour = $publish_hour - 12;
        }
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    }
    $ampm_select = COM_getAmPmFormSelection('publish_ampm', $ampm);
    $story_templates->set_var('publishampm_selection', $ampm_select);
    $month_options = COM_getMonthFormOptions($story->EditElements('publish_month'));
    $story_templates->set_var('publish_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('publish_day'));
    $story_templates->set_var('publish_day_options', $day_options);
    $year_options = COM_getYearFormOptions($story->EditElements('publish_year'));
    $story_templates->set_var('publish_year_options', $year_options);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('publish_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($publish_hour);
    }
    $story_templates->set_var('publish_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('publish_minute'));
    $story_templates->set_var('publish_minute_options', $minute_options);
    $story_templates->set_var('publish_date_explanation', $LANG24[46]);
    $story_templates->set_var('story_unixstamp', $story->EditElements('unixdate'));
    $story_templates->set_var('expire_second', $story->EditElements('expire_second'));
    $expire_ampm = '';
    $expire_hour = $story->EditElements('expire_hour');
    if ($expire_hour >= 12) {
        if ($expire_hour > 12) {
            $expire_hour = $expire_hour - 12;
        }
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    }
    $ampm_select = COM_getAmPmFormSelection('expire_ampm', $ampm);
    if (empty($ampm_select)) {
        // have a hidden field to 24 hour mode to prevent JavaScript errors
        $ampm_select = '<input type="hidden" name="expire_ampm" value=""/>';
    }
    $story_templates->set_var('expireampm_selection', $ampm_select);
    $month_options = COM_getMonthFormOptions($story->EditElements('expire_month'));
    $story_templates->set_var('expire_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('expire_day'));
    $story_templates->set_var('expire_day_options', $day_options);
    $year_options = COM_getYearFormOptions($story->EditElements('expire_year'));
    $story_templates->set_var('expire_year_options', $year_options);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('expire_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($expire_hour);
    }
    $story_templates->set_var('expire_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('expire_minute'));
    $story_templates->set_var('expire_minute_options', $minute_options);
    $story_templates->set_var('expire_date_explanation', $LANG24[46]);
    $story_templates->set_var('story_unixstamp', $story->EditElements('expirestamp'));
    if ($story->EditElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE) {
        $story_templates->set_var('is_checked2', 'checked="checked"');
        $story_templates->set_var('is_checked3', 'checked="checked"');
        $story_templates->set_var('showarchivedisabled', 'false');
    } elseif ($story->EditElements('statuscode') == STORY_DELETE_ON_EXPIRE) {
        $story_templates->set_var('is_checked2', 'checked="checked"');
        $story_templates->set_var('is_checked4', 'checked="checked"');
        $story_templates->set_var('showarchivedisabled', 'false');
    } else {
        $story_templates->set_var('showarchivedisabled', 'true');
    }
    $story_templates->set_var('lang_archivetitle', $LANG24[58]);
    $story_templates->set_var('lang_option', $LANG24[59]);
    $story_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
    $story_templates->set_var('lang_story_stats', $LANG24[87]);
    $story_templates->set_var('lang_optionarchive', $LANG24[61]);
    $story_templates->set_var('lang_optiondelete', $LANG24[62]);
    $story_templates->set_var('lang_title', $LANG_ADMIN['title']);
    $story_templates->set_var('story_title', $story->EditElements('title'));
    $story_templates->set_var('story_subtitle', $story->EditElements('subtitle'));
    $story_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
    $story_templates->set_var('lang_alt_topic', $LANG_ADMIN['alt_topic']);
    $story_templates->set_var('topic_options', $allowedTopicList);
    $story_templates->set_var('alt_topic_options', $allowedAltTopicList);
    $story_templates->set_var('lang_show_topic_icon', $LANG24[56]);
    if ($story->EditElements('show_topic_icon') == 1) {
        $story_templates->set_var('show_topic_icon_checked', 'checked="checked"');
    } else {
        $story_templates->set_var('show_topic_icon_checked', '');
    }
    $story_templates->set_var('story_image_url', $story->EditElements('story_image'));
    $story_templates->set_var('lang_draft', $LANG24[34]);
    if ($story->EditElements('draft_flag')) {
        $story_templates->set_var('is_checked', 'checked="checked"');
        $story_templates->set_var('unpublished_selected', 'selected="selected"');
    } else {
        $story_templates->set_var('published_selected', 'selected="selected"');
    }
    $story_templates->set_var('lang_mode', $LANG24[3]);
    $story_templates->set_var('status_options', COM_optionList($_TABLES['statuscodes'], 'code,name', $story->EditElements('statuscode')));
    $story_templates->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $story->EditElements('commentcode')));
    $story_templates->set_var('trackback_options', COM_optionList($_TABLES['trackbackcodes'], 'code,name', $story->EditElements('trackbackcode')));
    // comment expire
    $story_templates->set_var('lang_cmt_disable', $LANG24[63]);
    if ($story->EditElements('cmt_close')) {
        $story_templates->set_var('is_checked5', 'checked="checked"');
        //check box if enabled
        $story_templates->set_var('showcmtclosedisabled', 'false');
    } else {
        $story_templates->set_var('showcmtclosedisabled', 'true');
    }
    $month_options = COM_getMonthFormOptions($story->EditElements('cmt_close_month'));
    $story_templates->set_var('cmt_close_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('cmt_close_day'));
    $story_templates->set_var('cmt_close_day_options', $day_options);
    $year_options = COM_getYearFormOptions($story->EditElements('cmt_close_year'));
    $story_templates->set_var('cmt_close_year_options', $year_options);
    $cmt_close_ampm = '';
    $cmt_close_hour = $story->EditElements('cmt_close_hour');
    //correct hour
    if ($cmt_close_hour >= 12) {
        if ($cmt_close_hour > 12) {
            $cmt_close_hour = $cmt_close_hour - 12;
        }
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    }
    $ampm_select = COM_getAmPmFormSelection('cmt_close_ampm', $ampm);
    if (empty($ampm_select)) {
        // have a hidden field to 24 hour mode to prevent JavaScript errors
        $ampm_select = '<input type="hidden" name="cmt_close_ampm" value="" />';
    }
    $story_templates->set_var('cmt_close_ampm_selection', $ampm_select);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('cmt_close_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($cmt_close_hour);
    }
    $story_templates->set_var('cmt_close_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('cmt_close_minute'));
    $story_templates->set_var('cmt_close_minute_options', $minute_options);
    $story_templates->set_var('cmt_close_second', $story->EditElements('cmt_close_second'));
    if ($_CONF['onlyrootfeatures'] == 1 && SEC_inGroup('Root') or $_CONF['onlyrootfeatures'] !== 1) {
        $featured_options = "<select name=\"featured\">" . LB . COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured')) . "</select>" . LB;
        $featured_options_data = COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured'));
        $story_templates->set_var('featured_options_data', $featured_options_data);
    } else {
        $featured_options = "<input type=\"hidden\" name=\"featured\" value=\"0\"/>";
        $story_templates->unset_var('featured_options_data');
    }
    $story_templates->set_var('featured_options', $featured_options);
    $story_templates->set_var('frontpage_options', COM_optionList($_TABLES['frontpagecodes'], 'code,name', $story->EditElements('frontpage')));
    $story_templates->set_var('story_introtext', $story->EditElements('introtext'));
    $story_templates->set_var('story_bodytext', $story->EditElements('bodytext'));
    $story_templates->set_var('lang_introtext', $LANG24[16]);
    $story_templates->set_var('lang_bodytext', $LANG24[17]);
    $story_templates->set_var('lang_postmode', $LANG24[4]);
    $story_templates->set_var('lang_publishoptions', $LANG24[76]);
    $story_templates->set_var('lang_publishdate', $LANG24[69]);
    $story_templates->set_var('lang_nojavascript', $LANG24[77]);
    $story_templates->set_var('postmode', $story->EditElements('postmode'));
    if ($story->EditElements('postmode') == 'plaintext' || $story->EditElements('postmode') == 'text') {
        $allowedHTML = '';
    } else {
        $allowedHTML = COM_allowedHTML(SEC_getUserPermissions(), false, 'glfusion', 'story') . '<br/>';
    }
    $allowedHTML .= COM_allowedAutotags(SEC_getUserPermissions(), false, 'glfusion', 'story');
    $story_templates->set_var('lang_allowed_html', $allowedHTML);
    $fileinputs = '';
    $saved_images = '';
    if ($_CONF['maximagesperarticle'] > 0) {
        $story_templates->set_var('lang_images', $LANG24[47]);
        $icount = DB_count($_TABLES['article_images'], 'ai_sid', DB_escapeString($story->getSid()));
        if ($icount > 0) {
            $result_articles = DB_query("SELECT * FROM {$_TABLES['article_images']} WHERE ai_sid = '" . DB_escapeString($story->getSid()) . "'");
            for ($z = 1; $z <= $icount; $z++) {
                $I = DB_fetchArray($result_articles);
                $saved_images .= $z . ') ' . COM_createLink($I['ai_filename'], $_CONF['site_url'] . '/images/articles/' . $I['ai_filename']) . '&nbsp;&nbsp;&nbsp;' . $LANG_ADMIN['delete'] . ': <input type="checkbox" name="delete[' . $I['ai_img_num'] . ']" /><br />';
            }
        }
        $newallowed = $_CONF['maximagesperarticle'] - $icount;
        for ($z = $icount + 1; $z <= $_CONF['maximagesperarticle']; $z++) {
            $fileinputs .= $z . ') <input type="file" dir="ltr" name="file[]' . '" />';
            if ($z < $_CONF['maximagesperarticle']) {
                $fileinputs .= '<br />';
            }
        }
        $fileinputs .= '<br />' . $LANG24[51];
        if ($_CONF['allow_user_scaling'] == 1) {
            $fileinputs .= $LANG24[27];
        }
        $fileinputs .= $LANG24[28] . '<br />';
    }
    $story_templates->set_var('saved_images', $saved_images);
    $story_templates->set_var('image_form_elements', $fileinputs);
    $story_templates->set_var('lang_hits', $LANG24[18]);
    $story_templates->set_var('story_hits', $story->EditElements('hits'));
    $story_templates->set_var('lang_comments', $LANG24[19]);
    $story_templates->set_var('story_comments', $story->EditElements('comments'));
    $story_templates->set_var('lang_trackbacks', $LANG24[29]);
    $story_templates->set_var('story_trackbacks', $story->EditElements('trackbacks'));
    $story_templates->set_var('lang_emails', $LANG24[39]);
    $story_templates->set_var('story_emails', $story->EditElements('numemails'));
    if ($_CONF['rating_enabled']) {
        $rating = @number_format($story->EditElements('rating'), 2);
        $votes = $story->EditElements('votes');
        $story_templates->set_var('rating', $rating);
        $story_templates->set_var('votes', $votes);
    }
    $story_templates->set_var('attribution_url', $story->EditElements('attribution_url'));
    $story_templates->set_var('attribution_name', $story->EditElements('attribution_name'));
    $story_templates->set_var('attribution_author', $story->EditElements('attribution_author'));
    $story_templates->set_var('lang_attribution_url', $LANG24[105]);
    $story_templates->set_var('lang_attribution_name', $LANG24[106]);
    $story_templates->set_var('lang_attribution_author', $LANG24[107]);
    $story_templates->set_var('lang_attribution', $LANG24[108]);
    $sec_token_name = CSRF_TOKEN;
    $sec_token = SEC_createToken();
    $story_templates->set_var('story_id', $story->getSid());
    $story_templates->set_var('old_story_id', $story->EditElements('originalSid'));
    $story_templates->set_var('lang_sid', $LANG24[12]);
    $story_templates->set_var('lang_save', $saveoption);
    $story_templates->set_var('lang_preview', $LANG_ADMIN['preview']);
    $story_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $story_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
    $story_templates->set_var('lang_timeout', $LANG_ADMIN['timeout_msg']);
    $story_templates->set_var('gltoken_name', CSRF_TOKEN);
    $story_templates->set_var('gltoken', $sec_token);
    $story_templates->set_var('security_token', $sec_token);
    $story_templates->set_var('security_token_name', $sec_token_name);
    $story_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    PLG_templateSetVars('storyeditor', $story_templates);
    if ($story->EditElements('postmode') != 'html') {
        $story_templates->unset_var('wysiwyg');
    }
    SEC_setCookie($_CONF['cookie_name'] . 'adveditor', SEC_createTokenGeneral('advancededitor'), time() + 1200, $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure'], false);
    $story_templates->parse('output', 'editor');
    $display .= $story_templates->finish($story_templates->get_var('output'));
    return $display;
}
Example #12
0
/**
* Display a topic selection drop-down menu
*
* @param    string  $topic          current topic
* @param    int     $year           current year
* @param    int     $month          current month
* @param    boolean $standalone     true: don't display form inline
*
*/
function DIR_topicList($topic = 'all', $year = 0, $month = 0, $standalone = false)
{
    global $_CONF, $LANG21;
    $retval = '';
    $url = $_CONF['site_url'] . '/' . THIS_SCRIPT;
    $retval .= '<form action="' . $url . '" method="post"';
    if (!$standalone) {
        $retval .= ' style="display:inline; float:right"' . LB;
    }
    $retval .= '><div>' . LB;
    $retval .= '<select name="topic" onchange="this.form.submit()">' . LB;
    $retval .= '<option value="all"';
    if ($topic == 'all') {
        $retval .= ' selected="selected"';
    }
    $retval .= '>' . $LANG21[7] . '</option>' . LB;
    $retval .= COM_topicList('tid,topic', $topic);
    $retval .= '</select>' . LB;
    $retval .= '<input type="hidden" name="year" value="' . $year . '"' . XHTML . '>';
    $retval .= '<input type="hidden" name="month" value="' . $month . '"' . XHTML . '>';
    $retval .= '</div></form>' . LB;
    return $retval;
}
Example #13
0
/**
* edits or creates an album
*
* @param    int     album_id    album_id to edit
* @param    string  mode        create or edit
* @param    string  actionURL   where to redirection on finish
* @param    int     oldaid      original album id
* @return   string              HTML
*
*/
function MG_editAlbum($mode = '', $actionURL = '', $oldaid = 0)
{
    global $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03, $LANG_ACCESS;
    if ($actionURL == '') {
        $actionURL = $_CONF['site_admin_url'] . '/plugins/mediagallery/index.php';
    }
    if ($oldaid > 0 && $mode == 'edit') {
        $album = new mgAlbum($oldaid);
        $album_id = $album->id;
    } else {
        // create
        $album = new mgAlbum();
        $album->id = -1;
        $album_id = -1;
    }
    $retval = '';
    $T = COM_newTemplate(MG_getTemplatePath($album_id));
    $T->set_file('admin', 'editalbum.thtml');
    if ($album_id != 0 && $mode == 'edit') {
        // If edit, pull up the existing album information...
        if ($album->access != 3) {
            COM_errorLog("MediaGallery: Someone has tried to illegally edit a Media Gallery Album. " . "User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1);
            return COM_showMessageText($LANG_MG00['access_denied_msg']);
        }
    }
    $block_title = $mode == 'create' ? $LANG_MG01['create_album'] : $LANG_MG01['edit_album'] . ' - ' . strip_tags($album->title);
    // construct the album jumpbox
    $select = $mode == 'create' ? $oldaid : $album->parent;
    $valid_albums = 0;
    $album_selectbox = '<select name="parentaid">';
    $root_album = new mgAlbum(0);
    $valid_albums += $root_album->buildAlbumBox($album_selectbox, $select, 3, $album_id, $mode);
    $album_selectbox .= '</select>';
    if ($valid_albums == 0) {
        COM_errorLog("MediaGallery: Someone has tried to illegally create a Media Gallery Album. " . "User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1);
        return COM_showMessageText($LANG_MG00['access_denied_msg']);
    }
    // build exif select box...
