function plugin_list($message = '')
{
global $event;
pagetop(gTxt('tab_plugins'), $message);
echo '<h1 class="txp-heading">' . gTxt('tab_plugins') . '</h1>';
echo '<div id="' . $event . '_control" class="txp-control-panel">';
echo n . plugin_form() . n . '</div>';
extract(gpsa(array('sort', 'dir')));
if ($sort === '') {
$sort = get_pref('plugin_sort_column', 'name');
}
if ($dir === '') {
$dir = get_pref('plugin_sort_dir', 'asc');
}
$dir = $dir == 'desc' ? 'desc' : 'asc';
if (!in_array($sort, array('name', 'status', 'author', 'version', 'modified', 'load_order'))) {
$sort = 'name';
}
$sort_sql = $sort . ' ' . $dir;
set_pref('plugin_sort_column', $sort, 'plugin', 2, '', 0, PREF_PRIVATE);
set_pref('plugin_sort_dir', $dir, 'plugin', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$rs = safe_rows_start('name, status, author, author_uri, version, description, length(help) as help, abs(strcmp(md5(code),code_md5)) as modified, load_order, flags', 'txp_plugin', '1 order by ' . $sort_sql);
if ($rs and numRows($rs) > 0) {
echo n . '<div id="' . $event . '_container" class="txp-container">';
echo '<form action="index.php" id="plugin_form" class="multi_edit_form" method="post" name="longform">' . n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('plugin', 'name', 'plugin', true, $switch_dir, '', '', ('name' == $sort ? "{$dir} " : '') . 'name') . n . column_head('author', 'author', 'plugin', true, $switch_dir, '', '', ('author' == $sort ? "{$dir} " : '') . 'author') . n . column_head('version', 'version', 'plugin', true, $switch_dir, '', '', ('version' == $sort ? "{$dir} " : '') . 'version') . n . column_head('plugin_modified', 'modified', 'plugin', true, $switch_dir, '', '', ('modified' == $sort ? "{$dir} " : '') . 'modified') . n . hCell(gTxt('description'), '', ' class="description"') . n . column_head('active', 'status', 'plugin', true, $switch_dir, '', '', ('status' == $sort ? "{$dir} " : '') . 'status') . n . column_head('order', 'load_order', 'plugin', true, $switch_dir, '', '', ('load_order' == $sort ? "{$dir} " : '') . 'load-order') . n . hCell(gTxt('manage'), '', ' class="manage actions"')) . n . '</thead>';
echo '<tbody>';
while ($a = nextRow($rs)) {
foreach ($a as $key => $value) {
${$key} = txpspecialchars($value);
}
// Fix up the description for clean cases
$description = preg_replace(array('#<br />#', '#<(/?(a|b|i|em|strong))>#', '#<a href="(https?|\\.|\\/|ftp)([A-Za-z0-9:/?.=_]+?)">#'), array('<br />', '<$1>', '<a href="$1$2">'), $description);
$help = !empty($help) ? '<a class="plugin-help" href="?event=plugin' . a . 'step=plugin_help' . a . 'name=' . urlencode($name) . '">' . gTxt('help') . '</a>' : '';
$plugin_prefs = $flags & PLUGIN_HAS_PREFS ? '<a class="plugin-prefs" href="?event=plugin_prefs.' . urlencode($name) . '">' . gTxt('plugin_prefs') . '</a>' : '';
$manage = array();
if ($help) {
$manage[] = $help;
}
if ($plugin_prefs) {
$manage[] = $plugin_prefs;
}
$manage_items = $manage ? join(tag(sp . '|' . sp, 'span'), $manage) : '-';
$edit_url = eLink('plugin', 'plugin_edit', 'name', $name, $name);
echo tr(n . td(fInput('checkbox', 'selected[]', $name), '', 'multi-edit') . td($edit_url, '', 'name') . td(href($author, $author_uri, ' rel="external"'), '', 'author') . td($version, '', 'version') . td($modified ? '<span class="warning">' . gTxt('yes') . '</span>' : '', '', 'modified') . td($description, '', 'description') . td(status_link($status, $name, yes_no($status)), '', 'status') . td($load_order, '', 'load-order') . td($manage_items, '', 'manage'), $status ? ' class="active"' : '');
unset($name, $page, $deletelink);
}
echo '</tbody>', n, endTable(), n, '</div>', n, plugin_multiedit_form('', $sort, $dir, '', ''), n, tInput(), n, '</form>', n, '</div>';
// Show/hide "Options" link by setting the appropriate class on the plugins TR
echo script_js(<<<EOS
textpattern.Relay.register('txpAsyncHref.success', function(event, data) {
\t\$(data['this']).closest('tr').toggleClass('active');
});
EOS
);
}
}
function plugin_list($message = '')
{
global $event;
pagetop(gTxt('edit_plugins'), $message);
echo '<div id="' . $event . '_control" class="txp-control-panel">';
echo n . n . startTable('edit', '', 'plugin-install') . tr(tda(plugin_form(), ' colspan="8" style="height: 30px; border: none;"')) . endTable() . '</div>';
extract(gpsa(array('sort', 'dir')));
if ($sort === '') {
$sort = get_pref('plugin_sort_column', 'name');
}
if ($dir === '') {
$dir = get_pref('plugin_sort_dir', 'asc');
}
$dir = $dir == 'desc' ? 'desc' : 'asc';
if (!in_array($sort, array('name', 'status', 'author', 'version', 'modified', 'load_order'))) {
$sort = 'name';
}
$sort_sql = $sort . ' ' . $dir;
set_pref('plugin_sort_column', $sort, 'plugin', 2, '', 0, PREF_PRIVATE);
set_pref('plugin_sort_dir', $dir, 'plugin', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$rs = safe_rows_start('name, status, author, author_uri, version, description, length(help) as help, abs(strcmp(md5(code),code_md5)) as modified, load_order, flags', 'txp_plugin', '1 order by ' . $sort_sql);
if ($rs and numRows($rs) > 0) {
echo n . '<div id="' . $event . '_container" class="txp-container txp-list">';
echo '<form action="index.php" id="plugin_form" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list', '', 'list') . n . '<thead>' . tr(column_head('plugin', 'name', 'plugin', true, $switch_dir, '', '', ('name' == $sort ? "{$dir} " : '') . 'name') . column_head('author', 'author', 'plugin', true, $switch_dir, '', '', ('author' == $sort ? "{$dir} " : '') . 'author') . column_head('version', 'version', 'plugin', true, $switch_dir, '', '', ('version' == $sort ? "{$dir} " : '') . 'version') . column_head('plugin_modified', 'modified', 'plugin', true, $switch_dir, '', '', ('modified' == $sort ? "{$dir} " : '') . 'modified') . hCell(gTxt('description'), '', ' class="description"') . column_head('active', 'status', 'plugin', true, $switch_dir, '', '', ('status' == $sort ? "{$dir} " : '') . 'status') . column_head('order', 'load_order', 'plugin', true, $switch_dir, '', '', ('load_order' == $sort ? "{$dir} " : '') . 'load-order') . hCell(gTxt('manage'), '', ' class="manage actions"') . hCell('', '', ' class="multi-edit"')) . n . '</thead>';
$tfoot = n . '<tfoot>' . tr(tda(select_buttons() . plugin_multiedit_form('', $sort, $dir, '', ''), ' class="multi-edit" colspan="10" style="text-align: right; border: none;"')) . n . '</tfoot>';
echo $tfoot;
echo '<tbody>';
$ctr = 1;
while ($a = nextRow($rs)) {
foreach ($a as $key => $value) {
${$key} = htmlspecialchars($value);
}
// Fix up the description for clean cases
$description = preg_replace(array('#<br />#', '#<(/?(a|b|i|em|strong))>#', '#<a href="(https?|\\.|\\/|ftp)([A-Za-z0-9:/?.=_]+?)">#'), array('<br />', '<$1>', '<a href="$1$2">'), $description);
$help = !empty($help) ? n . t . '<li class="action-view"><a href="?event=plugin' . a . 'step=plugin_help' . a . 'name=' . urlencode($name) . '">' . gTxt('help') . '</a></li>' : '';
$plugin_prefs = $flags & PLUGIN_HAS_PREFS && $status ? n . t . '<li class="action-options"><a href="?event=plugin_prefs.' . urlencode($name) . '">' . gTxt('plugin_prefs') . '</a></li>' : '';
echo tr(n . td($name, '', 'name') . td(href($author, $author_uri), '', 'author') . td($version, 10, 'version') . td($modified ? gTxt('yes') : '', '', 'modified') . td($description, 260, 'description') . td(status_link($status, $name, yes_no($status)), 30, 'status') . td($load_order, '', 'load-order') . td(n . '<ul class="actions">' . $help . n . t . '<li class="action-edit">' . eLink('plugin', 'plugin_edit', 'name', $name, gTxt('edit')) . '</li>' . $plugin_prefs . n . '</ul>', '', 'manage') . td(fInput('checkbox', 'selected[]', $name), 30, 'multi-edit'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"');
$ctr++;
unset($name, $page, $deletelink);
}
echo '</tbody>' . n . endTable() . n . tInput() . n . '</form>' . n . '</div>';
}
}
function form($contents, $style = '', $onsubmit = '', $method = 'post', $class = '', $fragment = '', $id = '')
{
return n . '<form method="' . $method . '" action="index.php' . ($fragment ? '#' . $fragment . '"' : '"') . ($id ? ' id="' . $id . '"' : '') . ($class ? ' class="' . $class . '"' : '') . ($style ? ' style="' . $style . '"' : '') . ($onsubmit ? ' onsubmit="return ' . $onsubmit . '"' : '') . '>' . $contents . n . tInput() . n . '</form>' . n;
}
/**
* The main author list.
*
* @param string|array $message The activity message
*/
function author_list($message = '')
{
global $txp_user, $author_list_pageby;
pagetop(gTxt('tab_site_admin'), $message);
if (is_disabled('mail')) {
echo graf(span(null, array('class' => 'ui-icon ui-icon-alert')) . ' ' . gTxt('warn_mail_unavailable'), array('class' => 'alert-block warning'));
}
echo hed(gTxt('tab_site_admin'), 1, array('class' => 'txp-heading'));
echo n . '<div id="users_control" class="txp-control-panel">';
$buttons = array();
// Change password button.
$buttons[] = sLink('admin', 'new_pass_form', gTxt('change_password'));
if (!has_privs('admin.edit')) {
// Change email address button.
$buttons[] = sLink('admin', 'change_email_form', gTxt('change_email_address'));
} else {
// New author button.
$buttons[] = sLink('admin', 'author_edit', gTxt('add_new_author'));
}
echo graf(join(n, $buttons), array('class' => 'txp-buttons'));
// User list.
if (has_privs('admin.list')) {
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('admin_sort_column', 'name');
}
if ($dir === '') {
$dir = get_pref('admin_sort_dir', 'asc');
}
$dir = $dir == 'desc' ? 'desc' : 'asc';
if (!in_array($sort, array('name', 'RealName', 'email', 'privs', 'last_login'))) {
$sort = 'name';
}
$sort_sql = $sort . ' ' . $dir;
set_pref('admin_sort_column', $sort, 'admin', 2, '', 0, PREF_PRIVATE);
set_pref('admin_sort_dir', $dir, 'admin', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$verbatim = preg_match('/^"(.*)"$/', $crit, $m);
$crit_escaped = $verbatim ? doSlash($m[1]) : doLike($crit);
$critsql = $verbatim ? array('id' => "user_id in ('" . join("','", do_list($crit_escaped)) . "')", 'login' => "name = '{$crit_escaped}'", 'real_name' => "RealName = '{$crit_escaped}'", 'email' => "email = '{$crit_escaped}'", 'privs' => "convert(privs, char) in ('" . join("','", do_list($crit_escaped)) . "')") : array('id' => "user_id in ('" . join("','", do_list($crit_escaped)) . "')", 'login' => "name like '%{$crit_escaped}%'", 'real_name' => "RealName like '%{$crit_escaped}%'", 'email' => "email like '%{$crit_escaped}%'", 'privs' => "convert(privs, char) in ('" . join("','", do_list($crit_escaped)) . "')");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$criteria .= callback_event('admin_criteria', 'author_list', 0, $criteria);
$total = getCount('txp_users', $criteria);
if ($total < 1) {
if ($criteria != 1) {
echo n . author_search_form($crit, $search_method) . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($author_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
$use_multi_edit = has_privs('admin.edit') && safe_count('txp_users', '1=1') > 1;
echo author_search_form($crit, $search_method) . '</div>';
$rs = safe_rows_start('*, unix_timestamp(last_access) as last_login', 'txp_users', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
echo n . tag_start('div', array('id' => 'users_container', 'class' => 'txp-container')) . n . tag_start('form', array('action' => 'index.php', 'id' => 'users_form', 'class' => 'multi_edit_form', 'method' => 'post', 'name' => 'longform')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(($use_multi_edit ? hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' scope="col" title="' . gTxt('toggle_all_selected') . '" class="txp-list-col-multi-edit"') : hCell('', '', ' scope="col" class="txp-list-col-multi-edit"')) . column_head('login_name', 'name', 'admin', true, $switch_dir, '', '', ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-login-name name') . column_head('real_name', 'RealName', 'admin', true, $switch_dir, '', '', ('RealName' == $sort ? "{$dir} " : '') . 'txp-list-col-real-name name') . column_head('email', 'email', 'admin', true, $switch_dir, '', '', ('email' == $sort ? "{$dir} " : '') . 'txp-list-col-email') . column_head('privileges', 'privs', 'admin', true, $switch_dir, '', '', ('privs' == $sort ? "{$dir} " : '') . 'txp-list-col-privs') . column_head('last_login', 'last_login', 'admin', true, $switch_dir, '', '', ('last_login' == $sort ? "{$dir} " : '') . 'txp-list-col-last-login date')) . n . tag_end('thead') . n . tag_start('tbody');
while ($a = nextRow($rs)) {
extract(doSpecial($a));
echo tr(td((has_privs('admin.edit') and $txp_user != $a['name']) ? fInput('checkbox', 'selected[]', $a['name'], 'checkbox') : '', '', 'txp-list-col-multi-edit') . hCell(has_privs('admin.edit') ? eLink('admin', 'author_edit', 'user_id', $user_id, $name) : $name, '', ' scope="row" class="txp-list-col-login-name name"') . td($RealName, '', 'txp-list-col-real-name name') . td(href($email, 'mailto:' . $email), '', 'txp-list-col-email') . td(get_priv_level($privs), '', 'txp-list-col-privs') . td($last_login ? safe_strftime('%b %Y', $last_login) : '', '', 'txp-list-col-last-login date'));
}
echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . ($use_multi_edit ? author_multiedit_form($page, $sort, $dir, $crit, $search_method) : '') . tInput() . n . tag_end('form') . n . tag_start('div', array('id' => 'users_navigation', 'class' => 'txp-navigation')) . pageby_form('admin', $author_list_pageby) . nav_form('admin', $page, $numPages, $sort, $dir, $crit, $search_method) . n . tag_end('div') . n . tag_end('div');
}
} else {
echo n . tag_end('div');
}
}
/**
* The main panel listing all files.
*
* @param string|array $message The activity message
*/
function file_list($message = '')
{
global $file_base_path, $file_statuses, $file_list_pageby, $txp_user, $event;
pagetop(gTxt('tab_file'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('file_sort_column', 'filename');
} else {
if (!in_array($sort, array('id', 'description', 'category', 'title', 'downloads', 'author'))) {
$sort = 'filename';
}
set_pref('file_sort_column', $sort, 'file', PREF_HIDDEN, '', 0, PREF_PRIVATE);
}
if ($dir === '') {
$dir = get_pref('file_sort_dir', 'asc');
} else {
$dir = $dir == 'asc' ? "asc" : "desc";
set_pref('file_sort_dir', $dir, 'file', PREF_HIDDEN, '', 0, PREF_PRIVATE);
}
switch ($sort) {
case 'id':
$sort_sql = "txp_file.id {$dir}";
break;
case 'date':
$sort_sql = "txp_file.created {$dir}, txp_file.id ASC";
break;
case 'category':
$sort_sql = "txp_category.title {$dir}, txp_file.filename DESC";
break;
case 'title':
$sort_sql = "txp_file.title {$dir}, txp_file.filename DESC";
break;
case 'downloads':
$sort_sql = "txp_file.downloads {$dir}, txp_file.filename DESC";
break;
case 'author':
$sort_sql = "txp_users.RealName {$dir}, txp_file.id ASC";
break;
default:
$sort = 'filename';
$sort_sql = "txp_file.filename {$dir}";
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$search = new Filter($event, array('id' => array('column' => 'txp_file.id', 'label' => gTxt('ID'), 'type' => 'integer'), 'filename' => array('column' => 'txp_file.filename', 'label' => gTxt('file_name')), 'title' => array('column' => 'txp_file.title', 'label' => gTxt('title')), 'description' => array('column' => 'txp_file.description', 'label' => gTxt('description')), 'category' => array('column' => array('txp_file.category', 'txp_category.title'), 'label' => gTxt('file_category')), 'status' => array('column' => array('txp_file.status'), 'label' => gTxt('status'), 'type' => 'boolean'), 'author' => array('column' => array('txp_file.author', 'txp_users.RealName'), 'label' => gTxt('author'))));
$search->setAliases('status', $file_statuses);
list($criteria, $crit, $search_method) = $search->getFilter(array('id' => array('can_list' => true)));
$search_render_options = array('placeholder' => 'search_files');
$sql_from = safe_pfx_j('txp_file') . "\n LEFT JOIN " . safe_pfx_j('txp_category') . " ON txp_category.name = txp_file.category AND txp_category.type = 'file'\n LEFT JOIN " . safe_pfx_j('txp_users') . " ON txp_users.name = txp_file.author";
if ($criteria === 1) {
$total = safe_count('txp_file', $criteria);
} else {
$total = getThing("SELECT COUNT(*) FROM {$sql_from} WHERE {$criteria}");
}
echo n . tag(hed(gTxt('tab_file'), 1, array('class' => 'txp-heading')), 'div', array('class' => 'txp-layout-2col-cell-1'));
$searchBlock = n . tag($search->renderForm('file_list', $search_render_options), 'div', array('class' => 'txp-layout-2col-cell-2', 'id' => $event . '_control'));
$createBlock = array();
if (!is_dir($file_base_path) || !is_writeable($file_base_path)) {
$createBlock[] = graf(span(null, array('class' => 'ui-icon ui-icon-alert')) . ' ' . gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), array('class' => 'alert-block warning'));
} elseif (has_privs('file.edit.own')) {
$createBlock[] = n . tag_start('div', array('class' => 'txp-control-panel')) . n . file_upload_form('upload_file', 'upload', 'file_insert', '', '', '', '');
$existing_files = get_filenames();
if ($existing_files) {
$createBlock[] = form(eInput('file') . sInput('file_create') . tag(gTxt('existing_file'), 'label', array('for' => 'file-existing')) . selectInput('filename', $existing_files, '', 1, '', 'file-existing') . fInput('submit', '', gTxt('Create')), '', '', 'post', 'assign-existing-form', '', 'assign_file');
}
$createBlock[] = tag_end('div');
}
$contentBlockStart = n . tag_start('div', array('class' => 'txp-layout-1col', 'id' => $event . '_container'));
$createBlock = implode(n, $createBlock);
if ($total < 1) {
if ($criteria != 1) {
echo $searchBlock . $contentBlockStart . $createBlock . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_results_found'), array('class' => 'alert-block information'));
} else {
echo $contentBlockStart . $createBlock . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_files_recorded'), array('class' => 'alert-block information'));
}
echo n . tag_end('div');
return;
}
$limit = max($file_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo $searchBlock . $contentBlockStart . $createBlock;
$rs = safe_query("SELECT\n txp_file.id,\n txp_file.filename,\n txp_file.title,\n txp_file.category,\n txp_file.description,\n UNIX_TIMESTAMP(txp_file.created) AS uDate,\n txp_file.downloads,\n txp_file.status,\n txp_file.author,\n txp_users.RealName AS realname,\n txp_category.Title AS category_title\n FROM {$sql_from} WHERE {$criteria} ORDER BY {$sort_sql} LIMIT {$offset}, {$limit}");
if ($rs && numRows($rs)) {
$show_authors = !has_single_author('txp_file');
echo n . tag(toggle_box('files_detail'), 'div', array('class' => 'txp-list-options')) . n . tag_start('form', array('class' => 'multi_edit_form', 'id' => 'files_form', 'name' => 'longform', 'method' => 'post', 'action' => 'index.php')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' class="txp-list-col-multi-edit" scope="col" title="' . gTxt('toggle_all_selected') . '"') . column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'txp-list-col-id') . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method, ('filename' == $sort ? "{$dir} " : '') . 'txp-list-col-filename') . column_head('title', 'title', 'file', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'txp-list-col-title files_detail') . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'txp-list-col-created date files_detail') . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'txp-list-col-category category') . hCell(gTxt('tags'), '', ' class="txp-list-col-tag-build files_detail" scope="col"') . hCell(gTxt('status'), '', ' class="txp-list-col-status" scope="col"') . hCell(gTxt('condition'), '', ' class="txp-list-col-condition" scope="col"') . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method, ('downloads' == $sort ? "{$dir} " : '') . 'txp-list-col-downloads') . ($show_authors ? column_head('author', 'author', 'file', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'txp-list-col-author name') : '')) . n . tag_end('thead') . n . tag_start('tbody');
$validator = new Validator();
while ($a = nextRow($rs)) {
extract($a);
$filename = sanitizeForFile($filename);
$edit_url = array('event' => 'file', 'step' => 'file_edit', 'id' => $id, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit);
$tag_url = array('event' => 'tag', 'tag_name' => 'file_download_link', 'id' => $id, 'description' => $description, 'filename' => $filename);
$file_exists = file_exists(build_file_path($file_base_path, $filename));
$can_edit = has_privs('file.edit') || $author === $txp_user && has_privs('file.edit.own');
$validator->setConstraints(array(new CategoryConstraint($category, array('type' => 'file'))));
if ($validator->validate()) {
$vc = '';
} else {
$vc = ' error';
}
if ($file_exists) {
$downloads = make_download_link($id, $downloads, $filename);
$condition = span(gTxt('file_status_ok'), array('class' => 'success'));
} else {
$condition = span(gTxt('file_status_missing'), array('class' => 'error'));
}
if ($category) {
$category = span(txpspecialchars($category_title), array('title' => $category));
}
if ($can_edit) {
$name = href(txpspecialchars($filename), $edit_url, array('title' => gTxt('edit')));
} else {
$name = txpspecialchars($filename);
}
if ($can_edit) {
$id_column = href($id, $edit_url, array('title' => gTxt('edit')));
$multi_edit = fInput('checkbox', 'selected[]', $id);
} else {
$id_column = $id;
$multi_edit = '';
}
if ($file_exists) {
$id_column .= sp . span(span('[', array('aria-hidden' => 'true')) . make_download_link($id, gTxt('download'), $filename) . span(']', array('aria-hidden' => 'true')), array('class' => 'txp-option-link'));
}
if (isset($file_statuses[$status])) {
$status = $file_statuses[$status];
} else {
$status = span(gTxt('none'), array('class' => 'error'));
}
echo tr(td($multi_edit, '', 'txp-list-col-multi-edit') . hCell($id_column, '', array('class' => 'txp-list-col-id', 'scope' => 'row')) . td($name, '', 'txp-list-col-filename') . td(txpspecialchars($title), '', 'txp-list-col-title files_detail') . td(gTime($uDate), '', 'txp-list-col-created date files_detail') . td($category, '', 'txp-list-col-category category' . $vc) . td(href('Textile', $tag_url + array('type' => 'textile'), ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('|', array('role' => 'separator')) . sp . href('Textpattern', $tag_url + array('type' => 'textpattern'), ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('|', array('role' => 'separator')) . sp . href('HTML', $tag_url + array('type' => 'html'), ' target="_blank" onclick="popWin(this.href); return false;"'), '', 'txp-list-col-tag-build files_detail') . td($status, '', 'txp-list-col-status') . td($condition, '', 'txp-list-col-condition') . td($downloads, '', 'txp-list-col-downloads') . ($show_authors ? td(span(txpspecialchars($realname), array('title' => $author)), '', 'txp-list-col-author name') : ''));
}
echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . file_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . n . tag_start('div', array('class' => 'txp-navigation', 'id' => $event . '_navigation')) . pageby_form('file', $file_list_pageby) . nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div');
}
}
/**
* The main panel listing all articles.
