示例#1
0
function file_download_list($atts)
{
    global $thisfile;
    extract(lAtts(array('break' => br, 'category' => '', 'class' => __FUNCTION__, 'form' => 'files', 'label' => '', 'labeltag' => '', 'limit' => '10', 'offset' => '0', 'sort' => 'filename asc', 'wraptag' => '', 'status' => '4'), $atts));
    if (!is_numeric($status)) {
        $status = getStatusNum($status);
    }
    $where = array('1=1');
    if ($category) {
        $where[] = "category IN ('" . join("','", doSlash(do_list($category))) . "')";
    }
    if ($status) {
        $where[] = "status = '" . doSlash($status) . "'";
    }
    $qparts = array('order by ' . doSlash($sort), $limit ? 'limit ' . intval($offset) . ', ' . intval($limit) : '');
    $rs = safe_rows_start('*, unix_timestamp(created) as created, unix_timestamp(modified) as modified', 'txp_file', join(' and ', $where) . ' ' . join(' ', $qparts));
    if ($rs) {
        $out = array();
        while ($thisfile = nextRow($rs)) {
            $out[] = parse_form($form);
            $thisfile = '';
        }
        if ($out) {
            if ($wraptag == 'ul' or $wraptag == 'ol') {
                return doLabel($label, $labeltag) . doWrap($out, $wraptag, $break, $class);
            }
            return $wraptag ? tag(join($break, $out), $wraptag) : join(n, $out);
        }
    }
    return '';
}
示例#2
0
 /**
  * Constructor.
  *
  * Creates core Textfilters according to a preference and registers all
  * available filters with the core.
  *
  * This method triggers 'textfilter.register' callback
  * event.
  */
 public function __construct()
 {
     if ($filters = get_pref('admin_textfilter_classes')) {
         foreach (do_list($filters) as $filter) {
             new $filter();
         }
     } else {
         new Plain();
         new Nl2Br();
         new Textile();
     }
     $this->filters = array();
     callback_event('textfilter', 'register', 0, $this);
 }
示例#3
0
/**
 * Writes a record to the visitor log using the current visitor's information.
 *
 * This function is used by log_hit(). See it before trying to use this one.
 *
 * The hit is ignore if $r is set to 'refer' and the HTTP REFERER header is empty.
 *
 * @param  string   $r      Type of record to write, e.g. refer
 * @param  int      $status HTTP status code
 * @access private
 * @see    log_hit()
 */
function logit($r = '', $status = 200)
{
    global $prefs, $pretext;
    if (!isset($pretext['request_uri'])) {
        return;
    }
    $host = $ip = (string) remote_addr();
    $protocol = false;
    $referer = serverSet('HTTP_REFERER');
    if ($referer) {
        foreach (do_list(LOG_REFERER_PROTOCOLS) as $option) {
            if (strpos($referer, $option . '://') === 0) {
                $protocol = $option;
                $referer = substr($referer, strlen($protocol) + 3);
                break;
            }
        }
        if (!$protocol || $protocol === 'https' && PROTOCOL !== 'https://') {
            $referer = '';
        } elseif (preg_match('/^[^\\.]*\\.?' . preg_quote(preg_replace('/^www\\./', '', SITE_HOST), '/') . '/i', $referer)) {
            $referer = '';
        } else {
            $referer = $protocol . '://' . clean_url($referer);
        }
    }
    if ($r == 'refer' && !$referer) {
        return;
    }
    if (!empty($prefs['use_dns'])) {
        // A crude rDNS cache.
        if (($h = safe_field('host', 'txp_log', "ip='" . doSlash($ip) . "' limit 1")) !== false) {
            $host = $h;
        } else {
            // Double-check the rDNS.
            $host = @gethostbyaddr($ip);
            if ($host !== $ip && @gethostbyname($host) !== $ip) {
                $host = $ip;
            }
        }
    }
    insert_logit(array('uri' => $pretext['request_uri'], 'ip' => $ip, 'host' => $host, 'status' => $status, 'method' => serverSet('REQUEST_METHOD'), 'ref' => $referer));
}
示例#4
0
 /**
  * Generates a list of authors.
  *
  * @param  array  $atts
  * @param  string $thing
  * @return string
  */
 public static function renderAuthors($atts, $thing = null)
 {
     global $thisauthor, $txp_groups;
     extract(lAtts(array('break' => '', 'class' => '', 'form' => '', 'group' => '', 'label' => '', 'labeltag' => '', 'limit' => '', 'name' => '', 'offset' => '', 'sort' => 'name ASC', 'wraptag' => ''), $atts));
     $sql = array('1 = 1');
     $sql_limit = '';
     $sql_sort = " ORDER BY " . doSlash($sort);
     if ($name) {
         $sql[] = "name IN (" . join(', ', quote_list(do_list($name))) . ")";
     }
     if ($group !== '') {
         $privs = do_list($group);
         $groups = array_flip($txp_groups);
         foreach ($privs as &$priv) {
             if (isset($groups[$priv])) {
                 $priv = $groups[$priv];
             }
         }
         $sql[] = 'convert(privs, char) in (' . join(', ', quote_list($privs)) . ')';
     }
     if ($limit !== '' || $offset) {
         $sql_limit = " LIMIT " . intval($offset) . ", " . ($limit === '' ? PHP_INT_MAX : intval($limit));
     }
     $rs = safe_rows_start("user_id as id, name, RealName as realname, email, privs, last_access", 'txp_users', join(" AND ", $sql) . " {$sql_sort} {$sql_limit}");
     if ($rs && numRows($rs)) {
         $out = array();
         if ($thing === null && $form !== '') {
             $thing = fetch_form($form);
         }
         while ($a = nextRow($rs)) {
             $oldauthor = $thisauthor;
             $thisauthor = $a;
             $out[] = parse($thing);
             $thisauthor = $oldauthor;
         }
         unset($thisauthor);
         return doLabel($label, $labeltag) . doWrap($out, $wraptag, $break, $class);
     }
     return '';
 }
示例#5
0
/**
 * Find an adjacent article relative to a provided threshold level
 *
 * @param scalar $threshold The value to compare against
 * @param string $s string Optional section restriction
 * @param string $type string Find lesser or greater neighbour? Possible values: '<' (previous, default) or '>' (next)
 * @param array $atts Attribute of article at threshold
 * @param string $threshold_type 'cooked': Use $threshold as SQL clause; 'raw': Use $threshold as an escapable scalar
 * @return array|string An array populated with article data, or the empty string in case of no matches
 */
function getNeighbour($threshold, $s, $type, $atts = array(), $threshold_type = 'raw')
{
    global $prefs;
    static $cache = array();
    $key = md5($threshold . $s . $type . join(n, $atts));
    if (isset($cache[$key])) {
        return $cache[$key];
    }
    extract($atts);
    $expired = $expired && $prefs['publish_expired_articles'];
    $customFields = getCustomFields();
    //Building query parts
    // lifted from publish.php. This is somewhat embarrassing, isn't it?
    $ids = array_map('intval', do_list($id));
    $id = !$id ? '' : " and ID IN (" . join(',', $ids) . ")";
    switch ($time) {
        case 'any':
            $time = "";
            break;
        case 'future':
            $time = " and Posted > now()";
            break;
        default:
            $time = " and Posted <= now()";
    }
    if (!$expired) {
        $time .= " and (now() <= Expires or Expires = " . NULLDATETIME . ")";
    }
    $custom = '';
    if ($customFields) {
        foreach ($customFields as $cField) {
            if (isset($atts[$cField])) {
                $customPairs[$cField] = $atts[$cField];
            }
        }
        if (!empty($customPairs)) {
            $custom = buildCustomSql($customFields, $customPairs);
        }
    }
    if ($keywords) {
        $keys = doSlash(do_list($keywords));
        foreach ($keys as $key) {
            $keyparts[] = "FIND_IN_SET('" . $key . "',Keywords)";
        }
        $keywords = " and (" . join(' or ', $keyparts) . ")";
    }
    // invert $type for ascending sortdir
    $types = array('>' => array('desc' => '>', 'asc' => '<'), '<' => array('desc' => '<', 'asc' => '>'));
    $type = $type == '>' ? $types['>'][$sortdir] : $types['<'][$sortdir];
    // escape threshold and treat it as a string unless explicitly told otherwise
    if ($threshold_type != 'cooked') {
        $threshold = "'" . doSlash($threshold) . "'";
    }
    $safe_name = safe_pfx('textpattern');
    $q = array("select ID, Title, url_title, unix_timestamp(Posted) as uposted\n\t\t\tfrom " . $safe_name . " where {$sortby} {$type} " . $threshold, $s != '' && $s != 'default' ? "and Section = '" . doSlash($s) . "'" : filterFrontPage(), $id, $time, $custom, $keywords, 'and Status=4', 'order by ' . $sortby, $type == '<' ? 'desc' : 'asc', 'limit 1');
    $cache[$key] = getRow(join(n . ' ', $q));
    return is_array($cache[$key]) ? $cache[$key] : '';
}
 function sed_lib_home_or_section($atts, $thing)
 {
     extract(lAtts(array('sectlist' => ''), $atts, 0));
     global $pretext;
     $do_thing = $pretext['s'] == "default" && empty($pretext['c']) && empty($pretext['q']) && empty($pretext['pg']);
     if (!$do_thing && !empty($sectlist)) {
         $sectlist = do_list($sectlist);
         $do_thing = in_array($pretext['s'], $sectlist);
     }
     return parse(EvalElse($thing, $do_thing));
 }
示例#7
0
function link_list($message = '')
{
    global $step, $link_list_pageby;
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    $dir = $dir == 'desc' ? 'desc' : 'asc';
    switch ($sort) {
        case 'id':
            $sort_sql = 'id ' . $dir;
            break;
        case 'description':
            $sort_sql = 'description ' . $dir . ', id asc';
            break;
        case 'category':
            $sort_sql = 'category ' . $dir . ', id asc';
            break;
        case 'date':
            $sort_sql = 'date ' . $dir . ', id asc';
            break;
        default:
            $sort = 'name';
            $sort_sql = 'linksort ' . $dir . ', id asc';
            break;
    }
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $criteria = 1;
    if ($search_method and $crit) {
        $crit_escaped = doSlash($crit);
        $critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'");
        if (array_key_exists($search_method, $critsql)) {
            $criteria = $critsql[$search_method];
        } else {
            $search_method = '';
            $crit = '';
        }
    } else {
        $search_method = '';
        $crit = '';
    }
    $total = getCount('txp_link', $criteria);
    if ($total < 1) {
        if ($criteria != 1) {
            echo n . link_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"');
        } else {
            echo n . graf(gTxt('no_links_recorded'), ' class="indicator"');
        }
        return;
    }
    $limit = max($link_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo link_search_form($crit, $search_method);
    $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_link', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
    if ($rs) {
        echo n . n . '<form action="index.php" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list') . n . tr(column_head('ID', 'id', 'link', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . hCell() . column_head('link_name', 'name', 'link', true, $switch_dir, $crit, $search_method, 'name' == $sort ? $dir : '') . column_head('description', 'description', 'link', true, $switch_dir, $crit, $search_method, 'description' == $sort ? $dir : '') . column_head('link_category', 'category', 'link', true, $switch_dir, $crit, $search_method, 'category' == $sort ? $dir : '') . column_head('date', 'date', 'link', true, $switch_dir, $crit, $search_method, 'date' == $sort ? $dir : '') . hCell());
        while ($a = nextRow($rs)) {
            extract($a);
            $edit_url = '?event=link' . a . 'step=link_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
            echo tr(n . td($id, 20) . td(n . '<ul>' . n . t . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . n . t . '<li>' . href(gTxt('view'), $url) . '</li>' . n . '</ul>', 35) . td(href(htmlspecialchars($linkname), $edit_url), 125) . td(htmlspecialchars($description), 150) . td('<span title="' . htmlspecialchars(fetch_category_title($category, 'link')) . '">' . $category . '</span>', 125) . td(gTime($uDate), 75) . td(fInput('checkbox', 'selected[]', $id)));
        }
        echo n . n . tr(tda(select_buttons() . link_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="7" style="text-align: right; border: none;"')) . endTable() . '</form>' . n . nav_form('link', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . pageby_form('link', $link_list_pageby);
    }
}
示例#8
0
function file_list($message = '')
{
    global $txpcfg, $extensions, $file_base_path, $file_statuses, $file_list_pageby;
    pagetop(gTxt('file'), $message);
    extract($txpcfg);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if (!is_dir($file_base_path) or !is_writeable($file_base_path)) {
        echo graf(gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), ' id="warning"');
    } else {
        $existing_files = get_filenames();
        if (count($existing_files) > 0) {
            echo form(eInput('file') . sInput('file_create') . graf(gTxt('existing_file') . sp . selectInput('filename', $existing_files, '', 1) . sp . fInput('submit', '', gTxt('Create'), 'smallerbox')), 'text-align: center;');
        }
        echo file_upload_form(gTxt('upload_file'), 'upload', 'file_insert');
    }
    $dir = $dir == 'desc' ? 'desc' : 'asc';
    switch ($sort) {
        case 'id':
            $sort_sql = 'id ' . $dir;
            break;
        case 'description':
            $sort_sql = 'description ' . $dir . ', filename desc';
            break;
        case 'category':
            $sort_sql = 'category ' . $dir . ', filename desc';
            break;
        case 'downloads':
            $sort_sql = 'downloads ' . $dir . ', filename desc';
            break;
        default:
            $sort = 'filename';
            $sort_sql = 'filename ' . $dir;
            break;
    }
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $criteria = 1;
    if ($search_method and $crit) {
        $crit_escaped = doSlash($crit);
        $critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "filename like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'");
        if (array_key_exists($search_method, $critsql)) {
            $criteria = $critsql[$search_method];
            $limit = 500;
        } else {
            $search_method = '';
            $crit = '';
        }
    } else {
        $search_method = '';
        $crit = '';
    }
    $total = safe_count('txp_file', "{$criteria}");
    if ($total < 1) {
        if ($criteria != 1) {
            echo n . file_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"');
        } else {
            echo n . graf(gTxt('no_files_recorded'), ' class="indicator"');
        }
        return;
    }
    $limit = max($file_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo file_search_form($crit, $search_method);
    $rs = safe_rows_start('*', 'txp_file', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
    if ($rs) {
        echo '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list') . tr(column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . hCell() . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method, 'filename' == $sort ? $dir : '') . column_head('description', 'description', 'file', true, $switch_dir, $crit, $search_method, 'description' == $sort ? $dir : '') . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method, 'category' == $sort ? $dir : '') . hCell(gTxt('tags')) . hCell(gTxt('status')) . hCell(gTxt('condition')) . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method, 'downloads' == $sort ? $dir : '') . hCell());
        while ($a = nextRow($rs)) {
            extract($a);
            $edit_url = '?event=file' . a . 'step=file_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
            $file_exists = file_exists(build_file_path($file_base_path, $filename));
            $download_link = $file_exists ? '<li>' . make_download_link($id, '', $filename) . '</li>' : '';
            $category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'file')) . '">' . $category . '</span>' : '';
            $tag_url = '?event=tag' . a . 'tag_name=file_download_link' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename);
            $condition = '<span class="';
            $condition .= $file_exists ? 'ok' : 'not-ok';
            $condition .= '">';
            $condition .= $file_exists ? gTxt('file_status_ok') : gTxt('file_status_missing');
            $condition .= '</span>';
