function feed($type)
{
global $prefs;
set_error_handler('feedErrorHandler');
ob_clean();
extract($prefs);
extract(doSlash(gpsa(array('category', 'section', 'limit', 'area'))));
if ($area != 'link') {
$area = 'article';
}
$sitename .= $section ? ' - ' . fetch_section_title($section) : '';
$sitename .= $category ? ' - ' . fetch_category_title($category, $area) : '';
$self_ref = pagelinkurl(array('atom' => 1, 'area' => $area == 'article' ? '' : $area, 'section' => $section, 'category' => $category, 'limit' => $limit));
$id_ext = ($section ? '/' . $section : '') . ($category ? '/' . $category : '');
if ($area == 'article') {
$sfilter = $section ? "and Section = '" . $section . "'" : '';
$cfilter = $category ? "and (Category1='" . $category . "' or Category2='" . $category . "')" : '';
$limit = $limit ? $limit : $rss_how_many;
$limit = intval(min($limit, max(100, $rss_how_many)));
$frs = safe_column("name", "txp_section", "in_rss != '1'");
$query = array();
foreach ($frs as $f) {
$query[] = "and Section != '" . doSlash($f) . "'";
}
$query[] = $sfilter;
$query[] = $cfilter;
$expired = $publish_expired_articles ? '' : ' and (now() <= Expires or Expires = ' . NULLDATETIME . ') ';
$rs = safe_rows_start("*, ID as thisid, unix_timestamp(Posted) as uPosted, unix_timestamp(Expires) as uExpires, unix_timestamp(LastMod) as uLastMod", "textpattern", "Status=4 and Posted <= now() {$expired}" . join(' ', $query) . "order by Posted desc limit {$limit}");
return render_feed($rs, $area, $type, $sitename, $self_ref, $id_ext);
} elseif ($area == 'link') {
$cfilter = $category ? "category='" . $category . "'" : '1';
$limit = $limit ? $limit : $rss_how_many;
$limit = intval(min($limit, max(100, $rss_how_many)));
$rs = safe_rows_start("*" . ($atom ? '' : ", unix_timestamp(date) as uDate"), "txp_link", "{$cfilter} order by date desc" . ($atom ? ", id desc" : '') . " limit {$limit}");
return render_feed($rs, $area, $type, $sitename, $self_ref, $id_ext);
}
}
function image_list($message = '')
{
global $txpcfg, $extensions, $img_dir, $file_max_upload_size, $image_list_pageby, $txp_user, $event;
pagetop(gTxt('images'), $message);
extract($txpcfg);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('image_sort_column', 'id');
}
if ($dir === '') {
$dir = get_pref('image_sort_dir', 'desc');
}
$dir = $dir == 'asc' ? 'asc' : 'desc';
echo '<div id="' . $event . '_control" class="txp-control-panel">';
if (!is_dir(IMPATH) or !is_writeable(IMPATH)) {
echo graf(gTxt('img_dir_not_writeable', array('{imgdir}' => IMPATH)), ' id="warning"');
} elseif (has_privs('image.edit.own')) {
echo upload_form(gTxt('upload_image'), 'upload_image', 'image_insert', 'image', '', $file_max_upload_size);
}
switch ($sort) {
case 'name':
$sort_sql = 'name ' . $dir;
break;
case 'thumbnail':
$sort_sql = 'thumbnail ' . $dir . ', id asc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', id asc';
break;
case 'date':
$sort_sql = 'date ' . $dir . ', id asc';
break;
case 'author':
$sort_sql = 'author ' . $dir . ', id asc';
break;
default:
$sort = 'id';
$sort_sql = 'id ' . $dir;
break;
}
set_pref('image_sort_column', $sort, 'image', 2, '', 0, PREF_PRIVATE);
set_pref('image_sort_dir', $dir, 'image', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit) {
$crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
$critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'", 'alt' => "alt like '%{$crit_escaped}%'", 'caption' => "caption like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = safe_count('txp_image', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . image_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo n . graf(gTxt('no_images_recorded'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($image_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo image_search_form($crit, $search_method);
$rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_image', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}\n\t\t");
echo pluggable_ui('image_ui', 'extend_controls', '', $rs);
echo '</div>';
// end txp-control-panel
if ($rs) {
$show_authors = !has_single_author('txp_image');
echo n . '<div id="' . $event . '_container" class="txp-container txp-list">';
echo n . n . '<form name="longform" id="images_form" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . n . startTable('list', '', 'list') . n . '<thead>' . n . tr(column_head('ID', 'id', 'image', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . hCell('', '', ' class="actions"') . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'date created') . column_head('name', 'name', 'image', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . column_head('thumbnail', 'thumbnail', 'image', true, $switch_dir, $crit, $search_method, ('thumbnail' == $sort ? "{$dir} " : '') . 'thumbnail') . hCell(gTxt('tags'), '', ' class="tag-build"') . column_head('image_category', 'category', 'image', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . ($show_authors ? column_head('author', 'author', 'image', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '') . hCell('', '', ' class="multi-edit"')) . n . '</thead>';
$tfoot = n . '<tfoot>' . tr(tda(select_buttons() . image_multiedit_form($page, $sort, $dir, $crit, $search_method), ' class="multi-edit" colspan="' . ($show_authors ? '9' : '8') . '" style="text-align: right; border: none;"')) . n . '</tfoot>';
echo $tfoot;
echo '<tbody>';
$ctr = 1;
while ($a = nextRow($rs)) {
extract($a);
$edit_url = '?event=image' . a . 'step=image_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$name = empty($name) ? gTxt('unnamed') : htmlspecialchars($name);
if ($thumbnail) {
if ($ext != '.swf') {
$thumbnail = '<img src="' . imagesrcurl($id, $ext, true) . "?{$uDate}" . '" alt="" ' . "title='{$id}{$ext} ({$w} × {$h})'" . ($thumb_w ? "width='{$thumb_w}' height='{$thumb_h}'" : '') . ' />';
} else {
$thumbnail = '';
}
} else {
$thumbnail = gTxt('no');
}
if ($ext != '.swf') {
$tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption);
$tagbuilder = '<ul>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href); return false;">Textile</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href); return false;">Textpattern</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href); return false;">XHTML</a></li>' . '</ul>';
} else {
$tagbuilder = sp;
}
$category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'image')) . '">' . $category . '</span>' : '';
$can_edit = has_privs('image.edit') || $author == $txp_user && has_privs('image.edit.own');
echo n . n . tr(n . td($id, 20, 'id') . td(n . '<ul>' . ($can_edit ? n . t . '<li class="action-edit">' . href(gTxt('edit'), $edit_url) . '</li>' : '') . n . t . '<li class="action-view"><a href="' . imagesrcurl($id, $ext) . '">' . gTxt('view') . '</a></li>' . n . '</ul>', 35, 'actions') . td(gTime($uDate), 75, 'date created') . td($can_edit ? href($name, $edit_url) : $name, 75, 'name') . td(pluggable_ui('image_ui', 'thumbnail', $can_edit ? href($thumbnail, $edit_url) : $thumbnail, $a), 80, 'image thumbnail') . td($tagbuilder, 85, 'tag-build') . td($category, 75, 'category') . ($show_authors ? td('<span title="' . htmlspecialchars(get_author_name($author)) . '">' . htmlspecialchars($author) . '</span>', 75, 'author') : '') . td($can_edit ? fInput('checkbox', 'selected[]', $id) : ' ', 10, 'multi-edit'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"');
$ctr++;
}
echo '</tbody>' . n . endTable() . n . '</form>' . n . '<div id="' . $event . '_navigation" class="txp-navigation">' . nav_form('image', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . pageby_form('image', $image_list_pageby) . n . '</div>' . n . '</div>';
}
}
function file_list($message = '')
{
global $file_base_path, $file_statuses, $file_list_pageby, $txp_user, $event;
pagetop(gTxt('file'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('file_sort_column', 'filename');
}
if ($dir === '') {
$dir = get_pref('file_sort_dir', 'asc');
}
$dir = $dir == 'desc' ? 'desc' : 'asc';
echo '<div id="' . $event . '_control" class="txp-control-panel">';
if (!is_dir($file_base_path) or !is_writeable($file_base_path)) {
echo graf(gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), ' id="warning"');
} elseif (has_privs('file.edit.own')) {
$existing_files = get_filenames();
if (count($existing_files) > 0) {
echo form(eInput('file') . sInput('file_create') . graf('<label for="file-existing">' . gTxt('existing_file') . '</label>' . sp . selectInput('filename', $existing_files, '', 1, '', 'file-existing') . sp . fInput('submit', '', gTxt('Create'), 'smallerbox'), ' class="existing-file"'), 'text-align: center;', '', 'post', '', '', 'assign_file');
}
echo file_upload_form(gTxt('upload_file'), 'upload', 'file_insert');
}
switch ($sort) {
case 'id':
$sort_sql = 'id ' . $dir;
break;
case 'description':
$sort_sql = 'description ' . $dir . ', filename desc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', filename desc';
break;
case 'title':
$sort_sql = 'title ' . $dir . ', filename desc';
break;
case 'downloads':
$sort_sql = 'downloads ' . $dir . ', filename desc';
break;
case 'author':
$sort_sql = 'author ' . $dir . ', id asc';
break;
default:
$sort = 'filename';
$sort_sql = 'filename ' . $dir;
break;
}
set_pref('file_sort_column', $sort, 'file', 2, '', 0, PREF_PRIVATE);
set_pref('file_sort_dir', $dir, 'file', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit) {
$crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
$critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "filename like '%{$crit_escaped}%'", 'title' => "title like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = safe_count('txp_file', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . file_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo n . graf(gTxt('no_files_recorded'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($file_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo file_search_form($crit, $search_method) . '</div>';
$rs = safe_rows_start('*', 'txp_file', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
$show_authors = !has_single_author('txp_file');
echo n . '<div id="' . $event . '_container" class="txp-container txp-list">';
echo '<form name="longform" id="files_form" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list', '', 'list') . n . '<thead>' . tr(column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . hCell('', '', ' class="actions"') . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method, ('filename' == $sort ? "{$dir} " : '') . 'name') . column_head('title', 'title', 'file', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'title') . column_head('description', 'description', 'file', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'description') . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . hCell(gTxt('tags'), '', ' class="tag-build"') . hCell(gTxt('status'), '', ' class="status"') . hCell(gTxt('condition'), '', ' class="condition"') . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method, ('downloads' == $sort ? "{$dir} " : '') . 'downloads') . ($show_authors ? column_head('author', 'author', 'file', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '') . hCell('', '', ' class="multi-edit"')) . n . '</thead>';
$tfoot = n . '<tfoot>' . tr(tda(select_buttons() . file_multiedit_form($page, $sort, $dir, $crit, $search_method), ' class="multi-edit" colspan="' . ($show_authors ? '12' : '11') . '" style="text-align: right; border: none;"')) . n . '</tfoot>';
echo $tfoot;
echo '<tbody>';
$ctr = 1;
while ($a = nextRow($rs)) {
extract($a);
$filename = sanitizeForFile($filename);
$edit_url = '?event=file' . a . 'step=file_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$file_exists = file_exists(build_file_path($file_base_path, $filename));
$download_link = $file_exists ? '<li class="action-view">' . make_download_link($id, '', $filename) . '</li>' : '';
$category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'file')) . '">' . $category . '</span>' : '';
$tag_url = '?event=tag' . a . 'tag_name=file_download_link' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename);
$condition = '<span class="';
$condition .= $file_exists ? 'ok' : 'not-ok';
$condition .= '">';
$condition .= $file_exists ? gTxt('file_status_ok') : gTxt('file_status_missing');
$condition .= '</span>';
$can_edit = has_privs('file.edit') || $author == $txp_user && has_privs('file.edit.own');
echo tr(n . td($id, '', 'id') . td('<ul>' . ($can_edit ? '<li class="action-edit">' . href(gTxt('edit'), $edit_url) . '</li>' : '') . $download_link . '</ul>', 65, 'actions') . td($can_edit ? href(htmlspecialchars($filename), $edit_url) : htmlspecialchars($filename), 125, 'name') . td(htmlspecialchars($title), 90, 'title') . td(htmlspecialchars($description), 150, 'description') . td($category, 90, 'category') . td(n . '<ul>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href, 400, 250); return false;">Textile</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href, 400, 250); return false;">Textpattern</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href, 400, 250); return false;">XHTML</a></li>' . n . '</ul>', 75, 'tag-build') . td(in_array($status, array_keys($file_statuses)) ? $file_statuses[$status] : '<span class="not-ok">' . gTxt('none') . '</span>', 45, 'status') . td($condition, 45, 'condition') . td($downloads == '0' ? gTxt('none') : $downloads, 25, 'downloads') . ($show_authors ? td('<span title="' . htmlspecialchars(get_author_name($author)) . '">' . htmlspecialchars($author) . '</span>', '', 'author') : '') . td($can_edit ? fInput('checkbox', 'selected[]', $id) : ' ', 10, 'multi-edit'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"');
$ctr++;
}
echo '</tbody>' . n . endTable() . n . '</form>' . n . '<div id="' . $event . '_navigation" class="txp-navigation">' . nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . pageby_form('file', $file_list_pageby) . n . '</div>' . n . '</div>';
}
}
function file_list($message = '')
{
global $txpcfg, $extensions, $file_base_path;
pagetop(gTxt('file'), $message);
extract($txpcfg);
extract(get_prefs());
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if (!is_dir($file_base_path) or !is_writeable($file_base_path)) {
echo graf(gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), ' id="warning"');
} else {
$existing_files = get_filenames();
if (count($existing_files) > 0) {
echo form(eInput('file') . sInput('file_create') . graf(gTxt('existing_file') . sp . selectInput('filename', $existing_files, '', 1) . sp . fInput('submit', '', gTxt('Create'), 'smallerbox')), 'text-align: center;');
}
echo file_upload_form(gTxt('upload_file'), 'upload', 'file_insert');
}
$dir = $dir == 'desc' ? 'desc' : 'asc';
switch ($sort) {
case 'id':
$sort_sql = 'id ' . $dir;
break;
case 'filename':
$sort_sql = 'filename ' . $dir;
break;
case 'description':
$sort_sql = 'description ' . $dir . ', filename desc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', filename desc';
break;
case 'downloads':
$sort_sql = 'downloads ' . $dir . ', filename desc';
break;
default:
$dir = 'desc';
$sort_sql = 'filename ' . $dir;
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit) {
$crit_escaped = doSlash($crit);
$critsql = array('id' => "id = '{$crit_escaped}'", 'filename' => "filename like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = safe_count('txp_file', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . file_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"');
} else {
echo n . graf(gTxt('no_files_recorded'), ' style="text-align: center;"');
}
return;
}
$limit = max(@$file_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo file_search_form($crit, $search_method);
$rs = safe_rows_start('*', 'txp_file', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
echo startTable('list') . tr(column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method) . td() . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method) . column_head('description', 'description', 'file', true, $switch_dir, $crit, $search_method) . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method) . hCell(gTxt('tags')) . hCell(gTxt('status')) . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method) . hCell());
while ($a = nextRow($rs)) {
extract($a);
$edit_url = '?event=file' . a . 'step=file_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$file_exists = file_exists(build_file_path($file_base_path, $filename));
$download_link = $file_exists ? '<li>' . make_download_link($id) . '</li>' : '';
$category = $category ? '<span title="' . fetch_category_title($category, 'file') . '">' . $category . '</span>' : '';
$tag_url = '?event=tag' . a . 'tag_name=file_download_link' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename);
$status = '<span class="';
$status .= $file_exists ? 'ok' : 'not-ok';
$status .= '">';
$status .= $file_exists ? gTxt('file_status_ok') : gTxt('file_status_missing');
$status .= '</span>';
// does the downloads column exist?
