/**
* Функция генерации формы добавления, редактирования, поиска, в зависимости от $action
* @param string "add", "change", "search", "message"
* @param array $fields массив с полями
* @return string форма
*/
function nc_fields_form_fs($action, $fields = null, $class_id = 0)
{
global $ROOT_FOLDER, $MODULE_VARS, $SUB_FOLDER, $HTTP_ROOT_PATH, $ADMIN_PATH;
global $AUTHORIZE_BY, $systemTableID, $user_table_mode, $admin_mode, $nc_core;
if (!in_array($action, array("add", "change", "search", "message"))) {
return false;
}
###|| ($systemTableID && !$user_table_mode)
// необходимо записать в глобальные переменные, поскольку они используется
// в функция вида nc_string_field
if (!empty($fields)) {
$GLOBALS['fldCount'] = count($fields);
$GLOBALS['fldID'] = array();
$GLOBALS['fld'] = array();
$GLOBALS['fldName'] = array();
$GLOBALS['fldType'] = array();
$GLOBALS['fldFmt'] = array();
$GLOBALS['fldNotNull'] = array();
$GLOBALS['fldDefault'] = array();
$GLOBALS['fldTypeOfEdit'] = array();
$GLOBALS['fldDoSearch'] = array();
foreach ($fields as $v) {
$GLOBALS['fldID'][] = $v['id'];
$GLOBALS['fld'][] = $v['name'];
$GLOBALS['fldName'][] = $v['description'];
$GLOBALS['fldType'][] = $v['type'];
$GLOBALS['fldFmt'][] = $v['format'];
$GLOBALS['fldNotNull'][] = $v['not_null'];
$GLOBALS['fldDefault'][] = $v['default'];
$GLOBALS['fldTypeOfEdit'][] = $v['edit_type'];
$GLOBALS['fldDoSearch'][] = $v['search'];
}
}
if (isset($GLOBALS['fld']) && is_array($GLOBALS['fld'])) {
$fldCount = $GLOBALS['fldCount'];
$fldID = $GLOBALS['fldID'];
$fld = $GLOBALS['fld'];
$fldName = $GLOBALS['fldName'];
$fldValue = isset($GLOBALS['fldValue']) ? $GLOBALS['fldValue'] : '';
$fldType = $GLOBALS['fldType'];
$fldFmt = $GLOBALS['fldFmt'];
$fldNotNull = $GLOBALS['fldNotNull'];
$fldInheritance = isset($GLOBALS['fldInheritance']) ? $GLOBALS['fldInheritance'] : 0;
$fldDefault = $GLOBALS['fldDefault'];
$fldTypeOfEdit = $GLOBALS['fldTypeOfEdit'];
$fldDoSearch = $GLOBALS['fldDoSearch'];
}
# тут будет храниться вывод
$result = "";
if ($action == 'add' && $systemTableID && $user_table_mode) {
$nc_auth = nc_auth::get_object();
return $nc_auth->add_form_fs();
}
switch ($action) {
# форма добавления или редактирования
case "add":
case "change":
if (!$systemTableID || $systemTableID && $user_table_mode) {
$result = "<?=( \$warnText ? \"<div class='warnText'>\$warnText</div>\" : NULL )?>\n<form name='adminForm' id='adminForm' class='nc-form' enctype='multipart/form-data' method='post' action='<?= \$SUB_FOLDER ?><?= \$HTTP_ROOT_PATH ?>" . ($action == "add" ? "add" : ($action == "change" ? "message" : "")) . ".php'>\n<div id='nc_moderate_form'>\n<div class='nc_clear'></div>\n<input name='admin_mode' type='hidden' value='<?= \$admin_mode ?>' />\n<?= \$nc_core->token->get_input() ?>\n<input name='catalogue' type='hidden' value='<?= \$catalogue ?>' />\n<input name='cc' type='hidden' value='<?= \$cc ?>' />\n<input name='sub' type='hidden' value='<?= \$sub ?>' />";
$result .= $action == "change" ? "<input name='message' type='hidden' value='<?= \$message ?>' />\r\n" : "";
