function postcalendar_admin_categoriesConfirm()
{
if (!PC_ACCESS_ADMIN) {
return _POSTCALENDAR_NOAUTH;
}
$output = new pnHTML();
$output->SetInputMode(_PNH_VERBATIMINPUT);
$header = <<<EOF
\t<html>
\t<head></head>
\t<body bgcolor=
EOF;
$header .= '"' . $GLOBALS['style']['BGCOLOR2'] . '">';
$output->Text($header);
$output->Text(postcalendar_adminmenu());
list($id, $del, $name, $value_cat_type, $desc, $color, $event_repeat, $event_repeat_freq, $event_repeat_freq_type, $event_repeat_on_num, $event_repeat_on_day, $event_repeat_on_freq, $durationh, $durationm, $end_date_flag, $end_date_type, $end_date_freq, $end_all_day, $newname, $newdesc, $newcolor, $new_event_repeat, $new_event_repeat_freq, $new_event_repeat_freq_type, $new_event_repeat_on_num, $new_event_repeat_on_day, $new_event_repeat_on_freq, $new_durationh, $new_durationm, $new_limitid, $new_end_date_flag, $new_end_date_type, $new_end_date_freq, $new_end_all_day, $new_value_cat_type) = pnVarCleanFromInput('id', 'del', 'name', 'value_cat_type', 'desc', 'color', 'event_repeat', 'event_repeat_freq', 'event_repeat_freq_type', 'event_repeat_on_num', 'event_repeat_on_day', 'event_repeat_on_freq', 'durationh', 'durationm', 'end_date_flag', 'end_date_type', 'end_date_freq', 'end_all_day', 'newname', 'newdesc', 'newcolor', 'newevent_repeat', 'newevent_repeat_freq', 'newevent_repeat_freq_type', 'newevent_repeat_on_num', 'newevent_repeat_on_day', 'newevent_repeat_on_freq', 'newdurationh', 'newdurationm', 'newlimitid', 'newend_date_flag', 'newend_date_type', 'newend_date_freq', 'newend_all_day', 'newvalue_cat_type');
//data validation
foreach ($name as $i => $item) {
if (empty($item)) {
$output->Text(postcalendar_admin_categories($msg, "Category Names must contain a value!"));
return $output->GetOutput();
}
$tmp = $color[$i];
if (strlen($tmp) != 7 || $tmp[0] != "#") {
$e = $tmp . " size " . strlen($tmp) . " at 0 " . $tmp[0];
$output->Text(postcalendar_admin_categories($msg, "You entered an invalid color(USE Pick) {$e}!"));
return $output->GetOutput();
}
}
foreach ($durationh as $i => $val) {
if (!is_numeric($durationh[$i]) || !is_numeric($durationm[$i]) || !is_numeric($event_repeat_freq[$i]) || !is_numeric($event_repeat_on_freq[$i]) || !is_numeric($end_date_freq[$i])) {
$output->Text(postcalendar_admin_categories($msg, " Hours, Minutes and recurrence values must be numeric!"));
return $output->GetOutput();
}
}
if (!empty($newnam)) {
if (!is_numeric($new_durationh) || !is_numeric($new_durationm) || !is_numeric($new_event_repeat_freq) || !is_numeric($new_event_repeat_on_freq) || !is_numeric($new_end_date_freq)) {
$output->Text(postcalendar_admin_categories($msg, "Hours, Minutes and recurrence values must be numeric!"));
return $output->GetOutput();
}
}
$new_duration = $new_durationh * (60 * 60) + $new_durationm * 60;
$event_recurrspec = serialize(compact('event_repeat_freq', 'event_repeat_freq_type', 'event_repeat_on_num', 'event_repeat_on_day', 'event_repeat_on_freq'));
$new_event_recurrspec = serialize(compact('new_event_repeat_freq', 'new_event_repeat_freq_type', 'new_event_repeat_on_num', 'new_event_repeat_on_day', 'new_event_repeat_on_freq'));
