/**
* function isPresent:
* recursive function used to find if a page identified by $pageId is inside book identified by $parentId
* $parentId is page_id of the book(where we're searching) and not its page_moduleComponentId
*/
public function isPresent($parentId, $pageId)
{
$moduleComponentId = getModuleComponentIdFromPageId($parentId, 'book');
$list = mysql_fetch_assoc(mysql_query("SELECT `list` FROM `book_desc` WHERE `page_modulecomponentid` = '{$moduleComponentId}'"));
$list = explode(",", $list['list']);
foreach ($list as $element) {
if ($pageId == $element) {
return true;
}
if (getPageModule($element) == 'book') {
return $this->isPresent($element, $pageId);
}
}
return false;
}
exit;
}
///Parse the URL and retrieve the PageID of the request page if its valid
$pageId = parseUrlReal($pageFullPath, $pageIdArray);
///Means that the requested URL is not valid.
if ($pageId === false) {
define("TEMPLATE", getPageTemplate(0));
$pageId = parseUrlReal("home", $pageIdArray);
$TITLE = CMS_TITLE;
$MENUBAR = '';
$CONTENT = "The requested URL was not found on this server.<br />{$_SERVER['SERVER_SIGNATURE']}" . "<br /><br />Click <a href='" . $urlRequestRoot . "'>here </a> to return to the home page";
templateReplace($TITLE, $MENUBAR, $ACTIONBARMODULE, $ACTIONBARPAGE, $BREADCRUMB, $SEARCHBAR, $PAGEKEYWORDS, $INHERITEDINFO, $CONTENT, $FOOTER, $DEBUGINFO, $ERRORSTRING, $WARNINGSTRING, $INFOSTRING, $STARTSCRIPTS, $LOGINFORM);
exit;
}
///If it reaches here, means the page requested is valid. Log the information for future use.
logInfo(getUserEmail($userId), $userId, $pageId, $pageFullPath, getPageModule($pageId), $action, $_SERVER['REMOTE_ADDR']);
///The URL points to a file. Download permissions for the file are handled inside the download() function in download.lib.php
if (isset($_GET['fileget'])) {
require_once $sourceFolder . "/download.lib.php";
$action = "";
if (isset($_GET['action'])) {
$action = $_GET['action'];
}
download($pageId, $userId, $_GET['fileget'], $action);
exit;
}
///Check whether the user has the permission to use that action on the requested page.
$permission = getPermissions($userId, $pageId, $action);
///Gets the page-specific template for that requested page
define("TEMPLATE", getPageTemplate($pageId));
///Gets the page title of the requested page
/**
*
* Gets the file that has been requested by mapping it to the proper location
*
* @param $pageId The page where the file is present in
* @param $userId The user who has requested the file.
* @param $fileName The name of the file that is required.
*
* @return mixed: nothing if there is an error and the file otherwise.
*/
function download($pageId, $userId, $fileName, $action = "")
{
/// If page not found display error
if ($pageId === false) {
header("http/1.0 404 Not Found");
echo "<html><head><title>404 Not Found</title></head><body><h1>Not Found</h1>" . "<p>The requested URL " . $_SERVER['SCRIPT_UR'] . " was not found on this server.</p><hr>" . "{$_SERVER['SERVER_SIGNATURE']}</body></html>";
disconnect();
exit;
}
if ($action == "") {
$action = "view";
}
// Profile Image exception added by Abhishek
global $sourceFolder;
global $moduleFolder;
if ($action != "profile") {
$actualPageId = getDereferencedPageId($pageId);
$moduleType = getPageModule($actualPageId);
$moduleComponentId = getPageModuleComponentId($actualPageId);
require_once $sourceFolder . "/content.lib.php";
require_once $sourceFolder . "/" . $moduleFolder . "/" . $moduleType . ".lib.php";
$moduleInstance = new $moduleType();
if (!$moduleInstance instanceof fileuploadable) {
echo "The module \"{$moduleType}\" does not implement the inteface upload.";
return "";
}
if (!$moduleInstance->getFileAccessPermission($pageId, $moduleComponentId, $userId, $fileName)) {
echo "Access Denied.";
return "";
}
} else {
$actualPageId = getDereferencedPageId($pageId);
$moduleType = "profile";
$moduleComponentId = $userId;
// Since the moduleComponentId is equal to userId, the image could be retrieved only if the userId is valid, hence no need for security check for file access here :)
}
//return the file the particular page id.
$query = "SELECT * FROM `" . MYSQL_DATABASE_PREFIX . "uploads` WHERE `upload_filename`= '" . escape($fileName) . "' AND `page_module` = '" . escape($moduleType) . "' AND `page_modulecomponentid` = '" . escape($moduleComponentId) . "'";
$result = mysql_query($query) or die(mysql_error() . "upload L:85");
$row = mysql_fetch_assoc($result);
$fileType = $row['upload_filetype'];
/**
* Not checking if filetype adheres to uploadable filetype list beacuse this check can be
* performed in $moduleInstance->getFileAccessPermission.
*/
$uploadFolder = 'uploads';
$upload_fileid = $row['upload_fileid'];
$filename = str_repeat("0", 10 - strlen((string) $upload_fileid)) . $upload_fileid . "_" . $fileName;
$file = $sourceFolder . "/" . $uploadFolder . "/" . $moduleType . "/" . $filename;
disconnect();
$filePointer = @fopen($file, 'r');
if ($filePointer == FALSE) {
header("http/1.0 404 Not Found");
echo "<html><head><title>404 Not Found</title></head><body><h1>Not Found</h1>" . "<p>The requested URL " . $_SERVER['SCRIPT_URL'] . " was not found on this server.</p><hr>" . "{$_SERVER['SERVER_SIGNATURE']}</body></html>";
exit;
} elseif ($fileType == 'image/jpeg') {
header("Content-Type: image/jpg");
} elseif ($fileType == 'image/gif') {
header("Content-Type: image/gif");
} elseif ($fileType == 'image/png') {
header("Content-Type: image/png");
} elseif ($fileType == 'image/bmp') {
header("Content-Type: image/bmp");
} elseif ($fileType == 'image/svg+xml') {
header("Content-Type: image/svg+xml");
} else {
header("Content-Type: application/force-download");
}
header("Expires: Sat, 23 Jan 2010 20:53:35 +0530");
// . date('r', strtotime('+1 year')));
$last_modified_time = filemtime($file);
header('Date: ' . date('r'));
header('Last-Modified: ' . date('r', strtotime($row['upload_time'])));
$etag = md5_file($file);
header("ETag: {$etag}");
if (@strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']) == $last_modified_time || isset($_SERVER['HTTP_IF_NONE_MATCH']) && trim($_SERVER['HTTP_IF_NONE_MATCH']) == $etag) {
header("HTTP/1.1 304 Not Modified");
exit;
}
echo @fread($filePointer, filesize($file));
@fclose($filePointer);
}
/**
* Generate HTML for a form to help edit settings for a given page
* @param $pageId Page id of the requested page
* @param $userId User id of the current user
* @return String containing HTML of the generated form, or a null string if required data could not be found
