/** * The main Page editor panel. * * @param string|array $message The activity message */ function page_edit($message = '') { global $event, $step; pagetop(gTxt('edit_pages'), $message); extract(array_map('assert_string', gpsa(array('copy', 'save_error', 'savenew')))); $name = sanitizeForPage(assert_string(gps('name'))); $newname = sanitizeForPage(assert_string(gps('newname'))); if ($step == 'page_delete' || empty($name) && $step != 'page_new' && !$savenew) { $name = safe_field('page', 'txp_section', "name = 'default'"); } elseif ((($copy || $savenew) && $newname || $newname && $newname != $name) && !$save_error) { $name = $newname; } $buttons = n . tag(gTxt('page_name'), 'label', array('for' => 'new_page')) . br . fInput('text', 'newname', $name, 'input-medium', '', '', INPUT_MEDIUM, '', 'new_page', false, true); if ($name) { $buttons .= span(href(gTxt('duplicate'), '#', array('id' => 'txp_clone', 'class' => 'clone', 'title' => gTxt('page_clone'))), array('class' => 'txp-actions')); } else { $buttons .= hInput('savenew', 'savenew'); } $html = !$save_error ? fetch('user_html', 'txp_page', 'name', $name) : gps('html'); // Format of each entry is popTagLink -> array ( gTxt() string, class/ID). $tagbuild_items = array('page_article' => array('page_article_hed', 'article-tags'), 'page_article_nav' => array('page_article_nav_hed', 'article-nav-tags'), 'page_nav' => array('page_nav_hed', 'nav-tags'), 'page_xml' => array('page_xml_hed', 'xml-tags'), 'page_misc' => array('page_misc_hed', 'misc-tags'), 'page_file' => array('page_file_hed', 'file-tags')); $tagbuild_links = ''; foreach ($tagbuild_items as $tb => $item) { $tagbuild_links .= wrapRegion($item[1] . '_group', taglinks($tb), $item[1], $item[0], 'page_' . $item[1]); } echo hed(gTxt('tab_pages'), 1, array('class' => 'txp-heading')); echo n . tag(n . tag(hed(gTxt('tagbuilder'), 2) . $tagbuild_links, 'div', array('id' => 'tagbuild_links', 'class' => 'txp-layout-cell txp-layout-1-4')) . n . tag(form(graf($buttons) . graf(tag(gTxt('page_code'), 'label', array('for' => 'html')) . br . '<textarea class="code" id="html" name="html" cols="' . INPUT_LARGE . '" rows="' . TEXTAREA_HEIGHT_LARGE . '" dir="ltr">' . txpspecialchars($html) . '</textarea>') . graf(fInput('submit', '', gTxt('save'), 'publish') . eInput('page') . sInput('page_save') . hInput('name', $name)), '', '', 'post', 'edit-form', '', 'page_form'), 'div', array('id' => 'main_content', 'class' => 'txp-layout-cell txp-layout-2-4')) . n . tag(graf(sLink('page', 'page_new', gTxt('create_new_page')), ' class="action-create"') . page_list($name) . n, 'div', array('id' => 'content_switcher', 'class' => 'txp-layout-cell txp-layout-1-4')) . n, 'div', array('id' => $event . '_container', 'class' => 'txp-layout-grid')); }
function plugin_save() { extract(doSlash(gpsa(array('name', 'code')))); safe_update('txp_plugin', "code = '{$code}'", "name = '{$name}'"); $message = gTxt('plugin_saved', array('{name}' => $name)); plugin_list($message); }
/** * Renders a panel for selecting the import tool. * * Lets users select the tool and provide required * configuration options. */ function switch_tool() { global $vars, $event, $step, $tools; extract(gpsa($vars)); pagetop(gTxt('txp_import'), ''); echo hed(gTxt('tab_import'), 1, array('class' => 'txp-heading')); $content = '<section class="txp-edit">'; $content .= hed(gTxt('txp_import'), 2); // Select tool. $content .= inputLabel('import_from', tag(type_options($tools), 'select', ' id="import_from" name="import_tool"'), 'select_tool', 'import'); // Some data we collect. $content .= inputLabel('import_section', import_section_popup(''), 'import_section', 'import_section'); $status_options = array(STATUS_LIVE => gTxt('live'), STATUS_DRAFT => gTxt('draft'), STATUS_HIDDEN => gTxt('hidden'), STATUS_PENDING => gTxt('pending')); $content .= inputLabel('import_status', tag(type_options($status_options), 'select', ' id="import_status"'), 'import_status', 'import_status'); $content .= inputLabel('import_comment', fInput('text', 'import_comments_invite', gTxt('comments'), '', '', '', INPUT_REGULAR, '', 'import_comment'), 'import_invite', 'import_invite'); // Database imports only. $databased = hed(gTxt('database_stuff'), 2) . inputLabel('import_database', fInput('text', 'importdb', '', '', '', '', INPUT_REGULAR, '', 'import_database'), 'import_database', 'import_database') . inputLabel('import_login', fInput('text', 'importdblogin', '', '', '', '', INPUT_REGULAR, '', 'import_login'), 'import_login', 'import_login') . inputLabel('import_password', fInput('text', 'importdbpass', '', '', '', '', INPUT_REGULAR, '', 'import_password'), 'import_password', 'import_password') . inputLabel('import_host', fInput('text', 'importdbhost', '', '', '', '', INPUT_REGULAR, '', 'import_host'), 'import_host', 'import_host'); $content .= tag($databased, 'div', ' id="databased" style="display: none;"'); // Movable Type (MySQL DB) specific. $mtblogid = inputLabel('import_blogid', fInput('text', 'import_blog_id', '', '', '', '', INPUT_REGULAR, '', 'import_blogid'), 'import_blogid', 'import_blogid'); $content .= tag($mtblogid, 'div', ' id="mtblogid" style="display: none;"'); // WordPress specific. $wponly = inputLabel('import_wpprefix', fInput('text', 'wpdbprefix', 'wp_', '', '', '', INPUT_REGULAR, '', 'import_wpprefix'), 'import_wpprefix', 'import_wpprefix') . inputLabel('import_wpdbcharset', selectInput('wpdbcharset', array('utf8' => gTxt('utf8'), 'latin1' => gTxt('latin1')), 'utf8', '', '', 'import_wpdbcharset'), 'import_wpdbcharset', 'import_wpdbcharset'); $content .= tag($wponly, 'div', ' id="wponly" style="display: none;"'); $content .= graf(fInput('submit', 'choose', gTxt('continue'), 'publish')); $content .= sInput('start_import') . eInput('import'); $content .= '</section>'; echo '<div id="' . $event . '_container" class="txp-container">' . form($content, '', '', 'post', '', '', 'import') . '</div>'; }
/** * Public callback hook endpoint. * * Can be used to manually invoke plugin import progress. */ public function endpoint() { extract(gpsa(array('rah_blobin'))); if (get_pref('rah_blobin_key') && get_pref('rah_blobin_key') === $rah_blobin) { $this->import(); die; } }
function list_list($message = "", $post = '') { extract(get_prefs()); $lvars = array("page", "sort", "dir", "crit", 'method'); extract(gpsa($lvars)); global $statuses, $step; pagetop("Textpattern", $message); $total = getCount('textpattern', "1"); $limit = $article_list_pageby ? $article_list_pageby : 25; $numPages = ceil($total / $limit); $page = !$page ? 1 : $page; $offset = ($page - 1) * $limit; if (!$sort) { $sort = "Posted"; } if (!$dir) { $dir = "desc"; } if ($dir == "desc") { $linkdir = "asc"; } else { $linkdir = "desc"; } if ($crit) { $critsql = array('title_body' => "Title rlike '{$crit}' or Body rlike '{$crit}'", 'author' => "AuthorID rlike '{$crit}'", 'categories' => "Category1 rlike '{$crit}' or Category2 rlike '{$crit}'", 'section' => "Section rlike '{$crit}'", 'status' => "Status rlike '{$crit}'"); $criteria = $critsql[$method]; $limit = 500; } else { $criteria = 1; } $rs = safe_rows("*, unix_timestamp(Posted) as uPosted", "textpattern", "{$criteria} order by {$sort} {$dir} limit {$offset},{$limit}"); echo !$crit ? list_nav_form($page, $numPages, $sort, $dir) : '', list_searching_form($crit, $method); if ($rs) { echo '<form action="index.php" method="post" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">', startTable('list'), '<tr>', column_head('posted', 'Posted', 'list', 1, $linkdir), column_head('title', 'Title', 'list', 1, $linkdir), $use_sections ? column_head('section', 'Section', 'list', 1, $linkdir) : '', $use_categories ? column_head('category1', 'Category1', 'list', 1, $linkdir) . column_head('category2', 'Category2', 'list', 1, $linkdir) : '', hCell(gTxt('Author')), column_head(gTxt('status'), 'Status', 'list', 1, $linkdir), td(), '</tr>'; foreach ($rs as $a) { extract($a); if ($use_categories == 1) { $cat1 = $Category1; $cat2 = $Category2; } $stat = !empty($Status) ? $statuses[$Status] : ''; if ($use_sections == 1) { $sect = $Section; } $adate = date("d M y", $uPosted + $timeoffset); $alink = eLink('article', 'edit', 'ID', $ID, $adate); $tlink = eLink('article', 'edit', 'ID', $ID, $Title); $modbox = fInput('checkbox', 'selected[]', $ID); echo "<tr>" . n, td($alink), td($tlink, 200), $use_sections ? td($sect, 75) : '', $use_categories ? td($cat1, 75) . td($cat2, 75) : '', td($AuthorID), td($stat, 45), td($modbox), '</tr>' . n; } echo tr(tda(list_multiedit_form(), ' colspan="8" style="text-align:right;border:0px"')); echo "</table></form>"; echo pageby_form('list', $article_list_pageby); unset($sort); } }
function createTxp() { $carry = isPost('carry'); extract(postDecode($carry)); extract(gpsa(array('name', 'pass', 'RealName', 'email'))); define("PFX", trim($dprefix)); include './txpsql.php'; mysql_query("INSERT INTO " . PFX . "txp_users VALUES\n\t\t\t(1,'{$name}',password(lower('{$pass}')),'{$RealName}','{$email}',1,now(),'')"); echo fbCreate(); }
function SectionController() { parent::ZemAdminController(); $this->context = gpsa(array('page', 'sort', 'dir', 'crit', 'search_method')); // @todo: sensible standard list view if (empty($this->context['sort'])) { $this->context['sort'] = 'name'; } if ($this->context['dir'] != 'desc') { $this->context['dir'] = 'asc'; } }
function switch_tool() { global $vars, $event, $step, $tools; extract(gpsa($vars)); pagetop(gTxt('txp_import'), ''); ?> <script type="text/javascript"> <!--// function showHideFields($sel) { if(document.getElementById){ document.getElementById('mtblogid').style.display = ($sel=='mtdb') ? 'block': 'none'; document.getElementById('wponly').style.display = ($sel=='wp') ? 'block': 'none'; document.getElementById('databased').style.display = ($sel=='wp' || $sel=='mtdb' || $sel=='b2')? 'block':'none'; } } //--> </script> <?php $content = startTable('edit'); $content .= tr(tdcs(hed(gTxt('txp_import'), 3), 2)); //Select tool $content .= tr(fLabelCell('select_tool', 'import', 'from') . td(tag(type_options($tools), 'select', " name=\"import_tool\" onchange=\"showHideFields(this.value);\""), '', 'from'), ' class="import-from"'); //Some data we collect $content .= tr(fLabelCell('import_section', 'import_section', 'section') . td(import_section_popup(''), '', 'section'), ' class="import-section"'); $status_options = array(4 => gTxt('live'), 1 => gTxt('draft'), 2 => gTxt('hidden'), 3 => gTxt('pending')); $content .= tr(fLabelCell('import_status', 'import_status', 'status') . td(type_select($status_options), '', 'status'), ' class="import-status"'); $content .= tr(fLabelCell('import_invite', 'import_invite', 'comment-invite') . td(fInput('text', 'comments_invite', gTxt('comments'), 'edit'), '', 'comment-invite'), ' class="import-comment"'); //DataBase imports only $databased = tr(tdcs(hed(gTxt('database_stuff'), 3), 2)) . tr(fLabelCell('import_database', 'import_database', 'database') . td(fInput('text', 'importdb', '', 'edit'), '', 'database'), ' class="import-database"') . tr(fLabelCell('import_login', 'import_login', 'login') . td(fInput('text', 'importdblogin', '', 'edit'), '', 'login'), ' class="import-login"') . tr(fLabelCell('import_password', 'import_password', 'password') . td(fInput('text', 'importdbpass', '', 'edit'), '', 'password'), ' class="import-password"') . tr(fLabelCell('import_host', 'import_host', 'host') . td(fInput('text', 'importdbhost', '', 'edit'), '', 'host'), ' class="import-host"'); //Ugly, but a way to present a clean screen with only required fields //while we keep JavaScript code at minimum $content .= tr(tda(tag($databased, 'table', ' id="databased" style="display: none; border: none;"'), ' colspan="2"')); //MT-DB Specific $mtblogid = tr(fLabelCell('import_blogid', 'import_blogid', 'blog-id') . td(fInput('text', 'blog_id', '', 'edit'), '', 'blog-id'), ' class="import-blog-id"'); $content .= tr(tda(tag($mtblogid, 'table', ' id="mtblogid" style="display: none; border: none;"'), ' colspan="2"')); //WordPress specific option $wponly = tr(fLabelCell('import_wpprefix', 'import_wpprefix', 'wp-prefix') . td(fInput('text', 'wpdbprefix', 'wp_', 'edit'), '', 'wp-prefix'), ' class="import-wp-prefix"'); $content .= tr(tda(tag($wponly, 'table', ' id="wponly" style="display: none; border: none;"'), ' colspan="2"')); $content .= endTable(); $content .= tag(fInput('submit', 'choose', gTxt('continue'), 'publish'), 'p', ' style="text-align:center"'); $content .= sInput('start_import') . eInput('import'); echo '<div id="' . $event . '_container" class="txp-container txp-edit">' . form($content, '', '', 'post', '', '', 'import') . '</div>'; }