*
* @param string|array $message The activity message
* @param string $post Not used
*/
function list_list($message = '', $post = '')
{
global $statuses, $use_comments, $comments_disabled_after, $step, $txp_user, $article_list_pageby, $event;
pagetop(gTxt('tab_list'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('article_sort_column', 'posted');
} else {
if (!in_array($sort, array('id', 'title', 'expires', 'section', 'category1', 'category2', 'status', 'author', 'comments', 'lastmod'))) {
$sort = 'posted';
}
set_pref('article_sort_column', $sort, 'list', 2, '', 0, PREF_PRIVATE);
}
if ($dir === '') {
$dir = get_pref('article_sort_dir', 'desc');
} else {
$dir = $dir == 'asc' ? "asc" : "desc";
set_pref('article_sort_dir', $dir, 'list', 2, '', 0, PREF_PRIVATE);
}
$sesutats = array_flip($statuses);
switch ($sort) {
case 'id':
$sort_sql = "textpattern.ID {$dir}";
break;
case 'title':
$sort_sql = "textpattern.Title {$dir}, textpattern.Posted DESC";
break;
case 'expires':
$sort_sql = "textpattern.Expires {$dir}";
break;
case 'section':
$sort_sql = "section.title {$dir}, textpattern.Posted DESC";
break;
case 'category1':
$sort_sql = "category1.title {$dir}, textpattern.Posted DESC";
break;
case 'category2':
$sort_sql = "category2.title {$dir}, textpattern.Posted DESC";
break;
case 'status':
$sort_sql = "textpattern.Status {$dir}, textpattern.Posted DESC";
break;
case 'author':
$sort_sql = "user.RealName {$dir}, textpattern.Posted DESC";
break;
case 'comments':
$sort_sql = "textpattern.comments_count {$dir}, textpattern.Posted DESC";
break;
case 'lastmod':
$sort_sql = "textpattern.LastMod {$dir}, textpattern.Posted DESC";
break;
default:
$sort = 'posted';
$sort_sql = "textpattern.Posted {$dir}";
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$search = new Filter($event, array('id' => array('column' => 'textpattern.ID', 'label' => gTxt('ID'), 'type' => 'integer'), 'title_body_excerpt' => array('column' => array('textpattern.Title', 'textpattern.Body', 'textpattern.Excerpt'), 'label' => gTxt('title_body_excerpt')), 'section' => array('column' => array('textpattern.Section', 'section.title'), 'label' => gTxt('section')), 'keywords' => array('column' => 'textpattern.Keywords', 'label' => gTxt('keywords'), 'type' => 'find_in_set'), 'categories' => array('column' => array('textpattern.Category1', 'textpattern.Category2', 'category1.title', 'category2.title'), 'label' => gTxt('categories')), 'status' => array('column' => array('textpattern.Status'), 'label' => gTxt('status'), 'type' => 'boolean'), 'author' => array('column' => array('textpattern.AuthorID', 'user.RealName'), 'label' => gTxt('author')), 'article_image' => array('column' => array('textpattern.Image'), 'label' => gTxt('article_image'), 'type' => 'integer'), 'posted' => array('column' => array('textpattern.Posted'), 'label' => gTxt('posted')), 'lastmod' => array('column' => array('textpattern.LastMod'), 'label' => gTxt('article_modified'))));
$search->setAliases('status', $statuses);
list($criteria, $crit, $search_method) = $search->getFilter(array('id' => array('can_list' => true), 'article_image' => array('can_list' => true), 'title_body_excerpt' => array('always_like' => true)));
$search_render_options = array('placeholder' => 'search_articles');
$sql_from = safe_pfx('textpattern') . " textpattern\n LEFT JOIN " . safe_pfx('txp_category') . " category1 ON category1.name = textpattern.Category1 AND category1.type = 'article'\n LEFT JOIN " . safe_pfx('txp_category') . " category2 ON category2.name = textpattern.Category2 AND category2.type = 'article'\n LEFT JOIN " . safe_pfx('txp_section') . " section ON section.name = textpattern.Section\n LEFT JOIN " . safe_pfx('txp_users') . " user ON user.name = textpattern.AuthorID";
if ($criteria === 1) {
$total = safe_count('textpattern', $criteria);
} else {
$total = getThing("SELECT COUNT(*) FROM {$sql_from} WHERE {$criteria}");
}
echo n . tag(hed(gTxt('tab_list'), 1, array('class' => 'txp-heading')), 'div', array('class' => 'txp-layout-2col-cell-1'));
$searchBlock = n . tag($search->renderForm('list', $search_render_options), 'div', array('class' => 'txp-layout-2col-cell-2', 'id' => $event . '_control'));
$createBlock = array();
if (has_privs('article.edit')) {
$createBlock[] = n . tag(sLink('article', '', gTxt('add_new_article'), 'txp-button'), 'div', array('class' => 'txp-control-panel'));
}
$contentBlockStart = n . tag_start('div', array('class' => 'txp-layout-1col', 'id' => $event . '_container'));
$createBlock = implode(n, $createBlock);
if ($total < 1) {
if ($criteria != 1) {
echo $searchBlock . $contentBlockStart . $createBlock . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_results_found'), array('class' => 'alert-block information'));
} else {
echo $contentBlockStart . $createBlock . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_articles_recorded'), array('class' => 'alert-block information'));
}
echo n . tag_end('div');
return;
}
$limit = max($article_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo $searchBlock . $contentBlockStart . $createBlock;
$rs = safe_query("SELECT\n textpattern.ID, textpattern.Title, textpattern.url_title, textpattern.Section,\n textpattern.Category1, textpattern.Category2,\n textpattern.Status, textpattern.Annotate, textpattern.AuthorID,\n UNIX_TIMESTAMP(textpattern.Posted) AS posted,\n UNIX_TIMESTAMP(textpattern.LastMod) AS lastmod,\n UNIX_TIMESTAMP(textpattern.Expires) AS expires,\n category1.title AS category1_title,\n category2.title AS category2_title,\n section.title AS section_title,\n user.RealName AS RealName,\n (SELECT COUNT(*) FROM " . safe_pfx('txp_discuss') . " WHERE parentid = textpattern.ID) AS total_comments\n FROM {$sql_from} WHERE {$criteria} ORDER BY {$sort_sql} LIMIT {$offset}, {$limit}");
if ($rs) {
$show_authors = !has_single_author('textpattern', 'AuthorID');
echo n . tag(toggle_box('articles_detail'), 'div', array('class' => 'txp-list-options')) . n . tag_start('form', array('class' => 'multi_edit_form', 'id' => 'articles_form', 'name' => 'longform', 'method' => 'post', 'action' => 'index.php')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' class="txp-list-col-multi-edit" scope="col" title="' . gTxt('toggle_all_selected') . '"') . column_head('ID', 'id', 'list', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'txp-list-col-id') . column_head('title', 'title', 'list', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'txp-list-col-title') . column_head('posted', 'posted', 'list', true, $switch_dir, $crit, $search_method, ('posted' == $sort ? "{$dir} " : '') . 'txp-list-col-created date') . column_head('article_modified', 'lastmod', 'list', true, $switch_dir, $crit, $search_method, ('lastmod' == $sort ? "{$dir} " : '') . 'txp-list-col-lastmod date articles_detail') . column_head('expires', 'expires', 'list', true, $switch_dir, $crit, $search_method, ('expires' == $sort ? "{$dir} " : '') . 'txp-list-col-expires date articles_detail') . column_head('section', 'section', 'list', true, $switch_dir, $crit, $search_method, ('section' == $sort ? "{$dir} " : '') . 'txp-list-col-section') . column_head('category1', 'category1', 'list', true, $switch_dir, $crit, $search_method, ('category1' == $sort ? "{$dir} " : '') . 'txp-list-col-category1 category articles_detail') . column_head('category2', 'category2', 'list', true, $switch_dir, $crit, $search_method, ('category2' == $sort ? "{$dir} " : '') . 'txp-list-col-category2 category articles_detail') . column_head('status', 'status', 'list', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'txp-list-col-status') . ($show_authors ? column_head('author', 'author', 'list', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'txp-list-col-author name') : '') . ($use_comments == 1 ? column_head('comments', 'comments', 'list', true, $switch_dir, $crit, $search_method, ('comments' == $sort ? "{$dir} " : '') . 'txp-list-col-comments articles_detail') : '')) . n . tag_end('thead');
include_once txpath . '/publish/taghandlers.php';
echo n . tag_start('tbody');
$validator = new Validator();
while ($a = nextRow($rs)) {
extract($a);
if ($Title === '') {
$Title = '<em>' . eLink('article', 'edit', 'ID', $ID, gTxt('untitled')) . '</em>';
} else {
$Title = eLink('article', 'edit', 'ID', $ID, $Title);
}
// Valid section and categories?
$validator->setConstraints(array(new SectionConstraint($Section)));
$vs = $validator->validate() ? '' : ' error';
$validator->setConstraints(array(new CategoryConstraint($Category1, array('type' => 'article'))));
$vc[1] = $validator->validate() ? '' : ' error';
$validator->setConstraints(array(new CategoryConstraint($Category2, array('type' => 'article'))));
$vc[2] = $validator->validate() ? '' : ' error';
$Category1 = $Category1 ? span(txpspecialchars($category1_title), array('title' => $Category1)) : '';
$Category2 = $Category2 ? span(txpspecialchars($category2_title), array('title' => $Category2)) : '';
if ($Status != STATUS_LIVE and $Status != STATUS_STICKY) {
$view_url = '?txpreview=' . intval($ID) . '.' . time();
} else {
$view_url = permlinkurl($a);
}
if (isset($statuses[$Status])) {
$Status = $statuses[$Status];
}
$comments = '(' . $total_comments . ')';
if ($total_comments) {
$comments = href($comments, array('event' => 'discuss', 'step' => 'list', 'search_method' => 'parent', 'crit' => $ID), array('title' => gTxt('manage')));
}
$comment_status = $Annotate ? gTxt('on') : gTxt('off');
if ($comments_disabled_after) {
$lifespan = $comments_disabled_after * 86400;
$time_since = time() - $posted;
if ($time_since > $lifespan) {
$comment_status = gTxt('expired');
}
}
$comments = tag($comment_status, 'span', array('class' => 'comments-status')) . ' ' . tag($comments, 'span', array('class' => 'comments-manage'));
echo tr(td(($a['Status'] >= STATUS_LIVE and has_privs('article.edit.published') or $a['Status'] >= STATUS_LIVE and $AuthorID === $txp_user and has_privs('article.edit.own.published') or $a['Status'] < STATUS_LIVE and has_privs('article.edit') or $a['Status'] < STATUS_LIVE and $AuthorID === $txp_user and has_privs('article.edit.own')) ? fInput('checkbox', 'selected[]', $ID, 'checkbox') : '', '', 'txp-list-col-multi-edit') . hCell(eLink('article', 'edit', 'ID', $ID, $ID) . sp . span(span('[', array('aria-hidden' => 'true')) . href(gTxt('view'), $view_url) . span(']', array('aria-hidden' => 'true')), array('class' => 'txp-option-link articles_detail')), '', ' class="txp-list-col-id" scope="row"') . td($Title, '', 'txp-list-col-title') . td(gTime($posted), '', 'txp-list-col-created date' . ($posted < time() ? '' : ' unpublished')) . td(gTime($lastmod), '', 'txp-list-col-lastmod date articles_detail' . ($posted === $lastmod ? ' not-modified' : '')) . td($expires ? gTime($expires) : '', '', 'txp-list-col-expires date articles_detail') . td(span(txpspecialchars($section_title), array('title' => $Section)), '', 'txp-list-col-section' . $vs) . td($Category1, '', 'txp-list-col-category1 category articles_detail' . $vc[1]) . td($Category2, '', 'txp-list-col-category2 category articles_detail' . $vc[2]) . td(href($Status, $view_url, join_atts(array('title' => gTxt('view')))), '', 'txp-list-col-status') . ($show_authors ? td(span(txpspecialchars($RealName), array('title' => $AuthorID)), '', 'txp-list-col-author name') : '') . ($use_comments ? td($comments, '', 'txp-list-col-comments articles_detail') : ''));
}
echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . list_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . n . tag_start('div', array('class' => 'txp-navigation', 'id' => $event . '_navigation')) . pageby_form('list', $article_list_pageby) . nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div');
}
echo n . tag_end('div');
}
/**
* Renders the list of preferences.
*
* Plugins may add their own prefs, for example by using plugin lifecycle events or
* raising a (pre) callback on event=admin / step=prefs_list so they are installed
* or updated when accessing the Preferences panel. Access to the prefs can be
* controlled by using add_privs() on 'prefs.your-prefs-event-name'.
*
* @param string $message The feedback / error string to display
*/
function prefs_list($message = '')
{
global $prefs, $txp_user;
extract($prefs);
pagetop(gTxt('tab_preferences'), $message);
$locale = setlocale(LC_ALL, $locale);
echo hed(gTxt('tab_preferences'), 1, array('class' => 'txp-heading'));
echo n . '<div id="prefs_container" class="txp-container">' . n . '<form method="post" class="prefs-form" action="index.php">' . n . '<div class="txp-layout-textbox">';
// TODO: remove 'custom' when custom fields are refactored.
$core_events = array('site', 'admin', 'publish', 'feeds', 'comments', 'custom');
$joined_core = join(',', quote_list($core_events));
$sql = array();
$sql[] = 'prefs_id = 1 and event != "" and type in(' . PREF_CORE . ', ' . PREF_PLUGIN . ')';
$sql[] = "(user_name = '' or (user_name='" . doSlash($txp_user) . "' and name not in(\n select name from " . safe_pfx('txp_prefs') . " where user_name = ''\n )))";
if (!get_pref('use_comments', 1, 1)) {
$sql[] = "event != 'comments'";
}
$rs = safe_rows_start("*, FIELD(event,{$joined_core}) as sort_value", 'txp_prefs', join(' and ', $sql) . " ORDER BY sort_value = 0, sort_value, event, position");
$last_event = null;
$out = array();
if (numRows($rs)) {
while ($a = nextRow($rs)) {
if (!has_privs('prefs.' . $a['event'])) {
continue;
}
if ($a['event'] !== $last_event) {
if ($last_event !== null) {
echo wrapRegion('prefs_group_' . $last_event, join(n, $out), 'prefs_' . $last_event, $last_event, 'prefs_' . $last_event);
}
$last_event = $a['event'];
$out = array();
}
$label = '';
if (!in_array($a['html'], array('yesnoradio', 'is_dst'))) {
$label = $a['name'];
}
// TODO: remove exception when custom fields move to meta store.
$help = '';
if (strpos($a['name'], 'custom_') === false) {
$help = $a['name'];
}
if ($a['html'] == 'text_input') {
$size = INPUT_REGULAR;
} else {
$size = '';
}
$out[] = inputLabel($a['name'], pref_func($a['html'], $a['name'], $a['val'], $size), $label, $help, array('id' => 'prefs-' . $a['name']));
}
}
if ($last_event === null) {
echo graf(gTxt('no_preferences'));
} else {
echo wrapRegion('prefs_group_' . $last_event, join(n, $out), 'prefs_' . $last_event, $last_event, 'prefs_' . $last_event);
}
echo n . '</div>' . sInput('prefs_save') . eInput('prefs') . hInput('prefs_id', '1') . tInput();
if ($last_event !== null) {
echo graf(fInput('submit', 'Submit', gTxt('save'), 'publish'));
}
echo n . '</form>' . n . '</div>';
}
/**
* The main panel listing all sections.
*
* So-named to avoid clashing with the <txp:section_list /> tag.
