function list_all_tags() { global $_CONF; $autotags = PLG_collectTags('permission'); $plugins_tags = PLG_collectTags(); ksort($autotags); $autotags = array_keys($autotags); $description = array_flip(PLG_collectTags('description')); $display = '<TABLE WIDTH="90%"><TR><TD ALIGN="LEFT"><b>AutoTag</b></TD><TD ALIGN="LEFT"><b>Description</b></TD></TR>' . "\n"; foreach ($autotags as $tag) { if ($description[$tag] != '') { $descr = $description[$tag]; } else { // Permissions and Description not supported $descr = "Part of the " . $plugins_tags[$tag] . " plugin"; } $display .= "<TR><TD>{$tag}</TD><TD>{$descr}</TD></TR>\n"; } $display .= '</TABLE>'; return $display; }
function AT_collectTags() { global $_AM_CONF, $_AUTOTAGS; $A = array(); $P = PLG_collectTags(); foreach ($P as $tag => $module) { if (isset($_AUTOTAGS[$tag])) { if ($_AUTOTAGS[$tag]['is_function'] == 1) { $isfunction = true; $type = 'F'; } else { $isfunction = false; $type = 'U'; } } else { $type = $module == 'glfusion' ? 'C' : 'P'; $isfunction = true; $isenabled = true; } $A[] = array('tag' => $tag, 'module' => $module, 'type' => $type, 'description' => AT_description($tag, $module), 'is_function' => $isfunction, 'is_enabled' => true); } return $A; }
/** * This function will allow plugins to support the use of custom autolinks * in other site content. Plugins can now use this API when saving content * and have the content checked for any autolinks before saving. * The autolink would be like: [story:20040101093000103 here] * * @param string $content Content that should be parsed for autolinks * @param string $plugin Optional if you only want to parse using a specific plugin * @param string $remove Optional if you want to remove the autotag from the content * */ function PLG_replaceTags($content, $plugin = '', $remove = false) { global $_CONF, $_TABLES, $LANG32; if (isset($_CONF['disable_autolinks']) && $_CONF['disable_autolinks'] == 1) { // autolinks are disabled - return $content unchanged return $content; } if ($remove) { $autolinkModules = PLG_collectTags('nopermission'); if (!is_array($autolinkModules)) { // a permission check may not return any data so no point parsing content return $content; } } else { $autolinkModules = PLG_collectTags(); } for ($i = 1; $i <= 5; $i++) { // For each supported module, scan the content looking for any AutoLink tags $tags = array(); $contentlen = MBYTE_strlen($content); $content_lower = MBYTE_strtolower($content); foreach ($autolinkModules as $moduletag => $module) { $autotag_prefix = '[' . $moduletag . ':'; $offset = 0; $prev_offset = 0; while ($offset < $contentlen) { $start_pos = MBYTE_strpos($content_lower, $autotag_prefix, $offset); if ($start_pos === false) { break; } else { $end_pos = MBYTE_strpos($content_lower, ']', $start_pos); $next_tag = MBYTE_strpos($content_lower, '[', $start_pos + 1); if ($end_pos > $start_pos and ($next_tag === false or $end_pos < $next_tag)) { $taglength = $end_pos - $start_pos + 1; $tag = MBYTE_substr($content, $start_pos, $taglength); $parms = explode(' ', $tag); // Extra test to see if autotag was entered with a space // after the module name if (MBYTE_substr($parms[0], -1) == ':') { $startpos = MBYTE_strlen($parms[0]) + MBYTE_strlen($parms[1]) + 2; $label = str_replace(']', '', MBYTE_substr($tag, $startpos)); $tagid = $parms[1]; } else { $label = str_replace(']', '', MBYTE_substr($tag, MBYTE_strlen($parms[0]) + 1)); $parms = explode(':', $parms[0]); if (count($parms) > 2) { // whoops, there was a ':' in the tag id ... array_shift($parms); $tagid = implode(':', $parms); } else { $tagid = $parms[1]; } } $newtag = array('module' => $module, 'tag' => $moduletag, 'tagstr' => $tag, 'startpos' => $start_pos, 'length' => $taglength, 'parm1' => str_replace(']', '', $tagid), 'parm2' => $label); $tags[] = $newtag; } else { // Error: tags do not match - return with no changes return $content . $LANG32[32]; } $prev_offset = $offset; $offset = $end_pos; } } } // If we have found 1 or more AutoLink tag if (count($tags) > 0) { // Found the [tag] - Now process them all foreach ($tags as $autotag) { if ($remove) { $content = str_replace($autotag['tagstr'], '', $content); } else { $function = 'plugin_autotags_' . $autotag['module']; if (function_exists($function) and (empty($plugin) or $plugin == $autotag['module'])) { $content = $function('parse', $content, $autotag); } } } } else { break; } } return $content; }
