function event_ExecuteEditor(&$data)
{
global $lang, $manager;
if ($data['type'] == 'external' && $data['sheet'] == 'external') {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($_REQUEST['url'] != 'http://') {
$res = sql::query("\r\n\t\t\t\t\t\t\tREPLACE \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_external\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "',\r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\turl='" . addslashes($_REQUEST['url']) . "'\r\n\t\t\t\t\t\t");
}
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
header("Location: " . url::item($data['params']['id'], 'edit') . "/external?revision=" . $data['params']['revision']);
exit;
}
$res = sql::query("\r\n\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_external\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t");
$tpl = new Template($this->getTemplate('editor.template'));
if ($row = sql::fetch_array($res)) {
$tpl->set("url", $row['url']);
} else {
$tpl->set("url", 'http://');
}
$tpl->set("id", $data['params']['id']);
$tpl->set("revision", $data['params']['revision']);
$data['template']->append('content', $tpl->fetch());
}
}
function event_ExecuteEditor(&$data)
{
global $lang, $manager, $user;
if (isset($manager->types[$data['type']]['content']['story']) && $data['sheet'] == 'contents') {
// Retrieve story
$res = sql::query("\n\t\t\t\t\tSELECT \n\t\t\t\t\t\t*\n\t\t\t\t\tFROM \n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_story \n\t\t\t\t\tWHERE \n\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "' AND\n\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "'\n\t\t\t\t");
if ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
$story = $row;
} else {
$story = array('text' => '');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$_POST['text'] = filter::images($_POST['text']);
$_POST['text'] = filter::html($_POST['text']);
$res = sql::query("\n\t\t\t\t\t\tREPLACE INTO \n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_story \n\t\t\t\t\t\tSET \n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\n\t\t\t\t\t\t\ttext='" . addslashes($_POST['text']) . "'\n\t\t\t\t\t");
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
header("Location: " . url::item($data['params']['id'], 'edit') . "/contents?revision=" . $data['params']['revision']);
exit;
}
$tpl = new Template($this->getTemplate('editor.template'));
$tpl->set('story', $story);
$tpl->set('id', $data['params']['id']);
$tpl->set('revision', $data['params']['revision']);
$data['template']->append('content', $tpl->fetch());
}
}
function event_ExecuteEditor(&$data)
{
global $lang, $manager;
if ($data['sheet'] == 'background') {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$res = sql::query("\r\n\t\t\t\t\t\tREPLACE INTO \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_background\r\n\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\timage='" . addslashes($_REQUEST['image']) . "', \r\n\t\t\t\t\t\t\tmodified=NOW()\r\n\t\t\t\t\t");
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
header("Location: " . url::item($data['params']['id'], 'edit') . "/background?revision=" . $data['params']['revision']);
exit;
}
$res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t* \r\n\t\t\t\t\tFROM \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_background\r\n\t\t\t\t\tWHERE \r\n\t\t\t\t\t\tid='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t");
if ($row = sql::fetch_array($res)) {
$image = $row['image'];
} else {
$image = '';
}
$tpl = new Template($this->getTemplate('editor.template'));
$tpl->set('id', $data['params']['id']);
$tpl->set('revision', $data['params']['revision']);
$tpl->set('image', $image);
$data['template']->append('content', $tpl->fetch());
// Make sure the following assets are included
$data['page']->assets->registerJavascript('/core/assets/javascript/modaldialog.js');
$data['page']->assets->registerCSS($this->localAsset('editor.css'));
}
}
function renderPanel(&$data)
{
global $tree, $language;
if (revisions::getLastRevision($data['params']['id']) != revisions::getActiveRevision($data['params']['id'])) {
$tpl = new Template($this->getTemplate('panel.template'));
$tpl->set('item', $data['item']);
$tpl->set('sheet', $data['sheet']);
$tpl->set('id', $data['params']['id']);
$tpl->set('draft', $data['params']['revision'] > revisions::getActiveRevision($data['params']['id']));
$tpl->set('activeRevision', revisions::getActiveRevision($data['params']['id']));
$tpl->set('lastRevision', revisions::getLastRevision($data['params']['id']));
$data['template']->append('panels', $tpl->fetch());
}
}
function _deleteItem($id)
{
global $manager;
/* Delete pages recursively */
$res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t*\r\n\t\t\t\tFROM \r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\tWHERE \r\n\t\t\t\t\tparent = '" . $id . "'\r\n\t\t\t");
while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
$this->_deleteItem($row['ID']);
}
/* Delete the plugin data */
$delete = array('id' => $id);
$manager->handleEvent('DeleteItem', $delete);
/* Delete the revision history */
revisions::doDeletePage($id);
/* Delete */
treeStorage::startTransaction();
treeStorage::prepareForDelete($id);
$res = sql::query("\r\n\t\t\t\tDELETE FROM\r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tID='" . $id . "'\r\n\t\t\t");
treeStorage::stopTransaction();
}
function event_ExecuteEditor(&$data)
{
global $lang, $manager;
if (isset($manager->types[$data['type']]['content']['links']) && $data['sheet'] == 'links') {
// Define a list of errors
$errors = array();
$links = array();
$res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t* \r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_links\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tID = '" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision = '" . $data['params']['revision'] . "'\r\n\t\t\t\t");
while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
$links[$row['link']] = $row;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$res = sql::query("\r\n\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_links \r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t");
if (is_array($_POST['links'])) {
$position = 0;
while (list(, $v) = each($_POST['links'])) {
