3 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
\r
4 * Copyright (C) 2002-2012 The Nucleus Group
\r
6 * This program is free software; you can redistribute it and/or
\r
7 * modify it under the terms of the GNU General Public License
\r
8 * as published by the Free Software Foundation; either version 2
\r
9 * of the License, or (at your option) any later version.
\r
10 * (see nucleus/documentation/index.html#license for more info)
\r
13 * The code for the Nucleus admin area
\r
15 * @license http://nucleuscms.org/license.txt GNU General Public License
\r
16 * @copyright Copyright (C) 2002-2012 The Nucleus Group
\r
17 * @version $Id: ADMIN.php 1661 2012-02-12 11:55:39Z sakamocchi $
\r
20 if ( !function_exists('requestVar') ) exit;
\r
21 require_once dirname(__FILE__) . '/showlist.php';
\r
25 static private $skin;
\r
27 static public $action;
\r
28 static public $aOptions;
\r
29 static public $blog;
\r
30 static public $contents;
\r
31 static public $extrahead;
\r
32 static public $headMess;
\r
33 static public $passvar;
\r
35 static private $skinless_actions = array(
\r
36 'plugindeleteconfirm',
\r
37 'pluginoptionsupdate',
\r
38 'blogsettingsupdate',
\r
42 'banlistnewfromitem',
\r
43 'itemdeleteconfirm',
\r
45 'changemembersettings',
\r
50 'skinremovetypeconfirm',
\r
52 'skindeleteconfirm',
\r
60 'templatedeleteconfirm',
\r
64 'adminskinremovetypeconfirm',
\r
66 'adminskindeleteconfirm',
\r
68 'adminskineditgeneral',
\r
71 'adminskinieexport',
\r
73 'admintemplateupdate',
\r
74 'admintemplatedeleteconfirm',
\r
76 'admintemplateclone'
\r
79 static private $ticketless_actions = array(
\r
90 'editmembersettings',
\r
93 'browseowncomments',
\r
109 'banlistnewfromitem',
\r
135 'templateoverview',
\r
140 'adminskinoverview',
\r
144 'adminskinedittype',
\r
146 'adminskinremovetype',
\r
148 'adminskinieoverview',
\r
150 'admintemplateoverview',
\r
151 'admintemplateclone',
\r
152 'admintemplateedit',
\r
153 'admintemplatedelete'
\r
157 * NOTE: This is for condition of admin/normal skin actions
\r
159 static public $adminskin_actions = array(
\r
161 'adminskinoverview',
\r
165 'adminskinedittype',
\r
167 'adminskinremovetype',
\r
169 'adminskinieoverview',
\r
171 'admintemplateoverview',
\r
172 'admintemplateclone',
\r
173 'admintemplateedit',
\r
174 'admintemplatedelete',
\r
176 /* ticket needed */
\r
177 'adminskineditgeneral',
\r
179 'adminskindeleteconfirm',
\r
180 'adminskinremovetypeconfirm',
\r
182 'adminskinieoverview',
\r
183 'adminskiniedoimport',
\r
184 'adminskinieexport',
\r
185 'adminskinieimport',
\r
187 'admintemplatenew',
\r
188 'admintemplatedeleteconfirm',
\r
189 'admintemplateupdate'
\r
192 static public function initialize()
\r
194 global $CONF, $manager, $member;
\r
196 /* NOTE: 1. decide which skinid to use */
\r
197 $skinid = $CONF['AdminSkin'];
\r
198 if ( $member->isLoggedIn() )
\r
200 $memskin = $member->getAdminSkin();
\r
201 if ( $memskin && Skin::existsID($memskin))
\r
203 $skinid = $memskin;
\r
207 /* NOTE: 2. make an instance of skin object */
\r
208 if ( !Skin::existsID($skinid) )
\r
213 /* NOTE: 3. initializing each members */
\r
214 self::$skin =& $manager->getSkin($skinid, 'AdminActions', 'AdminSkin');
\r
215 self::$action = '';
\r
216 self::$extrahead = '';
\r
217 self::$passvar = '';
\r
218 self::$headMess = '';
\r
219 self::$aOptions = '';
\r
225 * Executes an action
\r
227 * @param string $action action to be performed
\r
230 static public function action($action)
\r
232 global $CONF, $manager, $member;
\r
234 /* 1. decide action name */
\r
235 $customAction = postvar('customaction');
\r
236 if ( empty($customAction) )
\r
239 'login' => 'overview',
\r
246 'login' => $customAction,
\r
247 '' => $customAction
\r
250 if ( array_key_exists($action, $alias) && isset($alias[$action]) )
\r
252 $action = $alias[$action];
\r
254 $method_name = "action_{$action}";
\r
255 self::$action = strtolower($action);
\r
257 /* 2. check ticket-needed action */
\r
258 if ( !in_array(self::$action, self::$ticketless_actions) && !$manager->checkTicket() )
\r
260 self::error(_ERROR_BADTICKET);
\r
264 /* 3. parse according to the action */
\r
265 else if ( method_exists('Admin', $method_name) )
\r
267 call_user_func(array(__CLASS__, $method_name));
\r
270 /* 4. parse special admin skin */
\r
271 elseif ( in_array(self::$action, self::$skinless_actions) )
\r
273 /* TODO: need to be implemented or not?
\r
274 self::action_parseSpecialskin();
\r
279 self::error(_BADACTION . ENTITY::hsc($action));
\r
287 * Action::action_showlogin()
\r
292 static private function action_showlogin()
\r
295 self::action_login($error);
\r
300 * Action::action_login()
\r
302 * @param string $msg message for pageheader
\r
303 * @param integer $passvars ???
\r
305 static private function action_login($msg = '', $passvars = 1)
\r
309 // skip to overview when allowed
\r
310 if ( $member->isLoggedIn() && $member->canLogin() )
\r
312 self::action_overview();
\r
316 /* TODO: needless variable??? */
\r
317 self::$passvar = $passvars;
\r
320 self::$headMess = $msg;
\r
323 self::$skin->parse('showlogin');
\r
327 * Action::action_overview()
\r
328 * provides a screen with the overview of the actions available
\r
330 * @param string $msg message for pageheader
\r
333 static private function action_overview($msg = '')
\r
337 self::$headMess = $msg;
\r
340 self::$skin->parse('overview');
\r
345 * Admin::action_manage()
\r
347 * @param string $msg message for pageheader
\r
350 static private function action_manage($msg = '')
\r
356 self::$headMess = $msg;
\r
358 $member->isAdmin() or self::disallow();
\r
360 self::$skin->parse('manage');
\r
365 * Action::action_itemlist()
\r
367 * @param integer id for weblod
\r
370 static private function action_itemlist($blogid = '')
\r
372 global $member, $manager, $CONF;
\r
374 if ( $blogid == '' )
\r
376 $blogid = intRequestVar('blogid');
\r
379 $member->teamRights($blogid) or $member->isAdmin() or self::disallow();
\r
381 self::$skin->parse('itemlist');
\r
386 * Action::action_batchitem()
\r
391 static private function action_batchitem()
\r
393 global $member, $manager;
\r
395 $member->isLoggedIn() or self::disallow();
\r
397 $selected = requestIntArray('batch');
\r
398 $action = requestVar('batchaction');
\r
400 if ( !is_array($selected) || sizeof($selected) == 0 )
\r
402 self::error(_BATCH_NOSELECTION);
\r
406 // On move: when no destination blog/category chosen, show choice now
\r
407 $destCatid = intRequestVar('destcatid');
\r
408 if ( ($action == 'move') && (!$manager->existsCategory($destCatid)) )
\r
410 self::batchMoveSelectDestination('item', $selected);
\r
413 // On delete: check if confirmation has been given
\r
414 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
\r
416 self::batchAskDeleteConfirmation('item', $selected);
\r
419 self::$skin->parse('batchitem');
\r
424 * Action::action_batchcomment()
\r
429 static private function action_batchcomment()
\r
433 $member->isLoggedIn() or self::disallow();
\r
435 $selected = requestIntArray('batch');
\r
436 $action = requestVar('batchaction');
\r
438 // Show error when no items were selected
\r
439 if ( !is_array($selected) || sizeof($selected) == 0 )
\r
441 self::error(_BATCH_NOSELECTION);
\r
445 // On delete: check if confirmation has been given
\r
446 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
\r
448 self::batchAskDeleteConfirmation('comment', $selected);
\r
451 self::$skin->parse('batchcomment');
\r
456 * Admin::action_batchmember()
\r
461 static private function action_batchmember()
\r
465 ($member->isLoggedIn() && $member->isAdmin()) or self::disallow();
\r
467 $selected = requestIntArray('batch');
\r
468 $action = requestVar('batchaction');
\r
470 // Show error when no members selected
\r
471 if ( !is_array($selected) || sizeof($selected) == 0 )
\r
473 self::error(_BATCH_NOSELECTION);
\r
477 // On delete: check if confirmation has been given
\r
478 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
\r
480 self::batchAskDeleteConfirmation('member',$selected);
\r
483 self::$skin->parse('batchmember');
\r
488 * Admin::action_batchteam()
\r
493 static private function action_batchteam()
\r
497 $blogid = intRequestVar('blogid');
\r
499 ($member->isLoggedIn() && $member->blogAdminRights($blogid)) or self::disallow();
\r
501 $selected = requestIntArray('batch');
\r
502 $action = requestVar('batchaction');
\r
504 if ( !is_array($selected) || sizeof($selected) == 0 )
\r
506 self::error(_BATCH_NOSELECTION);
\r
510 // On delete: check if confirmation has been given
\r
511 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
\r
513 self::batchAskDeleteConfirmation('team',$selected);
\r
516 self::$skin->parse('batchteam');
\r
521 * Admin::action_batchcategory()
\r
526 static private function action_batchcategory()
\r
528 global $member, $manager;
\r
530 $member->isLoggedIn() or self::disallow();
\r
532 $selected = requestIntArray('batch');
\r
533 $action = requestVar('batchaction');
\r
535 if ( !is_array($selected) || sizeof($selected) == 0 )
\r
537 self::error(_BATCH_NOSELECTION);
\r
541 // On move: when no destination blog chosen, show choice now
\r
542 $destBlogId = intRequestVar('destblogid');
\r
543 if ( ($action == 'move') && (!$manager->existsBlogID($destBlogId)) )
\r
545 self::batchMoveCategorySelectDestination('category', $selected);
\r
548 // On delete: check if confirmation has been given
\r
549 if ( ($action == 'delete') && (requestVar('confirmation') != 'yes') )
\r
551 self::batchAskDeleteConfirmation('category', $selected);
\r
554 self::$skin->parse('batchcategory');
\r
559 * Admin::batchMoveSelectDestination()
\r
561 * @param string $type type of batch action
\r
562 * @param integer $ids needless???
\r
565 * TODO: remove needless argument
\r
567 static private function batchMoveSelectDestination($type, $ids)
\r
569 $_POST['batchmove'] = $type;
\r
570 self::$skin->parse('batchmove');
\r
575 * Admin::batchMoveCategorySelectDestination()
\r
577 * @param string $type type of batch action
\r
578 * @param integer $ids needless???
\r
581 * TODO: remove needless argument
\r
583 static private function batchMoveCategorySelectDestination($type, $ids)
\r
585 $_POST['batchmove'] = $type;
\r
587 self::$skin->parse('batchmovecat');
\r
592 * Admin::batchAskDeleteConfirmation()
\r
594 * @param string $type type of batch action
\r
595 * @param integer $ids needless???
\r
598 * TODO: remove needless argument
\r
600 static private function batchAskDeleteConfirmation($type, $ids)
\r
602 self::$skin->parse('batchdelete');
\r
607 * Admin::action_browseownitems()
\r
612 static private function action_browseownitems()
\r
614 global $member, $manager, $CONF;
\r
616 self::$skin->parse('browseownitems');
\r
621 * Admin::action_itemcommentlist()
\r
622 * Show all the comments for a given item
\r
624 * @param integer $itemid ID for item
\r
627 static private function action_itemcommentlist($itemid = '')
\r
629 global $member, $manager, $CONF;
\r
631 if ( $itemid == '' )
\r
633 $itemid = intRequestVar('itemid');
\r
636 // only allow if user is allowed to alter item
\r
637 $member->canAlterItem($itemid) or self::disallow();
\r
639 $item =& $manager->getItem($itemid, 1, 1);
\r
640 $_REQUEST['itemid'] = $item['itemid'];
\r
641 $_REQUEST['blogid'] = $item['blogid'];
\r
643 self::$skin->parse('itemcommentlist');
\r
648 * Admin::action_browseowncomments()
\r
649 * Browse own comments
\r
654 static private function action_browseowncomments()
\r
656 self::$skin->parse('browseowncomments');
\r
661 * Admin::action_blogcommentlist()
\r
662 * Browse all comments for a weblog
\r
664 * @param integer $blogid ID for weblog
\r
667 static private function action_blogcommentlist($blogid = '')
\r
669 global $member, $manager, $CONF;
\r
671 if ( $blogid == '' )
\r
673 $blogid = intRequestVar('blogid');
\r
677 $blogid = intval($blogid);
\r
680 $member->teamRights($blogid) or $member->isAdmin() or self::disallow();
\r
682 /* TODO: we consider to use the other way insterad of this */
\r
683 $_REQUEST['blogid'] = $blogid;
\r
685 self::$skin->parse('blogcommentlist');
\r
690 * Admin::action_createaccount()
\r
695 static private function action_createaccount()
\r
699 if ( $CONF['AllowMemberCreate'] != 1 )
\r
701 self::$skin->parse('createaccountdisable');
\r
717 if ( array_key_exists('showform', $_POST) && $_POST['showform'] == 1 )
\r
719 $action = new Action();
\r
720 $message = $action->createAccount();
\r
721 if ( $message === 1 )
\r
723 self::$headMess = $message;
\r
724 self::$skin->parse('createaccountsuccess');
\r
728 /* TODO: validation */
\r
729 if ( array_key_exists('name', $_POST) )
\r
731 $contents['name'] = $_POST['name'];
\r
733 if ( array_key_exists('realname', $_POST) )
\r
735 $contents['realname'] = $_POST['realname'];
\r
737 if ( array_key_exists('email', $_POST) )
\r
739 $contents['email'] = $_POST['email'];
\r
741 if ( array_key_exists('url', $_POST) )
\r
743 $contents['url'] = $_POST['url'];
\r
746 self::$contents = $contents;
\r
750 self::$skin->parse('createaccountinput');
\r
755 * Admin::action_createitem()
\r
756 * Provide a page to item a new item to the given blog
\r
761 static private function action_createitem()
\r
763 global $member, $manager;
\r
765 $blogid = intRequestVar('blogid');
\r
767 // check if allowed
\r
768 $member->teamRights($blogid) or self::disallow();
\r
770 $blog =& $manager->getBlog($blogid);
\r
771 $contents = array();
\r
775 'contents' => &$contents
\r
777 $manager->notify('PreAddItemForm', $data);
\r
779 if ( $blog->convertBreaks() )
\r
781 if ( array_key_exists('body', $contents) && !empty($contents['body']) )
\r
783 $contents['body'] = removeBreaks($contents['body']);
\r
785 if ( array_key_exists('more', $contents) && !empty($contents['more']) )
\r
787 $contents['more'] = removeBreaks($contents['more']);
\r
791 self::$blog = &$blog;
\r
792 self::$contents = &$contents;
\r
794 self::$skin->parse('createitem');
\r
799 * Admin::action_itemedit()
\r
804 static private function action_itemedit()
\r
806 global $member, $manager;
\r
808 $itemid = intRequestVar('itemid');
\r
810 // only allow if user is allowed to alter item
\r
811 $member->canAlterItem($itemid) or self::disallow();
\r
813 $item =& $manager->getItem($itemid, 1, 1);
\r
814 $blog =& $manager->getBlog($item['blogid']);
\r
815 $manager->notify('PrepareItemForEdit', array('blog'=> &$blog, 'item' => &$item));
\r
817 if ( $blog->convertBreaks() )
\r
819 if ( array_key_exists('body', $item) && !empty($item['body']) )
\r
821 $item['body'] = removeBreaks($item['body']);
\r
823 if ( array_key_exists('more', $item) && !empty($item['more']) )
\r
825 $item['more'] = removeBreaks($item['more']);
\r
829 self::$blog = &$blog;
\r
830 self::$contents = &$item;
\r
832 self::$skin->parse('itemedit');
\r
837 * Admin::action_itemupdate()
\r
842 static private function action_itemupdate()
\r
844 global $member, $manager, $CONF;
\r
846 $itemid = intRequestVar('itemid');
\r
847 $catid = postVar('catid');
\r
849 // only allow if user is allowed to alter item
\r
850 $member->canUpdateItem($itemid, $catid) or self::disallow();
\r
852 $actiontype = postVar('actiontype');
\r
854 // delete actions are handled by itemdelete (which has confirmation)
\r
855 if ( $actiontype == 'delete' )
\r
857 self::action_itemdelete();
\r
861 $body = postVar('body');
\r
862 $title = postVar('title');
\r
863 $more = postVar('more');
\r
864 $closed = intPostVar('closed');
