Exemple #1
function plugin_list($message = '')
    pagetop(gTxt('edit_plugins'), $message);
    echo n . n . startTable('edit') . tr(tda(plugin_form(), ' colspan="8" style="height: 30px; border: none;"')) . endTable();
    extract(gpsa(array('sort', 'dir')));
    $dir = $dir == 'desc' ? 'desc' : 'asc';
    if (!in_array($sort, array('name', 'status', 'author', 'version', 'modified', 'load_order'))) {
        $sort = 'name';
    $sort_sql = $sort . ' ' . $dir;
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $rs = safe_rows_start('name, status, author, author_uri, version, description, length(help) as help, abs(strcmp(md5(code),code_md5)) as modified, load_order, flags', 'txp_plugin', '1 order by ' . $sort_sql);
    if ($rs and numRows($rs) > 0) {
        echo '<form action="index.php" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list') . tr(column_head('plugin', 'name', 'plugin', true, $switch_dir, '', '', 'name' == $sort ? $dir : '') . column_head('author', 'author', 'plugin', true, $switch_dir, '', '', 'author' == $sort ? $dir : '') . column_head('version', 'version', 'plugin', true, $switch_dir, '', '', 'version' == $sort ? $dir : '') . column_head('plugin_modified', 'modified', 'plugin', true, $switch_dir, '', '', 'modified' == $sort ? $dir : '') . hCell(gTxt('description')) . column_head('active', 'status', 'plugin', true, $switch_dir, '', '', 'status' == $sort ? $dir : '') . column_head('order', 'load_order', 'plugin', true, $switch_dir, '', '', 'load_order' == $sort ? $dir : '') . hCell(gTxt('manage'), '', ' class="manage"') . hCell());
        while ($a = nextRow($rs)) {
            foreach ($a as $key => $value) {
                ${$key} = htmlspecialchars($value);
            // Fix up the description for clean cases
            $description = preg_replace(array('#&lt;br /&gt;#', '#&lt;(/?(a|b|i|em|strong))&gt;#', '#&lt;a href=&quot;(https?|\\.|\\/|ftp)([A-Za-z0-9:/?.=_]+?)&quot;&gt;#'), array('<br />', '<$1>', '<a href="$1$2">'), $description);
            $help = !empty($help) ? n . t . '<li><a href="?event=plugin' . a . 'step=plugin_help' . a . 'name=' . urlencode($name) . '">' . gTxt('help') . '</a></li>' : '';
            $plugin_prefs = $flags & PLUGIN_HAS_PREFS && $status ? n . t . '<li><a href="?event=plugin_prefs.' . urlencode($name) . '">' . gTxt('plugin_prefs') . '</a></li>' : '';
            echo tr(n . td($name) . td(href($author, $author_uri)) . td($version, 10) . td($modified ? gTxt('yes') : '') . td($description, 260) . td(status_link($status, $name, yes_no($status)), 30) . td($load_order) . td(n . '<ul class="plugin_manage">' . $help . n . t . '<li>' . eLink('plugin', 'plugin_edit', 'name', $name, gTxt('edit')) . '</li>' . $plugin_prefs . n . '</ul>') . td(fInput('checkbox', 'selected[]', $name), 30));
            unset($name, $page, $deletelink);
        echo tr(tda(select_buttons() . plugin_multiedit_form('', $sort, $dir, '', ''), ' colspan="10" style="text-align: right; border: none;"')) . n . endTable() . n . '</form>';
function userExist($qry)
    $run = Run($qry);
    if ($run) {
        return numRows($run);
    } else {
        return '1';
Exemple #3
function plugin_list($message = '')
    global $event;
    pagetop(gTxt('tab_plugins'), $message);
    echo '<h1 class="txp-heading">' . gTxt('tab_plugins') . '</h1>';
    echo '<div id="' . $event . '_control" class="txp-control-panel">';
    echo n . plugin_form() . n . '</div>';
    extract(gpsa(array('sort', 'dir')));
    if ($sort === '') {
        $sort = get_pref('plugin_sort_column', 'name');
    if ($dir === '') {
        $dir = get_pref('plugin_sort_dir', 'asc');
    $dir = $dir == 'desc' ? 'desc' : 'asc';
    if (!in_array($sort, array('name', 'status', 'author', 'version', 'modified', 'load_order'))) {
        $sort = 'name';
    $sort_sql = $sort . ' ' . $dir;
    set_pref('plugin_sort_column', $sort, 'plugin', 2, '', 0, PREF_PRIVATE);
    set_pref('plugin_sort_dir', $dir, 'plugin', 2, '', 0, PREF_PRIVATE);
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $rs = safe_rows_start('name, status, author, author_uri, version, description, length(help) as help, abs(strcmp(md5(code),code_md5)) as modified, load_order, flags', 'txp_plugin', '1 order by ' . $sort_sql);
    if ($rs and numRows($rs) > 0) {
        echo n . '<div id="' . $event . '_container" class="txp-container">';
        echo '<form action="index.php" id="plugin_form" class="multi_edit_form" method="post" name="longform">' . n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('plugin', 'name', 'plugin', true, $switch_dir, '', '', ('name' == $sort ? "{$dir} " : '') . 'name') . n . column_head('author', 'author', 'plugin', true, $switch_dir, '', '', ('author' == $sort ? "{$dir} " : '') . 'author') . n . column_head('version', 'version', 'plugin', true, $switch_dir, '', '', ('version' == $sort ? "{$dir} " : '') . 'version') . n . column_head('plugin_modified', 'modified', 'plugin', true, $switch_dir, '', '', ('modified' == $sort ? "{$dir} " : '') . 'modified') . n . hCell(gTxt('description'), '', ' class="description"') . n . column_head('active', 'status', 'plugin', true, $switch_dir, '', '', ('status' == $sort ? "{$dir} " : '') . 'status') . n . column_head('order', 'load_order', 'plugin', true, $switch_dir, '', '', ('load_order' == $sort ? "{$dir} " : '') . 'load-order') . n . hCell(gTxt('manage'), '', ' class="manage actions"')) . n . '</thead>';
        echo '<tbody>';
        while ($a = nextRow($rs)) {
            foreach ($a as $key => $value) {
                ${$key} = txpspecialchars($value);
            // Fix up the description for clean cases
            $description = preg_replace(array('#&lt;br /&gt;#', '#&lt;(/?(a|b|i|em|strong))&gt;#', '#&lt;a href=&quot;(https?|\\.|\\/|ftp)([A-Za-z0-9:/?.=_]+?)&quot;&gt;#'), array('<br />', '<$1>', '<a href="$1$2">'), $description);
            $help = !empty($help) ? '<a class="plugin-help" href="?event=plugin' . a . 'step=plugin_help' . a . 'name=' . urlencode($name) . '">' . gTxt('help') . '</a>' : '';
            $plugin_prefs = $flags & PLUGIN_HAS_PREFS ? '<a class="plugin-prefs" href="?event=plugin_prefs.' . urlencode($name) . '">' . gTxt('plugin_prefs') . '</a>' : '';
            $manage = array();
            if ($help) {
                $manage[] = $help;
            if ($plugin_prefs) {
                $manage[] = $plugin_prefs;
            $manage_items = $manage ? join(tag(sp . '&#124;' . sp, 'span'), $manage) : '-';
            $edit_url = eLink('plugin', 'plugin_edit', 'name', $name, $name);
            echo tr(n . td(fInput('checkbox', 'selected[]', $name), '', 'multi-edit') . td($edit_url, '', 'name') . td(href($author, $author_uri, ' rel="external"'), '', 'author') . td($version, '', 'version') . td($modified ? '<span class="warning">' . gTxt('yes') . '</span>' : '', '', 'modified') . td($description, '', 'description') . td(status_link($status, $name, yes_no($status)), '', 'status') . td($load_order, '', 'load-order') . td($manage_items, '', 'manage'), $status ? ' class="active"' : '');
            unset($name, $page, $deletelink);
        echo '</tbody>', n, endTable(), n, '</div>', n, plugin_multiedit_form('', $sort, $dir, '', ''), n, tInput(), n, '</form>', n, '</div>';
        // Show/hide "Options" link by setting the appropriate class on the plugins TR
        echo script_js(<<<EOS
textpattern.Relay.register('txpAsyncHref.success', function(event, data) {
 * The main panel listing all installed plugins.
 * @param string|array $message The activity message
function plugin_list($message = '')
    global $event;
    pagetop(gTxt('tab_plugins'), $message);
    extract(gpsa(array('sort', 'dir')));
    if ($sort === '') {
        $sort = get_pref('plugin_sort_column', 'name');
    } else {
        if (!in_array($sort, array('name', 'status', 'author', 'version', 'modified', 'load_order'))) {
            $sort = 'name';
        set_pref('plugin_sort_column', $sort, 'plugin', 2, '', 0, PREF_PRIVATE);
    if ($dir === '') {
        $dir = get_pref('plugin_sort_dir', 'asc');
    } else {
        $dir = $dir == 'desc' ? "desc" : "asc";
        set_pref('plugin_sort_dir', $dir, 'plugin', 2, '', 0, PREF_PRIVATE);
    $sort_sql = "{$sort} {$dir}";
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    echo n . tag(hed(gTxt('tab_plugins'), 1, array('class' => 'txp-heading')), 'div', array('class' => 'txp-layout-2col-cell-1')) . n . tag_start('div', array('class' => 'txp-layout-1col', 'id' => $event . '_container')) . n . tag(plugin_form(), 'div', array('class' => 'txp-control-panel'));
    $rs = safe_rows_start("name, status, author, author_uri, version, description, length(help) AS help, ABS(STRCMP(MD5(code), code_md5)) AS modified, load_order, flags", 'txp_plugin', "1 = 1 ORDER BY {$sort_sql}");
    if ($rs and numRows($rs) > 0) {
        echo n . tag_start('form', array('class' => 'multi_edit_form', 'id' => 'plugin_form', 'name' => 'longform', 'method' => 'post', 'action' => 'index.php')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' class="txp-list-col-multi-edit" scope="col" title="' . gTxt('toggle_all_selected') . '"') . column_head('plugin', 'name', 'plugin', true, $switch_dir, '', '', ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-name') . column_head('author', 'author', 'plugin', true, $switch_dir, '', '', ('author' == $sort ? "{$dir} " : '') . 'txp-list-col-author') . column_head('version', 'version', 'plugin', true, $switch_dir, '', '', ('version' == $sort ? "{$dir} " : '') . 'txp-list-col-version') . column_head('plugin_modified', 'modified', 'plugin', true, $switch_dir, '', '', ('modified' == $sort ? "{$dir} " : '') . 'txp-list-col-modified') . hCell(gTxt('description'), '', ' class="txp-list-col-description" scope="col"') . column_head('active', 'status', 'plugin', true, $switch_dir, '', '', ('status' == $sort ? "{$dir} " : '') . 'txp-list-col-status') . column_head('order', 'load_order', 'plugin', true, $switch_dir, '', '', ('load_order' == $sort ? "{$dir} " : '') . 'txp-list-col-load-order') . hCell(gTxt('manage'), '', ' class="txp-list-col-manage" scope="col"')) . n . tag_end('thead') . n . tag_start('tbody');
        while ($a = nextRow($rs)) {
            foreach ($a as $key => $value) {
                ${$key} = txpspecialchars($value);
            // Fix up the description for clean cases.
            $description = preg_replace(array('#&lt;br /&gt;#', '#&lt;(/?(a|b|i|em|strong))&gt;#', '#&lt;a href=&quot;(https?|\\.|\\/|ftp)([A-Za-z0-9:/?.=_]+?)&quot;&gt;#'), array('<br />', '<$1>', '<a href="$1$2">'), $description);
            if (!empty($help)) {
                $help = href(gTxt('help'), array('event' => 'plugin', 'step' => 'plugin_help', 'name' => $name), array('class' => 'plugin-help'));
            if ($flags & PLUGIN_HAS_PREFS) {
                $plugin_prefs = href(gTxt('plugin_prefs'), array('event' => 'plugin_prefs.' . $name), array('class' => 'plugin-prefs'));
            } else {
                $plugin_prefs = '';
            $manage = array();
            if ($help) {
                $manage[] = $help;
            if ($plugin_prefs) {
                $manage[] = $plugin_prefs;
            $manage_items = $manage ? join(tag(sp . '&#124;' . sp, 'span'), $manage) : '-';
            $edit_url = eLink('plugin', 'plugin_edit', 'name', $name, $name);
            echo tr(td(fInput('checkbox', 'selected[]', $name), '', 'txp-list-col-multi-edit') . hCell($edit_url, '', ' class="txp-list-col-name" scope="row"') . td(href($author, $a['author_uri'], array('rel' => 'external')), '', 'txp-list-col-author') . td($version, '', 'txp-list-col-version') . td($modified ? span(gTxt('yes'), array('class' => 'warning')) : '', '', 'txp-list-col-modified') . td($description, '', 'txp-list-col-description') . td(status_link($status, $name, yes_no($status)), '', 'txp-list-col-status') . td($load_order, '', 'txp-list-col-load-order') . td($manage_items, '', 'txp-list-col-manage'), $status ? ' class="active"' : '');
            unset($name, $page, $deletelink);
        echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . plugin_multiedit_form('', $sort, $dir, '', '') . tInput() . n . tag_end('form');
    echo n . tag_end('div');
Exemple #5
  * Get the translation for all languages
  * @param  string    $code 'Code for the text to be translated'
  * @return array  'Translated text'
 public function get($code)
     $sql = "SELECT * FROM lang WHERE code='{$code}'";
     $query = $this->db->query($sql);
     if (numRows($query) > 0) {
         $row = $query->row();
         return (array) $row;
     } else {
         return FALSE;
Exemple #6
  * Generates a list of authors.