*/
function getSettingsForm($pageId, $userId)
{
$pageId = escape($pageId);
$page_query = "SELECT `page_name`, `page_title`, `page_displaymenu`, `page_displayinmenu`, `page_displaysiblingmenu` , `page_module`, `page_displaypageheading`,`page_template`,`page_modulecomponentid`, `page_menutype`, `page_menudepth` , `page_displayinsitemap` ,`page_displayicon`" . "FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_id`='" . $pageId . "'";
$page_result = mysql_query($page_query);
$page_values = mysql_fetch_assoc($page_result);
$chkquery = "SELECT `value` FROM `" . MYSQL_DATABASE_PREFIX . "global` WHERE `attribute`='allow_pagespecific_template'";
$row = mysql_fetch_row(mysql_query($chkquery));
$allow_pagespecific_templates = $row[0];
// 0 if disabled, 1 if enabled
if (!$page_values) {
return '';
}
global $ICONS;
$modifiers = '';
$showInMenuBox = '';
$showInSiteMap = '';
if ($pageId == 0) {
$modifiers = 'disabled="disabled" ';
}
$showInMenuBox = '<tr><td ><label for="showinmenu">Show page in menu bar</td></label><td><input type="checkbox" name="showinmenu" id="showinmenu" ' . ($page_values['page_displayinmenu'] == 1 ? 'checked="checked" ' : '') . '/></td></tr>';
$showInSiteMap = '<tr><td ><label for="showinsitemap">Show page in site map</td></label><td><input type="checkbox" name="showinsitemap" id="showinsitemap" ' . ($page_values['page_displayinsitemap'] == 1 ? 'checked="checked" ' : '') . '/></td></tr>';
$showmenubar = $page_values['page_displaymenu'] == 1 ? 'checked="checked" ' : '';
$showsiblingmenu = $page_values['page_displaysiblingmenu'] == 1 ? 'checked="checked" ' : '';
$showheading = $page_values['page_displaypageheading'] == 1 ? 'checked="checked"' : '';
$dbPageTemplate = $page_values['page_template'];
$modulecomponentid = $page_values['page_modulecomponentid'];
$displayicon = $page_values['page_displayicon'] == 1 ? 'checked="checked" ' : '';
$templates = getAvailableTemplates();
$page_query = "SELECT * FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_parentid` = '{$pageId}' AND `page_parentid` != `page_id` ORDER BY `page_menurank` ASC ";
$page_result = mysql_query($page_query) or die(mysql_error());
$childList = "";
$isLeaf = false;
if (mysql_num_rows($page_result) == 0) {
$isLeaf = true;
$childList = "There are no child pages associated with this page.";
} else {
$childList = "<table border=\"1\" width=\"100%\"><tr><th>Child Pages</th><th>Display in menu bar</th><th>Display in Sitemap</th><th>Display Icon in menu</th><th>Move page up</th><th>Move page down</th><th>Delete</th></tr>";
}
while ($page_result_row = mysql_fetch_assoc($page_result)) {
$childList .= '<tr><td><a href="./' . $page_result_row['page_name'] . '+settings">' . $page_result_row['page_title'] . '</a></td>' . '<td><input type="checkbox" name="menubarshowchildren[]" id="' . $page_result_row['page_name'] . '" value="' . $page_result_row['page_name'] . '" ' . ($page_result_row['page_displayinmenu'] == 1 ? 'checked="yes" ' : '') . '/></td>' . '<td><input type="checkbox" name="sitemapshowchildren[]" id="' . $page_result_row['page_name'] . '" value="' . $page_result_row['page_name'] . '" ' . ($page_result_row['page_displayinsitemap'] == 1 ? 'checked="yes" ' : '') . '/></td>' . '<td><input type="checkbox" name="childrenshowicon[]" id="' . $page_result_row['page_name'] . '" value="' . $page_result_row['page_name'] . '" ' . ($page_result_row['page_displayicon'] == 1 ? 'checked="yes" ' : '') . '/></td>' . '<td align="center"><input type="submit" name="moveUp" onclick="this.form.action+=\'' . $page_result_row['page_name'] . '\'" value="Move Up" /></td>' . '<td align="center"><input type="submit" name="moveDn" onclick="this.form.action+=\'' . $page_result_row['page_name'] . '\'" value="Move Down" /></td>' . '<td align="center"><input type="submit" name="deletePage" onclick="javascript:if(checkDelete(this,\'' . $page_result_row['page_name'] . '\')){this.form.action+=\'' . $page_result_row['page_name'] . '\'}" value="Delete" /></td></tr>';
}
if (!mysql_num_rows($page_result) == 0) {
$childList .= "</table>";
}
/* PAGE INHERITED INFO */
$inheritedInfo = $inheritedPagePath = $inheritedInfoEncoded = '';
$inheritedPageId = getPageInheritedInfo($pageId, $inheritedInfo);
if ($inheritedPageId == $pageId) {
$inheritedInfoEncoded = htmlentities($inheritedInfo);
}
if ($inheritedPageId >= 0) {
$inheritedPagePath = getPagePath($inheritedPageId);
global $urlRequestRoot;
$inheritedPagePath = "<a href=\"{$urlRequestRoot}{$inheritedPagePath}+settings\">{$inheritedPagePath}</a>";
if ($inheritedPageId != $pageId) {
$inheritedPagePath .= ' (Browse to this page to edit the inherited information.)';
}
}
$inheritedInfoText = <<<INHERITEDINFO
\t<a name="inheritinfoform"></a>
\t\t<fieldset style="padding: 8px">
\t\t\t<legend>{$ICONS['Page Inherited Info']['small']}Inherited Information</legend>
\t\t\t
\t\t\t<form name="pagesettings" action="./+settings&subaction=editinheritedinfo" method="POST">
\t\t\t\t<table>
\t\t\t\t\t<tr>
\t\t\t\t\t\t<td>Inherited Information:</td>
\t\t\t\t\t\t<td>
\t\t\t\t\t\t\t<div>
\t\t\t\t\t\t\t\t{$inheritedInfo}
\t\t\t\t\t\t\t</div>
\t\t\t\t\t\t</td>
\t\t\t\t\t</tr>
\t\t\t\t\t<tr>
\t\t\t\t\t\t<td>Inherited From:</td>
\t\t\t\t\t\t<td>{$inheritedPagePath}</td>
\t\t\t\t\t</tr>
\t\t\t\t\t<tr>
\t\t\t\t\t\t<td>Add/Edit inherited information for this page:</td>
\t\t\t\t\t\t<td>
\t\t\t\t\t\t\t<textarea name="txtInheritedInfo" style="width:98%;" rows="8" cols="80" wrap="virtual">{$inheritedInfoEncoded}</textarea>
\t\t\t\t\t\t</td>
\t\t\t\t\t</tr>
\t\t\t\t</table>
\t\t\t\t<input type="submit" name="btnSubmit" value="Submit" />
\t\t\t</form>
\t\t</fieldset>
INHERITEDINFO;
/* PAGE CREATE TEXT*/
$createdPageSettingsText = "";
$dbPageTemplateDisabled = "";
$dbPageDefTemplate = "";
if ($dbPageTemplate == DEF_TEMPLATE) {
$dbPageDefTemplate = "checked";
$dbPageTemplateDisabled = "disabled=true";
}
if (getPageModule($pageId) == "link") {
$dereferencePagePathIds = array();
parseUrlDereferenced($pageId, $dereferencePagePathIds);
$dereferencePagePath = "";
foreach ($dereferencePagePathIds as $page) {
$info = getPageInfo($page);
$dereferencePagePath .= $info['page_name'] . "/";
}
global $urlRequestRoot;
$createdPageSettingsText = "<a name=\"childpageform\"></a> <fieldset>\n <legend>{$ICONS['Create New Page']['small']}Create Child Page</legend>Please use the <a href='" . $urlRequestRoot . "/" . $dereferencePagePath . "+settings'>linked page settings</a> to create a child page.</fieldset>";
