function getMenuLinks()
{
global $CURRENT_USER, $APP;
$menuLinks = '';
foreach (_getMenuList() as $row) {
// set defaults
if (!array_key_exists('menuType', $row)) {
$row['menuType'] = '';
}
if (!array_key_exists('tableName', $row)) {
$row['tableName'] = '';
}
if (!array_key_exists('linkTarget', $row)) {
$row['linkTarget'] = '';
}
// check menu access
if (!$CURRENT_USER) {
$hasMenuAccess = false;
} elseif (!$row['tableName'] && $CURRENT_USER['isAdmin']) {
$hasMenuAccess = true;
} else {
$hasMenuAccess = userSectionAccess($row['tableName']) >= 3;
}
// accessLevel: viewer or better
if (!$hasMenuAccess) {
continue;
}
// don't display if user doesn't have access
$rowHtml = '';
// show menu groups
if ($row['menuType'] == 'menugroup') {
$rowHtml .= _openMenuGroupList($row['menuName'], $row['isSelected']);
} else {
$rowHtml .= _openMenuGroupList('', $row['isSelected'], true);
$class = $row['isSelected'] ? 'current ' : '';
$style = "";
$menuName = htmlencode($row['menuName']);
if (@$row['_indent']) {
$class .= 'indented_menu';
}
if (@$row['tableName'] == '_error_log' && @$row['recordCount'] > 0) {
$style .= 'color: #F55;';
}
// highlight errors
$jsEscapedMessage = jsEncode(htmlencode(@$row['linkMessage']));
$onclick = @$row['linkMessage'] ? "onclick=\"alert('{$jsEscapedMessage}');\"" : "";
$target = $row['linkTarget'];
$href = $row['link'];
$rowHtml .= " <li><a class='{$class}' style='{$style}' href='{$href}' {$target} {$onclick}>{$menuName}</a></li>\n";
}
$rowHtml = applyFilters('menulinks_rowHtml', $rowHtml, $row);
$menuLinks .= $rowHtml;
}
//
$menuLinks .= _closeMenuGroupList();
//
return $menuLinks;
}
require_once '../config.inc.php';
require_once '../funcs.inc.php';
//get comments from database
$comments = $db->query("SELECT * FROM em_comments WHERE object_id = " . $db->quote($_REQUEST['object_id']) . " ORDER BY id")->fetchAll();
// -- form output ------------------------------------------------
$total = count($comments);
$counter = 1;
$html = '<div id="emContent">';
if ($total > $CCOUNT) {
$html .= '<div class="emShowAllComments" id="emShowAllComments"><a href="javascript:viewAllComments();">' . $lang['view'] . ' <span id="total_em_comments">' . $total . '</span> ' . $lang['view2'] . '</a></div>';
}
foreach ($comments as $comment) {
if ($comment['sender_name']) {
if ($comment['sender_mail']) {
$comment['sender_name'] = jsEncode($comment['sender_mail'], $comment['sender_name']);
}
$sender = '<span class="emSenderName">' . $comment['sender_name'] . '</span>: ';
} else {
$sender = '';
}
$html .= '<div class="emComment" id="comment_' . $comment['id'] . '" ' . ($counter < $total - ($CCOUNT - 1) ? 'style="display:none"' : '') . '>
<div class="emCommentImage">
<img src="http://www.gravatar.com/avatar/' . gravatar($comment['sender_mail']) . '" width="32" height="32" alt="Gravatar" />
</div>
<div class="emCommentText">
' . $sender . stripslashes($comment['comment_text']) . '
</div>
<div class="emCommentInto">
' . strftime($DATEFORMAT, strtotime($comment['created'])) . '
</div>
function _getRecords_getListDetails($options, $rowCount, $totalRecords, $schema)
{
global $VIEWER_NAME;
$details = array();
### get list details
$details = array();
