/** * Send admin notification * * Sends an admin notification email * * @access public * @param string * @param int * @param int */ function send_admin_notification($notify_address, $channel_id, $entry_id) { ee()->api->instantiate('channel_structure'); ee()->load->model('channel_entries_model'); $e = ee()->channel_entries_model->get_entry($entry_id, $channel_id); $c = ee()->api_channel_structure->get_channel_info($channel_id); $swap = array('name' => ee()->session->userdata('screen_name'), 'email' => ee()->session->userdata('email'), 'channel_name' => $c->row('channel_title'), 'entry_title' => $e->row('title'), 'entry_url' => reduce_double_slashes($c->row('channel_url') . '/' . $e->row('url_title')), 'comment_url' => reduce_double_slashes($c->row('comment_url') . '/' . $e->row('url_title')), 'cp_edit_entry_url' => cp_url('content_publish/entry_form', array('site_id' => $e->row('site_id'), 'channel_id' => $e->row('channel_id'), 'entry_id' => $e->row('entry_id')), TRUE)); $template = ee()->functions->fetch_email_template('admin_notify_entry'); $email_tit = ee()->functions->var_swap($template['title'], $swap); $email_msg = ee()->functions->var_swap($template['data'], $swap); // We don't want to send a notification to the user // triggering the event if (strpos($notify_address, ee()->session->userdata('email')) !== FALSE) { $notify_address = str_replace(ee()->session->userdata('email'), "", $notify_address); } $notify_address = reduce_multiples($notify_address, ',', TRUE); if ($notify_address != '') { // Send email ee()->load->library('email'); foreach (explode(',', $notify_address) as $addy) { ee()->email->EE_initialize(); ee()->email->wordwrap = false; ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name')); ee()->email->to($addy); ee()->email->reply_to(ee()->config->item('webmaster_email')); ee()->email->subject($email_tit); ee()->email->message(entities_to_ascii($email_msg)); ee()->email->send(); } } }
/** * Return a CP url * * @access public * @param string A valid method name * @param bool Encode amperands? * @return string */ public function cp_url($method = 'index', $useAmp = FALSE) { if (version_compare(APP_VER, '2.8.0', '>=')) { return cp_url('addons_modules/show_module_cp', array('module' => 'postmaster', 'method' => $method)); } else { if (!defined('BASE')) { define('BASE', ''); } $amp = !$useAmp ? AMP : '&'; $file = substr(BASE, 0, strpos(BASE, '?')); $file = str_replace($file, '', $_SERVER['PHP_SELF']) . BASE; $url = $file . $amp . '&C=addons_modules' . $amp . 'M=show_module_cp' . $amp . 'module=postmaster' . $amp . 'method=' . $method; return str_replace(AMP, $amp, $url); } }
/** * Entry Form * * Handles new and existing entries. Self submits to save. * * @return void */ public function entry_form() { $this->load->library('form_validation'); // Needed for custom tabs loaded by layout_model from the db table // exp_layout_publish where the whole layout (fields and tabs) are // stored in serialized form. This language file contains the // localized names for the fields and tabs. We may want to push // this call deeper down the rabbit hole so that it is simply // always available whenever we load the layout_model. Or this // may be the only spot we use it. Not sure, so sticking it // here for now. -Daniel B. $this->lang->loadfile('publish_tabs_custom'); $entry_id = (int) ee()->input->get_post('entry_id'); $channel_id = (int) ee()->input->get_post('channel_id'); $site_id = (int) ee()->input->get_post('site_id'); // If an entry or channel on a different site is requested, try // to switch sites and reload the publish form if ($site_id != 0 && $site_id != ee()->config->item('site_id') && empty($_POST)) { ee()->cp->switch_site($site_id, cp_url('content_publish/entry_form', array('channel_id' => $channel_id, 'entry_id' => $entry_id))); } // Prevent publishing new entries if disallowed if (!$this->cp->allowed_group('can_access_content', 'can_access_publish') and $entry_id == 0) { show_error(lang('unauthorized_access')); } $autosave = $this->input->get_post('use_autosave') == 'y'; // If we're autosaving and this isn't a submitted form if ($autosave and empty($_POST)) { $autosave_entry_id = $entry_id; $autosave_data = $this->db->get_where('channel_entries_autosave', array('entry_id' => $entry_id)); $autosave_data = $autosave_data->row(); $entry_id = $autosave_data->original_entry_id; } else { $autosave_entry_id = FALSE; } $this->_smileys_enabled = isset($this->cp->installed_modules['emoticon']) ? TRUE : FALSE; if ($this->_smileys_enabled) { $this->load->helper('smiley'); $this->cp->add_to_foot(smiley_js()); } // Grab the channel_id associated with this entry if // required and make sure the current member has access. $channel_id = $this->_member_can_publish($channel_id, $entry_id, $autosave_entry_id); // If they're loading a revision, we stop here $this->_check_revisions($entry_id); // Get channel data $this->_channel_data = $this->_load_channel_data($channel_id); // Grab, fields and entry data $entry_data = $this->_load_entry_data($channel_id, $entry_id, $autosave_entry_id); $field_data = $this->_set_field_settings($entry_id, $entry_data); $entry_id = $entry_data['entry_id']; // Merge in default fields $deft_field_data = $this->_setup_default_fields($this->_channel_data, $entry_data); $field_data = array_merge($field_data, $deft_field_data); $field_data = $this->_setup_field_blocks($field_data, $entry_data); $this->_set_field_validation($this->_channel_data, $field_data); // @todo setup validation for categories, etc? // @todo third party tabs $this->form_validation->set_message('title', lang('missing_title')); $this->form_validation->set_message('entry_date', lang('missing_date')); $this->form_validation->set_error_delimiters('<div class="notice">', '</div>'); $valid = $this->form_validation->run(); if ($valid === TRUE) { if ($this->_save($channel_id, $entry_id) === TRUE) { // under normal circumstances _save will redirect // if we get here, a hook triggered end_script return; } // used in _setup_layout_styles // @todo handle generic api errors $this->errors = $this->api_channel_entries->errors; } $this->_setup_file_list(); // get all member groups with cp access for the layout list $member_groups_laylist = array(); $listable = $this->member_model->get_member_groups(array('can_access_admin', 'can_access_edit'), array('can_access_content' => 'y')); foreach ($listable->result() as $group) { if ($group->can_access_admin == 'y' or $group->can_access_edit == 'y') { $member_groups_laylist[] = array('group_id' => $group->group_id, 'group_title' => $group->group_title); } } // Set default tab labels // They may be overwritten or added to in the steps below $this->_tab_labels = array('publish' => lang('publish'), 'categories' => lang('categories'), 'options' => lang('options'), 'date' => lang('date')); if (isset($this->_channel_data['enable_versioning']) && $this->_channel_data['enable_versioning'] == 'y') { $this->_tab_labels['revisions'] = lang('revisions'); } // Load layouts - we'll need them for the steps below // if this is a layout group preview, we'll use it, otherwise, we'll use the author's group_id $layout_info = $this->_load_layout($channel_id); // Merge layout data (mostly width and visbility) into field data for use on the publish page $field_data = $this->_set_field_layout_settings($field_data, $layout_info); // First figure out what tabs to show, and what fields // they contain. Then work through the details of how // they are show. $this->cp->add_js_script('file', array('cp/publish', 'cp/category_editor')); $tab_hierarchy = $this->_setup_tab_hierarchy($field_data, $layout_info); $layout_styles = $this->_setup_layout_styles($field_data, $layout_info); $field_list = $this->_sort_field_list($field_data); // @todo admin only? or use as master list? skip sorting for non admins, but still compile? $field_list = $this->_prep_field_wrapper($field_list); $field_output = $this->_setup_field_display($field_data, $entry_id); // Start to assemble view data // WORK IN PROGRESS, just need a few things on the page to // work with the html - will clean this crap up $this->load->library('filemanager'); $this->load->helper('snippets'); $this->load->library('file_field'); $this->file_field->browser(); $this->cp->add_js_script(array('ui' => array('resizable', 'draggable', 'droppable'), 'plugin' => array('markitup', 'toolbox.expose', 'overlay', 'tmpl', 'ee_url_title'), 'file' => array('json2', 'cp/publish_tabs'))); if ($this->session->userdata('group_id') == 1) { $this->cp->add_js_script(array('file' => 'cp/publish_admin')); } $this->_set_global_js($entry_id, $valid); reset($tab_hierarchy); $this->_markitup(); $parts = $_GET; unset($parts['S'], $parts['D']); $current_url = http_build_query($parts, '', '&'); $autosave_id = $autosave ? $autosave_entry_id : 0; // Remove 'layout_preview' from the URL, stripping anything after it if (strpos($current_url, 'layout_preview') !