Exemple #1
0
/**
 * Shows the URL routing editor
 * This will show a URL routing edit form.
 *
 * @param    int $rid ID of URL routing rule to edit
 * @return   string          HTML for URL routing editor
 */
function getRouteEditor($rid = 0)
{
    global $_CONF, $_TABLES, $LANG_ROUTER, $LANG_ADMIN, $MESSAGE, $securityToken;
    $retval = '';
    $A = array('rid' => $rid, 'method' => Router::HTTP_REQUEST_GET, 'rule' => '', 'route' => '', 'priority' => Router::DEFAULT_PRIORITY);
    $rid = intval($rid, 10);
    if ($rid > 0) {
        if (DB_count($_TABLES['routes'], 'rid', $rid) == 1) {
            $sql = "SELECT * FROM {$_TABLES['routes']} WHERE rid =" . DB_escapeString($rid);
            $result = DB_query($sql);
            $A = DB_fetchArray($result);
        } else {
            // Non-existent route
            $rid = 0;
            $A['rid'] = $rid;
        }
    }
    $T = COM_newTemplate($_CONF['path_layout'] . 'admin/router');
    $T->set_file('editor', 'routereditor.thtml');
    $routerStart = COM_startBlock($LANG_ROUTER[10], '', COM_getBlockTemplate('_admin_block', 'header')) . LB . SEC_getTokenExpiryNotice($securityToken);
    $T->set_var('start_router_editor', $routerStart);
    if ($rid > 0) {
        $deleteButton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsConfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $T->set_var(array('delete_option' => sprintf($deleteButton, $jsConfirm), 'delete_option_no_confirmation' => sprintf($deleteButton, ''), 'allow_delete' => true));
    }
    $T->set_var(array('rid' => $A['rid'], 'method' => $A['method'], 'rule' => $A['rule'], 'route' => $A['route'], 'priority' => $A['priority'], 'gltoken_name' => CSRF_TOKEN, 'gltoken' => $securityToken));
    $T->set_var(array('lang_router_rid' => $LANG_ROUTER[3], 'lang_router_method' => $LANG_ROUTER[4], 'lang_router_rule' => $LANG_ROUTER[5], 'lang_router_route' => $LANG_ROUTER[6], 'lang_router_priority' => $LANG_ROUTER[7], 'lang_router_notice' => $LANG_ROUTER[20], 'lang_save' => $LANG_ADMIN['save'], 'lang_cancel' => $LANG_ADMIN['cancel'], 'lang_delete' => $LANG_ADMIN['delete'], 'confirm_message' => $MESSAGE[76]));
    $T->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    $T->parse('output', 'editor');
    $retval .= $T->finish($T->get_var('output'));
    return $retval;
}
function fncDisply($pi_name)
{
    global $_CONF;
    global $LANG_DATABOX_ADMIN;
    $tmplfld = DATABOX_templatePath('admin', 'default', $pi_name);
    $templates = new Template($tmplfld);
    $templates->set_file(array('list' => 'backuprestore.thtml'));
    $templates->set_var('about_thispage', $LANG_DATABOX_ADMIN['about_admin_backuprestore']);
    $templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    $token = SEC_createToken();
    $retval .= SEC_getTokenExpiryNotice($token);
    $templates->set_var('gltoken_name', CSRF_TOKEN);
    $templates->set_var('gltoken', $token);
    $templates->set_var('xhtml', XHTML);
    $templates->set_var('script', THIS_SCRIPT);
    $templates->set_var('config', $LANG_DATABOX_ADMIN['config']);
    $templates->set_var('config_backup', $LANG_DATABOX_ADMIN['config_backup']);
    $templates->set_var('config_init', $LANG_DATABOX_ADMIN['config_init']);
    $templates->set_var('config_restore', $LANG_DATABOX_ADMIN['config_restore']);
    $templates->set_var('config_update', $LANG_DATABOX_ADMIN['config_update']);
    $templates->set_var('config_backup_help', $LANG_DATABOX_ADMIN['config_backup_help']);
    $templates->set_var('config_init_help', $LANG_DATABOX_ADMIN['config_init_help']);
    $templates->set_var('config_restore_help', $LANG_DATABOX_ADMIN['config_restore_help']);
    $templates->set_var('config_update_help', $LANG_DATABOX_ADMIN['config_update_help']);
    $templates->set_var('datamaster', $LANG_DATABOX_ADMIN['datamaster']);
    $templates->set_var('data_clear', $LANG_DATABOX_ADMIN['data_clear']);
    $templates->set_var('data_allclear', $LANG_DATABOX_ADMIN['data_allclear']);
    $templates->set_var('data_backup', $LANG_DATABOX_ADMIN['data_backup']);
    $templates->set_var('data_restore', $LANG_DATABOX_ADMIN['data_restore']);
    $err_backup_file = "";
    if (file_exists($_CONF["path_data"] . "databoxconfig_bak.php")) {
        $templates->set_var('restore_disable', "");
        if (is_writable($_CONF["path_data"] . "databoxconfig_bak.php")) {
        } else {
            $err_backup_file = $LANG_DATABOX_ADMIN['err_backup_file_non_writable'];
        }
    } else {
        $templates->set_var('restore_disabled', "disabled");
        $err_backup_file = $LANG_DATABOX_ADMIN['err_backup_file_not_exist'];
    }
    $templates->set_var('err_backup_file', $err_backup_file);
    $templates->parse('output', 'list');
    $content = $templates->finish($templates->get_var('output'));
    $retval .= $content;
    return $retval;
}
Exemple #3
0
function LIB_Edit($pi_name, $id, $edt_flg, $msg = '', $errmsg = "", $mode = "edit")
{
    global $_CONF;
    global $_TABLES;
    global $LANG_ADMIN;
    global $MESSAGE;
    global $LANG_ACCESS;
    global $_USER;
    $lang_box_admin = "LANG_" . strtoupper($pi_name) . "_ADMIN";
    global ${$lang_box_admin};
    $lang_box_admin = ${$lang_box_admin};
    $lang_box = "LANG_" . strtoupper($pi_name);
    global ${$lang_box};
    $lang_box = ${$lang_box};
    $table = $_TABLES[strtoupper($pi_name) . '_mst'];
    $table2 = $_TABLES[strtoupper($pi_name) . '_def_field'];
    $retval = '';
    $delflg = false;
    if (!empty($msg)) {
        $retval .= COM_showMessage($msg, $pi_name);
        $retval .= $errmsg;
        // clean 'em up
        $kind = COM_applyFilter($_POST['kind']);
        $no = COM_applyFilter($_POST['no'], true);
        $value = COM_applyFilter($_POST['value']);
        $value2 = COM_applyFilter($_POST['value2']);
        $disp = COM_applyFilter($_POST['disp']);
        $orderno = COM_applyFilter($_POST['orderno'], true);
        $relno = COM_applyFilter($_POST['relno'], true);
        $uuid = $_USER['uid'];
    } else {
        if (empty($id)) {
            $id = 0;
            $kind = "";
            $no = "";
            $value = "";
            $value2 = "";
            $disp = "";
            $orderno = "";
            $relno = "";
            $uuid = 0;
            $udatetime = "";
            //"";
        } else {
            $sql = "SELECT ";
            $sql .= " *";
            $sql .= " ,UNIX_TIMESTAMP(udatetime) AS udatetime_un" . LB;
            $sql .= " FROM ";
            $sql .= $table;
            $sql .= " WHERE ";
            $sql .= " id = {$id}";
            $result = DB_query($sql);
            $A = DB_fetchArray($result);
            $kind = COM_stripslashes($A['kind']);
            $no = COM_stripslashes($A['no']);
            $value = COM_stripslashes($A['value']);
            $value2 = COM_stripslashes($A['value2']);
            $disp = COM_stripslashes($A['disp']);
            $orderno = COM_stripslashes($A['orderno']);
            $relno = COM_stripslashes($A['relno']);
            $uuid = COM_stripslashes($A['uuid']);
            $wary = COM_getUserDateTimeFormat(COM_stripslashes($A['udatetime_un']));
            $udatetime = $wary[0];
            // データがあれば削除させない
            if ($edt_flg == FALSE) {
                $delflg = true;
            }
        }
    }
    if ($mode === "copy") {
        $id = 0;
        //作成日付
        $created = 0;
        $created_month = 0;
        $created_day = 0;
        $created_year = 0;
        $created_hour = 0;
        $created_minute = 0;
        //
        $delflg = false;
    }
    $tmplfld = DATABOX_templatePath('admin', 'default', $pi_name);
    $templates = new Template($tmplfld);
    $templates->set_file('editor', "mst_editor.thtml");
    //--
    $templates->set_var('about_thispage', $lang_box_admin['about_admin_mst']);
    $templates->set_var('lang_must', $lang_box_admin['must']);
    $templates->set_var('site_url', $_CONF['site_url']);
    $templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    //--
    $token = SEC_createToken();
    $retval .= SEC_getTokenExpiryNotice($token);
    $templates->set_var('gltoken_name', CSRF_TOKEN);
    $templates->set_var('gltoken', $token);
    $templates->set_var('xhtml', XHTML);
    $templates->set_var('script', THIS_SCRIPT);
    //
    $templates->set_var('lang_link_admin', $lang_box_admin['link_admin']);
    $templates->set_var('lang_link_admin_top', $lang_box_admin['link_admin_top']);
    //id
    $templates->set_var('lang_id', $lang_box_admin['id']);
    $templates->set_var('id', $id);
    //コード、名前&説明
    $templates->set_var('lang_kind', $lang_box_admin['kind']);
    $templates->set_var('kind', $kind);
    $templates->set_var('lang_no', $lang_box_admin['no']);
    $templates->set_var('no', $no);
    $templates->set_var('lang_value', $lang_box_admin['value']);
    $templates->set_var('value', $value);
    $templates->set_var('lang_value2', $lang_box_admin['value2']);
    $templates->set_var('value2', $value2);
    $templates->set_var('lang_disp', $lang_box_admin['disp']);
    $templates->set_var('disp', $disp);
    $templates->set_var('lang_relno', $lang_box_admin['relno']);
    $templates->set_var('relno', $relno);
    //順序
    $templates->set_var('lang_orderno', $lang_box_admin['orderno']);
    $templates->set_var('orderno', $orderno);
    //保存日時
    $templates->set_var('lang_udatetime', $lang_box_admin['udatetime']);
    $templates->set_var('udatetime', $udatetime);
    $templates->set_var('lang_uuid', $lang_box_admin['uuid']);
    $templates->set_var('uuid', $uuid);
    // SAVE、CANCEL ボタン
    $templates->set_var('lang_save', $LANG_ADMIN['save']);
    $templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $templates->set_var('lang_preview', $LANG_ADMIN['preview']);
    //delete_option
    $wkcnt = DB_count($table2, "selectlist", $kind);
    if ($delflg) {
        if ($wkcnt > 0) {
            $templates->set_var('lang_delete_help', $lang_box_admin['delete_help_mst']);
        } else {
            $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s>';
            $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
            $templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        }
    }
    //
    $templates->parse('output', 'editor');
    $retval .= $templates->finish($templates->get_var('output'));
    return $retval;
}
Exemple #4
0
/**
 * Show topic administration form
 *
 * @param    string  tid     ID of topic to edit
 * @return   string          HTML for the topic editor
 */
function edittopic($tid = '')
{
    global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG04, $LANG27, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS;
    $retval = '';
    if (empty($tid)) {
        // new topic - set defaults
        $A = array('tid' => '', 'topic' => '', 'sortnum' => 0, 'parent_id' => TOPIC_ROOT, 'inherit' => 1, 'hidden' => 0, 'limitnews' => '', 'is_default' => 0, 'archive_flag' => 0);
    } else {
        $result = DB_query("SELECT * FROM {$_TABLES['topics']} WHERE tid ='{$tid}'");
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access == 0 || $access == 2) {
            $retval .= COM_showMessageText($LANG27[13], $LANG27[12]);
            COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}.");
            return $retval;
        }
    }
    $token = SEC_createToken();
    $retval .= COM_startBlock($LANG27[1], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= SEC_getTokenExpiryNotice($token);
    if (!is_array($A) || empty($A['owner_id'])) {
        $A['owner_id'] = $_USER['uid'];
        // this is the one instance where we default the group
        // most topics should belong to the Topic Admin group
        if (isset($_GROUPS['Topic Admin'])) {
            $A['group_id'] = $_GROUPS['Topic Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('topic.edit');
        }
        SEC_setDefaultPermissions($A, $_CONF['default_permissions_topic']);
        $access = 3;
    }
    $topic_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/topic');
    $topic_templates->set_file('editor', 'topiceditor.thtml');
    if (!empty($tid) && SEC_hasRights('topic.edit')) {
        $delButton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsConfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $topic_templates->set_var('delete_option', sprintf($delButton, $jsConfirm));
        $topic_templates->set_var('delete_option_no_confirmation', sprintf($delButton, ''));
        $topic_templates->set_var('allow_delete', true);
        $topic_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
        $topic_templates->set_var('confirm_message', $MESSAGE[76]);
        $topic_templates->set_var('warning_msg', $LANG27[6]);
    }
    if ($_CONF['titletoid'] && empty($tid)) {
        $_SCRIPTS->setJavaScriptFile('title_2_id', '/javascript/title_2_id.js');
        $topic_templates->set_var('titletoid', true);
    }
    $topic_templates->set_var('lang_topicid', $LANG27[2]);
    $topic_templates->set_var('topic_id', $A['tid']);
    $topic_templates->set_var('lang_parent_id', $LANG27[32]);
    $topic_templates->set_var('parent_id_options', TOPIC_getTopicListSelect($A['parent_id'], 1, false, $A['tid'], true));
    $topic_templates->set_var('lang_inherit', $LANG27[33]);
    $topic_templates->set_var('lang_inherit_info', $LANG27[34]);
    if ($A['inherit'] == 1) {
        $topic_templates->set_var('inherit_checked', 'checked="checked"');
    } else {
        $topic_templates->set_var('inherit_checked', '');
    }
    $topic_templates->set_var('lang_hidden', $LANG27[35]);
    $topic_templates->set_var('lang_hidden_info', $LANG27[36]);
    if ($A['hidden'] == 1) {
        $topic_templates->set_var('hidden_checked', 'checked="checked"');
    } else {
        $topic_templates->set_var('hidden_checked', '');
    }
    $topic_templates->set_var('lang_donotusespaces', $LANG27[5]);
    $topic_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $topic_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($A['owner_id']);
    $topic_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
    $topic_templates->set_var('owner_name', $ownername);
    $topic_templates->set_var('owner', $ownername);
    $topic_templates->set_var('owner_id', $A['owner_id']);
    $topic_templates->set_var('lang_group', $LANG_ACCESS['group']);
    $topic_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $topic_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $topic_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $topic_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $topic_templates->set_var('lang_permissions_key', $LANG_ACCESS['permissionskey']);
    $topic_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $topic_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
    $topic_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $topic_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    // show sort order only if they specified sortnum as the sort method
    if ($_CONF['sortmethod'] !== 'alpha') {
        $topic_templates->set_var('lang_sortorder', $LANG27[10]);
        if ($A['sortnum'] == 0) {
            $A['sortnum'] = '';
        }
        $topic_templates->set_var('sort_order', '<input type="text" size="5" maxlength="5" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>');
    } else {
        $topic_templates->set_var('lang_sortorder', $LANG27[14]);
        $topic_templates->set_var('sort_order', $LANG27[15] . '<input type="hidden" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>');
    }
    $topic_templates->set_var('lang_storiesperpage', $LANG27[11]);
    if ($A['limitnews'] == 0) {
        $topic_templates->set_var('story_limit', '');
    } else {
        $topic_templates->set_var('story_limit', $A['limitnews']);
    }
    $topic_templates->set_var('default_limit', $_CONF['limitnews']);
    $topic_templates->set_var('lang_defaultis', $LANG27[16]);
    $topic_templates->set_var('lang_topicname', $LANG27[3]);
    $topic_templates->set_var('topic_name', htmlspecialchars(stripslashes($A['topic']), ENT_QUOTES, COM_getEncodingt()));
    if (empty($A['tid'])) {
        $A['imageurl'] = '/images/topics/';
    }
    $topic_templates->set_var('lang_topicimage', $LANG27[4]);
    $topic_templates->set_var('lang_uploadimage', $LANG27[27]);
    $topic_templates->set_var('lang_maxsize', $LANG27[28]);
    $topic_templates->set_var('icon_dimensions', $_CONF['max_topicicon_width'] . ' x ' . $_CONF['max_topicicon_height']);
    $topic_templates->set_var('max_url_length', 255);
    $topic_templates->set_var('image_url', $A['imageurl']);
    if (empty($_CONF['image_lib'])) {
        $scaling = $LANG04[162];
    } else {
        $scaling = $LANG04[161];
    }
    $topic_templates->set_var('icon_max_dimensions', sprintf($LANG04[160], $_CONF['max_topicicon_width'], $_CONF['max_topicicon_height'], $_CONF['max_topicicon_size'], $scaling));
    $topic_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
    $topic_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
    if (!empty($A['meta_description'])) {
        $topic_templates->set_var('meta_description', $A['meta_description']);
    }
    if (!empty($A['meta_keywords'])) {
        $topic_templates->set_var('meta_keywords', $A['meta_keywords']);
    }
    if ($_CONF['meta_tags'] > 0) {
        $topic_templates->set_var('hide_meta', '');
    } else {
        $topic_templates->set_var('hide_meta', ' style="display:none;"');
    }
    $topic_templates->set_var('lang_defaulttopic', $LANG27[22]);
    $topic_templates->set_var('lang_defaulttext', $LANG27[23]);
    if ($A['is_default'] == 1) {
        $topic_templates->set_var('default_checked', 'checked="checked"');
    } else {
        $topic_templates->set_var('default_checked', '');
    }
    $topic_templates->set_var('lang_archivetopic', $LANG27[25]);
    $topic_templates->set_var('lang_archivetext', $LANG27[26]);
    $topic_templates->set_var('archive_disabled', '');
    if ($A['archive_flag'] == 1) {
        $topic_templates->set_var('archive_checked', 'checked="checked"');
    } else {
        $topic_templates->set_var('archive_checked', '');
        // Only 1 topic can be the archive topic - so check if there already is one
        if (DB_count($_TABLES['topics'], 'archive_flag', '1') > 0) {
            $topic_templates->set_var('archive_disabled', 'disabled');
        }
    }
    if (empty($tid)) {
        $num_stories = $LANG_ADMIN['na'];
    } else {
        $nResult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta WHERE ta.type = 'article' AND ta.id = sid AND ta.tid = '" . DB_escapeString($tid) . "'" . COM_getPermSql('AND'));
        $N = DB_fetchArray($nResult);
        $num_stories = COM_numberFormat($N['count']);
    }
    $topic_templates->set_var('lang_num_stories', $LANG27[30]);
    $topic_templates->set_var('num_stories', $num_stories);
    $topic_templates->set_var('gltoken_name', CSRF_TOKEN);
    $topic_templates->set_var('gltoken', $token);
    $topic_templates->parse('output', 'editor');
    $retval .= $topic_templates->finish($topic_templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Exemple #5
0
/**
* Shows story editor
*
* Displays the story entry form
*
* @param    string      $sid            ID of story to edit
* @param    string      $mode           'preview', 'edit', 'editsubmission', 'clone'
* @param    string      $errormsg       a message to display on top of the page
* @return   string      HTML for story editor
*
*/
function storyeditor($sid = '', $mode = '', $errormsg = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG24, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS, $LANG_DIRECTION, $LANG_MONTH, $LANG_WEEK;
    $display = '';
    if (!isset($_CONF['hour_mode'])) {
        $_CONF['hour_mode'] = 12;
    }
    if (!empty($errormsg)) {
        $display .= COM_showMessageText($errormsg, $LANG24[25]);
    }
    $story = new Story();
    if ($mode == 'preview') {
        // Handle Magic GPC Garbage:
        while (list($key, $value) = each($_POST)) {
            if (!is_array($value)) {
                $_POST[$key] = COM_stripslashes($value);
            } else {
                while (list($subkey, $subvalue) = each($value)) {
                    $value[$subkey] = COM_stripslashes($subvalue);
                }
            }
        }
        $result = $story->loadFromArgsArray($_POST);
        if ($_CONF['maximagesperarticle'] > 0) {
            $errors = $story->checkAttachedImages();
            if (count($errors) > 0) {
                $msg = $LANG24[55] . LB . '<ul>' . LB;
                foreach ($errors as $err) {
                    $msg .= '<li>' . $err . '</li>' . LB;
                }
                $msg .= '</ul>' . LB;
                $display .= COM_showMessageText($msg, $LANG24[54]);
            }
        }
    } else {
        $result = $story->loadFromDatabase($sid, $mode);
    }
    if ($result == STORY_PERMISSION_DENIED || $result == STORY_NO_ACCESS_PARAMS) {
        $display .= COM_showMessageText($LANG24[42], $LANG_ACCESS['accessdenied']);
        COM_accessLog("User {$_USER['username']} tried to illegally access story {$sid}.");
        return $display;
    } elseif ($result == STORY_EDIT_DENIED || $result == STORY_EXISTING_NO_EDIT_PERMISSION) {
        $display .= COM_showMessageText($LANG24[41], $LANG_ACCESS['accessdenied']);
        $display .= STORY_renderArticle($story, 'p');
        COM_accessLog("User {$_USER['username']} tried to illegally edit story {$sid}.");
        return $display;
    } elseif ($result == STORY_INVALID_SID) {
        if ($mode == 'editsubmission') {
            // that submission doesn't seem to be there any more (may have been
            // handled by another Admin) - take us back to the moderation page
            return COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
        } else {
            return COM_refresh($_CONF['site_admin_url'] . '/story.php');
        }
    } elseif ($result == STORY_DUPLICATE_SID) {
        $display .= COM_showMessageText($LANG24[24]);
    }
    // Load HTML templates
    $story_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/story');
    if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
        $story_templates->set_file(array('editor' => 'storyeditor_advanced.thtml'));
        $advanced_editormode = true;
        $story_templates->set_var('change_editormode', 'onchange="change_editmode(this);"');
        require_once $_CONF['path_system'] . 'classes/navbar.class.php';
        $story_templates->set_var('show_preview', 'none');
        $story_templates->set_var('lang_expandhelp', $LANG24[67]);
        $story_templates->set_var('lang_reducehelp', $LANG24[68]);
        $story_templates->set_var('lang_publishdate', $LANG24[69]);
        $story_templates->set_var('lang_toolbar', $LANG24[70]);
        $story_templates->set_var('toolbar1', $LANG24[71]);
        $story_templates->set_var('toolbar2', $LANG24[72]);
        $story_templates->set_var('toolbar3', $LANG24[73]);
        $story_templates->set_var('toolbar4', $LANG24[74]);
        $story_templates->set_var('toolbar5', $LANG24[75]);
        if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
            $story_templates->set_var('show_texteditor', 'none');
            $story_templates->set_var('show_htmleditor', '');
        } else {
            $story_templates->set_var('show_texteditor', '');
            $story_templates->set_var('show_htmleditor', 'none');
        }
    } else {
        $story_templates->set_file(array('editor' => 'storyeditor.thtml'));
        $advanced_editormode = false;
    }
    $story_templates->set_var('hour_mode', $_CONF['hour_mode']);
    if ($story->hasContent()) {
        $previewContent = STORY_renderArticle($story, 'p');
        if ($advanced_editormode and $previewContent != '') {
            $story_templates->set_var('preview_content', $previewContent);
        } elseif ($previewContent != '') {
            $display .= COM_startBlock($LANG24[26], '', COM_getBlockTemplate('_admin_block', 'header'));
            $display .= $previewContent;
            $display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
        }
    }
    if ($advanced_editormode) {
        $navbar = new navbar();
        if (!empty($previewContent)) {
            $navbar->add_menuitem($LANG24[79], 'showhideEditorDiv("preview",0);return false;', true);
            $navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",1);return false;', true);
            $navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",2);return false;', true);
            $navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",3);return false;', true);
            $navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",4);return false;', true);
            $navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",5);return false;', true);
            $navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",6);return false;', true);
        } else {
            $navbar->add_menuitem($LANG24[80], 'showhideEditorDiv("editor",0);return false;', true);
            $navbar->add_menuitem($LANG24[81], 'showhideEditorDiv("publish",1);return false;', true);
            $navbar->add_menuitem($LANG24[82], 'showhideEditorDiv("images",2);return false;', true);
            $navbar->add_menuitem($LANG24[83], 'showhideEditorDiv("archive",3);return false;', true);
            $navbar->add_menuitem($LANG24[84], 'showhideEditorDiv("perms",4);return false;', true);
            $navbar->add_menuitem($LANG24[85], 'showhideEditorDiv("all",5);return false;', true);
        }
        if ($mode == 'preview') {
            $story_templates->set_var('show_preview', '');
            $story_templates->set_var('show_htmleditor', 'none');
            $story_templates->set_var('show_texteditor', 'none');
            $story_templates->set_var('show_submitoptions', 'none');
            $navbar->set_selected($LANG24[79]);
        } else {
            $navbar->set_selected($LANG24[80]);
        }
        $story_templates->set_var('navbar', $navbar->generate());
    }
    $oldsid = $story->EditElements('originalSid');
    if (!empty($oldsid) && $mode != 'clone') {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $story_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $story_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    }
    if ($mode == 'editsubmission' || $story->type == 'submission') {
        $story_templates->set_var('submission_option', '<input type="hidden" name="type" value="submission"' . XHTML . '>');
    }
    $story_templates->set_var('lang_author', $LANG24[7]);
    $storyauthor = COM_getDisplayName($story->EditElements('uid'));
    $story_templates->set_var('story_author', $storyauthor);
    $story_templates->set_var('author', $storyauthor);
    $story_templates->set_var('story_uid', $story->EditElements('uid'));
