/**
* Update 123FlashChat Settings
*
* @author Tree Florian
* @return mixed true if successful, false if unsuccessful, error string otherwise
*/
function FlashChatBridge_admin_updateconfig()
{
// Security check
if (!SecurityUtil::checkPermission('FlashChatBridge::', '::', ACCESS_ADMIN)) {
return LogUtil::registerPermissionError();
}
// get settings from form - do before authid check
$settings = FormUtil::getPassedValue('settings', null, 'POST');
// if this form wasnt posted to redirect back
if ($settings === NULL) {
return pnRedirect(pnModURL('Settings', 'admin', 'modifyconfig'));
}
/*
// confirm the forms auth key
if (!SecurityUtil::confirmAuthKey()) {
return LogUtil::registerAuthidError();
}
*/
$lastchar = substr($settings['client_path'], -1);
if ($lastchar != "\\" && $lastchar != "/" && $settings['client_path'] != "") {
$settings['client_path'] = $settings['client_path'] . "/";
}
$settings['server_data_path'] = str_replace("\\", "/", $settings['server_data_path']);
$lastchar = substr($settings['server_data_path'], -1);
if ($lastchar != "\\" && $lastchar != "/" && $settings['client_path'] != "") {
$settings['server_data_path'] = $settings['server_data_path'] . "/";
}
$settings['active_chat_standard'] = $settings['active_chat_standard'] == 1 ? 1 : 0;
$settings['active_chat_html'] = $settings['active_chat_html'] == 1 ? 1 : 0;
$settings['active_chat_avatar'] = $settings['active_chat_avatar'] == 1 ? 1 : 0;
$settings['active_chat_live'] = $settings['active_chat_live'] == 1 ? 1 : 0;
$settings['active_chat_pocket'] = $settings['active_chat_pocket'] == 1 ? 1 : 0;
$settings['active_chat_lite'] = $settings['active_chat_lite'] == 1 ? 1 : 0;
$settings['active_chat_banner'] = $settings['active_chat_banner'] == 1 ? 1 : 0;
// Write the vars
//$configvars = pnModGetVar('FlashChatBridge');
foreach ($settings as $key => $value) {
pnModSetVar('FlashChatBridge', $key, $value);
}
//$configvars = pnModGetVar('FlashChatBridge');
// Let any other modules know that the modules configuration has been updated
pnModCallHooks('module', 'updateconfig', 'FlashChatBridge', array('module' => 'FlashChatBridge'));
return pnRedirect(pnModURL('FlashChatBridge', 'admin', 'modifyconfig'));
}
/**
* display block
*/
function admin_messages_messagesblock_display($row)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
if (!isset($row['title'])) {
$row['title'] = '';
}
if (!pnSecAuthAction(0, 'Admin Messages:Messagesblock:', "{$row['title']}::", ACCESS_READ)) {
return;
}
$messagestable = $pntable['message'];
$messagescolumn =& $pntable['message_column'];
if (pnConfigGetVar('multilingual') == 1) {
$currentlang = pnUserGetLang();
$querylang = "AND ({$messagescolumn['mlanguage']}='{$currentlang}' OR {$messagescolumn['mlanguage']}='')";
} else {
$querylang = '';
}
$sql = "SELECT {$messagescolumn['mid']},\n {$messagescolumn['title']},\n {$messagescolumn['content']},\n {$messagescolumn['date']},\n {$messagescolumn['view']}\n FROM {$messagestable}\n WHERE {$messagescolumn['active']} = 1 \n AND ( {$messagescolumn['expire']} > unix_timestamp(now())\n OR {$messagescolumn['expire']} = 0)\n {$querylang}\n ORDER by {$messagescolumn['mid']} DESC";
$result = $dbconn->Execute($sql);
if ($dbconn->ErrorNo() != 0) {
return;
}
$output = new pnHTML();
while (list($mid, $title, $content, $date, $view) = $result->fields) {
$result->MoveNext();
$show = 0;
if (pnSecAuthAction(0, 'Admin Messages:Messagesblock:', "{$row['title']}::{$mid}", ACCESS_READ)) {
switch ($view) {
case 1:
// Message for everyone
$show = 1;
break;
case 2:
// Message for users
if (pnUserLoggedIn()) {
$show = 1;
}
break;
case 3:
// Messages for non-users
if (!pnUserLoggedIn()) {
$show = 1;
}
break;
case 4:
// Messages for administrators of any description
if (pnSecAuthAction(0, '::', '::', ACCESS_ADMIN)) {
$show = 1;
}
break;
}
}
if ($show) {
list($title, $content) = pnModCallHooks('item', 'transform', '', array($title, $content));
$output->TableStart('', '', 0);
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->SetOutputMode(_PNH_RETURNOUTPUT);
$ttitle = $output->Linebreak();
$ttitle .= $output->Text($title);
$ttitle .= $output->Linebreak(2);
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$output->TableAddRow(array("<font class=\"pn-title\">" . pnVarPrepHTMLDisplay($ttitle) . "</font>"), 'center');
$output->TableAddRow(array("<font class=\"pn-normal\">" . pnVarPrepHTMLDisplay($content) . "</font>"), 'left');
$output->SetInputMode(_PNH_PARSEINPUT);
$output->TableEnd();
}
}
if ($output->output != "") {
// Don't want a title
$row['title'] = '';
$row['content'] = $output->GetOutput();
return themesideblock($row);
}
}
/**
* delete a template item
* @param $args['tid'] ID of the item
* @returns bool
* @return true on success, false on failure
*/
function template_adminapi_delete($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if (!isset($tid)) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Load API. Note that this is loading the user API in addition to
// the administration API, that is because the user API contains
// the function to obtain item information which is the first thing
// that we need to do. If the API fails to load an appropriate error
// message is posted and the function returns
if (!pnModAPILoad('Template', 'user')) {
$output->Text(_LOADFAILED);
return $output->GetOutput();
}
// The user API function is called. This takes the item ID which
// we obtained from the input and gets us the information on the
// appropriate item. If the item does not exist we post an appropriate
// message and return
$item = pnModAPIFunc('Template', 'user', 'get', array('tid' => $tid));
if ($item == false) {
$output->Text(_TEMPLATENOSUCHITEM);
return $output->GetOutput();
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing.
