function saveList($option) { global $_CB_framework, $_CB_database, $_POST; $oldrow = new moscomprofilerLists($_CB_database); if (isset($_POST['listid']) && $_POST['listid']) { $oldrow->load((int) $_POST['listid']); // Check if user is a super user: if (!$_CB_framework->acl->amIaSuperAdmin()) { // Check if user belongs to useraccessgroupid: if (!in_array($oldrow->useraccessgroupid, $_CB_framework->acl->get_groups_below_me(null, true))) { echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n"; exit; } // Check if user belongs to viewaccesslevel: if (!in_array($oldrow->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) { echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n"; exit; } } } $row = new moscomprofilerLists($_CB_database); $_POST['params'] = cbParamsEditorController::getRawParamsMagicgpcEscaped($_POST['params']); if (!$row->bind($_POST)) { echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // Set defaults if nothing is found // Also check if oldrow value to use its current value or default otherwise // This prevents a tab from storing to database with null values when some inputs are set disabled: if ($row->published == '') { $row->published = $oldrow->published != '' ? $oldrow->published : 1; } if ($row->default == '') { $row->default = $oldrow->default != '' ? $oldrow->default : 0; } if ($row->useraccessgroupid == '') { $row->useraccessgroupid = $oldrow->useraccessgroupid != '' ? $oldrow->useraccessgroupid : -2; } if ($row->viewaccesslevel == '') { $row->viewaccesslevel = $oldrow->viewaccesslevel != '' ? $oldrow->viewaccesslevel : 1; } if ($row->ordering == '') { $row->ordering = $oldrow->ordering != '' ? $oldrow->ordering : 999; } if ($row->usergroupids == '') { $row->usergroupids = $oldrow->usergroupids != '' ? $oldrow->usergroupids : implode(', ', $_CB_framework->acl->get_groups_below_me(null, true)); } $row->description = cleanEditorsTranslationJunk(trim($row->description)); // Check if user is a super user: if (!$_CB_framework->acl->amIaSuperAdmin()) { $failed = false; $canEditState = CBuser::getMyInstance()->authoriseAction('core.edit.state'); // Check if user belongs to useraccessgroupid if ($row->useraccessgroupid != '' && !in_array($row->useraccessgroupid != '', $_CB_framework->acl->get_groups_below_me(null, true))) { $failed = true; } // Check if user belongs to viewaccesslevel if ($row->viewaccesslevel != '' && !in_array($row->viewaccesslevel, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(false))) { $failed = true; } // Check if user can edit status: if (!$canEditState) { // Check if row exists and if publish is different from existing row // Check if row doesn't exist and if publish is different from default if ($oldrow->listid && ($row->published != '' && $oldrow->published != $row->published) || !$oldrow->listid && ($row->published != '' && $row->published != 1)) { $failed = true; } // Check if row exists and if publish is different from existing row // Check if row doesn't exist and if publish is different from default if ($oldrow->listid && ($row->default != '' && $oldrow->default != $row->default) || !$oldrow->listid && ($row->default != '' && $row->default != 1)) { $failed = true; } // Check if row exists and if useraccessgroupid is different from existing row // Check if row doesn't exist and if useraccessgroupid is different from default if ($oldrow->listid && ($row->useraccessgroupid != '' && $oldrow->useraccessgroupid != $row->useraccessgroupid) || !$oldrow->listid && ($row->useraccessgroupid != '' && $row->useraccessgroupid != -2)) { $failed = true; } // Check if row exists and if viewaccesslevel is different from existing row // Check if row doesn't exist and if viewaccesslevel is different from default if ($oldrow->listid && ($row->viewaccesslevel != '' && $oldrow->viewaccesslevel != $row->viewaccesslevel) || !$oldrow->listid && ($row->viewaccesslevel != '' && $row->viewaccesslevel != 1)) { $failed = true; } // Check if row exists and if ordering is different from existing row // Check if row doesn't exist and if ordering is different from default if ($oldrow->listid && ($row->ordering != '' && $oldrow->ordering != $row->ordering) || !$oldrow->listid && ($row->ordering != '' && $row->ordering != 999)) { $failed = true; } } if ($failed) { echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n"; exit; } } if (isset($_POST['col1'])) { $row->col1fields = implode("|*|", $_POST['col1']); } else { $row->col1fields = null; } if (isset($_POST['col2'])) { $row->col2fields = implode("|*|", $_POST['col2']); } else { $row->col2fields = null; } if (isset($_POST['col3'])) { $row->col3fields = implode("|*|", $_POST['col3']); } else { $row->col3fields = null; } if (isset($_POST['col4'])) { $row->col4fields = implode("|*|", $_POST['col4']); } else { $row->col4fields = null; } if ($row->col1enabled != 1) { $row->col1enabled = 0; } if ($row->col2enabled != 1) { $row->col2enabled = 0; } if ($row->col3enabled != 1) { $row->col3enabled = 0; } if ($row->col4enabled != 1) { $row->col4enabled = 0; } if ($row->col1captions != 1) { $row->col1captions = 0; } if ($row->col2captions != 1) { $row->col2captions = 0; } if ($row->col3captions != 1) { $row->col3captions = 0; } if ($row->col4captions != 1) { $row->col4captions = 0; } if (!$row->store((int) $_POST['listid'], true)) { echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-2); </script>\n"; exit; } cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task=showLists"), sprintf(CBTxt::T('Successfully Saved List: %s'), $row->title)); }
function saveList( $option ) { global $_CB_framework, $_CB_database, $_POST; $row = new moscomprofilerLists( $_CB_database ); $_POST['params'] = cbParamsEditorController::getRawParamsMagicgpcEscaped( $_POST['params'] ); if (!$row->bind( $_POST )) { echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-1); </script>\n"; exit(); } $row->description = cleanEditorsTranslationJunk( trim( $row->description ) ); if(isset($_POST['col1'])) { $row->col1fields = implode("|*|",$_POST['col1']); } else { $row->col1fields = null; } ; if(isset($_POST['col2'])) { $row->col2fields = implode("|*|",$_POST['col2']); } else { $row->col2fields = null; } ; if(isset($_POST['col3'])) { $row->col3fields = implode("|*|",$_POST['col3']); } else { $row->col3fields = null; } ; if(isset($_POST['col4'])) { $row->col4fields = implode("|*|",$_POST['col4']); } else { $row->col4fields = null; } ; if ($row->col1enabled != 1) $row->col1enabled=0; if ($row->col2enabled != 1) $row->col2enabled=0; if ($row->col3enabled != 1) $row->col3enabled=0; if ($row->col4enabled != 1) $row->col4enabled=0; if ($row->col1captions != 1) $row->col1captions=0; if ($row->col2captions != 1) $row->col2captions=0; if ($row->col3captions != 1) $row->col3captions=0; if ($row->col4captions != 1) $row->col4captions=0; if (!$row->store( (int) $_POST['listid'],true)) { echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-2); </script>\n"; exit(); } cbRedirect( $_CB_framework->backendUrl( "index.php?option=$option&task=showLists" ), sprintf(CBTxt::T('Successfully Saved List: %s'), $row->title) ); }