function feed($type) { global $prefs; set_error_handler('feedErrorHandler'); ob_clean(); extract($prefs); extract(doSlash(gpsa(array('category', 'section', 'limit', 'area')))); if ($area != 'link') { $area = 'article'; } $sitename .= $section ? ' - ' . fetch_section_title($section) : ''; $sitename .= $category ? ' - ' . fetch_category_title($category, $area) : ''; $self_ref = pagelinkurl(array('atom' => 1, 'area' => $area == 'article' ? '' : $area, 'section' => $section, 'category' => $category, 'limit' => $limit)); $id_ext = ($section ? '/' . $section : '') . ($category ? '/' . $category : ''); if ($area == 'article') { $sfilter = $section ? "and Section = '" . $section . "'" : ''; $cfilter = $category ? "and (Category1='" . $category . "' or Category2='" . $category . "')" : ''; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $frs = safe_column("name", "txp_section", "in_rss != '1'"); $query = array(); foreach ($frs as $f) { $query[] = "and Section != '" . doSlash($f) . "'"; } $query[] = $sfilter; $query[] = $cfilter; $expired = $publish_expired_articles ? '' : ' and (now() <= Expires or Expires = ' . NULLDATETIME . ') '; $rs = safe_rows_start("*, ID as thisid, unix_timestamp(Posted) as uPosted, unix_timestamp(Expires) as uExpires, unix_timestamp(LastMod) as uLastMod", "textpattern", "Status=4 and Posted <= now() {$expired}" . join(' ', $query) . "order by Posted desc limit {$limit}"); return render_feed($rs, $area, $type, $sitename, $self_ref, $id_ext); } elseif ($area == 'link') { $cfilter = $category ? "category='" . $category . "'" : '1'; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $rs = safe_rows_start("*" . ($atom ? '' : ", unix_timestamp(date) as uDate"), "txp_link", "{$cfilter} order by date desc" . ($atom ? ", id desc" : '') . " limit {$limit}"); return render_feed($rs, $area, $type, $sitename, $self_ref, $id_ext); } }
function image_list($message = '') { global $txpcfg, $extensions, $img_dir, $file_max_upload_size, $image_list_pageby, $txp_user, $event; pagetop(gTxt('images'), $message); extract($txpcfg); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('image_sort_column', 'id'); } if ($dir === '') { $dir = get_pref('image_sort_dir', 'desc'); } $dir = $dir == 'asc' ? 'asc' : 'desc'; echo '<div id="' . $event . '_control" class="txp-control-panel">'; if (!is_dir(IMPATH) or !is_writeable(IMPATH)) { echo graf(gTxt('img_dir_not_writeable', array('{imgdir}' => IMPATH)), ' id="warning"'); } elseif (has_privs('image.edit.own')) { echo upload_form(gTxt('upload_image'), 'upload_image', 'image_insert', 'image', '', $file_max_upload_size); } switch ($sort) { case 'name': $sort_sql = 'name ' . $dir; break; case 'thumbnail': $sort_sql = 'thumbnail ' . $dir . ', id asc'; break; case 'category': $sort_sql = 'category ' . $dir . ', id asc'; break; case 'date': $sort_sql = 'date ' . $dir . ', id asc'; break; case 'author': $sort_sql = 'author ' . $dir . ', id asc'; break; default: $sort = 'id'; $sort_sql = 'id ' . $dir; break; } set_pref('image_sort_column', $sort, 'image', 2, '', 0, PREF_PRIVATE); set_pref('image_sort_dir', $dir, 'image', 2, '', 0, PREF_PRIVATE); $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit)); $critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'", 'alt' => "alt like '%{$crit_escaped}%'", 'caption' => "caption like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('txp_image', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . image_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>'; } else { echo n . graf(gTxt('no_images_recorded'), ' class="indicator"') . '</div>'; } return; } $limit = max($image_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo image_search_form($crit, $search_method); $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_image', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}\n\t\t"); echo pluggable_ui('image_ui', 'extend_controls', '', $rs); echo '</div>'; // end txp-control-panel if ($rs) { $show_authors = !has_single_author('txp_image'); echo n . '<div id="' . $event . '_container" class="txp-container txp-list">'; echo n . n . '<form name="longform" id="images_form" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . n . startTable('list', '', 'list') . n . '<thead>' . n . tr(column_head('ID', 'id', 'image', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . hCell('', '', ' class="actions"') . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'date created') . column_head('name', 'name', 'image', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . column_head('thumbnail', 'thumbnail', 'image', true, $switch_dir, $crit, $search_method, ('thumbnail' == $sort ? "{$dir} " : '') . 'thumbnail') . hCell(gTxt('tags'), '', ' class="tag-build"') . column_head('image_category', 'category', 'image', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . ($show_authors ? column_head('author', 'author', 'image', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '') . hCell('', '', ' class="multi-edit"')) . n . '</thead>'; $tfoot = n . '<tfoot>' . tr(tda(select_buttons() . image_multiedit_form($page, $sort, $dir, $crit, $search_method), ' class="multi-edit" colspan="' . ($show_authors ? '9' : '8') . '" style="text-align: right; border: none;"')) . n . '</tfoot>'; echo $tfoot; echo '<tbody>'; $ctr = 1; while ($a = nextRow($rs)) { extract($a); $edit_url = '?event=image' . a . 'step=image_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; $name = empty($name) ? gTxt('unnamed') : htmlspecialchars($name); if ($thumbnail) { if ($ext != '.swf') { $thumbnail = '<img src="' . imagesrcurl($id, $ext, true) . "?{$uDate}" . '" alt="" ' . "title='{$id}{$ext} ({$w} × {$h})'" . ($thumb_w ? "width='{$thumb_w}' height='{$thumb_h}'" : '') . ' />'; } else { $thumbnail = ''; } } else { $thumbnail = gTxt('no'); } if ($ext != '.swf') { $tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption); $tagbuilder = '<ul>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href); return false;">Textile</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href); return false;">Textpattern</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href); return false;">XHTML</a></li>' . '</ul>'; } else { $tagbuilder = sp; } $category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'image')) . '">' . $category . '</span>' : ''; $can_edit = has_privs('image.edit') || $author == $txp_user && has_privs('image.edit.own'); echo n . n . tr(n . td($id, 20, 'id') . td(n . '<ul>' . ($can_edit ? n . t . '<li class="action-edit">' . href(gTxt('edit'), $edit_url) . '</li>' : '') . n . t . '<li class="action-view"><a href="' . imagesrcurl($id, $ext) . '">' . gTxt('view') . '</a></li>' . n . '</ul>', 35, 'actions') . td(gTime($uDate), 75, 'date created') . td($can_edit ? href($name, $edit_url) : $name, 75, 'name') . td(pluggable_ui('image_ui', 'thumbnail', $can_edit ? href($thumbnail, $edit_url) : $thumbnail, $a), 80, 'image thumbnail') . td($tagbuilder, 85, 'tag-build') . td($category, 75, 'category') . ($show_authors ? td('<span title="' . htmlspecialchars(get_author_name($author)) . '">' . htmlspecialchars($author) . '</span>', 75, 'author') : '') . td($can_edit ? fInput('checkbox', 'selected[]', $id) : ' ', 10, 'multi-edit'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"'); $ctr++; } echo '</tbody>' . n . endTable() . n . '</form>' . n . '<div id="' . $event . '_navigation" class="txp-navigation">' . nav_form('image', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . pageby_form('image', $image_list_pageby) . n . '</div>' . n . '</div>'; } }
function file_list($message = '') { global $file_base_path, $file_statuses, $file_list_pageby, $txp_user, $event; pagetop(gTxt('file'), $message); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('file_sort_column', 'filename'); } if ($dir === '') { $dir = get_pref('file_sort_dir', 'asc'); } $dir = $dir == 'desc' ? 'desc' : 'asc'; echo '<div id="' . $event . '_control" class="txp-control-panel">'; if (!is_dir($file_base_path) or !is_writeable($file_base_path)) { echo graf(gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), ' id="warning"'); } elseif (has_privs('file.edit.own')) { $existing_files = get_filenames(); if (count($existing_files) > 0) { echo form(eInput('file') . sInput('file_create') . graf('<label for="file-existing">' . gTxt('existing_file') . '</label>' . sp . selectInput('filename', $existing_files, '', 1, '', 'file-existing') . sp . fInput('submit', '', gTxt('Create'), 'smallerbox'), ' class="existing-file"'), 'text-align: center;', '', 'post', '', '', 'assign_file'); } echo file_upload_form(gTxt('upload_file'), 'upload', 'file_insert'); } switch ($sort) { case 'id': $sort_sql = 'id ' . $dir; break; case 'description': $sort_sql = 'description ' . $dir . ', filename desc'; break; case 'category': $sort_sql = 'category ' . $dir . ', filename desc'; break; case 'title': $sort_sql = 'title ' . $dir . ', filename desc'; break; case 'downloads': $sort_sql = 'downloads ' . $dir . ', filename desc'; break; case 'author': $sort_sql = 'author ' . $dir . ', id asc'; break; default: $sort = 'filename'; $sort_sql = 'filename ' . $dir; break; } set_pref('file_sort_column', $sort, 'file', 2, '', 0, PREF_PRIVATE); set_pref('file_sort_dir', $dir, 'file', 2, '', 0, PREF_PRIVATE); $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit)); $critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "filename like '%{$crit_escaped}%'", 'title' => "title like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('txp_file', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . file_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>'; } else { echo n . graf(gTxt('no_files_recorded'), ' class="indicator"') . '</div>'; } return; } $limit = max($file_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo file_search_form($crit, $search_method) . '</div>'; $rs = safe_rows_start('*', 'txp_file', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { $show_authors = !has_single_author('txp_file'); echo n . '<div id="' . $event . '_container" class="txp-container txp-list">'; echo '<form name="longform" id="files_form" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list', '', 'list') . n . '<thead>' . tr(column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . hCell('', '', ' class="actions"') . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method, ('filename' == $sort ? "{$dir} " : '') . 'name') . column_head('title', 'title', 'file', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'title') . column_head('description', 'description', 'file', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'description') . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . hCell(gTxt('tags'), '', ' class="tag-build"') . hCell(gTxt('status'), '', ' class="status"') . hCell(gTxt('condition'), '', ' class="condition"') . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method, ('downloads' == $sort ? "{$dir} " : '') . 'downloads') . ($show_authors ? column_head('author', 'author', 'file', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '') . hCell('', '', ' class="multi-edit"')) . n . '</thead>'; $tfoot = n . '<tfoot>' . tr(tda(select_buttons() . file_multiedit_form($page, $sort, $dir, $crit, $search_method), ' class="multi-edit" colspan="' . ($show_authors ? '12' : '11') . '" style="text-align: right; border: none;"')) . n . '</tfoot>'; echo $tfoot; echo '<tbody>'; $ctr = 1; while ($a = nextRow($rs)) { extract($a); $filename = sanitizeForFile($filename); $edit_url = '?event=file' . a . 'step=file_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; $file_exists = file_exists(build_file_path($file_base_path, $filename)); $download_link = $file_exists ? '<li class="action-view">' . make_download_link($id, '', $filename) . '</li>' : ''; $category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'file')) . '">' . $category . '</span>' : ''; $tag_url = '?event=tag' . a . 'tag_name=file_download_link' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename); $condition = '<span class="'; $condition .= $file_exists ? 'ok' : 'not-ok'; $condition .= '">'; $condition .= $file_exists ? gTxt('file_status_ok') : gTxt('file_status_missing'); $condition .= '</span>'; $can_edit = has_privs('file.edit') || $author == $txp_user && has_privs('file.edit.own'); echo tr(n . td($id, '', 'id') . td('<ul>' . ($can_edit ? '<li class="action-edit">' . href(gTxt('edit'), $edit_url) . '</li>' : '') . $download_link . '</ul>', 65, 'actions') . td($can_edit ? href(htmlspecialchars($filename), $edit_url) : htmlspecialchars($filename), 125, 'name') . td(htmlspecialchars($title), 90, 'title') . td(htmlspecialchars($description), 150, 'description') . td($category, 90, 'category') . td(n . '<ul>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href, 400, 250); return false;">Textile</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href, 400, 250); return false;">Textpattern</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href, 400, 250); return false;">XHTML</a></li>' . n . '</ul>', 75, 'tag-build') . td(in_array($status, array_keys($file_statuses)) ? $file_statuses[$status] : '<span class="not-ok">' . gTxt('none') . '</span>', 45, 'status') . td($condition, 45, 'condition') . td($downloads == '0' ? gTxt('none') : $downloads, 25, 'downloads') . ($show_authors ? td('<span title="' . htmlspecialchars(get_author_name($author)) . '">' . htmlspecialchars($author) . '</span>', '', 'author') : '') . td($can_edit ? fInput('checkbox', 'selected[]', $id) : ' ', 10, 'multi-edit'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"'); $ctr++; } echo '</tbody>' . n . endTable() . n . '</form>' . n . '<div id="' . $event . '_navigation" class="txp-navigation">' . nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . pageby_form('file', $file_list_pageby) . n . '</div>' . n . '</div>'; } }