    $exif_select = MG_optionlist(array('name' => 'enable_exif', 'current' => $album->exif_display, 'values' => array('0' => $LANG_MG01['disable_exif'], '1' => $LANG_MG01['display_below_media'], '2' => $LANG_MG01['display_in_popup'], '3' => $LANG_MG01['both'])));
    $full_select = MG_optionlist(array('name' => 'full_display', 'current' => $album->full, 'values' => array('0' => $LANG_MG01['always'], '1' => $LANG_MG01['members_only'], '2' => $LANG_MG01['disabled']), 'disabled' => $_MG_CONF['discard_original']));
    $ranking_select = MG_optionlist(array('name' => 'enable_rating', 'current' => $album->enable_rating, 'values' => array('0' => $LANG_MG01['disabled'], '1' => $LANG_MG01['members_only'], '2' => $LANG_MG01['always'])));
    $podcast_select = MG_checkbox(array('name' => 'podcast', 'checked' => $album->podcast, 'value' => '1'));
    $mp3ribbon_select = MG_checkbox(array('name' => 'mp3ribbon', 'checked' => $album->mp3ribbon, 'value' => '1'));
    $rsschildren_select = MG_checkbox(array('name' => 'rsschildren', 'checked' => $album->rssChildren, 'value' => '1'));
    $comment_select = MG_checkbox(array('name' => 'enable_comments', 'checked' => $album->enable_comments, 'value' => '1'));
    $ss_select = MG_optionlist(array('name' => 'enable_slideshow', 'current' => $album->enable_slideshow, 'values' => array('0' => $LANG_MG01['disabled'], '1' => $LANG_MG01['js_slideshow'], '2' => $LANG_MG01['lightbox'], '3' => $LANG_MG01['flash_slideshow_disp'], '4' => $LANG_MG01['flash_slideshow_full'], '5' => $LANG_MG01['mp3_jukebox'])));
    $views_select = MG_checkbox(array('name' => 'enable_views', 'checked' => $album->enable_views, 'value' => '1'));
    $keywords_select = MG_checkbox(array('name' => 'enable_keywords', 'checked' => $album->enable_keywords, 'value' => '1'));
    $sort_select = MG_checkbox(array('name' => 'enable_sort', 'checked' => $album->enable_sort, 'value' => '1'));
    $rss_select = MG_checkbox(array('name' => 'enable_rss', 'checked' => $album->enable_rss, 'value' => '1'));
    $afirst_select = MG_checkbox(array('name' => 'albums_first', 'checked' => $album->albums_first, 'value' => '1'));
    $usealternate_select = MG_checkbox(array('name' => 'usealternate', 'checked' => $album->useAlternate, 'value' => '1'));
    $album_views_select = MG_checkbox(array('name' => 'enable_album_views', 'checked' => $album->enable_album_views, 'value' => '1'));
    $display_album_desc_select = MG_checkbox(array('name' => 'display_album_desc', 'checked' => $album->display_album_desc, 'value' => '1'));
    $tn_size_select = MG_optionlist(array('name' => 'tn_size', 'current' => $album->tn_size, 'values' => array('0' => $LANG_MG01['include_small'], '1' => $LANG_MG01['include_medium'], '2' => $LANG_MG01['include_large'], '3' => $LANG_MG01['include_custom'], '10' => $LANG_MG01['crop_small'], '11' => $LANG_MG01['crop_medium'], '12' => $LANG_MG01['crop_large'], '13' => $LANG_MG01['crop_custom'])));
    $display_image_size_select = MG_optionlist(array('name' => 'display_image_size', 'current' => $album->display_image_size, 'values' => array('0' => $LANG_MG01['size_500x375'], '1' => $LANG_MG01['size_600x450'], '2' => $LANG_MG01['size_620x465'], '3' => $LANG_MG01['size_720x540'], '4' => $LANG_MG01['size_800x600'], '5' => $LANG_MG01['size_912x684'], '6' => $LANG_MG01['size_1024x768'], '7' => $LANG_MG01['size_1152x864'], '8' => $LANG_MG01['size_1280x1024'], '9' => $LANG_MG01['size_custom'] . $_MG_CONF['custom_image_width'] . 'x' . $_MG_CONF['custom_image_height'])));
    $rows_input = MG_input(array('type' => 'text', 'size' => '3', 'name' => 'display_rows', 'value' => $album->display_rows));
    $columns_input = MG_input(array('type' => 'text', 'size' => '3', 'name' => 'display_columns', 'value' => $album->display_columns));
    $max_image_height_input = MG_input(array('type' => 'text', 'size' => '4', 'name' => 'max_image_height', 'value' => $album->max_image_height));
    $max_image_width_input = MG_input(array('type' => 'text', 'size' => '4', 'name' => 'max_image_width', 'value' => $album->max_image_width));
    $tnheight_input = MG_input(array('type' => 'text', 'size' => '3', 'name' => 'tnheight', 'value' => $album->tnHeight));
    $tnwidth_input = MG_input(array('type' => 'text', 'size' => '3', 'name' => 'tnwidth', 'value' => $album->tnWidth));
    $max_filesize = 0;
    if ($album->max_filesize != 0) {
        $max_filesize = $album->max_filesize / 1024;
    }
    $max_filesize_input = MG_input(array('type' => 'text', 'size' => '10', 'name' => 'max_filesize', 'value' => $max_filesize));
    $email_mod_select = MG_checkbox(array('name' => 'email_mod', 'checked' => $album->email_mod, 'value' => '1'));
    $playback_type = MG_optionlist(array('name' => 'playback_type', 'current' => $album->playback_type, 'values' => array('0' => $LANG_MG01['play_in_popup'], '1' => $LANG_MG01['download_to_local'], '2' => $LANG_MG01['play_inline'], '3' => $LANG_MG01['use_mms'])));
    $themes = MG_getThemes();
    $album_theme_select = '<select name="album_theme">';
    for ($i = 0; $i < count($themes); $i++) {
        $album_theme_select .= '<option value="' . $themes[$i] . '"' . ($album->skin == $themes[$i] ? ' selected="selected"' : '') . '>' . $themes[$i] . '</option>';
    }
    $album_theme_select .= '</select>';
    $attach_select = MG_checkbox(array('name' => 'attach_tn', 'checked' => $album->tn_attached, 'value' => '1'));
    $result = DB_query("SELECT * FROM {$_TABLES['users']}");
    $nRows = DB_numRows($result);
    $owner_select = '<select name="owner_id">';
    for ($i = 0; $i < $nRows; $i++) {
        $row = DB_fetchArray($result);
        if ($row['uid'] == 1) {
            continue;
        }
        $owner_select .= '<option value="' . $row['uid'] . '"' . ($album->owner_id == $row['uid'] ? ' selected="selected"' : '') . '>' . COM_getDisplayName($row['uid']) . '</option>';
    }
    $owner_select .= '</select>';
    $album_sort_select = MG_optionlist(array('name' => 'album_sort_order', 'current' => $album->album_sort_order, 'values' => array('0' => $LANG_MG03['no_sort'], '1' => $LANG_MG03['sort_capture_asc'], '2' => $LANG_MG03['sort_capture'], '3' => $LANG_MG03['sort_upload_asc'], '4' => $LANG_MG03['sort_upload'], '5' => $LANG_MG03['sort_alpha'], '6' => $LANG_MG03['sort_alpha_asc'])));
    if (SEC_hasRights('mediagallery.admin')) {
        //
        // -- build the featured selects and info...
        //
        $featured_select = MG_checkbox(array('name' => 'featured', 'checked' => $album->featured, 'value' => '1'));
        // build featurepage select...
        $featurepage_select = '<select name="featurepage">';
        $featurepage_select .= MG_options(array('current' => $album->cbpage, 'values' => array('all' => $LANG_MG01['all'], 'allnhp' => $LANG_MG01['all_nhp'], 'none' => $LANG_MG01['homepage_only'])));
        $featurepage_select .= COM_topicList('tid,topic', $album->cbpage);
        $featurepage_select .= '</select>';
        // position
        $feature_pos = MG_optionlist(array('name' => 'featureposition', 'current' => $album->cbposition, 'values' => array('1' => $LANG_MG01['top'], '2' => $LANG_MG01['after_featured_articles'], '3' => $LANG_MG01['bottom'])));
        $ri_select = MG_checkbox(array('name' => 'enable_random', 'checked' => $album->enable_random, 'value' => '1'));
        $T->set_var(array('featured_select' => $featured_select, 'feature_page_select' => $featurepage_select, 'feature_position' => $feature_pos, 'height_input' => $max_image_height_input, 'width_input' => $max_image_width_input, 'max_size_input' => $max_filesize_input, 'ri_select' => $ri_select, 'jpg_checked' => $album->valid_formats & MG_JPG ? ' checked="checked"' : '', 'png_checked' => $album->valid_formats & MG_PNG ? ' checked="checked"' : '', 'tif_checked' => $album->valid_formats & MG_TIF ? ' checked="checked"' : '', 'gif_checked' => $album->valid_formats & MG_GIF ? ' checked="checked"' : '', 'bmp_checked' => $album->valid_formats & MG_BMP ? ' checked="checked"' : '', 'tga_checked' => $album->valid_formats & MG_TGA ? ' checked="checked"' : '', 'psd_checked' => $album->valid_formats & MG_PSD ? ' checked="checked"' : '', 'mp3_checked' => $album->valid_formats & MG_MP3 ? ' checked="checked"' : '', 'ogg_checked' => $album->valid_formats & MG_OGG ? ' checked="checked"' : '', 'asf_checked' => $album->valid_formats & MG_ASF ? ' checked="checked"' : '', 'swf_checked' => $album->valid_formats & MG_SWF ? ' checked="checked"' : '', 'mov_checked' => $album->valid_formats & MG_MOV ? ' checked="checked"' : '', 'mp4_checked' => $album->valid_formats & MG_MP4 ? ' checked="checked"' : '', 'mpg_checked' => $album->valid_formats & MG_MPG ? ' checked="checked"' : '', 'zip_checked' => $album->valid_formats & MG_ZIP ? ' checked="checked"' : '', 'flv_checked' => $album->valid_formats & MG_FLV ? ' checked="checked"' : '', 'rflv_checked' => $album->valid_formats & MG_RFLV ? ' checked="checked"' : '', 'emb_checked' => $album->valid_formats & MG_EMB ? ' checked="checked"' : '', 'other_checked' => $album->valid_formats & MG_OTHER ? ' checked="checked"' : '', 'lang_featured_album' => $LANG_MG01['featured_album'], 'lang_set_featured' => $LANG_MG01['set_featured'], 'lang_featured_help' => $LANG_MG01['featured_help'], 'lang_position' => $LANG_MG01['position'], 'lang_topic' => $LANG_MG01['topic'], 'lang_ri_enable' => $LANG_MG01['ri_enable'], 'lang_max_image_height' => $LANG_MG01['max_image_height'], 'lang_max_image_width' => $LANG_MG01['max_image_width'], 'lang_max_filesize' => $LANG_MG01['max_filesize'], 'lang_jpg' => $LANG_MG01['jpg'], 'lang_png' => $LANG_MG01['png'], 'lang_tif' => $LANG_MG01['tif'], 'lang_gif' => $LANG_MG01['gif'], 'lang_bmp' => $LANG_MG01['bmp'], 'lang_tga' => $LANG_MG01['tga'], 'lang_psd' => $LANG_MG01['psd'], 'lang_mp3' => $LANG_MG01['mp3'], 'lang_ogg' => $LANG_MG01['ogg'], 'lang_asf' => $LANG_MG01['asf'], 'lang_swf' => $LANG_MG01['swf'], 'lang_mov' => $LANG_MG01['mov'], 'lang_mp4' => $LANG_MG01['mp4'], 'lang_mpg' => $LANG_MG01['mpg'], 'lang_zip' => $LANG_MG01['zip'], 'lang_flv' => $LANG_MG01['flv'], 'lang_rflv' => $LANG_MG01['rflv'], 'lang_emb' => $LANG_MG01['emb'], 'lang_other' => $LANG_MG01['other'], 'lang_allowed_formats' => $LANG_MG01['allowed_media_formats'], 'lang_image' => $LANG_MG01['image'], 'lang_audio' => $LANG_MG01['audio'], 'lang_video' => $LANG_MG01['video']));
    }
    $r = rand();
    if ($album->tn_attached) {
        list($album_last_image, $media_size) = MG_getImageUrl('covers/cover_' . $album_id);
        if ($media_size != false) {
            $T->set_var('thumbnail', '<img src="' . $album_last_image . '?r=' . $r . '" alt=""' . XHTML . '>');
        }
    }
    $filename_title_select = MG_checkbox(array('name' => 'filename_title', 'checked' => $album->filename_title, 'value' => '1'));
    // watermark stuff...
