public function preparePage() { $this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager); $this->P->cb_pagetype = 'content'; $this->P->cb_subnav = 'admin'; $this->P->cb_customcontenttemplate = 'textcatadmin'; $return = ''; if (!isset($_REQUEST["action"]) || $_REQUEST["action"] == '') { $aData = $this->textcats->getCompleteTextcatForCurrentLang(); $aListSetting = [['title' => HardcodedText::get('textcatadmin_list_title_key'), 'key' => 'tc_key', 'width' => '20%', 'linked' => false], ['title' => HardcodedText::get('textcatadmin_list_title_text'), 'key' => 'tcl_text', 'width' => '80%', 'linked' => false, 'escapehtmlspecialchars' => true], ['title' => HardcodedText::get('textcatadmin_list_title_edit'), 'key' => 'tc_id', 'width' => 35, 'linked' => true, 'ltarget' => '/_admin/textcatadmin.html', 'lkeyname' => 'id', 'lgetvars' => ['action' => 'edit']]]; $return .= Tools::makeListtable($aListSetting, $aData, $this->serviceManager->get('twig')); } elseif ($_GET["action"] == 'edit' || $_GET["action"] == 'delete') { if ($_GET["action"] == 'delete' && isset($_POST["delete"]) && $_POST["delete"] == 'do') { $this->textcats->deleteText($_GET["id"]); $this->P->cb_customdata["deleted"] = true; } else { $this->P->cb_customdata["edit"] = true; $this->textcats->initTextIfVoid($_GET["id"]); // if post:edit is set, update if (isset($_POST["edit"]) && $_POST["edit"] == 'do') { if (HelperConfig::$core['textcat_enable_purifier']) { $this->textcats->purifier = \HaaseIT\HCSF\Helper::getPurifier('textcat'); } else { $this->textcats->purifier = false; } $this->textcats->saveText($_POST["lid"], $_POST["text"]); $this->P->cb_customdata["updated"] = true; } $aData = $this->textcats->getSingleTextByID($_GET["id"]); $this->P->cb_customdata["editform"] = ['id' => $aData["tc_id"], 'lid' => $aData["tcl_id"], 'key' => $aData["tc_key"], 'lang' => $aData["tcl_lang"], 'text' => $aData["tcl_text"]]; // show archived versions of this textcat /** @var \PDOStatement $hResult */ $hResult = $this->serviceManager->get('db')->query('SELECT * FROM textcat_lang_archive WHERE tcl_id = ' . $aData["tcl_id"] . " AND tcl_lang = '" . HelperConfig::$lang . "' ORDER BY tcla_timestamp DESC"); $iArchivedRows = $hResult->rowCount(); if ($iArchivedRows > 0) { $aListSetting = [['title' => 'tcla_timestamp', 'key' => 'tcla_timestamp', 'width' => '15%', 'linked' => false], ['title' => 'tcl_text', 'key' => 'tcl_text', 'width' => '85%', 'linked' => false, 'escapehtmlspecialchars' => true]]; $aData = $hResult->fetchAll(); $this->P->cb_customdata['archived_list'] = Tools::makeListtable($aListSetting, $aData, $this->serviceManager->get('twig')); } } } elseif ($_GET["action"] == 'add') { $this->P->cb_customdata["add"] = true; if (isset($_POST["add"]) && $_POST["add"] == 'do') { $this->P->cb_customdata["err"] = $this->textcats->verifyAddTextKey($_POST["key"]); if (count($this->P->cb_customdata["err"]) == 0) { $this->P->cb_customdata["addform"] = ['key' => $_POST["key"], 'id' => $this->textcats->addTextKey($_POST["key"])]; } } } $this->P->oPayload->cl_html = $return; }
