function view_entries($weblog_id = '', $message = '', $extra_sql = '', $search_url = '', $form_url = '', $action = '', $extra_fields_search = '', $extra_fields_entries = '') { global $IN, $LANG, $DSP, $FNS, $LOC, $DB, $SESS, $REGX, $PREFS, $EXT; // Security check if (!$DSP->allowed_group('can_access_edit')) { return $DSP->no_access_message(); } /** -------------------------------------------- /** Fetch weblog ID numbers assigned to the current user /** --------------------------------------------*/ $allowed_blogs = $FNS->fetch_assigned_weblogs(); if (empty($allowed_blogs)) { return $DSP->no_access_message($LANG->line('no_weblogs')); } // ------------------------------------------- // 'edit_entries_start' hook. // - Allows complete rewrite of Edit Entries page. // $edata = $EXT->call_extension('edit_entries_start', $weblog_id, $message); if ($EXT->end_script === TRUE) { return; } // // ------------------------------------------- /** ------------------------------ /** Fetch Color Library /** ------------------------------*/ // We use this to assist with our status colors if (file_exists(PATH . 'lib/colors' . EXT)) { include PATH . 'lib/colors' . EXT; } else { $colors = ''; } // We need to determine which weblog to show entries from. // if the weblog_id global doesn't exist we'll show all weblogs // combined if ($weblog_id == '') { $weblog_id = $IN->GBL('weblog_id', 'GP'); } if ($weblog_id == 'null' or $weblog_id === FALSE or !is_numeric($weblog_id)) { $weblog_id = ''; } $cat_group = ''; $cat_id = $IN->GBL('cat_id', 'GP'); $status = $IN->GBL('status', 'GP'); $order = $IN->GBL('order', 'GP'); $date_range = $IN->GBL('date_range', 'GP'); $total_blogs = count($allowed_blogs); // Begin building the page output $r = $DSP->qdiv('tableHeading', $LANG->line('edit_weblog_entries')); // Do we have a message to show? // Note: a message is displayed on this page after editing or submitting a new entry if ($IN->GBL("U") == 'mu') { $message = $DSP->qdiv('success', $LANG->line('multi_entries_updated')); } if ($message != '') { $r .= $message; } // Declare the "filtering" form $s = $DSP->form_open(array('action' => $search_url != '' ? $search_url : 'C=edit' . AMP . 'M=view_entries', 'name' => 'filterform', 'id' => 'filterform')); $s .= $extra_fields_search; // If we have more than one weblog we'll write the JavaScript menu switching code if ($total_blogs > 1) { $s .= Publish::filtering_menus(); } // Table start $s .= $DSP->div('box'); $s .= $DSP->table('', '0', '', '100%') . $DSP->tr() . $DSP->td('itemWrapper', '', '7') . NL; // If we have more than one blog we'll add the "onchange" method to // the form so that it'll automatically switch categories and statuses if ($total_blogs > 1) { $s .= "<select name='weblog_id' class='select' onchange='changemenu(this.selectedIndex);'>\n"; } else { $s .= "<select name='weblog_id' class='select'>\n"; } // Design note: Becuase the JavaScript code dynamically switches the information inside the // pull-down menus we can't show any particular menu in a "selected" state unless there is only // one weblog. Remember that each weblog is fully independent, so it can have its own // categories, statuses, etc. // Weblog selection pull-down menu // Fetch the names of all weblogs and write each one in an <option> field $sql = "SELECT blog_title, weblog_id, cat_group FROM exp_weblogs"; // If the user is restricted to specific blogs, add that to the query if ($SESS->userdata['group_id'] == 1) { $sql .= " WHERE is_user_blog = 'n'"; } else { $sql .= " WHERE weblog_id IN ("; foreach ($allowed_blogs as $val) { $sql .= "'" . $val . "',"; } $sql = substr($sql, 0, -1) . ')'; } $sql .= " AND site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "' order by blog_title"; $query = $DB->query($sql); if ($query->num_rows == 1) { $weblog_id = $query->row['weblog_id']; $cat_group = $query->row['cat_group']; } elseif ($weblog_id != '') { foreach ($query->result as $row) { if ($row['weblog_id'] == $weblog_id) { $weblog_id = $row['weblog_id']; $cat_group = $row['cat_group']; } } } $s .= $DSP->input_select_option('null', $LANG->line('filter_by_weblog')); if ($query->num_rows > 1) { $s .= $DSP->input_select_option('null', $LANG->line('all')); } $selected = ''; foreach ($query->result as $row) { if ($weblog_id != '') { $selected = $weblog_id == $row['weblog_id'] ? 