== FALSE) { $preview_url = explode(AMP . 'layout_preview=', $current_url, 2); $preview_url = $preview_url[0]; } else { $preview_url = $current_url; } $data = array('message' => '', 'cp_page_title' => lang($entry_id ? 'edit_entry' : 'new_entry') . ': ' . $this->_channel_data['channel_title'], 'tabs' => $tab_hierarchy, 'first_tab' => key($tab_hierarchy), 'tab_labels' => $this->_tab_labels, 'field_list' => $field_list, 'layout_styles' => $layout_styles, 'field_output' => $field_output, 'layout_group' => is_numeric($this->input->get_post('layout_preview')) ? $this->input->get_post('layout_preview') : $this->session->userdata('group_id'), 'spell_enabled' => TRUE, 'smileys_enabled' => $this->_smileys_enabled, 'current_url' => $current_url, 'file_list' => $this->_file_manager['file_list'], 'show_revision_cluster' => $this->_channel_data['enable_versioning'], 'member_groups_laylist' => $member_groups_laylist, 'hidden_fields' => array('entry_id' => $entry_id, 'channel_id' => $channel_id, 'autosave_entry_id' => $autosave_id, 'filter' => $this->input->get_post('filter')), 'preview_url' => $preview_url); if ($this->cp->allowed_group('can_access_publish')) { $this->cp->set_breadcrumb(BASE . AMP . 'C=content_publish', lang('publish')); } $this->cp->render('content/publish', $data); }
/** * Check to see if a string is unchanged after running it through * Security::xss_clean() * @param String $string The string to validate * @return Boolean TRUE if it's unchanged, FALSE otherwise */ public function valid_xss_check($string) { $valid = $string == ee()->security->xss_clean($string); if (!$valid) { ee()->lang->loadfile('admin'); $this->set_message('valid_xss_check', sprintf(lang('invalid_xss_check'), cp_url('homepage'))); } return $valid; }
/** * Build Index * * Shows a 'working' page and orchestrates the rebuilding process * * @access public * @return mixed */ function build_index() { // Did they specify a language $language = ee()->input->get('language') ?: ee()->config->item('deft_lang'); // Show an intermediate page so they don't refresh and make sure we keep any saved searches $working = ee()->input->get('working'); $saved = ee()->input->get('saved') ?: ''; if (!$working) { $vars['cp_page_title'] = 'Rebuilding Index'; ee()->view->cp_page_title = $vars['cp_page_title']; // Meta refresh to start the process $refresh_url = cp_url('search/build_index', array('language' => $language, 'working' => 'y', 'saved' => $saved)); $meta = '<meta http-equiv="refresh" content="3;url=' . $refresh_url . '" />'; ee()->cp->add_to_head($meta); ee()->cp->render('search/rebuild', $vars); } elseif ($working == 'y') { // Clear all keywords for this language ee()->db->where('language', $language); ee()->db->delete('cp_search_index'); // And we're on our way ee()->cp_search->_build_index($language); ee()->functions->redirect(cp_url('search/build_index', array('working' => 'n', 'saved' => $saved))); } else { if (!empty($saved)) { ee()->functions->redirect(cp_url('search', array('saved' => $saved))); } ee()->functions->redirect(cp_url('homepage')); } }
/** * Run the main parsing loop. * * Takes the data row, the preparsed tagdata, and any additonal * options and delegates to the proper parsing components. * * @param array The data row. * @param array Config items * * disable: array of components to turn off * callbacks: array of callbacks to register * * @return string Parsed tagdata */ public function parse($data, $config = array()) { $this->_data = $data; $pre = $this->_preparser; // data options $entries = $this->data('entries', array()); $absolute_offset = $this->data('absolute_offset', 0); $absolute_results = $this->data('absolute_results'); // config options $disabled = isset($config['disable']) ? $config['disable'] : array(); $callbacks = isset($config['callbacks']) ? $config['callbacks'] : array(); $pairs = $pre->pairs; $singles = $pre->singles; $prefix = $this->_prefix; $channel = $this->_channel; $subscriber_totals = $pre->subscriber_totals; $total_results = count($entries); $site_pages = config_item('site_pages'); foreach (ee()->TMPL->site_ids as $site_id) { if ($site_id != ee()->config->item('site_id')) { $pages = ee()->config->site_pages($site_id); $site_pages[$site_id] = $pages[$site_id]; } } $result = ''; // final template // If custom fields are enabled, notify them of the data we're about to send if (!empty($channel->cfields)) { $this->_send_custom_field_data_to_fieldtypes($entries); } $count = 0; $orig_tagdata = $this->_parser->tagdata(); $parser_components = $this->_parser->components(); $dt = 0; ee()->load->library('typography'); ee()->typography->initialize(array('convert_curly' => FALSE)); ee()->load->helper('date'); ee()->load->helper('url'); foreach ($entries as $row) { $tagdata = $orig_tagdata; $this->_count = $count; $row['count'] = $count + 1; $row['page_uri'] = ''; $row['page_url'] = ''; $row['total_results'] = $total_results; $row['absolute_count'] = $absolute_offset + $row['count']; $row['absolute_results'] = $absolute_results === NULL ? $total_results : $absolute_results; $row['comment_subscriber_total'] = isset($subscriber_totals[$row['entry_id']]) ? $subscriber_totals[$row['entry_id']] : 0; $row['cp_edit_entry_url'] = cp_url('content_publish/entry_form', array('site_id' => $row['site_id'], 'channel_id' => $row['channel_id'], 'entry_id' => $row['entry_id'])); if ($site_pages !== FALSE && isset($site_pages[$row['site_id']]['uris'][$row['entry_id']])) { $row['page_uri'] = $site_pages[$row['site_id']]['uris'][$row['entry_id']]; $row['page_url'] = ee()->functions->create_page_url($site_pages[$row['site_id']]['url'], $site_pages[$row['site_id']]['uris'][$row['entry_id']]); } // ------------------------------------------------------- // Loop start callback. Do what you want. // Currently in use in the channel module for the // channel_entries_tagdata hook. // ------------------------------------------------------- if (isset($callbacks['tagdata_loop_start'])) { $tagdata = call_user_func($callbacks['tagdata_loop_start'], $tagdata, $row); } // ------------------------------------------------------- // Row data callback. Do what you want. // Currently in use in the channel module for the // channel_entries_row hook. // ------------------------------------------------------- if (isset($callbacks['entry_row_data'])) { $row = call_user_func($callbacks['entry_row_data'], $tagdata, $row); } // Reset custom date fields // Since custom date fields columns are integer types by default, if they // don't contain any data they return a zero. // This creates a problem if conditionals are used with those fields. // For example, if an admin has this in a template: {if mydate == ''} // Since the field contains a zero it would never evaluate TRUE. // Therefore we'll reset any zero dates to nothing. if (isset($channel->dfields[$row['site_id']]) && count($channel->dfields[$row['site_id']]) > 0) { foreach ($channel->dfields[$row['site_id']] as $dkey => $dval) { // While we're at it, kill any formatting $row['field_ft_' . $dval] = 'none'; if (isset($row['field_id_' . $dval]) and $row['field_id_' . $dval] == 0) { $row['field_id_' . $dval] = ''; } } } $this->_row = $row; // conditionals! $cond = $this->_get_conditional_data($row, $prefix, $channel); // Parse Variable Pairs foreach ($pairs as $key => $val) { $this->_tag = $key; $this->_tag_options = $val; foreach ($parser_components->pair() as $k => $component) { if (!$pre->is_disabled($component)) { $tagdata = $component->replace($tagdata, $this, $pre->pair_data($component)); } } } // Run parsers that just process tagdata once (relationships, for example) foreach ($parser_components->once() as $k => $component) { if (!$pre->is_disabled($component)) { $tagdata = $component->replace($tagdata, $this, $pre->once_data($component)); } } // We swap out the conditionals after pairs are parsed so they don't interfere // with the string replace $tagdata = ee()->functions->prep_conditionals($tagdata, $cond); // Parse individual variable tags foreach ($singles as $key => $val) { $this->_tag = $key; $this->_tag_options = $val; foreach ($parser_components->single() as $k => $component) { if (!$pre->is_disabled($component)) { $tagdata = $component->replace($tagdata, $this, $pre->single_data($component)); } } } // do we need to replace any curly braces that we protected in custom fields? if (strpos($tagdata, unique_marker('channel_bracket_open')) !== FALSE) { $tagdata = str_replace(array(unique_marker('channel_bracket_open'), unique_marker('channel_bracket_close')), array('{', '}'), $tagdata); } // ------------------------------------------------------- // Loop end callback. Do what you want. // Used by relationships to parse children and by the // channel module for the channel_entries_tagdata_end hook // ------------------------------------------------------- if (isset($callbacks['tagdata_loop_end'])) { $tagdata = call_user_func($callbacks['tagdata_loop_end'], $tagdata, $row); } $result .= $tagdata; $count++; } return $result; }