// However, in this case we had to wait until we could obtain the item
// name to complete the instance information so this is the first
// chance we get to do the check
if (!pnSecAuthAction(0, 'Template::Item', "{$item['name']}::{$tid}", ACCESS_DELETE)) {
pnSessionSetVar('errormsg', _TEMPLATENOAUTH);
return false;
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$templatetable = $pntable['template'];
$templatecolumn =& $pntable['template_column'];
// Delete the item - the formatting here is not mandatory, but it does
// make the SQL statement relatively easy to read. Also, separating
// out the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "DELETE FROM {$templatetable}\n WHERE {$templatecolumn['tid']} = '" . pnVarPrepForStore($tid) . "'";
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _DELETEFAILED);
return false;
}
// Let any hooks know that we have deleted an item. As this is a
// delete hook we're not passing any extra info
pnModCallHooks('item', 'delete', $tid, '');
// Let the calling process know that we have finished successfully
return true;
}
function Lenses_adminapi_insert_lens($args)
{
// Permission check.
if (!pnSecAuthAction(0, 'Lenses::', '::', ACCESS_ADMIN)) {
pnSessionSetVar('errormsg', _MODULENOAUTH);
return false;
}
// Extract any arguments.
extract($args);
// Extract $lens for cleaner code below.
extract($lens_data);
// NOTE: Even though there are many, many fields in the lens
// creation form, only the 'name' field is checked due
// to the fact that every lens may or may not need any
// given field. To this end, only a 'name' is required
// to create (or later modify) a contact lens entry.
// Ensure valid name was passed in.
if (empty($name) || !is_string($name)) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Get a reference to the database object.
$dbconn =& pnDBGetConn(true);
// Get a reference to PostNuke's table info.
$pntable =& pnDBGetTables();
// Define table and column to work with.
$lenses_table =& $pntable['lenses'];
$lenses_field =& $pntable['lenses_column'];
// NOTE: We need to take care of a few preliminaries
// before passing the data off to the database
// for storage. Specifically:
// 1) Get the next table ID - $tid
// 2) Get today's date - $birthday
// Next table ID.
$next_tid = $dbconn->GenId($lenses_table);
// Today's date.
$created = date('Y-m-d');
// NOTE: There would typically be a list() of all variables here
// which would be prepped for db storage before being used
// in the $sql query below. This is not the case when the
// new lens is being inserted as this effectively adds apx
// 165 lines of code between here and the $sql query. The
// data is instead cleaned, still via pnVarPrepForStore(),
// as it would have been done here in a list(); the only
// difference here is that the data is cleaned AS the $sql
// query string is created, instead of BEFOREHAND.
// Create sql query to insert lens.
$sql = "INSERT INTO {$lenses_table} (\n {$lenses_field['tid']},\n {$lenses_field['name']},\n {$lenses_field['aliases']},\n {$lenses_field['comp_id']},\n {$lenses_field['poly_id']},\n {$lenses_field['visitint']},\n {$lenses_field['ew']},\n {$lenses_field['ct']},\n {$lenses_field['dk']},\n {$lenses_field['oz']},\n {$lenses_field['process_text']},\n {$lenses_field['process_simple']},\n {$lenses_field['qty']},\n {$lenses_field['replace_simple']},\n {$lenses_field['replace_text']},\n {$lenses_field['wear']},\n {$lenses_field['price']},\n {$lenses_field['markings']},\n {$lenses_field['fitting_guide']},\n {$lenses_field['website']},\n {$lenses_field['image']},\n {$lenses_field['other_info']},\n {$lenses_field['discontinued']},\n {$lenses_field['display']},\n {$lenses_field['redirect']},\n {$lenses_field['bc_simple']},\n\t\t\t\t\t\t{$lenses_field['bc_all']},\n {$lenses_field['max_plus']},\n {$lenses_field['max_minus']},\n {$lenses_field['max_diam']},\n {$lenses_field['min_diam']},\n {$lenses_field['diam_1']},\n {$lenses_field['base_curves_1']},\n {$lenses_field['powers_1']},\n {$lenses_field['diam_2']},\n {$lenses_field['base_curves_2']},\n {$lenses_field['powers_2']},\n {$lenses_field['diam_3']},\n {$lenses_field['base_curves_3']},\n {$lenses_field['powers_3']},\n\t\t\t\t\t\t{$lenses_field['sph_notes']},\n \n {$lenses_field['toric']},\n {$lenses_field['toric_type']},\n {$lenses_field['toric_type_simple']},\n {$lenses_field['cyl_power']},\n {$lenses_field['max_cyl_power']},\n {$lenses_field['cyl_axis']},\n {$lenses_field['cyl_axis_steps']},\n {$lenses_field['oblique']},\n\t\t\t\t\t\t{$lenses_field['cyl_notes']},\n \n {$lenses_field['bifocal']},\n {$lenses_field['bifocal_type']},\n {$lenses_field['add_text']},\n {$lenses_field['max_add']},\n {$lenses_field['cosmetic']},\n {$lenses_field['enh_names']},\n {$lenses_field['enh_names_simple']},\n {$lenses_field['opaque_names']},\n {$lenses_field['opaque_names_simple']},\n {$lenses_field['updated']})\n VALUES (\n '" . pnVarPrepForStore($next_tid) . "',\n '" . pnVarPrepForStore($name) . "',\n '" . pnVarPrepForStore($aliases) . "',\n '" . pnVarPrepForStore($comp_id) . "',\n '" . pnVarPrepForStore($poly_id) . "',\n '" . pnVarPrepForStore($visitint) . "',\n '" . pnVarPrepForStore($ew) . "',\n '" . pnVarPrepForStore($ct) . "',\n '" . pnVarPrepForStore($dk) . "',\n '" . pnVarPrepForStore($oz) . "',\n '" . pnVarPrepForStore($process_text) . "',\n '" . pnVarPrepForStore($process_simple) . "',\n '" . pnVarPrepForStore($qty) . "',\n '" . pnVarPrepForStore($replace_simple) . "',\n '" . pnVarPrepForStore($replace_text) . "',\n '" . pnVarPrepForStore($wear) . "',\n '" . pnVarPrepForStore($price) . "',\n '" . pnVarPrepForStore($markings) . "',\n '" . pnVarPrepForStore($fitting_guide) . "',\n '" . pnVarPrepForStore($website) . "',\n '" . pnVarPrepForStore($image) . "',\n '" . pnVarPrepForStore($other_info) . "',\n '" . pnVarPrepForStore($discontinued) . "',\n '" . pnVarPrepForStore($display) . "',\n '" . pnVarPrepForStore($redirect) . "',\n '" . pnVarPrepForStore($bc_simple) . "',\n\t\t\t\t\t\t'" . pnVarPrepForStore($bc_all) . "',\n '" . pnVarPrepForStore($max_plus) . "',\n '" . pnVarPrepForStore($max_minus) . "',\n '" . pnVarPrepForStore($max_diam) . "',\n '" . pnVarPrepForStore($min_diam) . "',\n '" . pnVarPrepForStore($diam_1) . "',\n '" . pnVarPrepForStore($base_curves_1) . "',\n '" . pnVarPrepForStore($powers_1) . "',\n '" . pnVarPrepForStore($diam_2) . "',\n '" . pnVarPrepForStore($base_curves_2) . "',\n '" . pnVarPrepForStore($powers_2) . "',\n '" . pnVarPrepForStore($diam_3) . "',\n '" . pnVarPrepForStore($base_curves_3) . "',\n '" . pnVarPrepForStore($powers_3) . "',\n\t\t\t\t\t\t'" . pnVarPrepForStore($sph_notes) . "',\n \n '" . pnVarPrepForStore($toric) . "',\n '" . pnVarPrepForStore($toric_type) . "',\n '" . pnVarPrepForStore($toric_type_simple) . "',\n '" . pnVarPrepForStore($cyl_power) . "',\n '" . pnVarPrepForStore($max_cyl_power) . "',\n '" . pnVarPrepForStore($cyl_axis) . "',\n '" . pnVarPrepForStore($cyl_axis_steps) . "',\n '" . pnVarPrepForStore($oblique) . "',\n\t\t\t\t\t\t'" . pnVarPrepForStore($cyl_notes) . "',\n \n '" . pnVarPrepForStore($bifocal) . "',\n '" . pnVarPrepForStore($bifocal_type) . "',\n '" . pnVarPrepForStore($add_text) . "',\n '" . pnVarPrepForStore($max_add) . "',\n '" . pnVarPrepForStore($cosmetic) . "',\n '" . pnVarPrepForStore($enh_names) . "',\n '" . pnVarPrepForStore($enh_names_simple) . "',\n '" . pnVarPrepForStore($opaque_names) . "',\n '" . pnVarPrepForStore($opaque_names_simple) . "',\n '" . pnVarPrepForStore($created) . "'\n )";
// Execute the query.
$result = $dbconn->Execute($sql);
// Check for any database errors.
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _CREATEFAILED);
return false;
}
// Get the table id (tid) of the last insert, just to be sure.