function switch_tool() { global $vars, $event, $step, $tools; extract(gpsa($vars)); pagetop(gTxt('txp_import'), ''); echo '<h1 class="txp-heading">' . gTxt('tab_import') . '</h1>'; ?> <script type="text/javascript"> <!--// function showHideFields($sel) { if(document.getElementById){ document.getElementById('mtblogid').style.display = ($sel=='mtdb') ? 'block': 'none'; document.getElementById('wponly').style.display = ($sel=='wp') ? 'block': 'none'; document.getElementById('databased').style.display = ($sel=='wp' || $sel=='mtdb' || $sel=='b2')? 'block':'none'; } } //--> </script> <?php $content = '<div class="txp-edit">'; $content .= hed(gTxt('txp_import'), 2); //Select tool $content .= inputLabel('import_from', tag(type_options($tools), 'select', ' id="import_from" name="import_tool" onchange="showHideFields(this.value);"'), 'select_tool', 'import'); //Some data we collect $content .= inputLabel('import_section', import_section_popup(''), 'import_section', 'import_section'); $status_options = array(STATUS_LIVE => gTxt('live'), STATUS_DRAFT => gTxt('draft'), STATUS_HIDDEN => gTxt('hidden'), STATUS_PENDING => gTxt('pending')); $content .= inputLabel('import_status', tag(type_options($status_options), 'select', ' id="import_status"'), 'import_status', 'import_status'); $content .= inputLabel('import_comment', fInput('text', 'import_comments_invite', gTxt('comments'), '', '', '', INPUT_REGULAR, '', 'import_comment'), 'import_invite', 'import_invite'); //DataBase imports only $databased = hed(gTxt('database_stuff'), 2) . inputLabel('import_database', fInput('text', 'importdb', '', '', '', '', INPUT_REGULAR, '', 'import_database'), 'import_database', 'import_database') . inputLabel('import_login', fInput('text', 'importdblogin', '', '', '', '', INPUT_REGULAR, '', 'import_login'), 'import_login', 'import_login') . inputLabel('import_password', fInput('text', 'importdbpass', '', '', '', '', INPUT_REGULAR, '', 'import_password'), 'import_password', 'import_password') . inputLabel('import_host', fInput('text', 'importdbhost', '', '', '', '', INPUT_REGULAR, '', 'import_host'), 'import_host', 'import_host'); $content .= tag($databased, 'div', ' id="databased" style="display: none;"'); //MT-DB Specific $mtblogid = inputLabel('import_blogid', fInput('text', 'import_blog_id', '', '', '', '', INPUT_REGULAR, '', 'import_blogid'), 'import_blogid', 'import_blogid'); $content .= tag($mtblogid, 'div', ' id="mtblogid" style="display: none;"'); //WordPress specific option $wponly = inputLabel('import_wpprefix', fInput('text', 'wpdbprefix', 'wp_', '', '', '', INPUT_REGULAR, '', 'import_wpprefix'), 'import_wpprefix', 'import_wpprefix') . inputLabel('import_wpdbcharset', selectInput('wpdbcharset', array('utf8' => gTxt('utf8'), 'latin1' => gTxt('latin1')), 'utf8', '', '', 'import_wpdbcharset'), 'import_wpdbcharset', 'import_wpdbcharset'); $content .= tag($wponly, 'div', ' id="wponly" style="display: none;"'); $content .= graf(fInput('submit', 'choose', gTxt('continue'), 'publish')); $content .= sInput('start_import') . eInput('import'); $content .= '</div>'; echo '<div id="' . $event . '_container" class="txp-container">' . form($content, '', '', 'post', '', '', 'import') . '</div>'; }
/** * The main Page editor panel. * * @param string|array $message The activity message */ function page_edit($message = '') { global $event, $step; pagetop(gTxt('edit_pages'), $message); extract(array_map('assert_string', gpsa(array('copy', 'save_error', 'savenew')))); $name = sanitizeForPage(assert_string(gps('name'))); $newname = sanitizeForPage(assert_string(gps('newname'))); if ($step == 'page_delete' || empty($name) && $step != 'page_new' && !$savenew) { $name = safe_field("page", 'txp_section', "name = 'default'"); } elseif ((($copy || $savenew) && $newname || $newname && $newname != $name) && !$save_error) { $name = $newname; } $titleblock = inputLabel('new_page', fInput('text', 'newname', $name, 'input-medium', '', '', INPUT_MEDIUM, '', 'new_page', false, true), 'page_name', array('', 'instructions_page_name'), array('class' => 'txp-form-field')); if ($name === '') { $titleblock .= hInput('savenew', 'savenew'); } else { $titleblock .= hInput('name', $name); } $titleblock .= eInput('page') . sInput('page_save'); $html = !$save_error ? fetch('user_html', 'txp_page', 'name', $name) : gps('html'); // Format of each entry is popTagLink -> array ( gTxt() string, class/ID). $tagbuild_items = array('page_article' => array('page_article_hed', 'article-tags'), 'page_article_nav' => array('page_article_nav_hed', 'article-nav-tags'), 'page_nav' => array('page_nav_hed', 'nav-tags'), 'page_xml' => array('page_xml_hed', 'xml-tags'), 'page_misc' => array('page_misc_hed', 'misc-tags'), 'page_file' => array('page_file_hed', 'file-tags')); $tagbuild_links = ''; foreach ($tagbuild_items as $tb => $item) { $tagbuild_links .= wrapRegion($item[1] . '_group', taglinks($tb), $item[1], $item[0], 'page_' . $item[1]); } // Pages code columm. echo n . tag(hed(gTxt('tab_pages'), 1, array('class' => 'txp-heading')) . form($titleblock . inputLabel('html', '<textarea class="code" id="html" name="html" cols="' . INPUT_LARGE . '" rows="' . TEXTAREA_HEIGHT_LARGE . '" dir="ltr">' . txpspecialchars($html) . '</textarea>', 'page_code', array('', 'instructions_page_code'), array('class' => 'txp-form-field')), '', '', 'post', '', '', 'page_form'), 'div', array('class' => 'txp-layout-4col-cell-1-2-3', 'id' => 'main_content', 'role' => 'region')); // Pages create/switcher column. $buttonExtras = ''; if ($name) { $buttonExtras .= href('<span class="ui-icon ui-icon-copy"></span> ' . gTxt('duplicate'), '#', array('class' => 'txp-clone', 'data-form' => 'page_form')); } $buttons = graf(tag_void('input', array('class' => 'publish', 'type' => 'submit', 'method' => 'post', 'value' => gTxt('save'), 'form' => 'page_form')), ' class="txp-save"') . graf(sLink('page', 'page_new', '<span class="ui-icon ui-extra-icon-new-document"></span> ' . gTxt('create_new_page'), 'txp-new') . $buttonExtras, array('class' => 'txp-actions')); echo n . tag($buttons . page_list($name) . n, 'div', array('class' => 'txp-layout-4col-cell-4alt', 'id' => 'content_switcher', 'role' => 'region')); // Pages tag builder column. TODO: make this a modal? // echo n.tag( // hed(gTxt('tagbuilder'), 2). // $tagbuild_links // , 'div', array( // 'class' => '', // 'id' => 'tagbuild_links', // )); }
function page_save() { extract(doSlash(gpsa(array('name', 'html', 'copy')))); if ($copy) { $newname = doSlash(trim(preg_replace('/[<>&"\']/', '', gps('newname')))); if ($newname and safe_field('name', 'txp_page', "name = '{$newname}'")) { $message = gTxt('page_already_exists', array('{name}' => $newname)); } elseif ($newname) { safe_insert('txp_page', "name = '{$newname}', user_html = '{$html}'"); update_lastmod(); $message = gTxt('page_created', array('{name}' => $newname)); } else { $message = gTxt('page_name_invalid'); } page_edit($message); } else { safe_update('txp_page', "user_html = '{$html}'", "name = '{$name}'"); update_lastmod(); $message = gTxt('page_updated', array('{name}' => $name)); page_edit($message); } }
function feed($type) { global $prefs; set_error_handler('feedErrorHandler'); ob_clean(); extract($prefs); extract(doSlash(gpsa(array('category', 'section', 'limit', 'area')))); if ($area != 'link') { $area = 'article'; } $sitename .= $section ? ' - ' . fetch_section_title($section) : ''; $sitename .= $category ? ' - ' . fetch_category_title($category, $area) : ''; $self_ref = pagelinkurl(array('atom' => 1, 'area' => $area == 'article' ? '' : $area, 'section' => $section, 'category' => $category, 'limit' => $limit)); $id_ext = ($section ? '/' . $section : '') . ($category ? '/' . $category : ''); if ($area == 'article') { $sfilter = $section ? "and Section = '" . $section . "'" : ''; $cfilter = $category ? "and (Category1='" . $category . "' or Category2='" . $category . "')" : ''; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $frs = safe_column("name", "txp_section", "in_rss != '1'"); $query = array(); foreach ($frs as $f) { $query[] = "and Section != '" . doSlash($f) . "'"; } $query[] = $sfilter; $query[] = $cfilter; $expired = $publish_expired_articles ? '' : ' and (now() <= Expires or Expires = ' . NULLDATETIME . ') '; $rs = safe_rows_start("*, ID as thisid, unix_timestamp(Posted) as uPosted, unix_timestamp(Expires) as uExpires, unix_timestamp(LastMod) as uLastMod", "textpattern", "Status=4 and Posted <= now() {$expired}" . join(' ', $query) . "order by Posted desc limit {$limit}"); return render_feed($rs, $area, $type, $sitename, $self_ref, $id_ext); } elseif ($area == 'link') { $cfilter = $category ? "category='" . $category . "'" : '1'; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $rs = safe_rows_start("*" . ($atom ? '' : ", unix_timestamp(date) as uDate"), "txp_link", "{$cfilter} order by date desc" . ($atom ? ", id desc" : '') . " limit {$limit}"); return render_feed($rs, $area, $type, $sitename, $self_ref, $id_ext); } }
function form_save() { global $vars, $step, $essential_forms; extract(doSlash(gpsa($vars))); $name = doSlash(trim(preg_replace('/[<>&"\']/', '', gps('name')))); if (!$name) { $step = 'form_create'; $message = gTxt('form_name_invalid'); return form_edit(array($message, E_ERROR)); } if (!in_array($type, array('article', 'category', 'comment', 'file', 'link', 'misc', 'section'))) { $step = 'form_create'; $message = gTxt('form_type_missing'); return form_edit(array($message, E_ERROR)); } if ($savenew) { $exists = safe_field('name', 'txp_form', "name = '{$name}'"); if ($exists) { $step = 'form_create'; $message = gTxt('form_already_exists', array('{name}' => $name)); return form_edit(array($message, E_ERROR)); } safe_insert('txp_form', "Form = '{$Form}', type = '{$type}', name = '{$name}'"); update_lastmod(); $message = gTxt('form_created', array('{name}' => $name)); return form_edit($message); } safe_update('txp_form', "Form = '{$Form}', type = '{$type}', name = '{$name}'", "name = '{$oldname}'"); update_lastmod(); $message = gTxt('form_updated', array('{name}' => $name)); form_edit($message); }