  * @param  array  $atts
  * @param  string $thing
  * @return string
 public static function renderAuthors($atts, $thing = null)
     global $thisauthor, $txp_groups;
     extract(lAtts(array('break' => '', 'class' => '', 'form' => '', 'group' => '', 'label' => '', 'labeltag' => '', 'limit' => '', 'name' => '', 'offset' => '', 'sort' => 'name ASC', 'wraptag' => ''), $atts));
     $sql = array('1 = 1');
     $sql_limit = '';
     $sql_sort = " ORDER BY " . doSlash($sort);
     if ($name) {
         $sql[] = "name IN (" . join(', ', quote_list(do_list($name))) . ")";
     if ($group !== '') {
         $privs = do_list($group);
         $groups = array_flip($txp_groups);
         foreach ($privs as &$priv) {
             if (isset($groups[$priv])) {
                 $priv = $groups[$priv];
         $sql[] = 'convert(privs, char) in (' . join(', ', quote_list($privs)) . ')';
     if ($limit !== '' || $offset) {
         $sql_limit = " LIMIT " . intval($offset) . ", " . ($limit === '' ? PHP_INT_MAX : intval($limit));
     $rs = safe_rows_start("user_id as id, name, RealName as realname, email, privs, last_access", 'txp_users', join(" AND ", $sql) . " {$sql_sort} {$sql_limit}");
     if ($rs && numRows($rs)) {
         $out = array();
         if ($thing === null && $form !== '') {
             $thing = fetch_form($form);
         while ($a = nextRow($rs)) {
             $oldauthor = $thisauthor;
             $thisauthor = $a;
             $out[] = parse($thing);
             $thisauthor = $oldauthor;
         return doLabel($label, $labeltag) . doWrap($out, $wraptag, $break, $class);
     return '';
Exemple #7
function plugin_list($message = '')
    pagetop(gTxt('edit_plugins'), $message);
    echo n . n . startTable('list') . tr(tda(plugin_form(), ' colspan="8" style="height: 30px; border: none;"'));
    $rs = safe_rows_start('name, status, author, author_uri, version, description, code_md5, length(help) as help, md5(code) as md5', 'txp_plugin', '1 order by name');
    if ($rs and numRows($rs) > 0) {
        echo assHead('plugin', 'author', 'version', 'plugin_modified', 'description', 'active', 'help', '', '');
        while ($a = nextRow($rs)) {
            foreach ($a as $key => $value) {
                ${$key} = htmlspecialchars($value);
            // Fix up the description for clean cases
            $description = preg_replace(array('#&lt;br /&gt;#', '#&lt;(/?(a|b|i|em|strong))&gt;#', '#&lt;a href=&quot;(https?|\\.|\\/|ftp)([A-Za-z0-9:/?.=_]+?)&quot;&gt;#'), array('<br />', '<$1>', '<a href="$1$2">'), $description);
            $help = !empty($help) ? '<a href="?event=plugin' . a . 'step=plugin_help' . a . 'name=' . $name . '">' . gTxt('view') . '</a>' : gTxt('none');
            // modified?
            $modified = strtolower($md5) != strtolower($code_md5);
            echo tr(n . td($name) . td(href($author, $author_uri)) . td($version, 10) . td($modified ? gTxt('yes') : '') . td($description, 260) . td(status_link($status, $name, yes_no($status)), 30) . td($help) . td(eLink('plugin', 'plugin_edit', 'name', $name, gTxt('edit'))) . td(dLink('plugin', 'plugin_delete', 'name', $name), 30));
            unset($name, $page, $deletelink);
    echo endTable();
 * Renders &lt;ol&gt; list of recent articles.
 * The rendered widget can be customised via the 'article_ui > recent_articles'
 * pluggable UI callback event.
 * @param  array $rs Article data
 * @return string HTML
function article_partial_recent_articles($rs)
    $recents = safe_rows_start("Title, ID", 'textpattern', "1 = 1 ORDER BY LastMod DESC LIMIT " . (int) WRITE_RECENT_ARTICLES_COUNT);
    $ra = '';
    if ($recents && numRows($recents)) {
        $ra = '<ol class="recent">';
        while ($recent = nextRow($recents)) {
            if ($recent['Title'] === '') {
                $recent['Title'] = gTxt('untitled') . sp . $recent['ID'];
            $ra .= n . '<li class="recent-article">' . href(escape_title($recent['Title']), '?event=article' . a . 'step=edit' . a . 'ID=' . $recent['ID']) . '</li>';
        $ra .= '</ol>';
    return pluggable_ui('article_ui', 'recent_articles', $ra, $rs);
Exemple #9
function doArticles($atts, $iscustom, $thing = NULL)
    global $pretext, $prefs;
    $customFields = getCustomFields();
    $customlAtts = array_null(array_flip($customFields));
    //getting attributes
    $theAtts = lAtts(array('form' => 'default', 'listform' => '', 'searchform' => '', 'limit' => 10, 'pageby' => '', 'category' => '', 'section' => '', 'excerpted' => '', 'author' => '', 'sort' => '', 'sortby' => '', 'sortdir' => '', 'month' => '', 'keywords' => '', 'frontpage' => '', 'id' => '', 'time' => 'past', 'status' => '4', 'pgonly' => 0, 'searchall' => 1, 'searchsticky' => 0, 'allowoverride' => !$q and !$iscustom, 'offset' => 0, 'wraptag' => '', 'break' => '', 'label' => '', 'labeltag' => '', 'class' => '') + $customlAtts, $atts);
    // if an article ID is specified, treat it as a custom list
    $iscustom = !empty($theAtts['id']) ? true : $iscustom;
    //for the txp:article tag, some attributes are taken from globals;
    //override them before extract
    if (!$iscustom) {
        $theAtts['category'] = $c ? $c : '';
        $theAtts['section'] = $s && $s != 'default' ? $s : '';
        $theAtts['author'] = !empty($author) ? $author : '';
        $theAtts['month'] = !empty($month) ? $month : '';
        $theAtts['frontpage'] = $s && $s == 'default' ? true : false;
        $theAtts['excerpted'] = '';
    // if a listform is specified, $thing is for doArticle() - hence ignore here.
    if (!empty($listform)) {
        $thing = '';
    $pageby = empty($pageby) ? $limit : $pageby;
    // treat sticky articles differently wrt search filtering, etc
    $status = in_array(strtolower($status), array('sticky', '5')) ? 5 : 4;
    $issticky = $status == 5;
    // give control to search, if necessary
    if ($q && !$iscustom && !$issticky) {
        include_once txpath . '/publish/search.php';
        $s_filter = $searchall ? filterSearch() : '';
        $q = doSlash($q);
        // searchable article fields are limited to the columns of
        // the textpattern table and a matching fulltext index must exist.
        $cols = do_list($searchable_article_fields);
        if (empty($cols) or $cols[0] == '') {
            $cols = array('Title', 'Body');
        $match = ', match (`' . join('`, `', $cols) . "`) against ('{$q}') as score";
        for ($i = 0; $i < count($cols); $i++) {
            $cols[$i] = "`{$cols[$i]}` rlike '{$q}'";
        $cols = join(" or ", $cols);
        $search = " and ({$cols}) {$s_filter}";
        // searchall=0 can be used to show search results for the current section only
        if ($searchall) {
            $section = '';
        if (!$sort) {
            $sort = 'score desc';
    } else {
        $match = $search = '';
        if (!$sort) {
            $sort = 'Posted desc';
    // for backwards compatibility
    // sortby and sortdir are deprecated
    if ($sortby) {
        if (!$sortdir) {
            $sortdir = 'desc';
        $sort = "{$sortby} {$sortdir}";
    } elseif ($sortdir) {
        $sort = "Posted {$sortdir}";
    //Building query parts
    $frontpage = ($frontpage and (!$q or $issticky)) ? filterFrontPage() : '';
    $category = join("','", doSlash(do_list($category)));
    $category = !$category ? '' : " and (Category1 IN ('" . $category . "') or Category2 IN ('" . $category . "'))";
    $section = !$section ? '' : " and Section IN ('" . join("','", doSlash(do_list($section))) . "')";
    $excerpted = $excerpted == 'y' ? " and Excerpt !=''" : '';
    $author = !$author ? '' : " and AuthorID IN ('" . join("','", doSlash(do_list($author))) . "')";
    $month = !$month ? '' : " and Posted like '" . doSlash($month) . "%'";
    $id = !$id ? '' : " and ID IN (" . join(',', array_map('intval', do_list($id))) . ")";
    switch ($time) {
        case 'any':
            $time = "";
        case 'future':
            $time = " and Posted > now()";
            $time = " and Posted <= now()";
    if (!$publish_expired_articles) {
        $time .= " and (now() <= Expires or Expires = " . NULLDATETIME . ")";
    $custom = '';
    if ($customFields) {
        foreach ($customFields as $cField) {
            if (isset($atts[$cField])) {
                $customPairs[$cField] = $atts[$cField];
        if (!empty($customPairs)) {
            $custom = buildCustomSql($customFields, $customPairs);
    //Allow keywords for no-custom articles. That tagging mode, you know
    if ($keywords) {
        $keys = doSlash(do_list($keywords));
        foreach ($keys as $key) {
            $keyparts[] = "FIND_IN_SET('" . $key . "',Keywords)";
        $keywords = " and (" . join(' or ', $keyparts) . ")";
    if ($q and $searchsticky) {
        $statusq = ' and Status >= 4';
    } elseif ($id) {
        $statusq = ' and Status >= 4';
    } else {
        $statusq = ' and Status = ' . intval($status);
    $where = "1=1" . $statusq . $time . $search . $id . $category . $section . $excerpted . $month . $author . $keywords . $custom . $frontpage;
    //do not paginate if we are on a custom list
    if (!$iscustom and !$issticky) {
        $grand_total = safe_count('textpattern', $where);
        $total = $grand_total - $offset;
        $numPages = ceil($total / $pageby);
        $pg = !$pg ? 1 : $pg;
        $pgoffset = $offset + ($pg - 1) * $pageby;
        // send paging info to txp:newer and txp:older
        $pageout['pg'] = $pg;
        $pageout['numPages'] = $numPages;
        $pageout['s'] = $s;
        $pageout['c'] = $c;
        $pageout['grand_total'] = $grand_total;
        $pageout['total'] = $total;
        global $thispage;
        if (empty($thispage)) {
            $thispage = $pageout;
        if ($pgonly) {
    } else {
        $pgoffset = $offset;
    $rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted, unix_timestamp(Expires) as uExpires, unix_timestamp(LastMod) as uLastMod" . $match, 'textpattern', $where . ' order by ' . doSlash($sort) . ' limit ' . intval($pgoffset) . ', ' . intval($limit));
    // get the form name
    if ($q and !$iscustom and !$issticky) {
        $fname = $searchform ? $searchform : 'search_results';
    } else {
        $fname = $listform ? $listform : $form;
    if ($rs) {
        $count = 0;
        $last = numRows($rs);
        $articles = array();
        while ($a = nextRow($rs)) {
            global $thisarticle, $uPosted, $limit;
            $thisarticle['is_first'] = $count == 1;
            $thisarticle['is_last'] = $count == $last;
            if (@constant('txpinterface') === 'admin' and gps('Form')) {
                $articles[] = parse(gps('Form'));
            } elseif ($allowoverride and $a['override_form']) {
                $articles[] = parse_form($a['override_form']);
            } else {
                $articles[] = $thing ? parse($thing) : parse_form($fname);
            // sending these to paging_link(); Required?