if (!isset($downloads)) {
// nope, add it
safe_alter('txp_file', "ADD downloads INT DEFAULT '0' NOT NULL");
$downloads = 0;
} elseif (empty($downloads)) {
$downloads = '0';
}
echo tr(n . td($id) . td('<ul>' . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . $download_link . '</ul>', 65) . td(href($filename, $edit_url), 125) . td($description, 150) . td($category, 90) . td(n . '<ul>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href, 400, 250); return false;">Textile</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href, 400, 250); return false;">Textpattern</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href, 400, 250); return false;">XHTML</a></li>' . n . '</ul>', 75) . td($status, 45) . td($downloads == '0' ? gTxt('none') : $downloads, 25) . td(dLink('file', 'file_delete', 'id', $id), 10));
}
echo endTable() . nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('file', $file_list_pageby);
}
}
function rss()
{
global $prefs, $thisarticle;
set_error_handler('feedErrorHandler');
ob_clean();
extract($prefs);
extract(doSlash(gpsa(array('limit', 'area'))));
// build filter criteria from a comma-separated list of sections and categories
$feed_filter_limit = get_pref('feed_filter_limit', 10);
$section = gps('section');
$category = gps('category');
if (!is_scalar($section) || !is_scalar($category)) {
txp_die('Not Found', 404);
}
$section = $section ? array_slice(array_unique(do_list($section)), 0, $feed_filter_limit) : array();
$category = $category ? array_slice(array_unique(do_list($category)), 0, $feed_filter_limit) : array();
$st = array();
foreach ($section as $s) {
$st[] = fetch_section_title($s);
}
$ct = array();
foreach ($category as $c) {
$ct[] = fetch_category_title($c);
}
$sitename .= $section ? ' - ' . join(' - ', $st) : '';
$sitename .= $category ? ' - ' . join(' - ', $ct) : '';
$dn = explode('/', $siteurl);
$mail_or_domain = $use_mail_on_feeds_id ? eE($blog_mail_uid) : $dn[0];
// feed header
$out[] = tag('http://textpattern.com/?v=' . $version, 'generator');
$out[] = tag(doSpecial($sitename), 'title');
$out[] = tag(hu, 'link');
$out[] = '<atom:link href="' . pagelinkurl(array('rss' => 1, 'area' => $area, 'section' => $section, 'category' => $category, 'limit' => $limit)) . '" rel="self" type="application/rss+xml" />';
$out[] = tag(doSpecial($site_slogan), 'description');
$last = fetch('unix_timestamp(val)', 'txp_prefs', 'name', 'lastmod');
$out[] = tag(safe_strftime('rfc822', $last), 'pubDate');
$out[] = callback_event('rss_head');
// feed items
$articles = array();
$section = doSlash($section);
$category = doSlash($category);
if (!$area or $area == 'article') {
$sfilter = !empty($section) ? "and Section in ('" . join("','", $section) . "')" : '';
$cfilter = !empty($category) ? "and (Category1 in ('" . join("','", $category) . "') or Category2 in ('" . join("','", $category) . "'))" : '';
$limit = $limit ? $limit : $rss_how_many;
$limit = intval(min($limit, max(100, $rss_how_many)));
$frs = safe_column("name", "txp_section", "in_rss != '1'");
if ($frs) {
foreach ($frs as $f) {
$query[] = "and Section != '" . doSlash($f) . "'";
}
}
$query[] = $sfilter;
$query[] = $cfilter;
$expired = $publish_expired_articles ? '' : ' and (now() <= Expires or Expires = ' . NULLDATETIME . ') ';
$rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted, unix_timestamp(LastMod) as uLastMod, unix_timestamp(Expires) as uExpires, ID as thisid", "textpattern", "Status = 4 " . join(' ', $query) . "and Posted < now()" . $expired . "order by Posted desc limit {$limit}");
if ($rs) {
while ($a = nextRow($rs)) {
extract($a);
populateArticleData($a);
$cb = callback_event('rss_entry');
$a['posted'] = $uPosted;
$permlink = permlinkurl($a);
$summary = trim(replace_relative_urls(parse($thisarticle['excerpt']), $permlink));
$content = trim(replace_relative_urls(parse($thisarticle['body']), $permlink));
if ($syndicate_body_or_excerpt) {
# short feed: use body as summary if there's no excerpt
if (!trim($summary)) {
$summary = $content;
}
$content = '';
}
if ($show_comment_count_in_feed) {
$count = $comments_count > 0 ? ' [' . $comments_count . ']' : '';
} else {
$count = '';
}
$Title = escape_title(strip_tags($Title)) . $count;
$thisauthor = get_author_name($AuthorID);
$item = tag($Title, 'title') . n . (trim($summary) ? tag(n . escape_cdata($summary) . n, 'description') . n : '') . (trim($content) ? tag(n . escape_cdata($content) . n, 'content:encoded') . n : '') . tag($permlink, 'link') . n . tag(safe_strftime('rfc822', $a['posted']), 'pubDate') . n . tag(htmlspecialchars($thisauthor), 'dc:creator') . n . tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $blog_uid . '/' . $uid, 'guid', ' isPermaLink="false"') . n . $cb;
$articles[$ID] = tag($item, 'item');
$etags[$ID] = strtoupper(dechex(crc32($articles[$ID])));
$dates[$ID] = $uPosted;
}
}
} elseif ($area == 'link') {
$cfilter = $category ? "category in ('" . join("','", $category) . "')" : '1';
$limit = $limit ? $limit : $rss_how_many;
$limit = intval(min($limit, max(100, $rss_how_many)));
$rs = safe_rows_start("*, unix_timestamp(date) as uDate", "txp_link", "{$cfilter} order by date desc limit {$limit}");
if ($rs) {
while ($a = nextRow($rs)) {
extract($a);
$item = tag(doSpecial($linkname), 'title') . n . tag(doSpecial($description), 'description') . n . tag(doSpecial($url), 'link') . n . tag(safe_strftime('rfc822', $uDate), 'pubDate');
$articles[$id] = tag($item, 'item');
$etags[$id] = strtoupper(dechex(crc32($articles[$id])));
$dates[$id] = $date;
}
}
}
if (!$articles) {
if ($section) {
if (safe_field('name', 'txp_section', "name in ('" . join("','", $section) . "')") == false) {
txp_die(gTxt('404_not_found'), '404');
}
} elseif ($category) {
switch ($area) {
case 'link':
if (safe_field('id', 'txp_category', "name = '{$category}' and type = 'link'") == false) {
txp_die(gTxt('404_not_found'), '404');
}
break;
case 'article':
default:
if (safe_field('id', 'txp_category', "name in ('" . join("','", $category) . "') and type = 'article'") == false) {
txp_die(gTxt('404_not_found'), '404');
}
break;
}
}
} else {
//turn on compression if we aren't using it already
if (extension_loaded('zlib') && ini_get("zlib.output_compression") == 0 && ini_get('output_handler') != 'ob_gzhandler' && !headers_sent()) {
// make sure notices/warnings/errors don't fudge up the feed
// when compression is used
$buf = '';
while ($b = @ob_get_clean()) {
$buf .= $b;
}
@ob_start('ob_gzhandler');
echo $buf;
}
handle_lastmod();
$hims = serverset('HTTP_IF_MODIFIED_SINCE');
$imsd = $hims ? strtotime($hims) : 0;
if (is_callable('apache_request_headers')) {
$headers = apache_request_headers();
if (isset($headers["A-IM"])) {
$canaim = strpos($headers["A-IM"], "feed");
} else {
$canaim = false;
}
} else {
$canaim = false;
}
$hinm = stripslashes(serverset('HTTP_IF_NONE_MATCH'));
$cutarticles = false;
if ($canaim !== false) {
foreach ($articles as $id => $thing) {
if (strpos($hinm, $etags[$id]) !== false) {
unset($articles[$id]);
$cutarticles = true;
$cut_etag = true;
}
if ($dates[$id] < $imsd) {
unset($articles[$id]);
$cutarticles = true;
$cut_time = true;
}
}
}
if (isset($cut_etag) && isset($cut_time)) {
header("Vary: If-None-Match, If-Modified-Since");
} else {
if (isset($cut_etag)) {
header("Vary: If-None-Match");
} else {
if (isset($cut_time)) {
header("Vary: If-Modified-Since");
}
}
}
$etag = @join("-", $etags);
if (strstr($hinm, $etag)) {
txp_status_header('304 Not Modified');
exit(0);
}
if ($cutarticles) {
//header("HTTP/1.1 226 IM Used");
//This should be used as opposed to 200, but Apache doesn't like it.
//http://intertwingly.net/blog/2004/09/11/Vary-ETag/ says that the status code should be 200.