$res = sql::query("\r\n\t\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_links \r\n\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\t\tposition='" . $position . "',\r\n\t\t\t\t\t\t\t\t\turl='" . addslashes($v['url']) . "', \r\n\t\t\t\t\t\t\t\t\ttitle='" . addslashes($v['title']) . "',\r\n\t\t\t\t\t\t\t\t\ttarget='" . addslashes($v['target']) . "'\r\n\t\t\t\t\t\t\t");
$position++;
}
}
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
header("Location: " . url::item($data['params']['id'], 'edit') . "/links?revision=" . $data['params']['revision']);
exit;
}
$tpl = new Template($this->getTemplate('editor.template'));
$tpl->set("links", $links);
$tpl->set("id", $data['params']['id']);
$tpl->set("revision", $data['params']['revision']);
if (count($errors)) {
$data['template']->append('error', implode(', ', $errors));
}
$data['template']->append('content', $tpl->fetch());
// Make sure the following assets are included
$data['page']->assets->registerJavascript('/core/assets/javascript/modaldialog.js');
$data['page']->assets->registerCSS($this->localAsset('editor.css'));
$data['page']->assets->registerJavascript($this->localAsset('editor.js'));
}
}
function event_ExecuteEditor(&$data)
{
global $tree, $language;
if ($data['sheet'] == 'seo') {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$keywords = isset($_POST['keywords']) ? trim($_POST['keywords']) : '';
$description = isset($_POST['description']) ? trim($_POST['description']) : '';
$res = sql::query("\r\n\t\t\t\t\t\tREPLACE INTO \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_seo\r\n\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "',\r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\tkeywords='" . addslashes($keywords) . "',\r\n\t\t\t\t\t\t\tdescription='" . addslashes($description) . "'\r\n\t\t\t\t\t");
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
header("Location: " . url::item($data['params']['id'], 'edit') . "/seo?revision=" . $data['params']['revision']);
exit;
}
$res = sql::query("\r\n\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_seo\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t");
if (!($row = sql::fetch_array($res))) {
$row = array('keywords' => '', 'description' => '');
}
$tpl = new Template($this->getTemplate('editor.template'));
$tpl->set('seo', $row);
$tpl->set('id', $data['params']['id']);
$tpl->set("revision", $data['params']['revision']);
$data['template']->append('content', $tpl->fetch());
}
}
function updateModificationDate($id, $revision)
{
$modified = time();
$res = sql::query("\n\t\t\tUPDATE\n\t\t\t\t" . _TABLE_PREFIX_ . "contents_revisions \n\t\t\tSET\n\t\t\t\t`modified`='" . $modified . "'\n\t\t\tWHERE\n\t\t\t\t`ID` = " . $id . " AND\n\t\t\t\t`revision` = " . $revision . "\n\t\t");
if (revisions::isActiveRevision($id, $revision)) {
$res = sql::query("\n\t\t\t\tUPDATE\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents \n\t\t\t\tSET\n\t\t\t\t\t`modified`='" . $modified . "'\n\t\t\t\tWHERE\n\t\t\t\t\t`ID` = " . $id . "\n\t\t\t");
}
}
public function revisions($arguments)
{
if (!$this->hasRevisions) {
return Error::set('Revisions are not enabled for ' . $this->name . '.');
}
if (!CheckAcl::can('view' . $this->permission . 'Revisions')) {
return Error::set('You are not allowed to view ' . $this->name . ' revisions.');
}
if (empty($arguments[0])) {
return Error::set('No ' . $this->name . ' id found.');
}
$model = new $this->model(ConnectionFactory::get($this->db));
$current = $model->get($arguments[0], false, true);
$this->view['current'] = $current;
if (empty($current)) {
return Error::set('Invalid id.');
}
if (is_string($current)) {
return Error::set($current);
}
Layout::set('title', ucwords($this->name) . ' Revisions');
$revisions = new revisions(ConnectionFactory::get('mongo'));
// Start excerpt soley for reverting
$revert = $this->revert($arguments, $model, $revisions, $current);
// End excerpt
$revisions = $revisions->getForId($arguments[0]);
$this->view['revisions'] = array();
if (empty($revisions)) {
return Error::set('This entry has no revisions.');
}
$this->view['revisions'] = revisions::resolve($current, $revisions, $this->diffdFields);
}
if (!$revision) {
die('Error reading revision');
} else {
die(revisions::generateFieldDisplay($revision, $fields));
}
}
###############################################################################################################
// Build the select list
$selectARevision = "";
foreach ($revisions->getSecondaryIDs($engine->cleanGet['MYSQL']['objectID'], 'DESC') as $revisionID) {
$selectARevision .= sprintf('<option value="%s">%s</option>', $revisionID, date('D, M d, Y - h:i a', $revisionID));
}
localVars::add("selectARevision", $selectARevision);
localvars::add("formName", $form['title']);
localvars::add("objectID", $objectID);
localvars::add("currentVersion", revisions::generateFieldDisplay($object, $fields));
} catch (Exception $e) {
log::insert("Data Entry: Revision: Caught Exception", 0, 0, $e->getMessage());
errorHandle::newError($e->getMessage(), errorHandle::DEBUG);
errorHandle::errorMsg($e->getMessage());
}
localVars::add("results", displayMessages());
$engine->eTemplate("include", "header");
?>
<form id="revisionForm" action="" method="post">
{engine name="csrf"}
<input type="hidden" name="revisionID" id="revisionID" value="">
</form>
function event_ExecuteEditor(&$data)
{
global $lang, $manager;
if (isset($manager->types[$data['type']]['content']['slides']) && $data['sheet'] == 'slides') {
// Define a list of errors
$errors = array();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
mysql_query("\r\n\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_slides\r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "'\r\n\t\t\t\t\t");
if (is_array($_POST['slides'])) {
$position = 0;
while (list(, $slide) = each($_POST['slides'])) {
mysql_query("\r\n\t\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_slides \r\n\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\t\t`position` = '" . $position . "',\r\n\t\t\t\t\t\t\t\t\t`thumbnail` = '" . addslashes($slide['thumbnail']) . "', \r\n\t\t\t\t\t\t\t\t\t`image` = '" . addslashes($slide['image']) . "', \r\n\t\t\t\t\t\t\t\t\t`title` = '" . addslashes($slide['title']) . "', \r\n\t\t\t\t\t\t\t\t\t`description` = '" . addslashes($slide['description']) . "'\r\n\t\t\t\t\t\t\t");
$position++;
}
}
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
header("Location: " . url::item($data['params']['id'], 'edit') . "/slides?revision=" . $data['params']['revision']);
exit;
}
// Load...