$details['invalidPageNum'] = !$rowCount && $options['pageNum'] > 1;
$details['noRecordsFound'] = !$rowCount && $options['pageNum'] == 1;
$details['page'] = $options['pageNum'];
$details['perPage'] = @$options['perPage'];
$details['fromCache'] = 0;
$details['totalPages'] = 1;
if (@$options['perPage'] && $totalRecords > $options['perPage']) {
$details['totalPages'] = ceil($totalRecords / $options['perPage']);
}
$details['totalRecords'] = $totalRecords;
$details['pageResultsStart'] = min($totalRecords, $options['offset'] + 1);
$details['pageResultsEnd'] = min($totalRecords, $options['offset'] + $options['limit']);
# get page nums
$_minOfPageNumAndTotalPages = min($options['pageNum'], $details['totalPages']);
$details['prevPage'] = $_minOfPageNumAndTotalPages > 1 ? $_minOfPageNumAndTotalPages - 1 : '';
$details['nextPage'] = $_minOfPageNumAndTotalPages < $details['totalPages'] ? $_minOfPageNumAndTotalPages + 1 : '';
if ($details['invalidPageNum']) {
$details['prevPage'] = $details['totalPages'];
}
// pass query arguments forward in page links - use http_build_query to support multi-value fields, like this: ?colors[]=red&colors[]=blue&etc...
$filteredRequest = $_REQUEST;
unset($filteredRequest['page']);
$extraQueryArgs = http_build_query($filteredRequest, null, '&');
if ($extraQueryArgs) {
$extraQueryArgs .= '&';
}
$extraQueryArgs = preg_replace('/=&/i', '&', $extraQueryArgs);
// v2.50 for query keys with no value remove trailing =, eg: ?record-title-123 instead of ?record-title-123=
$extraQueryArgs = preg_replace('/(%5B|\\[)\\d+(\\]|%5D)/i', '[]', $extraQueryArgs);
// square brackets get escaped as of PHP 5.1.3 - replace colors[0], colors[1] with colors[], see: http://php.net/manual/en/function.http-build-query.php#77377
$extraPathInfoArgs = str_replace(array('=', '&'), array('-', '/'), $extraQueryArgs);
# get page links
$listViewer = @$_SERVER['SCRIPT_NAME'];
$listViewer = str_replace(' ', '%20', $listViewer);
// v2.50 : url encoded spaces
$details['prevPageLink'] = $listViewer;
$details['nextPageLink'] = $listViewer;
$details['firstPageLink'] = $listViewer;
$details['lastPageLink'] = $listViewer;
// use the same url for page 1 urls if possible, not viewer.php and viewer.php?page=1
// see: http://www.google.com/support/webmasters/bin/answer.py?hl=en&answer=66359
if (@$options['useSeoUrls']) {
$details['firstPageLink'] .= $extraPathInfoArgs ? "/{$extraPathInfoArgs}page-1/" : '';
$details['prevPageLink'] .= $details['prevPage'] != 1 || $extraPathInfoArgs ? "/{$extraPathInfoArgs}page-{$details['prevPage']}/" : '';
$details['nextPageLink'] .= "/{$extraPathInfoArgs}page-{$details['nextPage']}/";
$details['lastPageLink'] .= $details['totalPages'] != 1 || $extraPathInfoArgs ? "/{$extraPathInfoArgs}page-{$details['totalPages']}/" : '';
} else {
$details['firstPageLink'] .= $extraQueryArgs ? "?{$extraQueryArgs}page=1" : '';
$details['prevPageLink'] .= $details['prevPage'] != 1 || $extraQueryArgs ? "?{$extraQueryArgs}page={$details['prevPage']}" : '';
$details['nextPageLink'] .= "?{$extraQueryArgs}page={$details['nextPage']}";
$details['lastPageLink'] .= $details['totalPages'] != 1 || $extraQueryArgs ? "?{$extraQueryArgs}page=" . $details['totalPages'] : '';
}
//
