function replace_admin_actions()
{
global $config, $lang;
require_once $config['basepath'] . '/include/login.inc.php';
$login = new login();
$login_status = $login->loginCheck('Agent');
if ($login_status !== true) {
// Run theese commands even if not logged in.
$data = '';
switch ($_GET['action']) {
case 'send_forgot':
require_once $config['basepath'] . '/include/login.inc.php';
$data = login::forgot_password();
break;
case 'forgot':
require_once $config['basepath'] . '/include/login.inc.php';
$data = login::forgot_password_reset();
break;
default:
$data .= $login_status;
break;
}
} else {
switch ($_GET['action']) {
case 'index':
require_once $config['basepath'] . '/include/admin.inc.php';
$admin = new general_admin();
$data = $admin->index_page();
break;
case 'edit_page':
require_once $config['basepath'] . '/include/editor.inc.php';
$listing = new editor();
$data = $listing->page_edit();
break;
case 'edit_user_images':
require_once $config['basepath'] . '/include/images.inc.php';
$images = new image_handler();
$data = $images->edit_user_images();
break;
case 'edit_listing_images':
require_once $config['basepath'] . '/include/images.inc.php';
$images = new image_handler();
$data = $images->edit_listing_images();
break;
case 'edit_vtour_images':
require_once $config['basepath'] . '/include/images.inc.php';
$images = new image_handler();
$data = $images->edit_vtour_images();
break;
case 'edit_listing_files':
require_once $config['basepath'] . '/include/files.inc.php';
$files = new file_handler();
$data = $files->edit_listing_files();
break;
case 'edit_user_files':
require_once $config['basepath'] . '/include/files.inc.php';
$files = new file_handler();
$data = $files->edit_user_files();
break;
case 'add_listing':
require_once $config['basepath'] . '/include/listing_editor.inc.php';
$listing_editor = new listing_editor();
$data = $listing_editor->add_listing();
break;
case 'edit_my_listings':
require_once $config['basepath'] . '/include/listing_editor.inc.php';
$listing_editor = new listing_editor();
$data = $listing_editor->edit_listings();
break;
case 'edit_listings':
require_once $config['basepath'] . '/include/listing_editor.inc.php';
$listing_editor = new listing_editor();
$data = $listing_editor->edit_listings(false);
break;
case 'configure':
require_once $config['basepath'] . '/include/controlpanel.inc.php';
$listing_editor = new configurator();
$data = $listing_editor->show_configurator();
break;
case 'edit_listing_template':
require_once $config['basepath'] . '/include/template_editor.inc.php';
$listing = new template_editor();
$data = $listing->edit_listing_template();
break;
case 'edit_listings_template_field_order':
require_once $config['basepath'] . '/include/template_editor.inc.php';
$listing = new template_editor();
$data = $listing->edit_listings_template_field_order();
break;
case 'edit_agent_template_field_order':
require_once $config['basepath'] . '/include/template_editor.inc.php';
$listing = new template_editor();
$data = $listing->edit_template_field_order($type = 'agent');
break;
case 'edit_member_template_field_order':
require_once $config['basepath'] . '/include/template_editor.inc.php';
$listing = new template_editor();
$data = $listing->edit_template_field_order($type = 'member');
break;
case 'edit_agent_template_add_field':
require_once $config['basepath'] . '/include/template_editor.inc.php';
$listing = new template_editor();
$data = $listing->add_user_template_field($type = 'agent');
break;
case 'edit_member_template_add_field':
require_once $config['basepath'] . '/include/template_editor.inc.php';
$listing = new template_editor();
$type = 'member';
$data = $listing->add_user_template_field($type);
break;
case 'edit_listing_template_search':
require_once $config['basepath'] . '/include/template_editor.inc.php';
$listing = new template_editor();
$data = $listing->edit_listing_template_search();
break;
case 'edit_listing_template_search_results':
require_once $config['basepath'] . '/include/template_editor.inc.php';
$listing = new template_editor();
$data = $listing->edit_listing_template_search_results();
break;
case 'user_manager':
require_once $config['basepath'] . '/include/user_manager.inc.php';
$user_managment = new user_managment();
$data = $user_managment->show_user_manager();
break;
case 'edit_user_template':
require_once $config['basepath'] . '/include/template_editor.inc.php';
$listing = new template_editor();
$data = $listing->edit_user_template();
break;
case 'edit_listing_template_add_field':
require_once $config['basepath'] . '/include/template_editor.inc.php';
