function view() { global $_CONF, $_TABLES; $body = ''; $T = new Template($_CONF['path'] . 'plugins/tag/templates'); $T->set_file('badword', 'admin_badword.thtml'); $T->set_var('xhtml', XHTML); $T->set_var('this_script', COM_buildURL($_CONF['site_admin_url'] . '/plugins/tag/index.php')); $T->set_var('lang_desc_admin_badword', TAG_str('desc_admin_badword')); $T->set_var('lang_add', TAG_str('add')); $T->set_var('lang_lbl_tag', TAG_str('lbl_tag')); $T->set_var('lang_delete_checked', TAG_str('delete_checked')); $sql = "SELECT * FROM {$_TABLES['tag_badwords']}"; $result = DB_query($sql); if (DB_error()) { return $retval . '<p>' . TAG_str('db_error') . '</p>'; } else { if (DB_numRows($result) == 0) { $T->set_var('msg', '<p>' . TAG_str('no_badword') . '</p>'); } else { $sw = 1; while (($A = DB_fetchArray($result)) !== false) { $word = TAG_escape($A['badword']); $body .= '<tr><td>' . '<input id="' . $word . '" name="words[]" type="checkbox" ' . 'value="' . $word . '"><label for="' . $word . '">' . $word . '</label></td></tr>' . LB; $sw = $sw == 1 ? 2 : 1; } } } $T->set_var('body', $body); $T->parse('output', 'badword'); $retval = $T->finish($T->get_var('output')); return $retval; }
function view() { global $_CONF, $_TABLES; $retval = ''; $sql = "SELECT L.tag_id, L.tag, COUNT(m.tag_id) AS cnt, L.hits " . "FROM {$_TABLES['tag_list']} AS L " . "LEFT JOIN {$_TABLES['tag_map']} AS m " . "ON L.tag_id = m.tag_id " . "GROUP BY m.tag_id " . "ORDER BY cnt DESC, tag"; $result = DB_query($sql); if (DB_error()) { return $retval . '<p>' . TAG_str('db_error') . '</p>'; } else { if (DB_numRows($result) == 0) { return $retval . '<p>' . TAG_str('no_tag') . '</p>'; } } $T = new Template($_CONF['path'] . 'plugins/tag/templates'); $T->set_file('stats', 'admin_stats.thtml'); $T->set_var('xhtml', XHTML); $T->set_var('this_script', COM_buildURL($_CONF['site_admin_url'] . '/plugins/tag/index.php')); $T->set_var('lang_desc_admin_stats', TAG_str('desc_admin_stats')); $T->set_var('lang_lbl_tag', TAG_str('lbl_tag')); $T->set_var('lang_lbl_count', TAG_str('lbl_count')); $T->set_var('lang_lbl_hit_count', TAG_str('lbl_hit_count')); $T->set_var('lang_delete_checked', TAG_str('delete_checked')); $T->set_var('lang_ban_checked', TAG_str('ban_checked')); $sw = 1; $body = ''; while (($A = DB_fetchArray($result)) !== false) { $tag_id = $A['tag_id']; $body .= '<tr class="pluginRow' . $sw . '">' . '<td><input id="tag' . TAG_escape($tag_id) . '" name="tag_ids[]" ' . 'type="checkbox" value="' . TAG_escape($A['tag_id']) . '"' . XHTML . '><label for="tag' . TAG_escape($tag_id) . '">' . TAG_escape($A['tag']) . '</label></td>' . '<td style="text-align: right;">' . TAG_escape($A['cnt']) . '</td><td style="text-align: right;">' . TAG_escape($A['hits']) . '</td></tr>' . LB; $sw = $sw == 1 ? 2 : 1; } $T->set_var('body', $body); $T->parse('output', 'stats'); $retval = $T->finish($T->get_var('output')); return $retval; }
/** * Submit a new or updated story. The story is updated if it exists, or a new one is created * * @param array args Contains all the data provided by the client * @param string &output OUTPUT parameter containing the returned text * @return int Response code as defined in lib-plugins.php */ function service_submit_story($args, &$output, &$svc_msg) { global $_CONF, $_TABLES, $_USER, $LANG24, $MESSAGE, $_GROUPS; if (!SEC_hasRights('story.edit')) { $output .= COM_showMessageText($MESSAGE[31], $MESSAGE[30], true); return PLG_RET_AUTH_FAILED; } $gl_edit = false; if (isset($args['gl_edit'])) { $gl_edit = $args['gl_edit']; } if ($gl_edit) { /* This is EDIT mode, so there should be an old sid */ if (empty($args['old_sid'])) { if (!empty($args['id'])) { $args['old_sid'] = $args['id']; } else { return PLG_RET_ERROR; } if (empty($args['sid'])) { $args['sid'] = $args['old_sid']; } } } else { if (empty($args['sid']) && !empty($args['id'])) { $args['sid'] = $args['id']; } } /* Store the first CATEGORY as the Topic ID */ if (!empty($args['category'][0])) { $args['tid'] = $args['category'][0]; } $content = ''; if (!empty($args['content'])) { $content = $args['content']; } else { if (!empty($args['summary'])) { $content = $args['summary']; } } if (!empty($content)) { $parts = explode('[page_break]', $content); if (count($parts) == 1) { $args['introtext'] = $content; $args['bodytext'] = ''; } else { $args['introtext'] = array_shift($parts); $args['bodytext'] = implode('[page_break]', $parts); } } /* Apply filters to the parameters passed by the webservice */ if ($args['gl_svc']) { if (isset($args['mode'])) { $args['mode'] = COM_applyBasicFilter($args['mode']); } if (isset($args['editopt'])) { $args['editopt'] = COM_applyBasicFilter($args['editopt']); } } /* - START: Set all the defaults - */ if (empty($args['tid'])) { // see if we have a default topic $topic = DB_getItem($_TABLES['topics'], 'tid', 'is_default = 1' . COM_getPermSQL('AND')); if (!empty($topic)) { $args['tid'] = $topic; } else { // otherwise, just use the first one $o = array(); $s = array(); if (service_getTopicList_story(array('gl_svc' => true), $o, $s) == PLG_RET_OK) { $args['tid'] = $o[0]; } else { $svc_msg['error_desc'] = 'No topics available'; return PLG_RET_ERROR; } } } if (empty($args['owner_id'])) { $args['owner_id'] = $_USER['uid']; } if (empty($args['group_id'])) { $args['group_id'] = SEC_getFeatureGroup('story.edit', $_USER['uid']); } if (isset($args['alternate_id']) && $args['tid'] == $args['alternate_id']) { $args['alternate_id'] = NULL; } if (empty($args['postmode'])) { $args['postmode'] = $_CONF['postmode']; if (!empty($args['content_type'])) { if ($args['content_type'] == 'text') { $args['postmode'] = 'text'; } else { if ($args['content_type'] == 'html' || $args['content_type'] == 'xhtml') { $args['postmode'] = 'html'; } } } } if ($args['gl_svc']) { /* Permissions */ if (!isset($args['perm_owner'])) { $args['perm_owner'] = $_CONF['default_permissions_story'][0]; } else { $args['perm_owner'] = COM_applyBasicFilter($args['perm_owner'], true); } if (!isset($args['perm_group'])) { $args['perm_group'] = $_CONF['default_permissions_story'][1]; } else { $args['perm_group'] = COM_applyBasicFilter($args['perm_group'], true); } if (!isset($args['perm_members'])) { $args['perm_members'] = $_CONF['default_permissions_story'][2]; } else { $args['perm_members'] = COM_applyBasicFilter($args['perm_members'], true); } if (!isset($args['perm_anon'])) { $args['perm_anon'] = $_CONF['default_permissions_story'][3]; } else { $args['perm_anon'] = COM_applyBasicFilter($args['perm_anon'], true); } if (!isset($args['draft_flag'])) { $args['draft_flag'] = $_CONF['draft_flag']; } if (empty($args['frontpage'])) { $args['frontpage'] = $_CONF['frontpage']; } if (empty($args['show_topic_icon'])) { $args['show_topic_icon'] = $_CONF['show_topic_icon']; } } /* - END: Set all the defaults - */ if (!isset($args['sid'])) { $args['sid'] = ''; } $args['sid'] = COM_sanitizeID($args['sid']); if (!$gl_edit) { if (strlen($args['sid']) > STORY_MAX_ID_LENGTH) { $args['sid'] = WS_makeId($args['slug'], STORY_MAX_ID_LENGTH); } } $story = new Story(); $gl_edit = false; if (isset($args['gl_edit'])) { $gl_edit = $args['gl_edit']; } if ($gl_edit && !empty($args['gl_etag'])) { /* First load the original story to check if it has been modified */ $result = $story->loadFromDatabase($args['sid']); if ($result == STORY_LOADED_OK) { if ($args['gl_etag'] != date('c', $story->_date)) { $svc_msg['error_desc'] = 'A more recent version of the story is available'; return PLG_RET_PRECONDITION_FAILED; } } else { $svc_msg['error_desc'] = 'Error loading story'; return PLG_RET_ERROR; } } /* This function is also doing the security checks */ $result = $story->loadFromArgsArray($args); $sid = $story->getSid(); switch ($result) { case STORY_DUPLICATE_SID: if (!$args['gl_svc']) { if (isset($args['type']) && $args['type'] == 'submission') { $output .= STORY_edit($sid, 'moderate'); } else { $output .= STORY_edit($sid, 'error'); } } return PLG_RET_ERROR; case STORY_EXISTING_NO_EDIT_PERMISSION: $output .= COM_showMessageText($MESSAGE[31], $MESSAGE[30]); COM_accessLog("User {$_USER['username']} tried to illegally submit or edit story {$sid}."); return PLG_RET_PERMISSION_DENIED; case STORY_NO_ACCESS_PARAMS: $output .= COM_showMessageText($MESSAGE[31], $MESSAGE[30]); COM_accessLog("User {$_USER['username']} tried to illegally submit or edit story {$sid}."); return PLG_RET_PERMISSION_DENIED; case STORY_EMPTY_REQUIRED_FIELDS: if (!$args['gl_svc']) { $output .= STORY_edit($sid, 'error'); } return PLG_RET_ERROR; default: break; } /* Image upload is not supported by the web-service at present */ if (!$args['gl_svc']) { // Delete any images if needed if (array_key_exists('delete', $args)) { $delete = count($args['delete']); for ($i = 1; $i <= $delete; $i++) { $ai_filename = DB_getItem($_TABLES['article_images'], 'ai_filename', "ai_sid = '" . DB_escapeString($sid) . "' AND ai_img_num = " . intval(key($args['delete']))); STORY_deleteImage($ai_filename); DB_query("DELETE FROM {$_TABLES['article_images']} WHERE ai_sid = '" . DB_escapeString($sid) . "' AND ai_img_num = '" . intval(key($args['delete'])) . "'"); next($args['delete']); } } // OK, let's upload any pictures with the article if (DB_count($_TABLES['article_images'], 'ai_sid', DB_escapeString($sid)) > 0) { $index_start = DB_getItem($_TABLES['article_images'], 'max(ai_img_num)', "ai_sid = '" . DB_escapeString($sid) . "'") + 1; } else { $index_start = 1; } if (count($_FILES) > 0 and $_CONF['maximagesperarticle'] > 0) { require_once $_CONF['path_system'] . 'classes/upload.class.php'; $upload = new upload(); if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) { $upload->setLogFile($_CONF['path'] . 'logs/error.log'); $upload->setDebug(true); } $upload->setMaxFileUploads($_CONF['maximagesperarticle']); $upload->setAutomaticResize(true); if ($_CONF['keep_unscaled_image'] == 1) { $upload->keepOriginalImage(true); } else { $upload->keepOriginalImage(false); } $upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png')); $upload->setFieldName('file'); //@TODO - better error handling... if (!$upload->setPath($_CONF['path_images'] . 'articles')) { $output = COM_siteHeader('menu', $LANG24[30]); $output .= COM_showMessageText($upload->printErrors(false), $LANG24[30], true); $output .= COM_siteFooter(); echo $output; exit; } // NOTE: if $_CONF['path_to_mogrify'] is set, the call below will // force any images bigger than the passed dimensions to be resized. // If mogrify is not set, any images larger than these dimensions // will get validation errors $upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']); $upload->setMaxFileSize($_CONF['max_image_size']); // size in bytes, 1048576 = 1MB // Set file permissions on file after it gets uploaded (number is in octal) $upload->setPerms('0644'); $filenames = array(); $sql = "SELECT MAX(ai_img_num) + 1 AS ai_img_num FROM " . $_TABLES['article_images'] . " WHERE ai_sid = '" . DB_escapeString($sid) . "'"; $result = DB_query($sql, 1); $row = DB_fetchArray($result); $ai_img_num = $row['ai_img_num']; if ($ai_img_num < 1) { $ai_img_num = 1; } for ($z = 0; $z < $_CONF['maximagesperarticle']; $z++) { $curfile['name'] = ''; if (isset($_FILES['file']['name'][$z])) { $curfile['name'] = $_FILES['file']['name'][$z]; } if (!empty($curfile['name'])) { $pos = strrpos($curfile['name'], '.') + 1; $fextension = substr($curfile['name'], $pos); $filenames[] = $sid . '_' . $ai_img_num . '.' . $fextension; $ai_img_num++; } else { $filenames[] = ''; } } $upload->setFileNames($filenames); $upload->uploadFiles(); //@TODO - better error handling if ($upload->areErrors()) { $retval = COM_siteHeader('menu', $LANG24[30]); $retval .= COM_showMessageText($upload->printErrors(false), $LANG24[30], true); $retval .= STORY_edit($sid, 'error'); $retval .= COM_siteFooter(); echo $retval; exit; } for ($z = 0; $z < $_CONF['maximagesperarticle']; $z++) { if ($filenames[$z] != '') { $sql = "SELECT MAX(ai_img_num) + 1 AS ai_img_num FROM " . $_TABLES['article_images'] . " WHERE ai_sid = '" . DB_escapeString($sid) . "'"; $result = DB_query($sql, 1); $row = DB_fetchArray($result); $ai_img_num = $row['ai_img_num']; if ($ai_img_num < 1) { $ai_img_num = 1; } DB_query("INSERT INTO {$_TABLES['article_images']} (ai_sid, ai_img_num, ai_filename) VALUES ('" . DB_escapeString($sid) . "', {$ai_img_num}, '" . DB_escapeString($filenames[$z]) . "')"); } } } if ($_CONF['maximagesperarticle'] > 0) { $errors = $story->checkImages(); if (count($errors) > 0) { $output = COM_siteHeader('menu', $LANG24[54]); $eMsg = $LANG24[55] . '<p>'; for ($i = 1; $i <= count($errors); $i++) { $eMsg .= current($errors) . '<br />'; next($errors); } //@TODO - use return here... $output .= COM_showMessageText($eMsg, $LANG24[54], true); $output .= STORY_edit($sid, 'error'); $output .= COM_siteFooter(); echo $output; exit; } } } $result = $story->saveToDatabase(); if ($result == STORY_SAVED) { // see if any plugins want to act on that story if (!empty($args['old_sid']) && $args['old_sid'] != $sid) { PLG_itemSaved($sid, 'article', $args['old_sid']); } else { PLG_itemSaved($sid, 'article'); } // update feed(s) and Older Stories block COM_rdfUpToDateCheck('article', $story->DisplayElements('tid'), $sid); COM_olderStuff(); if ($story->type == 'submission') { COM_setMessage(9); echo COM_refresh($_CONF['site_admin_url'] . '/moderation.php'); exit; } else { $output = PLG_afterSaveSwitch($_CONF['aftersave_story'], COM_buildURL("{$_CONF['site_url']}/article.php?story={$sid}"), 'story', 9); } /* @TODO Set the object id here */ $svc_msg['id'] = $sid; return PLG_RET_OK; } }
/** * Submit static page. The page is updated if it exists, or a new one is created * * @param array args Contains all the data provided by the client * @param string &output OUTPUT parameter containing the returned text * @param string &svc_msg OUTPUT parameter containing any service messages * @return int Response code as defined in lib-plugins.php */ function service_submit_staticpages($args, &$output, &$svc_msg) { global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $LANG12, $LANG_STATIC, $LANG_LOGIN, $_GROUPS, $_SP_CONF; $output = ''; if (!SEC_hasRights('staticpages.edit')) { $output = COM_siteHeader('menu', $LANG_STATIC['access_denied']); $output .= COM_showMessageText($LANG_STATIC['access_denied_msg'], $LANG_STATIC['access_denied'], true); $output .= COM_siteFooter(); return PLG_RET_AUTH_FAILED; } if (defined('DEMO_MODE')) { $output = COM_siteHeader('menu'); $output .= COM_showMessageText('Option disabled in Demo Mode', 'Option disabled in Demo Mode', true); $output .= COM_siteFooter(); return PLG_REG_AUTH_FAILED; } $gl_edit = false; if (isset($args['gl_edit'])) { $gl_edit = $args['gl_edit']; } if ($gl_edit) { // This is EDIT mode, so there should be an sp_old_id if (empty($args['sp_old_id'])) { if (!empty($args['id'])) { $args['sp_old_id'] = $args['id']; } else { return PLG_RET_ERROR; } if (empty($args['sp_id'])) { $args['sp_id'] = $args['sp_old_id']; } } } else { if (empty($args['sp_id']) && !empty($args['id'])) { $args['sp_id'] = $args['id']; } } if (empty($args['sp_uid'])) { $args['sp_uid'] = $_USER['uid']; } if (empty($args['sp_title']) && !empty($args['title'])) { $args['sp_title'] = $args['title']; } if (empty($args['sp_content']) && !empty($args['content'])) { $args['sp_content'] = $args['content']; } if (isset($args['category']) && is_array($args['category']) && !empty($args['category'][0])) { $args['sp_tid'] = $args['category'][0]; } if (!isset($args['owner_id'])) { $args['owner_id'] = $_USER['uid']; } if (empty($args['group_id'])) { $args['group_id'] = SEC_getFeatureGroup('staticpages.edit', $_USER['uid']); } $args['sp_id'] = COM_sanitizeID($args['sp_id']); if (!$gl_edit) { if (strlen($args['sp_id']) > STATICPAGE_MAX_ID_LENGTH) { if (function_exists('WS_makeId')) { $args['sp_id'] = WS_makeId($slug, STATICPAGE_MAX_ID_LENGTH); } else { $args['sp_id'] = COM_makeSid(); } } } // Apply filters to the parameters passed by the webservice if ($args['gl_svc']) { $par_str = array('mode', 'sp_id', 'sp_old_id', 'sp_tid', 'sp_format', 'postmode'); $par_num = array('sp_uid', 'sp_hits', 'owner_id', 'group_id', 'sp_where', 'sp_php', 'commentcode', 'sp_search', 'sp_status'); foreach ($par_str as $str) { if (isset($args[$str])) { $args[$str] = COM_applyBasicFilter($args[$str]); } else { $args[$str] = ''; } } foreach ($par_num as $num) { if (isset($args[$num])) { $args[$num] = COM_applyBasicFilter($args[$num], true); } else { $args[$num] = 0; } } } // START: Staticpages defaults if ($args['sp_status'] != 1) { $args['sp_status'] = 0; } if (empty($args['sp_format'])) { $args['sp_format'] = 'allblocks'; } if (empty($args['sp_tid'])) { $args['sp_tid'] = 'all'; } if ($args['sp_where'] < 0 || $args['sp_where'] > 4) { $args['sp_where'] = 0; } if ($args['sp_php'] < 0 || $args['sp_php'] > 2) { $args['sp_php'] = 0; } if ($args['commentcode'] < -1 || $args['commentcode'] > 1) { $args['commentcode'] = $_CONF['comment_code']; } if ($args['sp_search'] != 1) { $args['sp_search'] = 0; } if ($args['gl_svc']) { // Permissions if (!isset($args['perm_owner'])) { $args['perm_owner'] = $_SP_CONF['default_permissions'][0]; } else { $args['perm_owner'] = COM_applyBasicFilter($args['perm_owner'], true); } if (!isset($args['perm_group'])) { $args['perm_group'] = $_SP_CONF['default_permissions'][1]; } else { $args['perm_group'] = COM_applyBasicFilter($args['perm_group'], true); } if (!isset($args['perm_members'])) { $args['perm_members'] = $_SP_CONF['default_permissions'][2]; } else { $args['perm_members'] = COM_applyBasicFilter($args['perm_members'], true); } if (!isset($args['perm_anon'])) { $args['perm_anon'] = $_SP_CONF['default_permissions'][3]; } else { $args['perm_anon'] = COM_applyBasicFilter($args['perm_anon'], true); } if (!isset($args['sp_onmenu'])) { $args['sp_onmenu'] = ''; } else { if ($args['sp_onmenu'] == 'on' && empty($args['sp_label'])) { $svc_msg['error_desc'] = 'Menu label missing'; return PLG_RET_ERROR; } } if (empty($args['sp_content'])) { $svc_msg['error_desc'] = 'No content'; return PLG_RET_ERROR; } if (empty($args['sp_inblock']) && $_SP_CONF['in_block'] == '1') { $args['sp_inblock'] = 'on'; } if (empty($args['sp_centerblock'])) { $args['sp_centerblock'] = ''; } } // END: Staticpages defaults $sp_id = $args['sp_id']; $sp_status = $args['sp_status']; $sp_uid = $args['sp_uid']; $sp_title = $args['sp_title']; $sp_content = $args['sp_content']; $sp_hits = $args['sp_hits']; $sp_format = $args['sp_format']; $sp_onmenu = $args['sp_onmenu']; $sp_label = ''; if (!empty($args['sp_label'])) { $sp_label = $args['sp_label']; } $commentcode = $args['commentcode']; $owner_id = $args['owner_id']; $group_id = $args['group_id']; $perm_owner = $args['perm_owner']; $perm_group = $args['perm_group']; $perm_members = $args['perm_members']; $perm_anon = $args['perm_anon']; $sp_php = $args['sp_php']; $sp_nf = ''; if (!empty($args['sp_nf'])) { $sp_nf = $args['sp_nf']; } $sp_old_id = $args['sp_old_id']; $sp_centerblock = $args['sp_centerblock']; $sp_help = ''; if (!empty($args['sp_help'])) { $sp_help = $args['sp_help']; } $sp_tid = $args['sp_tid']; $sp_where = $args['sp_where']; $sp_inblock = $args['sp_inblock']; $postmode = $args['postmode']; $sp_search = $args['sp_search']; if ($gl_edit && !empty($args['gl_etag'])) { // First load the original staticpage to check if it has been modified $o = array(); $s = array(); $r = service_get_staticpages(array('sp_id' => $sp_old_id, 'gl_svc' => true), $o, $s); if ($r == PLG_RET_OK) { if ($args['gl_etag'] != $o['updated']) { $svc_msg['error_desc'] = 'A more recent version of the staticpage is available'; return PLG_RET_PRECONDITION_FAILED; } } else { $svc_msg['error_desc'] = 'The requested staticpage no longer exists'; return PLG_RET_ERROR; } } // Check for unique page ID $duplicate_id = false; $delete_old_page = false; if (DB_count($_TABLES['staticpage'], 'sp_id', $sp_id) > 0) { if ($sp_id != $sp_old_id) { $duplicate_id = true; } } elseif (!empty($sp_old_id)) { if ($sp_id != $sp_old_id) { $delete_old_page = true; } } if ($duplicate_id) { $output .= COM_siteHeader('menu', $LANG_STATIC['staticpageeditor']); $output .= COM_errorLog($LANG_STATIC['duplicate_id'], 2); if (!$args['gl_svc']) { $output .= PAGE_edit($sp_id); } $output .= COM_siteFooter(); $svc_msg['error_desc'] = 'Duplicate ID'; return PLG_RET_ERROR; } elseif (!empty($sp_title) && !empty($sp_content)) { if (empty($sp_hits)) { $sp_hits = 0; } if ($sp_onmenu == 'on') { $sp_onmenu = 1; } else { $sp_onmenu = 0; } if ($sp_nf == 'on') { $sp_nf = 1; } else { $sp_nf = 0; } if ($sp_centerblock == 'on') { $sp_centerblock = 1; } else { $sp_centerblock = 0; } if ($sp_inblock == 'on') { $sp_inblock = 1; } else { $sp_inblock = 0; } // Clean up the text if ($_SP_CONF['censor'] == 1) { $sp_content = COM_checkWords($sp_content); $sp_title = COM_checkWords($sp_title); } if ($_SP_CONF['filter_html'] == 1) { $sp_content = COM_checkHTML($sp_content, 'staticpages.edit'); } $sp_title = strip_tags($sp_title); $sp_label = strip_tags($sp_label); $sp_content = DB_escapeString($sp_content); $sp_title = DB_escapeString($sp_title); $sp_label = DB_escapeString($sp_label); // If user does not have php edit perms, then set php flag to 0. if ($_SP_CONF['allow_php'] != 1 || !SEC_hasRights('staticpages.PHP')) { $sp_php = 0; } // make sure there's only one "entire page" static page per topic if ($sp_centerblock == 1 && $sp_where == 0) { $sql = "UPDATE {$_TABLES['staticpage']} SET sp_centerblock = 0 WHERE sp_centerblock = 1 AND sp_where = 0 AND sp_tid = '" . DB_escapeString($sp_tid) . "'"; // multi-language configuration - allow one entire page // centerblock for all or none per language if (!empty($_CONF['languages']) && !empty($_CONF['language_files']) && ($sp_tid == 'all' || $sp_tid == 'none')) { $ids = explode('_', $sp_id); if (count($ids) > 1) { $lang_id = array_pop($ids); $sql .= " AND sp_id LIKE '%\\_" . DB_escapeString($lang_id) . "'"; } } DB_query($sql); } $formats = array('allblocks', 'blankpage', 'leftblocks', 'rightblocks', 'noblocks'); if (!in_array($sp_format, $formats)) { $sp_format = 'allblocks'; } if (!$args['gl_svc']) { list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon); } DB_save($_TABLES['staticpage'], 'sp_id,sp_status,sp_uid,sp_title,sp_content,sp_date,sp_hits,sp_format,sp_onmenu,sp_label,commentcode,owner_id,group_id,' . 'perm_owner,perm_group,perm_members,perm_anon,sp_php,sp_nf,sp_centerblock,sp_help,sp_tid,sp_where,sp_inblock,postmode,sp_search', "'{$sp_id}',{$sp_status}, {$sp_uid},'{$sp_title}','{$sp_content}',NOW(),{$sp_hits},'{$sp_format}',{$sp_onmenu},'{$sp_label}','{$commentcode}',{$owner_id},{$group_id}," . "{$perm_owner},{$perm_group},{$perm_members},{$perm_anon},'{$sp_php}','{$sp_nf}',{$sp_centerblock},'{$sp_help}','{$sp_tid}',{$sp_where}," . "'{$sp_inblock}','{$postmode}',{$sp_search}"); if ($delete_old_page && !empty($sp_old_id)) { DB_delete($_TABLES['staticpage'], 'sp_id', $sp_old_id); DB_change($_TABLES['comments'], 'sid', DB_escapeString($sp_id), array('sid', 'type'), array(DB_escapeString($sp_old_id), 'staticpages')); PLG_itemDeleted($sp_old_id, 'staticpages'); } PLG_itemSaved($sp_id, 'staticpages'); $url = COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $sp_id); $output .= PLG_afterSaveSwitch($_SP_CONF['aftersave'], $url, 'staticpages'); $svc_msg['id'] = $sp_id; return PLG_RET_OK; } else { $output .= COM_siteHeader('menu', $LANG_STATIC['staticpageeditor']); $output .= COM_errorLog($LANG_STATIC['no_title_or_content'], 2); if (!$args['gl_svc']) { $output .= PAGE_edit($sp_id); } $output .= COM_siteFooter(); return PLG_RET_ERROR; } }