$details['_detailPage'] = @$schema['_detailPage'] ? PREFIX_URL . $schema['_detailPage'] : '';
$details['_listPage'] = @$schema['_listPage'] ? PREFIX_URL . $schema['_listPage'] : "javascript:alert('Set List Page Url for this section in: Admin > Section Editors > " . jsEncode($schema['menuName']) . " > Viewer Urls')";
$details['_listPage'] = str_replace(' ', '%20', $details['_listPage']);
// v2.60 : urlencode spaces so they validate
return $details;
}
function relatedRecordsButton($label, $url, $addReturnUrl = true)
{
// get menu type
$isViewMenu = @$GLOBALS['action'] == 'view';
// view menus - we always have record number so just redirect
// get target url
$recordNumOrPlaceholder = $isViewMenu ? intval($_REQUEST['num']) : '###';
// ### gets replaced by saveRedirectAndReturn() in edit_functions.js
if ($isViewMenu) {
$url = str_replace('###', intval($_REQUEST['num']), $url);
}
// replace any occurances of ### in $url (in case it's used in multiple places)
if ($addReturnUrl) {
$url .= "&returnUrl=" . urlencode(thisPageUrl(array('num' => $recordNumOrPlaceholder), true));
}
// get onclick
if ($isViewMenu) {
$onclick = htmlencode('window.location="' . jsEncode($url) . '"; return false;');
} else {
$onclick = htmlencode('saveRedirectAndReturn("' . jsEncode($url) . '"); return false;');
}
// call saveRedirectAndReturn() to save record, get record num, and replace ### with real record num in links
// create button
$button = "<a href='#' onclick='{$onclick}'><input class='button' type='button' name='_null_' value='" . htmlencode($label) . "' /></a>\n";
return $button;
}
require_once '../config.inc.php';
require_once '../funcs.inc.php';
$_REQUEST['comment'] = cleanInput($_REQUEST['comment']);
$_REQUEST['sender_name'] = cleanInput($_REQUEST['sender_name']);
$_REQUEST['sender_mail'] = cleanInput($_REQUEST['sender_mail']);
//error check extreme
if ($_REQUEST['sender_name'] == $lang['enterName']) {
unset($_REQUEST['sender_name']);
}
if ($_REQUEST['sender_mail'] == $lang['enterMail']) {
unset($_REQUEST['sender_mail']);
}
//insert comment into database
$db->exec('INSERT INTO em_comments SET
object_id = ' . $db->quote($_REQUEST['object_id']) . ',
created = NOW(),
sender_name = ' . $db->quote($_REQUEST['sender_name']) . ',
sender_mail = ' . $db->quote($_REQUEST['sender_mail']) . ',
sender_ip = ' . (int) ip2long($_SERVER['REMOTE_ADDR']) . ',
comment_text = ' . $db->quote($_REQUEST['comment']));
$total = $db->query("SELECT count(*) AS total FROM em_comments WHERE object_id = " . $db->quote($_REQUEST['object_id']))->fetch();
if ($_REQUEST['sender_name']) {
if ($_REQUEST['sender_mail']) {
$_REQUEST['sender_name'] = jsEncode($_REQUEST['sender_mail'], $_REQUEST['sender_name']);
}
$sender = '<span class="emSenderName">' . $_REQUEST['sender_name'] . '</span>: ';
} else {
$sender = '';
}
header('Content-type: application/x-json');
echo json_encode(array('id' => $db->lastInsertId(), 'text' => stripslashes($sender . $_REQUEST['comment']), 'name' => stripslashes($_REQUEST['sender_name']), 'mail' => stripslashes($_REQUEST['sender_mail']), 'image' => '<img src="http://www.gravatar.com/avatar/' . gravatar($_REQUEST['sender_mail']) . '" />', 'date' => strftime($DATEFORMAT), 'total' => (int) $total['total']));