    $wm_auto_select = MG_checkbox(array('name' => 'wm_auto', 'checked' => $album->wm_auto, 'value' => '1'));
    $wm_opacity_select = MG_optionlist(array('name' => 'wm_opacity', 'current' => $album->wm_opacity, 'values' => array('10' => '10%', '20' => '20%', '30' => '30%', '40' => '40%', '50' => '50%', '60' => '60%', '70' => '70%', '80' => '80%', '90' => '90%')));
    $wm_location_select = MG_optionlist(array('name' => 'wm_location', 'current' => $album->wm_location, 'values' => array('1' => $LANG_MG01['top_left'], '2' => $LANG_MG01['top_center'], '3' => $LANG_MG01['top_right'], '4' => $LANG_MG01['middle_left'], '5' => $LANG_MG01['middle_center'], '6' => $LANG_MG01['middle_right'], '7' => $LANG_MG01['bottom_left'], '8' => $LANG_MG01['bottom_center'], '9' => $LANG_MG01['bottom_right'])));
    // now select what watermarks we have permission to use...
    $whereClause = "WHERE wm_id<>0 AND ";
    if (SEC_hasRights('mediagallery.admin')) {
        $whereClause .= "1=1 ";
    } else {
        $whereClause .= "(owner_id=" . intval($_USER['uid']) . " OR owner_id=0) ";
    }
    $sql = "SELECT * FROM {$_TABLES['mg_watermarks']} " . $whereClause . "ORDER BY owner_id";
    $result = DB_query($sql);
    $nRows = DB_numRows($result);
    $wm_select = '<select name="wm_id" onchange="change(this)">';
    $wm_select .= '<option value="blank.png">' . $LANG_MG01['no_watermark'] . '</option>';
    $wm_current = '<img src="' . $_MG_CONF['site_url'] . '/watermarks/blank.png" name="myImage" alt=""' . XHTML . '>';
    for ($i = 0; $i < $nRows; $i++) {
        $row = DB_fetchArray($result);
        $wm_select .= '<option value="' . $row['filename'] . '"' . ($album->wm_id == $row['wm_id'] ? ' selected="selected"' : '') . '>' . $row['filename'] . '</option>';
        if ($album->wm_id == $row['wm_id']) {
            $wm_current = '<img src="' . $_MG_CONF['site_url'] . '/watermarks/' . $row['filename'] . '" name="myImage" alt=""' . XHTML . '>';
        }
    }
    $wm_select .= '</select>';
    $skins = MG_getFrames();
    $tmp = array();
    for ($i = 0; $i < count($skins); $i++) {
        $tmp[$skins[$i]['dir']] = $skins[$i]['name'];
    }
    $skin_select = MG_optionlist(array('name' => 'skin', 'current' => $album->image_skin, 'values' => $tmp));
    $askin_select = MG_optionlist(array('name' => 'askin', 'current' => $album->album_skin, 'values' => $tmp));
    $dskin_select = MG_optionlist(array('name' => 'dskin', 'current' => $album->display_skin, 'values' => $tmp));
    // permission template
    $usergroups = SEC_getUserGroups();
    $groupdd = '<select name="group_id">';
    $moddd = '<select name="mod_id">';
    for ($i = 0; $i < count($usergroups); $i++) {
        if ($usergroups[key($usergroups)] != 2 && $usergroups[key($usergroups)] != 13) {
            $groupdd .= '<option value="' . $usergroups[key($usergroups)] . '"';
            $moddd .= '<option value="' . $usergroups[key($usergroups)] . '"';
            if ($album->group_id == $usergroups[key($usergroups)]) {
                $groupdd .= ' selected="selected"';
            }
            if ($album->mod_group_id == $usergroups[key($usergroups)]) {
                $moddd .= ' selected="selected"';
            }
            $groupdd .= '>' . key($usergroups) . '</option>';
            $moddd .= '>' . key($usergroups) . '</option>';
        }
        next($usergroups);
    }
    $groupdd .= '</select>';
    $moddd .= '</select>';
    $upload_select = MG_checkbox(array('name' => 'uploads', 'checked' => $album->member_uploads, 'value' => '1'));
    $moderate_select = MG_checkbox(array('name' => 'moderate', 'checked' => $album->moderate, 'value' => '1'));
    $child_update_select = MG_checkbox(array('name' => 'force_child_update', 'checked' => false, 'value' => '1'));
    $hidden_select = MG_checkbox(array('name' => 'hidden', 'checked' => $album->hidden, 'value' => '1'));
    $allow_download_select = MG_checkbox(array('name' => 'allow_download', 'checked' => $album->allow_download, 'value' => '1'));
    if (SEC_hasRights('mediagallery.admin')) {
        $perm_editor = SEC_getPermissionsHTML($album->perm_owner, $album->perm_group, $album->perm_members, $album->perm_anon);
    } else {
        $perm_editor = MG_getMemberPermissionsHTML($album->perm_members, $album->perm_anon);
    }
    $T->set_var(array('site_url' => $_CONF['site_url'], 'site_admin_url' => $_CONF['site_admin_url'], 'xhtml' => XHTML, 'start_block' => COM_startBlock($block_title), 'end_block' => COM_endBlock(), 'owner_username' => DB_getItem($_TABLES['users'], 'username', "uid={$album->owner_id}"), 'owner_id' => $album->owner_id, 'permissions_editor' => $perm_editor, 'old_album_id' => $oldaid, 'group_dropdown' => $groupdd, 'mod_dropdown' => $moddd, 'uploads' => $upload_select, 'moderate' => $moderate_select, 'hidden' => $hidden_select, 'force_child_update' => $child_update_select, 'owner_select' => $owner_select, 'email_mod_select' => $email_mod_select, 'action' => 'album', 'path_mg' => $_MG_CONF['site_url'], 'attach_select' => $attach_select, 'comment_select' => $comment_select, 'exif_select' => $exif_select, 'ranking_select' => $ranking_select, 'podcast_select' => $podcast_select, 'mp3ribbon_select' => $mp3ribbon_select, 'rsschildren_select' => $rsschildren_select, 'full_select' => $full_select, 'ss_select' => $ss_select, 'sf_select' => $sf_select, 'views_select' => $views_select, 'keywords_select' => $keywords_select, 'album_views_select' => $album_views_select, 'display_album_desc_select' => $display_album_desc_select, 'sort_select' => $sort_select, 'rss_select' => $rss_select, 'afirst_select' => $afirst_select, 'tn_size_select' => $tn_size_select, 'display_image_size' => $display_image_size_select, 'rows_input' => $rows_input, 'columns_input' => $columns_input, 'playback_type' => $playback_type, 'album_title' => $album->title, 'album_desc' => $album->description, 'album_id' => $album_id, 'parent_select' => $album_selectbox, 'album_cover' => $album->cover, 'album_owner' => $album->owner_id, 'album_order' => $album->order, 'album_cover_filename' => $album->cover_filename, 'last_update' => $album->last_update, 'media_count' => $album->media_count, 'wm_auto_select' => $wm_auto_select, 'wm_opacity_select' => $wm_opacity_select, 'wm_location_select' => $wm_location_select, 'wm_select' => $wm_select, 'wm_current' => $wm_current, 'album_theme_select' => $album_theme_select, 'album_sort_select' => $album_sort_select, 'allow_download_select' => $allow_download_select, 'filename_title_select' => $filename_title_select, 'skin_select' => $skin_select, 'askin_select' => $askin_select, 'dskin_select' => $dskin_select, 'tnheight_input' => $tnheight_input, 'tnwidth_input' => $tnwidth_input, 'usealternate_select' => $usealternate_select, 's_form_action' => $actionURL, 'lang_uploads' => $LANG_MG01['anonymous_uploads_prompt'], 'lang_accessrights' => $LANG_ACCESS['accessrights'], 'lang_owner' => $LANG_ACCESS['owner'], 'lang_group' => $LANG_ACCESS['group'], 'lang_permissions' => $LANG_ACCESS['permissions'], 'lang_perm_key' => $LANG_ACCESS['permissionskey'], 'lang_hidden' => $LANG_MG01['hidden'], 'permissions_msg' => $LANG_ACCESS['permmsg'], 'lang_member_upload' => $LANG_MG01['member_upload'], 'lang_moderate_album' => $LANG_MG01['mod_album'], 'lang_mod_group' => $LANG_MG01['moderation_group'], 'lang_force_child_update' => $LANG_MG01['force_child_update'], 'lang_allow_download' => $LANG_MG01['allow_download'], 'lang_email_mods_on_submission' => $LANG_MG01['email_mods_on_submission'], 'lang_usealternate' => $LANG_MG01['use_alternate_url'], 'lang_tnheight' => $LANG_MG01['tn_height'], 'lang_tnwidth' => $LANG_MG01['tn_width'], 'lang_save' => $LANG_MG01['save'], 'lang_edit_title' => $mode == 'create' ? $LANG_MG01['create_album'] : $LANG_MG01['edit_album'], 'lang_image_skin' => $LANG_MG01['image_skin'], 'lang_album_skin' => $LANG_MG01['album_skin'], 'lang_display_skin' => $LANG_MG01['display_skin'], 'lang_album_edit_help' => $LANG_MG01['album_edit_help'], 'lang_title' => $LANG_MG01['title'], 'lang_podcast' => $LANG_MG01['podcast'], 'lang_mp3ribbon' => $LANG_MG01['mp3ribbon'], 'lang_rsschildren' => $LANG_MG01['rsschildren'], 'lang_parent_album' => $LANG_MG01['parent_album'], 'lang_description' => $LANG_MG01['description'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_delete' => $LANG_MG01['delete'], 'lang_comments' => $LANG_MG01['comments_prompt'], 'lang_enable_exif' => $LANG_MG01['enable_exif'], 'lang_enable_ratings' => $LANG_MG01['enable_ratings'], 'lang_ss_enable' => $LANG_MG01['ss_enable'], 'lang_sf_enable' => $LANG_MG01['sf_enable'], 'lang_tn_size' => $LANG_MG01['tn_size'], 'lang_rows' => $LANG_MG01['rows'], 'lang_columns' => $LANG_MG01['columns'], 'lang_av_play_album' => $LANG_MG01['av_play_album'], 'lang_av_play_options' => $LANG_MG01['av_play_options'], 'lang_attached_thumbnail' => $LANG_MG01['attached_thumbnail'], 'lang_thumbnail' => $LANG_MG01['thumbnail'], 'lang_album_attributes' => $LANG_MG01['album_attributes'], 'lang_album_cover' => $LANG_MG01['album_cover'], 'lang_enable_views' => $LANG_MG01['enable_views'], 'lang_enable_keywords' => $LANG_MG01['enable_keywords'], 'lang_enable_album_views' => $LANG_MG01['enable_album_views'], 'lang_enable_sort' => $LANG_MG01['enable_sort'], 'lang_enable_rss' => $LANG_MG01['enable_rss'], 'lang_albums_first' => $LANG_MG01['albums_first'], 'lang_full_display' => $LANG_MG01['full_display'], 'lang_display_image_size' => $LANG_MG01['display_image_size'], 'lang_album_sort' => $LANG_MG01['default_album_sort'], 'lang_watermark' => $LANG_MG01['watermark'], 'lang_wm_auto' => $LANG_MG01['watermark_auto'], 'lang_wm_opacity' => $LANG_MG01['watermark_opacity'], 'lang_wm_location' => $LANG_MG01['watermark_location'], 'lang_wm_id' => $LANG_MG01['watermark_image'], 'lang_unlimited' => $LANG_MG01['zero_unlimited'], 'lang_display_album_desc' => $LANG_MG01['display_album_desc'], 'lang_filename_title' => $LANG_MG01['filename_title'], 'lang_media_attributes' => $LANG_MG01['media_attributes'], 'lang_theme_select' => $LANG_MG01['album_theme']));
    if (SEC_hasRights('mediagallery.admin')) {
        $T->set_var('perms_editor_admin', '1');
    } else {
        $T->set_var('perms_editor_member', '1');
    }
    if ($_MG_CONF['htmlallowed'] == 1) {
        $T->set_var('allowed_html', COM_allowedHTML());
    }
    $retval .= $T->finish($T->parse('output', 'admin'));
    return $retval;
}
Example #14
0
function links_edit_category($cid, $pid)
{
    global $_CONF, $_TABLES, $_USER, $MESSAGE, $LANG_LINKS_ADMIN, $LANG_ADMIN, $LANG_ACCESS, $_LI_CONF;
    $retval = '';
    $cid = addslashes($cid);
    if (!empty($pid)) {
        // have parent id, so making a new subcategory
        // get parent access rights
        $result = DB_query("SELECT group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['linkcategories']} WHERE cid='" . addslashes($pid) . "'");
        $A = DB_fetchArray($result);
        $A['owner_id'] = $_USER['uid'];
        $A['pid'] = $pid;
    } elseif (!empty($cid)) {
        // have category id, so editing a category
        $sql = "SELECT * FROM {$_TABLES['linkcategories']} WHERE cid='{$cid}'" . COM_getPermSQL('AND');
        $result = DB_query($sql);
        $A = DB_fetchArray($result);
    } else {
        // nothing, so making a new top-level category
        // get default access rights
