/**
* Shows the block editor
*
* This will show a block edit form. If this is a Geeklog default block it will
* send it off to editdefaultblock.
*
* @param string $bid ID of block to edit
* @return string HTML for block editor
*
*/
function editblock($bid = '')
{
global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG01, $LANG21, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS;
$retval = '';
if (!empty($bid)) {
$sql['mysql'] = "SELECT * FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'";
$sql['mssql'] = "SELECT bid, is_enabled, name, type, title, blockorder, cast(content as text) as content, rdfurl, ";
$sql['mssql'] .= "rdfupdated, rdflimit, onleft, phpblockfn, help, owner_id,group_id, ";
$sql['mssql'] .= "perm_owner, perm_group, perm_members, perm_anon, allow_autotags, cache_time FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'";
$sql['pgsql'] = "SELECT * FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'";
$result = DB_query($sql);
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
if ($access == 2 || $access == 0 || TOPIC_hasMultiTopicAccess('block', $bid) < 3) {
$retval .= COM_showMessageText($LANG21[45], $LANG_ACCESS['accessdenied']);
COM_accessLog("User {$_USER['username']} tried to illegally create or edit block {$bid}.");
return $retval;
}
if ($A['type'] == 'gldefault') {
$retval .= editdefaultblock($A, $access);
return $retval;
}
} else {
$A['bid'] = 0;
$A['is_enabled'] = 1;
$A['name'] = '';
$A['type'] = 'normal';
$A['title'] = '';
$A['tid'] = '';
$A['blockorder'] = 0;
$A['cache_time'] = $_CONF['default_cache_time_block'];
$A['content'] = '';
$A['allow_autotags'] = 0;
$A['rdfurl'] = '';
$A['rdfupdated'] = '';
$A['rdflimit'] = 0;
$A['onleft'] = 0;
$A['phpblockfn'] = '';
$A['help'] = '';
$A['owner_id'] = $_USER['uid'];
if (isset($_GROUPS['Block Admin'])) {
$A['group_id'] = $_GROUPS['Block Admin'];
} else {
$A['group_id'] = SEC_getFeatureGroup('block.edit');
}
SEC_setDefaultPermissions($A, $_CONF['default_permissions_block']);
$access = 3;
if ($_POST['mode'] == $LANG_ADMIN['save'] && !empty($LANG_ADMIN['save'])) {
overridePostdata($A);
}
}
$token = SEC_createToken();
$block_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/block');
$block_templates->set_file('editor', 'blockeditor.thtml');
$block_start = COM_startBlock($LANG21[3], '', COM_getBlockTemplate('_admin_block', 'header'));
$block_start .= LB . SEC_getTokenExpiryNotice($token);
$block_templates->set_var('start_block_editor', $block_start);
if (!empty($bid) && SEC_hasrights('block.delete')) {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$block_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$block_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
$block_templates->set_var('allow_delete', true);
$block_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
$block_templates->set_var('confirm_message', $MESSAGE[76]);
}
$block_templates->set_var('block_bid', $A['bid']);
// standard Admin strings
$block_templates->set_var('lang_blocktitle', $LANG_ADMIN['title']);
$block_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
$block_templates->set_var('lang_blockhelpurl', $LANG_ADMIN['help_url']);
$block_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
$block_templates->set_var('lang_save', $LANG_ADMIN['save']);
$block_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$block_templates->set_var('lang_blocktype', $LANG_ADMIN['type']);
$block_templates->set_var('lang_allowed_html', $LANG01[123]);
$block_templates->set_var('block_title', stripslashes($A['title']));
$block_templates->set_var('lang_enabled', $LANG21[53]);
if ($A['is_enabled'] == 1) {
$block_templates->set_var('is_enabled', 'checked="checked"');
} else {
$block_templates->set_var('is_enabled', '');
}
$block_templates->set_var('block_help', $A['help']);
$block_templates->set_var('lang_includehttp', $LANG21[51]);
$block_templates->set_var('lang_explanation', $LANG21[52]);
$block_templates->set_var('block_name', $A['name']);
$block_templates->set_var('lang_blockname', $LANG21[48]);
$block_templates->set_var('lang_nospaces', $LANG21[49]);
$block_templates->set_var('topic_selection', TOPIC_getTopicSelectionControl('block', $A['bid'], true, true));
$block_templates->set_var('lang_side', $LANG21[39]);