function file_list($message = '') { global $txpcfg, $extensions, $file_base_path; pagetop(gTxt('file'), $message); extract($txpcfg); extract(get_prefs()); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if (!is_dir($file_base_path) or !is_writeable($file_base_path)) { echo graf(gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), ' id="warning"'); } else { $existing_files = get_filenames(); if (count($existing_files) > 0) { echo form(eInput('file') . sInput('file_create') . graf(gTxt('existing_file') . sp . selectInput('filename', $existing_files, '', 1) . sp . fInput('submit', '', gTxt('Create'), 'smallerbox')), 'text-align: center;'); } echo file_upload_form(gTxt('upload_file'), 'upload', 'file_insert'); } $dir = $dir == 'desc' ? 'desc' : 'asc'; switch ($sort) { case 'id': $sort_sql = 'id ' . $dir; break; case 'filename': $sort_sql = 'filename ' . $dir; break; case 'description': $sort_sql = 'description ' . $dir . ', filename desc'; break; case 'category': $sort_sql = 'category ' . $dir . ', filename desc'; break; case 'downloads': $sort_sql = 'downloads ' . $dir . ', filename desc'; break; default: $dir = 'desc'; $sort_sql = 'filename ' . $dir; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "id = '{$crit_escaped}'", 'filename' => "filename like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('txp_file', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . file_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"'); } else { echo n . graf(gTxt('no_files_recorded'), ' style="text-align: center;"'); } return; } $limit = max(@$file_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo file_search_form($crit, $search_method); $rs = safe_rows_start('*', 'txp_file', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { echo startTable('list') . tr(column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method) . td() . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method) . column_head('description', 'description', 'file', true, $switch_dir, $crit, $search_method) . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method) . hCell(gTxt('tags')) . hCell(gTxt('status')) . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method) . hCell()); while ($a = nextRow($rs)) { extract($a); $edit_url = '?event=file' . a . 'step=file_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; $file_exists = file_exists(build_file_path($file_base_path, $filename)); $download_link = $file_exists ? '<li>' . make_download_link($id) . '</li>' : ''; $category = $category ? '<span title="' . fetch_category_title($category, 'file') . '">' . $category . '</span>' : ''; $tag_url = '?event=tag' . a . 'tag_name=file_download_link' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename); $status = '<span class="'; $status .= $file_exists ? 'ok' : 'not-ok'; $status .= '">'; $status .= $file_exists ? gTxt('file_status_ok') : gTxt('file_status_missing'); $status .= '</span>'; // does the downloads column exist? if (!isset($downloads)) { // nope, add it safe_alter('txp_file', "ADD downloads INT DEFAULT '0' NOT NULL"); $downloads = 0; } elseif (empty($downloads)) { $downloads = '0'; } echo tr(n . td($id) . td('<ul>' . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . $download_link . '</ul>', 65) . td(href($filename, $edit_url), 125) . td($description, 150) . td($category, 90) . td(n . '<ul>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href, 400, 250); return false;">Textile</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href, 400, 250); return false;">Textpattern</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href, 400, 250); return false;">XHTML</a></li>' . n . '</ul>', 75) . td($status, 45) . td($downloads == '0' ? gTxt('none') : $downloads, 25) . td(dLink('file', 'file_delete', 'id', $id), 10)); } echo endTable() . nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('file', $file_list_pageby); } }
function rss() { global $prefs, $thisarticle; set_error_handler('feedErrorHandler'); ob_clean(); extract($prefs); extract(doSlash(gpsa(array('limit', 'area')))); // build filter criteria from a comma-separated list of sections and categories $feed_filter_limit = get_pref('feed_filter_limit', 10); $section = gps('section'); $category = gps('category'); if (!is_scalar($section) || !is_scalar($category)) { txp_die('Not Found', 404); } $section = $section ? array_slice(array_unique(do_list($section)), 0, $feed_filter_limit) : array(); $category = $category ? array_slice(array_unique(do_list($category)), 0, $feed_filter_limit) : array(); $st = array(); foreach ($section as $s) { $st[] = fetch_section_title($s); } $ct = array(); foreach ($category as $c) { $ct[] = fetch_category_title($c); } $sitename .= $section ? ' - ' . join(' - ', $st) : ''; $sitename .= $category ? ' - ' . join(' - ', $ct) : ''; $dn = explode('/', $siteurl); $mail_or_domain = $use_mail_on_feeds_id ? eE($blog_mail_uid) : $dn[0]; // feed header $out[] = tag('http://textpattern.com/?v=' . $version, 'generator'); $out[] = tag(doSpecial($sitename), 'title'); $out[] = tag(hu, 'link'); $out[] = '<atom:link href="' . pagelinkurl(array('rss' => 1, 'area' => $area, 'section' => $section, 'category' => $category, 'limit' => $limit)) . '" rel="self" type="application/rss+xml" />'; $out[] = tag(doSpecial($site_slogan), 'description'); $last = fetch('unix_timestamp(val)', 'txp_prefs', 'name', 'lastmod'); $out[] = tag(safe_strftime('rfc822', $last), 'pubDate'); $out[] = callback_event('rss_head'); // feed items $articles = array(); $section = doSlash($section); $category = doSlash($category); if (!$area or $area == 'article') { $sfilter = !empty($section) ? "and Section in ('" . join("','", $section) . "')" : ''; $cfilter = !empty($category) ? "and (Category1 in ('" . join("','", $category) . "') or Category2 in ('" . join("','", $category) . "'))" : ''; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $frs = safe_column("name", "txp_section", "in_rss != '1'"); if ($frs) { foreach ($frs as $f) { $query[] = "and Section != '" . doSlash($f) . "'"; } } $query[] = $sfilter; $query[] = $cfilter; $expired = $publish_expired_articles ? '' : ' and (now() <= Expires or Expires = ' . NULLDATETIME . ') '; $rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted, unix_timestamp(LastMod) as uLastMod, unix_timestamp(Expires) as uExpires, ID as thisid", "textpattern", "Status = 4 " . join(' ', $query) . "and Posted < now()" . $expired . "order by Posted desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); populateArticleData($a); $cb = callback_event('rss_entry'); $a['posted'] = $uPosted; $permlink = permlinkurl($a); $summary = trim(replace_relative_urls(parse($thisarticle['excerpt']), $permlink)); $content = trim(replace_relative_urls(parse($thisarticle['body']), $permlink)); if ($syndicate_body_or_excerpt) { # short feed: use body as summary if there's no excerpt if (!trim($summary)) { $summary = $content; } $content = ''; } if ($show_comment_count_in_feed) { $count = $comments_count > 0 ? ' [' . $comments_count . ']' : ''; } else { $count = ''; } $Title = escape_title(strip_tags($Title)) . $count; $thisauthor = get_author_name($AuthorID); $item = tag($Title, 'title') . n . (trim($summary) ? tag(n . escape_cdata($summary) . n, 'description') . n : '') . (trim($content) ? tag(n . escape_cdata($content) . n, 'content:encoded') . n : '') . tag($permlink, 'link') . n . tag(safe_strftime('rfc822', $a['posted']), 'pubDate') . n . tag(htmlspecialchars($thisauthor), 'dc:creator') . n . tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $blog_uid . '/' . $uid, 'guid', ' isPermaLink="false"') . n . $cb; $articles[$ID] = tag($item, 'item'); $etags[$ID] = strtoupper(dechex(crc32($articles[$ID]))); $dates[$ID] = $uPosted; } } } elseif ($area == 'link') { $cfilter = $category ? "category in ('" . join("','", $category) . "')" : '1'; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $rs = safe_rows_start("*, unix_timestamp(date) as uDate", "txp_link", "{$cfilter} order by date desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); $item = tag(doSpecial($linkname), 'title') . n . tag(doSpecial($description), 'description') . n . tag(doSpecial($url), 'link') . n . tag(safe_strftime('rfc822', $uDate), 'pubDate'); $articles[$id] = tag($item, 'item'); $etags[$id] = strtoupper(dechex(crc32($articles[$id]))); $dates[$id] = $date; } } } if (!$articles) { if ($section) { if (safe_field('name', 'txp_section', "name in ('" . join("','", $section) . "')") == false) { txp_die(gTxt('404_not_found'), '404'); } } elseif ($category) { switch ($area) { case 'link': if (safe_field('id', 'txp_category', "name = '{$category}' and type = 'link'") == false) { txp_die(gTxt('404_not_found'), '404'); } break; case 'article': default: if (safe_field('id', 'txp_category', "name in ('" . join("','", $category) . "') and type = 'article'") == false) { txp_die(gTxt('404_not_found'), '404'); } break; } } } else { //turn on compression if we aren't using it already if (extension_loaded('zlib') && ini_get("zlib.output_compression") == 0 && ini_get('output_handler') != 'ob_gzhandler' && !headers_sent()) { // make sure notices/warnings/errors don't fudge up the feed // when compression is used $buf = ''; while ($b = @ob_get_clean()) { $buf .= $b; } @ob_start('ob_gzhandler'); echo $buf; } handle_lastmod(); $hims = serverset('HTTP_IF_MODIFIED_SINCE'); $imsd = $hims ? strtotime($hims) : 0; if (is_callable('apache_request_headers')) { $headers = apache_request_headers(); if (isset($headers["A-IM"])) { $canaim = strpos($headers["A-IM"], "feed"); } else { $canaim = false; } } else { $canaim = false; } $hinm = stripslashes(serverset('HTTP_IF_NONE_MATCH')); $cutarticles = false; if ($canaim !== false) { foreach ($articles as $id => $thing) { if (strpos($hinm, $etags[$id]) !== false) { unset($articles[$id]); $cutarticles = true; $cut_etag = true; } if ($dates[$id] < $imsd) { unset($articles[$id]); $cutarticles = true; $cut_time = true; } } } if (isset($cut_etag) && isset($cut_time)) { header("Vary: If-None-Match, If-Modified-Since"); } else { if (isset($cut_etag)) { header("Vary: If-None-Match"); } else { if (isset($cut_time)) { header("Vary: If-Modified-Since"); } } } $etag = @join("-", $etags); if (strstr($hinm, $etag)) { txp_status_header('304 Not Modified'); exit(0); } if ($cutarticles) { //header("HTTP/1.1 226 IM Used"); //This should be used as opposed to 200, but Apache doesn't like it. //http://intertwingly.net/blog/2004/09/11/Vary-ETag/ says that the status code should be 200. header("Cache-Control: no-store, im"); header("IM: feed"); } } $out = array_merge($out, $articles); header("Content-Type: application/rss+xml; charset=utf-8"); if (isset($etag)) { header('ETag: "' . $etag . '"'); } return '<?xml version="1.0" encoding="utf-8"?>' . n . '<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:atom="http://www.w3.org/2005/Atom">' . n . tag(join(n, $out), 'channel') . n . '</rss>'; }
function link_list($message = '') { global $event, $step, $link_list_pageby, $txp_user; pagetop(gTxt('tab_link'), $message); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('link_sort_column', 'name'); } if ($dir === '') { $dir = get_pref('link_sort_dir', 'asc'); } $dir = $dir == 'desc' ? 'desc' : 'asc'; switch ($sort) { case 'id': $sort_sql = 'id ' . $dir; break; case 'description': $sort_sql = 'description ' . $dir . ', id asc'; break; case 'url': $sort_sql = 'url ' . $dir . ', id asc'; break; case 'category': $sort_sql = 'category ' . $dir . ', id asc'; break; case 'date': $sort_sql = 'date ' . $dir . ', id asc'; break; case 'author': $sort_sql = 'author ' . $dir . ', id asc'; break; default: $sort = 'name'; $sort_sql = 'linksort ' . $dir . ', id asc'; break; } set_pref('link_sort_column', $sort, 'link', 2, '', 0, PREF_PRIVATE); set_pref('link_sort_dir', $dir, 'link', 2, '', 0, PREF_PRIVATE); $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit != '') { $verbatim = preg_match('/^"(.*)"$/', $crit, $m); $crit_escaped = doSlash($verbatim ? $m[1] : str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit)); $critsql = $verbatim ? array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname = '{$crit_escaped}'", 'description' => "description = '{$crit_escaped}'", 'url' => "url = '{$crit_escaped}'", 'category' => "category = '{$crit_escaped}'", 'author' => "author = '{$crit_escaped}'") : array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'url' => "url like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $criteria .= callback_event('admin_criteria', 'link_list', 0, $criteria); $total = getCount('txp_link', $criteria); echo '<h1 class="txp-heading">' . gTxt('tab_link') . '</h1>'; echo '<div id="' . $event . '_control" class="txp-control-panel">'; if (has_privs('link.edit')) { echo graf(sLink('link', 'link_edit', gTxt('add_new_link')), ' class="txp-buttons"'); } if ($total < 1) { if ($criteria != 1) { echo n . link_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>'; } else { echo n . graf(gTxt('no_links_recorded'), ' class="indicator"') . '</div>'; } return; } $limit = max($link_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo link_search_form($crit, $search_method) . '</div>'; $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_link', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { $show_authors = !has_single_author('txp_link'); echo n . '<div id="' . $event . '_container" class="txp-container">'; echo n . n . '<form action="index.php" id="links_form" class="multi_edit_form" method="post" name="longform">', n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . n . