function _duplicateItem($from, $parent, $language, $position = null) { global $manager, $tree, $lang; $res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t*\r\n\t\t\t\tFROM \r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\tWHERE \r\n\t\t\t\t\tID = '" . $from . "'\r\n\t\t\t"); if ($row = sql::fetch_array($res, MYSQL_ASSOC)) { if ($position == null) { $position = $row['position']; } sql::query("\r\n\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\t\tSET \r\n\t\t\t\t\t\t`parent`='" . $parent . "', \r\n\t\t\t\t\t\t`left`=" . $row['left'] . ",\r\n\t\t\t\t\t\t`right`=" . $row['right'] . ",\r\n\t\t\t\t\t\t`site`=" . $row['site'] . ",\r\n\t\t\t\t\t\t`name`='" . addslashes($row['name']) . "',\r\n\t\t\t\t\t\t`title`='" . addslashes($row['title']) . "',\r\n\t\t\t\t\t\t`slug`='" . addslashes($row['slug']) . "',\r\n\t\t\t\t\t\t`type`='" . addslashes($row['type']) . "',\r\n\t\t\t\t\t\t`revision`=" . $row['revision'] . ",\r\n\t\t\t\t\t\t`status`=" . $row['status'] . ",\r\n\t\t\t\t\t\t`set`=" . $row['set'] . ",\r\n\t\t\t\t\t\t`position`=" . $position . ",\r\n\t\t\t\t\t\t`r_view`=" . $row['r_view'] . ",\r\n\t\t\t\t\t\t`r_view_inv`=" . $row['r_view_inv'] . ",\r\n\t\t\t\t\t\t`r_edit`=" . $row['r_edit'] . ",\r\n\t\t\t\t\t\t`r_edit_inv`=" . $row['r_edit_inv'] . ",\r\n\t\t\t\t\t\t`r_create`=" . $row['r_create'] . ",\r\n\t\t\t\t\t\t`r_create_inv`=" . $row['r_create_inv'] . ",\r\n\t\t\t\t\t\t`r_admin`=" . $row['r_admin'] . ",\r\n\t\t\t\t\t\t`r_admin_inv`=" . $row['r_admin_inv'] . ",\r\n\t\t\t\t\t\t`author`=" . $row['author'] . ",\r\n\t\t\t\t\t\t`language`='" . addslashes($language) . "',\r\n\t\t\t\t\t\t`activation`=" . $row['activation'] . ",\r\n\t\t\t\t\t\t`expiration`=" . $row['expiration'] . ",\r\n\t\t\t\t\t\t`created`=" . $row['created'] . ",\r\n\t\t\t\t\t\t`published`=" . $row['published'] . ",\r\n\t\t\t\t\t\t`modified`=" . $row['modified'] . ",\r\n\t\t\t\t\t\t`visible`=" . $row['visible'] . "\r\n\t\t\t\t"); $to = sql::insert_id(); // Redirect // Notify other plugins $duplicate = array('from' => $from, 'to' => $to); $manager->handleEvent('DuplicateItem', $duplicate); /* Duplicate pages recursively */ $res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\t\tWHERE \r\n\t\t\t\t\t\tparent = '" . $from . "'\r\n\t\t\t\t"); while ($row = sql::fetch_array($res, MYSQL_ASSOC)) { $this->_duplicateItem($row['ID'], $to, $language); } return $to; } }
function admin_types(&$data) { global $manager, $tree, $user, $lang, $config; if ($_SERVER['REQUEST_METHOD'] == 'POST') { $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : 'modify'; switch ($action) { case 'modify': $id = $_REQUEST['id']; if (isset($_POST['children_allowed']) && $_POST['children_allowed'][0] == '*') { $childrenAllowed = '*'; } else { $childrenAllowed = isset($_POST['children_allowed']) ? implode(',', $_POST['children_allowed']) : ''; } if (isset($_POST['parents_allowed']) && $_POST['parents_allowed'][0] == '*') { $parentsAllowed = '*'; } else { $parentsAllowed = isset($_POST['parents_allowed']) ? implode(',', $_POST['parents_allowed']) : ''; } $res = sql::query("\r\n\t\t\t\t\t\t\tUPDATE \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "types \r\n\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t`name`='" . addslashes($_POST['name']) . "',\r\n\t\t\t\t\t\t\t\t`children_allowed`='" . addslashes($childrenAllowed) . "',\r\n\t\t\t\t\t\t\t\t`parents_allowed`='" . addslashes($parentsAllowed) . "',\r\n\t\t\t\t\t\t\t\t`root_allowed`=" . (isset($_POST['root_allowed']) ? 1 : 0) . ",\r\n\t\t\t\t\t\t\t\t`visible`=" . (isset($_POST['visible']) ? 1 : 0) . ",\r\n\t\t\t\t\t\t\t\t`sort`=" . (isset($_POST['reverse']) ? 