function sportal_pages() { global $smcFunc, $context, $txt, $scripturl, $sourcedir, $user_info; loadTemplate('PortalPages'); $page_id = !empty($_REQUEST['page']) ? $_REQUEST['page'] : 0; if (is_numeric($page_id)) { $page_id = (int) $page_id; } else { $page_id = $smcFunc['htmlspecialchars']($page_id, ENT_QUOTES); } $context['SPortal']['page'] = sportal_get_pages($page_id, true, true); if (empty($context['SPortal']['page']['id'])) { fatal_lang_error('error_sp_page_not_found', false); } $context['SPortal']['page']['style'] = sportal_parse_style('explode', $context['SPortal']['page']['style'], true); if (empty($_SESSION['last_viewed_page']) || $_SESSION['last_viewed_page'] != $context['SPortal']['page']['id']) { $smcFunc['db_query']('', ' UPDATE {db_prefix}sp_pages SET views = views + 1 WHERE id_page = {int:current_page}', array('current_page' => $context['SPortal']['page']['id'])); $_SESSION['last_viewed_page'] = $context['SPortal']['page']['id']; } $context['linktree'][] = array('url' => $scripturl . '?page=' . $page_id, 'name' => $context['SPortal']['page']['title']); $context['page_title'] = $context['SPortal']['page']['title']; $context['sub_template'] = 'view_page'; }
/** * View a specific page in the system */ public function action_sportal_page() { global $context, $scripturl; // Use the requested page id $page_id = !empty($_REQUEST['page']) ? $_REQUEST['page'] : 0; // Fetch the page $context['SPortal']['page'] = sportal_get_pages($page_id, true, true); if (empty($context['SPortal']['page']['id'])) { fatal_lang_error('error_sp_page_not_found', false); } // Fetch any style associated with the page $context['SPortal']['page']['style'] = sportal_parse_style('explode', $context['SPortal']['page']['style'], true); // Prepare the body $context['SPortal']['page']['body'] = sportal_parse_content($context['SPortal']['page']['body'], $context['SPortal']['page']['type'], 'return'); // Increase the view counter if (empty($_SESSION['last_viewed_page']) || $_SESSION['last_viewed_page'] != $context['SPortal']['page']['id']) { sportal_increase_viewcount('page', $context['SPortal']['page']['id']); $_SESSION['last_viewed_page'] = $context['SPortal']['page']['id']; } // Prep the template for display $context['linktree'][] = array('url' => $scripturl . '?page=' . $page_id, 'name' => $context['SPortal']['page']['title']); $context['page_title'] = $context['SPortal']['page']['title']; $context['sub_template'] = 'view_page'; }
function sportal_admin_page_edit() { global $txt, $context, $modSettings, $smcFunc, $sourcedir, $options; require_once $sourcedir . '/Subs-Editor.php'; require_once $sourcedir . '/Subs-Post.php'; $context['SPortal']['is_new'] = empty($_REQUEST['page_id']); if (!empty($_REQUEST['content_mode']) && $_POST['type'] == 'bbc') { $_REQUEST['content'] = html_to_bbc($_REQUEST['content']); $_REQUEST['content'] = un_htmlspecialchars($_REQUEST['content']); $_POST['content'] = $_REQUEST['content']; } $context['sides'] = array(5 => $txt['sp-positionHeader'], 1 => $txt['sp-positionLeft'], 2 => $txt['sp-positionTop'], 3 => $txt['sp-positionBottom'], 4 => $txt['sp-positionRight'], 6 => $txt['sp-positionFooter']); $blocks = getBlockInfo(); $context['page_blocks'] = array(); foreach ($blocks as $block) { $shown = false; $tests = array('all', 'allpages', 'sforum'); if (!$context['SPortal']['is_new']) { $tests[] = 'p' . (int) $_REQUEST['page_id']; } foreach (array('display', 'display_custom') as $field) { if (substr($block[$field], 0, 4) === '$php') { continue 2; } $block[$field] = explode(',', $block[$field]); if (!$context['SPortal']['is_new'] && in_array('-p' . (int) $_REQUEST['page_id'], $block[$field])) { continue; } foreach ($tests as $test) { if (in_array($test, $block[$field])) { $shown = true; break; } } } $context['page_blocks'][$block['column']][] = array('id' => $block['id'], 'label' => $block['label'], 'shown' => $shown); } if (!empty($_POST['submit'])) { checkSession(); if (!isset($_POST['title']) || $smcFunc['htmltrim']($smcFunc['htmlspecialchars']($_POST['title'], ENT_QUOTES)) === '') { fatal_lang_error('sp_error_page_name_empty', false); } if (!isset($_POST['namespace']) || $smcFunc['htmltrim']($smcFunc['htmlspecialchars']($_POST['namespace'], ENT_QUOTES)) === '') { fatal_lang_error('sp_error_page_namespace_empty', false); } $result = $smcFunc['db_query']('', ' SELECT id_page FROM {db_prefix}sp_pages WHERE namespace = {string:namespace} AND id_page != {int:current} LIMIT 1', array('limit' => 1, 'namespace' => $smcFunc['htmlspecialchars']($_POST['namespace'], ENT_QUOTES), 'current' => (int) $_POST['page_id'])); list($has_duplicate) = $smcFunc['db_fetch_row']($result); $smcFunc['db_free_result']($result); if (!empty($has_duplicate)) { fatal_lang_error('sp_error_page_namespace_duplicate', false); } if (preg_match('~[^A-Za-z0-9_]+~', $_POST['namespace']) != 0) { fatal_lang_error('sp_error_page_namespace_invalid_chars', false); } if (preg_replace('~[0-9]+~', '', $_POST['namespace']) === '') { fatal_lang_error('sp_error_page_namespace_numeric', false); } if ($_POST['type'] == 'php' && !empty($_POST['content']) && empty($modSettings['sp_disable_php_validation'])) { $error = sp_validate_php($_POST['content']); if ($error) { fatal_lang_error('error_sp_php_' . $error, false); } } $permission_set = 0; $groups_allowed = $groups_denied = ''; if (!empty($_POST['permission_set'])) { $permission_set = (int) $_POST['permission_set']; } elseif (!empty($_POST['membergroups']) && is_array($_POST['membergroups'])) { $groups_allowed = $groups_denied = array(); foreach ($_POST['membergroups'] as $id => $value) { if ($value == 1) { $groups_allowed[] = (int) $id; } elseif ($value == -1) { $groups_denied[] = (int) $id; } } $groups_allowed = implode(',', $groups_allowed); $groups_denied = implode(',', $groups_denied); } if (!empty($_POST['blocks']) && is_array($_POST['blocks'])) { foreach ($_POST['blocks'] as $id => $block) { $_POST['blocks'][$id] = (int) $block; } } else { $_POST['blocks'] = array(); } $fields = array('namespace' => 'string', 'title' => 'string', 'body' => 'string', 'type' => 'string', 'permission_set' => 'int', 'groups_allowed' => 'string', 'groups_denied' => 'string', 'style' => 'string', 'status' => 'int'); $page_info = array('id' => (int) $_POST['page_id'], 'namespace' => $smcFunc['htmlspecialchars']($_POST['namespace'], ENT_QUOTES), 'title' => $smcFunc['htmlspecialchars']($_POST['title'], ENT_QUOTES), 'body' => $smcFunc['htmlspecialchars']($_POST['content'], ENT_QUOTES), 'type' => $_POST['type'], 'permission_set' => $permission_set, 'groups_allowed' => $groups_allowed, 'groups_denied' => $groups_denied, 'style' => sportal_parse_style('implode'), 'status' => !empty($_POST['status']) ? 1 : 0); if ($page_info['type'] == 'bbc') { preparsecode($page_info['body']); } if ($context['SPortal']['is_new']) { unset($page_info['id']); $smcFunc['db_insert']('', '{db_prefix}sp_pages', $fields, $page_info, array('id_page')); $page_info['id'] = $smcFunc['db_insert_id']('{db_prefix}sp_pages', 'id_page'); } else { $update_fields = array(); foreach ($fields as $name => $type) { $update_fields[] = $name . ' = {' . $type . ':' . $name . '}'; } $smcFunc['db_query']('', ' UPDATE {db_prefix}sp_pages SET ' . implode(', ', $update_fields) . ' WHERE id_page = {int:id}', $page_info); } $to_show = array(); $not_to_show = array(); $changes = array(); foreach ($context['page_blocks'] as $page_blocks) { foreach ($page_blocks as $block) { if ($block['shown'] && !in_array($block['id'], $_POST['blocks'])) { $not_to_show[] = $block['id']; } elseif (!