function fncComment($id)
{
global $_CONF;
global $_TABLES;
//
$order = '';
if (isset($_REQUEST['order'])) {
$order = COM_applyFilter($_REQUEST['order']);
}
$mode = '';
if (isset($_REQUEST['mode'])) {
$mode = COM_applyFilter($_REQUEST['mode']);
}
$page = 1;
if (isset($_REQUEST['cpage'])) {
$page = COM_applyFilter($_REQUEST['cpage']);
}
//
$tbl = $_TABLES['USERBOX_base'];
//-----
$sql = "SELECT ";
$sql .= "commentcode ";
$sql .= ",owner_id";
$sql .= ",group_id";
$sql .= ",perm_owner";
$sql .= ",perm_group";
$sql .= ",perm_members";
$sql .= ",perm_anon";
$sql .= " FROM ";
$sql .= " {$tbl} AS t ";
//base
$sql .= " WHERE ";
$sql .= " id=" . $id;
$sql .= " AND t.draft_flag=0" . LB;
//アクセス権のないデータ はのぞく
$sql .= COM_getPermSql('AND');
//公開日以前のデータはのぞく
$sql .= " AND (released <= NOW())";
//公開終了日を過ぎたデータはのぞく
$sql .= " AND (expired=0 OR expired > NOW())";
//
$result = DB_query($sql);
$numrows = DB_numRows($result);
if ($numrows > 0) {
$A = DB_fetchArray($result);
$A = array_map('stripslashes', $A);
if ($A['commentcode'] >= 0) {
$delete_option = SEC_hasRights('userbox.edit') && SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 ? true : false;
require_once $_CONF['path_system'] . 'lib-comment.php';
$retval .= CMT_userComments($id, $A['topic'], 'userbox', $order, $mode, 0, $page, false, $delete_option, $A['commentcode']);
}
}
return $retval;
}
/**
* Build the admin list of pages
* @return string HTML content
*/
function EXP_adminList()
{
global $_CONF, $_TABLES, $LANG_ADMIN, $LANG_ACCESS, $_CONF_EXP, $LANG_EX00;
USES_lib_admin();
$retval = '';
$header_arr = array(array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false), array('text' => 'Page ID', 'field' => 'exid', 'sort' => true), array('text' => 'Title', 'field' => 'title', 'sort' => true), array('text' => 'URL', 'field' => 'url', 'sort' => true), array('text' => 'Hits', 'field' => 'hits', 'sort' => true));
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/' . $_CONF_EXP['pi_name'] . '/edit.php?exid=0', 'text' => 'Add New'), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$defsort_arr = array('field' => 'exid', 'direction' => 'asc');
$header_str = $LANG_EX00['header'] . ' ' . $LANG_EX00['version'] . ' ' . $_CONF_EXP['pi_version'];
$retval .= COM_startBlock($header_str, '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, 'Administer External Pages', plugin_geticon_external());
$text_arr = array('has_extras' => true, 'form_url' => "{$_CONF['site_admin_url']}/plugins/{$_CONF_EXP['pi_name']}/index.php");
$query_arr = array('table' => 'external', 'sql' => "SELECT * FROM {$_TABLES['external']} ", 'query_fields' => array('title', 'url'), 'default_filter' => COM_getPermSql());
$retval .= ADMIN_list('external', 'EXP_getAdminListField', $header_arr, $text_arr, $query_arr, $defsort_arr, '', '', '', $form_arr);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
function listpolls()
{
global $_CONF, $_TABLES, $_IMAGE_TYPE, $LANG_ADMIN, $LANG25, $LANG_ACCESS;
require_once $_CONF['path_system'] . 'lib-admin.php';
$retval = '';
// writing the menu on top
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/polls/index.php?mode=edit', 'text' => $LANG_ADMIN['create_new']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$retval .= COM_startBlock($LANG25[18], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $LANG25[19], plugin_geticon_polls());
// writing the actual list
$header_arr = array(array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false), array('text' => $LANG25[9], 'field' => 'topic', 'sort' => true), array('text' => $LANG25[20], 'field' => 'voters', 'sort' => true), array('text' => $LANG_ACCESS['access'], 'field' => 'access', 'sort' => false), array('text' => $LANG25[3], 'field' => 'unixdate', 'sort' => true), array('text' => $LANG25[33], 'field' => 'is_open', 'sort' => true));
$defsort_arr = array('field' => 'unixdate', 'direction' => 'desc');
$text_arr = array('has_extras' => true, 'instructions' => $LANG25[19], 'form_url' => $_CONF['site_admin_url'] . '/plugins/polls/index.php');
$query_arr = array('table' => 'polltopics', 'sql' => "SELECT *,UNIX_TIMESTAMP(date) AS unixdate " . "FROM {$_TABLES['polltopics']} WHERE 1=1", 'query_fields' => array('topic'), 'default_filter' => COM_getPermSql('AND'));
$retval .= ADMIN_list('polls', 'plugin_getListField_polls', $header_arr, $text_arr, $query_arr, $defsort_arr);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
function getAdminMenu()
{
global $_SP_CONF, $_USER, $_TABLES, $LANG01, $LANG_MB01, $LANG_LOGO, $LANG_AM, $LANG_SOCIAL, $LANG29, $_CONF, $_DB_dbms, $_GROUPS, $config;
$item_array = array();
if (!COM_isAnonUser()) {
$plugin_options = PLG_getAdminOptions();
$num_plugins = count($plugin_options);
if (SEC_isModerator() or SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,user.mail,syndication.edit,social.admin', 'OR') or $num_plugins > 0) {
// what's our current URL?
$elementUrl = COM_getCurrentURL();
$topicsql = '';
if (SEC_isModerator() || SEC_hasRights('story.edit')) {
$tresult = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
$trows = DB_numRows($tresult);
if ($trows > 0) {
$tids = array();
for ($i = 0; $i < $trows; $i++) {
$T = DB_fetchArray($tresult);
$tids[] = $T['tid'];
}
if (sizeof($tids) > 0) {
$topicsql = " (tid IN ('" . implode("','", $tids) . "'))";
}
}
}
$modnum = 0;
if (SEC_hasRights('story.edit,story.moderate', 'OR') || $_CONF['usersubmission'] == 1 && SEC_hasRights('user.edit,user.delete')) {
if (SEC_hasRights('story.moderate')) {
if (empty($topicsql)) {
$modnum += DB_count($_TABLES['storysubmission']);
} else {
$sresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['storysubmission']} WHERE" . $topicsql);
$S = DB_fetchArray($sresult);
$modnum += $S['count'];
}
}
if ($_CONF['listdraftstories'] == 1 && SEC_hasRights('story.edit')) {
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (draft_flag = 1)";
if (!empty($topicsql)) {
$sql .= ' AND' . $topicsql;
}
$result = DB_query($sql . COM_getPermSQL('AND', 0, 3));
$A = DB_fetchArray($result);
$modnum += $A['count'];
}
if ($_CONF['usersubmission'] == 1) {
if (SEC_hasRights('user.edit') && SEC_hasRights('user.delete')) {
$modnum += DB_count($_TABLES['users'], 'status', '2');
}
}
}
// now handle submissions for plugins
$modnum += PLG_getSubmissionCount();
if (SEC_hasRights('story.edit')) {
$url = $_CONF['site_admin_url'] . '/story.php';
$label = $LANG01[11];
if (empty($topicsql)) {
$numstories = DB_count($_TABLES['stories']);
} else {
$nresult = DB_query("SELECT COUNT(*) AS count from {$_TABLES['stories']} WHERE" . $topicsql . COM_getPermSql('AND'));
$N = DB_fetchArray($nresult);
$numstories = $N['count'];
}
$label .= ' (' . COM_numberFormat($numstories) . ')';
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_hasRights('block.edit')) {
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['blocks']}" . COM_getPermSql());
list($count) = DB_fetchArray($result);
$url = $_CONF['site_admin_url'] . '/block.php';
$label = $LANG01[12] . ' (' . COM_numberFormat($count) . ')';
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_hasRights('autotag.admin')) {
$url = $_CONF['site_admin_url'] . '/autotag.php';
$label = $LANG_AM['title'];
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_inGroup('Root')) {
$url = $_CONF['site_admin_url'] . '/clearctl.php';
$label = $LANG01['ctl'];
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_inGroup('Root')) {
$url = $_CONF['site_admin_url'] . '/menu.php';
$label = $LANG_MB01['menu_builder'];
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_inGroup('Root')) {
$url = $_CONF['site_admin_url'] . '/logo.php';
$label = $LANG_LOGO['logo_admin'];
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_hasRights('topic.edit')) {
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['topics']}" . COM_getPermSql());
list($count) = DB_fetchArray($result);
$url = $_CONF['site_admin_url'] . '/topic.php';
$label = $LANG01[13] . ' (' . COM_numberFormat($count) . ')';
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_hasRights('user.edit')) {
$url = $_CONF['site_admin_url'] . '/user.php';
$label = $LANG01[17] . ' (' . COM_numberFormat(DB_count($_TABLES['users']) - 1) . ')';
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_hasRights('group.edit')) {
if (SEC_inGroup('Root')) {
$grpFilter = '';
} else {
$elementUsersGroups = SEC_getUserGroups();
$grpFilter = 'WHERE (grp_id IN (' . implode(',', $elementUsersGroups) . '))';
}
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['groups']} {$grpFilter};");
$A = DB_fetchArray($result);
$url = $_CONF['site_admin_url'] . '/group.php';
$label = $LANG01[96] . ' (' . COM_numberFormat($A['count']) . ')';
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_hasRights('social.admin')) {
$url = $_CONF['site_admin_url'] . '/social.php';
$label = $LANG_SOCIAL['label'];
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_inGroup('Root')) {
$url = $_CONF['site_admin_url'] . '/envcheck.php';
$label = $LANG01['env_check'];
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_hasRights('user.mail')) {
$url = $_CONF['site_admin_url'] . '/mail.php';
$label = $LANG01[105] . ' (N/A)';
$item_array[] = array('label' => $label, 'url' => $url);
}
if ($_CONF['backend'] == 1 && SEC_hasRights('syndication.edit')) {
$url = $_CONF['site_admin_url'] . '/syndication.php';
$label = $LANG01[38] . ' (' . COM_numberFormat(DB_count($_TABLES['syndication'])) . ')';
$item_array[] = array('label' => $label, 'url' => $url);
}
if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled'] || $_CONF['ping_enabled']) && SEC_hasRights('story.ping')) {
$url = $_CONF['site_admin_url'] . '/trackback.php';
$label = $LANG01[116] . ' (' . COM_numberFormat(DB_count($_TABLES['pingservice'])) . ')';
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_hasRights('plugin.edit')) {
$url = $_CONF['site_admin_url'] . '/plugins.php';
$label = $LANG01[77] . ' (' . COM_numberFormat(DB_count($_TABLES['plugins'])) . ')';
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_inGroup('Root')) {
$url = $_CONF['site_admin_url'] . '/configuration.php';
$label = $LANG01[129] . ' (' . COM_numberFormat(count($config->_get_groups())) . ')';
$item_array[] = array('label' => $label, 'url' => $url);
}
// This will show the admin options for all installed plugins (if any)
for ($i = 0; $i < $num_plugins; $i++) {
$plg = current($plugin_options);
$url = $plg->adminurl;
$label = $plg->adminlabel;
if (empty($plg->numsubmissions)) {
$label .= '';
} else {
$label .= ' (' . COM_numberFormat($plg->numsubmissions) . ')';
}
$item_array[] = array('label' => $label, 'url' => $url);
next($plugin_options);
}
if (SEC_inGroup('Root')) {
$url = $_CONF['site_admin_url'] . '/database.php';
$label = $LANG01[103] . '';
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_inGroup('Root')) {
$url = $_CONF['site_admin_url'] . '/logview.php';
$label = $LANG01['logview'] . '';
$item_array[] = array('label' => $label, 'url' => $url);
}
if ($_CONF['link_documentation'] == 1) {
$doclang = COM_getLanguageName();
if (@file_exists($_CONF['path_html'] . 'docs/' . $doclang . '/index.html')) {
$docUrl = $_CONF['site_url'] . '/docs/' . $doclang . '/index.html';
} else {
$docUrl = $_CONF['site_url'] . '/docs/english/index.html';
}
$url = $docUrl;
$label = $LANG01[113] . '';
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_inGroup('Root')) {
$url = $_CONF['site_admin_url'] . '/vercheck.php';
$label = $LANG01[107] . ' (' . GVERSION . PATCHLEVEL . ')';
$item_array[] = array('label' => $label, 'url' => $url);
}
if (SEC_isModerator()) {
$url = $_CONF['site_admin_url'] . '/moderation.php';
$label = $LANG01[10] . ' (' . COM_numberFormat($modnum) . ')';
$item_array[] = array('label' => $label, 'url' => $url);
}
if ($_CONF['sort_admin']) {
usort($item_array, '_mb_cmp');
}
$url = $_CONF['site_admin_url'] . '/index.php';
$label = $LANG29[34];
$cc_item = array('label' => $LANG29[34], 'url' => $url);
$item_array = array_merge(array($cc_item), $item_array);
}
}
return $item_array;
}
/**
* Show topic administration form
*
* @param string tid ID of topic to edit
* @return string HTML for the topic editor
*/
function edittopic($tid = '')
{
global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG04, $LANG27, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS;
$retval = '';
if (empty($tid)) {
// new topic - set defaults
$A = array('tid' => '', 'topic' => '', 'sortnum' => 0, 'parent_id' => TOPIC_ROOT, 'inherit' => 1, 'hidden' => 0, 'limitnews' => '', 'is_default' => 0, 'archive_flag' => 0);
} else {
$result = DB_query("SELECT * FROM {$_TABLES['topics']} WHERE tid ='{$tid}'");
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
if ($access == 0 || $access == 2) {
$retval .= COM_showMessageText($LANG27[13], $LANG27[12]);
COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}.");
return $retval;
}
}
$token = SEC_createToken();
$retval .= COM_startBlock($LANG27[1], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= SEC_getTokenExpiryNotice($token);
if (!is_array($A) || empty($A['owner_id'])) {
$A['owner_id'] = $_USER['uid'];
// this is the one instance where we default the group
// most topics should belong to the Topic Admin group
if (isset($_GROUPS['Topic Admin'])) {
$A['group_id'] = $_GROUPS['Topic Admin'];
} else {
$A['group_id'] = SEC_getFeatureGroup('topic.edit');
}
SEC_setDefaultPermissions($A, $_CONF['default_permissions_topic']);
$access = 3;
}
$topic_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/topic');
$topic_templates->set_file('editor', 'topiceditor.thtml');
if (!empty($tid) && SEC_hasRights('topic.edit')) {