$slides = array();
$res = mysql_query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_slides\r\n\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "'\r\n\t\t\t\t");
while ($row = mysql_fetch_array($res, MYSQL_ASSOC)) {
$row['description'] = preg_replace('/\\s+/', ' ', $row['description']);
$slides[] = $row;
}
$tpl = new Template($this->getTemplate('editor.template'));
$tpl->set("slides", $slides);
$tpl->set("id", $data['params']['id']);
$tpl->set("revision", $data['params']['revision']);
if (count($errors)) {
$data['template']->append('error', implode(', ', $errors));
}
$data['template']->append('content', $tpl->fetch());
// Make sure the following assets are included
$data['page']->assets->registerJavascript('/core/assets/javascript/modaldialog.js');
$data['page']->assets->registerCSS($this->localAsset('editor.css'));
$data['page']->assets->registerJavascript($this->localAsset('editor.js'));
}
}
function renderPanel(&$data)
{
global $tree, $language, $manager;
$tpl = new Template($this->getTemplate('panel.template'));
$groups = array();
$res = sql::query("SELECT * FROM " . _TABLE_PREFIX_ . "groups WHERE special = 0");
while ($row = sql::fetch_array($res)) {
$groups[] = $row;
}
$tpl->set("groups", $groups);
switch ($data['item']['status']) {
case 0:
$status = 'draft';
break;
case 1:
if (revisions::getActiveRevision($data['params']['id']) != revisions::getLastRevision($data['params']['id'])) {
$status = 'revision';
} else {
$status = 'published';
if ($data['item']['date']['activation'] > time()) {
$status = 'waiting';
}
if ($data['item']['date']['expiration'] > 0 && $data['item']['date']['expiration'] < time()) {
$status = 'expired';
}
}
break;
}
$tpl->set('status', $status);
$parent =& $tree->getItemById($data['item']['parent']);
$types = $manager->types($parent['type']);
$tpl->set('types', $types);
$tpl->set('item', $data['item']);
$tpl->set('type', $data['type']);
$tpl->set('sheet', $data['sheet']);
$tpl->set('id', $data['params']['id']);
$tpl->set('revision', $data['params']['revision']);
$data['template']->append('panels', $tpl->fetch());
}
function event_ExecuteEditor(&$data)
{
global $lang, $manager, $user;
if (isset($manager->types[$data['type']]['content']['form']) && $data['sheet'] == 'form') {
$structure = $this->getStructure($data['params']['id'], $data['params']['revision']);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// First delete the original...
$this->event_DeleteRevision($data['params']);
// Create the new structure
sql::query("\r\n\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_form\r\n\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "',\r\n\t\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t`button` = '" . addslashes($_REQUEST['button']) . "',\r\n\t\t\t\t\t\t\t`email` = '" . addslashes($_REQUEST['email']) . "'\r\n\t\t\t\t\t");
while (list($id, $element) = each($_REQUEST['elements'])) {
if (isset($element['options'])) {
if ($element['type'] == 'checkbox') {
$default = array();
reset($element['options']);
while (list(, $option) = each($element['options'])) {
if (isset($option['default'])) {
$default[] = $option['title'];
}
}
$element['default'] = implode(',', $default);
} else {
if ($element['default'] != '0') {
$element['default'] = $element['options'][$element['default']]['title'];
} else {
$element['default'] = '';
}
}
}
sql::query("\r\n\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_form_elements\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t`form` = '" . $data['params']['id'] . "',\r\n\t\t\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\t`order` = '" . intval($element['position']) . "',\r\n\t\t\t\t\t\t\t\t`type` = '" . addslashes($element['type']) . "',\r\n\t\t\t\t\t\t\t\t`title` = '" . addslashes($element['title']) . "',\r\n\t\t\t\t\t\t\t\t`size` = '" . intval($element['size']) . "',\r\n\t\t\t\t\t\t\t\t`default` = '" . addslashes($element['default']) . "',\r\n\t\t\t\t\t\t\t\t`action` = '" . addslashes($element['action']) . "',\r\n\t\t\t\t\t\t\t\t`required` = '" . (isset($element['required']) ? 1 : 0) . "'\r\n\t\t\t\t\t\t");
$element_id = sql::insert_id();
if (isset($element['options'])) {
reset($element['options']);
while (list(, $option) = each($element['options'])) {
sql::query("\r\n\t\t\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_form_elements_options\r\n\t\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\t\t`element` = '" . $element_id . "',\r\n\t\t\t\t\t\t\t\t\t\t`order` = '" . intval($option['order']) . "',\r\n\t\t\t\t\t\t\t\t\t\t`title` = '" . addslashes($option['title']) . "'\r\n\t\t\t\t\t\t\t\t");
}
}
}
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
header("Location: " . url::item($data['params']['id'], 'edit') . "/form?revision=" . $data['params']['revision']);
exit;
}
$tpl = new Template($this->getTemplate('editor.template'));
$tpl->set("id", $data['params']['id']);
$tpl->set("revision", $data['params']['revision']);
if ($structure) {
$tpl->set("structure", $this->getJSON($structure));
$tpl->set("email", $structure['email']);
$tpl->set("button", $structure['button']);
} else {
$tpl->set("structure", '[ ]');
$tpl->set("email", '');
$tpl->set("button", '');
}
$tpl->set("types", array('text' => $user->lang->s('typetext'), 'textarea' => $user->lang->s('typetextarea'), 'email' => $user->lang->s('typeemail'), 'select' => $user->lang->s('typeselect'), 'radio' => $user->lang->s('typeradio'), 'checkbox' => $user->lang->s('typecheckbox'), 'country' => $user->lang->s('typecountry'), 'explaination' => $user->lang->s('typeexplaination'), 'header' => $user->lang->s('typeheader'), 'button' => $user->lang->s('typebutton')));
$data['template']->append('content', $tpl->fetch());
// Make sure the following assets are included
$data['page']->assets->registerCSS($this->localAsset('editor.css'));
$data['page']->assets->registerJavascript($this->localAsset('editor.js'));
}
}
function event_ExecuteEditor(&$data)
{
global $lang, $manager, $user;
if (isset($manager->types[$data['type']]['content']['collection']) && $data['sheet'] == 'collection') {
// Retrieve story
$res = sql::query("\n\t\t\t\t\tSELECT \n\t\t\t\t\t\t*\n\t\t\t\t\tFROM \n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_collection \n\t\t\t\t\tWHERE \n\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "' AND\n\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "'\n\t\t\t\t");
if ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
$type = $row['type'];
} else {
$type = '';
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$res = sql::query("\n\t\t\t\t\t\tREPLACE INTO \n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_collection \n\t\t\t\t\t\tSET \n\t\t\t\t\t\t\t`ID` = '" . $data['params']['id'] . "', \n\t\t\t\t\t\t\t`revision` = '" . $data['params']['revision'] . "',\n\t\t\t\t\t\t\t`type` = '" . addslashes($_POST['type']) . "',\n\t\t\t\t\t\t\t`limit` = " . intval($_POST['limit']) . ",\n\t\t\t\t\t\t\t`sort` = " . (isset($_POST['reverse']) ? 0 - $_POST['sort'] : $_POST['sort']) . "\n\t\t\t\t\t");
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
header("Location: " . url::item($data['params']['id'], 'edit') . "/collection?revision=" . $data['params']['revision']);
exit;
}
$tpl = new Template($this->getTemplate('editor.template'));
$tpl->set('type', $type);
$tpl->set('limit', $row['limit']);
$tpl->set('sort', $row['sort']);
$tpl->set('types', $manager->types());
$tpl->set('id', $data['params']['id']);
$tpl->set('revision', $data['params']['revision']);
$data['template']->append('content', $tpl->fetch());
}
}
public static function update($objectID, $formID, $data, $metadata, $parentID = 0, $modifiedTime = NULL)
{
if (!is_array($data)) {
errorHandle::newError(__METHOD__ . "() - : data is not array", errorHandle::DEBUG);
return FALSE;
}
// Get the current Form
if (($form = forms::get($formID)) === FALSE) {
errorHandle::newError(__METHOD__ . "() - retrieving form by formID", errorHandle::DEBUG);
return FALSE;
}
// the form is an object form, make sure that it has an ID field defined.