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('ID', 'id', 'link', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . n . column_head('link_name', 'name', 'link', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . n . column_head('description', 'description', 'link', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'links_detail description') . n . column_head('link_category', 'category', 'link', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . n . column_head('url', 'url', 'link', true, $switch_dir, $crit, $search_method, ('url' == $sort ? "{$dir} " : '') . 'url') . n . column_head('date', 'date', 'link', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'links_detail date created') . ($show_authors ? n . column_head('author', 'author', 'link', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '')) . n . '</thead>'; echo '<tbody>'; $validator = new Validator(); while ($a = nextRow($rs)) { extract($a, EXTR_PREFIX_ALL, 'link'); $edit_url = '?event=link' . a . 'step=link_edit' . a . 'id=' . $link_id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; $validator->setConstraints(array(new CategoryConstraint($link_category, array('type' => 'link')))); $vc = $validator->validate() ? '' : ' error'; $can_edit = has_privs('link.edit') || $link_author == $txp_user && has_privs('link.edit.own'); $view_url = txpspecialchars($link_url); echo tr(n . td(fInput('checkbox', 'selected[]', $link_id), '', 'multi-edit') . n . td($can_edit ? href($link_id, $edit_url, ' title="' . gTxt('edit') . '"') : $link_id, '', 'id') . td($can_edit ? href(txpspecialchars($link_linkname), $edit_url, ' title="' . gTxt('edit') . '"') : txpspecialchars($link_linkname), '', 'name') . td(txpspecialchars($link_description), '', 'links_detail description') . td('<span title="' . txpspecialchars(fetch_category_title($link_category, 'link')) . '">' . $link_category . '</span>', '', 'category' . $vc) . td('<a rel="external" target="_blank" href="' . $view_url . '">' . $view_url . '</a>', '', 'url') . td(gTime($link_uDate), '', 'links_detail date created') . ($show_authors ? td('<span title="' . txpspecialchars(get_author_name($link_author)) . '">' . txpspecialchars($link_author) . '</span>', '', 'author') : '')); } echo '</tbody>', n, endTable(), n, '</div>', n, link_multiedit_form($page, $sort, $dir, $crit, $search_method), n, tInput(), n, '</form>', n, graf(toggle_box('links_detail'), ' class="detail-toggle"'), n, '<div id="' . $event . '_navigation" class="txp-navigation">', n, nav_form('link', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit), n, pageby_form('link', $link_list_pageby), n, '</div>', n, '</div>'; } }
function list_list($message = '', $post = '') { global $statuses, $comments_disabled_after, $step, $txp_user, $article_list_pageby; pagetop(gTxt('tab_list'), $message); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); $sesutats = array_flip($statuses); $dir = $dir == 'asc' ? 'asc' : 'desc'; switch ($sort) { case 'id': $sort_sql = 'ID ' . $dir; break; case 'expires': $sort_sql = 'Expires ' . $dir; break; case 'title': $sort_sql = 'Title ' . $dir . ', Posted desc'; break; case 'section': $sort_sql = 'Section ' . $dir . ', Posted desc'; break; case 'category1': $sort_sql = 'Category1 ' . $dir . ', Posted desc'; break; case 'category2': $sort_sql = 'Category2 ' . $dir . ', Posted desc'; break; case 'status': $sort_sql = 'Status ' . $dir . ', Posted desc'; break; case 'author': $sort_sql = 'AuthorID ' . $dir . ', Posted desc'; break; case 'comments': $sort_sql = 'comments_count ' . $dir . ', Posted desc'; break; case 'lastmod': $sort_sql = 'LastMod ' . $dir . ', Posted desc'; break; default: $sort = 'posted'; $sort_sql = 'Posted ' . $dir; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'title_body_excerpt' => "Title rlike '{$crit_escaped}' or Body rlike '{$crit_escaped}' or Excerpt rlike '{$crit_escaped}'", 'section' => "Section rlike '{$crit_escaped}'", 'keywords' => "FIND_IN_SET('" . $crit_escaped . "',Keywords)", 'categories' => "Category1 rlike '{$crit_escaped}' or Category2 rlike '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID rlike '{$crit_escaped}'", 'article_image' => "Image in ('" . join("','", do_list($crit_escaped)) . "')", 'posted' => "Posted like '{$crit_escaped}%'", 'lastmod' => "LastMod like '{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('textpattern', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . list_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"'); } else { echo graf(gTxt('no_articles_recorded'), ' class="indicator"'); } return; } $limit = max($article_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo n . list_search_form($crit, $search_method); $rs = safe_rows_start('*, unix_timestamp(Posted) as posted, unix_timestamp(LastMod) as lastmod, unix_timestamp(Expires) as expires', 'textpattern', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { $total_comments = array(); // fetch true comment count, not the public comment count // maybe we should have another row in the db? $rs2 = safe_rows_start('parentid, count(*) as num', 'txp_discuss', "1 group by parentid order by parentid"); if ($rs2) { while ($a = nextRow($rs2)) { $pid = $a['parentid']; $num = $a['num']; $total_comments[$pid] = $num; } } echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '90%') . n . tr(n . column_head('ID', 'id', 'list', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . column_head('posted', 'posted', 'list', true, $switch_dir, $crit, $search_method, 'posted' == $sort ? $dir : '') . column_head('article_modified', 'lastmod', 'list', true, $switch_dir, $crit, $search_method, ('lastmod' == $sort ? "{$dir} " : '') . 'articles_detail') . column_head('expires', 'expires', 'list', true, $switch_dir, $crit, $search_method, ('expires' == $sort ? "{$dir} " : '') . 'articles_detail') . column_head('title', 'title', 'list', true, $switch_dir, $crit, $search_method, 'title' == $sort ? $dir : '') . column_head('section', 'section', 'list', true, $switch_dir, $crit, $search_method, 'section' == $sort ? $dir : '') . column_head('category1', 'category1', 'list', true, $switch_dir, $crit, $search_method, ('category1' == $sort ? "{$dir} " : '') . 'articles_detail') . column_head('category2', 'category2', 'list', true, $switch_dir, $crit, $search_method, ('category2' == $sort ? "{$dir} " : '') . 'articles_detail') . column_head('status', 'status', 'list', true, $switch_dir, $crit, $search_method, 'status' == $sort ? $dir : '') . column_head('author', 'author', 'list', true, $switch_dir, $crit, $search_method, 'author' == $sort ? $dir : '') . column_head('comments', 'comments', 'list', true, $switch_dir, $crit, $search_method, ('comments' == $sort ? "{$dir} " : '') . 'articles_detail') . hCell()); include_once txpath . '/publish/taghandlers.php'; while ($a = nextRow($rs)) { extract($a); if (empty($Title)) { $Title = '<em>' . eLink('article', 'edit', 'ID', $ID, gTxt('untitled')) . '</em>'; } else { $Title = eLink('article', 'edit', 'ID', $ID, $Title); } $Category1 = $Category1 ? '<span title="' . htmlspecialchars(fetch_category_title($Category1)) . '">' . $Category1 . '</span>' : ''; $Category2 = $Category2 ? '<span title="' . htmlspecialchars(fetch_category_title($Category2)) . '">' . $Category2 . '</span>' : ''; $view_url = permlinkurl($a); if ($Status != 4 and $Status != 5) { $view_url .= (strpos($view_url, '?') === FALSE ? '?' : '&') . 'txpreview=' . intval($ID) . '.' . time(); } $manage = n . '<ul class="articles_detail">' . n . t . '<li>' . eLink('article', 'edit', 'ID', $ID, gTxt('edit')) . '</li>' . n . t . '<li><a href="' . $view_url . '" class="article-view">' . gTxt('view') . '</a></li>' . n . '</ul>'; $Status = !empty($Status) ? $statuses[$Status] : ''; $comments = gTxt('none'); if (isset($total_comments[$ID]) and $total_comments[$ID] > 0) { $comments = href(gTxt('manage'), 'index.php?event=discuss' . a . 'step=list' . a . 'search_method=parent' . a . 'crit=' . $ID) . ' (' . $total_comments[$ID] . ')'; } $comment_status = $Annotate ? gTxt('on') : gTxt('off'); if ($comments_disabled_after) { $lifespan = $comments_disabled_after * 86400; $time_since = time() - $posted; if ($time_since > $lifespan) { $comment_status = gTxt('expired'); } } $comments = n . '<ul>' . n . t . '<li>' . $comment_status . '</li>' . n . t . '<li>' . $comments . '</li>' . n . '</ul>'; echo n . n . tr(n . td(eLink('article', 'edit', 'ID', $ID, $ID) . $manage) . td(gTime($posted), '', $posted < time() ? '' : 'unpublished') . td(gTime($lastmod), '', "articles_detail") . td($expires ? gTime($expires) : '', '', 'articles_detail') . td($Title) . td('<span title="' . htmlspecialchars(fetch_section_title($Section)) . '">' . $Section . '</span>', 75) . td($Category1, 100, "articles_detail") . td($Category2, 100, "articles_detail") . td($a['Status'] < 4 ? $Status : '<a href="' . permlinkurl($a) . '">' . $Status . '</a>', 50) . td('<span title="' . htmlspecialchars(get_author_name($AuthorID)) . '">' . htmlspecialchars($AuthorID) . '</span>') . td($comments, 50, "articles_detail") . td(($a['Status'] >= 4 and has_privs('article.edit.published') or $a['Status'] >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $a['Status'] < 4 and has_privs('article.edit') or $a['Status'] < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) ? fInput('checkbox', 'selected[]', $ID) : ' ')); } echo n . n . tr(tda(toggle_box('articles_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . list_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="9" style="text-align: right; border: none;"')) . n . endTable() . n . '</form>' . n . nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . pageby_form('list', $article_list_pageby); } }
function row($row) { global $prefs; extract($prefs); if (!$this->controller) { return; } extract($this->controller->context); extract($row); $event = $this->controller->event; $edit_url = "?event={$event}" . a . 'step=edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; $name = empty($name) ? gTxt('unnamed') : htmlspecialchars($name); if ($thumbnail) { if ($ext != '.swf') { $thumbnail = '<img src="' . hu . $img_dir . '/' . $id . 't' . $ext . '" alt="" />'; } else { $thumbnail = ''; } } if ($ext != '.swf') { $tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption); $tagbuilder = '<ul>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href); return false;">Textile</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href); return false;">Textpattern</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href); return false;">XHTML</a></li>' . '</ul>'; } else { $tagbuilder = sp; } $category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'image')) . '">' . $category . '</span>' : ''; $tr = array(); $tr[] = $id; $tr[] = n . '<ul>' . n . t . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . n . t . '<li><a href="' . hu . $img_dir . '/' . $id . $ext . '">' . gTxt('view') . '</a></li>' . n . '</ul>'; $tr[] = gTime($uDate); $tr[] = href($name, $edit_url); $tr[] = $thumbnail; $tr[] = $tagbuilder; $tr[] = $category; $tr[] = '<span title="' . htmlspecialchars(get_author_name($author)) . '">' . $author . '</span>'; $tr[] = dLink($this->controller->event, 'delete', 'id', $id, '', '', '', false, array($page, $sort, $dir, $crit, $search_method)); if ($this->edit_actions and isset($row['id'])) { $tr[] = fInput('checkbox', 'selected[]', $row['id']); } return doWrap($tr, 'tr', 'td', 'row-' . (++$this->count % 2 ? 'odd' : 'even')); }
function products_list($event = '', $step = '', $message = '') { global $statuses, $comments_disabled_after, $step, $txp_user; $message = ''; pagetop(gTxt('tab_list'), $message); echo poweredit_products(); //echo the poweredit js extract(get_prefs()); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); $sesutats = array_flip($statuses); $dir = $dir == 'desc' ? 'desc' : 'asc'; echo '<script type="text/javascript" src="http://' . $siteurl . '/js/prototype.js"></script>'; echo '<script type="text/javascript" src="http://' . $siteurl . '/js/scriptaculous.js"></script>'; switch ($sort) { case 'id': $sort_sql = 'ID ' . $dir; break; case 'posted': $sort_sql = 'Posted ' . $dir; break; case 'title': $sort_sql = 'Title ' . $dir . ', Posted desc'; break; case 'section': $sort_sql = 'Section ' . $dir . ', Posted desc'; break; case 'category1': $sort_sql = 'Category1 ' . $dir . ', Posted desc'; break; case 'category2': $sort_sql = 'Category2 ' . $dir . ', Posted desc'; break; case 'status': $sort_sql = 'Status ' . $dir . ', Posted desc'; break; case 'author': $sort_sql = 'AuthorID ' . $dir . ', Posted desc'; break; case 'comments': $sort_sql = 'comments_count ' . $dir . ', Posted desc'; break; default: $dir = 'desc'; $sort_sql = 'Posted ' . $dir; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = "section = 'store'"; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "ID = '{$crit_escaped}'", 'title_body' => "Title rlike '{$crit_escaped}' or Body rlike '{$crit_escaped}'", 'section' => "Section rlike '{$crit_escaped}'", 'categories' => "Category1 rlike '{$crit_escaped}' or Category2 rlike '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID rlike '{$crit_escaped}'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('textpattern', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . list_search_form_products($crit, $search_method) . n . graf("No products found", ' style="text-align: center;"'); } else { echo graf("No products found", ' style="text-align: center;"'); } return; } $limit = max(@$article_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo n . list_search_form_products($crit, $search_method); $rs = safe_rows_start('*, unix_timestamp(Posted) as posted', 'textpattern', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { $total_comments = array(); // fetch true comment count, not the public comment count // maybe we should have another row in the db? $rs2 = safe_rows_start('parentid, count(*) as num', 'txp_discuss', "1 group by parentid order by parentid"); if ($rs2) { while ($a = nextRow($rs2)) { $pid = $a['parentid']; $num = $a['num']; $total_comments[$pid] = $num; } } echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '700') . n . tr(hCell() . n . column_head('ID', 'id', 'products', true, $switch_dir, $crit, $search_method) . column_head('title', 'title', 'products', true, $switch_dir, $crit, $search_method) . column_head('category1', 'category1', 'products', true, $switch_dir, $crit, $search_method) . column_head('category2', 'category2', 'products', true, $switch_dir, $crit, $search_method) . column_head('status', 'status', 'products', true, $switch_dir, $crit, $search_method) . hCell()); include_once txpath . '/publish/taghandlers.php'; while ($a = nextRow($rs)) { extract($a); if (empty($Title)) { $Title = '<em>' . eLink('product', 'edit', 'ID', $ID, gTxt('untitled')) . '</em>'; } else { $Title = eLink('product', 'edit', 'ID', $ID, $Title); } if (!empty($Image)) { $Image = "<img src='{$Image}' alt='Product Image' width='15' height='15'/>"; } $Category1 = '<span title="' . htmlspecialchars(fetch_category_title($Category1)) . '">' . $Category1 . ' </span>'; $Category2 = '<span title="' . htmlspecialchars(fetch_category_title($Category2)) . '">' . $Category2 . ' </span>'; $manage = n . '<ul class="articles_detail">' . n . t . '<li>' . eLink('product', 'edit', 'ID', $ID, gTxt('edit')) . '</li>' . (($Status == 4 or $Status == 5) ? n . t . '<li><a href="' . permlinkurl($a) . '">' . gTxt('view') . '</a></li>' : '') . n . '</ul>'; $Status = !empty($Status) ? $statuses[$Status] : ''; $comments = gTxt('none'); if (isset($total_comments[$ID]) and $total_comments[$ID] > 0) { $comments = href(gTxt('manage'), 'index.php?event=discuss' . a . 