function _showPluginActions($pluginData)
{
global $APP;
$hasRequiredCmsVersion = @$pluginData['requiresAtLeast'] <= $APP['version'];
// system plugins
if ($pluginData['isSystemPlugin']) {
doAction('plugin_actions', $pluginData['filename']);
if (!$hasRequiredCmsVersion) {
print t('Requires') . "<br />" . $pluginData['requiresAtLeast'];
}
}
// active plugins
if ($pluginData['isActive'] && !$pluginData['isSystemPlugin']) {
$onclick = "return redirectWithPost('?', {menu:'admin', action:'deactivatePlugin', file: '" . jsEncode($pluginData['filename']) . "', '_CSRFToken': \$('[name=_CSRFToken]').val()});";
print "<a href='#' onclick=\"{$onclick}\">" . t('Deactivate') . "</a><br/>\n";
doAction('plugin_actions', $pluginData['filename']);
}
// inactive plugins
if (!$pluginData['isActive'] && !$pluginData['isSystemPlugin']) {
$onclick = "return redirectWithPost('?', {menu:'admin', action:'activatePlugin', file: '" . jsEncode($pluginData['filename']) . "', '_CSRFToken': \$('[name=_CSRFToken]').val()});";
if ($hasRequiredCmsVersion) {
print "<a href='#' onclick=\"{$onclick}\">" . t('Activate') . "</a>\n";
} else {
print t('Requires') . "<br />" . $pluginData['requiresAtLeast'];
}
}
}
if (advancedType == '') { description = '<?php
echo jsEncode(t("select an advanced menu type to see the description."));
?>
'; }
else if (advancedType == 'category') { description = '<?php
echo jsEncode(t("category menus let you organize records in a tree structure and are for creating website menus and navigation."));
?>
'; }
else if (advancedType == 'menugroup') { description = '<?php
echo jsEncode(t("menu groups let you create menu headers to group related menu options under."));
?>
'; }
else if (advancedType == 'textlink') { description = '<?php
echo jsEncode(t("text links let you add an external link to your menu that looks the same as a regular menu item."));
?>
'; }
else { description = "<?php
echo jsEncode(t("Unknown advanced type"));
?>
'" +advancedType+ "'"; }
$('#advancedDescription').html( description );
}
</script>
</form>
</body>
</html>
function _showUpload($fieldSchema, $record)
{
global $preSaveTempId, $SETTINGS, $menu;
$prefixText = @$fieldSchema['fieldPrefix'];
$description = @$fieldSchema['description'];
if ($prefixText) {
$prefixText .= "<br/>";
}
// create uploadList url
$uploadList = "?" . "menu=" . urlencode($menu) . "&action=uploadList" . "&fieldName=" . urlencode($fieldSchema['name']) . "&num=" . urlencode(@$_REQUEST['num']) . "&preSaveTempId=" . urlencode($preSaveTempId);
// create uploadLink url
$uploadLink = "?menu=" . urlencode($menu) . "&action=uploadForm" . "&fieldName=" . urlencode($fieldSchema['name']) . "&num=" . urlencode(@$_REQUEST['num']) . "&preSaveTempId=" . urlencode($preSaveTempId) . "&TB_iframe=true&height=350&width=700&modal=true";
// error checking
$errors = '';
list($uploadDir, $uploadUrl) = getUploadDirAndUrl($fieldSchema);
if (!file_exists($uploadDir)) {
mkdir_recursive($uploadDir, 0755);
}
// create upload dir (if not possible, dir not exists error will show below)
if (!file_exists($uploadDir)) {
$errors .= "Upload directory '" . htmlencode($uploadDir) . "' doesn't exist!.<br/>\n";
} elseif (!is_writable($uploadDir)) {
