/**
* @package pragyan
* @copyright (c) 2008 Pragyan Team
* @license http://www.gnu.org/licenses/ GNU Public License
* For more details, see README
*/
function displayNews()
{
$news = <<<NEWS
\t\t<style type="text/css">
\t\ta.tickl{font-family:Verdana,Arial,Helvetica,sans-serif;font-size:11px;line-height:12px;text-decoration:none;color:#fff;font-weight:bold;}
\t\t.tickls{color:#666;}
\t\t</style>
\t\t<div id="newsbox" style="font-size:0.9em;position:absolute;right:45px;width:375px;top:80px;color:#fff;z-index:2;">
\t\t<div class="ticki" >
\t\t<a class="tickl" href="/08/home/news/"><span class="tickls">UPDATES</span></a>
\t\t<a id="tickerAnchor" class="tickl" target="_top" href=""></a>
\t\t</div>
\t\t</div>
\t\t<script type="text/javascript" language="JavaScript">
\t\t <!--
\t\t var theCharacterTimeout = 50;
\t\t var theStoryTimeout = 5000;
\t\t var theWidgetOne = "_";
\t\t var theWidgetTwo = "-";
\t\t var theWidgetNone = "";
\t\t var theLeadString = ": ";
\t\t var theSummaries = new Array();
\t\t var theSiteLinks = new Array();
NEWS;
global $sourceFolder;
global $moduleFolder;
global $urlRequestRoot;
global $pageIdArray;
require_once "{$sourceFolder}/{$moduleFolder}/news.lib.php";
$tmpNewsObj = new news();
$pageFullPath = "/news/";
///<Replace with path of news page
$pageId = parseUrlReal($pageFullPath, $pageIdArray);
$pageInfo = getPageInfo($pageId);
$newsArray = $tmpNewsObj->getNewsArray($pageInfo['page_modulecomponentid']);
$news .= "var theItemCount =" . sizeof($newsArray) . ";";
for ($i = 0; $i < sizeof($newsArray); $i++) {
$newsFeed = $newsArray[$i]['news_title'];
$newsFeed .= " - " . $newsArray[$i]['news_feed'];
$newsLink = $newsArray[$i]['news_link'];
// displayerror()
if (strlen($newsFeed) >= 48) {
$newsFeed = substr($newsFeed, 0, 48);
$newsFeed = substr($newsFeed, 0, strrpos($newsFeed, " "));
$newsFeed .= "...";
}
$news .= "theSummaries[{$i}] = \"{$newsFeed}\";";
if ($newsLink == "") {
$newsLink = $urlRequestRoot . $pageFullPath . "&id=" . $newsArray[$i]['news_id'];
}
$news .= "theSiteLinks[{$i}] = \"{$newsLink}\";";
}
$news .= <<<NEWS
\t\t startTicker();
\t\t //-->
\t\t</script>
NEWS;
return $news;
}
function displayNew()
{
global $sourceFolder;
global $moduleFolder;
global $urlRequestRoot;
global $pageIdArray;
require_once "{$sourceFolder}/{$moduleFolder}/news.lib.php";
$tmpNewsObj = new news();
$pageFullPath = "/whatsnew/";
///<Replace with path of news page
$pageId = parseUrlReal($pageFullPath, $pageIdArray);
$pageInfo = getPageInfo($pageId);
$newsArray = $tmpNewsObj->getNewsArray($pageInfo['page_modulecomponentid']);
$newsFeed = '';
for ($i = 0; $i < sizeof($newsArray); $i++) {
$newsTitle = str_replace("'", "'", $newsArray[$i]['news_title']);
$newsBody = str_replace("'", "'", $newsArray[$i]['news_feed']);
$newsTitle = rtrim($newsTitle);
$newsBody = rtrim($newsBody);
$days = 20;
// if(time()<(strtotime($newsArray[$i]['news_date'])+($days*24*60*60))) {
// $newsBody .= '<font color="#f9dc72"><strong> NEW!</strong></font>';
// }
if ($newsArray[$i]['news_link'] == '') {
$newsFeed .= '\'<a href=/09/home/whatsnew>' . $newsTitle . ' ' . $newsBody . '</a>\',';
} else {
$newsFeed .= '\'<a href=' . $newsArray[$i]['news_link'] . '>' . $newsTitle . ' ' . $newsBody . '</a>\',';
}
}
$newsFeed = rtrim($newsFeed, ',');
/**
if (strlen($newsFeed) >= 48) {
$newsFeed = substr($newsFeed, 0, 48);
$newsFeed = substr($newsFeed, 0, strrpos($newsFeed, " "));
$newsFeed .= "...";
}
*/
$news = <<<NEWS
<script>
var pausecontent2=new Array({$newsFeed})
</script>
NEWS;
return $news;
}
/**
* @package pragyan
* @copyright (c) 2008 Pragyan Team
* @license http://www.gnu.org/licenses/ GNU Public License
* For more details, see README
*/
function displayNews2()
{
global $sourceFolder;
global $moduleFolder;
global $urlRequestRoot;
global $pageIdArray;
require_once "{$sourceFolder}/{$moduleFolder}/news.lib.php";
$tmpNewsObj = new news();
$pageFullPath = "/news/";
///<Replace with path of news page
$pageId = parseUrlReal($pageFullPath, $pageIdArray);
$pageInfo = getPageInfo($pageId);
$newsArray = $tmpNewsObj->getNewsArray(0);
for ($i = 0; $i < sizeof($newsArray); $i++) {
$divopen = "<div class=\"news_style\" rel=\"{$newsArray[$i]}[news_title]\" id=\"news{$i}\">";
$heading = "<h4>{$newsArray[$i]}[news_title]</h4>";
$content = "{$newsArray[$i]}[news_feed]";
$divclose = "</div>";
$fulldiv = $divopen . $heading . $content . $divclose;
echo $fulldiv;
}
return 1;
}
function getContent($pageId, $action, $userId, $permission, $recursed = 0)
{
if ($action == "login") {
if ($userId == 0) {
///Commented the requirement of login.lib.php because it is already included in /index.php
//require_once("login.lib.php");
$newUserId = login();
if (is_numeric($newUserId)) {
return getContent($pageId, "view", $newUserId, getPermissions($newUserId, $pageId, "view"), 0);
} else {
return $newUserId;
}
///<The login page
} else {
displayinfo("You are logged in as " . getUserName($userId) . "! Click <a href=\"./+logout\">here</a> to logout.");
}
return getContent($pageId, "view", $userId, getPermissions($userId, $pageId, "view"), $recursed = 0);
}
if ($action == "profile") {
if ($userId != 0) {
require_once "profile.lib.php";
return profile($userId);
} else {
displayinfo("You need to <a href=\"./+login\">login</a> to view your profile.!");
}
}
if ($action == "logout") {
if ($userId != 0) {
$newUserId = resetAuth();
displayinfo("You have been logged out!");
global $openid_enabled;
if ($openid_enabled == 'true') {
displaywarning("If you logged in via Open ID, make sure you also log out from your Open ID service provider's website. Until then your session in this website will remain active !");
}
return getContent($pageId, "view", $newUserId, getPermissions($newUserId, $pageId, "view"), 0);
} else {
displayinfo("You need to <a href=\"./+login\">login</a> first to logout!");
}
}
if ($action == "search") {
require_once "search.lib.php";
$ret = getSearchBox();
if (isset($_POST['query'])) {
$ret .= getSearchResultString($_POST['query']);
} elseif (isset($_GET['query'])) {
$ret .= getSearchResultString($_GET['query']);
}
return $ret;
}
if (isset($_GET['subaction']) && $_GET['subaction'] == 'getchildren') {
if (isset($_GET['parentpath'])) {
global $urlRequestRoot;
require_once 'menu.lib.php';
$pidarr = array();
parseUrlReal(escape($_GET['parentpath']), $pidarr);
$pid = $pidarr[count($pidarr) - 1];
$children = getChildren($pid, $userId);
$response = array();
$response['path'] = escape($_GET['parentpath']);
$response['items'] = array();
foreach ($children as $child) {
$response['items'][] = array($urlRequestRoot . '/home' . escape($_GET['parentpath']) . $child[1], $child[2]);
}
//echo json_encode($response);
exit;
}
}
if ($permission != true) {
if ($userId == 0) {
$suggestion = "(Try <a href=\"./+login\">logging in?</a>)";
} else {
$suggestion = "";
}
displayerror("You do not have the permissions to view this page. {$suggestion}<br /><input type=\"button\" onclick=\"history.go(-1)\" value=\"Go back\" />");
return '';
}
if ($action == "admin") {
require_once "admin.lib.php";
return admin($pageId, $userId);
}
///default actions also to be defined here (and not outside)
/// Coz work to be done after these actions do involve the page
$pagetype_query = "SELECT page_module, page_modulecomponentid FROM " . MYSQL_DATABASE_PREFIX . "pages WHERE page_id='" . escape($pageId) . "'";
$pagetype_result = mysql_query($pagetype_query);
$pagetype_values = mysql_fetch_assoc($pagetype_result);
if (!$pagetype_values) {
displayerror("The requested page does not exist.");
return "";
}
$moduleType = $pagetype_values['page_module'];
$moduleComponentId = $pagetype_values['page_modulecomponentid'];
if ($action == "settings") {
///<done here because we needed to check if the page exists for sure.