$tid = $dbconn->PO_Insert_ID($lenses_table, $lenses_field['tid']);
// Let any hooks know that we have created a new item. As this is a
// create hook we're passing 'tid' as the extra info, which is the
// argument that all of the other functions use to reference this
// item
pnModCallHooks('item', 'create', $tid, 'tid');
// Return the lens id.
return $tid;
}
/**
* Delete media item
*/
function mediashare_editapi_deleteMediaItem($args)
{
$dom = ZLanguage::getModuleDomain('mediashare');
$mediaId = (int) $args['mediaId'];
if (!($item = pnModAPIFunc('mediashare', 'user', 'getMediaItem', array('mediaId' => $mediaId)))) {
return false;
}
$albumId = (int) $item['parentAlbumId'];
$position = (int) $item['position'];
if (!($album = pnModAPIFunc('mediashare', 'user', 'getAlbum', array('albumId' => $albumId)))) {
return false;
}
// Get virtual file system handler
$vfsHandlerName = mediashareGetVFSHandlerName($item['thumbnailRef']);
if (!($vfsHandler = pnModAPIFunc('mediashare', "vfs_{$vfsHandlerName}", 'buildHandler'))) {
return false;
}
if ($vfsHandler->deleteFile($item['thumbnailRef']) === false) {
return LogUtil::registerError(__f("Failed to delete media item.", $dom) . ' ' . __('%1$s\'s thumbnail (%2$s).', array($mediaId, $item['thumbnailId']), $dom));
}
if ($vfsHandler->deleteFile($item['previewRef']) === false) {
return LogUtil::registerError(__f("Failed to delete media item.", $dom) . ' ' . __('%1$s\'s preview (%2$s).', array($mediaId, $item['previewId']), $dom));
}
if ($vfsHandler->deleteFile($item['originalRef']) === false) {
return LogUtil::registerError(__f("Failed to delete media item.", $dom) . ' ' . __('%1$s\'s original (%2$s).', array($mediaId, $item['originalId']), $dom));
}
$result = DBUtil::deleteObjectByID('mediashare_media', $mediaId, 'id');
if ($result === false) {
return LogUtil::registerError(__f('Error in %1$s: %2$s.', array('editapi.deleteMediaItem', 'Could not delete the media item.'), $dom));
}
pnModCallHooks('item', 'delete', "media-{$mediaId}", array('module' => 'mediashare', 'mediaId' => $mediaId));
// Ensure correct position of the remaining items
$pntable = pnDBGetTables();
$mediaColumn = $pntable['mediashare_media_column'];
$sql = "UPDATE {$pntable['mediashare_media']}\n SET {$mediaColumn['position']} = {$mediaColumn['position']} - 1\n WHERE {$mediaColumn['parentAlbumId']} = '{$albumId}'\n AND {$mediaColumn['position']} > '{$position}'";
$result = DBUtil::executeSQL($sql);
if ($result === false) {
return LogUtil::registerError(__f('Error in %1$s: %2$s.', array('editapi.deleteMediaItem', 'Could not delete the media item.'), $dom));
}
// Remove keyword references
if (!pnModAPIFunc('mediashare', 'edit', 'updateKeywords', array('itemId' => $mediaId, 'type' => 'media', 'keywords' => ''))) {
return false;
}
$storageTable = $pntable['mediashare_mediastore'];
$storageColumn = $pntable['mediashare_mediastore_column'];
// Delete storage
$sql = "DELETE FROM {$storageTable}\n WHERE {$storageColumn['id']} IN ({$item['thumbnailId']},{$item['previewId']},{$item['originalId']})";
$result = DBUtil::executeSQL($sql);
if ($result === false) {
return LogUtil::registerError(__f('Error in %1$s: %2$s.', array('editapi.deleteMediaItem', 'Could not delete the storage.'), $dom));
}
// Update main album item
if ($album['mainMediaId'] == $mediaId) {
if (!pnModAPIFunc('mediashare', 'edit', 'setMainItem', array('albumId' => $albumId, 'mediaId' => null))) {
return false;
}
}
return true;
}
function Lenses_adminapi_delete($args)
{
// Permission check.
if (!pnSecAuthAction(0, 'Lenses::', '::', ACCESS_ADMIN)) {
pnSessionSetVar('errormsg', _MODULENOAUTH);
return false;
}
// Extract arguments.
extract($args);
// Ensure valid values were passed in.
if (empty($tid) || !is_numeric($tid) || empty($item_type) || !is_string($item_type)) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Call API function to verify bifocal type exists.
$item_exists = pnModAPIFunc('Lenses', 'user', 'get', array('item_id' => $tid, 'item_type' => $item_type));
// Verify sphere exists.
if (!$item_exists) {
pnSessionSetVar('errormsg', _NOSUCHITEM);
return false;
}
// Get a reference to the database object.
$dbconn =& pnDBGetConn(true);
// Get a reference to PostNuke's table info.
$pntable =& pnDBGetTables();
switch ($item_type) {
case 'lens':
$table =& $pntable['lenses'];
$field =& $pntable['lenses_column'];
$sql = "DELETE FROM {$table} WHERE {$field['tid']} = '" . (int) $tid . "'";
break;
case 'company':
$table =& $pntable['lenses_companies'];
$field =& $pntable['lenses_companies_column'];
$sql = "DELETE FROM {$table} WHERE {$field['comp_tid']} = '" . (int) $tid . "'";
break;
case 'polymer':
$table =& $pntable['lenses_polymers'];
$field =& $pntable['lenses_polymers_column'];
$sql = "DELETE FROM {$table} WHERE {$field['poly_tid']} = '" . (int) $tid . "'";
break;
default:
break;
}
// Execute the SQL query.
