function opf_save()
{
global $database;
$types = opf_get_types();
// get values
$id = opf_fetch_post('id', 0, 'int');
// id is set from opf_edit_filter() only
$type = opf_fetch_post('type', '', 'unchanged');
$name = opf_fetch_post('name', '', 'unchanged');
$func = opf_fetch_post('func', '', 'unchanged');
$funcname = opf_fetch_post('funcname', '', 'unchanged');
$desc = opf_fetch_post('desc', '', 'unchanged');
$active = opf_fetch_post('active', 0, 'int');
$modules = opf_fetch_post('modules', array(), 'unchanged');
//$pages = opf_fetch_post( 'pages', array(), 'unchanged');
$pages_parent = opf_fetch_post('pages_parent', array(), 'unchanged');
$searchres = opf_fetch_post('searchresult', FALSE, 'exists');
$backend = opf_fetch_post('backend', FALSE, 'exists');
if ($searchres !== FALSE) {
$pages_parent[] = '0';
}
if ($backend !== FALSE) {
$pages_parent[] = 'backend';
}
// cleanup
$desc = trim($desc);
$func = trim($func);
$name = trim($name);
$funcname = trim($funcname);
$type = array_key_exists($type, $types) ? $type : key($types);
$file = '';
$additional_values = serialize('');
// move single-page values from $pages_parent to $pages
$tmp_pages_parent = $tmp_pages = array();
foreach ($pages_parent as $pid) {
if (strpos($pid, 's') === 0) {
$tmp_pages[] = substr($pid, 1);
} else {
$tmp_pages_parent[] = $pid;
}
}
$pages_parent = $tmp_pages_parent;
$pages = $tmp_pages;
// add additional data
$filter_old = array();
if ($id > 0 && opf_db_query_vars("SELECT TRUE FROM " . TABLE_PREFIX . "mod_outputfilter_dashboard" . " WHERE `id`=%d", $id)) {
// comes from edit, so fetch old data from DB
$filter_old = opf_db_query("SELECT *" . " FROM " . TABLE_PREFIX . "mod_outputfilter_dashboard" . " WHERE `id`=%d", $id);
if (!empty($filter_old)) {
$filter_old = $filter_old[0];
$userfunc = $filter_old['userfunc'];
$plugin = $filter_old['plugin'];
$allowedit = $filter_old['allowedit'];
$allowedittarget = $filter_old['allowedittarget'];
$configurl = $filter_old['configurl'];
$helppath = unserialize($filter_old['helppath']);
$csspath = $filter_old['csspath'];
$file = $filter_old['file'];
}
} else {
// comes from add, add default values for inline-filters
$userfunc = 1;
$plugin = '';
$allowedit = 1;
$allowedittarget = 1;
$configurl = '';
$csspath = '';
$helppath = array();
}
// do we have to handle additional data?
if ($id > 0 && !empty($filter_old)) {
// comes from edit, so check additional_fields
$additional_fields = unserialize($filter_old['additional_fields']);
if (!empty($additional_fields)) {
$additional_values = array();
foreach ($additional_fields as $field) {
if (isset($_POST[$field['name']])) {
if (($field['type'] == 'textarea' || $field['type'] == 'editarea') && is_array($field['value'])) {
$a = array();
preg_match_all("~^\\s*'(.*?)'\\s*=>\\s*'(.*?)'\\s*,?\\s*\$~ms", opf_fetch_post($field['name'], '', 'unchanged'), $matches, PREG_SET_ORDER);
if (isset($matches) && $matches) {
foreach ($matches as $match) {
$a[$match[1]] = $match[2];
}
}
$additional_values[$field['variable']] = $a;
} elseif ($field['type'] == 'array') {
$a = array();
$i = 0;
while (isset($_POST[$field['name']]['k'][$i])) {
// we can't use opf_fetch_post() because we need to read from $_POST[$field['name']]['k'][$i]
$a[opf_fetch_clean($_POST[$field['name']]['k'][$i], '', 'unchanged', FALSE, TRUE)] = opf_fetch_clean($_POST[$field['name']]['v'][$i], '', 'unchanged', FALSE, TRUE);
$i++;
}
$additional_values[$field['variable']] = $a;
} else {
$additional_values[$field['variable']] = opf_fetch_post($field['name'], '', 'unchanged');
}
} else {
$additional_values[$field['variable']] = FALSE;
}
}
}
}
// use old values if we come from edit and allowedit is 0
if ($id > 0 && !empty($filter_old)) {