$delButton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsConfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$topic_templates->set_var('delete_option', sprintf($delButton, $jsConfirm));
$topic_templates->set_var('delete_option_no_confirmation', sprintf($delButton, ''));
$topic_templates->set_var('allow_delete', true);
$topic_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
$topic_templates->set_var('confirm_message', $MESSAGE[76]);
$topic_templates->set_var('warning_msg', $LANG27[6]);
}
if ($_CONF['titletoid'] && empty($tid)) {
$_SCRIPTS->setJavaScriptFile('title_2_id', '/javascript/title_2_id.js');
$topic_templates->set_var('titletoid', true);
}
$topic_templates->set_var('lang_topicid', $LANG27[2]);
$topic_templates->set_var('topic_id', $A['tid']);
$topic_templates->set_var('lang_parent_id', $LANG27[32]);
$topic_templates->set_var('parent_id_options', TOPIC_getTopicListSelect($A['parent_id'], 1, false, $A['tid'], true));
$topic_templates->set_var('lang_inherit', $LANG27[33]);
$topic_templates->set_var('lang_inherit_info', $LANG27[34]);
if ($A['inherit'] == 1) {
$topic_templates->set_var('inherit_checked', 'checked="checked"');
} else {
$topic_templates->set_var('inherit_checked', '');
}
$topic_templates->set_var('lang_hidden', $LANG27[35]);
$topic_templates->set_var('lang_hidden_info', $LANG27[36]);
if ($A['hidden'] == 1) {
$topic_templates->set_var('hidden_checked', 'checked="checked"');
} else {
$topic_templates->set_var('hidden_checked', '');
}
$topic_templates->set_var('lang_donotusespaces', $LANG27[5]);
$topic_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
$topic_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
$ownername = COM_getDisplayName($A['owner_id']);
$topic_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
$topic_templates->set_var('owner_name', $ownername);
$topic_templates->set_var('owner', $ownername);
$topic_templates->set_var('owner_id', $A['owner_id']);
$topic_templates->set_var('lang_group', $LANG_ACCESS['group']);
$topic_templates->set_var('lang_save', $LANG_ADMIN['save']);
$topic_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$topic_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
$topic_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
$topic_templates->set_var('lang_permissions_key', $LANG_ACCESS['permissionskey']);
$topic_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
$topic_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
$topic_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
$topic_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
// show sort order only if they specified sortnum as the sort method
if ($_CONF['sortmethod'] !== 'alpha') {
$topic_templates->set_var('lang_sortorder', $LANG27[10]);
if ($A['sortnum'] == 0) {
$A['sortnum'] = '';
}
$topic_templates->set_var('sort_order', '<input type="text" size="5" maxlength="5" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>');
} else {
$topic_templates->set_var('lang_sortorder', $LANG27[14]);
$topic_templates->set_var('sort_order', $LANG27[15] . '<input type="hidden" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>');
}
$topic_templates->set_var('lang_storiesperpage', $LANG27[11]);
if ($A['limitnews'] == 0) {
$topic_templates->set_var('story_limit', '');
} else {
$topic_templates->set_var('story_limit', $A['limitnews']);
}
$topic_templates->set_var('default_limit', $_CONF['limitnews']);
$topic_templates->set_var('lang_defaultis', $LANG27[16]);
$topic_templates->set_var('lang_topicname', $LANG27[3]);
$topic_templates->set_var('topic_name', htmlspecialchars(stripslashes($A['topic']), ENT_QUOTES, COM_getEncodingt()));
if (empty($A['tid'])) {
$A['imageurl'] = '/images/topics/';
}
$topic_templates->set_var('lang_topicimage', $LANG27[4]);
$topic_templates->set_var('lang_uploadimage', $LANG27[27]);
$topic_templates->set_var('lang_maxsize', $LANG27[28]);
$topic_templates->set_var('icon_dimensions', $_CONF['max_topicicon_width'] . ' x ' . $_CONF['max_topicicon_height']);
$topic_templates->set_var('max_url_length', 255);
$topic_templates->set_var('image_url', $A['imageurl']);
if (empty($_CONF['image_lib'])) {
$scaling = $LANG04[162];
} else {
$scaling = $LANG04[161];
}
$topic_templates->set_var('icon_max_dimensions', sprintf($LANG04[160], $_CONF['max_topicicon_width'], $_CONF['max_topicicon_height'], $_CONF['max_topicicon_size'], $scaling));
$topic_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
$topic_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
if (!empty($A['meta_description'])) {
$topic_templates->set_var('meta_description', $A['meta_description']);
}
if (!empty($A['meta_keywords'])) {
$topic_templates->set_var('meta_keywords', $A['meta_keywords']);
}
if ($_CONF['meta_tags'] > 0) {
$topic_templates->set_var('hide_meta', '');
} else {
$topic_templates->set_var('hide_meta', ' style="display:none;"');
}
$topic_templates->set_var('lang_defaulttopic', $LANG27[22]);
$topic_templates->set_var('lang_defaulttext', $LANG27[23]);
if ($A['is_default'] == 1) {
$topic_templates->set_var('default_checked', 'checked="checked"');
} else {
$topic_templates->set_var('default_checked', '');
}
$topic_templates->set_var('lang_archivetopic', $LANG27[25]);
$topic_templates->set_var('lang_archivetext', $LANG27[26]);
$topic_templates->set_var('archive_disabled', '');
if ($A['archive_flag'] == 1) {
$topic_templates->set_var('archive_checked', 'checked="checked"');
} else {
$topic_templates->set_var('archive_checked', '');
// Only 1 topic can be the archive topic - so check if there already is one
if (DB_count($_TABLES['topics'], 'archive_flag', '1') > 0) {
$topic_templates->set_var('archive_disabled', 'disabled');
}
}
if (empty($tid)) {
$num_stories = $LANG_ADMIN['na'];
} else {
$nResult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta WHERE ta.type = 'article' AND ta.id = sid AND ta.tid = '" . DB_escapeString($tid) . "'" . COM_getPermSql('AND'));
$N = DB_fetchArray($nResult);
$num_stories = COM_numberFormat($N['count']);
}
$topic_templates->set_var('lang_num_stories', $LANG27[30]);
$topic_templates->set_var('num_stories', $num_stories);
$topic_templates->set_var('gltoken_name', CSRF_TOKEN);
$topic_templates->set_var('gltoken', $token);
$topic_templates->parse('output', 'editor');
$retval .= $topic_templates->finish($topic_templates->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* Display a list of routes
*
* @return string HTML for the list
*/
function listRoutes()
{
global $_CONF, $_TABLES, $LANG_ADMIN, $LANG_ROUTER, $_IMAGE_TYPE, $securityToken;
require_once $_CONF['path_system'] . 'lib-admin.php';
// Writing the menu on top
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/router.php?mode=edit&rid=0', 'text' => $LANG_ADMIN['create_new']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$notice = $LANG_ROUTER[11];
if (!isset($_CONF['url_rewrite']) || empty($_CONF['url_rewrite'])) {
$notice .= ' ' . $LANG_ROUTER[18];
}
if (!isset($_CONF['url_routing']) || $_CONF['url_routing'] == Router::ROUTING_DISABLED) {
$notice .= ' ' . $LANG_ROUTER[19];
}
$retval = COM_startBlock($LANG_ROUTER[2], '', COM_getBlockTemplate('_admin_block', 'header')) . ADMIN_createMenu($menu_arr, $notice, $_CONF['layout_url'] . '/images/icons/router.' . $_IMAGE_TYPE);
$headerArray = array(array('text' => $LANG_ADMIN['edit'], 'field' => 'rid', 'sort' => false), array('text' => $LANG_ROUTER[4], 'field' => 'method', 'sort' => true), array('text' => $LANG_ROUTER[5], 'field' => 'rule', 'sort' => true), array('text' => $LANG_ROUTER[6], 'field' => 'route', 'sort' => true), array('text' => $LANG_ROUTER[7], 'field' => 'priority', 'sort' => true));
$defaultSortArray = array('field' => 'priority', 'direction' => 'asc');
$textArray = array('has_extras' => false, 'title' => $LANG_ROUTER[1], 'form_url' => $_CONF['site_admin_url'] . '/router.php');
$queryArray = array('table' => 'routes', 'sql' => "SELECT * FROM {$_TABLES['routes']} WHERE (1 = 1) ", 'query_fields' => array('rule', 'route', 'priority'), 'default_filter' => COM_getPermSql('AND'));
$retval .= ADMIN_list('routes', 'ADMIN_getListFieldRoutes', $headerArray, $textArray, $queryArray, $defaultSortArray, '', $securityToken, '');
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
private function _renderMenuItems($pid = 0)
{
global $_CONF, $_TABLES, $_USER, $_BLOCK_TEMPLATE;
foreach ($this->_menuitems as $menuitem) {
if ($this->_multiLangMode) {
$label = $this->getMenuLabel($menuitem['id']);
} else {
$label = $menuitem['label'];
}
$target = $menuitem['type'] == 2 ? 'target=newWindow;' . $this->_targetFeatures : '';
$menuitemImage = trim($menuitem['image']);
if ($menuitemImage != '') {
// Check and see if the full url is entered
if (strpos($menuitemImage, 'http') === false) {
$menuitemImage = $_CONF['site_url'] . '/nexmenu/menuimages/' . $menuitemImage;
}
}
if ($i == $this->_menuitemCount) {
$lastitem = true;
} else {
$lastitem = false;
}
// Check and see if this item is a submenu
if ($menuitem['type'] == 3) {
// Type Submenu
$url = str_replace('[siteurl]', $_CONF['site_url'], $menuitem['url']);
$url = str_replace('[siteadminurl]', $_CONF['site_admin_url'], $url);
if ($this->_type == 'header') {
$menuitemimagecss = 'headermenuitemimage';
} else {
$menuitemimagecss = 'blocksubmenuitemimage';
}
$t = new Template($_CONF['path_layout'] . 'nexmenu/procssmenu');
if ($pid == 0) {
if ($this->_type == 'header') {
$t->set_file('menu', 'headersubmenu.thtml');
} else {
$t->set_file('menu', 'submenu.thtml');
}
$t->set_var('menuitem_url', $url);
if ($menuitemImage != '') {
$image = '<img src="' . $menuitemImage . '" border="0"> ';
$label = "{$image}<span id=\"{$menuitemimagecss}\">{$label}</span>";
$t->set_var('menuitem_label', $label);
} else {
$t->set_var('menuitem_label', $label);
}
if ($pid == 0) {
$t->set_var('imgclass', 'drop');
} else {
$t->set_var('imgclass', 'fly');
}
if ($i == $this->_menuitemCount) {
$t->set_var('lastitemclass', 'class="enclose"');
}
} else {
$t->set_file('menu', 'flysubmenu.thtml');
$t->set_var('menuitem_url', $url);
$t->set_var('menuitem_label', $label);
}
parent::initMenuItems($menuitem['id']);
$t->set_var('submenu_items', $this->_renderMenuItems($menuitem['id']));
$t->parse('output', 'menu');
$retval .= $t->finish($t->get_var('output'));
} elseif ($menuitem['type'] == 4) {
// Core Menu
switch ($menuitem['url']) {
case "adminmenu":
if ($_USER['uid'] > 1) {
$_BLOCK_TEMPLATE['admin_block'] = 'nexmenu/procssmenu/blank.thtml,nexmenu/procssmenu/blank.thtml';
$_BLOCK_TEMPLATE['adminoption'] = 'nexmenu/procssmenu/menuitem.thtml,nexmenu/procssmenu/menuitem_on.thtml';
$plugin_options .= PLG_getAdminOptions();
$nrows = count($plugin_options);
if (SEC_isModerator() or $nrows > 0 or SEC_hasrights('story.edit,block.edit,topic.edit,link.edit,event.edit,poll.edit,user.edit,plugin.edit,user.mail', 'OR')) {
$retval .= COM_adminMenu();
}
}
break;
case "usermenu":
if ($_USER['uid'] > 1) {
$_BLOCK_TEMPLATE['user_block'] = 'nexmenu/procssmenu/blank.thtml,nexmenu/procssmenu/blank.thtml';
$_BLOCK_TEMPLATE['useroption'] = 'nexmenu/procssmenu/menuitem.thtml,nexmenu/procssmenu/menuitem_on.thtml';
$retval .= COM_userMenu();
}
break;
case "topicmenu":
$_BLOCK_TEMPLATE['topicoption'] = 'nexmenu/procssmenu/menuitem2.thtml,nexmenu/procssmenu/menuitem2_on.thtml';
$retval .= COM_showTopics('', " sortnum < '{$CONF_NEXMENU['restricted_topics']}'");
break;
case "linksmenu":
if ($this->_linksPlugin) {
$retval .= nexmenu_showlinks($pid, $this->_type, 'site', $numcategories, 0, $lastitem);
}
break;
case "spmenu":
if ($this->_staticpagesPlugin) {
if ($CONF_NEXMENU['sp_labelonly']) {
$sql = "SELECT sp_id,sp_title,sp_label FROM {$_TABLES['staticpage']} WHERE sp_onmenu=1 ";
$sql .= COM_getPermSql('AND');
$sql .= 'ORDER BY sp_title';
$spquery = DB_query($sql);
} else {
$sql = "SELECT sp_id,sp_title,sp_label FROM {$_TABLES['staticpage']} ";
$sql .= COM_getPermSql('WHERE');
$sql .= 'ORDER BY sp_title';
$spquery = DB_query($sql);
}
while (list($id, $title, $sp_label) = DB_fetchArray($spquery)) {
if (trim($sp_label) == '') {
$label = $title;
} else {
$label = $sp_label;
}
$url = "{$_CONF['site_url']}/staticpages/index.php?page={$id}";
$retval .= "<li><a href=\"{$url}\" {$target}>{$label}</a></li>" . LB;
}
}
break;
case "pluginmenu":
$result = DB_query("SELECT pi_name FROM {$_TABLES['plugins']} WHERE pi_enabled = 1");
$nrows = DB_numRows($result);
$menu = array();
for ($i = 1; $i <= $nrows; $i++) {
$A = DB_fetchArray($result);
$function = 'plugin_getmenuitems_' . $A['pi_name'];
if (function_exists($function)) {
$menuitems = $function();
if (is_array($menuitems) and count($menuitems) > 0) {
foreach ($menuitems as $plugin_label => $plugin_link) {
if ($pid == 0) {
$retval .= "<li class=\"top\"><a class=\"top_link\" href=\"{$plugin_link}\" {$target}><span>{$plugin_label}</span></a></li>" . LB;
} else {
$retval .= "<li><a href=\"{$plugin_link}\" {$target}><span>{$plugin_label}</span></a></li>" . LB;
}
}
}
}
}
break;
case "headermenu":
$t = new Template($_CONF['path_layout'] . 'nexmenu/procssmenu');
$t->set_file(array('menu' => 'siteheader_menuitems.thtml', 'menuitem' => 'headermenu_item.thtml', 'menuitem_last' => 'headermenu_item.thtml'));
$plugin_menu = PLG_getMenuItems();
COM_renderMenu($t, $plugin_menu);
$t->parse('output', 'menu');
$retval .= $t->finish($t->get_var('output'));
break;
}
// End of menutype == 4 (Core Menu)
} elseif ($menuitem['type'] == 5) {
if (function_exists($menuitem['url'])) {
/* Pass the type of menu to custom php function */
$retval .= $menuitem['url']($this->_type);
}
} else {
$url = str_replace('[siteurl]', $_CONF['site_url'], $menuitem['url']);
$url = str_replace('[siteadminurl]', $_CONF['site_admin_url'], $url);
// what's our current URL?
