if (isset($mybb->input['search_id']) && $admin_session['data']['user_views'][$mybb->input['search_id']]) {
$admin_view = $admin_session['data']['user_views'][$mybb->input['search_id']];
unset($admin_view['extra_sql']);
} else {
// Showing a specific view
if (isset($mybb->input['vid'])) {
$query = $db->simple_select("adminviews", "*", "vid='" . intval($mybb->input['vid']) . "'");
$admin_view = $db->fetch_array($query);
// View does not exist or this view is private and does not belong to the current user
if (!$admin_view['vid'] || $admin_view['visibility'] == 1 && $admin_view['uid'] != $mybb->user['uid']) {
unset($admin_view);
}
}
// Don't have a view? Fetch the default
if (!isset($admin_view)) {
$default_view = fetch_default_view("user");
if (!$default_view) {
$default_view = "0";
}
$query = $db->simple_select("adminviews", "*", "type='user' AND (vid='{$default_view}' OR uid=0)", array("order_by" => "uid", "order_dir" => "desc"));
$admin_view = $db->fetch_array($query);
}
}
// Fetch a list of all of the views for this user
$popup = new PopupMenu("views", $lang->views);
$query = $db->simple_select("adminviews", "*", "type='user' AND (visibility=2 OR uid={$mybb->user['uid']})", array("order_by" => "title"));
while ($view = $db->fetch_array($query)) {
$popup->add_item(htmlspecialchars_uni($view['title']), "index.php?module=user-users&vid={$view['vid']}");
}
$popup->add_item("<em>{$lang->manage_views}</em>", "index.php?module=user-users&action=views");
$admin_view['popup'] = $popup->fetch();
/**
* Builds the "view management" interface allowing administrators to edit their custom designed "views"
*
* @param string The base URL to this instance of the view manager
* @param string The internal type identifier for this view
* @param array Array of fields this view supports
* @param array Array of possible sort options this view supports if any
* @param string Optional callback function which generates list of "conditions" for this view
*/
function view_manager($base_url, $type, $fields, $sort_options = array(), $conditions_callback = "")
{
global $mybb, $db, $page, $lang;
$sub_tabs['views'] = array('title' => $lang->views, 'link' => "{$base_url}&action=views", 'description' => $lang->views_desc);
$sub_tabs['create_view'] = array('title' => $lang->create_new_view, 'link' => "{$base_url}&action=views&do=add", 'description' => $lang->create_new_view_desc);
$page->add_breadcrumb_item($lang->view_manager, 'index.php?module=user-users&action=views');
// Lang strings should be in global lang file
if ($mybb->input['do'] == "set_default") {
$query = $db->simple_select("adminviews", "vid, uid, visibility", "vid='" . $mybb->get_input('vid', MyBB::INPUT_INT) . "'");
$admin_view = $db->fetch_array($query);
if (!$admin_view['vid'] || $admin_view['visibility'] == 1 && $mybb->user['uid'] != $admin_view['uid']) {
flash_message($lang->error_invalid_admin_view, 'error');
admin_redirect($base_url . "&action=views");
}
set_default_view($type, $admin_view['vid']);
flash_message($lang->succuss_view_set_as_default, 'success');
admin_redirect($base_url . "&action=views");
}
if ($mybb->input['do'] == "add") {
if ($mybb->request_method == "post") {
if (!trim($mybb->input['title'])) {
$errors[] = $lang->error_missing_view_title;
}
if ($mybb->input['fields_js']) {
$mybb->input['fields'] = explode(",", $mybb->input['fields_js']);
}
if (count($mybb->input['fields']) <= 0) {
$errors[] = $lang->error_no_view_fields;
}
if ($mybb->get_input('perpage', MyBB::INPUT_INT) <= 0) {
$errors[] = $lang->error_invalid_view_perpage;
}
if (!in_array($mybb->input['sortby'], array_keys($sort_options))) {
$errors[] = $lang->error_invalid_view_sortby;
}
