// | of the License, or (at your option) any later version. | // | | // | This program is distributed in the hope that it will be useful, | // | but WITHOUT ANY WARRANTY; without even the implied warranty of | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | // | GNU General Public License for more details. | // | | // | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to the Free Software Foundation, | // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | // | | // +--------------------------------------------------------------------------+ require_once '../lib-common.php'; require_once 'auth.inc.php'; $display = ''; if (!SEC_hasrights('autotag.admin')) { $display .= COM_siteHeader('menu', $MESSAGE[30]); $display .= COM_showMessageText($MESSAGE[38], $MESSAGE[30], true); $display .= COM_siteFooter(); COM_accessLog("User {$_USER['username']} attempted to access the autotag administration screen."); echo $display; exit; } USES_lib_install(); /** * Main driver to handle the uploaded autotag * * Determines if a new style (supports automated installer) or * an old style. * * @return string Formatted HTML containing the page body
private function _renderMenuItems($pid = 0) { global $_CONF, $_TABLES, $_USER, $_BLOCK_TEMPLATE; foreach ($this->_menuitems as $menuitem) { if ($this->_multiLangMode) { $label = $this->getMenuLabel($menuitem['id']); } else { $label = $menuitem['label']; } $target = $menuitem['type'] == 2 ? 'target=newWindow;' . $this->_targetFeatures : ''; $menuitemImage = trim($menuitem['image']); if ($menuitemImage != '') { // Check and see if the full url is entered if (strpos($menuitemImage, 'http') === false) { $menuitemImage = $_CONF['site_url'] . '/nexmenu/menuimages/' . $menuitemImage; } } if ($i == $this->_menuitemCount) { $lastitem = true; } else { $lastitem = false; } // Check and see if this item is a submenu if ($menuitem['type'] == 3) { // Type Submenu $url = str_replace('[siteurl]', $_CONF['site_url'], $menuitem['url']); $url = str_replace('[siteadminurl]', $_CONF['site_admin_url'], $url); if ($this->_type == 'header') { $menuitemimagecss = 'headermenuitemimage'; } else { $menuitemimagecss = 'blocksubmenuitemimage'; } $t = new Template($_CONF['path_layout'] . 'nexmenu/procssmenu'); if ($pid == 0) { if ($this->_type == 'header') { $t->set_file('menu', 'headersubmenu.thtml'); } else { $t->set_file('menu', 'submenu.thtml'); } $t->set_var('menuitem_url', $url); if ($menuitemImage != '') { $image = '<img src="' . $menuitemImage . '" border="0"> '; $label = "{$image}<span id=\"{$menuitemimagecss}\">{$label}</span>"; $t->set_var('menuitem_label', $label); } else { $t->set_var('menuitem_label', $label); } if ($pid == 0) { $t->set_var('imgclass', 'drop'); } else { $t->set_var('imgclass', 'fly'); } if ($i == $this->_menuitemCount) { $t->set_var('lastitemclass', 'class="enclose"'); } } else { $t->set_file('menu', 'flysubmenu.thtml'); $t->set_var('menuitem_url', $url); $t->set_var('menuitem_label', $label); } parent::initMenuItems($menuitem['id']); $t->set_var('submenu_items', $this->_renderMenuItems($menuitem['id'])); $t->parse('output', 'menu'); $retval .= $t->finish($t->get_var('output')); } elseif ($menuitem['type'] == 4) { // Core Menu switch ($menuitem['url']) { case "adminmenu": if ($_USER['uid'] > 1) { $_BLOCK_TEMPLATE['admin_block'] = 'nexmenu/procssmenu/blank.thtml,nexmenu/procssmenu/blank.thtml'; $_BLOCK_TEMPLATE['adminoption'] = 'nexmenu/procssmenu/menuitem.thtml,nexmenu/procssmenu/menuitem_on.thtml'; $plugin_options .= PLG_getAdminOptions(); $nrows = count($plugin_options); if (SEC_isModerator() or $nrows > 0 or SEC_hasrights('story.edit,block.edit,topic.edit,link.edit,event.edit,poll.edit,user.edit,plugin.edit,user.mail', 'OR')) { $retval .= COM_adminMenu(); } } break; case "usermenu": if ($_USER['uid'] > 1) { $_BLOCK_TEMPLATE['user_block'] = 'nexmenu/procssmenu/blank.thtml,nexmenu/procssmenu/blank.thtml'; $_BLOCK_TEMPLATE['useroption'] = 'nexmenu/procssmenu/menuitem.thtml,nexmenu/procssmenu/menuitem_on.thtml'; $retval .= COM_userMenu(); } break; case "topicmenu": $_BLOCK_TEMPLATE['topicoption'] = 'nexmenu/procssmenu/menuitem2.thtml,nexmenu/procssmenu/menuitem2_on.thtml'; $retval .= COM_showTopics('', " sortnum < '{$CONF_NEXMENU['restricted_topics']}'"); break; case "linksmenu": if ($this->_linksPlugin) { $retval .= nexmenu_showlinks($pid, $this->_type, 'site', $numcategories, 0, $lastitem); } break; case "spmenu": if ($this->_staticpagesPlugin) { if ($CONF_NEXMENU['sp_labelonly']) { $sql = "SELECT sp_id,sp_title,sp_label FROM {$_TABLES['staticpage']} WHERE sp_onmenu=1 "; $sql .= COM_getPermSql('AND'); $sql .= 'ORDER BY sp_title'; $spquery = DB_query($sql); } else { $sql = "SELECT sp_id,sp_title,sp_label FROM {$_TABLES['staticpage']} "; $sql .= COM_getPermSql('WHERE'); $sql .= 'ORDER BY sp_title'; $spquery = DB_query($sql); } while (list($id, $title, $sp_label) = DB_fetchArray($spquery)) { if (trim($sp_label) == '') { $label = $title; } else { $label = $sp_label; } $url = "{$_CONF['site_url']}/staticpages/index.php?page={$id}"; $retval .= "<li><a href=\"{$url}\" {$target}>{$label}</a></li>" . LB; } } break; case "pluginmenu": $result = DB_query("SELECT pi_name FROM {$_TABLES['plugins']} WHERE pi_enabled = 1"); $nrows = DB_numRows($result); $menu = array(); for ($i = 1; $i <= $nrows; $i++) { $A = DB_fetchArray($result); $function = 'plugin_getmenuitems_' . $A['pi_name']; if (function_exists($function)) { $menuitems = $function(); if (is_array($menuitems) and count($menuitems) > 0) { foreach ($menuitems as $plugin_label => $plugin_link) { if ($pid == 0) { $retval .= "<li class=\"top\"><a class=\"top_link\" href=\"{$plugin_link}\" {$target}><span>{$plugin_label}</span></a></li>" . LB; } else { $retval .= "<li><a href=\"{$plugin_link}\" {$target}><span>{$plugin_label}</span></a></li>" . LB; } } } } } break; case "headermenu": $t = new Template($_CONF['path_layout'] . 'nexmenu/procssmenu'); $t->set_file(array('menu' => 'siteheader_menuitems.thtml', 'menuitem' => 'headermenu_item.thtml', 'menuitem_last' => 'headermenu_item.thtml')); $plugin_menu = PLG_getMenuItems(); COM_renderMenu($t, $plugin_menu); $t->parse('output', 'menu'); $retval .= $t->finish($t->get_var('output')); break; } // End of menutype == 4 (Core Menu) } elseif ($menuitem['type'] == 5) { if (function_exists($menuitem['url'])) { /* Pass the type of menu to custom php function */ $retval .= $menuitem['url']($this->_type); } } else { $url = str_replace('[siteurl]', $_CONF['site_url'], $menuitem['url']); $url = str_replace('[siteadminurl]', $_CONF['site_admin_url'], $url); // what's our current URL? $thisUrl = COM_getCurrentURL(); if ($menuitemImage != '') { if ($this->_type == 'header') { $menuitemimagecss = 'headermenuitemimage'; } else { $menuitemimagecss = 'blockmenuitemimage'; } $image = '<img src="' . $menuitemImage . '" border="0"> '; if ($i == 1 and $pid > 0) { $retval .= "<li><a href=\"{$url}\" {$target} class=\"enclose\">{$image}<span id=\"{$menuitemimagecss}\">{$label}</span></a></li>" . LB; } elseif ($i == $menurows and $pid == 0) { $retval .= "<li><a href=\"{$url}\" {$target} class=\"enclose\">{$image}<span id=\"{$menuitemimagecss}\">{$label}</span></a></li>" . LB; } elseif ($url == $thisUrl) { $retval .= "<li id=\"menuitem_current\"><a href=\"{$url}\" {$target}>{$image}<span id=\"{$menuitemimagecss}\">{$label}</span></a></li>" . LB; } else { $retval .= "<li><a href=\"{$url}\" {$target}>{$image}<span id=\"{$menuitemimagecss}\">{$label}</span></a></li>" . LB; } } else { if ($pid == 0) { $retval .= "<li class=\"top\"><a class=\"top_link\" href=\"{$url}\" {$target}><span>{$label}</span></a></li>" . LB; } else { $retval .= "<li><a href=\"{$url}\" {$target}><span>{$label}</span></a></li>" . LB; } } } $i++; } // Restore Template Setting $_BLOCK_TEMPLATE = $this->_currentBlockTemplate; return $retval; }
// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | // | | // +--------------------------------------------------------------------------+ require_once '../lib-common.php'; require_once 'auth.inc.php'; require_once $_CONF['path'] . 'filecheck_data.php'; // Uncomment the line below if you need to debug the HTTP variables being passed // to the script. This will sometimes cause errors but it will allow you to see // the data being passed in a POST operation // echo COM_debug($_POST); // Number of plugins to list per page // We use 25 here instead of the 50 entries in other lists to leave room // for the list of uninstalled plugins. define('PLUGINS_PER_PAGE', 25); $display = ''; if (!SEC_hasrights('plugin.edit')) { $display .= COM_siteHeader('menu', $MESSAGE[30]); $display .= COM_showMessageText($MESSAGE[38], $MESSAGE[30], true); $display .= COM_siteFooter(); COM_accessLog("User {$_USER['username']} tried to illegally access the plugin administration screen."); echo $display; exit; } /** * XML startElement callback * * used for plugin.xml parsing * * @param object $parser Handle to the parser object * @param string $name Name of element * @param array $attrib array of attributes for element
/** * Takes an article class and renders HTML in the specified template and style. * * Formats the given article into HTML. Called by index.php, article.php, * submit.php and admin/story.php (Preview mode for the last two). * * @param object $story The story to display, an instance of the Story class. * @param string $index n = 'Compact display' for list of stories. p = 'Preview' mode. Else full display of article. * @param string $storytpl The template to use to render the story. * @param string $query A search query, if one was specified. * * @return string Article as formated HTML. * * Note: Formerly named COM_Article, and re-written totally since then. */ function STORY_renderArticle(&$story, $index = '', $storytpl = 'storytext.thtml', $query = '') { global $_CONF, $_TABLES, $_USER, $LANG01, $LANG05, $LANG11, $LANG_TRB, $_IMAGE_TYPE, $mode; static $storycounter = 0; if (empty($storytpl)) { $storytpl = 'storytext.thtml'; } $introtext = $story->displayElements('introtext'); $bodytext = $story->displayElements('bodytext'); if (!empty($query)) { $introtext = COM_highlightQuery($introtext, $query); $bodytext = COM_highlightQuery($bodytext, $query); } $article = new Template($_CONF['path_layout']); $article->set_file(array('article' => $storytpl, 'bodytext' => 'storybodytext.thtml', 'featuredarticle' => 'featuredstorytext.thtml', 'featuredbodytext' => 'featuredstorybodytext.thtml', 'archivearticle' => 'archivestorytext.thtml', 'archivebodytext' => 'archivestorybodytext.thtml')); $article->set_var('xhtml', XHTML); $article->set_var('layout_url', $_CONF['layout_url']); $article->set_var('site_url', $_CONF['site_url']); $article->set_var('site_admin_url', $_CONF['site_admin_url']); $article->set_var('site_name', $_CONF['site_name']); $article->set_var('story_date', $story->DisplayElements('date')); $article->set_var('story_date_short', $story->DisplayElements('shortdate')); $article->set_var('story_date_only', $story->DisplayElements('dateonly')); if ($_CONF['hideviewscount'] != 1) { $article->set_var('lang_views', $LANG01[106]); $article->set_var('story_hits', $story->DisplayElements('hits')); } $article->set_var('story_id', $story->getSid()); if ($_CONF['contributedbyline'] == 1) { $article->set_var('lang_contributed_by', $LANG01[1]); $article->set_var('contributedby_uid', $story->DisplayElements('uid')); $fullname = $story->DisplayElements('fullname'); $username = $story->DisplayElements('username'); $article->set_var('contributedby_user', $username); if (empty($fullname)) { $article->set_var('contributedby_fullname', $username); } else { $article->set_var('contributedby_fullname', $fullname); } $authorname = COM_getDisplayName($story->DisplayElements('uid'), $username, $fullname); $article->set_var('contributedby_author', $authorname); $article->set_var('author', $authorname); if ($story->DisplayElements('uid') > 1) { $profileUrl = $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $story->DisplayElements('uid'); $article->set_var('start_contributedby_anchortag', '<a class="storybyline" href="' . $profileUrl . '">'); $article->set_var('end_contributedby_anchortag', '</a>'); $article->set_var('contributedby_url', $profileUrl); } $photo = ''; if ($_CONF['allow_user_photo'] == 1) { $authphoto = $story->DisplayElements('photo'); if (empty($authphoto)) { $authphoto = '(none)'; // user does not have a photo } $photo = USER_getPhoto($story->DisplayElements('uid'), $authphoto, $story->DisplayElements('email')); } if (!empty($photo)) { $article->set_var('contributedby_photo', $photo); $article->set_var('author_photo', $photo); $camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . XHTML . '>'; $article->set_var('camera_icon', COM_createLink($camera_icon, $profileUrl)); } else { $article->set_var('contributedby_photo', ''); $article->set_var('author_photo', ''); $article->set_var('camera_icon', ''); } } $topicname = $story->DisplayElements('topic'); $article->set_var('story_topic_id', $story->DisplayElements('tid')); $article->set_var('story_topic_name', $topicname); $topicurl = $_CONF['site_url'] . '/index.php?topic=' . $story->DisplayElements('tid'); if ((!isset($_USER['noicons']) or $_USER['noicons'] != 1) and $story->DisplayElements('show_topic_icon') == 1) { $imageurl = $story->DisplayElements('imageurl'); if (!empty($imageurl)) { $imageurl = COM_getTopicImageUrl($imageurl); $article->set_var('story_topic_image_url', $imageurl); $topicimage = '<img src="' . $imageurl . '" class="float' . $_CONF['article_image_align'] . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>'; $article->set_var('story_anchortag_and_image', COM_createLink($topicimage, $topicurl, array('rel' => "category"))); $article->set_var('story_topic_image', $topicimage); $topicimage_noalign = '<img src="' . $imageurl . '" alt="' . $topicname . '" title="' . $topicname . '"' . XHTML . '>'; $article->set_var('story_anchortag_and_image_no_align', COM_createLink($topicimage_noalign, $topicurl, array('rel' => "category"))); $article->set_var('story_topic_image_no_align', $topicimage_noalign); } } $article->set_var('story_topic_url', $topicurl); $recent_post_anchortag = ''; $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()); $article->set_var('story_title', $story->DisplayElements('title')); $article->set_var('lang_permalink', $LANG01[127]); $show_comments = true; // n = 'Compact display' for list of stories. p = 'Preview' mode. if ($index != 'n' && $index != 'p' || !empty($query)) { $attributes = ' class="non-ul"'; $attr_array = array('class' => 'non-ul'); if (!empty($query)) { $attributes .