$thisUrl = COM_getCurrentURL();
if ($menuitemImage != '') {
if ($this->_type == 'header') {
$menuitemimagecss = 'headermenuitemimage';
} else {
$menuitemimagecss = 'blockmenuitemimage';
}
$image = '<img src="' . $menuitemImage . '" border="0"> ';
if ($i == 1 and $pid > 0) {
$retval .= "<li><a href=\"{$url}\" {$target} class=\"enclose\">{$image}<span id=\"{$menuitemimagecss}\">{$label}</span></a></li>" . LB;
} elseif ($i == $menurows and $pid == 0) {
$retval .= "<li><a href=\"{$url}\" {$target} class=\"enclose\">{$image}<span id=\"{$menuitemimagecss}\">{$label}</span></a></li>" . LB;
} elseif ($url == $thisUrl) {
$retval .= "<li id=\"menuitem_current\"><a href=\"{$url}\" {$target}>{$image}<span id=\"{$menuitemimagecss}\">{$label}</span></a></li>" . LB;
} else {
$retval .= "<li><a href=\"{$url}\" {$target}>{$image}<span id=\"{$menuitemimagecss}\">{$label}</span></a></li>" . LB;
}
} else {
if ($pid == 0) {
$retval .= "<li class=\"top\"><a class=\"top_link\" href=\"{$url}\" {$target}><span>{$label}</span></a></li>" . LB;
} else {
$retval .= "<li><a href=\"{$url}\" {$target}><span>{$label}</span></a></li>" . LB;
}
}
}
$i++;
}
// Restore Template Setting
$_BLOCK_TEMPLATE = $this->_currentBlockTemplate;
return $retval;
}
}
}
COM_setArgNames(array('id', 'type'));
$id = COM_applyFilter(COM_getArgument('id'));
$type = COM_applyFilter(COM_getArgument('type'));
if (empty($id)) {
TRB_sendTrackbackResponse(1, $TRB_ERROR['illegal_request']);
exit;
}
if (empty($type)) {
$type = 'article';
}
if ($type == 'article') {
// check if they have access to this story
$sid = DB_escapeString($id);
$result = DB_query("SELECT trackbackcode FROM {$_TABLES['stories']} WHERE (sid = '{$sid}') AND (date <= NOW()) AND (draft_flag = 0)" . COM_getPermSql('AND') . COM_getTopicSql('AND'));
if (DB_numRows($result) == 1) {
$A = DB_fetchArray($result);
if ($A['trackbackcode'] == 0) {
TRB_handleTrackbackPing($id, $type);
} else {
TRB_sendTrackbackResponse(1, $TRB_ERROR['no_access']);
}
} else {
TRB_sendTrackbackResponse(1, $TRB_ERROR['no_access']);
}
} else {
if (PLG_handlePingComment($type, $id, 'acceptByID') === true) {
TRB_handleTrackbackPing($id, $type);
} else {
TRB_sendTrackbackResponse(1, $TRB_ERROR['no_access']);
/**
* Check if the current user is allowed to delete trackback comments.
*
* @param string $sid ID of the parent object of the comment
* @param string $type type of the parent object ('article' = story, etc.)
* @return boolean true = user can delete the comment, false = nope
*
*/
function TRB_allowDelete($sid, $type)
{
global $_TABLES;
$allowed = false;
if ($type == 'article') {
$sid = DB_escapeString($sid);
$sql = "SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['stories']} WHERE sid = '{$sid}'" . COM_getPermSql('AND', 0, 3);
$result = DB_query($sql);
$A = DB_fetchArray($result);
if (SEC_hasRights('story.edit') && SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3 && TOPIC_hasMultiTopicAccess('article', $sid) == 3) {
$allowed = true;
} else {
$allowed = false;
}
} else {
$allowed = PLG_handlePingComment($type, $sid, 'delete');
}
return $allowed;
}
/**
* Prints Command and Control Page or Administration Menu Block
*
* This will return the command and control items or administration menu items that
* the user has sufficient rights to -- Admin Block on the left side.
*
* @param string $adminMenu True if admin menu, false if command and control page
* @param string $help Help file to show (admin menu only)
* @param string $title Menu Title (admin menu only)
* @param string $position Side being shown on 'left', 'right' or blank. (admin menu only)
* @see function COM_adminMenu
*
*/
function COM_commandControl($adminMenu = false, $help = '', $title = '', $position = '')
{
global $_CONF, $_CONF_FT, $_TABLES, $LANG01, $LANG29, $LANG_LOGVIEW, $LANG_ENVCHECK, $LANG_ADMIN, $_IMAGE_TYPE, $_DB_dbms, $config;
$retval = '';
if ($adminMenu) {
// what's our current URL?
$thisUrl = COM_getCurrentURL();
// Figure out topics sql since used in a few places
$topicsql = '';
if (SEC_isModerator() || SEC_hasRights('story.edit')) {
$tresult = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
$trows = DB_numRows($tresult);
if ($trows > 0) {
$tids = array();
for ($i = 0; $i < $trows; $i++) {
$T = DB_fetchArray($tresult);
$tids[] = $T['tid'];
}
if (count($tids) > 0) {
$topicsql = " AND (ta.tid IN ('" . implode("','", $tids) . "'))";
}
}
}
// Template Stuff
$adminmenu = COM_newTemplate($_CONF['path_layout']);
if (isset($_BLOCK_TEMPLATE['adminnavigation'])) {
$adminmenu->set_file('adminnavigation', $_BLOCK_TEMPLATE['adminnavigation']);
} else {
$adminmenu->set_file('adminnavigation', 'adminnavigation.thtml');
}
$blocks = array('option', 'current', 'group', 'count');
foreach ($blocks as $block) {
$adminmenu->set_block('adminnavigation', $block);
}
$adminmenu->set_var('block_name', str_replace('_', '-', 'admin_block'));
if (empty($title)) {
$title = DB_getItem($_TABLES['blocks'], 'title', "name = 'admin_block'");
}
$retval .= COM_startBlock($title, $help, COM_getBlockTemplate('admin_block', 'header', $position));
// Allow anything not in the blocks but in the rest of the template file to be displayed
$retval .= $adminmenu->parse('item', 'adminnavigation', true);
// Add Command and Control Link
$url = $_CONF['site_admin_url'] . '/index.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[14]);
$adminmenu->set_var('option_count', $LANG_ADMIN['na']);
$retval .= $adminmenu->finish($adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option'));
// Get any plugin items
$plugins = PLG_getAdminOptions();
} else {
// this defines the amount of icons displayed next to another in the CC-block
define('ICONS_PER_ROW', 6);
// Template Stuff
$admin_templates = COM_newTemplate($_CONF['path_layout'] . 'admin');
$admin_templates->set_file(array('cc' => 'commandcontrol.thtml'));
$blocks = array('ccgroup', 'ccrow', 'ccitem');
foreach ($blocks as $block) {
$admin_templates->set_block('cc', $block);
}
$retval .= COM_startBlock('Geeklog ' . VERSION . ' -- ' . $LANG29[34], '', COM_getBlockTemplate('_admin_block', 'header'));
// Get any plugin items
$plugins = PLG_getCCOptions();
}
$cc_core = array();
$cc_plugins = array();
$cc_tools = array();
$cc_users = array();
for ($i = 0; $i < count($plugins); $i++) {
$cur_plugin = current($plugins);
if ($adminMenu) {
$item = array('condition' => SEC_hasRights('story.edit'), 'url' => $cur_plugin->adminurl, 'lang' => $cur_plugin->adminlabel, 'num' => $cur_plugin->numsubmissions);
} else {
$item = array('condition' => SEC_hasRights('story.edit'), 'url' => $cur_plugin->adminurl, 'lang' => $cur_plugin->adminlabel, 'image' => $cur_plugin->plugin_image);
}
switch ($cur_plugin->admingroup) {
case 'core':
$cc_core[] = $item;
break;
case 'tools':
$cc_tools[] = $item;
break;
case 'users':
$cc_users[] = $item;
break;
default:
$cc_plugins[] = $item;
break;
}
next($plugins);
}
// Command & Control Group Layout
$ccgroups = array('core', 'plugins', 'tools', 'users');
foreach ($ccgroups as $ccgroup) {
// Clear a few things before starting group
$cc_arr = array();
$items = array();
if (!$adminMenu) {
$admin_templates->clear_var('cc_rows');
$admin_templates->set_var('cc_icon_width', floor(100 / ICONS_PER_ROW));
}
switch ($ccgroup) {
// Core - Blocks, Content Syndication, Stories, Topics, Submissions, Trackbacks
case 'core':
$showTrackbackIcon = ($_CONF['trackback_enabled'] || $_CONF['pingback_enabled'] || $_CONF['ping_enabled']) && SEC_hasRights('story.ping');
// Count stuff for admin menu
$blockcount = 0;
$topiccount = 0;
$storycount = 0;
$submissioncount = 0;
$syndicationcount = 0;
$trackbackcount = $LANG_ADMIN['na'];
if ($adminMenu) {
// Find num of blocks
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['blocks']}" . COM_getPermSql());
list($blockcount) = DB_fetchArray($result);
// Find num of topics
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['topics']}" . COM_getPermSql());
list($topiccount) = DB_fetchArray($result);
// Find num of stories
if (SEC_hasRights('story.edit')) {
if (empty($topicsql)) {
$storycount = DB_count($_TABLES['stories']);
} else {
$nresult = DB_query("SELECT COUNT(DISTINCT sid) AS count FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta WHERE ta.type = 'article' AND ta.id = sid " . $topicsql . COM_getPermSql('AND'));
$N = DB_fetchArray($nresult);
$storycount = $N['count'];
}
}
// Find num of submissions
if (SEC_hasRights('story.edit,story.moderate', 'OR') || $_CONF['commentsubmission'] == 1 && SEC_hasRights('comment.moderate') || $_CONF['usersubmission'] == 1 && SEC_hasRights('user.edit,user.delete')) {
if (SEC_hasRights('story.moderate')) {
if (empty($topicsql)) {
$submissioncount += DB_count($_TABLES['storysubmission']);
} else {
$sql = "SELECT COUNT(DISTINCT sid) AS count FROM {$_TABLES['storysubmission']}, {$_TABLES['topic_assignments']} ta WHERE ta.type = 'article' AND ta.id = sid " . $topicsql;
$sresult = DB_query($sql);
$S = DB_fetchArray($sresult);
$submissioncount += $S['count'];
}
}
if ($_CONF['listdraftstories'] == 1 && SEC_hasRights('story.edit')) {
$sql = "SELECT COUNT(DISTINCT sid) AS count FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta WHERE ta.type = 'article' AND ta.id = sid AND draft_flag = 1";
if (!empty($topicsql)) {
$sql .= $topicsql;
}
$result = DB_query($sql . COM_getPermSQL('AND', 0, 3));
$A = DB_fetchArray($result);
$submissioncount += $A['count'];
}
if ($_CONF['commentsubmission'] == 1 && SEC_hasRights('comment.moderate')) {
$submissioncount += DB_count($_TABLES['commentsubmissions']);
}
if ($_CONF['usersubmission'] == 1) {
if (SEC_hasRights('user.edit') && SEC_hasRights('user.delete')) {
$submissioncount += DB_count($_TABLES['users'], 'status', '2');
}
}
}
// now handle submissions for plugins
$submissioncount += PLG_getSubmissionCount();
// Find num of syndication
if ($_CONF['backend'] == 1 && SEC_hasRights('syndication.edit')) {
$syndicationcount = COM_numberFormat(DB_count($_TABLES['syndication']));
}
// Find num of trackback
if ($_CONF['ping_enabled'] && SEC_hasRights('story.ping')) {
$trackbackcount = COM_numberFormat(DB_count($_TABLES['pingservice']));
}
}
$cc_arr = array(array('condition' => SEC_hasRights('topic.edit'), 'url' => $_CONF['site_admin_url'] . '/topic.php', 'lang' => $LANG01[13], 'num' => COM_numberFormat($topiccount), 'image' => $_CONF['layout_url'] . '/images/icons/topic.' . $_IMAGE_TYPE), array('condition' => SEC_hasRights('block.edit'), 'url' => $_CONF['site_admin_url'] . '/block.php', 'lang' => $LANG01[12], 'num' => COM_numberFormat($blockcount), 'image' => $_CONF['layout_url'] . '/images/icons/block.' . $_IMAGE_TYPE), array('condition' => SEC_hasRights('story.edit'), 'url' => $_CONF['site_admin_url'] . '/story.php', 'lang' => $LANG01[11], 'num' => COM_numberFormat($storycount), 'image' => $_CONF['layout_url'] . '/images/icons/story.' . $_IMAGE_TYPE), array('condition' => SEC_hasModerationAccess(), 'url' => $_CONF['site_admin_url'] . '/moderation.php', 'lang' => $LANG01[10], 'num' => COM_numberFormat($submissioncount), 'image' => $_CONF['layout_url'] . '/images/icons/moderation.' . $_IMAGE_TYPE), array('condition' => SEC_hasRights('syndication.edit'), 'url' => $_CONF['site_admin_url'] . '/syndication.php', 'lang' => $LANG01[38], 'num' => $syndicationcount, 'image' => $_CONF['layout_url'] . '/images/icons/syndication.' . $_IMAGE_TYPE), array('condition' => $showTrackbackIcon, 'url' => $_CONF['site_admin_url'] . '/trackback.php', 'lang' => $LANG01[116], 'num' => $trackbackcount, 'image' => $_CONF['layout_url'] . '/images/icons/trackback.' . $_IMAGE_TYPE));
// Merge any items that belong to this group from plugins
$cc_arr = array_merge($cc_arr, $cc_core);
break;
// Plugins - All ungrouped plugins
// Plugins - All ungrouped plugins
case 'plugins':
$cc_arr = $cc_plugins;
break;
// Tools - Db backups, Clear cache, Log Viewer, GL Version Test, Plugins, Configuration, Documentation, SPAM-X Plugin
// Tools - Db backups, Clear cache, Log Viewer, GL Version Test, Plugins, Configuration, Documentation, SPAM-X Plugin
case 'tools':
$docsUrl = $_CONF['site_url'] . '/docs/english/index.html';