if ($mybb->input['sortorder'] != "asc" && $mybb->input['sortorder'] != "desc") {
$errors[] = $lang->error_invalid_view_sortorder;
}
if ($mybb->input['visibility'] == 0) {
$mybb->input['visibility'] = 2;
}
if (!$errors) {
$new_view = array("uid" => $mybb->user['uid'], "title" => $db->escape_string($mybb->input['title']), "type" => $type, "visibility" => $mybb->get_input('visibility', MyBB::INPUT_INT), "fields" => $db->escape_string(my_serialize($mybb->input['fields'])), "conditions" => $db->escape_string(my_serialize($mybb->input['conditions'])), "custom_profile_fields" => $db->escape_string(my_serialize($mybb->input['profile_fields'])), "sortby" => $db->escape_string($mybb->input['sortby']), "sortorder" => $db->escape_string($mybb->input['sortorder']), "perpage" => $mybb->get_input('perpage', MyBB::INPUT_INT), "view_type" => $db->escape_string($mybb->input['view_type']));
$vid = $db->insert_query("adminviews", $new_view);
if ($mybb->input['isdefault']) {
set_default_view($type, $vid);
}
flash_message($lang->success_view_created, "success");
admin_redirect($base_url . "&vid={$vid}");
}
} else {
$mybb->input = array_merge($mybb->input, array('perpage' => 20));
}
// Write in our JS based field selector
$page->extra_header .= "<script src=\"jscripts/view_manager.js\" type=\"text/javascript\"></script>\n";
$page->add_breadcrumb_item($lang->create_new_view);
$page->output_header($lang->create_new_view);
$form = new Form($base_url . "&action=views&do=add", "post");
$page->output_nav_tabs($sub_tabs, 'create_view');
// If we have any error messages, show them
if ($errors) {
$page->output_inline_error($errors);
}
$form_container = new FormContainer($lang->create_new_view);
$form_container->output_row($lang->title . " <em>*</em>", "", $form->generate_text_box('title', $mybb->input['title'], array('id' => 'title')), 'title');
if ($mybb->input['visibility'] == 2) {
$visibility_public_checked = true;
} else {
$visibility_private_checked = true;
}
$visibility_options = array($form->generate_radio_button("visibility", "1", "<strong>{$lang->private}</strong> - {$lang->private_desc}", array("checked" => $visibility_private_checked)), $form->generate_radio_button("visibility", "2", "<strong>{$lang->public}</strong> - {$lang->public_desc}", array("checked" => $visibility_public_checked)));
$form_container->output_row($lang->visibility, "", implode("<br />", $visibility_options));
$form_container->output_row($lang->set_as_default_view, "", $form->generate_yes_no_radio("isdefault", $mybb->input['isdefault'], array('yes' => 1, 'no' => 0)));
if (count($sort_options) > 0) {
$sort_directions = array("asc" => $lang->ascending, "desc" => $lang->descending);
$form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->input['sortby'], array('id' => 'sortby')) . " {$lang->in} " . $form->generate_select_box('sortorder', $sort_directions, $mybb->input['sortorder'], array('id' => 'sortorder')), 'sortby');
}
$form_container->output_row($lang->results_per_page, "", $form->generate_numeric_field('perpage', $mybb->input['perpage'], array('id' => 'perpage', 'min' => 1)), 'perpage');
if ($type == "user") {
$form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('view_type', 'table', $lang->table, array('checked' => $mybb->input['view_type'] != "card" ? true : false)) . "<br />" . $form->generate_radio_button('view_type', 'card', $lang->business_card, array('checked' => $mybb->input['view_type'] == "card" ? true : false)));
}
$form_container->end();
$field_select .= "<div class=\"view_fields\">\n";
$field_select .= "<div class=\"enabled\"><div class=\"fields_title\">{$lang->enabled}</div><ul id=\"fields_enabled\">\n";
if (is_array($mybb->input['fields'])) {