*
* @param string|array $message The activity message
*/
function sec_section_list($message = '')
{
global $event, $section_list_pageby;
pagetop(gTxt('tab_sections'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('section_sort_column', 'time');
}
if ($dir === '') {
$dir = get_pref('section_sort_dir', 'desc');
}
$dir = $dir == 'asc' ? 'asc' : 'desc';
switch ($sort) {
case 'title':
$sort_sql = 'title ' . $dir;
break;
case 'page':
$sort_sql = 'page ' . $dir;
break;
case 'css':
$sort_sql = 'css ' . $dir;
break;
case 'in_rss':
$sort_sql = 'in_rss ' . $dir;
break;
case 'on_frontpage':
$sort_sql = 'on_frontpage ' . $dir;
break;
case 'searchable':
$sort_sql = 'searchable ' . $dir;
break;
case 'article_count':
$sort_sql = 'article_count ' . $dir;
break;
default:
$sort_sql = 'name ' . $dir;
break;
}
set_pref('section_sort_column', $sort, 'section', 2, '', 0, PREF_PRIVATE);
set_pref('section_sort_dir', $dir, 'section', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$verbatim = preg_match('/^"(.*)"$/', $crit, $m);
$crit_escaped = $verbatim ? doSlash($m[1]) : doLike($crit);
$critsql = $verbatim ? array('name' => "name = '{$crit_escaped}'", 'title' => "title = '{$crit_escaped}'", 'page' => "page = '{$crit_escaped}'", 'css' => "css = '{$crit_escaped}'", 'description' => "description = '{$crit_escaped}'") : array('name' => "name like '%{$crit_escaped}%'", 'title' => "title like '%{$crit_escaped}%'", 'page' => "page like '%{$crit_escaped}%'", 'css' => "css like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'");
if ($verbatim) {
$critsql['in_rss'] = "('{$crit_escaped}' in ('" . doSlash(gTxt('yes')) . "', 1) and in_rss = 1) or\n ('{$crit_escaped}' in ('" . doSlash(gTxt('no')) . "', '0') and in_rss = 0)";
$critsql['on_frontpage'] = "('{$crit_escaped}' in ('" . doSlash(gTxt('yes')) . "', 1) and on_frontpage = 1) or\n ('{$crit_escaped}' in ('" . doSlash(gTxt('no')) . "', '0') and on_frontpage = 0)";
$critsql['searchable'] = "('{$crit_escaped}' in ('" . doSlash(gTxt('yes')) . "', 1) and searchable = 1) or\n ('{$crit_escaped}' in ('" . doSlash(gTxt('no')) . "', '0') and searchable = 0)";
} else {
$critsql['in_rss'] = "(('" . doSlash(gTxt('yes')) . "' like '%{$crit_escaped}%' or '{$crit_escaped}' = 1) and in_rss = 1) or\n (('" . doSlash(gTxt('no')) . "' like '%{$crit_escaped}%' or '{$crit_escaped}' = '0') and in_rss = 0)";
$critsql['on_frontpage'] = "(('" . doSlash(gTxt('yes')) . "' like '%{$crit_escaped}%' or '{$crit_escaped}' = 1) and on_frontpage = 1) or\n (('" . doSlash(gTxt('no')) . "' like '%{$crit_escaped}%' or '{$crit_escaped}' = '0') and on_frontpage = 0)";
$critsql['searchable'] = "(('" . doSlash(gTxt('yes')) . "' like '%{$crit_escaped}%' or '{$crit_escaped}' = 1) and searchable = 1) or\n (('" . doSlash(gTxt('no')) . "' like '%{$crit_escaped}%' or '{$crit_escaped}' = '0') and searchable = 0)";
}
$search_sql = array();
foreach ((array) $search_method as $method) {
if (isset($critsql[$method])) {
$search_sql[] = $critsql[$method];
}
}
if ($search_sql) {
$criteria = join(' or ', $search_sql);
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$criteria .= callback_event('admin_criteria', 'section_list', 0, $criteria);
$total = safe_count('txp_section', $criteria);
echo hed(gTxt('tab_sections') . popHelp('section_category'), 1, array('class' => 'txp-heading')) . n . tag_start('div', array('id' => $event . '_control', 'class' => 'txp-control-panel')) . graf(sLink('section', 'section_edit', gTxt('create_section')), array('class' => 'txp-buttons')) . n . tag_start('form', array('id' => 'default_section_form', 'name' => 'default_section_form', 'method' => 'post', 'action' => 'index.php', 'class' => 'async')) . graf(tag(gTxt('default_write_section'), 'label', array('for' => 'default_section')) . popHelp('section_default') . section_select_list()) . eInput('section') . sInput('section_set_default') . n . tag_end('form');
if ($total < 1) {
if ($criteria != 1) {
echo section_search_form($crit, $search_method) . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($section_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo section_search_form($crit, $search_method) . '</div>';
$rs = safe_rows_start('*, (select count(*) from ' . safe_pfx_j('textpattern') . ' where textpattern.Section = txp_section.name) as article_count', 'txp_section', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
echo n . tag_start('div', array('id' => $event . '_container', 'class' => 'txp-container')) . n . tag_start('form', array('action' => 'index.php', 'id' => 'section_form', 'class' => 'multi_edit_form', 'method' => 'post', 'name' => 'longform')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' scope="col" title="' . gTxt('toggle_all_selected') . '" class="txp-list-col-multi-edit"') . column_head('name', 'name', 'section', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-name') . column_head('title', 'title', 'section', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'txp-list-col-title') . column_head('page', 'page', 'section', true, $switch_dir, $crit, $search_method, ('page' == $sort ? "{$dir} " : '') . 'txp-list-col-page') . column_head('css', 'css', 'section', true, $switch_dir, $crit, $search_method, ('css' == $sort ? "{$dir} " : '') . 'txp-list-col-style') . column_head('on_front_page', 'on_frontpage', 'section', true, $switch_dir, $crit, $search_method, ('on_frontpage' == $sort ? "{$dir} " : '') . 'txp-list-col-frontpage section_detail') . column_head('syndicate', 'in_rss', 'section', true, $switch_dir, $crit, $search_method, ('in_rss' == $sort ? "{$dir} " : '') . 'txp-list-col-syndicate section_detail') . column_head('include_in_search', 'searchable', 'section', true, $switch_dir, $crit, $search_method, ('searchable' == $sort ? "{$dir} " : '') . 'txp-list-col-searchable section_detail') . column_head('articles', 'article_count', 'section', true, $switch_dir, $crit, $search_method, ('article_count' == $sort ? "{$dir} " : '') . 'txp-list-col-article_count section_detail')) . n . tag_end('thead') . n . tag_start('tbody');
while ($a = nextRow($rs)) {
extract($a, EXTR_PREFIX_ALL, 'sec');
$edit_url = array('event' => 'section', 'step' => 'section_edit', 'name' => $sec_name, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit);
if ($sec_name == 'default') {
$articles = $sec_searchable = $sec_in_rss = $sec_on_frontpage = '-';
} else {
$sec_on_frontpage = asyncHref(yes_no($sec_on_frontpage), array('step' => 'section_toggle_option', 'thing' => $sec_name, 'property' => 'on_frontpage'));
$sec_in_rss = asyncHref(yes_no($sec_in_rss), array('step' => 'section_toggle_option', 'thing' => $sec_name, 'property' => 'in_rss'));
$sec_searchable = asyncHref(yes_no($sec_searchable), array('step' => 'section_toggle_option', 'thing' => $sec_name, 'property' => 'searchable'));
if ($sec_article_count > 0) {
$articles = href($sec_article_count, array('event' => 'list', 'search_method' => 'section', 'crit' => '"' . $sec_name . '"'), array('title' => gTxt('article_count', array('{num}' => $sec_article_count))));
} else {
$articles = 0;
}
}
$sec_page = href(txpspecialchars($sec_page), array('event' => 'page', 'name' => $sec_page), array('title' => gTxt('edit')));
$sec_css = href(txpspecialchars($sec_css), array('event' => 'css', 'name' => $sec_css), array('title' => gTxt('edit')));
echo tr(td(fInput('checkbox', 'selected[]', $sec_name), '', 'txp-list-col-multi-edit') . hCell(href(txpspecialchars($sec_name), $edit_url, array('title' => gTxt('edit'))) . sp . span(span('[', array('aria-hidden' => 'true')) . href(gTxt('view'), pagelinkurl(array('s' => $sec_name))) . span(']', array('aria-hidden' => 'true')), array('class' => 'section_detail')), '', array('scope' => 'row', 'class' => 'txp-list-col-name')) . td(txpspecialchars($sec_title), '', 'txp-list-col-title') . td($sec_page, '', 'txp-list-col-page') . td($sec_css, '', 'txp-list-col-style') . td($sec_on_frontpage, '', 'txp-list-col-frontpage section_detail') . td($sec_in_rss, '', 'txp-list-col-syndicate section_detail') . td($sec_searchable, '', 'txp-list-col-searchable section_detail') . td($articles, '', 'txp-list-col-article_count section_detail'), array('id' => 'txp_section_' . $sec_name));
}
echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . section_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . graf(toggle_box('section_detail'), array('class' => 'detail-toggle')) . n . tag_start('div', array('id' => $event . '_navigation', 'class' => 'txp-navigation')) . pageby_form('section', $section_list_pageby) . nav_form('section', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div') . n . tag_end('div');
}
}
function log_list($message = '')
{
global $event, $log_list_pageby, $expire_logs_after;
pagetop(gTxt('tab_logs'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('log_sort_column', 'time');
}
if ($dir === '') {
$dir = get_pref('log_sort_dir', 'desc');
}
$dir = $dir == 'asc' ? 'asc' : 'desc';
$expire_logs_after = assert_int($expire_logs_after);
safe_delete('txp_log', "time < date_sub(now(), interval {$expire_logs_after} day)");
switch ($sort) {
case 'ip':
$sort_sql = 'ip ' . $dir;
break;
case 'host':
$sort_sql = 'host ' . $dir;
break;
case 'page':
$sort_sql = 'page ' . $dir;
break;
case 'refer':
$sort_sql = 'refer ' . $dir;
break;
case 'method':
$sort_sql = 'method ' . $dir;
break;
case 'status':
$sort_sql = 'status ' . $dir;
break;
default:
$sort = 'time';
$sort_sql = 'time ' . $dir;
break;
}
set_pref('log_sort_column', $sort, 'log', 2, '', 0, PREF_PRIVATE);
set_pref('log_sort_dir', $dir, 'log', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$verbatim = preg_match('/^"(.*)"$/', $crit, $m);
$crit_escaped = doSlash($verbatim ? $m[1] : str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
$critsql = $verbatim ? array('ip' => "ip = '{$crit_escaped}'", 'host' => "host = '{$crit_escaped}'", 'page' => "page = '{$crit_escaped}'", 'refer' => "refer = '{$crit_escaped}'", 'method' => "method = '{$crit_escaped}'", 'status' => "status = '{$crit_escaped}'") : array('ip' => "ip like '%{$crit_escaped}%'", 'host' => "host like '%{$crit_escaped}%'", 'page' => "page like '%{$crit_escaped}%'", 'refer' => "refer like '%{$crit_escaped}%'", 'method' => "method like '%{$crit_escaped}%'", 'status' => "status like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$criteria .= callback_event('admin_criteria', 'log_list', 0, $criteria);
$total = safe_count('txp_log', "{$criteria}");
echo '<h1 class="txp-heading">' . gTxt('tab_logs') . '</h1>';
echo '<div id="' . $event . '_control" class="txp-control-panel">';
if ($total < 1) {
if ($criteria != 1) {
echo n . log_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo graf(gTxt('no_refers_recorded'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($log_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo n . log_search_form($crit, $search_method) . '</div>';
$rs = safe_rows_start('*, unix_timestamp(time) as uTime', 'txp_log', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
echo n . '<div id="' . $event . '_container" class="txp-container">';
echo n . n . '<form action="index.php" id="log_form" class="multi_edit_form" method="post" name="longform">' . n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . n . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('time', 'time', 'log', true, $switch_dir, $crit, $search_method, ('time' == $sort ? "{$dir} " : '') . 'date time') . n . column_head('IP', 'ip', 'log', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'log_detail ip') . n . column_head('host', 'host', 'log', true, $switch_dir, $crit, $search_method, ('host' == $sort ? "{$dir} " : '') . 'host') . n . column_head('page', 'page', 'log', true, $switch_dir, $crit, $search_method, ('page' == $sort ? "{$dir} " : '') . 'page') . n . column_head('referrer', 'refer', 'log', true, $switch_dir, $crit, $search_method, ('refer' == $sort ? "{$dir} " : '') . 'refer') . n . column_head('method', 'method', 'log', true, $switch_dir, $crit, $search_method, ('method' == $sort ? "{$dir} " : '') . 'log_detail method') . n . column_head('status', 'status', 'log', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'log_detail status')) . n . '</thead>';
echo '<tbody>';
while ($a = nextRow($rs)) {
extract($a, EXTR_PREFIX_ALL, 'log');
if ($log_refer) {
$log_refer = 'http://' . $log_refer;
$log_refer = '<a href="' . txpspecialchars($log_refer) . '" target="_blank">' . txpspecialchars(soft_wrap($log_refer, 30)) . '</a>';
}
if ($log_page) {
$log_anchor = preg_replace('/\\/$/', '', $log_page);
$log_anchor = soft_wrap(substr($log_anchor, 1), 30);
$log_page = '<a href="' . txpspecialchars($log_page) . '" target="_blank">' . txpspecialchars($log_anchor) . '</a>';
if ($log_method == 'POST') {
$log_page = '<strong>' . $log_page . '</strong>';
}
}
echo tr(n . td(fInput('checkbox', 'selected[]', $log_id), '', 'multi-edit') . td(gTime($log_uTime), '', 'date time') . td(txpspecialchars($log_ip), '', 'log_detail ip') . td(txpspecialchars(soft_wrap($log_host, 30)), '', 'host') . td($log_page, '', 'page') . td($log_refer, '', 'refer') . td(txpspecialchars($log_method), '', 'log_detail method') . td($log_status, '', 'log_detail status'));
}
echo '</tbody>', n, endTable(), n, '</div>', n, log_multiedit_form($page, $sort, $dir, $crit, $search_method), n, tInput(), n, '</form>', n, graf(toggle_box('log_detail'), ' class="detail-toggle"'), n, '<div id="' . $event . '_navigation" class="txp-navigation">', n, nav_form('log', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit), n, pageby_form('log', $log_list_pageby), n, '</div>', n, '</div>';
}
}
function advanced_prefs($message = '')
{
echo pagetop(gTxt('advanced_preferences'), $message) . n . '<h1 class="txp-heading">' . gTxt('tab_preferences') . '</h1>' . n . '<div id="prefs_container" class="txp-container">' . n . n . '<form method="post" class="prefs-form advanced" action="index.php">' . n . '<p class="nav-tertiary">' . sLink('prefs', 'prefs_list', gTxt('site_prefs'), 'navlink') . sLink('prefs', 'advanced_prefs', gTxt('advanced_preferences'), 'navlink-active') . sLink('prefs', 'list_languages', gTxt('manage_languages'), 'navlink') . n . '</p>' . n . n . startTable('', '', 'txp-list') . '<tbody>';
$rs = safe_rows_start('*', 'txp_prefs', "type = 1 and prefs_id = 1 order by event, position");
$cur_evt = '';
while ($a = nextRow($rs)) {
$headingPopHelp = strpos($a['name'], 'custom_') !== false;
if ($a['event'] != $cur_evt) {
$cur_evt = $a['event'];
echo n . n . tr(tdcs(hed(gTxt($a['event']) . ($headingPopHelp ? n . popHelp($a['name']) : ''), 3, ' class="' . $a['event'] . '-prefs"'), 2), ' class="pref-heading"');
}
$label = !in_array($a['html'], array('yesnoradio', 'is_dst')) ? '<label for="' . $a['name'] . '">' . gTxt($a['name']) . '</label>' : gTxt($a['name']);
$out = tda($label . ($headingPopHelp ? '' : n . popHelp($a['name'])), ' class="pref-label"');
if ($a['html'] == 'text_input') {
$look_for = array('expire_logs_after', 'max_url_len', 'time_offset', 'rss_how_many', 'logs_expire');
$size = in_array($a['name'], $look_for) ? INPUT_XSMALL : INPUT_REGULAR;
$out .= td(pref_func('text_input', $a['name'], $a['val'], $size), '', 'pref-value');
} else {
$out .= td(pref_func($a['html'], $a['name'], $a['val']), '', 'pref-value');
}
echo n . n . tr($out, " id='prefs-{$a['name']}' class='{$a['event']}-prefs'");
}
echo n . '</tbody>' . n . endTable() . graf(fInput('submit', 'Submit', gTxt('save'), 'publish') . n . sInput('advanced_prefs_save') . n . eInput('prefs') . n . hInput('prefs_id', '1') . n . tInput()) . n . n . '</form>' . n . '</div>';
}
function image_list($message = '')
{
global $txpcfg, $extensions, $img_dir, $file_max_upload_size, $image_list_pageby, $txp_user, $event;
pagetop(gTxt('tab_image'), $message);
extract($txpcfg);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('image_sort_column', 'id');
}
if ($dir === '') {
$dir = get_pref('image_sort_dir', 'desc');
}
$dir = $dir == 'asc' ? 'asc' : 'desc';
echo hed(gTxt('tab_image'), 1, array('class' => 'txp-heading'));
echo n . '<div id="' . $event . '_control" class="txp-control-panel">';
if (!is_dir(IMPATH) or !is_writeable(IMPATH)) {
echo graf(span(null, array('class' => 'ui-icon ui-icon-alert')) . ' ' . gTxt('img_dir_not_writeable', array('{imgdir}' => IMPATH)), array('class' => 'alert-block warning'));
} elseif (has_privs('image.edit.own')) {
echo upload_form(gTxt('upload_image'), 'upload_image', 'image_insert', 'image', '', $file_max_upload_size);
}
switch ($sort) {
case 'name':
$sort_sql = 'name ' . $dir;
break;
case 'thumbnail':
$sort_sql = 'thumbnail ' . $dir . ', id asc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', id asc';
break;
case 'date':
$sort_sql = 'date ' . $dir . ', id asc';
break;
case 'author':
$sort_sql = 'author ' . $dir . ', id asc';
break;
default:
$sort = 'id';
$sort_sql = 'id ' . $dir;
break;
}
set_pref('image_sort_column', $sort, 'image', 2, '', 0, PREF_PRIVATE);
set_pref('image_sort_dir', $dir, 'image', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$verbatim = preg_match('/^"(.*)"$/', $crit, $m);
$crit_escaped = $verbatim ? doSlash($m[1]) : doLike($crit);
$critsql = $verbatim ? array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name = '{$crit_escaped}'", 'category' => "category = '{$crit_escaped}'", 'author' => "author = '{$crit_escaped}'", 'alt' => "alt = '{$crit_escaped}'", 'caption' => "caption = '{$crit_escaped}'") : array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'", 'alt' => "alt like '%{$crit_escaped}%'", 'caption' => "caption like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$criteria .= callback_event('admin_criteria', 'image_list', 0, $criteria);
$total = safe_count('txp_image', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . image_search_form($crit, $search_method) . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo graf(gTxt('no_images_recorded'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($image_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo image_search_form($crit, $search_method);
$rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_image', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}\n ");
echo pluggable_ui('image_ui', 'extend_controls', '', $rs);
echo '</div>';
// End txp-control-panel.
if ($rs) {
$show_authors = !has_single_author('txp_image');
echo n . tag_start('div', array('id' => $event . '_container', 'class' => 'txp-container')) . n . tag_start('form', array('action' => 'index.php', 'id' => 'images_form', 'class' => 'multi_edit_form', 'method' => 'post', 'name' => 'longform')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' scope="col" title="' . gTxt('toggle_all_selected') . '" class="txp-list-col-multi-edit"') . column_head('ID', 'id', 'image', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'txp-list-col-id') . column_head('name', 'name', 'image', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-name') . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'txp-list-col-created date images_detail') . column_head('thumbnail', 'thumbnail', 'image', true, $switch_dir, $crit, $search_method, ('thumbnail' == $sort ? "{$dir} " : '') . 'txp-list-col-thumbnail') . hCell(gTxt('tags'), '', ' scope="col" class="txp-list-col-tag-build images_detail"') . column_head('image_category', 'category', 'image', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'txp-list-col-category category') . ($show_authors ? column_head('author', 'author', 'image', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'txp-list-col-author name') : '')) . n . tag_end('thead') . n . tag_start('tbody');
$validator = new Validator();
while ($a = nextRow($rs)) {
extract($a);
$edit_url = array('event' => 'image', 'step' => 'image_edit', 'id' => $id, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit);
$name = empty($name) ? gTxt('unnamed') : txpspecialchars($name);
if ($thumbnail) {
if ($ext != '.swf') {
$thumbnail = '<img class="content-image" src="' . imagesrcurl($id, $ext, true) . "?{$uDate}" . '" alt="" ' . "title='{$id}{$ext} ({$w} × {$h})'" . ($thumb_w ? " width='{$thumb_w}' height='{$thumb_h}'" : '') . ' />';
} else {
$thumbnail = '';
}
} else {
$thumbnail = gTxt('no');
}
if ($ext != '.swf') {
$tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption);
$tagbuilder = href('Textile', $tag_url . a . 'type=textile', ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('|', array('role' => 'separator')) . sp . href('Textpattern', $tag_url . a . 'type=textpattern', ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('|', array('role' => 'separator')) . sp . href('HTML', $tag_url . a . 'type=html', ' target="_blank" onclick="popWin(this.href); return false;"');
} else {
$tagbuilder = sp;
}
$validator->setConstraints(array(new CategoryConstraint($category, array('type' => 'image'))));
$vc = $validator->validate() ? '' : ' error';
$category = $category ? span($category, array('title' => fetch_category_title($category, 'image'))) : '';
$can_edit = has_privs('image.edit') || $author === $txp_user && has_privs('image.edit.own');
echo tr(td($can_edit ? fInput('checkbox', 'selected[]', $id) : ' ', '', 'txp-list-col-multi-edit') . hCell(($can_edit ? href($id, $edit_url, array('title' => gTxt('edit'))) : $id) . sp . span(span('[', array('aria-hidden' => 'true')) . href(gTxt('view'), imagesrcurl($id, $ext)) . span(']', array('aria-hidden' => 'true')), array('class' => 'images_detail')), '', ' scope="row" class="txp-list-col-id"') . td($can_edit ? href($name, $edit_url, ' title="' . gTxt('edit') . '"') : $name, '', 'txp-list-col-name') . td(gTime($uDate), '', 'txp-list-col-created date images_detail') . td(pluggable_ui('image_ui', 'thumbnail', $can_edit ? href($thumbnail, $edit_url) : $thumbnail, $a), '', 'txp-list-col-thumbnail') . td($tagbuilder, '', 'txp-list-col-tag-build images_detail') . td($category, '', 'txp-list-col-category category' . $vc) . ($show_authors ? td(span(txpspecialchars($author), array('title' => get_author_name($author))), '', 'txp-list-col-author name') : ''));
}
echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . image_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . graf(toggle_box('images_detail'), array('class' => 'detail-toggle')) . n . tag_start('div', array('id' => $event . '_navigation', 'class' => 'txp-navigation')) . pageby_form('image', $image_list_pageby) . nav_form('image', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div') . n . tag_end('div');
}
}
/**
* Renders a checkbox to set/unset a browser cookie.
*
* @param string $classname Label text. The cookie's name will be derived from this value
* @param bool $form Create as a stand-along <form> element
* @return string HTML
*/
function cookie_box($classname, $form = true)
{
$name = 'cb_' . $classname;
$id = escape_js($name);
$class = escape_js($classname);
if (cs('toggle_' . $classname)) {
$value = 1;
} else {
$value = 0;
}
$newvalue = 1 - $value;
$out = checkbox($name, 1, (bool) $value, 0, $name) . n . tag(gTxt($classname), 'label', array('for' => $name));
$js = <<<EOF
\$(function ()
{
\$('input')
.filter(function () {
if (\$(this).attr('id') === '{$id}') {
return true;
}
})
.change(function () {
setClassRemember('{$class}', {$newvalue});
\$(this).parents('form').submit();
});
});
EOF;
$out .= script_js($js);
if ($form) {
if (serverSet('QUERY_STRING')) {
$action = 'index.php?' . serverSet('QUERY_STRING');
} else {
$action = 'index.php';
}
$out .= eInput(gps('event')) . tInput();
return tag($out, 'form', array('class' => $name, 'method' => 'post', 'action' => $action));
}
return $out;
}
function advanced_prefs($message = '')
{
echo pagetop(gTxt('advanced_preferences'), $message) . n . '<div id="prefs_container" class="txp-container txp-list">' . n . n . '<form method="post" class="prefs-form advanced" action="index.php">' . n . n . startTable('list', '', 'list') . n . n . tr(tdcs(hed(gTxt('advanced_preferences'), 2), 3)) . n . n . tr(tdcs(sLink('prefs', 'prefs_list', gTxt('site_prefs'), 'navlink') . sp . sLink('prefs', 'advanced_prefs', gTxt('advanced_preferences'), 'navlink-active') . sp . sLink('prefs', 'list_languages', gTxt('manage_languages'), 'navlink'), '3', '', 'nav-tertiary'));
$rs = safe_rows_start('*', 'txp_prefs', "type = 1 and prefs_id = 1 order by event, position");
$cur_evt = '';
while ($a = nextRow($rs)) {
if ($a['event'] != $cur_evt) {
$cur_evt = $a['event'];
$ctr = 1;
echo n . n . tr(tdcs(hed(gTxt($a['event']), 3, ' class="pref-heading ' . $a['event'] . '-prefs"'), 3));
}
$label = $a['html'] != 'yesnoradio' ? '<label for="' . $a['name'] . '">' . gTxt($a['name']) . '</label>' : gTxt($a['name']);
$out = tda($label, ' style="text-align: right; vertical-align: middle;" class="pref-label"');
if ($a['html'] == 'text_input') {
$look_for = array('expire_logs_after', 'max_url_len', 'time_offset', 'rss_how_many', 'logs_expire');
$size = in_array($a['name'], $look_for) ? 3 : 20;
$out .= td(pref_func('text_input', $a['name'], $a['val'], $size));
} else {
if (is_callable($a['html'])) {
$out .= td(pref_func($a['html'], $a['name'], $a['val']), '', 'pref-value');
} else {
$out .= td($a['val'], '', 'pref-value');
}
}
$out .= tda(popHelp($a['name']), ' style="vertical-align: middle;"');
echo n . n . tr($out, " id='prefs-{$a['name']}' class='{$a['event']}-prefs " . ($ctr % 2 == 0 ? 'even' : 'odd') . "'");
$ctr++;
}
echo n . n . tr(tda(fInput('submit', 'Submit', gTxt('save_button'), 'publish') . sInput('advanced_prefs_save') . eInput('prefs') . hInput('prefs_id', '1'), ' colspan="3" class="noline"')) . n . n . endTable() . n . tInput() . n . n . '</form>' . n . '</div>';
}
function article_edit($message = '', $concurrent = FALSE)
{
global $vars, $txp_user, $comments_disabled_after, $txpcfg, $prefs, $event;
extract($prefs);
extract(gpsa(array('view', 'from_view', 'step')));
if (!empty($GLOBALS['ID'])) {
// newly-saved article
$ID = $GLOBALS['ID'];
$step = 'edit';
} else {
$ID = gps('ID');
}
include_once txpath . '/lib/classTextile.php';
$textile = new Textile();
// switch to 'text' view upon page load and after article post
if (!$view || gps('save') || gps('publish')) {
$view = 'text';
}
if (!$step) {
$step = "create";
}
if ($step == "edit" && $view == "text" && !empty($ID) && $from_view != 'preview' && $from_view != 'html' && !$concurrent) {
$pull = true;
//-- it's an existing article - off we go to the db
$ID = assert_int($ID);
$rs = safe_row("*, unix_timestamp(Posted) as sPosted,\n\t\t\t\tunix_timestamp(Expires) as sExpires,\n\t\t\t\tunix_timestamp(LastMod) as sLastMod", "textpattern", "ID={$ID}");
extract($rs);
$reset_time = $publish_now = $Status < 4 && $sPosted <= time();
} else {
$pull = false;
//-- assume they came from post
if ($from_view == 'preview' or $from_view == 'html') {
$store_out = array();
$store = unserialize(base64_decode(ps('store')));
foreach ($vars as $var) {
if (isset($store[$var])) {
$store_out[$var] = $store[$var];
}
}
} else {
$store_out = gpsa($vars);
if ($concurrent) {
$store_out['sLastMod'] = safe_field('unix_timestamp(LastMod) as sLastMod', 'textpattern', 'ID=' . $ID);
}
}
$rs = $store_out;
extract($store_out);
}
$GLOBALS['step'] = $step;
if ($step == 'create') {
$textile_body = $use_textile;
$textile_excerpt = $use_textile;
}
if ($step != 'create' && $sPosted) {
// Previous record?
$prev_id = checkIfNeighbour('prev', $sPosted);
// Next record?