            $uPosted = $a['uPosted'];
        return doLabel($label, $labeltag) . doWrap($articles, $wraptag, $break, $class);
Exemple #10
function file_list($message = '')
    global $file_base_path, $file_statuses, $file_list_pageby, $txp_user, $event;
    pagetop(gTxt('tab_file'), $message);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if ($sort === '') {
        $sort = get_pref('file_sort_column', 'filename');
    if ($dir === '') {
        $dir = get_pref('file_sort_dir', 'asc');
    if ($dir === 'desc') {
        $dir = 'desc';
    } else {
        $dir = 'asc';
    echo hed(gTxt('tab_file'), 1, array('class' => 'txp-heading')) . n . tag_start('div', array('id' => $event . '_control', 'class' => 'txp-control-panel'));
    if (!is_dir($file_base_path) || !is_writeable($file_base_path)) {
        echo graf(span(null, array('class' => 'ui-icon ui-icon-alert')) . ' ' . gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), array('class' => 'alert-block warning'));
    } elseif (has_privs('file.edit.own')) {
        $existing_files = get_filenames();
        if ($existing_files) {
            echo form(eInput('file') . sInput('file_create') . graf(tag(gTxt('existing_file'), 'label', array('for' => 'file-existing')) . sp . selectInput('filename', $existing_files, '', 1, '', 'file-existing') . sp . fInput('submit', '', gTxt('Create')), array('class' => 'existing-file')), '', '', 'post', '', '', 'assign_file');
        echo file_upload_form(gTxt('upload_file'), 'upload', 'file_insert');
    switch ($sort) {
        case 'id':
            $sort_sql = 'txp_file.id ' . $dir;
        case 'description':
            $sort_sql = 'txp_file.description ' . $dir . ', txp_file.filename desc';
        case 'category':
            $sort_sql = 'txp_category.title ' . $dir . ', txp_file.filename desc';
        case 'title':
            $sort_sql = 'txp_file.title ' . $dir . ', txp_file.filename desc';
        case 'downloads':
            $sort_sql = 'txp_file.downloads ' . $dir . ', txp_file.filename desc';
        case 'author':
            $sort_sql = 'txp_users.RealName ' . $dir . ', txp_file.id asc';
            $sort = 'filename';
            $sort_sql = 'txp_file.filename ' . $dir;
    set_pref('file_sort_column', $sort, 'file', PREF_HIDDEN, '', 0, PREF_PRIVATE);
    set_pref('file_sort_dir', $dir, 'file', PREF_HIDDEN, '', 0, PREF_PRIVATE);
    if ($dir == 'desc') {
        $switch_dir = 'asc';
    } else {
        $switch_dir = 'desc';
    $criteria = 1;
    if ($search_method && $crit !== '') {
        $verbatim = preg_match('/^"(.*)"$/', $crit, $m);
        $crit_escaped = $verbatim ? doSlash($m[1]) : doLike($crit);
        $critsql = $verbatim ? array('id' => "txp_file.id in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "txp_file.filename = '{$crit_escaped}'", 'title' => "txp_file.title = '{$crit_escaped}'", 'description' => "txp_file.description = '{$crit_escaped}'", 'category' => "txp_file.category = '{$crit_escaped}' or txp_category.title = '{$crit_escaped}'", 'author' => "txp_file.author = '{$crit_escaped}' or txp_users.RealName = '{$crit_escaped}'") : array('id' => "txp_file.id in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "txp_file.filename like '%{$crit_escaped}%'", 'title' => "txp_file.title like '%{$crit_escaped}%'", 'description' => "txp_file.description like '%{$crit_escaped}%'", 'category' => "txp_file.category like '%{$crit_escaped}%' or txp_category.title like '%{$crit_escaped}%'", 'author' => "txp_file.author like '%{$crit_escaped}%' or txp_users.RealName like '%{$crit_escaped}%'");
        if (array_key_exists($search_method, $critsql)) {
            $criteria = $critsql[$search_method];
            $limit = 500;
        } else {
            $search_method = '';
            $crit = '';
    } else {
        $search_method = '';
        $crit = '';
    $criteria .= callback_event('admin_criteria', 'file_list', 0, $criteria);
    $sql_from = safe_pfx_j('txp_file') . "\n        left join " . safe_pfx_j('txp_category') . " on txp_category.name = txp_file.category and txp_category.type = 'file'\n        left join " . safe_pfx_j('txp_users') . " on txp_users.name = txp_file.author";
    if ($criteria === 1) {
        $total = safe_count('txp_file', $criteria);
    } else {
        $total = getThing('select count(*) from ' . $sql_from . ' where ' . $criteria);
    if ($total < 1) {
        if ($criteria != 1) {
            echo file_search_form($crit, $search_method) . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
        } else {
            echo graf(gTxt('no_files_recorded'), ' class="indicator"') . '</div>';
    $limit = max($file_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo file_search_form($crit, $search_method) . '</div>';
    $rs = safe_query("select\n            txp_file.id,\n            txp_file.filename,\n            txp_file.title,\n            txp_file.category,\n            txp_file.description,\n            txp_file.downloads,\n            txp_file.status,\n            txp_file.author,\n            txp_users.RealName as realname,\n            txp_category.Title as category_title\n        from {$sql_from} where {$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
    if ($rs && numRows($rs)) {
        $show_authors = !has_single_author('txp_file');
        echo n . tag_start('div', array('id' => $event . '_container', 'class' => 'txp-container')) . n . tag_start('form', array('action' => 'index.php', 'id' => 'files_form', 'class' => 'multi_edit_form', 'method' => 'post', 'name' => 'longform')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' scope="col" title="' . gTxt('toggle_all_selected') . '" class="txp-list-col-multi-edit"') . column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'txp-list-col-id') . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method, ('filename' == $sort ? "{$dir} " : '') . 'txp-list-col-filename') . column_head('title', 'title', 'file', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'txp-list-col-title') . column_head('description', 'description', 'file', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'txp-list-col-description files_detail') . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'txp-list-col-category category') . hCell(gTxt('tags'), '', ' scope="col" class="txp-list-col-tag-build files_detail"') . hCell(gTxt('status'), '', ' scope="col" class="txp-list-col-status"') . hCell(gTxt('condition'), '', ' scope="col" class="txp-list-col-condition"') . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method, ('downloads' == $sort ? "{$dir} " : '') . 'txp-list-col-downloads') . ($show_authors ? column_head('author', 'author', 'file', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'txp-list-col-author name') : '')) . n . tag_end('thead') . n . tag_start('tbody');
        $validator = new Validator();
        while ($a = nextRow($rs)) {
            $filename = sanitizeForFile($filename);
            $edit_url = array('event' => 'file', 'step' => 'file_edit', 'id' => $id, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit);
            $tag_url = array('event' => 'tag', 'tag_name' => 'file_download_link', 'id' => $id, 'description' => $description, 'filename' => $filename);
            $file_exists = file_exists(build_file_path($file_base_path, $filename));
            $can_edit = has_privs('file.edit') || $author === $txp_user && has_privs('file.edit.own');
            $validator->setConstraints(array(new CategoryConstraint($category, array('type' => 'file'))));
            if ($validator->validate()) {
                $vc = '';
            } else {
                $vc = ' error';
            if ($file_exists) {
                $downloads = make_download_link($id, $downloads, $filename);
                $condition = span(gTxt('file_status_ok'), array('class' => 'success'));
            } else {
                $condition = span(gTxt('file_status_missing'), array('class' => 'error'));
            if ($category) {
                $category = span(txpspecialchars($category_title), array('title' => $category));
            if ($can_edit) {
                $name = href(txpspecialchars($filename), $edit_url, array('title' => gTxt('edit')));
            } else {
                $name = txpspecialchars($filename);
            if ($can_edit) {
                $id_column = href($id, $edit_url, array('title' => gTxt('edit')));
                $multi_edit = fInput('checkbox', 'selected[]', $id);
            } else {
                $id_column = $id;
                $multi_edit = '';
            if ($file_exists) {
                $id_column .= sp . span('[', array('aria-hidden' => 'true')) . make_download_link($id, gTxt('download'), $filename) . span(']', array('aria-hidden' => 'true'));
            if (isset($file_statuses[$status])) {
                $status = $file_statuses[$status];
            } else {
                $status = span(gTxt('none'), array('class' => 'error'));
            echo tr(td($multi_edit, '', 'txp-list-col-multi-edit') . hCell($id_column, '', array('scope' => 'row', 'class' => 'txp-list-col-id')) . td($name, '', 'txp-list-col-filename') . td(txpspecialchars($title), '', 'txp-list-col-title') . td(txpspecialchars($description), '', 'txp-list-col-description files_detail') . td($category, '', 'txp-list-col-category category' . $vc) . td(href('Textile', $tag_url + array('type' => 'textile'), ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('&#124;', array('role' => 'separator')) . sp . href('Textpattern', $tag_url + array('type' => 'textpattern'), ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('&#124;', array('role' => 'separator')) . sp . href('HTML', $tag_url + array('type' => 'html'), ' target="_blank" onclick="popWin(this.href); return false;"'), '', 'txp-list-col-tag-build files_detail') . td($status, '', 'txp-list-col-status') . td($condition, '', 'txp-list-col-condition') . td($downloads, '', 'txp-list-col-downloads') . ($show_authors ? td(span(txpspecialchars($realname), array('title' => $author)), '', 'txp-list-col-author name') : ''));
        echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . file_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . graf(toggle_box('files_detail'), array('class' => 'detail-toggle')) . n . tag_start('div', array('id' => $event . '_navigation', 'class' => 'txp-navigation')) . pageby_form('file', $file_list_pageby) . nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div') . n . tag_end('div');
Exemple #11
function doArticles($atts, $iscustom)
    global $pretext, $prefs, $txpcfg;
    //getting attributes
    $theAtts = lAtts(array('form' => 'default', 'limit' => 10, 'pageby' => '', 'category' => '', 'section' => '', 'excerpted' => '', 'author' => '', 'sortby' => '', 'sortdir' => 'desc', 'month' => '', 'keywords' => '', 'frontpage' => '', 'id' => '', 'time' => 'past', 'status' => '4', 'pgonly' => 0, 'searchall' => 1, 'allowoverride' => !$q and !$iscustom, 'offset' => 0), $atts);
    // if an article ID is specified, treat it as a custom list
    $iscustom = !empty($theAtts['id']) ? true : $iscustom;
    //for the txp:article tag, some attributes are taken from globals;
    //override them before extract
    if (!$iscustom) {
        $theAtts['category'] = $c ? $c : '';
        $theAtts['section'] = $s && $s != 'default' ? $s : '';
        $theAtts['author'] = !empty($author) ? $author : '';
        $theAtts['month'] = !empty($month) ? $month : '';
        $theAtts['frontpage'] = $s && $s == 'default' ? true : false;
        $theAtts['excerpted'] = '';
    $pageby = empty($pageby) ? $limit : $pageby;
    // treat sticky articles differently wrt search filtering, etc
    if (!is_numeric($status)) {
        $status = getStatusNum($status);
    $issticky = $status == 5;
    //give control to search, if necesary
    if ($q && !$iscustom && !$issticky) {
        include_once txpath . '/publish/search.php';
        $s_filter = $searchall ? filterSearch() : '';
        $q = doSlash($q);
        $match = ", match (Title,Body) against ('{$q}') as score";
        $search = " and (Title rlike '{$q}' or Body rlike '{$q}') {$s_filter}";
        // searchall=0 can be used to show search results for the current section only
        if ($searchall) {
            $section = '';
        if (!$sortby) {
            $sortby = 'score';
    } else {
        $match = $search = '';
        if (!$sortby) {
            $sortby = 'Posted';
    //Building query parts
    $frontpage = ($frontpage and !$q) ? filterFrontPage() : '';
    $category = !$category ? '' : " and ((Category1='" . doslash($category) . "') or (Category2='" . doSlash($category) . "')) ";
    $section = !$section ? '' : " and Section = '" . doslash($section) . "'";
    $excerpted = $excerpted == 'y' ? " and Excerpt !=''" : '';
    $author = !$author ? '' : " and AuthorID = '" . doslash($author) . "'";
    $month = !$month ? '' : " and Posted like '" . doSlash($month) . "%'";
    $id = !$id ? '' : " and ID = '" . intval($id) . "'";
    switch ($time) {
        case 'any':
            $time = "";
        case 'future':
            $time = " and Posted > now()";
            $time = " and Posted < now()";
    if (!is_numeric($status)) {
        $status = getStatusNum($status);
    $custom = '';
    // trying custom fields here
    $customFields = getCustomFields();
    if ($customFields) {
        foreach ($customFields as $cField) {
            if (isset($atts[$cField])) {
                $customPairs[$cField] = $atts[$cField];
        if (!empty($customPairs)) {
            $custom = buildCustomSql($customFields, $customPairs);
        } else {
            $custom = '';
    //Allow keywords for no-custom articles. That tagging mode, you know
    if ($keywords) {
        $keys = split(',', $keywords);
        foreach ($keys as $key) {
            $keyparts[] = " Keywords like '%" . doSlash(trim($key)) . "%'";
        $keywords = " and (" . join(' or ', $keyparts) . ")";
    $where = "1" . ($id ? " and Status >= '4'" : " and Status='" . doSlash($status) . "'") . $time . $search . $id . $category . $section . $excerpted . $month . $author . $keywords . $custom . $frontpage;
    //do not paginate if we are on a custom list
    if (!$iscustom and !$issticky) {
        $total = safe_count('textpattern', $where) - $offset;
        $numPages = ceil($total / $pageby);
        $pg = !$pg ? 1 : $pg;
        $pgoffset = $offset + ($pg - 1) * $pageby . ', ';
        // send paging info to txp:newer and txp:older
        $pageout['pg'] = $pg;
        $pageout['numPages'] = $numPages;
        $pageout['s'] = $s;
        $pageout['c'] = $c;
        $pageout['total'] = $total;
        $GLOBALS['thispage'] = $pageout;
        if ($pgonly) {
    } else {
        $pgoffset = $offset . ', ';
    $rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted" . $match, 'textpattern', $where . ' order by ' . doslash($sortby) . ' ' . doSlash($sortdir) . ' limit ' . doSlash($pgoffset . $limit));
    // alternative form override for search or list
    if ($q and !$iscustom and !$issticky) {
        $form = gAtt($atts, 'searchform', 'search_results');
    } else {
        $form = gAtt($atts, 'listform', $form);
    // might be a form preview, otherwise grab it from the db
    $form = isset($_POST['Form']) ? gps('Form') : fetch_form($form);
    if ($rs) {
        $count = 0;
        $articles = array();
        while ($a = nextRow($rs)) {
            $GLOBALS['thisarticle']['is_first'] = $count == 1;
            $GLOBALS['thisarticle']['is_last'] = $count == numRows($rs);
            // define the article form
            $article = ($allowoverride and $a['override_form']) ? fetch_form($a['override_form']) : $form;
            $articles[] = parse($article);
            // sending these to paging_link(); Required?