$result = $dbconn->Execute($sql);
// Check for any database errors.
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _DELETEFAILED);
return false;
}
// Let any hooks know that we have deleted an item. As this is a
// delete hook we're not passing any extra info
pnModCallHooks('item', 'delete', $tid, '');
// Start a new output object.
// This function isn't an output function, but needs an output
// object started before the cache can be cleared.
$pnRender =& new pnRender('Lenses');
// Clear the cache.
$pnRender->clear_cache();
// Return success.
return true;
}
function Lenses_user_display($args)
{
//Permission check.
if (!pnSecAuthAction(0, 'Lenses::', '::', ACCESS_READ)) {
return pnVarPrepHTMLDisplay(_MODULENOAUTH);
}
// Clean $tid from input.
$tid = pnVarCleanFromInput('tid');
extract($args);
// Ensure valid values were passed in.
if (empty($tid) || !is_numeric($tid)) {
//echo 'TID: $tid<br />';
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Start a new output object.
$pnRender =& new pnRender('Lenses');
// Call API function to get all lens data.
$lens_data = pnModAPIFunc('Lenses', 'user', 'get', array('item_type' => 'lens', 'item_id' => $tid));
//the image field will be a comma-separated string. Explode it. The first element will be placed into the "image1" field and the rest will be kept in the images field
$lens_data[images] = explode(",", $lens_data[image]);
//record lens ID as a session variable so it can be used to provide an option to compare recently searched lenses
$saved_lens_array = array();
$saved_lens_array = pnSessionGetVar('saved_lens_array');
$saved_lens_array[$lens_data[name]] = $tid;
pnSessionSetVar('saved_lens_array', array_unique($saved_lens_array));
//count how many recently searched lenses are now saved as a session variable.
$saved_lens_count = count($saved_lens_array);
//create text for company popups:
$lens_data['comp_info'] = pnModFunc('Lenses', 'user', 'company_popup', array('comp_id' => $lens_data['comp_id']));
//create popup text for FDA groups:
$fda_desc = pnModAPIFunc('Lenses', 'user', 'fda_descriptions');
$lens_data['fda_grp_desc'] = $fda_desc[$lens_data['fda_grp']];
//if possible, create dk/t value
if ($lens_data['dk'] > 0 && $lens_data['ct'] > 0) {
$lens_data['dkt'] = $lens_data['dk'] / $lens_data['ct'] / 10;
}
// Let any hooks know that we are displaying an item. As this is a display
// hook we're passing a URL as the extra info, which is the URL that any
// hooks will show after they have finished their own work. It is normal
// for that URL to bring the user back to this function
$pnRender->assign('hooks', pnModCallHooks('item', 'display', $tid, pnModURL('Lenses', 'user', 'display', array('tid' => $tid))));
//if user is allowed to edit, allow them to go to the edit page for the lens they're veiwing
if (pnSecAuthAction(0, 'Lenses::', '::', ACCESS_EDIT)) {
$pnRender->assign('edit_lens', true);
}
//only enable those with comment access (users) to see wholesale prices
if (!pnSecAuthAction(0, 'Lenses::', '::', ACCESS_COMMENT)) {
$lens_data['price'] = "";
}
// Assign $lenses to template.
$pnRender->assign('lens_data', $lens_data);
$pnRender->assign('saved_lens_count', $saved_lens_count);
// return templated output.
return $pnRender->fetch('lenses_user_display.htm');
}
function Meds_user_display($args)
{
// Permission check.
if (!pnSecAuthAction(0, 'Meds::', '::', ACCESS_READ)) {
return pnVarPrepHTMLDisplay(_MODULENOTSUBSCRIBED);
}
// This is a flag to use in the template for
// the purpose of displaying a go-back link.
// This flag is needed because the go back link
// is not needed when the user dialed in a med
// and displayed it directly (ie, non-search)
$search = pnVarCleanFromInput('search');
// Get the object type and start number.
$med_id = pnVarCleanFromInput('med_id');
// Get medication from database.
$med = pnModAPIFunc('Meds', 'user', 'get', array('object' => 'med', 'med_id' => $med_id));
// Check if medication could not be obtained.
if (!$med) {
return pnVarPrepHTMLDisplay(_NOSUCHITEM);
}
if (strpos($med['rxInfo'], "pdf/") === 0) {
$med['rxInfo'] = "modules/Meds/pn" . $med['rxInfo'];
}
//print (strpos($med['rxInfo'], "pdf/"));
//information used for popup windows. I'm sure there's a better way to do this but...
$pregnancy = pnModAPIFunc('Meds', 'user', 'preg_descriptions');
$schedules = pnModAPIFunc('Meds', 'user', 'sched_descriptions');
if ($med['pres_id1']) {
$pres_info1 = pnModAPIFunc('Meds', 'user', 'get', array('object' => 'preserve', 'pres_id' => $med['pres_id1']));
}
if ($med['pres_id2']) {
$pres_info2 = pnModAPIFunc('Meds', 'user', 'get', array('object' => 'preserve', 'pres_id' => $med['pres_id2']));
}
$comp_info = pnModAPIFunc('Meds', 'user', 'get', array('object' => 'company', 'comp_id' => $med['comp_id']));
$comp_text = pnModFunc('Meds', 'user', 'company_popup', array('comp_info' => $comp_info));
if ($med['moa_id1']) {
$moa_info1 = pnModAPIFunc('Meds', 'user', 'get', array('object' => 'moa', 'moa_id' => $med['moa_id1']));
}
if ($med['moa_id2']) {
$moa_info2 = pnModAPIFunc('Meds', 'user', 'get', array('object' => 'moa', 'moa_id' => $med['moa_id2']));
}
if ($med['moa_id3']) {
$moa_info3 = pnModAPIFunc('Meds', 'user', 'get', array('object' => 'moa', 'moa_id' => $med['moa_id3']));
}
if ($med['moa_id4']) {
$moa_info4 = pnModAPIFunc('Meds', 'user', 'get', array('object' => 'moa', 'moa_id' => $med['moa_id4']));
}
// Start a new output object.