        $A['group_id'] = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='Links Admin'");
        SEC_setDefaultPermissions($A, $_LI_CONF['category_permissions']);
        $A['owner_id'] = $_USER['uid'];
        $A['pid'] = $_LI_CONF['root'];
    }
    $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    if ($access < 3) {
        return COM_showMessage(6, 'links');
    }
    $token = SEC_createToken();
    $retval .= COM_startBlock($LANG_LINKS_ADMIN[56], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= SEC_getTokenExpiryNotice($token);
    $T = new Template($_CONF['path'] . 'plugins/links/templates/admin');
    $T->set_file(array('page' => 'categoryeditor.thtml'));
    $T->set_var('xhtml', XHTML);
    $T->set_var('site_url', $_CONF['site_url']);
    $T->set_var('site_admin_url', $_CONF['site_admin_url']);
    $T->set_var('layout_url', $_CONF['layout_url']);
    $T->set_var('lang_pagetitle', $LANG_LINKS_ADMIN[28]);
    $T->set_var('lang_link_list', $LANG_LINKS_ADMIN[53]);
    $T->set_var('lang_new_link', $LANG_LINKS_ADMIN[51]);
    $T->set_var('lang_validate_links', $LANG_LINKS_ADMIN[26]);
    $T->set_var('lang_list_categories', $LANG_LINKS_ADMIN[50]);
    $T->set_var('lang_new_category', $LANG_LINKS_ADMIN[52]);
    $T->set_var('lang_admin_home', $LANG_ADMIN['admin_home']);
    $T->set_var('instructions', $LANG_LINKS_ADMIN[29]);
    $T->set_var('lang_category', $LANG_LINKS_ADMIN[30]);
    $T->set_var('lang_cid', $LANG_LINKS_ADMIN[32]);
    $T->set_var('lang_description', $LANG_LINKS_ADMIN[31]);
    $T->set_var('lang_topic', $LANG_LINKS_ADMIN[33]);
    $T->set_var('lang_parent', $LANG_LINKS_ADMIN[34]);
    $T->set_var('lang_save', $LANG_ADMIN['save']);
    if (!empty($cid)) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $T->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $T->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    } else {
        $T->set_var('delete_option', '');
    }
    $T->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    if (!empty($cid)) {
        $T->set_var('cid_value', $A['cid']);
        $T->set_var('old_cid_value', $A['cid']);
        $T->set_var('category_options', links_select_box(3, $A['pid']));
        $T->set_var('category_value', $A['category']);
        $T->set_var('description_value', $A['description']);
    } else {
        $A['cid'] = COM_makeSid();
        $T->set_var('cid_value', $A['cid']);
        $T->set_var('old_cid_value', '');
        $T->set_var('category_options', links_select_box(3, $A['pid']));
        $T->set_var('category_value', '');
        $T->set_var('description_value', '');
    }
    if (!isset($A['tid'])) {
        $A['tid'] = 'all';
    }
    $topics = COM_topicList('tid,topic', $A['tid'], 1, true);
    $T->set_var('topic_list', $topics);
    $alltopics = '<option value="all"';
    if ($A['tid'] == 'all') {
        $alltopics .= ' selected="selected"';
    }
    $alltopics .= '>' . $LANG_LINKS_ADMIN[35] . '</option>' . LB;
    $T->set_var('topic_selection', '<select name="tid">' . $alltopics . $topics . '</select>');
    if (empty($cid)) {
        $num_links = $LANG_ADMIN['na'];
    } else {
        $nresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['links']} WHERE cid='{$cid}'" . COM_getPermSQL('AND'));
        $N = DB_fetchArray($nresult);
        $num_links = COM_numberFormat($N['count']);
    }
    $T->set_var('lang_num_links', $LANG_LINKS_ADMIN[61]);
    $T->set_var('num_links', $num_links);
    // user access info
    $T->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $T->set_var('lang_owner', $LANG_ACCESS['owner']);
    $T->set_var('owner_name', COM_getDisplayName($A['owner_id']));
    $T->set_var('cat_ownerid', $A['owner_id']);
    $T->set_var('lang_group', $LANG_ACCESS['group']);
    $T->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $T->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $T->set_var('lang_permissionskey', $LANG_ACCESS['permissionskey']);
    $T->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $T->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    $T->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $T->set_var('lang_lockmsg', $LANG_ACCESS['permmsg']);
    $T->set_var('gltoken_name', CSRF_TOKEN);
    $T->set_var('gltoken', $token);
    $T->parse('output', 'page');
    $retval .= $T->finish($T->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Example #15
0
/**
* edits or creates an album
*
* @param    int     album_id    album_id to edit
* @param    string  mode        create or edit
* @param    string  actionURL   where to redirection on finish
* @param    int     oldaid      original album id
* @return   string              HTML
*
*/
function MG_editAlbum($album_id = 0, $mode = '', $actionURL = '', $oldaid = 0)
{
    global $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03, $LANG_ACCESS, $REMOTE_ADDR;
    global $MG_albums, $album_selectbox, $_DB_dbms;
    $valid_albums = 0;
    if ($actionURL == '') {
        $actionURL = $_CONF['site_admin_url'] . '/plugins/mediagallery/index.php';
    }
    if ($_DB_dbms == "mssql") {
        $sql = "SELECT *,CAST(album_desc AS TEXT) as album_desc FROM " . $_TABLES['mg_albums'] . " WHERE album_id=" . $album_id;
    } else {
        $sql = "SELECT * FROM " . $_TABLES['mg_albums'] . " WHERE album_id=" . intval($album_id);
    }
    $result = DB_query($sql);
    $numRows = DB_numRows($result);
    if ($numRows > 0) {
        $A = DB_fetchArray($result);
    }
    $retval = '';
    $T = new Template(MG_getTemplatePath($album_id));
    $T->set_var('site_url', $_CONF['site_url']);
    $T->set_var('site_admin_url', $_CONF['site_admin_url']);
    if ($album_id != 0 && $mode == 'edit') {
        // If edit, pull up the existing album information...
        if ($MG_albums[$album_id]->access != 3) {
            COM_errorLog("MediaGallery: Someone has tried to illegally edit a Media Gallery Album.  User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1);
            return MG_genericError($LANG_MG00['access_denied_msg']);
        }
    } else {
        if ($album_id == 0 && $mode == 'create') {
            // create the album...
            $A['album_id'] = -1;
            $A['album_order'] = 0;
            $album_id = -1;
            $A['album_parent'] = 0;
            $A['album_title'] = '';
            $A['album_desc'] = '';
            $A['hidden'] = 0;
            $A['album_cover'] = -1;
            $A['featured'] = 0;
            $A['cbposition'] = 0;
            $A['cbpage'] = 'all';
            $A['owner_id'] = $_USER['uid'];
            $A['member_uploads'] = $_MG_CONF['ad_member_uploads'];
            $A['moderate'] = $_MG_CONF['ad_moderate'];
            $A['tn_attached'] = 0;
            $A['exif_display'] = $_MG_CONF['ad_exif_display'];
            $A['enable_slideshow'] = $_MG_CONF['ad_enable_slideshow'];
            $A['enable_random'] = $_MG_CONF['ad_enable_random'];
            $A['enable_shutterfly'] = $_MG_CONF['ad_enable_shutterfly'];
            $A['enable_views'] = $_MG_CONF['ad_enable_views'];
            $A['enable_keywords'] = $_MG_CONF['ad_enable_keywords'];
            $A['display_album_desc'] = $_MG_CONF['ad_display_album_desc'];
            $A['enable_album_views'] = $_MG_CONF['ad_enable_album_views'];
            $A['image_skin'] = $_MG_CONF['ad_image_skin'];
            $A['album_skin'] = $_MG_CONF['ad_album_skin'];
            $A['display_skin'] = $_MG_CONF['ad_display_skin'];
            $A['enable_sort'] = $_MG_CONF['ad_enable_sort'];
            $A['enable_rss'] = $_MG_CONF['ad_enable_rss'];
            $A['enable_postcard'] = $_MG_CONF['ad_enable_postcard'];
            $A['albums_first'] = $_MG_CONF['ad_albums_first'];
            $A['enable_rating'] = $_MG_CONF['ad_enable_rating'];
            $A['enable_comments'] = $_MG_CONF['ad_enable_comments'];
            $A['tn_size'] = $_MG_CONF['ad_tn_size'];
            $A['allow_download'] = $_MG_CONF['ad_allow_download'];
            $A['max_image_height'] = $_MG_CONF['ad_max_image_height'];
            $A['max_image_width'] = $_MG_CONF['ad_max_image_width'];
            $A['max_filesize'] = $_MG_CONF['ad_max_filesize'];
            $A['display_image_size'] = $_MG_CONF['ad_display_image_size'];
            $A['display_rows'] = $_MG_CONF['ad_display_rows'];
            $A['display_columns'] = $_MG_CONF['ad_display_columns'];
            $A['valid_formats'] = $_MG_CONF['ad_valid_formats'];
            $A['filename_title'] = $_MG_CONF['ad_filename_title'];
            $A['wm_auto'] = $_MG_CONF['ad_wm_auto'];
            $A['wm_id'] = $_MG_CONF['ad_wm_id'];
            $A['opacity'] = $_MG_CONF['ad_wm_opacity'];
            $A['wm_location'] = $_MG_CONF['ad_wm_location'];
            $A['album_sort_order'] = $_MG_CONF['ad_album_sort_order'];
            $A['email_mod'] = $_MG_CONF['ad_email_mod'];
            $A['album_cover_filename'] = '';
            $A['last_update'] = 0;
            $A['media_count'] = 0;
            $A['full_display'] = $_MG_CONF['ad_full_display'];
            $A['playback_type'] = $_MG_CONF['ad_playback_type'];
            $A['podcast'] = isset($_MG_CONF['ad_podcast']) ? $_MG_CONF['ad_podcast'] : 0;
            $A['mp3ribbon'] = 0;
            $A['rsschildren'] = 0;
            $A['usealternate'] = isset($_MG_CONF['ad_use_alternate']) ? $_MG_CONF['ad_use_alternate'] : 0;
            $A['skin'] = isset($_MG_CONF['ad_skin']) ? $_MG_CONF['ad_skin'] : 'default';
            $gresult = DB_query("SELECT grp_id FROM {$_TABLES['groups']} WHERE grp_name LIKE 'mediagallery Admin'");
            $grow = DB_fetchArray($gresult);
            $grp_id = $grow['grp_id'];
            $A['group_id'] = $grp_id;
            $A['mod_group_id'] = $grp_id;
            $A['perm_owner'] = $_MG_CONF['ad_perm_owner'];
            $A['perm_group'] = $_MG_CONF['ad_perm_group'];
            $A['perm_members'] = $_MG_CONF['ad_perm_members'];
            $A['perm_anon'] = $_MG_CONF['ad_perm_anon'];
            $A['tnheight'] = $_MG_CONF['ad_tn_height'];
            $A['tnwidth'] = $_MG_CONF['ad_tn_width'];
        }
    }
    $T->set_var('album_id', $A['album_id']);
    $retval .= COM_startBlock($mode == 'create' ? $LANG_MG01['create_album'] : $LANG_MG01['edit_album'] . ' - ' . strip_tags($A['album_title']), '', COM_getBlockTemplate('_admin_block', 'header'));
    // If edit, pull up the existing album information...
    $T->set_file(array('admin' => 'editalbum.thtml', 'falbum' => 'featured_album.thtml', 'perms_admin' => 'edit_album_permissions.thtml', 'perms_member' => 'edit_album_perm_member.thtml', 'admin_attr' => 'editalbum_admin.thtml', 'admin_formats' => 'editalbum_formats.thtml'));
    // construct the album jumpbox...
    if ($mode == 'create') {
        $select = $oldaid;
    } else {
        $select = $A['album_parent'];
    }
    $album_selectbox = '<select name="parentaid">';
    $valid_albums += $MG_albums[0]->buildAlbumBox($select, 3, $A['album_id'], $mode);
    $album_selectbox .= '</select>';
    $album_select = $album_selectbox;
    if ($valid_albums == 0) {
        COM_errorLog("MediaGallery: Someone has tried to illegally create a Medig Gallery Album.  User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1);
        return MG_genericError($LANG_MG00['access_denied_msg']);
    }
    // build exif select box...