            $GLOBALS['uPosted'] = $a['uPosted'];
            $GLOBALS['limit'] = $limit;
        return join('', $articles);
Exemple #12
function WriteForumEditContents($fid)
    global $loguser;
    //Get all categories.
    $rCats = Query("SELECT * FROM {categories} ORDER BY corder, id");
    $cats = array();
    while ($cat = Fetch($rCats)) {
        $cats[$cat['id']] = $cat;
    $rFora = Query("SELECT * FROM {forums} ORDER BY forder, id");
    $fora = array();
    while ($forum = Fetch($rFora)) {
        $fora[$forum['id']] = $forum;
    if (count($cats) == 0) {
        $cats[0] = __("No categories");
    if ($fid != -1) {
        $rForum = Query("SELECT * FROM {forums} WHERE id={0}", $fid);
        if (!NumRows($rForum)) {
            Kill(__("Forum not found."));
        $forum = Fetch($rForum);
        $title = htmlspecialchars($forum['title']);
        $description = htmlspecialchars($forum['description']);
        $catselect = MakeCatSelect('cat', $cats, $fora, $forum['catid'], $forum['id']);
        $minpower = PowerSelect('minpower', $forum['minpower']);
        $minpowerthread = PowerSelect("minpowerthread", $forum['minpowerthread']);
        $minpowerreply = PowerSelect('minpowerreply', $forum['minpowerreply']);
        $forder = $forum['forder'];
        $func = "changeForumInfo";
        $button = __("Save");
        $boxtitle = __("Edit Forum");
        $delbutton = "\n\t\t\t<button onclick='showDeleteForum(); return false;'>\n\t\t\t\t" . __("Delete") . "\n\t\t\t</button>";
        $localmods = "";
        $rMods = query("SELECT u.(_userfields)\n\t\t\t\t\t\tFROM {forummods} m\n\t\t\t\t\t\tLEFT JOIN {users} u ON u.id = m.user\n\t\t\t\t\t\tWHERE m.forum={0}\n\t\t\t\t\t\tORDER BY m.user", $fid);
        $addedMods = array();
        if (!numRows($rMods)) {
            $localmods .= "(No local moderators assigned to this forum)<br /><br />";
        } else {
            $localmods .= "<ul>";
            while ($mod = fetch($rMods)) {
                $mod = getDataPrefix($mod, "u_");
                $localmods .= "<li>" . UserLink($mod);
                $mid = $mod["id"];
                $addedMods[$mid] = 1;
                $localmods .= " <sup><a href=\"\" onclick=\"deleteMod({$mid}); return false;\">&#x2718;</a></li>";
            $localmods .= "</ul>";
        $rMods = query("SELECT u.(_userfields)\n\t\t\t\t\t\tFROM {users} u\n\t\t\t\t\t\tWHERE u.powerlevel = 1\n\t\t\t\t\t\tORDER BY u.id");
        $canAddMods = false;
        $addmod = "Add a mod: ";
        $addmod .= "<select name=\"addmod\" id=\"addmod\">";
        while ($mod = fetch($rMods)) {
            $mod = getDataPrefix($mod, "u_");
            if (isset($addedMods[$mod["id"]])) {
            $canAddMods = true;
            $mid = $mod["id"];
            $mname = $mod["displayname"];
            if (!$mname) {
                $mname = $mod["name"];
            $addmod .= "<option value=\"{$mid}\">{$mname} ({$mid})</option>";
        $addmod .= "</select>";
        $addmod .= "<button type=\"button\" onclick=\"addMod(); return false;\">Add</button>";
        if (!$canAddMods) {
            $addmod = "<br>No moderators available for adding.<br>To add a mod, set his powerlevel to Local Mod first.";
        $localmods .= $addmod;
    } else {
        $title = __("New Forum");
        $description = __("Description goes here. <strong>HTML allowed.</strong>");
        $catselect = MakeCatSelect('cat', $cats, $fora, 1, -1);
        $minpower = PowerSelect('minpower', 0);
        $minpowerthread = PowerSelect("minpowerthread", 0);
        $minpowerreply = PowerSelect('minpowerreply', 0);
        $forder = 0;
        $func = "addForum";
        $button = __("Add");
        $boxtitle = __("New Forum");
        $delbutton = "";
        $localmods = "(Create the forum before managing mods)";
        $privusers = '<small>(create the forum before adding users here)</small>';
    echo "\n\t<form method=\"post\" id=\"forumform\" action=\"" . actionLink("editfora") . "\">\n\t<input type=\"hidden\" name=\"key\" value=\"" . $loguser['token'] . "\">\n\t<input type=\"hidden\" name=\"id\" value=\"{$fid}\">\n\t<table class=\"outline margin\">\n\t\t<tr class=\"header1\">\n\t\t\t<th colspan=\"2\">\n\t\t\t\t{$boxtitle}\n\t\t\t</th>\n\t\t</tr>\n\t\t<tr class=\"cell1\">\n\t\t\t<td style=\"width: 25%;\">\n\t\t\t\t" . __("Title") . "\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t<input type=\"text\" style=\"width: 98%;\" name=\"title\" value=\"{$title}\" />\n\t\t\t</td>\n\t\t</tr>\n\t\t<tr class=\"cell0\">\n\n\t\t\t<td>\n\t\t\t\t" . __("Description") . "\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t<input type=\"text\" style=\"width: 98%;\" name=\"description\" value=\"{$description}\" />\n\t\t\t</td>\n\t\t</tr>\n\t\t<tr class=\"cell1\">\n\t\t\t<td>\n\t\t\t\t" . __("Parent") . "\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{$catselect}\n\t\t\t</td>\n\t\t</tr>\n\t\t<tr class=\"cell0\">\n\t\t\t<td>\n\t\t\t\t" . __("Listing order") . "\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t<input type=\"text\" size=\"2\" name=\"forder\" value=\"{$forder}\" />\n\t\t\t\t<img src=\"" . resourceLink("img/icons/icon5.png") . "\" title=\"" . __("Everything is sorted by listing order first, then by ID. If everything has its listing order set to 0, they will therefore be sorted by ID only.") . "\" alt=\"[?]\" />\n\t\t\t</td>\n\t\t</tr>\n\t\t<tr class=\"cell1\">\n\t\t\t<td>\n\t\t\t\t" . __("Powerlevel required") . "\n\t\t\t</td>\n\t\t\t<td>\n\n\t\t\t\t{$minpower}\n\t\t\t\t" . __("to view") . "\n\t\t\t\t<br />\n\t\t\t\t{$minpowerthread}\n\t\t\t\t" . __("to post threads") . "\n\t\t\t\t<br />\n\t\t\t\t{$minpowerreply}\n\t\t\t\t" . __("to reply") . "\n\t\t\t</td>\n\t\t</tr>\n\t\t<tr class=\"cell0\">\n\t\t\t<td>\n\t\t\t\t" . __("Local moderators") . "\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t{$localmods}\n\t\t\t</td>\n\t\t</tr>\n\n\t\t<tr class=\"cell2\">\n\t\t\t<td>\n\t\t\t\t&nbsp;\n\t\t\t</td>\n\t\t\t<td>\n\t\t\t\t<button onclick=\"{$func}(); return false;\">\n\t\t\t\t\t{$button}\n\t\t\t\t</button>\n\t\t\t\t{$delbutton}\n\t\t\t</td>\n\t\t</tr>\n\t</table></form>\n\n\t<form method=\"post\" id=\"deleteform\" action=\"" . actionLink("editfora") . "\">\n\t<input type=\"hidden\" name=\"key\" value=\"" . $loguser['token'] . "\">\n\t<input type=\"hidden\" name=\"id\" value=\"{$fid}\">\n\t<div id=\"deleteforum\" style=\"display:none\">\n\t\t<table class=\"outline margin\">\n\t\t\t<tr class=\"header1\">\n\n\t\t\t\t<th>\n\t\t\t\t\t" . __("Delete forum") . "\n\t\t\t\t</th>\n\t\t\t</tr>\n\t\t\t<tr class=\"cell0\">\n\t\t\t\t<td>\n\t\t\t\t\t" . __("Instead of deleting a forum, you might want to consider archiving it: Change its name or description to say so, and raise the minimum powerlevel to reply and create threads so it's effectively closed.") . "<br><br>\n\t\t\t\t\t" . __("If you still want to delete it, click below:") . "<br>\n\t\t\t\t\t<button onclick=\"deleteForum('delete'); return false;\">\n\t\t\t\t\t\t" . __("Delete forum") . "\n\t\t\t\t\t</button>\n\t\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t</div>\n\t</form>";
    //	, $title, $description, $catselect, $minpower, $minpowerthread, $minpowerreply, $fid, $forder, $loguser['token'], $func, $button, $boxtitle, $delbutton);
Exemple #13
function getInstalledVersion()
    //If no misc table, not installed.
    if (numRows(query("SHOW TABLES LIKE '{misc}'")) == 0) {
        return -1;
    $row = query("SELECT * FROM {misc}");
    //If no row in misc table, not installed.
    if (numRows($row) == 0) {
        return -1;
    //Otherwise return version.
    $row = fetch($row);
    return $row["version"];
Exemple #14
define('txpath', dirname(dirname(__FILE__)) . '/textpattern');
define('txpinterface', 'xmlrpc');
require_once txpath . '/config.php';
require_once txpath . '/lib/txplib_db.php';
require_once txpath . '/lib/txplib_misc.php';
require_once txpath . '/lib/admin_config.php';
require_once txpath . '/lib/IXRClass.php';
require_once txpath . '/vendors/Textpattern/Loader.php';
$loader = new \Textpattern\Loader(txpath . '/vendors');
$loader = new \Textpattern\Loader(txpath . '/lib');
if ($connected && numRows(safe_query("show tables like '" . PFX . "textpattern'"))) {
    // TODO: where is dbversion used?
    $dbversion = safe_field('val', 'txp_prefs', "name = 'version'");
    // Hold it globally, instead of do several calls to the function.
    $prefs = get_prefs();
    if (!defined('LANG')) {
        define("LANG", $language);
    if (!defined('hu')) {
        define("hu", 'http://' . $siteurl . '/');
    if (!defined('txrpcpath')) {
        define('txrpcpath', hu . 'rpc/');
    if (!empty($locale)) {
Exemple #15
function doArticles($atts, $iscustom, $thing = null)
    global $pretext, $prefs;
    $customFields = getCustomFields();
    $customlAtts = array_null(array_flip($customFields));
    if ($iscustom) {
        $extralAtts = array('category' => '', 'section' => '', 'excerpted' => '', 'author' => '', 'month' => '', 'expired' => $publish_expired_articles, 'id' => '', 'exclude' => '');
    } else {
        $extralAtts = array('listform' => '', 'searchform' => '', 'searchall' => 1, 'searchsticky' => 0, 'pageby' => '', 'pgonly' => 0);
    // Getting attributes.