0 - $_POST['sort'] : $_POST['sort']) . "\r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t`ID`='" . $id . "'\r\n\t\t\t\t\t\t"); $res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "types_groups\r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t`type`='" . $id . "'\r\n\t\t\t\t\t\t"); if (isset($_POST['group']) && is_array($_POST['group'])) { while (list($group, $content) = each($_POST['group'])) { $res = sql::query("\r\n\t\t\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "types_groups\r\n\t\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t\t`type`='" . $id . "',\r\n\t\t\t\t\t\t\t\t\t\t`group`='" . addslashes($group) . "',\r\n\t\t\t\t\t\t\t\t\t\t`content`='" . addslashes($content) . "'\r\n\t\t\t\t\t\t\t\t"); } } break; case 'delete': $id = $_REQUEST['id']; $res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "types \r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t`ID`='" . $id . "'\r\n\t\t\t\t\t\t"); $res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "types_groups\r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t`type`='" . $id . "'\r\n\t\t\t\t\t\t"); unset($id); break; case 'create': $res = sql::query("\r\n\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "types \r\n\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t`name`='" . addslashes($user->lang->s('untitled')) . "',\r\n\t\t\t\t\t\t\t\t`children_allowed`='*',\r\n\t\t\t\t\t\t\t\t`parents_allowed`='*',\r\n\t\t\t\t\t\t\t\t`root_allowed`=1,\r\n\t\t\t\t\t\t\t\t`visible`=1\r\n\t\t\t\t\t\t"); $id = sql::insert_id(); break; } if (isset($id)) { header("Location: " . url::action('settings') . "/types?id=" . $id); } else { header("Location: " . url::action('settings') . "/types"); } exit; } if (isset($_REQUEST['id'])) { $id = $_REQUEST['id']; } $types = array(); $res = sql::query('SELECT * FROM ' . _TABLE_PREFIX_ . 'types ORDER BY name'); while ($row = sql::fetch_array($res)) { if (!isset($id)) { $id = $row['ID']; } $types[$row['ID']] = $row; } $all = $types; $res = sql::query('SELECT * FROM ' . _TABLE_PREFIX_ . 'plugins_types'); while ($row = sql::fetch_array($res)) { $row['name'] = $user->lang->s($row['ID']); $all[$row['ID']] = $row; } $content = array(); $res = sql::query('SELECT * FROM ' . _TABLE_PREFIX_ . 'plugins_content ORDER BY name'); while ($row = sql::fetch_array($res)) { $content[] = $row['name']; } $groups = array(); for ($i = 0; $i < intval($config->get('contentGroups')); $i++) { $groups[$i] = array('name' => $config->get('contentGroup' . $i), 'value' => array()); } $remaining = array_flip($content); $res = sql::query('SELECT * FROM ' . _TABLE_PREFIX_ . 'types_groups WHERE `type`="' . $types[$id]['ID'] . '"'); while ($row = sql::fetch_array($res)) { $row['content'] = explode(',', $row['content']); while (list(, $c) = each($row['content'])) { if (isset($remaining[$c])) { unset($remaining[$c]); $groups[intval($row['group'])]['value'][] = $c; } } } $remaining = array_keys($remaining); $delete = true; $res = sql::query('SELECT * FROM ' . _TABLE_PREFIX_ . 'contents WHERE `type`="' . $types[$id]['ID'] . '" LIMIT 1'); if ($row = sql::fetch_array($res)) { $delete = false; } $tpl = new Template($this->getTemplate('settings.template')); $tpl->set("url", url::action('settings') . '/types'); $tpl->set('all', $all); $tpl->set('types', $types); $tpl->set('groups', $groups); $tpl->set('remaining', $remaining); $tpl->set('delete', $delete); $tpl->set('id', $id); $data['template']->set('content', $tpl->fetch()); // Make sure the following assets are included $data['page']->assets->registerCSS($this->localAsset('editor.css')); }
function action_create($args) { global $manager, $tree, $user, $lang; /* Decode argumenst */ $id = array_shift($args); $item =& $tree->getItemById($id); $id = $item['id']; if (!$tree->_hasRights('create', $item['rights'])) { header('Location: ' . url::item($id)); exit; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Determine the type of the page $type = $_POST['childtype']; if (isset($_POST['location']) && $_POST['location'] == 'sibling') { // Overwrite the type of the page $type = $_POST['siblingtype']; if ($item['parent'] > 0) { // Set the item to its parent an continue... $item =& $tree->getItemById($item['parent']); } else { $position = 0; reset($tree->tree); while (list($k, ) = each($tree->tree)) { if ($tree->tree[$k]['id'] != 'admin') { $position = max($position, $tree->tree[$k]['position']); } } $position++; if (isset($_POST['language'])) { $language = $_POST['language']; } else { $language = $tree->language; } if (isset($_POST['name'])) { $name = $_POST['name']; } else { $name = $user->lang->s('untitled'); } $slug = strtolower($name); $slug = preg_replace('/(\\s+|_)/i', '-', $slug); $slug = preg_replace('/[^a-z0-9\\-]/i', '', $slug); $base = explode('/', $GLOBALS['HASH_URLS'][$data['params']['id']]); array_shift($base); $unique = false; while (!