if (is_array($del)) {
$dels = implode(',', $del);
$delText = _PC_DELETE_CATS . $dels . '.';
}
$output->FormStart(pnModURL(__POSTCALENDAR__, 'admin', 'categoriesUpdate'));
$output->Text(_PC_ARE_YOU_SURE);
$output->Linebreak(2);
// deletions
if (isset($delText)) {
$output->FormHidden('dels', $dels);
$output->Text($delText);
$output->Linebreak();
}
if (!empty($newname)) {
$output->FormHidden('newname', $newname);
$output->FormHidden('newdesc', $newdesc);
$output->FormHidden('newvalue_cat_type', $new_value_cat_type);
$output->FormHidden('newcolor', $newcolor);
$output->FormHidden('newevent_repeat', $new_event_repeat);
$output->FormHidden('newevent_recurrfreq', $new_event_repeat_freq);
$output->FormHidden('newevent_recurrspec', $new_event_recurrspec);
$output->FormHidden('newduration', $new_duration);
$output->FormHidden('newlimitid', $new_limitid);
$output->FormHidden('newend_date_flag', $new_end_date_flag);
$output->FormHidden('newend_date_type', $new_end_date_type);
$output->FormHidden('newend_date_freq', $new_end_date_freq);
$output->FormHidden('newend_all_day', $new_end_all_day);
$output->Text(_PC_ADD_CAT . $newname . '.');
$output->Linebreak();
}
$output->Text(_PC_MODIFY_CATS);
$output->FormHidden('id', serialize($id));
$output->FormHidden('del', serialize($del));
$output->FormHidden('name', serialize($name));
$output->FormHidden('desc', serialize($desc));
$output->FormHidden('value_cat_type', serialize($value_cat_type));
$output->FormHidden('color', serialize($color));
$output->FormHidden('event_repeat', serialize($event_repeat));
$output->FormHidden('event_recurrspec', $event_recurrspec);
$output->FormHidden('durationh', serialize($durationh));
$output->FormHidden('durationm', serialize($durationm));
$output->FormHidden('end_date_flag', serialize($end_date_flag));
$output->FormHidden('end_date_type', serialize($end_date_type));
$output->FormHidden('end_date_freq', serialize($end_date_freq));
$output->FormHidden('end_all_day', serialize($end_all_day));
$output->Linebreak();
$output->FormSubmit(_PC_CATS_CONFIRM);
$output->FormEnd();
return $output->GetOutput();
}
function postcalendar_user_delete()
{
if (!(bool) PC_ACCESS_ADD) {
return _POSTCALENDAR_NOAUTH;
}
$output = new pnHTML();
$output->SetInputMode(_PNH_VERBATIMINPUT);
$uname = $_SESSION['authUser'];
list($action, $pc_event_id) = pnVarCleanFromInput('action', 'pc_event_id');
$event =& postcalendar_userapi_pcGetEventDetails($pc_event_id);
if ($uname != $event['uname']) {
if (!validateGroupStatus($uname, getUsername($event['uname']))) {
return _PC_CAN_NOT_DELETE;
}
}
//if($uname != $event['uname']) {
// return _PC_CAN_NOT_DELETE;
//}
unset($event);
$output->FormStart(pnModUrl(__POSTCALENDAR__, 'user', 'deleteevents'));
$output->FormHidden('pc_eid', $pc_event_id);
$output->Text(_PC_DELETE_ARE_YOU_SURE . ' ');
$output->FormSubmit(_PC_ADMIN_YES);
$output->FormEnd();
$output->Linebreak(2);
$output->Text(pnModAPIFunc(__POSTCALENDAR__, 'user', 'eventDetail', array('eid' => $pc_event_id, 'cacheid' => '', 'print' => 0, 'Date' => '')));