if (($idnoInfo = forms::getFormIDInfo($formID)) === FALSE) {
errorHandle::newError(__METHOD__ . "() - no IDNO field for object form.", errorHandle::DEBUG);
return FALSE;
}
// begin transactions
$result = mfcs::$engine->openDB->transBegin("objects");
if ($result !== TRUE) {
errorHandle::newError(__METHOD__ . "() - unable to start database transactions", errorHandle::DEBUG);
return FALSE;
}
// place old version into revision control
// excluding metadata objects
if ($metadata == 0) {
$rcs = revisions::create();
$return = $rcs->insertRevision($objectID);
if ($return !== TRUE) {
mfcs::$engine->openDB->transRollback();
mfcs::$engine->openDB->transEnd();
errorHandle::newError(__METHOD__ . "() - unable to insert revisions", errorHandle::DEBUG);
return FALSE;
}
}
// insert new version
$sql = sprintf("UPDATE `objects` SET `parentID`='%s', `data`='%s', `formID`='%s', `metadata`='%s', `modifiedTime`='%s', `modifiedBy`='%s' WHERE `ID`='%s'", isset(mfcs::$engine->cleanPost['MYSQL']['parentID']) ? mfcs::$engine->cleanPost['MYSQL']['parentID'] : mfcs::$engine->openDB->escape($parentID), encodeFields($data), mfcs::$engine->openDB->escape($formID), mfcs::$engine->openDB->escape($metadata), isnull($modifiedTime) ? time() : $modifiedTime, mfcs::$engine->openDB->escape(users::user('ID')), mfcs::$engine->openDB->escape($objectID));
$sqlResult = mfcs::$engine->openDB->query($sql);
if (!$sqlResult['result']) {
mfcs::$engine->openDB->transRollback();
mfcs::$engine->openDB->transEnd();
errorHandle::newError(__METHOD__ . "() - " . $sql . " -- " . $sqlResult['error'], errorHandle::DEBUG);
return FALSE;
}
// Insert into the new data table
if (self::insertObjectData($objectID, $data, $formID) === FALSE) {
mfcs::$engine->openDB->transRollback();
mfcs::$engine->openDB->transEnd();
errorHandle::newError(__METHOD__ . "() - inserting objects", errorHandle::DEBUG);
return FALSE;
}
// Update duplicate matching table
if (duplicates::updateDupeTable($formID, $objectID, $data) === FALSE) {
mfcs::$engine->openDB->transRollback();
mfcs::$engine->openDB->transEnd();
errorHandle::newError(__METHOD__ . "() - updating dupe matching", errorHandle::DEBUG);
return FALSE;
}
// if it is an object form (not a metadata form)
// do the IDNO stuff
// We only have to do this if the IDNO is managed by the user
if ($form['metadata'] == "0" && $idnoInfo['managedBy'] != "system") {
// the form is an object form, make sure that it has an ID field defined.
if (($idnoInfo = forms::getFormIDInfo($formID)) === FALSE) {
errorHandle::newError(__METHOD__ . "() - no IDNO field for object form.", errorHandle::DEBUG);
return FALSE;
}
$idno = isset(mfcs::$engine->cleanPost['MYSQL']['idno']) && !isempty(mfcs::$engine->cleanPost['MYSQL']['idno']) ? mfcs::$engine->cleanPost['MYSQL']['idno'] : self::getIDNOForObjectID($objectID);
if ($idno === FALSE || isempty($idno)) {
mfcs::$engine->openDB->transRollback();
mfcs::$engine->openDB->transEnd();
return FALSE;
}
if (!self::updateIDNO($objectID, $idno)) {
mfcs::$engine->openDB->transRollback();
mfcs::$engine->openDB->transEnd();
errorHandle::newError(__METHOD__ . "() - updating the IDNO: " . $sqlResult['error'], errorHandle::DEBUG);
return FALSE;
}
}
// end transactions
mfcs::$engine->openDB->transCommit();
mfcs::$engine->openDB->transEnd();
return TRUE;
}
function event_ExecuteEditor(&$data)
{
global $lang, $manager;
if (isset($manager->types[$data['type']]['content']['files']) && ($data['sheet'] == 'attachments' || $data['sheet'] == 'files')) {
if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'list') {
$tpl = new Template($this->getTemplate('json.template'));
if ($data['sheet'] == 'files') {
$tpl->set("files", $this->_files_list($data['params']['id'], $data['params']['revision']));
} else {
$tpl->set("files", $this->_attachments_list($data['params']['id'], $data['params']['revision']));
}
echo $tpl->fetch();
exit;
}
if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'delete') {
$res = sql::query("\r\n\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t* \r\n\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND \r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "' AND \r\n\t\t\t\t\t\t\tfilename='" . addslashes($_POST['delete']) . "'\r\n\t\t\t\t\t");
if ($row = sql::fetch_array($res)) {
$directory = _BASE_MEDIA_ . 'files/';
if (file_exists($directory . $row['filename'])) {
unlink($directory . $row['filename']);
}
$res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND \r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "' AND \r\n\t\t\t\t\t\t\t\tfilename='" . addslashes($row['filename']) . "'\r\n\t\t\t\t\t\t");
}
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
exit;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_REQUEST['files']) && is_array($_REQUEST['files'])) {
// Update title and position
while (list($id, $file) = each($_REQUEST['files'])) {
$res = sql::query("\r\n\t\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\ttitle='" . addslashes($file['title']) . "',\r\n\t\t\t\t\t\t\t\t\tposition='" . addslashes($file['position']) . "'\r\n\t\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND \r\n\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "' AND \r\n\t\t\t\t\t\t\t\t\tfilename='" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t");
}
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
}
if (isset($_FILES['Filedata'])) {
$flashUsed = preg_match('/Flash/i', $_SERVER['HTTP_USER_AGENT']);
if ($_FILES['Filedata']['error'] == UPLOAD_ERR_OK && is_uploaded_file($_FILES['Filedata']['tmp_name'])) {
$directory = _BASE_MEDIA_ . 'files/';
$original = $_FILES['Filedata']['name'];
$contenttype = files::getCleanContentType($_FILES['Filedata']['type'], $_FILES['Filedata']['name']);
$filename = files::getUniqueName($contenttype, $directory);
if (files::allowedContentType($contenttype)) {
// Insert into database...