function log_list($message = '') { global $event, $log_list_pageby, $expire_logs_after; pagetop(gTxt('visitor_logs'), $message); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('log_sort_column', 'time'); } if ($dir === '') { $dir = get_pref('log_sort_dir', 'desc'); } $dir = $dir == 'asc' ? 'asc' : 'desc'; $expire_logs_after = assert_int($expire_logs_after); safe_delete('txp_log', "time < date_sub(now(), interval {$expire_logs_after} day)"); switch ($sort) { case 'ip': $sort_sql = 'ip ' . $dir; break; case 'host': $sort_sql = 'host ' . $dir; break; case 'page': $sort_sql = 'page ' . $dir; break; case 'refer': $sort_sql = 'refer ' . $dir; break; case 'method': $sort_sql = 'method ' . $dir; break; case 'status': $sort_sql = 'status ' . $dir; break; default: $sort = 'time'; $sort_sql = 'time ' . $dir; break; } set_pref('log_sort_column', $sort, 'log', 2, '', 0, PREF_PRIVATE); set_pref('log_sort_dir', $dir, 'log', 2, '', 0, PREF_PRIVATE); $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; if ($search_method and $crit) { $crit_escaped = doSlash(str_replace(array('\\', '%', '_', '\''), array('\\\\', '\\%', '\\_', '\\\''), $crit)); $critsql = array('ip' => "ip like '%{$crit_escaped}%'", 'host' => "host like '%{$crit_escaped}%'", 'page' => "page like '%{$crit_escaped}%'", 'refer' => "refer like '%{$crit_escaped}%'", 'method' => "method like '%{$crit_escaped}%'", 'status' => "status like '%{$crit_escaped}%'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('txp_log', "{$criteria}"); echo '<div id="' . $event . '_control" class="txp-control-panel">'; if ($total < 1) { if ($criteria != 1) { echo n . log_search_form($crit, $search_method) . n . graf(gTxt('no_results_found'), ' class="indicator"') . '</div>'; } else { echo graf(gTxt('no_refers_recorded'), ' class="indicator"') . '</div>'; } return; } $limit = max($log_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo n . log_search_form($crit, $search_method) . '</div>'; $rs = safe_rows_start('*, unix_timestamp(time) as uTime', 'txp_log', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); if ($rs) { echo n . '<div id="' . $event . '_container" class="txp-container txp-list">'; echo n . n . '<form action="index.php" id="log_form" method="post" name="longform" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . startTable('list', '', 'list', '', '90%') . n . '<thead>' . n . tr(n . column_head('time', 'time', 'log', true, $switch_dir, $crit, $search_method, ('time' == $sort ? "{$dir} " : '') . 'date time') . column_head('IP', 'ip', 'log', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'log_detail ip') . column_head('host', 'host', 'log', true, $switch_dir, $crit, $search_method, ('host' == $sort ? "{$dir} " : '') . 'host') . column_head('page', 'page', 'log', true, $switch_dir, $crit, $search_method, ('page' == $sort ? "{$dir} " : '') . 'page') . column_head('referrer', 'refer', 'log', true, $switch_dir, $crit, $search_method, ('refer' == $sort ? "{$dir} " : '') . 'refer') . column_head('method', 'method', 'log', true, $switch_dir, $crit, $search_method, ('method' == $sort ? "{$dir} " : '') . 'log_detail method') . column_head('status', 'status', 'log', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'log_detail status') . hCell('', '', ' class="multi-edit"')) . n . '</thead>'; $tfoot = n . '<tfoot>' . tr(tda(toggle_box('log_detail'), ' class="detail-toggle" colspan="2" style="text-align: left; border: none;"') . tda(select_buttons() . log_multiedit_form($page, $sort, $dir, $crit, $search_method), ' class="multi-edit" colspan="6" style="text-align: right; border: none;"')) . n . '</tfoot>'; echo $tfoot; echo '<tbody>'; $ctr = 1; while ($a = nextRow($rs)) { extract($a, EXTR_PREFIX_ALL, 'log'); if ($log_refer) { $log_refer = 'http://' . $log_refer; $log_refer = '<a href="' . htmlspecialchars($log_refer) . '" target="_blank">' . htmlspecialchars(soft_wrap($log_refer, 30)) . '</a>'; } if ($log_page) { $log_anchor = preg_replace('/\\/$/', '', $log_page); $log_anchor = soft_wrap(substr($log_anchor, 1), 30); $log_page = '<a href="' . htmlspecialchars($log_page) . '" target="_blank">' . htmlspecialchars($log_anchor) . '</a>'; if ($log_method == 'POST') { $log_page = '<strong>' . $log_page . '</strong>'; } } echo tr(n . td(gTime($log_uTime), 85, 'date time') . td($log_ip, 20, 'log_detail ip') . td(soft_wrap($log_host, 30), '', 'host') . td($log_page, '', 'page') . td($log_refer, '', 'refer') . td(htmlspecialchars($log_method), 60, 'log_detail method') . td($log_status, 60, 'log_detail status') . td(fInput('checkbox', 'selected[]', $log_id), '', 'multi-edit'), ' class="' . ($ctr % 2 == 0 ? 'even' : 'odd') . '"'); $ctr++; } echo '</tbody>' . n . endTable() . n . '</form>' . n . '<div id="' . $event . '_navigation" class="txp-navigation">' . n . nav_form('log', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . pageby_form('log', $log_list_pageby) . n . '</div>' . n . '</div>'; } }
function atom() { global $thisarticle; extract($GLOBALS['prefs']); define("t_texthtml", ' type="text/html"'); define("t_text", ' type="text"'); define("t_html", ' type="html"'); define("t_xhtml", ' type="xhtml"'); define('t_appxhtml', ' type="xhtml"'); define("r_relalt", ' rel="alternate"'); define("r_relself", ' rel="self"'); $area = doSlash(gps('area')); extract(doSlash(gpsa(array('category', 'section', 'limit')))); $last = fetch('unix_timestamp(val)', 'txp_prefs', 'name', 'lastmod'); $sitename .= $section ? ' - ' . $section : ''; $sitename .= $category ? ' - ' . $category : ''; $pub = safe_row("RealName, email", "txp_users", "privs=1"); $out[] = tag(escape_output($sitename), 'title', t_text); $out[] = tag(escape_output($site_slogan), 'subtitle', t_text); $out[] = '<link' . r_relself . ' href="' . pagelinkurl(array('atom' => 1, 'area' => $area, 'section' => $section, 'category' => $category, 'limit' => $limit)) . '" />'; $out[] = '<link' . r_relalt . t_texthtml . ' href="' . hu . '" />'; $articles = array(); //Atom feeds with mail or domain name $dn = explode('/', $siteurl); $mail_or_domain = $use_mail_on_feeds_id ? eE($blog_mail_uid) : $dn[0]; $out[] = tag('tag:' . $mail_or_domain . ',' . $blog_time_uid . ':' . $blog_uid . ($section ? '/' . $section : '') . ($category ? '/' . $category : ''), 'id'); $out[] = tag('Textpattern', 'generator', ' uri="http://textpattern.com/" version="' . $version . '"'); $out[] = tag(safe_strftime("w3cdtf", $last), 'updated'); $auth[] = tag($pub['RealName'], 'name'); $auth[] = $include_email_atom ? tag(eE($pub['email']), 'email') : ''; $auth[] = tag(hu, 'uri'); $out[] = tag(n . t . t . join(n . t . t, $auth) . n, 'author'); if (!$area or $area == 'article') { $sfilter = $section ? "and Section = '" . $section . "'" : ''; $cfilter = $category ? "and (Category1='" . $category . "' or Category2='" . $category . "')" : ''; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $frs = safe_column("name", "txp_section", "in_rss != '1'"); $query = array(); foreach ($frs as $f) { $query[] = "and Section != '" . doSlash($f) . "'"; } $query[] = $sfilter; $query[] = $cfilter; $rs = safe_rows_start("*, \n\t\t\t\tID as thisid, \n\t\t\t\tunix_timestamp(Posted) as uPosted,\n\t\t\t\tunix_timestamp(LastMod) as uLastMod", "textpattern", "Status=4 and Posted <= now() " . join(' ', $query) . "order by Posted desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); populateArticleData($a); $cb = callback_event('atom_entry'); $e = array(); $a['posted'] = $uPosted; if ($show_comment_count_in_feed) { $count = $comments_count > 0 ? ' [' . $comments_count . ']' : ''; } else { $count = ''; } $thisauthor = get_author_name($AuthorID); $e['thisauthor'] = tag(n . t . t . t . tag(htmlspecialchars($thisauthor), 'name') . n . t . t, 'author'); $e['issued'] = tag(safe_strftime('w3cdtf', $uPosted), 'published'); $e['modified'] = tag(safe_strftime('w3cdtf', $uLastMod), 'updated'); $escaped_title = escape_output($Title); $e['title'] = tag($escaped_title . $count, 'title', t_html); $permlink = permlinkurl($a); $e['link'] = '<link' . r_relalt . t_texthtml . ' href="' . $permlink . '" />'; $e['id'] = tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $blog_uid . '/' . $uid, 'id'); $e['category1'] = trim($Category1) ? '<category term="' . htmlspecialchars($Category1) . '" />' : ''; $e['category2'] = trim($Category2) ? '<category term="' . htmlspecialchars($Category2) . '" />' : ''; $summary = trim(replace_relative_urls(parse($thisarticle['excerpt']), $permlink)); $content = trim(replace_relative_urls(parse($thisarticle['body']), $permlink)); if ($syndicate_body_or_excerpt) { # short feed: use body as summary if there's no excerpt if (!trim($summary)) { $summary = $content; } $content = ''; } if (trim($content)) { $e['content'] = tag(n . escape_cdata($content) . n, 'content', t_html); } if (trim($summary)) { $e['summary'] = tag(n . escape_cdata($summary) . n, 'summary', t_html); } $articles[$ID] = tag(n . t . t . join(n . t . t, $e) . n . $cb, 'entry'); $etags[$ID] = strtoupper(dechex(crc32($articles[$ID]))); $dates[$ID] = $uLastMod; } } } elseif ($area == 'link') { $cfilter = $category ? "category='" . $category . "'" : '1'; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $rs = safe_rows_start("*", "txp_link", "{$cfilter} order by date desc, id desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); $e['title'] = tag(htmlspecialchars($linkname), 'title', t_html); $e['content'] = tag(n . htmlspecialchars($description) . n, 'content', t_html); $url = preg_replace("/^\\/(.*)/", "https?://{$siteurl}/\$1", $url); $url = preg_replace("/&((?U).*)=/", "&\\1=", $url); $e['link'] = '<link' . r_relalt . t_texthtml . ' href="' . $url . '" />'; $e['issued'] = tag(safe_strftime('w3cdtf', strtotime($date)), 'published'); $e['modified'] = tag(gmdate('Y-m-d\\TH:i:s\\Z', strtotime($date)), 'updated'); $e['id'] = tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $id, 'id'); $articles[$id] = tag(n . t . t . join(n . t . t, $e) . n, 'entry'); $etags[$id] = strtoupper(dechex(crc32($articles[$id]))); $dates[$id] = $date; } } } if (!empty($articles)) { //turn on compression if we aren't using it already if (extension_loaded('zlib') && ini_get("zlib.output_compression") == 0 && ini_get('output_handler') != 'ob_gzhandler' && !headers_sent()) { @ob_start("ob_gzhandler"); } handle_lastmod(); $hims = serverset('HTTP_IF_MODIFIED_SINCE'); $imsd = $hims ? strtotime($hims) : 0; if ($imsd >= $last) { txp_status_header("304 Not Modified"); exit; } header("Last-Modified: " . gmdate('D, d M Y H:i:s \\G\\M\\T', $last)); if (is_callable('apache_request_headers')) { $headers = apache_request_headers(); if (isset($headers["A-IM"])) { $canaim = strpos($headers["A-IM"], "feed"); } else { $canaim = false; } } else { $canaim = false; } $hinm = stripslashes(serverset('HTTP_IF_NONE_MATCH')); $cutarticles = false; if ($canaim !== false) { foreach ($articles as $id => $thing) { if (strpos($hinm, $etags[$id])) { unset($articles[$id]); $cutarticles = true; $cut_etag = true; } if ($dates[$id] < $imsd) { unset($articles[$id]); $cutarticles = true; $cut_time = true; } } } if (isset($cut_etag) && isset($cut_time)) { header("Vary: If-None-Match, If-Modified-Since"); } else { if (isset($cut_etag)) { header("Vary: If-None-Match"); } else { if (isset($cut_time)) { header("Vary: If-Modified-Since"); } } } $etag = @join("-", $etags); if (strstr($hinm, $etag)) { header("HTTP/1.1 304 Not Modified"); exit; } if ($etag) { header('ETag: "' . $etag . '"'); } if ($cutarticles) { //header("HTTP/1.1 226 IM Used"); //This should be used as opposed to 200, but Apache doesn't like it. //http://intertwingly.net/blog/2004/09/11/Vary-ETag/ says that the status code should be 200. header("Cache-Control: no-store, im"); header("IM: feed"); } $out = array_merge($out, $articles); header('Content-type: application/atom+xml; charset=utf-8'); return chr(60) . '?xml version="1.0" encoding="UTF-8"?' . chr(62) . n . '<feed xml:lang="' . $language . '" xmlns="http://www.w3.org/2005/Atom">' . join(n, $out) . '</feed>'; } }