if ($_CONF['link_documentation'] == 1) {
$doclang = COM_getLanguageName();
$docs = 'docs/' . $doclang . '/index.html';
if (file_exists($_CONF['path_html'] . $docs)) {
$docsUrl = $_CONF['site_url'] . '/' . $docs;
}
}
$pluginscount = 0;
if ($adminMenu) {
// Find num of plugins
if (SEC_hasRights('plugin.edit')) {
$pluginscount = COM_numberFormat(DB_count($_TABLES['plugins'], 'pi_enabled', 1));
}
}
$cc_arr = array(array('condition' => SEC_hasRights($_CONF_FT, 'OR'), 'url' => $_CONF['site_admin_url'] . '/configuration.php', 'lang' => $LANG01[129], 'num' => count($config->_get_groups()), 'image' => $_CONF['layout_url'] . '/images/icons/configuration.' . $_IMAGE_TYPE), array('condition' => $_CONF['link_documentation'] == 1, 'url' => $docsUrl, 'lang' => $LANG01[113], 'image' => $_CONF['layout_url'] . '/images/icons/docs.' . $_IMAGE_TYPE), array('condition' => SEC_inGroup('Root') && $_CONF['link_versionchecker'] == 1, 'url' => 'http://www.geeklog.net/versionchecker.php?version=' . VERSION, 'lang' => $LANG01[107], 'num' => VERSION, 'image' => $_CONF['layout_url'] . '/images/icons/versioncheck.' . $_IMAGE_TYPE), array('condition' => SEC_hasRights('plugin.edit'), 'url' => $_CONF['site_admin_url'] . '/plugins.php', 'lang' => $LANG01[98], 'num' => $pluginscount, 'image' => $_CONF['layout_url'] . '/images/icons/plugins.' . $_IMAGE_TYPE), array('condition' => $_CONF['allow_mysqldump'] == 1 && $_DB_dbms == 'mysql' && SEC_inGroup('Root'), 'url' => $_CONF['site_admin_url'] . '/database.php', 'lang' => $LANG01[103], 'num' => '', 'image' => $_CONF['layout_url'] . '/images/icons/database.' . $_IMAGE_TYPE), array('condition' => SEC_inGroup('Root'), 'url' => $_CONF['site_admin_url'] . '/clearctl.php', 'lang' => $LANG01['ctl'], 'num' => '', 'image' => $_CONF['layout_url'] . '/images/icons/ctl.' . $_IMAGE_TYPE), array('condition' => SEC_inGroup('Root'), 'url' => $_CONF['site_admin_url'] . '/envcheck.php', 'lang' => $LANG_ENVCHECK['env_check'], 'num' => '', 'image' => $_CONF['layout_url'] . '/images/icons/envcheck.' . $_IMAGE_TYPE), array('condition' => SEC_inGroup('Root'), 'url' => $_CONF['site_admin_url'] . '/logviewer.php', 'lang' => $LANG_LOGVIEW['log_viewer'], 'num' => '', 'image' => $_CONF['layout_url'] . '/images/icons/log_viewer.' . $_IMAGE_TYPE), array('condition' => SEC_inGroup('Root'), 'url' => $_CONF['site_url'] . '/filemanager/index.php?Type=Root', 'lang' => $LANG01['filemanager'], 'num' => '', 'image' => $_CONF['layout_url'] . '/images/icons/filemanager.' . $_IMAGE_TYPE, 'target' => '_blank'), array('condition' => true, 'url' => $_CONF['site_url'] . '/users.php?mode=logout', 'lang' => $LANG01[35], 'num' => '', 'image' => $_CONF['layout_url'] . '/images/icons/logout.' . $_IMAGE_TYPE));
// Merge any items that belong to this group from plugins
$cc_arr = array_merge($cc_arr, $cc_tools);
break;
// Users - Groups, Users, Mail Users
// Users - Groups, Users, Mail Users
case 'users':
$groupcount = 0;
$usercount = 0;
if ($adminMenu) {
// Find num of groups
if (SEC_inGroup('Root')) {
$grpFilter = '';
} else {
$thisUsersGroups = SEC_getUserGroups();
$grpFilter = 'WHERE (grp_id IN (' . implode(',', $thisUsersGroups) . '))';
}
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['groups']} {$grpFilter};");
$A = DB_fetchArray($result);
$groupcount = $A['count'];
// Find num of users
$usercount = DB_count($_TABLES['users'], 'status', USER_ACCOUNT_ACTIVE) - 1;
}
$cc_arr = array(array('condition' => SEC_hasRights('group.edit'), 'url' => $_CONF['site_admin_url'] . '/group.php', 'lang' => $LANG01[96], 'num' => COM_numberFormat($groupcount), 'image' => $_CONF['layout_url'] . '/images/icons/group.' . $_IMAGE_TYPE), array('condition' => SEC_hasRights('user.edit'), 'url' => $_CONF['site_admin_url'] . '/user.php', 'lang' => $LANG01[17], 'num' => COM_numberFormat($usercount), 'image' => $_CONF['layout_url'] . '/images/icons/user.' . $_IMAGE_TYPE), array('condition' => SEC_hasRights('user.mail'), 'url' => $_CONF['site_admin_url'] . '/mail.php', 'lang' => $LANG01[105], 'num' => '', 'image' => $_CONF['layout_url'] . '/images/icons/mail.' . $_IMAGE_TYPE));
// Merge any items that belong to this group from plugins
$cc_arr = array_merge($cc_arr, $cc_users);
break;
}
for ($i = 0; $i < count($cc_arr); $i++) {
if ($cc_arr[$i]['condition']) {
if ($adminMenu) {
// Add Command and Control Link
$adminmenu->set_var('option_url', $cc_arr[$i]['url']);
$adminmenu->set_var('option_label', $cc_arr[$i]['lang']);
if (!empty($cc_arr[$i]['num'])) {
$adminmenu->set_var('option_count', $cc_arr[$i]['num']);
$adminmenu->set_var('display_count', $adminmenu->parse('item', 'count'));
}
$adminmenu->set_var('branch_spaces', ' ');
if (isset($cc_arr[$i]['target'])) {
$adminmenu->set_var('target', ' target="' . $cc_arr[$i]['target'] . '"');
} else {
$adminmenu->set_var('target', '');
}
$item = $adminmenu->finish($adminmenu->parse('item', $thisUrl == $cc_arr[$i]['url'] ? 'current' : 'option'));
$adminmenu->clear_var('display_count');
// incase set before
} else {
if (!empty($cc_arr[$i]['url'])) {
$admin_templates->set_var('page_url', $cc_arr[$i]['url']);
$admin_templates->set_var('page_image', $cc_arr[$i]['image']);
$admin_templates->set_var('option_label', $cc_arr[$i]['lang']);
$admin_templates->set_var('cell_width', (int) (100 / ICONS_PER_ROW) . '%');
if (isset($cc_arr[$i]['target'])) {
$admin_templates->set_var('target', ' target="' . $cc_arr[$i]['target'] . '"');
} else {
$admin_templates->set_var('target', '');
}
$item = $admin_templates->parse('cc_main_options', 'ccitem', false);
}
}
$items[$cc_arr[$i]['lang']] = $item;
}
}
if ($_CONF['sort_admin']) {
uksort($items, 'strcasecmp');
}
if (!empty($items)) {
// Add Group Label now
if ($adminMenu) {
$adminmenu->set_var('group_label', $LANG29[$ccgroup]);
$retval .= $adminmenu->finish($adminmenu->parse('item', 'group'));
} else {
$admin_templates->set_var('lang_group', $LANG29[$ccgroup]);
}
// Add items now
reset($items);
$cols = 0;
$cc_main_options = '';
foreach ($items as $key => $val) {
if ($adminMenu) {
$retval .= $val;
} else {
$cc_main_options .= $val . LB;
$cols++;
if ($cols == ICONS_PER_ROW) {
$admin_templates->set_var('cc_main_options', $cc_main_options);
$admin_templates->parse('cc_rows', 'ccrow', true);
$admin_templates->clear_var('cc_main_options');
$cc_main_options = '';
$cols = 0;
}
}
}
if (!$adminMenu) {
if ($cols > 0) {
// "flush out" any unrendered entries
$admin_templates->set_var('cc_main_options', $cc_main_options);
$admin_templates->parse('cc_rows', 'ccrow', true);
$admin_templates->clear_var('cc_main_options');
}
$admin_templates->parse('cc_groups', 'ccgroup', true);
}
}
}
if ($adminMenu) {
$retval .= COM_endBlock(COM_getBlockTemplate('admin_block', 'footer', $position));
} else {
$retval .= $admin_templates->finish($admin_templates->parse('output', 'cc'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
}
return $retval;
}
$order = COM_applyFilter($_GET['order']);
}
if (isset($_GET['query'])) {
$query = COM_applyFilter($_GET['query']);
}
if (isset($_GET['reply'])) {
$reply = COM_applyFilter($_GET['reply']);
}
}
if (empty($sid)) {
COM_404();
}
if (strcasecmp($order, 'ASC') != 0 && strcasecmp($order, 'DESC') != 0) {
$order = '';
}
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE sid = '" . DB_escapeString($sid) . "'" . COM_getPermSql('AND'));
$A = DB_fetchArray($result);
if ($A['count'] > 0) {
$ratedIds = array();
if ($_CONF['rating_enabled'] != 0) {
$ratedIds = RATING_getRatedIds('article');
}
$story = new Story();
$args = array('sid' => $sid, 'mode' => 'view');
$output = STORY_LOADED_OK;
$result = PLG_invokeService('story', 'get', $args, $output, $svc_msg);
if ($result == PLG_RET_OK) {
/* loadFromArray cannot be used, since it overwrites the timestamp */
reset($story->_dbFields);
while (list($fieldname, $save) = each($story->_dbFields)) {
$varname = '_' . $fieldname;
private function _renderMenuItems()
{
global $_CONF, $_TABLES, $_USER, $_BLOCK_TEMPLATE;
foreach ($this->_menuitems as $menuitem) {
if ($this->_multiLangMode) {
$label = $this->getMenuLabel($menuitem['id']);
} else {
$label = $menuitem['label'];
}
$target = $menuitem['type'] == 2 ? 'target=newWindow;' . $this->_targetFeatures : '';
$menuitemImage = trim($menuitem['image']);
if ($menuitemImage != '') {
// Check and see if the full url is entered
if (strpos($menuitemImage, 'http') === false) {
$menuitemImage = $_CONF['site_url'] . '/nexmenu/menuimages/' . $menuitemImage;
}
}
if ($i == $this->_menuitemCount) {
$lastitem = true;
} else {
$lastitem = false;
}
// Check and see if this item is a submenu
if ($menuitem['type'] == 3) {
// Type Submenu
$url = str_replace('[siteurl]', $_CONF['site_url'], $menuitem['url']);
$url = str_replace('[siteadminurl]', $_CONF['site_admin_url'], $url);
if ($this->_type == 'header') {
$menuitemimagecss = 'headermenuitemimage';
} else {
$menuitemimagecss = 'blocksubmenuitemimage';
}
if ($menuitemImage != '') {
$retval .= 'aI("image=' . $menuitemImage . ';text=' . $label . ';' . 'url=' . $url . ';' . $target . 'showmenu=nexmenu' . $menuitem['id'] . ';");';
} else {
$retval .= 'aI("text=' . $label . ';' . 'url=' . $url . ';' . $target . 'showmenu=nexmenu' . $menuitem['id'] . ';");';
}
} elseif ($menuitem['type'] == 4) {
// Core Menu
switch ($menuitem['url']) {
case "adminmenu":
if ($_USER['uid'] > 1) {
$_BLOCK_TEMPLATE['admin_block'] = 'nexmenu/milonicmenu/blockheader-blank.thtml,nexmenu/milonicmenu/blockfooter-blank.thtml';
$_BLOCK_TEMPLATE['adminoption'] = 'nexmenu/milonicmenu/option.thtml,nexmenu/milonicmenu/option_off.thtml';
$plugin_options .= PLG_getAdminOptions();
$nrows = count($plugin_options);
if (SEC_isModerator() or $nrows > 0 or SEC_hasrights('story.edit,block.edit,topic.edit,link.edit,event.edit,poll.edit,user.edit,plugin.edit,user.mail', 'OR')) {
$retval .= COM_adminMenu();
}
}
break;
case "usermenu":
if ($_USER['uid'] > 1) {
$_BLOCK_TEMPLATE['user_block'] = 'nexmenu/milonicmenu/blockheader-blank.thtml,nexmenu/milonicmenu/blockfooter-blank.thtml';
$_BLOCK_TEMPLATE['useroption'] = 'nexmenu/milonicmenu/option.thtml,nexmenu/milonicmenu/option_off.thtml';
$retval .= COM_userMenu();
}
break;
case "topicmenu":
$_BLOCK_TEMPLATE['topicoption'] = 'nexmenu/milonicmenu/option.thtml,nexmenu/milonicmenu/option_off.thtml';
$retval .= COM_showTopics('', " sortnum < '{$CONF_NEXMENU['restricted_topics']}'");
break;
case "linksmenu":
if ($this->_linksPlugin) {
$retval .= $this->_milonicLinksPluginSiteLinks();
}
break;
case "spmenu":
if ($this->_staticpagesPlugin) {
if ($CONF_NEXMENU['sp_labelonly']) {
$sql = "SELECT sp_id,sp_title,sp_label FROM {$_TABLES['staticpage']} WHERE sp_onmenu=1 ";
$sql .= COM_getPermSql('AND');
$sql .= 'ORDER BY sp_title';
$spquery = DB_query($sql);
} else {
$sql = "SELECT sp_id,sp_title,sp_label FROM {$_TABLES['staticpage']} ";
$sql .= COM_getPermSql('WHERE');
$sql .= 'ORDER BY sp_title';
$spquery = DB_query($sql);
}
while (list($id, $title, $sp_label) = DB_fetchArray($spquery)) {
if (trim($sp_label) == '') {
$label = $title;
} else {
$label = $sp_label;
}
$url = "{$_CONF['site_url']}/staticpages/index.php?page={$id}";
$retval .= 'aI("text=' . $label . ';url=' . $_CONF['site_url'] . '/staticpages/index.php?page=' . $id . ';");';
}
}
break;
case "pluginmenu":
$result = DB_query("SELECT pi_name FROM {$_TABLES['plugins']} WHERE pi_enabled = 1");
$nrows = DB_numRows($result);
$menu = array();
for ($i = 1; $i <= $nrows; $i++) {
$A = DB_fetchArray($result);
$function = 'plugin_getmenuitems_' . $A['pi_name'];
if (function_exists($function)) {
$menuitems = $function();
if (is_array($menuitems) and count($menuitems) > 0) {
foreach ($menuitems as $plugin_label => $plugin_link) {
$retval .= 'aI("text=' . $plugin_label . ';' . $target . 'url=' . $plugin_link . ';");';
}
}
}
}
break;
}
// End of menutype == 4 (Core Menu)
} elseif ($menuitem['type'] == 5) {
if (function_exists($menuitem['url'])) {
/* Pass the type of menu to custom php function */
$retval .= $menuitem['url']($this->_type);
}
} else {
$url = str_replace('[siteurl]', $_CONF['site_url'], $menuitem['url']);
$url = str_replace('[siteadminurl]', $_CONF['site_admin_url'], $url);
// what's our current URL?
