} else { if (is_AdminEditPage('newscategory')) { $tab = 'news'; $_GET['tab'] = 'categories'; $new = 'newCategory'; $update = 'updateCategory'; } } } if (isset($_GET['titlelink'])) { $result = $new(urldecode(sanitize($_GET['titlelink']))); } else { if (isset($_GET['update'])) { XSRFdefender('update'); $result = $update($reports); if (getCheckboxState('copy_delete_object')) { switch (sanitize($_POST['copy_delete_object'])) { case 'copy': $as = trim(sanitize($_POST['copy_object_as'])); if (empty($as)) { $as = sprintf(gettext('copy of %s'), $result->getTitle()); } $as = seoFriendly($as); $result->copy($as); $result = $new($as); $_GET['titlelink'] = $as; break; case 'delete': $reports[] = deleteZenpageObj($result, 'admin-' . $_GET['tab'] . '.php'); unset($_POST['subpage']); break;
/** * Updates a menu item (custom link, custom page only) set via POST * */ function updateMenuItem(&$reports) { $menuset = checkChosenMenuset(); $result['id'] = sanitize($_POST['id']); $result['show'] = getCheckboxState('show'); $result['type'] = sanitize($_POST['type']); $result['title'] = process_language_string_save("title", 2); $result['include_li'] = getCheckboxState('include_li'); if (isset($_POST['link'])) { $result['link'] = sanitize($_POST['link'], 0); } else { $result['link'] = ''; } if (getCheckboxState('span')) { $result['span_id'] = sanitize($_POST['span_id']); $result['span_class'] = sanitize($_POST['span_class']); } else { $result['span_id'] = ''; $result['span_class'] = ''; } // update the category in the category table $sql = "UPDATE " . prefix('menu') . " SET title = " . db_quote($result['title']) . ",link=" . db_quote($result['link']) . ",type=" . db_quote($result['type']) . ", `show`=" . db_quote($result['show']) . ",menuset=" . db_quote($menuset) . ",include_li=" . $result['include_li'] . ",span_id=" . db_quote($result['span_id']) . ",span_class=" . db_quote($result['span_class']) . " WHERE `id`=" . $result['id']; if (query($sql)) { if (isset($_POST['title']) && empty($result['title'])) { $reports[] = "<p class='errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . "</p>"; } else { if (isset($_POST['link']) && empty($result['link'])) { $reports[] = "<p class='errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>link</strong>!") . "</p>"; } else { $reports[] = "<p class='messagebox fade-message'>" . gettext("Menu item updated!") . "</p>"; } } } return $result; }
/** * Updates a menu item (custom link, custom page only) set via POST * */ function updateMenuItem(&$reports) { $menuset = checkChosenMenuset(); $result = array(); $result['id'] = sanitize($_POST['id']); $result['show'] = getCheckboxState('show'); $result['type'] = sanitize($_POST['type']); $result['title'] = process_language_string_save("title", 2); $result['include_li'] = getCheckboxState('include_li'); if (getCheckboxState('span')) { $result['span_id'] = sanitize($_POST['span_id']); $result['span_class'] = sanitize($_POST['span_class']); } else { $result['span_id'] = ''; $result['span_class'] = ''; } switch ($result['type']) { case 'album': $result['title'] = $result['link'] = sanitize($_POST['albumselect']); if (empty($result['link'])) { $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to select an album.") . " </p>"; return $result; } break; case 'galleryindex': $result['title'] = process_language_string_save("title", 2); $result['link'] = NULL; if (empty($result['title'])) { $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . " </p>"; return $result; } break; case 'zenpagepage': $result['title'] = NULL; $result['link'] = sanitize($_POST['pageselect']); if (empty($result['link'])) { $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>link</strong>!") . " </p>"; return $result; } break; case 'zenpagenewsindex': $result['title'] = process_language_string_save("title", 2); $result['link'] = NULL; if (empty($result['title'])) { $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . " </p>"; return $result; } break; case 'zenpagecategory': $result['title'] = NULL; $result['link'] = sanitize($_POST['categoryselect']); if (empty($result['link'])) { $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>link</strong>!") . " </p>"; return $result; } break; case 'custompage': $result['title'] = process_language_string_save("title", 2); $result['link'] = sanitize($_POST['custompageselect']); if (empty($result['title'])) { $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . " </p>"; return $result; } break; case 'customlink': $result['title'] = process_language_string_save("title", 2); if (empty($result['title'])) { $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . " </p>"; return $result; } $result['link'] = sanitize($_POST['link']); if (empty($result['link'])) { $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to provide a <strong>function</strong>!") . " </p>"; return $result; } break; case 'menulabel': $result['title'] = process_language_string_save("title", 2); $result['link'] = NULL; if (empty($result['title'])) { $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . " </p>"; return $result; } break; case 'menufunction': $result['title'] = process_language_string_save("title", 2); if (empty($result['title'])) { $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . " </p>"; return $result; } $result['link'] = sanitize($_POST['link'], 4); if (empty($result['link'])) { $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to provide a <strong>function</strong>!") . " </p>"; return $result; } break; case 'html': $result['title'] = process_language_string_save("title", 2); if (empty($result['title'])) { $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . " </p>"; return $result; } $result['link'] = sanitize($_POST['link'], 4); if (empty($result['link'])) { $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to provide a <strong>function</strong>!") . " </p>"; return $result; } break; default: $result['link'] = sanitize($_POST['link'], 4); break; } // update the category in the category table $sql = "UPDATE " . prefix('menu') . " SET title = " . db_quote($result['title']) . ", link = " . db_quote($result['link']) . ", type = " . db_quote($result['type']) . ", `show` = " . db_quote($result['show']) . ", menuset = " . db_quote($menuset) . ", include_li = " . $result['include_li'] . ", span_id = " . db_quote($result['span_id']) . ", span_class = " . db_quote($result['span_class']) . " WHERE `id` = " . $result['id']; if (query($sql)) { if (isset($_POST['title']) && empty($result['title'])) { $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>title</strong>!") . " </p>"; } else { if (isset($_POST['link']) && empty($result['link'])) { $reports[] = "<p class = 'errorbox fade-message'>" . gettext("You forgot to give your menu item a <strong>link</strong>!") . " </p>"; } else { $reports[] = "<p class = 'messagebox fade-message'>" . gettext("Menu item updated!") . " </p>"; } } } return $result; }
/** * Sends a trackback ping to external clients if trackback urls are discovered within * the content part of the $object (article or pages content, image or album descriptions) * and returns jQuery fade out message if none are found and on error or success. * * For admin backend filter use. * * @param string $message Message text * @param object $object The object of the item to check for trackback urls * @return string */ function sendTrackbackPing($message, $object) { global $_zp_trackback; $jsmessage = "\n\t<script language='javascript' type='text/javascript'>\n\t\tjQuery(function(\$){\n\t\t\t\$('.errorbox').fadeTo(5000, 1).fadeOut(1000);\n\t\t\t\$('.messagebox').fadeTo(5000, 1).fadeOut(1000);\n\t\t});\n\t</script>"; if (getCheckboxState("trackbackping")) { $message .= $_zp_trackback->sendTrackbackPing($message, $object); $message = $jsmessage . $message; } return $message; }