$listing = new template_editor();
$data = $listing->add_listing_template_field();
break;
case 'add_page':
require_once $config['basepath'] . '/include/editor.inc.php';
$listing = new editor();
$data = $listing->add_page();
break;
case 'view_log':
require_once $config['basepath'] . '/include/log.inc.php';
$data = log::view();
break;
case 'clear_log':
require_once $config['basepath'] . '/include/log.inc.php';
$data = log::clear_log();
break;
case 'show_property_classes':
require_once $config['basepath'] . '/include/propertyclass.inc.php';
$data = propertyclass::show_classes();
break;
case 'modify_property_class':
require_once $config['basepath'] . '/include/propertyclass.inc.php';
$data = propertyclass::modify_property_class();
break;
case 'delete_property_class':
require_once $config['basepath'] . '/include/propertyclass.inc.php';
$data = propertyclass::delete_property_class();
break;
case 'insert_property_class':
require_once $config['basepath'] . '/include/propertyclass.inc.php';
$data = propertyclass::insert_property_class();
break;
case 'add_listing_property_class':
require_once $config['basepath'] . '/include/listing_editor.inc.php';
$listing_editor = new listing_editor();
$data = $listing_editor->add_listing_logic();
break;
//Todo Finish Adding Blog Items
//Todo Finish Adding Blog Items
case 'edit_blog':
require_once $config['basepath'] . '/include/blog_editor.inc.php';
$listing = new blog_editor();
$data = $listing->blog_edit_index();
break;
case 'edit_blog_post':
require_once $config['basepath'] . '/include/blog_editor.inc.php';
$listing = new blog_editor();
$data = $listing->blog_edit();
break;
case 'add_blog':
require_once $config['basepath'] . '/include/blog_editor.inc.php';
$listing = new blog_editor();
$data = $listing->add_post();
break;
case 'edit_blog_post_comments':
require_once $config['basepath'] . '/include/blog_editor.inc.php';
$listing = new blog_editor();
$data = $listing->edit_post_comments();
break;
case 'addon_manager':
require_once $config['basepath'] . '/include/addon_manager.inc.php';
$am = new addon_manager();
$data = $am->display_addon_manager();
break;
case 'send_notifications':
require_once $config['basepath'] . '/include/notification.inc.php';
$notify = new notification();
$data = $notify->NotifyUsersOfAllNewListings();
break;
default:
// Handle Addons
$addon_name = array();
if (preg_match("/^addon_(.\\S*?)_.*/", $_GET['action'], $addon_name)) {
include_once $config['basepath'] . '/addons/' . $addon_name[1] . '/addon.inc.php';
$function_name = $addon_name[1] . '_run_action_admin_template';
$data = $function_name();
}
}
}
return $data;
}
function display()
{
global $conn, $config, $lang;
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
require_once $config['basepath'] . '/include/user.inc.php';
$userclass = new user();
require_once $config['basepath'] . '/include/class/template/core.inc.php';
$page = new page_user();
require_once $config['basepath'] . '/include/blog_functions.inc.php';
$blog_functions = new blog_functions();
// Make Sure we passed the PageID
$display = '';
if (!isset($_GET['ArticleID']) && intval($_GET['ArticleID']) <= 0) {
$display .= "ERROR. PageID not sent";
} else {
$blog_id = intval($_GET['ArticleID']);
//Check if we posted a comment.
if (isset($_SESSION['userID']) && $_SESSION['userID'] > 0 && isset($_POST['comment_text']) && strlen($_POST['comment_text']) > 0) {
require_once $config['basepath'] . '/include/blog_editor.inc.php';
$blog_comment = $misc->make_db_safe(blog_editor::htmlEncodeText($_POST['comment_text']));
if ($config['blog_requires_moderation'] == 1) {
$moderated = 0;
} else {
$moderated = 1;
}
$sql = "INSERT INTO " . $config['table_prefix'] . "blogcomments (userdb_id,blogcomments_timestamp,blogcomments_text,blogmain_id,blogcomments_moderated) VALUES\n\t\t\t\t(" . intval($_SESSION['userID']) . "," . time() . ",{$blog_comment},{$blog_id},{$moderated});";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
}
//$display .= '<div class="page_display">';
$sql = "SELECT blogmain_full,blogmain_id FROM " . $config['table_prefix'] . "blogmain WHERE blogmain_id=" . $blog_id;
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$full = html_entity_decode($misc->make_db_unsafe($recordSet->fields['blogmain_full']), ENT_NOQUOTES, $config['charset']);
//$full = $misc->make_db_unsafe($recordSet->fields['blogmain_full']);
$full = preg_replace('/\\<hr.*?\\>/', '', $full, 1);
$id = $recordSet->fields['blogmain_id'];
if ($config["wysiwyg_execute_php"] == 1) {
ob_start();
$full = str_replace("<!--<?php", "<?php", $full);