'step=list' . a . 'search_method=parent' . a . 'crit=' . $ID) . ' (' . $total_comments[$ID] . ')'; } $comment_status = $Annotate ? gTxt('on') : gTxt('off'); if ($comments_disabled_after) { $lifespan = $comments_disabled_after * 86400; $time_since = time() - $posted; if ($time_since > $lifespan) { $comment_status = gTxt('expired'); } } $comments = n . '<ul>' . n . t . '<li>' . $comment_status . '</li>' . n . t . '<li>' . $comments . '</li>' . n . '</ul>'; echo n . n . tr(n . td($Image, 15) . td(eLink('product', 'edit', 'ID', $ID, $ID) . $manage) . td($Title) . td($Category1, 100) . td($Category2, 100) . td($a['Status'] < 4 ? $Status : '<a href="' . permlinkurl($a) . '">' . $Status . '</a>', 50) . td(($a['Status'] >= 4 and has_privs('article.edit.published') or $a['Status'] >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $a['Status'] < 4 and has_privs('article.edit') or $a['Status'] < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) ? fInput('checkbox', 'selected[]', $ID) : ' ')); } echo n . n . tr(tda(toggle_box('articles_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . product_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="5" style="text-align: right; border: none;"')) . n . endTable() . n . '</form>' . n . '<h4 style="font-weight:normal; text-align:center; width:100%;"><a href="#" class="navlink" onclick="if($(\'uploadCSV\').style.display == \'none\'){$(\'uploadCSV\').style.display = \'block\';}else{$(\'uploadCSV\').style.display = \'none\';}">Import Products</a>'; //n. $instructions = tag(tag('<li>Using FTP, upload your product images to <pre>/txp_site_root/images/_import/</pre></li><li>Upload a correctly formatted CSV file using the form below. (CSV must be in UTF-8 character encoding with DOS or UNIX line breaks.)</li><li>Sit back and watch the magic</li>', "ol"), "div", ' id="instructions" style="display:none; width: 380px; text-align:left; margin:0 auto;"'); echo tag('<h4 style="font-weight:normal; text-align:center; width:100%;"><small><a href="http://homeplatewp.com/TextCommerce/file_download/3">Download Example CSV</a> | <a href="javascript:void(0)" onclick="if($(\'instructions\').style.display == \'none\'){$(\'instructions\').style.display = \'block\';}else{$(\'instructions\').style.display = \'none\';}">Import Instructions</a></small></h4>' . $instructions . upload_form("Browse for CSV:", '', 'product_import', 'product'), 'div', ' id="uploadCSV" style="display:none;"'); echo n . nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method) . n . pageby_form('list', $article_list_pageby); } }
function category($atts, $thing = '') { global $s, $c; extract(lAtts(array('class' => '', 'link' => 0, 'name' => '', 'section' => $s, 'this_section' => 0, 'title' => 0, 'type' => 'article', 'wraptag' => ''), $atts)); $category = $name ? $name : $c; if ($category) { $section = $this_section ? $s == 'default' ? '' : $s : $section; $label = $title ? fetch_category_title($category, $type) : $category; if ($thing) { $out = '<a href="' . pagelinkurl(array('s' => $section, 'c' => $category)) . '"' . ($title ? ' title="' . $label . '"' : '') . '>' . parse($thing) . '</a>'; } elseif ($link) { $out = href($label, pagelinkurl(array('s' => $section, 'c' => $category))); } else { $out = $label; } return doTag($out, $wraptag, $class); } }
function link_list($message = '') { global $event, $step, $link_list_pageby, $txp_user; pagetop(gTxt('tab_link'), $message); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('link_sort_column', 'name'); } if ($dir === '') { $dir = get_pref('link_sort_dir', 'asc'); } $dir = $dir == 'desc' ? 'desc' : 'asc'; switch ($sort) { case 'id': $sort_sql = 'id ' . $dir; break; case 'description': $sort_sql = 'description ' . $dir . ', id asc'; break; case 'url': $sort_sql = 'url ' . $dir . ', id asc'; break; case 'category': $sort_sql = 'category ' . $dir . ', id asc'; break; case 'date': $sort_sql = 'date ' . $dir . ', id asc'; break; case 'author': $sort_sql = 'author ' . $dir . ', id asc'; break; default: $sort = 'name'; $sort_sql = 'linksort ' . $dir . ', id asc'; break; } set_pref('link_sort_column', $sort, 'link', 2, '', 0, PREF_PRIVATE); set_pref('link_sort_dir', $dir, 'link', 2, '', 0, PREF_PRIVATE); $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit != '') { $verbatim = preg_match('/^"(.*)"$/', $crit, $m); $crit_escaped = $verbatim ? doSlash($m[1]) : doLike($crit); $critsql = $verbatim ? array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname = '{$crit_escaped}'", 'description' => "description = '{$crit_escaped}'", 'url' => "url = '{$crit_escaped}'", 'category' => "category = '{$crit_escaped}'", 'author' => "author = '{$crit_escaped}'") : array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'url' => "url like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $criteria .= callback_event('admin_criteria', 'link_list', 0, $criteria); $total = getCount('txp_link', $criteria); echo hed(gTxt('tab_link'), 1, array('class' => 'txp-heading')); echo n . '<div id="' . $event . '_control" class="txp-control-panel">'; if (has_privs('link.edit')) { echo graf(sLink('link', 'link_edit', gTxt('add_new_link')), ' class="txp-buttons"'); } if ($total < 1) { if ($criteria != 1) { echo link_search_form($crit, $search_method) . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>'; } else { echo graf(gTxt('no_links_recorded'), ' class="indicator"') . '</div>'; } return; } $limit = max($link_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo link_search_form($crit, $search_method) . '</div>'; $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_link', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { $show_authors = !has_single_author('txp_link'); echo n . tag_start('div', array('id' => $event . '_container', 'class' => 'txp-container')) . n . tag_start('form', array('action' => 'index.php', 'id' => 'links_form', 'class' => 'multi_edit_form', 'method' => 'post', 'name' => 'longform')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' scope="col" title="' . gTxt('toggle_all_selected') . '" class="txp-list-col-multi-edit"') . column_head('ID', 'id', 'link', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'txp-list-col-id') . column_head('link_name', 'name', 'link', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-name') . column_head('description', 'description', 'link', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'txp-list-col-description links_detail') . column_head('link_category', 'category', 'link', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'txp-list-col-category category') . column_head('url', 'url', 'link', true, $switch_dir, $crit, $search_method, ('url' == $sort ? "{$dir} " : '') . 'txp-list-col-url') . column_head('date', 'date', 'link', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'txp-list-col-created date links_detail') . ($show_authors ? column_head('author', 'author', 'link', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'txp-list-col-author name') : '')) . n . tag_end('thead') . n . tag_start('tbody'); $validator = new Validator(); while ($a = nextRow($rs)) { extract($a, EXTR_PREFIX_ALL, 'link'); $edit_url = array('event' => 'link', 'step' => 'link_edit', 'id' => $link_id, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit); $validator->setConstraints(array(new CategoryConstraint($link_category, array('type' => 'link')))); $vc = $validator->validate() ? '' : ' error'; $can_edit = has_privs('link.edit') || $link_author === $txp_user && has_privs('link.edit.own'); $view_url = txpspecialchars($link_url); echo tr(td(fInput('checkbox', 'selected[]', $link_id), '', 'txp-list-col-multi-edit') . hCell($can_edit ? href($link_id, $edit_url, ' title="' . gTxt('edit') . '"') : $link_id, '', ' scope="row" class="txp-list-col-id"') . td($can_edit ? href(txpspecialchars($link_linkname), $edit_url, ' title="' . gTxt('edit') . '"') : txpspecialchars($link_linkname), '', 'txp-list-col-name') . td(txpspecialchars($link_description), '', 'txp-list-col-description links_detail') . td(span($link_category, array('title' => fetch_category_title($link_category, 'link'))), '', 'txp-list-col-category category' . $vc) . td(href($view_url, $view_url, ' rel="external" target="_blank"'), '', 'txp-list-col-url') . td(gTime($link_uDate), '', 'txp-list-col-created date links_detail') . ($show_authors ? td(span(txpspecialchars($link_author), array('title' => get_author_name($link_author))), '', 'txp-list-col-author name') : '')); } echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . link_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . graf(toggle_box('links_detail'), array('class' => 'detail-toggle')) . n . tag_start('div', array('id' => $event . '_navigation', 'class' => 'txp-navigation')) . pageby_form('link', $link_list_pageby) . nav_form('link', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div') . n . tag_end('div'); } }
function category2($atts) { global $thisarticle; extract(lAtts(array('link' => 0, 'title' => 0), $atts)); if ($thisarticle['category2']) { $cat_title = $title ? fetch_category_title($thisarticle['category2']) : $thisarticle['category2']; if (!empty($link)) { return '<a href="' . pagelinkurl(array('c' => $thisarticle['category2'])) . '">' . $cat_title . '</a>'; } return $cat_title; } }
function category($atts) { global $pretext; extract(lAtts(array('link' => 0, 'title' => 0, 'name' => '', 'wraptag' => '', 'section' => @$pretext['s']), $atts)); if ($name) { $cat = $name; } else { $cat = @$pretext['c']; } if ($cat) { $cat_title = $title ? fetch_category_title($cat) : $cat; if ($link) { $out = '<a href="' . pagelinkurl(array('c' => $cat, 's' => $section)) . '">' . $cat_title . '</a>'; } else { $out = $cat_title; } return doTag($out, $wraptag); } }
function image_list($message = '') { global $txpcfg, $extensions, $img_dir, $file_max_upload_size, $image_list_pageby, $txp_user, $event; pagetop(gTxt('tab_image'), $message); extract($txpcfg); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('image_sort_column', 'id'); } if ($dir === '') { $dir = get_pref('image_sort_dir', 'desc'); } $dir = $dir == 'asc' ? 'asc' : 'desc'; echo hed(gTxt('tab_image'), 1, array('class' => 'txp-heading')); echo n . '<div id="' . $event . '_control" class="txp-control-panel">'; if (!is_dir(IMPATH) or !is_writeable(IMPATH)) { echo graf(span(null, array('class' => 'ui-icon ui-icon-alert')) . ' ' . gTxt('img_dir_not_writeable', array('{imgdir}' => IMPATH)), array('class' => 'alert-block warning')); } elseif (has_privs('image.edit.own')) { echo upload_form(gTxt('upload_image'), 'upload_image', 'image_insert', 'image', '', $file_max_upload_size); } switch ($sort) { case 'name': $sort_sql = 'name ' . $dir; break; case 'thumbnail': $sort_sql = 'thumbnail ' . $dir . ', id asc'; break; case 'category': $sort_sql = 'category ' . $dir . ', id asc'; break; case 'date': $sort_sql = 'date ' . $dir . ', id asc'; break; case 'author': $sort_sql = 'author ' . $dir . ', id asc'; break; default: $sort = 'id'; $sort_sql = 'id ' . $dir; break; } set_pref('image_sort_column', $sort, 'image', 2, '', 0, PREF_PRIVATE); set_pref('image_sort_dir', $dir, 'image', 2, '', 0, PREF_PRIVATE); $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit != '') { $verbatim = preg_match('/^"(.*)"$/', $crit, $m); $crit_escaped = $verbatim ? doSlash($m[1]) : doLike($crit); $critsql = $verbatim ? array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name = '{$crit_escaped}'", 'category' => "category = '{$crit_escaped}'", 'author' => "author = '{$crit_escaped}'", 'alt' => "alt = '{$crit_escaped}'", 'caption' => "caption = '{$crit_escaped}'") : array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'", 'alt' => "alt like '%{$crit_escaped}%'", 'caption' => "caption like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $criteria .= callback_event('admin_criteria', 'image_list', 0, $criteria); $total = safe_count('txp_image', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . image_search_form($crit, $search_method) . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>'; } else { echo graf(gTxt('no_images_recorded'), ' class="indicator"') . '</div>'; } return; } $limit = max($image_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo image_search_form($crit, $search_method); $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_image', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}\n "); echo pluggable_ui('image_ui', 'extend_controls', '', $rs); echo '</div>'; // End txp-control-panel. if ($rs) { $show_authors = !has_single_author('txp_image'); echo n . tag_start('div', array('id' => $event . '_container', 'class' => 'txp-container')) . n . tag_start('form', array('action' => 'index.php', 'id' => 'images_form', 'class' => 'multi_edit_form', 'method' => 'post', 'name' => 'longform')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' scope="col" title="' . gTxt('toggle_all_selected') . '" class="txp-list-col-multi-edit"') . column_head('ID', 'id', 'image', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'txp-list-col-id') . column_head('name', 'name', 'image', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-name') . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'txp-list-col-created date images_detail') . column_head('thumbnail', 'thumbnail', 'image', true, $switch_dir, $crit, $search_method, ('thumbnail' == $sort ? "{$dir} " : '') . 'txp-list-col-thumbnail') . hCell(gTxt('tags'), '', ' scope="col" class="txp-list-col-tag-build images_detail"') . column_head('image_category', 'category', 'image', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'txp-list-col-category category') . ($show_authors ? column_head('author', 'author', 'image', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'txp-list-col-author name') : '')) . n . tag_end('thead') . n . tag_start('tbody'); $validator = new Validator(); while ($a = nextRow($rs)) { extract($a); $edit_url = array('event' => 'image', 'step' => 'image_edit', 'id' => $id, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit); $name = empty($name) ? gTxt('unnamed') : txpspecialchars($name); if ($thumbnail) { if ($ext != '.swf') { $thumbnail = '<img class="content-image" src="' . imagesrcurl($id, $ext, true) . "?{$uDate}" . '" alt="" ' . "title='{$id}{$ext} ({$w} × {$h})'" . ($thumb_w ? " width='{$thumb_w}' height='{$thumb_h}'" : '') . ' />'; } else { $thumbnail = ''; } } else { $thumbnail = gTxt('no'); } if ($ext != '.swf') { $tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption); $tagbuilder = href('Textile', $tag_url . a . 'type=textile', ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('|', array('role' => 'separator')) . sp . href('Textpattern', $tag_url . a . 'type=textpattern', ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('|', array('role' => 'separator')) . sp . href('HTML', $tag_url . a . 'type=html', ' target="_blank" onclick="popWin(this.href); return false;"'); } else { $tagbuilder = sp; } $validator->setConstraints(array(new CategoryConstraint($category, array('type' => 'image')))); $vc = $validator->validate() ? '' : ' error'; $category = $category ? span($category, array('title' => fetch_category_title($category, 'image'))) : ''; $can_edit = has_privs('image.edit') || $author === $txp_user && has_privs('image.edit.own'); echo tr(td($can_edit ? fInput('checkbox', 'selected[]', $id) : ' ', '', 'txp-list-col-multi-edit') . hCell(($can_edit ? href($id, $edit_url, array('title' => gTxt('edit'))) : $id) . sp . span(span('[', array('aria-hidden' => 'true')) . href(gTxt('view'), imagesrcurl($id, $ext)) . span(']', array('aria-hidden' => 'true')), array('class' => 'images_detail')), '', ' scope="row" class="txp-list-col-id"') . td($can_edit ? href($name, $edit_url, ' title="' . gTxt('edit') . '"') : $name, '', 'txp-list-col-name') . td(gTime($uDate), '', 'txp-list-col-created date images_detail') . td(pluggable_ui('image_ui', 'thumbnail', $can_edit ? href($thumbnail, $edit_url) : $thumbnail, $a), '', 'txp-list-col-thumbnail') . td($tagbuilder, '', 'txp-list-col-tag-build images_detail') . td($category, '', 'txp-list-col-category category' . $vc) . ($show_authors ? td(span(txpspecialchars($author), array('title' => get_author_name($author))), '', 'txp-list-col-author name') : '')); } echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . image_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . graf(toggle_box('images_detail'), array('class' => 'detail-toggle')) . n . tag_start('div', array('id' => $event . '_navigation', 'class' => 'txp-navigation')) . pageby_form('image', $image_list_pageby) . nav_form('image', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div') . n . tag_end('div'); } }
function file_list($message = '') { global $file_base_path, $file_statuses, $file_list_pageby, $txp_user, $event; pagetop(gTxt('tab_file'), $message); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('file_sort_column', 'filename'); } if ($dir === '') { $dir = get_pref('file_sort_dir', 'asc'); } $dir = $dir == 'desc' ? 'desc' : 'asc'; echo '<h1 class="txp-heading">' . gTxt('tab_file') . '</h1>'; echo '<div id="' . $event . '_control" class="txp-control-panel">'; if (!is_dir($file_base_path) or !is_writeable($file_base_path)) { echo graf(gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), ' class="alert-block warning"'); } elseif (has_privs('file.edit.own')) { $existing_files = get_filenames(); if (count($existing_files) > 0) { echo form(eInput('file') . sInput('file_create') . graf('<label for="file-existing">' . gTxt('existing_file') . '</label>' . sp . selectInput('filename', $existing_files, '', 1, '', 'file-existing') . sp . fInput('submit', '', gTxt('Create')), ' class="existing-file"'), '', '', 'post', '', '', 'assign_file'); } echo file_upload_form(gTxt('upload_file'), 'upload', 'file_insert'); } switch ($sort) { case 'id': $sort_sql = 'id ' . $dir; break; case 'description': $sort_sql = 'description ' . $dir . ', filename desc'; break; case 'category': $sort_sql = 'category ' . $dir . ', filename desc'; break; case 'title': $sort_sql = 'title ' . $dir . ', filename desc'; break; case 'downloads': $sort_sql = 'downloads ' . $dir . ', filename desc'; break; case 'author': $sort_sql = 'author ' . $dir . ', id asc'; break; default: $sort = 'filename'; $sort_sql = 'filename ' . $dir; break; } set_pref('file_sort_column', $sort, 'file', PREF_HIDDEN, '', 0, PREF_PRIVATE); set_pref('file_sort_dir', $dir, 'file', PREF_HIDDEN, '', 0, PREF_PRIVATE); $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit != '') { $verbatim = preg_match('/^"(.*)"$/', $crit, $m); $crit_escaped = doSlash($verbatim ? $m[1] : str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit)); $critsql = $verbatim ? array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "filename = '{$crit_escaped}'", 'title' => "title = '{$crit_escaped}'", 'description' => "description = '{$crit_escaped}'", 'category' => "category = '{$crit_escaped}'", 'author' => "author = '{$crit_escaped}'") : array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "filename like '%{$crit_escaped}%'", 'title' => "title like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $criteria .= callback_event('admin_criteria', 'file_list', 0, $criteria); $total = safe_count('txp_file', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . file_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>'; } else { echo n . graf(gTxt('no_files_recorded'), ' class="indicator"') . '</div>'; } return; } $limit = max($file_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo file_search_form($crit, $search_method) . '</div>'; $rs = safe_rows_start('*', 'txp_file', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { $show_authors = !has_single_author('txp_file'); echo n . '<div id="' . $event . '_container" class="txp-container">'; echo '<form name="longform" id="files_form" class="multi_edit_form" method="post" action="index.php">' . n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . n . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method, ('filename' == $sort ? "{$dir} " : '') . 'name') . n . column_head('title', 'title', 'file', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'title') . n . column_head('description', 'description', 'file', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'files_detail description') . n . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . n . hCell(gTxt('tags'), '', ' class="files_detail tag-build"') . n . hCell(gTxt('status'), '', ' class="status"') . n . hCell(gTxt('condition'), '', ' class="condition"') . n . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method, ('downloads' == $sort ? "{$dir} " : '') . 'downloads') . ($show_authors ? n . column_head('author', 'author', 'file', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '')) . n . '</thead>'; echo '<tbody>'; $validator = new Validator(); while ($a = nextRow($rs)) { extract($a); $filename = sanitizeForFile($filename); $edit_url = '?event=file' . a . 'step=file_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; $file_exists = file_exists(build_file_path($file_base_path, $filename)); $download_link = $file_exists ? make_download_link($id, $downloads, $filename) : $downloads; $validator->setConstraints(array(new CategoryConstraint($category, array('type' => 'file')))); $vc = $validator->validate() ? '' : ' error'; $category = $category ? '<span title="' . txpspecialchars(fetch_category_title($category, 'file')) . '">' . $category . '</span>' : ''; $tag_url = '?event=tag' . a . 'tag_name=file_download_link' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename); $condition = '<span class="'; $condition .= $file_exists ? 'success' : 'error'; $condition .= '">'; $condition .= $file_exists ? gTxt('file_status_ok') : gTxt('file_status_missing'); $condition .= '</span>'; $can_edit = has_privs('file.edit') || $author == $txp_user && has_privs('file.edit.own'); echo tr(n . td($can_edit ? fInput('checkbox', 'selected[]', $id) : ' ', '', 'multi-edit') . n . td(($can_edit ? href($id, $edit_url, ' title="' . gTxt('edit') . '"') : $id) . ($file_exists ? sp . '<span class="files_detail">[' . make_download_link($id, gTxt('download'), $filename) . ']</span>' : ''), '', 'id') . td($can_edit ? href(txpspecialchars($filename), $edit_url, ' title="' . gTxt('edit') . '"') : txpspecialchars($filename), '', 'name') . td(txpspecialchars($title), '', 'title') . td(txpspecialchars($description), '', 'files_detail description') . td($category, '', 'category' . $vc) . td(n . '<a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href, 400, 250); return false;">Textile</a>' . sp . '|' . sp . '<a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href, 400, 250); return false;">Textpattern</a>' . sp . '|' . sp . '<a target="_blank" href="' . $tag_url . a . 'type=html" onclick="popWin(this.href, 400, 250); return false;">HTML</a>', '', 'files_detail tag-build') . td(in_array($status, array_keys($file_statuses)) ? $file_statuses[$status] : '<span class="error">' . gTxt('none') . '</span>', '', 'status') . td($condition, '', 'condition') . td($download_link, '', 'downloads') . ($show_authors ? td('<span title="' . txpspecialchars(get_author_name($author)) . '">' . txpspecialchars($author) . '</span>', '', 'author') : '')); } echo '</tbody>', n, endTable(), n, '</div>', n, file_multiedit_form($page, $sort, $dir, $crit, $search_method), n, tInput(), n, '</form>', n, graf(toggle_box('files_detail'), ' class="detail-toggle"'), n, '<div id="' . $event . '_navigation" class="txp-navigation">', n, nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit), n, pageby_form('file', $file_list_pageby), n, '</div>', n, '</div>'; } }
function link_list($message = '') { global $event, $step, $link_list_pageby, $txp_user; extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('link_sort_column', 'name'); } if ($dir === '') { $dir = get_pref('link_sort_dir', 'asc'); } $dir = $dir == 'desc' ? 'desc' : 'asc'; switch ($sort) { case 'id': $sort_sql = 'id ' . $dir; break; case 'description': $sort_sql = 'description ' . $dir . ', id asc'; break; case 'category': $sort_sql = 'category ' . $dir . ', id asc'; break; case 'date': $sort_sql = 'date ' . $dir . ', id asc'; break; case 'author': $sort_sql = 'author ' . $dir . ', id asc'; break; default: $sort = 'name'; $sort_sql = 'linksort ' . $dir . ', id asc'; break; } set_pref('link_sort_column', $sort, 'link', 2, '', 0, PREF_PRIVATE); set_pref('link_sort_dir', $dir, 'link', 2, '', 0, PREF_PRIVATE); $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit)); $critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = getCount('txp_link', $criteria); echo '<div id="' . $event . '_control" class="txp-control-panel">'; if ($total < 1) { if ($criteria != 1) { echo n . link_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>'; } else { echo n . graf(gTxt('no_links_recorded'), ' class="indicator"') . '</div>'; } return; } $limit = max($link_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo link_search_form($crit, $search_method) . '</div>'; $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_link', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { $show_authors = !has_single_author('txp_link'); echo n . '<div class="txp-list">'; echo n . n . '<form action="index.php" id="links_form" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list', '', 'list') . n . '<thead>' . n . tr(column_head('ID', 'id', 'link', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . hCell('', '', ' class="actions"') . column_head('link_name', 'name', 'link', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . column_head('description', 'description', 'link', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'description') . column_head('link_category', 'category', 'link', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . column_head('date', 'date', 'link', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'date created') . ($show_authors ? column_head('author', 'author', 'link', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '') . hCell('', '', ' class="multi-edit"')) . n . '</thead>'; $tfoot = n . '<tfoot>' . tr(tda(select_buttons() . link_multiedit_form($page, $sort, $dir, $crit, $search_method), ' class="multi-edit" colspan="' . ($show_authors ? '8' : '7') . '" style="text-align: right; border: none;"')) . n . '</tfoot>'; echo $tfoot; echo '<tbody>'; $ctr = 1; while ($a = nextRow($rs)) { extract($a); $edit_url = '?event=link' . a . 'step=link_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; $can_edit = has_privs('link.edit') || $author == $txp_user && has_privs('link.edit.own'); echo tr(n . td($id, 20, 'id') . td(n . '<ul>' . ($can_edit ? n . t . '<li class="action-edit">' . href(gTxt('edit'), $edit_url) . '</li>' : '') . n . t . '<li class="action-view">' . href(gTxt('view'), $url) . '</li>' . n . '</ul>', 35, 'actions') . td($can_edit ? href($linkname, $edit_url) : $linkname, 125, 'name') . td(htmlspecialchars($description), 150, 'description') . td('<span title="' . htmlspecialchars(fetch_category_title($category, 'link')) . '">' . $category . '</span>', 125, 'category') . td(gTime($uDate), 75, 'date created') . ($show_authors ? td('<span title="' . htmlspecialchars(get_author_name($author)) . '">' . htmlspecialchars($author) . '</span>', '', 'author') : '') . td(fInput('checkbox', 'selected[]', $id), '', 'multi-edit'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"'); $ctr++; } echo '</tbody>' . n . endTable() . n . '</form>' . n . '<div id="' . $event . '_navigation" class="txp-navigation">' . n . nav_form('link', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . pageby_form('link', $link_list_pageby) . n . '</div>' . n . '</div>'; } }