$next_id = checkIfNeighbour('next', $sPosted);
} else {
$prev_id = $next_id = 0;
}
$page_title = $Title ? $Title : gTxt('write');
pagetop($page_title, $message);
echo n . '<div id="' . $event . '_container" class="txp-container txp-edit">';
echo n . n . '<form id="article_form" name="article_form" method="post" action="index.php">';
if (!empty($store_out)) {
echo hInput('store', base64_encode(serialize($store_out)));
}
echo hInput('ID', $ID) . eInput('article') . sInput($step) . '<input type="hidden" name="view" />' . startTable('edit') . '<tr>' . n . '<td id="article-col-1"><div id="configuration_content">';
if ($view == 'text') {
//-- markup help --------------
echo pluggable_ui('article_ui', 'sidehelp', side_help($textile_body, $textile_excerpt), $rs);
//-- custom menu entries --------------
echo pluggable_ui('article_ui', 'extend_col_1', '', $rs);
//-- advanced --------------
echo '<div id="advanced_group"><h3 class="plain lever' . (get_pref('pane_article_advanced_visible') ? ' expanded' : '') . '"><a href="#advanced">' . gTxt('advanced_options') . '</a></h3>' . '<div id="advanced" class="toggle" style="display:' . (get_pref('pane_article_advanced_visible') ? 'block' : 'none') . '">';
// markup selection
echo pluggable_ui('article_ui', 'markup', n . graf('<label for="markup-body">' . gTxt('article_markup') . '</label>' . br . pref_text('textile_body', $textile_body, 'markup-body'), ' class="markup markup-body"') . n . graf('<label for="markup-excerpt">' . gTxt('excerpt_markup') . '</label>' . br . pref_text('textile_excerpt', $textile_excerpt, 'markup-excerpt'), ' class="markup markup-excerpt"'), $rs);
// form override
echo $allow_form_override ? pluggable_ui('article_ui', 'override', graf('<label for="override-form">' . gTxt('override_default_form') . '</label>' . sp . popHelp('override_form') . br . form_pop($override_form, 'override-form'), ' class="override-form"'), $rs) : '';
echo '</div></div>' . n;
//-- custom fields --------------
$cf = '';
$cfs = getCustomFields();
echo '<div id="custom_field_group"' . ($cfs ? '' : ' class="empty"') . '><h3 class="plain lever' . (get_pref('pane_article_custom_field_visible') ? ' expanded' : '') . '"><a href="#custom_field">' . gTxt('custom') . '</a></h3>' . '<div id="custom_field" class="toggle" style="display:' . (get_pref('pane_article_custom_field_visible') ? 'block' : 'none') . '">';
foreach ($cfs as $i => $cf_name) {
$custom_x_set = "custom_{$i}_set";
$custom_x = "custom_{$i}";
$cf .= ${$custom_x_set} !== '' ? custField($i, ${$custom_x_set}, ${$custom_x}) : '';
}
echo pluggable_ui('article_ui', 'custom_fields', $cf, $rs);
echo '</div></div>' . n;
//-- article image --------------
echo '<div id="image_group"><h3 class="plain lever' . (get_pref('pane_article_image_visible') ? ' expanded' : '') . '"><a href="#image">' . gTxt('article_image') . '</a></h3>' . '<div id="image" class="toggle" style="display:' . (get_pref('pane_article_image_visible') ? 'block' : 'none') . '">';
echo pluggable_ui('article_ui', 'article_image', n . graf('<label for="article-image">' . gTxt('article_image') . '</label>' . sp . popHelp('article_image') . br . fInput('text', 'Image', $Image, 'edit', '', '', 22, '', 'article-image'), ' class="article-image"'), $rs);
echo '</div></div>' . n;
//-- meta info --------------
echo '<div id="meta_group"><h3 class="plain lever' . (get_pref('pane_article_meta_visible') ? ' expanded' : '') . '"><a href="#meta">' . gTxt('meta') . '</a></h3>' . '<div id="meta" class="toggle" style="display:' . (get_pref('pane_article_meta_visible') ? 'block' : 'none') . '">';
// keywords
echo pluggable_ui('article_ui', 'keywords', n . graf('<label for="keywords">' . gTxt('keywords') . '</label>' . sp . popHelp('keywords') . br . n . '<textarea id="keywords" name="Keywords" cols="18" rows="5">' . htmlspecialchars(str_replace(',', ', ', $Keywords)) . '</textarea>', ' class="keywords"'), $rs);
// url title
echo pluggable_ui('article_ui', 'url_title', n . graf('<label for="url-title">' . gTxt('url_title') . '</label>' . sp . popHelp('url_title') . br . fInput('text', 'url_title', $url_title, 'edit', '', '', 22, '', 'url-title'), ' class="url-title"'), $rs);
echo '</div></div>' . n;
//-- recent articles --------------
echo '<div id="recent_group"><h3 class="plain lever' . (get_pref('pane_article_recent_visible') ? ' expanded' : '') . '"><a href="#recent">' . gTxt('recent_articles') . '</a>' . '</h3>' . '<div id="recent" class="toggle" style="display:' . (get_pref('pane_article_recent_visible') ? 'block' : 'none') . '">';
$recents = safe_rows_start("Title, ID", 'textpattern', "1=1 order by LastMod desc limit 10");
$ra = '';
if ($recents) {
$ra = '<ul class="recent plain-list">';
while ($recent = nextRow($recents)) {
if (!$recent['Title']) {
$recent['Title'] = gTxt('untitled') . sp . $recent['ID'];
}
$ra .= n . t . '<li class="recent-article"><a href="?event=article' . a . 'step=edit' . a . 'ID=' . $recent['ID'] . '">' . escape_title($recent['Title']) . '</a></li>';
}
$ra .= '</ul>';
}
echo pluggable_ui('article_ui', 'recent_articles', $ra, $rs);
echo '</div></div>';
} else {
echo sp;
}
echo '</div></td>' . n . '<td id="article-main"><div id="main_content">';
//-- title input --------------
if ($view == 'preview') {
echo '<div class="preview">' . hed(gTxt('preview'), 2) . hed($Title, 1, ' class="title"');
} elseif ($view == 'html') {
echo '<div class="xhtml">' . hed('XHTML', 2) . hed($Title, 1, ' class="title"');
} elseif ($view == 'text') {
echo '<div class="text">' . pluggable_ui('article_ui', 'title', n . '<p class="title"><label for="title">' . gTxt('title') . '</label>' . sp . popHelp('title') . br . '<input type="text" id="title" name="Title" value="' . escape_title($Title) . '" class="edit" size="40" tabindex="1" />', $rs);
if ($step != 'create') {
if ($Status != 4 and $Status != 5) {
$url = '?txpreview=' . intval($ID) . '.' . time();
// article ID plus cachebuster
} else {
include_once txpath . '/publish/taghandlers.php';
$url = permlinkurl_id($ID);
}
echo sp . sp . '<a href="' . $url . '" class="article-view">' . gTxt('view') . '</a>';
}
echo '</p>';
}
//-- body --------------------
if ($view == 'preview') {
echo '<div class="body">';
if ($textile_body == USE_TEXTILE) {
echo $textile->TextileThis($Body);
} else {
if ($textile_body == CONVERT_LINEBREAKS) {
echo nl2br($Body);
} else {
if ($textile_body == LEAVE_TEXT_UNTOUCHED) {
echo $Body;
}
}
}
echo '</div>';
} elseif ($view == 'html') {
if ($textile_body == USE_TEXTILE) {
$bod = $textile->TextileThis($Body);
} else {
if ($textile_body == CONVERT_LINEBREAKS) {
$bod = nl2br($Body);
} else {
if ($textile_body == LEAVE_TEXT_UNTOUCHED) {
$bod = $Body;
}
}
}
echo tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($bod)), 'code', ' class="body"');
} else {
echo pluggable_ui('article_ui', 'body', n . graf('<label for="body">' . gTxt('body') . '</label>' . sp . popHelp('body') . br . '<textarea id="body" name="Body" cols="55" rows="31" tabindex="2">' . htmlspecialchars($Body) . '</textarea>', ' class="body"'), $rs);
}
//-- excerpt --------------------
if ($articles_use_excerpts) {
if ($view == 'text') {
echo pluggable_ui('article_ui', 'excerpt', n . graf('<label for="excerpt">' . gTxt('excerpt') . '</label>' . sp . popHelp('excerpt') . br . '<textarea id="excerpt" name="Excerpt" cols="55" rows="5" tabindex="3">' . htmlspecialchars($Excerpt) . '</textarea>', ' class="excerpt"'), $rs);
} else {
echo n . '<hr width="50%" />';
echo '<div class="excerpt">';
echo $textile_excerpt == USE_TEXTILE ? $view == 'preview' ? graf($textile->textileThis($Excerpt)) : tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($textile->TextileThis($Excerpt))), 'code', ' class="excerpt"') : graf($Excerpt);
echo '</div>';
}
}
//-- author --------------
if ($view == "text" && $step != "create") {
echo '<p class="author small">' . gTxt('posted_by') . ': ' . htmlspecialchars($AuthorID) . ' · ' . safe_strftime('%d %b %Y · %X', $sPosted);
if ($sPosted != $sLastMod) {
echo br . gTxt('modified_by') . ': ' . htmlspecialchars($LastModID) . ' · ' . safe_strftime('%d %b %Y · %X', $sLastMod);
}
echo '</p>';
}
echo hInput('from_view', $view), '</div></div></td>';
//-- layer tabs -------------------
echo '<td id="article-tabs"><div id="view_modes">';
echo pluggable_ui('article_ui', 'view', $use_textile == USE_TEXTILE || $textile_body == USE_TEXTILE ? tag(tab('text', $view) . tab('html', $view) . tab('preview', $view), 'ul') : ' ', $rs);
echo '</div></td>';
echo '<td id="article-col-2"><div id="supporting_content">';
if ($view == 'text') {
if ($step != 'create') {
echo n . graf(href(gtxt('create_new'), 'index.php?event=article'), ' class="action-create"');
}
//-- prev/next article links --
if ($step != 'create' and ($prev_id or $next_id)) {
echo '<p class="article-nav">', $prev_id ? prevnext_link('‹' . gTxt('prev'), 'article', 'edit', $prev_id, gTxt('prev')) : '', $next_id ? prevnext_link(gTxt('next') . '›', 'article', 'edit', $next_id, gTxt('next')) : '', '</p>';
}
//-- status radios --------------
echo pluggable_ui('article_ui', 'status', n . n . '<fieldset id="write-status">' . n . '<legend>' . gTxt('status') . '</legend>' . n . status_radio($Status) . n . '</fieldset>', $rs);
//-- category selects -----------
echo pluggable_ui('article_ui', 'categories', n . n . '<fieldset id="write-sort">' . n . '<legend>' . gTxt('sort_display') . '</legend>' . n . graf('<label for="category-1">' . gTxt('category1') . '</label> ' . '<span class="edit category-edit small">[' . eLink('category', '', '', '', gTxt('edit')) . ']</span>' . br . n . category_popup('Category1', $Category1, 'category-1'), ' class="category category-1"') . n . graf('<label for="category-2">' . gTxt('category2') . '</label>' . br . n . category_popup('Category2', $Category2, 'category-2'), ' class="category category-2"'), $rs);
//-- section select --------------
if (!$from_view && !$pull) {
$Section = getDefaultSection();
}
echo pluggable_ui('article_ui', 'section', n . graf('<label for="section">' . gTxt('section') . '</label> ' . '<span class="edit section-edit small">[' . eLink('section', '', '', '', gTxt('edit')) . ']</span>' . br . section_popup($Section, 'section'), ' class="section"') . n . '</fieldset>', $rs);
//-- "More" section
echo n . n . '<div id="more_group"><h3 class="plain lever' . (get_pref('pane_article_more_visible') ? ' expanded' : '') . '"><a href="#more">' . gTxt('more') . '</a></h3>', '<div id="more" class="toggle" style="display:' . (get_pref('pane_article_more_visible') ? 'block' : 'none') . '">';
//-- comments stuff --------------
if ($step == "create") {
//Avoiding invite disappear when previewing
$AnnotateInvite = !empty($store_out['AnnotateInvite']) ? $store_out['AnnotateInvite'] : $comments_default_invite;
if ($comments_on_default == 1) {
$Annotate = 1;
}
}
if ($use_comments == 1) {
$invite[] = n . n . '<fieldset id="write-comments">' . n . '<legend>' . gTxt('comments') . '</legend>';
$comments_expired = false;
if ($step != 'create' && $comments_disabled_after) {
$lifespan = $comments_disabled_after * 86400;
$time_since = time() - $sPosted;
if ($time_since > $lifespan) {
$comments_expired = true;
}
}
if ($comments_expired) {
$invite[] = n . n . graf(gTxt('expired'), ' class="comment-annotate"');
} else {
$invite[] = n . n . graf(onoffRadio('Annotate', $Annotate), ' class="comment-annotate"') . n . n . graf('<label for="comment-invite">' . gTxt('comment_invitation') . '</label>' . br . fInput('text', 'AnnotateInvite', $AnnotateInvite, 'edit', '', '', '', '', 'comment-invite'), ' class="comment-invite"');
}
$invite[] = n . n . '</fieldset>';
echo pluggable_ui('article_ui', 'annotate_invite', join('', $invite), $rs);
}
if ($step == "create" and empty($GLOBALS['ID'])) {
//-- timestamp -------------------
//Avoiding modified date to disappear
$persist_timestamp = !empty($store_out['year']) ? safe_strtotime($store_out['year'] . '-' . $store_out['month'] . '-' . $store_out['day'] . ' ' . $store_out['hour'] . ':' . $store_out['minute'] . ':' . $store_out['second']) : time();
echo pluggable_ui('article_ui', 'timestamp', n . n . '<fieldset id="write-timestamp">' . n . '<legend>' . gTxt('timestamp') . '</legend>' . n . graf(checkbox('publish_now', '1', $publish_now, '', 'publish_now') . '<label for="publish_now">' . gTxt('set_to_now') . '</label>', ' class="publish-now"') . n . graf(gTxt('or_publish_at') . sp . popHelp('timestamp'), ' class="publish-at"') . n . graf('<span class="label">' . gtxt('date') . '</span>' . sp . tsi('year', '%Y', $persist_timestamp) . ' / ' . tsi('month', '%m', $persist_timestamp) . ' / ' . tsi('day', '%d', $persist_timestamp), ' class="date posted created"') . n . graf('<span class="label">' . gTxt('time') . '</span>' . sp . tsi('hour', '%H', $persist_timestamp) . ' : ' . tsi('minute', '%M', $persist_timestamp) . ' : ' . tsi('second', '%S', $persist_timestamp), ' class="time posted created"') . n . '</fieldset>', array('sPosted' => $persist_timestamp) + $rs);
//-- expires -------------------
$persist_timestamp = !empty($store_out['exp_year']) ? safe_strtotime($store_out['exp_year'] . '-' . $store_out['exp_month'] . '-' . $store_out['exp_day'] . ' ' . $store_out['exp_hour'] . ':' . $store_out['exp_minute'] . ':' . $store_out['second']) : NULLDATETIME;
echo pluggable_ui('article_ui', 'expires', n . n . '<fieldset id="write-expires">' . n . '<legend>' . gTxt('expires') . '</legend>' . n . graf('<span class="label">' . gtxt('date') . '</span>' . sp . tsi('exp_year', '%Y', $persist_timestamp) . ' / ' . tsi('exp_month', '%m', $persist_timestamp) . ' / ' . tsi('exp_day', '%d', $persist_timestamp), ' class="date expires"') . n . graf('<span class="label">' . gTxt('time') . '</span>' . sp . tsi('exp_hour', '%H', $persist_timestamp) . ' : ' . tsi('exp_minute', '%M', $persist_timestamp) . ' : ' . tsi('exp_second', '%S', $persist_timestamp), ' class="time expires"') . n . '</fieldset>', $rs);
// end "More" section
echo n . n . '</div></div>';
//-- publish button --------------
echo has_privs('article.publish') ? fInput('submit', 'publish', gTxt('publish'), "publish", '', '', '', 4) : fInput('submit', 'publish', gTxt('save'), "publish", '', '', '', 4);
} else {
//-- timestamp -------------------
if (!empty($year)) {
$sPosted = safe_strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second);
}
echo pluggable_ui('article_ui', 'timestamp', n . n . '<fieldset id="write-timestamp">' . n . '<legend>' . gTxt('timestamp') . '</legend>' . n . graf(checkbox('reset_time', '1', $reset_time, '', 'reset_time') . '<label for="reset_time">' . gTxt('reset_time') . '</label>', ' class="reset-time"') . n . graf(gTxt('published_at') . sp . popHelp('timestamp'), ' class="publish-at"') . n . graf('<span class="label">' . gtxt('date') . '</span>' . sp . tsi('year', '%Y', $sPosted) . ' / ' . tsi('month', '%m', $sPosted) . ' / ' . tsi('day', '%d', $sPosted), ' class="date posted created"') . n . graf('<span class="label">' . gTxt('time') . '</span>' . sp . tsi('hour', '%H', $sPosted) . ' : ' . tsi('minute', '%M', $sPosted) . ' : ' . tsi('second', '%S', $sPosted), ' class="time posted created"') . n . hInput('sPosted', $sPosted) . n . hInput('sLastMod', $sLastMod) . n . hInput('AuthorID', $AuthorID) . n . hInput('LastModID', $LastModID) . n . '</fieldset>', $rs);
//-- expires -------------------
if (!empty($exp_year)) {
if (empty($exp_month)) {
$exp_month = 1;
}
if (empty($exp_day)) {
$exp_day = 1;
}
if (empty($exp_hour)) {
$exp_hour = 0;
}
if (empty($exp_minute)) {
$exp_minute = 0;
}
if (empty($exp_second)) {
$exp_second = 0;
}
$sExpires = safe_strtotime($exp_year . '-' . $exp_month . '-' . $exp_day . ' ' . $exp_hour . ':' . $exp_minute . ':' . $exp_second);
}
echo pluggable_ui('article_ui', 'expires', n . n . '<fieldset id="write-expires">' . n . '<legend>' . gTxt('expires') . '</legend>' . n . graf('<span class="label">' . gtxt('date') . '</span>' . sp . tsi('exp_year', '%Y', $sExpires) . ' / ' . tsi('exp_month', '%m', $sExpires) . ' / ' . tsi('exp_day', '%d', $sExpires), ' class="date expires"') . n . graf('<span class="label">' . gTxt('time') . '</span>' . sp . tsi('exp_hour', '%H', $sExpires) . ' : ' . tsi('exp_minute', '%M', $sExpires) . ' : ' . tsi('exp_second', '%S', $sExpires), ' class="time expires"') . n . hInput('sExpires', $sExpires) . n . '</fieldset>', $rs);
// end "More" section
echo n . n . '</div></div>';
//-- save button --------------
if ($Status >= 4 and has_privs('article.edit.published') or $Status >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $Status < 4 and has_privs('article.edit') or $Status < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) {
echo fInput('submit', 'save', gTxt('save'), "publish", '', '', '', 4);
}
}
}
echo '</div></td></tr></table>' . n . tInput() . n . '</form></div>' . n;
// Assume users would not change the timestamp if they wanted to "publish now"/"reset time"
echo script_js(<<<EOS
\t\t\$('#write-timestamp input.edit').change(
\t\t\tfunction() {
\t\t\t\t\$('#publish_now').prop('checked', false);
\t\t\t\t\$('#reset_time').prop('checked', false);
\t\t\t});
EOS
);
}
function link_list($message = '')
{
global $event, $step, $link_list_pageby, $txp_user;
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('link_sort_column', 'name');
}
if ($dir === '') {
$dir = get_pref('link_sort_dir', 'asc');
}
$dir = $dir == 'desc' ? 'desc' : 'asc';
switch ($sort) {
case 'id':
$sort_sql = 'id ' . $dir;
break;
case 'description':
$sort_sql = 'description ' . $dir . ', id asc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', id asc';
break;
case 'date':
$sort_sql = 'date ' . $dir . ', id asc';
break;
case 'author':
$sort_sql = 'author ' . $dir . ', id asc';
break;
default:
$sort = 'name';
$sort_sql = 'linksort ' . $dir . ', id asc';
break;
}
set_pref('link_sort_column', $sort, 'link', 2, '', 0, PREF_PRIVATE);
set_pref('link_sort_dir', $dir, 'link', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
$critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = getCount('txp_link', $criteria);
echo '<div id="' . $event . '_control" class="txp-control-panel">';
if ($total < 1) {
if ($criteria != 1) {
echo n . link_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo n . graf(gTxt('no_links_recorded'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($link_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo link_search_form($crit, $search_method) . '</div>';
$rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_link', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
$show_authors = !has_single_author('txp_link');
echo n . '<div class="txp-list">';
echo n . n . '<form action="index.php" id="links_form" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list', '', 'list') . n . '<thead>' . n . tr(column_head('ID', 'id', 'link', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . hCell('', '', ' class="actions"') . column_head('link_name', 'name', 'link', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . column_head('description', 'description', 'link', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'description') . column_head('link_category', 'category', 'link', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . column_head('date', 'date', 'link', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'date created') . ($show_authors ? column_head('author', 'author', 'link', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '') . hCell('', '', ' class="multi-edit"')) . n . '</thead>';
$tfoot = n . '<tfoot>' . tr(tda(select_buttons() . link_multiedit_form($page, $sort, $dir, $crit, $search_method), ' class="multi-edit" colspan="' . ($show_authors ? '8' : '7') . '" style="text-align: right; border: none;"')) . n . '</tfoot>';
echo $tfoot;
echo '<tbody>';
$ctr = 1;
while ($a = nextRow($rs)) {
extract($a);
$edit_url = '?event=link' . a . 'step=link_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$can_edit = has_privs('link.edit') || $author == $txp_user && has_privs('link.edit.own');
echo tr(n . td($id, 20, 'id') . td(n . '<ul>' . ($can_edit ? n . t . '<li class="action-edit">' . href(gTxt('edit'), $edit_url) . '</li>' : '') . n . t . '<li class="action-view">' . href(gTxt('view'), $url) . '</li>' . n . '</ul>', 35, 'actions') . td($can_edit ? href($linkname, $edit_url) : $linkname, 125, 'name') . td(htmlspecialchars($description), 150, 'description') . td('<span title="' . htmlspecialchars(fetch_category_title($category, 'link')) . '">' . $category . '</span>', 125, 'category') . td(gTime($uDate), 75, 'date created') . ($show_authors ? td('<span title="' . htmlspecialchars(get_author_name($author)) . '">' . htmlspecialchars($author) . '</span>', '', 'author') : '') . td(fInput('checkbox', 'selected[]', $id), '', 'multi-edit'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"');
$ctr++;
}
echo '</tbody>' . n . endTable() . n . tInput() . n . '</form>' . n . '<div id="' . $event . '_navigation" class="txp-navigation">' . n . nav_form('link', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . pageby_form('link', $link_list_pageby) . n . '</div>' . n . '</div>';
}
}
function discuss_list($message = '')
{
global $event, $comment_list_pageby;
pagetop(gTxt('list_discussions'), $message);
extract(gpsa(array('sort', 'dir', 'page', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('discuss_sort_column', 'date');
}
if ($dir === '') {
$dir = get_pref('discuss_sort_dir', 'desc');
}
$dir = $dir == 'asc' ? 'asc' : 'desc';
switch ($sort) {
case 'id':
$sort_sql = 'discussid ' . $dir;
break;
case 'ip':
$sort_sql = 'ip ' . $dir;
break;
case 'name':
$sort_sql = 'name ' . $dir;
break;
case 'email':
$sort_sql = 'email ' . $dir;
break;
case 'website':
$sort_sql = 'web ' . $dir;
break;
case 'message':
$sort_sql = 'message ' . $dir;
break;
case 'status':
$sort_sql = 'visible ' . $dir;
break;
case 'parent':
$sort_sql = 'parentid ' . $dir;
break;
default:
$sort = 'date';
$sort_sql = 'txp_discuss.posted ' . $dir;
break;
}
if ($sort != 'date') {
$sort_sql .= ', txp_discuss.posted asc';
}
set_pref('discuss_sort_column', $sort, 'discuss', 2, '', 0, PREF_PRIVATE);
set_pref('discuss_sort_dir', $dir, 'discuss', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$verbatim = preg_match('/^"(.*)"$/', $crit, $m);
$crit_escaped = doSlash($verbatim ? $m[1] : str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
$critsql = $verbatim ? array('id' => "discussid = '{$crit_escaped}'", 'parent' => "parentid = '{$crit_escaped}'" . (intval($crit_escaped) ? '' : " OR title = '{$crit_escaped}'"), 'name' => "name = '{$crit_escaped}'", 'message' => "message = '{$crit_escaped}'", 'email' => "email = '{$crit_escaped}'", 'website' => "web = '{$crit_escaped}'", 'ip' => "ip = '{$crit_escaped}'") : array('id' => "discussid = '{$crit_escaped}'", 'parent' => "parentid = '{$crit_escaped}'" . (intval($crit_escaped) ? '' : " OR title like '%{$crit_escaped}%'"), 'name' => "name like '%{$crit_escaped}%'", 'message' => "message like '%{$crit_escaped}%'", 'email' => "email like '%{$crit_escaped}%'", 'website' => "web like '%{$crit_escaped}%'", 'ip' => "ip like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$criteria .= callback_event('admin_criteria', 'discuss_list', 0, $criteria);
$counts = getRows('SELECT visible, COUNT(*) AS c' . ' FROM ' . safe_pfx_j('txp_discuss') . ' LEFT JOIN ' . safe_pfx_j('textpattern') . ' ON txp_discuss.parentid = textpattern.ID' . ' WHERE ' . $criteria . ' GROUP BY visible');
$count[SPAM] = $count[MODERATE] = $count[VISIBLE] = 0;
if ($counts) {
foreach ($counts as $c) {
$count[$c['visible']] = $c['c'];
}
}
// grand total comment count
$total = $count[SPAM] + $count[MODERATE] + $count[VISIBLE];
echo '<h1 class="txp-heading">' . gTxt('list_discussions') . '</h1>';
echo '<div id="' . $event . '_control" class="txp-control-panel">';
echo graf(sLink('discuss', 'ipban_list', gTxt('list_banned_ips')), ' class="txp-buttons"');
if ($total < 1) {
if ($criteria != 1) {
echo n . discuss_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo graf(gTxt('no_comments_recorded'), ' class="indicator"') . '</div>';
}
return;
}
// paging through displayed comments
$total = (cs('toggle_show_spam') ? $count[SPAM] : 0) + $count[MODERATE] + $count[VISIBLE];
$limit = max($comment_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo discuss_search_form($crit, $search_method) . '</div>';
$spamq = cs('toggle_show_spam') ? '1=1' : 'visible != ' . intval(SPAM);
$rs = safe_query('SELECT txp_discuss.*, unix_timestamp(txp_discuss.posted) as uPosted, ID as thisid, Section as section, url_title, Title as title, Status, unix_timestamp(textpattern.Posted) as posted' . ' FROM ' . safe_pfx_j('txp_discuss') . ' LEFT JOIN ' . safe_pfx_j('textpattern') . ' ON txp_discuss.parentid = textpattern.ID' . ' WHERE ' . $spamq . ' AND ' . $criteria . ' ORDER BY ' . $sort_sql . ' LIMIT ' . $offset . ', ' . $limit);
if ($rs) {
echo n . '<div id="' . $event . '_container" class="txp-container">';
echo n . n . '<form name="longform" id="discuss_form" class="multi_edit_form" method="post" action="index.php">' . n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . n . n . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('ID', 'id', 'discuss', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . n . column_head('date', 'date', 'discuss', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'date posted created') . n . column_head('name', 'name', 'discuss', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . n . column_head('message', 'message', 'discuss', true, $switch_dir, $crit, $search_method, 'message' == $sort ? "{$dir} " : 'message') . n . column_head('email', 'email', 'discuss', true, $switch_dir, $crit, $search_method, ('email' == $sort ? "{$dir} " : '') . 'discuss_detail email') . n . column_head('website', 'website', 'discuss', true, $switch_dir, $crit, $search_method, ('website' == $sort ? "{$dir} " : '') . 'discuss_detail website') . n . column_head('IP', 'ip', 'discuss', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'discuss_detail ip') . n . column_head('status', 'status', 'discuss', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'status') . n . column_head('parent', 'parent', 'discuss', true, $switch_dir, $crit, $search_method, ('parent' == $sort ? "{$dir} " : '') . 'parent')) . n . '</thead>';
include_once txpath . '/publish/taghandlers.php';
echo '<tbody>';
while ($a = nextRow($rs)) {
extract($a);
$parentid = assert_int($parentid);
$edit_url = '?event=discuss' . a . 'step=discuss_edit' . a . 'discussid=' . $discussid . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$dmessage = $visible == SPAM ? short_preview($message) : $message;
switch ($visible) {
case VISIBLE:
$comment_status = gTxt('visible');
$row_class = 'visible';
break;
case SPAM:
$comment_status = gTxt('spam');
$row_class = 'spam';
break;
case MODERATE:
$comment_status = gTxt('unmoderated');
$row_class = 'moderate';
break;
default:
break;
}
if (empty($thisid)) {
$parent = gTxt('article_deleted') . ' (' . $parentid . ')';
$view = '';
} else {
$parent_title = empty($title) ? '<em>' . gTxt('untitled') . '</em>' : escape_title($title);
$parent = href($parent_title, '?event=article' . a . 'step=edit' . a . 'ID=' . $parentid);
$view = $comment_status;
if ($visible == VISIBLE and in_array($Status, array(4, 5))) {
$view = n . '<a title="' . gTxt('view') . '" href="' . permlinkurl($a) . '#c' . $discussid . '">' . $comment_status . '</a>';
}
}
echo n . n . tr(n . td(fInput('checkbox', 'selected[]', $discussid), '', 'multi-edit') . td('<a title="' . gTxt('edit') . '" href="' . $edit_url . '">' . $discussid . '</a>', '', 'id') . td(gTime($uPosted), '', 'date posted created') . td(txpspecialchars(soft_wrap($name, 15)), '', 'name') . td(short_preview($dmessage), '', 'message') . td(txpspecialchars(soft_wrap($email, 15)), '', 'discuss_detail email') . td(txpspecialchars(soft_wrap($web, 15)), '', 'discuss_detail website') . td($ip, '', 'discuss_detail ip') . td($view, '', 'status') . td($parent, '', 'parent'), ' class="' . $row_class . '"');
}
if (empty($message)) {
echo tr(tda(gTxt('just_spam_results_found'), ' colspan="10"'));
}
echo '</tbody>', n, endTable(), n, '</div>', n, discuss_multiedit_form($page, $sort, $dir, $crit, $search_method), n, tInput(), n, '</form>', n, graf(toggle_box('discuss_detail'), ' class="detail-toggle"'), n, cookie_box('show_spam'), n, '<div id="' . $event . '_navigation" class="txp-navigation">', n, nav_form('discuss', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit), n, pageby_form('discuss', $comment_list_pageby), n, '</div>', n, '</div>';
}
}
/**
* Renders article editor form.