/** * The main panel listing all log hits. * * @param string|array $message The activity message */ function log_list($message = '') { global $event, $log_list_pageby, $expire_logs_after; pagetop(gTxt('tab_logs'), $message); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); if ($sort === '') { $sort = get_pref('log_sort_column', 'time'); } else { if (!in_array($sort, array('ip', 'host', 'page', 'refer', 'method', 'status'))) { $sort = 'time'; } set_pref('log_sort_column', $sort, 'log', 2, '', 0, PREF_PRIVATE); } if ($dir === '') { $dir = get_pref('log_sort_dir', 'desc'); } else { $dir = $dir == 'asc' ? "asc" : "desc"; set_pref('log_sort_dir', $dir, 'log', 2, '', 0, PREF_PRIVATE); } $expire_logs_after = assert_int($expire_logs_after); safe_delete('txp_log', "time < DATE_SUB(NOW(), INTERVAL {$expire_logs_after} DAY)"); switch ($sort) { case 'ip': $sort_sql = "ip {$dir}"; break; case 'host': $sort_sql = "host {$dir}"; break; case 'page': $sort_sql = "page {$dir}"; break; case 'refer': $sort_sql = "refer {$dir}"; break; case 'method': $sort_sql = "method {$dir}"; break; case 'status': $sort_sql = "status {$dir}"; break; default: $sort = 'time'; $sort_sql = "time {$dir}"; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $search = new Filter($event, array('ip' => array('column' => 'txp_log.ip', 'label' => gTxt('IP')), 'host' => array('column' => 'txp_log.host', 'label' => gTxt('host')), 'page' => array('column' => 'txp_log.page', 'label' => gTxt('page')), 'refer' => array('column' => 'txp_log.refer', 'label' => gTxt('referrer')), 'method' => array('column' => 'txp_log.method', 'label' => gTxt('method')), 'status' => array('column' => 'txp_log.status', 'label' => gTxt('status'), 'type' => 'integer'))); list($criteria, $crit, $search_method) = $search->getFilter(array('status' => array('can_list' => true))); $search_render_options = array('placeholder' => 'search_logs'); $total = safe_count('txp_log', "{$criteria}"); echo n . tag(hed(gTxt('tab_logs'), 1, array('class' => 'txp-heading')), 'div', array('class' => 'txp-layout-2col-cell-1')); $searchBlock = n . tag($search->renderForm('log_list', $search_render_options), 'div', array('class' => 'txp-layout-2col-cell-2', 'id' => $event . '_control')); $contentBlockStart = n . tag_start('div', array('class' => 'txp-layout-1col', 'id' => $event . '_container')); if ($total < 1) { if ($criteria != 1) { echo $searchBlock . $contentBlockStart . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_results_found'), array('class' => 'alert-block information')); } else { echo $contentBlockStart . graf(span(null, array('class' => 'ui-icon ui-icon-info')) . ' ' . gTxt('no_refers_recorded'), array('class' => 'alert-block information')); } echo n . tag_end('div'); return; } $limit = max($log_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); echo $searchBlock . $contentBlockStart; $rs = safe_rows_start("*, UNIX_TIMESTAMP(time) AS uTime", 'txp_log', "{$criteria} ORDER BY {$sort_sql} LIMIT {$offset}, {$limit}"); if ($rs) { echo n . tag(toggle_box('log_detail'), 'div', array('class' => 'txp-list-options')) . n . tag_start('form', array('class' => 'multi_edit_form', 'id' => 'log_form', 'name' => 'longform', 'method' => 'post', 'action' => 'index.php')) . n . tag_start('div', array('class' => 'txp-listtables')) . n . tag_start('table', array('class' => 'txp-list')) . n . tag_start('thead') . tr(hCell(fInput('checkbox', 'select_all', 0, '', '', '', '', '', 'select_all'), '', ' class="txp-list-col-multi-edit" scope="col" title="' . gTxt('toggle_all_selected') . '"') . column_head('time', 'time', 'log', true, $switch_dir, $crit, $search_method, ('time' == $sort ? "{$dir} " : '') . 'txp-list-col-time') . column_head('IP', 'ip', 'log', true, $switch_dir, $crit, $search_method, ('ip' == $sort ? "{$dir} " : '') . 'txp-list-col-ip') . column_head('host', 'host', 'log', true, $switch_dir, $crit, $search_method, ('host' == $sort ? "{$dir} " : '') . 'txp-list-col-host log_detail') . column_head('page', 'page', 'log', true, $switch_dir, $crit, $search_method, ('page' == $sort ? "{$dir} " : '') . 'txp-list-col-page') . column_head('referrer', 'refer', 'log', true, $switch_dir, $crit, $search_method, ('refer' == $sort ? "{$dir} " : '') . 'txp-list-col-refer') . column_head('method', 'method', 'log', true, $switch_dir, $crit, $search_method, ('method' == $sort ? "{$dir} " : '') . 'txp-list-col-method log_detail') . column_head('status', 'status', 'log', true, $switch_dir, $crit, $search_method, ('status' == $sort ? "{$dir} " : '') . 'txp-list-col-status log_detail')) . n . tag_end('thead') . n . tag_start('tbody'); while ($a = nextRow($rs)) { extract($a, EXTR_PREFIX_ALL, 'log'); if ($log_refer) { $log_refer = href(txpspecialchars(soft_wrap(preg_replace('#^http://#', '', $log_refer), 30)), txpspecialchars($log_refer), ' target="_blank"'); } if ($log_page) { $log_anchor = preg_replace('/\\/$/', '', $log_page); $log_anchor = soft_wrap(substr($log_anchor, 1), 30); $log_page = href(txpspecialchars($log_anchor), txpspecialchars($log_page), ' target="_blank"'); if ($log_method == 'POST') { $log_page = strong($log_page); } } echo tr(td(fInput('checkbox', 'selected[]', $log_id), '', 'txp-list-col-multi-edit') . hCell(gTime($log_uTime), '', ' class="txp-list-col-time" scope="row"') . td(href(txpspecialchars($log_ip), 'https://whois.domaintools.com/' . rawurlencode($log_ip), array('rel' => 'external', 'target' => '_blank')), '', 'txp-list-col-ip') . td(txpspecialchars($log_host), '', 'txp-list-col-host log_detail') . td($log_page, '', 'txp-list-col-page') . td($log_refer, '', 'txp-list-col-refer') . td(txpspecialchars($log_method), '', 'txp-list-col-method log_detail') . td($log_status, '', 'txp-list-col-status log_detail')); } echo n . tag_end('tbody') . n . tag_end('table') . n . tag_end('div') . log_multiedit_form($page, $sort, $dir, $crit, $search_method) . tInput() . n . tag_end('form') . n . tag_start('div', array('class' => 'txp-navigation', 'id' => $event . '_navigation')) . pageby_form('log', $log_list_pageby) . nav_form('log', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit) . n . tag_end('div'); } echo n . tag_end('div'); }
function tag_file_download_description() { global $step, $endform, $tag_name; $atts = gpsa(array('class', 'escape', 'wraptag')); extract($atts); $out = form(startTable('tagbuilder') . tr(tdcs(hed(gTxt('tag_' . $tag_name), 3), 2)) . tagRow('escape', escape_pop($escape)) . tagRow('wraptag', input_tag('wraptag', $wraptag)) . tagRow('class', fInput('text', 'class', $class, 'edit', '', '', 25)) . $endform); if ($step == 'build') { $out .= tdb(tb($tag_name, $atts)); } return $out; }
function customers_list($event = '', $step = '', $message = '') { global $statuses, $comments_disabled_after, $step, $txp_user; pagetop("Customers", $message); extract(get_prefs()); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'qty', 'search_method'))); $sesutats = array_flip($statuses); $dir = $dir == 'desc' ? 'desc' : 'asc'; switch ($sort) { case 'RealName': $sort_sql = 'RealName ' . $dir; break; case 'orders': $sort_sql = 'orders ' . $dir; break; default: $dir = 'desc'; $sort_sql = 'user_id ' . $dir; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = "privs = 0"; if ($search_method and $crit) { $crit_escaped = doSlash($crit); $critsql = array('id' => "ID = '{$crit_escaped}'", 'title_body' => "Title rlike '{$crit_escaped}' or Body rlike '{$crit_escaped}'", 'section' => "Section rlike '{$crit_escaped}'", 'categories' => "Category1 rlike '{$crit_escaped}' or Category2 rlike '{$crit_escaped}'", 'status' => "Status = '" . @$sesutats[gTxt($crit_escaped)] . "'", 'author' => "AuthorID rlike '{$crit_escaped}'"); if (array_key_exists($search_method, $critsql)) { $criteria = $critsql[$search_method]; $limit = 500; } else { $search_method = ''; $crit = ''; } } else { $search_method = ''; $crit = ''; } $total = safe_count('txp_users', "{$criteria}"); if (isset($qty)) { $customers_list_pageby = $qty; } else { $customers_list_pageby = 15; } $limit = max(@$customers_list_pageby, 15); list($page, $offset, $numPages) = pager($total, $limit, $page); $rs = safe_rows_start('*', 'txp_users', "{$criteria} order by {$sort_sql} limit {$offset}, {$limit}"); $customersOnPage = $offset + $limit; if ($rs) { echo n . n . '<form name="longform" method="post" action="index.php" onsubmit="return verify(\'' . gTxt('are_you_sure') . '\')">' . n . startTable('list', '', '', '', '700') . n . tr(n . tda("Displaying {$offset} - {$customersOnPage} of {$total} customers", ' colspan="2" style="border: none; padding-bottom: 15px;"') . n . tda('<a href="?event=customers&step=edit_customer" class="navlink">Add a new customer</a> <a href="?event=customers&step=export_customer" class="navlink">Export customers</a>', ' colspan="2" style="text-align: right; border: none; padding-bottom: 15px;"')) . n . tr(n . column_head('Customer', 'RealName', 'customers', true, $switch_dir, $crit, $search_method) . column_head('Phone', 'shipping_phone', 'customers', true, $switch_dir, $crit, $search_method) . column_head('Email', 'email', 'customers', true, $switch_dir, $crit, $search_method) . column_head('Orders', 'order_num', 'customers', true, $switch_dir, $crit, $search_method)); include_once txpath . '/publish/taghandlers.php'; while ($a = nextRow($rs)) { extract($a); $order_num = safe_count("orders", "user_id = {$user_id}"); $RealName = eLink('customers', 'edit_customer', 'user_id', $user_id, $RealName); $Orders = eLink('order', 'edit', 'customer', $name, $order_num); echo n . n . tr(n . td($RealName, "25%") . td($billing_phone, "25%") . td($email, "25%") . td($Orders, "25%")); } echo n . endTable() . n . '</form>' . n . nav_form('customers', $page, $numPages, $sort, $dir, $crit, $search_method) . n . pageby_form('customers', $customers_list_pageby); } }
function link_save() { global $txpcfg, $vars; $varray = gpsa($vars); extract(doSlash($varray)); if (!$linksort) { $linksort = $linkname; } $id = assert_int($id); $rs = safe_update("txp_link", "category = '{$category}',\n\t\t\turl = '" . trim($url) . "',\n\t\t\tlinkname = '{$linkname}',\n\t\t\tlinksort = '{$linksort}',\n\t\t\tdescription = '{$description}'", "id = {$id}"); if ($rs) { update_lastmod(); $message = gTxt('link_updated', array('{name}' => doStrip($linkname))); link_edit($message); } }
function tag_file_download_link() { global $step, $endform, $name; $invars = gpsa(array('filename', 'id')); extract($invars); $out = form(startTable('list') . tr(tdcs(hed(gTxt('tag_file_download_link'), 3), 2)) . tagRow('id', fInput('text', 'id', $id, 'edit', '', '', 4)) . tagRow('filename', fInput('text', 'filename', $filename, 'edit', '', '', 15)) . $endform); $out .= tdb(tb('file_download_link', $invars, gTxt('text_or_tag'))); return $out; }