header("Cache-Control: no-store, im");
header("IM: feed");
}
}
$out = array_merge($out, $articles);
header("Content-Type: application/rss+xml; charset=utf-8");
if (isset($etag)) {
header('ETag: "' . $etag . '"');
}
return '<?xml version="1.0" encoding="utf-8"?>' . n . '<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:atom="http://www.w3.org/2005/Atom">' . n . tag(join(n, $out), 'channel') . n . '</rss>';
}
function link_list($message = '')
{
global $event, $step, $link_list_pageby, $txp_user;
pagetop(gTxt('tab_link'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('link_sort_column', 'name');
}
if ($dir === '') {
$dir = get_pref('link_sort_dir', 'asc');
}
$dir = $dir == 'desc' ? 'desc' : 'asc';
switch ($sort) {
case 'id':
$sort_sql = 'id ' . $dir;
break;
case 'description':
$sort_sql = 'description ' . $dir . ', id asc';
break;
case 'url':
$sort_sql = 'url ' . $dir . ', id asc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', id asc';
break;
case 'date':
$sort_sql = 'date ' . $dir . ', id asc';
break;
case 'author':
$sort_sql = 'author ' . $dir . ', id asc';
break;
default:
$sort = 'name';
$sort_sql = 'linksort ' . $dir . ', id asc';
break;
}
set_pref('link_sort_column', $sort, 'link', 2, '', 0, PREF_PRIVATE);
set_pref('link_sort_dir', $dir, 'link', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$verbatim = preg_match('/^"(.*)"$/', $crit, $m);
$crit_escaped = doSlash($verbatim ? $m[1] : str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
$critsql = $verbatim ? array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname = '{$crit_escaped}'", 'description' => "description = '{$crit_escaped}'", 'url' => "url = '{$crit_escaped}'", 'category' => "category = '{$crit_escaped}'", 'author' => "author = '{$crit_escaped}'") : array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'url' => "url like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$criteria .= callback_event('admin_criteria', 'link_list', 0, $criteria);
$total = getCount('txp_link', $criteria);
echo '<h1 class="txp-heading">' . gTxt('tab_link') . '</h1>';
echo '<div id="' . $event . '_control" class="txp-control-panel">';
if (has_privs('link.edit')) {
echo graf(sLink('link', 'link_edit', gTxt('add_new_link')), ' class="txp-buttons"');
}
if ($total < 1) {
if ($criteria != 1) {
echo n . link_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo n . graf(gTxt('no_links_recorded'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($link_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo link_search_form($crit, $search_method) . '</div>';
$rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_link', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
$show_authors = !has_single_author('txp_link');
echo n . '<div id="' . $event . '_container" class="txp-container">';
echo n . n . '<form action="index.php" id="links_form" class="multi_edit_form" method="post" name="longform">', n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . n . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('ID', 'id', 'link', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . n . column_head('link_name', 'name', 'link', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . n . column_head('description', 'description', 'link', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'links_detail description') . n . column_head('link_category', 'category', 'link', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . n . column_head('url', 'url', 'link', true, $switch_dir, $crit, $search_method, ('url' == $sort ? "{$dir} " : '') . 'url') . n . column_head('date', 'date', 'link', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'links_detail date created') . ($show_authors ? n . column_head('author', 'author', 'link', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '')) . n . '</thead>';
echo '<tbody>';
$validator = new Validator();
while ($a = nextRow($rs)) {
extract($a, EXTR_PREFIX_ALL, 'link');
$edit_url = '?event=link' . a . 'step=link_edit' . a . 'id=' . $link_id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$validator->setConstraints(array(new CategoryConstraint($link_category, array('type' => 'link'))));
$vc = $validator->validate() ? '' : ' error';
$can_edit = has_privs('link.edit') || $link_author == $txp_user && has_privs('link.edit.own');
$view_url = txpspecialchars($link_url);
echo tr(n . td(fInput('checkbox', 'selected[]', $link_id), '', 'multi-edit') . n . td($can_edit ? href($link_id, $edit_url, ' title="' . gTxt('edit') . '"') : $link_id, '', 'id') . td($can_edit ? href(txpspecialchars($link_linkname), $edit_url, ' title="' . gTxt('edit') . '"') : txpspecialchars($link_linkname), '', 'name') . td(txpspecialchars($link_description), '', 'links_detail description') . td('<span title="' . txpspecialchars(fetch_category_title($link_category, 'link')) . '">' . $link_category . '</span>', '', 'category' . $vc) . td('<a rel="external" target="_blank" href="' . $view_url . '">' . $view_url . '</a>', '', 'url') . td(gTime($link_uDate), '', 'links_detail date created') . ($show_authors ? td('<span title="' . txpspecialchars(get_author_name($link_author)) . '">' . txpspecialchars($link_author) . '</span>', '', 'author') : ''));
}
echo '</tbody>', n, endTable(), n, '</div>', n, link_multiedit_form($page, $sort, $dir, $crit, $search_method), n, tInput(), n, '</form>', n, graf(toggle_box('links_detail'), ' class="detail-toggle"'), n, '<div id="' . $event . '_navigation" class="txp-navigation">', n, nav_form('link', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit), n, pageby_form('link', $link_list_pageby), n, '</div>', n, '</div>';
}
}
function list_list($message = '', $post = '')
{
global $statuses, $comments_disabled_after, $step, $txp_user, $article_list_pageby;
pagetop(gTxt('tab_list'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
$sesutats = array_flip($statuses);
$dir = $dir == 'asc' ? 'asc' : 'desc';
switch ($sort) {
case 'id':
$sort_sql = 'ID ' . $dir;
break;
case 'expires':
$sort_sql = 'Expires ' . $dir;
break;
case 'title':
$sort_sql = 'Title ' . $dir . ', Posted desc';
break;
case 'section':
$sort_sql = 'Section ' . $dir . ', Posted desc';
break;
case 'category1':
$sort_sql = 'Category1 ' . $dir . ', Posted desc';
break;
case 'category2':
$sort_sql = 'Category2 ' . $dir . ', Posted desc';
break;
case 'status':
$sort_sql = 'Status ' . $dir . ', Posted desc';
break;
case 'author':
$sort_sql = 'AuthorID ' . $dir . ', Posted desc';
break;
case 'comments':
$sort_sql = 'comments_count ' . $dir . ', Posted desc';
break;
case 'lastmod':
$sort_sql = 'LastMod ' . $dir . ', Posted desc';
break;
default:
$sort = 'posted';
$sort_sql = 'Posted ' . $dir;
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit) {
$crit_escaped = doSlash($crit);
$critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'title_body_excerpt' => "Title rlike '{$crit_escaped}' or Body rlike '{$crit_escaped}' or Excerpt rlike '{$crit_escaped}'", 'section' => "Section rlike '{$crit_escaped}'", 'keywords' => "FIND_IN_SET('" . $crit_escaped . "',Keywords)", 'categories' => "Category1 rlike '{$crit_escaped}' or Category2 rlike '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID rlike '{$crit_escaped}'", 'article_image' => "Image in ('" . join("','", do_list($crit_escaped)) . "')", 'posted' => "Posted like '{$crit_escaped}%'", 'lastmod' => "LastMod like '{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = safe_count('textpattern', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . list_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"');
} else {
echo graf(gTxt('no_articles_recorded'), ' class="indicator"');
}
return;
}
$limit = max($article_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo n . list_search_form($crit, $search_method);
$rs = safe_rows_start('*, unix_timestamp(Posted) as posted, unix_timestamp(LastMod) as lastmod, unix_timestamp(Expires) as expires', 'textpattern', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
$total_comments = array();
// fetch true comment count, not the public comment count
// maybe we should have another row in the db?
$rs2 = safe_rows_start('parentid, count(*) as num', 'txp_discuss', "1 group by parentid order by parentid");
if ($rs2) {
while ($a = nextRow($rs2)) {
$pid = $a['parentid'];
$num = $a['num'];
$total_comments[$pid] = $num;
}
}
echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '90%') . n . tr(n . column_head('ID', 'id', 'list', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . column_head('posted', 'posted', 'list', true, $switch_dir, $crit, $search_method, 'posted' == $sort ? $dir : '') . column_head('article_modified', 'lastmod', 'list', true, $switch_dir, $crit, $search_method, ('lastmod' == $sort ? "{$dir} " : '') . 'articles_detail') . column_head('expires', 'expires', 'list', true, $switch_dir, $crit, $search_method, ('expires' == $sort ? "{$dir} " : '') . 'articles_detail') . column_head('title', 'title', 'list', true, $switch_dir, $crit, $search_method, 'title' == $sort ? $dir : '') . column_head('section', 'section', 'list', true, $switch_dir, $crit, $search_method, 'section' == $sort ? $dir : '') . column_head('category1', 'category1', 'list', true, $switch_dir, $crit, $search_method, ('category1' == $sort ? "{$dir} " : '') . 'articles_detail') . column_head('category2', 'category2', 'list', true, $switch_dir, $crit, $search_method, ('category2' == $sort ? "{$dir} " : '') . 'articles_detail') . column_head('status', 'status', 'list', true, $switch_dir, $crit, $search_method, 'status' == $sort ? $dir : '') . column_head('author', 'author', 'list', true, $switch_dir, $crit, $search_method, 'author' == $sort ? $dir : '') . column_head('comments', 'comments', 'list', true, $switch_dir, $crit, $search_method, ('comments' == $sort ? "{$dir} " : '') . 'articles_detail') . hCell());
include_once txpath . '/publish/taghandlers.php';
while ($a = nextRow($rs)) {
extract($a);
if (empty($Title)) {
$Title = '<em>' . eLink('article', 'edit', 'ID', $ID, gTxt('untitled')) . '</em>';
} else {
$Title = eLink('article', 'edit', 'ID', $ID, $Title);
}
$Category1 = $Category1 ? '<span title="' . htmlspecialchars(fetch_category_title($Category1)) . '">' . $Category1 . '</span>' : '';
$Category2 = $Category2 ? '<span title="' . htmlspecialchars(fetch_category_title($Category2)) . '">' . $Category2 . '</span>' : '';
$view_url = permlinkurl($a);
if ($Status != 4 and $Status != 5) {
$view_url .= (strpos($view_url, '?') === FALSE ? '?' : '&') . 'txpreview=' . intval($ID) . '.' . time();
}
$manage = n . '<ul class="articles_detail">' . n . t . '<li>' . eLink('article', 'edit', 'ID', $ID, gTxt('edit')) . '</li>' . n . t . '<li><a href="' . $view_url . '" class="article-view">' . gTxt('view') . '</a></li>' . n . '</ul>';
$Status = !empty($Status) ? $statuses[$Status] : '';
$comments = gTxt('none');
if (isset($total_comments[$ID]) and $total_comments[$ID] > 0) {
$comments = href(gTxt('manage'), 'index.php?event=discuss' . a . 'step=list' . a . 'search_method=parent' . a . 'crit=' . $ID) . ' (' . $total_comments[$ID] . ')';
}
$comment_status = $Annotate ? gTxt('on') : gTxt('off');
if ($comments_disabled_after) {
$lifespan = $comments_disabled_after * 86400;
$time_since = time() - $posted;
if ($time_since > $lifespan) {
$comment_status = gTxt('expired');
}
}
$comments = n . '<ul>' . n . t . '<li>' . $comment_status . '</li>' . n . t . '<li>' . $comments . '</li>' . n . '</ul>';
echo n . n . tr(n . td(eLink('article', 'edit', 'ID', $ID, $ID) . $manage) . td(gTime($posted), '', $posted < time() ? '' : 'unpublished') . td(gTime($lastmod), '', "articles_detail") . td($expires ? gTime($expires) : '', '', 'articles_detail') . td($Title) . td('<span title="' . htmlspecialchars(fetch_section_title($Section)) . '">' . $Section . '</span>', 75) . td($Category1, 100, "articles_detail") . td($Category2, 100, "articles_detail") . td($a['Status'] < 4 ? $Status : '<a href="' . permlinkurl($a) . '">' . $Status . '</a>', 50) . td('<span title="' . htmlspecialchars(get_author_name($AuthorID)) . '">' . htmlspecialchars($AuthorID) . '</span>') . td($comments, 50, "articles_detail") . td(($a['Status'] >= 4 and has_privs('article.edit.published') or $a['Status'] >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $a['Status'] < 4 and has_privs('article.edit') or $a['Status'] < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) ? fInput('checkbox', 'selected[]', $ID) : ' '));
}
echo n . n . tr(tda(toggle_box('articles_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . list_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="9" style="text-align: right; border: none;"')) . n . endTable() . n . '</form>' . n . nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . pageby_form('list', $article_list_pageby);
}
}
function row($row)
{
global $prefs;
extract($prefs);
if (!$this->controller) {
return;
}
extract($this->controller->context);
extract($row);
$event = $this->controller->event;
$edit_url = "?event={$event}" . a . 'step=edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$name = empty($name) ? gTxt('unnamed') : htmlspecialchars($name);
if ($thumbnail) {
if ($ext != '.swf') {
$thumbnail = '<img src="' . hu . $img_dir . '/' . $id . 't' . $ext . '" alt="" />';
} else {
$thumbnail = '';
}
}
if ($ext != '.swf') {
$tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption);
$tagbuilder = '<ul>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href); return false;">Textile</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href); return false;">Textpattern</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href); return false;">XHTML</a></li>' . '</ul>';
} else {
$tagbuilder = sp;
}
$category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'image')) . '">' . $category . '</span>' : '';
$tr = array();
$tr[] = $id;
$tr[] = n . '<ul>' . n . t . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . n . t . '<li><a href="' . hu . $img_dir . '/' . $id . $ext . '">' . gTxt('view') . '</a></li>' . n . '</ul>';
$tr[] = gTime($uDate);
$tr[] = href($name, $edit_url);
$tr[] = $thumbnail;
$tr[] = $tagbuilder;
$tr[] = $category;
$tr[] = '<span title="' . htmlspecialchars(get_author_name($author)) . '">' . $author . '</span>';
$tr[] = dLink($this->controller->event, 'delete', 'id', $id, '', '', '', false, array($page, $sort, $dir, $crit, $search_method));
if ($this->edit_actions and isset($row['id'])) {
$tr[] = fInput('checkbox', 'selected[]', $row['id']);
}
return doWrap($tr, 'tr', 'td', 'row-' . (++$this->count % 2 ? 'odd' : 'even'));
}
function products_list($event = '', $step = '', $message = '')
{
global $statuses, $comments_disabled_after, $step, $txp_user;
$message = '';
pagetop(gTxt('tab_list'), $message);
echo poweredit_products();
//echo the poweredit js
extract(get_prefs());
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
$sesutats = array_flip($statuses);
$dir = $dir == 'desc' ? 'desc' : 'asc';
echo '<script type="text/javascript" src="http://' . $siteurl . '/js/prototype.js"></script>';
echo '<script type="text/javascript" src="http://' . $siteurl . '/js/scriptaculous.js"></script>';
switch ($sort) {
case 'id':
$sort_sql = 'ID ' . $dir;
break;
case 'posted':
$sort_sql = 'Posted ' . $dir;
break;
case 'title':
$sort_sql = 'Title ' . $dir . ', Posted desc';
break;
case 'section':
$sort_sql = 'Section ' . $dir . ', Posted desc';
break;
case 'category1':
$sort_sql = 'Category1 ' . $dir . ', Posted desc';
break;
case 'category2':
$sort_sql = 'Category2 ' . $dir . ', Posted desc';
break;
case 'status':
$sort_sql = 'Status ' . $dir . ', Posted desc';
break;
case 'author':
$sort_sql = 'AuthorID ' . $dir . ', Posted desc';
break;
case 'comments':
$sort_sql = 'comments_count ' . $dir . ', Posted desc';
break;
default:
$dir = 'desc';
$sort_sql = 'Posted ' . $dir;
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = "section = 'store'";
if ($search_method and $crit) {
$crit_escaped = doSlash($crit);
$critsql = array('id' => "ID = '{$crit_escaped}'", 'title_body' => "Title rlike '{$crit_escaped}' or Body rlike '{$crit_escaped}'", 'section' => "Section rlike '{$crit_escaped}'", 'categories' => "Category1 rlike '{$crit_escaped}' or Category2 rlike '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID rlike '{$crit_escaped}'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = safe_count('textpattern', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . list_search_form_products($crit, $search_method) . n . graf("No products found", ' style="text-align: center;"');
} else {
echo graf("No products found", ' style="text-align: center;"');
}
return;
}
$limit = max(@$article_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo n . list_search_form_products($crit, $search_method);
$rs = safe_rows_start('*, unix_timestamp(Posted) as posted', 'textpattern', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
$total_comments = array();
// fetch true comment count, not the public comment count
// maybe we should have another row in the db?
