function SetCommonLoginStatus(&$tpl, $paramArray = array())
{
$toolbar_tpl = new HTML_Template_IT("./");
$toolbar_tpl->loadTemplatefile("common_loginstatus.tpl.html", true, true);
// parse the section depending on the current state of the user
if (!IsLogged()) {
// not logged, calculate return page
$returnPage = $_SERVER['PHP_SELF'];
$getCount = count($_GET);
if ($getCount > 0) {
$returnPage .= "?";
$i = 0;
foreach (array_keys($_GET) as $getParam) {
$returnPage .= $getParam . "=" . $_GET[$getParam];
if ($i < $getCount - 1) {
$returnPage .= "&";
}
$i++;
}
}
$toolbar_tpl->setCurrentBlock("not_logged");
$toolbar_tpl->setVariable("RETURN_PAGE", urlencode($returnPage));
$toolbar_tpl->parseCurrentBlock("not_logged");
} else {
if (array_key_exists("ItemId", $paramArray)) {
$projectId = GetProjectIdForItem($paramArray["ItemId"]);
} elseif (array_key_exists("UnitId", $paramArray)) {
$projectId = GetProjectIdForUnit($paramArray["UnitId"]);
} elseif (array_key_exists("ProjectId", $paramArray)) {
$projectId = $paramArray["ProjectId"];
} else {
$projectId = "";
}
if ($projectId == "") {
// no project Id, we simply indicate the logged in state
$toolbar_tpl->setCurrentBlock("logged");
$toolbar_tpl->setVariable("USERNAME", GetLoggedUserName());
$toolbar_tpl->parseCurrentBlock("logged");
} else {
if (!IsWriter($projectId)) {
// no write access to project
$toolbar_tpl->setCurrentBlock("not_allowed");
$toolbar_tpl->setVariable("USERNAME", GetLoggedUserName());
$toolbar_tpl->parseCurrentBlock("not_allowed");
} else {
// full write access
$toolbar_tpl->setCurrentBlock("logged_and_write");
$toolbar_tpl->setVariable("USERNAME", GetLoggedUserName());
$toolbar_tpl->parseCurrentBlock("logged_and_write");
}
}
}
$tpl->setVariable("COMMON_LOGIN_STATUS", $toolbar_tpl->get());
}
$tpl = new HTML_Template_IT("./");
$tpl->loadTemplatefile("submit_item.tpl.html", true, true);
SetCommonLoginStatus($tpl);
SetCommonToolbar($tpl);
SetCommonFooter($tpl);
// setup the "Back" link
if (array_key_exists("item_id", $_POST) && $_POST["item_id"] != "") {
$tpl->setCurrentBlock("back_item");
$tpl->setVariable("ITEM_ID", $_POST["item_id"]);
$tpl->parseCurrentBlock("back_item");
$projectId = GetProjectIdForItem($_POST["item_id"]);
} else {
$tpl->setCurrentBlock("back_unit");
$tpl->setVariable("UNIT_ID", $_POST["unit_id"]);
$tpl->parseCurrentBlock("back_unit");
$projectId = GetProjectIdForUnit($_POST["unit_id"]);
}
$isLogged = IsLogged();
// If user is logged in and had write access, we directly update the database
if ($isLogged && IsWriter($projectId)) {
$_POST["description"] = str_replace("\\\\", "\\", $_POST["description"]);
// if we have an item_id, we update, else we add
if (array_key_exists("item_id", $_POST) && $_POST["item_id"] != "") {
$msg = ModifyItem($_POST["item_id"], $_POST["name"], $_POST["summary"], $_POST["description"], $_POST["return_value"], $_POST["see_also_list"], $_POST["parameters"], $_POST["extras"], $_POST["jvcl_info"], GetLoggedUserId());
} else {
$msg = AddItem($_POST["unit_id"], $_POST["name"], $_POST["summary"], $_POST["description"], $_POST["return_value"], $_POST["see_also_list"], $_POST["parameters"], $_POST["extras"], $_POST["jvcl_info"], GetLoggedUserId());
}
if (is_string($msg) && $msg != "") {
$msg = "Error while submitting the Item: " . $msg;
} else {
$msg = "Item added/updated successfuly";
} else {
$itemId = "";
}
if (is_numeric($itemId)) {
$itemInfos = GetSubmittedItemInfos($_GET["Id"]);
if (is_string($itemInfos)) {
echo $itemInfos;
exit;
}
$unitInfos = GetUnitInfos($itemInfos["UnitId"]);
$originalItemId = $itemInfos["ItemId"];
} else {
echo "Error, the Id of the item MUST be indicated.";
exit;
}
$projectId = GetProjectIdForUnit($unitInfos["Id"]);
if (!LoggedUserHasAccessToProject($projectId)) {
die(GetNoAccessToProjectPage($projectId));
}
$tpl = new HTML_Template_IT("./");
$tpl->loadTemplatefile("admin_review_submitted_item.tpl.html", true, true);
SetCommonLoginStatus($tpl);
SetAdminToolbar($tpl);
SetCommonFooter($tpl);
$tpl->setVariable("ITEM_ID", $itemId);
$tpl->setVariable("UNIT_ID", $itemInfos["UnitId"]);
$tpl->setVariable("ITEM_NAME", $itemInfos["Name"]);
$baseclass = trim(substr($itemInfos["Name"], 0, strpos($itemInfos["Name"], ".")));
// Assign data to the various variables
$tpl->setVariable("SUMMARY", EncodeString(UnescapeCharsFromMySQL($itemInfos["Summary"])));
$tpl->setVariable("PARAMETERS", UnescapeCharsFromMySQL($itemInfos["Parameters"]));
$msg .= "<br>";
}
// delete the accepted item only if there were no errors
if ($msg == "") {
$msg .= DeleteSubmittedItem($_POST["item_id"]);
}
if ($msg == "") {
$msg = "Item accepted successfuly";
} else {
$msg = "Error while accepting item: " . $msg;
}
} elseif ($action == "reject") {
if (array_key_exists("items", $_POST) && is_array($_POST["items"])) {
foreach ($_POST["items"] as $item) {
$subItemInfos = GetSubmittedItemInfos($item);
$projectId = GetProjectIdForUnit($subItemInfos["UnitId"]);
if (!LoggedUserHasAccessToProject($projectId)) {
$projectInfos = GetProjectInfos($projectId);
$error = "You do not have access to project '" . $projectInfos["Name"] . "'";
} else {
$error = DeleteSubmittedItem($item);
}
if ($error != "") {
if ($msg != "") {
$msg .= "<br>";
}
$msg .= $error;
}
}
if ($msg == "") {
$msg = "Rejection successful";
