function rss_theme_options_configure_overrides($theme, $media, $config_items)
{
$action = null;
if (isset($_REQUEST[CST_ADMIN_METAACTION])) {
$action = $_REQUEST[CST_ADMIN_METAACTION];
} else {
if (isset($_REQUEST['action'])) {
$action = $_REQUEST['action'];
}
}
if (isset($_REQUEST['mediaparam']) && $media === sanitize($_REQUEST['mediaparam'], RSS_SANITIZER_CHARACTERS)) {
if (array_key_exists(CST_ADMIN_CONFIRMED, $_POST) && $_POST[CST_ADMIN_CONFIRMED] == __('Yes')) {
if (!array_key_exists('key', $_REQUEST)) {
rss_error('Invalid config key specified.', RSS_ERROR_ERROR, true);
} else {
$key = sanitize($_REQUEST['key'], RSS_SANITIZER_NO_SPACES | RSS_SANITIZER_SIMPLE_SQL);
rss_theme_delete_config_override_option($key, $theme, $media);
}
$action = null;
//redirect to our theme's admin page
} else {
if (rss_theme_options_is_submit()) {
switch ($action) {
case __('Submit Changes'):
case 'ACT_ADMIN_SUBMIT_CHANGES':
if (!array_key_exists('key', $_REQUEST)) {
rss_error('Invalid config key specified.', RSS_ERROR_ERROR, true);
break;
}
if (!array_key_exists('type', $_REQUEST)) {
rss_error('Invalid config type specified.', RSS_ERROR_ERROR, true);
break;
}
if (!array_key_exists('value', $_REQUEST)) {
rss_error('Invalid config value specified.', RSS_ERROR_ERROR, true);
break;
}
$key = sanitize($_REQUEST['key'], RSS_SANITIZER_NO_SPACES | RSS_SANITIZER_SIMPLE_SQL);
$type = sanitize($_POST['type'], RSS_SANITIZER_CHARACTERS);
$value = sanitize($_POST['value'], RSS_SANITIZER_SIMPLE_SQL);
if ($type == 'enum') {
$item = theme_options_fill_override_array($theme, $media, $config_items, $key);
if (count($item)) {
$arr = explode(',', $item['default_']);
$idx = array_pop($arr);
$newkey = -1;
foreach ($arr as $i => $val) {
if ($val == $value) {
$newkey = $i;
}
}
reset($arr);
if ($newkey > -1) {
array_push($arr, $newkey);
rss_theme_set_config_override_option($key, implode(',', $arr), $theme, $media);
} else {
rss_error("Oops, invalid value '{$value}' for this config key", RSS_ERROR_ERROR, true);
}
}
} else {
rss_theme_set_config_override_option($key, $value, $theme, $media);
}
break;
default:
rss_error('Invalid config action specified.', RSS_ERROR_ERROR, true);
break;
}
$action = null;
//redirect to our theme's admin page
}
}
}
switch ($action) {
case CST_ADMIN_DEFAULT_ACTION:
case 'CST_ADMIN_DEFAULT_ACTION':
if (isset($_REQUEST['mediaparam']) && $media === sanitize($_REQUEST['mediaparam'], RSS_SANITIZER_CHARACTERS)) {
if (!array_key_exists('key', $_REQUEST)) {
rss_error('Invalid config key specified.', RSS_ERROR_ERROR, true);
break;
}
$key = sanitize($_REQUEST['key'], RSS_SANITIZER_NO_SPACES | RSS_SANITIZER_SIMPLE_SQL);
$item = theme_options_fill_override_array($theme, $media, $config_items, $key);
if (count($item)) {
extract($item);
config_default_form($key_, $type_, $default_, CST_ADMIN_DOMAIN_THEME_OPTIONS);
rss_theme_options_form_class('box');
rss_theme_options_rendered_buttons(true);
}
}
break;
case CST_ADMIN_EDIT_ACTION:
case 'CST_ADMIN_EDIT_ACTION':
if (isset($_REQUEST['mediaparam']) && $media === sanitize($_REQUEST['mediaparam'], RSS_SANITIZER_CHARACTERS)) {
if (!array_key_exists('key', $_REQUEST)) {
rss_error('Invalid config key specified.', RSS_ERROR_ERROR, true);
break;
}
$key = sanitize($_REQUEST['key'], RSS_SANITIZER_NO_SPACES | RSS_SANITIZER_SIMPLE_SQL);
$item = theme_options_fill_override_array($theme, $media, $config_items, $key);