            echo tr(n . td($id) . td('<ul>' . '<li>' . href(gTxt('edit'), $edit_url) . '</li>' . $download_link . '</ul>', 65) . td(href(htmlspecialchars($filename), $edit_url), 125) . td(htmlspecialchars($description), 150) . td($category, 90) . td(n . '<ul>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href, 400, 250); return false;">Textile</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href, 400, 250); return false;">Textpattern</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href, 400, 250); return false;">XHTML</a></li>' . n . '</ul>', 75) . td($file_statuses[$status], 45) . td($condition, 45) . td($downloads == '0' ? gTxt('none') : $downloads, 25) . td(fInput('checkbox', 'selected[]', $id), 10));
        }
        echo tr(tda(select_buttons() . file_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="10" style="text-align: right; border: none;"')) . endTable() . '</form>' . nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method) . pageby_form('file', $file_list_pageby);
    }
}
        show_form('edit');
        break;
    case 'doedit':
        do_update('edit');
        break;
    case 'doupdate':
        do_update();
        break;
    case 'dodelete':
        do_delete();
        break;
    case 'list':
        view_list();
        break;
    case 'dolist':
        do_list();
        break;
    case 'editrep':
        show_form_rep('edit');
        break;
    case 'doeditrep':
        do_edit_rep();
        break;
    case 'dodelrep':
        do_delete_rep();
        break;
    default:
        show_level();
        break;
}
function show_level()
示例#10
0
function image_list($message = '')
{
    global $txpcfg, $extensions, $img_dir, $file_max_upload_size, $image_list_pageby, $txp_user, $event;
    pagetop(gTxt('tab_image'), $message);
    extract($txpcfg);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if ($sort === '') {
        $sort = get_pref('image_sort_column', 'id');
    }
    if ($dir === '') {
        $dir = get_pref('image_sort_dir', 'desc');
    }
    $dir = $dir == 'asc' ? 'asc' : 'desc';
    echo hed(gTxt('tab_image'), 1, array('class' => 'txp-heading'));
    echo n . '<div id="' . $event . '_control" class="txp-control-panel">';
    if (!is_dir(IMPATH) or !is_writeable(IMPATH)) {
        echo graf(span(null, array('class' => 'ui-icon ui-icon-alert')) . ' ' . gTxt('img_dir_not_writeable', array('{imgdir}' => IMPATH)), array('class' => 'alert-block warning'));
    } elseif (has_privs('image.edit.own')) {
        echo upload_form(gTxt('upload_image'), 'upload_image', 'image_insert', 'image', '', $file_max_upload_size);
    }
    switch ($sort) {
        case 'name':
            $sort_sql = 'name ' . $dir;
            break;
        case 'thumbnail':
            $sort_sql = 'thumbnail ' . $dir . ', id asc';
            break;
        case 'category':
            $sort_sql = 'category ' . $dir . ', id asc';
            break;
        case 'date':
            $sort_sql = 'date ' . $dir . ', id asc';
            break;
        case 'author':
            $sort_sql = 'author ' . $dir . ', id asc';
            break;
        default:
            $sort = 'id';
            $sort_sql = 'id ' . $dir;
            break;
    }
    set_pref('image_sort_column', $sort, 'image', 2, '', 0, PREF_PRIVATE);
    set_pref('image_sort_dir', $dir, 'image', 2, '', 0, PREF_PRIVATE);
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $criteria = 1;
    if ($search_method and $crit != '') {
        $verbatim = preg_match('/^"(.*)"$/', $crit, $m);
        $crit_escaped = $verbatim ? doSlash($m[1]) : doLike($crit);
        $critsql = $verbatim ? array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name = '{$crit_escaped}'", 'category' => "category = '{$crit_escaped}'", 'author' => "author = '{$crit_escaped}'", 'alt' => "alt = '{$crit_escaped}'", 'caption' => "caption = '{$crit_escaped}'") : array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'", 'alt' => "alt like '%{$crit_escaped}%'", 'caption' => "caption like '%{$crit_escaped}%'");
        if (array_key_exists($search_method, $critsql)) {
            $criteria = $critsql[$search_method];
            $limit = 500;
        } else {
            $search_method = '';
            $crit = '';
        }
    } else {
        $search_method = '';
        $crit = '';
    }
    $criteria .= callback_event('admin_criteria', 'image_list', 0, $criteria);
    $total = safe_count('txp_image', "{$criteria}");
    if ($total < 1) {
        if ($criteria != 1) {
            echo n . image_search_form($crit, $search_method) . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
        } else {
            echo graf(gTxt('no_images_recorded'), ' class="indicator"') . '</div>';
        }
        return;
    }
    $limit = max($image_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo image_search_form($crit, $search_method);
    $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_image', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}\n    ");
    echo pluggable_ui('image_ui', 'extend_controls', '', $rs);
    echo '</div>';
    // End txp-control-panel.
    if ($rs) {
        $show_authors = !has_single_author('txp_image');
        echo n . tag_start('div', array('id' => $event . '_container', 'class' => 'txp-container')) . n . tag_start('form', array('action' => 'index.php', 'id' => 'images_form', 'class' => 'multi_edit_form', 'method' => 'post', 'name' => 'longform')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' scope="col" title="' . gTxt('toggle_all_selected') . '" class="txp-list-col-multi-edit"') . column_head('ID', 'id', 'image', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'txp-list-col-id') . column_head('name', 'name', 'image', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-name') . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'txp-list-col-created date images_detail') . column_head('thumbnail', 'thumbnail', 'image', true, $switch_dir, $crit, $search_method, ('thumbnail' == $sort ? "{$dir} " : '') . 'txp-list-col-thumbnail') . hCell(gTxt('tags'), '', ' scope="col" class="txp-list-col-tag-build images_detail"') . column_head('image_category', 'category', 'image', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'txp-list-col-category category') . ($show_authors ? column_head('author', 'author', 'image', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'txp-list-col-author name') : '')) . n . tag_end('thead') . n . tag_start('tbody');
        $validator = new Validator();
        while ($a = nextRow($rs)) {
            extract($a);
            $edit_url = array('event' => 'image', 'step' => 'image_edit', 'id' => $id, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit);
            $name = empty($name) ? gTxt('unnamed') : txpspecialchars($name);
            if ($thumbnail) {
                if ($ext != '.swf') {
                    $thumbnail = '<img class="content-image" src="' . imagesrcurl($id, $ext, true) . "?{$uDate}" . '" alt="" ' . "title='{$id}{$ext} ({$w} &#215; {$h})'" . ($thumb_w ? " width='{$thumb_w}' height='{$thumb_h}'" : '') . ' />';
                } else {
                    $thumbnail = '';
                }
            } else {
                $thumbnail = gTxt('no');
            }
            if ($ext != '.swf') {
                $tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption);
                $tagbuilder = href('Textile', $tag_url . a . 'type=textile', ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('&#124;', array('role' => 'separator')) . sp . href('Textpattern', $tag_url . a . 'type=textpattern', ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('&#124;', array('role' => 'separator')) . sp . href('HTML', $tag_url . a . 'type=html', ' target="_blank" onclick="popWin(this.href); return false;"');
            } else {
                $tagbuilder = sp;
            }
            $validator->setConstraints(array(new CategoryConstraint($category, array('type' => 'image'))));
            $vc = $validator->validate() ? '' : ' error';
            $category = $category ? span($category, array('title' => fetch_category_title($category, 'image'))) : '';
            $can_edit = has_privs('image.edit') || $author === $txp_user && has_privs('image.edit.own');
            echo tr(td($can_edit ? fInput('checkbox', 'selected[]', $id) : '&#160;', '', 'txp-list-col-multi-edit') . hCell(($can_edit ? href($id, $edit_url, array('title' => gTxt('edit'))) : $id) . sp . span(span('[', array('aria-hidden' => 'true')) . href(gTxt('view'), imagesrcurl($id, $ext)) . span(']', array('aria-hidden' => 'true')), array('class' => 'images_detail')), '', ' scope="row" class="txp-list-col-id"') . td($can_edit ? href($name, $edit_url, ' title="' . gTxt('edit') . '"') : $name, '', 'txp-list-col-name') . td(gTime($uDate), '', 'txp-list-col-created date images_detail') . td(pluggable_ui('image_ui', 'thumbnail', $can_edit ? href($thumbnail, $edit_url) : $thumbnail, $a), '', 'txp-list-col-thumbnail') . td($tagbuilder, '', 'txp-list-col-tag-build images_detail') . td($category, '', 'txp-list-col-category category' . $vc) . ($show_authors ? td(span(txpspecialchars($author), array('title' => get_author_name($author))), '', 'txp-list-col-author name') : ''));
        }
        echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . image_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . graf(toggle_box('images_detail'), array('class' => 'detail-toggle')) . n . tag_start('div', array('id' => $event . '_navigation', 'class' => 'txp-navigation')) . pageby_form('image', $image_list_pageby) . nav_form('image', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div') . n . tag_end('div');
    }
}
示例#11
0
/**
 * Fetch meta description from the given (or automatic) context.
 *
 * Category context may be refined by specifying the content type as well
 * after a dot. e.g. category.image to check image context category.
 *
 * @param string $type Flavour of meta content to fetch (section, category, article)
 */
function getMetaDescription($type = null)
{
    global $thisarticle, $thiscategory, $thissection, $c, $s, $context;
    $content = '';
    if ($type === null) {
        if ($thiscategory) {
            $content = $thiscategory['description'];
        } elseif ($thissection) {
            $content = $thissection['description'];
        } elseif ($thisarticle) {
            $content = $thisarticle['description'];
        } elseif ($c) {
            $content = safe_field('description', 'txp_category', "name = '" . doSlash($c) . "' AND type = '" . doSlash($context) . "'");
        } elseif ($s) {
            $content = safe_field('description', 'txp_section', "name = '" . doSlash($s) . "'");
        }
    } else {
        if (strpos($type, 'category') === 0) {
            // Category context.
            if ($thiscategory) {
                $content = $thiscategory['description'];
            } else {
                $thisContext = $context;
                $catParts = do_list($type, '.');
                if (isset($catParts[1])) {
                    $thisContext = $catParts[1];
                }
                $clause = " AND type = '" . $thisContext . "'";
                $content = safe_field('description', 'txp_category', "name = '" . doSlash($c) . "'" . $clause);
            }
        } elseif ($type === 'section') {
            $theSection = $thissection ? $thissection : $s;
            $content = safe_field('description', 'txp_section', "name = '" . doSlash($theSection) . "'");
        } elseif ($type === 'article') {
            assert_article();
            $content = $thisarticle ? $thisarticle['description'] : '';
        }
    }
    return $content;
}
示例#12
0
function image_list($message = '')
{
    global $txpcfg, $extensions, $img_dir, $file_max_upload_size, $image_list_pageby, $txp_user, $event;
    pagetop(gTxt('images'), $message);
    extract($txpcfg);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if ($sort === '') {
        $sort = get_pref('image_sort_column', 'id');
    }
    if ($dir === '') {
        $dir = get_pref('image_sort_dir', 'desc');
    }
    $dir = $dir == 'asc' ? 'asc' : 'desc';
    echo '<div id="' . $event . '_control" class="txp-control-panel">';
    if (!is_dir(IMPATH) or !is_writeable(IMPATH)) {
        echo graf(gTxt('img_dir_not_writeable', array('{imgdir}' => IMPATH)), ' id="warning"');
    } elseif (has_privs('image.edit.own')) {
        echo upload_form(gTxt('upload_image'), 'upload_image', 'image_insert', 'image', '', $file_max_upload_size);
    }
    switch ($sort) {
        case 'name':
            $sort_sql = 'name ' . $dir;
            break;
        case 'thumbnail':
            $sort_sql = 'thumbnail ' . $dir . ', id asc';
            break;
        case 'category':
            $sort_sql = 'category ' . $dir . ', id asc';
            break;
        case 'date':
            $sort_sql = 'date ' . $dir . ', id asc';
            break;
        case 'author':
            $sort_sql = 'author ' . $dir . ', id asc';
            break;
        default:
            $sort = 'id';
            $sort_sql = 'id ' . $dir;
            break;
    }
    set_pref('image_sort_column', $sort, 'image', 2, '', 0, PREF_PRIVATE);
    set_pref('image_sort_dir', $dir, 'image', 2, '', 0, PREF_PRIVATE);
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $criteria = 1;
    if ($search_method and $crit) {
        $crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
        $critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "name like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'", 'alt' => "alt like '%{$crit_escaped}%'", 'caption' => "caption like '%{$crit_escaped}%'");
        if (array_key_exists($search_method, $critsql)) {
            $criteria = $critsql[$search_method];
            $limit = 500;
        } else {
            $search_method = '';
            $crit = '';
        }
    } else {
        $search_method = '';
        $crit = '';
    }
    $total = safe_count('txp_image', "{$criteria}");
    if ($total < 1) {
        if ($criteria != 1) {
            echo n . image_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
        } else {
            echo n . graf(gTxt('no_images_recorded'), ' class="indicator"') . '</div>';
        }
        return;
    }
    $limit = max($image_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo image_search_form($crit, $search_method);
    $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_image', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}\n\t\t");
    echo pluggable_ui('image_ui', 'extend_controls', '', $rs);
    echo '</div>';
    // end txp-control-panel
    if ($rs) {
        $show_authors = !has_single_author('txp_image');
        echo n . '<div id="' . $event . '_container" class="txp-container txp-list">';
        echo n . n . '<form name="longform" id="images_form" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . n . startTable('list', '', 'list') . n . '<thead>' . n . tr(column_head('ID', 'id', 'image', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . hCell('', '', ' class="actions"') . column_head('date', 'date', 'image', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'date created') . column_head('name', 'name', 'image', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . column_head('thumbnail', 'thumbnail', 'image', true, $switch_dir, $crit, $search_method, ('thumbnail' == $sort ? "{$dir} " : '') . 'thumbnail') . hCell(gTxt('tags'), '', ' class="tag-build"') . column_head('image_category', 'category', 'image', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . ($show_authors ? column_head('author', 'author', 'image', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '') . hCell('', '', ' class="multi-edit"')) . n . '</thead>';
        $tfoot = n . '<tfoot>' . tr(tda(select_buttons() . image_multiedit_form($page, $sort, $dir, $crit, $search_method), ' class="multi-edit" colspan="' . ($show_authors ? '9' : '8') . '" style="text-align: right; border: none;"')) . n . '</tfoot>';
        echo $tfoot;
        echo '<tbody>';
        $ctr = 1;
        while ($a = nextRow($rs)) {
            extract($a);
            $edit_url = '?event=image' . a . 'step=image_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
            $name = empty($name) ? gTxt('unnamed') : htmlspecialchars($name);
            if ($thumbnail) {
                if ($ext != '.swf') {
                    $thumbnail = '<img src="' . imagesrcurl($id, $ext, true) . "?{$uDate}" . '" alt="" ' . "title='{$id}{$ext} ({$w} &#215; {$h})'" . ($thumb_w ? "width='{$thumb_w}' height='{$thumb_h}'" : '') . ' />';
                } else {
                    $thumbnail = '';
                }
            } else {
                $thumbnail = gTxt('no');
            }
            if ($ext != '.swf') {
                $tag_url = '?event=tag' . a . 'tag_name=image' . a . 'id=' . $id . a . 'ext=' . $ext . a . 'w=' . $w . a . 'h=' . $h . a . 'alt=' . urlencode($alt) . a . 'caption=' . urlencode($caption);