/** * */ public function preparePage() { $this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager); $this->P->cb_pagetype = 'content'; $this->P->cb_subnav = 'admin'; $this->P->cb_customcontenttemplate = 'pageadmin'; // adding language to page here if (isset($_REQUEST["action"]) && $_REQUEST["action"] == 'insert_lang') { $Ptoinsertlang = new UserPage($this->serviceManager, $_REQUEST["page_key"], true); if ($Ptoinsertlang->cb_id != NULL && $Ptoinsertlang->oPayload->cl_id == NULL) { $Ptoinsertlang->oPayload->insert($Ptoinsertlang->cb_id); header('Location: /_admin/pageadmin.html?page_key=' . $Ptoinsertlang->cb_key . '&action=edit'); die; } else { die(HardcodedText::get('pageadmin_exception_couldnotinsertlang')); } } if (!isset($this->get["action"])) { $this->P->cb_customdata["pageselect"] = $this->showPageselect(); } elseif (($this->get["action"] == 'edit' || $this->get["action"] == 'delete') && isset($_REQUEST["page_key"]) && $_REQUEST["page_key"] != '') { if ($this->get["action"] == 'delete' && isset($this->post["delete"]) && $this->post["delete"] == 'do') { // delete and put message in customdata $Ptodelete = new UserPage($this->serviceManager, $this->get["page_key"], true); if ($Ptodelete->cb_id != NULL) { $Ptodelete->remove(); } else { die(HardcodedText::get('pageadmin_exception_pagetodeletenotfound')); } $this->P->cb_customdata["deleted"] = true; } else { // edit or update page if (isset($_REQUEST["page_key"]) && ($Ptoedit = new UserPage($this->serviceManager, $_REQUEST["page_key"], true))) { if (isset($_REQUEST["action_a"]) && $_REQUEST["action_a"] == 'true') { if (HelperConfig::$core['pagetext_enable_purifier']) { $purifier = \HaaseIT\HCSF\Helper::getPurifier('page'); } else { $purifier = false; } $Ptoedit->cb_pagetype = $this->post['page_type']; $Ptoedit->cb_group = $this->post['page_group']; $Ptoedit->cb_pageconfig = $this->post['page_config']; $Ptoedit->cb_subnav = $this->post['page_subnav']; $Ptoedit->purifier = $purifier; $Ptoedit->write(); if ($Ptoedit->oPayload->cl_id != NULL) { $Ptoedit->oPayload->cl_html = $this->post['page_html']; $Ptoedit->oPayload->cl_title = $this->post['page_title']; $Ptoedit->oPayload->cl_description = $this->post['page_description']; $Ptoedit->oPayload->cl_keywords = $this->post['page_keywords']; $Ptoedit->oPayload->purifier = $purifier; $Ptoedit->oPayload->write(); } $Ptoedit = new UserPage($this->serviceManager, $_REQUEST["page_key"], true); $this->P->cb_customdata["updated"] = true; } $this->P->cb_customdata["page"] = $Ptoedit; $this->P->cb_customdata["admin_page_types"] = HelperConfig::$core["admin_page_types"]; $this->P->cb_customdata["admin_page_groups"] = HelperConfig::$core["admin_page_groups"]; $aOptions = ['']; foreach (HelperConfig::$navigation as $sKey => $aValue) { if ($sKey == 'admin') { continue; } $aOptions[] = $sKey; } $this->P->cb_customdata["subnavarea_options"] = $aOptions; unset($aOptions); // show archived versions of this page if ($Ptoedit->oPayload->cl_id != NULL) { /** @var \PDOStatement $hResult */ $hResult = $this->serviceManager->get('db')->query('SELECT * FROM content_lang_archive WHERE cl_id = ' . $Ptoedit->oPayload->cl_id . " AND cl_lang = '" . HelperConfig::$lang . "' ORDER BY cla_timestamp DESC"); $iArchivedRows = $hResult->rowCount(); if ($iArchivedRows > 0) { $aListSetting = [['title' => 'cla_timestamp', 'key' => 'cla_timestamp', 'width' => '15%', 'linked' => false], ['title' => 'cl_html', 'key' => 'cl_html', 'width' => '40%', 'linked' => false, 'escapehtmlspecialchars' => true], ['title' => 'cl_keywords', 'key' => 'cl_keywords', 'width' => '15%', 'linked' => false, 'escapehtmlspecialchars' => true], ['title' => 'cl_description', 'key' => 'cl_description', 'width' => '15%', 'linked' => false, 'escapehtmlspecialchars' => true], ['title' => 'cl_title', 'key' => 'cl_title', 'width' => '15%', 'linked' => false, 'escapehtmlspecialchars' => true]]; $aData = $hResult->fetchAll(); $this->P->cb_customdata['archived_list'] = \HaaseIT\Tools::makeListtable($aListSetting, $aData, $this->serviceManager->get('twig')); } } } else { die(HardcodedText::get('pageadmin_exception_pagenotfound')); } } } elseif ($this->get["action"] == 'addpage') { $aErr = []; if (isset($this->post["addpage"]) && $this->post["addpage"] == 'do') { $sPagekeytoadd = \trim(\filter_input(INPUT_POST, 'pagekey', FILTER_SANITIZE_SPECIAL_CHARS)); if (mb_substr($sPagekeytoadd, 0, 2) == '/_') { $aErr["reservedpath"] = true; } elseif (strlen($sPagekeytoadd) < 4) { $aErr["keytooshort"] = true; } else { $Ptoadd = new UserPage($this->serviceManager, $sPagekeytoadd, true); if ($Ptoadd->cb_id == NULL) { if ($Ptoadd->insert($sPagekeytoadd)) { header('Location: /_admin/pageadmin.html?page_key=' . $sPagekeytoadd . '&action=edit'); die; } else { die(HardcodedText::get('pageadmin_exception_couldnotinsertpage')); } } else { $aErr["keyalreadyinuse"] = true; } } $this->P->cb_customdata["err"] = $aErr; unset($aErr); } $this->P->cb_customdata["showaddform"] = true; } }
/** * */ public function preparePage() { $this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager); $this->P->cb_pagetype = 'content'; $this->P->cb_subnav = 'admin'; $this->P->cb_customcontenttemplate = 'shop/itemadmin'; if (isset($this->get["action"]) && $this->get["action"] == 'insert_lang') { $aItemdata = $this->admin_getItem(); if (isset($aItemdata["base"]) && !isset($aItemdata["text"])) { $aData = ['itml_pid' => $aItemdata["base"]['itm_id'], 'itml_lang' => HelperConfig::$lang]; $sql = DBTools::buildInsertQuery($aData, 'item_lang'); $this->db->exec($sql); header('Location: /_admin/itemadmin.html?itemno=' . $this->get["itemno"] . '&action=showitem'); die; } } $this->P->cb_customdata["searchform"] = $this->admin_prepareItemlistsearchform(); if (isset($this->get["action"])) { if ($this->get["action"] == 'search') { $this->P->cb_customdata["searchresult"] = true; if ($aItemlist = $this->admin_getItemlist()) { if (count($aItemlist["data"]) == 1) { $aItemdata = $this->admin_getItem($aItemlist["data"][0]['itm_no']); $this->P->cb_customdata["item"] = $this->admin_prepareItem($aItemdata); } else { $this->P->cb_customdata["itemlist"] = $this->admin_prepareItemlist($aItemlist); } } } elseif (isset($this->post["doaction"]) && $this->post["doaction"] == 'edititem') { $this->admin_updateItem(\HaaseIT\HCSF\Helper::getPurifier('item')); $this->P->cb_customdata["itemupdated"] = true; $aItemdata = $this->admin_getItem(); $this->P->cb_customdata["item"] = $this->admin_prepareItem($aItemdata); } elseif ($this->get["action"] == 'showitem') { $aItemdata = $this->admin_getItem(); $this->P->cb_customdata["item"] = $this->admin_prepareItem($aItemdata); } elseif ($this->get["action"] == 'additem') { $aErr = []; if (isset($this->post["additem"]) && $this->post["additem"] == 'do') { if (strlen($this->post["itemno"]) < 4) { $aErr["itemnotooshort"] = true; } else { $sql = 'SELECT itm_no FROM item_base WHERE itm_no = \''; $sql .= \trim(\filter_input(INPUT_POST, 'itemno', FILTER_SANITIZE_SPECIAL_CHARS)) . "'"; $hResult = $this->db->query($sql); $iRows = $hResult->rowCount(); if ($iRows > 0) { $aErr["itemnoalreadytaken"] = true; } else { $aData = ['itm_no' => trim(\filter_input(INPUT_POST, 'itemno', FILTER_SANITIZE_SPECIAL_CHARS))]; $sql = DBTools::buildInsertQuery($aData, 'item_base'); $this->db->exec($sql); $iInsertID = $this->db->lastInsertId(); $sql = 'SELECT itm_no FROM item_base WHERE itm_id = ' . $iInsertID; $hResult = $this->db->query($sql); $aRow = $hResult->fetch(); header('Location: /_admin/itemadmin.html?itemno=' . $aRow['itm_no'] . '&action=showitem'); die; } } } $this->P->cb_customdata["showaddform"] = true; $this->P->cb_customdata["err"] = $aErr; } } }