\r
865 $draftid = intPostVar('draftid');
\r
867 // default action = add now
\r
868 if ( !$actiontype )
\r
870 $actiontype='addnow';
\r
873 // create new category if needed
\r
874 if ( i18n::strpos($catid,'newcat') === 0 )
\r
877 list($blogid) = sscanf($catid,"newcat-%d");
\r
880 $blog =& $manager->getBlog($blogid);
\r
881 $catid = $blog->createNewCategory();
\r
883 // show error when sth goes wrong
\r
886 self::doError(_ERROR_CATCREATEFAIL);
\r
891 * set some variables based on actiontype
\r
894 * draft items -> addnow, addfuture, adddraft, delete
\r
895 * non-draft items -> edit, changedate, delete
\r
898 * $timestamp: set to a nonzero value for future dates or date changes
\r
899 * $wasdraft: set to 1 when the item used to be a draft item
\r
900 * $publish: set to 1 when the edited item is not a draft
\r
902 $blogid = getBlogIDFromItemID($itemid);
\r
903 $blog =& $manager->getBlog($blogid);
\r
905 $wasdrafts = array('adddraft', 'addfuture', 'addnow');
\r
906 $wasdraft = in_array($actiontype, $wasdrafts) ? 1 : 0;
\r
907 $publish = ($actiontype != 'adddraft' && $actiontype != 'backtodrafts') ? 1 : 0;
\r
908 if ( $actiontype == 'addfuture' || $actiontype == 'changedate' )
\r
910 $timestamp = mktime(intPostVar('hour'), intPostVar('minutes'), 0, intPostVar('month'), intPostVar('day'), intPostVar('year'));
\r
917 // edit the item for real
\r
918 Item::update($itemid, $catid, $title, $body, $more, $closed, $wasdraft, $publish, $timestamp);
\r
920 self::updateFuturePosted($blogid);
\r
922 if ( $draftid > 0 )
\r
924 // delete permission is checked inside Item::delete()
\r
925 Item::delete($draftid);
\r
928 if ( $catid != intPostVar('catid') )
\r
930 self::action_categoryedit(
\r
933 $CONF['AdminURL'] . 'index.php?action=itemlist&blogid=' . getBlogIDFromItemID($itemid)
\r
938 // TODO: set start item correctly for itemlist
\r
939 $item =& $manager->getitem($itemid, 1, 1);
\r
940 $query = "SELECT COUNT(*) FROM %s WHERE unix_timestamp(itime) <= '%s';";
\r
941 $query = sprintf($query, sql_table('item'), $item['timestamp']);
\r
942 $cnt = DB::getValue($query);
\r
943 $_REQUEST['start'] = $cnt + 1;
\r
944 self::action_itemlist(getBlogIDFromItemID($itemid));
\r
950 * Admin::action_itemdelete()
\r
956 static private function action_itemdelete()
\r
958 global $member, $manager;
\r
960 $itemid = intRequestVar('itemid');
\r
962 // only allow if user is allowed to alter item
\r
963 $member->canAlterItem($itemid) or self::disallow();
\r
965 if ( !$manager->existsItem($itemid,1,1) )
\r
967 self::error(_ERROR_NOSUCHITEM);
\r
971 self::$skin->parse('itemdelete');
\r
976 * Admin::action_itemdeleteconfirm()
\r
981 static private function action_itemdeleteconfirm()
\r
983 global $member, $manager;
\r
985 $itemid = intRequestVar('itemid');
\r
987 // only allow if user is allowed to alter item
\r
988 $member->canAlterItem($itemid) or self::disallow();
\r
991 $item =& $manager->getItem($itemid, 1, 1);
\r
993 // delete item (note: some checks will be performed twice)
\r
994 self::deleteOneItem($item['itemid']);
\r
996 self::action_itemlist($item['blogid']);
\r
1001 * Admin::deleteOneItem()
\r
1002 * Deletes one item and returns error if something goes wrong
\r
1004 * @param integer $itemid ID for item
\r
1007 static public function deleteOneItem($itemid)
\r
1009 global $member, $manager;
\r
1011 // only allow if user is allowed to alter item (also checks if itemid exists)
\r
1012 if ( !$member->canAlterItem($itemid) )
\r
1014 return _ERROR_DISALLOWED;
\r
1017 // need to get blogid before the item is deleted
\r
1018 $item =& $manager->getItem($itemid, 1, 1);
\r
1020 $manager->loadClass('ITEM');
\r
1021 Item::delete($item['itemid']);
\r
1023 // update blog's futureposted
\r
1024 self::updateFuturePosted($item['itemid']);
\r
1029 * Admin::updateFuturePosted()
\r
1030 * Update a blog's future posted flag
\r
1032 * @param integer $blogid
\r
1035 static private function updateFuturePosted($blogid)
\r
1039 $blogid = intval($blogid);
\r
1040 $blog =& $manager->getBlog($blogid);
\r
1041 $currenttime = $blog->getCorrectTime(time());
\r
1043 $query = "SELECT * FROM %s WHERE iblog=%d AND iposted=0 AND itime>'%s'";
\r
1044 $query = sprintf($query, sql_table('item'), (integer) $blogid, i18n::formatted_datetime('mysql', $currenttime));
\r
1045 $result = DB::getResult($query);
\r
1047 if ( $result->rowCount() > 0 )
\r
1049 $blog->setFuturePost();
\r
1053 $blog->clearFuturePost();
\r
1059 * Admin::action_itemmove()
\r
1064 static private function action_itemmove()
\r
1066 global $member, $manager;
\r
1068 $itemid = intRequestVar('itemid');
\r
1070 $member->canAlterItem($itemid) or self::disallow();
\r
1072 self::$skin->parse('itemmove');
\r
1077 * Admin::action_itemmoveto()
\r
1082 static private function action_itemmoveto()
\r
1084 global $member, $manager;
\r
1086 $itemid = intRequestVar('itemid');
\r
1087 $catid = requestVar('catid');
\r
1089 // create new category if needed
\r
1090 if ( i18n::strpos($catid,'newcat') === 0 )
\r
1093 list($blogid) = sscanf($catid,'newcat-%d');
\r
1096 $blog =& $manager->getBlog($blogid);
\r
1097 $catid = $blog->createNewCategory();
\r
1099 // show error when sth goes wrong
\r
1102 self::doError(_ERROR_CATCREATEFAIL);
\r
1106 // only allow if user is allowed to alter item
\r
1107 $member->canUpdateItem($itemid, $catid) or self::disallow();
\r
1109 $old_blogid = getBlogIDFromItemId($itemid);
\r
1111 Item::move($itemid, $catid);
\r
1113 // set the futurePosted flag on the blog
\r
1114 self::updateFuturePosted(getBlogIDFromItemId($itemid));
\r
1116 // reset the futurePosted in case the item is moved from one blog to another
\r
1117 self::updateFuturePosted($old_blogid);
\r
1119 if ( $catid != intRequestVar('catid') )
\r
1121 self::action_categoryedit($catid, $blog->getID());
\r
1125 self::action_itemlist(getBlogIDFromCatID($catid));
\r
1131 * Admin::moveOneItem()
\r
1132 * Moves one item to a given category (category existance should be checked by caller)
\r
1133 * errors are returned
\r
1135 * @param integer $itemid ID for item
\r
1136 * @param integer $destCatid ID for category to which the item will be moved
\r
1139 static public function moveOneItem($itemid, $destCatid)
\r
1143 // only allow if user is allowed to move item
\r
1144 if ( !$member->canUpdateItem($itemid, $destCatid) )
\r
1146 return _ERROR_DISALLOWED;
\r
1149 Item::move($itemid, $destCatid);
\r
1154 * Admin::action_additem()
\r
1155 * Adds a item to the chosen blog
\r
1160 static private function action_additem()
\r
1162 global $manager, $CONF;
\r
1164 $manager->loadClass('ITEM');
\r
1166 $result = Item::createFromRequest();
\r
1168 if ( $result['status'] == 'error' )
\r
1170 self::error($result['message']);
\r
1174 $item =& $manager->getItem($result['itemid'], 0, 0);
\r
1176 if ( $result['status'] == 'newcategory' )
\r
1178 $distURI = $manager->addTicketToUrl($CONF['AdminURL'] . 'index.php?action=itemList&blogid=' . $item['blogid']);
\r
1179 self::action_categoryedit($result['catid'], $item['blogid'], $distURI);
\r
1183 $methodName = 'action_itemlist';
\r
1184 self::action_itemlist($item['blogid']);
\r
1190 * Admin::action_commentedit()
\r
1191 * Allows to edit previously made comments
\r
1196 static private function action_commentedit()
\r
1198 global $member, $manager;
\r
1200 $commentid = intRequestVar('commentid');
\r
1202 $member->canAlterComment($commentid) or self::disallow();
\r
1204 $comment = COMMENT::getComment($commentid);
\r
1205 $manager->notify('PrepareCommentForEdit', array('comment' => &$comment));
\r
1207 self::$contents = $comment;
\r
1208 self::$skin->parse('commentedit');
\r
1213 * Admin::action_commentupdate()
\r
1218 static private function action_commentupdate()
\r
1220 global $member, $manager;
\r
1222 $commentid = intRequestVar('commentid');
\r
1224 $member->canAlterComment($commentid) or self::disallow();
\r
1226 $url = postVar('url');
\r
1227 $email = postVar('email');
\r
1228 $body = postVar('body');
\r
1230 // intercept words that are too long
\r
1231 if (preg_match('#[a-zA-Z0-9|\.,;:!\?=\/\\\\]{90,90}#', $body) != FALSE)
\r
1233 self::error(_ERROR_COMMENT_LONGWORD);
\r
1238 if ( i18n::strlen($body) < 3 )
\r
1240 self::error(_ERROR_COMMENT_NOCOMMENT);
\r
1244 if ( i18n::strlen($body) > 5000 )
\r
1246 self::error(_ERROR_COMMENT_TOOLONG);
\r
1251 $body = Comment::prepareBody($body);
\r
1257 $manager->notify('PreUpdateComment', $data);
\r
1259 $query = "UPDATE %s SET cmail=%s, cemail=%s, cbody=%s WHERE cnumber=%d;";
\r
1260 $query = sprintf($query, sql_table('comment'), DB::quoteValue($url), DB::quoteValue($email), DB::quoteValue($body), (integer) $commentid);
\r
1261 DB::execute($query);
\r
1264 $query = "SELECT citem FROM %s WHERE cnumber=%d;";
\r
1265 $query = sprintf($query, sql_table('comment'), (integer) $commentid);
\r
1267 $itemid = DB::getValue($query);
\r
1269 if ( $member->canAlterItem($itemid) )
\r
1271 self::action_itemcommentlist($itemid);
\r
1275 self::action_browseowncomments();
\r
1281 * Admin::action_commentdelete()
\r
1287 static private function action_commentdelete()
\r
1289 global $member, $manager;
\r
1291 $commentid = intRequestVar('commentid');
\r
1292 $member->canAlterComment($commentid) or self::disallow();
\r
1294 self::$skin->parse('commentdelete');
\r
1299 * Admin::action_commentdeleteconfirm()
\r
1304 static private function action_commentdeleteconfirm()
\r
1308 $commentid = intRequestVar('commentid');
\r
1310 // get item id first
\r
1311 $query = "SELECT citem FROM %s WHERE cnumber=%d;";
\r
1312 $query = sprintf($query, sql_table('comment'), (integer) $commentid);
\r
1314 $itemid = DB::getValue($query);
\r
1316 $error = self::deleteOneComment($commentid);
\r
1319 self::doError($error);
\r
1322 if ( $member->canAlterItem($itemid) )
\r
1324 self::action_itemcommentlist($itemid);
\r
1328 self::action_browseowncomments();
\r
1334 * Admin::deleteOneComment()
\r
1336 * @param integer $commentid ID for comment
\r
1339 static public function deleteOneComment($commentid)
\r
1341 global $member, $manager;
\r
1343 $commentid = (integer) $commentid;
\r
1345 if ( !$member->canAlterComment($commentid) )
\r
1347 return _ERROR_DISALLOWED;
\r
1351 'commentid' => $commentid
\r
1354 $manager->notify('PreDeleteComment', $data);
\r
1356 // delete the comments associated with the item
\r
1357 $query = "DELETE FROM %s WHERE cnumber=%d;";
\r
1358 $query = sprintf($query, sql_table('comment'), (integer) $commentid);
\r
1359 DB::execute($query);
\r
1362 'commentid' => $commentid
\r
1365 $manager->notify('PostDeleteComment', $data);
\r
1371 * Admin::action_usermanagement()
\r
1372 * Usermanagement main
\r
1377 static private function action_usermanagement()
\r
1379 global $member, $manager;
\r
1381 // check if allowed
\r
1382 $member->isAdmin() or self::disallow();
\r
1384 self::$skin->parse('usermanagement');
\r
1389 * Admin::action_memberedit()
\r
1390 * Edit member settings
\r
1395 static private function action_memberedit()
\r
1397 self::action_editmembersettings(intRequestVar('memberid'));
\r
1402 * Admin::action_editmembersettings()
\r
1404 * @param integer $memberid ID for member
\r
1408 static private function action_editmembersettings($memberid = '')
\r
1410 global $member, $manager, $CONF;
\r
1412 if ( $memberid == '' )
\r
1414 $memberid = $member->getID();
\r
1417 /* TODO: we should consider to use the other way insterad of this */
\r
1418 $_REQUEST['memberid'] = $memberid;
\r
1420 // check if allowed
\r
1421 ($member->getID() == $memberid) or $member->isAdmin() or self::disallow();
\r
1423 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/numbercheck.js)%>\"></script>\n";
\r
1425 self::$skin->parse('editmembersettings');
\r
1430 * Admin::action_changemembersettings()
\r
1435 static private function action_changemembersettings()
\r
1437 global $member, $CONF, $manager;
\r
1439 $memberid = intRequestVar('memberid');
\r
1441 // check if allowed
\r
1442 ($member->getID() == $memberid) or $member->isAdmin() or self::disallow();
\r
1444 $name = trim(strip_tags(postVar('name')));
\r
1445 $realname = trim(strip_tags(postVar('realname')));
\r
1446 $password = postVar('password');
\r
1447 $repeatpassword = postVar('repeatpassword');
\r
1448 $email = strip_tags(postVar('email'));
\r
1449 $url = strip_tags(postVar('url'));
\r
1450 $adminskin = intPostVar('adminskin');
\r
1451 $bookmarklet = intPostVar('bookmarklet');
\r
1453 // begin if: sometimes user didn't prefix the URL with http:// or https://, this cause a malformed URL. Let's fix it.
\r
1454 if ( !preg_match('#^https?://#', $url) )
\r
1456 $url = 'http://' . $url;
\r
1459 $admin = postVar('admin');
\r
1460 $canlogin = postVar('canlogin');
\r
1461 $notes = strip_tags(postVar('notes'));
\r
1462 $locale = postVar('locale');
\r
1464 $mem =& $manager->getMember($memberid);
\r
1466 if ( $CONF['AllowLoginEdit'] || $member->isAdmin() )
\r
1468 if ( !isValidDisplayName($name) )
\r
1470 self::error(_ERROR_BADNAME);
\r
1474 if ( ($name != $mem->getDisplayName()) && Member::exists($name) )
\r
1476 self::error(_ERROR_NICKNAMEINUSE);
\r
1480 if ( $password != $repeatpassword )
\r
1482 self::error(_ERROR_PASSWORDMISMATCH);
\r
1486 if ( $password && (i18n::strlen($password) < 6) )
\r
1488 self::error(_ERROR_PASSWORDTOOSHORT);
\r
1498 'password' => $password,
\r
1499 'errormessage' => &$pwderror,
\r
1500 'valid' => &$pwdvalid
\r
1502 $manager->notify('PrePasswordSet', $data);
\r
1506 self::error($pwderror);
\r
1512 if ( !NOTIFICATION::address_validation($email) )
\r
1514 self::error(_ERROR_BADMAILADDRESS);
\r
1519 self::error(_ERROR_REALNAMEMISSING);
\r
1522 if ( ($locale != '') && (!in_array($locale, i18n::get_available_locale_list())) )
\r
1524 self::error(_ERROR_NOSUCHTRANSLATION);
\r
1528 // check if there will remain at least one site member with both the logon and admin rights
\r
1529 // (check occurs when taking away one of these rights from such a member)
\r
1530 if ( (!$admin && $mem->isAdmin() && $mem->canLogin())
\r
1531 || (!$canlogin && $mem->isAdmin() && $mem->canLogin())
\r
1534 $r = DB::getResult('SELECT * FROM '.sql_table('member').' WHERE madmin=1 and mcanlogin=1');
\r
1535 if ( $r->rowCount() < 2 )
\r
1537 self::error(_ERROR_ATLEASTONEADMIN);
\r
1542 if ( $CONF['AllowLoginEdit'] || $member->isAdmin() )
\r
1544 $mem->setDisplayName($name);
\r
1547 $mem->setPassword($password);
\r
1551 $oldEmail = $mem->getEmail();
\r
1553 $mem->setRealName($realname);
\r
1554 $mem->setEmail($email);
\r
1555 $mem->setURL($url);
\r
1556 $mem->setNotes($notes);
\r
1557 $mem->setLocale($locale);
\r
1558 $mem->setAdminSkin($adminskin);
\r
1559 $mem->setBookmarklet($bookmarklet);
\r
1561 // only allow super-admins to make changes to the admin status
\r
1562 if ( $member->isAdmin() )
\r
1564 $mem->setAdmin($admin);
\r
1565 $mem->setCanLogin($canlogin);
\r
1568 $autosave = postVar('autosave');
\r
1569 $mem->setAutosave($autosave);
\r
1573 // store plugin options
\r
1574 $aOptions = requestArray('plugoption');
\r
1575 NucleusPlugin::apply_plugin_options($aOptions);
\r
1577 'context' => 'member',
\r
1578 'memberid' => $memberid,
\r
1581 $manager->notify('PostPluginOptionsUpdate', $data);
\r
1583 // if email changed, generate new password
\r
1584 if ( $oldEmail != $mem->getEmail() )
\r
1586 $mem->sendActivationLink('addresschange', $oldEmail);
\r
1588 $mem->newCookieKey();
\r
1590 // only log out if the member being edited is the current member.
