<?php
if (!session_admin() && session_role() != 'member') {
header('Location: ' . site_prefix() . '/index/ihome');
exit;
}
class SiteblogEditForm extends MailForm
{
function SiteblogEditForm()
{
parent::MailForm();
global $cgi;
$refer = $_SERVER['HTTP_REFERER'];
$this->parseSettings('inc/app/siteblog/forms/edit/settings.php');
$this->widgets['refer']->setValue($refer);
//if add is true, we're creating a blog post, otherwise we're editing a blog post
$add = isset($cgi->_key) && !empty($cgi->_key) ? false : true;
$this->widgets['status']->setValues(array('Live', 'Not Live'));
$cats = db_pairs('select id, title from siteblog_category where status = "on"');
if ($add) {
page_title('Adding a Blog Post');
$this->widgets['author']->setValue(session_username());
unset($this->widgets['icategory']);
$this->widgets['category']->setValues($cats);
} else {
loader_import('cms.Versioning.Rex');
$rex = new Rex('siteblog_post');
$document = $rex->getCurrent($cgi->_key);
page_title('Editing a Blog Post');
//populate fields
$this->widgets['subject']->setValue($document->subject);
<?php
$types = array('users' => 'user', 'roles' => 'role', 'teams' => 'team', 'resources' => 'resource', 'statuses' => 'status', 'accesslevels' => 'access', 'prefs' => 'pref');
$names = array('users' => 'user', 'roles' => 'role', 'teams' => 'team', 'resources' => 'resource', 'statuses' => 'status', 'accesslevels' => 'access level', 'prefs' => 'preference');
global $cgi;
if (!in_array($cgi->_list, array_keys($types))) {
header('Location: ' . site_prefix() . '/index/usradm-browse-action');
exit;
}
if ($cgi->_list == 'roles' && $cgi->_key == session_role()) {
header('Location: ' . site_prefix() . '/index/usradm-browse-action?list=' . $cgi->_list . '&_msg=' . urlencode('Cannot delete the specified role, because it is the role of the current user.'));
exit;
}
if ($cgi->_list == 'teams' && $cgi->_key == session_team()) {
header('Location: ' . site_prefix() . '/index/usradm-browse-action?list=' . $cgi->_list . '&_msg=' . urlencode('Cannot delete the specified team, because it is the team of the current user.'));
exit;
}
$snm =& session_get_manager();
$snm->{$types[$cgi->_list]}->delete($cgi->_key);
header('Location: ' . site_prefix() . '/index/usradm-browse-action?list=' . $cgi->_list);
exit;
/**
* Returns the display HTML for this widget. The optional
* parameter determines whether or not to automatically display the widget
* nicely, or whether to simply return the widget (for use in a template).
*
* @access public
* @param boolean $generate_html
* @return string
*
*/
function display($generate_html = 0)
{
global $intl, $simple;
if (!isset($this->data_value)) {
$this->data_value = $this->default_value;
}
$attrstr = $this->getAttrs();
if (empty($this->data_value)) {
$this->data_value = session_team();
}
if (empty($this->owner)) {
$this->owner = $this->getOwner($this->owner);
}
if (session_role() == 'master') {
// allow all
$this->value = assocify(session_get_teams());
} elseif (session_username() == $this->owner) {
// allow specific ones
$this->value = assocify(session_allowed_teams_list(true));
} else {
// show info instead
loader_import('saf.MailForm.Widget.Info');
$info = new MF_Widget_info($this->name);
$info->extra = $this->extra;
$info->setValue($this->data_value);
return $info->display($generate_html);
}
asort($this->value);
$adv = $this->advanced ? ' class="advanced"' : '';
if ($generate_html) {
$data = "\t" . '<tr' . $adv . '>' . "\n\t\t" . '<td class="label"><label for="' . $this->name . '" id="' . $this->name . '-label"' . $this->invalid() . '>' . $simple->fill($this->label_template, $this, '', true) . '</label></td>' . "\n\t\t" . '<td class="field"><select ' . $attrstr . ' ' . $this->extra . ' >' . "\n";
foreach ($this->value as $value => $display) {
$display = str_replace('_', ' ', ucwords($display));
if ($value == $this->data_value) {
$selected = ' selected="selected"';
} else {
$selected = '';
}
$data .= "\t" . '<option value="' . $value . '"' . $selected . '>' . $display . '</option>' . "\n";
}
return $data . '</select></td>' . "\n\t" . '</tr>' . "\n";
} else {
$data = '<select ' . $attrstr . ' ' . $this->extra . ' >' . "\n";
foreach ($this->value as $value => $display) {
$display = str_replace('_', ' ', ucwords($display));
if ($value == $this->data_value) {
$selected = ' selected="selected"';
} else {
$selected = '';
}
$data .= "\t" . '<option value="' . htmlentities_compat($value, ENT_COMPAT, $intl->charset) . '"' . $selected . '>' . $display . '</option>' . "\n";
}
return $data . '</select>';
}
}
<?php
global $cgi;
foreach ($parameters as $k => $p) {
$cgi->{$k} = $p;
}
loader_import('cms.Versioning.Rex');
$rex = new Rex('siteblog_post');
loader_import('siteblog.Filters');
page_add_style('/inc/app/siteblog/html/post.css');
if (session_admin() || session_role() == 'member') {
if (!empty($cgi->category)) {
echo template_simple('buttons.spt', array('category_only' => true, 'blog' => $cgi->category));
} else {
echo template_simple('buttons.spt', array('category_only' => false));
}
}
if (!empty($cgi->template)) {
$template = $cgi->template;
} else {
$template = 'post.spt';
}
if (!empty($cgi->maxlen)) {
$maxlen = $cgi->maxlen;
} else {
$maxlen = false;
}
$tproperties = db_fetch_array('select * from siteblog_category');
foreach ($tproperties as $t) {
$properties[$t->id] = array('poster_visible' => $t->poster_visible, 'comments' => $t->comments);
}
<?php
global $page, $cgi;
if (!session_admin()) {
return;
}
if (!isset($parameters['collection'])) {
$parameters['collection'] = 'sitellite_page';
}
if (session_role() == 'translator') {
loader_import('cms.Versioning.Rex');
$rex = new Rex($parameters['collection']);
$parameters['type'] = intl_get($rex->info['Collection']['singular']);
if (empty($parameters['id'])) {
$parameters['id'] = $cgi->page;
}
echo template_simple('buttons/translator.spt', $parameters);
return;
}
if (session_is_resource($parameters['collection']) && !session_allowed($parameters['collection'], 'rw', 'resource')) {
return;
}
loader_import('cms.Versioning.Rex');
$rex = new Rex($parameters['collection']);
if (!$rex->collection) {
return;
}
if (isset($parameters['object'])) {
$obj = (array) $parameters['object'];
if (isset($obj['sitellite_status'])) {
$parameters['status'] = $obj['sitellite_status'];