$block['shown'] && in_array($block['id'], $_POST['blocks'])) { $to_show[] = $block['id']; } } } foreach ($to_show as $id) { if (empty($blocks[$id]['display']) && empty($blocks[$id]['display_custom']) || $blocks[$id]['display'] == 'sportal') { $changes[$id] = array('display' => 'portal,p' . $page_info['id'], 'display_custom' => ''); } elseif (in_array($blocks[$id]['display'], array('allaction', 'allboard'))) { $changes[$id] = array('display' => '', 'display_custom' => $blocks[$id]['display'] . ',p' . $page_info['id']); } elseif (in_array('-p' . $page_info['id'], explode(',', $blocks[$id]['display_custom']))) { $changes[$id] = array('display' => $blocks[$id]['display'], 'display_custom' => implode(',', array_diff(explode(',', $blocks[$id]['display_custom']), array('-p' . $page_info['id'])))); } elseif (empty($blocks[$id]['display_custom'])) { $changes[$id] = array('display' => implode(',', array_merge(explode(',', $blocks[$id]['display']), array('p' . $page_info['id']))), 'display_custom' => ''); } else { $changes[$id] = array('display' => $blocks[$id]['display'], 'display_custom' => implode(',', array_merge(explode(',', $blocks[$id]['display_custom']), array('p' . $page_info['id'])))); } } foreach ($not_to_show as $id) { if (count(array_intersect(array($blocks[$id]['display'], $blocks[$id]['display_custom']), array('sforum', 'allpages', 'all'))) > 0) { $changes[$id] = array('display' => '', 'display_custom' => $blocks[$id]['display'] . $blocks[$id]['display_custom'] . ',-p' . $page_info['id']); } elseif (empty($blocks[$id]['display_custom'])) { $changes[$id] = array('display' => implode(',', array_diff(explode(',', $blocks[$id]['display']), array('p' . $page_info['id']))), 'display_custom' => ''); } else { $changes[$id] = array('display' => implode(',', array_diff(explode(',', $blocks[$id]['display']), array('p' . $page_info['id']))), 'display_custom' => implode(',', array_diff(explode(',', $blocks[$id]['display_custom']), array('p' . $page_info['id'])))); } } foreach ($changes as $id => $data) { $smcFunc['db_query']('', ' UPDATE {db_prefix}sp_blocks SET display = {string:display}, display_custom = {string:display_custom} WHERE id_block = {int:id}', array('id' => $id, 'display' => $data['display'], 'display_custom' => $data['display_custom'])); } redirectexit('action=admin;area=portalpages'); } if (!empty($_POST['preview'])) { $permission_set = 0; $groups_allowed = $groups_denied = array(); if (!empty($_POST['permission_set'])) { $permission_set = (int) $_POST['permission_set']; } elseif (!empty($_POST['membergroups']) && is_array($_POST['membergroups'])) { foreach ($_POST['membergroups'] as $id => $value) { if ($value == 1) { $groups_allowed[] = (int) $id; } elseif ($value == -1) { $groups_denied[] = (int) $id; } } } $context['SPortal']['page'] = array('id' => $_POST['page_id'], 'page_id' => $_POST['namespace'], 'title' => $smcFunc['htmlspecialchars']($_POST['title'], ENT_QUOTES), 'body' => $smcFunc['htmlspecialchars']($_POST['content'], ENT_QUOTES), 'type' => $_POST['type'], 'permission_set' => $permission_set, 'groups_allowed' => $groups_allowed, 'groups_denied' => $groups_denied, 'style' => sportal_parse_style('implode'), 'status' => !empty($_POST['status'])); if ($context['SPortal']['page']['type'] == 'bbc') { preparsecode($context['SPortal']['page']['body']); } loadTemplate('PortalPages'); $context['SPortal']['preview'] = true; } elseif ($context['SPortal']['is_new']) { $context['SPortal']['page'] = array('id' => 0, 'page_id' => 'page' . mt_rand(1, 5000), 'title' => $txt['sp_pages_default_title'], 'body' => '', 'type' => 'bbc', 'permission_set' => 3, 'groups_allowed' => array(), 'groups_denied' => array(), 'style' => '', 'status' => 1); } else { $_REQUEST['page_id'] = (int) $_REQUEST['page_id']; $context['SPortal']['page'] = sportal_get_pages($_REQUEST['page_id']); } if ($context['SPortal']['page']['type'] == 'bbc') { $context['SPortal']['page']['body'] = str_replace(array('"', '<', '>', ' '), array('"', '<', '>', ' '), un_preparsecode($context['SPortal']['page']['body'])); } if ($context['SPortal']['page']['type'] != 'bbc') { $temp_editor = !empty($options['wysiwyg_default']); $options['wysiwyg_default'] = false; } $editorOptions = array('id' => 'content', 'value' => $context['SPortal']['page']['body'], 'width' => '95%', 'height' => '200px', 'preview_type' => 0); create_control_richedit($editorOptions); $context['post_box_name'] = $editorOptions['id']; if (isset($temp_editor)) { $options['wysiwyg_default'] = $temp_editor; } $context['SPortal']['page']['groups'] = sp_load_membergroups(); $context['SPortal']['page']['style'] = sportal_parse_style('explode', $context['SPortal']['page']['style'], !empty($context['SPortal']['preview'])); $context['page_title'] = $context['SPortal']['is_new'] ? $txt['sp_admin_pages_add'] : $txt['sp_admin_pages_edit']; $context['sub_template'] = 'pages_edit'; }
/** * Loads all the defined portal blocks in to context */ function sportal_load_blocks() { global $context, $modSettings, $options; $context['SPortal']['sides'] = array(5 => array('id' => '5', 'name' => 'header', 'active' => true), 1 => array('id' => '1', 'name' => 'left', 'active' => !empty($modSettings['showleft'])), 2 => array('id' => '2', 'name' => 'top', 'active' => true), 3 => array('id' => '3', 'name' => 'bottom', 'active' => true), 4 => array('id' => '4', 'name' => 'right', 'active' => !empty($modSettings['showright'])), 6 => array('id' => '6', 'name' => 'footer', 'active' => true)); // Get the blocks in the system $blocks = getBlockInfo(null, null, true, true, true); // If the member has arranged the blocks, display them like that if (!empty($options['sp_block_layout'])) { $layout = @unserialize($options['sp_block_layout']); // If some bad arrangement data found its way in if ($layout === false) { resetMemberLayout(); } else { foreach ($layout as $id => $column) { if (empty($column) || empty($id) || !$context['SPortal']['sides'][$id]['active']) { continue; } foreach ($column as $item) { if (empty($blocks[$item])) { continue; } $blocks[$item]['style'] = sportal_parse_style('explode', $blocks[$item]['style'], true); $context['SPortal']['blocks'][$id][] = $blocks[$item]; unset($blocks[$item]); } $context['SPortal']['blocks']['custom_arrange'] = true; } } } if (!isset($context['SPortal']['blocks'])) { $context['SPortal']['blocks'] = array(); } foreach ($blocks as $block) { if (!$context['SPortal']['sides'][$block['column']]['active']) { continue; } if ($context['browser_body_id'] === 'mobile' && empty($block['mobile_view'])) { continue; } $block['style'] = sportal_parse_style('explode', $block['style'], true); $context['SPortal']['sides'][$block['column']]['last'] = $block['id']; $context['SPortal']['blocks'][$block['column']][] = $block; } foreach ($context['SPortal']['sides'] as $side) { if (empty($context['SPortal']['blocks'][$side['id']])) { $context['SPortal']['sides'][$side['id']]['active'] = false; } $context['SPortal']['sides'][$side['id']]['collapsed'] = $context['user']['is_guest'] ? !empty($_COOKIE['sp_' . $side['name']]) : !empty($options['sp_' . $side['name']]); } }
function sportal_init($standalone = false) { global $context, $sourcedir, $scripturl, $modSettings, $txt; global $settings, $options, $boarddir, $maintenance, $sportal_version; $sportal_version = '2.3.5'; if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'dlattach') { return; } if (!$standalone) { loadTemplate(false, 'portal'); if (!empty($context['right_to_left'])) { loadTemplate(false, 'portal_rtl'); } if (!empty($_REQUEST['action']) && in_array($_REQUEST['action'], array('admin', 'helpadmin'))) { loadLanguage('SPortalAdmin', sp_languageSelect('SPortalAdmin')); } if (!isset($settings['sp_images_url'])) { if (file_exists($settings['theme_dir'] . '/images/sp')) { $settings['sp_images_url'] = $settings['theme_url'] . '/images/sp'; } else { $settings['sp_images_url'] = $settings['default_theme_url'] . '/images/sp'; } } if (!empty($context['current_topic'])) { $context['can_add_article'] = allowedTo(array('sp_admin', 'sp_manage_articles', 'sp_add_article')); $context['can_remove_article'] = allowedTo(array('sp_admin', 'sp_manage_articles', 'sp_remove_article')); } $context['SPortal']['core_compat'] = $settings['name'] == 'Core Theme'; $context['SPortal']['on_portal'] = getShowInfo(0, 'portal', ''); } if (WIRELESS || $standalone && (isset($_REQUEST['wap']) || isset($_REQUEST['wap2']) || isset($_REQUEST['imode'])) || !empty($settings['disable_sp']) || empty($modSettings['sp_portal_mode']) || (!empty($modSettings['sp_maintenance']) || !empty($maintenance)) && !allowedTo('admin_forum') || isset($_GET['debug']) || empty($modSettings['allow_guestAccess']) && $context['user']['is_guest']) { $context['disable_sp'] = true; if ($standalone) { $get_string = ''; foreach ($_GET as $get_var => $get_value) { $get_string .