    // user access info
    $story_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $story_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($story->EditElements('owner_id'));
    $story_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', 'uid = ' . $story->EditElements('owner_id')));
    $story_templates->set_var('owner_name', $ownername);
    $story_templates->set_var('owner', $ownername);
    $story_templates->set_var('owner_id', $story->EditElements('owner_id'));
    $story_templates->set_var('lang_group', $LANG_ACCESS['group']);
    $story_templates->set_var('group_dropdown', SEC_getGroupDropdown($story->EditElements('group_id'), 3));
    $story_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $story_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $story_templates->set_var('permissions_editor', SEC_getPermissionsHTML($story->EditElements('perm_owner'), $story->EditElements('perm_group'), $story->EditElements('perm_members'), $story->EditElements('perm_anon')));
    $story_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
    $story_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $curtime = COM_getUserDateTimeFormat($story->EditElements('date'));
    $story_templates->set_var('lang_date', $LANG24[15]);
    $story_templates->set_var('publish_second', $story->EditElements('publish_second'));
    $publish_ampm = '';
    $publish_hour = $story->EditElements('publish_hour');
    if ($publish_hour >= 12) {
        if ($publish_hour > 12) {
            $publish_hour = $publish_hour - 12;
        }
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    }
    $ampm_select = COM_getAmPmFormSelection('publish_ampm', $ampm);
    $story_templates->set_var('publishampm_selection', $ampm_select);
    $month_options = COM_getMonthFormOptions($story->EditElements('publish_month'));
    $story_templates->set_var('publish_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('publish_day'));
    $story_templates->set_var('publish_day_options', $day_options);
    $year_options = COM_getYearFormOptions($story->EditElements('publish_year'));
    $story_templates->set_var('publish_year_options', $year_options);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('publish_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($publish_hour);
    }
    $story_templates->set_var('publish_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('publish_minute'));
    $story_templates->set_var('publish_minute_options', $minute_options);
    $story_templates->set_var('publish_date_explanation', $LANG24[46]);
    $story_templates->set_var('story_unixstamp', $story->EditElements('unixdate'));
    $story_templates->set_var('expire_second', $story->EditElements('expire_second'));
    $expire_ampm = '';
    $expire_hour = $story->EditElements('expire_hour');
    if ($expire_hour >= 12) {
        if ($expire_hour > 12) {
            $expire_hour = $expire_hour - 12;
        }
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    }
    $ampm_select = COM_getAmPmFormSelection('expire_ampm', $ampm);
    if (empty($ampm_select)) {
        // have a hidden field to 24 hour mode to prevent JavaScript errors
        $ampm_select = '<input type="hidden" name="expire_ampm" value=""' . XHTML . '>';
    }
    $story_templates->set_var('expireampm_selection', $ampm_select);
    $month_options = COM_getMonthFormOptions($story->EditElements('expire_month'));
    $story_templates->set_var('expire_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('expire_day'));
    $story_templates->set_var('expire_day_options', $day_options);
    $year_options = COM_getYearFormOptions($story->EditElements('expire_year'));
    $story_templates->set_var('expire_year_options', $year_options);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('expire_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($expire_hour);
    }
    $story_templates->set_var('expire_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('expire_minute'));
    $story_templates->set_var('expire_minute_options', $minute_options);
    $story_templates->set_var('expire_date_explanation', $LANG24[46]);
    $story_templates->set_var('story_unixstamp', $story->EditElements('expirestamp'));
    $atopic = DB_getItem($_TABLES['topics'], 'tid', "archive_flag = 1");
    $have_archive_topic = empty($atopic) ? false : true;
    if ($story->EditElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE) {
        $story_templates->set_var('is_checked2', 'checked="checked"');
        $story_templates->set_var('is_checked3', 'checked="checked"');
        $js_showarchivedisabled = 'false';
        $have_archive_topic = true;
        // force display of auto archive option
    } elseif ($story->EditElements('statuscode') == STORY_DELETE_ON_EXPIRE) {
        $story_templates->set_var('is_checked2', 'checked="checked"');
        $story_templates->set_var('is_checked4', 'checked="checked"');
        if (!$have_archive_topic) {
            $story_templates->set_var('is_checked3', 'style="display:none;"');
        }
        $js_showarchivedisabled = 'false';
    } else {
        if (!$have_archive_topic) {
            $story_templates->set_var('is_checked3', 'style="display:none;"');
        }
        $js_showarchivedisabled = 'true';
    }
    $story_templates->set_var('lang_archivetitle', $LANG24[58]);
    $story_templates->set_var('lang_option', $LANG24[59]);
    $story_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
    $story_templates->set_var('lang_story_stats', $LANG24[87]);
    if ($have_archive_topic) {
        $story_templates->set_var('lang_optionarchive', $LANG24[61]);
    } else {
        $story_templates->set_var('lang_optionarchive', '');
    }
    $story_templates->set_var('lang_optiondelete', $LANG24[62]);
    $story_templates->set_var('lang_title', $LANG_ADMIN['title']);
    $story_templates->set_var('story_title', $story->EditElements('title'));
    $story_templates->set_var('lang_page_title', $LANG_ADMIN['page_title']);
    $story_templates->set_var('page_title', $story->EditElements('page_title'));
    $story_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
    $story_templates->set_var('meta_description', $story->EditElements('meta_description'));
    $story_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
    $story_templates->set_var('meta_keywords', $story->EditElements('meta_keywords'));
    if ($_CONF['meta_tags'] > 0) {
        $story_templates->set_var('hide_meta', '');
    } else {
        $story_templates->set_var('hide_meta', ' style="display:none;"');
    }
    $story_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
    if ($mode == 'preview') {
        $tlist = TOPIC_getTopicSelectionControl('article', '', false, true, true);
    } else {
        $tlist = TOPIC_getTopicSelectionControl('article', $oldsid, false, true, true);
    }
    if (empty($tlist)) {
        $display .= COM_showMessage(101);
        return $display;
    }
    $story_templates->set_var('topic_selection', $tlist);
    $story_templates->set_var('lang_show_topic_icon', $LANG24[56]);
    if ($story->EditElements('show_topic_icon') == 1) {
        $story_templates->set_var('show_topic_icon_checked', 'checked="checked"');
    } else {
        $story_templates->set_var('show_topic_icon_checked', '');
    }
    $story_templates->set_var('lang_cachetime', $LANG24['cache_time']);
    $story_templates->set_var('lang_cachetime_desc', $LANG24['cache_time_desc']);
    $story_templates->set_var('cache_time', $story->EditElements('cache_time'));
    $story_templates->set_var('lang_draft', $LANG24[34]);
    if ($story->EditElements('draft_flag')) {
        $story_templates->set_var('is_checked', 'checked="checked"');
    }
    $story_templates->set_var('lang_mode', $LANG24[3]);
    $story_templates->set_var('status_options', COM_optionList($_TABLES['statuscodes'], 'code,name', $story->EditElements('statuscode')));
    $story_templates->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $story->EditElements('commentcode')));
    $story_templates->set_var('trackback_options', COM_optionList($_TABLES['trackbackcodes'], 'code,name', $story->EditElements('trackbackcode')));
    // comment expire
    $story_templates->set_var('lang_cmt_disable', $LANG24[63]);
    if ($story->EditElements('cmt_close')) {
        $story_templates->set_var('is_checked5', 'checked="checked"');
        $js_showcmtclosedisabled = 'false';
    } else {
        $js_showcmtclosedisabled = 'true';
    }
    $month_options = COM_getMonthFormOptions($story->EditElements('cmt_close_month'));
    $story_templates->set_var('cmt_close_month_options', $month_options);
    $day_options = COM_getDayFormOptions($story->EditElements('cmt_close_day'));
    $story_templates->set_var('cmt_close_day_options', $day_options);
    // ensure that the year dropdown includes the close year
    $endtm = mktime(0, 0, 0, date('m'), date('d') + $_CONF['article_comment_close_days'], date('Y'));
    $yoffset = date('Y', $endtm) - date('Y');
    $close_year = $story->EditElements('cmt_close_year');
    if ($yoffset < -1) {
        $year_options = COM_getYearFormOptions($close_year, $yoffset);
    } elseif ($yoffset > 5) {
        $year_options = COM_getYearFormOptions($close_year, -1, $yoffset);
    } else {
        $year_options = COM_getYearFormOptions($close_year);
    }
    $story_templates->set_var('cmt_close_year_options', $year_options);
    $cmt_close_ampm = '';
    $cmt_close_hour = $story->EditElements('cmt_close_hour');
    //correct hour
    if ($cmt_close_hour >= 12) {
        if ($cmt_close_hour > 12) {
            $cmt_close_hour = $cmt_close_hour - 12;
        }
        $ampm = 'pm';
    } else {
        $ampm = 'am';
    }
    $ampm_select = COM_getAmPmFormSelection('cmt_close_ampm', $ampm);
    if (empty($ampm_select)) {
        // have a hidden field to 24 hour mode to prevent JavaScript errors
        $ampm_select = '<input type="hidden" name="cmt_close_ampm" value=""' . XHTML . '>';
    }
    $story_templates->set_var('cmt_close_ampm_selection', $ampm_select);
    if ($_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($story->EditElements('cmt_close_hour'), 24);
    } else {
        $hour_options = COM_getHourFormOptions($cmt_close_hour);
    }
    $story_templates->set_var('cmt_close_hour_options', $hour_options);
    $minute_options = COM_getMinuteFormOptions($story->EditElements('cmt_close_minute'));
    $story_templates->set_var('cmt_close_minute_options', $minute_options);
    $story_templates->set_var('cmt_close_second', $story->EditElements('cmt_close_second'));
    if ($_CONF['onlyrootfeatures'] == 1 && SEC_inGroup('Root') or $_CONF['onlyrootfeatures'] !== 1) {
        $featured_options = "<select name=\"featured\">" . LB . COM_optionList($_TABLES['featurecodes'], 'code,name', $story->EditElements('featured')) . "</select>" . LB;
    } else {
        $featured_options = "<input type=\"hidden\" name=\"featured\" value=\"0\"" . XHTML . ">";
    }
    $story_templates->set_var('featured_options', $featured_options);
    $story_templates->set_var('frontpage_options', COM_optionList($_TABLES['frontpagecodes'], 'code,name', $story->EditElements('frontpage')));
    $story_templates->set_var('story_introtext', $story->EditElements('introtext'));
    $story_templates->set_var('story_bodytext', $story->EditElements('bodytext'));
    $story_templates->set_var('lang_introtext', $LANG24[16]);
    $story_templates->set_var('lang_bodytext', $LANG24[17]);
    $story_templates->set_var('lang_postmode', $LANG24[4]);
    $story_templates->set_var('lang_publishoptions', $LANG24[76]);
    $story_templates->set_var('noscript', COM_getNoScript(false, $LANG24[77], sprintf($LANG24[78], $_CONF['site_admin_url'], $sid)));
    $postmode = $story->EditElements('postmode');
    if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
        if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
            $postmode = '';
        }
    }
    $post_options = COM_optionList($_TABLES['postmodes'], 'code,name', $postmode);
    $postmode_list = 'plaintext,html';
    // If Advanced Mode - add post option and set default if editing story created with Advanced Editor
    if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
        $postmode_list .= ',adveditor';
        if ($story->EditElements('advanced_editor_mode') == 1 or $story->EditElements('postmode') == 'adveditor') {
            $post_options .= '<option value="adveditor" selected="selected">' . $LANG24[86] . '</option>';
        } else {
            $post_options .= '<option value="adveditor">' . $LANG24[86] . '</option>';
        }
    }
    if ($_CONF['wikitext_editor']) {
        $postmode_list .= ',wikitext';
        if ($story->EditElements('postmode') == 'wikitext') {
            $post_options .= '<option value="wikitext" selected="selected">' . $LANG24[88] . '</option>';
        } else {
            $post_options .= '<option value="wikitext">' . $LANG24[88] . '</option>';
        }
    }
    $story_templates->set_var('post_options', $post_options);
    $postmode_array = explode(',', $postmode_list);
    $allowed_html = '';
    foreach ($postmode_array as $pm) {
        $allowed_html .= COM_allowedHTML('story.edit', false, 1, $pm);
    }
    $allowed_tags = array('code', 'raw');
    if ($_CONF['allow_page_breaks'] == 1) {
        $allowed_tags = array_merge($allowed_tags, array('page_break'));
    }
    $allowed_html .= COM_allowedAutotags(false, $allowed_tags);
    $story_templates->set_var('lang_allowed_html', $allowed_html);
    $fileinputs = '';
    $saved_images = '';
    if ($_CONF['maximagesperarticle'] > 0) {
        $story_templates->set_var('lang_images', $LANG24[47]);
        $icount = DB_count($_TABLES['article_images'], 'ai_sid', $story->getSid());
        if ($icount > 0) {
            $result_articles = DB_query("SELECT * FROM {$_TABLES['article_images']} WHERE ai_sid = '" . $story->getSid() . "'");
            for ($z = 1; $z <= $icount; $z++) {
                $I = DB_fetchArray($result_articles);
                $saved_images .= $z . ') ' . COM_createLink($I['ai_filename'], $_CONF['site_url'] . '/images/articles/' . $I['ai_filename']) . '&nbsp;&nbsp;&nbsp;' . $LANG_ADMIN['delete'] . ': <input type="checkbox" name="delete[' . $I['ai_img_num'] . ']"' . XHTML . '><br' . XHTML . '>';
            }
        }
        $newallowed = $_CONF['maximagesperarticle'] - $icount;
        for ($z = $icount + 1; $z <= $_CONF['maximagesperarticle']; $z++) {
            $fileinputs .= $z . ') <input type="file" dir="ltr" name="file' . $z . '"' . XHTML . '>';
            if ($z < $_CONF['maximagesperarticle']) {
                $fileinputs .= '<br' . XHTML . '>';
            }
        }
        $fileinputs .= '<br' . XHTML . '>' . $LANG24[51];
        if ($_CONF['allow_user_scaling'] == 1) {
            $fileinputs .= $LANG24[27];
        }
        $fileinputs .= $LANG24[28] . '<br' . XHTML . '>';
    }
    // Add JavaScript
    $_SCRIPTS->setJavaScriptFile('story_editor', '/javascript/story_editor.js');
    if ($_CONF['titletoid']) {
        $_SCRIPTS->setJavaScriptFile('title_2_id', '/javascript/title_2_id.js');
        $story_templates->set_var('titletoid', true);
    }
    $_SCRIPTS->setJavaScriptFile('postmode_control', '/javascript/postmode_control.js');
    // Loads jQuery UI datepicker and timepicker-addon
    $_SCRIPTS->setJavaScriptLibrary('jquery.ui.slider');
    //    $_SCRIPTS->setJavaScriptLibrary('jquery.ui.button');
    $_SCRIPTS->setJavaScriptLibrary('jquery.ui.datepicker');
    $_SCRIPTS->setJavaScriptLibrary('jquery-ui-i18n');
    $_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon');
    $_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon-i18n');
    //    $_SCRIPTS->setJavaScriptLibrary('jquery-ui-slideraccess');
    $_SCRIPTS->setJavaScriptFile('datetimepicker', '/javascript/datetimepicker.js');
    $langCode = COM_getLangIso639Code();
    $toolTip = $MESSAGE[118];
    $imgUrl = $_CONF['site_url'] . '/images/calendar.png';
    $_SCRIPTS->setJavaScript("jQuery(function () {" . "  geeklog.hour_mode = {$_CONF['hour_mode']};" . "  geeklog.datetimepicker.set('publish', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . "  geeklog.datetimepicker.set('expire', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . "  geeklog.datetimepicker.set('cmt_close', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . "});", TRUE, TRUE);
    // Setup Advanced Editor
    COM_setupAdvancedEditor('/javascript/storyeditor_adveditor.js');
    $story_templates->set_var('saved_images', $saved_images);
    $story_templates->set_var('image_form_elements', $fileinputs);
    $story_templates->set_var('lang_hits', $LANG24[18]);
    $story_templates->set_var('story_hits', $story->EditElements('hits'));
    $story_templates->set_var('lang_comments', $LANG24[19]);
    $story_templates->set_var('story_comments', $story->EditElements('comments'));
    $story_templates->set_var('lang_trackbacks', $LANG24[29]);
    $story_templates->set_var('story_trackbacks', $story->EditElements('trackbacks'));
    $story_templates->set_var('lang_emails', $LANG24[39]);
    $story_templates->set_var('story_emails', $story->EditElements('numemails'));
    if ($mode == 'clone') {
        $story_templates->set_var('story_id', COM_makesid());
    } else {
        $story_templates->set_var('story_id', $story->getSid());
        $story_templates->set_var('old_story_id', $story->EditElements('originalSid'));
    }
    $story_templates->set_var('lang_sid', $LANG24[12]);
    $story_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $story_templates->set_var('lang_preview', $LANG_ADMIN['preview']);
    $story_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $story_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
    $story_templates->set_var('gltoken_name', CSRF_TOKEN);
    $token = SEC_createToken();
    $story_templates->set_var('gltoken', $token);
    $story_templates->parse('output', 'editor');
    $display .= COM_startBlock($LANG24[5], '', COM_getBlockTemplate('_admin_block', 'header'));
    $display .= SEC_getTokenExpiryNotice($token, $LANG24[91]);
    $display .= $story_templates->finish($story_templates->get_var('output'));
    $display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $display;
}
Exemple #6
0
/**
* Show topic administration form
*
* @param    string  tid     ID of topic to edit
* @return   string          HTML for the topic editor
*
*/
function edittopic($tid = '')
{
    global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG27, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE;
    $retval = '';
    if (empty($tid)) {
        // new topic - set defaults
        $A = array();
        $A['tid'] = '';
        $A['topic'] = '';
        $A['sortnum'] = 0;
        $A['limitnews'] = '';
        // leave empty!
        $A['is_default'] = 0;
        $A['archive_flag'] = 0;
    } else {
        $result = DB_query("SELECT * FROM {$_TABLES['topics']} WHERE tid ='{$tid}'");
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access == 0 or $access == 2) {
            $retval .= COM_startBlock($LANG27[12], '', COM_getBlockTemplate('_msg_block', 'header'));
            $retval .= $LANG27[13];
            $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
            COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}.");
            return $retval;
        }
    }
    $token = SEC_createToken();
    $retval .= COM_startBlock($LANG27[1], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= SEC_getTokenExpiryNotice($token);
    if (!is_array($A) || empty($A['owner_id'])) {
        $A['owner_id'] = $_USER['uid'];
        // this is the one instance where we default the group
        // most topics should belong to the Topic Admin group
        if (isset($_GROUPS['Topic Admin'])) {
            $A['group_id'] = $_GROUPS['Topic Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('topic.edit');
        }
        SEC_setDefaultPermissions($A, $_CONF['default_permissions_topic']);
        $access = 3;
    }
    $topic_templates = new Template($_CONF['path_layout'] . 'admin/topic');
    $topic_templates->set_file('editor', 'topiceditor.thtml');
    $topic_templates->set_var('xhtml', XHTML);
    $topic_templates->set_var('site_url', $_CONF['site_url']);
    $topic_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    $topic_templates->set_var('layout_url', $_CONF['layout_url']);
    if (!empty($tid) && SEC_hasRights('topic.edit')) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $topic_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $topic_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
        $topic_templates->set_var('warning_msg', $LANG27[6]);
    }
    $topic_templates->set_var('lang_topicid', $LANG27[2]);
    $topic_templates->set_var('topic_id', $A['tid']);
    $topic_templates->set_var('lang_donotusespaces', $LANG27[5]);
    $topic_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $topic_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($A['owner_id']);
    $topic_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
    $topic_templates->set_var('owner_name', $ownername);
    $topic_templates->set_var('owner', $ownername);
    $topic_templates->set_var('owner_id', $A['owner_id']);
    $topic_templates->set_var('lang_group', $LANG_ACCESS['group']);
    $topic_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $topic_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $topic_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $topic_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $topic_templates->set_var('lang_permissions_key', $LANG_ACCESS['permissionskey']);
    $topic_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $topic_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
    $topic_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $topic_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    // show sort order only if they specified sortnum as the sort method
    if ($_CONF['sortmethod'] != 'alpha') {
        $topic_templates->set_var('lang_sortorder', $LANG27[10]);
        if ($A['sortnum'] == 0) {
            $A['sortnum'] = '';
        }
        $topic_templates->set_var('sort_order', '<input type="text" size="3" maxlength="3" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>');
    } else {
        $topic_templates->set_var('lang_sortorder', $LANG27[14]);
        $topic_templates->set_var('sort_order', $LANG27[15]);
    }
    $topic_templates->set_var('lang_storiesperpage', $LANG27[11]);
    if ($A['limitnews'] == 0) {
        $topic_templates->set_var('story_limit', '');
    } else {
        $topic_templates->set_var('story_limit', $A['limitnews']);
    }
    $topic_templates->set_var('default_limit', $_CONF['limitnews']);
    $topic_templates->set_var('lang_defaultis', $LANG27[16]);
    $topic_templates->set_var('lang_topicname', $LANG27[3]);
    $topic_templates->set_var('topic_name', stripslashes($A['topic']));
    if (empty($A['tid'])) {
        $A['imageurl'] = '/images/topics/';
    }
    $topic_templates->set_var('lang_topicimage', $LANG27[4]);
    $topic_templates->set_var('lang_uploadimage', $LANG27[27]);
    $topic_templates->set_var('icon_dimensions', $_CONF['max_topicicon_width'] . ' x ' . $_CONF['max_topicicon_height']);
    $topic_templates->set_var('lang_maxsize', $LANG27[28]);
    $topic_templates->set_var('max_url_length', 255);
    $topic_templates->set_var('image_url', $A['imageurl']);
    $topic_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
    $topic_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
    if (!empty($A['meta_description'])) {
        $topic_templates->set_var('meta_description', $A['meta_description']);
    }
    if (!empty($A['meta_keywords'])) {
        $topic_templates->set_var('meta_keywords', $A['meta_keywords']);
    }
    $topic_templates->set_var('lang_defaulttopic', $LANG27[22]);
    $topic_templates->set_var('lang_defaulttext', $LANG27[23]);
    if ($A['is_default'] == 1) {
        $topic_templates->set_var('default_checked', 'checked="checked"');
    } else {
        $topic_templates->set_var('default_checked', '');
    }
    $topic_templates->set_var('lang_archivetopic', $LANG27[25]);
    $topic_templates->set_var('lang_archivetext', $LANG27[26]);
    $topic_templates->set_var('archive_disabled', '');
    if ($A['archive_flag'] == 1) {
        $topic_templates->set_var('archive_checked', 'checked="checked"');
    } else {
        $topic_templates->set_var('archive_checked', '');
        // Only 1 topic can be the archive topic - so check if there already is one
        if (DB_count($_TABLES['topics'], 'archive_flag', '1') > 0) {
            $topic_templates->set_var('archive_disabled', 'disabled');
        }
    }
    if (empty($tid)) {
        $num_stories = $LANG_ADMIN['na'];
    } else {
        $nresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE tid = '" . addslashes($tid) . "'" . COM_getPermSql('AND'));
        $N = DB_fetchArray($nresult);
        $num_stories = COM_numberFormat($N['count']);
    }
    $topic_templates->set_var('lang_num_stories', $LANG27[30]);
    $topic_templates->set_var('num_stories', $num_stories);
    $topic_templates->set_var('gltoken_name', CSRF_TOKEN);
    $topic_templates->set_var('gltoken', $token);
    $topic_templates->parse('output', 'editor');
    $retval .= $topic_templates->finish($topic_templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Exemple #7
0
/**
* Displays the static page editor form
*
* @param    array   $A      Data to display
* @return   string          HTML for the static page editor
*
*/
function staticpageeditor_form($A)
{
    global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $mode, $sp_id, $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG01, $LANG24, $LANG_postmodes, $MESSAGE, $_IMAGE_TYPE, $_SCRIPTS;
    if (!empty($sp_id) && $mode == 'edit') {
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    } else {
        if ($mode != 'clone') {
            $A['sp_inblock'] = $_SP_CONF['in_block'];
        }
        $A['owner_id'] = $_USER['uid'];
        if (isset($_GROUPS['Static Page Admin'])) {
            $A['group_id'] = $_GROUPS['Static Page Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('staticpages.edit');
        }
        SEC_setDefaultPermissions($A, $_SP_CONF['default_permissions']);
        $access = 3;
        if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
            $A['advanced_editor_mode'] = 1;
        }
    }
    $retval = '';
    $sp_template = COM_newTemplate(CTL_plugin_templatePath('staticpages', 'admin'));
    if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) {
        $sp_template->set_file('form', 'editor_advanced.thtml');
        // Shouldn't really have to check if anonymous user but who knows...