/** * */ public function preparePage() { $this->P = new \HaaseIT\HCSF\CorePage($this->serviceManager); $this->P->cb_pagetype = 'content'; $this->P->cb_subnav = 'admin'; $this->P->cb_customcontenttemplate = 'shop/itemgroupadmin'; $return = ''; if (isset($_REQUEST["action"]) && $_REQUEST["action"] == 'insert_lang') { $sql = 'SELECT itmg_id FROM itemgroups_base WHERE itmg_id = :gid'; $hResult = $this->db->prepare($sql); $hResult->bindValue(':gid', $_REQUEST["gid"]); $hResult->execute(); $iNumRowsBasis = $hResult->rowCount(); $sql = 'SELECT itmgt_id FROM itemgroups_text WHERE itmgt_pid = :gid AND itmgt_lang = :lang'; $hResult = $this->db->prepare($sql); $hResult->bindValue(':gid', $_REQUEST["gid"]); $hResult->bindValue(':lang', HelperConfig::$lang); $hResult->execute(); $iNumRowsLang = $hResult->rowCount(); if ($iNumRowsBasis == 1 && $iNumRowsLang == 0) { $iGID = filter_var($_REQUEST["gid"], FILTER_SANITIZE_NUMBER_INT); $aData = ['itmgt_pid' => $iGID, 'itmgt_lang' => HelperConfig::$lang]; $sql = DBTools::buildPSInsertQuery($aData, 'itemgroups_text'); $hResult = $this->db->prepare($sql); foreach ($aData as $sKey => $sValue) { $hResult->bindValue(':' . $sKey, $sValue); } $hResult->execute(); header('Location: /_admin/itemgroupadmin.html?gid=' . $iGID . '&action=editgroup'); die; } } if (isset($_REQUEST["action"]) && $_REQUEST["action"] == 'editgroup') { if (isset($_REQUEST["do"]) && $_REQUEST["do"] == 'true') { $this->P->cb_customdata["updatestatus"] = $this->admin_updateGroup(\HaaseIT\HCSF\Helper::getPurifier('itemgroup')); } $iGID = filter_var($_REQUEST["gid"], FILTER_SANITIZE_NUMBER_INT); $aGroup = $this->admin_getItemgroups($iGID); if (isset($_REQUEST["added"])) { $this->P->cb_customdata["groupjustadded"] = true; } $this->P->cb_customdata["showform"] = 'edit'; $this->P->cb_customdata["group"] = $this->admin_prepareGroup('edit', $aGroup[0]); } elseif (isset($_REQUEST["action"]) && $_REQUEST["action"] == 'addgroup') { $aErr = []; if (isset($_REQUEST["do"]) && $_REQUEST["do"] == 'true') { $sName = filter_var($_REQUEST["name"], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW); $sGNo = filter_var($_REQUEST["no"], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW); $sImg = filter_var($_REQUEST["img"], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW); if (strlen($sName) < 3) { $aErr["nametooshort"] = true; } if (strlen($sGNo) < 3) { $aErr["grouptooshort"] = true; } if (count($aErr) == 0) { $sql = 'SELECT itmg_no FROM itemgroups_base WHERE itmg_no = :no'; $hResult = $this->db->prepare($sql); $hResult->bindValue(':no', $sGNo); $hResult->execute(); if ($hResult->rowCount() > 0) { $aErr["duplicateno"] = true; } } if (count($aErr) == 0) { $aData = ['itmg_name' => $sName, 'itmg_no' => $sGNo, 'itmg_img' => $sImg]; $sql = DBTools::buildPSInsertQuery($aData, 'itemgroups_base'); $hResult = $this->db->prepare($sql); foreach ($aData as $sKey => $sValue) { $hResult->bindValue(':' . $sKey, $sValue); } $hResult->execute(); $iLastInsertID = $this->db->lastInsertId(); header('Location: /_admin/itemgroupadmin.html?action=editgroup&added&gid=' . $iLastInsertID); die; } else { $this->P->cb_customdata["err"] = $aErr; $this->P->cb_customdata["showform"] = 'add'; $this->P->cb_customdata["group"] = $this->admin_prepareGroup('add'); } } else { $this->P->cb_customdata["showform"] = 'add'; $this->P->cb_customdata["group"] = $this->admin_prepareGroup('add'); } } else { if (!($return .= $this->admin_showItemgroups($this->admin_getItemgroups('')))) { $this->P->cb_customdata["err"]["nogroupsavaliable"] = true; } } $this->P->oPayload->cl_html = $return; }