    $exif_select = '<select name="enable_exif">';
    $exif_select .= '<option value="0"' . ($A['exif_display'] == 0 ? 'selected="selected"' : '') . '>' . $LANG_MG01['disable_exif'] . '</option>';
    $exif_select .= '<option value="1"' . ($A['exif_display'] == 1 ? 'selected="selected"' : '') . '>' . $LANG_MG01['display_below_media'] . '</option>';
    $exif_select .= '<option value="2"' . ($A['exif_display'] == 2 ? 'selected="selected"' : '') . '>' . $LANG_MG01['display_in_popup'] . '</option>';
    $exif_select .= '<option value="3"' . ($A['exif_display'] == 3 ? 'selected="selected"' : '') . '>' . $LANG_MG01['both'] . '</option>';
    $exif_select .= '</select>';
    $full_select = '<select name="full_display"' . ($_MG_CONF['discard_original'] ? ' disabled=disabled ' : '') . '>';
    $full_select .= '<option value="0"' . ($A['full_display'] == 0 ? 'selected="selected"' : '') . '>' . $LANG_MG01['always'] . '</option>';
    $full_select .= '<option value="1"' . ($A['full_display'] == 1 ? 'selected="selected"' : '') . '>' . $LANG_MG01['members_only'] . '</option>';
    $full_select .= '<option value="2"' . ($A['full_display'] == 2 ? 'selected="selected"' : '') . '>' . $LANG_MG01['disabled'] . '</option>';
    $full_select .= '</select>';
    $ranking_select = '<select name="enable_rating">';
    $ranking_select .= '<option value="0"' . ($A['enable_rating'] == 0 ? 'selected="selected"' : '') . '>' . $LANG_MG01['disabled'] . '</option>';
    $ranking_select .= '<option value="1"' . ($A['enable_rating'] == 1 ? 'selected="selected"' : '') . '>' . $LANG_MG01['members_only'] . '</option>';
    $ranking_select .= '<option value="2"' . ($A['enable_rating'] == 2 ? 'selected="selected"' : '') . '>' . $LANG_MG01['always'] . '</option>';
    $ranking_select .= '</select>';
    $podcast_select = '<input type="checkbox" name="podcast" value="1" ' . ($A['podcast'] ? ' checked="checked"' : '') . '/>';
    $mp3ribbon_select = '<input type="checkbox" name="mp3ribbon" value="1" ' . ($A['mp3ribbon'] ? ' checked="checked"' : '') . '/>';
    $rsschildren_select = '<input type="checkbox" name="rsschildren" value="1" ' . ($A['rsschildren'] ? ' checked="checked"' : '') . '/>';
    $comment_select = '<input type="checkbox" name="enable_comments" value="1" ' . ($A['enable_comments'] ? ' checked="checked"' : '') . '/>';
    $ss_select = '<select name="enable_slideshow">';
    $ss_select .= '<option value="0" ' . ($A['enable_slideshow'] == 0 ? ' selected="selected"' : '') . '>' . $LANG_MG01['disabled'] . '</option>';
    $ss_select .= '<option value="1"' . ($A['enable_slideshow'] == 1 ? ' selected="selected"' : '') . '>' . $LANG_MG01['js_slideshow'] . '</option>';
    $ss_select .= '<option value="2"' . ($A['enable_slideshow'] == 2 ? ' selected="selected"' : '') . '>' . $LANG_MG01['lightbox'] . '</option>';
    $ss_select .= '<option value="3"' . ($A['enable_slideshow'] == 3 ? ' selected="selected"' : '') . '>' . $LANG_MG01['flash_slideshow_disp'] . '</option>';
    $ss_select .= '<option value="4"' . ($A['enable_slideshow'] == 4 ? ' selected="selected"' : '') . '>' . $LANG_MG01['flash_slideshow_full'] . '</option>';
    $ss_select .= '<option value="5"' . ($A['enable_slideshow'] == 5 ? ' selected="selected"' : '') . '>' . $LANG_MG01['mp3_jukebox'] . '</option>';
    $ss_select .= '</select>';
    $sf_select = '<input type="checkbox" name="enable_shutterfly" value="1" ' . ($A['enable_shutterfly'] ? ' checked="checked"' : '') . '/>';
    $views_select = '<input type="checkbox" name="enable_views" value="1" ' . ($A['enable_views'] ? ' checked="checked"' : '') . '/>';
    $keywords_select = '<input type="checkbox" name="enable_keywords" value="1" ' . ($A['enable_keywords'] ? ' checked="checked"' : '') . '/>';
    $sort_select = '<input type="checkbox" name="enable_sort" value="1" ' . ($A['enable_sort'] ? ' checked="checked"' : '') . '/>';
    $rss_select = '<input type="checkbox" name="enable_rss" value="1" ' . ($A['enable_rss'] ? ' checked="checked"' : '') . '/>';
    $postcard_select = '<select name="enable_postcard">';
    $postcard_select .= '<option value="0"' . ($A['enable_postcard'] == 0 ? 'selected="selected"' : '') . '>' . $LANG_MG01['disabled'] . '</option>';
    $postcard_select .= '<option value="1"' . ($A['enable_postcard'] == 1 ? 'selected="selected"' : '') . '>' . $LANG_MG01['members_only'] . '</option>';
    $postcard_select .= '<option value="2"' . ($A['enable_postcard'] == 2 ? 'selected="selected"' : '') . '>' . $LANG_MG01['all_users'] . '</option>';
    $postcard_select .= '</select>';
    $afirst_select = '<input type="checkbox" name="albums_first" value="1" ' . ($A['albums_first'] ? ' checked="checked"' : '') . '/>';
    $usealternate_select = '<input type="checkbox" name="usealternate" value="1" ' . ($A['usealternate'] ? ' checked="checked"' : '') . '/>';
    $album_views_select = '<input type="checkbox" name="enable_album_views" value="1" ' . ($A['enable_album_views'] ? ' checked="checked"' : '') . '/>';
    $display_album_desc_select = '<input type="checkbox" name="display_album_desc" value="1" ' . ($A['display_album_desc'] ? ' checked="checked"' : '') . '/>';
    $tn_size_select = '<select name="tn_size">';
    $tn_size_select .= '<option value="0"' . ($A['tn_size'] == 0 ? 'selected="selected"' : '') . '>' . $LANG_MG01['small'] . '</option>';
    $tn_size_select .= '<option value="1"' . ($A['tn_size'] == 1 ? 'selected="selected"' : '') . '>' . $LANG_MG01['medium'] . '</option>';
    $tn_size_select .= '<option value="2"' . ($A['tn_size'] == 2 ? 'selected="selected"' : '') . '>' . $LANG_MG01['large'] . '</option>';
    $tn_size_select .= '<option value="3"' . ($A['tn_size'] == 3 ? 'selected="selected"' : '') . '>' . $LANG_MG01['custom'] . '</option>';
    $tn_size_select .= '<option value="4"' . ($A['tn_size'] == 4 ? 'selected="selected"' : '') . '>' . $LANG_MG01['square'] . '</option>';
    $tn_size_select .= '</select>';
    $display_image_size_select = '<select name="display_image_size">';
    $display_image_size_select .= '<option value="0"' . ($A['display_image_size'] == 0 ? 'selected="selected"' : '') . '>' . $LANG_MG01['size_500x375'] . '</option>';
    $display_image_size_select .= '<option value="1"' . ($A['display_image_size'] == 1 ? 'selected="selected"' : '') . '>' . $LANG_MG01['size_600x450'] . '</option>';
    $display_image_size_select .= '<option value="2"' . ($A['display_image_size'] == 2 ? 'selected="selected"' : '') . '>' . $LANG_MG01['size_620x465'] . '</option>';
    $display_image_size_select .= '<option value="3"' . ($A['display_image_size'] == 3 ? 'selected="selected"' : '') . '>' . $LANG_MG01['size_720x540'] . '</option>';
    $display_image_size_select .= '<option value="4"' . ($A['display_image_size'] == 4 ? 'selected="selected"' : '') . '>' . $LANG_MG01['size_800x600'] . '</option>';
    $display_image_size_select .= '<option value="5"' . ($A['display_image_size'] == 5 ? 'selected="selected"' : '') . '>' . $LANG_MG01['size_912x684'] . '</option>';
    $display_image_size_select .= '<option value="6"' . ($A['display_image_size'] == 6 ? 'selected="selected"' : '') . '>' . $LANG_MG01['size_1024x768'] . '</option>';
    $display_image_size_select .= '<option value="7"' . ($A['display_image_size'] == 7 ? 'selected="selected"' : '') . '>' . $LANG_MG01['size_1152x864'] . '</option>';
    $display_image_size_select .= '<option value="8"' . ($A['display_image_size'] == 8 ? 'selected="selected"' : '') . '>' . $LANG_MG01['size_1280x1024'] . '</option>';
    $display_image_size_select .= '<option value="9"' . ($A['display_image_size'] == 9 ? 'selected="selected"' : '') . '>' . $LANG_MG01['size_custom'] . $_MG_CONF['custom_image_width'] . 'x' . $_MG_CONF['custom_image_height'] . '</option>';
    $display_image_size_select .= '</select>';
    $rows_input = '<input type="text" size="3" name="display_rows" value="' . $A['display_rows'] . '"/>';
    $columns_input = '<input type="text" size="3" name="display_columns" value="' . $A['display_columns'] . '"/>';
    $max_image_height_input = '<input type="text" size="4" name="max_image_height" value="' . $A['max_image_height'] . '"/>';
    $max_image_width_input = '<input type="text" size="4" name="max_image_width" value="' . $A['max_image_width'] . '"/>';
    $tnheight_input = '<input type="text" size="3" name="tnheight" value="' . $A['tnheight'] . '"/>';
    $tnwidth_input = '<input type="text" size="3" name="tnwidth" value="' . $A['tnwidth'] . '"/>';
    if ($A['max_filesize'] != 0) {
        $A['max_filesize'] = $A['max_filesize'] / 1024;
    }
    $max_filesize_input = '<input type="text" size="10" name="max_filesize" value="' . $A['max_filesize'] . '"/>';
    $email_mod_select = '<input type="checkbox" name="email_mod" value="1" ' . ($A['email_mod'] ? ' checked="checked"' : '') . '/>';
    $playback_type = '<select name="playback_type">';
    $playback_type .= '<option value="0"' . ($A['playback_type'] == 0 ? 'selected="selected"' : '') . '>' . $LANG_MG01['play_in_popup'] . '</option>';
    $playback_type .= '<option value="1"' . ($A['playback_type'] == 1 ? 'selected="selected"' : '') . '>' . $LANG_MG01['download_to_local'] . '</option>';
    $playback_type .= '<option value="2"' . ($A['playback_type'] == 2 ? 'selected="selected"' : '') . '>' . $LANG_MG01['play_inline'] . '</option>';
    $playback_type .= '<option value="3"' . ($A['playback_type'] == 3 ? 'selected="selected"' : '') . '>' . $LANG_MG01['use_mms'] . '</option>';
    $playback_type .= '</select>';
    $themes = MG_getThemes();
    $album_theme_select = '<select name="album_theme">';
    for ($i = 0; $i < count($themes); $i++) {
        $album_theme_select .= '<option value="' . $themes[$i] . '"' . ($A['skin'] == $themes[$i] ? 'selected="selected"' : '') . '>' . $themes[$i] . '</option>';
    }
    $album_theme_select .= '</select>';
    $attach_select = '<input type="checkbox" name="attach_tn" value="1" ' . ($A['tn_attached'] ? ' checked="checked"' : '') . '/>';
    $result = DB_query("SELECT * FROM {$_TABLES['users']}");
    $nRows = DB_numRows($result);
    $owner_select = '<select name="owner_id">';
    for ($i = 0; $i < $nRows; $i++) {
        $row = DB_fetchArray($result);
        if ($row['uid'] == 1) {
            continue;
        }
        $owner_select .= '<option value="' . $row['uid'] . '"' . ($A['owner_id'] == $row['uid'] ? 'selected="selected"' : '') . '>' . COM_getDisplayName($row['uid'], $row['username'], $row['fullname'], $row['remoteusername'], $row['remoteservice']) . '</option>';
    }
    $owner_select .= '</select>';
    $album_sort_select = '<select name="album_sort_order">';
    $album_sort_select .= '<option value="0"' . ($A['album_sort_order'] == 0 ? 'selected="selected"' : '') . '>' . $LANG_MG03['no_sort'] . '</option>';
    $album_sort_select .= '<option value="1"' . ($A['album_sort_order'] == 1 ? 'selected="selected"' : '') . '>' . $LANG_MG03['sort_capture_asc'] . '</option>';
    $album_sort_select .= '<option value="2"' . ($A['album_sort_order'] == 2 ? 'selected="selected"' : '') . '>' . $LANG_MG03['sort_capture'] . '</option>';
    $album_sort_select .= '<option value="3"' . ($A['album_sort_order'] == 3 ? 'selected="selected"' : '') . '>' . $LANG_MG03['sort_upload_asc'] . '</option>';
    $album_sort_select .= '<option value="4"' . ($A['album_sort_order'] == 4 ? 'selected="selected"' : '') . '>' . $LANG_MG03['sort_upload'] . '</option>';
    $album_sort_select .= '<option value="5"' . ($A['album_sort_order'] == 5 ? 'selected="selected"' : '') . '>' . $LANG_MG03['sort_alpha'] . '</option>';
    $album_sort_select .= '<option value="6"' . ($A['album_sort_order'] == 6 ? 'selected="selected"' : '') . '>' . $LANG_MG03['sort_alpha_asc'] . '</option>';
    $album_sort_select .= '</select>';
    if (SEC_hasRights('mediagallery.admin')) {
        //
        // -- build the featured selects and info...
        //
        $featured_select = '<input type="checkbox" name="featured" value="1" ' . ($A['featured'] ? ' checked="checked"' : '') . '/>';
        // build featurepage select...