} else {
if (getPageModule($pageId) == "external") {
$createdPageSettingsText = "<a name=\"childpageform\"></a> <fieldset>\n <legend>{$ICONS['Create New Page']['small']}Create Child Page</legend>You cannot create a child page of a page of an \"external link\".</fieldset>";
} else {
$generatedTree = generateDirectoryTree($userId, "page", "settings", 0)->toHtml('childPageTreeContainer', 'childPageTree', 'childpagelink');
$creatableTypesText = '<option value=""> </option><option value="menu">Menu</option><option value="link">Link</option><option value="external">External Link</option>';
$createblePageTypes = getCreatablePageTypes($userId, $pageId);
foreach ($createblePageTypes as $creatableType) {
$creatableTypesText .= "<option value=\"{$creatableType}\">" . ucfirst($creatableType) . "</option>";
}
$createdPageSettingsText = <<<CREATE
\t\t <form name="pagesettings" action="./+settings&subaction=create" onsubmit="return childOnSubmit();" method="POST">
\t\t <script type="text/javascript" language="javascript">
\t\t\t<!--
\t\t\t\tfunction childOnSubmit(){
\t\t\t\t\tif(document.getElementById("childpagetype").selectedIndex==0) { alert("Please select a page type."); return false;}
\t\t\t\t\tif(document.getElementById("childpagename").value=="") {alert("Please fill the page name"); return false;}
\t\t\t\t\tif(document.getElementById("childpagelink").value=="" && document.getElementById("childpagetype").selectedIndex==2) {alert("Please select the linked page path"); return false;}
\t\t\t\t\tif(document.getElementById("externallink").value=="" && document.getElementById("childpagetype").selectedIndex==3) {alert("Please enter the external page path"); return false;}
\t\t\t\t}
\t\t\t\tfunction childShowTree(obj) {
\t\t\t\t\tif(obj.selectedIndex==2) {
\t\t\t\t\t\tdocument.getElementById("childlinktree").style.display="";
\t\t\t\t\t\tdocument.getElementById("childlinkentry").style.display="";
\t\t\t\t\t\tdocument.getElementById("childlinkentry1").style.display="";
\t\t\t\t\t}
\t\t\t\t\telse {
\t\t\t\t\t\tdocument.getElementById("childlinktree").style.display="none";
\t\t\t\t\t\tdocument.getElementById("childlinkentry").style.display="none";\t
\t\t\t\t\t\tdocument.getElementById("childlinkentry1").style.display="none";
\t\t\t\t\t}
\t\t\t\t\tif(obj.selectedIndex==3) {
\t\t\t\t\t\tdocument.getElementById("externallinktr").style.display="";
\t\t\t\t\t\tdocument.getElementById("externallinktr1").style.display="";
\t\t\t\t\t}
\t\t\t\t\telse {
\t\t\t\t\t\tdocument.getElementById("externallinktr").style.display="none";
\t\t\t\t\t\tdocument.getElementById("externallinktr1").style.display="none";
\t\t\t\t\t}
\t\t\t\t\tif(obj.selectedIndex==2 || obj.selectedIndex==3)
\t\t\t\t\t{
\t\t\t\t\t\tdocument.getElementById("fieldsetTemplate").style.display="none";\t
\t\t\t\t\t}
\t\t\t\t\telse document.getElementById("fieldsetTemplate").style.display="";
\t\t\t\t}
\t\t\t\tfunction toggleSelTemplate1()
\t\t\t\t{
\t\t\t\t\tvar obj=document.getElementsByName('page_template')[1];
\t\t\t\t\tobj.disabled=(obj.disabled==true?false:true);
\t\t
\t\t\t\t}
\t\t\t-->
\t\t</script>
\t\t <a name="childpageform"></a>
\t <fieldset>
<legend>{$ICONS['Create New Page']['small']}Create Child Page</legend>
<table>
\t<tr>
\t\t<td valign="top">
\t\t\t\t\t<table border="1">
\t\t\t\t <tr><td>Page type:</td><td><select name="childpagetype" id="childpagetype" onchange="childShowTree(this);">{$creatableTypesText}</select></td></tr>
\t\t\t\t <tr><td>Page name:</td><td><input type="text" name="childpagename" id="childpagename" /></td></tr>
\t\t\t\t <tr id="childlinkentry" style="display:none"><td>Page link:</td><td><input type="text" name="childpagelink" id="childpagelink" /></td></tr>
\t\t\t\t\t\t<tr id="childlinkentry1" style="display:none"><td>Open the child page in:</td><td><select name="linkselect" id="linktype"><Option>Same Tab</option><option>New Tab</option></select></td></tr>
\t\t\t\t <tr id="externallinktr" style="display:none"><td>External link:</td><td><input type="text" name="externallink" id="externallink" /></td></tr>
\t\t\t\t\t\t<tr id="externallinktr1" style="display:none"><td>Open the child page in:</td><td><select name="linkselectex" id="linktypeex"><Option>Same Tab</option><option>New Tab</option></select></td></tr>
\t\t\t\t\t</table>
\t\t\t\t</td>
\t\t\t\t<td id="childlinktree" style="display:none">Click to select link path :
\t\t\t\t\t{$generatedTree}
\t\t\t\t</td>
\t\t\t</tr>
\t\t</table>
CREATE;
$createdPageSettingsText .= <<<CREATE
\t\t\t<fieldset id="fieldsetTemplate">
\t\t\t<legend>Template</legend>
CREATE;
if ($allow_pagespecific_templates == 1) {
$createdPageSettingsText .= <<<CREATE
\t\t\t<table>
\t\t\t<tr>
\t\t\t<td>Use Default Template ?</td>
\t\t\t<td><input type='checkbox' name='default_template' value='yes' onchange="toggleSelTemplate1()" {$dbPageDefTemplate} /></td>
\t\t\t</tr>
\t\t\t<tr>
\t\t\t<td>Select Template</td>
\t\t\t<td><select name='page_template' {$dbPageTemplateDisabled}>
CREATE;
for ($i = 0; $i < count($templates); $i++) {
if ($templates[$i] == $dbPageTemplate) {
$createdPageSettingsText .= "<option value='" . $templates[$i] . "' selected >" . ucwords($templates[$i]) . "</option>";
} else {
$createdPageSettingsText .= "<option value='" . $templates[$i] . "' >" . ucwords($templates[$i]) . "</option>";
}
}
$createdPageSettingsText .= "\n\t\t\t</select>\n\t\n\t\t\t</tr>\n\t\n\t\t\t</table>";
} else {
$createdPageSettingsText .= "Page-specific templates are disabled. Please enable it from Global Settings in Admin or click <a href='./+admin&subaction=global'>here</a>";
}
$createdPageSettingsText .= <<<CREATE
\t\t</fieldset><br/>
\t \t<input type="submit" name="btnSubmit2" value="Submit" /> <input type="reset" name="btnReset" value="Reset" />
</fieldset>
</form>
CREATE;
}
}
/* PAGE CREATE TEXT ENDS*/
/* PAGE MOVE COPY TEXT BEGINS */
$generatedTree = generateDirectoryTree($userId, "page", "settings", 0)->toHtml('fileCopyTreeContainer', 'fileCopyTree', "parentpagepath");
$movecopyPageSettingsText = <<<MOVECOPY
\t\t<script type="text/javascript" language="javascript">
\t\t\tfunction moveOnSubmit(){
\t\t\t\tif(document.getElementById("parentpagepath").value=="") {alert("Please fill the page path"); return false;}
\t\t\t\tif(document.getElementById("destinationpagetitle").value=="") { alert("Please select a page title."); return false;}
\t\t\t\tif(document.getElementById("destinationpagename").value=="") {alert("Please fill the page name"); return false;}