function image_list($message = '') { global $txpcfg, $extensions, $img_dir, $file_max_upload_size, $image_list_pageby, $txp_user, $event; pagetop(gTxt('tab_image'), $message); extract($txpcfg); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('image_sort_column', 'id'); } if ($dir === '') { $dir = get_pref('image_sort_dir', 'desc'); } $dir = $dir == 'asc' ? 'asc' : 'desc'; echo '<h1 class="txp-heading">' . gTxt('tab_image') . '</h1>'; echo '<div id="' . $event . '_control" class="txp-control-panel">'; if (!is_dir(IMPATH) or !is_writeable(IMPATH)) { echo graf(gTxt('img_dir_not_writeable', array('{imgdir}' => IMPATH)), ' class="alert-block warning"'); } elseif (has_privs('image.edit.own')) { echo upload_form(gTxt('upload_image'), 'upload_image', 'image_insert', 'image', '', $file_max_upload_size); } switch ($sort) { case 'name': $sort_sql = 'name ' . $dir; break; case 'thumbnail': $sort_sql = 'thumbnail ' . $dir . ', id asc'; break; case 'category': $sort_sql = 'category ' . $dir . ', id asc'; break; case 'date': $sort_sql = 'date ' . $dir . ', id asc'; break; case 'author': $sort_sql = 'author ' . $dir . ', id asc'; break; default: $sort = 'id'; $sort_sql = 'id ' . $dir; break; } set_pref('image_sort_column', $sort, 'image', 2, '', 0, PREF_PRIVATE); set_pref('image_sort_dir', $dir, 'image', 2, '', 0, PREF_PRIVATE); $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit != '') { $verbatim = preg_match('/^"(.*)"$/', $crit, $m); $crit_escaped = doSlash($verbatim ? $m[1] : str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit)); $critsql = $verbatim ? array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name = '{$crit_escaped}'", 'category' => "category = '{$crit_escaped}'", 'author' => "author = '{$crit_escaped}'", 'alt' => "alt = '{$crit_escaped}'", 'caption' => "caption = '{$crit_escaped}'") : array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'", 'alt' => "alt like '%{$crit_escaped}%'", 'caption' => "caption like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $criteria .= callback_event('admin_criteria', 'image_list', 0, $criteria); $total = safe_count('txp_image', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . image_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>'; } else { echo n . graf(gTxt('no_images_recorded'), ' class="indicator"') . '</div>'; } return; } $limit = max($image_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo image_search_form($crit, $search_method); $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_image', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}\n\t\t"); echo pluggable_ui('image_ui', 'extend_controls', '', $rs); echo '</div>'; // end txp-control-panel if ($rs) { $show_authors = !has_single_author('txp_image'); echo n . '<div id="' . $event . '_container" class="txp-container">'; echo n . n . '<form name="longform" id="images_form" class="multi_edit_form" method="post" action="index.php">' . n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . n . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('ID', 'id', 'image', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . n . column_head('name', 'name', 'image', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . n . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'images_detail date created') . n . column_head('thumbnail', 'thumbnail', 'image', true, $switch_dir, $crit, $search_method, ('thumbnail' == $sort ? "{$dir} " : '') . 'thumbnail') . n . hCell(gTxt('tags'), '', ' class="images_detail tag-build"') . n . column_head('image_category', 'category', 'image', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . ($show_authors ? n . column_head('author', 'author', 'image', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '')) . n . '</thead>'; echo '<tbody>'; $validator = new Validator(); while ($a = nextRow($rs)) { extract($a); $edit_url = '?event=image' . a . 'step=image_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; $name = empty($name) ? gTxt('unnamed') : txpspecialchars($name); if ($thumbnail) { if ($ext != '.swf') { $thumbnail = '<img class="content-image" src="' . imagesrcurl($id, $ext, true) . "?{$uDate}" . '" alt="" ' . "title='{$id}{$ext} ({$w} × {$h})'" . ($thumb_w ? " width='{$thumb_w}' height='{$thumb_h}'" : '') . ' />'; } else { $thumbnail = ''; } } else { $thumbnail = gTxt('no'); } if ($ext != '.swf') { $tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption); $tagbuilder = '<a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href); return false;">Textile</a>' . sp . '|' . sp . '<a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href); return false;">Textpattern</a>' . sp . '|' . sp . '<a target="_blank" href="' . $tag_url . a . 'type=html" onclick="popWin(this.href); return false;">HTML</a>'; } else { $tagbuilder = sp; } $validator->setConstraints(array(new CategoryConstraint($category, array('type' => 'image')))); $vc = $validator->validate() ? '' : ' error'; $category = $category ? '<span title="' . txpspecialchars(fetch_category_title($category, 'image')) . '">' . $category . '</span>' : ''; $can_edit = has_privs('image.edit') || $author == $txp_user && has_privs('image.edit.own'); echo n . n . tr(n . td($can_edit ? fInput('checkbox', 'selected[]', $id) : ' ', '', 'multi-edit') . n . td(($can_edit ? href($id, $edit_url, ' title="' . gTxt('edit') . '"') : $id) . sp . '<span class="images_detail">[<a href="' . imagesrcurl($id, $ext) . '">' . gTxt('view') . '</a>]</span>', '', 'id') . td($can_edit ? href($name, $edit_url, ' title="' . gTxt('edit') . '"') : $name, '', 'name') . td(gTime($uDate), '', 'images_detail date created') . td(pluggable_ui('image_ui', 'thumbnail', $can_edit ? href($thumbnail, $edit_url) : $thumbnail, $a), '', 'thumbnail') . td($tagbuilder, '', 'images_detail tag-build') . td($category, '', 'category' . $vc) . ($show_authors ? td('<span title="' . txpspecialchars(get_author_name($author)) . '">' . txpspecialchars($author) . '</span>', '', 'author') : '')); } echo '</tbody>', n, endTable(), n, '</div>', n, image_multiedit_form($page, $sort, $dir, $crit, $search_method), n, tInput(), n, '</form>', n, graf(toggle_box('images_detail'), ' class="detail-toggle"'), n, '<div id="' . $event . '_navigation" class="txp-navigation">', n, nav_form('image', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit), n, pageby_form('image', $image_list_pageby), n, '</div>', n, '</div>'; } }
function category2($atts) { global $thisarticle; extract(lAtts(array('link' => ''), $atts)); if ($thisarticle['category2']) { $cat_title = fetch_category_title($thisarticle['category2']); if (!empty($link)) { return '<a href="' . hu . strtolower(urlencode(gTxt('category'))) . '/' . strtolower(urlencode($thisarticle['category2'])) . '">' . $cat_title . '</a>'; } return $cat_title; } }
function list_list($message = '', $post = '') { global $statuses, $comments_disabled_after, $step, $txp_user, $article_list_pageby, $event; pagetop(gTxt('tab_list'), $message); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('article_sort_column', 'posted'); } if ($dir === '') { $dir = get_pref('article_sort_dir', 'desc'); } $dir = $dir == 'asc' ? 'asc' : 'desc'; $sesutats = array_flip($statuses); switch ($sort) { case 'id': $sort_sql = 'ID ' . $dir; break; case 'title': $sort_sql = 'Title ' . $dir . ', Posted desc'; break; case 'expires': $sort_sql = 'Expires ' . $dir; break; case 'section': $sort_sql = 'Section ' . $dir . ', Posted desc'; break; case 'category1': $sort_sql = 'Category1 ' . $dir . ', Posted desc'; break; case 'category2': $sort_sql = 'Category2 ' . $dir . ', Posted desc'; break; case 'status': $sort_sql = 'Status ' . $dir . ', Posted desc'; break; case 'author': $sort_sql = 'AuthorID ' . $dir . ', Posted desc'; break; case 'comments': $sort_sql = 'comments_count ' . $dir . ', Posted desc'; break; case 'lastmod': $sort_sql = 'LastMod ' . $dir . ', Posted desc'; break; default: $sort = 'posted'; $sort_sql = 'Posted ' . $dir; break; } set_pref('article_sort_column', $sort, 'list', 2, '', 0, PREF_PRIVATE); set_pref('article_sort_dir', $dir, 'list', 2, '', 0, PREF_PRIVATE); $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit != '') { $verbatim = preg_match('/^"(.*)"$/', $crit, $m); $crit_escaped = doSlash($verbatim ? $m[1] : str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit)); $critsql = $verbatim ? array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'title_body_excerpt' => "Title = '{$crit_escaped}' or Body = '{$crit_escaped}' or Excerpt = '{$crit_escaped}'", 'section' => "Section = '{$crit_escaped}'", 'keywords' => "FIND_IN_SET('" . $crit_escaped . "',Keywords)", 'categories' => "Category1 = '{$crit_escaped}' or Category2 = '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID = '{$crit_escaped}'", 'article_image' => "Image in ('" . join("','", do_list($crit_escaped)) . "')", 'posted' => "Posted = '{$crit_escaped}'", 'lastmod' => "LastMod = '{$crit_escaped}'") : array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'title_body_excerpt' => "Title like '%{$crit_escaped}%' or Body like '%{$crit_escaped}%' or Excerpt like '%{$crit_escaped}%'", 'section' => "Section like '%{$crit_escaped}%'", 'keywords' => "FIND_IN_SET('" . $crit_escaped . "',Keywords)", 'categories' => "Category1 like '%{$crit_escaped}%' or Category2 like '%{$crit_escaped}%'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID like '%{$crit_escaped}%'", 'article_image' => "Image in ('" . join("','", do_list($crit_escaped)) . "')", 'posted' => "Posted like '{$crit_escaped}%'", 'lastmod' => "LastMod like '{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $criteria .= callback_event('admin_criteria', 'list_list', 0, $criteria); $total = safe_count('textpattern', "{$criteria}"); echo '<h1 class="txp-heading">' . gTxt('tab_list') . '</h1>'; echo '<div id="' . $event . '_control" class="txp-control-panel">'; if ($total < 1) { if ($criteria != 1) { echo n . list_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>'; } else { echo graf(gTxt('no_articles_recorded'), ' class="indicator"') . '</div>'; } return; } $limit = max($article_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo n . list_search_form($crit, $search_method) . '</div>'; $rs = safe_rows_start('*, unix_timestamp(Posted) as posted, unix_timestamp(LastMod) as lastmod, unix_timestamp(Expires) as expires', 'textpattern', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { $show_authors = !has_single_author('textpattern', 'AuthorID'); $total_comments = array(); // fetch true comment count, not the public comment count // maybe we should have another row in the db? $rs2 = safe_rows_start('parentid, count(*) as num', 'txp_discuss', "1 group by parentid order by parentid"); if ($rs2) { while ($a = nextRow($rs2)) { $pid = $a['parentid']; $num = $a['num']; $total_comments[$pid] = $num; } } echo n . '<div id="' . $event . '_container" class="txp-container">'; echo n . n . '<form name="longform" id="articles_form" class="multi_edit_form" method="post" action="index.php">' . n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . n . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('ID', 'id', 'list', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id actions') . column_head('title', 'title', 'list', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'title') . column_head('posted', 'posted', 'list', true, $switch_dir, $crit, $search_method, ('posted' == $sort ? "{$dir} " : '') . 'date posted created') . column_head('article_modified', 'lastmod', 'list', true, $switch_dir, $crit, $search_method, ('lastmod' == $sort ? "{$dir} " : '') . 'articles_detail date modified') . column_head('expires', 'expires', 'list', true, $switch_dir, $crit, $search_method, ('expires' == $sort ? "{$dir} " : '') . 'articles_detail date expires') . column_head('section', 'section', 'list', true, $switch_dir, $crit, $search_method, ('section' == $sort ? "{$dir} " : '') . 