public function getCkBody($content = "") { global $sourceFolder; global $cmsFolder; global $moduleFolder; global $urlRequestRoot; global $ICONS; require_once "{$sourceFolder}/{$moduleFolder}/article/ckeditor3.5/ckeditor.php"; $query = "SELECT * FROM `article_content` WHERE `page_modulecomponentid`= '{$this->moduleComponentId}'"; $result = mysql_query($query); $temp = mysql_fetch_assoc($result); if ($content == "") { $content = $temp['article_content']; } $editor = $temp['default_editor']; $CkForm = <<<Ck \t\t\t\t\t\t<form action="./+edit" method="post"> \t\t\t\t\t\t<a name="editor"></a> <input type="button" id="show_plain" value="Plain Source" onclick="\$('#show_plain').hide();\$('#show_ckeditor').show();CKEDITOR.instances.CKEditor1.updateElement();CKEDITOR.instances.CKEditor1.destroy();document.getElementById('editor').value='plain';"> <input type="button" id="show_ckeditor" value="CKEditor" style="display:none" onclick="\$('#show_plain').show();\$('#show_ckeditor').hide();CKEDITOR.add(CKEDITOR.editor.replace(document.getElementsByName('CKEditor1')[0]));document.getElementById('editor').value='ckeditor';"> \t\t\t\t\t\t<input type="button" value="Cancel" onclick="submitarticleformCancel(this);"><input type="submit" value="Save"><input type="button" value="Preview" onclick="submitarticleformPreview(this)"><input type="button" value="Draft" onclick="submitarticleformDraft(this);"> To upload files and images, go to the <a href="#files">files section</a>.<br/> Ck; $top = "<a href='#topquicklinks'>Top</a>"; $oCKEditor = new CKeditor(); $oCKEditor->basePath = "{$urlRequestRoot}/{$cmsFolder}/{$moduleFolder}/article/ckeditor3.5/"; $oCKEditor->config['width'] = '100%'; $oCKEditor->config['height'] = '300'; $oCKEditor->returnOutput = true; if ($editor == 'ckeditor') { $Ckbody = $oCKEditor->editor('CKEditor1', $content); } else { $Ckbody = $oCKEditor->editor('ne', ""); //make a auxilary Ckeditor ///following destroys the the ckeditor instance as soon as it is initialized. Also hides the Plain Source button $Ckbody .= "<script>CKEDITOR.instances.ne.on('instanceReady',function(){ CKEDITOR.instances.ne.destroy()});\$('#show_plain').hide();\$('#show_ckeditor').show();</script>"; $Ckbody .= '<textarea rows="20" cols="60" style="width:100%" name="CKEditor1" style="display: inline;">' . $content . '</textarea>'; } $CkFooter = <<<Ck1 <br/> <input type='hidden' name='editor' id='editor' value='{$editor}'/> \t\t\t\t\t <input type="button" value="Cancel" onclick="submitarticleformCancel(this);"><input type="submit" value="Save"><input type="button" value="Preview" onclick="submitarticleformPreview(this)"><input type="button" value="Draft" onclick="submitarticleformDraft(this);"> \t\t\t\t\t \t\t </form> \t\t\t\t\t \t <script language="javascript"> \t\t\t\t\t \tfunction submitarticleformPreview(butt) { \t\t\t\t\t \t\tbutt.form.action = "./+edit&preview=yes#preview"; \t\t\t\t\t \t\tbutt.form.submit(); \t\t\t\t\t \t} \t\t\t\t\t \tfunction submitarticleformCancel(butt) { \t\t\t\t\t \t\tbutt.form.action="./+view"; \t\t\t\t\t \t\tbutt.form.submit(); \t\t\t\t\t \t} \t\t\t\t\t \tfunction submitarticleformDraft(butt) { \t\t\t\t\t \t\tbutt.form.action="./+view&draft=yes"; \t\t\t\t\t \t\tbutt.form.submit(); \t\t\t\t\t \t} \t\t\t\t\t </script><br /> \t\t\t\t\t {$top} \t\t\t\t\t <fieldset> \t\t\t\t\t <legend><a name="files">{$ICONS['Uploaded Files']['small']}Uploaded Files</a></legend> \t\t\t\t\t\t\t Ck1; $CkFooter .= getUploadedFilePreviewDeleteForm($this->moduleComponentId, "article", './+edit'); $CkFooter .= '<br />Upload files : <br />' . getFileUploadForm($this->moduleComponentId, "article", './+edit', UPLOAD_SIZE_LIMIT, 5) . '</fieldset>'; /* Revisions available */ $revisionquery = "SELECT MAX(article_revision) AS MAX FROM `article_contentbak` where page_modulecomponentid = '{$this->moduleComponentId}'"; $revisionresult = mysql_query($revisionquery); $revisionrow = mysql_fetch_assoc($revisionresult); $start = $revisionrow['MAX'] - 10; if (isset($_GET['revisionno'])) { $start = escape($_GET['revisionno']); } if ($start > $revisionrow['MAX'] - 9) { $start = $revisionrow['MAX'] - 10; } if ($start < 0) { $start = 0; } $count = 10; if (isset($_GET['count'])) { $count = escape($_GET['count']); } if ($count > $revisionrow['MAX'] - $start + 1) { $count = $revisionrow['MAX'] - $start + 1; } $query = "SELECT article_revision,article_updatetime,user_id FROM `article_contentbak` where page_modulecomponentid = '{$this->moduleComponentId}' ORDER BY article_revision LIMIT {$start},{$count}"; $result = mysql_query($query); $revisionTable = "<fieldset>\n\t\t\t\t\t <legend><a name='revisions'>{$ICONS['Page Revisions']['small']}Page Revisions : </a></legend>" . "<table border='1'><tr><td>Revision Number</td><td>Date Updated</td><td>User Fullname</td><td>User Email</td></tr>"; while ($row = mysql_fetch_assoc($result)) { $revisionTable .= "<tr><td><a href=\"./+edit&version=" . $row['article_revision'] . "#preview\">" . $row['article_revision'] . "</a></td><td>" . $row['article_updatetime'] . "</td><td>" . getUserFullName($row['user_id']) . "</td><td>" . getUserEmail($row['user_id']) . "</td></tr>"; } $revisionTable .= "</table>" . "<input type=\"button\" value=\"<<\" onclick=\"window.location='./+edit&revisionno=0'\" /> " . "<input type=\"button\" value=\"<\" onclick=\"window.location='./+edit&revisionno=" . ($start - 10) . "'\" /> " . "<input type=\"button\" value=\">\" onclick=\"window.location='./+edit&revisionno=" . ($start + 10) . "'\" /> " . "<input type=\"button\" value=\">>\" onclick=\"window.location='./+edit&revisionno=" . ($revisionrow['MAX'] - 10) . "'\" /> " . "</fieldset>"; /* Drafts available */ $draftquery = "SELECT MAX(draft_number) AS MAX FROM `article_draft` where page_modulecomponentid = '{$this->moduleComponentId}'"; $draftresult = mysql_query($draftquery); $draftrow = mysql_fetch_assoc($draftresult); $dstart = $draftrow['MAX'] - 10; if (isset($_GET['draftno'])) { $dstart = escape($_GET['draftno']); } if ($dstart > $draftrow['MAX'] - 9) { $dstart = $draftrow['MAX'] - 10; } if ($dstart < 0) { $dstart = 0; } $dcount = 10; if (isset($_GET['dcount'])) { $dcount = escape($_GET['dcount']); } if ($dcount > $draftrow['MAX'] - $dstart + 1) { $dcount = $draftrow['MAX'] - $dstart + 1; } $query = "SELECT `draft_lastsaved`,`draft_number`,`user_id` FROM `article_draft` where `page_modulecomponentid` = '{$this->moduleComponentId}' ORDER BY `draft_lastsaved` LIMIT {$dstart},{$dcount}"; $result = mysql_query($query); $draftTable = "<fieldset>\n\t\t\t\t\t <legend><a name='drafts'>{$ICONS['Page Revisions']['small']}Drafts Saved : </a></legend>" . "<table border='1'><tr><td>Draft Number</td><td>Date Drafted</td><td>User Fullname</td><td>User Email</td><td>Delete</td></tr>"; while ($row = mysql_fetch_assoc($result)) { $draftTable .= "<tr><td><a href=\"./+edit&dversion=" . $row['draft_number'] . "#preview\">" . $row['draft_number'] . "</a></td><td>" . $row['draft_lastsaved'] . "</td><td>" . getUserFullName($row['user_id']) . "</td><td>" . getUserEmail($row['user_id']) . "</td><td><form action='./+edit&deldraft=yes&dno=" . $row['draft_number'] . "' method='post'><input type='button' value='Delete' onclick='submitarticleformDeldraft(this);'></form>\n\t\t<script language='javascript'>\n\t\t\t\t\t \tfunction submitarticleformDeldraft(butt) {\n\t\t\t\t\t \t\tif(confirm('Are you sure you want to delete this draft ? '))\n\t\t\t\t\t \t\tbutt.form.submit();\n\t\t\t\t\t \t}\n\t\t</script></td></tr>"; } $draftTable .= "</table>" . "<input type=\"button\" value=\"<<\" onclick=\"window.location='./+edit&draftnno=0'\" /> " . "<input type=\"button\" value=\"<\" onclick=\"window.location='./+edit&draftno=" . ($dstart - 10) . "'\" /> " . "<input type=\"button\" value=\">\" onclick=\"window.location='./+edit&draftno=" . ($dstart + 10) . "'\" /> " . "<input type=\"button\" value=\">>\" onclick=\"window.location='./+edit&draftno=" . ($draftrow['MAX'] - 10) . "'\" /> " . "</fieldset>"; /* Drafts end*/ return $CkForm . $Ckbody . $CkFooter . $draftTable . $top . $revisionTable . $top; }