$result .= "<input name='posting' type='hidden' value='1' />\n<input name='curPos' type='hidden' value='<?= \$curPos ?>' />\n<input name='f_Parent_Message_ID' type='hidden' value='<?= \$f_Parent_Message_ID ?>' />\n<?= nc_form_moderate('" . $action . "', \$admin_mode, " . ($user_table_mode + 0) . ", \$systemTableID, \$current_cc, (isset(\$f_Checked) ? \$f_Checked : null), \$f_Priority , \$f_Keyword, \$f_ncTitle, \$f_ncKeywords, \$f_ncDescription ) ?>\n</div>\n";
}
# проходимся по полям
for ($i = 0; $i < $fldCount; $i++) {
# описание поля
$fldNameTempl = $fldName[$i] . ($fldNotNull[$i] ? " (*)" : "") . ":<br />\r\n";
# редактировать поле могут:
$no_edit = $fldTypeOfEdit[$i] == 3;
$admin_edit = $fldTypeOfEdit[$i] == 2;
if ($user_table_mode && $fld[$i] == $AUTHORIZE_BY && $action == "change" && !$nc_core->get_settings('allow_change_login', 'auth')) {
$no_edit = true;
}
# если поле не для редактирования - хендовер
if ($no_edit) {
continue;
}
$field_html = "";
# типы полей
switch ($fldType[$i]) {
case 1:
// String
$field_html .= "<?= nc_string_field('{$fld[$i]}', \"maxlength='255' size='50'\", (\$class_id ? \$class_id : \$classID), 1) ?><br />\r\n";
break;
case 2:
// Int
$field_html .= "<?= nc_int_field('{$fld[$i]}', \"maxlength='12' size='12'\", (\$class_id ? \$class_id : \$classID), 1) ?><br />\r\n";
break;
case 3:
// Text
$field_html .= "<?= nc_text_field('{$fld[$i]}', \"\", (\$class_id ? \$class_id : \$classID), 1) ?><br />\r\n";
break;
case 4:
// List
$field_html .= "<?= nc_list_field('{$fld[$i]}', \"\", (\$class_id ? \$class_id : \$classID), 1) ?><br />\r\n";
break;
case 5:
// Bool
$field_html .= "<?= nc_bool_field('{$fld[$i]}', \"\", (\$class_id ? \$class_id : \$classID ), 1) ?><br />\r\n";
break;
case 6:
// File
$field_html .= "<?= nc_file_field('{$fld[$i]}', \"size='50'\", (\$class_id ? \$class_id : \$classID), 1) ?><br />\r\n";
break;
case 7:
// Float
$field_html .= "<?= nc_float_field('{$fld[$i]}', \"maxlength='12' size='12'\", ( \$class_id ? \$class_id : \$classID), 1) ?><br />\r\n";
break;
case 8:
// DateTime
$field_html .= "<?= nc_date_field('{$fld[$i]}', \"\", (\$class_id ? \$class_id : \$classID), 1) ?><br />\r\n";
break;
case 9:
// Relation
$field_html .= "<?= nc_related_field('{$fld[$i]}', \"\") ?><br />\r\n";
break;
case 10:
// Multiselect
$field_html .= "<?= nc_multilist_field('{$fld[$i]}', \"\", \"\", (\$class_id ? \$class_id : \$classID), 1) ?><br />\r\n";
break;
case 11:
// Multifile
$field_html .= "<?= \$f_{$fld[$i]}->form() ?><br />\r\n";
break;
}
if ($admin_edit) {
$field_html = "<? if (nc_field_check_admin_perm()) { ?>\n" . $field_html . "<? } ?>";
}
$result .= $field_html . "<br />\r\n";
}
if (!$systemTableID || $systemTableID && $user_table_mode) {
# caption для кнопки
switch ($action) {
case "add":
$submitBtnName = "NETCAT_MODERATION_BUTTON_ADD";
break;
case "change":
$submitBtnName = "NETCAT_MODERATION_BUTTON_CHANGE";
break;
}
$resetBtnName = "NETCAT_MODERATION_BUTTON_RESET";
if ($user_table_mode && $posting == 0 && $action == "add") {
