$ccms['complete_page_url'] = $ccms['urlpage'] . '.html';
$ccms['pagetitle'] .= ' : ' . $ccms['lang']['news']['viewarchive'];
//$ccms['subheader'] = $row->subheader;
//$ccms['desc'] = $rsNews->newsContent;
//$ccms['keywords'] = $row->keywords;
$ccms['title'] = ucfirst($ccms['pagetitle']) . " - " . $ccms['sitename'] . " | " . $ccms['subheader'];
$preview_qry = $preview_checkcode ? '?preview=' . $preview_checkcode : '';
$i = 0;
foreach ($newsrows as $rsNews) {
// Filter spaces, non-file characters and account for UTF-8
$newsTitle = cvt_text2legibleURL($rsNews->newsTitle);
?>
<div class="news-item-short">
<h3>→ <a href="<?php
echo $cfg['rootdir'] . $page_name . '/' . rm0lead($rsNews->newsID) . '-' . $newsTitle . '.html' . $preview_qry;
?>
"><?php
echo $rsNews->newsTitle;
?>
</a></h3>
<div class="news-timestamp"><?php
echo strftime('%Y-%m-%d', strtotime($rsNews->newsModified));
?>
– <?php
echo $rsNews->userFirst . ' ' . $rsNews->userLast;
?>
</div>
<p class="news-teaser"><?php
echo $rsNews->newsTeaser;
?>
echo $showteaser != 0 ? 'checked="checked"' : null;
?>
value="1" id="show_teaser1" />
</label>
<label><?php
echo $ccms['lang']['backend']['no'];
?>
<input type="radio" name="show_teaser" <?php
echo $showteaser == 0 ? 'checked="checked"' : null;
?>
value="0" id="show_teaser0" />
</label>
</div>
<?php
if ($rsCfg !== false) {
echo '<input type="hidden" name="cfgID" value="' . rm0lead($rsCfg->cfgID) . '" id="cfgID" />';
}
?>
<input type="hidden" name="page_id" value="<?php
echo $page_id;
?>
" id="page_id" />
<div class="right">
<button type="submit"><span class="ss_sprite_16 ss_disk"> </span><?php
echo $ccms['lang']['forms']['savebutton'];
?>
</button>
<a class="button" href="../../../admin/index.php" onClick="return confirmation();" title="<?php
echo $ccms['lang']['editor']['cancelbtn'];
?>
"><span class="ss_sprite_16 ss_cross"> </span><?php
* when their IDs are substrings, e.g. user #1 will
* have everything user #11 has as well.
*
* if(strstr($pages[$i]['user_ids'], $users[$ar2]['userID'])!==false)
*
* Hence the code is replaced with an explode plus
* array scan. Another way to solve would be padding
* the rights string with leading and trailing '||'
* and then regex matching against "/||$userid||/".
*/
if (in_array(rm0lead($users[$ar2]['userID']), $users_owning_page)) {
echo 'checked="checked"';
}
?>
value="<?php
echo rm0lead($users[$ar2]['userID']) . '||' . rm0lead($pages[$i]['page_id']);
?>
" id="<?php
echo $i . '_' . $ar2;
?>
" />
</label>
</td>
<?php
}
?>
</tr>
<?php
}
?>
</table>
<![endif]-->
</head>
<body>
<div class="module" id="edit-page">
<h2><?php
echo $ccms['lang']['backend']['editpage'] . ' ' . $name . '<em>.html</em>';
?>
</h2>
<p><?php
echo $ccms['lang']['editor']['instruction'];
?>
</p>
<form action="editor.Process.php?page_id=<?php
echo rm0lead($row->page_id);
?>
&action=save-changes" method="post" name="save">
<textarea id="<?php
echo $textarea_id;
?>
" name="content" style="width: 100%"><?php
echo htmlspecialchars(trim($contents), ENT_COMPAT, 'UTF-8');
?>
</textarea>
<!--<br/>-->
<label for="keywords"><?php
echo $ccms['lang']['editor']['keywords'];
?>
</label>
<input type="input" class="text span-25" maxlength="250" name="keywords" value="<?php
<input type="checkbox" name="userID[]" value="<?php
echo rm0lead($row['userID']);
?>
" id="userID" />
<?php
} else {
echo " ";
}
?>
</td>
<td>
<?php
if ($_SESSION['ccms_userID'] == rm0lead($row['userID']) || $perm->is_level_okay('manageUsers', $_SESSION['ccms_userLevel']) && $_SESSION['ccms_userLevel'] >= $row['userLevel']) {
?>
<a href="user-management.Edit.php?userID=<?php
echo rm0lead($row['userID']);
?>
"><span class="ss_sprite_16 ss_user_edit"> </span><?php
echo $row['userName'];
?>
</a>
<?php
} else {
echo $row['userName'];
}
?>
</td>
<td><?php
echo substr($row['userFirst'], 0, 1);
?>
. <?php
<input type="text" class="minLength:3 text span-25" name="newsTitle" value="<?php
echo isset($news) ? $news->newsTitle : null;
?>
" id="newsTitle"/>
</td>
<td>
<select name="newsAuthor" class="required text span-25" id="newsAuthor">
<?php
$userlist = $db->SelectObjects($cfg['db_prefix'] . 'users');
if ($userlist === false) {
$db->Kill();
}
foreach ($userlist as $user) {
?>
<option value="<?php
echo rm0lead($user->userID);
?>
" <?php
echo isset($news) && $user->userID == $news->userID ? 'selected="selected"' : null;
?>
><?php
echo $user->userFirst . ' ' . $user->userLast;
?>
</option>
<?php
}
?>
</select>
</td>
<td class="nowrap">
<input type="text" class="required text" name="newsModified" value="<?php
function mk_unique_page_id($page_id)
{
static $count;
if (empty($count)) {
$count = 1;
} else {
$count++;
}
return 'pageitem' . $count . '-' . rm0lead($page_id);
}
/**
* Accepts any number
*/
function filterParam4Number($value, $def = null)
{
if (!isset($value)) {
return $def;
}
$value = trim(strval($value));
// force cast to string before we do anything
if (empty($value)) {
return $def;
}
// see if the value is a valid integer (plus or minus)
$value = rm0lead($value);
$numval = is_numeric($value) ? intval($value) : null;
if (strval($numval) !== $value) {
// no full match for the integer check, so this is a non-numeric string:
return $def;
} else {
return $numval;
}
}
