function install_gmaps() { require_once 'ModuleInstall/ModuleInstaller.php'; $ModuleInstaller = new ModuleInstaller(); $ModuleInstaller->install_custom_fields(getCustomFields()); installJJWHooks(); }
public function updateClient() { global $whmcs; $exinfo = getClientsDetails($this->getID()); if (defined("ADMINAREA")) { $updatefieldsarray = array(); } else { $updatefieldsarray = array("firstname" => "First Name", "lastname" => "Last Name", "companyname" => "Company Name", "email" => "Email Address", "address1" => "Address 1", "address2" => "Address 2", "city" => "City", "state" => "State", "postcode" => "Postcode", "country" => "Country", "phonenumber" => "Phone Number", "billingcid" => "Billing Contact"); if ($whmcs->get_config("AllowClientsEmailOptOut")) { $updatefieldsarray['emailoptout'] = "Newsletter Email Opt Out"; } } $changelist = array(); $updateqry = array(); foreach ($updatefieldsarray as $field => $displayname) { if ($this->isEditableField($field)) { $value = $whmcs->get_req_var($field); if ($field == "emailoptout" && !$value) { $value = "0"; } $updateqry[$field] = $value; if ($value != $exinfo[$field]) { $changelist[] = "" . $displayname . ": '" . $exinfo[$field] . "' to '" . $value . "'"; continue; } continue; } } update_query("tblclients", $updateqry, array("id" => $this->getID())); $old_customfieldsarray = getCustomFields("client", "", $this->getID(), "", ""); $customfields = getCustomFields("client", "", $this->getID(), "", ""); foreach ($customfields as $v) { $k = $v['id']; $customfieldsarray[$k] = $_POST['customfield'][$k]; } saveCustomFields($this->getID(), $customfieldsarray); $paymentmethod = $whmcs->get_req_var("paymentmethod"); clientChangeDefaultGateway($this->getID(), $paymentmethod); if ($paymentmethod != $exinfo['defaultgateway']) { $changelist[] = "Default Payment Method: '" . getGatewayName($exinfo['defaultgateway']) . "' to '" . getGatewayName($paymentmethod) . "'<br>\n"; } run_hook("ClientEdit", array_merge(array("userid" => $this->getID(), "olddata" => $exinfo), $updateqry)); if (!defined("ADMINAREA") && $whmcs->get_config("SendEmailNotificationonUserDetailsChange")) { foreach ($old_customfieldsarray as $values) { if ($values['value'] != $_POST['customfield'][$values['id']]) { $changelist[] = $values['name'] . ": '" . $values['value'] . "' to '" . $_POST['customfield'][$values['id']] . "'"; continue; } } if (0 < count($changelist)) { $adminurl = $whmcs->get_config("SystemSSLURL") ? $whmcs->get_config("SystemSSLURL") : $whmcs->get_config("SystemURL"); $adminurl .= "/" . $whmcs->get_admin_folder_name() . "/clientssummary.php?userid=" . $this->getID(); sendAdminNotification("account", "WHMCS User Details Change", "<p>Client ID: <a href=\"" . $adminurl . "\">" . $this->getID() . " - " . $exinfo['firstname'] . " " . $exinfo['lastname'] . "</a> has requested to change his/her details as indicated below:<br><br>" . implode("<br />\n", $changelist) . "<br>If you are unhappy with any of the changes, you need to login and revert them - this is the only record of the old details.</p>"); logActivity("Client Profile Modified - " . implode(", ", $changelist) . " - User ID: " . $this->getID()); } } return true; }
/** * set insert / update / delete query for adding IP address * based on provided array */ function SetInsertQuery($ip) { /* First we need to get custom fields! */ $myFields = getCustomFields('ipaddresses'); $myFieldsInsert['query'] = ''; $myFieldsInsert['values'] = ''; if (sizeof($myFields) > 0) { /* set inserts for custom */ foreach ($myFields as $myField) { # empty? if (strlen($ip[$myField['name']]) == 0) { $myFieldsInsert['query'] .= ', `' . $myField['name'] . '`'; $myFieldsInsert['values'] .= ", NULL"; } else { $myFieldsInsert['query'] .= ', `' . $myField['name'] . '`'; $myFieldsInsert['values'] .= ", '" . $ip[$myField['name']] . "'"; } } } /* insert */ if ($ip['action'] == "add") { $query = "insert into `ipaddresses` "; $query .= "(`subnetId`,`description`,`ip_addr`, `dns_name`,`mac`, `owner`, `state`, `switch`, `port`, `note`, `excludePing` " . $myFieldsInsert['query'] . ") "; $query .= "values "; $query .= "('{$ip['subnetId']}', '{$ip['description']}', '" . Transform2decimal($ip['ip_addr']) . "', " . "\n"; $query .= " '{$ip['dns_name']}', '{$ip['mac']}', '{$ip['owner']}', '{$ip['state']}', " . "\n"; $query .= " '{$ip['switch']}', '{$ip['port']}', '{$ip['note']}', '" . @$ip['excludePing'] . "' " . $myFieldsInsert['values'] . ");"; } elseif ($ip['action'] == "edit" && $ip['type'] == "series") { $query = "update `ipaddresses` "; $query .= "set `ip_addr` = '" . Transform2decimal($ip['ip_addr']) . "', "; $query .= "`description` = '" . $ip['description'] . "', "; $query .= "`dns_name` = '" . $ip['dns_name'] . "' ,"; $query .= "`mac` = '" . $ip['mac'] . "' ,"; $query .= "`owner` = '" . $ip['owner'] . "' ,"; $query .= "`state` = '" . $ip['state'] . "',"; $query .= "`switch` = '" . $ip['switch'] . "',"; $query .= "`port` = '" . $ip['port'] . "',"; $query .= "`excludePing` = '" . @$ip['excludePing'] . "',"; # custom! foreach ($myFields as $myField) { if (strlen($ip[$myField['name']]) == 0) { $query .= "`" . $myField['name'] . "` = NULL,"; } else { $query .= "`" . $myField['name'] . "` = '" . $ip[$myField['name']] . "',"; } } $query .= "`note` = '" . $ip['note'] . "' "; $query .= "where `subnetId` = '" . $ip['subnetId'] . "' and `ip_addr` = '" . Transform2decimal($ip['ip_addr']) . "';"; } elseif ($ip['action'] == "edit") { $query = "update ipaddresses "; $query .= "set `ip_addr` = '" . Transform2decimal($ip['ip_addr']) . "', `description` = '" . $ip['description'] . "', `dns_name` = '" . $ip['dns_name'] . "' , `mac` = '" . $ip['mac'] . "', " . "\n"; #custom! foreach ($myFields as $myField) { if (strlen($ip[$myField['name']]) == 0) { $query .= "`" . $myField['name'] . "` = NULL,"; } else { $query .= "`" . $myField['name'] . "` = '" . $ip[$myField['name']] . "',"; } } $query .= "`owner` = '" . $ip['owner'] . "' , `state` = '" . $ip['state'] . "', `switch` = '" . $ip['switch'] . "', " . "\n"; $query .= "`port` = '" . $ip['port'] . "', `note` = '" . $ip['note'] . "', `excludePing` = '" . @$ip['excludePing'] . "' "; $query .= "where `id` = '" . $ip['id'] . "';"; } elseif ($ip['action'] == "delete" && $ip['type'] == "series") { $query = "delete from ipaddresses where `subnetId` = '" . $ip['subnetId'] . "' and `ip_addr` = '" . Transform2decimal($ip['ip_addr']) . "';"; } elseif ($ip['action'] == "delete") { $query = "delete from ipaddresses where `id` = '" . $ip['id'] . "';"; } elseif ($ip['action'] == "move") { $query = "update `ipaddresses` set `subnetId` = '{$ip['newSubnet']}' where `id` = '{$ip['id']}';"; } /* return query */ return $query; }
/** * accept IP request */ function acceptIPrequest($request) { global $database; /* first update request */ $query = 'update requests set `processed` = "1", `accepted` = "1", `adminComment` = "' . $request['adminComment'] . '" where `id` = "' . $request['requestId'] . '";' . "\n"; /* We need to get custom fields! */ $myFields = getCustomFields('ipaddresses'); $myFieldsInsert['query'] = ''; $myFieldsInsert['values'] = ''; if (sizeof($myFields) > 0) { /* set inserts for custom */ foreach ($myFields as $myField) { $myFieldsInsert['query'] .= ', `' . $myField['name'] . '`'; $myFieldsInsert['values'] .= ", '" . $request[$myField['name']] . "'"; } } /* insert */ $query .= "insert into `ipaddresses` "; $query .= "(`subnetId`,`description`,`ip_addr`, `dns_name`,`mac`, `owner`, `state`, `switch`, `port`, `note` " . $myFieldsInsert['query'] . ") "; $query .= "values "; $query .= "('" . $request['subnetId'] . "', '" . $request['description'] . "', '" . $request['ip_addr'] . "', " . "\n"; $query .= " '" . $request['dns_name'] . "', '" . $request['mac'] . "', '" . $request['owner'] . "', '" . $request['state'] . "', " . "\n"; $query .= " '" . $request['switch'] . "', '" . $request['port'] . "', '" . $request['note'] . "'" . $myFieldsInsert['values'] . ");"; /* set log file */ foreach ($request as $key => $req) { $log .= " " . $key . ": " . $req . "<br>"; } /* execute */ try { $database->executeMultipleQuerries($query); } catch (Exception $e) { $error = $e->getMessage(); print "<div class='alert alert-danger'>" . _('Error') . ": {$error}</div>"; updateLogTable('Failed to accept IP request', $log . "\n" . $error, 2); return false; } /* return success */ updateLogTable('IP request accepted', $log, 1); return true; }
echo $aInt->lang("global", "none"); echo "</option>\n"; $result = select_query("tblclientgroups", "", "", "groupname", "ASC"); while ($data = mysql_fetch_assoc($result)) { $group_id = $data['id']; $group_name = $data['groupname']; $group_colour = $data['groupcolour']; echo "<option style=\"background-color:" . $group_colour . "\" value=" . $group_id . ""; if ($group_id == $groupid) { echo " selected"; } echo ">" . $group_name . "</option>"; } echo "</select></td></tr>\n<tr>"; $taxindex = 27; $customfields = getCustomFields("client", "", $userid, "on", ""); $x = 0; foreach ($customfields as $customfield) { ++$x; echo "<td class=\"fieldlabel\">" . $customfield['name'] . "</td><td class=\"fieldarea\">" . str_replace(array("<input", "<select", "<textarea"), array("<input tabindex=\"" . $taxindex . "\"", "<select tabindex=\"" . $taxindex . "\"", "<textarea tabindex=\"" . $taxindex . "\""), $customfield['input']) . "</td>"; if ($x % 2 == 0 || $x == count($customfields)) { echo "</tr><tr>"; } ++$taxindex; } echo "<td class=\"fieldlabel\">"; echo $aInt->lang("fields", "adminnotes"); echo "</td><td class=\"fieldarea\" colspan=\"3\"><textarea name=\"notes\" rows=4 style=\"width:100%;\" tabindex=\""; echo $taxindex++; echo "\">"; echo $notes;