        if (COM_isAnonUser()) {
            $link_message = "";
        } else {
            $link_message = $LANG01[138];
        }
        $sp_template->set_var('noscript', COM_getNoScript(false, '', $link_message));
        // Setup Advanced Editor
        COM_setupAdvancedEditor('/staticpages/adveditor.js', 'staticpages.edit');
        $sp_template->set_var('lang_expandhelp', $LANG24[67]);
        $sp_template->set_var('lang_reducehelp', $LANG24[68]);
        $sp_template->set_var('lang_toolbar', $LANG24[70]);
        $sp_template->set_var('toolbar1', $LANG24[71]);
        $sp_template->set_var('toolbar2', $LANG24[72]);
        $sp_template->set_var('toolbar3', $LANG24[73]);
        $sp_template->set_var('toolbar4', $LANG24[74]);
        $sp_template->set_var('toolbar5', $LANG24[75]);
        $sp_template->set_var('lang_nojavascript', $LANG24[77]);
        $sp_template->set_var('lang_postmode', $LANG24[4]);
        if (isset($A['postmode']) && $A['postmode'] == 'adveditor') {
            $sp_template->set_var('show_adveditor', '');
            $sp_template->set_var('show_htmleditor', 'none');
        } else {
            $sp_template->set_var('show_adveditor', 'none');
            $sp_template->set_var('show_htmleditor', '');
        }
        $post_options = '<option value="html" selected="selected">' . $LANG_postmodes['html'] . '</option>';
        if (isset($A['postmode']) && $A['postmode'] == 'adveditor') {
            $post_options .= '<option value="adveditor" selected="selected">' . $LANG24[86] . '</option>';
        } else {
            $post_options .= '<option value="adveditor">' . $LANG24[86] . '</option>';
        }
        $sp_template->set_var('post_options', $post_options);
        $sp_template->set_var('change_editormode', 'onchange="change_editmode(this);"');
    } else {
        $sp_template->set_file('form', 'editor.thtml');
    }
    // Add JavaScript
    if ($_CONF['titletoid']) {
        $_SCRIPTS->setJavaScriptFile('title_2_id', '/javascript/title_2_id.js');
        $sp_template->set_var('titletoid', true);
    }
    $sp_template->set_var('lang_mode', $LANG24[3]);
    $sp_template->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $A['commentcode']));
    $sp_template->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $sp_template->set_var('lang_owner', $LANG_ACCESS['owner']);
    $owner_name = COM_getDisplayName($A['owner_id']);
    $owner_username = DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}");
    $sp_template->set_var('owner_id', $A['owner_id']);
    $sp_template->set_var('owner', $owner_name);
    $sp_template->set_var('owner_name', $owner_name);
    $sp_template->set_var('owner_username', $owner_username);
    if ($A['owner_id'] > 1) {
        $profile_link = $_CONF['site_url'] . '/users.php?mode=profile&amp;uid=' . $A['owner_id'];
        $sp_template->set_var('start_owner_anchortag', '<a href="' . $profile_link . '">');
        $sp_template->set_var('end_owner_anchortag', '</a>');
        $sp_template->set_var('owner_link', COM_createLink($owner_name, $profile_link));
        $photo = '';
        if ($_CONF['allow_user_photo']) {
            $photo = DB_getItem($_TABLES['users'], 'photo', "uid = {$A['owner_id']}");
            if (!empty($photo)) {
                $camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . XHTML . '>';
                $sp_template->set_var('camera_icon', COM_createLink($camera_icon, $profile_link));
            }
        }
        if (empty($photo)) {
            $sp_template->set_var('camera_icon', '');
        }
    } else {
        $sp_template->set_var('start_owner_anchortag', '');
        $sp_template->set_var('end_owner_anchortag', '');
        $sp_template->set_var('owner_link', $owner_name);
    }
    $sp_template->set_var('lang_group', $LANG_ACCESS['group']);
    $sp_template->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $sp_template->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    $sp_template->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $sp_template->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $sp_template->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
    $sp_template->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $token = SEC_createToken();
    $start_block = COM_startBlock($LANG_STATIC['staticpageeditor'], '', COM_getBlockTemplate('_admin_block', 'header'));
    $start_block .= SEC_getTokenExpiryNotice($token);
    $sp_template->set_var('start_block_editor', $start_block);
    $sp_template->set_var('lang_save', $LANG_ADMIN['save']);
    $sp_template->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $sp_template->set_var('lang_preview', $LANG_ADMIN['preview']);
    if (SEC_hasRights('staticpages.delete') && $mode != 'clone' && !empty($A['sp_old_id'])) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $sp_template->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $sp_template->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    } else {
        $sp_template->set_var('delete_option', '');
    }
    $sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']);
    $sp_template->set_var('username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
    $authorname = COM_getDisplayName($A['owner_id']);
    $sp_template->set_var('name', $authorname);
    $sp_template->set_var('author', $authorname);
    $sp_template->set_var('lang_url', $LANG_STATIC['url']);
    $sp_template->set_var('lang_id', $LANG_STATIC['id']);
    $sp_template->set_var('sp_uid', $A['owner_id']);
    $sp_template->set_var('sp_id', $A['sp_id']);
    $sp_template->set_var('sp_old_id', $A['sp_old_id']);
    $sp_template->set_var('example_url', COM_buildURL($_CONF['site_url'] . '/staticpages/index.php?page=' . $A['sp_id']));
    $sp_template->set_var('lang_centerblock', $LANG_STATIC['centerblock']);
    $sp_template->set_var('lang_centerblock_help', $LANG_ADMIN['help_url']);
    $sp_template->set_var('lang_centerblock_include', $LANG21[51]);
    $sp_template->set_var('lang_centerblock_desc', $LANG21[52]);
    $sp_template->set_var('centerblock_help', $A['sp_help']);
    $sp_template->set_var('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']);
    if (isset($A['sp_centerblock']) && $A['sp_centerblock'] == 1) {
        $sp_template->set_var('centerblock_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('centerblock_checked', '');
    }
    $sp_template->set_var('lang_position', $LANG_STATIC['position']);
    $position = '<select name="sp_where">';
    $position .= '<option value="1"';
    if ($A['sp_where'] == 1) {
        $position .= ' selected="selected"';
    }
    $position .= '>' . $LANG_STATIC['position_top'] . '</option>';
    $position .= '<option value="2"';
    if ($A['sp_where'] == 2) {
        $position .= ' selected="selected"';
    }
    $position .= '>' . $LANG_STATIC['position_feat'] . '</option>';
    $position .= '<option value="3"';
    if ($A['sp_where'] == 3) {
        $position .= ' selected="selected"';
    }
    $position .= '>' . $LANG_STATIC['position_bottom'] . '</option>';
    $position .= '<option value="0"';
    if ($A['sp_where'] == 0) {
        $position .= ' selected="selected"';
    }
    $position .= '>' . $LANG_STATIC['position_entire'] . '</option>';
    $position .= '</select>';
    $sp_template->set_var('pos_selection', $position);
    if ($_SP_CONF['allow_php'] == 1 && SEC_hasRights('staticpages.PHP')) {
        if (!isset($A['sp_php'])) {
            $A['sp_php'] = 0;
        }
        $selection = '<select name="sp_php">' . LB;
        $selection .= '<option value="0"';
        if ($A['sp_php'] <= 0 || $A['sp_php'] > 2) {
            $selection .= ' selected="selected"';
        }
        $selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB;
        $selection .= '<option value="1"';
        if ($A['sp_php'] == 1) {
            $selection .= ' selected="selected"';
        }
        $selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB;
        $selection .= '<option value="2"';
        if ($A['sp_php'] == 2) {
            $selection .= ' selected="selected"';
        }
        $selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB;
        $selection .= '</select>';
        $sp_template->set_var('php_selector', $selection);
        $sp_template->set_var('php_warn', $LANG_STATIC['php_warn']);
    } else {
        $sp_template->set_var('php_selector', '');
        $sp_template->set_var('php_warn', $LANG_STATIC['php_not_activated']);
    }
    $sp_template->set_var('php_msg', $LANG_STATIC['php_msg']);
    // old variables (for the 1.3-type checkbox)
    $sp_template->set_var('php_checked', '');
    $sp_template->set_var('php_type', 'hidden');
    if (isset($A['sp_nf']) && $A['sp_nf'] == 1) {
        $sp_template->set_var('exit_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('exit_checked', '');
    }
    $sp_template->set_var('exit_msg', $LANG_STATIC['exit_msg']);
    $sp_template->set_var('exit_info', $LANG_STATIC['exit_info']);
    if ($A['sp_inblock'] == 1) {
        $sp_template->set_var('inblock_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('inblock_checked', '');
    }
    $sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']);
    $sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']);
    if ($A['draft_flag'] == 1) {
        $sp_template->set_var('draft_flag_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('draft_flag_checked', '');
    }
    $sp_template->set_var('lang_draft', $LANG_STATIC['draft']);
    $sp_template->set_var('lang_cache_time', $LANG_STATIC['cache_time']);
    $sp_template->set_var('lang_cache_time_desc', $LANG_STATIC['cache_time_desc']);
    $sp_template->set_var('cache_time', $A['cache_time']);
    $curtime = COM_getUserDateTimeFormat($A['unixdate']);
    $sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']);
    $sp_template->set_var('sp_formateddate', $curtime[0]);
    $sp_template->set_var('sp_date', $curtime[1]);
    $sp_template->set_var('lang_title', $LANG_STATIC['title']);
    $sp_template->set_var('lang_page_title', $LANG_STATIC['page_title']);
    $title = '';
    $page_title = '';
    if (isset($A['sp_title'])) {
        $title = htmlspecialchars(stripslashes($A['sp_title']));
    }
    if (isset($A['sp_page_title'])) {
        $page_title = htmlspecialchars(stripslashes($A['sp_page_title']));
    }
    $sp_template->set_var('sp_title', $title);
    $sp_template->set_var('sp_page_title', $page_title);
    $sp_template->set_var('lang_topic', $LANG_STATIC['topic']);
    if ($mode != 'clone') {
        // want to use default topic selection if new staticpage so pass in blank id
        $topic_sp_id = $A['sp_id'];
        if (empty($sp_id) && $mode == 'edit') {
            // means new
            $topic_sp_id = '';
        }
        $sp_template->set_var('topic_selection', TOPIC_getTopicSelectionControl('staticpages', $topic_sp_id, true, false, true));
    } else {
        $sp_template->set_var('topic_selection', TOPIC_getTopicSelectionControl('staticpages', $A['clone_sp_id'], true, false, true));
    }
    $sp_template->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
    $sp_template->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
    if (!empty($A['meta_description'])) {
        $sp_template->set_var('meta_description', $A['meta_description']);
    }
    if (!empty($A['meta_keywords'])) {
        $sp_template->set_var('meta_keywords', $A['meta_keywords']);
    }
    if ($_CONF['meta_tags'] > 0 && $_SP_CONF['meta_tags'] > 0) {
        $sp_template->set_var('hide_meta', '');
    } else {
        $sp_template->set_var('hide_meta', ' style="display:none;"');
    }
    if ($A['template_flag'] == 1) {
        $sp_template->set_var('template_flag_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('template_flag_checked', '');
    }
    $sp_template->set_var('lang_template', $LANG_STATIC['template']);
    $sp_template->set_var('lang_template_flag_msg', $LANG_STATIC['template_msg']);
    $template_list = templatelist($A['template_id']);
    $template_none = '<option value=""';
    if ($A['template_id'] == "") {
        $template_none .= ' selected="selected"';
    }
    $template_none .= '>' . $LANG_STATIC['none'] . '</option>';
    $sp_template->set_var('use_template_selection', '<select name="template_id">' . $template_none . $template_list . '</select>');
    $sp_template->set_var('lang_use_template', $LANG_STATIC['use_template']);
    $sp_template->set_var('lang_use_template_msg', $LANG_STATIC['use_template_msg']);
    $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']);
    if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) {
        $sp_template->set_var('onmenu_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('onmenu_checked', '');
    }
    $sp_template->set_var('lang_label', $LANG_STATIC['label']);
    if (isset($A['sp_label'])) {
        $sp_template->set_var('sp_label', $A['sp_label']);
    } else {
        $sp_template->set_var('sp_label', '');
    }
    $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']);
    $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']);
    $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']);
    $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']);
    $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']);
    if (!isset($A['sp_format'])) {
        $A['sp_format'] = '';
    }
    if ($A['sp_format'] == 'noblocks') {
        $sp_template->set_var('noblock_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('noblock_selected', '');
    }
    if ($A['sp_format'] == 'leftblocks') {
        $sp_template->set_var('leftblocks_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('leftblocks_selected', '');
    }
    if ($A['sp_format'] == 'blankpage') {
        $sp_template->set_var('blankpage_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('blankpage_selected', '');
    }
    if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) {
        $sp_template->set_var('allblocks_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('allblocks_selected', '');
    }
    $sp_template->set_var('lang_content', $LANG_STATIC['content']);
    $content = '';
    if (isset($A['sp_content'])) {
        $content = htmlspecialchars(stripslashes($A['sp_content']));
        $content = str_replace(array('{', '}'), array('&#123;', '&#125;'), $content);
    }
    $sp_template->set_var('sp_content', $content);
    $allowed = COM_allowedHTML('staticpages.edit', false, $_SP_CONF['filter_html']) . COM_allowedAutotags();
    $sp_template->set_var('lang_allowedhtml', $allowed);
    $sp_template->set_var('lang_allowed_html', $allowed);
    $sp_template->set_var('lang_hits', $LANG_STATIC['hits']);
    if (empty($A['sp_hits'])) {
        $sp_template->set_var('sp_hits', '0');
        $sp_template->set_var('sp_hits_formatted', '0');
    } else {
        $sp_template->set_var('sp_hits', $A['sp_hits']);
        $sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits']));
    }
    $sp_template->set_var('lang_comments', $LANG_STATIC['comments']);
    if ($A['commentcode'] == -1) {
        $sp_template->set_var('sp_comments', $LANG_ADMIN['na']);
    } else {
        $num_comments = DB_count($_TABLES['comments'], array('sid', 'type'), array(DB_escapeString($A['sp_id']), 'staticpages'));
        $sp_template->set_var('sp_comments', COM_numberFormat($num_comments));
    }
    $sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    $sp_template->set_var('gltoken_name', CSRF_TOKEN);
    $sp_template->set_var('gltoken', $token);
    $sp_template->parse('output', 'form');
    $retval .= $sp_template->finish($sp_template->get_var('output'));
    return $retval;
}
Exemple #8
0
/**
* Shows the group editor form
*
* @param    string      $grp_id     ID of group to edit
* @return   string      HTML for group editor
*
*/
function editgroup($grp_id = '')
{
    global $_TABLES, $_CONF, $_USER, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $LANG28, $_GROUP_VERBOSE;
    require_once $_CONF['path_system'] . 'lib-admin.php';
    $retval = '';
    $thisUsersGroups = SEC_getUserGroups();
    if (!empty($grp_id) && $grp_id > 0 && !in_array($grp_id, $thisUsersGroups) && !SEC_groupIsRemoteUserAndHaveAccess($grp_id, $thisUsersGroups)) {
        if (!SEC_inGroup('Root') && DB_getItem($_TABLES['groups'], 'grp_name', "grp_id = {$grp_id}") == 'Root') {
            $retval .= COM_showMessageText($LANG_ACCESS['canteditroot'], $LANG_ACCESS['groupeditor']);
            COM_accessLog("User {$_USER['username']} tried to edit the Root group with insufficient privileges.");
        } else {
            $retval .= COM_showMessageText($LANG_ACCESS['canteditgroup'], $LANG_ACCESS['groupeditor']);
        }
        return $retval;
    }
    $group_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/group');
    $group_templates->set_file('editor', 'groupeditor.thtml');
    $group_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $group_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $group_templates->set_var('lang_admingroup', $LANG28[49]);
    $group_templates->set_var('lang_admingrp_msg', $LANG28[50]);
    $group_templates->set_var('lang_defaultgroup', $LANG28[88]);
    $group_templates->set_var('lang_defaultgrp_msg', $LANG28[89]);
    $group_templates->set_var('lang_applydefault_msg', $LANG28[90]);
    $group_templates->set_var('lang_groupname', $LANG_ACCESS['groupname']);
    $group_templates->set_var('lang_description', $LANG_ACCESS['description']);
    $group_templates->set_var('lang_securitygroups', $LANG_ACCESS['securitygroups']);
    $group_templates->set_var('lang_rights', $LANG_ACCESS['rights']);
    $showall = 0;
    if (isset($_REQUEST['chk_showall']) && $_REQUEST['chk_showall'] == 1) {
        $showall = 1;
    }
    $group_templates->set_var('show_all', $showall);
    if (!empty($grp_id)) {
        $result = DB_query("SELECT grp_id,grp_name,grp_descr,grp_gl_core,grp_default FROM {$_TABLES['groups']} WHERE grp_id ='{$grp_id}'");
        $A = DB_fetchArray($result);
        if ($A['grp_gl_core'] > 0) {
            $group_templates->set_var('chk_adminuse', 'checked="checked"');
        }
        if ($A['grp_default'] != 0) {
            $group_templates->set_var('chk_defaultuse', 'checked="checked"');
        }
    } else {
        // new group, so it's obviously not a core group
        $A['grp_gl_core'] = 0;
        $A['grp_default'] = 0;
    }
    $token = SEC_createToken();
    $retval .= COM_startBlock($LANG_ACCESS['groupeditor'], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= SEC_getTokenExpiryNotice($token);
    if (!empty($grp_id)) {
        // Groups tied to Geeklog's functionality shouldn't be deleted
        if ($A['grp_gl_core'] != 1) {
            $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
            $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
            $group_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
            $group_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
            $group_templates->set_var('group_core', 0);
        } else {
            $group_templates->set_var('group_core', 1);
        }
        $group_templates->set_var('group_id', $A['grp_id']);
    } else {
        $group_templates->set_var('group_core', 0);
    }
    if ($A['grp_gl_core'] != 1) {
        $group_templates->set_var('groupname_inputtype', 'text');
        $group_templates->set_var('groupname_static', '');
    } else {
        $group_templates->set_var('groupname_inputtype', 'hidden');
        $group_templates->set_var('groupname_static', $A['grp_name']);
    }
    if (isset($A['grp_name'])) {
        $group_templates->set_var('group_name', $A['grp_name']);
        switch ($A['grp_name']) {
            case 'All Users':
            case 'Logged-in Users':
            case 'Remote Users':
                $group_templates->set_var('hide_defaultoption', ' style="display:none;"');
                break;
            default:
                $group_templates->set_var('hide_defaultoption', '');
                break;
        }
    } else {
        $group_templates->set_var('group_name', '');
    }
    if (isset($A['grp_descr'])) {
        $group_templates->set_var('group_description', $A['grp_descr']);
    } else {
        $group_templates->set_var('group_description', '');
    }
    $selected = '';
    if (!empty($grp_id)) {
        $tmp = DB_query("SELECT ug_main_grp_id FROM {$_TABLES['group_assignments']} WHERE ug_grp_id = {$grp_id}");
        $num_groups = DB_numRows($tmp);
        for ($x = 0; $x < $num_groups; $x++) {
            $G = DB_fetchArray($tmp);
            if ($x > 0) {
                $selected .= ' ' . $G['ug_main_grp_id'];
            } else {
                $selected .= $G['ug_main_grp_id'];
            }
        }
    }
    $groupoptions = '';
    if ($A['grp_gl_core'] == 1) {
        $group_templates->set_var('lang_securitygroupmsg', $LANG_ACCESS['coregroupmsg']);
        $group_templates->set_var('hide_adminoption', ' style="display:none;"');
        $count = 0;
        if (!empty($selected)) {
            $inclause = str_replace(' ', ',', $selected);
            $result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['groups']} WHERE grp_id <> {$grp_id} AND grp_id IN ({$inclause})");
            list($count) = DB_fetchArray($result);
        }
        if ($count == 0) {
            // this group doesn't belong to anything...give a friendly message
            $groupoptions = '<p class="pluginRow1">' . $LANG_ACCESS['nogroupsforcoregroup'] . '</p>';
        }
    } else {
        $group_templates->set_var('lang_securitygroupmsg', $LANG_ACCESS['groupmsg']);
        $group_templates->set_var('hide_adminoption', '');
    }
    if ($_GROUP_VERBOSE) {
        COM_errorLog("SELECTED: {$selected}");
    }
    if (empty($groupoptions)) {
        // make sure to list only those groups of which the Group Admin
        // is a member
        $whereGroups = '(grp_id IN (' . implode(',', $thisUsersGroups) . '))';
        $header_arr = array(array('text' => $LANG28[86], 'field' => $A['grp_gl_core'] == 1 ? 'disabled-checkbox' : 'checkbox', 'sort' => false), array('text' => $LANG_ACCESS['groupname'], 'field' => 'grp_name', 'sort' => true), array('text' => $LANG_ACCESS['description'], 'field' => 'grp_descr', 'sort' => true));
        $defsort_arr = array('field' => 'grp_name', 'direction' => 'asc');
        $form_url = $_CONF['site_admin_url'] . '/group.php?mode=edit&amp;grp_id=' . $grp_id;
        $text_arr = array('has_menu' => false, 'title' => '', 'instructions' => '', 'icon' => '', 'form_url' => $form_url, 'inline' => true);
        if ($A['grp_gl_core'] == 1) {
            $inclause = str_replace(' ', ',', $selected);
            $sql = "SELECT grp_id, grp_name, grp_descr FROM {$_TABLES['groups']} WHERE grp_id <> {$grp_id} AND grp_id IN ({$inclause})";
        } else {
            $xsql = '';
            if (!empty($grp_id)) {
                $xsql = " AND (grp_id <> {$grp_id})";
            }
            $sql = "SELECT grp_id, grp_name, grp_descr FROM {$_TABLES['groups']} WHERE (grp_name <> 'Root')" . $xsql . ' AND ' . $whereGroups;
        }
        $query_arr = array('table' => 'groups', 'sql' => $sql, 'query_fields' => array('grp_name'), 'default_filter' => '', 'query' => '', 'query_limit' => 0);
        $groupoptions = ADMIN_list('groups', 'ADMIN_getListField_groups', $header_arr, $text_arr, $query_arr, $defsort_arr, '', explode(' ', $selected));
    }
    $group_templates->set_var('group_options', $groupoptions);
    if ($A['grp_gl_core'] == 1) {
        $group_templates->set_var('lang_rightsmsg', $LANG_ACCESS['corerightsdescr']);
    } else {
        $group_templates->set_var('lang_rightsmsg', $LANG_ACCESS['rightsdescr']);
    }
    $group_templates->set_var('rights_options', printrights($grp_id, $A['grp_gl_core']));
    $group_templates->set_var('gltoken_name', CSRF_TOKEN);
    $group_templates->set_var('gltoken', $token);
    $group_templates->parse('output', 'editor');
    $retval .= $group_templates->finish($group_templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Exemple #9
0
function fncNew($template)
{
    global $_CONF;
    global $LANG_DATABOX_ADMIN;
    global $LANG_ADMIN;
    $pi_name = "databox";
    $retval = '';
    //-----
    $tmplfld = DATABOX_templatePath('mydata', $template, $pi_name);
    $templates = new Template($tmplfld);
    $templates->set_file('editor', "selectset.thtml");
    $templates->set_var('site_url', $_CONF['site_url']);
    $templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    $token = SEC_createToken();
    $retval .= SEC_getTokenExpiryNotice($token);
    $templates->set_var('gltoken_name', CSRF_TOKEN);
    $templates->set_var('gltoken', $token);
    $templates->set_var('xhtml', XHTML);
    $script = THIS_SCRIPT;
    if ($template != "") {
        $script .= "?template=" . $template;
    }
    $templates->set_var('script', $script);
    //fieldset_id
    $fieldset_id = 0;
    $templates->set_var('lang_fieldset', $LANG_DATABOX_ADMIN['fieldset']);
    $list_fieldset = DATABOX_getoptionlist("fieldset", $fieldset_id, 0, $pi_name, "", 0);
    $templates->set_var('list_fieldset', $list_fieldset);
    $templates->set_var('lang_inst_newdata', $LANG_DATABOX_ADMIN['inst_newdata']);
    $templates->set_var('lang_new', $LANG_DATABOX_ADMIN['new']);
    $templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $templates->parse('output', 'editor');
    $retval .= $templates->finish($templates->get_var('output'));
    return $retval;
}
Exemple #10
0
function fncEdit($id, $edt_flg, $msg = '', $errmsg = "", $mode = "edit")
{
    $pi_name = "userbox";
    global $_CONF;
    global $_TABLES;
    global $LANG_ADMIN;
    global $MESSAGE;
    global $LANG_ACCESS;
    global $_USER;
    global $LANG28;
    global $_SCRIPTS;
    global $_USERBOX_CONF;
    global $LANG_USERBOX_ADMIN;
    $retval = '';
    $delflg = false;
    $addition_def = DATABOX_getadditiondef($pi_name);
    //メッセージ表示
    if (!empty($msg)) {
        $retval .= COM_showMessage($msg, $pi_name);
        $retval .= $errmsg;
        // clean 'em up
        $code = COM_applyFilter($_POST['code']);
        $title = COM_applyFilter($_POST['title']);
        $username = COM_applyFilter($_POST['username']);
        //@@@@@
        $fullname = COM_applyFilter($_POST['fullname']);
        //@@@@@
        $page_title = COM_applyFilter($_POST['page_title']);
        $description = $_POST['description'];
        //COM_applyFilter($_POST['description']);
        $draft_flag = COM_applyFilter($_POST['draft_flag'], true);
        $language_id = COM_applyFilter($_POST['language_id']);
        $category = $_POST['category'];
        $additionfields = $_POST['afield'];
        $additionfields_fnm = $_POST['afield_fnm'];
        //@@@@@
        $additionfields_del = $_POST['afield_del'];
        $additionfields_date = array();
        $additionfields_alt = $_POST['afield_alt'];
        $additionfields = DATABOX_cleanaddtiondatas($additionfields, $addition_def, $additionfields_fnm, $additionfields_del, $additionfields_date, $additionfields_alt, false);
        //作成日付
        $created_month = COM_applyFilter($_POST['created_month'], true);
        $created_day = COM_applyFilter($_POST['created_day'], true);
        $created_year = COM_applyFilter($_POST['created_year'], true);
        $created_hour = COM_applyFilter($_POST['created_hour'], true);
        $created_minute = COM_applyFilter($_POST['created_minute'], true);
        $created = COM_applyFilter($_POST['created']);
        $orderno = COM_applyFilter($_POST['orderno']);
        $uuid = $_USER['uid'];
        $udatetime = COM_applyFilter($_POST['udatetime']);
        //"";
        $fieldset_id = COM_applyFilter($_POST['fieldset'], true);
        //"";
        $fieldset_name = COM_applyFilter($_POST['fieldset_name']);
        //"";
    } else {
        $sql = "SELECT ";
        $sql .= " t.*";
        $sql .= " ,t2.name AS fieldset_name" . LB;
        $sql .= " ,UNIX_TIMESTAMP(t.modified) AS modified_un" . LB;
        $sql .= " ,UNIX_TIMESTAMP(t.released) AS released_un" . LB;
        $sql .= " ,UNIX_TIMESTAMP(t.comment_expire) AS comment_expire_un" . LB;
        $sql .= " ,UNIX_TIMESTAMP(t.expired) AS expired_un" . LB;
        $sql .= " ,UNIX_TIMESTAMP(t.udatetime) AS udatetime_un" . LB;
        $sql .= " ,UNIX_TIMESTAMP(t.created) AS created_un" . LB;
        $sql .= " ,t1.username";
        $sql .= " ,t1.fullname";
        $sql .= " ,unix_timestamp(modified) AS modified_u ";
        $sql .= " FROM ";
        $sql .= $_TABLES['USERBOX_base'] . " AS t";
        $sql .= "," . $_TABLES['users'] . " AS t1";
        $sql .= "," . $_TABLES['USERBOX_def_fieldset'] . " AS t2 " . LB;
        $sql .= " WHERE ";
        $sql .= " t.id = {$id}";
        $sql .= " AND t.id = t1.uid";
        $sql .= " AND t.fieldset_id = t2.fieldset_id" . LB;
        $result = DB_query($sql);
        $A = DB_fetchArray($result);
        $fieldset_id = COM_stripslashes($A['fieldset_id']);
        $fieldset_name = COM_stripslashes($A['fieldset_name']);
        $code = COM_stripslashes($A['code']);
        $title = COM_stripslashes($A['title']);
        $username = COM_stripslashes($A['username']);
        //@@@@@
        $fullname = COM_stripslashes($A['fullname']);
        //@@@@@
        $page_title = COM_stripslashes($A['page_title']);
        $description = COM_stripslashes($A['description']);
        $language_id = COM_stripslashes($A['language_id']);
        $owner_id = COM_stripslashes($A['owner_id']);
        $group_id = COM_stripslashes($A['group_id']);
        $perm_owner = COM_stripslashes($A['perm_owner']);
        $perm_group = COM_stripslashes($A['perm_group']);
        $perm_members = COM_stripslashes($A['perm_members']);
        $perm_anon = COM_stripslashes($A['perm_anon']);
        $category = DATABOX_getdatas("category_id", $_TABLES['USERBOX_category'], "id = {$id}");
        //追加項目
        $additionfields = DATABOX_getadditiondatas($id, $pi_name);
        $additionfields_fnm = array();