$thisUrl = COM_getCurrentURL();
if ($menuitemImage != '') {
$retval .= 'aI("image=' . $menuitemImage . ';text=' . $label . ';url=' . $url . ';' . $target . ';");';
} else {
$retval .= 'aI("text=' . $label . ';url=' . $url . ';' . $target . ';");';
}
}
$i++;
}
// Restore Template Setting
$_BLOCK_TEMPLATE = $this->_currentBlockTemplate;
return $retval;
}
if (isset($pid)) {
$display .= POLLS_siteHeader();
if ($msg > 0) {
$display .= COM_showMessage($msg, 'polls');
}
if (isset($_POST['aid'])) {
$eMsg = $LANG_POLLS['answer_all'] . ' "' . DB_getItem($_TABLES['polltopics'], 'topic', "pid = '" . DB_escapeString($pid) . "'") . '"';
$display .= COM_showMessageText($eMsg, $LANG_POLLS['not_saved'], true);
}
if (DB_getItem($_TABLES['polltopics'], 'is_open', "pid = '" . DB_escapeString($pid) . "'") != 1) {
$aid = -1;
// poll closed - show result
}
if (!isset($_COOKIE['poll-' . $pid]) && !POLLS_ipAlreadyVoted($pid) && $aid != -1) {
$display .= POLLS_pollVote($pid);
} else {
$display .= POLLS_pollResults($pid, 400, $order, $mode);
}
} else {
$poll_topic = DB_query("SELECT topic FROM {$_TABLES['polltopics']} WHERE pid='" . DB_escapeString($pid) . "'" . COM_getPermSql('AND'));
$Q = DB_fetchArray($poll_topic);
if (empty($Q['topic'])) {
$display .= POLLS_siteHeader($LANG_POLLS['pollstitle']) . POLLS_pollList();
} else {
$display .= POLLS_siteHeader($Q['topic']) . POLLS_pollResults($pid, 400, $order, $mode);
}
}
}
}
$display .= POLLS_siteFooter();
echo $display;
}
}
COM_setArgNames(array('id', 'type'));
$id = COM_applyFilter(COM_getArgument('id'));
$type = COM_applyFilter(COM_getArgument('type'));
if (empty($id)) {
TRB_sendTrackbackResponse(1, $TRB_ERROR['illegal_request']);
exit;
}
if (empty($type)) {
$type = 'article';
}
if ($type == 'article') {
// check if they have access to this story
$sid = DB_escapeString($id);
$sql = "SELECT trackbackcode FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n WHERE (sid = '{$sid}') AND (date <= NOW()) AND (draft_flag = 0)" . COM_getPermSql('AND') . " AND ta.type = 'article' AND ta.id = sid AND ta.tdefault = 1 " . COM_getTopicSql('AND', 0, 'ta');
$result = DB_query($sql);
if (DB_numRows($result) == 1) {
$A = DB_fetchArray($result);
if ($A['trackbackcode'] == 0) {
TRB_handleTrackbackPing($id, $type);
} else {
TRB_sendTrackbackResponse(1, $TRB_ERROR['no_access']);
}
} else {
TRB_sendTrackbackResponse(1, $TRB_ERROR['no_access']);
}
} else {
if (PLG_handlePingComment($type, $id, 'acceptByID') === true) {
TRB_handleTrackbackPing($id, $type);
} else {
/**
* Displays a list of topics
*
* Lists all the topics and their icons.
*
* @return string HTML for the topic list
*
*/
function TOPIC_list()
{
global $_CONF, $_TABLES, $LANG27, $LANG_ACCESS, $LANG_ADMIN, $_IMAGE_TYPE;
USES_lib_admin();
$retval = '';
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/topic.php?edit=x', 'text' => $LANG_ADMIN['create_new']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$retval .= COM_startBlock($LANG27[8], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $LANG27[9], $_CONF['layout_url'] . '/images/icons/topic.' . $_IMAGE_TYPE);
$header_arr = array(array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false, 'align' => 'center', 'width' => '35px'), array('text' => $LANG27[10], 'field' => 'sortnum', 'sort' => true, 'align' => 'center'), array('text' => $LANG27[2], 'field' => 'tid', 'sort' => true), array('text' => $LANG27[3], 'field' => 'topic', 'sort' => true), array('text' => $LANG27[38], 'field' => 'is_default', 'sort' => false, 'align' => 'center'), array('text' => $LANG27[39], 'field' => 'archive_flag', 'sort' => false, 'align' => 'center'), array('text' => $LANG27[11], 'field' => 'limitnews', 'sort' => false, 'align' => 'center'), array('text' => $LANG27[35], 'field' => 'sort_by', 'sort' => false, 'align' => 'center', 'nowrap' => 'true'), array('text' => $LANG27[37], 'field' => 'sort_dir', 'sort' => false, 'align' => 'center'), array('text' => $LANG_ADMIN['delete'], 'field' => 'delete', 'sort' => false, 'align' => 'center', 'width' => '35px'));
$defsort_arr = array('field' => 'sortnum', 'direction' => 'asc');
$text_arr = array('has_extras' => true, 'form_url' => $_CONF['site_admin_url'] . '/topic.php');
$query_arr = array('table' => 'topics', 'sql' => "SELECT * FROM {$_TABLES['topics']} WHERE 1=1", 'query_fields' => array('tid', 'topic'), 'default_filter' => COM_getPermSql('AND'));
$token = SEC_createToken();
$form_arr = array('bottom' => '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '"/>');
$retval .= ADMIN_list('topics', 'TOPIC_getListField', $header_arr, $text_arr, $query_arr, $defsort_arr, '', $token, '', $form_arr);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* Display main view (list of years)
* Displays an overview of all the years and months, starting with the first
* year for which a story has been posted. Can optionally display a list of
* the stories for the current month at the top of the page.
*
* @param Template $template reference of the template
* @param string $dir_topic current topic
* @return string list of all the years in the db
*/
function DIR_displayAll($template, $dir_topic)
{
global $_TABLES, $LANG_DIR;
$retval = '';
$yearsql = array();
$yearsql['mysql'] = "SELECT DISTINCT YEAR(date) AS year, date\n FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n WHERE (draft_flag = 0) AND (date <= NOW())\n AND ta.type = 'article' AND ta.id = sid\n " . COM_getTopicSQL('AND', 0, 'ta') . COM_getPermSql('AND') . COM_getLangSQL('sid', 'AND');
$yearsql['pgsql'] = "SELECT EXTRACT(YEAR from date) AS year\n FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n WHERE (draft_flag = 0) AND (date <= NOW())\n AND ta.type = 'article' AND ta.id = sid\n " . COM_getTopicSQL('AND', 0, 'ta') . COM_getPermSql('AND') . COM_getLangSQL('sid', 'AND');
$ySql = array();
$ySql['mysql'] = $yearsql['mysql'] . " GROUP BY year, date ORDER BY date DESC";
$ySql['pgsql'] = $yearsql['pgsql'] . " GROUP BY year, date ORDER BY year DESC";
$yResult = DB_query($ySql);
$numYears = DB_numRows($yResult);
if ($numYears > 0) {
for ($i = 0; $i < $numYears; $i++) {
$Y = DB_fetchArray($yResult);
if (TEMPLATE_EXISTS) {
$template->set_var('section_title', $Y['year']);
$retval .= $template->parse('title', 'section-title') . LB;
} else {
$retval .= '<h3>' . $Y['year'] . '</h3>' . LB;
}
$retval .= DIR_displayYear($template, $dir_topic, $Y['year']);
}
} else {
if (TEMPLATE_EXISTS) {
$retval .= $template->parse('message', 'no-articles') . LB;
} else {
$retval .= '<p>' . $LANG_DIR['no_articles'] . '</p>' . LB;
}
}
return $retval;
}
function _parseElement()
{
global $_SP_CONF, $_USER, $_TABLES, $LANG01, $_CONF, $_GROUPS;
$returnArray = array();
$childArray = array();
$item_array = array();
if ($this->active != 1 && $this->id != 0) {
return NULL;
}
if ($this->group_id == 998 && !COM_isAnonUser()) {
return NULL;
}
if (isset($_REQUEST['topic'])) {
$topic = COM_applyFilter($_REQUEST['topic']);
} else {
$topic = '';
}
if (COM_isAnonUser()) {
$anon = 1;
} else {
$anon = 0;
}
$allowed = true;
if ($this->group_id != 998 && $this->id != 0 && !SEC_inGroup($this->group_id)) {
return NULL;
}
if ($this->group_id == 1 && !isset($_GROUPS['Root'])) {
return NULL;
}
switch ($this->type) {
case ET_SUB_MENU:
$this->replace_macros();
break;
case ET_FUSION_ACTION:
switch ($this->subtype) {
case 0:
// home
$this->url = $_CONF['site_url'] . '/';
break;
case 1:
// contribute
if ($anon && ($_CONF['loginrequired'] || $_CONF['submitloginrequired'])) {
return NULL;
}
if (empty($topic)) {
$this->url = $_CONF['site_url'] . '/submit.php?type=story';
} else {
$this->url = $_CONF['site_url'] . '/submit.php?type=story&topic=' . $topic;
}
$label = $LANG01[71];
break;
case 2:
// directory
if ($anon && ($_CONF['loginrequired'] || $_CONF['directoryloginrequired'])) {
return NULL;
}
$this->url = $_CONF['site_url'] . '/directory.php';
if (!empty($topic)) {
$this->url = COM_buildUrl($this->url . '?topic=' . urlencode($topic));
}
break;
case 3:
// prefs
if ($anon && ($_CONF['loginrequired'] || $_CONF['profileloginrequired'])) {
return NULL;
}
$this->url = $_CONF['site_url'] . '/usersettings.php?mode=edit';
break;
case 4:
// search
if ($anon && ($_CONF['loginrequired'] || $_CONF['searchloginrequired'])) {
return NULL;
}
$this->url = $_CONF['site_url'] . '/search.php';
break;
case 5:
// stats
if (!SEC_hasRights('stats.view')) {
return NULL;
}
$this->url = $_CONF['site_url'] . '/stats.php';
break;
default:
// unknown?
$this->url = $_CONF['site_url'] . '/';
break;
}
break;
case ET_FUSION_MENU:
$this->url = '';
switch ($this->subtype) {
case USER_MENU:
// if anonymous user - show login entry
if (COM_isAnonUser()) {
$this->label = $LANG01[58];
$this->url = $_CONF['site_url'] . '/users.php';
$this->target = '';
break;
}
// logged-in user see My Account entry
$item_array = getUserMenu();
$this->label = $LANG01[47];
break;
case ADMIN_MENU:
$this->url = $_CONF['site_admin_url'];
$item_array = getAdminMenu();
break;
case TOPIC_MENU:
$item_array = getTopicMenu();
break;
case STATICPAGE_MENU:
$item_array = array();
$order = '';
if (!empty($_SP_CONF['sort_menu_by'])) {
$order = ' ORDER BY ';
if ($_SP_CONF['sort_menu_by'] == 'date') {
$order .= 'sp_date DESC';
} else {
if ($_SP_CONF['sort_menu_by'] == 'label') {
$order .= 'sp_label';
} else {
if ($_SP_CONF['sort_menu_by'] == 'title') {
$order .= 'sp_title';
} else {
// default to "sort by id"
$order .= 'sp_id';
}
}
}
}
$result = DB_query('SELECT sp_id, sp_label FROM ' . $_TABLES['staticpage'] . ' WHERE sp_onmenu = 1 AND sp_status = 1' . COM_getPermSql('AND') . $order);
$nrows = DB_numRows($result);
$menuitems = array();
for ($i = 0; $i < $nrows; $i++) {
$A = DB_fetchArray($result);
$url = COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $A['sp_id']);
$label = $A['sp_label'];
$item_array[] = array('label' => $label, 'url' => $url);
}
break;
case PLUGIN_MENU:
$item_array = array();
$plugin_menu = PLG_getMenuItems();
if (count($plugin_menu) == 0) {
$this->access = 0;
} else {
for ($i = 1; $i <= count($plugin_menu); $i++) {
$url = current($plugin_menu);
$label = key($plugin_menu);
$item_array[] = array('label' => $label, 'url' => $url);
next($plugin_menu);
}
}
break;
case HEADER_MENU:
default:
}
break;
case ET_PLUGIN:
$plugin_menus = _mbPLG_getMenuItems();
if (isset($plugin_menus[$this->subtype])) {
$this->url = $plugin_menus[$this->subtype];
} else {
$this->access = 0;
$allowed = 0;
}
break;
case ET_STATICPAGE:
$this->url = COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $this->subtype);
break;
case ET_URL:
$this->replace_macros();
break;
case ET_PHP:
$functionName = $this->subtype;
if (function_exists($functionName)) {
$item_array = $functionName();
}
break;
case ET_TOPIC:
$this->url = $_CONF['site_url'] . '/index.php?topic=' . $this->subtype;
break;
default:
break;
}
if ($this->id != 0 && $this->group_id == 998 && SEC_inGroup('Root')) {
return NULL;
}
if ($allowed == 0 || $this->access == 0) {
return NULL;
}
if ($this->type == ET_FUSION_MENU || $this->type == ET_PHP) {
$childArray = $item_array;
} else {
if (!empty($this->children)) {
$howmany = $this->getChildcount();
if ($howmany > 0) {
$children = $this->getChildren();
foreach ($children as $child) {
$elementArray = $child->_parseElement();
if ($elementArray != NULL) {
$childArray[] = $elementArray;
}
}
}
} else {
$childArray = NULL;
}
}
$returnArray = array('label' => $this->label, 'url' => $this->url, 'target' => $this->target, 'children' => is_array($childArray) ? $childArray : NULL);
return $returnArray;
}
/**
* Display form to email a story to someone.