$output->Linebreak(2);
return $output->GetOutput();
}
function modules_admin_modify()
{
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
$output = new pnHTML();
$id = pnVarCleanFromInput('id');
$dbid = pnVarPrepForStore($id);
$modulestable = $pntable['modules'];
$modulescolumn =& $pntable['modules_column'];
$query = "SELECT {$modulescolumn['name']},\n {$modulescolumn['displayname']},\n {$modulescolumn['description']}\n FROM {$modulestable}\n WHERE {$modulescolumn['id']} = {$dbid}";
$result = $dbconn->Execute($query);
if ($result->EOF) {
$output->Text(_ERRMODNOSUCHMODID);
return $output->GetOutput();
}
list($name, $displayname, $description) = $result->fields;
$result->Close();
if (!pnSecAuthAction(0, 'Modules::', "{$name}::{$id}", ACCESS_ADMIN)) {
$output->Text(_MODULESEDITNOAUTH);
return $output->GetOutput();
}
// Start form
$output->FormStart(pnModURL('Modules', 'admin', 'update'));
$output->FormHidden('authid', pnSecGenAuthKey());
$output->FormHidden('id', $id);
// Name
$output->Text(_MODULESNEWNAME);
$output->Linebreak();
$output->FormText('newdisplayname', $displayname, 30, 30);
$output->Linebreak(2);
// Description
$output->Text(_MODULESNEWDESCRIPTION);
$output->Linebreak();
$output->FormText('newdescription', $description, 60, 254);
$output->Linebreak(2);
// Hooks
$hookstable = $pntable['hooks'];
$hookscolumn =& $pntable['hooks_column'];
$sql = "SELECT DISTINCT {$hookscolumn['smodule']},\n {$hookscolumn['tmodule']}\n FROM {$hookstable}\n WHERE {$hookscolumn['smodule']} IS NULL\n OR {$hookscolumn['smodule']} = '" . pnVarPrepForStore($name) . "'\n ORDER BY {$hookscolumn['tmodule']},\n {$hookscolumn['smodule']} DESC";
$result = $dbconn->Execute($sql);
$displayed = array();
for (; !$result->EOF; $result->MoveNext()) {
list($smodname, $tmodname) = $result->fields;
// Only display once
if (isset($displayed[$tmodname])) {
continue;
}
$displayed[$tmodname] = true;
if (!empty($smodname)) {
$checked = 1;
} else {
$checked = 0;
}
$output->Text(_MODULESACTIVATE . ' ' . strtolower($tmodname) . ' ' . _MODULESFORTHIS);
$output->FormCheckbox('hooks_' . pnVarPrepForDisplay($tmodname), $checked);
$output->Linebreak(2);
}
$result->Close();
// End form
$output->FormSubmit(_COMMIT);
$output->FormEnd();
return $output->GetOutput();
}
function postcalendar_adminapi_buildAdminList($args)
{
extract($args);
$output = new pnHTML();
$output->SetInputMode(_PNH_VERBATIMINPUT);
pnThemeLoad(pnUserGetTheme());
// get the theme globals :: is there a better way to do this?
global $bgcolor1, $bgcolor2, $bgcolor3, $bgcolor4, $bgcolor5;
global $textcolor1, $textcolor2;
$formUrl = pnModUrl(__POSTCALENDAR__, 'admin', 'adminevents');
$output->FormStart($formUrl);
$output->Text('<table border="0" cellpadding="1" cellspacing="0" width="100%" bgcolor="' . $bgcolor2 . '"><tr><td>');
$output->Text('<table border="0" cellpadding="5" cellspacing="0" width="100%" bgcolor="' . $bgcolor1 . '"><tr><td>');
$output->Text('<center><font size="4"><b>' . $title . '</b></font></center>');
$output->Text('</td></tr></table>');
$output->Text('</td></tr></table>');
