function SetCommonLoginStatus(&$tpl, $paramArray = array()) { $toolbar_tpl = new HTML_Template_IT("./"); $toolbar_tpl->loadTemplatefile("common_loginstatus.tpl.html", true, true); // parse the section depending on the current state of the user if (!IsLogged()) { // not logged, calculate return page $returnPage = $_SERVER['PHP_SELF']; $getCount = count($_GET); if ($getCount > 0) { $returnPage .= "?"; $i = 0; foreach (array_keys($_GET) as $getParam) { $returnPage .= $getParam . "=" . $_GET[$getParam]; if ($i < $getCount - 1) { $returnPage .= "&"; } $i++; } } $toolbar_tpl->setCurrentBlock("not_logged"); $toolbar_tpl->setVariable("RETURN_PAGE", urlencode($returnPage)); $toolbar_tpl->parseCurrentBlock("not_logged"); } else { if (array_key_exists("ItemId", $paramArray)) { $projectId = GetProjectIdForItem($paramArray["ItemId"]); } elseif (array_key_exists("UnitId", $paramArray)) { $projectId = GetProjectIdForUnit($paramArray["UnitId"]); } elseif (array_key_exists("ProjectId", $paramArray)) { $projectId = $paramArray["ProjectId"]; } else { $projectId = ""; } if ($projectId == "") { // no project Id, we simply indicate the logged in state $toolbar_tpl->setCurrentBlock("logged"); $toolbar_tpl->setVariable("USERNAME", GetLoggedUserName()); $toolbar_tpl->parseCurrentBlock("logged"); } else { if (!IsWriter($projectId)) { // no write access to project $toolbar_tpl->setCurrentBlock("not_allowed"); $toolbar_tpl->setVariable("USERNAME", GetLoggedUserName()); $toolbar_tpl->parseCurrentBlock("not_allowed"); } else { // full write access $toolbar_tpl->setCurrentBlock("logged_and_write"); $toolbar_tpl->setVariable("USERNAME", GetLoggedUserName()); $toolbar_tpl->parseCurrentBlock("logged_and_write"); } } } $tpl->setVariable("COMMON_LOGIN_STATUS", $toolbar_tpl->get()); }
require_once "data_access.php"; require_once "security_utils.php"; require_once "page_blocks.php"; require_once "mailer.php"; StartAccessToDB(); $tpl = new HTML_Template_IT("./"); $tpl->loadTemplatefile("submit_item.tpl.html", true, true); SetCommonLoginStatus($tpl); SetCommonToolbar($tpl); SetCommonFooter($tpl); // setup the "Back" link if (array_key_exists("item_id", $_POST) && $_POST["item_id"] != "") { $tpl->setCurrentBlock("back_item"); $tpl->setVariable("ITEM_ID", $_POST["item_id"]); $tpl->parseCurrentBlock("back_item"); $projectId = GetProjectIdForItem($_POST["item_id"]); } else { $tpl->setCurrentBlock("back_unit"); $tpl->setVariable("UNIT_ID", $_POST["unit_id"]); $tpl->parseCurrentBlock("back_unit"); $projectId = GetProjectIdForUnit($_POST["unit_id"]); } $isLogged = IsLogged(); // If user is logged in and had write access, we directly update the database if ($isLogged && IsWriter($projectId)) { $_POST["description"] = str_replace("\\\\", "\\", $_POST["description"]); // if we have an item_id, we update, else we add if (array_key_exists("item_id", $_POST) && $_POST["item_id"] != "") { $msg = ModifyItem($_POST["item_id"], $_POST["name"], $_POST["summary"], $_POST["description"], $_POST["return_value"], $_POST["see_also_list"], $_POST["parameters"], $_POST["extras"], $_POST["jvcl_info"], GetLoggedUserId()); } else { $msg = AddItem($_POST["unit_id"], $_POST["name"], $_POST["summary"], $_POST["description"], $_POST["return_value"], $_POST["see_also_list"], $_POST["parameters"], $_POST["extras"], $_POST["jvcl_info"], GetLoggedUserId());
$tpl = new HTML_Template_IT("./"); if ($edit) { $tpl->loadTemplatefile("item_edit.tpl.html", true, true); } else { $tpl->loadTemplatefile("item.tpl.html", true, true); } SetCommonLoginStatus($tpl, array("UnitId" => $unitInfos["Id"])); SetCommonToolbar($tpl); SetCommonFooter($tpl); if (!$edit) { SetLastChanged($tpl, $itemInfos["userId"], $itemInfos["LastChange"]); } $tpl->setVariable("UNIT_NAME", str_replace(".dtx", ".pas", $unitInfos["Name"])); $tpl->setVariable("UNIT_ID", $unitInfos["Id"]); if (is_numeric($itemId)) { SetItemImage($tpl, $itemInfos["Name"], GetProjectIdForItem($itemId)); $tpl->setVariable("ITEM_NAME", $itemInfos["Name"]); $tpl->setVariable("ITEM_ID", $itemId); $baseclass = trim(substr($itemInfos["Name"], 0, strpos($itemInfos["Name"], "."))); if ($baseclass == "") { $baseclass = $itemInfos["Name"]; } } if (!$edit) { // Assign data to the Summary block if ($itemInfos["Summary"] != "") { $tpl->setCurrentBlock("summary"); $tpl->setVariable("SUMMARY", EncodeString(FormatEndLines(ProcessExtLinks($itemInfos["Summary"])))); $tpl->parseCurrentBlock("summary"); } // Assign data to the Parameters block
require_once "page_blocks.php"; require_once "not_a_power_user.php"; if (!IsPower()) { die(GetNotAPowerUserPage()); } StartAccessToDB(); $msg = ""; if (array_key_exists("action", $_POST)) { $action = $_POST["action"]; } else { $action = ""; } if ($action == "accept") { if ($_POST["original_item_id"] > 0) { // This is a modification if (!LoggedUserHasAccessToProject(GetProjectIdForItem($_POST["original_item_id"]))) { $msg = "You do not have access to this project."; } else { $msg = ModifyItem($_POST["original_item_id"], $_POST["name"], $_POST["summary"], $_POST["description"], $_POST["return_value"], $_POST["see_also_list"], $_POST["parameters"], $_POST["extras"], $_POST["jvcl_info"], GetLoggedUserId()); } } else { // This is an addition if (!LoggedUserHasAccessToProject(GetProjectIdForUnit($_POST["unit_id"]))) { $msg = "You do not have access to this project."; } else { $msg = AddItem($_POST["unit_id"], $_POST["name"], $_POST["summary"], $_POST["description"], $_POST["return_value"], $_POST["see_also_list"], $_POST["parameters"], $_POST["extras"], $_POST["jvcl_info"], GetLoggedUserId()); if (is_numeric($msg)) { $msg = ""; } } }