$result .= NETCAT_MODERATION_PASSWORD . ":<br/><input name='Password1' type='password' size='25' maxlength='32' value='' /><br/><br/>";
$result .= NETCAT_MODERATION_PASSWORDAGAIN . ":<br/><input name='Password2' type='password' size='25' maxlength='32' value='' /><br/><br/>";
}
# защита картинкой
if ($action == "add" && $MODULE_VARS["captcha"] && function_exists("imagegif")) {
$result .= "<? if (!\$AUTH_USER_ID && \$current_cc['UseCaptcha'] && \$MODULE_VARS['captcha']) { ?><?= nc_captcha_formfield() ?><br/><br/><?= NETCAT_MODERATION_CAPTCHA ?> (*):<br/><input type='text' name='nc_captcha_code' size='10'><br/><br/><? } ?>\r\n";
}
$result .= "<div><?= NETCAT_MODERATION_INFO_REQFIELDS ?></div><br/>\r\n";
$result .= "<?= nc_submit_button({$submitBtnName}) ?>\r\n";
$result .= "</form>";
}
break;
# поиск
# поиск
case "search":
# функция генерации формы поиска из файла "/require/s_list.inc.php"
# для работы нужны данные из "message_fields.php"
$srchFrm = showSearchForm($fldName, $fldType, $fldDoSearch, $fldFmt);
// если нет полей для поиска
if (!$srchFrm) {
return "";
}
$form_action = "<?= (\$admin_mode ? \$HTTP_ROOT_PATH.'index.php?' : nc_infoblock_path(\$current_cc['Sub_Class_ID']) ) ?>";
$result .= "<form action='{$form_action}' method='get'>\n<? if (\$admin_mode || \$inside_admin) : ?>\n <input type='hidden' name='admin_mode' value='1' />\n <input name='catalogue' type='hidden' value='<?= \$catalogue ?>' />\n <input name='cc' type='hidden' value='<?= \$cc ?>' />\n <input name='sub' type='hidden' value='<?= \$sub ?>' />\n<? endif; ?>\n<? if (\$inside_admin) : ?>\n <input type='hidden' name='inside_admin' value='1' />\n<? endif; ?>\n<input type='hidden' name='action' value='index' />\n<input type='hidden' name='admin_mode' value='<?= \$admin_mode ?>' />\n{$srchFrm}\n<input value='<?= NETCAT_SEARCH_FIND_IT ?>' type='submit' />\n</form>";
break;
case "message":
# Альтернативная форма удаления
$result = "<? " . "\$f_delete_true = \$admin_mode\r\n" . " ? \$admin_url_prefix.\"message.php?" . ($nc_core->token->is_use('drop') ? "\".\$nc_core->token->get_url().\"&" : "") . "catalogue=\".\$catalogue.\"&sub=\".\$sub.\"&cc=\".\$cc.\"&message=\".\$message.\"&delete=1&posting=1&curPos=\".\$curPos.\"&admin_mode=1\".\$system_env['AdminParameters']\r\n" . " : nc_object_path(\$current_cc['Class_ID'], \$message, 'drop', 'html', false, array('nc_token' => \$nc_core->token->get()));?>\r\n" . "<?= sprintf(NETCAT_MODERATION_WARN_COMMITDELETION, \$message) ?><br/><br/>\r\n";
$result .= "<a href='<?= \$f_delete_true ?>'><?= NETCAT_MODERATION_COMMON_KILLONE ?></a> | <a href='<?= \$goBackLink.\$system_env['AdminParameters'] ?>'><?= NETCAT_MODERATION_BACKTOSECTION ?></a>\r\n";
}
return $result;
}
$NETCAT_FOLDER = realpath(dirname(__FILE__) . '/../..') . DIRECTORY_SEPARATOR;
}
@(include_once $NETCAT_FOLDER . "vars.inc.php");
require_once $INCLUDE_FOLDER . "unicode.inc.php";
require_once $ROOT_FOLDER . 'connect_io.php';
$nc_core->inside_admin = $inside_admin = true;
$nc_core->admin_mode = $admin_mode = true;