$full = str_replace("?>-->", "?>", $full);
eval('?>' . "{$full}" . '<?php ');
$full = ob_get_contents();
ob_end_clean();
}
//Load Template
$page->load_page($config['template_path'] . '/blog_article.html');
//Start Replacing Tags
$blog_title = $blog_functions->get_blog_title($id);
$page->page = $page->parse_template_section($page->page, 'blog_title', $blog_title);
$blog_author = $blog_functions->get_blog_author($id);
$page->page = $page->parse_template_section($page->page, 'blog_author', $blog_author);
$blog_comment_count = $blog_functions->get_blog_comment_count($id);
$page->page = $page->parse_template_section($page->page, 'blog_comment_count', $blog_comment_count);
$blog_date_posted = $blog_functions->get_blog_date($id);
$page->page = $page->parse_template_section($page->page, 'blog_date_posted', $blog_date_posted);
$page->page = $page->parse_template_section($page->page, 'blog_full_article', $full);
// Allow Admin To Edit #
if (isset($_SESSION['editblog']) && $_SESSION['admin_privs'] == 'yes' && $config["wysiwyg_show_edit"] == 1) {
$admin_edit_link .= "{$config['baseurl']}/admin/index.php?action=edit_blog&id={$id}";
$page->page = $page->parse_template_section($page->page, 'admin_edit_link', $admin_edit_link);
$page->page = $page->cleanup_template_block('admin_edit_link', $page->page);
} else {
$page->page = $page->remove_template_block('admin_edit_link', $page->page);
}
//Deal with COmments
$sql = "SELECT blogcomments_id,userdb_id,blogcomments_timestamp,blogcomments_text FROM " . $config['table_prefix'] . "blogcomments WHERE blogmain_id = " . $id . " AND blogcomments_moderated = 1 ORDER BY blogcomments_timestamp ASC;";
$recordSet = $conn->Execute($sql);
if ($recordSet === false) {
$misc->log_error($sql);
}
$blog_comment_template = '';
while (!$recordSet->EOF) {
//Load DB Values
$comment_author_id = $misc->make_db_unsafe($recordSet->fields['userdb_id']);
$blogcomments_id = $misc->make_db_unsafe($recordSet->fields['blogcomments_id']);
$blogcomments_timestamp = $misc->make_db_unsafe($recordSet->fields['blogcomments_timestamp']);
$blogcomments_text = html_entity_decode($misc->make_db_unsafe($recordSet->fields['blogcomments_text']), ENT_NOQUOTES, $config['charset']);
//Load Template Block
$blog_comment_template .= $page->get_template_section('blog_article_comment_item_block');
//Lookup Blog Author..
$author_type = $userclass->get_user_type($comment_author_id);
if ($author_type == 'member') {
$author_display = $userclass->get_user_name($comment_author_id);
} else {
$author_display = $userclass->get_user_last_name($comment_author_id) . ', ' . $userclass->get_user_first_name($comment_author_id);
}
$blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_author', $author_display);
if ($config['date_format'] == 1) {
$format = "m/d/Y";
} elseif ($config['date_format'] == 2) {
$format = "Y/d/m";
} elseif ($config['date_format'] == 3) {
$format = "d/m/Y";
}
$blog_comment_date_posted = date($format, "{$blogcomments_timestamp}");
$blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_date_posted', $blog_comment_date_posted);
$blog_comment_template = $page->parse_template_section($blog_comment_template, 'blog_comment_text', $blogcomments_text);
$recordSet->MoveNext();
}
$page->replace_template_section('blog_article_comment_item_block', $blog_comment_template);
//Render Add New Comment
if ($config['url_style'] == '1') {
$article_url = 'index.php?action=blog_view_article&ArticleID=' . $id;
} else {
$url_title = str_replace("/", "", $blog_title);
$url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
$article_url = 'article-' . urlencode($url_title) . '-' . $id . '.html';
}
$page->page = $page->parse_template_section($page->page, 'blog_comments_post_url', $article_url);
//Render Page Out
//$page->replace_tags(array('templated_search_form', 'featured_listings_horizontal', 'featured_listings_vertical', 'company_name', 'link_printer_friendly'));
$page->replace_permission_tags();
$display .= $page->return_page();
}
return $display;
}
function add_post()
{
global $conn, $lang, $config;
$security = login::loginCheck('can_access_blog_manager', true);
$display = '';
$blog_saved = FALSE;
$blog_deleted = FALSE;
$blog_user_type = intval($_SESSION['blog_user_type']);
if ($security === true) {
require_once $config['basepath'] . '/include/misc.inc.php';
$misc = new misc();
//Load the Core Template
require_once $config['basepath'] . '/include/class/template/core.inc.php';
$page = new page_user();
//Load TEmplate File
$page->load_page($config['admin_template_path'] . '/blog_edit_post.html');
// Do we need to save?