$block_templates->set_var('lang_left', $LANG21[40]);
$block_templates->set_var('lang_right', $LANG21[41]);
if ($A['onleft'] == 1) {
$block_templates->set_var('left_selected', 'selected="selected"');
} elseif ($A['onleft'] == 0) {
$block_templates->set_var('right_selected', 'selected="selected"');
}
$block_templates->set_var('lang_blockorder', $LANG21[9]);
$block_templates->set_var('block_order', $A['blockorder']);
$block_templates->set_var('lang_normalblock', $LANG21[12]);
$block_templates->set_var('lang_phpblock', $LANG21[27]);
$block_templates->set_var('lang_portalblock', $LANG21[11]);
if ($A['type'] == 'normal') {
$block_templates->set_var('normal_selected', 'selected="selected"');
} elseif ($A['type'] == 'phpblock') {
$block_templates->set_var('php_selected', 'selected="selected"');
} elseif ($A['type'] == 'portal') {
$block_templates->set_var('portal_selected', 'selected="selected"');
}
$block_templates->set_var('lang_cachetime', $LANG21['cache_time']);
$block_templates->set_var('lang_cachetime_desc', $LANG21['cache_time_desc']);
$block_templates->set_var('cache_time', $A['cache_time']);
$block_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
$block_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
$ownername = COM_getDisplayName($A['owner_id']);
$block_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = '{$A['owner_id']}'"));
$block_templates->set_var('owner_name', $ownername);
$block_templates->set_var('owner', $ownername);
$block_templates->set_var('owner_id', $A['owner_id']);
$block_templates->set_var('lang_group', $LANG_ACCESS['group']);
$block_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
$block_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
$block_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
$block_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
$block_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
$block_templates->set_var('lang_phpblockoptions', $LANG21[28]);
$block_templates->set_var('lang_blockfunction', $LANG21[29]);
$block_templates->set_var('block_phpblockfn', $A['phpblockfn']);
$block_templates->set_var('lang_phpblockwarning', $LANG21[30]);
$block_templates->set_var('lang_portalblockoptions', $LANG21[13]);
$block_templates->set_var('lang_rdfurl', $LANG21[14]);
$block_templates->set_var('max_url_length', 255);
$block_templates->set_var('block_rdfurl', $A['rdfurl']);
$block_templates->set_var('lang_rdflimit', $LANG21[62]);
$block_templates->set_var('block_rdflimit', $A['rdflimit']);
$block_templates->set_var('lang_lastrdfupdate', $LANG21[15]);
if ($A['rdfupdated'] == '0000-00-00 00:00:00') {
$block_templates->set_var('block_rdfupdated', '');
} else {
$block_templates->set_var('block_rdfupdated', $A['rdfupdated']);
}
$block_templates->set_var('lang_normalblockoptions', $LANG21[16]);
$block_templates->set_var('lang_blockcontent', $LANG21[17]);
$block_templates->set_var('lang_autotags', $LANG21[66]);
$block_templates->set_var('lang_use_autotags', $LANG21[67]);
$content = htmlspecialchars(stripslashes($A['content']));
$content = str_replace(array('{', '}'), array('{', '}'), $content);
$block_templates->set_var('block_content', $content);
if ($A['allow_autotags'] == 1) {
$block_templates->set_var('allow_autotags', 'checked="checked"');
} else {
$block_templates->set_var('allow_autotags', '');
}
$block_templates->set_var('gltoken_name', CSRF_TOKEN);
$block_templates->set_var('gltoken', $token);
$block_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
$block_templates->parse('output', 'editor');
$retval .= $block_templates->finish($block_templates->get_var('output'));
// Shows/Hides relevant block options dynamically
$_SCRIPTS->setJavaScript("\njQuery(function () {\n var \$ = jQuery;\n \$('#admin-blockeditor-type').on('change', function () {\n var fs, i, fieldsets = ['normal', 'phpblock', 'portal'];\n\n for (i = 0; i < 3; i++) {\n if (this.value === fieldsets[i]) {\n \$('#fs-' + fieldsets[i] + '-options').show();\n } else {\n \$('#fs-' + fieldsets[i] + '-options').hide();\n }\n }\n })\n .trigger('change');\n});", true, true);
return $retval;
}
/**
* Shows the block editor
*
* This will show a block edit form. If this is a Geeklog default block it will
* send it off to editdefaultblock.