'section') . column_head('category1', 'category1', 'list', true, $switch_dir, $crit, $search_method, ('category1' == $sort ? "{$dir} " : '') . 'articles_detail category category1') . column_head('category2', 'category2', 'list', true, $switch_dir, $crit, $search_method, ('category2' == $sort ? "{$dir} " : '') . 'articles_detail category category2') . column_head('status', 'status', 'list', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'status') . ($show_authors ? column_head('author', 'author', 'list', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '') . column_head('comments', 'comments', 'list', true, $switch_dir, $crit, $search_method, ('comments' == $sort ? "{$dir} " : '') . 'articles_detail comments')) . n . '</thead>'; include_once txpath . '/publish/taghandlers.php'; echo '<tbody>'; $validator = new Validator(); while ($a = nextRow($rs)) { extract($a); if (empty($Title)) { $Title = '<em>' . eLink('article', 'edit', 'ID', $ID, gTxt('untitled')) . '</em>'; } else { $Title = eLink('article', 'edit', 'ID', $ID, $Title); } // Valid section and categories? $validator->setConstraints(array(new SectionConstraint($Section))); $vs = $validator->validate() ? '' : ' error'; $validator->setConstraints(array(new CategoryConstraint($Category1, array('type' => 'article')))); $vc[1] = $validator->validate() ? '' : ' error'; $validator->setConstraints(array(new CategoryConstraint($Category2, array('type' => 'article')))); $vc[2] = $validator->validate() ? '' : ' error'; $Category1 = $Category1 ? '<span title="' . txpspecialchars(fetch_category_title($Category1)) . '">' . $Category1 . '</span>' : ''; $Category2 = $Category2 ? '<span title="' . txpspecialchars(fetch_category_title($Category2)) . '">' . $Category2 . '</span>' : ''; if ($Status != STATUS_LIVE and $Status != STATUS_STICKY) { $view_url = '?txpreview=' . intval($ID) . '.' . time(); } else { $view_url = permlinkurl($a); } $Status = !empty($Status) ? $statuses[$Status] : ''; $comments = '(0)'; if (isset($total_comments[$ID]) and $total_comments[$ID] > 0) { $comments = href('(' . $total_comments[$ID] . ')', 'index.php?event=discuss' . a . 'step=list' . a . 'search_method=parent' . a . 'crit=' . $ID, ' title="' . gTxt('manage') . '"'); } $comment_status = $Annotate ? gTxt('on') : gTxt('off'); if ($comments_disabled_after) { $lifespan = $comments_disabled_after * 86400; $time_since = time() - $posted; if ($time_since > $lifespan) { $comment_status = gTxt('expired'); } } $comments = n . '<span class="comments-status">' . $comment_status . '</span> <span class="comments-manage">' . $comments . '</span>'; echo n . n . tr(n . td(($a['Status'] >= STATUS_LIVE and has_privs('article.edit.published') or $a['Status'] >= STATUS_LIVE and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $a['Status'] < STATUS_LIVE and has_privs('article.edit') or $a['Status'] < STATUS_LIVE and $AuthorID == $txp_user and has_privs('article.edit.own')) ? fInput('checkbox', 'selected[]', $ID, 'checkbox') : ' ', '', 'multi-edit') . n . td(eLink('article', 'edit', 'ID', $ID, $ID) . sp . '<span class="articles_detail">[<a href="' . $view_url . '">' . gTxt('view') . '</a>]</span>', '', 'id') . td($Title, '', 'title') . td(gTime($posted), '', ($posted < time() ? '' : 'unpublished ') . 'date posted created') . td(gTime($lastmod), '', "articles_detail date modified") . td($expires ? gTime($expires) : '', '', 'articles_detail date expires') . td('<span title="' . txpspecialchars(fetch_section_title($Section)) . '">' . $Section . '</span>', '', 'section' . $vs) . td($Category1, '', "articles_detail category category1" . $vc[1]) . td($Category2, '', "articles_detail category category2" . $vc[2]) . td('<a href="' . $view_url . '" title="' . gTxt('view') . '">' . $Status . '</a>', '', 'status') . ($show_authors ? td('<span title="' . txpspecialchars(get_author_name($AuthorID)) . '">' . txpspecialchars($AuthorID) . '</span>', '', 'author') : '') . td($comments, '', "articles_detail comments")); } echo '</tbody>', n, endTable(), n, '</div>', n, list_multiedit_form($page, $sort, $dir, $crit, $search_method), n, tInput(), n, '</form>', n, graf(toggle_box('articles_detail'), ' class="detail-toggle"'), n, '<div id="' . $event . '_navigation" class="txp-navigation">', n, nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit), n, pageby_form('list', $article_list_pageby), n, '</div>', n, '</div>'; } }
function file_list($message = '') { global $txpcfg, $extensions, $file_base_path, $file_statuses, $file_list_pageby; pagetop(gTxt('file'), $message); extract($txpcfg); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if (!is_dir($file_base_path) or !is_writeable($file_base_path)) { echo graf(gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), ' id="warning"'); } else { $existing_files = get_filenames(); if (count($existing_files) > 0) { echo form(eInput('file') . sInput('file_create') . graf(gTxt('existing_file') . sp . selectInput('filename', $existing_files, '', 1) . sp . fInput('submit', '', gTxt('Create'), 'smallerbox')), 'text-align: center;'); } echo file_upload_form(gTxt('upload_file'), 'upload', 'file_insert'); } $dir = $dir == 'desc' ? 'desc' : 'asc'; switch ($sort) { case 'id': $sort_sql = 'id ' . $dir; break; case 'description': $sort_sql = 'description ' . $dir . ', filename desc'; break; case 'category': $sort_sql = 'category ' . $dir . ', filename desc'; break; case 'downloads': $sort_sql = 'downloads ' . $dir . ', filename desc'; break; default: $sort = 'filename'; $sort_sql = 'filename ' . $dir; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "filename like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('txp_file', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . file_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"'); } else { echo n . graf(gTxt('no_files_recorded'), ' class="indicator"'); } return; } $limit = max($file_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo file_search_form($crit, $search_method); $rs = safe_rows_start('*', 'txp_file', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { echo '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list') . tr(column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . hCell() . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method, 'filename' == $sort ? $dir : '') . column_head('description', 'description', 'file', true, $switch_dir, $crit, $search_method, 'description' == $sort ? $dir : '') . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method, 'category' == $sort ? $dir : '') . hCell(gTxt('tags')) . hCell(gTxt('status')) . hCell(gTxt('condition')) . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method, 'downloads' == $sort ? $dir : '') . hCell()); while ($a = nextRow($rs)) { extract($a); $edit_url = '?event=file' . a . 'step=file_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; $file_exists = file_exists(build_file_path($file_base_path, $filename)); $download_link = $file_exists ? '<li>' . make_download_link($id, '', $filename) . '</li>' : ''; $category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'file')) . '">' . $category . '</span>' : ''; $tag_url = '?event=tag' . a . 'tag_name=file_download_link' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename); $condition = '<span class="'; $condition .= $file_exists ? 'ok' : 'not-ok'; $condition .= '">'; $condition .= $file_exists ? gTxt('file_status_ok') : gTxt('file_status_missing'); $condition .= '</span>'; echo tr(n . td($id) . td('<ul>' . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . $download_link . '</ul>', 65) . td(href(htmlspecialchars($filename), $edit_url), 125) . td(htmlspecialchars($description), 150) . td($category, 90) . td(n . '<ul>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href, 400, 250); return false;">Textile</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href, 400, 250); return false;">Textpattern</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href, 400, 250); return false;">XHTML</a></li>' . n . '</ul>', 75) . td($file_statuses[$status], 45) . td($condition, 45) . td($downloads == '0' ? gTxt('none') : $downloads, 25) . td(fInput('checkbox', 'selected[]', $id), 10)); } echo tr(tda(select_buttons() . file_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="10" style="text-align: right; border: none;"')) . endTable() . '</form>' . nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('file', $file_list_pageby); } }
function image_list($message = '') { global $txpcfg, $extensions, $img_dir, $file_max_upload_size, $image_list_pageby; pagetop(gTxt('images'), $message); extract($txpcfg); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if (!is_dir(IMPATH) or !is_writeable(IMPATH)) { echo graf(gTxt('img_dir_not_writeable', array('{imgdir}' => IMPATH)), ' id="warning"'); } else { echo upload_form(gTxt('upload_image'), 'upload', 'image_insert', 'image', '', $file_max_upload_size); } $dir = $dir == 'asc' ? 'asc' : 'desc'; switch ($sort) { case 'name': $sort_sql = 'name ' . $dir; break; case 'thumbnail': $sort_sql = 'thumbnail ' . $dir . ', id asc'; break; case 'category': $sort_sql = 'category ' . $dir . ', id asc'; break; case 'date': $sort_sql = 'date ' . $dir . ', id asc'; break; case 'author': $sort_sql = 'author ' . $dir . ', id asc'; break; default: $sort = 'id'; $sort_sql = 'id ' . $dir; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'", 'alt' => "alt like '%{$crit_escaped}%'", 'caption' => "caption like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('txp_image', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . image_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"'); } else { echo n . graf(gTxt('no_images_recorded'), ' class="indicator"'); } return; } $limit = max($image_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo image_search_form($crit, $search_method); $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_image', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}\n\t\t"); if ($rs) { echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . n . startTable('list') . n . tr(column_head('ID', 'id', 'image', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . hCell() . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method, 'date' == $sort ? $dir : '') . column_head('name', 'name', 'image', true, $switch_dir, $crit, $search_method, 'name' == $sort ? $dir : '') . column_head('thumbnail', 'thumbnail', 'image', true, $switch_dir, $crit, $search_method, 'thumbnail' == $sort ? $dir : '') . hCell(gTxt('tags')) . column_head('image_category', 'category', 'image', true, $switch_dir, $crit, $search_method, 'category' == $sort ? $dir : '') . column_head('author', 'author', 'image', true, $switch_dir, $crit, $search_method, 'author' == $sort ? $dir : '') . hCell()); while ($a = nextRow($rs)) { extract($a); $edit_url = '?event=image' . a . 'step=image_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; $name = empty($name) ? gTxt('unnamed') : htmlspecialchars($name); if ($thumbnail) { if ($ext != '.swf') { $thumbnail = '<img src="' . hu . $img_dir . '/' . $id . 't' . $ext . "?{$uDate}" . '" alt="" />'; } else { $thumbnail = ''; } } else { $thumbnail = gTxt('no'); } if ($ext != '.swf') { $tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption); $tagbuilder = '<ul>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href); return false;">Textile</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href); return false;">Textpattern</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href); return false;">XHTML</a></li>' . '</ul>'; } else { $tagbuilder = sp; } $category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'image')) . '">' . $category . '</span>' : ''; echo n . n . tr(n . td($id, 20) . td(n . '<ul>' . n . t . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . n . t . '<li><a href="' . hu . $img_dir . '/' . $id . $ext . '">' . gTxt('view') . '</a></li>' . n . '</ul>', 35) . td(gTime($uDate), 75) . td(href($name, $edit_url), 75) . td(href($thumbnail, $edit_url), 80) . td($tagbuilder, 85) . td($category, 75) . td('<span title="' . htmlspecialchars(get_author_name($author)) . '">' . htmlspecialchars($author) . '</span>', 75) . td(fInput('checkbox', 'selected[]', $id), 10)); } echo n . n . tr(tda(select_buttons() . image_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="9" style="text-align: right; border: none;"')) . endTable() . '</form>' . nav_form('image', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('image', $image_list_pageby); } }
function link_list($message = '') { global $step, $link_list_pageby; extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); $dir = $dir == 'desc' ? 'desc' : 'asc'; switch ($sort) { case 'id': $sort_sql = 'id ' . $dir; break; case 'description': $sort_sql = 'description ' . $dir . ', id asc'; break; case 'category': $sort_sql = 'category ' . $dir . ', id asc'; break; case 'date': $sort_sql = 'date ' . $dir . ', id asc'; break; default: $sort = 'name'; $sort_sql = 'linksort ' . $dir . ', id asc'; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = getCount('txp_link', $criteria); if ($total < 1) { if ($criteria != 1) { echo n . link_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"'); } else { echo n . graf(gTxt('no_links_recorded'), ' class="indicator"'); } return; } $limit = max($link_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo link_search_form($crit, $search_method); $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_link', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { echo n . n . '<form action="index.php" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list') . n . tr(column_head('ID', 'id', 'link', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . hCell() . column_head('link_name', 'name', 'link', true, $switch_dir, $crit, $search_method, 'name' == $sort ? $dir : '') . column_head('description', 'description', 'link', true, $switch_dir, $crit, $search_method, 'description' == $sort ? $dir : '') . column_head('link_category', 'category', 'link', true, $switch_dir, $crit, $search_method, 'category' == $sort ? $dir : '') . column_head('date', 'date', 'link', true, $switch_dir, $crit, $search_method, 'date' == $sort ? $dir : '') . hCell()); while ($a = nextRow($rs)) { extract($a); $edit_url = '?event=link' . a . 'step=link_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; echo tr(n . td($id, 20) . td(n . '<ul>' . n . t . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . n . t . '<li>' . href(gTxt('view'), $url) . '</li>' . n . '</ul>', 35) . td(href(htmlspecialchars($linkname), $edit_url), 125) . td(htmlspecialchars($description), 150) . td('<span title="' . htmlspecialchars(fetch_category_title($category, 'link')) . '">' . $category . '</span>', 125) . td(gTime($uDate), 75) . td(fInput('checkbox', 'selected[]', $id))); } echo n . n . tr(tda(select_buttons() . link_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="7" style="text-align: right; border: none;"')) . endTable() . '</form>' . n . nav_form('link', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . pageby_form('link', $link_list_pageby); } }
