/** * Saves the CB plugin params after an edit form submit */ function savePluginParams( $option, $task ) { global $_CB_framework, $_CB_database, $_POST; if ( isset( $_POST['params'] ) ) { $_POST['params'] = cbParamsEditorController::getRawParamsMagicgpcEscaped( $_POST['params'] ); } else { $_POST['params'] = null; } $row = new moscomprofilerPlugin( $_CB_database ); if (!$row->bind( $_POST )) { echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-1); </script>\n"; exit(); } if (!$row->check()) { echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-1); </script>\n"; exit(); } if (!$row->store()) { echo "<script type=\"text/javascript\"> alert('".$row->getError()."'); window.history.go(-1); </script>\n"; exit(); } $row->checkin(); $row->updateOrder( "type='".$_CB_database->getEscaped($row->type)."' AND ordering > -10000 AND ordering < 10000 " ); switch ( $task ) { case 'applyPlugin': $msg = sprintf(CBTxt::T('Successfully Saved changes to Plugin: %s'), $row->name); cbRedirect( $_CB_framework->backendUrl( "index.php?option=$option&task=editPlugin&cid=$row->id" ), $msg ); case 'savePlugin': default: $msg = sprintf(CBTxt::T('Successfully Saved Plugin: %s'), $row->name); cbRedirect( $_CB_framework->backendUrl( "index.php?option=$option&task=showPlugins" ), $msg ); break; } }
/** * Cancels an edit operation */ function cancelPlugin($option) { global $_CB_framework, $_CB_database, $_POST; $row = new moscomprofilerPlugin($_CB_database); $row->bind($_POST); $row->checkin(); cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task=showPlugins")); }
/** * Saves the CB plugin params after an edit form submit */ function savePluginParams($option, $task) { global $_CB_framework, $_CB_database, $_POST; if (isset($_POST['params'])) { $_POST['params'] = cbParamsEditorController::getRawParamsMagicgpcEscaped($_POST['params']); } else { $_POST['params'] = null; } $oldrow = new moscomprofilerPlugin($_CB_database); if (isset($_POST['id'])) { $oldrow->load((int) $_POST['id']); // Check if user is a super user: if (!$_CB_framework->acl->amIaSuperAdmin()) { // Check if user belongs to access: if (!in_array($oldrow->access, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(true))) { echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n"; exit; } } } $row = new moscomprofilerPlugin($_CB_database); if (!$row->bind($_POST)) { echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // Set defaults if nothing is found // Also check if oldrow exists to use its current value or default // This prevents a plugin from storing to database with null values when some inputs are set disabled: $defaultaccess = checkJversion() >= 2 ? 1 : 0; if ($row->access == '') { $row->access = $oldrow->access != '' ? $oldrow->access : $defaultaccess; } if ($row->ordering == '') { $row->ordering = $oldrow->ordering != '' ? $oldrow->ordering : 999; } if ($row->published == '') { $row->published = $oldrow->published != '' ? $oldrow->published : 1; } if (!$row->check()) { echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } // Check if user is a super user: if (!$_CB_framework->acl->amIaSuperAdmin()) { $canEditState = CBuser::getMyInstance()->authoriseAction('core.edit.state'); // Check if user belongs to access // Check if row exists and if access is different from existing row // Check if row doesn't exist and if access is different from default // Check if user can edit status: if ($row->access != '' && !in_array($row->access, CBuser::getMyInstance()->getAuthorisedViewLevelsIds(true))) { echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n"; exit; } // Check if user can edit status: if (!$canEditState) { // Check if row exists and if access is different from existing row // Check if row doesn't exist and if access is different from default if ($oldrow->id && ($row->access != '' && $oldrow->access != $row->access) || !$oldrow->id && ($row->access != '' && $row->access != $defaultaccess)) { echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n"; exit; } // Check if row exists and if ordering is different from existing row // Check if row doesn't exist and if ordering is different from default if ($oldrow->id && ($row->ordering != '' && $oldrow->ordering != $row->ordering) || !$oldrow->id && ($row->ordering != '' && $row->ordering != 999)) { echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n"; exit; } // Check if row exists and if published is different from existing row // Check if row doesn't exist and if published is different from default if ($oldrow->id && ($row->published != '' && $oldrow->published != $row->published) || !$oldrow->id && ($row->published != '' && $row->published != 1)) { echo "<script type=\"text/javascript\"> alert('" . addslashes(CBTxt::T('Unauthorized Access')) . "'); window.history.go(-1);</script>\n"; exit; } } } if (!$row->store()) { echo "<script type=\"text/javascript\"> alert('" . $row->getError() . "'); window.history.go(-1); </script>\n"; exit; } $row->checkin(); $row->updateOrder("type='" . $_CB_database->getEscaped($row->type) . "' AND ordering > -10000 AND ordering < 10000 "); switch ($task) { case 'applyPlugin': $msg = sprintf(CBTxt::T('Successfully Saved changes to Plugin: %s'), $row->name); cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task=editPlugin&cid={$row->id}"), $msg); case 'savePlugin': default: $msg = sprintf(CBTxt::T('Successfully Saved Plugin: %s'), $row->name); cbRedirect($_CB_framework->backendUrl("index.php?option={$option}&task=showPlugins"), $msg); break; } }