= $get_var . (!empty($get_value) ? '=' . $get_value : '') . ';'; } redirectexit(substr($get_string, 0, -1)); } return; } if (!$standalone) { require_once $sourcedir . '/PortalBlocks.php'; if (SMF != 'SSI') { require_once $boarddir . '/SSI.php'; } loadTemplate('Portal'); loadLanguage('SPortal', sp_languageSelect('SPortal')); if (!empty($modSettings['sp_maintenance']) && !allowedTo('sp_admin')) { $modSettings['sp_portal_mode'] = 0; } if (empty($modSettings['sp_standalone_url'])) { $modSettings['sp_standalone_url'] = ''; } if ($modSettings['sp_portal_mode'] == 3) { $context += array('portal_url' => $modSettings['sp_standalone_url'], 'page_title' => $context['forum_name']); } else { $context += array('portal_url' => $scripturl); } if ($modSettings['sp_portal_mode'] == 1) { $context['linktree'][0] = array('url' => $scripturl . '?action=forum', 'name' => $context['forum_name']); } // If you want to remove Forum link when it is // alone, take out the following two comment lines. //if (empty($context['linktree'][1])) // $context['linktree'] = array(); if (!empty($context['linktree']) && $modSettings['sp_portal_mode'] == 1) { foreach ($context['linktree'] as $key => $tree) { if (strpos($tree['url'], '#c') !== false && strpos($tree['url'], 'action=forum#c') === false) { $context['linktree'][$key]['url'] = str_replace('#c', '?action=forum#c', $tree['url']); } } } } $context['standalone'] = $standalone; // Load the headers if necessary. sportal_init_headers(); $context['SPortal']['sides'] = array(5 => array('id' => '5', 'name' => 'header', 'active' => true), 1 => array('id' => '1', 'name' => 'left', 'active' => !empty($modSettings['showleft'])), 2 => array('id' => '2', 'name' => 'top', 'active' => true), 3 => array('id' => '3', 'name' => 'bottom', 'active' => true), 4 => array('id' => '4', 'name' => 'right', 'active' => !empty($modSettings['showright'])), 6 => array('id' => '6', 'name' => 'footer', 'active' => true)); $blocks = getBlockInfo(null, null, true, true, true); $context['SPortal']['blocks'] = array(); foreach ($blocks as $block) { if (!$context['SPortal']['sides'][$block['column']]['active']) { continue; } $block['style'] = sportal_parse_style('explode', $block['style'], true); $context['SPortal']['sides'][$block['column']]['last'] = $block['id']; $context['SPortal']['blocks'][$block['column']][] = $block; } foreach ($context['SPortal']['sides'] as $side) { if (empty($context['SPortal']['blocks'][$side['id']])) { $context['SPortal']['sides'][$side['id']]['active'] = false; } $context['SPortal']['sides'][$side['id']]['collapsed'] = $context['user']['is_guest'] ? !empty($_COOKIE['sp_' . $side['name']]) : !empty($options['sp_' . $side['name']]); } if (!empty($context['template_layers']) && !in_array('portal', $context['template_layers'])) { $context['template_layers'][] = 'portal'; } }
function sportal_admin_block_edit() { global $txt, $context, $modSettings, $smcFunc, $sourcedir, $boarddir, $boards; // Just in case, the admin could be doing something silly like editing a SP block while SP it disabled. ;) require_once $sourcedir . '/PortalBlocks.php'; $context['SPortal']['is_new'] = empty($_REQUEST['block_id']); // BBC Fix move the parameter to the correct position. if (!empty($_POST['bbc_name'])) { $_POST['parameters'][$_POST['bbc_name']] = !empty($_POST[$_POST['bbc_parameter']]) ? $_POST[$_POST['bbc_parameter']] : ''; // If we came from WYSIWYG then turn it back into BBC regardless. if (!empty($_REQUEST['bbc_' . $_POST['bbc_name'] . '_mode']) && isset($_POST['parameters'][$_POST['bbc_name']])) { require_once $sourcedir . '/Subs-Editor.php'; $_POST['parameters'][$_POST['bbc_name']] = html_to_bbc($_POST['parameters'][$_POST['bbc_name']]); // We need to unhtml it now as it gets done shortly. $_POST['parameters'][$_POST['bbc_name']] = un_htmlspecialchars($_POST['parameters'][$_POST['bbc_name']]); // We need this for everything else. $_POST['parameters'][$_POST['bbc_name']] = $_POST['parameters'][$_POST['bbc_name']]; } } // Passing the selected type via $_GET instead of $_POST? $start_parameters = array(); if (!empty($_GET['selected_type']) && empty($_POST['selected_type'])) { $_POST['selected_type'] = array($_GET['selected_type']); if (!empty($_GET['parameters'])) { foreach ($_GET['parameters'] as $param) { if (isset($_GET[$param])) { $start_parameters[$param] = $_GET[$param]; } } } } if ($context['SPortal']['is_new'] && empty($_POST['selected_type']) && empty($_POST['add_block'])) { $context['SPortal']['block_types'] = getFunctionInfo(); if (!empty($_REQUEST['col'])) { $context['SPortal']['block']['column'] = $_REQUEST['col']; } $context['sub_template'] = 'block_select_type'; $context['page_title'] = $txt['sp-blocksAdd']; } elseif ($context['SPortal']['is_new'] && !empty($_POST['selected_type'])) { $context['SPortal']['block'] = array('id' => 0, 'label' => $txt['sp-blocksDefaultLabel'], 'type' => $_POST['selected_type'][0], 'type_text' => !empty($txt['sp_function_' . $_POST['selected_type'][0] . '_label']) ? $txt['sp_function_' . $_POST['selected_type'][0] . '_label'] : $txt['sp_function_unknown_label'], 'column' => !empty($_POST['block_column']) ? $_POST['block_column'] : 0, 'row' => 0, 'permission_set' => 3, 'groups_allowed' => array(), 'groups_denied' => array(), 'state' => 1, 'force_view' => 0, 'display' => '', 'display_custom' => '', 'style' => '', 'parameters' => !empty($start_parameters) ? $start_parameters : array(), 'options' => $_POST['selected_type'][0](array(), false, true), 'list_blocks' => !empty($_POST['block_column']) ? getBlockInfo($_POST['block_column']) : array()); } elseif (!$context['SPortal']['is_new'] && empty($_POST['add_block'])) { $_REQUEST['block_id'] = (int) $_REQUEST['block_id']; $context['SPortal']['block'] = current(getBlockInfo(null, $_REQUEST['block_id'])); $context['SPortal']['block'] += array('options' => $context['SPortal']['block']['type'](array(), false, true), 'list_blocks' => getBlockInfo($context['SPortal']['block']['column'])); } if (!empty($_POST['preview_block'])) { // Just in case, the admin could be doing something silly like editing a SP block while SP it disabled. ;) require_once $boarddir . '/SSI.php'; sportal_init_headers(); loadTemplate('Portal'); $type_parameters = $_POST['block_type'](array(), 0, true); if (!empty($_POST['parameters']) && is_array($_POST['parameters']) && !empty($type_parameters)) { foreach ($type_parameters as $name => $type) { if (isset($_POST['parameters'][$name])) { if ($type == 'bbc') { $parameter['value'] = $_POST['parameters'][$name]; require_once $sourcedir . '/Subs-Post.php'; $parameter['value'] = $smcFunc['htmlspecialchars']($parameter['value'], ENT_QUOTES); preparsecode($parameter['value']); $_POST['parameters'][$name] = $parameter['value']; } elseif ($type == 'boards' || $type == 'board_select') { $_POST['parameters'][$name] = is_array($_POST['parameters'][$name]) ? implode('|', $_POST['parameters'][$name]) : $_POST['parameters'][$name]; } elseif ($type == 'int' || $type == 'select') { $_POST['parameters'][$name] = (int) $_POST['parameters'][$name]; } elseif ($type == 'text' || $type == 'textarea' || is_array($type)) { $_POST['parameters'][$name] = $smcFunc['htmlspecialchars']($_POST['parameters'][$name], ENT_QUOTES); } elseif ($type == 'check') { $_POST['parameters'][$name] = !empty($_POST['parameters'][$name]) ? 