Пример #1
0
function discuss_list($message = '')
{
    pagetop(gTxt('list_discussions'), $message);
    extract(doSlash(gpsa(array('page', 'crit'))));
    extract(get_prefs());
    $total = safe_count('txp_discuss', "1=1");
    $limit = max(@$comment_list_pageby, 25);
    $numPages = ceil($total / $limit);
    $page = !$page ? 1 : $page;
    $offset = ($page - 1) * $limit;
    $nav[] = $page > 1 ? PrevNextLink("discuss", $page - 1, gTxt('prev'), 'prev') : '';
    $nav[] = sp . small($page . '/' . $numPages) . sp;
    $nav[] = $page != $numPages ? PrevNextLink("discuss", $page + 1, gTxt('next'), 'next') : '';
    $criteria = $crit ? "message like '%{$crit}%'" : '1=1';
    $rs = safe_rows_start("*, unix_timestamp(posted) as uPosted", "txp_discuss", "{$criteria} order by posted desc limit {$offset}, {$limit}");
    echo pageby_form('discuss', $comment_list_pageby);
    if ($rs) {
        echo '<form action="index.php" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list'), assHead('date', 'name', 'message', 'parent', '');
        while ($a = nextRow($rs)) {
            extract($a);
            $dmessage = $visible == SPAM ? short_preview($message) : $message;
            $date = "" . date("M d, g:ia", $uPosted + tz_offset()) . "";
            $editlink = eLink('discuss', 'discuss_edit', 'discussid', $discussid, $date);
            $cbox = fInput('checkbox', 'selected[]', $discussid);
            $tq = fetch('Title', 'textpattern', 'ID', $parentid);
            $parent = !$tq ? gTxt('article_deleted') : $tq;
            echo assRow(array($editlink => 100, $name => 100, $dmessage => 250, $parent => 100, $cbox => 20), ' class="' . ($visible == VISIBLE ? 'visible' : ($visible == SPAM ? 'spam' : 'moderate')) . '"');
        }
        echo tr(tda(select_buttons() . discuss_multiedit_form(), ' colspan="5" style="text-align:right;border:0px"'));
        echo endTable() . '</form>';
        echo startTable('edit'), tr(td(form(fInput('text', 'crit', '', 'edit') . fInput('submit', 'search', gTxt('search'), 'smallbox') . eInput("discuss") . sInput("list"))) . td(graf(join('', $nav)))) . tr(tda(graf('<a href="index.php?event=discuss' . a . 'step=ipban_list">' . gTxt('list_banned_ips') . '</a>'), ' colspan="2" align="center" valign="middle"')), endTable();
    } else {
        echo graf(gTxt('no_comments_recorded'), ' align="center"');
    }
}
Пример #2
0
function article_list()
{
    global $url_mode, $txpac;
    $headspan = $txpac['show_article_category_count'] ? 3 : 2;
    $o = hed(gTxt('article_head') . popHelp('article_category'), 3);
    $o .= form(fInput('text', 'name', '', 'edit', '', '', 10) . fInput('submit', '', gTxt('Create'), 'smallerbox') . eInput('category') . sInput('article_create'));
    $rs = getTree('root', 'article');
    if ($rs) {
        foreach ($rs as $a) {
            extract($a);
            if ($name == 'root') {
                continue;
            }
            if ($txpac['show_article_category_count']) {
                $sname = doSlash($name);
                $count = sp . small(safe_count("textpattern", "((Category1='{$sname}') or (Category2='{$sname}'))"));
            } else {
                $count = '';
            }
            $cbox = checkbox('selected[]', $name, 0);
            $editlink = eLink('category', 'article_edit', 'name', $name, htmlspecialchars($name));
            $items[] = graf($cbox . sp . str_repeat(sp, $level - 1) . $editlink . $count);
        }
        if (!empty($items)) {
            $o .= article_multiedit_form('article', $items);
        }
    }
    return $o;
}
Пример #3
0
/**
 * Textpattern plugin: ckr_image_count
 *
 * Counts images and provides a conditional tag
 * 
 * @package		textpattern-plugins
 * @copyright	(c) 2009, all rights reserved
 * @author		Cedric Kastner <*****@*****.**>
 * @version		1.0
 */
function ckr_image_count($atts)
{
    // Extract attribute from tag
    extract(lAtts(array('category' => false), $atts));
    // Category name given, output the count of images within
    if ($category) {
        return safe_count('txp_image', 'category = \'' . $category . '\'');
    }
    // No category name given, output the count of all images
    return safe_count('txp_image', '1');
}
Пример #4
0
function page_delete()
{
    $name = ps('name');
    $count = safe_count('txp_section', "page = '" . doSlash($name) . "'");
    if ($name == 'error_default') {
        return page_edit();
    }
    if ($count) {
        $message = gTxt('page_used_by_section', array('{name}' => $name, '{count}' => $count));
    } else {
        safe_delete('txp_page', "name = '" . doSlash($name) . "'");
        $message = gTxt('page_deleted', array('{name}' => $name));
    }
    page_edit($message);
}
Пример #5
0
/**
 * Deletes a page template.
 */
function page_delete()
{
    $name = ps('name');
    $count = safe_count('txp_section', "page = '" . doSlash($name) . "'");
    $message = '';
    if ($name == 'error_default') {
        return page_edit();
    }
    if ($count) {
        $message = array(gTxt('page_used_by_section', array('{name}' => $name, '{count}' => $count)), E_WARNING);
    } else {
        if (safe_delete('txp_page', "name = '" . doSlash($name) . "'")) {
            callback_event('page_deleted', '', 0, $name);
            $message = gTxt('page_deleted', array('{name}' => $name));
        }
    }
    page_edit($message);
}
Пример #6
0
function file_list($message = '')
{
    global $txpcfg, $extensions, $file_base_path, $file_statuses, $file_list_pageby;
    pagetop(gTxt('file'), $message);
    extract($txpcfg);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if (!is_dir($file_base_path) or !is_writeable($file_base_path)) {
        echo graf(gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), ' id="warning"');
    } else {
        $existing_files = get_filenames();
        if (count($existing_files) > 0) {
            echo form(eInput('file') . sInput('file_create') . graf(gTxt('existing_file') . sp . selectInput('filename', $existing_files, '', 1) . sp . fInput('submit', '', gTxt('Create'), 'smallerbox')), 'text-align: center;');
        }
        echo file_upload_form(gTxt('upload_file'), 'upload', 'file_insert');
    }
    $dir = $dir == 'desc' ? 'desc' : 'asc';
    switch ($sort) {
        case 'id':
            $sort_sql = 'id ' . $dir;
            break;
        case 'description':
            $sort_sql = 'description ' . $dir . ', filename desc';
            break;
        case 'category':
            $sort_sql = 'category ' . $dir . ', filename desc';
            break;
        case 'downloads':
            $sort_sql = 'downloads ' . $dir . ', filename desc';
            break;
        default:
            $sort = 'filename';
            $sort_sql = 'filename ' . $dir;
            break;
    }
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $criteria = 1;
    if ($search_method and $crit) {
        $crit_escaped = doSlash($crit);
        $critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "filename like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'");
        if (array_key_exists($search_method, $critsql)) {
            $criteria = $critsql[$search_method];
            $limit = 500;
        } else {
            $search_method = '';
            $crit = '';
        }
    } else {
        $search_method = '';
        $crit = '';
    }
    $total = safe_count('txp_file', "{$criteria}");
    if ($total < 1) {
        if ($criteria != 1) {
            echo n . file_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"');
        } else {
            echo n . graf(gTxt('no_files_recorded'), ' class="indicator"');
        }
        return;
    }
    $limit = max($file_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo file_search_form($crit, $search_method);
    $rs = safe_rows_start('*', 'txp_file', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
    if ($rs) {
        echo '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list') . tr(column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . hCell() . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method, 'filename' == $sort ? $dir : '') . column_head('description', 'description', 'file', true, $switch_dir, $crit, $search_method, 'description' == $sort ? $dir : '') . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method, 'category' == $sort ? $dir : '') . hCell(gTxt('tags')) . hCell(gTxt('status')) . hCell(gTxt('condition')) . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method, 'downloads' == $sort ? $dir : '') . hCell());
        while ($a = nextRow($rs)) {
            extract($a);
            $edit_url = '?event=file' . a . 'step=file_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
            $file_exists = file_exists(build_file_path($file_base_path, $filename));
            $download_link = $file_exists ? '<li>' . make_download_link($id, '', $filename) . '</li>' : '';
            $category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'file')) . '">' . $category . '</span>' : '';
            $tag_url = '?event=tag' . a . 'tag_name=file_download_link' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename);
            $condition = '<span class="';
            $condition .= $file_exists ? 'ok' : 'not-ok';
            $condition .= '">';
            $condition .= $file_exists ? gTxt('file_status_ok') : gTxt('file_status_missing');
            $condition .= '</span>';
            echo tr(n . td($id) . td('<ul>' . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . $download_link . '</ul>', 65) . td(href(htmlspecialchars($filename), $edit_url), 125) . td(htmlspecialchars($description), 150) . td($category, 90) . td(n . '<ul>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href, 400, 250); return false;">Textile</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href, 400, 250); return false;">Textpattern</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href, 400, 250); return false;">XHTML</a></li>' . n . '</ul>', 75) . td($file_statuses[$status], 45) . td($condition, 45) . td($downloads == '0' ? gTxt('none') : $downloads, 25) . td(fInput('checkbox', 'selected[]', $id), 10));
        }
        echo tr(tda(select_buttons() . file_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="10" style="text-align: right; border: none;"')) . endTable() . '</form>' . nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('file', $file_list_pageby);
    }
}
Пример #7
0
 function list_view()
 {
     global $prefs;
     extract($prefs);
     $out = array();
     if (!is_dir(IMPATH) or !is_writeable(IMPATH)) {
         $this->_error(gTxt('img_dir_not_writeable', array('{imgdir}' => IMPATH)));
     } else {
         $out[] = upload_form(gTxt('upload_image'), 'upload', 'insert', $this->event, '', $file_max_upload_size);
     }
     extract($this->context);
     switch ($sort) {
         case 'name':
             $sort_sql = 'name ' . $dir;
             break;
         case 'thumbnail':
             $sort_sql = 'thumbnail ' . $dir . ', id asc';
             break;
         case 'category':
             $sort_sql = 'category ' . $dir . ', id asc';
             break;
         case 'date':
             $sort_sql = 'date ' . $dir . ', id asc';
             break;
         case 'author':
             $sort_sql = 'author ' . $dir . ', id asc';
             break;
         default:
             $sort = 'id';
             $sort_sql = 'id ' . $dir;
             break;
     }
     $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
     $criteria = 1;
     if ($search_method and $crit) {
         $crit_escaped = doSlash($crit);
         $critsql = array('id' => "id = '{$crit_escaped}'", 'name' => "name like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'");
         if (array_key_exists($search_method, $critsql)) {
             $criteria = $critsql[$search_method];
             $limit = 500;
         } else {
             $search_method = '';
             $crit = '';
         }
     } else {
         $search_method = '';
         $crit = '';
     }
     $total = safe_count('txp_image', "{$criteria}");
     if ($total < 1) {
         if ($criteria != 1) {
             $out[] = n . $this->search_form($crit, $search_method);
             $this->_message(gTxt('no_results_found'));
         } else {
             $this->_message(gTxt('no_images_recorded'));
         }
     } else {
         $limit = max(@$image_list_pageby, 15);
         list($page, $offset, $numPages) = pager($total, $limit, $page);
         $out[] = $this->search_form($crit, $search_method);
         $rs = safe_rows('*, unix_timestamp(date) as uDate', 'txp_image', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
         if ($rs) {
             $v = new ImageListView($rs, $this);
             $out[] = $v->render();
             $out[] = nav_form($this->event, $page, $numPages, $sort, $dir, $crit, $search_method);
             $out[] = $this->pageby_form($this->event, $image_list_pageby);
         }
     }
     return join('', $out);
 }
Пример #8
0
function install_textpack($textpack, $add_new_langs = false)
{
    global $prefs;
    $textpack = explode(n, $textpack);
    if (empty($textpack)) {
        return 0;
    }
    // presume site language equals textpack language
    $language = get_pref('language', 'en-gb');
    $installed_langs = safe_column('lang', 'txp_lang', "1 = 1 group by lang");
    $doit = true;
    $done = 0;
    foreach ($textpack as $line) {
        $line = trim($line);
        // A line starting with #, not followed by @ is a simple comment
        if (preg_match('/^#[^@]/', $line, $m)) {
            continue;
        }
        // A line matching "#@language xx-xx" establishes the designated language for all subsequent lines
        if (preg_match('/^#@language\\s+(.+)$/', $line, $m)) {
            $language = doSlash($m[1]);
            // May this Textpack introduce texts for this language?
            $doit = $add_new_langs || in_array($language, $installed_langs);
            continue;
        }
        // A line matching "#@event_name" establishes the event value for all subsequent lines
        if (preg_match('/^#@([a-zA-Z0-9_-]+)$/', $line, $m)) {
            $event = doSlash($m[1]);
            continue;
        }
        // Data lines match a "name => value" pattern. Some white space allowed.
        if ($doit && preg_match('/^(\\w+)\\s*=>\\s*(.+)$/', $line, $m)) {
            if (!empty($m[1]) && !empty($m[2])) {
                $name = doSlash($m[1]);
                $value = doSlash($m[2]);
                $where = "lang='{$language}' AND name='{$name}'";
                // Store text; do *not* tamper with last modification date from RPC but use a well-known date in the past
                if (safe_count('txp_lang', $where)) {
                    safe_update('txp_lang', "lastmod='2005-08-14', data='{$value}', event='{$event}'", $where);
                } else {
                    safe_insert('txp_lang', "lastmod='2005-08-14', data='{$value}', event='{$event}', lang='{$language}', name='{$name}'");
                }
                ++$done;
            }
        }
    }
    return $done;
}
Пример #9
0
function check_url_title($url_title)
{
    // Check for blank or previously used identical url-titles
    if (strlen($url_title) === 0) {
        return gTxt('url_title_is_blank');
    } else {
        $url_title_count = safe_count('textpattern', "url_title = '{$url_title}'");
        if ($url_title_count > 1) {
            return gTxt('url_title_is_multiple', array('{count}' => $url_title_count));
        }
    }
    return '';
}
Пример #10
0
/**
 * The main panel listing all log hits.