                $tagbuilder = '<ul>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href); return false;">Textile</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href); return false;">Textpattern</a></li>' . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href); return false;">XHTML</a></li>' . '</ul>';
            } else {
                $tagbuilder = sp;
            }
            $category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'image')) . '">' . $category . '</span>' : '';
            $can_edit = has_privs('image.edit') || $author == $txp_user && has_privs('image.edit.own');
            echo n . n . tr(n . td($id, 20, 'id') . td(n . '<ul>' . ($can_edit ? n . t . '<li class="action-edit">' . href(gTxt('edit'), $edit_url) . '</li>' : '') . n . t . '<li class="action-view"><a href="' . imagesrcurl($id, $ext) . '">' . gTxt('view') . '</a></li>' . n . '</ul>', 35, 'actions') . td(gTime($uDate), 75, 'date created') . td($can_edit ? href($name, $edit_url) : $name, 75, 'name') . td(pluggable_ui('image_ui', 'thumbnail', $can_edit ? href($thumbnail, $edit_url) : $thumbnail, $a), 80, 'image thumbnail') . td($tagbuilder, 85, 'tag-build') . td($category, 75, 'category') . ($show_authors ? td('<span title="' . htmlspecialchars(get_author_name($author)) . '">' . htmlspecialchars($author) . '</span>', 75, 'author') : '') . td($can_edit ? fInput('checkbox', 'selected[]', $id) : '&nbsp;', 10, 'multi-edit'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"');
            $ctr++;
        }
        echo '</tbody>' . n . endTable() . n . '</form>' . n . '<div id="' . $event . '_navigation" class="txp-navigation">' . nav_form('image', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . pageby_form('image', $image_list_pageby) . n . '</div>' . n . '</div>';
    }
}
示例#13
0
function file_list($message = '')
{
    global $file_base_path, $file_statuses, $file_list_pageby, $txp_user, $event;
    pagetop(gTxt('file'), $message);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if ($sort === '') {
        $sort = get_pref('file_sort_column', 'filename');
    }
    if ($dir === '') {
        $dir = get_pref('file_sort_dir', 'asc');
    }
    $dir = $dir == 'desc' ? 'desc' : 'asc';
    echo '<div id="' . $event . '_control" class="txp-control-panel">';
    if (!is_dir($file_base_path) or !is_writeable($file_base_path)) {
        echo graf(gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), ' id="warning"');
    } elseif (has_privs('file.edit.own')) {
        $existing_files = get_filenames();
        if (count($existing_files) > 0) {
            echo form(eInput('file') . sInput('file_create') . graf('<label for="file-existing">' . gTxt('existing_file') . '</label>' . sp . selectInput('filename', $existing_files, '', 1, '', 'file-existing') . sp . fInput('submit', '', gTxt('Create'), 'smallerbox'), ' class="existing-file"'), 'text-align: center;', '', 'post', '', '', 'assign_file');
        }
        echo file_upload_form(gTxt('upload_file'), 'upload', 'file_insert');
    }
    switch ($sort) {
        case 'id':
            $sort_sql = 'id ' . $dir;
            break;
        case 'description':
            $sort_sql = 'description ' . $dir . ', filename desc';
            break;
        case 'category':
            $sort_sql = 'category ' . $dir . ', filename desc';
            break;
        case 'title':
            $sort_sql = 'title ' . $dir . ', filename desc';
            break;
        case 'downloads':
            $sort_sql = 'downloads ' . $dir . ', filename desc';
            break;
        case 'author':
            $sort_sql = 'author ' . $dir . ', id asc';
            break;
        default:
            $sort = 'filename';
            $sort_sql = 'filename ' . $dir;
            break;
    }
    set_pref('file_sort_column', $sort, 'file', 2, '', 0, PREF_PRIVATE);
    set_pref('file_sort_dir', $dir, 'file', 2, '', 0, PREF_PRIVATE);
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $criteria = 1;
    if ($search_method and $crit) {
        $crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
        $critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "filename like '%{$crit_escaped}%'", 'title' => "title like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'");
        if (array_key_exists($search_method, $critsql)) {
            $criteria = $critsql[$search_method];
            $limit = 500;
        } else {
            $search_method = '';
            $crit = '';
        }
    } else {
        $search_method = '';
        $crit = '';
    }
    $total = safe_count('txp_file', "{$criteria}");
    if ($total < 1) {
        if ($criteria != 1) {
            echo n . file_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
        } else {
            echo n . graf(gTxt('no_files_recorded'), ' class="indicator"') . '</div>';
        }
        return;
    }
    $limit = max($file_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo file_search_form($crit, $search_method) . '</div>';
    $rs = safe_rows_start('*', 'txp_file', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
    if ($rs) {
        $show_authors = !has_single_author('txp_file');
        echo n . '<div id="' . $event . '_container" class="txp-container txp-list">';
        echo '<form name="longform" id="files_form" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list', '', 'list') . n . '<thead>' . tr(column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . hCell('', '', ' class="actions"') . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method, ('filename' == $sort ? "{$dir} " : '') . 'name') . column_head('title', 'title', 'file', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'title') . column_head('description', 'description', 'file', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'description') . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . hCell(gTxt('tags'), '', ' class="tag-build"') . hCell(gTxt('status'), '', ' class="status"') . hCell(gTxt('condition'), '', ' class="condition"') . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method, ('downloads' == $sort ? "{$dir} " : '') . 'downloads') . ($show_authors ? column_head('author', 'author', 'file', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '') . hCell('', '', ' class="multi-edit"')) . n . '</thead>';
        $tfoot = n . '<tfoot>' . tr(tda(select_buttons() . file_multiedit_form($page, $sort, $dir, $crit, $search_method), ' class="multi-edit" colspan="' . ($show_authors ? '12' : '11') . '" style="text-align: right; border: none;"')) . n . '</tfoot>';
        echo $tfoot;
        echo '<tbody>';
        $ctr = 1;
        while ($a = nextRow($rs)) {
            extract($a);
            $filename = sanitizeForFile($filename);
            $edit_url = '?event=file' . a . 'step=file_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
            $file_exists = file_exists(build_file_path($file_base_path, $filename));
            $download_link = $file_exists ? '<li class="action-view">' . make_download_link($id, '', $filename) . '</li>' : '';
            $category = $category ? '<span title="' . htmlspecialchars(fetch_category_title($category, 'file')) . '">' . $category . '</span>' : '';
            $tag_url = '?event=tag' . a . 'tag_name=file_download_link' . a . 'id=' . $id . a . 'description=' . urlencode($description) . a . 'filename=' . urlencode($filename);
            $condition = '<span class="';
            $condition .= $file_exists ? 'ok' : 'not-ok';
            $condition .= '">';
            $condition .= $file_exists ? gTxt('file_status_ok') : gTxt('file_status_missing');
            $condition .= '</span>';
            $can_edit = has_privs('file.edit') || $author == $txp_user && has_privs('file.edit.own');
            echo tr(n . td($id, '', 'id') . td('<ul>' . ($can_edit ? '<li class="action-edit">' . href(gTxt('edit'), $edit_url) . '</li>' : '') . $download_link . '</ul>', 65, 'actions') . td($can_edit ? href(htmlspecialchars($filename), $edit_url) : htmlspecialchars($filename), 125, 'name') . td(htmlspecialchars($title), 90, 'title') . td(htmlspecialchars($description), 150, 'description') . td($category, 90, 'category') . td(n . '<ul>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textile" onclick="popWin(this.href, 400, 250); return false;">Textile</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=textpattern" onclick="popWin(this.href, 400, 250); return false;">Textpattern</a></li>' . n . t . '<li><a target="_blank" href="' . $tag_url . a . 'type=xhtml" onclick="popWin(this.href, 400, 250); return false;">XHTML</a></li>' . n . '</ul>', 75, 'tag-build') . td(in_array($status, array_keys($file_statuses)) ? $file_statuses[$status] : '<span class="not-ok">' . gTxt('none') . '</span>', 45, 'status') . td($condition, 45, 'condition') . td($downloads == '0' ? gTxt('none') : $downloads, 25, 'downloads') . ($show_authors ? td('<span title="' . htmlspecialchars(get_author_name($author)) . '">' . htmlspecialchars($author) . '</span>', '', 'author') : '') . td($can_edit ? fInput('checkbox', 'selected[]', $id) : '&nbsp;', 10, 'multi-edit'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"');
            $ctr++;
        }
        echo '</tbody>' . n . endTable() . n . '</form>' . n . '<div id="' . $event . '_navigation" class="txp-navigation">' . nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . pageby_form('file', $file_list_pageby) . n . '</div>' . n . '</div>';
    }
}
示例#14
0
function adi_menu_section_list($ignore_exclude)
{
    global $sections, $exclude, $sort, $default_first, $default_title, $include_default;
    if ($sections) {
        $sections = do_list($sections);
        $sections = join("','", doSlash($sections));
        $rs = safe_rows_start('name,title,adi_menu_parent,adi_menu_clone,adi_menu_title', 'txp_section', "name in ('{$sections}') order by " . ($sort ? $sort : "field(name, '{$sections}')"));
    } else {
        if ($exclude) {
            $exclude = do_list($exclude);
            $exclude = join("','", doSlash($exclude));
            $exclude = "and name not in('{$exclude}')";
        }
        if (!$include_default) {
            $exclude = "and name != 'default'";
        }
        $ignore_exclude ? $exclude_option = "adi_menu_exclude = 0 or adi_menu_exclude = 1" : ($exclude_option = "adi_menu_exclude = 0");
        $rs = safe_rows_start('name,title,adi_menu_parent,adi_menu_clone,adi_menu_title', 'txp_section', "{$exclude_option} {$exclude} order by " . $sort);
    }
    if ($rs) {
        $out = array();
        while ($a = nextRow($rs)) {
            extract($a);
            // sets 'name','title','adi_menu_parent' etc in $a
            $a['url'] = pagelinkurl(array('s' => $name));
            // add url to $a
            $out[$name] = $a;
        }
        if ($out && $default_title && $include_default) {
            // set default section title
            $out['default']['title'] = $default_title;
        }
        if ($out && $default_first && $include_default) {
            // shift default section to beginning
            $remember['default'] = $out['default'];
            // remember 'default' element
            unset($out['default']);
            // remove 'default' element
            $out = array_merge($remember, $out);
            // join together, 'default' now at beginning
        }
        return $out;
    }
}
示例#15
0
function file_download_list($atts, $thing = NULL)
{
    global $s, $c, $context, $thisfile, $thispage, $pretext;
    extract(lAtts(array('break' => br, 'category' => '', 'author' => '', 'realname' => '', 'auto_detect' => 'category, author', 'class' => __FUNCTION__, 'form' => 'files', 'id' => '', 'label' => '', 'labeltag' => '', 'pageby' => '', 'limit' => 10, 'offset' => 0, 'sort' => 'filename asc', 'wraptag' => '', 'status' => '4'), $atts));
    if (!is_numeric($status)) {
        $status = getStatusNum($status);
    }
    // N.B. status treated slightly differently
    $where = $statwhere = array();
    $filters = isset($atts['id']) || isset($atts['category']) || isset($atts['author']) || isset($atts['realname']) || isset($atts['status']);
    $context_list = empty($auto_detect) || $filters ? array() : do_list($auto_detect);
    $pageby = $pageby == 'limit' ? $limit : $pageby;
    if ($category) {
        $where[] = "category IN ('" . join("','", doSlash(do_list($category))) . "')";
    }
    $ids = array_map('intval', do_list($id));
    if ($id) {
        $where[] = "id IN ('" . join("','", $ids) . "')";
    }
    if ($status) {
        $statwhere[] = "status = '" . doSlash($status) . "'";
    }
    if ($author) {
        $where[] = "author IN ('" . join("','", doSlash(do_list($author))) . "')";
    }
    if ($realname) {
        $authorlist = safe_column('name', 'txp_users', "RealName IN ('" . join("','", doArray(doSlash(do_list($realname)), 'urldecode')) . "')");
        $where[] = "author IN ('" . join("','", doSlash($authorlist)) . "')";
    }
    // If no files are selected, try...
    if (!$where && !$filters) {
        foreach ($context_list as $ctxt) {
            switch ($ctxt) {
                case 'category':
                    // ... the global category in the URL
                    if ($context == 'file' && !empty($c)) {
                        $where[] = "category = '" . doSlash($c) . "'";
                    }
                    break;
                case 'author':
                    // ... the global author in the URL
                    if ($context == 'file' && !empty($pretext['author'])) {
                        $where[] = "author = '" . doSlash($pretext['author']) . "'";
                    }
                    break;
            }
            // Only one context can be processed
            if ($where) {
                break;
            }
        }
    }
    if (!$where && !$statwhere && $filters) {
        return '';
        // If nothing matches, output nothing
    }
    if (!$where) {
        $where[] = "1=1";
        // If nothing matches, start with all files
    }
    $where = join(' AND ', array_merge($where, $statwhere));
    // Set up paging if required
    if ($limit && $pageby) {
        $grand_total = safe_count('txp_file', $where);
        $total = $grand_total - $offset;
        $numPages = $pageby > 0 ? ceil($total / $pageby) : 1;
        $pg = !$pretext['pg'] ? 1 : $pretext['pg'];
        $pgoffset = $offset + ($pg - 1) * $pageby;
        // send paging info to txp:newer and txp:older
        $pageout['pg'] = $pg;
        $pageout['numPages'] = $numPages;
        $pageout['s'] = $s;
        $pageout['c'] = $c;
        $pageout['context'] = 'file';
        $pageout['grand_total'] = $grand_total;
        $pageout['total'] = $total;
        if (empty($thispage)) {
            $thispage = $pageout;
        }
    } else {
        $pgoffset = $offset;
    }
    // preserve order of custom file ids unless 'sort' attribute is set
    if (!empty($atts['id']) && empty($atts['sort'])) {
        $safe_sort = 'field(id, ' . join(',', $ids) . ')';
    } else {
        $safe_sort = doSlash($sort);
    }
    $qparts = array('order by ' . $safe_sort, $limit ? 'limit ' . intval($pgoffset) . ', ' . intval($limit) : '');
    $rs = safe_rows_start('*', 'txp_file', $where . ' ' . join(' ', $qparts));
    if ($rs) {
        $out = array();
        while ($a = nextRow($rs)) {
            $thisfile = file_download_format_info($a);
            $out[] = $thing ? parse($thing) : parse_form($form);
            $thisfile = '';
        }
        if ($out) {
            return doLabel($label, $labeltag) . doWrap($out, $wraptag, $break, $class);
        }
    }
    return '';
}
示例#16
0
/**
 * Find an adjacent article relative to a provided threshold level.
 *
 * @param  scalar $threshold      The value to compare against
 * @param  string $s              Optional section restriction
 * @param  string $type           Lesser or greater neighbour? Either '<' (previous) or '>' (next)
 * @param  array  $atts           Attribute of article at threshold
 * @param  string $threshold_type 'cooked': Use $threshold as SQL clause; 'raw': Use $threshold as an escapable scalar
 * @return array|bool An array populated with article data, or 'false' in case of no matches
 */
function getNeighbour($threshold, $s, $type, $atts = array(), $threshold_type = 'raw')
{
    global $prefs;
    static $cache = array();
    $key = md5($threshold . $s . $type . join(n, $atts));
    if (isset($cache[$key])) {
        return $cache[$key];
    }
    extract($atts);
    $expired = $expired && $prefs['publish_expired_articles'];
    $customFields = getCustomFields();
    // Building query parts; lifted from publish.php.