\r
1591 if ( $member->getID() == $memberid )
\r
1593 $member->logout();
\r
1595 self::action_login(_MSG_ACTIVATION_SENT, 0);
\r
1599 if ( ($mem->getID() == $member->getID())
\r
1600 && ($mem->getDisplayName() != $member->getDisplayName()) )
\r
1602 $mem->newCookieKey();
\r
1603 $member->logout();
\r
1604 self::action_login(_MSG_LOGINAGAIN, 0);
\r
1608 self::action_overview(_MSG_SETTINGSCHANGED);
\r
1614 * Admin::action_memberadd()
\r
1620 static private function action_memberadd()
\r
1622 global $member, $manager;
\r
1624 // check if allowed
\r
1625 $member->isAdmin() or self::disallow();
\r
1627 if ( postVar('password') != postVar('repeatpassword') )
\r
1629 self::error(_ERROR_PASSWORDMISMATCH);
\r
1633 if ( i18n::strlen(postVar('password')) < 6 )
\r
1635 self::error(_ERROR_PASSWORDTOOSHORT);
\r
1639 $res = Member::create(
\r
1641 postVar('realname'),
\r
1642 postVar('password'),
\r
1646 postVar('canlogin'),
\r
1652 self::error($res);
\r
1656 // fire PostRegister event
\r
1657 $newmem = new Member();
\r
1658 $newmem->readFromName(postVar('name'));
\r
1660 'member' => &$newmem
\r
1662 $manager->notify('PostRegister', $data);
\r
1664 self::action_usermanagement();
\r
1669 * Admin::action_forgotpassword()
\r
1674 static private function action_forgotpassword()
\r
1676 self::$skin->parse('forgotpassword');
\r
1681 * Admin::action_activate()
\r
1682 * Account activation
\r
1687 static private function action_activate()
\r
1689 $key = getVar('key');
\r
1690 self::showActivationPage($key);
\r
1695 * Admin::showActivationPage()
\r
1700 static private function showActivationPage($key, $message = '')
\r
1704 // clean up old activation keys
\r
1705 Member::cleanupActivationTable();
\r
1707 // get activation info
\r
1708 $info = Member::getActivationInfo($key);
\r
1712 self::error(_ERROR_ACTIVATE);
\r
1716 $mem =& $manager->getMember($info->vmember);
\r
1720 self::error(_ERROR_ACTIVATE);
\r
1724 /* TODO: we should consider to use the other way insterad of this */
\r
1725 $_POST['ackey'] = $key;
\r
1726 $_POST['bNeedsPasswordChange'] = TRUE;
\r
1728 self::$headMess = $message;
\r
1729 self::$skin->parse('activate');
\r
1734 * Admin::action_activatesetpwd()
\r
1735 * Account activation - set password part
\r
1740 static private function action_activatesetpwd()
\r
1743 $key = postVar('key');
\r
1745 // clean up old activation keys
\r
1746 Member::cleanupActivationTable();
\r
1748 // get activation info
\r
1749 $info = Member::getActivationInfo($key);
\r
1751 if ( !$info || ($info->type == 'addresschange') )
\r
1753 return self::showActivationPage($key, _ERROR_ACTIVATE);
\r
1756 $mem =& $manager->getMember($info->vmember);
\r
1760 return self::showActivationPage($key, _ERROR_ACTIVATE);
\r
1763 $password = postVar('password');
\r
1764 $repeatpassword = postVar('repeatpassword');
\r
1766 if ( $password != $repeatpassword )
\r
1768 return self::showActivationPage($key, _ERROR_PASSWORDMISMATCH);
\r
1771 if ( $password && (i18n::strlen($password) < 6) )
\r
1773 return self::showActivationPage($key, _ERROR_PASSWORDTOOSHORT);
\r
1782 'password' => $password,
\r
1783 'errormessage' => &$pwderror,
\r
1784 'valid' => &$pwdvalid
\r
1786 $manager->notify('PrePasswordSet', $data);
\r
1789 return self::showActivationPage($key,$pwderror);
\r
1796 'type' => 'activation',
\r
1798 'error' => &$error
\r
1800 $manager->notify('ValidateForm', $data);
\r
1801 if ( $error != '' )
\r
1803 return self::showActivationPage($key, $error);
\r
1807 $mem->setPassword($password);
\r
1810 // do the activation
\r
1811 Member::activate($key);
\r
1813 self::$skin->parse('activatesetpwd');
\r
1818 * Admin::action_manageteam()
\r
1824 static private function action_manageteam()
\r
1826 global $member, $manager;
\r
1828 $blogid = intRequestVar('blogid');
\r
1830 // check if allowed
\r
1831 $member->blogAdminRights($blogid) or self::disallow();
\r
1833 self::$skin->parse('manageteam');
\r
1838 * Admin::action_teamaddmember()
\r
1839 * Add member to team
\r
1844 static private function action_teamaddmember()
\r
1846 global $member, $manager;
\r
1848 $memberid = intPostVar('memberid');
\r
1849 $blogid = intPostVar('blogid');
\r
1850 $admin = intPostVar('admin');
\r
1852 // check if allowed
\r
1853 $member->blogAdminRights($blogid) or self::disallow();
\r
1855 $blog =& $manager->getBlog($blogid);
\r
1856 if ( !$blog->addTeamMember($memberid, $admin) )
\r
1858 self::error(_ERROR_ALREADYONTEAM);
\r
1862 self::action_manageteam();
\r
1867 * Admin::action_teamdelete()
\r
1872 static private function action_teamdelete()
\r
1874 global $member, $manager;
\r
1876 $memberid = intRequestVar('memberid');
\r
1877 $blogid = intRequestVar('blogid');
\r
1879 // check if allowed
\r
1880 $member->blogAdminRights($blogid) or self::disallow();
\r
1882 $teammem =& $manager->getMember($memberid);
\r
1883 $blog =& $manager->getBlog($blogid);
\r
1885 self::$skin->parse('teamdelete');
\r
1890 * Admin::action_teamdeleteconfirm()
\r
1895 static private function action_teamdeleteconfirm()
\r
1899 $memberid = intRequestVar('memberid');
\r
1900 $blogid = intRequestVar('blogid');
\r
1902 $error = self::deleteOneTeamMember($blogid, $memberid);
\r
1905 self::error($error);
\r
1908 self::action_manageteam();
\r
1913 * Admin::deleteOneTeamMember()
\r
1918 static public function deleteOneTeamMember($blogid, $memberid)
\r
1920 global $member, $manager;
\r
1922 $blogid = intval($blogid);
\r
1923 $memberid = intval($memberid);
\r
1925 // check if allowed
\r
1926 if ( !$member->blogAdminRights($blogid) )
\r
1928 return _ERROR_DISALLOWED;
\r
1931 // check if: - there remains at least one blog admin
\r
1932 // - (there remains at least one team member)
\r
1933 $tmem =& $manager->getMember($memberid);
\r
1937 'member' => &$tmem,
\r
1938 'blogid' => $blogid
\r
1940 $manager->notify('PreDeleteTeamMember', $data);
\r
1942 if ( $tmem->isBlogAdmin($blogid) )
\r
1944 /* TODO: why we did double check? */
\r
1945 // check if there are more blog members left and at least one admin
\r
1946 // (check for at least two admins before deletion)
\r
1947 $query = "SELECT * FROM %s WHERE tblog=%d and tadmin=1;";
\r
1948 $query = sprintf($query, sql_table('team'), (integer) $blogid);
\r
1949 $r = DB::getResult($query);
\r
1950 if ( $r->rowCount() < 2 )
\r
1952 return _ERROR_ATLEASTONEBLOGADMIN;
\r
1956 $query = "DELETE FROM %s WHERE tblog=%d AND tmember=%d;";
\r
1957 $query = sprintf($query, sql_table('team'), (integer) $blogid, (integer) $memberid);
\r
1958 DB::execute($query);
\r
1961 'member' => &$tmem,
\r
1962 'blogid' => $blogid
\r
1964 $manager->notify('PostDeleteTeamMember', $data);
\r
1970 * Admin::action_teamchangeadmin()
\r
1975 static private function action_teamchangeadmin()
\r
1977 global $manager, $member;
\r
1979 $blogid = intRequestVar('blogid');
\r
1980 $memberid = intRequestVar('memberid');
\r
1982 // check if allowed
\r
1983 $member->blogAdminRights($blogid) or self::disallow();
\r
1985 $mem =& $manager->getMember($memberid);
\r
1987 // don't allow when there is only one admin at this moment
\r
1988 if ( $mem->isBlogAdmin($blogid) )
\r
1990 $query = "SELECT * FROM %s WHERE tblog=%d AND tadmin=1;";
\r
1991 $query = sprintf($query, sql_table('team'), (integer) $blogid);
\r
1992 $r = DB::getResult($query);
\r
1993 if ( $r->rowCount() == 1 )
\r
1995 self::error(_ERROR_ATLEASTONEBLOGADMIN);
\r
2000 if ( $mem->isBlogAdmin($blogid) )
\r
2009 $query = "UPDATE %s SET tadmin=%d WHERE tblog=%d and tmember=%d;";
\r
2010 $query = sprintf($query, (integer) $blogid, (integer) $newval, (integer) $blogid, (integer) $memberid);
\r
2011 DB::execute($query);
\r
2013 // only show manageteam if member did not change its own admin privileges
\r
2014 if ( $member->isBlogAdmin($blogid) )
\r
2016 self::action_manageteam();
\r
2020 self::action_overview(_MSG_ADMINCHANGED);
\r
2026 * Admin::action_blogsettings()
\r
2031 static private function action_blogsettings()
\r
2033 global $member, $manager;
\r
2035 $blogid = intRequestVar('blogid');
\r
2037 // check if allowed
\r
2038 $member->blogAdminRights($blogid) or self::disallow();
\r
2040 $blog =& $manager->getBlog($blogid);
\r
2042 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/numbercheck.js)%>\"></script>\n";
\r
2044 self::$skin->parse('blogsettings');
\r
2049 * Admin::action_categorynew()
\r
2054 static private function action_categorynew()
\r
2056 global $member, $manager;
\r
2058 $blogid = intRequestVar('blogid');
\r
2060 $member->blogAdminRights($blogid) or self::disallow();
\r
2062 $cname = postVar('cname');
\r
2063 $cdesc = postVar('cdesc');
\r
2065 if ( !isValidCategoryName($cname) )
\r
2067 self::error(_ERROR_BADCATEGORYNAME);
\r
2071 $query = "SELECT * FROM %s WHERE cname=%s AND cblog=%d;";
\r
2072 $query = sprintf($query, sql_table('category'), DB::quoteValue($cname), (integer) $blogid);
\r
2073 $res = DB::getResult($query);
\r
2074 if ( $res->rowCount() > 0 )
\r
2076 self::error(_ERROR_DUPCATEGORYNAME);
\r
2080 $blog =& $manager->getBlog($blogid);
\r
2081 $newCatID = $blog->createNewCategory($cname, $cdesc);
\r
2083 self::action_blogsettings();
\r
2088 * Admin::action_categoryedit()
\r
2093 static private function action_categoryedit($catid = '', $blogid = '', $desturl = '')
\r
2095 global $member, $manager;
\r
2097 if ( $blogid == '' )
\r
2099 $blogid = intGetVar('blogid');
\r
2103 $blogid = intval($blogid);
\r
2105 if ( $catid == '' )
\r
2107 $catid = intGetVar('catid');
\r
2111 $catid = intval($catid);
\r
2114 /* TODO: we should consider to use the other way insterad of this */
\r
2115 $_REQUEST['blogid'] = $blogid;
\r
2116 $_REQUEST['catid'] = $catid;
\r
2117 $_REQUEST['desturl'] = $desturl;
\r
2118 $member->blogAdminRights($blogid) or self::disallow();
\r
2120 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/numbercheck.js)%>\"></script>\n";
\r
2122 self::$skin->parse('categoryedit');
\r
2127 * Admin::action_categoryupdate()
\r
2132 static private function action_categoryupdate()
\r
2134 global $member, $manager;
\r
2136 $blogid = intPostVar('blogid');
\r
2137 $catid = intPostVar('catid');
\r
2138 $cname = postVar('cname');
\r
2139 $cdesc = postVar('cdesc');
\r
2140 $desturl = postVar('desturl');
\r
2142 $member->blogAdminRights($blogid) or self::disallow();
\r
2144 if ( !isValidCategoryName($cname) )
\r
2146 self::error(_ERROR_BADCATEGORYNAME);
\r
2150 $query = "SELECT * FROM %s WHERE cname=%s AND cblog=%d AND not(catid=%d);";
\r
2151 $query = sprintf($query, sql_table('category'), DB::quoteValue($cname), (integer) $blogid, (integer) $catid);
\r
2152 $res = DB::getResult($query);
\r
2153 if ( $res->rowCount() > 0 )
\r
2155 self::error(_ERROR_DUPCATEGORYNAME);
\r
2159 $query = "UPDATE %s SET cname=%s, cdesc=%s WHERE catid=%d;";
\r
2160 $query = sprintf($query, sql_table('category'), DB::quoteValue($cname), DB::quoteValue($cdesc), (integer) $catid);
\r
2161 DB::execute($query);
\r
2163 // store plugin options
\r
2164 $aOptions = requestArray('plugoption');
\r
2165 NucleusPlugin::apply_plugin_options($aOptions);
\r
2167 'context' => 'category',
\r
2170 $manager->notify('PostPluginOptionsUpdate', $data);
\r
2174 redirect($desturl);
\r
2178 self::action_blogsettings();
\r
2184 * Admin::action_categorydelete()
\r
2189 static private function action_categorydelete()
\r
2191 global $member, $manager;
\r
2193 $blogid = intRequestVar('blogid');
\r
2194 $catid = intRequestVar('catid');
\r
2196 $member->blogAdminRights($blogid) or self::disallow();
\r
2198 $blog =& $manager->getBlog($blogid);
\r
2200 // check if the category is valid
\r
2201 if ( !$blog->isValidCategory($catid) )
\r
2203 self::error(_ERROR_NOSUCHCATEGORY);
\r
2207 // don't allow deletion of default category
\r
2208 if ( $blog->getDefaultCategory() == $catid )
\r
2210 self::error(_ERROR_DELETEDEFCATEGORY);
\r
2214 // check if catid is the only category left for blogid
\r
2215 $query = "SELECT catid FROM %s WHERE cblog=%d;";
\r
2216 $query = sprintf($query, sql_table('category'), $blogid);
\r
2217 $res = DB::getResult($query);
\r
2218 if ( $res->rowCount() == 1 )
\r
2220 self::error(_ERROR_DELETELASTCATEGORY);
\r
2224 self::$skin->parse('categorydelete');
\r
2229 * Admin::action_categorydeleteconfirm()
\r
2234 static private function action_categorydeleteconfirm()
\r
2236 global $member, $manager;
\r
2238 $blogid = intRequestVar('blogid');
\r
2239 $catid = intRequestVar('catid');
\r
2241 $member->blogAdminRights($blogid) or self::disallow();
\r
2243 $error = self::deleteOneCategory($catid);
\r
2246 self::error($error);
\r
2250 self::action_blogsettings();
\r
2255 * Admin::deleteOneCategory()
\r
2256 * Delete a category by its id
\r
2258 * @param String $catid category id for deleting
\r
2261 static public function deleteOneCategory($catid)
\r
2263 global $manager, $member;
\r
2265 $catid = intval($catid);
\r
2266 $blogid = getBlogIDFromCatID($catid);
\r
2268 if ( !$member->blogAdminRights($blogid) )
\r
2270 return ERROR_DISALLOWED;
\r
2274 $blog =& $manager->getBlog($blogid);
\r
2276 // check if the category is valid
\r
2277 if ( !$blog || !$blog->isValidCategory($catid) )
\r
2279 return _ERROR_NOSUCHCATEGORY;
\r
2282 $destcatid = $blog->getDefaultCategory();
\r
2284 // don't allow deletion of default category
\r
2285 if ( $blog->getDefaultCategory() == $catid )
\r
2287 return _ERROR_DELETEDEFCATEGORY;
\r
2290 // check if catid is the only category left for blogid
\r
2291 $query = "SELECT catid FROM %s WHERE cblog=%d;";
\r
2292 $query = sprintf($query, sql_table('category'), (integer) $blogid);
\r
2294 $res = DB::getResult($query);
\r
2295 if ( $res->rowCount() == 1 )
\r
2297 return _ERROR_DELETELASTCATEGORY;
\r
2300 $data = array('catid' => $catid);
\r
2301 $manager->notify('PreDeleteCategory', $data);
\r
2303 // change category for all items to the default category
\r
2304 $query = "UPDATE %s SET icat=%d WHERE icat=%d;";
\r
2305 $query =sprintf($query, sql_table('item'), (integer) $destcatid, (integer) $catid);
\r
2306 DB::execute($query);
\r
2308 // delete all associated plugin options
\r
2309 NucleusPlugin::delete_option_values('category', (integer) $catid);
\r
2311 // delete category
\r
2312 $query = "DELETE FROM %s WHERE catid=%d;";
\r
2313 $query = sprintf($query, sql_table('category'), (integer) $catid);
\r
2314 DB::execute($query);
\r
2316 $data = array('catid' => $catid);
\r
2317 $manager->notify('PostDeleteCategory', $data);
\r
2322 * Admin::moveOneCategory()
\r
2323 * Delete a category by its id
\r
2325 * @param int $catid category id for move
\r
2326 * @param int $destblogid blog id for destination
\r
2329 static public function moveOneCategory($catid, $destblogid)
\r
2331 global $manager, $member;
\r
2332 $catid = intval($catid);
\r
2333 $destblogid = intval($destblogid);
\r
2334 $blogid = getBlogIDFromCatID($catid);
\r
2335 // mover should have admin rights on both blogs
\r
2336 if (!$member->blogAdminRights($blogid)) {
\r
2337 return _ERROR_DISALLOWED;
\r
2339 if (!$member->blogAdminRights($destblogid)) {
\r
2340 return _ERROR_DISALLOWED;
\r
2342 // cannot move to self
\r
2343 if ($blogid == $destblogid) {
\r
2344 return _ERROR_MOVETOSELF;
\r
2347 $blog =& $manager->getBlog($blogid);
\r
2348 $destblog =& $manager->getBlog($destblogid);
\r
2349 // check if the category is valid
\r
2350 if (!$blog || !$blog->isValidCategory($catid)) {
\r
2351 return _ERROR_NOSUCHCATEGORY;
\r
2353 // don't allow default category to be moved
\r
2354 if ($blog->getDefaultCategory() == $catid) {
\r
2355 return _ERROR_MOVEDEFCATEGORY;
\r
2358 'PreMoveCategory',
\r
2360 'catid' => &$catid,
\r
2361 'sourceblog' => &$blog,
\r
2362 'destblog' => &$destblog
\r
2365 // update comments table (cblog)
\r
2366 $query = 'SELECT '
\r
2369 . sql_table('item') . ' '
\r
2372 $items = sql_query(sprintf($query, $catid));
\r
2373 while ($oItem = sql_fetch_object($items)) {
\r
2374 $query = 'UPDATE '