 *
 * @param string|array $message The activity message
 */
function log_list($message = '')
{
    global $event, $log_list_pageby, $expire_logs_after;
    pagetop(gTxt('tab_logs'), $message);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if ($sort === '') {
        $sort = get_pref('log_sort_column', 'time');
    } else {
        if (!in_array($sort, array('ip', 'host', 'page', 'refer', 'method', 'status'))) {
            $sort = 'time';
        }
        set_pref('log_sort_column', $sort, 'log', 2, '', 0, PREF_PRIVATE);
    }
    if ($dir === '') {
        $dir = get_pref('log_sort_dir', 'desc');
    } else {
        $dir = $dir == 'asc' ? "asc" : "desc";
        set_pref('log_sort_dir', $dir, 'log', 2, '', 0, PREF_PRIVATE);
    }
    $expire_logs_after = assert_int($expire_logs_after);
    safe_delete('txp_log', "time < DATE_SUB(NOW(), INTERVAL {$expire_logs_after} DAY)");
    switch ($sort) {
        case 'ip':
            $sort_sql = "ip {$dir}";
            break;
        case 'host':
            $sort_sql = "host {$dir}";
            break;
        case 'page':
            $sort_sql = "page {$dir}";
            break;
        case 'refer':
            $sort_sql = "refer {$dir}";
            break;
        case 'method':
            $sort_sql = "method {$dir}";
            break;
        case 'status':
            $sort_sql = "status {$dir}";
            break;
        default:
            $sort = 'time';
            $sort_sql = "time {$dir}";
            break;
    }
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $search = new Filter($event, array('ip' => array('column' => 'txp_log.ip', 'label' => gTxt('IP')), 'host' => array('column' => 'txp_log.host', 'label' => gTxt('host')), 'page' => array('column' => 'txp_log.page', 'label' => gTxt('page')), 'refer' => array('column' => 'txp_log.refer', 'label' => gTxt('referrer')), 'method' => array('column' => 'txp_log.method', 'label' => gTxt('method')), 'status' => array('column' => 'txp_log.status', 'label' => gTxt('status'), 'type' => 'integer')));
    list($criteria, $crit, $search_method) = $search->getFilter(array('status' => array('can_list' => true)));
    $search_render_options = array('placeholder' => 'search_logs');
    $total = safe_count('txp_log', "{$criteria}");
    echo n . tag(hed(gTxt('tab_logs'), 1, array('class' => 'txp-heading')), 'div', array('class' => 'txp-layout-2col-cell-1'));
    $searchBlock = n . tag($search->renderForm('log_list', $search_render_options), 'div', array('class' => 'txp-layout-2col-cell-2', 'id' => $event . '_control'));
    $contentBlockStart = n . tag_start('div', array('class' => 'txp-layout-1col', 'id' => $event . '_container'));
    if ($total < 1) {
        if ($criteria != 1) {
            echo $searchBlock . $contentBlockStart . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_results_found'), array('class' => 'alert-block information'));
        } else {
            echo $contentBlockStart . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_refers_recorded'), array('class' => 'alert-block information'));
        }
        echo n . tag_end('div');
        return;
    }
    $limit = max($log_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo $searchBlock . $contentBlockStart;
    $rs = safe_rows_start("*, UNIX_TIMESTAMP(time) AS uTime", 'txp_log', "{$criteria} ORDER BY {$sort_sql} LIMIT {$offset}, {$limit}");
    if ($rs) {
        echo n . tag(toggle_box('log_detail'), 'div', array('class' => 'txp-list-options')) . n . tag_start('form', array('class' => 'multi_edit_form', 'id' => 'log_form', 'name' => 'longform', 'method' => 'post', 'action' => 'index.php')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' class="txp-list-col-multi-edit" scope="col" title="' . gTxt('toggle_all_selected') . '"') . column_head('time', 'time', 'log', true, $switch_dir, $crit, $search_method, ('time' == $sort ? "{$dir} " : '') . 'txp-list-col-time') . column_head('IP', 'ip', 'log', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'txp-list-col-ip') . column_head('host', 'host', 'log', true, $switch_dir, $crit, $search_method, ('host' == $sort ? "{$dir} " : '') . 'txp-list-col-host log_detail') . column_head('page', 'page', 'log', true, $switch_dir, $crit, $search_method, ('page' == $sort ? "{$dir} " : '') . 'txp-list-col-page') . column_head('referrer', 'refer', 'log', true, $switch_dir, $crit, $search_method, ('refer' == $sort ? "{$dir} " : '') . 'txp-list-col-refer') . column_head('method', 'method', 'log', true, $switch_dir, $crit, $search_method, ('method' == $sort ? "{$dir} " : '') . 'txp-list-col-method log_detail') . column_head('status', 'status', 'log', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'txp-list-col-status log_detail')) . n . tag_end('thead') . n . tag_start('tbody');
        while ($a = nextRow($rs)) {
            extract($a, EXTR_PREFIX_ALL, 'log');
            if ($log_refer) {
                $log_refer = href(txpspecialchars(soft_wrap(preg_replace('#^http://#', '', $log_refer), 30)), txpspecialchars($log_refer), ' target="_blank"');
            }
            if ($log_page) {
                $log_anchor = preg_replace('/\\/$/', '', $log_page);
                $log_anchor = soft_wrap(substr($log_anchor, 1), 30);
                $log_page = href(txpspecialchars($log_anchor), txpspecialchars($log_page), ' target="_blank"');
                if ($log_method == 'POST') {
                    $log_page = strong($log_page);
                }
            }
            echo tr(td(fInput('checkbox', 'selected[]', $log_id), '', 'txp-list-col-multi-edit') . hCell(gTime($log_uTime), '', ' class="txp-list-col-time" scope="row"') . td(href(txpspecialchars($log_ip), 'https://whois.domaintools.com/' . rawurlencode($log_ip), array('rel' => 'external', 'target' => '_blank')), '', 'txp-list-col-ip') . td(txpspecialchars($log_host), '', 'txp-list-col-host log_detail') . td($log_page, '', 'txp-list-col-page') . td($log_refer, '', 'txp-list-col-refer') . td(txpspecialchars($log_method), '', 'txp-list-col-method log_detail') . td($log_status, '', 'txp-list-col-status log_detail'));
        }
        echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . log_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . n . tag_start('div', array('class' => 'txp-navigation', 'id' => $event . '_navigation')) . pageby_form('log', $log_list_pageby) . nav_form('log', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div');
    }
    echo n . tag_end('div');
}
Пример #11
0
function check_url_title($url_title)
{
    // Check for blank or previously used identical url-titles
    if (strlen($url_title) === 0) {
        return ' ' . gTxt("url_title_is_blank");
    } else {
        $url_title_count = safe_count("textpattern", "`url_title` = '" . $url_title . "'");
        if ($url_title_count > 1) {
            return str_replace('{count}', $url_title_count, ' ' . gTxt("url_title_is_multiple"));
        }
    }
    return '';
}
Пример #12
0
/**
 * The main panel listing all sections.
 *
 * So-named to avoid clashing with the &lt;txp:section_list /&gt; tag.
 *
 * @param string|array $message The activity message
 */
function sec_section_list($message = '')
{
    global $event, $section_list_pageby;
    pagetop(gTxt('tab_sections'), $message);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if ($sort === '') {
        $sort = get_pref('section_sort_column', 'name');
    } else {
        if (!in_array($sort, array('title', 'page', 'css', 'in_rss', 'on_frontpage', 'searchable', 'article_count'))) {
            $sort = 'name';
        }
        set_pref('section_sort_column', $sort, 'section', 2, '', 0, PREF_PRIVATE);
    }
    if ($dir === '') {
        $dir = get_pref('section_sort_dir', 'desc');
    } else {
        $dir = $dir == 'asc' ? "asc" : "desc";
        set_pref('section_sort_dir', $dir, 'section', 2, '', 0, PREF_PRIVATE);
    }
    switch ($sort) {
        case 'title':
            $sort_sql = "title {$dir}";
            break;
        case 'page':
            $sort_sql = "page {$dir}";
            break;
        case 'css':
            $sort_sql = "css {$dir}";
            break;
        case 'in_rss':
            $sort_sql = "in_rss {$dir}";
            break;
        case 'on_frontpage':
            $sort_sql = "on_frontpage {$dir}";
            break;
        case 'searchable':
            $sort_sql = "searchable {$dir}";
            break;
        case 'article_count':
            $sort_sql = "article_count {$dir}";
            break;
        default:
            $sort_sql = "name {$dir}";
            break;
    }
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $search = new Filter($event, array('name' => array('column' => 'txp_section.name', 'label' => gTxt('name')), 'title' => array('column' => 'txp_section.title', 'label' => gTxt('title')), 'page' => array('column' => 'txp_section.page', 'label' => gTxt('page')), 'css' => array('column' => 'txp_section.css', 'label' => gTxt('css')), 'on_frontpage' => array('column' => 'txp_section.on_frontpage', 'label' => gTxt('on_front_page'), 'type' => 'boolean'), 'in_rss' => array('column' => 'txp_section.in_rss', 'label' => gTxt('syndicate'), 'type' => 'boolean'), 'searchable' => array('column' => 'txp_section.searchable', 'label' => gTxt('include_in_search'), 'type' => 'boolean')));
    $alias_yes = '1, Yes';
    $alias_no = '0, No';
    $search->setAliases('on_frontpage', array($alias_no, $alias_yes));
    $search->setAliases('in_rss', array($alias_no, $alias_yes));
    $search->setAliases('searchable', array($alias_no, $alias_yes));
    list($criteria, $crit, $search_method) = $search->getFilter();
    $search_render_options = array('placeholder' => 'search_sections');
    $total = safe_count('txp_section', $criteria);
    echo n . tag(hed(gTxt('tab_sections'), 1, array('class' => 'txp-heading')), 'div', array('class' => 'txp-layout-2col-cell-1'));
    $searchBlock = n . tag($search->renderForm('sec_section', $search_render_options), 'div', array('class' => 'txp-layout-2col-cell-2', 'id' => $event . '_control'));
    $createBlock = array();
    if (has_privs('section.edit')) {
        $createBlock[] = n . tag(sLink('section', 'section_edit', gTxt('create_section'), 'txp-button') . n . tag_start('form', array('class' => 'async', 'id' => 'default_section_form', 'name' => 'default_section_form', 'method' => 'post', 'action' => 'index.php')) . tag(gTxt('default_write_section'), 'label', array('for' => 'default_section')) . popHelp('section_default') . section_select_list() . eInput('section') . sInput('section_set_default') . n . tag_end('form'), 'div', array('class' => 'txp-control-panel'));
    }
    $contentBlockStart = n . tag_start('div', array('class' => 'txp-layout-1col', 'id' => $event . '_container'));
    $createBlock = implode(n, $createBlock);
    if ($total < 1) {
        if ($criteria != 1) {
            echo $searchBlock . $contentBlockStart . $createBlock . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_results_found'), array('class' => 'alert-block information')) . n . tag_end('div');
        }
        return;
    }
    $limit = max($section_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo $searchBlock . $contentBlockStart . $createBlock;
    $rs = safe_rows_start("*, (SELECT COUNT(*) FROM " . safe_pfx_j('textpattern') . " WHERE textpattern.Section = txp_section.name) AS article_count", 'txp_section', "{$criteria} ORDER BY {$sort_sql} LIMIT {$offset}, {$limit}");
    if ($rs) {
        echo n . tag(toggle_box('section_detail'), 'div', array('class' => 'txp-list-options')) . n . tag_start('form', array('class' => 'multi_edit_form', 'id' => 'section_form', 'name' => 'longform', 'method' => 'post', 'action' => 'index.php')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' class="txp-list-col-multi-edit" scope="col" title="' . gTxt('toggle_all_selected') . '"') . column_head('name', 'name', 'section', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-name') . column_head('title', 'title', 'section', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'txp-list-col-title') . column_head('page', 'page', 'section', true, $switch_dir, $crit, $search_method, ('page' == $sort ? "{$dir} " : '') . 'txp-list-col-page') . column_head('css', 'css', 'section', true, $switch_dir, $crit, $search_method, ('css' == $sort ? "{$dir} " : '') . 'txp-list-col-style') . column_head('on_front_page', 'on_frontpage', 'section', true, $switch_dir, $crit, $search_method, ('on_frontpage' == $sort ? "{$dir} " : '') . 'txp-list-col-frontpage section_detail') . column_head('syndicate', 'in_rss', 'section', true, $switch_dir, $crit, $search_method, ('in_rss' == $sort ? "{$dir} " : '') . 'txp-list-col-syndicate section_detail') . column_head('include_in_search', 'searchable', 'section', true, $switch_dir, $crit, $search_method, ('searchable' == $sort ? "{$dir} " : '') . 'txp-list-col-searchable section_detail') . column_head('articles', 'article_count', 'section', true, $switch_dir, $crit, $search_method, ('article_count' == $sort ? "{$dir} " : '') . 'txp-list-col-article_count section_detail')) . n . tag_end('thead') . n . tag_start('tbody');
        while ($a = nextRow($rs)) {
            extract($a, EXTR_PREFIX_ALL, 'sec');
            $edit_url = array('event' => 'section', 'step' => 'section_edit', 'name' => $sec_name, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit);
            if ($sec_name == 'default') {
                $articles = $sec_searchable = $sec_in_rss = $sec_on_frontpage = '-';
            } else {
                $sec_on_frontpage = asyncHref(yes_no($sec_on_frontpage), array('step' => 'section_toggle_option', 'thing' => $sec_name, 'property' => 'on_frontpage'));
                $sec_in_rss = asyncHref(yes_no($sec_in_rss), array('step' => 'section_toggle_option', 'thing' => $sec_name, 'property' => 'in_rss'));
                $sec_searchable = asyncHref(yes_no($sec_searchable), array('step' => 'section_toggle_option', 'thing' => $sec_name, 'property' => 'searchable'));
                if ($sec_article_count > 0) {
                    $articles = href($sec_article_count, array('event' => 'list', 'search_method' => 'section', 'crit' => '"' . $sec_name . '"'), array('title' => gTxt('article_count', array('{num}' => $sec_article_count))));
                } else {
                    $articles = 0;
                }
            }
            $sec_page = href(txpspecialchars($sec_page), array('event' => 'page', 'name' => $sec_page), array('title' => gTxt('edit')));
            $sec_css = href(txpspecialchars($sec_css), array('event' => 'css', 'name' => $sec_css), array('title' => gTxt('edit')));
            echo tr(td(fInput('checkbox', 'selected[]', $sec_name), '', 'txp-list-col-multi-edit') . hCell(href(txpspecialchars($sec_name), $edit_url, array('title' => gTxt('edit'))) . span(sp . span('&#124;', array('role' => 'separator')) . sp . href(gTxt('view'), pagelinkurl(array('s' => $sec_name))), array('class' => 'txp-option-link section_detail')), '', array('class' => 'txp-list-col-name', 'scope' => 'row')) . td(txpspecialchars($sec_title), '', 'txp-list-col-title') . td($sec_page, '', 'txp-list-col-page') . td($sec_css, '', 'txp-list-col-style') . td($sec_on_frontpage, '', 'txp-list-col-frontpage section_detail') . td($sec_in_rss, '', 'txp-list-col-syndicate section_detail') . td($sec_searchable, '', 'txp-list-col-searchable section_detail') . td($articles, '', 'txp-list-col-article_count section_detail'), array('id' => 'txp_section_' . $sec_name));
        }
        echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . section_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . n . tag_start('div', array('class' => 'txp-navigation', 'id' => $event . '_navigation')) . pageby_form('section', $section_list_pageby) . nav_form('section', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div');
    }
    echo n . tag_end('div');
}
Пример #13
0
/**
 * The main panel listing all sections.
 *
 * So-named to avoid clashing with the &lt;txp:section_list /&gt; tag.