    $theAtts = lAtts(array('form' => 'default', 'limit' => 10, 'sort' => '', 'sortby' => '', 'sortdir' => '', 'keywords' => '', 'time' => 'past', 'status' => STATUS_LIVE, 'allowoverride' => !$q and !$iscustom, 'offset' => 0, 'wraptag' => '', 'break' => '', 'label' => '', 'labeltag' => '', 'class' => '') + $customlAtts + $extralAtts, $atts);
    // For the txp:article tag, some attributes are taken from globals;
    // override them, then stash all filter attributes.
    if (!$iscustom) {
        $theAtts['category'] = $c ? $c : '';
        $theAtts['section'] = $s && $s != 'default' ? $s : '';
        $theAtts['author'] = !empty($author) ? $author : '';
        $theAtts['month'] = !empty($month) ? $month : '';
        $theAtts['frontpage'] = $s && $s == 'default' ? true : false;
        $theAtts['excerpted'] = 0;
        $theAtts['exclude'] = 0;
        $theAtts['expired'] = $publish_expired_articles;
    } else {
        $theAtts['frontpage'] = false;
    // If a listform is specified, $thing is for doArticle() - hence ignore here.
    if (!empty($listform)) {
        $thing = '';
    $pageby = empty($pageby) ? $limit : $pageby;
    // Treat sticky articles differently wrt search filtering, etc.
    $status = in_array(strtolower($status), array('sticky', STATUS_STICKY)) ? STATUS_STICKY : STATUS_LIVE;
    $issticky = $status == STATUS_STICKY;
    // Give control to search, if necessary.
    if ($q && !$iscustom && !$issticky) {
        include_once txpath . '/publish/search.php';
        $s_filter = $searchall ? filterSearch() : '';
        $q = trim($q);
        $quoted = $q[0] === '"' && $q[strlen($q) - 1] === '"';
        $q = doSlash($quoted ? trim(trim($q, '"')) : $q);
        // Searchable article fields are limited to the columns of the
        // textpattern table and a matching fulltext index must exist.
        $cols = do_list_unique($searchable_article_fields);
        if (empty($cols) or $cols[0] == '') {
            $cols = array('Title', 'Body');
        $match = ", MATCH (`" . join("`, `", $cols) . "`) AGAINST ('{$q}') AS score";
        $search_terms = preg_replace('/\\s+/', ' ', str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $q));
        if ($quoted || empty($m) || $m === 'exact') {
            for ($i = 0; $i < count($cols); $i++) {
                $cols[$i] = "`{$cols[$i]}` LIKE '%{$search_terms}%'";
        } else {
            $colJoin = $m === 'any' ? "OR" : "AND";
            $search_terms = explode(' ', $search_terms);
            for ($i = 0; $i < count($cols); $i++) {
                $like = array();
                foreach ($search_terms as $search_term) {
                    $like[] = "`{$cols[$i]}` LIKE '%{$search_term}%'";
                $cols[$i] = "(" . join(" {$colJoin} ", $like) . ")";
        $cols = join(" OR ", $cols);
        $search = " AND ({$cols}) {$s_filter}";
        // searchall=0 can be used to show search results for the current
        // section only.
        if ($searchall) {
            $section = '';
        if (!$sort) {
            $sort = "score DESC";
    } else {
        $match = $search = '';
        if (!$sort) {
            $sort = "Posted DESC";
    // For backwards compatibility. sortby and sortdir are deprecated.
    if ($sortby) {
        trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortby')), E_USER_NOTICE);
        if (!$sortdir) {
            $sortdir = "DESC";
        } else {
            trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortdir')), E_USER_NOTICE);
        $sort = "{$sortby} {$sortdir}";
    } elseif ($sortdir) {
        trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortdir')), E_USER_NOTICE);
        $sort = "Posted {$sortdir}";
    // Building query parts.
    $frontpage = ($frontpage and (!$q or $issticky)) ? filterFrontPage() : '';
    $category = join("','", doSlash(do_list_unique($category)));
    $category = !$category ? '' : " AND (Category1 IN ('" . $category . "') OR Category2 IN ('" . $category . "'))";
    $section = !$section ? '' : " AND Section IN ('" . join("','", doSlash(do_list_unique($section))) . "')";
    $excerpted = !$excerpted ? '' : " AND Excerpt !=''";
    $author = !$author ? '' : " AND AuthorID IN ('" . join("','", doSlash(do_list_unique($author))) . "')";
    $month = !$month ? '' : " AND Posted LIKE '" . doSlash($month) . "%'";
    $ids = $id ? array_map('intval', do_list_unique($id)) : array();
    $exclude = $exclude ? array_map('intval', do_list_unique($exclude)) : array();
    $id = (!$id ? '' : " AND ID IN (" . join(',', $ids) . ")") . (!$exclude ? '' : " AND ID NOT IN (" . join(',', $exclude) . ")");
    switch ($time) {
        case 'any':
            $time = "";
        case 'future':
            $time = " AND Posted > " . now('posted');
            $time = " AND Posted <= " . now('posted');
    if (!$expired) {
        $time .= " AND (" . now('expires') . " <= Expires OR Expires = " . NULLDATETIME . ")";
    $custom = '';
    if ($customFields) {
        foreach ($customFields as $cField) {
            if (isset($atts[$cField])) {
                $customPairs[$cField] = $atts[$cField];
        if (!empty($customPairs)) {
            $custom = buildCustomSql($customFields, $customPairs);
    // Allow keywords for no-custom articles. That tagging mode, you know.
    if ($keywords) {
        $keys = doSlash(do_list_unique($keywords));
        foreach ($keys as $key) {
            $keyparts[] = "FIND_IN_SET('" . $key . "', Keywords)";
        $keywords = " AND (" . join(' or ', $keyparts) . ")";
    if ($q and $searchsticky) {
        $statusq = " AND Status >= " . STATUS_LIVE;
    } elseif ($id) {
        $statusq = " AND Status >= " . STATUS_LIVE;
    } else {
        $statusq = " AND Status = " . intval($status);
    $where = "1 = 1" . $statusq . $time . $search . $id . $category . $section . $excerpted . $month . $author . $keywords . $custom . $frontpage;
    // Do not paginate if we are on a custom list.
    if (!$iscustom and !$issticky) {
        $grand_total = safe_count('textpattern', $where);
        $total = $grand_total - $offset;
        $numPages = ceil($total / $pageby);
        $pg = !$pg ? 1 : $pg;
        $pgoffset = $offset + ($pg - 1) * $pageby;
        // Send paging info to txp:newer and txp:older.
        $pageout['pg'] = $pg;
        $pageout['numPages'] = $numPages;
        $pageout['s'] = $s;
        $pageout['c'] = $c;
        $pageout['context'] = 'article';
        $pageout['grand_total'] = $grand_total;
        $pageout['total'] = $total;
        global $thispage;
        if (empty($thispage)) {
            $thispage = $pageout;
        if ($pgonly) {
    } else {
        $pgoffset = $offset;
    // Preserve order of custom article ids unless 'sort' attribute is set.
    if (!empty($atts['id']) && empty($atts['sort'])) {
        $safe_sort = "FIELD(id, " . join(',', $ids) . ")";
    } else {
        $safe_sort = doSlash($sort);
    $rs = safe_rows_start("*, UNIX_TIMESTAMP(Posted) AS uPosted, UNIX_TIMESTAMP(Expires) AS uExpires, UNIX_TIMESTAMP(LastMod) AS uLastMod" . $match, 'textpattern', "{$where} ORDER BY {$safe_sort} LIMIT " . intval($pgoffset) . ", " . intval($limit));
    // Get the form name.
    if ($q and !$iscustom and !$issticky) {
        $fname = $searchform ? $searchform : 'search_results';
    } else {
        $fname = !empty($listform) ? $listform : $form;
    if ($rs) {
        $count = 0;
        $last = numRows($rs);
        $articles = array();
        while ($a = nextRow($rs)) {
            global $thisarticle, $uPosted, $limit;
            $thisarticle['is_first'] = $count == 1;
            $thisarticle['is_last'] = $count == $last;
            // Article form preview.
            if (txpinterface === 'admin' && ps('Form')) {
                if (!has_privs('form')) {
                    txp_status_header('401 Unauthorized');
                    exit(hed('401 Unauthorized', 1) . graf(gTxt('restricted_area')));
                $articles[] = parse(gps('Form'));
            } elseif ($allowoverride and $a['override_form']) {
                $articles[] = parse_form($a['override_form']);
            } else {
                $articles[] = $thing ? parse($thing) : parse_form($fname);
            // Sending these to paging_link(); Required?
            $uPosted = $a['uPosted'];
        return doLabel($label, $labeltag) . doWrap($articles, $wraptag, $break, $class);
Exemple #16
 * The main panel listing all files.
 * @param string|array $message The activity message
function file_list($message = '')
    global $file_base_path, $file_statuses, $file_list_pageby, $txp_user, $event;
    pagetop(gTxt('tab_file'), $message);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if ($sort === '') {
        $sort = get_pref('file_sort_column', 'filename');
    } else {
        if (!in_array($sort, array('id', 'description', 'category', 'title', 'downloads', 'author'))) {
            $sort = 'filename';
        set_pref('file_sort_column', $sort, 'file', PREF_HIDDEN, '', 0, PREF_PRIVATE);
    if ($dir === '') {
        $dir = get_pref('file_sort_dir', 'asc');
    } else {
        $dir = $dir == 'asc' ? "asc" : "desc";
        set_pref('file_sort_dir', $dir, 'file', PREF_HIDDEN, '', 0, PREF_PRIVATE);
    switch ($sort) {
        case 'id':
            $sort_sql = "txp_file.id {$dir}";
        case 'date':
            $sort_sql = "txp_file.created {$dir}, txp_file.id ASC";
        case 'category':
            $sort_sql = "txp_category.title {$dir}, txp_file.filename DESC";
        case 'title':
            $sort_sql = "txp_file.title {$dir}, txp_file.filename DESC";
        case 'downloads':
            $sort_sql = "txp_file.downloads {$dir}, txp_file.filename DESC";
        case 'author':
            $sort_sql = "txp_users.RealName {$dir}, txp_file.id ASC";
            $sort = 'filename';
            $sort_sql = "txp_file.filename {$dir}";
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $search = new Filter($event, array('id' => array('column' => 'txp_file.id', 'label' => gTxt('ID'), 'type' => 'integer'), 'filename' => array('column' => 'txp_file.filename', 'label' => gTxt('file_name')), 'title' => array('column' => 'txp_file.title', 'label' => gTxt('title')), 'description' => array('column' => 'txp_file.description', 'label' => gTxt('description')), 'category' => array('column' => array('txp_file.category', 'txp_category.title'), 'label' => gTxt('file_category')), 'status' => array('column' => array('txp_file.status'), 'label' => gTxt('status'), 'type' => 'boolean'), 'author' => array('column' => array('txp_file.author', 'txp_users.RealName'), 'label' => gTxt('author'))));
    $search->setAliases('status', $file_statuses);
    list($criteria, $crit, $search_method) = $search->getFilter(array('id' => array('can_list' => true)));
    $search_render_options = array('placeholder' => 'search_files');
    $sql_from = safe_pfx_j('txp_file') . "\n        LEFT JOIN " . safe_pfx_j('txp_category') . " ON txp_category.name = txp_file.category AND txp_category.type = 'file'\n        LEFT JOIN " . safe_pfx_j('txp_users') . " ON txp_users.name = txp_file.author";
    if ($criteria === 1) {
        $total = safe_count('txp_file', $criteria);
    } else {
        $total = getThing("SELECT COUNT(*) FROM {$sql_from} WHERE {$criteria}");
    echo n . tag(hed(gTxt('tab_file'), 1, array('class' => 'txp-heading')), 'div', array('class' => 'txp-layout-2col-cell-1'));
    $searchBlock = n . tag($search->renderForm('file_list', $search_render_options), 'div', array('class' => 'txp-layout-2col-cell-2', 'id' => $event . '_control'));
    $createBlock = array();
    if (!is_dir($file_base_path) || !is_writeable($file_base_path)) {
        $createBlock[] = graf(span(null, array('class' => 'ui-icon ui-icon-alert')) . ' ' . gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), array('class' => 'alert-block warning'));
    } elseif (has_privs('file.edit.own')) {
        $createBlock[] = n . tag_start('div', array('class' => 'txp-control-panel')) . n . file_upload_form('upload_file', 'upload', 'file_insert', '', '', '', '');
        $existing_files = get_filenames();
        if ($existing_files) {
            $createBlock[] = form(eInput('file') . sInput('file_create') . tag(gTxt('existing_file'), 'label', array('for' => 'file-existing')) . selectInput('filename', $existing_files, '', 1, '', 'file-existing') . fInput('submit', '', gTxt('Create')), '', '', 'post', 'assign-existing-form', '', 'assign_file');
        $createBlock[] = tag_end('div');
    $contentBlockStart = n . tag_start('div', array('class' => 'txp-layout-1col', 'id' => $event . '_container'));
    $createBlock = implode(n, $createBlock);
    if ($total < 1) {
        if ($criteria != 1) {
            echo $searchBlock . $contentBlockStart . $createBlock . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_results_found'), array('class' => 'alert-block information'));
        } else {
            echo $contentBlockStart . $createBlock . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_files_recorded'), array('class' => 'alert-block information'));
        echo n . tag_end('div');
    $limit = max($file_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo $searchBlock . $contentBlockStart . $createBlock;
    $rs = safe_query("SELECT\n            txp_file.id,\n            txp_file.filename,\n            txp_file.title,\n            txp_file.category,\n            txp_file.description,\n            UNIX_TIMESTAMP(txp_file.created) AS uDate,\n            txp_file.downloads,\n            txp_file.status,\n            txp_file.author,\n            txp_users.RealName AS realname,\n            txp_category.Title AS category_title\n        FROM {$sql_from} WHERE {$criteria} ORDER BY {$sort_sql} LIMIT {$offset}, {$limit}");
    if ($rs && numRows($rs)) {
        $show_authors = !has_single_author('txp_file');
        echo n . tag(toggle_box('files_detail'), 'div', array('class' => 'txp-list-options')) . n . tag_start('form', array('class' => 'multi_edit_form', 'id' => 'files_form', 'name' => 'longform', 'method' => 'post', 'action' => 'index.php')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' class="txp-list-col-multi-edit" scope="col" title="' . gTxt('toggle_all_selected') . '"') . column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'txp-list-col-id') . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method, ('filename' == $sort ? "{$dir} " : '') . 'txp-list-col-filename') . column_head('title', 'title', 'file', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'txp-list-col-title files_detail') . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'txp-list-col-created date files_detail') . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'txp-list-col-category category') . hCell(gTxt('tags'), '', ' class="txp-list-col-tag-build files_detail" scope="col"') . hCell(gTxt('status'), '', ' class="txp-list-col-status" scope="col"') . hCell(gTxt('condition'), '', ' class="txp-list-col-condition" scope="col"') . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method, ('downloads' == $sort ? "{$dir} " : '') . 'txp-list-col-downloads') . ($show_authors ? column_head('author', 'author', 'file', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'txp-list-col-author name') : '')) . n . tag_end('thead') . n . tag_start('tbody');