        //@@@@@
        $additionfields_del = array();
        $additionfields_date = "";
        $draft_flag = COM_stripslashes($A['draft_flag']);
        //編集日
        $wary = COM_getUserDateTimeFormat(COM_stripslashes($A['modified_un']));
        $modified = $wary[1];
        $modified_month = date('m', $modified);
        $modified_day = date('d', $modified);
        $modified_year = date('Y', $modified);
        $modified_hour = date('H', $modified);
        $modified_minute = date('i', $modified);
        //公開日
        $wary = COM_getUserDateTimeFormat(COM_stripslashes($A['released_un']));
        $released = $wary[1];
        $released_month = date('m', $released);
        $released_day = date('d', $released);
        $released_year = date('Y', $released);
        $released_hour = date('H', $released);
        $released_minute = date('i', $released);
        //公開終了日
        $expired = COM_stripslashes($A['expired']);
        if ($expired === "0000-00-00 00:00:00") {
            $expired_flag = 0;
            $w = mktime(0, 0, 0, date('m'), date('d') + $_CONF['article_comment_close_days'], date('Y'));
            $expired_year = date('Y', $w);
            $expired_month = date('m', $w);
            $expired_day = date('d', $w);
            $expired_hour = 0;
            $expired_minute = 0;
        } else {
            $expired_flag = 1;
            $wary = COM_getUserDateTimeFormat(COM_stripslashes($A['expired_un']));
            $expired = $wary[1];
            $expired_year = date('Y', $expired);
            $expired_month = date('m', $expired);
            $expired_day = date('d', $expired);
            $expired_hour = date('H', $expired);
            $expired_minute = date('i', $expired);
        }
        //作成日付
        $wary = COM_getUserDateTimeFormat(COM_stripslashes($A['created_un']));
        $created = $wary[0];
        $created_un = $wary[1];
        $orderno = COM_stripslashes($A['orderno']);
        $uuid = COM_stripslashes($A['uuid']);
        $wary = COM_getUserDateTimeFormat(COM_stripslashes($A['udatetime_un']));
        $udatetime = $wary[0];
        $defaulttemplatesdirectory = $A['defaulttemplatesdirectory'];
        if ($_CONF['allow_account_delete']) {
            if ($edt_flg == FALSE) {
                $delflg = true;
            }
        }
    }
    $chk_user = DATABOX_chkuser($group_id, $owner_id, "userbox.admin");
    //-----
    $retval .= COM_startBlock($LANG_USERBOX_ADMIN['edit'], '', COM_getBlockTemplate('_admin_block', 'header'));
    //template フォルダ
    if (is_null($template) or $template === "") {
        $set_defaulttemplatesdirectory = DB_getItem($_TABLES['USERBOX_def_fieldset'], "defaulttemplatesdirectory", "fieldset_id=" . $fieldset_id);
        if ($defaulttemplatesdirectory != "") {
            $template = $defaulttemplatesdirectory;
        } elseif ($set_defaulttemplatesdirectory != "") {
            $template = $set_defaulttemplatesdirectory;
        } else {
            $template = "default";
        }
    }
    $tmplfld = DATABOX_templatePath('myprofile', 'default', $pi_name);
    $templates = new Template($tmplfld);
    $templates->set_file(array('editor' => 'profile_editor.thtml', 'row' => 'row.thtml', 'col' => "profile_col_detail.thtml"));
    // Loads jQuery UI datepicker geeklog >=2.1.0
    $_SCRIPTS->setJavaScriptLibrary('jquery.ui.datepicker');
    $_SCRIPTS->setJavaScriptLibrary('jquery-ui-i18n');
    $_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon');
    $_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon-i18n');
    $_SCRIPTS->setJavaScriptFile('datepicker', '/javascript/datepicker.js');
    $_SCRIPTS->setJavaScriptFile('datetimepicker', '/javascript/datetimepicker.js');
    $langCode = COM_getLangIso639Code();
    $toolTip = $MESSAGE[118];
    $imgUrl = $_CONF['site_url'] . '/images/calendar.png';
    //--
    if ($_CONF['meta_tags'] > 0 && $_USERBOX_CONF['meta_tags'] > 0) {
        $templates->set_var('hide_meta', '');
    } else {
        $templates->set_var('hide_meta', ' style="display:none;"');
    }
    $templates->set_var('maxlength_description', $_USERBOX_CONF['maxlength_description']);
    $templates->set_var('about_thispage', $LANG_USERBOX_ADMIN['about_myprofile_profile']);
    $templates->set_var('lang_must', $LANG_USERBOX_ADMIN['must']);
    $templates->set_var('site_url', $_CONF['site_url']);
    $templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    $templates->set_var('lang_view', $LANG_USERBOX_ADMIN['view']);
    $token = SEC_createToken();
    $retval .= SEC_getTokenExpiryNotice($token);
    $templates->set_var('gltoken_name', CSRF_TOKEN);
    $templates->set_var('gltoken', $token);
    $templates->set_var('xhtml', XHTML);
    $templates->set_var('script', THIS_SCRIPT);
    $templates->set_var('dateformat', $_USERBOX_CONF['dateformat']);
    //
    $templates->set_var('lang_link_admin', $LANG_USERBOX_ADMIN['link_admin']);
    $templates->set_var('lang_link_admin_top', $LANG_USERBOX_ADMIN['link_admin_top']);
    $templates->set_var('lang_link_public', $LANG_USERBOX_ADMIN['link_public']);
    $templates->set_var('lang_link_list', $LANG_USERBOX_ADMIN['link_list']);
    $templates->set_var('lang_link_detail', $LANG_USERBOX_ADMIN['link_detail']);
    //fieldset_id
    $templates->set_var('lang_fieldset', $LANG_USERBOX_ADMIN['fieldset']);
    $templates->set_var('fieldset_id', $fieldset_id);
    $templates->set_var('fieldset_name', $fieldset_name);
    //id
    $templates->set_var('lang_id', $LANG_USERBOX_ADMIN['id']);
    //@@@@@ $templates->set_var('help_id', $LANG_USERBOX_ADMIN['help']);
    $templates->set_var('id', $id);
    //$LANG28 = array(
    //    2 => 'ユーザID',
    //    3 => 'ユーザ名', username
    //    4 => '氏名', fullname
    $templates->set_var('lang_uid', $LANG28['2']);
    $templates->set_var('lang_username', $LANG28['3']);
    $templates->set_var('username', $username);
    $templates->set_var('lang_fullname', $LANG28['4']);
    $templates->set_var('fullname', $fullname);
    //下書
    $templates->set_var('lang_draft', $LANG_USERBOX_ADMIN['draft']);
    if ($draft_flag == 1) {
        $templates->set_var('draft_flag', "checked=checked");
        $templates->set_var('draft_msg', $LANG_USERBOX_ADMIN['draft_msg']);
    } else {
        $templates->set_var('draft_flag', "");
        $templates->set_var('draft_msg', "");
    }
    //
    $templates->set_var('lang_field', $LANG_USERBOX_ADMIN['field']);
    $templates->set_var('lang_fields', $LANG_USERBOX_ADMIN['fields']);
    $templates->set_var('lang_content', $LANG_USERBOX_ADMIN['content']);
    $templates->set_var('lang_templatesetvar', $LANG_USERBOX_ADMIN['templatesetvar']);
    //基本項目
    $templates->set_var('lang_basicfields', $LANG_USERBOX_ADMIN['basicfields']);
    //コード&タイトル&説明&テンプレートセット値
    $templates->set_var('lang_code', $LANG_USERBOX_ADMIN['code']);
    if ($_USERBOX_CONF['datacode']) {
        $templates->set_var('lang_must_code', $LANG_USERBOX_ADMIN['must']);
    } else {
        $templates->set_var('lang_must_code', "");
    }
    $templates->set_var('code', $code);
    $templates->set_var('lang_title', $LANG_USERBOX_ADMIN['title']);
    $templates->set_var('title', $title);
    $templates->set_var('lang_page_title', $LANG_USERBOX_ADMIN['page_title']);
    $templates->set_var('page_title', $page_title);
    $templates->set_var('lang_description', $LANG_USERBOX_ADMIN['description']);
    $templates->set_var('description', $description);
    //language_id
    if (is_array($_CONF['languages'])) {
        $templates->set_var('hide_language_id', '');
        $select_language_id = DATABOX_getoptionlist("language_id", $language_id, 0, $pi_name, "", 0);
    } else {
        $templates->set_var('hide_language_id', ' style="display:none;"');
        $select_language_id = "";
    }
    $templates->set_var('lang_language_id', $LANG_USERBOX_ADMIN['language_id']);
    $templates->set_var('language_id', $language_id);
    $templates->set_var('select_language_id', $select_language_id);
    //@@@@@
    //編集日
    $templates->set_var('lang_modified_autoupdate', $LANG_USERBOX_ADMIN['modified_autoupdate']);
    $templates->set_var('lang_modified', $LANG_USERBOX_ADMIN['modified']);
    $w = COM_convertDate2Timestamp($modified_year . "-" . $modified_month . "-" . $modified_day, $modified_hour . ":" . $modified_minute . "::00");
    $datetime_modified = DATABOX_datetimeedit($w, "LANG_DATABOX_ADMIN", "modified");
    $templates->set_var('datetime_modified', $datetime_modified);
    //カテゴリ
    $templates->set_var('lang_category', $LANG_USERBOX_ADMIN['category']);
    $checklist_category = DATABOX_getcategoriesinp($category, $fieldset_id, $pi_name);
    $templates->set_var('checklist_category', $checklist_category);
    //追加項目
    $templates->set_var('lang_additionfields', $LANG_USERBOX_ADMIN['additionfields']);
    $rt = DATABOX_getaddtionfieldsEdit($additionfields, $addition_def, $templates, $chk_user, $pi_name, $additionfields_fnm, $additionfields_del, $fieldset_id, $additionfields_date);
    //保存日時
    $templates->set_var('lang_udatetime', $LANG_USERBOX_ADMIN['udatetime']);
    $templates->set_var('udatetime', $udatetime);
    $templates->set_var('lang_uuid', $LANG_USERBOX_ADMIN['uuid']);
    $templates->set_var('uuid', $uuid);
    //作成日付
    $templates->set_var('lang_created', $LANG_USERBOX_ADMIN['created']);
    $templates->set_var('created', $created);
    // SAVE、CANCEL ボタン
    $templates->set_var('lang_save', $LANG_ADMIN['save']);
    $templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $templates->set_var('lang_preview', $LANG_ADMIN['preview']);
    //delete_option
    if ($delflg) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
    }
    //
    $templates->parse('output', 'editor');
    $retval .= $templates->finish($templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
 /**
  * Show editor
  *
  * @param array $A
  */
 public static function adminShowEditor(array $A = array())
 {
     global $_CONF, $_FINPUT, $LANG_ADMIN, $LANG_LANG, $MESSAGE, $_TABLES;
     self::checkAccessRights();
     $id = $_FINPUT->get('id', $_FINPUT->post('id', 0));
     $id = intval($id, 10);
     if ($id < 1) {
         $id = 0;
     }
     if ($id === 0) {
         $A = self::getEmptyRecord();
     } elseif (count($A) === 0) {
         $sql = "SELECT * FROM {$_TABLES['language_items']} WHERE id = {$id} ";
         $resultSet = DB_query($sql);
         if (DB_numRows($resultSet) == 1) {
             $A = DB_fetchArray($resultSet, false);
         } else {
             $id = 0;
             $A = self::getEmptyRecord();
         }
     } else {
         $id = $A['id'];
     }
     // Get UI language options
     $languageOptions = '';
     $currentLanguage = COM_getLanguage();
     foreach (glob($_CONF['path_language'] . '*.php') as $language) {
         $language = basename($language);
         $language = str_replace('.php', '', $language);
         $isCurrent = $language === $currentLanguage ? ' selected="selected"' : '';
         $languageOptions .= "<option{$isCurrent}>{$language}</option>" . PHP_EOL;
     }
     $isNew = $id === 0;
     if ($isNew) {
         $deleteOption = '';
         $allow_delete = false;
     } else {
         $deleteOption = '<li><input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode" class="submit" onclick="return confirm(\'' . $MESSAGE[76] . '\');"' . XHTML . '</li>';
         $allow_delete = true;
     }
     $token = SEC_createToken(self::SEC_TOKEN_LIFESPAN);
     $content = COM_startBlock($LANG_LANG['language_editor'], '', COM_getBlockTemplate('_admin_block', 'header'));
     $content .= SEC_getTokenExpiryNotice($token);
     $editor = COM_newTemplate($_CONF['path_layout'] . 'admin/language');
     $editor->set_file('language_editor', 'language_editor.thtml');
     $editor->set_var(array('id' => $A['id'], 'id_to_display' => $isNew ? 'N/A' : $A['id'], 'var_name' => $A['var_name'], 'language' => $A['language'], 'language_options' => $languageOptions, 'name' => $A['name'], 'value' => $A['value'], 'site_admin_url' => $_CONF['site_admin_url'], 'delete_option' => $deleteOption, 'allow_delete' => $allow_delete, 'lang_language_editor' => $LANG_LANG['language_editor'], 'lang_id' => $LANG_LANG['id'], 'lang_var_name' => $LANG_LANG['var_name'], 'lang_language' => $LANG_LANG['language'], 'lang_name' => $LANG_LANG['name'], 'lang_value' => $LANG_LANG['value'], 'lang_save' => $LANG_ADMIN['save'], 'lang_delete' => $LANG_ADMIN['delete'], 'lang_cancel' => $LANG_ADMIN['cancel'], 'confirm_message' => $MESSAGE[76], 'token_name' => CSRF_TOKEN, 'token_value' => $token));
     $editor->parse('output', 'language_editor');
     $content .= $editor->finish($editor->get_var('output'));
     $content .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
     $display = COM_createHTMLDocument($content, array('pagetitle' => 'Language Items'));
     COM_output($display);
 }
function LIB_Edit($pi_name, $id, $edt_flg, $msg = '', $errmsg = "", $mode = "edit")
{
    global $_CONF;
    global $_TABLES;
    global $LANG_ADMIN;
    global $MESSAGE;
    global $LANG_ACCESS;
    global $_USER;
    $lang_box_admin = "LANG_" . strtoupper($pi_name) . "_ADMIN";
    global ${$lang_box_admin};
    $lang_box_admin = ${$lang_box_admin};
    $lang_box = "LANG_" . strtoupper($pi_name);
    global ${$lang_box};
    $lang_box = ${$lang_box};
    $table = $_TABLES[strtoupper($pi_name) . '_def_category'];
    $table2 = $_TABLES[strtoupper($pi_name) . '_category'];
    //$lang_box_noyes="LANG_".strtoupper($pi_name)."_NOYES";
    //global $$lang_box_noyes;
    //$lang_box_noyes=$$lang_box_noyes;
    $retval = '';
    $delflg = false;
    $wkcnt = DB_count($table2, "category_id", $id);
    if (!empty($msg)) {
        $retval .= COM_showMessage($msg, $pi_name);
        $retval .= $errmsg;
        // clean 'em up
        $code = COM_applyFilter($_POST['code']);
        $name = COM_applyFilter($_POST['name']);
        $description = COM_applyFilter($_POST['description']);
        $defaulttemplatesdirectory = COM_applyFilter($_POST['defaulttemplatesdirectory']);
        //@@@@@@
        $parent_id = COM_applyFilter($_POST['parent_id'], true);
        $categorygroup_id = COM_applyFilter($_POST['group'], true);
        //@@@@@@
        $orderno = COM_applyFilter($_POST['orderno']);
        $uuid = $_USER['uid'];
    } else {
        if (empty($id)) {
            $id = 0;
            $code = "";
            $name = "";
            $description = "";
            $defaulttemplatesdirectory = "";
            $categorygroup_id = "";
            $parent_id = "";
            $orderno = "";
            $uuid = 0;
            $udatetime = "";
            //"";
        } else {
            $sql = "SELECT ";
            $sql .= " *";
            $sql .= " FROM ";
            $sql .= $table;
            $sql .= " WHERE ";
            $sql .= " category_id = {$id}";
            $result = DB_query($sql);
            $A = DB_fetchArray($result);
            $code = COM_stripslashes($A['code']);
            $name = COM_stripslashes($A['name']);
            $description = COM_stripslashes($A['description']);
            $defaulttemplatesdirectory = COM_stripslashes($A['defaulttemplatesdirectory']);
            $parent_id = COM_stripslashes($A['parent_id']);
            $categorygroup_id = COM_stripslashes($A['categorygroup_id']);
            $orderno = COM_stripslashes($A['orderno']);
            $uuid = COM_stripslashes($A['uuid']);
            $udatetime = COM_stripslashes($A['udatetime']);
            // データがあれば削除させない
            if ($edt_flg == FALSE) {
                $delflg = true;
            }
        }
    }
    if ($mode === "copy") {
        $id = 0;
        //作成日付
        $created = 0;
        $created_month = 0;
        $created_day = 0;
        $created_year = 0;
        $created_hour = 0;
        $created_minute = 0;
        //
        $delflg = false;
    }
    $retval .= COM_startBlock($lang_box_admin['edit'], '', COM_getBlockTemplate('_admin_block', 'header'));
    $tmplfld = DATABOX_templatePath('admin', 'default', $pi_name);
    $templates = new Template($tmplfld);
    $templates->set_file('editor', "category_editor.thtml");
    //--
    $templates->set_var('about_thispage', $lang_box_admin['about_admin_category']);
    $templates->set_var('lang_must', $lang_box_admin['must']);
    $templates->set_var('site_url', $_CONF['site_url']);
    $templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    //--
    $token = SEC_createToken();
    $retval .= SEC_getTokenExpiryNotice($token);
    $templates->set_var('gltoken_name', CSRF_TOKEN);
    $templates->set_var('gltoken', $token);
    $templates->set_var('xhtml', XHTML);
    $templates->set_var('script', THIS_SCRIPT);
    //
    $templates->set_var('lang_link_admin', $lang_box_admin['link_admin']);
    $templates->set_var('lang_link_admin_top', $lang_box_admin['link_admin_top']);
    //id
    $templates->set_var('lang_category_id', $lang_box_admin['category_id']);
    $templates->set_var('id', $id);
    //コード、名前&説明
    $templates->set_var('lang_code', $lang_box_admin['code']);
    $templates->set_var('code', $code);
    $templates->set_var('lang_name', $lang_box_admin['name']);
    $templates->set_var('name', $name);
    $templates->set_var('lang_description', $lang_box_admin['description']);
    $templates->set_var('description', $description);
    //
    $templates->set_var('lang_defaulttemplatesdirectory', $lang_box_admin['defaulttemplatesdirectory']);
    $templates->set_var('defaulttemplatesdirectory', $defaulttemplatesdirectory);
    $select_defaulttemplatesdirectory = LIB_templatesdirectory($pi_name, $defaulttemplatesdirectory);
    $templates->set_var('select_defaulttemplatesdirectory', $select_defaulttemplatesdirectory);
    //parent
    $templates->set_var('lang_parent', $lang_box_admin['parent']);
    if ($wkcnt > 0) {
        $disabled = "disabled";
    } else {
        $disabled = "";
    }
    $list_parent = DATABOX_getoptionlist("parent", $parent_id, 0, $pi_name, $disabled);
    $templates->set_var('list_parent', $list_parent);
    //group
    $templates->set_var('lang_group', $lang_box_admin['group']);
    $list_group = DATABOX_getoptionlist("group", $categorygroup_id, 0, $pi_name, "", 0);
    //@@@@@
    $templates->set_var('list_group', $list_group);
    //順序
    $templates->set_var('lang_orderno', $lang_box_admin['orderno']);
    $templates->set_var('orderno', $orderno);
    //保存日時
    $templates->set_var('lang_udatetime', $lang_box_admin['udatetime']);
    $templates->set_var('udatetime', $udatetime);
    $templates->set_var('lang_uuid', $lang_box_admin['uuid']);
    $templates->set_var('uuid', $uuid);
    // SAVE、CANCEL ボタン
    $templates->set_var('lang_save', $LANG_ADMIN['save']);
    $templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $templates->set_var('lang_preview', $LANG_ADMIN['preview']);
    //delete_option
    if ($delflg) {
        if ($wkcnt > 0) {
            $templates->set_var('lang_delete_help', $lang_box_admin['delete_help_category']);
        } else {
            $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s>';
            $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
            $templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        }
    }
    //
    $templates->parse('output', 'editor');
    $retval .= $templates->finish($templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
function fncEdit($message = "", $wkymlmguserflg = false)
{
    global $_CONF;
    global $_TABLES;
    global $LANG_ASSIST_ADMIN;
    global $LANG_ADMIN;
    global $_ASSIST_CONF;
    global $LANG_ASSIST_INTROBODY;
    global $LANG_ASSIST_TOENV;
    global $LANG31;
    global $_SCRIPTS;
    $retval = '';
    //メッセージ表示
    if (!empty($message)) {
        $retval .= COM_startBlock($LANG_ASSIST_ADMIN['msg'], '', COM_getBlockTemplate('_msg_block', 'header'));
        $retval .= $message;
        $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
        // clean 'em up
        $fromname = COM_applyFilter($_POST['fromname']);
        $replyto = COM_applyFilter($_POST['replyto']);
        $sprefix = COM_applyFilter($_POST['sprefix']);
        $sid = COM_applyFilter($_POST['sid']);
        $testto = COM_applyFilter($_POST['testto']);
        $uidfrom = COM_applyFilter($_POST['uidfrom'], true);
        $uidto = COM_applyFilter($_POST['uidto'], true);
        // hiroron start 2010/07/13
        $dt_year = COM_applyFilter($_POST['datetime_year'], true);
        $dt_month = COM_applyFilter($_POST['datetime_month'], true);
        $dt_day = COM_applyFilter($_POST['datetime_day'], true);
        $dt_hour = COM_applyFilter($_POST['datetime_hour'], true);
        $dt_minute = COM_applyFilter($_POST['datetime_minute'], true);
        $datetime_value = COM_convertDate2Timestamp($dt_year . '-' . $dt_month . '-' . $dt_day, $dt_hour . ':' . $dt_minute . ':00');
        // 冒頭文 本文 introbody
        $introbody = COM_applyFilter($_POST['introbody'], true);
        //送信先環境
        $toenv = COM_applyFilter($_POST['toenv'], true);
        //送信先グループ
        $selectgroup = COM_applyFilter($_POST['selectgroup'], true);
        // ユーザの受信許可設定を無視して送る
        $overstyr = COM_applyFilter($_POST['overstyr'], true);
        //一括予約
        $bulkmm = COM_applyFilter($_POST['bulkmm'], true);
        $bulkcnt = COM_applyFilter($_POST['bulkcnt'], true);
    } else {
        $fromname = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_fromname'");
        $fromname = COM_stripslashes($fromname);
        if ($fromname == "") {
            $fromname = $_CONF['site_name'];
        }
        $replyto = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_replyto'");
        $replyto = COM_stripslashes($replyto);
        if ($replyto == "") {
            $replyto = $_CONF['site_mail'];
        }
        $sprefix = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_sprefix'");
        $sprefix = COM_stripslashes($sprefix);
        $sid = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_sid'");
        $sid = COM_stripslashes($sid);
        $testto = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_testto'");
        $testto = COM_stripslashes($testto);
        $uidfrom = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_uidfrom'");
        $uidfrom = COM_stripslashes($uidfrom);
        $uidto = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_uidto'");
        $uidto = COM_stripslashes($uidto);
        // hiroron start 2010/07/13
        $datetime_value = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_re_datetime'");
        // 冒頭文 本文 introbody
        $introbody = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_introbody'");
        //送信先環境
        $toenv = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_toenv'");
        //送信先グループ
        $selectgroup = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_selectgroup'");
        // ユーザの受信許可設定を無視して送る
        $overstyr = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_overstyr'");
        $bulkmm = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_bulkmm'");
        $bulkcnt = DB_getItem($_TABLES['vars'], 'value', "name = 'assist_bulkcnt'");
    }
    $retval .= COM_startBlock($LANG_ASSIST_ADMIN['edit'], '', COM_getBlockTemplate('_admin_block', 'header'));
    $pi_name = "assist";
    $tmplfld = assist_templatePath('admin', 'default', $pi_name);
    $templates = new Template($tmplfld);
    // Loads jQuery UI datepicker
    if (version_compare(VERSION, '2.0.0') >= 0) {
        $_SCRIPTS->setJavaScriptLibrary('jquery.ui.datepicker');
        $_SCRIPTS->setJavaScriptLibrary('jquery-ui-i18n');
        $_SCRIPTS->setJavaScriptFile('datepicker', '/javascript/datepicker.js');
        $langCode = COM_getLangIso639Code();
        $toolTip = 'Click and select a date';
        // Should be translated
        $imgUrl = $_CONF['site_url'] . '/images/calendar.png';
        $_SCRIPTS->setJavaScript("jQuery(function () {" . "  geeklog.datepicker.set('datetime', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . "});", TRUE, TRUE);
    }
    $templates->set_file('editor', "newsletter.thtml");
    //--
    $templates->set_var('lang_must', $LANG_ASSIST_ADMIN['must']);
    $templates->set_var('site_url', $_CONF['site_url']);
    $templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    $token = SEC_createToken();
    $retval .= SEC_getTokenExpiryNotice($token);
    $templates->set_var('gltoken_name', CSRF_TOKEN);
    $templates->set_var('gltoken', $token);
    $templates->set_var('xhtml', XHTML);
    $templates->set_var('script', THIS_PLUGIN . "/" . THIS_SCRIPT);
    //-----
    $w = "";
    $logfile = $_CONF['path_log'] . 'assist_newsletter.log';
    if (!file_exists($logfile)) {
        $w .= sprintf($LANG_ASSIST_ADMIN['mail_logfile'], $logfile);
    } else {
        if (!is_writable($logfile)) {
            $w .= sprintf($LANG_ASSIST_ADMIN['mail_logfile'], $logfile);
        }
    }
    $tid = $_ASSIST_CONF['newsletter_tid'];
    $topicname = DB_getItem($_TABLES['topics'], 'topic', "tid = '{$tid}'");
    if ($topicname == "") {
        $topicname = $tid;
    }
    $w .= sprintf($LANG_ASSIST_ADMIN['mail_msg'], $topicname);
    $templates->set_var('mail_msg', $w);
    $templates->set_var('mail_msg1', $LANG_ASSIST_ADMIN['mail_msg1']);
    $templates->set_var('mail_msg2', $LANG_ASSIST_ADMIN['mail_msg2']);
    $templates->set_var('mail_msg3', $LANG_ASSIST_ADMIN['mail_msg3']);
    $templates->set_var('mail_msg4', $LANG_ASSIST_ADMIN['mail_msg4']);
    $templates->set_var('lang_fromname', $LANG_ASSIST_ADMIN['fromname']);
    //@@@@@ $templates->set_var('help_fromname', $LANG_ASSIST_ADMIN['help']);
    $templates->set_var('fromname', $fromname);
    //replyto
    $templates->set_var('lang_replyto', $LANG_ASSIST_ADMIN['replyto']);
    $templates->set_var('replyto', $replyto);
    //subject_prefix
    $templates->set_var('lang_sprefix', $LANG_ASSIST_ADMIN['sprefix']);
    $templates->set_var('sprefix', $sprefix);
    //sid
    $templates->set_var('lang_sid', $LANG_ASSIST_ADMIN['sid']);
    $templates->set_var('sid', $sid);
    //FOR GL2.0.0
    if (COM_versionCompare(VERSION, "2.0.0", '>=')) {
        //$where ="s.sid = t.id AND t.tid=\"".$tid."\"";
        //$tables="{$_TABLES['stories']} AS s ,{$_TABLES['topic_assignments']} AS ta";
        $topics = TOPIC_getChildList($tid);
        $where = "s.sid = ta.id ";
        if ($topics == "") {
            $where .= " AND tid=\"" . $tid . "\"";
        } else {
            $where .= " AND ta.tid IN ({$topics})";
        }
        $tables = "{$_TABLES['stories']} AS s ";
        $tables .= " ,{$_TABLES['topic_assignments']} AS ta";
        $optionlist_sid = "<option value=''>{$LANG_ASSIST_ADMIN['select_sid']}</option>" . LB;
        $optionlist_sid .= COM_optionList($tables, 'distinct s.sid,s.title,s.date*-1', $sid, 2, $where);
    } else {
        $where = "tid=\"" . $tid . "\"";
        $optionlist_sid = "<option value=''>{$LANG_ASSIST_ADMIN['select_sid']}</option>" . LB;
        $optionlist_sid .= COM_optionList($_TABLES['stories'], 'sid,title,date*-1', $sid, 2, $where);
    }
    $templates->set_var('optionlist_sid', $optionlist_sid);
    // 冒頭文 本文 introbody
    $templates->set_var('lang_introbody', $LANG_ASSIST_ADMIN['introbody']);
    $list_introbody = assist_getradiolist($LANG_ASSIST_INTROBODY, "introbody", $introbody);
    $templates->set_var('list_introbody', $list_introbody);
    //送信先環境
    $templates->set_var('lang_toenv', $LANG_ASSIST_ADMIN['toenv']);
    $list_toenv = assist_getradiolist($LANG_ASSIST_TOENV, "toenv", $toenv);
    $templates->set_var('list_toenv', $list_toenv);
    //送信先グループ
    $thisUsersGroups = SEC_getUserGroups();
    uksort($thisUsersGroups, 'strcasecmp');
    $optionlist_selectgroup = '';
    if ($wkymlmguserflg == true) {
        $optionlist_selectgroup .= '<option value="' . 99999 . '"';
        if ($selectgroup > 0 && $selectgroup == "99999") {
            $optionlist_selectgroup .= ' selected="selected"';
        }
        $optionlist_selectgroup .= '>' . $LANG_ASSIST_ADMIN['wkymlmguser_user'] . '</option>' . LB;
    }
    foreach ($thisUsersGroups as $groupName => $groupID) {
        if ($groupName != 'All Users') {
            $optionlist_selectgroup .= '<option value="' . $groupID . '"';
            if ($selectgroup > 0 && $selectgroup == $groupID) {
                $optionlist_selectgroup .= ' selected="selected"';
            }
            $optionlist_selectgroup .= '>' . ucwords($groupName) . '</option>' . LB;
        }
    }
    $templates->set_var('lang_selectgroup', $LANG_ASSIST_ADMIN['selectgroup']);
    $templates->set_var('optionlist_selectgroup', $optionlist_selectgroup);
    // ユーザの受信許可設定を無視して送る
    $templates->set_var('lang_overstyr', $LANG31['14']);
    if ($overstyr == 0) {
        $templates->set_var('is_checked_overstyr', '');
    } else {
        $templates->set_var('is_checked_overstyr', 'checked="checked"');
    }
    //testto
    $templates->set_var('lang_testto', $LANG_ASSIST_ADMIN['testto']);
    $templates->set_var('testto', $testto);
    //uidfrom-to
    $templates->set_var('lang_sendto', $LANG_ASSIST_ADMIN['sendto']);
    $templates->set_var('lang_uidfrom', $LANG_ASSIST_ADMIN['uidfrom']);
    $templates->set_var('uidfrom', $uidfrom);
    $templates->set_var('lang_uidto', $LANG_ASSIST_ADMIN['uidto']);
    $templates->set_var('uidto', $uidto);
    $templates->set_var('lang_sendto_remarks', $LANG_ASSIST_ADMIN['sendto_remarks']);
    if ($wkymlmguserflg == true) {
        $templates->set_var('user_wkymlmguser', $LANG_ASSIST_ADMIN['wkymlmguser_on']);
    } else {
        $templates->set_var('user_wkymlmguser', $LANG_ASSIST_ADMIN['wkymlmguser_off']);
    }
    // hiroron start 2010/07/13
    if ($datetime_value === "") {
        $datetime_value = time();
    }
    $datetime_month = date('m', $datetime_value);
    $datetime_day = date('d', $datetime_value);
    $datetime_year = date('Y', $datetime_value);
    $datetime_hour = date('H', $datetime_value);
    $datetime_minute = date('i', $datetime_value);