foreach ($mybb->input['fields'] as $field) {
if ($fields[$field]) {
$field_select .= "<li id=\"field-{$field}\">• {$fields[$field]['title']}</li>";
$active[$field] = 1;
}
}
}
$field_select .= "</ul></div>\n";
$field_select .= "<div class=\"disabled\"><div class=\"fields_title\">{$lang->disabled}</div><ul id=\"fields_disabled\">\n";
foreach ($fields as $key => $field) {
if ($active[$key]) {
continue;
}
$field_select .= "<li id=\"field-{$key}\">• {$field['title']}</li>";
}
$field_select .= "</div></ul>\n";
$field_select .= $form->generate_hidden_field("fields_js", @implode(",", @array_keys($active)), array('id' => 'fields_js'));
$field_select = str_replace("'", "\\'", $field_select);
$field_select = str_replace("\n", "", $field_select);
$field_select = "<script type=\"text/javascript\">\n//<![CDATA[\ndocument.write('" . str_replace("/", "\\/", $field_select) . "');\n//]]>\n</script>\n";
foreach ($fields as $key => $field) {
$field_options[$key] = $field['title'];
}
$field_select .= "<noscript>" . $form->generate_select_box('fields[]', $field_options, $mybb->input['fields'], array('id' => 'fields', 'multiple' => true)) . "</noscript>\n";
$form_container = new FormContainer($lang->fields_to_show);
$form_container->output_row($lang->fields_to_show_desc, $description, $field_select);
$form_container->end();
// Build the search conditions
if (function_exists($conditions_callback)) {
$conditions_callback($mybb->input, $form);
}
$buttons[] = $form->generate_submit_button($lang->save_view);
$form->output_submit_wrapper($buttons);
$form->end();
$page->output_footer();
} else {
if ($mybb->input['do'] == "edit") {
$query = $db->simple_select("adminviews", "*", "vid='" . $mybb->get_input('vid', MyBB::INPUT_INT) . "'");
$admin_view = $db->fetch_array($query);
// Does the view not exist?
if (!$admin_view['vid'] || $admin_view['visibility'] == 1 && $mybb->user['uid'] != $admin_view['uid']) {
flash_message($lang->error_invalid_admin_view, 'error');
admin_redirect($base_url . "&action=views");
}
if ($mybb->request_method == "post") {
if (!trim($mybb->input['title'])) {
$errors[] = $lang->error_missing_view_title;
}
if ($mybb->input['fields_js']) {
$mybb->input['fields'] = explode(",", $mybb->input['fields_js']);
}
if (count($mybb->input['fields']) <= 0) {
$errors[] = $lang->error_no_view_fields;
}
if ($mybb->get_input('perpage', MyBB::INPUT_INT) <= 0) {
$errors[] = $lang->error_invalid_view_perpage;
}
if (!in_array($mybb->input['sortby'], array_keys($sort_options))) {
$errors[] = $lang->error_invalid_view_sortby;
}
if ($mybb->input['sortorder'] != "asc" && $mybb->input['sortorder'] != "desc") {
$errors[] = $lang->error_invalid_view_sortorder;
}
if ($mybb->input['visibility'] == 0) {
$mybb->input['visibility'] = 2;
}
if (!$errors) {
$updated_view = array("title" => $db->escape_string($mybb->input['title']), "type" => $type, "visibility" => $mybb->get_input('visibility', MyBB::INPUT_INT), "fields" => $db->escape_string(my_serialize($mybb->input['fields'])), "conditions" => $db->escape_string(my_serialize($mybb->input['conditions'])), "custom_profile_fields" => $db->escape_string(my_serialize($mybb->input['profile_fields'])), "sortby" => $db->escape_string($mybb->input['sortby']), "sortorder" => $db->escape_string($mybb->input['sortorder']), "perpage" => $mybb->get_input('perpage', MyBB::INPUT_INT), "view_type" => $db->escape_string($mybb->input['view_type']));
$db->update_query("adminviews", $updated_view, "vid='{$admin_view['vid']}'");
if ($mybb->input['isdefault']) {
set_default_view($type, $admin_view['vid']);
}
flash_message($lang->success_view_updated, "success");
admin_redirect($base_url . "&vid={$admin_view['vid']}");
}
}
// Write in our JS based field selector