 *
 * @param string|array $message The activity message
 */
function sec_section_list($message = '')
{
    global $event, $section_list_pageby;
    pagetop(gTxt('tab_sections'), $message);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if ($sort === '') {
        $sort = get_pref('section_sort_column', 'time');
    }
    if ($dir === '') {
        $dir = get_pref('section_sort_dir', 'desc');
    }
    $dir = $dir == 'asc' ? 'asc' : 'desc';
    switch ($sort) {
        case 'title':
            $sort_sql = 'title ' . $dir;
            break;
        case 'page':
            $sort_sql = 'page ' . $dir;
            break;
        case 'css':
            $sort_sql = 'css ' . $dir;
            break;
        case 'in_rss':
            $sort_sql = 'in_rss ' . $dir;
            break;
        case 'on_frontpage':
            $sort_sql = 'on_frontpage ' . $dir;
            break;
        case 'searchable':
            $sort_sql = 'searchable ' . $dir;
            break;
        case 'article_count':
            $sort_sql = 'article_count ' . $dir;
            break;
        default:
            $sort_sql = 'name ' . $dir;
            break;
    }
    set_pref('section_sort_column', $sort, 'section', 2, '', 0, PREF_PRIVATE);
    set_pref('section_sort_dir', $dir, 'section', 2, '', 0, PREF_PRIVATE);
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $criteria = 1;
    if ($search_method and $crit != '') {
        $verbatim = preg_match('/^"(.*)"$/', $crit, $m);
        $crit_escaped = $verbatim ? doSlash($m[1]) : doLike($crit);
        $critsql = $verbatim ? array('name' => "name = '{$crit_escaped}'", 'title' => "title = '{$crit_escaped}'", 'page' => "page = '{$crit_escaped}'", 'css' => "css = '{$crit_escaped}'", 'description' => "description = '{$crit_escaped}'") : array('name' => "name like '%{$crit_escaped}%'", 'title' => "title like '%{$crit_escaped}%'", 'page' => "page like '%{$crit_escaped}%'", 'css' => "css like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'");
        if ($verbatim) {
            $critsql['in_rss'] = "('{$crit_escaped}' in ('" . doSlash(gTxt('yes')) . "', 1) and in_rss = 1) or\n                ('{$crit_escaped}' in ('" . doSlash(gTxt('no')) . "', '0') and in_rss = 0)";
            $critsql['on_frontpage'] = "('{$crit_escaped}' in ('" . doSlash(gTxt('yes')) . "', 1) and on_frontpage = 1) or\n                ('{$crit_escaped}' in ('" . doSlash(gTxt('no')) . "', '0') and on_frontpage = 0)";
            $critsql['searchable'] = "('{$crit_escaped}' in ('" . doSlash(gTxt('yes')) . "', 1) and searchable = 1) or\n                ('{$crit_escaped}' in ('" . doSlash(gTxt('no')) . "', '0') and searchable = 0)";
        } else {
            $critsql['in_rss'] = "(('" . doSlash(gTxt('yes')) . "' like '%{$crit_escaped}%' or '{$crit_escaped}' = 1) and in_rss = 1) or\n                (('" . doSlash(gTxt('no')) . "' like '%{$crit_escaped}%' or '{$crit_escaped}' = '0') and in_rss = 0)";
            $critsql['on_frontpage'] = "(('" . doSlash(gTxt('yes')) . "' like '%{$crit_escaped}%' or '{$crit_escaped}' = 1) and on_frontpage = 1) or\n                (('" . doSlash(gTxt('no')) . "' like '%{$crit_escaped}%' or '{$crit_escaped}' = '0') and on_frontpage = 0)";
            $critsql['searchable'] = "(('" . doSlash(gTxt('yes')) . "' like '%{$crit_escaped}%' or '{$crit_escaped}' = 1) and searchable = 1) or\n                (('" . doSlash(gTxt('no')) . "' like '%{$crit_escaped}%' or '{$crit_escaped}' = '0') and searchable = 0)";
        }
        $search_sql = array();
        foreach ((array) $search_method as $method) {
            if (isset($critsql[$method])) {
                $search_sql[] = $critsql[$method];
            }
        }
        if ($search_sql) {
            $criteria = join(' or ', $search_sql);
            $limit = 500;
        } else {
            $search_method = '';
            $crit = '';
        }
    } else {
        $search_method = '';
        $crit = '';
    }
    $criteria .= callback_event('admin_criteria', 'section_list', 0, $criteria);
    $total = safe_count('txp_section', $criteria);
    echo hed(gTxt('tab_sections') . popHelp('section_category'), 1, array('class' => 'txp-heading')) . n . tag_start('div', array('id' => $event . '_control', 'class' => 'txp-control-panel')) . graf(sLink('section', 'section_edit', gTxt('create_section')), array('class' => 'txp-buttons')) . n . tag_start('form', array('id' => 'default_section_form', 'name' => 'default_section_form', 'method' => 'post', 'action' => 'index.php', 'class' => 'async')) . graf(tag(gTxt('default_write_section'), 'label', array('for' => 'default_section')) . popHelp('section_default') . section_select_list()) . eInput('section') . sInput('section_set_default') . n . tag_end('form');
    if ($total < 1) {
        if ($criteria != 1) {
            echo section_search_form($crit, $search_method) . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
        }
        return;
    }
    $limit = max($section_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo section_search_form($crit, $search_method) . '</div>';
    $rs = safe_rows_start('*, (select count(*) from ' . safe_pfx_j('textpattern') . ' where textpattern.Section = txp_section.name) as article_count', 'txp_section', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
    if ($rs) {
        echo n . tag_start('div', array('id' => $event . '_container', 'class' => 'txp-container')) . n . tag_start('form', array('action' => 'index.php', 'id' => 'section_form', 'class' => 'multi_edit_form', 'method' => 'post', 'name' => 'longform')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' scope="col" title="' . gTxt('toggle_all_selected') . '" class="txp-list-col-multi-edit"') . column_head('name', 'name', 'section', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-name') . column_head('title', 'title', 'section', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'txp-list-col-title') . column_head('page', 'page', 'section', true, $switch_dir, $crit, $search_method, ('page' == $sort ? "{$dir} " : '') . 'txp-list-col-page') . column_head('css', 'css', 'section', true, $switch_dir, $crit, $search_method, ('css' == $sort ? "{$dir} " : '') . 'txp-list-col-style') . column_head('on_front_page', 'on_frontpage', 'section', true, $switch_dir, $crit, $search_method, ('on_frontpage' == $sort ? "{$dir} " : '') . 'txp-list-col-frontpage section_detail') . column_head('syndicate', 'in_rss', 'section', true, $switch_dir, $crit, $search_method, ('in_rss' == $sort ? "{$dir} " : '') . 'txp-list-col-syndicate section_detail') . column_head('include_in_search', 'searchable', 'section', true, $switch_dir, $crit, $search_method, ('searchable' == $sort ? "{$dir} " : '') . 'txp-list-col-searchable section_detail') . column_head('articles', 'article_count', 'section', true, $switch_dir, $crit, $search_method, ('article_count' == $sort ? "{$dir} " : '') . 'txp-list-col-article_count section_detail')) . n . tag_end('thead') . n . tag_start('tbody');
        while ($a = nextRow($rs)) {
            extract($a, EXTR_PREFIX_ALL, 'sec');
            $edit_url = array('event' => 'section', 'step' => 'section_edit', 'name' => $sec_name, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit);
            if ($sec_name == 'default') {
                $articles = $sec_searchable = $sec_in_rss = $sec_on_frontpage = '-';
            } else {
                $sec_on_frontpage = asyncHref(yes_no($sec_on_frontpage), array('step' => 'section_toggle_option', 'thing' => $sec_name, 'property' => 'on_frontpage'));
                $sec_in_rss = asyncHref(yes_no($sec_in_rss), array('step' => 'section_toggle_option', 'thing' => $sec_name, 'property' => 'in_rss'));
                $sec_searchable = asyncHref(yes_no($sec_searchable), array('step' => 'section_toggle_option', 'thing' => $sec_name, 'property' => 'searchable'));
                if ($sec_article_count > 0) {
                    $articles = href($sec_article_count, array('event' => 'list', 'search_method' => 'section', 'crit' => '"' . $sec_name . '"'), array('title' => gTxt('article_count', array('{num}' => $sec_article_count))));
                } else {
                    $articles = 0;
                }
            }
            $sec_page = href(txpspecialchars($sec_page), array('event' => 'page', 'name' => $sec_page), array('title' => gTxt('edit')));
            $sec_css = href(txpspecialchars($sec_css), array('event' => 'css', 'name' => $sec_css), array('title' => gTxt('edit')));
            echo tr(td(fInput('checkbox', 'selected[]', $sec_name), '', 'txp-list-col-multi-edit') . hCell(href(txpspecialchars($sec_name), $edit_url, array('title' => gTxt('edit'))) . sp . span(span('[', array('aria-hidden' => 'true')) . href(gTxt('view'), pagelinkurl(array('s' => $sec_name))) . span(']', array('aria-hidden' => 'true')), array('class' => 'section_detail')), '', array('scope' => 'row', 'class' => 'txp-list-col-name')) . td(txpspecialchars($sec_title), '', 'txp-list-col-title') . td($sec_page, '', 'txp-list-col-page') . td($sec_css, '', 'txp-list-col-style') . td($sec_on_frontpage, '', 'txp-list-col-frontpage section_detail') . td($sec_in_rss, '', 'txp-list-col-syndicate section_detail') . td($sec_searchable, '', 'txp-list-col-searchable section_detail') . td($articles, '', 'txp-list-col-article_count section_detail'), array('id' => 'txp_section_' . $sec_name));
        }
        echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . section_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . graf(toggle_box('section_detail'), array('class' => 'detail-toggle')) . n . tag_start('div', array('id' => $event . '_navigation', 'class' => 'txp-navigation')) . pageby_form('section', $section_list_pageby) . nav_form('section', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div') . n . tag_end('div');
    }
}
Пример #14
0
function section_delete()
{
    $name = ps('name');
    $count = safe_count('textpattern', "section = '" . doSlash($name) . "'");
    if ($count) {
        $message = array(gTxt('section_used_by_article', array('{name}' => $name, '{count}' => $count)), E_ERROR);
    } else {
        safe_delete('txp_section', "name = '" . doSlash($name) . "'");
        $message = gTxt('section_deleted', array('{name}' => $name));
    }
    sec_section_list($message);
}
Пример #15
0
function doArticles($atts, $iscustom, $thing = NULL)
{
    global $pretext, $prefs;
    extract($pretext);
    extract($prefs);
    $customFields = getCustomFields();
    $customlAtts = array_null(array_flip($customFields));
    //getting attributes
    $theAtts = lAtts(array('form' => 'default', 'listform' => '', 'searchform' => '', 'limit' => 10, 'pageby' => '', 'category' => '', 'section' => '', 'excerpted' => '', 'author' => '', 'sort' => '', 'sortby' => '', 'sortdir' => '', 'month' => '', 'keywords' => '', 'frontpage' => '', 'id' => '', 'time' => 'past', 'status' => '4', 'pgonly' => 0, 'searchall' => 1, 'searchsticky' => 0, 'allowoverride' => !$q and !$iscustom, 'offset' => 0, 'wraptag' => '', 'break' => '', 'label' => '', 'labeltag' => '', 'class' => '') + $customlAtts, $atts);
    // if an article ID is specified, treat it as a custom list
    $iscustom = !empty($theAtts['id']) ? true : $iscustom;
    //for the txp:article tag, some attributes are taken from globals;
    //override them before extract
    if (!$iscustom) {
        $theAtts['category'] = $c ? $c : '';
        $theAtts['section'] = $s && $s != 'default' ? $s : '';
        $theAtts['author'] = !empty($author) ? $author : '';
        $theAtts['month'] = !empty($month) ? $month : '';
        $theAtts['frontpage'] = $s && $s == 'default' ? true : false;
        $theAtts['excerpted'] = '';
    }
    extract($theAtts);
    // if a listform is specified, $thing is for doArticle() - hence ignore here.
    if (!empty($listform)) {
        $thing = '';
    }
    $pageby = empty($pageby) ? $limit : $pageby;
    // treat sticky articles differently wrt search filtering, etc
    $status = in_array(strtolower($status), array('sticky', '5')) ? 5 : 4;
    $issticky = $status == 5;
    // give control to search, if necessary
    if ($q && !$iscustom && !$issticky) {
        include_once txpath . '/publish/search.php';
        $s_filter = $searchall ? filterSearch() : '';
        $q = doSlash($q);
        // searchable article fields are limited to the columns of
        // the textpattern table and a matching fulltext index must exist.
        $cols = do_list($searchable_article_fields);
        if (empty($cols) or $cols[0] == '') {
            $cols = array('Title', 'Body');
        }
        $match = ', match (`' . join('`, `', $cols) . "`) against ('{$q}') as score";
        for ($i = 0; $i < count($cols); $i++) {
            $cols[$i] = "`{$cols[$i]}` rlike '{$q}'";
        }
        $cols = join(" or ", $cols);
        $search = " and ({$cols}) {$s_filter}";
        // searchall=0 can be used to show search results for the current section only
        if ($searchall) {
            $section = '';
        }
        if (!$sort) {
            $sort = 'score desc';
        }
    } else {
        $match = $search = '';
        if (!$sort) {
            $sort = 'Posted desc';
        }
    }
    // for backwards compatibility
    // sortby and sortdir are deprecated
    if ($sortby) {
        if (!$sortdir) {
            $sortdir = 'desc';
        }
        $sort = "{$sortby} {$sortdir}";
    } elseif ($sortdir) {
        $sort = "Posted {$sortdir}";
    }
    //Building query parts
    $frontpage = ($frontpage and (!$q or $issticky)) ? filterFrontPage() : '';
    $category = join("','", doSlash(do_list($category)));
    $category = !$category ? '' : " and (Category1 IN ('" . $category . "') or Category2 IN ('" . $category . "'))";
    $section = !$section ? '' : " and Section IN ('" . join("','", doSlash(do_list($section))) . "')";
    $excerpted = $excerpted == 'y' ? " and Excerpt !=''" : '';
    $author = !$author ? '' : " and AuthorID IN ('" . join("','", doSlash(do_list($author))) . "')";
    $month = !$month ? '' : " and Posted like '" . doSlash($month) . "%'";
    $id = !$id ? '' : " and ID IN (" . join(',', array_map('intval', do_list($id))) . ")";
    switch ($time) {
        case 'any':
            $time = "";
            break;
        case 'future':
            $time = " and Posted > now()";
            break;
        default:
            $time = " and Posted <= now()";
    }
    if (!$publish_expired_articles) {
        $time .= " and (now() <= Expires or Expires = " . NULLDATETIME . ")";
    }
    $custom = '';
    if ($customFields) {
        foreach ($customFields as $cField) {
            if (isset($atts[$cField])) {
                $customPairs[$cField] = $atts[$cField];
            }
        }
        if (!empty($customPairs)) {
            $custom = buildCustomSql($customFields, $customPairs);
        }
    }
    //Allow keywords for no-custom articles. That tagging mode, you know
    if ($keywords) {
        $keys = doSlash(do_list($keywords));
        foreach ($keys as $key) {
            $keyparts[] = "FIND_IN_SET('" . $key . "',Keywords)";
        }
        $keywords = " and (" . join(' or ', $keyparts) . ")";
    }
    if ($q and $searchsticky) {
        $statusq = ' and Status >= 4';
    } elseif ($id) {
        $statusq = ' and Status >= 4';
    } else {
        $statusq = ' and Status = ' . intval($status);
    }
    $where = "1=1" . $statusq . $time . $search . $id . $category . $section . $excerpted . $month . $author . $keywords . $custom . $frontpage;
    //do not paginate if we are on a custom list
    if (!$iscustom and !$issticky) {
        $grand_total = safe_count('textpattern', $where);
        $total = $grand_total - $offset;
        $numPages = ceil($total / $pageby);
        $pg = !$pg ? 1 : $pg;
        $pgoffset = $offset + ($pg - 1) * $pageby;
        // send paging info to txp:newer and txp:older
        $pageout['pg'] = $pg;
        $pageout['numPages'] = $numPages;
        $pageout['s'] = $s;
        $pageout['c'] = $c;
        $pageout['grand_total'] = $grand_total;
        $pageout['total'] = $total;
        global $thispage;
        if (empty($thispage)) {
            $thispage = $pageout;
        }
        if ($pgonly) {
            return;
        }
    } else {
        $pgoffset = $offset;
    }
    $rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted, unix_timestamp(Expires) as uExpires, unix_timestamp(LastMod) as uLastMod" . $match, 'textpattern', $where . ' order by ' . doSlash($sort) . ' limit ' . intval($pgoffset) . ', ' . intval($limit));
    // get the form name
    if ($q and !$iscustom and !$issticky) {
        $fname = $searchform ? $searchform : 'search_results';
    } else {
        $fname = $listform ? $listform : $form;
    }
    if ($rs) {
        $count = 0;
        $last = numRows($rs);
        $articles = array();
        while ($a = nextRow($rs)) {
            ++$count;
            populateArticleData($a);
            global $thisarticle, $uPosted, $limit;
            $thisarticle['is_first'] = $count == 1;
            $thisarticle['is_last'] = $count == $last;
            if (@constant('txpinterface') === 'admin' and gps('Form')) {
                $articles[] = parse(gps('Form'));
            } elseif ($allowoverride and $a['override_form']) {
                $articles[] = parse_form($a['override_form']);
            } else {
                $articles[] = $thing ? parse($thing) : parse_form($fname);
            }
            // sending these to paging_link(); Required?