1 : 0; } } } } else { $_POST['parameters'] = array(); } if (empty($_POST['display_advanced'])) { if (!empty($_POST['display_simple']) && in_array($_POST['display_simple'], array('all', 'sportal', 'sforum', 'allaction', 'allboard', 'allpages'))) { $display = $_POST['display_simple']; } else { $display = ''; } $custom = ''; } else { $display = array(); $custom = array(); if (!empty($_POST['display_actions'])) { foreach ($_POST['display_actions'] as $action) { $display[] = $smcFunc['htmlspecialchars']($action, ENT_QUOTES); } } if (!empty($_POST['display_boards'])) { foreach ($_POST['display_boards'] as $board) { $display[] = 'b' . (int) substr($board, 1); } } if (!empty($_POST['display_pages'])) { foreach ($_POST['display_pages'] as $page) { $display[] = 'p' . (int) substr($page, 1); } } if (!empty($_POST['display_custom'])) { $temp = explode(',', $_POST['display_custom']); foreach ($temp as $action) { $custom[] = $smcFunc['htmlspecialchars']($smcFunc['htmltrim']($action), ENT_QUOTES); } } $display = empty($display) ? '' : implode(',', $display); $custom = empty($custom) ? '' : implode(',', $custom); } $permission_set = 0; $groups_allowed = $groups_denied = array(); if (!empty($_POST['permission_set'])) { $permission_set = (int) $_POST['permission_set']; } elseif (!empty($_POST['membergroups']) && is_array($_POST['membergroups'])) { foreach ($_POST['membergroups'] as $id => $value) { if ($value == 1) { $groups_allowed[] = (int) $id; } elseif ($value == -1) { $groups_denied[] = (int) $id; } } } $context['SPortal']['block'] = array('id' => $_POST['block_id'], 'label' => $smcFunc['htmlspecialchars']($_POST['block_name'], ENT_QUOTES), 'type' => $_POST['block_type'], 'type_text' => !empty($txt['sp_function_' . $_POST['block_type'] . '_label']) ? $txt['sp_function_' . $_POST['block_type'] . '_label'] : $txt['sp_function_unknown_label'], 'column' => $_POST['block_column'], 'row' => !empty($_POST['block_row']) ? $_POST['block_row'] : 0, 'permission_set' => $permission_set, 'groups_allowed' => $groups_allowed, 'groups_denied' => $groups_denied, 'state' => !empty($_POST['block_active']), 'force_view' => !empty($_POST['block_force']), 'display' => $display, 'display_custom' => $custom, 'style' => sportal_parse_style('implode'), 'parameters' => !empty($_POST['parameters']) ? $_POST['parameters'] : array(), 'options' => $_POST['block_type'](array(), false, true), 'list_blocks' => getBlockInfo($_POST['block_column']), 'collapsed' => false); if (strpos($modSettings['leftwidth'], '%') !== false || strpos($modSettings['leftwidth'], 'px') !== false) { $context['widths'][1] = $modSettings['leftwidth']; } else { $context['widths'][1] = $modSettings['leftwidth'] . 'px'; } if (strpos($modSettings['rightwidth'], '%') !== false || strpos($modSettings['rightwidth'], 'px') !== false) { $context['widths'][4] = $modSettings['rightwidth']; } else { $context['widths'][4] = $modSettings['rightwidth'] . 'px'; } if (strpos($context['widths'][1], '%') !== false) { $context['widths'][2] = $context['widths'][3] = 100 - ($context['widths'][1] + $context['widths'][4]) . '%'; } elseif (strpos($context['widths'][1], 'px') !== false) { $context['widths'][2] = $context['widths'][3] = 960 - ($context['widths'][1] + $context['widths'][4]) . 'px'; } if (strpos($context['widths'][1], '%') !== false) { $context['widths'][2] = $context['widths'][3] = 100 - ($context['widths'][1] + $context['widths'][4]) . '%'; $context['widths'][5] = $context['widths'][6] = '100%'; } elseif (strpos($context['widths'][1], 'px') !== false) { $context['widths'][2] = $context['widths'][3] = 960 - ($context['widths'][1] + $context['widths'][4]) . 'px'; $context['widths'][5] = $context['widths'][6] = '960px'; } $context['SPortal']['preview'] = true; } if (!empty($_POST['selected_type']) || !empty($_POST['preview_block']) || !$context['SPortal']['is_new'] && empty($_POST['add_block'])) { if ($context['SPortal']['block']['type'] == 'sp_php' && !allowedTo('admin_forum')) { fatal_lang_error('cannot_admin_forum', false); } $context['html_headers'] .= ' <script language="JavaScript" type="text/javascript"><!-- // --><![CDATA[ function sp_collapseObject(id) { mode = document.getElementById("sp_object_" + id).style.display == "" ? 0 : 1; document.getElementById("sp_collapse_" + id).src = smf_images_url + (mode ? "/collapse.gif" : "/expand.gif"); document.getElementById("sp_object_" + id).style.display = mode ? "" : "none"; } // ]]></script>'; loadLanguage('SPortalHelp', sp_languageSelect('SPortalHelp')); $context['SPortal']['block']['groups'] = sp_load_membergroups(); $context['simple_actions'] = array('sportal' => $txt['sp-portal'], 'sforum' => $txt['sp-forum'], 'allaction' => $txt['sp-blocksOptionAllActions'], 'allboard' => $txt['sp-blocksOptionAllBoards'], 'allpages' => $txt['sp-blocksOptionAllPages'], 'all' => $txt['sp-blocksOptionEverywhere']); $context['display_actions'] = array('portal' => $txt['sp-portal'], 'forum' => $txt['sp-forum'], 'recent' => $txt['recent_posts'], 'unread' => $txt['unread_topics_visit'], 'unreadreplies' => $txt['unread_replies'], 'profile' => $txt['profile'], 'pm' => $txt['pm_short'], 'calendar' => $txt['calendar'], 'admin' => $txt['admin'], 'login' => $txt['login'], 'register' => $txt['register'], 'post' => $txt['post'], 'stats' => $txt['forum_stats'], 'search' => $txt['search'], 'mlist' => $txt['members_list'], 'moderate' => $txt['moderate'], 'help' => $txt['help'], 'who' => $txt['who_title']); $request = $smcFunc['db_query']('', ' SELECT id_board, name FROM {db_prefix}boards ORDER BY name DESC'); $context['display_boards'] = array(); while ($row = $smcFunc['db_fetch_assoc']($request)) { $context['display_boards']['b' . $row['id_board']] = $row['name']; } $smcFunc['db_free_result']($request); $request = $smcFunc['db_query']('', ' SELECT id_page, title FROM {db_prefix}sp_pages ORDER BY title DESC'); $context['display_pages'] = array(); while ($row = $smcFunc['db_fetch_assoc']($request)) { $context['display_pages']['p' . $row['id_page']] = $row['title']; } $smcFunc['db_free_result']($request); if (empty($context['SPortal']['block']['display'])) { $context['SPortal']['block']['display'] = array('0'); } else { $context['SPortal']['block']['display'] = explode(',', $context['SPortal']['block']['display']); } if (in_array($context['SPortal']['block']['display'][0], array('all', 'sportal', 'sforum', 'allaction', 'allboard', 'allpages')) || $context['SPortal']['is_new'] || empty($context['SPortal']['block']['display'][0]) && empty($context['SPortal']['block']['display_custom'])) { $context['SPortal']['block']['display_type'] = 0; } else { $context['SPortal']['block']['display_type'] = 1; } $context['SPortal']['block']['style'] = sportal_parse_style('explode', $context['SPortal']['block']['style'], !empty($context['SPortal']['preview'])); // Prepare the Textcontent for BBC, only the first bbc will be correct detected! (SMF Support only 1 per page with the standard function) $firstBBCFound = false; foreach ($context['SPortal']['block']['options'] as $name => $type) { // Selectable Boards :D if ($type == 'board_select' || $type == 'boards') { if (empty($boards)) { require_once $sourcedir . '/Subs-Boards.php'; getBoardTree(); } // Merge the array ;). (Only in 2.0 needed) if (!isset($context['SPortal']['block']['parameters'][$name])) { $context['SPortal']['block']['parameters'][$name] = array(); } elseif (!empty($context['SPortal']['block']['parameters'][$name]) && is_array($context['SPortal']['block']['parameters'][$name])) { $context['SPortal']['block']['parameters'][$name] = implode('|', $context['SPortal']['block']['parameters'][$name]); } $context['SPortal']['block']['board_options'][$name] = array(); $config_variable = !empty($context['SPortal']['block']['parameters'][$name]) ? $context['SPortal']['block']['parameters'][$name] : array(); $config_variable = !is_array($config_variable) ? explode('|', $config_variable) : $config_variable; $context['SPortal']['block']['board_options'][$name] = array(); // Create the list for this Item foreach ($boards as $board) { if (!empty($board['redirect'])) { // Ignore the redirected boards :) continue; } $context['SPortal']['block']['board_options'][$name][$board['id']] = array('value' => $board['id'], 'text' => $board['name'], 'selected' => in_array($board['id'], $config_variable)); } } elseif ($type == 'bbc') { // SMF support only one bbc correct, multiple bbc do not work at the moment if (!$firstBBCFound) { $firstBBCFound = true; // Start SMF BBC Sytem :) require_once $sourcedir . '/Subs-Editor.php'; // Prepare the output :D $form_message = !empty($context['SPortal']['block']['parameters'][$name]) ? $context['SPortal']['block']['parameters'][$name] : ''; // But if it's in HTML world, turn them into htmlspecialchar's so they can be edited! if (strpos($form_message, '[html]') !== false) { $parts = preg_split('~(\\[/code\\]|\\[code(?:=[^\\]]+)?\\])~i', $form_message, -1, PREG_SPLIT_DELIM_CAPTURE); for ($i = 0, $n = count($parts); $i < $n; $i++) { // It goes 0 = outside, 1 = begin tag, 2 = inside, 3 = close tag, repeat. if ($i % 4 == 0) { $parts[$i] = preg_replace('~\\[html\\](.