'y' : ''; } $s .= $DSP->input_select_option($row['weblog_id'], $row['blog_title'], $selected); } $s .= $DSP->input_select_footer() . $DSP->nbs(2); // Category pull-down menu $s .= $DSP->input_select_header('cat_id') . $DSP->input_select_option('', $LANG->line('filter_by_category')); if ($total_blogs > 1) { $s .= $DSP->input_select_option('all', $LANG->line('all'), $cat_id == 'all' ? 'y' : ''); } $s .= $DSP->input_select_option('none', $LANG->line('none'), $cat_id == 'none' ? 'y' : ''); if ($cat_group != '') { if (TRUE) { $corder = $this->nest_categories == 'y' ? 'group_id, parent_id, cat_name' : 'cat_name'; $query = $DB->query("SELECT cat_id, cat_name, group_id, parent_id FROM exp_categories WHERE site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "' ORDER BY " . $corder); $categories = array(); if ($query->num_rows > 0) { foreach ($query->result as $row) { $categories[] = array($row['group_id'], $row['cat_id'], $REGX->entities_to_ascii($row['cat_name']), $row['parent_id']); } if ($this->nest_categories == 'y') { $this->cat_array = array(); foreach ($categories as $key => $val) { if (0 == $val['3']) { $this->cat_array[] = array($val['0'], $val['1'], $val['2']); $this->category_edit_subtree($val['1'], $categories, $depth = 1); } } } else { $this->cat_array = $categories; } } foreach ($this->cat_array as $key => $val) { if (!in_array($val['0'], explode('|', $cat_group))) { unset($this->cat_array[$key]); } } } foreach ($this->cat_array as $ckey => $cat) { if ($ckey - 1 < 0 or !isset($this->cat_array[$ckey - 1])) { $s .= $DSP->input_select_option('', '-------'); } $s .= $DSP->input_select_option($cat['1'], str_replace('!-!', ' ', $cat['2']), $cat_id == $cat['1'] ? 'y' : ''); if (isset($this->cat_array[$ckey + 1]) && $this->cat_array[$ckey + 1]['0'] != $cat['0']) { $s .= $DSP->input_select_option('', '-------'); } } } $s .= $DSP->input_select_footer() . $DSP->nbs(2); // Status pull-down menu $s .= $DSP->input_select_header('status') . $DSP->input_select_option('', $LANG->line('filter_by_status')) . $DSP->input_select_option('all', $LANG->line('all'), $status == 'all' ? 1 : ''); if ($weblog_id != '') { $rez = $DB->query("SELECT status_group FROM exp_weblogs WHERE weblog_id = '{$weblog_id}'"); $query = $DB->query("SELECT status FROM exp_statuses WHERE group_id = '" . $DB->escape_str($rez->row['status_group']) . "' ORDER BY status_order"); if ($query->num_rows > 0) { foreach ($query->result as $row) { $selected = $status == $row['status'] ? 1 : ''; $status_name = ($row['status'] == 'closed' or $row['status'] == 'open') ? $LANG->line($row['status']) : $row['status']; $s .= $DSP->input_select_option($row['status'], $status_name, $selected); } } } else { $s .= $DSP->input_select_option('open', $LANG->line('open'), $status == 'open' ? 1 : ''); $s .= $DSP->input_select_option('closed', $LANG->line('closed'), $status == 'closed' ? 1 : ''); } $s .= $DSP->input_select_footer() . $DSP->nbs(2); // Date range pull-down menu $sel_1 = $date_range == '1' ? 1 : ''; $sel_2 = $date_range == '7' ? 1 : ''; $sel_3 = $date_range == '31' ? 1 : ''; $sel_4 = $date_range == '182' ? 1 : ''; $sel_5 = $date_range == '365' ? 1 : ''; $s .= $DSP->input_select_header('date_range') . $DSP->input_select_option('', $LANG->line('date_range')) . $DSP->input_select_option('1', $LANG->line('today'), $sel_1) . $DSP->input_select_option('7', $LANG->line('past_week'), $sel_2) . $DSP->input_select_option('31', $LANG->line('past_month'), $sel_3) . $DSP->input_select_option('182', $LANG->line('past_six_months'), $sel_4) . $DSP->input_select_option('365', $LANG->line('past_year'), $sel_5) . $DSP->input_select_option('', $LANG->line('any_date')) . $DSP->input_select_footer() . $DSP->nbs(2); // Display order pull-down menu $sel_1 = $order == 'desc' ? 1 : ''; $sel_2 = $order == 'asc' ? 1 : ''; $sel_3 = $order == 'alpha' ? 1 : ''; $s .= $DSP->input_select_header('order') . $DSP->input_select_option('desc', $LANG->line('order'), $sel_1) . $DSP->input_select_option('asc', $LANG->line('ascending'), $sel_2) . $DSP->input_select_option('desc', $LANG->line('descending'), $sel_1) . $DSP->input_select_option('alpha', $LANG->line('alpha'), $sel_3) . $DSP->input_select_footer() . $DSP->nbs(2); // Results per page pull-down menu if (!