?>
</tbody>
</table>
</div>
<?php
$mitsuba->admin->ui->endSection();
?>
<?php
} else {
$mitsuba->admin->ui->checkToken($_POST['token']);
$text = processEntry($conn, $_POST['text']);
$who = $_SESSION['username'];
if (!empty($_POST['who'])) {
$who = $_POST['who'];
}
$conn->query("INSERT INTO news (date, who, title, text, mod_id) VALUES (" . time() . ", '" . $who . "', '" . $conn->real_escape_string(htmlspecialchars($_POST['title'])) . "', '" . $text . "', " . $_SESSION['id'] . ");");
$mitsuba->caching->generateNews();
?>
<?php
$mitsuba->admin->ui->startSection($lang['mod/post_added']);
?>
<a href="?/news"><?php
echo $lang['mod/back'];
?>
function processEntries(&$entries)
{
foreach ($entries as $k => $v) {
processEntry($entries, $k);
}
}
if (empty($ip)) {
$mitsuba->admin->ui->startSection($lang['mod/no_ip']);
?>
<a href="?/ipnotes"><?php
echo $lang['mod/back'];
?>
</a>
<?php
$mitsuba->admin->ui->endSection();
?>
<?php
} else {
if (!empty($ip) && !empty($_POST['note'])) {
$mitsuba->admin->ui->checkToken($_POST['token']);
$note = processEntry($conn, $_POST['note']);
$conn->query("INSERT INTO ip_notes (ip, text, created, mod_id) VALUES ('" . $ip . "', '" . $note . "', " . time() . ", " . $_SESSION['id'] . ")");
$mitsuba->admin->ui->startSection($lang['mod/ip_note_added']);
?>
<a href="?/ipnotes"><?php
echo $lang['mod/back'];
?>
</a>
<?php
$mitsuba->admin->ui->endSection();
?>
<?php
}
}
if (empty($_POST['note'])) {
/**
* Veryfy and process requested actions in the admin.
*/
private function controllers()
{
// Exit the method if $_GET['page'] isn't set.
if (!isset($_GET['page'])) {
return;
}
if (!isset($_GET['action'])) {
return;
}
global $connections;
include_once dirname(__FILE__) . '/includes/inc.processes.php';
$form = new cnFormObjects();
switch ($_GET['page']) {
case 'connections':
if ($_GET['action']) {
switch ($_GET['action']) {
case 'add':
/*
* Check whether the current user can add an entry.
*/
if (current_user_can('connections_add_entry')) {
check_admin_referer($form->getNonce('add_entry'), '_cn_wpnonce');
processEntry($_POST, 'add');
wp_redirect('admin.php?page=connections&action=add_new&display_messages=true');
} else {
$connections->setErrorMessage('capability_add');
}
break;
case 'update':
/*
* Check whether the current user can edit an entry.
*/
if (current_user_can('connections_edit_entry')) {
check_admin_referer($form->getNonce('update_entry'), '_cn_wpnonce');
processEntry($_POST, 'update');
wp_redirect('admin.php?page=connections&display_messages=true');
} else {
$connections->setErrorMessage('capability_edit');
}
break;
case 'delete':
/*
* Check whether the current user delete an entry.
*/
if (current_user_can('connections_delete_entry')) {
processDeleteEntry();
wp_redirect('admin.php?page=connections&display_messages=true');
} else {
$connections->setErrorMessage('capability_delete');
}
break;
case 'filter':
check_admin_referer('filter');
processSetUserFilter();
break;
case 'do':
switch ($_POST['action']) {
case 'delete':
/*
* Check whether the current user delete an entry.
*/
if (current_user_can('connections_delete_entry')) {
check_admin_referer($form->getNonce('bulk_action'), '_cn_wpnonce');
processDeleteEntries();
wp_redirect('admin.php?page=connections&display_messages=true');
} else {
$connections->setErrorMessage('capability_delete');
}
break;
case 'public':
case 'private':
case 'unlisted':
/*
* Check whether the current user can edit entries.