require_once "pagesettings.lib.php";
return pagesettings($pageId, $userId);
}
if ($action == "widgets") {
return handleWidgetPageSettings($pageId);
}
if ($recursed == 0) {
$pagetypeupdate_query = "UPDATE " . MYSQL_DATABASE_PREFIX . "pages SET page_lastaccesstime=NOW() WHERE page_id='" . escape($pageId) . "'";
$pagetypeupdate_result = mysql_query($pagetypeupdate_query);
if (!$pagetypeupdate_result) {
return '<div class="cms-error">Error No. 563 - An error has occured. Contact the site administators.</div>';
}
}
if ($moduleType == "link") {
return getContent($moduleComponentId, $action, $userId, true, 1);
}
if ($action == "grant") {
return grantPermissions($userId, $pageId);
}
if ($moduleType == "menu") {
return getContent(getParentPage($pageId), $action, $userId, true, 1);
}
if ($moduleType == "external") {
$query = "SELECT `page_extlink` FROM `" . MYSQL_DATABASE_PREFIX . "external` WHERE `page_modulecomponentid` =\n\t\t\t\t\t(SELECT `page_modulecomponentid` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_id`= '" . escape($pageId) . "')";
$result = mysql_query($query);
$values = mysql_fetch_array($result);
$link = $values[0];
header("Location: {$link}");
}
global $sourceFolder;
global $moduleFolder;
require_once $sourceFolder . "/" . $moduleFolder . "/" . $moduleType . ".lib.php";
$page = new $moduleType();
if (!$page instanceof module) {
displayerror("The module \"{$moduleType}\" does not implement the inteface module</div>");
return "";
}
$createperms_query = " SELECT * FROM " . MYSQL_DATABASE_PREFIX . "permissionlist where perm_action = 'create' AND page_module = '" . $moduleType . "'";
$createperms_result = mysql_query($createperms_query);
if (mysql_num_rows($createperms_result) < 1) {
displayerror("The action \"create\" does not exist in the module \"{$moduleType}\"</div>");
return "";
}
$availableperms_query = "SELECT * FROM " . MYSQL_DATABASE_PREFIX . "permissionlist where perm_action != 'create' AND page_module = '" . $moduleType . "'";
$availableperms_result = mysql_query($availableperms_query);
$permlist = array();
while ($value = mysql_fetch_assoc($availableperms_result)) {
array_push($permlist, $value['perm_action']);
}
array_push($permlist, "view");
$class_methods = get_class_methods($moduleType);
foreach ($permlist as $perm) {
if (!in_array("action" . ucfirst($perm), $class_methods)) {
displayerror("The action \"{$perm}\" does not exist in the module \"{$moduleType}\"</div>");
return "";
}
}
if ($action == "pdf") {
if (isset($_GET['depth'])) {
$depth = $_GET['depth'];
} else {
$depth = 0;
}
if (!is_numeric($depth)) {
$depth = 0;
}
global $TITLE;
global $sourceFolder;
require_once "{$sourceFolder}/modules/pdf/html2fpdf.php";
$pdf = new HTML2FPDF();
$pdf->setModuleComponentId($moduleComponentId);
$pdf->AddPage();
$pdf->WriteHTML($page->getHtml($userId, $moduleComponentId, "view"));
$cp = array();
$j = 0;
if ($depth == -1) {
$cp = child($pageId, $userId, $depth);
if ($cp[0][0]) {
for ($i = 0; $cp[$i][0] != NULL; $i++) {
require_once $sourceFolder . "/" . $moduleFolder . "/" . $cp[$i][2] . ".lib.php";
$page1 = new $cp[$i][2]();
$modCompId = $cp[$i][5];
$pdf->setModuleComponentId($modCompId);
$pdf->AddPage();
$pdf->WriteHTML($page1->getHtml($userId, $modCompId, "view"));
}
}
} else {
if ($depth > 0) {
$cp = child($pageId, $userId, $depth);
--$depth;
while ($depth > 0) {
$count = count($cp);
for ($j; $j < $count; $j++) {
$cp = array_merge((array) $cp, (array) child($cp[$j][0], $userId, $depth));
}
--$depth;
}
if ($cp[0][0]) {
for ($i = 0; isset($cp[$i]); $i++) {
require_once $sourceFolder . "/" . $moduleFolder . "/" . $cp[$i][2] . ".lib.php";
$page1 = new $cp[$i][2]();
$modCompId = $cp[$i][5];
$pdf->setModuleComponentId($modCompId);
$pdf->AddPage();
$pdf->WriteHTML($page1->getHtml($userId, $modCompId, "view"));
}
}
}
}
$filePath = $sourceFolder . "/uploads/temp/" . $TITLE . ".pdf";
while (file_exists($filePath)) {
$filePath = $sourceFolder . "/uploads/temp/" . $TITLE . "-" . rand() . ".pdf";
}
$pdf->Output($filePath);
header("Pragma: public");
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private", false);
header("Content-Type: application/pdf");
header("Content-Disposition: attachment; filename=\"" . basename($filePath) . "\";");
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize($filePath));
@readfile("{$filePath}");
unlink($filePath);
}
return $page->getHtml($userId, $moduleComponentId, $action);
}
///The URL may contain some harmful GET variables, so filter and block such URLs.