$rs2 = safe_rows_start('parentid, count(*) as num', 'txp_discuss', "1 group by parentid order by parentid");
if ($rs2) {
while ($a = nextRow($rs2)) {
$pid = $a['parentid'];
$num = $a['num'];
$total_comments[$pid] = $num;
}
}
echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '700') . n . tr(hCell() . n . column_head('ID', 'id', 'products', true, $switch_dir, $crit, $search_method) . column_head('title', 'title', 'products', true, $switch_dir, $crit, $search_method) . column_head('category1', 'category1', 'products', true, $switch_dir, $crit, $search_method) . column_head('category2', 'category2', 'products', true, $switch_dir, $crit, $search_method) . column_head('status', 'status', 'products', true, $switch_dir, $crit, $search_method) . hCell());
include_once txpath . '/publish/taghandlers.php';
while ($a = nextRow($rs)) {
extract($a);
if (empty($Title)) {
$Title = '<em>' . eLink('product', 'edit', 'ID', $ID, gTxt('untitled')) . '</em>';
} else {
$Title = eLink('product', 'edit', 'ID', $ID, $Title);
}
if (!empty($Image)) {
$Image = "<img src='{$Image}' alt='Product Image' width='15' height='15'/>";
}
$Category1 = '<span title="' . htmlspecialchars(fetch_category_title($Category1)) . '">' . $Category1 . ' </span>';
$Category2 = '<span title="' . htmlspecialchars(fetch_category_title($Category2)) . '">' . $Category2 . ' </span>';
$manage = n . '<ul class="articles_detail">' . n . t . '<li>' . eLink('product', 'edit', 'ID', $ID, gTxt('edit')) . '</li>' . (($Status == 4 or $Status == 5) ? n . t . '<li><a href="' . permlinkurl($a) . '">' . gTxt('view') . '</a></li>' : '') . n . '</ul>';
$Status = !empty($Status) ? $statuses[$Status] : '';
$comments = gTxt('none');
if (isset($total_comments[$ID]) and $total_comments[$ID] > 0) {
$comments = href(gTxt('manage'), 'index.php?event=discuss' . a . 'step=list' . a . 'search_method=parent' . a . 'crit=' . $ID) . ' (' . $total_comments[$ID] . ')';
}
$comment_status = $Annotate ? gTxt('on') : gTxt('off');
if ($comments_disabled_after) {
$lifespan = $comments_disabled_after * 86400;
$time_since = time() - $posted;
if ($time_since > $lifespan) {
$comment_status = gTxt('expired');
}
}
$comments = n . '<ul>' . n . t . '<li>' . $comment_status . '</li>' . n . t . '<li>' . $comments . '</li>' . n . '</ul>';
echo n . n . tr(n . td($Image, 15) . td(eLink('product', 'edit', 'ID', $ID, $ID) . $manage) . td($Title) . td($Category1, 100) . td($Category2, 100) . td($a['Status'] < 4 ? $Status : '<a href="' . permlinkurl($a) . '">' . $Status . '</a>', 50) . td(($a['Status'] >= 4 and has_privs('article.edit.published') or $a['Status'] >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $a['Status'] < 4 and has_privs('article.edit') or $a['Status'] < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) ? fInput('checkbox', 'selected[]', $ID) : ' '));
}
echo n . n . tr(tda(toggle_box('articles_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . product_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="5" style="text-align: right; border: none;"')) . n . endTable() . n . '</form>' . n . '<h4 style="font-weight:normal; text-align:center; width:100%;"><a href="#" class="navlink" onclick="if($(\'uploadCSV\').style.display == \'none\'){$(\'uploadCSV\').style.display = \'block\';}else{$(\'uploadCSV\').style.display = \'none\';}">Import Products</a>';
//n.
$instructions = tag(tag('<li>Using FTP, upload your product images to <pre>/txp_site_root/images/_import/</pre></li><li>Upload a correctly formatted CSV file using the form below. (CSV must be in UTF-8 character encoding with DOS or UNIX line breaks.)</li><li>Sit back and watch the magic</li>', "ol"), "div", ' id="instructions" style="display:none; width: 380px; text-align:left; margin:0 auto;"');
echo tag('<h4 style="font-weight:normal; text-align:center; width:100%;"><small><a href="http://homeplatewp.com/TextCommerce/file_download/3">Download Example CSV</a> | <a href="javascript:void(0)" onclick="if($(\'instructions\').style.display == \'none\'){$(\'instructions\').style.display = \'block\';}else{$(\'instructions\').style.display = \'none\';}">Import Instructions</a></small></h4>' . $instructions . upload_form("Browse for CSV:", '', 'product_import', 'product'), 'div', ' id="uploadCSV" style="display:none;"');
echo n . nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method) . n . pageby_form('list', $article_list_pageby);
}
}
function category($atts, $thing = '')
{
global $s, $c;
extract(lAtts(array('class' => '', 'link' => 0, 'name' => '', 'section' => $s, 'this_section' => 0, 'title' => 0, 'type' => 'article', 'wraptag' => ''), $atts));
$category = $name ? $name : $c;
if ($category) {
$section = $this_section ? $s == 'default' ? '' : $s : $section;
$label = $title ? fetch_category_title($category, $type) : $category;
if ($thing) {
$out = '<a href="' . pagelinkurl(array('s' => $section, 'c' => $category)) . '"' . ($title ? ' title="' . $label . '"' : '') . '>' . parse($thing) . '</a>';
} elseif ($link) {
$out = href($label, pagelinkurl(array('s' => $section, 'c' => $category)));
} else {
$out = $label;
}
return doTag($out, $wraptag, $class);
}
}
function link_list($message = '')
{
global $event, $step, $link_list_pageby, $txp_user;
pagetop(gTxt('tab_link'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('link_sort_column', 'name');
}
if ($dir === '') {
$dir = get_pref('link_sort_dir', 'asc');
}
$dir = $dir == 'desc' ? 'desc' : 'asc';
switch ($sort) {
case 'id':
$sort_sql = 'id ' . $dir;
break;
case 'description':
$sort_sql = 'description ' . $dir . ', id asc';
break;
case 'url':
$sort_sql = 'url ' . $dir . ', id asc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', id asc';
break;
case 'date':
$sort_sql = 'date ' . $dir . ', id asc';
break;
case 'author':
$sort_sql = 'author ' . $dir . ', id asc';
break;
default:
$sort = 'name';
$sort_sql = 'linksort ' . $dir . ', id asc';
break;
}
set_pref('link_sort_column', $sort, 'link', 2, '', 0, PREF_PRIVATE);
set_pref('link_sort_dir', $dir, 'link', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$verbatim = preg_match('/^"(.*)"$/', $crit, $m);
$crit_escaped = $verbatim ? doSlash($m[1]) : doLike($crit);
$critsql = $verbatim ? array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname = '{$crit_escaped}'", 'description' => "description = '{$crit_escaped}'", 'url' => "url = '{$crit_escaped}'", 'category' => "category = '{$crit_escaped}'", 'author' => "author = '{$crit_escaped}'") : array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'url' => "url like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$criteria .= callback_event('admin_criteria', 'link_list', 0, $criteria);
$total = getCount('txp_link', $criteria);
echo hed(gTxt('tab_link'), 1, array('class' => 'txp-heading'));
echo n . '<div id="' . $event . '_control" class="txp-control-panel">';
if (has_privs('link.edit')) {
echo graf(sLink('link', 'link_edit', gTxt('add_new_link')), ' class="txp-buttons"');
}
if ($total < 1) {
if ($criteria != 1) {
echo link_search_form($crit, $search_method) . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo graf(gTxt('no_links_recorded'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($link_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo link_search_form($crit, $search_method) . '</div>';
$rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_link', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
$show_authors = !has_single_author('txp_link');
echo n . tag_start('div', array('id' => $event . '_container', 'class' => 'txp-container')) . n . tag_start('form', array('action' => 'index.php', 'id' => 'links_form', 'class' => 'multi_edit_form', 'method' => 'post', 'name' => 'longform')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' scope="col" title="' . gTxt('toggle_all_selected') . '" class="txp-list-col-multi-edit"') . column_head('ID', 'id', 'link', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'txp-list-col-id') . column_head('link_name', 'name', 'link', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-name') . column_head('description', 'description', 'link', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'txp-list-col-description links_detail') . column_head('link_category', 'category', 'link', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'txp-list-col-category category') . column_head('url', 'url', 'link', true, $switch_dir, $crit, $search_method, ('url' == $sort ? "{$dir} " : '') . 'txp-list-col-url') . column_head('date', 'date', 'link', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'txp-list-col-created date links_detail') . ($show_authors ? column_head('author', 'author', 'link', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'txp-list-col-author name') : '')) . n . tag_end('thead') . n . tag_start('tbody');
$validator = new Validator();
while ($a = nextRow($rs)) {
extract($a, EXTR_PREFIX_ALL, 'link');
$edit_url = array('event' => 'link', 'step' => 'link_edit', 'id' => $link_id, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit);
$validator->setConstraints(array(new CategoryConstraint($link_category, array('type' => 'link'))));
$vc = $validator->validate() ? '' : ' error';
$can_edit = has_privs('link.edit') || $link_author === $txp_user && has_privs('link.edit.own');
$view_url = txpspecialchars($link_url);
echo tr(td(fInput('checkbox', 'selected[]', $link_id), '', 'txp-list-col-multi-edit') . hCell($can_edit ? href($link_id, $edit_url, ' title="' . gTxt('edit') . '"') : $link_id, '', ' scope="row" class="txp-list-col-id"') . td($can_edit ? href(txpspecialchars($link_linkname), $edit_url, ' title="' . gTxt('edit') . '"') : txpspecialchars($link_linkname), '', 'txp-list-col-name') . td(txpspecialchars($link_description), '', 'txp-list-col-description links_detail') . td(span($link_category, array('title' => fetch_category_title($link_category, 'link'))), '', 'txp-list-col-category category' . $vc) . td(href($view_url, $view_url, ' rel="external" target="_blank"'), '', 'txp-list-col-url') . td(gTime($link_uDate), '', 'txp-list-col-created date links_detail') . ($show_authors ? td(span(txpspecialchars($link_author), array('title' => get_author_name($link_author))), '', 'txp-list-col-author name') : ''));
}
echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . link_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . graf(toggle_box('links_detail'), array('class' => 'detail-toggle')) . n . tag_start('div', array('id' => $event . '_navigation', 'class' => 'txp-navigation')) . pageby_form('link', $link_list_pageby) . nav_form('link', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div') . n . tag_end('div');
}
}
function category2($atts)
{
global $thisarticle;
extract(lAtts(array('link' => 0, 'title' => 0), $atts));
if ($thisarticle['category2']) {
$cat_title = $title ? fetch_category_title($thisarticle['category2']) : $thisarticle['category2'];
if (!empty($link)) {
return '<a href="' . pagelinkurl(array('c' => $thisarticle['category2'])) . '">' . $cat_title . '</a>';
}
return $cat_title;
}
}
function category($atts)
{
global $pretext;
extract(lAtts(array('link' => 0, 'title' => 0, 'name' => '', 'wraptag' => '', 'section' => @$pretext['s']), $atts));
if ($name) {
$cat = $name;
} else {
$cat = @$pretext['c'];
}
if ($cat) {
$cat_title = $title ? fetch_category_title($cat) : $cat;
if ($link) {
$out = '<a href="' . pagelinkurl(array('c' => $cat, 's' => $section)) . '">' . $cat_title . '</a>';
} else {
$out = $cat_title;
}
return doTag($out, $wraptag);
}
}
function image_list($message = '')
{
global $txpcfg, $extensions, $img_dir, $file_max_upload_size, $image_list_pageby, $txp_user, $event;
pagetop(gTxt('tab_image'), $message);
extract($txpcfg);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('image_sort_column', 'id');
}
if ($dir === '') {
$dir = get_pref('image_sort_dir', 'desc');
}
$dir = $dir == 'asc' ? 'asc' : 'desc';
echo hed(gTxt('tab_image'), 1, array('class' => 'txp-heading'));
echo n . '<div id="' . $event . '_control" class="txp-control-panel">';
if (!is_dir(IMPATH) or !is_writeable(IMPATH)) {
echo graf(span(null, array('class' => 'ui-icon ui-icon-alert')) . ' ' . gTxt('img_dir_not_writeable', array('{imgdir}' => IMPATH)), array('class' => 'alert-block warning'));
} elseif (has_privs('image.edit.own')) {
echo upload_form(gTxt('upload_image'), 'upload_image', 'image_insert', 'image', '', $file_max_upload_size);
}
switch ($sort) {
case 'name':
$sort_sql = 'name ' . $dir;
break;
case 'thumbnail':
$sort_sql = 'thumbnail ' . $dir . ', id asc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', id asc';
break;
case 'date':
$sort_sql = 'date ' . $dir . ', id asc';
break;
case 'author':
$sort_sql = 'author ' . $dir . ', id asc';
break;
default:
$sort = 'id';
$sort_sql = 'id ' . $dir;
break;
}
set_pref('image_sort_column', $sort, 'image', 2, '', 0, PREF_PRIVATE);
set_pref('image_sort_dir', $dir, 'image', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$verbatim = preg_match('/^"(.*)"$/', $crit, $m);
$crit_escaped = $verbatim ? doSlash($m[1]) : doLike($crit);
$critsql = $verbatim ? array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name = '{$crit_escaped}'", 'category' => "category = '{$crit_escaped}'", 'author' => "author = '{$crit_escaped}'", 'alt' => "alt = '{$crit_escaped}'", 'caption' => "caption = '{$crit_escaped}'") : array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'", 'alt' => "alt like '%{$crit_escaped}%'", 'caption' => "caption like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$criteria .= callback_event('admin_criteria', 'image_list', 0, $criteria);
$total = safe_count('txp_image', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . image_search_form($crit, $search_method) . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo graf(gTxt('no_images_recorded'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($image_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo image_search_form($crit, $search_method);
$rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_image', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}\n ");
echo pluggable_ui('image_ui', 'extend_controls', '', $rs);
echo '</div>';
// End txp-control-panel.