    $ids = array_map('intval', do_list($id));
    $id = !$id ? '' : " AND ID IN (" . join(',', $ids) . ")";
    switch ($time) {
        case 'any':
            $time = "";
            break;
        case 'future':
            $time = " AND Posted > " . now('posted');
            break;
        default:
            $time = " AND Posted <= " . now('posted');
    }
    if (!$expired) {
        $time .= " AND (" . now('expires') . " <= Expires OR Expires = " . NULLDATETIME . ")";
    }
    $custom = '';
    if ($customFields) {
        foreach ($customFields as $cField) {
            if (isset($atts[$cField])) {
                $customPairs[$cField] = $atts[$cField];
            }
        }
        if (!empty($customPairs)) {
            $custom = buildCustomSql($customFields, $customPairs);
        }
    }
    if ($keywords) {
        $keys = doSlash(do_list($keywords));
        foreach ($keys as $key) {
            $keyparts[] = "FIND_IN_SET('" . $key . "', Keywords)";
        }
        $keywords = " AND (" . join(" OR ", $keyparts) . ")";
    }
    $sortdir = strtolower($sortdir);
    // Invert $type for ascending sortdir.
    $types = array('>' => array('desc' => '>', 'asc' => '<'), '<' => array('desc' => '<', 'asc' => '>'));
    $type = $type == '>' ? $types['>'][$sortdir] : $types['<'][$sortdir];
    // Escape threshold and treat it as a string unless explicitly told otherwise.
    if ($threshold_type != 'cooked') {
        $threshold = "'" . doSlash($threshold) . "'";
    }
    $safe_name = safe_pfx('textpattern');
    $q = array("SELECT ID AS thisid, Section AS section, Title AS title, url_title, UNIX_TIMESTAMP(Posted) AS posted\n            FROM {$safe_name} WHERE {$sortby} {$type} {$threshold}", $s != '' && $s != 'default' ? "AND Section = '" . doSlash($s) . "'" : filterFrontPage(), $id, $time, $custom, $keywords, "AND Status = 4", "ORDER BY {$sortby}", $type == '<' ? "DESC" : "ASC", "LIMIT 1");
    $cache[$key] = getRow(join(n . ' ', $q));
    return is_array($cache[$key]) ? $cache[$key] : false;
}
示例#17
0
function doArticles($atts, $iscustom, $thing = NULL)
{
    global $pretext, $prefs;
    extract($pretext);
    extract($prefs);
    $customFields = getCustomFields();
    $customlAtts = array_null(array_flip($customFields));
    //getting attributes
    $theAtts = lAtts(array('form' => 'default', 'listform' => '', 'searchform' => '', 'limit' => 10, 'pageby' => '', 'category' => '', 'section' => '', 'excerpted' => '', 'author' => '', 'sort' => '', 'sortby' => '', 'sortdir' => '', 'month' => '', 'keywords' => '', 'frontpage' => '', 'id' => '', 'time' => 'past', 'status' => '4', 'pgonly' => 0, 'searchall' => 1, 'searchsticky' => 0, 'allowoverride' => !$q and !$iscustom, 'offset' => 0, 'wraptag' => '', 'break' => '', 'label' => '', 'labeltag' => '', 'class' => '') + $customlAtts, $atts);
    // if an article ID is specified, treat it as a custom list
    $iscustom = !empty($theAtts['id']) ? true : $iscustom;
    //for the txp:article tag, some attributes are taken from globals;
    //override them before extract
    if (!$iscustom) {
        $theAtts['category'] = $c ? $c : '';
        $theAtts['section'] = $s && $s != 'default' ? $s : '';
        $theAtts['author'] = !empty($author) ? $author : '';
        $theAtts['month'] = !empty($month) ? $month : '';
        $theAtts['frontpage'] = $s && $s == 'default' ? true : false;
        $theAtts['excerpted'] = '';
    }
    extract($theAtts);
    // if a listform is specified, $thing is for doArticle() - hence ignore here.
    if (!empty($listform)) {
        $thing = '';
    }
    $pageby = empty($pageby) ? $limit : $pageby;
    // treat sticky articles differently wrt search filtering, etc
    $status = in_array(strtolower($status), array('sticky', '5')) ? 5 : 4;
    $issticky = $status == 5;
    // give control to search, if necessary
    if ($q && !$iscustom && !$issticky) {
        include_once txpath . '/publish/search.php';
        $s_filter = $searchall ? filterSearch() : '';
        $q = doSlash($q);
        // searchable article fields are limited to the columns of
        // the textpattern table and a matching fulltext index must exist.
        $cols = do_list($searchable_article_fields);
        if (empty($cols) or $cols[0] == '') {
            $cols = array('Title', 'Body');
        }
        $match = ', match (`' . join('`, `', $cols) . "`) against ('{$q}') as score";
        for ($i = 0; $i < count($cols); $i++) {
            $cols[$i] = "`{$cols[$i]}` rlike '{$q}'";
        }
        $cols = join(" or ", $cols);
        $search = " and ({$cols}) {$s_filter}";
        // searchall=0 can be used to show search results for the current section only
        if ($searchall) {
            $section = '';
        }
        if (!$sort) {
            $sort = 'score desc';
        }
    } else {
        $match = $search = '';
        if (!$sort) {
            $sort = 'Posted desc';
        }
    }
    // for backwards compatibility
    // sortby and sortdir are deprecated
    if ($sortby) {
        if (!$sortdir) {
            $sortdir = 'desc';
        }
        $sort = "{$sortby} {$sortdir}";
    } elseif ($sortdir) {
        $sort = "Posted {$sortdir}";
    }
    //Building query parts
    $frontpage = ($frontpage and (!$q or $issticky)) ? filterFrontPage() : '';
    $category = join("','", doSlash(do_list($category)));
    $category = !$category ? '' : " and (Category1 IN ('" . $category . "') or Category2 IN ('" . $category . "'))";
    $section = !$section ? '' : " and Section IN ('" . join("','", doSlash(do_list($section))) . "')";
    $excerpted = $excerpted == 'y' ? " and Excerpt !=''" : '';
    $author = !$author ? '' : " and AuthorID IN ('" . join("','", doSlash(do_list($author))) . "')";
    $month = !$month ? '' : " and Posted like '" . doSlash($month) . "%'";
    $id = !$id ? '' : " and ID IN (" . join(',', array_map('intval', do_list($id))) . ")";
    switch ($time) {
        case 'any':
            $time = "";
            break;
        case 'future':
            $time = " and Posted > now()";
            break;
        default:
            $time = " and Posted <= now()";
    }
    if (!$publish_expired_articles) {
        $time .= " and (now() <= Expires or Expires = " . NULLDATETIME . ")";
    }
    $custom = '';
    if ($customFields) {
        foreach ($customFields as $cField) {
            if (isset($atts[$cField])) {
                $customPairs[$cField] = $atts[$cField];
            }
        }
        if (!empty($customPairs)) {
            $custom = buildCustomSql($customFields, $customPairs);
        }
    }
    //Allow keywords for no-custom articles. That tagging mode, you know
    if ($keywords) {
        $keys = doSlash(do_list($keywords));
        foreach ($keys as $key) {
            $keyparts[] = "FIND_IN_SET('" . $key . "',Keywords)";
        }
        $keywords = " and (" . join(' or ', $keyparts) . ")";
    }
    if ($q and $searchsticky) {
        $statusq = ' and Status >= 4';
    } elseif ($id) {
        $statusq = ' and Status >= 4';
    } else {
        $statusq = ' and Status = ' . intval($status);
    }
    $where = "1=1" . $statusq . $time . $search . $id . $category . $section . $excerpted . $month . $author . $keywords . $custom . $frontpage;
    //do not paginate if we are on a custom list
    if (!$iscustom and !$issticky) {
        $grand_total = safe_count('textpattern', $where);
        $total = $grand_total - $offset;
        $numPages = ceil($total / $pageby);
        $pg = !$pg ? 1 : $pg;
        $pgoffset = $offset + ($pg - 1) * $pageby;
        // send paging info to txp:newer and txp:older
        $pageout['pg'] = $pg;
        $pageout['numPages'] = $numPages;
        $pageout['s'] = $s;
        $pageout['c'] = $c;
        $pageout['grand_total'] = $grand_total;
        $pageout['total'] = $total;
        global $thispage;
        if (empty($thispage)) {
            $thispage = $pageout;
        }
        if ($pgonly) {
            return;
        }
    } else {
        $pgoffset = $offset;
    }
    $rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted, unix_timestamp(Expires) as uExpires, unix_timestamp(LastMod) as uLastMod" . $match, 'textpattern', $where . ' order by ' . doSlash($sort) . ' limit ' . intval($pgoffset) . ', ' . intval($limit));
    // get the form name
    if ($q and !$iscustom and !$issticky) {
        $fname = $searchform ? $searchform : 'search_results';
    } else {
        $fname = $listform ? $listform : $form;
    }
    if ($rs) {
        $count = 0;
        $last = numRows($rs);
        $articles = array();
        while ($a = nextRow($rs)) {
            ++$count;
            populateArticleData($a);
            global $thisarticle, $uPosted, $limit;
            $thisarticle['is_first'] = $count == 1;
            $thisarticle['is_last'] = $count == $last;
            if (@constant('txpinterface') === 'admin' and gps('Form')) {
                $articles[] = parse(gps('Form'));
            } elseif ($allowoverride and $a['override_form']) {
                $articles[] = parse_form($a['override_form']);
            } else {
                $articles[] = $thing ? parse($thing) : parse_form($fname);
            }
            // sending these to paging_link(); Required?
            $uPosted = $a['uPosted'];
            unset($GLOBALS['thisarticle']);
        }
        return doLabel($label, $labeltag) . doWrap($articles, $wraptag, $break, $class);
    }
}
示例#18
0
 /**
  * Gets an SQL clause for this method based on the criteria.
  *
  * @todo Case-sensitive searches
  *
  * @param string $search_term The value to search for
  * @param int    $verbatim    Whether the search term is in quotes (1) or not (0)
  */
 public function getCriteria($search_term, $verbatim)
 {
     $clause = array();
     foreach ($this->columns as $column) {
         if (isset($this->aliases[$column])) {
             foreach ($this->aliases[$column] as $dbval => $aliases) {
                 $terms = do_list($search_term);
                 foreach ($terms as $idx => $term) {
                     if ($this->findAlias($term, $aliases, $this->type) !== false) {
                         $terms[$idx] = $dbval;
                     }
                 }
                 $search_term = join(',', $terms);
             }
         }
         if ($this->options['can_list']) {
             $operator = ' in ';
             $value = '(' . join(',', quote_list(do_list($search_term))) . ')';
         } elseif ($this->type === 'boolean') {
             $clause[] = "convert(" . $column . ", char) = '" . $search_term . "'";
             continue;
         } elseif ($verbatim && !$this->options['always_like']) {
             $operator = ' = ';
             $value = doQuote($search_term);
         } elseif ($this->type === 'find_in_set') {
             $clause[] = "find_in_set('" . $search_term . "', " . $column . " )";
             continue;
         } elseif ($this->type === 'numeric') {
             $clause[] = "convert(" . $column . ", char) = '" . $search_term . "'";
             continue;
         } else {
             $operator = ' like ';
             $value = doQuote("%{$search_term}%");
         }
         $clause[] = join($operator, array($column, $value));
     }
     return $clause;
 }
示例#19
0
function list_list($message = '', $post = '')
{
    global $statuses, $comments_disabled_after, $step, $txp_user, $article_list_pageby;
    pagetop(gTxt('tab_list'), $message);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    $sesutats = array_flip($statuses);
    $dir = $dir == 'asc' ? 'asc' : 'desc';
    switch ($sort) {
        case 'id':
            $sort_sql = 'ID ' . $dir;
            break;
        case 'expires':
            $sort_sql = 'Expires ' . $dir;
            break;
        case 'title':
            $sort_sql = 'Title ' . $dir . ', Posted desc';
            break;
        case 'section':
            $sort_sql = 'Section ' . $dir . ', Posted desc';
            break;
        case 'category1':
            $sort_sql = 'Category1 ' . $dir . ', Posted desc';
            break;
        case 'category2':
            $sort_sql = 'Category2 ' . $dir . ', Posted desc';
            break;
        case 'status':
            $sort_sql = 'Status ' . $dir . ', Posted desc';
            break;
        case 'author':
            $sort_sql = 'AuthorID ' . $dir . ', Posted desc';
            break;
        case 'comments':
            $sort_sql = 'comments_count ' . $dir . ', Posted desc';
            break;
        case 'lastmod':
            $sort_sql = 'LastMod ' . $dir . ', Posted desc';
            break;
        default:
            $sort = 'posted';
            $sort_sql = 'Posted ' . $dir;
            break;
    }
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $criteria = 1;
    if ($search_method and $crit) {
        $crit_escaped = doSlash($crit);
        $critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'title_body_excerpt' => "Title rlike '{$crit_escaped}' or Body rlike '{$crit_escaped}' or Excerpt rlike '{$crit_escaped}'", 'section' => "Section rlike '{$crit_escaped}'", 'keywords' => "FIND_IN_SET('" . $crit_escaped . "',Keywords)", 'categories' => "Category1 rlike '{$crit_escaped}' or Category2 rlike '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID rlike '{$crit_escaped}'", 'article_image' => "Image in ('" . join("','", do_list($crit_escaped)) . "')", 'posted' => "Posted like '{$crit_escaped}%'", 'lastmod' => "LastMod like '{$crit_escaped}%'");
        if (array_key_exists($search_method, $critsql)) {
            $criteria = $critsql[$search_method];
            $limit = 500;
        } else {
            $search_method = '';
            $crit = '';
        }
    } else {
        $search_method = '';
        $crit = '';
    }
    $total = safe_count('textpattern', "{$criteria}");
    if ($total < 1) {
        if ($criteria != 1) {
            echo n . list_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"');
        } else {
            echo graf(gTxt('no_articles_recorded'), ' class="indicator"');
        }
        return;
    }
    $limit = max($article_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo n . list_search_form($crit, $search_method);
    $rs = safe_rows_start('*, unix_timestamp(Posted) as posted, unix_timestamp(LastMod) as lastmod, unix_timestamp(Expires) as expires', 'textpattern', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
    if ($rs) {
        $total_comments = array();
        // fetch true comment count, not the public comment count
        // maybe we should have another row in the db?