            $uPosted = $a['uPosted'];
            unset($GLOBALS['thisarticle']);
        }
        return doLabel($label, $labeltag) . doWrap($articles, $wraptag, $break, $class);
    }
}
Пример #16
0
function author_multiedit_form($page, $sort, $dir, $crit, $search_method)
{
    $privileges = privs();
    $rs = safe_column('name', 'txp_users', '1=1');
    $assign_assets = $rs ? '<label for="assign_assets">' . gTxt('assign_assets_to') . '</label>' . n . selectInput('assign_assets', $rs, '', true, '', 'assign_assets') : '';
    $methods = array('changeprivilege' => array('label' => gTxt('changeprivilege'), 'html' => $privileges), 'resetpassword' => gTxt('resetpassword'), 'delete' => array('label' => gTxt('delete'), 'html' => $assign_assets));
    if (safe_count('txp_users', '1=1') <= 1) {
        unset($methods['delete']);
    }
    // Sorry guy, you're last.
    return multi_edit($methods, 'admin', 'admin_multi_edit', $page, $sort, $dir, $crit, $search_method);
}
Пример #17
0
function safe_upsert($table, $set, $where, $debug = '')
{
    // FIXME: lock the table so this is atomic?
    $r = safe_update($table, $set, $where, $debug);
    if ($r and (mysql_affected_rows() or safe_count($table, $where, $debug))) {
        return $r;
    } else {
        return safe_insert($table, join(', ', array($where, $set)), $debug);
    }
}
Пример #18
0
function doArticles($atts, $iscustom)
{
    global $pretext, $prefs, $txpcfg;
    extract($pretext);
    extract($prefs);
    //getting attributes
    $theAtts = lAtts(array('form' => 'default', 'limit' => 10, 'pageby' => '', 'category' => '', 'section' => '', 'excerpted' => '', 'author' => '', 'sortby' => '', 'sortdir' => 'desc', 'month' => '', 'keywords' => '', 'frontpage' => '', 'id' => '', 'time' => 'past', 'status' => '4', 'pgonly' => 0, 'searchall' => 1, 'allowoverride' => !$q and !$iscustom, 'offset' => 0), $atts);
    // if an article ID is specified, treat it as a custom list
    $iscustom = !empty($theAtts['id']) ? true : $iscustom;
    //for the txp:article tag, some attributes are taken from globals;
    //override them before extract
    if (!$iscustom) {
        $theAtts['category'] = $c ? $c : '';
        $theAtts['section'] = $s && $s != 'default' ? $s : '';
        $theAtts['author'] = !empty($author) ? $author : '';
        $theAtts['month'] = !empty($month) ? $month : '';
        $theAtts['frontpage'] = $s && $s == 'default' ? true : false;
        $theAtts['excerpted'] = '';
    }
    extract($theAtts);
    $pageby = empty($pageby) ? $limit : $pageby;
    // treat sticky articles differently wrt search filtering, etc
    if (!is_numeric($status)) {
        $status = getStatusNum($status);
    }
    $issticky = $status == 5;
    //give control to search, if necesary
    if ($q && !$iscustom && !$issticky) {
        include_once txpath . '/publish/search.php';
        $s_filter = $searchall ? filterSearch() : '';
        $q = doSlash($q);
        $match = ", match (Title,Body) against ('{$q}') as score";
        $search = " and (Title rlike '{$q}' or Body rlike '{$q}') {$s_filter}";
        // searchall=0 can be used to show search results for the current section only
        if ($searchall) {
            $section = '';
        }
        if (!$sortby) {
            $sortby = 'score';
        }
    } else {
        $match = $search = '';
        if (!$sortby) {
            $sortby = 'Posted';
        }
    }
    //Building query parts
    $frontpage = ($frontpage and !$q) ? filterFrontPage() : '';
    $category = !$category ? '' : " and ((Category1='" . doslash($category) . "') or (Category2='" . doSlash($category) . "')) ";
    $section = !$section ? '' : " and Section = '" . doslash($section) . "'";
    $excerpted = $excerpted == 'y' ? " and Excerpt !=''" : '';
    $author = !$author ? '' : " and AuthorID = '" . doslash($author) . "'";
    $month = !$month ? '' : " and Posted like '" . doSlash($month) . "%'";
    $id = !$id ? '' : " and ID = '" . intval($id) . "'";
    switch ($time) {
        case 'any':
            $time = "";
            break;
        case 'future':
            $time = " and Posted > now()";
            break;
        default:
            $time = " and Posted < now()";
    }
    if (!is_numeric($status)) {
        $status = getStatusNum($status);
    }
    $custom = '';
    // trying custom fields here
    $customFields = getCustomFields();
    if ($customFields) {
        foreach ($customFields as $cField) {
            if (isset($atts[$cField])) {
                $customPairs[$cField] = $atts[$cField];
            }
        }
        if (!empty($customPairs)) {
            $custom = buildCustomSql($customFields, $customPairs);
        } else {
            $custom = '';
        }
    }
    //Allow keywords for no-custom articles. That tagging mode, you know
    if ($keywords) {
        $keys = split(',', $keywords);
        foreach ($keys as $key) {
            $keyparts[] = " Keywords like '%" . doSlash(trim($key)) . "%'";
        }
        $keywords = " and (" . join(' or ', $keyparts) . ")";
    }
    $where = "1" . ($id ? " and Status >= '4'" : " and Status='" . doSlash($status) . "'") . $time . $search . $id . $category . $section . $excerpted . $month . $author . $keywords . $custom . $frontpage;
    //do not paginate if we are on a custom list
    if (!$iscustom and !$issticky) {
        $total = safe_count('textpattern', $where) - $offset;
        $numPages = ceil($total / $pageby);
        $pg = !$pg ? 1 : $pg;
        $pgoffset = $offset + ($pg - 1) * $pageby . ', ';
        // send paging info to txp:newer and txp:older
        $pageout['pg'] = $pg;
        $pageout['numPages'] = $numPages;
        $pageout['s'] = $s;
        $pageout['c'] = $c;
        $pageout['total'] = $total;
        $GLOBALS['thispage'] = $pageout;
        if ($pgonly) {
            return;
        }
    } else {
        $pgoffset = $offset . ', ';
    }
    $rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted" . $match, 'textpattern', $where . ' order by ' . doslash($sortby) . ' ' . doSlash($sortdir) . ' limit ' . doSlash($pgoffset . $limit));
    // alternative form override for search or list
    if ($q and !$iscustom and !$issticky) {
        $form = gAtt($atts, 'searchform', 'search_results');
    } else {
        $form = gAtt($atts, 'listform', $form);
    }
    // might be a form preview, otherwise grab it from the db
    $form = isset($_POST['Form']) ? gps('Form') : fetch_form($form);
    if ($rs) {
        $count = 0;
        $articles = array();
        while ($a = nextRow($rs)) {
            ++$count;
            populateArticleData($a);
            $GLOBALS['thisarticle']['is_first'] = $count == 1;
            $GLOBALS['thisarticle']['is_last'] = $count == numRows($rs);
            // define the article form
            $article = ($allowoverride and $a['override_form']) ? fetch_form($a['override_form']) : $form;
            $articles[] = parse($article);
            // sending these to paging_link(); Required?
            $GLOBALS['uPosted'] = $a['uPosted'];
            $GLOBALS['limit'] = $limit;
            unset($GLOBALS['thisarticle']);
            unset($GLOBALS['theseatts']);
            //Required?
        }
        return join('', $articles);
    }
}
Пример #19
0
function sec_section_list($message = '')
{
    global $event, $section_list_pageby;
    pagetop(gTxt('tab_sections'), $message);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if ($sort === '') {
        $sort = get_pref('section_sort_column', 'time');
    }
    if ($dir === '') {
        $dir = get_pref('section_sort_dir', 'desc');
    }
    $dir = $dir == 'asc' ? 'asc' : 'desc';
    switch ($sort) {
        case 'title':
            $sort_sql = 'title ' . $dir;
            break;
        case 'page':
            $sort_sql = 'page ' . $dir;
            break;
        case 'css':
            $sort_sql = 'css ' . $dir;
            break;
        case 'in_rss':
            $sort_sql = 'in_rss ' . $dir;
            break;
        case 'on_frontpage':
            $sort_sql = 'on_frontpage ' . $dir;
            break;
        case 'searchable':
            $sort_sql = 'searchable ' . $dir;
            break;
        case 'article_count':
            $sort_sql = 'article_count ' . $dir;
            break;
        default:
            $sort_sql = 'name ' . $dir;
            break;
    }
    set_pref('section_sort_column', $sort, 'section', 2, '', 0, PREF_PRIVATE);
    set_pref('section_sort_dir', $dir, 'section', 2, '', 0, PREF_PRIVATE);
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $criteria = 1;
    if ($search_method and $crit != '') {
        $verbatim = preg_match('/^"(.*)"$/', $crit, $m);
        $crit_escaped = doSlash($verbatim ? $m[1] : str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
        $critsql = $verbatim ? array('name' => "name = '{$crit_escaped}'", 'title' => "title = '{$crit_escaped}'", 'page' => "page = '{$crit_escaped}'", 'css' => "css = '{$crit_escaped}'", 'in_rss' => "in_rss = '{$crit_escaped}'", 'on_frontpage' => "on_frontpage = '{$crit_escaped}'", 'searchable' => "searchable = '{$crit_escaped}'") : array('name' => "name like '%{$crit_escaped}%'", 'title' => "title like '%{$crit_escaped}%'", 'page' => "page like '%{$crit_escaped}%'", 'css' => "css like '%{$crit_escaped}%'", 'in_rss' => "in_rss = '{$crit_escaped}'", 'on_frontpage' => "on_frontpage = '{$crit_escaped}'", 'searchable' => "searchable = '{$crit_escaped}'");
        if (array_key_exists($search_method, $critsql)) {
            $criteria = $critsql[$search_method];
            $limit = 500;
        } else {
            $search_method = '';
            $crit = '';
        }
    } else {
        $search_method = '';
        $crit = '';
    }
    $criteria .= callback_event('admin_criteria', 'section_list', 0, $criteria);
    $total = safe_count('txp_section', "{$criteria}");
    echo '<h1 class="txp-heading">' . gTxt('tab_sections') . sp . popHelp('section_category') . '</h1>';
    echo '<div id="' . $event . '_control" class="txp-control-panel">';
    echo graf(sLink('section', 'section_edit', gTxt('create_section')), ' class="txp-buttons"');
    echo n . '<form id="default_section_form" name="default_section_form" method="post" action="index.php" class="async">';
    echo graf('<label>' . gTxt('default_write_section') . '</label>' . sp . popHelp('section_default') . n . section_select_list()) . eInput('section') . sInput('section_set_default');
    echo '</form>';
    if ($total < 1) {
        if ($criteria != 1) {
            echo n . section_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
        }
        return;
    }
    $limit = max($section_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo n . section_search_form($crit, $search_method) . '</div>';
    $rs = safe_rows_start('*, (SELECT count(*) FROM ' . safe_pfx('textpattern') . ' articles WHERE articles.Section = txp_section.name) AS article_count', 'txp_section', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
    if ($rs) {
        echo n . '<div id="' . $event . '_container" class="txp-container">';
        echo n . n . '<form action="index.php" id="section_form" class="multi_edit_form" method="post" name="longform">' . n . '<div class="txp-listtables">' . n . n . startTable('', '', 'txp-list') . n . '<thead>' . n . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('name', 'name', 'section', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . n . column_head('title', 'title', 'section', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'title') . n . column_head('page', 'page', 'section', true, $switch_dir, $crit, $search_method, ('page' == $sort ? "{$dir} " : '') . 'page') . n . column_head('css', 'css', 'section', true, $switch_dir, $crit, $search_method, ('css' == $sort ? "{$dir} " : '') . 'style') . n . column_head('on_front_page', 'on_frontpage', 'section', true, $switch_dir, $crit, $search_method, ('on_frontpage' == $sort ? "{$dir} " : '') . 'section_detail frontpage') . n . column_head('syndicate', 'in_rss', 'section', true, $switch_dir, $crit, $search_method, ('in_rss' == $sort ? "{$dir} " : '') . 'section_detail syndicate') . n . column_head('include_in_search', 'searchable', 'section', true, $switch_dir, $crit, $search_method, ('searchable' == $sort ? "{$dir} " : '') . 'section_detail searchable') . n . column_head('articles', 'article_count', 'section', true, $switch_dir, $crit, $search_method, ('article_count' == $sort ? "{$dir} " : '') . 'section_detail article_count')) . n . '</thead>';
        echo '<tbody>';
        while ($a = nextRow($rs)) {
            extract($a, EXTR_PREFIX_ALL, 'sec');
            $is_default_section = $sec_name == 'default';
            $edit_url = '?event=section' . a . 'step=section_edit' . a . 'name=' . $sec_name . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
            $page_url = '?event=page' . a . 'name=' . $sec_page;
            $style_url = '?event=css' . a . 'name=' . $sec_css;
            $articles = $sec_article_count > 0 ? href($sec_article_count, '?event=list' . a . 'search_method=section' . a . 'crit=&quot;' . txpspecialchars($sec_name) . '&quot;', ' title="' . gTxt('article_count', array('{num}' => $sec_article_count)) . '"') : ($is_default_section ? '' : '0');
            //				$can_delete = ($sec_name != 'default' && $sec_article_count == 0);
            $parms = array('step' => 'section_toggle_option', 'thing' => $sec_name);
            echo tr(td(fInput('checkbox', 'selected[]', $sec_name), '', 'multi-edit') . td('<a href="' . $edit_url . '" title="' . gTxt('edit') . '">' . $sec_name . '</a>' . n . '<span class="section_detail">[<a href="' . hu . $sec_name . '">' . gTxt('view') . '</a>]</span>', '', 'name') . td(txpspecialchars($sec_title), '', 'title') . td('<a href="' . $page_url . '" title="' . gTxt('edit') . '">' . $sec_page . '</a>', '', 'page') . td('<a href="' . $style_url . '" title="' . gTxt('edit') . '">' . $sec_css . '</a>', '', 'style') . td($is_default_section ? '-' : asyncHref($sec_on_frontpage ? gTxt('yes') : gTxt('no'), $parms + array('property' => 'on_frontpage')), '', 'section_detail frontpage') . td($is_default_section ? '-' : asyncHref($sec_in_rss ? gTxt('yes') : gTxt('no'), $parms + array('property' => 'in_rss')), '', 'section_detail syndicate') . td($is_default_section ? '-' : asyncHref($sec_searchable ? gTxt('yes') : gTxt('no'), $parms + array('property' => 'searchable')), '', 'section_detail searchable') . td($is_default_section ? '' : $articles, '', 'section_detail article_count'), ' id="txp_section_' . $sec_name . '"');
        }
        echo '</tbody>', n, endTable(), n, '</div>', n, section_multiedit_form($page, $sort, $dir, $crit, $search_method), n, tInput(), n, '</form>', n, graf(toggle_box('section_detail'), ' class="detail-toggle"'), n, '<div id="' . $event . '_navigation" class="txp-navigation">', n, nav_form('section', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit), n, pageby_form('section', $section_list_pageby), n, '</div>', n, '</div>';
        echo script_js(<<<EOS
\t\t\t\$('#default_section').change(function() {
\t\t\t\t\$('#default_section_form').submit();
\t\t\t});
EOS
);
    }
}
Пример #20
0
function formatCommentsInvite($AnnotateInvite, $Section, $ID)
{
    global $comments_mode;
    $dc = safe_count('txp_discuss', "parentid='{$ID}' and visible=1");
    $ccount = $dc ? '[' . $dc . ']' : '';
    if (!$comments_mode) {
        return '<a href="' . permlinkurl_id($ID) . '/#' . gTxt('comment') . '">' . $AnnotateInvite . '</a>' . $ccount;
    } else {
        return "<a href=\"" . hu . "?parentid={$ID}\" onclick=\"window.open(this.href, 'popupwindow', 'width=500,height=500,scrollbars,resizable,status'); return false;\">" . $AnnotateInvite . '</a> ' . $ccount;
    }
}
Пример #21
0
/**
 * The main author list.