        $featurepage_select = '<select name="featurepage">';
        $featurepage_select .= '<option value="all"' . ($A['cbpage'] == 'all' ? 'selected="selected"' : '') . '>' . $LANG_MG01['all'] . '</option>';
        $featurepage_select .= '<option value="allnhp"' . ($A['cbpage'] == 'allnhp' ? 'selected="selected"' : '') . '>' . $LANG_MG01['all_nhp'] . '</option>';
        $featurepage_select .= '<option value="none"' . ($A['cbpage'] == 'none' ? 'selected="selected"' : '') . '>' . $LANG_MG01['homepage_only'] . '</option>';
        $featurepage_select .= COM_topicList('tid,topic', $A['cbpage']);
        $featurepage_select .= '</select>';
        // position
        $feature_pos = '<select name="featureposition">';
        $feature_pos .= '<option value="1"' . ($A['cbposition'] == 1 ? ' selected="selected"' : '') . '>' . $LANG_MG01['top'] . '</option>';
        $feature_pos .= '<option value="2"' . ($A['cbposition'] == 2 ? ' selected="selected"' : '') . '>' . $LANG_MG01['after_featured_articles'] . '</option>';
        $feature_pos .= '<option value="3"' . ($A['cbposition'] == 3 ? ' selected="selected"' : '') . '>' . $LANG_MG01['bottom'] . '</option>';
        $feature_pos .= '</select>    ';
        $T->set_var(array('featured_select' => $featured_select, 'feature_page_select' => $featurepage_select, 'feature_position' => $feature_pos, 'lang_featured_album' => $LANG_MG01['featured_album'], 'lang_set_featured' => $LANG_MG01['set_featured'], 'lang_featured_help' => $LANG_MG01['featured_help'], 'lang_position' => $LANG_MG01['position'], 'lang_topic' => $LANG_MG01['topic']));
        $T->parse('featureselect', 'falbum');
        $ri_select = '<input type="checkbox" name="enable_random" value="1" ' . ($A['enable_random'] ? ' checked="checked"' : '') . '/>';
        $T->set_var(array('height_input' => $max_image_height_input, 'width_input' => $max_image_width_input, 'max_size_input' => $max_filesize_input, 'ri_select' => $ri_select, 'lang_ri_enable' => $LANG_MG01['ri_enable'], 'lang_max_image_height' => $LANG_MG01['max_image_height'], 'lang_max_image_width' => $LANG_MG01['max_image_width'], 'lang_max_filesize' => $LANG_MG01['max_filesize']));
        $T->parse('adminattr', 'admin_attr');
        $T->set_var(array('jpg_checked' => $A['valid_formats'] & MG_JPG ? ' checked="checked"' : '', 'png_checked' => $A['valid_formats'] & MG_PNG ? ' checked="checked"' : '', 'tif_checked' => $A['valid_formats'] & MG_TIF ? ' checked="checked"' : '', 'gif_checked' => $A['valid_formats'] & MG_GIF ? ' checked="checked"' : '', 'bmp_checked' => $A['valid_formats'] & MG_BMP ? ' checked="checked"' : '', 'tga_checked' => $A['valid_formats'] & MG_TGA ? ' checked="checked"' : '', 'psd_checked' => $A['valid_formats'] & MG_PSD ? ' checked="checked"' : '', 'mp3_checked' => $A['valid_formats'] & MG_MP3 ? ' checked="checked"' : '', 'ogg_checked' => $A['valid_formats'] & MG_OGG ? ' checked="checked"' : '', 'asf_checked' => $A['valid_formats'] & MG_ASF ? ' checked="checked"' : '', 'swf_checked' => $A['valid_formats'] & MG_SWF ? ' checked="checked"' : '', 'mov_checked' => $A['valid_formats'] & MG_MOV ? ' checked="checked"' : '', 'mp4_checked' => $A['valid_formats'] & MG_MP4 ? ' checked="checked"' : '', 'mpg_checked' => $A['valid_formats'] & MG_MPG ? ' checked="checked"' : '', 'zip_checked' => $A['valid_formats'] & MG_ZIP ? ' checked="checked"' : '', 'flv_checked' => $A['valid_formats'] & MG_FLV ? ' checked="checked"' : '', 'rflv_checked' => $A['valid_formats'] & MG_RFLV ? ' checked="checked"' : '', 'emb_checked' => $A['valid_formats'] & MG_EMB ? ' checked="checked"' : '', 'other_checked' => $A['valid_formats'] & MG_OTHER ? ' checked="checked"' : '', 'lang_jpg' => $LANG_MG01['jpg'], 'lang_png' => $LANG_MG01['png'], 'lang_tif' => $LANG_MG01['tif'], 'lang_gif' => $LANG_MG01['gif'], 'lang_bmp' => $LANG_MG01['bmp'], 'lang_tga' => $LANG_MG01['tga'], 'lang_psd' => $LANG_MG01['psd'], 'lang_mp3' => $LANG_MG01['mp3'], 'lang_ogg' => $LANG_MG01['ogg'], 'lang_asf' => $LANG_MG01['asf'], 'lang_swf' => $LANG_MG01['swf'], 'lang_mov' => $LANG_MG01['mov'], 'lang_mp4' => $LANG_MG01['mp4'], 'lang_mpg' => $LANG_MG01['mpg'], 'lang_zip' => $LANG_MG01['zip'], 'lang_flv' => $LANG_MG01['flv'], 'lang_rflv' => $LANG_MG01['rflv'], 'lang_emb' => $LANG_MG01['emb'], 'lang_other' => $LANG_MG01['other'], 'lang_allowed_formats' => $LANG_MG01['allowed_media_formats'], 'lang_image' => $LANG_MG01['image'], 'lang_audio' => $LANG_MG01['audio'], 'lang_video' => $LANG_MG01['video']));
        $T->parse('valid_formats', 'admin_formats');
    }
    $r = rand();
    if ($A['tn_attached']) {
        $media_size = false;
        foreach ($_MG_CONF['validExtensions'] as $ext) {
            if (file_exists($_MG_CONF['path_mediaobjects'] . 'covers/cover_' . $A['album_id'] . $ext)) {
                $album_last_image = $_MG_CONF['mediaobjects_url'] . '/covers/cover_' . $A['album_id'] . $ext;
                $media_size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'covers/cover_' . $A['album_id'] . $ext);
                if ($media_size != false) {
                    $T->set_var('thumbnail', '<img src="' . $_MG_CONF['mediaobjects_url'] . '/covers/cover_' . $A['album_id'] . $ext . '?r=' . $r . '" alt=""/>');
                }
                break;
            }
        }
        //        $T->set_var('thumbnail','<img src="' . $_MG_CONF['mediaobjects_url'] . '/covers/cover_' . $A['album_id'] . '.jpg?r=' . $r . '" alt="">');
    }
    $filename_title_select = '<input type="checkbox" name="filename_title" value="1" ' . ($A['filename_title'] ? ' checked="checked"' : '') . '/>';
    // watermark stuff...
    $wm_auto_select = '<input type="checkbox" name="wm_auto" value="1" ' . ($A['wm_auto'] ? ' checked="checked"' : '') . '/>';
    $wm_opacity_select = '<select name="wm_opacity">';
    $wm_opacity_select .= '<option value="10"' . ($A['opacity'] == 10 ? 'selected="selected"' : '') . '>10%</option>';
    $wm_opacity_select .= '<option value="20"' . ($A['opacity'] == 20 ? 'selected="selected"' : '') . '>20%</option>';
    $wm_opacity_select .= '<option value="30"' . ($A['opacity'] == 30 ? 'selected="selected"' : '') . '>30%</option>';
    $wm_opacity_select .= '<option value="40"' . ($A['opacity'] == 40 ? 'selected="selected"' : '') . '>40%</option>';
    $wm_opacity_select .= '<option value="50"' . ($A['opacity'] == 50 ? 'selected="selected"' : '') . '>50%</option>';
    $wm_opacity_select .= '<option value="60"' . ($A['opacity'] == 60 ? 'selected="selected"' : '') . '>60%</option>';
    $wm_opacity_select .= '<option value="70"' . ($A['opacity'] == 70 ? 'selected="selected"' : '') . '>70%</option>';
    $wm_opacity_select .= '<option value="80"' . ($A['opacity'] == 80 ? 'selected="selected"' : '') . '>80%</option>';
    $wm_opacity_select .= '<option value="90"' . ($A['opacity'] == 90 ? 'selected="selected"' : '') . '>90%</option>';
    $wm_opacity_select .= '</select>';
    $wm_location_select = '<select name="wm_location">';
    $wm_location_select .= '<option value="1"' . ($A['wm_location'] == 1 ? 'selected="selected"' : '') . '>' . $LANG_MG01['top_left'] . '</option>';
    $wm_location_select .= '<option value="2"' . ($A['wm_location'] == 2 ? 'selected="selected"' : '') . '>' . $LANG_MG01['top_center'] . '</option>';
    $wm_location_select .= '<option value="3"' . ($A['wm_location'] == 3 ? 'selected="selected"' : '') . '>' . $LANG_MG01['top_right'] . '</option>';
    $wm_location_select .= '<option value="4"' . ($A['wm_location'] == 4 ? 'selected="selected"' : '') . '>' . $LANG_MG01['middle_left'] . '</option>';
    $wm_location_select .= '<option value="5"' . ($A['wm_location'] == 5 ? 'selected="selected"' : '') . '>' . $LANG_MG01['middle_center'] . '</option>';
    $wm_location_select .= '<option value="6"' . ($A['wm_location'] == 6 ? 'selected="selected"' : '') . '>' . $LANG_MG01['middle_right'] . '</option>';
    $wm_location_select .= '<option value="7"' . ($A['wm_location'] == 7 ? 'selected="selected"' : '') . '>' . $LANG_MG01['bottom_left'] . '</option>';
    $wm_location_select .= '<option value="8"' . ($A['wm_location'] == 8 ? 'selected="selected"' : '') . '>' . $LANG_MG01['bottom_center'] . '</option>';
    $wm_location_select .= '<option value="9"' . ($A['wm_location'] == 9 ? 'selected="selected"' : '') . '>' . $LANG_MG01['bottom_right'] . '</option>';
    $wm_location_select .= '</select>';
    // now select what watermarks we have permission to use...
    $whereClause = " WHERE wm_id<>0 AND ";
    if (SEC_hasRights('mediagallery.admin')) {
        $whereClause .= "1=1";
    } else {
        $whereClause .= "(owner_id=" . $_USER['uid'] . " OR owner_id=0)";
    }
    $sql = "SELECT * FROM {$_TABLES['mg_watermarks']} " . $whereClause . " ORDER BY owner_id";
    $result = DB_query($sql);
    $nRows = DB_numRows($result);
    $wm_select = '<select name="wm_id"  onchange="change(this)">';
    $wm_select .= '<option value="blank.png">' . $LANG_MG01['no_watermark'] . '</option>';
    $wm_current = '<img src="' . $_MG_CONF['site_url'] . '/watermarks/blank.png" name="myImage" alt=""/>';
    for ($i = 0; $i < $nRows; $i++) {
        $row = DB_fetchArray($result);
        $wm_select .= '<option value="' . $row['filename'] . '"' . ($A['wm_id'] == $row['wm_id'] ? 'selected="selected"' : '') . '>' . $row['filename'] . '</option>';
        if ($A['wm_id'] == $row['wm_id']) {
            $wm_current = '<img src="' . $_MG_CONF['site_url'] . '/watermarks/' . $row['filename'] . '" name="myImage" alt=""/>';
        }
    }
    $wm_select .= '</select>';
    $frames = new mgFrame();
    $skins = array();
    $skins = $frames->getFrames();
    $skin_select = '<select name="skin">';
    $askin_select = '<select name="askin">';
    $dskin_select = '<select name="dskin">';
    for ($i = 0; $i < count($skins); $i++) {
        $skin_select .= '<option value="' . $skins[$i]['dir'] . '"' . ($A['image_skin'] == $skins[$i]['dir'] ? ' selected="selected" ' : '') . '>' . $skins[$i]['name'] . '</option>';
        $askin_select .= '<option value="' . $skins[$i]['dir'] . '"' . ($A['album_skin'] == $skins[$i]['dir'] ? ' selected="selected" ' : '') . '>' . $skins[$i]['name'] . '</option>';
        $dskin_select .= '<option value="' . $skins[$i]['dir'] . '"' . ($A['display_skin'] == $skins[$i]['dir'] ? ' selected="selected" ' : '') . '>' . $skins[$i]['name'] . '</option>';
    }
    $skin_select .= '</select>';
    $askin_select .= '</select>';
    $dskin_select .= '</select>';
    // permission template
    $usergroups = SEC_getUserGroups();
    $groupdd = '';
    $moddd = '';
    $groupdd .= '<select name="group_id">';
    $moddd .= '<select name="mod_id">';
    for ($i = 0; $i < count($usergroups); $i++) {
        if ($usergroups[key($usergroups)] != 2 && $usergroups[key($usergroups)] != 13) {
            $groupdd .= '<option value="' . $usergroups[key($usergroups)] . '"';
            $moddd .= '<option value="' . $usergroups[key($usergroups)] . '"';
            if ($A['group_id'] == $usergroups[key($usergroups)]) {
                $groupdd .= ' selected="selected"';
            }
            if ($A['mod_group_id'] == $usergroups[key($usergroups)]) {
                $moddd .= ' selected="selected"';
            }
            $groupdd .= '>' . key($usergroups) . '</option>';
            $moddd .= '>' . key($usergroups) . '</option>';
        }
        next($usergroups);
    }
    $groupdd .= '</select>';
    $moddd .= '</select>';
    $upload_select = '<input type="checkbox" name="uploads" value="1" ' . ($A['member_uploads'] ? ' checked="checked"' : '') . '/>';
    $moderate_select = '<input type="checkbox" name="moderate" value="1" ' . ($A['moderate'] ? ' checked="checked"' : '') . '/>';
    $child_update_select = '<input type="checkbox" name="force_child_update" value="1"/>';
    $hidden_select = '<input type="checkbox" name="hidden" value="1" ' . ($A['hidden'] ? ' checked="checked"' : '') . '/>';
    $allow_download_select = '<input type="checkbox" name="allow_download" value="1" ' . ($A['allow_download'] ? ' checked="checked"' : '') . '/>';
    if (SEC_hasRights('mediagallery.admin')) {
        $perm_editor = SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    } else {
        $perm_editor = MG_getMemberPermissionsHTML($A['perm_members'], $A['perm_anon']);
    }
    $T->set_var(array('lang_uploads' => $LANG_MG01['anonymous_uploads_prompt'], 'lang_accessrights' => $LANG_ACCESS['accessrights'], 'lang_owner' => $LANG_ACCESS['owner'], 'owner_username' => DB_getItem($_TABLES['users'], 'username', "uid={$A['owner_id']}"), 'owner_id' => $A['owner_id'], 'lang_group' => $LANG_ACCESS['group'], 'lang_permissions' => $LANG_ACCESS['permissions'], 'lang_perm_key' => $LANG_ACCESS['permissionskey'], 'lang_hidden' => $LANG_MG01['hidden'], 'permissions_msg' => $LANG_ACCESS['permmsg'], 'permissions_editor' => $perm_editor, 'origaid' => '<input type="hidden" name="origaid" value="' . $oldaid . '"/>', 'group_dropdown' => $groupdd, 'mod_dropdown' => $moddd, 'lang_member_upload' => $LANG_MG01['member_upload'], 'lang_moderate_album' => $LANG_MG01['mod_album'], 'lang_mod_group' => $LANG_MG01['moderation_group'], 'uploads' => $upload_select, 'moderate' => $moderate_select, 'hidden' => $hidden_select, 'force_child_update' => $child_update_select, 'lang_force_child_update' => $LANG_MG01['force_child_update'], 'lang_allow_download' => $LANG_MG01['allow_download'], 'owner_select' => $owner_select, 'email_mod_select' => $email_mod_select, 'lang_email_mods_on_submission' => $LANG_MG01['email_mods_on_submission']));