if ($rs) {
$show_authors = !has_single_author('txp_image');
echo n . tag_start('div', array('id' => $event . '_container', 'class' => 'txp-container')) . n . tag_start('form', array('action' => 'index.php', 'id' => 'images_form', 'class' => 'multi_edit_form', 'method' => 'post', 'name' => 'longform')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' scope="col" title="' . gTxt('toggle_all_selected') . '" class="txp-list-col-multi-edit"') . column_head('ID', 'id', 'image', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'txp-list-col-id') . column_head('name', 'name', 'image', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-name') . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'txp-list-col-created date images_detail') . column_head('thumbnail', 'thumbnail', 'image', true, $switch_dir, $crit, $search_method, ('thumbnail' == $sort ? "{$dir} " : '') . 'txp-list-col-thumbnail') . hCell(gTxt('tags'), '', ' scope="col" class="txp-list-col-tag-build images_detail"') . column_head('image_category', 'category', 'image', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'txp-list-col-category category') . ($show_authors ? column_head('author', 'author', 'image', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'txp-list-col-author name') : '')) . n . tag_end('thead') . n . tag_start('tbody');
$validator = new Validator();
while ($a = nextRow($rs)) {
extract($a);
$edit_url = array('event' => 'image', 'step' => 'image_edit', 'id' => $id, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit);
$name = empty($name) ? gTxt('unnamed') : txpspecialchars($name);
if ($thumbnail) {
if ($ext != '.swf') {
$thumbnail = '<img class="content-image" src="' . imagesrcurl($id, $ext, true) . "?{$uDate}" . '" alt="" ' . "title='{$id}{$ext} ({$w} × {$h})'" . ($thumb_w ? " width='{$thumb_w}' height='{$thumb_h}'" : '') . ' />';
} else {
$thumbnail = '';
}
} else {
$thumbnail = gTxt('no');
}
if ($ext != '.swf') {
$tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption);
$tagbuilder = href('Textile', $tag_url . a . 'type=textile', ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('|', array('role' => 'separator')) . sp . href('Textpattern', $tag_url . a . 'type=textpattern', ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('|', array('role' => 'separator')) . sp . href('HTML', $tag_url . a . 'type=html', ' target="_blank" onclick="popWin(this.href); return false;"');
} else {
$tagbuilder = sp;
}
$validator->setConstraints(array(new CategoryConstraint($category, array('type' => 'image'))));
$vc = $validator->validate() ? '' : ' error';
$category = $category ? span($category, array('title' => fetch_category_title($category, 'image'))) : '';
$can_edit = has_privs('image.edit') || $author === $txp_user && has_privs('image.edit.own');
echo tr(td($can_edit ? fInput('checkbox', 'selected[]', $id) : ' ', '', 'txp-list-col-multi-edit') . hCell(($can_edit ? href($id, $edit_url, array('title' => gTxt('edit'))) : $id) . sp . span(span('[', array('aria-hidden' => 'true')) . href(gTxt('view'), imagesrcurl($id, $ext)) . span(']', array('aria-hidden' => 'true')), array('class' => 'images_detail')), '', ' scope="row" class="txp-list-col-id"') . td($can_edit ? href($name, $edit_url, ' title="' . gTxt('edit') . '"') : $name, '', 'txp-list-col-name') . td(gTime($uDate), '', 'txp-list-col-created date images_detail') . td(pluggable_ui('image_ui', 'thumbnail', $can_edit ? href($thumbnail, $edit_url) : $thumbnail, $a), '', 'txp-list-col-thumbnail') . td($tagbuilder, '', 'txp-list-col-tag-build images_detail') . td($category, '', 'txp-list-col-category category' . $vc) . ($show_authors ? td(span(txpspecialchars($author), array('title' => get_author_name($author))), '', 'txp-list-col-author name') : ''));
}
echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . image_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . graf(toggle_box('images_detail'), array('class' => 'detail-toggle')) . n . tag_start('div', array('id' => $event . '_navigation', 'class' => 'txp-navigation')) . pageby_form('image', $image_list_pageby) . nav_form('image', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div') . n . tag_end('div');
}
}
function file_list($message = '')
{
global $file_base_path, $file_statuses, $file_list_pageby, $txp_user, $event;
pagetop(gTxt('tab_file'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('file_sort_column', 'filename');
}
if ($dir === '') {
$dir = get_pref('file_sort_dir', 'asc');
}
$dir = $dir == 'desc' ? 'desc' : 'asc';
echo '<h1 class="txp-heading">' . gTxt('tab_file') . '</h1>';
echo '<div id="' . $event . '_control" class="txp-control-panel">';
if (!is_dir($file_base_path) or !is_writeable($file_base_path)) {
echo graf(gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), ' class="alert-block warning"');
} elseif (has_privs('file.edit.own')) {
$existing_files = get_filenames();
if (count($existing_files) > 0) {
echo form(eInput('file') . sInput('file_create') . graf('<label for="file-existing">' . gTxt('existing_file') . '</label>' . sp . selectInput('filename', $existing_files, '', 1, '', 'file-existing') . sp . fInput('submit', '', gTxt('Create')), ' class="existing-file"'), '', '', 'post', '', '', 'assign_file');
}
echo file_upload_form(gTxt('upload_file'), 'upload', 'file_insert');
}
switch ($sort) {
case 'id':
$sort_sql = 'id ' . $dir;
break;
case 'description':
$sort_sql = 'description ' . $dir . ', filename desc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', filename desc';
break;
case 'title':
$sort_sql = 'title ' . $dir . ', filename desc';
break;
case 'downloads':
$sort_sql = 'downloads ' . $dir . ', filename desc';
break;
case 'author':
$sort_sql = 'author ' . $dir . ', id asc';
break;
default:
$sort = 'filename';
$sort_sql = 'filename ' . $dir;
break;
}
set_pref('file_sort_column', $sort, 'file', PREF_HIDDEN, '', 0, PREF_PRIVATE);
set_pref('file_sort_dir', $dir, 'file', PREF_HIDDEN, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$verbatim = preg_match('/^"(.*)"$/', $crit, $m);
$crit_escaped = doSlash($verbatim ? $m[1] : str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
$critsql = $verbatim ? array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "filename = '{$crit_escaped}'", 'title' => "title = '{$crit_escaped}'", 'description' => "description = '{$crit_escaped}'", 'category' => "category = '{$crit_escaped}'", 'author' => "author = '{$crit_escaped}'") : array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "filename like '%{$crit_escaped}%'", 'title' => "title like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$criteria .= callback_event('admin_criteria', 'file_list', 0, $criteria);
$total = safe_count('txp_file', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . file_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo n . graf(gTxt('no_files_recorded'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($file_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo file_search_form($crit, $search_method) . '</div>';
$rs = safe_rows_start('*', 'txp_file', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
$show_authors = !has_single_author('txp_file');
echo n . '<div id="' . $event . '_container" class="txp-container">';
echo '<form name="longform" id="files_form" class="multi_edit_form" method="post" action="index.php">' . n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . n . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method, ('filename' == $sort ? "{$dir} " : '') . 'name') . n . column_head('title', 'title', 'file', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'title') . n . column_head('description', 'description', 'file', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'files_detail description') . n . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . n . hCell(gTxt('tags'), '', ' class="files_detail tag-build"') . n . hCell(gTxt('status'), '', ' class="status"') . n . hCell(gTxt('condition'), '', ' class="condition"') . n . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method, ('downloads' == $sort ? "{$dir} " : '') . 'downloads') . ($show_authors ? n . column_head('author', 'author', 'file', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '')) . n . '</thead>';
echo '<tbody>';
$validator = new Validator();
while ($a = nextRow($rs)) {
extract($a);
$filename = sanitizeForFile($filename);
$edit_url = '?event=file' . a . 'step=file_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$file_exists = file_exists(build_file_path($file_base_path, $filename));
$download_link = $file_exists ? make_download_link($id, $downloads, $filename) : $downloads;
$validator->setConstraints(array(new CategoryConstraint($category, array('type' => 'file'))));
$vc = $validator->validate() ? '' : ' error';
$category = $category ? '<span title="' . txpspecialchars(fetch_category_title($category, 'file')) . '">' . $category . '</span>' : '';
$tag_url = '?event=tag' . a . 'tag_name=file_download_link' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename);
$condition = '<span class="';
$condition .= $file_exists ? 'success' : 'error';
$condition .= '">';
$condition .= $file_exists ? gTxt('file_status_ok') : gTxt('file_status_missing');
$condition .= '</span>';
$can_edit = has_privs('file.edit') || $author == $txp_user && has_privs('file.edit.own');
echo tr(n . td($can_edit ? fInput('checkbox', 'selected[]', $id) : ' ', '', 'multi-edit') . n . td(($can_edit ? href($id, $edit_url, ' title="' . gTxt('edit') . '"') : $id) . ($file_exists ? sp . '<span class="files_detail">[' . make_download_link($id, gTxt('download'), $filename) . ']</span>' : ''), '', 'id') . td($can_edit ? href(txpspecialchars($filename), $edit_url, ' title="' . gTxt('edit') . '"') : txpspecialchars($filename), '', 'name') . td(txpspecialchars($title), '', 'title') . td(txpspecialchars($description), '', 'files_detail description') . td($category, '', 'category' . $vc) . td(n . '<a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href, 400, 250); return false;">Textile</a>' . sp . '|' . sp . '<a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href, 400, 250); return false;">Textpattern</a>' . sp . '|' . sp . '<a target="_blank" href="' . $tag_url . a . 'type=html" onclick="popWin(this.href, 400, 250); return false;">HTML</a>', '', 'files_detail tag-build') . td(in_array($status, array_keys($file_statuses)) ? $file_statuses[$status] : '<span class="error">' . gTxt('none') . '</span>', '', 'status') . td($condition, '', 'condition') . td($download_link, '', 'downloads') . ($show_authors ? td('<span title="' . txpspecialchars(get_author_name($author)) . '">' . txpspecialchars($author) . '</span>', '', 'author') : ''));
}
echo '</tbody>', n, endTable(), n, '</div>', n, file_multiedit_form($page, $sort, $dir, $crit, $search_method), n, tInput(), n, '</form>', n, graf(toggle_box('files_detail'), ' class="detail-toggle"'), n, '<div id="' . $event . '_navigation" class="txp-navigation">', n, nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit), n, pageby_form('file', $file_list_pageby), n, '</div>', n, '</div>';
}
}
function link_list($message = '')
{
global $event, $step, $link_list_pageby, $txp_user;
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('link_sort_column', 'name');
}
if ($dir === '') {
$dir = get_pref('link_sort_dir', 'asc');
}
$dir = $dir == 'desc' ? 'desc' : 'asc';
switch ($sort) {
case 'id':
$sort_sql = 'id ' . $dir;
break;
case 'description':
$sort_sql = 'description ' . $dir . ', id asc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', id asc';
break;
case 'date':
$sort_sql = 'date ' . $dir . ', id asc';
break;
case 'author':
$sort_sql = 'author ' . $dir . ', id asc';
break;
default:
$sort = 'name';
$sort_sql = 'linksort ' . $dir . ', id asc';
break;
}
set_pref('link_sort_column', $sort, 'link', 2, '', 0, PREF_PRIVATE);
set_pref('link_sort_dir', $dir, 'link', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit) {
$crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
$critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = getCount('txp_link', $criteria);
echo '<div id="' . $event . '_control" class="txp-control-panel">';
if ($total < 1) {
if ($criteria != 1) {
echo n . link_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo n . graf(gTxt('no_links_recorded'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($link_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo link_search_form($crit, $search_method) . '</div>';
$rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_link', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
$show_authors = !has_single_author('txp_link');
echo n . '<div class="txp-list">';
echo n . n . '<form action="index.php" id="links_form" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list', '', 'list') . n . '<thead>' . n . tr(column_head('ID', 'id', 'link', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . hCell('', '', ' class="actions"') . column_head('link_name', 'name', 'link', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . column_head('description', 'description', 'link', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'description') . column_head('link_category', 'category', 'link', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . column_head('date', 'date', 'link', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'date created') . ($show_authors ? column_head('author', 'author', 'link', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '') . hCell('', '', ' class="multi-edit"')) . n . '</thead>';
$tfoot = n . '<tfoot>' . tr(tda(select_buttons() . link_multiedit_form($page, $sort, $dir, $crit, $search_method), ' class="multi-edit" colspan="' . ($show_authors ? '8' : '7') . '" style="text-align: right; border: none;"')) . n . '</tfoot>';
echo $tfoot;
echo '<tbody>';
$ctr = 1;
while ($a = nextRow($rs)) {
extract($a);
$edit_url = '?event=link' . a . 'step=link_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$can_edit = has_privs('link.edit') || $author == $txp_user && has_privs('link.edit.own');