if ($allowedit == 0) {
$name = $filter_old['name'];
$funcname = $filter_old['funcname'];
$func = $filter_old['func'];
$type = $filter_old['type'];
$desc = unserialize($filter_old['desc']);
if ($allowedittarget == 0) {
$modules = unserialize($filter_old['modules']);
$pages = unserialize($filter_old['pages']);
$pages_parent = unserialize($filter_old['pages_parent']);
}
}
}
// prevent inline-filters from overwriting a different filter with same name
if ($id == 0) {
// we come from add-filter
while (opf_is_registered($name)) {
$name .= mt_rand(0, 9);
}
} else {
// we come from edit-filter: allow to overwrite old one (same $id)
if (opf_check_name($id) != $name) {
while (opf_is_registered($name)) {
$name .= mt_rand(0, 9);
}
}
}
// register or update filter
$res = opf_register_filter(array('id' => $id, 'type' => $type, 'name' => $name, 'func' => $func, 'file' => $file, 'funcname' => $funcname, 'modules' => $modules, 'pages' => $pages, 'pages_parent' => $pages_parent, 'desc' => $desc, 'userfunc' => $userfunc, 'plugin' => $plugin, 'active' => $active, 'allowedit' => $allowedit, 'allowedittarget' => $allowedittarget, 'configurl' => $configurl, 'csspath' => $csspath, 'helppath' => $helppath, 'force' => TRUE, 'filter_installed' => FALSE, 'additional_values' => $additional_values));
if ($res) {
if ($id == 0) {
return $database->getLastInsertId();
} else {
return $id;
}
}
return $res;
}
// load outputfilter-functions
require_once dirname(__FILE__) . '/functions.php';
// This file will be included from tool.php
// prevent this file from being accessed directly
if (!defined('WB_PATH')) {
die(header('Location: ../index.php'));
}
// check if user is allowed to use admin-tools (to prevent this file to be called by an unauthorized user e.g. from a code-section)
if (!$admin->get_permission('admintools')) {
die(header('Location: ../../index.php'));
}
// get unique name for filter-function
$function_name = uniqid('opff_');
// set filter-data (empty)
$id = 0;
$types = opf_get_types();
$type = key($types);
$name = $LANG['MOD_OPF']['TXT_INSERT_NAME'];
$active = 1;
$userfunc = 1;
$file = '';
$modules = array();
$pages_parent = array('all');
$pages = array('all');
$desc = $LANG['MOD_OPF']['TXT_INSERT_DESCRIPTION'];
$func = htmlspecialchars("<?php\nfunction {$function_name}(&\$content, \$page_id, \$section_id, \$module, \$wb) {\n // add filter here\n \n \n return(TRUE);\n}\n?>");
$funcname = $function_name;
$allowedit = 1;
$allowedittarget = 1;
$filter_type_options = '';
foreach ($types as $value => $text) {
} else {
$aRows = $_POST['id'];
require_once '../../../config.php';
// check if user has permissions to access the outputfilter_dashboard module
require_once WB_PATH . '/framework/class.admin.php';
$admin = new admin('admintools', 'admintools', false, false);
if (!($admin->is_authenticated() && $admin->get_permission('outputfilter_dashboard', 'module'))) {
$aJsonRespond['message'] = 'insuficcient rights';
exit(json_encode($aJsonRespond));
}
// Sanitize variables
$action = $admin->add_slashes($_POST['action']);
if ($action == "updatePosition") {
$i = array();
$i_keys = array();
foreach (opf_get_types() as $type => $typename) {
$i[$type] = 1;
$i_keys[] = $type;
}
foreach ($aRows as $recID) {
$id = $admin->checkIDKEY($recID, 0, 'key', true);
$filter = opf_get_data($id);
$type = $filter['type'];
// now we sanitize array
$qstring = "UPDATE `" . TABLE_PREFIX . "mod_outputfilter_dashboard`" . " SET `position` = '" . $i[$type] . "'" . " WHERE `id` = " . intval($id) . " ";
if (!opf_db_run_query($qstring)) {
$aJsonRespond['success'] = false;
$aJsonRespond['message'] = 'db query failed: ' . opf_db_get_error();
$aJsonRespond['icon'] = 'cancel.gif';
exit(json_encode($aJsonRespond));
}