<?php /** * Print all available VRFs and configurations ************************************************/ /* required functions */ require_once '../../functions/functions.php'; /* verify that user is admin */ checkAdmin(); /* get post */ $vlanPost = $_POST; /* get all available VRFs */ $vlan = subnetGetVLANdetailsById($_POST['vlanId']); /* get custom fields */ $custom = getCustomFields('vlans'); if ($_POST['action'] == "delete") { $readonly = "readonly"; } else { $readonly = ""; } /* set form name! */ if (isset($_POST['fromSubnet'])) { $formId = "vlanManagementEditFromSubnet"; } else { $formId = "vlanManagementEdit"; } ?> <script type="text/javascript"> $(document).ready(function(){ if ($("[rel=tooltip]").length) { $("[rel=tooltip]").tooltip(); }
function doArticles($atts, $iscustom, $thing = null) { global $pretext, $prefs; extract($pretext); extract($prefs); $customFields = getCustomFields(); $customlAtts = array_null(array_flip($customFields)); if ($iscustom) { $extralAtts = array('category' => '', 'section' => '', 'excerpted' => '', 'author' => '', 'month' => '', 'expired' => $publish_expired_articles, 'id' => '', 'exclude' => ''); } else { $extralAtts = array('listform' => '', 'searchform' => '', 'searchall' => 1, 'searchsticky' => 0, 'pageby' => '', 'pgonly' => 0); } // Getting attributes. $theAtts = lAtts(array('form' => 'default', 'limit' => 10, 'sort' => '', 'sortby' => '', 'sortdir' => '', 'keywords' => '', 'time' => 'past', 'status' => STATUS_LIVE, 'allowoverride' => !$q and !$iscustom, 'offset' => 0, 'wraptag' => '', 'break' => '', 'label' => '', 'labeltag' => '', 'class' => '') + $customlAtts + $extralAtts, $atts); // For the txp:article tag, some attributes are taken from globals; // override them, then stash all filter attributes. if (!$iscustom) { $theAtts['category'] = $c ? $c : ''; $theAtts['section'] = $s && $s != 'default' ? $s : ''; $theAtts['author'] = !empty($author) ? $author : ''; $theAtts['month'] = !empty($month) ? $month : ''; $theAtts['frontpage'] = $s && $s == 'default' ? true : false; $theAtts['excerpted'] = 0; $theAtts['exclude'] = 0; $theAtts['expired'] = $publish_expired_articles; filterAtts($theAtts); } else { $theAtts['frontpage'] = false; } extract($theAtts); // If a listform is specified, $thing is for doArticle() - hence ignore here. if (!empty($listform)) { $thing = ''; } $pageby = empty($pageby) ? $limit : $pageby; // Treat sticky articles differently wrt search filtering, etc. $status = in_array(strtolower($status), array('sticky', STATUS_STICKY)) ? STATUS_STICKY : STATUS_LIVE; $issticky = $status == STATUS_STICKY; // Give control to search, if necessary. if ($q && !$iscustom && !$issticky) { include_once txpath . '/publish/search.php'; $s_filter = $searchall ? filterSearch() : ''; $q = trim($q); $quoted = $q[0] === '"' && $q[strlen($q) - 1] === '"'; $q = doSlash($quoted ? trim(trim($q, '"')) : $q); // Searchable article fields are limited to the columns of the // textpattern table and a matching fulltext index must exist. $cols = do_list_unique($searchable_article_fields); if (empty($cols) or $cols[0] == '') { $cols = array('Title', 'Body'); } $match = ", MATCH (`" . join("`, `", $cols) . "`) AGAINST ('{$q}') AS score"; $search_terms = preg_replace('/\\s+/', ' ', str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $q)); if ($quoted || empty($m) || $m === 'exact') { for ($i = 0; $i < count($cols); $i++) { $cols[$i] = "`{$cols[$i]}` LIKE '%{$search_terms}%'"; } } else { $colJoin = $m === 'any' ? "OR" : "AND"; $search_terms = explode(' ', $search_terms); for ($i = 0; $i < count($cols); $i++) { $like = array(); foreach ($search_terms as $search_term) { $like[] = "`{$cols[$i]}` LIKE '%{$search_term}%'"; } $cols[$i] = "(" . join(" {$colJoin} ", $like) . ")"; } } $cols = join(" OR ", $cols); $search = " AND ({$cols}) {$s_filter}"; // searchall=0 can be used to show search results for the current // section only. if ($searchall) { $section = ''; } if (!$sort) { $sort = "score DESC"; } } else { $match = $search = ''; if (!$sort) { $sort = "Posted DESC"; } } // For backwards compatibility. sortby and sortdir are deprecated. if ($sortby) { trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortby')), E_USER_NOTICE); if (!$sortdir) { $sortdir = "DESC"; } else { trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortdir')), E_USER_NOTICE); } $sort = "{$sortby} {$sortdir}"; } elseif ($sortdir) { trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortdir')), E_USER_NOTICE); $sort = "Posted {$sortdir}"; } // Building query parts. $frontpage = ($frontpage and (!$q or $issticky)) ? filterFrontPage() : ''; $category = join("','", doSlash(do_list_unique($category))); $category = !$category ? '' : " AND (Category1 IN ('" . $category . "') OR Category2 IN ('" . $category . "'))"; $section = !$section ? '' : " AND Section IN ('" . join("','", doSlash(do_list_unique($section))) . "')"; $excerpted = !$excerpted ? '' : " AND Excerpt !=''"; $author = !$author ? '' : " AND AuthorID IN ('" . join("','", doSlash(do_list_unique($author))) . "')"; $month = !$month ? '' : " AND Posted LIKE '" . doSlash($month) . "%'"; $ids = $id ? array_map('intval', do_list_unique($id)) : array(); $exclude = $exclude ? array_map('intval', do_list_unique($exclude)) : array(); $id = (!$id ? '' : " AND ID IN (" . join(',', $ids) . ")") . (!$exclude ? '' : " AND ID NOT IN (" . join(',', $exclude) . ")"); switch ($time) { case 'any': $time = ""; break; case 'future': $time = " AND Posted > " . now('posted'); break; default: $time = " AND Posted <= " . now('posted'); } if (!$expired) { $time .= " AND (" . now('expires') . " <= Expires OR Expires = " . NULLDATETIME . ")"; } $custom = ''; if ($customFields) { foreach ($customFields as $cField) { if (isset($atts[$cField])) { $customPairs[$cField] = $atts[$cField]; } } if (!empty($customPairs)) { $custom = buildCustomSql($customFields, $customPairs); } } // Allow keywords for no-custom articles. That tagging mode, you know. if ($keywords) { $keys = doSlash(do_list_unique($keywords)); foreach ($keys as $key) { $keyparts[] = "FIND_IN_SET('" . $key . "', Keywords)"; } $keywords = " AND (" . join(' or ', $keyparts) . ")"; } if ($q and $searchsticky) { $statusq = " AND Status >= " . STATUS_LIVE; } elseif ($id) { $statusq = " AND Status >= " . STATUS_LIVE; } else { $statusq = " AND Status = " . intval($status); } $where = "1 = 1" . $statusq . $time . $search . $id . $category . $section . $excerpted . $month . $author . $keywords . $custom . $frontpage; // Do not paginate if we are on a custom list. if (!$iscustom and !$issticky) { $grand_total = safe_count('textpattern', $where); $total = $grand_total - $offset; $numPages = ceil($total / $pageby); $pg = !$pg ? 1 : $pg; $pgoffset = $offset + ($pg - 1) * $pageby; // Send paging info to txp:newer and txp:older. $pageout['pg'] = $pg; $pageout['numPages'] = $numPages; $pageout['s'] = $s; $pageout['c'] = $c; $pageout['context'] = 'article'; $pageout['grand_total'] = $grand_total; $pageout['total'] = $total; global $thispage; if (empty($thispage)) { $thispage = $pageout; } if ($pgonly) { return; } } else { $pgoffset = $offset; } // Preserve order of custom article ids unless 'sort' attribute is set. if (!empty($atts['id']) && empty($atts['sort'])) { $safe_sort = "FIELD(id, " . join(',', $ids) . ")"; } else { $safe_sort = doSlash($sort); } $rs = safe_rows_start("*, UNIX_TIMESTAMP(Posted) AS uPosted, UNIX_TIMESTAMP(Expires) AS uExpires, UNIX_TIMESTAMP(LastMod) AS uLastMod" . $match, 'textpattern', "{$where} ORDER BY {$safe_sort} LIMIT " . intval($pgoffset) . ", " . intval($limit)); // Get the form name. if ($q and !$iscustom and !$issticky) { $fname = $searchform ? $searchform : 'search_results'; } else { $fname = !empty($listform) ? $listform : $form; } if ($rs) { $count = 0; $last = numRows($rs); $articles = array(); while ($a = nextRow($rs)) { ++$count; populateArticleData($a); global $thisarticle, $uPosted, $limit; $thisarticle['is_first'] = $count == 1; $thisarticle['is_last'] = $count == $last; // Article form preview. if (txpinterface === 'admin' && ps('Form')) { doAuth(); if (!has_privs('form')) { txp_status_header('401 Unauthorized'); exit(hed('401 Unauthorized', 1) . graf(gTxt('restricted_area'))); } $articles[] = parse(gps('Form')); } elseif ($allowoverride and $a['override_form']) { $articles[] = parse_form($a['override_form']); } else { $articles[] = $thing ? parse($thing) : parse_form($fname); } // Sending these to paging_link(); Required? $uPosted = $a['uPosted']; unset($GLOBALS['thisarticle']); } return doLabel($label, $labeltag) . doWrap($articles, $wraptag, $break, $class); } }
function populateArticleData($rs) { global $thisarticle; extract($rs); trace_add("[" . gTxt('Article') . " {$ID}]"); $thisarticle['thisid'] = $ID; $thisarticle['posted'] = $uPosted; $thisarticle['expires'] = $uExpires; $thisarticle['modified'] = $uLastMod; $thisarticle['annotate'] = $Annotate; $thisarticle['comments_invite'] = $AnnotateInvite; $thisarticle['authorid'] = $AuthorID; $thisarticle['title'] = $Title; $thisarticle['url_title'] = $url_title; $thisarticle['category1'] = $Category1; $thisarticle['category2'] = $Category2; $thisarticle['section'] = $Section; $thisarticle['keywords'] = $Keywords; $thisarticle['article_image'] = $Image; $thisarticle['comments_count'] = $comments_count; $thisarticle['body'] = $Body_html; $thisarticle['excerpt'] = $Excerpt_html; $thisarticle['override_form'] = $override_form; $thisarticle['status'] = $Status; $custom = getCustomFields(); if ($custom) { foreach ($custom as $i => $name) { $thisarticle[$name] = $rs['custom_' . $i]; } } }