$pnRender =& new pnRender('Meds');
// Assign medication's data to template.
$pnRender->assign('med', $med);
//assign popup info to templates
$pnRender->assign('preg', $pregnancy[$med['preg']]);
$pnRender->assign('sched', $schedules[$med['schedule']]);
$pnRender->assign('comp_text', $comp_text);
$pnRender->assign('preserve_info1', $pres_info1['comments']);
$pnRender->assign('preserve_info2', $pres_info2['comments']);
$pnRender->assign('moa_info1', $moa_info1['comments']);
$pnRender->assign('moa_info2', $moa_info2['comments']);
$pnRender->assign('moa_info3', $moa_info3['comments']);
$pnRender->assign('moa_info4', $moa_info4['comments']);
// Assign flag to template; for search back-links.
if (!empty($search)) {
$pnRender->assign('search', $search);
}
// Assign flag for admin permission capacity.
$pnRender->assign('is_admin', pnSecAuthAction(0, 'Meds::', '::', ACCESS_ADMIN));
// Let any hooks know that we are displaying an item. As this is a display
// hook we're passing a URL as the extra info, which is the URL that any
// hooks will show after they have finished their own work. It is normal
// for that URL to bring the user back to this function
$pnRender->assign('hooks', pnModCallHooks('item', 'display', $med_id, pnModURL('Meds', 'user', 'display', array('med_id' => $med_id))));
// Get options for all dropdowns. These are not used
// for dropdowns here, but rather are used to help convert
// the med's various ids back into meaning texts.
$pnRender->assign(pnModAPIFunc('Meds', 'user', 'getall_selects'));
// Return templated output.
return $pnRender->fetch('meds_user_display.htm');
}
/**
* Update the configuration
*
* This is a standard function to update the configuration parameters of the
* module given the information passed back by the modification form
* Modify configuration
*
* @author Jim McDonald
* @param bold print items in bold
* @param itemsperpage number of items per page
*/
function Example_admin_updateconfig()
{
// Security check - important to do this as early as possible to avoid
// potential security holes or just too much wasted processing
if (!pnSecAuthAction(0, 'Example::', '::', ACCESS_ADMIN)) {
return pnVarPrepHTMLDisplay(_MODULENOAUTH);
}
// Get parameters from whatever input we need. All arguments to this
// function should be obtained from pnVarCleanFromInput(), getting them
// from other places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
list($bold, $itemsperpage) = pnVarCleanFromInput('bold', 'itemsperpage');
// Confirm authorisation code. This checks that the form had a valid
// authorisation code attached to it. If it did not then the function will
// proceed no further as it is possible that this is an attempt at sending
// in false data to the system
if (!pnSecConfirmAuthKey()) {
pnSessionSetVar('errormsg', pnVarPrepHTMLDisplay(_BADAUTHKEY));
return pnRedirect(pnModURL('Example', 'admin', 'view'));
}
// Update module variables. Note that depending on the HTML structure used
// to obtain the information from the user it is possible that the values
// might be empty, so it is important to check them all and assign them
// default values if required.
// ** Please note pnVarCleanFromInput will always return a set variable, even
// it's empty so isset() checking is not appropriate.
if (empty($bold)) {
$bold = false;
}
pnModSetVar('Example', 'bold', (bool) $bold);
if (empty($itemsperpage)) {
$itemsperpage = 10;
}
// make sure $itemsperpage is a positive integer
if (!is_integer($itemsperpage) || $itemsperpage < 1) {
pnSessionSetVar('errormsg', pnVarPrepForDisplay(_EXAMPLEITEMSPERPAGE));
$itemsperpage = (int) $itemsperpage;
if ($itemsperpage < 1) {
$itemsperpage = 25;
}
}
pnModSetVar('Example', 'itemsperpage', $itemsperpage);
// The configuration has been changed, so we clear all caches for
// this module.
$pnRender =& new pnRender('Example');
// Please note that by using clear_cache without any parameter,
// we clear all cached pages for this module.