\r
2375 . sql_table('comment') . ' '
\r
2377 . ' cblog = %d' . ' '
\r
2380 sql_query(sprintf($query, $destblogid, $oItem->inumber));
\r
2383 // update items (iblog)
\r
2384 $query = 'UPDATE '
\r
2385 . sql_table('item') . ' '
\r
2390 sql_query(sprintf($query, $destblogid, $catid));
\r
2393 $query = 'UPDATE '
\r
2394 . sql_table('category') . ' '
\r
2396 . ' cblog = %d' . ' '
\r
2399 sql_query(sprintf($query, $destblogid, $catid));
\r
2401 'PostMoveCategory',
\r
2403 'catid' => &$catid,
\r
2404 'sourceblog' => &$blog,
\r
2405 'destblog' => $destblog
\r
2412 * Admin::action_blogsettingsupdate
\r
2413 * Updating blog settings
\r
2418 static private function action_blogsettingsupdate()
\r
2420 global $member, $manager;
\r
2422 $blogid = intRequestVar('blogid');
\r
2424 $member->blogAdminRights($blogid) or self::disallow();
\r
2426 $blog =& $manager->getBlog($blogid);
\r
2428 $notify_address = trim(postVar('notify'));
\r
2429 $shortname = trim(postVar('shortname'));
\r
2430 $updatefile = trim(postVar('update'));
\r
2432 $notifyComment = intPostVar('notifyComment');
\r
2433 $notifyVote = intPostVar('notifyVote');
\r
2434 $notifyNewItem = intPostVar('notifyNewItem');
\r
2436 if ( $notifyComment == 0 )
\r
2438 $notifyComment = 1;
\r
2440 if ( $notifyVote == 0 )
\r
2444 if ( $notifyNewItem == 0 )
\r
2446 $notifyNewItem = 1;
\r
2448 $notifyType = $notifyComment * $notifyVote * $notifyNewItem;
\r
2450 if ( $notify_address && !NOTIFICATION::address_validation($notify_address) )
\r
2452 self::error(_ERROR_BADNOTIFY);
\r
2456 if ( !isValidShortName($shortname) )
\r
2458 self::error(_ERROR_BADSHORTBLOGNAME);
\r
2462 if ( ($blog->getShortName() != $shortname) && $manager->existsBlog($shortname) )
\r
2464 self::error(_ERROR_DUPSHORTBLOGNAME);
\r
2467 // check if update file is writable
\r
2468 if ( $updatefile && !is_writeable($updatefile) )
\r
2470 self::error(_ERROR_UPDATEFILE);
\r
2474 $blog->setName(trim(postVar('name')));
\r
2475 $blog->setShortName($shortname);
\r
2476 $blog->setNotifyAddress($notify_address);
\r
2477 $blog->setNotifyType($notifyType);
\r
2478 $blog->setMaxComments(postVar('maxcomments'));
\r
2479 $blog->setCommentsEnabled(postVar('comments'));
\r
2480 $blog->setTimeOffset(postVar('timeoffset'));
\r
2481 $blog->setUpdateFile($updatefile);
\r
2482 $blog->setURL(trim(postVar('url')));
\r
2483 $blog->setDefaultSkin(intPostVar('defskin'));
\r
2484 $blog->setDescription(trim(postVar('desc')));
\r
2485 $blog->setPublic(postVar('public'));
\r
2486 $blog->setConvertBreaks(intPostVar('convertbreaks'));
\r
2487 $blog->setAllowPastPosting(intPostVar('allowpastposting'));
\r
2488 $blog->setDefaultCategory(intPostVar('defcat'));
\r
2489 $blog->setSearchable(intPostVar('searchable'));
\r
2490 $blog->setEmailRequired(intPostVar('reqemail'));
\r
2491 $blog->writeSettings();
\r
2493 // store plugin options
\r
2494 $aOptions = requestArray('plugoption');
\r
2495 NucleusPlugin::apply_plugin_options($aOptions);
\r
2498 'context' => 'blog',
\r
2499 'blogid' => $blogid,
\r
2502 $manager->notify('PostPluginOptionsUpdate', $data);
\r
2504 self::action_overview(_MSG_SETTINGSCHANGED);
\r
2509 * Admin::action_deleteblog()
\r
2514 static private function action_deleteblog()
\r
2516 global $member, $CONF, $manager;
\r
2518 $blogid = intRequestVar('blogid');
\r
2520 $member->blogAdminRights($blogid) or self::disallow();
\r
2522 // check if blog is default blog
\r
2523 if ( $CONF['DefaultBlog'] == $blogid )
\r
2525 self::error(_ERROR_DELDEFBLOG);
\r
2529 $blog =& $manager->getBlog($blogid);
\r
2531 self::$skin->parse('deleteblog');
\r
2536 * Admin::action_deleteblogconfirm()
\r
2542 static private function action_deleteblogconfirm()
\r
2544 global $member, $CONF, $manager;
\r
2546 $blogid = intRequestVar('blogid');
\r
2548 $data = array('blogid' => $blogid);
\r
2549 $manager->notify('PreDeleteBlog', $data);
\r
2551 $member->blogAdminRights($blogid) or self::disallow();
\r
2553 // check if blog is default blog
\r
2554 if ( $CONF['DefaultBlog'] == $blogid )
\r
2556 self::error(_ERROR_DELDEFBLOG);
\r
2560 // delete all comments
\r
2561 $query = 'DELETE FROM ' . sql_table('comment') . ' WHERE cblog='.$blogid;
\r
2562 DB::execute($query);
\r
2564 // delete all items
\r
2565 $query = 'DELETE FROM ' . sql_table('item') . ' WHERE iblog=' . $blogid;
\r
2566 DB::execute($query);
\r
2568 // delete all team members
\r
2569 $query = 'DELETE FROM ' . sql_table('team') . ' WHERE tblog=' . $blogid;
\r
2570 DB::execute($query);
\r
2572 // delete all bans
\r
2573 $query = 'DELETE FROM ' . sql_table('ban') . ' WHERE blogid=' . $blogid;
\r
2574 DB::execute($query);
\r
2576 // delete all categories
\r
2577 $query = 'DELETE FROM ' . sql_table('category') . ' WHERE cblog=' . $blogid;
\r
2578 DB::execute($query);
\r
2580 // delete all associated plugin options
\r
2581 NucleusPlugin::delete_option_values('blog', $blogid);
\r
2583 // delete the blog itself
\r
2584 $query = 'DELETE FROM ' . sql_table('blog') . ' WHERE bnumber=' . $blogid;
\r
2585 DB::execute($query);
\r
2587 $data = array('blogid' => $blogid);
\r
2588 $manager->notify('PostDeleteBlog', $data);
\r
2590 self::action_overview(_DELETED_BLOG);
\r
2595 * Admin::action_memberdelete()
\r
2600 static private function action_memberdelete()
\r
2602 global $member, $manager;
\r
2604 $memberid = intRequestVar('memberid');
\r
2606 ($member->getID() == $memberid) or $member->isAdmin() or self::disallow();
\r
2608 $mem =& $manager->getMember($memberid);
\r
2610 self::$skin->parse('memberdelete');
\r
2615 * Admin::action_memberdeleteconfirm()
\r
2620 static private function action_memberdeleteconfirm()
\r
2624 $memberid = intRequestVar('memberid');
\r
2626 ($member->getID() == $memberid) or $member->isAdmin() or self::disallow();
\r
2628 $error = self::deleteOneMember($memberid);
\r
2631 self::error($error);
\r
2635 if ( $member->isAdmin() )
\r
2637 self::action_usermanagement();
\r
2642 self::action_overview(_DELETED_MEMBER);
\r
2649 * Admin::deleteOneMember()
\r
2650 * Delete a member by id
\r
2653 * @params Integer $memberid member id
\r
2654 * @return String null string or error messages
\r
2656 static public function deleteOneMember($memberid)
\r
2660 $memberid = intval($memberid);
\r
2661 $mem =& $manager->getMember($memberid);
\r
2663 if ( !$mem->canBeDeleted() )
\r
2665 return _ERROR_DELETEMEMBER;
\r
2668 $data = array('member' => &$mem);
\r
2669 $manager->notify('PreDeleteMember', $data);
\r
2671 /* unlink comments from memberid */
\r
2674 $query = "UPDATE %s SET cmember=0, cuser=%s WHERE cmember=%d;";
\r
2675 $query = sprintf($query, sql_table('comment'), DB::quoteValue($mem->getDisplayName()), $memberid);
\r
2676 DB::execute($query);
\r
2679 $query = 'DELETE FROM ' . sql_table('member') . ' WHERE mnumber=' . $memberid;
\r
2680 DB::execute($query);
\r
2682 $query = 'DELETE FROM ' . sql_table('team') . ' WHERE tmember=' . $memberid;
\r
2683 DB::execute($query);
\r
2685 $query = 'DELETE FROM ' . sql_table('activation') . ' WHERE vmember=' . $memberid;
\r
2686 DB::execute($query);
\r
2688 // delete all associated plugin options
\r
2689 NucleusPlugin::delete_option_values('member', $memberid);
\r
2691 $data = array('member' => &$mem);
\r
2692 $manager->notify('PostDeleteMember', $data);
\r
2698 * Admin::action_createnewlog()
\r
2703 static private function action_createnewlog()
\r
2705 global $member, $CONF, $manager;
\r
2707 // Only Super-Admins can do this
\r
2708 $member->isAdmin() or self::disallow();
\r
2710 self::$skin->parse('createnewlog');
\r
2715 * Admin::action_addnewlog()
\r
2720 static private function action_addnewlog()
\r
2722 global $member, $manager, $CONF;
\r
2724 // Only Super-Admins can do this
\r
2725 $member->isAdmin() or self::disallow();
\r
2727 $bname = trim(postVar('name'));
\r
2728 $bshortname = trim(postVar('shortname'));
\r
2729 $btimeoffset = postVar('timeoffset');
\r
2730 $bdesc = trim(postVar('desc'));
\r
2731 $bdefskin = postVar('defskin');
\r
2733 if ( !isValidShortName($bshortname) )
\r
2735 self::error(_ERROR_BADSHORTBLOGNAME);
\r
2739 if ( $manager->existsBlog($bshortname) )
\r
2741 self::error(_ERROR_DUPSHORTBLOGNAME);
\r
2746 'name' => &$bname,
\r
2747 'shortname' => &$bshortname,
\r
2748 'timeoffset' => &$btimeoffset,
\r
2749 'description' => &$bdesc,
\r
2750 'defaultskin' => &$bdefskin
\r
2752 $manager->notify('PreAddBlog', $data);
\r
2754 // add slashes for sql queries
\r
2755 $bname = DB::quoteValue($bname);
\r
2756 $bshortname = DB::quoteValue($bshortname);
\r
2757 $btimeoffset = DB::quoteValue($btimeoffset);
\r
2758 $bdesc = DB::quoteValue($bdesc);
\r
2759 $bdefskin = DB::quoteValue($bdefskin);
\r
2762 $query = "INSERT INTO %s (bname, bshortname, bdesc, btimeoffset, bdefskin) VALUES (%s, %s, %s, %s, %s);";
\r
2763 $query = sprintf($query, sql_table('blog'), $bname, $bshortname, $bdesc, $btimeoffset, $bdefskin);
\r
2764 DB::execute($query);
\r
2766 $blogid = DB::getInsertId();
\r
2767 $blog =& $manager->getBlog($blogid);
\r
2769 // create new category
\r
2770 $catdefname = (!defined('_EBLOGDEFAULTCATEGORY_NAME') ? 'General' : _EBLOGDEFAULTCATEGORY_NAME);
\r
2771 $catdefdesc = (!defined('_EBLOGDEFAULTCATEGORY_DESC') ? 'Items that do not fit in other categories' : _EBLOGDEFAULTCATEGORY_DESC);
\r
2773 $query = 'INSERT INTO %s (cblog, cname, cdesc) VALUES (%d, %s, %s)';
\r
2774 DB::execute(sprintf($query, sql_table('category'), (integer) $blogid, DB::quoteValue($catdefname), DB::quoteValue($catdefdesc)));
\r
2775 $catid = DB::getInsertId();
\r
2777 // set as default category
\r
2778 $blog->setDefaultCategory($catid);
\r
2779 $blog->writeSettings();
\r
2781 // create team member
\r
2782 $query = "INSERT INTO %s (tmember, tblog, tadmin) VALUES (%d, %d, 1);";
\r
2783 $query = sprintf($query, sql_table('team'), (integer) $member->getID(), (integer) $blogid);
\r
2784 DB::execute($query);
\r
2786 $itemdeftitle = (defined('_EBLOG_FIRSTITEM_TITLE') ? _EBLOG_FIRSTITEM_TITLE : 'First Item');
\r
2787 $itemdefbody = (defined('_EBLOG_FIRSTITEM_BODY') ? _EBLOG_FIRSTITEM_BODY : 'This is the first item in your weblog. Feel free to delete it.');
\r
2790 $blog->getDefaultCategory(),
\r
2791 $itemdeftitle,$itemdefbody,
\r
2795 $blog->getCorrectTime(),
\r
2801 $data = array('blog' => &$blog);
\r
2802 $manager->notify('PostAddBlog', $data);
\r
2806 'name' => _EBLOGDEFAULTCATEGORY_NAME,
\r
2807 'description' => _EBLOGDEFAULTCATEGORY_DESC,
\r
2810 $manager->notify('PostAddCategory', $data);
\r
2812 /* TODO: we should consider to use the other way insterad of this */
\r
2813 $_REQUEST['blogid'] = $blogid;
\r
2814 $_REQUEST['catid'] = $catid;
\r
2815 self::$skin->parse('addnewlog');
\r
2820 * Admin::action_addnewlog2()
\r
2825 static private function action_addnewlog2()
\r
2827 global $member, $manager;
\r
2828 $blogid = intRequestVar('blogid');
\r
2830 $member->blogAdminRights($blogid) or self::disallow();
\r
2832 $burl = requestVar('url');
\r
2834 $blog =& $manager->getBlog($blogid);
\r
2835 $blog->setURL(trim($burl));
\r
2836 $blog->writeSettings();
\r
2838 self::action_overview(_MSG_NEWBLOG);
\r
2843 * Admin::action_skinieoverview()
\r
2848 static private function action_skinieoverview()
\r
2850 global $member, $DIR_LIBS, $manager;
\r
2852 $member->isAdmin() or self::disallow();
\r
2854 include_once($DIR_LIBS . 'skinie.php');
\r
2856 self::$skin->parse('skinieoverview');
\r
2861 * Admin::action_skinieimport()
\r
2866 static private function action_skinieimport()
\r
2870 $member->isAdmin() or self::disallow();
\r
2872 $skinFileRaw = postVar('skinfile');
\r
2873 $mode = postVar('mode');
\r
2875 $error = self::skinieimport($mode, $skinFileRaw);
\r
2878 self::error($error);
\r
2882 self::$skin->parse('skinieimport');
\r
2887 * Admin::action_skiniedoimport()
\r
2892 static private function action_skiniedoimport()
\r
2894 global $member, $DIR_LIBS, $DIR_SKINS;
\r
2896 $member->isAdmin() or self::disallow();
\r
2898 // load skinie class
\r
2899 include_once($DIR_LIBS . 'skinie.php');
\r
2901 $mode = postVar('mode');
\r
2902 $skinFileRaw = postVar('skinfile');
\r
2903 $allowOverwrite = intPostVar('overwrite');
\r
2905 $error = self::skiniedoimport($mode, $skinFileRaw, $allowOverwrite);
\r
2908 self::error($msg);
\r
2912 self::$skin->parse('skiniedoimport');
\r
2917 * Admin::action_skinieexport()
\r
2922 static private function action_skinieexport()
\r
2926 $member->isAdmin() or self::disallow();
\r
2928 $aSkins = requestIntArray('skin');
\r
2929 $aTemplates = requestIntArray('template');
\r
2930 $info = postVar('info');
\r
2932 self::skinieexport($aSkins, $aTemplates, $info);
\r
2938 * Admin::action_templateoverview()
\r
2943 static private function action_templateoverview()
\r
2945 global $member, $manager;
\r
2947 $member->isAdmin() or self::disallow();
\r
2949 self::$skin->parse('templateoverview');
\r
2954 * Admin::action_templateedit()
\r
2956 * @param string $msg message for pageheader
\r
2959 static private function action_templateedit($msg = '')
\r
2961 global $member, $manager;
\r
2964 self::$headMess = $msg;
\r
2967 $templateid = intRequestVar('templateid');
\r
2969 $member->isAdmin() or self::disallow();
\r
2971 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(javascript/templateEdit.js)%>\"></script>\n";
\r
2972 self::$extrahead .= "<script type=\"text/javascript\">setTemplateEditText('" . Entity::hsc(_EDITTEMPLATE_EMPTY) . "');</script>\n";
\r
2974 self::$skin->parse('templateedit');
\r
2979 * Admin::action_templateupdate()
\r
2984 static private function action_templateupdate()
\r
2986 global $member,$manager;
\r
2988 $templateid = intRequestVar('templateid');
\r
2990 $member->isAdmin() or self::disallow();
\r
2992 $name = postVar('tname');
\r
2993 $desc = postVar('tdesc');
\r
2995 if ( !isValidTemplateName($name) )
\r
2997 self::error(_ERROR_BADTEMPLATENAME);
\r
3001 if ( (Template::getNameFromId($templateid) != $name) && Template::exists($name) )
\r
3003 self::error(_ERROR_DUPTEMPLATENAME);
\r
3007 // 1. Remove all template parts
\r
3008 $query = "DELETE FROM %s WHERE tdesc=%d;";
\r
3009 $query = sprintf($query, sql_table('template'), (integer) $templateid);
\r
3010 DB::execute($query);
\r
3012 // 2. Update description
\r
3013 $query = "UPDATE %s SET tdname=%s, tddesc=%s WHERE tdnumber=%d;";
\r
3014 $query = sprintf($query, sql_table('template_desc'), DB::quoteValue($name), DB::quoteValue($desc), (integer) $templateid);
\r
3015 DB::execute($query);
\r
3017 // 3. Add non-empty template parts
\r
3018 self::addToTemplate($templateid, 'ITEM_HEADER', postVar('ITEM_HEADER'));
\r
3019 self::addToTemplate($templateid, 'ITEM', postVar('ITEM'));
\r
3020 self::addToTemplate($templateid, 'ITEM_FOOTER', postVar('ITEM_FOOTER'));
\r
3021 self::addToTemplate($templateid, 'MORELINK', postVar('MORELINK'));
\r
3022 self::addToTemplate($templateid, 'EDITLINK', postVar('EDITLINK'));
\r
3023 self::addToTemplate($templateid, 'NEW', postVar('NEW'));
\r
3024 self::addToTemplate($templateid, 'COMMENTS_HEADER', postVar('COMMENTS_HEADER'));
\r
3025 self::addToTemplate($templateid, 'COMMENTS_BODY', postVar('COMMENTS_BODY'));
\r
3026 self::addToTemplate($templateid, 'COMMENTS_FOOTER', postVar('COMMENTS_FOOTER'));
\r
3027 self::addToTemplate($templateid, 'COMMENTS_CONTINUED', postVar('COMMENTS_CONTINUED'));
\r
3028 self::addToTemplate($templateid, 'COMMENTS_TOOMUCH', postVar('COMMENTS_TOOMUCH'));
\r
3029 self::addToTemplate($templateid, 'COMMENTS_AUTH', postVar('COMMENTS_AUTH'));
\r
3030 self::addToTemplate($templateid, 'COMMENTS_ONE', postVar('COMMENTS_ONE'));
\r
3031 self::addToTemplate($templateid, 'COMMENTS_MANY', postVar('COMMENTS_MANY'));
\r
3032 self::addToTemplate($templateid, 'COMMENTS_NONE', postVar('COMMENTS_NONE'));
\r
3033 self::addToTemplate($templateid, 'ARCHIVELIST_HEADER', postVar('ARCHIVELIST_HEADER'));
\r