/** * Returns what HTML is allowed in content * * Returns what HTML tags the system allows to be used inside content. * You can modify this by changing $_CONF['user_html'] in the configuration * (for admins, see also $_CONF['admin_html']). * * @param string $permissions comma-separated list of rights which identify the current user as an "Admin" * @param boolean $list_only true = return only the list of HTML tags * @param boolean $filter_html_flag 0 = returns allowed all html tags, 1 = returns allowed HTML tags only, 2 = returns No HTML Tags Allowed (this is used by plugins if they have a config that overrides Geeklogs filter html settings or do not have a post mode) * @return string HTML <div>/<span> enclosed string * @see function COM_checkHTML * @todo Bugs: The list always includes the [code], [raw], and [page_break] * tags when story.* permissions are required, even when those tags * are not actually available (e.g. in comments on stories). * */ function COM_allowedHTML($permissions = 'story.edit', $list_only = false, $filter_html_flag = 1) { global $_CONF, $_PLUGINS, $LANG01; $retval = ''; $has_skiphtmlfilterPermissions = SEC_hasRights('htmlfilter.skip'); if ($has_skiphtmlfilterPermissions || isset($_CONF['skip_html_filter_for_root']) && $_CONF['skip_html_filter_for_root'] == 1 && SEC_inGroup('Root') || $filter_html_flag == 0) { if (!$list_only) { $retval .= '<span class="warningsmall">' . $LANG01[123] . ',</span> '; } $retval .= '<div dir="ltr" class="warningsmall">'; } elseif ($filter_html_flag == 2) { if (!$list_only) { $retval .= '<span class="warningsmall">' . $LANG01[131] . ',</span> '; } $retval .= '<div dir="ltr" class="warningsmall">'; } else { if (!$list_only) { $retval .= '<span class="warningsmall">' . $LANG01[31] . '</span> '; } if (empty($permissions) || !SEC_hasRights($permissions) || empty($_CONF['admin_html'])) { $html = $_CONF['user_html']; } else { $html = array_merge_recursive($_CONF['user_html'], $_CONF['admin_html']); } $retval .= '<div dir="ltr" class="warningsmall">'; foreach ($html as $tag => $attr) { $retval .= '<' . $tag . '>, '; } } $with_story_perms = false; $perms = explode(',', $permissions); foreach ($perms as $p) { if (substr($p, 0, 6) == 'story.') { $with_story_perms = true; break; } } if ($with_story_perms) { $retval .= '[code], [raw], '; if ($_CONF['allow_page_breaks'] == 1) { $retval .= '[page_break], '; } } // List autotags user has permission to use (with descriptions) $autotags = array_keys(PLG_collectTags('permission')); $description = array_flip(PLG_collectTags('description')); $done_once = false; $comma = ''; foreach ($autotags as $tag) { if ($done_once) { $comma = ', '; } if (!empty($description[$tag])) { $retval .= $comma . COM_getTooltip('[' . $tag . ':]', $description[$tag], '', $LANG01[132], 'information'); } else { $retval .= $comma . '[' . $tag . ':]'; } $done_once = true; } $retval .= '</div>'; return $retval; return $retval; }
/** * This function will allow plugins to support the use of custom autolinks * in other site content. Plugins can now use this API when saving content * and have the content checked for any autolinks before saving. * The autolink would be like: [story:20040101093000103 here] * * @param string $content Content that should be parsed for autolinks * @param string $namespace Optional Namespace or plugin name collecting tag info * @param string $operation Optional Operation being performed * @param string $plugin Optional if you only want to parse using a specific plugin * */ function PLG_replaceTags($content, $namespace = '', $operation = '', $plugin = '') { global $_CONF, $_TABLES, $_BLOCK_TEMPLATE, $LANG32, $_AUTOTAGS, $mbMenu, $autoTagUsage; if (isset($_CONF['disable_autolinks']) && $_CONF['disable_autolinks'] == 1) { // autolinks are disabled - return $content unchanged return $content; } static $recursionCount = 0; if ($recursionCount > 5) { COM_errorLog("AutoTag infinite recursion detected on " . $namespace . " " . $operation); return $content; } $autolinkModules = PLG_collectTags(); $autoTagUsage = PLG_autoTagPerms(); if (!empty($namespace) && !empty($operation)) { $postFix = '.' . $namespace . '.' . $operation; } else { $postFix = ''; } // For each supported module, scan the content looking for any AutoLink tags $tags = array(); $contentlen = utf8_strlen($content); $content_lower = utf8_strtolower($content); foreach ($autolinkModules as $moduletag => $module) { $autotag_prefix = '[' . $moduletag . ':'; $offset = 0; $prev_offset = 0; while ($offset < $contentlen) { $start_pos = utf8_strpos($content_lower, $autotag_prefix, $offset); if ($start_pos === false) { break; } else { $end_pos = utf8_strpos($content_lower, ']', $start_pos); $next_tag = utf8_strpos($content_lower, '[', $start_pos + 1); if ($end_pos > $start_pos and ($next_tag === false or $end_pos < $next_tag)) { $taglength = $end_pos - $start_pos + 1; $tag = utf8_substr($content, $start_pos, $taglength); $parms = explode(' ', $tag); // Extra test to see if autotag was entered with a space // after the module name if (utf8_substr($parms[0], -1) == ':') { $startpos = utf8_strlen($parms[0]) + utf8_strlen($parms[1]) + 2; $label = str_replace(']', '', utf8_substr($tag, $startpos)); $tagid = $parms[1]; } else { $label = str_replace(']', '', utf8_substr($tag, utf8_strlen($parms[0]) + 1)); $parms = explode(':', $parms[0]); if (count($parms) > 2) { // whoops, there was a ':' in the tag id ... array_shift($parms); $tagid = implode(':', $parms); } else { $tagid = $parms[1]; } } $newtag = array('module' => $module, 'tag' => $moduletag, 'tagstr' => $tag, 'startpos' => $start_pos, 'length' => $taglength, 'parm1' => str_replace(']', '', $tagid), 'parm2' => $label); $tags[] = $newtag; } else { // Error: tags do not match - return with no changes return $content . $LANG32[32]; } $prev_offset = $offset; $offset = $end_pos; } } } // If we have found 1 or more AutoLink tag if (count($tags) > 0) { // Found the [tag] - Now process them all $recursionCount++; foreach ($tags as $autotag) { $permCheck = $autotag['tag'] . $postFix; if (empty($postFix) || !isset($autoTagUsage[$permCheck]) || $autoTagUsage[$permCheck] == 1) { $function = 'plugin_autotags_' . $autotag['module']; if ($autotag['module'] == 'glfusion' and (empty($plugin) or $plugin == 'glfusion')) { $url = ''; $linktext = $autotag['parm2']; if ($autotag['tag'] == 'story') { $autotag['parm1'] = COM_applyFilter($autotag['parm1']); $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $autotag['parm1']); if (empty($linktext)) { $linktext = DB_getItem($_TABLES['stories'], 'title', "sid = '" . DB_escapeString($autotag['parm1']) . "'"); } } if (!empty($url)) { $filelink = COM_createLink($linktext, $url); $content = str_replace($autotag['tagstr'], $filelink, $content); } if ($autotag['tag'] == 'story_introtext') { $url = ''; $linktext = ''; USES_lib_story(); if (isset($_USER['uid']) && $_USER['uid'] > 1) { $result = DB_query("SELECT maxstories,tids,aids FROM {$_TABLES['userindex']} WHERE uid = {$_USER['uid']}"); $U = DB_fetchArray($result); } else { $U['maxstories'] = 0; $U['aids'] = ''; $U['tids'] = ''; } $sql = " (date <= NOW()) AND (draft_flag = 0)"; if (empty($topic)) { $sql .= COM_getLangSQL('tid', 'AND', 's'); } $sql .= COM_getPermSQL('AND', 0, 2, 's'); if (!empty($U['aids'])) { $sql .= " AND s.uid NOT IN (" . str_replace(' ', ",", $U['aids']) . ") "; } if (!empty($U['tids'])) { $sql .= " AND s.tid NOT IN ('" . str_replace(' ', "','", $U['tids']) . "') "; } $sql .= COM_getTopicSQL('AND', 0, 's') . ' '; $userfields = 'u.uid, u.username, u.fullname'; $msql = "SELECT STRAIGHT_JOIN s.*, UNIX_TIMESTAMP(s.date) AS unixdate, " . 'UNIX_TIMESTAMP(s.expire) as expireunix, ' . $userfields . ", t.topic, t.imageurl " . "FROM {$_TABLES['stories']} AS s, {$_TABLES['users']} AS u, " . "{$_TABLES['topics']} AS t WHERE s.sid = '" . $autotag['parm1'] . "' AND (s.uid = u.uid) AND (s.tid = t.tid) AND" . $sql; $result = DB_query($msql); $nrows = DB_numRows($result); if ($A = DB_fetchArray($result)) { $story = new Story(); $story->loadFromArray($A); $linktext = STORY_renderArticle($story, 'y'); } $content = str_replace($autotag['tagstr'], $linktext, $content); } if ($autotag['tag'] == 'showblock') { $blockName = COM_applyBasicFilter($autotag['parm1']); $result = DB_query("SELECT * FROM {$_TABLES['blocks']} WHERE name = '" . DB_escapeString($blockName) . "'" . COM_getPermSQL('AND')); if (DB_numRows($result) > 0) { $skip = 0; $B = DB_fetchArray($result); $template = ''; $side = ''; $px = explode(' ', trim($autotag['parm2'])); if (is_array($px)) { foreach ($px as $part) { if (substr($part, 0, 9) == 'template:') { $a = explode(':', $part); $template = $a[1]; $skip++; } elseif (substr($part, 0, 5) == 'side:') { $a = explode(':', $part); $side = $a[1]; $skip++; break; } } if ($skip != 0) { if (count($px) > $skip) { for ($i = 0; $i < $skip; $i++) { array_shift($px); } $caption = trim(implode(' ', $px)); } else { $caption = ''; } } } if ($template != '') { $_BLOCK_TEMPLATE[$blockName] = 'blockheader-' . $template . '.thtml,blockfooter-' . $template . '.thtml'; } if ($side == 'left') { $B['onleft'] = 1; } else { if ($side == 'right') { $B['onleft'] = 0; } } $linktext = COM_formatBlock($B); $content = str_replace($autotag['tagstr'], $linktext, $content); } else { $content = str_replace($autotag['tagstr'], '', $content); } } if ($autotag['tag'] == 'menu') { $menu = ''; $menuID = trim($autotag['parm1']); $menuHTML = displayMenu($menuID); $content = str_replace($autotag['tagstr'], $menuHTML, $content); } if (isset($_AUTOTAGS[$autotag['tag']])) { $content = autotags_autotag('parse', $content, $autotag); } } else { if (function_exists($function) and (empty($plugin) or $plugin == $autotag['module'])) { $content = $function('parse', $content, $autotag); } } } } $recursionCount--; } return $content; }
