4 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
5 * Copyright (C) 2002-2011 The Nucleus Group
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
11 * (see nucleus/documentation/index.html#license for more info)
14 * code to make it easier to create plugin admin areas
16 * @license http://nucleuscms.org/license.txt GNU General Public License
17 * @copyright Copyright (C) 2002-2011 The Nucleus Group
19 * $NucleusJP: PLUGINADMIN.php,v 1.8.2.2 2007/10/23 22:48:56 kmorimatsu Exp $
24 var $strFullName; // NP_SomeThing
\r
25 var $plugin; // ref. to plugin object
\r
26 var $bValid; // evaluates to true when object is considered valid
\r
27 var $admin; // ref to an admin object
\r
29 function PluginAdmin($pluginName)
\r
32 include_once($DIR_LIBS . 'ADMIN.php');
34 $this->strFullName = 'NP_' . $pluginName;
\r
36 // check if plugin exists and is installed
\r
37 if (!$manager->pluginInstalled($this->strFullName))
\r
38 doError(_ERROR_INVALID_PLUGIN);
\r
40 $this->plugin =& $manager->getPlugin($this->strFullName);
\r
41 $this->bValid = $this->plugin;
\r
44 doError(_ERROR_INVALID_PLUGIN);
\r
46 $this->admin = new ADMIN();
\r
47 $this->admin->action = 'plugin_' . $pluginName;
\r
50 function start($extraHead = '')
\r
53 $strBaseHref = '<base href="' . htmlspecialchars($CONF['AdminURL']) . '" />';
\r
54 $extraHead .= $strBaseHref;
\r
56 $this->admin->pagehead($extraHead);
\r
61 $this->_AddTicketByJS();
\r
62 $this->admin->pagefoot();
\r
66 * Add ticket when not used in plugin's admin page
\r
69 function _AddTicketByJS(){
\r
70 global $CONF,$ticketforplugin;
\r
71 if (!($ticket=$ticketforplugin['ticket'])) {
\r
72 //echo "\n<!--TicketForPlugin skipped-->\n";
\r
75 $ticket=htmlspecialchars($ticket,ENT_QUOTES);
\r
77 ?><script type="text/javascript">
\r
79 /* Add tickets for available links (outside blog excluded) */
\r
80 for (i=0;document.links[i];i++){
\r
81 if (document.links[i].href.indexOf('<?php echo $CONF['PluginURL']; ?>',0)<0
\r
82 && !(document.links[i].href.indexOf('//',0)<0)) continue;
\r
83 if ((j=document.links[i].href.indexOf('?',0))<0) continue;
\r
84 if (document.links[i].href.indexOf('ticket=',j)>=0) continue;
\r
85 document.links[i].href=document.links[i].href.substring(0,j+1)+'ticket=<?php echo $ticket; ?>&'+document.links[i].href.substring(j+1);
\r
87 /* Add tickets for forms (outside blog excluded) */
\r
88 for (i=0;document.forms[i];i++){
\r
89 /* check if ticket is already used */
\r
90 for (j=0;document.forms[i].elements[j];j++) {
\r
91 if (document.forms[i].elements[j].name=='ticket') {
\r
96 if (j==-1) continue;
\r
98 /* check if the modification works */
\r
99 try{document.forms[i].innerHTML+='';}catch(e){
\r
100 /* Modificaion falied: this sometime happens on IE */
\r
101 if (!document.forms[i].action.name && document.forms[i].method.toUpperCase()=="POST") {
\r
102 /* <input name="action"/> is not used for POST method*/
\r
103 if (document.forms[i].action.indexOf('<?php echo $CONF['PluginURL']; ?>',0)<0
\r
104 && !(document.forms[i].action.indexOf('//',0)<0)) continue;
\r
105 if (0<(j=document.forms[i].action.indexOf('?',0))) if (0<document.forms[i].action.indexOf('ticket=',j)) continue;
\r
106 if (j<0) document.forms[i].action+='?'+'ticket=<?php echo $ticket; ?>';
\r
107 else document.forms[i].action+='&'+'ticket=<?php echo $ticket; ?>';
\r
110 document.write('<?php echo _PLUGINADMIN_TICKETS_JAVASCRIPT ?>');
\r
111 j=document.forms[i].outerHTML;
\r
112 while (j!=j.replace('<','<')) j=j.replace('<','<');
\r
113 document.write('<p>'+j+'</p>');
\r
116 /* check the action paramer in form tag */
\r
117 /* note that <input name="action"/> may be used here */
\r
118 j=document.forms[i].innerHTML;
\r
119 document.forms[i].innerHTML='';
\r
120 if ((document.forms[i].action+'').indexOf('<?php echo $CONF['PluginURL']; ?>',0)<0
\r
121 && !((document.forms[i].action+'').indexOf('//',0)<0)) {
\r
122 document.forms[i].innerHTML=j;
\r
126 document.forms[i].innerHTML=j+'<input type="hidden" name="ticket" value="<?php echo $ticket; ?>"/>';
\r