+?)\\[/html\\]~ise', '\'[html]\' . preg_replace(\'~<br\\s?/?>~i\', \'<br /><br />\', \'$1\') . \'[/html]\'', $parts[$i]); } } $form_message = implode('', $parts); } $form_message = preg_replace('~<br(?: /)?' . '>~i', "\n", $form_message); // Prepare the data before i want them inside the textarea $form_message = str_replace(array('"', '<', '>', ' '), array('"', '<', '>', ' '), $form_message); $context['SPortal']['bbc'] = 'bbc_' . $name; $message_data = array('id' => $context['SPortal']['bbc'], 'width' => '95%', 'height' => '200px', 'value' => $form_message, 'form' => 'sp_block'); // Run the SMF bbc editor rutine create_control_richedit($message_data); // Store the updated data on the parameters $context['SPortal']['block']['parameters'][$name] = $form_message; } else { $context['SPortal']['block']['options'][$name] = 'textarea'; } } } $context['sub_template'] = 'block_edit'; $context['page_title'] = $context['SPortal']['is_new'] ? $txt['sp-blocksAdd'] : $txt['sp-blocksEdit']; } if (!empty($_POST['add_block'])) { if ($_POST['block_type'] == 'sp_php' && !allowedTo('admin_forum')) { fatal_lang_error('cannot_admin_forum', false); } if (!isset($_POST['block_name']) || $smcFunc['htmltrim']($smcFunc['htmlspecialchars']($_POST['block_name']), ENT_QUOTES) === '') { fatal_lang_error('error_sp_name_empty', false); } if ($_POST['block_type'] == 'sp_php' && !empty($_POST['parameters']['content']) && empty($modSettings['sp_disable_php_validation'])) { $error = sp_validate_php($_POST['parameters']['content']); if ($error) { fatal_lang_error('error_sp_php_' . $error, false); } } if (!empty($_REQUEST['block_id'])) { $current_data = current(getBlockInfo(null, $_REQUEST['block_id'])); } if (!empty($_POST['placement']) && ($_POST['placement'] == 'before' || $_POST['placement'] == 'after')) { if (!empty($current_data)) { $current_row = $current_data['row']; } else { $current_row = null; } if ($_POST['placement'] == 'before') { $row = (int) $_POST['block_row']; } else { $row = (int) $_POST['block_row'] + 1; } if (!empty($current_row) && $row > $current_row) { $row = $row - 1; $smcFunc['db_query']('', ' UPDATE {db_prefix}sp_blocks SET row = row - 1 WHERE col = {int:col} AND row > {int:start} AND row <= {int:end}', array('col' => (int) $_POST['block_column'], 'start' => $current_row, 'end' => $row)); } else { $smcFunc['db_query']('', ' UPDATE {db_prefix}sp_blocks SET row = row + 1 WHERE col = {int:col} AND row >= {int:start}' . (!empty($current_row) ? ' AND row < {int:end}' : ''), array('col' => (int) $_POST['block_column'], 'start' => $row, 'end' => !empty($current_row) ? $current_row : 0)); } } elseif (!empty($_POST['placement']) && $_POST['placement'] == 'nochange') { $row = 0; } else { $request = $smcFunc['db_query']('', ' SELECT row FROM {db_prefix}sp_blocks WHERE col = {int:col}' . (!empty($_REQUEST['block_id']) ? ' AND id_block != {int:current_id}' : '') . ' ORDER BY row DESC LIMIT 1', array('col' => $_POST['block_column'], 'current_id' => $_REQUEST['block_id'])); list($row) = $smcFunc['db_fetch_row']($request); $smcFunc['db_free_result']($request); $row = $row + 1; } $type_parameters = $_POST['block_type'](array(), 0, true); if (!empty($_POST['parameters']) && is_array($_POST['parameters']) && !empty($type_parameters)) { foreach ($type_parameters as $name => $type) { if (isset($_POST['parameters'][$name])) { // Prepare BBC Content for SMF 2 special case =D if ($type == 'bbc') { $parameter['value'] = $_POST['parameters'][$name]; require_once $sourcedir . '/Subs-Post.php'; // Prepare the message a bit for some additional testing. $parameter['value'] = $smcFunc['htmlspecialchars']($parameter['value'], ENT_QUOTES); preparsecode($parameter['value']); //Store now the correct and fixed value ;) $_POST['parameters'][$name] = $parameter['value']; } elseif ($type == 'boards' || $type == 'board_select') { $_POST['parameters'][$name] = is_array($_POST['parameters'][$name]) ? implode('|', $_POST['parameters'][$name]) : $_POST['parameters'][$name]; } elseif ($type == 'int' || $type == 'select') { $_POST['parameters'][$name] = (int) $_POST['parameters'][$name]; } elseif ($type == 'text' || $type == 'textarea' || is_array($type)) { $_POST['parameters'][$name] = $smcFunc['htmlspecialchars']($_POST['parameters'][$name], ENT_QUOTES); } elseif ($type == 'check') { $_POST['parameters'][$name] = !empty($_POST['parameters'][$name]) ? 1 : 0; } } } } else { $_POST['parameters'] = array(); } $permission_set = 0; $groups_allowed = $groups_denied = ''; if (!empty($_POST['permission_set'])) { $permission_set = (int) $_POST['permission_set']; } elseif (!empty($_POST['membergroups']) && is_array($_POST['membergroups'])) { $groups_allowed = $groups_denied = array(); foreach ($_POST['membergroups'] as $id => $value) { if ($value == 1) { $groups_allowed[] = (int) $id; } elseif ($value == -1) { $groups_denied[] = (int) $id; } } $groups_allowed = implode(',', $groups_allowed); $groups_denied = implode(',', $groups_denied); } if (empty($_POST['display_advanced'])) { if (!empty($_POST['display_simple']) && in_array($_POST['display_simple'], array('all', 'sportal', 'sforum', 'allaction', 'allboard', 'allpages'))) { $display = $_POST['display_simple']; } else { $display = ''; } $custom = ''; } else { $display = array(); if (!empty($_POST['display_actions'])) { foreach ($_POST['display_actions'] as $action) { $display[] = $smcFunc['htmlspecialchars']($action, ENT_QUOTES); } } if (!empty($_POST['display_boards'])) { foreach ($_POST['display_boards'] as $board) { $display[] = 'b' . (int) substr($board, 1); } } if (!empty($_POST['display_pages'])) { foreach ($_POST['display_pages'] as $page) { $display[] = 'p' . (int) substr($page, 1); } } if (!empty($_POST['display_custom'])) { $temp = explode(',', $_POST['display_custom']); foreach ($temp as $action) { $custom[] = $smcFunc['htmlspecialchars']($smcFunc['htmltrim']($action), ENT_QUOTES); } } $display = empty($display) ? '' : implode(',', $display); if (!allowedTo('admin_forum') && isset($current_data['display_custom']) && substr($current_data['display_custom'], 0, 4) === '$php') { $custom = $current_data['display_custom']; } elseif (!empty($_POST['display_custom'])) { if (allowedTo('admin_forum') && substr($_POST['display_custom'], 0, 4) === '$php') { $custom = $smcFunc['htmlspecialchars']($_POST['display_custom'], ENT_QUOTES); } else { $custom = array(); $temp = explode(',', $_POST['display_custom']); foreach ($temp as $action) { $custom[] = $smcFunc['htmlspecialchars']($action, ENT_QUOTES); } $custom = empty($custom) ? '' : implode(',', $custom); } } else { $custom = ''; } } $blockInfo = array('id' => (int) $_POST['block_id'], 'label' => $smcFunc['htmlspecialchars']($_POST['block_name'], ENT_QUOTES), 'type' => $_POST['block_type'], 'col' => $_POST['block_column'], 'row' => $row, 'permission_set' => $permission_set, 'groups_allowed' => $groups_allowed, 'groups_denied' => $groups_denied, 'state' => !empty($_POST['block_active']) ? 1 : 0, 'force_view' => !empty($_POST['block_force']) ? 1 : 0, 'display' => $display, 'display_custom' => $custom, 'style' => sportal_parse_style('implode')); if ($context['SPortal']['is_new']) { unset($blockInfo['id']); $smcFunc['db_insert']('', '{db_prefix}sp_blocks', array('label' => 'string', 'type' => 'string', 'col' => 'int', 'row' => 'int', 'permission_set' => 'int', 'groups_allowed' => 'string', 'groups_denied' => 'string', 'state' => 'int', 'force_view' => 'int', 'display' => 'string', 'display_custom' => 'string', 'style' => 'string'), $blockInfo, array('id_block')); $blockInfo['id'] = $smcFunc['db_insert_id']('{db_prefix}sp_blocks', 'id_block'); } else { $block_fields = array("label = {string:label}", "permission_set = {int:permission_set}", "groups_allowed = {string:groups_allowed}", "groups_denied = {string:groups_denied}", "state = {int:state}", "force_view = {int:force_view}", "display = {string:display}", "display_custom = {string:display_custom}", "style = {string:style}"); if (!empty($blockInfo['row'])) { $block_fields[] = "row = {int:row}"; } else { unset($blockInfo['row']); } $smcFunc['db_query']('', ' UPDATE {db_prefix}sp_blocks SET ' . implode(', ', $block_fields) . ' WHERE id_block = {int:id}', $blockInfo); $smcFunc['db_query']('', ' DELETE FROM {db_prefix}sp_parameters WHERE id_block = {int:id}', array('id' => $blockInfo['id'])); } if (!empty($_POST['parameters'])) { $parameters = array(); foreach ($_POST['parameters'] as $variable => $value) { $parameters[] = array('id_block' => $blockInfo['id'], 'variable' => $variable, 'value' => $value); } $smcFunc['db_insert']('', '{db_prefix}sp_parameters', array('id_block' => 'int', 'variable' => 'string', 'value' => 'string'), $parameters, array()); } redirectexit('action=admin;area=portalblocks'); } }