\t\t\t}
\t\t\tfunction movecopyChange(obj){
\t\t\t\tif(obj.checked==true)
\t\t\t\t\tdocument.getElementById("recursivelycopypage").disabled=true;
\t\t\t\telse
\t\t\t\t\tdocument.getElementById("recursivelycopypage").disabled=false;
\t\t\t}
\t\t-->
\t</script>
\t<form name="pagesettings" action="./+settings&subaction=move" onsubmit="return moveOnSubmit()" method="POST">
\t <a name="copymovepageform"></a>
\t <fieldset>
<legend>{$ICONS['Copy or Move Page']['small']}Copy or Move Page</legend>
\t\t<table border="1">
\t\t\t<tr>
\t\t\t\t<td valign="top">
\t\t\t <table border="1" cellpadding="2px" cellspacing="2px">
\t\t\t \t<tr><td colspan="2">Click on the generated page tree to select the parent page path : </td></tr>
\t\t\t <tr><td>Path of the distination parent page :</td><td><input type="text" id="parentpagepath" name="parentpagepath"/></td></tr>
\t\t\t <tr><td>Destination page title:</td><td><input type="text" name="destinationpagetitle" id="destinationpagetitle" value="{$page_values['page_title']}"/></td></tr>
\t\t\t <tr><td>Destination page name:</td><td><input type="text" name="destinationpagename" id="destinationpagename" value="{$page_values['page_name']}"/></td></tr>
\t\t\t <tr><td><label for="deleteoriginalpage">Delete original entry (Move instead of Copy)</label></td><td><input type="checkbox" name="deleteoriginalpage" id="deleteoriginalpage" checked="true" onclick="movecopyChange(this);"/></td></tr>
\t\t\t <tr><td><label for="recusivelycopypage">Copy recursively? (in case of Copy)</label></td><td><input type="checkbox" name="recursivelycopypage" id="recursivelycopypage" disabled="true" /></td></tr>
\t\t\t </table>
\t\t\t Legend:
\t\t\t <table cellpadding="2px" cellspacing="2px">
\t\t\t \t<tr><td style="border: 1px solid black; width: 18px; background-color: #E8FFE8"></td><td>Accessible Items</td></tr>
\t\t\t \t<tr><td style="border: 1px solid black; width: 18px; background-color: #FFE8E8"></td><td>Inaccessible Items</td></tr>
\t\t\t </table>
\t\t\t </td>
\t\t\t <td valign="top">
\t\t\t\t\t<div id="pathtree">Click to select destination path : {$generatedTree}</div>
\t\t\t </td>
\t\t\t</tr>
\t\t</table>
\t \t<input type="submit" name="btnSubmit2" value="Submit" /> <input type="reset" name="btnReset" value="Reset" />
</fieldset>
</form>
MOVECOPY;
/* PAGE MOVE COPY TEXT ENDS */
/*TAGS TEXT BEGINS */
$pageTagsQuery = "SELECT `tag_text`, `tag_id` FROM `" . MYSQL_DATABASE_PREFIX . "pagetags` WHERE `page_id` = '{$pageId}' ORDER BY `tag_text`;";
$pageTagsResult = mysql_query($pageTagsQuery);
if (!$pageTagsResult) {
displayerror(mysql_error());
}
//Error handling
if (mysql_num_rows($pageTagsResult)) {
//Checking if the page has tags
$pageTags = "<table><tr>";
$pageTags .= "<th> Tag Name </th>";
$pageTags .= "<th> Delete </th></tr>";
while ($pagetagrow = mysql_fetch_assoc($pageTagsResult)) {
$pageTags .= "<tr>";
$pageTags .= "<td>" . $pagetagrow['tag_text'] . "</td>";
$pageTags .= "<td><a href='./+settings&subaction=tags&delTag={$pagetagrow[tag_id]}'>" . $ICONS['Delete']['small'] . "</a></td>";
$pageTags .= "</tr>";
}
$pageTags .= "</table>";
} else {
$pageTags = "There are no tags yet.";
}
$allTagsQuery = "SELECT DISTINCT `tag_text` FROM `" . MYSQL_DATABASE_PREFIX . "pagetags` ORDER BY `tag_text;";
$allTagsResult = mysql_query($allTagsQuery);
if (!$allTagsResult) {
displayerror(mysql_error());
}
//Error handling
while ($alltagrow = mysql_fetch_assoc($allTagsResult)) {
$allTags .= "<option value='{$alltagrow[tag_text]}'>";
//dataset option for newTag input
}
$tagsPageSettingsText = "<fieldset><legend><a name='tags'>Page Tags</a></legend>";
$tagsPageSettingsText .= $pageTags;
$tagsPageSettingsText .= "<div><form action='./+settings&subaction=tags' method='post'>";
$tagsPageSettingsText .= "<label for='newTag'>Add a tag:</label>";
$tagsPageSettingsText .= "<input id='newTag' name='newTag' list='existingTags'></input>";
$tagsPageSettingsText .= "<datalist id='existingTags'>";
$tagsPageSettingsText .= $allTags;
$tagsPageSettingsText .= "</datalist>";
$tagsPageSettingsText .= "<input type='submit'></input></form></div>";
$tagsPageSettingsText .= "</fieldset>";
/* TAGS TEXT ENDS */
global $pageFullPath;
global $STARTSCRIPTS;
$STARTSCRIPTS .= "toggleMenuType();";
$parentPath = $pageId == 0 ? '' : '<a href="../+settings">Parent page link.</a>';
$pageType = ucfirst($page_values['page_module']);
$menuType = $page_values['page_menutype'];
$menudepth = $page_values['page_menudepth'];
$classictype = "";
$multidepthtype = "";
$completetype = "";
$changeLink = "";
$name = "";
$generatedTree = "";
$linkmcid = getDereferencedPageId($pageId);
if ($pageType == "Link") {
$link = getPagePath($linkmcid);
$generatedTree = "<tr><td colspan=2><div>Choose a link:" . generateDirectoryTree($userId, "page", "settings", 0)->toHtml('linkTreeContainer', 'linkTree', 'link') . "</div></td></tr>";
$changeLink = "<tr><td>Internally Linked To:</td><td><input type=text name='link' id='link' value={$link}></td></tr>";
}
if ($pageType == "External") {
$linkquery = "SELECT `page_extlink` FROM `" . MYSQL_DATABASE_PREFIX . "external` WHERE page_modulecomponentid = " . $linkmcid;
$linkres = mysql_fetch_row(mysql_query($linkquery));
$link = $linkres[0];
$changeLink = "<tr><td>Externally Linked To:</td><td><input type=text name='exlink' id='link' value={$link}></td></tr>";
}
if ($menuType == "classic") {
$classictype = "selected";
} else {
if ($menuType == "multidepth") {
$multidepthtype = "selected";
} else {
$completetype = "selected";
}
}
$row = mysql_fetch_array(mysql_query("SELECT `allowComments` FROM `article_content` WHERE `page_modulecomponentid` = '{$modulecomponentid}'"));
$allowComments = $row['allowComments'] == 1 ? 'checked="checked" ' : '';
$formDisplay = <<<FORMDISPLAY
\t<div id="page_settings">
<form name="pagesettings" action="./+settings&subaction=pagesettings&pageName=" method="POST" onsubmit="return settingsOnSubmit();">
\t\t<script type="text/javascript" language="javascript">
\t\t\tfunction settingsOnSubmit(){
\t\t\t\tif(!document.getElementById("pagename").disabled) {
\t\t\t\t \tif(document.getElementById("pagename").value=="") {alert("Please fill the page name."); return false;}
\t\t\t\t}
\t\t\t\tif(document.getElementById("pagetitle").value=="") { alert("Please fill the page title."); return false;}
\t\t\t}
\t\t\tfunction checkDelete(butt,fileName)
\t\t\t{
\t\t\t\tif(confirm('Are you sure you want to delete '+fileName+'?'))