/** * Submit a new or updated story. The story is updated if it exists, or a new one is created * * @param array args Contains all the data provided by the client * @param string &output OUTPUT parameter containing the returned text * @return int Response code as defined in lib-plugins.php */ function service_submit_story($args, &$output, &$svc_msg) { global $_CONF, $_TABLES, $_USER, $LANG24, $MESSAGE, $_GROUPS; if (!SEC_hasRights('story.edit')) { $output .= COM_showMessageText($MESSAGE[29], $MESSAGE[30]); $output = COM_createHTMLDocument($output, array('pagetitle' => $MESSAGE[30])); return PLG_RET_AUTH_FAILED; } require_once $_CONF['path_system'] . 'lib-comment.php'; if (!$_CONF['disable_webservices']) { require_once $_CONF['path_system'] . 'lib-webservices.php'; } $gl_edit = false; if (isset($args['gl_edit'])) { $gl_edit = $args['gl_edit']; } if ($gl_edit) { /* This is EDIT mode, so there should be an old sid */ if (empty($args['old_sid'])) { if (!empty($args['id'])) { $args['old_sid'] = $args['id']; } else { return PLG_RET_ERROR; } if (empty($args['sid'])) { $args['sid'] = $args['old_sid']; } } } else { if (empty($args['sid']) && !empty($args['id'])) { $args['sid'] = $args['id']; } } // Store the first CATEGORY as the Topic ID if (!empty($args['category'][0])) { $args['tid'] = $args['category'][0]; } $content = ''; if (!empty($args['content'])) { $content = $args['content']; } else { if (!empty($args['summary'])) { $content = $args['summary']; } } if (!empty($content)) { $parts = explode('[page_break]', $content); if (count($parts) == 1) { $args['introtext'] = $content; $args['bodytext'] = ''; } else { $args['introtext'] = array_shift($parts); $args['bodytext'] = implode('[page_break]', $parts); } } // Apply filters to the parameters passed by the webservice if ($args['gl_svc']) { if (isset($args['mode'])) { $args['mode'] = COM_applyBasicFilter($args['mode']); } if (isset($args['editopt'])) { $args['editopt'] = COM_applyBasicFilter($args['editopt']); } } // - START: Set all the defaults - /* if (empty($args['tid'])) { // see if we have a default topic $topic = DB_getItem($_TABLES['topics'], 'tid', 'is_default = 1' . COM_getPermSQL('AND')); if (!empty($topic)) { $args['tid'] = $topic; } else { // otherwise, just use the first one $o = array(); $s = array(); if (service_getTopicList_story(array('gl_svc' => true), $o, $s) == PLG_RET_OK) { $args['tid'] = $o[0]; } else { $svc_msg['error_desc'] = 'No topics available'; return PLG_RET_ERROR; } } } */ /* This is a solution for above but the above has issues if (!TOPIC_checkTopicSelectionControl()) { $svc_msg['error_desc'] = 'No topics selected or available'; return PLG_RET_ERROR; } */ if (empty($args['owner_id'])) { $args['owner_id'] = $_USER['uid']; } if (empty($args['group_id'])) { $args['group_id'] = SEC_getFeatureGroup('story.edit', $_USER['uid']); } if (empty($args['postmode'])) { $args['postmode'] = $_CONF['postmode']; if (!empty($args['content_type'])) { if ($args['content_type'] == 'text') { $args['postmode'] = 'text'; } else { if ($args['content_type'] == 'html' || $args['content_type'] == 'xhtml') { $args['postmode'] = 'html'; } } } } if ($args['gl_svc']) { // Permissions if (!isset($args['perm_owner'])) { $args['perm_owner'] = $_CONF['default_permissions_story'][0]; } else { $args['perm_owner'] = COM_applyBasicFilter($args['perm_owner'], true); } if (!isset($args['perm_group'])) { $args['perm_group'] = $_CONF['default_permissions_story'][1]; } else { $args['perm_group'] = COM_applyBasicFilter($args['perm_group'], true); } if (!isset($args['perm_members'])) { $args['perm_members'] = $_CONF['default_permissions_story'][2]; } else { $args['perm_members'] = COM_applyBasicFilter($args['perm_members'], true); } if (!isset($args['perm_anon'])) { $args['perm_anon'] = $_CONF['default_permissions_story'][3]; } else { $args['perm_anon'] = COM_applyBasicFilter($args['perm_anon'], true); } if (!isset($args['draft_flag'])) { $args['draft_flag'] = $_CONF['draft_flag']; } if (empty($args['frontpage'])) { $args['frontpage'] = $_CONF['frontpage']; } if (empty($args['show_topic_icon'])) { $args['show_topic_icon'] = $_CONF['show_topic_icon']; } } // - END: Set all the defaults - // TEST CODE /* foreach ($args as $k => $v) { if (!is_array($v)) { echo "$k => $v\r\n"; } else { echo "$k => $v\r\n"; foreach ($v as $k1 => $v1) { echo " $k1 => $v1\r\n"; } } }*/ // exit (); // END TEST CODE if (!isset($args['sid'])) { $args['sid'] = ''; } $args['sid'] = COM_sanitizeID($args['sid']); if (!$gl_edit) { if (strlen($args['sid']) > STORY_MAX_ID_LENGTH) { $slug = ''; if (isset($args['slug'])) { $slug = $args['slug']; } if (function_exists('WS_makeId')) { $args['sid'] = WS_makeId($slug, STORY_MAX_ID_LENGTH); } else { $args['sid'] = COM_makeSid(); } } } $story = new Story(); $gl_edit = false; if (isset($args['gl_edit'])) { $gl_edit = $args['gl_edit']; } if ($gl_edit && !empty($args['gl_etag'])) { // First load the original story to check if it has been modified $result = $story->loadFromDatabase($args['sid']); if ($result == STORY_LOADED_OK) { if ($args['gl_etag'] != date('c', $story->_date)) { $svc_msg['error_desc'] = 'A more recent version of the story is available'; return PLG_RET_PRECONDITION_FAILED; } } else { $svc_msg['error_desc'] = 'Error loading story'; return PLG_RET_ERROR; } } // This function is also doing the security checks $result = $story->loadFromArgsArray($args); $sid = $story->getSid(); // Check if topics selected if not prompt required field if ($result == STORY_LOADED_OK) { if (!TOPIC_checkTopicSelectionControl()) { $result = STORY_EMPTY_REQUIRED_FIELDS; } } switch ($result) { case STORY_DUPLICATE_SID: $output .= COM_errorLog($LANG24[24], 2); if (!$args['gl_svc']) { $output .= storyeditor($sid); } $output = COM_createHTMLDocument($output, array('pagetitle' => $LANG24[5])); return PLG_RET_ERROR; break; case STORY_EXISTING_NO_EDIT_PERMISSION: $output .= COM_showMessageText($MESSAGE[29], $MESSAGE[30]); $output = COM_createHTMLDocument($output, array('pagetitle' => $MESSAGE[30])); COM_accessLog("User {$_USER['username']} tried to illegally submit or edit story {$sid}."); return PLG_RET_PERMISSION_DENIED; break; case STORY_NO_ACCESS_PARAMS: $output .= COM_showMessageText($MESSAGE[29], $MESSAGE[30]); $output = COM_createHTMLDocument($output, array('pagetitle' => $MESSAGE[30])); COM_accessLog("User {$_USER['username']} tried to illegally submit or edit story {$sid}."); return PLG_RET_PERMISSION_DENIED; break; case STORY_EMPTY_REQUIRED_FIELDS: $output .= COM_errorLog($LANG24[31], 2); if (!$args['gl_svc']) { $output .= storyeditor($sid); } $output = COM_createHTMLDocument($output); return PLG_RET_ERROR; break; default: break; } /* Image upload is not supported by the web-service at present */ if (!$args['gl_svc']) { // Delete any images if needed if (array_key_exists('delete', $args)) { $delete = count($args['delete']); for ($i = 1; $i <= $delete; $i++) { $ai_filename = DB_getItem($_TABLES['article_images'], 'ai_filename', "ai_sid = '{$sid}' AND ai_img_num = " . key($args['delete'])); STORY_deleteImage($ai_filename); DB_query("DELETE FROM {$_TABLES['article_images']} WHERE ai_sid = '{$sid}' AND ai_img_num = " . key($args['delete'])); next($args['delete']); } } // OK, let's upload any pictures with the article if (DB_count($_TABLES['article_images'], 'ai_sid', $sid) > 0) { $index_start = DB_getItem($_TABLES['article_images'], 'max(ai_img_num)', "ai_sid = '{$sid}'") + 1; } else { $index_start = 1; } if (count($_FILES) > 0 && $_CONF['maximagesperarticle'] > 0) { require_once $_CONF['path_system'] . 'classes/upload.class.php'; $upload = new Upload(); if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) { $upload->setLogFile($_CONF['path'] . 'logs/error.log'); $upload->setDebug(true); } $upload->setMaxFileUploads($_CONF['maximagesperarticle']); if (!empty($_CONF['image_lib'])) { if ($_CONF['image_lib'] == 'imagemagick') { // Using imagemagick $upload->setMogrifyPath($_CONF['path_to_mogrify']); } elseif ($_CONF['image_lib'] == 'netpbm') { // using netPBM $upload->setNetPBM($_CONF['path_to_netpbm']); } elseif ($_CONF['image_lib'] == 'gdlib') { // using the GD library $upload->setGDLib(); } $upload->setAutomaticResize(true); if ($_CONF['keep_unscaled_image'] == 1) { $upload->keepOriginalImage(true); } else { $upload->keepOriginalImage(false); } if (isset($_CONF['jpeg_quality'])) { $upload->setJpegQuality($_CONF['jpeg_quality']); } } $upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png')); if (!$upload->setPath($_CONF['path_images'] . 'articles')) { $output = COM_showMessageText($upload->printErrors(false), $LANG24[30]); $output = COM_createHTMLDocument($output, array('pagetitle' => $LANG24[30])); echo $output; exit; } // NOTE: if $_CONF['path_to_mogrify'] is set, the call below will // force any images bigger than the passed dimensions to be resized. // If mogrify is not set, any images larger than these dimensions // will get validation errors $upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']); $upload->setMaxFileSize($_CONF['max_image_size']); // size in bytes, 1048576 = 1MB // Set file permissions on file after it gets uploaded (number is in octal) $upload->setPerms('0644'); $filenames = array(); $end_index = $index_start + $upload->numFiles() - 1; for ($z = $index_start; $z <= $end_index; $z++) { $curfile = current($_FILES); if (!empty($curfile['name'])) { $pos = strrpos($curfile['name'], '.') + 1; $fextension = substr($curfile['name'], $pos); $filenames[] = $sid . '_' . $z . '.' . $fextension; } next($_FILES); } $upload->setFileNames($filenames); reset($_FILES); $upload->uploadFiles(); if ($upload->areErrors()) { $retval = COM_showMessageText($upload->printErrors(false), $LANG24[30]); $output = COM_createHTMLDocument($output, array('pagetitle' => $LANG24[30])); echo $retval; exit; } reset($filenames); for ($z = $index_start; $z <= $end_index; $z++) { DB_query("INSERT INTO {$_TABLES['article_images']} (ai_sid, ai_img_num, ai_filename) VALUES ('{$sid}', {$z}, '" . current($filenames) . "')"); next($filenames); } } if ($_CONF['maximagesperarticle'] > 0) { $errors = $story->checkAttachedImages(); if (count($errors) > 0) { $output .= COM_startBlock($LANG24[54], '', COM_getBlockTemplate('_msg_block', 'header')); $output .= $LANG24[55] . LB . '<ul>' . LB; foreach ($errors as $err) { $output .= '<li>' . $err . '</li>' . LB; } $output .= '</ul>' . LB; $output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); $output .= storyeditor($sid); $output = COM_createHTMLDocument($output, array('pagetitle' => $LANG24[54])); echo $output; exit; } } } $result = $story->saveToDatabase(); if ($result == STORY_SAVED) { // see if any plugins want to act on that story if (!empty($args['old_sid']) && $args['old_sid'] != $sid) { PLG_itemSaved($sid, 'article', $args['old_sid']); } else { PLG_itemSaved($sid, 'article'); } // update feed(s) COM_rdfUpToDateCheck('article', $story->DisplayElements('tid'), $sid); COM_rdfUpToDateCheck('comment'); STORY_updateLastArticlePublished(); CMT_updateCommentcodes(); if ($story->type == 'submission') { $output = COM_refresh($_CONF['site_admin_url'] . '/moderation.php?msg=9'); } else { $output = PLG_afterSaveSwitch($_CONF['aftersave_story'], COM_buildURL("{$_CONF['site_url']}/article.php?story={$sid}"), 'story', 9); } /* @TODO Set the object id here */ $svc_msg['id'] = $sid; return PLG_RET_OK; } }
/** * Display the detail page for the event occurrence. * * @param integer $rp_id ID of the repeat to display * @param string $query Optional query string, for highlighting * @param string $tpl Optional template filename, e.g. 'event_print' * @return string HTML for the page. */ public function Render($rp_id = 0, $query = '', $tpl = '') { global $_CONF, $_USER, $_EV_CONF, $_TABLES, $LANG_EVLIST, $LANG_WEEK, $_SYSTEM; $retval = ''; $url = ''; $location = ''; $street = ''; $city = ''; $province = ''; $country = ''; $postal = ''; $name = ''; $email = ''; $phone = ''; if ($rp_id != 0) { $this->Read($rp_id); } if ($this->rp_id == 0) { return EVLIST_alertMessage($LANG_EVLIST['access_denied']); } //update hit count evlist_hit($this->ev_id); $template = 'event'; if (!empty($tpl)) { $template .= '_' . $tpl; } else { $template .= $_SYSTEM['framework'] == 'uikit' ? '.uikit' : ''; } $T = new Template(EVLIST_PI_PATH . '/templates/'); $T->set_file(array('event' => $template . '.thtml', 'datetime' => 'date_time.thtml', 'address' => 'address.thtml', 'contact' => 'contact.thtml')); // If plain text then replace newlines with <br> tags if ($this->Event->postmode == '1') { //plaintext $this->Event->Detail->summary = nl2br($this->Event->Detail->summary); $this->Event->Detail->full_description = nl2br($this->Event->Detail->full_description); $this->Event->Detail->location = nl2br($this->Event->Detail->location); } $title = $this->Event->Detail->title; if ($this->postmode != 'plaintext') { $summary = PLG_replaceTags($this->Event->Detail->summary); $fulldescription = PLG_replaceTags($this->Event->Detail->full_description); $location = $this->Event->Detail->location != '' ? PLG_replaceTags($this->Event->Detail->location) : ''; } else { $summary = $this->Event->Detail->summary; $fulldescription = $this->Event->Detail->full_description; $location = $this->Event->Detail->location; } if ($query != '') { $title = COM_highlightQuery($title, $query); if (!empty($summary)) { $summary = COM_highlightQuery($summary, $query); } if (!empty($fulldescription)) { $fulldescription = COM_highlightQuery($fulldescription, $query); } if (!empty($location)) { $location = COM_highlightQuery($location, $query); } } $date_start = EVLIST_formattedDate($this->date_start); if ($this->date_start != $this->date_end) { $date_end = EVLIST_formattedDate($this->date_end); } else { $date_end = ''; } if ($this->Event->allday == '1') { $allday = '<br />' . $LANG_EVLIST['all_day_event']; } else { $allday = ''; if ($this->time_start1 != '') { $time_start1 = EVLIST_formattedTime($this->time_start1); $time_end1 = EVLIST_formattedTime($this->time_end1); } else { $time_start1 = ''; $time_end1 = ''; } //$time_period = $time_start . $time_end; if ($this->Event->split == '1') { $time_start2 = EVLIST_formattedTime($this->time_start2); $time_end2 = EVLIST_formattedTime($this->time_end2); } } $url = $this->Event->Detail->url; $street = $this->Event->Detail->street; $city = $this->Event->Detail->city; $province = $this->Event->Detail->province; $postal = $this->Event->Detail->postal; $country = $this->Event->Detail->country; // Now get the text description of the recurring interval, if any if ($this->Event->recurring && $this->Event->rec_data['type'] < EV_RECUR_DATES) { $rec_data = $this->Event->rec_data; $rec_string = $LANG_EVLIST['recur_freq_txt'] . ' ' . $this->Event->RecurDescrip(); switch ($rec_data['type']) { case EV_RECUR_WEEKLY: // sequential days $weekdays = array(); if (is_array($rec_data['listdays'])) { foreach ($rec_data['listdays'] as $daynum) { $weekdays[] = $LANG_WEEK[$daynum]; } $days_text = implode(', ', $weekdays); } else { $days_text = ''; } $rec_string .= ' ' . sprintf($LANG_EVLIST['on_days'], $days_text); break; case EV_RECUR_DOM: $days = array(); foreach ($rec_data['interval'] as $key => $day) { $days[] = $LANG_EVLIST['rec_intervals'][$day]; } $days_text = implode(', ', $days) . ' ' . $LANG_WEEK[$rec_data['weekday']]; $rec_string .= ' ' . sprintf($LANG_EVLIST['on_the_days'], $days_text); break; } if ($this->Event->rec_data['stop'] != '' && $this->Event->rec_data['stop'] < EV_MAX_DATE) { $rec_string .= ' ' . sprintf($LANG_EVLIST['recur_stop_desc'], EVLIST_formattedDate($this->Event->rec_data['stop'])); } } else { $rec_string = ''; } $T->set_var(array('pi_url' => EVLIST_URL, 'webcal_url' => preg_replace('/^https?/', 'webcal', EVLIST_URL), 'rp_id' => $this->rp_id, 'ev_id' => $this->ev_id, 'title' => $title, 'summary' => $summary, 'full_description' => $fulldescription, 'can_edit' => $this->isAdmin ? 'true' : '', 'start_time1' => $time_start1, 'end_time1' => $time_end1, 'start_time2' => $time_start2, 'end_time2' => $time_end2, 'start_date' => $date_start, 'end_date' => $date_end, 'start_datetime1' => $date_start . $time_start, 'end_datetime1' => $date_end . $time_end, 'allday_event' => $this->Event->allday == 1 ? 'true' : '', 'is_recurring' => $this->Event->recurring, 'can_subscribe' => $this->Event->Calendar->cal_ena_ical, 'recurring_event' => $rec_string, 'owner_id' => $this->Event->owner_id, 'cal_name' => $this->Event->Calendar->cal_name, 'cal_id' => $this->Event->cal_id, 'site_name' => $_CONF['site_name'], 'site_slogan' => $_CONF['site_slogan'], 'more_info_link' => sprintf($LANG_EVLIST['click_here'], $url))); if ($_EV_CONF['enable_rsvp'] == 1 && $this->Event->options['use_rsvp'] > 0) { if ($this->Event->options['rsvp_cutoff'] > 0) { $dt = new Date($this->event->date_start1 . ' ' . $this->Event->time_start1, $_CONF['timezone']); if (time() > $dt->toUnix() - $this->Event->options['rsvp_cutoff'] * 86400) { $past_cutoff = false; } else { $past_cutoff = true; } } if (COM_isAnonUser()) { // Just show a must-log-in message $T->set_var('login_to_register', 'true'); } elseif (!$past_cutoff) { $num_free_tickets = $this->isRegistered(0, true); $total_tickets = $this->isRegistered(0, false); if ($num_free_tickets > 0) { // If the user is already registered for any free tickets, // show the cancel link $T->set_var(array('unregister_link' => 'true', 'num_free_reg' => $num_free_tickets)); } // Show the registration link if (($this->Event->options['max_rsvp'] == 0 || $this->Event->options['rsvp_waitlist'] == 1 || $this->Event->options['max_rsvp'] > $this->TotalRegistrations()) && ($this->Event->options['max_user_rsvp'] == 0 || $total_tickets < $this->Event->options['max_user_rsvp'])) { USES_evlist_class_tickettype(); $Ticks = evTicketType::GetTicketTypes(); if ($this->Event->options['max_user_rsvp'] > 0) { $T->set_block('event', 'tickCntBlk', 'tcBlk'); $T->set_var('register_multi', true); //$rsvp_user_count = ''; $avail_tickets = $this->Event->options['max_user_rsvp'] - $total_tickets; for ($i = 1; $i <= $avail_tickets; $i++) { $T->set_var('tick_cnt', $i); $T->parse('tcBlk', 'tickCntBlk', true); //$rsvp_user_count .= '<option value="'.$i.'">'.$i. // '</option>'.LB; } //$T->set_var('register_multi', $rsvp_user_count); } else { // max_rsvp == 0 indicates openended registration $T->set_var('register_unltd', 'true'); } $T->set_block('event', 'tickTypeBlk', 'tBlk'); foreach ($this->Event->options['tickets'] as $tick_id => $data) { /*$options .= '<option value="' . $tick_id . '">' . $Ticks[$tick_id]->description; if ($data['fee'] > 0) { $options .= ' - ' . COM_numberFormat($data['fee'], 2); } $options .= '</option>' . LB;*/ $status = LGLIB_invokeService('paypal', 'formatAmount', array('amount' => $data['fee']), $pp_fmt_amt, $svc_msg); $fmt_amt = $status == PLG_RET_OK ? $pp_fmt_amt : COM_numberFormat($data['fee'], 2); $T->set_var(array('tick_type' => $tick_id, 'tick_descr' => $Ticks[$tick_id]->description, 'tick_fee' => $data['fee'] > 0 ? $fmt_amt : 'FREE')); $T->parse('tBlk', 'tickTypeBlk', true); } $T->set_var(array('register_link' => 'true', 'ticket_options' => $options, 'ticket_types_multi' => count($this->Event->options['tickets']) > 1 ? 'true' : '')); } } // If ticket printing is enabled for this event, see if the // current user has any tickets to print. if ($this->Event->options['rsvp_print'] > 0) { $paid = $this->Event->options['rsvp_print'] == 1 ? 'paid' : ''; USES_evlist_class_ticket(); $tickets = evTicket::GetTickets($this->ev_id, '', $this->uid, $paid); if (count($tickets) > 0) { $T->set_var('have_tickets', 'true'); } } } // if enable_rsvp if (!empty($date_start) || !empty($date_end)) { $T->parse('datetime_info', 'datetime'); } // Only process the location block if at least one element exists. // Don't want an empty block showing. if (!empty($location) || !empty($street) || !empty($city) || !empty($province) || !empty($postal)) { $T->set_var(array('location' => $location, 'street' => $street, 'city' => $city, 'province' => $province, 'country' => $country, 'postal' => $postal)); $T->parse('address_info', 'address'); // Get info from the Weather plugin, if configured and available // There has to be at least some location data for this to work. if ($_EV_CONF['use_weather']) { // The postal code works best, but not internationally. // Try the regular address first. $loc = ''; if (!empty($city) && !empty($province)) { $loc = $city . ', ' . $province . ' ' . $country; } if (!empty($postal)) { $loc .