private function edit() { require_once WT_ROOT . 'includes/functions/functions_edit.php'; if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) { $block_id = WT_Filter::postInteger('block_id'); if ($block_id) { WT_DB::prepare("UPDATE `##block` SET gedcom_id=NULLIF(?, '0'), block_order=? WHERE block_id=?")->execute(array(WT_Filter::postInteger('gedcom_id'), WT_Filter::postInteger('block_order'), $block_id)); } else { WT_DB::prepare("INSERT INTO `##block` (gedcom_id, module_name, block_order) VALUES (NULLIF(?, '0'), ?, ?)")->execute(array(WT_Filter::postInteger('gedcom_id'), $this->getName(), WT_Filter::postInteger('block_order'))); $block_id = WT_DB::getInstance()->lastInsertId(); } set_block_setting($block_id, 'header', WT_Filter::post('header')); set_block_setting($block_id, 'faqbody', WT_Filter::post('faqbody')); $languages = array(); foreach (WT_I18N::installed_languages() as $code => $name) { if (WT_Filter::postBool('lang_' . $code)) { $languages[] = $code; } } set_block_setting($block_id, 'languages', implode(',', $languages)); $this->config(); } else { $block_id = WT_Filter::getInteger('block_id'); $controller = new WT_Controller_Page(); if ($block_id) { $controller->setPageTitle(WT_I18N::translate('Edit FAQ item')); $header = get_block_setting($block_id, 'header'); $faqbody = get_block_setting($block_id, 'faqbody'); $block_order = WT_DB::prepare("SELECT block_order FROM `##block` WHERE block_id=?")->execute(array($block_id))->fetchOne(); $gedcom_id = WT_DB::prepare("SELECT gedcom_id FROM `##block` WHERE block_id=?")->execute(array($block_id))->fetchOne(); } else { $controller->setPageTitle(WT_I18N::translate('Add an FAQ item')); $header = ''; $faqbody = ''; $block_order = WT_DB::prepare("SELECT IFNULL(MAX(block_order)+1, 0) FROM `##block` WHERE module_name=?")->execute(array($this->getName()))->fetchOne(); $gedcom_id = WT_GED_ID; } $controller->pageHeader(); if (array_key_exists('ckeditor', WT_Module::getActiveModules())) { ckeditor_WT_Module::enableEditor($controller); } // "Help for this page" link echo '<div id="page_help">', help_link('add_faq_item', $this->getName()), '</div>'; echo '<form name="faq" method="post" action="module.php?mod=', $this->getName(), '&mod_action=admin_edit">'; echo WT_Filter::getCsrf(); echo '<input type="hidden" name="save" value="1">'; echo '<input type="hidden" name="block_id" value="', $block_id, '">'; echo '<table id="faq_module">'; echo '<tr><th>'; echo WT_I18N::translate('Question'); echo '</th></tr><tr><td><input type="text" name="header" size="90" tabindex="1" value="' . WT_Filter::escapeHtml($header) . '"></td></tr>'; echo '<tr><th>'; echo WT_I18N::translate('Answer'); echo '</th></tr><tr><td>'; echo '<textarea name="faqbody" class="html-edit" rows="10" cols="90" tabindex="2">', WT_Filter::escapeHtml($faqbody), '</textarea>'; echo '</td></tr>'; echo '</table><table id="faq_module2">'; echo '<tr>'; echo '<th>', WT_I18N::translate('Show this block for which languages?'), '</th>'; echo '<th>', WT_I18N::translate('FAQ position'), help_link('add_faq_order', $this->getName()), '</th>'; echo '<th>', WT_I18N::translate('FAQ visibility'), help_link('add_faq_visibility', $this->getName()), '</th>'; echo '</tr><tr>'; echo '<td>'; $languages = get_block_setting($block_id, 'languages'); echo edit_language_checkboxes('lang_', $languages); echo '</td><td>'; echo '<input type="text" name="block_order" size="3" tabindex="3" value="', $block_order, '"></td>'; echo '</td><td>'; echo select_edit_control('gedcom_id', WT_Tree::getIdList(), WT_I18N::translate('All'), $gedcom_id, 'tabindex="4"'); echo '</td></tr>'; echo '</table>'; echo '<p><input type="submit" value="', WT_I18N::translate('save'), '" tabindex="5">'; echo '</form>'; exit; } }
private function edit() { require_once WT_ROOT . 'includes/functions/functions_edit.php'; if (WT_USER_CAN_EDIT) { if (WT_Filter::postBool('save') && WT_Filter::checkCsrf()) { $block_id = WT_Filter::postInteger('block_id'); if ($block_id) { WT_DB::prepare("UPDATE `##block` SET gedcom_id=?, xref=? WHERE block_id=?")->execute(array(WT_Filter::postInteger('gedcom_id'), WT_Filter::post('xref', WT_REGEX_XREF), $block_id)); } else { WT_DB::prepare("INSERT INTO `##block` (gedcom_id, xref, module_name, block_order) VALUES (?, ?, ?, ?)")