/** * Processes sent forms and updates existing articles. */ function article_save() { global $txp_user, $vars, $prefs; extract($prefs); $incoming = array_map('assert_string', psa($vars)); $oldArticle = safe_row("Status, url_title, Title, textile_body, textile_excerpt,\n UNIX_TIMESTAMP(LastMod) AS sLastMod, LastModID,\n UNIX_TIMESTAMP(Posted) AS sPosted,\n UNIX_TIMESTAMP(Expires) AS sExpires", 'textpattern', "ID = " . (int) $incoming['ID']); if (!($oldArticle['Status'] >= STATUS_LIVE and has_privs('article.edit.published') or $oldArticle['Status'] >= STATUS_LIVE and $incoming['AuthorID'] === $txp_user and has_privs('article.edit.own.published') or $oldArticle['Status'] < STATUS_LIVE and has_privs('article.edit') or $oldArticle['Status'] < STATUS_LIVE and $incoming['AuthorID'] === $txp_user and has_privs('article.edit.own'))) { // Not allowed, you silly rabbit, you shouldn't even be here. // Show default editing screen. article_edit(); return; } if ($oldArticle['sLastMod'] != $incoming['sLastMod']) { article_edit(array(gTxt('concurrent_edit_by', array('{author}' => txpspecialchars($oldArticle['LastModID']))), E_ERROR), true, true); return; } if (!has_privs('article.set_markup')) { $incoming['textile_body'] = $oldArticle['textile_body']; $incoming['textile_excerpt'] = $oldArticle['textile_excerpt']; } $incoming = textile_main_fields($incoming); extract(doSlash($incoming)); extract(array_map('assert_int', psa(array('ID', 'Status')))); // Comments may be on, off, or disabled. $Annotate = (int) $Annotate; if (!has_privs('article.publish') && $Status >= STATUS_LIVE) { $Status = STATUS_PENDING; } // Set and validate article timestamp. if ($reset_time) { $whenposted = "Posted = NOW()"; $when_ts = time(); } else { if (!is_numeric($year) || !is_numeric($month) || !is_numeric($day) || !is_numeric($hour) || !is_numeric($minute) || !is_numeric($second)) { $ts = false; } else { $ts = strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second); } if ($ts === false || $ts < 0) { $when = $when_ts = $oldArticle['sPosted']; $msg = array(gTxt('invalid_postdate'), E_ERROR); } else { $when = $when_ts = $ts - tz_offset($ts); } $whenposted = "Posted = FROM_UNIXTIME({$when})"; } // Set and validate expiry timestamp. if (empty($exp_year)) { $expires = 0; } else { if (empty($exp_month)) { $exp_month = 1; } if (empty($exp_day)) { $exp_day = 1; } if (empty($exp_hour)) { $exp_hour = 0; } if (empty($exp_minute)) { $exp_minute = 0; } if (empty($exp_second)) { $exp_second = 0; } $ts = strtotime($exp_year . '-' . $exp_month . '-' . $exp_day . ' ' . $exp_hour . ':' . $exp_minute . ':' . $exp_second); if ($ts === false || $ts < 0) { $expires = $oldArticle['sExpires']; $msg = array(gTxt('invalid_expirydate'), E_ERROR); } else { $expires = $ts - tz_offset($ts); } } if ($expires && $expires <= $when_ts) { $expires = $oldArticle['sExpires']; $msg = array(gTxt('article_expires_before_postdate'), E_ERROR); } if ($expires) { $whenexpires = "Expires = FROM_UNIXTIME({$expires})"; } else { $whenexpires = "Expires = " . NULLDATETIME; } // Auto-update custom-titles according to Title, as long as unpublished and // NOT customised. if (empty($url_title) || $oldArticle['Status'] < STATUS_LIVE && $oldArticle['url_title'] === $url_title && $oldArticle['url_title'] === stripSpace($oldArticle['Title'], 1) && $oldArticle['Title'] !== $Title) { $url_title = stripSpace($Title_plain, 1); } $Keywords = doSlash(trim(preg_replace('/( ?[\\r\\n\\t,])+ ?/s', ',', preg_replace('/ +/', ' ', ps('Keywords'))), ', ')); $user = doSlash($txp_user); $description = doSlash($description); $cfq = array(); $cfs = getCustomFields(); foreach ($cfs as $i => $cf_name) { $custom_x = "custom_{$i}"; $cfq[] = "custom_{$i} = '" . ${$custom_x} . "'"; } $cfq = join(', ', $cfq); $rs = compact($vars); if (article_validate($rs, $msg)) { if (safe_update('textpattern', "Title = '{$Title}',\n Body = '{$Body}',\n Body_html = '{$Body_html}',\n Excerpt = '{$Excerpt}',\n Excerpt_html = '{$Excerpt_html}',\n Keywords = '{$Keywords}',\n description = '{$description}',\n Image = '{$Image}',\n Status = {$Status},\n LastMod = NOW(),\n LastModID = '{$user}',\n Section = '{$Section}',\n Category1 = '{$Category1}',\n Category2 = '{$Category2}',\n Annotate = {$Annotate},\n textile_body = '{$textile_body}',\n textile_excerpt = '{$textile_excerpt}',\n override_form = '{$override_form}',\n url_title = '{$url_title}',\n AnnotateInvite = '{$AnnotateInvite}'," . ($cfs ? $cfq . ',' : '') . "{$whenposted},\n {$whenexpires}", "ID = {$ID}")) { if ($Status >= STATUS_LIVE && $oldArticle['Status'] < STATUS_LIVE) { do_pings(); } if ($Status >= STATUS_LIVE || $oldArticle['Status'] >= STATUS_LIVE) { update_lastmod('article_saved', $rs); } now('posted', true); now('expires', true); callback_event('article_saved', '', false, $rs); if (empty($msg)) { $s = check_url_title($url_title); $msg = array(get_status_message($Status) . ' ' . $s, $s ? E_WARNING : 0); } } else { $msg = array(gTxt('article_save_failed'), E_ERROR); } } article_edit($msg, false, true); }
<?php /** * Script to print devices ***************************/ /* verify that user is admin */ if (!checkAdmin()) { die(''); } /* get current devices */ $devices = getAllUniqueDevices(); /* get custom fields */ $custom = getCustomFields('devices'); /* get hidden fields */ if (!isset($settings)) { $settings = getAllSettings(); } $ffields = json_decode($settings['hiddenCustomFields'], true); if (is_array($ffields['devices'])) { $ffields = $ffields['devices']; } else { $ffields = array(); } ?> <h4><?php print _('Device management'); ?> </h4> <hr> <div class="btn-group">
<?php /** * Script to print add / edit / delete users *************************************************/ /* required functions */ require_once '../../functions/functions.php'; /* verify that user is admin */ checkAdmin(); /* get all settings */ $settings = getAllSettings(); /* get custom fields */ $custom = getCustomFields('users'); /* get languages */ $langs = getLanguages(); ?> <script type="text/javascript"> $(document).ready(function(){ if ($("[rel=tooltip]").length) { $("[rel=tooltip]").tooltip(); } }); </script> <!-- header --> <div class="pHeader"> <?php /** * If action is not set get it form post variable! */
function article_edit($message = '', $concurrent = FALSE) { global $vars, $txp_user, $comments_disabled_after, $txpcfg, $prefs, $event; extract($prefs); extract(gpsa(array('view', 'from_view', 'step'))); if (!empty($GLOBALS['ID'])) { // newly-saved article $ID = $GLOBALS['ID']; $step = 'edit'; } else { $ID = gps('ID'); } include_once txpath . '/lib/classTextile.php'; $textile = new Textile(); // switch to 'text' view upon page load and after article post if (!$view || gps('save') || gps('publish')) { $view = 'text'; } if (!$step) { $step = "create"; } if ($step == "edit" && $view == "text" && !empty($ID) && $from_view != 'preview' && $from_view != 'html' && !$concurrent) { $pull = true; //-- it's an existing article - off we go to the db $ID = assert_int($ID); $rs = safe_row("*, unix_timestamp(Posted) as sPosted,\n\t\t\t\tunix_timestamp(Expires) as sExpires,\n\t\t\t\tunix_timestamp(LastMod) as sLastMod", "textpattern", "ID={$ID}"); extract($rs); $reset_time = $publish_now = $Status < 4 && $sPosted <= time(); } else { $pull = false; //-- assume they came from post if ($from_view == 'preview' or $from_view == 'html') { $store_out = array(); $store = unserialize(base64_decode(ps('store'))); foreach ($vars as $var) { if (isset($store[$var])) { $store_out[$var] = $store[$var]; } } } else { $store_out = gpsa($vars); if ($concurrent) { $store_out['sLastMod'] = safe_field('unix_timestamp(LastMod) as sLastMod', 'textpattern', 'ID=' . $ID); } } $rs = $store_out; extract($store_out); } $GLOBALS['step'] = $step; if ($step == 'create') { $textile_body = $use_textile; $textile_excerpt = $use_textile; } if ($step != 'create' && $sPosted) { // Previous record? $prev_id = checkIfNeighbour('prev', $sPosted); // Next record? $next_id = checkIfNeighbour('next', $sPosted); } else { $prev_id = $next_id = 0; } $page_title = $Title ? $Title : gTxt('write'); pagetop($page_title, $message); echo n . '<div id="' . $event . '_container" class="txp-container txp-edit">'; echo n . n . '<form id="article_form" name="article_form" method="post" action="index.php">'; if (!empty($store_out)) { echo hInput('store', base64_encode(serialize($store_out))); } echo hInput('ID', $ID) . eInput('article') . sInput($step) . '<input type="hidden" name="view" />' . startTable('edit') . '<tr>' . n . '<td id="article-col-1"><div id="configuration_content">'; if ($view == 'text') { //-- markup help -------------- echo pluggable_ui('article_ui', 'sidehelp', side_help($textile_body, $textile_excerpt), $rs); //-- custom menu entries -------------- echo pluggable_ui('article_ui', 'extend_col_1', '', $rs); //-- advanced -------------- echo '<div id="advanced_group"><h3 class="plain lever' . (get_pref('pane_article_advanced_visible') ? ' expanded' : '') . '"><a href="#advanced">' . gTxt('advanced_options') . '</a></h3>' . '<div id="advanced" class="toggle" style="display:' . (get_pref('pane_article_advanced_visible') ? 