        $validator = new Validator();
        while ($a = nextRow($rs)) {
            $filename = sanitizeForFile($filename);
            $edit_url = array('event' => 'file', 'step' => 'file_edit', 'id' => $id, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit);
            $tag_url = array('event' => 'tag', 'tag_name' => 'file_download_link', 'id' => $id, 'description' => $description, 'filename' => $filename);
            $file_exists = file_exists(build_file_path($file_base_path, $filename));
            $can_edit = has_privs('file.edit') || $author === $txp_user && has_privs('file.edit.own');
            $validator->setConstraints(array(new CategoryConstraint($category, array('type' => 'file'))));
            if ($validator->validate()) {
                $vc = '';
            } else {
                $vc = ' error';
            if ($file_exists) {
                $downloads = make_download_link($id, $downloads, $filename);
                $condition = span(gTxt('file_status_ok'), array('class' => 'success'));
            } else {
                $condition = span(gTxt('file_status_missing'), array('class' => 'error'));
            if ($category) {
                $category = span(txpspecialchars($category_title), array('title' => $category));
            if ($can_edit) {
                $name = href(txpspecialchars($filename), $edit_url, array('title' => gTxt('edit')));
            } else {
                $name = txpspecialchars($filename);
            if ($can_edit) {
                $id_column = href($id, $edit_url, array('title' => gTxt('edit')));
                $multi_edit = fInput('checkbox', 'selected[]', $id);
            } else {
                $id_column = $id;
                $multi_edit = '';
            if ($file_exists) {
                $id_column .= sp . span(span('[', array('aria-hidden' => 'true')) . make_download_link($id, gTxt('download'), $filename) . span(']', array('aria-hidden' => 'true')), array('class' => 'txp-option-link'));
            if (isset($file_statuses[$status])) {
                $status = $file_statuses[$status];
            } else {
                $status = span(gTxt('none'), array('class' => 'error'));
            echo tr(td($multi_edit, '', 'txp-list-col-multi-edit') . hCell($id_column, '', array('class' => 'txp-list-col-id', 'scope' => 'row')) . td($name, '', 'txp-list-col-filename') . td(txpspecialchars($title), '', 'txp-list-col-title files_detail') . td(gTime($uDate), '', 'txp-list-col-created date files_detail') . td($category, '', 'txp-list-col-category category' . $vc) . td(href('Textile', $tag_url + array('type' => 'textile'), ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('&#124;', array('role' => 'separator')) . sp . href('Textpattern', $tag_url + array('type' => 'textpattern'), ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('&#124;', array('role' => 'separator')) . sp . href('HTML', $tag_url + array('type' => 'html'), ' target="_blank" onclick="popWin(this.href); return false;"'), '', 'txp-list-col-tag-build files_detail') . td($status, '', 'txp-list-col-status') . td($condition, '', 'txp-list-col-condition') . td($downloads, '', 'txp-list-col-downloads') . ($show_authors ? td(span(txpspecialchars($realname), array('title' => $author)), '', 'txp-list-col-author name') : ''));
        echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . file_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . n . tag_start('div', array('class' => 'txp-navigation', 'id' => $event . '_navigation')) . pageby_form('file', $file_list_pageby) . nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div');
Exemple #17
function ipban_list($message = '')
    global $event;
    pageTop(gTxt('list_banned_ips'), $message);
    echo '<h1 class="txp-heading">' . gTxt('banned_ips') . '</h1>';
    echo '<div id="' . $event . '_banned_control" class="txp-control-panel">';
    echo graf(sLink('discuss', 'discuss_list', gTxt('list_discussions')), ' class="txp-buttons"');
    echo '</div>';
    $rs = safe_rows_start('*, unix_timestamp(date_banned) as uBanned', 'txp_discuss_ipban', "1 = 1 order by date_banned desc");
    if ($rs and numRows($rs) > 0) {
        echo '<div id="' . $event . '_ban_container" class="txp-container">' . startTable('', '', 'txp-list') . n . '<thead>' . tr(hCell(gTxt('date_banned'), '', ' class="date banned"') . hCell(gTxt('IP'), '', ' class="ip"') . hCell(gTxt('name_used'), '', ' class="name"') . hCell(gTxt('banned_for'), '', ' class="id"')) . n . '</thead>';
        echo '<tbody>';
        while ($a = nextRow($rs)) {
            echo tr(td(gTime($uBanned), '', 'date banned') . td(txpspecialchars($ip) . n . '[<a class="action-ban" href="?event=discuss' . a . 'step=ipban_unban' . a . 'ip=' . txpspecialchars($ip) . a . '_txp_token=' . form_token() . '">' . gTxt('unban') . '</a>]', '', 'ip') . td(txpspecialchars($name_used), '', 'name') . td('<a href="?event=discuss' . a . 'step=discuss_edit' . a . 'discussid=' . $banned_on_message . '">' . $banned_on_message . '</a>', '', 'id'));
        echo '</tbody>' . endTable() . '</div>';
    } else {
        echo graf(gTxt('no_ips_banned'), ' class="indicator"');
Exemple #18
function category_list($atts, $thing = NULL)
    global $s, $c, $thiscategory;
    extract(lAtts(array('active_class' => '', 'break' => br, 'categories' => '', 'class' => __FUNCTION__, 'exclude' => '', 'form' => '', 'label' => '', 'labeltag' => '', 'parent' => '', 'section' => '', 'children' => '1', 'sort' => '', 'this_section' => 0, 'type' => 'article', 'wraptag' => ''), $atts));
    $sort = doSlash($sort);
    if ($categories) {
        $categories = do_list($categories);
        $categories = join("','", doSlash($categories));
        $rs = safe_rows_start('name, title', 'txp_category', "type = '" . doSlash($type) . "' and name in ('{$categories}') order by " . ($sort ? $sort : "field(name, '{$categories}')"));
    } else {
        if ($children) {
            $shallow = '';
        } else {
            // descend only one level from either 'parent' or 'root', plus parent category
            $shallow = $parent ? "and (parent = '" . doSlash($parent) . "' or name = '" . doSlash($parent) . "')" : "and parent = 'root'";
        if ($exclude) {
            $exclude = do_list($exclude);
            $exclude = join("','", doSlash($exclude));
            $exclude = "and name not in('{$exclude}')";
        if ($parent) {
            $qs = safe_row('lft, rgt', 'txp_category', "type = '" . doSlash($type) . "' and name = '" . doSlash($parent) . "'");
            if ($qs) {
                $rs = safe_rows_start('name, title', 'txp_category', "(lft between {$lft} and {$rgt}) and type = '" . doSlash($type) . "' and name != 'default' {$exclude} {$shallow} order by " . ($sort ? $sort : 'lft ASC'));
            } else {
                $rs = array();
        } else {
            $rs = safe_rows_start('name, title', 'txp_category', "type = '" . doSlash($type) . "' and name not in('default','root') {$exclude} {$shallow} order by " . ($sort ? $sort : 'name ASC'));
    if ($rs) {
        $out = array();
        $count = 0;
        $last = numRows($rs);
        if (isset($thiscategory)) {
            $old_category = $thiscategory;
        while ($a = nextRow($rs)) {
            if ($name) {
                $section = $this_section ? $s == 'default' ? '' : $s : $section;
                if (empty($form) && empty($thing)) {
                    $out[] = tag(txpspecialchars($title), 'a', (($active_class and 0 == strcasecmp($c, $name)) ? ' class="' . txpspecialchars($active_class) . '"' : '') . ' href="' . pagelinkurl(array('s' => $section, 'c' => $name, 'context' => $type)) . '"');
                } else {
                    $thiscategory = array('name' => $name, 'title' => $title, 'type' => $type);
                    $thiscategory['is_first'] = $count == 1;
                    $thiscategory['is_last'] = $count == $last;
                    if (isset($atts['section'])) {
                        $thiscategory['section'] = $section;
                    $out[] = $thing ? parse($thing) : parse_form($form);
        $thiscategory = isset($old_category) ? $old_category : NULL;
        if ($out) {
            return doLabel($label, $labeltag) . doWrap($out, $wraptag, $break, $class);
    return '';
Exemple #19
function doArticles($atts, $iscustom)
    global $pretext, $prefs, $txpcfg, $DB;
    $customFields = getCustomFields();
    $customlAtts = array_null(array_flip($customFields));
    //getting attributes
    $theAtts = lAtts(array('form' => 'default', 'listform' => '', 'searchform' => '', 'limit' => 10, 'pageby' => '', 'category' => '', 'section' => '', 'excerpted' => 0, 'author' => '', 'sort' => '', 'month' => '', 'keywords' => '', 'frontpage' => '', 'id' => '', 'time' => 'past', 'status' => '4', 'pgonly' => 0, 'searchall' => 1, 'searchsticky' => 0, 'allowoverride' => !$q and !$iscustom, 'offset' => 0) + $customlAtts, $atts);
    // if an article ID is specified, treat it as a custom list
    $iscustom = !empty($theAtts['id']) ? true : $iscustom;
    //for the txp:article tag, some attributes are taken from globals;
    //override them before extract
    if (!$iscustom) {
        $theAtts['category'] = $c ? $c : '';
        $theAtts['section'] = $s && $s != 'default' ? $s : '';
        $theAtts['author'] = !empty($author) ? $author : '';
        $theAtts['month'] = !empty($month) ? $month : '';
        $theAtts['frontpage'] = $s && $s == 'default' ? true : false;
        $theAtts['excerpted'] = 0;
    $pageby = empty($pageby) ? $limit : $pageby;
    // treat sticky articles differently wrt search filtering, etc
    if (!is_numeric($status)) {
        $status = getStatusNum($status);
    $issticky = $status == 5;
    //give control to search, if necesary
    if ($q && !$iscustom && !$issticky) {
        include_once txpath . '/publish/search.php';
        $s_filter = $searchall ? filterSearch() : '';
        $match = ", " . $DB->match('Title,Body', doSlash($q));
        $words = preg_split('/\\s+/', $q);
        foreach ($words as $w) {
            $rlike[] = "(Title " . $DB->rlike() . " '" . doSlash(preg_quote($w)) . "' or Body " . $DB->rlike() . " '" . doSlash(preg_quote($w)) . "')";
        $search = " and " . join(' and ', $rlike) . " {$s_filter}";
        // searchall=0 can be used to show search results for the current section only
        if ($searchall) {
            $section = '';
        if (!$sort) {
            $sort = 'score desc';
    } else {
        $match = $search = '';
        if (!$sort) {
            $sort = 'Posted desc';
    //Building query parts
    $frontpage = ($frontpage and (!$q or $issticky)) ? filterFrontPage() : '';
    $category = join("','", doSlash(do_list($category)));
    $category = !$category ? '' : " and (Category1 IN ('" . $category . "') or Category2 IN ('" . $category . "'))";
    $section = !$section ? '' : " and Section IN ('" . join("','", doSlash(do_list($section))) . "')";
    $excerpted = !$excerpted ? '' : " and Excerpt !=''";
    $author = !$author ? '' : " and AuthorID IN ('" . join("','", doSlash(do_list($author))) . "')";
    $month = !$month ? '' : " and Posted like '" . doSlash($month) . "%'";
    $id = !$id ? '' : " and ID = '" . intval($id) . "'";
    switch ($time) {
        case 'any':
            $time = "";
        case 'future':
            $time = " and Posted > now()";
            $time = " and Posted <= now()";
    if (!$publish_expired_articles) {
        $time .= " and (now() <= Expires or Expires = " . NULLDATETIME . ")";
    $custom = '';
    if ($customFields) {
        foreach ($customFields as $cField) {
            if (isset($atts[$cField])) {
                $customPairs[$cField] = $atts[$cField];
        if (!empty($customPairs)) {
            $custom = buildCustomSql($customFields, $customPairs);
    //Allow keywords for no-custom articles. That tagging mode, you know
    if ($keywords) {
        $keys = doSlash(do_list($keywords));
        foreach ($keys as $key) {
            $keyparts[] = "FIND_IN_SET('" . $key . "',Keywords)";
        $keywords = " and (" . join(' or ', $keyparts) . ")";
    if ($q and $searchsticky) {
        $statusq = ' and Status >= 4';
    } elseif ($id) {
        $statusq = ' and Status >= 4';
    } else {
        $statusq = ' and Status = ' . intval($status);
    $where = "1=1" . $statusq . $time . $search . $id . $category . $section . $excerpted . $month . $author . $keywords . $custom . $frontpage;
    //do not paginate if we are on a custom list
    if (!$iscustom and !$issticky) {
        $grand_total = safe_count('textpattern', $where);
        $total = $grand_total - $offset;
        $numPages = ceil($total / $pageby);
        $pg = !$pg ? 1 : $pg;
        $pgoffset = $offset + ($pg - 1) * $pageby;
        // send paging info to txp:newer and txp:older
        $pageout['pg'] = $pg;
        $pageout['numPages'] = $numPages;
        $pageout['s'] = $s;
        $pageout['c'] = $c;
        $pageout['grand_total'] = $grand_total;
        $pageout['total'] = $total;
        global $thispage;
        if (empty($thispage)) {
            $thispage = $pageout;
        if ($pgonly) {
    } else {
        $pgoffset = $offset;
    $rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted, unix_timestamp(Expires) as uExpires" . $match, 'textpattern', $where . ' order by ' . doslash($sort) . ' ' . $DB->limit(intval($limit), intval($pgoffset)));
    // alternative form override for search or list
    if ($q and !$iscustom and !$issticky) {
        $fname = $searchform ? $searchform : 'search_results';
    } else {
        $fname = $listform ? $listform : $form;
    if ($rs) {
        $count = 0;
        $articles = array();
        while ($a = nextRow($rs)) {
            global $thisarticle, $uPosted, $limit;
            $thisarticle['is_first'] = $count == 1;
            $thisarticle['is_last'] = $count == numRows($rs);
            if (@constant('txpinterface') === 'admin' and gps('Form')) {
                $articles[] = parse(gps('Form'));
            } elseif ($allowoverride and $a['override_form']) {
                $articles[] = parse_form($a['override_form']);
            } else {
                $articles[] = parse_form($fname);
            // sending these to paging_link(); Required?