*/
if (current_user_can('connections_edit_entry')) {
check_admin_referer($form->getNonce('bulk_action'), '_cn_wpnonce');
processSetEntryVisibility();
wp_redirect('admin.php?page=connections&display_messages=true');
} else {
$connections->setErrorMessage('capability_edit');
}
break;
}
if (isset($_POST['filter'])) {
check_admin_referer($form->getNonce('bulk_action'), '_cn_wpnonce');
processSetUserFilter();
wp_redirect('admin.php?page=connections&display_messages=true');
}
break;
}
}
break;
case 'connections_add':
/*
* Check whether user can add entries
*/
if (current_user_can('connections_add_entry')) {
if ($_POST['save'] && $_GET['action'] === 'add') {
check_admin_referer($form->getNonce('add_entry'), '_cn_wpnonce');
processEntry($_POST, 'add');
wp_redirect('admin.php?page=connections_add&display_messages=true');
}
} else {
$connections->setErrorMessage('capability_add');
}
break;
case 'connections_categories':
/*
* Check whether user can edit Settings
*/
if (current_user_can('connections_edit_categories')) {
if ($_GET['action']) {
switch ($_GET['action']) {
case 'add':
check_admin_referer($form->getNonce('add_category'), '_cn_wpnonce');
processAddCategory();
wp_redirect('admin.php?page=connections_categories&display_messages=true');
break;
case 'update':
check_admin_referer($form->getNonce('update_category'), '_cn_wpnonce');
processUpdateCategory();
wp_redirect('admin.php?page=connections_categories&display_messages=true');
break;
case 'delete':
processDeleteCategory('delete');
wp_redirect('admin.php?page=connections_categories&display_messages=true');
break;
case 'bulk_delete':
check_admin_referer($form->getNonce('bulk_delete_category'), '_cn_wpnonce');
processDeleteCategory('bulk_delete');
wp_redirect('admin.php?page=connections_categories&display_messages=true');
break;
}
}
} else {
$connections->setErrorMessage('capability_categories');
}
break;
case 'connections_settings':
/*
* Check whether user can edit Settings
*/
if (current_user_can('connections_change_settings')) {
if ($_POST['save'] && $_GET['action'] === 'update_settings') {
check_admin_referer($form->getNonce('update_settings'), '_cn_wpnonce');
updateSettings();
wp_redirect('admin.php?page=connections_settings&display_messages=true');
}
} else {
$connections->setErrorMessage('capability_settings');
}
break;
case 'connections_templates':
/*
* Check whether user can manage Templates
*/
if (current_user_can('connections_manage_template')) {
if ($_GET['action']) {
switch ($_GET['action']) {
case 'activate':
processActivateTemplate();
!isset($_GET['type']) ? $tab = 'all' : ($tab = esc_attr($_GET['type']));
wp_redirect('admin.php?page=connections_templates&type=' . $tab . '&display_messages=true');
break;
case 'install':
check_admin_referer($form->getNonce('install_template'), '_cn_wpnonce');
processInstallTemplate();
!isset($_GET['type']) ? $tab = 'all' : ($tab = esc_attr($_GET['type']));
wp_redirect('admin.php?page=connections_templates&type=' . $tab . '&display_messages=true');
break;
case 'delete':
processDeleteTemplate();
!isset($_GET['type']) ? $tab = 'all' : ($tab = esc_attr($_GET['type']));
wp_redirect('admin.php?page=connections_templates&type=' . $tab . '&display_messages=true');
break;
}
}
} else {
// @TODO: Create template specific error message.
$connections->setErrorMessage('capability_settings');
}
break;
case 'connections_roles':
/*
* Check whether user can edit roles
*/
if (current_user_can('connections_change_roles')) {
if ($_POST['save'] && $_GET['action'] === 'update_role_settings') {
check_admin_referer($form->getNonce('update_role_settings'), '_cn_wpnonce');
updateRoleSettings();
wp_redirect('admin.php?page=connections_roles&display_messages=true');
}
} else {
$connections->setErrorMessage('capability_roles');
}
break;
}
}
