/**
* Prints administration menu
*
* This will return the administration menu items that the user has
* sufficient rights to -- Admin Block on the left side.
*
* @param string $help Help file to show
* @param string $title Menu Title
* @param string $position Side being shown on 'left', 'right' or blank.
* @see function COM_userMenu
*
*/
function COM_adminMenu($help = '', $title = '', $position = '')
{
global $_TABLES, $_CONF, $_CONF_FT, $LANG01, $LANG_ADMIN, $_BLOCK_TEMPLATE, $_DB_dbms, $config;
$retval = '';
if (COM_isAnonUser()) {
return $retval;
}
$plugin_options = PLG_getAdminOptions();
$num_plugins = count($plugin_options);
if (SEC_isModerator() or SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,user.mail,syndication.edit', 'OR') or $num_plugins > 0 or SEC_hasConfigAcess()) {
// what's our current URL?
$thisUrl = COM_getCurrentURL();
$adminmenu = COM_newTemplate($_CONF['path_layout']);
if (isset($_BLOCK_TEMPLATE['adminoption'])) {
$templates = explode(',', $_BLOCK_TEMPLATE['adminoption']);
$adminmenu->set_file(array('option' => $templates[0], 'current' => $templates[1]));
} else {
$adminmenu->set_file(array('option' => 'adminoption.thtml', 'current' => 'adminoption_off.thtml'));
}
$adminmenu->set_var('block_name', str_replace('_', '-', 'admin_block'));
if (empty($title)) {
$title = DB_getItem($_TABLES['blocks'], 'title', "name = 'admin_block'");
}
$retval .= COM_startBlock($title, $help, COM_getBlockTemplate('admin_block', 'header', $position));
$topicsql = '';
if (SEC_isModerator() || SEC_hasRights('story.edit')) {
$tresult = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
$trows = DB_numRows($tresult);
if ($trows > 0) {
$tids = array();
for ($i = 0; $i < $trows; $i++) {
$T = DB_fetchArray($tresult);
$tids[] = $T['tid'];
}
if (count($tids) > 0) {
$topicsql = " (tid IN ('" . implode("','", $tids) . "'))";
}
}
}
$modnum = 0;
if (SEC_hasRights('story.edit,story.moderate', 'OR') || $_CONF['commentsubmission'] == 1 && SEC_hasRights('comment.moderate') || $_CONF['usersubmission'] == 1 && SEC_hasRights('user.edit,user.delete')) {
if (SEC_hasRights('story.moderate')) {
if (empty($topicsql)) {
$modnum += DB_count($_TABLES['storysubmission']);
} else {
$sresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['storysubmission']} WHERE" . $topicsql);
$S = DB_fetchArray($sresult);
$modnum += $S['count'];
}
}
if ($_CONF['listdraftstories'] == 1 && SEC_hasRights('story.edit')) {
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (draft_flag = 1)";
if (!empty($topicsql)) {
$sql .= ' AND' . $topicsql;
}
$result = DB_query($sql . COM_getPermSQL('AND', 0, 3));
$A = DB_fetchArray($result);
$modnum += $A['count'];
}
if ($_CONF['commentsubmission'] == 1 && SEC_hasRights('comment.moderate')) {
$modnum += DB_count($_TABLES['commentsubmissions']);
}
if ($_CONF['usersubmission'] == 1) {
if (SEC_hasRights('user.edit') && SEC_hasRights('user.delete')) {
$modnum += DB_count($_TABLES['users'], 'status', '2');
}
}
}
if (SEC_hasConfigAcess()) {
$url = $_CONF['site_admin_url'] . '/configuration.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[129]);
$adminmenu->set_var('option_count', count($config->_get_groups()));
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[129]] = $menu_item;
}
// now handle submissions for plugins
$modnum += PLG_getSubmissionCount();
if (SEC_hasRights('story.edit')) {
$url = $_CONF['site_admin_url'] . '/story.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[11]);
if (empty($topicsql)) {
$numstories = DB_count($_TABLES['stories']);
} else {
$nresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE" . $topicsql . COM_getPermSql('AND'));
$N = DB_fetchArray($nresult);
$numstories = $N['count'];
}
$adminmenu->set_var('option_count', COM_numberFormat($numstories));
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[11]] = $menu_item;