($perpage = $IN->GBL('perpage', 'GP'))) { $perpage = $IN->GBL('perpage', 'COOKIE'); } if ($perpage == '') { $perpage = 50; } $FNS->set_cookie('perpage', $perpage, 60 * 60 * 24 * 182); $s .= $DSP->input_select_header('perpage') . $DSP->input_select_option('25', '25 ' . $LANG->line('results'), $perpage == 25 ? 1 : '') . $DSP->input_select_option('50', '50 ' . $LANG->line('results'), $perpage == 50 ? 1 : '') . $DSP->input_select_option('75', '75 ' . $LANG->line('results'), $perpage == 75 ? 1 : '') . $DSP->input_select_option('100', '100 ' . $LANG->line('results'), $perpage == 100 ? 1 : '') . $DSP->input_select_option('150', '150 ' . $LANG->line('results'), $perpage == 150 ? 1 : '') . $DSP->input_select_footer() . $DSP->nbs(2); $s .= $DSP->td_c() . $DSP->tr_c() . $DSP->tr() . $DSP->td('itemWrapper', '', '7') . NL; if (isset($_POST['keywords'])) { $keywords = $REGX->keyword_clean($_POST['keywords']); } elseif (isset($_GET['keywords'])) { $keywords = $REGX->keyword_clean(base64_decode($_GET['keywords'])); } else { $keywords = ''; } if (substr(strtolower($keywords), 0, 3) == 'ip:') { $keywords = str_replace('_', '.', $keywords); } // Because of the auto convert we prepare a specific variable // with the converted ascii characters while leaving the $keywords // variable intact for display and URL purposes $search_keywords = $PREFS->ini('auto_convert_high_ascii') == 'y' ? $REGX->ascii_to_entities($keywords) : $keywords; $exact_match = $IN->GBL('exact_match', 'GP') != '' ? $IN->GBL('exact_match', 'GP') : ''; $s .= $DSP->div('default') . $LANG->line('keywords', 'keywords') . NBS . NBS; $s .= $DSP->input_text('keywords', stripslashes($keywords), '40', '200', 'input', '200px') . NBS . NBS; $s .= $DSP->input_checkbox('exact_match', 'yes', $exact_match) . NBS . $LANG->line('exact_match') . NBS . NBS; $search_in = $IN->GBL('search_in', 'GP') != '' ? $IN->GBL('search_in', 'GP') : 'title'; $s .= $DSP->input_select_header('search_in') . $DSP->input_select_option('title', $LANG->line('title_only'), $search_in == 'title' ? 1 : '') . $DSP->input_select_option('body', $LANG->line('title_and_body'), $search_in == 'body' ? 1 : '') . $DSP->input_select_option('everywhere', $LANG->line('title_body_comments'), $search_in == 'everywhere' ? 1 : '') . (!isset($this->installed_modules['comment']) ? '' : $DSP->input_select_option('comments', $LANG->line('comments'), $search_in == 'comments' ? 1 : '')) . (!isset($this->installed_modules['trackback']) ? '' : $DSP->input_select_option('trackbacks', $LANG->line('trackbacks'), $search_in == 'trackbacks' ? 1 : '')) . $DSP->input_select_footer() . $DSP->nbs(2); // Submit button and form close $s .= $DSP->input_submit($LANG->line('search'), 'submit'); $s .= $DSP->div_c(); $s .= $DSP->td_c() . $DSP->tr_c() . $DSP->table_c(); $s .= $DSP->div_c(); $s .= $DSP->form_close(); // ------------------------------------------- // 'edit_entries_search_form' hook. // - Allows complete rewrite of Edit Entries Search form. // if ($EXT->active_hook('edit_entries_search_form') === TRUE) { $r .= $EXT->call_extension('edit_entries_search_form', $s); if ($EXT->end_script === TRUE) { return; } } else { $r .= $s; } // // ------------------------------------------- /** ------------------------------ /** Build the main query /** ------------------------------*/ if ($search_url != '') { $pageurl = BASE . AMP . $search_url; } else { $pageurl = BASE . AMP . 'C=edit' . AMP . 'M=view_entries'; } $sql_a = "SELECT "; if ($search_in == 'comments') { $sql_b = "DISTINCT(exp_comments.comment_id) "; } elseif ($search_in == 'trackbacks') { $sql_b = "DISTINCT(exp_trackbacks.trackback_id) "; } else { $sql_b = $cat_id == 'none' || $cat_id != "" ? "DISTINCT(exp_weblog_titles.entry_id) " : "exp_weblog_titles.entry_id "; } $sql = "FROM exp_weblog_titles\n\t\t\t\tLEFT JOIN exp_weblogs ON exp_weblog_titles.weblog_id = exp_weblogs.weblog_id "; if ($keywords != '') { if ($search_in != 'title') { $sql .= "LEFT JOIN exp_weblog_data ON exp_weblog_titles.entry_id = exp_weblog_data.entry_id "; } if ($search_in == 'everywhere' or $search_in == 'comments') { $sql .= "LEFT JOIN exp_comments ON exp_weblog_titles.entry_id = exp_comments.entry_id "; } elseif ($search_in == 'trackbacks') { $sql .= "LEFT JOIN exp_trackbacks ON exp_weblog_titles.entry_id = exp_trackbacks.entry_id "; } } elseif ($search_in == 'comments') { $sql .= "LEFT JOIN exp_comments ON exp_weblog_titles.entry_id = exp_comments.entry_id "; } elseif ($search_in == 'trackbacks') { $sql .