*
* @param string|array $message The activity message
* @param bool $concurrent Treat as a concurrent save
* @param bool $refresh_partials Whether refresh partial contents
*/
function article_edit($message = '', $concurrent = false, $refresh_partials = false)
{
global $vars, $txp_user, $prefs, $event, $view;
extract($prefs);
/*
$partials is an array of:
$key => array (
'mode' => {PARTIAL_STATIC | PARTIAL_VOLATILE | PARTIAL_VOLATILE_VALUE},
'selector' => $DOM_selector,
'cb' => $callback_function,
'html' => $return_value_of_callback_function (need not be intialised here)
)
*/
$partials = array('html_title' => array('mode' => PARTIAL_VOLATILE, 'selector' => 'title', 'cb' => 'article_partial_html_title'), 'sLastMod' => array('mode' => PARTIAL_VOLATILE_VALUE, 'selector' => '[name=sLastMod]', 'cb' => 'article_partial_value'), 'sPosted' => array('mode' => PARTIAL_VOLATILE_VALUE, 'selector' => '[name=sPosted]', 'cb' => 'article_partial_value'), 'sidehelp' => array('mode' => PARTIAL_VOLATILE, 'selector' => '#textfilter_group', 'cb' => 'article_partial_sidehelp'), 'url_title' => array('mode' => PARTIAL_STATIC, 'selector' => 'p.url-title', 'cb' => 'article_partial_url_title'), 'url_title_value' => array('mode' => PARTIAL_VOLATILE_VALUE, 'selector' => '#url-title', 'cb' => 'article_partial_url_title_value'), 'description' => array('mode' => PARTIAL_STATIC, 'selector' => 'p.description', 'cb' => 'article_partial_description'), 'description_value' => array('mode' => PARTIAL_VOLATILE_VALUE, 'selector' => '#description', 'cb' => 'article_partial_description_value'), 'keywords' => array('mode' => PARTIAL_STATIC, 'selector' => 'p.keywords', 'cb' => 'article_partial_keywords'), 'keywords_value' => array('mode' => PARTIAL_VOLATILE_VALUE, 'selector' => '#keywords', 'cb' => 'article_partial_keywords_value'), 'image' => array('mode' => PARTIAL_STATIC, 'selector' => '#image_group', 'cb' => 'article_partial_image'), 'custom_fields' => array('mode' => PARTIAL_STATIC, 'selector' => '#custom_field_group', 'cb' => 'article_partial_custom_fields'), 'recent_articles' => array('mode' => PARTIAL_VOLATILE, 'selector' => '#recent_group .recent', 'cb' => 'article_partial_recent_articles'), 'title' => array('mode' => PARTIAL_STATIC, 'selector' => 'p.title', 'cb' => 'article_partial_title'), 'title_value' => array('mode' => PARTIAL_VOLATILE_VALUE, 'selector' => '#title', 'cb' => 'article_partial_title_value'), 'article_clone' => array('mode' => PARTIAL_VOLATILE, 'selector' => '#article_partial_article_clone', 'cb' => 'article_partial_article_clone'), 'article_view' => array('mode' => PARTIAL_VOLATILE, 'selector' => '#article_partial_article_view', 'cb' => 'article_partial_article_view'), 'body' => array('mode' => PARTIAL_STATIC, 'selector' => 'p.body', 'cb' => 'article_partial_body'), 'excerpt' => array('mode' => PARTIAL_STATIC, 'selector' => 'p.excerpt', 'cb' => 'article_partial_excerpt'), 'author' => array('mode' => PARTIAL_VOLATILE, 'selector' => 'p.author', 'cb' => 'article_partial_author'), 'view_modes' => array('mode' => PARTIAL_VOLATILE, 'selector' => '#view_modes', 'cb' => 'article_partial_view_modes'), 'article_nav' => array('mode' => PARTIAL_VOLATILE, 'selector' => 'p.nav-tertiary', 'cb' => 'article_partial_article_nav'), 'status' => array('mode' => PARTIAL_VOLATILE, 'selector' => '#write-status', 'cb' => 'article_partial_status'), 'categories' => array('mode' => PARTIAL_STATIC, 'selector' => '#categories_group', 'cb' => 'article_partial_categories'), 'section' => array('mode' => PARTIAL_STATIC, 'selector' => 'p.section', 'cb' => 'article_partial_section'), 'comments' => array('mode' => PARTIAL_VOLATILE, 'selector' => '#write-comments', 'cb' => 'article_partial_comments'), 'posted' => array('mode' => PARTIAL_VOLATILE, 'selector' => '#write-timestamp', 'cb' => 'article_partial_posted'), 'expires' => array('mode' => PARTIAL_VOLATILE, 'selector' => '#write-expires', 'cb' => 'article_partial_expires'));
// Add partials for custom fields (and their values which is redundant by
// design, for plugins).
global $cfs;
foreach ($cfs as $k => $v) {
$partials["custom_field_{$k}"] = array('mode' => PARTIAL_STATIC, 'selector' => "p.custom-field.custom-{$k}", 'cb' => 'article_partial_custom_field');
$partials["custom_{$k}"] = array('mode' => PARTIAL_STATIC, 'selector' => "#custom-{$k}", 'cb' => 'article_partial_value');
}
extract(gpsa(array('view', 'from_view', 'step')));
// Newly-saved article.
if (!empty($GLOBALS['ID'])) {
$ID = $GLOBALS['ID'];
$step = 'edit';
} else {
$ID = gps('ID');
}
// Switch to 'text' view upon page load and after article post.
if (!$view || gps('save') || gps('publish')) {
$view = 'text';
}
if (!$step) {
$step = "create";
}
if ($step == "edit" && $view == "text" && !empty($ID) && $from_view != 'preview' && $from_view != 'html' && !$concurrent) {
$pull = true;
// It's an existing article - off we go to the database.
$ID = assert_int($ID);
$rs = safe_row("*, UNIX_TIMESTAMP(Posted) AS sPosted,\n UNIX_TIMESTAMP(Expires) AS sExpires,\n UNIX_TIMESTAMP(LastMod) AS sLastMod", 'textpattern', "ID = {$ID}");
if (empty($rs)) {
return;
}
$rs['reset_time'] = $rs['publish_now'] = false;
} else {
$pull = false;
// Assume they came from post.
if ($from_view == 'preview' or $from_view == 'html') {
$store_out = array();
$store = unserialize(base64_decode(ps('store')));
foreach ($vars as $var) {
if (isset($store[$var])) {
$store_out[$var] = $store[$var];
}
}
} else {
$store_out = gpsa($vars);
if ($concurrent) {
$store_out['sLastMod'] = safe_field("UNIX_TIMESTAMP(LastMod) AS sLastMod", 'textpattern', "ID = {$ID}");
}
if (!has_privs('article.set_markup') && !empty($ID)) {
$oldArticle = safe_row("textile_body, textile_excerpt", 'textpattern', "ID = {$ID}");
if (!empty($oldArticle)) {
$store_out['textile_body'] = $oldArticle['textile_body'];
$store_out['textile_excerpt'] = $oldArticle['textile_excerpt'];
}
}
}
// Use preferred Textfilter as default and fallback.
$hasfilter = new \Textpattern\Textfilter\Constraint(null);
$validator = new Validator();
foreach (array('textile_body', 'textile_excerpt') as $k) {
$hasfilter->setValue($store_out[$k]);
$validator->setConstraints($hasfilter);
if (!$validator->validate()) {
$store_out[$k] = $use_textile;
}
}
$rs = textile_main_fields($store_out);
if (!empty($rs['exp_year'])) {
if (empty($rs['exp_month'])) {
$rs['exp_month'] = 1;
}
if (empty($rs['exp_day'])) {
$rs['exp_day'] = 1;
}
if (empty($rs['exp_hour'])) {
$rs['exp_hour'] = 0;
}
if (empty($rs['exp_minute'])) {
$rs['exp_minute'] = 0;
}
if (empty($rs['exp_second'])) {
$rs['exp_second'] = 0;
}
$rs['sExpires'] = safe_strtotime($rs['exp_year'] . '-' . $rs['exp_month'] . '-' . $rs['exp_day'] . ' ' . $rs['exp_hour'] . ':' . $rs['exp_minute'] . ':' . $rs['exp_second']);
}
if (!empty($rs['year'])) {
$rs['sPosted'] = safe_strtotime($rs['year'] . '-' . $rs['month'] . '-' . $rs['day'] . ' ' . $rs['hour'] . ':' . $rs['minute'] . ':' . $rs['second']);
}
}
$validator = new Validator(new SectionConstraint($rs['Section']));
if (!$validator->validate()) {
$rs['Section'] = getDefaultSection();
}
extract($rs);
$GLOBALS['step'] = $step;
if ($step != 'create' && isset($sPosted)) {
// Previous record?
$rs['prev_id'] = checkIfNeighbour('prev', $sPosted);
// Next record?
$rs['next_id'] = checkIfNeighbour('next', $sPosted);
} else {
$rs['prev_id'] = $rs['next_id'] = 0;
}
// Let plugins chime in on partials meta data.
callback_event_ref('article_ui', 'partials_meta', 0, $rs, $partials);
$rs['partials_meta'] =& $partials;
// Get content for volatile partials.
foreach ($partials as $k => $p) {
if ($p['mode'] == PARTIAL_VOLATILE || $p['mode'] == PARTIAL_VOLATILE_VALUE) {
$cb = $p['cb'];
$partials[$k]['html'] = is_array($cb) ? call_user_func($cb, $rs, $k) : $cb($rs, $k);
}
}
if ($refresh_partials) {
$response[] = announce($message);
$response[] = '$("#article_form [type=submit]").val(textpattern.gTxt("save"))';
if ($Status < STATUS_LIVE) {
$response[] = '$("#article_form").addClass("saved").removeClass("published")';
} else {
$response[] = '$("#article_form").addClass("published").removeClass("saved")';
}
// Update the volatile partials.
foreach ($partials as $k => $p) {
// Volatile partials need a target DOM selector.
if (empty($p['selector']) && $p['mode'] != PARTIAL_STATIC) {
trigger_error("Empty selector for partial '{$k}'", E_USER_ERROR);
} else {
// Build response script.
if ($p['mode'] == PARTIAL_VOLATILE) {
// Volatile partials replace *all* of the existing HTML
// fragment for their selector.
$response[] = '$("' . $p['selector'] . '").replaceWith("' . escape_js($p['html']) . '")';
} elseif ($p['mode'] == PARTIAL_VOLATILE_VALUE) {
// Volatile partial values replace the *value* of elements
// matching their selector.
$response[] = '$("' . $p['selector'] . '").val("' . escape_js($p['html']) . '")';
}
}
}
send_script_response(join(";\n", $response));
// Bail out.
return;
}
foreach ($partials as $k => $p) {
if ($p['mode'] == PARTIAL_STATIC) {
$cb = $p['cb'];
$partials[$k]['html'] = is_array($cb) ? call_user_func($cb, $rs, $k) : $cb($rs, $k);
}
}
$page_title = $ID ? $Title : gTxt('write');
pagetop($page_title, $message);
$class = array();
if ($Status >= STATUS_LIVE) {
$class[] = 'published';
} elseif ($ID) {
$class[] = 'saved';
}
if ($step !== 'create') {
$class[] = 'async';
}
echo n . tag_start('form', array('class' => $class, 'id' => 'article_form', 'name' => 'article_form', 'method' => 'post', 'action' => 'index.php'));
if (!empty($store_out)) {
echo hInput('store', base64_encode(serialize($store_out)));
}
echo hInput('ID', $ID) . eInput('article') . sInput($step) . hInput('sPosted', $sPosted) . hInput('sLastMod', $sLastMod) . hInput('AuthorID', $AuthorID) . hInput('LastModID', $LastModID) . n . '<input type="hidden" name="view" />';
echo n . '<div class="txp-layout-4col-cell-1-2-3">' . hed(gTxt('tab_write'), 1, array('class' => 'txp-heading'));
echo n . '<div role="region" id="main_content">';
// View mode tabs.
echo $partials['view_modes']['html'];
// Title input.
if ($view == 'preview') {
echo n . '<div class="preview">' . graf(gTxt('title'), array('class' => 'alert-block information')) . hed($Title, 1, ' class="title"');
} elseif ($view == 'html') {
echo n . '<div class="html">' . graf(gTxt('title'), array('class' => 'alert-block information')) . hed($Title, 1, ' class="title"');
} elseif ($view == 'text') {
echo n . '<div class="text">' . $partials['title']['html'];
}
// Body.
if ($view == 'preview') {
echo n . '<div class="body">' . n . graf(gTxt('body'), array('class' => 'alert-block information')) . $Body_html . '</div>';
} elseif ($view == 'html') {
echo graf(gTxt('body'), array('class' => 'alert-block information')) . n . tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), txpspecialchars($Body_html)), 'pre', ' class="body"');
} else {
echo $partials['body']['html'];
}
// Excerpt.
if ($articles_use_excerpts) {
if ($view == 'preview') {
echo n . '<div class="excerpt">' . graf(gTxt('excerpt'), array('class' => 'alert-block information')) . $Excerpt_html . '</div>';
} elseif ($view == 'html') {
echo graf(gTxt('excerpt'), array('class' => 'alert-block information')) . n . tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), txpspecialchars($Excerpt_html)), 'pre', array('class' => 'excerpt'));
} else {
echo $partials['excerpt']['html'];
}
}
echo hInput('from_view', $view), n . '</div>';
// Author.
if ($view == "text" && $step != "create") {
echo $partials['author']['html'];
}
echo n . '</div>' . n . '</div>';
// End of .txp-layout-4col-cell-1-2-3.
// Sidebar column (only shown if in text editing view).
if ($view == 'text') {
echo n . '<div class="txp-layout-4col-cell-4alt">';
// 'Publish/Save' button.
if ($step == 'create' and empty($GLOBALS['ID'])) {
if (has_privs('article.publish')) {
$push_button = fInput('submit', 'publish', gTxt('publish'), 'publish');
} else {
$push_button = fInput('submit', 'publish', gTxt('save'), 'publish');
}
echo graf($push_button, array('class' => 'txp-save'));
} elseif ($Status >= STATUS_LIVE && has_privs('article.edit.published') || $Status >= STATUS_LIVE && $AuthorID === $txp_user && has_privs('article.edit.own.published') || $Status < STATUS_LIVE && has_privs('article.edit') || $Status < STATUS_LIVE && $AuthorID === $txp_user && has_privs('article.edit.own')) {
echo graf(fInput('submit', 'save', gTxt('save'), 'publish'), array('class' => 'txp-save'));
}
// View/Duplicate/Create new article links.
$an_cb = href('<span class="ui-icon ui-extra-icon-new-document"></span> ' . gTxt('create_new'), 'index.php?event=article', array('class' => 'txp-new'));
$ac_cb = $rs['partials_meta']['article_clone']['cb'];
$av_cb = $rs['partials_meta']['article_view']['cb'];
echo $step != 'create' ? graf($an_cb . $ac_cb($rs) . $av_cb($rs), array('class' => 'txp-actions')) : '';
// Prev/next article links.
if ($step != 'create' and ($rs['prev_id'] or $rs['next_id'])) {
echo $partials['article_nav']['html'];
}
echo n . '<div role="region" id="supporting_content">';
// 'Sort and display' section.
echo pluggable_ui('article_ui', 'sort_display', wrapRegion('txp-write-sort-group', $partials['status']['html'] . $partials['section']['html'] . $partials['categories']['html'], '', gTxt('sort_display')), $rs);
// 'Date and time' collapsible section.
if ($step == "create" and empty($GLOBALS['ID'])) {
// Timestamp.
// Avoiding modified date to disappear.
if (!empty($store_out['year'])) {
$persist_timestamp = safe_strtotime($store_out['year'] . '-' . $store_out['month'] . '-' . $store_out['day'] . ' ' . $store_out['hour'] . ':' . $store_out['minute'] . ':' . $store_out['second']);
} else {
$persist_timestamp = time();
}
$posted_block = pluggable_ui('article_ui', 'timestamp', inputLabel('year', tsi('year', '%Y', $persist_timestamp, '', 'year') . ' <span role="separator">/</span> ' . tsi('month', '%m', $persist_timestamp, '', 'month') . ' <span role="separator">/</span> ' . tsi('day', '%d', $persist_timestamp, '', 'day'), 'publish_date', array('timestamp', 'instructions_publish_date'), array('class' => 'txp-form-field date posted')) . inputLabel('hour', tsi('hour', '%H', $persist_timestamp, '', 'hour') . ' <span role="separator">:</span> ' . tsi('minute', '%M', $persist_timestamp, '', 'minute') . ' <span role="separator">:</span> ' . tsi('second', '%S', $persist_timestamp, '', 'second'), 'publish_time', array('', 'instructions_publish_time'), array('class' => 'txp-form-field time posted')) . n . tag(checkbox('publish_now', '1', $publish_now, '', 'publish_now') . n . tag(gTxt('set_to_now'), 'label', array('for' => 'publish_now')), 'div', array('class' => 'posted-now')), array('sPosted' => $persist_timestamp) + $rs);
// Expires.
if (!empty($store_out['exp_year'])) {
$persist_timestamp = safe_strtotime($store_out['exp_year'] . '-' . $store_out['exp_month'] . '-' . $store_out['exp_day'] . ' ' . $store_out['exp_hour'] . ':' . $store_out['exp_minute'] . ':' . $store_out['second']);
} else {
$persist_timestamp = 0;
}
$expires_block = pluggable_ui('article_ui', 'expires', inputLabel('exp_year', tsi('exp_year', '%Y', $persist_timestamp, '', 'exp_year') . ' <span role="separator">/</span> ' . tsi('exp_month', '%m', $persist_timestamp, '', 'exp_month') . ' <span role="separator">/</span> ' . tsi('exp_day', '%d', $persist_timestamp, '', 'exp_day'), 'expire_date', array('expires', 'instructions_expire_date'), array('class' => 'txp-form-field date expires')) . inputLabel('exp_hour', tsi('exp_hour', '%H', $persist_timestamp, '', 'exp_hour') . ' <span role="separator">:</span> ' . tsi('exp_minute', '%M', $persist_timestamp, '', 'exp_minute') . ' <span role="separator">:</span> ' . tsi('exp_second', '%S', $persist_timestamp, '', 'exp_second'), 'expire_time', array('', 'instructions_expire_time'), array('class' => 'txp-form-field time expires')), $rs);
} else {
// Timestamp.