\t\t\t\t {
\t\t\t\t return true;
\t\t\t\t //\t\t\t butt.form.action+=fileName;
\t\t\t\t //butt.form.submit();
\t\t\t\t }
\t\t\t\telse {console.log("hi");return false;}
\t\t\t}
\t\t\tfunction toggleSelTemplate2()
\t\t\t\t{
\t\t\t\t\tvar obj=document.getElementsByName('page_template')[0];
\t\t\t\t\tobj.disabled=(obj.disabled==true?false:true);
\t\t
\t\t\t\t}
\t\t\tfunction toggleMenuType()
\t\t\t\t{
\t\t\t\t\tvar obj=document.getElementById('menutype');
\t\t\t\t\tif(obj.value=="classic")
\t\t\t\t\t{
\t\t\t\t\t\tdocument.getElementById('showsiblingmenu').disabled=false;
\t\t\t\t\t\tdocument.getElementById('menudepth').disabled=true;
\t\t\t\t\t}
\t\t\t\t\telse
\t\t\t\t\t{
\t\t\t\t\t\tdocument.getElementById('showsiblingmenu').disabled=true;
\t\t\t\t\t\tdocument.getElementById('menudepth').disabled=false;
\t\t\t\t\t}
\t\t\t\t}
\t\t</script>
\t<br />
<a name="topquicklinks"></a>
<fieldset>
<legend>{$ICONS['Page Settings']['small']}Page Settings</legend>
<table class='iconspanel'>
<tr>
<td><a href='#pageinfoform'><div>{$ICONS['Page Information']['large']}<br/>Page Information</div></a></td>
<td><a href='#childpageform'><div>{$ICONS['Create New Page']['large']}<br/>Create New Page</div></a></td>
<td><a href='#copymovepageform'><div>{$ICONS['Copy or Move Page']['large']}<br/>Copy or Move Page</div></a></td>
<td><a href='#inheritinfoform'><div>{$ICONS['Page Inherited Info']['large']}<br/>Page Inherited Information</div></a></td>
</tr>
</table>
</fieldset>
<a name="pageinfoform"></a>
\t<fieldset>
\t<legend>{$ICONS['Page Information']['small']}Page Information</legend>
\t
\t <table border="1" cellpadding="2px" cellspacing="2px">
\t\t\t\t<tr><td>Page path:</td><td>{$pageFullPath}</td></tr>
\t \t<tr><td>Page name:</td><td><input type="text" id="pagename" name="pagename" value="{$page_values['page_name']}" {$modifiers}/></td></tr>
\t \t\t\t<tr><td>Page title:</td><td><input type="text" id="pagetitle" name="pagetitle" value="{$page_values['page_title']}" {$modifiers}/></td></tr>
\t \t\t\t<tr><td >Page type: </td><td>{$pageType}</td></tr>
\t \t\t\t{$changeLink}{$generatedTree}
\t\t\t\t<tr><td>Allow comments: </td><td><input type='checkbox' id='allowComments' name='allowComments' {$allowComments}></td></tr>
\t\t\t\t{$showInMenuBox}
\t\t\t<tr><td><label for="showheading">Show page heading</label></td><td><input type="checkbox" id="showheading" name="showheading" {$showheading} /></td></tr>
\t \t\t\t\t
\t \t\t\t{$showInSiteMap}\t
\t \t\t\t
\t\t</table>
\t\t<fieldset><legend>Menu Settings</legend>
\t\t<table border="1" cellpadding="2px" cellspacing="2px">
\t\t
\t\t\t
\t\t\t\t<tr>
\t\t\t\t\t<td><label for='menutype'>Menu type</label></td>
\t\t\t\t\t<td>
\t\t\t\t\t<select name="menutype" id="menutype" onchange="toggleMenuType();">
\t\t\t\t\t\t<option value='classic' {$classictype}>Classic</option>
\t\t\t\t\t\t<option value='complete' {$completetype}>Complete</option>
\t\t\t\t\t\t<option value='multidepth' {$multidepthtype}>Multi-Depth</option>
\t\t\t\t\t</select>
\t\t\t\t\t</td>
\t\t\t\t\t<td rowspan="4"><input type="checkbox" name='menustyle_propogate' value='yes' checked="checked" />Propogate Menu settings to all child pages <br /><br /> Menu Depth = -1 : Generate Complete Menu till the last child page.</td>
\t\t\t\t<tr>
\t\t\t\t\t<td><label for='showmenubar'>Show menu bar in page</label></td>
\t\t\t\t\t<td><input type='checkbox' id='showmenubar' name='showmenubar' {$showmenubar}/></td>
\t\t\t\t</tr><tr>
\t\t\t\t\t<td><label for='showsiblingmenu'> Show sibling menu in page</label></td>
\t\t\t\t\t<td><input type='checkbox' name='showsiblingmenu' id='showsiblingmenu' {$showsiblingmenu} /></td>
\t\t\t\t</tr>
\t\t\t\t<tr>
\t\t\t\t\t<td><label for='menudepth'>Menu Depth</label></td>
\t\t\t\t\t<td><input type='text' name='menudepth' id='menudepth' value='{$menudepth}'/> </td>
\t\t\t\t</tr><tr>
\t\t\t\t\t<td><label for='displayicon'> Show icon in menu </label></td>
\t\t\t\t\t<td><input type='checkbox' name='displayicon' id='displayicon' {$displayicon} /></td>
\t\t\t\t\t<td rowspan="4"><input type="checkbox" name='icon_propogate' value='yes' />Propogate Icon settings to all child pages </td>
\t\t\t\t</tr>
\t\t\t\t
\t </table>
\t </fieldset>
\t <fieldset><legend>Template</legend>
FORMDISPLAY;
if ($allow_pagespecific_templates == 1) {
$formDisplay .= <<<FORMDISPLAY
\t <table border="1" cellpadding="2px" cellspacing="2px">
\t\t\t\t
\t\t\t\t<tr>
\t\t\t\t\t<td>Use Default Template ?</td>
\t\t\t\t\t<td><input type='checkbox' name='default_template' value='yes' onchange="toggleSelTemplate2()" {$dbPageDefTemplate} /></td>
\t\t\t\t\t<td rowspan=2><input type="checkbox" name='template_propogate' value='yes' />Propogate Template setting to all child pages
\t\t\t\t\t</td>
\t\t\t\t\t</tr>
\t\t\t\t\t<tr>
\t\t\t\t\t<td>Select Template</td>
\t\t\t\t\t<td><select name='page_template' {$dbPageTemplateDisabled}>
FORMDISPLAY;
for ($i = 0; $i < count($templates); $i++) {
if ($templates[$i] == $dbPageTemplate) {
$formDisplay .= "<option value='" . $templates[$i] . "' selected >" . ucwords($templates[$i]) . "</option>";
} else {
$formDisplay .= "<option value='" . $templates[$i] . "' >" . ucwords($templates[$i]) . "</option>";
}
}
$formDisplay .= "\n\t\t\t\t\t</select>\n\t\n\t\t\t\t</tr>\n\t\t</table>";
} else {
$formDisplay .= "Page-specific templates are disabled. Please enable it from Global Settings in Admin or click <a href='./+admin&subaction=global'>here</a>";
}
$formDisplay .= <<<FORMDISPLAY
\t\t</fieldset>
\t\t
\t\t<fieldset><legend>Child Pages</legend>
\t\tChild pages: (Click on links for children's settings.) {$parentPath} <br />
\t\t{$childList}
\t </fieldset>
\t
\t\t<input type="submit" name="btnSubmit" value="Submit"/> <input type="reset" name="btnReset" value="Reset" />
\t</fieldset>
\t<a href="#topquicklinks">Top</a>
</form>
\t<br/><br/>
\t\t{$createdPageSettingsText}
\t\t<a href="#topquicklinks">Top</a>
\t<br/><br/>
\t\t{$movecopyPageSettingsText}
\t\t<a href="#topquicklinks">Top</a>
\t<br/><br/>
\t{$inheritedInfoText}
\t<a href="#topquicklinks">Top</a>
<br/><br/>
\t{$tagsPageSettingsText}
\t<a href="#topquicklinks">Top</a>
\t</div>
FORMDISPLAY;
return $formDisplay;
}
function groupManagementForm($currentUserId, $modifiableGroups, &$pagePath)
{
require_once "group.lib.php";
global $ICONS;
global $urlRequestRoot, $cmsFolder, $templateFolder, $moduleFolder, $sourceFolder;
$scriptsFolder = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/scripts";
