} if (isset($_POST['subpage']) && $_POST['subpage'] == 'object' && count($reports) <= 1) { header('Location: ' . $result->getLink()); exitZP(); } } else { $result = $new(''); } } if (isset($_GET['save'])) { XSRFdefender('save'); $result = $update($reports, true); } if (isset($_GET['delete'])) { XSRFdefender('delete'); $msg = deleteZenpageObj('new' . $new(sanitize($_GET['delete']), 'admin-pages.php')); if (!empty($msg)) { $reports[] = $msg; } } /* * Here we should restart if any action processing has occurred to be sure that everything is * in its proper state. But that would require significant rewrite of the handling and * reporting code so is impractical. Instead we will presume that all that needs to be restarted * is the CMS object. */ $_zp_CMS = new CMS(); printAdminHeader($tab, $result->transient ? gettext('add') : gettext('edit')); zp_apply_filter('texteditor_config', 'zenpage'); zenpageJSCSS(); datepickerJS();
if (isset($_POST['action'])) { XSRFdefender('checkeditems'); if ($_POST['checkallaction'] == 'noaction') { if (updateItemSortorder('categories', $reports)) { $reports[] = "<p class='messagebox fade-message'>" . gettext("Sort order saved.") . "</p>"; } else { $reports[] = "<p class='notebox fade-message'>" . gettext("Nothing changed.") . "</p>"; } } else { $action = processZenpageBulkActions('Category'); bulkActionRedirect($action); } } if (isset($_GET['delete'])) { XSRFdefender('delete_category'); $reports[] = deleteZenpageObj(newCategory(sanitize($_GET['delete']))); } if (isset($_GET['hitcounter'])) { XSRFdefender('hitcounter'); $x = $_zp_CMS->getCategory(sanitize_numeric($_GET['id'])); $obj = newCategory($x['titlelink']); $obj->set('hitcounter', 0); $obj->save(); } if (isset($_GET['publish'])) { XSRFdefender('update'); $obj = newCategory(sanitize($_GET['titlelink'])); $obj->setShow(sanitize_numeric($_GET['publish'])); $obj->save(); } if (isset($_GET['save'])) {
if (isset($_GET['bulkaction'])) { $reports[] = zenpageBulkActionMessage(sanitize($_GET['bulkaction'])); } if (isset($_GET['deleted'])) { $reports[] = "<p class='messagebox fade-message'>" . gettext("Article successfully deleted!") . "</p>"; } if (isset($_POST['checkallaction'])) { // true if apply is pressed XSRFdefender('checkeditems'); if ($action = processZenpageBulkActions('Article')) { bulkActionRedirect($action); } } if (isset($_GET['delete'])) { XSRFdefender('delete'); $msg = deleteZenpageObj(newArticle(sanitize($_GET['delete']), 'admin-news.php')); if (!empty($msg)) { $reports[] = $msg; } } // publish or un-publish page by click if (isset($_GET['publish'])) { XSRFdefender('update'); $obj = newArticle(sanitize($_GET['titlelink'])); $obj->setShow(sanitize_numeric($_GET['publish'])); $obj->save(); } if (isset($_GET['commentson'])) { XSRFdefender('update'); $obj = newArticle(sanitize($_GET['titlelink'])); $obj->setCommentsAllowed(sanitize_numeric($_GET['commentson']));
XSRFdefender('update'); if ($_POST['checkallaction'] == 'noaction') { if (updateItemSortorder('pages')) { $reports[] = "<p class='messagebox fade-message'>" . gettext("Sort order saved.") . "</p>"; } else { $reports[] = "<p class='notebox fade-message'>" . gettext("Nothing changed.") . "</p>"; } } else { $action = processZenpageBulkActions('Page'); bulkActionRedirect($action); } } // remove the page from the database if (isset($_GET['delete'])) { XSRFdefender('delete'); $msg = deleteZenpageObj(newPage(sanitize($_GET['delete']), 'admin-pages.php')); if (!empty($msg)) { $reports[] = $msg; } } // publish or un-publish page by click if (isset($_GET['publish'])) { XSRFdefender('update'); $obj = newPage(sanitize($_GET['titlelink'])); $obj->setShow(sanitize_numeric($_GET['publish'])); $obj->save(); } if (isset($_GET['commentson'])) { XSRFdefender('update'); $obj = newPage(sanitize($_GET['titlelink'])); $obj->setCommentsAllowed(sanitize_numeric($_GET['commentson']));