$output->Linebreak();
$output->Text('<table border="0" cellpadding="1" cellspacing="0" width="100%" bgcolor="' . $bgcolor2 . '"><tr><td>');
$output->Text('<table border="0" cellpadding="5" cellspacing="0" width="100%" bgcolor="' . $bgcolor1 . '">');
if (!$result || $result->EOF) {
$output->Text('<tr><td width="100%" bgcolor="' . $bgcolor1 . '" align="center"><b>' . _PC_NO_EVENTS . '</b></td></tr>');
} else {
$output->Text('<tr><td bgcolor="' . $bgcolor1 . '" align="center"><b>' . _PC_EVENTS . '</b></td></tr>');
$output->Text('<table border="0" cellpadding="2" cellspacing="0" width="100%" bgcolor="' . $bgcolor1 . '">');
// build sorting urls
if (!isset($sdir)) {
$sdir = 1;
} else {
$sdir = $sdir ? 0 : 1;
}
$title_sort_url = pnModUrl(__POSTCALENDAR__, 'admin', $function, array('offset' => $offset, 'sort' => 'title', 'sdir' => $sdir));
$time_sort_url = pnModUrl(__POSTCALENDAR__, 'admin', $function, array('offset' => $offset, 'sort' => 'time', 'sdir' => $sdir));
$output->Text('<tr><td>select</td><td><a href="' . $title_sort_url . '">title</a></td><td><a href="' . $time_sort_url . '">timestamp</a><td></tr>');
// output the queued events
$count = 0;
for (; !$result->EOF; $result->MoveNext()) {
list($eid, $title, $timestamp) = $result->fields;
$output->Text('<tr>');
$output->Text('<td align="center" valign="top">');
$output->FormCheckbox('pc_event_id[]', false, $eid);
$output->Text('</td>');
$output->Text('<td align="left" valign="top" width="100%">');
$output->URL(pnModURL(__POSTCALENDAR__, 'admin', 'edit', array('pc_event_id' => $eid)), pnVarPrepHTMLDisplay(postcalendar_removeScriptTags($title)));
$output->Text('</td>');
$output->Text('<td align="left" valign="top" nowrap>');
$output->Text($timestamp);
$output->Text('</td>');
$output->Text('</tr>');
$count++;
}
$output->Text('</table>');
}
$output->Text('</td></tr></table>');
if ($result->NumRows()) {
$output->Linebreak();
// action to take?
$output->Text('<table border="0" cellpadding="1" cellspacing="0" width="100%" bgcolor="' . $bgcolor2 . '"><tr><td>');
$output->Text('<table border="0" cellpadding="5" cellspacing="0" width="100%" bgcolor="' . $bgcolor1 . '"><tr>');
$output->Text('<td align="left" valign="middle">');
$seldata[0]['id'] = _ADMIN_ACTION_VIEW;
$seldata[0]['selected'] = 1;
$seldata[0]['name'] = _PC_ADMIN_ACTION_VIEW;
$seldata[1]['id'] = _ADMIN_ACTION_APPROVE;
$seldata[1]['selected'] = 0;
$seldata[1]['name'] = _PC_ADMIN_ACTION_APPROVE;
$seldata[2]['id'] = _ADMIN_ACTION_HIDE;
$seldata[2]['selected'] = 0;
$seldata[2]['name'] = _PC_ADMIN_ACTION_HIDE;
$seldata[3]['id'] = _ADMIN_ACTION_DELETE;
$seldata[3]['selected'] = 0;
$seldata[3]['name'] = _PC_ADMIN_ACTION_DELETE;
$output->FormSelectMultiple('action', $seldata);
$output->FormHidden('thelist', $function);
$output->FormSubmit(_PC_PERFORM_ACTION);
$output->Text('</td>');
$output->Text('</tr></table>');
$output->Text('</td></tr></table>');
$output->Linebreak();
// start previous next links
$output->Text('<table border="0" cellpadding="1" cellspacing="0" width="100%" bgcolor="' . $bgcolor2 . '"><tr><td>');