    if (SEC_hasRights('mediagallery.admin')) {
        $T->parse('perm_editor', 'perms_admin');
    } else {
        $T->parse('perm_editor', 'perms_member');
    }
    $T->set_var(array('action' => 'album', 'path_mg' => $_MG_CONF['site_url'], 'attach_select' => $attach_select, 'comment_select' => $comment_select, 'exif_select' => $exif_select, 'ranking_select' => $ranking_select, 'podcast_select' => $podcast_select, 'mp3ribbon_select' => $mp3ribbon_select, 'rsschildren_select' => $rsschildren_select, 'full_select' => $full_select, 'ss_select' => $ss_select, 'sf_select' => $sf_select, 'views_select' => $views_select, 'keywords_select' => $keywords_select, 'album_views_select' => $album_views_select, 'display_album_desc_select' => $display_album_desc_select, 'sort_select' => $sort_select, 'rss_select' => $rss_select, 'postcard_select' => $postcard_select, 'afirst_select' => $afirst_select, 'tn_size_select' => $tn_size_select, 'display_image_size' => $display_image_size_select, 'rows_input' => $rows_input, 'columns_input' => $columns_input, 'playback_type' => $playback_type, 'album_title' => $A['album_title'], 'album_desc' => $A['album_desc'], 'album_id' => $A['album_id'], 'parent_select' => $album_select, 'album_cover' => $A['album_cover'], 'album_owner' => $A['owner_id'], 'album_order' => $A['album_order'], 'album_cover_filename' => $A['album_cover_filename'], 'last_update' => $A['last_update'], 'media_count' => $A['media_count'], 'wm_auto_select' => $wm_auto_select, 'wm_opacity_select' => $wm_opacity_select, 'wm_location_select' => $wm_location_select, 'wm_select' => $wm_select, 'wm_current' => $wm_current, 'album_theme_select' => $album_theme_select, 'album_sort_select' => $album_sort_select, 'allow_download_select' => $allow_download_select, 'filename_title_select' => $filename_title_select, 'skin_select' => $skin_select, 'askin_select' => $askin_select, 'dskin_select' => $dskin_select, 'tnheight_input' => $tnheight_input, 'tnwidth_input' => $tnwidth_input, 'usealternate_select' => $usealternate_select, 'lang_usealternate' => $LANG_MG01['use_alternate_url'], 'lang_tnheight' => $LANG_MG01['tn_height'], 'lang_tnwidth' => $LANG_MG01['tn_width'], 'lang_save' => $LANG_MG01['save'], 'lang_edit_title' => $mode == 'create' ? $LANG_MG01['create_album'] : $LANG_MG01['edit_album'], 's_form_action' => $actionURL, 'lang_image_skin' => $LANG_MG01['image_skin'], 'lang_album_skin' => $LANG_MG01['album_skin'], 'lang_display_skin' => $LANG_MG01['display_skin'], 'lang_album_edit_help' => $LANG_MG01['album_edit_help'], 'lang_title' => $LANG_MG01['title'], 'lang_podcast' => $LANG_MG01['podcast'], 'lang_mp3ribbon' => $LANG_MG01['mp3ribbon'], 'lang_rsschildren' => $LANG_MG01['rsschildren'], 'lang_parent_album' => $LANG_MG01['parent_album'], 'lang_description' => $LANG_MG01['description'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_delete' => $LANG_MG01['delete'], 'lang_comments' => $LANG_MG01['comments_prompt'], 'lang_enable_exif' => $LANG_MG01['enable_exif'], 'lang_enable_ratings' => $LANG_MG01['enable_ratings'], 'lang_ss_enable' => $LANG_MG01['ss_enable'], 'lang_sf_enable' => $LANG_MG01['sf_enable'], 'lang_tn_size' => $LANG_MG01['tn_size'], 'lang_rows' => $LANG_MG01['rows'], 'lang_columns' => $LANG_MG01['columns'], 'lang_av_play_album' => $LANG_MG01['av_play_album'], 'lang_av_play_options' => $LANG_MG01['av_play_options'], 'lang_attached_thumbnail' => $LANG_MG01['attached_thumbnail'], 'lang_thumbnail' => $LANG_MG01['thumbnail'], 'lang_album_attributes' => $LANG_MG01['album_attributes'], 'lang_album_cover' => $LANG_MG01['album_cover'], 'lang_enable_views' => $LANG_MG01['enable_views'], 'lang_enable_keywords' => $LANG_MG01['enable_keywords'], 'lang_enable_album_views' => $LANG_MG01['enable_album_views'], 'lang_enable_sort' => $LANG_MG01['enable_sort'], 'lang_enable_rss' => $LANG_MG01['enable_rss'], 'lang_enable_postcard' => $LANG_MG01['enable_postcard'], 'lang_albums_first' => $LANG_MG01['albums_first'], 'lang_full_display' => $LANG_MG01['full_display'], 'lang_display_image_size' => $LANG_MG01['display_image_size'], 'lang_album_sort' => $LANG_MG01['default_album_sort'], 'lang_watermark' => $LANG_MG01['watermark'], 'lang_wm_auto' => $LANG_MG01['watermark_auto'], 'lang_wm_opacity' => $LANG_MG01['watermark_opacity'], 'lang_wm_location' => $LANG_MG01['watermark_location'], 'lang_wm_id' => $LANG_MG01['watermark_image'], 'lang_unlimited' => $LANG_MG01['zero_unlimited'], 'lang_display_album_desc' => $LANG_MG01['display_album_desc'], 'lang_filename_title' => $LANG_MG01['filename_title'], 'lang_media_attributes' => $LANG_MG01['media_attributes'], 'lang_theme_select' => $LANG_MG01['album_theme']));
    if ($_MG_CONF['htmlallowed'] == 1) {
        $T->set_var('allowed_html', COM_allowedHTML(SEC_getUserPermissions(), false, 'mediagallery', 'album_title'));
    }
    $T->parse('output', 'admin');
    $retval .= $T->finish($T->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Example #16
0
 /**
  * Shows search form
  *
  * Shows advanced search page
  *
  * @author Tony Bibbs <tony AT geeklog DOT net>
  * @access public
  * @return string HTML output for form
  *
  */
 function showForm()
 {
     global $_CONF, $_TABLES, $_PLUGINS, $LANG09;
     $retval = '';
     // Verify current user my use the search form
     if (!$this->_isFormAllowed()) {
         return $this->_getAccessDeniedMessage();
     }
     $searchform = new Template($_CONF['path_layout'] . 'search');
     $searchform->set_file(array('searchform' => 'searchform.thtml', 'authors' => 'searchauthors.thtml'));
     $searchform->set_var('search_intro', $LANG09[19]);
     $searchform->set_var('site_url', $_CONF['site_url']);
     $searchform->set_var('site_admin_url', $_CONF['site_admin_url']);
     $searchform->set_var('layout_url', $_CONF['layout_url']);
     $searchform->set_var('lang_keywords', $LANG09[2]);
     $searchform->set_var('lang_date', $LANG09[20]);
     $searchform->set_var('lang_to', $LANG09[21]);
     $searchform->set_var('date_format', $LANG09[22]);
     $searchform->set_var('lang_topic', $LANG09[3]);
     $searchform->set_var('lang_all', $LANG09[4]);
     $searchform->set_var('topic_option_list', COM_topicList('tid,topic', $this->_topic));
     $searchform->set_var('lang_type', $LANG09[5]);
     $searchform->set_var('lang_results', $LANG09[59]);
     $searchform->set_var('lang_per_page', $LANG09[60]);
     $searchform->set_var('lang_exact_phrase', $LANG09[43]);
     $searchform->set_var('lang_all_words', $LANG09[44]);
     $searchform->set_var('lang_any_word', $LANG09[45]);
     $searchform->set_var('query', htmlspecialchars($this->_query));
     $searchform->set_var('datestart', $this->_dateStart);
     $searchform->set_var('dateend', $this->_dateEnd);
     $phrase_selected = '';
     $all_selected = '';
     $any_selected = '';
     if ($this->_keyType == 'phrase') {
         $phrase_selected = 'selected="selected"';
     } else {
         if ($this->_keyType == 'all') {
             $all_selected = 'selected="selected"';
         } else {
             if ($this->_keyType == 'any') {
                 $any_selected = 'selected="selected"';
             }
         }
     }
     $searchform->set_var('key_phrase_selected', $phrase_selected);
     $searchform->set_var('key_all_selected', $all_selected);
     $searchform->set_var('key_any_selected', $any_selected);
     $options = '';
     $plugintypes = array('all' => $LANG09[4], 'stories' => $LANG09[6], 'comments' => $LANG09[7]);
     $plugintypes = array_merge($plugintypes, PLG_getSearchTypes());
     foreach ($plugintypes as $key => $val) {
         $options .= "<option value=\"{$key}\"";
         if ($this->_type == $key) {
             $options .= ' selected="selected"';
         }
         $options .= ">{$val}</option>" . LB;
     }
     $plugin_types_option = $options;
     $searchform->set_var('plugin_types', $options);
     if ($_CONF['contributedbyline'] == 1) {
         $searchform->set_var('lang_authors', $LANG09[8]);
         $searchusers = array();
         $result = DB_query("SELECT DISTINCT uid FROM {$_TABLES['comments']}");
         while ($A = DB_fetchArray($result)) {
             $searchusers[$A['uid']] = $A['uid'];
         }
         $result = DB_query("SELECT DISTINCT uid FROM {$_TABLES['stories']} WHERE (date <= NOW()) AND (draft_flag = 0)");
         while ($A = DB_fetchArray($result)) {
             $searchusers[$A['uid']] = $A['uid'];
         }
         if (in_array('forum', $_PLUGINS)) {
             $result = DB_query("SELECT DISTINCT uid FROM {$_TABLES['ff_topic']}");
             while ($A = DB_fetchArray($result)) {
                 $searchusers[$A['uid']] = $A['uid'];
             }
         }
         $inlist = implode(',', $searchusers);
         if (!empty($inlist)) {
             $sql = "SELECT uid,username,fullname FROM {$_TABLES['users']} WHERE uid IN ({$inlist})";
             if (isset($_CONF['show_fullname']) && $_CONF['show_fullname'] == 1) {
                 /* Caveat: This will group all users with an emtpy fullname
                  *         together, so it's not exactly sorted by their
                  *         full name ...
                  */
                 $sql .= ' ORDER BY fullname,username';
             } else {
                 $sql .= ' ORDER BY username';
             }
             $result = DB_query($sql);
             $options = '';
             $options .= '<option value="all">' . $LANG09[4] . '</option>' . LB;
             while ($A = DB_fetchArray($result)) {
                 $options .= '<option value="' . $A['uid'] . '"';
                 if ($A['uid'] == $this->_author) {
                     $options .= ' selected="selected"';
                 }
                 $options .= '>' . htmlspecialchars(COM_getDisplayName($A['uid'], $A['username'], $A['fullname'])) . '</option>';
             }
             $searchform->set_var('author_option_list', $options);
             $searchform->parse('author_form_element', 'authors', true);
         } else {
             $searchform->set_var('author_form_element', '<input type="hidden" name="author" value="0"' . XHTML . '>');
         }
     } else {
         $searchform->set_var('author_form_element', '<input type="hidden" name="author" value="0"' . XHTML . '>');
     }
     $searchTimeOptions = array('0' => $LANG09[4], '1' => $LANG09[75], '7' => $LANG09[76], '14' => $LANG09[77], '30' => $LANG09[78], '90' => $LANG09[79], '180' => $LANG09[80], '365' => $LANG09[81]);
     // search time frame
     $options = '';
     foreach ($searchTimeOptions as $days => $prompt) {
         $options .= '<option value="' . $days . '"';
         if ($this->_searchDays == $days) {
             $options .= ' selected="selected"';
         }
         $options .= '>' . $prompt . '</option>' . LB;
     }
     $date_option = $options;
     $searchform->set_var('search_time', $options);
     // Results per page
     $options = '';
     $limits = explode(',', $_CONF['search_limits']);
     foreach ($limits as $limit) {
         $options .= "<option value=\"{$limit}\"";
         if ($this->_results == $limit) {
             $options .= ' selected="selected"';
         }
         $options .= ">{$limit}</option>" . LB;
     }
     $search_limit_option = $options;
     $searchform->set_var('search_limits', $options);
     $searchform->set_var('lang_search', $LANG09[10]);
     $searchform->parse('output', 'searchform');
     $retval .= $searchform->finish($searchform->get_var('output'));
     return $retval;
 }
Example #17
0
/**
* Displays the static page editor form
*
* @param    array   $A  Data to display
* @return   string      HTML for the static page editor
*
*/
function staticpageeditor_form($A, $error = false)
{
    global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $mode, $sp_id, $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG01, $LANG24, $LANG_postmodes, $MESSAGE, $_IMAGE_TYPE, $_SCRIPTS;
    $template_path = staticpages_templatePath('admin');
    if (!empty($sp_id) && $mode == 'edit') {
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    } else {
        if ($mode != 'clone') {
            $A['sp_inblock'] = $_SP_CONF['in_block'];
        }
        $A['owner_id'] = $_USER['uid'];
        if (isset($_GROUPS['Static Page Admin'])) {
            $A['group_id'] = $_GROUPS['Static Page Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('staticpages.edit');
        }
        SEC_setDefaultPermissions($A, $_SP_CONF['default_permissions']);
        $access = 3;
        if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
            $A['advanced_editor_mode'] = 1;
        }
    }
    $retval = '';
    $sp_template = COM_newTemplate($template_path);
    if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
        $sp_template->set_file('form', 'editor_advanced.thtml');
        // Shouldn't really have to check if anonymous user but who knows...