echo tr(n . td($id, 20, 'id') . td(n . '<ul>' . ($can_edit ? n . t . '<li class="action-edit">' . href(gTxt('edit'), $edit_url) . '</li>' : '') . n . t . '<li class="action-view">' . href(gTxt('view'), $url) . '</li>' . n . '</ul>', 35, 'actions') . td($can_edit ? href($linkname, $edit_url) : $linkname, 125, 'name') . td(htmlspecialchars($description), 150, 'description') . td('<span title="' . htmlspecialchars(fetch_category_title($category, 'link')) . '">' . $category . '</span>', 125, 'category') . td(gTime($uDate), 75, 'date created') . ($show_authors ? td('<span title="' . htmlspecialchars(get_author_name($author)) . '">' . htmlspecialchars($author) . '</span>', '', 'author') : '') . td(fInput('checkbox', 'selected[]', $id), '', 'multi-edit'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"');
$ctr++;
}
echo '</tbody>' . n . endTable() . n . '</form>' . n . '<div id="' . $event . '_navigation" class="txp-navigation">' . n . nav_form('link', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . pageby_form('link', $link_list_pageby) . n . '</div>' . n . '</div>';
}
}
function image_list($message = '')
{
global $txpcfg, $extensions, $img_dir, $file_max_upload_size, $image_list_pageby, $txp_user, $event;
pagetop(gTxt('tab_image'), $message);
extract($txpcfg);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('image_sort_column', 'id');
}
if ($dir === '') {
$dir = get_pref('image_sort_dir', 'desc');
}
$dir = $dir == 'asc' ? 'asc' : 'desc';
echo '<h1 class="txp-heading">' . gTxt('tab_image') . '</h1>';
echo '<div id="' . $event . '_control" class="txp-control-panel">';
if (!is_dir(IMPATH) or !is_writeable(IMPATH)) {
echo graf(gTxt('img_dir_not_writeable', array('{imgdir}' => IMPATH)), ' class="alert-block warning"');
} elseif (has_privs('image.edit.own')) {
echo upload_form(gTxt('upload_image'), 'upload_image', 'image_insert', 'image', '', $file_max_upload_size);
}
switch ($sort) {
case 'name':
$sort_sql = 'name ' . $dir;
break;
case 'thumbnail':
$sort_sql = 'thumbnail ' . $dir . ', id asc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', id asc';
break;
case 'date':
$sort_sql = 'date ' . $dir . ', id asc';
break;
case 'author':
$sort_sql = 'author ' . $dir . ', id asc';
break;
default:
$sort = 'id';
$sort_sql = 'id ' . $dir;
break;
}
set_pref('image_sort_column', $sort, 'image', 2, '', 0, PREF_PRIVATE);
set_pref('image_sort_dir', $dir, 'image', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$verbatim = preg_match('/^"(.*)"$/', $crit, $m);
$crit_escaped = doSlash($verbatim ? $m[1] : str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
$critsql = $verbatim ? array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name = '{$crit_escaped}'", 'category' => "category = '{$crit_escaped}'", 'author' => "author = '{$crit_escaped}'", 'alt' => "alt = '{$crit_escaped}'", 'caption' => "caption = '{$crit_escaped}'") : array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'", 'alt' => "alt like '%{$crit_escaped}%'", 'caption' => "caption like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$criteria .= callback_event('admin_criteria', 'image_list', 0, $criteria);
$total = safe_count('txp_image', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . image_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo n . graf(gTxt('no_images_recorded'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($image_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo image_search_form($crit, $search_method);
$rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_image', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}\n\t\t");
echo pluggable_ui('image_ui', 'extend_controls', '', $rs);
echo '</div>';
// end txp-control-panel
if ($rs) {
$show_authors = !has_single_author('txp_image');
echo n . '<div id="' . $event . '_container" class="txp-container">';
echo n . n . '<form name="longform" id="images_form" class="multi_edit_form" method="post" action="index.php">' . n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . n . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('ID', 'id', 'image', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . n . column_head('name', 'name', 'image', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . n . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'images_detail date created') . n . column_head('thumbnail', 'thumbnail', 'image', true, $switch_dir, $crit, $search_method, ('thumbnail' == $sort ? "{$dir} " : '') . 'thumbnail') . n . hCell(gTxt('tags'), '', ' class="images_detail tag-build"') . n . column_head('image_category', 'category', 'image', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . ($show_authors ? n . column_head('author', 'author', 'image', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '')) . n . '</thead>';
echo '<tbody>';
$validator = new Validator();
while ($a = nextRow($rs)) {
extract($a);
$edit_url = '?event=image' . a . 'step=image_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$name = empty($name) ? gTxt('unnamed') : txpspecialchars($name);
if ($thumbnail) {
if ($ext != '.swf') {
$thumbnail = '<img class="content-image" src="' . imagesrcurl($id, $ext, true) . "?{$uDate}" . '" alt="" ' . "title='{$id}{$ext} ({$w} × {$h})'" . ($thumb_w ? " width='{$thumb_w}' height='{$thumb_h}'" : '') . ' />';
} else {
$thumbnail = '';
}
} else {
$thumbnail = gTxt('no');
}
if ($ext != '.swf') {
$tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption);
$tagbuilder = '<a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href); return false;">Textile</a>' . sp . '|' . sp . '<a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href); return false;">Textpattern</a>' . sp . '|' . sp . '<a target="_blank" href="' . $tag_url . a . 'type=html" onclick="popWin(this.href); return false;">HTML</a>';
} else {
$tagbuilder = sp;
}
$validator->setConstraints(array(new CategoryConstraint($category, array('type' => 'image'))));
$vc = $validator->validate() ? '' : ' error';
$category = $category ? '<span title="' . txpspecialchars(fetch_category_title($category, 'image')) . '">' . $category . '</span>' : '';
$can_edit = has_privs('image.edit') || $author == $txp_user && has_privs('image.edit.own');
echo n . n . tr(n . td($can_edit ? fInput('checkbox', 'selected[]', $id) : ' ', '', 'multi-edit') . n . td(($can_edit ? href($id, $edit_url, ' title="' . gTxt('edit') . '"') : $id) . sp . '<span class="images_detail">[<a href="' . imagesrcurl($id, $ext) . '">' . gTxt('view') . '</a>]</span>', '', 'id') . td($can_edit ? href($name, $edit_url, ' title="' . gTxt('edit') . '"') : $name, '', 'name') . td(gTime($uDate), '', 'images_detail date created') . td(pluggable_ui('image_ui', 'thumbnail', $can_edit ? href($thumbnail, $edit_url) : $thumbnail, $a), '', 'thumbnail') . td($tagbuilder, '', 'images_detail tag-build') . td($category, '', 'category' . $vc) . ($show_authors ? td('<span title="' . txpspecialchars(get_author_name($author)) . '">' . txpspecialchars($author) . '</span>', '', 'author') : ''));
}
echo '</tbody>', n, endTable(), n, '</div>', n, image_multiedit_form($page, $sort, $dir, $crit, $search_method), n, tInput(), n, '</form>', n, graf(toggle_box('images_detail'), ' class="detail-toggle"'), n, '<div id="' . $event . '_navigation" class="txp-navigation">', n, nav_form('image', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit), n, pageby_form('image', $image_list_pageby), n, '</div>', n, '</div>';
}
}
function category2($atts)
{
global $thisarticle;
extract(lAtts(array('link' => ''), $atts));
if ($thisarticle['category2']) {
$cat_title = fetch_category_title($thisarticle['category2']);
if (!empty($link)) {
return '<a href="' . hu . strtolower(urlencode(gTxt('category'))) . '/' . strtolower(urlencode($thisarticle['category2'])) . '">' . $cat_title . '</a>';
}
return $cat_title;
}
}
function list_list($message = '', $post = '')
{
global $statuses, $comments_disabled_after, $step, $txp_user, $article_list_pageby, $event;
pagetop(gTxt('tab_list'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('article_sort_column', 'posted');
}
if ($dir === '') {
$dir = get_pref('article_sort_dir', 'desc');
}
$dir = $dir == 'asc' ? 'asc' : 'desc';
$sesutats = array_flip($statuses);
switch ($sort) {
case 'id':
$sort_sql = 'ID ' . $dir;
break;
case 'title':
$sort_sql = 'Title ' . $dir . ', Posted desc';
break;
case 'expires':
$sort_sql = 'Expires ' . $dir;
break;
case 'section':
$sort_sql = 'Section ' . $dir . ', Posted desc';
break;
case 'category1':
$sort_sql = 'Category1 ' . $dir . ', Posted desc';
break;
case 'category2':
$sort_sql = 'Category2 ' . $dir . ', Posted desc';
break;
case 'status':
$sort_sql = 'Status ' . $dir . ', Posted desc';
break;
case 'author':
$sort_sql = 'AuthorID ' . $dir . ', Posted desc';
break;
case 'comments':
$sort_sql = 'comments_count ' . $dir . ', Posted desc';
break;
case 'lastmod':
$sort_sql = 'LastMod ' . $dir . ', Posted desc';
break;
default:
$sort = 'posted';
$sort_sql = 'Posted ' . $dir;
break;
}
set_pref('article_sort_column', $sort, 'list', 2, '', 0, PREF_PRIVATE);
set_pref('article_sort_dir', $dir, 'list', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$verbatim = preg_match('/^"(.*)"$/', $crit, $m);
$crit_escaped = doSlash($verbatim ? $m[1] : str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
$critsql = $verbatim ? array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'title_body_excerpt' => "Title = '{$crit_escaped}' or Body = '{$crit_escaped}' or Excerpt = '{$crit_escaped}'", 'section' => "Section = '{$crit_escaped}'", 'keywords' => "FIND_IN_SET('" . $crit_escaped . "',Keywords)", 'categories' => "Category1 = '{$crit_escaped}' or Category2 = '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID = '{$crit_escaped}'", 'article_image' => "Image in ('" . join("','", do_list($crit_escaped)) . "')", 'posted' => "Posted = '{$crit_escaped}'", 'lastmod' => "LastMod = '{$crit_escaped}'") : array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'title_body_excerpt' => "Title like '%{$crit_escaped}%' or Body like '%{$crit_escaped}%' or Excerpt like '%{$crit_escaped}%'", 'section' => "Section like '%{$crit_escaped}%'", 'keywords' => "FIND_IN_SET('" . $crit_escaped . "',Keywords)", 'categories' => "Category1 like '%{$crit_escaped}%' or Category2 like '%{$crit_escaped}%'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID like '%{$crit_escaped}%'", 'article_image' => "Image in ('" . join("','", do_list($crit_escaped)) . "')", 'posted' => "Posted like '{$crit_escaped}%'", 'lastmod' => "LastMod like '{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$criteria .= callback_event('admin_criteria', 'list_list', 0, $criteria);
$total = safe_count('textpattern', "{$criteria}");
echo '<h1 class="txp-heading">' . gTxt('tab_list') . '</h1>';
echo '<div id="' . $event . '_control" class="txp-control-panel">';
if ($total < 1) {
if ($criteria != 1) {
echo n . list_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo graf(gTxt('no_articles_recorded'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($article_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo n . list_search_form($crit, $search_method) . '</div>';
$rs = safe_rows_start('*, unix_timestamp(Posted) as posted, unix_timestamp(LastMod) as lastmod, unix_timestamp(Expires) as expires', 'textpattern', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
$show_authors = !has_single_author('textpattern', 'AuthorID');
$total_comments = array();
// fetch true comment count, not the public comment count
// maybe we should have another row in the db?
$rs2 = safe_rows_start('parentid, count(*) as num', 'txp_discuss', "1 group by parentid order by parentid");
if ($rs2) {
while ($a = nextRow($rs2)) {
$pid = $a['parentid'];
$num = $a['num'];
$total_comments[$pid] = $num;
}
}
echo n . '<div id="' . $event . '_container" class="txp-container">';
echo n . n . '<form name="longform" id="articles_form" class="multi_edit_form" method="post" action="index.php">' . n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . n . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('ID', 'id', 'list', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id actions') . column_head('title', 'title', 'list', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'title') . column_head('posted', 'posted', 'list', true, $switch_dir, $crit, $search_method, ('posted' == $sort ? "{$dir} " : '') . 'date posted created') . column_head('article_modified', 'lastmod', 'list', true, $switch_dir, $crit, $search_method, ('lastmod' == $sort ? "{$dir} " : '') . 'articles_detail date modified') . column_head('expires', 'expires', 'list', true, $switch_dir, $crit, $search_method, ('expires' == $sort ? "{$dir} " : '') . 'articles_detail date expires') . column_head('section', 'section', 'list', true, $switch_dir, $crit, $search_method, ('section' == $sort ? "{$dir} " : '') . 'section') . column_head('category1', 'category1', 'list', true, $switch_dir, $crit, $search_method, ('category1' == $sort ? "{$dir} " : '') . 'articles_detail category category1') . column_head('category2', 'category2', 'list', true, $switch_dir, $crit, $search_method, ('category2' == $sort ? "{$dir} " : '') . 'articles_detail category category2') . column_head('status', 'status', 'list', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'status') . ($show_authors ? column_head('author', 'author', 'list', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '') . column_head('comments', 'comments', 'list', true, $switch_dir, $crit, $search_method, ('comments' == $sort ? "{$dir} " : '') . 'articles_detail comments')) . n . '</thead>';
include_once txpath . '/publish/taghandlers.php';
echo '<tbody>';
$validator = new Validator();
while ($a = nextRow($rs)) {
extract($a);
if (empty($Title)) {
$Title = '<em>' . eLink('article', 'edit', 'ID', $ID, gTxt('untitled')) . '</em>';
} else {
$Title = eLink('article', 'edit', 'ID', $ID, $Title);
}
// Valid section and categories?