            $uPosted = $a['uPosted'];
        return join('', $articles);
Exemple #20
function doHomeArticles($atts, $thing = NULL)
    global $pretext, $prefs;
    $customFields = getCustomFields();
    $customlAtts = array_null(array_flip($customFields));
    //getting attributes
    $theAtts = lAtts(array('form' => 'default', 'listform' => '', 'searchform' => '', 'limit' => 10, 'category' => '', 'section' => '', 'excerpted' => '', 'author' => '', 'sort' => '', 'month' => '', 'keywords' => '', 'frontpage' => '', 'time' => 'past', 'pgonly' => 0, 'searchall' => 1, 'allowoverride' => true, 'offset' => 0, 'wraptag' => '', 'break' => '', 'label' => '', 'labeltag' => '', 'class' => '') + $customlAtts, $atts);
    $theAtts['category'] = $c ? $c : '';
    $theAtts['section'] = $s && $s != 'default' && $s != 'home' ? $s : '';
    $theAtts['author'] = !empty($author) ? $author : '';
    $theAtts['month'] = !empty($month) ? $month : '';
    $theAtts['frontpage'] = $s && $s == 'home' ? true : false;
    $theAtts['excerpted'] = '';
    // if a listform is specified, $thing is for doArticle() - hence ignore here.
    if (!empty($listform)) {
        $thing = '';
    $pageby = empty($pageby) ? $limit : $pageby;
    $match = $search = '';
    if (!$sort) {
        $sort = 'Posted desc';
    //Building query parts
    $frontpage = filterFrontPage();
    $category = join("','", doSlash(do_list($category)));
    $category = !$category ? '' : " and (Category1 IN ('" . $category . "') or Category2 IN ('" . $category . "'))";
    $section = !$section ? '' : " and Section IN ('" . join("','", doSlash(do_list($section))) . "')";
    $excerpted = $excerpted == 'y' ? " and Excerpt !=''" : '';
    $author = !$author ? '' : " and AuthorID IN ('" . join("','", doSlash(do_list($author))) . "')";
    $month = !$month ? '' : " and Posted like '" . doSlash($month) . "%'";
    $id = !$id ? '' : " and ID IN (" . join(',', array_map('intval', do_list($id))) . ")";
    switch ($time) {
        case 'any':
            $time = "";
        case 'future':
            $time = " and Posted > now()";
            $time = " and Posted <= now()";
    if (!$publish_expired_articles) {
        $time .= " and (now() <= Expires or Expires = " . NULLDATETIME . ")";
    $custom = '';
    if ($customFields) {
        foreach ($customFields as $cField) {
            if (isset($atts[$cField])) {
                $customPairs[$cField] = $atts[$cField];
        if (!empty($customPairs)) {
            $custom = buildCustomSql($customFields, $customPairs);
    $statusq = ' and Status = 5';
    $where = "1=1" . $statusq . $time . $search . $category . $section . $excerpted . $month . $author . $keywords . $custom . $frontpage;
    $rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted, unix_timestamp(Expires) as uExpires, unix_timestamp(LastMod) as uLastMod" . $match, 'textpattern', $where . ' order by ' . doSlash($sort) . ' limit 0' . intval($limit));
    // get the form name
    $fname = $listform ? $listform : $form;
    if ($rs) {
        $count = 0;
        $last = numRows($rs);
        $articles = array();
        while ($a = nextRow($rs)) {
            global $thisarticle, $uPosted, $limit;
            $thisarticle['is_first'] = $count == 1;
            $thisarticle['is_last'] = $count == $last;
            if (@constant('txpinterface') === 'admin' and gps('Form')) {
                $articles[] = parse(gps('Form'));
            } elseif ($allowoverride and $a['override_form']) {
                $articles[] = parse_form($a['override_form']);
            } else {
                $articles[] = $thing ? parse($thing) : parse_form($fname);
            // sending these to paging_link(); Required?
            $uPosted = $a['uPosted'];
        return doLabel($label, $labeltag) . doWrap($articles, $wraptag, $break, $class);
Exemple #21

if ($loguserid && isset($_GET['action']) && $_GET['action'] == "markallread") {
    Query("REPLACE INTO {threadsread} (id,thread,date) SELECT {0}, {threads}.id, {1} FROM {threads}", $loguserid, time());
$links = new PipeMenu();
if ($loguserid) {
    $links->add(new PipeMenuLinkEntry(__("Mark all forums read"), "board", 0, "action=markallread", "ok"));
makeBreadcrumbs(new PipeMenu());
if (!$mobileLayout) {
    $statData = Fetch(Query("SELECT\n\t\t(SELECT COUNT(*) FROM {threads}) AS numThreads,\n\t\t(SELECT COUNT(*) FROM {posts}) AS numPosts,\n\t\t(SELECT COUNT(*) FROM {users}) AS numUsers,\n\t\t(select count(*) from {posts} where date > {0}) AS newToday,\n\t\t(select count(*) from {posts} where date > {1}) AS newLastHour,\n\t\t(select count(*) from {users} where lastposttime > {2}) AS numActive", time() - 86400, time() - 3600, time() - 2592000));
    $stats = Format(__("{0} and {1} total"), Plural($statData["numThreads"], __("thread")), Plural($statData["numPosts"], __("post")));
    $stats .= "<br />" . format(__("{0} today, {1} last hour"), Plural($statData["newToday"], __("new post")), $statData["newLastHour"]);
    $percent = $statData["numUsers"] ? ceil(100 / $statData["numUsers"] * $statData["numActive"]) : 0;
    $lastUser = Query("select u.(_userfields) from {users} u order by u.regdate desc limit 1");
    if (numRows($lastUser)) {
        $lastUser = getDataPrefix(Fetch($lastUser), "u_");
        $last = format(__("{0}, {1} active ({2}%)"), Plural($statData["numUsers"], __("registered user")), $statData["numActive"], $percent) . "<br />" . format(__("Newest: {0}"), UserLink($lastUser));
    } else {
        $last = __("No registered users") . "<br />&nbsp;";
    write("\n\t\t<table class=\"outline margin width100\" style=\"overflow: auto;\">\n\t\t\t<tr class=\"cell2 center\" style=\"overflow: auto;\">\n\t\t\t<td>\n\t\t\t\t<div style=\"float: left; width: 25%;\">&nbsp;<br />&nbsp;</div>\n\t\t\t\t<div style=\"float: right; width: 25%;\">{1}</div>\n\t\t\t\t<div class=\"center\">\n\t\t\t\t\t{0}\n\t\t\t\t</div>\n\t\t\t</td>\n\t\t\t</tr>\n\t\t</table>\n\t", $stats, $last);
Exemple #22
function ipban_list($message = '')
    global $event;
    pageTop(gTxt('list_banned_ips'), $message);
    echo hed(gTxt('banned_ips'), 1, array('class' => 'txp-heading'));
    echo n . '<div id="' . $event . '_banned_control" class="txp-control-panel">' . graf(sLink('discuss', 'discuss_list', gTxt('list_discussions')), ' class="txp-buttons"') . n . '</div>';
    $rs = safe_rows_start('*, unix_timestamp(date_banned) as uBanned', 'txp_discuss_ipban', "1 = 1 order by date_banned desc");
    if ($rs and numRows($rs) > 0) {
        echo n . tag_start('div', array('id' => $event . '_ban_container', 'class' => 'txp-container')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(gTxt('date_banned'), '', ' scope="col" class="txp-list-col-banned date"') . hCell(gTxt('IP'), '', ' scope="col" class="txp-list-col-ip"') . hCell(gTxt('name_used'), '', ' scope="col" class="txp-list-col-name"') . hCell(gTxt('banned_for'), '', ' scope="col" class="txp-list-col-id"')) . n . tag_end('thead') . n . tag_start('tbody');
        while ($a = nextRow($rs)) {
            echo tr(hCell(gTime($uBanned), '', ' scope="row" class="txp-list-col-banned date"') . td(txpspecialchars($ip) . sp . span('[', array('aria-hidden' => 'true')) . href(gTxt('unban'), array('event' => 'discuss', 'step' => 'ipban_unban', 'ip' => $ip, '_txp_token' => form_token()), array('class' => 'action-ban')) . span(']', array('aria-hidden' => 'true')), '', 'txp-list-col-ip') . td(txpspecialchars($name_used), '', 'txp-list-col-name') . td(href($banned_on_message, '?event=discuss' . a . 'step=discuss_edit' . a . 'discussid=' . $banned_on_message), '', 'txp-list-col-id'));
        echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . n . tag_end('div');
    } else {
        echo graf(gTxt('no_ips_banned'), ' class="indicator"');
 * Renders the list of preferences.
 * Plugins may add their own prefs, for example by using plugin lifecycle events
 * or raising a (pre) callback on event=admin / step=prefs_list so they are
 * installed or updated when accessing the Preferences panel. Access to the
 * prefs can be controlled by using add_privs() on 'prefs.your-prefs-event-name'.
 * @param string $message The feedback / error string to display
function prefs_list($message = '')
    global $prefs, $txp_user;
    pagetop(gTxt('tab_preferences'), $message);
    $locale = setlocale(LC_ALL, $locale);
    echo n . '<form class="prefs-form" id="prefs_form" method="post" action="index.php">';
    // TODO: remove 'custom' when custom fields are refactored.