}
if (SEC_hasRights('block.edit')) {
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['blocks']}" . COM_getPermSql());
list($count) = DB_fetchArray($result);
$url = $_CONF['site_admin_url'] . '/block.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[12]);
$adminmenu->set_var('option_count', COM_numberFormat($count));
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[12]] = $menu_item;
}
if (SEC_hasRights('topic.edit')) {
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['topics']}" . COM_getPermSql());
list($count) = DB_fetchArray($result);
$url = $_CONF['site_admin_url'] . '/topic.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[13]);
$adminmenu->set_var('option_count', COM_numberFormat($count));
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[13]] = $menu_item;
}
if (SEC_hasRights('user.edit')) {
$url = $_CONF['site_admin_url'] . '/user.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[17]);
$active_users = DB_count($_TABLES['users'], 'status', USER_ACCOUNT_ACTIVE);
$adminmenu->set_var('option_count', COM_numberFormat($active_users - 1));
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[17]] = $menu_item;
}
if (SEC_hasRights('group.edit')) {
if (SEC_inGroup('Root')) {
$grpFilter = '';
} else {
$thisUsersGroups = SEC_getUserGroups();
$grpFilter = 'WHERE (grp_id IN (' . implode(',', $thisUsersGroups) . '))';
}
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['groups']} {$grpFilter};");
$A = DB_fetchArray($result);
$url = $_CONF['site_admin_url'] . '/group.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[96]);
$adminmenu->set_var('option_count', COM_numberFormat($A['count']));
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[96]] = $menu_item;
}
if (SEC_hasRights('user.mail')) {
$url = $_CONF['site_admin_url'] . '/mail.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[105]);
$adminmenu->set_var('option_count', $LANG_ADMIN['na']);
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[105]] = $menu_item;
}
if ($_CONF['backend'] == 1 && SEC_hasRights('syndication.edit')) {
$url = $_CONF['site_admin_url'] . '/syndication.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[38]);
$count = COM_numberFormat(DB_count($_TABLES['syndication']));
$adminmenu->set_var('option_count', $count);
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[38]] = $menu_item;
}
if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled'] || $_CONF['ping_enabled']) && SEC_hasRights('story.ping')) {
$url = $_CONF['site_admin_url'] . '/trackback.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[116]);
if ($_CONF['ping_enabled']) {
$count = COM_numberFormat(DB_count($_TABLES['pingservice']));
$adminmenu->set_var('option_count', $count);
} else {
$adminmenu->set_var('option_count', $LANG_ADMIN['na']);
}
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[116]] = $menu_item;
}
if (SEC_hasRights('plugin.edit')) {
$url = $_CONF['site_admin_url'] . '/plugins.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[77]);
$adminmenu->set_var('option_count', COM_numberFormat(DB_count($_TABLES['plugins'], 'pi_enabled', 1)));
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[77]] = $menu_item;
}
// This will show the admin options for all installed plugins (if any)
for ($i = 0; $i < $num_plugins; $i++) {
$plg = current($plugin_options);
$adminmenu->set_var('option_url', $plg->adminurl);
$adminmenu->set_var('option_label', $plg->adminlabel);
if (isset($plg->numsubmissions) && is_numeric($plg->numsubmissions)) {
$adminmenu->set_var('option_count', COM_numberFormat($plg->numsubmissions));
} elseif (!empty($plg->numsubmissions)) {
$adminmenu->set_var('option_count', $plg->numsubmissions);
} else {
$adminmenu->set_var('option_count', $LANG_ADMIN['na']);
}
$menu_item = $adminmenu->parse('item', $thisUrl == $plg->adminurl ? 'current' : 'option', true);