= ' ' . $postal; } if (!empty($loc)) { // Location info was found, get the weather LGLIB_invokeService('weather', 'embed', array('loc' => $loc), $weather, $svc_msg); if (!empty($weather)) { // Weather info was found $T->set_var('weather', $weather); } } } } // Get a map from the Locator plugin, if configured and available if ($_EV_CONF['use_locator'] == 1 && $this->Event->Detail->lat != 0 && $this->Event->Detail->lng != 0) { $status = LGLIB_invokeService('locator', 'getMap', array('lat' => $this->Event->Detail->lat, 'lng' => $this->Event->Detail->lng), $map, $svc_msg); if ($status == PLG_RET_OK) { $T->set_var(array('map' => $map, 'lat' => number_format($this->Event->Detail->lat, 8, '.', ''), 'lng' => number_format($this->Event->Detail->lng, 8, '.', ''))); } } //put contact info here: contact, email, phone# $name = $this->Event->Detail->contact != '' ? COM_applyFilter($this->Event->Detail->contact) : ''; if ($this->Event->Detail->email != '') { $email = COM_applyFilter($this->Event->Detail->email); $email = EVLIST_obfuscate($email); } else { $email = ''; } $phone = $this->Event->Detail->phone != '' ? COM_applyFilter($this->Event->Detail->phone) : ''; if (!empty($name) || !empty($email) || !empty($phone)) { $T->set_var(array('name' => $name, 'email' => $email, 'phone' => $phone)); $T->parse('contact_info', 'contact'); } // TODO: Is the range needed? if (!empty($range)) { $andrange = '&range=' . $range; } else { $andrange = '&range=2'; } if (!empty($cat)) { $andcat = '&cat=' . $cat; } else { $andcat = ''; } $cats = $this->Event->GetCategories(); $catcount = count($cats); if ($catcount > 0) { $catlinks = array(); for ($i = 0; $i < $catcount; $i++) { $catlinks[] = '<a href="' . COM_buildURL(EVLIST_URL . '/index.php?op=list' . $andrange . '&cat=' . $cats[$i]['id']) . '">' . $cats[$i]['name'] . '</a> '; } $catlink = join('| ', $catlinks); $T->set_var('category_link', $catlink, true); } // reminders must be enabled globally first and then per event in // order to be active if (!isset($_EV_CONF['reminder_days'])) { $_EV_CONF['reminder_days'] = 1; } $hasReminder = 0; if ($_EV_CONF['enable_reminders'] == '1' && $this->Event->enable_reminders == '1' && time() < strtotime("-" . $_EV_CONF['reminder_days'] . " days", strtotime($this->date_start))) { //form will not appear within XX days of scheduled event. $show_reminders = true; // Let's see if we have already asked for a reminder... if ($_USER['uid'] > 1) { $hasReminder = DB_count($_TABLES['evlist_remlookup'], array('eid', 'uid', 'rp_id'), array($this->ev_id, $_USER['uid'], $this->rp_id)); } } else { $show_reminders = false; } if ($this->Event->options['contactlink'] == 1) { $ownerlink = $_CONF['site_url'] . '/profiles.php?uid=' . $this->Event->owner_id; $ownerlink = sprintf($LANG_EVLIST['contact_us'], $ownerlink); } else { $ownerlink = ''; } $T->set_var(array('owner_link' => $ownerlink, 'reminder_set' => $hasReminder ? 'true' : 'false', 'reminder_email' => isset($_USER['email']) ? $_USER['email'] : '', 'notice' => 1, 'rp_id' => $this->rp_id, 'eid' => $this->ev_id, 'show_reminderform' => $show_reminders ? 'true' : '')); USES_evlist_class_tickettype(); $tick_types = evTicketType::GetTicketTypes(); $T->set_block('event', 'registerBlock', 'rBlock'); if (is_array($this->Event->options['tickets'])) { foreach ($this->Event->options['tickets'] as $tic_type => $info) { $T->set_var(array('tic_description' => $tick_types[$tic_type]->description, 'tic_fee' => COM_numberFormat($info['fee'], 2))); $T->parse('rBlock', 'registerBlock', true); } } // Show the "manage reservations" link to the event owner if ($_EV_CONF['enable_rsvp'] == 1 && $this->Event->options['use_rsvp'] > 0) { if ($this->isAdmin) { $T->set_var('admin_rsvp', EVLIST_adminRSVP($this->rp_id)); } } $T->parse('output', 'event'); $retval .= $T->finish($T->get_var('output')); return $retval; }
/** * Return a canonical link * * @param string $dir_topic current topic or 'all' * @param int $year current year * @param int $month current month * @return string <link rel="canonical"> tag */ function DIR_canonicalLink($dir_topic, $year = 0, $month = 0) { global $_CONF; $script = $_CONF['site_url'] . '/' . THIS_SCRIPT; $tp = '?topic=' . urlencode($dir_topic); $parts = ''; if ($year != 0 && $month != 0) { $parts .= "&year={$year}&month={$month}"; } elseif ($year != 0) { $parts .= "&year={$year}"; } elseif ($dir_topic === 'all') { $tp = ''; } $url = COM_buildURL($script . $tp . $parts); return '<link rel="canonical" href="' . $url . '"' . XHTML . '>' . LB; }
/** * Create a list of events * * @param integer $range Range indicator (upcoming, past, etc) * @param integer $category Category to limit search * @param string $block_title Title of block * @return string HTML for list page */ function EVLIST_listview($range = '', $category = '', $calendar = '', $block_title = '') { global $_CONF, $_EV_CONF, $_USER, $_TABLES, $LANG_EVLIST; EVLIST_setViewSession('list', $year, $month, $day); $retval = ''; $T = new Template(EVLIST_PI_PATH . '/templates/'); $T->set_file('index', 'index.thtml'); if ($_EV_CONF['_can_add']) { $add_event_link = EVLIST_URL . '/event.php?edit=x'; } else { $add_event_link = ''; } $T->set_var(array('action' => EVLIST_URL . '/index.php', 'range_options' => EVLIST_GetOptions($LANG_EVLIST['ranges'], $range), 'add_event_link' => $add_event_link, 'add_event_text' => $LANG_EVLIST['add_event'], 'rangetext' => $LANG_EVLIST['ranges'][$range])); $page = empty($_GET['page']) ? 1 : (int) $_GET['page']; $opts = array('cat' => $category, 'page' => $page, 'limit' => $_EV_CONF['limit_list'], 'cal' => $calendar); switch ($range) { case 1: // past $start = EV_MIN_DATE; $end = $_EV_CONF['_today']; $opts['order'] = 'DESC'; break; case 3: //this week $start = $_EV_CONF['_today']; $end = date('Y-m-d', strtotime('+1 week', $_EV_CONF['_today_ts'])); break; case 4: //this month $start = $_EV_CONF['_today']; $end = date('Y-m-d', strtotime('+1 month', $_EV_CONF['_today_ts'])); break; case 2: //upcoming //upcoming default: $start = $_EV_CONF['_today']; $end = EV_MAX_DATE; break; } $events = EVLIST_getEvents($start, $end, $opts); if (empty($events)) { //return empty list msg $T->set_var(array('title' => '', 'block_title' => $block_title, 'empty_listmsg' => $LANG_EVLIST['no_match'])); if (!empty($range)) { $andrange = '&range=' . $range; $T->set_var('range', $range); } else { $andrange = '&range=2'; } if (!empty($category)) { $andcat = '&cat=' . $category; $T->set_var('category', $category); } else { $andcat = ''; } } else { //populate list // So we don't call SEC_hasRights inside the loop $isAdmin = SEC_hasRights('evlist.admin'); $T->set_file(array('item' => 'list_item.thtml', 'editlinks' => 'edit_links.thtml', 'category_form' => 'category_dd.thtml')); if (!empty($range)) { $andrange = '&range=' . $range; $T->set_var('range', $range); } else { $andrange = '&range=2'; } if (!empty($category)) { $andcat = '&cat=' . $category; $T->set_var('category', $category); } else { $andcat = ''; } // Track events that have been shown so we show them only once. $already_shown = array(); foreach ($events as $date => $daydata) { foreach ($daydata as $A) { if (array_key_exists($A['rp_id'], $already_shown)) { continue; } else { $already_shown[$A['rp_id']] = 1; } $titlelink = COM_buildURL(EVLIST_URL . '/event.php?eid=' . $A['rp_id'] . $timestamp . $andrange . $andcat); $titlelink = '<a href="' . $titlelink . '">' . COM_stripslashes($A['title']) . '</a>'; $summary = PLG_replaceTags(COM_stripslashes($A['summary'])); $datesummary = sprintf($LANG_EVLIST['event_begins'], EVLIST_formattedDate(strtotime($A['rp_date_start']))); $morelink = COM_buildURL(EVLIST_URL . '/event.php?eid=' . $A['rp_id'] . $timestamp . $andrange . $andcat); $morelink = '<a href="' . $morelink . '">' . $LANG_EVLIST['read_more'] . '</a>'; if (empty($A['email'])) { $contactlink = $_CONF['site_url'] . '/profiles.php?uid=' . $A['owner_id']; } else { $contactlink = 'mailto:' . EVLIST_obfuscate($A['email']); } $contactlink = '<a href="' . $contactlink . '">' . $LANG_EVLIST['ev_contact'] . '</a>'; $T->set_var(array('title' => $titlelink, 'date_summary' => $datesummary, 'summary' => $summary, 'more_link' => $morelink, 'contact_link' => $contactlink, 'contact_name' => $A['contact'], 'owner_name' => COM_getDisplayName($A['owner_id']), 'block_title' => $block_title, 'category_links' => EVLIST_getCatLinks($A['ev_id'], $andrange), 'cal_id' => $A['cal_id'], 'cal_name' => $A['cal_name'], 'cal_fgcolor' => $A['fgcolor'], 'cal_bgcolor' => $A['bgcolor'])); $T->parse('event_item', 'item', true); } } } $T->parse('output', 'index'); $retval .= $T->finish($T->get_var('output')); // Set page navigation $retval .= EVLIST_pagenav($start, $end, $category, $page, $range, $calendar); return $retval; }
$display .= COM_printPageNavigation($base_url, $page, $num_pages); } } } else { // no stories to display if ($page == 1) { if (!isset($_CONF['hide_no_news_msg']) || $_CONF['hide_no_news_msg'] == 0) { $display .= COM_startBlock($LANG05[1], '', COM_getBlockTemplate('_msg_block', 'header')) . $LANG05[2]; $display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); } $display .= PLG_showCenterblock(3, $page, $topic); // bottom blocks } else { $topic_url = ''; if (!empty($topic)) { $topic_url = COM_buildURL($_CONF['site_url'] . '/index.php?topic=' . $topic); } COM_handle404($topic_url); } } $header = ''; if ($topic) { // Meta Tags if ($_CONF['meta_tags'] > 0) { $result = DB_query("SELECT meta_description, meta_keywords FROM {$_TABLES['topics']} WHERE tid = '{$topic}'"); $A = DB_fetcharray($result); $header .= LB . PLG_getMetaTags('homepage', '', array(array('name' => 'description', 'content' => stripslashes($A['meta_description'])), array('name' => 'keywords', 'content' => stripslashes($A['meta_keywords'])))); } } $display = COM_createHTMLDocument($display, array('breadcrumbs' => $breadcrumbs, 'headercode' => $header, 'rightblock' => true)); // Output page
$commentCount = DB_count($_TABLES['comments'], 'sid', "fileid_{$lid}"); $recentPostMessage = _MD_COMMENTSWANTED; if ($commentCount > 0) { $result4 = DB_query("SELECT cid, UNIX_TIMESTAMP(date) AS day,username FROM {$_TABLES['comments']},{$_TABLES['users']} WHERE {$_TABLES['users']}.uid = {$_TABLES['comments']}.uid AND sid = 'fileid_{$lid}' ORDER BY date desc LIMIT 1"); $C = DB_fetchArray($result4); $recentPostMessage = $LANG01[27] . ': ' . strftime($_CONF['daytime'], $C['day']) . ' ' . $LANG01[104] . ' ' . $C['username']; $comment_link = '<a href="' . $_CONF[site_url] . '/filemgmt/index.php?id=' . $lid . '" title="' . $recentPostMessage . '">' . $commentCount . ' ' . $LANG01[3] . '</a>'; } else { $comment_link = '<a href="' . $_CONF[site_url] . '/comment.php?type=filemgmt&sid=' . $lid . '" title="' . $recentPostMessage . '">' . _MD_ENTERCOMMENT . '</a>'; } $p->set_var('comment_link', $comment_link); $p->set_var('show_comments', ''); } else { $p->set_var('show_comments', 'none'); } $p->set_var('LANG_DOWNLOAD', _MD_DOWNLOAD); $p->set_var('LANG_FILELINK', _MD_FILELINK); $p->set_var('LANG_RATETHISFILE', _MD_RATETHISFILE); $p->set_var('LANG_REPORTBROKEN', _MD_REPORTBROKEN); //@@@@@20090602add----> $pageurl = COM_buildURL($_CONF[site_url] . "/filemgmt/index.php?id=" . $lid); $readmore_link = COM_createLink(_MD_FILELINK, $pageurl); $p->set_var('readmore_link', $readmore_link); //@@@@@20090602add<---- if ($FilemgmtAdmin) { $p->set_var('LANG_EDIT', _MD_EDIT); $p->set_var('show_editlink', ''); } else { $p->set_var('LANG_EDIT', ''); $p->set_var('show_editlink', 'none'); }
function LIB_Save($pi_name, $edt_flg, $navbarMenu, $menuno) { global $_CONF; global $_TABLES; global $_USER; $box_conf = "_" . strtoupper($pi_name) . "_CONF"; global ${$box_conf}; $box_conf = ${$box_conf}; $lang_box_admin = "LANG_" . strtoupper($pi_name) . "_ADMIN"; global ${$lang_box_admin}; $lang_box_admin = ${$lang_box_admin}; $lang_box_admin_menu = "LANG_" . strtoupper($pi_name) . "_admin_menu"; global ${$lang_box_admin_menu}; $lang_box_admin_menu = ${$lang_box_admin_menu}; $table = $_TABLES[strtoupper($pi_name) . '_def_field']; $table1 = $_TABLES[strtoupper($pi_name) . '_base']; $table2 = $_TABLES[strtoupper($pi_name) . '_addition']; $retval = ''; // clean 'em up $id = COM_applyFilter($_POST['id'], true); if ($id == 0) { $new_flg = true; } else { $new_flg = false; } $name = COM_stripslashes($_POST['name']); $name = addslashes(COM_checkHTML(COM_checkWords($name))); $templatesetvar = COM_applyFilter($_POST['templatesetvar']); $templatesetvar = addslashes(COM_checkHTML(COM_checkWords($templatesetvar))); $description = COM_stripslashes($_POST['description']); $description = addslashes(COM_checkHTML(COM_checkWords($description))); $allow_display = COM_applyFilter($_POST['allow_display']); $allow_display = addslashes(COM_checkHTML(COM_checkWords($allow_display))); $allow_edit = COM_applyFilter($_POST['allow_edit']); $allow_edit = addslashes(COM_checkHTML(COM_checkWords($allow_edit))); $textcheck = COM_applyFilter($_POST['textcheck']); $textcheck = addslashes(COM_checkHTML(COM_checkWords($textcheck))); $textconv = COM_applyFilter($_POST['textconv']); $textconv = addslashes(COM_checkHTML(COM_checkWords($textconv))); $searchtarget = COM_applyFilter($_POST['searchtarget']); $searchtarget = addslashes(COM_checkHTML(COM_checkWords($searchtarget))); $initial_value = COM_applyFilter($_POST['initial_value']); $initial_value = addslashes(COM_checkHTML(COM_checkWords($initial_value))); $range_start = COM_applyFilter($_POST['range_start']); $range_start = addslashes(COM_checkHTML(COM_checkWords($range_start))); $range_end = COM_applyFilter($_POST['range_end']); $range_end = addslashes(COM_checkHTML(COM_checkWords($range_end))); $dfid = COM_applyFilter($_POST['dfid']); $dfid = addslashes(COM_checkHTML(COM_checkWords($dfid))); $type = COM_applyFilter($_POST['type']); $type = addslashes(COM_checkHTML(COM_checkWords($type))); $selection = COM_applyFilter($_POST['selection']); $selection = addslashes(COM_checkHTML(COM_checkWords($selection))); $selectlist = COM_applyFilter($_POST['selectlist']); $selectlist = addslashes(COM_checkHTML(COM_checkWords($selectlist))); $checkrequried = COM_applyFilter($_POST['checkrequried']); $checkrequried = addslashes(COM_checkHTML(COM_checkWords($checkrequried))); $size = COM_applyFilter($_POST['size'], true); $size = addslashes(COM_checkHTML(COM_checkWords($size))); $maxlength = COM_applyFilter($_POST['maxlength'], true); $maxlength = addslashes(COM_checkHTML(COM_checkWords($maxlength))); $rows = COM_applyFilter($_POST['rows'], true); $rows = addslashes(COM_checkHTML(COM_checkWords($rows))); $br = COM_applyFilter($_POST['br'], true); $br = addslashes(COM_checkHTML(COM_checkWords($br))); $orderno = mb_convert_kana($_POST['orderno'], "a"); //全角英数字を半角英数字に変換する $orderno = COM_applyFilter($orderno, true); //$name = mb_convert_kana($name,"AKV"); //A:半角英数字を全角英数字に変換する //K:半角カタカナを全角カタカナに変換する //V:濁点つきの文字を1文字に変換する (K、H と共に利用する) //$name = str_replace ("'", "’",$name); //$code = mb_convert_kana($code,"a");//全角英数字を半角英数字に変換する //----- $uuid = $_USER['uid']; // CHECK はじめ $err = ""; //ID if ($id == 0) { //$err.=$lang_box_admin['err_id']."<br/>".LB; } else { if (!is_numeric($id)) { $err .= $lang_box_admin['err_id'] . "<br/>" . LB; } } //名称必須 if (empty($name)) { $err .= $lang_box_admin['err_name'] . "<br/>" . LB; } //テーマ変数必須,二重チェック if (empty($templatesetvar)) { $err .= $lang_box_admin['err_templatesetvar'] . "<br/>" . LB; } else { $templatesetvar = rtrim(ltrim($templatesetvar)); $newtemplatesetvar = COM_sanitizeID($templatesetvar, false); if ($templatesetvar != $newtemplatesetvar) { $err .= $lang_box_admin['err_templatesetvar'] . "<br/>" . LB; } else { $cntsql = "SELECT field_id FROM {$table} "; $cntsql .= " WHERE "; $cntsql .= " templatesetvar='{$templatesetvar}' "; $cntsql .= " AND field_id<>{$id}"; $result = DB_query($cntsql); $numrows = DB_numRows($result); if ($numrows != 0) { $err .= $lang_box_admin['err_templatesetvar_w'] . "<br/>" . LB; } } } //7 = 'オプションリスト'; //8 = 'ラジオボタンリスト'; //14= 'マルチセレクトリスト'; if ($type == 7 or $type == 8 or $type == 14) { if ($selection == "") { $err .= $lang_box_admin['err_selection'] . "<br/>" . LB; } } //errorのあるとき if ($err != "") { $retval['title'] = $lang_box_admin['piname'] . $lang_box_admin['edit']; $retval['display'] = LIB_Edit($pi_name, $id, $edt_flg, 3, $err); return $retval; } // CHECK おわり if ($id == 0) { $w = DB_getItem($table, "max(field_id)", "1=1"); if ($w == "") { $w = 0; } $id = $w + 1; } $fields = "field_id"; $values = "{$id}"; $fields .= ",name"; $values .= ",'{$name}'"; $fields .= ",templatesetvar"; $values .= ",'{$templatesetvar}'"; $fields .= ",description"; $values .= ",'{$description}'"; $fields .= ",type"; $values .= ",{$type}"; $fields .= ",selection"; $values .= ",'{$selection}'"; $fields .= ",selectlist"; $values .= ",'{$selectlist}'"; $fields .= ",checkrequried"; $values .= ",{$checkrequried}"; $fields .= ",size"; $values .= ",{$size}"; $fields .= ",maxlength"; $values .= ",{$maxlength}"; $fields .= ",rows"; $values .= ",{$rows}"; $fields .= ",br"; $values .= ",{$br}"; $fields .= ",orderno"; // $values .= ",'{$orderno}'"; $fields .= ",allow_display"; $values .= ",{$allow_display}"; $fields .= ",allow_edit"; $values .= ",{$allow_edit}"; $fields .= ",textcheck"; $values .= ",{$textcheck}"; $fields .= ",textconv"; $values .= ",{$textconv}"; $fields .= ",searchtarget"; $values .= ",{$searchtarget}"; $fields .= ",initial_value"; $values .= ",'{$initial_value}'"; $fields .= ",range_start"; $values .= ",'{$range_start}'"; $fields .= ",range_end"; $values .= ",'{$range_end}'"; $fields .= ",dfid"; $values .= ",{$dfid}"; $fields .= ",uuid"; $values .= ",{$uuid}"; DB_save($table, $fields, $values); // if ($new_flg){ $sql = "INSERT INTO " . $table2 . LB; $sql .= " (`id`,`field_id`,`value`)" . LB; $sql .= " SELECT id"; $sql .= " ," . $id; if ($initial_value != "") { $sql .= ",'" . $initial_value . "' "; } else { //7 = 'オプションリスト'; //8 = 'ラジオボタンリスト'; if (($type == 7 or $type == 8) and $selection != "") { $sql .= ",'0' "; } else { $sql .= ",NULL "; } } $sql .= " FROM " . $table1 . " AS t1" . LB; $sql .= " where fieldset_id=0 AND id NOT IN (select id from " . $table2 . LB; $sql .= " where field_id=" . $id . ")" . LB; //COM_errorLog( "sql= " . $sql, 1 ); DB_query($sql); // } // $rt=fncsendmail ($id); // if ($edt_flg){ // $return_page=$_CONF['site_url'] . "/".THIS_SCRIPT; // $return_page.="?id=".$id; // }else{ // $return_page=$_CONF['site_admin_url'] . '/plugins/'.THIS_SCRIPT.'?msg=1'; // } //$return_page="";//@@@@@debug 用 $message = ""; if ($box_conf['aftersave_admin'] === 'no') { $retval['title'] = $lang_box_admin['piname'] . $lang_box_admin['edit']; $retval['display'] = LIB_Edit($pi_name, $id, $edt_flg, 1, ""); return $retval; } else { if ($box_conf['aftersave_admin'] === 'list' or $box_conf['aftersave_admin'] === 'item') { $url = $_CONF['site_admin_url'] . "/plugins/{$pi_name}/field.php"; $item_url = COM_buildURL($url); $target = 'item'; $message = 1; } else { if ($box_conf['aftersave_admin'] === 'admin') { $target = $box_conf['aftersave_admin']; $message = 1; } else { $item_url = $_CONF['site_url'] . $box_conf['top']; $target = $box_conf['aftersave_admin']; } } } $return_page = PLG_afterSaveSwitch($target, $item_url, $pi_name, $message); echo $return_page; exit; }
function CMT_getCommentLinkWithCount($type, $sid, $url, $cmtCount = 0, $urlRewrite = 0) { global $_CONF, $LANG01; $retval = ''; if (!isset($_CONF['comment_engine'])) { $_CONF['comment_engine'] = 'internal'; } switch ($_CONF['comment_engine']) { case 'disqus': if ($urlRewrite) { $url = COM_buildURL($url . '#disqus_thread'); } else { $url = $url . '#disqus_thread'; } if ($type == 'filemgmt') { $type = 'filemgmt_fileid'; } $link = '<a href="' . $url . '" data-disqus-identifier=' . $type . '_' . $sid . '>'; $retval = array('url' => $url, 'url_extra' => ' data-disqus-identifier="' . $type . '_' . $sid . '"', 'link' => $link, 'nonlink' => '<span class="disqus-comment-count" data-disqus-identifier="' . $type . '_' . $sid . '"></span>', 'comment_count' => '<span class="disqus-comment-count" data-disqus-identifier="' . $type . '_' . $sid . '">0 ' . $LANG01[83] . '</span>', 'comment_text' => $LANG01[83], 'link_with_count' => $link . '<span class="disqus-comment-count" data-disqus-identifier="' . $type . '_' . $sid . '">' . $cmtCount . ' ' . $LANG01[83] . '</span></a>'); break; case 'facebook': if ($urlRewrite) { $url = COM_buildURL($url); } else { $url = $url; } $link = '<a href="' . $url . '">'; $retval = array('url' => $url, 'url_extra' => '', 'link' => $link, 'nonlink' => '<span class="fb-comments-count" data-href="' . $url . '"></span>', 'comment_count' => '<span class="fb-comments-count" data-href="' . $url . '"></span> ' . $LANG01[83], 'comment_text' => $LANG01[83], 'link_with_count' => $link . '<span class="fb-comments-count" data-href="' . $url . '"></span>' . ' ' . $LANG01[83] . '</a>'); break; case 'internal': default: $link = '<a href="' . $url . '#comments">'; $retval = array('url' => $url, 'url_extra' => '', 'link' => $link, 'nonlink' => '', 'comment_count' => $cmtCount . ' ' . $LANG01[83], 'comment_text' => $LANG01[83], 'link_with_count' => $link . ' ' . $cmtCount . ' ' . $LANG01[83] . '</a>'); break; } return $retval; }
$cmt_page = COM_applyFilter($_GET['cmtpage'], true); } } $valid_modes = array('threaded', 'nested', 'flat', 'nocomment'); if (in_array($mode, $valid_modes) === false) { $mode = ''; } if ($display_mode != 'print') { $display_mode = ''; } $pageArgument = '?page=' . $page; $dmArgument = empty($display_mode) ? '' : '&disp_mode=' . $display_mode; $cmtOrderArgument = empty($comment_order) ? '' : 'order=' . $comment_order; $cmtModeArgument = empty($comment_mode) ? '' : 'mode=' . $comment_mode; $cmtPageArgument = empty($cmt_page) ? '' : 'cmtpage=' . (int) $cmt_page; $baseURL = COM_buildURL($_CONF['site_url'] . '/page.php' . $pageArgument . $dmArgument); if (strpos($baseURL, '?') === false) { $sep = '?'; } else { $sep = '&'; } if ($cmtOrderArgument != '') { $baseURL = $baseURL . $sep . $cmtOrderArgument; $sep = '&'; } if ($cmtModeArgument != '') { $baseURL = $baseURL . $sep . $cmtModeArgument; $sep = '&'; } if ($cmtPageArgument != '') { $baseURL = $baseURL . $sep . $cmtPageArgument;