/** * This function will allow plugins to support the use of custom autolinks * in other site content. Plugins can now use this API when saving content * and have the content checked for any autolinks before saving. * The autolink would be like: [story:20040101093000103 here] * * @param string $content Content that should be parsed for autolinks * @param string $plugin Optional if you only want to parse using a specific plugin * */ function PLG_replaceTags($content, $plugin = '') { global $_CONF, $_TABLES, $LANG32; if (isset($_CONF['disable_autolinks']) && $_CONF['disable_autolinks'] == 1) { // autolinks are disabled - return $content unchanged return $content; } $autolinkModules = PLG_collectTags(); // For each supported module, scan the content looking for any AutoLink tags $tags = array(); $contentlen = MBYTE_strlen($content); $content_lower = MBYTE_strtolower($content); foreach ($autolinkModules as $moduletag => $module) { $autotag_prefix = '[' . $moduletag . ':'; $offset = 0; $prev_offset = 0; while ($offset < $contentlen) { $start_pos = MBYTE_strpos($content_lower, $autotag_prefix, $offset); if ($start_pos === false) { break; } else { $end_pos = MBYTE_strpos($content_lower, ']', $start_pos); $next_tag = MBYTE_strpos($content_lower, '[', $start_pos + 1); if ($end_pos > $start_pos and ($next_tag === false or $end_pos < $next_tag)) { $taglength = $end_pos - $start_pos + 1; $tag = MBYTE_substr($content, $start_pos, $taglength); $parms = explode(' ', $tag); // Extra test to see if autotag was entered with a space // after the module name if (MBYTE_substr($parms[0], -1) == ':') { $startpos = MBYTE_strlen($parms[0]) + MBYTE_strlen($parms[1]) + 2; $label = str_replace(']', '', MBYTE_substr($tag, $startpos)); $tagid = $parms[1]; } else { $label = str_replace(']', '', MBYTE_substr($tag, MBYTE_strlen($parms[0]) + 1)); $parms = explode(':', $parms[0]); if (count($parms) > 2) { // whoops, there was a ':' in the tag id ... array_shift($parms); $tagid = implode(':', $parms); } else { $tagid = $parms[1]; } } $newtag = array('module' => $module, 'tag' => $moduletag, 'tagstr' => $tag, 'startpos' => $start_pos, 'length' => $taglength, 'parm1' => str_replace(']', '', $tagid), 'parm2' => $label); $tags[] = $newtag; } else { // Error: tags do not match - return with no changes return $content . $LANG32[32]; } $prev_offset = $offset; $offset = $end_pos; } } } // If we have found 1 or more AutoLink tag if (count($tags) > 0) { // Found the [tag] - Now process them all foreach ($tags as $autotag) { $function = 'plugin_autotags_' . $autotag['module']; if ($autotag['module'] == 'geeklog' and (empty($plugin) or $plugin == 'geeklog')) { $url = ''; $linktext = $autotag['parm2']; if ($autotag['tag'] == 'story') { $autotag['parm1'] = COM_applyFilter($autotag['parm1']); if (!empty($autotag['parm1'])) { $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $autotag['parm1']); if (empty($linktext)) { $linktext = stripslashes(DB_getItem($_TABLES['stories'], 'title', "sid = '{$autotag['parm1']}'")); } } } if (!empty($url)) { $filelink = COM_createLink($linktext, $url); $content = str_replace($autotag['tagstr'], $filelink, $content); } } elseif (function_exists($function) and (empty($plugin) or $plugin == $autotag['module'])) { $content = $function('parse', $content, $autotag); } } } return $content; }