 *
 * @param string|array $message The activity message
 */
function author_list($message = '')
{
    global $txp_user, $author_list_pageby;
    pagetop(gTxt('tab_site_admin'), $message);
    if (is_disabled('mail')) {
        echo graf(span(null, array('class' => 'ui-icon ui-icon-alert')) . ' ' . gTxt('warn_mail_unavailable'), array('class' => 'alert-block warning'));
    }
    echo hed(gTxt('tab_site_admin'), 1, array('class' => 'txp-heading'));
    echo n . '<div id="users_control" class="txp-control-panel">';
    $buttons = array();
    // Change password button.
    $buttons[] = sLink('admin', 'new_pass_form', gTxt('change_password'));
    if (!has_privs('admin.edit')) {
        // Change email address button.
        $buttons[] = sLink('admin', 'change_email_form', gTxt('change_email_address'));
    } else {
        // New author button.
        $buttons[] = sLink('admin', 'author_edit', gTxt('add_new_author'));
    }
    echo graf(join(n, $buttons), array('class' => 'txp-buttons'));
    // User list.
    if (has_privs('admin.list')) {
        extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
        if ($sort === '') {
            $sort = get_pref('admin_sort_column', 'name');
        }
        if ($dir === '') {
            $dir = get_pref('admin_sort_dir', 'asc');
        }
        $dir = $dir == 'desc' ? 'desc' : 'asc';
        if (!in_array($sort, array('name', 'RealName', 'email', 'privs', 'last_login'))) {
            $sort = 'name';
        }
        $sort_sql = $sort . ' ' . $dir;
        set_pref('admin_sort_column', $sort, 'admin', 2, '', 0, PREF_PRIVATE);
        set_pref('admin_sort_dir', $dir, 'admin', 2, '', 0, PREF_PRIVATE);
        $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
        $criteria = 1;
        if ($search_method and $crit != '') {
            $verbatim = preg_match('/^"(.*)"$/', $crit, $m);
            $crit_escaped = $verbatim ? doSlash($m[1]) : doLike($crit);
            $critsql = $verbatim ? array('id' => "user_id in ('" . join("','", do_list($crit_escaped)) . "')", 'login' => "name = '{$crit_escaped}'", 'real_name' => "RealName = '{$crit_escaped}'", 'email' => "email = '{$crit_escaped}'", 'privs' => "convert(privs, char) in ('" . join("','", do_list($crit_escaped)) . "')") : array('id' => "user_id in ('" . join("','", do_list($crit_escaped)) . "')", 'login' => "name like '%{$crit_escaped}%'", 'real_name' => "RealName like '%{$crit_escaped}%'", 'email' => "email like '%{$crit_escaped}%'", 'privs' => "convert(privs, char) in ('" . join("','", do_list($crit_escaped)) . "')");
            if (array_key_exists($search_method, $critsql)) {
                $criteria = $critsql[$search_method];
            } else {
                $search_method = '';
                $crit = '';
            }
        } else {
            $search_method = '';
            $crit = '';
        }
        $criteria .= callback_event('admin_criteria', 'author_list', 0, $criteria);
        $total = getCount('txp_users', $criteria);
        if ($total < 1) {
            if ($criteria != 1) {
                echo n . author_search_form($crit, $search_method) . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
            }
            return;
        }
        $limit = max($author_list_pageby, 15);
        list($page, $offset, $numPages) = pager($total, $limit, $page);
        $use_multi_edit = has_privs('admin.edit') && safe_count('txp_users', '1=1') > 1;
        echo author_search_form($crit, $search_method) . '</div>';
        $rs = safe_rows_start('*, unix_timestamp(last_access) as last_login', 'txp_users', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
        if ($rs) {
            echo n . tag_start('div', array('id' => 'users_container', 'class' => 'txp-container')) . n . tag_start('form', array('action' => 'index.php', 'id' => 'users_form', 'class' => 'multi_edit_form', 'method' => 'post', 'name' => 'longform')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(($use_multi_edit ? hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' scope="col" title="' . gTxt('toggle_all_selected') . '" class="txp-list-col-multi-edit"') : hCell('', '', ' scope="col" class="txp-list-col-multi-edit"')) . column_head('login_name', 'name', 'admin', true, $switch_dir, '', '', ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-login-name name') . column_head('real_name', 'RealName', 'admin', true, $switch_dir, '', '', ('RealName' == $sort ? "{$dir} " : '') . 'txp-list-col-real-name name') . column_head('email', 'email', 'admin', true, $switch_dir, '', '', ('email' == $sort ? "{$dir} " : '') . 'txp-list-col-email') . column_head('privileges', 'privs', 'admin', true, $switch_dir, '', '', ('privs' == $sort ? "{$dir} " : '') . 'txp-list-col-privs') . column_head('last_login', 'last_login', 'admin', true, $switch_dir, '', '', ('last_login' == $sort ? "{$dir} " : '') . 'txp-list-col-last-login date')) . n . tag_end('thead') . n . tag_start('tbody');
            while ($a = nextRow($rs)) {
                extract(doSpecial($a));
                echo tr(td((has_privs('admin.edit') and $txp_user != $a['name']) ? fInput('checkbox', 'selected[]', $a['name'], 'checkbox') : '', '', 'txp-list-col-multi-edit') . hCell(has_privs('admin.edit') ? eLink('admin', 'author_edit', 'user_id', $user_id, $name) : $name, '', ' scope="row" class="txp-list-col-login-name name"') . td($RealName, '', 'txp-list-col-real-name name') . td(href($email, 'mailto:' . $email), '', 'txp-list-col-email') . td(get_priv_level($privs), '', 'txp-list-col-privs') . td($last_login ? safe_strftime('%b&#160;%Y', $last_login) : '', '', 'txp-list-col-last-login date'));
            }
            echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . ($use_multi_edit ? author_multiedit_form($page, $sort, $dir, $crit, $search_method) : '') . tInput() . n . tag_end('form') . n . tag_start('div', array('id' => 'users_navigation', 'class' => 'txp-navigation')) . pageby_form('admin', $author_list_pageby) . nav_form('admin', $page, $numPages, $sort, $dir, $crit, $search_method) . n . tag_end('div') . n . tag_end('div');
        }
    } else {
        echo n . tag_end('div');
    }
}
Пример #22
0
function log_list($message = '')
{
    global $event, $log_list_pageby, $expire_logs_after;
    pagetop(gTxt('tab_logs'), $message);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if ($sort === '') {
        $sort = get_pref('log_sort_column', 'time');
    }
    if ($dir === '') {
        $dir = get_pref('log_sort_dir', 'desc');
    }
    $dir = $dir == 'asc' ? 'asc' : 'desc';
    $expire_logs_after = assert_int($expire_logs_after);
    safe_delete('txp_log', "time < date_sub(now(), interval {$expire_logs_after} day)");
    switch ($sort) {
        case 'ip':
            $sort_sql = 'ip ' . $dir;
            break;
        case 'host':
            $sort_sql = 'host ' . $dir;
            break;
        case 'page':
            $sort_sql = 'page ' . $dir;
            break;
        case 'refer':
            $sort_sql = 'refer ' . $dir;
            break;
        case 'method':
            $sort_sql = 'method ' . $dir;
            break;
        case 'status':
            $sort_sql = 'status ' . $dir;
            break;
        default:
            $sort = 'time';
            $sort_sql = 'time ' . $dir;
            break;
    }
    set_pref('log_sort_column', $sort, 'log', 2, '', 0, PREF_PRIVATE);
    set_pref('log_sort_dir', $dir, 'log', 2, '', 0, PREF_PRIVATE);
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $criteria = 1;
    if ($search_method and $crit != '') {
        $verbatim = preg_match('/^"(.*)"$/', $crit, $m);
        $crit_escaped = doSlash($verbatim ? $m[1] : str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
        $critsql = $verbatim ? array('ip' => "ip = '{$crit_escaped}'", 'host' => "host = '{$crit_escaped}'", 'page' => "page = '{$crit_escaped}'", 'refer' => "refer = '{$crit_escaped}'", 'method' => "method = '{$crit_escaped}'", 'status' => "status = '{$crit_escaped}'") : array('ip' => "ip like '%{$crit_escaped}%'", 'host' => "host like '%{$crit_escaped}%'", 'page' => "page like '%{$crit_escaped}%'", 'refer' => "refer like '%{$crit_escaped}%'", 'method' => "method like '%{$crit_escaped}%'", 'status' => "status like '%{$crit_escaped}%'");
        if (array_key_exists($search_method, $critsql)) {
            $criteria = $critsql[$search_method];
            $limit = 500;
        } else {
            $search_method = '';
            $crit = '';
        }
    } else {
        $search_method = '';
        $crit = '';
    }
    $criteria .= callback_event('admin_criteria', 'log_list', 0, $criteria);
    $total = safe_count('txp_log', "{$criteria}");
    echo '<h1 class="txp-heading">' . gTxt('tab_logs') . '</h1>';
    echo '<div id="' . $event . '_control" class="txp-control-panel">';
    if ($total < 1) {
        if ($criteria != 1) {
            echo n . log_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
        } else {
            echo graf(gTxt('no_refers_recorded'), ' class="indicator"') . '</div>';
        }
        return;
    }
    $limit = max($log_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo n . log_search_form($crit, $search_method) . '</div>';
    $rs = safe_rows_start('*, unix_timestamp(time) as uTime', 'txp_log', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
    if ($rs) {
        echo n . '<div id="' . $event . '_container" class="txp-container">';
        echo n . n . '<form action="index.php" id="log_form" class="multi_edit_form" method="post" name="longform">' . n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . n . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('time', 'time', 'log', true, $switch_dir, $crit, $search_method, ('time' == $sort ? "{$dir} " : '') . 'date time') . n . column_head('IP', 'ip', 'log', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'log_detail ip') . n . column_head('host', 'host', 'log', true, $switch_dir, $crit, $search_method, ('host' == $sort ? "{$dir} " : '') . 'host') . n . column_head('page', 'page', 'log', true, $switch_dir, $crit, $search_method, ('page' == $sort ? "{$dir} " : '') . 'page') . n . column_head('referrer', 'refer', 'log', true, $switch_dir, $crit, $search_method, ('refer' == $sort ? "{$dir} " : '') . 'refer') . n . column_head('method', 'method', 'log', true, $switch_dir, $crit, $search_method, ('method' == $sort ? "{$dir} " : '') . 'log_detail method') . n . column_head('status', 'status', 'log', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'log_detail status')) . n . '</thead>';
        echo '<tbody>';
        while ($a = nextRow($rs)) {
            extract($a, EXTR_PREFIX_ALL, 'log');
            if ($log_refer) {
                $log_refer = 'http://' . $log_refer;
                $log_refer = '<a href="' . txpspecialchars($log_refer) . '" target="_blank">' . txpspecialchars(soft_wrap($log_refer, 30)) . '</a>';
            }
            if ($log_page) {
                $log_anchor = preg_replace('/\\/$/', '', $log_page);
                $log_anchor = soft_wrap(substr($log_anchor, 1), 30);
                $log_page = '<a href="' . txpspecialchars($log_page) . '" target="_blank">' . txpspecialchars($log_anchor) . '</a>';
                if ($log_method == 'POST') {
                    $log_page = '<strong>' . $log_page . '</strong>';
                }
            }
            echo tr(n . td(fInput('checkbox', 'selected[]', $log_id), '', 'multi-edit') . td(gTime($log_uTime), '', 'date time') . td(txpspecialchars($log_ip), '', 'log_detail ip') . td(txpspecialchars(soft_wrap($log_host, 30)), '', 'host') . td($log_page, '', 'page') . td($log_refer, '', 'refer') . td(txpspecialchars($log_method), '', 'log_detail method') . td($log_status, '', 'log_detail status'));
        }
        echo '</tbody>', n, endTable(), n, '</div>', n, log_multiedit_form($page, $sort, $dir, $crit, $search_method), n, tInput(), n, '</form>', n, graf(toggle_box('log_detail'), ' class="detail-toggle"'), n, '<div id="' . $event . '_navigation" class="txp-navigation">', n, nav_form('log', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit), n, pageby_form('log', $log_list_pageby), n, '</div>', n, '</div>';
    }
}
function ign_userList()
{
    global $myprivs, $ign_user, $ign_user_db, $prefs, $ign_privs;
    $allow_edit = in_array($myprivs, explode(',', $ign_privs['edit_users'])) ? true : false;
    if (version_compare($prefs['version'], '4.0.4') < 0) {
        ign_add_paging();
    }
    //pagination code
    $total = safe_count($ign_user_db, '1');
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method', 'last_access')));
    $limit = 25;
    $dir = $dir == 'desc' ? 'desc' : 'asc';
    switch ($sort) {
        case 'name':
            $sort_by = 'name';
            break;
        case 'email':
            $sort_by = 'email';
            break;
        case 'privs':
            $sort_by = 'privs';
            break;
        case 'last_access':
            $sort_by = 'last_access';
            break;
        case 'realname':
        default:
            $sort_by = 'realname';
            break;
    }
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $criteria = 1;
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    //build search here
    //TODO: Implement search on user name / real name
    $rs = safe_rows_start("*", $ign_user_db, "{$criteria} order by {$sort_by} {$dir} limit {$offset}, {$limit}");
    $out[] = hed(ign_gTxt('users'), 3, ' align="center"');
    $out[] = startTable('list');
    $out[] = tr(hCell(href(gTxt('real_name'), "index.php?event=ign_user_mgmt&step=list&page={$page}&dir={$switch_dir}&sort=real_name")) . hCell(href(gTxt('login_name'), "index.php?event=ign_user_mgmt&step=list&page={$page}&dir={$switch_dir}&sort=name")) . hCell(href(ucfirst(gTxt('email')), "index.php?event=ign_user_mgmt&step=list&page={$page}&dir={$switch_dir}&sort=email")) . hCell(href(gTxt('privileges'), "index.php?event=ign_user_mgmt&step=list&page={$page}&dir={$switch_dir}&sort=privs")) . td() . td() . hCell(href(gTxt('last_access'), "index.php?event=ign_user_mgmt&step=list&page={$page}&dir={$switch_dir}&sort=last_access")));
    if ($rs) {
        while ($a = nextRow($rs)) {
            extract($a);
            if ($name == $ign_user) {
                $deletelink = '';
            } else {
                $deletelink = dLink('ign_user_mgmt', 'ign_user_delete', 'user_id', $user_id);
            }
            $savelink = fInput("submit", 'save', gTxt('save'), 'smallerbox');
            $emailhref = '<a href="mailto:' . $email . '">' . $email . '</a>';
            $RealNameInput = fInput('text', 'RealName', $RealName, 'edit');
            $emailInput = fInput('text', 'email', $email, 'edit');
            $row[] = '<form action="index.php" method="post">';
            $row[] = $allow_edit ? td($RealNameInput) : td($RealName);
            $row[] = td($name);
            $row[] = $allow_edit ? td($emailInput) : td($emailhref);
            $row[] = $allow_edit ? td(ign_privList($privs) . popHelp("about_privileges")) : td(ign_getPrivLevel($privs) . popHelp("about_privileges"));
            $row[] = $allow_edit ? td($savelink) : '';
            $row[] = $allow_edit ? hInput("user_id", $user_id) . eInput("ign_user_mgmt") . sInput('ign_userSave') : td();
            $row[] = '</form>';
            $row[] = $allow_edit ? td($deletelink, 10) : td();
            //clean up last_access
            if ($last_access == 0) {
                $last_access = 'Never';
            }
            $row[] = td($last_access);
            $out[] = tr(join('', $row));
            unset($row);
        }
        $out[] = endTable();
        $out[] = nav_form('ign_user_mgmt', $page, $numPages, $sort, 'asc', '1', '1');
        return join('', $out);
    }
}
Пример #24
0
/**
 * The main panel listing all articles.