    $month_options = COM_getMonthFormOptions($datetime_month);
    $day_options = COM_getDayFormOptions($datetime_day);
    $year_options = COM_getYearFormOptions($datetime_year);
    $hour_options = COM_getHourFormOptions($datetime_hour, 24);
    $minute_options = COM_getMinuteFormOptions($datetime_minute);
    $templates->set_var('lang_reserv_datetime', $LANG_ASSIST_ADMIN['reserv_datetime']);
    $templates->set_var('datetime', 'datetime');
    $templates->set_var('datetime_year_options', $year_options);
    $templates->set_var('datetime_month_options', $month_options);
    $templates->set_var('datetime_day_options', $day_options);
    $templates->set_var('datetime_hour_options', $hour_options);
    $templates->set_var('datetime_minute_options', $minute_options);
    $templates->set_var('lang_yy', $LANG_ASSIST_ADMIN['yy']);
    $templates->set_var('lang_mm', $LANG_ASSIST_ADMIN['mm']);
    $templates->set_var('lang_dd', $LANG_ASSIST_ADMIN['dd']);
    // hiroron end 2010/07/13
    $templates->set_var('lang_reserv_datetime_remarks', $LANG_ASSIST_ADMIN['reserv_datetime_remarks']);
    //予約送信
    //$templates->set_var( 'lang_bulkbooking', $LANG_ASSIST_ADMIN['mail_bulkbooking']);
    $templates->set_var('minute', $LANG_ASSIST_ADMIN['minute']);
    $templates->set_var('every', $LANG_ASSIST_ADMIN['every']);
    $templates->set_var('increments', $LANG_ASSIST_ADMIN['increments']);
    $templates->set_var('bulkmm', $bulkmm);
    $templates->set_var('bulkcnt', $bulkcnt);
    // SAVE、CANCEL ボタン
    $templates->set_var('lang_save', $LANG_ADMIN['save']);
    $templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $templates->set_var('lang_testsend', $LANG_ASSIST_ADMIN['mail_test']);
    $templates->set_var('lang_send', $LANG_ASSIST_ADMIN['mail_send']);
    // hiroron start 2010/07/13
    $templates->set_var('lang_reserv', $LANG_ASSIST_ADMIN['mail_reserv']);
    // hiroron end 2010/07/13
    // hiroron start 2010/07/15
    $templates->set_var('list_reserv', fncListReserv());
    // hiroron end 2010/07/15
    //
    $templates->parse('output', 'editor');
    $retval .= $templates->finish($templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
function LIB_editgroups($pi_name, $id)
{
    global $_CONF;
    global $_TABLES;
    global $LANG_ADMIN;
    global $LANG09;
    $lang_box_admin = "LANG_" . strtoupper($pi_name) . "_ADMIN";
    global ${$lang_box_admin};
    $lang_box_admin = ${$lang_box_admin};
    $lang_box = "LANG_" . strtoupper($pi_name);
    global ${$lang_box};
    $lang_box = ${$lang_box};
    //global  $_USER;
    global $LANG_ACCESS;
    global $LANG28;
    require_once $_CONF['path_system'] . 'lib-admin.php';
    $retval = '';
    $table = $_TABLES[strtoupper($pi_name) . '_def_fieldset'];
    $fieldset_name = DB_getItem($table, 'name', "fieldset_id = {$id}");
    $fieldset_listing_url = $_CONF['site_admin_url'] . "/plugins/" . THIS_SCRIPT;
    //MENU1:管理画面
    $url2 = $_CONF['site_url'] . '/admin/plugins/' . $pi_name . '/fieldset.php';
    $menu_arr[] = array('url' => $url2, 'text' => $lang_box_admin['fieldsetlist']);
    $menu_arr[] = array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']);
    $retval .= COM_startBlock($lang_box_admin['admin_list'] . " - {$fieldset_name}", '', COM_getBlockTemplate('_admin_block', 'header'));
    $function = "plugin_geticon_" . $pi_name;
    $icon = $function();
    $retval .= ADMIN_createMenu($menu_arr, $lang_box_admin['inst_fieldsetgroups'], $icon);
    $tmplfld = DATABOX_templatePath('admin', 'default', $pi_name);
    $templates = new Template($tmplfld);
    $templates->set_file('editor', "fieldset_groups.thtml");
    //--
    $templates->set_var('site_url', $_CONF['site_url']);
    $templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    $token = SEC_createToken();
    $retval .= SEC_getTokenExpiryNotice($token);
    $templates->set_var('gltoken_name', CSRF_TOKEN);
    $templates->set_var('gltoken', $token);
    $templates->set_var('xhtml', XHTML);
    $templates->set_var('script', THIS_SCRIPT);
    //
    $templates->set_var('lang_link_admin', $lang_box_admin['link_admin']);
    $templates->set_var('lang_link_admin_top', $lang_box_admin['link_admin_top']);
    $templates->set_var('LANG_fieldsetgroups', $lang_box_admin['fieldsetgroupsregistered']);
    $templates->set_var('fieldsetgroups', LIB_selectGroups($pi_name, $id, true));
    $templates->set_var('LANG_grouplist', $lang_box_admin['grouplist']);
    $templates->set_var('group_list', LIB_selectGroups($pi_name, $id));
    $templates->set_var('LANG_add', $LANG_ACCESS['add']);
    $templates->set_var('LANG_remove', $LANG_ACCESS['remove']);
    $templates->set_var('lang_save', $LANG_ADMIN['save']);
    $templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $templates->set_var('id', $id);
    $templates->parse('output', 'editor');
    $retval .= $templates->finish($templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Exemple #15
0
function fncexportform()
{
    global $_CONF;
    global $_USERBOX_CONF;
    global $LANG_USERBOX_ADMIN;
    global $LANG_ADMIN;
    $pi_name = "userbox";
    //-----
    $tmpl = new Template($_CONF['path'] . "plugins/" . THIS_PLUGIN . "/templates/admin/");
    $tmpl->set_file(array('exportform' => 'exportform.thtml'));
    $tmpl->set_var('site_admin_url', $_CONF['site_admin_url']);
    $token = SEC_createToken();
    $retval .= SEC_getTokenExpiryNotice($token);
    $tmpl->set_var('gltoken_name', CSRF_TOKEN);
    $tmpl->set_var('gltoken', $token);
    $tmpl->set_var('xhtml', XHTML);
    $tmpl->set_var('script', THIS_SCRIPT);
    $tmpl->set_var('actionname', $LANG_USERBOX_ADMIN['export']);
    $tmpl->set_var('lang_inst', $LANG_USERBOX_ADMIN['inst_dataexport']);
    //fieldset_id
    $fieldset_id = "all";
    $tmpl->set_var('lang_fieldset', $LANG_USERBOX_ADMIN['fieldset']);
    $list_fieldset = DATABOX_getoptionlist("fieldset", $fieldset_id, 0, $pi_name, "", "all");
    $tmpl->set_var('list_fieldset', $list_fieldset);
    $tmpl->set_var('lang_export', $LANG_USERBOX_ADMIN["export"]);
    $tmpl->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $tmpl->parse('output', 'exportform');
    $exportform = $tmpl->finish($tmpl->get_var('output'));
    $retval .= $exportform;
    return $retval;
}
Exemple #16
0
function LIB_Edit($pi_name, $id, $edt_flg, $msg = '', $errmsg = "", $mode = "edit")
{
    global $_CONF;
    global $_TABLES;
    global $LANG_ADMIN;
    global $MESSAGE;
    global $LANG_ACCESS;
    global $_USER;
    $box_conf = "_" . strtoupper($pi_name) . "_CONF";
    global ${$box_conf};
    $box_conf = ${$box_conf};
    $lang_box_admin = "LANG_" . strtoupper($pi_name) . "_ADMIN";
    global ${$lang_box_admin};
    $lang_box_admin = ${$lang_box_admin};
    $lang_box = "LANG_" . strtoupper($pi_name);
    global ${$lang_box};
    $lang_box = ${$lang_box};
    $lang_box_noyes = "LANG_" . strtoupper($pi_name) . "_NOYES";
    global ${$lang_box_noyes};
    $lang_box_noyes = ${$lang_box_noyes};
    $lang_box_type = "LANG_" . strtoupper($pi_name) . "_TYPE";
    global ${$lang_box_type};
    $lang_box_type = ${$lang_box_type};
    $lang_box_allow_display = "LANG_" . strtoupper($pi_name) . "_ALLOW_DISPLAY";
    global ${$lang_box_allow_display};
    $lang_box_allow_display = ${$lang_box_allow_display};
    $lang_box_allow_edit = "LANG_" . strtoupper($pi_name) . "_ALLOW_EDIT";
    global ${$lang_box_allow_edit};
    $lang_box_allow_edit = ${$lang_box_allow_edit};
    $table = $_TABLES[strtoupper($pi_name) . '_def_field'];
    //        $cur_year = date( 'Y' );
    //        $year_startoffset=1990 - $cur_year +1;
    //        $year_endoffset=0;
    $retval = '';
    $delflg = false;
    //メッセージ表示
    if (!empty($msg)) {
        $retval .= COM_showMessage($msg, $pi_name);
        $retval .= $errmsg;
        // clean 'em up
        $name = COM_applyFilter($_POST['name']);
        $templatesetvar = COM_applyFilter($_POST['templatesetvar']);
        $fieldgroup_id = COM_applyFilter($_POST['group'], true);
        $type = COM_applyFilter($_POST['type']);
        $description = COM_applyFilter($_POST['description']);
        $allow_display = COM_applyFilter($_POST['allow_display'], true);
        $allow_edit = COM_applyFilter($_POST['allow_edit'], true);
        $selection = COM_applyFilter($_POST['selection']);
        $selectlist = COM_applyFilter($_POST['selectlist']);
        $checkrequried = COM_applyFilter($_POST['checkrequried']);
        $size = COM_applyFilter($_POST['size'], true);
        $maxlength = COM_applyFilter($_POST['maxlength'], true);
        $rows = COM_applyFilter($_POST['rows'], true);
        $orderno = COM_applyFilter($_POST['orderno']);
        $uuid = $_USER['uid'];
    } else {
        if (empty($id)) {
            $id = 0;
            $name = "";
            $templatesetvar = "";
            $description = "";
            $allow_display = "";
            $allow_edit = "";
            $type = "";
            $selection = "";
            $selectlist = "";
            $checkrequried = "";
            $size = 60;
            $maxlength = 160;
            $rows = 2;
            $br = 0;
            $fieldgroup_id = "";
            $orderno = "";
            $uuid = 0;
            $udatetime = "";
            //"";
        } else {
            $sql = "SELECT ";
            $sql .= " *";
            $sql .= " FROM ";
            $sql .= $table;
            $sql .= " WHERE ";
            $sql .= " field_id = {$id}";
            $result = DB_query($sql);
            $A = DB_fetchArray($result);
            $name = COM_stripslashes($A['name']);
            $templatesetvar = COM_stripslashes($A['templatesetvar']);
            $description = $A['description'];
            //COM_stripslashes($A['description']);
            $allow_edit = COM_stripslashes($A['allow_edit']);
            $allow_display = COM_stripslashes($A['allow_display']);
            $type = COM_stripslashes($A['type']);
            $fieldgroup_id = COM_stripslashes($A['fieldgroup_id']);
            $selection = COM_stripslashes($A['selection']);
            $selectlist = COM_stripslashes($A['selectlist']);
            $checkrequried = COM_stripslashes($A['checkrequried']);
            $br = COM_stripslashes($A['br']);
            $size = COM_stripslashes($A['size']);
            $maxlength = COM_stripslashes($A['maxlength']);
            $rows = COM_stripslashes($A['rows']);
            $br = COM_stripslashes($A['br']);
            $orderno = COM_stripslashes($A['orderno']);
            $uuid = COM_stripslashes($A['uuid']);
            $udatetime = COM_stripslashes($A['udatetime']);
            if ($edt_flg == FALSE) {
                $delflg = true;
            }
        }
    }
    if ($mode === "copy") {
        $id = 0;
        //作成日付
        $created = 0;
        $created_month = 0;
        $created_day = 0;
        $created_year = 0;
        $created_hour = 0;
        $created_minute = 0;
        //
        $delflg = false;
    }
    $retval .= COM_startBlock($lang_box_admin['edit'], '', COM_getBlockTemplate('_admin_block', 'header'));
    $tmplfld = DATABOX_templatePath('admin', 'default', $pi_name);
    $templates = new Template($tmplfld);
    $templates->set_file('editor', "field_editor.thtml");
    //--
    $templates->set_var('about_thispage', $lang_box_admin['about_admin_field']);
    $templates->set_var('lang_must', $lang_box_admin['must']);
    $templates->set_var('site_url', $_CONF['site_url']);
    $templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    $token = SEC_createToken();
    $retval .= SEC_getTokenExpiryNotice($token);
    $templates->set_var('gltoken_name', CSRF_TOKEN);
    $templates->set_var('gltoken', $token);
    $templates->set_var('xhtml', XHTML);
    $templates->set_var('script', THIS_SCRIPT);
    //
    $templates->set_var('lang_link_admin', $lang_box_admin['link_admin']);
    $templates->set_var('lang_link_admin_top', $lang_box_admin['link_admin_top']);
    //id
    $templates->set_var('lang_field_id', $lang_box_admin['field_id']);
    $templates->set_var('id', $id);
    //名前&テンプレート変数&説明
    $templates->set_var('lang_name', $lang_box_admin['name']);
    $templates->set_var('name', $name);
    $templates->set_var('lang_templatesetvar', $lang_box_admin['templatesetvar']);
    $templates->set_var('templatesetvar', $templatesetvar);
    $templates->set_var('lang_description', $lang_box_admin['description']);
    $templates->set_var('description', $description);
    $templates->set_var('lang_allow_display', $lang_box_admin['allow_display']);
    $list_allow_display = DATABOX_getradiolist($lang_box_allow_display, "allow_display", $allow_display, "<br/>");
    $templates->set_var('list_allow_display', $list_allow_display);
    $templates->set_var('lang_allow_edit', $lang_box_admin['allow_edit']);
    $list_allow_edit = DATABOX_getradiolist($lang_box_allow_edit, "allow_edit", $allow_edit, "<br/>");
    $templates->set_var('list_allow_edit', $list_allow_edit);
    //type
    $templates->set_var('lang_type', $lang_box_admin['type']);
    $list_type = DATABOX_getradiolist($lang_box_type, "type", $type, "<br/>");
    $templates->set_var('list_type', $list_type);
    //checkrequried
    $templates->set_var('lang_checkrequried', $lang_box_admin['checkrequried']);
    $list_checkrequried = DATABOX_getradiolist($lang_box_noyes, "checkrequried", $checkrequried);
    $templates->set_var('list_checkrequried', $list_checkrequried);
    //size maxlength rows br
    $templates->set_var('lang_size', $lang_box_admin['size']);
    $templates->set_var('size', $size);
    $templates->set_var('lang_maxlength', $lang_box_admin['maxlength']);
    $templates->set_var('maxlength', $maxlength);
    $templates->set_var('lang_rows', $lang_box_admin['rows']);
    $templates->set_var('rows', $rows);
    $templates->set_var('lang_br', $lang_box_admin['br']);
    $list_br = DATABOX_getradiolist($lang_box_noyes, "br", $br);
    $templates->set_var('list_br', $list_br);
    //selection
    $templates->set_var('lang_selection', $lang_box_admin['selection']);
    $templates->set_var('selection', $selection);
    //selectlist
    $templates->set_var('lang_selectlist', $lang_box_admin['selectlist']);
    $list_selectlist = DATABOX_getoptionlist("selectlist", $selectlist, 0, $pi_name);
    $templates->set_var('list_selectlist', $list_selectlist);
    //group
    $templates->set_var('lang_group', $lang_box_admin['group']);
    $list_group = DATABOX_getoptionlist("group", $fieldgroup_id, 0, $pi_name, "", 0);
    $templates->set_var('list_group', $list_group);
    //順序
    $templates->set_var('lang_orderno', $lang_box_admin['orderno']);
    $templates->set_var('orderno', $orderno);
    //保存日時
    $templates->set_var('lang_udatetime', $lang_box_admin['udatetime']);
    $templates->set_var('udatetime', $udatetime);
    $templates->set_var('lang_uuid', $lang_box_admin['uuid']);
    $templates->set_var('uuid', $uuid);
    // SAVE、CANCEL ボタン
    $templates->set_var('lang_save', $LANG_ADMIN['save']);
    $templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $templates->set_var('lang_preview', $LANG_ADMIN['preview']);
    //delete_option
    if ($delflg) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        //
        $templates->set_var('lang_delete_help', $lang_box_admin['delete_help_field']);
    }
    //
    $templates->parse('output', 'editor');
    $retval .= $templates->finish($templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Exemple #17
0
/**
* Shows the links editor
*
* @param  string  $mode   Used to see if we are moderating a link or simply editing one
* @param  string  $lid    ID of link to edit
* @global array core config vars
* @global array core group data
* @global array core table data
* @global array core user data
* @global array links plugin config vars
* @global array links plugin lang vars
* @global array core lang access vars
* @return string HTML for the link editor form
*
*/
function editlink($mode, $lid = '')
{
    global $_CONF, $_GROUPS, $_TABLES, $_USER, $_LI_CONF, $LANG_LINKS_ADMIN, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE;
    $retval = '';
    $link_templates = COM_newTemplate(CTL_plugin_templatePath('links', 'admin'));
    $link_templates->set_file('editor', 'linkeditor.thtml');
    $link_templates->set_var('lang_pagetitle', $LANG_LINKS_ADMIN[28]);
    $link_templates->set_var('lang_link_list', $LANG_LINKS_ADMIN[53]);
    $link_templates->set_var('lang_new_link', $LANG_LINKS_ADMIN[51]);
    $link_templates->set_var('lang_validate_links', $LANG_LINKS_ADMIN[26]);
    $link_templates->set_var('lang_list_categories', $LANG_LINKS_ADMIN[50]);
    $link_templates->set_var('lang_new_category', $LANG_LINKS_ADMIN[52]);
    $link_templates->set_var('lang_admin_home', $LANG_ADMIN['admin_home']);
    $link_templates->set_var('instructions', $LANG_LINKS_ADMIN[29]);
    if ($mode != 'editsubmission' and !empty($lid)) {
        $result = DB_query("SELECT * FROM {$_TABLES['links']} WHERE lid ='{$lid}'");
        if (DB_numRows($result) !== 1) {
            $msg = COM_showMessageText($LANG_LINKS_ADMIN[25], $LANG_LINKS_ADMIN[24]);
            return $msg;
        }
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access == 0 or $access == 2) {
            $retval .= COM_showMessageText($LANG_LINKS_ADMIN[17], $LANG_LINKS_ADMIN[16]);
            COM_accessLog("User {$_USER['username']} tried to illegally submit or edit link {$lid}.");
            return $retval;
        }
    } else {
        if ($mode == 'editsubmission') {
            $result = DB_query("SELECT * FROM {$_TABLES['linksubmission']} WHERE lid = '{$lid}'");
            $A = DB_fetchArray($result);
        } else {
            $A['lid'] = COM_makesid();
            $A['cid'] = '';
            $A['url'] = '';
            $A['description'] = '';
            $A['title'] = '';
            $A['owner_id'] = $_USER['uid'];
        }
        $A['hits'] = 0;
        if (isset($_GROUPS['Links Admin'])) {
            $A['group_id'] = $_GROUPS['Links Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('links.edit');
        }
        SEC_setDefaultPermissions($A, $_LI_CONF['default_permissions']);
        $access = 3;
    }
    $token = SEC_createToken();
    $retval .= COM_startBlock($LANG_LINKS_ADMIN[1], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= SEC_getTokenExpiryNotice($token);
    $link_templates->set_var('link_id', $A['lid']);
    if (!empty($lid) && SEC_hasRights('links.edit')) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $link_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $link_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
        if ($mode == 'editsubmission') {
            $link_templates->set_var('submission_option', '<input type="hidden" name="type" value="submission"' . XHTML . '>');
        }
    }
    $link_templates->set_var('lang_linktitle', $LANG_LINKS_ADMIN[3]);
    $link_templates->set_var('link_title', htmlspecialchars(stripslashes($A['title'])));
    $link_templates->set_var('lang_linkid', $LANG_LINKS_ADMIN[2]);
    $link_templates->set_var('lang_linkurl', $LANG_LINKS_ADMIN[4]);
    $link_templates->set_var('max_url_length', 255);
    $link_templates->set_var('link_url', $A['url']);
    $link_templates->set_var('lang_includehttp', $LANG_LINKS_ADMIN[6]);
    $link_templates->set_var('lang_category', $LANG_LINKS_ADMIN[5]);
    $othercategory = links_select_box(3, $A['cid']);
    $link_templates->set_var('category_options', $othercategory);
    $link_templates->set_var('lang_ifotherspecify', $LANG_LINKS_ADMIN[20]);
    $link_templates->set_var('category', $othercategory);
    $link_templates->set_var('lang_linkhits', $LANG_LINKS_ADMIN[8]);
    $link_templates->set_var('link_hits', $A['hits']);
    $link_templates->set_var('lang_linkdescription', $LANG_LINKS_ADMIN[9]);
    $link_templates->set_var('link_description', stripslashes($A['description']));
    $allowed = COM_allowedHTML('links.edit') . COM_allowedAutotags();
    $link_templates->set_var('lang_allowed_html', $allowed);
    $link_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $link_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    // user access info
    $link_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $link_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($A['owner_id']);
    $link_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
    $link_templates->set_var('owner_name', $ownername);
    $link_templates->set_var('owner', $ownername);
    $link_templates->set_var('link_ownerid', $A['owner_id']);
    $link_templates->set_var('lang_group', $LANG_ACCESS['group']);
    $link_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $link_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $link_templates->set_var('lang_permissionskey', $LANG_ACCESS['permissionskey']);
    $link_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $link_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    $link_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $link_templates->set_var('lang_lockmsg', $LANG_ACCESS['permmsg']);
    $link_templates->set_var('gltoken_name', CSRF_TOKEN);
    $link_templates->set_var('gltoken', $token);
    $link_templates->parse('output', 'editor');
    $retval .= $link_templates->finish($link_templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Exemple #18
0
/**
* Shows the block editor
*
* This will show a block edit form.  If this is a Geeklog default block it will
* send it off to editdefaultblock.
*
* @param    string  $bid    ID of block to edit
* @return   string          HTML for block editor
*
*/
function editblock($bid = '')
{
    global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG01, $LANG21, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE;
    $retval = '';
    if (!empty($bid)) {
        $sql['mysql'] = "SELECT * FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'";
        $sql['mssql'] = "SELECT bid, is_enabled, name, type, title, tid, blockorder, cast(content as text) as content, rdfurl, ";
        $sql['mssql'] .= "rdfupdated, rdflimit, onleft, phpblockfn, help, owner_id,group_id, ";
        $sql['mssql'] .= "perm_owner, perm_group, perm_members, perm_anon, allow_autotags FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'";
        $result = DB_query($sql);
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access == 2 || $access == 0 || hasBlockTopicAccess($A['tid']) < 3) {
            $retval .= COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG21[45] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
            COM_accessLog("User {$_USER['username']} tried to illegally create or edit block {$bid}.");
            return $retval;
        }
        if ($A['type'] == 'gldefault') {
            $retval .= editdefaultblock($A, $access);
            return $retval;
        }
    } else {
        $A['bid'] = 0;
        $A['is_enabled'] = 1;
        $A['name'] = '';
        $A['type'] = 'normal';
        $A['title'] = '';
        $A['tid'] = 'All';
        $A['blockorder'] = 0;
        $A['content'] = '';
        $A['allow_autotags'] = 0;
        $A['rdfurl'] = '';
        $A['rdfupdated'] = '';
        $A['rdflimit'] = 0;
        $A['onleft'] = 0;
        $A['phpblockfn'] = '';
        $A['help'] = '';
        $A['owner_id'] = $_USER['uid'];
        if (isset($_GROUPS['Block Admin'])) {
            $A['group_id'] = $_GROUPS['Block Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('block.edit');
        }
        SEC_setDefaultPermissions($A, $_CONF['default_permissions_block']);
        $access = 3;
    }
    $token = SEC_createToken();
    $block_templates = new Template($_CONF['path_layout'] . 'admin/block');
    $block_templates->set_file('editor', 'blockeditor.thtml');
    $block_templates->set_var('site_url', $_CONF['site_url']);
    $block_templates->set_var('xhtml', XHTML);
    $block_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    $block_templates->set_var('layout_url', $_CONF['layout_url']);
    $block_start = COM_startBlock($LANG21[3], '', COM_getBlockTemplate('_admin_block', 'header'));
    $block_start .= LB . SEC_getTokenExpiryNotice($token);
    $block_templates->set_var('start_block_editor', $block_start);
    if (!empty($bid) && SEC_hasrights('block.delete')) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $block_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $block_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    }
    $block_templates->set_var('block_bid', $A['bid']);
    // standard Admin strings
    $block_templates->set_var('lang_blocktitle', $LANG_ADMIN['title']);
    $block_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
    $block_templates->set_var('lang_blockhelpurl', $LANG_ADMIN['help_url']);
    $block_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
    $block_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $block_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $block_templates->set_var('lang_blocktype', $LANG_ADMIN['type']);
    $block_templates->set_var('lang_allowed_html', $LANG01[123]);
    $block_templates->set_var('block_title', stripslashes($A['title']));
    $block_templates->set_var('lang_enabled', $LANG21[53]);
    if ($A['is_enabled'] == 1) {
        $block_templates->set_var('is_enabled', 'checked="checked"');
    } else {
        $block_templates->set_var('is_enabled', '');
    }
    $block_templates->set_var('block_help', $A['help']);
    $block_templates->set_var('lang_includehttp', $LANG21[51]);
    $block_templates->set_var('lang_explanation', $LANG21[52]);
    $block_templates->set_var('block_name', $A['name']);
    $block_templates->set_var('lang_blockname', $LANG21[48]);
    $block_templates->set_var('lang_nospaces', $LANG21[49]);
    $block_templates->set_var('lang_all', $LANG21[7]);
    $block_templates->set_var('lang_homeonly', $LANG21[43]);
    if ($A['tid'] == 'all') {
        $block_templates->set_var('all_selected', 'selected="selected"');
    } else {
        if ($A['tid'] == 'homeonly') {
            $block_templates->set_var('homeonly_selected', 'selected="selected"');
        }
    }
    $block_templates->set_var('topic_options', COM_topicList('tid,topic', $A['tid'], 1, true));
    $block_templates->set_var('lang_side', $LANG21[39]);
    $block_templates->set_var('lang_left', $LANG21[40]);
    $block_templates->set_var('lang_right', $LANG21[41]);
    if ($A['onleft'] == 1) {
        $block_templates->set_var('left_selected', 'selected="selected"');
    } else {
        if ($A['onleft'] == 0) {
            $block_templates->set_var('right_selected', 'selected="selected"');
        }
    }
    $block_templates->set_var('lang_blockorder', $LANG21[9]);
    $block_templates->set_var('block_order', $A['blockorder']);
    $block_templates->set_var('lang_normalblock', $LANG21[12]);
    $block_templates->set_var('lang_phpblock', $LANG21[27]);
    $block_templates->set_var('lang_portalblock', $LANG21[11]);
    if ($A['type'] == 'normal') {
        $block_templates->set_var('normal_selected', 'selected="selected"');
    } else {
        if ($A['type'] == 'phpblock') {
            $block_templates->set_var('php_selected', 'selected="selected"');
        } else {
            if ($A['type'] == 'portal') {
                $block_templates->set_var('portal_selected', 'selected="selected"');
            }
        }
    }
    $block_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $block_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($A['owner_id']);
    $block_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = '{$A['owner_id']}'"));
    $block_templates->set_var('owner_name', $ownername);
    $block_templates->set_var('owner', $ownername);
    $block_templates->set_var('owner_id', $A['owner_id']);
    $block_templates->set_var('lang_group', $LANG_ACCESS['group']);
    $block_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $block_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $block_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $block_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    $block_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $block_templates->set_var('lang_phpblockoptions', $LANG21[28]);
    $block_templates->set_var('lang_blockfunction', $LANG21[29]);
    $block_templates->set_var('block_phpblockfn', $A['phpblockfn']);
    $block_templates->set_var('lang_phpblockwarning', $LANG21[30]);
    $block_templates->set_var('lang_portalblockoptions', $LANG21[13]);
    $block_templates->set_var('lang_rdfurl', $LANG21[14]);
    $block_templates->set_var('max_url_length', 255);
    $block_templates->set_var('block_rdfurl', $A['rdfurl']);
    $block_templates->set_var('lang_rdflimit', $LANG21[62]);
    $block_templates->set_var('block_rdflimit', $A['rdflimit']);
    $block_templates->set_var('lang_lastrdfupdate', $LANG21[15]);
    if ($A['rdfupdated'] == '0000-00-00 00:00:00') {
        $block_templates->set_var('block_rdfupdated', '');
    } else {
        $block_templates->set_var('block_rdfupdated', $A['rdfupdated']);
    }
    $block_templates->set_var('lang_normalblockoptions', $LANG21[16]);
    $block_templates->set_var('lang_blockcontent', $LANG21[17]);
    $block_templates->set_var('lang_autotags', $LANG21[66]);
    $block_templates->set_var('lang_use_autotags', $LANG21[67]);
    $block_templates->set_var('block_content', htmlspecialchars(stripslashes($A['content'])));
    if ($A['allow_autotags'] == 1) {
        $block_templates->set_var('allow_autotags', 'checked="checked"');
    } else {
        $block_templates->set_var('allow_autotags', '');
    }
    $block_templates->set_var('gltoken_name', CSRF_TOKEN);
    $block_templates->set_var('gltoken', $token);
    $block_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    $block_templates->parse('output', 'editor');
    $retval .= $block_templates->finish($block_templates->get_var('output'));
    return $retval;
}
Exemple #19
0
/**
* Shows the block editor
*
* This will show a block edit form.  If this is a Geeklog default block it will
* send it off to editdefaultblock.
