$categoriesArray = $publisher->getCategoryHandler()->getCategoriesForSubmit(); if (!$categoriesArray) { $xoops->redirect("index.php", 1, _MD_PUBLISHER_NEED_CATEGORY_ITEM); } $groups = $xoops->getUserGroups(); $gperm_handler = $xoops->getHandlerGroupperm(); $module_id = $publisher->getModule()->getVar('mid'); $itemid = Request::getInt('itemid'); if ($itemid != 0) { // We are editing or deleting an article /* @var $itemObj PublisherItem */ $itemObj = $publisher->getItemHandler()->get($itemid); if (!(PublisherUtils::IsUserAdmin() || PublisherUtils::IsUserAuthor($itemObj) || PublisherUtils::IsUserModerator($itemObj))) { $xoops->redirect("index.php", 1, XoopsLocale::E_NO_ACCESS_PERMISSION); } if (!PublisherUtils::IsUserAdmin() || !PublisherUtils::IsUserModerator($itemObj)) { if (isset($_GET['op']) && $_GET['op'] == 'del' && !$publisher->getConfig('perm_delete')) { $xoops->redirect("index.php", 1, XoopsLocale::E_NO_ACCESS_PERMISSION); } elseif (!$publisher->getConfig('perm_edit')) { $xoops->redirect("index.php", 1, XoopsLocale::E_NO_ACCESS_PERMISSION); } } $categoryObj = $itemObj->category(); } else { // we are submitting a new article // if the user is not admin AND we don't allow user submission, exit if (!(PublisherUtils::IsUserAdmin() || $publisher->getConfig('perm_submit') == 1 && ($xoops->isUser() || $publisher->getConfig('perm_anon_submit') == 1))) { $xoops->redirect("index.php", 1, XoopsLocale::E_NO_ACCESS_PERMISSION); } $itemObj = $publisher->getItemHandler()->create(); $categoryObj = $publisher->getCategoryHandler()->create();
$publisher = Publisher::getInstance(); $publisher->loadLanguage('admin'); $op = Request::getString('op'); $fileid = Request::getInt('fileid'); if ($fileid == 0) { $xoops->redirect("index.php", 2, _MD_PUBLISHER_NOITEMSELECTED); } /* @var $fileObj PublisherFile */ $fileObj = $publisher->getFileHandler()->get($fileid); // if the selected item was not found, exit if (!$fileObj) { $xoops->redirect("index.php", 1, XoopsLocale::E_NO_ACCESS_PERMISSION); } $itemObj = $publisher->getItemHandler()->get($fileObj->getVar('itemid')); // if the user does not have permission to modify this file, exit if (!(PublisherUtils::IsUserAdmin() || PublisherUtils::IsUserModerator($itemObj) || $xoops->isUser() && $fileObj->getVar('uid') == $xoops->user->getVar('uid'))) { $xoops->redirect("index.php", 1, XoopsLocale::E_NO_ACCESS_PERMISSION); } /* -- Available operations -- */ switch ($op) { case "default": case "mod": $xoops->header(); // FILES UPLOAD FORM $files_form = $publisher->getForm($fileObj, 'file'); $files_form->display(); break; case "modify": $fileid = isset($_POST['fileid']) ? (int) $_POST['fileid'] : 0; // Creating the file object if ($fileid != 0) {
/** * @return string */ public function getAdminLinks() { $xoops = Xoops::getInstance(); $adminLinks = ''; if ($xoops->isUser() && (PublisherUtils::IsUserAdmin() || PublisherUtils::IsUserAuthor($this) || $this->publisher->getPermissionHandler()->isGranted('item_submit', $this->getVar('categoryid')))) { if (PublisherUtils::IsUserAdmin() || PublisherUtils::IsUserAuthor($this) || PublisherUtils::IsUserModerator($this)) { if ($this->publisher->getConfig('perm_edit') || PublisherUtils::IsUserModerator($this) || PublisherUtils::IsUserAdmin()) { // Edit button $adminLinks .= "<a href='" . PUBLISHER_URL . "/submit.php?itemid=" . $this->getVar('itemid') . "'><img src='" . PUBLISHER_URL . "/images/links/edit.gif'" . " title='" . _CO_PUBLISHER_EDIT . "' alt='" . _CO_PUBLISHER_EDIT . "'/></a>"; $adminLinks .= " "; } if ($this->publisher->getConfig('perm_delete') || PublisherUtils::IsUserModerator($this) || PublisherUtils::IsUserAdmin()) { // Delete button $adminLinks .= "<a href='" . PUBLISHER_URL . "/submit.php?op=del&itemid=" . $this->getVar('itemid') . "'><img src='" . PUBLISHER_URL . "/images/links/delete.png'" . " title='" . _CO_PUBLISHER_DELETE . "' alt='" . _CO_PUBLISHER_DELETE . "' /></a>"; $adminLinks .= " "; } } if ($this->publisher->getConfig('perm_clone') || PublisherUtils::IsUserModerator($this) || PublisherUtils::IsUserAdmin()) { // Duplicate button $adminLinks .= "<a href='" . PUBLISHER_URL . "/submit.php?op=clone&itemid=" . $this->getVar('itemid') . "'><img src='" . PUBLISHER_URL . "/images/links/clone.gif'" . " title='" . _CO_PUBLISHER_CLONE . "' alt='" . _CO_PUBLISHER_CLONE . "' /></a>"; $adminLinks .= " "; } } // PDF button if ($xoops->service('htmltopdf')->isAvailable()) { $adminLinks .= "<a href='" . PUBLISHER_URL . "/makepdf.php?itemid=" . $this->getVar('itemid') . "' rel='nofollow' target='_blank'><img src='" . PUBLISHER_URL . "/images/links/pdf.gif' title='" . _CO_PUBLISHER_PDF . "' alt='" . _CO_PUBLISHER_PDF . "' /></a>"; $adminLinks .= " "; } // Print button $adminLinks .= "<a href='" . PublisherUtils::seoGenUrl("print", $this->getVar('itemid'), $this->getVar('short_url')) . "' rel='nofollow' target='_blank'><img src='" . PUBLISHER_URL . "/images/links/print.gif' title='" . _CO_PUBLISHER_PRINT . "' alt='" . _CO_PUBLISHER_PRINT . "' /></a>"; $adminLinks .= " "; // Email button if ($xoops->isActiveModule('tellafriend')) { $subject = sprintf(_CO_PUBLISHER_INTITEMFOUND, $xoops->getConfig('sitename')); $subject = $this->_convert_for_japanese($subject); $maillink = PublisherUtils::tellafriend($subject); $adminLinks .= '<a href="' . $maillink . '"><img src="' . PUBLISHER_URL . '/images/links/friend.gif" title="' . _CO_PUBLISHER_MAIL . '" alt="' . _CO_PUBLISHER_MAIL . '" /></a>'; $adminLinks .= " "; } return $adminLinks; }