 *
 * @param  string|array $message The activity message
 * @param  string       $post    Not used
 */
function list_list($message = '', $post = '')
{
    global $statuses, $use_comments, $comments_disabled_after, $step, $txp_user, $article_list_pageby, $event;
    pagetop(gTxt('tab_list'), $message);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if ($sort === '') {
        $sort = get_pref('article_sort_column', 'posted');
    } else {
        if (!in_array($sort, array('id', 'title', 'expires', 'section', 'category1', 'category2', 'status', 'author', 'comments', 'lastmod'))) {
            $sort = 'posted';
        }
        set_pref('article_sort_column', $sort, 'list', 2, '', 0, PREF_PRIVATE);
    }
    if ($dir === '') {
        $dir = get_pref('article_sort_dir', 'desc');
    } else {
        $dir = $dir == 'asc' ? "asc" : "desc";
        set_pref('article_sort_dir', $dir, 'list', 2, '', 0, PREF_PRIVATE);
    }
    $sesutats = array_flip($statuses);
    switch ($sort) {
        case 'id':
            $sort_sql = "textpattern.ID {$dir}";
            break;
        case 'title':
            $sort_sql = "textpattern.Title {$dir}, textpattern.Posted DESC";
            break;
        case 'expires':
            $sort_sql = "textpattern.Expires {$dir}";
            break;
        case 'section':
            $sort_sql = "section.title {$dir}, textpattern.Posted DESC";
            break;
        case 'category1':
            $sort_sql = "category1.title {$dir}, textpattern.Posted DESC";
            break;
        case 'category2':
            $sort_sql = "category2.title {$dir}, textpattern.Posted DESC";
            break;
        case 'status':
            $sort_sql = "textpattern.Status {$dir}, textpattern.Posted DESC";
            break;
        case 'author':
            $sort_sql = "user.RealName {$dir}, textpattern.Posted DESC";
            break;
        case 'comments':
            $sort_sql = "textpattern.comments_count {$dir}, textpattern.Posted DESC";
            break;
        case 'lastmod':
            $sort_sql = "textpattern.LastMod {$dir}, textpattern.Posted DESC";
            break;
        default:
            $sort = 'posted';
            $sort_sql = "textpattern.Posted {$dir}";
            break;
    }
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $search = new Filter($event, array('id' => array('column' => 'textpattern.ID', 'label' => gTxt('ID'), 'type' => 'integer'), 'title_body_excerpt' => array('column' => array('textpattern.Title', 'textpattern.Body', 'textpattern.Excerpt'), 'label' => gTxt('title_body_excerpt')), 'section' => array('column' => array('textpattern.Section', 'section.title'), 'label' => gTxt('section')), 'keywords' => array('column' => 'textpattern.Keywords', 'label' => gTxt('keywords'), 'type' => 'find_in_set'), 'categories' => array('column' => array('textpattern.Category1', 'textpattern.Category2', 'category1.title', 'category2.title'), 'label' => gTxt('categories')), 'status' => array('column' => array('textpattern.Status'), 'label' => gTxt('status'), 'type' => 'boolean'), 'author' => array('column' => array('textpattern.AuthorID', 'user.RealName'), 'label' => gTxt('author')), 'article_image' => array('column' => array('textpattern.Image'), 'label' => gTxt('article_image'), 'type' => 'integer'), 'posted' => array('column' => array('textpattern.Posted'), 'label' => gTxt('posted')), 'lastmod' => array('column' => array('textpattern.LastMod'), 'label' => gTxt('article_modified'))));
    $search->setAliases('status', $statuses);
    list($criteria, $crit, $search_method) = $search->getFilter(array('id' => array('can_list' => true), 'article_image' => array('can_list' => true), 'title_body_excerpt' => array('always_like' => true)));
    $search_render_options = array('placeholder' => 'search_articles');
    $sql_from = safe_pfx('textpattern') . " textpattern\n        LEFT JOIN " . safe_pfx('txp_category') . " category1 ON category1.name = textpattern.Category1 AND category1.type = 'article'\n        LEFT JOIN " . safe_pfx('txp_category') . " category2 ON category2.name = textpattern.Category2 AND category2.type = 'article'\n        LEFT JOIN " . safe_pfx('txp_section') . " section ON section.name = textpattern.Section\n        LEFT JOIN " . safe_pfx('txp_users') . " user ON user.name = textpattern.AuthorID";
    if ($criteria === 1) {
        $total = safe_count('textpattern', $criteria);
    } else {
        $total = getThing("SELECT COUNT(*) FROM {$sql_from} WHERE {$criteria}");
    }
    echo n . tag(hed(gTxt('tab_list'), 1, array('class' => 'txp-heading')), 'div', array('class' => 'txp-layout-2col-cell-1'));
    $searchBlock = n . tag($search->renderForm('list', $search_render_options), 'div', array('class' => 'txp-layout-2col-cell-2', 'id' => $event . '_control'));
    $createBlock = array();
    if (has_privs('article.edit')) {
        $createBlock[] = n . tag(sLink('article', '', gTxt('add_new_article'), 'txp-button'), 'div', array('class' => 'txp-control-panel'));
    }
    $contentBlockStart = n . tag_start('div', array('class' => 'txp-layout-1col', 'id' => $event . '_container'));
    $createBlock = implode(n, $createBlock);
    if ($total < 1) {
        if ($criteria != 1) {
            echo $searchBlock . $contentBlockStart . $createBlock . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_results_found'), array('class' => 'alert-block information'));
        } else {
            echo $contentBlockStart . $createBlock . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_articles_recorded'), array('class' => 'alert-block information'));
        }
        echo n . tag_end('div');
        return;
    }
    $limit = max($article_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo $searchBlock . $contentBlockStart . $createBlock;
    $rs = safe_query("SELECT\n            textpattern.ID, textpattern.Title, textpattern.url_title, textpattern.Section,\n            textpattern.Category1, textpattern.Category2,\n            textpattern.Status, textpattern.Annotate, textpattern.AuthorID,\n            UNIX_TIMESTAMP(textpattern.Posted) AS posted,\n            UNIX_TIMESTAMP(textpattern.LastMod) AS lastmod,\n            UNIX_TIMESTAMP(textpattern.Expires) AS expires,\n            category1.title AS category1_title,\n            category2.title AS category2_title,\n            section.title AS section_title,\n            user.RealName AS RealName,\n            (SELECT COUNT(*) FROM " . safe_pfx('txp_discuss') . " WHERE parentid = textpattern.ID) AS total_comments\n        FROM {$sql_from} WHERE {$criteria} ORDER BY {$sort_sql} LIMIT {$offset}, {$limit}");
    if ($rs) {
        $show_authors = !has_single_author('textpattern', 'AuthorID');
        echo n . tag(toggle_box('articles_detail'), 'div', array('class' => 'txp-list-options')) . n . tag_start('form', array('class' => 'multi_edit_form', 'id' => 'articles_form', 'name' => 'longform', 'method' => 'post', 'action' => 'index.php')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' class="txp-list-col-multi-edit" scope="col" title="' . gTxt('toggle_all_selected') . '"') . column_head('ID', 'id', 'list', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'txp-list-col-id') . column_head('title', 'title', 'list', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'txp-list-col-title') . column_head('posted', 'posted', 'list', true, $switch_dir, $crit, $search_method, ('posted' == $sort ? "{$dir} " : '') . 'txp-list-col-created date') . column_head('article_modified', 'lastmod', 'list', true, $switch_dir, $crit, $search_method, ('lastmod' == $sort ? "{$dir} " : '') . 'txp-list-col-lastmod date articles_detail') . column_head('expires', 'expires', 'list', true, $switch_dir, $crit, $search_method, ('expires' == $sort ? "{$dir} " : '') . 'txp-list-col-expires date articles_detail') . column_head('section', 'section', 'list', true, $switch_dir, $crit, $search_method, ('section' == $sort ? "{$dir} " : '') . 'txp-list-col-section') . column_head('category1', 'category1', 'list', true, $switch_dir, $crit, $search_method, ('category1' == $sort ? "{$dir} " : '') . 'txp-list-col-category1 category articles_detail') . column_head('category2', 'category2', 'list', true, $switch_dir, $crit, $search_method, ('category2' == $sort ? "{$dir} " : '') . 'txp-list-col-category2 category articles_detail') . column_head('status', 'status', 'list', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'txp-list-col-status') . ($show_authors ? column_head('author', 'author', 'list', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'txp-list-col-author name') : '') . ($use_comments == 1 ? column_head('comments', 'comments', 'list', true, $switch_dir, $crit, $search_method, ('comments' == $sort ? "{$dir} " : '') . 'txp-list-col-comments articles_detail') : '')) . n . tag_end('thead');
        include_once txpath . '/publish/taghandlers.php';
        echo n . tag_start('tbody');
        $validator = new Validator();
        while ($a = nextRow($rs)) {
            extract($a);
            if ($Title === '') {
                $Title = '<em>' . eLink('article', 'edit', 'ID', $ID, gTxt('untitled')) . '</em>';
            } else {
                $Title = eLink('article', 'edit', 'ID', $ID, $Title);
            }
            // Valid section and categories?