function file_download_category($atts) { global $thisfile; assert_file(); extract(lAtts(array('class' => '', 'title' => 0, 'wraptag' => ''), $atts)); if ($thisfile['category']) { $category = $title ? fetch_category_title($thisfile['category'], 'file') : $thisfile['category']; return $wraptag ? doTag($category, $wraptag, $class) : $category; } }
function atom() { global $thisarticle; set_error_handler('feedErrorHandler'); ob_clean(); extract($GLOBALS['prefs']); define("t_texthtml", ' type="text/html"'); define("t_text", ' type="text"'); define("t_html", ' type="html"'); define("t_xhtml", ' type="xhtml"'); define('t_appxhtml', ' type="xhtml"'); define("r_relalt", ' rel="alternate"'); define("r_relself", ' rel="self"'); $last = fetch('unix_timestamp(val)', 'txp_prefs', 'name', 'lastmod'); extract(doSlash(gpsa(array('limit', 'area')))); // build filter criteria from a comma-separated list of sections and categories $feed_filter_limit = get_pref('feed_filter_limit', 10); $section = gps('section'); $section = $section ? array_slice(array_unique(do_list($section)), 0, $feed_filter_limit) : array(); $category = gps('category'); $category = $category ? array_slice(array_unique(do_list($category)), 0, $feed_filter_limit) : array(); $st = array(); foreach ($section as $s) { $st[] = fetch_section_title($s); } $ct = array(); foreach ($category as $c) { $ct[] = fetch_category_title($c); } $sitename .= $section ? ' - ' . join(' - ', $st) : ''; $sitename .= $category ? ' - ' . join(' - ', $ct) : ''; $pub = safe_row("RealName, email", "txp_users", "privs=1"); // feed header $out[] = tag(htmlspecialchars($sitename), 'title', t_text); $out[] = tag(htmlspecialchars($site_slogan), 'subtitle', t_text); $out[] = '<link' . r_relself . ' href="' . pagelinkurl(array('atom' => 1, 'area' => $area, 'section' => $section, 'category' => $category, 'limit' => $limit)) . '" />'; $out[] = '<link' . r_relalt . t_texthtml . ' href="' . hu . '" />'; //Atom feeds with mail or domain name $dn = explode('/', $siteurl); $mail_or_domain = $use_mail_on_feeds_id ? eE($blog_mail_uid) : $dn[0]; $out[] = tag('tag:' . $mail_or_domain . ',' . $blog_time_uid . ':' . $blog_uid . ($section ? '/' . join(',', $section) : '') . ($category ? '/' . join(',', $category) : ''), 'id'); $out[] = tag('Textpattern', 'generator', ' uri="http://textpattern.com/" version="' . $version . '"'); $out[] = tag(safe_strftime("w3cdtf", $last), 'updated'); $auth[] = tag($pub['RealName'], 'name'); $auth[] = $include_email_atom ? tag(eE($pub['email']), 'email') : ''; $auth[] = tag(hu, 'uri'); $out[] = tag(n . t . t . join(n . t . t, $auth) . n, 'author'); $out[] = callback_event('atom_head'); // feed items $articles = array(); $section = doSlash($section); $category = doSlash($category); if (!$area or $area == 'article') { $sfilter = !empty($section) ? "and Section in ('" . join("','", $section) . "')" : ''; $cfilter = !empty($category) ? "and (Category1 in ('" . join("','", $category) . "') or Category2 in ('" . join("','", $category) . "'))" : ''; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $frs = safe_column("name", "txp_section", "in_rss != '1'"); $query = array(); foreach ($frs as $f) { $query[] = "and Section != '" . doSlash($f) . "'"; } $query[] = $sfilter; $query[] = $cfilter; $expired = $publish_expired_articles ? '' : ' and (now() <= Expires or Expires = ' . NULLDATETIME . ') '; $rs = safe_rows_start("*,\n\t\t\t\tID as thisid,\n\t\t\t\tunix_timestamp(Posted) as uPosted,\n\t\t\t\tunix_timestamp(Expires) as uExpires,\n\t\t\t\tunix_timestamp(LastMod) as uLastMod", "textpattern", "Status=4 and Posted <= now() {$expired}" . join(' ', $query) . "order by Posted desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); populateArticleData($a); $cb = callback_event('atom_entry'); $e = array(); $a['posted'] = $uPosted; if ($show_comment_count_in_feed) { $count = $comments_count > 0 ? ' [' . $comments_count . ']' : ''; } else { $count = ''; } $thisauthor = get_author_name($AuthorID); $e['thisauthor'] = tag(n . t . t . t . tag(htmlspecialchars($thisauthor), 'name') . n . t . t, 'author'); $e['issued'] = tag(safe_strftime('w3cdtf', $uPosted), 'published'); $e['modified'] = tag(safe_strftime('w3cdtf', $uLastMod), 'updated'); $escaped_title = htmlspecialchars($Title); $e['title'] = tag($escaped_title . $count, 'title', t_html); $permlink = permlinkurl($a); $e['link'] = '<link' . r_relalt . t_texthtml . ' href="' . $permlink . '" />'; $e['id'] = tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $blog_uid . '/' . $uid, 'id'); $e['category1'] = trim($Category1) ? '<category term="' . htmlspecialchars($Category1) . '" />' : ''; $e['category2'] = trim($Category2) ? '<category term="' . htmlspecialchars($Category2) . '" />' : ''; $summary = trim(replace_relative_urls(parse($thisarticle['excerpt']), $permlink)); $content = trim(replace_relative_urls(parse($thisarticle['body']), $permlink)); if ($syndicate_body_or_excerpt) { # short feed: use body as summary if there's no excerpt if (!trim($summary)) { $summary = $content; } $content = ''; } if (trim($content)) { $e['content'] = tag(n . escape_cdata($content) . n, 'content', t_html); } if (trim($summary)) { $e['summary'] = tag(n . escape_cdata($summary) . n, 'summary', t_html); } $articles[$ID] = tag(n . t . t . join(n . t . t, $e) . n . $cb, 'entry'); $etags[$ID] = strtoupper(dechex(crc32($articles[$ID]))); $dates[$ID] = $uLastMod; } } } elseif ($area == 'link') { $cfilter = $category ? "category='" . $category . "'" : '1'; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $rs = safe_rows_start("*", "txp_link", "{$cfilter} order by date desc, id desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); $e['title'] = tag(htmlspecialchars($linkname), 'title', t_html); $e['content'] = tag(n . htmlspecialchars($description) . n, 'content', t_html); $url = preg_replace("/^\\/(.*)/", "https?://{$siteurl}/\$1", $url); $url = preg_replace("/&((?U).*)=/", "&\\1=", $url); $e['link'] = '<link' . r_relalt . t_texthtml . ' href="' . $url . '" />'; $e['issued'] = tag(safe_strftime('w3cdtf', strtotime($date)), 'published'); $e['modified'] = tag(gmdate('Y-m-d\\TH:i:s\\Z', strtotime($date)), 'updated'); $e['id'] = tag('tag:' . $mail_or_domain . ',' . safe_strftime('%Y-%m-%d', strtotime($date)) . ':' . $blog_uid . '/' . $id, 'id'); $articles[$id] = tag(n . t . t . join(n . t . t, $e) . n, 'entry'); $etags[$id] = strtoupper(dechex(crc32($articles[$id]))); $dates[$id] = $date; } } } if (!$articles) { if ($section) { if (safe_field('name', 'txp_section', "name in ('" . join("','", $section) . "')") == false) { txp_die(gTxt('404_not_found'), '404'); } } elseif ($category) { switch ($area) { case 'link': if (safe_field('id', 'txp_category', "name = '{$category}' and type = 'link'") == false) { txp_die(gTxt('404_not_found'), '404'); } break; case 'article': default: if (safe_field('id', 'txp_category', "name in ('" . join("','", $category) . "') and type = 'article'") == false) { txp_die(gTxt('404_not_found'), '404'); } break; } } } else { //turn on compression if we aren't using it already if (extension_loaded('zlib') && ini_get("zlib.output_compression") == 0 && ini_get('output_handler') != 'ob_gzhandler' && !headers_sent()) { // make sure notices/warnings/errors don't fudge up the feed // when compression is used $buf = ''; while ($b = @ob_get_clean()) { $buf .= $b; } @ob_start('ob_gzhandler'); echo $buf; } handle_lastmod(); $hims = serverset('HTTP_IF_MODIFIED_SINCE'); $imsd = $hims ? strtotime($hims) : 0; if (is_callable('apache_request_headers')) { $headers = apache_request_headers(); if (isset($headers["A-IM"])) { $canaim = strpos($headers["A-IM"], "feed"); } else { $canaim = false; } } else { $canaim = false; } $hinm = stripslashes(serverset('HTTP_IF_NONE_MATCH')); $cutarticles = false; if ($canaim !== false) { foreach ($articles as $id => $thing) { if (strpos($hinm, $etags[$id])) { unset($articles[$id]); $cutarticles = true; $cut_etag = true; } if ($dates[$id] < $imsd) { unset($articles[$id]); $cutarticles = true; $cut_time = true; } } } if (isset($cut_etag) && isset($cut_time)) { header("Vary: If-None-Match, If-Modified-Since"); } else { if (isset($cut_etag)) { header("Vary: If-None-Match"); } else { if (isset($cut_time)) { header("Vary: If-Modified-Since"); } } } $etag = @join("-", $etags); if (strstr($hinm, $etag)) { txp_status_header('304 Not Modified'); exit(0); } if ($etag) { header('ETag: "' . $etag . '"'); } if ($cutarticles) { //header("HTTP/1.1 226 IM Used"); //This should be used as opposed to 200, but Apache doesn't like it. //http://intertwingly.net/blog/2004/09/11/Vary-ETag/ says that the status code should be 200. header("Cache-Control: no-store, im"); header("IM: feed"); } } $out = array_merge($out, $articles); header('Content-type: application/atom+xml; charset=utf-8'); return chr(60) . '?xml version="1.0" encoding="UTF-8"?' . chr(62) . n . '<feed xml:lang="' . $language . '" xmlns="http://www.w3.org/2005/Atom">' . join(n, $out) . '</feed>'; }
function image_list($message = '') { global $txpcfg, $extensions, $img_dir, $file_max_upload_size; pagetop(gTxt('images'), $message); extract($txpcfg); extract(get_prefs()); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if (!is_dir(IMPATH) or !is_writeable(IMPATH)) { echo graf(gTxt('img_dir_not_writeable', array('{imgdir}' => IMPATH)), ' id="warning"'); } else { echo upload_form(gTxt('upload_image'), 'upload', 'image_insert', 'image', '', $file_max_upload_size); } $dir = $dir == 'desc' ? 'desc' : 'asc'; switch ($sort) { case 'id': $sort_sql = 'id ' . $dir; break; case 'name': $sort_sql = 'name ' . $dir; break; case 'thumbnail': $sort_sql = 'thumbnail ' . $dir . ', id asc'; break; case 'category': $sort_sql = 'category ' . $dir . ', id asc'; break; case 'date': $sort_sql = 'date ' . $dir . ', id asc'; break; case 'author': $sort_sql = 'author ' . $dir . ', id asc'; break; default: $dir = 'desc'; $sort_sql = 'id ' . $dir; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "id = '{$crit_escaped}'", 'name' => "name like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('txp_image', "{$criteria}"); if ($total < 1) { if ($criteria != 1) { echo n . image_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' style="text-align: center;"'); } else { echo n . graf(gTxt('no_images_recorded'), ' style="text-align: center;"'); } return; } $limit = max(@$image_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo image_search_form($crit, $search_method); $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_image', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}\n\t\t"); if ($rs) { echo n . n . startTable('list') . n . tr(column_head('ID', 'id', 'image', true, $switch_dir, $crit, $search_method) . hCell() . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method) . column_head('name', 'name', 'image', true, $switch_dir, $crit, $search_method) . column_head('thumbnail', 'thumbnail', 'image', true, $switch_dir, $crit, $search_method) . hCell(gTxt('tags')) . column_head('image_category', 'category', 'image', true, $switch_dir, $crit, $search_method) . column_head('author', 'author', 'image', true, $switch_dir, $crit, $search_method) . hCell()); while ($a = nextRow($rs)) { extract($a); $edit_url = '?event=image' . a . 'step=image_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit; $name = empty($name) ? gTxt('unnamed') : $name; $thumbnail = $thumbnail ? '<img src="' . hu . $img_dir . '/' . $id . 't' . $ext . '" />' : gTxt('no'); $tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption); $category = $category ? '<span title="' . fetch_category_title($category, 'image') . '">' . $category . '</span>' : ''; echo n . n . tr(n . td($id, 20) . td(n . '<ul>' . n . t . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . n . t . '<li><a href="' . hu . $img_dir . '/' . $id . $ext . '">' . gTxt('view') . '</a></li>' . n . '</ul>', 35) . td(safe_strftime('%d %b %Y %I:%M %p', $uDate), 75) . td(href($name, $edit_url), 75) . td($thumbnail, 75) . td('<ul>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href); return false;">Textile</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href); return false;">Textpattern</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href); return false;">XHTML</a></li>' . '</ul>', 85) . td($category, 75) . td('<span title="' . get_author_name($author) . '">' . $author . '</span>', 75) . td(dLink('image', 'image_delete', 'id', $id), 10)); } echo endTable() . nav_form('image', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('image', $image_list_pageby); } }