    $core_events = array('site', 'admin', 'publish', 'feeds', 'comments', 'custom');
    $joined_core = join(',', quote_list($core_events));
    $sql = array();
    $sql[] = 'prefs_id = 1 and event != "" and type in(' . PREF_CORE . ', ' . PREF_PLUGIN . ')';
    $sql[] = "(user_name = '' OR (user_name = '" . doSlash($txp_user) . "' AND name NOT IN (\n            SELECT name FROM " . safe_pfx('txp_prefs') . " WHERE user_name = ''\n        )))";
    if (!get_pref('use_comments', 1, 1)) {
        $sql[] = "event != 'comments'";
    $rs = safe_rows_start("*, FIELD(event, {$joined_core}) AS sort_value", 'txp_prefs', join(" AND ", $sql) . " ORDER BY sort_value = 0, sort_value, event, position");
    $last_event = null;
    $out = array();
    $build = array();
    $groupOut = array();
    if (numRows($rs)) {
        while ($a = nextRow($rs)) {
            if (!has_privs('prefs.' . $a['event'])) {
            if ($a['event'] !== $last_event) {
                if ($last_event !== null) {
                    $build[] = tag(hed(gTxt($last_event), 2, array('id' => 'prefs_group_' . $last_event . '-label')) . join(n, $out), 'section', array('class' => 'txp-prefs-group', 'id' => 'prefs_group_' . $last_event, 'aria-labelledby' => 'prefs_group_' . $last_event . '-label'));
                    $groupOut[] = n . tag(href(gTxt($last_event), '#prefs_group_' . $last_event, array('data-txp-pane' => $last_event, 'data-txp-token' => form_token())), 'li');
                $last_event = $a['event'];
                $out = array();
            $label = '';
            if (!in_array($a['html'], array('yesnoradio', 'is_dst'))) {
                $label = $a['name'];
            // TODO: remove exception when custom fields move to meta store.
            $help = '';
            if (strpos($a['name'], 'custom_') === false) {
                $help = $a['name'];
            if ($a['html'] == 'text_input') {
                $size = INPUT_REGULAR;
            } else {
                $size = '';
            $out[] = inputLabel($a['name'], pref_func($a['html'], $a['name'], $a['val'], $size), $label, $help, array('class' => 'txp-form-field', 'id' => 'prefs-' . $a['name']));
    if ($last_event === null) {
        echo graf(gTxt('no_preferences'));
    } else {
        $build[] = tag(hed(gTxt($last_event), 2, array('id' => 'prefs_group_' . $last_event . '-label')) . join(n, $out), 'section', array('class' => 'txp-prefs-group', 'id' => 'prefs_group_' . $last_event, 'aria-labelledby' => 'prefs_group_' . $last_event . '-label'));
        $groupOut[] = n . tag(href(gTxt($last_event), '#prefs_group_' . $last_event, array('data-txp-pane' => $last_event, 'data-txp-token' => form_token())), 'li') . n;
        echo hed(gTxt('tab_preferences'), 1, array('class' => 'txp-heading')) . n . '<div class="txp-layout-4col-cell-1alt">' . wrapGroup('all_preferences', n . tag(join($groupOut), 'ul', array('class' => 'switcher-list')), 'all_preferences');
        if ($last_event !== null) {
            echo graf(fInput('submit', 'Submit', gTxt('save'), 'publish'), array('class' => 'txp-save'));
        echo n . '</div>' . n . '<div class="txp-layout-4col-cell-2-3-4">' . join(n, $build) . n . '</div>' . sInput('prefs_save') . eInput('prefs') . hInput('prefs_id', '1') . tInput();
    echo n . '</form>';
Exemple #24
function ipban_list($message = '')
    pageTop(gTxt('list_banned_ips'), $message);
    $rs = safe_rows_start('*, unix_timestamp(date_banned) as uBanned', 'txp_discuss_ipban', "1 = 1 order by date_banned desc");
    if ($rs and numRows($rs) > 0) {
        echo startTable('list') . tr(hCell(gTxt('date_banned')) . hCell(gTxt('IP')) . hCell(gTxt('name_used')) . hCell(gTxt('banned_for')) . hCell());
        while ($a = nextRow($rs)) {
            echo tr(td(safe_strftime('%d %b %Y %I:%M %p', $uBanned), 100) . td($ip, 100) . td($name_used, 100) . td('<a href="?event=discuss' . a . 'step=discuss_edit' . a . 'discussid=' . $banned_on_message . '">' . $banned_on_message . '</a>', 100) . td('<a href="?event=discuss' . a . 'step=ipban_unban' . a . 'ip=' . $ip . '">' . gTxt('unban') . '</a>'));
        echo endTable();
    } else {
        echo graf(gTxt('no_ips_banned'), ' class="indicator"');
Exemple #25
 * Renders the list of preferences.
 * Plugins may add their own prefs, for example by using plugin lifecycle events or
 * raising a (pre) callback on event=admin / step=prefs_list so they are installed
 * or updated when accessing the Preferences panel. Access to the prefs can be
 * controlled by using add_privs() on 'prefs.your-prefs-event-name'.
 * @param  string $message The feedback / error string to display
function prefs_list($message = '')
    global $prefs, $txp_user;
    pagetop(gTxt('tab_preferences'), $message);
    $locale = setlocale(LC_ALL, $locale);
    echo hed(gTxt('tab_preferences'), 1, array('class' => 'txp-heading'));
    echo n . '<div id="prefs_container" class="txp-container">' . n . '<form method="post" class="prefs-form" action="index.php">' . n . '<div class="txp-layout-textbox">';
    // TODO: remove 'custom' when custom fields are refactored.
    $core_events = array('site', 'admin', 'publish', 'feeds', 'comments', 'custom');
    $joined_core = join(',', quote_list($core_events));
    $sql = array();
    $sql[] = 'prefs_id = 1 and event != "" and type in(' . PREF_CORE . ', ' . PREF_PLUGIN . ')';
    $sql[] = "(user_name = '' or (user_name='" . doSlash($txp_user) . "' and name not in(\n            select name from " . safe_pfx('txp_prefs') . " where user_name = ''\n        )))";
    if (!get_pref('use_comments', 1, 1)) {
        $sql[] = "event != 'comments'";
    $rs = safe_rows_start("*, FIELD(event,{$joined_core}) as sort_value", 'txp_prefs', join(' and ', $sql) . " ORDER BY sort_value = 0, sort_value, event, position");
    $last_event = null;
    $out = array();
    if (numRows($rs)) {
        while ($a = nextRow($rs)) {
            if (!has_privs('prefs.' . $a['event'])) {
            if ($a['event'] !== $last_event) {
                if ($last_event !== null) {
                    echo wrapRegion('prefs_group_' . $last_event, join(n, $out), 'prefs_' . $last_event, $last_event, 'prefs_' . $last_event);
                $last_event = $a['event'];
                $out = array();
            $label = '';
            if (!in_array($a['html'], array('yesnoradio', 'is_dst'))) {
                $label = $a['name'];
            // TODO: remove exception when custom fields move to meta store.
            $help = '';
            if (strpos($a['name'], 'custom_') === false) {
                $help = $a['name'];
            if ($a['html'] == 'text_input') {
                $size = INPUT_REGULAR;
            } else {
                $size = '';
            $out[] = inputLabel($a['name'], pref_func($a['html'], $a['name'], $a['val'], $size), $label, $help, array('id' => 'prefs-' . $a['name']));
    if ($last_event === null) {
        echo graf(gTxt('no_preferences'));
    } else {
        echo wrapRegion('prefs_group_' . $last_event, join(n, $out), 'prefs_' . $last_event, $last_event, 'prefs_' . $last_event);
    echo n . '</div>' . sInput('prefs_save') . eInput('prefs') . hInput('prefs_id', '1') . tInput();
    if ($last_event !== null) {
        echo graf(fInput('submit', 'Submit', gTxt('save'), 'publish'));
    echo n . '</form>' . n . '</div>';
Exemple #26
 * Gets an array of files in the Files directory that weren't uploaded
 * from Textpattern.
 * Used for importing existing files on the server to Textpattern's files panel.
 * @return  array An array of file paths
 * @package File
function get_filenames()
    global $file_base_path;
    $files = array();
    if (!is_dir($file_base_path) || !is_readable($file_base_path)) {
        return array();
    $cwd = getcwd();
    if (chdir($file_base_path)) {
        $directory = glob('*.*', GLOB_NOSORT);
        if ($directory) {
            foreach ($directory as $filename) {
                if (is_file($filename) && is_readable($filename)) {
                    $files[$filename] = $filename;
        if ($cwd) {
    if (!$files) {
        return array();
    $rs = safe_rows_start('filename', 'txp_file', '1 = 1');
    if ($rs && numRows($rs)) {
        while ($a = nextRow($rs)) {
    return $files;
Exemple #27
function form_pop($select_name, $type = '', $val)
    $vals = array();
    $type = $type ? "type = '" . doSlash($type) . "'" : '1 = 1';
    $rs = safe_rows_start('name', 'txp_form', "{$type} order by name");
    if ($rs and numRows($rs) > 0) {
        while ($a = nextRow($rs)) {
            $vals[$name] = $name;
        return ' ' . selectInput($select_name, $vals, $val, true);
    return gTxt('no_forms_available');
Exemple #28
function isCompatible($fileContents, $dataArray)
    if (numRows($dataArray) == 0) {
        return true;
    if (numRowsCSV($fileContents) == numRows($dataArray)) {
        $csvArray = csvToArray($fileContents);
        return compatibleDateTimes($dataArray, $csvArray);
    } else {
        return false;
Exemple #29
 * Processes the selected import tool action.
 * Basically does the importing.
function start_import()
    global $event, $vars;
    $insert_into_section = $import_section;
    $insert_with_status = $import_status;
    $default_comment_invite = $import_comments_invite;
    include_once txpath . '/include/import/import_' . $import_tool . '.php';
    $ini_time = ini_get('max_execution_time');
    @ini_set('max_execution_time', 300 + intval($ini_time));
    switch ($import_tool) {
        case 'mtdb':
            $out = doImportMTDB($importdblogin, $importdb, $importdbpass, $importdbhost, $import_blog_id, $insert_into_section, $insert_with_status, $default_comment_invite);
            rebuild_tree('root', 1, 'article');
        case 'mt':
            $file = check_import_file();
            if (!empty($file)) {
                $out = doImportMT($file, $insert_into_section, $insert_with_status, $import_comments_invite);
                // Rebuilding category tree.
                rebuild_tree('root', 1, 'article');
            } else {
                $out = 'Import file not found';
        case 'b2':
            $out = doImportB2($importdblogin, $importdb, $importdbpass, $importdbhost, $insert_into_section, $insert_with_status, $default_comment_invite);
        case 'wp':
            $out = doImportWP($importdblogin, $importdb, $importdbpass, $importdbhost, $wpdbprefix, $insert_into_section, $insert_with_status, $default_comment_invite, $wpdbcharset);
            rebuild_tree('root', 1, 'article');
        case 'blogger':
            $file = check_import_file();
            if (!empty($file)) {
                $out = doImportBLOGGER($file, $insert_into_section, $insert_with_status, $import_comments_invite);
            } else {
                $out = gTxt('import_file_not_found');
    $out = tag('max_execution_time = ' . ini_get('max_execution_time'), 'p', ' class="highlight"') . $out;
    $content = '<div id="' . $event . '_container" class="txp-container">';
    $content .= startTable('', '', 'txp-list');
    $content .= tr(tdcs(hed(gTxt('txp_import'), 2), 2));
    $content .= tr(td($out));
    $content .= endTable();
    $content .= '</div>';
    echo $content;
    $rs = safe_rows_start('parentid, count(*) as thecount', 'txp_discuss', 'visible=1 group by parentid');
    if (numRows($rs) > 0) {
        while ($a = nextRow($rs)) {
            safe_update('textpattern', "comments_count=" . $a['thecount'], "ID=" . $a['parentid']);
Exemple #30
function ipban_list($message = '')
    global $event;
    pageTop(gTxt('list_banned_ips'), $message);
    $rs = safe_rows_start('*, unix_timestamp(date_banned) as uBanned', 'txp_discuss_ipban', "1 = 1 order by date_banned desc");
    if ($rs and numRows($rs) > 0) {
        echo '<div id="' . $event . '_ban_container" class="txp-container txp-list">' . startTable('list', '', 'list') . n . '<thead>' . tr(hCell(gTxt('date_banned'), '', ' class="date banned"') . hCell(gTxt('IP'), '', ' class="ip"') . hCell(gTxt('name_used'), '', ' class="name"') . hCell(gTxt('banned_for'), '', ' class="id"') . hCell('', '', ' class="actions"')) . n . '</thead>';
        echo '<tbody>';
        $ctr = 1;
        while ($a = nextRow($rs)) {
            echo tr(td(safe_strftime('%d %b %Y %I:%M %p', $uBanned), 100, 'date banned') . td($ip, 100, 'ip') . td($name_used, 100, 'name') . td('<a href="?event=discuss' . a . 'step=discuss_edit' . a . 'discussid=' . $banned_on_message . '">' . $banned_on_message . '</a>', 100, 'id') . td('<a class="action-ban" href="?event=discuss' . a . 'step=ipban_unban' . a . 'ip=' . $ip . '">' . gTxt('unban') . '</a>', '', 'actions'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"');
        echo '</tbody>' . endTable() . '</div>';
    } else {
        echo graf(gTxt('no_ips_banned'), ' class="indicator"');