$nc_core->load_default_extensions();
$nc_core->load_files(1);
$lang = $nc_core->lang->detect_lang();
require_once $ADMIN_FOLDER . "lang/" . $lang . ".php";
$PHP_AUTH_LANG = $lang;
$load_all_modules = strstr($REQUEST_URI, $HTTP_ROOT_PATH . "modules") ? true : false;
$nc_core->modules->load_env($nc_core->lang->acronym_from_full($lang), !$load_all_modules);
if ($nc_core->modules->get_by_keyword('auth')) {
$nc_auth = nc_auth::get_object();
// доступ только по https
if ($nc_core->NC_ADMIN_HTTPS && $_SERVER['HTTPS'] != 'on') {
header("Location: https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
// нужна ли каптча
if ($AuthPhase && $AUTH_USER && $nc_auth->need_captcha() && !nc_captcha_verify_code($nc_core->input->fetch_get_post('nc_captcha_code'))) {
$nc_auth->set_invalid_captcha();
$AuthPhase = 0;
}
}
// Admin Interface Initialization
$admin_mode = true;
LoadSettings();
$nc_token_login = $nc_core->input->fetch_get_post('nc_token_login');
/**
* Вывод формы авторизации пользователя
*/
function LoginForm()
{
global $REQUEST_URI, $AUTH_USER, $ADMIN_LANGUAGE, $ADMIN_TEMPLATE, $AUTH_PW;
global $posting, $USER_LANG, $ADMIN_AUTHTYPE, $AUTHORIZATION_TYPE;
global $SUB_FOLDER, $HTTP_ROOT_PATH;
global $nc_core;
if ($_REQUEST['AUTH_USER'] || $_REQUEST['AUTH_PW']) {
$textinfo = CONTROL_AUTH_LOGIN_OR_PASSWORD_INCORRECT;
}
$m_auth = $nc_core->modules->get_by_keyword('auth');
// есть модуль ЛК
$need_captcha = 0;
// нужна ли каптча
$login_en = 1;
// доступна авторизация по логину
$token_en = 0;
// доступна авторизация по токену
if ($m_auth) {
$nc_auth = nc_auth::get_object();
$login_en = $nc_core->get_settings('authtype_admin', 'auth') & NC_AUTHTYPE_LOGIN;
$token_en = $nc_auth->token_enabled();
$nc_auth_token = new nc_auth_token();
$nc_token_rand = $nc_auth_token->get_random_256();
$_SESSION['nc_token_rand'] = $nc_token_rand;
$need_captcha = $nc_auth->need_captcha();
if ($nc_auth->is_invalid_captcha()) {
$textinfo = NETCAT_MODULE_CAPTCHA_WRONG_CODE_SMALL;
}
}
$lang = Language_Show();
$sellang = $_COOKIE['PHP_AUTH_LANG'] ? $_COOKIE['PHP_AUTH_LANG'] : $ADMIN_LANGUAGE;
// селект с языком
$lang_select = "<div class='nc-select nc--blocked'><select name='NEW_AUTH_LANG'>";
foreach ($lang as $val) {
$lang_select .= "<option value='" . $val . "'" . ($val == $sellang ? " selected" : "") . ">" . $val . "</option>\n";
}
$lang_select .= " </select><i class='nc-caret'></i></div>";
// сохранить логин пароль
$loginsave = '';
if ($ADMIN_AUTHTYPE == 'manual' && $AUTHORIZATION_TYPE == 'cookie') {
$loginsave = nc_admin_checkbox_simple('loginsave', '', CONTROL_AUTH_HTML_SAVELOGIN);
}
?>
<noscript><div style="font-weight: bold;"><?php
echo CONTROL_AUTH_JS_REQUIRED;
?>
</div></noscript>
<?php
if ($m_auth) {
?>
<script type='text/javascript' src='<?php
echo $SUB_FOLDER . $HTTP_ROOT_PATH . 'modules/auth/auth.js';
?>
'></script>
<?php
}
?>
<script type='text/javascript'>
function authCheckFields () {
var authForm = document.getElementById('AUTH_FORM');
var login = document.getElementsByName('AUTH_USER');