        $rs2 = safe_rows_start('parentid, count(*) as num', 'txp_discuss', "1 group by parentid order by parentid");
        if ($rs2) {
            while ($a = nextRow($rs2)) {
                $pid = $a['parentid'];
                $num = $a['num'];
                $total_comments[$pid] = $num;
            }
        }
        echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '90%') . n . tr(n . column_head('ID', 'id', 'list', true, $switch_dir, $crit, $search_method, 'id' == $sort ? $dir : '') . column_head('posted', 'posted', 'list', true, $switch_dir, $crit, $search_method, 'posted' == $sort ? $dir : '') . column_head('article_modified', 'lastmod', 'list', true, $switch_dir, $crit, $search_method, ('lastmod' == $sort ? "{$dir} " : '') . 'articles_detail') . column_head('expires', 'expires', 'list', true, $switch_dir, $crit, $search_method, ('expires' == $sort ? "{$dir} " : '') . 'articles_detail') . column_head('title', 'title', 'list', true, $switch_dir, $crit, $search_method, 'title' == $sort ? $dir : '') . column_head('section', 'section', 'list', true, $switch_dir, $crit, $search_method, 'section' == $sort ? $dir : '') . column_head('category1', 'category1', 'list', true, $switch_dir, $crit, $search_method, ('category1' == $sort ? "{$dir} " : '') . 'articles_detail') . column_head('category2', 'category2', 'list', true, $switch_dir, $crit, $search_method, ('category2' == $sort ? "{$dir} " : '') . 'articles_detail') . column_head('status', 'status', 'list', true, $switch_dir, $crit, $search_method, 'status' == $sort ? $dir : '') . column_head('author', 'author', 'list', true, $switch_dir, $crit, $search_method, 'author' == $sort ? $dir : '') . column_head('comments', 'comments', 'list', true, $switch_dir, $crit, $search_method, ('comments' == $sort ? "{$dir} " : '') . 'articles_detail') . hCell());
        include_once txpath . '/publish/taghandlers.php';
        while ($a = nextRow($rs)) {
            extract($a);
            if (empty($Title)) {
                $Title = '<em>' . eLink('article', 'edit', 'ID', $ID, gTxt('untitled')) . '</em>';
            } else {
                $Title = eLink('article', 'edit', 'ID', $ID, $Title);
            }
            $Category1 = $Category1 ? '<span title="' . htmlspecialchars(fetch_category_title($Category1)) . '">' . $Category1 . '</span>' : '';
            $Category2 = $Category2 ? '<span title="' . htmlspecialchars(fetch_category_title($Category2)) . '">' . $Category2 . '</span>' : '';
            $view_url = permlinkurl($a);
            if ($Status != 4 and $Status != 5) {
                $view_url .= (strpos($view_url, '?') === FALSE ? '?' : '&amp;') . 'txpreview=' . intval($ID) . '.' . time();
            }
            $manage = n . '<ul class="articles_detail">' . n . t . '<li>' . eLink('article', 'edit', 'ID', $ID, gTxt('edit')) . '</li>' . n . t . '<li><a href="' . $view_url . '" class="article-view">' . gTxt('view') . '</a></li>' . n . '</ul>';
            $Status = !empty($Status) ? $statuses[$Status] : '';
            $comments = gTxt('none');
            if (isset($total_comments[$ID]) and $total_comments[$ID] > 0) {
                $comments = href(gTxt('manage'), 'index.php?event=discuss' . a . 'step=list' . a . 'search_method=parent' . a . 'crit=' . $ID) . ' (' . $total_comments[$ID] . ')';
            }
            $comment_status = $Annotate ? gTxt('on') : gTxt('off');
            if ($comments_disabled_after) {
                $lifespan = $comments_disabled_after * 86400;
                $time_since = time() - $posted;
                if ($time_since > $lifespan) {
                    $comment_status = gTxt('expired');
                }
            }
            $comments = n . '<ul>' . n . t . '<li>' . $comment_status . '</li>' . n . t . '<li>' . $comments . '</li>' . n . '</ul>';
            echo n . n . tr(n . td(eLink('article', 'edit', 'ID', $ID, $ID) . $manage) . td(gTime($posted), '', $posted < time() ? '' : 'unpublished') . td(gTime($lastmod), '', "articles_detail") . td($expires ? gTime($expires) : '', '', 'articles_detail') . td($Title) . td('<span title="' . htmlspecialchars(fetch_section_title($Section)) . '">' . $Section . '</span>', 75) . td($Category1, 100, "articles_detail") . td($Category2, 100, "articles_detail") . td($a['Status'] < 4 ? $Status : '<a href="' . permlinkurl($a) . '">' . $Status . '</a>', 50) . td('<span title="' . htmlspecialchars(get_author_name($AuthorID)) . '">' . htmlspecialchars($AuthorID) . '</span>') . td($comments, 50, "articles_detail") . td(($a['Status'] >= 4 and has_privs('article.edit.published') or $a['Status'] >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $a['Status'] < 4 and has_privs('article.edit') or $a['Status'] < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) ? fInput('checkbox', 'selected[]', $ID) : '&nbsp;'));
        }
        echo n . n . tr(tda(toggle_box('articles_detail'), ' colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . list_multiedit_form($page, $sort, $dir, $crit, $search_method), ' colspan="9" style="text-align: right; border: none;"')) . n . endTable() . n . '</form>' . n . nav_form('list', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . pageby_form('list', $article_list_pageby);
    }
}
示例#20
0
function file_list($message = '')
{
    global $file_base_path, $file_statuses, $file_list_pageby, $txp_user, $event;
    pagetop(gTxt('tab_file'), $message);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if ($sort === '') {
        $sort = get_pref('file_sort_column', 'filename');
    }
    if ($dir === '') {
        $dir = get_pref('file_sort_dir', 'asc');
    }
    if ($dir === 'desc') {
        $dir = 'desc';
    } else {
        $dir = 'asc';
    }
    echo hed(gTxt('tab_file'), 1, array('class' => 'txp-heading')) . n . tag_start('div', array('id' => $event . '_control', 'class' => 'txp-control-panel'));
    if (!is_dir($file_base_path) || !is_writeable($file_base_path)) {
        echo graf(span(null, array('class' => 'ui-icon ui-icon-alert')) . ' ' . gTxt('file_dir_not_writeable', array('{filedir}' => $file_base_path)), array('class' => 'alert-block warning'));
    } elseif (has_privs('file.edit.own')) {
        $existing_files = get_filenames();
        if ($existing_files) {
            echo form(eInput('file') . sInput('file_create') . graf(tag(gTxt('existing_file'), 'label', array('for' => 'file-existing')) . sp . selectInput('filename', $existing_files, '', 1, '', 'file-existing') . sp . fInput('submit', '', gTxt('Create')), array('class' => 'existing-file')), '', '', 'post', '', '', 'assign_file');
        }
        echo file_upload_form(gTxt('upload_file'), 'upload', 'file_insert');
    }
    switch ($sort) {
        case 'id':
            $sort_sql = 'txp_file.id ' . $dir;
            break;
        case 'description':
            $sort_sql = 'txp_file.description ' . $dir . ', txp_file.filename desc';
            break;
        case 'category':
            $sort_sql = 'txp_category.title ' . $dir . ', txp_file.filename desc';
            break;
        case 'title':
            $sort_sql = 'txp_file.title ' . $dir . ', txp_file.filename desc';
            break;
        case 'downloads':
            $sort_sql = 'txp_file.downloads ' . $dir . ', txp_file.filename desc';
            break;
        case 'author':
            $sort_sql = 'txp_users.RealName ' . $dir . ', txp_file.id asc';
            break;
        default:
            $sort = 'filename';
            $sort_sql = 'txp_file.filename ' . $dir;
            break;
    }
    set_pref('file_sort_column', $sort, 'file', PREF_HIDDEN, '', 0, PREF_PRIVATE);
    set_pref('file_sort_dir', $dir, 'file', PREF_HIDDEN, '', 0, PREF_PRIVATE);
    if ($dir == 'desc') {
        $switch_dir = 'asc';
    } else {
        $switch_dir = 'desc';
    }
    $criteria = 1;
    if ($search_method && $crit !== '') {
        $verbatim = preg_match('/^"(.*)"$/', $crit, $m);
        $crit_escaped = $verbatim ? doSlash($m[1]) : doLike($crit);
        $critsql = $verbatim ? array('id' => "txp_file.id in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "txp_file.filename = '{$crit_escaped}'", 'title' => "txp_file.title = '{$crit_escaped}'", 'description' => "txp_file.description = '{$crit_escaped}'", 'category' => "txp_file.category = '{$crit_escaped}' or txp_category.title = '{$crit_escaped}'", 'author' => "txp_file.author = '{$crit_escaped}' or txp_users.RealName = '{$crit_escaped}'") : array('id' => "txp_file.id in ('" . join("','", do_list($crit_escaped)) . "')", 'filename' => "txp_file.filename like '%{$crit_escaped}%'", 'title' => "txp_file.title like '%{$crit_escaped}%'", 'description' => "txp_file.description like '%{$crit_escaped}%'", 'category' => "txp_file.category like '%{$crit_escaped}%' or txp_category.title like '%{$crit_escaped}%'", 'author' => "txp_file.author like '%{$crit_escaped}%' or txp_users.RealName like '%{$crit_escaped}%'");
        if (array_key_exists($search_method, $critsql)) {
            $criteria = $critsql[$search_method];
            $limit = 500;
        } else {
            $search_method = '';
            $crit = '';
        }
    } else {
        $search_method = '';
        $crit = '';
    }
    $criteria .= callback_event('admin_criteria', 'file_list', 0, $criteria);
    $sql_from = safe_pfx_j('txp_file') . "\n        left join " . safe_pfx_j('txp_category') . " on txp_category.name = txp_file.category and txp_category.type = 'file'\n        left join " . safe_pfx_j('txp_users') . " on txp_users.name = txp_file.author";
    if ($criteria === 1) {
        $total = safe_count('txp_file', $criteria);
    } else {
        $total = getThing('select count(*) from ' . $sql_from . ' where ' . $criteria);
    }
    if ($total < 1) {
        if ($criteria != 1) {
            echo file_search_form($crit, $search_method) . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
        } else {
            echo graf(gTxt('no_files_recorded'), ' class="indicator"') . '</div>';
        }
        return;
    }
    $limit = max($file_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo file_search_form($crit, $search_method) . '</div>';
    $rs = safe_query("select\n            txp_file.id,\n            txp_file.filename,\n            txp_file.title,\n            txp_file.category,\n            txp_file.description,\n            txp_file.downloads,\n            txp_file.status,\n            txp_file.author,\n            txp_users.RealName as realname,\n            txp_category.Title as category_title\n        from {$sql_from} where {$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
    if ($rs && numRows($rs)) {
        $show_authors = !has_single_author('txp_file');
        echo n . tag_start('div', array('id' => $event . '_container', 'class' => 'txp-container')) . n . tag_start('form', array('action' => 'index.php', 'id' => 'files_form', 'class' => 'multi_edit_form', 'method' => 'post', 'name' => 'longform')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' scope="col" title="' . gTxt('toggle_all_selected') . '" class="txp-list-col-multi-edit"') . column_head('ID', 'id', 'file', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'txp-list-col-id') . column_head('file_name', 'filename', 'file', true, $switch_dir, $crit, $search_method, ('filename' == $sort ? "{$dir} " : '') . 'txp-list-col-filename') . column_head('title', 'title', 'file', true, $switch_dir, $crit, $search_method, ('title' == $sort ? "{$dir} " : '') . 'txp-list-col-title') . column_head('description', 'description', 'file', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'txp-list-col-description files_detail') . column_head('file_category', 'category', 'file', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'txp-list-col-category category') . hCell(gTxt('tags'), '', ' scope="col" class="txp-list-col-tag-build files_detail"') . hCell(gTxt('status'), '', ' scope="col" class="txp-list-col-status"') . hCell(gTxt('condition'), '', ' scope="col" class="txp-list-col-condition"') . column_head('downloads', 'downloads', 'file', true, $switch_dir, $crit, $search_method, ('downloads' == $sort ? "{$dir} " : '') . 'txp-list-col-downloads') . ($show_authors ? column_head('author', 'author', 'file', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'txp-list-col-author name') : '')) . n . tag_end('thead') . n . tag_start('tbody');
        $validator = new Validator();
        while ($a = nextRow($rs)) {
            extract($a);
            $filename = sanitizeForFile($filename);
            $edit_url = array('event' => 'file', 'step' => 'file_edit', 'id' => $id, 'sort' => $sort, 'dir' => $dir, 'page' => $page, 'search_method' => $search_method, 'crit' => $crit);
            $tag_url = array('event' => 'tag', 'tag_name' => 'file_download_link', 'id' => $id, 'description' => $description, 'filename' => $filename);
            $file_exists = file_exists(build_file_path($file_base_path, $filename));
            $can_edit = has_privs('file.edit') || $author === $txp_user && has_privs('file.edit.own');
            $validator->setConstraints(array(new CategoryConstraint($category, array('type' => 'file'))));
            if ($validator->validate()) {
                $vc = '';
            } else {
                $vc = ' error';
            }
            if ($file_exists) {
                $downloads = make_download_link($id, $downloads, $filename);
                $condition = span(gTxt('file_status_ok'), array('class' => 'success'));
            } else {
                $condition = span(gTxt('file_status_missing'), array('class' => 'error'));
            }
            if ($category) {
                $category = span(txpspecialchars($category_title), array('title' => $category));
            }
            if ($can_edit) {
                $name = href(txpspecialchars($filename), $edit_url, array('title' => gTxt('edit')));
            } else {
                $name = txpspecialchars($filename);
            }
            if ($can_edit) {
                $id_column = href($id, $edit_url, array('title' => gTxt('edit')));
                $multi_edit = fInput('checkbox', 'selected[]', $id);
            } else {
                $id_column = $id;
                $multi_edit = '';
            }
            if ($file_exists) {
                $id_column .= sp . span('[', array('aria-hidden' => 'true')) . make_download_link($id, gTxt('download'), $filename) . span(']', array('aria-hidden' => 'true'));
            }
            if (isset($file_statuses[$status])) {
                $status = $file_statuses[$status];