/** * Returns what HTML is allowed in content * * Returns what HTML tags the system allows to be used inside content. * You can modify this by changing $_CONF['user_html'] in the configuration * (for admins, see also $_CONF['admin_html']). * * @param string $permissions comma-separated list of rights which identify the current user as an "Admin" * @param boolean $list_only true = return only the list of HTML tags * @return string HTML <div>/<span> enclosed string * @see function COM_checkHTML * @todo Bugs: The list always includes the [code], [raw], and [page_break] * tags when story.* permissions are required, even when those tags * are not actually available (e.g. in comments on stories). * */ function COM_allowedHTML($permissions = 'story.edit', $list_only = false) { global $_CONF, $LANG01; $retval = ''; if (isset($_CONF['skip_html_filter_for_root']) && $_CONF['skip_html_filter_for_root'] == 1 && SEC_inGroup('Root')) { if (!$list_only) { $retval .= '<span class="warningsmall">' . $LANG01[123] . ',</span> '; } $retval .= '<div dir="ltr" class="warningsmall">'; } else { if (!$list_only) { $retval .= '<span class="warningsmall">' . $LANG01[31] . '</span> '; } if (empty($permissions) || !SEC_hasRights($permissions) || empty($_CONF['admin_html'])) { $html = $_CONF['user_html']; } else { $html = array_merge_recursive($_CONF['user_html'], $_CONF['admin_html']); } $retval .= '<div dir="ltr" class="warningsmall">'; foreach ($html as $tag => $attr) { $retval .= '<' . $tag . '>, '; } } $with_story_perms = false; $perms = explode(',', $permissions); foreach ($perms as $p) { if (substr($p, 0, 6) == 'story.') { $with_story_perms = true; break; } } if ($with_story_perms) { $retval .= '[code], [raw], '; if ($_CONF['allow_page_breaks'] == 1) { $retval .= '[page_break], '; } } // list autotags $autotags = array_keys(PLG_collectTags()); $retval .= '[' . implode(':], [', $autotags) . ':]'; $retval .= '</div>'; return $retval; }
/** * Returns what autotag is allowed in content * * Returns what autotags the system allows to be used inside content. * * @param boolean $list_only true = return only the list of HTML tags * @param array $allowed_tags Array of allowed special tags ('code', 'raw', 'page_break' ...) * @return string HTML <div>/<span> enclosed string * @see function COM_checkHTML * */ function COM_allowedAutotags($list_only = false, $allowed_tags = '') { global $LANG01; $retval = ''; if (!$list_only) { $retval .= '<span class="warningsmall">' . $LANG01[140] . '</span>'; } $list = ''; if (is_array($allowed_tags)) { foreach ($allowed_tags as $tag) { $list .= '[' . $tag . '] , '; } } // List autotags user has permission to use (with descriptions) $autotags = array_keys(PLG_collectTags('permission')); $description = array_flip(PLG_collectTags('description')); foreach ($autotags as $tag) { if (!empty($description[$tag])) { $desc = str_replace(array('[', ']'), array('[', ']'), $description[$tag]); $list .= COM_getTooltip('[' . $tag . ':]', $desc, '', $LANG01[132], 'information') . ', '; } else { $list .= '[' . $tag . ':] , '; } } $list = rtrim($list, ', '); if (!empty($list)) { $retval .= '<div class="warningsmall">' . $list . '</div>'; } $retval = '<div dir="ltr" class="allowed_autotags">' . $retval . '</div>'; return $retval; }
/** * Displays the static page editor form * * @param array $A Data to display * @return string HTML for the static page editor * */ function staticpageeditor_form($A, $error = false) { global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $mode, $sp_id, $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG24, $LANG_postmodes, $MESSAGE; $template_path = staticpages_templatePath('admin'); if (!empty($sp_id) && $mode == 'edit') { $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); } else { if ($mode != 'clone') { $A['sp_inblock'] = $_SP_CONF['in_block']; } $A['owner_id'] = $_USER['uid']; if (isset($_GROUPS['Static Page Admin'])) { $A['group_id'] = $_GROUPS['Static Page Admin']; } else { $A['group_id'] = SEC_getFeatureGroup('staticpages.edit'); } SEC_setDefaultPermissions($A, $_SP_CONF['default_permissions']); $access = 3; if (isset($_CONF['advanced_editor']) && $_CONF['advanced_editor'] == 1 && file_exists($template_path . '/editor_advanced.thtml')) { $A['advanced_editor_mode'] = 1; } } $retval = ''; $sp_template = new Template($template_path); if (isset($_CONF['advanced_editor']) && $_CONF['advanced_editor'] == 1 && file_exists($template_path . '/editor_advanced.thtml')) { $sp_template->set_file('form', 'editor_advanced.thtml'); $sp_template->set_var('lang_expandhelp', $LANG24[67]); $sp_template->set_var('lang_reducehelp', $LANG24[68]); $sp_template->set_var('lang_toolbar', $LANG24[70]); $sp_template->set_var('toolbar1', $LANG24[71]); $sp_template->set_var('toolbar2', $LANG24[72]); $sp_template->set_var('toolbar3', $LANG24[73]); $sp_template->set_var('toolbar4', $LANG24[74]); $sp_template->set_var('toolbar5', $LANG24[75]); $sp_template->set_var('lang_nojavascript', $LANG24[77]); $sp_template->set_var('lang_postmode', $LANG24[4]); if (isset($A['postmode']) && $A['postmode'] == 'adveditor') { $sp_template->set_var('show_adveditor', ''); $sp_template->set_var('show_htmleditor', 'none'); } else { $sp_template->set_var('show_adveditor', 'none'); $sp_template->set_var('show_htmleditor', ''); } $post_options = '<option value="html" selected="selected">' . $LANG_postmodes['html'] . '</option>'; if (isset($A['postmode']) && $A['postmode'] == 'adveditor') { $post_options .