*
* @param    string  $bid    ID of block to edit
* @return   string          HTML for block editor
*
*/
function editblock($bid = '')
{
    global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG01, $LANG21, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS;
    $retval = '';
    if (!empty($bid)) {
        $sql['mysql'] = "SELECT * FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'";
        $sql['mssql'] = "SELECT bid, is_enabled, name, type, title, blockorder, cast(content as text) as content, rdfurl, ";
        $sql['mssql'] .= "rdfupdated, rdflimit, onleft, phpblockfn, help, owner_id,group_id, ";
        $sql['mssql'] .= "perm_owner, perm_group, perm_members, perm_anon, allow_autotags, cache_time FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'";
        $sql['pgsql'] = "SELECT * FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'";
        $result = DB_query($sql);
        $A = DB_fetchArray($result);
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access == 2 || $access == 0 || TOPIC_hasMultiTopicAccess('block', $bid) < 3) {
            $retval .= COM_showMessageText($LANG21[45], $LANG_ACCESS['accessdenied']);
            COM_accessLog("User {$_USER['username']} tried to illegally create or edit block {$bid}.");
            return $retval;
        }
        if ($A['type'] == 'gldefault') {
            $retval .= editdefaultblock($A, $access);
            return $retval;
        }
    } else {
        $A['bid'] = 0;
        $A['is_enabled'] = 1;
        $A['name'] = '';
        $A['type'] = 'normal';
        $A['title'] = '';
        $A['tid'] = '';
        $A['blockorder'] = 0;
        $A['cache_time'] = $_CONF['default_cache_time_block'];
        $A['content'] = '';
        $A['allow_autotags'] = 0;
        $A['rdfurl'] = '';
        $A['rdfupdated'] = '';
        $A['rdflimit'] = 0;
        $A['onleft'] = 0;
        $A['phpblockfn'] = '';
        $A['help'] = '';
        $A['owner_id'] = $_USER['uid'];
        if (isset($_GROUPS['Block Admin'])) {
            $A['group_id'] = $_GROUPS['Block Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('block.edit');
        }
        SEC_setDefaultPermissions($A, $_CONF['default_permissions_block']);
        $access = 3;
        if ($_POST['mode'] == $LANG_ADMIN['save'] && !empty($LANG_ADMIN['save'])) {
            overridePostdata($A);
        }
    }
    $token = SEC_createToken();
    $block_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/block');
    $block_templates->set_file('editor', 'blockeditor.thtml');
    $block_start = COM_startBlock($LANG21[3], '', COM_getBlockTemplate('_admin_block', 'header'));
    $block_start .= LB . SEC_getTokenExpiryNotice($token);
    $block_templates->set_var('start_block_editor', $block_start);
    if (!empty($bid) && SEC_hasrights('block.delete')) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $block_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $block_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
        $block_templates->set_var('allow_delete', true);
        $block_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
        $block_templates->set_var('confirm_message', $MESSAGE[76]);
    }
    $block_templates->set_var('block_bid', $A['bid']);
    // standard Admin strings
    $block_templates->set_var('lang_blocktitle', $LANG_ADMIN['title']);
    $block_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']);
    $block_templates->set_var('lang_blockhelpurl', $LANG_ADMIN['help_url']);
    $block_templates->set_var('lang_topic', $LANG_ADMIN['topic']);
    $block_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $block_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $block_templates->set_var('lang_blocktype', $LANG_ADMIN['type']);
    $block_templates->set_var('lang_allowed_html', $LANG01[123]);
    $block_templates->set_var('block_title', stripslashes($A['title']));
    $block_templates->set_var('lang_enabled', $LANG21[53]);
    if ($A['is_enabled'] == 1) {
        $block_templates->set_var('is_enabled', 'checked="checked"');
    } else {
        $block_templates->set_var('is_enabled', '');
    }
    $block_templates->set_var('block_help', $A['help']);
    $block_templates->set_var('lang_includehttp', $LANG21[51]);
    $block_templates->set_var('lang_explanation', $LANG21[52]);
    $block_templates->set_var('block_name', $A['name']);
    $block_templates->set_var('lang_blockname', $LANG21[48]);
    $block_templates->set_var('lang_nospaces', $LANG21[49]);
    $block_templates->set_var('topic_selection', TOPIC_getTopicSelectionControl('block', $A['bid'], true, true));
    $block_templates->set_var('lang_side', $LANG21[39]);
    $block_templates->set_var('lang_left', $LANG21[40]);
    $block_templates->set_var('lang_right', $LANG21[41]);
    if ($A['onleft'] == 1) {
        $block_templates->set_var('left_selected', 'selected="selected"');
    } elseif ($A['onleft'] == 0) {
        $block_templates->set_var('right_selected', 'selected="selected"');
    }
    $block_templates->set_var('lang_blockorder', $LANG21[9]);
    $block_templates->set_var('block_order', $A['blockorder']);
    $block_templates->set_var('lang_normalblock', $LANG21[12]);
    $block_templates->set_var('lang_phpblock', $LANG21[27]);
    $block_templates->set_var('lang_portalblock', $LANG21[11]);
    if ($A['type'] == 'normal') {
        $block_templates->set_var('normal_selected', 'selected="selected"');
    } elseif ($A['type'] == 'phpblock') {
        $block_templates->set_var('php_selected', 'selected="selected"');
    } elseif ($A['type'] == 'portal') {
        $block_templates->set_var('portal_selected', 'selected="selected"');
    }
    $block_templates->set_var('lang_cachetime', $LANG21['cache_time']);
    $block_templates->set_var('lang_cachetime_desc', $LANG21['cache_time_desc']);
    $block_templates->set_var('cache_time', $A['cache_time']);
    $block_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $block_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($A['owner_id']);
    $block_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = '{$A['owner_id']}'"));
    $block_templates->set_var('owner_name', $ownername);
    $block_templates->set_var('owner', $ownername);
    $block_templates->set_var('owner_id', $A['owner_id']);
    $block_templates->set_var('lang_group', $LANG_ACCESS['group']);
    $block_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $block_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $block_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $block_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    $block_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $block_templates->set_var('lang_phpblockoptions', $LANG21[28]);
    $block_templates->set_var('lang_blockfunction', $LANG21[29]);
    $block_templates->set_var('block_phpblockfn', $A['phpblockfn']);
    $block_templates->set_var('lang_phpblockwarning', $LANG21[30]);
    $block_templates->set_var('lang_portalblockoptions', $LANG21[13]);
    $block_templates->set_var('lang_rdfurl', $LANG21[14]);
    $block_templates->set_var('max_url_length', 255);
    $block_templates->set_var('block_rdfurl', $A['rdfurl']);
    $block_templates->set_var('lang_rdflimit', $LANG21[62]);
    $block_templates->set_var('block_rdflimit', $A['rdflimit']);
    $block_templates->set_var('lang_lastrdfupdate', $LANG21[15]);
    if ($A['rdfupdated'] == '0000-00-00 00:00:00') {
        $block_templates->set_var('block_rdfupdated', '');
    } else {
        $block_templates->set_var('block_rdfupdated', $A['rdfupdated']);
    }
    $block_templates->set_var('lang_normalblockoptions', $LANG21[16]);
    $block_templates->set_var('lang_blockcontent', $LANG21[17]);
    $block_templates->set_var('lang_autotags', $LANG21[66]);
    $block_templates->set_var('lang_use_autotags', $LANG21[67]);
    $content = htmlspecialchars(stripslashes($A['content']));
    $content = str_replace(array('{', '}'), array('&#123;', '&#125;'), $content);
    $block_templates->set_var('block_content', $content);
    if ($A['allow_autotags'] == 1) {
        $block_templates->set_var('allow_autotags', 'checked="checked"');
    } else {
        $block_templates->set_var('allow_autotags', '');
    }
    $block_templates->set_var('gltoken_name', CSRF_TOKEN);
    $block_templates->set_var('gltoken', $token);
    $block_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    $block_templates->parse('output', 'editor');
    $retval .= $block_templates->finish($block_templates->get_var('output'));
    // Shows/Hides relevant block options dynamically
    $_SCRIPTS->setJavaScript("\njQuery(function () {\n    var \$ = jQuery;\n    \$('#admin-blockeditor-type').on('change', function () {\n        var fs, i, fieldsets = ['normal', 'phpblock', 'portal'];\n\n        for (i = 0; i < 3; i++) {\n            if (this.value === fieldsets[i]) {\n                \$('#fs-' + fieldsets[i] + '-options').show();\n            } else {\n                \$('#fs-' + fieldsets[i] + '-options').hide();\n            }\n        }\n    })\n    .trigger('change');\n});", true, true);
    return $retval;
}
Exemple #20
0
function LIB_Edit($pi_name, $id, $edt_flg, $msg = '', $errmsg = "", $mode = "edit")
{
    global $_CONF;
    global $_TABLES;
    global $LANG_ADMIN;
    global $MESSAGE;
    global $LANG_ACCESS;
    global $_USER;
    $box_conf = "_" . strtoupper($pi_name) . "_CONF";
    global ${$box_conf};
    $box_conf = ${$box_conf};
    $lang_box_admin = "LANG_" . strtoupper($pi_name) . "_ADMIN";
    global ${$lang_box_admin};
    $lang_box_admin = ${$lang_box_admin};
    $lang_box = "LANG_" . strtoupper($pi_name);
    global ${$lang_box};
    $lang_box = ${$lang_box};
    $lang_box_noyes = "LANG_" . strtoupper($pi_name) . "_NOYES";
    global ${$lang_box_noyes};
    $lang_box_noyes = ${$lang_box_noyes};
    $lang_box_type = "LANG_" . strtoupper($pi_name) . "_TYPE";
    global ${$lang_box_type};
    $lang_box_type = ${$lang_box_type};
    $lang_box_allow_display = "LANG_" . strtoupper($pi_name) . "_ALLOW_DISPLAY";
    global ${$lang_box_allow_display};
    $lang_box_allow_display = ${$lang_box_allow_display};
    $lang_box_allow_edit = "LANG_" . strtoupper($pi_name) . "_ALLOW_EDIT";
    global ${$lang_box_allow_edit};
    $lang_box_allow_edit = ${$lang_box_allow_edit};
    $lang_box_textcheck = "LANG_" . strtoupper($pi_name) . "_TEXTCHECK";
    global ${$lang_box_textcheck};
    $lang_box_textcheck = ${$lang_box_textcheck};
    $lang_box_textconv = "LANG_" . strtoupper($pi_name) . "_TEXTCONV";
    global ${$lang_box_textconv};
    $lang_box_textconv = ${$lang_box_textconv};
    $table = $_TABLES[strtoupper($pi_name) . '_def_field'];
    //        $cur_year = date( 'Y' );
    //        $year_startoffset=1990 - $cur_year +1;
    //        $year_endoffset=0;
    $retval = '';
    $delflg = false;
    //メッセージ表示
    if (!empty($msg)) {
        $retval .= COM_showMessage($msg, $pi_name);
        $retval .= $errmsg;
        // clean 'em up
        $name = COM_applyFilter($_POST['name']);
        $templatesetvar = COM_applyFilter($_POST['templatesetvar']);
        $type = COM_applyFilter($_POST['type']);
        $description = COM_applyFilter($_POST['description']);
        $allow_display = COM_applyFilter($_POST['allow_display'], true);
        $allow_edit = COM_applyFilter($_POST['allow_edit'], true);
        $textcheck = COM_applyFilter($_POST['textcheck'], true);
        $textconv = COM_applyFilter($_POST['textconv'], true);
        $searchtarget = COM_applyFilter($_POST['searchtarget'], true);
        $initial_value = COM_applyFilter($_POST['initial_value']);
        $range_start = COM_applyFilter($_POST['range_start']);
        $range_end = COM_applyFilter($_POST['range_end']);
        $dfid = COM_applyFilter($_POST['dfid'], true);
        $selection = COM_applyFilter($_POST['selection']);
        $selectlist = COM_applyFilter($_POST['selectlist']);
        $checkrequried = COM_applyFilter($_POST['checkrequried']);
        $size = COM_applyFilter($_POST['size'], true);
        $maxlength = COM_applyFilter($_POST['maxlength'], true);
        $rows = COM_applyFilter($_POST['rows'], true);
        $br = COM_applyFilter($_POST['br'], true);
        $orderno = COM_applyFilter($_POST['orderno']);
        $uuid = $_USER['uid'];
    } else {
        if (empty($id)) {
            $id = 0;
            $name = "";
            $templatesetvar = "";
            $description = "";
            $allow_display = "";
            $allow_edit = "";
            $textcheck = "";
            $textconv = "";
            $searchtarget = "";
            $initial_value = "";
            $range_start = "";
            $range_end = "";
            $dfid = 0;
            $type = "";
            $selection = "";
            $selectlist = "";
            $checkrequried = "";
            $size = 60;
            $maxlength = 500;
            $rows = 3;
            $br = 0;
            $orderno = "";
            $uuid = 0;
            $udatetime = "";
            //"";
        } else {
            $sql = "SELECT ";
            $sql .= " *";
            $sql .= " ,UNIX_TIMESTAMP(udatetime) AS udatetime_un" . LB;
            $sql .= " FROM ";
            $sql .= $table;
            $sql .= " WHERE ";
            $sql .= " field_id = {$id}";
            $result = DB_query($sql);
            $A = DB_fetchArray($result);
            $name = COM_stripslashes($A['name']);
            $templatesetvar = COM_stripslashes($A['templatesetvar']);
            $description = $A['description'];
            //COM_stripslashes($A['description']);
            $allow_edit = COM_stripslashes($A['allow_edit']);
            $allow_display = COM_stripslashes($A['allow_display']);
            $textcheck = COM_stripslashes($A['textcheck']);
            $textconv = COM_stripslashes($A['textconv']);
            $searchtarget = COM_stripslashes($A['searchtarget']);
            $initial_value = COM_stripslashes($A['initial_value']);
            $range_start = COM_stripslashes($A['range_start']);
            $range_end = COM_stripslashes($A['range_end']);
            $dfid = COM_stripslashes($A['dfid']);
            $type = COM_stripslashes($A['type']);
            $selection = COM_stripslashes($A['selection']);
            $selectlist = COM_stripslashes($A['selectlist']);
            $checkrequried = COM_stripslashes($A['checkrequried']);
            $size = COM_stripslashes($A['size']);
            $maxlength = COM_stripslashes($A['maxlength']);
            $rows = COM_stripslashes($A['rows']);
            $br = COM_stripslashes($A['br']);
            $orderno = COM_stripslashes($A['orderno']);
            $uuid = COM_stripslashes($A['uuid']);
            $wary = COM_getUserDateTimeFormat(COM_stripslashes($A['udatetime_un']));
            $udatetime = $wary[0];
            if ($edt_flg == FALSE) {
                $delflg = true;
            }
        }
    }
    if ($mode === "copy") {
        $id = 0;
        //作成日付
        $created = 0;
        //
        $delflg = false;
    }
    $tmplfld = DATABOX_templatePath('admin', 'default', $pi_name);
    $templates = new Template($tmplfld);
    $templates->set_file('editor', "field_editor.thtml");
    //--
    $templates->set_var('about_thispage', $lang_box_admin['about_admin_field']);
    $templates->set_var('lang_must', $lang_box_admin['must']);
    $templates->set_var('site_url', $_CONF['site_url']);
    $templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    $token = SEC_createToken();
    $retval .= SEC_getTokenExpiryNotice($token);
    $templates->set_var('gltoken_name', CSRF_TOKEN);
    $templates->set_var('gltoken', $token);
    $templates->set_var('xhtml', XHTML);
    $templates->set_var('script', THIS_SCRIPT);
    //
    $templates->set_var('lang_link_admin', $lang_box_admin['link_admin']);
    $templates->set_var('lang_link_admin_top', $lang_box_admin['link_admin_top']);
    //id
    $templates->set_var('lang_field_id', $lang_box_admin['field_id']);
    $templates->set_var('id', $id);
    //document link
    $lang = COM_getLanguageName();
    $path = 'admin/plugins/' . strtolower($pi_name) . '/docs/';
    if (!file_exists($_CONF['path_html'] . $path . $lang . '/')) {
        $lang = 'japanese';
        //'english';
    }
    $document_url = $_CONF['site_url'] . '/' . $path . $lang . '/';
    $templates->set_var('document_url', $document_url);
    $templates->set_var('lang_document', $LANG_DATABOX_ADMIN['document']);
    //名前&テンプレート変数&説明
    $templates->set_var('lang_name', $lang_box_admin['name']);
    $templates->set_var('name', $name);
    $templates->set_var('lang_templatesetvar', $lang_box_admin['templatesetvar']);
    $templates->set_var('templatesetvar', $templatesetvar);
    $templates->set_var('lang_description', $lang_box_admin['description']);
    $templates->set_var('description', $description);
    $templates->set_var('lang_allow_display', $lang_box_admin['allow_display']);
    $list_allow_display = DATABOX_getoptionlistary($lang_box_allow_display, "allow_display", $allow_display, $pi_name);
    $templates->set_var('list_allow_display', $list_allow_display);
    $templates->set_var('lang_allow_edit', $lang_box_admin['allow_edit']);
    $list_allow_edit = DATABOX_getoptionlistary($lang_box_allow_edit, "allow_edit", $allow_edit, $pi_name);
    $templates->set_var('list_allow_edit', $list_allow_edit);
    //textcheck
    $templates->set_var('lang_textcheck', $lang_box_admin['textcheck']);
    $list_textcheck = DATABOX_getoptionlistary($lang_box_textcheck, "textcheck", $textcheck, $pi_name);
    $templates->set_var('list_textcheck', $list_textcheck);
    //textconv
    $templates->set_var('lang_textconv', $lang_box_admin['textconv']);
    $list_textconv = DATABOX_getoptionlistary($lang_box_textconv, "textconv", $textconv, $pi_name);
    $templates->set_var('list_textconv', $list_textconv);
    //searchtarget
    $templates->set_var('lang_searchtarget', $lang_box_admin['searchtarget']);
    $list_searchtarget = DATABOX_getradiolist($lang_box_noyes, "searchtarget", $searchtarget);
    $templates->set_var('list_searchtarget', $list_searchtarget);
    //初期値 範囲 日時フォーマット initial value range dfid
    $templates->set_var('lang_initial_value', $lang_box_admin['initial_value']);
    $templates->set_var('help_initial_value', $lang_box_admin['help_initial_value']);
    $templates->set_var('initial_value', $initial_value);
    $templates->set_var('lang_range', $lang_box_admin['range']);
    $templates->set_var('help_range', $lang_box_admin['help_range']);
    $templates->set_var('range_start', $range_start);
    $templates->set_var('range_end', $range_end);
    $templates->set_var('lang_dfid', $lang_box_admin['dfid']);
    $templates->set_var('help_dfid', $lang_box_admin['help_dfid']);
    //$list_dfid=DATABOX_getoptionlistary ($lang_box_textcheck,"textcheck",$textcheck,$pi_name);
    $list_dfid = '<select id="dfid" name="dfid">' . LB . COM_optionList($_TABLES['dateformats'], 'dfid,description', $dfid) . '</select>';
    $templates->set_var('list_dfid', $list_dfid);
    //type
    $templates->set_var('lang_type', $lang_box_admin['type']);
    $list_type = DATABOX_getoptionlistary($lang_box_type, "type", $type, $pi_name);
    $templates->set_var('list_type', $list_type);
    //checkrequried
    $templates->set_var('lang_checkrequried', $lang_box_admin['checkrequried']);
    $list_checkrequried = DATABOX_getradiolist($lang_box_noyes, "checkrequried", $checkrequried);
    $templates->set_var('list_checkrequried', $list_checkrequried);
    //size maxlength rows br
    $templates->set_var('lang_size', $lang_box_admin['size']);
    $templates->set_var('size', $size);
    $templates->set_var('lang_maxlength', $lang_box_admin['maxlength']);
    $templates->set_var('maxlength', $maxlength);
    $templates->set_var('lang_rows', $lang_box_admin['rows']);
    $templates->set_var('rows', $rows);
    $templates->set_var('lang_br', $lang_box_admin['br']);
    $templates->set_var('help_br', $lang_box_admin['help_br']);
    $templates->set_var('br', $br);
    //selection
    $templates->set_var('lang_selection', $lang_box_admin['selection']);
    $templates->set_var('selection', $selection);
    //selectlist
    $templates->set_var('lang_selectlist', $lang_box_admin['selectlist']);
    $list_selectlist = DATABOX_getoptionlist("selectlist", $selectlist, 0, $pi_name);
    $templates->set_var('list_selectlist', $list_selectlist);
    //順序
    $templates->set_var('lang_orderno', $lang_box_admin['orderno']);
    $templates->set_var('orderno', $orderno);
    //保存日時
    $templates->set_var('lang_udatetime', $lang_box_admin['udatetime']);
    $templates->set_var('udatetime', $udatetime);
    $templates->set_var('lang_uuid', $lang_box_admin['uuid']);
    $templates->set_var('uuid', $uuid);
    // SAVE、CANCEL ボタン
    $templates->set_var('lang_save', $LANG_ADMIN['save']);
    $templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $templates->set_var('lang_preview', $LANG_ADMIN['preview']);
    //delete_option
    if ($delflg) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        //
        $templates->set_var('lang_delete_help', $lang_box_admin['delete_help_field']);
    }
    //
    $templates->parse('output', 'editor');
    $retval .= $templates->finish($templates->get_var('output'));
    return $retval;
}
Exemple #21
0
/**
* Display weblog directory service editor
*
* @param    int     $pid            ID of the service or 0 for new service
* @param    string  $msg            an error message to display
* @param    string  $new_name       name of the service
* @param    string  $new_site_url   URL of the service's site
* @param    string  $new_ping_url   URL to ping at the service
* @param    string  $new_method     ping method to use
* @param    int     $new_enabled    service is enabled (1) / disabled (0)
* @return   string                  HTML for the editor
*
*/
function editServiceForm($pid, $msg = '', $new_name = '', $new_site_url = '', $new_ping_url = '', $new_method = '', $new_enabled = -1)
{
    global $_CONF, $_TABLES, $LANG_TRB, $LANG_ADMIN, $MESSAGE;
    $retval = '';
    if ($pid > 0) {
        $result = DB_query("SELECT * FROM {$_TABLES['pingservice']} WHERE pid = '{$pid}'");
        $A = DB_fetchArray($result);
    } else {
        $A['is_enabled'] = 1;
        $A['method'] = 'weblogUpdates.ping';
    }
    if (!empty($new_name)) {
        $A['name'] = $new_name;
    }
    if (!empty($new_site_url)) {
        $A['site_url'] = $new_site_url;
    }
    if (!empty($new_ping_url)) {
        $A['ping_url'] = $new_ping_url;
    }
    if (!empty($new_method)) {
        $A['method'] = $new_method;
    }
    if ($new_enabled >= 0) {
        $A['is_enabled'] = $new_enabled;
    }
    if (!empty($msg)) {
        $retval .= showTrackbackMessage('Error', $msg);
    }
    $token = SEC_createToken();
    $retval .= COM_startBlock($LANG_TRB['edit_service'], getHelpUrl() . '#ping', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= SEC_getTokenExpiryNotice($token);
    $template = COM_newTemplate($_CONF['path_layout'] . 'admin/trackback');
    $template->set_file(array('editor' => 'serviceeditor.thtml'));
    $template->set_var('max_url_length', 255);
    $template->set_var('method_ping', 'weblogUpdates.ping');
    $template->set_var('method_ping_extended', 'weblogUpdates.extendedPing');
    $template->set_var('lang_name', $LANG_TRB['service']);
    $template->set_var('lang_site_url', $LANG_TRB['service_website']);
    $template->set_var('lang_ping_url', $LANG_TRB['service_ping_url']);
    $template->set_var('lang_enabled', $LANG_ADMIN['enabled']);
    $template->set_var('lang_method', $LANG_TRB['ping_method']);
    $template->set_var('lang_method_standard', $LANG_TRB['ping_standard']);
    $template->set_var('lang_method_extended', $LANG_TRB['ping_extended']);
    $template->set_var('lang_save', $LANG_ADMIN['save']);
    $template->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    if ($pid > 0) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="servicemode[2]"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $template->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $template->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    } else {
        $template->set_var('delete_option', '');
    }
    if (isset($A['pid'])) {
        $template->set_var('service_id', $A['pid']);
    } else {
        $template->set_var('service_id', '');
    }
    if (isset($A['name'])) {
        $template->set_var('service_name', $A['name']);
    } else {
        $template->set_var('service_name', '');
    }
    if (isset($A['site_url'])) {
        $template->set_var('service_site_url', $A['site_url']);
    } else {
        $template->set_var('service_site_url', '');
    }
    if (isset($A['ping_url'])) {
        $template->set_var('service_ping_url', $A['ping_url']);
    } else {
        $template->set_var('service_ping_url', '');
    }
    if ($A['is_enabled'] == 1) {
        $template->set_var('is_enabled', 'checked="checked"');
    } else {
        $template->set_var('is_enabled', '');
    }
    if ($A['method'] == 'weblogUpdates.ping') {
        $template->set_var('standard_is_checked', 'checked="checked"');
        $template->set_var('extended_is_checked', '');
    } else {
        $template->set_var('standard_is_checked', '');
        $template->set_var('extended_is_checked', 'checked="checked"');
    }
    $template->set_var('gltoken_name', CSRF_TOKEN);
    $template->set_var('gltoken', $token);
    $template->parse('output', 'editor');
    $retval .= $template->finish($template->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG_TRB['edit_service']));
    return $retval;
}
Exemple #22
0
/**
* Display the feed editor.
*
* @param    int      $fid    feed id (0 for new feeds)
* @param    string   $type   type of feed, e.g. 'article'
* @return   string           HTML for the feed editor
*
*/
function editfeed($fid = 0, $type = '')
{
    global $_CONF, $_TABLES, $LANG33, $LANG_ADMIN, $MESSAGE;
    if ($fid > 0) {
        $result = DB_query("SELECT *,UNIX_TIMESTAMP(updated) AS date FROM {$_TABLES['syndication']} WHERE fid = '{$fid}'");
        $A = DB_fetchArray($result);
        $fid = $A['fid'];
    }
    if ($fid == 0) {
        if (!empty($type)) {
            // set defaults
            $A['fid'] = $fid;
            $A['type'] = $type;
            $A['topic'] = '::all';
            $A['header_tid'] = 'none';
            $A['format'] = 'RSS-2.0';
            $A['limits'] = $_CONF['rdf_limit'];
            $A['content_length'] = $_CONF['rdf_storytext'];
            $A['title'] = $_CONF['site_name'];
            $A['description'] = $_CONF['site_slogan'];
            $A['feedlogo'] = '';
            $A['filename'] = '';
            $A['charset'] = $_CONF['default_charset'];
            $A['language'] = $_CONF['rdf_language'];
            $A['is_enabled'] = 1;
            $A['updated'] = '';
            $A['update_info'] = '';
            $A['date'] = time();
        } else {
            return COM_refresh($_CONF['site_admin_url'] . '/syndication.php');
        }
    }
    $retval = '';
    $token = SEC_createToken();
    $feed_template = COM_newTemplate($_CONF['path_layout'] . 'admin/syndication');
    $feed_template->set_file('editor', 'feededitor.thtml');
    $start_block = COM_startBlock($LANG33[24], '', COM_getBlockTemplate('_admin_block', 'header'));
    $start_block .= SEC_getTokenExpiryNotice($token);
    $feed_template->set_var('start_feed_editor', $start_block);
    $feed_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    $feed_template->set_var('lang_feedtitle', $LANG33[25]);
    $feed_template->set_var('lang_enabled', $LANG33[19]);
    $feed_template->set_var('lang_format', $LANG33[17]);
    $feed_template->set_var('lang_limits', $LANG33[26]);
    $feed_template->set_var('lang_content_length', $LANG33[27]);
    $feed_template->set_var('lang_clen_explain', $LANG33[28]);
    $feed_template->set_var('lang_description', $LANG33[29]);
    $feed_template->set_var('lang_feedlogo', $LANG33[49]);
    $feed_template->set_var('lang_feedlogo_explain', $LANG33[50]);
    $feed_template->set_var('lang_filename', $LANG33[16]);
    $feed_template->set_var('lang_updated', $LANG33[30]);
    $feed_template->set_var('lang_type', $LANG33[15]);
    $feed_template->set_var('lang_charset', $LANG33[31]);
    $feed_template->set_var('lang_language', $LANG33[32]);
    $feed_template->set_var('lang_topic', $LANG33[33]);
    if ($A['header_tid'] == 'all') {
        $feed_template->set_var('all_selected', 'selected="selected"');
    } elseif ($A['header_tid'] == 'none') {
        $feed_template->set_var('none_selected', 'selected="selected"');
    }
    $feed_template->set_var('lang_header_all', $LANG33[43]);
    $feed_template->set_var('lang_header_none', $LANG33[44]);
    $feed_template->set_var('lang_header_topic', $LANG33[45]);
    $feed_template->set_var('header_topic_options', COM_topicList('tid,topic', $A['header_tid'], 1, true));
    $feed_template->set_var('lang_save', $LANG_ADMIN['save']);
    $feed_template->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    if ($A['fid'] > 0) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $feed_template->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $feed_template->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    }
    $feed_template->set_var('feed_id', $A['fid']);
    $feed_template->set_var('feed_title', $A['title']);
    $feed_template->set_var('feed_description', $A['description']);
    $feed_template->set_var('feed_logo', $A['feedlogo']);
    $feed_template->set_var('feed_content_length', $A['content_length']);
    $feed_template->set_var('feed_filename', $A['filename']);
    $feed_template->set_var('feed_type', $A['type']);
    if ($A['type'] == 'article') {
        $feed_template->set_var('feed_type_display', $LANG33[55]);
    } else {
        $feed_template->set_var('feed_type_display', ucwords($A['type']));
    }
    $feed_template->set_var('feed_charset', $A['charset']);
    $feed_template->set_var('feed_language', $A['language']);
    if ($A['is_enabled'] == 1 && !empty($A['updated'])) {
        $nicedate = COM_getUserDateTimeFormat($A['date']);
        $feed_template->set_var('feed_updated', $nicedate[0]);
    } else {
        $feed_template->set_var('feed_updated', $LANG_ADMIN['na']);
    }
    $formats = find_feedFormats();
    $selection = '<select name="format">' . LB;
    foreach ($formats as $f) {
        // if one changes this format below ('name-version'), also change parsing
        // in COM_siteHeader. It uses explode( "-" , $string )
        $selection .= '<option value="' . $f['name'] . '-' . $f['version'] . '"';
        if ($A['format'] == $f['name'] . '-' . $f['version']) {
            $selection .= ' selected="selected"';
        }
        $selection .= '>' . ucwords($f['name'] . ' ' . $f['version']) . '</option>' . LB;
    }
    $selection .= '</select>' . LB;
    $feed_template->set_var('feed_format', $selection);
    $limits = $A['limits'];
    $hours = false;
    if (substr($A['limits'], -1) == 'h') {
        $limits = substr($A['limits'], 0, -1);
        $hours = true;
    }
    $selection = '<select name="limits_in">' . LB;
    $selection .= '<option value="0"';
    if (!$hours) {
        $selection .= ' selected="selected"';
    }
    $selection .= '>' . $LANG33[34] . '</option>' . LB;
    $selection .= '<option value="1"';
    if ($hours) {
        $selection .= ' selected="selected"';
    }
    $selection .= '>' . $LANG33[35] . '</option>' . LB;
    $selection .= '</select>' . LB;
    $feed_template->set_var('feed_limits', $limits);
    $feed_template->set_var('feed_limits_what', $selection);
    if ($A['type'] == 'article') {
        $options = get_articleFeeds();
    } else {
        $result = DB_query("SELECT pi_enabled FROM {$_TABLES['plugins']} WHERE pi_name='{$A['type']}'");
        if ($result) {
            $P = DB_fetchArray($result);
            if ($P['pi_enabled'] == 0) {
                echo COM_refresh($_CONF['site_admin_url'] . '/syndication.php?msg=80');
                exit;
            }
        }
        $options = PLG_getFeedNames($A['type']);
    }
    $selection = '<select name="topic">' . LB;
    foreach ($options as $o) {
        $selection .= '<option value="' . $o['id'] . '"';
        if ($A['topic'] == $o['id']) {
            $selection .= ' selected="selected"';
        }
        $selection .= '>' . $o['name'] . '</option>' . LB;
    }
    $selection .= '</select>' . LB;
    $feed_template->set_var('feed_topic', $selection);
    if ($A['is_enabled'] == 1) {
        $feed_template->set_var('is_enabled', 'checked="checked"');
    } else {
        $feed_template->set_var('is_enabled', '');
    }
    $feed_template->set_var('gltoken_name', CSRF_TOKEN);
    $feed_template->set_var('gltoken', $token);
    $retval .= $feed_template->finish($feed_template->parse('output', 'editor'));
    return $retval;
}
Exemple #23
0
/**
* Shows poll editor
*
* Diplays the poll editor form
*
* @param    string  $pid    ID of poll to edit
* @return   string          HTML for poll editor form
*
*/
function editpoll($pid = '')
{
    global $_CONF, $_PO_CONF, $_GROUPS, $_TABLES, $_USER, $LANG25, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $LANG_POLLS;
    $retval = '';
    if (!empty($pid)) {
        $topic = DB_query("SELECT * FROM {$_TABLES['polltopics']} WHERE pid='{$pid}'");
        $T = DB_fetchArray($topic);
        // Get permissions for poll
        $access = SEC_hasAccess($T['owner_id'], $T['group_id'], $T['perm_owner'], $T['perm_group'], $T['perm_members'], $T['perm_anon']);
        if ($access == 0 or $access == 2) {
            // User doesn't have access...bail
            $retval .= COM_startBlock($LANG25[21], '', COM_getBlockTemplate('_msg_block', 'header'));
            $retval .= $LANG25[22];
            $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
            COM_accessLog("User {$_USER['username']} tried to illegally submit or edit poll {$pid}.");
            return $retval;
        }
    }
    // writing the menu on top
    require_once $_CONF['path_system'] . 'lib-admin.php';
    $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/polls/index.php', 'text' => $LANG_ADMIN['list_all']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
    $token = SEC_createToken();
    $retval .= COM_startBlock($LANG25[5], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= ADMIN_createMenu($menu_arr, $LANG_POLLS['editinstructions'], plugin_geticon_polls());
    $retval .= SEC_getTokenExpiryNotice($token);
    $poll_templates = new Template($_CONF['path'] . 'plugins/polls/templates/admin/');
    $poll_templates->set_file(array('editor' => 'polleditor.thtml', 'question' => 'pollquestions.thtml', 'answer' => 'pollansweroption.thtml'));
    $poll_templates->set_var('xhtml', XHTML);
    $poll_templates->set_var('site_url', $_CONF['site_url']);
    $poll_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    $poll_templates->set_var('layout_url', $_CONF['layout_url']);
    if (!empty($pid) and $access == 3 and !empty($T['owner_id'])) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $poll_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $poll_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    } else {
        $T['pid'] = COM_makeSid();
        $T['topic'] = '';
        $T['meta_description'] = '';
        $T['meta_keywords'] = '';
        $T['voters'] = 0;
        $T['display'] = 1;
        $T['is_open'] = 1;
        $T['hideresults'] = 0;
        $T['owner_id'] = $_USER['uid'];
        if (isset($_GROUPS['Polls Admin'])) {
            $T['group_id'] = $_GROUPS['Polls Admin'];
        } else {
            $T['group_id'] = SEC_getFeatureGroup('polls.edit');
        }
        SEC_setDefaultPermissions($T, $_PO_CONF['default_permissions']);
        $T['statuscode'] = 0;
        $T['commentcode'] = $_CONF['comment_code'];
        $access = 3;
    }
    $poll_templates->set_var('lang_pollid', $LANG25[6]);
    $poll_templates->set_var('poll_id', $T['pid']);
    $poll_templates->set_var('lang_donotusespaces', $LANG25[7]);
    $poll_templates->set_var('lang_topic', $LANG25[9]);
    $poll_templates->set_var('poll_topic', htmlspecialchars($T['topic']));
    $poll_templates->set_var('lang_mode', $LANG25[1]);
    $poll_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
    $poll_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
    if (!empty($T['meta_description'])) {
        $poll_templates->set_var('meta_description', $T['meta_description']);
    }
    if (!empty($T['meta_keywords'])) {
        $poll_templates->set_var('meta_keywords', $T['meta_keywords']);
    }
    $poll_templates->set_var('status_options', COM_optionList($_TABLES['statuscodes'], 'code,name', $T['statuscode']));
    $poll_templates->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $T['commentcode']));