$posted_block = $partials['posted']['html'];
// Expires.
$expires_block = $partials['expires']['html'];
}
echo wrapRegion('txp-dates-group', $posted_block . $expires_block, 'txp-dates-group-content', 'date_settings', 'article_dates');
// 'Meta' collapsible section.
// 'URL-only title' field.
$html_url_title = $partials['url_title']['html'];
// 'Description' field.
$html_description = $partials['description']['html'];
// 'Keywords' field.
$html_keywords = $partials['keywords']['html'];
echo wrapRegion('txp-meta-group', $html_url_title . $html_description . $html_keywords, 'txp-meta-group-content', 'meta', 'article_meta');
// 'Comment options' collapsible section.
echo wrapRegion('txp-comments-group', $partials['comments']['html'], 'txp-comments-group-content', 'comment_settings', 'article_comments', $use_comments == 1 ? '' : 'empty');
// 'Article image' collapsible section.
echo $partials['image']['html'];
// 'Custom fields' collapsible section.
echo $partials['custom_fields']['html'];
// 'Advanced options' collapsible section.
// 'Article markup'/'Excerpt markup' selection.
if (has_privs('article.set_markup')) {
$html_markup = inputLabel('markup-body', pref_text('textile_body', $textile_body, 'markup-body'), 'article_markup', array('', 'instructions_textile_body'), array('class' => 'txp-form-field markup markup-body')) . inputLabel('markup-excerpt', pref_text('textile_excerpt', $textile_excerpt, 'markup-excerpt'), 'excerpt_markup', array('', 'instructions_textile_excerpt'), array('class' => 'txp-form-field markup markup-excerpt'));
} else {
$html_markup = '';
}
$html_markup = pluggable_ui('article_ui', 'markup', $html_markup, $rs);
// 'Override form' selection.
$form_pop = $allow_form_override ? form_pop($override_form, 'override-form') : '';
$html_override = $form_pop ? pluggable_ui('article_ui', 'override', inputLabel('override-form', $form_pop, 'override_default_form', array('override_form', 'instructions_override_form'), array('class' => 'txp-form-field override-form')), $rs) : '';
echo wrapRegion('txp-advanced-group', $html_markup . $html_override, 'txp-advanced-group-content', 'advanced_options', 'article_advanced');
// Custom menu entries.
echo pluggable_ui('article_ui', 'extend_col_1', '', $rs);
// 'Text formatting help' collapsible section.
echo $partials['sidehelp']['html'];
// 'Recent articles' collapsible section.
echo wrapRegion('txp-recent-group', $partials['recent_articles']['html'], 'txp-recent-group-content', 'recent_articles', 'article_recent');
echo n . '</div>';
// End of #supporting_content.
echo n . '</div>';
// End of .txp-layout-4col-cell-4alt.
}
echo tInput() . n . '</form>';
}
/**
* The main panel listing all authors.
*
* @param string|array $message The activity message
*/
function author_list($message = '')
{
global $event, $txp_user, $author_list_pageby, $levels;
pagetop(gTxt('tab_site_admin'), $message);
if (is_disabled('mail')) {
echo graf(span(null, array('class' => 'ui-icon ui-icon-alert')) . ' ' . gTxt('warn_mail_unavailable'), array('class' => 'alert-block warning'));
}
$buttons = array();
// Change password button.
$buttons[] = sLink('admin', 'new_pass_form', gTxt('change_password'), 'txp-button');
if (!has_privs('admin.edit')) {
// Change email address button.
$buttons[] = sLink('admin', 'change_email_form', gTxt('change_email_address'), 'txp-button');
} else {
// New author button.
$buttons[] = sLink('admin', 'author_edit', gTxt('add_new_author'), 'txp-button');
}
// User list.
if (has_privs('admin.list')) {
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('admin_sort_column', 'name');
} else {
if (!in_array($sort, array('name', 'RealName', 'email', 'privs', 'last_login'))) {
$sort = 'name';
}
set_pref('admin_sort_column', $sort, 'admin', 2, '', 0, PREF_PRIVATE);
}
if ($dir === '') {
$dir = get_pref('admin_sort_dir', 'asc');
} else {
$dir = $dir == 'desc' ? "desc" : "asc";
set_pref('admin_sort_dir', $dir, 'admin', 2, '', 0, PREF_PRIVATE);
}
$sort_sql = $sort . ' ' . $dir;
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$search = new Filter($event, array('login' => array('column' => 'txp_users.name', 'label' => gTxt('login_name')), 'RealName' => array('column' => 'txp_users.RealName', 'label' => gTxt('real_name')), 'email' => array('column' => 'txp_users.email', 'label' => gTxt('email')), 'privs' => array('column' => array('txp_users.privs'), 'label' => gTxt('privileges'), 'type' => 'boolean')));
$search->setAliases('privs', $levels);
list($criteria, $crit, $search_method) = $search->getFilter();
$search_render_options = array('placeholder' => 'search_users');
$total = getCount('txp_users', $criteria);
echo n . tag(hed(gTxt('tab_site_admin'), 1, array('class' => 'txp-heading')), 'div', array('class' => 'txp-layout-2col-cell-1'));
$searchBlock = n . tag($search->renderForm('author_list', $search_render_options), 'div', array('class' => 'txp-layout-2col-cell-2', 'id' => 'users_control'));
$createBlock = array();
$createBlock[] = n . tag(implode(n, $buttons), 'div', array('class' => 'txp-control-panel'));
$contentBlockStart = n . tag_start('div', array('class' => 'txp-layout-1col', 'id' => 'users_container'));
$createBlock = implode(n, $createBlock);
if ($total < 1) {
if ($criteria != 1) {
echo $searchBlock . $contentBlockStart . $createBlock . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_results_found'), array('class' => 'alert-block information')) . n . tag_end('div');
}
return;
}
$limit = max($author_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
$use_multi_edit = has_privs('admin.edit') && ($total > 1 or safe_count('txp_users', "1 = 1") > 1);
echo $searchBlock . $contentBlockStart . $createBlock;
$rs = safe_rows_start("*, UNIX_TIMESTAMP(last_access) AS last_login", 'txp_users', "{$criteria} ORDER BY {$sort_sql} LIMIT {$offset}, {$limit}");
if ($rs) {
echo n . tag_start('form', array('class' => 'multi_edit_form', 'id' => 'users_form', 'name' => 'longform', 'method' => 'post', 'action' => 'index.php')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(($use_multi_edit ? hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' class="txp-list-col-multi-edit" scope="col" title="' . gTxt('toggle_all_selected') . '"') : hCell('', '', ' class="txp-list-col-multi-edit" scope="col"')) . column_head('login_name', 'name', 'admin', true, $switch_dir, '', '', ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-login-name name') . column_head('real_name', 'RealName', 'admin', true, $switch_dir, '', '', ('RealName' == $sort ? "{$dir} " : '') . 'txp-list-col-real-name name') . column_head('email', 'email', 'admin', true, $switch_dir, '', '', ('email' == $sort ? "{$dir} " : '') . 'txp-list-col-email') . column_head('privileges', 'privs', 'admin', true, $switch_dir, '', '', ('privs' == $sort ? "{$dir} " : '') . 'txp-list-col-privs') . column_head('last_login', 'last_login', 'admin', true, $switch_dir, '', '', ('last_login' == $sort ? "{$dir} " : '') . 'txp-list-col-last-login date')) . n . tag_end('thead') . n . tag_start('tbody');
while ($a = nextRow($rs)) {
extract(doSpecial($a));
echo tr(td((has_privs('admin.edit') and $txp_user != $a['name']) ? fInput('checkbox', 'selected[]', $a['name'], 'checkbox') : '', '', 'txp-list-col-multi-edit') . hCell(has_privs('admin.edit') ? eLink('admin', 'author_edit', 'user_id', $user_id, $name) : $name, '', ' class="txp-list-col-login-name name" scope="row"') . td($RealName, '', 'txp-list-col-real-name name') . td(href($email, 'mailto:' . $email), '', 'txp-list-col-email') . td(get_priv_level($privs), '', 'txp-list-col-privs') . td($last_login ? safe_strftime('%b %Y', $last_login) : '', '', 'txp-list-col-last-login date'));
}
echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . ($use_multi_edit ? author_multiedit_form($page, $sort, $dir, $crit, $search_method) : '') . tInput() . n . tag_end('form') . n . tag_start('div', array('class' => 'txp-navigation', 'id' => 'users_navigation')) . pageby_form('admin', $author_list_pageby) . nav_form('admin', $page, $numPages, $sort, $dir, $crit, $search_method) . n . tag_end('div');
}
echo n . tag_end('div');
} else {
echo n . tag_start('div', array('class' => 'txp-layout-1col', 'id' => 'users_container')) . n . tag(implode(n, $buttons), 'div', array('class' => 'txp-control-panel')) . n . tag_end('div');
}
}
/**
* The main panel listing all sections.
*
* So-named to avoid clashing with the <txp:section_list /> tag.
*
* @param string|array $message The activity message
*/
function sec_section_list($message = '')
{
global $event, $section_list_pageby;
pagetop(gTxt('tab_sections'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('section_sort_column', 'name');
} else {
if (!in_array($sort, array('title', 'page', 'css', 'in_rss', 'on_frontpage', 'searchable', 'article_count'))) {
$sort = 'name';
}
set_pref('section_sort_column', $sort, 'section', 2, '', 0, PREF_PRIVATE);
}
if ($dir === '') {
$dir = get_pref('section_sort_dir', 'desc');
} else {
$dir = $dir == 'asc' ? "asc" : "desc";
set_pref('section_sort_dir', $dir, 'section', 2, '', 0, PREF_PRIVATE);
}
switch ($sort) {
case 'title':
$sort_sql = "title {$dir}";
break;
case 'page':
$sort_sql = "page {$dir}";
break;
case 'css':
$sort_sql = "css {$dir}";
break;
case 'in_rss':
$sort_sql = "in_rss {$dir}";
break;
case 'on_frontpage':
$sort_sql = "on_frontpage {$dir}";
break;
case 'searchable':
$sort_sql = "searchable {$dir}";
break;
case 'article_count':
$sort_sql = "article_count {$dir}";
break;
default:
$sort_sql = "name {$dir}";
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$search = new Filter($event, array('name' => array('column' => 'txp_section.name', 'label' => gTxt('name')), 'title' => array('column' => 'txp_section.title', 'label' => gTxt('title')), 'page' => array('column' => 'txp_section.page', 'label' => gTxt('page')), 'css' => array('column' => 'txp_section.css', 'label' => gTxt('css')), 'on_frontpage' => array('column' => 'txp_section.on_frontpage', 'label' => gTxt('on_front_page'), 'type' => 'boolean'), 'in_rss' => array('column' => 'txp_section.in_rss', 'label' => gTxt('syndicate'), 'type' => 'boolean'), 'searchable' => array('column' => 'txp_section.searchable', 'label' => gTxt('include_in_search'), 'type' => 'boolean')));
$alias_yes = '1, Yes';
$alias_no = '0, No';
$search->setAliases('on_frontpage', array($alias_no, $alias_yes));
$search->setAliases('in_rss', array($alias_no, $alias_yes));
$search->setAliases('searchable', array($alias_no, $alias_yes));
list($criteria, $crit, $search_method) = $search->getFilter();
$search_render_options = array('placeholder' => 'search_sections');
$total = safe_count('txp_section', $criteria);
echo n . tag(hed(gTxt('tab_sections'), 1, array('class' => 'txp-heading')), 'div', array('class' => 'txp-layout-2col-cell-1'));
$searchBlock = n . tag($search->renderForm('sec_section', $search_render_options), 'div', array('class' => 'txp-layout-2col-cell-2', 'id' => $event . '_control'));
$createBlock = array();
if (has_privs('section.edit')) {
$createBlock[] = n . tag(sLink('section', 'section_edit', gTxt('create_section'), 'txp-button') . n . tag_start('form', array('class' => 'async', 'id' => 'default_section_form', 'name' => 'default_section_form', 'method' => 'post', 'action' => 'index.php')) . tag(gTxt('default_write_section'), 'label', array('for' => 'default_section')) . popHelp('section_default') . section_select_list() . eInput('section') . sInput('section_set_default') . n . tag_end('form'), 'div', array('class' => 'txp-control-panel'));
}
$contentBlockStart = n . tag_start('div', array('class' => 'txp-layout-1col', 'id' => $event . '_container'));
$createBlock = implode(n, $createBlock);
if ($total < 1) {
if ($criteria != 1) {
echo $searchBlock . $contentBlockStart . $createBlock . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_results_found'), array('class' => 'alert-block information')) . n . tag_end('div');
}
return;
}
$limit = max($section_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo $searchBlock . $contentBlockStart . $createBlock;
$rs = safe_rows_start("*, (SELECT COUNT(*) FROM " . safe_pfx_j('textpattern') . " WHERE textpattern.Section = txp_section.name) AS article_count", 'txp_section', "{$criteria} ORDER BY {$sort_sql} LIMIT {$offset}, {$limit}");
if ($rs) {
echo n . tag(toggle_box('section_detail'), 'div', array('class' => 'txp-list-options')) . n . tag_start('form', array('class' => 'multi_edit_form', 'id' => 'section_form', 'name' => 'longform', 'method' => 'post', 'action' => 'index.php')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' class="txp-list-col-multi-edit" scope="col" title="' . gTxt('toggle_all_selected') . '"') . column_head('name', 'name', 'section', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-name') . column_head('title', 'title', 'section', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'txp-list-col-title') . column_head('page', 'page', 'section', true, $switch_dir, $crit, $search_method, ('page' == $sort ? "{$dir} " : '') . 'txp-list-col-page') . column_head('css', 'css', 'section', true, $switch_dir, $crit, $search_method, ('css' == $sort ? "{$dir} " : '') . 'txp-list-col-style') . column_head('on_front_page', 'on_frontpage', 'section', true, $switch_dir, $crit, $search_method, ('on_frontpage' == $sort ? "{$dir} " : '') . 'txp-list-col-frontpage section_detail') . column_head('syndicate', 'in_rss', 'section', true, $switch_dir, $crit, $search_method, ('in_rss' == $sort ? "{$dir} " : '') . 'txp-list-col-syndicate section_detail') . column_head('include_in_search', 'searchable', 'section', true, $switch_dir, $crit, $search_method, ('searchable' == $sort ? "{$dir} " : '') . 'txp-list-col-searchable section_detail') . column_head('articles', 'article_count', 'section', true, $switch_dir, $crit, $search_method, ('article_count' == $sort ? "{$dir} " : '') . 'txp-list-col-article_count section_detail')) . n . tag_end('thead') . n . tag_start('tbody');
while ($a = nextRow($rs)) {
extract($a, EXTR_PREFIX_ALL, 'sec');
$edit_url = array('event' => 'section', 'step' => 'section_edit', 'name' => $sec_name, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit);
if ($sec_name == 'default') {
$articles = $sec_searchable = $sec_in_rss = $sec_on_frontpage = '-';
} else {
$sec_on_frontpage = asyncHref(yes_no($sec_on_frontpage), array('step' => 'section_toggle_option', 'thing' => $sec_name, 'property' => 'on_frontpage'));
$sec_in_rss = asyncHref(yes_no($sec_in_rss), array('step' => 'section_toggle_option', 'thing' => $sec_name, 'property' => 'in_rss'));
$sec_searchable = asyncHref(yes_no($sec_searchable), array('step' => 'section_toggle_option', 'thing' => $sec_name, 'property' => 'searchable'));
if ($sec_article_count > 0) {
$articles = href($sec_article_count, array('event' => 'list', 'search_method' => 'section', 'crit' => '"' . $sec_name . '"'), array('title' => gTxt('article_count', array('{num}' => $sec_article_count))));
} else {
$articles = 0;
}
}
$sec_page = href(txpspecialchars($sec_page), array('event' => 'page', 'name' => $sec_page), array('title' => gTxt('edit')));
$sec_css = href(txpspecialchars($sec_css), array('event' => 'css', 'name' => $sec_css), array('title' => gTxt('edit')));
echo tr(td(fInput('checkbox', 'selected[]', $sec_name), '', 'txp-list-col-multi-edit') . hCell(href(txpspecialchars($sec_name), $edit_url, array('title' => gTxt('edit'))) . span(sp . span('|', array('role' => 'separator')) . sp . href(gTxt('view'), pagelinkurl(array('s' => $sec_name))), array('class' => 'txp-option-link section_detail')), '', array('class' => 'txp-list-col-name', 'scope' => 'row')) . td(txpspecialchars($sec_title), '', 'txp-list-col-title') . td($sec_page, '', 'txp-list-col-page') . td($sec_css, '', 'txp-list-col-style') . td($sec_on_frontpage, '', 'txp-list-col-frontpage section_detail') . td($sec_in_rss, '', 'txp-list-col-syndicate section_detail') . td($sec_searchable, '', 'txp-list-col-searchable section_detail') . td($articles, '', 'txp-list-col-article_count section_detail'), array('id' => 'txp_section_' . $sec_name));
}
echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . section_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . n . tag_start('div', array('class' => 'txp-navigation', 'id' => $event . '_navigation')) . pageby_form('section', $section_list_pageby) . nav_form('section', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div');
}
echo n . tag_end('div');
}
function file_list($message = '')
{
global $file_base_path, $file_statuses, $file_list_pageby, $txp_user, $event;
pagetop(gTxt('tab_file'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('file_sort_column', 'filename');
}
if ($dir === '') {
$dir = get_pref('file_sort_dir', 'asc');
}
if ($dir === 'desc') {
$dir = 'desc';
} else {
$dir = 'asc';
}
echo hed(gTxt('tab_file'), 1, array('class' => 'txp-heading')) . n . tag_start('div', array('id' => $event . '_control', 'class' => 'txp-control-panel'));
if (!is_dir($file_base_path) || !is_writeable($file_base_path)) {
echo graf(span(null, array('class' => 'ui-icon ui-icon-alert')) . ' ' . gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), array('class' => 'alert-block warning'));
} elseif (has_privs('file.edit.own')) {
$existing_files = get_filenames();
if ($existing_files) {
echo form(eInput('file') . sInput('file_create') . graf(tag(gTxt('existing_file'), 'label', array('for' => 'file-existing')) . sp . selectInput('filename', $existing_files, '', 1, '', 'file-existing') . sp . fInput('submit', '', gTxt('Create')), array('class' => 'existing-file')), '', '', 'post', '', '', 'assign_file');
}
echo file_upload_form(gTxt('upload_file'), 'upload', 'file_insert');
}
switch ($sort) {
case 'id':
$sort_sql = 'txp_file.id ' . $dir;
break;
case 'description':
$sort_sql = 'txp_file.description ' . $dir . ', txp_file.filename desc';
break;
case 'category':
$sort_sql = 'txp_category.title ' . $dir . ', txp_file.filename desc';
break;
case 'title':
$sort_sql = 'txp_file.title ' . $dir . ', txp_file.filename desc';
break;
case 'downloads':
$sort_sql = 'txp_file.downloads ' . $dir . ', txp_file.filename desc';
break;
case 'author':
$sort_sql = 'txp_users.RealName ' . $dir . ', txp_file.id asc';
break;
default:
$sort = 'filename';
$sort_sql = 'txp_file.filename ' . $dir;
break;
}
set_pref('file_sort_column', $sort, 'file', PREF_HIDDEN, '', 0, PREF_PRIVATE);
set_pref('file_sort_dir', $dir, 'file', PREF_HIDDEN, '', 0, PREF_PRIVATE);
if ($dir == 'desc') {
$switch_dir = 'asc';
} else {
$switch_dir = 'desc';
}
$criteria = 1;
if ($search_method && $crit !== '') {
$verbatim = preg_match('/^"(.*)"$/', $crit, $m);
$crit_escaped = $verbatim ? doSlash($m[1]) : doLike($crit);
$critsql = $verbatim ? array('id' => "txp_file.id in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "txp_file.filename = '{$crit_escaped}'", 'title' => "txp_file.title = '{$crit_escaped}'", 'description' => "txp_file.description = '{$crit_escaped}'", 'category' => "txp_file.category = '{$crit_escaped}' or txp_category.title = '{$crit_escaped}'", 'author' => "txp_file.author = '{$crit_escaped}' or txp_users.RealName = '{$crit_escaped}'") : array('id' => "txp_file.id in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "txp_file.filename like '%{$crit_escaped}%'", 'title' => "txp_file.title like '%{$crit_escaped}%'", 'description' => "txp_file.description like '%{$crit_escaped}%'", 'category' => "txp_file.category like '%{$crit_escaped}%' or txp_category.title like '%{$crit_escaped}%'", 'author' => "txp_file.author like '%{$crit_escaped}%' or txp_users.RealName like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$criteria .= callback_event('admin_criteria', 'file_list', 0, $criteria);
$sql_from = safe_pfx_j('txp_file') . "\n left join " . safe_pfx_j('txp_category') . " on txp_category.name = txp_file.category and txp_category.type = 'file'\n left join " . safe_pfx_j('txp_users') . " on txp_users.name = txp_file.author";
if ($criteria === 1) {
$total = safe_count('txp_file', $criteria);
} else {
$total = getThing('select count(*) from ' . $sql_from . ' where ' . $criteria);
}
if ($total < 1) {
if ($criteria != 1) {
echo file_search_form($crit, $search_method) . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo graf(gTxt('no_files_recorded'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($file_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo file_search_form($crit, $search_method) . '</div>';
$rs = safe_query("select\n txp_file.id,\n txp_file.filename,\n txp_file.title,\n txp_file.category,\n txp_file.description,\n txp_file.downloads,\n txp_file.status,\n txp_file.author,\n txp_users.RealName as realname,\n txp_category.Title as category_title\n from {$sql_from} where {$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs && numRows($rs)) {
$show_authors = !has_single_author('txp_file');
echo n . tag_start('div', array('id' => $event . '_container', 'class' => 'txp-container')) . n . tag_start('form', array('action' => 'index.php', 'id' => 'files_form', 'class' => 'multi_edit_form', 'method' => 'post', 'name' => 'longform')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' scope="col" title="' . gTxt('toggle_all_selected') . '" class="txp-list-col-multi-edit"') . column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'txp-list-col-id') . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method, ('filename' == $sort ? "{$dir} " : '') . 'txp-list-col-filename') . column_head('title', 'title', 'file', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'txp-list-col-title') . column_head('description', 'description', 'file', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'txp-list-col-description files_detail') . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'txp-list-col-category category') . hCell(gTxt('tags'), '', ' scope="col" class="txp-list-col-tag-build files_detail"') . hCell(gTxt('status'), '', ' scope="col" class="txp-list-col-status"') . hCell(gTxt('condition'), '', ' scope="col" class="txp-list-col-condition"') . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method, ('downloads' == $sort ? "{$dir} " : '') . 'txp-list-col-downloads') . ($show_authors ? column_head('author', 'author', 'file', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'txp-list-col-author name') : '')) . n . tag_end('thead') . n . tag_start('tbody');
$validator = new Validator();
while ($a = nextRow($rs)) {
extract($a);
$filename = sanitizeForFile($filename);
$edit_url = array('event' => 'file', 'step' => 'file_edit', 'id' => $id, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit);
$tag_url = array('event' => 'tag', 'tag_name' => 'file_download_link', 'id' => $id, 'description' => $description, 'filename' => $filename);
$file_exists = file_exists(build_file_path($file_base_path, $filename));
$can_edit = has_privs('file.edit') || $author === $txp_user && has_privs('file.edit.own');
$validator->setConstraints(array(new CategoryConstraint($category, array('type' => 'file'))));
if ($validator->validate()) {
$vc = '';
} else {
$vc = ' error';
}
if ($file_exists) {
$downloads = make_download_link($id, $downloads, $filename);
$condition = span(gTxt('file_status_ok'), array('class' => 'success'));
} else {
$condition = span(gTxt('file_status_missing'), array('class' => 'error'));
}
if ($category) {
$category = span(txpspecialchars($category_title), array('title' => $category));
}
if ($can_edit) {
$name = href(txpspecialchars($filename), $edit_url, array('title' => gTxt('edit')));
} else {
$name = txpspecialchars($filename);
}
if ($can_edit) {
$id_column = href($id, $edit_url, array('title' => gTxt('edit')));
$multi_edit = fInput('checkbox', 'selected[]', $id);
} else {
$id_column = $id;
$multi_edit = '';
}
if ($file_exists) {
$id_column .= sp . span('[', array('aria-hidden' => 'true')) . make_download_link($id, gTxt('download'), $filename) . span(']', array('aria-hidden' => 'true'));
}
if (isset($file_statuses[$status])) {
$status = $file_statuses[$status];
} else {
$status = span(gTxt('none'), array('class' => 'error'));
}
echo tr(td($multi_edit, '', 'txp-list-col-multi-edit') . hCell($id_column, '', array('scope' => 'row', 'class' => 'txp-list-col-id')) . td($name, '', 'txp-list-col-filename') . td(txpspecialchars($title), '', 'txp-list-col-title') . td(txpspecialchars($description), '', 'txp-list-col-description files_detail') . td($category, '', 'txp-list-col-category category' . $vc) . td(href('Textile', $tag_url + array('type' => 'textile'), ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('|', array('role' => 'separator')) . sp . href('Textpattern', $tag_url + array('type' => 'textpattern'), ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('|', array('role' => 'separator')) . sp . href('HTML', $tag_url + array('type' => 'html'), ' target="_blank" onclick="popWin(this.href); return false;"'), '', 'txp-list-col-tag-build files_detail') . td($status, '', 'txp-list-col-status') . td($condition, '', 'txp-list-col-condition') . td($downloads, '', 'txp-list-col-downloads') . ($show_authors ? td(span(txpspecialchars($realname), array('title' => $author)), '', 'txp-list-col-author name') : ''));
}
echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . file_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . graf(toggle_box('files_detail'), array('class' => 'detail-toggle')) . n . tag_start('div', array('id' => $event . '_navigation', 'class' => 'txp-navigation')) . pageby_form('file', $file_list_pageby) . nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div') . n . tag_end('div');
}
}
/**
* Renders the list of preferences.