$imagesFolder = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/images";
/// Parse any get variables, do necessary validation and stuff, so that we needn't check inside every if
$groupRow = $groupId = $userId = null;
$subAction = '';
//isset($_GET['subaction']) ? $_GET['subaction'] : '';
if (isset($_GET['subsubaction']) && $_GET['subsubaction'] == 'editgroup' && isset($_GET['groupname']) || isset($_POST['btnEditGroup']) && isset($_POST['selEditGroups'])) {
$subAction = 'showeditform';
} elseif (isset($_GET['subsubaction']) && $_GET['subsubaction'] == 'associateform') {
$subAction = 'associateform';
} elseif (isset($_GET['subsubaction']) && $_GET['subsubaction'] == 'deleteuser' && isset($_GET['groupname']) && isset($_GET['useremail'])) {
$subAction = 'deleteuser';
} elseif (isset($_POST['btnAddUserToGroup'])) {
$subAction = 'addusertogroup';
} elseif (isset($_POST['btnSaveGroupProperties'])) {
$subAction = 'savegroupproperties';
} elseif (isset($_POST['btnEditGroupPriorities']) || isset($_GET['subsubaction']) && $_GET['subsubaction'] == 'editgrouppriorities') {
$subAction = 'editgrouppriorities';
}
if (isset($_POST['selEditGroups']) || isset($_GET['groupname'])) {
$groupRow = getGroupRow(isset($_POST['selEditGroups']) ? escape($_POST['selEditGroups']) : escape($_GET['groupname']));
$groupId = $groupRow['group_id'];
if ($subAction != 'editgrouppriorities' && (!$groupRow || !$groupId || $groupId < 2)) {
displayerror('Error! Invalid group requested.');
return;
}
if (!is_null($groupId)) {
if ($modifiableGroups[count($modifiableGroups) - 1]['group_priority'] < $groupRow['group_priority']) {
displayerror('You do not have the permission to modify the selected group.');
return '';
}
}
}
if (isset($_GET['useremail'])) {
$userId = getUserIdFromEmail($_GET['useremail']);
}
if ($subAction != 'editgrouppriorities' && (isset($_GET['subaction']) && $_GET['subaction'] == 'editgroups' && !is_null($groupId))) {
if ($subAction == 'deleteuser') {
if ($groupRow['form_id'] != 0) {
displayerror('The group is associated with a form. To remove a user, use the edit registrants in the assoicated form.');
} elseif (!$userId) {
displayerror('Unknown E-mail. Could not find a registered user with the given E-mail Id');
} else {
$deleteQuery = 'DELETE FROM `' . MYSQL_DATABASE_PREFIX . 'usergroup` WHERE `user_id` = \'' . $userId . '\' AND `group_id` = ' . $groupId;
$deleteResult = mysql_query($deleteQuery);
if (!$deleteResult || mysql_affected_rows() != 1) {
displayerror('Could not delete user with the given E-mail from the given group.');
} else {
displayinfo('Successfully removed user from the current group');
if ($userId == $currentUserId) {
$virtue = '';
$maxPriorityGroup = getMaxPriorityGroup($pagePath, $currentUserId, array_reverse(getGroupIds($currentUserId)), $virtue);
$modifiableGroups = getModifiableGroups($currentUserId, $maxPriorityGroup, $ordering = 'asc');
}
}
}
} elseif ($subAction == 'savegroupproperties' && isset($_POST['txtGroupDescription'])) {
$updateQuery = "UPDATE `" . MYSQL_DATABASE_PREFIX . "groups` SET `group_description` = '" . escape($_POST['txtGroupDescription']) . "' WHERE `group_id` = '{$groupId}'";
$updateResult = mysql_query($updateQuery);
if (!$updateResult) {
displayerror('Could not update database.');
} else {
displayinfo('Changes to the group have been successfully saved.');
}
$groupRow = getGroupRow($groupRow['group_name']);
} elseif ($subAction == 'addusertogroup' && isset($_POST['txtUserEmail']) && trim($_POST['txtUserEmail']) != '') {
if ($groupRow['form_id'] != 0) {
displayerror('The selected group is associated with a form. To add a user, register the user to the form.');
} else {
$passedEmails = explode(',', escape($_POST['txtUserEmail']));
for ($i = 0; $i < count($passedEmails); $i++) {
$hyphenPos = strpos($passedEmails[$i], '-');
if ($hyphenPos >= 0) {
$userEmail = trim(substr($passedEmails[$i], 0, $hyphenPos - 1));
} else {
$userEmail = escape($_POST['txtUserEmail']);
}
$userId = getUserIdFromEmail($userEmail);
if (!$userId || $userId < 1) {
displayerror('Unknown E-mail. Could not find a registered user with the given E-mail Id');
}
if (!addUserToGroupName($groupRow['group_name'], $userId)) {
displayerror('Could not add the given user to the current group.');
} else {
displayinfo('User has been successfully inserted into the given group.');
}
}
}
} elseif ($subAction == 'associateform') {
if (isset($_POST['btnAssociateGroup'])) {
$pageIdArray = array();
$formPageId = parseUrlReal(escape($_POST['selFormPath']), $pageIdArray);
if ($formPageId <= 0 || getPageModule($formPageId) != 'form') {
displayerror('Invalid page selected! The page you selected is not a form.');
} elseif (!getPermissions($currentUserId, $formPageId, 'editregistrants', 'form')) {
displayerror('You do not have the permissions to associate the selected form with a group.');
} else {
$formModuleId = getModuleComponentIdFromPageId($formPageId, 'form');
require_once "{$sourceFolder}/{$moduleFolder}/form.lib.php";
if (isGroupEmpty($groupId) || form::getRegisteredUserCount($formModuleId) == 0) {
associateGroupWithForm($groupId, $formModuleId);
$groupRow = getGroupRow($groupRow['group_name']);
} else {
displayerror('Both the group and the form already contain registered users, and the group cannot be associated with the selected form.');
}
}
} elseif (isset($_POST['btnUnassociateGroup'])) {
if ($groupRow['form_id'] <= 0) {
displayerror('The selected group is currently not associated with any form.');
} elseif (!getPermissions($currentUserId, getPageIdFromModuleComponentId('form', $groupRow['form_id']), 'editregistrants', 'form')) {
displayerror('You do not have the permissions to unassociate the form from this group.');
} else {
unassociateFormFromGroup($groupId);
$virtue = '';
$maxPriorityGroup = getMaxPriorityGroup($pagePath, $currentUserId, array_reverse(getGroupIds($currentUserId)), $virtue);
$modifiableGroups = getModifiableGroups($currentUserId, $maxPriorityGroup, $ordering = 'asc');
$groupRow = getGroupRow($groupRow['group_name']);
}
}
}
if ($modifiableGroups[count($modifiableGroups) - 1]['group_priority'] < $groupRow['group_priority']) {
displayerror('You do not have the permission to modify the selected group.');
return '';
}
$usersTable = '`' . MYSQL_DATABASE_PREFIX . 'users`';
$usergroupTable = '`' . MYSQL_DATABASE_PREFIX . 'usergroup`';