if (isset($_POST['edit'])) {
// Save blog now
$save_full = $_POST['ta'];
$save_title = $misc->make_db_safe($_POST['title']);
$save_full_xhtml = $misc->make_db_safe(blog_editor::htmlEncodeText($save_full), TRUE);
$save_description = $misc->make_db_safe($_POST['description']);
$save_keywords = $misc->make_db_safe($_POST['keywords']);
$save_published = intval($_POST['published']);
if ($blog_user_type == 2 && $save_published == 1) {
//Throw Error
$display .= '<div class="error_message">' . $lang['blog_permission_denied'] . '</div><br />';
unset($_POST['edit']);
$display .= $this->add_post();
return $display;
}
$userdb_id = $misc->make_db_safe($_SESSION['userID']);
$sql = "INSERT INTO " . $config['table_prefix'] . "blogmain (userdb_id,blogmain_full,blogmain_title,blogmain_date,blogmain_published,blogmain_description,blogmain_keywords) VALUES ({$userdb_id},{$save_full_xhtml},{$save_title}," . $conn->DBDate(time()) . ",{$save_published},{$save_description},{$save_keywords})";
$recordSet = $conn->Execute($sql);
if (!$recordSet) {
$misc->log_error($sql);
}
$display .= "<center><b>{$lang['blog_saved']}</b></center><br />";
unset($_POST['edit']);
$_POST['blogID'] = $conn->Insert_ID();
$display .= $this->blog_edit();
return $display;
}
// Pull the blog from the database
$page->replace_tag('', $blogID);
$page->replace_tag('blog_html', '');
$page->replace_tag('blog_edit_action', 'index.php?action=add_blog');
$title = $misc->make_db_unsafe($recordSet->fields['blogmain_title']);
$description = $misc->make_db_unsafe($recordSet->fields['blogmain_description']);
$published = intval($recordSet->fields['blogmain_published']);
$keywords = $misc->make_db_unsafe($recordSet->fields['blogmain_keywords']);
$page->replace_tag('blog_title', '');
$page->replace_tag('blog_description', '');
$page->replace_tag('blog_keywords', '');
//Handle Publish Status
$page->replace_tag('blog_published', 0);
switch ($published) {
case 0:
$page->replace_tag('blog_published_lang', $lang['blog_draft']);
break;
case 1:
$page->replace_tag('blog_published_lang', $lang['blog_published']);
break;
case 2:
$page->replace_tag('blog_published_lang', $lang['blog_review']);
break;
}
/*//Blog Permissions
* 1 - Subscriber - A subscriber can read posts, comment on posts.
* 2 - Contributor - A contributor can post and manage their own post but they cannot publish the posts. An administrator must first approve the post before it can be published.
* 3 - Author - The Author role allows someone to publish and manage posts. They can only manage their own posts, no one else’s.
* 4 - Editor - An editor can publish posts. They can also manage and edit other users posts. If you are looking for someone to edit your posts, you would assign the Editor role to that person.
*/
if ($blog_user_type == 2) {
$page->page = $page->remove_template_block('blog_published', $page->page);
}
//$blog_user_type
//blog_published_lang
if ($config['url_style'] == '1') {
$article_url = 'index.php?action=blog_view_article&ArticleID=' . $_POST['blogID'];
} else {
$url_title = str_replace("/", "", $title);
$url_title = strtolower(str_replace(" ", $config['seo_url_seperator'], $url_title));
$article_url = 'article-' . urlencode($url_title) . '-' . $_POST['blogID'] . '.html';
}
$page->replace_tag('blog_article_url', '');
//Show Link to Blog Manager
$page->replace_tag('blog_manager_url', 'index.php?action=edit_blog');
//Remove Delete Post option, as it does not yet exist
$page->page = $page->remove_template_block('blog_delete', $page->page);
if ($config["demo_mode"] == 1 && $_SESSION['admin_privs'] != 'yes' || $blog_user_type == 2 && $published == 1) {
$page->page = $page->remove_template_block('blog_save', $page->page);
} else {
$page->page = $page->cleanup_template_block('blog_save', $page->page);
}
$page->replace_permission_tags();
$page->auto_replace_tags('', true);
$display .= $page->return_page();
} else {
$display .= '<div class="error_text">' . $lang['access_denied'] . '</div>';
}
return $display;
}