*
* @param string $sid ID of article to email
* @return string HTML for email story form
*
*/
function mailstoryform($sid, $to = '', $toemail = '', $from = '', $fromemail = '', $shortmsg = '', $msg = 0)
{
global $_CONF, $_TABLES, $_USER, $LANG03, $LANG08, $LANG_LOGIN;
$retval = '';
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) {
$display = COM_siteHeader('menu', $LANG_LOGIN[1]);
$display .= SEC_loginRequiredForm();
$display .= COM_siteFooter();
echo $display;
exit;
}
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE sid = '" . DB_escapeString($sid) . "'" . COM_getTopicSql('AND') . COM_getPermSql('AND'));
$A = DB_fetchArray($result);
if ($A['count'] == 0) {
return COM_refresh($_CONF['site_url'] . '/index.php');
}
if ($msg > 0) {
$retval .= COM_showMessage($msg, '', '', 0, 'info');
}
if (empty($from) && empty($fromemail)) {
if (!COM_isAnonUser()) {
$from = COM_getDisplayName($_USER['uid'], $_USER['username'], $_USER['fullname']);
$fromemail = DB_getItem($_TABLES['users'], 'email', "uid = {$_USER['uid']}");
}
}
$postmode = $_CONF['mailuser_postmode'];
$mail_template = new Template($_CONF['path_layout'] . 'profiles');
$mail_template->set_file('form', 'contactauthorform.thtml');
if ($postmode == 'html') {
$mail_template->set_var('show_htmleditor', true);
} else {
$mail_template->unset_var('show_htmleditor');
}
$mail_template->set_var('lang_postmode', $LANG03[2]);
$mail_template->set_var('postmode', $postmode);
$mail_template->set_var('start_block_mailstory2friend', COM_startBlock($LANG08[17]));
$mail_template->set_var('lang_fromname', $LANG08[20]);
$mail_template->set_var('name', $from);
$mail_template->set_var('lang_fromemailaddress', $LANG08[21]);
$mail_template->set_var('email', $fromemail);
$mail_template->set_var('lang_toname', $LANG08[18]);
$mail_template->set_var('toname', $to);
$mail_template->set_var('lang_toemailaddress', $LANG08[19]);
$mail_template->set_var('toemail', $toemail);
$mail_template->set_var('lang_shortmessage', $LANG08[27]);
$mail_template->set_var('shortmsg', @htmlspecialchars($shortmsg, ENT_COMPAT, COM_getEncodingt()));
$mail_template->set_var('lang_warning', $LANG08[22]);
$mail_template->set_var('lang_sendmessage', $LANG08[16]);
$mail_template->set_var('story_id', $sid);
PLG_templateSetVars('emailstory', $mail_template);
$mail_template->set_var('end_block', COM_endBlock());
$mail_template->parse('output', 'form');
$retval .= $mail_template->finish($mail_template->get_var('output'));
return $retval;
}
/**
* Return information for a story
* This is the story equivalent of PLG_getItemInfo. See lib-plugins.php for
* details.
*
* @param string $sid story ID or '*'
* @param string $what comma-separated list of story properties
* @param int $uid user ID or 0 = current user
* @param array $options (reserved for future extensions)
* @return mixed string or array of strings with the information
*/
function plugin_getiteminfo_story($sid, $what, $uid = 0, $options = array())
{
global $_CONF, $_TABLES;
// parse $what to see what we need to pull from the database
$properties = explode(',', $what);
$fields = array();
foreach ($properties as $p) {
switch ($p) {
case 'date-created':
$fields[] = 'UNIX_TIMESTAMP(date) AS unixdate';
break;
case 'date-modified':
$fields[] = 'UNIX_TIMESTAMP(date) AS unixdate';
break;
case 'description':
$fields[] = 'introtext';
$fields[] = 'bodytext';
break;
case 'excerpt':
$fields[] = 'introtext';
break;
case 'feed':
$fields[] = 'ta.tid';
break;
case 'id':
$fields[] = 'sid';
break;
case 'title':
$fields[] = 'title';
break;
case 'url':
// needed for $sid == '*', but also in case we're only requesting
// the URL (so that $fields isn't emtpy)
$fields[] = 'sid';
break;
default:
// nothing to do
break;
}
}
$fields = array_unique($fields);
if (count($fields) == 0) {
$retval = array();
return $retval;
}
// prepare SQL request
if ($sid == '*') {
$where = ' WHERE';
} else {
$where = " WHERE (sid = '" . DB_escapeString($sid) . "') AND";
}
$where .= ' (draft_flag = 0) AND (date <= NOW())';
if ($uid > 0) {
$permSql = COM_getPermSql('AND', $uid) . " AND ta.type = 'article' AND ta.id = sid AND ta.tdefault = 1 " . COM_getTopicSql('AND', $uid, 'ta');
} else {
$permSql = COM_getPermSql('AND') . " AND ta.type = 'article' AND ta.id = sid AND ta.tdefault = 1 " . COM_getTopicSql('AND', 0, 'ta');
}
$sql = "SELECT " . implode(',', $fields) . " FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta" . $where . $permSql;
if ($sid != '*') {
$sql .= ' LIMIT 1';
}
$result = DB_query($sql);
$numRows = DB_numRows($result);
$retval = array();
for ($i = 0; $i < $numRows; $i++) {
$A = DB_fetchArray($result);
$props = array();
foreach ($properties as $p) {
switch ($p) {
case 'date-created':
$props['date-created'] = $A['unixdate'];
break;
case 'date-modified':
$props['date-modified'] = $A['unixdate'];
break;
case 'description':
$props['description'] = trim(PLG_replaceTags(stripslashes($A['introtext']) . ' ' . stripslashes($A['bodytext'])));
break;
case 'excerpt':
$excerpt = stripslashes($A['introtext']);
if (!empty($A['bodytext'])) {
$excerpt .= "\n\n" . stripslashes($A['bodytext']);
}
$props['excerpt'] = trim(PLG_replaceTags($excerpt));
break;
case 'feed':
$feedfile = DB_getItem($_TABLES['syndication'], 'filename', "topic = '::all'");
if (empty($feedfile)) {
$feedfile = DB_getItem($_TABLES['syndication'], 'filename', "topic = '::frontpage'");
}
if (empty($feedfile)) {
$feedfile = DB_getItem($_TABLES['syndication'], 'filename', "topic = '{$A['tid']}'");
}
if (empty($feedfile)) {
$props['feed'] = '';
} else {
$props['feed'] = SYND_getFeedUrl($feedfile);
}
break;
case 'id':
$props['id'] = $A['sid'];
break;
case 'title':
$props['title'] = stripslashes($A['title']);
break;
case 'url':
if (empty($A['sid'])) {
$props['url'] = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $sid);
} else {
$props['url'] = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']);
}
break;
default:
// return empty string for unknown properties
$props[$p] = '';
break;
}
}
$mapped = array();
foreach ($props as $key => $value) {
if ($sid == '*') {
if ($value != '') {
$mapped[$key] = $value;
}
} else {
$mapped[] = $value;
}
}
if ($sid == '*') {
$retval[] = $mapped;
} else {
$retval = $mapped;
break;
}
}
if ($sid != '*' && count($retval) == 1) {
$retval = $retval[0];
}
return $retval;
}
}
if (isset($_GET['reply'])) {
$reply = COM_applyFilter($_GET['reply']);
}
if (isset($_GET['cpage'])) {
$page = COM_applyFilter($_GET['cpage'], true);
}
}
if (empty($sid)) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
if (strcasecmp($order, 'ASC') != 0 && strcasecmp($order, 'DESC') != 0) {
$order = '';
}
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE sid = '{$sid}'" . COM_getPermSql('AND'));
$A = DB_fetchArray($result);
if ($A['count'] > 0) {
$story = new Story();
$args = array('sid' => $sid, 'mode' => 'view');
$output = STORY_LOADED_OK;
$result = PLG_invokeService('story', 'get', $args, $output, $svc_msg);
if ($result == PLG_RET_OK) {
/* loadFromArray cannot be used, since it overwrites the timestamp */
reset($story->_dbFields);
while (list($fieldname, $save) = each($story->_dbFields)) {
$varname = '_' . $fieldname;
if (array_key_exists($fieldname, $output)) {
$story->{$varname} = $output[$fieldname];
}
}
/**
* Show topic administration form
*
* @param string tid ID of topic to edit
* @return string HTML for the topic editor
*
*/
function edittopic($tid = '')
{
global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG27, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE;
$retval = '';
if (empty($tid)) {
// new topic - set defaults
$A = array();
$A['tid'] = '';
$A['topic'] = '';
$A['sortnum'] = 0;
$A['limitnews'] = '';
// leave empty!
$A['is_default'] = 0;
$A['archive_flag'] = 0;
} else {
$result = DB_query("SELECT * FROM {$_TABLES['topics']} WHERE tid ='{$tid}'");
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
if ($access == 0 or $access == 2) {
$retval .= COM_startBlock($LANG27[12], '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $LANG27[13];
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
COM_accessLog("User {$_USER['username']} tried to illegally create or edit topic {$tid}.");
return $retval;
}
}
$token = SEC_createToken();
$retval .= COM_startBlock($LANG27[1], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= SEC_getTokenExpiryNotice($token);
if (!is_array($A) || empty($A['owner_id'])) {
$A['owner_id'] = $_USER['uid'];
// this is the one instance where we default the group
// most topics should belong to the Topic Admin group
if (isset($_GROUPS['Topic Admin'])) {
$A['group_id'] = $_GROUPS['Topic Admin'];
} else {
$A['group_id'] = SEC_getFeatureGroup('topic.edit');
}
SEC_setDefaultPermissions($A, $_CONF['default_permissions_topic']);
$access = 3;
}
$topic_templates = new Template($_CONF['path_layout'] . 'admin/topic');
$topic_templates->set_file('editor', 'topiceditor.thtml');
$topic_templates->set_var('xhtml', XHTML);
$topic_templates->set_var('site_url', $_CONF['site_url']);
$topic_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
$topic_templates->set_var('layout_url', $_CONF['layout_url']);
if (!empty($tid) && SEC_hasRights('topic.edit')) {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$topic_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$topic_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
$topic_templates->set_var('warning_msg', $LANG27[6]);
}
$topic_templates->set_var('lang_topicid', $LANG27[2]);
$topic_templates->set_var('topic_id', $A['tid']);
$topic_templates->set_var('lang_donotusespaces', $LANG27[5]);
$topic_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
$topic_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
$ownername = COM_getDisplayName($A['owner_id']);
$topic_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"));
$topic_templates->set_var('owner_name', $ownername);
$topic_templates->set_var('owner', $ownername);
$topic_templates->set_var('owner_id', $A['owner_id']);
$topic_templates->set_var('lang_group', $LANG_ACCESS['group']);
$topic_templates->set_var('lang_save', $LANG_ADMIN['save']);
$topic_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$topic_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access));
$topic_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']);
$topic_templates->set_var('lang_permissions_key', $LANG_ACCESS['permissionskey']);
$topic_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']);
$topic_templates->set_var('permissions_msg', $LANG_ACCESS['permmsg']);
$topic_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']);
$topic_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']));
// show sort order only if they specified sortnum as the sort method
if ($_CONF['sortmethod'] != 'alpha') {
$topic_templates->set_var('lang_sortorder', $LANG27[10]);
if ($A['sortnum'] == 0) {
$A['sortnum'] = '';
}
$topic_templates->set_var('sort_order', '<input type="text" size="3" maxlength="3" name="sortnum" value="' . $A['sortnum'] . '"' . XHTML . '>');
} else {
$topic_templates->set_var('lang_sortorder', $LANG27[14]);
$topic_templates->set_var('sort_order', $LANG27[15]);
}
$topic_templates->set_var('lang_storiesperpage', $LANG27[11]);
if ($A['limitnews'] == 0) {
$topic_templates->set_var('story_limit', '');
} else {
$topic_templates->set_var('story_limit', $A['limitnews']);
}
$topic_templates->set_var('default_limit', $_CONF['limitnews']);
$topic_templates->set_var('lang_defaultis', $LANG27[16]);
$topic_templates->set_var('lang_topicname', $LANG27[3]);
$topic_templates->set_var('topic_name', stripslashes($A['topic']));
if (empty($A['tid'])) {
$A['imageurl'] = '/images/topics/';
}
$topic_templates->set_var('lang_topicimage', $LANG27[4]);
$topic_templates->set_var('lang_uploadimage', $LANG27[27]);
$topic_templates->set_var('icon_dimensions', $_CONF['max_topicicon_width'] . ' x ' . $_CONF['max_topicicon_height']);
$topic_templates->set_var('lang_maxsize', $LANG27[28]);
$topic_templates->set_var('max_url_length', 255);
$topic_templates->set_var('image_url', $A['imageurl']);
$topic_templates->set_var('lang_metadescription', $LANG_ADMIN['meta_description']);
$topic_templates->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']);
if (!empty($A['meta_description'])) {
$topic_templates->set_var('meta_description', $A['meta_description']);
}
if (!empty($A['meta_keywords'])) {
$topic_templates->set_var('meta_keywords', $A['meta_keywords']);
}
$topic_templates->set_var('lang_defaulttopic', $LANG27[22]);
$topic_templates->set_var('lang_defaulttext', $LANG27[23]);
if ($A['is_default'] == 1) {
$topic_templates->set_var('default_checked', 'checked="checked"');
} else {
$topic_templates->set_var('default_checked', '');
}
$topic_templates->set_var('lang_archivetopic', $LANG27[25]);
$topic_templates->set_var('lang_archivetext', $LANG27[26]);
$topic_templates->set_var('archive_disabled', '');
if ($A['archive_flag'] == 1) {
$topic_templates->set_var('archive_checked', 'checked="checked"');
} else {
$topic_templates->set_var('archive_checked', '');
// Only 1 topic can be the archive topic - so check if there already is one
if (DB_count($_TABLES['topics'], 'archive_flag', '1') > 0) {
$topic_templates->set_var('archive_disabled', 'disabled');
}
}
if (empty($tid)) {
$num_stories = $LANG_ADMIN['na'];
} else {
$nresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE tid = '" . addslashes($tid) . "'" . COM_getPermSql('AND'));
