/** * Shows the block editor * * This will show a block edit form. If this is a Geeklog default block it will * send it off to editdefaultblock. * * @param string $bid ID of block to edit * @return string HTML for block editor * */ function editblock($bid = '') { global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG01, $LANG21, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS; $retval = ''; if (!empty($bid)) { $sql['mysql'] = "SELECT * FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'"; $sql['mssql'] = "SELECT bid, is_enabled, name, type, title, blockorder, cast(content as text) as content, rdfurl, "; $sql['mssql'] .= "rdfupdated, rdflimit, onleft, phpblockfn, help, owner_id,group_id, "; $sql['mssql'] .= "perm_owner, perm_group, perm_members, perm_anon, allow_autotags, cache_time FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'"; $sql['pgsql'] = "SELECT * FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'"; $result = DB_query($sql); $A = DB_fetchArray($result); $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); if ($access == 2 || $access == 0 || TOPIC_hasMultiTopicAccess('block', $bid) < 3) { $retval .= COM_showMessageText($LANG21[45], $LANG_ACCESS['accessdenied']); COM_accessLog("User {$_USER['username']} tried to illegally create or edit block {$bid}."); return $retval; } if ($A['type'] == 'gldefault') { $retval .= editdefaultblock($A, $access); return $retval; } } else { $A['bid'] = 0; $A['is_enabled'] = 1; $A['name'] = ''; $A['type'] = 'normal'; $A['title'] = ''; $A['tid'] = ''; $A['blockorder'] = 0; $A['cache_time'] = $_CONF['default_cache_time_block']; $A['content'] = ''; $A['allow_autotags'] = 0; $A['rdfurl'] = ''; $A['rdfupdated'] = ''; $A['rdflimit'] = 0; $A['onleft'] = 0; $A['phpblockfn'] = ''; $A['help'] = ''; $A['owner_id'] = $_USER['uid']; if (isset($_GROUPS['Block Admin'])) { $A['group_id'] = $_GROUPS['Block Admin']; } else { $A['group_id'] = SEC_getFeatureGroup('block.edit'); } SEC_setDefaultPermissions($A, $_CONF['default_permissions_block']); $access = 3; if ($_POST['mode'] == $LANG_ADMIN['save'] && !empty($LANG_ADMIN['save'])) { overridePostdata($A); } } $token = SEC_createToken(); $block_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/block'); $block_templates->set_file('editor', 'blockeditor.thtml'); $block_start = COM_startBlock($LANG21[3], '', COM_getBlockTemplate('_admin_block', 'header')); $block_start .= LB . SEC_getTokenExpiryNotice($token); $block_templates->set_var('start_block_editor', $block_start); if (!empty($bid) && SEC_hasrights('block.delete')) { $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>'; $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; $block_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm)); $block_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, '')); $block_templates->set_var('allow_delete', true); $block_templates->set_var('lang_delete', $LANG_ADMIN['delete']); $block_templates->set_var('confirm_message', $MESSAGE[76]); } $block_templates->set_var('block_bid', $A['bid']); // standard Admin strings $block_templates->set_var('lang_blocktitle', $LANG_ADMIN['title']); $block_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']); $block_templates->set_var('lang_blockhelpurl', $LANG_ADMIN['help_url']); $block_templates->set_var('lang_topic', $LANG_ADMIN['topic']); $block_templates->set_var('lang_save', $LANG_ADMIN['save']); $block_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']); $block_templates->set_var('lang_blocktype', $LANG_ADMIN['type']); $block_templates->set_var('lang_allowed_html', $LANG01[123]); $block_templates->set_var('block_title', stripslashes($A['title'])); $block_templates->set_var('lang_enabled', $LANG21[53]); if ($A['is_enabled'] == 1) { $block_templates->set_var('is_enabled', 'checked="checked"'); } else { $block_templates->set_var('is_enabled', ''); } $block_templates->set_var('block_help', $A['help']); $block_templates->set_var('lang_includehttp', $LANG21[51]); $block_templates->set_var('lang_explanation', $LANG21[52]); $block_templates->set_var('block_name', $A['name']); $block_templates->set_var('lang_blockname', $LANG21[48]); $block_templates->set_var('lang_nospaces', $LANG21[49]); $block_templates->set_var('topic_selection', TOPIC_getTopicSelectionControl('block', $A['bid'], true, true)); $block_templates->set_var('lang_side', $LANG21[39]); $block_templates->set_var('lang_left', $LANG21[40]); $block_templates->set_var('lang_right', $LANG21[41]); if ($A['onleft'] == 1) { $block_templates->set_var('left_selected', 'selected="selected"'); } elseif ($A['onleft'] == 0) { $block_templates->set_var('right_selected', 'selected="selected"'); } $block_templates->set_var('lang_blockorder', $LANG21[9]); $block_templates->set_var('block_order', $A['blockorder']); $block_templates->set_var('lang_normalblock', $LANG21[12]); $block_templates->set_var('lang_phpblock', $LANG21[27]); $block_templates->set_var('lang_portalblock', $LANG21[11]); if ($A['type'] == 'normal') { $block_templates->set_var('normal_selected', 'selected="selected"'); } elseif ($A['type'] == 'phpblock') { $block_templates->set_var('php_selected', 'selected="selected"'); } elseif ($A['type'] == 'portal') { $block_templates->set_var('portal_selected', 'selected="selected"'); } $block_templates->set_var('lang_cachetime', $LANG21['cache_time']); $block_templates->set_var('lang_cachetime_desc', $LANG21['cache_time_desc']); $block_templates->set_var('cache_time', $A['cache_time']); $block_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']); $block_templates->set_var('lang_owner', $LANG_ACCESS['owner']); $ownername = COM_getDisplayName($A['owner_id']); $block_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = '{$A['owner_id']}'")); $block_templates->set_var('owner_name', $ownername); $block_templates->set_var('owner', $ownername); $block_templates->set_var('owner_id', $A['owner_id']); $block_templates->set_var('lang_group', $LANG_ACCESS['group']); $block_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access)); $block_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']); $block_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']); $block_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon'])); $block_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']); $block_templates->set_var('lang_phpblockoptions', $LANG21[28]); $block_templates->set_var('lang_blockfunction', $LANG21[29]); $block_templates->set_var('block_phpblockfn', $A['phpblockfn']); $block_templates->set_var('lang_phpblockwarning', $LANG21[30]); $block_templates->set_var('lang_portalblockoptions', $LANG21[13]); $block_templates->set_var('lang_rdfurl', $LANG21[14]); $block_templates->set_var('max_url_length', 255); $block_templates->set_var('block_rdfurl', $A['rdfurl']); $block_templates->set_var('lang_rdflimit', $LANG21[62]); $block_templates->set_var('block_rdflimit', $A['rdflimit']); $block_templates->set_var('lang_lastrdfupdate', $LANG21[15]); if ($A['rdfupdated'] == '0000-00-00 00:00:00') { $block_templates->set_var('block_rdfupdated', ''); } else { $block_templates->set_var('block_rdfupdated', $A['rdfupdated']); } $block_templates->set_var('lang_normalblockoptions', $LANG21[16]); $block_templates->set_var('lang_blockcontent', $LANG21[17]); $block_templates->set_var('lang_autotags', $LANG21[66]); $block_templates->set_var('lang_use_autotags', $LANG21[67]); $content = htmlspecialchars(stripslashes($A['content'])); $content = str_replace(array('{', '}'), array('{', '}'), $content); $block_templates->set_var('block_content', $content); if ($A['allow_autotags'] == 1) { $block_templates->set_var('allow_autotags', 'checked="checked"'); } else { $block_templates->set_var('allow_autotags', ''); } $block_templates->set_var('gltoken_name', CSRF_TOKEN); $block_templates->set_var('gltoken', $token); $block_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'))); $block_templates->parse('output', 'editor'); $retval .= $block_templates->finish($block_templates->get_var('output')); // Shows/Hides relevant block options dynamically $_SCRIPTS->setJavaScript("\njQuery(function () {\n var \$ = jQuery;\n \$('#admin-blockeditor-type').on('change', function () {\n var fs, i, fieldsets = ['normal', 'phpblock', 'portal'];\n\n for (i = 0; i < 3; i++) {\n if (this.value === fieldsets[i]) {\n \$('#fs-' + fieldsets[i] + '-options').show();\n } else {\n \$('#fs-' + fieldsets[i] + '-options').hide();\n }\n }\n })\n .trigger('change');\n});", true, true); return $retval; }