function article_edit($message = '', $concurrent = FALSE) { global $vars, $txp_user, $comments_disabled_after, $txpcfg, $prefs; extract($prefs); extract(gpsa(array('view', 'from_view', 'step'))); if (!empty($GLOBALS['ID'])) { // newly-saved article $ID = $GLOBALS['ID']; $step = 'edit'; } else { $ID = gps('ID'); } include_once txpath . '/lib/classTextile.php'; $textile = new Textile(); // switch to 'text' view upon page load and after article post if (!$view || gps('save') || gps('publish')) { $view = 'text'; } if (!$step) { $step = "create"; } if ($step == "edit" && $view == "text" && !empty($ID) && $from_view != 'preview' && $from_view != 'html' && !$concurrent) { $pull = true; //-- it's an existing article - off we go to the db $ID = assert_int($ID); $rs = safe_row("*, unix_timestamp(Posted) as sPosted,\n\t\t\t\tunix_timestamp(Expires) as sExpires,\n\t\t\t\tunix_timestamp(LastMod) as sLastMod", "textpattern", "ID={$ID}"); extract($rs); $reset_time = $publish_now = $Status < 4; } else { $pull = false; //-- assume they came from post if ($from_view == 'preview' or $from_view == 'html') { $store_out = array(); $store = unserialize(base64_decode(ps('store'))); foreach ($vars as $var) { if (isset($store[$var])) { $store_out[$var] = $store[$var]; } } } else { $store_out = gpsa($vars); if ($concurrent) { $store_out['sLastMod'] = safe_field('unix_timestamp(LastMod) as sLastMod', 'textpattern', 'ID=' . $ID); } } extract($store_out); } $GLOBALS['step'] = $step; if ($step == 'create') { $textile_body = $use_textile; $textile_excerpt = $use_textile; } if ($step != 'create') { // Previous record? $prev_id = checkIfNeighbour('prev', $sPosted); // Next record? $next_id = checkIfNeighbour('next', $sPosted); } $page_title = $Title ? $Title : gTxt('write'); pagetop($page_title, $message); echo n . n . '<form name="article" method="post" action="index.php">'; if (!empty($store_out)) { echo hInput('store', base64_encode(serialize($store_out))); } echo hInput('ID', $ID) . eInput('article') . sInput($step) . '<input type="hidden" name="view" />' . startTable('edit') . '<tr>' . n . '<td id="article-col-1">'; if ($view == 'text') { //-- markup help -------------- echo side_help($textile_body, $textile_excerpt) . '<h3 class="plain"><a href="#advanced" onclick="toggleDisplay(\'advanced\'); return false;">' . gTxt('advanced_options') . '</a></h3>', '<div id="advanced" class="toggle" style="display:none">', n . graf('<label for="markup-body">' . gTxt('article_markup') . '</label>' . br . pref_text('textile_body', $textile_body, 'markup-body')), n . graf('<label for="markup-excerpt">' . gTxt('excerpt_markup') . '</label>' . br . pref_text('textile_excerpt', $textile_excerpt, 'markup-excerpt')), $allow_form_override ? graf('<label for="override-form">' . gTxt('override_default_form') . '</label>' . sp . popHelp('override_form') . br . form_pop($override_form, 'override-form')) : '', $custom_1_set ? custField(1, $custom_1_set, $custom_1) : '', $custom_2_set ? custField(2, $custom_2_set, $custom_2) : '', $custom_3_set ? custField(3, $custom_3_set, $custom_3) : '', $custom_4_set ? custField(4, $custom_4_set, $custom_4) : '', $custom_5_set ? custField(5, $custom_5_set, $custom_5) : '', $custom_6_set ? custField(6, $custom_6_set, $custom_6) : '', $custom_7_set ? custField(7, $custom_7_set, $custom_7) : '', $custom_8_set ? custField(8, $custom_8_set, $custom_8) : '', $custom_9_set ? custField(9, $custom_9_set, $custom_9) : '', $custom_10_set ? custField(10, $custom_10_set, $custom_10) : '', n . graf('<label for="keywords">' . gTxt('keywords') . '</label>' . sp . popHelp('keywords') . br . n . '<textarea id="keywords" name="Keywords" cols="18" rows="5">' . htmlspecialchars(str_replace(',', ', ', $Keywords)) . '</textarea>'), n . graf('<label for="article-image">' . gTxt('article_image') . '</label>' . sp . popHelp('article_image') . br . fInput('text', 'Image', $Image, 'edit', '', '', 22, '', 'article-image')), n . graf('<label for="url-title">' . gTxt('url_title') . '</label>' . sp . popHelp('url_title') . br . fInput('text', 'url_title', $url_title, 'edit', '', '', 22, '', 'url-title')), '</div> <h3 class="plain"><a href="#recent" onclick="toggleDisplay(\'recent\'); return false;">' . gTxt('recent_articles') . '</a>' . '</h3>' . '<div id="recent" class="toggle" style="display:none">'; $recents = safe_rows_start("Title, ID", 'textpattern', "1=1 order by LastMod desc limit 10"); if ($recents) { echo '<ul class="plain-list">'; while ($recent = nextRow($recents)) { if (!$recent['Title']) { $recent['Title'] = gTxt('untitled') . sp . $recent['ID']; } echo n . t . '<li><a href="?event=article' . a . 'step=edit' . a . 'ID=' . $recent['ID'] . '">' . escape_title($recent['Title']) . '</a></li>'; } echo '</ul>'; } echo '</div>'; } else { echo sp; } echo '</td>' . n . '<td id="article-main">'; //-- title input -------------- if ($view == 'preview') { echo hed(gTxt('preview'), 2) . hed($Title, 1); } elseif ($view == 'html') { echo hed('XHTML', 2) . hed($Title, 1); } elseif ($view == 'text') { echo n . '<p><label for="title">' . gTxt('title') . '</label>' . sp . popHelp('title') . br . '<input type="text" id="title" name="Title" value="' . escape_title($Title) . '" class="edit" size="40" tabindex="1" />'; if ($step != 'create') { include_once txpath . '/publish/taghandlers.php'; $url = permlinkurl_id($ID); if ($Status != 4 and $Status != 5) { $url .= (strpos($url, '?') === FALSE ? '?' : '&') . 'txpreview=' . intval($ID) . '.' . time(); } echo sp . sp . '<a href="' . $url . '" class="article-view">' . gTxt('view') . '</a>'; } echo '</p>'; } //-- body -------------------- if ($view == 'preview') { if ($textile_body == USE_TEXTILE) { echo $textile->TextileThis($Body); } else { if ($textile_body == CONVERT_LINEBREAKS) { echo nl2br($Body); } else { if ($textile_body == LEAVE_TEXT_UNTOUCHED) { echo $Body; } } } } elseif ($view == 'html') { if ($textile_body == USE_TEXTILE) { $bod = $textile->TextileThis($Body); } else { if ($textile_body == CONVERT_LINEBREAKS) { $bod = nl2br($Body); } else { if ($textile_body == LEAVE_TEXT_UNTOUCHED) { $bod = $Body; } } } echo tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($bod)), 'code'); } else { echo n . graf('<label for="body">' . gTxt('body') . '</label>' . sp . popHelp('body') . br . '<textarea id="body" name="Body" cols="55" rows="31" tabindex="2">' . htmlspecialchars($Body) . '</textarea>'); } //-- excerpt -------------------- if ($articles_use_excerpts) { if ($view == 'text') { echo n . graf('<label for="excerpt">' . gTxt('excerpt') . '</label>' . sp . popHelp('excerpt') . br . '<textarea id="excerpt" name="Excerpt" cols="55" rows="5" tabindex="3">' . htmlspecialchars($Excerpt) . '</textarea>'); } else { echo n . '<hr width="50%" />'; echo $textile_excerpt == USE_TEXTILE ? $view == 'preview' ? graf($textile->textileThis($Excerpt)) : tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($textile->TextileThis($Excerpt))), 'code') : graf($Excerpt); } } //-- author -------------- if ($view == "text" && $step != "create") { echo '<p class="small">' . gTxt('posted_by') . ': ' . htmlspecialchars($AuthorID) . ' · ' . safe_strftime('%d %b %Y · %X', $sPosted); if ($sPosted != $sLastMod) { echo br . gTxt('modified_by') . ': ' . htmlspecialchars($LastModID) . ' · ' . safe_strftime('%d %b %Y · %X', $sLastMod); } echo '</p>'; } echo hInput('from_view', $view), '</td>'; echo '<td id="article-tabs">'; //-- layer tabs ------------------- echo $use_textile == USE_TEXTILE || $textile_body == USE_TEXTILE ? '<ul>' . (tab('text', $view) . tab('html', $view) . tab('preview', $view)) . '</ul>' : ' '; echo '</td>'; echo '<td id="article-col-2">'; if ($view == 'text') { if ($step != 'create') { echo n . graf(href(gtxt('create_new'), 'index.php?event=article')); } //-- prev/next article links -- if ($step != 'create' and ($prev_id or $next_id)) { echo '<p>', $prev_id ? prevnext_link('‹' . gTxt('prev'), 'article', 'edit', $prev_id, gTxt('prev')) : '', $next_id ? prevnext_link(gTxt('next') . '›', 'article', 'edit', $next_id, gTxt('next')) : '', '</p>'; } //-- status radios -------------- echo n . n . '<fieldset id="write-status">' . n . '<legend>' . gTxt('status') . '</legend>' . n . status_radio($Status) . n . '</fieldset>'; //-- category selects ----------- echo n . n . '<fieldset id="write-sort">' . n . '<legend>' . gTxt('sort_display') . '</legend>' . n . graf('<label for="category-1">' . gTxt('category1') . '</label> ' . '<span class="small">[' . eLink('category', '', '', '', gTxt('edit')) . ']</span>' . br . n . category_popup('Category1', $Category1, 'category-1')) . n . graf('<label for="category-2">' . gTxt('category2') . '</label>' . br . n . category_popup('Category2', $Category2, 'category-2')); //-- section select -------------- if (!$from_view && !$pull) { $Section = getDefaultSection(); } echo n . graf('<label for="section">' . gTxt('section') . '</label> ' . '<span class="small">[' . eLink('section', '', '', '', gTxt('edit')) . ']</span>' . br . section_popup($Section, 'section')) . n . '</fieldset>' . n . n . '<h3 class="plain"><a href="#more" onclick="toggleDisplay(\'more\'); return false;">' . gTxt('more') . '</a></h3>', '<div id="more" class="toggle" style="display:none">'; //-- comments stuff -------------- if ($step == "create") { //Avoiding invite disappear when previewing $AnnotateInvite = !empty($store_out['AnnotateInvite']) ? $store_out['AnnotateInvite'] : $comments_default_invite; if ($comments_on_default == 1) { $Annotate = 1; } } if ($use_comments == 1) { echo n . n . '<fieldset id="write-comments">' . n . '<legend>' . gTxt('comments') . '</legend>'; $comments_expired = false; if ($step != 'create' && $comments_disabled_after) { $lifespan = $comments_disabled_after * 86400; $time_since = time() - $sPosted; if ($time_since > $lifespan) { $comments_expired = true; } } if ($comments_expired) { echo n . n . graf(gTxt('expired')); } else { echo n . n . graf(onoffRadio('Annotate', $Annotate)) . n . n . graf('<label for="comment-invite">' . gTxt('comment_invitation') . '</label>' . br . fInput('text', 'AnnotateInvite', $AnnotateInvite, 'edit', '', '', '', '', 'comment-invite')); } echo n . n . '</fieldset>'; } if ($step == "create" and empty($GLOBALS['ID'])) { //-- timestamp ------------------- //Avoiding modified date to disappear $persist_timestamp = !empty($store_out['year']) ? safe_strtotime($store_out['year'] . '-' . $store_out['month'] . '-' . $store_out['day'] . ' ' . $store_out['hour'] . ':' . $store_out['minute'] . ':' . $store_out['second']) : time(); echo n . n . '<fieldset id="write-timestamp">' . n . '<legend>' . gTxt('timestamp') . '</legend>' . n . graf(checkbox('publish_now', '1', $publish_now, '', 'publish_now') . '<label for="publish_now">' . gTxt('set_to_now') . '</label>') . n . graf(gTxt('or_publish_at') . sp . popHelp('timestamp')) . n . graf(gtxt('date') . sp . tsi('year', '%Y', $persist_timestamp) . ' / ' . tsi('month', '%m', $persist_timestamp) . ' / ' . tsi('day', '%d', $persist_timestamp)) . n . graf(gTxt('time') . sp . tsi('hour', '%H', $persist_timestamp) . ' : ' . tsi('minute', '%M', $persist_timestamp) . ' : ' . tsi('second', '%S', $persist_timestamp)) . n . '</fieldset>'; //-- expires ------------------- $persist_timestamp = !empty($store_out['exp_year']) ? safe_strtotime($store_out['exp_year'] . '-' . $store_out['exp_month'] . '-' . $store_out['exp_day'] . ' ' . $store_out['exp_hour'] . ':' . $store_out['exp_minute'] . ':' . $store_out['second']) : NULLDATETIME; echo n . n . '<fieldset id="write-expires">' . n . '<legend>' . gTxt('expires') . '</legend>' . n . graf(gtxt('date') . sp . tsi('exp_year', '%Y', $persist_timestamp) . ' / ' . tsi('exp_month', '%m', $persist_timestamp) . ' / ' . tsi('exp_day', '%d', $persist_timestamp)) . n . graf(gTxt('time') . sp . tsi('exp_hour', '%H', $persist_timestamp) . ' : ' . tsi('exp_minute', '%M', $persist_timestamp) . ' : ' . tsi('exp_second', '%S', $persist_timestamp)) . n . '</fieldset>' . n . n . '</div>'; //-- publish button -------------- echo has_privs('article.publish') ? fInput('submit', 'publish', gTxt('publish'), "publish", '', '', '', 4) : fInput('submit', 'publish', gTxt('save'), "publish", '', '', '', 4); } else { //-- timestamp ------------------- if (!empty($year)) { $sPosted = safe_strtotime($year . '-' . $month . '-' . $day . ' ' . $hour . ':' . $minute . ':' . $second); } echo n . n . '<fieldset id="write-timestamp">' . n . '<legend>' . gTxt('timestamp') . '</legend>' . n . graf(checkbox('reset_time', '1', $reset_time, '', 'reset_time') . '<label for="reset_time">' . gTxt('reset_time') . '</label>') . n . graf(gTxt('published_at') . sp . popHelp('timestamp')) . n . graf(gtxt('date') . sp . tsi('year', '%Y', $sPosted) . ' / ' . tsi('month', '%m', $sPosted) . ' / ' . tsi('day', '%d', $sPosted)) . n . graf(gTxt('time') . sp . tsi('hour', '%H', $sPosted) . ' : ' . tsi('minute', '%M', $sPosted) . ' : ' . tsi('second', '%S', $sPosted)) . n . hInput('sPosted', $sPosted), n . hInput('sLastMod', $sLastMod), n . hInput('AuthorID', $AuthorID), n . hInput('LastModID', $LastModID), n . '</fieldset>'; //-- expires ------------------- if (!empty($exp_year)) { if (empty($exp_month)) { $exp_month = 1; } if (empty($exp_day)) { $exp_day = 1; } if (empty($exp_hour)) { $exp_hour = 0; } if (empty($exp_minute)) { $exp_minute = 0; } if (empty($exp_second)) { $exp_second = 0; } $sExpires = safe_strtotime($exp_year . '-' . $exp_month . '-' . $exp_day . ' ' . $exp_hour . ':' . $exp_minute . ':' . $exp_second); } echo n . n . '<fieldset id="write-expires">' . n . '<legend>' . gTxt('expires') . '</legend>' . n . graf(gtxt('date') . sp . tsi('exp_year', '%Y', $sExpires) . ' / ' . tsi('exp_month', '%m', $sExpires) . ' / ' . tsi('exp_day', '%d', $sExpires)) . n . graf(gTxt('time') . sp . tsi('exp_hour', '%H', $sExpires) . ' : ' . tsi('exp_minute', '%M', $sExpires) . ' : ' . tsi('exp_second', '%S', $sExpires)) . n . hInput('sExpires', $sExpires) . n . '</fieldset>' . n . n . '</div>'; //-- save button -------------- if ($Status >= 4 and has_privs('article.edit.published') or $Status >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $Status < 4 and has_privs('article.edit') or $Status < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) { echo fInput('submit', 'save', gTxt('save'), "publish", '', '', '', 4); } } } echo '</td></tr></table></form>'; }
function rss() { global $prefs, $thisarticle; extract($prefs); ob_start(); extract(doSlash(gpsa(array('category', 'section', 'limit', 'area')))); $area = gps('area'); $sitename .= $section ? ' - ' . $section : ''; $sitename .= $category ? ' - ' . $category : ''; $out[] = tag(doSpecial($sitename), 'title'); $out[] = tag(hu, 'link'); $out[] = tag(doSpecial($site_slogan), 'description'); $articles = array(); if (!$area or $area == 'article') { $sfilter = $section ? "and Section = '" . $section . "'" : ''; $cfilter = $category ? "and (Category1='" . $category . "' or Category2='" . $category . "')" : ''; $limit = $limit ? $limit : '5'; $frs = safe_column("name", "txp_section", "in_rss != '1'"); if ($frs) { foreach ($frs as $f) { $query[] = "and Section != '" . $f . "'"; } } $query[] = $sfilter; $query[] = $cfilter; $rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted, ID as thisid", "textpattern", "Status = 4 " . join(' ', $query) . "and Posted < now() order by Posted desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); populateArticleData($a); $a['posted'] = $uPosted; $Body = !$syndicate_body_or_excerpt ? $thisarticle['body'] : $thisarticle['excerpt']; $Body = !trim($Body) ? $thisarticle['body'] : $Body; $Body = str_replace('href="/', 'href="' . hu, $Body); $Body = preg_replace("/href=\\\"#(.*)\"/", "href=\"" . permlinkurl($a) . "#\\1\"", $Body); $Body = safe_hed($Body); $Body = preg_replace(array('/</', '/>/', "/'/", '/"/'), array('<', '>', ''', '"'), $Body); // encode bare ampersands $Body = preg_replace("/&(?![#0-9]+;|\\w+;)/i", '&', $Body); $uTitle = $url_title ? $url_title : stripSpace($Title); $uTitle = htmlspecialchars($uTitle, ENT_NOQUOTES); if ($show_comment_count_in_feed) { $dc = getCount('txp_discuss', "parentid={$ID} and visible=1"); $count = $dc > 0 ? ' [' . $dc . ']' : ''; } else { $count = ''; } $Title = doSpecial($Title) . $count; $permlink = permlinkurl($a); $item = tag(strip_tags($Title), 'title') . n . tag($Body, 'description') . n . tag($permlink, 'link'); $articles[$ID] = tag($item, 'item'); $etags[$ID] = strtoupper(dechex(crc32($articles[$ID]))); $dates[$ID] = $uPosted; } } } elseif ($area == 'link') { $cfilter = $category ? "category='{$category}'" : '1'; $limit = $limit ? $limit : 15; $rs = safe_rows_start("*", "txp_link", "{$cfilter} order by date desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); $item = tag(doSpecial($linkname), 'title') . n . tag(doSpecial($description), 'description') . n . tag(doSpecial($url), 'link'); $articles[$id] = tag($item, 'item'); $etags[$id] = strtoupper(dechex(crc32($articles[$id]))); $dates[$id] = $date; } } } //turn on compression if we aren't using it already if (extension_loaded('zlib') && ini_get("zlib.output_compression") == 0 && ini_get('output_handler') != 'ob_gzhandler' && !headers_sent()) { ob_start("ob_gzhandler"); } $last = fetch('unix_timestamp(val)', 'txp_prefs', 'name', 'lastmod'); $last = gmdate("D, d M Y H:i:s \\G\\M\\T", $last); header("Last-Modified: {$last}"); $expires = gmdate('D, d M Y H:i:s \\G\\M\\T', time() + 3600 * 1); header("Expires: {$expires}"); $hims = serverset('HTTP_IF_MODIFIED_SINCE'); if ($hims == $last) { header("HTTP/1.1 304 Not Modified"); exit; } $imsd = @strtotime($hims); if (is_callable('apache_request_headers')) { $headers = apache_request_headers(); if (isset($headers["A-IM"])) { $canaim = strpos($headers["A-IM"], "feed"); } else { $canaim = false; } } else { $canaim = false; } $hinm = stripslashes(serverset('HTTP_IF_NONE_MATCH')); $cutarticles = false; if ($canaim !== false) { foreach ($articles as $id => $thing) { if (strpos($hinm, $etags[$id]) !== false) { unset($articles[$id]); $cutarticles = true; $cut_etag = true; } if ($dates[$id] < $imsd) { unset($articles[$id]); $cutarticles = true; $cut_time = true; } } } if (isset($cut_etag) && isset($cut_time)) { header("Vary: If-None-Match, If-Modified-Since"); } else { if (isset($cut_etag)) { header("Vary: If-None-Match"); } else { if (isset($cut_time)) { header("Vary: If-Modified-Since"); } } } $etag = @join("-", $etags); if (strstr($hinm, $etag)) { header("HTTP/1.1 304 Not Modified"); exit; } if ($cutarticles) { //header("HTTP/1.1 226 IM Used"); //This should be used as opposed to 200, but Apache doesn't like it. //http://intertwingly.net/blog/2004/09/11/Vary-ETag/ says that the status code should be 200. header("Cache-Control: no-store, im"); header("IM: feed"); } $out = array_merge($out, $articles); header("Content-Type: application/rss+xml; charset=utf-8"); if ($etag) { header('ETag: "' . $etag . '"'); } return '<rss version="0.92">' . tag(join(n, $out), 'channel') . '</rss>'; }
function article_edit($message = "") { global $txpcfg, $txp_user, $vars; extract(get_prefs()); extract(gpsa(array('view', 'from_view', 'step'))); if (!empty($GLOBALS['ID'])) { // newly-saved article $ID = intval($GLOBALS['ID']); $step = 'edit'; } else { $ID = gps('ID'); } include_once $txpcfg['txpath'] . '/lib/classTextile.php'; $textile = new Textile(); if (!$view) { $view = "text"; } if (!$step) { $step = "create"; } if ($step == "edit" && $view == "text" && !empty($ID) && $from_view != "preview" && $from_view != 'html') { $pull = true; //-- it's an existing article - off we go to the db $rs = safe_row("*, unix_timestamp(Posted) as sPosted,\n\t\t\t\tunix_timestamp(LastMod) as sLastMod", "textpattern", "ID={$ID}"); extract($rs); if ($AnnotateInvite != $comments_default_invite) { $AnnotateInvite = $AnnotateInvite; } else { $AnnotateInvite = $comments_default_invite; } } else { $pull = false; //-- assume they came from post if (!$from_view or $from_view == 'text') { extract(gpsa($vars)); } elseif ($from_view == 'preview' or $from_view == 'html') { // coming from either html or preview if (isset($_POST['store'])) { $store = unserialize(base64_decode($_POST['store'])); extract($store); } } foreach ($vars as $var) { if (isset(${$var})) { $store_out[$var] = ${$var}; } } } $GLOBALS['step'] = $step; if ($step == 'create') { $textile_body = 1; $textile_excerpt = 1; } if ($step != 'create') { // Previous record? $prev_id = checkIfNeighbour('prev', $sPosted); // Next record? $next_id = checkIfNeighbour('next', $sPosted); } pagetop($Title, $message); echo '<form action="index.php" method="post" name="article">'; if (!empty($store_out)) { echo hInput('store', base64_encode(serialize($store_out))); } echo hInput('ID', $ID), eInput('article'), sInput($step); echo '<input type="hidden" name="view" />', startTable('edit'); echo '<tr><td> </td><td colspan="3">', $view == 'preview' ? hed(ucfirst(gTxt('preview')), 2) . graf($Title) : '', $view == 'html' ? hed('XHTML', 2) . graf($Title) : '', $view == 'text' ? br . '<input type="text" name="Title" value="' . cleanfInput($Title) . '" class="edit" size="40" tabindex="1" />' : '', '</td></tr>'; //-- article input -------------- echo '<tr> <td valign="top">', $view == 'text' && $use_textile == 2 ? '<p><a href="#" onclick="toggleDisplay(\'textile_help\');">' . gTxt('textile_help') . '</a></p> <div id="textile_help" style="display:none;">' . sidehelp() . '</div>' : sp; if ($view == 'text') { echo '<p><a href="#" onclick="toggleDisplay(\'advanced\');">' . gTxt('advanced_options') . '</a></p>', '<div id="advanced" style="display:none;">', graf(gTxt('use_textile') . br . tag(checkbox2('textile_body', $textile_body) . gTxt('article'), 'label') . br . tag(checkbox2('textile_excerpt', $textile_excerpt) . gTxt('excerpt'), 'label')), $allow_form_override ? graf(gTxt('override_default_form') . br . form_pop($override_form) . popHelp('override_form')) : '', $custom_1_set ? custField(1, $custom_1_set, $custom_1) : '', $custom_2_set ? custField(2, $custom_2_set, $custom_2) : '', $custom_3_set ? custField(3, $custom_3_set, $custom_3) : '', $custom_4_set ? custField(4, $custom_4_set, $custom_4) : '', $custom_5_set ? custField(5, $custom_5_set, $custom_5) : '', $custom_6_set ? custField(6, $custom_6_set, $custom_6) : '', $custom_7_set ? custField(7, $custom_7_set, $custom_7) : '', $custom_8_set ? custField(8, $custom_8_set, $custom_8) : '', $custom_9_set ? custField(9, $custom_9_set, $custom_9) : '', $custom_10_set ? custField(10, $custom_10_set, $custom_10) : '', graf(gTxt('keywords') . popHelp('keywords') . br . '<textarea name="Keywords" style="width:100px;height:80px" rows="1" cols="1">' . $Keywords . '</textarea>'), graf(gTxt('article_image') . popHelp('article_image') . br . fInput('text', 'Image', $Image, 'edit')), graf(gTxt('url_title') . popHelp('url_title') . br . fInput('text', 'url_title', $url_title, 'edit')) . '</div> <p><a href="#" onclick="toggleDisplay(\'recent\');">' . gTxt('recent_articles') . '</a>' . '</p>' . '<div id="recent" style="display:none;">'; $recents = safe_rows_start("Title, ID", 'textpattern', "1 order by LastMod desc limit 10"); if ($recents) { echo '<p>'; while ($recent = nextRow($recents)) { extract($recent); if (!$Title) { $Title = gTxt('untitled') . sp . $ID; } echo '<a href="?event=article' . a . 'step=edit' . a . 