function section_edit() { global $event, $step, $txp_user, $all_pages, $all_styles; $name = gps('name'); $is_edit = $name && $step == 'section_edit'; if ($is_edit) { $name = assert_string($name); $rs = safe_row('*', 'txp_section', "name = '" . doSlash($name) . "'"); } else { $rs = array_flip(getThings('describe `' . PFX . 'txp_section`')); } if ($rs) { if (!has_privs('section.edit')) { sec_section_list(gTxt('restricted_area')); return; } pagetop(gTxt('tab_sections')); extract($rs, EXTR_PREFIX_ALL, 'sec'); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); $is_default_section = $is_edit && $sec_name == 'default'; $caption = gTxt($is_default_section ? 'edit_default_section' : ($is_edit ? 'edit_section' : 'create_section')); if (!$is_edit) { // Pulling out the radio items from the default entry might seem pointless since they can't be directly // edited, but they will take on either: // a) the default (SQL) values as defined at table creation time, or // b) the values set when a multi-edit was performed that included the default section (because the values are silently updated then) $default = doSlash(safe_row('page, css, on_frontpage, in_rss, searchable', 'txp_section', "name = 'default'")); $sec_name = $sec_title = ''; $sec_page = $default['page']; $sec_css = $default['css']; $sec_on_frontpage = $default['on_frontpage']; $sec_in_rss = $default['in_rss']; $sec_searchable = $default['searchable']; } echo '<div id="' . $event . '_container" class="txp-container">'; echo form('<div class="txp-edit">' . hed($caption, 2) . ($is_default_section ? hInput('name', 'default') : inputLabel('section_name', fInput('text', 'name', $sec_name, '', '', '', INPUT_REGULAR, '', 'section_name'), 'section_name')) . ($is_default_section ? '' : inputLabel('section_title', fInput('text', 'title', $sec_title, '', '', '', INPUT_REGULAR, '', 'section_title'), 'section_longtitle')) . inputLabel('section_page', selectInput('section_page', $all_pages, $sec_page, '', '', 'section_page'), 'uses_page', 'section_uses_page') . inputLabel('section_css', selectInput('css', $all_styles, $sec_css, '', '', 'section_css'), 'uses_style', 'section_uses_css') . ($is_default_section ? '' : inputLabel('on_front_page', yesnoradio('on_frontpage', $sec_on_frontpage, '', $sec_name), '', 'section_on_frontpage')) . ($is_default_section ? '' : inputLabel('syndicate', yesnoradio('in_rss', $sec_in_rss, '', $sec_name), '', 'section_syndicate')) . ($is_default_section ? '' : inputLabel('include_in_search', yesnoradio('searchable', $sec_searchable, '', $sec_name), '', 'section_searchable')) . pluggable_ui('section_ui', 'extend_detail_form', '', $rs) . graf(fInput('submit', '', gTxt('save'), 'publish')) . eInput('section') . sInput('section_save') . hInput('old_name', $sec_name) . hInput('search_method', $search_method) . hInput('crit', $crit) . hInput('page', $page) . hInput('sort', $sort) . hInput('dir', $dir) . '</div>', '', '', 'post', 'edit-form', '', 'section_details'); echo '</div>'; } }
/** * Saves or clones a page template. */ function page_save() { extract(doSlash(array_map('assert_string', psa(array('savenew', 'html', 'copy'))))); $name = sanitizeForPage(assert_string(ps('name'))); $newname = sanitizeForPage(assert_string(ps('newname'))); $save_error = false; $message = ''; if (!$newname) { $message = array(gTxt('page_name_invalid'), E_ERROR); $save_error = true; } else { if ($copy && $name === $newname) { $newname .= '_copy'; $_POST['newname'] = $newname; } $exists = safe_field("name", 'txp_page', "name = '" . doSlash($newname) . "'"); if ($newname !== $name && $exists !== false) { $message = array(gTxt('page_already_exists', array('{name}' => $newname)), E_ERROR); if ($savenew) { $_POST['newname'] = ''; } $save_error = true; } else { if ($savenew or $copy) { if ($newname) { if (safe_insert('txp_page', "name = '" . doSlash($newname) . "', user_html = '{$html}'")) { update_lastmod('page_created', compact('newname', 'name', 'html')); $message = gTxt('page_created', array('{name}' => $newname)); } else { $message = array(gTxt('page_save_failed'), E_ERROR); $save_error = true; } } else { $message = array(gTxt('page_name_invalid'), E_ERROR); $save_error = true; } } else { if (safe_update('txp_page', "user_html = '{$html}', name = '" . doSlash($newname) . "'", "name = '" . doSlash($name) . "'")) { safe_update('txp_section', "page = '" . doSlash($newname) . "'", "page = '" . doSlash($name) . "'"); update_lastmod('page_saved', compact('newname', 'name', 'html')); $message = gTxt('page_updated', array('{name}' => $name)); } else { $message = array(gTxt('page_save_failed'), E_ERROR); $save_error = true; } } } } if ($save_error === true) { $_POST['save_error'] = '1'; } else { callback_event('page_saved', '', 0, $name, $newname); } page_edit($message); }