            } else {
                $status = span(gTxt('none'), array('class' => 'error'));
            }
            echo tr(td($multi_edit, '', 'txp-list-col-multi-edit') . hCell($id_column, '', array('scope' => 'row', 'class' => 'txp-list-col-id')) . td($name, '', 'txp-list-col-filename') . td(txpspecialchars($title), '', 'txp-list-col-title') . td(txpspecialchars($description), '', 'txp-list-col-description files_detail') . td($category, '', 'txp-list-col-category category' . $vc) . td(href('Textile', $tag_url + array('type' => 'textile'), ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('&#124;', array('role' => 'separator')) . sp . href('Textpattern', $tag_url + array('type' => 'textpattern'), ' target="_blank" onclick="popWin(this.href); return false;"') . sp . span('&#124;', array('role' => 'separator')) . sp . href('HTML', $tag_url + array('type' => 'html'), ' target="_blank" onclick="popWin(this.href); return false;"'), '', 'txp-list-col-tag-build files_detail') . td($status, '', 'txp-list-col-status') . td($condition, '', 'txp-list-col-condition') . td($downloads, '', 'txp-list-col-downloads') . ($show_authors ? td(span(txpspecialchars($realname), array('title' => $author)), '', 'txp-list-col-author name') : ''));
        }
        echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . file_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . graf(toggle_box('files_detail'), array('class' => 'detail-toggle')) . n . tag_start('div', array('id' => $event . '_navigation', 'class' => 'txp-navigation')) . pageby_form('file', $file_list_pageby) . nav_form('file', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div') . n . tag_end('div');
    }
}
示例#21
0
function link_list($message = '')
{
    global $event, $step, $link_list_pageby, $txp_user;
    pagetop(gTxt('tab_link'), $message);
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if ($sort === '') {
        $sort = get_pref('link_sort_column', 'name');
    }
    if ($dir === '') {
        $dir = get_pref('link_sort_dir', 'asc');
    }
    $dir = $dir == 'desc' ? 'desc' : 'asc';
    switch ($sort) {
        case 'id':
            $sort_sql = 'id ' . $dir;
            break;
        case 'description':
            $sort_sql = 'description ' . $dir . ', id asc';
            break;
        case 'url':
            $sort_sql = 'url ' . $dir . ', id asc';
            break;
        case 'category':
            $sort_sql = 'category ' . $dir . ', id asc';
            break;
        case 'date':
            $sort_sql = 'date ' . $dir . ', id asc';
            break;
        case 'author':
            $sort_sql = 'author ' . $dir . ', id asc';
            break;
        default:
            $sort = 'name';
            $sort_sql = 'linksort ' . $dir . ', id asc';
            break;
    }
    set_pref('link_sort_column', $sort, 'link', 2, '', 0, PREF_PRIVATE);
    set_pref('link_sort_dir', $dir, 'link', 2, '', 0, PREF_PRIVATE);
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $criteria = 1;
    if ($search_method and $crit != '') {
        $verbatim = preg_match('/^"(.*)"$/', $crit, $m);
        $crit_escaped = doSlash($verbatim ? $m[1] : str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
        $critsql = $verbatim ? array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname = '{$crit_escaped}'", 'description' => "description = '{$crit_escaped}'", 'url' => "url = '{$crit_escaped}'", 'category' => "category = '{$crit_escaped}'", 'author' => "author = '{$crit_escaped}'") : array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'url' => "url like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'");
        if (array_key_exists($search_method, $critsql)) {
            $criteria = $critsql[$search_method];
        } else {
            $search_method = '';
            $crit = '';
        }
    } else {
        $search_method = '';
        $crit = '';
    }
    $criteria .= callback_event('admin_criteria', 'link_list', 0, $criteria);
    $total = getCount('txp_link', $criteria);
    echo '<h1 class="txp-heading">' . gTxt('tab_link') . '</h1>';
    echo '<div id="' . $event . '_control" class="txp-control-panel">';
    if (has_privs('link.edit')) {
        echo graf(sLink('link', 'link_edit', gTxt('add_new_link')), ' class="txp-buttons"');
    }
    if ($total < 1) {
        if ($criteria != 1) {
            echo n . link_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
        } else {
            echo n . graf(gTxt('no_links_recorded'), ' class="indicator"') . '</div>';
        }
        return;
    }
    $limit = max($link_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo link_search_form($crit, $search_method) . '</div>';
    $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_link', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
    if ($rs) {
        $show_authors = !has_single_author('txp_link');
        echo n . '<div id="' . $event . '_container" class="txp-container">';
        echo n . n . '<form action="index.php" id="links_form" class="multi_edit_form" method="post" name="longform">', n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . n . tr(n . hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') . n . column_head('ID', 'id', 'link', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . n . column_head('link_name', 'name', 'link', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . n . column_head('description', 'description', 'link', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'links_detail description') . n . column_head('link_category', 'category', 'link', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . n . column_head('url', 'url', 'link', true, $switch_dir, $crit, $search_method, ('url' == $sort ? "{$dir} " : '') . 'url') . n . column_head('date', 'date', 'link', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'links_detail date created') . ($show_authors ? n . column_head('author', 'author', 'link', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '')) . n . '</thead>';
        echo '<tbody>';
        $validator = new Validator();
        while ($a = nextRow($rs)) {
            extract($a, EXTR_PREFIX_ALL, 'link');
            $edit_url = '?event=link' . a . 'step=link_edit' . a . 'id=' . $link_id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
            $validator->setConstraints(array(new CategoryConstraint($link_category, array('type' => 'link'))));
            $vc = $validator->validate() ? '' : ' error';
            $can_edit = has_privs('link.edit') || $link_author == $txp_user && has_privs('link.edit.own');
            $view_url = txpspecialchars($link_url);
            echo tr(n . td(fInput('checkbox', 'selected[]', $link_id), '', 'multi-edit') . n . td($can_edit ? href($link_id, $edit_url, ' title="' . gTxt('edit') . '"') : $link_id, '', 'id') . td($can_edit ? href(txpspecialchars($link_linkname), $edit_url, ' title="' . gTxt('edit') . '"') : txpspecialchars($link_linkname), '', 'name') . td(txpspecialchars($link_description), '', 'links_detail description') . td('<span title="' . txpspecialchars(fetch_category_title($link_category, 'link')) . '">' . $link_category . '</span>', '', 'category' . $vc) . td('<a rel="external" target="_blank" href="' . $view_url . '">' . $view_url . '</a>', '', 'url') . td(gTime($link_uDate), '', 'links_detail date created') . ($show_authors ? td('<span title="' . txpspecialchars(get_author_name($link_author)) . '">' . txpspecialchars($link_author) . '</span>', '', 'author') : ''));
        }
        echo '</tbody>', n, endTable(), n, '</div>', n, link_multiedit_form($page, $sort, $dir, $crit, $search_method), n, tInput(), n, '</form>', n, graf(toggle_box('links_detail'), ' class="detail-toggle"'), n, '<div id="' . $event . '_navigation" class="txp-navigation">', n, nav_form('link', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit), n, pageby_form('link', $link_list_pageby), n, '</div>', n, '</div>';
    }
}
示例#22
0
function link_list($message = '')
{
    global $event, $step, $link_list_pageby, $txp_user;
    extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
    if ($sort === '') {
        $sort = get_pref('link_sort_column', 'name');
    }
    if ($dir === '') {
        $dir = get_pref('link_sort_dir', 'asc');
    }
    $dir = $dir == 'desc' ? 'desc' : 'asc';
    switch ($sort) {
        case 'id':
            $sort_sql = 'id ' . $dir;
            break;
        case 'description':
            $sort_sql = 'description ' . $dir . ', id asc';
            break;
        case 'category':
            $sort_sql = 'category ' . $dir . ', id asc';
            break;
        case 'date':
            $sort_sql = 'date ' . $dir . ', id asc';
            break;
        case 'author':
            $sort_sql = 'author ' . $dir . ', id asc';
            break;
        default:
            $sort = 'name';
            $sort_sql = 'linksort ' . $dir . ', id asc';
            break;
    }
    set_pref('link_sort_column', $sort, 'link', 2, '', 0, PREF_PRIVATE);
    set_pref('link_sort_dir', $dir, 'link', 2, '', 0, PREF_PRIVATE);
    $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
    $criteria = 1;
    if ($search_method and $crit) {
        $crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
        $critsql = array('id' => "ID in ('" . join("','", do_list($crit_escaped)) . "')", 'name' => "linkname like '%{$crit_escaped}%'", 'description' => "description like '%{$crit_escaped}%'", 'category' => "category like '%{$crit_escaped}%'", 'author' => "author like '%{$crit_escaped}%'");
        if (array_key_exists($search_method, $critsql)) {
            $criteria = $critsql[$search_method];
        } else {
            $search_method = '';
            $crit = '';
        }
    } else {
        $search_method = '';
        $crit = '';
    }
    $total = getCount('txp_link', $criteria);
    echo '<div id="' . $event . '_control" class="txp-control-panel">';
    if ($total < 1) {
        if ($criteria != 1) {
            echo n . link_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
        } else {
            echo n . graf(gTxt('no_links_recorded'), ' class="indicator"') . '</div>';
        }
        return;
    }
    $limit = max($link_list_pageby, 15);
    list($page, $offset, $numPages) = pager($total, $limit, $page);
    echo link_search_form($crit, $search_method) . '</div>';
    $rs = safe_rows_start('*, unix_timestamp(date) as uDate', 'txp_link', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
    if ($rs) {
        $show_authors = !has_single_author('txp_link');
        echo n . '<div class="txp-list">';
        echo n . n . '<form action="index.php" id="links_form" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list', '', 'list') . n . '<thead>' . n . tr(column_head('ID', 'id', 'link', true, $switch_dir, $crit, $search_method, ('id' == $sort ? "{$dir} " : '') . 'id') . hCell('', '', ' class="actions"') . column_head('link_name', 'name', 'link', true, $switch_dir, $crit, $search_method, ('name' == $sort ? "{$dir} " : '') . 'name') . column_head('description', 'description', 'link', true, $switch_dir, $crit, $search_method, ('description' == $sort ? "{$dir} " : '') . 'description') . column_head('link_category', 'category', 'link', true, $switch_dir, $crit, $search_method, ('category' == $sort ? "{$dir} " : '') . 'category') . column_head('date', 'date', 'link', true, $switch_dir, $crit, $search_method, ('date' == $sort ? "{$dir} " : '') . 'date created') . ($show_authors ? column_head('author', 'author', 'link', true, $switch_dir, $crit, $search_method, ('author' == $sort ? "{$dir} " : '') . 'author') : '') . hCell('', '', ' class="multi-edit"')) . n . '</thead>';
        $tfoot = n . '<tfoot>' . tr(tda(select_buttons() . link_multiedit_form($page, $sort, $dir, $crit, $search_method), ' class="multi-edit" colspan="' . ($show_authors ? '8' : '7') . '" style="text-align: right; border: none;"')) . n . '</tfoot>';
        echo $tfoot;
        echo '<tbody>';
        $ctr = 1;
        while ($a = nextRow($rs)) {
            extract($a);
            $edit_url = '?event=link' . a . 'step=link_edit' . a . 'id=' . $id . a . 'sort=' . $sort . a . 'dir=' . $dir . a . 'page=' . $page . a . 'search_method=' . $search_method . a . 'crit=' . $crit;
            $can_edit = has_privs('link.edit') || $author == $txp_user && has_privs('link.edit.own');
            echo tr(n . td($id, 20, 'id') . td(n . '<ul>' . ($can_edit ? n . t . '<li class="action-edit">' . href(gTxt('edit'), $edit_url) . '</li>' : '') . n . t . '<li class="action-view">' . href(gTxt('view'), $url) . '</li>' . n . '</ul>', 35, 'actions') . td($can_edit ? href($linkname, $edit_url) : $linkname, 125, 'name') . td(htmlspecialchars($description), 150, 'description') . td('<span title="' . htmlspecialchars(fetch_category_title($category, 'link')) . '">' . $category . '</span>', 125, 'category') . td(gTime($uDate), 75, 'date created') . ($show_authors ? td('<span title="' . htmlspecialchars(get_author_name($author)) . '">' . htmlspecialchars($author) . '</span>', '', 'author') : '') . td(fInput('checkbox', 'selected[]', $id), '', 'multi-edit'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"');
            $ctr++;
        }
        echo '</tbody>' . n . endTable() . n . '</form>' . n . '<div id="' . $event . '_navigation" class="txp-navigation">' . n . nav_form('link', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . pageby_form('link', $link_list_pageby) . n . '</div>' . n . '</div>';
    }
}
示例#23
0
/**
 * The main author list.
 *
 * @param string|array $message The activity message
 */
function author_list($message = '')
{
    global $txp_user, $author_list_pageby;
    pagetop(gTxt('tab_site_admin'), $message);
    if (is_disabled('mail')) {
        echo graf(span(null, array('class' => 'ui-icon ui-icon-alert')) . ' ' . gTxt('warn_mail_unavailable'), array('class' => 'alert-block warning'));
    }
    echo hed(gTxt('tab_site_admin'), 1, array('class' => 'txp-heading'));
    echo n . '<div id="users_control" class="txp-control-panel">';
    $buttons = array();
    // Change password button.
    $buttons[] = sLink('admin', 'new_pass_form', gTxt('change_password'));
    if (!has_privs('admin.edit')) {
        // Change email address button.
        $buttons[] = sLink('admin', 'change_email_form', gTxt('change_email_address'));
    } else {
        // New author button.
        $buttons[] = sLink('admin', 'author_edit', gTxt('add_new_author'));
    }
    echo graf(join(n, $buttons), array('class' => 'txp-buttons'));
    // User list.