if (count($item)) {
extract($item);
$dummy = null;
config_edit_form($key_, $value_, $default_, $type_, $desc_, $export_, $dummy);
}
}
break;
default:
$caption = "Configuration overrides";
if (isset($media)) {
$caption .= " for {$media} media";
}
config_table_header($caption);
$cntr = 0;
$items = theme_options_fill_override_array($theme, $media, $config_items);
foreach ($items as $item) {
config_table_row($item, $cntr++ % 2 == 0 ? "even" : "odd", CST_ADMIN_DOMAIN_THEME_OPTIONS, "&theme={$theme}&mediaparam={$media}");
}
config_table_footer();
//no buttons here
rss_theme_options_rendered_buttons(true);
break;
}
}
function config_admin()
{
$ret__ = CST_ADMIN_DOMAIN_CONFIG;
if (isset($_REQUEST[CST_ADMIN_METAACTION])) {
$action = $_REQUEST[CST_ADMIN_METAACTION];
} else {
$action = $_REQUEST['action'];
}
switch ($action) {
case CST_ADMIN_DEFAULT_ACTION:
case 'CST_ADMIN_DEFAULT_ACTION':
if (!array_key_exists('key', $_REQUEST)) {
rss_error(__('Invalid config key specified.'), RSS_ERROR_ERROR, true);
break;
}
$key = sanitize($_REQUEST['key'], RSS_SANITIZER_NO_SPACES | RSS_SANITIZER_SIMPLE_SQL);
$res = rss_query("select value_,default_,type_ from " . getTable('config') . " where key_='{$key}'");
list($value, $default, $type) = rss_fetch_row($res);
$value = real_strip_slashes($value);
$default = real_strip_slashes($default);
if ($value == $default) {
rss_error(__("The value for '{$key}' is the same as its default value!"), RSS_ERROR_ERROR, true);
break;
}
if (array_key_exists(CST_ADMIN_CONFIRMED, $_POST) && $_POST[CST_ADMIN_CONFIRMED] == __('Yes')) {
rss_query("update " . getTable('config') . " set value_=default_ where key_='{$key}'");
rss_invalidate_cache();
} elseif (array_key_exists(CST_ADMIN_CONFIRMED, $_REQUEST) && $_REQUEST[CST_ADMIN_CONFIRMED] == __('No')) {
//nop
} else {
echo "<form class=\"box\" method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">\n";
config_default_form($key, $type, $default, CST_ADMIN_DOMAIN_CONFIG);
echo "</form>\n";
$ret = CST_ADMIN_DOMAIN_NONE;
}
break;
case CST_ADMIN_EDIT_ACTION:
case 'CST_ADMIN_EDIT_ACTION':
$key_ = sanitize($_REQUEST['key'], RSS_SANITIZER_NO_SPACES | RSS_SANITIZER_SIMPLE_SQL);
$res = rss_query("select * from " . getTable('config') . " where key_ ='{$key_}'");
list($key, $value, $default, $type, $desc, $export) = rss_fetch_row($res);
echo "<div>\n";
echo "\n\n<h2>Edit '{$key}'</h2>\n";
echo "<form style=\"display:inline\" id=\"cfg\" method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">\n";
$onclickaction = null;
config_edit_form($key, $value, $default, $type, $desc, $export, $onclickaction);
echo "<p style=\"display:inline\">\n";
echo isset($preview) ? "<input type=\"submit\" name=\"action\" value=\"" . __('Preview') . "\"" . ($onclickaction ? " onclick=\"{$onclickaction}\"" : "") . " />\n" : "";
echo "<input type=\"hidden\" name=\"" . CST_ADMIN_METAACTION . "\" value=\"ACT_ADMIN_SUBMIT_CHANGES\" />";
echo "<input type=\"submit\" name=\"action\" value=\"" . __('Submit Changes') . "\"" . ($onclickaction ? " onclick=\"{$onclickaction}\"" : "") . " /><input type=\"hidden\" name=\"" . CST_ADMIN_DOMAIN . "\" value=\"" . CST_ADMIN_DOMAIN_CONFIG . "\"/>\n</p></form>\n";