function fncSave($edt_flg, $navbarMenu, $menuno, $template) { $pi_name = "databox"; global $_CONF; global $LANG_DATABOX_ADMIN; global $_TABLES; global $_USER; global $_DATABOX_CONF; global $LANG_DATABOX_user_menu; $addition_def = DATABOX_getadditiondef(); $retval = ''; // clean 'em up $id = COM_applyFilter($_POST['id'], true); if ($id == 0) { $new_flg = true; } else { $new_flg = false; } $fieldset_id = COM_applyFilter($_POST['fieldset'], true); $code = COM_applyFilter($_POST['code']); $code = addslashes(COM_checkHTML(COM_checkWords($code))); $title = COM_stripslashes($_POST['title']); $title = addslashes(COM_checkHTML(COM_checkWords($title))); $page_title = COM_applyFilter($_POST['page_title']); $page_title = addslashes(COM_checkHTML(COM_checkWords($page_title))); $description = $_POST['description']; //COM_applyFilter($_POST['description']); $description = addslashes(COM_checkHTML(COM_checkWords($description))); $language_id = COM_applyFilter($_POST['language_id']); $language_id = addslashes(COM_checkHTML(COM_checkWords($language_id))); $category = $_POST['category']; //@@@@@ $additionfields = $_POST['afield']; $additionfields_old = $_POST['afield']; $additionfields_fnm = $_POST['afield_fnm']; $additionfields_del = $_POST['afield_del']; $additionfields_alt = $_POST['afield_alt']; $additionfields_date = array(); $additionfields = DATABOX_cleanaddtiondatas($additionfields, $addition_def, $additionfields_fnm, $additionfields_del, $additionfields_date, $additionfields_alt); // $hits =0; // $comments=0; $old_mode = COM_applyFilter($_POST['old_mode']); $old_mode = addslashes(COM_checkHTML(COM_checkWords($old_mode))); //----- $type = 1; $uuid = $_USER['uid']; // CHECK はじめ $err = ""; //id if ($id == 0) { //$err.=$LANG_DATABOX_ADMIN['err_uid']."<br/>".LB; } else { if (!is_numeric($id)) { $err .= $LANG_DATABOX_ADMIN['err_id'] . "<br/>" . LB; } } //タイトル必須 if (empty($title)) { $err .= $LANG_DATABOX_ADMIN['err_title'] . "<br/>" . LB; } //文字数制限チェック if (mb_strlen($description, 'UTF-8') > $_DATABOX_CONF['maxlength_description']) { $err .= $LANG_DATABOX_ADMIN['description'] . $_DATABOX_CONF['maxlength_description'] . $LANG_DATABOX_ADMIN['err_maxlength'] . "<br/>" . LB; } //----追加項目チェック $err .= DATABOX_checkaddtiondatas($additionfields, $addition_def, $pi_name, $additionfields_fnm, $additionfields_del, $additionfields_alt); //errorのあるとき if ($err != "") { $retval['title'] = $LANG_DATABOX_ADMIN['piname'] . $LANG_DATABOX_ADMIN['edit']; $retval['display'] = fncEdit($id, $edt_flg, 3, $err, "edit", $fieldset_id, $template, $old_mode); return $retval; } // CHECK おわり //----- // 新規登録時 if ($new_flg) { $w = DB_getItem($_TABLES['DATABOX_base'], "max(id)", "1=1"); if ($w == "") { $w = 0; } $id = $w + 1; } $fields = LB . "id"; $values = LB . "{$id}"; if ($new_flg) { if ($_DATABOX_CONF['datacode']) { $code = "000000" . date(Ymdhis); } $created = COM_convertDate2Timestamp(date("Y-m-d"), date("H:i::00")); $modified = $created; $released = $created; $commentcode = $_DATABOX_CONF['commentcode']; $trackbackcode = $_CONF[trackback_code]; $comment_expire = '0000-00-00 00:00:00'; $expired = '0000-00-00 00:00:00'; // $defaulttemplatesdirectory = null; $draft_flag = $_DATABOX_CONF['user_draft_default']; $draft_flag = $_DATABOX_CONF['user_draft_default']; //--- $meta_description = ""; $meta_keywords = ""; $owner_id = $_USER['uid']; $group_id = SEC_getFeatureGroup('databox.admin', $_USER['uid']); $array = array(); SEC_setDefaultPermissions($array, $_DATABOX_CONF['default_permissions']); $perm_owner = $array['perm_owner']; $perm_group = $array['perm_group']; $perm_anon = $array['perm_anon']; $perm_members = $array['perm_members']; $draft_flag = $_DATABOX_CONF['user_draft_default']; $cache_time = $_DATABOX_CONF['default_cache_time']; //----- $fields .= ",defaulttemplatesdirectory"; // $values .= ",'{$defaulttemplatesdirectory}'"; $fields .= ",draft_flag"; $values .= ",{$draft_flag}"; $fields .= ",cache_time"; $values .= ",{$cache_time}"; $fields .= ",meta_description"; // $values .= ",'{$meta_description}'"; $fields .= ",meta_keywords"; // $values .= ",'{$meta_keywords}'"; $fields .= ",commentcode"; // $values .= ",{$commentcode}"; $fields .= ",trackbackcode"; // $values .= ",{$trackbackcode}"; $fields .= ",comment_expire"; // if ($comment_expire == '0000-00-00 00:00:00') { $values .= ",'{$comment_expire}'"; } else { $values .= ",FROM_UNIXTIME('{$comment_expire}')"; } $fields .= ",language_id"; // $values .= ",'{$language_id}'"; $fields .= ",owner_id"; $values .= ",{$owner_id}"; $fields .= ",group_id"; $values .= ",{$group_id}"; $fields .= ",perm_owner"; $values .= ",{$perm_owner}"; $fields .= ",perm_group"; $values .= ",{$perm_group}"; $fields .= ",perm_members"; $values .= ",{$perm_members}"; $fields .= ",perm_anon"; $values .= ",{$perm_anon}"; $fields .= ",modified"; $values .= ",FROM_UNIXTIME('{$modified}')"; $fields .= ",created"; $values .= ",FROM_UNIXTIME('{$created}')"; $fields .= ",expired"; if ($expired == '0000-00-00 00:00:00') { $values .= ",'{$expired}'"; } else { $values .= ",FROM_UNIXTIME('{$expired}')"; } $fields .= ",released"; $values .= ",FROM_UNIXTIME('{$released}')"; $hits = 0; $comments = 0; $fields .= ",code"; $values .= ",'{$code}'"; $fields .= ",title"; // $values .= ",'{$title}'"; $fields .= ",page_title"; // $values .= ",'{$page_title}'"; $fields .= ",description"; // $values .= ",'{$description}'"; // $fields.=",hits";// // $values.=",$hits"; $fields .= ",comments"; // $values .= ",{$comments}"; $fields .= ",fieldset_id"; // $values .= ",{$fieldset_id}"; $fields .= ",uuid"; $values .= ",{$uuid}"; if ($edt_flg) { $return_page = $_CONF['site_url'] . "/" . THIS_SCRIPT; $return_page .= "?id=" . $id; } else { $return_page = $_CONF['site_url'] . '/' . THIS_SCRIPT . '?msg=1'; } DB_save($_TABLES['DATABOX_base'], $fields, $values); } else { $sql = "UPDATE {$_TABLES['DATABOX_base']} set "; $sql .= " title = '{$title}'"; $sql .= " ,page_title = '{$page_title}'"; $sql .= " ,description = '{$description}'"; $sql .= " ,language_id = '{$language_id}'"; $sql .= " ,modified = FROM_UNIXTIME('{$modified}')"; $sql .= ",uuid='{$uuid}' WHERE id={$id}"; DB_query($sql); } //カテゴリ //$rt=DATABOX_savedatas("category_id",$_TABLES['DATABOX_category'],$id,$category); $rt = DATABOX_savecategorydatas($id, $category); //追加項目 if ($old_mode == "copy") { DATABOX_uploadaddtiondatas_cpy($additionfields, $addition_def, $pi_name, $id, $additionfields_fnm, $additionfields_del, $additionfields_old, $additionfields_alt); } else { DATABOX_uploadaddtiondatas($additionfields, $addition_def, $pi_name, $id, $additionfields_fnm, $additionfields_del, $additionfields_old, $additionfields_alt); } if ($new_flg) { $rt = DATABOX_saveaddtiondatas($id, $additionfields, $addition_def, $pi_name); } else { $rt = DATABOX_saveaddtiondatas_update($id, $additionfields, $addition_def, $pi_name); } $rt = fncsendmail('data', $id); $cacheInstance = 'databox__' . $id . '__'; CACHE_remove_instance($cacheInstance); //exit;//@@@@@debug 用 if ($_DATABOX_CONF['aftersave'] === 'no') { $retval['title'] = $LANG_DATABOX_ADMIN['piname'] . $LANG_DATABOX_ADMIN['edit']; $retval['display'] .= fncEdit($id, $edt_flg, 1, $err, "edit", $fieldset_id, $template); return $retval; } else { if ($_DATABOX_CONF['aftersave'] === 'list' or $_DATABOX_CONF['aftersave'] === 'admin') { $url = $_CONF['site_url'] . "/databox/mydata/data.php"; $item_url = COM_buildURL($url); $target = 'item'; } else { $url = $_CONF['site_url'] . "/databox/data.php"; $url .= "?"; //コード使用の時 if ($_DATABOX_CONF['datacode']) { $url .= "code=" . $code; $url .= "&m=code"; } else { $url .= "id=" . $id; $url .= "&m=id"; } $item_url = COM_buildUrl($url); $target = $_DATABOX_CONF['aftersave_admin']; } } $return_page = PLG_afterSaveSwitch($target, $item_url, $pi_name, 1); echo $return_page; exit; }
/** * This function creates an html list of topics the object belongs too or * creates a similar list based on topics passed to it * * @param string $type Type of object to display access for * @param string $id Id of onject * @param integer $max Max number of items returned * @param string/array $tids Topics Ids to use instead of retrieving from db * @return HTML string * */ function TOPIC_relatedTopics($type, $id, $max = 6, $tids = array()) { global $_CONF, $LANG27, $_TABLES; $retval = ''; if ($max < 0) { $max = 6; } if (!is_array($tids)) { $tids = array($tids); } // if topic ids not passed then retrieve from db $from_db = false; if (empty($tids)) { $from_db = true; } if ($from_db) { // Retrieve Topic options $sql = "SELECT ta.tid, t.topic\n FROM {$_TABLES['topic_assignments']} ta, {$_TABLES['topics']} t\n WHERE t.tid = ta.tid AND ta.type = '{$type}' AND ta.id ='{$id}'\n " . COM_getPermSQL('AND', 0, 2, 't') . COM_getLangSQL('tid', 'AND', 't') . "\n AND t.tid != '" . TOPIC_ALL_OPTION . "' AND t.tid != '" . TOPIC_HOMEONLY_OPTION . "'"; } else { $sql = "SELECT tid, topic\n FROM {$_TABLES['topics']} t\n WHERE (tid IN ('" . implode("','", $tids) . "'))"; } $sql .= COM_getPermSQL('AND'); if ($from_db) { $sql .= " ORDER BY tdefault DESC, topic ASC"; } else { $sql .= " ORDER BY topic ASC"; } if ($max > 0) { $sql .= " LIMIT " . $max; } $result = DB_query($sql); $nrows = DB_numRows($result); if ($nrows > 0) { $topicrelated = COM_newTemplate($_CONF['path_layout']); $topicrelated->set_file(array('topicrelated' => 'topicrelated.thtml')); $blocks = array('topicitem', 'separator'); foreach ($blocks as $block) { $topicrelated->set_block('topicrelated', $block); } $topicrelated->set_var('lang_filed_under', $LANG27['filed_under:']); for ($i = 0; $i < $nrows; $i++) { $A = DB_fetchArray($result); $url = COM_buildURL($_CONF['site_url'] . '/index.php?topic=' . $A['tid']); $topicrelated->set_var('topic_url', $url); $topicrelated->set_var('topic', $A['topic']); $topicrelated->parse('topics', 'topicitem', true); if ($i + 1 < $nrows) { $topicrelated->parse('topics', 'separator', true); } } $retval = $topicrelated->finish($topicrelated->parse('topicrelated', 'topicrelated')); } return $retval; }
$events = EVLIST_getEvents($start, $end, $opts); $ical = ''; $space = ' '; $rp_shown = array(); foreach ($events as $day) { foreach ($day as $event) { // Check if this repeat is already shown. We only want multi-day // events included once instead of each day if (array_key_exists($event['rp_id'], $rp_shown)) { continue; } $rp_shown[$event['rp_id']] = 1; $start_time = gmstrftime('%Y%m%dT%H%M%SZ', strtotime($event['rp_date_start'] . ' ' . $event['rp_time_start1'])); $end_time = gmstrftime('%Y%m%dT%H%M%SZ', strtotime($event['rp_date_end'] . ' ' . $event['rp_time_end1'])); $summary = $event['title']; $permalink = COM_buildURL(EVLIST_URL . '/event.php?eid=' . $event['rp_id']); if (!empty($event['full_description'])) { $description = $event['full_description']; } elseif (!empty($event['summary'])) { $description = $event['summary']; } else { $description = $summary; // Event title is required } //$description = str_replace(",", "\,", $description); // TODO: the following 3 lines commented out 2011-02-17 to see if // they're necessary for google calendar //$description = str_replace("\\", "\\\\", $description); //$description = str_replace("\n", $space, strip_tags($description)); //$description = str_replace("\r", $space, strip_tags($description)); $ical .= "BEGIN:VEVENT\n" . "DTSTART:{$start_time}\n" . "DTEND:{$end_time}\n" . "URL:{$permalink}\n" . "SUMMARY:{$summary}\n" . "DESCRIPTION:{$description}\n" . "END:VEVENT\n\n";
/** * Saves link to the database * * @param string $lid ID for link * @param string $old_lid old ID for link * @param string $cid cid of category link belongs to * @param string $categorydd Category links belong to * @param string $url URL of link to save * @param string $description Description of link * @param string $title Title of link * @param int $hits Number of hits for link * @param int $owner_id ID of owner * @param int $group_id ID of group link belongs to * @param int $perm_owner Permissions the owner has * @param int $perm_group Permissions the group has * @param int $perm_members Permissions members have * @param int $perm_anon Permissions anonymous users have * @return string HTML redirect or error message * @global array core config vars * @global array core group data * @global array core table data * @global array core user data * @global array core msg data * @global array links plugin lang admin vars * */ function savelink($lid, $old_lid, $cid, $categorydd, $url, $description, $title, $hits, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon) { global $_CONF, $_GROUPS, $_TABLES, $_USER, $MESSAGE, $LANG_LINKS_ADMIN, $_LI_CONF; $retval = ''; // Convert array values to numeric permission values if (is_array($perm_owner) or is_array($perm_group) or is_array($perm_members) or is_array($perm_anon)) { list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon); } // Remove any autotags the user doesn't have permission to use $description = PLG_replaceTags($description, '', true); // clean 'em up $description = DB_escapeString(COM_checkHTML(COM_checkWords($description), 'links.edit')); $title = DB_escapeString(strip_tags(COM_checkWords($title))); $cid = DB_escapeString($cid); if (empty($owner_id)) { // this is new link from admin, set default values $owner_id = $_USER['uid']; if (isset($_GROUPS['Links Admin'])) { $group_id = $_GROUPS['Links Admin']; } else { $group_id = SEC_getFeatureGroup('links.edit'); } $perm_owner = 3; $perm_group = 2; $perm_members = 2; $perm_anon = 2; } $lid = COM_sanitizeID($lid); $old_lid = COM_sanitizeID($old_lid); if (empty($lid)) { if (empty($old_lid)) { $lid = COM_makeSid(); } else { $lid = $old_lid; } } // check for link id change if (!empty($old_lid) && $lid != $old_lid) { // check if new lid is already in use if (DB_count($_TABLES['links'], 'lid', $lid) > 0) { // TBD: abort, display editor with all content intact again $lid = $old_lid; // for now ... } } $access = 0; $old_lid = DB_escapeString($old_lid); if (DB_count($_TABLES['links'], 'lid', $old_lid) > 0) { $result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['links']} WHERE lid = '{$old_lid}'"); $A = DB_fetchArray($result); $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); } else { $access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon); } if ($access < 3 || !SEC_inGroup($group_id)) { $display .= COM_showMessageText($MESSAGE[29], $MESSAGE[30]); $display = COM_createHTMLDocument($display, array('pagetitle' => $MESSAGE[30])); COM_accessLog("User {$_USER['username']} tried to illegally submit or edit link {$lid}."); COM_output($display); exit; } elseif (!empty($title) && !empty($description) && !empty($url)) { if ($categorydd != $LANG_LINKS_ADMIN[7] && !empty($categorydd)) { $cid = DB_escapeString($categorydd); } else { if ($categorydd != $LANG_LINKS_ADMIN[7]) { echo COM_refresh($_CONF['site_admin_url'] . '/plugins/links/index.php'); } } DB_delete($_TABLES['linksubmission'], 'lid', $old_lid); DB_delete($_TABLES['links'], 'lid', $old_lid); DB_save($_TABLES['links'], 'lid,cid,url,description,title,date,hits,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon', "'{$lid}','{$cid}','{$url}','{$description}','{$title}',NOW(),'{$hits}',{$owner_id},{$group_id},{$perm_owner},{$perm_group},{$perm_members},{$perm_anon}"); if (empty($old_lid) || $old_lid == $lid) { PLG_itemSaved($lid, 'links'); } else { PLG_itemSaved($lid, 'links', $old_lid); } // Get category for rdf check $category = DB_getItem($_TABLES['linkcategories'], "category", "cid='{$cid}'"); COM_rdfUpToDateCheck('links', $category, $lid); return PLG_afterSaveSwitch($_LI_CONF['aftersave'], COM_buildURL("{$_CONF['site_url']}/links/portal.php?what=link&item={$lid}"), 'links', 2); } else { // missing fields $retval .= COM_errorLog($LANG_LINKS_ADMIN[10], 2); if (DB_count($_TABLES['links'], 'lid', $old_lid) > 0) { $retval .= editlink('edit', $old_lid); } else { $retval .= editlink('edit', ''); } $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG_LINKS_ADMIN[1])); return $retval; } }
/** * Return a list of articles that have some relation with the article ID given * * @param string $articleId * @param string $keywordList a comma-separated list of keywords * @param int $limit max number od related articles * @return array * @link http://www.enkeladress.com/article/20110315104621317 */ public static function getRelatedArticlesByKeywords($articleId, $keywordList, $limit = 5) { global $_CONF, $LANG24, $_TABLES; $work = array(); $articleId = trim($articleId); $keywords = explode(',', $keywordList); if ($articleId === '' || count($keywords) === 0) { return $work; } $escapedArticleId = DB_escapeString($articleId); foreach ($keywords as $keyword) { $keyword = trim($keyword); if ($keyword === '') { continue; } else { $escapedKeyword = DB_escapeString($keyword); } $sql = "SELECT sid, title FROM {$_TABLES['stories']} " . "WHERE (sid <> '{$escapedArticleId}') " . "AND (draft_flag = 0) AND (date <= NOW()) " . "AND meta_keywords LIKE '%{$escapedKeyword}%' " . "GROUP BY sid, title " . "LIMIT 5 "; $resultSet = DB_query($sql); while (($A = DB_fetchArray($resultSet, false)) !== false) { $sid = $A['sid']; $title = stripslashes($A['title']); $found = false; foreach ($work as &$item) { if ($item['sid'] === $sid) { $item['score']++; $found = true; break; } } unset($item); if (!$found) { $work[] = array('sid' => $sid, 'title' => $title, 'score' => 1); } } } if (count($work) > 1) { usort($work, array(__CLASS__, 'getRelatedArticlesSort')); } if (count($work) > $limit) { $work = array_slice($work, 0, $limit); } $encoding = COM_getEncodingt(); $retval = array(); foreach ($work as $item) { $retval[] = '<li>' . '<a href="' . COM_buildURL($_CONF['site_url'] . '/article.php?story=' . $item['sid']) . '">' . htmlspecialchars($item['title'], ENT_QUOTES, $encoding) . '</a>' . '</li>' . PHP_EOL; } $retval = '<h3>' . $LANG24[92] . '</h3>' . PHP_EOL . '<ul>' . PHP_EOL . implode('', $retval) . '</ul>' . PHP_EOL; return $retval; }
/** * Displays the static page editor form * * @param array $A Data to display * @return string HTML for the static page editor * */ function staticpageeditor_form($A) { global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $mode, $sp_id, $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG01, $LANG24, $LANG_postmodes, $MESSAGE, $_IMAGE_TYPE, $_SCRIPTS; if (!empty($sp_id) && $mode == 'edit') { $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); } else { if ($mode != 'clone') { $A['sp_inblock'] = $_SP_CONF['in_block']; } $A['owner_id'] = $_USER['uid']; if (isset($_GROUPS['Static Page Admin'])) { $A['group_id'] = $_GROUPS['Static Page Admin']; } else { $A['group_id'] = SEC_getFeatureGroup('staticpages.edit'); } SEC_setDefaultPermissions($A, $_SP_CONF['default_permissions']); $access = 3; if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) { $A['advanced_editor_mode'] = 1; } } $retval = ''; $sp_template = COM_newTemplate(CTL_plugin_templatePath('staticpages', 'admin')); if ($_CONF['advanced_editor'] && $_USER['advanced_editor']) { $sp_template->set_file('form', 'editor_advanced.thtml'); // Shouldn't really have to check if anonymous user but who knows... if (COM_isAnonUser()) { $link_message = ""; } else { $link_message = $LANG01[138]; } $sp_template->set_var('noscript', COM_getNoScript(false, '', $link_message)); // Setup Advanced Editor COM_setupAdvancedEditor('/staticpages/adveditor.js', 'staticpages.edit'); $sp_template->set_var('lang_expandhelp', $LANG24[67]); $sp_template->set_var('lang_reducehelp', $LANG24[68]); $sp_template->set_var('lang_toolbar', $LANG24[70]); $sp_template->set_var('toolbar1', $LANG24[71]); $sp_template->set_var('toolbar2', $LANG24[72]); $sp_template->set_var('toolbar3', $LANG24[73]); $sp_template->set_var('toolbar4', $LANG24[74]); $sp_template->set_var('toolbar5', $LANG24[75]); $sp_template->set_var('lang_nojavascript', $LANG24[77]); $sp_template->set_var('lang_postmode', $LANG24[4]); if (isset($A['postmode']) && $A['postmode'] == 'adveditor') { $sp_template->set_var('show_adveditor', ''); $sp_template->set_var('show_htmleditor', 'none'); } else { $sp_template->set_var('show_adveditor', 'none'); $sp_template->set_var('show_htmleditor', ''); } $post_options = '<option value="html" selected="selected">' . $LANG_postmodes['html'] . '</option>'; if (isset($A['postmode']) && $A['postmode'] == 'adveditor') { $post_options .= '<option value="adveditor" selected="selected">' . $LANG24[86] . '</option>'; } else { $post_options .= '<option value="adveditor">' . $LANG24[86] . '</option>'; } $sp_template->set_var('post_options', $post_options); $sp_template->set_var('change_editormode', 'onchange="change_editmode(this);"'); } else { $sp_template->set_file('form', 'editor.thtml'); } // Add JavaScript if ($_CONF['titletoid']) { $_SCRIPTS->setJavaScriptFile('title_2_id', '/javascript/title_2_id.js'); $sp_template->set_var('titletoid', true); } $sp_template->set_var('lang_mode', $LANG24[3]); $sp_template->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $A['commentcode'])); $sp_template->set_var('lang_accessrights', $LANG_ACCESS['accessrights']); $sp_template->set_var('lang_owner', $LANG_ACCESS['owner']); $owner_name = COM_getDisplayName($A['owner_id']); $owner_username = DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"); $sp_template->set_var('owner_id', $A['owner_id']); $sp_template->set_var('owner', $owner_name); $sp_template->set_var('owner_name', $owner_name); $sp_template->set_var('owner_username', $owner_username); if ($A['owner_id'] > 1) { $profile_link = $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['owner_id']; $sp_template->set_var('start_owner_anchortag', '<a href="' . $profile_link . '">'); $sp_template->set_var('end_owner_anchortag', '</a>'); $sp_template->set_var('owner_link', COM_createLink($owner_name, $profile_link)); $photo = ''; if ($_CONF['allow_user_photo']) { $photo = DB_getItem($_TABLES['users'], 'photo', "uid = {$A['owner_id']}"); if (!empty($photo)) { $camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""' . XHTML . '>'; $sp_template->set_var('camera_icon', COM_createLink($camera_icon, $profile_link)); } } if (empty($photo)) { $sp_template->set_var('camera_icon', ''); } } else { $sp_template->set_var('start_owner_anchortag', ''); $sp_template->set_var('end_owner_anchortag', ''); $sp_template->set_var('owner_link', $owner_name); } $sp_template->set_var('lang_group', $LANG_ACCESS['group']); $sp_template->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access)); $sp_template->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon'])); $sp_template->set_var('lang_permissions', $LANG_ACCESS['permissions']); $sp_template->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']); $sp_template->set_var('permissions_msg', $LANG_ACCESS['permmsg']); $sp_template->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']); $token = SEC_createToken(); $start_block = COM_startBlock($LANG_STATIC['staticpageeditor'], '', COM_getBlockTemplate('_admin_block', 'header')); $start_block .