$link_array[$plg->adminlabel] = $menu_item;
next($plugin_options);
}
if ($_CONF['allow_mysqldump'] == 1 and $_DB_dbms == 'mysql' and SEC_inGroup('Root')) {
$url = $_CONF['site_admin_url'] . '/database.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[103]);
$adminmenu->set_var('option_count', $LANG_ADMIN['na']);
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[103]] = $menu_item;
}
if ($_CONF['link_documentation'] == 1) {
$doclang = COM_getLanguageName();
$docs = 'docs/' . $doclang . '/index.html';
if (file_exists($_CONF['path_html'] . $docs)) {
$adminmenu->set_var('option_url', $_CONF['site_url'] . '/' . $docs);
} else {
$adminmenu->set_var('option_url', $_CONF['site_url'] . '/docs/english/index.html');
}
$adminmenu->set_var('option_label', $LANG01[113]);
$adminmenu->set_var('option_count', $LANG_ADMIN['na']);
$menu_item = $adminmenu->parse('item', 'option');
$link_array[$LANG01[113]] = $menu_item;
}
if ($_CONF['link_versionchecker'] == 1 and SEC_inGroup('Root')) {
$adminmenu->set_var('option_url', 'http://www.geeklog.net/versionchecker.php?version=' . VERSION);
$adminmenu->set_var('option_label', $LANG01[107]);
$adminmenu->set_var('option_count', VERSION);
$menu_item = $adminmenu->parse('item', 'option');
$link_array[$LANG01[107]] = $menu_item;
}
if ($_CONF['sort_admin']) {
uksort($link_array, 'strcasecmp');
}
$url = $_CONF['site_admin_url'] . '/moderation.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[10]);
$adminmenu->set_var('option_count', COM_numberFormat($modnum));
$menu_item = $adminmenu->finish($adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option'));
$link_array = array($menu_item) + $link_array;
foreach ($link_array as $link) {
$retval .= $link;
}
$retval .= COM_endBlock(COM_getBlockTemplate('admin_block', 'footer', $position));
}
return $retval;
}
// Either their cookie expired or they are new
$cooktime = COM_getUserCookieTimeout();
if (!empty($cooktime)) {
// They want their cookie to persist for some amount of time so set it now
SEC_setCookie($_CONF['cookie_name'], $_USER['uid'], time() + $cooktime);
}
}
if (!SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,syndication.edit', 'OR')) {
$display .= COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
} else {
$display .= COM_refresh($_CONF['site_url'] . '/index.php');
}
echo $display;
exit;
} else {
if (!SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,user.mail,syndication.edit', 'OR') && count(PLG_getAdminOptions()) == 0 && !SEC_hasConfigAcess()) {
COM_updateSpeedlimit('login');
$display .= COM_siteHeader('menu');
$display .= COM_startBlock($LANG20[1]);
if (!$_CONF['user_login_method']['standard']) {
$display .= '<p>' . $LANG_LOGIN[2] . '</p>';
} else {
if (isset($_POST['warn'])) {
$display .= $LANG20[2] . '<br' . XHTML . '><br' . XHTML . '>' . COM_accessLog($LANG20[3] . ' ' . $_POST['loginname']);
}
$display .= '<form action="' . $_CONF['site_admin_url'] . '/moderation.php" method="post">' . '<table cellspacing="0" cellpadding="3" border="0" width="100%">' . LB . '<tr><td class="alignright"><b><label for="loginname">' . $LANG20[4] . '</label></b></td>' . LB . '<td><input type="text" name="loginname" id="loginname" size="16" maxlength="16"' . XHTML . '></td>' . LB . '</tr>' . LB . '<tr>' . LB . '<td class="alignright"><b><label for="passwd">' . $LANG20[5] . '</label></b></td>' . LB . '<td><input type="password" name="passwd" id="passwd" size="16"' . XHTML . '></td>' . '</tr>' . LB . '<tr>' . LB . '<td colspan="2" align="center" class="warning">' . $LANG20[6] . '<input type="hidden" name="warn" value="1"' . XHTML . '>' . '<br' . XHTML . '><input type="submit" name="mode" value="' . $LANG20[7] . '"' . XHTML . '></td>' . LB . '</tr>' . LB . '</table></form>';
}
$display .= COM_endBlock() . COM_siteFooter();
COM_output($display);
exit;
}