    $poll_templates->set_var('lang_appearsonhomepage', $LANG25[8]);
    $poll_templates->set_var('lang_openforvoting', $LANG25[33]);
    $poll_templates->set_var('lang_hideresults', $LANG25[37]);
    $poll_templates->set_var('poll_hideresults_explain', $LANG25[38]);
    $poll_templates->set_var('poll_topic_info', $LANG25[39]);
    if ($T['display'] == 1) {
        $poll_templates->set_var('poll_display', 'checked="checked"');
    }
    if ($T['is_open'] == 1) {
        $poll_templates->set_var('poll_open', 'checked="checked"');
    }
    if ($T['hideresults'] == 1) {
        $poll_templates->set_var('poll_hideresults', 'checked="checked"');
    }
    // user access info
    $poll_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $poll_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($T['owner_id']);
    $poll_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$T['owner_id']}"));
    $poll_templates->set_var('owner_name', $ownername);
    $poll_templates->set_var('owner', $ownername);
    $poll_templates->set_var('owner_id', $T['owner_id']);
    $poll_templates->set_var('lang_group', $LANG_ACCESS['group']);
    $poll_templates->set_var('group_dropdown', SEC_getGroupDropdown($T['group_id'], $access));
    $poll_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $poll_templates->set_var('lang_permissionskey', $LANG_ACCESS['permissionskey']);
    $poll_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $poll_templates->set_var('permissions_editor', SEC_getPermissionsHTML($T['perm_owner'], $T['perm_group'], $T['perm_members'], $T['perm_anon']));
    $poll_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $poll_templates->set_var('lang_answersvotes', $LANG25[10]);
    $poll_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $poll_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    // repeat for several questions
    $question_sql = "SELECT question,qid " . "FROM {$_TABLES['pollquestions']} WHERE pid='{$pid}' ORDER BY qid;";
    $questions = DB_query($question_sql);
    include $_CONF['path_system'] . 'classes/navbar.class.php';
    $navbar = new navbar();
    for ($j = 0; $j < $_PO_CONF['maxquestions']; $j++) {
        $display_id = $j + 1;
        if ($j > 0) {
            $poll_templates->set_var('style', 'style="display:none;"');
        } else {
            $poll_templates->set_var('style', '');
        }
        $navbar->add_menuitem($LANG25[31] . " {$display_id}", "showhidePollsEditorDiv(\"{$j}\",{$j},{$_PO_CONF['maxquestions']});return false;", true);
        $Q = DB_fetchArray($questions);
        $poll_templates->set_var('question_text', $Q['question']);
        $poll_templates->set_var('question_id', $j);
        $poll_templates->set_var('lang_question', $LANG25[31] . " {$display_id}");
        $poll_templates->set_var('lang_saveaddnew', $LANG25[32]);
        // answers
        $answer_sql = "SELECT answer,aid,votes,remark " . "FROM {$_TABLES['pollanswers']} WHERE qid='{$j}' AND pid='{$pid}' ORDER BY aid";
        $answers = DB_query($answer_sql);
        for ($i = 0; $i < $_PO_CONF['maxanswers']; $i++) {
            if (isset($answers)) {
                $A = DB_fetchArray($answers);
                $poll_templates->set_var('answer_text', htmlspecialchars($A['answer']));
                $poll_templates->set_var('answer_votes', $A['votes']);
                $poll_templates->set_var('remark_text', $A['remark']);
            } else {
                $poll_templates->set_var('answer_text', '');
                $poll_templates->set_var('answer_votes', '');
                $poll_templates->set_var('remark_text', '');
            }
            $poll_templates->parse('answer_option', 'answer', true);
        }
        $poll_templates->parse('question_list', 'question', true);
        $poll_templates->clear_var('answer_option');
    }
    $navbar->set_selected($LANG25[31] . " 1");
    $poll_templates->set_var('navbar', $navbar->generate());
    $poll_templates->set_var('gltoken_name', CSRF_TOKEN);
    $poll_templates->set_var('gltoken', $token);
    $poll_templates->parse('output', 'editor');
    $retval .= $poll_templates->finish($poll_templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Exemple #24
0
/**
* Displays the static page editor form
*
* @param    array   $A  Data to display
* @return   string      HTML for the static page editor
*
*/
function staticpageeditor_form($A, $error = false)
{
    global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $mode, $sp_id, $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG24, $LANG_postmodes, $MESSAGE;
    $template_path = staticpages_templatePath('admin');
    if (!empty($sp_id) && $mode == 'edit') {
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    } else {
        if ($mode != 'clone') {
            $A['sp_inblock'] = $_SP_CONF['in_block'];
        }
        $A['owner_id'] = $_USER['uid'];
        if (isset($_GROUPS['Static Page Admin'])) {
            $A['group_id'] = $_GROUPS['Static Page Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('staticpages.edit');
        }
        SEC_setDefaultPermissions($A, $_SP_CONF['default_permissions']);
        $access = 3;
        if (isset($_CONF['advanced_editor']) && $_CONF['advanced_editor'] == 1 && file_exists($template_path . '/editor_advanced.thtml')) {
            $A['advanced_editor_mode'] = 1;
        }
    }
    $retval = '';
    $sp_template = new Template($template_path);
    if (isset($_CONF['advanced_editor']) && $_CONF['advanced_editor'] == 1 && file_exists($template_path . '/editor_advanced.thtml')) {
        $sp_template->set_file('form', 'editor_advanced.thtml');
        $sp_template->set_var('lang_expandhelp', $LANG24[67]);
        $sp_template->set_var('lang_reducehelp', $LANG24[68]);
        $sp_template->set_var('lang_toolbar', $LANG24[70]);
        $sp_template->set_var('toolbar1', $LANG24[71]);
        $sp_template->set_var('toolbar2', $LANG24[72]);
        $sp_template->set_var('toolbar3', $LANG24[73]);
        $sp_template->set_var('toolbar4', $LANG24[74]);
        $sp_template->set_var('toolbar5', $LANG24[75]);
        $sp_template->set_var('lang_nojavascript', $LANG24[77]);
        $sp_template->set_var('lang_postmode', $LANG24[4]);
        if (isset($A['postmode']) && $A['postmode'] == 'adveditor') {
            $sp_template->set_var('show_adveditor', '');
            $sp_template->set_var('show_htmleditor', 'none');
        } else {
            $sp_template->set_var('show_adveditor', 'none');
            $sp_template->set_var('show_htmleditor', '');
        }
        $post_options = '<option value="html" selected="selected">' . $LANG_postmodes['html'] . '</option>';
        if (isset($A['postmode']) && $A['postmode'] == 'adveditor') {
            $post_options .= '<option value="adveditor" selected="selected">' . $LANG24[86] . '</option>';
        } else {
            $post_options .= '<option value="adveditor">' . $LANG24[86] . '</option>';
        }
        $sp_template->set_var('post_options', $post_options);
        $sp_template->set_var('change_editormode', 'onchange="change_editmode(this);"');
    } else {
        $sp_template->set_file('form', 'editor.thtml');
    }
    $sp_template->set_var('layout_url', $_CONF['layout_url']);
    $sp_template->set_var('lang_mode', $LANG24[3]);
    $sp_template->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $A['commentcode']));
    $sp_template->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $sp_template->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($A['owner_id']);
    $sp_template->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
    $sp_template->set_var('owner_name', $ownername);
    $sp_template->set_var('owner', $ownername);
    $sp_template->set_var('owner_id', $A['owner_id']);
    $sp_template->set_var('lang_group', $LANG_ACCESS['group']);
    $sp_template->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $sp_template->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    $sp_template->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $sp_template->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $sp_template->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
    $sp_template->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $sp_template->set_var('site_url', $_CONF['site_url']);
    $sp_template->set_var('site_admin_url', $_CONF['site_admin_url']);
    $token = SEC_createToken();
    $start_block = COM_startBlock($LANG_STATIC['staticpageeditor'], '', COM_getBlockTemplate('_admin_block', 'header'));
    $start_block .= SEC_getTokenExpiryNotice($token);
    $sp_template->set_var('start_block_editor', $start_block);
    $sp_template->set_var('lang_save', $LANG_ADMIN['save']);
    $sp_template->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $sp_template->set_var('lang_preview', $LANG_ADMIN['preview']);
    if (SEC_hasRights('staticpages.delete') && $mode != 'clone' && !empty($A['sp_old_id'])) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $sp_template->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $sp_template->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    } else {
        $sp_template->set_var('delete_option', '');
    }
    $sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']);
    $sp_template->set_var('username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['sp_uid']}"));
    $authorname = COM_getDisplayName($A['sp_uid']);
    $sp_template->set_var('name', $authorname);
    $sp_template->set_var('author', $authorname);
    $sp_template->set_var('lang_url', $LANG_STATIC['url']);
    $sp_template->set_var('lang_id', $LANG_STATIC['id']);
    $sp_template->set_var('sp_uid', $A['sp_uid']);
    $sp_template->set_var('sp_id', $A['sp_id']);
    $sp_template->set_var('sp_old_id', $A['sp_old_id']);
    $sp_template->set_var('example_url', COM_buildURL($_CONF['site_url'] . '/staticpages/index.php?page=' . $A['sp_id']));
    $sp_template->set_var('lang_centerblock', $LANG_STATIC['centerblock']);
    $sp_template->set_var('lang_centerblock_help', $LANG_ADMIN['help_url']);
    $sp_template->set_var('lang_centerblock_include', $LANG21[51]);
    $sp_template->set_var('lang_centerblock_desc', $LANG21[52]);
    $sp_template->set_var('centerblock_help', $A['sp_help']);
    $sp_template->set_var('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']);
    if (isset($A['sp_centerblock']) && $A['sp_centerblock'] == 1) {
        $sp_template->set_var('centerblock_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('centerblock_checked', '');
    }
    $sp_template->set_var('lang_topic', $LANG_STATIC['topic']);
    $sp_template->set_var('lang_position', $LANG_STATIC['position']);
    $current_topic = '';
    if (isset($A['sp_tid'])) {
        $current_topic = $A['sp_tid'];
    }
    if (empty($current_topic)) {
        $current_topic = 'none';
    }
    $topics = COM_topicList('tid,topic', $current_topic, 1, true);
    $alltopics = '<option value="all"';
    if ($current_topic == 'all') {
        $alltopics .= ' selected="selected"';
    }
    $alltopics .= '>' . $LANG_STATIC['all_topics'] . '</option>' . LB;
    $notopic = '<option value="none"';
    if ($current_topic == 'none') {
        $notopic .= ' selected="selected"';
    }
    $notopic .= '>' . $LANG_STATIC['no_topic'] . '</option>' . LB;
    $sp_template->set_var('topic_selection', '<select name="sp_tid">' . $alltopics . $notopic . $topics . '</select>');
    $position = '<select name="sp_where">';
    $position .= '<option value="1"';
    if ($A['sp_where'] == 1) {
        $position .= ' selected="selected"';
    }
    $position .= '>' . $LANG_STATIC['position_top'] . '</option>';
    $position .= '<option value="2"';
    if ($A['sp_where'] == 2) {
        $position .= ' selected="selected"';
    }
    $position .= '>' . $LANG_STATIC['position_feat'] . '</option>';
    $position .= '<option value="3"';
    if ($A['sp_where'] == 3) {
        $position .= ' selected="selected"';
    }
    $position .= '>' . $LANG_STATIC['position_bottom'] . '</option>';
    $position .= '<option value="0"';
    if ($A['sp_where'] == 0) {
        $position .= ' selected="selected"';
    }
    $position .= '>' . $LANG_STATIC['position_entire'] . '</option>';
    $position .= '</select>';
    $sp_template->set_var('pos_selection', $position);
    if ($_SP_CONF['allow_php'] == 1 && SEC_hasRights('staticpages.PHP')) {
        if (!isset($A['sp_php'])) {
            $A['sp_php'] = 0;
        }
        $selection = '<select name="sp_php">' . LB;
        $selection .= '<option value="0"';
        if ($A['sp_php'] <= 0 || $A['sp_php'] > 2) {
            $selection .= ' selected="selected"';
        }
        $selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB;
        $selection .= '<option value="1"';
        if ($A['sp_php'] == 1) {
            $selection .= ' selected="selected"';
        }
        $selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB;
        $selection .= '<option value="2"';
        if ($A['sp_php'] == 2) {
            $selection .= ' selected="selected"';
        }
        $selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB;
        $selection .= '</select>';
        $sp_template->set_var('php_selector', $selection);
        $sp_template->set_var('php_warn', $LANG_STATIC['php_warn']);
    } else {
        $sp_template->set_var('php_selector', '');
        $sp_template->set_var('php_warn', $LANG_STATIC['php_not_activated']);
    }
    $sp_template->set_var('php_msg', $LANG_STATIC['php_msg']);
    // old variables (for the 1.3-type checkbox)
    $sp_template->set_var('php_checked', '');
    $sp_template->set_var('php_type', 'hidden');
    if (isset($A['sp_nf']) && $A['sp_nf'] == 1) {
        $sp_template->set_var('exit_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('exit_checked', '');
    }
    $sp_template->set_var('exit_msg', $LANG_STATIC['exit_msg']);
    $sp_template->set_var('exit_info', $LANG_STATIC['exit_info']);
    if ($A['sp_inblock'] == 1) {
        $sp_template->set_var('inblock_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('inblock_checked', '');
    }
    $sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']);
    $sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']);
    $curtime = COM_getUserDateTimeFormat($A['unixdate']);
    $sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']);
    $sp_template->set_var('sp_formateddate', $curtime[0]);
    $sp_template->set_var('sp_date', $curtime[1]);
    $sp_template->set_var('lang_title', $LANG_STATIC['title']);
    $title = '';
    if (isset($A['sp_title'])) {
        $title = htmlspecialchars(stripslashes($A['sp_title']));
    }
    $sp_template->set_var('sp_title', $title);
    $sp_template->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
    $sp_template->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
    if (!empty($A['meta_description'])) {
        $sp_template->set_var('meta_description', $A['meta_description']);
    }
    if (!empty($A['meta_keywords'])) {
        $sp_template->set_var('meta_keywords', $A['meta_keywords']);
    }
    $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']);
    if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) {
        $sp_template->set_var('onmenu_checked', 'checked="checked"');
    } else {
        $sp_template->set_var('onmenu_checked', '');
    }
    $sp_template->set_var('lang_label', $LANG_STATIC['label']);
    if (isset($A['sp_label'])) {
        $sp_template->set_var('sp_label', $A['sp_label']);
    } else {
        $sp_template->set_var('sp_label', '');
    }
    $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']);
    $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']);
    $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']);
    $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']);
    $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']);
    if (!isset($A['sp_format'])) {
        $A['sp_format'] = '';
    }
    if ($A['sp_format'] == 'noblocks') {
        $sp_template->set_var('noblock_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('noblock_selected', '');
    }
    if ($A['sp_format'] == 'leftblocks') {
        $sp_template->set_var('leftblocks_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('leftblocks_selected', '');
    }
    if ($A['sp_format'] == 'blankpage') {
        $sp_template->set_var('blankpage_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('blankpage_selected', '');
    }
    if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) {
        $sp_template->set_var('allblocks_selected', 'selected="selected"');
    } else {
        $sp_template->set_var('allblocks_selected', '');
    }
    $sp_template->set_var('lang_content', $LANG_STATIC['content']);
    $content = '';
    if (isset($A['sp_content'])) {
        $content = htmlspecialchars(stripslashes($A['sp_content']));
        $content = str_replace(array('{', '}'), array('&#123;', '&#125;'), $content);
    }
    $sp_template->set_var('sp_content', $content);
    if ($_SP_CONF['filter_html'] == 1) {
        $allowed = COM_allowedHTML('staticpages.edit');
        $sp_template->set_var('lang_allowedhtml', $allowed);
        $sp_template->set_var('lang_allowed_html', $allowed);
    } else {
        $sp_template->set_var('lang_allowedhtml', $LANG_STATIC['all_html_allowed']);
        $allowed = '<span class="warningsmall">' . $LANG_STATIC['all_html_allowed'] . ',</span>' . LB . '<div dir="ltr" class="warningsmall">';
        $autotags = array_keys(PLG_collectTags());
        $allowed .= '[' . implode(':], [', $autotags) . ':]';
        $allowed .= '</div>';
        $sp_template->set_var('lang_allowed_html', $allowed);
    }
    $sp_template->set_var('lang_hits', $LANG_STATIC['hits']);
    if (empty($A['sp_hits'])) {
        $sp_template->set_var('sp_hits', '0');
        $sp_template->set_var('sp_hits_formatted', '0');
    } else {
        $sp_template->set_var('sp_hits', $A['sp_hits']);
        $sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits']));
    }
    $sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer')));
    $sp_template->set_var('xhtml', XHTML);
    $sp_template->set_var('gltoken_name', CSRF_TOKEN);
    $sp_template->set_var('gltoken', $token);
    $sp_template->parse('output', 'form');
    $retval .= $sp_template->finish($sp_template->get_var('output'));
    return $retval;
}
Exemple #25
0
function links_edit_category($cid, $pid)
{
    global $_CONF, $_TABLES, $_USER, $MESSAGE, $LANG_LINKS_ADMIN, $LANG_ADMIN, $LANG_ACCESS, $_LI_CONF;
    $retval = '';
    $cid = addslashes($cid);
    if (!empty($pid)) {
        // have parent id, so making a new subcategory
        // get parent access rights
        $result = DB_query("SELECT group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['linkcategories']} WHERE cid='" . addslashes($pid) . "'");
        $A = DB_fetchArray($result);
        $A['owner_id'] = $_USER['uid'];
        $A['pid'] = $pid;
    } elseif (!empty($cid)) {
        // have category id, so editing a category
        $sql = "SELECT * FROM {$_TABLES['linkcategories']} WHERE cid='{$cid}'" . COM_getPermSQL('AND');
        $result = DB_query($sql);
        $A = DB_fetchArray($result);
    } else {
        // nothing, so making a new top-level category
        // get default access rights
        $A['group_id'] = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='Links Admin'");
        SEC_setDefaultPermissions($A, $_LI_CONF['category_permissions']);
        $A['owner_id'] = $_USER['uid'];
        $A['pid'] = $_LI_CONF['root'];
    }
    $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
    if ($access < 3) {
        return COM_showMessage(6, 'links');
    }
    $token = SEC_createToken();
    $retval .= COM_startBlock($LANG_LINKS_ADMIN[56], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= SEC_getTokenExpiryNotice($token);
    $T = new Template($_CONF['path'] . 'plugins/links/templates/admin');
    $T->set_file(array('page' => 'categoryeditor.thtml'));
    $T->set_var('xhtml', XHTML);
    $T->set_var('site_url', $_CONF['site_url']);
    $T->set_var('site_admin_url', $_CONF['site_admin_url']);
    $T->set_var('layout_url', $_CONF['layout_url']);
    $T->set_var('lang_pagetitle', $LANG_LINKS_ADMIN[28]);
    $T->set_var('lang_link_list', $LANG_LINKS_ADMIN[53]);
    $T->set_var('lang_new_link', $LANG_LINKS_ADMIN[51]);
    $T->set_var('lang_validate_links', $LANG_LINKS_ADMIN[26]);
    $T->set_var('lang_list_categories', $LANG_LINKS_ADMIN[50]);
    $T->set_var('lang_new_category', $LANG_LINKS_ADMIN[52]);
    $T->set_var('lang_admin_home', $LANG_ADMIN['admin_home']);
    $T->set_var('instructions', $LANG_LINKS_ADMIN[29]);
    $T->set_var('lang_category', $LANG_LINKS_ADMIN[30]);
    $T->set_var('lang_cid', $LANG_LINKS_ADMIN[32]);
    $T->set_var('lang_description', $LANG_LINKS_ADMIN[31]);
    $T->set_var('lang_topic', $LANG_LINKS_ADMIN[33]);
    $T->set_var('lang_parent', $LANG_LINKS_ADMIN[34]);
    $T->set_var('lang_save', $LANG_ADMIN['save']);
    if (!empty($cid)) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $T->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $T->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    } else {
        $T->set_var('delete_option', '');
    }
    $T->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    if (!empty($cid)) {
        $T->set_var('cid_value', $A['cid']);
        $T->set_var('old_cid_value', $A['cid']);
        $T->set_var('category_options', links_select_box(3, $A['pid']));
        $T->set_var('category_value', $A['category']);
        $T->set_var('description_value', $A['description']);
    } else {
        $A['cid'] = COM_makeSid();
        $T->set_var('cid_value', $A['cid']);
        $T->set_var('old_cid_value', '');
        $T->set_var('category_options', links_select_box(3, $A['pid']));
        $T->set_var('category_value', '');
        $T->set_var('description_value', '');
    }
    if (!isset($A['tid'])) {
        $A['tid'] = 'all';
    }
    $topics = COM_topicList('tid,topic', $A['tid'], 1, true);
    $T->set_var('topic_list', $topics);
    $alltopics = '<option value="all"';
    if ($A['tid'] == 'all') {
        $alltopics .= ' selected="selected"';
    }
    $alltopics .= '>' . $LANG_LINKS_ADMIN[35] . '</option>' . LB;
    $T->set_var('topic_selection', '<select name="tid">' . $alltopics . $topics . '</select>');
    if (empty($cid)) {
        $num_links = $LANG_ADMIN['na'];
    } else {
        $nresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['links']} WHERE cid='{$cid}'" . COM_getPermSQL('AND'));
        $N = DB_fetchArray($nresult);
        $num_links = COM_numberFormat($N['count']);
    }
    $T->set_var('lang_num_links', $LANG_LINKS_ADMIN[61]);
    $T->set_var('num_links', $num_links);
    // user access info
    $T->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $T->set_var('lang_owner', $LANG_ACCESS['owner']);
    $T->set_var('owner_name', COM_getDisplayName($A['owner_id']));
    $T->set_var('cat_ownerid', $A['owner_id']);
    $T->set_var('lang_group', $LANG_ACCESS['group']);
    $T->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $T->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $T->set_var('lang_permissionskey', $LANG_ACCESS['permissionskey']);
    $T->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $T->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    $T->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $T->set_var('lang_lockmsg', $LANG_ACCESS['permmsg']);
    $T->set_var('gltoken_name', CSRF_TOKEN);
    $T->set_var('gltoken', $token);
    $T->parse('output', 'page');
    $retval .= $T->finish($T->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Exemple #26
0
/**
* Shows event editor
*
* @param    string  $mode   Indicates if this is a submission or a regular entry
* @param    array   $A      array holding the event's details
* @param    string  $msg    an optional error message to display
* @return   string          HTML for event editor or error message
*
*/
function CALENDAR_editEvent($mode, $A, $msg = '')
{
    global $_CONF, $_GROUPS, $_TABLES, $_USER, $_CA_CONF, $LANG_CAL_1, $LANG_CAL_ADMIN, $LANG10, $LANG12, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS;
    // Loads jQuery UI datepicker and timepicker-addon
    $_SCRIPTS->setJavaScriptLibrary('jquery.ui.slider');
    $_SCRIPTS->setJavaScriptLibrary('jquery.ui.datepicker');
    $_SCRIPTS->setJavaScriptLibrary('jquery-ui-i18n');
    $_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon');
    $_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon-i18n');
    $_SCRIPTS->setJavaScriptFile('datetimepicker', '/javascript/datetimepicker.js');
    // Add JavaScript
    $_SCRIPTS->setJavaScriptFile('postmode_control', '/javascript/postmode_control.js');
    $langCode = COM_getLangIso639Code();
    $toolTip = $MESSAGE[118];
    $imgUrl = $_CONF['site_url'] . '/images/calendar.png';
    $_SCRIPTS->setJavaScript("jQuery(function () {" . "  geeklog.hour_mode = {$_CONF['hour_mode']};" . "  geeklog.datetimepicker.options.stepMinute = 15;" . "  geeklog.datetimepicker.set('start', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . "  geeklog.datetimepicker.set('end', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . "});", TRUE, TRUE);
    $retval = '';
    if (!empty($msg)) {
        $retval .= COM_showMessageText($msg, $LANG_CAL_ADMIN[2]);
    }
    $event_templates = COM_newTemplate(CTL_plugin_templatePath('calendar', 'admin'));
    $event_templates->set_file('editor', 'eventeditor.thtml');
    $allowed = '';
    foreach (array('plaintext', 'html') as $pm) {
        $allowed .= COM_allowedHTML('calendar.edit', false, 1, $pm);
    }
    $allowed .= COM_allowedAutotags();
    $event_templates->set_var('lang_allowed_html', $allowed);
    $event_templates->set_var('lang_postmode', $LANG_CAL_ADMIN[3]);
    if ($mode != 'editsubmission' and !empty($A['eid'])) {
        // Get what level of access user has to this object
        $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
        if ($access == 0 or $access == 2) {
            // Uh, oh!  User doesn't have access to this object
            $retval .= COM_showMessageText($LANG_CAL_ADMIN[17], $LANG_ACCESS['accessdenied']);
            COM_accessLog("User {$_USER['username']} tried to illegally submit or edit event {$eid}.");
            return $retval;
        }
    } else {
        if (empty($A['owner_id'])) {
            $A['owner_id'] = $_USER['uid'];
        }
        if (isset($_GROUPS['Calendar Admin'])) {
            $A['group_id'] = $_GROUPS['Calendar Admin'];
        } else {
            $A['group_id'] = SEC_getFeatureGroup('calendar.edit');
        }
        SEC_setDefaultPermissions($A, $_CA_CONF['default_permissions']);
        $access = 3;
    }
    if ($mode == 'editsubmission') {
        $event_templates->set_var('post_options', COM_optionList($_TABLES['postmodes'], 'code,name', 'plaintext'));
    } else {
        if (!isset($A['postmode'])) {
            $A['postmode'] = $_CONF['postmode'];
        }
        $event_templates->set_var('post_options', COM_optionList($_TABLES['postmodes'], 'code,name', $A['postmode']));
    }
    $token = SEC_createToken();
    $retval .= COM_startBlock($LANG_CAL_ADMIN[1], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= SEC_getTokenExpiryNotice($token);
    if (!empty($A['eid'])) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $event_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $event_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
        $event_templates->set_var('allow_delete', true);
        $event_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
        $event_templates->set_var('confirm_message', $MESSAGE[76]);
        if ($mode == 'editsubmission') {
            $event_templates->set_var('submission_option', '<input type="hidden" name="type" value="submission"' . XHTML . '>');
        }
    } else {
        // new event
        $A['eid'] = COM_makesid();
        $A['title'] = '';
        $A['description'] = '';
        $A['url'] = '';
        $A['hits'] = 0;
        // in case a start date/time has been passed from the calendar,
        // pick it up for the end date/time
        if (empty($A['dateend'])) {
            $A['dateend'] = $A['datestart'];
        }
        if (empty($A['timeend'])) {
            $A['timeend'] = $A['timestart'];
        }
        $A['event_type'] = '';
        $A['location'] = '';
        $A['address1'] = '';
        $A['address2'] = '';
        $A['city'] = '';
        $A['state'] = '';
        $A['zipcode'] = '';
        $A['allday'] = 0;
    }
    $event_templates->set_var('lang_eventid', $LANG_CAL_ADMIN[34]);
    $event_templates->set_var('event_id', $A['eid']);
    $event_templates->set_var('lang_eventtitle', $LANG_ADMIN['title']);
    $A['title'] = str_replace('{', '&#123;', $A['title']);
    $A['title'] = str_replace('}', '&#125;', $A['title']);
    $A['title'] = str_replace('"', '&quot;', $A['title']);
    $event_templates->set_var('event_title', stripslashes($A['title']));
    $event_templates->set_var('lang_eventtype', $LANG_CAL_1[37]);
    $event_templates->set_var('lang_editeventtypes', $LANG12[50]);
    $event_templates->set_var('type_options', CALENDAR_eventTypeList($A['event_type']));
    $event_templates->set_var('lang_eventurl', $LANG_CAL_ADMIN[4]);
    $event_templates->set_var('max_url_length', 255);
    $event_templates->set_var('event_url', $A['url']);
    $event_templates->set_var('lang_includehttp', $LANG_CAL_ADMIN[9]);
    $event_templates->set_var('lang_eventstartdate', $LANG_CAL_ADMIN[5]);
    //$event_templates->set_var('event_startdate', $A['datestart']);
    $event_templates->set_var('lang_starttime', $LANG_CAL_1[30]);
    // Combine date/time for easier manipulation
    $A['datestart'] = trim($A['datestart'] . ' ' . $A['timestart']);
    if (empty($A['datestart'])) {
        $start_stamp = time();
    } else {
        $start_stamp = strtotime($A['datestart']);
    }
    $A['dateend'] = trim($A['dateend'] . ' ' . $A['timeend']);
    if (empty($A['dateend'])) {
        $end_stamp = time();
    } else {
        $end_stamp = strtotime($A['dateend']);
    }
    $start_month = date('m', $start_stamp);
    $start_day = date('d', $start_stamp);
    $start_year = date('Y', $start_stamp);
    $end_month = date('m', $end_stamp);
    $end_day = date('d', $end_stamp);
    $end_year = date('Y', $end_stamp);
    $start_hour = date('H', $start_stamp);
    $start_minute = intval(date('i', $start_stamp) / 15) * 15;
    if ($start_hour >= 12) {
        $startampm = 'pm';
    } else {
        $startampm = 'am';
    }
    $start_hour_24 = $start_hour % 24;
    if ($start_hour > 12) {
        $start_hour = $start_hour - 12;
    } else {
        if ($start_hour == 0) {
            $start_hour = 12;
        }
    }
    $end_hour = date('H', $end_stamp);
    $end_minute = intval(date('i', $end_stamp) / 15) * 15;
    if ($end_hour >= 12) {
        $endampm = 'pm';
    } else {
        $endampm = 'am';
    }
    $end_hour_24 = $end_hour % 24;
    if ($end_hour > 12) {
        $end_hour = $end_hour - 12;
    } else {
        if ($end_hour == 0) {
            $end_hour = 12;
        }
    }
    $month_options = COM_getMonthFormOptions($start_month);
    $event_templates->set_var('startmonth_options', $month_options);
    $month_options = COM_getMonthFormOptions($end_month);
    $event_templates->set_var('endmonth_options', $month_options);
    $day_options = COM_getDayFormOptions($start_day);
    $event_templates->set_var('startday_options', $day_options);
    $day_options = COM_getDayFormOptions($end_day);
    $event_templates->set_var('endday_options', $day_options);
    $year_options = COM_getYearFormOptions($start_year);
    $event_templates->set_var('startyear_options', $year_options);
    $year_options = COM_getYearFormOptions($end_year);
    $event_templates->set_var('endyear_options', $year_options);
    if (isset($_CA_CONF['hour_mode']) && $_CA_CONF['hour_mode'] == 24) {
        $hour_options = COM_getHourFormOptions($start_hour_24, 24);
        $event_templates->set_var('starthour_options', $hour_options);
        $hour_options = COM_getHourFormOptions($end_hour_24, 24);
        $event_templates->set_var('endhour_options', $hour_options);
        $event_templates->set_var('hour_mode', 24);
    } else {
        $hour_options = COM_getHourFormOptions($start_hour);
        $event_templates->set_var('starthour_options', $hour_options);
        $hour_options = COM_getHourFormOptions($end_hour);
        $event_templates->set_var('endhour_options', $hour_options);
        $event_templates->set_var('hour_mode', 12);
    }
    $event_templates->set_var('startampm_selection', COM_getAmPmFormSelection('start_ampm', $startampm));
    $event_templates->set_var('endampm_selection', COM_getAmPmFormSelection('end_ampm', $endampm));
    $event_templates->set_var('startminute_options', COM_getMinuteFormOptions($start_minute, 15));
    $event_templates->set_var('endminute_options', COM_getMinuteFormOptions($end_minute, 15));
    $event_templates->set_var('lang_enddate', $LANG12[13]);
    $event_templates->set_var('lang_eventenddate', $LANG_CAL_ADMIN[6]);
    $event_templates->set_var('event_enddate', $A['dateend']);
    $event_templates->set_var('lang_enddate', $LANG12[13]);
    $event_templates->set_var('lang_endtime', $LANG_CAL_1[29]);
    $event_templates->set_var('lang_alldayevent', $LANG_CAL_1[31]);
    if ($A['allday'] == 1) {
        $event_templates->set_var('allday_checked', 'checked="checked"');
    }
    $event_templates->set_var('lang_location', $LANG12[51]);
    $event_templates->set_var('event_location', stripslashes($A['location']));
    $event_templates->set_var('lang_addressline1', $LANG12[44]);
    $event_templates->set_var('event_address1', stripslashes($A['address1']));
    $event_templates->set_var('lang_addressline2', $LANG12[45]);
    $event_templates->set_var('event_address2', stripslashes($A['address2']));
    $event_templates->set_var('lang_city', $LANG12[46]);
    $event_templates->set_var('event_city', stripslashes($A['city']));
    $event_templates->set_var('lang_state', $LANG12[47]);
    $event_templates->set_var('state_options', '');
    $event_templates->set_var('event_state', stripslashes($A['state']));
    $event_templates->set_var('lang_zipcode', $LANG12[48]);
    $event_templates->set_var('event_zipcode', $A['zipcode']);
    $event_templates->set_var('lang_eventlocation', $LANG_CAL_ADMIN[7]);
    $event_templates->set_var('event_location', stripslashes($A['location']));
    $event_templates->set_var('lang_eventdescription', $LANG_CAL_ADMIN[8]);
    $event_templates->set_var('event_description', stripslashes($A['description']));
    $event_templates->set_var('lang_hits', $LANG10[30]);
    $event_templates->set_var('hits', COM_numberFormat($A['hits']));
    $event_templates->set_var('lang_save', $LANG_ADMIN['save']);
    $event_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    // user access info
    $event_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
    $event_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
    $ownername = COM_getDisplayName($A['owner_id']);
    $event_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
    $event_templates->set_var('owner_name', $ownername);
    $event_templates->set_var('owner', $ownername);
    $event_templates->set_var('owner_id', $A['owner_id']);
    $event_templates->set_var('lang_group', $LANG_ACCESS['group']);
    $event_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
    $event_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
    $event_templates->set_var('lang_permissionskey', $LANG_ACCESS['permissionskey']);
    $event_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
    $event_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
    $event_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
    $event_templates->set_var('gltoken_name', CSRF_TOKEN);
    $event_templates->set_var('gltoken', $token);
    $event_templates->parse('output', 'editor');
    $retval .= $event_templates->finish($event_templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Exemple #27
0
/**
* Shows the user edit form
*
* @param    int     $uid    User to edit
* @param    int     $msg    Error message to display
* @return   string          HTML for user edit form
*
*/
function edituser($uid = '', $msg = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG28, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE;
    require_once $_CONF['path_system'] . 'lib-admin.php';
    $retval = '';
    if (!empty($msg)) {
        $retval .= COM_showMessageText($MESSAGE[$msg], $LANG28[22]);
    }
    if (!empty($msg) && !empty($uid) && $uid > 1) {
        // an error occured while editing a user - if it was a new account,
        // don't bother trying to read the user's data from the database ...