'ID=' . $ID . '">' . $Title . '</a>' . br . n; } echo '</p>'; } echo '</div>'; } else { echo sp; } echo '</td> <td valign="top" style="width:400px">'; if ($view == "preview") { if ($use_textile == 2) { echo $textile->TextileThis($Body); } else { if ($use_textile == 1) { echo nl2br($Body); } else { if ($use_textile == 0) { echo $Body; } } } } elseif ($view == "html") { if ($use_textile == 2) { $bod = $textile->TextileThis($Body); } else { if ($use_textile == 1) { $bod = nl2br($Body); } else { if ($use_textile == 0) { $bod = $Body; } } } echo tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($bod)), 'code'); } else { echo '<textarea style="width:400px;height:420px" rows="1" cols="1" name="Body" tabindex="2">', htmlspecialchars($Body), '</textarea>'; } //-- excerpt -------------------- if ($articles_use_excerpts) { if ($view == 'text') { $Excerpt = str_replace("&", "&", htmlspecialchars($Excerpt)); echo graf(gTxt('excerpt') . popHelp('excerpt') . br . '<textarea style="width:400px;height:50px" rows="1" cols="1" name="Excerpt" tabindex="3">' . $Excerpt . '</textarea>'); } else { echo '<hr width="50%" />'; echo $textile_excerpt ? $view == 'preview' ? graf($textile->textileThis($Excerpt), 1) : tag(str_replace(array(n, t), array(br, sp . sp . sp . sp), htmlspecialchars($textile->TextileThis($Excerpt), 1)), 'code') : graf($Excerpt); } } //-- author -------------- if ($view == "text" && $step != "create") { echo "<p><small>" . gTxt('posted_by') . " {$AuthorID}: ", date("H:i, d M y", $sPosted + tz_offset()); if ($sPosted != $sLastMod) { echo br . gTxt('modified_by') . " {$LastModID}: ", date("H:i, d M y", $sLastMod + tz_offset()); } echo '</small></p>'; } echo hInput('from_view', $view), '</td>'; echo '<td valign="top" align="left" width="20">'; //-- layer tabs ------------------- echo $use_textile == 2 ? tab('text', $view) . tab('html', $view) . tab('preview', $view) : ' '; echo '</td>'; ?> <td width="200" valign="top" style="padding-left:10px" align="left" id="articleside"> <?php //-- prev/next article links -- if ($view == 'text') { if ($step != 'create' and ($prev_id or $next_id)) { echo '<p>', $prev_id ? prevnext_link('‹' . gTxt('prev'), 'article', 'edit', $prev_id, gTxt('prev')) : '', $next_id ? prevnext_link(gTxt('next') . '›', 'article', 'edit', $next_id, gTxt('next')) : '', '</p>'; } } //-- status radios -------------- echo $view == 'text' ? n . graf(status_radio($Status)) . n : ''; //-- category selects ----------- echo $view == 'text' ? graf(gTxt('categorize') . ' [' . eLink('category', '', '', '', gTxt('edit')) . ']' . br . category_popup('Category1', $Category1) . category_popup('Category2', $Category2)) : ''; //-- section select -------------- if (!$from_view && !$pull) { $Section = getDefaultSection(); } echo $view == 'text' ? graf(gTxt('section') . ' [' . eLink('section', '', '', '', gTxt('edit')) . ']' . br . section_popup($Section)) : ''; //-- comments stuff -------------- if ($step == "create") { //Avoiding invite disappear when previewing $AnnotateInvite = !empty($store_out['AnnotateInvite']) ? $store_out['AnnotateInvite'] : $comments_default_invite; if ($comments_on_default == 1) { $Annotate = 1; } } echo $use_comments == 1 && $view == 'text' ? graf(gTxt('comments') . onoffRadio("Annotate", $Annotate) . '<br />' . gTxt('comment_invitation') . '<br />' . fInput('text', 'AnnotateInvite', $AnnotateInvite, 'edit')) : ''; //-- timestamp ------------------- if ($step == "create" and empty($GLOBALS['ID'])) { if ($view == 'text') { //Avoiding modified date to disappear $persist_timestamp = !empty($store_out['year']) ? mktime($store_out['hour'], $store_out['minute'], '00', $store_out['month'], $store_out['day'], $store_out['year']) : time(); echo graf(tag(checkbox('publish_now', '1') . gTxt('set_to_now'), 'label')), '<p>', gTxt('or_publish_at'), popHelp("timestamp"), br, tsi('year', 'Y', $persist_timestamp), tsi('month', 'm', $persist_timestamp), tsi('day', 'd', $persist_timestamp), sp, tsi('hour', 'H', $persist_timestamp), ':', tsi('minute', 'i', $persist_timestamp), '</p>'; } //-- publish button -------------- if ($view == 'text') { echo has_privs('article.publish') ? fInput('submit', 'publish', gTxt('publish'), "publish") : fInput('submit', 'publish', gTxt('save'), "publish"); } } else { if ($view == 'text') { echo '<p>', gTxt('published_at'), popHelp("timestamp"), br, tsi('year', 'Y', $sPosted, 5), tsi('month', 'm', $sPosted, 6), tsi('day', 'd', $sPosted, 7), sp, tsi('hour', 'H', $sPosted, 8), ':', tsi('minute', 'i', $sPosted, 9), '</p>', hInput('sPosted', $sPosted), hInput('sLastMod', $sLastMod), hInput('AuthorID', $AuthorID), hInput('LastModID', $LastModID), graf(checkbox('reset_time', '1', 0) . gTxt('reset_time')); } //-- save button -------------- if ($view == 'text') { if ($Status >= 4 and has_privs('article.edit.published') or $Status >= 4 and $AuthorID == $txp_user and has_privs('article.edit.own.published') or $Status < 4 and has_privs('article.edit') or $Status < 4 and $AuthorID == $txp_user and has_privs('article.edit.own')) { echo fInput('submit', 'save', gTxt('save'), "publish"); } } } echo '</td></tr></table></form>'; }
function section_edit() { global $event, $step, $txp_user, $all_pages, $all_styles; $name = gps('name'); $is_edit = $name && $step == 'section_edit'; if ($is_edit) { $name = assert_string($name); $rs = safe_row('*', 'txp_section', "name = '" . doSlash($name) . "'"); } else { $rs = array_flip(getThings('describe `' . PFX . 'txp_section`')); } if ($rs) { if (!has_privs('section.edit')) { sec_section_list(gTxt('restricted_area')); return; } pagetop(gTxt('tab_sections')); extract($rs, EXTR_PREFIX_ALL, 'sec'); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method'))); $is_default_section = $is_edit && $sec_name == 'default'; $caption = gTxt($is_default_section ? 'edit_default_section' : ($is_edit ? 'edit_section' : 'create_section')); if (!$is_edit) { // Pulling out the radio items from the default entry might seem pointless since they can't be directly // edited, but they will take on either: // a) the default (SQL) values as defined at table creation time, or // b) the values set when a multi-edit was performed that included the default section (because the values are silently updated then) $default = doSlash(safe_row('page, css, on_frontpage, in_rss, searchable', 'txp_section', "name = 'default'")); $sec_name = $sec_title = ''; $sec_page = $default['page']; $sec_css = $default['css']; $sec_on_frontpage = $default['on_frontpage']; $sec_in_rss = $default['in_rss']; $sec_searchable = $default['searchable']; } echo '<div id="' . $event . '_container" class="txp-container">'; echo form('<div class="txp-edit">' . hed($caption, 2) . ($is_default_section ? hInput('name', 'default') : inputLabel('section_name', fInput('text', 'name', $sec_name, '', '', '', INPUT_REGULAR, '', 'section_name'), 'section_name')) . ($is_default_section ? '' : inputLabel('section_title', fInput('text', 'title', $sec_title, '', '', '', INPUT_REGULAR, '', 'section_title'), 'section_longtitle')) . inputLabel('section_page', selectInput('section_page', $all_pages, $sec_page, '', '', 'section_page'), 'uses_page', 'section_uses_page') . inputLabel('section_css', selectInput('css', $all_styles, $sec_css, '', '', 'section_css'), 'uses_style', 'section_uses_css') . ($is_default_section ? '' : inputLabel('on_front_page', yesnoradio('on_frontpage', $sec_on_frontpage, '', $sec_name), '', 'section_on_frontpage')) . ($is_default_section ? '' : inputLabel('syndicate', yesnoradio('in_rss', $sec_in_rss, '', $sec_name), '', 'section_syndicate')) . ($is_default_section ? '' : inputLabel('include_in_search', yesnoradio('searchable', $sec_searchable, '', $sec_name), '', 'section_searchable')) . pluggable_ui('section_ui', 'extend_detail_form', '', $rs) . graf(fInput('submit', '', gTxt('save'), 'publish')) . eInput('section') . sInput('section_save') . hInput('old_name', $sec_name) . hInput('search_method', $search_method) . hInput('crit', $crit) . hInput('page', $page) . hInput('sort', $sort) . hInput('dir', $dir) . '</div>', '', '', 'post', 'edit-form', '', 'section_details'); echo '</div>'; } }
/** * Writes a new language string to the database. * * The language is taken from a 'lang_code' HTTP POST or GET parameter. * * The '$value' argument takes a string as an array. This array consists of keys * 'name', 'event', 'data', 'uLastmod'. * * @param array $value The string * @param int $key Not used */ function install_lang_key(&$value, $key) { extract(gpsa(array('lang_code', 'updating'))); $exists = safe_field("name", 'txp_lang', "name = '" . doSlash($value['name']) . "' AND lang = '" . doSlash($lang_code) . "'"); $q = "name = '" . doSlash($value['name']) . "',\n event = '" . doSlash($value['event']) . "',\n data = '" . doSlash($value['data']) . "',\n lastmod = '" . doSlash(strftime('%Y%m%d%H%M%S', $value['uLastmod'])) . "'"; if ($exists !== false) { $value['ok'] = safe_update('txp_lang', $q, "owner = '" . doSlash(TEXTPATTERN_LANG_OWNER_SYSTEM) . "' AND lang = '" . doSlash($lang_code) . "' AND name = '" . doSlash($value['name']) . "'"); } else { $value['ok'] = safe_insert('txp_lang', "{$q}, lang = '" . doSlash($lang_code) . "'"); } }
/** * User editor panel. * * Accessing requires 'admin.edit' privileges. */ function author_edit() { global $step, $txp_user; require_privs('admin.edit'); pagetop(gTxt('tab_site_admin'), ''); $vars = array('user_id', 'name', 'RealName', 'email', 'privs'); $rs = array(); $out = array(); extract(gpsa($vars)); $is_edit = $user_id && $step == 'author_edit'; if ($is_edit) { $user_id = assert_int($user_id); $rs = safe_row('*', 'txp_users', "user_id = {$user_id}"); extract($rs); } if ($is_edit) { $out[] = hed(gTxt('edit_author'), 2); } else { $out[] = hed(gTxt('add_new_author'), 2); } if ($is_edit) { $out[] = inputLabel('login_name', strong(txpspecialchars($name))); } else { $out[] = inputLabel('login_name', fInput('text', 'name', $name, '', '', '', INPUT_REGULAR, '', 'login_name'), 'login_name', 'add_new_author'); } $out[] = inputLabel('real_name', fInput('text', 'RealName', $RealName, '', '', '', INPUT_REGULAR, '', 'real_name'), 'real_name') . inputLabel('login_email', fInput('email', 'email', $email, '', '', '', INPUT_REGULAR, '', 'login_email'), 'email'); if ($txp_user != $name) { $out[] = inputLabel('privileges', privs($privs), 'privileges', 'about_privileges'); } else { $out[] = inputLabel('privileges', strong(get_priv_level($privs))) . hInput('privs', $privs); } $out[] = pluggable_ui('author_ui', 'extend_detail_form', '', $rs) . graf(fInput('submit', '', gTxt('save'), 'publish')) . eInput('admin'); if ($user_id) { $out[] = hInput('user_id', $user_id) . hInput('name', $name) . sInput('author_save'); } else { $out[] = sInput('author_save_new'); } echo form(n . tag(join('', $out) . n, 'section', array('class' => 'txp-edit')), '', '', 'post', 'edit-form', '', 'user_edit'); }
function css_save() { extract(gpsa(array('name', 'css', 'savenew', 'newname', 'copy'))); $css = doSlash(base64_encode($css)); if ($savenew or $copy) { $newname = doSlash(trim(preg_replace('/[<>&"\']/', '', gps('newname')))); if ($newname and safe_field('name', 'txp_css', "name = '{$newname}'")) { $message = gTxt('css_already_exists', array('{name}' => $newname)); } elseif ($newname) { safe_insert('txp_css', "name = '" . $newname . "', css = '{$css}'"); // update site last mod time update_lastmod(); $message = gTxt('css_created', array('{name}' => $newname)); } else { $message = gTxt('css_name_required'); } css_edit($message); } else { safe_update('txp_css', "css = '{$css}'", "name = '" . doSlash($name) . "'"); // update site last mod time update_lastmod(); $message = gTxt('css_updated', array('{name}' => $name)); css_edit($message); } }