'block' : 'none') . '">'; // markup selection echo pluggable_ui('article_ui', 'markup', n . graf('<label for="markup-body">' . gTxt('article_markup') . '</label>' . br . pref_text('textile_body', $textile_body, 'markup-body'), ' class="markup markup-body"') . n . graf('<label for="markup-excerpt">' . gTxt('excerpt_markup') . '</label>' . br . pref_text('textile_excerpt', $textile_excerpt, 'markup-excerpt'), ' class="markup markup-excerpt"'), $rs); // form override echo $allow_form_override ? pluggable_ui('article_ui', 'override', graf('<label for="override-form">' . gTxt('override_default_form') . '</label>' . sp . popHelp('override_form') . br . form_pop($override_form, 'override-form'), ' class="override-form"'), $rs) : ''; echo '</div></div>' . n; //-- custom fields -------------- $cf = ''; $cfs = getCustomFields(); echo '<div id="custom_field_group"' . ($cfs ? '' : ' class="empty"') . '><h3 class="plain lever' . (get_pref('pane_article_custom_field_visible') ? ' expanded' : '') . '"><a href="#custom_field">' . gTxt('custom') . '</a></h3>' . '<div id="custom_field" class="toggle" style="display:' . (get_pref('pane_article_custom_field_visible') ? 'block' : 'none') . '">'; foreach ($cfs as $i => $cf_name) { $custom_x_set = "custom_{$i}_set"; $custom_x = "custom_{$i}"; $cf .= ${$custom_x_set} !== '' ? custField($i, ${$custom_x_set}, ${$custom_x}) : ''; } echo pluggable_ui('article_ui', 'custom_fields', $cf, $rs); echo '</div></div>' . n; //-- article image -------------- echo '<div id="image_group"><h3 class="plain lever' . (get_pref('pane_article_image_visible') ? ' expanded' : '') . '"><a href="#image">' . gTxt('article_image') . '</a></h3>' . '<div id="image" class="toggle" style="display:' . (get_pref('pane_article_image_visible') ? 'block' : 'none') . '">'; echo pluggable_ui('article_ui', 'article_image', n . graf('<label for="article-image">' . gTxt('article_image') . '</label>' . sp . popHelp('article_image') . br . fInput('text', 'Image', $Image, 'edit', '', '', 22, '', 'article-image'), ' class="article-image"'), $rs); echo '</div></div>' . n; //-- meta info -------------- echo '<div id="meta_group"><h3 class="plain lever' . (get_pref('pane_article_meta_visible') ? ' expanded' : '') . '"><a href="#meta">' . gTxt('meta') . '</a></h3>' . '<div id="meta" class="toggle" style="display:' . (get_pref('pane_article_meta_visible') ? 'block' : 'none') . '">'; // keywords echo pluggable_ui('article_ui', 'keywords', n . graf('<label for="keywords">' . gTxt('keywords') . '</label>' . sp . popHelp('keywords') . br . n . '<textarea id="keywords" name="Keywords" cols="18" rows="5">' . htmlspecialchars(str_replace(',', ', ', $Keywords)) . '</textarea>', ' class="keywords"'), $rs); // url title echo pluggable_ui('article_ui', 'url_title', n . graf('<label for="url-title">' . gTxt('url_title') . '</label>' . sp . popHelp('url_title') . br . fInput('text', 'url_title', $url_title, 'edit', '', '', 22, '', 'url-title'), ' class="url-title"'), $rs); echo '</div></div>' . n; //-- recent articles -------------- echo '<div id="recent_group"><h3 class="plain lever' . (get_pref('pane_article_recent_visible') ? ' expanded' : '') . '"><a href="#recent">' . gTxt('recent_articles') . '</a>' . '</h3>' . '<div id="recent" class="toggle" style="display:' . (get_pref('pane_article_recent_visible') ? 'block' : 'none') . '">'; $recents = safe_rows_start("Title, ID", 'textpattern', "1=1 order by LastMod desc limit 10"); $ra = ''; if ($recents) { $ra = '<ul class="recent plain-list">'; while ($recent = nextRow($recents)) { if (!$recent['Title']) { $recent['Title'] = gTxt('untitled') . sp . $recent['ID']; } $ra .= n . t . '<li class="recent-article"><a href="?event=article' . a . 'step=edit' . a . 'ID=' . $recent['ID'] . '">' . escape_title($recent['Title']) . '</a></li>'; } $ra .= '</ul>'; } echo pluggable_ui('article_ui', 'recent_articles', $ra, $rs); echo '</div></div>'; } else { echo sp; } echo '</div></td>' . n . '<td id="article-main"><div id="main_content">'; //-- title input -------------- if ($view == 'preview') { echo '<div class="preview">' . hed(gTxt('preview'), 2) . hed($Title, 1, ' class="title"'); } elseif ($view == 'html') { echo '<div class="xhtml">' . hed('XHTML', 2) . hed($Title, 1, ' class="title"'); } elseif ($view == 'text') { echo '<div class="text">' . pluggable_ui('article_ui', 'title', n . '<p class="title"><label for="title">' . gTxt('title') . '</label>' . sp . popHelp('title') . br . '<input type="text" id="title" name="Title" value="' . escape_title($Title) . '" class="edit" size="40" tabindex="1" />', $rs); if ($step != 'create') { if ($Status != 4 and $Status != 5) { $url = '?txpreview=' . intval($ID) . '.' . time(); // article ID plus cachebuster } else { include_once txpath . '/publish/taghandlers.php'; $url = permlinkurl_id($ID); } echo sp . sp . '<a href="' . $url . '" class="article-view">' . gTxt('view') . '</a>'; } echo '</p>'; } //-- body -------------------- if ($view == 'preview') { echo '<div class="body">'; if ($textile_body == USE_TEXTILE) { echo $textile->TextileThis($Body); } else { if ($textile_body == CONVERT_LINEBREAKS) { echo nl2br($Body); } else { if ($textile_body == LEAVE_TEXT_UNTOUCHED) { echo $Body; } } } echo '</div>'; } elseif ($view == 'html') { if ($textile_body == USE_TEXTILE) { $bod = $textile->TextileThis($Body); } else { if ($textile_body == CONVERT_LINEBREAKS) { $bod = nl2br($Body); } else { if ($textile_body == LEAVE_TEXT_UNTOUCHED) { $bod = $Body; } } } echo tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($bod)), 'code', ' class="body"'); } else { echo pluggable_ui('article_ui', 'body', n . graf('<label for="body">' . gTxt('body') . '</label>' . sp . popHelp('body') . br . '<textarea id="body" name="Body" cols="55" rows="31" tabindex="2">' . htmlspecialchars($Body) . '</textarea>', ' class="body"'), $rs); } //-- excerpt -------------------- if ($articles_use_excerpts) { if ($view == 'text') { echo pluggable_ui('article_ui', 'excerpt', n . graf('<label for="excerpt">' . gTxt('excerpt') . '</label>' . sp . popHelp('excerpt') . br . '<textarea id="excerpt" name="Excerpt" cols="55" rows="5" tabindex="3">' . htmlspecialchars($Excerpt) . '</textarea>', ' class="excerpt"'), $rs); } else { echo n . '<hr width="50%" />'; echo '<div class="excerpt">'; echo $textile_excerpt == USE_TEXTILE ? $view == 'preview' ? graf($textile->textileThis($Excerpt)) : tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($textile->TextileThis($Excerpt))), 'code', ' class="excerpt"') : graf($Excerpt); echo '</div>'; } } //-- author -------------- if ($view == "text" && $step != "create") { echo '<p class="author small">' . gTxt('posted_by') . ': ' . htmlspecialchars($AuthorID) . ' · ' . safe_strftime('%d %b %Y · %X', $sPosted); if ($sPosted != $sLastMod) { echo br . gTxt('modified_by') . ': ' . htmlspecialchars($LastModID) . ' · ' . safe_strftime('%d %b %Y · %X', $sLastMod); } echo '</p>'; } echo hInput('from_view', $view), '</div></div></td>'; //-- layer tabs ------------------- echo '<td id="article-tabs"><div id="view_modes">'; echo pluggable_ui('article_ui', 'view', $use_textile == USE_TEXTILE || $textile_body == USE_TEXTILE ? tag(tab('text', $view) . tab('html', $view) . tab('preview', $view), 'ul') : ' ', $rs); echo '</div></td>'; echo '<td id="article-col-2"><div id="supporting_content">'; if ($view == 'text') { if ($step != 'create') { echo n . graf(href(gtxt('create_new'), 'index.php?event=article'), ' class="action-create"'); } //-- prev/next article links -- if ($step != 'create' and ($prev_id or $next_id)) { echo '<p class="article-nav">', $prev_id ? prevnext_link('‹' . gTxt('prev'), 'article', 'edit', $prev_id, gTxt('prev')) : '', $next_id ? prevnext_link(gTxt('next') . '›', 'article', 'edit', $next_id, gTxt('next')) : '', '</p>'; } //-- status radios -------------- echo pluggable_ui('article_ui', 'status', n . n . '<fieldset id="write-status">' . n . '<legend>' . gTxt('status') . '</legend>' . n . status_radio($Status) . n . '</fieldset>', $rs); //-- category selects ----------- echo pluggable_ui('article_ui', 'categories', n . n . '<fieldset id="write-sort">' . n . '<legend>' . gTxt('sort_display') . '</legend>' . n . graf('<label for="category-1">' . gTxt('category1') . '</label> ' . '<span class="edit category-edit small">[' . eLink('category', '', '', '', gTxt('edit')) . ']</span>' . br . n . category_popup('Category1', $Category1, 'category-1'), ' class="category category-1"') . n . graf('<label for="category-2">' . gTxt('category2') . '</label>' . br . n . category_popup('Category2', $Category2, 'category-2'), ' class="category category-2"'), $rs); //-- section select -------------- if (!$from_view && !$pull) { $Section = getDefaultSection(); } echo pluggable_ui('article_ui', 'section', n . graf('<label for="section">' . gTxt('section') . '</label> ' . '<span class="edit section-edit small">[' . eLink('section', '', '', '', gTxt('edit')) . ']</span>' . br . section_popup($Section, 'section'), ' class="section"') . n . '</fieldset>', $rs); //-- "More" section echo n . n . '<div id="more_group"><h3 class="plain lever' . (get_pref('pane_article_more_visible') ? ' expanded' : '') . '"><a href="#more">' . gTxt('more') . '</a></h3>', '<div id="more" class="toggle" style="display:' . (get_pref('pane_article_more_visible') ? 