var pass = document.getElementsByName('AUTH_PW');
switch (true) {
case (login.value == '' && pass.value == ''):
alert('<?php
echo CONTROL_AUTH_FIELDS_NOT_EMPTY;
?>
');
return false;
break;
case (login.value == ''):
alert('<?php
echo CONTROL_AUTH_LOGIN_NOT_EMPTY;
?>
');
return false;
break;
default:
return true;
//authForm.submit();
}
}
$nc(function() {
$nc('#AUTH_FORM').submit( function() {
var login = $nc("input[name = 'AUTH_USER']").val();
var pass = $nc("input[name = 'AUTH_PW']").val();
if (!login && !pass) {
alert('<?php
echo CONTROL_AUTH_FIELDS_NOT_EMPTY;
?>
');
return false;
}
if (!login) {
alert('<?php
echo CONTROL_AUTH_LOGIN_NOT_EMPTY;
?>
');
return false;
}
return true;
});
function place_footer() {
var footer = $nc('.bottom_line');
var form = $nc('.content');
var body_height = $nc(document.body).height();
var form_bottom = form.offset().top + form.height();
footer.css({top:null, bottom:null});
if (form_bottom + footer.height() > body_height) {
footer.css({top:form_bottom+'px'});
} else {
footer.css({bottom:'0px'});
}
}
$nc(window).resize(place_footer);
place_footer();
$nc('INPUT[name=AUTH_USER]').focus();
});
</script>
<form action='<?php
echo $REQUEST_URI;
?>
' method='post' name='AUTH_FORM' id='AUTH_FORM'>
<input type='hidden' name='AuthPhase' value='1'>
<table border='0' cellpadding='4' cellspacing='0' id="classical" style="display:none; margin:0 auto">
<tr>
<td></td>
<td class="nc-text-red"><?php
echo $textinfo;
?>
</td>
</tr>
<tr>
<td><label><?php
echo CONTROL_AUTH_HTML_LOGIN;
?>
</label></td>
<td><?php
echo nc_admin_input_simple('AUTH_USER', stripcslashes($AUTH_USER), 32, "", "id='AUTH_USER' class='nc--blocked' maxlength='255'");
?>
</td>
</tr>
<tr>
<td><label><?php
echo CONTROL_AUTH_HTML_PASSWORD;
?>
</label></td>
<td><?php
echo nc_admin_input_password('AUTH_PW', stripcslashes($AUTH_PW), 32, "", "class='nc--blocked' maxlength='255'");
?>
</td>
</tr>
<tr>
<td><label><?php
echo CONTROL_AUTH_HTML_LANG;
?>
</label></td>
<td><?php
echo $lang_select;
?>
</td>
</tr>
<?php
if ($need_captcha) {
?>
<tr>
<td></td>
<td class="captcha"><?php
echo nc_captcha_formfield();
?>
</td>
</tr>
<tr>
<td><?php
echo NETCAT_MODERATION_CAPTCHA_SMALL;
?>
</td>
<td><?php
echo nc_admin_input_simple('nc_captcha_code', '', 32, "maxlength='255'");
?>
</td>
</tr>
<?php
}
?>
<tr>
<td rowspan='2'><?php
echo $icon;
?>
</td>
<td><?php
echo $loginsave;
?>
</td>
</tr>
<tr>
<td>
<button type='submit' class="nc-btn nc--blue"><?php
echo CONTROL_AUTH_HTML_AUTH;
?>
</button>
<span id='menu'></span>
<?php
if ($posting && $REQUEST_URI != $REQUESTED_FROM) {
echo "<br/><a href='" . $REQUESTED_FROM . "' class='relogin'>" . CONTROL_AUTH_HTML_BACK . "</a>";
}
?>
</td>
</tr>
</table>
<!-- форма авторизация по токену -->
<?php
/*$token_en=1;*/
if ($token_en) {
?>
<table border='0' cellpadding='4' cellspacing='0' id="token" style="display:none; margin:0 auto">
<tr>
<td colspan="2">
<div id='tokeninfo' class="nc-alert nc--red"></div>
</td>
</tr>
<tr><td colspan="2">
<div id='nc_token_plugin_wrapper'></div>
<script>