/** * Does the actual saving of the page data * * - validates the data is safe to save * - updates existing pages or creates new ones */ private function _sportal_admin_page_edit_save() { global $txt, $context, $modSettings; // No errors, yet. $pages_errors = Error_Context::context('pages', 0); // Use our standard validation functions in a few spots require_once SUBSDIR . '/DataValidator.class.php'; $validator = new Data_Validator(); // Clean and Review the post data for compliance $validator->sanitation_rules(array('title' => 'trim|Util::htmlspecialchars', 'namespace' => 'trim|Util::htmlspecialchars', 'permissions' => 'intval', 'type' => 'trim', 'content' => 'trim')); $validator->validation_rules(array('title' => 'required', 'namespace' => 'alpha_numeric|required', 'type' => 'required', 'content' => 'required')); $validator->text_replacements(array('title' => $txt['sp_error_page_name_empty'], 'namespace' => $txt['sp_error_page_namespace_empty'], 'content' => $txt['sp_admin_pages_col_body'])); // If you messed this up, back you go if (!$validator->validate($_POST)) { foreach ($validator->validation_errors() as $id => $error) { $pages_errors->addError($error); } $this->action_sportal_admin_page_edit(); } // Can't have the same name in the same space twice $has_duplicate = sp_check_duplicate_pages($_POST['namespace'], $_POST['page_id']); if (!empty($has_duplicate)) { $pages_errors->addError('sp_error_page_namespace_duplicate'); } // Can't have a simple numeric namespace if (preg_replace('~[0-9]+~', '', $_POST['namespace']) === '') { $pages_errors->addError('sp_error_page_namespace_numeric'); } if ($_POST['type'] === 'php' && !allowedTo('admin_forum')) { fatal_lang_error('cannot_admin_forum', false); } // Running some php code, then we need to validate its legit code if ($_POST['type'] === 'php' && !empty($_POST['content']) && empty($modSettings['sp_disable_php_validation'])) { $validator_php = new Data_Validator(); $validator_php->validation_rules(array('content' => 'php_syntax')); // Bad PHP code if (!$validator_php->validate(array('content' => $_POST['content']))) { $pages_errors->addError($validator_php->validation_errors()); } } // None shall pass ... with errors if ($pages_errors->hasErrors()) { $this->action_sportal_admin_page_edit(); } // If you made it this far, we are going to save the work if (!empty($_POST['blocks']) && is_array($_POST['blocks'])) { foreach ($_POST['blocks'] as $id => $block) { $_POST['blocks'][$id] = (int) $block; } } else { $_POST['blocks'] = array(); } // The data for the fields $page_info = array('id' => (int) $_POST['page_id'], 'namespace' => Util::htmlspecialchars($_POST['namespace'], ENT_QUOTES), 'title' => Util::htmlspecialchars($_POST['title'], ENT_QUOTES), 'body' => Util::htmlspecialchars($_POST['content'], ENT_QUOTES), 'type' => in_array($_POST['type'], array('bbc', 'html', 'php')) ? $_POST['type'] : 'bbc', 'permissions' => (int) $_POST['permissions'], 'style' => sportal_parse_style('implode'), 'status' => !empty($_POST['status']) ? 1 : 0); if ($page_info['type'] === 'bbc') { preparsecode($page_info['body']); } // Save away sp_save_page($page_info, $context['SPortal']['is_new']); $to_show = array(); $not_to_show = array(); $changes = array(); foreach ($context['page_blocks'] as $page_blocks) { foreach ($page_blocks as $block) { if ($block['shown'] && !in_array($block['id'], $_POST['blocks'])) { $not_to_show[] = $block['id']; } elseif (!$block['shown'] && in_array($block['id'], $_POST['blocks'])) { $to_show[] = $block['id']; } } } foreach ($to_show as $id) { if (empty($this->blocks[$id]['display']) && empty($this->blocks[$id]['display_custom']) || $this->blocks[$id]['display'] == 'sportal') { $changes[$id] = array('display' => 'portal,p' . $page_info['id'], 'display_custom' => ''); } elseif (in_array($this->blocks[$id]['display'], array('allaction', 'allboard'))) { $changes[$id] = array('display' => '', 'display_custom' => $this->blocks[$id]['display'] . ',p' . $page_info['id']); } elseif (in_array('-p' . $page_info['id'], explode(',', $this->blocks[$id]['display_custom']))) { $changes[$id] = array('display' => $this->blocks[$id]['display'], 'display_custom' => implode(',', array_diff(explode(',', $this->blocks[$id]['display_custom']), array('-p' . $page_info['id'])))); } elseif (empty($this->blocks[$id]['display_custom'])) { $changes[$id] = array('display' => implode(',', array_merge(explode(',', $this->blocks[$id]['display']), array('p' . $page_info['id']))), 'display_custom' => ''); } else { $changes[$id] = array('display' => $this->blocks[$id]['display'], 'display_custom' => implode(',', array_merge(explode(',', $this->blocks[$id]['display_custom']), array('p' . $page_info['id'])))); } } foreach ($not_to_show as $id) { if (count(array_intersect(array($this->blocks[$id]['display'], $this->blocks[$id]['display_custom']), array('sforum', 'allpages', 'all'))) > 0) { $changes[$id] = array('display' => '', 'display_custom' => $this->blocks[$id]['display'] . $this->blocks[$id]['display_custom'] . ',-p' . $page_info['id']); } elseif (empty($this->blocks[$id]['display_custom'])) { $changes[$id] = array('display' => implode(',', array_diff(explode(',', $this->blocks[$id]['display']), array('p' . $page_info['id']))), 'display_custom' => ''); } else { $changes[$id] = array('display' => implode(',', array_diff(explode(',', $this->blocks[$id]['display']), array('p' . $page_info['id']))), 'display_custom' => implode(',', array_diff(explode(',', $this->blocks[$id]['display_custom']), array('p' . $page_info['id'])))); } } // Update the blocks as needed foreach ($changes as $id => $data) { sp_update_block_visibility($id, $data); } redirectexit('action=admin;area=portalpages'); return true; }
/** * Adding or editing a block. */ public function action_sportal_admin_block_edit() { global $txt, $context, $modSettings, $boards; // Just in case, the admin could be doing something silly like editing a SP block while SP is disabled. ;) require_once SUBSDIR . '/PortalBlocks.subs.php'; $context['SPortal']['is_new'] = empty($_REQUEST['block_id']); // BBC Fix move the parameter to the correct position. if (!empty($_POST['bbc_name'])) { $_POST['parameters'][$_POST['bbc_name']] = !empty($_POST[$_POST['bbc_parameter']]) ? $_POST[$_POST['bbc_parameter']] : ''; // If we came from WYSIWYG then turn it back into BBC regardless. if (!empty($_REQUEST['bbc_' . $_POST['bbc_name'] . '_mode']) && isset($_POST['parameters'][$_POST['bbc_name']])) { require_once SUBSDIR . 