$N = DB_fetchArray($nresult);
$num_stories = COM_numberFormat($N['count']);
}
$topic_templates->set_var('lang_num_stories', $LANG27[30]);
$topic_templates->set_var('num_stories', $num_stories);
$topic_templates->set_var('gltoken_name', CSRF_TOKEN);
$topic_templates->set_var('gltoken', $token);
$topic_templates->parse('output', 'editor');
$retval .= $topic_templates->finish($topic_templates->get_var('output'));
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* Returns a list of stories with a give topic id
*/
function SITEMAPMENU_listStory($tid)
{
global $_CONF, $_TABLES, $LANG_DIR;
$retval = '';
$sql = "SELECT sid, title, UNIX_TIMESTAMP(date) AS day " . "FROM {$_TABLES['stories']} " . "WHERE (draft_flag = 0) AND (date <= NOW())";
if ($tid != 'all') {
$sql .= " AND (tid = '{$tid}')";
}
$sql .= COM_getTopicSql('AND') . COM_getPermSql('AND') . " ORDER BY date DESC";
$result = DB_query($sql);
$numrows = DB_numRows($result);
if ($numrows > 0) {
$entries = array();
for ($i = 0; $i < $numrows; $i++) {
$A = DB_fetchArray($result);
$url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']);
$entries[] = '<a class="nav-link" href="' . $url . '">' . SITEMAPMENU_esc(stripslashes($A['title'])) . '</a>';
}
$retval .= COM_makeList($entries) . LB;
}
return $retval;
}
/**
* @param $all_langs boolean: true = all languages, true = current language
* Returns an array of (
* 'id' => $id (string),
* 'title' => $title (string),
* 'uri' => $uri (string),
* 'date' => $date (int: Unix timestamp),
* 'image_uri' => $image_uri (string)
* )
*/
public function getItemsByDate($event_type = '', $all_langs = false)
{
global $_CONF, $_TABLES;
$entries = array();
if (empty(Dataproxy::$startDate) or empty(Dataproxy::$endDate)) {
return $entries;
}
$sql = "SELECT eid, title, UNIX_TIMESTAMP(datestart) AS day1, " . " UNIX_TIMESTAMP(timestart) AS day2 " . "FROM {$_TABLES['eventsjp']} " . "WHERE (UNIX_TIMESTAMP(datestart) BETWEEN '" . Dataproxy::$startDate . "' AND '" . Dataproxy::$endDate . "') ";
if (!empty($event_type)) {
$sql .= "AND (event_type = '" . addslashes($event_type) . "') ";
}
if (!Dataproxy::isRoot()) {
$sql .= COM_getPermSql('AND', Dataproxy::uid());
}
$sql .= " ORDER BY day1 DESC, day2 DESC";
$result = DB_query($sql);
if (DB_error()) {
return $entries;
}
while (($A = DB_fetchArray($result, FALSE)) !== FALSE) {
$entry = array();
$entry['id'] = $A['eid'];
$entry['title'] = stripslashes($A['title']);
$entry['uri'] = $_CONF['site_url'] . '/calendarjp/event.php?eid=' . $entry['id'];
$entry['date'] = (int) $A['day1'] + (int) $A['day2'];
$entry['image_uri'] = FALSE;
$entries[] = $entry;
}
return $entries;
}
/**
* List links
* @global array core config vars
* @global array core table data
* @global array core user data
* @global array core lang admin vars
* @global array links plugin lang vars
* @global array core lang access vars
*/
function listlinks()
{
global $_CONF, $_TABLES, $LANG_ADMIN, $LANG_LINKS_ADMIN, $LANG_ACCESS, $_IMAGE_TYPE;
require_once $_CONF['path_system'] . 'lib-admin.php';
$retval = '';
$header_arr = array(array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false), array('text' => $LANG_LINKS_ADMIN[2], 'field' => 'lid', 'sort' => true), array('text' => $LANG_ADMIN['title'], 'field' => 'title', 'sort' => true), array('text' => $LANG_ACCESS['access'], 'field' => 'access', 'sort' => false), array('text' => $LANG_LINKS_ADMIN[14], 'field' => 'category', 'sort' => true));
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/links/index.php?mode=edit', 'text' => $LANG_LINKS_ADMIN[51]));
$validate = '';
if (isset($_GET['validate'])) {
$token = SEC_createToken();
$menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/plugins/links/index.php', 'text' => $LANG_LINKS_ADMIN[53]);
$dovalidate_url = $_CONF['site_admin_url'] . '/plugins/links/index.php?validate=validate' . '&' . CSRF_TOKEN . '=' . $token;
$dovalidate_text = $LANG_LINKS_ADMIN[58];
$form_arr['top'] = COM_createLink($dovalidate_text, $dovalidate_url);
if ($_GET['validate'] == 'enabled') {
$header_arr[] = array('text' => $LANG_LINKS_ADMIN[27], 'field' => 'beforevalidate', 'sort' => false);
$validate = '?validate=enabled';
} else {
if ($_GET['validate'] == 'validate') {
$header_arr[] = array('text' => $LANG_LINKS_ADMIN[27], 'field' => 'dovalidate', 'sort' => false);
$validate = '?validate=validate&' . CSRF_TOKEN . '=' . $token;
}
}
$validate_help = $LANG_LINKS_ADMIN[59];
} else {
$menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/plugins/links/index.php?validate=enabled', 'text' => $LANG_LINKS_ADMIN[26]);
$form_arr = array();
$validate_help = '';
}
$defsort_arr = array('field' => 'title', 'direction' => 'asc');
$menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/plugins/links/category.php', 'text' => $LANG_LINKS_ADMIN[50]);
$menu_arr[] = array('url' => $_CONF['site_admin_url'] . '/plugins/links/category.php?mode=edit', 'text' => $LANG_LINKS_ADMIN[52]);
$menu_arr[] = array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']);
$retval .= COM_startBlock($LANG_LINKS_ADMIN[11], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $LANG_LINKS_ADMIN[12] . $validate_help, plugin_geticon_links());
$text_arr = array('has_extras' => true, 'form_url' => $_CONF['site_admin_url'] . "/plugins/links/index.php{$validate}");
$query_arr = array('table' => 'links', 'sql' => "SELECT l.lid AS lid, l.cid as cid, l.title AS title, " . "c.category AS category, l.url AS url, l.description AS description, " . "l.owner_id, l.group_id, l.perm_owner, l.perm_group, l.perm_members, l.perm_anon " . "FROM {$_TABLES['links']} AS l " . "LEFT JOIN {$_TABLES['linkcategories']} AS c " . "ON l.cid=c.cid WHERE 1=1", 'query_fields' => array('title', 'category', 'url', 'l.description'), 'default_filter' => COM_getPermSql('AND', 0, 3, 'l'));
$retval .= ADMIN_list('links', 'plugin_getListField_links', $header_arr, $text_arr, $query_arr, $defsort_arr, '', '', '', $form_arr);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* Save an event to user's personal calendar
*
* User has seen the confirmation screen and they still wants to
* add this event to their calendar. Actually save it now.
*
* @param string $eid ID of event to save
* @return string HTML refresh
*
*/
function saveuserevent($eid)
{
global $_CONF, $_TABLES, $_USER;
if (!COM_isAnonUser()) {
// Try to delete the event first in case it has already been added
DB_query("DELETE FROM {$_TABLES['personal_eventsjp']} WHERE uid={$_USER['uid']} AND eid='{$eid}'");
$result = DB_query("SELECT eid FROM {$_TABLES['eventsjp']} WHERE (eid = '{$eid}')" . COM_getPermSql('AND'));
if (DB_numRows($result) == 1) {
$savesql = "INSERT INTO {$_TABLES['personal_eventsjp']} " . "(eid,uid,title,event_type,datestart,dateend,timestart,timeend,allday,location,address1,address2,city,state," . "zipcode,url,description,group_id,owner_id,perm_owner,perm_group,perm_members,perm_anon) SELECT eid," . $_USER['uid'] . ",title,event_type,datestart,dateend,timestart,timeend,allday,location,address1,address2," . "city,state,zipcode,url,description,group_id,owner_id,perm_owner,perm_group,perm_members,perm_anon FROM " . "{$_TABLES['eventsjp']} WHERE eid = '{$eid}'";
DB_query($savesql);
return COM_refresh($_CONF['site_url'] . '/calendarjp/index.php?mode=personal&msg=24');
}
}
return COM_refresh($_CONF['site_url'] . '/index.php');
}
/**
* Display two lists of blocks, separated by left and right
*
* @return string HTML for the two lists
*
*/
function listblocks()
{
global $_CONF, $_TABLES, $LANG_ADMIN, $LANG21, $_IMAGE_TYPE;
require_once $_CONF['path_system'] . 'lib-admin.php';
$retval = '';
$token = SEC_createToken();
// writing the menu on top
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/block.php?mode=edit', 'text' => $LANG_ADMIN['create_new']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
$retval .= COM_startBlock($LANG21[19], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $LANG21[25], $_CONF['layout_url'] . '/images/icons/block.' . $_IMAGE_TYPE);
reorderblocks();
// Left
// Regular Blocks
$header_arr = array(array('text' => $LANG_ADMIN['edit'], 'field' => 'edit', 'sort' => false), array('text' => $LANG21[65], 'field' => 'blockorder', 'sort' => true), array('text' => $LANG21[46], 'field' => 'move', 'sort' => false), array('text' => $LANG_ADMIN['title'], 'field' => 'title', 'sort' => true), array('text' => $LANG21[48], 'field' => 'name', 'sort' => true), array('text' => $LANG_ADMIN['type'], 'field' => 'type', 'sort' => true), array('text' => $LANG_ADMIN['topic'], 'field' => 'topic', 'sort' => true), array('text' => $LANG_ADMIN['enabled'], 'field' => 'is_enabled', 'sort' => true));
$defsort_arr = array('field' => 'blockorder', 'direction' => 'asc');
$text_arr = array('has_extras' => true, 'title' => "{$LANG21['20']} ({$LANG21['40']})", 'form_url' => $_CONF['site_admin_url'] . '/block.php');
$query_arr = array('table' => 'blocks', 'sql' => "SELECT * FROM {$_TABLES['blocks']} WHERE onleft = 1", 'query_fields' => array('title', 'content'), 'default_filter' => COM_getPermSql('AND'));
// this is a dummy variable so we know the form has been used if all blocks
// should be disabled on one side in order to disable the last one.
// The value is the onleft var
$form_arr = array('top' => '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '"' . XHTML . '>', 'bottom' => '<input type="hidden" name="blockenabler" value="1"' . XHTML . '>');
$retval .= ADMIN_list('blocks', 'ADMIN_getListField_blocks', $header_arr, $text_arr, $query_arr, $defsort_arr, '', $token, '', $form_arr);
// Dynamic blocks
$dyn_header_arr = array(array('text' => $LANG21[65], 'field' => 'blockorder', 'sort' => true), array('text' => $LANG21[69], 'field' => 'plugin', 'sort' => true), array('text' => $LANG_ADMIN['title'], 'field' => 'title', 'sort' => true), array('text' => $LANG21[48], 'field' => 'name', 'sort' => true), array('text' => $LANG_ADMIN['type'], 'field' => 'type', 'sort' => true), array('text' => $LANG_ADMIN['topic'], 'field' => 'topic', 'sort' => true), array('text' => $LANG_ADMIN['enabled'], 'field' => 'is_enabled', 'sort' => true));
$dyn_text_arr = array('title' => "{$LANG21['22']} ({$LANG21['40']})", 'form_url' => $_CONF['site_admin_url'] . '/block.php');
$leftblocks = PLG_getBlocksConfig('left', '');
// Sort Dynamic Blocks on Block Order
usort($leftblocks, "cmpDynamicBlocks");
$retval .= ADMIN_simpleList('ADMIN_getListField_dynamicblocks', $dyn_header_arr, $dyn_text_arr, $leftblocks, '', $form_arr);
// Right
// Regular Blocks
$query_arr = array('table' => 'blocks', 'sql' => "SELECT * FROM {$_TABLES['blocks']} WHERE onleft = 0", 'query_fields' => array('title', 'content'), 'default_filter' => COM_getPermSql('AND'));
$text_arr = array('has_extras' => true, 'title' => "{$LANG21['20']} ({$LANG21['41']})", 'form_url' => $_CONF['site_admin_url'] . '/block.php');
// this is a dummy-variable so we know the form has been used if all blocks should be disabled
// on one side in order to disable the last one. The value is the onleft var
$form_arr = array('top' => '<input type="hidden" name="' . CSRF_TOKEN . '" value="' . $token . '"' . XHTML . '>', 'bottom' => '<input type="hidden" name="blockenabler" value="0"' . XHTML . '>');
$retval .= ADMIN_list('blocks', 'ADMIN_getListField_blocks', $header_arr, $text_arr, $query_arr, $defsort_arr, '', $token, '', $form_arr);
// Dynamic blocks
$dyn_text_arr = array('title' => "{$LANG21['22']} ({$LANG21['41']})", 'form_url' => $_CONF['site_admin_url'] . '/block.php');
$rightblocks = PLG_getBlocksConfig('right', '');
// Sort Dynamic Blocks on Block Order
usort($rightblocks, "cmpDynamicBlocks");
$retval .= ADMIN_simpleList('ADMIN_getListField_dynamicblocks', $dyn_header_arr, $dyn_text_arr, $rightblocks, '', $form_arr);
$retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $retval;
}
/**
* Returns an array of (
* 'id' => $id (string),
* 'title' => $title (string),
* 'uri' => $uri (string),
* 'date' => $date (int: Unix timestamp),
* 'image_uri' => $image_uri (string)
* )
*/
public function getItemsByDate($tid = '', $all_langs = FALSE)
{
global $_CONF, $_TABLES;
$entries = array();
if (empty(Dataproxy::$startDate) or empty(Dataproxy::$endDate)) {
return $entries;
}
$sql = "SELECT sid, title, UNIX_TIMESTAMP(date) AS day " . " FROM {$_TABLES['stories']} " . "WHERE (draft_flag = 0) AND (date <= NOW()) " . " AND (UNIX_TIMESTAMP(date) BETWEEN '" . Dataproxy::$startDate . "' AND '" . Dataproxy::$endDate . "') ";
if (!empty($tid)) {
$sql .= "AND (tid = '" . addslashes($tid) . "') ";
}
if (!Dataproxy::isRoot()) {
$sql .= COM_getTopicSql('AND', Dataproxy::uid()) . COM_getPermSql('AND', Dataproxy::uid());
if (function_exists('COM_getLangSQL') and $all_langs === FALSE) {
$sql .= COM_getLangSQL('sid', 'AND');
}
}
$result = DB_query($sql);
if (DB_error()) {
return $entries;
}
while (($A = DB_fetchArray($result, FALSE)) !== FALSE) {
$entry = array();
$entry['id'] = stripslashes($A['sid']);
$entry['title'] = stripslashes($A['title']);
$entry['uri'] = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . stripslashes($A['sid']));
$entry['date'] = $A['day'];
$entry['imageurl'] = FALSE;
$entries[] = $entry;
}
return $entries;
}
/**
* Prints administration menu
*
* This will return the administration menu items that the user has
* sufficient rights to -- Admin Block on the left side.