if (URLSecurityCheck($_GET)) {
define("TEMPLATE", getPageTemplate(0));
$pageId = parseUrlReal("home", $pageIdArray);
$TITLE = CMS_TITLE;
$MENUBAR = '';
$CONTENT = "The requested URL was found to have invalid syntax and cannot be processed for security reasons.<br/> If you believe its a" . "correct URL, please contact the administrator immediately..<br />{$_SERVER['SERVER_SIGNATURE']}" . "<br /><br />Click <a href='" . $urlRequestRoot . "'>here </a> to return to the home page";
templateReplace($TITLE, $MENUBAR, $ACTIONBARMODULE, $ACTIONBARPAGE, $BREADCRUMB, $SEARCHBAR, $PAGEKEYWORDS, $INHERITEDINFO, $CONTENT, $FOOTER, $DEBUGINFO, $ERRORSTRING, $WARNINGSTRING, $INFOSTRING, $STARTSCRIPTS, $LOGINFORM);
exit;
}
///Parse the URL and retrieve the PageID of the request page if its valid
$pageId = parseUrlReal($pageFullPath, $pageIdArray);
///Means that the requested URL is not valid.
if ($pageId === false) {
define("TEMPLATE", getPageTemplate(0));
$pageId = parseUrlReal("home", $pageIdArray);
$TITLE = CMS_TITLE;
$MENUBAR = '';
$CONTENT = "The requested URL was not found on this server.<br />{$_SERVER['SERVER_SIGNATURE']}" . "<br /><br />Click <a href='" . $urlRequestRoot . "'>here </a> to return to the home page";
templateReplace($TITLE, $MENUBAR, $ACTIONBARMODULE, $ACTIONBARPAGE, $BREADCRUMB, $SEARCHBAR, $PAGEKEYWORDS, $INHERITEDINFO, $CONTENT, $FOOTER, $DEBUGINFO, $ERRORSTRING, $WARNINGSTRING, $INFOSTRING, $STARTSCRIPTS, $LOGINFORM);
exit;
}
///If it reaches here, means the page requested is valid. Log the information for future use.
logInfo(getUserEmail($userId), $userId, $pageId, $pageFullPath, getPageModule($pageId), $action, $_SERVER['REMOTE_ADDR']);
///The URL points to a file. Download permissions for the file are handled inside the download() function in download.lib.php
if (isset($_GET['fileget'])) {
require_once $sourceFolder . "/download.lib.php";
$action = "";
if (isset($_GET['action'])) {
$action = $_GET['action'];
}
/**
* Displays a page settings form, as well as handles its submission, given a page id and a user id
* @param $pageId Page id of the page where the user is trying to modify settings
* @param $userId User id of the current user
* @return HTML content for the page (the form, or the notifications after the form handling)
*/
function pagesettings($pageId, $userId)
{
$pageId = escape($pageId);
$userId = escape($userId);
global $sourceFolder;
$chkquery = "SELECT `value` FROM `" . MYSQL_DATABASE_PREFIX . "global` WHERE `attribute`='allow_pagespecific_template'";
$row = mysql_fetch_row(mysql_query($chkquery));
$allow_pagespecific_templates = $row[0];
// 0 if disabled, 1 if enabled
require_once $sourceFolder . "/tree.lib.php";
if (isset($_GET['displayinfo'])) {
displayinfo(safe_html($_GET['displayinfo']));
}
if (isset($_GET['displayerror'])) {
displayerror(safe_html($_GET['displayerror']));
}
if (isset($_GET['subaction'])) {
if ($_GET['subaction'] == "pagesettings") {
$childPageName = escape($_GET['pageName']);
if (isset($_POST['btnSubmit'])) {
global $sourceFolder;
require_once $sourceFolder . "/parseurl.lib.php";
if (isset($_POST['link'])) {
$lpageIdArray = array();
$linkpageid = parseUrlReal(escape($_POST['link']), $lpageIdArray);
} else {
if (isset($_POST['exlink'])) {
$exlink = escape($_POST['exlink']);
}
}
$visibleChildList = array();
$visibleiChildList = array();
$visiblesChildList = array();
if (isset($_POST['menubarshowchildren']) && is_array($_POST['menubarshowchildren'])) {
for ($i = 0; $i < count($_POST['menubarshowchildren']); $i++) {
$visibleChildList[] = escape($_POST['menubarshowchildren'][$i]);
}
}
if (isset($_POST['sitemapshowchildren']) && is_array($_POST['sitemapshowchildren'])) {
for ($i = 0; $i < count($_POST['sitemapshowchildren']); $i++) {
$visiblesChildList[] = escape($_POST['sitemapshowchildren'][$i]);
}
}
if (isset($_POST['childrenshowicon']) && is_array($_POST['childrenshowicon'])) {
for ($i = 0; $i < count($_POST['childrenshowicon']); $i++) {
$visibleiChildList[] = escape($_POST['childrenshowicon'][$i]);
}
}
$pageInfoRow = getPageInfo($pageId);
if (isset($_POST['default_template']) || $allow_pagespecific_templates == 0) {
$page_template = DEF_TEMPLATE;
} else {
$page_template = escape($_POST['page_template']);
}
$template_propogate = isset($_POST['template_propogate']) ? true : false;
$menu_propogate = isset($_POST['menustyle_propogate']) ? true : false;
$icon_propogate = isset($_POST['icon_propogate']) ? true : false;
$_POST['pagename'] = isset($_POST['pagename']) ? $_POST['pagename'] : "";
$_POST['pagetitle'] = isset($_POST['pagetitle']) ? $_POST['pagetitle'] : "";
$var = isset($_POST['allowComments']) ? 1 : 0;
$modulecomponentid = mysql_fetch_array(mysql_query("SELECT `page_modulecomponentid` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_id` = '{$pageId}'"));
$modulecomponentid = $modulecomponentid['page_modulecomponentid'];
mysql_query("UPDATE `article_content` SET `allowComments` = {$var} WHERE `page_modulecomponentid` = '{$modulecomponentid}'");
if (isset($_POST['exlink'])) {
mysql_query("UPDATE `" . MYSQL_DATABASE_PREFIX . "external` SET `page_extlink` = '{$exlink}' WHERE `page_modulecomponentid`= '{$modulecomponentid}'");
} else {
if (isset($_POST['link'])) {
mysql_query("UPDATE `" . MYSQL_DATABASE_PREFIX . "pages` SET `page_modulecomponentid` = '{$linkpageid}' WHERE `page_id`= '{$pageId}'");
}
}
$updateErrors = updateSettings($pageId, $userId, escape($_POST['pagename']), escape($_POST['pagetitle']), isset($_POST['showinmenu']), isset($_POST['showheading']), isset($_POST['showmenubar']), isset($_POST['showsiblingmenu']), $visibleChildList, $visiblesChildList, $visibleiChildList, $page_template, $template_propogate, escape($_POST['menutype']), isset($_POST['menudepth']) ? escape($_POST['menudepth']) : NULL, $menu_propogate, isset($_POST['showinsitemap']), isset($_POST['displayicon']), $icon_propogate);
$pageInfoRow = getPageInfo($pageId);
if ($updateErrors == '') {
//disconnect();
//header("Location: ../{$pageInfoRow['page_name']}+settings&displayinfo=".rawurlencode('Page settings updated successfully!'));
displayinfo("Page settings updated successfully!");
} else {
//disconnect();
//header("Location: ../{$pageInfoRow['page_name']}+settings&displayerror=".rawurlencode($updateErrors));
displayerror("Could not update page settings : " . $updateErrors);
}
}
if (isset($_POST['moveUp']) || isset($_POST['moveDn'])) {
if (isset($_POST['moveUp'])) {
$comparison = "<=";
$sortOrder = "DESC";
} else {
$comparison = ">=";
$sortOrder = "ASC";