'Html2BBC.class.php'; $bbc_converter = new Convert_BBC($_POST['parameters'][$_POST['bbc_name']]); $_POST['parameters'][$_POST['bbc_name']] = $bbc_converter->get_bbc(); // We need to unhtml it now as it gets done shortly. $_POST['parameters'][$_POST['bbc_name']] = un_htmlspecialchars($_POST['parameters'][$_POST['bbc_name']]); } } // Passing the selected type via $_GET instead of $_POST? $start_parameters = array(); if (!empty($_GET['selected_type']) && empty($_POST['selected_type'])) { $_POST['selected_type'] = array($_GET['selected_type']); if (!empty($_GET['parameters'])) { foreach ($_GET['parameters'] as $param) { if (isset($_GET[$param])) { $start_parameters[$param] = $_GET[$param]; } } } } // Want use a block on the portal? if ($context['SPortal']['is_new'] && empty($_POST['selected_type']) && empty($_POST['add_block'])) { // Gather the blocks we have available $context['SPortal']['block_types'] = getFunctionInfo(); // Create a list of the blocks in use $in_use = getBlockInfo(); foreach ($in_use as $block) { $context['SPortal']['block_inuse'][$block['type']] = array('state' => $block['state'], 'column' => $block['column']); } $context['location'] = array(1 => $txt['sp-positionLeft'], $txt['sp-positionTop'], $txt['sp-positionBottom'], $txt['sp-positionRight'], $txt['sp-positionHeader'], $txt['sp-positionFooter']); if (!empty($_REQUEST['col'])) { $context['SPortal']['block']['column'] = $_REQUEST['col']; } $context['sub_template'] = 'block_select_type'; $context['page_title'] = $txt['sp-blocksAdd']; } elseif ($context['SPortal']['is_new'] && !empty($_POST['selected_type'])) { $context['SPortal']['block'] = array('id' => 0, 'label' => $txt['sp-blocksDefaultLabel'], 'type' => $_POST['selected_type'][0], 'type_text' => !empty($txt['sp_function_' . $_POST['selected_type'][0] . '_label']) ? $txt['sp_function_' . $_POST['selected_type'][0] . '_label'] : $txt['sp_function_unknown_label'], 'column' => !empty($_POST['block_column']) ? $_POST['block_column'] : 0, 'row' => 0, 'permissions' => 3, 'state' => 1, 'force_view' => 0, 'mobile_view' => 0, 'display' => '', 'display_custom' => '', 'style' => '', 'parameters' => !empty($start_parameters) ? $start_parameters : array(), 'options' => $_POST['selected_type'][0](array(), false, true), 'list_blocks' => !empty($_POST['block_column']) ? getBlockInfo($_POST['block_column']) : array()); } elseif (!$context['SPortal']['is_new'] && empty($_POST['add_block'])) { $_REQUEST['block_id'] = (int) $_REQUEST['block_id']; $context['SPortal']['block'] = current(getBlockInfo(null, $_REQUEST['block_id'])); $context['SPortal']['block'] += array('options' => $context['SPortal']['block']['type'](array(), false, true), 'list_blocks' => getBlockInfo($context['SPortal']['block']['column'])); } // Want to take a look at how this block will appear, well we try our best if (!empty($_POST['preview_block']) || isset($_SESSION['sp_error'])) { // An error was generated on save, lets set things up like a preview and return to the preview if (isset($_SESSION['sp_error'])) { $context['SPortal']['error'] = $_SESSION['sp_error']; $_POST = $_SESSION['sp_error_post']; $_POST['preview_block'] = true; // Clean up unset($_SESSION['sp_error'], $_SESSION['sp_error_post'], $_POST['add_block']); } // Just in case, the admin could be doing something silly like editing a SP block while SP is disabled. ;) require_once BOARDDIR . '/SSI.php'; sportal_init_headers(); loadTemplate('Portal'); $type_parameters = $_POST['block_type'](array(), 0, true); if (!empty($_POST['parameters']) && is_array($_POST['parameters']) && !empty($type_parameters)) { foreach ($type_parameters as $name => $type) { if (isset($_POST['parameters'][$name])) { $this->_prepare_parameters($type, $name); } } } else { $_POST['parameters'] = array(); } // Simple is clean if (empty($_POST['display_advanced'])) { if (!empty($_POST['display_simple']) && in_array($_POST['display_simple'], array('all', 'sportal', 'sforum', 'allaction', 'allboard', 'allpages'))) { $display = $_POST['display_simple']; } else { $display = ''; } $custom = ''; } else { $display = array(); $custom = array(); if (!empty($_POST['display_actions'])) { foreach ($_POST['display_actions'] as $action) { $display[] = Util::htmlspecialchars($action, ENT_QUOTES); } } if (!empty($_POST['display_boards'])) { foreach ($_POST['display_boards'] as $board) { $display[] = 'b' . (int) substr($board, 1); } } if (!empty($_POST['display_pages'])) { foreach ($_POST['display_pages'] as $page) { $display[] = 'p' . (int) substr($page, 1); } } if (!empty($_POST['display_custom'])) { $temp = explode(',', $_POST['display_custom']); foreach ($temp as $action) { $custom[] = Util::htmlspecialchars(Util::htmltrim($action), ENT_QUOTES); } } $display = empty($display) ? '' : implode(',', $display); $custom = empty($custom) ? '' : implode(',', $custom); } // Create all the information we know about this block $context['SPortal']['block'] = array('id' => $_POST['block_id'], 'label' => Util::htmlspecialchars($_POST['block_name'], ENT_QUOTES), 'type' => $_POST['block_type'], 'type_text' => !empty($txt['sp_function_' . $_POST['block_type'] . '_label']) ? $txt['sp_function_' . $_POST['block_type'] . '_label'] : $txt['sp_function_unknown_label'], 'column' => $_POST['block_column'], 'row' => !empty($_POST['block_row']) ? $_POST['block_row'] : 0, 'placement' => !empty($_POST['placement']) && in_array($_POST['placement'], array('before', 'after')) ? $_POST['placement'] : '', 'permissions' => $_POST['permissions'], 'state' => !empty($_POST['block_active']), 'force_view' => !empty($_POST['block_force']), 'mobile_view' => !empty($_POST['block_mobile']), 'display' => $display, 'display_custom' => $custom, 'style' => sportal_parse_style('implode'), 'parameters' => !empty($_POST['parameters']) ? $_POST['parameters'] : array(), 'options' => $_POST['block_type'](array(), false, true), 'list_blocks' => getBlockInfo($_POST['block_column']), 'collapsed' => false); if (strpos($modSettings['leftwidth'], '%') !== false || strpos($modSettings['leftwidth'], 'px') !== false) { $context['widths'][1] = $modSettings['leftwidth']; } else { $context['widths'][1] = $modSettings['leftwidth'] . 'px'; } if (strpos($modSettings['rightwidth'], '%') !== false || strpos($modSettings['rightwidth'], 'px') !== false) { $context['widths'][4] = $modSettings['rightwidth']; } else { $context['widths'][4] = $modSettings['rightwidth'] . 'px'; } if (strpos($context['widths'][1], '%') !== false) { $context['widths'][2] = $context['widths'][3] = 100 - ($context['widths'][1] + $context['widths'][4]) . '%'; $context['widths'][5] = $context['widths'][6] = '100%'; } elseif (strpos($context['widths'][1], 'px') !== false) { $context['widths'][2] = $context['widths'][3] = 960 - ($context['widths'][1] + $context['widths'][4]) . 'px'; $context['widths'][5] = $context['widths'][6] = '960px'; } $context['SPortal']['preview'] = true; } if (!empty($_POST['selected_type']) || !empty($_POST['preview_block']) || !$context['SPortal']['is_new'] && empty($_POST['add_block'])) { // Only the admin can use PHP blocks if ($context['SPortal']['block']['type'] == 'sp_php' && !allowedTo('admin_forum')) { fatal_lang_error('cannot_admin_forum', false); } loadLanguage('SPortalHelp', sp_languageSelect('SPortalHelp')); // Load up the permissions $context['SPortal']['block']['permission_profiles'] = sportal_get_profiles(null, 1, 'name'); if (empty($context['SPortal']['block']['permission_profiles'])) { fatal_lang_error('error_sp_no_permission_profiles', false); } $context['simple_actions'] = array('sportal' => $txt['sp-portal'], 'sforum' => $txt['sp-forum'], 'allaction' => $txt['sp-blocksOptionAllActions'], 'allboard' => $txt['sp-blocksOptionAllBoards'], 'allpages' => $txt['sp-blocksOptionAllPages'], 'all' => $txt['sp-blocksOptionEverywhere']); $context['display_actions'] = array('portal' => $txt['sp-portal'], 'forum' => $txt['sp-forum'], 'recent' => $txt['recent_posts'], 'unread' => $txt['unread_topics_visit'], 'unreadreplies' => $txt['unread_replies'], 'profile' => $txt['profile'], 'pm' => $txt['pm_short'], 'calendar' => $txt['calendar'], 'admin' => $txt['admin'], 'login' => $txt['login'], 'register' => $txt['register'], 'post' => $txt['post'], 'stats' => $txt['forum_stats'], 'search' => $txt['search'], 'mlist' => $txt['members_list'], 'moderate' => $txt['moderate'], 'help' => $txt['help'], 'who' => $txt['who_title']); // Load up boards and pages for selection in the template sp_block_template_helpers(); if (empty($context['SPortal']['block']['display'])) { $context['SPortal']['block']['display'] = array('0'); } else { $context['SPortal']['block']['display'] = explode(',', $context['SPortal']['block']['display']); } if (in_array($context['SPortal']['block']['display'][0], array('all', 'sportal', 'sforum', 'allaction', 'allboard', 'allpages')) || $context['SPortal']['is_new'] || empty($context['SPortal']['block']['display'][0]) && empty($context['SPortal']['block']['display_custom'])) { $context['SPortal']['block']['display_type'] = 0; } else { $context['SPortal']['block']['display_type'] = 1; } $context['SPortal']['block']['style'] = sportal_parse_style('explode', $context['SPortal']['block']['style'], !empty($context['SPortal']['preview'])); // Prepare the Textcontent for BBC, only the first bbc will be detected correctly! $firstBBCFound = false; foreach ($context['SPortal']['block']['options'] as $name => $type) { // Selectable Boards :D if ($type == 'board_select' || $type == 'boards') { if (empty($boards)) { require_once SUBSDIR . '/Boards.subs.php'; getBoardTree(); } // Merge the array ;) if (!isset($context['SPortal']['block']['parameters'][$name])) { $context['SPortal']['block']['parameters'][$name] = array(); } elseif (!empty($context['SPortal']['block']['parameters'][$name]) && is_array($context['SPortal']['block']['parameters'][$name])) { $context['SPortal']['block']['parameters'][$name] = implode('|', $context['SPortal']['block']['parameters'][$name]); } $context['SPortal']['block']['board_options'][$name] = array(); $config_variable = !empty($context['SPortal']['block']['parameters'][$name]) ? $context['SPortal']['block']['parameters'][$name] : array(); $config_variable = !is_array($config_variable) ? explode('|', $config_variable) : $config_variable; $context['SPortal']['block']['board_options'][$name] = array(); // Create the list for this Item foreach ($boards as $board) { // Ignore the redirected boards :) if (!empty($board['redirect'])) { continue; } $context['SPortal']['block']['board_options'][$name][$board['id']] = array('value' => $board['id'], 'text' => $board['name'], 'selected' => in_array($board['id'], $config_variable)); } } elseif ($type === 'bbc') { // ELK support only one bbc correct, multiple bbc do not work at the moment if (!$firstBBCFound) { $firstBBCFound = true; // Start Elk BBC System :) require_once SUBSDIR . '/Editor.subs.php'; // Prepare the output :D $form_message = !empty($context['SPortal']['block']['parameters'][$name]) ? $context['SPortal']['block']['parameters'][$name] : ''; // But if it's in HTML world, turn them into htmlspecialchar's so they can be edited! if (strpos($form_message, '[html]') !== false) { $parts = preg_split('~(\\[/code\\]|\\[code(?:=[^\\]]+)?\\])~i', $form_message, -1, PREG_SPLIT_DELIM_CAPTURE); for ($i = 0, $n = count($parts); $i < $n; $i++) { // It goes 0 = outside, 1 = begin tag, 2 = inside, 3 = close tag, repeat. if ($i % 4 == 0) { $parts[$i] = preg_replace_callback('~\\[html\\](.+?)\\[/html\\]~is', create_function('$m', 'return "[html]" . preg_replace(\'~<br\\s?/?>~i\', \'<br /><br />\', "$m[1]") . "[/html]";'), $parts[$i]); } } $form_message = implode('', $parts); } $form_message = preg_replace('~<br(?: /)?' . '>~i', "\n", $form_message); // Prepare the data before i want them inside the textarea $form_message = str_replace(array('"', '<', '>', ' '), array('"', '<', '>', ' '), $form_message); $context['SPortal']['bbc'] = 'bbc_' . $name; $message_data = array('id' => $context['SPortal']['bbc'], 'width' => '95%', 'height' => '200px', 'value' => $form_message, 'form' => 'sp_block'); // Run the ELK bbc editor routine create_control_richedit($message_data); // Store the updated data on the parameters $context['SPortal']['block']['parameters'][$name] = $form_message; } else { $context['SPortal']['block']['options'][$name] = 'textarea'; } } } loadJavascriptFile('portal.js?sp24'); $context['sub_template'] = 'block_edit'; $context['page_title'] = $context['SPortal']['is_new'] ? $txt['sp-blocksAdd'] : $txt['sp-blocksEdit']; } // Want to add / edit a block oo the portal if (!empty($_POST['add_block'])) { checkSession(); // Only the admin can do php here if ($_POST['block_type'] == 'sp_php' && !allowedTo('admin_forum')) { fatal_lang_error('cannot_admin_forum', false); } // Make sure the block name is something safe if (!isset($_POST['block_name']) || Util::htmltrim(Util::htmlspecialchars($_POST['block_name']), ENT_QUOTES) === '') { fatal_lang_error('error_sp_name_empty', false); } if ($_POST['block_type'] == 'sp_php' && !empty($_POST['parameters']['content']) && empty($modSettings['sp_disable_php_validation'])) { require_once SUBSDIR . '/DataValidator.class.php'; $validator = new Data_Validator(); $validator->validation_rules(array('content' => 'php_syntax')); $validator->validate(array('content' => $_POST['parameters']['content'])); $error = $validator->validation_errors(); if ($error) { $_SESSION['sp_error'] = $error[0]; $_SESSION['sp_error_post'] = $_POST; redirectexit('action=admin;area=portalblocks;sa=' . $_REQUEST['sa'] . (!empty($_REQUEST['block_id']) ? ';block_id=' . $_REQUEST['block_id'] : '')); } } // If we have a block ID passed, we must be editing, so the the blocks current data if (!empty($_REQUEST['block_id'])) { $current_data = current(getBlockInfo(null, $_REQUEST['block_id'])); } // Where are we going to place this new block, before, after, no change if (!empty($_POST['placement']) && ($_POST['placement'] === 'before' || $_POST['placement'] === 'after')) { if (!empty($current_data)) { $current_row = $current_data['row']; } else { $current_row = null; } // Before or after the chosen block if ($_POST['placement'] === 'before') { $row = (int) $_POST['block_row']; } else { $row = (int) $_POST['block_row'] + 1; } if (!empty($current_row) && $row > $current_row) { sp_update_block_row($current_row, $row - 1, $_POST['block_column'], true); } else { sp_update_block_row($current_row, $row, $_POST['block_column'], false); } } elseif (!empty($_POST['placement']) && $_POST['placement'] == 'nochange') { $row = 0; } else { $block_id = !empty($_REQUEST['block_id']) ? (int) $_REQUEST['block_id'] : 0; $row = sp_block_nextrow($_POST['block_column'], $block_id); } $type_parameters = $_POST['block_type'](array(), 0, true); if (!empty($_POST['parameters']) && is_array($_POST['parameters']) && !empty($type_parameters)) { foreach ($type_parameters as $name => $type) { // Prepare BBC Content for ELK if (isset($_POST['parameters'][$name])) { $this->_prepare_parameters($type, $name); } } } else { $_POST['parameters'] = array(); } // Standard options if (empty($_POST['display_advanced'])) { if (!empty($_POST['display_simple']) && in_array($_POST['display_simple'], array('all', 'sportal', 'sforum', 'allaction', 'allboard', 'allpages'))) { $display = $_POST['display_simple']; } else { $display = ''; } $custom = ''; } else { $display = array(); if (!empty($_POST['display_actions'])) { foreach ($_POST['display_actions'] as $action) { $display[] = Util::htmlspecialchars($action, ENT_QUOTES); } } if (!empty($_POST['display_boards'])) { foreach ($_POST['display_boards'] as $board) { $display[] = 'b' . (int) substr($board, 1); } } if (!empty($_POST['display_pages'])) { foreach ($_POST['display_pages'] as $page) { $display[] = 'p' . (int) substr($page, 1); } } if (!empty($_POST['display_custom'])) { $custom = array(); $temp = explode(',', $_POST['display_custom']); foreach ($temp as $action) { $custom[] = Util::htmlspecialchars(Util::htmltrim($action), ENT_QUOTES); } } $display = empty($display) ? '' : implode(',', $display); if (!allowedTo('admin_forum') && isset($current_data['display_custom']) && substr($current_data['display_custom'], 0, 4) === '$php') { $custom = $current_data['display_custom']; } elseif (!empty($_POST['display_custom'])) { if (allowedTo('admin_forum') && substr($_POST['display_custom'], 0, 4) === '$php') { $custom = Util::htmlspecialchars($_POST['display_custom'], ENT_QUOTES); } else { $custom = array(); $temp = explode(',', $_POST['display_custom']); foreach ($temp as $action) { $custom[] = Util::htmlspecialchars($action, ENT_QUOTES); } $custom = empty($custom) ? '' : implode(',', $custom); } } else { $custom = ''; } } $blockInfo = array('id' => (int) $_POST['block_id'], 'label' => Util::htmlspecialchars($_POST['block_name'], ENT_QUOTES), 'type' => $_POST['block_type'], 'col' => $_POST['block_column'], 'row' => $row, 'permissions' => (int) $_POST['permissions'], 'state' => !empty($_POST['block_active']) ? 1 : 0, 'force_view' => !empty($_POST['block_force']) ? 1 : 0, 'mobile_view' => !empty($_POST['block_mobile']) ? 1 : 0, 'display' => $display, 'display_custom' => $custom, 'style' => sportal_parse_style('implode')); // Insert a new block in to the portal if ($context['SPortal']['is_new']) { unset($blockInfo['id']); $blockInfo['id'] = sp_block_insert($blockInfo); } else { sp_block_update($blockInfo); } // Save any parameters for the block if (!empty($_POST['parameters'])) { sp_block_insert_parameters($_POST['parameters'], $blockInfo['id']); } redirectexit('action=admin;area=portalblocks'); } }