*
* @param string $help Help file to show
* @param string $title Menu Title
* @param string $position Side being shown on 'left', 'right' or blank.
* @see function COM_userMenu
*
*/
function COM_adminMenu($help = '', $title = '', $position = '')
{
global $_TABLES, $_CONF, $_CONF_FT, $LANG01, $LANG_ADMIN, $_BLOCK_TEMPLATE, $_DB_dbms, $config;
$retval = '';
if (COM_isAnonUser()) {
return $retval;
}
$plugin_options = PLG_getAdminOptions();
$num_plugins = count($plugin_options);
if (SEC_isModerator() or SEC_hasRights('story.edit,block.edit,topic.edit,user.edit,plugin.edit,user.mail,syndication.edit', 'OR') or $num_plugins > 0 or SEC_hasConfigAcess()) {
// what's our current URL?
$thisUrl = COM_getCurrentURL();
$adminmenu = COM_newTemplate($_CONF['path_layout']);
if (isset($_BLOCK_TEMPLATE['adminoption'])) {
$templates = explode(',', $_BLOCK_TEMPLATE['adminoption']);
$adminmenu->set_file(array('option' => $templates[0], 'current' => $templates[1]));
} else {
$adminmenu->set_file(array('option' => 'adminoption.thtml', 'current' => 'adminoption_off.thtml'));
}
$adminmenu->set_var('block_name', str_replace('_', '-', 'admin_block'));
if (empty($title)) {
$title = DB_getItem($_TABLES['blocks'], 'title', "name = 'admin_block'");
}
$retval .= COM_startBlock($title, $help, COM_getBlockTemplate('admin_block', 'header', $position));
$topicsql = '';
if (SEC_isModerator() || SEC_hasRights('story.edit')) {
$tresult = DB_query("SELECT tid FROM {$_TABLES['topics']}" . COM_getPermSQL());
$trows = DB_numRows($tresult);
if ($trows > 0) {
$tids = array();
for ($i = 0; $i < $trows; $i++) {
$T = DB_fetchArray($tresult);
$tids[] = $T['tid'];
}
if (count($tids) > 0) {
$topicsql = " (tid IN ('" . implode("','", $tids) . "'))";
}
}
}
$modnum = 0;
if (SEC_hasRights('story.edit,story.moderate', 'OR') || $_CONF['commentsubmission'] == 1 && SEC_hasRights('comment.moderate') || $_CONF['usersubmission'] == 1 && SEC_hasRights('user.edit,user.delete')) {
if (SEC_hasRights('story.moderate')) {
if (empty($topicsql)) {
$modnum += DB_count($_TABLES['storysubmission']);
} else {
$sresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['storysubmission']} WHERE" . $topicsql);
$S = DB_fetchArray($sresult);
$modnum += $S['count'];
}
}
if ($_CONF['listdraftstories'] == 1 && SEC_hasRights('story.edit')) {
$sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (draft_flag = 1)";
if (!empty($topicsql)) {
$sql .= ' AND' . $topicsql;
}
$result = DB_query($sql . COM_getPermSQL('AND', 0, 3));
$A = DB_fetchArray($result);
$modnum += $A['count'];
}
if ($_CONF['commentsubmission'] == 1 && SEC_hasRights('comment.moderate')) {
$modnum += DB_count($_TABLES['commentsubmissions']);
}
if ($_CONF['usersubmission'] == 1) {
if (SEC_hasRights('user.edit') && SEC_hasRights('user.delete')) {
$modnum += DB_count($_TABLES['users'], 'status', '2');
}
}
}
if (SEC_hasConfigAcess()) {
$url = $_CONF['site_admin_url'] . '/configuration.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[129]);
$adminmenu->set_var('option_count', count($config->_get_groups()));
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[129]] = $menu_item;
}
// now handle submissions for plugins
$modnum += PLG_getSubmissionCount();
if (SEC_hasRights('story.edit')) {
$url = $_CONF['site_admin_url'] . '/story.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[11]);
if (empty($topicsql)) {
$numstories = DB_count($_TABLES['stories']);
} else {
$nresult = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE" . $topicsql . COM_getPermSql('AND'));
$N = DB_fetchArray($nresult);
$numstories = $N['count'];
}
$adminmenu->set_var('option_count', COM_numberFormat($numstories));
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[11]] = $menu_item;
}
if (SEC_hasRights('block.edit')) {
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['blocks']}" . COM_getPermSql());
list($count) = DB_fetchArray($result);
$url = $_CONF['site_admin_url'] . '/block.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[12]);
$adminmenu->set_var('option_count', COM_numberFormat($count));
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[12]] = $menu_item;
}
if (SEC_hasRights('topic.edit')) {
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['topics']}" . COM_getPermSql());
list($count) = DB_fetchArray($result);
$url = $_CONF['site_admin_url'] . '/topic.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[13]);
$adminmenu->set_var('option_count', COM_numberFormat($count));
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[13]] = $menu_item;
}
if (SEC_hasRights('user.edit')) {
$url = $_CONF['site_admin_url'] . '/user.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[17]);
$active_users = DB_count($_TABLES['users'], 'status', USER_ACCOUNT_ACTIVE);
$adminmenu->set_var('option_count', COM_numberFormat($active_users - 1));
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[17]] = $menu_item;
}
if (SEC_hasRights('group.edit')) {
if (SEC_inGroup('Root')) {
$grpFilter = '';
} else {
$thisUsersGroups = SEC_getUserGroups();
$grpFilter = 'WHERE (grp_id IN (' . implode(',', $thisUsersGroups) . '))';
}
$result = DB_query("SELECT COUNT(*) AS count FROM {$_TABLES['groups']} {$grpFilter};");
$A = DB_fetchArray($result);
$url = $_CONF['site_admin_url'] . '/group.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[96]);
$adminmenu->set_var('option_count', COM_numberFormat($A['count']));
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[96]] = $menu_item;
}
if (SEC_hasRights('user.mail')) {
$url = $_CONF['site_admin_url'] . '/mail.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[105]);
$adminmenu->set_var('option_count', $LANG_ADMIN['na']);
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[105]] = $menu_item;
}
if ($_CONF['backend'] == 1 && SEC_hasRights('syndication.edit')) {
$url = $_CONF['site_admin_url'] . '/syndication.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[38]);
$count = COM_numberFormat(DB_count($_TABLES['syndication']));
$adminmenu->set_var('option_count', $count);
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[38]] = $menu_item;
}
if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled'] || $_CONF['ping_enabled']) && SEC_hasRights('story.ping')) {
$url = $_CONF['site_admin_url'] . '/trackback.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[116]);
if ($_CONF['ping_enabled']) {
$count = COM_numberFormat(DB_count($_TABLES['pingservice']));
$adminmenu->set_var('option_count', $count);
} else {
$adminmenu->set_var('option_count', $LANG_ADMIN['na']);
}
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[116]] = $menu_item;
}
if (SEC_hasRights('plugin.edit')) {
$url = $_CONF['site_admin_url'] . '/plugins.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[77]);
$adminmenu->set_var('option_count', COM_numberFormat(DB_count($_TABLES['plugins'], 'pi_enabled', 1)));
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[77]] = $menu_item;
}
// This will show the admin options for all installed plugins (if any)
for ($i = 0; $i < $num_plugins; $i++) {
$plg = current($plugin_options);
$adminmenu->set_var('option_url', $plg->adminurl);
$adminmenu->set_var('option_label', $plg->adminlabel);
if (isset($plg->numsubmissions) && is_numeric($plg->numsubmissions)) {
$adminmenu->set_var('option_count', COM_numberFormat($plg->numsubmissions));
} elseif (!empty($plg->numsubmissions)) {
$adminmenu->set_var('option_count', $plg->numsubmissions);
} else {
$adminmenu->set_var('option_count', $LANG_ADMIN['na']);
}
$menu_item = $adminmenu->parse('item', $thisUrl == $plg->adminurl ? 'current' : 'option', true);
$link_array[$plg->adminlabel] = $menu_item;
next($plugin_options);
}
if ($_CONF['allow_mysqldump'] == 1 and $_DB_dbms == 'mysql' and SEC_inGroup('Root')) {
$url = $_CONF['site_admin_url'] . '/database.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[103]);
$adminmenu->set_var('option_count', $LANG_ADMIN['na']);
$menu_item = $adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option');
$link_array[$LANG01[103]] = $menu_item;
}
if ($_CONF['link_documentation'] == 1) {
$doclang = COM_getLanguageName();
$docs = 'docs/' . $doclang . '/index.html';
if (file_exists($_CONF['path_html'] . $docs)) {
$adminmenu->set_var('option_url', $_CONF['site_url'] . '/' . $docs);
} else {
$adminmenu->set_var('option_url', $_CONF['site_url'] . '/docs/english/index.html');
}
$adminmenu->set_var('option_label', $LANG01[113]);
$adminmenu->set_var('option_count', $LANG_ADMIN['na']);
$menu_item = $adminmenu->parse('item', 'option');
$link_array[$LANG01[113]] = $menu_item;
}
if ($_CONF['link_versionchecker'] == 1 and SEC_inGroup('Root')) {
$adminmenu->set_var('option_url', 'http://www.geeklog.net/versionchecker.php?version=' . VERSION);
$adminmenu->set_var('option_label', $LANG01[107]);
$adminmenu->set_var('option_count', VERSION);
$menu_item = $adminmenu->parse('item', 'option');
$link_array[$LANG01[107]] = $menu_item;
}
if ($_CONF['sort_admin']) {
uksort($link_array, 'strcasecmp');
}
$url = $_CONF['site_admin_url'] . '/moderation.php';
$adminmenu->set_var('option_url', $url);
$adminmenu->set_var('option_label', $LANG01[10]);
$adminmenu->set_var('option_count', COM_numberFormat($modnum));
$menu_item = $adminmenu->finish($adminmenu->parse('item', $thisUrl == $url ? 'current' : 'option'));
$link_array = array($menu_item) + $link_array;
foreach ($link_array as $link) {
$retval .= $link;
}
$retval .= COM_endBlock(COM_getBlockTemplate('admin_block', 'footer', $position));
}
return $retval;
}
/**
* Extract story ID (sid) from the URL
* Accepts rewritten and old-style URLs. Also checks permissions.
*
* @param string $url targetURI, a URL on our site
* @return string story ID or empty string for error
*/
function PNB_getSid($url)
{
global $_CONF, $_TABLES;
$retval = '';
$sid = '';
$params = substr($url, strlen($_CONF['site_url'] . '/article.php'));
if (substr($params, 0, 1) === '?') {
// old-style URL
$pos = strpos($params, 'story=');
if ($pos !== false) {
$part = substr($params, $pos + strlen('story='));
$parts = explode('&', $part);
$sid = $parts[0];
}
} elseif (substr($params, 0, 1) == '/') {
// rewritten URL
$parts = explode('/', substr($params, 1));
$sid = $parts[0];
}
if (!empty($sid)) {
$parts = explode('#', $sid);
$sid = $parts[0];
}
// okay, so we have a SID - but are they allowed to access the story?
if (!empty($sid)) {
$testsid = DB_escapeString($sid);
$result = DB_query("SELECT trackbackcode FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta WHERE ta.type = 'article' AND ta.id = sid AND sid = '{$testsid}'" . COM_getPermSql('AND') . COM_getTopicSql('AND', 0, ta));
if (DB_numRows($result) == 1) {
$A = DB_fetchArray($result);
if ($A['trackbackcode'] == 0) {
$retval = $sid;
}
}
}
return $retval;
}
$cal_templates->set_var('cal_day_style', 'cal-futureday');
}
}
if (strlen($curday->daynumber) == 1) {
$curday->daynumber = '0' . $curday->daynumber;
}
$cal_templates->set_var('cal_day_anchortags', COM_createLink($curday->daynumber, $_CONF['site_url'] . '/calendarjp/index.php?view=day&' . addMode($mode) . 'day=' . $curday->daynumber . "&month={$month}&year={$year}", array('class' => 'cal-date')) . '<hr' . XHTML . '>');
if (strlen($month) == 1) {
$month = '0' . $month;
}
if ($mode == 'personal') {
$calsql_tbl = $_TABLES['personal_eventsjp'];
$calsql_filt = "AND (uid = {$_USER['uid']})";
} else {
$calsql_tbl = $_TABLES['eventsjp'];
$calsql_filt = COM_getPermSql('AND');
}
$calsql = "SELECT eid,title,datestart,dateend,timestart,timeend,allday,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$calsql_tbl} WHERE " . "((datestart >= '{$year}-{$month}-{$curday->daynumber} 00:00:00' " . "AND datestart <= '{$year}-{$month}-{$curday->daynumber} 23:59:59') " . "OR (dateend >= '{$year}-{$month}-{$curday->daynumber} 00:00:00' " . "AND dateend <= '{$year}-{$month}-{$curday->daynumber} 23:59:59') " . "OR ('{$year}-{$month}-{$curday->daynumber}' BETWEEN datestart AND dateend))" . $calsql_filt . " ORDER BY datestart,timestart";
$query2 = DB_query($calsql);
$q2_numrows = DB_numRows($query2);
if ($q2_numrows > 0) {
$entries = '';
for ($z = 1; $z <= $q2_numrows; $z++) {
$results = DB_fetchArray($query2);
if ($results['title']) {
$cal_templates->set_var('cal_day_entries', '');
$entries .= COM_createLink(stripslashes($results['title']), $_CONF['site_url'] . '/calendarjp/event.php?' . addMode($mode) . 'eid=' . $results['eid'], array('class' => 'cal-event')) . '<hr' . XHTML . '>';
}
}
for ($z = $z; $z <= 4; $z++) {
$entries .= '<br' . XHTML . '>';