'block' : 'none') . '">'; //-- comments stuff -------------- if ($step == "create") { //Avoiding invite disappear when previewing $AnnotateInvite = !empty($store_out['AnnotateInvite']) ? $store_out['AnnotateInvite'] : $comments_default_invite; if ($comments_on_default == 1) { $Annotate = 1; } } if ($use_comments == 1) { $invite[] = n . n . '<fieldset id="write-comments">' . n . '<legend>' . gTxt('comments') . '</legend>'; $comments_expired = false; if ($step != 'create' && $comments_disabled_after) { $lifespan = $comments_disabled_after * 86400; $time_since = time() - $sPosted; if ($time_since > $lifespan) { $comments_expired = true; } } if ($comments_expired) { $invite[] = n . n . graf(gTxt('expired'), ' class="comment-annotate"'); } else { $invite[] = n . n . graf(onoffRadio('Annotate', $Annotate), ' class="comment-annotate"') . n . n . graf('<label for="comment-invite">' . gTxt('comment_invitation') . '</label>' . br . fInput('text', 'AnnotateInvite', $AnnotateInvite, 'edit', '', '', '', '', 'comment-invite'), ' class="comment-invite"'); } $invite[] = n . n . '</fieldset>'; echo pluggable_ui('article_ui', 'annotate_invite', join('', $invite), $rs); } if ($step == "create" and empty($GLOBALS['ID'])) { //-- timestamp ------------------- //Avoiding modified date to disappear $persist_timestamp = !empty($store_out['year']) ? safe_strtotime($store_out['year'] . '-' . $store_out['month'] . '-' . $store_out['day'] . ' ' . $store_out['hour'] . ':' . $store_out['minute'] . ':' . $store_out['second']) : time(); echo pluggable_ui('article_ui', 'timestamp', n . n . '<fieldset id="write-timestamp">' . n . '<legend>' . gTxt('timestamp') . '</legend>' . n . graf(checkbox('publish_now', '1', $publish_now, '', 'publish_now') . '<label for="publish_now">' . gTxt('set_to_now') . '</label>', ' class="publish-now"') . n . graf(gTxt('or_publish_at') . sp . popHelp('timestamp'), ' class="publish-at"') . n . graf('<span class="label">' . gtxt('date') . '</span>' . sp . tsi('year', '%Y', $persist_timestamp) . ' / ' . tsi('month', '%m', $persist_timestamp) . ' / ' . tsi('day', '%d', $persist_timestamp), ' class="date posted created"') . n . graf('<span class="label">' . gTxt('time') . '</span>' . sp . tsi('hour', '%H', $persist_timestamp) . ' : ' . tsi('minute', '%M', $persist_timestamp) . ' : ' . tsi('second', '%S', $persist_timestamp), ' class="time posted created"') . n . '</fieldset>', array('sPosted' => $persist_timestamp) + $rs); //-- expires ------------------- $persist_timestamp = !empty($store_out['exp_year']) ? safe_strtotime($store_out['exp_year'] . '-' . $store_out['exp_month'] . '-' . $store_out['exp_day'] . ' ' . $store_out['exp_hour'] . ':' . $store_out['exp_minute'] . ':' . $store_out['second']) : NULLDATETIME; echo pluggable_ui('article_ui', 'expires', n . n . '<fieldset id="write-expires">' . n . '<legend>' . gTxt('expires') . '</legend>' . n . graf('<span class="label">' . gtxt('date') . '</span>' . sp . tsi('exp_year', '%Y', $persist_timestamp) . ' / ' . tsi('exp_month', '%m', $persist_timestamp) . ' / ' . tsi('exp_day', '%d', $persist_timestamp), ' class="date expires"') . n . graf('<span class="label">' . gTxt('time') . '</span>' . sp . tsi('exp_hour', '%H', $persist_timestamp) . ' : ' . tsi('exp_minute', '%M', $persist_timestamp) . ' : ' . tsi('exp_second', '%S', $persist_timestamp), ' class="time expires"') . n . '</fieldset>', $rs); // end "More" section echo n . n . '</div></div>'; //-- publish button -------------- echo has_privs('article.publish') ? fInput('submit', 'publish', gTxt('publish'), "publish", '', '', '', 4) : fInput('submit', 'publish', gTxt('save'), "publish", '', '', '', 4); } else { //-- timestamp ------------------- if (!empty($year)) { $sPosted = safe_strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second); } echo pluggable_ui('article_ui', 'timestamp', n . n . '<fieldset id="write-timestamp">' . n . '<legend>' . gTxt('timestamp') . '</legend>' . n . graf(checkbox('reset_time', '1', $reset_time, '', 'reset_time') . '<label for="reset_time">' . gTxt('reset_time') . '</label>', ' class="reset-time"') . n . graf(gTxt('published_at') . sp . popHelp('timestamp'), ' class="publish-at"') . n . graf('<span class="label">' . gtxt('date') . '</span>' . sp . tsi('year', '%Y', $sPosted) . ' / ' . tsi('month', '%m', $sPosted) . ' / ' . tsi('day', '%d', $sPosted), ' class="date posted created"') . n . graf('<span class="label">' . gTxt('time') . '</span>' . sp . tsi('hour', '%H', $sPosted) . ' : ' . tsi('minute', '%M', $sPosted) . ' : ' . tsi('second', '%S', $sPosted), ' class="time posted created"') . n . hInput('sPosted', $sPosted) . n . hInput('sLastMod', $sLastMod) . n . hInput('AuthorID', $AuthorID) . n . hInput('LastModID', $LastModID) . n . '</fieldset>', $rs); //-- expires ------------------- if (!empty($exp_year)) { if (empty($exp_month)) { $exp_month = 1; } if (empty($exp_day)) { $exp_day = 1; } if (empty($exp_hour)) { $exp_hour = 0; } if (empty($exp_minute)) { $exp_minute = 0; } if (empty($exp_second)) { $exp_second = 0; } $sExpires = safe_strtotime($exp_year . '-' . $exp_month . '-' . $exp_day . ' ' . $exp_hour . ':' . $exp_minute . ':' . $exp_second); } echo pluggable_ui('article_ui', 'expires', n . n . '<fieldset id="write-expires">' . n . '<legend>' . gTxt('expires') . '</legend>' . n . graf('<span class="label">' . gtxt('date') . '</span>' . sp . tsi('exp_year', '%Y', $sExpires) . ' / ' . tsi('exp_month', '%m', $sExpires) . ' / ' . tsi('exp_day', '%d', $sExpires), ' class="date expires"') . n . graf('<span class="label">' . gTxt('time') . '</span>' . sp . tsi('exp_hour', '%H', $sExpires) . ' : ' . tsi('exp_minute', '%M', $sExpires) . ' : ' . tsi('exp_second', '%S', $sExpires), ' class="time expires"') . n . hInput('sExpires', $sExpires) . n . '</fieldset>', $rs); // end "More" section echo n . n . '</div></div>'; //-- save button -------------- if ($Status >= 4 and has_privs('article.edit.published') or $Status >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $Status < 4 and has_privs('article.edit') or $Status < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) { echo fInput('submit', 'save', gTxt('save'), "publish", '', '', '', 4); } } } echo '</div></td></tr></table></form></div>' . n; // Assume users would not change the timestamp if they wanted to "publish now"/"reset time" echo script_js(<<<EOS \t\t\$('#write-timestamp input.edit').change( \t\t\tfunction() { \t\t\t\t\$('#publish_now').attr('checked', false); \t\t\t\t\$('#reset_time').attr('checked', false); \t\t\t}); EOS ); }
/* for nesting - MasterId cannot be the same as subnetId! */ if ($_POST['masterSubnetId'] == $_POST['subnetId']) { $errors[] = _('Subnet cannot nest behind itself!'); } } else { } } } } /* but always verify vlan! */ $vlancheck = validateVlan($_POST['VLAN']); if ($vlancheck != 'ok') { $errors[] = $vlancheck; } //custom $myFields = getCustomFields('subnets'); if (sizeof($myFields) > 0) { foreach ($myFields as $myField) { # replace possible ___ back to spaces! $myField['nameTest'] = str_replace(" ", "___", $myField['name']); if (isset($_POST[$myField['nameTest']])) { $_POST[$myField['name']] = $_POST[$myField['nameTest']]; } //booleans can be only 0 and 1! if ($myField['type'] == "tinyint(1)") { if ($_POST[$myField['name']] > 1) { $_POST[$myField['name']] = ""; } } //not empty if ($myField['Null'] == "NO" && strlen($_POST[$myField['name']]) == 0 && !checkAdmin(false)) {
/* Hostname must be present! */ if ($device['hostname'] == "") { die('<div class="alert alert alert-danger">' . _('Hostname is mandatory') . '!</div>'); } # we need old hostname if ($device['action'] == "edit" || $device['action'] == "delete") { # get old switch name $oldHostname = getDeviceDetailsById($device['switchId']); $oldHostname = $oldHostname['hostname']; # if delete new hostname = "" if ($device['action'] == "delete") { $device['hostname'] = ""; } } //custom $myFields = getCustomFields('devices'); if (sizeof($myFields) > 0) { foreach ($myFields as $myField) { # replace possible ___ back to spaces! $myField['nameTest'] = str_replace(" ", "___", $myField['name']); if (isset($_POST[$myField['nameTest']])) { $device[$myField['name']] = $device[$myField['nameTest']]; } //booleans can be only 0 and 1! if ($myField['type'] == "tinyint(1)") { if ($device[$myField['name']] > 1) { $device[$myField['name']] = ""; } } //not null! if ($myField['Null'] == "NO" && strlen($device[$myField['name']]) == 0 && !checkAdmin(false, false)) {
function doHomeArticles($atts, $thing = NULL) { global $pretext, $prefs; extract($pretext); extract($prefs); $customFields = getCustomFields(); $customlAtts = array_null(array_flip($customFields)); //getting attributes $theAtts = lAtts(array('form' => 'default', 'listform' => '', 'searchform' => '', 'limit' => 10, 'category' => '', 'section' => '', 'excerpted' => '', 'author' => '', 'sort' => '', 'month' => '', 'keywords' => '', 'frontpage' => '', 'time' => 'past', 'pgonly' => 0, 'searchall' => 1, 'allowoverride' => true, 'offset' => 0, 'wraptag' => '', 'break' => '', 'label' => '', 'labeltag' => '', 'class' => '') + $customlAtts, $atts); $theAtts['category'] = $c ? $c : ''; $theAtts['section'] = $s && $s != 'default' && $s != 'home' ? $s : ''; $theAtts['author'] = !empty($author) ? $author : ''; $theAtts['month'] = !empty($month) ? $month : ''; $theAtts['frontpage'] = $s && $s == 'home' ? true : false; $theAtts['excerpted'] = ''; extract($theAtts); // if a listform is specified, $thing is for doArticle() - hence ignore here. if (!empty($listform)) { $thing = ''; } $pageby = empty($pageby) ? $limit : $pageby; $match = $search = ''; if (!$sort) { $sort = 'Posted desc'; } //Building query parts $frontpage = filterFrontPage(); $category = join("','", doSlash(do_list($category))); $category = !$category ? '' : " and (Category1 IN ('" . $category . "') or Category2 IN ('" . $category . "'))"; $section = !$section ? '' : " and Section IN ('" . join("','", doSlash(do_list($section))) . "')"; $excerpted = $excerpted == 'y' ? " and Excerpt !=''" : ''; $author = !$author ? '' : " and AuthorID IN ('" . join("','", doSlash(do_list($author))) . "')"; $month = !$month ? '' : " and Posted like '" . doSlash($month) . "%'"; $id = !