$pnRender->clear_cache();
// the module configuration has been updated successfuly
pnSessionSetVar('statusmsg', _CONFIGUPDATED);
// Let any other modules know that the modules configuration has been updated
pnModCallHooks('module', 'updateconfig', 'Example', array('module' => 'Example'));
// This function generated no output, and so now it is complete we redirect
// the user to an appropriate page for them to carry on their work
return pnRedirect(pnModURL('Example', 'admin', 'view'));
}
function PrintPage($sid)
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// grab the actual story from the database
$column =& $pntable['stories_column'];
$result = $dbconn->Execute("SELECT {$column['title']},\n {$column['time']},\n {$column['hometext']},\n {$column['bodytext']},\n {$column['topic']},\n {$column['notes']},\n {$column['cid']},\n {$column['aid']}\n FROM {$pntable['stories']} where {$column['sid']} = '" . pnVarPrepForStore($sid) . "'");
list($title, $time, $hometext, $bodytext, $topic, $notes, $cid, $aid) = $result->fields;
if (!isset($title) || $title == '') {
include 'header.php';
echo _DBSELECTERROR;
include 'footer.php';
exit;
}
if ($dbconn->ErrorNo() != 0) {
include 'header.php';
echo _DBSELECTERROR;
include 'footer.php';
exit;
}
// Get data for "autorise check"
// Just a temp. solution;
// Print.php needs completely redesign by using getArticles() and genArticleInfo()
// fix for Stories::Story, Topics::Topic [larsneo]
// find out the cattitle
if ($cid == 0) {
// Default category
$cattitle = "" . _ARTICLES . "";
} else {
$catcolumn =& $pntable['stories_cat_column'];
$catquery = buildSimpleQuery('stories_cat', array('title'), "{$catcolumn['catid']} = {$cid}");
$catresult = $dbconn->Execute($catquery);
list($cattitle) = $catresult->fields;
}
// find out the topictext
$topicscolumn =& $pntable['topics_column'];
$topicquery = buildSimpleQuery('topics', array('topictext', 'topicname'), "{$topicscolumn['topicid']} = {$topic}");
$topicresult = $dbconn->Execute($topicquery);
list($topictext, $topicname) = $topicresult->fields;
if (pnSecAuthAction(0, 'Stories::Story', "{$aid}:{$cattitle}:{$sid}", ACCESS_READ) && pnSecAuthAction(0, 'Topics::Topic', "{$topicname}::{$topic}", ACCESS_READ)) {
// user is authorised to view Stories::Story and Topics::Topic
// Increment the read counter
$column =& $pntable['stories_column'];
$dbconn->Execute("UPDATE {$pntable['stories']} SET {$column['counter']}={$column['counter']}+1 WHERE {$column['sid']}='" . pnVarPrepForStore($sid) . "'");
$time = $result->UnixTimeStamp($time);
$cWhereIsPerso = WHERE_IS_PERSO;
if (!empty($cWhereIsPerso)) {
include "modules/NS-Multisites/print.inc.php";
} else {
$themesarein = "";
$ThemeSel = pnUserGetTheme();
}
/* with this code there's no output if wiki is removed [larsneo]
pnModAPILoad('Wiki', 'user');
list($title,
$hometext,
$bodytext,
$notes) = pnModAPIFunc('wiki',
'user',
'transform',
array('objectid' => $sid,
'extrainfo' => array($title,
$hometext,
$bodytext,
$notes)));
*/
// call hooks
list($title, $hometext, $bodytext, $notes) = pnModCallHooks('item', 'transform', '', array($title, $hometext, $bodytext, $notes));
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n" . "<html>\n" . "<head><title>" . pnConfigGetVar('sitename') . "</title>\n";
if (defined("_CHARSET") && _CHARSET != "") {
echo "<META HTTP-EQUIV=\"Content-Type\" " . "CONTENT=\"text/html; charset=" . _CHARSET . "\">\n";
}
//changed to local stylesheet
//echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"".$themesarein."themes/$ThemeSel/style/style.css\">";
echo "<style type=\"text/css\">\n" . "<!--\n" . ".print-title {\n" . "background-color: transparent;\n" . "color: #990000;\n" . "font-family: Verdana, Arial, sans-serif;\n" . "font-size: 14px;\n" . "font-weight: bold;\n" . "text-decoration: none;\n" . "}\n" . ".print-sub {\n" . "background-color: transparent;\n" . "color: #000000;\n" . "font-family: Verdana, Arial, sans-serif;\n" . "font-size: 11px;\n" . "font-weight: normal;\n" . "text-decoration: none;\n" . "}\n" . ".print-normal {\n" . "background-color: transparent;\n" . "color: #000000;\n" . "font-family: Verdana, Arial, sans-serif;\n" . "font-size: 12px;\n" . "font-weight: normal;\n" . "text-decoration: none;\n" . "}\n" . ".print {\n" . "color: #000000;\n" . "background-color: #FFFFFF;\n" . "}\n" . "-->\n" . "</style>\n";