        $cnt = DB_count($_TABLES['users'], 'uid', $uid);
        if ($cnt == 0) {
            $uid = '';
        }
    }
    if (!empty($uid) && $uid > 1) {
        $result = DB_query("SELECT * FROM {$_TABLES['users']} WHERE uid = '{$uid}'");
        $A = DB_fetchArray($result);
        if (empty($A['uid'])) {
            return COM_refresh($_CONF['site_admin_url'] . '/user.php');
        }
        if (SEC_inGroup('Root', $uid) and !SEC_inGroup('Root')) {
            // the current admin user isn't Root but is trying to change
            // a root account.  Deny them and log it.
            $retval .= COM_showMessageText($LANG_ACCESS['editrootmsg'], $LANG28[1]);
            COM_accessLog("User {$_USER['username']} tried to edit a Root account with insufficient privileges.");
            return $retval;
        }
        $curtime = COM_getUserDateTimeFormat($A['regdate']);
        $lastlogin = DB_getItem($_TABLES['userinfo'], 'lastlogin', "uid = '{$uid}'");
        $lasttime = COM_getUserDateTimeFormat($lastlogin);
    } else {
        $A['uid'] = '';
        $uid = '';
        $curtime = COM_getUserDateTimeFormat();
        $lastlogin = '';
        $lasttime = '';
        $A['status'] = USER_ACCOUNT_ACTIVE;
    }
    // POST data can override, in case there was an error while editing a user
    if (isset($_POST['username'])) {
        $A['username'] = strip_tags($_POST['username']);
    }
    if (isset($_POST['fullname'])) {
        $A['fullname'] = strip_tags($_POST['fullname']);
    }
    if (isset($_POST['email'])) {
        $A['email'] = strip_tags($_POST['email']);
    }
    if (isset($_POST['homepage'])) {
        $A['homepage'] = strip_tags($_POST['homepage']);
    }
    if (isset($_POST['userstatus'])) {
        $A['status'] = COM_applyFilter($_POST['userstatus'], true);
    }
    $token = SEC_createToken();
    $retval .= COM_startBlock($LANG28[1], '', COM_getBlockTemplate('_admin_block', 'header'));
    $retval .= SEC_getTokenExpiryNotice($token);
    $user_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/user');
    $user_templates->set_file(array('form' => 'edituser.thtml', 'password' => 'password.thtml', 'groupedit' => 'groupedit.thtml'));
    $user_templates->set_var('lang_save', $LANG_ADMIN['save']);
    if (!empty($uid) && $A['uid'] != $_USER['uid'] && SEC_hasRights('user.delete')) {
        $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
        $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
        $user_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        $user_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
    }
    $user_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $user_templates->set_var('lang_userid', $LANG28[2]);
    if (empty($A['uid'])) {
        $user_templates->set_var('user_id', $LANG_ADMIN['na']);
    } else {
        $user_templates->set_var('user_id', $A['uid']);
    }
    $user_templates->set_var('lang_regdate', $LANG28[14]);
    $user_templates->set_var('regdate_timestamp', $curtime[1]);
    $user_templates->set_var('user_regdate', $curtime[0]);
    $user_templates->set_var('lang_lastlogin', $LANG28[35]);
    if (empty($lastlogin)) {
        $user_templates->set_var('user_lastlogin', $LANG28[36]);
    } else {
        $user_templates->set_var('user_lastlogin', $lasttime[0]);
    }
    $user_templates->set_var('lang_username', $LANG28[3]);
    if (isset($A['username'])) {
        $user_templates->set_var('username', $A['username']);
    } else {
        $user_templates->set_var('username', '');
    }
    $remoteservice = '';
    if ($_CONF['show_servicename']) {
        if (!empty($A['remoteservice'])) {
            $remoteservice = '@' . $A['remoteservice'];
        }
    }
    $user_templates->set_var('remoteservice', $remoteservice);
    if ($_CONF['allow_user_photo'] && $A['uid'] > 0) {
        $photo = USER_getPhoto($A['uid'], $A['photo'], $A['email'], -1);
        $user_templates->set_var('user_photo', $photo);
        if (empty($A['photo'])) {
            $user_templates->set_var('lang_delete_photo', '');
            $user_templates->set_var('delete_photo_option', '');
        } else {
            $user_templates->set_var('lang_delete_photo', $LANG28[28]);
            $user_templates->set_var('delete_photo_option', '<input type="checkbox" name="delete_photo"' . XHTML . '>');
        }
    } else {
        $user_templates->set_var('user_photo', '');
        $user_templates->set_var('lang_delete_photo', '');
        $user_templates->set_var('delete_photo_option', '');
    }
    $user_templates->set_var('lang_fullname', $LANG28[4]);
    if (isset($A['fullname'])) {
        $user_templates->set_var('user_fullname', htmlspecialchars($A['fullname']));
    } else {
        $user_templates->set_var('user_fullname', '');
    }
    if (empty($A['remoteservice'])) {
        $user_templates->set_var('lang_password', $LANG28[5]);
        $user_templates->set_var('lang_password_conf', $LANG28[39]);
        $user_templates->parse('password_option', 'password', true);
    } else {
        $user_templates->set_var('password_option', '');
    }
    $user_templates->set_var('lang_emailaddress', $LANG28[7]);
    if (isset($A['email'])) {
        $user_templates->set_var('user_email', htmlspecialchars($A['email']));
    } else {
        $user_templates->set_var('user_email', '');
    }
    $user_templates->set_var('lang_homepage', $LANG28[8]);
    if (isset($A['homepage'])) {
        $user_templates->set_var('user_homepage', htmlspecialchars($A['homepage']));
    } else {
        $user_templates->set_var('user_homepage', '');
    }
    $user_templates->set_var('do_not_use_spaces', '');
    $statusarray = array(USER_ACCOUNT_AWAITING_ACTIVATION => $LANG28[43], USER_ACCOUNT_ACTIVE => $LANG28[45]);
    $allow_ban = true;
    if (!empty($uid)) {
        if ($A['uid'] == $_USER['uid']) {
            $allow_ban = false;
            // do not allow to ban yourself
        } elseif (SEC_inGroup('Root', $A['uid'])) {
            // editing a Root user?
            $count_root_sql = "SELECT COUNT(ug_uid) AS root_count FROM {$_TABLES['group_assignments']} WHERE ug_main_grp_id = 1 GROUP BY ug_uid;";
            $count_root_result = DB_query($count_root_sql);
            $C = DB_fetchArray($count_root_result);
            // how many are left?
            if ($C['root_count'] < 2) {
                $allow_ban = false;
                // prevent banning the last root user
            }
        }
    }
    if ($allow_ban) {
        $statusarray[USER_ACCOUNT_DISABLED] = $LANG28[42];
    }
    if ($_CONF['usersubmission'] == 1 && !empty($uid)) {
        $statusarray[USER_ACCOUNT_AWAITING_APPROVAL] = $LANG28[44];
    }
    asort($statusarray);
    $statusselect = '<select name="userstatus">';
    foreach ($statusarray as $key => $value) {
        $statusselect .= '<option value="' . $key . '"';
        if ($key == $A['status']) {
            $statusselect .= ' selected="selected"';
        }
        $statusselect .= '>' . $value . '</option>' . LB;
    }
    $statusselect .= '</select><input type="hidden" name="oldstatus" value="' . $A['status'] . '"' . XHTML . '>';
    $user_templates->set_var('user_status', $statusselect);
    $user_templates->set_var('lang_user_status', $LANG28[46]);
    if ($_CONF['custom_registration'] and function_exists('CUSTOM_userEdit')) {
        if (!empty($uid) && $uid > 1) {
            $user_templates->set_var('customfields', CUSTOM_userEdit($uid));
        } else {
            $user_templates->set_var('customfields', CUSTOM_userEdit($A['uid']));
        }
    }
    if (SEC_hasRights('group.assign')) {
        $user_templates->set_var('lang_securitygroups', $LANG_ACCESS['securitygroups']);
        $user_templates->set_var('lang_groupinstructions', $LANG_ACCESS['securitygroupsmsg']);
        if (!empty($uid)) {
            $usergroups = SEC_getUserGroups($uid);
            if (is_array($usergroups) && !empty($uid)) {
                $selected = implode(' ', $usergroups);
            } else {
                $selected = '';
            }
        } else {
            $selected = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'All Users'") . ' ';
            $selected .= DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Logged-in Users'");
            // add default groups, if any
            $result = DB_query("SELECT grp_id FROM {$_TABLES['groups']} WHERE grp_default = 1");
            $num_defaults = DB_numRows($result);
            for ($i = 0; $i < $num_defaults; $i++) {
                list($def_grp) = DB_fetchArray($result);
                $selected .= ' ' . $def_grp;
            }
        }
        // in case of an error we may have previously selected a different
        // mix of groups already - reconstruct those from the POST data
        if (isset($_POST['groups']) && count($_POST['groups']) > 0) {
            $selected = implode(' ', $_POST['groups']);
        }
        $thisUsersGroups = SEC_getUserGroups();
        $remoteGroup = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'");
        if (!empty($remoteGroup)) {
            $thisUsersGroups[] = $remoteGroup;
        }
        $whereGroups = 'grp_id IN (' . implode(',', $thisUsersGroups) . ')';
        $header_arr = array(array('text' => $LANG28[86], 'field' => 'checkbox', 'sort' => false), array('text' => $LANG_ACCESS['groupname'], 'field' => 'grp_name', 'sort' => true), array('text' => $LANG_ACCESS['description'], 'field' => 'grp_descr', 'sort' => true));
        $defsort_arr = array('field' => 'grp_name', 'direction' => 'asc');
        $form_url = $_CONF['site_admin_url'] . '/user.php?mode=edit&amp;uid=' . $uid;
        $text_arr = array('has_menu' => false, 'title' => '', 'instructions' => '', 'icon' => '', 'form_url' => $form_url, 'inline' => true);
        $sql = "SELECT grp_id, grp_name, grp_descr FROM {$_TABLES['groups']} WHERE " . $whereGroups;
        $query_arr = array('table' => 'groups', 'sql' => $sql, 'query_fields' => array('grp_name'), 'default_filter' => '', 'query' => '', 'query_limit' => 0);
        $groupoptions = ADMIN_list('usergroups', 'ADMIN_getListField_usergroups', $header_arr, $text_arr, $query_arr, $defsort_arr, '', explode(' ', $selected));
        $user_templates->set_var('group_options', $groupoptions);
        $user_templates->parse('group_edit', 'groupedit', true);
    } else {
        // user doesn't have the rights to edit a user's groups so set to -1
        // so we know not to handle the groups array when we save
        $user_templates->set_var('group_edit', '<input type="hidden" name="groups" value="-1"' . XHTML . '>');
    }
    $user_templates->set_var('gltoken_name', CSRF_TOKEN);
    $user_templates->set_var('gltoken', $token);
    $user_templates->parse('output', 'form');
    $retval .= $user_templates->finish($user_templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Exemple #28
0
function fncMenu()
{
    global $_CONF;
    global $_TABLES;
    global $LANG_ADMIN;
    global $LANG09;
    global $LANG28;
    global $LANG_ASSIST_ADMIN;
    $retval = '';
    //擬似クーロン実行日
    $datetime = DB_getItem($_TABLES['vars'], 'value', "name = 'last_scheduled_run'");
    if ($datetime === "") {
        $datetime = time();
    }
    $token = SEC_createToken();
    $retval .= SEC_getTokenExpiryNotice($token);
    $script = "";
    $last_scheduled_run = fncdatetimeedit($datetime, $LANG_ASSIST_ADMIN['last_scheduled_run'], $token, $script);
    $retval .= $last_scheduled_run;
    return $retval;
}
Exemple #29
0
function LIB_Edit($pi_name, $id, $edt_flg, $msg = '', $errmsg = "", $mode = "edit")
{
    global $_CONF;
    global $_TABLES;
    global $LANG_ADMIN;
    global $MESSAGE;
    global $LANG_ACCESS;
    global $_USER;
    $lang_box_admin = "LANG_" . strtoupper($pi_name) . "_ADMIN";
    global ${$lang_box_admin};
    $lang_box_admin = ${$lang_box_admin};
    $lang_box = "LANG_" . strtoupper($pi_name);
    global ${$lang_box};
    $lang_box = ${$lang_box};
    $lang_box_noyes = "LANG_" . strtoupper($pi_name) . "_NOYES";
    global ${$lang_box_noyes};
    $lang_box_noyes = ${$lang_box_noyes};
    $lang_box_inputtype = "LANG_" . strtoupper($pi_name) . "_INPUTTYPE";
    global ${$lang_box_inputtype};
    $lang_box_inputtype = ${$lang_box_inputtype};
    $table = $_TABLES[strtoupper($pi_name) . '_def_group'];
    $table1 = $_TABLES[strtoupper($pi_name) . '_def_category'];
    $table2 = $_TABLES[strtoupper($pi_name) . '_def_field'];
    //        $cur_year = date( 'Y' );
    //        $year_startoffset=1990 - $cur_year +1;
    //        $year_endoffset=0;
    $retval = '';
    $delflg = false;
    //メッセージ表示
    if (!empty($msg)) {
        $retval .= COM_showMessage($msg, $pi_name);
        $retval .= $errmsg;
        // clean 'em up
        $code = COM_applyFilter($_POST['code']);
        $name = COM_applyFilter($_POST['name']);
        $description = $_POST['description'];
        //COM_applyFilter($_POST['description']);
        $orderno = COM_applyFilter($_POST['orderno']);
        $parent_flg = COM_applyFilter($_POST['parent_flg'], true);
        $input_type = COM_applyFilter($_POST['input_type'], true);
        $uuid = $_USER['uid'];
    } else {
        if (empty($id)) {
            $id = 0;
            $code = "";
            $name = "";
            $description = "";
            $orderno = "";
            $parent_flg = 0;
            $uuid = 0;
            $udatetime = "";
            //"";
        } else {
            $sql = "SELECT ";
            $sql .= " *";
            $sql .= " ,UNIX_TIMESTAMP(udatetime) AS udatetime_un" . LB;
            $sql .= " FROM ";
            $sql .= $table;
            $sql .= " WHERE ";
            $sql .= " group_id = {$id}";
            $result = DB_query($sql);
            $A = DB_fetchArray($result);
            $code = COM_stripslashes($A['code']);
            $name = COM_stripslashes($A['name']);
            $description = COM_stripslashes($A['description']);
            $orderno = COM_stripslashes($A['orderno']);
            $parent_flg = COM_stripslashes($A['parent_flg']);
            $input_type = COM_stripslashes($A['input_type']);
            $uuid = COM_stripslashes($A['uuid']);
            $wary = COM_getUserDateTimeFormat(COM_stripslashes($A['udatetime_un']));
            $udatetime = $wary[0];
            if ($edt_flg == FALSE) {
                $delflg = true;
            }
        }
    }
    if ($mode === "copy") {
        $id = 0;
        //作成日付
        $created = 0;
        $created_month = 0;
        $created_day = 0;
        $created_year = 0;
        $created_hour = 0;
        $created_minute = 0;
        //
        $delflg = false;
    }
    $retval .= COM_startBlock($lang_box_admin['edit'], '', COM_getBlockTemplate('_admin_block', 'header'));
    $tmplfld = DATABOX_templatePath('admin', 'default', $pi_name);
    $templates = new Template($tmplfld);
    $templates->set_file('editor', "group_editor.thtml");
    //--
    $templates->set_var('about_thispage', $lang_box_admin['about_admin_group']);
    $templates->set_var('lang_must', $lang_box_admin['must']);
    $templates->set_var('site_url', $_CONF['site_url']);
    $templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    $token = SEC_createToken();
    $retval .= SEC_getTokenExpiryNotice($token);
    $templates->set_var('gltoken_name', CSRF_TOKEN);
    $templates->set_var('gltoken', $token);
    $templates->set_var('xhtml', XHTML);
    $templates->set_var('script', THIS_SCRIPT);
    //
    $templates->set_var('lang_link_admin', $lang_box_admin['link_admin']);
    $templates->set_var('lang_link_admin_top', $lang_box_admin['link_admin_top']);
    //id
    $templates->set_var('lang_group_id', $lang_box_admin['group_id']);
    $templates->set_var('id', $id);
    //コード、名前&説明
    $templates->set_var('lang_code', $lang_box_admin['code']);
    $templates->set_var('code', $code);
    $templates->set_var('lang_name', $lang_box_admin['name']);
    $templates->set_var('name', $name);
    $templates->set_var('lang_description', $lang_box_admin['description']);
    $templates->set_var('description', $description);
    //順番
    $templates->set_var('lang_orderno', $lang_box_admin['orderno']);
    $templates->set_var('orderno', $orderno);
    //親ブループ?
    $templates->set_var('lang_parent_flg', $lang_box_admin['parent_flg']);
    $list_parent_flg = DATABOX_getradiolist($lang_box_noyes, "parent_flg", $parent_flg);
    $templates->set_var('list_parent_flg', $list_parent_flg);
    //入力タイプ
    $templates->set_var('lang_input_type', $lang_box_admin['input_type']);
    $list_input_type = DATABOX_getradiolist($lang_box_inputtype, "input_type", $input_type);
    $templates->set_var('list_input_type', $list_input_type);
    //保存日時
    $templates->set_var('lang_udatetime', $lang_box_admin['udatetime']);
    $templates->set_var('udatetime', $udatetime);
    $templates->set_var('lang_uuid', $lang_box_admin['uuid']);
    $templates->set_var('uuid', $uuid);
    // SAVE、CANCEL ボタン
    $templates->set_var('lang_save', $LANG_ADMIN['save']);
    $templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    $templates->set_var('lang_preview', $LANG_ADMIN['preview']);
    //delete_option
    if ($delflg) {
        $wkcnt = DB_count($table1, "categorygroup_id", $id);
        if ($wkcnt > 0) {
            $templates->set_var('lang_delete_help', $lang_box_admin['delete_help_group']);
        } else {
            $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s>';
            $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
            $templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
        }
    }
    //
    $templates->parse('output', 'editor');
    $retval .= $templates->finish($templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
function fncEdit($msg = "")
{
    $pi_name = "userbox";
    global $_CONF;
    global $_TABLES;
    global $LANG_ADMIN;
    global $LANG_ACCESS;
    global $_USER;
    global $LANG28;
    global $LANG_USERBOX_ADMIN;
    $uid = $_USER['uid'];
    $username = $_USER['username'];
    require_once $_CONF['path_system'] . 'lib-admin.php';
    $groupsforuser = fncGetGroupsForUser();
    if ($groupsforuser == "") {
        return $LANG_USERBOX_ADMIN['err_group_not_exist'];
    }
    $retval = '';
    //    $delflg=false;
    if (!empty($msg)) {
        $retval .= COM_showMessage($msg, $pi_name);
    }
    //-----
    $retval .= COM_startBlock($LANG_USERBOX_ADMIN['edit'], '', COM_getBlockTemplate('_admin_block', 'header'));
    //template フォルダ
    $tmplfld = DATABOX_templatePath('myprofile', 'default', $pi_name);
    $templates = new Template($tmplfld);
    $templates->set_file(array('editor' => 'securitygroup_editor.thtml', 'groupedit' => 'securitygroup_group.thtml'));
    //--
    $templates->set_var('about_thispage', $LANG_USERBOX_ADMIN['about_myprofile_securitygroup']);
    $templates->set_var('site_url', $_CONF['site_url']);
    $templates->set_var('site_admin_url', $_CONF['site_admin_url']);
    $token = SEC_createToken();
    $retval .= SEC_getTokenExpiryNotice($token);
    $templates->set_var('gltoken_name', CSRF_TOKEN);
    $templates->set_var('gltoken', $token);
    $templates->set_var('xhtml', XHTML);
    $templates->set_var('script', THIS_SCRIPT);
    // SAVE、CANCEL ボタン
    $templates->set_var('lang_save', $LANG_ADMIN['save']);
    $templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
    //$LANG28 = array(
    //    2 => 'ユーザID',
    //    3 => 'ユーザ名', username
    $templates->set_var('lang_uid', $LANG28['2']);
    $templates->set_var('uid', $uid);
    $templates->set_var('lang_username', $LANG28['3']);
    $templates->set_var('username', $username);
    //-----------
    //ヘッダ:編集~
    $header_arr[] = array('text' => $LANG28[86], 'field' => 'checkbox', 'sort' => false);
    $header_arr[] = array('text' => $LANG_ACCESS['groupname'], 'field' => 'grp_name', 'sort' => true);
    $header_arr[] = array('text' => $LANG_ACCESS['description'], 'field' => 'grp_descr', 'sort' => true);
    //
    $form_url = $_CONF['site_url'] . "/plugins/" . THIS_SCRIPT;
    $text_arr = array('has_menu' => false, 'title' => '', 'instructions' => '', 'icon' => '', 'form_url' => $form_url, 'inline' => true);
    //
    $whereGroups = 'grp_id IN (' . implode(',', $groupsforuser) . ')';
    $usergroups = SEC_getUserGroups($uid);
    if (is_array($usergroups) && !empty($uid)) {
        $selected = implode(' ', $usergroups);
    } else {
        $selected = '';
    }
    //Query
    $sql = "SELECT ";
    $sql .= " grp_id";
    $sql .= " , grp_name";
    $sql .= " , grp_descr ";
    $sql .= " FROM {$_TABLES['groups']} ";
    $sql .= " WHERE ";
    $sql .= $whereGroups;
    $query_arr = array('table' => 'groups', 'sql' => $sql, 'query_fields' => array('grp_name'), 'default_filter' => '', 'query' => '', 'query_limit' => 0);
    //デフォルトソート項目:
    $defsort_arr = array('field' => 'grp_name', 'direction' => 'asc');
    //List 取得
    //ADMIN_list(
    //       $component, $fieldfunction, $header_arr, $text_arr,
    //       $query_arr, $menu_arr, $defsort_arr, $filter = '', $extra = '', $options = '')
    $groupoptions = ADMIN_list('userbox', "fncGetListField", $header_arr, $text_arr, $query_arr, $defsort_arr, '', explode(' ', $selected));
    $templates->set_var('group_options', $groupoptions);
    $templates->parse('group_edit', 'groupedit', true);
    //??
    //
    $templates->parse('output', 'editor');
    $retval .= $templates->finish($templates->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}