/** * update/add field * * omit field_id in $field_data to create a new field * * @param array $field_data the field settings; * uses the following keys: group_id, site_id, field_name, field_label, field_type, field_order, * and also fieldtype-specific settings, e.g. text_field_text_direction. * works in concert with data submitted using Api_channel_fields::field_edit_vars() * * @return int|string|FALSE the field_id or FALSE if the process failed */ public function update_field(array $field_data) { $this->errors = array(); ee()->load->helper('array'); if (!isset($field_data['group_id'])) { $this->_set_error('unauthorized_access'); return FALSE; } ee()->lang->loadfile('admin_content'); // If the $field_id variable has data we are editing an // existing group, otherwise we are creating a new one $edit = (!isset($field_data['field_id']) or $field_data['field_id'] == '') ? FALSE : TRUE; // We need this as a variable as we'll unset the array index $group_id = element('group_id', $field_data); // Check for required fields $error = array(); ee()->load->model('field_model'); // little check in case they switched sites in MSM after leaving a window open. // otherwise the landing page will be extremely confusing if (!isset($field_data['site_id']) or $field_data['site_id'] != ee()->config->item('site_id')) { $this->_set_error('site_id_mismatch'); } // Was a field name supplied? if ($field_data['field_name'] == '') { $this->_set_error('no_field_name'); } else { if (in_array($field_data['field_name'], ee()->cp->invalid_custom_field_names())) { $this->_set_error('reserved_word'); } } // Was a field label supplied? if ($field_data['field_label'] == '') { $this->_set_error('no_field_label'); } // Does field name contain invalid characters? if (preg_match('/[^a-z0-9\\_\\-]/i', $field_data['field_name'])) { $this->errors[] = lang('invalid_characters') . ': ' . $field_data['field_name']; } if ($field_data['field_label'] != ee()->security->xss_clean($field_data['field_label']) or $field_data['field_instructions'] != ee()->security->xss_clean($field_data['field_instructions'])) { ee()->lang->loadfile('admin'); $this->errors[] = sprintf(lang('invalid_xss_check'), cp_url('homepage')); } // Truncated field name to test against duplicates $trunc_field_name = substr(element('field_name', $field_data), 0, 32); // Is the field name taken? ee()->db->where(array('site_id' => ee()->config->item('site_id'), 'field_name' => $trunc_field_name)); if ($edit == TRUE) { ee()->db->where('field_id !=', element('field_id', $field_data)); } if (ee()->db->count_all_results('channel_fields') > 0) { if ($trunc_field_name != element('field_name', $field_data)) { $this->_set_error('duplicate_truncated_field_name'); } else { $this->_set_error('duplicate_field_name'); } } $field_type = $field_data['field_type']; // If they are setting a file type, ensure there is at least one upload directory available if ($field_type == 'file') { ee()->load->model('file_upload_preferences_model'); $upload_dir_prefs = ee()->file_upload_preferences_model->get_file_upload_preferences(); // count upload dirs if (count($upload_dir_prefs) === 0) { ee()->lang->loadfile('filemanager'); $this->_set_error('please_add_upload'); } } // Are there errors to display? if ($this->error_count() > 0) { return FALSE; } // Get the field type settings $this->fetch_all_fieldtypes(); $this->setup_handler($field_type); $ft_settings = $this->apply('save_settings', array($this->get_posted_field_settings($field_type))); // Default display options foreach (array('smileys', 'glossary', 'spellcheck', 'formatting_btns', 'file_selector', 'writemode') as $key) { $tmp = $this->_get_ft_data($field_type, 'field_show_' . $key, $field_data); $ft_settings['field_show_' . $key] = $tmp ? $tmp : 'n'; } // Now that they've had a chance to mess with the POST array, // grab post values for the native fields (and check namespaced fields) foreach ($this->native as $key) { $native_settings[$key] = $this->_get_ft_data($field_type, $key, $field_data); } // Set some defaults $native_settings['field_list_items'] = ($tmp = $this->_get_ft_data($field_type, 'field_list_items', $field_data)) ? $tmp : ''; $native_settings['field_text_direction'] = $native_settings['field_text_direction'] !== FALSE ? $native_settings['field_text_direction'] : 'ltr'; $native_settings['field_show_fmt'] = $native_settings['field_show_fmt'] !== FALSE ? $native_settings['field_show_fmt'] : 'n'; $native_settings['field_fmt'] = $native_settings['field_fmt'] !== FALSE ? $native_settings['field_fmt'] : 'xhtml'; if ($native_settings['field_list_items'] != '') { // This results in double encoding later on //$native_settings['field_list_items'] = quotes_to_entities($native_settings['field_list_items']); } if ($native_settings['field_pre_populate'] == 'y') { $x = explode('_', $this->_get_ft_data($field_type, 'field_pre_populate_id', $field_data)); $native_settings['field_pre_channel_id'] = $x['0']; $native_settings['field_pre_field_id'] = $x['1']; } // If they returned a native field value as part of their settings instead of changing the post array, // we'll merge those changes into our native settings foreach ($ft_settings as $key => $val) { if (in_array($key, $this->native)) { unset($ft_settings[$key]); $native_settings[$key] = $val; } } if ($field_data['field_order'] == 0 or $field_data['field_order'] == '') { $query = ee()->db->select('MAX(field_order) as max')->where('site_id', ee()->config->item('site_id'))->where('group_id', (int) $group_id)->get('channel_fields'); $native_settings['field_order'] = (int) $query->row('max') + 1; } $native_settings['field_settings'] = base64_encode(serialize($ft_settings)); // Construct the query based on whether we are updating or inserting if ($edit === TRUE) { if (!is_numeric($native_settings['field_id'])) { return FALSE; } // Update the formatting for all existing entries if ($this->_get_ft_data($field_type, 'update_formatting', $field_data) == 'y') { ee()->db->update('channel_data', array('field_ft_' . $native_settings['field_id'] => $native_settings['field_fmt'])); } // Send it over to drop old fields, add new ones, and modify as needed $this->edit_datatype($native_settings['field_id'], $field_type, $native_settings); unset($native_settings['group_id']); ee()->db->where('field_id', $native_settings['field_id']); ee()->db->where('group_id', $group_id); ee()->db->update('channel_fields', $native_settings); // Update saved layouts if necessary $collapse = $native_settings['field_is_hidden'] == 'y' ? TRUE : FALSE; $buttons = $ft_settings['field_show_formatting_btns'] == 'y' ? TRUE : FALSE; // Add to any custom layouts // First, figure out what channels are associated with this group // Then using the list of channels, figure out the layouts associated with those channels // Then update each layout individually $channels_for_group = ee()->field_model->get_assigned_channels($group_id); if ($channels_for_group->num_rows() > 0) { ee()->load->model('layout_model'); foreach ($channels_for_group->result() as $channel) { $channel_ids[] = $channel->channel_id; } ee()->db->select('layout_id'); ee()->db->where_in('channel_id', $channel_ids); $layouts_for_group = ee()->db->get('layout_publish'); foreach ($layouts_for_group->result() as $layout) { // Figure out visibility for the field in the layout $layout_settings = ee()->layout_model->get_layout_settings(array('layout_id' => $layout->layout_id), TRUE); $visibility = TRUE; $width = '100%'; if (array_key_exists('field_id_' . $native_settings['field_id'], $layout_settings)) { $field_settings = $layout_settings['field_id_' . $native_settings['field_id']]; $width = $field_settings['width'] !