    if (has_privs('admin.list')) {
        extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
        if ($sort === '') {
            $sort = get_pref('admin_sort_column', 'name');
        }
        if ($dir === '') {
            $dir = get_pref('admin_sort_dir', 'asc');
        }
        $dir = $dir == 'desc' ? 'desc' : 'asc';
        if (!in_array($sort, array('name', 'RealName', 'email', 'privs', 'last_login'))) {
            $sort = 'name';
        }
        $sort_sql = $sort . ' ' . $dir;
        set_pref('admin_sort_column', $sort, 'admin', 2, '', 0, PREF_PRIVATE);
        set_pref('admin_sort_dir', $dir, 'admin', 2, '', 0, PREF_PRIVATE);
        $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
        $criteria = 1;
        if ($search_method and $crit != '') {
            $verbatim = preg_match('/^"(.*)"$/', $crit, $m);
            $crit_escaped = $verbatim ? doSlash($m[1]) : doLike($crit);
            $critsql = $verbatim ? array('id' => "user_id in ('" . join("','", do_list($crit_escaped)) . "')", 'login' => "name = '{$crit_escaped}'", 'real_name' => "RealName = '{$crit_escaped}'", 'email' => "email = '{$crit_escaped}'", 'privs' => "convert(privs, char) in ('" . join("','", do_list($crit_escaped)) . "')") : array('id' => "user_id in ('" . join("','", do_list($crit_escaped)) . "')", 'login' => "name like '%{$crit_escaped}%'", 'real_name' => "RealName like '%{$crit_escaped}%'", 'email' => "email like '%{$crit_escaped}%'", 'privs' => "convert(privs, char) in ('" . join("','", do_list($crit_escaped)) . "')");
            if (array_key_exists($search_method, $critsql)) {
                $criteria = $critsql[$search_method];
            } else {
                $search_method = '';
                $crit = '';
            }
        } else {
            $search_method = '';
            $crit = '';
        }
        $criteria .= callback_event('admin_criteria', 'author_list', 0, $criteria);
        $total = getCount('txp_users', $criteria);
        if ($total < 1) {
            if ($criteria != 1) {
                echo n . author_search_form($crit, $search_method) . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
            }
            return;
        }
        $limit = max($author_list_pageby, 15);
        list($page, $offset, $numPages) = pager($total, $limit, $page);
        $use_multi_edit = has_privs('admin.edit') && safe_count('txp_users', '1=1') > 1;
        echo author_search_form($crit, $search_method) . '</div>';
        $rs = safe_rows_start('*, unix_timestamp(last_access) as last_login', 'txp_users', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
        if ($rs) {
            echo n . tag_start('div', array('id' => 'users_container', 'class' => 'txp-container')) . n . tag_start('form', array('action' => 'index.php', 'id' => 'users_form', 'class' => 'multi_edit_form', 'method' => 'post', 'name' => 'longform')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(($use_multi_edit ? hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' scope="col" title="' . gTxt('toggle_all_selected') . '" class="txp-list-col-multi-edit"') : hCell('', '', ' scope="col" class="txp-list-col-multi-edit"')) . column_head('login_name', 'name', 'admin', true, $switch_dir, '', '', ('name' == $sort ? "{$dir} " : '') . 'txp-list-col-login-name name') . column_head('real_name', 'RealName', 'admin', true, $switch_dir, '', '', ('RealName' == $sort ? "{$dir} " : '') . 'txp-list-col-real-name name') . column_head('email', 'email', 'admin', true, $switch_dir, '', '', ('email' == $sort ? "{$dir} " : '') . 'txp-list-col-email') . column_head('privileges', 'privs', 'admin', true, $switch_dir, '', '', ('privs' == $sort ? "{$dir} " : '') . 'txp-list-col-privs') . column_head('last_login', 'last_login', 'admin', true, $switch_dir, '', '', ('last_login' == $sort ? "{$dir} " : '') . 'txp-list-col-last-login date')) . n . tag_end('thead') . n . tag_start('tbody');
            while ($a = nextRow($rs)) {
                extract(doSpecial($a));
                echo tr(td((has_privs('admin.edit') and $txp_user != $a['name']) ? fInput('checkbox', 'selected[]', $a['name'], 'checkbox') : '', '', 'txp-list-col-multi-edit') . hCell(has_privs('admin.edit') ? eLink('admin', 'author_edit', 'user_id', $user_id, $name) : $name, '', ' scope="row" class="txp-list-col-login-name name"') . td($RealName, '', 'txp-list-col-real-name name') . td(href($email, 'mailto:' . $email), '', 'txp-list-col-email') . td(get_priv_level($privs), '', 'txp-list-col-privs') . td($last_login ? safe_strftime('%b&#160;%Y', $last_login) : '', '', 'txp-list-col-last-login date'));
            }
            echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . ($use_multi_edit ? author_multiedit_form($page, $sort, $dir, $crit, $search_method) : '') . tInput() . n . tag_end('form') . n . tag_start('div', array('id' => 'users_navigation', 'class' => 'txp-navigation')) . pageby_form('admin', $author_list_pageby) . nav_form('admin', $page, $numPages, $sort, $dir, $crit, $search_method) . n . tag_end('div') . n . tag_end('div');
        }
    } else {
        echo n . tag_end('div');
    }
}
				}
			break;
			}
		return xmlhttp;
		}
	
</SCRIPT>
<?php 
    } else {
        ?>
		
<SCRIPT>
	function do_notify() {
//		alert(414);
		return;
		}			// end function do notify()
</SCRIPT>
<?php 
        //	print __LINE__;
    }
    $unit_id = array_key_exists('unit_id', $_GET) ? $_GET['unit_id'] : "";
    $capabilities = array_key_exists('capabilities', $_GET) ? stripslashes(trim(str_replace('/', '|', $_GET['capabilities']))) : "";
    // 11/18/10
    $searchtype = array_key_exists('searchtype', $_GET) ? $_GET['searchtype'] : "OR";
    // 11/18/10
    print $capabilities;
    print do_list($unit_id, $capabilities, $searchtype);
    // 11/18/10
    print "</HTML> \n";
}
// end if/else !empty($---)
示例#25
0
function rss()
{
    global $prefs, $thisarticle;
    set_error_handler('feedErrorHandler');
    ob_clean();
    extract($prefs);
    extract(doSlash(gpsa(array('limit', 'area'))));
    // build filter criteria from a comma-separated list of sections and categories
    $feed_filter_limit = get_pref('feed_filter_limit', 10);
    $section = gps('section');
    $category = gps('category');
    if (!is_scalar($section) || !is_scalar($category)) {
        txp_die('Not Found', 404);
    }
    $section = $section ? array_slice(array_unique(do_list($section)), 0, $feed_filter_limit) : array();
    $category = $category ? array_slice(array_unique(do_list($category)), 0, $feed_filter_limit) : array();
    $st = array();
    foreach ($section as $s) {
        $st[] = fetch_section_title($s);
    }
    $ct = array();
    foreach ($category as $c) {
        $ct[] = fetch_category_title($c);
    }
    $sitename .= $section ? ' - ' . join(' - ', $st) : '';
    $sitename .= $category ? ' - ' . join(' - ', $ct) : '';
    $dn = explode('/', $siteurl);
    $mail_or_domain = $use_mail_on_feeds_id ? eE($blog_mail_uid) : $dn[0];
    // feed header
    $out[] = tag('http://textpattern.com/?v=' . $version, 'generator');
    $out[] = tag(doSpecial($sitename), 'title');
    $out[] = tag(hu, 'link');
    $out[] = '<atom:link href="' . pagelinkurl(array('rss' => 1, 'area' => $area, 'section' => $section, 'category' => $category, 'limit' => $limit)) . '" rel="self" type="application/rss+xml" />';
    $out[] = tag(doSpecial($site_slogan), 'description');
    $last = fetch('unix_timestamp(val)', 'txp_prefs', 'name', 'lastmod');
    $out[] = tag(safe_strftime('rfc822', $last), 'pubDate');
    $out[] = callback_event('rss_head');
    // feed items
    $articles = array();
    $section = doSlash($section);
    $category = doSlash($category);
    if (!$area or $area == 'article') {
        $sfilter = !empty($section) ? "and Section in ('" . join("','", $section) . "')" : '';
        $cfilter = !empty($category) ? "and (Category1 in ('" . join("','", $category) . "') or Category2 in ('" . join("','", $category) . "'))" : '';
        $limit = $limit ? $limit : $rss_how_many;
        $limit = intval(min($limit, max(100, $rss_how_many)));
        $frs = safe_column("name", "txp_section", "in_rss != '1'");
        if ($frs) {
            foreach ($frs as $f) {
                $query[] = "and Section != '" . doSlash($f) . "'";
            }
        }
        $query[] = $sfilter;
        $query[] = $cfilter;
        $expired = $publish_expired_articles ? '' : ' and (now() <= Expires or Expires = ' . NULLDATETIME . ') ';
        $rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted, unix_timestamp(LastMod) as uLastMod, unix_timestamp(Expires) as uExpires, ID as thisid", "textpattern", "Status = 4 " . join(' ', $query) . "and Posted < now()" . $expired . "order by Posted desc limit {$limit}");
        if ($rs) {
            while ($a = nextRow($rs)) {
                extract($a);
                populateArticleData($a);
                $cb = callback_event('rss_entry');
                $a['posted'] = $uPosted;
                $permlink = permlinkurl($a);
                $summary = trim(replace_relative_urls(parse($thisarticle['excerpt']), $permlink));
                $content = trim(replace_relative_urls(parse($thisarticle['body']), $permlink));
                if ($syndicate_body_or_excerpt) {
                    # short feed: use body as summary if there's no excerpt
                    if (!trim($summary)) {
                        $summary = $content;
                    }
                    $content = '';
                }
                if ($show_comment_count_in_feed) {
                    $count = $comments_count > 0 ? ' [' . $comments_count . ']' : '';
                } else {
                    $count = '';
                }
                $Title = escape_title(strip_tags($Title)) . $count;
                $thisauthor = get_author_name($AuthorID);
                $item = tag($Title, 'title') . n . (trim($summary) ? tag(n . escape_cdata($summary) . n, 'description') . n : '') . (trim($content) ? tag(n . escape_cdata($content) . n, 'content:encoded') . n : '') . tag($permlink, 'link') . n . tag(safe_strftime('rfc822', $a['posted']), 'pubDate') . n . tag(htmlspecialchars($thisauthor), 'dc:creator') . n . tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $blog_uid . '/' . $uid, 'guid', ' isPermaLink="false"') . n . $cb;
                $articles[$ID] = tag($item, 'item');
                $etags[$ID] = strtoupper(dechex(crc32($articles[$ID])));
                $dates[$ID] = $uPosted;
            }
        }
    } elseif ($area == 'link') {
        $cfilter = $category ? "category in ('" . join("','", $category) . "')" : '1';
        $limit = $limit ? $limit : $rss_how_many;
        $limit = intval(min($limit, max(100, $rss_how_many)));
        $rs = safe_rows_start("*, unix_timestamp(date) as uDate", "txp_link", "{$cfilter} order by date desc limit {$limit}");
        if ($rs) {
            while ($a = nextRow($rs)) {
                extract($a);
                $item = tag(doSpecial($linkname), 'title') . n . tag(doSpecial($description), 'description') . n . tag(doSpecial($url), 'link') . n . tag(safe_strftime('rfc822', $uDate), 'pubDate');
                $articles[$id] = tag($item, 'item');
                $etags[$id] = strtoupper(dechex(crc32($articles[$id])));
                $dates[$id] = $date;
            }
        }
    }
    if (!$articles) {
        if ($section) {
            if (safe_field('name', 'txp_section', "name in ('" . join("','", $section) . "')") == false) {
                txp_die(gTxt('404_not_found'), '404');
            }
        } elseif ($category) {
            switch ($area) {
                case 'link':
                    if (safe_field('id', 'txp_category', "name = '{$category}' and type = 'link'") == false) {
                        txp_die(gTxt('404_not_found'), '404');
                    }
                    break;
                case 'article':
                default:
                    if (safe_field('id', 'txp_category', "name in ('" . join("','", $category) . "') and type = 'article'") == false) {
                        txp_die(gTxt('404_not_found'), '404');
                    }
                    break;
            }
        }
    } else {
        //turn on compression if we aren't using it already
        if (extension_loaded('zlib') && ini_get("zlib.output_compression") == 0 && ini_get('output_handler') != 'ob_gzhandler' && !headers_sent()) {
            // make sure notices/warnings/errors don't fudge up the feed
            // when compression is used
            $buf = '';
            while ($b = @ob_get_clean()) {
                $buf .= $b;
            }
            @ob_start('ob_gzhandler');
            echo $buf;
        }
        handle_lastmod();
        $hims = serverset('HTTP_IF_MODIFIED_SINCE');
        $imsd = $hims ? strtotime($hims) : 0;
        if (is_callable('apache_request_headers')) {
            $headers = apache_request_headers();
            if (isset($headers["A-IM"])) {
                $canaim = strpos($headers["A-IM"], "feed");
            } else {
                $canaim = false;
            }
        } else {
            $canaim = false;
        }
        $hinm = stripslashes(serverset('HTTP_IF_NONE_MATCH'));
        $cutarticles = false;
        if ($canaim !== false) {
            foreach ($articles as $id => $thing) {
                if (strpos($hinm, $etags[$id]) !== false) {
                    unset($articles[$id]);
                    $cutarticles = true;
                    $cut_etag = true;
                }
                if ($dates[$id] < $imsd) {
                    unset($articles[$id]);
                    $cutarticles = true;
                    $cut_time = true;
                }
            }
        }
        if (isset($cut_etag) && isset($cut_time)) {
            header("Vary: If-None-Match, If-Modified-Since");
        } else {
            if (isset($cut_etag)) {
                header("Vary: If-None-Match");
            } else {
                if (isset($cut_time)) {
                    header("Vary: If-Modified-Since");
                }
            }
        }
        $etag = @join("-", $etags);
        if (strstr($hinm, $etag)) {
            txp_status_header('304 Not Modified');
            exit(0);
        }
        if ($cutarticles) {
            //header("HTTP/1.1 226 IM Used");
            //This should be used as opposed to 200, but Apache doesn't like it.
            //http://intertwingly.net/blog/2004/09/11/Vary-ETag/ says that the status code should be 200.
            header("Cache-Control: no-store, im");
            header("IM: feed");
        }
    }
    $out = array_merge($out, $articles);
    header("Content-Type: application/rss+xml; charset=utf-8");
    if (isset($etag)) {
        header('ETag: "' . $etag . '"');
    }
    return '<?xml version="1.0" encoding="utf-8"?>' . n . '<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:atom="http://www.w3.org/2005/Atom">' . n . tag(join(n, $out), 'channel') . n . '</rss>';
}
示例#26
0
function author_list($message = '')
{
    global $txp_user, $author_list_pageby;
    pagetop(gTxt('tab_site_admin'), $message);
    if (is_disabled('mail')) {
        echo tag(gTxt('warn_mail_unavailable'), 'p', ' class="alert-block warning" ');
    }
    echo '<h1 class="txp-heading">' . gTxt('tab_site_admin') . '</h1>';
    echo '<div id="users_control" class="txp-control-panel">';
    // Change password button
    echo '<p class="txp-buttons">';
    echo sLink('admin', 'new_pass_form', gTxt('change_password'));
    // Change email address button
    if (!has_privs('admin.edit')) {
        echo n . sLink('admin', 'change_email_form', gTxt('change_email_address'));
    }
    // User list
    if (has_privs('admin.list')) {
        extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')));
        if ($sort === '') {
            $sort = get_pref('admin_sort_column', 'name');
        }
        if ($dir === '') {
            $dir = get_pref('admin_sort_dir', 'asc');
        }
        $dir = $dir == 'desc' ? 'desc' : 'asc';
        if (!in_array($sort, array('name', 'RealName', 'email', 'privs', 'last_login'))) {
            $sort = 'name';
        }
        $sort_sql = $sort . ' ' . $dir;
        set_pref('admin_sort_column', $sort, 'admin', 2, '', 0, PREF_PRIVATE);
        set_pref('admin_sort_dir', $dir, 'admin', 2, '', 0, PREF_PRIVATE);
        $switch_dir = $dir == 'desc' ? 'asc' : 'desc';
        $criteria = 1;
        if ($search_method and $crit != '') {
            $crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit));
            $critsql = array('id' => "user_id in ('" . join("','", do_list($crit_escaped)) . "')", 'login' => "name like '%{$crit_escaped}%'", 'real_name' => "RealName like '%{$crit_escaped}%'", 'email' => "email like '%{$crit_escaped}%'", 'privs' => "privs in ('" . join("','", do_list($crit_escaped)) . "')");
            if (array_key_exists($search_method, $critsql)) {
                $criteria = $critsql[$search_method];
            } else {
                $search_method = '';
                $crit = '';
            }
        } else {
            $search_method = '';
            $crit = '';
        }
        $criteria .= callback_event('admin_criteria', 'author_list', 0, $criteria);
        $total = getCount('txp_users', $criteria);
        // New author button
        if (has_privs('admin.edit')) {