$output->Text('<table border="0" cellpadding="5" cellspacing="0" width="100%" bgcolor="' . $bgcolor1 . '"><tr>');
if ($offset > 1) {
$output->Text('<td align="left">');
$next_link = pnModUrl(__POSTCALENDAR__, 'admin', $function, array('offset' => $offset - $offset_increment, 'sort' => $sort, 'sdir' => $sdir));
$output->Text('<a href="' . $next_link . '"><< ' . _PC_PREV . ' ' . $offset_increment . '</a>');
$output->Text('</td>');
} else {
$output->Text('<td align="left"><< ' . _PC_PREV . '</td>');
}
if ($result->NumRows() >= $offset_increment) {
$output->Text('<td align="right">');
$next_link = pnModUrl(__POSTCALENDAR__, 'admin', $function, array('offset' => $offset + $offset_increment, 'sort' => $sort, 'sdir' => $sdir));
$output->Text('<a href="' . $next_link . '">' . _PC_NEXT . ' ' . $offset_increment . ' >></a>');
$output->Text('</td>');
} else {
$output->Text('<td align="right">' . _PC_NEXT . ' >></td>');
}
$output->Text('</tr></table>');
}
$output->Text('</td></tr></table>');
// end previous next links
$output->FormEnd();
return $output->GetOutput();
}
/**
* composite function for generic confirmation of action
*
* @param string $confirm_text Confirmation message to display
* @param string $confirm_url URL to go to if confirm button is clicked
* @param string $cancel_text Link text cor the cancel message
* @param string $cancel_url URL to go to is action is canceled
* @param array $arg An array of args to create hidden fields for
*
* @access public
*/
function ConfirmAction($confirm_text, $confirm_url, $cancel_text, $cancel_url, $arg = array())
{
$compoutput = new pnHTML();
$compoutput->FormStart($confirm_url);
$compoutput->Text($confirm_text);
$compoutput->Linebreak(2);
$arg['confirm'] = 1;
$arg['authid'] = pnSecGenAuthKey();
$arg['confirmation'] = 1;
$compoutput->FormHidden($arg);
$compoutput->FormSubmit(_CONFIRM);
$compoutput->Linebreak(2);
$compoutput->URL($cancel_url, $cancel_text);
$compoutput->FormEnd();
if ($this->GetOutputMode() == _PNH_RETURNOUTPUT) {
$compoutput->SetOutputMode(_PNH_RETURNOUTPUT);
return $compoutput->PrintPage();
} else {
$compoutput->SetOutputMode(_PNH_RETURNOUTPUT);
$this->output .= $compoutput->GetOutput();
}
}
function dplink_adminmenu()
{
$theme = pnUserGetTheme();
pnThemeLoad($theme);
// Create output object
$output = new pnHTML();
// Security check
if (!pnSecAuthAction(0, 'dplink::', '::', ACCESS_ADMIN)) {
$output->Text(pnVarPrepHTMLDisplay(_SHIMLINKNOAUTH));
return $output->GetOutput();
}
//Title
ob_start();
OpenTable();
$oTable = ob_get_contents();
ob_end_clean();
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text($oTable);
$output->Title(pnVarPrepHTMLDisplay('<b>' . _SHIMLINK . '</b>'));
$output->Text(pnVarPrepHTMLDisplay(_SHIMLINKMODIFYCONFIG));
ob_start();
CloseTable();
$cTable = ob_get_contents();
ob_end_clean();
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text($cTable);
// Start form
$output->FormStart(pnModURL('dplink', 'admin', 'updateconfig'));
// Add an authorisation ID
$output->FormHidden('authid', pnSecGenAuthKey());
// Start the table that holds the information to be modified.