}
$childPageName = escape($_GET['pageName']);
$query = "SELECT `page_menurank`,`page_id` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_parentid`='{$pageId}' AND `page_name`='{$childPageName}' AND `page_id` != '{$pageId}' ORDER BY `page_menurank` {$sortOrder} LIMIT 0,1 ";
$result = mysql_query($query);
$temp = mysql_fetch_assoc($result);
$childPageId = $temp['page_id'];
$query = "SELECT `page_menurank`,`page_id` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_parentid`={$pageId} AND `page_menurank` {$comparison}(SELECT `page_menurank` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_parentid`='{$pageId}' AND `page_name`='{$childPageName}') AND `page_id` != '{$childPageId}' AND `page_parentid` != `page_id` ORDER BY `page_menurank` {$sortOrder} LIMIT 0,1 ";
$result = mysql_query($query) or displayinfo(mysql_error());
if (mysql_num_rows($result) == 0) {
displayerror("You cannot move up/down the first/last page in menu");
}
$tempTarg = mysql_fetch_assoc($result);
$query = "SELECT `page_menurank`,`page_parentid` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_id`='{$childPageId}'";
$result = mysql_query($query);
$tempSrc = mysql_fetch_assoc($result);
if ($tempTarg['page_menurank'] == $tempSrc['page_menurank']) {
$query = "UPDATE `" . MYSQL_DATABASE_PREFIX . "pages` SET `page_menurank` = `page_id` WHERE `page_parentid`='{$tempSrc['page_parentid']}'";
mysql_query($query);
displayinfo("Error in menu rank corrected. Please reorder the pages");
} else {
$query = "UPDATE `" . MYSQL_DATABASE_PREFIX . "pages` SET `page_menurank` ='{$tempSrc['page_menurank']}' WHERE `page_id` = '{$tempTarg['page_id']}' ";
mysql_query($query);
$query = "UPDATE `" . MYSQL_DATABASE_PREFIX . "pages` SET `page_menurank` ='{$tempTarg['page_menurank']}' WHERE `page_id` = '{$childPageId}' ";
mysql_query($query);
}
}
if (isset($_POST['deletePage'])) {
if (isset($_GET['pageName']) && $_GET['pageName'] != "") {
$childPageName = escape($_GET['pageName']);
$query = "SELECT `page_id` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_parentid`='{$pageId}' AND `page_name`='{$childPageName}'";
$result = mysql_query($query);
$temp = mysql_fetch_assoc($result);
$childPageId = $temp['page_id'];
if (deletePage($childPageId, $userId)) {
displayinfo("Page deleted successfully.");
}
} else {
displayerror("Not enough information available");
}
}
} elseif ($_GET['subaction'] == "move") {
if ($_POST['parentpagepath'] == '') {
$updateErrors = "Null page id";
} else {
global $sourceFolder;
require_once $sourceFolder . "/parseurl.lib.php";
$pageIdArray = array();
$parentId = parseUrlReal(escape($_POST['parentpagepath']), $pageIdArray);
$updateErrors = move_page($userId, $pageId, $parentId, escape($_POST['destinationpagetitle']), escape($_POST['destinationpagename']), isset($_POST['deleteoriginalpage']));
}
if ($updateErrors != '') {
displayerror($updateErrors);
}
} elseif ($_GET['subaction'] == "create") {
/**
* Have page rank equal to page id to ensure unique ranks
* for links, rank equals to page id of the target sure, coz we can sure the pageid of parent page is unique at destination
* check if there is any child page with same name
* page name should not contain any special characters. (esp space)
* ask for page name only and page title = ucfirst(pagename)
* check if the guy has permission to create the page of that type
* call modules createModule function
*/
if (isset($_POST['childpagetype']) && isset($_POST['childpagename'])) {
if (isset($_POST['default_template']) || $allow_pagespecific_templates == 0) {
$page_template = DEF_TEMPLATE;
} else {
$page_template = escape($_POST['page_template']);
}
$maxquery = "SELECT MAX( page_id ) AS MAX FROM " . MYSQL_DATABASE_PREFIX . "pages";
$maxqueryresult = mysql_query($maxquery);
$maxqueryrow = mysql_fetch_array($maxqueryresult);
$maxpageid = $maxqueryrow[0] + 1;
$menutypequery = "SELECT `page_menutype`,`page_menudepth`,`page_displaysiblingmenu`,`page_displayicon`,`page_displayinmenu` FROM " . MYSQL_DATABASE_PREFIX . "pages WHERE page_id=" . $pageId;
$menutyperesult = mysql_query($menutypequery);
$menutyperow = mysql_fetch_array($menutyperesult);
$alreadyexistquery = "SELECT page_name FROM " . MYSQL_DATABASE_PREFIX . "pages WHERE page_parentid='{$pageId}' AND page_name='" . escape($_POST['childpagename']) . "'";
$alreadyexistqueryresult = mysql_query($alreadyexistquery);
$alreadyexistquerynumrows = mysql_num_rows($alreadyexistqueryresult);
$childPageName = str_replace(' ', '_', escape(strtolower($_POST['childpagename'])));
$childPageTitle = escape($_POST['childpagename']);
if (!preg_match('/^[a-z][\\_a-z0-9]*$/', $childPageName)) {
displayerror("Invalid page name.");
} elseif ($alreadyexistquerynumrows >= 1) {
displayerror("A page with the given name already exists at this location.");
} elseif ($_POST['childpagetype'] == "menu") {
$menuquery = "INSERT INTO `" . MYSQL_DATABASE_PREFIX . "pages` (`page_id` ,`page_name` ,`page_parentid` ,`page_title` ,`page_module` ,`page_modulecomponentid` , `page_template`, `page_menurank`, `page_menutype`,`page_menudepth`,`page_displaysiblingmenu`,`page_displayicon`,`page_displayinmenu`) " . "VALUES ('{$maxpageid}', '" . $childPageName . "', '{$pageId}', '" . $childPageTitle . "', '" . escape($_POST['childpagetype']) . "', '0', '{$page_template}', '{$maxpageid}', '{$menutyperow['0']}','{$menutyperow['1']}','{$menutyperow['2']}','{$menutyperow['3']}','{$menutyperow['4']}')";
mysql_query($menuquery);
if (mysql_affected_rows() != 1) {
displayerror('Unable to create a new page');
} else {
displayinfo("Menu successfully created! <a href='./{$childPageName}+settings'>Click here</a> to go to its page-settings and start creating links in the menu.");
}
} elseif ($_POST['childpagetype'] == "link") {
global $sourceFolder;
require_once $sourceFolder . "/parseurl.lib.php";
$pageIdArray = array();
$parentId = parseUrlReal(escape($_POST['childpagelink']), $pageIdArray);
if (getPermissions($userId, $parentId, "settings")) {
if ($_POST['linkselect'] == "Same Tab") {
$parentId = parseUrlReal(escape($_POST['childpagelink']), $pageIdArray);
$linkquery = "INSERT INTO `" . MYSQL_DATABASE_PREFIX . "pages` (`page_id` ,`page_name` ,`page_parentid` ,`page_title` ,`page_module` ,`page_modulecomponentid` , `page_template`, `page_menurank`, `page_openinnewtab`, `page_menutype`,`page_menudepth`,`page_displaysiblingmenu`,`page_displayicon`,`page_displayinmenu`) " . "VALUES ('{$maxpageid}', '{$childPageName}', '{$pageId}', '{$childPageTitle}', '" . escape($_POST['childpagetype']) . "', '{$parentId}', '{$page_template}', '{$maxpageid}', '0', '{$menutyperow['0']}','{$menutyperow['1']}','{$menutyperow['2']}','{$menutyperow['3']}','{$menutyperow['4']}')";