= '<option value="adveditor" selected="selected">' . $LANG24[86] . '</option>'; } else { $post_options .= '<option value="adveditor">' . $LANG24[86] . '</option>'; } $sp_template->set_var('post_options', $post_options); $sp_template->set_var('change_editormode', 'onchange="change_editmode(this);"'); } else { $sp_template->set_file('form', 'editor.thtml'); } $sp_template->set_var('layout_url', $_CONF['layout_url']); $sp_template->set_var('lang_mode', $LANG24[3]); $sp_template->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $A['commentcode'])); $sp_template->set_var('lang_accessrights', $LANG_ACCESS['accessrights']); $sp_template->set_var('lang_owner', $LANG_ACCESS['owner']); $ownername = COM_getDisplayName($A['owner_id']); $sp_template->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}")); $sp_template->set_var('owner_name', $ownername); $sp_template->set_var('owner', $ownername); $sp_template->set_var('owner_id', $A['owner_id']); $sp_template->set_var('lang_group', $LANG_ACCESS['group']); $sp_template->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access)); $sp_template->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon'])); $sp_template->set_var('lang_permissions', $LANG_ACCESS['permissions']); $sp_template->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']); $sp_template->set_var('permissions_msg', $LANG_ACCESS['permmsg']); $sp_template->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']); $sp_template->set_var('site_url', $_CONF['site_url']); $sp_template->set_var('site_admin_url', $_CONF['site_admin_url']); $token = SEC_createToken(); $start_block = COM_startBlock($LANG_STATIC['staticpageeditor'], '', COM_getBlockTemplate('_admin_block', 'header')); $start_block .= SEC_getTokenExpiryNotice($token); $sp_template->set_var('start_block_editor', $start_block); $sp_template->set_var('lang_save', $LANG_ADMIN['save']); $sp_template->set_var('lang_cancel', $LANG_ADMIN['cancel']); $sp_template->set_var('lang_preview', $LANG_ADMIN['preview']); if (SEC_hasRights('staticpages.delete') && $mode != 'clone' && !empty($A['sp_old_id'])) { $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>'; $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; $sp_template->set_var('delete_option', sprintf($delbutton, $jsconfirm)); $sp_template->set_var('delete_option_no_confirmation', sprintf($delbutton, '')); } else { $sp_template->set_var('delete_option', ''); } $sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']); $sp_template->set_var('username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['sp_uid']}")); $authorname = COM_getDisplayName($A['sp_uid']); $sp_template->set_var('name', $authorname); $sp_template->set_var('author', $authorname); $sp_template->set_var('lang_url', $LANG_STATIC['url']); $sp_template->set_var('lang_id', $LANG_STATIC['id']); $sp_template->set_var('sp_uid', $A['sp_uid']); $sp_template->set_var('sp_id', $A['sp_id']); $sp_template->set_var('sp_old_id', $A['sp_old_id']); $sp_template->set_var('example_url', COM_buildURL($_CONF['site_url'] . '/staticpages/index.php?page=' . $A['sp_id'])); $sp_template->set_var('lang_centerblock', $LANG_STATIC['centerblock']); $sp_template->set_var('lang_centerblock_help', $LANG_ADMIN['help_url']); $sp_template->set_var('lang_centerblock_include', $LANG21[51]); $sp_template->set_var('lang_centerblock_desc', $LANG21[52]); $sp_template->set_var('centerblock_help', $A['sp_help']); $sp_template->set_var('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']); if (isset($A['sp_centerblock']) && $A['sp_centerblock'] == 1) { $sp_template->set_var('centerblock_checked', 'checked="checked"'); } else { $sp_template->set_var('centerblock_checked', ''); } $sp_template->set_var('lang_topic', $LANG_STATIC['topic']); $sp_template->set_var('lang_position', $LANG_STATIC['position']); $current_topic = ''; if (isset($A['sp_tid'])) { $current_topic = $A['sp_tid']; } if (empty($current_topic)) { $current_topic = 'none'; } $topics = COM_topicList('tid,topic', $current_topic, 1, true); $alltopics = '<option value="all"'; if ($current_topic == 'all') { $alltopics .= ' selected="selected"'; } $alltopics .