            echo n . sLink('admin', 'author_edit', gTxt('add_new_author'));
        }
        echo '</p>';
        // end txp-buttons
        if ($total < 1) {
            if ($criteria != 1) {
                echo n . author_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>';
            }
            return;
        }
        $limit = max($author_list_pageby, 15);
        list($page, $offset, $numPages) = pager($total, $limit, $page);
        $use_multi_edit = has_privs('admin.edit') && safe_count('txp_users', '1=1') > 1;
        echo author_search_form($crit, $search_method) . '</div>';
        $rs = safe_rows_start('*, unix_timestamp(last_access) as last_login', 'txp_users', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}");
        if ($rs) {
            echo n . '<div id="users_container" class="txp-container">';
            echo '<form action="index.php" id="users_form" class="multi_edit_form" method="post" name="longform">' . n . '<div class="txp-listtables">' . n . startTable('', '', 'txp-list') . n . '<thead>' . n . tr(n . ($use_multi_edit ? hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' title="' . gTxt('toggle_all_selected') . '" class="multi-edit"') : hCell('', '', ' class="multi-edit"')) . n . column_head('login_name', 'name', 'admin', true, $switch_dir, '', '', ('name' == $sort ? "{$dir} " : '') . 'name login-name') . n . column_head('real_name', 'RealName', 'admin', true, $switch_dir, '', '', ('RealName' == $sort ? "{$dir} " : '') . 'name real-name') . n . column_head('email', 'email', 'admin', true, $switch_dir, '', '', ('email' == $sort ? "{$dir} " : '') . 'email') . n . column_head('privileges', 'privs', 'admin', true, $switch_dir, '', '', ('privs' == $sort ? "{$dir} " : '') . 'privs') . n . column_head('last_login', 'last_login', 'admin', true, $switch_dir, '', '', ('last_login' == $sort ? "{$dir} " : '') . 'date last-login modified')) . n . '</thead>';
            echo '<tbody>';
            while ($a = nextRow($rs)) {
                extract(doSpecial($a));
                echo tr(td((has_privs('admin.edit') and $txp_user != $a['name']) ? fInput('checkbox', 'selected[]', $a['name'], 'checkbox') : '', '', 'multi-edit') . td(has_privs('admin.edit') ? eLink('admin', 'author_edit', 'user_id', $user_id, $name) : $name, '', 'name login-name') . td($RealName, '', 'name real-name') . td('<a href="mailto:' . $email . '">' . $email . '</a>', '', 'email') . td(get_priv_level($privs), '', 'privs') . td($last_login ? safe_strftime('%b&#160;%Y', $last_login) : '', '', 'date last-login modified'));
            }
            echo '</tbody>', n, endTable(), n, '</div>', n, $use_multi_edit ? author_multiedit_form($page, $sort, $dir, $crit, $search_method) : '', n, tInput(), n, '</form>', n, '<div id="users_navigation" class="txp-navigation">', n, nav_form('admin', $page, $numPages, $sort, $dir, $crit, $search_method), n, pageby_form('admin', $author_list_pageby), n, '</div>', n, '</div>';
        }
    } else {
        echo '</div>';
    }
}
示例#27
0
文件: atom.php 项目: psic/websites
function atom()
{
    global $thisarticle;
    set_error_handler('feedErrorHandler');
    ob_clean();
    extract($GLOBALS['prefs']);
    define("t_texthtml", ' type="text/html"');
    define("t_text", ' type="text"');
    define("t_html", ' type="html"');
    define("t_xhtml", ' type="xhtml"');
    define('t_appxhtml', ' type="xhtml"');
    define("r_relalt", ' rel="alternate"');
    define("r_relself", ' rel="self"');
    $last = fetch('unix_timestamp(val)', 'txp_prefs', 'name', 'lastmod');
    extract(doSlash(gpsa(array('limit', 'area'))));
    // build filter criteria from a comma-separated list of sections and categories
    $feed_filter_limit = get_pref('feed_filter_limit', 10);
    $section = gps('section');
    $section = $section ? array_slice(array_unique(do_list($section)), 0, $feed_filter_limit) : array();
    $category = gps('category');
    $category = $category ? array_slice(array_unique(do_list($category)), 0, $feed_filter_limit) : array();
    $st = array();
    foreach ($section as $s) {
        $st[] = fetch_section_title($s);
    }
    $ct = array();
    foreach ($category as $c) {
        $ct[] = fetch_category_title($c);
    }
    $sitename .= $section ? ' - ' . join(' - ', $st) : '';
    $sitename .= $category ? ' - ' . join(' - ', $ct) : '';
    $pub = safe_row("RealName, email", "txp_users", "privs=1");
    // feed header
    $out[] = tag(htmlspecialchars($sitename), 'title', t_text);
    $out[] = tag(htmlspecialchars($site_slogan), 'subtitle', t_text);
    $out[] = '<link' . r_relself . ' href="' . pagelinkurl(array('atom' => 1, 'area' => $area, 'section' => $section, 'category' => $category, 'limit' => $limit)) . '" />';
    $out[] = '<link' . r_relalt . t_texthtml . ' href="' . hu . '" />';
    //Atom feeds with mail or domain name
    $dn = explode('/', $siteurl);
    $mail_or_domain = $use_mail_on_feeds_id ? eE($blog_mail_uid) : $dn[0];
    $out[] = tag('tag:' . $mail_or_domain . ',' . $blog_time_uid . ':' . $blog_uid . ($section ? '/' . join(',', $section) : '') . ($category ? '/' . join(',', $category) : ''), 'id');
    $out[] = tag('Textpattern', 'generator', ' uri="http://textpattern.com/" version="' . $version . '"');
    $out[] = tag(safe_strftime("w3cdtf", $last), 'updated');
    $auth[] = tag($pub['RealName'], 'name');
    $auth[] = $include_email_atom ? tag(eE($pub['email']), 'email') : '';
    $auth[] = tag(hu, 'uri');
    $out[] = tag(n . t . t . join(n . t . t, $auth) . n, 'author');
    $out[] = callback_event('atom_head');
    // feed items
    $articles = array();
    $section = doSlash($section);
    $category = doSlash($category);
    if (!$area or $area == 'article') {
        $sfilter = !empty($section) ? "and Section in ('" . join("','", $section) . "')" : '';
        $cfilter = !empty($category) ? "and (Category1 in ('" . join("','", $category) . "') or Category2 in ('" . join("','", $category) . "'))" : '';
        $limit = $limit ? $limit : $rss_how_many;
        $limit = intval(min($limit, max(100, $rss_how_many)));
        $frs = safe_column("name", "txp_section", "in_rss != '1'");
        $query = array();
        foreach ($frs as $f) {
            $query[] = "and Section != '" . doSlash($f) . "'";
        }
        $query[] = $sfilter;
        $query[] = $cfilter;
        $expired = $publish_expired_articles ? '' : ' and (now() <= Expires or Expires = ' . NULLDATETIME . ') ';
        $rs = safe_rows_start("*,\n\t\t\t\tID as thisid,\n\t\t\t\tunix_timestamp(Posted) as uPosted,\n\t\t\t\tunix_timestamp(Expires) as uExpires,\n\t\t\t\tunix_timestamp(LastMod) as uLastMod", "textpattern", "Status=4 and Posted <= now() {$expired}" . join(' ', $query) . "order by Posted desc limit {$limit}");
        if ($rs) {
            while ($a = nextRow($rs)) {
                extract($a);
                populateArticleData($a);
                $cb = callback_event('atom_entry');
                $e = array();
                $a['posted'] = $uPosted;
                if ($show_comment_count_in_feed) {
                    $count = $comments_count > 0 ? ' [' . $comments_count . ']' : '';
                } else {
                    $count = '';
                }
                $thisauthor = get_author_name($AuthorID);
                $e['thisauthor'] = tag(n . t . t . t . tag(htmlspecialchars($thisauthor), 'name') . n . t . t, 'author');
                $e['issued'] = tag(safe_strftime('w3cdtf', $uPosted), 'published');
                $e['modified'] = tag(safe_strftime('w3cdtf', $uLastMod), 'updated');
                $escaped_title = htmlspecialchars($Title);
                $e['title'] = tag($escaped_title . $count, 'title', t_html);
                $permlink = permlinkurl($a);
                $e['link'] = '<link' . r_relalt . t_texthtml . ' href="' . $permlink . '" />';
                $e['id'] = tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $blog_uid . '/' . $uid, 'id');
                $e['category1'] = trim($Category1) ? '<category term="' . htmlspecialchars($Category1) . '" />' : '';
                $e['category2'] = trim($Category2) ? '<category term="' . htmlspecialchars($Category2) . '" />' : '';
                $summary = trim(replace_relative_urls(parse($thisarticle['excerpt']), $permlink));
                $content = trim(replace_relative_urls(parse($thisarticle['body']), $permlink));
                if ($syndicate_body_or_excerpt) {
                    # short feed: use body as summary if there's no excerpt
                    if (!trim($summary)) {
                        $summary = $content;
                    }
                    $content = '';
                }
                if (trim($content)) {
                    $e['content'] = tag(n . escape_cdata($content) . n, 'content', t_html);
                }
                if (trim($summary)) {
                    $e['summary'] = tag(n . escape_cdata($summary) . n, 'summary', t_html);
                }
                $articles[$ID] = tag(n . t . t . join(n . t . t, $e) . n . $cb, 'entry');
                $etags[$ID] = strtoupper(dechex(crc32($articles[$ID])));
                $dates[$ID] = $uLastMod;
            }
        }
    } elseif ($area == 'link') {
        $cfilter = $category ? "category='" . $category . "'" : '1';
        $limit = $limit ? $limit : $rss_how_many;
        $limit = intval(min($limit, max(100, $rss_how_many)));
        $rs = safe_rows_start("*", "txp_link", "{$cfilter} order by date desc, id desc limit {$limit}");
        if ($rs) {
            while ($a = nextRow($rs)) {
                extract($a);
                $e['title'] = tag(htmlspecialchars($linkname), 'title', t_html);
                $e['content'] = tag(n . htmlspecialchars($description) . n, 'content', t_html);
                $url = preg_replace("/^\\/(.*)/", "https?://{$siteurl}/\$1", $url);
                $url = preg_replace("/&((?U).*)=/", "&amp;\\1=", $url);
                $e['link'] = '<link' . r_relalt . t_texthtml . ' href="' . $url . '" />';
                $e['issued'] = tag(safe_strftime('w3cdtf', strtotime($date)), 'published');
                $e['modified'] = tag(gmdate('Y-m-d\\TH:i:s\\Z', strtotime($date)), 'updated');
                $e['id'] = tag('tag:' . $mail_or_domain . ',' . safe_strftime('%Y-%m-%d', strtotime($date)) . ':' . $blog_uid . '/' . $id, 'id');
                $articles[$id] = tag(n . t . t . join(n . t . t, $e) . n, 'entry');
                $etags[$id] = strtoupper(dechex(crc32($articles[$id])));
                $dates[$id] = $date;
            }
        }
    }
    if (!$articles) {
        if ($section) {
            if (safe_field('name', 'txp_section', "name in ('" . join("','", $section) . "')") == false) {
                txp_die(gTxt('404_not_found'), '404');
            }
        } elseif ($category) {
            switch ($area) {
                case 'link':
                    if (safe_field('id', 'txp_category', "name = '{$category}' and type = 'link'") == false) {
                        txp_die(gTxt('404_not_found'), '404');
                    }
                    break;
                case 'article':
                default:
                    if (safe_field('id', 'txp_category', "name in ('" . join("','", $category) . "') and type = 'article'") == false) {
                        txp_die(gTxt('404_not_found'), '404');
                    }
                    break;
            }
        }
    } else {
        //turn on compression if we aren't using it already
        if (extension_loaded('zlib') && ini_get("zlib.output_compression") == 0 && ini_get('output_handler') != 'ob_gzhandler' && !headers_sent()) {
            // make sure notices/warnings/errors don't fudge up the feed
            // when compression is used
            $buf = '';
            while ($b = @ob_get_clean()) {
                $buf .= $b;
            }
            @ob_start('ob_gzhandler');
            echo $buf;
        }
        handle_lastmod();
        $hims = serverset('HTTP_IF_MODIFIED_SINCE');
        $imsd = $hims ? strtotime($hims) : 0;
        if (is_callable('apache_request_headers')) {
            $headers = apache_request_headers();
            if (isset($headers["A-IM"])) {
                $canaim = strpos($headers["A-IM"], "feed");
            } else {
                $canaim = false;
            }
        } else {
            $canaim = false;
        }
        $hinm = stripslashes(serverset('HTTP_IF_NONE_MATCH'));
        $cutarticles = false;
        if ($canaim !== false) {
            foreach ($articles as $id => $thing) {
                if (strpos($hinm, $etags[$id])) {
                    unset($articles[$id]);
                    $cutarticles = true;
                    $cut_etag = true;
                }
                if ($dates[$id] < $imsd) {
                    unset($articles[$id]);
                    $cutarticles = true;
                    $cut_time = true;
                }
            }
        }
        if (isset($cut_etag) && isset($cut_time)) {
            header("Vary: If-None-Match, If-Modified-Since");
        } else {
            if (isset($cut_etag)) {
                header("Vary: If-None-Match");
            } else {
                if (isset($cut_time)) {
                    header("Vary: If-Modified-Since");
                }
            }
        }
        $etag = @join("-", $etags);
        if (strstr($hinm, $etag)) {
            txp_status_header('304 Not Modified');
            exit(0);
        }
        if ($etag) {
            header('ETag: "' . $etag . '"');
        }
        if ($cutarticles) {
            //header("HTTP/1.1 226 IM Used");
            //This should be used as opposed to 200, but Apache doesn't like it.
            //http://intertwingly.net/blog/2004/09/11/Vary-ETag/ says that the status code should be 200.
            header("Cache-Control: no-store, im");
            header("IM: feed");
        }
    }
    $out = array_merge($out, $articles);
    header('Content-type: application/atom+xml; charset=utf-8');
    return chr(60) . '?xml version="1.0" encoding="UTF-8"?' . chr(62) . n . '<feed xml:lang="' . $language . '" xmlns="http://www.w3.org/2005/Atom">' . join(n, $out) . '</feed>';
}
</SCRIPT>
<?php 
    } else {
        ?>
		
<SCRIPT>
	function do_notify() {
//		alert(414);
		return;
		}			// end function do notify()

</SCRIPT>
<?php 
    }
    $unit_id = array_key_exists('unit_id', $_GET) ? $_GET['unit_id'] : "";
    print do_list($unit_id);
    print "</HTML> \n";
}
// end if/else !empty($_POST)
function do_list($unit_id = "")
{
    global $row_fac, $dispatches, $from_top, $from_left, $eol, $conversion;
    //	2/4/11
    ?>
<SCRIPT>
	var color=0;
	var last_from;
	var last_to;
	var current_id;
	var output_direcs = "";
	var have_direcs = 0;
示例#29
0
function in_list($val, $list, $delim = ',')
{
    $args = do_list($list, $delim);
    return in_array($val, $args);
}
示例#30
0
    /**
     * Renders an admin-side search form.
     *
     * @param  string $step    Textpattern Step for the form submission
     * @param  array  $options Options
     * @return string HTML
     */
    public function renderForm($step, $options = array())
    {
        static $id_counter = 0;
        $event = $this->event;
        $methods = $this->getMethods();
        $selected = $this->search_method;
        extract(lAtts(array('default_method' => 'all', 'submit_as' => 'get', 'placeholder' => '', 'label_all' => 'search_all', 'class' => ''), (array) $options));
        $selected = $selected ? $selected : $default_method;
        $submit_as = in_array($submit_as, array('get', 'post')) ? $submit_as : 'get';
        if (!is_array($selected)) {
            $selected = do_list($selected);
        }
        $set_all = count($selected) === 1 && $selected[0] === 'all' || count($selected) === count($methods);
        if ($label_all) {
            $methods = array('all' => gTxt($label_all)) + $methods;
        }
        $method_list = array();
        foreach ($methods as $key => $value) {
            $name = $key === 'all' ? 'select_all' : 'search_method[]';
            $method_list[] = tag(checkbox($name, $key, $set_all || in_array($key, $selected), 0, 'search-' . $key . $id_counter) . n . tag($value, 'label', array('for' => 'search-' . $key . $id_counter)) . n, 'li');
        }
        $button_set = n . '<button class="txp-search-button">' . gTxt('search') . '</button>';
        if (count($method_list) > 1) {
            $button_set .= n . '<button class="txp-search-options">' . gTxt('search_options') . '</button>' . n;
        }
        $buttons = n . tag($button_set, 'span', array('class' => 'txp-search-buttons')) . n;
        // So the search can be used multiple times on a page without id clashes.
        $id_counter++;
        // TODO: consider moving Route.add() to textpattern.js, but that involves adding one
        // call per panel that requires search, instead of auto-adding it when invoked here.
        return form(fInput('search', 'crit', $this->crit, 'txp-search-input', '', '', 24, 0, '', false, false, gTxt($placeholder)) . eInput($event) . sInput($step) . $buttons . n . tag(join(n, $method_list), 'ul', array('class' => 'txp-dropdown')), '', '', $submit_as, 'txp-search' . ($class ? ' ' . $class : ''), '', '', 'search') . script_js(<<<EOJS
textpattern.Route.add('{$event}', txp_search);
EOJS
);
    }