$validator->setConstraints(array(new SectionConstraint($Section)));
$vs = $validator->validate() ? '' : ' error';
$validator->setConstraints(array(new CategoryConstraint($Category1, array('type' => 'article'))));
$vc[1] = $validator->validate() ? '' : ' error';
$validator->setConstraints(array(new CategoryConstraint($Category2, array('type' => 'article'))));
$vc[2] = $validator->validate() ? '' : ' error';
$Category1 = $Category1 ? '<span title="' . txpspecialchars(fetch_category_title($Category1)) . '">' . $Category1 . '</span>' : '';
$Category2 = $Category2 ? '<span title="' . txpspecialchars(fetch_category_title($Category2)) . '">' . $Category2 . '</span>' : '';
if ($Status != STATUS_LIVE and $Status != STATUS_STICKY) {
$view_url = '?txpreview=' . intval($ID) . '.' . time();
} else {
$view_url = permlinkurl($a);
}
$Status = !empty($Status) ? $statuses[$Status] : '';
$comments = '(0)';
if (isset($total_comments[$ID]) and $total_comments[$ID] > 0) {
$comments = href('(' . $total_comments[$ID] . ')', 'index.php?event=discuss' . a . 'step=list' . a . 'search_method=parent' . a . 'crit=' . $ID, ' title="' . gTxt('manage') . '"');
}
$comment_status = $Annotate ? gTxt('on') : gTxt('off');
if ($comments_disabled_after) {
$lifespan = $comments_disabled_after * 86400;
$time_since = time() - $posted;
if ($time_since > $lifespan) {
$comment_status = gTxt('expired');
}
}
$comments = n . '<span class="comments-status">' . $comment_status . '</span> <span class="comments-manage">' . $comments . '</span>';
echo n . n . tr(n . td(($a['Status'] >= STATUS_LIVE and has_privs('article.edit.published') or $a['Status'] >= STATUS_LIVE and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $a['Status'] < STATUS_LIVE and has_privs('article.edit') or $a['Status'] < STATUS_LIVE and $AuthorID == $txp_user and has_privs('article.edit.own')) ? fInput('checkbox', 'selected[]', $ID, 'checkbox') : ' ', '', 'multi-edit') . n . td(eLink('article', 'edit', 'ID', $ID, $ID) . sp . '<span class="articles_detail">[<a href="' . $view_url . '">' . gTxt('view') . '</a>]</span>', '', 'id') . td($Title, '', 'title') . td(gTime($posted), '', ($posted < time() ? '' : 'unpublished ') . 'date posted created') . td(gTime($lastmod), '', "articles_detail date modified") . td($expires ? gTime($expires) : '', '', 'articles_detail date expires') . td('<span title="' . txpspecialchars(fetch_section_title($Section)) . '">' . $Section . '</span>', '', 'section' . $vs) . td($Category1, '', "articles_detail category category1" . $vc[1]) . td($Category2, '', "articles_detail category category2" . $vc[2]) . td('<a href="' . $view_url . '" title="' . gTxt('view') . '">' . $Status . '</a>', '', 'status') . ($show_authors ? td('<span title="' . txpspecialchars(get_author_name($AuthorID)) . '">' . txpspecialchars($AuthorID) . '</span>', '', 'author') : '') . td($comments, '', "articles_detail comments"));
}
echo '</tbody>', n, endTable(), n, '</div>', n, list_multiedit_form($page, $sort, $dir, $crit, $search_method), n, tInput(), n, '</form>', n, graf(toggle_box('articles_detail'), ' class="detail-toggle"'), n, '<div id="' . $event . '_navigation" class="txp-navigation">', n, nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit), n, pageby_form('list', $article_list_pageby), n, '</div>', n, '</div>';
}
}
function file_list($message = '')
{
global $txpcfg, $extensions, $file_base_path, $file_statuses, $file_list_pageby;
pagetop(gTxt('file'), $message);
extract($txpcfg);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if (!is_dir($file_base_path) or !is_writeable($file_base_path)) {
echo graf(gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), ' id="warning"');
} else {
$existing_files = get_filenames();
if (count($existing_files) > 0) {
echo form(eInput('file') . sInput('file_create') . graf(gTxt('existing_file') . sp . selectInput('filename', $existing_files, '', 1) . sp . fInput('submit', '', gTxt('Create'), 'smallerbox')), 'text-align: center;');
}
echo file_upload_form(gTxt('upload_file'), 'upload', 'file_insert');
}
$dir = $dir == 'desc' ? 'desc' : 'asc';
switch ($sort) {
case 'id':
$sort_sql = 'id ' . $dir;
break;
case 'description':
$sort_sql = 'description ' . $dir . ', filename desc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', filename desc';
break;
case 'downloads':
$sort_sql = 'downloads ' . $dir . ', filename desc';
break;
default:
$sort = 'filename';
$sort_sql = 'filename ' . $dir;
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit) {
$crit_escaped = doSlash($crit);
$critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "filename like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = safe_count('txp_file', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . file_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"');
} else {
echo n . graf(gTxt('no_files_recorded'), ' class="indicator"');
}
return;
}
$limit = max($file_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo file_search_form($crit, $search_method);
$rs = safe_rows_start('*', 'txp_file', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
echo '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list') . tr(column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . hCell() . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method, 'filename' == $sort ? $dir : '') . column_head('description', 'description', 'file', true, $switch_dir, $crit, $search_method, 'description' == $sort ? $dir : '') . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method, 'category' == $sort ? $dir : '') . hCell(gTxt('tags')) . hCell(gTxt('status')) . hCell(gTxt('condition')) . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method, 'downloads' == $sort ? $dir : '') . hCell());
while ($a = nextRow($rs)) {
extract($a);
$edit_url = '?event=file' . a . 'step=file_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$file_exists = file_exists(build_file_path($file_base_path, $filename));
$download_link = $file_exists ? '<li>' . make_download_link($id, '', $filename) . '</li>' : '';
$category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'file')) . '">' . $category . '</span>' : '';
$tag_url = '?event=tag' . a . 'tag_name=file_download_link' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename);
$condition = '<span class="';
$condition .= $file_exists ? 'ok' : 'not-ok';
$condition .= '">';
$condition .= $file_exists ? gTxt('file_status_ok') : gTxt('file_status_missing');
$condition .= '</span>';
echo tr(n . td($id) . td('<ul>' . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . $download_link . '</ul>', 65) . td(href(htmlspecialchars($filename), $edit_url), 125) . td(htmlspecialchars($description), 150) . td($category, 90) . td(n . '<ul>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href, 400, 250); return false;">Textile</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href, 400, 250); return false;">Textpattern</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href, 400, 250); return false;">XHTML</a></li>' . n . '</ul>', 75) . td($file_statuses[$status], 45) . td($condition, 45) . td($downloads == '0' ? gTxt('none') : $downloads, 25) . td(fInput('checkbox', 'selected[]', $id), 10));
}
echo tr(tda(select_buttons() . file_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="10" style="text-align: right; border: none;"')) . endTable() . '</form>' . nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('file', $file_list_pageby);
}
}
function image_list($message = '')
{
global $txpcfg, $extensions, $img_dir, $file_max_upload_size, $image_list_pageby;
pagetop(gTxt('images'), $message);
extract($txpcfg);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if (!is_dir(IMPATH) or !is_writeable(IMPATH)) {
echo graf(gTxt('img_dir_not_writeable', array('{imgdir}' => IMPATH)), ' id="warning"');
} else {
echo upload_form(gTxt('upload_image'), 'upload', 'image_insert', 'image', '', $file_max_upload_size);
}
$dir = $dir == 'asc' ? 'asc' : 'desc';
switch ($sort) {
case 'name':
$sort_sql = 'name ' . $dir;
break;
case 'thumbnail':
$sort_sql = 'thumbnail ' . $dir . ', id asc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', id asc';
break;
case 'date':
$sort_sql = 'date ' . $dir . ', id asc';
break;
case 'author':
$sort_sql = 'author ' . $dir . ', id asc';
break;
default:
$sort = 'id';
$sort_sql = 'id ' . $dir;
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit) {
$crit_escaped = doSlash($crit);
$critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'", 'alt' => "alt like '%{$crit_escaped}%'", 'caption' => "caption like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = safe_count('txp_image', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . image_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"');
} else {
echo n . graf(gTxt('no_images_recorded'), ' class="indicator"');
}
return;
}
$limit = max($image_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo image_search_form($crit, $search_method);
$rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_image', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}\n\t\t");
if ($rs) {
echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . n . startTable('list') . n . tr(column_head('ID', 'id', 'image', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . hCell() . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method, 'date' == $sort ? $dir : '') . column_head('name', 'name', 'image', true, $switch_dir, $crit, $search_method, 'name' == $sort ? $dir : '') . column_head('thumbnail', 'thumbnail', 'image', true, $switch_dir, $crit, $search_method, 'thumbnail' == $sort ? $dir : '') . hCell(gTxt('tags')) . column_head('image_category', 'category', 'image', true, $switch_dir, $crit, $search_method, 'category' == $sort ? $dir : '') . column_head('author', 'author', 'image', true, $switch_dir, $crit, $search_method, 'author' == $sort ? $dir : '') . hCell());
while ($a = nextRow($rs)) {
extract($a);
$edit_url = '?event=image' . a . 'step=image_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$name = empty($name) ? gTxt('unnamed') : htmlspecialchars($name);
if ($thumbnail) {
if ($ext != '.swf') {
$thumbnail = '<img src="' . hu . $img_dir . '/' . $id . 't' . $ext . "?{$uDate}" . '" alt="" />';
} else {
$thumbnail = '';
}
} else {
$thumbnail = gTxt('no');
}
if ($ext != '.swf') {
$tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption);
$tagbuilder = '<ul>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href); return false;">Textile</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href); return false;">Textpattern</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href); return false;">XHTML</a></li>' . '</ul>';
} else {
$tagbuilder = sp;
}
$category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'image')) . '">' . $category . '</span>' : '';
echo n . n . tr(n . td($id, 20) . td(n . '<ul>' . n . t . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . n . t . '<li><a href="' . hu . $img_dir . '/' . $id . $ext . '">' . gTxt('view') . '</a></li>' . n . '</ul>', 35) . td(gTime($uDate), 75) . td(href($name, $edit_url), 75) . td(href($thumbnail, $edit_url), 80) . td($tagbuilder, 85) . td($category, 75) . td('<span title="' . htmlspecialchars(get_author_name($author)) . '">' . htmlspecialchars($author) . '</span>', 75) . td(fInput('checkbox', 'selected[]', $id), 10));
}
echo n . n . tr(tda(select_buttons() . image_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="9" style="text-align: right; border: none;"')) . endTable() . '</form>' . nav_form('image', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('image', $image_list_pageby);
}
}
function link_list($message = '')
{
global $step, $link_list_pageby;
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
$dir = $dir == 'desc' ? 'desc' : 'asc';
switch ($sort) {
case 'id':
$sort_sql = 'id ' . $dir;
break;
case 'description':
$sort_sql = 'description ' . $dir . ', id asc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', id asc';
break;
case 'date':
$sort_sql = 'date ' . $dir . ', id asc';
break;
default:
$sort = 'name';
$sort_sql = 'linksort ' . $dir . ', id asc';
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit) {
$crit_escaped = doSlash($crit);
$critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = getCount('txp_link', $criteria);
if ($total < 1) {
if ($criteria != 1) {
echo n . link_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"');
} else {
echo n . graf(gTxt('no_links_recorded'), ' class="indicator"');
}
return;
}
$limit = max($link_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo link_search_form($crit, $search_method);
$rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_link', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
echo n . n . '<form action="index.php" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list') . n . tr(column_head('ID', 'id', 'link', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . hCell() . column_head('link_name', 'name', 'link', true, $switch_dir, $crit, $search_method, 'name' == $sort ? $dir : '') . column_head('description', 'description', 'link', true, $switch_dir, $crit, $search_method, 'description' == $sort ? $dir : '') . column_head('link_category', 'category', 'link', true, $switch_dir, $crit, $search_method, 'category' == $sort ? $dir : '') . column_head('date', 'date', 'link', true, $switch_dir, $crit, $search_method, 'date' == $sort ? $dir : '') . hCell());
while ($a = nextRow($rs)) {
extract($a);
$edit_url = '?event=link' . a . 'step=link_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