3034 self::addToTemplate($templateid, 'ARCHIVELIST_LISTITEM', postVar('ARCHIVELIST_LISTITEM'));
\r
3035 self::addToTemplate($templateid, 'ARCHIVELIST_FOOTER', postVar('ARCHIVELIST_FOOTER'));
\r
3036 self::addToTemplate($templateid, 'BLOGLIST_HEADER', postVar('BLOGLIST_HEADER'));
\r
3037 self::addToTemplate($templateid, 'BLOGLIST_LISTITEM', postVar('BLOGLIST_LISTITEM'));
\r
3038 self::addToTemplate($templateid, 'BLOGLIST_FOOTER', postVar('BLOGLIST_FOOTER'));
\r
3039 self::addToTemplate($templateid, 'CATLIST_HEADER', postVar('CATLIST_HEADER'));
\r
3040 self::addToTemplate($templateid, 'CATLIST_LISTITEM', postVar('CATLIST_LISTITEM'));
\r
3041 self::addToTemplate($templateid, 'CATLIST_FOOTER', postVar('CATLIST_FOOTER'));
\r
3042 self::addToTemplate($templateid, 'DATE_HEADER', postVar('DATE_HEADER'));
\r
3043 self::addToTemplate($templateid, 'DATE_FOOTER', postVar('DATE_FOOTER'));
\r
3044 self::addToTemplate($templateid, 'FORMAT_DATE', postVar('FORMAT_DATE'));
\r
3045 self::addToTemplate($templateid, 'FORMAT_TIME', postVar('FORMAT_TIME'));
\r
3046 self::addToTemplate($templateid, 'LOCALE', postVar('LOCALE'));
\r
3047 self::addToTemplate($templateid, 'SEARCH_HIGHLIGHT', postVar('SEARCH_HIGHLIGHT'));
\r
3048 self::addToTemplate($templateid, 'SEARCH_NOTHINGFOUND', postVar('SEARCH_NOTHINGFOUND'));
\r
3049 self::addToTemplate($templateid, 'POPUP_CODE', postVar('POPUP_CODE'));
\r
3050 self::addToTemplate($templateid, 'MEDIA_CODE', postVar('MEDIA_CODE'));
\r
3051 self::addToTemplate($templateid, 'IMAGE_CODE', postVar('IMAGE_CODE'));
\r
3053 $data = array('fields' => array());
\r
3054 $manager->notify('TemplateExtraFields', $data);
\r
3055 foreach ( $data['fields'] as $pfkey=>$pfvalue )
\r
3057 foreach ( $pfvalue as $pffield => $pfdesc )
\r
3059 self::addToTemplate($templateid, $pffield, postVar($pffield));
\r
3063 // jump back to template edit
\r
3064 self::action_templateedit(_TEMPLATE_UPDATED);
\r
3069 * Admin::addToTemplate()
\r
3071 * @param Integer $id ID for template
\r
3072 * @param String $partname parts name
\r
3073 * @param String $content template contents
\r
3074 * @return Integer record index
\r
3077 static private function addToTemplate($id, $partname, $content)
\r
3079 // don't add empty parts:
\r
3080 if ( !trim($content) )
\r
3085 $query = "INSERT INTO %s (tdesc, tpartname, tcontent) VALUES (%d, %s, %s);";
\r
3086 $query = sprintf($query, sql_table('template'), (integer) $id, DB::quoteValue($partname), DB::quoteValue($content));
\r
3087 if ( DB::execute($query) === FALSE )
\r
3089 $err = DB::getError();
\r
3090 exit(_ADMIN_SQLDIE_QUERYERROR . $err[2]);
\r
3092 return DB::getInsertId();
\r
3096 * Admin::action_templatedelete()
\r
3101 static private function action_templatedelete()
\r
3103 global $member, $manager;
\r
3105 $member->isAdmin() or self::disallow();
\r
3107 $templateid = intRequestVar('templateid');
\r
3108 // TODO: check if template can be deleted
\r
3110 self::$skin->parse('templatedelete');
\r
3115 * Admin::action_templatedeleteconfirm()
\r
3120 static private function action_templatedeleteconfirm()
\r
3122 global $member, $manager;
\r
3124 $templateid = intRequestVar('templateid');
\r
3126 $member->isAdmin() or self::disallow();
\r
3128 $data = array('templateid' => $templateid);
\r
3129 $manager->notify('PreDeleteTemplate', $data);
\r
3131 // 1. delete description
\r
3132 DB::execute('DELETE FROM ' . sql_table('template_desc') . ' WHERE tdnumber=' . $templateid);
\r
3134 // 2. delete parts
\r
3135 DB::execute('DELETE FROM ' . sql_table('template') . ' WHERE tdesc=' . $templateid);
\r
3138 $data = array('templateid' => $templateid);
\r
3139 $manager->notify('PostDeleteTemplate', $data);
\r
3141 self::action_templateoverview();
\r
3146 * Admin::action_templatenew()
\r
3151 static private function action_templatenew()
\r
3155 $member->isAdmin() or self::disallow();
\r
3157 $name = postVar('name');
\r
3158 $desc = postVar('desc');
\r
3160 if ( !isValidTemplateName($name) )
\r
3162 self::error(_ERROR_BADTEMPLATENAME);
\r
3166 if ( Template::exists($name) )
\r
3168 self::error(_ERROR_DUPTEMPLATENAME);
\r
3172 $newTemplateId = Template::createNew($name, $desc);
\r
3174 self::action_templateoverview();
\r
3179 * Admin::action_templateclone()
\r
3184 static private function action_templateclone()
\r
3188 $templateid = intRequestVar('templateid');
\r
3190 $member->isAdmin() or self::disallow();
\r
3192 // 1. read old template
\r
3193 $name = Template::getNameFromId($templateid);
\r
3194 $desc = Template::getDesc($templateid);
\r
3196 // 2. create desc thing
\r
3197 $name = "cloned" . $name;
\r
3199 // if a template with that name already exists:
\r
3200 if ( Template::exists($name) )
\r
3203 while (Template::exists($name . $i))
\r
3210 $newid = Template::createNew($name, $desc);
\r
3212 // 3. create clone
\r
3213 // go through parts of old template and add them to the new one
\r
3214 $query = "SELECT tpartname, tcontent FROM %s WHERE tdesc=%d;";
\r
3215 $query = sprintf($query, sql_table('template'), (integer) $templateid);
\r
3217 $res = DB::getResult($query);
\r
3218 foreach ( $res as $row)
\r
3220 self::addToTemplate($newid, $row['tpartname'], $row['tcontent']);
\r
3223 self::action_templateoverview();
\r
3228 * Admin::action_admintemplateoverview()
\r
3233 static private function action_admintemplateoverview()
\r
3236 $member->isAdmin() or self::disallow();
\r
3237 self::$skin->parse('admntemplateoverview');
\r
3242 * Admin::action_admintemplateedit()
\r
3244 * @param string $msg message for pageheader
\r
3247 static private function action_admintemplateedit($msg = '')
\r
3249 global $member, $manager;
\r
3252 self::$headMess = $msg;
\r
3254 $member->isAdmin() or self::disallow();
\r
3256 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(javascript/templateEdit.js)%>\"></script>\n";
\r
3257 self::$extrahead .= '<script type="text/javascript">setTemplateEditText("' . Entity::hsc(_EDITTEMPLATE_EMPTY) . '");</script>' . "\n";
\r
3259 self::$skin->parse('admintemplateedit');
\r
3264 * Admin::action_admintemplateupdate()
\r
3269 static private function action_admintemplateupdate()
\r
3271 global $member, $manager;
\r
3272 $templateid = intRequestVar('templateid');
\r
3273 $member->isAdmin() or self::disallow();
\r
3274 $name = postVar('tname');
\r
3275 $desc = postVar('tdesc');
\r
3277 if ( !isValidTemplateName($name) )
\r
3279 self::error(_ERROR_BADTEMPLATENAME);
\r
3283 if ( (Template::getNameFromId($templateid) != $name) && Template::exists($name) )
\r
3285 self::error(_ERROR_DUPTEMPLATENAME);
\r
3289 // 1. Remove all template parts
\r
3290 $query = "DELETE FROM %s WHERE tdesc=%d;";
\r
3291 $query = sprintf($query, sql_table('template'), (integer) $templateid);
\r
3292 DB::execute($query);
\r
3294 // 2. Update description
\r
3295 $query = "UPDATE %s SET tdname=%s, tddesc=%s WHERE tdnumber=%d;";
\r
3296 $query = sprintf($query, sql_table('template_desc'), DB::quoteValue($name), DB::quoteValue($desc), (integer) $templateid);
\r
3297 DB::execute($query);
\r
3299 // 3. Add non-empty template parts
\r
3300 self::addToTemplate($templateid, 'NORMALSKINLIST_HEAD', postVar('NORMALSKINLIST_HEAD'));
\r
3301 self::addToTemplate($templateid, 'NORMALSKINLIST_BODY', postVar('NORMALSKINLIST_BODY'));
\r
3302 self::addToTemplate($templateid, 'NORMALSKINLIST_FOOT', postVar('NORMALSKINLIST_FOOT'));
\r
3303 self::addToTemplate($templateid, 'ADMIN_CUSTOMHELPLINK_ICON', postVar('ADMIN_CUSTOMHELPLINK_ICON'));
\r
3304 self::addToTemplate($templateid, 'ADMIN_CUSTOMHELPLINK_ANCHOR', postVar('ADMIN_CUSTOMHELPLINK_ANCHOR'));
\r
3305 self::addToTemplate($templateid, 'ADMIN_BLOGLINK', postVar('ADMIN_BLOGLINK'));
\r
3306 self::addToTemplate($templateid, 'ADMIN_BATCHLIST', postVar('ADMIN_BATCHLIST'));
\r
3307 self::addToTemplate($templateid, 'ACTIVATE_FORGOT_TITLE', postVar('ACTIVATE_FORGOT_TITLE'));
\r
3308 self::addToTemplate($templateid, 'ACTIVATE_FORGOT_TEXT', postVar('ACTIVATE_FORGOT_TEXT'));
\r
3309 self::addToTemplate($templateid, 'ACTIVATE_REGISTER_TITLE', postVar('ACTIVATE_REGISTER_TITLE'));
\r
3310 self::addToTemplate($templateid, 'ACTIVATE_REGISTER_TEXT', postVar('ACTIVATE_REGISTER_TEXT'));
\r
3311 self::addToTemplate($templateid, 'ACTIVATE_CHANGE_TITLE', postVar('ACTIVATE_CHANGE_TITLE'));
\r
3312 self::addToTemplate($templateid, 'ACTIVATE_CHANGE_TEXT', postVar('ACTIVATE_CHANGE_TEXT'));
\r
3313 self::addToTemplate($templateid, 'TEMPLATE_EDIT_EXPLUGNAME', postVar('TEMPLATE_EDIT_EXPLUGNAME'));
\r
3314 self::addToTemplate($templateid, 'TEMPLATE_EDIT_ROW_HEAD', postVar('TEMPLATE_EDIT_ROW_HEAD'));
\r
3315 self::addToTemplate($templateid, 'TEMPLATE_EDIT_ROW_TAIL', postVar('TEMPLATE_EDIT_ROW_TAIL'));
\r
3316 self::addToTemplate($templateid, 'SPECIALSKINLIST_HEAD', postVar('SPECIALSKINLIST_HEAD'));
\r
3317 self::addToTemplate($templateid, 'SPECIALSKINLIST_BODY', postVar('SPECIALSKINLIST_BODY'));
\r
3318 self::addToTemplate($templateid, 'SPECIALSKINLIST_FOOT', postVar('SPECIALSKINLIST_FOOT'));
\r
3319 self::addToTemplate($templateid, 'SYSTEMINFO_GDSETTINGS', postVar('SYSTEMINFO_GDSETTINGS'));
\r
3320 self::addToTemplate($templateid, 'BANLIST_DELETED_LIST', postVar('BANLIST_DELETED_LIST'));
\r
3321 self::addToTemplate($templateid, 'INSERT_PLUGOPTION_TITLE', postVar('INSERT_PLUGOPTION_TITLE'));
\r
3322 self::addToTemplate($templateid, 'INSERT_PLUGOPTION_BODY', postVar('INSERT_PLUGOPTION_BODY'));
\r
3323 self::addToTemplate($templateid, 'INPUTYESNO_TEMPLATE_ADMIN', postVar('INPUTYESNO_TEMPLATE_ADMIN'));
\r
3324 self::addToTemplate($templateid, 'INPUTYESNO_TEMPLATE_NORMAL', postVar('INPUTYESNO_TEMPLATE_NORMAL'));
\r
3325 self::addToTemplate($templateid, 'ADMIN_SPECIALSKINLIST_HEAD', postVar('ADMIN_SPECIALSKINLIST_HEAD'));
\r
3326 self::addToTemplate($templateid, 'ADMIN_SPECIALSKINLIST_BODY', postVar('ADMIN_SPECIALSKINLIST_BODY'));
\r
3327 self::addToTemplate($templateid, 'ADMIN_SPECIALSKINLIST_FOOT', postVar('ADMIN_SPECIALSKINLIST_FOOT'));
\r
3328 self::addToTemplate($templateid, 'SKINIE_EXPORT_LIST', postVar('SKINIE_EXPORT_LIST'));
\r
3329 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_SELECT_HEAD', postVar('SHOWLIST_LISTPLUG_SELECT_HEAD'));
\r
3330 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_SELECT_BODY', postVar('SHOWLIST_LISTPLUG_SELECT_BODY'));
\r
3331 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_SELECT_FOOT', postVar('SHOWLIST_LISTPLUG_SELECT_FOOT'));
\r
3332 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_HEAD'));
\r
3333 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_BODY'));
\r
3334 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_FOOT'));
\r
3335 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_MEMBLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_MEMBLIST_HEAD'));
\r
3336 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_MEMBLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_MEMBLIST_BODY'));
\r
3337 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_MEMBLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_MEMBLIST_FOOT'));
\r
3338 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TEAMLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_TEAMLIST_HEAD'));
\r
3339 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TEAMLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_TEAMLIST_BODY'));
\r
3340 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TEAMLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_TEAMLIST_FOOT'));
\r
3341 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_HEAD'));
\r
3342 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_BODY'));
\r
3343 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_GURL', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_GURL'));
\r
3344 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGEVENTLIST', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGEVENTLIST'));
\r
3345 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGNEDUPDATE', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGNEDUPDATE'));
\r
3346 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGIN_DEPEND', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGIN_DEPEND'));
\r
3347 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGIN_DEPREQ', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGIN_DEPREQ'));
\r
3348 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLISTFALSE', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLISTFALSE'));
\r
3349 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_ACTN', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_ACTN'));
\r
3350 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_ADMN', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_ADMN'));
\r
3351 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_HELP', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_HELP'));
\r
3352 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGOPTSETURL', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGOPTSETURL'));
\r
3353 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGLIST_FOOT'));
\r
3354 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_POPTLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_POPTLIST_HEAD'));
\r
3355 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_POPTLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_POPTLIST_BODY'));
\r
3356 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OYESNO', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OYESNO'));
\r
3357 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OPWORD', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OPWORD'));
\r
3358 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEP', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEP'));
\r
3359 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEO', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEO'));
\r
3360 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEC', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OSELEC'));
\r
3361 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OTAREA', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OTAREA'));
\r
3362 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLGOPT_OITEXT', postVar('SHOWLIST_LISTPLUG_TABLE_PLGOPT_OITEXT'));
\r
3363 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_PLUGOPTN_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_PLUGOPTN_FOOT'));
\r
3364 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_POPTLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_POPTLIST_FOOT'));
\r
3365 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ITEMLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_ITEMLIST_HEAD'));
\r
3366 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ITEMLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_ITEMLIST_BODY'));
\r
3367 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ITEMLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_ITEMLIST_FOOT'));
\r
3368 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CMNTLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_CMNTLIST_HEAD'));
\r
3369 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CMNTLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_CMNTLIST_BODY'));
\r
3370 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CMNTLIST_ABAN', postVar('SHOWLIST_LISTPLUG_TABLE_CMNTLIST_ABAN'));
\r
3371 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CMNTLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_CMNTLIST_FOOT'));
\r
3372 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGLIST_HEAD'));
\r
3373 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGLIST_BODY'));
\r
3374 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLIST_BD_TADM', postVar('SHOWLIST_LISTPLUG_TABLE_BLIST_BD_TADM'));
\r
3375 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLIST_BD_SADM', postVar('SHOWLIST_LISTPLUG_TABLE_BLIST_BD_SADM'));