*
* Plugins may add their own prefs, for example by using plugin lifecycle events
* or raising a (pre) callback on event=admin / step=prefs_list so they are
* installed or updated when accessing the Preferences panel. Access to the
* prefs can be controlled by using add_privs() on 'prefs.your-prefs-event-name'.
*
* @param string $message The feedback / error string to display
*/
function prefs_list($message = '')
{
global $prefs, $txp_user;
extract($prefs);
pagetop(gTxt('tab_preferences'), $message);
$locale = setlocale(LC_ALL, $locale);
echo n . '<form class="prefs-form" id="prefs_form" method="post" action="index.php">';
// TODO: remove 'custom' when custom fields are refactored.
$core_events = array('site', 'admin', 'publish', 'feeds', 'comments', 'custom');
$joined_core = join(',', quote_list($core_events));
$sql = array();
$sql[] = 'prefs_id = 1 and event != "" and type in(' . PREF_CORE . ', ' . PREF_PLUGIN . ')';
$sql[] = "(user_name = '' OR (user_name = '" . doSlash($txp_user) . "' AND name NOT IN (\n SELECT name FROM " . safe_pfx('txp_prefs') . " WHERE user_name = ''\n )))";
if (!get_pref('use_comments', 1, 1)) {
$sql[] = "event != 'comments'";
}
$rs = safe_rows_start("*, FIELD(event, {$joined_core}) AS sort_value", 'txp_prefs', join(" AND ", $sql) . " ORDER BY sort_value = 0, sort_value, event, position");
$last_event = null;
$out = array();
$build = array();
$groupOut = array();
if (numRows($rs)) {
while ($a = nextRow($rs)) {
if (!has_privs('prefs.' . $a['event'])) {
continue;
}
if ($a['event'] !== $last_event) {
if ($last_event !== null) {
$build[] = tag(hed(gTxt($last_event), 2, array('id' => 'prefs_group_' . $last_event . '-label')) . join(n, $out), 'section', array('class' => 'txp-prefs-group', 'id' => 'prefs_group_' . $last_event, 'aria-labelledby' => 'prefs_group_' . $last_event . '-label'));
$groupOut[] = n . tag(href(gTxt($last_event), '#prefs_group_' . $last_event, array('data-txp-pane' => $last_event, 'data-txp-token' => form_token())), 'li');
}
$last_event = $a['event'];
$out = array();
}
$label = '';
if (!in_array($a['html'], array('yesnoradio', 'is_dst'))) {
$label = $a['name'];
}
// TODO: remove exception when custom fields move to meta store.
$help = '';
if (strpos($a['name'], 'custom_') === false) {
$help = $a['name'];
}
if ($a['html'] == 'text_input') {
$size = INPUT_REGULAR;
} else {
$size = '';
}
$out[] = inputLabel($a['name'], pref_func($a['html'], $a['name'], $a['val'], $size), $label, $help, array('class' => 'txp-form-field', 'id' => 'prefs-' . $a['name']));
}
}
if ($last_event === null) {
echo graf(gTxt('no_preferences'));
} else {
$build[] = tag(hed(gTxt($last_event), 2, array('id' => 'prefs_group_' . $last_event . '-label')) . join(n, $out), 'section', array('class' => 'txp-prefs-group', 'id' => 'prefs_group_' . $last_event, 'aria-labelledby' => 'prefs_group_' . $last_event . '-label'));
$groupOut[] = n . tag(href(gTxt($last_event), '#prefs_group_' . $last_event, array('data-txp-pane' => $last_event, 'data-txp-token' => form_token())), 'li') . n;
echo hed(gTxt('tab_preferences'), 1, array('class' => 'txp-heading')) . n . '<div class="txp-layout-4col-cell-1alt">' . wrapGroup('all_preferences', n . tag(join($groupOut), 'ul', array('class' => 'switcher-list')), 'all_preferences');
if ($last_event !== null) {
echo graf(fInput('submit', 'Submit', gTxt('save'), 'publish'), array('class' => 'txp-save'));
}
echo n . '</div>' . n . '<div class="txp-layout-4col-cell-2-3-4">' . join(n, $build) . n . '</div>' . sInput('prefs_save') . eInput('prefs') . hInput('prefs_id', '1') . tInput();
}
echo n . '</form>';
}
function log_list($message = '')
{
global $event, $log_list_pageby, $expire_logs_after;
pagetop(gTxt('visitor_logs'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('log_sort_column', 'time');
}
if ($dir === '') {
$dir = get_pref('log_sort_dir', 'desc');
}
$dir = $dir == 'asc' ? 'asc' : 'desc';
$expire_logs_after = assert_int($expire_logs_after);
safe_delete('txp_log', "time < date_sub(now(), interval {$expire_logs_after} day)");
switch ($sort) {
case 'ip':
$sort_sql = 'ip ' . $dir;
break;
case 'host':
$sort_sql = 'host ' . $dir;
break;
case 'page':
$sort_sql = 'page ' . $dir;
break;
case 'refer':
$sort_sql = 'refer ' . $dir;
break;
case 'method':
$sort_sql = 'method ' . $dir;
break;
case 'status':
$sort_sql = 'status ' . $dir;
break;
default:
$sort = 'time';
$sort_sql = 'time ' . $dir;
break;
}
set_pref('log_sort_column', $sort, 'log', 2, '', 0, PREF_PRIVATE);
set_pref('log_sort_dir', $dir, 'log', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
$critsql = array('ip' => "ip like '%{$crit_escaped}%'", 'host' => "host like '%{$crit_escaped}%'", 'page' => "page like '%{$crit_escaped}%'", 'refer' => "refer like '%{$crit_escaped}%'", 'method' => "method like '%{$crit_escaped}%'", 'status' => "status like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = safe_count('txp_log', "{$criteria}");
echo '<div id="' . $event . '_control" class="txp-control-panel">';
if ($total < 1) {
if ($criteria != 1) {
echo n . log_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo graf(gTxt('no_refers_recorded'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($log_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo n . log_search_form($crit, $search_method) . '</div>';
$rs = safe_rows_start('*, unix_timestamp(time) as uTime', 'txp_log', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
echo n . '<div id="' . $event . '_container" class="txp-container txp-list">';
echo n . n . '<form action="index.php" id="log_form" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list', '', 'list', '', '90%') . n . '<thead>' . n . tr(n . column_head('time', 'time', 'log', true, $switch_dir, $crit, $search_method, ('time' == $sort ? "{$dir} " : '') . 'date time') . column_head('IP', 'ip', 'log', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'log_detail ip') . column_head('host', 'host', 'log', true, $switch_dir, $crit, $search_method, ('host' == $sort ? "{$dir} " : '') . 'host') . column_head('page', 'page', 'log', true, $switch_dir, $crit, $search_method, ('page' == $sort ? "{$dir} " : '') . 'page') . column_head('referrer', 'refer', 'log', true, $switch_dir, $crit, $search_method, ('refer' == $sort ? "{$dir} " : '') . 'refer') . column_head('method', 'method', 'log', true, $switch_dir, $crit, $search_method, ('method' == $sort ? "{$dir} " : '') . 'log_detail method') . column_head('status', 'status', 'log', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'log_detail status') . hCell('', '', ' class="multi-edit"')) . n . '</thead>';
$tfoot = n . '<tfoot>' . tr(tda(toggle_box('log_detail'), ' class="detail-toggle" colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . log_multiedit_form($page, $sort, $dir, $crit, $search_method), ' class="multi-edit" colspan="6" style="text-align: right; border: none;"')) . n . '</tfoot>';
echo $tfoot;
echo '<tbody>';
$ctr = 1;
while ($a = nextRow($rs)) {
extract($a, EXTR_PREFIX_ALL, 'log');
if ($log_refer) {
$log_refer = 'http://' . $log_refer;
$log_refer = '<a href="' . htmlspecialchars($log_refer) . '" target="_blank">' . htmlspecialchars(soft_wrap($log_refer, 30)) . '</a>';
}
if ($log_page) {
$log_anchor = preg_replace('/\\/$/', '', $log_page);
$log_anchor = soft_wrap(substr($log_anchor, 1), 30);
$log_page = '<a href="' . htmlspecialchars($log_page) . '" target="_blank">' . htmlspecialchars($log_anchor) . '</a>';
if ($log_method == 'POST') {
$log_page = '<strong>' . $log_page . '</strong>';
}
}
echo tr(n . td(gTime($log_uTime), 85, 'date time') . td(htmlspecialchars($log_ip), 20, 'log_detail ip') . td(htmlspecialchars(soft_wrap($log_host, 30)), '', 'host') . td($log_page, '', 'page') . td($log_refer, '', 'refer') . td(htmlspecialchars($log_method), 60, 'log_detail method') . td($log_status, 60, 'log_detail status') . td(fInput('checkbox', 'selected[]', $log_id), '', 'multi-edit'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"');
$ctr++;
}
echo '</tbody>' . n . endTable() . n . tInput() . n . '</form>' . n . '<div id="' . $event . '_navigation" class="txp-navigation">' . n . nav_form('log', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . pageby_form('log', $log_list_pageby) . n . '</div>' . n . '</div>';
}
}
/**
* Render a checkbox to set/unset a browser cookie.
*
* @param string $classname Label text. The cookie's name will be derived from this value.
* @param boolean $form Create as a stand-along <form> element [true]
* @return string HTML
*/
function cookie_box($classname, $form = 1)
{
$name = 'cb_' . $classname;
$val = cs('toggle_' . $classname) ? 1 : 0;
$i = '<input type="checkbox" name="' . $name . '" id="' . $name . '" value="1" ' . ($val ? 'checked="checked" ' : '') . 'class="checkbox" onclick="setClassRemember(\'' . $classname . '\',' . (1 - $val) . ');submit(this.form);" />' . ' <label for="' . $name . '">' . gTxt($classname) . '</label> ';
if ($form) {
$args = empty($_SERVER['QUERY_STRING']) ? '' : '?' . txpspecialchars($_SERVER['QUERY_STRING']);
return '<form class="' . $name . '" method="post" action="index.php' . $args . '">' . $i . eInput(gps('event')) . n . tInput() . '</form>';
} else {
return n . $i;
}
}
function form_edit($message = '')
{
global $event, $step, $essential_forms;
pagetop(gTxt('edit_forms'), $message);
extract(gpsa(array('Form', 'name', 'type')));
$name = trim(preg_replace('/[<>&"\']/', '', $name));
if ($step == 'form_create') {
$inputs = fInput('submit', 'savenew', gTxt('save_new'), 'publish') . eInput("form") . sInput('form_save');
} else {
$name = (!$name or $step == 'form_delete') ? 'default' : $name;
$rs = safe_row("*", "txp_form", "name='" . doSlash($name) . "'");
extract($rs);
$inputs = fInput('submit', 'save', gTxt('save'), 'publish') . eInput("form") . sInput('form_save') . hInput('oldname', $name);
}
if (!in_array($name, $essential_forms)) {
$changename = graf(gTxt('form_name') . br . fInput('text', 'name', $name, 'edit', '', '', INPUT_REGULAR));
} else {
$changename = graf(gTxt('form_name') . br . tag($name, 'em') . hInput('name', $name));
}
// Generate the tagbuilder links
// Format of each entry is popTagLink -> array ( gTxt string, class/ID )
$tagbuild_items = array('article' => array('articles', 'article-tags'), 'link' => array('links', 'link-tags'), 'comment' => array('comments', 'comment-tags'), 'comment_details' => array('comment_details', 'comment-detail-tags'), 'comment_form' => array('comment_form', 'comment-form-tags'), 'search_result' => array('search_results_form', 'search-result-tags'), 'file_download' => array('file_download_tags', 'file-tags'), 'category' => array('category_tags', 'category-tags'), 'section' => array('section_tags', 'section-tags'));
$tagbuild_links = '';
foreach ($tagbuild_items as $tb => $item) {
$tagbuild_links .= '<div class="' . $item[1] . '">' . hed('<a href="#' . $item[1] . '">' . gTxt($item[0]) . '</a>', 3, ' class="lever' . (get_pref('pane_form_' . $item[1] . '_visible') ? ' expanded' : '') . '"') . '<div id="' . $item[1] . '" class="toggle on" style="display:' . (get_pref('pane_form_' . $item[1] . '_visible') ? 'block' : 'none') . '">' . popTagLinks($tb) . '</div></div>';
}
$out = '<h1 class="txp-heading">' . gTxt('tab_forms') . sp . popHelp('forms_overview') . '</h1>' . '<div id="' . $event . '_container" class="txp-container">' . startTable('', '', 'txp-columntable') . tr(tdtl('<div id="tagbuild_links">' . hed(gTxt('tagbuilder'), 2) . $tagbuild_links . '</div>', ' class="column"') . tdtl('<form action="index.php" method="post" id="form_form">' . '<div id="main_content">' . '<div class="edit-title">' . gTxt('you_are_editing_form') . sp . strong($name ? $name : gTxt('untitled')) . '</div>' . '<textarea id="form" class="code" name="Form" cols="' . INPUT_LARGE . '" rows="' . INPUT_REGULAR . '">' . txpspecialchars($Form) . '</textarea>' . $changename . graf(gTxt('form_type') . br . formtypes($type)) . (empty($type) ? graf(gTxt('only_articles_can_be_previewed')) : '') . (empty($type) || $type == 'article' ? fInput('submit', 'form_preview', gTxt('preview')) : '') . graf($inputs) . '</div>' . n . tInput() . n . '</form>', ' class="column"') . tdtl('<div id="content_switcher">' . hed(gTxt('all_forms'), 2) . form_list($name) . '</div>', ' class="column"')) . endTable() . '</div>';
echo $out;
}
function link_list($message = '')
{
global $event, $step, $link_list_pageby, $txp_user;
pagetop(gTxt('tab_link'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('link_sort_column', 'name');
}
if ($dir === '') {
$dir = get_pref('link_sort_dir', 'asc');
}
$dir = $dir == 'desc' ? 'desc' : 'asc';
switch ($sort) {
case 'id':
$sort_sql = 'id ' . $dir;
break;
case 'description':
$sort_sql = 'description ' . $dir . ', id asc';
break;
case 'url':
$sort_sql = 'url ' . $dir . ', id asc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', id asc';
break;
case 'date':
$sort_sql = 'date ' . $dir . ', id asc';
break;
case 'author':
$sort_sql = 'author ' . $dir . ', id asc';
break;
default:
$sort = 'name';
$sort_sql = 'linksort ' . $dir . ', id asc';
break;
}
set_pref('link_sort_column', $sort, 'link', 2, '', 0, PREF_PRIVATE);
set_pref('link_sort_dir', $dir, 'link', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$verbatim = preg_match('/^"(.*)"$/', $crit, $m);
$crit_escaped = doSlash($verbatim ? $m[1] : str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
$critsql = $verbatim ? array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname = '{$crit_escaped}'", 'description' => "description = '{$crit_escaped}'", 'url' => "url = '{$crit_escaped}'", 'category' => "category = '{$crit_escaped}'", 'author' => "author = '{$crit_escaped}'") : array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'url' => "url like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$criteria .= callback_event('admin_criteria', 'link_list', 0, $criteria);
$total = getCount('txp_link', $criteria);
echo '<h1 class="txp-heading">' . gTxt('tab_link') . '</h1>';
echo '<div id="' . $event . '_control" class="txp-control-panel">';
if (has_privs('link.edit')) {
echo graf(sLink('link', 'link_edit', gTxt('add_new_link')), ' class="txp-buttons"');
}
if ($total < 1) {
if ($criteria != 1) {
echo n . link_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo n . graf(gTxt('no_links_recorded'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($link_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo link_search_form($crit, $search_method) . '</div>';
$rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_link', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
$show_authors = !has_single_author('txp_link');
echo n . '<div id="' . $event . '_container" class="txp-container">';
echo n . n . '<form action="index.php" id="links_form" class="multi_edit_form" method="post" name="longform">', n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . n . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('ID', 'id', 'link', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . n . column_head('link_name', 'name', 'link', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . n . column_head('description', 'description', 'link', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'links_detail description') . n . column_head('link_category', 'category', 'link', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . n . column_head('url', 'url', 'link', true, $switch_dir, $crit, $search_method, ('url' == $sort ? "{$dir} " : '') . 'url') . n . column_head('date', 'date', 'link', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'links_detail date created') . ($show_authors ? n . column_head('author', 'author', 'link', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '')) . n . '</thead>';
echo '<tbody>';
$validator = new Validator();
while ($a = nextRow($rs)) {
extract($a, EXTR_PREFIX_ALL, 'link');
$edit_url = '?event=link' . a . 'step=link_edit' . a . 'id=' . $link_id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$validator->setConstraints(array(new CategoryConstraint($link_category, array('type' => 'link'))));
$vc = $validator->validate() ? '' : ' error';
$can_edit = has_privs('link.edit') || $link_author == $txp_user && has_privs('link.edit.own');
$view_url = txpspecialchars($link_url);
echo tr(n . td(fInput('checkbox', 'selected[]', $link_id), '', 'multi-edit') . n . td($can_edit ? href($link_id, $edit_url, ' title="' . gTxt('edit') . '"') : $link_id, '', 'id') . td($can_edit ? href(txpspecialchars($link_linkname), $edit_url, ' title="' . gTxt('edit') . '"') : txpspecialchars($link_linkname), '', 'name') . td(txpspecialchars($link_description), '', 'links_detail description') . td('<span title="' . txpspecialchars(fetch_category_title($link_category, 'link')) . '">' . $link_category . '</span>', '', 'category' . $vc) . td('<a rel="external" target="_blank" href="' . $view_url . '">' . $view_url . '</a>', '', 'url') . td(gTime($link_uDate), '', 'links_detail date created') . ($show_authors ? td('<span title="' . txpspecialchars(get_author_name($link_author)) . '">' . txpspecialchars($link_author) . '</span>', '', 'author') : ''));
}
echo '</tbody>', n, endTable(), n, '</div>', n, link_multiedit_form($page, $sort, $dir, $crit, $search_method), n, tInput(), n, '</form>', n, graf(toggle_box('links_detail'), ' class="detail-toggle"'), n, '<div id="' . $event . '_navigation" class="txp-navigation">', n, nav_form('link', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit), n, pageby_form('link', $link_list_pageby), n, '</div>', n, '</div>';
}
}
/**
* Generates a form element.
*
* This form will contain a CSRF token if called on an authenticated page.