@move_uploaded_file($_FILES['Filedata']['tmp_name'], $directory . $filename);
$attachment = $data['sheet'] == 'files' ? 0 : 1;
$res = sql::query("\r\n\t\t\t\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t\t\t\t*\r\n\t\t\t\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\t\tID = " . $data['params']['id'] . " AND\r\n\t\t\t\t\t\t\t\t\t\trevision = " . $data['params']['revision'] . " AND\r\n\t\t\t\t\t\t\t\t\t\tattachment = " . $attachment . "\r\n\t\t\t\t\t\t\t\t\tORDER BY\r\n\t\t\t\t\t\t\t\t\t\tposition DESC\r\n\t\t\t\t\t\t\t\t\tLIMIT 1\r\n\t\t\t\t\t\t\t\t");
if ($row = sql::fetch_array($res)) {
$position = $row['position'] + 1;
} else {
$position = 0;
}
$res = sql::query("\r\n\t\t\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "', \r\n\t\t\t\t\t\t\t\t\t\tfilename='" . addslashes($filename) . "', \r\n\t\t\t\t\t\t\t\t\t\tname='" . addslashes($original) . "',\r\n\t\t\t\t\t\t\t\t\t\ttype='" . addslashes($contenttype) . "', \r\n\t\t\t\t\t\t\t\t\t\ttitle='" . addslashes($original) . "',\r\n\t\t\t\t\t\t\t\t\t\tsize='" . addslashes($_FILES['Filedata']['size']) . "',\r\n\t\t\t\t\t\t\t\t\t\tposition='" . $position . "',\r\n\t\t\t\t\t\t\t\t\t\tattachment='" . $attachment . "',\r\n\t\t\t\t\t\t\t\t\t\tmodified=NOW()\r\n\t\t\t\t\t\t\t\t");
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
if (!$flashUsed) {
header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
} else {
// Workaround for a Flash bug on OS X.. We need to send back content... any content will do
echo " ";
flush();
}
} else {
if ($flashUsed) {
header("HTTP/1.1 415 Unsupported Media Type");
header("Status: 415 Unsupported Media Type");
} else {
header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
}
}
exit;
} else {
switch ($_FILES['Filedata']['error']) {
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
if ($flashUsed) {
header("HTTP/1.1 413 Request Entity Too Large");
header("Status: 413 Request Entity Too Large");
} else {
header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
}
break;
case UPLOAD_ERR_NO_FILE:
case UPLOAD_ERR_PARTIAL:
if ($flashUsed) {
header("HTTP/1.1 400 Bad Request");
header("Status: 400 Bad Request");
} else {
header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
}
break;
case UPLOAD_ERR_NO_TMP_DIR:
case UPLOAD_ERR_CANT_WRITE:
case UPLOAD_ERR_EXTENSION:
default:
if ($flashUsed) {
header("HTTP/1.1 500 Internal Error");
header("Status: 500 Internal Error");
} else {
header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
}
break;
}
exit;
}
}
header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
exit;
}
$tpl = new Template($this->getTemplate('editor.template'));
if ($data['sheet'] == 'files') {
$tpl->set("files", $this->_files_list($data['params']['id'], $data['params']['revision']));
} else {
$tpl->set("files", $this->_attachments_list($data['params']['id'], $data['params']['revision']));
}
$tpl->set("id", $data['params']['id']);
$tpl->set("revision", $data['params']['revision']);
$tpl->set("filemask", files::getFilemask());
$tpl->set("ticket", ticket::generate($data['params']['id']));
$tpl->set("sheet", $data['sheet']);
$data['template']->append('content', $tpl->fetch());
// Make sure the following assets are included
$data['page']->assets->registerJavascript('/core/assets/javascript/plugin.js');
$data['page']->assets->registerJavascript('/core/assets/javascript/flash.js');
$data['page']->assets->registerJavascript('/core/assets/javascript/upload.js');
$data['page']->assets->registerJavascript('/core/assets/javascript/progress.js');
$data['page']->assets->registerCSS($this->localAsset('editor.css'));
$data['page']->assets->registerJavascript($this->localAsset('editor.js'));
}
}
function action_create($args)
{
global $manager, $tree, $user, $lang;
/* Decode argumenst */
$id = array_shift($args);
$item =& $tree->getItemById($id);
$id = $item['id'];
if (!$tree->_hasRights('create', $item['rights'])) {
header('Location: ' . url::item($id));
exit;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Determine the type of the page
$type = $_POST['childtype'];
if (isset($_POST['location']) && $_POST['location'] == 'sibling') {
// Overwrite the type of the page
$type = $_POST['siblingtype'];
if ($item['parent'] > 0) {
// Set the item to its parent an continue...