function rss() { global $prefs, $thisarticle; set_error_handler('feedErrorHandler'); ob_clean(); extract($prefs); extract(doSlash(gpsa(array('limit', 'area')))); // build filter criteria from a comma-separated list of sections and categories $feed_filter_limit = get_pref('feed_filter_limit', 10); $section = gps('section'); $category = gps('category'); if (!is_scalar($section) || !is_scalar($category)) { txp_die('Not Found', 404); } $section = $section ? array_slice(array_unique(do_list($section)), 0, $feed_filter_limit) : array(); $category = $category ? array_slice(array_unique(do_list($category)), 0, $feed_filter_limit) : array(); $st = array(); foreach ($section as $s) { $st[] = fetch_section_title($s); } $ct = array(); foreach ($category as $c) { $ct[] = fetch_category_title($c); } $sitename .= $section ? ' - ' . join(' - ', $st) : ''; $sitename .= $category ? ' - ' . join(' - ', $ct) : ''; $dn = explode('/', $siteurl); $mail_or_domain = $use_mail_on_feeds_id ? eE($blog_mail_uid) : $dn[0]; // feed header $out[] = tag('http://textpattern.com/?v=' . $version, 'generator'); $out[] = tag(doSpecial($sitename), 'title'); $out[] = tag(hu, 'link'); $out[] = '<atom:link href="' . pagelinkurl(array('rss' => 1, 'area' => $area, 'section' => $section, 'category' => $category, 'limit' => $limit)) . '" rel="self" type="application/rss+xml" />'; $out[] = tag(doSpecial($site_slogan), 'description'); $last = fetch('unix_timestamp(val)', 'txp_prefs', 'name', 'lastmod'); $out[] = tag(safe_strftime('rfc822', $last), 'pubDate'); $out[] = callback_event('rss_head'); // feed items $articles = array(); $section = doSlash($section); $category = doSlash($category); if (!$area or $area == 'article') { $sfilter = !empty($section) ? "and Section in ('" . join("','", $section) . "')" : ''; $cfilter = !empty($category) ? "and (Category1 in ('" . join("','", $category) . "') or Category2 in ('" . join("','", $category) . "'))" : ''; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $frs = safe_column("name", "txp_section", "in_rss != '1'"); if ($frs) { foreach ($frs as $f) { $query[] = "and Section != '" . doSlash($f) . "'"; } } $query[] = $sfilter; $query[] = $cfilter; $expired = $publish_expired_articles ? '' : ' and (now() <= Expires or Expires = ' . NULLDATETIME . ') '; $rs = safe_rows_start("*, unix_timestamp(Posted) as uPosted, unix_timestamp(LastMod) as uLastMod, unix_timestamp(Expires) as uExpires, ID as thisid", "textpattern", "Status = 4 " . join(' ', $query) . "and Posted < now()" . $expired . "order by Posted desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); populateArticleData($a); $cb = callback_event('rss_entry'); $a['posted'] = $uPosted; $permlink = permlinkurl($a); $summary = trim(replace_relative_urls(parse($thisarticle['excerpt']), $permlink)); $content = trim(replace_relative_urls(parse($thisarticle['body']), $permlink)); if ($syndicate_body_or_excerpt) { # short feed: use body as summary if there's no excerpt if (!trim($summary)) { $summary = $content; } $content = ''; } if ($show_comment_count_in_feed) { $count = $comments_count > 0 ? ' [' . $comments_count . ']' : ''; } else { $count = ''; } $Title = escape_title(strip_tags($Title)) . $count; $thisauthor = get_author_name($AuthorID); $item = tag($Title, 'title') . n . (trim($summary) ? tag(n . escape_cdata($summary) . n, 'description') . n : '') . (trim($content) ? tag(n . escape_cdata($content) . n, 'content:encoded') . n : '') . tag($permlink, 'link') . n . tag(safe_strftime('rfc822', $a['posted']), 'pubDate') . n . tag(htmlspecialchars($thisauthor), 'dc:creator') . n . tag('tag:' . $mail_or_domain . ',' . $feed_time . ':' . $blog_uid . '/' . $uid, 'guid', ' isPermaLink="false"') . n . $cb; $articles[$ID] = tag($item, 'item'); $etags[$ID] = strtoupper(dechex(crc32($articles[$ID]))); $dates[$ID] = $uPosted; } } } elseif ($area == 'link') { $cfilter = $category ? "category in ('" . join("','", $category) . "')" : '1'; $limit = $limit ? $limit : $rss_how_many; $limit = intval(min($limit, max(100, $rss_how_many))); $rs = safe_rows_start("*, unix_timestamp(date) as uDate", "txp_link", "{$cfilter} order by date desc limit {$limit}"); if ($rs) { while ($a = nextRow($rs)) { extract($a); $item = tag(doSpecial($linkname), 'title') . n . tag(doSpecial($description), 'description') . n . tag(doSpecial($url), 'link') . n . tag(safe_strftime('rfc822', $uDate), 'pubDate'); $articles[$id] = tag($item, 'item'); $etags[$id] = strtoupper(dechex(crc32($articles[$id]))); $dates[$id] = $date; } } } if (!$articles) { if ($section) { if (safe_field('name', 'txp_section', "name in ('" . join("','", $section) . "')") == false) { txp_die(gTxt('404_not_found'), '404'); } } elseif ($category) { switch ($area) { case 'link': if (safe_field('id', 'txp_category', "name = '{$category}' and type = 'link'") == false) { txp_die(gTxt('404_not_found'), '404'); } break; case 'article': default: if (safe_field('id', 'txp_category', "name in ('" . join("','", $category) . "') and type = 'article'") == false) { txp_die(gTxt('404_not_found'), '404'); } break; } } } else { //turn on compression if we aren't using it already if (extension_loaded('zlib') && ini_get("zlib.output_compression") == 0 && ini_get('output_handler') != 'ob_gzhandler' && !headers_sent()) { // make sure notices/warnings/errors don't fudge up the feed // when compression is used $buf = ''; while ($b = @ob_get_clean()) { $buf .= $b; } @ob_start('ob_gzhandler'); echo $buf; } handle_lastmod(); $hims = serverset('HTTP_IF_MODIFIED_SINCE'); $imsd = $hims ? strtotime($hims) : 0; if (is_callable('apache_request_headers')) { $headers = apache_request_headers(); if (isset($headers["A-IM"])) { $canaim = strpos($headers["A-IM"], "feed"); } else { $canaim = false; } } else { $canaim = false; } $hinm = stripslashes(serverset('HTTP_IF_NONE_MATCH')); $cutarticles = false; if ($canaim !== false) { foreach ($articles as $id => $thing) { if (strpos($hinm, $etags[$id]) !== false) { unset($articles[$id]); $cutarticles = true; $cut_etag = true; } if ($dates[$id] < $imsd) { unset($articles[$id]); $cutarticles = true; $cut_time = true; } } } if (isset($cut_etag) && isset($cut_time)) { header("Vary: If-None-Match, If-Modified-Since"); } else { if (isset($cut_etag)) { header("Vary: If-None-Match"); } else { if (isset($cut_time)) { header("Vary: If-Modified-Since"); } } } $etag = @join("-", $etags); if (strstr($hinm, $etag)) { txp_status_header('304 Not Modified'); exit(0); } if ($cutarticles) { //header("HTTP/1.1 226 IM Used"); //This should be used as opposed to 200, but Apache doesn't like it. //http://intertwingly.net/blog/2004/09/11/Vary-ETag/ says that the status code should be 200. header("Cache-Control: no-store, im"); header("IM: feed"); } } $out = array_merge($out, $articles); header("Content-Type: application/rss+xml; charset=utf-8"); if (isset($etag)) { header('ETag: "' . $etag . '"'); } return '<?xml version="1.0" encoding="utf-8"?>' . n . '<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:atom="http://www.w3.org/2005/Atom">' . n . tag(join(n, $out), 'channel') . n . '</rss>'; }
function author_form() { global $step, $txp_user; $vars = array('user_id', 'name', 'RealName', 'email', 'privs'); extract(gpsa($vars)); if ($user_id && $step == 'author_edit') { $user_id = assert_int($user_id); extract(safe_row('*', 'txp_users', "user_id = {$user_id}")); } if ($step == 'author_save' or $step == 'author_save_new') { foreach ($vars as $var) { ${$var} = ''; } } $caption = gTxt($step == 'author_edit' ? 'edit_author' : 'add_new_author'); return form(hed($caption, 3, ' style="text-align: center;"') . startTable('edit') . tr(fLabelCell('login_name') . ($user_id && $step == 'author_edit' ? td(strong($name)) : fInputCell('name', $name))) . tr(fLabelCell('real_name') . fInputCell('RealName', $RealName)) . tr(fLabelCell('email') . fInputCell('email', $email)) . tr(fLabelCell('privileges') . td(($txp_user != $name ? privs($privs) : hInput('privs', $privs) . strong(get_priv_level($privs))) . sp . popHelp('about_privileges'))) . tr(td() . td(fInput('submit', '', gTxt('save'), 'publish') . ($user_id ? '' : sp . popHelp('add_new_author')))) . endTable() . eInput('admin') . ($user_id ? hInput('user_id', $user_id) . sInput('author_save') : sInput('author_save_new'))); }
function ign_userList() { global $myprivs, $ign_user, $ign_user_db, $prefs, $ign_privs; $allow_edit = in_array($myprivs, explode(',', $ign_privs['edit_users'])) ? true : false; if (version_compare($prefs['version'], '4.0.4') < 0) { ign_add_paging(); } //pagination code $total = safe_count($ign_user_db, '1'); extract(gpsa(array('page', 'sort', 'dir', 'crit', 'search_method', 'last_access'))); $limit = 25; $dir = $dir == 'desc' ? 'desc' : 'asc'; switch ($sort) { case 'name': $sort_by = 'name'; break; case 'email': $sort_by = 'email'; break; case 'privs': $sort_by = 'privs'; break; case 'last_access': $sort_by = 'last_access'; break; case 'realname': default: $sort_by = 'realname'; break; } $switch_dir = $dir == 'desc' ? 'asc' : 'desc'; $criteria = 1; list($page, $offset, $numPages) = pager($total, $limit, $page); //build search here //TODO: Implement search on user name / real name $rs = safe_rows_start("*", $ign_user_db, "{$criteria} order by {$sort_by} {$dir} limit {$offset}, {$limit}"); $out[] = hed(ign_gTxt('users'), 3, ' align="center"'); $out[] = startTable('list'); $out[] = tr(hCell(href(gTxt('real_name'), "index.php?event=ign_user_mgmt&step=list&page={$page}&dir={$switch_dir}&sort=real_name")) . hCell(href(gTxt('login_name'), "index.php?event=ign_user_mgmt&step=list&page={$page}&dir={$switch_dir}&sort=name")) . hCell(href(ucfirst(gTxt('email')), "index.php?event=ign_user_mgmt&step=list&page={$page}&dir={$switch_dir}&sort=email")) . hCell(href(gTxt('privileges'), "index.php?event=ign_user_mgmt&step=list&page={$page}&dir={$switch_dir}&sort=privs")) . td() . td() . hCell(href(gTxt('last_access'), "index.php?event=ign_user_mgmt&step=list&page={$page}&dir={$switch_dir}&sort=last_access"))); if ($rs) { while ($a = nextRow($rs)) { extract($a); if ($name == $ign_user) { $deletelink = ''; } else { $deletelink = dLink('ign_user_mgmt', 'ign_user_delete', 'user_id', $user_id); } $savelink = fInput("submit", 'save', gTxt('save'), 'smallerbox'); $emailhref = '<a href="mailto:' . $email . '">' . $email . '</a>'; $RealNameInput = fInput('text', 'RealName', $RealName, 'edit'); $emailInput = fInput('text', 'email', $email, 'edit'); $row[] = '<form action="index.php" method="post">'; $row[] = $allow_edit ? td($RealNameInput) : td($RealName); $row[] = td($name); $row[] = $allow_edit ? td($emailInput) : td($emailhref); $row[] = $allow_edit ? td(ign_privList($privs) . popHelp("about_privileges")) : td(ign_getPrivLevel($privs) . popHelp("about_privileges")); $row[] = $allow_edit ? td($savelink) : ''; $row[] = $allow_edit ? hInput("user_id", $user_id) . eInput("ign_user_mgmt") . sInput('ign_userSave') : td(); $row[] = '</form>'; $row[] = $allow_edit ? td($deletelink, 10) : td(); //clean up last_access if ($last_access == 0) { $last_access = 'Never'; } $row[] = td($last_access); $out[] = tr(join('', $row)); unset($row); } $out[] = endTable(); $out[] = nav_form('ign_user_mgmt', $page, $numPages, $sort, 'asc', '1', '1'); return join('', $out); } }