            $validator->setConstraints(array(new SectionConstraint($Section)));
            $vs = $validator->validate() ? '' : ' error';
            $validator->setConstraints(array(new CategoryConstraint($Category1, array('type' => 'article'))));
            $vc[1] = $validator->validate() ? '' : ' error';
            $validator->setConstraints(array(new CategoryConstraint($Category2, array('type' => 'article'))));
            $vc[2] = $validator->validate() ? '' : ' error';
            $Category1 = $Category1 ? span(txpspecialchars($category1_title), array('title' => $Category1)) : '';
            $Category2 = $Category2 ? span(txpspecialchars($category2_title), array('title' => $Category2)) : '';
            if ($Status != STATUS_LIVE and $Status != STATUS_STICKY) {
                $view_url = '?txpreview=' . intval($ID) . '.' . time();
            } else {
                $view_url = permlinkurl($a);
            }
            if (isset($statuses[$Status])) {
                $Status = $statuses[$Status];
            }
            $comments = '(' . $total_comments . ')';
            if ($total_comments) {
                $comments = href($comments, array('event' => 'discuss', 'step' => 'list', 'search_method' => 'parent', 'crit' => $ID), array('title' => gTxt('manage')));
            }
            $comment_status = $Annotate ? gTxt('on') : gTxt('off');
            if ($comments_disabled_after) {
                $lifespan = $comments_disabled_after * 86400;
                $time_since = time() - $posted;
                if ($time_since > $lifespan) {
                    $comment_status = gTxt('expired');
                }
            }
            $comments = tag($comment_status, 'span', array('class' => 'comments-status')) . ' ' . tag($comments, 'span', array('class' => 'comments-manage'));
            echo tr(td(($a['Status'] >= STATUS_LIVE and has_privs('article.edit.published') or $a['Status'] >= STATUS_LIVE and $AuthorID === $txp_user and has_privs('article.edit.own.published') or $a['Status'] < STATUS_LIVE and has_privs('article.edit') or $a['Status'] < STATUS_LIVE and $AuthorID === $txp_user and has_privs('article.edit.own')) ? fInput('checkbox', 'selected[]', $ID, 'checkbox') : '', '', 'txp-list-col-multi-edit') . hCell(eLink('article', 'edit', 'ID', $ID, $ID) . sp . span(span('[', array('aria-hidden' => 'true')) . href(gTxt('view'), $view_url) . span(']', array('aria-hidden' => 'true')), array('class' => 'txp-option-link articles_detail')), '', ' class="txp-list-col-id" scope="row"') . td($Title, '', 'txp-list-col-title') . td(gTime($posted), '', 'txp-list-col-created date' . ($posted < time() ? '' : ' unpublished')) . td(gTime($lastmod), '', 'txp-list-col-lastmod date articles_detail' . ($posted === $lastmod ? ' not-modified' : '')) . td($expires ? gTime($expires) : '', '', 'txp-list-col-expires date articles_detail') . td(span(txpspecialchars($section_title), array('title' => $Section)), '', 'txp-list-col-section' . $vs) . td($Category1, '', 'txp-list-col-category1 category articles_detail' . $vc[1]) . td($Category2, '', 'txp-list-col-category2 category articles_detail' . $vc[2]) . td(href($Status, $view_url, join_atts(array('title' => gTxt('view')))), '', 'txp-list-col-status') . ($show_authors ? td(span(txpspecialchars($RealName), array('title' => $AuthorID)), '', 'txp-list-col-author name') : '') . ($use_comments ? td($comments, '', 'txp-list-col-comments articles_detail') : ''));
        }
        echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . list_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . n . tag_start('div', array('class' => 'txp-navigation', 'id' => $event . '_navigation')) . pageby_form('list', $article_list_pageby) . nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div');
    }
    echo n . tag_end('div');
}
Пример #25
0
function log_list($message = '')
{
    global $event, $log_list_pageby, $expire_logs_after;
    pagetop(gTxt('visitor_logs'), $message);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if ($sort === '') {
        $sort = get_pref('log_sort_column', 'time');
    }
    if ($dir === '') {
        $dir = get_pref('log_sort_dir', 'desc');
    }
    $dir = $dir == 'asc' ? 'asc' : 'desc';
    $expire_logs_after = assert_int($expire_logs_after);
    safe_delete('txp_log', "time < date_sub(now(), interval {$expire_logs_after} day)");
    switch ($sort) {
        case 'ip':
            $sort_sql = 'ip ' . $dir;
            break;
        case 'host':
            $sort_sql = 'host ' . $dir;
            break;
        case 'page':
            $sort_sql = 'page ' . $dir;
            break;
        case 'refer':
            $sort_sql = 'refer ' . $dir;
            break;
        case 'method':
            $sort_sql = 'method ' . $dir;
            break;
        case 'status':
            $sort_sql = 'status ' . $dir;
            break;
        default:
            $sort = 'time';
            $sort_sql = 'time ' . $dir;
            break;
    }
    set_pref('log_sort_column', $sort, 'log', 2, '', 0, PREF_PRIVATE);
    set_pref('log_sort_dir', $dir, 'log', 2, '', 0, PREF_PRIVATE);
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $criteria = 1;
    if ($search_method and $crit) {
        $crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
        $critsql = array('ip' => "ip like '%{$crit_escaped}%'", 'host' => "host like '%{$crit_escaped}%'", 'page' => "page like '%{$crit_escaped}%'", 'refer' => "refer like '%{$crit_escaped}%'", 'method' => "method like '%{$crit_escaped}%'", 'status' => "status like '%{$crit_escaped}%'");
        if (array_key_exists($search_method, $critsql)) {
            $criteria = $critsql[$search_method];
            $limit = 500;
        } else {
            $search_method = '';
            $crit = '';
        }
    } else {
        $search_method = '';
        $crit = '';
    }
    $total = safe_count('txp_log', "{$criteria}");
    echo '<div id="' . $event . '_control" class="txp-control-panel">';
    if ($total < 1) {
        if ($criteria != 1) {
            echo n . log_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
        } else {
            echo graf(gTxt('no_refers_recorded'), ' class="indicator"') . '</div>';
        }
        return;
    }
    $limit = max($log_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo n . log_search_form($crit, $search_method) . '</div>';
    $rs = safe_rows_start('*, unix_timestamp(time) as uTime', 'txp_log', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
    if ($rs) {
        echo n . '<div id="' . $event . '_container" class="txp-container txp-list">';
        echo n . n . '<form action="index.php" id="log_form" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list', '', 'list', '', '90%') . n . '<thead>' . n . tr(n . column_head('time', 'time', 'log', true, $switch_dir, $crit, $search_method, ('time' == $sort ? "{$dir} " : '') . 'date time') . column_head('IP', 'ip', 'log', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'log_detail ip') . column_head('host', 'host', 'log', true, $switch_dir, $crit, $search_method, ('host' == $sort ? "{$dir} " : '') . 'host') . column_head('page', 'page', 'log', true, $switch_dir, $crit, $search_method, ('page' == $sort ? "{$dir} " : '') . 'page') . column_head('referrer', 'refer', 'log', true, $switch_dir, $crit, $search_method, ('refer' == $sort ? "{$dir} " : '') . 'refer') . column_head('method', 'method', 'log', true, $switch_dir, $crit, $search_method, ('method' == $sort ? "{$dir} " : '') . 'log_detail method') . column_head('status', 'status', 'log', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'log_detail status') . hCell('', '', ' class="multi-edit"')) . n . '</thead>';
        $tfoot = n . '<tfoot>' . tr(tda(toggle_box('log_detail'), ' class="detail-toggle" colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . log_multiedit_form($page, $sort, $dir, $crit, $search_method), ' class="multi-edit" colspan="6" style="text-align: right; border: none;"')) . n . '</tfoot>';
        echo $tfoot;
        echo '<tbody>';
        $ctr = 1;
        while ($a = nextRow($rs)) {
            extract($a, EXTR_PREFIX_ALL, 'log');
            if ($log_refer) {
                $log_refer = 'http://' . $log_refer;
                $log_refer = '<a href="' . htmlspecialchars($log_refer) . '" target="_blank">' . htmlspecialchars(soft_wrap($log_refer, 30)) . '</a>';
            }
            if ($log_page) {
                $log_anchor = preg_replace('/\\/$/', '', $log_page);
                $log_anchor = soft_wrap(substr($log_anchor, 1), 30);
                $log_page = '<a href="' . htmlspecialchars($log_page) . '" target="_blank">' . htmlspecialchars($log_anchor) . '</a>';
                if ($log_method == 'POST') {
                    $log_page = '<strong>' . $log_page . '</strong>';
                }
            }
            echo tr(n . td(gTime($log_uTime), 85, 'date time') . td($log_ip, 20, 'log_detail ip') . td(soft_wrap($log_host, 30), '', 'host') . td($log_page, '', 'page') . td($log_refer, '', 'refer') . td(htmlspecialchars($log_method), 60, 'log_detail method') . td($log_status, 60, 'log_detail status') . td(fInput('checkbox', 'selected[]', $log_id), '', 'multi-edit'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"');
            $ctr++;
        }
        echo '</tbody>' . n . endTable() . n . '</form>' . n . '<div id="' . $event . '_navigation" class="txp-navigation">' . n . nav_form('log', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . pageby_form('log', $log_list_pageby) . n . '</div>' . n . '</div>';
    }
}
Пример #26
0
function doArticles($atts, $iscustom, $thing = null)
{
    global $pretext, $prefs;
    extract($pretext);
    extract($prefs);
    $customFields = getCustomFields();
    $customlAtts = array_null(array_flip($customFields));
    if ($iscustom) {
        $extralAtts = array('category' => '', 'section' => '', 'excerpted' => '', 'author' => '', 'month' => '', 'expired' => $publish_expired_articles, 'id' => '', 'exclude' => '');
    } else {
        $extralAtts = array('listform' => '', 'searchform' => '', 'searchall' => 1, 'searchsticky' => 0, 'pageby' => '', 'pgonly' => 0);
    }
    // Getting attributes.
    $theAtts = lAtts(array('form' => 'default', 'limit' => 10, 'sort' => '', 'sortby' => '', 'sortdir' => '', 'keywords' => '', 'time' => 'past', 'status' => STATUS_LIVE, 'allowoverride' => !$q and !$iscustom, 'offset' => 0, 'wraptag' => '', 'break' => '', 'label' => '', 'labeltag' => '', 'class' => '') + $customlAtts + $extralAtts, $atts);
    // For the txp:article tag, some attributes are taken from globals;
    // override them, then stash all filter attributes.
    if (!$iscustom) {
        $theAtts['category'] = $c ? $c : '';
        $theAtts['section'] = $s && $s != 'default' ? $s : '';
        $theAtts['author'] = !empty($author) ? $author : '';
        $theAtts['month'] = !empty($month) ? $month : '';
        $theAtts['frontpage'] = $s && $s == 'default' ? true : false;
        $theAtts['excerpted'] = 0;
        $theAtts['exclude'] = 0;
        $theAtts['expired'] = $publish_expired_articles;
        filterAtts($theAtts);
    } else {
        $theAtts['frontpage'] = false;
    }
    extract($theAtts);
    // If a listform is specified, $thing is for doArticle() - hence ignore here.
    if (!empty($listform)) {
        $thing = '';
    }
    $pageby = empty($pageby) ? $limit : $pageby;
    // Treat sticky articles differently wrt search filtering, etc.
    $status = in_array(strtolower($status), array('sticky', STATUS_STICKY)) ? STATUS_STICKY : STATUS_LIVE;
    $issticky = $status == STATUS_STICKY;
    // Give control to search, if necessary.
    if ($q && !$iscustom && !$issticky) {
        include_once txpath . '/publish/search.php';
        $s_filter = $searchall ? filterSearch() : '';
        $q = trim($q);
        $quoted = $q[0] === '"' && $q[strlen($q) - 1] === '"';
        $q = doSlash($quoted ? trim(trim($q, '"')) : $q);
        // Searchable article fields are limited to the columns of the
        // textpattern table and a matching fulltext index must exist.
        $cols = do_list_unique($searchable_article_fields);
        if (empty($cols) or $cols[0] == '') {
            $cols = array('Title', 'Body');
        }
        $match = ", MATCH (`" . join("`, `", $cols) . "`) AGAINST ('{$q}') AS score";
        $search_terms = preg_replace('/\\s+/', ' ', str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $q));
        if ($quoted || empty($m) || $m === 'exact') {
            for ($i = 0; $i < count($cols); $i++) {
                $cols[$i] = "`{$cols[$i]}` LIKE '%{$search_terms}%'";
            }
        } else {
            $colJoin = $m === 'any' ? "OR" : "AND";
            $search_terms = explode(' ', $search_terms);
            for ($i = 0; $i < count($cols); $i++) {
                $like = array();
                foreach ($search_terms as $search_term) {
                    $like[] = "`{$cols[$i]}` LIKE '%{$search_term}%'";
                }
                $cols[$i] = "(" . join(" {$colJoin} ", $like) . ")";
            }
        }
        $cols = join(" OR ", $cols);
        $search = " AND ({$cols}) {$s_filter}";
        // searchall=0 can be used to show search results for the current
        // section only.
        if ($searchall) {
            $section = '';
        }
        if (!$sort) {
            $sort = "score DESC";
        }
    } else {
        $match = $search = '';
        if (!$sort) {
            $sort = "Posted DESC";
        }
    }
    // For backwards compatibility. sortby and sortdir are deprecated.
    if ($sortby) {
        trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortby')), E_USER_NOTICE);
        if (!$sortdir) {
            $sortdir = "DESC";
        } else {
            trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortdir')), E_USER_NOTICE);
        }
        $sort = "{$sortby} {$sortdir}";
    } elseif ($sortdir) {
        trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortdir')), E_USER_NOTICE);
        $sort = "Posted {$sortdir}";
    }
    // Building query parts.
    $frontpage = ($frontpage and (!$q or $issticky)) ? filterFrontPage() : '';
    $category = join("','", doSlash(do_list_unique($category)));
    $category = !$category ? '' : " AND (Category1 IN ('" . $category . "') OR Category2 IN ('" . $category . "'))";
    $section = !$section ? '' : " AND Section IN ('" . join("','", doSlash(do_list_unique($section))) . "')";
    $excerpted = !$excerpted ? '' : " AND Excerpt !=''";
    $author = !$author ? '' : " AND AuthorID IN ('" . join("','", doSlash(do_list_unique($author))) . "')";
    $month = !$month ? '' : " AND Posted LIKE '" . doSlash($month) . "%'";
    $ids = $id ? array_map('intval', do_list_unique($id)) : array();
    $exclude = $exclude ? array_map('intval', do_list_unique($exclude)) : array();
    $id = (!$id ? '' : " AND ID IN (" . join(',', $ids) . ")") . (!$exclude ? '' : " AND ID NOT IN (" . join(',', $exclude) . ")");
    switch ($time) {
        case 'any':
            $time = "";
            break;
        case 'future':
            $time = " AND Posted > " . now('posted');
            break;
        default:
            $time = " AND Posted <= " . now('posted');
    }
    if (!$expired) {
        $time .= " AND (" . now('expires') . " <= Expires OR Expires = " . NULLDATETIME . ")";
    }
    $custom = '';
    if ($customFields) {
        foreach ($customFields as $cField) {
            if (isset($atts[$cField])) {
                $customPairs[$cField] = $atts[$cField];
            }
        }
        if (!empty($customPairs)) {
            $custom = buildCustomSql($customFields, $customPairs);
        }
    }
    // Allow keywords for no-custom articles. That tagging mode, you know.
    if ($keywords) {
        $keys = doSlash(do_list_unique($keywords));
        foreach ($keys as $key) {
            $keyparts[] = "FIND_IN_SET('" . $key . "', Keywords)";
        }
        $keywords = " AND (" . join(' or ', $keyparts) . ")";
    }
    if ($q and $searchsticky) {
        $statusq = " AND Status >= " . STATUS_LIVE;
    } elseif ($id) {
        $statusq = " AND Status >= " . STATUS_LIVE;
    } else {
        $statusq = " AND Status = " . intval($status);
    }
    $where = "1 = 1" . $statusq . $time . $search . $id . $category . $section . $excerpted . $month . $author . $keywords . $custom . $frontpage;
    // Do not paginate if we are on a custom list.
    if (!$iscustom and !$issticky) {
        $grand_total = safe_count('textpattern', $where);
        $total = $grand_total - $offset;
        $numPages = ceil($total / $pageby);
        $pg = !$pg ? 1 : $pg;
        $pgoffset = $offset + ($pg - 1) * $pageby;
        // Send paging info to txp:newer and txp:older.