== NULL ? $field_settings['width'] : $width; $visibility = $field_settings['visible'] !== NULL ? $field_settings['visible'] : $visibility; } $field_info[$native_settings['field_id']] = array('visible' => $visibility, 'collapse' => $collapse, 'htmlbuttons' => $buttons, 'width' => $width); ee()->layout_model->edit_layout_group_fields($field_info, $layout->layout_id); } } } else { if (!$native_settings['field_ta_rows']) { $native_settings['field_ta_rows'] = 0; } // as its new, there will be no field id, unset it to prevent an empty string from attempting to pass unset($native_settings['field_id']); ee()->db->insert('channel_fields', $native_settings); $insert_id = ee()->db->insert_id(); $native_settings['field_id'] = $insert_id; $this->add_datatype($insert_id, $native_settings); $field_formatting = array('none', 'br', 'markdown', 'xhtml'); //if the selected field formatting is not one of the native formats, make sure it gets added to exp_field_formatting for this field if (!in_array($native_settings['field_fmt'], $field_formatting)) { $field_formatting[] = $native_settings['field_fmt']; } foreach ($field_formatting as $val) { $f_data = array('field_id' => $insert_id, 'field_fmt' => $val); ee()->db->insert('field_formatting', $f_data); } $collapse = $native_settings['field_is_hidden'] == 'y' ? TRUE : FALSE; $buttons = $ft_settings['field_show_formatting_btns'] == 'y' ? TRUE : FALSE; $field_info['publish'][$insert_id] = array('visible' => 'true', 'collapse' => $collapse, 'htmlbuttons' => $buttons, 'width' => '100%'); // Add to any custom layouts $query = ee()->field_model->get_assigned_channels($group_id); if ($query->num_rows() > 0) { foreach ($query->result() as $row) { $channel_ids[] = $row->channel_id; } ee()->load->library('layout'); ee()->layout->add_layout_fields($field_info, $channel_ids); } } $_final_settings = array_merge($native_settings, $ft_settings); unset($_final_settings['field_settings']); $this->set_settings($native_settings['field_id'], $_final_settings); $this->setup_handler($native_settings['field_id']); $this->apply('post_save_settings', array($_final_settings)); ee()->functions->clear_caching('all', ''); return $native_settings['field_id']; }
public function build_categories_block($cat_group_ids, $entry_id, $selected_categories, $default_category = '', $file = FALSE) { ee()->load->library('api'); ee()->api->instantiate('channel_categories'); $default = array('string_override' => lang('no_categories'), 'field_id' => 'category', 'field_name' => 'category', 'field_label' => lang('categories'), 'field_required' => 'n', 'field_type' => 'multiselect', 'field_text_direction' => 'ltr', 'field_data' => '', 'field_fmt' => 'text', 'field_instructions' => '', 'field_show_fmt' => 'n', 'selected' => 'n', 'options' => array()); // No categories? Easy peasy if (!$cat_group_ids) { return array('category' => $default); } else { if (!is_array($cat_group_ids)) { if (strstr($cat_group_ids, '|')) { $cat_group_ids = explode('|', $cat_group_ids); } else { $cat_group_ids = array($cat_group_ids); } } } ee()->api->instantiate('channel_categories'); $catlist = array(); $categories = array(); // Figure out selected categories if (!count($_POST) && !$entry_id && $default_category) { // new entry and a default exists $catlist = $default_category; } elseif (count($_POST) > 0) { $catlist = array(); if (isset($_POST['category']) && is_array($_POST['category'])) { foreach ($_POST['category'] as $val) { $catlist[$val] = $val; } } } elseif (!isset($selected_categories) and $entry_id !== 0) { if ($file) { ee()->db->from(array('categories c', 'file_categories p')); ee()->db->where('p.file_id', $entry_id); } else { ee()->db->from(array('categories c', 'category_posts p')); ee()->db->where('p.entry_id', $entry_id); } ee()->db->select('c.cat_name, p.*'); ee()->db->where_in('c.group_id', $cat_group_ids); ee()->db->where('c.cat_id = p.cat_id'); $qry = ee()->db->get(); foreach ($qry->result() as $row) { $catlist[$row->cat_id] = $row->cat_id; } } elseif (is_array($selected_categories)) { foreach ($selected_categories as $val) { $catlist[$val] = $val; } } // Figure out valid category options ee()->api_channel_categories->category_tree($cat_group_ids, $catlist); if (count(ee()->api_channel_categories->categories) > 0) { // add categories in again, over-ride setting above foreach (ee()->api_channel_categories->categories as $val) { $categories[$val['3']][] = $val; } } // If the user can edit categories, we'll go ahead and // show the links to make that work $edit_links = FALSE; if (ee()->session->userdata('can_edit_categories') == 'y') { $link_info = ee()->api_channel_categories->fetch_allowed_category_groups($cat_group_ids); if (is_array($link_info) && count($link_info)) { $edit_links = array(); foreach ($link_info as $val) { $edit_links[] = array('url' => cp_url('admin_content/category_editor', array('group_id' => $val['group_id'])), 'group_name' => $val['group_name']); } } } // Load in necessary lang keys ee()->lang->loadfile('admin_content'); ee()->javascript->set_global(array('publish.lang' => array('update' => lang('update'), 'edit_category' => lang('edit_category')))); // EE.publish.lang.update_category // Build the mess $data = compact('categories', 'edit_links'); $default['options'] = $categories; $default['string_override'] = ee()->load->view('content/_assets/categories', $data, TRUE); return array('category' => $default); }
/** * Generate Menu * * Builds the CP menu * * @access public * @return void */ function generate_menu($permissions = '') { if (!ee()->cp->allowed_group('can_access_cp')) { return; } $menu = array(); $menu['content'] = array('publish' => cp_url('content_publish'), 'edit' => cp_url('content_edit'), 'files' => array('file_manager' => cp_url('content_files'), '----', 'file_upload_preferences' => cp_url('content_files/file_upload_preferences'), 'file_watermark_preferences' => cp_url('content_files/watermark_preferences'))); // $template_menu = array('edit_templates' => array(), 'template_manager' => cp_url('design/manager')); if (ee()->config->item('enable_template_routes') == 'y') { $template_menu += array('template_route_manager' => cp_url('design/url_manager')); } $template_menu += array('sync_templates' => cp_url('design/sync_templates'), '----', 'snippets' => cp_url('design/snippets'), 'global_variables' => cp_url('design/global_variables'), '----', 'template_preferences' => cp_url('design/template_preferences_manager'), 'global_preferences' => cp_url('design/global_template_preferences')); $menu['design'] = array('templates' => $template_menu, 'message_pages' => array('email_notification' => cp_url('design/email_notification'), 'user_message' => cp_url('design/user_message'), 'offline_template' => cp_url('design/system_offline'))); $menu['addons'] = array('modules' => cp_url('addons_modules'), 'accessories' => cp_url('addons_accessories'), 'extensions' => cp_url('addons_extensions'), 'fieldtypes' => cp_url('addons_fieldtypes'), 'plugins' => cp_url('addons_plugins')); $menu['members'] = array('view_all_members' => cp_url('members/view_all_members'), 'member_groups' => cp_url('members/member_group_manager'), '----', 'ip_search' => cp_url('members/ip_search'), '----', 'register_member' => cp_url('members/new_member_form'), 'user_banning' => cp_url('members/member_banning'), 'activate_pending_members' => cp_url('members/member_validation'), '----', 'custom_member_fields' => cp_url('members/custom_profile_fields'), 'member_config' => cp_url('members/member_config')); $menu['admin'] = array('channel_management' => array('channels' => cp_url('admin_content/channel_management'), 'field_group_management' => cp_url('admin_content/field_group_management'), 'channel_form_settings' => cp_url('admin_content/channel_form_settings'), 'status_group_management' => cp_url('admin_content/status_group_management'), 'category_management' => cp_url('admin_content/category_management'), '----', 'global_channel_preferences' => cp_url('admin_content/global_channel_preferences')), '----', 'general_configuration' => cp_url('admin_system/general_configuration'), 'localization_settings' => cp_url('admin_system/localization_settings'), 'email_configuration' => cp_url('admin_system/email_configuration'), '----', 