?> </tbody> </table> </div> <?php $mitsuba->admin->ui->endSection(); ?> <?php } else { $mitsuba->admin->ui->checkToken($_POST['token']); $text = processEntry($conn, $_POST['text']); $who = $_SESSION['username']; if (!empty($_POST['who'])) { $who = $_POST['who']; } $conn->query("INSERT INTO news (date, who, title, text, mod_id) VALUES (" . time() . ", '" . $who . "', '" . $conn->real_escape_string(htmlspecialchars($_POST['title'])) . "', '" . $text . "', " . $_SESSION['id'] . ");"); $mitsuba->caching->generateNews(); ?> <?php $mitsuba->admin->ui->startSection($lang['mod/post_added']); ?> <a href="?/news"><?php echo $lang['mod/back']; ?>
function processEntries(&$entries) { foreach ($entries as $k => $v) { processEntry($entries, $k); } }
if (empty($ip)) { $mitsuba->admin->ui->startSection($lang['mod/no_ip']); ?> <a href="?/ipnotes"><?php echo $lang['mod/back']; ?> </a> <?php $mitsuba->admin->ui->endSection(); ?> <?php } else { if (!empty($ip) && !empty($_POST['note'])) { $mitsuba->admin->ui->checkToken($_POST['token']); $note = processEntry($conn, $_POST['note']); $conn->query("INSERT INTO ip_notes (ip, text, created, mod_id) VALUES ('" . $ip . "', '" . $note . "', " . time() . ", " . $_SESSION['id'] . ")"); $mitsuba->admin->ui->startSection($lang['mod/ip_note_added']); ?> <a href="?/ipnotes"><?php echo $lang['mod/back']; ?> </a> <?php $mitsuba->admin->ui->endSection(); ?> <?php } } if (empty($_POST['note'])) {
/** * Veryfy and process requested actions in the admin. */ private function controllers() { // Exit the method if $_GET['page'] isn't set. if (!isset($_GET['page'])) { return; } if (!isset($_GET['action'])) { return; } global $connections; include_once dirname(__FILE__) . '/includes/inc.processes.php'; $form = new cnFormObjects(); switch ($_GET['page']) { case 'connections': if ($_GET['action']) { switch ($_GET['action']) { case 'add': /* * Check whether the current user can add an entry. */ if (current_user_can('connections_add_entry')) { check_admin_referer($form->getNonce('add_entry'), '_cn_wpnonce'); processEntry($_POST, 'add'); wp_redirect('admin.php?page=connections&action=add_new&display_messages=true'); } else { $connections->setErrorMessage('capability_add'); } break; case 'update': /* * Check whether the current user can edit an entry. */ if (current_user_can('connections_edit_entry')) { check_admin_referer($form->getNonce('update_entry'), '_cn_wpnonce'); processEntry($_POST, 'update'); wp_redirect('admin.php?page=connections&display_messages=true'); } else { $connections->setErrorMessage('capability_edit'); } break; case 'delete': /* * Check whether the current user delete an entry. */ if (current_user_can('connections_delete_entry')) { processDeleteEntry(); wp_redirect('admin.php?page=connections&display_messages=true'); } else { $connections->setErrorMessage('capability_delete'); } break; case 'filter': check_admin_referer('filter'); processSetUserFilter(); break; case 'do': switch ($_POST['action']) { case 'delete': /* * Check whether the current user delete an entry. */ if (current_user_can('connections_delete_entry')) { check_admin_referer($form->getNonce('bulk_action'), '_cn_wpnonce'); processDeleteEntries(); wp_redirect('admin.php?page=connections&display_messages=true'); } else { $connections->setErrorMessage('capability_delete'); } break; case 'public': case 'private': case 'unlisted': /* * Check whether the current user can edit entries. */ if (current_user_can('connections_edit_entry')) { check_admin_referer($form->getNonce('bulk_action'), '_cn_wpnonce'); processSetEntryVisibility(); wp_redirect('admin.php?page=connections&display_messages=true'); } else { $connections->setErrorMessage('capability_edit'); } break; } if (isset($_POST['filter'])) { check_admin_referer($form->getNonce('bulk_action'), '_cn_wpnonce'); processSetUserFilter(); wp_redirect('admin.php?page=connections&display_messages=true'); } break; } } break; case 'connections_add': /* * Check whether user can add entries */ if (current_user_can('connections_add_entry')) { if ($_POST['save'] && $_GET['action'] === 'add') { check_admin_referer($form->getNonce('add_entry'), '_cn_wpnonce'); processEntry($_POST, 'add'); wp_redirect('admin.php?page=connections_add&display_messages=true'); } } else { $connections->setErrorMessage('capability_add'); } break; case 'connections_categories': /* * Check whether user can edit Settings */ if (current_user_can('connections_edit_categories')) { if ($_GET['action']) { switch ($_GET['action']) { case 'add': check_admin_referer($form->getNonce('add_category'), '_cn_wpnonce'); processAddCategory(); wp_redirect('admin.php?page=connections_categories&display_messages=true'); break; case 'update': check_admin_referer($form->getNonce('update_category'), '_cn_wpnonce'); processUpdateCategory(); wp_redirect('admin.php?page=connections_categories&display_messages=true'); break; case 'delete': processDeleteCategory('delete'); wp_redirect('admin.php?page=connections_categories&display_messages=true'); break; case 'bulk_delete': check_admin_referer($form->getNonce('bulk_delete_category'), '_cn_wpnonce'); processDeleteCategory('bulk_delete'); wp_redirect('admin.php?page=connections_categories&display_messages=true'); break; } } } else { $connections->setErrorMessage('capability_categories'); } break; case 'connections_settings': /* * Check whether user can edit Settings */ if (current_user_can('connections_change_settings')) { if ($_POST['save'] && $_GET['action'] === 'update_settings') { check_admin_referer($form->getNonce('update_settings'), '_cn_wpnonce'); updateSettings(); wp_redirect('admin.php?page=connections_settings&display_messages=true'); } } else { $connections->setErrorMessage('capability_settings'); } break; case 'connections_templates': /* * Check whether user can manage Templates */ if (current_user_can('connections_manage_template')) { if ($_GET['action']) { switch ($_GET['action']) { case 'activate': processActivateTemplate(); !isset($_GET['type']) ? $tab = 'all' : ($tab = esc_attr($_GET['type'])); wp_redirect('admin.php?page=connections_templates&type=' . $tab . '&display_messages=true'); break; case 'install': check_admin_referer($form->getNonce('install_template'), '_cn_wpnonce'); processInstallTemplate(); !isset($_GET['type']) ? $tab = 'all' : ($tab = esc_attr($_GET['type'])); wp_redirect('admin.php?page=connections_templates&type=' . $tab . '&display_messages=true'); break; case 'delete': processDeleteTemplate(); !isset($_GET['type']) ? $tab = 'all' : ($tab = esc_attr($_GET['type'])); wp_redirect('admin.php?page=connections_templates&type=' . $tab . '&display_messages=true'); break; } } } else { // @TODO: Create template specific error message. $connections->setErrorMessage('capability_settings'); } break; case 'connections_roles': /* * Check whether user can edit roles */ if (current_user_can('connections_change_roles')) { if ($_POST['save'] && $_GET['action'] === 'update_role_settings') { check_admin_referer($form->getNonce('update_role_settings'), '_cn_wpnonce'); updateRoleSettings(); wp_redirect('admin.php?page=connections_roles&display_messages=true'); } } else { $connections->setErrorMessage('capability_roles'); } break; } }