= SEC_getTokenExpiryNotice($token); $sp_template->set_var('start_block_editor', $start_block); $sp_template->set_var('lang_save', $LANG_ADMIN['save']); $sp_template->set_var('lang_cancel', $LANG_ADMIN['cancel']); $sp_template->set_var('lang_preview', $LANG_ADMIN['preview']); if (SEC_hasRights('staticpages.delete') && $mode != 'clone' && !empty($A['sp_old_id'])) { $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>'; $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; $sp_template->set_var('delete_option', sprintf($delbutton, $jsconfirm)); $sp_template->set_var('delete_option_no_confirmation', sprintf($delbutton, '')); } else { $sp_template->set_var('delete_option', ''); } $sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']); $sp_template->set_var('username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}")); $authorname = COM_getDisplayName($A['owner_id']); $sp_template->set_var('name', $authorname); $sp_template->set_var('author', $authorname); $sp_template->set_var('lang_url', $LANG_STATIC['url']); $sp_template->set_var('lang_id', $LANG_STATIC['id']); $sp_template->set_var('sp_uid', $A['owner_id']); $sp_template->set_var('sp_id', $A['sp_id']); $sp_template->set_var('sp_old_id', $A['sp_old_id']); $sp_template->set_var('example_url', COM_buildURL($_CONF['site_url'] . '/staticpages/index.php?page=' . $A['sp_id'])); $sp_template->set_var('lang_centerblock', $LANG_STATIC['centerblock']); $sp_template->set_var('lang_centerblock_help', $LANG_ADMIN['help_url']); $sp_template->set_var('lang_centerblock_include', $LANG21[51]); $sp_template->set_var('lang_centerblock_desc', $LANG21[52]); $sp_template->set_var('centerblock_help', $A['sp_help']); $sp_template->set_var('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']); if (isset($A['sp_centerblock']) && $A['sp_centerblock'] == 1) { $sp_template->set_var('centerblock_checked', 'checked="checked"'); } else { $sp_template->set_var('centerblock_checked', ''); } $sp_template->set_var('lang_position', $LANG_STATIC['position']); $position = '<select name="sp_where">'; $position .= '<option value="1"'; if ($A['sp_where'] == 1) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_top'] . '</option>'; $position .= '<option value="2"'; if ($A['sp_where'] == 2) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_feat'] . '</option>'; $position .= '<option value="3"'; if ($A['sp_where'] == 3) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_bottom'] . '</option>'; $position .= '<option value="0"'; if ($A['sp_where'] == 0) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_entire'] . '</option>'; $position .= '</select>'; $sp_template->set_var('pos_selection', $position); if ($_SP_CONF['allow_php'] == 1 && SEC_hasRights('staticpages.PHP')) { if (!isset($A['sp_php'])) { $A['sp_php'] = 0; } $selection = '<select name="sp_php">' . LB; $selection .= '<option value="0"'; if ($A['sp_php'] <= 0 || $A['sp_php'] > 2) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB; $selection .= '<option value="1"'; if ($A['sp_php'] == 1) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB; $selection .= '<option value="2"'; if ($A['sp_php'] == 2) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB; $selection .= '</select>'; $sp_template->set_var('php_selector', $selection); $sp_template->set_var('php_warn', $LANG_STATIC['php_warn']); } else { $sp_template->set_var('php_selector', ''); $sp_template->set_var('php_warn', $LANG_STATIC['php_not_activated']); } $sp_template->set_var('php_msg', $LANG_STATIC['php_msg']); // old variables (for the 1.3-type checkbox) $sp_template->set_var('php_checked', ''); $sp_template->set_var('php_type', 'hidden'); if (isset($A['sp_nf']) && $A['sp_nf'] == 1) { $sp_template->set_var('exit_checked', 'checked="checked"'); } else { $sp_template->set_var('exit_checked', ''); } $sp_template->set_var('exit_msg', $LANG_STATIC['exit_msg']); $sp_template->set_var('exit_info', $LANG_STATIC['exit_info']); if ($A['sp_inblock'] == 1) { $sp_template->set_var('inblock_checked', 'checked="checked"'); } else { $sp_template->set_var('inblock_checked', ''); } $sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']); $sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']); if ($A['draft_flag'] == 1) { $sp_template->set_var('draft_flag_checked', 'checked="checked"'); } else { $sp_template->set_var('draft_flag_checked', ''); } $sp_template->set_var('lang_draft', $LANG_STATIC['draft']); $sp_template->set_var('lang_cache_time', $LANG_STATIC['cache_time']); $sp_template->set_var('lang_cache_time_desc', $LANG_STATIC['cache_time_desc']); $sp_template->set_var('cache_time', $A['cache_time']); $curtime = COM_getUserDateTimeFormat($A['unixdate']); $sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']); $sp_template->set_var('sp_formateddate', $curtime[0]); $sp_template->set_var('sp_date', $curtime[1]); $sp_template->set_var('lang_title', $LANG_STATIC['title']); $sp_template->set_var('lang_page_title', $LANG_STATIC['page_title']); $title = ''; $page_title = ''; if (isset($A['sp_title'])) { $title = htmlspecialchars(stripslashes($A['sp_title'])); } if (isset($A['sp_page_title'])) { $page_title = htmlspecialchars(stripslashes($A['sp_page_title'])); } $sp_template->set_var('sp_title', $title); $sp_template->set_var('sp_page_title', $page_title); $sp_template->set_var('lang_topic', $LANG_STATIC['topic']); if ($mode != 'clone') { // want to use default topic selection if new staticpage so pass in blank id $topic_sp_id = $A['sp_id']; if (empty($sp_id) && $mode == 'edit') { // means new $topic_sp_id = ''; } $sp_template->set_var('topic_selection', TOPIC_getTopicSelectionControl('staticpages', $topic_sp_id, true, false, true)); } else { $sp_template->set_var('topic_selection', TOPIC_getTopicSelectionControl('staticpages', $A['clone_sp_id'], true, false, true)); } $sp_template->set_var('lang_metadescription', $LANG_ADMIN['meta_description']); $sp_template->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']); if (!empty($A['meta_description'])) { $sp_template->set_var('meta_description', $A['meta_description']); } if (!empty($A['meta_keywords'])) { $sp_template->set_var('meta_keywords', $A['meta_keywords']); } if ($_CONF['meta_tags'] > 0 && $_SP_CONF['meta_tags'] > 0) { $sp_template->set_var('hide_meta', ''); } else { $sp_template->set_var('hide_meta', ' style="display:none;"'); } if ($A['template_flag'] == 1) { $sp_template->set_var('template_flag_checked', 'checked="checked"'); } else { $sp_template->set_var('template_flag_checked', ''); } $sp_template->set_var('lang_template', $LANG_STATIC['template']); $sp_template->set_var('lang_template_flag_msg', $LANG_STATIC['template_msg']); $template_list = templatelist($A['template_id']); $template_none = '<option value=""'; if ($A['template_id'] == "") { $template_none .= ' selected="selected"'; } $template_none .= '>' . $LANG_STATIC['none'] . '</option>'; $sp_template->set_var('use_template_selection', '<select name="template_id">' . $template_none . $template_list . '</select>'); $sp_template->set_var('lang_use_template', $LANG_STATIC['use_template']); $sp_template->set_var('lang_use_template_msg', $LANG_STATIC['use_template_msg']); $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']); if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) { $sp_template->set_var('onmenu_checked', 'checked="checked"'); } else { $sp_template->set_var('onmenu_checked', ''); } $sp_template->set_var('lang_label', $LANG_STATIC['label']); if (isset($A['sp_label'])) { $sp_template->set_var('sp_label', $A['sp_label']); } else { $sp_template->set_var('sp_label', ''); } $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']); $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']); $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']); $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']); $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']); if (!isset($A['sp_format'])) { $A['sp_format'] = ''; } if ($A['sp_format'] == 'noblocks') { $sp_template->set_var('noblock_selected', 'selected="selected"'); } else { $sp_template->set_var('noblock_selected', ''); } if ($A['sp_format'] == 'leftblocks') { $sp_template->set_var('leftblocks_selected', 'selected="selected"'); } else { $sp_template->set_var('leftblocks_selected', ''); } if ($A['sp_format'] == 'blankpage') { $sp_template->set_var('blankpage_selected', 'selected="selected"'); } else { $sp_template->set_var('blankpage_selected', ''); } if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) { $sp_template->set_var('allblocks_selected', 'selected="selected"'); } else { $sp_template->set_var('allblocks_selected', ''); } $sp_template->set_var('lang_content', $LANG_STATIC['content']); $content = ''; if (isset($A['sp_content'])) { $content = htmlspecialchars(stripslashes($A['sp_content'])); $content = str_replace(array('{', '}'), array('{', '}'), $content); } $sp_template->set_var('sp_content', $content); $allowed = COM_allowedHTML('staticpages.edit', false, $_SP_CONF['filter_html']) . COM_allowedAutotags(); $sp_template->set_var('lang_allowedhtml', $allowed); $sp_template->set_var('lang_allowed_html', $allowed); $sp_template->set_var('lang_hits', $LANG_STATIC['hits']); if (empty($A['sp_hits'])) { $sp_template->set_var('sp_hits', '0'); $sp_template->set_var('sp_hits_formatted', '0'); } else { $sp_template->set_var('sp_hits', $A['sp_hits']); $sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits'])); } $sp_template->set_var('lang_comments', $LANG_STATIC['comments']); if ($A['commentcode'] == -1) { $sp_template->set_var('sp_comments', $LANG_ADMIN['na']); } else { $num_comments = DB_count($_TABLES['comments'], array('sid', 'type'), array(DB_escapeString($A['sp_id']), 'staticpages')); $sp_template->set_var('sp_comments', COM_numberFormat($num_comments)); } $sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'))); $sp_template->set_var('gltoken_name', CSRF_TOKEN); $sp_template->set_var('gltoken', $token); $sp_template->parse('output', 'form'); $retval .= $sp_template->finish($sp_template->get_var('output')); return $retval; }
/** * Shows a profile for a user * This grabs the user profile for a given user and displays it * * @param int $uid User ID of profile to get * @param boolean $preview whether being called as preview from My Account * @param int $msg Message to display (if != 0) * @param string $plugin optional plugin name for message * @return string HTML for user profile page */ function USER_showProfile($uid, $preview = false, $msg = 0, $plugin = '') { global $_CONF, $_TABLES, $_USER, $_IMAGE_TYPE, $LANG01, $LANG04, $LANG09, $LANG28, $LANG_LOGIN, $LANG_ADMIN; $retval = ''; if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['profileloginrequired'] == 1)) { $retval .= SEC_loginRequiredForm(); $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG_LOGIN[1])); return $retval; } $result = DB_query("SELECT {$_TABLES['users']}.uid,username,fullname,regdate,homepage,about,location,pgpkey,photo,email,status FROM {$_TABLES['userinfo']},{$_TABLES['users']} WHERE {$_TABLES['userinfo']}.uid = {$_TABLES['users']}.uid AND {$_TABLES['users']}.uid = {$uid}"); $numRows = DB_numRows($result); if ($numRows == 0) { // no such user COM_handle404(); } $A = DB_fetchArray($result); if ($A['status'] == USER_ACCOUNT_DISABLED && !SEC_hasRights('user.edit')) { COM_displayMessageAndAbort(30, '', 403, 'Forbidden'); } if ($A['status'] != USER_ACCOUNT_ACTIVE && !SEC_hasRights('user.edit')) { COM_handle404(); } $display_name = COM_getDisplayName($uid, $A['username'], $A['fullname']); $display_name = htmlspecialchars($display_name); if (!$preview) { if ($msg > 0) { $retval .= COM_showMessage($msg, $plugin); } } // format date/time to user preference $currentTime = COM_getUserDateTimeFormat($A['regdate']); $A['regdate'] = $currentTime[0]; $user_templates = COM_newTemplate($_CONF['path_layout'] . 'users'); $user_templates->set_file(array('profile' => 'profile.thtml', 'email' => 'email.thtml', 'row' => 'commentrow.thtml', 'strow' => 'storyrow.thtml')); $user_templates->set_var('start_block_userprofile', COM_startBlock($LANG04[1] . ' ' . $display_name)); $user_templates->set_var('end_block', COM_endBlock()); $user_templates->set_var('lang_username', $LANG04[2]); if ($_CONF['show_fullname'] == 1) { if (empty($A['fullname'])) { $userName = $A['username']; $fullName = ''; } else { $userName = $A['fullname']; $fullName = $A['username']; } } else { $userName = $A['username']; $fullName = $A['fullname']; } $userName = htmlspecialchars($userName); $fullName = htmlspecialchars($fullName); if ($A['status'] == USER_ACCOUNT_DISABLED) { $userName = sprintf('<s title="%s">%s</s>', $LANG28[42], $userName); if (!empty($fullName)) { $fullName = sprintf('<s title="%s">%s</s>', $LANG28[42], $fullName); } } $user_templates->set_var('username', $userName); $user_templates->set_var('user_fullname', $fullName); if ($preview) { $user_templates->set_var('edit_icon', ''); $user_templates->set_var('edit_link', ''); $user_templates->set_var('user_edit', ''); } elseif (!COM_isAnonUser() && $_USER['uid'] == $uid) { $edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG01[48] . '" title="' . $LANG01[48] . '"' . XHTML . '>'; $edit_link_url = COM_createLink($edit_icon, $_CONF['site_url'] . '/usersettings.php'); $user_templates->set_var('edit_icon', $edit_icon); $user_templates->set_var('edit_link', $edit_link_url); $user_templates->set_var('user_edit', $edit_link_url); } elseif (SEC_hasRights('user.edit')) { $edit_icon = '<img src="' . $_CONF['layout_url'] . '/images/edit.' . $_IMAGE_TYPE . '" alt="' . $LANG_ADMIN['edit'] . '" title="' . $LANG_ADMIN['edit'] . '"' . XHTML . '>'; $edit_link_url = COM_createLink($edit_icon, "{$_CONF['site_admin_url']}/user.php?mode=edit&uid={$A['uid']}"); $user_templates->set_var('edit_icon', $edit_icon); $user_templates->set_var('edit_link', $edit_link_url); $user_templates->set_var('user_edit', $edit_link_url); } if (isset($A['photo']) && empty($A['photo'])) { $A['photo'] = '(none)'; // user does not have a photo } $photo = USER_getPhoto($uid, $A['photo'], $A['email'], -1); $user_templates->set_var('user_photo', $photo); $user_templates->set_var('lang_membersince', $LANG04[67]); $user_templates->set_var('user_regdate', $A['regdate']); $user_templates->set_var('lang_email', $LANG04[5]); $user_templates->set_var('user_id', $uid); $user_templates->set_var('uid', $uid); if ($A['email'] != '') { $user_templates->set_var('lang_sendemail', $LANG04[81]); $user_templates->parse('email_option', 'email', true); } else { $user_templates->set_var('email_option', ''); } $user_templates->set_var('lang_homepage', $LANG04[6]); $user_templates->set_var('user_homepage', COM_killJS($A['homepage'])); $user_templates->set_var('lang_location', $LANG04[106]); $user_templates->set_var('user_location', strip_tags($A['location'])); $user_templates->set_var('lang_bio', $LANG04[7]); $user_templates->set_var('user_bio', COM_nl2br(stripslashes($A['about']))); $user_templates->set_var('lang_pgpkey', $LANG04[8]); $user_templates->set_var('user_pgp', COM_nl2br($A['pgpkey'])); $user_templates->set_var('start_block_last10stories', COM_startBlock($LANG04[82] . ' ' . $display_name)); $user_templates->set_var('start_block_last10comments', COM_startBlock($LANG04[10] . ' ' . $display_name)); $user_templates->set_var('start_block_postingstats', COM_startBlock($LANG04[83] . ' ' . $display_name)); $user_templates->set_var('lang_title', $LANG09[16]); $user_templates->set_var('lang_date', $LANG09[17]); // for alternative layouts: use these as headlines instead of block titles $user_templates->set_var('headline_last10stories', $LANG04[82]); $user_templates->set_var('headline_last10comments', $LANG04[10]); $user_templates->set_var('headline_postingstats', $LANG04[83]); $tids = TOPIC_getList(0, true, false); $topics = "'" . implode("','", $tids) . "'"; // list of last 10 stories by this user if (count($tids) > 0) { $sql = "SELECT sid,title,UNIX_TIMESTAMP(date) AS unixdate\n FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n WHERE (uid = {$uid}) AND (draft_flag = 0) AND (date <= NOW()) AND (tid IN ({$topics}))" . COM_getPermSQL('AND') . "\n AND ta.type = 'article' AND ta.id = sid AND ta.tdefault = 1\n ORDER BY unixdate DESC LIMIT 10"; $result = DB_query($sql); $numRows = DB_numRows($result); } else { $numRows = 0; } if ($numRows > 0) { for ($i = 0; $i < $numRows; $i++) { $C = DB_fetchArray($result); $user_templates->set_var('cssid', $i % 2 + 1); $user_templates->set_var('row_number', $i + 1 . '.'); $articleUrl = COM_buildURL($_CONF['site_url'] . '/article.php?story=' . $C['sid']); $user_templates->set_var('article_url', $articleUrl); $C['title'] = str_replace('$', '$', $C['title']); $user_templates->set_var('story_title', COM_createLink(stripslashes($C['title']), $articleUrl, array('class' => 'b'))); $storyTime = COM_getUserDateTimeFormat($C['unixdate']); $user_templates->set_var('story_date', $storyTime[0]); $user_templates->parse('story_row', 'strow', true); } } else { $story_row = $LANG01[37]; if ($_CONF['supported_version_theme'] == '1.8.1') { $story_row = '<tr><td>' . $story_row . '</td></tr>'; } $user_templates->set_var('story_row', $story_row); } // list of last 10 comments by this user $new_plugin_comments = PLG_getWhatsNewComment('', 10, $uid); if (!empty($new_plugin_comments)) { // Sort array by element lastdate newest to oldest foreach ($new_plugin_comments as $k => $v) { $b[$k] = strtolower($v['unixdate']); } arsort($b); foreach ($b as $key => $val) { $temp[] = $new_plugin_comments[$key]; } $new_plugin_comments = $temp; $i = 0; foreach ($new_plugin_comments as $C) { $i = $i + 1; $user_templates->set_var('cssid', $i % 2); $user_templates->set_var('row_number', $i . '.'); $C['title'] = str_replace('$', '$', $C['title']); $comment_url = $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $C['cid']; $user_templates->set_var('comment_title', COM_createLink(stripslashes($C['title']), $comment_url, array('class' => 'b'))); $commentTime = COM_getUserDateTimeFormat($C['unixdate']); $user_templates->set_var('comment_date', $commentTime[0]); $user_templates->parse('comment_row', 'row', true); if ($i == 10) { break; } } } else { $comment_row = $LANG01[29]; if ($_CONF['supported_version_theme'] == '1.8.1') { $comment_row = '<tr><td>' . $comment_row . '</td></tr>'; } $user_templates->set_var('comment_row', $comment_row); } // posting stats for this user $user_templates->set_var('lang_number_stories', $LANG04[84]); $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (uid = {$uid}) AND (draft_flag = 0) AND (date <= NOW())" . COM_getPermSQL('AND'); $result = DB_query($sql); $N = DB_fetchArray($result); $user_templates->set_var('number_stories', COM_numberFormat($N['count'])); $user_templates->set_var('lang_number_comments', $LANG04[85]); $sql = "SELECT COUNT(*) AS count FROM {$_TABLES['comments']} WHERE (uid = {$uid})"; $result = DB_query($sql); $N = DB_fetchArray($result); $user_templates->set_var('number_comments', COM_numberFormat($N['count'])); $user_templates->set_var('lang_all_postings_by', $LANG04[86] . ' ' . $display_name); // Call custom registration function if enabled and exists if ($_CONF['custom_registration'] && function_exists('CUSTOM_userDisplay')) { $user_templates->set_var('customfields', CUSTOM_userDisplay($uid)); } PLG_profileVariablesDisplay($uid, $user_templates); $user_templates->parse('output', 'profile'); $retval .= $user_templates->finish($user_templates->get_var('output')); $retval .= PLG_profileBlocksDisplay($uid); if (!$preview) { $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG04[1] . ' ' . $display_name)); } return $retval; }