*
* @param string $bid ID of block to edit
* @return string HTML for block editor
*
*/
function editblock($bid = '')
{
global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG01, $LANG21, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE;
$retval = '';
if (!empty($bid)) {
$sql['mysql'] = "SELECT * FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'";
$sql['mssql'] = "SELECT bid, is_enabled, name, type, title, tid, blockorder, cast(content as text) as content, rdfurl, ";
$sql['mssql'] .= "rdfupdated, rdflimit, onleft, phpblockfn, help, owner_id,group_id, ";
$sql['mssql'] .= "perm_owner, perm_group, perm_members, perm_anon, allow_autotags FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'";
$result = DB_query($sql);
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
if ($access == 2 || $access == 0 || hasBlockTopicAccess($A['tid']) < 3) {
$retval .= COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG21[45] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
COM_accessLog("User {$_USER['username']} tried to illegally create or edit block {$bid}.");
return $retval;
}
if ($A['type'] == 'gldefault') {
$retval .= editdefaultblock($A, $access);
return $retval;
}
} else {
$A['bid'] = 0;
$A['is_enabled'] = 1;
$A['name'] = '';
$A['type'] = 'normal';
$A['title'] = '';
$A['tid'] = 'All';
$A['blockorder'] = 0;
$A['content'] = '';
$A['allow_autotags'] = 0;
$A['rdfurl'] = '';
$A['rdfupdated'] = '';
$A['rdflimit'] = 0;
$A['onleft'] = 0;
$A['phpblockfn'] = '';
$A['help'] = '';
$A['owner_id'] = $_USER['uid'];
if (isset($_GROUPS['Block Admin'])) {
$A['group_id'] = $_GROUPS['Block Admin'];
} else {
$A['group_id'] = SEC_getFeatureGroup('block.edit');
}
SEC_setDefaultPermissions($A, $_CONF['default_permissions_block']);
$access = 3;
}
$token = SEC_createToken();
$block_templates = new Template($_CONF['path_layout'] . 'admin/block');
$block_templates->set_file('editor', 'blockeditor.thtml');
$block_templates->set_var('site_url', $_CONF['site_url']);
$block_templates->set_var('xhtml', XHTML);
$block_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
$block_templates->set_var('layout_url', $_CONF['layout_url']);
$block_start = COM_startBlock($LANG21[3], '', COM_getBlockTemplate('_admin_block', 'header'));
$block_start .= LB . SEC_getTokenExpiryNotice($token);
$block_templates->set_var('start_block_editor', $block_start);
if (!empty($bid) && SEC_hasrights('block.delete')) {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$block_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$block_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
}
$block_templates->set_var('block_bid', $A['bid']);
// standard Admin strings
$block_templates->set_var('lang_blocktitle', $LANG_ADMIN['title']);
$block_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
$block_templates->set_var('lang_blockhelpurl', $LANG_ADMIN['help_url']);
$block_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
$block_templates->set_var('lang_save', $LANG_ADMIN['save']);
$block_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$block_templates->set_var('lang_blocktype', $LANG_ADMIN['type']);
$block_templates->set_var('lang_allowed_html', $LANG01[123]);
$block_templates->set_var('block_title', stripslashes($A['title']));
$block_templates->set_var('lang_enabled', $LANG21[53]);
if ($A['is_enabled'] == 1) {
$block_templates->set_var('is_enabled', 'checked="checked"');
} else {
$block_templates->set_var('is_enabled', '');
}
$block_templates->set_var('block_help', $A['help']);
$block_templates->set_var('lang_includehttp', $LANG21[51]);
$block_templates->set_var('lang_explanation', $LANG21[52]);
$block_templates->set_var('block_name', $A['name']);
$block_templates->set_var('lang_blockname', $LANG21[48]);
$block_templates->set_var('lang_nospaces', $LANG21[49]);
