function ajaxpreview($params) { global $gCms; $urlext = '?' . CMS_SECURE_PARAM_NAME . '=' . $_SESSION[CMS_USER_KEY]; $config =& $gCms->GetConfig(); $contentops =& $gCms->GetContentOperations(); $content_type = $params['content_type']; $contentops->LoadContentType($content_type); $contentobj = UnserializeObject($params["serialized_content"]); if (strtolower(get_class($contentobj)) != strtolower($content_type)) { copycontentobj($contentobj, $content_type, $params); } updatecontentobj($contentobj, true, $params); $tmpfname = createtmpfname($contentobj); // str_replace is because of stupid windows machines.... when will they die. $_SESSION['cms_preview'] = str_replace('\\', '/', $tmpfname); $tmpvar = substr(str_shuffle(md5($tmpfname)), -3); $url = $config["root_url"] . '/index.php?' . $config['query_var'] . "=__CMS_PREVIEW_PAGE__&r={$tmpvar}"; // temporary $objResponse = new xajaxResponse(); $objResponse->assign("previewframe", "src", $url); $objResponse->assign("serialized_content", "value", SerializeObject($contentobj)); $count = 0; foreach ($contentobj->TabNames() as $tabname) { $objResponse->script("Element.removeClassName('editab" . $count . "', 'active');Element.removeClassName('editab" . $count . "_c', 'active');\$('editab" . $count . "_c').style.display = 'none';"); $count++; } $objResponse->script("Element.addClassName('edittabpreview', 'active');Element.addClassName('edittabpreview_c', 'active');\$('edittabpreview_c').style.display = '';"); return $objResponse; }
$xajax->processRequest(); // validate the content type we want... if (isset($existingtypes) && count($existingtypes) > 0 && in_array($content_type, array_keys($existingtypes))) { // woot, it's a valid content type } else { redirect("listcontent.php" . $urlext . "&page=" . $pagelist_id . '&error=error_contenttype'); } try { if ($content_id != -1 && strtolower(get_class($contentobj)) != strtolower($content_type)) { // content type change... // this also updates the content object with the POST params. copycontentobj($contentobj, $content_type); } else { if (strtoupper($_SERVER['REQUEST_METHOD']) == 'POST') { // we posted... so update the content object. updatecontentobj($contentobj); } } cms_utils::set_app_data('editing_content', $contentobj); } catch (CmsEditContentException $e) { $error = $e->getMessage(); } if ($submit || $apply) { try { // Fill contentobj with parameters // $contentobj->SetProperties(); // calguy should not be necessary $contentobj->FillParams($_POST, true); $error = $contentobj->ValidateData(); if ($error === FALSE) { $contentobj->SetLastModifiedBy(get_userid()); $contentobj->Save();