public static function &get_instance()
{
if (!isset(self::$_instance)) {
self::$_instance = new UserTagOperations();
}
return self::$_instance;
}
/**
* Add or update a named user defined tag into the database
*
* @param string $name User defined tag name
* @param string $text Body of user defined tag
*
* @return mixed If successful, true. If it fails, false.
*/
function SetUserTag($name, $text)
{
global $gCms;
$db =& $gCms->GetDb();
$existing = UserTagOperations::GetUserTag($name);
if (!$existing) {
$query = "INSERT INTO " . cms_db_prefix() . "userplugins (userplugin_name, code, create_date, modified_date) VALUES (?,?," . $db->DBTimeStamp(time()) . "," . $db->DBTimeStamp(time()) . ")";
$result = $db->Execute($query, array($name, $text));
if ($result) {
return true;
} else {
return false;
}
} else {
$query = 'UPDATE ' . cms_db_prefix() . 'userplugins SET code = ?, modified_date = ' . $db->DBTimeStamp(time()) . ' WHERE userplugin_name = ?';
$result = $db->Execute($query, array($text, $name));
if ($result) {
return true;
} else {
return false;
}
}
}
echo "<table cellspacing=\"0\" class=\"pagetable\">\n";
echo '<thead>';
echo "<tr>\n";
echo "<th>" . lang('name') . "</th>\n";
echo "<th>" . lang('description') . "</th>\n";
echo "<th class=\"pageicon\"> </th>\n";
echo "<th class=\"pageicon\"> </th>\n";
echo "<th class=\"pageicon\"> </th>\n";
echo "</tr>\n";
echo '</thead>';
echo '<tbody>';
$curclass = "row1";
$tags = UserTagOperations::get_instance()->ListUserTags();
if (count($tags)) {
foreach ($tags as $oneplugin => $label) {
$tag = UserTagOperations::get_instance()->GetUserTag($oneplugin);
echo "<tr class=\"" . $curclass . "\">\n";
echo "<td><a href=\"edituserplugin.php" . $urlext . "&userplugin_id=" . $oneplugin . "\">{$label}</a></td>\n";
echo "<td>" . listudt_summarize($tag['description'], 20) . "</td>\n";
echo "<td class=\"icons_wide\"><a href=\"runuserplugin.php" . $urlext . "&userplugin_id=" . $oneplugin . "\">";
echo $themeObject->DisplayImage('icons/system/run.gif', lang('run_udt'), '', '', 'systemicon') . "</a></td>\n";
echo "<td class=\"icons_wide\"><a href=\"edituserplugin.php" . $urlext . "&userplugin_id=" . $oneplugin . "\">";
echo $themeObject->DisplayImage('icons/system/edit.gif', lang('edit'), '', '', 'systemicon');
echo "</a></td>\n";
echo "<td class=\"icons_wide\"><a href=\"deleteuserplugin.php" . $urlext . "&userplugin_id=" . $oneplugin . "\" onclick=\"return confirm('" . cms_html_entity_decode_utf8(lang('deleteconfirm', $oneplugin), true) . "');\">";
echo $themeObject->DisplayImage('icons/system/delete.gif', lang('delete'), '', '', 'systemicon');
echo "</a></td>\n";
echo "</tr>\n";
$curclass == "row1" ? $curclass = "row2" : ($curclass = "row1");
}
}
function smarty_core_load_plugins($params, &$smarty)
{
foreach ($params['plugins'] as $_plugin_info) {
$_noadd = FALSE;
$_cachable = TRUE;
$_plugin = null;
list($_type, $_name, $_tpl_file, $_tpl_line, $_delayed_loading) = $_plugin_info;
if (empty($_name)) {
continue;
}
// test this.
if (isset($smarty->_plugins[$_type][$_name])) {
if (empty($smarty->_plugins[$_type][$_name][3])) {
if (!is_callable($smarty->_plugins[$_type][$_name][0])) {
$smarty->_trigger_fatal_error("[plugin] {$_type} '{$_name}' is not implemented", $_tpl_file, $_tpl_line, __FILE__, __LINE__);
} else {
$smarty->_plugins[$_type][$_name][1] = $_tpl_file;
$smarty->_plugins[$_type][$_name][2] = $_tpl_line;
$smarty->_plugins[$_type][$_name][3] = true;
if (!isset($smarty->_plugins[$_type][$_name][4])) {
$smarty->_plugins[$_type][$_name][4] = true;
}
/* cacheable */
}
}
continue;
} else {
if ($_type == 'insert') {
/*
* For backwards compatibility, we check for insert functions in
* the symbol table before trying to load them as a plugin.
*/
$_plugin_func = 'insert_' . $_name;
if (function_exists($_plugin_func)) {
$_plugin = array($_plugin_func, $_tpl_file, $_tpl_line, true, false);
continue;
}
}
}
$_plugin_file = $smarty->_get_plugin_filepath($_type, $_name);
if (!($_found = $_plugin_file != false)) {
$_message = "could not load plugin file '{$_type}.{$_name}.php'\n";
}
/*
* If plugin file is found, it -must- provide the properly named
* plugin function. In case it doesn't, simply output the error and
* do not fall back on any other method.
*/
if ($_found) {
// its a plugin
include_once $_plugin_file;
$_plugin_func = 'smarty_' . $_type . '_' . $_name;
$_cms_plugin_func = 'smarty_cms_' . $_type . '_' . $_name;
if (!function_exists($_cms_plugin_func) && !function_exists($_plugin_func)) {
$smarty->_trigger_fatal_error("[plugin] function {$_plugin_func}() not found in {$_plugin_file}", $_tpl_file, $_tpl_line, __FILE__, __LINE__);
continue;
}
if (!is_callable($_plugin_func) && is_callable($_cms_plugin_func)) {
// CMS Made Simple plugins start with smarty_cms instead of just smarty
$_plugin_func = $_cms_plugin_func;
}
}
if (!$_found) {
// is it a module plugin?