->execute(array(WT_Filter::postInteger('gedcom_id'), WT_Filter::post('xref', WT_REGEX_XREF), $this->getName(), 0)); $block_id = WT_DB::getInstance()->lastInsertId(); } set_block_setting($block_id, 'title', WT_Filter::post('title')); set_block_setting($block_id, 'story_body', WT_Filter::post('story_body')); $languages = array(); foreach (WT_I18N::installed_languages() as $code => $name) { if (WT_Filter::postBool('lang_' . $code)) { $languages[] = $code; } } set_block_setting($block_id, 'languages', implode(',', $languages)); $this->config(); } else { $block_id = WT_Filter::getInteger('block_id'); $controller = new WT_Controller_Page(); if ($block_id) { $controller->setPageTitle(WT_I18N::translate('Edit story')); $title = get_block_setting($block_id, 'title'); $story_body = get_block_setting($block_id, 'story_body'); $gedcom_id = WT_DB::prepare("SELECT gedcom_id FROM `##block` WHERE block_id=?")->execute(array($block_id))->fetchOne(); $xref = WT_DB::prepare("SELECT xref FROM `##block` WHERE block_id=?")->execute(array($block_id))->fetchOne(); } else { $controller->setPageTitle(WT_I18N::translate('Add a story')); $title = ''; $story_body = ''; $gedcom_id = WT_GED_ID; $xref = WT_Filter::get('xref', WT_REGEX_XREF); } $controller->pageHeader()->addExternalJavascript(WT_STATIC_URL . 'js/autocomplete.js')->addInlineJavascript('autocomplete();'); if (array_key_exists('ckeditor', WT_Module::getActiveModules())) { ckeditor_WT_Module::enableEditor($controller); } echo '<form name="story" method="post" action="module.php?mod=', $this->getName(), '&mod_action=admin_edit">'; echo WT_Filter::getCsrf(); echo '<input type="hidden" name="save" value="1">'; echo '<input type="hidden" name="block_id" value="', $block_id, '">'; echo '<input type="hidden" name="gedcom_id" value="', WT_GED_ID, '">'; echo '<table id="story_module">'; echo '<tr><th>'; echo WT_I18N::translate('Story title'); echo '</th></tr><tr><td><textarea name="title" rows="1" cols="90" tabindex="2">', WT_Filter::escapeHtml($title), '</textarea></td></tr>'; echo '<tr><th>'; echo WT_I18N::translate('Story'); echo '</th></tr><tr><td>'; echo '<textarea name="story_body" class="html-edit" rows="10" cols="90" tabindex="2">', WT_Filter::escapeHtml($story_body), '</textarea>'; echo '</td></tr>'; echo '</table><table id="story_module2">'; echo '<tr>'; echo '<th>', WT_I18N::translate('Individual'), '</th>'; echo '<th>', WT_I18N::translate('Show this block for which languages?'), '</th>'; echo '</tr>'; echo '<tr>'; echo '<td class="optionbox">'; echo '<input data-autocomplete-type="INDI" type="text" name="xref" id="pid" size="4" value="' . $xref . '">'; echo print_findindi_link('pid'); if ($xref) { $person = WT_Individual::getInstance($xref); if ($person) { echo ' ', $person->format_list('span'); } } echo '</td>'; $languages = get_block_setting($block_id, 'languages'); echo '<td class="optionbox">'; echo edit_language_checkboxes('lang_', $languages); echo '</td></tr></table>'; echo '<p><input type="submit" value="', WT_I18N::translate('save'), '" tabindex="5">'; echo '</p>'; echo '</form>'; exit; } } else { header('Location: ' . WT_SERVER_NAME . WT_SCRIPT_PATH); exit; } }
use WT\Auth; define('WT_SCRIPT_NAME', 'editnews.php'); require './includes/session.php'; $controller = new WT_Controller_Simple(); $controller->setPageTitle(WT_I18N::translate('Add/edit a journal/news entry'))->restrictAccess(Auth::isMember())->pageHeader(); $action = WT_Filter::get('action', 'compose|save|delete', 'compose'); $news_id = WT_Filter::getInteger('news_id'); $user_id = WT_Filter::get('user_id', WT_REGEX_INTEGER, WT_Filter::post('user_id', WT_REGEX_INTEGER)); $gedcom_id = WT_Filter::get('gedcom_id', WT_REGEX_INTEGER, WT_Filter::post('gedcom_id', WT_REGEX_INTEGER)); $date = WT_Filter::postInteger('date', 0, PHP_INT_MAX, WT_TIMESTAMP); $title = WT_Filter::post('title'); $text = WT_Filter::post('text'); switch ($action) { case 'compose': if (array_key_exists('ckeditor', WT_Module::getActiveModules())) { ckeditor_WT_Module::enableEditor($controller); } echo '<h3>' . WT_I18N::translate('Add/edit a journal/news entry') . '</h3>'; echo '<form style="overflow: hidden;" name="messageform" method="post" action="editnews.php?action=save&news_id=' . $news_id . '">'; if ($news_id) { $news = getNewsItem($news_id); } else { $news = array(); $news['user_id'] = $user_id; $news['gedcom_id'] = $gedcom_id; $news['date'] = WT_TIMESTAMP; $news['title'] = ''; $news['text'] = ''; } echo '<input type="hidden" name="user_id" value="' . $news['user_id'] . '">'; echo '<input type="hidden" name="gedcom_id" value="' . $news['gedcom_id'] . '">';