'admin_content' => array('default_html_buttons' => cp_url('admin_content/default_html_buttons')), 'admin_system' => array('database_settings' => cp_url('admin_system/database_settings'), 'output_debugging_preferences' => cp_url('admin_system/output_debugging_preferences'), '----', 'image_resizing_preferences' => cp_url('admin_system/image_resizing_preferences'), 'emoticon_preferences' => cp_url('admin_system/emoticon_preferences'), 'search_log_configuration' => cp_url('admin_system/search_log_configuration'), '----', 'config_editor' => cp_url('admin_system/config_editor')), 'security_and_privacy' => array('security_session_preferences' => cp_url('admin_system/security_session_preferences'), 'cookie_settings' => cp_url('admin_system/cookie_settings'), '----', 'word_censoring' => cp_url('admin_system/word_censoring'), 'tracking_preferences' => cp_url('admin_system/tracking_preferences'), 'captcha_preferences' => cp_url('admin_system/captcha_preferences'), 'throttling_configuration' => cp_url('admin_system/throttling_configuration')), '----', 'software_registration' => cp_url('admin_system/software_registration')); $menu['tools'] = array('tools_communicate' => cp_url('tools_communicate'), '----', 'tools_utilities' => array('translation_tool' => cp_url('tools_utilities/translation_tool'), 'import_utilities' => cp_url('tools_utilities/import_utilities'), 'php_info' => cp_url('tools_utilities/php_info')), 'tools_data' => array('sql_manager' => cp_url('tools_data/sql_manager'), 'clear_caching' => cp_url('tools_data/clear_caching'), 'search_and_replace' => cp_url('tools_data/search_and_replace'), 'recount_stats' => cp_url('tools_data/recount_stats')), 'tools_logs' => array('view_cp_log' => cp_url('tools_logs/view_cp_log'), 'view_throttle_log' => cp_url('tools_logs/view_throttle_log'), 'view_email_log' => cp_url('tools_logs/view_email_log'))); // Only show Search Log menu item if Search Module is installed if (ee()->db->table_exists('search_log')) { $menu['tools']['tools_logs']['view_search_log'] = cp_url('tools_logs/view_search_log'); } // Show Developer Log for Super Admins only if (ee()->session->userdata('group_id') == 1) { $menu['tools']['tools_logs']['view_developer_log'] = cp_url('tools_logs/view_developer_log'); } // Add channels ee()->api->instantiate('channel_structure'); $channels = ee()->api_channel_structure->get_channels(); if ($channels != FALSE and $channels->num_rows() > 0) { $menu['content']['publish'] = array(); $menu['content']['edit'] = array('nav_edit_all' => cp_url('content_edit')); foreach ($channels->result() as $channel) { $menu['content']['publish'][$channel->channel_title] = cp_url('content_publish/entry_form', array('channel_id' => $channel->channel_id)); $menu['content']['edit'][$channel->channel_title] = cp_url('content_edit', array('channel_id' => $channel->channel_id)); } if ($channels->num_rows() === 1) { $menu['content']['publish'] = current($menu['content']['publish']); $menu['content']['edit'] = current($menu['content']['edit']); } } // Add Templates and Themes ee()->load->model('template_model'); // Grab all the groups a user is assigned to $allowed_groups = ee()->session->userdata('assigned_template_groups'); // Grab all of the template groups in their desired order $template_groups = ee()->template_model->get_template_groups(); $template_groups = $template_groups->result_array(); // If there are allowed groups or the user is a Super Admin, go through with it if (count($allowed_groups) or ee()->session->userdata('group_id') == 1) { // In the event $allowed_groups has information in it, build a where clause for them $additional_where = count($allowed_groups) ? array('template_groups.group_id' => array_keys($allowed_groups)) : array(); $templates = ee()->template_model->get_templates(NULL, array('template_groups.group_id'), $additional_where); if ($templates->num_rows() > 0) { $by_group = array(); // Reorganize the results so they're sorted by group name foreach ($templates->result() as $row) { $by_group[$row->group_name][] = $row; } // Using the template groups as a guide for ordering, build the list of templates foreach ($template_groups as $group) { $group_id = $group['group_id']; $group_name = $group['group_name']; if (!isset($by_group[$group_name])) { continue; } $templates = $by_group[$group_name]; foreach ($templates as $row) { $menu['design']['templates']['edit_templates'][$group_name][$row->template_name] = cp_url('design/edit_template', array('id' => $row->template_id)); } // All groups have an index template, so row->group_id will always be set :) $menu['design']['templates']['edit_templates'][$group_name][lang('nav_edit_template_group_more')] = cp_url('design/manager', array('tgpref' => $group_id)); $menu['design']['templates']['edit_templates'][$group_name][] = '----'; $menu['design']['templates']['edit_templates'][$group_name][lang('nav_edit_template_group')] = cp_url('design/manager', array('tgpref' => $group_id)); $menu['design']['templates']['edit_templates'][$group_name][lang('nav_create_template')] = cp_url('design/new_template', array('group_id' => $group_id)); } unset($by_group); $menu['design']['templates']['edit_templates'][] = '----'; } $menu['design']['templates']['edit_templates'][lang('nav_create_group')] = cp_url('design/new_template_group'); } else { unset($menu['design']['edit_templates']); } if (ee()->db->table_exists('forums')) { $menu['design']['themes']['forum_themes'] = cp_url('addons_modules/show_module_cp', array('module' => 'forum', 'method' => 'forum_templates')); } if (ee()->db->table_exists('wikis')) { $menu['design']['themes']['wiki_themes'] = cp_url('addons_modules/show_module_cp', array('module' => 'wiki', 'method' => 'list_themes')); } if (!IS_CORE) { $menu['design']['themes']['member_profile_templates'] = cp_url('design/member_profile_templates'); } $menu = $this->_remove_blocked_menu_items($menu); $menu = $this->_add_overviews($menu); /* ------------------------------------------- /* 'cp_menu_array' hook. /* - Modify menu array /* - Added: 2.1.5 */ if (ee()->extensions->active_hook('cp_menu_array') === TRUE) { $menu = ee()->extensions->call('cp_menu_array', $menu); } /* /* -------------------------------------------*/ // Only get the views once $this->menu_parent = ee()->load->view('_shared/menu/item_parent', '', TRUE); $this->menu_item = ee()->load->view('_shared/menu/item', '', TRUE); $this->menu_divider = ee()->load->view('_shared/menu/item_divider', '', TRUE); // Main menu, custom tabs, help link - in that order $menu_string = $this->_process_menu($menu); $menu_string .= $this->_process_menu($this->_fetch_quick_tabs(), 0, FALSE); $menu_string .= $this->_process_menu(array('help' => $this->generate_help_link()), 0, TRUE, '', 'external'); // Visit Site / MSM Switcher gets an extra class $menu_string .= $this->_process_menu($this->_fetch_site_list(), 0, FALSE, 'msm_sites'); ee()->load->vars('menu_string', $menu_string); return $menu; }
/** * Edit table datasource * * Must remain public so that it can be called from the * table library! * * @access public */ public function _table_datasource($tbl_settings, $defaults) { // Get filter information // ---------------------------------------------------------------- $keywords = (string) $this->input->post('keywords'); $channel_id = (string) $this->input->get_post('channel_id'); if ($channel_id == 'null') { $channel_id = NULL; } if (!