$userQuery = "SELECT `user_email`, `user_fullname` FROM {$usergroupTable}, {$usersTable} WHERE `group_id` = '{$groupId}' AND {$usersTable}.`user_id` = {$usergroupTable}.`user_id` ORDER BY `user_email`";
$userResult = mysql_query($userQuery);
if (!$userResult) {
displayerror('Error! Could not fetch group information.');
return '';
}
$userEmails = array();
$userFullnames = array();
while ($userRow = mysql_fetch_row($userResult)) {
$userEmails[] = $userRow[0];
$userFullnames[] = $userRow[1];
}
$groupEditForm = <<<GROUPEDITFORM
\t\t\t<h2>Group '{$groupRow['group_name']}' - '{$groupRow['group_description']}'</h2><br />
\t\t\t<fieldset style="padding: 8px">
\t\t\t\t<legend>{$ICONS['User Groups']['small']}Group Properties</legend>
\t\t\t\t<form name="groupeditform" method="POST" action="./+admin&subaction=editgroups&groupname={$groupRow['group_name']}">
\t\t\t\t\tGroup Description: <input type="text" name="txtGroupDescription" value="{$groupRow['group_description']}" />
\t\t\t\t\t<input type="submit" name="btnSaveGroupProperties" value="Save Group Properties" />
\t\t\t\t</form>
\t\t\t</fieldset>
\t\t\t<br />
\t\t\t<fieldset style="padding: 8px">
\t\t\t\t<legend>{$ICONS['User Groups']['small']}Existing Users in Group:</legend>
GROUPEDITFORM;
$userCount = mysql_num_rows($userResult);
global $urlRequestRoot, $cmsFolder, $templateFolder, $sourceFolder;
$deleteImage = "<img src=\"{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/icons/16x16/actions/edit-delete.png\" alt=\"Remove user from the group\" title=\"Remove user from the group\" />";
for ($i = 0; $i < $userCount; $i++) {
$isntAssociatedWithForm = $groupRow['form_id'] == 0;
if ($isntAssociatedWithForm) {
$groupEditForm .= '<a onclick="return confirm(\'Are you sure you wish to remove this user from this group?\')" href="./+admin&subaction=editgroups&subsubaction=deleteuser&groupname=' . $groupRow['group_name'] . '&useremail=' . $userEmails[$i] . '">' . $deleteImage . "</a>";
}
$groupEditForm .= " {$userEmails[$i]} - {$userFullnames[$i]}<br />\n";
}
$associateForm = '';
if ($groupRow['form_id'] == 0) {
$associableForms = getAssociableFormsList($currentUserId, !isGroupEmpty($groupId));
$associableFormCount = count($associableForms);
$associableFormsBox = '<select name="selFormPath">';
for ($i = 0; $i < $associableFormCount; ++$i) {
$associableFormsBox .= '<option value="' . $associableForms[$i][2] . '">' . $associableForms[$i][1] . ' - ' . $associableForms[$i][2] . '</option>';
}
$associableFormsBox .= '</select>';
$associateForm = <<<GROUPASSOCIATEFORM
\t\t\tSelect a form to associate the group with: {$associableFormsBox}
\t\t\t<input type="submit" name="btnAssociateGroup" value="Associate Group with Form" />
GROUPASSOCIATEFORM;
} else {
$associatedFormPageId = getPageIdFromModuleComponentId('form', $groupRow['form_id']);
$associateForm = 'This group is currently associated with the form: ' . getPageTitle($associatedFormPageId) . ' (' . getPagePath($associatedFormPageId) . ')<br />' . '<input type="submit" name="btnUnassociateGroup" value="Unassociate" />';
}
$groupEditForm .= '</fieldset>';
if ($groupRow['form_id'] == 0) {
$groupEditForm .= <<<GROUPEDITFORM
\t\t\t\t<br />
\t\t\t\t<fieldset style="padding: 8px">
\t\t\t\t\t<legend>{$ICONS['Add']['small']}Add Users to Group</legend>
\t\t\t\t\t<form name="addusertogroup" method="POST" action="./+admin&subaction=editgroups&groupname={$groupRow['group_name']}">
\t\t\t\t\t\tEmail ID: <input type="text" name="txtUserEmail" id="txtUserEmail" value="" style="width: 256px" autocomplete="off" />
\t\t\t\t\t\t<div id="suggestionDiv" class="suggestionbox"></div>
\t\t\t\t\t\t<script language="javascript" type="text/javascript" src="{$scriptsFolder}/ajaxsuggestionbox.js"></script>
\t\t\t\t\t\t<script language="javascript" type="text/javascript">
\t\t\t\t\t\t<!--
\t\t\t\t\t\t\tvar addUserBox = new SuggestionBox(document.getElementById('txtUserEmail'), document.getElementById('suggestionDiv'), "./+admin&doaction=getsuggestions&forwhat=%pattern%");
\t\t\t\t\t\t\taddUserBox.loadingImageUrl = '{$imagesFolder}/ajaxloading.gif';
\t\t\t\t\t\t-->
\t\t\t\t\t\t</script>
\t\t\t\t\t\t<input type="submit" name="btnAddUserToGroup" value="Add User to Group" />
\t\t\t\t\t</form>
\t\t\t\t</fieldset>
GROUPEDITFORM;
}
$groupEditForm .= <<<GROUPEDITFORM
\t\t\t<br />
\t\t\t<fieldset style="padding: 8px">
\t\t\t\t<legend>{$ICONS['Group Associate Form']['small']}Associate With Form</legend>
\t\t\t\t<form name="groupassociationform" action="./+admin&subaction=editgroups&subsubaction=associateform&groupname={$groupRow['group_name']}" method="POST">
\t\t\t\t\t{$associateForm}
\t\t\t\t</form>
\t\t\t</fieldset>
GROUPEDITFORM;
return $groupEditForm;
}
if ($subAction == 'editgrouppriorities') {
$modifiableCount = count($modifiableGroups);
$userMaxPriority = $maxPriorityGroup = 1;
if ($modifiableCount != 0) {
$userMaxPriority = max($modifiableGroups[0]['group_priority'], $modifiableGroups[$modifiableCount - 1]['group_priority']);
$maxPriorityGroup = $modifiableGroups[0]['group_priority'] > $modifiableGroups[$modifiableCount - 1]['group_priority'] ? $modifiableGroups[0]['group_id'] : $modifiableGroups[$modifiableCount - 1]['group_id'];
}
if (isset($_GET['dowhat']) && !is_null($groupId)) {
if ($_GET['dowhat'] == 'incrementpriority' || $_GET['dowhat'] == 'decrementpriority') {
shiftGroupPriority($currentUserId, $groupRow['group_name'], $_GET['dowhat'] == 'incrementpriority' ? 'up' : 'down', $userMaxPriority, true);
} elseif ($_GET['dowhat'] == 'movegroupup' || $_GET['dowhat'] == 'movegroupdown') {
shiftGroupPriority($currentUserId, $groupRow['group_name'], $_GET['dowhat'] == 'movegroupup' ? 'up' : 'down', $userMaxPriority, false);
} elseif ($_GET['dowhat'] == 'emptygroup') {
emptyGroup($groupRow['group_name']);
} elseif ($_GET['dowhat'] == 'deletegroup') {
if (deleteGroup($groupRow['group_name'])) {
$virtue = '';
$maxPriorityGroup = getMaxPriorityGroup($pagePath, $currentUserId, array_reverse(getGroupIds($currentUserId)), $virtue);
$modifiableGroups = getModifiableGroups($currentUserId, $maxPriorityGroup, $ordering = 'asc');
}
}
$modifiableGroups = reevaluateGroupPriorities($modifiableGroups);
} elseif (isset($_GET['dowhat']) && $_GET['dowhat'] == 'addgroup') {
if (isset($_POST['txtGroupName']) && isset($_POST['txtGroupDescription']) && isset($_POST['selGroupPriority'])) {
$existsQuery = 'SELECT `group_id` FROM `' . MYSQL_DATABASE_PREFIX . "groups` WHERE `group_name` = '" . escape($_POST['txtGroupName']) . "'";