= ' rel="bookmark"'; $attr_array['rel'] = 'bookmark'; } $article->set_var('start_storylink_anchortag', '<a href="' . $articleUrl . '"' . $attributes . '>'); $article->set_var('end_storylink_anchortag', '</a>'); $article->set_var('story_title_link', COM_createLink($story->DisplayElements('title'), $articleUrl, $attr_array)); } else { $article->set_var('story_title_link', $story->DisplayElements('title')); } if ($index == 'n' || $index == 'p') { if (empty($bodytext)) { $article->set_var('story_introtext', $introtext); $article->set_var('story_text_no_br', $introtext); } else { if ($_CONF['allow_page_breaks'] == 1 and $index == 'n') { $story_page = 1; // page selector if (is_numeric($mode)) { $story_page = $mode; if ($story_page <= 0) { $story_page = 1; $mode = 0; } elseif ($story_page > 1) { $introtext = ''; } } $article_array = explode('[page_break]', $bodytext); $pagelinks = COM_printPageNavigation($articleUrl, $story_page, count($article_array), 'mode=', $_CONF['url_rewrite'], $LANG01[118]); if (count($article_array) > 1) { $bodytext = $article_array[$story_page - 1]; } $article->set_var('page_selector', $pagelinks); if ($_CONF['page_break_comments'] == 'last' and $story_page < count($article_array) or $_CONF['page_break_comments'] == 'first' and $story_page != 1) { $show_comments = false; } $article->set_var('story_page', $story_page); } $article->set_var('story_introtext', $introtext . '<br' . XHTML . '><br' . XHTML . '>' . $bodytext); $article->set_var('story_text_no_br', $introtext . ' ' . $bodytext); } $article->set_var('story_introtext_only', $introtext); $article->set_var('story_bodytext_only', $bodytext); if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && SEC_hasRights('story.ping')) { $url = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&id=' . $story->getSid(); $article->set_var('send_trackback_link', COM_createLink($LANG_TRB['send_trackback'], $url)); $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>'; $article->set_var('send_trackback_icon', COM_createLink($pingico, $url)); $article->set_var('send_trackback_url', $url); $article->set_var('lang_send_trackback_text', $LANG_TRB['send_trackback']); } $article->set_var('story_display', $index == 'p' ? 'preview' : 'article'); $article->set_var('story_counter', 0); } else { $article->set_var('story_introtext', $introtext); $article->set_var('story_text_no_br', $introtext); $article->set_var('story_introtext_only', $introtext); if (!empty($bodytext)) { $article->set_var('lang_readmore', $LANG01[2]); $article->set_var('lang_readmore_words', $LANG01[62]); $numwords = COM_numberFormat(count(explode(' ', COM_getTextContent($bodytext)))); $article->set_var('readmore_words', $numwords); $article->set_var('readmore_link', COM_createLink($LANG01[2], $articleUrl, array('class' => 'story-read-more-link')) . ' (' . $numwords . ' ' . $LANG01[62] . ') '); $article->set_var('start_readmore_anchortag', '<a href="' . $articleUrl . '" class="story-read-more-link">'); $article->set_var('end_readmore_anchortag', '</a>'); $article->set_var('read_more_class', 'class="story-read-more-link"'); } if ($story->DisplayElements('commentcode') >= 0 and $show_comments) { $commentsUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#comments'; $article->set_var('comments_url', $commentsUrl); $article->set_var('comments_text', COM_numberFormat($story->DisplayElements('comments')) . ' ' . $LANG01[3]); $article->set_var('comments_count', COM_numberFormat($story->DisplayElements('comments'))); $article->set_var('lang_comments', $LANG01[3]); $comments_with_count = sprintf($LANG01[121], COM_numberFormat($story->DisplayElements('comments'))); if ($story->DisplayElements('comments') > 0) { $result = DB_query("SELECT UNIX_TIMESTAMP(date) AS day,username,fullname,{$_TABLES['comments']}.uid as cuid FROM {$_TABLES['comments']},{$_TABLES['users']} WHERE {$_TABLES['users']}.uid = {$_TABLES['comments']}.uid AND sid = '" . $story->getsid() . "' ORDER BY date desc LIMIT 1"); $C = DB_fetchArray($result); $recent_post_anchortag = '<span class="storybyline">' . $LANG01[27] . ': ' . strftime($_CONF['daytime'], $C['day']) . ' ' . $LANG01[104] . ' ' . COM_getDisplayName($C['cuid'], $C['username'], $C['fullname']) . '</span>'; $article->set_var('comments_with_count', COM_createLink($comments_with_count, $commentsUrl)); $article->set_var('start_comments_anchortag', '<a href="' . $commentsUrl . '">'); $article->set_var('end_comments_anchortag', '</a>'); } else { $article->set_var('comments_with_count', $comments_with_count); $recent_post_anchortag = COM_createLink($LANG01[60], $_CONF['site_url'] . '/comment.php?sid=' . $story->getsid() . '&pid=0&type=article'); } if ($story->DisplayElements('commentcode') == 0) { $postCommentUrl = $_CONF['site_url'] . '/comment.php?sid=' . $story->getSid() . '&pid=0&type=article'; $article->set_var('post_comment_link', COM_createLink($LANG01[60], $postCommentUrl, array('rel' => 'nofollow'))); /* $article->set_var( 'subscribe_link', COM_createLink('Nubbies', '', array('rel' => 'nofollow')) ); */ $article->set_var('lang_post_comment', $LANG01[60]); $article->set_var('start_post_comment_anchortag', '<a href="' . $postCommentUrl . '" rel="nofollow">'); $article->set_var('end_post_comment_anchortag', '</a>'); } } if (($_CONF['trackback_enabled'] || $_CONF['pingback_enabled']) && $story->DisplayElements('trackbackcode') >= 0 && $show_comments) { $num_trackbacks = COM_numberFormat($story->DisplayElements('trackbacks')); $trackbacksUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid()) . '#trackback'; $article->set_var('trackbacks_url', $trackbacksUrl); $article->set_var('trackbacks_text', $num_trackbacks . ' ' . $LANG_TRB['trackbacks']); $article->set_var('trackbacks_count', $num_trackbacks); $article->set_var('lang_trackbacks', $LANG_TRB['trackbacks']); $article->set_var('trackbacks_with_count', COM_createLink(sprintf($LANG01[122], $num_trackbacks), $trackbacksUrl)); if (SEC_hasRights('story.ping')) { $pingurl = $_CONF['site_admin_url'] . '/trackback.php?mode=sendall&id=' . $story->getSid(); $pingico = '<img src="' . $_CONF['layout_url'] . '/images/sendping.' . $_IMAGE_TYPE . '" alt="' . $LANG_TRB['send_trackback'] . '" title="' . $LANG_TRB['send_trackback'] . '"' . XHTML . '>'; $article->set_var('send_trackback_icon', COM_createLink($pingico, $pingurl)); } if ($story->DisplayElements('trackbacks') > 0) { $article->set_var('trackbacks_with_count', COM_createLink(sprintf($LANG01[122], $num_trackbacks), $trackbacksUrl)); } else { $article->set_var('trackbacks_with_count', sprintf($LANG01[122], $num_trackbacks)); } } if ($_CONF['hideemailicon'] == 1 || empty($_USER['username']) && ($_CONF['loginrequired'] == 1 || $_CONF['emailstoryloginrequired'] == 1)) { $article->set_var('email_icon', ''); } else { $emailUrl = $_CONF['site_url'] . '/profiles.php?sid=' . $story->getSid() . '&what=emailstory'; $emailicon = '<img src="' . $_CONF['layout_url'] . '/images/mail.' . $_IMAGE_TYPE . '" alt="' . $LANG01[64] . '" title="' . $LANG11[2] . '"' . XHTML . '>'; $article->set_var('email_icon', COM_createLink($emailicon, $emailUrl)); $article->set_var('email_story_url', $emailUrl); $article->set_var('lang_email_story', $LANG11[2]); $article->set_var('lang_email_story_alt', $LANG01[64]); } $printUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid() . '&mode=print'); if ($_CONF['hideprintericon'] == 1) { $article->set_var('print_icon', ''); } else { $printicon = '<img src="' . $_CONF['layout_url'] . '/images/print.' . $_IMAGE_TYPE . '" alt="' . $LANG01[65] . '" title="' . $LANG11[3] . '"' . XHTML . '>'; $article->set_var('print_icon', COM_createLink($printicon, $printUrl, array('rel' => 'nofollow'))); $article->set_var('print_story_url', $printUrl); $article->set_var('lang_print_story', $LANG11[3]); $article->set_var('lang_print_story_alt', $LANG01[65]); } $article->set_var('story_display', 'index'); $storycounter++; $article->set_var('story_counter', $storycounter); } $article->set_var('article_url', $articleUrl); $article->set_var('recent_post_anchortag', $recent_post_anchortag); if ($story->checkAccess() == 3 and SEC_hasrights('story.edit') and $index != 'p') { $article->set_var('edit_link', COM_createLink($LANG01[4], $_CONF['site_admin_url'] . '/story.php?mode=edit&sid=' . $story->getSid())); $article->set_var('edit_url', $_CONF['site_admin_url'] . '/story.php?mode=edit&sid=' . $story->getSid()); $article->set_var('lang_edit_text', $LANG01[4]); $editicon = $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE; $editiconhtml = '<img src="' . $editicon . '" alt="' . $LANG01[4] . '" title="' . $LANG01[4] . '"' . XHTML . '>'; $article->set_var('edit_icon', COM_createLink($editiconhtml, $_CONF['site_admin_url'] . '/story.php?mode=edit&sid=' . $story->getSid())); $article->set_var('edit_image', $editiconhtml); } if ($story->DisplayElements('featured') == 1) { $article->set_var('lang_todays_featured_article', $LANG05[4]); $article->parse('story_bodyhtml', 'featuredbodytext', true); PLG_templateSetVars('featuredstorytext', $article); $article->parse('finalstory', 'featuredarticle'); } elseif ($story->DisplayElements('statuscode') == STORY_ARCHIVE_ON_EXPIRE and $story->DisplayElements('expire') <= time()) { $article->parse('story_bodyhtml', 'archivestorybodytext', true); PLG_templateSetVars('archivestorytext', $article); $article->parse('finalstory', 'archivearticle'); } else { $article->parse('story_bodyhtml', 'bodytext', true); PLG_templateSetVars('storytext', $article); $article->parse('finalstory', 'article'); } return $article->finish($article->get_var('finalstory')); }
/** * Shows the block editor * * This will show a block edit form. If this is a Geeklog default block it will * send it off to editdefaultblock. * * @param string $bid ID of block to edit * @return string HTML for block editor * */ function editblock($bid = '') { global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG01, $LANG21, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE, $_SCRIPTS; $retval = ''; if (!empty($bid)) { $sql['mysql'] = "SELECT * FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'"; $sql['mssql'] = "SELECT bid, is_enabled, name, type, title, blockorder, cast(content as text) as content, rdfurl, "; $sql['mssql'] .= "rdfupdated, rdflimit, onleft, phpblockfn, help, owner_id,group_id, "; $sql['mssql'] .= "perm_owner, perm_group, perm_members, perm_anon, allow_autotags, cache_time FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'"; $sql['pgsql'] = "SELECT * FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'"; $result = DB_query($sql); $A = DB_fetchArray($result); $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); if ($access == 2 || $access == 0 || TOPIC_hasMultiTopicAccess('block', $bid) < 3) { $retval .= COM_showMessageText($LANG21[45], $LANG_ACCESS['accessdenied']); COM_accessLog("User {$_USER['username']} tried to illegally create or edit block {$bid}."); return $retval; } if ($A['type'] == 'gldefault') { $retval .= editdefaultblock($A, $access); return $retval; } } else { $A['bid'] = 0; $A['is_enabled'] = 1; $A['name'] = ''; $A['type'] = 'normal'; $A['title'] = ''; $A['tid'] = ''; $A['blockorder'] = 0; $A['cache_time'] = $_CONF['default_cache_time_block']; $A['content'] = ''; $A['allow_autotags'] = 0; $A['rdfurl'] = ''; $A['rdfupdated'] = ''; $A['rdflimit'] = 0; $A['onleft'] = 0; $A['phpblockfn'] = ''; $A['help'] = ''; $A['owner_id'] = $_USER['uid']; if (isset($_GROUPS['Block Admin'])) { $A['group_id'] = $_GROUPS['Block Admin']; } else { $A['group_id'] = SEC_getFeatureGroup('block.edit'); } SEC_setDefaultPermissions($A, $_CONF['default_permissions_block']); $access = 3; if ($_POST['mode'] == $LANG_ADMIN['save'] && !empty($LANG_ADMIN['save'])) { overridePostdata($A); } } $token = SEC_createToken(); $block_templates = COM_newTemplate($_CONF['path_layout'] . 'admin/block'); $block_templates->set_file('editor', 'blockeditor.thtml'); $block_start = COM_startBlock($LANG21[3], '', COM_getBlockTemplate('_admin_block', 'header')); $block_start .= LB . SEC_getTokenExpiryNotice($token); $block_templates->set_var('start_block_editor', $block_start); if (!empty($bid) && SEC_hasrights('block.delete')) { $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>'; $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; $block_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm)); $block_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, '')); $block_templates->set_var('allow_delete', true); $block_templates->set_var('lang_delete', $LANG_ADMIN['delete']); $block_templates->set_var('confirm_message', $MESSAGE[76]); } $block_templates->set_var('block_bid', $A['bid']); // standard Admin strings $block_templates->set_var('lang_blocktitle', $LANG_ADMIN['title']); $block_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']); $block_templates->set_var('lang_blockhelpurl', $LANG_ADMIN['help_url']); $block_templates->set_var('lang_topic', $LANG_ADMIN['topic']); $block_templates->set_var('lang_save', $LANG_ADMIN['save']); $block_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']); $block_templates->set_var('lang_blocktype', $LANG_ADMIN['type']); $block_templates->set_var('lang_allowed_html', $LANG01[123]); $block_templates->set_var('block_title', stripslashes($A['title'])); $block_templates->set_var('lang_enabled', $LANG21[53]); if ($A['is_enabled'] == 1) { $block_templates->set_var('is_enabled', 'checked="checked"'); } else { $block_templates->set_var('is_enabled', ''); } $block_templates->set_var('block_help', $A['help']); $block_templates->set_var('lang_includehttp', $LANG21[51]); $block_templates->set_var('lang_explanation', $LANG21[52]); $block_templates->set_var('block_name', $A['name']); $block_templates->set_var('lang_blockname', $LANG21[48]); $block_templates->set_var('lang_nospaces', $LANG21[49]); $block_templates->set_var('topic_selection', TOPIC_getTopicSelectionControl('block', $A['bid'], true, true)); $block_templates->set_var('lang_side', $LANG21[39]); $block_templates->set_var('lang_left', $LANG21[40]); $block_templates->set_var('lang_right', $LANG21[41]); if ($A['onleft'] == 1) { $block_templates->set_var('left_selected', 'selected="selected"'); } elseif ($A['onleft'] == 0) { $block_templates->set_var('right_selected', 'selected="selected"'); } $block_templates->set_var('lang_blockorder', $LANG21[9]); $block_templates->set_var('block_order', $A['blockorder']); $block_templates->set_var('lang_normalblock', $LANG21[12]); $block_templates->set_var('lang_phpblock', $LANG21[27]); $block_templates->set_var('lang_portalblock', $LANG21[11]); if ($A['type'] == 'normal') { $block_templates->set_var('normal_selected', 'selected="selected"'); } elseif ($A['type'] == 'phpblock') { $block_templates->set_var('php_selected', 'selected="selected"'); } elseif ($A['type'] == 'portal') { $block_templates->set_var('portal_selected', 'selected="selected"'); } $block_templates->set_var('lang_cachetime', $LANG21['cache_time']); $block_templates->set_var('lang_cachetime_desc', $LANG21['cache_time_desc']); $block_templates->set_var('cache_time', $A['cache_time']); $block_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']); $block_templates->set_var('lang_owner', $LANG_ACCESS['owner']); $ownername = COM_getDisplayName($A['owner_id']); $block_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = '{$A['owner_id']}'")); $block_templates->set_var('owner_name', $ownername); $block_templates->set_var('owner', $ownername); $block_templates->set_var('owner_id', $A['owner_id']); $block_templates->set_var('lang_group', $LANG_ACCESS['group']); $block_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access)); $block_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']); $block_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']); $block_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon'])); $block_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']); $block_templates->set_var('lang_phpblockoptions', $LANG21[28]); $block_templates->set_var('lang_blockfunction', $LANG21[29]); $block_templates->set_var('block_phpblockfn', $A['phpblockfn']); $block_templates->set_var('lang_phpblockwarning', $LANG21[30]); $block_templates->set_var('lang_portalblockoptions', $LANG21[13]); $block_templates->set_var('lang_rdfurl', $LANG21[14]); $block_templates->set_var('max_url_length', 255); $block_templates->set_var('block_rdfurl', $A['rdfurl']); $block_templates->set_var('lang_rdflimit', $LANG21[62]); $block_templates->set_var('block_rdflimit', $A['rdflimit']); $block_templates->set_var('lang_lastrdfupdate', $LANG21[15]); if ($A['rdfupdated'] == '0000-00-00 00:00:00') { $block_templates->set_var('block_rdfupdated', ''); } else { $block_templates->set_var('block_rdfupdated', $A['rdfupdated']); } $block_templates->set_var('lang_normalblockoptions', $LANG21[16]); $block_templates->set_var('lang_blockcontent', $LANG21[17]); $block_templates->set_var('lang_autotags', $LANG21[66]); $block_templates->set_var('lang_use_autotags', $LANG21[67]); $content = htmlspecialchars(stripslashes($A['content'])); $content = str_replace(array('{', '}'), array('{', '}'), $content); $block_templates->set_var('block_content', $content); if ($A['allow_autotags'] == 1) { $block_templates->set_var('allow_autotags', 'checked="checked"'); } else { $block_templates->set_var('allow_autotags', ''); } $block_templates->set_var('gltoken_name', CSRF_TOKEN); $block_templates->set_var('gltoken', $token); $block_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'))); $block_templates->parse('output', 'editor'); $retval .= $block_templates->finish($block_templates->get_var('output')); // Shows/Hides relevant block options dynamically $_SCRIPTS->setJavaScript("\njQuery(function () {\n var \$ = jQuery;\n \$('#admin-blockeditor-type').on('change', function () {\n var fs, i, fieldsets = ['normal', 'phpblock', 'portal'];\n\n for (i = 0; i < 3; i++) {\n if (this.value === fieldsets[i]) {\n \$('#fs-' + fieldsets[i] + '-options').show();\n } else {\n \$('#fs-' + fieldsets[i] + '-options').hide();\n }\n }\n })\n .trigger('change');\n});", true, true); return $retval; }
// +---------------------------------------------------------------------------+ /** * Simple email form that lets you send emails to certain groups of users. * */ /** * Geeklog common function library */ require_once '../lib-common.php'; /** * Security check to ensure user even belongs on this page */ require_once 'auth.inc.php'; $display = ''; // Make sure user has access to this page if (!SEC_inGroup('Mail Admin') && !SEC_hasrights('user.mail')) { $display .= COM_siteHeader('menu', $MESSAGE[30]) . COM_showMessageText($MESSAGE[29], $MESSAGE[30]) . COM_siteFooter(); COM_accessLog("User {$_USER['username']} tried to illegally access the mail administration screen."); COM_output($display); exit; } /** * Shows the form the admin uses to send Geeklog members a message. Right now * you can only email an entire group. * * @return string HTML for the email form * */ function display_mailform() { global $_CONF, $LANG31, $LANG_ADMIN, $_IMAGE_TYPE;
private function _renderMenuItems() { global $_CONF, $_TABLES, $_USER, $_BLOCK_TEMPLATE; foreach ($this->_menuitems as $menuitem) { if ($this->_multiLangMode) { $label = $this->getMenuLabel($menuitem['id']); } else { $label = $menuitem['label']; } $target = $menuitem['type'] == 2 ? 'target=newWindow;' . $this->_targetFeatures : ''; $menuitemImage = trim($menuitem['image']); if ($menuitemImage != '') { // Check and see if the full url is entered if (strpos($menuitemImage, 'http') === false) { $menuitemImage = $_CONF['site_url'] . '/nexmenu/menuimages/' . $menuitemImage; } } if ($i == $this->_menuitemCount) { $lastitem = true; } else { $lastitem = false; } // Check and see if this item is a submenu if ($menuitem['type'] == 3) { // Type Submenu $url = str_replace('[siteurl]', $_CONF['site_url'], $menuitem['url']); $url = str_replace('[siteadminurl]', $_CONF['site_admin_url'], $url); if ($this->_type == 'header') { $menuitemimagecss = 'headermenuitemimage'; } else { $menuitemimagecss = 'blocksubmenuitemimage'; } if ($menuitemImage != '') { $retval .= 'aI("image=' . $menuitemImage . ';text=' . $label . ';' . 'url=' . $url . ';' . $target . 'showmenu=nexmenu' . $menuitem['id'] . ';");'; } else { $retval .= 'aI("text=' . $label . ';' . 'url=' . $url . ';' . $target . 'showmenu=nexmenu' . $menuitem['id'] . ';");'; } } elseif ($menuitem['type'] == 4) { // Core Menu switch ($menuitem['url']) { case "adminmenu": if ($_USER['uid'] > 1) { $_BLOCK_TEMPLATE['admin_block'] = 'nexmenu/milonicmenu/blockheader-blank.thtml,nexmenu/milonicmenu/blockfooter-blank.thtml'; $_BLOCK_TEMPLATE['adminoption'] = 'nexmenu/milonicmenu/option.thtml,nexmenu/milonicmenu/option_off.thtml'; $plugin_options .