mysql_query($linkquery);
if (mysql_affected_rows() != 1) {
displayerror('Unable to create a new page');
}
}
if ($_POST['linkselect'] == "New Tab") {
$parentId = parseUrlReal(escape($_POST['childpagelink']), $pageIdArray);
$linkquery = "INSERT INTO `" . MYSQL_DATABASE_PREFIX . "pages` (`page_id` ,`page_name` ,`page_parentid` ,`page_title` ,`page_module` ,`page_modulecomponentid` , `page_template`, `page_menurank`, `page_openinnewtab`, `page_menutype`,`page_menudepth`,`page_displaysiblingmenu`,`page_displayicon`,`page_displayinmenu`) " . "VALUES ('{$maxpageid}', '{$childPageName}', '{$pageId}', '{$childPageTitle}', '" . escape($_POST['childpagetype']) . "', '{$parentId}', '{$page_template}', '{$maxpageid}', '1', '{$menutyperow['0']}','{$menutyperow['1']}','{$menutyperow['2']}','{$menutyperow['3']}','{$menutyperow['4']}')";
mysql_query($linkquery);
if (mysql_affected_rows() != 1) {
displayerror('Unable to create a new page');
}
}
} else {
displayerror("Not enough permission to create a link for that location.");
}
} elseif ($_POST['childpagetype'] == "external") {
$extquery = "SELECT MAX( page_modulecomponentid ) AS MAX FROM " . MYSQL_DATABASE_PREFIX . "external";
$extqueryresult = mysql_query($extquery);
$extqueryrow = mysql_fetch_array($extqueryresult);
$extpageid = $extqueryrow[0] + 1;
$query = "INSERT INTO `" . MYSQL_DATABASE_PREFIX . "external` (`page_modulecomponentid`,`page_extlink`) " . "VALUES('{$extpageid}','" . escape($_POST['externallink']) . "')";
if (!($result = mysql_query($query))) {
displayerror("Unable to create an external link.");
return false;
}
if ($_POST['linkselectex'] == "New Tab") {
$linkquery = "INSERT INTO `" . MYSQL_DATABASE_PREFIX . "pages` (`page_id` ,`page_name` ,`page_parentid` ,`page_title` ,`page_module` ,`page_modulecomponentid` , `page_template`, `page_menurank`,`page_openinnewtab`, `page_menutype`,`page_menudepth`,`page_displaysiblingmenu`,`page_displayicon`,`page_displayinmenu`) " . "VALUES ('{$maxpageid}', '" . escape($_POST['childpagename']) . "', '{$pageId}', '" . escape(ucfirst(escape($_POST['childpagename']))) . "', '" . escape($_POST['childpagetype']) . "', '{$extpageid}', '{$page_template}' ,'{$maxpageid}','1', '{$menutyperow['0']}','{$menutyperow['1']}','{$menutyperow['2']}','{$menutyperow['3']}','{$menutyperow['4']}')";
mysql_query($linkquery);
if (mysql_affected_rows() != 1) {
displayerror('Unable to create a new page');
return false;
}
} else {
$linkquery = "INSERT INTO `" . MYSQL_DATABASE_PREFIX . "pages` (`page_id` ,`page_name` ,`page_parentid` ,`page_title` ,`page_module` ,`page_modulecomponentid` , `page_template`, `page_menurank`,`page_openinnewtab`, `page_menutype`,`page_menudepth`,`page_displaysiblingmenu`,`page_displayicon`,`page_displayinmenu`) " . "VALUES ('{$maxpageid}', '" . escape($_POST['childpagename']) . "', '{$pageId}', '" . escape(ucfirst(escape($_POST['childpagename']))) . "', '" . escape($_POST['childpagetype']) . "', '{$extpageid}', '{$page_template}' ,'{$maxpageid}','0', '{$menutyperow['0']}','{$menutyperow['1']}','{$menutyperow['2']}','{$menutyperow['3']}','{$menutyperow['4']}')";
mysql_query($linkquery);
if (mysql_affected_rows() != 1) {
displayerror('Unable to create a new page');
return false;
}
}
displayinfo("External link has been created!");
} else {
$moduleType = escape($_POST['childpagetype']);
global $sourceFolder;
global $moduleFolder;
require_once $sourceFolder . "/" . $moduleFolder . "/" . $moduleType . ".lib.php";
$page = new $moduleType();
$newId = createInstance($moduleType);
$page->createModule($newId);
$createquery = "INSERT INTO `" . MYSQL_DATABASE_PREFIX . "pages` (`page_id` ,`page_name` ,`page_parentid` ,`page_title` ,`page_module` ,`page_modulecomponentid` , `page_template`, `page_menurank`, `page_menutype`,`page_menudepth`,`page_displaysiblingmenu`,`page_displayicon`,`page_displayinmenu`) " . "VALUES ('{$maxpageid}', '{$childPageName}', '{$pageId}', '{$childPageTitle}', '" . escape($_POST['childpagetype']) . "', '{$newId}', '{$page_template}', '{$maxpageid}', '{$menutyperow['0']}','{$menutyperow['1']}','{$menutyperow['2']}','{$menutyperow['3']}','{$menutyperow['4']}')";
mysql_query($createquery);
if (mysql_affected_rows() != 1) {
displayerror('Unable to create a new page.');
}
}
} else {
displayerror("One or more parameters not set.");
}
} else {
if ($_GET['subaction'] == 'editinheritedinfo') {
updatePageInheritedInfo($pageId, escape($_POST['txtInheritedInfo']));
} else {
if ($_GET['subaction'] == 'tags') {
if (isset($_GET['delTag']) && $_GET['delTag'] != "") {
//DELETING THE TAG
mysql_query("DELETE FROM `" . MYSQL_DATABASE_PREFIX . "pagetags` WHERE `tag_id` = '" . escape($_GET['delTag']) . "'");
if (mysql_affected_rows()) {
displayinfo("Tag deleted!");
} else {
displayerror("Error in deleting tag.");
}
}
if (isset($_POST[newTag]) && $_POST[newTag] != "") {
//INSERTING THE TAG
$newTagQuery = "INSERT INTO `" . MYSQL_DATABASE_PREFIX . "pagetags` (`tag_id`, `page_id`, `tag_text`) VALUES (NULL, " . $pageId . ", '" . escape($_POST[newTag]) . "');";
$newTagResult = mysql_query($newTagQuery);
if ($newTagResult) {
displayinfo("Tag added!");
} else {
displayerror("Error in adding tag.");
}
}
}
}
}
}
if ($settingsForm = getSettingsForm($pageId, $userId)) {
return $settingsForm;
} else {
displayerror('Could not find page settings for the requested page.');
return '';
}
}
/**
* @package pragyan
* @copyright (c) 2010 Pragyan Team
* @license http://www.gnu.org/licenses/ GNU Public License
* For more details, see README
*/
$newsItems = "<div style=\"display: none;\" id=\"newscontainer\">";
global $sourceFolder;
global $moduleFolder;
global $urlRequestRoot;
global $pageIdArray;
require_once "{$sourceFolder}/{$moduleFolder}/news.lib.php";
$tmpNewsObj = new news();
$pageFullPath = "/news/";
///<Replace with path of news page
$pageId = parseUrlReal($pageFullPath, $pageIdArray);
$pageInfo = getPageInfo($pageId);
$newsArray = $tmpNewsObj->getNewsArray(0);
for ($i = 0; $i < count($newsArray); $i++) {
$newstitle = $newsArray[$i]['news_title'];
$newsfeed = $newsArray[$i]['news_feed'];
$newslink = $newsArray[$i]['news_link'];
$divopen = "<div class=\"news_style\" rel=\"{$newstitle}\" id=\"news{$i}\">";
$heading = "<h4><a href='" . $newslink . "'>" . $newstitle . "</a></h4>";
$content = "{$newsfeed}";
$divclose = "</div>";