$id ? '' : " and ID IN (" . join(',', array_map('intval', do_list($id))) . ")"; switch ($time) { case 'any': $time = ""; break; case 'future': $time = " and Posted > now()"; break; default: $time = " and Posted <= now()"; } if (!$publish_expired_articles) { $time .= " and (now() <= Expires or Expires = " . NULLDATETIME . ")"; } $custom = ''; if ($customFields) { foreach ($customFields as $cField) { if (isset($atts[$cField])) { $customPairs[$cField] = $atts[$cField]; } } if (!empty($customPairs)) { $custom = buildCustomSql($customFields, $customPairs); } } $statusq = ' and Status = 5'; $where = "1=1" . $statusq . $time . $search . $category . $section . $excerpted . $month . $author . $keywords . $custom . $frontpage; $rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted, unix_timestamp(Expires) as uExpires, unix_timestamp(LastMod) as uLastMod" . $match, 'textpattern', $where . ' order by ' . doSlash($sort) . ' limit 0' . intval($limit)); // get the form name $fname = $listform ? $listform : $form; if ($rs) { $count = 0; $last = numRows($rs); $articles = array(); while ($a = nextRow($rs)) { ++$count; populateArticleData($a); global $thisarticle, $uPosted, $limit; $thisarticle['is_first'] = $count == 1; $thisarticle['is_last'] = $count == $last; if (@constant('txpinterface') === 'admin' and gps('Form')) { $articles[] = parse(gps('Form')); } elseif ($allowoverride and $a['override_form']) { $articles[] = parse_form($a['override_form']); } else { $articles[] = $thing ? parse($thing) : parse_form($fname); } // sending these to paging_link(); Required? $uPosted = $a['uPosted']; unset($GLOBALS['thisarticle']); } return doLabel($label, $labeltag) . doWrap($articles, $wraptag, $break, $class); } }
if (trim($agreement) == trim($agreementCheck)) { $checked = "checked"; } } print $agreement . " <input {$checked} type='checkbox' name='studentAgreements[]' value='" . htmlPrep(trim($agreement)) . "'/><br/>"; } ?> </td> </tr> <?php } } //CUSTOM FIELDS $fields = unserialize($row["fields"]); $resultFields = getCustomFields($connection2, $guid, $student, $staff, $parent, $other); if ($resultFields->rowCount() > 0) { ?> <tr class='break'> <td colspan=2> <h3><?php print _('Custom Fields'); ?> </h3> </td> </tr> <?php while ($rowFields = $resultFields->fetch()) { print renderCustomFieldRow($connection2, $guid, $rowFields, @$fields[$rowFields["gibbonPersonFieldID"]]); } }
$hookret = run_hook("AdminClientServicesTabFields", array("id" => $id)); foreach ($hookret as $hookdat) { foreach ($hookdat as $k => $v) { $tbl->add($k, $v, 1); } } $addonshtml = ""; $aInt->sortableTableInit("nopagination"); $service = new WHMCS_Service($id); $addons = $service->getAddons(); foreach ($addons as $vals) { $tabledata[] = array($vals['regdate'], $vals['name'], $vals['pricing'], $vals['status'], $vals['nextduedate'], "<a href=\"" . $PHP_SELF . "?userid=" . $userid . "&id=" . $id . "&aid=" . $vals['id'] . "\"><img src=\"images/edit.gif\" width=\"16\" height=\"16\" border=\"0\" alt=\"Edit\"></a>", "<a href=\"#\" onClick=\"doDeleteAddon('" . $vals['id'] . "');return false\"><img src=\"images/delete.gif\" width=\"16\" height=\"16\" border=\"0\" alt=\"Delete\"></a>"); } $addonshtml = $aInt->sortableTable(array($aInt->lang("addons", "regdate"), $aInt->lang("addons", "name"), $aInt->lang("global", "pricing"), $aInt->lang("fields", "status"), $aInt->lang("fields", "nextduedate"), "", ""), $tabledata); $tbl->add($aInt->lang("addons", "title"), $addonshtml . "<div style=\"padding:5px 25px;\"><a href=\"clientsservices.php?userid=" . $userid . "&id=" . $id . "&aid=add\"><img src=\"images/icons/add.png\" border=\"0\" align=\"top\" /> Add New Addon</a></div>", 1); $customfields = getCustomFields("product", $packageid, $id, true); foreach ($customfields as $customfield) { $tbl->add($customfield['name'], $customfield['input'], 1); } $tbl->add($aInt->lang("services", "overrideautosusp"), $frm->checkbox("overideautosuspend", $aInt->lang("services", "nosuspenduntil"), $overideautosuspend) . " " . $frm->date("overidesuspenduntil", $overidesuspenduntil), 1); $tbl->add($aInt->lang("services", "endofcycle"), $frm->checkbox("autoterminateendcycle", $aInt->lang("services", "reason"), $autoterminateendcycle) . " " . $frm->text("autoterminatereason", $autoterminatereason, "60"), 1); $tbl->add($aInt->lang("fields", "adminnotes"), $frm->textarea("notes", $notes, "4", "100%"), 1); echo $tbl->output(); echo "\n<br />\n<div align=\"center\">" . $frm->submit($aInt->lang("global", "savechanges"), "btn btn-primary") . " " . $frm->reset($aInt->lang("global", "cancelchanges")) . "<br />\n<a href=\"#\" onclick=\"showDialog('delete');return false\" style=\"color:#cc0000\"><strong>" . $aInt->lang("global", "delete") . "</strong></a></div>"; } echo $frm->close() . "\n\n<br />\n\n<div class=\"contentbox\">\n<table align=\"center\"><tr><td>\n<strong>" . $aInt->lang("global", "sendmessage") . "</strong>\n</td><td>\n"; $frmsub = new WHMCS_Form("frm3"); echo $frmsub->form("clientsemails.php?userid=" . $userid); echo $frmsub->hidden("action", "send"); echo $frmsub->hidden("type", "product"); echo $frmsub->hidden("id", $id);
$cFields['subnets'] = getCustomFields('subnets'); $cFieldsNum['subnets'] = getCustomFieldsNumArr('subnets'); $cFields['subnets']['title'] = "Custom subnet fields"; $cFields['subnets']['tooltip'] = "Add new custom subnet field"; /* custom vlan */ $cFields['vlans'] = getCustomFields('vlans'); $cFieldsNum['vlans'] = getCustomFieldsNumArr('vlans'); $cFields['vlans']['title'] = "Custom VLAN fields"; $cFields['vlans']['tooltip'] = "Add new custom VLAN field"; /* custom users */ $cFields['users'] = getCustomFields('users'); $cFieldsNum['users'] = getCustomFieldsNumArr('users'); $cFields['users']['title'] = "Custom User fields"; $cFields['users']['tooltip'] = "Add new custom User field"; /* custom devices */ $cFields['devices'] = getCustomFields('devices'); $cFieldsNum['devices'] = getCustomFieldsNumArr('devices'); $cFields['devices']['title'] = "Custom device fields"; $cFields['devices']['tooltip'] = "Add new custom device field"; ?> <h4><?php print _('Custom fields'); ?> </h4> <hr> <div class="alert alert-info alert-absolute"><?php print _('You can add additional custom fields to IP addresses and subnets (like CustomerId, location, ...)'); ?>
/** * Find an adjacent article relative to a provided threshold level. * * @param scalar $threshold The value to compare against * @param string $s Optional section restriction * @param string $type Lesser or greater neighbour? Either '<' (previous) or '>' (next) * @param array $atts Attribute of article at threshold * @param string $threshold_type 'cooked': Use $threshold as SQL clause; 'raw': Use $threshold as an escapable scalar * @return array|bool An array populated with article data, or 'false' in case of no matches */ function getNeighbour($threshold, $s, $type, $atts = array(), $threshold_type = 'raw') { global $prefs; static $cache = array(); $key = md5($threshold . $s . $type . join(n, $atts)); if (isset($cache[$key])) { return $cache[$key]; } extract($atts); $expired = $expired && $prefs['publish_expired_articles']; $customFields = getCustomFields(); // Building query parts; lifted from publish.php. $ids = array_map('intval', do_list($id)); $id = !$id ? '' : " AND ID IN (" . join(',', $ids) . ")"; switch ($time) { case 'any': $time = ""; break; case 'future': $time = " AND Posted > " . now('posted'); break; default: $time = " AND Posted <= " . now('posted'); } if (!$expired) { $time .= " AND (" . now('expires') . " <= Expires OR Expires = " . NULLDATETIME . ")"; } $custom = ''; if ($customFields) { foreach ($customFields as $cField) { if (isset($atts[$cField])) { $customPairs[$cField] = $atts[$cField]; } } if (!empty($customPairs)) { $custom = buildCustomSql($customFields, $customPairs); } } if ($keywords) { $keys = doSlash(do_list($keywords)); foreach ($keys as $key) { $keyparts[] = "FIND_IN_SET('" . $key . "', Keywords)"; } $keywords = " AND (" . join(" OR ", $keyparts) . ")"; } $sortdir = strtolower($sortdir); // Invert $type for ascending sortdir. $types = array('>' => array('desc' => '>', 'asc' => '<'), '<' => array('desc' => '<', 'asc' => '>')); $type = $type == '>' ? $types['>'][$sortdir] : $types['<'][$sortdir]; // Escape threshold and treat it as a string unless explicitly told otherwise. if ($threshold_type != 'cooked') { $threshold = "'" . doSlash($threshold) . "'"; } $safe_name = safe_pfx('textpattern'); $q = array("SELECT ID AS thisid, Section AS section, Title AS title, url_title, UNIX_TIMESTAMP(Posted) AS posted\n FROM {$safe_name} WHERE {$sortby} {$type} {$threshold}", $s != '' && $s != 'default' ? "AND Section = '" . doSlash($s) . "'" : filterFrontPage(), $id, $time, $custom, $keywords, "AND Status = 4", "ORDER BY {$sortby}", $type == '<' ? "DESC" : "ASC", "LIMIT 1"); $cache[$key] = getRow(join(n . ' ', $q)); return is_array($cache[$key]) ? $cache[$key] : false; }
print "</td>"; print "</tr>"; } $studentAgreementOptions = getSettingByScope($connection2, "School Admin", "studentAgreementOptions"); if ($studentAgreementOptions != "") { print "<tr>"; print "<td style='width: 33%; padding-top: 15px; vertical-align: top' colspan=3>"; print "<span style='font-size: 115%; font-weight: bold'>" . _('Student Agreements') . "</span><br/>"; print _("Agreements Signed:") . " " . $row["studentAgreements"]; print "</td>"; print "</tr>"; } print "</table>"; //Custom Fields $fields = unserialize($row["fields"]); $resultFields = getCustomFields($connection2, $guid, TRUE); if ($resultFields->rowCount() > 0) { print "<h4>"; print _("Custom Fields"); print "</h4>"; print "<table class='smallIntBorder' cellspacing='0' style='width: 100%'>"; $count = 0; $columns = 3; while ($rowFields = $resultFields->fetch()) { if ($count % $columns == 0) { print "<tr>"; } print "<td style='width: 33%; padding-top: 15px; vertical-align: top'>"; print "<span style='font-size: 115%; font-weight: bold'>" . _($rowFields["name"]) . "</span><br/>"; if (isset($fields[$rowFields["gibbonPersonFieldID"]])) { if ($rowFields["type"] == "date") {