$existsResult = mysql_query($existsQuery);
if (trim($_POST['txtGroupName']) == '') {
displayerror('Cannot create a group with an empty name. Please type in a name for the new group.');
} elseif (mysql_num_rows($existsResult) >= 1) {
displayerror('A group with the name you specified already exists.');
} else {
$idQuery = 'SELECT MAX(`group_id`) FROM `' . MYSQL_DATABASE_PREFIX . 'groups`';
$idResult = mysql_query($idQuery);
$idRow = mysql_fetch_row($idResult);
$newGroupId = 2;
if (!is_null($idRow[0])) {
$newGroupId = $idRow[0] + 1;
}
$newGroupPriority = 1;
if ($_POST['selGroupPriority'] <= $userMaxPriority && $_POST['selGroupPriority'] > 0) {
$newGroupPriority = escape($_POST['selGroupPriority']);
}
$addGroupQuery = 'INSERT INTO `' . MYSQL_DATABASE_PREFIX . 'groups` (`group_id`, `group_name`, `group_description`, `group_priority`) ' . "VALUES({$newGroupId}, '" . escape($_POST['txtGroupName']) . "', '" . escape($_POST['txtGroupDescription']) . "', '{$newGroupPriority}')";
$addGroupResult = mysql_query($addGroupQuery);
if ($addGroupResult) {
displayinfo('New group added successfully.');
if (isset($_POST['chkAddMe'])) {
$insertQuery = 'INSERT INTO `' . MYSQL_DATABASE_PREFIX . "usergroup`(`user_id`, `group_id`) VALUES ('{$currentUserId}', '{$newGroupId}')";
if (!mysql_query($insertQuery)) {
displayerror('Error adding user to newly created group: ' . $insertQuery . '<br />' . mysql_query());
}
}
$virtue = '';
$maxPriorityGroup = getMaxPriorityGroup($pagePath, $currentUserId, array_reverse(getGroupIds($currentUserId)), $virtue);
$modifiableGroups = getModifiableGroups($currentUserId, $maxPriorityGroup, $ordering = 'asc');
} else {
displayerror('Could not run MySQL query. New group could not be added.');
}
}
}
$modifiableGroups = reevaluateGroupPriorities($modifiableGroups);
}
$modifiableCount = count($modifiableGroups);
if ($modifiableGroups[0]['group_priority'] < $modifiableGroups[$modifiableCount - 1]['group_priority']) {
$modifiableGroups = array_reverse($modifiableGroups);
}
$previousPriority = $modifiableGroups[0]['group_priority'];
global $cmsFolder, $urlRequestRoot, $moduleFolder, $templateFolder, $sourceFolder;
$iconsFolderUrl = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/icons/16x16";
$moveUpImage = '<img src="' . $iconsFolderUrl . '/actions/go-up.png" title="Increment Group Priority" alt="Increment Group Priority" />';
$moveDownImage = '<img src="' . $iconsFolderUrl . '/actions/go-down.png" alt="Decrement Group Priority" title="Decrement Group Priority" />';
$moveTopImage = '<img src="' . $iconsFolderUrl . '/actions/go-top.png" alt="Move to next higher priority level" title="Move to next higher priority level" />';
$moveBottomImage = '<img src="' . $iconsFolderUrl . '/actions/go-bottom.png" alt="Move to next lower priority level" title="Move to next lower priority level" />';
$emptyImage = '<img src="' . $iconsFolderUrl . '/actions/edit-clear.png" alt="Empty Group" title="Empty Group" />';
$deleteImage = '<img src="' . $iconsFolderUrl . '/actions/edit-delete.png" alt="Delete Group" title="Delete Group" />';
$groupsForm = '<h3>Edit Group Priorities</h3><br />';
for ($i = 0; $i < $modifiableCount; $i++) {
if ($modifiableGroups[$i]['group_priority'] != $previousPriority) {
$groupsForm .= '<br /><br /><hr /><br />';
}
$groupsForm .= '<span style="margin: 4px;" title="' . $modifiableGroups[$i]['group_description'] . '">' . '<a href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=incrementpriority&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $moveUpImage . '</a>' . '<a href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=decrementpriority&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $moveDownImage . '</a>' . '<a href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=movegroupup&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $moveTopImage . '</a>' . '<a href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=movegroupdown&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $moveBottomImage . '</a>' . '<a onclick="return confirm(\'Are you sure you want to empty this group?\')" href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=emptygroup&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $emptyImage . '</a>' . '<a onclick="return confirm(\'Are you sure you want to delete this group?\')" href="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=deletegroup&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $deleteImage . '</a>' . '<a href="./+admin&subaction=editgroups&groupname=' . $modifiableGroups[$i]['group_name'] . '">' . $modifiableGroups[$i]['group_name'] . "</a></span>\n";
$previousPriority = $modifiableGroups[$i]['group_priority'];
}
$priorityBox = '<option value="1">1</option>';
for ($i = 2; $i <= $userMaxPriority; ++$i) {
$priorityBox .= '<option value="' . $i . '">' . $i . '</option>';
}
$groupsForm .= <<<GROUPSFORM
\t\t<br /><br />
\t\t<fieldset style="padding: 8px">
\t\t\t<legend>Create New Group:</legend>
\t\t\t<form name="groupaddform" method="POST" action="./+admin&subaction=editgroups&subsubaction=editgrouppriorities&dowhat=addgroup">
\t\t\t\t<label>Group Name: <input type="text" name="txtGroupName" value="" /></label><br />
\t\t\t\t<label>Group Description: <input type="text" name="txtGroupDescription" value="" /></label><br />
\t\t\t\t<label>Group Priority: <select name="selGroupPriority">{$priorityBox}</select><br />
\t\t\t\t<label><input type="checkbox" name="chkAddMe" value="addme" /> Add me to group</label><br />
\t\t\t\t<input type="submit" name="btnAddNewGroup" value="Add Group" />
\t\t\t</form>
\t\t</fieldset>
GROUPSFORM;
return $groupsForm;
}
$modifiableCount = count($modifiableGroups);
$groupsBox = '<select name="selEditGroups">';
for ($i = 0; $i < $modifiableCount; ++$i) {
$groupsBox .= '<option value="' . $modifiableGroups[$i]['group_name'] . '">' . $modifiableGroups[$i]['group_name'] . ' - ' . $modifiableGroups[$i]['group_description'] . "</option>\n";
}
$groupsBox .= '</select>';
$groupsForm = <<<GROUPSFORM
\t\t<form name="groupeditform" method="POST" action="./+admin&subaction=editgroups">
\t\t\t{$groupsBox}
\t\t\t<input type="submit" name="btnEditGroup" value="Edit Selected Group" /><br /><br />
\t\t\t<input type="submit" name="btnEditGroupPriorities" value="Add/Shuffle/Remove Groups" />
\t\t</form>
GROUPSFORM;
return $groupsForm;
}