$fulldiv = $divopen . $heading . $content . $divclose;
$newsItems .= $fulldiv;
}
$newsItems .= "</div>";
/*
function groupManagementForm($currentUserId, $modifiableGroups, &$pagePath)
{
require_once "group.lib.php";
global $ICONS;
global $urlRequestRoot, $cmsFolder, $templateFolder, $moduleFolder, $sourceFolder;
$scriptsFolder = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/scripts";
$imagesFolder = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/images";
/// Parse any get variables, do necessary validation and stuff, so that we needn't check inside every if
$groupRow = $groupId = $userId = null;
$subAction = '';
//isset($_GET['subaction']) ? $_GET['subaction'] : '';
if (isset($_GET['subsubaction']) && $_GET['subsubaction'] == 'editgroup' && isset($_GET['groupname']) || isset($_POST['btnEditGroup']) && isset($_POST['selEditGroups'])) {
$subAction = 'showeditform';
} elseif (isset($_GET['subsubaction']) && $_GET['subsubaction'] == 'associateform') {
$subAction = 'associateform';
} elseif (isset($_GET['subsubaction']) && $_GET['subsubaction'] == 'deleteuser' && isset($_GET['groupname']) && isset($_GET['useremail'])) {
$subAction = 'deleteuser';
} elseif (isset($_POST['btnAddUserToGroup'])) {
$subAction = 'addusertogroup';
} elseif (isset($_POST['btnSaveGroupProperties'])) {
$subAction = 'savegroupproperties';
} elseif (isset($_POST['btnEditGroupPriorities']) || isset($_GET['subsubaction']) && $_GET['subsubaction'] == 'editgrouppriorities') {
$subAction = 'editgrouppriorities';
}
if (isset($_POST['selEditGroups']) || isset($_GET['groupname'])) {
$groupRow = getGroupRow(isset($_POST['selEditGroups']) ? escape($_POST['selEditGroups']) : escape($_GET['groupname']));
$groupId = $groupRow['group_id'];
if ($subAction != 'editgrouppriorities' && (!$groupRow || !$groupId || $groupId < 2)) {
displayerror('Error! Invalid group requested.');
return;
}
if (!is_null($groupId)) {
if ($modifiableGroups[count($modifiableGroups) - 1]['group_priority'] < $groupRow['group_priority']) {
displayerror('You do not have the permission to modify the selected group.');
return '';
}
}
}
if (isset($_GET['useremail'])) {
$userId = getUserIdFromEmail($_GET['useremail']);
}
if ($subAction != 'editgrouppriorities' && (isset($_GET['subaction']) && $_GET['subaction'] == 'editgroups' && !is_null($groupId))) {
if ($subAction == 'deleteuser') {
if ($groupRow['form_id'] != 0) {
displayerror('The group is associated with a form. To remove a user, use the edit registrants in the assoicated form.');
} elseif (!$userId) {
displayerror('Unknown E-mail. Could not find a registered user with the given E-mail Id');
} else {
$deleteQuery = 'DELETE FROM `' . MYSQL_DATABASE_PREFIX . 'usergroup` WHERE `user_id` = \'' . $userId . '\' AND `group_id` = ' . $groupId;
$deleteResult = mysql_query($deleteQuery);
if (!$deleteResult || mysql_affected_rows() != 1) {
displayerror('Could not delete user with the given E-mail from the given group.');
} else {
displayinfo('Successfully removed user from the current group');
if ($userId == $currentUserId) {
$virtue = '';
$maxPriorityGroup = getMaxPriorityGroup($pagePath, $currentUserId, array_reverse(getGroupIds($currentUserId)), $virtue);
$modifiableGroups = getModifiableGroups($currentUserId, $maxPriorityGroup, $ordering = 'asc');
}
}
}
} elseif ($subAction == 'savegroupproperties' && isset($_POST['txtGroupDescription'])) {
$updateQuery = "UPDATE `" . MYSQL_DATABASE_PREFIX . "groups` SET `group_description` = '" . escape($_POST['txtGroupDescription']) . "' WHERE `group_id` = '{$groupId}'";
$updateResult = mysql_query($updateQuery);
if (!$updateResult) {
displayerror('Could not update database.');
} else {
displayinfo('Changes to the group have been successfully saved.');
}
$groupRow = getGroupRow($groupRow['group_name']);
} elseif ($subAction == 'addusertogroup' && isset($_POST['txtUserEmail']) && trim($_POST['txtUserEmail']) != '') {
if ($groupRow['form_id'] != 0) {
displayerror('The selected group is associated with a form. To add a user, register the user to the form.');
} else {
$passedEmails = explode(',', escape($_POST['txtUserEmail']));
for ($i = 0; $i < count($passedEmails); $i++) {
$hyphenPos = strpos($passedEmails[$i], '-');
if ($hyphenPos >= 0) {
$userEmail = trim(substr($passedEmails[$i], 0, $hyphenPos - 1));
} else {
$userEmail = escape($_POST['txtUserEmail']);
}
$userId = getUserIdFromEmail($userEmail);
if (!$userId || $userId < 1) {
displayerror('Unknown E-mail. Could not find a registered user with the given E-mail Id');
}
if (!addUserToGroupName($groupRow['group_name'], $userId)) {
displayerror('Could not add the given user to the current group.');
} else {
displayinfo('User has been successfully inserted into the given group.');
}
}
}
} elseif ($subAction == 'associateform') {
if (isset($_POST['btnAssociateGroup'])) {
$pageIdArray = array();
$formPageId = parseUrlReal(escape($_POST['selFormPath']), $pageIdArray);
if ($formPageId <= 0 || getPageModule($formPageId) != 'form') {
displayerror('Invalid page selected! The page you selected is not a form.');
} elseif (!getPermissions($currentUserId, $formPageId, 'editregistrants', 'form')) {
displayerror('You do not have the permissions to associate the selected form with a group.');
} else {
$formModuleId = getModuleComponentIdFromPageId($formPageId, 'form');
require_once "{$sourceFolder}/{$moduleFolder}/form.lib.php";
if (isGroupEmpty($groupId) || form::getRegisteredUserCount($formModuleId) == 0) {
associateGroupWithForm($groupId, $formModuleId);
$groupRow = getGroupRow($groupRow['group_name']);
} else {
displayerror('Both the group and the form already contain registered users, and the group cannot be associated with the selected form.');
}
}
} elseif (isset($_POST['btnUnassociateGroup'])) {
if ($groupRow['form_id'] <= 0) {
displayerror('The selected group is currently not associated with any form.');
} elseif (!getPermissions($currentUserId, getPageIdFromModuleComponentId('form', $groupRow['form_id']), 'editregistrants', 'form')) {
displayerror('You do not have the permissions to unassociate the form from this group.');
} else {
unassociateFormFromGroup($groupId);
$virtue = '';
$maxPriorityGroup = getMaxPriorityGroup($pagePath, $currentUserId, array_reverse(getGroupIds($currentUserId)), $virtue);
$modifiableGroups = getModifiableGroups($currentUserId, $maxPriorityGroup, $ordering = 'asc');
$groupRow = getGroupRow($groupRow['group_name']);
}
}
}
if ($modifiableGroups[count($modifiableGroups) - 1]['group_priority'] < $groupRow['group_priority']) {