$unique) { $url = implode('/', array_merge($base, array($slug))); if (isset($GLOBALS['HASH_IDS'][$url])) { if (preg_match('/^(.*)-([0-9]+)$/i', $slug, $matches)) { $slug = $matches[1] . '-' . (intval($matches[2]) + 1); } else { $slug = $slug . '-2'; } } else { $unique = true; } } treeStorage::startTransaction(); list($left, $right) = treeStorage::prepareForInsert(0, $language); $res = sql::query("\r\n\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t`parent`='',\r\n\t\t\t\t\t\t\t\t`left`='" . $left . "',\r\n\t\t\t\t\t\t\t\t`right`='" . $right . "',\r\n\t\t\t\t\t\t\t\t`site`='" . _DEFAULT_SITE_ . "',\r\n\t\t\t\t\t\t\t\t`name`='" . addslashes($name) . "',\r\n\t\t\t\t\t\t\t\t`title`='',\r\n\t\t\t\t\t\t\t\t`slug`='" . addslashes($slug) . "',\r\n\t\t\t\t\t\t\t\t`type`='" . $type . "',\r\n\t\t\t\t\t\t\t\t`status`='0',\r\n\t\t\t\t\t\t\t\t`revision`=0,\r\n\t\t\t\t\t\t\t\t`position`='" . $position . "',\r\n\t\t\t\t\t\t\t\t`language`='" . $language . "',\r\n\t\t\t\t\t\t\t\t`author`='" . $user->id . "',\r\n\t\t\t\t\t\t\t\t`r_view`='3',\r\n\t\t\t\t\t\t\t\t`r_view_inv`='0',\r\n\t\t\t\t\t\t\t\t`r_edit`='6',\r\n\t\t\t\t\t\t\t\t`r_edit_inv`='0',\r\n\t\t\t\t\t\t\t\t`r_create`='6',\r\n\t\t\t\t\t\t\t\t`r_create_inv`='0',\r\n\t\t\t\t\t\t\t\t`r_admin`='6',\r\n\t\t\t\t\t\t\t\t`r_admin_inv`='0',\r\n\t\t\t\t\t\t\t\t`created`='" . time() . "',\r\n\t\t\t\t\t\t\t\t`modified`='" . time() . "',\r\n\t\t\t\t\t\t\t\t`visible`='1'\r\n\t\t\t\t\t\t"); treeStorage::stopTransaction(); $id = sql::insert_id(); /* Create the first revision */ revisions::doCreatePage($id); header("Location: " . url::item($id, 'edit')); exit; } } // Create the page $position = 0; if (isset($item['children'])) { reset($item['children']); while (list($k, ) = each($item['children'])) { $position = max($position, $item['children'][$k]['position']); } } $position++; if (isset($_POST['language'])) { $language = $_POST['language']; } else { $language = $tree->language; } if (isset($_POST['name'])) { $name = $_POST['name']; } else { $name = $user->lang->s('untitled'); } $slug = strtolower($name); $slug = preg_replace('/(\\s+|_)/i', '-', $slug); $slug = preg_replace('/[^a-z0-9\\-]/i', '', $slug); $base = explode('/', $GLOBALS['HASH_URLS'][$data['params']['id']]); array_shift($base); while (!$unique) { $url = implode('/', array_merge($base, array($slug))); if (isset($GLOBALS['HASH_IDS'][$url])) { if (preg_match('/^(.*)-([0-9]+)$/i', $slug, $matches)) { $slug = $matches[1] . '-' . (intval($matches[2]) + 1); } else { $slug = $slug . '-2'; } } else { $unique = true; } } // Newly created items have the same // writing and creation rights as their // parents... $r_view = $item['rights']['r_view']; $r_edit = $item['rights']['r_create']; $r_create = $item['rights']['r_create']; $r_admin = $item['rights']['r_create']; if ($item['rights']['r_create'] != $item['rights']['r_admin']) { // Check if we are trying to create this page // with admin rights, or with create rights. if ($tree->_hasRights('create', $item['rights']) && !$tree->_hasRights('create', $item['rights'], true)) { $r_admin = $item['rights']['r_admin']; } } treeStorage::startTransaction(); list($left, $right) = treeStorage::prepareForInsert($item['id'], $language); sql::query("\r\n\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\t\tSET\r\n\t\t\t\t\t\t`parent`='" . $item['id'] . "',\r\n\t\t\t\t\t\t`left`='" . $left . "',\r\n\t\t\t\t\t\t`right`='" . $right . "',\r\n\t\t\t\t\t\t`site`='" . _DEFAULT_SITE_ . "',\r\n\t\t\t\t\t\t`name`='" . addslashes($name) . "',\r\n\t\t\t\t\t\t`title`='',\r\n\t\t\t\t\t\t`slug`='" . addslashes($slug) . "',\r\n\t\t\t\t\t\t`type`='" . $type . "',\r\n\t\t\t\t\t\t`status`='0',\r\n\t\t\t\t\t\t`position`='" . $position . "',\r\n\t\t\t\t\t\t`language`='" . $language . "',\r\n\t\t\t\t\t\t`author`='" . $user->id . "',\r\n\t\t\t\t\t\t`r_view`='" . $r_view . "',\r\n\t\t\t\t\t\t`r_view_inv`='0',\r\n\t\t\t\t\t\t`r_edit`='" . $r_edit . "',\r\n\t\t\t\t\t\t`r_edit_inv`='0',\r\n\t\t\t\t\t\t`r_create`='" . $r_create . "',\r\n\t\t\t\t\t\t`r_create_inv`='0',\r\n\t\t\t\t\t\t`r_admin`='" . $r_admin . "',\r\n\t\t\t\t\t\t`r_admin_inv`='0',\r\n\t\t\t\t\t\t`created`='" . time() . "',\r\n\t\t\t\t\t\t`modified`='" . time() . "',\r\n\t\t\t\t\t\t`visible`='1'\r\n\t\t\t\t"); treeStorage::stopTransaction(); $id = sql::insert_id(); /* Create the first revision */ revisions::doCreatePage($id); header("Location: " . url::item($id, 'edit')); exit; } else { if (is_null($item)) { $siblingAllowed = false; $siblingTypes = $manager->types(); if ($user->memberof(6)) { $siblingAllowed = count($siblingTypes) ? true : false; } $childAllowed = false; $childTypes = array(); } else { $childTypes = $manager->types($item['type']); $childAllowed = count($childTypes) ? true : false; $siblingAllowed = false; $siblingTypes = array(); if ($item['parent'] > 0) { $parent =& $tree->getItemById($item['parent']); if ($parent && $tree->_hasRights('create', $parent['rights'])) { $siblingAllowed = true; } $siblingTypes = $manager->types($parent['type']); } else { $siblingTypes = $manager->types(); } if ($user->memberof(6)) { $siblingAllowed = true; } if (!$id) { $siblingAllowed = false; } } $tpl = new Template($this->getTemplate('create.template')); $tpl->set('childTypes', $childTypes); $tpl->set('childAllowed', $childAllowed); $tpl->set('siblingTypes', $siblingTypes); $tpl->set('siblingAllowed', $siblingAllowed); $tpl->set('name', $user->lang->s('untitled')); $tpl->set('id', $id); echo $tpl->fetch(); exit; } }
function admin_groups(&$data) { global $manager, $tree, $user, $lang, $config; if (count($data['params']['args'])) { $action = array_shift($data['params']['args']); /* Create a new group */ if ($action == 'create') { if ($_SERVER['REQUEST_METHOD'] == 'POST') { $res = sql::query("\r\n\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "groups\r\n\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\tname='" . addslashes(isset($_POST['name']) ? trim($_POST['name']) : '') . "',\r\n\t\t\t\t\t\t\t\tdescription='" . addslashes(isset($_POST['description']) ? trim($_POST['description']) : '') . "'\r\n\t\t\t\t\t\t"); $id = sql::insert_id(); if (isset($_POST['users'])) { while (list(, $user) = each($_POST['users'])) { $res = sql::query("\r\n\t\t\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "users_groups\r\n\t\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\t\t`user` = " . $user . ",\r\n\t\t\t\t\t\t\t\t\t\t`group` = " . $id . "\r\n\t\t\t\t\t\t\t\t"); } } header("Location: " . url::action('settings') . "/groups"); exit; } $tpl = new Template($this->getTemplate('groupedit.template')); $tpl->set("users", $this->_getUserList()); $tpl->set("url", url::action('settings') . '/groups/create'); $data['template']->set('content', $tpl->fetch()); // Make sure the following assets are included $data['page']->assets->registerCSS($this->localAsset('editor.css')); return; } /* Edit an existing group */ if ($action == 'edit' && count($data['params']['args'])) { $id = (int) array_shift($data['params']['args']); if ($id > 5) { if ($_SERVER['REQUEST_METHOD'] == 'POST') { $res = sql::query("\r\n\t\t\t\t\t\t\t\tUPDATE \r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "groups\r\n\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\tname='" . addslashes(isset($_POST['name']) ? trim($_POST['name']) : '') . "',\r\n\t\t\t\t\t\t\t\t\tdescription='" . addslashes(isset($_POST['description']) ? trim($_POST['description']) : '') . "'\r\n\t\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t\tID='" . $id . "'\r\n\t\t\t\t\t\t\t"); $res = sql::query("\r\n\t\t\t\t\t\t\t\tDELETE FROM\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "users_groups\r\n\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\t`group` = " . $id . "\r\n\t\t\t\t\t\t\t"); if (isset($_POST['users'])) { while (list(, $user) = each($_POST['users'])) { $res = sql::query("\r\n\t\t\t\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "users_groups\r\n\t\t\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\t\t\t`user` = " . $user . ",\r\n\t\t\t\t\t\t\t\t\t\t\t`group` = " . $id . "\r\n\t\t\t\t\t\t\t\t\t"); } } $res = sql::query("\r\n\t\t\t\t\t\t\t\tDELETE FROM\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "groups_groups\r\n\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\t`group_a` = " . $id . "\r\n\t\t\t\t\t\t\t"); if (isset($_POST['groups'])) { while (list(, $group) = each($_POST['groups'])) { $res = sql::query("\r\n\t\t\t\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "groups_groups\r\n\t\t\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\t\t\t`group_a` = " . $id . ",\r\n\t\t\t\t\t\t\t\t\t\t\t`group_b` = " . $group . "\r\n\t\t\t\t\t\t\t\t\t"); } } header("Location: " . url::action('settings') . "/groups"); exit; } $res = sql::query("\r\n\t\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t\t* \r\n\t\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "groups\r\n\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\tID = " . $id . "\r\n\t\t\t\t\t\t"); if ($item = sql::fetch_array($res, MYSQL_ASSOC)) { $tpl = new Template($this->getTemplate('groupedit.template')); $tpl->set("item", $item); $tpl->set("users", $this->_getUserList($id)); $tpl->set("groups", $this->_getNestedGroupList($id)); $tpl->set("url", url::action('settings') . '/groups/edit/' . $id); $data['template']->set('content', $tpl->fetch()); // Make sure the following assets are included $data['page']->assets->registerCSS($this->localAsset('editor.css')); return; } } } /* Delete an existing group */ if ($action == 'delete' && count($data['params']['args'])) { $id = (int) array_shift($data['params']['args']); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($id > 6) { $res = sql::query("\r\n\t\t\t\t\t\t\t\tDELETE FROM\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "groups\r\n\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\tID = " . $id . "\r\n\t\t\t\t\t\t\t"); $res = sql::query("\r\n\t\t\t\t\t\t\t\tDELETE FROM\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "users_groups\r\n\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\t`group` = " . $id . "\r\n\t\t\t\t\t\t\t"); $res = sql::query("\r\n\t\t\t\t\t\t\t\tDELETE FROM\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "groups_groups\r\n\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\t`group_a` = " . $id . " OR\r\n\t\t\t\t\t\t\t\t\t`group_b` = " . $id . "\r\n\t\t\t\t\t\t\t"); } } header("Location: " . url::action('settings') . "/groups"); exit; } } /* Show group list */ $tpl = new Template($this->getTemplate('grouplist.template')); $tpl->set("groups", $this->_getGroupList()); $data['template']->set('content', $tpl->fetch()); // Make sure the following assets are included $data['page']->assets->registerCSS($this->localAsset('editor.css')); }
// Load Future human ship's template $sql = 'SELECT id, value_9, value_5, min_unit_1, min_unit_2, min_unit_3, min_unit_4, rof, max_torp FROM ship_templates WHERE id = ' . $FUTURE_SHIP; $template = $db->queryrow($sql); while ($player_to_serve = $db->fetchrow($fh_stream)) { $sql = 'INSERT INTO ship_fleets (fleet_name, user_id, planet_id, n_ships) VALUES ("Reward", ' . $player_to_serve['user_id'] . ', ' . $player_to_serve['target_planet_id'] . ', ' . $player_to_serve['n_ships'] . ')'; if (!$db->query($sql)) { $sdl->log(' - <b>Warning:</b> Could not create Reward Fleet for user ' . $player_to_serve['user_id'] . ' - CONTINUED'); continue; } $new_fleet_id = $db->insert_id(); for ($i = 0; $i < $player_to_serve['n_ships']; $i++) { $sql = 'INSERT INTO ships (fleet_id, user_id, template_id, experience, hitpoints, construction_time, unit_1, unit_2, unit_3, unit_4, rof, torp, last_refit_time) VALUES (' . $new_fleet_id . ', ' . $player_to_serve['user_id'] . ', ' . $template['id'] . ', ' . $template['value_9'] . ', ' . $template['value_5'] . ', ' . $game->TIME . ', ' . $template['min_unit_1'] . ', ' . $template['min_unit_2'] . ', ' . $template['min_unit_3'] . ', ' . $template['min_unit_4'] . ', ' . $template['rof'] . ', ' . $template['max_torp'] . ', ' . $game->TIME . ')';