$keywords) { $keywords = (string) $this->input->get('keywords'); if ($keywords) { $keywords = base64_decode($keywords); } } if ($keywords) { $keywords = $this->security->xss_clean($keywords); if (substr(strtolower($keywords), 0, 3) == 'ip:') { $keywords = str_replace('_', '.', $keywords); } } // Because of the auto convert we prepare a specific variable with the converted ascii // characters while leaving the $keywords variable intact for display and URL purposes $this->load->helper('text'); $search_keywords = $this->config->item('auto_convert_high_ascii') == 'y' ? ascii_to_entities($keywords) : $keywords; $perpage = $this->input->get_post('perpage'); $perpage = $perpage ? $perpage : $defaults['perpage']; $rownum = $tbl_settings['offset']; // We want the filter to work based on both get and post $filter_data = array('channel_id' => $channel_id, 'keywords' => $keywords, 'cat_id' => $this->input->get_post('cat_id'), 'status' => $this->input->get_post('status'), 'order' => $this->input->get_post('order'), 'date_range' => $this->input->get_post('date_range'), 'author_id' => $this->input->get_post('author_id'), 'exact_match' => $this->input->get_post('exact_match'), 'cat_id' => $this->input->get_post('cat_id') != 'all' ? $this->input->get_post('cat_id') : '', 'search_in' => $this->input->get_post('search_in') ? $this->input->get_post('search_in') : 'title', 'rownum' => $rownum, 'perpage' => $perpage, 'search_keywords' => $search_keywords); $channels = $defaults['channels']; $order = $tbl_settings['sort']; $columns = $tbl_settings['columns']; // ------------------------------------------- // 'edit_entries_additional_where' hook. // - Add additional where, where_in, where_not_in // $_hook_wheres = $this->extensions->call('edit_entries_additional_where', $filter_data); if ($this->extensions->end_script === TRUE) { return; } // // ------------------------------------------- $filter_data['_hook_wheres'] = is_array($_hook_wheres) ? $_hook_wheres : array(); $this->load->model('search_model'); $filter_result = $this->search_model->get_filtered_entries($filter_data, $order); $rows = $filter_result['results']; $total = $filter_result['total_count']; unset($filter_result); $filter_url = $this->_create_return_filter($filter_data); // Gather up ids for a single quick query down the line $entry_ids = array(); foreach ($rows as $row) { $entry_ids[] = $row['entry_id']; } // Load the site's templates // ---------------------------------------------------------------- $templates = array(); $tquery = $this->db->query("SELECT exp_template_groups.group_name, exp_templates.template_name, exp_templates.template_id\n\t\t\t\t\t\t\tFROM exp_template_groups, exp_templates\n\t\t\t\t\t\t\tWHERE exp_template_groups.group_id = exp_templates.group_id\n\t\t\t\t\t\t\tAND exp_templates.site_id = '" . $this->db->escape_str($this->config->item('site_id')) . "'"); foreach ($tquery->result_array() as $row) { $templates[$row['template_id']] = $row['group_name'] . '/' . $row['template_name']; } // Comment count // ---------------------------------------------------------------- $show_link = TRUE; $comment_counts = array(); if (count($entry_ids) and $this->db->table_exists('comments')) { $comment_qry = $this->db->select('entry_id, COUNT(*) as count')->where_in('entry_id', $entry_ids)->group_by('entry_id')->get('comments'); foreach ($comment_qry->result() as $row) { $comment_counts[$row->entry_id] = $row->count; } } // Autosave - Grab all autosaved entries // ---------------------------------------------------------------- $this->prune_autosave(); $this->db->select('entry_id, original_entry_id, channel_id, title, author_id, status, entry_date, comment_total'); $autosave = $this->db->get('channel_entries_autosave'); $autosave_array = array(); $autosave_show = FALSE; if ($autosave->num_rows()) { $this->load->helper('snippets'); $autosave_show = TRUE; } foreach ($autosave->result() as $entry) { if ($entry->original_entry_id) { $autosave_array[] = $entry->original_entry_id; } } // Status Highlight Colors // ---------------------------------------------------------------- $status_color_q = $this->db->from('channels AS c, statuses AS s, status_groups AS sg')->select('c.channel_id, c.channel_name, s.status, s.highlight')->where('sg.group_id = c.status_group', NULL, FALSE)->where('sg.group_id = s.group_id', NULL, FALSE)->where('sg.site_id', $this->config->item('site_id'))->where('s.highlight !=', '')->where_in('c.channel_id', array_keys($channels))->get(); $c_array = array(); foreach ($status_color_q->result_array() as $rez) { $c_array[$rez['channel_id'] . '_' . $rez['status']] = str_replace('#', '', $rez['highlight']); } $colors = array(); // Fetch Color Library if (file_exists(APPPATH . 'config/colors.php')) { include APPPATH . 'config/colors.php'; } // Generate row data // ---------------------------------------------------------------- foreach ($rows as &$row) { $url = $this->publish_base_uri . AMP . "M=entry_form" . AMP . "channel_id={$row['channel_id']}" . AMP . "entry_id={$row['entry_id']}" . AMP . $filter_url; $row['title'] = anchor(BASE . AMP . $url, $row['title']); $row['view'] = '---'; $row['channel_name'] = $channels[$row['channel_id']]->channel_title; $row['entry_date'] = $this->localize->human_time($row['entry_date']); $row['_check'] = form_checkbox('toggle[]', $row['entry_id'], '', ' class="toggle" id="delete_box_' . $row['entry_id'] . '"'); // autosave indicator if (in_array($row['entry_id'], $autosave_array)) { $row['title'] .= NBS . required(); } // screen name email link if (!$row['screen_name']) { $row['screen_name'] = $row['username']; } $row['screen_name'] = anchor(cp_url('myaccount', array('id' => $row['author_id'])), $row['screen_name']); // live look template $llt = $row['live_look_template']; if ($llt && isset($templates[$llt])) { $url = $this->functions->create_url($templates[$row['live_look_template']] . '/' . $row['entry_id']); $row['view'] = anchor($this->cp->masked_url($url), lang('view')); } // Status $color_info = ''; $color_key = $row['channel_id'] . '_' . $row['status']; $status_name = ($row['status'] == 'open' or $row['status'] == 'closed') ? lang($row['status']) : $row['status']; if (isset($c_array[$color_key]) and $c_array[$color_key] != '') { $color = strtolower($c_array[$color_key]); $prefix = isset($colors[$color]) ? '' : '#'; // There are custom colours, override the class above $color_info = 'style="color:' . $prefix . $color . ';"'; } $row['status'] = '<span class="status_' . $row['status'] . '"' . $color_info . '>' . $status_name . '</span>'; // comment_total link if (isset($this->installed_modules['comment'])) { $all_or_own = 'all'; if ($row['author_id'] == $this->session->userdata('member_id')) { $all_or_own = 'own'; } // do not move these to the new allowed_group style - they are ANDs not ORs if (!$this->cp->allowed_group('can_edit_' . $all_or_own . '_comments') and !$this->cp->allowed_group('can_delete_' . $all_or_own . '_comments') and !$this->cp->allowed_group('can_moderate_comments')) { $row['comment_total'] = '<div class="lightLinks">--</div>'; } else { $comment_count = isset($comment_counts[$row['entry_id']]) ? $comment_counts[$row['entry_id']] : 0; $view_url = BASE . AMP . 'C=addons_modules' . AMP . 'M=show_module_cp' . AMP . 'module=comment' . AMP . 'method=index' . AMP . 'entry_id=' . $row['entry_id']; $row['comment_total'] = '<div class="lightLinks">(' . $comment_count . ')' . NBS . anchor($view_url, lang('view')) . '</div>'; } } $row = array_intersect_key($row, $columns); } // comes out with an added: // table_html // pagination_html return array('rows' => $rows, 'no_results' => lang('no_entries_matching_that_criteria'), 'pagination' => array('per_page' => $filter_data['perpage'], 'total_rows' => $total), 'filter_data' => $filter_data, 'autosave_show' => $autosave_show, 'autosave_array' => $autosave_array); }
/** * Site Switching Logic * * @param int $site_id ID of site to switch to * @param string $redirect Optional URL to redirect to after site * switching is successful * @return void */ public function switch_site($site_id, $redirect = '') { if (ee()->session->userdata('group_id') != 1) { ee()->db->select('can_access_cp'); ee()->db->where('site_id', $site_id); ee()->db->where('group_id', ee()->session->userdata['group_id']); $query = ee()->db->get('member_groups'); if ($query->num_rows() == 0 or $query->row('can_access_cp') !== 'y') { show_error(lang('unauthorized_access')); } } if (empty($redirect)) { $redirect = cp_url('homepage'); } // We set the cookie before switching prefs to ensure it uses current settings ee()->input->set_cookie('cp_last_site_id', $site_id, 0); ee()->config->site_prefs('', $site_id); ee()->functions->redirect($redirect); }
/** * Return an MCP URL * * @access protected * @param string * @return string */ protected function mcp_url($method = NULL, $extra = NULL) { $url = function_exists('cp_url') ? cp_url('addons_modules/show_module_cp', array('module' => $this->package)) : BASE . AMP . 'C=addons_modules&M=show_module_cp&module=' . $this->package; if ($method) { $url .= AMP . 'method=' . $method; } if ($extra) { $url .= AMP . $extra; } return $url; }