= PLG_getAdminOptions(); $nrows = count($plugin_options); if (SEC_isModerator() or $nrows > 0 or SEC_hasrights('story.edit,block.edit,topic.edit,link.edit,event.edit,poll.edit,user.edit,plugin.edit,user.mail', 'OR')) { $retval .= COM_adminMenu(); } } break; case "usermenu": if ($_USER['uid'] > 1) { $_BLOCK_TEMPLATE['user_block'] = 'nexmenu/milonicmenu/blockheader-blank.thtml,nexmenu/milonicmenu/blockfooter-blank.thtml'; $_BLOCK_TEMPLATE['useroption'] = 'nexmenu/milonicmenu/option.thtml,nexmenu/milonicmenu/option_off.thtml'; $retval .= COM_userMenu(); } break; case "topicmenu": $_BLOCK_TEMPLATE['topicoption'] = 'nexmenu/milonicmenu/option.thtml,nexmenu/milonicmenu/option_off.thtml'; $retval .= COM_showTopics('', " sortnum < '{$CONF_NEXMENU['restricted_topics']}'"); break; case "linksmenu": if ($this->_linksPlugin) { $retval .= $this->_milonicLinksPluginSiteLinks(); } break; case "spmenu": if ($this->_staticpagesPlugin) { if ($CONF_NEXMENU['sp_labelonly']) { $sql = "SELECT sp_id,sp_title,sp_label FROM {$_TABLES['staticpage']} WHERE sp_onmenu=1 "; $sql .= COM_getPermSql('AND'); $sql .= 'ORDER BY sp_title'; $spquery = DB_query($sql); } else { $sql = "SELECT sp_id,sp_title,sp_label FROM {$_TABLES['staticpage']} "; $sql .= COM_getPermSql('WHERE'); $sql .= 'ORDER BY sp_title'; $spquery = DB_query($sql); } while (list($id, $title, $sp_label) = DB_fetchArray($spquery)) { if (trim($sp_label) == '') { $label = $title; } else { $label = $sp_label; } $url = "{$_CONF['site_url']}/staticpages/index.php?page={$id}"; $retval .= 'aI("text=' . $label . ';url=' . $_CONF['site_url'] . '/staticpages/index.php?page=' . $id . ';");'; } } break; case "pluginmenu": $result = DB_query("SELECT pi_name FROM {$_TABLES['plugins']} WHERE pi_enabled = 1"); $nrows = DB_numRows($result); $menu = array(); for ($i = 1; $i <= $nrows; $i++) { $A = DB_fetchArray($result); $function = 'plugin_getmenuitems_' . $A['pi_name']; if (function_exists($function)) { $menuitems = $function(); if (is_array($menuitems) and count($menuitems) > 0) { foreach ($menuitems as $plugin_label => $plugin_link) { $retval .= 'aI("text=' . $plugin_label . ';' . $target . 'url=' . $plugin_link . ';");'; } } } } break; } // End of menutype == 4 (Core Menu) } elseif ($menuitem['type'] == 5) { if (function_exists($menuitem['url'])) { /* Pass the type of menu to custom php function */ $retval .= $menuitem['url']($this->_type); } } else { $url = str_replace('[siteurl]', $_CONF['site_url'], $menuitem['url']); $url = str_replace('[siteadminurl]', $_CONF['site_admin_url'], $url); // what's our current URL? $thisUrl = COM_getCurrentURL(); if ($menuitemImage != '') { $retval .= 'aI("image=' . $menuitemImage . ';text=' . $label . ';url=' . $url . ';' . $target . ';");'; } else { $retval .= 'aI("text=' . $label . ';url=' . $url . ';' . $target . ';");'; } } $i++; } // Restore Template Setting $_BLOCK_TEMPLATE = $this->_currentBlockTemplate; return $retval; }
/** * Shows the block editor * * This will show a block edit form. If this is a Geeklog default block it will * send it off to editdefaultblock. * * @param string $bid ID of block to edit * @return string HTML for block editor * */ function editblock($bid = '') { global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG01, $LANG21, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE; $retval = ''; if (!empty($bid)) { $sql['mysql'] = "SELECT * FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'"; $sql['mssql'] = "SELECT bid, is_enabled, name, type, title, tid, blockorder, cast(content as text) as content, rdfurl, "; $sql['mssql'] .= "rdfupdated, rdflimit, onleft, phpblockfn, help, owner_id,group_id, "; $sql['mssql'] .= "perm_owner, perm_group, perm_members, perm_anon, allow_autotags FROM {$_TABLES['blocks']} WHERE bid ='{$bid}'"; $result = DB_query($sql); $A = DB_fetchArray($result); $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); if ($access == 2 || $access == 0 || hasBlockTopicAccess($A['tid']) < 3) { $retval .= COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG21[45] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); COM_accessLog("User {$_USER['username']} tried to illegally create or edit block {$bid}."); return $retval; } if ($A['type'] == 'gldefault') { $retval .= editdefaultblock($A, $access); return $retval; } } else { $A['bid'] = 0; $A['is_enabled'] = 1; $A['name'] = ''; $A['type'] = 'normal'; $A['title'] = ''; $A['tid'] = 'All'; $A['blockorder'] = 0; $A['content'] = ''; $A['allow_autotags'] = 0; $A['rdfurl'] = ''; $A['rdfupdated'] = ''; $A['rdflimit'] = 0; $A['onleft'] = 0; $A['phpblockfn'] = ''; $A['help'] = ''; $A['owner_id'] = $_USER['uid']; if (isset($_GROUPS['Block Admin'])) { $A['group_id'] = $_GROUPS['Block Admin']; } else { $A['group_id'] = SEC_getFeatureGroup('block.edit'); } SEC_setDefaultPermissions($A, $_CONF['default_permissions_block']); $access = 3; } $token = SEC_createToken(); $block_templates = new Template($_CONF['path_layout'] . 'admin/block'); $block_templates->set_file('editor', 'blockeditor.thtml'); $block_templates->set_var('site_url', $_CONF['site_url']); $block_templates->set_var('xhtml', XHTML); $block_templates->set_var('site_admin_url', $_CONF['site_admin_url']); $block_templates->set_var('layout_url', $_CONF['layout_url']); $block_start = COM_startBlock($LANG21[3], '', COM_getBlockTemplate('_admin_block', 'header')); $block_start .= LB . SEC_getTokenExpiryNotice($token); $block_templates->set_var('start_block_editor', $block_start); if (!empty($bid) && SEC_hasrights('block.delete')) { $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>'; $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; $block_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm)); $block_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, '')); } $block_templates->set_var('block_bid', $A['bid']); // standard Admin strings $block_templates->set_var('lang_blocktitle', $LANG_ADMIN['title']); $block_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']); $block_templates->set_var('lang_blockhelpurl', $LANG_ADMIN['help_url']); $block_templates->set_var('lang_topic', $LANG_ADMIN['topic']); $block_templates->set_var('lang_save', $LANG_ADMIN['save']); $block_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']); $block_templates->set_var('lang_blocktype', $LANG_ADMIN['type']); $block_templates->set_var('lang_allowed_html', $LANG01[123]); $block_templates->set_var('block_title', stripslashes($A['title'])); $block_templates->set_var('lang_enabled', $LANG21[53]); if ($A['is_enabled'] == 1) { $block_templates->set_var('is_enabled', 'checked="checked"'); } else { $block_templates->set_var('is_enabled', ''); } $block_templates->set_var('block_help', $A['help']); $block_templates->set_var('lang_includehttp', $LANG21[51]); $block_templates->set_var('lang_explanation', $LANG21[52]); $block_templates->set_var('block_name', $A['name']); $block_templates->set_var('lang_blockname', $LANG21[48]); $block_templates->set_var('lang_nospaces', $LANG21[49]); $block_templates->set_var('lang_all', $LANG21[7]); $block_templates->set_var('lang_homeonly', $LANG21[43]); if ($A['tid'] == 'all') { $block_templates->set_var('all_selected', 