echo "</head>\n" . "<body class=\"print\" bgcolor=\"#FFFFFF\" text=\"#000000\">\n" . "\n<table border=\"0\" width=\"85%\" cellpadding=\"0\" cellspacing=\"1\" bgcolor=\"#FFFFFF\">\n" . "<tr><td>\n" . "<table border=\"0\" width=\"100%\" cellpadding=\"5\" cellspacing=\"1\" bgcolor=\"#FFFFFF\">\n" . "<tr><td>\n" . "<img src=\"" . WHERE_IS_PERSO . "images/" . pnConfigGetVar('site_logo') . "\" border=\"0\" alt=\"" . pnConfigGetVar('sitename') . "\">\n" . "<br /><br />\n" . "<b><font class=\"print-title\">" . pnVarPrepHTMLDisplay($title) . "</font></b><br /><br />\n" . "<font class=\"print-sub\">" . pnVarPrepHTMLDisplay($cattitle) . " / " . pnVarPrepHTMLDisplay($topictext) . "<br />\n" . "<b>" . _DATE . ":</b> " . ml_ftime(_DATETIMEBRIEF, $time) . "</font>\n" . "</td></tr>\n" . "<tr><td>\n" . "<font class=\"print-normal\">" . pnVarPrepHTMLDisplay($hometext) . "<br /><br />\n";
if (!empty($bodytext)) {
echo pnVarPrepHTMLDisplay($bodytext) . "<br />\n";
}
if (!empty($notes)) {
echo pnVarPrepHTMLDisplay($notes) . "<br />\n";
} else {
echo "<br />\n";
}
echo "</font>\n" . "</td></tr>\n" . "<tr><td>\n" . "<hr size=\"1\"><font class=\"print-normal\">\n" . "" . _COMESFROM . " " . pnConfigGetVar('sitename') . "<br />\n" . "<a class=\"print-normal\" href=\"" . pnGetBaseURL() . "\">" . pnGetBaseURL() . "</a>\n" . "<br /><br />\n" . "" . _THEURL . "" . "<br />\n" . "<a class=\"print-normal\" href=\"" . pnGetBaseURL() . "modules.php?op=modload&name=News&file=article&sid={$sid}\">" . pnGetBaseURL() . "modules.php?op=modload&name=News&file=article&sid={$sid}" . "</a>\n" . "</font>\n" . "</td></tr>\n" . "</table>\n</td></tr>\n</table>\n" . "</body>\n" . "</html>\n";
} else {
// user is not authorised to view Stories::Story and Topics::Topic
include 'header.php';
echo _BADAUTHKEY;
include 'footer.php';
exit;
}
}
/**
* Delete item from the database - adminapi.
*
* @param $object STRING required table to delete from
* @param $id INT required id to delete
* @param $confirmation INT required confirms deletion action
*
* @return true on successful deletion, else false.
*
*/
function Meds_adminapi_delete($args)
{
if (!pnSecAuthAction(0, 'Meds::', '::', ACCESS_DELETE)) {
pnSessionSetVar('errormsg', _MODULENOAUTH);
return false;
}
$object = (string) pnVarPrepForStore($args['object']);
if ($object == 'med') {
$id_field = 'med_id';
}
if ($object == 'moa') {
$id_field = 'moa_id';
}
if ($object == 'company') {
$id_field = 'comp_id';
}
if ($object == 'preserve') {
$id_field = 'pres_id';
}
if ($object == 'chem') {
$id_field = 'chem_id';
}
$id = (int) pnVarPrepForStore($args[$id_field]);
$exists = pnModAPIFunc('Meds', 'user', 'get', array('object' => $object, $id_field => $id));
if (!$exists) {
pnSessionSetVar('errormsg', _NOSUCHITEM);
return false;
}
$dbconn =& pnDBGetConn(true);
$pntable =& pnDBGetTables();
// Set proper tables/columns.
switch ($object) {
case 'med':
$table =& $pntable['rx_meds'];
$field =& $pntable['rx_meds_column'];
break;
case 'chem':
$table =& $pntable['rx_chem'];
$field =& $pntable['rx_chem_column'];
break;
case 'moa':
$table =& $pntable['rx_moa'];
$field =& $pntable['rx_moa_column'];
break;
case 'preserve':
$table =& $pntable['rx_preserve'];
$field =& $pntable['rx_preserve_column'];
break;
case 'company':
$table =& $pntable['rx_company'];
$field =& $pntable['rx_company_column'];
break;
default:
break;
}
$sql = "DELETE FROM {$table} WHERE {$field[$id_field]} = '{$id}'";
$dbconn->Execute($sql);
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _DELETEFAILED);
return false;
}
pnModCallHooks('item', 'delete', $id, array('module' => 'Meds'));
$pnRender =& new pnRender('Meds');
$pnRender->clear_cache(null, $id);
return true;
}
/**
* Update module config.
*/
function Meds_admin_update_config()
{
// Permission check.
if (!pnSecAuthAction(0, 'Meds::', '::', ACCESS_ADMIN)) {
return pnVarPrepHTMLDisplay(_MODULENOAUTH);
}
// Clean arguments from URL.
$per_page = pnVarCleanFromInput('per_page');
// Confirm authorizaton to carry out this function's action.
if (!pnSecConfirmAuthKey()) {
pnSessionSetVar('errormsg', pnVarPrepHTMLDisplay(_BADAUTHKEY));
return pnRedirect(pnModURL('Meds', 'admin', 'main'));
}
// Ensure a default.
if (empty($per_page) || !is_numeric($per_page) || $per_page < 1) {
$per_page = 10;
}
// Set the module variable.
pnModSetVar('Meds', 'per_page', (int) $per_page);
// Start a new output object.
$pnRender =& new pnRender('Meds');
// Dump module cache.
$pnRender->clear_cache();
// Set a status message.
pnSessionSetVar('statusmsg', _CONFIGUPDATED);
// Let any hooks know that something occurred.
pnModCallHooks('module', 'updateconfig', 'Meds', array('module' => 'Meds'));
// Redirect user.
return pnRedirect(pnModURL('Meds', 'admin', 'main'));
}