        if (COM_isAnonUser()) {
            $link_message = "";
        } else {
            $link_message = $LANG01[138];
        }
        $sp_template->set_var('noscript', COM_getNoScript(false, '', $link_message));
        // Add JavaScript
        $js = 'geeklogEditorBasePath = "' . $_CONF['site_url'] . '/fckeditor/";';
        // Hide the Advanced Editor as Javascript is required. If JS is enabled then the JS below will un-hide it
        $js .= 'document.getElementById("advanced_editor").style.display="";';
        $_SCRIPTS->setJavaScript($js, true);
        $_SCRIPTS->setJavaScriptFile('staticpages_fckeditor', '/javascript/staticpages_fckeditor.js');
        $sp_template->set_var('lang_expandhelp', $LANG24[67]);
        $sp_template->set_var('lang_reducehelp', $LANG24[68]);
        $sp_template->set_var('lang_toolbar', $LANG24[70]);
        $sp_template->set_var('toolbar1', $LANG24[71]);
        $sp_template->set_var('toolbar2', $LANG24[72]);
        $sp_template->set_var('toolbar3', $LANG24[73]);
        $sp_template->set_var('toolbar4', $LANG24[74]);
        $sp_template->set_var('toolbar5', $LANG24[75]);
        $sp_template->set_var('lang_nojavascript', $LANG24[77]);
        $sp_template->set_var('lang_postmode', $LANG24[4]);
        if (isset($A['postmode']) && $A['postmode'] == 'adveditor') {
            $sp_template->set_var('show_adveditor', '');
            $sp_template->set_var('show_htmleditor', 'none');
        } else {
            $sp_template->set_var('show_adveditor', 'none');
            $sp_template->set_var('show_htmleditor', '');
        }
        $post_options = '<option value="html" selected="selected">' . $LANG_postmodes['html'] . '</option>';
        if (isset($A['postmode']) && $A['postmode'] == 'adveditor') {
            $post_options .= '<option value="adveditor" selected="selected">' . $LANG24[86] . '</option>';
        } else {
            $post_options .= '<option value="adveditor">' . $LANG24[86] . '</option>';
        }
        $sp_template->set_var('post_options', $post_options);
        $sp_template->set_var('change_editormode', 'onchange="change_editmode(this);"');
    } else {
        $sp_template->set_file('form', 'editor.thtml');
    }
    $sp_template->set_var('lang_mode', $LANG24[3]);
    $sp_template->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $A['commentcode']));
    $sp_template->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $sp_template->set_var('lang_owner', $LANG_ACCESS['owner']);
    $owner_name = COM_getDisplayName($A['owner_id']);
    $owner_username = DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}");
    $sp_template->set_var('owner_id', $A['owner_id']);
    $sp_template->set_var('owner', $owner_name);
    $sp_template->set_var('owner_name', $owner_name);
    $sp_template->set_var('owner_username', $owner_username);
    if ($A['owner_id'] > 1) {
        $profile_link = $_CONF['site_url'] . '/users.php?mode=profile&amp;uid=' . $A['owner_id'];
        $sp_template->set_var('start_owner_anchortag', '<a href="' . $profile_link . '">');
        $sp_template->set_var('end_owner_anchortag', '</a>');
        $sp_template->set_var('owner_link', COM_createLink($owner_name, $profile_link));
        $photo = '';
        if ($_CONF['allow_user_photo']) {
            $photo = DB_getItem($_TABLES['users'], 'photo', "uid = {$A['owner_id']}");
            if (!empty($photo)) {
                $camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . XHTML . '>';
                $sp_template->set_var('camera_icon', COM_createLink($camera_icon, $profile_link));
            }
        }
        if (empty($photo)) {
            $sp_template->set_var('camera_icon', '');
        }
    } else {
        $sp_template->set_var('start_owner_anchortag', '');
        $sp_template->set_var('end_owner_anchortag', '');
        $sp_template->set_var('owner_link', $owner_name);
    }
    $sp_template->set_var('lang_group', $LANG_ACCESS['group']);
    $sp_template->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $sp_template->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    $sp_template->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $sp_template->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $sp_template->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
    $sp_template->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $token = SEC_createToken();
    $start_block = COM_startBlock($LANG_STATIC['staticpageeditor'], '', COM_getBlockTemplate('_admin_block', 'header'));
    $start_block .= SEC_getTokenExpiryNotice($token);
    $sp_template->set_var('start_block_editor', $start_block);
    $sp_template->set_var('lang_save', $LANG_ADMIN['save']);
    $sp_template->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $sp_template->set_var('lang_preview', $LANG_ADMIN['preview']);
    if (SEC_hasRights('staticpages.delete') && $mode != 'clone' && !empty($A['sp_old_id'])) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $sp_template->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $sp_template->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    } else {
        $sp_template->set_var('delete_option', '');
    }
    $sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']);
    $sp_template->set_var('username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
    $authorname = COM_getDisplayName($A['owner_id']);
    $sp_template->set_var('name', $authorname);
    $sp_template->set_var('author', $authorname);
    $sp_template->set_var('lang_url', $LANG_STATIC['url']);
    $sp_template->set_var('lang_id', $LANG_STATIC['id']);
    $sp_template->set_var('sp_uid', $A['owner_id']);
    $sp_template->set_var('sp_id', $A['sp_id']);
    $sp_template->set_var('sp_old_id', $A['sp_old_id']);
    $sp_template->set_var('example_url', COM_buildURL($_CONF['site_url'] . '/staticpages/index.php?page=' . $A['sp_id']));
    $sp_template->set_var('lang_centerblock', $LANG_STATIC['centerblock']);
    $sp_template->set_var('lang_centerblock_help', $LANG_ADMIN['help_url']);
    $sp_template->set_var('lang_centerblock_include', $LANG21[51]);
    $sp_template->set_var('lang_centerblock_desc', $LANG21[52]);
    $sp_template->set_var('centerblock_help', $A['sp_help']);
    $sp_template->set_var('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']);
    if (isset($A['sp_centerblock']) && $A['sp_centerblock'] == 1) {
        $sp_template->set_var('centerblock_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('centerblock_checked', '');
    }
    $sp_template->set_var('lang_topic', $LANG_STATIC['topic']);
    $sp_template->set_var('lang_position', $LANG_STATIC['position']);
    $current_topic = '';
    if (isset($A['sp_tid'])) {
        $current_topic = $A['sp_tid'];
    }
    if (empty($current_topic)) {
        $current_topic = 'none';
    }
    $topics = COM_topicList('tid,topic', $current_topic, 1, true);
    $alltopics = '<option value="all"';
    if ($current_topic == 'all') {
        $alltopics .= ' selected="selected"';
    }
    $alltopics .= '>' . $LANG_STATIC['all_topics'] . '</option>' . LB;
    $notopic = '<option value="none"';
    if ($current_topic == 'none') {
        $notopic .= ' selected="selected"';
    }
    $notopic .= '>' . $LANG_STATIC['no_topic'] . '</option>' . LB;
    $sp_template->set_var('topic_selection', '<select name="sp_tid">' . $alltopics . $notopic . $topics . '</select>');
    $position = '<select name="sp_where">';
    $position .= '<option value="1"';
    if ($A['sp_where'] == 1) {
        $position .= ' selected="selected"';
    }
    $position .= '>' . $LANG_STATIC['position_top'] . '</option>';
    $position .= '<option value="2"';
    if ($A['sp_where'] == 2) {
        $position .= ' selected="selected"';
    }
    $position .= '>' . $LANG_STATIC['position_feat'] . '</option>';
    $position .= '<option value="3"';
    if ($A['sp_where'] == 3) {
        $position .= ' selected="selected"';
    }
    $position .= '>' . $LANG_STATIC['position_bottom'] . '</option>';
    $position .= '<option value="0"';
    if ($A['sp_where'] == 0) {
        $position .= ' selected="selected"';
    }
    $position .= '>' . $LANG_STATIC['position_entire'] . '</option>';
    $position .= '</select>';
    $sp_template->set_var('pos_selection', $position);
    if ($_SP_CONF['allow_php'] == 1 && SEC_hasRights('staticpages.PHP')) {
        if (!isset($A['sp_php'])) {
            $A['sp_php'] = 0;
        }
        $selection = '<select name="sp_php">' . LB;
        $selection .= '<option value="0"';
        if ($A['sp_php'] <= 0 || $A['sp_php'] > 2) {
            $selection .= ' selected="selected"';
        }
        $selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB;
        $selection .= '<option value="1"';
        if ($A['sp_php'] == 1) {
            $selection .= ' selected="selected"';
        }
        $selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB;
        $selection .= '<option value="2"';
        if ($A['sp_php'] == 2) {
            $selection .= ' selected="selected"';
        }
        $selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB;
        $selection .= '</select>';
        $sp_template->set_var('php_selector', $selection);
        $sp_template->set_var('php_warn', $LANG_STATIC['php_warn']);
    } else {
        $sp_template->set_var('php_selector', '');
        $sp_template->set_var('php_warn', $LANG_STATIC['php_not_activated']);
    }
    $sp_template->set_var('php_msg', $LANG_STATIC['php_msg']);
    // old variables (for the 1.3-type checkbox)
    $sp_template->set_var('php_checked', '');
    $sp_template->set_var('php_type', 'hidden');
    if (isset($A['sp_nf']) && $A['sp_nf'] == 1) {
        $sp_template->set_var('exit_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('exit_checked', '');
    }
    $sp_template->set_var('exit_msg', $LANG_STATIC['exit_msg']);
    $sp_template->set_var('exit_info', $LANG_STATIC['exit_info']);
    if ($A['sp_inblock'] == 1) {
        $sp_template->set_var('inblock_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('inblock_checked', '');
    }
    $sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']);
    $sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']);
    if ($A['draft_flag'] == 1) {
        $sp_template->set_var('draft_flag_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('draft_flag_checked', '');
    }
    $sp_template->set_var('lang_draft', $LANG_STATIC['draft']);
    $curtime = COM_getUserDateTimeFormat($A['unixdate']);
    $sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']);
    $sp_template->set_var('sp_formateddate', $curtime[0]);
    $sp_template->set_var('sp_date', $curtime[1]);
    $sp_template->set_var('lang_title', $LANG_STATIC['title']);
    $sp_template->set_var('lang_page_title', $LANG_STATIC['page_title']);
    $title = '';
    $page_title = '';
    if (isset($A['sp_title'])) {
        $title = htmlspecialchars(stripslashes($A['sp_title']));
    }
    if (isset($A['sp_page_title'])) {
        $page_title = htmlspecialchars(stripslashes($A['sp_page_title']));
    }
    $sp_template->set_var('sp_title', $title);
    $sp_template->set_var('sp_page_title', $page_title);
    $sp_template->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
    $sp_template->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
    if (!empty($A['meta_description'])) {
        $sp_template->set_var('meta_description', $A['meta_description']);
    }
    if (!empty($A['meta_keywords'])) {
        $sp_template->set_var('meta_keywords', $A['meta_keywords']);
    }
    if ($_CONF['meta_tags'] > 0 && $_SP_CONF['meta_tags'] > 0) {
        $sp_template->set_var('hide_meta', '');
    } else {
        $sp_template->set_var('hide_meta', ' style="display:none;"');
    }
    if ($A['template_flag'] == 1) {
        $sp_template->set_var('template_flag_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('template_flag_checked', '');
    }
    $sp_template->set_var('lang_template', $LANG_STATIC['template']);
    $sp_template->set_var('lang_template_flag_msg', $LANG_STATIC['template_msg']);
    $template_list = templatelist($A['template_id']);
    $template_none = '<option value=""';
    if ($A['template_id'] == "") {
        $template_none .= ' selected="selected"';
    }
    $template_none .= '>' . $LANG_STATIC['none'] . '</option>';
    $sp_template->set_var('use_template_selection', '<select name="template_id">' . $template_none . $template_list . '</select>');
    $sp_template->set_var('lang_use_template', $LANG_STATIC['use_template']);
    $sp_template->set_var('lang_use_template_msg', $LANG_STATIC['use_template_msg']);
    $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']);
    if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) {
        $sp_template->set_var('onmenu_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('onmenu_checked', '');
    }
    $sp_template->set_var('lang_label', $LANG_STATIC['label']);
    if (isset($A['sp_label'])) {
        $sp_template->set_var('sp_label', $A['sp_label']);
    } else {
        $sp_template->set_var('sp_label', '');
    }
    $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']);
    $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']);
    $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']);
    $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']);
    $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']);
    if (!isset($A['sp_format'])) {
        $A['sp_format'] = '';
    }
    if ($A['sp_format'] == 'noblocks') {
        $sp_template->set_var('noblock_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('noblock_selected', '');
    }
    if ($A['sp_format'] == 'leftblocks') {
        $sp_template->set_var('leftblocks_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('leftblocks_selected', '');
    }
    if ($A['sp_format'] == 'blankpage') {
        $sp_template->set_var('blankpage_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('blankpage_selected', '');
    }
    if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) {
        $sp_template->set_var('allblocks_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('allblocks_selected', '');
    }
    $sp_template->set_var('lang_content', $LANG_STATIC['content']);
    $content = '';
    if (isset($A['sp_content'])) {
        $content = htmlspecialchars(stripslashes($A['sp_content']));
        $content = str_replace(array('{', '}'), array('&#123;', '&#125;'), $content);
    }
    $sp_template->set_var('sp_content', $content);
    $allowed = COM_allowedHTML('staticpages.edit', false, $_SP_CONF['filter_html']);
    $sp_template->set_var('lang_allowedhtml', $allowed);
    $sp_template->set_var('lang_allowed_html', $allowed);
    $sp_template->set_var('lang_hits', $LANG_STATIC['hits']);
    if (empty($A['sp_hits'])) {
        $sp_template->set_var('sp_hits', '0');
        $sp_template->set_var('sp_hits_formatted', '0');
    } else {
        $sp_template->set_var('sp_hits', $A['sp_hits']);
        $sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits']));
    }
    $sp_template->set_var('lang_comments', $LANG_STATIC['comments']);
    if ($A['commentcode'] == -1) {
        $sp_template->set_var('sp_comments', $LANG_ADMIN['na']);
    } else {
        $num_comments = DB_count($_TABLES['comments'], array('sid', 'type'), array(addslashes($A['sp_id']), 'staticpages'));
        $sp_template->set_var('sp_comments', COM_numberFormat($num_comments));
    }
    $sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    $sp_template->set_var('gltoken_name', CSRF_TOKEN);
    $sp_template->set_var('gltoken', $token);
    $sp_template->parse('output', 'form');
    $retval .= $sp_template->finish($sp_template->get_var('output'));
    return $retval;
}