function _duplicateItem($from, $parent, $position = null) { global $manager, $lang; $res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t*\r\n\t\t\t\tFROM \r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\tWHERE \r\n\t\t\t\t\tID = '" . $from . "'\r\n\t\t\t"); if ($row = sql::fetch_array($res, MYSQL_ASSOC)) { $slug = strtolower($row['name']); $slug = preg_replace('/(\\s+|_)/i', '-', $slug); $slug = preg_replace('/[^a-z0-9\\-]/i', '', $slug); $base = explode('/', $GLOBALS['HASH_URLS'][$from]); array_pop($base); $unique = false; while (!$unique) { $url = implode('/', array_merge($base, array($slug))); if (isset($GLOBALS['HASH_IDS'][$url])) { if (preg_match('/^(.*)-([0-9]+)$/i', $slug, $matches)) { $slug = $matches[1] . '-' . (intval($matches[2]) + 1); } else { $slug = $slug . '-2'; } } else { $unique = true; } } if ($position == null) { $position = $row['position']; } treeStorage::startTransaction(); list($left, $right) = treeStorage::prepareForInsert($parent, $row['language']); sql::query("\r\n\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\t\tSET \r\n\t\t\t\t\t\t`parent`='" . $parent . "', \r\n\t\t\t\t\t\t`left`='" . $left . "',\r\n\t\t\t\t\t\t`right`='" . $right . "',\r\n\t\t\t\t\t\t`site`='" . $row['site'] . "',\r\n\t\t\t\t\t\t`name`='" . addslashes($row['name']) . "',\r\n\t\t\t\t\t\t`title`='" . addslashes($row['title']) . "',\r\n\t\t\t\t\t\t`slug`='" . addslashes($slug) . "',\r\n\t\t\t\t\t\t`type`='" . addslashes($row['type']) . "',\r\n\t\t\t\t\t\t`revision`='" . $row['revision'] . "',\r\n\t\t\t\t\t\t`set`=" . $row['set'] . ",\r\n\t\t\t\t\t\t`position`=" . $position . ",\r\n\t\t\t\t\t\t`r_view`=" . $row['r_view'] . ",\r\n\t\t\t\t\t\t`r_view_inv`=" . $row['r_view_inv'] . ",\r\n\t\t\t\t\t\t`r_edit`=" . $row['r_edit'] . ",\r\n\t\t\t\t\t\t`r_edit_inv`=" . $row['r_edit_inv'] . ",\r\n\t\t\t\t\t\t`r_create`=" . $row['r_create'] . ",\r\n\t\t\t\t\t\t`r_create_inv`=" . $row['r_create_inv'] . ",\r\n\t\t\t\t\t\t`r_admin`=" . $row['r_admin'] . ",\r\n\t\t\t\t\t\t`r_admin_inv`=" . $row['r_admin_inv'] . ",\r\n\t\t\t\t\t\t`author`=" . $row['author'] . ",\r\n\t\t\t\t\t\t`language`='" . addslashes($row['language']) . "',\r\n\t\t\t\t\t\t`activation`=" . $row['activation'] . ",\r\n\t\t\t\t\t\t`expiration`=" . $row['expiration'] . ",\r\n\t\t\t\t\t\t`created`=" . time() . ",\r\n\t\t\t\t\t\t`modified`=" . time() . ",\r\n\t\t\t\t\t\t`visible`=" . $row['visible'] . ",\r\n\t\t\t\t\t\t`status`=" . $row['status'] . "\r\n\t\t\t\t"); treeStorage::stopTransaction(); $to = sql::insert_id(); /* Copy the plugin data */ $duplicate = array('from' => $from, 'to' => $to); $manager->handleEvent('DuplicateItem', $duplicate); /* Copy the revision history */ revisions::doDuplicatePage($from, $to); /* Duplicate pages recursively */ $res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\t\tWHERE \r\n\t\t\t\t\t\tparent = '" . $from . "'\r\n\t\t\t\t"); while ($row = sql::fetch_array($res, MYSQL_ASSOC)) { $this->_duplicateItem($row['ID'], $to); } return $to; } }
function event_CreateRevision(&$data) { $res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t*\r\n\t\t\t\tFROM \r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_form\r\n\t\t\t\tWHERE \r\n\t\t\t\t\tID = '" . $data['id'] . "' AND\r\n\t\t\t\t\trevision = '" . $data['from'] . "'\r\n\t\t\t"); while ($row = sql::fetch_array($res, MYSQL_ASSOC)) { sql::query("\r\n\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_form\r\n\t\t\t\t\tSET \r\n\t\t\t\t\t\t`ID`='" . $data['id'] . "', \r\n\t\t\t\t\t\t`revision`='" . $data['to'] . "', \r\n\t\t\t\t\t\t`title`='" . addslashes($row['title']) . "',\r\n\t\t\t\t\t\t`button`='" . addslashes($row['button']) . "',\r\n\t\t\t\t\t\t`email`='" . addslashes($row['email']) . "'\r\n\t\t\t\t"); $eres = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_form_elements\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t`form` = '" . $data['id'] . "' AND\r\n\t\t\t\t\t\t`revision` = '" . $data['from'] . "'\r\n\t\t\t\t"); while ($element = sql::fetch_array($eres, MYSQL_ASSOC)) { sql::query("\r\n\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_form_elements\r\n\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t`form`='" . $data['id'] . "', \r\n\t\t\t\t\t\t\t`revision`='" . $data['to'] . "', \r\n\t\t\t\t\t\t\t`order`='" . intval($element['order']) . "',\r\n\t\t\t\t\t\t\t`type`='" . addslashes($element['type']) . "',\r\n\t\t\t\t\t\t\t`title`='" . addslashes($element['title']) . "',\r\n\t\t\t\t\t\t\t`size`='" . intval($element['size']) . "',\r\n\t\t\t\t\t\t\t`default`='" . addslashes($element['default']) . "',\r\n\t\t\t\t\t\t\t`action`='" . addslashes($element['action']) . "',\r\n\t\t\t\t\t\t\t`required`='" . intval($element['required']) . "'\r\n\t\t\t\t\t"); $id = sql::insert_id(); $ores = sql::query("\r\n\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t*\r\n\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_form_elements_options\r\n\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t`element` = '" . $element['element'] . "'\r\n\t\t\t\t\t"); while ($option = sql::fetch_array($ores, MYSQL_ASSOC)) { sql::query("\r\n\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_form_elements_options\r\n\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t`element`='" . $id . "', \r\n\t\t\t\t\t\t\t\t`order`='" . intval($option['order']) . "',\r\n\t\t\t\t\t\t\t\t`title`='" . addslashes($option['title']) . "'\r\n\t\t\t\t\t\t"); } } } }
function action_medialibrary($args) { global $lang, $user; $folder = isset($_REQUEST['folder']) ? $_REQUEST['folder'] : (isset($_SESSION['lastFolder']) ? $_SESSION['lastFolder'] : 1); $_SESSION['lastFolder'] = $folder; $res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t*\r\n\t\t\t\tFROM\r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tID = '" . $folder . "'\r\n\t\t\t"); if (sql::num_rows($res) == 0) { $res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\tORDER BY\r\n\t\t\t\t\t\t`order`\r\n\t\t\t\t\tLIMIT 1\r\n\t\t\t\t"); if ($row = sql::fetch_array($res)) { $folder = $row['ID']; } } $flash = false; // Map Flash upload name to regular upload name if (isset($_FILES['Filedata'])) { $flash = true; $_FILES['file'] =& $_FILES['Filedata']; } if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_FILES['file'])) { if ($_FILES['file']['error'] > UPLOAD_ERR_OK) { error_log('Could not upload file because error ' . $_FILES['file']['error'] . ' occurred'); } else { if (is_uploaded_file($_FILES['file']['tmp_name'])) { $directory = _BASE_MEDIA_ . 'images/'; $original = $_FILES['file']['name']; $contenttype = files::getCleanContentType($_FILES['file']['type'], $_FILES['file']['name']); $filename = files::getUniqueName($contenttype, $directory); if (files::allowedContentType($contenttype, 'picture')) { // Move file to the media directory move_uploaded_file($_FILES['file']['tmp_name'], $directory . $filename); // Get information from the file... list($width, $height) = getimagesize($directory . $filename); $size = round(filesize($directory . $filename) / 1024); // Insert it into the database $res = sql::query("\r\n\t\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media\r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\tfolder = '" . $folder . "',\r\n\t\t\t\t\t\t\t\t\tfilename = '" . addslashes($filename) . "',\r\n\t\t\t\t\t\t\t\t\toriginal = '" . addslashes(basename($original)) . "',\r\n\t\t\t\t\t\t\t\t\twidth = '" . $width . "',\r\n\t\t\t\t\t\t\t\t\theight = '" . $height . "',\r\n\t\t\t\t\t\t\t\t\tsize = '" . $size . "',\r\n\t\t\t\t\t\t\t\t\tmodified = NOW()\r\n\t\t\t\t\t\t\t"); if ($flash) { // Workaround for a Flash bug on OS X.. We need to send back content... any content will do echo " "; flush(); } } else { error_log('Could not upload file because its mimetype was not recognized or rejected'); } } else { error_log('Could not upload file because it got lost on the