= "LEFT JOIN exp_trackbacks ON exp_weblog_titles.entrY_id = exp_trackbacks.entry_id "; } $sql .= "LEFT JOIN exp_members ON exp_members.member_id = exp_weblog_titles.author_id "; if ($cat_id == 'none' || $cat_id != "") { $sql .= "LEFT JOIN exp_category_posts ON exp_weblog_titles.entry_id = exp_category_posts.entry_id\n\t\t\t\t\t LEFT JOIN exp_categories ON exp_category_posts.cat_id = exp_categories.cat_id "; } if (is_array($extra_sql) && isset($extra_sql['tables'])) { $sql .= ' ' . $extra_sql['tables'] . ' '; } // ------------------------------------------- // 'edit_entries_search_tables' hook. // - Add additional parts to the TABLES part of query // if ($EXT->active_hook('edit_entries_search_tables') === TRUE) { $sql .= $EXT->call_extension('edit_entries_search_tables'); } // // ------------------------------------------- // Limit to weblogs assigned to user if ($SESS->userdata('member_id') == 0) { $sql .= " WHERE is_user_blog = 'n' AND exp_weblogs.site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "'"; } else { $sql .= " WHERE exp_weblogs.site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "' AND exp_weblog_titles.weblog_id IN ("; foreach ($allowed_blogs as $val) { $sql .= "'" . $val . "',"; } $sql = substr($sql, 0, -1) . ')'; if (!$DSP->allowed_group('can_edit_other_entries') and !$DSP->allowed_group('can_view_other_entries')) { $sql .= " AND exp_weblog_titles.author_id = " . $SESS->userdata('member_id'); } } if (is_array($extra_sql) && isset($extra_sql['where'])) { $sql .= ' ' . $extra_sql['where'] . ' '; } if ($keywords != '') { $pageurl .= AMP . 'keywords=' . base64_encode($keywords); if ($search_in == 'trackbacks' or $search_in == 'comments') { // When searching in comments and trackbacks we do not want to // search the entry title. However, by removing this we would // have to make the rest of the query creation code below really messy // so we simply check for an empty title, which should never happen. // That makes this check pointless and allows us some cleaner code. -Paul $sql .= " AND (exp_weblog_titles.title = '' "; } else { if ($exact_match != 'yes') { $sql .= " AND (exp_weblog_titles.title LIKE '%" . $DB->escape_like_str($search_keywords) . "%' "; } else { $pageurl .= AMP . 'exact_match=yes'; $sql .= " AND (exp_weblog_titles.title = '" . $DB->escape_str($search_keywords) . "' OR exp_weblog_titles.title LIKE '" . $DB->escape_like_str($search_keywords) . " %' OR exp_weblog_titles.title LIKE '% " . $DB->escape_like_str($search_keywords) . " %' "; } } $pageurl .= AMP . 'search_in=' . $search_in; if ($search_in == 'body' or $search_in == 'everywhere') { /** --------------------------------------- /** Fetch the searchable field names /** ---------------------------------------*/ $fields = array(); $xql = "SELECT DISTINCT(field_group) FROM exp_weblogs WHERE "; $xql .= USER_BLOG !== FALSE ? "weblog_id = '" . UB_BLOG_ID . "' " : "is_user_blog = 'n' "; if ($weblog_id != '') { $xql .= " AND weblog_id = '" . $DB->escape_str($weblog_id) . "' "; } $query = $DB->query($xql); if ($query->num_rows > 0) { $fql = "SELECT field_id, field_type FROM exp_weblog_fields WHERE group_id IN ("; foreach ($query->result as $row) { $fql .= "'" . $row['field_group'] . "',"; } $fql = substr($fql, 0, -1) . ')'; $query = $DB->query($fql); if ($query->num_rows > 0) { foreach ($query->result as $row) { if ($row['field_type'] == 'text' or $row['field_type'] == 'textarea' or $row['field_type'] == 'select') { $fields[] = $row['field_id']; } } } } foreach ($fields as $val) { if ($exact_match != 'yes') { $sql .= " OR exp_weblog_data.field_id_" . $val . " LIKE '%" . $DB->escape_like_str($search_keywords) . "%' "; } else { $sql .= " OR (exp_weblog_data.field_id_" . $val . " LIKE '" . $DB->escape_like_str($search_keywords) . " %' OR exp_weblog_data.field_id_" . $val . " LIKE '% " . $DB->escape_like_str($search_keywords) . " %' OR exp_weblog_data.field_id_" . $val . " = '" . $DB->escape_str($search_keywords) . "') "; } } } if ($search_in == 'everywhere' or $search_in == 'comments') { if ($search_in == 'comments' && (substr(strtolower($search_keywords), 0, 3) == 'ip:' or substr(strtolower($search_keywords), 0, 4) == 'mid:')) { if (substr(strtolower($search_keywords), 0, 3) == 'ip:') { $sql .