/** * Bookmarklet Form */ function bookmarklet() { // Is the user authorized to access the publish page? And does the user // have at least one channel assigned? If not, show the no access message if (!$this->cp->allowed_group('can_access_publish')) { show_error(lang('unauthorized_access')); } if (count($this->functions->fetch_assigned_channels()) == 0) { show_error(lang('no_channels_assigned_to_user')); } if (count($this->session->userdata['assigned_channels']) == 0) { show_error(lang('no_channels_assigned_to_user')); } $this->load->library('table'); $this->load->model('channel_model'); $vars['cp_page_title'] = lang('bookmarklet'); $vars = array_merge($this->_account_menu_setup(), $vars); $vars['form_hidden']['id'] = $this->id; $vars['step'] = 1; // start at step 1 if ($this->input->post('channel_id') != '') { $vars['step'] = 2; // start at step 1 $bm_name = strip_tags($_POST['bm_name']); $bm_name = preg_replace("/[\\'\"\\?\\/\\.\\,\\|\$\\#\\+]/", "", $bm_name); $bm_name = preg_replace("/\\s+/", "_", $bm_name); $bm_name = stripslashes($bm_name); $query = $this->channel_model->get_channel_info($this->input->post('channel_id'), array('field_group')); if ($query->num_rows() == 0) { show_error(lang('no_fields_assigned_to_channel')); } $query = $this->channel_model->get_channel_fields($query->row('field_group')); if ($query->num_rows() == 0) { show_error(lang('no_channels_assigned_to_user')); } // setup the fields foreach ($query->result() as $row) { $vars['field_id_options'][$row->field_id] = $row->field_label; } $vars['form_hidden']['bm_name'] = $bm_name; $vars['form_hidden']['channel_id'] = $this->input->post('channel_id'); } if ($this->input->post('field_id') != '') { $vars['step'] = 3; $vars['bm_name'] = $this->input->post('bm_name'); $channel_id = $this->input->post('channel_id'); $field_id = 'field_id_' . $this->input->post('field_id'); $path = cp_url('content_publish/entry_form', array('Z' => 1, 'BK' => 1, 'channel_id' => $channel_id)); $type = isset($_POST['safari']) ? "window.getSelection()" : "document.selection?document.selection.createRange().text:document.getSelection()"; $vars['bm_link'] = "javascript:bm={$type};void(bmentry=window.open('" . $path . "title='+encodeURI(document.title)+'&tb_url='+encodeURI(window.location.href)+'&" . $field_id . "='+encodeURI(bm),'bmentry',''))"; } $this->cp->render('account/bookmarklet', $vars); }
private function _parcel_action($method) { if ($method == 'add') { $method = 'create'; } $method .= '_parcel'; $this->EE->load->library('postmaster_lib'); //var_dump($_POST['setting']['SendGridConditional']['field_map']);exit(); $parcel = array('channel_id' => $this->post('channel_id'), 'title' => $this->post('title'), 'to_name' => $this->post('to_name'), 'to_email' => $this->post('to_email'), 'from_name' => $this->post('from_name'), 'from_email' => $this->post('from_email'), 'reply_to' => $this->post('reply_to'), 'cc' => $this->post('cc'), 'bcc' => $this->post('bcc'), 'categories' => $this->post('category') ? implode('|', $this->post('category')) : NULL, 'member_groups' => $this->post('member_group') ? implode('|', $this->post('member_group')) : NULL, 'statuses' => $this->post('statuses') ? implode('|', $this->post('statuses')) : NULL, 'subject' => $this->post('subject'), 'message' => $this->post('message'), 'html_message' => $this->post('message', TRUE), 'plain_message' => $this->plain_text($this->post('message', TRUE)), 'trigger' => is_array($this->post('trigger')) ? implode('|', $this->post('trigger')) : $this->post('trigger'), 'post_date_specific' => $this->post('post_date_specific'), 'post_date_relative' => $this->post('post_date_relative'), 'send_every' => $this->post('send_every'), 'service' => $this->post('service'), 'extra_conditionals' => $this->post('extra_conditionals'), 'enabled' => $this->post('enabled') == '1' ? 1 : 0, 'settings' => json_encode($this->post('setting')), 'match_explicitly' => $this->post('match_explicitly') == 'true' ? true : false, 'send_once' => (int) $this->post('send_once')); $this->EE->postmaster_model->{$method}($parcel, $this->post('id')); if (version_compare(APP_VER, '2.9.0', '>=')) { return $this->EE->functions->redirect(str_replace('&', '&', cp_url('addons_modules/show_module_cp', array('module' => 'postmaster', 'method' => 'index')))); } else { return $this->EE->functions->redirect($this->post('return')); } }
function member_link($member_id) { // if they are anonymous, they don't have a member link if (strpos($member_id, 'anon') !== FALSE) { return FALSE; } if ($this->EE->config->item('app_version') >= 280) { $url = cp_url('myaccount', array('id' => $member_id)); } else { $url = BASE . AMP . 'D=cp' . AMP . 'C=myaccount' . AMP . 'id=' . $member_id; } return $url; }
?> <li class="group"><a href="<?php echo cp_url('admin_content/channel_add'); ?> "><?php echo lang('channel'); ?> </a></li> <?php } ?> <?php if ($this->config->item('multiple_sites_enabled') == 'y' && $this->cp->allowed_group('can_admin_sites')) { ?> <li class="site"><a href="<?php echo cp_url('sites/manage_sites'); ?> "><?php echo lang('site'); ?> </a></li> <?php } ?> </ul> </div> <?php } if ($can_access_modify == TRUE) { ?>
/** * Sync data from files * * Update database to match current template files * * @access public * @return void */ function sync_run() { if (!$this->cp->allowed_group('can_access_design')) { show_error(lang('unauthorized_access')); } $message = ''; if ($this->config->item('save_tmpl_files') != 'y' or $this->config->item('tmpl_file_basepath') == '') { $this->functions->redirect(cp_url('design/sync_templates')); } if (!$this->cp->allowed_group('can_admin_templates')) { show_error(lang('unauthorized_access')); } if (!($confirmed = $this->input->get_post('confirm')) or $confirmed != 'confirm') { $this->functions->redirect(cp_url('design/sync_templates')); } if (!$this->input->post('toggle') or !is_array($this->input->post('toggle'))) { $this->functions->redirect(cp_url('design/sync_templates')); } $damned = array(); $create_files = array(); foreach ($_POST['toggle'] as $key => $val) { if (strncmp($val, 'cf-', 3) == 0) { $create_files[] = substr($val, 3); $damned[] = substr($val, 3); } else { $damned[] = $val; } } $save_result = FALSE; // If we need to create files, we do it now. if (count($create_files) > 0) { $this->db->select(array('group_name', 'template_name', 'template_type', 'template_id', 'edit_date', 'template_data')); $this->db->join('template_groups', 'template_groups.group_id = templates.group_id'); $this->db->where('templates.site_id', $this->config->item('site_id')); $this->db->where('save_template_file', 'y'); $this->db->where_in('template_id', $create_files); $this->db->order_by('group_name, template_name', 'ASC'); $query = $this->db->get('templates'); if ($query->num_rows() > 0) { foreach ($query->result() as $row) { $tdata = array('site_short_name' => $this->config->item('site_short_name'), 'template_id' => $row->template_id, 'template_group' => $row->group_name, 'template_name' => $row->template_name, 'template_type' => $row->template_type, 'template_data' => $row->template_data, 'edit_date' => $this->localize->now, 'last_author_id' => $this->session->userdata['member_id']); $save_result = $this->update_template_file($tdata); if ($save_result == FALSE) { show_error(lang('template_not_saved')); } } } // Annoying. This would cut down on overhead and eliminate need to include these in the following processing. // UPDATE exp_templates SET edit_date = $this->localize->now WHERE template_id IN ($create_files) } $this->load->library('api'); $this->api->instantiate('template_structure'); $this->load->helper('file'); $this->db->select(array('group_name', 'templates.group_id', 'template_name', 'template_type', 'template_id', 'edit_date')); $this->db->join('template_groups', 'template_groups.group_id = templates.group_id'); $this->db->where('templates.site_id', $this->config->item('site_id')); $this->db->where('save_template_file', 'y'); $this->db->where_in('template_id', $damned); $this->db->order_by('group_name, template_name', 'ASC'); $query = $this->db->get('templates'); $existing = array(); if ($query->num_rows() > 0) { foreach ($query->result() as $row) { // Skip groups they do not have access to if (!$this->_template_access_privs(array('group_id' => $row->group_id))) { continue; } $existing[$row->group_name . '.group'][$row->template_name . $this->api_template_structure->file_extensions($row->template_type)] = array($row->group_id, $row->template_id, $row->edit_date, $row->template_name, $row->template_type); } } $query->free_result(); $basepath = $this->config->slash_item('tmpl_file_basepath'); $basepath .= '/' . $this->config->item('site_short_name'); $this->load->helper('directory'); $files = directory_map($basepath, 0, 1); $save_revisions = $this->config->item('save_tmpl_revisions'); $maxrev = $this->config->item('max_tmpl_revisions'); if ($files !