        $pageout['pg'] = $pg;
        $pageout['numPages'] = $numPages;
        $pageout['s'] = $s;
        $pageout['c'] = $c;
        $pageout['context'] = 'article';
        $pageout['grand_total'] = $grand_total;
        $pageout['total'] = $total;
        global $thispage;
        if (empty($thispage)) {
            $thispage = $pageout;
        }
        if ($pgonly) {
            return;
        }
    } else {
        $pgoffset = $offset;
    }
    // Preserve order of custom article ids unless 'sort' attribute is set.
    if (!empty($atts['id']) && empty($atts['sort'])) {
        $safe_sort = "FIELD(id, " . join(',', $ids) . ")";
    } else {
        $safe_sort = doSlash($sort);
    }
    $rs = safe_rows_start("*, UNIX_TIMESTAMP(Posted) AS uPosted, UNIX_TIMESTAMP(Expires) AS uExpires, UNIX_TIMESTAMP(LastMod) AS uLastMod" . $match, 'textpattern', "{$where} ORDER BY {$safe_sort} LIMIT " . intval($pgoffset) . ", " . intval($limit));
    // Get the form name.
    if ($q and !$iscustom and !$issticky) {
        $fname = $searchform ? $searchform : 'search_results';
    } else {
        $fname = !empty($listform) ? $listform : $form;
    }
    if ($rs) {
        $count = 0;
        $last = numRows($rs);
        $articles = array();
        while ($a = nextRow($rs)) {
            ++$count;
            populateArticleData($a);
            global $thisarticle, $uPosted, $limit;
            $thisarticle['is_first'] = $count == 1;
            $thisarticle['is_last'] = $count == $last;
            // Article form preview.
            if (txpinterface === 'admin' && ps('Form')) {
                doAuth();
                if (!has_privs('form')) {
                    txp_status_header('401 Unauthorized');
                    exit(hed('401 Unauthorized', 1) . graf(gTxt('restricted_area')));
                }
                $articles[] = parse(gps('Form'));
            } elseif ($allowoverride and $a['override_form']) {
                $articles[] = parse_form($a['override_form']);
            } else {
                $articles[] = $thing ? parse($thing) : parse_form($fname);
            }
            // Sending these to paging_link(); Required?
            $uPosted = $a['uPosted'];
            unset($GLOBALS['thisarticle']);
        }
        return doLabel($label, $labeltag) . doWrap($articles, $wraptag, $break, $class);
    }
}
Пример #27
0
function css_delete()
{
    $name = ps('name');
    $count = safe_count('txp_section', "css = '" . doSlash($name) . "'");
    if ($count) {
        $message = gTxt('css_used_by_section', array('{name}' => $name, '{count}' => $count));
    } else {
        safe_delete('txp_css', "name = '" . doSlash($name) . "'");
        $message = gTxt('css_deleted', array('{name}' => $name));
    }
    css_edit($message);
}
Пример #28
0
if (!safe_field('name', 'txp_prefs', "name='override_emailcharset'")) {
    safe_insert('txp_prefs', "name='override_emailcharset', val='0', prefs_id='1', type='1', event='admin', position='" . doSlash($maxpos) . "', html='yesnoradio'");
}
if (safe_field('val', 'txp_prefs', "name='comments_auto_append'") === false) {
    safe_insert('txp_prefs', "val = '1', name = 'comments_auto_append' , prefs_id ='1', type='0', html='yesnoradio', event='comments', position='211'");
    $form = <<<EOF
<txp:comments />
<txp:if_comments_allowed>
<txp:comments_form />
</txp:if_comments_allowed>
EOF;
    safe_insert('txp_form', "name='comments_display', type='article', Form='{$form}'");
}
// /tmp is bad for permanent storage of files,
// if no files are uploaded yet, switch to the files directory in the top-txp dir.
if (!safe_count('txp_file', "1")) {
    $tempdir = find_temp_dir();
    if ($tempdir == safe_field('val', 'txp_prefs', "name='file_base_path'")) {
        safe_update('txp_prefs', "val='" . doSlash(dirname(txpath) . DS . 'files') . "',prefs_id=1", "name='file_base_path'");
    }
}
// After this point the changes after RC4
// let's get the advanced fields in the right order
for ($i = 1; $i <= 10; $i++) {
    safe_update("txp_prefs", "position={$i}", "name='custom_{$i}_set'");
}
// index ip column in txp_log
$ipidxset = false;
$i = safe_show('index', 'txp_log');
foreach ($i as $a => $b) {
    if ($b['Column_name'] == 'ip') {
function customers_list($event = '', $step = '', $message = '')
{
    global $statuses, $comments_disabled_after, $step, $txp_user;
    pagetop("Customers", $message);
    extract(get_prefs());
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'qty', 'search_method')));
    $sesutats = array_flip($statuses);
    $dir = $dir == 'desc' ? 'desc' : 'asc';
    switch ($sort) {
        case 'RealName':
            $sort_sql = 'RealName ' . $dir;
            break;
        case 'orders':
            $sort_sql = 'orders ' . $dir;
            break;
        default:
            $dir = 'desc';
            $sort_sql = 'user_id ' . $dir;
            break;
    }
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $criteria = "privs = 0";
    if ($search_method and $crit) {
        $crit_escaped = doSlash($crit);
        $critsql = array('id' => "ID = '{$crit_escaped}'", 'title_body' => "Title rlike '{$crit_escaped}' or Body rlike '{$crit_escaped}'", 'section' => "Section rlike '{$crit_escaped}'", 'categories' => "Category1 rlike '{$crit_escaped}' or Category2 rlike '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID rlike '{$crit_escaped}'");
        if (array_key_exists($search_method, $critsql)) {
            $criteria = $critsql[$search_method];
            $limit = 500;
        } else {
            $search_method = '';
            $crit = '';
        }
    } else {
        $search_method = '';
        $crit = '';
    }
    $total = safe_count('txp_users', "{$criteria}");
    if (isset($qty)) {
        $customers_list_pageby = $qty;
    } else {
        $customers_list_pageby = 15;
    }
    $limit = max(@$customers_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    $rs = safe_rows_start('*', 'txp_users', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
    $customersOnPage = $offset + $limit;
    if ($rs) {
        echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '700') . n . tr(n . tda("Displaying {$offset} - {$customersOnPage} of {$total} customers", ' colspan="2" style="border: none; padding-bottom: 15px;"') . n . tda('<a href="?event=customers&step=edit_customer" class="navlink">Add a new customer</a> <a href="?event=customers&step=export_customer" class="navlink">Export customers</a>', ' colspan="2" style="text-align: right; border: none; padding-bottom: 15px;"')) . n . tr(n . column_head('Customer', 'RealName', 'customers', true, $switch_dir, $crit, $search_method) . column_head('Phone', 'shipping_phone', 'customers', true, $switch_dir, $crit, $search_method) . column_head('Email', 'email', 'customers', true, $switch_dir, $crit, $search_method) . column_head('Orders', 'order_num', 'customers', true, $switch_dir, $crit, $search_method));
        include_once txpath . '/publish/taghandlers.php';
        while ($a = nextRow($rs)) {
            extract($a);
            $order_num = safe_count("orders", "user_id = {$user_id}");
            $RealName = eLink('customers', 'edit_customer', 'user_id', $user_id, $RealName);
            $Orders = eLink('order', 'edit', 'customer', $name, $order_num);
            echo n . n . tr(n . td($RealName, "25%") . td($billing_phone, "25%") . td($email, "25%") . td($Orders, "25%"));
        }
        echo n . endTable() . n . '</form>' . n . nav_form('customers', $page, $numPages, $sort, $dir, $crit, $search_method) . n . pageby_form('customers', $customers_list_pageby);
    }
}
Пример #30
0
function list_list($message = '', $post = '')
{
    global $statuses, $comments_disabled_after, $step, $txp_user, $article_list_pageby;
    pagetop(gTxt('tab_list'), $message);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    $sesutats = array_flip($statuses);
    $dir = $dir == 'asc' ? 'asc' : 'desc';
    switch ($sort) {
        case 'id':
            $sort_sql = 'ID ' . $dir;
            break;
        case 'expires':
            $sort_sql = 'Expires ' . $dir;
            break;
        case 'title':
            $sort_sql = 'Title ' . $dir . ', Posted desc';
            break;
        case 'section':
            $sort_sql = 'Section ' . $dir . ', Posted desc';
            break;
        case 'category1':
            $sort_sql = 'Category1 ' . $dir . ', Posted desc';
            break;
        case 'category2':
            $sort_sql = 'Category2 ' . $dir . ', Posted desc';
            break;
        case 'status':
            $sort_sql = 'Status ' . $dir . ', Posted desc';
            break;
        case 'author':
            $sort_sql = 'AuthorID ' . $dir . ', Posted desc';
            break;
        case 'comments':
            $sort_sql = 'comments_count ' . $dir . ', Posted desc';
            break;
        case 'lastmod':
            $sort_sql = 'LastMod ' . $dir . ', Posted desc';
            break;
        default:
            $sort = 'posted';
            $sort_sql = 'Posted ' . $dir;
            break;
    }
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $criteria = 1;
    if ($search_method and $crit) {
        $crit_escaped = doSlash($crit);
        $critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'title_body_excerpt' => "Title rlike '{$crit_escaped}' or Body rlike '{$crit_escaped}' or Excerpt rlike '{$crit_escaped}'", 'section' => "Section rlike '{$crit_escaped}'", 'keywords' => "FIND_IN_SET('" . $crit_escaped . "',Keywords)", 'categories' => "Category1 rlike '{$crit_escaped}' or Category2 rlike '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID rlike '{$crit_escaped}'", 'article_image' => "Image in ('" . join("','", do_list($crit_escaped)) . "')", 'posted' => "Posted like '{$crit_escaped}%'", 'lastmod' => "LastMod like '{$crit_escaped}%'");
        if (array_key_exists($search_method, $critsql)) {
            $criteria = $critsql[$search_method];
            $limit = 500;
        } else {
            $search_method = '';
            $crit = '';
        }
    } else {
        $search_method = '';
        $crit = '';
    }
    $total = safe_count('textpattern', "{$criteria}");
    if ($total < 1) {
        if ($criteria != 1) {
            echo n . list_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"');
        } else {
            echo graf(gTxt('no_articles_recorded'), ' class="indicator"');
        }
        return;
    }
    $limit = max($article_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo n . list_search_form($crit, $search_method);
    $rs = safe_rows_start('*, unix_timestamp(Posted) as posted, unix_timestamp(LastMod) as lastmod, unix_timestamp(Expires) as expires', 'textpattern', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
    if ($rs) {
        $total_comments = array();
        // fetch true comment count, not the public comment count
        // maybe we should have another row in the db?
        $rs2 = safe_rows_start('parentid, count(*) as num', 'txp_discuss', "1 group by parentid order by parentid");
        if ($rs2) {
            while ($a = nextRow($rs2)) {
                $pid = $a['parentid'];
                $num = $a['num'];
                $total_comments[$pid] = $num;
            }
        }
        echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '90%') . n . tr(n . column_head('ID', 'id', 'list', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . column_head('posted', 'posted', 'list', true, $switch_dir, $crit, $search_method, 'posted' == $sort ? $dir : '') . column_head('article_modified', 'lastmod', 'list', true, $switch_dir, $crit, $search_method, ('lastmod' == $sort ? "{$dir} " : '') . 'articles_detail') . column_head('expires', 'expires', 'list', true, $switch_dir, $crit, $search_method, ('expires' == $sort ? "{$dir} " : '') . 'articles_detail') . column_head('title', 'title', 'list', true, $switch_dir, $crit, $search_method, 'title' == $sort ? $dir : '') . column_head('section', 'section', 'list', true, $switch_dir, $crit, $search_method, 'section' == $sort ? $dir : '') . column_head('category1', 'category1', 'list', true, $switch_dir, $crit, $search_method, ('category1' == $sort ? "{$dir} " : '') . 'articles_detail') . column_head('category2', 'category2', 'list', true, $switch_dir, $crit, $search_method, ('category2' == $sort ? "{$dir} " : '') . 'articles_detail') . column_head('status', 'status', 'list', true, $switch_dir, $crit, $search_method, 'status' == $sort ? $dir : '') . column_head('author', 'author', 'list', true, $switch_dir, $crit, $search_method, 'author' == $sort ? $dir : '') . column_head('comments', 'comments', 'list', true, $switch_dir, $crit, $search_method, ('comments' == $sort ? "{$dir} " : '') . 'articles_detail') . hCell());
        include_once txpath . '/publish/taghandlers.php';
        while ($a = nextRow($rs)) {
            extract($a);
            if (empty($Title)) {
                $Title = '<em>' . eLink('article', 'edit', 'ID', $ID, gTxt('untitled')) . '</em>';
            } else {
                $Title = eLink('article', 'edit', 'ID', $ID, $Title);
            }
            $Category1 = $Category1 ? '<span title="' . htmlspecialchars(fetch_category_title($Category1)) . '">' . $Category1 . '</span>' : '';
            $Category2 = $Category2 ? '<span title="' . htmlspecialchars(fetch_category_title($Category2)) . '">' . $Category2 . '</span>' : '';
            $view_url = permlinkurl($a);
            if ($Status != 4 and $Status != 5) {
                $view_url .= (strpos($view_url, '?') === FALSE ? '?' : '&amp;') . 'txpreview=' . intval($ID) . '.' . time();
            }
            $manage = n . '<ul class="articles_detail">' . n . t . '<li>' . eLink('article', 'edit', 'ID', $ID, gTxt('edit')) . '</li>' . n . t . '<li><a href="' . $view_url . '" class="article-view">' . gTxt('view') . '</a></li>' . n . '</ul>';
            $Status = !empty($Status) ? $statuses[$Status] : '';
            $comments = gTxt('none');
            if (isset($total_comments[$ID]) and $total_comments[$ID] > 0) {
                $comments = href(gTxt('manage'), 'index.php?event=discuss' . a . 'step=list' . a . 'search_method=parent' . a . 'crit=' . $ID) . ' (' . $total_comments[$ID] . ')';
            }
            $comment_status = $Annotate ? gTxt('on') : gTxt('off');
            if ($comments_disabled_after) {
                $lifespan = $comments_disabled_after * 86400;
                $time_since = time() - $posted;
                if ($time_since > $lifespan) {
                    $comment_status = gTxt('expired');
                }
            }
            $comments = n . '<ul>' . n . t . '<li>' . $comment_status . '</li>' . n . t . '<li>' . $comments . '</li>' . n . '</ul>';
            echo n . n . tr(n . td(eLink('article', 'edit', 'ID', $ID, $ID) . $manage) . td(gTime($posted), '', $posted < time() ? '' : 'unpublished') . td(gTime($lastmod), '', "articles_detail") . td($expires ? gTime($expires) : '', '', 'articles_detail') . td($Title) . td('<span title="' . htmlspecialchars(fetch_section_title($Section)) . '">' . $Section . '</span>', 75) . td($Category1, 100, "articles_detail") . td($Category2, 100, "articles_detail") . td($a['Status'] < 4 ? $Status : '<a href="' . permlinkurl($a) . '">' . $Status . '</a>', 50) . td('<span title="' . htmlspecialchars(get_author_name($AuthorID)) . '">' . htmlspecialchars($AuthorID) . '</span>') . td($comments, 50, "articles_detail") . td(($a['Status'] >= 4 and has_privs('article.edit.published') or $a['Status'] >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $a['Status'] < 4 and has_privs('article.edit') or $a['Status'] < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) ? fInput('checkbox', 'selected[]', $ID) : '&nbsp;'));
        }
        echo n . n . tr(tda(toggle_box('articles_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . list_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="9" style="text-align: right; border: none;"')) . n . endTable() . n . '</form>' . n . nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . pageby_form('list', $article_list_pageby);
    }
}