= " OR (exp_comments.ip_address = '" . $DB->escape_str(str_replace('_', '.', substr($search_keywords, 3))) . "') "; } elseif (substr(strtolower($search_keywords), 0, 4) == 'mid:') { $sql .= " OR (exp_comments.author_id = '" . $DB->escape_str(substr($search_keywords, 4)) . "') "; } } else { $sql .= " OR (exp_comments.comment LIKE '%" . $DB->escape_like_str($keywords) . "%') "; // No ASCII conversion here! } } elseif ($search_in == 'trackbacks') { if ($search_in == 'trackbacks' && substr(strtolower($search_keywords), 0, 3) == 'ip:') { $sql .= " OR (exp_trackbacks.trackback_ip = '" . $DB->escape_str(str_replace('_', '.', substr($search_keywords, 3))) . "') "; } else { $sql .= " OR (CONCAT_WS(' ', exp_trackbacks.content, exp_trackbacks.title, exp_trackbacks.weblog_name) LIKE '%" . $DB->escape_like_str($keywords) . "%') "; // No ASCII conversion here either! } } $sql .= ")"; } if ($weblog_id) { $pageurl .= AMP . 'weblog_id=' . $weblog_id; $sql .= " AND exp_weblog_titles.weblog_id = {$weblog_id}"; } if ($date_range) { $pageurl .= AMP . 'date_range=' . $date_range; $date_range = time() - $date_range * 60 * 60 * 24; $sql .= " AND exp_weblog_titles.entry_date > {$date_range}"; } if (is_numeric($cat_id)) { $pageurl .= AMP . 'cat_id=' . $cat_id; $sql .= " AND exp_category_posts.cat_id = '{$cat_id}' \n AND exp_category_posts.entry_id = exp_weblog_titles.entry_id "; } if ($cat_id == 'none') { $pageurl .= AMP . 'cat_id=' . $cat_id; $sql .= " AND exp_category_posts.entry_id IS NULL "; } if ($status && $status != 'all') { $pageurl .= AMP . 'status=' . $status; $sql .= " AND exp_weblog_titles.status = '{$status}'"; } // ------------------------------------------- // 'edit_entries_search_where' hook. // - Add additional parts to the WHERE clause of search // if ($EXT->active_hook('edit_entries_search_where') === TRUE) { $sql .= $EXT->call_extension('edit_entries_search_where'); } // // ------------------------------------------- $end = " ORDER BY "; if ($order) { $pageurl .= AMP . 'order=' . $order; switch ($order) { case 'asc': $end .= "entry_date asc"; break; case 'desc': $end .= "entry_date desc"; break; case 'alpha': $end .= "title asc"; break; default: $end .= "entry_date desc"; } } else { $end .= "entry_date desc"; } /** ------------------------------ /** Are there results? /** ------------------------------*/ $query = $DB->query($sql_a . $sql_b . $sql); // No result? Show the "no results" message $total_count = $query->num_rows; if ($total_count == 0) { $r .= $DSP->qdiv('highlight', BR . $LANG->line('no_entries_matching_that_criteria')); return $DSP->set_return_data($LANG->line('edit') . $DSP->crumb_item($LANG->line('edit_weblog_entries')), $r, $LANG->line('edit_weblog_entries')); } // Get the current row number and add the LIMIT clause to the SQL query if (!($rownum = $IN->GBL('rownum', 'GP'))) { $rownum = 0; } /** -------------------------------------------- /** Run the query again, fetching ID numbers /** --------------------------------------------*/ $query = $DB->query($sql_a . $sql_b . $sql . $end . " LIMIT " . $rownum . ", " . $perpage); $pageurl .= AMP . 'perpage=' . $perpage; if ($search_in == 'comments') { $comment_array = array(); foreach ($query->result as $row) { $comment_array[] = $row['comment_id']; } if ($keywords == '') { $pageurl .= AMP . 'keywords=' . base64_encode($keywords) . AMP . 'search_in=' . $search_in; } $pagination_links = $DSP->pager($pageurl, $total_count, $perpage, $rownum, 'rownum'); return $this->view_comments('', '', '', FALSE, array_unique($comment_array), $pagination_links, $rownum); } elseif ($search_in == 'trackbacks') { $trackback_array = array(); foreach ($query->result as $row) { $trackback_array[] = $row['trackback_id']; } if ($keywords == '') { $pageurl .= AMP . 'keywords=' . base64_encode($keywords) . AMP . 'search_in=' . $search_in; } $pagination_links = $DSP->pager($pageurl, $total_count, $perpage, $rownum, 'rownum'); return $this->view_comments('', '', $message, TRUE, array_unique($trackback_array)); } /** -------------------------------------------- /** Fetch the weblog information we need later /** --------------------------------------------*/ $sql = "SELECT weblog_id, blog_name FROM exp_weblogs "; if (USER_BLOG !== FALSE) { $sql .= " WHERE exp_weblogs.weblog_id = '" . UB_BLOG_ID . "'"; } else { $sql .= " WHERE exp_weblogs.is_user_blog = 'n'"; } $sql .