/** * used for the list of topics in admin/topic.php * * @param string $fieldName * @param string $fieldValue * @param array $A * @param array $icon_arr * @param string $token * @return string */ function ADMIN_getListField_topics($fieldName, $fieldValue, $A, $icon_arr, $token) { global $_CONF, $LANG_ACCESS, $_TABLES, $LANG27, $LANG32; $retval = false; $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); switch ($fieldName) { case 'edit': if ($access == 3) { $editUrl = $_CONF['site_admin_url'] . '/topic.php?mode=edit&tid=' . $A['tid']; $retval = COM_createLink($icon_arr['edit'], $editUrl); } break; case 'sortnum': if ($_CONF['sortmethod'] === 'sortnum') { $style = 'style="vertical-align: middle;"'; $upImage = $_CONF['layout_url'] . '/images/admin/up.png'; $downImage = $_CONF['layout_url'] . '/images/admin/down.png'; $url = $_CONF['site_admin_url'] . '/topic.php?mode=change_sortnum' . '&tid=' . $A['tid'] . '&' . CSRF_TOKEN . '=' . $token . '&where='; $retval .= COM_createLink("<img {$style} alt=\"+\" src=\"{$upImage}\"" . XHTML . ">", $url . 'up', array('title' => $LANG32[44])); $retval .= ' ' . $fieldValue . ' '; $retval .= COM_createLink("<img {$style} alt=\"-\" src=\"{$downImage}\"" . XHTML . ">", $url . 'dn', array('title' => $LANG32[45])); } else { $retval = $fieldValue; } break; case 'image': $retval = ''; if (!empty($A['imageurl'])) { $imageUrl = COM_getTopicImageUrl($A['imageurl']); $image_tag = '<img src="' . $imageUrl . '" width="24" height="24" id="topic-' . $A['tid'] . '" class="admin-topic-image" alt=""' . XHTML . '>'; $url = COM_buildURL($_CONF['site_url'] . '/index.php?topic=' . $A['tid']); $retval = COM_createLink($image_tag, $url); } break; case 'topic': $default = $A['is_default'] == 1 ? $LANG27[24] : ''; $level = -1; $tid = $A['tid']; while ($tid !== TOPIC_ROOT) { $tid = DB_getItem($_TABLES['topics'], 'parent_id', "tid = '{$tid}'"); $level++; } $level *= 15; $content = '<span style="margin-left:' . $level . 'px">' . $fieldValue . '</span>'; $url = COM_buildURL($_CONF['site_url'] . '/index.php?topic=' . $A['tid']); $retval = COM_createLink($content, $url) . $default; break; case 'access': $retval = $LANG_ACCESS['readonly']; if ($access == 3) { $retval = $LANG_ACCESS['edit']; } break; case 'inherit': case 'hidden': $yes = empty($LANG27[50]) ? 'Yes' : $LANG27[50]; $no = empty($LANG27[50]) ? 'No' : $LANG27[51]; $retval = $fieldValue == 1 ? $yes : $no; break; case 'story': // Retrieve list of inherited topics $tid_list = TOPIC_getChildList($A['tid']); // Calculate number of stories in topic, includes any inherited ones $sql = "SELECT sid FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta " . "WHERE (draft_flag = 0) AND (date <= NOW()) " . COM_getPermSQL('AND') . "AND ta.type = 'article' AND ta.id = sid " . "AND (ta.tid IN({$tid_list}) " . "AND (ta.inherit = 1 OR (ta.inherit = 0 AND ta.tid = '{$A['tid']}'))) " . "GROUP BY sid"; $result = DB_query($sql); $numRows = DB_numRows($result); $retval = COM_numberFormat($numRows); break; default: $retval = $fieldValue; break; } return $retval; }
/** * Displays the static page editor form * * @param array $A Data to display * @return string HTML for the static page editor * */ function staticpageeditor_form($A, $error = false) { global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $mode, $sp_id, $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG24, $LANG_postmodes, $MESSAGE; $template_path = staticpages_templatePath('admin'); if (!empty($sp_id) && $mode == 'edit') { $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); } else { if ($mode != 'clone') { $A['sp_inblock'] = $_SP_CONF['in_block']; } $A['owner_id'] = $_USER['uid']; if (isset($_GROUPS['Static Page Admin'])) { $A['group_id'] = $_GROUPS['Static Page Admin']; } else { $A['group_id'] = SEC_getFeatureGroup('staticpages.edit'); } SEC_setDefaultPermissions($A, $_SP_CONF['default_permissions']); $access = 3; if (isset($_CONF['advanced_editor']) && $_CONF['advanced_editor'] == 1 && file_exists($template_path . '/editor_advanced.thtml')) { $A['advanced_editor_mode'] = 1; } } $retval = ''; $sp_template = new Template($template_path); if (isset($_CONF['advanced_editor']) && $_CONF['advanced_editor'] == 1 && file_exists($template_path . '/editor_advanced.thtml')) { $sp_template->set_file('form', 'editor_advanced.thtml'); $sp_template->set_var('lang_expandhelp', $LANG24[67]); $sp_template->set_var('lang_reducehelp', $LANG24[68]); $sp_template->set_var('lang_toolbar', $LANG24[70]); $sp_template->set_var('toolbar1', $LANG24[71]); $sp_template->set_var('toolbar2', $LANG24[72]); $sp_template->set_var('toolbar3', $LANG24[73]); $sp_template->set_var('toolbar4', $LANG24[74]); $sp_template->set_var('toolbar5', $LANG24[75]); $sp_template->set_var('lang_nojavascript', $LANG24[77]); $sp_template->set_var('lang_postmode', $LANG24[4]); if (isset($A['postmode']) && $A['postmode'] == 'adveditor') { $sp_template->set_var('show_adveditor', ''); $sp_template->set_var('show_htmleditor', 'none'); } else { $sp_template->set_var('show_adveditor', 'none'); $sp_template->set_var('show_htmleditor', ''); } $post_options = '<option value="html" selected="selected">' . $LANG_postmodes['html'] . '</option>'; if (isset($A['postmode']) && $A['postmode'] == 'adveditor') { $post_options .= '<option value="adveditor" selected="selected">' . $LANG24[86] . '</option>'; } else { $post_options .= '<option value="adveditor">' . $LANG24[86] . '</option>'; } $sp_template->set_var('post_options', $post_options); $sp_template->set_var('change_editormode', 'onchange="change_editmode(this);"'); } else { $sp_template->set_file('form', 'editor.thtml'); } $sp_template->set_var('layout_url', $_CONF['layout_url']); $sp_template->set_var('lang_mode', $LANG24[3]); $sp_template->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $A['commentcode'])); $sp_template->set_var('lang_accessrights', $LANG_ACCESS['accessrights']); $sp_template->set_var('lang_owner', $LANG_ACCESS['owner']); $ownername = COM_getDisplayName($A['owner_id']); $sp_template->set_var('owner_username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}")); $sp_template->set_var('owner_name', $ownername); $sp_template->set_var('owner', $ownername); $sp_template->set_var('owner_id', $A['owner_id']); $sp_template->set_var('lang_group', $LANG_ACCESS['group']); $sp_template->set_var('group_dropdown', SEC_getGroupDropdown($A['group_id'], $access)); $sp_template->set_var('permissions_editor', SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon'])); $sp_template->set_var('lang_permissions', $LANG_ACCESS['permissions']); $sp_template->set_var('lang_perm_key', $LANG_ACCESS['permissionskey']); $sp_template->set_var('permissions_msg', $LANG_ACCESS['permmsg']); $sp_template->set_var('lang_permissions_msg', $LANG_ACCESS['permmsg']); $sp_template->set_var('site_url', $_CONF['site_url']); $sp_template->set_var('site_admin_url', $_CONF['site_admin_url']); $token = SEC_createToken(); $start_block = COM_startBlock($LANG_STATIC['staticpageeditor'], '', COM_getBlockTemplate('_admin_block', 'header')); $start_block .= SEC_getTokenExpiryNotice($token); $sp_template->set_var('start_block_editor', $start_block); $sp_template->set_var('lang_save', $LANG_ADMIN['save']); $sp_template->set_var('lang_cancel', $LANG_ADMIN['cancel']); $sp_template->set_var('lang_preview', $LANG_ADMIN['preview']); if (SEC_hasRights('staticpages.delete') && $mode != 'clone' && !empty($A['sp_old_id'])) { $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>'; $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; $sp_template->set_var('delete_option', sprintf($delbutton, $jsconfirm)); $sp_template->set_var('delete_option_no_confirmation', sprintf($delbutton, '')); } else { $sp_template->set_var('delete_option', ''); } $sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']); $sp_template->set_var('username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['sp_uid']}")); $authorname = COM_getDisplayName($A['sp_uid']); $sp_template->set_var('name', $authorname); $sp_template->set_var('author', $authorname); $sp_template->set_var('lang_url', $LANG_STATIC['url']); $sp_template->set_var('lang_id', $LANG_STATIC['id']); $sp_template->set_var('sp_uid', $A['sp_uid']); $sp_template->set_var('sp_id', $A['sp_id']); $sp_template->set_var('sp_old_id', $A['sp_old_id']); $sp_template->set_var('example_url', COM_buildURL($_CONF['site_url'] . '/staticpages/index.php?page=' . $A['sp_id'])); $sp_template->set_var('lang_centerblock', $LANG_STATIC['centerblock']); $sp_template->set_var('lang_centerblock_help', $LANG_ADMIN['help_url']); $sp_template->set_var('lang_centerblock_include', $LANG21[51]); $sp_template->set_var('lang_centerblock_desc', $LANG21[52]); $sp_template->set_var('centerblock_help', $A['sp_help']); $sp_template->set_var('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']); if (isset($A['sp_centerblock']) && $A['sp_centerblock'] == 1) { $sp_template->set_var('centerblock_checked', 'checked="checked"'); } else { $sp_template->set_var('centerblock_checked', ''); } $sp_template->set_var('lang_topic', $LANG_STATIC['topic']); $sp_template->set_var('lang_position', $LANG_STATIC['position']); $current_topic = ''; if (isset($A['sp_tid'])) { $current_topic = $A['sp_tid']; } if (empty($current_topic)) { $current_topic = 'none'; } $topics = COM_topicList('tid,topic', $current_topic, 1, true); $alltopics = '<option value="all"'; if ($current_topic == 'all') { $alltopics .= ' selected="selected"'; } $alltopics .= '>' . $LANG_STATIC['all_topics'] . '</option>' . LB; $notopic = '<option value="none"'; if ($current_topic == 'none') { $notopic .= ' selected="selected"'; } $notopic .= '>' . $LANG_STATIC['no_topic'] . '</option>' . LB; $sp_template->set_var('topic_selection', '<select name="sp_tid">' . $alltopics . $notopic . $topics . '</select>'); $position = '<select name="sp_where">'; $position .= '<option value="1"'; if ($A['sp_where'] == 1) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_top'] . '</option>'; $position .= '<option value="2"'; if ($A['sp_where'] == 2) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_feat'] . '</option>'; $position .= '<option value="3"'; if ($A['sp_where'] == 3) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_bottom'] . '</option>'; $position .= '<option value="0"'; if ($A['sp_where'] == 0) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_entire'] . '</option>'; $position .= '</select>'; $sp_template->set_var('pos_selection', $position); if ($_SP_CONF['allow_php'] == 1 && SEC_hasRights('staticpages.PHP')) { if (!isset($A['sp_php'])) { $A['sp_php'] = 0; } $selection = '<select name="sp_php">' . LB; $selection .= '<option value="0"'; if ($A['sp_php'] <= 0 || $A['sp_php'] > 2) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB; $selection .= '<option value="1"'; if ($A['sp_php'] == 1) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB; $selection .= '<option value="2"'; if ($A['sp_php'] == 2) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB; $selection .= '</select>'; $sp_template->set_var('php_selector', $selection); $sp_template->set_var('php_warn', $LANG_STATIC['php_warn']); } else { $sp_template->set_var('php_selector', ''); $sp_template->set_var('php_warn', $LANG_STATIC['php_not_activated']); } $sp_template->set_var('php_msg', $LANG_STATIC['php_msg']); // old variables (for the 1.3-type checkbox) $sp_template->set_var('php_checked', ''); $sp_template->set_var('php_type', 'hidden'); if (isset($A['sp_nf']) && $A['sp_nf'] == 1) { $sp_template->set_var('exit_checked', 'checked="checked"'); } else { $sp_template->set_var('exit_checked', ''); } $sp_template->set_var('exit_msg', $LANG_STATIC['exit_msg']); $sp_template->set_var('exit_info', $LANG_STATIC['exit_info']); if ($A['sp_inblock'] == 1) { $sp_template->set_var('inblock_checked', 'checked="checked"'); } else { $sp_template->set_var('inblock_checked', ''); } $sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']); $sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']); $curtime = COM_getUserDateTimeFormat($A['unixdate']); $sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']); $sp_template->set_var('sp_formateddate', $curtime[0]); $sp_template->set_var('sp_date', $curtime[1]); $sp_template->set_var('lang_title', $LANG_STATIC['title']); $title = ''; if (isset($A['sp_title'])) { $title = htmlspecialchars(stripslashes($A['sp_title'])); } $sp_template->set_var('sp_title', $title); $sp_template->set_var('lang_metadescription', $LANG_ADMIN['meta_description']); $sp_template->set_var('lang_metakeywords', $LANG_ADMIN['meta_keywords']); if (!empty($A['meta_description'])) { $sp_template->set_var('meta_description', $A['meta_description']); } if (!empty($A['meta_keywords'])) { $sp_template->set_var('meta_keywords', $A['meta_keywords']); } $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']); if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) { $sp_template->set_var('onmenu_checked', 'checked="checked"'); } else { $sp_template->set_var('onmenu_checked', ''); } $sp_template->set_var('lang_label', $LANG_STATIC['label']); if (isset($A['sp_label'])) { $sp_template->set_var('sp_label', $A['sp_label']); } else { $sp_template->set_var('sp_label', ''); } $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']); $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']); $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']); $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']); $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']); if (!isset($A['sp_format'])) { $A['sp_format'] = ''; } if ($A['sp_format'] == 'noblocks') { $sp_template->set_var('noblock_selected', 'selected="selected"'); } else { $sp_template->set_var('noblock_selected', ''); } if ($A['sp_format'] == 'leftblocks') { $sp_template->set_var('leftblocks_selected', 'selected="selected"'); } else { $sp_template->set_var('leftblocks_selected', ''); } if ($A['sp_format'] == 'blankpage') { $sp_template->set_var('blankpage_selected', 'selected="selected"'); } else { $sp_template->set_var('blankpage_selected', ''); } if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) { $sp_template->set_var('allblocks_selected', 'selected="selected"'); } else { $sp_template->set_var('allblocks_selected', ''); } $sp_template->set_var('lang_content', $LANG_STATIC['content']); $content = ''; if (isset($A['sp_content'])) { $content = htmlspecialchars(stripslashes($A['sp_content'])); $content = str_replace(array('{', '}'), array('{', '}'), $content); } $sp_template->set_var('sp_content', $content); if ($_SP_CONF['filter_html'] == 1) { $allowed = COM_allowedHTML('staticpages.edit'); $sp_template->set_var('lang_allowedhtml', $allowed); $sp_template->set_var('lang_allowed_html', $allowed); } else { $sp_template->set_var('lang_allowedhtml', $LANG_STATIC['all_html_allowed']); $allowed = '<span class="warningsmall">' . $LANG_STATIC['all_html_allowed'] . ',</span>' . LB . '<div dir="ltr" class="warningsmall">'; $autotags = array_keys(PLG_collectTags()); $allowed .= '[' . implode(':], [', $autotags) . ':]'; $allowed .= '</div>'; $sp_template->set_var('lang_allowed_html', $allowed); } $sp_template->set_var('lang_hits', $LANG_STATIC['hits']); if (empty($A['sp_hits'])) { $sp_template->set_var('sp_hits', '0'); $sp_template->set_var('sp_hits_formatted', '0'); } else { $sp_template->set_var('sp_hits', $A['sp_hits']); $sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits'])); } $sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'))); $sp_template->set_var('xhtml', XHTML); $sp_template->set_var('gltoken_name', CSRF_TOKEN); $sp_template->set_var('gltoken', $token); $sp_template->parse('output', 'form'); $retval .= $sp_template->finish($sp_template->get_var('output')); return $retval; }
/** * Displays the static page form * * @param array $A Data to display * @param string $error Error message to display * */ function PAGE_form($A, $error = false) { global $_CONF, $_TABLES, $_USER, $_GROUPS, $_SP_CONF, $action, $sp_id, $LANG21, $LANG_STATIC, $LANG_ACCESS, $LANG_ADMIN, $LANG24, $LANG_postmodes, $MESSAGE; USES_lib_admin(); $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/staticpages/index.php', 'text' => $LANG_STATIC['page_list']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home'])); $template_path = staticpages_templatePath('admin'); if (!empty($sp_id) && ($action == 'edit' || $action == 'clone')) { $access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']); } else { $A['owner_id'] = $_USER['uid']; if (isset($_GROUPS['staticpages Admin'])) { $A['group_id'] = $_GROUPS['staticpages Admin']; } else { $A['group_id'] = SEC_getFeatureGroup('staticpages.edit'); } SEC_setDefaultPermissions($A, $_SP_CONF['default_permissions']); $access = 3; } $retval = ''; if (empty($A['owner_id'])) { $error = COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header')); $error .= $LANG_STATIC['deny_msg']; $error .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); } if ($error) { $retval .= $error . '<br/><br/>'; } else { $sp_template = new Template($template_path); $sp_template->set_file('form', 'editor.thtml'); $sp_template->set_var('lang_mode', $LANG24[3]); $sp_template->set_var('comment_options', COM_optionList($_TABLES['commentcodes'], 'code,name', $A['commentcode'])); $ownername = COM_getDisplayName($A['owner_id']); $sp_template->set_var(array('sp_search_checked' => $A['sp_search'] == 1 ? ' checked="checked"' : '', 'sp_status_checked' => $A['sp_status'] == 1 ? ' checked="checked"' : '', 'lang_accessrights' => $LANG_ACCESS['accessrights'], 'lang_owner' => $LANG_ACCESS['owner'], 'owner_username' => DB_getItem($_TABLES['users'], 'username', "uid = {$A['owner_id']}"), 'owner_name' => $ownername, 'owner' => $ownername, 'owner_id' => $A['owner_id'], 'lang_group' => $LANG_ACCESS['group'], 'group_dropdown' => SEC_getGroupDropdown($A['group_id'], $access), 'permissions_editor' => SEC_getPermissionsHTML($A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']), 'lang_permissions' => $LANG_ACCESS['permissions'], 'lang_perm_key' => $LANG_ACCESS['permissionskey'], 'permissions_msg' => $LANG_ACCESS['permmsg'], 'start_block_editor' => COM_startBlock($LANG_STATIC['staticpages'] . ' :: ' . $LANG_STATIC['staticpageeditor'], '', COM_getBlockTemplate('_admin_block', 'header')), 'lang_save' => $LANG_ADMIN['save'], 'lang_cancel' => $LANG_ADMIN['cancel'], 'lang_preview' => $LANG_ADMIN['preview'], 'lang_editor' => $LANG_STATIC['staticpageeditor'], 'lang_attributes' => $LANG_STATIC['attributes'])); if (SEC_hasRights('staticpages.delete') && $action != 'clone' && !empty($A['sp_old_id'])) { $delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="delete"%s/>'; $jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"'; $sp_template->set_var('delete_option', sprintf($delbutton, $jsconfirm)); $sp_template->set_var('delete_button', true); $sp_template->set_var('lang_delete_confirm', $MESSAGE[76]); $sp_template->set_var('lang_delete', $LANG_ADMIN['delete']); $sp_template->set_var('delete_option_no_confirmation', sprintf($delbutton, '')); } else { $sp_template->set_var('delete_option', ''); } $sp_template->set_var('lang_writtenby', $LANG_STATIC['writtenby']); $sp_template->set_var('username', DB_getItem($_TABLES['users'], 'username', "uid = {$A['sp_uid']}")); $authorname = COM_getDisplayName($A['sp_uid']); $sp_template->set_var('name', $authorname); $sp_template->set_var('author', $authorname); $sp_template->set_var('lang_url', $LANG_STATIC['url']); $sp_template->set_var('lang_id', $LANG_STATIC['id']); $sp_template->set_var('sp_uid', $A['sp_uid']); $sp_template->set_var('sp_id', $A['sp_id']); $sp_template->set_var('sp_old_id', $A['sp_old_id']); $sp_template->set_var('example_url', COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $A['sp_id'])); $sp_template->set_var('lang_centerblock', $LANG_STATIC['centerblock']); $sp_template->set_var('lang_centerblock_help', $LANG_ADMIN['help_url']); $sp_template->set_var('lang_centerblock_include', $LANG21[51]); $sp_template->set_var('lang_centerblock_desc', $LANG21[52]); $sp_template->set_var('centerblock_help', $A['sp_help']); $sp_template->set_var('lang_centerblock_msg', $LANG_STATIC['centerblock_msg']); if (isset($A['sp_centerblock']) && $A['sp_centerblock'] == 1) { $sp_template->set_var('centerblock_checked', 'checked="checked"'); } else { $sp_template->set_var('centerblock_checked', ''); } $sp_template->set_var('lang_topic', $LANG_STATIC['topic']); $sp_template->set_var('lang_position', $LANG_STATIC['position']); $current_topic = ''; if (isset($A['sp_tid'])) { $current_topic = $A['sp_tid']; } if (empty($current_topic)) { $current_topic = 'none'; } $topics = COM_topicList('tid,topic', $current_topic, 1, true); $alltopics = '<option value="all"'; if ($current_topic == 'all') { $alltopics .= ' selected="selected"'; } $alltopics .= '>' . $LANG_STATIC['all_topics'] . '</option>' . LB; $allnhp = '<option value="allnhp"'; if ($current_topic == 'allnhp') { $allnhp .= ' selected="selected"'; } $allnhp .= '>' . $LANG_STATIC['allnhp_topics'] . '</option>' . LB; $notopic = '<option value="none"'; if ($current_topic == 'none') { $notopic .= ' selected="selected"'; } $notopic .= '>' . $LANG_STATIC['no_topic'] . '</option>' . LB; $sp_template->set_var('topic_selection', '<select name="sp_tid">' . $alltopics . $allnhp . $notopic . $topics . '</select>'); $position = '<select name="sp_where">'; $position .= '<option value="1"'; if ($A['sp_where'] == 1) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_top'] . '</option>'; $position .= '<option value="2"'; if ($A['sp_where'] == 2) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_feat'] . '</option>'; $position .= '<option value="3"'; if ($A['sp_where'] == 3) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_bottom'] . '</option>'; $position .= '<option value="0"'; if ($A['sp_where'] == 0) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_entire'] . '</option>'; $position .= '<option value="4"'; if ($A['sp_where'] == 4) { $position .= ' selected="selected"'; } $position .= '>' . $LANG_STATIC['position_nonews'] . '</option>'; $position .= '</select>'; $sp_template->set_var('pos_selection', $position); if ($_SP_CONF['allow_php'] == 1 && SEC_hasRights('staticpages.PHP')) { if (!isset($A['sp_php'])) { $A['sp_php'] = 0; } $selection = '<select name="sp_php">' . LB; $selection .= '<option value="0"'; if ($A['sp_php'] <= 0 || $A['sp_php'] > 2) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_none'] . '</option>' . LB; $selection .= '<option value="1"'; if ($A['sp_php'] == 1) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_return'] . '</option>' . LB; $selection .= '<option value="2"'; if ($A['sp_php'] == 2) { $selection .= ' selected="selected"'; } $selection .= '>' . $LANG_STATIC['select_php_free'] . '</option>' . LB; $selection .