server'); } } if ($flash == false) { header('Location: ' . url::action('medialibrary') . '?folder=' . $folder); } exit; } else { if (isset($_REQUEST['json'])) { if ($_REQUEST['json'] == 'editImage' && isset($_REQUEST['image'])) { $id = intval($_REQUEST['image']); $res = sql::query("\r\n\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\toriginal = '" . addslashes($_REQUEST['value']) . "'\r\n\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\tfolder = '" . $folder . "' AND\r\n\t\t\t\t\t\t\t\tid = '" . addslashes($id) . "'\r\n\t\t\t\t\t\t"); echo $_REQUEST['value']; exit; } if ($_REQUEST['json'] == 'moveImage' && isset($_REQUEST['image'])) { $ids = explode(',', $_REQUEST['image']); while (list(, $id) = each($ids)) { $res = sql::query("\r\n\t\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media\r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\tfolder = '" . $folder . "'\r\n\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\tid = '" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t"); } exit; } if ($_REQUEST['json'] == 'deleteImage' && isset($_REQUEST['image'])) { $ids = explode(',', $_REQUEST['image']); while (list(, $id) = each($ids)) { $res = sql::query("\r\n\t\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media\r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\tdeleted = 1\r\n\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\tfolder = '" . $folder . "' AND\r\n\t\t\t\t\t\t\t\t\tid = '" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t"); } exit; } if ($_REQUEST['json'] == 'orderFolder' && isset($_REQUEST['folders'])) { $order = 0; while (list(, $id) = each($_REQUEST['folders'])) { $res = sql::query("\r\n\t\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\t`order` = " . $order . "\r\n\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\tID = '" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t"); $order++; } exit; } if ($_REQUEST['json'] == 'editFolder' && isset($_REQUEST['value'])) { $res = sql::query("\r\n\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\tname = '" . addslashes($_REQUEST['value']) . "'\r\n\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\tID = '" . addslashes($folder) . "'\r\n\t\t\t\t\t\t"); echo $_REQUEST['value']; exit; } if ($_REQUEST['json'] == 'deleteFolder') { $res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\tID = '" . addslashes($folder) . "'\r\n\t\t\t\t\t\t"); exit; } if ($_REQUEST['json'] == 'newFolder') { $res = sql::query("\r\n\t\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t\tMAX(`order`) AS max\r\n\t\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\t\t"); if ($row = sql::fetch_array($res)) { $order = $row['max'] + 1; } else { $order = 0; } $res = sql::query("\r\n\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t`name` = '" . addslashes($user->lang->s('untitled')) . "',\r\n\t\t\t\t\t\t\t\t`order` = " . $order . "\r\n\t\t\t\t\t\t"); echo '[{id: "' . sql::insert_id() . '", name: "' . addslashes($user->lang->s('untitled')) . '"}]'; exit; } } // Show contents.... $files = array(); $res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tfolder = '" . $folder . "' AND\r\n\t\t\t\t\t\tdeleted = 0\r\n\t\t\t\t\tORDER BY\r\n\t\t\t\t\t\tmodified DESC\r\n\t\t\t\t"); while ($row = sql::fetch_array($res)) { $files[] = array('id' => $row['ID'], 'imageurl' => _BASE_URL_ . '/media/images/' . $row['filename'], 'thumburl' => _BASE_URL_ . '/media/images/' . $row['filename'] . '?s{size}', 'name' => $row['original'], 'width' => $row['width'], 'height' => $row['height'], 'size' => $row['size']); } $res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\tORDER BY\r\n\t\t\t\t\t\t`order`\r\n\t\t\t\t"); while ($row = sql::fetch_array($res)) { $folders[] = $row; } if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'loadData') { $tpl = new Template($this->getTemplate('data.template')); } else { $tpl = new Template($this->getTemplate('main.template')); } $tpl->set("files", $files); $tpl->set("folders", $folders); $tpl->set("current_folder", $folder); echo $tpl->fetch(); exit; } }