'selected="selected"'); } else { if ($A['tid'] == 'homeonly') { $block_templates->set_var('homeonly_selected', 'selected="selected"'); } } $block_templates->set_var('topic_options', COM_topicList('tid,topic', $A['tid'], 1, true)); $block_templates->set_var('lang_side', $LANG21[39]); $block_templates->set_var('lang_left', $LANG21[40]); $block_templates->set_var('lang_right', $LANG21[41]); if ($A['onleft'] == 1) { $block_templates->set_var('left_selected', 'selected="selected"'); } else { if ($A['onleft'] == 0) { $block_templates->set_var('right_selected', 'selected="selected"'); } } $block_templates->set_var('lang_blockorder', $LANG21[9]); $block_templates->set_var('block_order', $A['blockorder']); $block_templates->set_var('lang_normalblock', $LANG21[12]); $block_templates->set_var('lang_phpblock', $LANG21[27]); $block_templates->set_var('lang_portalblock', $LANG21[11]); if ($A['type'] == 'normal') { $block_templates->set_var('normal_selected', 'selected="selected"'); } else { if ($A['type'] == 'phpblock') { $block_templates->set_var('php_selected', 'selected="selected"'); } else { if ($A['type'] == 'portal') { $block_templates->set_var('portal_selected', 'selected="selected"'); } } } $block_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']); $block_templates->set_var('lang_owner', $LANG_ACCESS['owner']); $ownername = COM_getDisplayName($A['owner_id']); $block_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = '{$A['owner_id']}'")); $block_templates->set_var('owner_name', $ownername); $block_templates->set_var('owner', $ownername); $block_templates->set_var('owner_id', $A['owner_id']); $block_templates->set_var('lang_group', $LANG_ACCESS['group']); $block_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access)); $block_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']); $block_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']); $block_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon'])); $block_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']); $block_templates->set_var('lang_phpblockoptions', $LANG21[28]); $block_templates->set_var('lang_blockfunction', $LANG21[29]); $block_templates->set_var('block_phpblockfn', $A['phpblockfn']); $block_templates->set_var('lang_phpblockwarning', $LANG21[30]); $block_templates->set_var('lang_portalblockoptions', $LANG21[13]); $block_templates->set_var('lang_rdfurl', $LANG21[14]); $block_templates->set_var('max_url_length', 255); $block_templates->set_var('block_rdfurl', $A['rdfurl']); $block_templates->set_var('lang_rdflimit', $LANG21[62]); $block_templates->set_var('block_rdflimit', $A['rdflimit']); $block_templates->set_var('lang_lastrdfupdate', $LANG21[15]); if ($A['rdfupdated'] == '0000-00-00 00:00:00') { $block_templates->set_var('block_rdfupdated', ''); } else { $block_templates->set_var('block_rdfupdated', $A['rdfupdated']); } $block_templates->set_var('lang_normalblockoptions', $LANG21[16]); $block_templates->set_var('lang_blockcontent', $LANG21[17]); $block_templates->set_var('lang_autotags', $LANG21[66]); $block_templates->set_var('lang_use_autotags', $LANG21[67]); $block_templates->set_var('block_content', htmlspecialchars(stripslashes($A['content']))); if ($A['allow_autotags'] == 1) { $block_templates->set_var('allow_autotags', 'checked="checked"'); } else { $block_templates->set_var('allow_autotags', ''); } $block_templates->set_var('gltoken_name', CSRF_TOKEN); $block_templates->set_var('gltoken', $token); $block_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'))); $block_templates->parse('output', 'editor'); $retval .= $block_templates->finish($block_templates->get_var('output')); return $retval; }
/** * Shows the block editor * * This will show a block edit form. If this is a glFusion default block it will * send it off to BLOCK_editDefault(). * * @param string $bid ID of block to edit * @param array $B An array of block fields (optional) * @return string HTML for block editor * */ function BLOCK_edit($bid = '', $B = array()) { global $_CONF, $_GROUPS, $_TABLES, $_USER, $LANG01, $LANG21, $LANG24, $LANG_ACCESS, $LANG_ADMIN, $LANG_postmodes, $MESSAGE, $_IMAGE_TYPE; USES_lib_admin(); $retval = ''; $A = array(); if (!empty($bid)) { $result = DB_query("SELECT * FROM {$_TABLES['blocks']} WHERE bid ='" . DB_escapeString($bid) . "'"); $A = DB_fetchArray($result); $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); if ($access == 2 || $access == 0 || BLOCK_hasTopicAccess($A['tid']) < 3) { $retval .= COM_showMessageText($LANG21[45], $LANG_ACCESS['accessdenied'], true); COM_accessLog("User {$_USER['username']} tried to illegally create or edit block " . $bid); return $retval; } if ($A['type'] == 'gldefault') { $retval .= BLOCK_editDefault($A, $access); return $retval; } } else { $A['bid'] = isset($B['bid']) ? $B['bid'] : 0; $A['is_enabled'] = isset($B['is_enabled']) ? $B['is_enabled'] : 1; $A['name'] = isset($B['name']) ? $B['name'] : ''; $A['type'] = isset($B['type']) ? $B['type'] : 'normal'; $A['title'] = isset($B['title']) ? $B['title'] : ''; $A['tid'] = isset($B['tid']) ? $B['tid'] : 'All'; $A['blockorder'] = isset($B['blockorder']) ? $B['blockorder'] : 0; $A['content'] = isset($B['content']) ? $B['content'] : ''; $A['allow_autotags'] = isset($B['allow_autotags']) && $B['allow_autotags'] == 1 ? 1 : 0; $A['rdfurl'] = isset($B['rdfurl']) ? $B['rdfurl'] : ''; $A['rdfupdated'] = isset($B['rdfupdated']) ? $B['rdfupdated'] : ''; $A['rdflimit'] = isset($B['rdflimit']) ? $B['rdflimit'] : 0; $A['onleft'] = isset($B['onleft']) ? $B['onleft'] : 0; $A['phpblockfn'] = isset($B['phpblockfn']) ? $B['phpblockfn'] : ''; $A['help'] = isset($B['help']) ? $B['help'] : ''; $A['owner_id'] = isset($B['owner_id']) ? $B['owner_id'] : $_USER['uid']; if (isset($B['group_id'])) { $A['group_id'] = $B['group_id']; } else { if (isset($_GROUPS['Block Admin'])) { $A['group_id'] = $_GROUPS['Block Admin']; } else { $A['group_id'] = SEC_getFeatureGroup('block.edit'); } } if (isset($B['perm_owner'])) { $A['perm_owner'] = SEC_getPermissionValue($B['perm_owner']); $A['perm_group'] = SEC_getPermissionValue($B['perm_group']); $A['perm_members'] = SEC_getPermissionValue($B['perm_members']); $A['perm_anon'] = SEC_getPermissionValue($B['perm_anon']); } else { SEC_setDefaultPermissions($A, $_CONF['default_permissions_block']); } $access = 3; } $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/block.php', 'text' => $LANG_ADMIN['block_list']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home'])); $block_templates = new Template($_CONF['path_layout'] . 