*
* @param string $contents The form contents
* @param string $style Inline styles added to the form
* @param string $onsubmit JavaScript run when the form is sent
* @param string $method The form method, e.g. "post", "get"
* @param string $class The HTML class
* @param string $fragment A URL fragment added to the form target
* @param string $id The HTML id
* @param string $role ARIA role name
* @return string HTML form element
*/
function form($contents, $style = '', $onsubmit = '', $method = 'post', $class = '', $fragment = '', $id = '', $role = '')
{
$action = 'index.php';
if ($onsubmit) {
$onsubmit = 'return ' . $onsubmit;
}
if ($fragment) {
$action .= '#' . $fragment;
}
return n . tag($contents . tInput() . n, 'form', array('class' => $class, 'id' => $id, 'method' => $method, 'action' => $action, 'onsubmit' => $onsubmit, 'role' => $role, 'style' => $style));
}
function sec_section_list($message = '')
{
global $event, $section_list_pageby;
pagetop(gTxt('tab_sections'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('section_sort_column', 'time');
}
if ($dir === '') {
$dir = get_pref('section_sort_dir', 'desc');
}
$dir = $dir == 'asc' ? 'asc' : 'desc';
switch ($sort) {
case 'title':
$sort_sql = 'title ' . $dir;
break;
case 'page':
$sort_sql = 'page ' . $dir;
break;
case 'css':
$sort_sql = 'css ' . $dir;
break;
case 'in_rss':
$sort_sql = 'in_rss ' . $dir;
break;
case 'on_frontpage':
$sort_sql = 'on_frontpage ' . $dir;
break;
case 'searchable':
$sort_sql = 'searchable ' . $dir;
break;
case 'article_count':
$sort_sql = 'article_count ' . $dir;
break;
default:
$sort_sql = 'name ' . $dir;
break;
}
set_pref('section_sort_column', $sort, 'section', 2, '', 0, PREF_PRIVATE);
set_pref('section_sort_dir', $dir, 'section', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$verbatim = preg_match('/^"(.*)"$/', $crit, $m);
$crit_escaped = doSlash($verbatim ? $m[1] : str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
$critsql = $verbatim ? array('name' => "name = '{$crit_escaped}'", 'title' => "title = '{$crit_escaped}'", 'page' => "page = '{$crit_escaped}'", 'css' => "css = '{$crit_escaped}'", 'in_rss' => "in_rss = '{$crit_escaped}'", 'on_frontpage' => "on_frontpage = '{$crit_escaped}'", 'searchable' => "searchable = '{$crit_escaped}'") : array('name' => "name like '%{$crit_escaped}%'", 'title' => "title like '%{$crit_escaped}%'", 'page' => "page like '%{$crit_escaped}%'", 'css' => "css like '%{$crit_escaped}%'", 'in_rss' => "in_rss = '{$crit_escaped}'", 'on_frontpage' => "on_frontpage = '{$crit_escaped}'", 'searchable' => "searchable = '{$crit_escaped}'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$criteria .= callback_event('admin_criteria', 'section_list', 0, $criteria);
$total = safe_count('txp_section', "{$criteria}");
echo '<h1 class="txp-heading">' . gTxt('tab_sections') . sp . popHelp('section_category') . '</h1>';
echo '<div id="' . $event . '_control" class="txp-control-panel">';
echo graf(sLink('section', 'section_edit', gTxt('create_section')), ' class="txp-buttons"');
echo n . '<form id="default_section_form" name="default_section_form" method="post" action="index.php" class="async">';
echo graf('<label>' . gTxt('default_write_section') . '</label>' . sp . popHelp('section_default') . n . section_select_list()) . eInput('section') . sInput('section_set_default');
echo '</form>';
if ($total < 1) {
if ($criteria != 1) {
echo n . section_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($section_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo n . section_search_form($crit, $search_method) . '</div>';
$rs = safe_rows_start('*, (SELECT count(*) FROM ' . safe_pfx('textpattern') . ' articles WHERE articles.Section = txp_section.name) AS article_count', 'txp_section', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
echo n . '<div id="' . $event . '_container" class="txp-container">';
echo n . n . '<form action="index.php" id="section_form" class="multi_edit_form" method="post" name="longform">' . n . '<div class="txp-listtables">' . n . n . startTable('', '', 'txp-list') . n . '<thead>' . n . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('name', 'name', 'section', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . n . column_head('title', 'title', 'section', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'title') . n . column_head('page', 'page', 'section', true, $switch_dir, $crit, $search_method, ('page' == $sort ? "{$dir} " : '') . 'page') . n . column_head('css', 'css', 'section', true, $switch_dir, $crit, $search_method, ('css' == $sort ? "{$dir} " : '') . 'style') . n . column_head('on_front_page', 'on_frontpage', 'section', true, $switch_dir, $crit, $search_method, ('on_frontpage' == $sort ? "{$dir} " : '') . 'section_detail frontpage') . n . column_head('syndicate', 'in_rss', 'section', true, $switch_dir, $crit, $search_method, ('in_rss' == $sort ? "{$dir} " : '') . 'section_detail syndicate') . n . column_head('include_in_search', 'searchable', 'section', true, $switch_dir, $crit, $search_method, ('searchable' == $sort ? "{$dir} " : '') . 'section_detail searchable') . n . column_head('articles', 'article_count', 'section', true, $switch_dir, $crit, $search_method, ('article_count' == $sort ? "{$dir} " : '') . 'section_detail article_count')) . n . '</thead>';
echo '<tbody>';
while ($a = nextRow($rs)) {
extract($a, EXTR_PREFIX_ALL, 'sec');
$is_default_section = $sec_name == 'default';
$edit_url = '?event=section' . a . 'step=section_edit' . a . 'name=' . $sec_name . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$page_url = '?event=page' . a . 'name=' . $sec_page;
$style_url = '?event=css' . a . 'name=' . $sec_css;
$articles = $sec_article_count > 0 ? href($sec_article_count, '?event=list' . a . 'search_method=section' . a . 'crit="' . txpspecialchars($sec_name) . '"', ' title="' . gTxt('article_count', array('{num}' => $sec_article_count)) . '"') : ($is_default_section ? '' : '0');
// $can_delete = ($sec_name != 'default' && $sec_article_count == 0);
$parms = array('step' => 'section_toggle_option', 'thing' => $sec_name);
echo tr(td(fInput('checkbox', 'selected[]', $sec_name), '', 'multi-edit') . td('<a href="' . $edit_url . '" title="' . gTxt('edit') . '">' . $sec_name . '</a>' . n . '<span class="section_detail">[<a href="' . hu . $sec_name . '">' . gTxt('view') . '</a>]</span>', '', 'name') . td(txpspecialchars($sec_title), '', 'title') . td('<a href="' . $page_url . '" title="' . gTxt('edit') . '">' . $sec_page . '</a>', '', 'page') . td('<a href="' . $style_url . '" title="' . gTxt('edit') . '">' . $sec_css . '</a>', '', 'style') . td($is_default_section ? '-' : asyncHref($sec_on_frontpage ? gTxt('yes') : gTxt('no'), $parms + array('property' => 'on_frontpage')), '', 'section_detail frontpage') . td($is_default_section ? '-' : asyncHref($sec_in_rss ? gTxt('yes') : gTxt('no'), $parms + array('property' => 'in_rss')), '', 'section_detail syndicate') . td($is_default_section ? '-' : asyncHref($sec_searchable ? gTxt('yes') : gTxt('no'), $parms + array('property' => 'searchable')), '', 'section_detail searchable') . td($is_default_section ? '' : $articles, '', 'section_detail article_count'), ' id="txp_section_' . $sec_name . '"');
}
echo '</tbody>', n, endTable(), n, '</div>', n, section_multiedit_form($page, $sort, $dir, $crit, $search_method), n, tInput(), n, '</form>', n, graf(toggle_box('section_detail'), ' class="detail-toggle"'), n, '<div id="' . $event . '_navigation" class="txp-navigation">', n, nav_form('section', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit), n, pageby_form('section', $section_list_pageby), n, '</div>', n, '</div>';
echo script_js(<<<EOS
\t\t\t\$('#default_section').change(function() {
\t\t\t\t\$('#default_section_form').submit();
\t\t\t});
EOS
);
}
}
function author_list($message = '')
{
global $txp_user, $author_list_pageby;
pagetop(gTxt('tab_site_admin'), $message);
if (is_disabled('mail')) {
echo tag(gTxt('warn_mail_unavailable'), 'p', ' class="alert-block warning" ');
}
echo '<h1 class="txp-heading">' . gTxt('tab_site_admin') . '</h1>';
echo '<div id="users_control" class="txp-control-panel">';
// Change password button
echo '<p class="txp-buttons">';
echo sLink('admin', 'new_pass_form', gTxt('change_password'));
// Change email address button
if (!has_privs('admin.edit')) {
echo n . sLink('admin', 'change_email_form', gTxt('change_email_address'));
}
// User list
if (has_privs('admin.list')) {
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('admin_sort_column', 'name');
}
if ($dir === '') {
$dir = get_pref('admin_sort_dir', 'asc');
}
$dir = $dir == 'desc' ? 'desc' : 'asc';
if (!in_array($sort, array('name', 'RealName', 'email', 'privs', 'last_login'))) {
$sort = 'name';
}
$sort_sql = $sort . ' ' . $dir;
set_pref('admin_sort_column', $sort, 'admin', 2, '', 0, PREF_PRIVATE);
set_pref('admin_sort_dir', $dir, 'admin', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
$critsql = array('id' => "user_id in ('" . join("','", do_list($crit_escaped)) . "')", 'login' => "name like '%{$crit_escaped}%'", 'real_name' => "RealName like '%{$crit_escaped}%'", 'email' => "email like '%{$crit_escaped}%'", 'privs' => "privs in ('" . join("','", do_list($crit_escaped)) . "')");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$criteria .= callback_event('admin_criteria', 'author_list', 0, $criteria);
$total = getCount('txp_users', $criteria);
// New author button
if (has_privs('admin.edit')) {
echo n . sLink('admin', 'author_edit', gTxt('add_new_author'));
}
echo '</p>';
// end txp-buttons
if ($total < 1) {
if ($criteria != 1) {
echo n . author_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($author_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
$use_multi_edit = has_privs('admin.edit') && safe_count('txp_users', '1=1') > 1;
echo author_search_form($crit, $search_method) . '</div>';
$rs = safe_rows_start('*, unix_timestamp(last_access) as last_login', 'txp_users', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
echo n . '<div id="users_container" class="txp-container">';
echo '<form action="index.php" id="users_form" class="multi_edit_form" method="post" name="longform">' . n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . n . tr(n . ($use_multi_edit ? hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') : hCell('', '', ' class="multi-edit"')) . n . column_head('login_name', 'name', 'admin', true, $switch_dir, '', '', ('name' == $sort ? "{$dir} " : '') . 'name login-name') . n . column_head('real_name', 'RealName', 'admin', true, $switch_dir, '', '', ('RealName' == $sort ? "{$dir} " : '') . 'name real-name') . n . column_head('email', 'email', 'admin', true, $switch_dir, '', '', ('email' == $sort ? "{$dir} " : '') . 'email') . n . column_head('privileges', 'privs', 'admin', true, $switch_dir, '', '', ('privs' == $sort ? "{$dir} " : '') . 'privs') . n . column_head('last_login', 'last_login', 'admin', true, $switch_dir, '', '', ('last_login' == $sort ? "{$dir} " : '') . 'date last-login modified')) . n . '</thead>';
echo '<tbody>';
while ($a = nextRow($rs)) {
extract(doSpecial($a));
echo tr(td((has_privs('admin.edit') and $txp_user != $a['name']) ? fInput('checkbox', 'selected[]', $a['name'], 'checkbox') : '', '', 'multi-edit') . td(has_privs('admin.edit') ? eLink('admin', 'author_edit', 'user_id', $user_id, $name) : $name, '', 'name login-name') . td($RealName, '', 'name real-name') . td('<a href="mailto:' . $email . '">' . $email . '</a>', '', 'email') . td(get_priv_level($privs), '', 'privs') . td($last_login ? safe_strftime('%b %Y', $last_login) : '', '', 'date last-login modified'));
}
echo '</tbody>', n, endTable(), n, '</div>', n, $use_multi_edit ? author_multiedit_form($page, $sort, $dir, $crit, $search_method) : '', n, tInput(), n, '</form>', n, '<div id="users_navigation" class="txp-navigation">', n, nav_form('admin', $page, $numPages, $sort, $dir, $crit, $search_method), n, pageby_form('admin', $author_list_pageby), n, '</div>', n, '</div>';
}
} else {
echo '</div>';
}
}
/**
* The main panel listing all log hits.
*
* @param string|array $message The activity message
*/
function log_list($message = '')
{
global $event, $log_list_pageby, $expire_logs_after;
pagetop(gTxt('tab_logs'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('log_sort_column', 'time');
} else {
if (!in_array($sort, array('ip', 'host', 'page', 'refer', 'method', 'status'))) {
$sort = 'time';
}
set_pref('log_sort_column', $sort, 'log', 2, '', 0, PREF_PRIVATE);
}
if ($dir === '') {
$dir = get_pref('log_sort_dir', 'desc');
} else {
$dir = $dir == 'asc' ? "asc" : "desc";
set_pref('log_sort_dir', $dir, 'log', 2, '', 0, PREF_PRIVATE);
}
$expire_logs_after = assert_int($expire_logs_after);
safe_delete('txp_log', "time < DATE_SUB(NOW(), INTERVAL {$expire_logs_after} DAY)");
switch ($sort) {
case 'ip':
$sort_sql = "ip {$dir}";
break;
case 'host':
$sort_sql = "host {$dir}";
break;
case 'page':
$sort_sql = "page {$dir}";
break;
case 'refer':
$sort_sql = "refer {$dir}";
break;
case 'method':
$sort_sql = "method {$dir}";
break;
case 'status':
$sort_sql = "status {$dir}";
break;
default:
$sort = 'time';
$sort_sql = "time {$dir}";
break;
}
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$search = new Filter($event, array('ip' => array('column' => 'txp_log.ip', 'label' => gTxt('IP')), 'host' => array('column' => 'txp_log.host', 'label' => gTxt('host')), 'page' => array('column' => 'txp_log.page', 'label' => gTxt('page')), 'refer' => array('column' => 'txp_log.refer', 'label' => gTxt('referrer')), 'method' => array('column' => 'txp_log.method', 'label' => gTxt('method')), 'status' => array('column' => 'txp_log.status', 'label' => gTxt('status'), 'type' => 'integer')));
list($criteria, $crit, $search_method) = $search->getFilter(array('status' => array('can_list' => true)));
$search_render_options = array('placeholder' => 'search_logs');
$total = safe_count('txp_log', "{$criteria}");
echo n . tag(hed(gTxt('tab_logs'), 1, array('class' => 'txp-heading')), 'div', array('class' => 'txp-layout-2col-cell-1'));
$searchBlock = n . tag($search->renderForm('log_list', $search_render_options), 'div', array('class' => 'txp-layout-2col-cell-2', 'id' => $event . '_control'));
$contentBlockStart = n . tag_start('div', array('class' => 'txp-layout-1col', 'id' => $event . '_container'));
if ($total < 1) {
if ($criteria != 1) {
echo $searchBlock . $contentBlockStart . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_results_found'), array('class' => 'alert-block information'));
} else {
echo $contentBlockStart . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_refers_recorded'), array('class' => 'alert-block information'));
}
echo n . tag_end('div');
return;
}
$limit = max($log_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo $searchBlock . $contentBlockStart;
$rs = safe_rows_start("*, UNIX_TIMESTAMP(time) AS uTime", 'txp_log', "{$criteria} ORDER BY {$sort_sql} LIMIT {$offset}, {$limit}");
if ($rs) {
echo n . tag(toggle_box('log_detail'), 'div', array('class' => 'txp-list-options')) . n . tag_start('form', array('class' => 'multi_edit_form', 'id' => 'log_form', 'name' => 'longform', 'method' => 'post', 'action' => 'index.php')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' class="txp-list-col-multi-edit" scope="col" title="' . gTxt('toggle_all_selected') . '"') . column_head('time', 'time', 'log', true, $switch_dir, $crit, $search_method, ('time' == $sort ? "{$dir} " : '') . 'txp-list-col-time') . column_head('IP', 'ip', 'log', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'txp-list-col-ip') . column_head('host', 'host', 'log', true, $switch_dir, $crit, $search_method, ('host' == $sort ? "{$dir} " : '') . 'txp-list-col-host log_detail') . column_head('page', 'page', 'log', true, $switch_dir, $crit, $search_method, ('page' == $sort ? "{$dir} " : '') . 'txp-list-col-page') . column_head('referrer', 'refer', 'log', true, $switch_dir, $crit, $search_method, ('refer' == $sort ? "{$dir} " : '') . 'txp-list-col-refer') . column_head('method', 'method', 'log', true, $switch_dir, $crit, $search_method, ('method' == $sort ? "{$dir} " : '') . 'txp-list-col-method log_detail') . column_head('status', 'status', 'log', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'txp-list-col-status log_detail')) . n . tag_end('thead') . n . tag_start('tbody');
while ($a = nextRow($rs)) {
extract($a, EXTR_PREFIX_ALL, 'log');
if ($log_refer) {
$log_refer = href(txpspecialchars(soft_wrap(preg_replace('#^http://#', '', $log_refer), 30)), txpspecialchars($log_refer), ' target="_blank"');
}
if ($log_page) {
$log_anchor = preg_replace('/\\/$/', '', $log_page);
$log_anchor = soft_wrap(substr($log_anchor, 1), 30);
$log_page = href(txpspecialchars($log_anchor), txpspecialchars($log_page), ' target="_blank"');
if ($log_method == 'POST') {
$log_page = strong($log_page);
}
}
echo tr(td(fInput('checkbox', 'selected[]', $log_id), '', 'txp-list-col-multi-edit') . hCell(gTime($log_uTime), '', ' class="txp-list-col-time" scope="row"') . td(href(txpspecialchars($log_ip), 'https://whois.domaintools.com/' . rawurlencode($log_ip), array('rel' => 'external', 'target' => '_blank')), '', 'txp-list-col-ip') . td(txpspecialchars($log_host), '', 'txp-list-col-host log_detail') . td($log_page, '', 'txp-list-col-page') . td($log_refer, '', 'txp-list-col-refer') . td(txpspecialchars($log_method), '', 'txp-list-col-method log_detail') . td($log_status, '', 'txp-list-col-status log_detail'));
}
echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . log_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . n . tag_start('div', array('class' => 'txp-navigation', 'id' => $event . '_navigation')) . pageby_form('log', $log_list_pageby) . nav_form('log', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div');
}
echo n . tag_end('div');
}
function file_list($message = '')
{
global $file_base_path, $file_statuses, $file_list_pageby, $txp_user, $event;
pagetop(gTxt('file'), $message);
extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
if ($sort === '') {
$sort = get_pref('file_sort_column', 'filename');
}
if ($dir === '') {
$dir = get_pref('file_sort_dir', 'asc');
}
$dir = $dir == 'desc' ? 'desc' : 'asc';
echo '<div id="' . $event . '_control" class="txp-control-panel">';
if (!is_dir($file_base_path) or !is_writeable($file_base_path)) {
echo graf(gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), ' id="warning"');
} elseif (has_privs('file.edit.own')) {
$existing_files = get_filenames();
if (count($existing_files) > 0) {
echo form(eInput('file') . sInput('file_create') . graf('<label for="file-existing">' . gTxt('existing_file') . '</label>' . sp . selectInput('filename', $existing_files, '', 1, '', 'file-existing') . sp . fInput('submit', '', gTxt('Create'), 'smallerbox'), ' class="existing-file"'), 'text-align: center;', '', 'post', '', '', 'assign_file');
}
echo file_upload_form(gTxt('upload_file'), 'upload', 'file_insert');
}
switch ($sort) {
case 'id':
$sort_sql = 'id ' . $dir;
break;
case 'description':
$sort_sql = 'description ' . $dir . ', filename desc';
break;
case 'category':
$sort_sql = 'category ' . $dir . ', filename desc';
break;
case 'title':
$sort_sql = 'title ' . $dir . ', filename desc';
break;
case 'downloads':
$sort_sql = 'downloads ' . $dir . ', filename desc';
break;
case 'author':
$sort_sql = 'author ' . $dir . ', id asc';
break;
default:
$sort = 'filename';
$sort_sql = 'filename ' . $dir;
break;
}
set_pref('file_sort_column', $sort, 'file', 2, '', 0, PREF_PRIVATE);
set_pref('file_sort_dir', $dir, 'file', 2, '', 0, PREF_PRIVATE);
$switch_dir = $dir == 'desc' ? 'asc' : 'desc';
$criteria = 1;
if ($search_method and $crit != '') {
$crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
$critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "filename like '%{$crit_escaped}%'", 'title' => "title like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'");
if (array_key_exists($search_method, $critsql)) {
$criteria = $critsql[$search_method];
$limit = 500;
} else {
$search_method = '';
$crit = '';
}
} else {
$search_method = '';
$crit = '';
}
$total = safe_count('txp_file', "{$criteria}");
if ($total < 1) {
if ($criteria != 1) {
echo n . file_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
} else {
echo n . graf(gTxt('no_files_recorded'), ' class="indicator"') . '</div>';
}
return;
}
$limit = max($file_list_pageby, 15);
list($page, $offset, $numPages) = pager($total, $limit, $page);
echo file_search_form($crit, $search_method) . '</div>';
$rs = safe_rows_start('*', 'txp_file', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
if ($rs) {
$show_authors = !has_single_author('txp_file');
echo n . '<div id="' . $event . '_container" class="txp-container txp-list">';
echo '<form name="longform" id="files_form" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list', '', 'list') . n . '<thead>' . tr(column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . hCell('', '', ' class="actions"') . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method, ('filename' == $sort ? "{$dir} " : '') . 'name') . column_head('title', 'title', 'file', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'title') . column_head('description', 'description', 'file', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'description') . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . hCell(gTxt('tags'), '', ' class="tag-build"') . hCell(gTxt('status'), '', ' class="status"') . hCell(gTxt('condition'), '', ' class="condition"') . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method, ('downloads' == $sort ? "{$dir} " : '') . 'downloads') . ($show_authors ? column_head('author', 'author', 'file', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '') . hCell('', '', ' class="multi-edit"')) . n . '</thead>';
$tfoot = n . '<tfoot>' . tr(tda(select_buttons() . file_multiedit_form($page, $sort, $dir, $crit, $search_method), ' class="multi-edit" colspan="' . ($show_authors ? '12' : '11') . '" style="text-align: right; border: none;"')) . n . '</tfoot>';
echo $tfoot;
echo '<tbody>';
$ctr = 1;
while ($a = nextRow($rs)) {
extract($a);
$filename = sanitizeForFile($filename);
$edit_url = '?event=file' . a . 'step=file_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
$file_exists = file_exists(build_file_path($file_base_path, $filename));
$download_link = $file_exists ? '<li class="action-view">' . make_download_link($id, '', $filename) . '</li>' : '';
$category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'file')) . '">' . $category . '</span>' : '';
$tag_url = '?event=tag' . a . 'tag_name=file_download_link' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename);
$condition = '<span class="';
$condition .= $file_exists ? 'ok' : 'not-ok';
$condition .= '">';
$condition .= $file_exists ? gTxt('file_status_ok') : gTxt('file_status_missing');
$condition .= '</span>';
$can_edit = has_privs('file.edit') || $author == $txp_user && has_privs('file.edit.own');
echo tr(n . td($id, '', 'id') . td('<ul>' . ($can_edit ? '<li class="action-edit">' . href(gTxt('edit'), $edit_url) . '</li>' : '') . $download_link . '</ul>', 65, 'actions') . td($can_edit ? href(htmlspecialchars($filename), $edit_url) : htmlspecialchars($filename), 125, 'name') . td(htmlspecialchars($title), 90, 'title') . td(htmlspecialchars($description), 150, 'description') . td($category, 90, 'category') . td(n . '<ul>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href, 400, 250); return false;">Textile</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href, 400, 250); return false;">Textpattern</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href, 400, 250); return false;">XHTML</a></li>' . n . '</ul>', 75, 'tag-build') . td(in_array($status, array_keys($file_statuses)) ? $file_statuses[$status] : '<span class="not-ok">' . gTxt('none') . '</span>', 45, 'status') . td($condition, 45, 'condition') . td($downloads == '0' ? gTxt('none') : $downloads, 25, 'downloads') . ($show_authors ? td('<span title="' . htmlspecialchars(get_author_name($author)) . '">' . htmlspecialchars($author) . '</span>', '', 'author') : '') . td($can_edit ? fInput('checkbox', 'selected[]', $id) : ' ', 10, 'multi-edit'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"');
$ctr++;
}
echo '</tbody>' . n . endTable() . n . tInput() . n . '</form>' . n . '<div id="' . $event . '_navigation" class="txp-navigation">' . nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . pageby_form('file', $file_list_pageby) . n . '</div>' . n . '</div>';
}
}