\r
3376 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGLIST_FOOT'));
\r
3377 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_HEAD'));
\r
3378 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_BODY'));
\r
3379 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_BLOGSNAM_FOOT'));
\r
3380 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SHORTNAM_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_SHORTNAM_HEAD'));
\r
3381 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SHORTNAM_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_SHORTNAM_BODY'));
\r
3382 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SHORTNAM_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_SHORTNAM_FOOT'));
\r
3383 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CATELIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_CATELIST_HEAD'));
\r
3384 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CATELIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_CATELIST_BODY'));
\r
3385 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_CATELIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_CATELIST_FOOT'));
\r
3386 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TPLTLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_TPLTLIST_HEAD'));
\r
3387 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TPLTLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_TPLTLIST_BODY'));
\r
3388 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_TPLTLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_TPLTLIST_FOOT'));
\r
3389 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SKINLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_SKINLIST_HEAD'));
\r
3390 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SKINLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_SKINLIST_BODY'));
\r
3391 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_SKINLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_SKINLIST_FOOT'));
\r
3392 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_DRFTLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_DRFTLIST_HEAD'));
\r
3393 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_DRFTLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_DRFTLIST_BODY'));
\r
3394 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_DRFTLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_DRFTLIST_FOOT'));
\r
3395 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ACTNLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_ACTNLIST_HEAD'));
\r
3396 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ACTNLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_ACTNLIST_BODY'));
\r
3397 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_ACTNLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_ACTNLIST_FOOT'));
\r
3398 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_IBANLIST_HEAD', postVar('SHOWLIST_LISTPLUG_TABLE_IBANLIST_HEAD'));
\r
3399 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_IBANLIST_BODY', postVar('SHOWLIST_LISTPLUG_TABLE_IBANLIST_BODY'));
\r
3400 self::addToTemplate($templateid, 'SHOWLIST_LISTPLUG_TABLE_IBANLIST_FOOT', postVar('SHOWLIST_LISTPLUG_TABLE_IBANLIST_FOOT'));
\r
3401 self::addToTemplate($templateid, 'PLUGIN_QUICKMENU_TITLE', postVar('PLUGIN_QUICKMENU_TITLE'));
\r
3402 self::addToTemplate($templateid, 'PLUGIN_QUICKMENU_HEAD', postVar('PLUGIN_QUICKMENU_HEAD'));
\r
3403 self::addToTemplate($templateid, 'PLUGIN_QUICKMENU_BODY', postVar('PLUGIN_QUICKMENU_BODY'));
\r
3404 self::addToTemplate($templateid, 'PLUGIN_QUICKMENU_FOOT', postVar('PLUGIN_QUICKMENU_FOOT'));
\r
3406 $data = array('fields' => array());
\r
3407 $manager->notify('AdminTemplateExtraFields', $data);
\r
3408 foreach ( $data['fields'] as $pfkey => $pfvalue )
\r
3410 foreach ( $pfvalue as $pffield => $pfdesc )
\r
3412 self::addToTemplate($templateid, $pffield, postVar($pffield));
\r
3416 // jump back to template edit
\r
3417 self::action_admintemplateedit(_TEMPLATE_UPDATED);
\r
3422 * Admin::action_admintemplatedelete()
\r
3427 static private function action_admintemplatedelete()
\r
3429 global $member, $manager;
\r
3430 $member->isAdmin() or self::disallow();
\r
3432 // TODO: check if template can be deleted
\r
3433 self::$skin->parse('admintemplatedelete');
\r
3438 * Admin::action_admintemplatedeleteconfirm()
\r
3443 static private function action_admintemplatedeleteconfirm()
\r
3445 global $member, $manager;
\r
3447 $templateid = intRequestVar('templateid');
\r
3448 $member->isAdmin() or self::disallow();
\r
3450 $data = array('templateid' => $templateid);
\r
3451 $manager->notify('PreDeleteAdminTemplate', $data);
\r
3453 // 1. delete description
\r
3454 $query = "DELETE FROM %s WHERE tdnumber=%s;";
\r
3455 $query = sprintf($query, sql_table('template_desc'), (integer) $templateid);
\r
3456 DB::execute($query);
\r
3458 // 2. delete parts
\r
3459 $query = "DELETE FROM %s WHERE tdesc=%d;";
\r
3460 $query = sprintf($query, sql_table('template'), (integer) $templateid);
\r
3461 DB::execute($query);
\r
3463 $data = array('templateid' => $templateid);
\r
3464 $manager->notify('PostDeleteAdminTemplate', $data);
\r
3466 self::action_admintemplateoverview();
\r
3471 * Admin::action_admintemplatenew()
\r
3476 static private function action_admintemplatenew()
\r
3479 $member->isAdmin() or self::disallow();
\r
3480 $name = postVar('name');
\r
3481 $desc = postVar('desc');
\r
3483 if ( !isValidTemplateName($name) )
\r
3485 self::error(_ERROR_BADTEMPLATENAME);
\r
3488 else if ( !preg_match('#^admin/#', $name) )
\r
3490 self::error(_ERROR_BADADMINTEMPLATENAME);
\r
3493 else if ( Template::exists($name) )
\r
3495 self::error(_ERROR_DUPTEMPLATENAME);
\r
3499 $newTemplateId = Template::createNew($name, $desc);
\r
3500 self::action_admintemplateoverview();
\r
3505 * Admin::action_admintemplateclone()
\r
3510 static private function action_admintemplateclone()
\r
3513 $templateid = intRequestVar('templateid');
\r
3514 $member->isAdmin() or self::disallow();
\r
3516 // 1. read old template
\r
3517 $name = Template::getNameFromId($templateid);
\r
3518 $desc = Template::getDesc($templateid);
\r
3520 // 2. create desc thing
\r
3521 $name = $name . "cloned";
\r
3523 // if a template with that name already exists:
\r
3524 if ( Template::exists($name) )
\r
3527 while ( Template::exists($name . $i) )
\r
3534 $newid = Template::createNew($name, $desc);
\r
3536 // 3. create clone
\r
3537 // go through parts of old template and add them to the new one
\r
3538 $query = "SELECT tpartname, tcontent FROM %s WHERE tdesc=%d;";
\r
3539 $query = sprintf($query, sql_table('template'), (integer) $templateid);
\r
3541 $res = DB::getResult($query);
\r
3542 foreach ( $res as $row )
\r
3544 self::addToTemplate($newid, $row['tpartname'], $row['tcontent']);
\r
3547 self::action_admintemplateoverview();
\r
3552 * Admin::action_skinoverview()
\r
3557 static private function action_skinoverview()
\r
3559 global $member, $manager;
\r
3561 $member->isAdmin() or self::disallow();
\r
3563 self::$skin->parse('skinoverview');
\r
3568 * Admin::action_skinnew()
\r
3573 static private function action_skinnew()
\r
3577 $member->isAdmin() or self::disallow();
\r
3579 $name = trim(postVar('name'));
\r
3580 $desc = trim(postVar('desc'));
\r
3582 if ( !isValidSkinName($name) )
\r
3584 self::error(_ERROR_BADSKINNAME);
\r
3587 else if ( SKIN::exists($name) )
\r
3589 self::error(_ERROR_DUPSKINNAME);
\r
3593 SKIN::createNew($name, $desc);
\r
3595 self::action_skinoverview();
\r
3600 * Admin::action_skinedit()
\r
3605 static private function action_skinedit()
\r
3609 $member->isAdmin() or self::disallow();
\r
3611 self::$skin->parse('skinedit');
\r
3616 * Admin::action_skineditgeneral()
\r
3621 static private function action_skineditgeneral()
\r
3625 $skinid = intRequestVar('skinid');
\r
3627 $member->isAdmin() or self::disallow();
\r
3629 $error = self::skineditgeneral($skinid);
\r
3632 self::error($error);
\r
3636 self::action_skinedit();
\r
3640 static private function action_skinedittype($msg = '')
\r
3644 $member->isAdmin() or self::disallow();
\r
3648 self::$headMess = $msg;
\r
3651 $type = requestVar('type');
\r
3652 $type = trim($type);
\r
3653 $type = strtolower($type);
\r
3655 if ( !isValidShortName($type) )
\r
3657 self::error(_ERROR_SKIN_PARTS_SPECIAL_FORMAT);
\r
3661 self::$skin->parse('skinedittype');
\r
3666 * Admin::action_skinupdate()
\r
3671 static private function action_skinupdate()
\r
3673 global $manager, $member;
\r
3675 $skinid = intRequestVar('skinid');
\r
3676 $content = trim(postVar('content'));
\r
3677 $type = postVar('type');
\r
3679 $member->isAdmin() or self::disallow();
\r
3681 $skin =& $manager->getSKIN($skinid);
\r
3682 $skin->update($type, $content);
\r
3684 self::action_skinedittype(_SKIN_UPDATED);
\r
3689 * Admin::action_skindelete()
\r
3694 static private function action_skindelete()
\r
3696 global $CONF, $member;
\r
3698 $member->isAdmin() or self::disallow();
\r
3700 $skinid = intRequestVar('skinid');
\r
3702 // don't allow default skin to be deleted
\r
3703 if ( $skinid == $CONF['BaseSkin'] )
\r
3705 self::error(_ERROR_DEFAULTSKIN);
\r
3709 // don't allow deletion of default skins for blogs
\r
3710 $query = "SELECT bname FROM %s WHERE bdefskin=%d";
\r
3711 $query = sprintf($query, sql_table('blog'), (integer) $skinid);
\r
3713 $name = DB::getValue($query);
\r
3716 self::error(_ERROR_SKINDEFDELETE . Entity::hsc($name));
\r
3720 self::$skin->parse('skindelete');
\r
3725 * Admin::action_skindeleteconfirm()
\r
3730 static private function action_skindeleteconfirm()
\r
3732 global $member, $CONF;
\r
3734 $member->isAdmin() or self::disallow();
\r
3736 $skinid = intRequestVar('skinid');
\r
3738 // don't allow default skin to be deleted
\r
3739 if ( $skinid == $CONF['BaseSkin'] )
\r
3741 self::error(_ERROR_DEFAULTSKIN);
\r
3745 // don't allow deletion of default skins for blogs
\r
3746 $query = "SELECT bname FROM %s WHERE bdefskin=%d;";
\r
3747 $query = sprintf($query, sql_table('blog'), (integer) $skinid);
\r
3749 $name = DB::getValue($query);
\r
3752 self::error(_ERROR_SKINDEFDELETE . Entity::hsc($name));
\r
3756 self::skindeleteconfirm($skinid);
\r
3758 self::action_skinoverview();
\r
3763 * Admin::action_skinremovetype()
\r
3768 static private function action_skinremovetype()
\r
3770 global $member, $CONF;
\r
3772 $member->isAdmin() or self::disallow();
\r
3774 $skinid = intRequestVar('skinid');
\r
3775 $skintype = requestVar('type');
\r
3777 if ( !isValidShortName($skintype) )
\r
3779 self::error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
\r
3783 self::$skin->parse('skinremovetype');
\r
3788 * Admin::action_skinremovetypeconfirm()
\r
3793 static private function action_skinremovetypeconfirm()
\r
3797 $member->isAdmin() or self::disallow();
\r
3799 $skinid = intRequestVar('skinid');
\r
3800 $skintype = requestVar('type');
\r
3802 $error = self::skinremovetypeconfirm($skinid, $skintype);
\r
3805 self::error($error);
\r
3809 self::action_skinedit();
\r
3814 * Admin::action_skinclone()
\r
3819 static private function action_skinclone()
\r
3823 $member->isAdmin() or self::disallow();
\r
3825 $skinid = intRequestVar('skinid');
\r
3827 self::skinclone($skinid);
\r
3829 self::action_skinoverview();
\r
3834 * Admin::action_adminskinoverview()
\r
3839 static private function action_adminskinoverview()
\r
3843 $member->isAdmin() or self::disallow();
\r
3845 self::$skin->parse('adminskinoverview');
\r
3850 * Admin::action_adminskinnew()
\r
3855 static private function action_adminskinnew()
\r
3859 $member->isAdmin() or self::disallow();
\r
3861 $name = trim(postVar('name'));
\r
3862 $desc = trim(postVar('desc'));
\r
3864 if ( !isValidSkinName($name) )
\r
3866 self::error(_ERROR_BADSKINNAME);
\r
3869 else if ( !preg_match('#^admin/#', $name) )
\r
3871 self::error(_ERROR_BADADMINSKINNAME);
\r
3874 else if ( Skin::exists($name) )
\r
3876 self::error(_ERROR_DUPSKINNAME);
\r
3880 Skin::createNew($name, $desc);
\r
3882 self::action_adminskinoverview();
\r
3887 * Admin::action_adminskinedit()
\r
3892 static private function action_adminskinedit()
\r
3896 $member->isAdmin() or self::disallow();
\r
3898 self::$skin->parse('adminskinedit');
\r
3904 * Admin::action_adminskineditgeneral()
\r
3909 static private function action_adminskineditgeneral()
\r
3913 $skinid = intRequestVar('skinid');
\r
3915 $member->isAdmin() or self::disallow();
\r
3917 $error = self::skineditgeneral($skinid, 'AdminActions');
\r
3920 self::error($error);
\r
3924 self::action_adminskinedit();
\r
3929 * Admin::action_adminskinedittype()
\r
3931 * @param string $msg message for pageheader
\r
3934 static private function action_adminskinedittype($msg = '')
\r
3938 $member->isAdmin() or self::disallow();
\r
3942 self::$headMess = $msg;
\r
3944 $type = requestVar('type');
\r
3945 $type = trim($type);
\r
3946 $type = strtolower($type);
\r
3948 if ( !isValidShortName($type) )
\r
3950 self::error(_ERROR_SKIN_PARTS_SPECIAL_FORMAT);
\r
3954 self::$skin->parse('adminskinedittype');
\r
3959 * Admin::action_adminskinupdate()
\r
3964 static private function action_adminskinupdate()
\r
3966 global $manager, $member;
\r
3968 $skinid = intRequestVar('skinid');
\r
3969 $content = trim(postVar('content'));
\r
3970 $type = postVar('type');
\r
3972 $member->isAdmin() or self::disallow();
\r
3974 $skin =& $manager->getSkin($skinid, 'AdminActions', 'AdminSkin');
\r
3975 $skin->update($type, $content);
\r
3977 self::action_adminskinedittype(_SKIN_UPDATED);
\r
3982 * Admin::action_adminskindelete()
\r
3987 static private function action_adminskindelete()
\r
3989 global $CONF, $member;
\r
3991 $member->isAdmin() or self::disallow();
\r
3993 $skinid = intRequestVar('skinid');
\r
3995 // don't allow default skin to be deleted
\r
3996 if ( $skinid == $CONF['AdminSkin'] || $skinid == $CONF['BookmarkletSkin'] )
\r
3998 self::error(_ERROR_DEFAULTSKIN);
\r
4002 /* don't allow if someone use it as a default*/
\r
4003 $query = 'SELECT * FROM %s WHERE madminskin = %d or mbkmklt = %d;';
\r
4004 $res = DB::getResult(sprintf($query, sql_table('member'), $skinid, $skinid));
\r
4006 $members = array();
\r
4007 while ( $row = $res->fetch() ) {
\r
4008 $members[] = $row['mrealname'];
\r
4010 if ( count($members) )
\r
4012 self::error(_ERROR_SKINDEFDELETE . implode(' ' . _AND . ' ', $members));
\r
4016 self::$skin->parse('adminskindelete');
\r
4021 * Admin::action_adminskindeleteconfirm()
\r
4026 static private function action_adminskindeleteconfirm()
\r
4028 global $member, $CONF;
\r
4030 $member->isAdmin() or self::disallow();
\r
4032 $skinid = intRequestVar('skinid');
\r
4034 // don't allow default skin to be deleted
\r
4035 if ( $skinid == $CONF['AdminSkin'] || $skinid == $CONF['BookmarkletSkin'] )
\r
4037 self::error(_ERROR_DEFAULTSKIN);
\r
4041 /* don't allow if someone use it as a default*/
\r
4042 $query = 'SELECT * FROM %s WHERE madminskin = %d or mbkmklt = %d;';
\r
4043 $res = DB::getResult(sprintf($query, sql_table('member'), $skinid, $skinid));
\r
4045 $members = array();
\r
4046 while ( $row = $res->fetch() ) {
\r
4047 $members[] = $row['mrealname'];
\r
4049 if ( count($members) )
\r
4051 self::error(_ERROR_SKINDEFDELETE . implode(' ' . _AND . ' ', $members));
\r
4055 self::skindeleteconfirm($skinid);
\r
4057 self::action_adminskinoverview();
\r
4062 * Admin::action_adminskinremovetype()
\r
4067 static private function action_adminskinremovetype()
\r
4069 global $member, $CONF;
\r
4071 $member->isAdmin() or self::disallow();
\r
4073 $skinid = intRequestVar('skinid');
\r
4074 $skintype = requestVar('type');
\r
4076 if ( !isValidShortName($skintype) )
\r
4078 self::error(_ERROR_SKIN_PARTS_SPECIAL_DELETE);
\r
4082 self::$skin->parse('adminskinremovetype');
\r
4087 * Admin::action_adminskinremovetypeconfirm()
\r