$item =& $tree->getItemById($item['parent']);
} else {
$position = 0;
reset($tree->tree);
while (list($k, ) = each($tree->tree)) {
if ($tree->tree[$k]['id'] != 'admin') {
$position = max($position, $tree->tree[$k]['position']);
}
}
$position++;
if (isset($_POST['language'])) {
$language = $_POST['language'];
} else {
$language = $tree->language;
}
if (isset($_POST['name'])) {
$name = $_POST['name'];
} else {
$name = $user->lang->s('untitled');
}
$slug = strtolower($name);
$slug = preg_replace('/(\\s+|_)/i', '-', $slug);
$slug = preg_replace('/[^a-z0-9\\-]/i', '', $slug);
$base = explode('/', $GLOBALS['HASH_URLS'][$data['params']['id']]);
array_shift($base);
$unique = false;
while (!$unique) {
$url = implode('/', array_merge($base, array($slug)));
if (isset($GLOBALS['HASH_IDS'][$url])) {
if (preg_match('/^(.*)-([0-9]+)$/i', $slug, $matches)) {
$slug = $matches[1] . '-' . (intval($matches[2]) + 1);
} else {
$slug = $slug . '-2';
}
} else {
$unique = true;
}
}
treeStorage::startTransaction();
list($left, $right) = treeStorage::prepareForInsert(0, $language);
$res = sql::query("\r\n\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t`parent`='',\r\n\t\t\t\t\t\t\t\t`left`='" . $left . "',\r\n\t\t\t\t\t\t\t\t`right`='" . $right . "',\r\n\t\t\t\t\t\t\t\t`site`='" . _DEFAULT_SITE_ . "',\r\n\t\t\t\t\t\t\t\t`name`='" . addslashes($name) . "',\r\n\t\t\t\t\t\t\t\t`title`='',\r\n\t\t\t\t\t\t\t\t`slug`='" . addslashes($slug) . "',\r\n\t\t\t\t\t\t\t\t`type`='" . $type . "',\r\n\t\t\t\t\t\t\t\t`status`='0',\r\n\t\t\t\t\t\t\t\t`revision`=0,\r\n\t\t\t\t\t\t\t\t`position`='" . $position . "',\r\n\t\t\t\t\t\t\t\t`language`='" . $language . "',\r\n\t\t\t\t\t\t\t\t`author`='" . $user->id . "',\r\n\t\t\t\t\t\t\t\t`r_view`='3',\r\n\t\t\t\t\t\t\t\t`r_view_inv`='0',\r\n\t\t\t\t\t\t\t\t`r_edit`='6',\r\n\t\t\t\t\t\t\t\t`r_edit_inv`='0',\r\n\t\t\t\t\t\t\t\t`r_create`='6',\r\n\t\t\t\t\t\t\t\t`r_create_inv`='0',\r\n\t\t\t\t\t\t\t\t`r_admin`='6',\r\n\t\t\t\t\t\t\t\t`r_admin_inv`='0',\r\n\t\t\t\t\t\t\t\t`created`='" . time() . "',\r\n\t\t\t\t\t\t\t\t`modified`='" . time() . "',\r\n\t\t\t\t\t\t\t\t`visible`='1'\r\n\t\t\t\t\t\t");
treeStorage::stopTransaction();
$id = sql::insert_id();
/* Create the first revision */
revisions::doCreatePage($id);
header("Location: " . url::item($id, 'edit'));
exit;
}
}
// Create the page
$position = 0;
if (isset($item['children'])) {
reset($item['children']);
while (list($k, ) = each($item['children'])) {
$position = max($position, $item['children'][$k]['position']);
}
}
$position++;
if (isset($_POST['language'])) {
$language = $_POST['language'];
} else {
$language = $tree->language;
}
if (isset($_POST['name'])) {
$name = $_POST['name'];
} else {
$name = $user->lang->s('untitled');
}
$slug = strtolower($name);
$slug = preg_replace('/(\\s+|_)/i', '-', $slug);
$slug = preg_replace('/[^a-z0-9\\-]/i', '', $slug);
$base = explode('/', $GLOBALS['HASH_URLS'][$data['params']['id']]);
array_shift($base);
while (!$unique) {
$url = implode('/', array_merge($base, array($slug)));
if (isset($GLOBALS['HASH_IDS'][$url])) {
if (preg_match('/^(.*)-([0-9]+)$/i', $slug, $matches)) {
$slug = $matches[1] . '-' . (intval($matches[2]) + 1);
} else {
$slug = $slug . '-2';
}
} else {
$unique = true;
}
}
// Newly created items have the same
// writing and creation rights as their
// parents...
$r_view = $item['rights']['r_view'];
$r_edit = $item['rights']['r_create'];
$r_create = $item['rights']['r_create'];
$r_admin = $item['rights']['r_create'];
if ($item['rights']['r_create'] != $item['rights']['r_admin']) {
// Check if we are trying to create this page
// with admin rights, or with create rights.
if ($tree->_hasRights('create', $item['rights']) && !$tree->_hasRights('create', $item['rights'], true)) {
$r_admin = $item['rights']['r_admin'];
}
}
treeStorage::startTransaction();
list($left, $right) = treeStorage::prepareForInsert($item['id'], $language);
sql::query("\r\n\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\t\tSET\r\n\t\t\t\t\t\t`parent`='" . $item['id'] . "',\r\n\t\t\t\t\t\t`left`='" . $left . "',\r\n\t\t\t\t\t\t`right`='" . $right . "',\r\n\t\t\t\t\t\t`site`='" . _DEFAULT_SITE_ . "',\r\n\t\t\t\t\t\t`name`='" . addslashes($name) . "',\r\n\t\t\t\t\t\t`title`='',\r\n\t\t\t\t\t\t`slug`='" . addslashes($slug) . "',\r\n\t\t\t\t\t\t`type`='" . $type . "',\r\n\t\t\t\t\t\t`status`='0',\r\n\t\t\t\t\t\t`position`='" . $position . "',\r\n\t\t\t\t\t\t`language`='" . $language . "',\r\n\t\t\t\t\t\t`author`='" . $user->id . "',\r\n\t\t\t\t\t\t`r_view`='" . $r_view . "',\r\n\t\t\t\t\t\t`r_view_inv`='0',\r\n\t\t\t\t\t\t`r_edit`='" . $r_edit . "',\r\n\t\t\t\t\t\t`r_edit_inv`='0',\r\n\t\t\t\t\t\t`r_create`='" . $r_create . "',\r\n\t\t\t\t\t\t`r_create_inv`='0',\r\n\t\t\t\t\t\t`r_admin`='" . $r_admin . "',\r\n\t\t\t\t\t\t`r_admin_inv`='0',\r\n\t\t\t\t\t\t`created`='" . time() . "',\r\n\t\t\t\t\t\t`modified`='" . time() . "',\r\n\t\t\t\t\t\t`visible`='1'\r\n\t\t\t\t");
treeStorage::stopTransaction();
$id = sql::insert_id();
/* Create the first revision */
revisions::doCreatePage($id);
header("Location: " . url::item($id, 'edit'));
exit;
} else {
if (is_null($item)) {
$siblingAllowed = false;
$siblingTypes = $manager->types();
if ($user->memberof(6)) {
$siblingAllowed = count($siblingTypes) ? true : false;
}
$childAllowed = false;
$childTypes = array();
} else {
$childTypes = $manager->types($item['type']);