echo "<form style=\"display:inline\" method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">\n" . "<p style=\"display:inline\">\n<input type=\"hidden\" name=\"" . CST_ADMIN_DOMAIN . "\" value=\"" . CST_ADMIN_DOMAIN_CONFIG . "\"/>\n" . "<input type=\"hidden\" name=\"" . CST_ADMIN_METAACTION . "\" value=\"ACT_ADMIN_SUBMIT_CANCEL\" />" . "<input type=\"submit\" name=\"action\" value=\"" . __('Cancel') . "\"/></p></form>\n" . "\n\n</div>\n";
$ret__ = CST_ADMIN_DOMAIN_NONE;
break;
case __('Preview'):
case 'ACT_ADMIN_PREVIEW_CHANGES':
rss_error('fixme: preview not yet implemented', RSS_ERROR_ERROR, true);
break;
case __('Submit Changes'):
case 'ACT_ADMIN_SUBMIT_CHANGES':
$key = sanitize($_POST['key'], RSS_SANITIZER_NO_SPACES | RSS_SANITIZER_SIMPLE_SQL);
$type = sanitize($_POST['type'], RSS_SANITIZER_CHARACTERS);
$value = sanitize($_POST['value'], RSS_SANITIZER_SIMPLE_SQL);
// sanitizine routines for values
switch ($key) {
case 'rss.output.title':
$value = strip_tags($value);
break;
case 'rss.config.robotsmeta':
$value = preg_replace('#[^a-zA-Z,\\s]#', '', $value);
break;
}
switch ($key) {
case 'rss.input.allowed':
$ret = array();
$tmp = explode(' ', $value);
foreach ($tmp as $key__) {
if (preg_match('|^[a-zA-Z]+$|', $key__)) {
$ret[$key__] = array();
} else {
$tmp2 = array();
$attrs = explode(',', $key__);
$key__ = array_shift($attrs);
foreach ($attrs as $attr) {
$tmp2[$attr] = 1;
}
$ret[$key__] = $tmp2;
}
}
$sql = "update " . getTable('config') . " set value_='" . serialize($ret) . "' where key_='{$key}'";
break;
case 'rss.output.lang':
$langs = getLanguages();
$codes = array_keys($langs);
$out_val = implode(',', $codes);
$cntr = 0;
$idx = "0";
foreach ($codes as $code) {
if ($code == $value) {
$idx = $cntr;
}
$cntr++;
}
$out_val .= ",{$idx}";
$sql = "update " . getTable('config') . " set value_='{$out_val}' where key_='{$key}'";
break;
default:
switch ($type) {
case 'string':
$sql = "update " . getTable('config') . " set value_='{$value}' where key_='{$key}'";
break;
case 'num':
if (!is_numeric($value)) {
rss_error(__("Oops, I was expecting a numeric value, got '{$value}' instead!"), RSS_ERROR_ERROR, true);
break;
}
$sql = "update " . getTable('config') . " set value_='{$value}' where key_='{$key}'";
break;
case 'boolean':
if ($value != __('True') && $value != __('False')) {
rss_error(__("Oops, invalid value for {$key} : {$value}"), RSS_ERROR_ERROR, true);
break;
}
$sql = "update " . getTable('config') . " set value_='" . ($value == __('True') ? 'true' : 'false') . "'" . " where key_='{$key}'";
break;
case 'enum':
$res = rss_query("select value_ from " . getTable('config') . " where key_='{$key}'");
list($oldvalue) = rss_fetch_row($res);
if (strstr($oldvalue, $value) === FALSE) {
rss_error(__("Oops, invalid value '{$value}' for this config key"), RSS_ERROR_ERROR, true);
break;
}
$arr = explode(',', $oldvalue);
$idx = array_pop($arr);
$newkey = -1;
foreach ($arr as $i => $val) {
if ($val == $value) {
$newkey = $i;
}
}
reset($arr);
if ($newkey > -1) {
array_push($arr, $newkey);
$sql = "update " . getTable('config') . " set value_='" . implode(',', $arr) . "'" . " where key_='{$key}'";
} else {
rss_error(__("Oops, invalid value '{$value}' for this config key"), RSS_ERROR_ERROR, true);
}
break;
default:
rss_error(__('Ooops, unknown config type: ') . $type, RSS_ERROR_ERROR, true);
//var_dump($_REQUEST);
break;
}
}
if (isset($sql)) {
rss_query($sql);
rss_invalidate_cache();
}
break;
default:
break;
}
return $ret__;
}