$page->extra_header .= "<script src=\"jscripts/view_manager.js\" type=\"text/javascript\"></script>\n";
$page->add_breadcrumb_item($lang->edit_view);
$page->output_header($lang->edit_view);
$form = new Form($base_url . "&action=views&do=edit&vid={$admin_view['vid']}", "post");
$sub_tabs = array();
$sub_tabs['edit_view'] = array('title' => $lang->edit_view, 'link' => $base_url . "&action=views&do=edit&vid={$admin_view['vid']}", 'description' => $lang->edit_view_desc);
$page->output_nav_tabs($sub_tabs, 'edit_view');
// If we have any error messages, show them
if ($errors) {
$page->output_inline_error($errors);
} else {
$admin_view['conditions'] = my_unserialize($admin_view['conditions']);
$admin_view['fields'] = my_unserialize($admin_view['fields']);
$admin_view['profile_fields'] = my_unserialize($admin_view['custom_profile_fields']);
$mybb->input = array_merge($mybb->input, $admin_view);
$mybb->input['isdefault'] = 0;
$default_view = fetch_default_view($type);
if ($default_view == $admin_view['vid']) {
$mybb->input['isdefault'] = 1;
}
}
$form_container = new FormContainer($lang->edit_view);
$form_container->output_row($lang->view . " <em>*</em>", "", $form->generate_text_box('title', $mybb->input['title'], array('id' => 'title')), 'title');
if ($mybb->input['visibility'] == 2) {
$visibility_public_checked = true;
} else {
$visibility_private_checked = true;
}
$visibility_options = array($form->generate_radio_button("visibility", "1", "<strong>{$lang->private}</strong> - {$lang->private_desc}", array("checked" => $visibility_private_checked)), $form->generate_radio_button("visibility", "2", "<strong>{$lang->public}</strong> - {$lang->public_desc}", array("checked" => $visibility_public_checked)));
$form_container->output_row($lang->visibility, "", implode("<br />", $visibility_options));
$form_container->output_row($lang->set_as_default_view, "", $form->generate_yes_no_radio("isdefault", $mybb->input['isdefault'], array('yes' => 1, 'no' => 0)));
if (count($sort_options) > 0) {
$sort_directions = array("asc" => $lang->ascending, "desc" => $lang->descending);
$form_container->output_row($lang->sort_results_by, "", $form->generate_select_box('sortby', $sort_options, $mybb->input['sortby'], array('id' => 'sortby')) . " {$lang->in} " . $form->generate_select_box('sortorder', $sort_directions, $mybb->input['sortorder'], array('id' => 'sortorder')), 'sortby');
}
$form_container->output_row($lang->results_per_page, "", $form->generate_numeric_field('perpage', $mybb->input['perpage'], array('id' => 'perpage', 'min' => 1)), 'perpage');
if ($type == "user") {
$form_container->output_row($lang->display_results_as, "", $form->generate_radio_button('view_type', 'table', $lang->table, array('checked' => $mybb->input['view_type'] != "card" ? true : false)) . "<br />" . $form->generate_radio_button('view_type', 'card', $lang->business_card, array('checked' => $mybb->input['view_type'] == "card" ? true : false)));
}
$form_container->end();
$field_select .= "<div class=\"view_fields\">\n";
$field_select .= "<div class=\"enabled\"><div class=\"fields_title\">{$lang->enabled}</div><ul id=\"fields_enabled\">\n";
if (is_array($mybb->input['fields'])) {
foreach ($mybb->input['fields'] as $field) {
if ($fields[$field]) {
$field_select .= "<li id=\"field-{$field}\">• {$fields[$field]['title']}</li>";
$active[$field] = 1;
}
}
}
$field_select .= "</ul></div>\n";
$field_select .= "<div class=\"disabled\"><div class=\"fields_title\">{$lang->disabled}</div><ul id=\"fields_disabled\">\n";
if (is_array($fields)) {
foreach ($fields as $key => $field) {
if ($active[$key]) {
continue;
}
$field_select .= "<li id=\"field-{$key}\">• {$field['title']}</li>";