$childAllowed = count($childTypes) ? true : false;
$siblingAllowed = false;
$siblingTypes = array();
if ($item['parent'] > 0) {
$parent =& $tree->getItemById($item['parent']);
if ($parent && $tree->_hasRights('create', $parent['rights'])) {
$siblingAllowed = true;
}
$siblingTypes = $manager->types($parent['type']);
} else {
$siblingTypes = $manager->types();
}
if ($user->memberof(6)) {
$siblingAllowed = true;
}
if (!$id) {
$siblingAllowed = false;
}
}
$tpl = new Template($this->getTemplate('create.template'));
$tpl->set('childTypes', $childTypes);
$tpl->set('childAllowed', $childAllowed);
$tpl->set('siblingTypes', $siblingTypes);
$tpl->set('siblingAllowed', $siblingAllowed);
$tpl->set('name', $user->lang->s('untitled'));
$tpl->set('id', $id);
echo $tpl->fetch();
exit;
}
}
function _duplicateItem($from, $parent, $position = null)
{
global $manager, $lang;
$res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t*\r\n\t\t\t\tFROM \r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\tWHERE \r\n\t\t\t\t\tID = '" . $from . "'\r\n\t\t\t");
if ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
$slug = strtolower($row['name']);
$slug = preg_replace('/(\\s+|_)/i', '-', $slug);
$slug = preg_replace('/[^a-z0-9\\-]/i', '', $slug);
$base = explode('/', $GLOBALS['HASH_URLS'][$from]);
array_pop($base);
$unique = false;
while (!$unique) {
$url = implode('/', array_merge($base, array($slug)));
if (isset($GLOBALS['HASH_IDS'][$url])) {
if (preg_match('/^(.*)-([0-9]+)$/i', $slug, $matches)) {
$slug = $matches[1] . '-' . (intval($matches[2]) + 1);
} else {
$slug = $slug . '-2';
}
} else {
$unique = true;
}
}
if ($position == null) {
$position = $row['position'];
}
treeStorage::startTransaction();
list($left, $right) = treeStorage::prepareForInsert($parent, $row['language']);
sql::query("\r\n\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\t\tSET \r\n\t\t\t\t\t\t`parent`='" . $parent . "', \r\n\t\t\t\t\t\t`left`='" . $left . "',\r\n\t\t\t\t\t\t`right`='" . $right . "',\r\n\t\t\t\t\t\t`site`='" . $row['site'] . "',\r\n\t\t\t\t\t\t`name`='" . addslashes($row['name']) . "',\r\n\t\t\t\t\t\t`title`='" . addslashes($row['title']) . "',\r\n\t\t\t\t\t\t`slug`='" . addslashes($slug) . "',\r\n\t\t\t\t\t\t`type`='" . addslashes($row['type']) . "',\r\n\t\t\t\t\t\t`revision`='" . $row['revision'] . "',\r\n\t\t\t\t\t\t`set`=" . $row['set'] . ",\r\n\t\t\t\t\t\t`position`=" . $position . ",\r\n\t\t\t\t\t\t`r_view`=" . $row['r_view'] . ",\r\n\t\t\t\t\t\t`r_view_inv`=" . $row['r_view_inv'] . ",\r\n\t\t\t\t\t\t`r_edit`=" . $row['r_edit'] . ",\r\n\t\t\t\t\t\t`r_edit_inv`=" . $row['r_edit_inv'] . ",\r\n\t\t\t\t\t\t`r_create`=" . $row['r_create'] . ",\r\n\t\t\t\t\t\t`r_create_inv`=" . $row['r_create_inv'] . ",\r\n\t\t\t\t\t\t`r_admin`=" . $row['r_admin'] . ",\r\n\t\t\t\t\t\t`r_admin_inv`=" . $row['r_admin_inv'] . ",\r\n\t\t\t\t\t\t`author`=" . $row['author'] . ",\r\n\t\t\t\t\t\t`language`='" . addslashes($row['language']) . "',\r\n\t\t\t\t\t\t`activation`=" . $row['activation'] . ",\r\n\t\t\t\t\t\t`expiration`=" . $row['expiration'] . ",\r\n\t\t\t\t\t\t`created`=" . time() . ",\r\n\t\t\t\t\t\t`modified`=" . time() . ",\r\n\t\t\t\t\t\t`visible`=" . $row['visible'] . ",\r\n\t\t\t\t\t\t`status`=" . $row['status'] . "\r\n\t\t\t\t");
treeStorage::stopTransaction();
$to = sql::insert_id();
/* Copy the plugin data */
$duplicate = array('from' => $from, 'to' => $to);
$manager->handleEvent('DuplicateItem', $duplicate);
/* Copy the revision history */
revisions::doDuplicatePage($from, $to);
/* Duplicate pages recursively */
$res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM \r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents\r\n\t\t\t\t\tWHERE \r\n\t\t\t\t\t\tparent = '" . $from . "'\r\n\t\t\t\t");
while ($row = sql::fetch_array($res, MYSQL_ASSOC)) {
$this->_duplicateItem($row['ID'], $to);
}
return $to;
}
}
function event_ExecuteEditor(&$data)
{
global $lang, $manager;
if (isset($manager->types[$data['type']]['content']['movie']) && $data['sheet'] == 'movie') {
if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'list') {
$res = sql::query("\r\n\t\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t\t*\r\n\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t");
$tpl = new Template($this->getTemplate('json.template'));
if ($movie = sql::fetch_array($res)) {
$tpl->set("movie", $movie);
}
echo $tpl->fetch();
exit;
}
if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'delete') {
$res = sql::query("\r\n\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t* \r\n\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t");
if ($row = sql::fetch_array($res)) {
$directory = _BASE_MEDIA_ . 'movies/';
if (file_exists($directory . $row['filename'])) {
unlink($directory . $row['filename']);
}
$res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t\t");
}
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
exit;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
/* Upload */
if (isset($_FILES['Filedata'])) {
if ($_FILES['Filedata']['error'] == UPLOAD_ERR_OK && is_uploaded_file($_FILES['Filedata']['tmp_name'])) {
$directory = _BASE_MEDIA_ . 'movies/';
$original = $_FILES['Filedata']['name'];
$contenttype = files::getCleanContentType($_FILES['Filedata']['type'], $_FILES['Filedata']['name']);
$filename = files::getUniqueName($contenttype, $directory);
if (files::allowedContentType($contenttype, 'movie')) {
// Insert into database...