4092 static private function action_adminskinremovetypeconfirm()
\r
4096 $member->isAdmin() or self::disallow();
\r
4098 $skinid = intRequestVar('skinid');
\r
4099 $skintype = requestVar('type');
\r
4101 $error = self::skinremovetypeconfirm($skinid, $skintype);
\r
4104 self::error($error);
\r
4108 self::action_adminskinedit();
\r
4113 * Admin::action_adminskinclone()
\r
4118 static private function action_adminskinclone()
\r
4122 $member->isAdmin() or self::disallow();
\r
4124 $skinid = intRequestVar('skinid');
\r
4126 self::skinclone($skinid, 'AdminActions');
\r
4128 self::action_adminskinoverview();
\r
4133 * Admin::action_adminskinieoverview()
\r
4138 static private function action_adminskinieoverview()
\r
4142 $member->isAdmin() or self::disallow();
\r
4144 self::$skin->parse('adminskinieoverview');
\r
4149 * Admin::action_adminskinieimport()
\r
4154 static private function action_adminskinieimport()
\r
4158 $member->isAdmin() or self::disallow();
\r
4160 $skinFileRaw = postVar('skinfile');
\r
4161 $mode = postVar('mode');
\r
4163 $error = self::skinieimport($mode, $skinFileRaw);
\r
4166 self::error($error);
\r
4170 if ( !is_object(self::$skin) )
\r
4172 self::action_adminskiniedoimport();
\r
4176 self::$skin->parse('adminskinieimport');
\r
4182 * Admin::action_adminskiniedoimport()
\r
4187 static private function action_adminskiniedoimport()
\r
4189 global $DIR_SKINS, $member;
\r
4191 $member->isAdmin() or self::disallow();
\r
4193 $mode = postVar('mode');
\r
4194 $skinFileRaw = postVar('skinfile');
\r
4195 $allowOverwrite = intPostVar('overwrite');
\r
4197 $error = self::skiniedoimport($mode, $skinFileRaw, $allowOverwrite);
\r
4200 self::error($error);
\r
4204 if ( !is_object(self::$skin) )
\r
4206 global $DIR_SKINS;
\r
4207 $query = "SELECT min(sdnumber) FROM %s WHERE sdname != 'admin/bookmarklet' AND sdname LIKE 'admin/%%'";
\r
4208 $query = sprintf($query, sql_table('skin_desc'));
\r
4209 $res = intval(DB::getValue($query));
\r
4210 $query = "UPDATE %s SET value = %d WHERE name = 'AdminSkin'";
\r
4211 $query = sprintf($query, sql_table('config'), $res);
\r
4212 DB::execute($query);
\r
4213 $skin = new Skin(0, 'AdminActions', 'AdminSkin');
\r
4214 $skin->parse('importAdmin', $DIR_SKINS . 'admin/defaultimporter.skn');
\r
4218 self::$skin->parse('adminskiniedoimport');
\r
4224 * Admin::action_adminskinieexport()
\r
4229 static private function action_adminskinieexport()
\r
4233 $member->isAdmin() or self::disallow();
\r
4235 // load skinie class
\r
4236 $aSkins = requestIntArray('skin');
\r
4237 $aTemplates = requestIntArray('template');
\r
4238 $info = postVar('info');
\r
4240 self::skinieexport($aSkins, $aTemplates, $info);
\r
4246 * Admin::action_settingsedit()
\r
4251 static private function action_settingsedit()
\r
4253 global $member, $manager, $CONF, $DIR_NUCLEUS, $DIR_MEDIA;
\r
4255 $member->isAdmin() or self::disallow();
\r
4257 self::$skin->parse('settingsedit');
\r
4262 * Admin::action_settingsupdate()
\r
4263 * Update $CONFIG and redirect
\r
4268 static private function action_settingsupdate()
\r
4270 global $member, $CONF;
\r
4272 $member->isAdmin() or self::disallow();
\r
4274 // check if email address for admin is valid
\r
4275 if ( !NOTIFICATION::address_validation(postVar('AdminEmail')) )
\r
4277 self::error(_ERROR_BADMAILADDRESS);
\r
4282 self::updateConfig('DefaultBlog', postVar('DefaultBlog'));
\r
4283 self::updateConfig('BaseSkin', postVar('BaseSkin'));
\r
4284 self::updateConfig('IndexURL', postVar('IndexURL'));
\r
4285 self::updateConfig('AdminURL', postVar('AdminURL'));
\r
4286 self::updateConfig('PluginURL', postVar('PluginURL'));
\r
4287 self::updateConfig('SkinsURL', postVar('SkinsURL'));
\r
4288 self::updateConfig('ActionURL', postVar('ActionURL'));
\r
4289 self::updateConfig('Locale', postVar('Locale'));
\r
4290 self::updateConfig('AdminEmail', postVar('AdminEmail'));
\r
4291 self::updateConfig('SessionCookie', postVar('SessionCookie'));
\r
4292 self::updateConfig('AllowMemberCreate', postVar('AllowMemberCreate'));
\r
4293 self::updateConfig('AllowMemberMail', postVar('AllowMemberMail'));
\r
4294 self::updateConfig('NonmemberMail', postVar('NonmemberMail'));
\r
4295 self::updateConfig('ProtectMemNames', postVar('ProtectMemNames'));
\r
4296 self::updateConfig('SiteName', postVar('SiteName'));
\r
4297 self::updateConfig('NewMemberCanLogon', postVar('NewMemberCanLogon'));
\r
4298 self::updateConfig('DisableSite', postVar('DisableSite'));
\r
4299 self::updateConfig('DisableSiteURL', postVar('DisableSiteURL'));
\r
4300 self::updateConfig('LastVisit', postVar('LastVisit'));
\r
4301 self::updateConfig('MediaURL', postVar('MediaURL'));
\r
4302 self::updateConfig('AllowedTypes', postVar('AllowedTypes'));
\r
4303 self::updateConfig('AllowUpload', postVar('AllowUpload'));
\r
4304 self::updateConfig('MaxUploadSize', postVar('MaxUploadSize'));
\r
4305 self::updateConfig('MediaPrefix', postVar('MediaPrefix'));
\r
4306 self::updateConfig('AllowLoginEdit', postVar('AllowLoginEdit'));
\r
4307 self::updateConfig('DisableJsTools', postVar('DisableJsTools'));
\r
4308 self::updateConfig('CookieDomain', postVar('CookieDomain'));
\r
4309 self::updateConfig('CookiePath', postVar('CookiePath'));
\r
4310 self::updateConfig('CookieSecure', postVar('CookieSecure'));
\r
4311 self::updateConfig('URLMode', postVar('URLMode'));
\r
4312 self::updateConfig('CookiePrefix', postVar('CookiePrefix'));
\r
4313 self::updateConfig('DebugVars', postVar('DebugVars'));
\r
4314 self::updateConfig('DefaultListSize', postVar('DefaultListSize'));
\r
4315 self::updateConfig('AdminCSS', postVar('AdminCSS'));
\r
4316 self::updateConfig('AdminSkin', postVar('adminskin'));
\r
4317 self::updateConfig('BookmarkletSkin', postVar('bookmarklet'));
\r
4319 // load new config and redirect (this way, the new locale will be used is necessary)
\r
4320 // note that when changing cookie settings, this redirect might cause the user
\r
4321 // to have to log in again.
\r
4323 redirect($CONF['AdminURL'] . '?action=manage');
\r
4328 * Admin::action_systemoverview()
\r
4329 * Output system overview
\r
4334 static private function action_systemoverview()
\r
4336 self::$skin->parse('systemoverview');
\r
4341 * Admin::updateConfig()
\r
4343 * @param string $name
\r
4344 * @param string $val
\r
4345 * @return integer return the ID in which the latest query posted
\r
4347 static private function updateConfig($name, $val)
\r
4349 $query = "UPDATE %s SET value=%s WHERE name=%s";
\r
4350 $query = sprintf($query, sql_table('config'), DB::quoteValue($val), DB::quoteValue($name));
\r
4351 if ( DB::execute($query) === FALSE )
\r
4353 $err = DB::getError();
\r
4354 die(_ADMIN_SQLDIE_QUERYERROR . $err[2]);
\r
4356 return DB::getInsertId();
\r
4363 * @param string $msg message that will be shown
\r
4366 static public function error($msg)
\r
4368 self::$headMess = $msg;
\r
4369 self::$skin->parse('adminerrorpage');
\r
4374 * Admin::disallow()
\r
4375 * add error log and show error page
\r
4380 static public function disallow()
\r
4382 ActionLog::add(WARNING, _ACTIONLOG_DISALLOWED . serverVar('REQUEST_URI'));
\r
4383 self::error(_ERROR_DISALLOWED);
\r
4388 * Admin::action_PluginAdmin()
\r
4389 * Output pluginadmin
\r
4391 * @param string $skinContents
\r
4392 * @param string $extrahead
\r
4395 static public function action_PluginAdmin($skinContents, $extrahead = '')
\r
4397 self::$extrahead .= $extrahead;
\r
4398 self::$skin->parse('pluginadmin', $skinContents);
\r
4403 * Admin::action_bookmarklet()
\r
4408 static private function action_bookmarklet()
\r
4410 global $member, $manager;
\r
4412 $blogid = intRequestVar('blogid');
\r
4413 $member->teamRights($blogid) or self::disallow();
\r
4415 self::$skin->parse('bookmarklet');
\r
4420 * Admin::action_actionlog()
\r
4425 static private function action_actionlog()
\r
4427 global $member, $manager;
\r
4429 $member->isAdmin() or self::disallow();
\r
4431 self::$skin->parse('actionlog');
\r
4436 * Admin::action_banlist()
\r
4441 static private function action_banlist()
\r
4443 global $member, $manager;
\r
4445 $blogid = intRequestVar('blogid');
\r
4446 $member->blogAdminRights($blogid) or self::disallow();
\r
4448 self::$skin->parse('banlist');
\r
4453 * Admin::action_banlistdelete()
\r
4458 static private function action_banlistdelete()
\r
4460 global $member, $manager;
\r
4462 $blogid = intRequestVar('blogid');
\r
4463 $member->blogAdminRights($blogid) or self::disallow();
\r
4465 self::$skin->parse('banlistdelete');
\r
4470 * Admin::action_banlistdeleteconfirm()
\r
4475 static private function action_banlistdeleteconfirm()
\r
4477 global $member, $manager;
\r
4479 $blogid = intPostVar('blogid');
\r
4480 $allblogs = postVar('allblogs');
\r
4481 $iprange = postVar('iprange');
\r
4483 $member->blogAdminRights($blogid) or self::disallow();
\r
4485 $deleted = array();
\r
4489 if ( Ban::removeBan($blogid, $iprange) )
\r
4491 $deleted[] = $blogid;
\r
4496 // get blogs fot which member has admin rights
\r
4497 $adminblogs = $member->getAdminBlogs();
\r
4498 foreach ($adminblogs as $blogje)
\r
4500 if ( Ban::removeBan($blogje, $iprange) )
\r
4502 $deleted[] = $blogje;
\r
4507 if ( sizeof($deleted) == 0 )
\r
4509 self::error(_ERROR_DELETEBAN);
\r
4513 /* TODO: we should use other ways */
\r
4514 $_REQUEST['delblogs'] = $deleted;
\r
4516 self::$skin->parse('banlistdeleteconfirm');
\r
4521 * Admin::action_banlistnewfromitem()
\r
4526 static private function action_banlistnewfromitem()
\r
4530 $itemid = intRequestVar('itemid');
\r
4531 $item =& $manager->getItem($itemid, 1, 1);
\r
4532 self::action_banlistnew($item['blogid']);
\r
4537 * Admin::action_banlistnew()
\r
4539 * @param integer $blogid ID for weblog
\r
4542 static private function action_banlistnew($blogid = '')
\r
4544 global $member, $manager;
\r
4546 if ( $blogid == '' )
\r
4548 $blogid = intRequestVar('blogid');
\r
4551 $ip = requestVar('ip');
\r
4553 $member->blogAdminRights($blogid) or self::disallow();
\r
4555 /* TODO: we should consider to use the other way instead of this */
\r
4556 $_REQUEST['blogid'] = $blogid;
\r
4558 self::$skin->parse('banlistnew');
\r
4564 * Admin::action_banlistadd()
\r
4569 static private function action_banlistadd()
\r
4573 $blogid = intPostVar('blogid');
\r
4574 $allblogs = postVar('allblogs');
\r
4575 $iprange = postVar('iprange');
\r
4577 if ( $iprange == "custom" )
\r
4579 $iprange = postVar('customiprange');
\r
4581 $reason = postVar('reason');
\r
4583 $member->blogAdminRights($blogid) or self::disallow();
\r
4585 // TODO: check IP range validity
\r
4589 if ( !Ban::addBan($blogid, $iprange, $reason) )
\r
4591 self::error(_ERROR_ADDBAN);
\r
4597 // get blogs fot which member has admin rights
\r
4598 $adminblogs = $member->getAdminBlogs();
\r
4600 foreach ($adminblogs as $blogje)
\r
4602 if ( !Ban::addBan($blogje, $iprange, $reason) )
\r
4609 self::error(_ERROR_ADDBAN);
\r
4613 self::action_banlist();
\r
4618 * Admin::action_clearactionlog()
\r
4623 static private function action_clearactionlog()
\r
4627 $member->isAdmin() or self::disallow();
\r
4629 ActionLog::clear();
\r
4631 self::action_manage(_MSG_ACTIONLOGCLEARED);
\r
4636 * Admin::action_backupoverview()
\r
4641 static private function action_backupoverview()
\r
4643 global $member, $manager;
\r
4645 $member->isAdmin() or self::disallow();
\r
4647 self::$skin->parse('backupoverview');
\r
4652 * Admin::action_backupcreate()
\r
4653 * create file for backup
\r
4659 static private function action_backupcreate()
\r
4661 global $member, $DIR_LIBS;
\r
4663 $member->isAdmin() or self::disallow();
\r
4665 // use compression ?
\r
4666 $useGzip = (integer) postVar('gzip');
\r
4668 include($DIR_LIBS . 'backup.php');
\r
4670 // try to extend time limit
\r
4671 // (creating/restoring dumps might take a while)
\r
4672 @set_time_limit(1200);
\r
4674 Backup::do_backup($useGzip);
\r
4679 * Admin::action_backuprestore()
\r
4680 * restoring from uploaded file
\r
4685 static private function action_backuprestore()
\r
4687 global $member, $DIR_LIBS;
\r
4689 $member->isAdmin() or self::disallow();
\r
4691 if ( intPostVar('letsgo') != 1 )
\r
4693 self::error(_ERROR_BACKUP_NOTSURE);
\r
4697 include($DIR_LIBS . 'backup.php');
\r
4699 // try to extend time limit
\r
4700 // (creating/restoring dumps might take a while)
\r
4701 @set_time_limit(1200);
\r
4703 $message = Backup::do_restore();
\r
4704 if ( $message != '' )
\r
4706 self::error($message);
\r
4709 self::$skin->parse('backuprestore');
\r
4714 * Admin::action_pluginlist()
\r
4715 * output the list of installed plugins
\r
4721 static private function action_pluginlist()
\r
4723 global $DIR_PLUGINS, $member, $manager;
\r
4725 // check if allowed
\r
4726 $member->isAdmin() or self::disallow();
\r
4728 self::$skin->parse('pluginlist');
\r
4733 * Admin::action_pluginhelp()
\r
4738 static private function action_pluginhelp()
\r
4740 global $member, $manager, $DIR_PLUGINS, $CONF;
\r
4742 // check if allowed
\r
4743 $member->isAdmin() or self::disallow();
\r
4745 $plugid = intGetVar('plugid');
\r
4747 if ( !$manager->pidInstalled($plugid) )
\r
4749 self::error(_ERROR_NOSUCHPLUGIN);
\r
4753 self::$skin->parse('pluginhelp');
\r
4758 * Admin::action_pluginadd()
\r
4764 static private function action_pluginadd()
\r
4766 global $member, $manager, $DIR_PLUGINS;
\r
4768 // check if allowed
\r
4769 $member->isAdmin() or self::disallow();
\r
4771 $name = postVar('filename');
\r
4773 if ( $manager->pluginInstalled($name) )
\r
4775 self::error(_ERROR_DUPPLUGIN);
\r
4779 if ( !checkPlugin($name) )
\r
4781 self::error(_ERROR_PLUGFILEERROR . ' (' . Entity::hsc($name) . ')');
\r
4785 // get number of currently installed plugins
\r
4786 $res = DB::getResult('SELECT * FROM ' . sql_table('plugin'));
\r
4787 $numCurrent = $res->rowCount();
\r
4789 // plugin will be added as last one in the list
\r
4790 $newOrder = $numCurrent + 1;
\r
4792 $data = array('file' => &$name);
\r
4793 $manager->notify('PreAddPlugin', $data);
\r
4795 // do this before calling getPlugin (in case the plugin id is used there)
\r
4796 $query = "INSERT INTO %s (porder, pfile) VALUES (%d, %s);";
\r
4797 $query = sprintf($query, sql_table('plugin'), (integer) $newOrder, DB::quoteValue($name));
\r
4798 DB::execute($query);
\r
4799 $iPid = DB::getInsertId();
\r
4801 $manager->clearCachedInfo('installedPlugins');
\r
4803 // Load the plugin for condition checking and instalation
\r
4804 $plugin =& $manager->getPlugin($name);
\r
4806 // check if it got loaded (could have failed)
\r
4809 $query = "DELETE FROM %s WHERE pid=%d;";
\r
4810 $query = sprintf($query, sql_table('plugin'), (integer) $iPid);
\r
4812 DB::execute($query);
\r
4814 $manager->clearCachedInfo('installedPlugins');
\r
4815 self::error(_ERROR_PLUGIN_LOAD);
\r
4819 // check if plugin needs a newer Nucleus version
\r
4820 if ( getNucleusVersion() < $plugin->getMinNucleusVersion() )
\r
4822 // uninstall plugin again...
\r
4823 self::deleteOnePlugin($plugin->getID());
\r
4825 // ...and show error
\r
4826 self::error(_ERROR_NUCLEUSVERSIONREQ . Entity::hsc($plugin->getMinNucleusVersion()));
\r
4830 // check if plugin needs a newer Nucleus version
\r
4831 if ( (getNucleusVersion() == $plugin->getMinNucleusVersion()) && (getNucleusPatchLevel() < $plugin->getMinNucleusPatchLevel()) )
\r
4833 // uninstall plugin again...
\r
4834 self::deleteOnePlugin($plugin->getID());
\r
4836 // ...and show error
\r
4837 self::error(_ERROR_NUCLEUSVERSIONREQ . Entity::hsc( $plugin->getMinNucleusVersion() . ' patch ' . $plugin->getMinNucleusPatchLevel() ) );
\r
4841 $pluginList = $plugin->getPluginDep();
\r
4842 foreach ( $pluginList as $pluginName )
\r
4844 $res = DB::getResult('SELECT * FROM '.sql_table('plugin') . ' WHERE pfile=' . DB::quoteValue($pluginName));
\r
4845 if ($res->rowCount() == 0)
\r
4847 // uninstall plugin again...