}
}
$field_select .= "</div></ul>\n";
$field_select .= $form->generate_hidden_field("fields_js", @implode(",", @array_keys($active)), array('id' => 'fields_js'));
$field_select = str_replace("'", "\\'", $field_select);
$field_select = str_replace("\n", "", $field_select);
$field_select = "<script type=\"text/javascript\">\n//<![CDATA[\ndocument.write('" . str_replace("/", "\\/", $field_select) . "');\n//]]></script>\n";
foreach ($fields as $key => $field) {
$field_options[$key] = $field['title'];
}
$field_select .= "<noscript>" . $form->generate_select_box('fields[]', $field_options, $mybb->input['fields'], array('id' => 'fields', 'multiple' => true)) . "</noscript>\n";
$form_container = new FormContainer($lang->fields_to_show);
$form_container->output_row($lang->fields_to_show_desc, $description, $field_select);
$form_container->end();
// Build the search conditions
if (function_exists($conditions_callback)) {
$conditions_callback($mybb->input, $form);
}
$buttons[] = $form->generate_submit_button($lang->save_view);
$form->output_submit_wrapper($buttons);
$form->end();
$page->output_footer();
} else {
if ($mybb->input['do'] == "delete") {
if ($mybb->input['no']) {
admin_redirect($base_url . "&action=views");
}
$query = $db->simple_select("adminviews", "COUNT(vid) as views");
$views = $db->fetch_field($query, "views");
if ($views == 0) {
flash_message($lang->error_cannot_delete_view, 'error');
admin_redirect($base_url . "&action=views");
}
$vid = $mybb->get_input('vid', MyBB::INPUT_INT);
$query = $db->simple_select("adminviews", "vid, uid, visibility", "vid = '{$vid}'");
$admin_view = $db->fetch_array($query);
if ($vid == 1 || !$admin_view['vid'] || $admin_view['visibility'] == 1 && $mybb->user['uid'] != $admin_view['uid']) {
flash_message($lang->error_invalid_view_delete, 'error');
admin_redirect($base_url . "&action=views");
}
if ($mybb->request_method == "post") {
$db->delete_query("adminviews", "vid='{$admin_view['vid']}'");
flash_message($lang->success_view_deleted, 'success');
admin_redirect($base_url . "&action=views");
} else {
$page->output_confirm_action($base_url . "&action=views&do=delete&vid={$admin_view['vid']}", $lang->confirm_view_deletion);
}
} else {
if ($mybb->input['do'] == "export") {
$xml = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?" . ">\n";
$xml = "<adminviews version=\"" . $mybb->version_code . "\" exported=\"" . TIME_NOW . "\">\n";
if ($mybb->input['type']) {
$type_where = "type='" . $db->escape_string($mybb->input['type']) . "'";
}
$query = $db->simple_select("adminviews", "*", $type_where);
while ($admin_view = $db->fetch_array($query)) {
$fields = my_unserialize($admin_view['fields']);
$conditions = my_unserialize($admin_view['conditions']);
$admin_view['title'] = str_replace(']]>', ']]]]><![CDATA[>', $admin_view['title']);
$admin_view['sortby'] = str_replace(']]>', ']]]]><![CDATA[>', $admin_view['sortby']);
$admin_view['sortorder'] = str_replace(']]>', ']]]]><![CDATA[>', $admin_view['sortorder']);
$admin_view['view_type'] = str_replace(']]>', ']]]]><![CDATA[>', $admin_view['view_type']);
$xml .= "\t<view vid=\"{$admin_view['vid']}\" uid=\"{$admin_view['uid']}\" type=\"{$admin_view['type']}\" visibility=\"{$admin_view['visibility']}\">\n";
$xml .= "\t\t<title><![CDATA[{$admin_view['title']}]]></title>\n";
$xml .= "\t\t<fields>\n";
foreach ($fields as $field) {
$xml .= "\t\t\t<field name=\"{$field}\" />\n";
}
$xml .= "\t\t</fields>\n";
$xml .= "\t\t<conditions>\n";
foreach ($conditions as $name => $condition) {
if (!$conditions) {
continue;
}
if (is_array($condition)) {
$condition = my_serialize($condition);
$is_serialized = " is_serialized=\"1\"";
}