move_uploaded_file($_FILES['Filedata']['tmp_name'], $directory . $filename);
$res = sql::query("\r\n\t\t\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie \r\n\t\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\t\t\tfilename='" . addslashes($filename) . "', \r\n\t\t\t\t\t\t\t\t\t\tname='" . addslashes($original) . "',\r\n\t\t\t\t\t\t\t\t\t\ttype='" . addslashes($contenttype) . "', \r\n\t\t\t\t\t\t\t\t\t\tsize='" . addslashes($_FILES['Filedata']['size']) . "',\r\n\t\t\t\t\t\t\t\t\t\twidth=320,\r\n\t\t\t\t\t\t\t\t\t\theight=240,\r\n\t\t\t\t\t\t\t\t\t\tautostart=0\r\n\t\t\t\t\t\t\t\t");
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
// Workaround for a Flash bug on OS X.. We need to send back content... any content will do
echo " ";
flush();
exit;
} else {
header("HTTP/1.1 415 Unsupported Media Type");
header("Status: 415 Unsupported Media Type");
exit;
}
} else {
switch ($_FILES['Filedata']['error']) {
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
header("HTTP/1.1 413 Request Entity Too Large");
header("Status: 413 Request Entity Too Large");
exit;
case UPLOAD_ERR_NO_FILE:
case UPLOAD_ERR_PARTIAL:
default:
header("HTTP/1.1 400 Bad Request");
header("Status: 400 Bad Request");
exit;
}
}
} else {
// Update size and autostart
$autostart = isset($_REQUEST['autostart']) ? intval($_REQUEST['autostart']) : 0;
$width = isset($_REQUEST['size']) ? intval($_REQUEST['size']) : 320;
switch ($width) {
case 320:
$height = 240;
case 640:
$height = 480;
default:
$height = round($width / 4 * 3);
}
$res = sql::query("\r\n\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\twidth='" . addslashes($width) . "',\r\n\t\t\t\t\t\t\t\theight='" . addslashes($height) . "',\r\n\t\t\t\t\t\t\t\tautostart='" . addslashes($autostart) . "'\r\n\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t\t");
}
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
header("Location: " . url::item($data['params']['id'], 'edit') . "/movie?revision=" . $data['params']['revision']);
exit;
}
$res = sql::query("\r\n\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t");
$tpl = new Template($this->getTemplate('editor.template'));
if ($movie = sql::fetch_array($res)) {
$tpl->set("movie", $movie);
}
$tpl->set("id", $data['params']['id']);
$tpl->set("revision", $data['params']['revision']);
$tpl->set("filemask", files::getFilemask('movie'));
$tpl->set("ticket", ticket::generate($data['params']['id']));
$data['template']->append('content', $tpl->fetch());
// Make sure the following assets are included
$data['page']->assets->registerJavascript('/core/assets/javascript/plugin.js');
$data['page']->assets->registerJavascript('/core/assets/javascript/flash.js');
$data['page']->assets->registerJavascript('/core/assets/javascript/upload.js');
$data['page']->assets->registerJavascript('/core/assets/javascript/progress.js');
$data['page']->assets->registerJavascript($this->localAsset('editor.js'));
$data['page']->assets->registerJavascript($this->localAsset('player.js'));
}
}
function action_view($args)
{
global $manager, $tree, $config, $user, $lang;
// If no arguments are provided redirect
if (!count($args)) {
$id = $tree->getHome();
if (!is_null($id)) {
header('Location: ' . url::item($id));
exit;
}
// There are no pages
$id = 0;
$type = '';
$ext = '';
$item = null;
if ($user->admin()) {
// Allow admins to add pages...
$action = 'edit';
$page = new admin();
// Notify plugins of a PreSkinParse event;
$data = array('page' => &$page, 'template' => &$page->template, 'type' => $type, 'params' => array('action' => $action, 'id' => $id, 'ext' => $ext, 'args' => $args));
$manager->handleEvent('PreSkinParse', $data);
$page->show();
exit;
} else {
if ($lang->id != _DEFAULT_LANGUAGE_) {
// Redirect to the default language
header('Location: ' . url::language(_DEFAULT_LANGUAGE_));
} else {
// Show error message that website is offline
$config = new config();
$lang = new language(_DEFAULT_LANGUAGE_, _DEFAULT_SITE_, true);
$page = new theme();
$page->showError(_OFFLINE_MESSAGE_, 4);
}
}
} else {
// Decode argumenst
$id = array_shift($args);
// Check if the id contains an file extension
if (preg_match('/(.*)\\.([a-z0-9]+)$/i', $id, $matches)) {
$id = $matches[1];
$ext = $matches[2];
} else {
$ext = '';
}
// Load the page
$item =& $tree->getItemById($id);
$id = $item['id'];
$type = $item['type'];
$action = 'view';
// Setup Theme
$page = new theme($id, $type);
}
// Notify plugins of a PreSkinParse event;
$data = array('page' => &$page, 'template' => &$page->template, 'type' => $type, 'params' => array('action' => $action, 'id' => $id, 'ext' => $ext, 'args' => $args));
$manager->handleEvent('PreSkinParse', $data);
// Handle authorisation
$ticket = false;
if (isset($_REQUEST['ticket'])) {
if (ticket::authorize($_REQUEST['ticket']) == $data['params']['id']) {
$ticket = true;
}
}
if ($ticket || $tree->_hasRights('view', $item['rights'])) {
$page->title->set($item['name']);
if ($item['title'] != '') {
$page->title->set($item['title']);
}
$manager->handleType($type, $data);
$page->template->set('action', $action);
$page->template->set('id', $id);
$page->template->set('slug', isset($item['slug']) ? $item['slug'] : '');
$page->template->set('type', $type);
if (isset($item)) {
if (!isset($manager->types[$item['type']]['generated']) || !$manager->types[$item['type']]['generated']) {
if ($config->get('showLastModified')) {
$page->template->set('modified', revisions::getModificationDate($id, $item['revision']));
}
}
}
} else {
if ($config->get('redirectToLogin') && $user->anonymous()) {
array_unshift($args, $id);
$manager->handleAction('login', $args);
//header ('Location: ' . url::item($id, 'login'));
exit;
} else {
$page->template->set('error', $lang->s('notenoughrights'));
}
}
$page->show();
}