= "AND site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "' "; $w_array = array(); $result = $DB->query($sql); if ($result->num_rows > 0) { foreach ($result->result as $rez) { $w_array[$rez['weblog_id']] = $rez['blog_name']; } } /** -------------------------------------------- /** Fetch the status highlight colors /** --------------------------------------------*/ $cql = "SELECT exp_weblogs.weblog_id, exp_weblogs.blog_name, exp_statuses.status, exp_statuses.highlight\n FROM exp_weblogs, exp_statuses, exp_status_groups\n WHERE exp_status_groups.group_id = exp_weblogs.status_group\n AND exp_status_groups.group_id = exp_statuses.group_id\n AND exp_statuses.highlight != ''\n AND exp_status_groups.site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "' "; // Limit to weblogs assigned to user if ($SESS->userdata['weblog_id'] != 0) { $sql .= " AND exp_weblogs.weblog_id IN ("; foreach ($allowed_blogs as $val) { $sql .= "'" . $val . "',"; } $sql = substr($sql, 0, -1) . ')'; } else { $cql .= " AND is_user_blog = 'n'"; } $result = $DB->query($cql); $c_array = array(); if ($result->num_rows > 0) { foreach ($result->result as $rez) { $c_array[$rez['weblog_id'] . '_' . $rez['status']] = str_replace('#', '', $rez['highlight']); } } // "select all" checkbox $r .= $DSP->toggle(); $DSP->body_props .= ' onload="magic_check()" '; $r .= $DSP->magic_checkboxes(); // Build the item headings // Declare the "multi edit actions" form $r .= $DSP->form_open(array('action' => $form_url != '' ? $form_url : 'C=edit' . AMP . 'M=multi_edit', 'name' => 'target', 'id' => 'target')); $r .= $extra_fields_entries; /** -------------------------------------------- /** Build the output table /** --------------------------------------------*/ $o = $DSP->table('tableBorder', '0', '', '100%') . $DSP->tr() . $DSP->table_qcell('tableHeadingAlt', '#') . $DSP->table_qcell('tableHeadingAlt', $LANG->line('title')) . $DSP->table_qcell('tableHeadingAlt', $LANG->line('view')) . (!isset($this->installed_modules['comment']) ? '' : $DSP->table_qcell('tableHeadingAlt', $LANG->line('comments'))) . (!isset($this->installed_modules['trackback']) ? '' : $DSP->table_qcell('tableHeadingAlt', $LANG->line('trackbacks'))) . $DSP->table_qcell('tableHeadingAlt', $LANG->line('author')) . $DSP->table_qcell('tableHeadingAlt', $LANG->line('date')) . $DSP->table_qcell('tableHeadingAlt', $LANG->line('weblog')) . $DSP->table_qcell('tableHeadingAlt', $LANG->line('status')); // ------------------------------------------- // 'edit_entries_additional_tableheader' hook. // - Add another cell row to display, title here // if ($EXT->active_hook('edit_entries_additional_tableheader') === TRUE) { $o .= $EXT->call_extension('edit_entries_additional_tableheader', $query->row); } // // ------------------------------------------- $o .= $DSP->table_qcell('tableHeadingAlt', $DSP->input_checkbox('toggleflag', '', '', "onclick=\"toggle(this);\"")) . $DSP->tr_c(); // ------------------------------------------- // 'edit_entries_modify_tableheader' hook. // - Allows modifying or rewrite of Edit sections Table Header. // if ($EXT->active_hook('edit_entries_modify_tableheader') === TRUE) { $r .= $EXT->call_extension('edit_entries_modify_tableheader', $o); if ($EXT->end_script === TRUE) { return; } } else { $r .= $o; } // // ------------------------------------------- /** ---------------------------------------------- /** Build and run the full SQL query /** ----------------------------------------------*/ $sql = "SELECT "; $sql .= $cat_id == 'none' || $cat_id != "" ? "DISTINCT(exp_weblog_titles.entry_id), " : "exp_weblog_titles.entry_id, "; $sql .= "exp_weblog_titles.weblog_id, \n\t\t\t\texp_weblog_titles.title, \n\t\t\t\texp_weblog_titles.author_id, \n\t\t\t\texp_weblog_titles.status, \n\t\t\t\texp_weblog_titles.entry_date, \n\t\t\t\texp_weblog_titles.dst_enabled,\n\t\t\t\texp_weblog_titles.comment_total, \n\t\t\t\texp_weblog_titles.trackback_total,\n\t\t\t\texp_weblogs.live_look_template,\n\t\t\t\texp_members.username,\n\t\t\t\texp_members.email,\n\t\t\t\texp_members.screen_name"; // ------------------------------------------- // 'edit_entries_search_fields' hook. // - Add additional parts to the FIELDS part of query // if ($EXT->active_hook('edit_entries_search_fields') === TRUE) { $sql .