$errors .= "Upload directory '" . htmlencode($uploadDir) . "' isn't writable!.<br/>\n";
}
// display errors
if ($errors) {
print <<<__HTML__
<tr>
<td valign="top"><br/>{$fieldSchema['label']}<br/></td>
<td><div id='alert'><span>{$errors}</span></div></td>
</tr>
__HTML__;
return;
}
// display field
?>
<tr>
<td style="vertical-align: top"><?php
echo $fieldSchema['label'];
?>
</td>
<td>
<?php
echo $prefixText;
?>
<iframe id="<?php
echo $fieldSchema['name'];
?>
_iframe" src="<?php
echo $uploadList;
?>
" height="100" width="100%" frameborder="0" class="uploadIframe"></iframe><br/>
<?php
$displayDefaultLink = applyFilters('edit_show_upload_link', true, $fieldSchema, $record);
?>
<?php
if ($displayDefaultLink) {
?>
<div style="position: relative; height: 24px;">
<div style="position: absolute; top: 6px; width: 100%; text-align: center;">
<?php
if (inDemoMode()) {
?>
<a href="javascript:alert('<?php
echo jsEncode(t('This feature is disabled in demo mode.'));
?>
')"><b><?php
echo t('Add or Upload File(s)');
?>
</b></a>
<?php
} else {
?>
<a href="<?php
echo $uploadLink;
?>
" class="thickbox"><b><?php
echo t('Add or Upload File(s)');
?>
</b></a>
<?php
}
?>
</div>
<div style="position: absolute; z-index: 1; width: 100%; text-align: center;">
<div id="<?php
echo $fieldSchema['name'];
?>
_uploadButton"></div>
</div>
</div>
<?php
$useFlashUploader = !@$SETTINGS['advanced']['disableFlashUploader'];
?>
<?php
if ($useFlashUploader && !inDemoMode()) {
?>
<?php
$fileExtCSV = implode(',', preg_split("/\\s*\\,\\s*/", strtolower($fieldSchema['allowedExtensions'])));
?>
<div id="<?php
echo $fieldSchema['name'];
?>
_uploadTips" style="display: none; text-align: center; font-size: xx-small; margin-top: 2px;">
<?php
$isMac = preg_match('/macintosh|mac os x/i', @$_SERVER['HTTP_USER_AGENT']);
$key = $isMac ? '<Command>' : '<Ctrl>';
if (@$fieldSchema['maxUploads'] != 1) {
echo htmlencode(t("Tip: hold {$key} to select multiple files"));
}
?>
<br/>
<?php
echo $description;
?>
</div>
<div class="uploadifyQueue" id="<?php
echo $fieldSchema['name'];
?>
_uploadQueue"></div>
<script type="text/javascript">// <![CDATA[
$(document).ready(function() {
$('#<?php
echo $fieldSchema['name'];
?>
_uploadButton').uploadify(generateUploadifyOptions({
'script' : <?php
echo json_encode(basename(@$_SERVER['SCRIPT_NAME']));
?>
,
'modifyAfterSave' : <?php
echo count(getUploadInfoFields($fieldSchema['name']));
?>
,
'menu' : <?php
echo json_encode($menu);
?>
,
'fieldName' : <?php
echo json_encode($fieldSchema['name']);
?>
,
'num' : <?php
echo json_encode(@$_REQUEST['num'] ? $_REQUEST['num'] : '');
?>
,
'preSaveTempId' : <?php
echo json_encode($preSaveTempId);
?>
,
'buttonText' : <?php
echo json_encode(t('Upload File(s)'));
?>
,
'fileExtCSV' : <?php
echo json_encode($fileExtCSV);
?>
,
'maxUploadSizeKB' : <?php
echo json_encode($fieldSchema['checkMaxUploadSize'] ? $fieldSchema['maxUploadSizeKB'] : 0);
?>
,
'loginDataEncoded' : <?php
echo json_encode(@$_COOKIE[loginCookie_name(true)]);
?>
,
'queueID' : <?php
echo json_encode($fieldSchema['name'] . "_uploadQueue");
?>
}));
});
// ]]></script>
<?php
}
?>
<?php
}
?>
</td>
</tr>
<?php
}
function escapeJs($str)
{
return jsEncode($str);
}