== FALSE) { foreach ($files as $group => $templates) { if (substr($group, -6) != '.group') { continue; } $group_name = substr($group, 0, -6); // remove .group // update existing templates foreach ($templates as $template) { if (is_array($template)) { continue; } if (isset($existing[$group][$template])) { $edit_date = $existing[$group][$template]['2']; $file_date = get_file_info($basepath . '/' . $group . '/' . $template); if ($file_date !== FALSE && $file_date['date'] < $edit_date) { continue; } $contents = file_get_contents($basepath . '/' . $group . '/' . $template); if ($contents !== FALSE) { $data = array('group_id' => $existing[$group][$template]['0'], 'template_name' => $existing[$group][$template]['3'], 'template_type' => $existing[$group][$template]['4'], 'template_data' => $contents, 'edit_date' => $this->localize->now, 'save_template_file' => 'y', 'last_author_id' => $this->session->userdata['member_id'], 'site_id' => $this->config->item('site_id')); $this->db->where('template_id', $existing[$group][$template]['1']); $this->db->update('templates', $data); // Revision tracking if ($save_revisions == 'y') { $data = array('item_id' => $existing[$group][$template]['1'], 'item_table' => 'exp_templates', 'item_field' => 'template_data', 'item_data' => $contents, 'item_date' => $this->localize->now, 'item_author_id' => $this->session->userdata['member_id']); $this->db->insert('revision_tracker', $data); // Cull revisions if ($maxrev != '' and is_numeric($maxrev) and $maxrev > 0) { $this->db->select('tracker_id'); $this->db->where('item_id', $existing[$group][$template]['1']); $this->db->where('item_table', 'exp_templates'); $this->db->where('item_field', 'template_data'); $this->db->order_by("tracker_id", "desc"); $res = $this->db->get('revision_tracker'); if ($res->num_rows() > 0 and $res->num_rows() > $maxrev) { $flag = ''; $ct = 1; foreach ($res->result_array() as $row) { if ($ct >= $maxrev) { $flag = $row['tracker_id']; break; } $ct++; } if ($flag != '') { $this->db->where('tracker_id <', $flag); $this->db->where('item_id', $existing[$group][$template]['1']); $this->db->where('item_table', 'exp_templates'); $this->db->where('item_field', 'template_data'); $this->db->delete('revision_tracker'); } } } } } unset($existing[$group][$template]); } } } } $this->functions->clear_caching('all'); $message = lang('sync_completed'); $this->session->set_flashdata('message_success', $message); $this->functions->redirect(cp_url('design/sync_templates')); }
extend_template('default'); ?> <div class="formArea"> <?php echo form_open('C=design' . AMP . 'M=update_template_routes'); ?> <input type="hidden" name="route_order" id="route_order" /> <div id="url_manager"> <p><?php echo lang('template_route_notice'); ?> </p> <?php $table = array(); foreach ($templates->result() as $template) { $url = cp_url('design/edit_template', array('id' => $template->template_id)); $name = '<a id="templateId_' . $template->template_id . '" href="' . $url . '">' . $template->template_name . '</a>'; $class = in_array($template->template_id, $error_ids) ? "class='route_error'" : NULL; $value = !empty($input['route_' . $template->template_id]) ? $input['route_' . $template->template_id] : $template->route; $route = "<input {$class} name='route_{$template->template_id}' type='text' value='" . htmlspecialchars($value, ENT_QUOTES) . "' />"; if (!empty($errors[$template->template_id])) { $message = "<p class='notice'>{$errors[$template->template_id]}</p>"; $route = $message . $route; } $required = form_dropdown('required_' . $template->template_id, $options, $template->route_required); $table[] = array(' ', $template->group_name, $name, $route, $required); } $this->table->set_template(array('table_open' => '<table class="mainTable" border="0" cellspacing="0" cellpadding="0">')); $this->table->set_heading(array(' ', lang('route_manager_group'), lang('route_manager_template'), lang('route_manager_route'), lang('route_manager_required'))); echo $this->table->generate($table); ?>
/** * Sets base url for views * * @access protected * @return void */ protected function set_base_url() { $this->base_url = $this->data['base_url'] = function_exists('cp_url') ? cp_url('addons_modules/show_module_cp', array('module' => $this->package)) : BASE . AMP . 'C=addons_modules&M=show_module_cp&module=' . $this->package; $this->ext_url = $this->data['ext_url'] = function_exists('cp_url') ? cp_url('addons_extensions/extension_settings', array('file' => $this->package)) : BASE . AMP . 'C=addons_extensions&M=extension_settings&file=' . $this->package; }
function update_custom_category_fields() { $this->_restrict_prefs_access(); // Are we editing or creating? $edit = (($field_id = $this->input->get_post('field_id')) !== FALSE and is_numeric($field_id)) ? TRUE : FALSE; $group_id = $this->input->get_post('group_id'); if ($group_id == '' or !is_numeric($group_id)) { show_error(lang('unauthorized_access')); } unset($_POST['custom_field_edit']); // submit button // Check for required fields $error = array(); if ($_POST['field_name'] == '') { $error[] = lang('no_field_name'); } else { // Is the field one of the reserved words? if (in_array($_POST['field_name'], $this->cp->invalid_custom_field_names())) { $error[] = lang('reserved_word'); } $field_name = $_POST['field_name']; } if ($_POST['field_label'] == '') { $error[] = lang('no_field_label'); } // Does field name contain invalid characters? if (preg_match('/[^a-z0-9\\_\\-]/i', $_POST['field_name'])) { $error[] = lang('invalid_characters'); } if ($_POST['field_label'] != ee()->security->xss_clean($_POST['field_label'])) { ee()->lang->loadfile('admin'); $error[] = sprintf(lang('invalid_xss_check'), cp_url('homepage')); } // Field name must be unique for across category groups if ($edit == FALSE) { $query = $this->db->query("SELECT COUNT(*) AS count FROM exp_category_fields WHERE site_id = '" . $this->db->escape_str($this->config->item('site_id')) . "' AND field_name = '" . $this->db->escape_str($_POST['field_name']) . "'"); if ($query->row('count') > 0) { $error[] = lang('duplicate_field_name'); } } // Are there errors to display? if (count($error) > 0) { $str = ''; foreach ($error as $msg) { $str .= $msg . BR; } show_error($str); } if ($_POST['field_list_items'] != '') { $_POST['field_list_items'] = quotes_to_entities($_POST['field_list_items']); } if (!in_array($_POST['field_type'], array('text', 'textarea', 'select'))) { $_POST['field_text_direction'] = 'ltr'; } // Construct the query based on whether we are updating or inserting if ($edit === TRUE) { // validate field id $query = $this->db->query("SELECT field_id FROM exp_category_fields WHERE group_id = '" . $this->db->escape_str($group_id) . "' AND field_id = '" . $this->db->escape_str($field_id) . "'"); if ($query->num_rows() == 0) { return FALSE; } // Update the formatting for all existing entries if (isset($_POST['update_formatting'])) { $this->db->query("UPDATE exp_category_field_data SET field_ft_{$field_id} = '" . $this->db->escape_str($_POST['field_default_fmt']) . "'"); } unset($_POST['group_id']); unset($_POST['update_formatting']); $this->db->query($this->db->update_string('exp_category_fields', $_POST, "field_id='" . $field_id . "'")); $cp_message = lang('cat_field_edited'); } else { unset($_POST['update_formatting']); if ($_POST['field_order'] == 0 or $_POST['field_order'] == '') { $query = $this->db->query("SELECT COUNT(*) AS count FROM exp_category_fields WHERE group_id = '" . $this->db->escape_str($group_id) . "'"); $_POST['field_order'] = $query->num_rows() + 1; } $_POST['site_id'] = $this->config->item('site_id'); $this->db->insert('category_fields', $_POST); $insert_id = $this->db->insert_id(); $this->db->query("ALTER TABLE exp_category_field_data ADD COLUMN field_id_{$insert_id} text NULL"); $this->db->query("ALTER TABLE exp_category_field_data ADD COLUMN field_ft_{$insert_id} varchar(40) NULL default 'none'"); $this->db->query("UPDATE exp_category_field_data SET field_ft_{$insert_id} = '" . $this->db->escape_str($_POST['field_default_fmt']) . "'"); $cp_message = lang('cat_field_created'); } $this->functions->clear_caching('all', ''); $this->session->set_flashdata('message_success', $cp_message . ' ' . $field_name); $this->functions->redirect(BASE . AMP . 'C=admin_content' . AMP . 'M=category_custom_field_group_manager' . AMP . 'group_id=' . $group_id); }