$_found = smarty_core_get_module_plugin($_name, $smarty);
if ($_found) {
$_noadd = TRUE;
}
}
if (!$_found && UserTagOperations::get_instance()->UserTagExists($_name)) {
// see if it's a UDT
$_cachable = FALSE;
// UDTs are never cachable.
$_plugin_func = UserTagOperations::get_instance()->CreateTagFunction($_name);
$_found = true;
} else {
if ($_type == 'insert' && $_delayed_loading) {
$_plugin_func = 'smarty_' . $_type . '_' . $_name;
$_found = true;
}
}
/*
* Plugin specific processing and error checking.
*/
if (!$_found) {
if ($_type == 'modifier') {
/*
* In case modifier falls back on using PHP functions
* directly, we only allow those specified in the security
* context.
*/
if ($smarty->security && !in_array($_name, $smarty->security_settings['MODIFIER_FUNCS'])) {
$_message = "(secure mode) modifier '{$_name}' is not allowed";
} else {
if (!function_exists($_name)) {
$_message = "modifier '{$_name}' is not implemented";
} else {
$_plugin_func = $_name;
$_found = true;
}
}
} else {
if ($_type == 'function') {
/*
* This is a catch-all situation.
*/
$_message = "unknown tag - '{$_name}'";
}
}
}
if ($_found) {
if (!$_noadd) {
$smarty->_plugins[$_type][$_name] = array($_plugin_func, $_tpl_file, $_tpl_line, true, $_cachable);
}
} else {
// output error
$smarty->_trigger_fatal_error('[plugin] ' . $_message, $_tpl_file, $_tpl_line, __FILE__, __LINE__);
}
}
}
check_login();
$userid = get_userid();
$access = check_permission($userid, 'Modify User-defined Tags');
if (!$access) {
die('Permission Denied');
}
$gCms = cmsms();
$db = $gCms->GetDb();
$usertagops = $gCms->GetUserTagOperations();
include 'header.php';
if (!isset($_REQUEST['userplugin_id'])) {
echo $themeObject->ShowErrors(lang('missingparams'));
}
$udt_id = (int) $_REQUEST['userplugin_id'];
$udt_name = '';
$usertag = UserTagOperations::get_instance()->GetUserTag($udt_id);
if (!$usertag) {
// todo, change me.
echo $themeObject->ShowErrors(lang('missingparams'));
}
if (isset($_POST["cancel"])) {
redirect("listusertags.php" . $urlext);
return;
}
if (FALSE == empty($_GET['message'])) {
echo $themeObject->ShowMessage(lang($_GET['message']));
}
$output = '';
if (isset($_POST['submit'])) {
@ob_start();
$params = array();
function cms_call_udt($params, &$smarty)
{
if (!isset($params['udt'])) {
return;
}
$udt = $params['udt'];
unset($params['udt']);
return UserTagOperations::get_instance()->CallUserTag($udt, $params);
}
/**
* Get a handle to the CMS UserTagOperations object. If it does not yet
* exist, this method will instantiate it.
*
* @final
* @see UserTagOperations
* @return UserTagOperations handle to the UserTagOperations object
*/
public function &GetUserTagOperations()
{
return UserTagOperations::get_instance();
}
print '<Details><![CDATA[';
if (!is_array($error)) {
$error = array($error);
}
print '<li>' . join('</li><li>', $error) . '</li>';
print ']]></Details>';
} else {
print '<Response>Success</Response>';
print '<Details><![CDATA[' . lang('usertagupdated') . ']]></Details>';
}
print '</EditUserPlugin>';
exit;
}
} else {
if ($userplugin_id != -1) {
$row = UserTagOperations::get_instance()->GetUserTag($userplugin_id);
$plugin_name = $row["userplugin_name"];
$orig_plugin_name = $plugin_name;
$code = $row['code'];
$description = $row['description'];
}
}
}
if (strlen($plugin_name) > 0) {
$CMS_ADMIN_SUBTITLE = $plugin_name;
}
$addlScriptSubmit = '';
$syntaxmodule = get_preference(get_userid(FALSE), 'syntaxhighlighter');
if ($syntaxmodule && ($module = ModuleOperations::get_instance()->get_module_instance($syntaxmodule))) {
if ($module->IsSyntaxHighlighter() && $module->SyntaxActive()) {
die($module->GetName());
if (get_preference($userid, 'use_javasyntax') == "1") {
$use_javasyntax = true;
}
$gCms = cmsms();
$db = $gCms->GetDb();
if ($access) {
if (isset($_POST["addplugin"])) {
$validinfo = true;
if ($plugin_name == "") {
$error[] = lang('nofieldgiven', array(lang('name')));
$validinfo = false;
} elseif (preg_match('<^[a-zA-Z_\\x7f-\\xff][a-zA-Z0-9_\\x7f-\\xff]*$>', $plugin_name) == 0) {
$error[] = lang('error_udt_name_chars');
$validinfo = false;
} else {
if (UserTagOperations::get_instance()->SmartyTagExists($plugin_name)) {
$error[] = lang('usertagexists');
$validinfo = false;
}
}
// Make sure no spaces are put into plugin name.
$without_spaces = str_replace(' ', '', $plugin_name);
if ($plugin_name != $without_spaces) {
$error[] = lang('error_udt_name_whitespace');
$validinfo = false;
}
if ($code == "") {
$error[] = lang('nofieldgiven', array(lang('code')));
$validinfo = false;
} else {
if (strrpos($code, '{') !== FALSE) {