\r
4848 self::deleteOnePlugin($plugin->getID());
\r
4849 self::error(sprintf(_ERROR_INSREQPLUGIN, Entity::hsc($pluginName)));
\r
4854 // call the install method of the plugin
\r
4855 $plugin->install();
\r
4857 $data = array('plugin' => &$plugin);
\r
4858 $manager->notify('PostAddPlugin', $data);
\r
4860 // update all events
\r
4861 self::action_pluginupdate();
\r
4866 * ADMIN:action_pluginupdate():
\r
4872 static private function action_pluginupdate()
\r
4874 global $member, $manager, $CONF;
\r
4876 // check if allowed
\r
4877 $member->isAdmin() or self::disallow();
\r
4879 // delete everything from plugin_events
\r
4880 DB::execute('DELETE FROM '.sql_table('plugin_event'));
\r
4882 // loop over all installed plugins
\r
4883 $res = DB::getResult('SELECT pid, pfile FROM '.sql_table('plugin'));
\r
4884 foreach ( $res as $row )
\r
4886 $pid = $row['pid'];
\r
4887 $plug =& $manager->getPlugin($row['pfile']);
\r
4890 $eventList = $plug->getEventList();
\r
4891 foreach ( $eventList as $eventName )
\r
4893 $query = "INSERT INTO %s (pid, event) VALUES (%d, %s)";
\r
4894 $query = sprintf($query, sql_table('plugin_event'), (integer) $pid, DB::quoteValue($eventName));
\r
4895 DB::execute($query);
\r
4899 redirect($CONF['AdminURL'] . '?action=pluginlist');
\r
4904 * Admin::action_plugindelete()
\r
4909 static private function action_plugindelete()
\r
4911 global $member, $manager;
\r
4913 // check if allowed
\r
4914 $member->isAdmin() or self::disallow();
\r
4916 $pid = intGetVar('plugid');
\r
4918 if ( !$manager->pidInstalled($pid) )
\r
4920 self::error(_ERROR_NOSUCHPLUGIN);
\r
4924 self::$skin->parse('plugindelete');
\r
4929 * Admin::action_plugindeleteconfirm()
\r
4934 static private function action_plugindeleteconfirm()
\r
4936 global $member, $manager, $CONF;
\r
4938 // check if allowed
\r
4939 $member->isAdmin() or self::disallow();
\r
4941 $pid = intPostVar('plugid');
\r
4943 $error = self::deleteOnePlugin($pid, 1);
\r
4946 self::error($error);
\r
4950 redirect($CONF['AdminURL'] . '?action=pluginlist');
\r
4955 * Admin::deleteOnePlugin()
\r
4957 * @param integer $pid
\r
4958 * @param boolean $callUninstall
\r
4959 * @return string empty or message if failed
\r
4961 static public function deleteOnePlugin($pid, $callUninstall = 0)
\r
4965 $pid = intval($pid);
\r
4967 if ( !$manager->pidInstalled($pid) )
\r
4969 return _ERROR_NOSUCHPLUGIN;
\r
4972 $query = "SELECT pfile as result FROM %s WHERE pid=%d;";
\r
4973 $query = sprintf($query, sql_table('plugin'), (integer) $pid);
\r
4974 $name = DB::getValue($query);
\r
4976 // check dependency before delete
\r
4977 $res = DB::getResult('SELECT pfile FROM ' . sql_table('plugin'));
\r
4978 foreach ( $res as $row )
\r
4980 $plug =& $manager->getPlugin($row['pfile']);
\r
4983 $depList = $plug->getPluginDep();
\r
4984 foreach ( $depList as $depName )
\r
4986 if ( $name == $depName )
\r
4988 return sprintf(_ERROR_DELREQPLUGIN, $row['pfile']);
\r
4994 $data = array('plugid' => $pid);
\r
4995 $manager->notify('PreDeletePlugin', $data);
\r
4997 // call the unInstall method of the plugin
\r
4998 if ( $callUninstall )
\r
5000 $plugin =& $manager->getPlugin($name);
\r
5003 $plugin->unInstall();
\r
5007 // delete all subscriptions
\r
5008 DB::execute('DELETE FROM ' . sql_table('plugin_event') . ' WHERE pid=' . $pid);
\r
5010 // delete all options
\r
5011 // get OIDs from plugin_option_desc
\r
5012 $res = DB::getResult('SELECT oid FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . $pid);
\r
5014 foreach ( $res as $row )
\r
5016 array_push($aOIDs, $row['oid']);
\r
5019 // delete from plugin_option and plugin_option_desc
\r
5020 DB::execute('DELETE FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . $pid);
\r
5021 if (count($aOIDs) > 0)
\r
5023 DB::execute('DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid in (' . implode(',', $aOIDs) . ')');
\r
5026 // update order numbers
\r
5027 $res = DB::getValue('SELECT porder FROM ' . sql_table('plugin') . ' WHERE pid=' . $pid);
\r
5028 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=(porder - 1) WHERE porder>' . $res);
\r
5031 DB::execute('DELETE FROM ' . sql_table('plugin') . ' WHERE pid=' . $pid);
\r
5033 $manager->clearCachedInfo('installedPlugins');
\r
5034 $data = array('plugid' => $pid);
\r
5035 $manager->notify('PostDeletePlugin', $data);
\r
5041 * Admin::action_pluginup()
\r
5046 static private function action_pluginup()
\r
5048 global $member, $manager, $CONF;
\r
5050 // check if allowed
\r
5051 $member->isAdmin() or self::disallow();
\r
5053 $plugid = intGetVar('plugid');
\r
5055 if ( !$manager->pidInstalled($plugid) )
\r
5057 self::error(_ERROR_NOSUCHPLUGIN);
\r
5061 // 1. get old order number
\r
5062 $oldOrder = DB::getValue('SELECT porder FROM ' . sql_table('plugin') . ' WHERE pid=' . $plugid);
\r
5064 // 2. calculate new order number
\r
5065 $newOrder = ($oldOrder > 1) ? ($oldOrder - 1) : 1;
\r
5067 // 3. update plug numbers
\r
5068 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=' . $oldOrder . ' WHERE porder=' . $newOrder);
\r
5069 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=' . $newOrder . ' WHERE pid=' . $plugid);
\r
5071 //self::action_pluginlist();
\r
5072 // To avoid showing ticket in the URL, redirect to pluginlist, instead.
\r
5073 redirect($CONF['AdminURL'] . '?action=pluginlist');
\r
5078 * Admin::action_plugindown()
\r
5083 static private function action_plugindown()
\r
5085 global $member, $manager, $CONF;
\r
5087 // check if allowed
\r
5088 $member->isAdmin() or self::disallow();
\r
5090 $plugid = intGetVar('plugid');
\r
5091 if ( !$manager->pidInstalled($plugid) )
\r
5093 self::error(_ERROR_NOSUCHPLUGIN);
\r
5097 // 1. get old order number
\r
5098 $oldOrder = DB::getValue('SELECT porder FROM ' . sql_table('plugin') . ' WHERE pid=' . $plugid);
\r
5100 $res = DB::getResult('SELECT * FROM ' . sql_table('plugin'));
\r
5101 $maxOrder = $res->rowCount();
\r
5103 // 2. calculate new order number
\r
5104 $newOrder = ($oldOrder < $maxOrder) ? ($oldOrder + 1) : $maxOrder;
\r
5106 // 3. update plug numbers
\r
5107 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=' . $oldOrder . ' WHERE porder=' . $newOrder);
\r
5108 DB::execute('UPDATE ' . sql_table('plugin') . ' SET porder=' . $newOrder . ' WHERE pid=' . $plugid);
\r
5110 //self::action_pluginlist();
\r
5111 // To avoid showing ticket in the URL, redirect to pluginlist, instead.
\r
5112 redirect($CONF['AdminURL'] . '?action=pluginlist');
\r
5117 * Admin::action_pluginoptions()
\r
5119 * Output Plugin option page
\r
5122 * @param string $message message when fallbacked
\r
5126 static private function action_pluginoptions($message = '')
\r
5128 global $member, $manager;
\r
5130 // check if allowed
\r
5131 $member->isAdmin() or self::disallow();
\r
5133 $pid = intRequestVar('plugid');
\r
5134 if ( !$manager->pidInstalled($pid) )
\r
5136 self::error(_ERROR_NOSUCHPLUGIN);
\r
5140 if ( isset($message) )
\r
5142 self::$headMess = $message;
\r
5144 $plugname = $manager->getPluginNameFromPid($pid);
\r
5145 $plugin = $manager->getPlugin($plugname);
\r
5146 self::$extrahead .= "<script type=\"text/javascript\" src=\"<%skinfile(/javascripts/numbercheck.js)%>\"></script>\n";
\r
5148 self::$skin->parse('pluginoptions');
\r
5153 * Admin::action_pluginoptionsupdate()
\r
5155 * Update plugin options and fallback to plugin option page
\r
5161 static private function action_pluginoptionsupdate()
\r
5163 global $member, $manager;
\r
5165 // check if allowed
\r
5166 $member->isAdmin() or self::disallow();
\r
5168 $pid = intRequestVar('plugid');
\r
5170 if ( !$manager->pidInstalled($pid) )
\r
5172 self::error(_ERROR_NOSUCHPLUGIN);
\r
5176 $aOptions = requestArray('plugoption');
\r
5177 NucleusPlugin::apply_plugin_options($aOptions);
\r
5180 'context' => 'global',
\r
5183 $manager->notify('PostPluginOptionsUpdate', $data);
\r
5185 self::action_pluginoptions(_PLUGS_OPTIONS_UPDATED);
\r
5190 * Admin::skineditgeneral()
\r
5192 * @param integer $skinid
\r
5193 * @param string $handler
\r
5194 * @return string empty or message if failed
\r
5196 static private function skineditgeneral($skinid, $handler='')
\r
5200 $name = postVar('name');
\r
5201 $desc = postVar('desc');
\r
5202 $type = postVar('type');
\r
5203 $inc_mode = postVar('inc_mode');
\r
5204 $inc_prefix = postVar('inc_prefix');
\r
5206 $skin =& $manager->getSkin($skinid, $handler);
\r
5209 if ( !isValidSkinName($name) )
\r
5211 return _ERROR_BADSKINNAME;
\r
5214 if ( ($skin->getName() != $name) && SKIN::exists($name) )
\r
5216 return _ERROR_DUPSKINNAME;
\r
5221 $type = 'text/html';
\r
5226 $inc_mode = 'normal';
\r
5229 // 2. Update description
\r
5230 $skin->updateGeneralInfo($name, $desc, $type, $inc_mode, $inc_prefix);
\r
5235 * Admin::skindeleteconfirm()
\r
5237 * @param integer $skinid
\r
5240 static private function skindeleteconfirm($skinid)
\r
5244 if ( !in_array(self::$action, self::$adminskin_actions) )
\r
5246 $event_identifier = 'Skin';
\r
5250 $event_identifier = 'AdminSkin';
\r
5253 $manager->notify("PreDelete{$event_identifier}", array('skinid' => $skinid));
\r
5255 // 1. delete description
\r
5256 $query = "DELETE FROM %s WHERE sdnumber=%d;";
\r
5257 $query = sprintf($query, sql_table('skin_desc'), (integer) $skinid);
\r
5258 DB::execute($query);
\r
5260 // 2. delete parts
\r
5261 $query = "DELETE FROM %s WHERE sdesc=%d;";
\r
5262 $query = sprintf($query, sql_table('skin'), (integer) $skinid);
\r
5263 DB::execute($query);
\r
5265 $manager->notify("PostDelete{$event_identifier}", array('skinid' => $skinid));
\r
5271 * Admin::skinremovetypeconfirm()
\r
5273 * @param integer $skinid
\r
5274 * @param string $skintype
\r
5275 * @return string empty or message if failed
\r
5277 static private function skinremovetypeconfirm($skinid, $skintype)
\r
5281 if ( !in_array(self::$action, self::$adminskin_actions) )
\r
5283 $event_identifier = 'Skin';
\r
5287 $event_identifier = 'AdminSkin';
\r
5290 if ( !isValidShortName($skintype) )
\r
5292 return _ERROR_SKIN_PARTS_SPECIAL_DELETE;
\r
5296 'skinid' => $skinid,
\r
5297 'skintype' => $skintype
\r
5299 $manager->notify("PreDelete{$event_identifier}Part", $data);
\r
5302 $query = 'DELETE FROM %s WHERE sdesc = %d AND stype = %s;';
\r
5303 $query = sprintf($query, sql_table('skin'), (integer) $skinid, DB::quoteValue($skintype) );
\r
5304 DB::execute($query);
\r
5307 'skinid' => $skinid,
\r
5308 'skintype' => $skintype
\r
5310 $manager->notify("PostDelete{$event_identifier}Part", $data);
\r
5316 * Admin::skinclone()
\r
5318 * @param integer $skinid
\r
5319 * @param string $handler
\r
5322 static private function skinclone($skinid, $handler='')
\r
5326 // 1. read skin to clone
\r
5327 $skin =& $manager->getSkin($skinid, $handler);
\r
5328 $name = "{$skin->getName()}_clone";
\r
5330 // if a skin with that name already exists:
\r
5331 if ( Skin::exists($name) )
\r
5334 while ( Skin::exists($name . $i) )
\r
5341 // 2. create skin desc
\r
5342 $newid = Skin::createNew(
\r
5344 $skin->getDescription(),
\r
5345 $skin->getContentType(),
\r
5346 $skin->getIncludeMode(),
\r
5347 $skin->getIncludePrefix()
\r
5351 $query = "SELECT stype FROM %s WHERE sdesc=%d;";
\r
5352 $query = sprintf($query, sql_table('skin'), (integer) $skinid);
\r
5354 $res = DB::getResult($query);
\r
5355 foreach ( $res as $row )
\r
5357 $content = $skin->getContentFromDB($row['stype']);
\r
5360 $query = "INSERT INTO %s (sdesc, scontent, stype) VALUES (%d, %s, %s)";
\r
5361 $query = sprintf($query, sql_table('skin'), (integer) $newid, DB::quoteValue($content), DB::quoteValue($row['stype']));
\r
5362 DB::execute($query);
\r
5369 * Admin::skinieimport()
\r
5371 * @param string $mode
\r
5372 * @param string $skinFileRaw
\r
5373 * @return string empty or message if failed
\r
5375 static private function skinieimport($mode, $skinFileRaw)
\r
5377 global $DIR_LIBS, $DIR_SKINS;
\r
5379 // load skinie class
\r
5380 include_once($DIR_LIBS . 'skinie.php');
\r
5382 $importer = new SkinImport();
\r
5384 // get full filename
\r
5385 if ( $mode == 'file' )
\r
5387 $skinFile = $DIR_SKINS . $skinFileRaw . '/skinbackup.xml';
\r
5391 $skinFile = $skinFileRaw;
\r
5394 // read only metadata
\r
5395 $error = $importer->readFile($skinFile, 1);
\r
5402 self::$contents['mode'] = $mode;
\r
5403 self::$contents['skinfile'] = $skinFileRaw;
\r
5404 self::$contents['skininfo'] = $importer->getInfo();
\r
5405 self::$contents['skinnames'] = $importer->getSkinNames();
\r
5406 self::$contents['tpltnames'] = $importer->getTemplateNames();
\r
5409 $skinNameClashes = $importer->checkSkinNameClashes();
\r
5410 $templateNameClashes = $importer->checkTemplateNameClashes();
\r
5411 $hasNameClashes = (count($skinNameClashes) > 0) || (count($templateNameClashes) > 0);
\r
5413 self::$contents['skinclashes'] = $skinNameClashes;
\r
5414 self::$contents['tpltclashes'] = $templateNameClashes;
\r
5415 self::$contents['nameclashes'] = $hasNameClashes ? 1 : 0;
\r
5422 * Admin::skinieedoimport()
\r
5424 * @param string $mode
\r
5425 * @param string $skinFileRaw
\r
5426 * @param boolean $allowOverwrite
\r
5427 * @return string empty or message if failed
\r
5429 static private function skiniedoimport($mode, $skinFileRaw, $allowOverwrite)
\r
5431 global $DIR_LIBS, $DIR_SKINS;
\r
5433 // load skinie class
\r
5434 include_once($DIR_LIBS . 'skinie.php');
\r
5436 $importer = new SkinImport();
\r
5438 // get full filename
\r
5439 if ( $mode == 'file' )
\r
5441 $skinFile = $DIR_SKINS . $skinFileRaw . '/skinbackup.xml';
\r
5445 $skinFile = $skinFileRaw;
\r
5448 $error = $importer->readFile($skinFile);
\r
5455 $error = $importer->writeToDatabase($allowOverwrite);
\r
5462 self::$contents['mode'] = $mode;
\r
5463 self::$contents['skinfile'] = $skinFileRaw;
\r
5464 self::$contents['skininfo'] = $importer->getInfo();
\r
5465 self::$contents['skinnames'] = $importer->getSkinNames();
\r
5466 self::$contents['tpltnames'] = $importer->getTemplateNames();
\r
5473 * Admin::skinieexport()
\r
5475 * @param array $aSkins
\r
5476 * @param array $aTemplates
\r
5477 * @param string $info
\r
5480 static private function skinieexport($aSkins, $aTemplates, $info)
\r
5484 // load skinie class
\r
5485 include_once($DIR_LIBS . 'skinie.php');
\r
5487 if ( !is_array($aSkins) )
\r
5489 $aSkins = array();
\r
5492 if (!is_array($aTemplates))
\r
5494 $aTemplates = array();
\r
5497 $skinList = array_keys($aSkins);
\r
5498 $templateList = array_keys($aTemplates);
\r
5500 $exporter = new SkinExport();
\r
5501 foreach ( $skinList as $skinId )
\r
5503 $exporter->addSkin($skinId);
\r
5505 foreach ( $templateList as $templateId )
\r
5507 $exporter->addTemplate($templateId);
\r
5509 $exporter->setInfo($info);
\r
5510 $exporter->export();
\r
5516 * Admin::action_parseSpecialskin()
\r
5521 static private function action_parseSpecialskin()
\r
5523 self::$skin->parse(self::$action);
\r