echo tr(n . td($id, 20) . td(n . '<ul>' . n . t . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . n . t . '<li>' . href(gTxt('view'), $url) . '</li>' . n . '</ul>', 35) . td(href(htmlspecialchars($linkname), $edit_url), 125) . td(htmlspecialchars($description), 150) . td('<span title="' . htmlspecialchars(fetch_category_title($category, 'link')) . '">' . $category . '</span>', 125) . td(gTime($uDate), 75) . td(fInput('checkbox', 'selected[]', $id)));
}
echo n . n . tr(tda(select_buttons() . link_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="7" style="text-align: right; border: none;"')) . endTable() . '</form>' . n . nav_form('link', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . pageby_form('link', $link_list_pageby);
}
}
function file_download_category($atts)
{
global $thisfile;
assert_file();
extract(lAtts(array('class' => '', 'title' => 0, 'wraptag' => ''), $atts));
if ($thisfile['category']) {
$category = $title ? fetch_category_title($thisfile['category'], 'file') : $thisfile['category'];
return $wraptag ? doTag($category, $wraptag, $class) : $category;
}
}
function atom()
{
global $thisarticle;
set_error_handler('feedErrorHandler');
ob_clean();
extract($GLOBALS['prefs']);
define("t_texthtml", ' type="text/html"');
define("t_text", ' type="text"');
define("t_html", ' type="html"');
define("t_xhtml", ' type="xhtml"');
define('t_appxhtml', ' type="xhtml"');
define("r_relalt", ' rel="alternate"');
define("r_relself", ' rel="self"');
$last = fetch('unix_timestamp(val)', 'txp_prefs', 'name', 'lastmod');
extract(doSlash(gpsa(array('limit', 'area'))));
// build filter criteria from a comma-separated list of sections and categories
$feed_filter_limit = get_pref('feed_filter_limit', 10);
$section = gps('section');
$section = $section ? array_slice(array_unique(do_list($section)), 0, $feed_filter_limit) : array();
$category = gps('category');
$category = $category ? array_slice(array_unique(do_list($category)), 0, $feed_filter_limit) : array();
$st = array();
foreach ($section as $s) {
$st[] = fetch_section_title($s);
}
$ct = array();
foreach ($category as $c) {
$ct[] = fetch_category_title($c);
}
$sitename .= $section ? ' - ' . join(' - ', $st) : '';
$sitename .= $category ? ' - ' . join(' - ', $ct) : '';
$pub = safe_row("RealName, email", "txp_users", "privs=1");
// feed header
$out[] = tag(htmlspecialchars($sitename), 'title', t_text);
$out[] = tag(htmlspecialchars($site_slogan), 'subtitle', t_text);
$out[] = '<link' . r_relself . ' href="' . pagelinkurl(array('atom' => 1, 'area' => $area, 'section' => $section, 'category' => $category, 'limit' => $limit)) . '" />';
$out[] = '<link' . r_relalt . t_texthtml . ' href="' . hu . '" />';
//Atom feeds with mail or domain name
$dn = explode('/', $siteurl);
$mail_or_domain = $use_mail_on_feeds_id ? eE($blog_mail_uid) : $dn[0];
$out[] = tag('tag:' . $mail_or_domain . ',' . $blog_time_uid . ':' . $blog_uid . ($section ? '/' . join(',', $section) : '') . ($category ? '/' . join(',', $category) : ''), 'id');
$out[] = tag('Textpattern', 'generator', ' uri="http://textpattern.com/" version="' . $version . '"');
$out[] = tag(safe_strftime("w3cdtf", $last), 'updated');
$auth[] = tag($pub['RealName'], 'name');
$auth[] = $include_email_atom ? tag(eE($pub['email']), 'email') : '';
$auth[] = tag(hu, 'uri');
$out[] = tag(n . t . t . join(n . t . t, $auth) . n, 'author');
$out[] = callback_event('atom_head');
// feed items
$articles = array();
$section = doSlash($section);
$category = doSlash($category);
if (!$area or $area == 'article') {
$sfilter = !empty($section) ? "and Section in ('" . join("','", $section) . "')" : '';
$cfilter = !empty($category) ? "and (Category1 in ('" . join("','", $category) . "') or Category2 in ('" . join("','", $category) . "'))" : '';
$limit = $limit ? $limit : $rss_how_many;
$limit = intval(min($limit, max(100, $rss_how_many)));
$frs = safe_column("name", "txp_section", "in_rss != '1'");
$query = array();
foreach ($frs as $f) {
$query[] = "and Section != '" . doSlash($f) . "'";
}
$query[] = $sfilter;
$query[] = $cfilter;
$expired = $publish_expired_articles ? '' : ' and (now() <= Expires or Expires = ' . NULLDATETIME . ') ';
$rs = safe_rows_start("*,\n\t\t\t\tID as thisid,\n\t\t\t\tunix_timestamp(Posted) as uPosted,\n\t\t\t\tunix_timestamp(Expires) as uExpires,\n\t\t\t\tunix_timestamp(LastMod) as uLastMod", "textpattern", "Status=4 and Posted <= now() {$expired}" . join(' ', $query) . "order by Posted desc limit {$limit}");
if ($rs) {
while ($a = nextRow($rs)) {
extract($a);
populateArticleData($a);
$cb = callback_event('atom_entry');
$e = array();
$a['posted'] = $uPosted;
if ($show_comment_count_in_feed) {
$count = $comments_count > 0 ? ' [' . $comments_count . ']' : '';
} else {
$count = '';
}
$thisauthor = get_author_name($AuthorID);
$e['thisauthor'] = tag(n . t . t . t . tag(htmlspecialchars($thisauthor), 'name') . n . t . t, 'author');
$e['issued'] = tag(safe_strftime('w3cdtf', $uPosted), 'published');
$e['modified'] = tag(safe_strftime('w3cdtf', $uLastMod), 'updated');
$escaped_title = htmlspecialchars($Title);
$e['title'] = tag($escaped_title . $count, 'title', t_html);
$permlink = permlinkurl($a);
$e['link'] = '<link' . r_relalt . t_texthtml . ' href="' . $permlink . '" />';
$e['id'] = tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $blog_uid . '/' . $uid, 'id');
$e['category1'] = trim($Category1) ? '<category term="' . htmlspecialchars($Category1) . '" />' : '';
$e['category2'] = trim($Category2) ? '<category term="' . htmlspecialchars($Category2) . '" />' : '';
$summary = trim(replace_relative_urls(parse($thisarticle['excerpt']), $permlink));
$content = trim(replace_relative_urls(parse($thisarticle['body']), $permlink));
if ($syndicate_body_or_excerpt) {
# short feed: use body as summary if there's no excerpt
if (!trim($summary)) {
$summary = $content;
}
$content = '';
}
if (trim($content)) {
$e['content'] = tag(n . escape_cdata($content) . n, 'content', t_html);
}
if (trim($summary)) {
$e['summary'] = tag(n . escape_cdata($summary) . n, 'summary', t_html);
}
$articles[$ID] = tag(n . t . t . join(n . t . t, $e) . n . $cb, 'entry');
$etags[$ID] = strtoupper(dechex(crc32($articles[$ID])));
$dates[$ID] = $uLastMod;
}
}
} elseif ($area == 'link') {
$cfilter = $category ? "category='" . $category . "'" : '1';
$limit = $limit ? $limit : $rss_how_many;
$limit = intval(min($limit, max(100, $rss_how_many)));
$rs = safe_rows_start("*", "txp_link", "{$cfilter} order by date desc, id desc limit {$limit}");
if ($rs) {
while ($a = nextRow($rs)) {
extract($a);
$e['title'] = tag(htmlspecialchars($linkname), 'title', t_html);
$e['content'] = tag(n . htmlspecialchars($description) . n, 'content', t_html);
$url = preg_replace("/^\\/(.*)/", "https?://{$siteurl}/\$1", $url);
$url = preg_replace("/&((?U).*)=/", "&\\1=", $url);
$e['link'] = '<link' . r_relalt . t_texthtml . ' href="' . $url . '" />';
$e['issued'] = tag(safe_strftime('w3cdtf', strtotime($date)), 'published');
$e['modified'] = tag(gmdate('Y-m-d\\TH:i:s\\Z', strtotime($date)), 'updated');
$e['id'] = tag('tag:' . $mail_or_domain . ',' . safe_strftime('%Y-%m-%d', strtotime($date)) . ':' . $blog_uid . '/' . $id, 'id');
$articles[$id] = tag(n . t . t . join(n . t . t, $e) . n, 'entry');
$etags[$id] = strtoupper(dechex(crc32($articles[$id])));
$dates[$id] = $date;
}
}
}
if (!$articles) {
if ($section) {
if (safe_field('name', 'txp_section', "name in ('" . join("','", $section) . "')") == false) {
txp_die(gTxt('404_not_found'), '404');
}
} elseif ($category) {
switch ($area) {
case 'link':
if (safe_field('id', 'txp_category', "name = '{$category}' and type = 'link'") == false) {
txp_die(gTxt('404_not_found'), '404');
}
break;
case 'article':
default:
if (safe_field('id', 'txp_category', "name in ('" . join("','", $category) . "') and type = 'article'") == false) {
txp_die(gTxt('404_not_found'), '404');
}
break;
}
}
} else {
//turn on compression if we aren't using it already
if (extension_loaded('zlib') && ini_get("zlib.output_compression") == 0 && ini_get('output_handler') != 'ob_gzhandler' && !headers_sent()) {
// make sure notices/warnings/errors don't fudge up the feed
// when compression is used
$buf = '';
while ($b = @ob_get_clean()) {
$buf .= $b;
}
@ob_start('ob_gzhandler');
echo $buf;
}
handle_lastmod();
$hims = serverset('HTTP_IF_MODIFIED_SINCE');
$imsd = $hims ? strtotime($hims) : 0;
if (is_callable('apache_request_headers')) {
$headers = apache_request_headers();
if (isset($headers["A-IM"])) {
$canaim = strpos($headers["A-IM"], "feed");
} else {
$canaim = false;
}
} else {
$canaim = false;
}
$hinm = stripslashes(serverset('HTTP_IF_NONE_MATCH'));
$cutarticles = false;
if ($canaim !== false) {
foreach ($articles as $id => $thing) {
if (strpos($hinm, $etags[$id])) {
unset($articles[$id]);
$cutarticles = true;
$cut_etag = true;
}
if ($dates[$id] < $imsd) {
unset($articles[$id]);
$cutarticles = true;
$cut_time = true;
}
}
}
if (isset($cut_etag) && isset($cut_time)) {
header("Vary: If-None-Match, If-Modified-Since");
} else {
if (isset($cut_etag)) {
header("Vary: If-None-Match");
} else {
if (isset($cut_time)) {
header("Vary: If-Modified-Since");
}
}
}
$etag = @join("-", $etags);
if (strstr($hinm, $etag)) {
txp_status_header('304 Not Modified');
exit(0);
}
if ($etag) {
header('ETag: "' . $etag . '"');
}
if ($cutarticles) {
//header("HTTP/1.1 226 IM Used");
//This should be used as opposed to 200, but Apache doesn't like it.
//http://intertwingly.net/blog/2004/09/11/Vary-ETag/ says that the status code should be 200.
header("Cache-Control: no-store, im");
header("IM: feed");
}
}
$out = array_merge($out, $articles);
header('Content-type: application/atom+xml; charset=utf-8');
return chr(60) . '?xml version="1.0" encoding="UTF-8"?' . chr(62) . n . '<feed xml:lang="' . $language . '" xmlns="http://www.w3.org/2005/Atom">' . join(n, $out) . '</feed>';
}
function image_list($message = '')
{
global $txpcfg, $extensions, $img_dir, $file_max_upload_size;
pagetop(gTxt('images'), $message);
extract($txpcfg);
extract(get_prefs());
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if (!is_dir(IMPATH) or !is_writeable(IMPATH)) {
echo graf(gTxt('img_dir_not_writeable', array('{imgdir}' => IMPATH)), ' id="warning"');
} else {
echo upload_form(gTxt('upload_image'), 'upload', 'image_insert', 'image', '', $file_max_upload_size);
}
$dir = $dir == 'desc' ? 'desc' : 'asc';
switch ($sort) {
case 'id':
$sort_sql = 'id ' . $dir;
break;
case 'name':
$sort_sql = 'name ' . $dir;
break;
case 'thumbnail':
$sort_sql = 'thumbnail ' . $dir . ', id asc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', id asc';
break;
case 'date':
$sort_sql = 'date ' . $dir . ', id asc';
break;
case 'author':
$sort_sql = 'author ' . $dir . ', id asc';
break;
default:
$dir = 'desc';
$sort_sql = 'id ' . $dir;
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit) {
$crit_escaped = doSlash($crit);
$critsql = array('id' => "id = '{$crit_escaped}'", 'name' => "name like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = safe_count('txp_image', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . image_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"');
} else {
echo n . graf(gTxt('no_images_recorded'), ' style="text-align: center;"');
}
return;
}
$limit = max(@$image_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo image_search_form($crit, $search_method);
$rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_image', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}\n\t\t");
if ($rs) {
echo n . n . startTable('list') . n . tr(column_head('ID', 'id', 'image', true, $switch_dir, $crit, $search_method) . hCell() . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method) . column_head('name', 'name', 'image', true, $switch_dir, $crit, $search_method) . column_head('thumbnail', 'thumbnail', 'image', true, $switch_dir, $crit, $search_method) . hCell(gTxt('tags')) . column_head('image_category', 'category', 'image', true, $switch_dir, $crit, $search_method) . column_head('author', 'author', 'image', true, $switch_dir, $crit, $search_method) . hCell());
while ($a = nextRow($rs)) {
extract($a);
$edit_url = '?event=image' . a . 'step=image_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$name = empty($name) ? gTxt('unnamed') : $name;
$thumbnail = $thumbnail ? '<img src="' . hu . $img_dir . '/' . $id . 't' . $ext . '" />' : gTxt('no');
$tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption);
$category = $category ? '<span title="' . fetch_category_title($category, 'image') . '">' . $category . '</span>' : '';
echo n . n . tr(n . td($id, 20) . td(n . '<ul>' . n . t . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . n . t . '<li><a href="' . hu . $img_dir . '/' . $id . $ext . '">' . gTxt('view') . '</a></li>' . n . '</ul>', 35) . td(safe_strftime('%d %b %Y %I:%M %p', $uDate), 75) . td(href($name, $edit_url), 75) . td($thumbnail, 75) . td('<ul>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href); return false;">Textile</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href); return false;">Textpattern</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href); return false;">XHTML</a></li>' . '</ul>', 85) . td($category, 75) . td('<span title="' . get_author_name($author) . '">' . $author . '</span>', 75) . td(dLink('image', 'image_delete', 'id', $id), 10));
}
echo endTable() . nav_form('image', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('image', $image_list_pageby);
}
}