'admin/block'); $block_templates->set_file('editor', 'blockeditor.thtml'); $block_templates->set_var('start_block_editor', COM_startBlock($LANG21[3], '', COM_getBlockTemplate('_admin_block', 'header'))); if (!empty($bid) && SEC_hasrights('block.delete')) { $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="delete"%s >'; $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; $block_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm)); $block_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, '')); $block_templates->set_var('lang_delete', $LANG_ADMIN['delete']); $block_templates->set_var('lang_delete_confirm', $MESSAGE[76]); } $block_templates->set_var('block_bid', $A['bid']); // standard Admin strings $block_templates->set_var('lang_blocktitle', $LANG_ADMIN['title']); $block_templates->set_var('lang_enabled', $LANG_ADMIN['enabled']); $block_templates->set_var('lang_blockhelpurl', $LANG_ADMIN['help_url']); $block_templates->set_var('lang_topic', $LANG_ADMIN['topic']); $block_templates->set_var('lang_save', $LANG_ADMIN['save']); $block_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']); $block_templates->set_var('lang_blocktype', $LANG_ADMIN['type']); $block_templates->set_var('lang_allowed_html', $LANG01[123]); $block_templates->set_var('block_title', htmlspecialchars($A['title'], ENT_QUOTES, COM_getEncodingt())); $block_templates->set_var('lang_enabled', $LANG21[53]); if ($A['is_enabled'] == 1) { $block_templates->set_var('is_enabled', 'checked="checked"'); } else { $block_templates->set_var('is_enabled', ''); } $block_templates->set_var('block_help', $A['help']); $block_templates->set_var('lang_includehttp', $LANG21[51]); $block_templates->set_var('lang_explanation', $LANG21[52]); $block_templates->set_var('block_name', $A['name']); $block_templates->set_var('lang_blockname', $LANG21[48]); $block_templates->set_var('lang_nospaces', $LANG21[49]); $block_templates->set_var('lang_all', $LANG21[7]); $block_templates->set_var('lang_homeonly', $LANG21[43]); $block_templates->set_var('lang_nohomepage', $LANG21[44]); if ($A['tid'] == 'all') { $block_templates->set_var('all_selected', 'selected="selected"'); } else { if ($A['tid'] == 'homeonly') { $block_templates->set_var('homeonly_selected', 'selected="selected"'); } else { if ($A['tid'] == 'allnhp') { $block_templates->set_var('nohomepage_selected', 'selected="selected"'); } } } $block_templates->set_var('topic_options', COM_topicList('tid,topic', $A['tid'], 1, true)); $block_templates->set_var('lang_side', $LANG21[39]); $block_templates->set_var('lang_left', $LANG21[40]); $block_templates->set_var('lang_right', $LANG21[41]); if ($A['onleft'] == 1) { $block_templates->set_var('left_selected', 'selected="selected"'); } else { if ($A['onleft'] == 0) { $block_templates->set_var('right_selected', 'selected="selected"'); } } $block_templates->set_var('lang_blockorder', $LANG21[9]); $block_templates->set_var('block_order', $A['blockorder']); $block_templates->set_var('lang_normalblock', $LANG21[12]); $block_templates->set_var('lang_phpblock', $LANG21[27]); $block_templates->set_var('lang_portalblock', $LANG21[11]); if ($A['type'] == 'normal') { $block_templates->set_var('normal_selected', 'selected="selected"'); } else { if ($A['type'] == 'phpblock') { $block_templates->set_var('php_selected', 'selected="selected"'); } else { if ($A['type'] == 'portal') { $block_templates->set_var('portal_selected', 'selected="selected"'); } } } $block_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']); $block_templates->set_var('lang_owner', $LANG_ACCESS['owner']); $ownername = COM_getDisplayName($A['owner_id']); $block_templates->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = '{$A['owner_id']}'")); $block_templates->set_var('owner_name', $ownername); $block_templates->set_var('owner', $ownername); $block_templates->set_var('owner_id', $A['owner_id']); $block_templates->set_var('lang_group', $LANG_ACCESS['group']); $block_templates->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access)); $block_templates->set_var('lang_permissions', $LANG_ACCESS['permissions']); $block_templates->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']); $block_templates->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon'])); $block_templates->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']); $block_templates->set_var('lang_phpblockoptions', $LANG21[28]); $block_templates->set_var('lang_blockfunction', $LANG21[29]); $block_templates->set_var('block_phpblockfn', $A['phpblockfn']); $block_templates->set_var('lang_phpblockwarning', $LANG21[30]); $block_templates->set_var('lang_portalblockoptions', $LANG21[13]); $block_templates->set_var('lang_rdfurl', $LANG21[14]); $block_templates->set_var('max_url_length', 255); $block_templates->set_var('block_rdfurl', $A['rdfurl']); $block_templates->set_var('lang_rdflimit', $LANG21[62]); $block_templates->set_var('block_rdflimit', $A['rdflimit']); $block_templates->set_var('lang_lastrdfupdate', $LANG21[15]); if ($A['rdfupdated'] == '1000-01-01 00:00:00') { $block_templates->set_var('block_rdfupdated', ''); } else { $block_templates->set_var('block_rdfupdated', $A['rdfupdated']); } $block_templates->set_var('lang_normalblockoptions', $LANG21[16]); $block_templates->set_var('lang_blockcontent', $LANG21[17]); $block_templates->set_var('lang_autotags', $LANG21[66]); $block_templates->set_var('lang_use_autotags', $LANG21[67]); $block_templates->set_var('block_content', htmlspecialchars($A['content'], ENT_QUOTES, COM_getEncodingt())); $block_templates->set_var('block_text', htmlspecialchars($A['content'], ENT_QUOTES, COM_getEncodingt())); $block_templates->set_var('block_html', htmlspecialchars($A['content'], ENT_QUOTES, COM_getEncodingt())); if ($A['allow_autotags'] == 1) { $block_templates->set_var('allow_autotags', 'checked="checked"'); } else { $block_templates->set_var('allow_autotags', ''); } $block_templates->set_var('gltoken_name', CSRF_TOKEN); $block_templates->set_var('gltoken', SEC_createToken()); $block_templates->set_var('admin_menu', ADMIN_createMenu($menu_arr, $LANG21[71], $_CONF['layout_url'] . '/images/icons/block.' . $_IMAGE_TYPE)); $block_templates->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'))); PLG_templateSetVars('blockeditor', $block_templates); $block_templates->parse('output', 'editor'); $retval .= $block_templates->finish($block_templates->get_var('output')); return $retval; }
// | | // | This program is distributed in the hope that it will be useful, | // | but WITHOUT ANY WARRANTY; without even the implied warranty of | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | // | GNU General Public License for more details. | // | | // | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to the Free Software Foundation, | // | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. | // | | // +--------------------------------------------------------------------------+ require_once '../lib-common.php'; require_once 'auth.inc.php'; $display = ''; // Make sure user has rights to access this page if (!SEC_hasrights('user.mail')) { $display .= COM_siteHeader('menu', $MESSAGE[30]); $display .= COM_showMessageText($MESSAGE[39], $MESSAGE[30], true); $display .= COM_siteFooter(); COM_accessLog("User {$_USER['username']} tried to access the mail administration screen."); echo $display; exit; } /** * Shows the form the admin uses to send glFusion members a message. Now you * can email a user or an entire group depending upon whether uid or grp_id is * set. if both arguments are >0, the group send function takes precedence * * @return string HTML for the email form * */