= '</select>'; $sp_template->set_var('php_selector', $selection); $sp_template->set_var('php_warn', $LANG_STATIC['php_warn']); } else { $sp_template->set_var('php_selector', ''); $sp_template->set_var('php_warn', $LANG_STATIC['php_not_activated']); } $sp_template->set_var('php_msg', $LANG_STATIC['php_msg']); // old variables (for the 1.3-type checkbox) $sp_template->set_var('php_checked', ''); $sp_template->set_var('php_type', 'hidden'); if (isset($A['sp_nf']) && $A['sp_nf'] == 1) { $sp_template->set_var('exit_checked', 'checked="checked"'); } else { $sp_template->set_var('exit_checked', ''); } $sp_template->set_var('exit_msg', $LANG_STATIC['exit_msg']); $sp_template->set_var('exit_info', $LANG_STATIC['exit_info']); if (isset($A['sp_inblock']) && $A['sp_inblock'] == 1) { $sp_template->set_var('inblock_checked', 'checked="checked"'); } else { $sp_template->set_var('inblock_checked', ''); } $sp_template->set_var('inblock_msg', $LANG_STATIC['inblock_msg']); $sp_template->set_var('inblock_info', $LANG_STATIC['inblock_info']); $curtime = COM_getUserDateTimeFormat($A['unixdate']); $sp_template->set_var('lang_lastupdated', $LANG_STATIC['date']); $sp_template->set_var('sp_formateddate', $curtime[0]); $sp_template->set_var('sp_date', $curtime[1]); $sp_template->set_var('lang_title', $LANG_STATIC['title']); $title = ''; if (isset($A['sp_title'])) { $title = htmlspecialchars($A['sp_title']); } $sp_template->set_var('sp_title', $title); $sp_template->set_var('lang_addtomenu', $LANG_STATIC['addtomenu']); if (isset($A['sp_onmenu']) && $A['sp_onmenu'] == 1) { $sp_template->set_var('onmenu_checked', 'checked="checked"'); } else { $sp_template->set_var('onmenu_checked', ''); } $sp_template->set_var('lang_label', $LANG_STATIC['label']); if (isset($A['sp_label'])) { $sp_template->set_var('sp_label', $A['sp_label']); } else { $sp_template->set_var('sp_label', ''); } $sp_template->set_var('lang_pageformat', $LANG_STATIC['pageformat']); $sp_template->set_var('lang_blankpage', $LANG_STATIC['blankpage']); $sp_template->set_var('lang_noblocks', $LANG_STATIC['noblocks']); $sp_template->set_var('lang_leftblocks', $LANG_STATIC['leftblocks']); $sp_template->set_var('lang_rightblocks', $LANG_STATIC['rightblocks']); $sp_template->set_var('lang_leftrightblocks', $LANG_STATIC['leftrightblocks']); if (!isset($A['sp_format'])) { $A['sp_format'] = ''; } if ($A['sp_format'] == 'noblocks') { $sp_template->set_var('noblock_selected', 'selected="selected"'); } else { $sp_template->set_var('noblock_selected', ''); } if ($A['sp_format'] == 'leftblocks') { $sp_template->set_var('leftblocks_selected', 'selected="selected"'); } else { $sp_template->set_var('leftblocks_selected', ''); } if ($A['sp_format'] == 'rightblocks') { $sp_template->set_var('rightblocks_selected', 'selected="selected"'); } else { $sp_template->set_var('rightblocks_selected', ''); } if ($A['sp_format'] == 'blankpage') { $sp_template->set_var('blankpage_selected', 'selected="selected"'); } else { $sp_template->set_var('blankpage_selected', ''); } if ($A['sp_format'] == 'allblocks' or empty($A['sp_format'])) { $sp_template->set_var('allblocks_selected', 'selected="selected"'); } else { $sp_template->set_var('allblocks_selected', ''); } $sp_template->set_var('lang_content', $LANG_STATIC['content']); $content = ''; if (isset($A['sp_content'])) { $content = htmlspecialchars($A['sp_content']); } $sp_template->set_var('sp_content', $content); if ($_SP_CONF['filter_html'] == 1) { $sp_template->set_var('lang_allowedhtml', COM_allowedHTML(SEC_getUserPermissions(), false, 'staticpages', 'page')); } else { $sp_template->set_var('lang_allowedhtml', $LANG_STATIC['all_html_allowed']); } $sp_template->set_var('lang_hits', $LANG_STATIC['hits']); if (empty($A['sp_hits'])) { $sp_template->set_var('sp_hits', '0'); $sp_template->set_var('sp_hits_formatted', '0'); } else { $sp_template->set_var('sp_hits', $A['sp_hits']); $sp_template->set_var('sp_hits_formatted', COM_numberFormat($A['sp_hits'])); } $sp_template->set_var('end_block', COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'))); $sp_template->set_var('owner_dropdown', COM_buildOwnerList('owner_id', $A['owner_id'])); $sp_template->set_var('writtenby_dropdown', COM_buildOwnerList('sp_uid', $A['sp_uid'])); $sp_template->set_var('gltoken_name', CSRF_TOKEN); $sp_template->set_var('gltoken', SEC_createToken()); $sp_template->set_var('admin_menu', ADMIN_createMenu($menu_arr, $LANG_STATIC['instructions_edit'], plugin_geticon_staticpages())); PLG_templateSetVars('sp_editor', $sp_template); $retval .= $sp_template->parse('output', 'form'); } return $retval; }
$T->set_var('lang_' . $lang_var, TAG_str($lang_var)); } $tag_menu = array(); $sql = "SELECT type, sid, COUNT(sid) AS cnt " . " FROM {$_TABLES['tag_map']} " . "WHERE (tag_id IN ('" . implode("','", array_map('addslashes', $tags)) . "')) " . "GROUP BY type, sid " . "HAVING cnt = '" . addslashes(count($tags)) . "'"; $result = DB_query($sql); if (!DB_error()) { while (($A = DB_fetchArray($result)) !== FALSE) { $url = ''; $title = ''; $item = '<li><a href="'; switch ($A['type']) { case 'article': /* Falls through to default */ /* Falls through to default */ default: $url = COM_buildURL($_CONF['site_url'] . '/article.php?story=' . TAG_escape($A['sid'])); $title = TAG_getStoryTitle($A['sid']); break; } if ($url === '') { continue; } $item .= $url . '">' . TAG_escape($title) . '</a></li>' . LB; $tag_menu[] = $item; } } if (count($tag_menu) > 0) { $tag_menu = '<ol>' . LB . implode(LB, $tag_menu) . LB . '</ol>' . LB; } else { $tag_menu = TAG_str('no_item'); }
function _parseElement() { global $_SP_CONF, $_USER, $_TABLES, $LANG01, $_CONF, $_GROUPS; $returnArray = array(); $childArray = array(); $item_array = array(); if ($this->active != 1 && $this->id != 0) { return NULL; } if ($this->group_id == 998 && !COM_isAnonUser()) { return NULL; } if (isset($_REQUEST['topic'])) { $topic = COM_applyFilter($_REQUEST['topic']); } else { $topic = ''; } if (COM_isAnonUser()) { $anon = 1; } else { $anon = 0; } $allowed = true; if ($this->group_id != 998 && $this->id != 0 && !SEC_inGroup($this->group_id)) { return NULL; } if ($this->group_id == 1 && !isset($_GROUPS['Root'])) { return NULL; } switch ($this->type) { case ET_SUB_MENU: $this->replace_macros(); break; case ET_FUSION_ACTION: switch ($this->subtype) { case 0: // home $this->url = $_CONF['site_url'] . '/'; break; case 1: // contribute if ($anon && ($_CONF['loginrequired'] || $_CONF['submitloginrequired'])) { return NULL; } if (empty($topic)) { $this->url = $_CONF['site_url'] . '/submit.php?type=story'; } else { $this->url = $_CONF['site_url'] . '/submit.php?type=story&topic=' . $topic; } $label = $LANG01[71]; break; case 2: // directory if ($anon && ($_CONF['loginrequired'] || $_CONF['directoryloginrequired'])) { return NULL; } $this->url = $_CONF['site_url'] . '/directory.php'; if (!empty($topic)) { $this->url = COM_buildUrl($this->url . '?topic=' . urlencode($topic)); } break; case 3: // prefs if ($anon && ($_CONF['loginrequired'] || $_CONF['profileloginrequired'])) { return NULL; } $this->url = $_CONF['site_url'] . '/usersettings.php?mode=edit'; break; case 4: // search if ($anon && ($_CONF['loginrequired'] || $_CONF['searchloginrequired'])) { return NULL; } $this->url = $_CONF['site_url'] . '/search.php'; break; case 5: // stats if (!SEC_hasRights('stats.view')) { return NULL; } $this->url = $_CONF['site_url'] . '/stats.php'; break; default: // unknown? $this->url = $_CONF['site_url'] . '/'; break; } break; case ET_FUSION_MENU: $this->url = ''; switch ($this->subtype) { case USER_MENU: // if anonymous user - show login entry if (COM_isAnonUser()) { $this->label = $LANG01[58]; $this->url = $_CONF['site_url'] . '/users.php'; $this->target = ''; break; } // logged-in user see My Account entry $item_array = getUserMenu(); $this->label = $LANG01[47]; break; case ADMIN_MENU: $this->url = $_CONF['site_admin_url']; $item_array = getAdminMenu(); break; case TOPIC_MENU: $item_array = getTopicMenu(); break; case STATICPAGE_MENU: $item_array = array(); $order = ''; if (!empty($_SP_CONF['sort_menu_by'])) { $order = ' ORDER BY '; if ($_SP_CONF['sort_menu_by'] == 'date') { $order .= 'sp_date DESC'; } else { if ($_SP_CONF['sort_menu_by'] == 'label') { $order .= 'sp_label'; } else { if ($_SP_CONF['sort_menu_by'] == 'title') { $order .= 'sp_title'; } else { // default to "sort by id" $order .= 'sp_id'; } } } } $result = DB_query('SELECT sp_id, sp_label FROM ' . $_TABLES['staticpage'] . ' WHERE sp_onmenu = 1 AND sp_status = 1' . COM_getPermSql('AND') . $order); $nrows = DB_numRows($result); $menuitems = array(); for ($i = 0; $i < $nrows; $i++) { $A = DB_fetchArray($result); $url = COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $A['sp_id']); $label = $A['sp_label']; $item_array[] = array('label' => $label, 'url' => $url); } break; case PLUGIN_MENU: $item_array = array(); $plugin_menu = PLG_getMenuItems(); if (count($plugin_menu) == 0) { $this->access = 0; } else { for ($i = 1; $i <= count($plugin_menu); $i++) { $url = current($plugin_menu); $label = key($plugin_menu); $item_array[] = array('label' => $label, 'url' => $url); next($plugin_menu); } } break; case HEADER_MENU: default: } break; case ET_PLUGIN: $plugin_menus = _mbPLG_getMenuItems(); if (isset($plugin_menus[$this->subtype])) { $this->url = $plugin_menus[$this->subtype]; } else { $this->access = 0; $allowed = 0; } break; case ET_STATICPAGE: $this->url = COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $this->subtype); break; case ET_URL: $this->replace_macros(); break; case ET_PHP: $functionName = $this->subtype; if (function_exists($functionName)) { $item_array = $functionName(); } break; case ET_TOPIC: $this->url = $_CONF['site_url'] . '/index.php?topic=' . $this->subtype; break; default: break; } if ($this->id != 0 && $this->group_id == 998 && SEC_inGroup('Root')) { return NULL; } if ($allowed == 0 || $this->access == 0) { return NULL; } if ($this->type == ET_FUSION_MENU || $this->type == ET_PHP) { $childArray = $item_array; } else { if (!empty($this->children)) { $howmany = $this->getChildcount(); if ($howmany > 0) { $children = $this->getChildren(); foreach ($children as $child) { $elementArray = $child->_parseElement(); if ($elementArray != NULL) { $childArray[] = $elementArray; } } } } else { $childArray = NULL; } } $returnArray = array('label' => $this->label, 'url' => $this->url, 'target' => $this->target, 'children' => is_array($childArray) ? $childArray : NULL); return $returnArray; }
/** * Create the breadcrumb display, with links. * * @param integer $id ID of current category * @return string Location string ready for display */ function PAYPAL_Breadcrumbs($id) { global $_TABLES, $LANG_PP; $A = array(); $location = ''; $id = (int) $id; if ($id < 1) { return $location; } else { $parent = $id; } while (true) { $sql = "SELECT cat_name, cat_id, parent_id\n FROM {$_TABLES['paypal.categories']}\n WHERE cat_id='{$parent}' " . COM_getPermSQL('AND'); $result = DB_query($sql); if (!$result) { break; } $row = DB_fetchArray($result, false); $url = '<a href="' . PAYPAL_URL . '/index.php?category=' . (int) $row['cat_id'] . '">' . $row['cat_name'] . '</a>'; $A[] = $url; $parent = (int) $row['parent_id']; if ($parent == 0) { $url = '<a href="' . COM_buildURL(PAYPAL_URL . '/index.php') . '">' . $LANG_PP['home'] . '</a>'; $A[] = $url; break; } } $B = array_reverse($A); $location = implode(' :: ', $B); return $location; }
/** * Submit static page. The page is updated if it exists, or a new one is created * * @param array args Contains all the data provided by the client * @param string &output OUTPUT parameter containing the returned text * @param string &svc_msg OUTPUT parameter containing any service messages * @return int Response code as defined in lib-plugins.php */ function service_submit_staticpages($args, &$output, &$svc_msg) { global $_CONF, $_TABLES, $_USER, $LANG_ACCESS, $LANG12, $LANG_STATIC, $_GROUPS, $_SP_CONF; if (!$_CONF['disable_webservices']) { require_once $_CONF['path_system'] . 'lib-webservices.php'; } $output = ''; if (!SEC_hasRights('staticpages.edit')) { $output = COM_siteHeader('menu', $LANG_STATIC['access_denied']); $output .= COM_startBlock($LANG_STATIC['access_denied'], '', COM_getBlockTemplate('_msg_block', 'header')); $output .= $LANG_STATIC['access_denied_msg']; $output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer')); $output .= COM_siteFooter(); return PLG_RET_AUTH_FAILED; } $gl_edit = false; if (isset($args['gl_edit'])) { $gl_edit = $args['gl_edit']; } if ($gl_edit) { // This is EDIT mode, so there should be an sp_old_id if (empty($args['sp_old_id'])) { if (!empty($args['id'])) { $args['sp_old_id'] = $args['id']; } else { return PLG_RET_ERROR; } if (empty($args['sp_id'])) { $args['sp_id'] = $args['sp_old_id']; } } } else { if (empty($args['sp_id']) && !empty($args['id'])) { $args['sp_id'] = $args['id']; } } if (empty($args['sp_title']) && !empty($args['title'])) { $args['sp_title'] = $args['title']; } if (empty($args['sp_content']) && !empty($args['content'])) { $args['sp_content'] = $args['content']; } if (isset($args['category']) && is_array($args['category']) && !empty($args['category'][0])) { $args['sp_tid'] = $args['category'][0]; } if (!isset($args['owner_id'])) { $args['owner_id'] = $_USER['uid']; } if (empty($args['group_id'])) { $args['group_id'] = SEC_getFeatureGroup('staticpages.edit', $_USER['uid']); } $args['sp_id'] = COM_sanitizeID($args['sp_id']); if (!$gl_edit) { if (strlen($args['sp_id']) > STATICPAGE_MAX_ID_LENGTH) { $slug = ''; if (isset($args['slug'])) { $slug = $args['slug']; } if (function_exists('WS_makeId')) { $args['sp_id'] = WS_makeId($slug, STATICPAGE_MAX_ID_LENGTH); } else { $args['sp_id'] = COM_makeSid(); } } } // Apply filters to the parameters passed by the webservice if ($args['gl_svc']) { $par_str = array('mode', 'sp_id', 'sp_old_id', 'sp_tid', 'sp_format', 'postmode'); $par_num = array('sp_hits', 'owner_id', 'group_id', 'sp_where', 'sp_php', 'commentcode'); foreach ($par_str as $str) { if (isset($args[$str])) { $args[$str] = COM_applyBasicFilter($args[$str]); } else { $args[$str] = ''; } } foreach ($par_num as $num) { if (isset($args[$num])) { $args[$num] = COM_applyBasicFilter($args[$num], true); } else { $args[$num] = 0; } } } // START: Staticpages defaults if (empty($args['sp_format'])) { $args['sp_format'] = 'allblocks'; } if (empty($args['sp_tid'])) { $args['sp_tid'] = 'all'; } if ($args['sp_where'] < 0 || $args['sp_where'] > 3) { $args['sp_where'] = 0; } if ($args['sp_php'] < 0 || $args['sp_php'] > 2) { $args['sp_php'] = 0; } if ($args['commentcode'] < -1 || $args['commentcode'] > 1) { $args['commentcode'] = $_CONF['comment_code']; } if ($args['gl_svc']) { // Permissions if (!isset($args['perm_owner'])) { $args['perm_owner'] = $_SP_CONF['default_permissions'][0]; } else { $args['perm_owner'] = COM_applyBasicFilter($args['perm_owner'], true); } if (!isset($args['perm_group'])) { $args['perm_group'] = $_SP_CONF['default_permissions'][1]; } else { $args['perm_group'] = COM_applyBasicFilter($args['perm_group'], true); } if (!isset($args['perm_members'])) { $args['perm_members'] = $_SP_CONF['default_permissions'][2]; } else { $args['perm_members'] = COM_applyBasicFilter($args['perm_members'], true); } if (!isset($args['perm_anon'])) { $args['perm_anon'] = $_SP_CONF['default_permissions'][3]; } else { $args['perm_anon'] = COM_applyBasicFilter($args['perm_anon'], true); } if (!isset($args['sp_onmenu'])) { $args['sp_onmenu'] = ''; } elseif ($args['sp_onmenu'] == 'on' && empty($args['sp_label'])) { $svc_msg['error_desc'] = 'Menu label missing'; return PLG_RET_ERROR; } if (empty($args['sp_content'])) { $svc_msg['error_desc'] = 'No content'; return PLG_RET_ERROR; } if (empty($args['sp_inblock']) && $_SP_CONF['in_block'] == '1') { $args['sp_inblock'] = 'on'; } if (empty($args['sp_centerblock'])) { $args['sp_centerblock'] = ''; } if (empty($args['draft_flag']) && $_SP_CONF['draft_flag'] == '1') { $args['draft_flag'] = 'on'; } if (empty($args['template_flag'])) { $args['template_flag'] = ''; } if (empty($args['template_id'])) { $args['template_id'] = ''; } } // END: Staticpages defaults $sp_id = $args['sp_id']; $sp_title = $args['sp_title']; $sp_page_title = $args['sp_page_title']; $sp_content = $args['sp_content']; $sp_hits = $args['sp_hits']; $sp_format = $args['sp_format']; $sp_onmenu = $args['sp_onmenu']; $sp_label = ''; if (!empty($args['sp_label'])) { $sp_label = $args['sp_label']; } $meta_description = $args['meta_description']; $meta_keywords = $args['meta_keywords']; $commentcode = $args['commentcode']; $owner_id = $args['owner_id']; $group_id = $args['group_id']; $perm_owner = $args['perm_owner']; $perm_group = $args['perm_group']; $perm_members = $args['perm_members']; $perm_anon = $args['perm_anon']; $sp_php = $args['sp_php']; $sp_nf = ''; if (!empty($args['sp_nf'])) { $sp_nf = $args['sp_nf']; } $sp_old_id = $args['sp_old_id']; $sp_centerblock = $args['sp_centerblock']; $draft_flag = $args['draft_flag']; $template_flag = $args['template_flag']; $template_id = $args['template_id']; $sp_help = ''; if (!empty($args['sp_help'])) { $sp_help = $args['sp_help']; } $sp_tid = $args['sp_tid']; $sp_where = $args['sp_where']; $sp_inblock = $args['sp_inblock']; $postmode = $args['postmode']; if ($gl_edit && !empty($args['gl_etag'])) { // First load the original staticpage to check if it has been modified $o = array(); $s = array(); $r = service_get_staticpages(array('sp_id' => $sp_old_id, 'gl_svc' => true), $o, $s); if ($r == PLG_RET_OK) { if ($args['gl_etag'] != $o['updated']) { $svc_msg['error_desc'] = 'A more recent version of the staticpage is available'; return PLG_RET_PRECONDITION_FAILED; } } else { $svc_msg['error_desc'] = 'The requested staticpage no longer exists'; return PLG_RET_ERROR; } } // Check for unique page ID $duplicate_id = false; $delete_old_page = false; if (DB_count($_TABLES['staticpage'], 'sp_id', $sp_id) > 0) { if ($sp_id != $sp_old_id) { $duplicate_id = true; } } elseif (!empty($sp_old_id)) { if ($sp_id != $sp_old_id) { $delete_old_page = true; } } if ($duplicate_id) { $output .= COM_siteHeader('menu', $LANG_STATIC['staticpageeditor']); $output .= COM_errorLog($LANG_STATIC['duplicate_id'], 2); if (!$args['gl_svc']) { $output .= staticpageeditor($sp_id); } $output .= COM_siteFooter(); $svc_msg['error_desc'] = 'Duplicate ID'; return PLG_RET_ERROR; } elseif (!empty($sp_title) && !empty($sp_content)) { if (empty($sp_hits)) { $sp_hits = 0; } if ($sp_onmenu == 'on') { $sp_onmenu = 1; } else { $sp_onmenu = 0; } if ($sp_nf == 'on') { $sp_nf = 1; } else { $sp_nf = 0; } if ($sp_centerblock == 'on') { $sp_centerblock = 1; } else { $sp_centerblock = 0; } if ($sp_inblock == 'on') { $sp_inblock = 1; } else { $sp_inblock = 0; } if ($draft_flag == 'on') { $draft_flag = 1; } else { $draft_flag = 0; } if ($template_flag == 'on') { $template_flag = 1; } else { $template_flag = 0; } // Remove any autotags the user doesn't have permission to use $sp_content = PLG_replaceTags($sp_content, '', true); // Clean up the text if ($_SP_CONF['censor'] == 1) { $sp_content = COM_checkWords($sp_content); $sp_title = COM_checkWords($sp_title); } if ($_SP_CONF['filter_html'] == 1) { $sp_content = COM_checkHTML($sp_content, 'staticpages.edit'); } $sp_title = strip_tags($sp_title); $sp_page_title = strip_tags($sp_page_title); $sp_label = strip_tags($sp_label); $meta_description = strip_tags($meta_description); $meta_keywords = strip_tags($meta_keywords); $sp_content = addslashes($sp_content); $sp_title = addslashes($sp_title); $sp_page_title = addslashes($sp_page_title); $sp_label = addslashes($sp_label); $meta_description = addslashes($meta_description); $meta_keywords = addslashes($meta_keywords); // If user does not have php edit perms, then set php flag to 0. if ($_SP_CONF['allow_php'] != 1 || !SEC_hasRights('staticpages.PHP')) { $sp_php = 0; } // If marked as a template then set id to nothing and other default settings if ($template_flag == 1) { $template_id = ''; $sp_onmenu = 0; $sp_label = ""; $sp_centerblock = 0; $sp_php = 0; $sp_inblock = 0; $sp_nf = 0; $sp_hits = 0; $meta_description = ""; $meta_keywords = ""; } else { // See if it was a template before, if so and option changed, remove use from other pages if (DB_getItem($_TABLES['staticpage'], 'template_flag', "sp_id = '{$sp_old_id}'") == 1) { $sql = "UPDATE {$_TABLES['staticpage']} SET template_id = '' WHERE template_id = '{$sp_old_id}'"; $result = DB_query($sql); } if ($template_id != '') { // If using a template, make sure php disabled $sp_php = 0; // Double check template id exists and is still a template $perms = SP_getPerms(); if (!empty($perms)) { $perms = ' AND ' . $perms; } if (DB_getItem($_TABLES['staticpage'], 'COUNT(sp_id)', "sp_id = '{$template_id}' AND template_flag = 1 AND (draft_flag = 0)" . $perms) == 0) { $template_id = ''; } } } // make sure there's only one "entire page" static page per topic if ($sp_centerblock == 1 && $sp_where == 0) { $sql = "UPDATE {$_TABLES['staticpage']} SET sp_centerblock = 0 WHERE (sp_centerblock = 1) AND (sp_where = 0) AND (sp_tid = '{$sp_tid}') AND (draft_flag = 0)"; // if we're in a multi-language setup, we need to allow one "entire // page" centerblock for 'all' or 'none' per language if (!empty($_CONF['languages']) && !empty($_CONF['language_files']) && ($sp_tid == 'all' || $sp_tid == 'none')) { $ids = explode('_', $sp_id); if (count($ids) > 1) { $lang_id = array_pop($ids); $sql .= " AND sp_id LIKE '%\\_{$lang_id}'"; } } DB_query($sql); } $formats = array('allblocks', 'blankpage', 'leftblocks', 'noblocks'); if (!in_array($sp_format, $formats)) { $sp_format = 'allblocks'; } if (!$args['gl_svc']) { list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon); } // Retrieve created date $datecreated = DB_getItem($_TABLES['staticpage'], 'created', "sp_id = '{$sp_id}'"); if ($datecreated == '') { $datecreated = date('Y-m-d H:i:s'); } DB_save($_TABLES['staticpage'], 'sp_id,sp_title,sp_page_title, sp_content,created,modified,sp_hits,sp_format,sp_onmenu,sp_label,commentcode,meta_description,meta_keywords,template_flag,template_id,draft_flag,owner_id,group_id,' . 'perm_owner,perm_group,perm_members,perm_anon,sp_php,sp_nf,sp_centerblock,sp_help,sp_tid,sp_where,sp_inblock,postmode', "'{$sp_id}','{$sp_title}','{$sp_page_title}','{$sp_content}','{$datecreated}',NOW(),{$sp_hits},'{$sp_format}',{$sp_onmenu},'{$sp_label}','{$commentcode}','{$meta_description}','{$meta_keywords}',{$template_flag},'{$template_id}',{$draft_flag},{$owner_id},{$group_id}," . "{$perm_owner},{$perm_group},{$perm_members},{$perm_anon},'{$sp_php}','{$sp_nf}',{$sp_centerblock},'{$sp_help}','{$sp_tid}',{$sp_where}," . "'{$sp_inblock}','{$postmode}'"); if ($delete_old_page && !empty($sp_old_id)) { // If a template and the id changed, update any staticpages that use it if ($template_flag == 1) { $sql = "UPDATE {$_TABLES['staticpage']} SET template_id = '{$sp_id}' WHERE template_id = '{$sp_old_id}'"; $result = DB_query($sql); } DB_delete($_TABLES['staticpage'], 'sp_id', $sp_old_id); } if (empty($sp_old_id) || $sp_id == $sp_old_id) { if (!$template_flag) { PLG_itemSaved($sp_id, 'staticpages'); } else { // If template then have to notify of all pages that use this template that a change to the page happened $sql = "SELECT sp_id FROM {$_TABLES['staticpage']} WHERE template_id = '{$sp_id}'"; $result = DB_query($sql); while ($A = DB_fetchArray($result)) { PLG_itemSaved($A['sp_id'], 'staticpages'); } } } else { DB_change($_TABLES['comments'], 'sid', addslashes($sp_id), array('sid', 'type'), array(addslashes($sp_old_id), 'staticpages')); if (!$template_flag) { PLG_itemSaved($sp_id, 'staticpages', $sp_old_id); } else { // If template then have to notify of all pages that use this template that a change to the page happened $sql = "SELECT sp_id FROM {$_TABLES['staticpage']} WHERE template_id = '{$sp_id}'"; $result = DB_query($sql); while ($A = DB_fetchArray($result)) { PLG_itemSaved($A['sp_id'], 'staticpages'); } } } $url = COM_buildURL($_CONF['site_url'] . '/staticpages/index.php?page=' . $sp_id); $output .= PLG_afterSaveSwitch($_SP_CONF['aftersave'], $url, 'staticpages', 19); $svc_msg['id'] = $sp_id; return PLG_RET_OK; } else { $output .= COM_siteHeader('menu', $LANG_STATIC['staticpageeditor']); $output .= COM_errorLog($LANG_STATIC['no_title_or_content'], 2); if (!$args['gl_svc']) { $output .= staticpageeditor($sp_id); } $output .= COM_siteFooter(); return PLG_RET_ERROR; } }