= $EXT->call_extension('edit_entries_search_fields'); } // // ------------------------------------------- $sql .= " FROM exp_weblog_titles\n\t\t\t\t LEFT JOIN exp_weblogs ON exp_weblog_titles.weblog_id = exp_weblogs.weblog_id\n\t\t\t\t LEFT JOIN exp_members ON exp_members.member_id = exp_weblog_titles.author_id "; if ($cat_id != 'none' and $cat_id != "") { $sql .= "INNER JOIN exp_category_posts ON exp_weblog_titles.entry_id = exp_category_posts.entry_id\n\t\t\t\t\t INNER JOIN exp_categories ON exp_category_posts.cat_id = exp_categories.cat_id "; } $sql .= "WHERE exp_weblog_titles.entry_id IN ("; foreach ($query->result as $row) { $sql .= $row['entry_id'] . ','; } $sql = substr($sql, 0, -1) . ') ' . $end; $query = $DB->query($sql); // load the site's templates $templates = array(); $tquery = $DB->query("SELECT exp_template_groups.group_name, exp_templates.template_name, exp_templates.template_id\n\t\t\t\t\t\t\tFROM exp_template_groups, exp_templates\n\t\t\t\t\t\t\tWHERE exp_template_groups.group_id = exp_templates.group_id\n\t\t\t\t\t\t\tAND exp_templates.site_id = '" . $DB->escape_str($PREFS->ini('site_id')) . "'"); if ($tquery->num_rows > 0) { foreach ($tquery->result as $row) { $templates[$row['template_id']] = $row['group_name'] . '/' . $row['template_name']; } } // Loop through the main query result and write each table row $i = 0; foreach ($query->result as $row) { $style = $i % 2 ? 'tableCellOne' : 'tableCellTwo'; $i++; $tr = $DSP->tr(); // Entry ID number $tr .= $DSP->table_qcell($style, $row['entry_id']); // Weblog entry title (view entry) $tr .= $DSP->table_qcell($style, $DSP->anchor(BASE . AMP . 'C=edit' . AMP . 'M=edit_entry' . AMP . 'weblog_id=' . $row['weblog_id'] . AMP . 'entry_id=' . $row['entry_id'], '<b>' . $row['title'] . '</b>')); // Edit entry $show_link = TRUE; if ($row['live_look_template'] != 0 && isset($templates[$row['live_look_template']])) { $qm = $PREFS->ini('force_query_string') == 'y' ? '' : '?'; $view_link = $DSP->anchor($FNS->fetch_site_index() . $qm . 'URL=' . $FNS->create_url($templates[$row['live_look_template']] . '/' . $row['entry_id']), $LANG->line('live_look'), '', TRUE); } else { if ($row['author_id'] != $SESS->userdata('member_id') && !$DSP->allowed_group('can_edit_other_entries')) { $show_link = FALSE; } $view_url = BASE . AMP . 'C=edit' . AMP . 'M=view_entry' . AMP . 'weblog_id=' . $row['weblog_id'] . AMP . 'entry_id=' . $row['entry_id']; $view_link = $show_link == FALSE ? '--' : $DSP->anchor($view_url, $LANG->line('view')); } $tr .= $DSP->table_qcell($style, $view_link); // Comment count $show_link = TRUE; if ($row['author_id'] == $SESS->userdata('member_id')) { if (!$DSP->allowed_group('can_edit_own_comments') and !$DSP->allowed_group('can_delete_own_comments') and !$DSP->allowed_group('can_moderate_comments')) { $show_link = FALSE; } } else { if (!$DSP->allowed_group('can_edit_all_comments') and !$DSP->allowed_group('can_delete_all_comments') and !$DSP->allowed_group('can_moderate_comments')) { $show_link = FALSE; } } if (isset($this->installed_modules['comment'])) { // Comment Link if ($show_link !== FALSE) { $res = $DB->query("SELECT COUNT(*) AS count FROM exp_comments WHERE entry_id = '" . $row['entry_id'] . "'"); $DB->q_count--; $view_url = BASE . AMP . 'C=edit' . AMP . 'M=view_comments' . AMP . 'weblog_id=' . $row['weblog_id'] . AMP . 'entry_id=' . $row['entry_id']; } $view_link = $show_link == FALSE ? $DSP->qdiv('lightLinks', '--') : $DSP->qspan('lightLinks', '(' . $res->row['count'] . ')') . NBS . $DSP->anchor($view_url, $LANG->line('view')); $tr .= $DSP->table_qcell($style, $view_link); } if (isset($this->installed_modules['trackback'])) { // Trackback Link if ($show_link !== FALSE) { $res = $DB->query("SELECT COUNT(*) AS count FROM exp_trackbacks WHERE entry_id = '" . $row['entry_id'] . "'"); $DB->q_count--; $view_url = BASE . AMP . 'C=edit' . AMP . 'M=view_trackbacks' . AMP . 'weblog_id=' . $row['weblog_id'] . AMP . 'entry_id=' . $row['entry_id']; } $view_link = $show_link == FALSE ? $DSP->qdiv('lightLinks', '--') : $DSP->qspan('lightLinks', '(' . $res->row['count'] . ')') . NBS . $DSP->anchor($view_url, $LANG->line('view')); $tr .= $DSP->table_qcell($style, $view_link); } // Username $name = $row['screen_name'] != '' ? $row['screen_name'] : $row['username']; $name = $DSP->anchor('mailto:' . $row['email'], $name, 'title="Send an email to ' . $name . '"'); $tr .