displayerror('You do not have the permission to modify the selected group.');
return '';
}
$usersTable = '`' . MYSQL_DATABASE_PREFIX . 'users`';
$usergroupTable = '`' . MYSQL_DATABASE_PREFIX . 'usergroup`';
$userQuery = "SELECT `user_email`, `user_fullname` FROM {$usergroupTable}, {$usersTable} WHERE `group_id` = '{$groupId}' AND {$usersTable}.`user_id` = {$usergroupTable}.`user_id` ORDER BY `user_email`";
$userResult = mysql_query($userQuery);
if (!$userResult) {
displayerror('Error! Could not fetch group information.');
return '';
}
$userEmails = array();
$userFullnames = array();
while ($userRow = mysql_fetch_row($userResult)) {
$userEmails[] = $userRow[0];
$userFullnames[] = $userRow[1];
}
$groupEditForm = <<<GROUPEDITFORM
\t\t\t<h2>Group '{$groupRow['group_name']}' - '{$groupRow['group_description']}'</h2><br />
\t\t\t<fieldset style="padding: 8px">
\t\t\t\t<legend>{$ICONS['User Groups']['small']}Group Properties</legend>
\t\t\t\t<form name="groupeditform" method="POST" action="./+admin&subaction=editgroups&groupname={$groupRow['group_name']}">
\t\t\t\t\tGroup Description: <input type="text" name="txtGroupDescription" value="{$groupRow['group_description']}" />
\t\t\t\t\t<input type="submit" name="btnSaveGroupProperties" value="Save Group Properties" />
\t\t\t\t</form>
\t\t\t</fieldset>
\t\t\t<br />
\t\t\t<fieldset style="padding: 8px">
\t\t\t\t<legend>{$ICONS['User Groups']['small']}Existing Users in Group:</legend>
GROUPEDITFORM;
$userCount = mysql_num_rows($userResult);
global $urlRequestRoot, $cmsFolder, $templateFolder, $sourceFolder;
$deleteImage = "<img src=\"{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/icons/16x16/actions/edit-delete.png\" alt=\"Remove user from the group\" title=\"Remove user from the group\" />";
for ($i = 0; $i < $userCount; $i++) {
$isntAssociatedWithForm = $groupRow['form_id'] == 0;
if ($isntAssociatedWithForm) {
$groupEditForm .= '<a onclick="return confirm(\'Are you sure you wish to remove this user from this group?\')" href="./+admin&subaction=editgroups&subsubaction=deleteuser&groupname=' . $groupRow['group_name'] . '&useremail=' . $userEmails[$i] . '">' . $deleteImage . "</a>";
}
$groupEditForm .= " {$userEmails[$i]} - {$userFullnames[$i]}<br />\n";
}
$associateForm = '';
if ($groupRow['form_id'] == 0) {
$associableForms = getAssociableFormsList($currentUserId, !isGroupEmpty($groupId));
$associableFormCount = count($associableForms);
$associableFormsBox = '<select name="selFormPath">';
for ($i = 0; $i < $associableFormCount; ++$i) {
$associableFormsBox .= '<option value="' . $associableForms[$i][2] . '">' . $associableForms[$i][1] . ' - ' . $associableForms[$i][2] . '</option>';
}
$associableFormsBox .= '</select>';
$associateForm = <<<GROUPASSOCIATEFORM
\t\t\tSelect a form to associate the group with: {$associableFormsBox}
\t\t\t<input type="submit" name="btnAssociateGroup" value="Associate Group with Form" />
GROUPASSOCIATEFORM;
} else {
$associatedFormPageId = getPageIdFromModuleComponentId('form', $groupRow['form_id']);
$associateForm = 'This group is currently associated with the form: ' . getPageTitle($associatedFormPageId) . ' (' . getPagePath($associatedFormPageId) . ')<br />' . '<input type="submit" name="btnUnassociateGroup" value="Unassociate" />';
}
$groupEditForm .= '</fieldset>';
if ($groupRow['form_id'] == 0) {
$groupEditForm .= <<<GROUPEDITFORM
\t\t\t\t<br />
\t\t\t\t<fieldset style="padding: 8px">
\t\t\t\t\t<legend>{$ICONS['Add']['small']}Add Users to Group</legend>
\t\t\t\t\t<form name="addusertogroup" method="POST" action="./+admin&subaction=editgroups&groupname={$groupRow['group_name']}">
\t\t\t\t\t\tEmail ID: <input type="text" name="txtUserEmail" id="txtUserEmail" value="" style="width: 256px" autocomplete="off" />
\t\t\t\t\t\t<div id="suggestionDiv" class="suggestionbox"></div>
\t\t\t\t\t\t<script language="javascript" type="text/javascript" src="{$scriptsFolder}/ajaxsuggestionbox.js"></script>
\t\t\t\t\t\t<script language="javascript" type="text/javascript">
\t\t\t\t\t\t<!--
\t\t\t\t\t\t\tvar addUserBox = new SuggestionBox(document.getElementById('txtUserEmail'), document.getElementById('suggestionDiv'), "./+admin&doaction=getsuggestions&forwhat=%pattern%");
\t\t\t\t\t\t\taddUserBox.loadingImageUrl = '{$imagesFolder}/ajaxloading.gif';
\t\t\t\t\t\t-->
\t\t\t\t\t\t</script>
\t\t\t\t\t\t<input type="submit" name="btnAddUserToGroup" value="Add User to Group" />
\t\t\t\t\t</form>
\t\t\t\t</fieldset>
GROUPEDITFORM;
}
$groupEditForm .= <<<GROUPEDITFORM
\t\t\t<br />
\t\t\t<fieldset style="padding: 8px">
\t\t\t\t<legend>{$ICONS['Group Associate Form']['small']}Associate With Form</legend>
\t\t\t\t<form name="groupassociationform" action="./+admin&subaction=editgroups&subsubaction=associateform&groupname={$groupRow['group_name']}" method="POST">
\t\t\t\t\t{$associateForm}
\t\t\t\t</form>
\t\t\t</fieldset>
GROUPEDITFORM;
return $groupEditForm;
}
if ($subAction == 'editgrouppriorities') {
$modifiableCount = count($modifiableGroups);
$userMaxPriority = $maxPriorityGroup = 1;
if ($modifiableCount != 0) {
$userMaxPriority = max($modifiableGroups[0]['group_priority'], $modifiableGroups[$modifiableCount - 1]['group_priority']);
$maxPriorityGroup = $modifiableGroups[0]['group_priority'] > $modifiableGroups[$modifiableCount - 1]['group_priority'] ? $modifiableGroups[0]['group_id'] : $modifiableGroups[$modifiableCount - 1]['group_id'];
}
if (isset($_GET['dowhat']) && !is_null($groupId)) {
if ($_GET['dowhat'] == 'incrementpriority' || $_GET['dowhat'] == 'decrementpriority') {
shiftGroupPriority($currentUserId, $groupRow['group_name'], $_GET['dowhat'] == 'incrementpriority' ? 'up' : 'down', $userMaxPriority, true);
} elseif ($_GET['dowhat'] == 'movegroupup' || $_GET['dowhat'] == 'movegroupdown') {
shiftGroupPriority($currentUserId, $groupRow['group_name'], $_GET['dowhat'] == 'movegroupup' ? 'up' : 'down', $userMaxPriority, false);
} elseif ($_GET['dowhat'] == 'emptygroup') {
emptyGroup($groupRow['group_name']);
} elseif ($_GET['dowhat'] == 'deletegroup') {
if (deleteGroup($groupRow['group_name'])) {
$virtue = '';
$maxPriorityGroup = getMaxPriorityGroup($pagePath, $currentUserId, array_reverse(getGroupIds($currentUserId)), $virtue);
$modifiableGroups = getModifiableGroups($currentUserId, $maxPriorityGroup, $ordering = 'asc');
}
}
$modifiableGroups = reevaluateGroupPriorities($modifiableGroups);
} elseif (isset($_GET['dowhat']) && $_GET['dowhat'] == 'addgroup') {
if (isset($_POST['txtGroupName']) && isset($_POST['txtGroupDescription']) && isset($_POST['selGroupPriority'])) {