/** * Shows the block editor * * This will show a block edit form. If this is a Geeklog default block it will * send it off to editdefaultblock. * * @param string $bid ID of block to edit * @return string HTML for block editor * */ function editblock($bid = '') { global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG01, $LANG21, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE; $retval = ''; if (!empty($bid)) { $sql['mysql'] = "SELECT * FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'"; $sql['mssql'] = "SELECT bid, is_enabled, name, type, title, tid, blockorder, cast(content as text) as content, rdfurl, "; $sql['mssql'] .= "rdfupdated, rdflimit, onleft, phpblockfn, help, owner_id,group_id, "; $sql['mssql'] .= "perm_owner, perm_group, perm_members, perm_anon, allow_autotags FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'"; $result = DB_query($sql); $A = DB_fetchArray($result); $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); if ($access == 2 || $access == 0 || hasBlockTopicAccess($A['tid']) < 3) { $retval .= COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG21[45] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); COM_accessLog("User {$_USER['username']} tried to illegally create or edit block {$bid}."); return $retval; } if ($A['type'] == 'gldefault') { $retval .= editdefaultblock($A, $access); return $retval; } } else { $A['bid'] = 0; $A['is_enabled'] = 1; $A['name'] = ''; $A['type'] = 'normal'; $A['title'] = ''; $A['tid'] = 'All'; $A['blockorder'] = 0; $A['content'] = ''; $A['allow_autotags'] = 0; $A['rdfurl'] = ''; $A['rdfupdated'] = ''; $A['rdflimit'] = 0; $A['onleft'] = 0; $A['phpblockfn'] = ''; $A['help'] = ''; $A['owner_id'] = $_USER['uid']; if (isset($_GROUPS['Block Admin'])) { $A['group_id'] = $_GROUPS['Block Admin']; } else { $A['group_id'] = SEC_getFeatureGroup('block.edit'); } SEC_setDefaultPermissions($A, $_CONF['default_permissions_block']); $access = 3; } $token = SEC_createToken(); $block_templates = new Template($_CONF['path_layout'] . 'admin/block'); $block_templates->set_file('editor', 'blockeditor.thtml'); $block_templates->set_var('site_url', $_CONF['site_url']); $block_templates->set_var('xhtml', XHTML); $block_templates->set_var('site_admin_url', $_CONF['site_admin_url']); $block_templates->set_var('layout_url', $_CONF['layout_url']); $block_start = COM_startBlock($LANG21[3], '', COM_getBlockTemplate('_admin_block', 'header')); $block_start .= LB . SEC_getTokenExpiryNotice($token); $block_templates->set_var('start_block_editor', $block_start); if (!empty($bid) && SEC_hasrights('block.delete')) { $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>'; $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; $block_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm)); $block_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, '')); } $block_templates->set_var('block_bid', $A['bid']); // standard Admin strings $block_templates->set_var('lang_blocktitle', $LANG_ADMIN['title']); $block_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']); $block_templates->set_var('lang_blockhelpurl', $LANG_ADMIN['help_url']); $block_templates->set_var('lang_topic', $LANG_ADMIN['topic']); $block_templates->set_var('lang_save', $LANG_ADMIN['save']); $block_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']); $block_templates->set_var('lang_blocktype', $LANG_ADMIN['type']); $block_templates->set_var('lang_allowed_html', $LANG01[123]); $block_templates->set_var('block_title', stripslashes($A['title'])); $block_templates->set_var('lang_enabled', $LANG21[53]); if ($A['is_enabled'] == 1) { $block_templates->set_var('is_enabled', 'checked="checked"'); } else { $block_templates->set_var('is_enabled', ''); } $block_templates->set_var('block_help', $A['help']); $block_templates->set_var('lang_includehttp', $LANG21[51]); $block_templates->set_var('lang_explanation', $LANG21[52]); $block_templates->set_var('block_name', $A['name']); $block_templates->set_var('lang_blockname', $LANG21[48]); $block_templates->set_var('lang_nospaces', $LANG21[49]); $block_templates->set_var('lang_all', $LANG21[7]); $block_templates->set_var('lang_homeonly', $LANG21[43]); if ($A['tid'] == 'all') { $block_templates->set_var('all_selected', 'selected="selected"'); } else { if ($A['tid'] == 'homeonly') { $block_templates->set_var('homeonly_selected', 'selected="selected"'); } } $block_templates->set_var('topic_options', COM_topicList('tid,topic', $A['tid'], 1, true)); $block_templates->set_var('lang_side', $LANG21[39]); $block_templates->set_var('lang_left', $LANG21[40]); $block_templates->set_var('lang_right', $LANG21[41]); if ($A['onleft'] == 1) { $block_templates->set_var('left_selected', 'selected="selected"'); } else { if ($A['onleft'] == 0) { $block_templates->set_var('right_selected', 'selected="selected"'); } } $block_templates->set_var('lang_blockorder', $LANG21[9]); $block_templates->set_var('block_order', $A['blockorder']); $block_templates->set_var('lang_normalblock', $LANG21[12]); $block_templates->set_var('lang_phpblock', $LANG21[27]); $block_templates->set_var('lang_portalblock', $LANG21[11]); if ($A['type'] == 'normal') { $block_templates->set_var('normal_selected', 'selected="selected"'); } else { if ($A['type'] == 'phpblock') { $block_templates->set_var('php_selected', 'selected="selected"'); } else { if ($A['type'] == 'portal') { $block_templates->set_var('portal_selected', 'selected="selected"'); } } } $block_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']); $block_templates->set_var('lang_owner', $LANG_ACCESS['owner']); $ownername = COM_getDisplayName($A['owner_id']); $block_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = '{$A['owner_id']}'")); $block_templates->set_var('owner_name', $ownername); $block_templates->set_var('owner', $ownername); $block_templates->set_var('owner_id', $A['owner_id']); $block_templates->set_var('lang_group', $LANG_ACCESS['group']); $block_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access)); $block_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']); $block_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']); $block_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon'])); $block_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']); $block_templates->set_var('lang_phpblockoptions', $LANG21[28]); $block_templates->set_var('lang_blockfunction', $LANG21[29]); $block_templates->set_var('block_phpblockfn', $A['phpblockfn']); $block_templates->set_var('lang_phpblockwarning', $LANG21[30]); $block_templates->set_var('lang_portalblockoptions', $LANG21[13]); $block_templates->set_var('lang_rdfurl', $LANG21[14]); $block_templates->set_var('max_url_length', 255); $block_templates->set_var('block_rdfurl', $A['rdfurl']); $block_templates->set_var('lang_rdflimit', $LANG21[62]); $block_templates->set_var('block_rdflimit', $A['rdflimit']); $block_templates->set_var('lang_lastrdfupdate', $LANG21[15]); if ($A['rdfupdated'] == '0000-00-00 00:00:00') { $block_templates->set_var('block_rdfupdated', ''); } else { $block_templates->set_var('block_rdfupdated', $A['rdfupdated']); } $block_templates->set_var('lang_normalblockoptions', $LANG21[16]); $block_templates->set_var('lang_blockcontent', $LANG21[17]); $block_templates->set_var('lang_autotags', $LANG21[66]); $block_templates->set_var('lang_use_autotags', $LANG21[67]); $block_templates->set_var('block_content', htmlspecialchars(stripslashes($A['content']))); if ($A['allow_autotags'] == 1) { $block_templates->set_var('allow_autotags', 'checked="checked"'); } else { $block_templates->set_var('allow_autotags', ''); } $block_templates->set_var('gltoken_name', CSRF_TOKEN); $block_templates->set_var('gltoken', $token); $block_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'))); $block_templates->parse('output', 'editor'); $retval .= $block_templates->finish($block_templates->get_var('output')); return $retval; }