$nc("#nc_token_plugin_wrapper").append("<object id='nc_token_plugin' type='application/x-rutoken' width='0' height='0'></object>");
</script>
<input type='hidden' value='' id='nc_token_signature' name='nc_token_signature'/>
</td></tr>
<tr>
<td><label><?php
echo CONTROL_AUTH_HTML_LOGIN;
?>
</label></td>
<td><div class='nc-select nc--blocked'><select name='nc_token_login' id='nc_token_login'></select><i class='nc-caret'></i></div></td>
</tr>
<tr>
<td><label><?php
echo CONTROL_AUTH_HTML_LANG;
?>
</label></td>
<td><?php
echo $lang_select;
?>
</td>
</tr>
<tr>
<td>
</td>
<td colspan="2">
<button onclick='nc_token_sign(); return false;' type='submit' class="nc-btn nc--blue"><?php
echo CONTROL_AUTH_HTML_AUTH;
?>
</button>
</td>
</tr>
</table>
<?php
}
?>
</form>
<script type='text/javascript'>
var authForm = document.getElementById('AUTH_FORM');
// перенаправлять туда, куда пользователь хотел зайти
authForm.action += window.location.hash;
function show_token () {
<?php
if ($login_en && $token_en) {
?>
$nc("#menu").html("<a href='#' class='nc-btn nc--small' onclick='show_classical(); return false;'><?php
echo NETCAT_AUTH_TYPE_LOGINPASSWORD;
?>
</a>");
<?php
}
?>
$nc("#classical").hide();
$nc("#token").show();
$nc("#classical :input").attr('disabled', true);
$nc("#token :input").removeAttr('disabled');
$nc('#tokeninfo').hide();
if ( !nc_token_obj.load() ) {
$nc('#tokeninfo').html("<?php
echo CONTROL_AUTH_USB_TOKEN_NOT_INSERTED;
?>
");
$nc('#tokeninfo').show();
}
}
function show_classical () {
<?php
if ($login_en && $token_en) {
?>
$nc("#menu").html("<button type='button' class='nc-btn nc--right nc--small' onclick='show_token()' ><?php
echo NETCAT_AUTH_TYPE_TOKEN;
?>
</button>");
<?php
}
?>
$nc("#classical").show();
$nc("#token").hide();
$nc("#classical :input").removeAttr('disabled');
$nc("#token :input").attr('disabled', true);
}
<?php
if ($m_auth) {
echo "nc_token_obj = new nc_auth_token ( {'randnum' : '" . $nc_token_rand . "'}); ";
}
?>
function nc_token_sign ( ) {
$nc('#tokeninfot').hide();
err_text = { 1: "<?php
echo CONTROL_AUTH_TOKEN_PLUGIN_DONT_INSTALL;
?>
", 2: "<?php
echo CONTROL_AUTH_USB_TOKEN_NOT_INSERTED;
?>
",
3: "<?php
echo CONTROL_AUTH_PIN_INCORRECT;
?>
", 4: "<?php
echo CONTROL_AUTH_KEYPAIR_INCORRECT;
?>
"};
if ( (err_num = nc_token_obj.sign()) ) {
$nc('#tokeninfo').html(err_text[err_num]);
$nc('#tokeninfo').show();
}
}
<?php
echo $login_en ? "show_classical();" : "show_token();";
?>
</script>
<?php
}
protected function get_cond($notall = 0)
{
$nc_core = nc_Core::get_object();
$current_catalogue = $nc_core->catalogue->get_by_host_name($_SERVER['HTTP_HOST']);
$catalogue = $current_catalogue['Catalogue_ID'];
if ($nc_core->modules->get_by_keyword('auth')) {
$nc_auth = nc_auth::get_object();
$SqlCheckIp = $nc_auth->get_sql_check_ip();
$query_where_cat = $nc_core->get_settings('bind_to_catalogue', 'auth') ? " AND `u`.Catalogue_ID IN(0," . ($catalogue + 0) . ")" : "";
} else {
$SqlCheckIp = '';
$query_where_cat = '';
}
return ($notall ? "" : $SqlCheckIp) . $query_where_cat;
}