$subnetDataOld = getSubnetDetailsById($_POST['subnetId']); } else { # for selecting master subnet if added from subnet details! if (strlen($_REQUEST['subnetId']) > 0) { $tempData = getSubnetDetailsById($_POST['subnetId']); $subnetDataOld['masterSubnetId'] = $tempData['id']; // same master subnet ID for nested $subnetDataOld['vlanId'] = $tempData['vlanId']; // same default vlan for nested $subnetDataOld['vrfId'] = $tempData['vrfId']; // same default vrf for nested } $sectionName = getSectionDetailsById($_POST['sectionId']); } /* get custom subnet fields */ $customSubnetFields = getCustomFields('subnets'); # set readonly flag if ($_POST['action'] == "edit" || $_POST['action'] == "delete") { $readonly = true; } else { $readonly = false; } ?> <!-- header --> <div class="pHeader"><?php print ucwords(_("{$_POST['action']}")); ?> <?php
echo ":</i></b> "; echo $date; echo "<br>\n<b><i>"; echo $aInt->lang("support", "lastreply"); echo ":</i></b> "; echo $lastreply; echo "<br>\n<b><i>"; echo $aInt->lang("fields", "status"); echo ":</i></b> "; echo $outstatus; echo "<br>\n<b><i>"; echo $aInt->lang("support", "priority"); echo ":</i></b> "; echo $urgency; echo "</p>\n<hr size=1><p>\n"; $customfields = getCustomFields("support", $deptid, $id, true); foreach ($customfields as $customfield) { echo "<b><i>" . $customfield['name'] . ":</i></b> " . $customfield['value'] . "<br>"; } echo "</p><hr size=1>\n\n"; if ($pauserid != "0000000000") { $result2 = select_query("tblclients", "", array("id" => $pauserid)); $data2 = mysql_fetch_array($result2); $firstname = $data2['firstname']; $lastname = $data2['lastname']; $clientinfo = "<b>" . $firstname . " " . $lastname . "</b>"; } else { $clientinfo = "<b>" . $name . "</b> (" . $email . ")"; } echo "" . $clientinfo . " @ " . $date . "<br><hr size=1><br>" . stripslashes($message) . "<hr size=1>"; $result = select_query("tblticketreplies", "", array("tid" => $id), "date", "ASC");
$apiresults = array("result" => "success", "totalresults" => mysql_num_rows($result)); while ($data = mysql_fetch_array($result)) { $pid = $data['id']; $productarray = array("pid" => $data['id'], "gid" => $data['gid'], "type" => $data['type'], "name" => $data['name'], "description" => $data['description'], "module" => $data['servertype'], "paytype" => $data['paytype']); if ($data['stockcontrol']) { $productarray['stockcontrol'] = "true"; $productarray['stocklevel'] = $data['qty']; } $result2 = select_query("tblpricing", "tblcurrencies.code,tblcurrencies.prefix,tblcurrencies.suffix,tblpricing.msetupfee,tblpricing.qsetupfee,tblpricing.ssetupfee,tblpricing.asetupfee,tblpricing.bsetupfee,tblpricing.tsetupfee,tblpricing.monthly,tblpricing.quarterly,tblpricing.semiannually,tblpricing.annually,tblpricing.biennially,tblpricing.triennially", array("type" => "product", "relid" => $pid), "code", "ASC", "", "tblcurrencies ON tblcurrencies.id=tblpricing.currency"); while ($data = mysql_fetch_assoc($result2)) { $code = $data['code']; unset($data['code']); $productarray['pricing'][$code] = $data; } $customfieldsdata = array(); $customfields = getCustomFields("product", $pid, "", "", "on"); foreach ($customfields as $field) { $customfieldsdata[] = array("id" => $field['id'], "name" => $field['name'], "description" => $field['description'], "required" => $field['required']); } $productarray['customfields']['customfield'] = $customfieldsdata; $configoptiondata = array(); $configurableoptions = getCartConfigOptions($pid, "", "", "", true); foreach ($configurableoptions as $option) { $options = array(); foreach ($option['options'] as $op) { $pricing = array(); $result4 = select_query("tblpricing", "code,msetupfee,qsetupfee,ssetupfee,asetupfee,bsetupfee,tsetupfee,monthly,quarterly,semiannually,annually,biennially,triennially", array("type" => "configoptions", "relid" => $op['id']), "", "", "", "tblcurrencies ON tblcurrencies.id=tblpricing.currency"); while ($oppricing = mysql_fetch_assoc($result4)) { $currcode = $oppricing['code']; unset($oppricing['code']); $pricing[$currcode] = $oppricing;
function populateArticleData($rs) { extract($rs); $out['thisid'] = $ID; $out['posted'] = $uPosted; $out['annotate'] = $Annotate; $out['comments_invite'] = $AnnotateInvite; $out['authorid'] = $AuthorID; $out['title'] = $Title; $out['url_title'] = $url_title; $out['category1'] = $Category1; $out['category2'] = $Category2; $out['section'] = $Section; $out['keywords'] = $Keywords; $out['article_image'] = $Image; $out['comments_count'] = $comments_count; $custom = getCustomFields(); if ($custom) { foreach ($custom as $i => $name) { $out[$name] = $rs['custom_' . $i]; } } $GLOBALS['thisarticle'] = $out; $GLOBALS['is_article_body'] = 1; $GLOBALS['thisarticle']['body'] = parse($Body_html); $GLOBALS['thisarticle']['excerpt'] = parse($Excerpt_html); $GLOBALS['is_article_body'] = 0; }
/** * Get all custom fields in number array */ function getCustomFieldsNumArr($table) { $res = getCustomFields($table); /* reindex */ foreach ($res as $line) { $out[] = $line['name']; } return $out; }
/** * Hooks to article saving process and updates short URLs */ public static function update() { global $prefs; if (empty($prefs['rah_bitly_login']) || empty($prefs['rah_bitly_apikey']) || empty($prefs['rah_bitly_field'])) { return; } static $old = array(); static $updated = false; $id = !empty($GLOBALS['ID']) ? $GLOBALS['ID'] : ps('ID'); if (!$id || ps('_txp_token') != form_token() || intval(ps('Status')) < 4) { $old = array('permlink' => NULL, 'status' => NULL); return; } include_once txpath . '/publish/taghandlers.php'; /* Get the old article permlink before anything is saved */ if (!$old) { $old = array('permlink' => permlinkurl_id($id), 'status' => fetch('Status', 'textpattern', 'ID', $id)); return; } /* Clear the permlink cache */ unset($GLOBALS['permlinks'][$id]); /* Generate a new if permlink has changed or if article is published */ if (callback_event('rah_bitly.update') !== '') { return; } if ($updated == false && ($permlink = permlinkurl_id($id)) && ($old['permlink'] != $permlink || !ps('custom_' . $prefs['rah_bitly_field']) || $old['status'] != ps('Status'))) { $uri = self::fetch($permlink); if ($uri) { $fields = getCustomFields(); if (!isset($fields[$prefs['rah_bitly_field']])) { return; } safe_update('textpattern', 'custom_' . intval($prefs['rah_bitly_field']) . "='" . doSlash($uri) . "'", "ID='" . doSlash($id) . "'"); $_POST['custom_' . $prefs['rah_bitly_field']] = $uri; } $updated = true; } if (!empty($uri)) { echo script_js('$(\'input[name="custom_' . $prefs['rah_bitly_field'] . '"]\').val("' . escape_js($uri) . '");'); } }
<?php /** * Script to confirm / reject IP address request ***********************************************/ require_once '../../functions/functions.php'; /* verify that user is admin */ checkAdmin(); /* filter input */ $_POST = filter_user_input($_POST, true, true, false); /* get posted request */ $request = $_POST; /* custom fields modification */ $myFields = getCustomFields('ipaddresses'); if (sizeof($myFields) > 0) { foreach ($myFields as $myField) { # replace possible ___ back to spaces! $myField['nameTest'] = str_replace(" ", "___", $myField['name']); if (isset($request[$myField['nameTest']])) { $request[$myField['name']] = $request[$myField['nameTest']]; } } } /* if action is reject set processed and accepted to 1 and 0 */ if ($request['action'] == "reject") { if (!rejectIPrequest($request['requestId'], $request['adminComment'])) { print '<div class="alert alert alert-danger">' . _('Cannot update request') . '!</div>'; updateLogTable('Cannot reject IP request', 'Cannot reject IP request for request id ' . $request['requestId'] . '!', 2); } else { print '<div class="alert alert-success">' . _('Request has beed rejected') . '!</div>'; updateLogTable('Request has beed rejected!', 'IP request id ' . $request['requestId'] . ' (' . $request['ip_addr'] . ') has been rejected!', 1);