= $DSP->table_qcell($style, $DSP->qdiv('smallLinks', $name)); // Date $date_fmt = $SESS->userdata['time_format'] != '' ? $SESS->userdata['time_format'] : $PREFS->ini('time_format'); if ($date_fmt == 'us') { $datestr = '%m/%d/%y %h:%i %a'; } else { $datestr = '%Y-%m-%d %H:%i'; } if ($PREFS->ini('honor_entry_dst') == 'y') { if ($row['dst_enabled'] == 'n' and $SESS->userdata('daylight_savings') == 'y') { if ($row['entry_date'] != '') { $row['entry_date'] -= 3600; } } elseif ($row['dst_enabled'] == 'y' and $SESS->userdata('daylight_savings') == 'n') { if ($row['entry_date'] != '') { $row['entry_date'] += 3600; } } } // ------------------------------------------- // 'edit_entries_decode_date' hook. // - Change how the date is formatted in the edit entries list // if ($EXT->active_hook('edit_entries_decode_date') === TRUE) { $tr .= $EXT->call_extension('edit_entries_decode_date', $row['entry_date']); } else { $tr .= $DSP->td($style) . $DSP->qdiv('smallNoWrap', $LOC->decode_date($datestr, $row['entry_date'], TRUE)) . $DSP->td_c(); } // // ------------------------------------------- // Weblog $tr .= $DSP->table_qcell($style, isset($w_array[$row['weblog_id']]) ? $DSP->qdiv('smallNoWrap', $w_array[$row['weblog_id']]) : ''); // Status $tr .= $DSP->td($style); $status_name = ($row['status'] == 'open' or $row['status'] == 'closed') ? $LANG->line($row['status']) : $row['status']; if (isset($c_array[$row['weblog_id'] . '_' . $row['status']]) and $c_array[$row['weblog_id'] . '_' . $row['status']] != '') { $color = $c_array[$row['weblog_id'] . '_' . $row['status']]; $prefix = (is_array($colors) and !array_key_exists(strtolower($color), $colors)) ? '#' : ''; $tr .= "<div style='color:" . $prefix . $color . ";'>" . $status_name . '</div>'; } else { if ($row['status'] == 'open') { $tr .= "<div style='color:#009933;'>" . $status_name . '</div>'; } elseif ($row['status'] == 'closed') { $tr .= "<div style='color:#990000;'>" . $status_name . '</div>'; } else { $tr .= $status_name; } } $tr .= $DSP->td_c(); // ------------------------------------------- // 'edit_entries_additional_celldata' hook. // - Add another cell to display? // if ($EXT->active_hook('edit_entries_additional_celldata') === TRUE) { $tr .= $EXT->call_extension('edit_entries_additional_celldata', $row); } // // ------------------------------------------- // Delete checkbox $tr .= $DSP->table_qcell($style, $DSP->input_checkbox('toggle[]', $row['entry_id'], '', ' id="delete_box_' . $row['entry_id'] . '"')); $tr .= $DSP->tr_c(); // ------------------------------------------- // 'edit_entries_modify_tablerow' hook. // - Allows modifying or rewrite of entry row in Edit section. // if ($EXT->active_hook('edit_entries_modify_tablerow') === TRUE) { $r .= $EXT->call_extension('edit_entries_modify_tablerow', $tr); if ($EXT->end_script === TRUE) { return; } } else { $r .= $tr; } // // ------------------------------------------- } // End foreach $r .= $DSP->table_c(); $r .= $DSP->table('', '0', '', '100%'); $r .= $DSP->tr() . $DSP->td(); // Pass the relevant data to the paginate class $r .= $DSP->div('crumblinks') . $DSP->pager($pageurl, $total_count, $perpage, $rownum, 'rownum') . $DSP->div_c() . $DSP->td_c() . $DSP->td('defaultRight'); $r .= $DSP->input_hidden('pageurl', base64_encode($pageurl)); // Delete button $r .= $DSP->div('itemWrapper'); $r .= $DSP->input_submit($LANG->line('submit')); if ($action == '') { $r .= NBS . $DSP->input_select_header('action') . $DSP->input_select_option('edit', $LANG->line('edit_selected')) . $DSP->input_select_option('delete', $LANG->line('delete_selected')) . $DSP->input_select_option('edit', '------') . $DSP->input_select_option('add_categories', $LANG->line('add_categories')) . $DSP->input_select_option('remove_categories', $LANG->line('remove_categories')); // ------------------------------------------- // 'edit_entries_extra_actions' hook. // - Add more options to the actions form at the bottom of the Edit screen // if ($EXT->active_hook('edit_entries_extra_actions') === TRUE) { $r .= $EXT->call_extension('edit_entries_extra_actions'); } // // ------------------------------------------- $r .= $DSP->input_select_footer(); } else { $r .= $action; } $r .= $DSP->div_c(); $r .= $DSP->td_c() . $DSP->tr_c() . $DSP->table_c(); $r .= $DSP->form_close(); // Set output data return $r; }