= '>' . $LANG_STATIC['all_topics'] . '</option>' . LB; $notopic = '<option value="none"'; if ($current_topic == 'none') { $notopic .= ' selected="selected"'; } $notopic .= '>' . $LANG_STATIC['no_topic'] . '</option>' . LB; $sp_template->set_var('topic_selection', '<select name="sp_tid">' . $alltopics . $notopic . $topics . '</select>'); $position = '<select name="sp_where">'; $position .= '<option value="1"'; if ($A['sp_where'] == 1) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_top'] . '</option>'; $position .= '<option value="2"'; if ($A['sp_where'] == 2) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_feat'] . '</option>'; $position .= '<option value="3"'; if ($A['sp_where'] == 3) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_bottom'] . '</option>'; $position .= '<option value="0"'; if ($A['sp_where'] == 0) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_entire'] . '</option>'; $position .= '</select>'; $sp_template->set_var('pos_selection', $position); if ($_SP_CONF['allow_php'] == 1 && SEC_hasRights('staticpages.PHP')) { if (!isset($A['sp_php'])) { $A['sp_php'] = 0; } $selection = '<select name="sp_php">' . LB; $selection .= '<option value="0"'; if ($A['sp_php'] <= 0 || $A['sp_php'] > 2) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB; $selection .= '<option value="1"'; if ($A['sp_php'] == 1) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB; $selection .= '<option value="2"'; if ($A['sp_php'] == 2) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB; $selection .= '</select>'; $sp_template->set_var('php_selector', $selection); $sp_template->set_var('php_warn', $LANG_STATIC['php_warn']); } else { $sp_template->set_var('php_selector', ''); $sp_template->set_var('php_warn', $LANG_STATIC['php_not_activated']); } $sp_template->set_var('php_msg', $LANG_STATIC['php_msg']); // old variables (for the 1.3-type checkbox) $sp_template->set_var('php_checked', ''); $sp_template->set_var('php_type', 'hidden'); if (isset($A['sp_nf']) && $A['sp_nf'] == 1) { $sp_template->set_var('exit_checked', 'checked="checked"'); } else { $sp_template->set_var('exit_checked', ''); } $sp_template->set_var('exit_msg', $LANG_STATIC['exit_msg']); $sp_template->set_var('exit_info', $LANG_STATIC['exit_info']); if ($A['sp_inblock'] == 1) { $sp_template->set_var('inblock_checked', 'checked="checked"'); } else { $sp_template->set_var('inblock_checked', ''); } $sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']); $sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']); $curtime = COM_getUserDateTimeFormat($A['unixdate']); $sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']); $sp_template->set_var('sp_formateddate', $curtime[0]); $sp_template->set_var('sp_date', $curtime[1]); $sp_template->set_var('lang_title', $LANG_STATIC['title']); $title = ''; if (isset($A['sp_title'])) { $title = htmlspecialchars(stripslashes($A['sp_title'])); } $sp_template->set_var('sp_title', $title); $sp_template->set_var('lang_metadescription', $LANG_ADMIN['meta_description']); $sp_template->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']); if (!empty($A['meta_description'])) { $sp_template->set_var('meta_description', $A['meta_description']); } if (!empty($A['meta_keywords'])) { $sp_template->set_var('meta_keywords', $A['meta_keywords']); } $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']); if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) { $sp_template->set_var('onmenu_checked', 'checked="checked"'); } else { $sp_template->set_var('onmenu_checked', ''); } $sp_template->set_var('lang_label', $LANG_STATIC['label']); if (isset($A['sp_label'])) { $sp_template->set_var('sp_label', $A['sp_label']); } else { $sp_template->set_var('sp_label', ''); } $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']); $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']); $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']); $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']); $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']); if (!isset($A['sp_format'])) { $A['sp_format'] = ''; } if ($A['sp_format'] == 'noblocks') { $sp_template->set_var('noblock_selected', 'selected="selected"'); } else { $sp_template->set_var('noblock_selected', ''); } if ($A['sp_format'] == 'leftblocks') { $sp_template->set_var('leftblocks_selected', 'selected="selected"'); } else { $sp_template->set_var('leftblocks_selected', ''); } if ($A['sp_format'] == 'blankpage') { $sp_template->set_var('blankpage_selected', 'selected="selected"'); } else { $sp_template->set_var('blankpage_selected', ''); } if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) { $sp_template->set_var('allblocks_selected', 'selected="selected"'); } else { $sp_template->set_var('allblocks_selected', ''); } $sp_template->set_var('lang_content', $LANG_STATIC['content']); $content = ''; if (isset($A['sp_content'])) { $content = htmlspecialchars(stripslashes($A['sp_content'])); $content = str_replace(array('{', '}'), array('{', '}'), $content); } $sp_template->set_var('sp_content', $content); if ($_SP_CONF['filter_html'] == 1) { $allowed = COM_allowedHTML('staticpages.edit'); $sp_template->set_var('lang_allowedhtml', $allowed); $sp_template->set_var('lang_allowed_html', $allowed); } else { $sp_template->set_var('lang_allowedhtml', $LANG_STATIC['all_html_allowed']); $allowed = '<span class="warningsmall">' . $LANG_STATIC['all_html_allowed'] . ',</span>' . LB . '<div dir="ltr" class="warningsmall">'; $autotags = array_keys(PLG_collectTags()); $allowed .= '[' . implode(':], [', $autotags) . ':]'; $allowed .= '</div>'; $sp_template->set_var('lang_allowed_html', $allowed); } $sp_template->set_var('lang_hits', $LANG_STATIC['hits']); if (empty($A['sp_hits'])) { $sp_template->set_var('sp_hits', '0'); $sp_template->set_var('sp_hits_formatted', '0'); } else { $sp_template->set_var('sp_hits', $A['sp_hits']); $sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits'])); } $sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'))); $sp_template->set_var('xhtml', XHTML); $sp_template->set_var('gltoken_name', CSRF_TOKEN); $sp_template->set_var('gltoken', $token); $sp_template->parse('output', 'form'); $retval .= $sp_template->finish($sp_template->get_var('output')); return $retval; }
/** * Save a autotag permissions to the database * * @param string $autotag_id ID of autotag permission to save * @param array $perms Permissions / usage array * @return string HTML refresh or error message * */ function ATP_save($autotag_id, $perms) { global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $VERBOSE; $tagUsage = PLG_collectAutotagUsage(); $autoTags = PLG_collectTags(); foreach ($autoTags as $autotag_name => $namespace) { if ($autotag_name != $autotag_id) { continue; } foreach ($tagUsage as $usage) { $allowed = 0; $needle = $autotag_name . '.' . $usage['namespace'] . '.' . $usage['usage']; $pointer = array_search($needle, $perms); if ($pointer !== FALSE) { $allowed = 1; } $final[$needle] = array('usage_id' => $needle, 'autotag_name' => $autotag_name, 'autotag_namespace' => $namespace, 'usage_namespace' => $usage['namespace'], 'usage_operation' => $usage['usage'], 'usage_allowed' => $allowed); } } // remove all the old entries for this autotag $sql = "DELETE FROM {$_TABLES['autotag_usage']} WHERE autotag_id='" . DB_escapeString($autotag_id) . "'"; DB_query($sql); // check to see if we exist in the main table $sql = "SELECT * FROM {$_TABLES['autotag_perm']} WHERE autotag_id='" . DB_escapeString($autotag_id) . "'"; $result = DB_query($sql); if (DB_numRows($result) < 1) { $sql = "INSERT INTO {$_TABLES['autotag_perm']} (autotag_id,autotag_namespace,autotag_name) VALUES "; $sql .= "('" . DB_escapeString($autotag_id) . "','" . DB_escapeString($autoTags[$autotag_id]) . "','" . DB_escapeString($autotag_id) . "')"; DB_query($sql); } foreach ($final as $key) { $sql = "INSERT INTO {$_TABLES['autotag_usage']} (autotag_id,autotag_allowed,usage_namespace,usage_operation) VALUES ('" . DB_escapeString($key['autotag_name']) . "'," . (int) $key['usage_allowed'] . ",'" . DB_escapeString($key['usage_namespace']) . "','" . DB_escapeString($key['usage_operation']) . "')"; DB_query($sql); } CTL_clearCache(); $url = $_CONF['site_admin_url'] . '/autotag.php?msg=36'; echo COM_refresh($url); exit; }
function autotags_existing_tags() { global $_AUTOTAGS, $_AUTO_CONF; $A = PLG_collectTags(); $A = array_keys($A); $A = array_diff($A, array_keys($_AUTOTAGS)); return array_merge($A, $_AUTO_CONF['disallow']); }
function COM_allowedAutotags($permissions = 'story.edit', $list_only = false, $namespace = 'glfusion', $operation = '') { global $_CONF, $LANG01; $retval = ''; $allow_page_break = false; if ($_CONF['allow_page_breaks'] && $operation == 'story') { $allow_page_break = true; } if (!$list_only) { $retval .= '<span class="warningsmall"><strong>' . $LANG01[31] . '</strong> '; } if ($allow_page_break) { $retval .= '[page_break], '; } $retval .= '[code]'; // list autolink tags $autotags = PLG_collectTags($namespace, $operation); foreach ($autotags as $tag => $module) { $retval .= ', [' . $tag . ':]'; } $retval .= '</span>'; return $retval; }