/** * function actionEdit: * Edit interface for all safedit module instances * will be called from $this->getHtml function */ public function actionEdit() { $ret = <<<RET <style type="text/css"> textarea { \tfont-size: 130%; \tbackground: white; } </style> RET; global $sourceFolder, $ICONS; require_once $sourceFolder . "/upload.lib.php"; submitFileUploadForm($this->moduleComponentId, "safedit", $this->userId, UPLOAD_SIZE_LIMIT); $end = "<fieldset id='uploadFile'><legend>{$ICONS['Uploaded Files']['small']}File Upload</legend>Upload files : <br />" . getFileUploadForm($this->moduleComponentId, "safedit", './+edit', UPLOAD_SIZE_LIMIT, 5) . getUploadedFilePreviewDeleteForm($this->moduleComponentId, "safedit", './+edit') . '</fieldset>'; $val = mysql_fetch_assoc(mysql_query("SELECT `page_title` FROM `" . MYSQL_DATABASE_PREFIX . "pages` WHERE `page_module` = 'safedit' AND `page_modulecomponentid` = '{$this->moduleComponentId}'")); $ret .= "<h1>Editing '" . $val['page_title'] . "' page</h1>"; if (isset($_GET['subaction'])) { if ($_GET['subaction'] == "addSection") { $show = isset($_POST['sectionShow']); $heading = escape($_POST['heading']); $result = mysql_query("SELECT MAX(`section_id`)+1 as `section_id` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'") or die(mysql_error()); $row = mysql_fetch_row($result); $sectionId = $row[0]; $result = mysql_query("SELECT MAX(`section_priority`)+1 as `section_priority` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'"); $row = mysql_fetch_row($result); $priority = $row[0]; $query = "INSERT INTO `safedit_sections`(`page_modulecomponentid`,`section_id`,`section_heading`,`section_type`,`section_show`,`section_priority`) VALUES ('{$this->moduleComponentId}','{$sectionId}','{$heading}','" . escape($_POST['type']) . "','{$show}','{$priority}')"; mysql_query($query) or die($query . "<br>" . mysql_error()); if (mysql_affected_rows() > 0) { displayinfo("Section: {$heading}, created"); } else { displayerror("Couldn't create section"); } } else { if ($_GET['subaction'] == 'deleteSection') { $sectionId = escape($_GET['sectionId']); $query = "DELETE FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'"; mysql_query($query) or die($query . "<br>" . mysql_error()); if (mysql_affected_rows() > 0) { displayinfo("Section deleted succesfully"); } else { displayerror("Couldn't delete section"); } } else { if ($_GET['subaction'] == 'saveSection') { $sectionId = escape($_POST['sectionId']); $heading = escape($_POST['heading']); $typeUpdate = isset($_POST['type']) ? ", `section_type` = '{$_POST['type']}'" : ''; $show = ", `section_show` = '" . isset($_POST['sectionShow']) . "'"; $result = mysql_query("SELECT `section_type` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'"); $row = mysql_fetch_row($result); $type = $row[0]; if ($type == "para" || $type == "ulist" || $type == "olist") { $sectionContent = escape($this->processSave($_POST['content'])); } else { if ($type == "picture") { $sectionContent = escape($_POST['selectFile']); } } $query = "UPDATE `safedit_sections` SET `section_heading` = '{$heading}', `section_content` = '{$sectionContent}'{$typeUpdate}{$show} WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'"; mysql_query($query) or die($query . "<br>" . mysql_error()); if (mysql_affected_rows() > 0) { displayinfo("Section saved successfully"); } } else { if ($_GET['subaction'] == 'moveUp' || $_GET['subaction'] == 'moveDown') { $compare = $_GET['subaction'] == 'moveUp' ? '<=' : '>='; $arrange = $_GET['subaction'] == 'moveUp' ? 'DESC' : 'ASC'; $sectionId = escape($_GET['sectionId']); $query = "SELECT `section_id`,`section_priority` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_priority` '{$compare}' (SELECT `section_priority` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}') ORDER BY `section_priority` '{$arrange}' LIMIT 2"; $result = mysql_query($query); $row = mysql_fetch_row($result); $sid = $row[0]; $spr = $row[1]; if ($row = mysql_fetch_row($result)) { mysql_query("UPDATE `safedit_sections` SET `section_priority` = '{$spr}' WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$row[0]}'"); mysql_query("UPDATE `safedit_sections` SET `section_priority` = '{$row[1]}' WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sid}'"); } } else { if ($_GET['subaction'] == 'moveTop' || $_GET['subaction'] == 'moveBottom') { $sectionId = escape($_GET['sectionId']); $cpri = mysql_fetch_row(mysql_query("SELECT `section_priority` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'")) or die(mysql_error()); if ($_GET['subaction'] == 'moveTop') { $sign = '+'; $cmpr = '<'; $set = '0'; } else { $sign = '-'; $cmpr = '>'; $set = mysql_fetch_row(mysql_query("SELECT MAX(`section_priority`) FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'")) or die(mysql_error()); $set = isset($set[0]) ? $set[0] : ''; } $cmpr = $_GET['subaction'] == 'moveTop' ? '<' : '>'; $query = "UPDATE `safedit_sections` SET `section_priority` = `section_priority`{$sign}1 WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_priority` {$cmpr} '{$cpri[0]}'"; mysql_query($query) or die(mysql_error()); mysql_query("UPDATE `safedit_sections` SET `section_priority` = '{$set}' WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' AND `section_id` = '{$sectionId}'") or die(mysql_error()); } } } } } } $result = mysql_query("SELECT `section_id`,`section_heading`,`section_type`,`section_content`,`section_show` FROM `safedit_sections` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}' ORDER BY `section_priority`"); while ($row = mysql_fetch_assoc($result)) { $show = $row['section_show'] ? 'checked ' : ''; $type = $row['section_type']; $help = $type != "picture" ? " <a href='#help' title='Only Plain text allowed, Click to know more'>{$ICONS['Help']['small']}</a>" : ''; $ret .= <<<RET <form action='./+edit&subaction=saveSection' method=POST><input type=hidden value='{$row['section_id']}' name='sectionId' /><fieldset><legend><input type=checkbox name='sectionShow' {$show}/><input type=text name=heading value='{$row['section_heading']}' style='border:0;background:none;' /> <a href='./+edit&subaction=moveUp§ionId={$row['section_id']}' title='Move one level Up'>{$ICONS['Up']['small']}</a> <a href='./+edit&subaction=moveDown§ionId={$row['section_id']}' title='Move one level Down'>{$ICONS['Down']['small']}</a> <a href='./+edit&subaction=moveTop§ionId={$row['section_id']}' title='Move to Top'>{$ICONS['Top']['small']}</a> <a href='./+edit&subaction=moveBottom§ionId={$row['section_id']}' title='Move to Bottom'>{$ICONS['Bottom']['small']}</a> <a href='./+edit&subaction=deleteSection§ionId={$row['section_id']}' title='Delete Section'>{$ICONS['Delete Section']['small']}</a>{$help}</legend><div class='safedit_section'> RET; $safeContent = safe_html($row['section_content']); if ($type == "ulist" || $type == "olist" || $type == "para") { $usel = $type == "ulist" ? ' selected' : ''; $osel = $type == "olist" ? ' selected' : ''; $psel = $type == "para" ? ' selected' : ''; $ret .= <<<PARA <textarea name=content rows=7 style="width:100%">{$safeContent}</textarea> <select name=type> <option value="para"{$psel}>Paragraph</option> <option value="ulist"{$usel}>List</option> <option value="olist"{$osel}>Numbered List</option> </select> PARA; } else { if ($type == "picture") { $files = getUploadedFiles($this->moduleComponentId, "safedit"); $ret .= "<a href='#uploadFile'>Upload File</a><br /><select name=selectFile><option value=''>No picture</option>"; foreach ($files as $currFile) { $select = $row['section_content'] == $currFile['upload_filename'] ? ' selected' : ''; $ret .= "<option value='{$currFile['upload_filename']}'{$select}>{$currFile['upload_filename']}</option>"; } $ret .= "</select>"; } } $ret .= <<<SUBMIT <input type=submit value='Save section' /></div></fieldset></form> SUBMIT; } $ret .= <<<RET <fieldset> <legend>{$ICONS['Add']['small']}Create New Section</legend> <form action="./+edit&subaction=addSection" method=POST> <select name='type'> <option value="para">Paragraph</option> <option value="ulist">List</option> <option value="olist">Numbered List</option> <option value="picture">Picture</option> </select> <input type=text name="heading" /> <input type=checkbox name="sectionShow" checked /> <input type=submit value="Add section" name="btnAddSection" /> </form> </fieldset> RET; $ret .= $end; $ret .= <<<RET <small id="help"><ul><li>You can display only Plain text, any custom formatting will be prevented.<br />To make a link, enclose the text with '{' and '}' and add the target to the end of the line after '|'<br />For eg:<br />{This is a link}, and this is not a link|http://www.google.com<br />The above line will make a link to google.com</li><li>Leave section heading text box blank(without even spaces) to avoid displaying Heading</li></ul></small> RET; return $ret; }