ob_start();
OpenTable();
$oTable = ob_get_contents();
ob_end_clean();
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text($oTable);
$output->TableStart();
// dplink location
$row = array();
$output->SetOutputMode(_PNH_RETURNOUTPUT);
$row[] = $output->Text(pnVarPrepHTMLDisplay(_MODSUBJECT));
$row[] = $output->FormText('url', pnModGetVar('dplink', 'url'), 50, 50);
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->TableAddrow($row, 'left');
// Warning
$row = array();
$output->SetOutputMode(_PNH_RETURNOUTPUT);
$row[] = $output->Text(pnVarPrepHTMLDisplay(_MODWARNING));
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->TableAddrow($row, 'left');
// Use I-frame
$row = array();
$output->SetOutputMode(_PNH_RETURNOUTPUT);
$row[] = $output->Text(pnVarPrepHTMLDisplay(_MODWRAP));
$row[] = $output->FormCheckbox('use_wrap', pnModGetVar('dplink', 'use_wrap'));
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->TableAddrow($row, 'left');
// Open in New >Window
$row = array();
$output->SetOutputMode(_PNH_RETURNOUTPUT);
$row[] = $output->Text(pnVarPrepHTMLDisplay(_MODWINDOW));
$row[] = $output->FormCheckbox('use_window', pnModGetVar('dplink', 'use_window'));
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->TableAddrow($row, 'left');
$output->TableEnd();
ob_start();
CloseTable();
$cTable = ob_get_contents();
ob_end_clean();
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text($cTable);
// End form
//$output->Linebreak(1);
ob_start();
OpenTable();
$oTable = ob_get_contents();
ob_end_clean();
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text($oTable);
$output->Text('<div align="center"><br>');
$output->FormSubmit(pnVarPrepHTMLDisplay(_SHIMLINKUPDATE));
$output->Text('<br><br></div>');
ob_start();
CloseTable();
$cTable = ob_get_contents();
ob_end_clean();
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text($cTable);
$output->FormEnd();
// Return the output that has been generated by this function
$output->SetOutputMode(_PNH_KEEPOUTPUT);
return $output->GetOutput();
}
/**
* This is a standard function to modify the configuration parameters of the
* module
*/
function template_admin_modifyconfig()
{
// Create output object - this object will store all of our output so that
// we can return it easily when required
$output = new pnHTML();
// Security check - important to do this as early as possible to avoid
// potential security holes or just too much wasted processing
if (!pnSecAuthAction(0, 'Template::', '::', ACCESS_ADMIN)) {
$output->Text(_TEMPLATENOAUTH);
return $output->GetOutput();
}
// Add menu to output - it helps if all of the module pages have a standard
// menu at their head to aid in navigation
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->Text(template_adminmenu());
$output->SetInputMode(_PNH_PARSEINPUT);
// Title - putting a title ad the head of each page reminds the user what
// they are doing
$output->Title(_TEMPLATEMODIFYCONFIG);
// Start form - note the use of pnModURL() to create the recipient URL of
// this form. All URLs should be generated through pnModURL() to ensure
// compatibility with future versions of PostNuke
$output->FormStart(pnModURL('Template', 'admin', 'updateconfig'));
// Add an authorisation ID - this adds a hidden field in the form that
// contains an authorisation ID. The authorisation ID is very important in
// preventing certain attacks on the website
$output->FormHidden('authid', pnSecGenAuthKey());
// Start the table that holds the information to be modified. Note how
// each item in the form is kept logically separate in the code; this helps
// to see which part of the code is responsible for the display of each
// item, and helps with future modifications
$output->TableStart();
// Bold
$row = array();
$output->SetOutputMode(_PNH_RETURNOUTPUT);
$row[] = $output->Text(pnVarPrepForDisplay(_TEMPLATEDISPLAYBOLD));
$row[] = $output->FormCheckbox('bold', pnModGetVar('Template', 'bold'));
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->TableAddrow($row, 'left');
$output->SetInputMode(_PNH_PARSEINPUT);
$output->Linebreak(2);
// Number of items to display per page
$row = array();
$output->SetOutputMode(_PNH_RETURNOUTPUT);
$row[] = $output->Text(pnVarPrepForDisplay(_TEMPLATEITEMSPERPAGE));
$row[] = $output->FormText('itemsperpage', pnModGetVar('Template', 'itemsperpage'), 3, 3);
$output->SetOutputMode(_PNH_KEEPOUTPUT);
$output->SetInputMode(_PNH_VERBATIMINPUT);
$output->TableAddrow($row, 'left');
$output->SetInputMode(_PNH_PARSEINPUT);
$output->Linebreak(2);
$output->TableEnd();
// End form
$output->Linebreak(2);
$output->FormSubmit(_TEMPLATEUPDATE);
$output->FormEnd();
// Return the output that has been generated by this function
return $output->GetOutput();
}