$existsQuery = 'SELECT `group_id` FROM `' . MYSQL_DATABASE_PREFIX . "groups` WHERE `group_name` = '" . escape($_POST['txtGroupName']) . "'";
$existsResult = mysql_query($existsQuery);
if (trim($_POST['txtGroupName']) == '') {
displayerror('Cannot create a group with an empty name. Please type in a name for the new group.');
} elseif (mysql_num_rows($existsResult) >= 1) {
displayerror('A group with the name you specified already exists.');
} else {
$idQuery = 'SELECT MAX(`group_id`) FROM `' . MYSQL_DATABASE_PREFIX . 'groups`';
$idResult = mysql_query($idQuery);
$idRow = mysql_fetch_row($idResult);
$newGroupId = 2;
if (!is_null($idRow[0])) {
$newGroupId = $idRow[0] + 1;
}
$newGroupPriority = 1;
if ($_POST['selGroupPriority'] <= $userMaxPriority && $_POST['selGroupPriority'] > 0) {
$newGroupPriority = escape($_POST['selGroupPriority']);
}
$addGroupQuery = 'INSERT INTO `' . MYSQL_DATABASE_PREFIX . 'groups` (`group_id`, `group_name`, `group_description`, `group_priority`) ' . "VALUES({$newGroupId}, '" . escape($_POST['txtGroupName']) . "', '" . escape($_POST['txtGroupDescription']) . "', '{$newGroupPriority}')";
$addGroupResult = mysql_query($addGroupQuery);
if ($addGroupResult) {
displayinfo('New group added successfully.');
if (isset($_POST['chkAddMe'])) {
$insertQuery = 'INSERT INTO `' . MYSQL_DATABASE_PREFIX . "usergroup`(`user_id`, `group_id`) VALUES ('{$currentUserId}', '{$newGroupId}')";
if (!mysql_query($insertQuery)) {
displayerror('Error adding user to newly created group: ' . $insertQuery . '<br />' . mysql_query());
}
}
$virtue = '';
$maxPriorityGroup = getMaxPriorityGroup($pagePath, $currentUserId, array_reverse(getGroupIds($currentUserId)), $virtue);
$modifiableGroups = getModifiableGroups($currentUserId, $maxPriorityGroup, $ordering = 'asc');
} else {
displayerror('Could not run MySQL query. New group could not be added.');
}
}
}
$modifiableGroups = reevaluateGroupPriorities($modifiableGroups);
}
$modifiableCount = count($modifiableGroups);
if ($modifiableGroups[0]['group_priority'] < $modifiableGroups[$modifiableCount - 1]['group_priority']) {
$modifiableGroups = array_reverse($modifiableGroups);
}
$previousPriority = $modifiableGroups[0]['group_priority'];
global $cmsFolder, $urlRequestRoot, $moduleFolder, $templateFolder, $sourceFolder;
$iconsFolderUrl = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/icons/16x16";
$moveUpImage = '<img src="' . $iconsFolderUrl . '/actions/go-up.png" title="Increment Group Priority" alt="Increment Group Priority" />';
$moveDownImage = '<img src="' . $iconsFolderUrl . '/actions/go-down.png" alt="Decrement Group Priority" title="Decrement Group Priority" />';
$moveTopImage = '<img src="' . $iconsFolderUrl . '/actions/go-top.png" alt="Move to next higher priority level" title="Move to next higher priority level" />';
$moveBottomImage = '<img src="' . $iconsFolderUrl . '/actions/go-bottom.png" alt="Move to next lower priority level" title="Move to next lower priority level" />';
$emptyImage = '<img src="' . $iconsFolderUrl . '/actions/edit-clear.png" alt="Empty Group" title="Empty Group" />';
$deleteImage = '<img src="' . $iconsFolderUrl . '/actions/edit-delete.png" alt="Delete Group" title="Delete Group" />';
$groupsForm = '<h3>Edit Group Priorities</h3><br />';
for ($i = 0; $i < $modifiableCount; $i++) {
if ($modifiableGroups[$i]['group_priority'] != $previousPriority) {
$groupsForm .= '<br /><br /><hr /><br />';
}
$groupsForm .= '<span style="margin: 4px;" title="' . $modifiableGroups[$i]['group_description'] . '">' . '<a href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=incrementpriority&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $moveUpImage . '</a>' . '<a href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=decrementpriority&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $moveDownImage . '</a>' . '<a href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=movegroupup&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $moveTopImage . '</a>' . '<a href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=movegroupdown&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $moveBottomImage . '</a>' . '<a onclick="return confirm(\'Are you sure you want to empty this group?\')" href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=emptygroup&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $emptyImage . '</a>' . '<a onclick="return confirm(\'Are you sure you want to delete this group?\')" href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=deletegroup&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $deleteImage . '</a>' . '<a href="./+admin&subaction=editgroups&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $modifiableGroups[$i]['group_name'] . "</a></span>\n";
$previousPriority = $modifiableGroups[$i]['group_priority'];
}
$priorityBox = '<option value="1">1</option>';
for ($i = 2; $i <= $userMaxPriority; ++$i) {
$priorityBox .= '<option value="' . $i . '">' . $i . '</option>';
}
$groupsForm .= <<<GROUPSFORM
\t\t<br /><br />
\t\t<fieldset style="padding: 8px">
\t\t\t<legend>Create New Group:</legend>
\t\t\t<form name="groupaddform" method="POST" action="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=addgroup">
\t\t\t\t<label>Group Name: <input type="text" name="txtGroupName" value="" /></label><br />
\t\t\t\t<label>Group Description: <input type="text" name="txtGroupDescription" value="" /></label><br />
\t\t\t\t<label>Group Priority: <select name="selGroupPriority">{$priorityBox}</select><br />
\t\t\t\t<label><input type="checkbox" name="chkAddMe" value="addme" /> Add me to group</label><br />
\t\t\t\t<input type="submit" name="btnAddNewGroup" value="Add Group" />
\t\t\t</form>
\t\t</fieldset>
GROUPSFORM;
return $groupsForm;
}
$modifiableCount = count($modifiableGroups);
$groupsBox = '<select name="selEditGroups">';
for ($i = 0; $i < $modifiableCount; ++$i) {
$groupsBox .= '<option value="' . $modifiableGroups[$i]['group_name'] . '">' . $modifiableGroups[$i]['group_name'] . ' - ' . $modifiableGroups[$i]['group_description'] . "</option>\n";
}
$groupsBox .= '</select>';
$groupsForm = <<<GROUPSFORM
\t\t<form name="groupeditform" method="POST" action="./+admin&subaction=editgroups">
\t\t\t{$groupsBox}
\t\t\t<input type="submit" name="btnEditGroup" value="Edit Selected Group" /><br /><br />
\t\t\t<input type="submit" name="btnEditGroupPriorities" value="Add/Shuffle/Remove Groups" />
\t\t</form>
GROUPSFORM;
return $groupsForm;
}