function page_save() { extract(doSlash(array_map('assert_string', gpsa(array('savenew', 'html', 'copy'))))); $name = sanitizeForPage(assert_string(gps('name'))); if ($savenew or $copy) { $newname = doSlash(sanitizeForPage(assert_string(gps('newname')))); if ($newname and safe_field('name', 'txp_page', "name = '{$newname}'")) { $message = array(gTxt('page_already_exists', array('{name}' => $newname)), E_ERROR); if ($savenew) { $_POST['newname'] = ''; } } elseif ($newname) { if (safe_insert('txp_page', "name = '{$newname}', user_html = '{$html}'")) { update_lastmod(); $message = gTxt('page_created', array('{name}' => $newname)); } else { $message = array(gTxt('page_save_failed'), E_ERROR); } } else { $message = array(gTxt('page_name_invalid'), E_ERROR); } page_edit($message); } else { if (safe_update('txp_page', "user_html = '{$html}'", "name = '{$name}'")) { update_lastmod(); $message = gTxt('page_updated', array('{name}' => $name)); } else { $message = array(gTxt('page_save_failed'), E_ERROR); } page_edit($message); } }
/** * Saves a form template. */ function form_save() { global $essential_forms, $form_types; extract(doSlash(array_map('assert_string', psa(array('savenew', 'Form', 'type', 'copy'))))); $name = sanitizeForPage(assert_string(ps('name'))); $newname = sanitizeForPage(assert_string(ps('newname'))); $save_error = false; $message = ''; if (in_array($name, $essential_forms)) { $newname = $name; $type = fetch('type', 'txp_form', 'name', $newname); $_POST['newname'] = $newname; } if (!$newname) { $message = array(gTxt('form_name_invalid'), E_ERROR); $save_error = true; } else { if (!isset($form_types[$type])) { $message = array(gTxt('form_type_missing'), E_ERROR); $save_error = true; } else { if ($copy && $name === $newname) { $newname .= '_copy'; $_POST['newname'] = $newname; } $exists = safe_field('name', 'txp_form', "name = '" . doSlash($newname) . "'"); if ($newname !== $name && $exists !== false) { $message = array(gTxt('form_already_exists', array('{name}' => $newname)), E_ERROR); if ($savenew) { $_POST['newname'] = ''; } $save_error = true; } else { if ($savenew or $copy) { if ($newname) { if (safe_insert('txp_form', "Form = '{$Form}',\n type = '{$type}',\n name = '" . doSlash($newname) . "'")) { update_lastmod(); $message = gTxt('form_created', array('{name}' => $newname)); } else { $message = array(gTxt('form_save_failed'), E_ERROR); $save_error = true; } } else { $message = array(gTxt('form_name_invalid'), E_ERROR); $save_error = true; } } else { if (safe_update('txp_form', "Form = '{$Form}',\n type = '{$type}',\n name = '" . doSlash($newname) . "'", "name = '" . doSlash($name) . "'")) { update_lastmod(); $message = gTxt('form_updated', array('{name}' => $name)); } else { $message = array(gTxt('form_save_failed'), E_ERROR); $save_error = true; } } } } } if ($save_error === true) { $_POST['save_error'] = '1'; } else { callback_event('form_saved', '', 0, $name, $newname); } form_edit($message); }
function plugin_multi_edit() { $selected = ps('selected'); $method = assert_string(ps('edit_method')); if (!$selected or !is_array($selected)) { return plugin_list(); } $where = "name IN ('" . join("','", doSlash($selected)) . "')"; switch ($method) { case 'delete': foreach ($selected as $name) { if (safe_field('flags', 'txp_plugin', "name ='" . doSlash($name) . "'") & PLUGIN_LIFECYCLE_NOTIFY) { load_plugin($name, true); callback_event("plugin_lifecycle.{$name}", 'disabled'); callback_event("plugin_lifecycle.{$name}", 'deleted'); } } safe_delete('txp_plugin', $where); break; case 'changestatus': foreach ($selected as $name) { if (safe_field('flags', 'txp_plugin', "name ='" . doSlash($name) . "'") & PLUGIN_LIFECYCLE_NOTIFY) { $status = safe_field('status', 'txp_plugin', "name ='" . doSlash($name) . "'"); load_plugin($name, true); // NB: won't show returned messages anywhere due to potentially overwhelming verbiage. callback_event("plugin_lifecycle.{$name}", $status ? 'disabled' : 'enabled'); } } safe_update('txp_plugin', 'status = (1-status)', $where); break; case 'changeorder': $order = min(max(intval(ps('order')), 1), 9); safe_update('txp_plugin', 'load_order = ' . $order, $where); break; } $message = gTxt('plugin_' . ($method == 'delete' ? 'deleted' : 'updated'), array('{name}' => join(', ', $selected))); plugin_list($message); }