$block_templates->set_var('lang_all', $LANG21[7]);
$block_templates->set_var('lang_homeonly', $LANG21[43]);
if ($A['tid'] == 'all') {
$block_templates->set_var('all_selected', 'selected="selected"');
} else {
if ($A['tid'] == 'homeonly') {
$block_templates->set_var('homeonly_selected', 'selected="selected"');
}
}
$block_templates->set_var('topic_options', COM_topicList('tid,topic', $A['tid'], 1, true));
$block_templates->set_var('lang_side', $LANG21[39]);
$block_templates->set_var('lang_left', $LANG21[40]);
$block_templates->set_var('lang_right', $LANG21[41]);
if ($A['onleft'] == 1) {
$block_templates->set_var('left_selected', 'selected="selected"');
} else {
if ($A['onleft'] == 0) {
$block_templates->set_var('right_selected', 'selected="selected"');
}
}
$block_templates->set_var('lang_blockorder', $LANG21[9]);
$block_templates->set_var('block_order', $A['blockorder']);
$block_templates->set_var('lang_normalblock', $LANG21[12]);
$block_templates->set_var('lang_phpblock', $LANG21[27]);
$block_templates->set_var('lang_portalblock', $LANG21[11]);
if ($A['type'] == 'normal') {
$block_templates->set_var('normal_selected', 'selected="selected"');
} else {
if ($A['type'] == 'phpblock') {
$block_templates->set_var('php_selected', 'selected="selected"');
} else {
if ($A['type'] == 'portal') {
$block_templates->set_var('portal_selected', 'selected="selected"');
}
}
}
$block_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
$block_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
$ownername = COM_getDisplayName($A['owner_id']);
$block_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = '{$A['owner_id']}'"));
$block_templates->set_var('owner_name', $ownername);
$block_templates->set_var('owner', $ownername);
$block_templates->set_var('owner_id', $A['owner_id']);
$block_templates->set_var('lang_group', $LANG_ACCESS['group']);
$block_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
$block_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
$block_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
$block_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
$block_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
$block_templates->set_var('lang_phpblockoptions', $LANG21[28]);
$block_templates->set_var('lang_blockfunction', $LANG21[29]);
$block_templates->set_var('block_phpblockfn', $A['phpblockfn']);
$block_templates->set_var('lang_phpblockwarning', $LANG21[30]);
$block_templates->set_var('lang_portalblockoptions', $LANG21[13]);
$block_templates->set_var('lang_rdfurl', $LANG21[14]);
$block_templates->set_var('max_url_length', 255);
$block_templates->set_var('block_rdfurl', $A['rdfurl']);
$block_templates->set_var('lang_rdflimit', $LANG21[62]);
$block_templates->set_var('block_rdflimit', $A['rdflimit']);
$block_templates->set_var('lang_lastrdfupdate', $LANG21[15]);
if ($A['rdfupdated'] == '0000-00-00 00:00:00') {
$block_templates->set_var('block_rdfupdated', '');
} else {
$block_templates->set_var('block_rdfupdated', $A['rdfupdated']);
}
$block_templates->set_var('lang_normalblockoptions', $LANG21[16]);
$block_templates->set_var('lang_blockcontent', $LANG21[17]);
$block_templates->set_var('lang_autotags', $LANG21[66]);
$block_templates->set_var('lang_use_autotags', $LANG21[67]);
$block_templates->set_var('block_content', htmlspecialchars(stripslashes($A['content'])));
if ($A['allow_autotags'] == 1) {
$block_templates->set_var('allow_autotags', 'checked="checked"');
} else {
$block_templates->set_var('allow_autotags', '');
}
$block_templates->set_var('gltoken_name', CSRF_TOKEN);
$block_templates->set_var('gltoken', $token);
$block_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
$block_templates->parse('output', 'editor');
$retval .= $block_templates->finish($block_templates->get_var('output'));
return $retval;
}