$condition = str_replace(']]>', ']]]]><![CDATA[>', $condition);
$xml .= "\t\t\t<condition name=\"{$name}\"{$is_serialized}><![CDATA[{$condition}]]></condition>\n";
}
$xml .= "\t\t</conditions>\n";
$xml .= "\t\t<sortby><![CDATA[{$admin_view['sortby']}]]></sortby>\n";
$xml .= "\t\t<sortorder><![CDATA[{$admin_view['sortorder']}]]></sortorder>\n";
$xml .= "\t\t<perpage><![CDATA[{$admin_view['perpage']}]]></perpage>\n";
$xml .= "\t\t<view_type><![CDATA[{$admin_view['view_type']}]]></view_type>\n";
$xml .= "\t</view>\n";
}
$xml .= "</adminviews>\n";
$mybb->settings['bbname'] = urlencode($mybb->settings['bbname']);
header("Content-disposition: filename=" . $mybb->settings['bbname'] . "-views.xml");
header("Content-Length: " . my_strlen($xml));
header("Content-type: unknown/unknown");
header("Pragma: no-cache");
header("Expires: 0");
echo $xml;
exit;
} else {
$page->output_header($lang->view_manager);
$page->output_nav_tabs($sub_tabs, 'views');
$table = new Table();
$table->construct_header($lang->view);
$table->construct_header($lang->controls, array("class" => "align_center", "width" => 150));
$default_view = fetch_default_view($type);
$query = $db->simple_select("adminviews", "COUNT(vid) as views");
$views = $db->fetch_field($query, "views");
$query = $db->query("\n\t\t\tSELECT v.*, u.username\n\t\t\tFROM " . TABLE_PREFIX . "adminviews v\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=v.uid)\n\t\t\tWHERE v.visibility='2' OR (v.visibility='1' AND v.uid='{$mybb->user['uid']}')\n\t\t\tORDER BY title\n\t\t");
while ($view = $db->fetch_array($query)) {
$created = "";
if ($view['uid'] == 0) {
$view_type = "default";
$default_class = "grey";
} else {
if ($view['visibility'] == 2) {
$view_type = "group";
if ($view['username']) {
$created = "<br /><small>{$lang->created_by} {$view['username']}</small>";
}
} else {
$view_type = "user";
}
}
$default_add = '';
if ($default_view == $view['vid']) {
$default_add = " ({$lang->default})";
}
$title_string = "view_title_{$view['vid']}";
if ($lang->{$title_string}) {
$view['title'] = $lang->{$title_string};
}
$table->construct_cell("<div class=\"float_right\"><img src=\"styles/{$page->style}/images/icons/{$view_type}.png\" title=\"" . $lang->sprintf($lang->this_is_a_view, $view_type) . "\" alt=\"{$view_type}\" /></div><div class=\"{$default_class}\"><strong><a href=\"{$base_url}&action=views&do=edit&vid={$view['vid']}\" >{$view['title']}</a></strong>{$default_add}{$created}</div>");
$popup = new PopupMenu("view_{$view['vid']}", $lang->options);
$popup->add_item($lang->edit_view, "{$base_url}&action=views&do=edit&vid={$view['vid']}");
if ($view['vid'] != $default_view) {
$popup->add_item($lang->set_as_default, "{$base_url}&action=views&do=set_default&vid={$view['vid']}");
}
if ($views > 1 && $view['vid'] != 1) {
$popup->add_item($lang->delete_view, "{$base_url}&action=views&do=delete&vid={$view['vid']}&my_post_key={$mybb->post_code}", "return AdminCP.deleteConfirmation(this, '{$lang->confirm_view_deletion}')");
}
$controls = $popup->fetch();
$table->construct_cell($controls, array("class" => "align_center"));
$table->construct_row();
}
$table->output($lang->view);
echo <<<LEGEND
<br />
<fieldset>
<legend>{$lang->legend}</legend>
<img src="styles/{$page->style}/images/icons/default.png" alt="{$lang->default}" style="vertical-align: middle;" /> {$lang->default_view_desc}<br />
<img src="styles/{$page->style}/images/icons/group.png" alt="{$lang->public}" style="vertical-align: middle;" /> {$lang->public_view_desc}<br />
<img src="styles/{$page->style}/images/icons/user.png" alt="{$lang->private}" style="vertical-align: middle;" /> {$lang->private_view_desc}</fieldset>
LEGEND;
$page->output_footer();
}
}
}
}
}