function fncSave($edt_flg, $navbarMenu, $menuno) { $pi_name = "userbox"; global $_CONF; global $_TABLES; global $_USER; global $_USERBOX_CONF; global $LANG_USERBOX_ADMIN; global $_FILES; $addition_def = DATABOX_getadditiondef($pi_name); $retval = ''; // clean 'em up $id = COM_applyFilter($_POST['id'], true); $fieldset_id = COM_applyFilter($_POST['fieldset'], true); //@@@@@ username fullname $username = COM_applyFilter($_POST['username']); $username = addslashes(COM_checkHTML(COM_checkWords($username))); $fullname = COM_applyFilter($_POST['fullname']); $fullname = addslashes(COM_checkHTML(COM_checkWords($fullname))); $page_title = COM_applyFilter($_POST['page_title']); $page_title = addslashes(COM_checkHTML(COM_checkWords($page_title))); $description = $_POST['description']; //COM_applyFilter($_POST['description']); $description = addslashes(COM_checkHTML(COM_checkWords($description))); $defaulttemplatesdirectory = COM_applyFilter($_POST['defaulttemplatesdirectory']); $defaulttemplatesdirectory = addslashes(COM_checkHTML(COM_checkWords($defaulttemplatesdirectory))); $draft_flag = COM_applyFilter($_POST['draft_flag'], true); // $hits =0; // $comments=0; $comment_expire_flag = COM_applyFilter($_POST['comment_expire_flag'], true); if ($comment_expire_flag) { $comment_expire_month = COM_applyFilter($_POST['comment_expire_month'], true); $comment_expire_day = COM_applyFilter($_POST['comment_expire_day'], true); $comment_expire_year = COM_applyFilter($_POST['comment_expire_year'], true); $comment_expire_hour = COM_applyFilter($_POST['comment_expire_hour'], true); $comment_expire_minute = COM_applyFilter($_POST['comment_expire_minute'], true); if ($comment_expire_ampm == 'pm') { if ($comment_expire_hour < 12) { $comment_expire_hour = $comment_expire_hour + 12; } } if ($comment_expire_ampm == 'am' and $comment_expire_hour == 12) { $comment_expire_hour = '00'; } } else { $comment_expire_month = 0; $comment_expire_day = 0; $comment_expire_year = 0; $comment_expire_hour = 0; $comment_expire_minute = 0; } $commentcode = COM_applyFilter($_POST['commentcode'], true); $trackbackcode = COM_applyFilter($_POST['trackbackcode'], true); $cache_time = COM_applyFilter($_POST['cache_time'], true); $meta_description = $_POST['meta_description']; $meta_description = addslashes(COM_checkHTML(COM_checkWords($meta_description))); $meta_keywords = $_POST['meta_keywords']; $meta_keywords = addslashes(COM_checkHTML(COM_checkWords($meta_keywords))); $language_id = COM_applyFilter($_POST['language_id']); $language_id = addslashes(COM_checkHTML(COM_checkWords($language_id))); $category = $_POST['category']; //@@@@@ $additionfields = $_POST['afield']; $additionfields_old = $_POST['afield']; $additionfields_fnm = $_POST['afield_fnm']; $additionfields_del = $_POST['afield_del']; $additionfields_alt = $_POST['afield_alt']; $additionfields_date = array(); $dummy = DATABOX_cleanaddtiondatas($additionfields, $addition_def, $additionfields_fnm, $additionfields_del, $additionfields_date, $additionfields_alt); // $owner_id = COM_applyFilter($_POST['owner_id'], true); $group_id = COM_applyFilter($_POST['group_id'], true); // $array['perm_owner'] = $_POST['perm_owner']; $array['perm_group'] = $_POST['perm_group']; $array['perm_members'] = $_POST['perm_members']; $array['perm_anon'] = $_POST['perm_anon']; if (is_array($array['perm_owner']) || is_array($array['perm_group']) || is_array($array['perm_members']) || is_array($array['perm_anon'])) { list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($array['perm_owner'], $array['perm_group'], $array['perm_members'], $array['perm_anon']); } else { $perm_owner = COM_applyBasicFilter($array['perm_owner'], true); $perm_group = COM_applyBasicFilter($array['perm_group'], true); $perm_members = COM_applyBasicFilter($array['perm_members'], true); $perm_anon = COM_applyBasicFilter($array['perm_anon'], true); } //編集日付 $modified_autoupdate = COM_applyFilter($_POST['modified_autoupdate'], true); if ($modified_autoupdate == 1) { //$udate = date('Ymd'); $modified_month = date('m'); $modified_day = date('d'); $modified_year = date('Y'); $modified_hour = date('H'); $modified_minute = date('i'); } else { $modified_month = COM_applyFilter($_POST['modified_month'], true); $modified_day = COM_applyFilter($_POST['modified_day'], true); $modified_year = COM_applyFilter($_POST['modified_year'], true); $modified_hour = COM_applyFilter($_POST['modified_hour'], true); $modified_minute = COM_applyFilter($_POST['modified_minute'], true); $modified_ampm = COM_applyFilter($_POST['modified_ampm']); if ($modified_ampm == 'pm') { if ($modified_hour < 12) { $modified_hour = $modified_hour + 12; } } if ($modified_ampm == 'am' and $modified_hour == 12) { $modified_hour = '00'; } } //公開日 $released_month = COM_applyFilter($_POST['released_month'], true); $released_day = COM_applyFilter($_POST['released_day'], true); $released_year = COM_applyFilter($_POST['released_year'], true); $released_hour = COM_applyFilter($_POST['released_hour'], true); $released_minute = COM_applyFilter($_POST['released_minute'], true); if ($released_ampm == 'pm') { if ($released_hour < 12) { $released_hour = $released_hour + 12; } } if ($released_ampm == 'am' and $released_hour == 12) { $released_hour = '00'; } //公開終了日 $expired_flag = COM_applyFilter($_POST['expired_flag'], true); if ($expired_flag) { $expired_month = COM_applyFilter($_POST['expired_month'], true); $expired_day = COM_applyFilter($_POST['expired_day'], true); $expired_year = COM_applyFilter($_POST['expired_year'], true); $expired_hour = COM_applyFilter($_POST['expired_hour'], true); $expired_minute = COM_applyFilter($_POST['expired_minute'], true); if ($expired_ampm == 'pm') { if ($expired_hour < 12) { $expired_hour = $expired_hour + 12; } } if ($expired_ampm == 'am' and $expired_hour == 12) { $expired_hour = '00'; } } else { $expired_month = 0; $expired_day = 0; $expired_year = 0; $expired_hour = 0; $expired_minute = 0; } $created = COM_applyFilter($_POST['created_un']); $orderno = mb_convert_kana($_POST['orderno'], "a"); //全角英数字を半角英数字に変換する $orderno = COM_applyFilter($orderno, true); //$name = mb_convert_kana($name,"AKV"); //A:半角英数字を全角英数字に変換する //K:半角カタカナを全角カタカナに変換する //V:濁点つきの文字を1文字に変換する (K、H と共に利用する) //$name = str_replace ("'", "’",$name); //$code = mb_convert_kana($code,"a");//全角英数字を半角英数字に変換する //----- $type = 1; $uuid = $_USER['uid']; // CHECK はじめ $err = ""; //id if ($id == 0) { //$err.=$LANG_USERBOX_ADMIN['err_uid']."<br {XHTML}>".LB; } else { if (!is_numeric($id)) { $err .= $LANG_USERBOX_ADMIN['err_id'] . "<br {XHTML}>" . LB; } } //文字数制限チェック if (mb_strlen($description, 'UTF-8') > $_USERBOX_CONF['maxlength_description']) { $err .= $LANG_USERBOX_ADMIN['description'] . $_USERBOX_CONF['maxlength_description'] . $LANG_USERBOX_ADMIN['err_maxlength'] . "<br/>" . LB; } if (mb_strlen($meta_description, 'UTF-8') > $_USERBOX_CONF['maxlength_meta_description']) { $err .= $LANG_USERBOX_ADMIN['meta_description'] . $_USERBOX_CONF['maxlength_meta_description'] . $LANG_USERBOX_ADMIN['err_maxlength'] . "<br/>" . LB; } if (mb_strlen($meta_keywords, 'UTF-8') > $_USERBOX_CONF['maxlength_meta_keywords']) { $err .= $LANG_USERBOX_ADMIN['meta_keywords'] . $_USERBOX_CONF['maxlength_meta_keywords'] . $LANG_USERBOX_ADMIN['err_maxlength'] . "<br/>" . LB; } //----追加項目チェック $err .= DATABOX_checkaddtiondatas($additionfields, $addition_def, $pi_name, $additionfields_fnm, $additionfields_del, $additionfields_alt); //編集日付 $modified = $modified_year . "-" . $modified_month . "-" . $modified_day; if (checkdate($modified_month, $modified_day, $modified_year) == false) { $err .= $LANG_USERBOX_ADMIN['err_modified'] . "<br {XHTML}>" . LB; } $modified = COM_convertDate2Timestamp($modified_year . "-" . $modified_month . "-" . $modified_day, $modified_hour . ":" . $modified_minute . "::00"); //公開日 $released = $released_year . "-" . $released_month . "-" . $released_day; if (checkdate($released_month, $released_day, $released_year) == false) { $err .= $LANG_USERBOX_ADMIN['err_released'] . "<br {XHTML}>" . LB; } $released = COM_convertDate2Timestamp($released_year . "-" . $released_month . "-" . $released_day, $released_hour . ":" . $released_minute . "::00"); //コメント受付終了日時 if ($comment_expire_flag) { if (checkdate($comment_expire_month, $comment_expire_day, $comment_expire_year) == false) { $err .= $LANG_USERBOX_ADMIN['err_comment_expire'] . "<br {XHTML}>" . LB; } $comment_expire = COM_convertDate2Timestamp($comment_expire_year . "-" . $comment_expire_month . "-" . $comment_expire_day, $comment_expire_hour . ":" . $comment_expire_minute . "::00"); } else { $comment_expire = '0000-00-00 00:00:00'; //$comment_expire=""; } //公開終了日 if ($expired_flag) { if (checkdate($expired_month, $expired_day, $expired_year) == false) { $err .= $LANG_USERBOX_ADMIN['err_expired'] . "<br {XHTML}>" . LB; } $expired = COM_convertDate2Timestamp($expired_year . "-" . $expired_month . "-" . $expired_day, $expired_hour . ":" . $expired_minute . "::00"); if ($expired < $released) { $err .= $LANG_USERBOX_ADMIN['err_expired'] . "<br {XHTML}>" . LB; } } else { $expired = '0000-00-00 00:00:00'; //$expired=""; } //errorのあるとき if ($err != "") { $retval['title'] = $LANG_USERBOX_ADMIN['piname'] . $LANG_USERBOX_ADMIN['edit']; $retval['display'] = fncEdit($id, $edt_flg, 3, $err); return $retval; } // CHECK おわり if ($id == 0) { $w = DB_getItem($_TABLES['USERBOX_base'], "max(id)", "1=1"); if ($w == "") { $w = 0; } $id = $w + 1; $created_month = date('m'); $created_day = date('d'); $created_year = date('Y'); $created_hour = date('H'); $created_minute = date('i'); $created = COM_convertDate2Timestamp($created_year . "-" . $created_month . "-" . $created_day, $created_hour . ":" . $created_minute . "::00"); } $hits = 0; $comments = 0; $fields = "id"; $values = "{$id}"; $fields .= ",page_title"; // $values .= ",'{$page_title}'"; $fields .= ",description"; // $values .= ",'{$description}'"; $fields .= ",defaulttemplatesdirectory"; // $values .= ",'{$defaulttemplatesdirectory}'"; //$fields.=",hits";// //$values.=",$hits"; $fields .= ",comments"; // $values .= ",{$comments}"; $fields .= ",meta_description"; // $values .= ",'{$meta_description}'"; $fields .= ",meta_keywords"; // $values .= ",'{$meta_keywords}'"; $fields .= ",commentcode"; // $values .= ",{$commentcode}"; $fields .= ",trackbackcode"; // $values .= ",{$trackbackcode}"; $fields .= ",cache_time"; // $values .= ",{$cache_time}"; $fields .= ",comment_expire"; // if ($comment_expire == '0000-00-00 00:00:00') { $values .= ",'{$comment_expire}'"; } else { $values .= ",FROM_UNIXTIME('{$comment_expire}')"; } $fields .= ",language_id"; // $values .= ",'{$language_id}'"; $fields .= ",owner_id"; $values .= ",{$owner_id}"; $fields .= ",group_id"; $values .= ",{$group_id}"; $fields .= ",perm_owner"; $values .= ",{$perm_owner}"; $fields .= ",perm_group"; $values .= ",{$perm_group}"; $fields .= ",perm_members"; $values .= ",{$perm_members}"; $fields .= ",perm_anon"; $values .= ",{$perm_anon}"; $fields .= ",modified"; $values .= ",FROM_UNIXTIME('{$modified}')"; if ($created != "") { $fields .= ",created"; $values .= ",FROM_UNIXTIME('{$created}')"; } $fields .= ",expired"; if ($expired == '0000-00-00 00:00:00') { $values .= ",'{$expired}'"; } else { $values .= ",FROM_UNIXTIME('{$expired}')"; } $fields .= ",released"; $values .= ",FROM_UNIXTIME('{$released}')"; $fields .= ",orderno"; // $values .= ",{$orderno}"; $fields .= ",fieldset_id"; // $values .= ",{$fieldset_id}"; $fields .= ",uuid"; $values .= ",{$uuid}"; $fields .= ",draft_flag"; $values .= ",{$draft_flag}"; DB_save($_TABLES['USERBOX_base'], $fields, $values); //カテゴリ $rt = DATABOX_savecategorydatas($id, $category, $pi_name); //追加項目 DATABOX_uploadaddtiondatas($additionfields, $addition_def, $pi_name, $id, $additionfields_fnm, $additionfields_del, $additionfields_old, $additionfields_alt); $rt = DATABOX_saveaddtiondatas($id, $additionfields, $addition_def, $pi_name); //user (コアのテーブル) //kokoka $sql = "UPDATE " . $_TABLES['users'] . " SET "; $sql .= " fullname ='" . $fullname . "'"; $sql .= " WHERE uid=" . $id; DB_query($sql); $rt = fncsendmail('data', $id); $cacheInstance = 'userbox__' . $id . '__'; CACHE_remove_instance($cacheInstance); //exit;// debug 用 // if ($edt_flg){ // $return_page=$_CONF['site_url'] . "/".THIS_SCRIPT; // $return_page.="?id=".$id; // }else{ // $return_page=$_CONF['site_admin_url'] . '/plugins/'.THIS_SCRIPT.'?msg=1'; // } // return COM_refresh ($return_page); if ($_USERBOX_CONF['aftersave_admin'] === 'no') { $retval['title'] = $LANG_USERBOX_ADMIN['piname'] . $LANG_USERBOX_ADMIN['edit']; $retval['display'] .= fncEdit($id, $edt_flg, 1, ""); return $retval; } else { if ($_USERBOX_CONF['aftersave_admin'] === 'list') { $url = $_CONF['site_admin_url'] . "/plugins/{$pi_name}/profile.php"; $item_url = COM_buildURL($url); $target = 'item'; } else { $url = $_CONF['site_url'] . "/userbox/profile.php"; $url .= "?"; //コード使用の時 if ($_USERBOX_CONF['datacode']) { $url .= "code=" . $username; $url .= "&m=code"; } else { $url .= "id=" . $id; $url .= "&m=id"; } $item_url = COM_buildUrl($url); $target = $_USERBOX_CONF['aftersave_admin']; } } $return_page = PLG_afterSaveSwitch($target, $item_url, 'userbox', 1); echo $return_page; exit; }
function LIB_Save($pi_name, $edt_flg, $navbarMenu, $menuno) { global $_CONF; global $_TABLES; global $_USER; $box_conf = "_" . strtoupper($pi_name) . "_CONF"; global ${$box_conf}; $box_conf = ${$box_conf}; $lang_box_admin = "LANG_" . strtoupper($pi_name) . "_ADMIN"; global ${$lang_box_admin}; $lang_box_admin = ${$lang_box_admin}; $lang_box_admin_menu = "LANG_" . strtoupper($pi_name) . "_admin_menu"; global ${$lang_box_admin_menu}; $lang_box_admin_menu = ${$lang_box_admin_menu}; $lang_box_inputtype = "LANG_" . strtoupper($pi_name) . "_INPUTTYPE"; global ${$lang_box_inputtype}; $lang_box_inputtype = ${$lang_box_inputtype}; $table = $_TABLES[strtoupper($pi_name) . '_def_group']; $retval = ''; // clean 'em up $id = COM_applyFilter($_POST['id'], true); $code = COM_applyFilter($_POST['code']); $code = addslashes(COM_checkHTML(COM_checkWords($code))); $name = COM_applyFilter($_POST['name']); $name = addslashes(COM_checkHTML(COM_checkWords($name))); $description = $_POST['description']; //COM_applyFilter($_POST['description']); $description = addslashes(COM_checkHTML(COM_checkWords($description))); $parent_flg = COM_applyFilter($_POST['parent_flg'], true); $input_type = COM_applyFilter($_POST['input_type'], true); $orderno = mb_convert_kana($_POST['orderno'], "a"); //全角英数字を半角英数字に変換する $orderno = COM_applyFilter($orderno, true); //$name = mb_convert_kana($name,"AKV"); //A:半角英数字を全角英数字に変換する //K:半角カタカナを全角カタカナに変換する //V:濁点つきの文字を1文字に変換する (K、H と共に利用する) //$name = str_replace ("'", "’",$name); //$code = mb_convert_kana($code,"a");//全角英数字を半角英数字に変換する //----- $type = 1; $uuid = $_USER['uid']; // CHECK はじめ $err = ""; //ID コード if ($id == 0) { //$err.=$lang_box_admin['err_uid']."<br/>".LB; } else { if (!is_numeric($id)) { $err .= $lang_box_admin['err_id'] . "<br/>" . LB; } } //コード if ($code != "") { $cntsql = "SELECT code FROM {$table} "; $cntsql .= " WHERE "; $cntsql .= " code='{$code}' "; $cntsql .= " AND group_id<>{$id}"; $result = DB_query($cntsql); $numrows = DB_numRows($result); if ($numrows != 0) { $err .= $lang_box_admin['err_code_w'] . "<br/>" . LB; } } //タイトル必須 if (empty($name)) { $err .= $lang_box_admin['err_name'] . "<br/>" . LB; } //errorのあるとき if ($err != "") { $retval['title'] = $lang_box_admin['piname'] . $lang_box_admin['edit']; $retval['display'] = LIB_Edit($pi_name, $id, $edt_flg, 3, $err); return $retval; } // CHECK おわり if ($id == 0) { $w = DB_getItem($table, "max(group_id)", "1=1"); if ($w == "") { $w = 0; } $id = $w + 1; } $fields = "group_id"; $values = "{$id}"; $fields .= ",code"; $values .= ",'{$code}'"; $fields .= ",name"; $values .= ",'{$name}'"; $fields .= ",description"; $values .= ",'{$description}'"; $fields .= ",orderno"; // $values .= ",{$orderno}"; $fields .= ",parent_flg"; // $values .= ",{$parent_flg}"; $fields .= ",input_type"; // $values .= ",{$input_type}"; $fields .= ",uuid"; $values .= ",{$uuid}"; $fields .= ",udatetime"; $values .= ",NOW( )"; // // if ($edt_flg){ // $return_page=$_CONF['site_url'] . "/".THIS_SCRIPT; // $return_page.="?id=".$id; // }else{ // $return_page=$_CONF['site_admin_url'] . '/plugins/'.THIS_SCRIPT.'?msg=1'; // } DB_save($table, $fields, $values, $return_page); // $rt=fncsendmail ($id); $message = ""; if ($box_conf['aftersave_admin'] === 'no') { $retval['title'] = $lang_box_admin['piname'] . $lang_box_admin['edit']; $retval['display'] = LIB_Edit($pi_name, $id, $edt_flg, 1, ""); return $retval; } else { if ($box_conf['aftersave_admin'] === 'list' or $box_conf['aftersave_admin'] === 'item') { $url = $_CONF['site_admin_url'] . "/plugins/{$pi_name}/group.php"; $item_url = COM_buildURL($url); $target = 'item'; $message = 1; } else { if ($box_conf['aftersave_admin'] === 'admin') { $target = $box_conf['aftersave_admin']; $message = 1; } else { $item_url = $_CONF['site_url'] . $box_conf['top']; $target = $box_conf['aftersave_admin']; } } } $return_page = PLG_afterSaveSwitch($target, $item_url, $pi_name, $message); echo $return_page; exit; }
/** * Provide feed data * * @param int $feed feed ID * @param string $link * @param string $update * @return array feed entries */ function plugin_getfeedcontent_comment($feed, &$link, &$update) { global $_CONF, $_TABLES; $result = DB_query("SELECT topic,limits,content_length FROM {$_TABLES['syndication']} WHERE fid = '{$feed}'"); $S = DB_fetchArray($result); // If topic is all then make it root so all topics are returned (since articles cannot belong to all topics) if ($S['topic'] == TOPIC_ALL_OPTION or empty($S['topic'])) { $S['topic'] = TOPIC_ROOT; } // Retrieve list of inherited topics for anonymous user $tid_list = TOPIC_getChildList($S['topic'], 1); $sql = "SELECT c.cid, c.sid, c.title as title, c.comment, UNIX_TIMESTAMP(c.date) AS modified, " . " s.title as articleTitle, c.uid, s.uid as articleAuthor " . "FROM {$_TABLES['comments']} c, {$_TABLES['stories']} s, {$_TABLES['topic_assignments']} ta " . "WHERE (s.draft_flag = 0) AND (s.date <= NOW()) " . COM_getPermSQL('AND', 1, 2, 's') . " AND ta.type = 'article' AND ta.id = s.sid " . " AND c.type = 'article' AND s.sid = c.sid " . "AND (ta.tid IN({$tid_list}) AND (ta.inherit = 1 OR (ta.inherit = 0 AND ta.tid = '{$S['topic']}'))) " . "GROUP BY c.cid " . "ORDER BY modified DESC LIMIT 0, {$S['limits']} "; $result = DB_query($sql); $content = array(); $cids = array(); $numRows = DB_numRows($result); for ($i = 0; $i < $numRows; $i++) { $row = DB_fetchArray($result); $cids[] = $row['cid']; $title = stripslashes($row['title']); $body = stripslashes($row['comment']); if ($S['content_length'] > 1) { $body = SYND_truncateSummary($body, $S['content_length']); } $articleLink = COM_buildURL($_CONF['site_url'] . "/article.php?story={$row['sid']}"); $link = $_CONF['site_url'] . "/comment.php?mode=view&cid={$row['cid']}"; $articleTitle = $row['articleTitle']; if ($_CONF['comment_feeds_article_tag_position'] !== 'none') { $articleAuthor = sprintf($_CONF['comment_feeds_article_author_tag'], $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $row['articleAuthor'], COM_getDisplayName($row['articleAuthor'])); $commentAuthor = sprintf($_CONF['comment_feeds_comment_author_tag'], $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $row['uid'], COM_getDisplayName($row['uid'])); $magicTag = sprintf($_CONF['comment_feeds_article_tag'], $articleLink, $articleTitle, $articleAuthor, $commentAuthor); if ($_CONF['comment_feeds_article_tag_position'] === 'start') { $body = $magicTag . $body; } else { $body .= $magicTag; } } $content[] = array('title' => $title, 'summary' => $body, 'link' => $link, 'uid' => $row['uid'], 'author' => COM_getDisplayName($row['uid']), 'date' => $row['modified'], 'format' => 'html'); } $link = $_CONF['site_url']; $update = implode(',', $cids); return $content; }