function doArticles($atts, $iscustom, $thing = NULL) { global $pretext, $prefs; extract($pretext); extract($prefs); $customFields = getCustomFields(); $customlAtts = array_null(array_flip($customFields)); //getting attributes $theAtts = lAtts(array('form' => 'default', 'listform' => '', 'searchform' => '', 'limit' => 10, 'pageby' => '', 'category' => '', 'section' => '', 'excerpted' => '', 'author' => '', 'sort' => '', 'sortby' => '', 'sortdir' => '', 'month' => '', 'keywords' => '', 'expired' => $publish_expired_articles, 'frontpage' => '', 'id' => '', 'time' => 'past', 'status' => '4', 'pgonly' => 0, 'searchall' => 1, 'searchsticky' => 0, 'allowoverride' => !$q and !$iscustom, 'offset' => 0, 'wraptag' => '', 'break' => '', 'label' => '', 'labeltag' => '', 'class' => '') + $customlAtts, $atts); // if an article ID is specified, treat it as a custom list $iscustom = !empty($theAtts['id']) ? true : $iscustom; //for the txp:article tag, some attributes are taken from globals; //override them before extract if (!$iscustom) { $theAtts['category'] = $c ? $c : ''; $theAtts['section'] = $s && $s != 'default' ? $s : ''; $theAtts['author'] = !empty($author) ? $author : ''; $theAtts['month'] = !empty($month) ? $month : ''; $theAtts['frontpage'] = $s && $s == 'default' ? true : false; $theAtts['excerpted'] = ''; } extract($theAtts); // if a listform is specified, $thing is for doArticle() - hence ignore here. if (!empty($listform)) { $thing = ''; } $pageby = empty($pageby) ? $limit : $pageby; // treat sticky articles differently wrt search filtering, etc $status = in_array(strtolower($status), array('sticky', '5')) ? 5 : 4; $issticky = $status == 5; // give control to search, if necessary if ($q && !$iscustom && !$issticky) { include_once txpath . '/publish/search.php'; $s_filter = $searchall ? filterSearch() : ''; $q = trim($q); $quoted = $q[0] === '"' && $q[strlen($q) - 1] === '"'; $q = doSlash($quoted ? trim(trim($q, '"')) : $q); // searchable article fields are limited to the columns of // the textpattern table and a matching fulltext index must exist. $cols = do_list($searchable_article_fields); if (empty($cols) or $cols[0] == '') { $cols = array('Title', 'Body'); } $match = ', match (`' . join('`, `', $cols) . "`) against ('{$q}') as score"; $search_terms = preg_replace('/\\s+/', ' ', str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $q)); if ($quoted || empty($m) || $m === 'exact') { for ($i = 0; $i < count($cols); $i++) { $cols[$i] = "`{$cols[$i]}` like '%{$search_terms}%'"; } } else { $colJoin = $m === 'any' ? 'or' : 'and'; $search_terms = explode(' ', $search_terms); for ($i = 0; $i < count($cols); $i++) { $like = array(); foreach ($search_terms as $search_term) { $like[] = "`{$cols[$i]}` like '%{$search_term}%'"; } $cols[$i] = '(' . join(' ' . $colJoin . ' ', $like) . ')'; } } $cols = join(' or ', $cols); $search = " and ({$cols}) {$s_filter}"; // searchall=0 can be used to show search results for the current section only if ($searchall) { $section = ''; } if (!$sort) { $sort = 'score desc'; } } else { $match = $search = ''; if (!$sort) { $sort = 'Posted desc'; } } // for backwards compatibility // sortby and sortdir are deprecated if ($sortby) { trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortby')), E_USER_NOTICE); if (!$sortdir) { $sortdir = 'desc'; } else { trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortdir')), E_USER_NOTICE); } $sort = "{$sortby} {$sortdir}"; } elseif ($sortdir) { trigger_error(gTxt('deprecated_attribute', array('{name}' => 'sortdir')), E_USER_NOTICE); $sort = "Posted {$sortdir}"; } //Building query parts $frontpage = ($frontpage and (!$q or $issticky)) ? filterFrontPage() : ''; $category = join("','", doSlash(do_list($category))); $category = !$category ? '' : " and (Category1 IN ('" . $category . "') or Category2 IN ('" . $category . "'))"; $section = !$section ? '' : " and Section IN ('" . join("','", doSlash(do_list($section))) . "')"; $excerpted = $excerpted == 'y' || $excerpted == '1' ? " and Excerpt !=''" : ''; $author = !$author ? '' : " and AuthorID IN ('" . join("','", doSlash(do_list($author))) . "')"; $month = !$month ? '' : " and Posted like '" . doSlash($month) . "%'"; $ids = array_map('intval', do_list($id)); $id = !$id ? '' : " and ID IN (" . join(',', $ids) . ")"; switch ($time) { case 'any': $time = ""; break; case 'future': $time = " and Posted > now()"; break; default: $time = " and Posted <= now()"; } if (!$expired) { $time .= " and (now() <= Expires or Expires = " . NULLDATETIME . ")"; } $custom = ''; if ($customFields) { foreach ($customFields as $cField) { if (isset($atts[$cField])) { $customPairs[$cField] = $atts[$cField]; } } if (!empty($customPairs)) { $custom = buildCustomSql($customFields, $customPairs); } } //Allow keywords for no-custom articles. That tagging mode, you know if ($keywords) { $keys = doSlash(do_list($keywords)); foreach ($keys as $key) { $keyparts[] = "FIND_IN_SET('" . $key . "',Keywords)"; } $keywords = " and (" . join(' or ', $keyparts) . ")"; } if ($q and $searchsticky) { $statusq = ' and Status >= 4'; } elseif ($id) { $statusq = ' and Status >= 4'; } else { $statusq = ' and Status = ' . intval($status); } $where = "1=1" . $statusq . $time . $search . $id . $category . $section . $excerpted . $month . $author . $keywords . $custom . $frontpage; //do not paginate if we are on a custom list if (!$iscustom and !$issticky) { $grand_total = safe_count('textpattern', $where); $total = $grand_total - $offset; $numPages = ceil($total / $pageby); $pg = !$pg ? 1 : $pg; $pgoffset = $offset + ($pg - 1) * $pageby; // send paging info to txp:newer and txp:older $pageout['pg'] = $pg; $pageout['numPages'] = $numPages; $pageout['s'] = $s; $pageout['c'] = $c; $pageout['context'] = 'article'; $pageout['grand_total'] = $grand_total; $pageout['total'] = $total; global $thispage; if (empty($thispage)) { $thispage = $pageout; } if ($pgonly) { return; } } else { $pgoffset = $offset; } // preserve order of custom article ids unless 'sort' attribute is set if (!empty($atts['id']) && empty($atts['sort'])) { $safe_sort = 'field(id, ' . join(',', $ids) . ')'; } else { $safe_sort = doSlash($sort); } $rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted, unix_timestamp(Expires) as uExpires, unix_timestamp(LastMod) as uLastMod" . $match, 'textpattern', $where . ' order by ' . $safe_sort . ' limit ' . intval($pgoffset) . ', ' . intval($limit)); // get the form name if ($q and !$iscustom and !$issticky) { $fname = $searchform ? $searchform : 'search_results'; } else { $fname = $listform ? $listform : $form; } if ($rs) { $count = 0; $last = numRows($rs); $articles = array(); while ($a = nextRow($rs)) { ++$count; populateArticleData($a); global $thisarticle, $uPosted, $limit; $thisarticle['is_first'] = $count == 1; $thisarticle['is_last'] = $count == $last; filterAtts($theAtts); // article form preview if (txpinterface === 'admin' && ps('Form')) { doAuth(); if (!has_privs('form')) { txp_status_header('401 Unauthorized'); exit(hed('401 Unauthorized', 1) . graf(gTxt('restricted_area'))); } $articles[] = parse(gps('Form')); } elseif ($allowoverride and $a['override_form']) { $articles[] = parse_form($a['override_form']); } else { $articles[] = $thing ? parse($thing) : parse_form($fname); } // sending these to paging_link(); Required? $uPosted = $a['uPosted']; unset($GLOBALS['thisarticle']); } return doLabel($label, $labeltag) . doWrap($articles, $wraptag, $break, $class); } }
/** * Find an adjacent article relative to a provided threshold level * * @param scalar $threshold The value to compare against * @param string $s string Optional section restriction * @param string $type string Find lesser or greater neighbour? Possible values: '<' (previous, default) or '>' (next) * @param array $atts Attribute of article at threshold * @param string $threshold_type 'cooked': Use $threshold as SQL clause; 'raw': Use $threshold as an escapable scalar * @return array|string An array populated with article data, or the empty string in case of no matches */ function getNeighbour($threshold, $s, $type, $atts = array(), $threshold_type = 'raw') { global $prefs; static $cache = array(); $key = md5($threshold . $s . $type . join(n, $atts)); if (isset($cache[$key])) { return $cache[$key]; } extract($atts); $expired = $expired && $prefs['publish_expired_articles']; $customFields = getCustomFields(); //Building query parts // lifted from publish.php. This is somewhat embarrassing, isn't it? $ids = array_map('intval', do_list($id)); $id = !$id ? '' : " and ID IN (" . join(',', $ids) . ")"; switch ($time) { case 'any': $time = ""; break; case 'future': $time = " and Posted > now()"; break; default: $time = " and Posted <= now()"; } if (!$expired) { $time .= " and (now() <= Expires or Expires = " . NULLDATETIME . ")"; } $custom = ''; if ($customFields) { foreach ($customFields as $cField) { if (isset($atts[$cField])) { $customPairs[$cField] = $atts[$cField]; } } if (!empty($customPairs)) { $custom = buildCustomSql($customFields, $customPairs); } } if ($keywords) { $keys = doSlash(do_list($keywords)); foreach ($keys as $key) { $keyparts[] = "FIND_IN_SET('" . $key . "',Keywords)"; } $keywords = " and (" . join(' or ', $keyparts) . ")"; } // invert $type for ascending sortdir $types = array('>' => array('desc' => '>', 'asc' => '<'), '<' => array('desc' => '<', 'asc' => '>')); $type = $type == '>' ? $types['>'][$sortdir] : $types['<'][$sortdir]; // escape threshold and treat it as a string unless explicitly told otherwise if ($threshold_type != 'cooked') { $threshold = "'" . doSlash($threshold) . "'"; } $safe_name = safe_pfx('textpattern'); $q = array("select ID, Title, url_title, unix_timestamp(Posted) as uposted\n\t\t\tfrom " . $safe_name . " where {$sortby} {$type} " . $threshold, $s != '' && $s != 'default' ? "and Section = '" . doSlash($s) . "'" : filterFrontPage(), $id, $time, $custom, $keywords, 'and Status=4', 'order by ' . $sortby, $type == '<' ? 'desc' : 'asc', 'limit 1'); $cache[$key] = getRow(join(n . ' ', $q)); return is_array($cache[$key]) ? $cache[$key] : ''; }
/** * Script to get all active IP requests ****************************************/ /* verify that user is admin */ checkAdmin(); /* get all fields in IP table */ $fields = getIPaddrFields(); /* get all selected fields */ $setFieldsTemp = getSelectedIPaddrFields(); /* format them to array! */ $setFields = explode(";", $setFieldsTemp); /* unset mandatory fields -> id,subnetid,ip_addr */ unset($fields['id'], $fields['subnetId'], $fields['ip_addr'], $fields['description'], $fields['dns_name'], $fields['lastSeen'], $fields['excludePing'], $fields['editDate']); /* unset custom! */ $custom = getCustomFields('ipaddresses'); if (sizeof($custom) > 0) { foreach ($custom as $key => $cust) { unset($fields[$key]); } } ?> <h4><?php print _('Filter which fields to display in IP list'); ?> </h4> <hr> <div class="alert alert-info alert-absolute"><?php